1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2020, Microsoft Corporation.
4 *
5 * Author(s): Steve French <stfrench@microsoft.com>
6 * David Howells <dhowells@redhat.com>
7 */
8
9 /*
10 #include <linux/module.h>
11 #include <linux/nsproxy.h>
12 #include <linux/slab.h>
13 #include <linux/magic.h>
14 #include <linux/security.h>
15 #include <net/net_namespace.h>
16 #ifdef CONFIG_CIFS_DFS_UPCALL
17 #include "dfs_cache.h"
18 #endif
19 */
20
21 #include <linux/ctype.h>
22 #include <linux/fs_context.h>
23 #include <linux/fs_parser.h>
24 #include <linux/fs.h>
25 #include <linux/mount.h>
26 #include <linux/parser.h>
27 #include <linux/utsname.h>
28 #include "cifsfs.h"
29 #include "cifspdu.h"
30 #include "cifsglob.h"
31 #include "cifsproto.h"
32 #include "cifs_unicode.h"
33 #include "cifs_debug.h"
34 #include "cifs_fs_sb.h"
35 #include "ntlmssp.h"
36 #include "nterr.h"
37 #include "rfc1002pdu.h"
38 #include "fs_context.h"
39
40 static DEFINE_MUTEX(cifs_mount_mutex);
41
42 static const match_table_t cifs_smb_version_tokens = {
43 { Smb_1, SMB1_VERSION_STRING },
44 { Smb_20, SMB20_VERSION_STRING},
45 { Smb_21, SMB21_VERSION_STRING },
46 { Smb_30, SMB30_VERSION_STRING },
47 { Smb_302, SMB302_VERSION_STRING },
48 { Smb_302, ALT_SMB302_VERSION_STRING },
49 { Smb_311, SMB311_VERSION_STRING },
50 { Smb_311, ALT_SMB311_VERSION_STRING },
51 { Smb_3any, SMB3ANY_VERSION_STRING },
52 { Smb_default, SMBDEFAULT_VERSION_STRING },
53 { Smb_version_err, NULL }
54 };
55
56 static const match_table_t cifs_secflavor_tokens = {
57 { Opt_sec_krb5, "krb5" },
58 { Opt_sec_krb5i, "krb5i" },
59 { Opt_sec_krb5p, "krb5p" },
60 { Opt_sec_ntlmsspi, "ntlmsspi" },
61 { Opt_sec_ntlmssp, "ntlmssp" },
62 { Opt_sec_ntlmv2, "nontlm" },
63 { Opt_sec_ntlmv2, "ntlmv2" },
64 { Opt_sec_ntlmv2i, "ntlmv2i" },
65 { Opt_sec_none, "none" },
66
67 { Opt_sec_err, NULL }
68 };
69
70 const struct fs_parameter_spec smb3_fs_parameters[] = {
71 /* Mount options that take no arguments */
72 fsparam_flag_no("user_xattr", Opt_user_xattr),
73 fsparam_flag_no("forceuid", Opt_forceuid),
74 fsparam_flag_no("multichannel", Opt_multichannel),
75 fsparam_flag_no("forcegid", Opt_forcegid),
76 fsparam_flag("noblocksend", Opt_noblocksend),
77 fsparam_flag("noautotune", Opt_noautotune),
78 fsparam_flag("nolease", Opt_nolease),
79 fsparam_flag_no("hard", Opt_hard),
80 fsparam_flag_no("soft", Opt_soft),
81 fsparam_flag_no("perm", Opt_perm),
82 fsparam_flag("nodelete", Opt_nodelete),
83 fsparam_flag_no("mapposix", Opt_mapposix),
84 fsparam_flag("mapchars", Opt_mapchars),
85 fsparam_flag("nomapchars", Opt_nomapchars),
86 fsparam_flag_no("sfu", Opt_sfu),
87 fsparam_flag("nodfs", Opt_nodfs),
88 fsparam_flag_no("posixpaths", Opt_posixpaths),
89 fsparam_flag_no("unix", Opt_unix),
90 fsparam_flag_no("linux", Opt_unix),
91 fsparam_flag_no("posix", Opt_unix),
92 fsparam_flag("nocase", Opt_nocase),
93 fsparam_flag("ignorecase", Opt_nocase),
94 fsparam_flag_no("brl", Opt_brl),
95 fsparam_flag_no("handlecache", Opt_handlecache),
96 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock),
97 fsparam_flag("forcemand", Opt_forcemandatorylock),
98 fsparam_flag("setuidfromacl", Opt_setuidfromacl),
99 fsparam_flag("idsfromsid", Opt_setuidfromacl),
100 fsparam_flag_no("setuids", Opt_setuids),
101 fsparam_flag_no("dynperm", Opt_dynperm),
102 fsparam_flag_no("intr", Opt_intr),
103 fsparam_flag_no("strictsync", Opt_strictsync),
104 fsparam_flag_no("serverino", Opt_serverino),
105 fsparam_flag("rwpidforward", Opt_rwpidforward),
106 fsparam_flag("cifsacl", Opt_cifsacl),
107 fsparam_flag_no("acl", Opt_acl),
108 fsparam_flag("locallease", Opt_locallease),
109 fsparam_flag("sign", Opt_sign),
110 fsparam_flag("ignore_signature", Opt_ignore_signature),
111 fsparam_flag("signloosely", Opt_ignore_signature),
112 fsparam_flag("seal", Opt_seal),
113 fsparam_flag("noac", Opt_noac),
114 fsparam_flag("fsc", Opt_fsc),
115 fsparam_flag("mfsymlinks", Opt_mfsymlinks),
116 fsparam_flag("multiuser", Opt_multiuser),
117 fsparam_flag("sloppy", Opt_sloppy),
118 fsparam_flag("nosharesock", Opt_nosharesock),
119 fsparam_flag_no("persistenthandles", Opt_persistent),
120 fsparam_flag_no("resilienthandles", Opt_resilient),
121 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay),
122 fsparam_flag("nosparse", Opt_nosparse),
123 fsparam_flag("domainauto", Opt_domainauto),
124 fsparam_flag("rdma", Opt_rdma),
125 fsparam_flag("modesid", Opt_modesid),
126 fsparam_flag("modefromsid", Opt_modesid),
127 fsparam_flag("rootfs", Opt_rootfs),
128 fsparam_flag("compress", Opt_compress),
129 fsparam_flag("witness", Opt_witness),
130
131 /* Mount options which take numeric value */
132 fsparam_u32("backupuid", Opt_backupuid),
133 fsparam_u32("backupgid", Opt_backupgid),
134 fsparam_u32("uid", Opt_uid),
135 fsparam_u32("cruid", Opt_cruid),
136 fsparam_u32("gid", Opt_gid),
137 fsparam_u32("file_mode", Opt_file_mode),
138 fsparam_u32("dirmode", Opt_dirmode),
139 fsparam_u32("dir_mode", Opt_dirmode),
140 fsparam_u32("port", Opt_port),
141 fsparam_u32("min_enc_offload", Opt_min_enc_offload),
142 fsparam_u32("esize", Opt_min_enc_offload),
143 fsparam_u32("bsize", Opt_blocksize),
144 fsparam_u32("rasize", Opt_rasize),
145 fsparam_u32("rsize", Opt_rsize),
146 fsparam_u32("wsize", Opt_wsize),
147 fsparam_u32("actimeo", Opt_actimeo),
148 fsparam_u32("acdirmax", Opt_acdirmax),
149 fsparam_u32("acregmax", Opt_acregmax),
150 fsparam_u32("closetimeo", Opt_closetimeo),
151 fsparam_u32("echo_interval", Opt_echo_interval),
152 fsparam_u32("max_credits", Opt_max_credits),
153 fsparam_u32("max_cached_dirs", Opt_max_cached_dirs),
154 fsparam_u32("handletimeout", Opt_handletimeout),
155 fsparam_u64("snapshot", Opt_snapshot),
156 fsparam_u32("max_channels", Opt_max_channels),
157
158 /* Mount options which take string value */
159 fsparam_string("source", Opt_source),
160 fsparam_string("user", Opt_user),
161 fsparam_string("username", Opt_user),
162 fsparam_string("pass", Opt_pass),
163 fsparam_string("password", Opt_pass),
164 fsparam_string("ip", Opt_ip),
165 fsparam_string("addr", Opt_ip),
166 fsparam_string("domain", Opt_domain),
167 fsparam_string("dom", Opt_domain),
168 fsparam_string("srcaddr", Opt_srcaddr),
169 fsparam_string("iocharset", Opt_iocharset),
170 fsparam_string("netbiosname", Opt_netbiosname),
171 fsparam_string("servern", Opt_servern),
172 fsparam_string("ver", Opt_ver),
173 fsparam_string("vers", Opt_vers),
174 fsparam_string("sec", Opt_sec),
175 fsparam_string("cache", Opt_cache),
176
177 /* Arguments that should be ignored */
178 fsparam_flag("guest", Opt_ignore),
179 fsparam_flag("noatime", Opt_ignore),
180 fsparam_flag("relatime", Opt_ignore),
181 fsparam_flag("_netdev", Opt_ignore),
182 fsparam_flag_no("suid", Opt_ignore),
183 fsparam_flag_no("exec", Opt_ignore),
184 fsparam_flag_no("dev", Opt_ignore),
185 fsparam_flag_no("mand", Opt_ignore),
186 fsparam_flag_no("auto", Opt_ignore),
187 fsparam_string("cred", Opt_ignore),
188 fsparam_string("credentials", Opt_ignore),
189 /*
190 * UNC and prefixpath is now extracted from Opt_source
191 * in the new mount API so we can just ignore them going forward.
