1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * DFS referral cache routines
4 *
5 * Copyright (c) 2018-2019 Paulo Alcantara <palcantara@suse.de>
6 */
7
8 #include <linux/jhash.h>
9 #include <linux/ktime.h>
10 #include <linux/slab.h>
11 #include <linux/proc_fs.h>
12 #include <linux/nls.h>
13 #include <linux/workqueue.h>
14 #include <linux/uuid.h>
15 #include "cifsglob.h"
16 #include "smb2pdu.h"
17 #include "smb2proto.h"
18 #include "cifsproto.h"
19 #include "cifs_debug.h"
20 #include "cifs_unicode.h"
21 #include "smb2glob.h"
22 #include "dns_resolve.h"
23 #include "dfs.h"
24
25 #include "dfs_cache.h"
26
27 #define CACHE_HTABLE_SIZE 32
28 #define CACHE_MAX_ENTRIES 64
29 #define CACHE_MIN_TTL 120 /* 2 minutes */
30 #define CACHE_DEFAULT_TTL 300 /* 5 minutes */
31
32 struct cache_dfs_tgt {
33 char *name;
34 int path_consumed;
35 struct list_head list;
36 };
37
38 struct cache_entry {
39 struct hlist_node hlist;
40 const char *path;
41 int hdr_flags; /* RESP_GET_DFS_REFERRAL.ReferralHeaderFlags */
42 int ttl; /* DFS_REREFERRAL_V3.TimeToLive */
43 int srvtype; /* DFS_REREFERRAL_V3.ServerType */
44 int ref_flags; /* DFS_REREFERRAL_V3.ReferralEntryFlags */
45 struct timespec64 etime;
46 int path_consumed; /* RESP_GET_DFS_REFERRAL.PathConsumed */
47 int numtgts;
48 struct list_head tlist;
49 struct cache_dfs_tgt *tgthint;
50 };
51
52 static struct kmem_cache *cache_slab __read_mostly;
53 struct workqueue_struct *dfscache_wq;
54
55 atomic_t dfs_cache_ttl;
56
57 static struct nls_table *cache_cp;
58
59 /*
60 * Number of entries in the cache
61 */
62 static atomic_t cache_count;
63
64 static struct hlist_head cache_htable[CACHE_HTABLE_SIZE];
65 static DECLARE_RWSEM(htable_rw_lock);
66
67 /**
68 * dfs_cache_canonical_path - get a canonical DFS path
69 *
70 * @path: DFS path
71 * @cp: codepage
72 * @remap: mapping type
73 *
74 * Return canonical path if success, otherwise error.
75 */
dfs_cache_canonical_path(const char * path,const struct nls_table * cp,int remap)76 char *dfs_cache_canonical_path(const char *path, const struct nls_table *cp, int remap)
77 {
78 char *tmp;
79 int plen = 0;
80 char *npath;
81
82 if (!path || strlen(path) < 3 || (*path != '\\' && *path != '/'))
83 return ERR_PTR(-EINVAL);
84
85 if (unlikely(strcmp(cp->charset, cache_cp->charset))) {
86 tmp = (char *)cifs_strndup_to_utf16(path, strlen(path), &plen, cp, remap);
87 if (!tmp) {
88 cifs_dbg(VFS, "%s: failed to convert path to utf16\n", __func__);
89 return ERR_PTR(-EINVAL);
90 }
91
92 npath = cifs_strndup_from_utf16(tmp, plen, true, cache_cp);
93 kfree(tmp);
94
95 if (!npath) {
96 cifs_dbg(VFS, "%s: failed to convert path from utf16\n", __func__);
97 return ERR_PTR(-EINVAL);
98 }
99 } else {
100 npath = kstrdup(path, GFP_KERNEL);
101 if (!npath)
102 return ERR_PTR(-ENOMEM);
103 }
104 convert_delimiter(npath, '\\');
105 return npath;
106 }
107
cache_entry_expired(const struct cache_entry * ce)108 static inline bool cache_entry_expired(const struct cache_entry *ce)
109 {
110 struct timespec64 ts;
111
112 ktime_get_coarse_real_ts64(&ts);
113 return timespec64_compare(&ts, &ce->etime) >= 0;
114 }
115
free_tgts(struct cache_entry * ce)116 static inline void free_tgts(struct cache_entry *ce)
117 {
118 struct cache_dfs_tgt *t, *n;
119
120 list_for_each_entry_safe(t, n, &ce->tlist, list) {
121 list_del(&t->list);
122 kfree(t->name);
123 kfree(t);
124 }
125 }
126
flush_cache_ent(struct cache_entry * ce)127 static inline void flush_cache_ent(struct cache_entry *ce)
128 {
129 hlist_del_init(&ce->hlist);
130 kfree(ce->path);
131 free_tgts(ce);
132 atomic_dec(&cache_count);
133 kmem_cache_free(cache_slab, ce);
134 }
135
flush_cache_ents(void)136 static void flush_cache_ents(void)
137 {
138 int i;
139
140 for (i = 0; i < CACHE_HTABLE_SIZE; i++) {
141 struct hlist_head *l = &cache_htable[i];
142 struct hlist_node *n;
143 struct cache_entry *ce;
144
145 hlist_for_each_entry_safe(ce, n, l, hlist) {
