1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2020, Microsoft Corporation.
4 *
5 * Author(s): Steve French <stfrench@microsoft.com>
6 * David Howells <dhowells@redhat.com>
7 */
8
9 /*
10 #include <linux/module.h>
11 #include <linux/nsproxy.h>
12 #include <linux/slab.h>
13 #include <linux/magic.h>
14 #include <linux/security.h>
15 #include <net/net_namespace.h>
16 #ifdef CONFIG_CIFS_DFS_UPCALL
17 #include "dfs_cache.h"
18 #endif
19 */
20
21 #include <linux/ctype.h>
22 #include <linux/fs_context.h>
23 #include <linux/fs_parser.h>
24 #include <linux/fs.h>
25 #include <linux/mount.h>
26 #include <linux/parser.h>
27 #include <linux/utsname.h>
28 #include "cifsfs.h"
29 #include "cifspdu.h"
30 #include "cifsglob.h"
31 #include "cifsproto.h"
32 #include "cifs_unicode.h"
33 #include "cifs_debug.h"
34 #include "cifs_fs_sb.h"
35 #include "ntlmssp.h"
36 #include "nterr.h"
37 #include "rfc1002pdu.h"
38 #include "fs_context.h"
39
40 static DEFINE_MUTEX(cifs_mount_mutex);
41
42 static const match_table_t cifs_smb_version_tokens = {
43 { Smb_1, SMB1_VERSION_STRING },
44 { Smb_20, SMB20_VERSION_STRING},
45 { Smb_21, SMB21_VERSION_STRING },
46 { Smb_30, SMB30_VERSION_STRING },
47 { Smb_302, SMB302_VERSION_STRING },
48 { Smb_302, ALT_SMB302_VERSION_STRING },
49 { Smb_311, SMB311_VERSION_STRING },
50 { Smb_311, ALT_SMB311_VERSION_STRING },
51 { Smb_3any, SMB3ANY_VERSION_STRING },
52 { Smb_default, SMBDEFAULT_VERSION_STRING },
53 { Smb_version_err, NULL }
54 };
55
56 static const match_table_t cifs_secflavor_tokens = {
57 { Opt_sec_krb5, "krb5" },
58 { Opt_sec_krb5i, "krb5i" },
59 { Opt_sec_krb5p, "krb5p" },
60 { Opt_sec_ntlmsspi, "ntlmsspi" },
61 { Opt_sec_ntlmssp, "ntlmssp" },
62 { Opt_sec_ntlmv2, "nontlm" },
63 { Opt_sec_ntlmv2, "ntlmv2" },
64 { Opt_sec_ntlmv2i, "ntlmv2i" },
65 { Opt_sec_none, "none" },
66
67 { Opt_sec_err, NULL }
68 };
69
70 const struct fs_parameter_spec smb3_fs_parameters[] = {
71 /* Mount options that take no arguments */
72 fsparam_flag_no("user_xattr", Opt_user_xattr),
73 fsparam_flag_no("forceuid", Opt_forceuid),
74 fsparam_flag_no("multichannel", Opt_multichannel),
75 fsparam_flag_no("forcegid", Opt_forcegid),
76 fsparam_flag("noblocksend", Opt_noblocksend),
77 fsparam_flag("noautotune", Opt_noautotune),
78 fsparam_flag("nolease", Opt_nolease),
79 fsparam_flag_no("hard", Opt_hard),
80 fsparam_flag_no("soft", Opt_soft),
81 fsparam_flag_no("perm", Opt_perm),
82 fsparam_flag("nodelete", Opt_nodelete),
83 fsparam_flag_no("mapposix", Opt_mapposix),
84 fsparam_flag("mapchars", Opt_mapchars),
85 fsparam_flag("nomapchars", Opt_nomapchars),
86 fsparam_flag_no("sfu", Opt_sfu),
87 fsparam_flag("nodfs", Opt_nodfs),
88 fsparam_flag_no("posixpaths", Opt_posixpaths),
89 fsparam_flag_no("unix", Opt_unix),
90 fsparam_flag_no("linux", Opt_unix),
91 fsparam_flag_no("posix", Opt_unix),
92 fsparam_flag("nocase", Opt_nocase),
93 fsparam_flag("ignorecase", Opt_nocase),
94 fsparam_flag_no("brl", Opt_brl),
95 fsparam_flag_no("handlecache", Opt_handlecache),
96 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock),
97 fsparam_flag("forcemand", Opt_forcemandatorylock),
98 fsparam_flag("setuidfromacl", Opt_setuidfromacl),
99 fsparam_flag("idsfromsid", Opt_setuidfromacl),
100 fsparam_flag_no("setuids", Opt_setuids),
101 fsparam_flag_no("dynperm", Opt_dynperm),
102 fsparam_flag_no("intr", Opt_intr),
103 fsparam_flag_no("strictsync", Opt_strictsync),
104 fsparam_flag_no("serverino", Opt_serverino),
105 fsparam_flag("rwpidforward", Opt_rwpidforward),
106 fsparam_flag("cifsacl", Opt_cifsacl),
107 fsparam_flag_no("acl", Opt_acl),
108 fsparam_flag("locallease", Opt_locallease),
109 fsparam_flag("sign", Opt_sign),
110 fsparam_flag("ignore_signature", Opt_ignore_signature),
111 fsparam_flag("signloosely", Opt_ignore_signature),
112 fsparam_flag("seal", Opt_seal),
113 fsparam_flag("noac", Opt_noac),
114 fsparam_flag("fsc", Opt_fsc),
115 fsparam_flag("mfsymlinks", Opt_mfsymlinks),
116 fsparam_flag("multiuser", Opt_multiuser),
117 fsparam_flag("sloppy", Opt_sloppy),
118 fsparam_flag("nosharesock", Opt_nosharesock),
119 fsparam_flag_no("persistenthandles", Opt_persistent),
120 fsparam_flag_no("resilienthandles", Opt_resilient),
121 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay),
122 fsparam_flag("nosparse", Opt_nosparse),
123 fsparam_flag("domainauto", Opt_domainauto),
124 fsparam_flag("rdma", Opt_rdma),
125 fsparam_flag("modesid", Opt_modesid),
126 fsparam_flag("modefromsid", Opt_modesid),
127 fsparam_flag("rootfs", Opt_rootfs),
128 fsparam_flag("compress", Opt_compress),
129 fsparam_flag("witness", Opt_witness),
130
131 /* Mount options which take numeric value */
132 fsparam_u32("backupuid", Opt_backupuid),
133 fsparam_u32("backupgid", Opt_backupgid),
134 fsparam_u32("uid", Opt_uid),
135 fsparam_u32("cruid", Opt_cruid),
136 fsparam_u32("gid", Opt_gid),
137 fsparam_u32("file_mode", Opt_file_mode),
138 fsparam_u32("dirmode", Opt_dirmode),
139 fsparam_u32("dir_mode", Opt_dirmode),
140 fsparam_u32("port", Opt_port),
141 fsparam_u32("min_enc_offload", Opt_min_enc_offload),
142 fsparam_u32("esize", Opt_min_enc_offload),
143 fsparam_u32("bsize", Opt_blocksize),
144 fsparam_u32("rasize", Opt_rasize),
145 fsparam_u32("rsize", Opt_rsize),
146 fsparam_u32("wsize", Opt_wsize),
147 fsparam_u32("actimeo", Opt_actimeo),
148 fsparam_u32("acdirmax", Opt_acdirmax),
149 fsparam_u32("acregmax", Opt_acregmax),
150 fsparam_u32("closetimeo", Opt_closetimeo),
151 fsparam_u32("echo_interval", Opt_echo_interval),
152 fsparam_u32("max_credits", Opt_max_credits),
153 fsparam_u32("handletimeout", Opt_handletimeout),
154 fsparam_u64("snapshot", Opt_snapshot),
155 fsparam_u32("max_channels", Opt_max_channels),
156
157 /* Mount options which take string value */
158 fsparam_string("source", Opt_source),
159 fsparam_string("user", Opt_user),
160 fsparam_string("username", Opt_user),
161 fsparam_string("pass", Opt_pass),
162 fsparam_string("password", Opt_pass),
163 fsparam_string("ip", Opt_ip),
164 fsparam_string("addr", Opt_ip),
165 fsparam_string("domain", Opt_domain),
166 fsparam_string("dom", Opt_domain),
167 fsparam_string("srcaddr", Opt_srcaddr),
168 fsparam_string("iocharset", Opt_iocharset),