192 */
193 fsparam_string("unc", Opt_ignore),
194 fsparam_string("prefixpath", Opt_ignore),
195 {}
196 };
197
198 static int
cifs_parse_security_flavors(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)199 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
200 {
201
202 substring_t args[MAX_OPT_ARGS];
203
204 /*
205 * With mount options, the last one should win. Reset any existing
206 * settings back to default.
207 */
208 ctx->sectype = Unspecified;
209 ctx->sign = false;
210
211 switch (match_token(value, cifs_secflavor_tokens, args)) {
212 case Opt_sec_krb5p:
213 cifs_errorf(fc, "sec=krb5p is not supported. Use sec=krb5,seal instead\n");
214 return 1;
215 case Opt_sec_krb5i:
216 ctx->sign = true;
217 fallthrough;
218 case Opt_sec_krb5:
219 ctx->sectype = Kerberos;
220 break;
221 case Opt_sec_ntlmsspi:
222 ctx->sign = true;
223 fallthrough;
224 case Opt_sec_ntlmssp:
225 ctx->sectype = RawNTLMSSP;
226 break;
227 case Opt_sec_ntlmv2i:
228 ctx->sign = true;
229 fallthrough;
230 case Opt_sec_ntlmv2:
231 ctx->sectype = NTLMv2;
232 break;
233 case Opt_sec_none:
234 ctx->nullauth = 1;
235 kfree(ctx->username);
236 ctx->username = NULL;
237 break;
238 default:
239 cifs_errorf(fc, "bad security option: %s\n", value);
240 return 1;
241 }
242
243 return 0;
244 }
245
246 static const match_table_t cifs_cacheflavor_tokens = {
247 { Opt_cache_loose, "loose" },
248 { Opt_cache_strict, "strict" },
249 { Opt_cache_none, "none" },
250 { Opt_cache_ro, "ro" },
251 { Opt_cache_rw, "singleclient" },
252 { Opt_cache_err, NULL }
253 };
254
255 static int
cifs_parse_cache_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)256 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
257 {
258 substring_t args[MAX_OPT_ARGS];
259
260 switch (match_token(value, cifs_cacheflavor_tokens, args)) {
261 case Opt_cache_loose:
262 ctx->direct_io = false;
263 ctx->strict_io = false;
264 ctx->cache_ro = false;
265 ctx->cache_rw = false;
266 break;
267 case Opt_cache_strict:
268 ctx->direct_io = false;
269 ctx->strict_io = true;
270 ctx->cache_ro = false;
271 ctx->cache_rw = false;
272 break;
273 case Opt_cache_none:
274 ctx->direct_io = true;
275 ctx->strict_io = false;
276 ctx->cache_ro = false;
277 ctx->cache_rw = false;
278 break;
279 case Opt_cache_ro:
280 ctx->direct_io = false;
281 ctx->strict_io = false;
282 ctx->cache_ro = true;
283 ctx->cache_rw = false;
284 break;
285 case Opt_cache_rw:
286 ctx->direct_io = false;
287 ctx->strict_io = false;
288 ctx->cache_ro = false;
289 ctx->cache_rw = true;
290 break;
291 default:
292 cifs_errorf(fc, "bad cache= option: %s\n", value);
293 return 1;
294 }
295 return 0;
296 }
297
298 #define DUP_CTX_STR(field) \
299 do { \
300 if (ctx->field) { \
301 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \
302 if (new_ctx->field == NULL) { \
303 smb3_cleanup_fs_context_contents(new_ctx); \
304 return -ENOMEM; \
305 } \
306 } \
307 } while (0)
308
309 int
smb3_fs_context_dup(struct smb3_fs_context * new_ctx,struct smb3_fs_context * ctx)310 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx)
311 {
312 memcpy(new_ctx, ctx, sizeof(*ctx));
313 new_ctx->prepath = NULL;
314 new_ctx->nodename = NULL;
315 new_ctx->username = NULL;
316 new_ctx->password = NULL;
317 new_ctx->server_hostname = NULL;
318 new_ctx->domainname = NULL;
319 new_ctx->UNC = NULL;
320 new_ctx->source = NULL;
321 new_ctx->iocharset = NULL;
322 new_ctx->leaf_fullpath = NULL;
323 /*
324 * Make sure to stay in sync with smb3_cleanup_fs_context_contents()
325 */
326 DUP_CTX_STR(prepath);
327 DUP_CTX_STR(username);
328 DUP_CTX_STR(password);
329 DUP_CTX_STR(server_hostname);
330 DUP_CTX_STR(UNC);
331 DUP_CTX_STR(source);
332 DUP_CTX_STR(domainname);
333 DUP_CTX_STR(nodename);
334 DUP_CTX_STR(iocharset);
335 DUP_CTX_STR(leaf_fullpath);
336
337 return 0;
338 }
339
340 static int
cifs_parse_smb_version(struct fs_context * fc,char * value,struct smb3_fs_context * ctx,bool is_smb3)341 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3)
342 {
343 substring_t args[MAX_OPT_ARGS];
344
345 switch (match_token(value, cifs_smb_version_tokens, args)) {
346 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
347 case Smb_1:
348 if (disable_legacy_dialects) {
349 cifs_errorf(fc, "mount with legacy dialect disabled\n");
350 return 1;
351 }
352 if (is_smb3) {
353 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
354 return 1;
355 }
356 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
357 ctx->ops = &smb1_operations;
358 ctx->vals = &smb1_values;
359 break;
360 case Smb_20:
361 if (disable_legacy_dialects) {
362 cifs_errorf(fc, "mount with legacy dialect disabled\n");
363 return 1;
364 }
365 if (is_smb3) {
366 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n");
367 return 1;
368 }
369 ctx->ops = &smb20_operations;
370 ctx->vals = &smb20_values;
371 break;
372 #else
373 case Smb_1:
374 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
375 return 1;
376 case Smb_20:
377 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n");
378 return 1;
379 #endif /* CIFS_ALLOW_INSECURE_LEGACY */
380 case Smb_21:
381 ctx->ops = &smb21_operations;
382 ctx->vals = &smb21_values;
383 break;
384 case Smb_30:
385 ctx->ops = &smb30_operations;
386 ctx->vals = &smb30_values;
387 break;
388 case Smb_302:
389 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
390 ctx->vals = &smb302_values;
391 break;
392 case Smb_311:
393 ctx->ops = &smb311_operations;
394 ctx->vals = &smb311_values;
395 break;
396 case Smb_3any:
397 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
398 ctx->vals = &smb3any_values;
399 break;
400 case Smb_default:
401 ctx->ops = &smb30_operations;
402 ctx->vals = &smbdefault_values;
403 break;
404 default:
405 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value);
406 return 1;
407 }
408 return 0;
409 }
410
smb3_parse_opt(const char * options,const char * key,char ** val)411 int smb3_parse_opt(const char *options, const char *key, char **val)
412 {
413 int rc = -ENOENT;
414 char *opts, *orig, *p;
415
416 orig = opts = kstrdup(options, GFP_KERNEL);
417 if (!opts)
418 return -ENOMEM;
419
420 while ((p = strsep(&opts, ","))) {
421 char *nval;
422
423 if (!*p)
424 continue;
425 if (strncasecmp(p, key, strlen(key)))
426 continue;
427 nval = strchr(p, '=');
428 if (nval) {
429 if (nval == p)
430 continue;
431 *nval++ = 0;
432 *val = kstrdup(nval, GFP_KERNEL);
433 rc = !*val ? -ENOMEM : 0;
434 goto out;
435 }
436 }
437 out:
438 kfree(orig);
439 return rc;
440 }
441
442 /*
443 * Remove duplicate path delimiters. Windows is supposed to do that
444 * but there are some bugs that prevent rename from working if there are
445 * multiple delimiters.