146 if (!hlist_unhashed(&ce->hlist))
147 flush_cache_ent(ce);
148 }
149 }
150 }
151
152 /*
153 * dfs cache /proc file
154 */
dfscache_proc_show(struct seq_file * m,void * v)155 static int dfscache_proc_show(struct seq_file *m, void *v)
156 {
157 int i;
158 struct cache_entry *ce;
159 struct cache_dfs_tgt *t;
160
161 seq_puts(m, "DFS cache\n---------\n");
162
163 down_read(&htable_rw_lock);
164 for (i = 0; i < CACHE_HTABLE_SIZE; i++) {
165 struct hlist_head *l = &cache_htable[i];
166
167 hlist_for_each_entry(ce, l, hlist) {
168 if (hlist_unhashed(&ce->hlist))
169 continue;
170
171 seq_printf(m,
172 "cache entry: path=%s,type=%s,ttl=%d,etime=%ld,hdr_flags=0x%x,ref_flags=0x%x,interlink=%s,path_consumed=%d,expired=%s\n",
173 ce->path, ce->srvtype == DFS_TYPE_ROOT ? "root" : "link",
174 ce->ttl, ce->etime.tv_nsec, ce->hdr_flags, ce->ref_flags,
175 DFS_INTERLINK(ce->hdr_flags) ? "yes" : "no",
176 ce->path_consumed, cache_entry_expired(ce) ? "yes" : "no");
177
178 list_for_each_entry(t, &ce->tlist, list) {
179 seq_printf(m, " %s%s\n",
180 t->name,
181 READ_ONCE(ce->tgthint) == t ? " (target hint)" : "");
182 }
183 }
184 }
185 up_read(&htable_rw_lock);
186
187 return 0;
188 }
189
dfscache_proc_write(struct file * file,const char __user * buffer,size_t count,loff_t * ppos)190 static ssize_t dfscache_proc_write(struct file *file, const char __user *buffer,
191 size_t count, loff_t *ppos)
192 {
193 char c;
194 int rc;
195
196 rc = get_user(c, buffer);
197 if (rc)
198 return rc;
199
200 if (c != '0')
201 return -EINVAL;
202
203 cifs_dbg(FYI, "clearing dfs cache\n");
204
205 down_write(&htable_rw_lock);
206 flush_cache_ents();
207 up_write(&htable_rw_lock);
208
209 return count;
210 }
211
dfscache_proc_open(struct inode * inode,struct file * file)212 static int dfscache_proc_open(struct inode *inode, struct file *file)
213 {
214 return single_open(file, dfscache_proc_show, NULL);
215 }
216
217 const struct proc_ops dfscache_proc_ops = {
218 .proc_open = dfscache_proc_open,
219 .proc_read = seq_read,
220 .proc_lseek = seq_lseek,
221 .proc_release = single_release,
222 .proc_write = dfscache_proc_write,
223 };
224
225 #ifdef CONFIG_CIFS_DEBUG2
dump_tgts(const struct cache_entry * ce)226 static inline void dump_tgts(const struct cache_entry *ce)
227 {
228 struct cache_dfs_tgt *t;
229
230 cifs_dbg(FYI, "target list:\n");
231 list_for_each_entry(t, &ce->tlist, list) {
232 cifs_dbg(FYI, " %s%s\n", t->name,
233 READ_ONCE(ce->tgthint) == t ? " (target hint)" : "");
234 }
235 }
236
dump_ce(const struct cache_entry * ce)237 static inline void dump_ce(const struct cache_entry *ce)
238 {
239 cifs_dbg(FYI, "cache entry: path=%s,type=%s,ttl=%d,etime=%ld,hdr_flags=0x%x,ref_flags=0x%x,interlink=%s,path_consumed=%d,expired=%s\n",
240 ce->path,
241 ce->srvtype == DFS_TYPE_ROOT ? "root" : "link", ce->ttl,
242 ce->etime.tv_nsec,
243 ce->hdr_flags, ce->ref_flags,
244 DFS_INTERLINK(ce->hdr_flags) ? "yes" : "no",
245 ce->path_consumed,
246 cache_entry_expired(ce) ? "yes" : "no");
247 dump_tgts(ce);
248 }
249
dump_refs(const struct dfs_info3_param * refs,int numrefs)250 static inline void dump_refs(const struct dfs_info3_param *refs, int numrefs)
251 {
252 int i;
253
254 cifs_dbg(FYI, "DFS referrals returned by the server:\n");
255 for (i = 0; i < numrefs; i++) {
256 const struct dfs_info3_param *ref = &refs[i];
257
258 cifs_dbg(FYI,
259 "\n"
260 "flags: 0x%x\n"
261 "path_consumed: %d\n"
262 "server_type: 0x%x\n"
263 "ref_flag: 0x%x\n"
264 "path_name: %s\n"
265 "node_name: %s\n"
266 "ttl: %d (%dm)\n",
267 ref->flags, ref->path_consumed, ref->server_type,
268 ref->ref_flag, ref->path_name, ref->node_name,
269 ref->ttl, ref->ttl / 60);
270 }
271 }
272 #else
273 #define dump_tgts(e)
274 #define dump_ce(e)
275 #define dump_refs(r, n)
276 #endif
277
278 /**
279 * dfs_cache_init - Initialize DFS referral cache.
280 *
281 * Return zero if initialized successfully, otherwise non-zero.
