1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * SMB2 version specific operations
4 *
5 * Copyright (c) 2012, Jeff Layton <jlayton@redhat.com>
6 */
7
8 #include <linux/pagemap.h>
9 #include <linux/vfs.h>
10 #include <linux/falloc.h>
11 #include <linux/scatterlist.h>
12 #include <linux/uuid.h>
13 #include <linux/sort.h>
14 #include <crypto/aead.h>
15 #include <linux/fiemap.h>
16 #include <uapi/linux/magic.h>
17 #include "cifsfs.h"
18 #include "cifsglob.h"
19 #include "smb2pdu.h"
20 #include "smb2proto.h"
21 #include "cifsproto.h"
22 #include "cifs_debug.h"
23 #include "cifs_unicode.h"
24 #include "smb2status.h"
25 #include "smb2glob.h"
26 #include "cifs_ioctl.h"
27 #include "smbdirect.h"
28 #include "fscache.h"
29 #include "fs_context.h"
30
31 /* Change credits for different ops and return the total number of credits */
32 static int
change_conf(struct TCP_Server_Info * server)33 change_conf(struct TCP_Server_Info *server)
34 {
35 server->credits += server->echo_credits + server->oplock_credits;
36 server->oplock_credits = server->echo_credits = 0;
37 switch (server->credits) {
38 case 0:
39 return 0;
40 case 1:
41 server->echoes = false;
42 server->oplocks = false;
43 break;
44 case 2:
45 server->echoes = true;
46 server->oplocks = false;
47 server->echo_credits = 1;
48 break;
49 default:
50 server->echoes = true;
51 if (enable_oplocks) {
52 server->oplocks = true;
53 server->oplock_credits = 1;
54 } else
55 server->oplocks = false;
56
57 server->echo_credits = 1;
58 }
59 server->credits -= server->echo_credits + server->oplock_credits;
60 return server->credits + server->echo_credits + server->oplock_credits;
61 }
62
63 static void
smb2_add_credits(struct TCP_Server_Info * server,const struct cifs_credits * credits,const int optype)64 smb2_add_credits(struct TCP_Server_Info *server,
65 const struct cifs_credits *credits, const int optype)
66 {
67 int *val, rc = -1;
68 int scredits, in_flight;
69 unsigned int add = credits->value;
70 unsigned int instance = credits->instance;
71 bool reconnect_detected = false;
72 bool reconnect_with_invalid_credits = false;
73
74 spin_lock(&server->req_lock);
75 val = server->ops->get_credits_field(server, optype);
76
77 /* eg found case where write overlapping reconnect messed up credits */
78 if (((optype & CIFS_OP_MASK) == CIFS_NEG_OP) && (*val != 0))
79 reconnect_with_invalid_credits = true;
80
81 if ((instance == 0) || (instance == server->reconnect_instance))
82 *val += add;
83 else
84 reconnect_detected = true;
85
86 if (*val > 65000) {
87 *val = 65000; /* Don't get near 64K credits, avoid srv bugs */
88 pr_warn_once("server overflowed SMB3 credits\n");
89 trace_smb3_overflow_credits(server->CurrentMid,
90 server->conn_id, server->hostname, *val,
91 add, server->in_flight);
92 }
93 server->in_flight--;
94 if (server->in_flight == 0 &&
95 ((optype & CIFS_OP_MASK) != CIFS_NEG_OP) &&
96 ((optype & CIFS_OP_MASK) != CIFS_SESS_OP))
97 rc = change_conf(server);
98 /*
99 * Sometimes server returns 0 credits on oplock break ack - we need to
100 * rebalance credits in this case.
101 */
102 else if (server->in_flight > 0 && server->oplock_credits == 0 &&
103 server->oplocks) {
104 if (server->credits > 1) {
105 server->credits--;
106 server->oplock_credits++;
107 }
108 }
109 scredits = *val;
110 in_flight = server->in_flight;
111 spin_unlock(&server->req_lock);
112 wake_up(&server->request_q);
113
114 if (reconnect_detected) {
115 trace_smb3_reconnect_detected(server->CurrentMid,
116 server->conn_id, server->hostname, scredits, add, in_flight);
117
118 cifs_dbg(FYI, "trying to put %d credits from the old server instance %d\n",
119 add, instance);
120 }
121
122 if (reconnect_with_invalid_credits) {
123 trace_smb3_reconnect_with_invalid_credits(server->CurrentMid,
124 server->conn_id, server->hostname, scredits, add, in_flight);
125 cifs_dbg(FYI, "Negotiate operation when server credits is non-zero. Optype: %d, server credits: %d, credits added: %d\n",
126 optype, scredits, add);
127 }
128
129 spin_lock(&cifs_tcp_ses_lock);
130 if (server->tcpStatus == CifsNeedReconnect
131 || server->tcpStatus == CifsExiting) {
132 spin_unlock(&cifs_tcp_ses_lock);
133 return;
134 }
135 spin_unlock(&cifs_tcp_ses_lock);
136
137 switch (rc) {
138 case -1:
139 /* change_conf hasn't been executed */
140 break;
141 case 0:
142 cifs_server_dbg(VFS, "Possible client or server bug - zero credits\n");
143 break;
144 case 1:
145 cifs_server_dbg(VFS, "disabling echoes and oplocks\n");
146 break;
147 case 2:
148 cifs_dbg(FYI, "disabling oplocks\n");
149 break;
150 default:
151 /* change_conf rebalanced credits for different types */
152 break;
153 }
154
155 trace_smb3_add_credits(server->CurrentMid,
156 server->conn_id, server->hostname, scredits, add, in_flight);
157 cifs_dbg(FYI, "%s: added %u credits total=%d\n", __func__, add, scredits);
158 }
159
160 static void
smb2_set_credits(struct TCP_Server_Info * server,const int val)161 smb2_set_credits(struct TCP_Server_Info *server, const int val)
162 {
163 int scredits, in_flight;
164
165 spin_lock(&server->req_lock);
166 server->credits = val;
167 if (val == 1)
168 server->reconnect_instance++;
169 scredits = server->credits;
170 in_flight = server->in_flight;
171 spin_unlock(&server->req_lock);
172
173 trace_smb3_set_credits(server->CurrentMid,
174 server->conn_id, server->hostname, scredits, val, in_flight);
175 cifs_dbg(FYI, "%s: set %u credits\n", __func__, val);
176
177 /* don't log while holding the lock */
178 if (val == 1)
179 cifs_dbg(FYI, "set credits to 1 due to smb2 reconnect\n");
180 }
181
182 static int *
smb2_get_credits_field(struct TCP_Server_Info * server,const int optype)183 smb2_get_credits_field(struct TCP_Server_Info *server, const int optype)
184 {
185 switch (optype) {
186 case CIFS_ECHO_OP:
187 return &server->echo_credits;
188 case CIFS_OBREAK_OP:
189 return &server->oplock_credits;
190 default:
191 return &server->credits;
192 }
193 }
194
195 static unsigned int
smb2_get_credits(struct mid_q_entry * mid)196 smb2_get_credits(struct mid_q_entry *mid)
197 {
198 return mid->credits_received;
199 }
200
201 static int
smb2_wait_mtu_credits(struct TCP_Server_Info * server,unsigned int size,unsigned int * num,struct cifs_credits * credits)202 smb2_wait_mtu_credits(struct TCP_Server_Info *server, unsigned int size,
203 unsigned int *num, struct cifs_credits *credits)
204 {
205 int rc = 0;
206 unsigned int scredits, in_flight;
207
208 spin_lock(&server->req_lock);
209 while (1) {
210 if (server->credits <= 0) {
211 spin_unlock(&server->req_lock);
212 cifs_num_waiters_inc(server);
213 rc = wait_event_killable(server->request_q,
214 has_credits(server, &server->credits, 1));
215 cifs_num_waiters_dec(server);
216 if (rc)
217 return rc;
218 spin_lock(&server->req_lock);
219 } else {
220 spin_unlock(&server->req_lock);
221 spin_lock(&cifs_tcp_ses_lock);
222 if (server->tcpStatus == CifsExiting) {
223 spin_unlock(&cifs_tcp_ses_lock);
224 return -ENOENT;
225 }
226 spin_unlock(&cifs_tcp_ses_lock);
227
228 spin_lock(&server->req_lock);
229 scredits = server->credits;
230 /* can deadlock with reopen */
231 if (scredits <= 8) {
232 *num = SMB2_MAX_BUFFER_SIZE;
233 credits->value = 0;
234 credits->instance = 0;
235 break;
236 }
237
238 /* leave some credits for reopen and other ops */
239 scredits -= 8;
240 *num = min_t(unsigned int, size,
241 scredits * SMB2_MAX_BUFFER_SIZE);
242
243 credits->value =
244 DIV_ROUND_UP(*num, SMB2_MAX_BUFFER_SIZE);
245 credits->instance = server->reconnect_instance;
246 server->credits -= credits->value;
247 server->in_flight++;
248 if (server->in_flight > server->max_in_flight)
249 server->max_in_flight = server->in_flight;
250 break;
251 }
252 }
253 scredits = server->credits;
254 in_flight = server->in_flight;
255 spin_unlock(&server->req_lock);
256
257 trace_smb3_wait_credits(server->CurrentMid,
258 server->conn_id, server->hostname, scredits, -(credits->value), in_flight);
259 cifs_dbg(FYI, "%s: removed %u credits total=%d\n",
260 __func__, credits->value, scredits);
261
262 return rc;
263 }
264
265 static int
smb2_adjust_credits(struct TCP_Server_Info * server,struct cifs_credits * credits,const unsigned int payload_size)266 smb2_adjust_credits(struct TCP_Server_Info *server,
267 struct cifs_credits *credits,
268 const unsigned int payload_size)
269 {
270 int new_val = DIV_ROUND_UP(payload_size, SMB2_MAX_BUFFER_SIZE);
271 int scredits, in_flight;
272
273 if (!credits->value || credits->value == new_val)
274 return 0;
275
276 if (credits->value < new_val) {
277 trace_smb3_too_many_credits(server->CurrentMid,
278 server->conn_id, server->hostname, 0, credits->value - new_val, 0);
279 cifs_server_dbg(VFS, "request has less credits (%d) than required (%d)",
280 credits->value, new_val);
281
282 return -ENOTSUPP;
283 }
284
285 spin_lock(&server->req_lock);
286
287 if (server->reconnect_instance != credits->instance) {
288 scredits = server->credits;
289 in_flight = server->in_flight;
290 spin_unlock(&server->req_lock);
291
292 trace_smb3_reconnect_detected(server->CurrentMid,
293 server->conn_id, server->hostname, scredits,
294 credits->value - new_val, in_flight);
295 cifs_server_dbg(VFS, "trying to return %d credits to old session\n",
296 credits->value - new_val);
297 return -EAGAIN;
298 }
299
300 server->credits += credits->value - new_val;
301 scredits = server->credits;
302 in_flight = server->in_flight;
303 spin_unlock(&server->req_lock);
304 wake_up(&server->request_q);
305
306 trace_smb3_adj_credits(server->CurrentMid,
307 server->conn_id, server->hostname, scredits,
308 credits->value - new_val, in_flight);
309 cifs_dbg(FYI, "%s: adjust added %u credits total=%d\n",
310 __func__, credits->value - new_val, scredits);
311
312 credits->value = new_val;
313
314 return 0;
315 }
316
317 static __u64
smb2_get_next_mid(struct TCP_Server_Info * server)318 smb2_get_next_mid(struct TCP_Server_Info *server)
319 {
320 __u64 mid;
321 /* for SMB2 we need the current value */
322 spin_lock(&GlobalMid_Lock);
323 mid = server->CurrentMid++;
324 spin_unlock(&GlobalMid_Lock);
325 return mid;
326 }
327
328 static void
smb2_revert_current_mid(struct TCP_Server_Info * server,const unsigned int val)329 smb2_revert_current_mid(struct TCP_Server_Info *server, const unsigned int val)
330 {
331 spin_lock(&GlobalMid_Lock);
332 if (server->CurrentMid >= val)
333 server->CurrentMid -= val;
334 spin_unlock(&GlobalMid_Lock);
335 }
336
337 static struct mid_q_entry *
__smb2_find_mid(struct TCP_Server_Info * server,char * buf,bool dequeue)338 __smb2_find_mid(struct TCP_Server_Info *server, char *buf, bool dequeue)
339 {
340 struct mid_q_entry *mid;
341 struct smb2_hdr *shdr = (struct smb2_hdr *)buf;
342 __u64 wire_mid = le64_to_cpu(shdr->MessageId);
343
344 if (shdr->ProtocolId == SMB2_TRANSFORM_PROTO_NUM) {
345 cifs_server_dbg(VFS, "Encrypted frame parsing not supported yet\n");
346 return NULL;
347 }
348
349 spin_lock(&GlobalMid_Lock);
350 list_for_each_entry(mid, &server->pending_mid_q, qhead) {
351 if ((mid->mid == wire_mid) &&
352 (mid->mid_state == MID_REQUEST_SUBMITTED) &&
353 (mid->command == shdr->Command)) {
354 kref_get(&mid->refcount);
355 if (dequeue) {
356 list_del_init(&mid->qhead);
357 mid->mid_flags |= MID_DELETED;
358 }
359 spin_unlock(&GlobalMid_Lock);
360 return mid;
361 }
362 }
363 spin_unlock(&GlobalMid_Lock);
364 return NULL;
365 }
366
367 static struct mid_q_entry *
smb2_find_mid(struct TCP_Server_Info * server,char * buf)368 smb2_find_mid(struct TCP_Server_Info *server, char *buf)
369 {
370 return __smb2_find_mid(server, buf, false);
371 }
372
373 static struct mid_q_entry *
smb2_find_dequeue_mid(struct TCP_Server_Info * server,char * buf)374 smb2_find_dequeue_mid(struct TCP_Server_Info *server, char *buf)
375 {
376 return __smb2_find_mid(server, buf, true);
377 }
378
379 static void
smb2_dump_detail(void * buf,struct TCP_Server_Info * server)380 smb2_dump_detail(void *buf, struct TCP_Server_Info *server)
381 {
382 #ifdef CONFIG_CIFS_DEBUG2
383 struct smb2_hdr *shdr = (struct smb2_hdr *)buf;
384
385 cifs_server_dbg(VFS, "Cmd: %d Err: 0x%x Flags: 0x%x Mid: %llu Pid: %d\n",
386 shdr->Command, shdr->Status, shdr->Flags, shdr->MessageId,
387 shdr->Id.SyncId.ProcessId);
388 cifs_server_dbg(VFS, "smb buf %p len %u\n", buf,
389 server->ops->calc_smb_size(buf, server));
390 #endif
391 }
392
393 static bool
smb2_need_neg(struct TCP_Server_Info * server)394 smb2_need_neg(struct TCP_Server_Info *server)
395 {
396 return server->max_read == 0;
397 }
398
399 static int
smb2_negotiate(const unsigned int xid,struct cifs_ses * ses,struct TCP_Server_Info * server)400 smb2_negotiate(const unsigned int xid,
401 struct cifs_ses *ses,
402 struct TCP_Server_Info *server)
403 {
404 int rc;
405
406 spin_lock(&GlobalMid_Lock);
407 server->CurrentMid = 0;
408 spin_unlock(&GlobalMid_Lock);
409 rc = SMB2_negotiate(xid, ses, server);
410 /* BB we probably don't need to retry with modern servers */
411 if (rc == -EAGAIN)
412 rc = -EHOSTDOWN;
413 return rc;
414 }
415
416 static unsigned int
smb2_negotiate_wsize(struct cifs_tcon * tcon,struct smb3_fs_context * ctx)417 smb2_negotiate_wsize(struct cifs_tcon *tcon, struct smb3_fs_context *ctx)
418 {
419 struct TCP_Server_Info *server = tcon->ses->server;
420 unsigned int wsize;
421
422 /* start with specified wsize, or default */
423 wsize = ctx->wsize ? ctx->wsize : CIFS_DEFAULT_IOSIZE;
424 wsize = min_t(unsigned int, wsize, server->max_write);
425 if (!(server->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU))
426 wsize = min_t(unsigned int, wsize, SMB2_MAX_BUFFER_SIZE);
427
428 return wsize;
429 }
430
431 static unsigned int
smb3_negotiate_wsize(struct cifs_tcon * tcon,struct smb3_fs_context * ctx)432 smb3_negotiate_wsize(struct cifs_tcon *tcon, struct smb3_fs_context *ctx)
433 {
434 struct TCP_Server_Info *server = tcon->ses->server;
435 unsigned int wsize;
436
437 /* start with specified wsize, or default */
438 wsize = ctx->wsize ? ctx->wsize : SMB3_DEFAULT_IOSIZE;
439 wsize = min_t(unsigned int, wsize, server->max_write);
440 #ifdef CONFIG_CIFS_SMB_DIRECT
441 if (server->rdma) {
442 if (server->sign)
443 /*
444 * Account for SMB2 data transfer packet header and
445 * possible encryption header
446 */
447 wsize = min_t(unsigned int,
448 wsize,
449 server->smbd_conn->max_fragmented_send_size -
450 SMB2_READWRITE_PDU_HEADER_SIZE -
451 sizeof(struct smb2_transform_hdr));
452 else
453 wsize = min_t(unsigned int,
454 wsize, server->smbd_conn->max_readwrite_size);
455 }
456 #endif
457 if (!(server->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU))
458 wsize = min_t(unsigned int, wsize, SMB2_MAX_BUFFER_SIZE);
459
460 return wsize;
461 }
462
463 static unsigned int
smb2_negotiate_rsize(struct cifs_tcon * tcon,struct smb3_fs_context * ctx)464 smb2_negotiate_rsize(struct cifs_tcon *tcon, struct smb3_fs_context *ctx)
465 {
466 struct TCP_Server_Info *server = tcon->ses->server;
467 unsigned int rsize;
468
469 /* start with specified rsize, or default */
470 rsize = ctx->rsize ? ctx->rsize : CIFS_DEFAULT_IOSIZE;
471 rsize = min_t(unsigned int, rsize, server->max_read);
472
473 if (!(server->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU))
474 rsize = min_t(unsigned int, rsize, SMB2_MAX_BUFFER_SIZE);
475
476 return rsize;
477 }
478
479 static unsigned int
smb3_negotiate_rsize(struct cifs_tcon * tcon,struct smb3_fs_context * ctx)480 smb3_negotiate_rsize(struct cifs_tcon *tcon, struct smb3_fs_context *ctx)
481 {
482 struct TCP_Server_Info *server = tcon->ses->server;
483 unsigned int rsize;
484
485 /* start with specified rsize, or default */
486 rsize = ctx->rsize ? ctx->rsize : SMB3_DEFAULT_IOSIZE;
487 rsize = min_t(unsigned int, rsize, server->max_read);
488 #ifdef CONFIG_CIFS_SMB_DIRECT
489 if (server->rdma) {
490 if (server->sign)
491 /*
492 * Account for SMB2 data transfer packet header and
493 * possible encryption header
494 */
495 rsize = min_t(unsigned int,
496 rsize,
497 server->smbd_conn->max_fragmented_recv_size -
498 SMB2_READWRITE_PDU_HEADER_SIZE -
499 sizeof(struct smb2_transform_hdr));
500 else
501 rsize = min_t(unsigned int,
502 rsize, server->smbd_conn->max_readwrite_size);
503 }
504 #endif
505
506 if (!(server->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU))
507 rsize = min_t(unsigned int, rsize, SMB2_MAX_BUFFER_SIZE);
508
509 return rsize;
510 }
511
512 static int
parse_server_interfaces(struct network_interface_info_ioctl_rsp * buf,size_t buf_len,struct cifs_ses * ses)513 parse_server_interfaces(struct network_interface_info_ioctl_rsp *buf,
514 size_t buf_len,
515 struct cifs_ses *ses)
516 {
517 struct network_interface_info_ioctl_rsp *p;
518 struct sockaddr_in *addr4;
519 struct sockaddr_in6 *addr6;
520 struct iface_info_ipv4 *p4;
521 struct iface_info_ipv6 *p6;
522 struct cifs_server_iface *info = NULL, *iface = NULL, *niface = NULL;
523 struct cifs_server_iface tmp_iface;
524 ssize_t bytes_left;
525 size_t next = 0;
526 int nb_iface = 0;
527 int rc = 0, ret = 0;
528
529 bytes_left = buf_len;
530 p = buf;
531
532 spin_lock(&ses->iface_lock);
533 /*
534 * Go through iface_list and do kref_put to remove
535 * any unused ifaces. ifaces in use will be removed
536 * when the last user calls a kref_put on it
537 */
538 list_for_each_entry_safe(iface, niface, &ses->iface_list,
539 iface_head) {
540 iface->is_active = 0;
541 kref_put(&iface->refcount, release_iface);
542 }
543 spin_unlock(&ses->iface_lock);
544
545 while (bytes_left >= sizeof(*p)) {
546 memset(&tmp_iface, 0, sizeof(tmp_iface));
547 tmp_iface.speed = le64_to_cpu(p->LinkSpeed);
548 tmp_iface.rdma_capable = le32_to_cpu(p->Capability & RDMA_CAPABLE) ? 1 : 0;
549 tmp_iface.rss_capable = le32_to_cpu(p->Capability & RSS_CAPABLE) ? 1 : 0;
550
551 switch (p->Family) {
552 /*
553 * The kernel and wire socket structures have the same
554 * layout and use network byte order but make the
555 * conversion explicit in case either one changes.
556 */
557 case INTERNETWORK:
558 addr4 = (struct sockaddr_in *)&tmp_iface.sockaddr;
559 p4 = (struct iface_info_ipv4 *)p->Buffer;
560 addr4->sin_family = AF_INET;
561 memcpy(&addr4->sin_addr, &p4->IPv4Address, 4);
562
563 /* [MS-SMB2] 2.2.32.5.1.1 Clients MUST ignore these */
564 addr4->sin_port = cpu_to_be16(CIFS_PORT);
565
566 cifs_dbg(FYI, "%s: ipv4 %pI4\n", __func__,
567 &addr4->sin_addr);
568 break;
569 case INTERNETWORKV6:
570 addr6 = (struct sockaddr_in6 *)&tmp_iface.sockaddr;
571 p6 = (struct iface_info_ipv6 *)p->Buffer;
572 addr6->sin6_family = AF_INET6;
573 memcpy(&addr6->sin6_addr, &p6->IPv6Address, 16);
574
575 /* [MS-SMB2] 2.2.32.5.1.2 Clients MUST ignore these */
576 addr6->sin6_flowinfo = 0;
577 addr6->sin6_scope_id = 0;
578 addr6->sin6_port = cpu_to_be16(CIFS_PORT);
579
580 cifs_dbg(FYI, "%s: ipv6 %pI6\n", __func__,
581 &addr6->sin6_addr);
582 break;
583 default:
584 cifs_dbg(VFS,
585 "%s: skipping unsupported socket family\n",
586 __func__);
587 goto next_iface;
588 }
589
590 /*
591 * The iface_list is assumed to be sorted by speed.
592 * Check if the new interface exists in that list.
593 * NEVER change iface. it could be in use.
594 * Add a new one instead
595 */
596 spin_lock(&ses->iface_lock);
597 iface = niface = NULL;
598 list_for_each_entry_safe(iface, niface, &ses->iface_list,
599 iface_head) {
600 ret = iface_cmp(iface, &tmp_iface);
601 if (!ret) {
602 /* just get a ref so that it doesn't get picked/freed */
603 iface->is_active = 1;
604 kref_get(&iface->refcount);
605 spin_unlock(&ses->iface_lock);
606 goto next_iface;
607 } else if (ret < 0) {
608 /* all remaining ifaces are slower */
609 kref_get(&iface->refcount);
610 break;
611 }
612 }
613 spin_unlock(&ses->iface_lock);
614
615 /* no match. insert the entry in the list */
616 info = kmalloc(sizeof(struct cifs_server_iface),
617 GFP_KERNEL);
618 if (!info) {
619 rc = -ENOMEM;
620 goto out;
621 }
622 memcpy(info, &tmp_iface, sizeof(tmp_iface));
623
624 /* add this new entry to the list */
625 kref_init(&info->refcount);
626 info->is_active = 1;
627
628 cifs_dbg(FYI, "%s: adding iface %zu\n", __func__, ses->iface_count);
629 cifs_dbg(FYI, "%s: speed %zu bps\n", __func__, info->speed);
630 cifs_dbg(FYI, "%s: capabilities 0x%08x\n", __func__,
631 le32_to_cpu(p->Capability));
632
633 spin_lock(&ses->iface_lock);
634 if (!list_entry_is_head(iface, &ses->iface_list, iface_head)) {
635 list_add_tail(&info->iface_head, &iface->iface_head);
636 kref_put(&iface->refcount, release_iface);
637 } else
638 list_add_tail(&info->iface_head, &ses->iface_list);
639 spin_unlock(&ses->iface_lock);
640
641 ses->iface_count++;
642 ses->iface_last_update = jiffies;
643 next_iface:
644 nb_iface++;
645 next = le32_to_cpu(p->Next);
646 if (!next) {
647 bytes_left -= sizeof(*p);
648 break;
649 }
650 p = (struct network_interface_info_ioctl_rsp *)((u8 *)p+next);
651 bytes_left -= next;
652 }
653
654 if (!nb_iface) {
655 cifs_dbg(VFS, "%s: malformed interface info\n", __func__);
656 rc = -EINVAL;
657 goto out;
658 }
659
660 /* Azure rounds the buffer size up 8, to a 16 byte boundary */
661 if ((bytes_left > 8) || p->Next)
662 cifs_dbg(VFS, "%s: incomplete interface info\n", __func__);
663
664
665 if (!ses->iface_count) {
666 rc = -EINVAL;
667 goto out;
668 }
669
670 out:
671 return rc;
672 }
673
674 int
SMB3_request_interfaces(const unsigned int xid,struct cifs_tcon * tcon)675 SMB3_request_interfaces(const unsigned int xid, struct cifs_tcon *tcon)
676 {
677 int rc;
678 unsigned int ret_data_len = 0;
679 struct network_interface_info_ioctl_rsp *out_buf = NULL;
680 struct cifs_ses *ses = tcon->ses;
681
682 rc = SMB2_ioctl(xid, tcon, NO_FILE_ID, NO_FILE_ID,
683 FSCTL_QUERY_NETWORK_INTERFACE_INFO,
684 NULL /* no data input */, 0 /* no data input */,
685 CIFSMaxBufSize, (char **)&out_buf, &ret_data_len);
686 if (rc == -EOPNOTSUPP) {
687 cifs_dbg(FYI,
688 "server does not support query network interfaces\n");
689 goto out;
690 } else if (rc != 0) {
691 cifs_tcon_dbg(VFS, "error %d on ioctl to get interface list\n", rc);
692 goto out;
693 }
694
695 rc = parse_server_interfaces(out_buf, ret_data_len, ses);
696 if (rc)
697 goto out;
698
699 out:
700 kfree(out_buf);
701 return rc;
702 }
703
704 static void
smb2_close_cached_fid(struct kref * ref)705 smb2_close_cached_fid(struct kref *ref)
706 {
707 struct cached_fid *cfid = container_of(ref, struct cached_fid,
708 refcount);
709 struct cached_dirent *dirent, *q;
710
711 if (cfid->is_valid) {
712 cifs_dbg(FYI, "clear cached root file handle\n");
713 SMB2_close(0, cfid->tcon, cfid->fid->persistent_fid,
714 cfid->fid->volatile_fid);
715 }
716
717 /*
718 * We only check validity above to send SMB2_close,
719 * but we still need to invalidate these entries
720 * when this function is called
721 */
722 cfid->is_valid = false;
723 cfid->file_all_info_is_valid = false;
724 cfid->has_lease = false;
725 if (cfid->dentry) {
726 dput(cfid->dentry);
727 cfid->dentry = NULL;
728 }
729 /*
730 * Delete all cached dirent names
731 */
732 mutex_lock(&cfid->dirents.de_mutex);
733 list_for_each_entry_safe(dirent, q, &cfid->dirents.entries, entry) {
734 list_del(&dirent->entry);
735 kfree(dirent->name);
736 kfree(dirent);
737 }
738 cfid->dirents.is_valid = 0;
739 cfid->dirents.is_failed = 0;
740 cfid->dirents.ctx = NULL;
741 cfid->dirents.pos = 0;
742 mutex_unlock(&cfid->dirents.de_mutex);
743
744 }
745
close_cached_dir(struct cached_fid * cfid)746 void close_cached_dir(struct cached_fid *cfid)
747 {
748 mutex_lock(&cfid->fid_mutex);
749 kref_put(&cfid->refcount, smb2_close_cached_fid);
750 mutex_unlock(&cfid->fid_mutex);
751 }
752
close_cached_dir_lease_locked(struct cached_fid * cfid)753 void close_cached_dir_lease_locked(struct cached_fid *cfid)
754 {
755 if (cfid->has_lease) {
756 cfid->has_lease = false;
757 kref_put(&cfid->refcount, smb2_close_cached_fid);
758 }
759 }
760
close_cached_dir_lease(struct cached_fid * cfid)761 void close_cached_dir_lease(struct cached_fid *cfid)
762 {
763 mutex_lock(&cfid->fid_mutex);
764 close_cached_dir_lease_locked(cfid);
765 mutex_unlock(&cfid->fid_mutex);
766 }
767
768 void
smb2_cached_lease_break(struct work_struct * work)769 smb2_cached_lease_break(struct work_struct *work)
770 {
771 struct cached_fid *cfid = container_of(work,
772 struct cached_fid, lease_break);
773
774 close_cached_dir_lease(cfid);
775 }
776
777 /*
778 * Open the and cache a directory handle.
779 * Only supported for the root handle.
780 * If error then *cfid is not initialized.
781 */
open_cached_dir(unsigned int xid,struct cifs_tcon * tcon,const char * path,struct cifs_sb_info * cifs_sb,struct cached_fid ** cfid)782 int open_cached_dir(unsigned int xid, struct cifs_tcon *tcon,
783 const char *path,
784 struct cifs_sb_info *cifs_sb,
785 struct cached_fid **cfid)
786 {
787 struct cifs_ses *ses;
788 struct TCP_Server_Info *server;
789 struct cifs_open_parms oparms;
790 struct smb2_create_rsp *o_rsp = NULL;
791 struct smb2_query_info_rsp *qi_rsp = NULL;
792 int resp_buftype[2];
793 struct smb_rqst rqst[2];
794 struct kvec rsp_iov[2];
795 struct kvec open_iov[SMB2_CREATE_IOV_SIZE];
796 struct kvec qi_iov[1];
797 int rc, flags = 0;
798 __le16 utf16_path = 0; /* Null - since an open of top of share */
799 u8 oplock = SMB2_OPLOCK_LEVEL_II;
800 struct cifs_fid *pfid;
801 struct dentry *dentry;
802
803 if (tcon == NULL || tcon->nohandlecache ||
804 is_smb1_server(tcon->ses->server))
805 return -ENOTSUPP;
806
807 ses = tcon->ses;
808 server = ses->server;
809
810 if (cifs_sb->root == NULL)
811 return -ENOENT;
812
813 if (strlen(path))
814 return -ENOENT;
815
816 dentry = cifs_sb->root;
817
818 mutex_lock(&tcon->crfid.fid_mutex);
819 if (tcon->crfid.is_valid) {
820 cifs_dbg(FYI, "found a cached root file handle\n");
821 *cfid = &tcon->crfid;
822 kref_get(&tcon->crfid.refcount);
823 mutex_unlock(&tcon->crfid.fid_mutex);
824 return 0;
825 }
826
827 /*
828 * We do not hold the lock for the open because in case
829 * SMB2_open needs to reconnect, it will end up calling
830 * cifs_mark_open_files_invalid() which takes the lock again
831 * thus causing a deadlock
832 */
833
834 mutex_unlock(&tcon->crfid.fid_mutex);
835
836 if (smb3_encryption_required(tcon))
837 flags |= CIFS_TRANSFORM_REQ;
838
839 if (!server->ops->new_lease_key)
840 return -EIO;
841
842 pfid = tcon->crfid.fid;
843 server->ops->new_lease_key(pfid);
844
845 memset(rqst, 0, sizeof(rqst));
846 resp_buftype[0] = resp_buftype[1] = CIFS_NO_BUFFER;
847 memset(rsp_iov, 0, sizeof(rsp_iov));
848
849 /* Open */
850 memset(&open_iov, 0, sizeof(open_iov));
851 rqst[0].rq_iov = open_iov;
852 rqst[0].rq_nvec = SMB2_CREATE_IOV_SIZE;
853
854 oparms.tcon = tcon;
855 oparms.create_options = cifs_create_options(cifs_sb, CREATE_NOT_FILE);
856 oparms.desired_access = FILE_READ_ATTRIBUTES;
857 oparms.disposition = FILE_OPEN;
858 oparms.fid = pfid;
859 oparms.reconnect = false;
860
861 rc = SMB2_open_init(tcon, server,
862 &rqst[0], &oplock, &oparms, &utf16_path);
863 if (rc)
864 goto oshr_free;
865 smb2_set_next_command(tcon, &rqst[0]);
866
867 memset(&qi_iov, 0, sizeof(qi_iov));
868 rqst[1].rq_iov = qi_iov;
869 rqst[1].rq_nvec = 1;
870
871 rc = SMB2_query_info_init(tcon, server,
872 &rqst[1], COMPOUND_FID,
873 COMPOUND_FID, FILE_ALL_INFORMATION,
874 SMB2_O_INFO_FILE, 0,
875 sizeof(struct smb2_file_all_info) +
876 PATH_MAX * 2, 0, NULL);
877 if (rc)
878 goto oshr_free;
879
880 smb2_set_related(&rqst[1]);
881
882 rc = compound_send_recv(xid, ses, server,
883 flags, 2, rqst,
884 resp_buftype, rsp_iov);
885 mutex_lock(&tcon->crfid.fid_mutex);
886
887 /*
888 * Now we need to check again as the cached root might have
889 * been successfully re-opened from a concurrent process
890 */
891
892 if (tcon->crfid.is_valid) {
893 /* work was already done */
894
895 /* stash fids for close() later */
896 struct cifs_fid fid = {
897 .persistent_fid = pfid->persistent_fid,
898 .volatile_fid = pfid->volatile_fid,
899 };
900
901 /*
902 * caller expects this func to set the fid in crfid to valid
903 * cached root, so increment the refcount.