446 *
447 * Return a sanitized duplicate of @path or NULL for empty prefix paths.
448 * Otherwise, return ERR_PTR.
449 *
450 * @gfp indicates the GFP_* flags for kstrdup.
451 * The caller is responsible for freeing the original.
452 */
453 #define IS_DELIM(c) ((c) == '/' || (c) == '\\')
cifs_sanitize_prepath(char * prepath,gfp_t gfp)454 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp)
455 {
456 char *cursor1 = prepath, *cursor2 = prepath;
457 char *s;
458
459 /* skip all prepended delimiters */
460 while (IS_DELIM(*cursor1))
461 cursor1++;
462
463 /* copy the first letter */
464 *cursor2 = *cursor1;
465
466 /* copy the remainder... */
467 while (*(cursor1++)) {
468 /* ... skipping all duplicated delimiters */
469 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2))
470 continue;
471 *(++cursor2) = *cursor1;
472 }
473
474 /* if the last character is a delimiter, skip it */
475 if (IS_DELIM(*(cursor2 - 1)))
476 cursor2--;
477
478 *cursor2 = '\0';
479 if (!*prepath)
480 return NULL;
481 s = kstrdup(prepath, gfp);
482 if (!s)
483 return ERR_PTR(-ENOMEM);
484 return s;
485 }
486
487 /*
488 * Return full path based on the values of @ctx->{UNC,prepath}.
489 *
490 * It is assumed that both values were already parsed by smb3_parse_devname().
491 */
smb3_fs_context_fullpath(const struct smb3_fs_context * ctx,char dirsep)492 char *smb3_fs_context_fullpath(const struct smb3_fs_context *ctx, char dirsep)
493 {
494 size_t ulen, plen;
495 char *s;
496
497 ulen = strlen(ctx->UNC);
498 plen = ctx->prepath ? strlen(ctx->prepath) + 1 : 0;
499
500 s = kmalloc(ulen + plen + 1, GFP_KERNEL);
501 if (!s)
502 return ERR_PTR(-ENOMEM);
503 memcpy(s, ctx->UNC, ulen);
504 if (plen) {
505 s[ulen] = dirsep;
506 memcpy(s + ulen + 1, ctx->prepath, plen);
507 }
508 s[ulen + plen] = '\0';
509 convert_delimiter(s, dirsep);
510 return s;
511 }
512
513 /*
514 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath
515 * fields with the result. Returns 0 on success and an error otherwise
516 * (e.g. ENOMEM or EINVAL)
517 */
518 int
smb3_parse_devname(const char * devname,struct smb3_fs_context * ctx)519 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
520 {
521 char *pos;
522 const char *delims = "/\\";
523 size_t len;
524 int rc;
525
526 if (unlikely(!devname || !*devname)) {
527 cifs_dbg(VFS, "Device name not specified\n");
528 return -EINVAL;
529 }
530
531 /* make sure we have a valid UNC double delimiter prefix */
532 len = strspn(devname, delims);
533 if (len != 2)
534 return -EINVAL;
535
536 /* find delimiter between host and sharename */
537 pos = strpbrk(devname + 2, delims);
538 if (!pos)
539 return -EINVAL;
540
541 /* record the server hostname */
542 kfree(ctx->server_hostname);
543 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL);
544 if (!ctx->server_hostname)
545 return -ENOMEM;
546
547 /* skip past delimiter */
548 ++pos;
549
550 /* now go until next delimiter or end of string */
551 len = strcspn(pos, delims);
552 if (!len)
553 return -EINVAL;
554
555 /* move "pos" up to delimiter or NULL */
556 pos += len;
557 kfree(ctx->UNC);
558 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
559 if (!ctx->UNC)
560 return -ENOMEM;
561
562 convert_delimiter(ctx->UNC, '\\');
563
564 /* skip any delimiter */
565 if (*pos == '/' || *pos == '\\')
566 pos++;
567
568 kfree(ctx->prepath);
569 ctx->prepath = NULL;
570
571 /* If pos is NULL then no prepath */
572 if (!*pos)
573 return 0;
574
575 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL);
576 if (IS_ERR(ctx->prepath)) {
577 rc = PTR_ERR(ctx->prepath);
578 ctx->prepath = NULL;
579 return rc;
580 }
581
582 return 0;
583 }
584
585 static void smb3_fs_context_free(struct fs_context *fc);
586 static int smb3_fs_context_parse_param(struct fs_context *fc,
587 struct fs_parameter *param);
588 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
589 void *data);
590 static int smb3_get_tree(struct fs_context *fc);
591 static int smb3_reconfigure(struct fs_context *fc);
592
593 static const struct fs_context_operations smb3_fs_context_ops = {
594 .free = smb3_fs_context_free,
595 .parse_param = smb3_fs_context_parse_param,
596 .parse_monolithic = smb3_fs_context_parse_monolithic,
597 .get_tree = smb3_get_tree,
598 .reconfigure = smb3_reconfigure,
599 };
600
601 /*
602 * Parse a monolithic block of data from sys_mount().
603 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data
604 * @ctx: The superblock configuration to fill in.
605 * @data: The data to parse
606 *
607 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be
608 * called from the ->monolithic_mount_data() fs_context operation.
609 *
610 * Returns 0 on success or the error returned by the ->parse_option() fs_context
611 * operation on failure.