282 */
dfs_cache_init(void)283 int dfs_cache_init(void)
284 {
285 int rc;
286 int i;
287
288 dfscache_wq = alloc_workqueue("cifs-dfscache",
289 WQ_UNBOUND|WQ_FREEZABLE|WQ_MEM_RECLAIM,
290 0);
291 if (!dfscache_wq)
292 return -ENOMEM;
293
294 cache_slab = kmem_cache_create("cifs_dfs_cache",
295 sizeof(struct cache_entry), 0,
296 SLAB_HWCACHE_ALIGN, NULL);
297 if (!cache_slab) {
298 rc = -ENOMEM;
299 goto out_destroy_wq;
300 }
301
302 for (i = 0; i < CACHE_HTABLE_SIZE; i++)
303 INIT_HLIST_HEAD(&cache_htable[i]);
304
305 atomic_set(&cache_count, 0);
306 atomic_set(&dfs_cache_ttl, CACHE_DEFAULT_TTL);
307 cache_cp = load_nls("utf8");
308 if (!cache_cp)
309 cache_cp = load_nls_default();
310
311 cifs_dbg(FYI, "%s: initialized DFS referral cache\n", __func__);
312 return 0;
313
314 out_destroy_wq:
315 destroy_workqueue(dfscache_wq);
316 return rc;
317 }
318
cache_entry_hash(const void * data,int size,unsigned int * hash)319 static int cache_entry_hash(const void *data, int size, unsigned int *hash)
320 {
321 int i, clen;
322 const unsigned char *s = data;
323 wchar_t c;
324 unsigned int h = 0;
325
326 for (i = 0; i < size; i += clen) {
327 clen = cache_cp->char2uni(&s[i], size - i, &c);
328 if (unlikely(clen < 0)) {
329 cifs_dbg(VFS, "%s: can't convert char\n", __func__);
330 return clen;
331 }
332 c = cifs_toupper(c);
333 h = jhash(&c, sizeof(c), h);
334 }
335 *hash = h % CACHE_HTABLE_SIZE;
336 return 0;
337 }
338
339 /* Return target hint of a DFS cache entry */
get_tgt_name(const struct cache_entry * ce)340 static inline char *get_tgt_name(const struct cache_entry *ce)
341 {
342 struct cache_dfs_tgt *t = READ_ONCE(ce->tgthint);
343
344 return t ? t->name : ERR_PTR(-ENOENT);
345 }
346
347 /* Return expire time out of a new entry's TTL */
get_expire_time(int ttl)348 static inline struct timespec64 get_expire_time(int ttl)
349 {
350 struct timespec64 ts = {
351 .tv_sec = ttl,
352 .tv_nsec = 0,
353 };
354 struct timespec64 now;
355
356 ktime_get_coarse_real_ts64(&now);
357 return timespec64_add(now, ts);
358 }
359
360 /* Allocate a new DFS target */
alloc_target(const char * name,int path_consumed)361 static struct cache_dfs_tgt *alloc_target(const char *name, int path_consumed)
362 {
363 struct cache_dfs_tgt *t;
364
365 t = kmalloc(sizeof(*t), GFP_ATOMIC);
366 if (!t)
367 return ERR_PTR(-ENOMEM);
368 t->name = kstrdup(name, GFP_ATOMIC);
369 if (!t->name) {
370 kfree(t);
371 return ERR_PTR(-ENOMEM);
372 }
373 t->path_consumed = path_consumed;
374 INIT_LIST_HEAD(&t->list);
375 return t;
376 }
377
378 /*
379 * Copy DFS referral information to a cache entry and conditionally update
380 * target hint.
381 */
copy_ref_data(const struct dfs_info3_param * refs,int numrefs,struct cache_entry * ce,const char * tgthint)382 static int copy_ref_data(const struct dfs_info3_param *refs, int numrefs,
383 struct cache_entry *ce, const char *tgthint)
384 {
385 struct cache_dfs_tgt *target;
386 int i;
387
388 ce->ttl = max_t(int, refs[0].ttl, CACHE_MIN_TTL);
389 ce->etime = get_expire_time(ce->ttl);
390 ce->srvtype = refs[0].server_type;
391 ce->hdr_flags = refs[0].flags;
392 ce->ref_flags = refs[0].ref_flag;
393 ce->path_consumed = refs[0].path_consumed;
394
395 for (i = 0; i < numrefs; i++) {
396 struct cache_dfs_tgt *t;
397
398 t = alloc_target(refs[i].node_name, refs[i].path_consumed);
399 if (IS_ERR(t)) {
400 free_tgts(ce);
401 return PTR_ERR(t);
402 }
403 if (tgthint && !strcasecmp(t->name, tgthint)) {
404 list_add(&t->list, &ce->tlist);
405 tgthint = NULL;
406 } else {
407 list_add_tail(&t->list, &ce->tlist);
408 }
409 ce->numtgts++;
410 }
411
412 target = list_first_entry_or_null(&ce->tlist, struct cache_dfs_tgt,
413 list);
414 WRITE_ONCE(ce->tgthint, target);
415
416 return 0;
417 }
418
419 /* Allocate a new cache entry */
alloc_cache_entry(struct dfs_info3_param * refs,int numrefs)420 static struct cache_entry *alloc_cache_entry(struct dfs_info3_param *refs, int numrefs)
421 {
422 struct cache_entry *ce;
423 int rc;
424
425 ce = kmem_cache_zalloc(cache_slab, GFP_KERNEL);
426 if (!ce)
427 return ERR_PTR(-ENOMEM);
428
429 ce->path = refs[0].path_name;
430 refs[0].path_name = NULL;
431
432 INIT_HLIST_NODE(&ce->hlist);
433 INIT_LIST_HEAD(&ce->tlist);
434
435 rc = copy_ref_data(refs, numrefs, ce, NULL);
436 if (rc) {
437 kfree(ce->path);
438 kmem_cache_free(cache_slab, ce);
439 ce = ERR_PTR(rc);
440 }
441 return ce;
442 }
443
remove_oldest_entry_locked(void)444 static void remove_oldest_entry_locked(void)
445 {
446 int i;
447 struct cache_entry *ce;
448 struct cache_entry *to_del = NULL;
449
450 WARN_ON(!rwsem_is_locked(&htable_rw_lock));
451
452 for (i = 0; i < CACHE_HTABLE_SIZE; i++) {
453 struct hlist_head *l = &cache_htable[i];
454
455 hlist_for_each_entry(ce, l, hlist) {
456 if (hlist_unhashed(&ce->hlist))
457 continue;
458 if (!to_del || timespec64_compare(&ce->etime,
459 &to_del->etime) < 0)
460 to_del = ce;
461 }
462 }
463
464 if (!to_del) {
465 cifs_dbg(FYI, "%s: no entry to remove\n", __func__);
466 return;
467 }
468
469 cifs_dbg(FYI, "%s: removing entry\n", __func__);
470 dump_ce(to_del);
471 flush_cache_ent(to_del);
472 }
473
474 /* Add a new DFS cache entry */
add_cache_entry_locked(struct dfs_info3_param * refs,int numrefs)475 static struct cache_entry *add_cache_entry_locked(struct dfs_info3_param *refs,
476 int numrefs)
477 {
478 int rc;