904 */
905 kref_get(&tcon->crfid.refcount);
906
907 mutex_unlock(&tcon->crfid.fid_mutex);
908
909 if (rc == 0) {
910 /* close extra handle outside of crit sec */
911 SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
912 }
913 rc = 0;
914 goto oshr_free;
915 }
916
917 /* Cached root is still invalid, continue normaly */
918
919 if (rc) {
920 if (rc == -EREMCHG) {
921 tcon->need_reconnect = true;
922 pr_warn_once("server share %s deleted\n",
923 tcon->treeName);
924 }
925 goto oshr_exit;
926 }
927
928 atomic_inc(&tcon->num_remote_opens);
929
930 o_rsp = (struct smb2_create_rsp *)rsp_iov[0].iov_base;
931 oparms.fid->persistent_fid = o_rsp->PersistentFileId;
932 oparms.fid->volatile_fid = o_rsp->VolatileFileId;
933 #ifdef CONFIG_CIFS_DEBUG2
934 oparms.fid->mid = le64_to_cpu(o_rsp->hdr.MessageId);
935 #endif /* CIFS_DEBUG2 */
936
937 tcon->crfid.tcon = tcon;
938 tcon->crfid.is_valid = true;
939 tcon->crfid.dentry = dentry;
940 dget(dentry);
941 kref_init(&tcon->crfid.refcount);
942
943 /* BB TBD check to see if oplock level check can be removed below */
944 if (o_rsp->OplockLevel == SMB2_OPLOCK_LEVEL_LEASE) {
945 /*
946 * See commit 2f94a3125b87. Increment the refcount when we
947 * get a lease for root, release it if lease break occurs
948 */
949 kref_get(&tcon->crfid.refcount);
950 tcon->crfid.has_lease = true;
951 smb2_parse_contexts(server, o_rsp,
952 &oparms.fid->epoch,
953 oparms.fid->lease_key, &oplock,
954 NULL, NULL);
955 } else
956 goto oshr_exit;
957
958 qi_rsp = (struct smb2_query_info_rsp *)rsp_iov[1].iov_base;
959 if (le32_to_cpu(qi_rsp->OutputBufferLength) < sizeof(struct smb2_file_all_info))
960 goto oshr_exit;
961 if (!smb2_validate_and_copy_iov(
962 le16_to_cpu(qi_rsp->OutputBufferOffset),
963 sizeof(struct smb2_file_all_info),
964 &rsp_iov[1], sizeof(struct smb2_file_all_info),
965 (char *)&tcon->crfid.file_all_info))
966 tcon->crfid.file_all_info_is_valid = true;
967 tcon->crfid.time = jiffies;
968
969
970 oshr_exit:
971 mutex_unlock(&tcon->crfid.fid_mutex);
972 oshr_free:
973 SMB2_open_free(&rqst[0]);
974 SMB2_query_info_free(&rqst[1]);
975 free_rsp_buf(resp_buftype[0], rsp_iov[0].iov_base);
976 free_rsp_buf(resp_buftype[1], rsp_iov[1].iov_base);
977 if (rc == 0)
978 *cfid = &tcon->crfid;
979 return rc;
980 }
981
open_cached_dir_by_dentry(struct cifs_tcon * tcon,struct dentry * dentry,struct cached_fid ** cfid)982 int open_cached_dir_by_dentry(struct cifs_tcon *tcon,
983 struct dentry *dentry,
984 struct cached_fid **cfid)
985 {
986 mutex_lock(&tcon->crfid.fid_mutex);
987 if (tcon->crfid.dentry == dentry) {
988 cifs_dbg(FYI, "found a cached root file handle by dentry\n");
989 *cfid = &tcon->crfid;
990 kref_get(&tcon->crfid.refcount);
991 mutex_unlock(&tcon->crfid.fid_mutex);
992 return 0;
993 }
994 mutex_unlock(&tcon->crfid.fid_mutex);
995 return -ENOENT;
996 }
997
998 static void
smb3_qfs_tcon(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb)999 smb3_qfs_tcon(const unsigned int xid, struct cifs_tcon *tcon,
1000 struct cifs_sb_info *cifs_sb)
1001 {
1002 int rc;
1003 __le16 srch_path = 0; /* Null - open root of share */
1004 u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
1005 struct cifs_open_parms oparms;
1006 struct cifs_fid fid;
1007 struct cached_fid *cfid = NULL;
1008
1009 oparms.tcon = tcon;
1010 oparms.desired_access = FILE_READ_ATTRIBUTES;
1011 oparms.disposition = FILE_OPEN;
1012 oparms.create_options = cifs_create_options(cifs_sb, 0);
1013 oparms.fid = &fid;
1014 oparms.reconnect = false;
1015
1016 rc = open_cached_dir(xid, tcon, "", cifs_sb, &cfid);
1017 if (rc == 0)
1018 memcpy(&fid, cfid->fid, sizeof(struct cifs_fid));
1019 else
1020 rc = SMB2_open(xid, &oparms, &srch_path, &oplock, NULL, NULL,
1021 NULL, NULL);
1022 if (rc)
1023 return;
1024
1025 SMB3_request_interfaces(xid, tcon);
1026
1027 SMB2_QFS_attr(xid, tcon, fid.persistent_fid, fid.volatile_fid,
1028 FS_ATTRIBUTE_INFORMATION);
1029 SMB2_QFS_attr(xid, tcon, fid.persistent_fid, fid.volatile_fid,
1030 FS_DEVICE_INFORMATION);
1031 SMB2_QFS_attr(xid, tcon, fid.persistent_fid, fid.volatile_fid,
1032 FS_VOLUME_INFORMATION);
1033 SMB2_QFS_attr(xid, tcon, fid.persistent_fid, fid.volatile_fid,
1034 FS_SECTOR_SIZE_INFORMATION); /* SMB3 specific */
1035 if (cfid == NULL)
1036 SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
1037 else
1038 close_cached_dir(cfid);
1039 }
1040
1041 static void
smb2_qfs_tcon(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb)1042 smb2_qfs_tcon(const unsigned int xid, struct cifs_tcon *tcon,
1043 struct cifs_sb_info *cifs_sb)
1044 {
1045 int rc;
1046 __le16 srch_path = 0; /* Null - open root of share */
1047 u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
1048 struct cifs_open_parms oparms;
1049 struct cifs_fid fid;
1050
1051 oparms.tcon = tcon;
1052 oparms.desired_access = FILE_READ_ATTRIBUTES;
1053 oparms.disposition = FILE_OPEN;
1054 oparms.create_options = cifs_create_options(cifs_sb, 0);
1055 oparms.fid = &fid;
1056 oparms.reconnect = false;
1057
1058 rc = SMB2_open(xid, &oparms, &srch_path, &oplock, NULL, NULL,
1059 NULL, NULL);
1060 if (rc)
1061 return;
1062
1063 SMB2_QFS_attr(xid, tcon, fid.persistent_fid, fid.volatile_fid,
1064 FS_ATTRIBUTE_INFORMATION);
1065 SMB2_QFS_attr(xid, tcon, fid.persistent_fid, fid.volatile_fid,
1066 FS_DEVICE_INFORMATION);
1067 SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
1068 }
1069
1070 static int
smb2_is_path_accessible(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,const char * full_path)1071 smb2_is_path_accessible(const unsigned int xid, struct cifs_tcon *tcon,
1072 struct cifs_sb_info *cifs_sb, const char *full_path)
1073 {
1074 int rc;
1075 __le16 *utf16_path;
1076 __u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
1077 struct cifs_open_parms oparms;
1078 struct cifs_fid fid;
1079
1080 if ((*full_path == 0) && tcon->crfid.is_valid)
1081 return 0;
1082
1083 utf16_path = cifs_convert_path_to_utf16(full_path, cifs_sb);
1084 if (!utf16_path)
1085 return -ENOMEM;
1086
1087 oparms.tcon = tcon;
1088 oparms.desired_access = FILE_READ_ATTRIBUTES;
1089 oparms.disposition = FILE_OPEN;
1090 oparms.create_options = cifs_create_options(cifs_sb, 0);
1091 oparms.fid = &fid;
1092 oparms.reconnect = false;
1093
1094 rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, NULL, NULL,
1095 NULL);
1096 if (rc) {
1097 kfree(utf16_path);
1098 return rc;
1099 }
1100
1101 rc = SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
1102 kfree(utf16_path);
1103 return rc;
1104 }
1105
1106 static int
smb2_get_srv_inum(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,const char * full_path,u64 * uniqueid,FILE_ALL_INFO * data)1107 smb2_get_srv_inum(const unsigned int xid, struct cifs_tcon *tcon,
1108 struct cifs_sb_info *cifs_sb, const char *full_path,
1109 u64 *uniqueid, FILE_ALL_INFO *data)
1110 {
1111 *uniqueid = le64_to_cpu(data->IndexNumber);
1112 return 0;
1113 }
1114
1115 static int
smb2_query_file_info(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_fid * fid,FILE_ALL_INFO * data)1116 smb2_query_file_info(const unsigned int xid, struct cifs_tcon *tcon,
1117 struct cifs_fid *fid, FILE_ALL_INFO *data)
1118 {
1119 int rc;
1120 struct smb2_file_all_info *smb2_data;
1121
1122 smb2_data = kzalloc(sizeof(struct smb2_file_all_info) + PATH_MAX * 2,
1123 GFP_KERNEL);
1124 if (smb2_data == NULL)
1125 return -ENOMEM;
1126
1127 rc = SMB2_query_info(xid, tcon, fid->persistent_fid, fid->volatile_fid,
1128 smb2_data);
1129 if (!rc)
1130 move_smb2_info_to_cifs(data, smb2_data);
1131 kfree(smb2_data);
1132 return rc;
1133 }
1134
1135 #ifdef CONFIG_CIFS_XATTR
1136 static ssize_t
move_smb2_ea_to_cifs(char * dst,size_t dst_size,struct smb2_file_full_ea_info * src,size_t src_size,const unsigned char * ea_name)1137 move_smb2_ea_to_cifs(char *dst, size_t dst_size,
1138 struct smb2_file_full_ea_info *src, size_t src_size,
1139 const unsigned char *ea_name)
1140 {
1141 int rc = 0;
1142 unsigned int ea_name_len = ea_name ? strlen(ea_name) : 0;
1143 char *name, *value;
1144 size_t buf_size = dst_size;
1145 size_t name_len, value_len, user_name_len;
1146
1147 while (src_size > 0) {
1148 name_len = (size_t)src->ea_name_length;
1149 value_len = (size_t)le16_to_cpu(src->ea_value_length);
1150
1151 if (name_len == 0)
1152 break;
1153
1154 if (src_size < 8 + name_len + 1 + value_len) {
1155 cifs_dbg(FYI, "EA entry goes beyond length of list\n");
1156 rc = -EIO;
1157 goto out;
1158 }
1159
1160 name = &src->ea_data[0];
1161 value = &src->ea_data[src->ea_name_length + 1];
1162
1163 if (ea_name) {
1164 if (ea_name_len == name_len &&
1165 memcmp(ea_name, name, name_len) == 0) {
1166 rc = value_len;
1167 if (dst_size == 0)
1168 goto out;
1169 if (dst_size < value_len) {
1170 rc = -ERANGE;
1171 goto out;
1172 }
1173 memcpy(dst, value, value_len);
1174 goto out;
1175 }
1176 } else {
1177 /* 'user.' plus a terminating null */
1178 user_name_len = 5 + 1 + name_len;
1179
1180 if (buf_size == 0) {
1181 /* skip copy - calc size only */
1182 rc += user_name_len;
1183 } else if (dst_size >= user_name_len) {
1184 dst_size -= user_name_len;
1185 memcpy(dst, "user.", 5);
1186 dst += 5;
1187 memcpy(dst, src->ea_data, name_len);
1188 dst += name_len;
1189 *dst = 0;
1190 ++dst;
1191 rc += user_name_len;
1192 } else {
1193 /* stop before overrun buffer */
1194 rc = -ERANGE;
1195 break;
1196 }
1197 }
1198
1199 if (!src->next_entry_offset)
1200 break;
1201
1202 if (src_size < le32_to_cpu(src->next_entry_offset)) {
1203 /* stop before overrun buffer */
1204 rc = -ERANGE;
1205 break;
1206 }
1207 src_size -= le32_to_cpu(src->next_entry_offset);
1208 src = (void *)((char *)src +
1209 le32_to_cpu(src->next_entry_offset));
1210 }
1211
1212 /* didn't find the named attribute */
1213 if (ea_name)
1214 rc = -ENODATA;
1215
1216 out:
1217 return (ssize_t)rc;
1218 }
1219
1220 static ssize_t
smb2_query_eas(const unsigned int xid,struct cifs_tcon * tcon,const unsigned char * path,const unsigned char * ea_name,char * ea_data,size_t buf_size,struct cifs_sb_info * cifs_sb)1221 smb2_query_eas(const unsigned int xid, struct cifs_tcon *tcon,
1222 const unsigned char *path, const unsigned char *ea_name,
1223 char *ea_data, size_t buf_size,
1224 struct cifs_sb_info *cifs_sb)
1225 {
1226 int rc;
1227 struct kvec rsp_iov = {NULL, 0};
1228 int buftype = CIFS_NO_BUFFER;
1229 struct smb2_query_info_rsp *rsp;
1230 struct smb2_file_full_ea_info *info = NULL;
1231
1232 rc = smb2_query_info_compound(xid, tcon, path,
1233 FILE_READ_EA,
1234 FILE_FULL_EA_INFORMATION,
1235 SMB2_O_INFO_FILE,
1236 CIFSMaxBufSize -
1237 MAX_SMB2_CREATE_RESPONSE_SIZE -
1238 MAX_SMB2_CLOSE_RESPONSE_SIZE,
1239 &rsp_iov, &buftype, cifs_sb);
1240 if (rc) {
1241 /*
1242 * If ea_name is NULL (listxattr) and there are no EAs,
1243 * return 0 as it's not an error. Otherwise, the specified
1244 * ea_name was not found.
1245 */
1246 if (!ea_name && rc == -ENODATA)
1247 rc = 0;
1248 goto qeas_exit;
1249 }
1250
1251 rsp = (struct smb2_query_info_rsp *)rsp_iov.iov_base;
1252 rc = smb2_validate_iov(le16_to_cpu(rsp->OutputBufferOffset),
1253 le32_to_cpu(rsp->OutputBufferLength),
1254 &rsp_iov,
1255 sizeof(struct smb2_file_full_ea_info));
1256 if (rc)
1257 goto qeas_exit;
1258
1259 info = (struct smb2_file_full_ea_info *)(
1260 le16_to_cpu(rsp->OutputBufferOffset) + (char *)rsp);
1261 rc = move_smb2_ea_to_cifs(ea_data, buf_size, info,
1262 le32_to_cpu(rsp->OutputBufferLength), ea_name);
1263
1264 qeas_exit:
1265 free_rsp_buf(buftype, rsp_iov.iov_base);
1266 return rc;
1267 }
1268
1269
1270 static int
smb2_set_ea(const unsigned int xid,struct cifs_tcon * tcon,const char * path,const char * ea_name,const void * ea_value,const __u16 ea_value_len,const struct nls_table * nls_codepage,struct cifs_sb_info * cifs_sb)1271 smb2_set_ea(const unsigned int xid, struct cifs_tcon *tcon,
1272 const char *path, const char *ea_name, const void *ea_value,
1273 const __u16 ea_value_len, const struct nls_table *nls_codepage,
1274 struct cifs_sb_info *cifs_sb)
1275 {
1276 struct cifs_ses *ses = tcon->ses;
1277 struct TCP_Server_Info *server = cifs_pick_channel(ses);
1278 __le16 *utf16_path = NULL;
1279 int ea_name_len = strlen(ea_name);
1280 int flags = CIFS_CP_CREATE_CLOSE_OP;
1281 int len;
1282 struct smb_rqst rqst[3];
1283 int resp_buftype[3];
1284 struct kvec rsp_iov[3];
1285 struct kvec open_iov[SMB2_CREATE_IOV_SIZE];
1286 struct cifs_open_parms oparms;
1287 __u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
1288 struct cifs_fid fid;
1289 struct kvec si_iov[SMB2_SET_INFO_IOV_SIZE];
1290 unsigned int size[1];
1291 void *data[1];
1292 struct smb2_file_full_ea_info *ea = NULL;
1293 struct kvec close_iov[1];
1294 struct smb2_query_info_rsp *rsp;
1295 int rc, used_len = 0;
1296
1297 if (smb3_encryption_required(tcon))
1298 flags |= CIFS_TRANSFORM_REQ;
1299
1300 if (ea_name_len > 255)
1301 return -EINVAL;
1302
1303 utf16_path = cifs_convert_path_to_utf16(path, cifs_sb);
1304 if (!utf16_path)
1305 return -ENOMEM;
1306
1307 memset(rqst, 0, sizeof(rqst));
1308 resp_buftype[0] = resp_buftype[1] = resp_buftype[2] = CIFS_NO_BUFFER;
1309 memset(rsp_iov, 0, sizeof(rsp_iov));
1310
1311 if (ses->server->ops->query_all_EAs) {
1312 if (!ea_value) {
1313 rc = ses->server->ops->query_all_EAs(xid, tcon, path,
1314 ea_name, NULL, 0,
1315 cifs_sb);
1316 if (rc == -ENODATA)
1317 goto sea_exit;
1318 } else {
1319 /* If we are adding a attribute we should first check
1320 * if there will be enough space available to store
1321 * the new EA. If not we should not add it since we
1322 * would not be able to even read the EAs back.
1323 */
1324 rc = smb2_query_info_compound(xid, tcon, path,
1325 FILE_READ_EA,
1326 FILE_FULL_EA_INFORMATION,
1327 SMB2_O_INFO_FILE,
1328 CIFSMaxBufSize -
1329 MAX_SMB2_CREATE_RESPONSE_SIZE -
1330 MAX_SMB2_CLOSE_RESPONSE_SIZE,
1331 &rsp_iov[1], &resp_buftype[1], cifs_sb);
1332 if (rc == 0) {
1333 rsp = (struct smb2_query_info_rsp *)rsp_iov[1].iov_base;
1334 used_len = le32_to_cpu(rsp->OutputBufferLength);
1335 }
1336 free_rsp_buf(resp_buftype[1], rsp_iov[1].iov_base);
1337 resp_buftype[1] = CIFS_NO_BUFFER;
1338 memset(&rsp_iov[1], 0, sizeof(rsp_iov[1]));
1339 rc = 0;
1340
1341 /* Use a fudge factor of 256 bytes in case we collide
1342 * with a different set_EAs command.
1343 */
1344 if(CIFSMaxBufSize - MAX_SMB2_CREATE_RESPONSE_SIZE -
1345 MAX_SMB2_CLOSE_RESPONSE_SIZE - 256 <
1346 used_len + ea_name_len + ea_value_len + 1) {
1347 rc = -ENOSPC;
1348 goto sea_exit;
1349 }
1350 }
1351 }
1352
1353 /* Open */
1354 memset(&open_iov, 0, sizeof(open_iov));
1355 rqst[0].rq_iov = open_iov;
1356 rqst[0].rq_nvec = SMB2_CREATE_IOV_SIZE;
1357
1358 memset(&oparms, 0, sizeof(oparms));
1359 oparms.tcon = tcon;
1360 oparms.desired_access = FILE_WRITE_EA;
1361 oparms.disposition = FILE_OPEN;
1362 oparms.create_options = cifs_create_options(cifs_sb, 0);
1363 oparms.fid = &fid;
1364 oparms.reconnect = false;
1365
1366 rc = SMB2_open_init(tcon, server,
1367 &rqst[0], &oplock, &oparms, utf16_path);
1368 if (rc)
1369 goto sea_exit;
1370 smb2_set_next_command(tcon, &rqst[0]);
1371
1372
1373 /* Set Info */
1374 memset(&si_iov, 0, sizeof(si_iov));
1375 rqst[1].rq_iov = si_iov;
1376 rqst[1].rq_nvec = 1;
1377
1378 len = sizeof(*ea) + ea_name_len + ea_value_len + 1;
1379 ea = kzalloc(len, GFP_KERNEL);
1380 if (ea == NULL) {
1381 rc = -ENOMEM;
1382 goto sea_exit;
1383 }
1384
1385 ea->ea_name_length = ea_name_len;
1386 ea->ea_value_length = cpu_to_le16(ea_value_len);
1387 memcpy(ea->ea_data, ea_name, ea_name_len + 1);
1388 memcpy(ea->ea_data + ea_name_len + 1, ea_value, ea_value_len);
1389
1390 size[0] = len;
1391 data[0] = ea;
1392
1393 rc = SMB2_set_info_init(tcon, server,
1394 &rqst[1], COMPOUND_FID,
1395 COMPOUND_FID, current->tgid,
1396 FILE_FULL_EA_INFORMATION,
1397 SMB2_O_INFO_FILE, 0, data, size);
1398 smb2_set_next_command(tcon, &rqst[1]);
1399 smb2_set_related(&rqst[1]);
1400
1401
1402 /* Close */
1403 memset(&close_iov, 0, sizeof(close_iov));
1404 rqst[2].rq_iov = close_iov;
1405 rqst[2].rq_nvec = 1;
1406 rc = SMB2_close_init(tcon, server,
1407 &rqst[2], COMPOUND_FID, COMPOUND_FID, false);
1408 smb2_set_related(&rqst[2]);
1409
1410 rc = compound_send_recv(xid, ses, server,
1411 flags, 3, rqst,
1412 resp_buftype, rsp_iov);
1413 /* no need to bump num_remote_opens because handle immediately closed */
1414
1415 sea_exit:
1416 kfree(ea);
1417 kfree(utf16_path);
1418 SMB2_open_free(&rqst[0]);
1419 SMB2_set_info_free(&rqst[1]);
1420 SMB2_close_free(&rqst[2]);
1421 free_rsp_buf(resp_buftype[0], rsp_iov[0].iov_base);
1422 free_rsp_buf(resp_buftype[1], rsp_iov[1].iov_base);
1423 free_rsp_buf(resp_buftype[2], rsp_iov[2].iov_base);
1424 return rc;
1425 }
1426 #endif
1427
1428 static bool
smb2_can_echo(struct TCP_Server_Info * server)1429 smb2_can_echo(struct TCP_Server_Info *server)
1430 {
1431 return server->echoes;
1432 }
1433
1434 static void
smb2_clear_stats(struct cifs_tcon * tcon)1435 smb2_clear_stats(struct cifs_tcon *tcon)
1436 {
1437 int i;
1438
1439 for (i = 0; i < NUMBER_OF_SMB2_COMMANDS; i++) {
1440 atomic_set(&tcon->stats.smb2_stats.smb2_com_sent[i], 0);
1441 atomic_set(&tcon->stats.smb2_stats.smb2_com_failed[i], 0);
1442 }
1443 }
1444
1445 static void
smb2_dump_share_caps(struct seq_file * m,struct cifs_tcon * tcon)1446 smb2_dump_share_caps(struct seq_file *m, struct cifs_tcon *tcon)
1447 {
1448 seq_puts(m, "\n\tShare Capabilities:");
1449 if (tcon->capabilities & SMB2_SHARE_CAP_DFS)
1450 seq_puts(m, " DFS,");
1451 if (tcon->capabilities & SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY)
1452 seq_puts(m, " CONTINUOUS AVAILABILITY,");
1453 if (tcon->capabilities & SMB2_SHARE_CAP_SCALEOUT)
1454 seq_puts(m, " SCALEOUT,");
1455 if (tcon->capabilities & SMB2_SHARE_CAP_CLUSTER)
1456 seq_puts(m, " CLUSTER,");
1457 if (tcon->capabilities & SMB2_SHARE_CAP_ASYMMETRIC)
1458 seq_puts(m, " ASYMMETRIC,");
1459 if (tcon->capabilities == 0)
1460 seq_puts(m, " None");
1461 if (tcon->ss_flags & SSINFO_FLAGS_ALIGNED_DEVICE)
1462 seq_puts(m, " Aligned,");
1463 if (tcon->ss_flags & SSINFO_FLAGS_PARTITION_ALIGNED_ON_DEVICE)
1464 seq_puts(m, " Partition Aligned,");
1465 if (tcon->ss_flags & SSINFO_FLAGS_NO_SEEK_PENALTY)
1466 seq_puts(m, " SSD,");
1467 if (tcon->ss_flags & SSINFO_FLAGS_TRIM_ENABLED)
1468 seq_puts(m, " TRIM-support,");
1469
1470 seq_printf(m, "\tShare Flags: 0x%x", tcon->share_flags);
1471 seq_printf(m, "\n\ttid: 0x%x", tcon->tid);
1472 if (tcon->perf_sector_size)
1473 seq_printf(m, "\tOptimal sector size: 0x%x",
1474 tcon->perf_sector_size);
1475 seq_printf(m, "\tMaximal Access: 0x%x", tcon->maximal_access);
1476 }
1477
1478 static void
smb2_print_stats(struct seq_file * m,struct cifs_tcon * tcon)1479 smb2_print_stats(struct seq_file *m, struct cifs_tcon *tcon)
1480 {
1481 atomic_t *sent = tcon->stats.smb2_stats.smb2_com_sent;
1482 atomic_t *failed = tcon->stats.smb2_stats.smb2_com_failed;
1483
1484 /*
1485 * Can't display SMB2_NEGOTIATE, SESSION_SETUP, LOGOFF, CANCEL and ECHO
1486 * totals (requests sent) since those SMBs are per-session not per tcon
1487 */
1488 seq_printf(m, "\nBytes read: %llu Bytes written: %llu",
1489 (long long)(tcon->bytes_read),
1490 (long long)(tcon->bytes_written));
1491 seq_printf(m, "\nOpen files: %d total (local), %d open on server",
1492 atomic_read(&tcon->num_local_opens),
1493 atomic_read(&tcon->num_remote_opens));
1494 seq_printf(m, "\nTreeConnects: %d total %d failed",
1495 atomic_read(&sent[SMB2_TREE_CONNECT_HE]),
1496 atomic_read(&failed[SMB2_TREE_CONNECT_HE]));
1497 seq_printf(m, "\nTreeDisconnects: %d total %d failed",
1498 atomic_read(&sent[SMB2_TREE_DISCONNECT_HE]),
1499 atomic_read(&failed[SMB2_TREE_DISCONNECT_HE]));
1500 seq_printf(m, "\nCreates: %d total %d failed",
1501 atomic_read(&sent[SMB2_CREATE_HE]),
1502 atomic_read(&failed[SMB2_CREATE_HE]));
1503 seq_printf(m, "\nCloses: %d total %d failed",
1504 atomic_read(&sent[SMB2_CLOSE_HE]),
1505 atomic_read(&failed[SMB2_CLOSE_HE]));
1506 seq_printf(m, "\nFlushes: %d total %d failed",
1507 atomic_read(&sent[SMB2_FLUSH_HE]),
1508 atomic_read(&failed[SMB2_FLUSH_HE]));
1509 seq_printf(m, "\nReads: %d total %d failed",
1510 atomic_read(&sent[SMB2_READ_HE]),
1511 atomic_read(&failed[SMB2_READ_HE]));
1512 seq_printf(m, "\nWrites: %d total %d failed",
1513 atomic_read(&sent[SMB2_WRITE_HE]),
1514 atomic_read(&failed[SMB2_WRITE_HE]));
1515 seq_printf(m, "\nLocks: %d total %d failed",
1516 atomic_read(&sent[SMB2_LOCK_HE]),
1517 atomic_read(&failed[SMB2_LOCK_HE]));
1518 seq_printf(m, "\nIOCTLs: %d total %d failed",
1519 atomic_read(&sent[SMB2_IOCTL_HE]),
1520 atomic_read(&failed[SMB2_IOCTL_HE]));
1521 seq_printf(m, "\nQueryDirectories: %d total %d failed",
1522 atomic_read(&sent[SMB2_QUERY_DIRECTORY_HE]),
1523 atomic_read(&failed[SMB2_QUERY_DIRECTORY_HE]));
1524 seq_printf(m, "\nChangeNotifies: %d total %d failed",
1525 atomic_read(&sent[SMB2_CHANGE_NOTIFY_HE]),
1526 atomic_read(&failed[SMB2_CHANGE_NOTIFY_HE]));
1527 seq_printf(m, "\nQueryInfos: %d total %d failed",
1528 atomic_read(&sent[SMB2_QUERY_INFO_HE]),
1529 atomic_read(&failed[SMB2_QUERY_INFO_HE]));
1530 seq_printf(m, "\nSetInfos: %d total %d failed",
1531 atomic_read(&sent[SMB2_SET_INFO_HE]),
1532 atomic_read(&failed[SMB2_SET_INFO_HE]));
1533 seq_printf(m, "\nOplockBreaks: %d sent %d failed",
1534 atomic_read(&sent[SMB2_OPLOCK_BREAK_HE]),
1535 atomic_read(&failed[SMB2_OPLOCK_BREAK_HE]));
1536 }
1537
1538 static void
smb2_set_fid(struct cifsFileInfo * cfile,struct cifs_fid * fid,__u32 oplock)1539 smb2_set_fid(struct cifsFileInfo *cfile, struct cifs_fid *fid, __u32 oplock)
1540 {
1541 struct cifsInodeInfo *cinode = CIFS_I(d_inode(cfile->dentry));
1542 struct TCP_Server_Info *server = tlink_tcon(cfile->tlink)->ses->server;
1543
1544 cfile->fid.persistent_fid = fid->persistent_fid;
1545 cfile->fid.volatile_fid = fid->volatile_fid;
1546 cfile->fid.access = fid->access;
1547 #ifdef CONFIG_CIFS_DEBUG2
1548 cfile->fid.mid = fid->mid;
1549 #endif /* CIFS_DEBUG2 */
1550 server->ops->set_oplock_level(cinode, oplock, fid->epoch,
1551 &fid->purge_cache);
1552 cinode->can_cache_brlcks = CIFS_CACHE_WRITE(cinode);
1553 memcpy(cfile->fid.create_guid, fid->create_guid, 16);
1554 }
1555
1556 static void
smb2_close_file(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_fid * fid)1557 smb2_close_file(const unsigned int xid, struct cifs_tcon *tcon,
1558 struct cifs_fid *fid)
1559 {
1560 SMB2_close(xid, tcon, fid->persistent_fid, fid->volatile_fid);
1561 }
1562
1563 static void
smb2_close_getattr(const unsigned int xid,struct cifs_tcon * tcon,struct cifsFileInfo * cfile)1564 smb2_close_getattr(const unsigned int xid, struct cifs_tcon *tcon,
1565 struct cifsFileInfo *cfile)
1566 {
1567 struct smb2_file_network_open_info file_inf;
1568 struct inode *inode;
1569 int rc;
1570
1571 rc = __SMB2_close(xid, tcon, cfile->fid.persistent_fid,
1572 cfile->fid.volatile_fid, &file_inf);
1573 if (rc)
1574 return;
1575
1576 inode = d_inode(cfile->dentry);
1577
1578 spin_lock(&inode->i_lock);
1579 CIFS_I(inode)->time = jiffies;
1580
1581 /* Creation time should not need to be updated on close */
1582 if (file_inf.LastWriteTime)
1583 inode->i_mtime = cifs_NTtimeToUnix(file_inf.LastWriteTime);
1584 if (file_inf.ChangeTime)
1585 inode->i_ctime = cifs_NTtimeToUnix(file_inf.ChangeTime);
1586 if (file_inf.LastAccessTime)
1587 inode->i_atime = cifs_NTtimeToUnix(file_inf.LastAccessTime);
1588
1589 /*
1590 * i_blocks is not related to (i_size / i_blksize),
1591 * but instead 512 byte (2**9) size is required for
1592 * calculating num blocks.