612 */
smb3_fs_context_parse_monolithic(struct fs_context * fc,void * data)613 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
614 void *data)
615 {
616 char *options = data, *key;
617 int ret = 0;
618
619 if (!options)
620 return 0;
621
622 ret = security_sb_eat_lsm_opts(options, &fc->security);
623 if (ret)
624 return ret;
625
626 /* BB Need to add support for sep= here TBD */
627 while ((key = strsep(&options, ",")) != NULL) {
628 size_t len;
629 char *value;
630
631 if (*key == 0)
632 break;
633
634 /* Check if following character is the deliminator If yes,
635 * we have encountered a double deliminator reset the NULL
636 * character to the deliminator
637 */
638 while (options && options[0] == ',') {
639 len = strlen(key);
640 strcpy(key + len, options);
641 options = strchr(options, ',');
642 if (options)
643 *options++ = 0;
644 }
645
646
647 len = 0;
648 value = strchr(key, '=');
649 if (value) {
650 if (value == key)
651 continue;
652 *value++ = 0;
653 len = strlen(value);
654 }
655
656 ret = vfs_parse_fs_string(fc, key, value, len);
657 if (ret < 0)
658 break;
659 }
660
661 return ret;
662 }
663
664 /*
665 * Validate the preparsed information in the config.
666 */
smb3_fs_context_validate(struct fs_context * fc)667 static int smb3_fs_context_validate(struct fs_context *fc)
668 {
669 struct smb3_fs_context *ctx = smb3_fc2context(fc);
670
671 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) {
672 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n");
673 return -EOPNOTSUPP;
674 }
675
676 #ifndef CONFIG_KEYS
677 /* Muliuser mounts require CONFIG_KEYS support */
678 if (ctx->multiuser) {
679 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
680 return -1;
681 }
682 #endif
683
684 if (ctx->got_version == false)
685 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n");
686
687
688 if (!ctx->UNC) {
689 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n");
690 return -1;
691 }
692
693 /* make sure UNC has a share name */
694 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) {
695 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n");
696 return -ENOENT;
697 }
698
699 if (!ctx->got_ip) {
700 int len;
701 const char *slash;
702
703 /* No ip= option specified? Try to get it from UNC */
704 /* Use the address part of the UNC. */
705 slash = strchr(&ctx->UNC[2], '\\');
706 len = slash - &ctx->UNC[2];
707 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
708 &ctx->UNC[2], len)) {
709 pr_err("Unable to determine destination address\n");
710 return -EHOSTUNREACH;
711 }
712 }
713
714 /* set the port that we got earlier */
715 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port);
716
717 if (ctx->override_uid && !ctx->uid_specified) {
718 ctx->override_uid = 0;
719 pr_notice("ignoring forceuid mount option specified with no uid= option\n");
720 }
721
722 if (ctx->override_gid && !ctx->gid_specified) {
723 ctx->override_gid = 0;
724 pr_notice("ignoring forcegid mount option specified with no gid= option\n");
725 }
726
727 return 0;
728 }
729
smb3_get_tree_common(struct fs_context * fc)730 static int smb3_get_tree_common(struct fs_context *fc)
731 {
732 struct smb3_fs_context *ctx = smb3_fc2context(fc);
733 struct dentry *root;
734 int rc = 0;
735
736 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx);
737 if (IS_ERR(root))
738 return PTR_ERR(root);
739
740 fc->root = root;
741
742 return rc;
743 }
744
745 /*
746 * Create an SMB3 superblock from the parameters passed.
747 */
smb3_get_tree(struct fs_context * fc)748 static int smb3_get_tree(struct fs_context *fc)
749 {
750 int err = smb3_fs_context_validate(fc);
751 int ret;
752
753 if (err)
754 return err;
755 mutex_lock(&cifs_mount_mutex);
756 ret = smb3_get_tree_common(fc);
757 mutex_unlock(&cifs_mount_mutex);
758 return ret;
759 }
760
smb3_fs_context_free(struct fs_context * fc)761 static void smb3_fs_context_free(struct fs_context *fc)
762 {
763 struct smb3_fs_context *ctx = smb3_fc2context(fc);
764
765 smb3_cleanup_fs_context(ctx);
766 }
767
768 /*
769 * Compare the old and new proposed context during reconfigure
770 * and check if the changes are compatible.
771 */
smb3_verify_reconfigure_ctx(struct fs_context * fc,struct smb3_fs_context * new_ctx,struct smb3_fs_context * old_ctx)772 static int smb3_verify_reconfigure_ctx(struct fs_context *fc,
773 struct smb3_fs_context *new_ctx,
774 struct smb3_fs_context *old_ctx)
775 {
776 if (new_ctx->posix_paths != old_ctx->posix_paths) {
777 cifs_errorf(fc, "can not change posixpaths during remount\n");
778 return -EINVAL;
779 }
780 if (new_ctx->sectype != old_ctx->sectype) {
781 cifs_errorf(fc, "can not change sec during remount\n");
782 return -EINVAL;
783 }
784 if (new_ctx->multiuser != old_ctx->multiuser) {
785 cifs_errorf(fc, "can not change multiuser during remount\n");
786 return -EINVAL;
787 }
788 if (new_ctx->UNC &&
789 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) {
790 cifs_errorf(fc, "can not change UNC during remount\n");
791 return -EINVAL;
792 }
793 if (new_ctx->username &&
794 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) {
795 cifs_errorf(fc, "can not change username during remount\n");
796 return -EINVAL;
797 }
798 if (new_ctx->password &&
799 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) {
800 cifs_errorf(fc, "can not change password during remount\n");
801 return -EINVAL;
802 }
803 if (new_ctx->domainname &&
804 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) {
805 cifs_errorf(fc, "can not change domainname during remount\n");
806 return -EINVAL;
807 }
808 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) {
809 cifs_errorf(fc, "can not change workstation_name during remount\n");
810 return -EINVAL;
811 }
812 if (new_ctx->nodename &&
813 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) {
814 cifs_errorf(fc, "can not change nodename during remount\n");
815 return -EINVAL;
816 }
817 if (new_ctx->iocharset &&
818 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) {
819 cifs_errorf(fc, "can not change iocharset during remount\n");
820 return -EINVAL;
821 }
822
823 return 0;
824 }
825
826 #define STEAL_STRING(cifs_sb, ctx, field) \
827 do { \
828 kfree(ctx->field); \
829 ctx->field = cifs_sb->ctx->field; \
830 cifs_sb->ctx->field = NULL; \
831 } while (0)
832
833 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \
834 do { \
835 kfree_sensitive(ctx->field); \
836 ctx->field = cifs_sb->ctx->field; \
837 cifs_sb->ctx->field = NULL; \
838 } while (0)
839
smb3_reconfigure(struct fs_context * fc)840 static int smb3_reconfigure(struct fs_context *fc)
841 {
842 struct smb3_fs_context *ctx = smb3_fc2context(fc);
843 struct dentry *root = fc->root;
844 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb);
845 int rc;
846
847 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx);
848 if (rc)
849 return rc;
850
851 /*
852 * We can not change UNC/username/password/domainname/
853 * workstation_name/nodename/iocharset
854 * during reconnect so ignore what we have in the new context and
855 * just use what we already have in cifs_sb->ctx.
856 */
857 STEAL_STRING(cifs_sb, ctx, UNC);
858 STEAL_STRING(cifs_sb, ctx, source);
859 STEAL_STRING(cifs_sb, ctx, username);
860 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password);
861 STEAL_STRING(cifs_sb, ctx, domainname);
862 STEAL_STRING(cifs_sb, ctx, nodename);
863 STEAL_STRING(cifs_sb, ctx, iocharset);
864
865 /* if rsize or wsize not passed in on remount, use previous values */
866 if (ctx->rsize == 0)
867 ctx->rsize = cifs_sb->ctx->rsize;
868 if (ctx->wsize == 0)
869 ctx->wsize = cifs_sb->ctx->wsize;
870
871
872 smb3_cleanup_fs_context_contents(cifs_sb->ctx);
873 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx);
874 smb3_update_mnt_flags(cifs_sb);
875 #ifdef CONFIG_CIFS_DFS_UPCALL
876 if (!rc)
877 rc = dfs_cache_remount_fs(cifs_sb);
878 #endif
879
880 return rc;
881 }
882
smb3_fs_context_parse_param(struct fs_context * fc,struct fs_parameter * param)883 static int smb3_fs_context_parse_param(struct fs_context *fc,
884 struct fs_parameter *param)
885 {
886 struct fs_parse_result result;
887 struct smb3_fs_context *ctx = smb3_fc2context(fc);
888 int i, opt;
889 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3");
890 bool skip_parsing = false;
891 kuid_t uid;
892 kgid_t gid;
893
894 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key);
895
896 /*
897 * fs_parse can not handle string options with an empty value so
898 * we will need special handling of them.