479 struct cache_entry *ce;
480 unsigned int hash;
481 int ttl;
482
483 WARN_ON(!rwsem_is_locked(&htable_rw_lock));
484
485 if (atomic_read(&cache_count) >= CACHE_MAX_ENTRIES) {
486 cifs_dbg(FYI, "%s: reached max cache size (%d)\n", __func__, CACHE_MAX_ENTRIES);
487 remove_oldest_entry_locked();
488 }
489
490 rc = cache_entry_hash(refs[0].path_name, strlen(refs[0].path_name), &hash);
491 if (rc)
492 return ERR_PTR(rc);
493
494 ce = alloc_cache_entry(refs, numrefs);
495 if (IS_ERR(ce))
496 return ce;
497
498 ttl = min_t(int, atomic_read(&dfs_cache_ttl), ce->ttl);
499 atomic_set(&dfs_cache_ttl, ttl);
500
501 hlist_add_head(&ce->hlist, &cache_htable[hash]);
502 dump_ce(ce);
503
504 atomic_inc(&cache_count);
505
506 return ce;
507 }
508
509 /* Check if two DFS paths are equal. @s1 and @s2 are expected to be in @cache_cp's charset */
dfs_path_equal(const char * s1,int len1,const char * s2,int len2)510 static bool dfs_path_equal(const char *s1, int len1, const char *s2, int len2)
511 {
512 int i, l1, l2;
513 wchar_t c1, c2;
514
515 if (len1 != len2)
516 return false;
517
518 for (i = 0; i < len1; i += l1) {
519 l1 = cache_cp->char2uni(&s1[i], len1 - i, &c1);
520 l2 = cache_cp->char2uni(&s2[i], len2 - i, &c2);
521 if (unlikely(l1 < 0 && l2 < 0)) {
522 if (s1[i] != s2[i])
523 return false;
524 l1 = 1;
525 continue;
526 }
527 if (l1 != l2)
528 return false;
529 if (cifs_toupper(c1) != cifs_toupper(c2))
530 return false;
531 }
532 return true;
533 }
534
__lookup_cache_entry(const char * path,unsigned int hash,int len)535 static struct cache_entry *__lookup_cache_entry(const char *path, unsigned int hash, int len)
536 {
537 struct cache_entry *ce;
538
539 hlist_for_each_entry(ce, &cache_htable[hash], hlist) {
540 if (dfs_path_equal(ce->path, strlen(ce->path), path, len)) {
541 dump_ce(ce);
542 return ce;
543 }
544 }
545 return ERR_PTR(-ENOENT);
546 }
547
548 /*
549 * Find a DFS cache entry in hash table and optionally check prefix path against normalized @path.
550 *
551 * Use whole path components in the match. Must be called with htable_rw_lock held.
552 *
553 * Return cached entry if successful.
554 * Return ERR_PTR(-ENOENT) if the entry is not found.
555 * Return error ptr otherwise.
556 */
lookup_cache_entry(const char * path)557 static struct cache_entry *lookup_cache_entry(const char *path)
558 {
559 struct cache_entry *ce;
560 int cnt = 0;
561 const char *s = path, *e;
562 char sep = *s;
563 unsigned int hash;
564 int rc;
565
566 while ((s = strchr(s, sep)) && ++cnt < 3)
567 s++;
568
569 if (cnt < 3) {
570 rc = cache_entry_hash(path, strlen(path), &hash);
571 if (rc)
572 return ERR_PTR(rc);
573 return __lookup_cache_entry(path, hash, strlen(path));
574 }
575 /*
576 * Handle paths that have more than two path components and are a complete prefix of the DFS
577 * referral request path (@path).
578 *
579 * See MS-DFSC 3.2.5.5 "Receiving a Root Referral Request or Link Referral Request".
580 */
581 e = path + strlen(path) - 1;
582 while (e > s) {
583 int len;
584
585 /* skip separators */
586 while (e > s && *e == sep)
587 e--;
588 if (e == s)
589 break;
590
591 len = e + 1 - path;
592 rc = cache_entry_hash(path, len, &hash);
593 if (rc)
594 return ERR_PTR(rc);
595 ce = __lookup_cache_entry(path, hash, len);
596 if (!IS_ERR(ce))
597 return ce;
598
599 /* backward until separator */
600 while (e > s && *e != sep)
601 e--;
602 }
603 return ERR_PTR(-ENOENT);
604 }
605
606 /**
607 * dfs_cache_destroy - destroy DFS referral cache
608 */
dfs_cache_destroy(void)609 void dfs_cache_destroy(void)
610 {
611 unload_nls(cache_cp);
612 flush_cache_ents();
613 kmem_cache_destroy(cache_slab);
614 destroy_workqueue(dfscache_wq);
615
616 cifs_dbg(FYI, "%s: destroyed DFS referral cache\n", __func__);
617 }
618
619 /* Update a cache entry with the new referral in @refs */
update_cache_entry_locked(struct cache_entry * ce,const struct dfs_info3_param * refs,int numrefs)620 static int update_cache_entry_locked(struct cache_entry *ce, const struct dfs_info3_param *refs,
621 int numrefs)
622 {
623 struct cache_dfs_tgt *target;
624 char *th = NULL;
625 int rc;
626
627 WARN_ON(!rwsem_is_locked(&htable_rw_lock));
628
629 target = READ_ONCE(ce->tgthint);
630 if (target) {
631 th = kstrdup(target->name, GFP_ATOMIC);
632 if (!th)
633 return -ENOMEM;
634 }
635
636 free_tgts(ce);
637 ce->numtgts = 0;
638
639 rc = copy_ref_data(refs, numrefs, ce, th);
640
641 kfree(th);
642
643 return rc;
644 }
645
get_dfs_referral(const unsigned int xid,struct cifs_ses * ses,const char * path,struct dfs_info3_param ** refs,int * numrefs)646 static int get_dfs_referral(const unsigned int xid, struct cifs_ses *ses, const char *path,
647 struct dfs_info3_param **refs, int *numrefs)
648 {
649 int rc;
650 int i;
651
652 *refs = NULL;
653 *numrefs = 0;
654
655 if (!ses || !ses->server || !ses->server->ops->get_dfs_refer)
656 return -EOPNOTSUPP;
657 if (unlikely(!cache_cp))
658 return -EINVAL;
659
660 cifs_dbg(FYI, "%s: ipc=%s referral=%s\n", __func__, ses->tcon_ipc->tree_name, path);
661 rc = ses->server->ops->get_dfs_refer(xid, ses, path, refs, numrefs, cache_cp,
662 NO_MAP_UNI_RSVD);
663 if (!rc) {
664 struct dfs_info3_param *ref = *refs;
665
666 for (i = 0; i < *numrefs; i++)
667 convert_delimiter(ref[i].path_name, '\\');
668 }
669 return rc;
670 }
671
672 /*
673 * Find, create or update a DFS cache entry.