1593 */
1594 if (le64_to_cpu(file_inf.AllocationSize) > 4096)
1595 inode->i_blocks =
1596 (512 - 1 + le64_to_cpu(file_inf.AllocationSize)) >> 9;
1597
1598 /* End of file and Attributes should not have to be updated on close */
1599 spin_unlock(&inode->i_lock);
1600 }
1601
1602 static int
SMB2_request_res_key(const unsigned int xid,struct cifs_tcon * tcon,u64 persistent_fid,u64 volatile_fid,struct copychunk_ioctl * pcchunk)1603 SMB2_request_res_key(const unsigned int xid, struct cifs_tcon *tcon,
1604 u64 persistent_fid, u64 volatile_fid,
1605 struct copychunk_ioctl *pcchunk)
1606 {
1607 int rc;
1608 unsigned int ret_data_len;
1609 struct resume_key_req *res_key;
1610
1611 rc = SMB2_ioctl(xid, tcon, persistent_fid, volatile_fid,
1612 FSCTL_SRV_REQUEST_RESUME_KEY, NULL, 0 /* no input */,
1613 CIFSMaxBufSize, (char **)&res_key, &ret_data_len);
1614
1615 if (rc == -EOPNOTSUPP) {
1616 pr_warn_once("Server share %s does not support copy range\n", tcon->treeName);
1617 goto req_res_key_exit;
1618 } else if (rc) {
1619 cifs_tcon_dbg(VFS, "refcpy ioctl error %d getting resume key\n", rc);
1620 goto req_res_key_exit;
1621 }
1622 if (ret_data_len < sizeof(struct resume_key_req)) {
1623 cifs_tcon_dbg(VFS, "Invalid refcopy resume key length\n");
1624 rc = -EINVAL;
1625 goto req_res_key_exit;
1626 }
1627 memcpy(pcchunk->SourceKey, res_key->ResumeKey, COPY_CHUNK_RES_KEY_SIZE);
1628
1629 req_res_key_exit:
1630 kfree(res_key);
1631 return rc;
1632 }
1633
1634 struct iqi_vars {
1635 struct smb_rqst rqst[3];
1636 struct kvec rsp_iov[3];
1637 struct kvec open_iov[SMB2_CREATE_IOV_SIZE];
1638 struct kvec qi_iov[1];
1639 struct kvec io_iov[SMB2_IOCTL_IOV_SIZE];
1640 struct kvec si_iov[SMB2_SET_INFO_IOV_SIZE];
1641 struct kvec close_iov[1];
1642 };
1643
1644 static int
smb2_ioctl_query_info(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,__le16 * path,int is_dir,unsigned long p)1645 smb2_ioctl_query_info(const unsigned int xid,
1646 struct cifs_tcon *tcon,
1647 struct cifs_sb_info *cifs_sb,
1648 __le16 *path, int is_dir,
1649 unsigned long p)
1650 {
1651 struct iqi_vars *vars;
1652 struct smb_rqst *rqst;
1653 struct kvec *rsp_iov;
1654 struct cifs_ses *ses = tcon->ses;
1655 struct TCP_Server_Info *server = cifs_pick_channel(ses);
1656 char __user *arg = (char __user *)p;
1657 struct smb_query_info qi;
1658 struct smb_query_info __user *pqi;
1659 int rc = 0;
1660 int flags = CIFS_CP_CREATE_CLOSE_OP;
1661 struct smb2_query_info_rsp *qi_rsp = NULL;
1662 struct smb2_ioctl_rsp *io_rsp = NULL;
1663 void *buffer = NULL;
1664 int resp_buftype[3];
1665 struct cifs_open_parms oparms;
1666 u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
1667 struct cifs_fid fid;
1668 unsigned int size[2];
1669 void *data[2];
1670 int create_options = is_dir ? CREATE_NOT_FILE : CREATE_NOT_DIR;
1671 void (*free_req1_func)(struct smb_rqst *r);
1672
1673 vars = kzalloc(sizeof(*vars), GFP_ATOMIC);
1674 if (vars == NULL)
1675 return -ENOMEM;
1676 rqst = &vars->rqst[0];
1677 rsp_iov = &vars->rsp_iov[0];
1678
1679 resp_buftype[0] = resp_buftype[1] = resp_buftype[2] = CIFS_NO_BUFFER;
1680
1681 if (copy_from_user(&qi, arg, sizeof(struct smb_query_info))) {
1682 rc = -EFAULT;
1683 goto free_vars;
1684 }
1685 if (qi.output_buffer_length > 1024) {
1686 rc = -EINVAL;
1687 goto free_vars;
1688 }
1689
1690 if (!ses || !server) {
1691 rc = -EIO;
1692 goto free_vars;
1693 }
1694
1695 if (smb3_encryption_required(tcon))
1696 flags |= CIFS_TRANSFORM_REQ;
1697
1698 if (qi.output_buffer_length) {
1699 buffer = memdup_user(arg + sizeof(struct smb_query_info), qi.output_buffer_length);
1700 if (IS_ERR(buffer)) {
1701 rc = PTR_ERR(buffer);
1702 goto free_vars;
1703 }
1704 }
1705
1706 /* Open */
1707 rqst[0].rq_iov = &vars->open_iov[0];
1708 rqst[0].rq_nvec = SMB2_CREATE_IOV_SIZE;
1709
1710 memset(&oparms, 0, sizeof(oparms));
1711 oparms.tcon = tcon;
1712 oparms.disposition = FILE_OPEN;
1713 oparms.create_options = cifs_create_options(cifs_sb, create_options);
1714 oparms.fid = &fid;
1715 oparms.reconnect = false;
1716
1717 if (qi.flags & PASSTHRU_FSCTL) {
1718 switch (qi.info_type & FSCTL_DEVICE_ACCESS_MASK) {
1719 case FSCTL_DEVICE_ACCESS_FILE_READ_WRITE_ACCESS:
1720 oparms.desired_access = FILE_READ_DATA | FILE_WRITE_DATA | FILE_READ_ATTRIBUTES | SYNCHRONIZE;
1721 break;
1722 case FSCTL_DEVICE_ACCESS_FILE_ANY_ACCESS:
1723 oparms.desired_access = GENERIC_ALL;
1724 break;
1725 case FSCTL_DEVICE_ACCESS_FILE_READ_ACCESS:
1726 oparms.desired_access = GENERIC_READ;
1727 break;
1728 case FSCTL_DEVICE_ACCESS_FILE_WRITE_ACCESS:
1729 oparms.desired_access = GENERIC_WRITE;
1730 break;
1731 }
1732 } else if (qi.flags & PASSTHRU_SET_INFO) {
1733 oparms.desired_access = GENERIC_WRITE;
1734 } else {
1735 oparms.desired_access = FILE_READ_ATTRIBUTES | READ_CONTROL;
1736 }
1737
1738 rc = SMB2_open_init(tcon, server,
1739 &rqst[0], &oplock, &oparms, path);
1740 if (rc)
1741 goto free_output_buffer;
1742 smb2_set_next_command(tcon, &rqst[0]);
1743
1744 /* Query */
1745 if (qi.flags & PASSTHRU_FSCTL) {
1746 /* Can eventually relax perm check since server enforces too */
1747 if (!capable(CAP_SYS_ADMIN)) {
1748 rc = -EPERM;
1749 goto free_open_req;
1750 }
1751 rqst[1].rq_iov = &vars->io_iov[0];
1752 rqst[1].rq_nvec = SMB2_IOCTL_IOV_SIZE;
1753
1754 rc = SMB2_ioctl_init(tcon, server, &rqst[1], COMPOUND_FID, COMPOUND_FID,
1755 qi.info_type, buffer, qi.output_buffer_length,
1756 CIFSMaxBufSize - MAX_SMB2_CREATE_RESPONSE_SIZE -
1757 MAX_SMB2_CLOSE_RESPONSE_SIZE);
1758 free_req1_func = SMB2_ioctl_free;
1759 } else if (qi.flags == PASSTHRU_SET_INFO) {
1760 /* Can eventually relax perm check since server enforces too */
1761 if (!capable(CAP_SYS_ADMIN)) {
1762 rc = -EPERM;
1763 goto free_open_req;
1764 }
1765 if (qi.output_buffer_length < 8) {
1766 rc = -EINVAL;
1767 goto free_open_req;
1768 }
1769 rqst[1].rq_iov = &vars->si_iov[0];
1770 rqst[1].rq_nvec = 1;
1771
1772 /* MS-FSCC 2.4.13 FileEndOfFileInformation */
1773 size[0] = 8;
1774 data[0] = buffer;
1775
1776 rc = SMB2_set_info_init(tcon, server, &rqst[1], COMPOUND_FID, COMPOUND_FID,
1777 current->tgid, FILE_END_OF_FILE_INFORMATION,
1778 SMB2_O_INFO_FILE, 0, data, size);
1779 free_req1_func = SMB2_set_info_free;
1780 } else if (qi.flags == PASSTHRU_QUERY_INFO) {
1781 rqst[1].rq_iov = &vars->qi_iov[0];
1782 rqst[1].rq_nvec = 1;
1783
1784 rc = SMB2_query_info_init(tcon, server,
1785 &rqst[1], COMPOUND_FID,
1786 COMPOUND_FID, qi.file_info_class,
1787 qi.info_type, qi.additional_information,
1788 qi.input_buffer_length,
1789 qi.output_buffer_length, buffer);
1790 free_req1_func = SMB2_query_info_free;
1791 } else { /* unknown flags */
1792 cifs_tcon_dbg(VFS, "Invalid passthru query flags: 0x%x\n",
1793 qi.flags);
1794 rc = -EINVAL;
1795 }
1796
1797 if (rc)
1798 goto free_open_req;
1799 smb2_set_next_command(tcon, &rqst[1]);
1800 smb2_set_related(&rqst[1]);
1801
1802 /* Close */
1803 rqst[2].rq_iov = &vars->close_iov[0];
1804 rqst[2].rq_nvec = 1;
1805
1806 rc = SMB2_close_init(tcon, server,
1807 &rqst[2], COMPOUND_FID, COMPOUND_FID, false);
1808 if (rc)
1809 goto free_req_1;
1810 smb2_set_related(&rqst[2]);
1811
1812 rc = compound_send_recv(xid, ses, server,
1813 flags, 3, rqst,
1814 resp_buftype, rsp_iov);
1815 if (rc)
1816 goto out;
1817
1818 /* No need to bump num_remote_opens since handle immediately closed */
1819 if (qi.flags & PASSTHRU_FSCTL) {
1820 pqi = (struct smb_query_info __user *)arg;
1821 io_rsp = (struct smb2_ioctl_rsp *)rsp_iov[1].iov_base;
1822 if (le32_to_cpu(io_rsp->OutputCount) < qi.input_buffer_length)
1823 qi.input_buffer_length = le32_to_cpu(io_rsp->OutputCount);
1824 if (qi.input_buffer_length > 0 &&
1825 le32_to_cpu(io_rsp->OutputOffset) + qi.input_buffer_length
1826 > rsp_iov[1].iov_len) {
1827 rc = -EFAULT;
1828 goto out;
1829 }
1830
1831 if (copy_to_user(&pqi->input_buffer_length,
1832 &qi.input_buffer_length,
1833 sizeof(qi.input_buffer_length))) {
1834 rc = -EFAULT;
1835 goto out;
1836 }
1837
1838 if (copy_to_user((void __user *)pqi + sizeof(struct smb_query_info),
1839 (const void *)io_rsp + le32_to_cpu(io_rsp->OutputOffset),
1840 qi.input_buffer_length))
1841 rc = -EFAULT;
1842 } else {
1843 pqi = (struct smb_query_info __user *)arg;
1844 qi_rsp = (struct smb2_query_info_rsp *)rsp_iov[1].iov_base;
1845 if (le32_to_cpu(qi_rsp->OutputBufferLength) < qi.input_buffer_length)
1846 qi.input_buffer_length = le32_to_cpu(qi_rsp->OutputBufferLength);
1847 if (copy_to_user(&pqi->input_buffer_length,
1848 &qi.input_buffer_length,
1849 sizeof(qi.input_buffer_length))) {
1850 rc = -EFAULT;
1851 goto out;
1852 }
1853
1854 if (copy_to_user(pqi + 1, qi_rsp->Buffer,
1855 qi.input_buffer_length))
1856 rc = -EFAULT;
1857 }
1858
1859 out:
1860 free_rsp_buf(resp_buftype[0], rsp_iov[0].iov_base);
1861 free_rsp_buf(resp_buftype[1], rsp_iov[1].iov_base);
1862 free_rsp_buf(resp_buftype[2], rsp_iov[2].iov_base);
1863 SMB2_close_free(&rqst[2]);
1864 free_req_1:
1865 free_req1_func(&rqst[1]);
1866 free_open_req:
1867 SMB2_open_free(&rqst[0]);
1868 free_output_buffer:
1869 kfree(buffer);
1870 free_vars:
1871 kfree(vars);
1872 return rc;
1873 }
1874
1875 static ssize_t
smb2_copychunk_range(const unsigned int xid,struct cifsFileInfo * srcfile,struct cifsFileInfo * trgtfile,u64 src_off,u64 len,u64 dest_off)1876 smb2_copychunk_range(const unsigned int xid,
1877 struct cifsFileInfo *srcfile,
1878 struct cifsFileInfo *trgtfile, u64 src_off,
1879 u64 len, u64 dest_off)
1880 {
1881 int rc;
1882 unsigned int ret_data_len;
1883 struct copychunk_ioctl *pcchunk;
1884 struct copychunk_ioctl_rsp *retbuf = NULL;
1885 struct cifs_tcon *tcon;
1886 int chunks_copied = 0;
1887 bool chunk_sizes_updated = false;
1888 ssize_t bytes_written, total_bytes_written = 0;
1889 struct inode *inode;
1890
1891 pcchunk = kmalloc(sizeof(struct copychunk_ioctl), GFP_KERNEL);
1892
1893 /*
1894 * We need to flush all unwritten data before we can send the
1895 * copychunk ioctl to the server.
1896 */
1897 inode = d_inode(trgtfile->dentry);
1898 filemap_write_and_wait(inode->i_mapping);
1899
1900 if (pcchunk == NULL)
1901 return -ENOMEM;
1902
1903 cifs_dbg(FYI, "%s: about to call request res key\n", __func__);
1904 /* Request a key from the server to identify the source of the copy */
1905 rc = SMB2_request_res_key(xid, tlink_tcon(srcfile->tlink),
1906 srcfile->fid.persistent_fid,
1907 srcfile->fid.volatile_fid, pcchunk);
1908
1909 /* Note: request_res_key sets res_key null only if rc !=0 */
1910 if (rc)
1911 goto cchunk_out;
1912
1913 /* For now array only one chunk long, will make more flexible later */
1914 pcchunk->ChunkCount = cpu_to_le32(1);
1915 pcchunk->Reserved = 0;
1916 pcchunk->Reserved2 = 0;
1917
1918 tcon = tlink_tcon(trgtfile->tlink);
1919
1920 while (len > 0) {
1921 pcchunk->SourceOffset = cpu_to_le64(src_off);
1922 pcchunk->TargetOffset = cpu_to_le64(dest_off);
1923 pcchunk->Length =
1924 cpu_to_le32(min_t(u32, len, tcon->max_bytes_chunk));
1925
1926 /* Request server copy to target from src identified by key */
1927 kfree(retbuf);
1928 retbuf = NULL;
1929 rc = SMB2_ioctl(xid, tcon, trgtfile->fid.persistent_fid,
1930 trgtfile->fid.volatile_fid, FSCTL_SRV_COPYCHUNK_WRITE,
1931 (char *)pcchunk, sizeof(struct copychunk_ioctl),
1932 CIFSMaxBufSize, (char **)&retbuf, &ret_data_len);
1933 if (rc == 0) {
1934 if (ret_data_len !=
1935 sizeof(struct copychunk_ioctl_rsp)) {
1936 cifs_tcon_dbg(VFS, "Invalid cchunk response size\n");
1937 rc = -EIO;
1938 goto cchunk_out;
1939 }
1940 if (retbuf->TotalBytesWritten == 0) {
1941 cifs_dbg(FYI, "no bytes copied\n");
1942 rc = -EIO;
1943 goto cchunk_out;
1944 }
1945 /*
1946 * Check if server claimed to write more than we asked
1947 */
1948 if (le32_to_cpu(retbuf->TotalBytesWritten) >
1949 le32_to_cpu(pcchunk->Length)) {
1950 cifs_tcon_dbg(VFS, "Invalid copy chunk response\n");
1951 rc = -EIO;
1952 goto cchunk_out;
1953 }
1954 if (le32_to_cpu(retbuf->ChunksWritten) != 1) {
1955 cifs_tcon_dbg(VFS, "Invalid num chunks written\n");
1956 rc = -EIO;
1957 goto cchunk_out;
1958 }
1959 chunks_copied++;
1960
1961 bytes_written = le32_to_cpu(retbuf->TotalBytesWritten);
1962 src_off += bytes_written;
1963 dest_off += bytes_written;
1964 len -= bytes_written;
1965 total_bytes_written += bytes_written;
1966
1967 cifs_dbg(FYI, "Chunks %d PartialChunk %d Total %zu\n",
1968 le32_to_cpu(retbuf->ChunksWritten),
1969 le32_to_cpu(retbuf->ChunkBytesWritten),
1970 bytes_written);
1971 } else if (rc == -EINVAL) {
1972 if (ret_data_len != sizeof(struct copychunk_ioctl_rsp))
1973 goto cchunk_out;
1974
1975 cifs_dbg(FYI, "MaxChunks %d BytesChunk %d MaxCopy %d\n",
1976 le32_to_cpu(retbuf->ChunksWritten),
1977 le32_to_cpu(retbuf->ChunkBytesWritten),
1978 le32_to_cpu(retbuf->TotalBytesWritten));
1979
1980 /*
1981 * Check if this is the first request using these sizes,
1982 * (ie check if copy succeed once with original sizes
1983 * and check if the server gave us different sizes after
1984 * we already updated max sizes on previous request).
1985 * if not then why is the server returning an error now
1986 */
1987 if ((chunks_copied != 0) || chunk_sizes_updated)
1988 goto cchunk_out;
1989
1990 /* Check that server is not asking us to grow size */
1991 if (le32_to_cpu(retbuf->ChunkBytesWritten) <
1992 tcon->max_bytes_chunk)
1993 tcon->max_bytes_chunk =
1994 le32_to_cpu(retbuf->ChunkBytesWritten);
1995 else
1996 goto cchunk_out; /* server gave us bogus size */
1997
1998 /* No need to change MaxChunks since already set to 1 */
1999 chunk_sizes_updated = true;
2000 } else
2001 goto cchunk_out;
2002 }
2003
2004 cchunk_out:
2005 kfree(pcchunk);
2006 kfree(retbuf);
2007 if (rc)
2008 return rc;
2009 else
2010 return total_bytes_written;
2011 }
2012
2013 static int
smb2_flush_file(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_fid * fid)2014 smb2_flush_file(const unsigned int xid, struct cifs_tcon *tcon,
2015 struct cifs_fid *fid)
2016 {
2017 return SMB2_flush(xid, tcon, fid->persistent_fid, fid->volatile_fid);
2018 }
2019
2020 static unsigned int
smb2_read_data_offset(char * buf)2021 smb2_read_data_offset(char *buf)
2022 {
2023 struct smb2_read_rsp *rsp = (struct smb2_read_rsp *)buf;
2024
2025 return rsp->DataOffset;
2026 }
2027
2028 static unsigned int
smb2_read_data_length(char * buf,bool in_remaining)2029 smb2_read_data_length(char *buf, bool in_remaining)
2030 {
2031 struct smb2_read_rsp *rsp = (struct smb2_read_rsp *)buf;
2032
2033 if (in_remaining)
2034 return le32_to_cpu(rsp->DataRemaining);
2035
2036 return le32_to_cpu(rsp->DataLength);
2037 }
2038
2039
2040 static int
smb2_sync_read(const unsigned int xid,struct cifs_fid * pfid,struct cifs_io_parms * parms,unsigned int * bytes_read,char ** buf,int * buf_type)2041 smb2_sync_read(const unsigned int xid, struct cifs_fid *pfid,
2042 struct cifs_io_parms *parms, unsigned int *bytes_read,
2043 char **buf, int *buf_type)
2044 {
2045 parms->persistent_fid = pfid->persistent_fid;
2046 parms->volatile_fid = pfid->volatile_fid;
2047 return SMB2_read(xid, parms, bytes_read, buf, buf_type);
2048 }
2049
2050 static int
smb2_sync_write(const unsigned int xid,struct cifs_fid * pfid,struct cifs_io_parms * parms,unsigned int * written,struct kvec * iov,unsigned long nr_segs)2051 smb2_sync_write(const unsigned int xid, struct cifs_fid *pfid,
2052 struct cifs_io_parms *parms, unsigned int *written,
2053 struct kvec *iov, unsigned long nr_segs)
2054 {
2055
2056 parms->persistent_fid = pfid->persistent_fid;
2057 parms->volatile_fid = pfid->volatile_fid;
2058 return SMB2_write(xid, parms, written, iov, nr_segs);
2059 }
2060
2061 /* Set or clear the SPARSE_FILE attribute based on value passed in setsparse */
smb2_set_sparse(const unsigned int xid,struct cifs_tcon * tcon,struct cifsFileInfo * cfile,struct inode * inode,__u8 setsparse)2062 static bool smb2_set_sparse(const unsigned int xid, struct cifs_tcon *tcon,
2063 struct cifsFileInfo *cfile, struct inode *inode, __u8 setsparse)
2064 {
2065 struct cifsInodeInfo *cifsi;
2066 int rc;
2067
2068 cifsi = CIFS_I(inode);
2069
2070 /* if file already sparse don't bother setting sparse again */
2071 if ((cifsi->cifsAttrs & FILE_ATTRIBUTE_SPARSE_FILE) && setsparse)
2072 return true; /* already sparse */
2073
2074 if (!(cifsi->cifsAttrs & FILE_ATTRIBUTE_SPARSE_FILE) && !setsparse)
2075 return true; /* already not sparse */
2076
2077 /*
2078 * Can't check for sparse support on share the usual way via the
2079 * FS attribute info (FILE_SUPPORTS_SPARSE_FILES) on the share
2080 * since Samba server doesn't set the flag on the share, yet
2081 * supports the set sparse FSCTL and returns sparse correctly
2082 * in the file attributes. If we fail setting sparse though we
2083 * mark that server does not support sparse files for this share
2084 * to avoid repeatedly sending the unsupported fsctl to server
2085 * if the file is repeatedly extended.
2086 */
2087 if (tcon->broken_sparse_sup)
2088 return false;
2089
2090 rc = SMB2_ioctl(xid, tcon, cfile->fid.persistent_fid,
2091 cfile->fid.volatile_fid, FSCTL_SET_SPARSE,
2092 &setsparse, 1, CIFSMaxBufSize, NULL, NULL);
2093 if (rc) {
2094 tcon->broken_sparse_sup = true;
2095 cifs_dbg(FYI, "set sparse rc = %d\n", rc);
2096 return false;
2097 }
2098
2099 if (setsparse)
2100 cifsi->cifsAttrs |= FILE_ATTRIBUTE_SPARSE_FILE;
2101 else
2102 cifsi->cifsAttrs &= (~FILE_ATTRIBUTE_SPARSE_FILE);
2103
2104 return true;
2105 }
2106
2107 static int
smb2_set_file_size(const unsigned int xid,struct cifs_tcon * tcon,struct cifsFileInfo * cfile,__u64 size,bool set_alloc)2108 smb2_set_file_size(const unsigned int xid, struct cifs_tcon *tcon,
2109 struct cifsFileInfo *cfile, __u64 size, bool set_alloc)
2110 {
2111 __le64 eof = cpu_to_le64(size);
2112 struct inode *inode;
2113
2114 /*
2115 * If extending file more than one page make sparse. Many Linux fs
2116 * make files sparse by default when extending via ftruncate
2117 */
2118 inode = d_inode(cfile->dentry);
2119
2120 if (!set_alloc && (size > inode->i_size + 8192)) {
2121 __u8 set_sparse = 1;
2122
2123 /* whether set sparse succeeds or not, extend the file */
2124 smb2_set_sparse(xid, tcon, cfile, inode, set_sparse);
2125 }
2126
2127 return SMB2_set_eof(xid, tcon, cfile->fid.persistent_fid,
2128 cfile->fid.volatile_fid, cfile->pid, &eof);
2129 }
2130
2131 static int
smb2_duplicate_extents(const unsigned int xid,struct cifsFileInfo * srcfile,struct cifsFileInfo * trgtfile,u64 src_off,u64 len,u64 dest_off)2132 smb2_duplicate_extents(const unsigned int xid,
2133 struct cifsFileInfo *srcfile,
2134 struct cifsFileInfo *trgtfile, u64 src_off,
2135 u64 len, u64 dest_off)
2136 {
2137 int rc;
2138 unsigned int ret_data_len;
2139 struct inode *inode;
2140 struct duplicate_extents_to_file dup_ext_buf;
2141 struct cifs_tcon *tcon = tlink_tcon(trgtfile->tlink);
2142
2143 /* server fileays advertise duplicate extent support with this flag */
2144 if ((le32_to_cpu(tcon->fsAttrInfo.Attributes) &
2145 FILE_SUPPORTS_BLOCK_REFCOUNTING) == 0)
2146 return -EOPNOTSUPP;
2147
2148 dup_ext_buf.VolatileFileHandle = srcfile->fid.volatile_fid;
2149 dup_ext_buf.PersistentFileHandle = srcfile->fid.persistent_fid;
2150 dup_ext_buf.SourceFileOffset = cpu_to_le64(src_off);
2151 dup_ext_buf.TargetFileOffset = cpu_to_le64(dest_off);
2152 dup_ext_buf.ByteCount = cpu_to_le64(len);
2153 cifs_dbg(FYI, "Duplicate extents: src off %lld dst off %lld len %lld\n",
2154 src_off, dest_off, len);
2155
2156 inode = d_inode(trgtfile->dentry);
2157 if (inode->i_size < dest_off + len) {
2158 rc = smb2_set_file_size(xid, tcon, trgtfile, dest_off + len, false);
2159 if (rc)
2160 goto duplicate_extents_out;
2161
2162 /*
2163 * Although also could set plausible allocation size (i_blocks)
2164 * here in addition to setting the file size, in reflink
2165 * it is likely that the target file is sparse. Its allocation
2166 * size will be queried on next revalidate, but it is important
2167 * to make sure that file's cached size is updated immediately
2168 */
2169 cifs_setsize(inode, dest_off + len);
2170 }
2171 rc = SMB2_ioctl(xid, tcon, trgtfile->fid.persistent_fid,
2172 trgtfile->fid.volatile_fid,
2173 FSCTL_DUPLICATE_EXTENTS_TO_FILE,
2174 (char *)&dup_ext_buf,
2175 sizeof(struct duplicate_extents_to_file),
2176 CIFSMaxBufSize, NULL,
2177 &ret_data_len);
2178
2179 if (ret_data_len > 0)
2180 cifs_dbg(FYI, "Non-zero response length in duplicate extents\n");
2181
2182 duplicate_extents_out:
2183 return rc;
2184 }
2185
2186 static int
smb2_set_compression(const unsigned int xid,struct cifs_tcon * tcon,struct cifsFileInfo * cfile)2187 smb2_set_compression(const unsigned int xid, struct cifs_tcon *tcon,
2188 struct cifsFileInfo *cfile)
2189 {
2190 return SMB2_set_compression(xid, tcon, cfile->fid.persistent_fid,
2191 cfile->fid.volatile_fid);
2192 }
2193
2194 static int
smb3_set_integrity(const unsigned int xid,struct cifs_tcon * tcon,struct cifsFileInfo * cfile)2195 smb3_set_integrity(const unsigned int xid, struct cifs_tcon *tcon,
2196 struct cifsFileInfo *cfile)
2197 {
2198 struct fsctl_set_integrity_information_req integr_info;
2199 unsigned int ret_data_len;
2200
2201 integr_info.ChecksumAlgorithm = cpu_to_le16(CHECKSUM_TYPE_UNCHANGED);
2202 integr_info.Flags = 0;
2203 integr_info.Reserved = 0;
2204
2205 return SMB2_ioctl(xid, tcon, cfile->fid.persistent_fid,
2206 cfile->fid.volatile_fid,
2207 FSCTL_SET_INTEGRITY_INFORMATION,
2208 (char *)&integr_info,
2209 sizeof(struct fsctl_set_integrity_information_req),
2210 CIFSMaxBufSize, NULL,
2211 &ret_data_len);
2212
2213 }
2214
2215 /* GMT Token is @GMT-YYYY.MM.DD-HH.MM.SS Unicode which is 48 bytes + null */
2216 #define GMT_TOKEN_SIZE 50
2217
2218 #define MIN_SNAPSHOT_ARRAY_SIZE 16 /* See MS-SMB2 section 3.3.5.15.1 */
2219
2220 /*
2221 * Input buffer contains (empty) struct smb_snapshot array with size filled in
2222 * For output see struct SRV_SNAPSHOT_ARRAY in MS-SMB2 section 2.2.32.2
2223 */
2224 static int
smb3_enum_snapshots(const unsigned int xid,struct cifs_tcon * tcon,struct cifsFileInfo * cfile,void __user * ioc_buf)2225 smb3_enum_snapshots(const unsigned int xid, struct cifs_tcon *tcon,
2226 struct cifsFileInfo *cfile, void __user *ioc_buf)
2227 {
2228 char *retbuf = NULL;
2229 unsigned int ret_data_len = 0;
2230 int rc;
2231 u32 max_response_size;
2232 struct smb_snapshot_array snapshot_in;
2233
2234 /*
2235 * On the first query to enumerate the list of snapshots available
2236 * for this volume the buffer begins with 0 (number of snapshots
2237 * which can be returned is zero since at that point we do not know
2238 * how big the buffer needs to be). On the second query,
2239 * it (ret_data_len) is set to number of snapshots so we can
2240 * know to set the maximum response size larger (see below).
2241 */
2242 if (get_user(ret_data_len, (unsigned int __user *)ioc_buf))
2243 return -EFAULT;
2244
2245 /*
2246 * Note that for snapshot queries that servers like Azure expect that
2247 * the first query be minimal size (and just used to get the number/size
2248 * of previous versions) so response size must be specified as EXACTLY
2249 * sizeof(struct snapshot_array) which is 16 when rounded up to multiple
2250 * of eight bytes.
2251 */
2252 if (ret_data_len == 0)
2253 max_response_size = MIN_SNAPSHOT_ARRAY_SIZE;
2254 else
2255 max_response_size = CIFSMaxBufSize;
2256
2257 rc = SMB2_ioctl(xid, tcon, cfile->fid.persistent_fid,
2258 cfile->fid.volatile_fid,
2259 FSCTL_SRV_ENUMERATE_SNAPSHOTS,
2260 NULL, 0 /* no input data */, max_response_size,
2261 (char **)&retbuf,
2262 &ret_data_len);
2263 cifs_dbg(FYI, "enum snaphots ioctl returned %d and ret buflen is %d\n",
2264 rc, ret_data_len);
2265 if (rc)
2266 return rc;
2267
2268 if (ret_data_len && (ioc_buf != NULL) && (retbuf != NULL)) {
2269 /* Fixup buffer */
2270 if (copy_from_user(&snapshot_in, ioc_buf,
2271 sizeof(struct smb_snapshot_array))) {
2272 rc = -EFAULT;
2273 kfree(retbuf);
2274 return rc;
2275 }
2276
2277 /*
2278 * Check for min size, ie not large enough to fit even one GMT
2279 * token (snapshot). On the first ioctl some users may pass in
2280 * smaller size (or zero) to simply get the size of the array
2281 * so the user space caller can allocate sufficient memory
2282 * and retry the ioctl again with larger array size sufficient
2283 * to hold all of the snapshot GMT tokens on the second try.
