xref: /openbmc/linux/fs/smb/client/dfs.c (revision 278002edb19bce2c628fafb0af936e77000f3a5b)
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * Copyright (c) 2022 Paulo Alcantara <palcantara@suse.de>
4  */
5 
6 #include "cifsproto.h"
7 #include "cifs_debug.h"
8 #include "dns_resolve.h"
9 #include "fs_context.h"
10 #include "dfs.h"
11 
12 /**
13  * dfs_parse_target_referral - set fs context for dfs target referral
14  *
15  * @full_path: full path in UNC format.
16  * @ref: dfs referral pointer.
17  * @ctx: smb3 fs context pointer.
18  *
19  * Return zero if dfs referral was parsed correctly, otherwise non-zero.
20  */
dfs_parse_target_referral(const char * full_path,const struct dfs_info3_param * ref,struct smb3_fs_context * ctx)21 int dfs_parse_target_referral(const char *full_path, const struct dfs_info3_param *ref,
22 			      struct smb3_fs_context *ctx)
23 {
24 	int rc;
25 	const char *prepath = NULL;
26 	char *path;
27 
28 	if (!full_path || !*full_path || !ref || !ctx)
29 		return -EINVAL;
30 
31 	if (WARN_ON_ONCE(!ref->node_name || ref->path_consumed < 0))
32 		return -EINVAL;
33 
34 	if (strlen(full_path) - ref->path_consumed) {
35 		prepath = full_path + ref->path_consumed;
36 		/* skip initial delimiter */
37 		if (*prepath == '/' || *prepath == '\\')
38 			prepath++;
39 	}
40 
41 	path = cifs_build_devname(ref->node_name, prepath);
42 	if (IS_ERR(path))
43 		return PTR_ERR(path);
44 
45 	rc = smb3_parse_devname(path, ctx);
46 	if (rc)
47 		goto out;
48 
49 	rc = dns_resolve_server_name_to_ip(path, (struct sockaddr *)&ctx->dstaddr, NULL);
50 
51 out:
52 	kfree(path);
53 	return rc;
54 }
55 
get_session(struct cifs_mount_ctx * mnt_ctx,const char * full_path)56 static int get_session(struct cifs_mount_ctx *mnt_ctx, const char *full_path)
57 {
58 	struct smb3_fs_context *ctx = mnt_ctx->fs_ctx;
59 	int rc;
60 
61 	ctx->leaf_fullpath = (char *)full_path;
62 	rc = cifs_mount_get_session(mnt_ctx);
63 	ctx->leaf_fullpath = NULL;
64 
65 	return rc;
66 }
67 
68 /*
69  * Get an active reference of @ses so that next call to cifs_put_tcon() won't
70  * release it as any new DFS referrals must go through its IPC tcon.
71  */
add_root_smb_session(struct cifs_mount_ctx * mnt_ctx)72 static void add_root_smb_session(struct cifs_mount_ctx *mnt_ctx)
73 {
74 	struct smb3_fs_context *ctx = mnt_ctx->fs_ctx;
75 	struct cifs_ses *ses = mnt_ctx->ses;
76 
77 	if (ses) {
78 		spin_lock(&cifs_tcp_ses_lock);
79 		cifs_smb_ses_inc_refcount(ses);
80 		spin_unlock(&cifs_tcp_ses_lock);
81 	}
82 	ctx->dfs_root_ses = ses;
83 }
84 
parse_dfs_target(struct smb3_fs_context * ctx,struct dfs_ref_walk * rw,struct dfs_info3_param * tgt)85 static inline int parse_dfs_target(struct smb3_fs_context *ctx,
86 				   struct dfs_ref_walk *rw,
87 				   struct dfs_info3_param *tgt)
88 {
89 	int rc;
90 	const char *fpath = ref_walk_fpath(rw) + 1;
91 
92 	rc = ref_walk_get_tgt(rw, tgt);
93 	if (!rc)
94 		rc = dfs_parse_target_referral(fpath, tgt, ctx);
95 	return rc;
96 }
97 
set_ref_paths(struct cifs_mount_ctx * mnt_ctx,struct dfs_info3_param * tgt,struct dfs_ref_walk * rw)98 static int set_ref_paths(struct cifs_mount_ctx *mnt_ctx,
99 			 struct dfs_info3_param *tgt,
100 			 struct dfs_ref_walk *rw)
101 {
102 	struct smb3_fs_context *ctx = mnt_ctx->fs_ctx;
103 	struct cifs_sb_info *cifs_sb = mnt_ctx->cifs_sb;
104 	char *ref_path, *full_path;
105 	int rc;
106 
107 	full_path = smb3_fs_context_fullpath(ctx, CIFS_DIR_SEP(cifs_sb));
108 	if (IS_ERR(full_path))
109 		return PTR_ERR(full_path);
110 
111 	if (!tgt || (tgt->server_type == DFS_TYPE_LINK &&
112 		     DFS_INTERLINK(tgt->flags)))
113 		ref_path = dfs_get_path(cifs_sb, ctx->UNC);
114 	else
115 		ref_path = dfs_get_path(cifs_sb, full_path);
116 	if (IS_ERR(ref_path)) {
117 		rc = PTR_ERR(ref_path);
118 		kfree(full_path);
119 		return rc;
120 	}
121 	ref_walk_path(rw) = ref_path;
122 	ref_walk_fpath(rw) = full_path;
123 	return 0;
124 }
125 