674 *
675 * If the entry wasn't found, it will create a new one. Or if it was found but
676 * expired, then it will update the entry accordingly.
677 *
678 * For interlinks, cifs_mount() and expand_dfs_referral() are supposed to
679 * handle them properly.
680 *
681 * On success, return entry with acquired lock for reading, otherwise error ptr.
682 */
cache_refresh_path(const unsigned int xid,struct cifs_ses * ses,const char * path,bool force_refresh)683 static struct cache_entry *cache_refresh_path(const unsigned int xid,
684 struct cifs_ses *ses,
685 const char *path,
686 bool force_refresh)
687 {
688 struct dfs_info3_param *refs = NULL;
689 struct cache_entry *ce;
690 int numrefs = 0;
691 int rc;
692
693 cifs_dbg(FYI, "%s: search path: %s\n", __func__, path);
694
695 down_read(&htable_rw_lock);
696
697 ce = lookup_cache_entry(path);
698 if (!IS_ERR(ce)) {
699 if (!force_refresh && !cache_entry_expired(ce))
700 return ce;
701 } else if (PTR_ERR(ce) != -ENOENT) {
702 up_read(&htable_rw_lock);
703 return ce;
704 }
705
706 /*
707 * Unlock shared access as we don't want to hold any locks while getting
708 * a new referral. The @ses used for performing the I/O could be
709 * reconnecting and it acquires @htable_rw_lock to look up the dfs cache
710 * in order to failover -- if necessary.
711 */
712 up_read(&htable_rw_lock);
713
714 /*
715 * Either the entry was not found, or it is expired, or it is a forced
716 * refresh.
717 * Request a new DFS referral in order to create or update a cache entry.
718 */
719 rc = get_dfs_referral(xid, ses, path, &refs, &numrefs);
720 if (rc) {
721 ce = ERR_PTR(rc);
722 goto out;
723 }
724
725 dump_refs(refs, numrefs);
726
727 down_write(&htable_rw_lock);
728 /* Re-check as another task might have it added or refreshed already */
729 ce = lookup_cache_entry(path);
730 if (!IS_ERR(ce)) {
731 if (force_refresh || cache_entry_expired(ce)) {
732 rc = update_cache_entry_locked(ce, refs, numrefs);
733 if (rc)
734 ce = ERR_PTR(rc);
735 }
736 } else if (PTR_ERR(ce) == -ENOENT) {
737 ce = add_cache_entry_locked(refs, numrefs);
738 }
739
740 if (IS_ERR(ce)) {
741 up_write(&htable_rw_lock);
742 goto out;
743 }
744
745 downgrade_write(&htable_rw_lock);
746 out:
747 free_dfs_info_array(refs, numrefs);
748 return ce;
749 }
750
751 /*
752 * Set up a DFS referral from a given cache entry.
753 *
754 * Must be called with htable_rw_lock held.
755 */
setup_referral(const char * path,struct cache_entry * ce,struct dfs_info3_param * ref,const char * target)756 static int setup_referral(const char *path, struct cache_entry *ce,
757 struct dfs_info3_param *ref, const char *target)
758 {
759 int rc;
760
761 cifs_dbg(FYI, "%s: set up new ref\n", __func__);
762
763 memset(ref, 0, sizeof(*ref));
764
765 ref->path_name = kstrdup(path, GFP_ATOMIC);
766 if (!ref->path_name)
767 return -ENOMEM;
768
769 ref->node_name = kstrdup(target, GFP_ATOMIC);
770 if (!ref->node_name) {
771 rc = -ENOMEM;
772 goto err_free_path;
773 }
774
775 ref->path_consumed = ce->path_consumed;
776 ref->ttl = ce->ttl;
777 ref->server_type = ce->srvtype;
778 ref->ref_flag = ce->ref_flags;
779 ref->flags = ce->hdr_flags;
780
781 return 0;
782
783 err_free_path:
784 kfree(ref->path_name);
785 ref->path_name = NULL;
786 return rc;
787 }
788
789 /* Return target list of a DFS cache entry */
get_targets(struct cache_entry * ce,struct dfs_cache_tgt_list * tl)790 static int get_targets(struct cache_entry *ce, struct dfs_cache_tgt_list *tl)
791 {
792 int rc;
793 struct list_head *head = &tl->tl_list;
794 struct cache_dfs_tgt *t;
795 struct dfs_cache_tgt_iterator *it, *nit;
796
797 memset(tl, 0, sizeof(*tl));
798 INIT_LIST_HEAD(head);
799
800 list_for_each_entry(t, &ce->tlist, list) {
801 it = kzalloc(sizeof(*it), GFP_ATOMIC);
802 if (!it) {
803 rc = -ENOMEM;
804 goto err_free_it;
805 }
806
807 it->it_name = kstrdup(t->name, GFP_ATOMIC);
808 if (!it->it_name) {
809 kfree(it);
810 rc = -ENOMEM;
811 goto err_free_it;
812 }
813 it->it_path_consumed = t->path_consumed;
814
815 if (READ_ONCE(ce->tgthint) == t)
816 list_add(&it->it_list, head);
817 else
818 list_add_tail(&it->it_list, head);
819 }
820
821 tl->tl_numtgts = ce->numtgts;
822
823 return 0;
824
825 err_free_it:
826 list_for_each_entry_safe(it, nit, head, it_list) {
827 list_del(&it->it_list);
828 kfree(it->it_name);
829 kfree(it);
830 }
831 return rc;
832 }
833
834 /**
835 * dfs_cache_find - find a DFS cache entry
836 *
837 * If it doesn't find the cache entry, then it will get a DFS referral
838 * for @path and create a new entry.
839 *
840 * In case the cache entry exists but expired, it will get a DFS referral
841 * for @path and then update the respective cache entry.