169 fsparam_string("netbiosname", Opt_netbiosname),
170 fsparam_string("servern", Opt_servern),
171 fsparam_string("ver", Opt_ver),
172 fsparam_string("vers", Opt_vers),
173 fsparam_string("sec", Opt_sec),
174 fsparam_string("cache", Opt_cache),
175
176 /* Arguments that should be ignored */
177 fsparam_flag("guest", Opt_ignore),
178 fsparam_flag("noatime", Opt_ignore),
179 fsparam_flag("relatime", Opt_ignore),
180 fsparam_flag("_netdev", Opt_ignore),
181 fsparam_flag_no("suid", Opt_ignore),
182 fsparam_flag_no("exec", Opt_ignore),
183 fsparam_flag_no("dev", Opt_ignore),
184 fsparam_flag_no("mand", Opt_ignore),
185 fsparam_flag_no("auto", Opt_ignore),
186 fsparam_string("cred", Opt_ignore),
187 fsparam_string("credentials", Opt_ignore),
188 /*
189 * UNC and prefixpath is now extracted from Opt_source
190 * in the new mount API so we can just ignore them going forward.
191 */
192 fsparam_string("unc", Opt_ignore),
193 fsparam_string("prefixpath", Opt_ignore),
194 {}
195 };
196
197 static int
cifs_parse_security_flavors(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)198 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
199 {
200
201 substring_t args[MAX_OPT_ARGS];
202
203 /*
204 * With mount options, the last one should win. Reset any existing
205 * settings back to default.
206 */
207 ctx->sectype = Unspecified;
208 ctx->sign = false;
209
210 switch (match_token(value, cifs_secflavor_tokens, args)) {
211 case Opt_sec_krb5p:
212 cifs_errorf(fc, "sec=krb5p is not supported!\n");
213 return 1;
214 case Opt_sec_krb5i:
215 ctx->sign = true;
216 fallthrough;
217 case Opt_sec_krb5:
218 ctx->sectype = Kerberos;
219 break;
220 case Opt_sec_ntlmsspi:
221 ctx->sign = true;
222 fallthrough;
223 case Opt_sec_ntlmssp:
224 ctx->sectype = RawNTLMSSP;
225 break;
226 case Opt_sec_ntlmv2i:
227 ctx->sign = true;
228 fallthrough;
229 case Opt_sec_ntlmv2:
230 ctx->sectype = NTLMv2;
231 break;
232 case Opt_sec_none:
233 ctx->nullauth = 1;
234 break;
235 default:
236 cifs_errorf(fc, "bad security option: %s\n", value);
237 return 1;
238 }
239
240 return 0;
241 }
242
243 static const match_table_t cifs_cacheflavor_tokens = {
244 { Opt_cache_loose, "loose" },
245 { Opt_cache_strict, "strict" },
246 { Opt_cache_none, "none" },
247 { Opt_cache_ro, "ro" },
248 { Opt_cache_rw, "singleclient" },
249 { Opt_cache_err, NULL }
250 };
251
252 static int
cifs_parse_cache_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)253 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
254 {
255 substring_t args[MAX_OPT_ARGS];
256
257 switch (match_token(value, cifs_cacheflavor_tokens, args)) {
258 case Opt_cache_loose:
259 ctx->direct_io = false;
260 ctx->strict_io = false;
261 ctx->cache_ro = false;
262 ctx->cache_rw = false;
263 break;
264 case Opt_cache_strict:
265 ctx->direct_io = false;
266 ctx->strict_io = true;
267 ctx->cache_ro = false;
268 ctx->cache_rw = false;
269 break;
270 case Opt_cache_none:
271 ctx->direct_io = true;
272 ctx->strict_io = false;
273 ctx->cache_ro = false;
274 ctx->cache_rw = false;
275 break;
276 case Opt_cache_ro:
277 ctx->direct_io = false;
278 ctx->strict_io = false;
279 ctx->cache_ro = true;
280 ctx->cache_rw = false;
281 break;
282 case Opt_cache_rw:
283 ctx->direct_io = false;
284 ctx->strict_io = false;
285 ctx->cache_ro = false;
286 ctx->cache_rw = true;
287 break;
288 default:
289 cifs_errorf(fc, "bad cache= option: %s\n", value);
290 return 1;
291 }
292 return 0;
293 }
294
295 #define DUP_CTX_STR(field) \
296 do { \
297 if (ctx->field) { \
298 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \
299 if (new_ctx->field == NULL) { \
300 smb3_cleanup_fs_context_contents(new_ctx); \
301 return -ENOMEM; \
302 } \
303 } \
304 } while (0)
305
306 int
smb3_fs_context_dup(struct smb3_fs_context * new_ctx,struct smb3_fs_context * ctx)307 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx)
308 {
309 memcpy(new_ctx, ctx, sizeof(*ctx));
310 new_ctx->prepath = NULL;
311 new_ctx->mount_options = NULL;
312 new_ctx->nodename = NULL;
313 new_ctx->username = NULL;
314 new_ctx->password = NULL;
315 new_ctx->server_hostname = NULL;
316 new_ctx->domainname = NULL;
317 new_ctx->UNC = NULL;
318 new_ctx->source = NULL;
319 new_ctx->iocharset = NULL;
320 /*
321 * Make sure to stay in sync with smb3_cleanup_fs_context_contents()
322 */
323 DUP_CTX_STR(prepath);
324 DUP_CTX_STR(mount_options);
325 DUP_CTX_STR(username);
326 DUP_CTX_STR(password);
327 DUP_CTX_STR(server_hostname);
328 DUP_CTX_STR(UNC);
329 DUP_CTX_STR(source);
330 DUP_CTX_STR(domainname);
331 DUP_CTX_STR(nodename);
332 DUP_CTX_STR(iocharset);
333
334 return 0;
335 }
336
337 static int
cifs_parse_smb_version(struct fs_context * fc,char * value,struct smb3_fs_context * ctx,bool is_smb3)338 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3)
339 {
340 substring_t args[MAX_OPT_ARGS];
341
342 switch (match_token(value, cifs_smb_version_tokens, args)) {
343 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
344 case Smb_1:
345 if (disable_legacy_dialects) {
346 cifs_errorf(fc, "mount with legacy dialect disabled\n");
347 return 1;
348 }
349 if (is_smb3) {
350 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
351 return 1;
352 }
353 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
354 ctx->ops = &smb1_operations;
355 ctx->vals = &smb1_values;
356 break;
357 case Smb_20:
358 if (disable_legacy_dialects) {
359 cifs_errorf(fc, "mount with legacy dialect disabled\n");
360 return 1;
361 }
362 if (is_smb3) {
363 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n");
364 return 1;
365 }
366 ctx->ops = &smb20_operations;
367 ctx->vals = &smb20_values;
368 break;
369 #else
370 case Smb_1:
371 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
372 return 1;
373 case Smb_20:
374 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n");
375 return 1;
376 #endif /* CIFS_ALLOW_INSECURE_LEGACY */
377 case Smb_21:
378 ctx->ops = &smb21_operations;
379 ctx->vals = &smb21_values;
380 break;
381 case Smb_30:
382 ctx->ops = &smb30_operations;
383 ctx->vals = &smb30_values;
384 break;
385 case Smb_302:
386 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
387 ctx->vals = &smb302_values;
388 break;
389 case Smb_311:
390 ctx->ops = &smb311_operations;