2284 */
2285 if (snapshot_in.snapshot_array_size < GMT_TOKEN_SIZE)
2286 ret_data_len = sizeof(struct smb_snapshot_array);
2287
2288 /*
2289 * We return struct SRV_SNAPSHOT_ARRAY, followed by
2290 * the snapshot array (of 50 byte GMT tokens) each
2291 * representing an available previous version of the data
2292 */
2293 if (ret_data_len > (snapshot_in.snapshot_array_size +
2294 sizeof(struct smb_snapshot_array)))
2295 ret_data_len = snapshot_in.snapshot_array_size +
2296 sizeof(struct smb_snapshot_array);
2297
2298 if (copy_to_user(ioc_buf, retbuf, ret_data_len))
2299 rc = -EFAULT;
2300 }
2301
2302 kfree(retbuf);
2303 return rc;
2304 }
2305
2306
2307
2308 static int
smb3_notify(const unsigned int xid,struct file * pfile,void __user * ioc_buf)2309 smb3_notify(const unsigned int xid, struct file *pfile,
2310 void __user *ioc_buf)
2311 {
2312 struct smb3_notify notify;
2313 struct dentry *dentry = pfile->f_path.dentry;
2314 struct inode *inode = file_inode(pfile);
2315 struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);
2316 struct cifs_open_parms oparms;
2317 struct cifs_fid fid;
2318 struct cifs_tcon *tcon;
2319 const unsigned char *path;
2320 void *page = alloc_dentry_path();
2321 __le16 *utf16_path = NULL;
2322 u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
2323 int rc = 0;
2324
2325 path = build_path_from_dentry(dentry, page);
2326 if (IS_ERR(path)) {
2327 rc = PTR_ERR(path);
2328 goto notify_exit;
2329 }
2330
2331 utf16_path = cifs_convert_path_to_utf16(path, cifs_sb);
2332 if (utf16_path == NULL) {
2333 rc = -ENOMEM;
2334 goto notify_exit;
2335 }
2336
2337 if (copy_from_user(¬ify, ioc_buf, sizeof(struct smb3_notify))) {
2338 rc = -EFAULT;
2339 goto notify_exit;
2340 }
2341
2342 tcon = cifs_sb_master_tcon(cifs_sb);
2343 oparms.tcon = tcon;
2344 oparms.desired_access = FILE_READ_ATTRIBUTES | FILE_READ_DATA;
2345 oparms.disposition = FILE_OPEN;
2346 oparms.create_options = cifs_create_options(cifs_sb, 0);
2347 oparms.fid = &fid;
2348 oparms.reconnect = false;
2349
2350 rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, NULL, NULL,
2351 NULL);
2352 if (rc)
2353 goto notify_exit;
2354
2355 rc = SMB2_change_notify(xid, tcon, fid.persistent_fid, fid.volatile_fid,
2356 notify.watch_tree, notify.completion_filter);
2357
2358 SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
2359
2360 cifs_dbg(FYI, "change notify for path %s rc %d\n", path, rc);
2361
2362 notify_exit:
2363 free_dentry_path(page);
2364 kfree(utf16_path);
2365 return rc;
2366 }
2367
2368 static int
smb2_query_dir_first(const unsigned int xid,struct cifs_tcon * tcon,const char * path,struct cifs_sb_info * cifs_sb,struct cifs_fid * fid,__u16 search_flags,struct cifs_search_info * srch_inf)2369 smb2_query_dir_first(const unsigned int xid, struct cifs_tcon *tcon,
2370 const char *path, struct cifs_sb_info *cifs_sb,
2371 struct cifs_fid *fid, __u16 search_flags,
2372 struct cifs_search_info *srch_inf)
2373 {
2374 __le16 *utf16_path;
2375 struct smb_rqst rqst[2];
2376 struct kvec rsp_iov[2];
2377 int resp_buftype[2];
2378 struct kvec open_iov[SMB2_CREATE_IOV_SIZE];
2379 struct kvec qd_iov[SMB2_QUERY_DIRECTORY_IOV_SIZE];
2380 int rc, flags = 0;
2381 u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
2382 struct cifs_open_parms oparms;
2383 struct smb2_query_directory_rsp *qd_rsp = NULL;
2384 struct smb2_create_rsp *op_rsp = NULL;
2385 struct TCP_Server_Info *server = cifs_pick_channel(tcon->ses);
2386 int retry_count = 0;
2387
2388 utf16_path = cifs_convert_path_to_utf16(path, cifs_sb);
2389 if (!utf16_path)
2390 return -ENOMEM;
2391
2392 if (smb3_encryption_required(tcon))
2393 flags |= CIFS_TRANSFORM_REQ;
2394
2395 memset(rqst, 0, sizeof(rqst));
2396 resp_buftype[0] = resp_buftype[1] = CIFS_NO_BUFFER;
2397 memset(rsp_iov, 0, sizeof(rsp_iov));
2398
2399 /* Open */
2400 memset(&open_iov, 0, sizeof(open_iov));
2401 rqst[0].rq_iov = open_iov;
2402 rqst[0].rq_nvec = SMB2_CREATE_IOV_SIZE;
2403
2404 oparms.tcon = tcon;
2405 oparms.desired_access = FILE_READ_ATTRIBUTES | FILE_READ_DATA;
2406 oparms.disposition = FILE_OPEN;
2407 oparms.create_options = cifs_create_options(cifs_sb, 0);
2408 oparms.fid = fid;
2409 oparms.reconnect = false;
2410
2411 rc = SMB2_open_init(tcon, server,
2412 &rqst[0], &oplock, &oparms, utf16_path);
2413 if (rc)
2414 goto qdf_free;
2415 smb2_set_next_command(tcon, &rqst[0]);
2416
2417 /* Query directory */
2418 srch_inf->entries_in_buffer = 0;
2419 srch_inf->index_of_last_entry = 2;
2420
2421 memset(&qd_iov, 0, sizeof(qd_iov));
2422 rqst[1].rq_iov = qd_iov;
2423 rqst[1].rq_nvec = SMB2_QUERY_DIRECTORY_IOV_SIZE;
2424
2425 rc = SMB2_query_directory_init(xid, tcon, server,
2426 &rqst[1],
2427 COMPOUND_FID, COMPOUND_FID,
2428 0, srch_inf->info_level);
2429 if (rc)
2430 goto qdf_free;
2431
2432 smb2_set_related(&rqst[1]);
2433
2434 again:
2435 rc = compound_send_recv(xid, tcon->ses, server,
2436 flags, 2, rqst,
2437 resp_buftype, rsp_iov);
2438
2439 if (rc == -EAGAIN && retry_count++ < 10)
2440 goto again;
2441
2442 /* If the open failed there is nothing to do */
2443 op_rsp = (struct smb2_create_rsp *)rsp_iov[0].iov_base;
2444 if (op_rsp == NULL || op_rsp->hdr.Status != STATUS_SUCCESS) {
2445 cifs_dbg(FYI, "query_dir_first: open failed rc=%d\n", rc);
2446 goto qdf_free;
2447 }
2448 fid->persistent_fid = op_rsp->PersistentFileId;
2449 fid->volatile_fid = op_rsp->VolatileFileId;
2450
2451 /* Anything else than ENODATA means a genuine error */
2452 if (rc && rc != -ENODATA) {
2453 SMB2_close(xid, tcon, fid->persistent_fid, fid->volatile_fid);
2454 cifs_dbg(FYI, "query_dir_first: query directory failed rc=%d\n", rc);
2455 trace_smb3_query_dir_err(xid, fid->persistent_fid,
2456 tcon->tid, tcon->ses->Suid, 0, 0, rc);
2457 goto qdf_free;
2458 }
2459
2460 atomic_inc(&tcon->num_remote_opens);
2461
2462 qd_rsp = (struct smb2_query_directory_rsp *)rsp_iov[1].iov_base;
2463 if (qd_rsp->hdr.Status == STATUS_NO_MORE_FILES) {
2464 trace_smb3_query_dir_done(xid, fid->persistent_fid,
2465 tcon->tid, tcon->ses->Suid, 0, 0);
2466 srch_inf->endOfSearch = true;
2467 rc = 0;
2468 goto qdf_free;
2469 }
2470
2471 rc = smb2_parse_query_directory(tcon, &rsp_iov[1], resp_buftype[1],
2472 srch_inf);
2473 if (rc) {
2474 trace_smb3_query_dir_err(xid, fid->persistent_fid, tcon->tid,
2475 tcon->ses->Suid, 0, 0, rc);
2476 goto qdf_free;
2477 }
2478 resp_buftype[1] = CIFS_NO_BUFFER;
2479
2480 trace_smb3_query_dir_done(xid, fid->persistent_fid, tcon->tid,
2481 tcon->ses->Suid, 0, srch_inf->entries_in_buffer);
2482
2483 qdf_free:
2484 kfree(utf16_path);
2485 SMB2_open_free(&rqst[0]);
2486 SMB2_query_directory_free(&rqst[1]);
2487 free_rsp_buf(resp_buftype[0], rsp_iov[0].iov_base);
2488 free_rsp_buf(resp_buftype[1], rsp_iov[1].iov_base);
2489 return rc;
2490 }
2491
2492 static int
smb2_query_dir_next(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_fid * fid,__u16 search_flags,struct cifs_search_info * srch_inf)2493 smb2_query_dir_next(const unsigned int xid, struct cifs_tcon *tcon,
2494 struct cifs_fid *fid, __u16 search_flags,
2495 struct cifs_search_info *srch_inf)
2496 {
2497 return SMB2_query_directory(xid, tcon, fid->persistent_fid,
2498 fid->volatile_fid, 0, srch_inf);
2499 }
2500
2501 static int
smb2_close_dir(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_fid * fid)2502 smb2_close_dir(const unsigned int xid, struct cifs_tcon *tcon,
2503 struct cifs_fid *fid)
2504 {
2505 return SMB2_close(xid, tcon, fid->persistent_fid, fid->volatile_fid);
2506 }
2507
2508 /*
2509 * If we negotiate SMB2 protocol and get STATUS_PENDING - update
2510 * the number of credits and return true. Otherwise - return false.
2511 */
2512 static bool
smb2_is_status_pending(char * buf,struct TCP_Server_Info * server)2513 smb2_is_status_pending(char *buf, struct TCP_Server_Info *server)
2514 {
2515 struct smb2_hdr *shdr = (struct smb2_hdr *)buf;
2516 int scredits, in_flight;
2517
2518 if (shdr->Status != STATUS_PENDING)
2519 return false;
2520
2521 if (shdr->CreditRequest) {
2522 spin_lock(&server->req_lock);
2523 server->credits += le16_to_cpu(shdr->CreditRequest);
2524 scredits = server->credits;
2525 in_flight = server->in_flight;
2526 spin_unlock(&server->req_lock);
2527 wake_up(&server->request_q);
2528
2529 trace_smb3_pend_credits(server->CurrentMid,
2530 server->conn_id, server->hostname, scredits,
2531 le16_to_cpu(shdr->CreditRequest), in_flight);
2532 cifs_dbg(FYI, "%s: status pending add %u credits total=%d\n",
2533 __func__, le16_to_cpu(shdr->CreditRequest), scredits);
2534 }
2535
2536 return true;
2537 }
2538
2539 static bool
smb2_is_session_expired(char * buf)2540 smb2_is_session_expired(char *buf)
2541 {
2542 struct smb2_hdr *shdr = (struct smb2_hdr *)buf;
2543
2544 if (shdr->Status != STATUS_NETWORK_SESSION_EXPIRED &&
2545 shdr->Status != STATUS_USER_SESSION_DELETED)
2546 return false;
2547
2548 trace_smb3_ses_expired(le32_to_cpu(shdr->Id.SyncId.TreeId),
2549 le64_to_cpu(shdr->SessionId),
2550 le16_to_cpu(shdr->Command),
2551 le64_to_cpu(shdr->MessageId));
2552 cifs_dbg(FYI, "Session expired or deleted\n");
2553
2554 return true;
2555 }
2556
2557 static bool
smb2_is_status_io_timeout(char * buf)2558 smb2_is_status_io_timeout(char *buf)
2559 {
2560 struct smb2_hdr *shdr = (struct smb2_hdr *)buf;
2561
2562 if (shdr->Status == STATUS_IO_TIMEOUT)
2563 return true;
2564 else
2565 return false;
2566 }
2567
2568 static void
smb2_is_network_name_deleted(char * buf,struct TCP_Server_Info * server)2569 smb2_is_network_name_deleted(char *buf, struct TCP_Server_Info *server)
2570 {
2571 struct smb2_hdr *shdr = (struct smb2_hdr *)buf;
2572 struct list_head *tmp, *tmp1;
2573 struct cifs_ses *ses;
2574 struct cifs_tcon *tcon;
2575
2576 if (shdr->Status != STATUS_NETWORK_NAME_DELETED)
2577 return;
2578
2579 spin_lock(&cifs_tcp_ses_lock);
2580 list_for_each(tmp, &server->smb_ses_list) {
2581 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
2582 list_for_each(tmp1, &ses->tcon_list) {
2583 tcon = list_entry(tmp1, struct cifs_tcon, tcon_list);
2584 if (tcon->tid == le32_to_cpu(shdr->Id.SyncId.TreeId)) {
2585 tcon->need_reconnect = true;
2586 spin_unlock(&cifs_tcp_ses_lock);
2587 pr_warn_once("Server share %s deleted.\n",
2588 tcon->treeName);
2589 return;
2590 }
2591 }
2592 }
2593 spin_unlock(&cifs_tcp_ses_lock);
2594 }
2595
2596 static int
smb2_oplock_response(struct cifs_tcon * tcon,struct cifs_fid * fid,struct cifsInodeInfo * cinode)2597 smb2_oplock_response(struct cifs_tcon *tcon, struct cifs_fid *fid,
2598 struct cifsInodeInfo *cinode)
2599 {
2600 if (tcon->ses->server->capabilities & SMB2_GLOBAL_CAP_LEASING)
2601 return SMB2_lease_break(0, tcon, cinode->lease_key,
2602 smb2_get_lease_state(cinode));
2603
2604 return SMB2_oplock_break(0, tcon, fid->persistent_fid,
2605 fid->volatile_fid,
2606 CIFS_CACHE_READ(cinode) ? 1 : 0);
2607 }
2608
2609 void
smb2_set_related(struct smb_rqst * rqst)2610 smb2_set_related(struct smb_rqst *rqst)
2611 {
2612 struct smb2_hdr *shdr;
2613
2614 shdr = (struct smb2_hdr *)(rqst->rq_iov[0].iov_base);
2615 if (shdr == NULL) {
2616 cifs_dbg(FYI, "shdr NULL in smb2_set_related\n");
2617 return;
2618 }
2619 shdr->Flags |= SMB2_FLAGS_RELATED_OPERATIONS;
2620 }
2621
2622 char smb2_padding[7] = {0, 0, 0, 0, 0, 0, 0};
2623
2624 void
smb2_set_next_command(struct cifs_tcon * tcon,struct smb_rqst * rqst)2625 smb2_set_next_command(struct cifs_tcon *tcon, struct smb_rqst *rqst)
2626 {
2627 struct smb2_hdr *shdr;
2628 struct cifs_ses *ses = tcon->ses;
2629 struct TCP_Server_Info *server = ses->server;
2630 unsigned long len = smb_rqst_len(server, rqst);
2631 int i, num_padding;
2632
2633 shdr = (struct smb2_hdr *)(rqst->rq_iov[0].iov_base);
2634 if (shdr == NULL) {
2635 cifs_dbg(FYI, "shdr NULL in smb2_set_next_command\n");
2636 return;
2637 }
2638
2639 /* SMB headers in a compound are 8 byte aligned. */
2640
2641 /* No padding needed */
2642 if (!(len & 7))
2643 goto finished;
2644
2645 num_padding = 8 - (len & 7);
2646 if (!smb3_encryption_required(tcon)) {
2647 /*
2648 * If we do not have encryption then we can just add an extra
2649 * iov for the padding.
2650 */
2651 rqst->rq_iov[rqst->rq_nvec].iov_base = smb2_padding;
2652 rqst->rq_iov[rqst->rq_nvec].iov_len = num_padding;
2653 rqst->rq_nvec++;
2654 len += num_padding;
2655 } else {
2656 /*
2657 * We can not add a small padding iov for the encryption case
2658 * because the encryption framework can not handle the padding
2659 * iovs.
2660 * We have to flatten this into a single buffer and add
2661 * the padding to it.
2662 */
2663 for (i = 1; i < rqst->rq_nvec; i++) {
2664 memcpy(rqst->rq_iov[0].iov_base +
2665 rqst->rq_iov[0].iov_len,
2666 rqst->rq_iov[i].iov_base,
2667 rqst->rq_iov[i].iov_len);
2668 rqst->rq_iov[0].iov_len += rqst->rq_iov[i].iov_len;
2669 }
2670 memset(rqst->rq_iov[0].iov_base + rqst->rq_iov[0].iov_len,
2671 0, num_padding);
2672 rqst->rq_iov[0].iov_len += num_padding;
2673 len += num_padding;
2674 rqst->rq_nvec = 1;
2675 }
2676
2677 finished:
2678 shdr->NextCommand = cpu_to_le32(len);
2679 }
2680
2681 /*
2682 * Passes the query info response back to the caller on success.
2683 * Caller need to free this with free_rsp_buf().
2684 */
2685 int
smb2_query_info_compound(const unsigned int xid,struct cifs_tcon * tcon,const char * path,u32 desired_access,u32 class,u32 type,u32 output_len,struct kvec * rsp,int * buftype,struct cifs_sb_info * cifs_sb)2686 smb2_query_info_compound(const unsigned int xid, struct cifs_tcon *tcon,
2687 const char *path, u32 desired_access,
2688 u32 class, u32 type, u32 output_len,
2689 struct kvec *rsp, int *buftype,
2690 struct cifs_sb_info *cifs_sb)
2691 {
2692 struct cifs_ses *ses = tcon->ses;
2693 struct TCP_Server_Info *server = cifs_pick_channel(ses);
2694 int flags = CIFS_CP_CREATE_CLOSE_OP;
2695 struct smb_rqst rqst[3];
2696 int resp_buftype[3];
2697 struct kvec rsp_iov[3];
2698 struct kvec open_iov[SMB2_CREATE_IOV_SIZE];
2699 struct kvec qi_iov[1];
2700 struct kvec close_iov[1];
2701 u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
2702 struct cifs_open_parms oparms;
2703 struct cifs_fid fid;
2704 int rc;
2705 __le16 *utf16_path;
2706 struct cached_fid *cfid = NULL;
2707
2708 if (!path)
2709 path = "";
2710 utf16_path = cifs_convert_path_to_utf16(path, cifs_sb);
2711 if (!utf16_path)
2712 return -ENOMEM;
2713
2714 if (smb3_encryption_required(tcon))
2715 flags |= CIFS_TRANSFORM_REQ;
2716
2717 memset(rqst, 0, sizeof(rqst));
2718 resp_buftype[0] = resp_buftype[1] = resp_buftype[2] = CIFS_NO_BUFFER;
2719 memset(rsp_iov, 0, sizeof(rsp_iov));
2720
2721 if (!strcmp(path, ""))
2722 open_cached_dir(xid, tcon, path, cifs_sb, &cfid); /* cfid null if open dir failed */
2723
2724 memset(&open_iov, 0, sizeof(open_iov));
2725 rqst[0].rq_iov = open_iov;
2726 rqst[0].rq_nvec = SMB2_CREATE_IOV_SIZE;
2727
2728 oparms.tcon = tcon;
2729 oparms.desired_access = desired_access;
2730 oparms.disposition = FILE_OPEN;
2731 oparms.create_options = cifs_create_options(cifs_sb, 0);
2732 oparms.fid = &fid;
2733 oparms.reconnect = false;
2734
2735 rc = SMB2_open_init(tcon, server,
2736 &rqst[0], &oplock, &oparms, utf16_path);
2737 if (rc)
2738 goto qic_exit;
2739 smb2_set_next_command(tcon, &rqst[0]);
2740
2741 memset(&qi_iov, 0, sizeof(qi_iov));
2742 rqst[1].rq_iov = qi_iov;
2743 rqst[1].rq_nvec = 1;
2744
2745 if (cfid) {
2746 rc = SMB2_query_info_init(tcon, server,
2747 &rqst[1],
2748 cfid->fid->persistent_fid,
2749 cfid->fid->volatile_fid,
2750 class, type, 0,
2751 output_len, 0,
2752 NULL);
2753 } else {
2754 rc = SMB2_query_info_init(tcon, server,
2755 &rqst[1],
2756 COMPOUND_FID,
2757 COMPOUND_FID,
2758 class, type, 0,
2759 output_len, 0,
2760 NULL);
2761 }
2762 if (rc)
2763 goto qic_exit;
2764 if (!cfid) {
2765 smb2_set_next_command(tcon, &rqst[1]);
2766 smb2_set_related(&rqst[1]);
2767 }
2768
2769 memset(&close_iov, 0, sizeof(close_iov));
2770 rqst[2].rq_iov = close_iov;
2771 rqst[2].rq_nvec = 1;
2772
2773 rc = SMB2_close_init(tcon, server,
2774 &rqst[2], COMPOUND_FID, COMPOUND_FID, false);
2775 if (rc)
2776 goto qic_exit;
2777 smb2_set_related(&rqst[2]);
2778
2779 if (cfid) {
2780 rc = compound_send_recv(xid, ses, server,
2781 flags, 1, &rqst[1],
2782 &resp_buftype[1], &rsp_iov[1]);
2783 } else {
2784 rc = compound_send_recv(xid, ses, server,
2785 flags, 3, rqst,
2786 resp_buftype, rsp_iov);
2787 }
2788 if (rc) {
2789 free_rsp_buf(resp_buftype[1], rsp_iov[1].iov_base);
2790 if (rc == -EREMCHG) {
2791 tcon->need_reconnect = true;
2792 pr_warn_once("server share %s deleted\n",
2793 tcon->treeName);
2794 }
2795 goto qic_exit;
2796 }
2797 *rsp = rsp_iov[1];
2798 *buftype = resp_buftype[1];
2799
2800 qic_exit:
2801 kfree(utf16_path);
2802 SMB2_open_free(&rqst[0]);
2803 SMB2_query_info_free(&rqst[1]);
2804 SMB2_close_free(&rqst[2]);
2805 free_rsp_buf(resp_buftype[0], rsp_iov[0].iov_base);
2806 free_rsp_buf(resp_buftype[2], rsp_iov[2].iov_base);
2807 if (cfid)
2808 close_cached_dir(cfid);
2809 return rc;
2810 }
2811
2812 static int
smb2_queryfs(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,struct kstatfs * buf)2813 smb2_queryfs(const unsigned int xid, struct cifs_tcon *tcon,
2814 struct cifs_sb_info *cifs_sb, struct kstatfs *buf)
2815 {
2816 struct smb2_query_info_rsp *rsp;
2817 struct smb2_fs_full_size_info *info = NULL;
2818 struct kvec rsp_iov = {NULL, 0};
2819 int buftype = CIFS_NO_BUFFER;
2820 int rc;
2821
2822
2823 rc = smb2_query_info_compound(xid, tcon, "",
2824 FILE_READ_ATTRIBUTES,
2825 FS_FULL_SIZE_INFORMATION,
2826 SMB2_O_INFO_FILESYSTEM,
2827 sizeof(struct smb2_fs_full_size_info),
2828 &rsp_iov, &buftype, cifs_sb);
2829 if (rc)
2830 goto qfs_exit;
2831
2832 rsp = (struct smb2_query_info_rsp *)rsp_iov.iov_base;
2833 buf->f_type = SMB2_SUPER_MAGIC;
2834 info = (struct smb2_fs_full_size_info *)(
2835 le16_to_cpu(rsp->OutputBufferOffset) + (char *)rsp);
2836 rc = smb2_validate_iov(le16_to_cpu(rsp->OutputBufferOffset),
2837 le32_to_cpu(rsp->OutputBufferLength),
2838 &rsp_iov,
2839 sizeof(struct smb2_fs_full_size_info));
2840 if (!rc)
2841 smb2_copy_fs_info_to_kstatfs(info, buf);
2842
2843 qfs_exit:
2844 free_rsp_buf(buftype, rsp_iov.iov_base);
2845 return rc;
2846 }
2847
2848 static int
smb311_queryfs(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,struct kstatfs * buf)2849 smb311_queryfs(const unsigned int xid, struct cifs_tcon *tcon,
2850 struct cifs_sb_info *cifs_sb, struct kstatfs *buf)
2851 {
2852 int rc;
2853 __le16 srch_path = 0; /* Null - open root of share */
2854 u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
2855 struct cifs_open_parms oparms;
2856 struct cifs_fid fid;
2857
2858 if (!tcon->posix_extensions)
2859 return smb2_queryfs(xid, tcon, cifs_sb, buf);
2860
2861 oparms.tcon = tcon;
2862 oparms.desired_access = FILE_READ_ATTRIBUTES;
2863 oparms.disposition = FILE_OPEN;
2864 oparms.create_options = cifs_create_options(cifs_sb, 0);
2865 oparms.fid = &fid;
2866 oparms.reconnect = false;
2867
2868 rc = SMB2_open(xid, &oparms, &srch_path, &oplock, NULL, NULL,
2869 NULL, NULL);
2870 if (rc)
2871 return rc;
2872
2873 rc = SMB311_posix_qfs_info(xid, tcon, fid.persistent_fid,
2874 fid.volatile_fid, buf);
2875 buf->f_type = SMB2_SUPER_MAGIC;
2876 SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
2877 return rc;
2878 }
2879
2880 static bool
smb2_compare_fids(struct cifsFileInfo * ob1,struct cifsFileInfo * ob2)2881 smb2_compare_fids(struct cifsFileInfo *ob1, struct cifsFileInfo *ob2)
2882 {
2883 return ob1->fid.persistent_fid == ob2->fid.persistent_fid &&
2884 ob1->fid.volatile_fid == ob2->fid.volatile_fid;
2885 }
2886
2887 static int
smb2_mand_lock(const unsigned int xid,struct cifsFileInfo * cfile,__u64 offset,__u64 length,__u32 type,int lock,int unlock,bool wait)2888 smb2_mand_lock(const unsigned int xid, struct cifsFileInfo *cfile, __u64 offset,
2889 __u64 length, __u32 type, int lock, int unlock, bool wait)
2890 {
2891 if (unlock && !lock)
2892 type = SMB2_LOCKFLAG_UNLOCK;
2893 return SMB2_lock(xid, tlink_tcon(cfile->tlink),
2894 cfile->fid.persistent_fid, cfile->fid.volatile_fid,
2895 current->tgid, length, offset, type, wait);
2896 }
2897
2898 static void
smb2_get_lease_key(struct inode * inode,struct cifs_fid * fid)2899 smb2_get_lease_key(struct inode *inode, struct cifs_fid *fid)
2900 {
2901 memcpy(fid->lease_key, CIFS_I(inode)->lease_key, SMB2_LEASE_KEY_SIZE);
2902 }
2903
2904 static void
smb2_set_lease_key(struct inode * inode,struct cifs_fid * fid)2905 smb2_set_lease_key(struct inode *inode, struct cifs_fid *fid)
2906 {
2907 memcpy(CIFS_I(inode)->lease_key, fid->lease_key, SMB2_LEASE_KEY_SIZE);
2908 }
2909
2910 static void
smb2_new_lease_key(struct cifs_fid * fid)2911 smb2_new_lease_key(struct cifs_fid *fid)
2912 {
2913 generate_random_uuid(fid->lease_key);
2914 }
2915
2916 static int
smb2_get_dfs_refer(const unsigned int xid,struct cifs_ses * ses,const char * search_name,struct dfs_info3_param ** target_nodes,unsigned int * num_of_nodes,const struct nls_table * nls_codepage,int remap)2917 smb2_get_dfs_refer(const unsigned int xid, struct cifs_ses *ses,
2918 const char *search_name,
2919 struct dfs_info3_param **target_nodes,
2920 unsigned int *num_of_nodes,
2921 const struct nls_table *nls_codepage, int remap)
2922 {
2923 int rc;
2924 __le16 *utf16_path = NULL;
2925 int utf16_path_len = 0;
2926 struct cifs_tcon *tcon;
2927 struct fsctl_get_dfs_referral_req *dfs_req = NULL;
2928 struct get_dfs_referral_rsp *dfs_rsp = NULL;
2929 u32 dfs_req_size = 0, dfs_rsp_size = 0;
2930 int retry_count = 0;
2931
2932 cifs_dbg(FYI, "%s: path: %s\n", __func__, search_name);
2933
2934 /*
2935 * Try to use the IPC tcon, otherwise just use any
2936 */
2937 tcon = ses->tcon_ipc;
2938 if (tcon == NULL) {
2939 spin_lock(&cifs_tcp_ses_lock);
2940 tcon = list_first_entry_or_null(&ses->tcon_list,
2941 struct cifs_tcon,
2942 tcon_list);
2943 if (tcon)
2944 tcon->tc_count++;
2945 spin_unlock(&cifs_tcp_ses_lock);
2946 }
2947
2948 if (tcon == NULL) {
2949 cifs_dbg(VFS, "session %p has no tcon available for a dfs referral request\n",
2950 ses);
2951 rc = -ENOTCONN;
2952 goto out;
2953 }
2954
2955 utf16_path = cifs_strndup_to_utf16(search_name, PATH_MAX,
2956 &utf16_path_len,
2957 nls_codepage, remap);
2958 if (!utf16_path) {
2959 rc = -ENOMEM;
2960 goto out;
2961 }
2962
2963 dfs_req_size = sizeof(*dfs_req) + utf16_path_len;
2964 dfs_req = kzalloc(dfs_req_size, GFP_KERNEL);
2965 if (!dfs_req) {
2966 rc = -ENOMEM;
2967 goto out;
2968 }
2969
2970 /* Highest DFS referral version understood */
2971 dfs_req->MaxReferralLevel = DFS_VERSION;
2972
2973 /* Path to resolve in an UTF-16 null-terminated string */
2974 memcpy(dfs_req->RequestFileName, utf16_path, utf16_path_len);
2975
2976 do {
2977 rc = SMB2_ioctl(xid, tcon, NO_FILE_ID, NO_FILE_ID,
2978 FSCTL_DFS_GET_REFERRALS,
2979 (char *)dfs_req, dfs_req_size, CIFSMaxBufSize,
2980 (char **)&dfs_rsp, &dfs_rsp_size);
2981 if (!is_retryable_error(rc))
2982 break;
2983 usleep_range(512, 2048);
2984 } while (++retry_count < 5);
2985
2986 if (rc) {
2987 if (!is_retryable_error(rc) && rc != -ENOENT && rc != -EOPNOTSUPP)
2988 cifs_tcon_dbg(VFS, "%s: ioctl error: rc=%d\n", __func__, rc);
2989 goto out;
2990 }
2991
2992 rc = parse_dfs_referrals(dfs_rsp, dfs_rsp_size,
2993 num_of_nodes, target_nodes,
2994 nls_codepage, remap, search_name,
2995 true /* is_unicode */);
2996 if (rc) {
2997 cifs_tcon_dbg(VFS, "parse error in %s rc=%d\n", __func__, rc);
2998 goto out;
2999 }
3000
3001 out:
3002 if (tcon && !tcon->ipc) {
3003 /* ipc tcons are not refcounted */
3004 spin_lock(&cifs_tcp_ses_lock);
3005 tcon->tc_count--;
3006 /* tc_count can never go negative */
3007 WARN_ON(tcon->tc_count < 0);
3008 spin_unlock(&cifs_tcp_ses_lock);
3009 }
3010 kfree(utf16_path);
3011 kfree(dfs_req);
3012 kfree(dfs_rsp);
3013 return rc;
3014 }
3015
3016 static int
parse_reparse_posix(struct reparse_posix_data * symlink_buf,u32 plen,char ** target_path,struct cifs_sb_info * cifs_sb)3017 parse_reparse_posix(struct reparse_posix_data *symlink_buf,
3018 u32 plen, char **target_path,
3019 struct cifs_sb_info *cifs_sb)
3020 {
3021 unsigned int len;
3022
3023 /* See MS-FSCC 2.1.2.6 for the 'NFS' style reparse tags */
3024 len = le16_to_cpu(symlink_buf->ReparseDataLength);
3025
3026 if (le64_to_cpu(symlink_buf->InodeType) != NFS_SPECFILE_LNK) {
3027 cifs_dbg(VFS, "%lld not a supported symlink type\n",
3028 le64_to_cpu(symlink_buf->InodeType));
3029 return -EOPNOTSUPP;
3030 }
3031
3032 *target_path = cifs_strndup_from_utf16(
3033 symlink_buf->PathBuffer,
3034 len, true, cifs_sb->local_nls);
3035 if (!(*target_path))
3036 return -ENOMEM;
3037
3038 convert_delimiter(*target_path, '/');
3039 cifs_dbg(FYI, "%s: target path: %s\n", __func__, *target_path);
3040
3041 return 0;
3042 }
3043
3044 static int
parse_reparse_symlink(struct reparse_symlink_data_buffer * symlink_buf,u32 plen,char ** target_path,struct cifs_sb_info * cifs_sb)3045 parse_reparse_symlink(struct reparse_symlink_data_buffer *symlink_buf,
3046 u32 plen, char **target_path,
3047 struct cifs_sb_info *cifs_sb)
3048 {
3049 unsigned int sub_len;
3050 unsigned int sub_offset;
3051
3052 /* We handle Symbolic Link reparse tag here. See: MS-FSCC 2.1.2.4 */
3053
3054 sub_offset = le16_to_cpu(symlink_buf->SubstituteNameOffset);
3055 sub_len = le16_to_cpu(symlink_buf->SubstituteNameLength);
3056 if (sub_offset + 20 > plen ||
3057 sub_offset + sub_len + 20 > plen) {
3058 cifs_dbg(VFS, "srv returned malformed symlink buffer\n");
3059 return -EIO;
3060 }
3061
3062 *target_path = cifs_strndup_from_utf16(
3063 symlink_buf->PathBuffer + sub_offset,
3064 sub_len, true, cifs_sb->local_nls);
3065 if (!(*target_path))
3066 return -ENOMEM;
3067
3068 convert_delimiter(*target_path, '/');
3069 cifs_dbg(FYI, "%s: target path: %s\n", __func__, *target_path);
3070
3071 return 0;
3072 }
3073
3074 static int
parse_reparse_point(struct reparse_data_buffer * buf,u32 plen,char ** target_path,struct cifs_sb_info * cifs_sb)3075 parse_reparse_point(struct reparse_data_buffer *buf,
3076 u32 plen, char **target_path,
3077 struct cifs_sb_info *cifs_sb)
3078 {
3079 if (plen < sizeof(struct reparse_data_buffer)) {
3080 cifs_dbg(VFS, "reparse buffer is too small. Must be at least 8 bytes but was %d\n",
3081 plen);
3082 return -EIO;
3083 }
3084
3085 if (plen < le16_to_cpu(buf->ReparseDataLength) +
3086 sizeof(struct reparse_data_buffer)) {
3087 cifs_dbg(VFS, "srv returned invalid reparse buf length: %d\n",
3088 plen);
3089 return -EIO;
3090 }
3091
3092 /* See MS-FSCC 2.1.2 */
3093 switch (le32_to_cpu(buf->ReparseTag)) {
3094 case IO_REPARSE_TAG_NFS:
3095 return parse_reparse_posix(
3096 (struct reparse_posix_data *)buf,
3097 plen, target_path, cifs_sb);
3098 case IO_REPARSE_TAG_SYMLINK:
3099 return parse_reparse_symlink(
3100 (struct reparse_symlink_data_buffer *)buf,
3101 plen, target_path, cifs_sb);
3102 default:
3103 cifs_dbg(VFS, "srv returned unknown symlink buffer tag:0x%08x\n",
3104 le32_to_cpu(buf->ReparseTag));
3105 return -EOPNOTSUPP;
3106 }
3107 }
3108
3109 #define SMB2_SYMLINK_STRUCT_SIZE \
3110 (sizeof(struct smb2_err_rsp) - 1 + sizeof(struct smb2_symlink_err_rsp))
3111
3112 static int
smb2_query_symlink(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,const char * full_path,char ** target_path,bool is_reparse_point)3113 smb2_query_symlink(const unsigned int xid, struct cifs_tcon *tcon,
3114 struct cifs_sb_info *cifs_sb, const char *full_path,
3115 char **target_path, bool is_reparse_point)
3116 {
3117 int rc;
3118 __le16 *utf16_path = NULL;
3119 __u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
3120 struct cifs_open_parms oparms;
3121 struct cifs_fid fid;
3122 struct kvec err_iov = {NULL, 0};
3123 struct smb2_err_rsp *err_buf = NULL;
3124 struct smb2_symlink_err_rsp *symlink;
3125 struct TCP_Server_Info *server = cifs_pick_channel(tcon->ses);
3126 unsigned int sub_len;
3127 unsigned int sub_offset;
3128 unsigned int print_len;
3129 unsigned int print_offset;
3130 int flags = CIFS_CP_CREATE_CLOSE_OP;
3131 struct smb_rqst rqst[3];
3132 int resp_buftype[3];
3133 struct kvec rsp_iov[3];
3134 struct kvec open_iov[SMB2_CREATE_IOV_SIZE];
3135 struct kvec io_iov[SMB2_IOCTL_IOV_SIZE];
3136 struct kvec close_iov[1];
3137 struct smb2_create_rsp *create_rsp;
3138 struct smb2_ioctl_rsp *ioctl_rsp;
3139 struct reparse_data_buffer *reparse_buf;
3140 int create_options = is_reparse_point ? OPEN_REPARSE_POINT : 0;
3141 u32 plen;
3142
3143 cifs_dbg(FYI, "%s: path: %s\n", __func__, full_path);
3144
3145 *target_path = NULL;
3146
3147 if (smb3_encryption_required(tcon))
3148 flags |= CIFS_TRANSFORM_REQ;
3149
3150 memset(rqst, 0, sizeof(rqst));
3151 resp_buftype[0] = resp_buftype[1] = resp_buftype[2] = CIFS_NO_BUFFER;
3152 memset(rsp_iov, 0, sizeof(rsp_iov));
3153
3154 utf16_path = cifs_convert_path_to_utf16(full_path, cifs_sb);
3155 if (!utf16_path)
3156 return -ENOMEM;
3157
3158 /* Open */
3159 memset(&open_iov, 0, sizeof(open_iov));
3160 rqst[0].rq_iov = open_iov;
3161 rqst[0].rq_nvec = SMB2_CREATE_IOV_SIZE;
3162
3163 memset(&oparms, 0, sizeof(oparms));
3164 oparms.tcon = tcon;
3165 oparms.desired_access = FILE_READ_ATTRIBUTES;
3166 oparms.disposition = FILE_OPEN;
3167 oparms.create_options = cifs_create_options(cifs_sb, create_options);
3168 oparms.fid = &fid;
3169 oparms.reconnect = false;
3170
3171 rc = SMB2_open_init(tcon, server,
3172 &rqst[0], &oplock, &oparms, utf16_path);
3173 if (rc)
3174 goto querty_exit;
3175 smb2_set_next_command(tcon, &rqst[0]);
3176
3177
3178 /* IOCTL */
3179 memset(&io_iov, 0, sizeof(io_iov));
3180 rqst[1].rq_iov = io_iov;
3181 rqst[1].rq_nvec = SMB2_IOCTL_IOV_SIZE;
3182
3183 rc = SMB2_ioctl_init(tcon, server,
3184 &rqst[1], fid.persistent_fid,
3185 fid.volatile_fid, FSCTL_GET_REPARSE_POINT, NULL, 0,
3186 CIFSMaxBufSize -
3187 MAX_SMB2_CREATE_RESPONSE_SIZE -
3188 MAX_SMB2_CLOSE_RESPONSE_SIZE);
3189 if (rc)
3190 goto querty_exit;
3191
3192 smb2_set_next_command(tcon, &rqst[1]);
3193 smb2_set_related(&rqst[1]);
3194
3195
3196 /* Close */
3197 memset(&close_iov, 0, sizeof(close_iov));
3198 rqst[2].rq_iov = close_iov;
3199 rqst[2].rq_nvec = 1;
3200
3201 rc = SMB2_close_init(tcon, server,
3202 &rqst[2], COMPOUND_FID, COMPOUND_FID, false);
3203 if (rc)
3204 goto querty_exit;
3205
3206 smb2_set_related(&rqst[2]);
3207
3208 rc = compound_send_recv(xid, tcon->ses, server,
3209 flags, 3, rqst,
3210 resp_buftype, rsp_iov);
3211
3212 create_rsp = rsp_iov[0].iov_base;
3213 if (create_rsp && create_rsp->hdr.Status)
3214 err_iov = rsp_iov[0];
3215 ioctl_rsp = rsp_iov[1].iov_base;
3216
3217 /*
3218 * Open was successful and we got an ioctl response.