842 *
843 * These parameters are passed down to the get_dfs_refer() call if it
844 * needs to be issued:
845 * @xid: syscall xid
846 * @ses: smb session to issue the request on
847 * @cp: codepage
848 * @remap: path character remapping type
849 * @path: path to lookup in DFS referral cache.
850 *
851 * @ref: when non-NULL, store single DFS referral result in it.
852 * @tgt_list: when non-NULL, store complete DFS target list in it.
853 *
854 * Return zero if the target was found, otherwise non-zero.
855 */
dfs_cache_find(const unsigned int xid,struct cifs_ses * ses,const struct nls_table * cp,int remap,const char * path,struct dfs_info3_param * ref,struct dfs_cache_tgt_list * tgt_list)856 int dfs_cache_find(const unsigned int xid, struct cifs_ses *ses, const struct nls_table *cp,
857 int remap, const char *path, struct dfs_info3_param *ref,
858 struct dfs_cache_tgt_list *tgt_list)
859 {
860 int rc;
861 const char *npath;
862 struct cache_entry *ce;
863
864 npath = dfs_cache_canonical_path(path, cp, remap);
865 if (IS_ERR(npath))
866 return PTR_ERR(npath);
867
868 ce = cache_refresh_path(xid, ses, npath, false);
869 if (IS_ERR(ce)) {
870 rc = PTR_ERR(ce);
871 goto out_free_path;
872 }
873
874 if (ref)
875 rc = setup_referral(path, ce, ref, get_tgt_name(ce));
876 else
877 rc = 0;
878 if (!rc && tgt_list)
879 rc = get_targets(ce, tgt_list);
880
881 up_read(&htable_rw_lock);
882
883 out_free_path:
884 kfree(npath);
885 return rc;
886 }
887
888 /**
889 * dfs_cache_noreq_find - find a DFS cache entry without sending any requests to
890 * the currently connected server.
891 *
892 * NOTE: This function will neither update a cache entry in case it was
893 * expired, nor create a new cache entry if @path hasn't been found. It heavily
894 * relies on an existing cache entry.
895 *
896 * @path: canonical DFS path to lookup in the DFS referral cache.
897 * @ref: when non-NULL, store single DFS referral result in it.
898 * @tgt_list: when non-NULL, store complete DFS target list in it.
899 *
900 * Return 0 if successful.
901 * Return -ENOENT if the entry was not found.
902 * Return non-zero for other errors.
903 */
dfs_cache_noreq_find(const char * path,struct dfs_info3_param * ref,struct dfs_cache_tgt_list * tgt_list)904 int dfs_cache_noreq_find(const char *path, struct dfs_info3_param *ref,
905 struct dfs_cache_tgt_list *tgt_list)
906 {
907 int rc;
908 struct cache_entry *ce;
909
910 cifs_dbg(FYI, "%s: path: %s\n", __func__, path);
911
912 down_read(&htable_rw_lock);
913
914 ce = lookup_cache_entry(path);
915 if (IS_ERR(ce)) {
916 rc = PTR_ERR(ce);
917 goto out_unlock;
918 }
919
920 if (ref)
921 rc = setup_referral(path, ce, ref, get_tgt_name(ce));
922 else
923 rc = 0;
924 if (!rc && tgt_list)
925 rc = get_targets(ce, tgt_list);
926
927 out_unlock:
928 up_read(&htable_rw_lock);
929 return rc;
930 }
931
932 /**
933 * dfs_cache_noreq_update_tgthint - update target hint of a DFS cache entry
934 * without sending any requests to the currently connected server.
935 *
936 * NOTE: This function will neither update a cache entry in case it was
937 * expired, nor create a new cache entry if @path hasn't been found. It heavily
938 * relies on an existing cache entry.
939 *
940 * @path: canonical DFS path to lookup in DFS referral cache.
941 * @it: target iterator which contains the target hint to update the cache
942 * entry with.
943 *
944 * Return zero if the target hint was updated successfully, otherwise non-zero.
945 */
dfs_cache_noreq_update_tgthint(const char * path,const struct dfs_cache_tgt_iterator * it)946 void dfs_cache_noreq_update_tgthint(const char *path, const struct dfs_cache_tgt_iterator *it)
947 {
948 struct cache_dfs_tgt *t;
949 struct cache_entry *ce;
950
951 if (!path || !it)
952 return;
953
954 cifs_dbg(FYI, "%s: path: %s\n", __func__, path);
955
956 down_read(&htable_rw_lock);
957
958 ce = lookup_cache_entry(path);
959 if (IS_ERR(ce))
960 goto out_unlock;
961
962 t = READ_ONCE(ce->tgthint);
963
964 if (unlikely(!strcasecmp(it->it_name, t->name)))
965 goto out_unlock;
966
967 list_for_each_entry(t, &ce->tlist, list) {
968 if (!strcasecmp(t->name, it->it_name)) {
969 WRITE_ONCE(ce->tgthint, t);
970 cifs_dbg(FYI, "%s: new target hint: %s\n", __func__,
971 it->it_name);
972 break;
973 }
974 }
975
976 out_unlock:
977 up_read(&htable_rw_lock);
978 }
979
980 /**
981 * dfs_cache_get_tgt_referral - returns a DFS referral (@ref) from a given
982 * target iterator (@it).
983 *
984 * @path: canonical DFS path to lookup in DFS referral cache.
985 * @it: DFS target iterator.
986 * @ref: DFS referral pointer to set up the gathered information.
987 *
988 * Return zero if the DFS referral was set up correctly, otherwise non-zero.