391 ctx->vals = &smb311_values;
392 break;
393 case Smb_3any:
394 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
395 ctx->vals = &smb3any_values;
396 break;
397 case Smb_default:
398 ctx->ops = &smb30_operations;
399 ctx->vals = &smbdefault_values;
400 break;
401 default:
402 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value);
403 return 1;
404 }
405 return 0;
406 }
407
smb3_parse_opt(const char * options,const char * key,char ** val)408 int smb3_parse_opt(const char *options, const char *key, char **val)
409 {
410 int rc = -ENOENT;
411 char *opts, *orig, *p;
412
413 orig = opts = kstrdup(options, GFP_KERNEL);
414 if (!opts)
415 return -ENOMEM;
416
417 while ((p = strsep(&opts, ","))) {
418 char *nval;
419
420 if (!*p)
421 continue;
422 if (strncasecmp(p, key, strlen(key)))
423 continue;
424 nval = strchr(p, '=');
425 if (nval) {
426 if (nval == p)
427 continue;
428 *nval++ = 0;
429 *val = kstrdup(nval, GFP_KERNEL);
430 rc = !*val ? -ENOMEM : 0;
431 goto out;
432 }
433 }
434 out:
435 kfree(orig);
436 return rc;
437 }
438
439 /*
440 * Remove duplicate path delimiters. Windows is supposed to do that
441 * but there are some bugs that prevent rename from working if there are
442 * multiple delimiters.
443 *
444 * Returns a sanitized duplicate of @path. The caller is responsible for
445 * cleaning up the original.
446 */
447 #define IS_DELIM(c) ((c) == '/' || (c) == '\\')
sanitize_path(char * path)448 static char *sanitize_path(char *path)
449 {
450 char *cursor1 = path, *cursor2 = path;
451
452 /* skip all prepended delimiters */
453 while (IS_DELIM(*cursor1))
454 cursor1++;
455
456 /* copy the first letter */
457 *cursor2 = *cursor1;
458
459 /* copy the remainder... */
460 while (*(cursor1++)) {
461 /* ... skipping all duplicated delimiters */
462 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2))
463 continue;
464 *(++cursor2) = *cursor1;
465 }
466
467 /* if the last character is a delimiter, skip it */
468 if (IS_DELIM(*(cursor2 - 1)))
469 cursor2--;
470
471 *(cursor2) = '\0';
472 return kstrdup(path, GFP_KERNEL);
473 }
474
475 /*
476 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath
477 * fields with the result. Returns 0 on success and an error otherwise
478 * (e.g. ENOMEM or EINVAL)
479 */
480 int
smb3_parse_devname(const char * devname,struct smb3_fs_context * ctx)481 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
482 {
483 char *pos;
484 const char *delims = "/\\";
485 size_t len;
486
487 if (unlikely(!devname || !*devname)) {
488 cifs_dbg(VFS, "Device name not specified\n");
489 return -EINVAL;
490 }
491
492 /* make sure we have a valid UNC double delimiter prefix */
493 len = strspn(devname, delims);
494 if (len != 2)
495 return -EINVAL;
496
497 /* find delimiter between host and sharename */
498 pos = strpbrk(devname + 2, delims);
499 if (!pos)
500 return -EINVAL;
501
502 /* record the server hostname */
503 kfree(ctx->server_hostname);
504 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL);
505 if (!ctx->server_hostname)
506 return -ENOMEM;
507
508 /* skip past delimiter */
509 ++pos;
510
511 /* now go until next delimiter or end of string */
512 len = strcspn(pos, delims);
513
514 /* move "pos" up to delimiter or NULL */
515 pos += len;
516 kfree(ctx->UNC);
517 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
518 if (!ctx->UNC)
519 return -ENOMEM;
520
521 convert_delimiter(ctx->UNC, '\\');
522
523 /* skip any delimiter */
524 if (*pos == '/' || *pos == '\\')
525 pos++;
526
527 kfree(ctx->prepath);
528 ctx->prepath = NULL;
529
530 /* If pos is NULL then no prepath */
531 if (!*pos)
532 return 0;
533
534 ctx->prepath = sanitize_path(pos);
535 if (!ctx->prepath)
536 return -ENOMEM;
537
538 return 0;
539 }
540
541 static void smb3_fs_context_free(struct fs_context *fc);
542 static int smb3_fs_context_parse_param(struct fs_context *fc,
543 struct fs_parameter *param);
544 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
545 void *data);
546 static int smb3_get_tree(struct fs_context *fc);
547 static int smb3_reconfigure(struct fs_context *fc);
548
549 static const struct fs_context_operations smb3_fs_context_ops = {
550 .free = smb3_fs_context_free,
551 .parse_param = smb3_fs_context_parse_param,
552 .parse_monolithic = smb3_fs_context_parse_monolithic,
553 .get_tree = smb3_get_tree,
554 .reconfigure = smb3_reconfigure,
555 };
556
557 /*
558 * Parse a monolithic block of data from sys_mount().
559 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data
560 * @ctx: The superblock configuration to fill in.
561 * @data: The data to parse
562 *
563 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be
564 * called from the ->monolithic_mount_data() fs_context operation.
565 *
566 * Returns 0 on success or the error returned by the ->parse_option() fs_context
567 * operation on failure.
568 */
smb3_fs_context_parse_monolithic(struct fs_context * fc,void * data)569 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
570 void *data)
571 {
572 struct smb3_fs_context *ctx = smb3_fc2context(fc);
573 char *options = data, *key;
574 int ret = 0;
575
576 if (!options)
577 return 0;
578
579 ctx->mount_options = kstrdup(data, GFP_KERNEL);
580 if (ctx->mount_options == NULL)
581 return -ENOMEM;
582
583 ret = security_sb_eat_lsm_opts(options, &fc->security);
584 if (ret)
585 return ret;
586
587 /* BB Need to add support for sep= here TBD */
588 while ((key = strsep(&options, ",")) != NULL) {
589 size_t len;
590 char *value;
591
592 if (*key == 0)
593 break;
594
595 /* Check if following character is the deliminator If yes,
596 * we have encountered a double deliminator reset the NULL
597 * character to the deliminator
598 */
599 while (options && options[0] == ',') {
600 len = strlen(key);
601 strcpy(key + len, options);
602 options = strchr(options, ',');
603 if (options)
604 *options++ = 0;
605 }
606
607
608 len = 0;
609 value = strchr(key, '=');
610 if (value) {
611 if (value == key)
612 continue;
613 *value++ = 0;
614 len = strlen(value);
615 }
616
617 ret = vfs_parse_fs_string(fc, key, value, len);
618 if (ret < 0)
619 break;
620 }
621
622 return ret;
623 }
624
625 /*
626 * Validate the preparsed information in the config.