899 */
900 if (param->type == fs_value_is_string && param->string[0] == 0) {
901 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) {
902 skip_parsing = true;
903 opt = Opt_pass;
904 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) {
905 skip_parsing = true;
906 opt = Opt_user;
907 }
908 }
909
910 if (!skip_parsing) {
911 opt = fs_parse(fc, smb3_fs_parameters, param, &result);
912 if (opt < 0)
913 return ctx->sloppy ? 1 : opt;
914 }
915
916 switch (opt) {
917 case Opt_compress:
918 ctx->compression = UNKNOWN_TYPE;
919 cifs_dbg(VFS,
920 "SMB3 compression support is experimental\n");
921 break;
922 case Opt_nodfs:
923 ctx->nodfs = 1;
924 break;
925 case Opt_hard:
926 if (result.negated) {
927 if (ctx->retry == 1)
928 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n");
929 ctx->retry = 0;
930 } else
931 ctx->retry = 1;
932 break;
933 case Opt_soft:
934 if (result.negated)
935 ctx->retry = 1;
936 else {
937 if (ctx->retry == 1)
938 cifs_dbg(VFS, "conflicting hard vs soft mount options\n");
939 ctx->retry = 0;
940 }
941 break;
942 case Opt_mapposix:
943 if (result.negated)
944 ctx->remap = false;
945 else {
946 ctx->remap = true;
947 ctx->sfu_remap = false; /* disable SFU mapping */
948 }
949 break;
950 case Opt_mapchars:
951 if (result.negated)
952 ctx->sfu_remap = false;
953 else {
954 ctx->sfu_remap = true;
955 ctx->remap = false; /* disable SFM (mapposix) mapping */
956 }
957 break;
958 case Opt_user_xattr:
959 if (result.negated)
960 ctx->no_xattr = 1;
961 else
962 ctx->no_xattr = 0;
963 break;
964 case Opt_forceuid:
965 if (result.negated)
966 ctx->override_uid = 0;
967 else
968 ctx->override_uid = 1;
969 break;
970 case Opt_forcegid:
971 if (result.negated)
972 ctx->override_gid = 0;
973 else
974 ctx->override_gid = 1;
975 break;
976 case Opt_perm:
977 if (result.negated)
978 ctx->noperm = 1;
979 else
980 ctx->noperm = 0;
981 break;
982 case Opt_dynperm:
983 if (result.negated)
984 ctx->dynperm = 0;
985 else
986 ctx->dynperm = 1;
987 break;
988 case Opt_sfu:
989 if (result.negated)
990 ctx->sfu_emul = 0;
991 else
992 ctx->sfu_emul = 1;
993 break;
994 case Opt_noblocksend:
995 ctx->noblocksnd = 1;
996 break;
997 case Opt_noautotune:
998 ctx->noautotune = 1;
999 break;
1000 case Opt_nolease:
1001 ctx->no_lease = 1;
1002 break;
1003 case Opt_nosparse:
1004 ctx->no_sparse = 1;
1005 break;
1006 case Opt_nodelete:
1007 ctx->nodelete = 1;
1008 break;
1009 case Opt_multichannel:
1010 if (result.negated) {
1011 ctx->multichannel = false;
1012 ctx->max_channels = 1;
1013 } else {
1014 ctx->multichannel = true;
1015 /* if number of channels not specified, default to 2 */
1016 if (ctx->max_channels < 2)
1017 ctx->max_channels = 2;
1018 }
1019 break;
1020 case Opt_uid:
1021 uid = make_kuid(current_user_ns(), result.uint_32);
1022 if (!uid_valid(uid))
1023 goto cifs_parse_mount_err;
1024 ctx->linux_uid = uid;
1025 ctx->uid_specified = true;
1026 break;
1027 case Opt_cruid:
1028 uid = make_kuid(current_user_ns(), result.uint_32);
1029 if (!uid_valid(uid))
1030 goto cifs_parse_mount_err;
1031 ctx->cred_uid = uid;
1032 ctx->cruid_specified = true;
1033 break;
1034 case Opt_backupuid:
1035 uid = make_kuid(current_user_ns(), result.uint_32);
1036 if (!uid_valid(uid))
1037 goto cifs_parse_mount_err;
1038 ctx->backupuid = uid;
1039 ctx->backupuid_specified = true;
1040 break;
1041 case Opt_backupgid:
1042 gid = make_kgid(current_user_ns(), result.uint_32);
1043 if (!gid_valid(gid))
1044 goto cifs_parse_mount_err;
1045 ctx->backupgid = gid;
1046 ctx->backupgid_specified = true;
1047 break;
1048 case Opt_gid:
1049 gid = make_kgid(current_user_ns(), result.uint_32);
1050 if (!gid_valid(gid))
1051 goto cifs_parse_mount_err;
1052 ctx->linux_gid = gid;
1053 ctx->gid_specified = true;
1054 break;
1055 case Opt_port:
1056 ctx->port = result.uint_32;
1057 break;
1058 case Opt_file_mode:
1059 ctx->file_mode = result.uint_32;
1060 break;
1061 case Opt_dirmode:
1062 ctx->dir_mode = result.uint_32;
1063 break;
1064 case Opt_min_enc_offload:
1065 ctx->min_offload = result.uint_32;
1066 break;
1067 case Opt_blocksize:
1068 /*
1069 * inode blocksize realistically should never need to be
1070 * less than 16K or greater than 16M and default is 1MB.
1071 * Note that small inode block sizes (e.g. 64K) can lead
1072 * to very poor performance of common tools like cp and scp
1073 */
1074 if ((result.uint_32 < CIFS_MAX_MSGSIZE) ||
1075 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) {
1076 cifs_errorf(fc, "%s: Invalid blocksize\n",
1077 __func__);
1078 goto cifs_parse_mount_err;
1079 }
1080 ctx->bsize = result.uint_32;
1081 ctx->got_bsize = true;
1082 break;
1083 case Opt_rasize:
1084 /*
1085 * readahead size realistically should never need to be
1086 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M
1087 * (perhaps an exception should be considered in the
1088 * for the case of a large number of channels
1089 * when multichannel is negotiated) since that would lead
1090 * to plenty of parallel I/O in flight to the server.