3219 */
3220 if ((rc == 0) && (is_reparse_point)) {
3221 /* See MS-FSCC 2.3.23 */
3222
3223 reparse_buf = (struct reparse_data_buffer *)
3224 ((char *)ioctl_rsp +
3225 le32_to_cpu(ioctl_rsp->OutputOffset));
3226 plen = le32_to_cpu(ioctl_rsp->OutputCount);
3227
3228 if (plen + le32_to_cpu(ioctl_rsp->OutputOffset) >
3229 rsp_iov[1].iov_len) {
3230 cifs_tcon_dbg(VFS, "srv returned invalid ioctl len: %d\n",
3231 plen);
3232 rc = -EIO;
3233 goto querty_exit;
3234 }
3235
3236 rc = parse_reparse_point(reparse_buf, plen, target_path,
3237 cifs_sb);
3238 goto querty_exit;
3239 }
3240
3241 if (!rc || !err_iov.iov_base) {
3242 rc = -ENOENT;
3243 goto querty_exit;
3244 }
3245
3246 err_buf = err_iov.iov_base;
3247 if (le32_to_cpu(err_buf->ByteCount) < sizeof(struct smb2_symlink_err_rsp) ||
3248 err_iov.iov_len < SMB2_SYMLINK_STRUCT_SIZE) {
3249 rc = -EINVAL;
3250 goto querty_exit;
3251 }
3252
3253 symlink = (struct smb2_symlink_err_rsp *)err_buf->ErrorData;
3254 if (le32_to_cpu(symlink->SymLinkErrorTag) != SYMLINK_ERROR_TAG ||
3255 le32_to_cpu(symlink->ReparseTag) != IO_REPARSE_TAG_SYMLINK) {
3256 rc = -EINVAL;
3257 goto querty_exit;
3258 }
3259
3260 /* open must fail on symlink - reset rc */
3261 rc = 0;
3262 sub_len = le16_to_cpu(symlink->SubstituteNameLength);
3263 sub_offset = le16_to_cpu(symlink->SubstituteNameOffset);
3264 print_len = le16_to_cpu(symlink->PrintNameLength);
3265 print_offset = le16_to_cpu(symlink->PrintNameOffset);
3266
3267 if (err_iov.iov_len < SMB2_SYMLINK_STRUCT_SIZE + sub_offset + sub_len) {
3268 rc = -EINVAL;
3269 goto querty_exit;
3270 }
3271
3272 if (err_iov.iov_len <
3273 SMB2_SYMLINK_STRUCT_SIZE + print_offset + print_len) {
3274 rc = -EINVAL;
3275 goto querty_exit;
3276 }
3277
3278 *target_path = cifs_strndup_from_utf16(
3279 (char *)symlink->PathBuffer + sub_offset,
3280 sub_len, true, cifs_sb->local_nls);
3281 if (!(*target_path)) {
3282 rc = -ENOMEM;
3283 goto querty_exit;
3284 }
3285 convert_delimiter(*target_path, '/');
3286 cifs_dbg(FYI, "%s: target path: %s\n", __func__, *target_path);
3287
3288 querty_exit:
3289 cifs_dbg(FYI, "query symlink rc %d\n", rc);
3290 kfree(utf16_path);
3291 SMB2_open_free(&rqst[0]);
3292 SMB2_ioctl_free(&rqst[1]);
3293 SMB2_close_free(&rqst[2]);
3294 free_rsp_buf(resp_buftype[0], rsp_iov[0].iov_base);
3295 free_rsp_buf(resp_buftype[1], rsp_iov[1].iov_base);
3296 free_rsp_buf(resp_buftype[2], rsp_iov[2].iov_base);
3297 return rc;
3298 }
3299
3300 int
smb2_query_reparse_tag(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,const char * full_path,__u32 * tag)3301 smb2_query_reparse_tag(const unsigned int xid, struct cifs_tcon *tcon,
3302 struct cifs_sb_info *cifs_sb, const char *full_path,
3303 __u32 *tag)
3304 {
3305 int rc;
3306 __le16 *utf16_path = NULL;
3307 __u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
3308 struct cifs_open_parms oparms;
3309 struct cifs_fid fid;
3310 struct TCP_Server_Info *server = cifs_pick_channel(tcon->ses);
3311 int flags = CIFS_CP_CREATE_CLOSE_OP;
3312 struct smb_rqst rqst[3];
3313 int resp_buftype[3];
3314 struct kvec rsp_iov[3];
3315 struct kvec open_iov[SMB2_CREATE_IOV_SIZE];
3316 struct kvec io_iov[SMB2_IOCTL_IOV_SIZE];
3317 struct kvec close_iov[1];
3318 struct smb2_ioctl_rsp *ioctl_rsp;
3319 struct reparse_data_buffer *reparse_buf;
3320 u32 plen;
3321
3322 cifs_dbg(FYI, "%s: path: %s\n", __func__, full_path);
3323
3324 if (smb3_encryption_required(tcon))
3325 flags |= CIFS_TRANSFORM_REQ;
3326
3327 memset(rqst, 0, sizeof(rqst));
3328 resp_buftype[0] = resp_buftype[1] = resp_buftype[2] = CIFS_NO_BUFFER;
3329 memset(rsp_iov, 0, sizeof(rsp_iov));
3330
3331 utf16_path = cifs_convert_path_to_utf16(full_path, cifs_sb);
3332 if (!utf16_path)
3333 return -ENOMEM;
3334
3335 /*
3336 * setup smb2open - TODO add optimization to call cifs_get_readable_path
3337 * to see if there is a handle already open that we can use
3338 */
3339 memset(&open_iov, 0, sizeof(open_iov));
3340 rqst[0].rq_iov = open_iov;
3341 rqst[0].rq_nvec = SMB2_CREATE_IOV_SIZE;
3342
3343 memset(&oparms, 0, sizeof(oparms));
3344 oparms.tcon = tcon;
3345 oparms.desired_access = FILE_READ_ATTRIBUTES;
3346 oparms.disposition = FILE_OPEN;
3347 oparms.create_options = cifs_create_options(cifs_sb, OPEN_REPARSE_POINT);
3348 oparms.fid = &fid;
3349 oparms.reconnect = false;
3350
3351 rc = SMB2_open_init(tcon, server,
3352 &rqst[0], &oplock, &oparms, utf16_path);
3353 if (rc)
3354 goto query_rp_exit;
3355 smb2_set_next_command(tcon, &rqst[0]);
3356
3357
3358 /* IOCTL */
3359 memset(&io_iov, 0, sizeof(io_iov));
3360 rqst[1].rq_iov = io_iov;
3361 rqst[1].rq_nvec = SMB2_IOCTL_IOV_SIZE;
3362
3363 rc = SMB2_ioctl_init(tcon, server,
3364 &rqst[1], COMPOUND_FID,
3365 COMPOUND_FID, FSCTL_GET_REPARSE_POINT, NULL, 0,
3366 CIFSMaxBufSize -
3367 MAX_SMB2_CREATE_RESPONSE_SIZE -
3368 MAX_SMB2_CLOSE_RESPONSE_SIZE);
3369 if (rc)
3370 goto query_rp_exit;
3371
3372 smb2_set_next_command(tcon, &rqst[1]);
3373 smb2_set_related(&rqst[1]);
3374
3375
3376 /* Close */
3377 memset(&close_iov, 0, sizeof(close_iov));
3378 rqst[2].rq_iov = close_iov;
3379 rqst[2].rq_nvec = 1;
3380
3381 rc = SMB2_close_init(tcon, server,
3382 &rqst[2], COMPOUND_FID, COMPOUND_FID, false);
3383 if (rc)
3384 goto query_rp_exit;
3385
3386 smb2_set_related(&rqst[2]);
3387
3388 rc = compound_send_recv(xid, tcon->ses, server,
3389 flags, 3, rqst,
3390 resp_buftype, rsp_iov);
3391
3392 ioctl_rsp = rsp_iov[1].iov_base;
3393
3394 /*
3395 * Open was successful and we got an ioctl response.
3396 */
3397 if (rc == 0) {
3398 /* See MS-FSCC 2.3.23 */
3399
3400 reparse_buf = (struct reparse_data_buffer *)
3401 ((char *)ioctl_rsp +
3402 le32_to_cpu(ioctl_rsp->OutputOffset));
3403 plen = le32_to_cpu(ioctl_rsp->OutputCount);
3404
3405 if (plen + le32_to_cpu(ioctl_rsp->OutputOffset) >
3406 rsp_iov[1].iov_len) {
3407 cifs_tcon_dbg(FYI, "srv returned invalid ioctl len: %d\n",
3408 plen);
3409 rc = -EIO;
3410 goto query_rp_exit;
3411 }
3412 *tag = le32_to_cpu(reparse_buf->ReparseTag);
3413 }
3414
3415 query_rp_exit:
3416 kfree(utf16_path);
3417 SMB2_open_free(&rqst[0]);
3418 SMB2_ioctl_free(&rqst[1]);
3419 SMB2_close_free(&rqst[2]);
3420 free_rsp_buf(resp_buftype[0], rsp_iov[0].iov_base);
3421 free_rsp_buf(resp_buftype[1], rsp_iov[1].iov_base);
3422 free_rsp_buf(resp_buftype[2], rsp_iov[2].iov_base);
3423 return rc;
3424 }
3425
3426 static struct cifs_ntsd *
get_smb2_acl_by_fid(struct cifs_sb_info * cifs_sb,const struct cifs_fid * cifsfid,u32 * pacllen,u32 info)3427 get_smb2_acl_by_fid(struct cifs_sb_info *cifs_sb,
3428 const struct cifs_fid *cifsfid, u32 *pacllen, u32 info)
3429 {
3430 struct cifs_ntsd *pntsd = NULL;
3431 unsigned int xid;
3432 int rc = -EOPNOTSUPP;
3433 struct tcon_link *tlink = cifs_sb_tlink(cifs_sb);
3434
3435 if (IS_ERR(tlink))
3436 return ERR_CAST(tlink);
3437
3438 xid = get_xid();
3439 cifs_dbg(FYI, "trying to get acl\n");
3440
3441 rc = SMB2_query_acl(xid, tlink_tcon(tlink), cifsfid->persistent_fid,
3442 cifsfid->volatile_fid, (void **)&pntsd, pacllen,
3443 info);
3444 free_xid(xid);
3445
3446 cifs_put_tlink(tlink);
3447
3448 cifs_dbg(FYI, "%s: rc = %d ACL len %d\n", __func__, rc, *pacllen);
3449 if (rc)
3450 return ERR_PTR(rc);
3451 return pntsd;
3452
3453 }
3454
3455 static struct cifs_ntsd *
get_smb2_acl_by_path(struct cifs_sb_info * cifs_sb,const char * path,u32 * pacllen,u32 info)3456 get_smb2_acl_by_path(struct cifs_sb_info *cifs_sb,
3457 const char *path, u32 *pacllen, u32 info)
3458 {
3459 struct cifs_ntsd *pntsd = NULL;
3460 u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
3461 unsigned int xid;
3462 int rc;
3463 struct cifs_tcon *tcon;
3464 struct tcon_link *tlink = cifs_sb_tlink(cifs_sb);
3465 struct cifs_fid fid;
3466 struct cifs_open_parms oparms;
3467 __le16 *utf16_path;
3468
3469 cifs_dbg(FYI, "get smb3 acl for path %s\n", path);
3470 if (IS_ERR(tlink))
3471 return ERR_CAST(tlink);
3472
3473 tcon = tlink_tcon(tlink);
3474 xid = get_xid();
3475
3476 utf16_path = cifs_convert_path_to_utf16(path, cifs_sb);
3477 if (!utf16_path) {
3478 rc = -ENOMEM;
3479 free_xid(xid);
3480 return ERR_PTR(rc);
3481 }
3482
3483 oparms.tcon = tcon;
3484 oparms.desired_access = READ_CONTROL;
3485 oparms.disposition = FILE_OPEN;
3486 /*
3487 * When querying an ACL, even if the file is a symlink we want to open
3488 * the source not the target, and so the protocol requires that the
3489 * client specify this flag when opening a reparse point
3490 */
3491 oparms.create_options = cifs_create_options(cifs_sb, 0) | OPEN_REPARSE_POINT;
3492 oparms.fid = &fid;
3493 oparms.reconnect = false;
3494
3495 if (info & SACL_SECINFO)
3496 oparms.desired_access |= SYSTEM_SECURITY;
3497
3498 rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, NULL, NULL,
3499 NULL);
3500 kfree(utf16_path);
3501 if (!rc) {
3502 rc = SMB2_query_acl(xid, tlink_tcon(tlink), fid.persistent_fid,
3503 fid.volatile_fid, (void **)&pntsd, pacllen,
3504 info);
3505 SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
3506 }
3507
3508 cifs_put_tlink(tlink);
3509 free_xid(xid);
3510
3511 cifs_dbg(FYI, "%s: rc = %d ACL len %d\n", __func__, rc, *pacllen);
3512 if (rc)
3513 return ERR_PTR(rc);
3514 return pntsd;
3515 }
3516
3517 static int
set_smb2_acl(struct cifs_ntsd * pnntsd,__u32 acllen,struct inode * inode,const char * path,int aclflag)3518 set_smb2_acl(struct cifs_ntsd *pnntsd, __u32 acllen,
3519 struct inode *inode, const char *path, int aclflag)
3520 {
3521 u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
3522 unsigned int xid;
3523 int rc, access_flags = 0;
3524 struct cifs_tcon *tcon;
3525 struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);
3526 struct tcon_link *tlink = cifs_sb_tlink(cifs_sb);
3527 struct cifs_fid fid;
3528 struct cifs_open_parms oparms;
3529 __le16 *utf16_path;
3530
3531 cifs_dbg(FYI, "set smb3 acl for path %s\n", path);
3532 if (IS_ERR(tlink))
3533 return PTR_ERR(tlink);
3534
3535 tcon = tlink_tcon(tlink);
3536 xid = get_xid();
3537
3538 if (aclflag & CIFS_ACL_OWNER || aclflag & CIFS_ACL_GROUP)
3539 access_flags |= WRITE_OWNER;
3540 if (aclflag & CIFS_ACL_SACL)
3541 access_flags |= SYSTEM_SECURITY;
3542 if (aclflag & CIFS_ACL_DACL)
3543 access_flags |= WRITE_DAC;
3544
3545 utf16_path = cifs_convert_path_to_utf16(path, cifs_sb);
3546 if (!utf16_path) {
3547 rc = -ENOMEM;
3548 free_xid(xid);
3549 return rc;
3550 }
3551
3552 oparms.tcon = tcon;
3553 oparms.desired_access = access_flags;
3554 oparms.create_options = cifs_create_options(cifs_sb, 0);
3555 oparms.disposition = FILE_OPEN;
3556 oparms.path = path;
3557 oparms.fid = &fid;
3558 oparms.reconnect = false;
3559
3560 rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, NULL,
3561 NULL, NULL);
3562 kfree(utf16_path);
3563 if (!rc) {
3564 rc = SMB2_set_acl(xid, tlink_tcon(tlink), fid.persistent_fid,
3565 fid.volatile_fid, pnntsd, acllen, aclflag);
3566 SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
3567 }
3568
3569 cifs_put_tlink(tlink);
3570 free_xid(xid);
3571 return rc;
3572 }
3573
3574 /* Retrieve an ACL from the server */
3575 static struct cifs_ntsd *
get_smb2_acl(struct cifs_sb_info * cifs_sb,struct inode * inode,const char * path,u32 * pacllen,u32 info)3576 get_smb2_acl(struct cifs_sb_info *cifs_sb,
3577 struct inode *inode, const char *path,
3578 u32 *pacllen, u32 info)
3579 {
3580 struct cifs_ntsd *pntsd = NULL;
3581 struct cifsFileInfo *open_file = NULL;
3582
3583 if (inode && !(info & SACL_SECINFO))
3584 open_file = find_readable_file(CIFS_I(inode), true);
3585 if (!open_file || (info & SACL_SECINFO))
3586 return get_smb2_acl_by_path(cifs_sb, path, pacllen, info);
3587
3588 pntsd = get_smb2_acl_by_fid(cifs_sb, &open_file->fid, pacllen, info);
3589 cifsFileInfo_put(open_file);
3590 return pntsd;
3591 }
3592
smb3_zero_data(struct file * file,struct cifs_tcon * tcon,loff_t offset,loff_t len,unsigned int xid)3593 static long smb3_zero_data(struct file *file, struct cifs_tcon *tcon,
3594 loff_t offset, loff_t len, unsigned int xid)
3595 {
3596 struct cifsFileInfo *cfile = file->private_data;
3597 struct file_zero_data_information fsctl_buf;
3598
3599 cifs_dbg(FYI, "Offset %lld len %lld\n", offset, len);
3600
3601 fsctl_buf.FileOffset = cpu_to_le64(offset);
3602 fsctl_buf.BeyondFinalZero = cpu_to_le64(offset + len);
3603
3604 return SMB2_ioctl(xid, tcon, cfile->fid.persistent_fid,
3605 cfile->fid.volatile_fid, FSCTL_SET_ZERO_DATA,
3606 (char *)&fsctl_buf,
3607 sizeof(struct file_zero_data_information),
3608 0, NULL, NULL);
3609 }
3610
smb3_zero_range(struct file * file,struct cifs_tcon * tcon,loff_t offset,loff_t len,bool keep_size)3611 static long smb3_zero_range(struct file *file, struct cifs_tcon *tcon,
3612 loff_t offset, loff_t len, bool keep_size)
3613 {
3614 struct cifs_ses *ses = tcon->ses;
3615 struct inode *inode = file_inode(file);
3616 struct cifsInodeInfo *cifsi = CIFS_I(inode);
3617 struct cifsFileInfo *cfile = file->private_data;
3618 long rc;
3619 unsigned int xid;
3620 __le64 eof;
3621
3622 xid = get_xid();
3623
3624 trace_smb3_zero_enter(xid, cfile->fid.persistent_fid, tcon->tid,
3625 ses->Suid, offset, len);
3626
3627 inode_lock(inode);
3628 filemap_invalidate_lock(inode->i_mapping);
3629
3630 /*
3631 * We zero the range through ioctl, so we need remove the page caches
3632 * first, otherwise the data may be inconsistent with the server.
3633 */
3634 truncate_pagecache_range(inode, offset, offset + len - 1);
3635
3636 /* if file not oplocked can't be sure whether asking to extend size */
3637 rc = -EOPNOTSUPP;
3638 if (keep_size == false && !CIFS_CACHE_READ(cifsi))
3639 goto zero_range_exit;
3640
3641 rc = smb3_zero_data(file, tcon, offset, len, xid);
3642 if (rc < 0)
3643 goto zero_range_exit;
3644
3645 /*
3646 * do we also need to change the size of the file?
3647 */
3648 if (keep_size == false && i_size_read(inode) < offset + len) {
3649 eof = cpu_to_le64(offset + len);
3650 rc = SMB2_set_eof(xid, tcon, cfile->fid.persistent_fid,
3651 cfile->fid.volatile_fid, cfile->pid, &eof);
3652 }
3653
3654 zero_range_exit:
3655 filemap_invalidate_unlock(inode->i_mapping);
3656 inode_unlock(inode);
3657 free_xid(xid);
3658 if (rc)
3659 trace_smb3_zero_err(xid, cfile->fid.persistent_fid, tcon->tid,
3660 ses->Suid, offset, len, rc);
3661 else
3662 trace_smb3_zero_done(xid, cfile->fid.persistent_fid, tcon->tid,
3663 ses->Suid, offset, len);
3664 return rc;
3665 }
3666
smb3_punch_hole(struct file * file,struct cifs_tcon * tcon,loff_t offset,loff_t len)3667 static long smb3_punch_hole(struct file *file, struct cifs_tcon *tcon,
3668 loff_t offset, loff_t len)
3669 {
3670 struct inode *inode = file_inode(file);
3671 struct cifsFileInfo *cfile = file->private_data;
3672 struct file_zero_data_information fsctl_buf;
3673 long rc;
3674 unsigned int xid;
3675 __u8 set_sparse = 1;
3676
3677 xid = get_xid();
3678
3679 inode_lock(inode);
3680 /* Need to make file sparse, if not already, before freeing range. */
3681 /* Consider adding equivalent for compressed since it could also work */
3682 if (!smb2_set_sparse(xid, tcon, cfile, inode, set_sparse)) {
3683 rc = -EOPNOTSUPP;
3684 goto out;
3685 }
3686
3687 filemap_invalidate_lock(inode->i_mapping);
3688 /*
3689 * We implement the punch hole through ioctl, so we need remove the page
3690 * caches first, otherwise the data may be inconsistent with the server.
3691 */
3692 truncate_pagecache_range(inode, offset, offset + len - 1);
3693
3694 cifs_dbg(FYI, "Offset %lld len %lld\n", offset, len);
3695
3696 fsctl_buf.FileOffset = cpu_to_le64(offset);
3697 fsctl_buf.BeyondFinalZero = cpu_to_le64(offset + len);
3698
3699 rc = SMB2_ioctl(xid, tcon, cfile->fid.persistent_fid,
3700 cfile->fid.volatile_fid, FSCTL_SET_ZERO_DATA,
3701 (char *)&fsctl_buf,
3702 sizeof(struct file_zero_data_information),
3703 CIFSMaxBufSize, NULL, NULL);
3704 filemap_invalidate_unlock(inode->i_mapping);
3705 out:
3706 inode_unlock(inode);
3707 free_xid(xid);
3708 return rc;
3709 }
3710
smb3_simple_fallocate_write_range(unsigned int xid,struct cifs_tcon * tcon,struct cifsFileInfo * cfile,loff_t off,loff_t len,char * buf)3711 static int smb3_simple_fallocate_write_range(unsigned int xid,
3712 struct cifs_tcon *tcon,
3713 struct cifsFileInfo *cfile,
3714 loff_t off, loff_t len,
3715 char *buf)
3716 {
3717 struct cifs_io_parms io_parms = {0};
3718 int nbytes;
3719 int rc = 0;
3720 struct kvec iov[2];
3721
3722 io_parms.netfid = cfile->fid.netfid;
3723 io_parms.pid = current->tgid;
3724 io_parms.tcon = tcon;
3725 io_parms.persistent_fid = cfile->fid.persistent_fid;
3726 io_parms.volatile_fid = cfile->fid.volatile_fid;
3727
3728 while (len) {
3729 io_parms.offset = off;
3730 io_parms.length = len;
3731 if (io_parms.length > SMB2_MAX_BUFFER_SIZE)
3732 io_parms.length = SMB2_MAX_BUFFER_SIZE;
3733 /* iov[0] is reserved for smb header */
3734 iov[1].iov_base = buf;
3735 iov[1].iov_len = io_parms.length;
3736 rc = SMB2_write(xid, &io_parms, &nbytes, iov, 1);
3737 if (rc)
3738 break;
3739 if (nbytes > len)
3740 return -EINVAL;
3741 buf += nbytes;
3742 off += nbytes;
3743 len -= nbytes;
3744 }
3745 return rc;
3746 }
3747
smb3_simple_fallocate_range(unsigned int xid,struct cifs_tcon * tcon,struct cifsFileInfo * cfile,loff_t off,loff_t len)3748 static int smb3_simple_fallocate_range(unsigned int xid,
3749 struct cifs_tcon *tcon,
3750 struct cifsFileInfo *cfile,
3751 loff_t off, loff_t len)
3752 {
3753 struct file_allocated_range_buffer in_data, *out_data = NULL, *tmp_data;
3754 u32 out_data_len;
3755 char *buf = NULL;
3756 loff_t l;
3757 int rc;
3758
3759 in_data.file_offset = cpu_to_le64(off);
3760 in_data.length = cpu_to_le64(len);
3761 rc = SMB2_ioctl(xid, tcon, cfile->fid.persistent_fid,
3762 cfile->fid.volatile_fid,
3763 FSCTL_QUERY_ALLOCATED_RANGES,
3764 (char *)&in_data, sizeof(in_data),
3765 1024 * sizeof(struct file_allocated_range_buffer),
3766 (char **)&out_data, &out_data_len);
3767 if (rc)
3768 goto out;
3769
3770 buf = kzalloc(1024 * 1024, GFP_KERNEL);
3771 if (buf == NULL) {
3772 rc = -ENOMEM;
3773 goto out;
3774 }
3775
3776 tmp_data = out_data;
3777 while (len) {
3778 /*
3779 * The rest of the region is unmapped so write it all.
3780 */
3781 if (out_data_len == 0) {
3782 rc = smb3_simple_fallocate_write_range(xid, tcon,
3783 cfile, off, len, buf);
3784 goto out;
3785 }
3786
3787 if (out_data_len < sizeof(struct file_allocated_range_buffer)) {
3788 rc = -EINVAL;
3789 goto out;
3790 }
3791
3792 if (off < le64_to_cpu(tmp_data->file_offset)) {
3793 /*
3794 * We are at a hole. Write until the end of the region
3795 * or until the next allocated data,
3796 * whichever comes next.
3797 */
3798 l = le64_to_cpu(tmp_data->file_offset) - off;
3799 if (len < l)
3800 l = len;
3801 rc = smb3_simple_fallocate_write_range(xid, tcon,
3802 cfile, off, l, buf);
3803 if (rc)
3804 goto out;
3805 off = off + l;
3806 len = len - l;
3807 if (len == 0)
3808 goto out;
3809 }
3810 /*
3811 * We are at a section of allocated data, just skip forward
3812 * until the end of the data or the end of the region
3813 * we are supposed to fallocate, whichever comes first.
3814 */
3815 l = le64_to_cpu(tmp_data->length);
3816 if (len < l)
3817 l = len;
3818 off += l;
3819 len -= l;
3820
3821 tmp_data = &tmp_data[1];
3822 out_data_len -= sizeof(struct file_allocated_range_buffer);
3823 }
3824
3825 out:
3826 kfree(out_data);
3827 kfree(buf);
3828 return rc;
3829 }
3830
3831
smb3_simple_falloc(struct file * file,struct cifs_tcon * tcon,loff_t off,loff_t len,bool keep_size)3832 static long smb3_simple_falloc(struct file *file, struct cifs_tcon *tcon,
3833 loff_t off, loff_t len, bool keep_size)
3834 {
3835 struct inode *inode;
3836 struct cifsInodeInfo *cifsi;
3837 struct cifsFileInfo *cfile = file->private_data;
3838 long rc = -EOPNOTSUPP;
3839 unsigned int xid;
3840 __le64 eof;
3841
3842 xid = get_xid();
3843
3844 inode = d_inode(cfile->dentry);
3845 cifsi = CIFS_I(inode);
3846
3847 trace_smb3_falloc_enter(xid, cfile->fid.persistent_fid, tcon->tid,
3848 tcon->ses->Suid, off, len);
3849 /* if file not oplocked can't be sure whether asking to extend size */
3850 if (!CIFS_CACHE_READ(cifsi))
3851 if (keep_size == false) {
3852 trace_smb3_falloc_err(xid, cfile->fid.persistent_fid,
3853 tcon->tid, tcon->ses->Suid, off, len, rc);
3854 free_xid(xid);
3855 return rc;
3856 }
3857
3858 /*
3859 * Extending the file
3860 */
3861 if ((keep_size == false) && i_size_read(inode) < off + len) {
3862 rc = inode_newsize_ok(inode, off + len);
3863 if (rc)
3864 goto out;
3865
3866 if (cifsi->cifsAttrs & FILE_ATTRIBUTE_SPARSE_FILE)
3867 smb2_set_sparse(xid, tcon, cfile, inode, false);
3868
3869 eof = cpu_to_le64(off + len);
3870 rc = SMB2_set_eof(xid, tcon, cfile->fid.persistent_fid,
3871 cfile->fid.volatile_fid, cfile->pid, &eof);
3872 if (rc == 0) {
3873 cifsi->server_eof = off + len;
3874 cifs_setsize(inode, off + len);
3875 cifs_truncate_page(inode->i_mapping, inode->i_size);
3876 truncate_setsize(inode, off + len);
3877 }
3878 goto out;
3879 }
3880
3881 /*
3882 * Files are non-sparse by default so falloc may be a no-op
3883 * Must check if file sparse. If not sparse, and since we are not
3884 * extending then no need to do anything since file already allocated
3885 */
3886 if ((cifsi->cifsAttrs & FILE_ATTRIBUTE_SPARSE_FILE) == 0) {
3887 rc = 0;
3888 goto out;
3889 }
3890
3891 if (keep_size == true) {
3892 /*
3893 * We can not preallocate pages beyond the end of the file
3894 * in SMB2
3895 */
3896 if (off >= i_size_read(inode)) {
3897 rc = 0;
3898 goto out;
3899 }
3900 /*
3901 * For fallocates that are partially beyond the end of file,
3902 * clamp len so we only fallocate up to the end of file.