627 */
smb3_fs_context_validate(struct fs_context * fc)628 static int smb3_fs_context_validate(struct fs_context *fc)
629 {
630 struct smb3_fs_context *ctx = smb3_fc2context(fc);
631
632 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) {
633 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n");
634 return -EOPNOTSUPP;
635 }
636
637 #ifndef CONFIG_KEYS
638 /* Muliuser mounts require CONFIG_KEYS support */
639 if (ctx->multiuser) {
640 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
641 return -1;
642 }
643 #endif
644
645 if (ctx->got_version == false)
646 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n");
647
648
649 if (!ctx->UNC) {
650 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n");
651 return -1;
652 }
653
654 /* make sure UNC has a share name */
655 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) {
656 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n");
657 return -ENOENT;
658 }
659
660 if (!ctx->got_ip) {
661 int len;
662 const char *slash;
663
664 /* No ip= option specified? Try to get it from UNC */
665 /* Use the address part of the UNC. */
666 slash = strchr(&ctx->UNC[2], '\\');
667 len = slash - &ctx->UNC[2];
668 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
669 &ctx->UNC[2], len)) {
670 pr_err("Unable to determine destination address\n");
671 return -EHOSTUNREACH;
672 }
673 }
674
675 /* set the port that we got earlier */
676 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port);
677
678 if (ctx->override_uid && !ctx->uid_specified) {
679 ctx->override_uid = 0;
680 pr_notice("ignoring forceuid mount option specified with no uid= option\n");
681 }
682
683 if (ctx->override_gid && !ctx->gid_specified) {
684 ctx->override_gid = 0;
685 pr_notice("ignoring forcegid mount option specified with no gid= option\n");
686 }
687
688 return 0;
689 }
690
smb3_get_tree_common(struct fs_context * fc)691 static int smb3_get_tree_common(struct fs_context *fc)
692 {
693 struct smb3_fs_context *ctx = smb3_fc2context(fc);
694 struct dentry *root;
695 int rc = 0;
696
697 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx);
698 if (IS_ERR(root))
699 return PTR_ERR(root);
700
701 fc->root = root;
702
703 return rc;
704 }
705
706 /*
707 * Create an SMB3 superblock from the parameters passed.
708 */
smb3_get_tree(struct fs_context * fc)709 static int smb3_get_tree(struct fs_context *fc)
710 {
711 int err = smb3_fs_context_validate(fc);
712 int ret;
713
714 if (err)
715 return err;
716 mutex_lock(&cifs_mount_mutex);
717 ret = smb3_get_tree_common(fc);
718 mutex_unlock(&cifs_mount_mutex);
719 return ret;
720 }
721
smb3_fs_context_free(struct fs_context * fc)722 static void smb3_fs_context_free(struct fs_context *fc)
723 {
724 struct smb3_fs_context *ctx = smb3_fc2context(fc);
725
726 smb3_cleanup_fs_context(ctx);
727 }
728
729 /*
730 * Compare the old and new proposed context during reconfigure
731 * and check if the changes are compatible.
732 */
smb3_verify_reconfigure_ctx(struct fs_context * fc,struct smb3_fs_context * new_ctx,struct smb3_fs_context * old_ctx)733 static int smb3_verify_reconfigure_ctx(struct fs_context *fc,
734 struct smb3_fs_context *new_ctx,
735 struct smb3_fs_context *old_ctx)
736 {
737 if (new_ctx->posix_paths != old_ctx->posix_paths) {
738 cifs_errorf(fc, "can not change posixpaths during remount\n");
739 return -EINVAL;
740 }
741 if (new_ctx->sectype != old_ctx->sectype) {
742 cifs_errorf(fc, "can not change sec during remount\n");
743 return -EINVAL;
744 }
745 if (new_ctx->multiuser != old_ctx->multiuser) {
746 cifs_errorf(fc, "can not change multiuser during remount\n");
747 return -EINVAL;
748 }
749 if (new_ctx->UNC &&
750 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) {
751 cifs_errorf(fc, "can not change UNC during remount\n");
752 return -EINVAL;
753 }
754 if (new_ctx->username &&
755 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) {
756 cifs_errorf(fc, "can not change username during remount\n");
757 return -EINVAL;
758 }
759 if (new_ctx->password &&
760 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) {
761 cifs_errorf(fc, "can not change password during remount\n");
762 return -EINVAL;
763 }
764 if (new_ctx->domainname &&
765 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) {
766 cifs_errorf(fc, "can not change domainname during remount\n");
767 return -EINVAL;
768 }
769 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) {
770 cifs_errorf(fc, "can not change workstation_name during remount\n");
771 return -EINVAL;
772 }
773 if (new_ctx->nodename &&
774 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) {
775 cifs_errorf(fc, "can not change nodename during remount\n");
776 return -EINVAL;
777 }
778 if (new_ctx->iocharset &&
779 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) {
780 cifs_errorf(fc, "can not change iocharset during remount\n");
781 return -EINVAL;
782 }
783
784 return 0;
785 }
786
787 #define STEAL_STRING(cifs_sb, ctx, field) \
788 do { \
789 kfree(ctx->field); \
790 ctx->field = cifs_sb->ctx->field; \
791 cifs_sb->ctx->field = NULL; \
792 } while (0)
793
794 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \
795 do { \
796 kfree_sensitive(ctx->field); \
797 ctx->field = cifs_sb->ctx->field; \
798 cifs_sb->ctx->field = NULL; \
799 } while (0)
800
smb3_reconfigure(struct fs_context * fc)801 static int smb3_reconfigure(struct fs_context *fc)
802 {
803 struct smb3_fs_context *ctx = smb3_fc2context(fc);
804 struct dentry *root = fc->root;
805 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb);
806 int rc;
807
808 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx);
809 if (rc)
810 return rc;
811
812 /*
813 * We can not change UNC/username/password/domainname/
814 * workstation_name/nodename/iocharset
815 * during reconnect so ignore what we have in the new context and
816 * just use what we already have in cifs_sb->ctx.