1091 * Note that smaller read ahead sizes would
1092 * hurt performance of common tools like cp and scp
1093 * which often trigger sequential i/o with read ahead
1094 */
1095 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) ||
1096 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) {
1097 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n",
1098 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE);
1099 goto cifs_parse_mount_err;
1100 }
1101 ctx->rasize = result.uint_32;
1102 break;
1103 case Opt_rsize:
1104 ctx->rsize = result.uint_32;
1105 ctx->got_rsize = true;
1106 break;
1107 case Opt_wsize:
1108 ctx->wsize = result.uint_32;
1109 ctx->got_wsize = true;
1110 if (ctx->wsize % PAGE_SIZE != 0) {
1111 ctx->wsize = round_down(ctx->wsize, PAGE_SIZE);
1112 if (ctx->wsize == 0) {
1113 ctx->wsize = PAGE_SIZE;
1114 cifs_dbg(VFS, "wsize too small, reset to minimum %ld\n", PAGE_SIZE);
1115 } else {
1116 cifs_dbg(VFS,
1117 "wsize rounded down to %d to multiple of PAGE_SIZE %ld\n",
1118 ctx->wsize, PAGE_SIZE);
1119 }
1120 }
1121 break;
1122 case Opt_acregmax:
1123 ctx->acregmax = HZ * result.uint_32;
1124 if (ctx->acregmax > CIFS_MAX_ACTIMEO) {
1125 cifs_errorf(fc, "acregmax too large\n");
1126 goto cifs_parse_mount_err;
1127 }
1128 break;
1129 case Opt_acdirmax:
1130 ctx->acdirmax = HZ * result.uint_32;
1131 if (ctx->acdirmax > CIFS_MAX_ACTIMEO) {
1132 cifs_errorf(fc, "acdirmax too large\n");
1133 goto cifs_parse_mount_err;
1134 }
1135 break;
1136 case Opt_actimeo:
1137 if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) {
1138 cifs_errorf(fc, "timeout too large\n");
1139 goto cifs_parse_mount_err;
1140 }
1141 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) ||
1142 (ctx->acregmax != CIFS_DEF_ACTIMEO)) {
1143 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n");
1144 break;
1145 }
1146 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32;
1147 break;
1148 case Opt_closetimeo:
1149 ctx->closetimeo = HZ * result.uint_32;
1150 if (ctx->closetimeo > SMB3_MAX_DCLOSETIMEO) {
1151 cifs_errorf(fc, "closetimeo too large\n");
1152 goto cifs_parse_mount_err;
1153 }
1154 break;
1155 case Opt_echo_interval:
1156 ctx->echo_interval = result.uint_32;
1157 break;
1158 case Opt_snapshot:
1159 ctx->snapshot_time = result.uint_64;
1160 break;
1161 case Opt_max_credits:
1162 if (result.uint_32 < 20 || result.uint_32 > 60000) {
1163 cifs_errorf(fc, "%s: Invalid max_credits value\n",
1164 __func__);
1165 goto cifs_parse_mount_err;
1166 }
1167 ctx->max_credits = result.uint_32;
1168 break;
1169 case Opt_max_channels:
1170 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) {
1171 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n",
1172 __func__, CIFS_MAX_CHANNELS);
1173 goto cifs_parse_mount_err;
1174 }
1175 ctx->max_channels = result.uint_32;
1176 /* If more than one channel requested ... they want multichan */
1177 if (result.uint_32 > 1)
1178 ctx->multichannel = true;
1179 break;
1180 case Opt_max_cached_dirs:
1181 if (result.uint_32 < 1) {
1182 cifs_errorf(fc, "%s: Invalid max_cached_dirs, needs to be 1 or more\n",
1183 __func__);
1184 goto cifs_parse_mount_err;
1185 }
1186 ctx->max_cached_dirs = result.uint_32;
1187 break;
1188 case Opt_handletimeout:
1189 ctx->handle_timeout = result.uint_32;
1190 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) {
1191 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n");
1192 goto cifs_parse_mount_err;
1193 }
1194 break;
1195 case Opt_source:
1196 kfree(ctx->UNC);
1197 ctx->UNC = NULL;
1198 switch (smb3_parse_devname(param->string, ctx)) {
1199 case 0:
1200 break;
1201 case -ENOMEM:
1202 cifs_errorf(fc, "Unable to allocate memory for devname\n");
1203 goto cifs_parse_mount_err;
1204 case -EINVAL:
1205 cifs_errorf(fc, "Malformed UNC in devname\n");
1206 goto cifs_parse_mount_err;
1207 default:
1208 cifs_errorf(fc, "Unknown error parsing devname\n");
1209 goto cifs_parse_mount_err;
1210 }
1211 ctx->source = smb3_fs_context_fullpath(ctx, '/');
1212 if (IS_ERR(ctx->source)) {
1213 ctx->source = NULL;
1214 cifs_errorf(fc, "OOM when copying UNC string\n");
1215 goto cifs_parse_mount_err;
1216 }
1217 fc->source = kstrdup(ctx->source, GFP_KERNEL);
1218 if (fc->source == NULL) {
1219 cifs_errorf(fc, "OOM when copying UNC string\n");
1220 goto cifs_parse_mount_err;
1221 }
1222 break;
1223 case Opt_user:
1224 kfree(ctx->username);
1225 ctx->username = NULL;
1226 if (ctx->nullauth)
1227 break;
1228 if (strlen(param->string) == 0) {
1229 /* null user, ie. anonymous authentication */
1230 ctx->nullauth = 1;
1231 break;
1232 }
1233
1234 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) >
1235 CIFS_MAX_USERNAME_LEN) {
1236 pr_warn("username too long\n");
1237 goto cifs_parse_mount_err;
1238 }
1239 ctx->username = kstrdup(param->string, GFP_KERNEL);
1240 if (ctx->username == NULL) {
1241 cifs_errorf(fc, "OOM when copying username string\n");
1242 goto cifs_parse_mount_err;
1243 }
1244 break;
1245 case Opt_pass:
1246 kfree_sensitive(ctx->password);
1247 ctx->password = NULL;
1248 if (strlen(param->string) == 0)
1249 break;
1250
1251 ctx->password = kstrdup(param->string, GFP_KERNEL);
1252 if (ctx->password == NULL) {
1253 cifs_errorf(fc, "OOM when copying password string\n");
1254 goto cifs_parse_mount_err;
1255 }
1256 break;
1257 case Opt_ip:
1258 if (strlen(param->string) == 0) {
1259 ctx->got_ip = false;
1260 break;
1261 }
1262 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
1263 param->string,
1264 strlen(param->string))) {
1265 pr_err("bad ip= option (%s)\n", param->string);
1266 goto cifs_parse_mount_err;
1267 }
1268 ctx->got_ip = true;
1269 break;
1270 case Opt_domain:
1271 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN)
1272 == CIFS_MAX_DOMAINNAME_LEN) {
1273 pr_warn("domain name too long\n");
1274 goto cifs_parse_mount_err;
1275 }
1276
1277 kfree(ctx->domainname);
1278 ctx->domainname = kstrdup(param->string, GFP_KERNEL);
1279 if (ctx->domainname == NULL) {
1280 cifs_errorf(fc, "OOM when copying domainname string\n");
1281 goto cifs_parse_mount_err;
1282 }
1283 cifs_dbg(FYI, "Domain name set\n");
1284 break;
1285 case Opt_srcaddr:
1286 if (!cifs_convert_address(
1287 (struct sockaddr *)&ctx->srcaddr,
1288 param->string, strlen(param->string))) {
1289 pr_warn("Could not parse srcaddr: %s\n",
1290 param->string);
1291 goto cifs_parse_mount_err;
1292 }
1293 break;
1294 case Opt_iocharset:
1295 if (strnlen(param->string, 1024) >= 65) {
1296 pr_warn("iocharset name too long\n");
1297 goto cifs_parse_mount_err;
1298 }
1299
1300 if (strncasecmp(param->string, "default", 7) != 0) {
1301 kfree(ctx->iocharset);
1302 ctx->iocharset = kstrdup(param->string, GFP_KERNEL);
1303 if (ctx->iocharset == NULL) {
1304 cifs_errorf(fc, "OOM when copying iocharset string\n");
1305 goto cifs_parse_mount_err;
1306 }
1307 }
1308 /* if iocharset not set then load_nls_default
1309 * is used by caller
1310 */
1311 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset);
1312 break;
1313 case Opt_netbiosname:
1314 memset(ctx->source_rfc1001_name, 0x20,
1315 RFC1001_NAME_LEN);
1316 /*
1317 * FIXME: are there cases in which a comma can
1318 * be valid in workstation netbios name (and
1319 * need special handling)?