989 */
dfs_cache_get_tgt_referral(const char * path,const struct dfs_cache_tgt_iterator * it,struct dfs_info3_param * ref)990 int dfs_cache_get_tgt_referral(const char *path, const struct dfs_cache_tgt_iterator *it,
991 struct dfs_info3_param *ref)
992 {
993 int rc;
994 struct cache_entry *ce;
995
996 if (!it || !ref)
997 return -EINVAL;
998
999 cifs_dbg(FYI, "%s: path: %s\n", __func__, path);
1000
1001 down_read(&htable_rw_lock);
1002
1003 ce = lookup_cache_entry(path);
1004 if (IS_ERR(ce)) {
1005 rc = PTR_ERR(ce);
1006 goto out_unlock;
1007 }
1008
1009 cifs_dbg(FYI, "%s: target name: %s\n", __func__, it->it_name);
1010
1011 rc = setup_referral(path, ce, ref, it->it_name);
1012
1013 out_unlock:
1014 up_read(&htable_rw_lock);
1015 return rc;
1016 }
1017
1018 /* Extract share from DFS target and return a pointer to prefix path or NULL */
parse_target_share(const char * target,char ** share)1019 static const char *parse_target_share(const char *target, char **share)
1020 {
1021 const char *s, *seps = "/\\";
1022 size_t len;
1023
1024 s = strpbrk(target + 1, seps);
1025 if (!s)
1026 return ERR_PTR(-EINVAL);
1027
1028 len = strcspn(s + 1, seps);
1029 if (!len)
1030 return ERR_PTR(-EINVAL);
1031 s += len;
1032
1033 len = s - target + 1;
1034 *share = kstrndup(target, len, GFP_KERNEL);
1035 if (!*share)
1036 return ERR_PTR(-ENOMEM);
1037
1038 s = target + len;
1039 return s + strspn(s, seps);
1040 }
1041
1042 /**
1043 * dfs_cache_get_tgt_share - parse a DFS target
1044 *
1045 * @path: DFS full path
1046 * @it: DFS target iterator.
1047 * @share: tree name.
1048 * @prefix: prefix path.
1049 *
1050 * Return zero if target was parsed correctly, otherwise non-zero.
1051 */
dfs_cache_get_tgt_share(char * path,const struct dfs_cache_tgt_iterator * it,char ** share,char ** prefix)1052 int dfs_cache_get_tgt_share(char *path, const struct dfs_cache_tgt_iterator *it, char **share,
1053 char **prefix)
1054 {
1055 char sep;
1056 char *target_share;
1057 char *ppath = NULL;
1058 const char *target_ppath, *dfsref_ppath;
1059 size_t target_pplen, dfsref_pplen;
1060 size_t len, c;
1061
1062 if (!it || !path || !share || !prefix || strlen(path) < it->it_path_consumed)
1063 return -EINVAL;
1064
1065 sep = it->it_name[0];
1066 if (sep != '\\' && sep != '/')
1067 return -EINVAL;
1068
1069 target_ppath = parse_target_share(it->it_name, &target_share);
1070 if (IS_ERR(target_ppath))
1071 return PTR_ERR(target_ppath);
1072
1073 /* point to prefix in DFS referral path */
1074 dfsref_ppath = path + it->it_path_consumed;
1075 dfsref_ppath += strspn(dfsref_ppath, "/\\");
1076
1077 target_pplen = strlen(target_ppath);
1078 dfsref_pplen = strlen(dfsref_ppath);
1079
1080 /* merge prefix paths from DFS referral path and target node */
1081 if (target_pplen || dfsref_pplen) {
1082 len = target_pplen + dfsref_pplen + 2;
1083 ppath = kzalloc(len, GFP_KERNEL);
1084 if (!ppath) {
1085 kfree(target_share);
1086 return -ENOMEM;
1087 }
1088 c = strscpy(ppath, target_ppath, len);
1089 if (c && dfsref_pplen)
1090 ppath[c] = sep;
1091 strlcat(ppath, dfsref_ppath, len);
1092 }
1093 *share = target_share;
1094 *prefix = ppath;
1095 return 0;
1096 }
1097
target_share_equal(struct TCP_Server_Info * server,const char * s1,const char * s2)1098 static bool target_share_equal(struct TCP_Server_Info *server, const char *s1, const char *s2)
1099 {
1100 char unc[sizeof("\\\\") + SERVER_NAME_LENGTH] = {0};
1101 const char *host;
1102 size_t hostlen;
1103 struct sockaddr_storage ss;
1104 bool match;
1105 int rc;
1106
1107 if (strcasecmp(s1, s2))
1108 return false;
1109
1110 /*
1111 * Resolve share's hostname and check if server address matches. Otherwise just ignore it
1112 * as we could not have upcall to resolve hostname or failed to convert ip address.
1113 */
1114 extract_unc_hostname(s1, &host, &hostlen);
1115 scnprintf(unc, sizeof(unc), "\\\\%.*s", (int)hostlen, host);
1116
1117 rc = dns_resolve_server_name_to_ip(unc, (struct sockaddr *)&ss, NULL);
1118 if (rc < 0) {
1119 cifs_dbg(FYI, "%s: could not resolve %.*s. assuming server address matches.\n",
1120 __func__, (int)hostlen, host);
1121 return true;
1122 }
1123
1124 cifs_server_lock(server);
1125 match = cifs_match_ipaddr((struct sockaddr *)&server->dstaddr, (struct sockaddr *)&ss);
1126 cifs_server_unlock(server);
1127
1128 return match;
1129 }
1130
1131 /*
1132 * Mark dfs tcon for reconnecting when the currently connected tcon does not match any of the new
1133 * target shares in @refs.