817 */
818 STEAL_STRING(cifs_sb, ctx, UNC);
819 STEAL_STRING(cifs_sb, ctx, source);
820 STEAL_STRING(cifs_sb, ctx, username);
821 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password);
822 STEAL_STRING(cifs_sb, ctx, domainname);
823 STEAL_STRING(cifs_sb, ctx, nodename);
824 STEAL_STRING(cifs_sb, ctx, iocharset);
825
826 /* if rsize or wsize not passed in on remount, use previous values */
827 if (ctx->rsize == 0)
828 ctx->rsize = cifs_sb->ctx->rsize;
829 if (ctx->wsize == 0)
830 ctx->wsize = cifs_sb->ctx->wsize;
831
832
833 smb3_cleanup_fs_context_contents(cifs_sb->ctx);
834 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx);
835 smb3_update_mnt_flags(cifs_sb);
836 #ifdef CONFIG_CIFS_DFS_UPCALL
837 if (!rc)
838 rc = dfs_cache_remount_fs(cifs_sb);
839 #endif
840
841 return rc;
842 }
843
smb3_fs_context_parse_param(struct fs_context * fc,struct fs_parameter * param)844 static int smb3_fs_context_parse_param(struct fs_context *fc,
845 struct fs_parameter *param)
846 {
847 struct fs_parse_result result;
848 struct smb3_fs_context *ctx = smb3_fc2context(fc);
849 int i, opt;
850 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3");
851 bool skip_parsing = false;
852 kuid_t uid;
853 kgid_t gid;
854
855 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key);
856
857 /*
858 * fs_parse can not handle string options with an empty value so
859 * we will need special handling of them.
860 */
861 if (param->type == fs_value_is_string && param->string[0] == 0) {
862 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) {
863 skip_parsing = true;
864 opt = Opt_pass;
865 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) {
866 skip_parsing = true;
867 opt = Opt_user;
868 }
869 }
870
871 if (!skip_parsing) {
872 opt = fs_parse(fc, smb3_fs_parameters, param, &result);
873 if (opt < 0)
874 return ctx->sloppy ? 1 : opt;
875 }
876
877 switch (opt) {
878 case Opt_compress:
879 ctx->compression = UNKNOWN_TYPE;
880 cifs_dbg(VFS,
881 "SMB3 compression support is experimental\n");
882 break;
883 case Opt_nodfs:
884 ctx->nodfs = 1;
885 break;
886 case Opt_hard:
887 if (result.negated)
888 ctx->retry = 0;
889 else
890 ctx->retry = 1;
891 break;
892 case Opt_soft:
893 if (result.negated)
894 ctx->retry = 1;
895 else
896 ctx->retry = 0;
897 break;
898 case Opt_mapposix:
899 if (result.negated)
900 ctx->remap = false;
901 else {
902 ctx->remap = true;
903 ctx->sfu_remap = false; /* disable SFU mapping */
904 }
905 break;
906 case Opt_user_xattr:
907 if (result.negated)
908 ctx->no_xattr = 1;
909 else
910 ctx->no_xattr = 0;
911 break;
912 case Opt_forceuid:
913 if (result.negated)
914 ctx->override_uid = 0;
915 else
916 ctx->override_uid = 1;
917 break;
918 case Opt_forcegid:
919 if (result.negated)
920 ctx->override_gid = 0;
921 else
922 ctx->override_gid = 1;
923 break;
924 case Opt_perm:
925 if (result.negated)
926 ctx->noperm = 1;
927 else
928 ctx->noperm = 0;
929 break;
930 case Opt_dynperm:
931 if (result.negated)
932 ctx->dynperm = 0;
933 else
934 ctx->dynperm = 1;
935 break;
936 case Opt_sfu:
937 if (result.negated)
938 ctx->sfu_emul = 0;
939 else
940 ctx->sfu_emul = 1;
941 break;
942 case Opt_noblocksend:
943 ctx->noblocksnd = 1;
944 break;
945 case Opt_noautotune:
946 ctx->noautotune = 1;
947 break;
948 case Opt_nolease:
949 ctx->no_lease = 1;
950 break;
951 case Opt_nosparse:
952 ctx->no_sparse = 1;
953 break;
954 case Opt_nodelete:
955 ctx->nodelete = 1;
956 break;
957 case Opt_multichannel:
958 if (result.negated) {
959 ctx->multichannel = false;
960 ctx->max_channels = 1;
961 } else {
962 ctx->multichannel = true;
963 /* if number of channels not specified, default to 2 */
964 if (ctx->max_channels < 2)
965 ctx->max_channels = 2;
966 }
967 break;
968 case Opt_uid:
969 uid = make_kuid(current_user_ns(), result.uint_32);
970 if (!uid_valid(uid))
971 goto cifs_parse_mount_err;
972 ctx->linux_uid = uid;
973 ctx->uid_specified = true;
974 break;
975 case Opt_cruid:
976 uid = make_kuid(current_user_ns(), result.uint_32);
977 if (!uid_valid(uid))
978 goto cifs_parse_mount_err;
979 ctx->cred_uid = uid;
980 ctx->cruid_specified = true;
981 break;
982 case Opt_backupuid:
983 uid = make_kuid(current_user_ns(), result.uint_32);
984 if (!uid_valid(uid))
985 goto cifs_parse_mount_err;
986 ctx->backupuid = uid;
987 ctx->backupuid_specified = true;
988 break;
989 case Opt_backupgid:
990 gid = make_kgid(current_user_ns(), result.uint_32);
991 if (!gid_valid(gid))
992 goto cifs_parse_mount_err;
993 ctx->backupgid = gid;
994 ctx->backupgid_specified = true;
995 break;
996 case Opt_gid:
997 gid = make_kgid(current_user_ns(), result.uint_32);
998 if (!gid_valid(gid))
999 goto cifs_parse_mount_err;
1000 ctx->linux_gid = gid;
1001 ctx->gid_specified = true;
1002 break;
1003 case Opt_port:
1004 ctx->port = result.uint_32;
1005 break;
1006 case Opt_file_mode:
1007 ctx->file_mode = result.uint_32;
1008 break;
1009 case Opt_dirmode:
1010 ctx->dir_mode = result.uint_32;
1011 break;
1012 case Opt_min_enc_offload:
1013 ctx->min_offload = result.uint_32;
1014 break;
1015 case Opt_blocksize:
1016 /*
1017 * inode blocksize realistically should never need to be
1018 * less than 16K or greater than 16M and default is 1MB.
1019 * Note that small inode block sizes (e.g. 64K) can lead
1020 * to very poor performance of common tools like cp and scp
1021 */
1022 if ((result.uint_32 < CIFS_MAX_MSGSIZE) ||
1023 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) {
1024 cifs_errorf(fc, "%s: Invalid blocksize\n",
1025 __func__);
1026 goto cifs_parse_mount_err;
1027 }
1028 ctx->bsize = result.uint_32;
1029 ctx->got_bsize = true;
1030 break;
1031 case Opt_rasize:
1032 /*
1033 * readahead size realistically should never need to be
1034 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M
1035 * (perhaps an exception should be considered in the
1036 * for the case of a large number of channels
1037 * when multichannel is negotiated) since that would lead
1038 * to plenty of parallel I/O in flight to the server.