1320 */
1321 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1322 /* don't ucase netbiosname for user */
1323 if (param->string[i] == 0)
1324 break;
1325 ctx->source_rfc1001_name[i] = param->string[i];
1326 }
1327 /* The string has 16th byte zero still from
1328 * set at top of the function
1329 */
1330 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1331 pr_warn("netbiosname longer than 15 truncated\n");
1332 break;
1333 case Opt_servern:
1334 /* last byte, type, is 0x20 for servr type */
1335 memset(ctx->target_rfc1001_name, 0x20,
1336 RFC1001_NAME_LEN_WITH_NULL);
1337 /*
1338 * BB are there cases in which a comma can be valid in this
1339 * workstation netbios name (and need special handling)?
1340 */
1341
1342 /* user or mount helper must uppercase the netbios name */
1343 for (i = 0; i < 15; i++) {
1344 if (param->string[i] == 0)
1345 break;
1346 ctx->target_rfc1001_name[i] = param->string[i];
1347 }
1348
1349 /* The string has 16th byte zero still from set at top of function */
1350 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1351 pr_warn("server netbiosname longer than 15 truncated\n");
1352 break;
1353 case Opt_ver:
1354 /* version of mount userspace tools, not dialect */
1355 /* If interface changes in mount.cifs bump to new ver */
1356 if (strncasecmp(param->string, "1", 1) == 0) {
1357 if (strlen(param->string) > 1) {
1358 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n",
1359 param->string);
1360 goto cifs_parse_mount_err;
1361 }
1362 /* This is the default */
1363 break;
1364 }
1365 /* For all other value, error */
1366 pr_warn("Invalid mount helper version specified\n");
1367 goto cifs_parse_mount_err;
1368 case Opt_vers:
1369 /* protocol version (dialect) */
1370 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0)
1371 goto cifs_parse_mount_err;
1372 ctx->got_version = true;
1373 break;
1374 case Opt_sec:
1375 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0)
1376 goto cifs_parse_mount_err;
1377 break;
1378 case Opt_cache:
1379 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0)
1380 goto cifs_parse_mount_err;
1381 break;
1382 case Opt_witness:
1383 #ifndef CONFIG_CIFS_SWN_UPCALL
1384 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n");
1385 goto cifs_parse_mount_err;
1386 #endif
1387 ctx->witness = true;
1388 pr_warn_once("Witness protocol support is experimental\n");
1389 break;
1390 case Opt_rootfs:
1391 #ifndef CONFIG_CIFS_ROOT
1392 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n");
1393 goto cifs_parse_mount_err;
1394 #endif
1395 ctx->rootfs = true;
1396 break;
1397 case Opt_posixpaths:
1398 if (result.negated)
1399 ctx->posix_paths = 0;
1400 else
1401 ctx->posix_paths = 1;
1402 break;
1403 case Opt_unix:
1404 if (result.negated) {
1405 if (ctx->linux_ext == 1)
1406 pr_warn_once("conflicting posix mount options specified\n");
1407 ctx->linux_ext = 0;
1408 ctx->no_linux_ext = 1;
1409 } else {
1410 if (ctx->no_linux_ext == 1)
1411 pr_warn_once("conflicting posix mount options specified\n");
1412 ctx->linux_ext = 1;
1413 ctx->no_linux_ext = 0;
1414 }
1415 break;
1416 case Opt_nocase:
1417 ctx->nocase = 1;
1418 break;
1419 case Opt_brl:
1420 if (result.negated) {
1421 /*
1422 * turn off mandatory locking in mode
1423 * if remote locking is turned off since the
1424 * local vfs will do advisory
1425 */
1426 if (ctx->file_mode ==
1427 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1428 ctx->file_mode = S_IALLUGO;
1429 ctx->nobrl = 1;
1430 } else
1431 ctx->nobrl = 0;
1432 break;
1433 case Opt_handlecache:
1434 if (result.negated)
1435 ctx->nohandlecache = 1;
1436 else
1437 ctx->nohandlecache = 0;
1438 break;
1439 case Opt_forcemandatorylock:
1440 ctx->mand_lock = 1;
1441 break;
1442 case Opt_setuids:
1443 ctx->setuids = result.negated;
1444 break;
1445 case Opt_intr:
1446 ctx->intr = !result.negated;
1447 break;
1448 case Opt_setuidfromacl:
1449 ctx->setuidfromacl = 1;
1450 break;
1451 case Opt_strictsync:
1452 ctx->nostrictsync = result.negated;
1453 break;
1454 case Opt_serverino:
1455 ctx->server_ino = !result.negated;
1456 break;
1457 case Opt_rwpidforward:
1458 ctx->rwpidforward = 1;
1459 break;
1460 case Opt_modesid:
1461 ctx->mode_ace = 1;
1462 break;
1463 case Opt_cifsacl:
1464 ctx->cifs_acl = !result.negated;
1465 break;
1466 case Opt_acl:
1467 ctx->no_psx_acl = result.negated;
1468 break;
1469 case Opt_locallease:
1470 ctx->local_lease = 1;
1471 break;
1472 case Opt_sign:
1473 ctx->sign = true;
1474 break;
1475 case Opt_ignore_signature:
1476 ctx->sign = true;
1477 ctx->ignore_signature = true;
1478 break;
1479 case Opt_seal:
1480 /* we do not do the following in secFlags because seal
1481 * is a per tree connection (mount) not a per socket
1482 * or per-smb connection option in the protocol
1483 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1484 */
1485 ctx->seal = 1;
1486 break;
1487 case Opt_noac:
1488 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1489 break;
1490 case Opt_fsc:
1491 #ifndef CONFIG_CIFS_FSCACHE
1492 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1493 goto cifs_parse_mount_err;
1494 #endif
1495 ctx->fsc = true;
1496 break;
1497 case Opt_mfsymlinks:
1498 ctx->mfsymlinks = true;
1499 break;
1500 case Opt_multiuser:
1501 ctx->multiuser = true;
1502 break;
1503 case Opt_sloppy:
1504 ctx->sloppy = true;
1505 break;
1506 case Opt_nosharesock:
1507 ctx->nosharesock = true;
1508 break;
1509 case Opt_persistent:
1510 if (result.negated) {
1511 ctx->nopersistent = true;
1512 if (ctx->persistent) {
1513 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1514 goto cifs_parse_mount_err;
1515 }
1516 } else {
1517 ctx->persistent = true;
1518 if ((ctx->nopersistent) || (ctx->resilient)) {
1519 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1520 goto cifs_parse_mount_err;
1521 }
1522 }
1523 break;
1524 case Opt_resilient:
1525 if (result.negated) {
1526 ctx->resilient = false; /* already the default */
1527 } else {
1528 ctx->resilient = true;
1529 if (ctx->persistent) {
1530 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1531 goto cifs_parse_mount_err;
1532 }
1533 }
1534 break;
1535 case Opt_tcp_nodelay:
1536 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */
1537 if (result.negated)
1538 ctx->sockopt_tcp_nodelay = false;
1539 else
1540 ctx->sockopt_tcp_nodelay = true;
1541 break;
1542 case Opt_domainauto:
1543 ctx->domainauto = true;
1544 break;
1545 case Opt_rdma:
1546 ctx->rdma = true;
1547 break;
1548 }
1549 /* case Opt_ignore: - is ignored as expected ... */
1550
1551 return 0;
1552
1553 cifs_parse_mount_err:
1554 kfree_sensitive(ctx->password);
1555 ctx->password = NULL;
1556 return -EINVAL;
1557 }
1558
smb3_init_fs_context(struct fs_context * fc)1559 int smb3_init_fs_context(struct fs_context *fc)
1560 {
1561 struct smb3_fs_context *ctx;
1562 char *nodename = utsname()->nodename;
1563 int i;
1564
1565 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL);
1566 if (unlikely(!ctx))
1567 return -ENOMEM;
1568
1569 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name));
1570
1571 /*
1572 * does not have to be perfect mapping since field is
1573 * informational, only used for servers that do not support
1574 * port 445 and it can be overridden at mount time
1575 */
1576 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1577 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1578 ctx->source_rfc1001_name[i] = toupper(nodename[i]);
1579
1580 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1581 /*
1582 * null target name indicates to use *SMBSERVR default called name
1583 * if we end up sending RFC1001 session initialize
1584 */
1585 ctx->target_rfc1001_name[0] = 0;
1586 ctx->cred_uid = current_uid();
1587 ctx->linux_uid = current_uid();
1588 ctx->linux_gid = current_gid();
1589 /* By default 4MB read ahead size, 1MB block size */
1590 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */
1591 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */
1592
1593 /*
1594 * default to SFM style remapping of seven reserved characters