1134 */
mark_for_reconnect_if_needed(struct TCP_Server_Info * server,const char * path,struct dfs_cache_tgt_list * old_tl,struct dfs_cache_tgt_list * new_tl)1135 static void mark_for_reconnect_if_needed(struct TCP_Server_Info *server,
1136 const char *path,
1137 struct dfs_cache_tgt_list *old_tl,
1138 struct dfs_cache_tgt_list *new_tl)
1139 {
1140 struct dfs_cache_tgt_iterator *oit, *nit;
1141
1142 for (oit = dfs_cache_get_tgt_iterator(old_tl); oit;
1143 oit = dfs_cache_get_next_tgt(old_tl, oit)) {
1144 for (nit = dfs_cache_get_tgt_iterator(new_tl); nit;
1145 nit = dfs_cache_get_next_tgt(new_tl, nit)) {
1146 if (target_share_equal(server,
1147 dfs_cache_get_tgt_name(oit),
1148 dfs_cache_get_tgt_name(nit))) {
1149 dfs_cache_noreq_update_tgthint(path, nit);
1150 return;
1151 }
1152 }
1153 }
1154
1155 cifs_dbg(FYI, "%s: no cached or matched targets. mark dfs share for reconnect.\n", __func__);
1156 cifs_signal_cifsd_for_reconnect(server, true);
1157 }
1158
is_ses_good(struct cifs_ses * ses)1159 static bool is_ses_good(struct cifs_ses *ses)
1160 {
1161 struct TCP_Server_Info *server = ses->server;
1162 struct cifs_tcon *tcon = ses->tcon_ipc;
1163 bool ret;
1164
1165 spin_lock(&ses->ses_lock);
1166 spin_lock(&ses->chan_lock);
1167 ret = !cifs_chan_needs_reconnect(ses, server) &&
1168 ses->ses_status == SES_GOOD &&
1169 !tcon->need_reconnect;
1170 spin_unlock(&ses->chan_lock);
1171 spin_unlock(&ses->ses_lock);
1172 return ret;
1173 }
1174
1175 /* Refresh dfs referral of @ses and mark it for reconnect if needed */
__refresh_ses_referral(struct cifs_ses * ses,bool force_refresh)1176 static void __refresh_ses_referral(struct cifs_ses *ses, bool force_refresh)
1177 {
1178 struct TCP_Server_Info *server = ses->server;
1179 DFS_CACHE_TGT_LIST(old_tl);
1180 DFS_CACHE_TGT_LIST(new_tl);
1181 bool needs_refresh = false;
1182 struct cache_entry *ce;
1183 unsigned int xid;
1184 char *path = NULL;
1185 int rc = 0;
1186
1187 xid = get_xid();
1188
1189 mutex_lock(&server->refpath_lock);
1190 if (server->leaf_fullpath) {
1191 path = kstrdup(server->leaf_fullpath + 1, GFP_ATOMIC);
1192 if (!path)
1193 rc = -ENOMEM;
1194 }
1195 mutex_unlock(&server->refpath_lock);
1196 if (!path)
1197 goto out;
1198
1199 down_read(&htable_rw_lock);
1200 ce = lookup_cache_entry(path);
1201 needs_refresh = force_refresh || IS_ERR(ce) || cache_entry_expired(ce);
1202 if (!IS_ERR(ce)) {
1203 rc = get_targets(ce, &old_tl);
1204 cifs_dbg(FYI, "%s: get_targets: %d\n", __func__, rc);
1205 }
1206 up_read(&htable_rw_lock);
1207
1208 if (!needs_refresh) {
1209 rc = 0;
1210 goto out;
1211 }
1212
1213 ses = CIFS_DFS_ROOT_SES(ses);
1214 if (!is_ses_good(ses)) {
1215 cifs_dbg(FYI, "%s: skip cache refresh due to disconnected ipc\n",
1216 __func__);
1217 goto out;
1218 }
1219
1220 ce = cache_refresh_path(xid, ses, path, true);
1221 if (!IS_ERR(ce)) {
1222 rc = get_targets(ce, &new_tl);
1223 up_read(&htable_rw_lock);
1224 cifs_dbg(FYI, "%s: get_targets: %d\n", __func__, rc);
1225 mark_for_reconnect_if_needed(server, path, &old_tl, &new_tl);
1226 }
1227
1228 out:
1229 free_xid(xid);
1230 dfs_cache_free_tgts(&old_tl);
1231 dfs_cache_free_tgts(&new_tl);
1232 kfree(path);
1233 }
1234
refresh_ses_referral(struct cifs_ses * ses)1235 static inline void refresh_ses_referral(struct cifs_ses *ses)
1236 {
1237 __refresh_ses_referral(ses, false);
1238 }
1239
force_refresh_ses_referral(struct cifs_ses * ses)1240 static inline void force_refresh_ses_referral(struct cifs_ses *ses)
1241 {
1242 __refresh_ses_referral(ses, true);
1243 }
1244
1245 /**
1246 * dfs_cache_remount_fs - remount a DFS share
1247 *
1248 * Reconfigure dfs mount by forcing a new DFS referral and if the currently cached targets do not
1249 * match any of the new targets, mark it for reconnect.
1250 *
1251 * @cifs_sb: cifs superblock.
1252 *
1253 * Return zero if remounted, otherwise non-zero.
1254 */
dfs_cache_remount_fs(struct cifs_sb_info * cifs_sb)1255 int dfs_cache_remount_fs(struct cifs_sb_info *cifs_sb)
1256 {
1257 struct cifs_tcon *tcon;
1258
1259 if (!cifs_sb || !cifs_sb->master_tlink)
1260 return -EINVAL;
1261
1262 tcon = cifs_sb_master_tcon(cifs_sb);
1263
1264 spin_lock(&tcon->tc_lock);
1265 if (!tcon->origin_fullpath) {
1266 spin_unlock(&tcon->tc_lock);
1267 cifs_dbg(FYI, "%s: not a dfs mount\n", __func__);
1268 return 0;
1269 }
1270 spin_unlock(&tcon->tc_lock);
1271
1272 /*
1273 * After reconnecting to a different server, unique ids won't match anymore, so we disable
1274 * serverino. This prevents dentry revalidation to think the dentry are stale (ESTALE).
1275 */
1276 cifs_autodisable_serverino(cifs_sb);
1277 /*
1278 * Force the use of prefix path to support failover on DFS paths that resolve to targets
1279 * that have different prefix paths.
1280 */
1281 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_USE_PREFIX_PATH;
1282
1283 force_refresh_ses_referral(tcon->ses);
1284 return 0;
1285 }
1286
1287 /* Refresh all DFS referrals related to DFS tcon */
dfs_cache_refresh(struct work_struct * work)1288 void dfs_cache_refresh(struct work_struct *work)
1289 {
1290 struct cifs_tcon *tcon;
1291 struct cifs_ses *ses;
1292
1293 tcon = container_of(work, struct cifs_tcon, dfs_cache_work.work);
1294
1295 for (ses = tcon->ses; ses; ses = ses->dfs_root_ses)
1296 refresh_ses_referral(ses);
1297
1298 queue_delayed_work(dfscache_wq, &tcon->dfs_cache_work,
1299 atomic_read(&dfs_cache_ttl) * HZ);
1300 }
1301