1039 * Note that smaller read ahead sizes would
1040 * hurt performance of common tools like cp and scp
1041 * which often trigger sequential i/o with read ahead
1042 */
1043 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) ||
1044 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) {
1045 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n",
1046 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE);
1047 goto cifs_parse_mount_err;
1048 }
1049 ctx->rasize = result.uint_32;
1050 break;
1051 case Opt_rsize:
1052 ctx->rsize = result.uint_32;
1053 ctx->got_rsize = true;
1054 break;
1055 case Opt_wsize:
1056 ctx->wsize = result.uint_32;
1057 ctx->got_wsize = true;
1058 break;
1059 case Opt_acregmax:
1060 ctx->acregmax = HZ * result.uint_32;
1061 if (ctx->acregmax > CIFS_MAX_ACTIMEO) {
1062 cifs_errorf(fc, "acregmax too large\n");
1063 goto cifs_parse_mount_err;
1064 }
1065 break;
1066 case Opt_acdirmax:
1067 ctx->acdirmax = HZ * result.uint_32;
1068 if (ctx->acdirmax > CIFS_MAX_ACTIMEO) {
1069 cifs_errorf(fc, "acdirmax too large\n");
1070 goto cifs_parse_mount_err;
1071 }
1072 break;
1073 case Opt_actimeo:
1074 if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) {
1075 cifs_errorf(fc, "timeout too large\n");
1076 goto cifs_parse_mount_err;
1077 }
1078 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) ||
1079 (ctx->acregmax != CIFS_DEF_ACTIMEO)) {
1080 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n");
1081 break;
1082 }
1083 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32;
1084 break;
1085 case Opt_closetimeo:
1086 ctx->closetimeo = HZ * result.uint_32;
1087 if (ctx->closetimeo > SMB3_MAX_DCLOSETIMEO) {
1088 cifs_errorf(fc, "closetimeo too large\n");
1089 goto cifs_parse_mount_err;
1090 }
1091 break;
1092 case Opt_echo_interval:
1093 ctx->echo_interval = result.uint_32;
1094 break;
1095 case Opt_snapshot:
1096 ctx->snapshot_time = result.uint_64;
1097 break;
1098 case Opt_max_credits:
1099 if (result.uint_32 < 20 || result.uint_32 > 60000) {
1100 cifs_errorf(fc, "%s: Invalid max_credits value\n",
1101 __func__);
1102 goto cifs_parse_mount_err;
1103 }
1104 ctx->max_credits = result.uint_32;
1105 break;
1106 case Opt_max_channels:
1107 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) {
1108 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n",
1109 __func__, CIFS_MAX_CHANNELS);
1110 goto cifs_parse_mount_err;
1111 }
1112 ctx->max_channels = result.uint_32;
1113 /* If more than one channel requested ... they want multichan */
1114 if (result.uint_32 > 1)
1115 ctx->multichannel = true;
1116 break;
1117 case Opt_handletimeout:
1118 ctx->handle_timeout = result.uint_32;
1119 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) {
1120 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n");
1121 goto cifs_parse_mount_err;
1122 }
1123 break;
1124 case Opt_source:
1125 kfree(ctx->UNC);
1126 ctx->UNC = NULL;
1127 switch (smb3_parse_devname(param->string, ctx)) {
1128 case 0:
1129 break;
1130 case -ENOMEM:
1131 cifs_errorf(fc, "Unable to allocate memory for devname\n");
1132 goto cifs_parse_mount_err;
1133 case -EINVAL:
1134 cifs_errorf(fc, "Malformed UNC in devname\n");
1135 goto cifs_parse_mount_err;
1136 default:
1137 cifs_errorf(fc, "Unknown error parsing devname\n");
1138 goto cifs_parse_mount_err;
1139 }
1140 ctx->source = kstrdup(param->string, GFP_KERNEL);
1141 if (ctx->source == NULL) {
1142 cifs_errorf(fc, "OOM when copying UNC string\n");
1143 goto cifs_parse_mount_err;
1144 }
1145 fc->source = kstrdup(param->string, GFP_KERNEL);
1146 if (fc->source == NULL) {
1147 cifs_errorf(fc, "OOM when copying UNC string\n");
1148 goto cifs_parse_mount_err;
1149 }
1150 break;
1151 case Opt_user:
1152 kfree(ctx->username);
1153 ctx->username = NULL;
1154 if (strlen(param->string) == 0) {
1155 /* null user, ie. anonymous authentication */
1156 ctx->nullauth = 1;
1157 break;
1158 }
1159
1160 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) >
1161 CIFS_MAX_USERNAME_LEN) {
1162 pr_warn("username too long\n");
1163 goto cifs_parse_mount_err;
1164 }
1165 ctx->username = kstrdup(param->string, GFP_KERNEL);
1166 if (ctx->username == NULL) {
1167 cifs_errorf(fc, "OOM when copying username string\n");
1168 goto cifs_parse_mount_err;
1169 }
1170 break;
1171 case Opt_pass:
1172 kfree_sensitive(ctx->password);
1173 ctx->password = NULL;
1174 if (strlen(param->string) == 0)
1175 break;
1176
1177 ctx->password = kstrdup(param->string, GFP_KERNEL);
1178 if (ctx->password == NULL) {
1179 cifs_errorf(fc, "OOM when copying password string\n");
1180 goto cifs_parse_mount_err;
1181 }
1182 break;
1183 case Opt_ip:
1184 if (strlen(param->string) == 0) {
1185 ctx->got_ip = false;
1186 break;
1187 }
1188 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
1189 param->string,
1190 strlen(param->string))) {
1191 pr_err("bad ip= option (%s)\n", param->string);
1192 goto cifs_parse_mount_err;
1193 }
1194 ctx->got_ip = true;
1195 break;
1196 case Opt_domain:
1197 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN)
1198 == CIFS_MAX_DOMAINNAME_LEN) {
1199 pr_warn("domain name too long\n");
1200 goto cifs_parse_mount_err;
1201 }
1202
1203 kfree(ctx->domainname);
1204 ctx->domainname = kstrdup(param->string, GFP_KERNEL);
1205 if (ctx->domainname == NULL) {
1206 cifs_errorf(fc, "OOM when copying domainname string\n");
1207 goto cifs_parse_mount_err;
1208 }
1209 cifs_dbg(FYI, "Domain name set\n");
1210 break;
1211 case Opt_srcaddr:
1212 if (!cifs_convert_address(
1213 (struct sockaddr *)&ctx->srcaddr,
1214 param->string, strlen(param->string))) {
1215 pr_warn("Could not parse srcaddr: %s\n",
1216 param->string);
1217 goto cifs_parse_mount_err;
1218 }
1219 break;
1220 case Opt_iocharset:
1221 if (strnlen(param->string, 1024) >= 65) {
1222 pr_warn("iocharset name too long\n");
1223 goto cifs_parse_mount_err;
1224 }
1225
1226 if (strncasecmp(param->string, "default", 7) != 0) {
1227 kfree(ctx->iocharset);
1228 ctx->iocharset = kstrdup(param->string, GFP_KERNEL);
1229 if (ctx->iocharset == NULL) {
1230 cifs_errorf(fc, "OOM when copying iocharset string\n");
1231 goto cifs_parse_mount_err;
1232 }
1233 }
1234 /* if iocharset not set then load_nls_default
1235 * is used by caller
1236 */
1237 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset);
1238 break;
1239 case Opt_netbiosname:
1240 memset(ctx->source_rfc1001_name, 0x20,
1241 RFC1001_NAME_LEN);
1242 /*
1243 * FIXME: are there cases in which a comma can
1244 * be valid in workstation netbios name (and
1245 * need special handling)?
1246 */
1247 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1248 /* don't ucase netbiosname for user */
1249 if (param->string[i] == 0)
1250 break;
1251 ctx->source_rfc1001_name[i] = param->string[i];
1252 }
1253 /* The string has 16th byte zero still from
1254 * set at top of the function
1255 */
1256 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1257 pr_warn("netbiosname longer than 15 truncated\n");
1258 break;
1259 case Opt_servern:
1260 /* last byte, type, is 0x20 for servr type */
1261 memset(ctx->target_rfc1001_name, 0x20,
1262 RFC1001_NAME_LEN_WITH_NULL);
1263 /*
1264 * BB are there cases in which a comma can be valid in this
1265 * workstation netbios name (and need special handling)?