1595 * unless user overrides it or we negotiate CIFS POSIX where
1596 * it is unnecessary. Can not simultaneously use more than one mapping
1597 * since then readdir could list files that open could not open
1598 */
1599 ctx->remap = true;
1600
1601 /* default to only allowing write access to owner of the mount */
1602 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1603
1604 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1605 /* default is always to request posix paths. */
1606 ctx->posix_paths = 1;
1607 /* default to using server inode numbers where available */
1608 ctx->server_ino = 1;
1609
1610 /* default is to use strict cifs caching semantics */
1611 ctx->strict_io = true;
1612
1613 ctx->acregmax = CIFS_DEF_ACTIMEO;
1614 ctx->acdirmax = CIFS_DEF_ACTIMEO;
1615 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO;
1616 ctx->max_cached_dirs = MAX_CACHED_FIDS;
1617 /* Most clients set timeout to 0, allows server to use its default */
1618 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */
1619
1620 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
1621 ctx->ops = &smb30_operations;
1622 ctx->vals = &smbdefault_values;
1623
1624 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
1625
1626 /* default to no multichannel (single server connection) */
1627 ctx->multichannel = false;
1628 ctx->max_channels = 1;
1629
1630 ctx->backupuid_specified = false; /* no backup intent for a user */
1631 ctx->backupgid_specified = false; /* no backup intent for a group */
1632
1633 /*
1634 * short int override_uid = -1;
1635 * short int override_gid = -1;
1636 * char *nodename = strdup(utsname()->nodename);
1637 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
1638 */
1639
1640 fc->fs_private = ctx;
1641 fc->ops = &smb3_fs_context_ops;
1642 return 0;
1643 }
1644
1645 void
smb3_cleanup_fs_context_contents(struct smb3_fs_context * ctx)1646 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx)
1647 {
1648 if (ctx == NULL)
1649 return;
1650
1651 /*
1652 * Make sure this stays in sync with smb3_fs_context_dup()
1653 */
1654 kfree(ctx->username);
1655 ctx->username = NULL;
1656 kfree_sensitive(ctx->password);
1657 ctx->password = NULL;
1658 kfree(ctx->server_hostname);
1659 ctx->server_hostname = NULL;
1660 kfree(ctx->UNC);
1661 ctx->UNC = NULL;
1662 kfree(ctx->source);
1663 ctx->source = NULL;
1664 kfree(ctx->domainname);
1665 ctx->domainname = NULL;
1666 kfree(ctx->nodename);
1667 ctx->nodename = NULL;
1668 kfree(ctx->iocharset);
1669 ctx->iocharset = NULL;
1670 kfree(ctx->prepath);
1671 ctx->prepath = NULL;
1672 kfree(ctx->leaf_fullpath);
1673 ctx->leaf_fullpath = NULL;
1674 }
1675
1676 void
smb3_cleanup_fs_context(struct smb3_fs_context * ctx)1677 smb3_cleanup_fs_context(struct smb3_fs_context *ctx)
1678 {
1679 if (!ctx)
1680 return;
1681 smb3_cleanup_fs_context_contents(ctx);
1682 kfree(ctx);
1683 }
1684
smb3_update_mnt_flags(struct cifs_sb_info * cifs_sb)1685 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb)
1686 {
1687 struct smb3_fs_context *ctx = cifs_sb->ctx;
1688
1689 if (ctx->nodfs)
1690 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS;
1691 else
1692 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS;
1693
1694 if (ctx->noperm)
1695 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
1696 else
1697 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM;
1698
1699 if (ctx->setuids)
1700 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
1701 else
1702 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID;
1703
1704 if (ctx->setuidfromacl)
1705 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL;
1706 else
1707 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL;
1708
1709 if (ctx->server_ino)
1710 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
1711 else
1712 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM;
1713
1714 if (ctx->remap)
1715 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR;
1716 else
1717 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR;
1718
1719 if (ctx->sfu_remap)
1720 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
1721 else
1722 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR;
1723
1724 if (ctx->no_xattr)
1725 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
1726 else
1727 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR;
1728
1729 if (ctx->sfu_emul)
1730 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
1731 else
1732 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL;
1733
1734 if (ctx->nobrl)
1735 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
1736 else
1737 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL;
1738
1739 if (ctx->nohandlecache)
1740 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE;
1741 else
1742 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE;
1743
1744 if (ctx->nostrictsync)
1745 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
1746 else
1747 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC;
1748
1749 if (ctx->mand_lock)
1750 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
1751 else
1752 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL;
1753
1754 if (ctx->rwpidforward)
1755 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
1756 else
1757 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD;
1758
1759 if (ctx->mode_ace)
1760 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID;
1761 else
1762 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID;
1763
1764 if (ctx->cifs_acl)
1765 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
1766 else
1767 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL;
1768
1769 if (ctx->backupuid_specified)
1770 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
1771 else
1772 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID;
1773
1774 if (ctx->backupgid_specified)
1775 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
1776 else
1777 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID;
1778
1779 if (ctx->override_uid)
1780 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
1781 else
1782 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID;
1783
1784 if (ctx->override_gid)
1785 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
1786 else
1787 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID;
1788
1789 if (ctx->dynperm)
1790 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
1791 else
1792 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM;
1793
1794 if (ctx->fsc)
1795 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
1796 else
1797 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE;
1798
1799 if (ctx->multiuser)
1800 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
1801 CIFS_MOUNT_NO_PERM);
1802 else
1803 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER;
1804
1805
1806 if (ctx->strict_io)
1807 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
1808 else
1809 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO;
1810
1811 if (ctx->direct_io)
1812 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
1813 else
1814 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO;
1815
1816 if (ctx->mfsymlinks)
1817 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
1818 else
1819 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS;
1820 if (ctx->mfsymlinks) {
1821 if (ctx->sfu_emul) {
1822 /*
1823 * Our SFU ("Services for Unix" emulation does not allow
1824 * creating symlinks but does allow reading existing SFU
1825 * symlinks (it does allow both creating and reading SFU
1826 * style mknod and FIFOs though). When "mfsymlinks" and
1827 * "sfu" are both enabled at the same time, it allows
1828 * reading both types of symlinks, but will only create
1829 * them with mfsymlinks format. This allows better
1830 * Apple compatibility (probably better for Samba too)
1831 * while still recognizing old Windows style symlinks.
1832 */
1833 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n");
1834 }
1835 }
1836 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN;
1837
1838 return;
1839 }
1840