3903 */
3904 if (off + len > i_size_read(inode)) {
3905 len = i_size_read(inode) - off;
3906 }
3907 }
3908
3909 if ((keep_size == true) || (i_size_read(inode) >= off + len)) {
3910 /*
3911 * At this point, we are trying to fallocate an internal
3912 * regions of a sparse file. Since smb2 does not have a
3913 * fallocate command we have two otions on how to emulate this.
3914 * We can either turn the entire file to become non-sparse
3915 * which we only do if the fallocate is for virtually
3916 * the whole file, or we can overwrite the region with zeroes
3917 * using SMB2_write, which could be prohibitevly expensive
3918 * if len is large.
3919 */
3920 /*
3921 * We are only trying to fallocate a small region so
3922 * just write it with zero.
3923 */
3924 if (len <= 1024 * 1024) {
3925 rc = smb3_simple_fallocate_range(xid, tcon, cfile,
3926 off, len);
3927 goto out;
3928 }
3929
3930 /*
3931 * Check if falloc starts within first few pages of file
3932 * and ends within a few pages of the end of file to
3933 * ensure that most of file is being forced to be
3934 * fallocated now. If so then setting whole file sparse
3935 * ie potentially making a few extra pages at the beginning
3936 * or end of the file non-sparse via set_sparse is harmless.
3937 */
3938 if ((off > 8192) || (off + len + 8192 < i_size_read(inode))) {
3939 rc = -EOPNOTSUPP;
3940 goto out;
3941 }
3942 }
3943
3944 smb2_set_sparse(xid, tcon, cfile, inode, false);
3945 rc = 0;
3946
3947 out:
3948 if (rc)
3949 trace_smb3_falloc_err(xid, cfile->fid.persistent_fid, tcon->tid,
3950 tcon->ses->Suid, off, len, rc);
3951 else
3952 trace_smb3_falloc_done(xid, cfile->fid.persistent_fid, tcon->tid,
3953 tcon->ses->Suid, off, len);
3954
3955 free_xid(xid);
3956 return rc;
3957 }
3958
smb3_collapse_range(struct file * file,struct cifs_tcon * tcon,loff_t off,loff_t len)3959 static long smb3_collapse_range(struct file *file, struct cifs_tcon *tcon,
3960 loff_t off, loff_t len)
3961 {
3962 int rc;
3963 unsigned int xid;
3964 struct inode *inode;
3965 struct cifsFileInfo *cfile = file->private_data;
3966 struct cifsInodeInfo *cifsi;
3967 __le64 eof;
3968
3969 xid = get_xid();
3970
3971 inode = d_inode(cfile->dentry);
3972 cifsi = CIFS_I(inode);
3973
3974 if (off >= i_size_read(inode) ||
3975 off + len >= i_size_read(inode)) {
3976 rc = -EINVAL;
3977 goto out;
3978 }
3979
3980 rc = smb2_copychunk_range(xid, cfile, cfile, off + len,
3981 i_size_read(inode) - off - len, off);
3982 if (rc < 0)
3983 goto out;
3984
3985 eof = cpu_to_le64(i_size_read(inode) - len);
3986 rc = SMB2_set_eof(xid, tcon, cfile->fid.persistent_fid,
3987 cfile->fid.volatile_fid, cfile->pid, &eof);
3988 if (rc < 0)
3989 goto out;
3990
3991 rc = 0;
3992
3993 cifsi->server_eof = i_size_read(inode) - len;
3994 truncate_setsize(inode, cifsi->server_eof);
3995 fscache_resize_cookie(cifs_inode_cookie(inode), cifsi->server_eof);
3996 out:
3997 free_xid(xid);
3998 return rc;
3999 }
4000
smb3_insert_range(struct file * file,struct cifs_tcon * tcon,loff_t off,loff_t len)4001 static long smb3_insert_range(struct file *file, struct cifs_tcon *tcon,
4002 loff_t off, loff_t len)
4003 {
4004 int rc;
4005 unsigned int xid;
4006 struct cifsFileInfo *cfile = file->private_data;
4007 __le64 eof;
4008 __u64 count;
4009
4010 xid = get_xid();
4011
4012 if (off >= i_size_read(file->f_inode)) {
4013 rc = -EINVAL;
4014 goto out;
4015 }
4016
4017 count = i_size_read(file->f_inode) - off;
4018 eof = cpu_to_le64(i_size_read(file->f_inode) + len);
4019
4020 rc = SMB2_set_eof(xid, tcon, cfile->fid.persistent_fid,
4021 cfile->fid.volatile_fid, cfile->pid, &eof);
4022 if (rc < 0)
4023 goto out;
4024
4025 rc = smb2_copychunk_range(xid, cfile, cfile, off, count, off + len);
4026 if (rc < 0)
4027 goto out;
4028
4029 rc = smb3_zero_range(file, tcon, off, len, 1);
4030 if (rc < 0)
4031 goto out;
4032
4033 rc = 0;
4034 out:
4035 free_xid(xid);
4036 return rc;
4037 }
4038
smb3_llseek(struct file * file,struct cifs_tcon * tcon,loff_t offset,int whence)4039 static loff_t smb3_llseek(struct file *file, struct cifs_tcon *tcon, loff_t offset, int whence)
4040 {
4041 struct cifsFileInfo *wrcfile, *cfile = file->private_data;
4042 struct cifsInodeInfo *cifsi;
4043 struct inode *inode;
4044 int rc = 0;
4045 struct file_allocated_range_buffer in_data, *out_data = NULL;
4046 u32 out_data_len;
4047 unsigned int xid;
4048
4049 if (whence != SEEK_HOLE && whence != SEEK_DATA)
4050 return generic_file_llseek(file, offset, whence);
4051
4052 inode = d_inode(cfile->dentry);
4053 cifsi = CIFS_I(inode);
4054
4055 if (offset < 0 || offset >= i_size_read(inode))
4056 return -ENXIO;
4057
4058 xid = get_xid();
4059 /*
4060 * We need to be sure that all dirty pages are written as they
4061 * might fill holes on the server.
4062 * Note that we also MUST flush any written pages since at least
4063 * some servers (Windows2016) will not reflect recent writes in
4064 * QUERY_ALLOCATED_RANGES until SMB2_flush is called.
4065 */
4066 wrcfile = find_writable_file(cifsi, FIND_WR_ANY);
4067 if (wrcfile) {
4068 filemap_write_and_wait(inode->i_mapping);
4069 smb2_flush_file(xid, tcon, &wrcfile->fid);
4070 cifsFileInfo_put(wrcfile);
4071 }
4072
4073 if (!(cifsi->cifsAttrs & FILE_ATTRIBUTE_SPARSE_FILE)) {
4074 if (whence == SEEK_HOLE)
4075 offset = i_size_read(inode);
4076 goto lseek_exit;
4077 }
4078
4079 in_data.file_offset = cpu_to_le64(offset);
4080 in_data.length = cpu_to_le64(i_size_read(inode));
4081
4082 rc = SMB2_ioctl(xid, tcon, cfile->fid.persistent_fid,
4083 cfile->fid.volatile_fid,
4084 FSCTL_QUERY_ALLOCATED_RANGES,
4085 (char *)&in_data, sizeof(in_data),
4086 sizeof(struct file_allocated_range_buffer),
4087 (char **)&out_data, &out_data_len);
4088 if (rc == -E2BIG)
4089 rc = 0;
4090 if (rc)
4091 goto lseek_exit;
4092
4093 if (whence == SEEK_HOLE && out_data_len == 0)
4094 goto lseek_exit;
4095
4096 if (whence == SEEK_DATA && out_data_len == 0) {
4097 rc = -ENXIO;
4098 goto lseek_exit;
4099 }
4100
4101 if (out_data_len < sizeof(struct file_allocated_range_buffer)) {
4102 rc = -EINVAL;
4103 goto lseek_exit;
4104 }
4105 if (whence == SEEK_DATA) {
4106 offset = le64_to_cpu(out_data->file_offset);
4107 goto lseek_exit;
4108 }
4109 if (offset < le64_to_cpu(out_data->file_offset))
4110 goto lseek_exit;
4111
4112 offset = le64_to_cpu(out_data->file_offset) + le64_to_cpu(out_data->length);
4113
4114 lseek_exit:
4115 free_xid(xid);
4116 kfree(out_data);
4117 if (!rc)
4118 return vfs_setpos(file, offset, inode->i_sb->s_maxbytes);
4119 else
4120 return rc;
4121 }
4122
smb3_fiemap(struct cifs_tcon * tcon,struct cifsFileInfo * cfile,struct fiemap_extent_info * fei,u64 start,u64 len)4123 static int smb3_fiemap(struct cifs_tcon *tcon,
4124 struct cifsFileInfo *cfile,
4125 struct fiemap_extent_info *fei, u64 start, u64 len)
4126 {
4127 unsigned int xid;
4128 struct file_allocated_range_buffer in_data, *out_data;
4129 u32 out_data_len;
4130 int i, num, rc, flags, last_blob;
4131 u64 next;
4132
4133 rc = fiemap_prep(d_inode(cfile->dentry), fei, start, &len, 0);
4134 if (rc)
4135 return rc;
4136
4137 xid = get_xid();
4138 again:
4139 in_data.file_offset = cpu_to_le64(start);
4140 in_data.length = cpu_to_le64(len);
4141
4142 rc = SMB2_ioctl(xid, tcon, cfile->fid.persistent_fid,
4143 cfile->fid.volatile_fid,
4144 FSCTL_QUERY_ALLOCATED_RANGES,
4145 (char *)&in_data, sizeof(in_data),
4146 1024 * sizeof(struct file_allocated_range_buffer),
4147 (char **)&out_data, &out_data_len);
4148 if (rc == -E2BIG) {
4149 last_blob = 0;
4150 rc = 0;
4151 } else
4152 last_blob = 1;
4153 if (rc)
4154 goto out;
4155
4156 if (out_data_len && out_data_len < sizeof(struct file_allocated_range_buffer)) {
4157 rc = -EINVAL;
4158 goto out;
4159 }
4160 if (out_data_len % sizeof(struct file_allocated_range_buffer)) {
4161 rc = -EINVAL;
4162 goto out;
4163 }
4164
4165 num = out_data_len / sizeof(struct file_allocated_range_buffer);
4166 for (i = 0; i < num; i++) {
4167 flags = 0;
4168 if (i == num - 1 && last_blob)
4169 flags |= FIEMAP_EXTENT_LAST;
4170
4171 rc = fiemap_fill_next_extent(fei,
4172 le64_to_cpu(out_data[i].file_offset),
4173 le64_to_cpu(out_data[i].file_offset),
4174 le64_to_cpu(out_data[i].length),
4175 flags);
4176 if (rc < 0)
4177 goto out;
4178 if (rc == 1) {
4179 rc = 0;
4180 goto out;
4181 }
4182 }
4183
4184 if (!last_blob) {
4185 next = le64_to_cpu(out_data[num - 1].file_offset) +
4186 le64_to_cpu(out_data[num - 1].length);
4187 len = len - (next - start);
4188 start = next;
4189 goto again;
4190 }
4191
4192 out:
4193 free_xid(xid);
4194 kfree(out_data);
4195 return rc;
4196 }
4197
smb3_fallocate(struct file * file,struct cifs_tcon * tcon,int mode,loff_t off,loff_t len)4198 static long smb3_fallocate(struct file *file, struct cifs_tcon *tcon, int mode,
4199 loff_t off, loff_t len)
4200 {
4201 /* KEEP_SIZE already checked for by do_fallocate */
4202 if (mode & FALLOC_FL_PUNCH_HOLE)
4203 return smb3_punch_hole(file, tcon, off, len);
4204 else if (mode & FALLOC_FL_ZERO_RANGE) {
4205 if (mode & FALLOC_FL_KEEP_SIZE)
4206 return smb3_zero_range(file, tcon, off, len, true);
4207 return smb3_zero_range(file, tcon, off, len, false);
4208 } else if (mode == FALLOC_FL_KEEP_SIZE)
4209 return smb3_simple_falloc(file, tcon, off, len, true);
4210 else if (mode == FALLOC_FL_COLLAPSE_RANGE)
4211 return smb3_collapse_range(file, tcon, off, len);
4212 else if (mode == FALLOC_FL_INSERT_RANGE)
4213 return smb3_insert_range(file, tcon, off, len);
4214 else if (mode == 0)
4215 return smb3_simple_falloc(file, tcon, off, len, false);
4216
4217 return -EOPNOTSUPP;
4218 }
4219
4220 static void
smb2_downgrade_oplock(struct TCP_Server_Info * server,struct cifsInodeInfo * cinode,__u32 oplock,unsigned int epoch,bool * purge_cache)4221 smb2_downgrade_oplock(struct TCP_Server_Info *server,
4222 struct cifsInodeInfo *cinode, __u32 oplock,
4223 unsigned int epoch, bool *purge_cache)
4224 {
4225 server->ops->set_oplock_level(cinode, oplock, 0, NULL);
4226 }
4227
4228 static void
4229 smb21_set_oplock_level(struct cifsInodeInfo *cinode, __u32 oplock,
4230 unsigned int epoch, bool *purge_cache);
4231
4232 static void
smb3_downgrade_oplock(struct TCP_Server_Info * server,struct cifsInodeInfo * cinode,__u32 oplock,unsigned int epoch,bool * purge_cache)4233 smb3_downgrade_oplock(struct TCP_Server_Info *server,
4234 struct cifsInodeInfo *cinode, __u32 oplock,
4235 unsigned int epoch, bool *purge_cache)
4236 {
4237 unsigned int old_state = cinode->oplock;
4238 unsigned int old_epoch = cinode->epoch;
4239 unsigned int new_state;
4240
4241 if (epoch > old_epoch) {
4242 smb21_set_oplock_level(cinode, oplock, 0, NULL);
4243 cinode->epoch = epoch;
4244 }
4245
4246 new_state = cinode->oplock;
4247 *purge_cache = false;
4248
4249 if ((old_state & CIFS_CACHE_READ_FLG) != 0 &&
4250 (new_state & CIFS_CACHE_READ_FLG) == 0)
4251 *purge_cache = true;
4252 else if (old_state == new_state && (epoch - old_epoch > 1))
4253 *purge_cache = true;
4254 }
4255
4256 static void
smb2_set_oplock_level(struct cifsInodeInfo * cinode,__u32 oplock,unsigned int epoch,bool * purge_cache)4257 smb2_set_oplock_level(struct cifsInodeInfo *cinode, __u32 oplock,
4258 unsigned int epoch, bool *purge_cache)
4259 {
4260 oplock &= 0xFF;
4261 cinode->lease_granted = false;
4262 if (oplock == SMB2_OPLOCK_LEVEL_NOCHANGE)
4263 return;
4264 if (oplock == SMB2_OPLOCK_LEVEL_BATCH) {
4265 cinode->oplock = CIFS_CACHE_RHW_FLG;
4266 cifs_dbg(FYI, "Batch Oplock granted on inode %p\n",
4267 &cinode->netfs.inode);
4268 } else if (oplock == SMB2_OPLOCK_LEVEL_EXCLUSIVE) {
4269 cinode->oplock = CIFS_CACHE_RW_FLG;
4270 cifs_dbg(FYI, "Exclusive Oplock granted on inode %p\n",
4271 &cinode->netfs.inode);
4272 } else if (oplock == SMB2_OPLOCK_LEVEL_II) {
4273 cinode->oplock = CIFS_CACHE_READ_FLG;
4274 cifs_dbg(FYI, "Level II Oplock granted on inode %p\n",
4275 &cinode->netfs.inode);
4276 } else
4277 cinode->oplock = 0;
4278 }
4279
4280 static void
smb21_set_oplock_level(struct cifsInodeInfo * cinode,__u32 oplock,unsigned int epoch,bool * purge_cache)4281 smb21_set_oplock_level(struct cifsInodeInfo *cinode, __u32 oplock,
4282 unsigned int epoch, bool *purge_cache)
4283 {
4284 char message[5] = {0};
4285 unsigned int new_oplock = 0;
4286
4287 oplock &= 0xFF;
4288 cinode->lease_granted = true;
4289 if (oplock == SMB2_OPLOCK_LEVEL_NOCHANGE)
4290 return;
4291
4292 /* Check if the server granted an oplock rather than a lease */
4293 if (oplock & SMB2_OPLOCK_LEVEL_EXCLUSIVE)
4294 return smb2_set_oplock_level(cinode, oplock, epoch,
4295 purge_cache);
4296
4297 if (oplock & SMB2_LEASE_READ_CACHING_HE) {
4298 new_oplock |= CIFS_CACHE_READ_FLG;
4299 strcat(message, "R");
4300 }
4301 if (oplock & SMB2_LEASE_HANDLE_CACHING_HE) {
4302 new_oplock |= CIFS_CACHE_HANDLE_FLG;
4303 strcat(message, "H");
4304 }
4305 if (oplock & SMB2_LEASE_WRITE_CACHING_HE) {
4306 new_oplock |= CIFS_CACHE_WRITE_FLG;
4307 strcat(message, "W");
4308 }
4309 if (!new_oplock)
4310 strncpy(message, "None", sizeof(message));
4311
4312 cinode->oplock = new_oplock;
4313 cifs_dbg(FYI, "%s Lease granted on inode %p\n", message,
4314 &cinode->netfs.inode);
4315 }
4316
4317 static void
smb3_set_oplock_level(struct cifsInodeInfo * cinode,__u32 oplock,unsigned int epoch,bool * purge_cache)4318 smb3_set_oplock_level(struct cifsInodeInfo *cinode, __u32 oplock,
4319 unsigned int epoch, bool *purge_cache)
4320 {
4321 unsigned int old_oplock = cinode->oplock;
4322
4323 smb21_set_oplock_level(cinode, oplock, epoch, purge_cache);
4324
4325 if (purge_cache) {
4326 *purge_cache = false;
4327 if (old_oplock == CIFS_CACHE_READ_FLG) {
4328 if (cinode->oplock == CIFS_CACHE_READ_FLG &&
4329 (epoch - cinode->epoch > 0))
4330 *purge_cache = true;
4331 else if (cinode->oplock == CIFS_CACHE_RH_FLG &&
4332 (epoch - cinode->epoch > 1))
4333 *purge_cache = true;
4334 else if (cinode->oplock == CIFS_CACHE_RHW_FLG &&
4335 (epoch - cinode->epoch > 1))
4336 *purge_cache = true;
4337 else if (cinode->oplock == 0 &&
4338 (epoch - cinode->epoch > 0))
4339 *purge_cache = true;
4340 } else if (old_oplock == CIFS_CACHE_RH_FLG) {
4341 if (cinode->oplock == CIFS_CACHE_RH_FLG &&
4342 (epoch - cinode->epoch > 0))
4343 *purge_cache = true;
4344 else if (cinode->oplock == CIFS_CACHE_RHW_FLG &&
4345 (epoch - cinode->epoch > 1))
4346 *purge_cache = true;
4347 }
4348 cinode->epoch = epoch;
4349 }
4350 }
4351
4352 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
4353 static bool
smb2_is_read_op(__u32 oplock)4354 smb2_is_read_op(__u32 oplock)
4355 {
4356 return oplock == SMB2_OPLOCK_LEVEL_II;
4357 }
4358 #endif /* CIFS_ALLOW_INSECURE_LEGACY */
4359
4360 static bool
smb21_is_read_op(__u32 oplock)4361 smb21_is_read_op(__u32 oplock)
4362 {
4363 return (oplock & SMB2_LEASE_READ_CACHING_HE) &&
4364 !(oplock & SMB2_LEASE_WRITE_CACHING_HE);
4365 }
4366
4367 static __le32
map_oplock_to_lease(u8 oplock)4368 map_oplock_to_lease(u8 oplock)
4369 {
4370 if (oplock == SMB2_OPLOCK_LEVEL_EXCLUSIVE)
4371 return SMB2_LEASE_WRITE_CACHING_LE | SMB2_LEASE_READ_CACHING_LE;
4372 else if (oplock == SMB2_OPLOCK_LEVEL_II)
4373 return SMB2_LEASE_READ_CACHING_LE;
4374 else if (oplock == SMB2_OPLOCK_LEVEL_BATCH)
4375 return SMB2_LEASE_HANDLE_CACHING_LE | SMB2_LEASE_READ_CACHING_LE |
4376 SMB2_LEASE_WRITE_CACHING_LE;
4377 return 0;
4378 }
4379
4380 static char *
smb2_create_lease_buf(u8 * lease_key,u8 oplock)4381 smb2_create_lease_buf(u8 *lease_key, u8 oplock)
4382 {
4383 struct create_lease *buf;
4384
4385 buf = kzalloc(sizeof(struct create_lease), GFP_KERNEL);
4386 if (!buf)
4387 return NULL;
4388
4389 memcpy(&buf->lcontext.LeaseKey, lease_key, SMB2_LEASE_KEY_SIZE);
4390 buf->lcontext.LeaseState = map_oplock_to_lease(oplock);
4391
4392 buf->ccontext.DataOffset = cpu_to_le16(offsetof
4393 (struct create_lease, lcontext));
4394 buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context));
4395 buf->ccontext.NameOffset = cpu_to_le16(offsetof
4396 (struct create_lease, Name));
4397 buf->ccontext.NameLength = cpu_to_le16(4);
4398 /* SMB2_CREATE_REQUEST_LEASE is "RqLs" */
4399 buf->Name[0] = 'R';
4400 buf->Name[1] = 'q';
4401 buf->Name[2] = 'L';
4402 buf->Name[3] = 's';
4403 return (char *)buf;
4404 }
4405
4406 static char *
smb3_create_lease_buf(u8 * lease_key,u8 oplock)4407 smb3_create_lease_buf(u8 *lease_key, u8 oplock)
4408 {
4409 struct create_lease_v2 *buf;
4410
4411 buf = kzalloc(sizeof(struct create_lease_v2), GFP_KERNEL);
4412 if (!buf)
4413 return NULL;
4414
4415 memcpy(&buf->lcontext.LeaseKey, lease_key, SMB2_LEASE_KEY_SIZE);
4416 buf->lcontext.LeaseState = map_oplock_to_lease(oplock);
4417
4418 buf->ccontext.DataOffset = cpu_to_le16(offsetof
4419 (struct create_lease_v2, lcontext));
4420 buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context_v2));
4421 buf->ccontext.NameOffset = cpu_to_le16(offsetof
4422 (struct create_lease_v2, Name));
4423 buf->ccontext.NameLength = cpu_to_le16(4);
4424 /* SMB2_CREATE_REQUEST_LEASE is "RqLs" */
4425 buf->Name[0] = 'R';
4426 buf->Name[1] = 'q';
4427 buf->Name[2] = 'L';
4428 buf->Name[3] = 's';
4429 return (char *)buf;
4430 }
4431
4432 static __u8
smb2_parse_lease_buf(void * buf,unsigned int * epoch,char * lease_key)4433 smb2_parse_lease_buf(void *buf, unsigned int *epoch, char *lease_key)
4434 {
4435 struct create_lease *lc = (struct create_lease *)buf;
4436
4437 *epoch = 0; /* not used */
4438 if (lc->lcontext.LeaseFlags & SMB2_LEASE_FLAG_BREAK_IN_PROGRESS_LE)
4439 return SMB2_OPLOCK_LEVEL_NOCHANGE;
4440 return le32_to_cpu(lc->lcontext.LeaseState);
4441 }
4442
4443 static __u8
smb3_parse_lease_buf(void * buf,unsigned int * epoch,char * lease_key)4444 smb3_parse_lease_buf(void *buf, unsigned int *epoch, char *lease_key)
4445 {
4446 struct create_lease_v2 *lc = (struct create_lease_v2 *)buf;
4447
4448 *epoch = le16_to_cpu(lc->lcontext.Epoch);
4449 if (lc->lcontext.LeaseFlags & SMB2_LEASE_FLAG_BREAK_IN_PROGRESS_LE)
4450 return SMB2_OPLOCK_LEVEL_NOCHANGE;
4451 if (lease_key)
4452 memcpy(lease_key, &lc->lcontext.LeaseKey, SMB2_LEASE_KEY_SIZE);
4453 return le32_to_cpu(lc->lcontext.LeaseState);
4454 }
4455
4456 static unsigned int
smb2_wp_retry_size(struct inode * inode)4457 smb2_wp_retry_size(struct inode *inode)
4458 {
4459 return min_t(unsigned int, CIFS_SB(inode->i_sb)->ctx->wsize,
4460 SMB2_MAX_BUFFER_SIZE);
4461 }
4462
4463 static bool
smb2_dir_needs_close(struct cifsFileInfo * cfile)4464 smb2_dir_needs_close(struct cifsFileInfo *cfile)
4465 {
4466 return !cfile->invalidHandle;
4467 }
4468
4469 static void
fill_transform_hdr(struct smb2_transform_hdr * tr_hdr,unsigned int orig_len,struct smb_rqst * old_rq,__le16 cipher_type)4470 fill_transform_hdr(struct smb2_transform_hdr *tr_hdr, unsigned int orig_len,
4471 struct smb_rqst *old_rq, __le16 cipher_type)
4472 {
4473 struct smb2_hdr *shdr =
4474 (struct smb2_hdr *)old_rq->rq_iov[0].iov_base;
4475
4476 memset(tr_hdr, 0, sizeof(struct smb2_transform_hdr));
4477 tr_hdr->ProtocolId = SMB2_TRANSFORM_PROTO_NUM;
4478 tr_hdr->OriginalMessageSize = cpu_to_le32(orig_len);
4479 tr_hdr->Flags = cpu_to_le16(0x01);
4480 if ((cipher_type == SMB2_ENCRYPTION_AES128_GCM) ||
4481 (cipher_type == SMB2_ENCRYPTION_AES256_GCM))
4482 get_random_bytes(&tr_hdr->Nonce, SMB3_AES_GCM_NONCE);
4483 else
4484 get_random_bytes(&tr_hdr->Nonce, SMB3_AES_CCM_NONCE);
4485 memcpy(&tr_hdr->SessionId, &shdr->SessionId, 8);
4486 }
4487
4488 /* We can not use the normal sg_set_buf() as we will sometimes pass a
4489 * stack object as buf.
4490 */
smb2_sg_set_buf(struct scatterlist * sg,const void * buf,unsigned int buflen)4491 static inline void smb2_sg_set_buf(struct scatterlist *sg, const void *buf,
4492 unsigned int buflen)
4493 {
4494 void *addr;
4495 /*
4496 * VMAP_STACK (at least) puts stack into the vmalloc address space
4497 */
4498 if (is_vmalloc_addr(buf))
4499 addr = vmalloc_to_page(buf);
4500 else
4501 addr = virt_to_page(buf);
4502 sg_set_page(sg, addr, buflen, offset_in_page(buf));
4503 }
4504
4505 /* Assumes the first rqst has a transform header as the first iov.
4506 * I.e.
4507 * rqst[0].rq_iov[0] is transform header
4508 * rqst[0].rq_iov[1+] data to be encrypted/decrypted
4509 * rqst[1+].rq_iov[0+] data to be encrypted/decrypted
4510 */
4511 static struct scatterlist *
init_sg(int num_rqst,struct smb_rqst * rqst,u8 * sign)4512 init_sg(int num_rqst, struct smb_rqst *rqst, u8 *sign)
4513 {
4514 unsigned int sg_len;
4515 struct scatterlist *sg;
4516 unsigned int i;
4517 unsigned int j;
4518 unsigned int idx = 0;
4519 int skip;
4520
4521 sg_len = 1;
4522 for (i = 0; i < num_rqst; i++)
4523 sg_len += rqst[i].rq_nvec + rqst[i].rq_npages;
4524
4525 sg = kmalloc_array(sg_len, sizeof(struct scatterlist), GFP_KERNEL);
4526 if (!sg)
4527 return NULL;
4528
4529 sg_init_table(sg, sg_len);
4530 for (i = 0; i < num_rqst; i++) {
4531 for (j = 0; j < rqst[i].rq_nvec; j++) {
4532 /*
4533 * The first rqst has a transform header where the
4534 * first 20 bytes are not part of the encrypted blob
4535 */
4536 skip = (i == 0) && (j == 0) ? 20 : 0;
4537 smb2_sg_set_buf(&sg[idx++],
4538 rqst[i].rq_iov[j].iov_base + skip,
4539 rqst[i].rq_iov[j].iov_len - skip);
4540 }
4541
4542 for (j = 0; j < rqst[i].rq_npages; j++) {
4543 unsigned int len, offset;
4544
4545 rqst_page_get_length(&rqst[i], j, &len, &offset);
4546 sg_set_page(&sg[idx++], rqst[i].rq_pages[j], len, offset);
4547 }
4548 }
4549 smb2_sg_set_buf(&sg[idx], sign, SMB2_SIGNATURE_SIZE);
4550 return sg;
4551 }
4552
4553 static int
smb2_get_enc_key(struct TCP_Server_Info * server,__u64 ses_id,int enc,u8 * key)4554 smb2_get_enc_key(struct TCP_Server_Info *server, __u64 ses_id, int enc, u8 *key)
4555 {
4556 struct cifs_ses *ses;
4557 u8 *ses_enc_key;
4558
4559 spin_lock(&cifs_tcp_ses_lock);
4560 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
4561 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
4562 if (ses->Suid == ses_id) {
4563 ses_enc_key = enc ? ses->smb3encryptionkey :
4564 ses->smb3decryptionkey;
4565 memcpy(key, ses_enc_key, SMB3_ENC_DEC_KEY_SIZE);
4566 spin_unlock(&cifs_tcp_ses_lock);
4567 return 0;
4568 }
4569 }
4570 }
4571 spin_unlock(&cifs_tcp_ses_lock);
4572
4573 return -EAGAIN;
4574 }
4575 /*
4576 * Encrypt or decrypt @rqst message. @rqst[0] has the following format:
4577 * iov[0] - transform header (associate data),
4578 * iov[1-N] - SMB2 header and pages - data to encrypt.
4579 * On success return encrypted data in iov[1-N] and pages, leave iov[0]
4580 * untouched.