1266 */
1267
1268 /* user or mount helper must uppercase the netbios name */
1269 for (i = 0; i < 15; i++) {
1270 if (param->string[i] == 0)
1271 break;
1272 ctx->target_rfc1001_name[i] = param->string[i];
1273 }
1274
1275 /* The string has 16th byte zero still from set at top of function */
1276 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1277 pr_warn("server netbiosname longer than 15 truncated\n");
1278 break;
1279 case Opt_ver:
1280 /* version of mount userspace tools, not dialect */
1281 /* If interface changes in mount.cifs bump to new ver */
1282 if (strncasecmp(param->string, "1", 1) == 0) {
1283 if (strlen(param->string) > 1) {
1284 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n",
1285 param->string);
1286 goto cifs_parse_mount_err;
1287 }
1288 /* This is the default */
1289 break;
1290 }
1291 /* For all other value, error */
1292 pr_warn("Invalid mount helper version specified\n");
1293 goto cifs_parse_mount_err;
1294 case Opt_vers:
1295 /* protocol version (dialect) */
1296 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0)
1297 goto cifs_parse_mount_err;
1298 ctx->got_version = true;
1299 break;
1300 case Opt_sec:
1301 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0)
1302 goto cifs_parse_mount_err;
1303 break;
1304 case Opt_cache:
1305 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0)
1306 goto cifs_parse_mount_err;
1307 break;
1308 case Opt_witness:
1309 #ifndef CONFIG_CIFS_SWN_UPCALL
1310 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n");
1311 goto cifs_parse_mount_err;
1312 #endif
1313 ctx->witness = true;
1314 pr_warn_once("Witness protocol support is experimental\n");
1315 break;
1316 case Opt_rootfs:
1317 #ifndef CONFIG_CIFS_ROOT
1318 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n");
1319 goto cifs_parse_mount_err;
1320 #endif
1321 ctx->rootfs = true;
1322 break;
1323 case Opt_posixpaths:
1324 if (result.negated)
1325 ctx->posix_paths = 0;
1326 else
1327 ctx->posix_paths = 1;
1328 break;
1329 case Opt_unix:
1330 if (result.negated) {
1331 if (ctx->linux_ext == 1)
1332 pr_warn_once("conflicting posix mount options specified\n");
1333 ctx->linux_ext = 0;
1334 ctx->no_linux_ext = 1;
1335 } else {
1336 if (ctx->no_linux_ext == 1)
1337 pr_warn_once("conflicting posix mount options specified\n");
1338 ctx->linux_ext = 1;
1339 ctx->no_linux_ext = 0;
1340 }
1341 break;
1342 case Opt_nocase:
1343 ctx->nocase = 1;
1344 break;
1345 case Opt_brl:
1346 if (result.negated) {
1347 /*
1348 * turn off mandatory locking in mode
1349 * if remote locking is turned off since the
1350 * local vfs will do advisory
1351 */
1352 if (ctx->file_mode ==
1353 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1354 ctx->file_mode = S_IALLUGO;
1355 ctx->nobrl = 1;
1356 } else
1357 ctx->nobrl = 0;
1358 break;
1359 case Opt_handlecache:
1360 if (result.negated)
1361 ctx->nohandlecache = 1;
1362 else
1363 ctx->nohandlecache = 0;
1364 break;
1365 case Opt_forcemandatorylock:
1366 ctx->mand_lock = 1;
1367 break;
1368 case Opt_setuids:
1369 ctx->setuids = result.negated;
1370 break;
1371 case Opt_intr:
1372 ctx->intr = !result.negated;
1373 break;
1374 case Opt_setuidfromacl:
1375 ctx->setuidfromacl = 1;
1376 break;
1377 case Opt_strictsync:
1378 ctx->nostrictsync = result.negated;
1379 break;
1380 case Opt_serverino:
1381 ctx->server_ino = !result.negated;
1382 break;
1383 case Opt_rwpidforward:
1384 ctx->rwpidforward = 1;
1385 break;
1386 case Opt_modesid:
1387 ctx->mode_ace = 1;
1388 break;
1389 case Opt_cifsacl:
1390 ctx->cifs_acl = !result.negated;
1391 break;
1392 case Opt_acl:
1393 ctx->no_psx_acl = result.negated;
1394 break;
1395 case Opt_locallease:
1396 ctx->local_lease = 1;
1397 break;
1398 case Opt_sign:
1399 ctx->sign = true;
1400 break;
1401 case Opt_ignore_signature:
1402 ctx->sign = true;
1403 ctx->ignore_signature = true;
1404 break;
1405 case Opt_seal:
1406 /* we do not do the following in secFlags because seal
1407 * is a per tree connection (mount) not a per socket
1408 * or per-smb connection option in the protocol
1409 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1410 */
1411 ctx->seal = 1;
1412 break;
1413 case Opt_noac:
1414 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1415 break;
1416 case Opt_fsc:
1417 #ifndef CONFIG_CIFS_FSCACHE
1418 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1419 goto cifs_parse_mount_err;
1420 #endif
1421 ctx->fsc = true;
1422 break;
1423 case Opt_mfsymlinks:
1424 ctx->mfsymlinks = true;
1425 break;
1426 case Opt_multiuser:
1427 ctx->multiuser = true;
1428 break;
1429 case Opt_sloppy:
1430 ctx->sloppy = true;
1431 break;
1432 case Opt_nosharesock:
1433 ctx->nosharesock = true;
1434 break;
1435 case Opt_persistent:
1436 if (result.negated) {
1437 ctx->nopersistent = true;
1438 if (ctx->persistent) {
1439 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1440 goto cifs_parse_mount_err;
1441 }
1442 } else {
1443 ctx->persistent = true;
1444 if ((ctx->nopersistent) || (ctx->resilient)) {
1445 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1446 goto cifs_parse_mount_err;
1447 }
1448 }
1449 break;
1450 case Opt_resilient:
1451 if (result.negated) {
1452 ctx->resilient = false; /* already the default */
1453 } else {
1454 ctx->resilient = true;
1455 if (ctx->persistent) {
1456 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1457 goto cifs_parse_mount_err;
1458 }
1459 }
1460 break;
1461 case Opt_tcp_nodelay:
1462 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */
1463 if (result.negated)
1464 ctx->sockopt_tcp_nodelay = false;
1465 else
1466 ctx->sockopt_tcp_nodelay = true;
1467 break;
1468 case Opt_domainauto:
1469 ctx->domainauto = true;
1470 break;
1471 case Opt_rdma:
1472 ctx->rdma = true;
1473 break;
1474 }
1475 /* case Opt_ignore: - is ignored as expected ... */
1476
1477 return 0;
1478
1479 cifs_parse_mount_err:
1480 kfree_sensitive(ctx->password);
1481 return -EINVAL;
1482 }
1483
smb3_init_fs_context(struct fs_context * fc)1484 int smb3_init_fs_context(struct fs_context *fc)
1485 {
1486 struct smb3_fs_context *ctx;
1487 char *nodename = utsname()->nodename;
1488 int i;
1489
1490 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL);
1491 if (unlikely(!ctx))
1492 return -ENOMEM;
1493
1494 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name));
1495
1496 /*
1497 * does not have to be perfect mapping since field is
1498 * informational, only used for servers that do not support
1499 * port 445 and it can be overridden at mount time
1500 */
1501 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1502 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1503 ctx->source_rfc1001_name[i] = toupper(nodename[i]);
1504
1505 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1506 /*
1507 * null target name indicates to use *SMBSERVR default called name
1508 * if we end up sending RFC1001 session initialize
1509 */
1510 ctx->target_rfc1001_name[0] = 0;
1511 ctx->cred_uid = current_uid();
1512 ctx->linux_uid = current_uid();
1513 ctx->linux_gid = current_gid();
1514 /* By default 4MB read ahead size, 1MB block size */
1515 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */
1516 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */
1517
1518 /*
1519 * default to SFM style remapping of seven reserved characters
1520 * unless user overrides it or we negotiate CIFS POSIX where
1521 * it is unnecessary. Can not simultaneously use more than one mapping
1522 * since then readdir could list files that open could not open
1523 */
1524 ctx->remap = true;
1525
1526 /* default to only allowing write access to owner of the mount */
1527 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1528