4581 */
4582 static int
crypt_message(struct TCP_Server_Info * server,int num_rqst,struct smb_rqst * rqst,int enc)4583 crypt_message(struct TCP_Server_Info *server, int num_rqst,
4584 struct smb_rqst *rqst, int enc)
4585 {
4586 struct smb2_transform_hdr *tr_hdr =
4587 (struct smb2_transform_hdr *)rqst[0].rq_iov[0].iov_base;
4588 unsigned int assoc_data_len = sizeof(struct smb2_transform_hdr) - 20;
4589 int rc = 0;
4590 struct scatterlist *sg;
4591 u8 sign[SMB2_SIGNATURE_SIZE] = {};
4592 u8 key[SMB3_ENC_DEC_KEY_SIZE];
4593 struct aead_request *req;
4594 char *iv;
4595 unsigned int iv_len;
4596 DECLARE_CRYPTO_WAIT(wait);
4597 struct crypto_aead *tfm;
4598 unsigned int crypt_len = le32_to_cpu(tr_hdr->OriginalMessageSize);
4599
4600 rc = smb2_get_enc_key(server, le64_to_cpu(tr_hdr->SessionId), enc, key);
4601 if (rc) {
4602 cifs_server_dbg(VFS, "%s: Could not get %scryption key\n", __func__,
4603 enc ? "en" : "de");
4604 return rc;
4605 }
4606
4607 rc = smb3_crypto_aead_allocate(server);
4608 if (rc) {
4609 cifs_server_dbg(VFS, "%s: crypto alloc failed\n", __func__);
4610 return rc;
4611 }
4612
4613 tfm = enc ? server->secmech.ccmaesencrypt :
4614 server->secmech.ccmaesdecrypt;
4615
4616 if ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) ||
4617 (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM))
4618 rc = crypto_aead_setkey(tfm, key, SMB3_GCM256_CRYPTKEY_SIZE);
4619 else
4620 rc = crypto_aead_setkey(tfm, key, SMB3_GCM128_CRYPTKEY_SIZE);
4621
4622 if (rc) {
4623 cifs_server_dbg(VFS, "%s: Failed to set aead key %d\n", __func__, rc);
4624 return rc;
4625 }
4626
4627 rc = crypto_aead_setauthsize(tfm, SMB2_SIGNATURE_SIZE);
4628 if (rc) {
4629 cifs_server_dbg(VFS, "%s: Failed to set authsize %d\n", __func__, rc);
4630 return rc;
4631 }
4632
4633 req = aead_request_alloc(tfm, GFP_KERNEL);
4634 if (!req) {
4635 cifs_server_dbg(VFS, "%s: Failed to alloc aead request\n", __func__);
4636 return -ENOMEM;
4637 }
4638
4639 if (!enc) {
4640 memcpy(sign, &tr_hdr->Signature, SMB2_SIGNATURE_SIZE);
4641 crypt_len += SMB2_SIGNATURE_SIZE;
4642 }
4643
4644 sg = init_sg(num_rqst, rqst, sign);
4645 if (!sg) {
4646 cifs_server_dbg(VFS, "%s: Failed to init sg\n", __func__);
4647 rc = -ENOMEM;
4648 goto free_req;
4649 }
4650
4651 iv_len = crypto_aead_ivsize(tfm);
4652 iv = kzalloc(iv_len, GFP_KERNEL);
4653 if (!iv) {
4654 cifs_server_dbg(VFS, "%s: Failed to alloc iv\n", __func__);
4655 rc = -ENOMEM;
4656 goto free_sg;
4657 }
4658
4659 if ((server->cipher_type == SMB2_ENCRYPTION_AES128_GCM) ||
4660 (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM))
4661 memcpy(iv, (char *)tr_hdr->Nonce, SMB3_AES_GCM_NONCE);
4662 else {
4663 iv[0] = 3;
4664 memcpy(iv + 1, (char *)tr_hdr->Nonce, SMB3_AES_CCM_NONCE);
4665 }
4666
4667 aead_request_set_crypt(req, sg, sg, crypt_len, iv);
4668 aead_request_set_ad(req, assoc_data_len);
4669
4670 aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
4671 crypto_req_done, &wait);
4672
4673 rc = crypto_wait_req(enc ? crypto_aead_encrypt(req)
4674 : crypto_aead_decrypt(req), &wait);
4675
4676 if (!rc && enc)
4677 memcpy(&tr_hdr->Signature, sign, SMB2_SIGNATURE_SIZE);
4678
4679 kfree(iv);
4680 free_sg:
4681 kfree(sg);
4682 free_req:
4683 kfree(req);
4684 return rc;
4685 }
4686
4687 void
smb3_free_compound_rqst(int num_rqst,struct smb_rqst * rqst)4688 smb3_free_compound_rqst(int num_rqst, struct smb_rqst *rqst)
4689 {
4690 int i, j;
4691
4692 for (i = 0; i < num_rqst; i++) {
4693 if (rqst[i].rq_pages) {
4694 for (j = rqst[i].rq_npages - 1; j >= 0; j--)
4695 put_page(rqst[i].rq_pages[j]);
4696 kfree(rqst[i].rq_pages);
4697 }
4698 }
4699 }
4700
4701 /*
4702 * This function will initialize new_rq and encrypt the content.
4703 * The first entry, new_rq[0], only contains a single iov which contains
4704 * a smb2_transform_hdr and is pre-allocated by the caller.
4705 * This function then populates new_rq[1+] with the content from olq_rq[0+].
4706 *
4707 * The end result is an array of smb_rqst structures where the first structure
4708 * only contains a single iov for the transform header which we then can pass
4709 * to crypt_message().
4710 *
4711 * new_rq[0].rq_iov[0] : smb2_transform_hdr pre-allocated by the caller
4712 * new_rq[1+].rq_iov[*] == old_rq[0+].rq_iov[*] : SMB2/3 requests
4713 */
4714 static int
smb3_init_transform_rq(struct TCP_Server_Info * server,int num_rqst,struct smb_rqst * new_rq,struct smb_rqst * old_rq)4715 smb3_init_transform_rq(struct TCP_Server_Info *server, int num_rqst,
4716 struct smb_rqst *new_rq, struct smb_rqst *old_rq)
4717 {
4718 struct page **pages;
4719 struct smb2_transform_hdr *tr_hdr = new_rq[0].rq_iov[0].iov_base;
4720 unsigned int npages;
4721 unsigned int orig_len = 0;
4722 int i, j;
4723 int rc = -ENOMEM;
4724
4725 for (i = 1; i < num_rqst; i++) {
4726 npages = old_rq[i - 1].rq_npages;
4727 pages = kmalloc_array(npages, sizeof(struct page *),
4728 GFP_KERNEL);
4729 if (!pages)
4730 goto err_free;
4731
4732 new_rq[i].rq_pages = pages;
4733 new_rq[i].rq_npages = npages;
4734 new_rq[i].rq_offset = old_rq[i - 1].rq_offset;
4735 new_rq[i].rq_pagesz = old_rq[i - 1].rq_pagesz;
4736 new_rq[i].rq_tailsz = old_rq[i - 1].rq_tailsz;
4737 new_rq[i].rq_iov = old_rq[i - 1].rq_iov;
4738 new_rq[i].rq_nvec = old_rq[i - 1].rq_nvec;
4739
4740 orig_len += smb_rqst_len(server, &old_rq[i - 1]);
4741
4742 for (j = 0; j < npages; j++) {
4743 pages[j] = alloc_page(GFP_KERNEL|__GFP_HIGHMEM);
4744 if (!pages[j])
4745 goto err_free;
4746 }
4747
4748 /* copy pages form the old */
4749 for (j = 0; j < npages; j++) {
4750 char *dst, *src;
4751 unsigned int offset, len;
4752
4753 rqst_page_get_length(&new_rq[i], j, &len, &offset);
4754
4755 dst = (char *) kmap(new_rq[i].rq_pages[j]) + offset;
4756 src = (char *) kmap(old_rq[i - 1].rq_pages[j]) + offset;
4757
4758 memcpy(dst, src, len);
4759 kunmap(new_rq[i].rq_pages[j]);
4760 kunmap(old_rq[i - 1].rq_pages[j]);
4761 }
4762 }
4763
4764 /* fill the 1st iov with a transform header */
4765 fill_transform_hdr(tr_hdr, orig_len, old_rq, server->cipher_type);
4766
4767 rc = crypt_message(server, num_rqst, new_rq, 1);
4768 cifs_dbg(FYI, "Encrypt message returned %d\n", rc);
4769 if (rc)
4770 goto err_free;
4771
4772 return rc;
4773
4774 err_free:
4775 smb3_free_compound_rqst(num_rqst - 1, &new_rq[1]);
4776 return rc;
4777 }
4778
4779 static int
smb3_is_transform_hdr(void * buf)4780 smb3_is_transform_hdr(void *buf)
4781 {
4782 struct smb2_transform_hdr *trhdr = buf;
4783
4784 return trhdr->ProtocolId == SMB2_TRANSFORM_PROTO_NUM;
4785 }
4786
4787 static int
decrypt_raw_data(struct TCP_Server_Info * server,char * buf,unsigned int buf_data_size,struct page ** pages,unsigned int npages,unsigned int page_data_size,bool is_offloaded)4788 decrypt_raw_data(struct TCP_Server_Info *server, char *buf,
4789 unsigned int buf_data_size, struct page **pages,
4790 unsigned int npages, unsigned int page_data_size,
4791 bool is_offloaded)
4792 {
4793 struct kvec iov[2];
4794 struct smb_rqst rqst = {NULL};
4795 int rc;
4796
4797 iov[0].iov_base = buf;
4798 iov[0].iov_len = sizeof(struct smb2_transform_hdr);
4799 iov[1].iov_base = buf + sizeof(struct smb2_transform_hdr);
4800 iov[1].iov_len = buf_data_size;
4801
4802 rqst.rq_iov = iov;
4803 rqst.rq_nvec = 2;
4804 rqst.rq_pages = pages;
4805 rqst.rq_npages = npages;
4806 rqst.rq_pagesz = PAGE_SIZE;
4807 rqst.rq_tailsz = (page_data_size % PAGE_SIZE) ? : PAGE_SIZE;
4808
4809 rc = crypt_message(server, 1, &rqst, 0);
4810 cifs_dbg(FYI, "Decrypt message returned %d\n", rc);
4811
4812 if (rc)
4813 return rc;
4814
4815 memmove(buf, iov[1].iov_base, buf_data_size);
4816
4817 if (!is_offloaded)
4818 server->total_read = buf_data_size + page_data_size;
4819
4820 return rc;
4821 }
4822
4823 static int
read_data_into_pages(struct TCP_Server_Info * server,struct page ** pages,unsigned int npages,unsigned int len)4824 read_data_into_pages(struct TCP_Server_Info *server, struct page **pages,
4825 unsigned int npages, unsigned int len)
4826 {
4827 int i;
4828 int length;
4829
4830 for (i = 0; i < npages; i++) {
4831 struct page *page = pages[i];
4832 size_t n;
4833
4834 n = len;
4835 if (len >= PAGE_SIZE) {
4836 /* enough data to fill the page */
4837 n = PAGE_SIZE;
4838 len -= n;
4839 } else {
4840 zero_user(page, len, PAGE_SIZE - len);
4841 len = 0;
4842 }
4843 length = cifs_read_page_from_socket(server, page, 0, n);
4844 if (length < 0)
4845 return length;
4846 server->total_read += length;
4847 }
4848
4849 return 0;
4850 }
4851
4852 static int
init_read_bvec(struct page ** pages,unsigned int npages,unsigned int data_size,unsigned int cur_off,struct bio_vec ** page_vec)4853 init_read_bvec(struct page **pages, unsigned int npages, unsigned int data_size,
4854 unsigned int cur_off, struct bio_vec **page_vec)
4855 {
4856 struct bio_vec *bvec;
4857 int i;
4858
4859 bvec = kcalloc(npages, sizeof(struct bio_vec), GFP_KERNEL);
4860 if (!bvec)
4861 return -ENOMEM;
4862
4863 for (i = 0; i < npages; i++) {
4864 bvec[i].bv_page = pages[i];
4865 bvec[i].bv_offset = (i == 0) ? cur_off : 0;
4866 bvec[i].bv_len = min_t(unsigned int, PAGE_SIZE, data_size);
4867 data_size -= bvec[i].bv_len;
4868 }
4869
4870 if (data_size != 0) {
4871 cifs_dbg(VFS, "%s: something went wrong\n", __func__);
4872 kfree(bvec);
4873 return -EIO;
4874 }
4875
4876 *page_vec = bvec;
4877 return 0;
4878 }
4879
4880 static int
handle_read_data(struct TCP_Server_Info * server,struct mid_q_entry * mid,char * buf,unsigned int buf_len,struct page ** pages,unsigned int npages,unsigned int page_data_size,bool is_offloaded)4881 handle_read_data(struct TCP_Server_Info *server, struct mid_q_entry *mid,
4882 char *buf, unsigned int buf_len, struct page **pages,
4883 unsigned int npages, unsigned int page_data_size,
4884 bool is_offloaded)
4885 {
4886 unsigned int data_offset;
4887 unsigned int data_len;
4888 unsigned int cur_off;
4889 unsigned int cur_page_idx;
4890 unsigned int pad_len;
4891 struct cifs_readdata *rdata = mid->callback_data;
4892 struct smb2_hdr *shdr = (struct smb2_hdr *)buf;
4893 struct bio_vec *bvec = NULL;
4894 struct iov_iter iter;
4895 struct kvec iov;
4896 int length;
4897 bool use_rdma_mr = false;
4898
4899 if (shdr->Command != SMB2_READ) {
4900 cifs_server_dbg(VFS, "only big read responses are supported\n");
4901 return -ENOTSUPP;
4902 }
4903
4904 if (server->ops->is_session_expired &&
4905 server->ops->is_session_expired(buf)) {
4906 if (!is_offloaded)
4907 cifs_reconnect(server, true);
4908 return -1;
4909 }
4910
4911 if (server->ops->is_status_pending &&
4912 server->ops->is_status_pending(buf, server))
4913 return -1;
4914
4915 /* set up first two iov to get credits */
4916 rdata->iov[0].iov_base = buf;
4917 rdata->iov[0].iov_len = 0;
4918 rdata->iov[1].iov_base = buf;
4919 rdata->iov[1].iov_len =
4920 min_t(unsigned int, buf_len, server->vals->read_rsp_size);
4921 cifs_dbg(FYI, "0: iov_base=%p iov_len=%zu\n",
4922 rdata->iov[0].iov_base, rdata->iov[0].iov_len);
4923 cifs_dbg(FYI, "1: iov_base=%p iov_len=%zu\n",
4924 rdata->iov[1].iov_base, rdata->iov[1].iov_len);
4925
4926 rdata->result = server->ops->map_error(buf, true);
4927 if (rdata->result != 0) {
4928 cifs_dbg(FYI, "%s: server returned error %d\n",
4929 __func__, rdata->result);
4930 /* normal error on read response */
4931 if (is_offloaded)
4932 mid->mid_state = MID_RESPONSE_RECEIVED;
4933 else
4934 dequeue_mid(mid, false);
4935 return 0;
4936 }
4937
4938 data_offset = server->ops->read_data_offset(buf);
4939 #ifdef CONFIG_CIFS_SMB_DIRECT
4940 use_rdma_mr = rdata->mr;
4941 #endif
4942 data_len = server->ops->read_data_length(buf, use_rdma_mr);
4943
4944 if (data_offset < server->vals->read_rsp_size) {
4945 /*
4946 * win2k8 sometimes sends an offset of 0 when the read
4947 * is beyond the EOF. Treat it as if the data starts just after
4948 * the header.
4949 */
4950 cifs_dbg(FYI, "%s: data offset (%u) inside read response header\n",
4951 __func__, data_offset);
4952 data_offset = server->vals->read_rsp_size;
4953 } else if (data_offset > MAX_CIFS_SMALL_BUFFER_SIZE) {
4954 /* data_offset is beyond the end of smallbuf */
4955 cifs_dbg(FYI, "%s: data offset (%u) beyond end of smallbuf\n",
4956 __func__, data_offset);
4957 rdata->result = -EIO;
4958 if (is_offloaded)
4959 mid->mid_state = MID_RESPONSE_MALFORMED;
4960 else
4961 dequeue_mid(mid, rdata->result);
4962 return 0;
4963 }
4964
4965 pad_len = data_offset - server->vals->read_rsp_size;
4966
4967 if (buf_len <= data_offset) {
4968 /* read response payload is in pages */
4969 cur_page_idx = pad_len / PAGE_SIZE;
4970 cur_off = pad_len % PAGE_SIZE;
4971
4972 if (cur_page_idx != 0) {
4973 /* data offset is beyond the 1st page of response */
4974 cifs_dbg(FYI, "%s: data offset (%u) beyond 1st page of response\n",
4975 __func__, data_offset);
4976 rdata->result = -EIO;
4977 if (is_offloaded)
4978 mid->mid_state = MID_RESPONSE_MALFORMED;
4979 else
4980 dequeue_mid(mid, rdata->result);
4981 return 0;
4982 }
4983
4984 if (data_len > page_data_size - pad_len) {
4985 /* data_len is corrupt -- discard frame */
4986 rdata->result = -EIO;
4987 if (is_offloaded)
4988 mid->mid_state = MID_RESPONSE_MALFORMED;
4989 else
4990 dequeue_mid(mid, rdata->result);
4991 return 0;
4992 }
4993
4994 rdata->result = init_read_bvec(pages, npages, page_data_size,
4995 cur_off, &bvec);
4996 if (rdata->result != 0) {
4997 if (is_offloaded)
4998 mid->mid_state = MID_RESPONSE_MALFORMED;
4999 else
5000 dequeue_mid(mid, rdata->result);
5001 return 0;
5002 }
5003
5004 iov_iter_bvec(&iter, WRITE, bvec, npages, data_len);
5005 } else if (buf_len >= data_offset + data_len) {
5006 /* read response payload is in buf */
5007 WARN_ONCE(npages > 0, "read data can be either in buf or in pages");
5008 iov.iov_base = buf + data_offset;
5009 iov.iov_len = data_len;
5010 iov_iter_kvec(&iter, WRITE, &iov, 1, data_len);
5011 } else {
5012 /* read response payload cannot be in both buf and pages */
5013 WARN_ONCE(1, "buf can not contain only a part of read data");
5014 rdata->result = -EIO;
5015 if (is_offloaded)
5016 mid->mid_state = MID_RESPONSE_MALFORMED;
5017 else
5018 dequeue_mid(mid, rdata->result);
5019 return 0;
5020 }
5021
5022 length = rdata->copy_into_pages(server, rdata, &iter);
5023
5024 kfree(bvec);
5025
5026 if (length < 0)
5027 return length;
5028
5029 if (is_offloaded)
5030 mid->mid_state = MID_RESPONSE_RECEIVED;
5031 else
5032 dequeue_mid(mid, false);
5033 return length;
5034 }
5035
5036 struct smb2_decrypt_work {
5037 struct work_struct decrypt;
5038 struct TCP_Server_Info *server;
5039 struct page **ppages;
5040 char *buf;
5041 unsigned int npages;
5042 unsigned int len;
5043 };
5044
5045
smb2_decrypt_offload(struct work_struct * work)5046 static void smb2_decrypt_offload(struct work_struct *work)
5047 {
5048 struct smb2_decrypt_work *dw = container_of(work,
5049 struct smb2_decrypt_work, decrypt);
5050 int i, rc;
5051 struct mid_q_entry *mid;
5052
5053 rc = decrypt_raw_data(dw->server, dw->buf, dw->server->vals->read_rsp_size,
5054 dw->ppages, dw->npages, dw->len, true);
5055 if (rc) {
5056 cifs_dbg(VFS, "error decrypting rc=%d\n", rc);
5057 goto free_pages;
5058 }
5059
5060 dw->server->lstrp = jiffies;
5061 mid = smb2_find_dequeue_mid(dw->server, dw->buf);
5062 if (mid == NULL)
5063 cifs_dbg(FYI, "mid not found\n");
5064 else {
5065 mid->decrypted = true;
5066 rc = handle_read_data(dw->server, mid, dw->buf,
5067 dw->server->vals->read_rsp_size,
5068 dw->ppages, dw->npages, dw->len,
5069 true);
5070 if (rc >= 0) {
5071 #ifdef CONFIG_CIFS_STATS2
5072 mid->when_received = jiffies;
5073 #endif
5074 if (dw->server->ops->is_network_name_deleted)
5075 dw->server->ops->is_network_name_deleted(dw->buf,
5076 dw->server);
5077
5078 mid->callback(mid);
5079 } else {
5080 spin_lock(&cifs_tcp_ses_lock);
5081 spin_lock(&GlobalMid_Lock);
5082 if (dw->server->tcpStatus == CifsNeedReconnect) {
5083 mid->mid_state = MID_RETRY_NEEDED;
5084 spin_unlock(&GlobalMid_Lock);
5085 spin_unlock(&cifs_tcp_ses_lock);
5086 mid->callback(mid);
5087 } else {
5088 mid->mid_state = MID_REQUEST_SUBMITTED;
5089 mid->mid_flags &= ~(MID_DELETED);
5090 list_add_tail(&mid->qhead,
5091 &dw->server->pending_mid_q);
5092 spin_unlock(&GlobalMid_Lock);
5093 spin_unlock(&cifs_tcp_ses_lock);
5094 }
5095 }
5096 cifs_mid_q_entry_release(mid);
5097 }
5098
5099 free_pages:
5100 for (i = dw->npages-1; i >= 0; i--)
5101 put_page(dw->ppages[i]);
5102
5103 kfree(dw->ppages);
5104 cifs_small_buf_release(dw->buf);
5105 kfree(dw);
5106 }
5107
5108
5109 static int
receive_encrypted_read(struct TCP_Server_Info * server,struct mid_q_entry ** mid,int * num_mids)5110 receive_encrypted_read(struct TCP_Server_Info *server, struct mid_q_entry **mid,
5111 int *num_mids)
5112 {
5113 char *buf = server->smallbuf;
5114 struct smb2_transform_hdr *tr_hdr = (struct smb2_transform_hdr *)buf;
5115 unsigned int npages;
5116 struct page **pages;
5117 unsigned int len;
5118 unsigned int buflen = server->pdu_size;
5119 int rc;
5120 int i = 0;
5121 struct smb2_decrypt_work *dw;
5122
5123 *num_mids = 1;
5124 len = min_t(unsigned int, buflen, server->vals->read_rsp_size +
5125 sizeof(struct smb2_transform_hdr)) - HEADER_SIZE(server) + 1;
5126
5127 rc = cifs_read_from_socket(server, buf + HEADER_SIZE(server) - 1, len);
5128 if (rc < 0)
5129 return rc;
5130 server->total_read += rc;
5131
5132 len = le32_to_cpu(tr_hdr->OriginalMessageSize) -
5133 server->vals->read_rsp_size;
5134 npages = DIV_ROUND_UP(len, PAGE_SIZE);
5135
5136 pages = kmalloc_array(npages, sizeof(struct page *), GFP_KERNEL);
5137 if (!pages) {
5138 rc = -ENOMEM;
5139 goto discard_data;
5140 }
5141
5142 for (; i < npages; i++) {
5143 pages[i] = alloc_page(GFP_KERNEL|__GFP_HIGHMEM);
5144 if (!pages[i]) {
5145 rc = -ENOMEM;
5146 goto discard_data;
5147 }
5148 }
5149
5150 /* read read data into pages */
5151 rc = read_data_into_pages(server, pages, npages, len);
5152 if (rc)
5153 goto free_pages;
5154
5155 rc = cifs_discard_remaining_data(server);
5156 if (rc)
5157 goto free_pages;
5158
5159 /*
5160 * For large reads, offload to different thread for better performance,
5161 * use more cores decrypting which can be expensive
5162 */
5163
5164 if ((server->min_offload) && (server->in_flight > 1) &&
5165 (server->pdu_size >= server->min_offload)) {
5166 dw = kmalloc(sizeof(struct smb2_decrypt_work), GFP_KERNEL);
5167 if (dw == NULL)
5168 goto non_offloaded_decrypt;
5169
5170 dw->buf = server->smallbuf;
5171 server->smallbuf = (char *)cifs_small_buf_get();
5172
5173 INIT_WORK(&dw->decrypt, smb2_decrypt_offload);
5174
5175 dw->npages = npages;
5176 dw->server = server;
5177 dw->ppages = pages;
5178 dw->len = len;
5179 queue_work(decrypt_wq, &dw->decrypt);
5180 *num_mids = 0; /* worker thread takes care of finding mid */
5181 return -1;
5182 }
5183
5184 non_offloaded_decrypt:
5185 rc = decrypt_raw_data(server, buf, server->vals->read_rsp_size,
5186 pages, npages, len, false);
5187 if (rc)
5188 goto free_pages;
5189
5190 *mid = smb2_find_mid(server, buf);
5191 if (*mid == NULL)
5192 cifs_dbg(FYI, "mid not found\n");
5193 else {
5194 cifs_dbg(FYI, "mid found\n");
5195 (*mid)->decrypted = true;
5196 rc = handle_read_data(server, *mid, buf,
5197 server->vals->read_rsp_size,
5198 pages, npages, len, false);
5199 if (rc >= 0) {
5200 if (server->ops->is_network_name_deleted) {
5201 server->ops->is_network_name_deleted(buf,
5202 server);
5203 }
5204 }
5205 }
5206
5207 free_pages:
5208 for (i = i - 1; i >= 0; i--)
5209 put_page(pages[i]);
5210 kfree(pages);
5211 return rc;
5212 discard_data:
5213 cifs_discard_remaining_data(server);
5214 goto free_pages;
5215 }
5216
5217 static int
receive_encrypted_standard(struct TCP_Server_Info * server,struct mid_q_entry ** mids,char ** bufs,int * num_mids)5218 receive_encrypted_standard(struct TCP_Server_Info *server,
5219 struct mid_q_entry **mids, char **bufs,
5220 int *num_mids)
5221 {
5222 int ret, length;
5223 char *buf = server->smallbuf;
5224 struct smb2_hdr *shdr;
5225 unsigned int pdu_length = server->pdu_size;
5226 unsigned int buf_size;
5227 struct mid_q_entry *mid_entry;
5228 int next_is_large;
5229 char *next_buffer = NULL;
5230
5231 *num_mids = 0;
5232
5233 /* switch to large buffer if too big for a small one */
5234 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE) {
5235 server->large_buf = true;
5236 memcpy(server->bigbuf, buf, server->total_read);
5237 buf = server->bigbuf;
5238 }
5239
5240 /* now read the rest */
5241 length = cifs_read_from_socket(server, buf + HEADER_SIZE(server) - 1,
5242 pdu_length - HEADER_SIZE(server) + 1);
5243 if (length < 0)
5244 return length;
5245 server->total_read += length;
5246
5247 buf_size = pdu_length - sizeof(struct smb2_transform_hdr);
5248 length = decrypt_raw_data(server, buf, buf_size, NULL, 0, 0, false);
5249 if (length)
5250 return length;
5251
5252 next_is_large = server->large_buf;
5253 one_more:
5254 shdr = (struct smb2_hdr *)buf;
5255 if (shdr->NextCommand) {
5256 if (next_is_large)
5257 next_buffer = (char *)cifs_buf_get();
5258 else
5259 next_buffer = (char *)cifs_small_buf_get();
5260 memcpy(next_buffer,
5261 buf + le32_to_cpu(shdr->NextCommand),
5262 pdu_length - le32_to_cpu(shdr->NextCommand));
5263 }
5264
5265 mid_entry = smb2_find_mid(server, buf);
5266 if (mid_entry == NULL)
5267 cifs_dbg(FYI, "mid not found\n");
5268 else {
5269 cifs_dbg(FYI, "mid found\n");
5270 mid_entry->decrypted = true;
5271 mid_entry->resp_buf_size = server->pdu_size;
5272 }
5273
5274 if (*num_mids >= MAX_COMPOUND) {
5275 cifs_server_dbg(VFS, "too many PDUs in compound\n");
5276 return -1;
5277 }
5278 bufs[*num_mids] = buf;
5279 mids[(*num_mids)++] = mid_entry;
5280
5281 if (mid_entry && mid_entry->handle)
5282 ret = mid_entry->handle(server, mid_entry);
5283 else
5284 ret = cifs_handle_standard(server, mid_entry);
5285
5286 if (ret == 0 && shdr->NextCommand) {
5287 pdu_length -= le32_to_cpu(shdr->NextCommand);
5288 server->large_buf = next_is_large;
5289 if (next_is_large)
5290 server->bigbuf = buf = next_buffer;
5291 else
5292 server->smallbuf = buf = next_buffer;
5293 goto one_more;
5294 } else if (ret != 0) {
5295 /*
5296 * ret != 0 here means that we didn't get to handle_mid() thus
5297 * server->smallbuf and server->bigbuf are still valid. We need
5298 * to free next_buffer because it is not going to be used
5299 * anywhere.
5300 */
5301 if (next_is_large)
5302 free_rsp_buf(CIFS_LARGE_BUFFER, next_buffer);
5303 else
5304 free_rsp_buf(CIFS_SMALL_BUFFER, next_buffer);
5305 }
5306
5307 return ret;
5308 }
5309
5310 static int
smb3_receive_transform(struct TCP_Server_Info * server,struct mid_q_entry ** mids,char ** bufs,int * num_mids)5311 smb3_receive_transform(struct TCP_Server_Info *server,
5312 struct mid_q_entry **mids, char **bufs, int *num_mids)
5313 {
5314 char *buf = server->smallbuf;
5315 unsigned int pdu_length = server->pdu_size;
5316 struct smb2_transform_hdr *tr_hdr = (struct smb2_transform_hdr *)buf;
5317 unsigned int orig_len = le32_to_cpu(tr_hdr->OriginalMessageSize);
5318
5319 if (pdu_length < sizeof(struct smb2_transform_hdr) +
5320 sizeof(struct smb2_hdr)) {
5321 cifs_server_dbg(VFS, "Transform message is too small (%u)\n",
5322 pdu_length);
5323 cifs_reconnect(server, true);
5324 return -ECONNABORTED;
5325 }
5326
5327 if (pdu_length < orig_len + sizeof(struct smb2_transform_hdr)) {
5328 cifs_server_dbg(VFS, "Transform message is broken\n");
5329 cifs_reconnect(server, true);
5330 return -ECONNABORTED;
5331 }
5332
5333 /* TODO: add support for compounds containing READ. */
5334 if (pdu_length > CIFSMaxBufSize + MAX_HEADER_SIZE(server)) {
5335 return receive_encrypted_read(server, &mids[0], num_mids);
5336 }
5337
5338 return receive_encrypted_standard(server, mids, bufs, num_mids);
5339 }
5340
5341 int
smb3_handle_read_data(struct TCP_Server_Info * server,struct mid_q_entry * mid)5342 smb3_handle_read_data(struct TCP_Server_Info *server, struct mid_q_entry *mid)
5343 {
5344 char *buf = server->large_buf ? server->bigbuf : server->smallbuf;
5345
5346 return handle_read_data(server, mid, buf, server->pdu_size,
5347 NULL, 0, 0, false);
5348 }
5349
5350 static int
smb2_next_header(char * buf)5351 smb2_next_header(char *buf)
5352 {
5353 struct smb2_hdr *hdr = (struct smb2_hdr *)buf;
5354 struct smb2_transform_hdr *t_hdr = (struct smb2_transform_hdr *)buf;
5355
5356 if (hdr->ProtocolId == SMB2_TRANSFORM_PROTO_NUM)
5357 return sizeof(struct smb2_transform_hdr) +
5358 le32_to_cpu(t_hdr->OriginalMessageSize);
5359
5360 return le32_to_cpu(hdr->NextCommand);
5361 }
5362
5363 static int
smb2_make_node(unsigned int xid,struct inode * inode,struct dentry * dentry,struct cifs_tcon * tcon,const char * full_path,umode_t mode,dev_t dev)5364 smb2_make_node(unsigned int xid, struct inode *inode,
5365 struct dentry *dentry, struct cifs_tcon *tcon,
5366 const char *full_path, umode_t mode, dev_t dev)
5367 {
5368 struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);
5369 int rc = -EPERM;
5370 FILE_ALL_INFO *buf = NULL;
5371 struct cifs_io_parms io_parms = {0};
5372 __u32 oplock = 0;
5373 struct cifs_fid fid;
5374 struct cifs_open_parms oparms;
5375 unsigned int bytes_written;
5376 struct win_dev *pdev;
5377 struct kvec iov[2];
5378
5379 /*
5380 * Check if mounted with mount parm 'sfu' mount parm.
5381 * SFU emulation should work with all servers, but only
5382 * supports block and char device (no socket & fifo),
5383 * and was used by default in earlier versions of Windows
5384 */
5385 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_UNX_EMUL))
5386 goto out;
5387
5388 /*
5389 * TODO: Add ability to create instead via reparse point. Windows (e.g.
5390 * their current NFS server) uses this approach to expose special files
5391 * over SMB2/SMB3 and Samba will do this with SMB3.1.1 POSIX Extensions
5392 */
5393
5394 if (!S_ISCHR(mode) && !S_ISBLK(mode))
5395 goto out;
5396
5397 cifs_dbg(FYI, "sfu compat create special file\n");
5398
5399 buf = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
5400 if (buf == NULL) {
5401 rc = -ENOMEM;
5402 goto out;
5403 }
5404
5405 oparms.tcon = tcon;
5406 oparms.cifs_sb = cifs_sb;
5407 oparms.desired_access = GENERIC_WRITE;
5408 oparms.create_options = cifs_create_options(cifs_sb, CREATE_NOT_DIR |
5409 CREATE_OPTION_SPECIAL);
5410 oparms.disposition = FILE_CREATE;
5411 oparms.path = full_path;
5412 oparms.fid = &fid;
5413 oparms.reconnect = false;
5414
5415 if (tcon->ses->server->oplocks)
5416 oplock = REQ_OPLOCK;
5417 else
5418 oplock = 0;
5419 rc = tcon->ses->server->ops->open(xid, &oparms, &oplock, buf);
5420 if (rc)
5421 goto out;
5422
5423 /*
5424 * BB Do not bother to decode buf since no local inode yet to put
5425 * timestamps in, but we can reuse it safely.
5426 */
5427
5428 pdev = (struct win_dev *)buf;
5429 io_parms.pid = current->tgid;
5430 io_parms.tcon = tcon;
5431 io_parms.offset = 0;
5432 io_parms.length = sizeof(struct win_dev);
5433 iov[1].iov_base = buf;
5434 iov[1].iov_len = sizeof(struct win_dev);
5435 if (S_ISCHR(mode)) {
5436 memcpy(pdev->type, "IntxCHR", 8);
5437 pdev->major = cpu_to_le64(MAJOR(dev));
5438 pdev->minor = cpu_to_le64(MINOR(dev));
5439 rc = tcon->ses->server->ops->sync_write(xid, &fid, &io_parms,
5440 &bytes_written, iov, 1);
5441 } else if (S_ISBLK(mode)) {
5442 memcpy(pdev->type, "IntxBLK", 8);
5443 pdev->major = cpu_to_le64(MAJOR(dev));
5444 pdev->minor = cpu_to_le64(MINOR(dev));
5445 rc = tcon->ses->server->ops->sync_write(xid, &fid, &io_parms,
5446 &bytes_written, iov, 1);
5447 }
5448 tcon->ses->server->ops->close(xid, tcon, &fid);
5449 d_drop(dentry);
5450
5451 /* FIXME: add code here to set EAs */
5452 out:
5453 kfree(buf);
5454 return rc;
5455 }
5456
5457 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
5458 struct smb_version_operations smb20_operations = {
5459 .compare_fids = smb2_compare_fids,
5460 .setup_request = smb2_setup_request,
5461 .setup_async_request = smb2_setup_async_request,
5462 .check_receive = smb2_check_receive,
5463 .add_credits = smb2_add_credits,
5464 .set_credits = smb2_set_credits,
5465 .get_credits_field = smb2_get_credits_field,
5466 .get_credits = smb2_get_credits,
5467 .wait_mtu_credits = cifs_wait_mtu_credits,
5468 .get_next_mid = smb2_get_next_mid,
5469 .revert_current_mid = smb2_revert_current_mid,
5470 .read_data_offset = smb2_read_data_offset,
5471 .read_data_length = smb2_read_data_length,
5472 .map_error = map_smb2_to_linux_error,
5473 .find_mid = smb2_find_mid,
5474 .check_message = smb2_check_message,
5475 .dump_detail = smb2_dump_detail,
5476 .clear_stats = smb2_clear_stats,
5477 .print_stats = smb2_print_stats,
5478 .is_oplock_break = smb2_is_valid_oplock_break,
5479 .handle_cancelled_mid = smb2_handle_cancelled_mid,
5480 .downgrade_oplock = smb2_downgrade_oplock,
5481 .need_neg = smb2_need_neg,
5482 .negotiate = smb2_negotiate,
5483 .negotiate_wsize = smb2_negotiate_wsize,
5484 .negotiate_rsize = smb2_negotiate_rsize,
5485 .sess_setup = SMB2_sess_setup,
5486 .logoff = SMB2_logoff,
5487 .tree_connect = SMB2_tcon,
5488 .tree_disconnect = SMB2_tdis,
5489 .qfs_tcon = smb2_qfs_tcon,
5490 .is_path_accessible = smb2_is_path_accessible,
5491 .can_echo = smb2_can_echo,
5492 .echo = SMB2_echo,
5493 .query_path_info = smb2_query_path_info,
5494 .get_srv_inum = smb2_get_srv_inum,
5495 .query_file_info = smb2_query_file_info,
5496 .set_path_size = smb2_set_path_size,
5497 .set_file_size = smb2_set_file_size,
5498 .set_file_info = smb2_set_file_info,
5499 .set_compression = smb2_set_compression,
5500 .mkdir = smb2_mkdir,
5501 .mkdir_setinfo = smb2_mkdir_setinfo,
5502 .rmdir = smb2_rmdir,
5503 .unlink = smb2_unlink,
5504 .rename = smb2_rename_path,
5505 .create_hardlink = smb2_create_hardlink,
5506 .query_symlink = smb2_query_symlink,
5507 .query_mf_symlink = smb3_query_mf_symlink,
5508 .create_mf_symlink = smb3_create_mf_symlink,
5509 .open = smb2_open_file,
5510 .set_fid = smb2_set_fid,
5511 .close = smb2_close_file,
5512 .flush = smb2_flush_file,
5513 .async_readv = smb2_async_readv,
5514 .async_writev = smb2_async_writev,
5515 .sync_read = smb2_sync_read,
5516 .sync_write = smb2_sync_write,
5517 .query_dir_first = smb2_query_dir_first,
5518 .query_dir_next = smb2_query_dir_next,
5519 .close_dir = smb2_close_dir,
5520 .calc_smb_size = smb2_calc_size,
5521 .is_status_pending = smb2_is_status_pending,
5522 .is_session_expired = smb2_is_session_expired,
5523 .oplock_response = smb2_oplock_response,
5524 .queryfs = smb2_queryfs,
5525 .mand_lock = smb2_mand_lock,
5526 .mand_unlock_range = smb2_unlock_range,
5527 .push_mand_locks = smb2_push_mandatory_locks,
5528 .get_lease_key = smb2_get_lease_key,
5529 .set_lease_key = smb2_set_lease_key,
5530 .new_lease_key = smb2_new_lease_key,
5531 .calc_signature = smb2_calc_signature,
5532 .is_read_op = smb2_is_read_op,
5533 .set_oplock_level = smb2_set_oplock_level,
5534 .create_lease_buf = smb2_create_lease_buf,
5535 .parse_lease_buf = smb2_parse_lease_buf,
5536 .copychunk_range = smb2_copychunk_range,
5537 .wp_retry_size = smb2_wp_retry_size,
5538 .dir_needs_close = smb2_dir_needs_close,
5539 .get_dfs_refer = smb2_get_dfs_refer,
5540 .select_sectype = smb2_select_sectype,
5541 #ifdef CONFIG_CIFS_XATTR
5542 .query_all_EAs = smb2_query_eas,
5543 .set_EA = smb2_set_ea,
5544 #endif /* CIFS_XATTR */
5545 .get_acl = get_smb2_acl,
5546 .get_acl_by_fid = get_smb2_acl_by_fid,
5547 .set_acl = set_smb2_acl,
5548 .next_header = smb2_next_header,
5549 .ioctl_query_info = smb2_ioctl_query_info,
5550 .make_node = smb2_make_node,
5551 .fiemap = smb3_fiemap,
5552 .llseek = smb3_llseek,
5553 .is_status_io_timeout = smb2_is_status_io_timeout,
5554 .is_network_name_deleted = smb2_is_network_name_deleted,
5555 };
5556 #endif /* CIFS_ALLOW_INSECURE_LEGACY */
5557
5558 struct smb_version_operations smb21_operations = {
5559 .compare_fids = smb2_compare_fids,
5560 .setup_request = smb2_setup_request,
5561 .setup_async_request = smb2_setup_async_request,
5562 .check_receive = smb2_check_receive,
5563 .add_credits = smb2_add_credits,
5564 .set_credits = smb2_set_credits,
5565 .get_credits_field = smb2_get_credits_field,
5566 .get_credits = smb2_get_credits,
5567 .wait_mtu_credits = smb2_wait_mtu_credits,
5568 .adjust_credits = smb2_adjust_credits,
5569 .get_next_mid = smb2_get_next_mid,
5570 .revert_current_mid = smb2_revert_current_mid,
5571 .read_data_offset = smb2_read_data_offset,
5572 .read_data_length = smb2_read_data_length,
5573 .map_error = map_smb2_to_linux_error,
5574 .find_mid = smb2_find_mid,
5575 .check_message = smb2_check_message,
5576 .dump_detail = smb2_dump_detail,
5577 .clear_stats = smb2_clear_stats,
5578 .print_stats = smb2_print_stats,
5579 .is_oplock_break = smb2_is_valid_oplock_break,
5580 .handle_cancelled_mid = smb2_handle_cancelled_mid,
5581 .downgrade_oplock = smb2_downgrade_oplock,
5582 .need_neg = smb2_need_neg,
5583 .negotiate = smb2_negotiate,
5584 .negotiate_wsize = smb2_negotiate_wsize,
5585 .negotiate_rsize = smb2_negotiate_rsize,
5586 .sess_setup = SMB2_sess_setup,
5587 .logoff = SMB2_logoff,
5588 .tree_connect = SMB2_tcon,
5589 .tree_disconnect = SMB2_tdis,
5590 .qfs_tcon = smb2_qfs_tcon,
5591 .is_path_accessible = smb2_is_path_accessible,
5592 .can_echo = smb2_can_echo,
5593 .echo = SMB2_echo,
5594 .query_path_info = smb2_query_path_info,
5595 .get_srv_inum = smb2_get_srv_inum,
5596 .query_file_info = smb2_query_file_info,
5597 .set_path_size = smb2_set_path_size,
5598 .set_file_size = smb2_set_file_size,
5599 .set_file_info = smb2_set_file_info,
5600 .set_compression = smb2_set_compression,
5601 .mkdir = smb2_mkdir,
5602 .mkdir_setinfo = smb2_mkdir_setinfo,
5603 .rmdir = smb2_rmdir,
5604 .unlink = smb2_unlink,
5605 .rename = smb2_rename_path,
5606 .create_hardlink = smb2_create_hardlink,
5607 .query_symlink = smb2_query_symlink,
5608 .query_mf_symlink = smb3_query_mf_symlink,
5609 .create_mf_symlink = smb3_create_mf_symlink,
5610 .open = smb2_open_file,
5611 .set_fid = smb2_set_fid,
5612 .close = smb2_close_file,
5613 .flush = smb2_flush_file,
5614 .async_readv = smb2_async_readv,
5615 .async_writev = smb2_async_writev,
5616 .sync_read = smb2_sync_read,
5617 .sync_write = smb2_sync_write,
5618 .query_dir_first = smb2_query_dir_first,
5619 .query_dir_next = smb2_query_dir_next,
5620 .close_dir = smb2_close_dir,
5621 .calc_smb_size = smb2_calc_size,
5622 .is_status_pending = smb2_is_status_pending,
5623 .is_session_expired = smb2_is_session_expired,
5624 .oplock_response = smb2_oplock_response,
5625 .queryfs = smb2_queryfs,
5626 .mand_lock = smb2_mand_lock,
5627 .mand_unlock_range = smb2_unlock_range,
5628 .push_mand_locks = smb2_push_mandatory_locks,
5629 .get_lease_key = smb2_get_lease_key,
5630 .set_lease_key = smb2_set_lease_key,
5631 .new_lease_key = smb2_new_lease_key,
5632 .calc_signature = smb2_calc_signature,
5633 .is_read_op = smb21_is_read_op,
5634 .set_oplock_level = smb21_set_oplock_level,
5635 .create_lease_buf = smb2_create_lease_buf,
5636 .parse_lease_buf = smb2_parse_lease_buf,
5637 .copychunk_range = smb2_copychunk_range,
5638 .wp_retry_size = smb2_wp_retry_size,
5639 .dir_needs_close = smb2_dir_needs_close,
5640 .enum_snapshots = smb3_enum_snapshots,
5641 .notify = smb3_notify,
5642 .get_dfs_refer = smb2_get_dfs_refer,
5643 .select_sectype = smb2_select_sectype,
5644 #ifdef CONFIG_CIFS_XATTR
5645 .query_all_EAs = smb2_query_eas,
5646 .set_EA = smb2_set_ea,
5647 #endif /* CIFS_XATTR */
5648 .get_acl = get_smb2_acl,
5649 .get_acl_by_fid = get_smb2_acl_by_fid,
5650 .set_acl = set_smb2_acl,
5651 .next_header = smb2_next_header,
5652 .ioctl_query_info = smb2_ioctl_query_info,
5653 .make_node = smb2_make_node,
5654 .fiemap = smb3_fiemap,
5655 .llseek = smb3_llseek,
5656 .is_status_io_timeout = smb2_is_status_io_timeout,
5657 .is_network_name_deleted = smb2_is_network_name_deleted,
5658 };
5659
5660 struct smb_version_operations smb30_operations = {
5661 .compare_fids = smb2_compare_fids,
5662 .setup_request = smb2_setup_request,
5663 .setup_async_request = smb2_setup_async_request,
5664 .check_receive = smb2_check_receive,
5665 .add_credits = smb2_add_credits,
5666 .set_credits = smb2_set_credits,
5667 .get_credits_field = smb2_get_credits_field,
5668 .get_credits = smb2_get_credits,
5669 .wait_mtu_credits = smb2_wait_mtu_credits,
5670 .adjust_credits = smb2_adjust_credits,
5671 .get_next_mid = smb2_get_next_mid,
5672 .revert_current_mid = smb2_revert_current_mid,
5673 .read_data_offset = smb2_read_data_offset,
5674 .read_data_length = smb2_read_data_length,
5675 .map_error = map_smb2_to_linux_error,
5676 .find_mid = smb2_find_mid,
5677 .check_message = smb2_check_message,
5678 .dump_detail = smb2_dump_detail,
5679 .clear_stats = smb2_clear_stats,
5680 .print_stats = smb2_print_stats,
5681 .dump_share_caps = smb2_dump_share_caps,
5682 .is_oplock_break = smb2_is_valid_oplock_break,
5683 .handle_cancelled_mid = smb2_handle_cancelled_mid,
5684 .downgrade_oplock = smb3_downgrade_oplock,
5685 .need_neg = smb2_need_neg,
5686 .negotiate = smb2_negotiate,
5687 .negotiate_wsize = smb3_negotiate_wsize,
5688 .negotiate_rsize = smb3_negotiate_rsize,
5689 .sess_setup = SMB2_sess_setup,
5690 .logoff = SMB2_logoff,
5691 .tree_connect = SMB2_tcon,
5692 .tree_disconnect = SMB2_tdis,
5693 .qfs_tcon = smb3_qfs_tcon,
5694 .is_path_accessible = smb2_is_path_accessible,
5695 .can_echo = smb2_can_echo,
5696 .echo = SMB2_echo,
5697 .query_path_info = smb2_query_path_info,
5698 /* WSL tags introduced long after smb2.1, enable for SMB3, 3.11 only */
5699 .query_reparse_tag = smb2_query_reparse_tag,
5700 .get_srv_inum = smb2_get_srv_inum,
5701 .query_file_info = smb2_query_file_info,
5702 .set_path_size = smb2_set_path_size,
5703 .set_file_size = smb2_set_file_size,
5704 .set_file_info = smb2_set_file_info,
5705 .set_compression = smb2_set_compression,
5706 .mkdir = smb2_mkdir,
5707 .mkdir_setinfo = smb2_mkdir_setinfo,
5708 .rmdir = smb2_rmdir,
5709 .unlink = smb2_unlink,
5710 .rename = smb2_rename_path,
5711 .create_hardlink = smb2_create_hardlink,
5712 .query_symlink = smb2_query_symlink,
5713 .query_mf_symlink = smb3_query_mf_symlink,
5714 .create_mf_symlink = smb3_create_mf_symlink,
5715 .open = smb2_open_file,
5716 .set_fid = smb2_set_fid,
5717 .close = smb2_close_file,
5718 .close_getattr = smb2_close_getattr,
5719 .flush = smb2_flush_file,
5720 .async_readv = smb2_async_readv,
5721 .async_writev = smb2_async_writev,
5722 .sync_read = smb2_sync_read,
5723 .sync_write = smb2_sync_write,
5724 .query_dir_first = smb2_query_dir_first,
5725 .query_dir_next = smb2_query_dir_next,
5726 .close_dir = smb2_close_dir,
5727 .calc_smb_size = smb2_calc_size,
5728 .is_status_pending = smb2_is_status_pending,
5729 .is_session_expired = smb2_is_session_expired,
5730 .oplock_response = smb2_oplock_response,
5731 .queryfs = smb2_queryfs,
5732 .mand_lock = smb2_mand_lock,
5733 .mand_unlock_range = smb2_unlock_range,
5734 .push_mand_locks = smb2_push_mandatory_locks,
5735 .get_lease_key = smb2_get_lease_key,
5736 .set_lease_key = smb2_set_lease_key,
5737 .new_lease_key = smb2_new_lease_key,
5738 .generate_signingkey = generate_smb30signingkey,
5739 .calc_signature = smb3_calc_signature,
5740 .set_integrity = smb3_set_integrity,
5741 .is_read_op = smb21_is_read_op,
5742 .set_oplock_level = smb3_set_oplock_level,
5743 .create_lease_buf = smb3_create_lease_buf,
5744 .parse_lease_buf = smb3_parse_lease_buf,
5745 .copychunk_range = smb2_copychunk_range,
5746 .duplicate_extents = smb2_duplicate_extents,
5747 .validate_negotiate = smb3_validate_negotiate,
5748 .wp_retry_size = smb2_wp_retry_size,
5749 .dir_needs_close = smb2_dir_needs_close,
5750 .fallocate = smb3_fallocate,
5751 .enum_snapshots = smb3_enum_snapshots,
5752 .notify = smb3_notify,
5753 .init_transform_rq = smb3_init_transform_rq,
5754 .is_transform_hdr = smb3_is_transform_hdr,
5755 .receive_transform = smb3_receive_transform,
5756 .get_dfs_refer = smb2_get_dfs_refer,
5757 .select_sectype = smb2_select_sectype,
5758 #ifdef CONFIG_CIFS_XATTR
5759 .query_all_EAs = smb2_query_eas,
5760 .set_EA = smb2_set_ea,
5761 #endif /* CIFS_XATTR */
5762 .get_acl = get_smb2_acl,
5763 .get_acl_by_fid = get_smb2_acl_by_fid,
5764 .set_acl = set_smb2_acl,
5765 .next_header = smb2_next_header,
5766 .ioctl_query_info = smb2_ioctl_query_info,
5767 .make_node = smb2_make_node,
5768 .fiemap = smb3_fiemap,
5769 .llseek = smb3_llseek,
5770 .is_status_io_timeout = smb2_is_status_io_timeout,
5771 .is_network_name_deleted = smb2_is_network_name_deleted,
5772 };
5773
5774 struct smb_version_operations smb311_operations = {
5775 .compare_fids = smb2_compare_fids,
5776 .setup_request = smb2_setup_request,
5777 .setup_async_request = smb2_setup_async_request,
5778 .check_receive = smb2_check_receive,
5779 .add_credits = smb2_add_credits,
5780 .set_credits = smb2_set_credits,
5781 .get_credits_field = smb2_get_credits_field,
5782 .get_credits = smb2_get_credits,
5783 .wait_mtu_credits = smb2_wait_mtu_credits,
5784 .adjust_credits = smb2_adjust_credits,
5785 .get_next_mid = smb2_get_next_mid,
5786 .revert_current_mid = smb2_revert_current_mid,
5787 .read_data_offset = smb2_read_data_offset,
5788 .read_data_length = smb2_read_data_length,
5789 .map_error = map_smb2_to_linux_error,
5790 .find_mid = smb2_find_mid,
5791 .check_message = smb2_check_message,
5792 .dump_detail = smb2_dump_detail,
5793 .clear_stats = smb2_clear_stats,
5794 .print_stats = smb2_print_stats,
5795 .dump_share_caps = smb2_dump_share_caps,
5796 .is_oplock_break = smb2_is_valid_oplock_break,
5797 .handle_cancelled_mid = smb2_handle_cancelled_mid,
5798 .downgrade_oplock = smb3_downgrade_oplock,
5799 .need_neg = smb2_need_neg,
5800 .negotiate = smb2_negotiate,
5801 .negotiate_wsize = smb3_negotiate_wsize,
5802 .negotiate_rsize = smb3_negotiate_rsize,
5803 .sess_setup = SMB2_sess_setup,
5804 .logoff = SMB2_logoff,
5805 .tree_connect = SMB2_tcon,
5806 .tree_disconnect = SMB2_tdis,
5807 .qfs_tcon = smb3_qfs_tcon,
5808 .is_path_accessible = smb2_is_path_accessible,
5809 .can_echo = smb2_can_echo,
5810 .echo = SMB2_echo,
5811 .query_path_info = smb2_query_path_info,
5812 .query_reparse_tag = smb2_query_reparse_tag,
5813 .get_srv_inum = smb2_get_srv_inum,
5814 .query_file_info = smb2_query_file_info,
5815 .set_path_size = smb2_set_path_size,
5816 .set_file_size = smb2_set_file_size,
5817 .set_file_info = smb2_set_file_info,
5818 .set_compression = smb2_set_compression,
5819 .mkdir = smb2_mkdir,
5820 .mkdir_setinfo = smb2_mkdir_setinfo,
5821 .posix_mkdir = smb311_posix_mkdir,
5822 .rmdir = smb2_rmdir,
5823 .unlink = smb2_unlink,
5824 .rename = smb2_rename_path,
5825 .create_hardlink = smb2_create_hardlink,
5826 .query_symlink = smb2_query_symlink,
5827 .query_mf_symlink = smb3_query_mf_symlink,
5828 .create_mf_symlink = smb3_create_mf_symlink,
5829 .open = smb2_open_file,
5830 .set_fid = smb2_set_fid,
5831 .close = smb2_close_file,
5832 .close_getattr = smb2_close_getattr,
5833 .flush = smb2_flush_file,
5834 .async_readv = smb2_async_readv,
5835 .async_writev = smb2_async_writev,
5836 .sync_read = smb2_sync_read,
5837 .sync_write = smb2_sync_write,
5838 .query_dir_first = smb2_query_dir_first,
5839 .query_dir_next = smb2_query_dir_next,
5840 .close_dir = smb2_close_dir,
5841 .calc_smb_size = smb2_calc_size,
5842 .is_status_pending = smb2_is_status_pending,
5843 .is_session_expired = smb2_is_session_expired,
5844 .oplock_response = smb2_oplock_response,
5845 .queryfs = smb311_queryfs,
5846 .mand_lock = smb2_mand_lock,
5847 .mand_unlock_range = smb2_unlock_range,
5848 .push_mand_locks = smb2_push_mandatory_locks,
5849 .get_lease_key = smb2_get_lease_key,
5850 .set_lease_key = smb2_set_lease_key,
5851 .new_lease_key = smb2_new_lease_key,
5852 .generate_signingkey = generate_smb311signingkey,
5853 .calc_signature = smb3_calc_signature,
5854 .set_integrity = smb3_set_integrity,
5855 .is_read_op = smb21_is_read_op,
5856 .set_oplock_level = smb3_set_oplock_level,
5857 .create_lease_buf = smb3_create_lease_buf,
5858 .parse_lease_buf = smb3_parse_lease_buf,
5859 .copychunk_range = smb2_copychunk_range,
5860 .duplicate_extents = smb2_duplicate_extents,
5861 /* .validate_negotiate = smb3_validate_negotiate, */ /* not used in 3.11 */
5862 .wp_retry_size = smb2_wp_retry_size,
5863 .dir_needs_close = smb2_dir_needs_close,
5864 .fallocate = smb3_fallocate,
5865 .enum_snapshots = smb3_enum_snapshots,
5866 .notify = smb3_notify,
5867 .init_transform_rq = smb3_init_transform_rq,
5868 .is_transform_hdr = smb3_is_transform_hdr,
5869 .receive_transform = smb3_receive_transform,
5870 .get_dfs_refer = smb2_get_dfs_refer,
5871 .select_sectype = smb2_select_sectype,
5872 #ifdef CONFIG_CIFS_XATTR
5873 .query_all_EAs = smb2_query_eas,
5874 .set_EA = smb2_set_ea,
5875 #endif /* CIFS_XATTR */
5876 .get_acl = get_smb2_acl,
5877 .get_acl_by_fid = get_smb2_acl_by_fid,
5878 .set_acl = set_smb2_acl,
5879 .next_header = smb2_next_header,
5880 .ioctl_query_info = smb2_ioctl_query_info,
5881 .make_node = smb2_make_node,
5882 .fiemap = smb3_fiemap,
5883 .llseek = smb3_llseek,
5884 .is_status_io_timeout = smb2_is_status_io_timeout,
5885 .is_network_name_deleted = smb2_is_network_name_deleted,
5886 };
5887
5888 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
5889 struct smb_version_values smb20_values = {
5890 .version_string = SMB20_VERSION_STRING,
5891 .protocol_id = SMB20_PROT_ID,
5892 .req_capabilities = 0, /* MBZ */
5893 .large_lock_type = 0,
5894 .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
5895 .shared_lock_type = SMB2_LOCKFLAG_SHARED,
5896 .unlock_lock_type = SMB2_LOCKFLAG_UNLOCK,
5897 .header_size = sizeof(struct smb2_hdr),
5898 .header_preamble_size = 0,
5899 .max_header_size = MAX_SMB2_HDR_SIZE,
5900 .read_rsp_size = sizeof(struct smb2_read_rsp) - 1,
5901 .lock_cmd = SMB2_LOCK,
5902 .cap_unix = 0,
5903 .cap_nt_find = SMB2_NT_FIND,
5904 .cap_large_files = SMB2_LARGE_FILES,
5905 .signing_enabled = SMB2_NEGOTIATE_SIGNING_ENABLED | SMB2_NEGOTIATE_SIGNING_REQUIRED,
5906 .signing_required = SMB2_NEGOTIATE_SIGNING_REQUIRED,
5907 .create_lease_size = sizeof(struct create_lease),
5908 };
5909 #endif /* ALLOW_INSECURE_LEGACY */
5910
5911 struct smb_version_values smb21_values = {
5912 .version_string = SMB21_VERSION_STRING,
5913 .protocol_id = SMB21_PROT_ID,
5914 .req_capabilities = 0, /* MBZ on negotiate req until SMB3 dialect */
5915 .large_lock_type = 0,
5916 .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
5917 .shared_lock_type = SMB2_LOCKFLAG_SHARED,
5918 .unlock_lock_type = SMB2_LOCKFLAG_UNLOCK,
5919 .header_size = sizeof(struct smb2_hdr),
5920 .header_preamble_size = 0,
5921 .max_header_size = MAX_SMB2_HDR_SIZE,
5922 .read_rsp_size = sizeof(struct smb2_read_rsp) - 1,
5923 .lock_cmd = SMB2_LOCK,
5924 .cap_unix = 0,
5925 .cap_nt_find = SMB2_NT_FIND,
5926 .cap_large_files = SMB2_LARGE_FILES,
5927 .signing_enabled = SMB2_NEGOTIATE_SIGNING_ENABLED | SMB2_NEGOTIATE_SIGNING_REQUIRED,
5928 .signing_required = SMB2_NEGOTIATE_SIGNING_REQUIRED,
5929 .create_lease_size = sizeof(struct create_lease),
5930 };
5931
5932 struct smb_version_values smb3any_values = {
5933 .version_string = SMB3ANY_VERSION_STRING,
5934 .protocol_id = SMB302_PROT_ID, /* doesn't matter, send protocol array */
5935 .req_capabilities = SMB2_GLOBAL_CAP_DFS | SMB2_GLOBAL_CAP_LEASING | SMB2_GLOBAL_CAP_LARGE_MTU | SMB2_GLOBAL_CAP_PERSISTENT_HANDLES | SMB2_GLOBAL_CAP_ENCRYPTION | SMB2_GLOBAL_CAP_DIRECTORY_LEASING,
5936 .large_lock_type = 0,
5937 .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
5938 .shared_lock_type = SMB2_LOCKFLAG_SHARED,
5939 .unlock_lock_type = SMB2_LOCKFLAG_UNLOCK,
5940 .header_size = sizeof(struct smb2_hdr),
5941 .header_preamble_size = 0,
5942 .max_header_size = MAX_SMB2_HDR_SIZE,
5943 .read_rsp_size = sizeof(struct smb2_read_rsp) - 1,
5944 .lock_cmd = SMB2_LOCK,
5945 .cap_unix = 0,
5946 .cap_nt_find = SMB2_NT_FIND,
5947 .cap_large_files = SMB2_LARGE_FILES,
5948 .signing_enabled = SMB2_NEGOTIATE_SIGNING_ENABLED | SMB2_NEGOTIATE_SIGNING_REQUIRED,
5949 .signing_required = SMB2_NEGOTIATE_SIGNING_REQUIRED,
5950 .create_lease_size = sizeof(struct create_lease_v2),
5951 };
5952
5953 struct smb_version_values smbdefault_values = {
5954 .version_string = SMBDEFAULT_VERSION_STRING,
5955 .protocol_id = SMB302_PROT_ID, /* doesn't matter, send protocol array */
5956 .req_capabilities = SMB2_GLOBAL_CAP_DFS | SMB2_GLOBAL_CAP_LEASING | SMB2_GLOBAL_CAP_LARGE_MTU | SMB2_GLOBAL_CAP_PERSISTENT_HANDLES | SMB2_GLOBAL_CAP_ENCRYPTION | SMB2_GLOBAL_CAP_DIRECTORY_LEASING,
5957 .large_lock_type = 0,
5958 .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
5959 .shared_lock_type = SMB2_LOCKFLAG_SHARED,
5960 .unlock_lock_type = SMB2_LOCKFLAG_UNLOCK,
5961 .header_size = sizeof(struct smb2_hdr),
5962 .header_preamble_size = 0,
5963 .max_header_size = MAX_SMB2_HDR_SIZE,
5964 .read_rsp_size = sizeof(struct smb2_read_rsp) - 1,
5965 .lock_cmd = SMB2_LOCK,
5966 .cap_unix = 0,
5967 .cap_nt_find = SMB2_NT_FIND,
5968 .cap_large_files = SMB2_LARGE_FILES,
5969 .signing_enabled = SMB2_NEGOTIATE_SIGNING_ENABLED | SMB2_NEGOTIATE_SIGNING_REQUIRED,
5970 .signing_required = SMB2_NEGOTIATE_SIGNING_REQUIRED,
5971 .create_lease_size = sizeof(struct create_lease_v2),
5972 };
5973
5974 struct smb_version_values smb30_values = {
5975 .version_string = SMB30_VERSION_STRING,
5976 .protocol_id = SMB30_PROT_ID,
5977 .req_capabilities = SMB2_GLOBAL_CAP_DFS | SMB2_GLOBAL_CAP_LEASING | SMB2_GLOBAL_CAP_LARGE_MTU | SMB2_GLOBAL_CAP_PERSISTENT_HANDLES | SMB2_GLOBAL_CAP_ENCRYPTION | SMB2_GLOBAL_CAP_DIRECTORY_LEASING,
5978 .large_lock_type = 0,
5979 .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
5980 .shared_lock_type = SMB2_LOCKFLAG_SHARED,
5981 .unlock_lock_type = SMB2_LOCKFLAG_UNLOCK,
5982 .header_size = sizeof(struct smb2_hdr),
5983 .header_preamble_size = 0,
5984 .max_header_size = MAX_SMB2_HDR_SIZE,
5985 .read_rsp_size = sizeof(struct smb2_read_rsp) - 1,
5986 .lock_cmd = SMB2_LOCK,
5987 .cap_unix = 0,
5988 .cap_nt_find = SMB2_NT_FIND,
5989 .cap_large_files = SMB2_LARGE_FILES,
5990 .signing_enabled = SMB2_NEGOTIATE_SIGNING_ENABLED | SMB2_NEGOTIATE_SIGNING_REQUIRED,
5991 .signing_required = SMB2_NEGOTIATE_SIGNING_REQUIRED,
5992 .create_lease_size = sizeof(struct create_lease_v2),
5993 };
5994
5995 struct smb_version_values smb302_values = {
5996 .version_string = SMB302_VERSION_STRING,
5997 .protocol_id = SMB302_PROT_ID,
5998 .req_capabilities = SMB2_GLOBAL_CAP_DFS | SMB2_GLOBAL_CAP_LEASING | SMB2_GLOBAL_CAP_LARGE_MTU | SMB2_GLOBAL_CAP_PERSISTENT_HANDLES | SMB2_GLOBAL_CAP_ENCRYPTION | SMB2_GLOBAL_CAP_DIRECTORY_LEASING,
5999 .large_lock_type = 0,
6000 .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
6001 .shared_lock_type = SMB2_LOCKFLAG_SHARED,
6002 .unlock_lock_type = SMB2_LOCKFLAG_UNLOCK,
6003 .header_size = sizeof(struct smb2_hdr),
6004 .header_preamble_size = 0,
6005 .max_header_size = MAX_SMB2_HDR_SIZE,
6006 .read_rsp_size = sizeof(struct smb2_read_rsp) - 1,
6007 .lock_cmd = SMB2_LOCK,
6008 .cap_unix = 0,
6009 .cap_nt_find = SMB2_NT_FIND,
6010 .cap_large_files = SMB2_LARGE_FILES,
6011 .signing_enabled = SMB2_NEGOTIATE_SIGNING_ENABLED | SMB2_NEGOTIATE_SIGNING_REQUIRED,
6012 .signing_required = SMB2_NEGOTIATE_SIGNING_REQUIRED,
6013 .create_lease_size = sizeof(struct create_lease_v2),
6014 };
6015
6016 struct smb_version_values smb311_values = {
6017 .version_string = SMB311_VERSION_STRING,
6018 .protocol_id = SMB311_PROT_ID,
6019 .req_capabilities = SMB2_GLOBAL_CAP_DFS | SMB2_GLOBAL_CAP_LEASING | SMB2_GLOBAL_CAP_LARGE_MTU | SMB2_GLOBAL_CAP_PERSISTENT_HANDLES | SMB2_GLOBAL_CAP_ENCRYPTION | SMB2_GLOBAL_CAP_DIRECTORY_LEASING,
6020 .large_lock_type = 0,
6021 .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE,
6022 .shared_lock_type = SMB2_LOCKFLAG_SHARED,
6023 .unlock_lock_type = SMB2_LOCKFLAG_UNLOCK,
6024 .header_size = sizeof(struct smb2_hdr),
6025 .header_preamble_size = 0,
6026 .max_header_size = MAX_SMB2_HDR_SIZE,
6027 .read_rsp_size = sizeof(struct smb2_read_rsp) - 1,
6028 .lock_cmd = SMB2_LOCK,
6029 .cap_unix = 0,
6030 .cap_nt_find = SMB2_NT_FIND,
6031 .cap_large_files = SMB2_LARGE_FILES,
6032 .signing_enabled = SMB2_NEGOTIATE_SIGNING_ENABLED | SMB2_NEGOTIATE_SIGNING_REQUIRED,
6033 .signing_required = SMB2_NEGOTIATE_SIGNING_REQUIRED,
6034 .create_lease_size = sizeof(struct create_lease_v2),
6035 };
6036