1529 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1530 /* default is always to request posix paths. */
1531 ctx->posix_paths = 1;
1532 /* default to using server inode numbers where available */
1533 ctx->server_ino = 1;
1534
1535 /* default is to use strict cifs caching semantics */
1536 ctx->strict_io = true;
1537
1538 ctx->acregmax = CIFS_DEF_ACTIMEO;
1539 ctx->acdirmax = CIFS_DEF_ACTIMEO;
1540 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO;
1541
1542 /* Most clients set timeout to 0, allows server to use its default */
1543 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */
1544
1545 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
1546 ctx->ops = &smb30_operations;
1547 ctx->vals = &smbdefault_values;
1548
1549 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
1550
1551 /* default to no multichannel (single server connection) */
1552 ctx->multichannel = false;
1553 ctx->max_channels = 1;
1554
1555 ctx->backupuid_specified = false; /* no backup intent for a user */
1556 ctx->backupgid_specified = false; /* no backup intent for a group */
1557
1558 /*
1559 * short int override_uid = -1;
1560 * short int override_gid = -1;
1561 * char *nodename = strdup(utsname()->nodename);
1562 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
1563 */
1564
1565 fc->fs_private = ctx;
1566 fc->ops = &smb3_fs_context_ops;
1567 return 0;
1568 }
1569
1570 void
smb3_cleanup_fs_context_contents(struct smb3_fs_context * ctx)1571 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx)
1572 {
1573 if (ctx == NULL)
1574 return;
1575
1576 /*
1577 * Make sure this stays in sync with smb3_fs_context_dup()
1578 */
1579 kfree(ctx->mount_options);
1580 ctx->mount_options = NULL;
1581 kfree(ctx->username);
1582 ctx->username = NULL;
1583 kfree_sensitive(ctx->password);
1584 ctx->password = NULL;
1585 kfree(ctx->server_hostname);
1586 ctx->server_hostname = NULL;
1587 kfree(ctx->UNC);
1588 ctx->UNC = NULL;
1589 kfree(ctx->source);
1590 ctx->source = NULL;
1591 kfree(ctx->domainname);
1592 ctx->domainname = NULL;
1593 kfree(ctx->nodename);
1594 ctx->nodename = NULL;
1595 kfree(ctx->iocharset);
1596 ctx->iocharset = NULL;
1597 kfree(ctx->prepath);
1598 ctx->prepath = NULL;
1599 }
1600
1601 void
smb3_cleanup_fs_context(struct smb3_fs_context * ctx)1602 smb3_cleanup_fs_context(struct smb3_fs_context *ctx)
1603 {
1604 if (!ctx)
1605 return;
1606 smb3_cleanup_fs_context_contents(ctx);
1607 kfree(ctx);
1608 }
1609
smb3_update_mnt_flags(struct cifs_sb_info * cifs_sb)1610 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb)
1611 {
1612 struct smb3_fs_context *ctx = cifs_sb->ctx;
1613
1614 if (ctx->nodfs)
1615 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS;
1616 else
1617 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS;
1618
1619 if (ctx->noperm)
1620 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
1621 else
1622 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM;
1623
1624 if (ctx->setuids)
1625 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
1626 else
1627 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID;
1628
1629 if (ctx->setuidfromacl)
1630 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL;
1631 else
1632 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL;
1633
1634 if (ctx->server_ino)
1635 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
1636 else
1637 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM;
1638
1639 if (ctx->remap)
1640 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR;
1641 else
1642 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR;
1643
1644 if (ctx->sfu_remap)
1645 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
1646 else
1647 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR;
1648
1649 if (ctx->no_xattr)
1650 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
1651 else
1652 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR;
1653
1654 if (ctx->sfu_emul)
1655 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
1656 else
1657 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL;
1658
1659 if (ctx->nobrl)
1660 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
1661 else
1662 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL;
1663
1664 if (ctx->nohandlecache)
1665 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE;
1666 else
1667 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE;
1668
1669 if (ctx->nostrictsync)
1670 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
1671 else
1672 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC;
1673
1674 if (ctx->mand_lock)
1675 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
1676 else
1677 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL;
1678
1679 if (ctx->rwpidforward)
1680 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
1681 else
1682 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD;
1683
1684 if (ctx->mode_ace)
1685 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID;
1686 else
1687 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID;
1688
1689 if (ctx->cifs_acl)
1690 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
1691 else
1692 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL;
1693
1694 if (ctx->backupuid_specified)
1695 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
1696 else
1697 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID;
1698
1699 if (ctx->backupgid_specified)
1700 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
1701 else
1702 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID;
1703
1704 if (ctx->override_uid)
1705 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
1706 else
1707 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID;
1708
1709 if (ctx->override_gid)
1710 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
1711 else
1712 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID;
1713
1714 if (ctx->dynperm)
1715 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
1716 else
1717 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM;
1718
1719 if (ctx->fsc)
1720 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
1721 else
1722 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE;
1723
1724 if (ctx->multiuser)
1725 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
1726 CIFS_MOUNT_NO_PERM);
1727 else
1728 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER;
1729
1730
1731 if (ctx->strict_io)
1732 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
1733 else
1734 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO;
1735
1736 if (ctx->direct_io)
1737 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
1738 else
1739 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO;
1740
1741 if (ctx->mfsymlinks)
1742 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
1743 else
1744 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS;
1745 if (ctx->mfsymlinks) {
1746 if (ctx->sfu_emul) {
1747 /*
1748 * Our SFU ("Services for Unix" emulation does not allow
1749 * creating symlinks but does allow reading existing SFU
1750 * symlinks (it does allow both creating and reading SFU
1751 * style mknod and FIFOs though). When "mfsymlinks" and
1752 * "sfu" are both enabled at the same time, it allows
1753 * reading both types of symlinks, but will only create
1754 * them with mfsymlinks format. This allows better
1755 * Apple compatibility (probably better for Samba too)
1756 * while still recognizing old Windows style symlinks.
1757 */
1758 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n");
1759 }
1760 }
1761 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN;
1762
1763 return;
1764 }
1765