__dfs_referral_walk(struct cifs_mount_ctx * mnt_ctx,struct dfs_ref_walk * rw)126 static int __dfs_referral_walk(struct cifs_mount_ctx *mnt_ctx,
127 			       struct dfs_ref_walk *rw)
128 {
129 	struct smb3_fs_context *ctx = mnt_ctx->fs_ctx;
130 	struct dfs_info3_param tgt = {};
131 	bool is_refsrv;
132 	int rc = -ENOENT;
133 
134 again:
135 	do {
136 		if (ref_walk_empty(rw)) {
137 			rc = dfs_get_referral(mnt_ctx, ref_walk_path(rw) + 1,
138 					      NULL, ref_walk_tl(rw));
139 			if (rc) {
140 				rc = cifs_mount_get_tcon(mnt_ctx);
141 				if (!rc)
142 					rc = cifs_is_path_remote(mnt_ctx);
143 				continue;
144 			}
145 			if (!ref_walk_num_tgts(rw)) {
146 				rc = -ENOENT;
147 				continue;
148 			}
149 		}
150 
151 		while (ref_walk_next_tgt(rw)) {
152 			rc = parse_dfs_target(ctx, rw, &tgt);
153 			if (rc)
154 				continue;
155 
156 			cifs_mount_put_conns(mnt_ctx);
157 			rc = get_session(mnt_ctx, ref_walk_path(rw));
158 			if (rc)
159 				continue;
160 
161 			is_refsrv = tgt.server_type == DFS_TYPE_ROOT ||
162 				DFS_INTERLINK(tgt.flags);
163 			ref_walk_set_tgt_hint(rw);
164 
165 			if (tgt.flags & DFSREF_STORAGE_SERVER) {
166 				rc = cifs_mount_get_tcon(mnt_ctx);
167 				if (!rc)
168 					rc = cifs_is_path_remote(mnt_ctx);
169 				if (!rc)
170 					break;
171 				if (rc != -EREMOTE)
172 					continue;
173 			}
174 
175 			if (is_refsrv)
176 				add_root_smb_session(mnt_ctx);
177 
178 			rc = ref_walk_advance(rw);
179 			if (!rc) {
180 				rc = set_ref_paths(mnt_ctx, &tgt, rw);
181 				if (!rc) {
182 					rc = -EREMOTE;
183 					goto again;
184 				}
185 			}
186 			if (rc != -ELOOP)
187 				goto out;
188 		}
189 	} while (rc && ref_walk_descend(rw));
190 
191 out:
192 	free_dfs_info_param(&tgt);
193 	return rc;
194 }
195 
dfs_referral_walk(struct cifs_mount_ctx * mnt_ctx)196 static int dfs_referral_walk(struct cifs_mount_ctx *mnt_ctx)
197 {
198 	struct dfs_ref_walk *rw;
199 	int rc;
200 
201 	rw = ref_walk_alloc();
202 	if (IS_ERR(rw))
203 		return PTR_ERR(rw);
204 
205 	ref_walk_init(rw);
206 	rc = set_ref_paths(mnt_ctx, NULL, rw);
207 	if (!rc)
208 		rc = __dfs_referral_walk(mnt_ctx, rw);
209 	ref_walk_free(rw);
210 	return rc;
211 }
212 
__dfs_mount_share(struct cifs_mount_ctx * mnt_ctx)213 static int __dfs_mount_share(struct cifs_mount_ctx *mnt_ctx)
214 {
215 	struct cifs_sb_info *cifs_sb = mnt_ctx->cifs_sb;
216 	struct smb3_fs_context *ctx = mnt_ctx->fs_ctx;
217 	struct cifs_tcon *tcon;
218 	char *origin_fullpath;
219 	bool new_tcon = true;
220 	int rc;
221 
222 	origin_fullpath = dfs_get_path(cifs_sb, ctx->source);
223 	if (IS_ERR(origin_fullpath))
224 		return PTR_ERR(origin_fullpath);
225 
226 	rc = dfs_referral_walk(mnt_ctx);
227 	if (!rc) {
228 		/*
229 		 * Prevent superblock from being created with any missing
230 		 * connections.
231 		 */
232 		if (WARN_ON(!mnt_ctx->server))
233 			rc = -EHOSTDOWN;
234 		else if (WARN_ON(!mnt_ctx->ses))
235 			rc = -EACCES;
236 		else if (WARN_ON(!mnt_ctx->tcon))
237 			rc = -ENOENT;
238 	}
239 	if (rc)
240 		goto out;
241 
242 	tcon = mnt_ctx->tcon;
243 	spin_lock(&tcon->tc_lock);
244 	if (!tcon->origin_fullpath) {
245 		tcon->origin_fullpath = origin_fullpath;
246 		origin_fullpath = NULL;
247 	} else {
248 		new_tcon = false;
249 	}
250 	spin_unlock(&tcon->tc_lock);
251 
252 	if (new_tcon) {
253 		queue_delayed_work(dfscache_wq, &tcon->dfs_cache_work,
254 				   dfs_cache_get_ttl() * HZ);
255 	}
256 
257 out:
258 	kfree(origin_fullpath);
259 	return rc;
260 }
261 
262 /*
263  * If @ctx->dfs_automount, then update @ctx->dstaddr earlier with the DFS root
264  * server from where we'll start following any referrals.  Otherwise rely on the
265  * value provided by mount(2) as the user might not have dns_resolver key set up
266  * and therefore failing to upcall to resolve UNC hostname under @ctx->source.
267  */
update_fs_context_dstaddr(struct smb3_fs_context * ctx)268 static int update_fs_context_dstaddr(struct smb3_fs_context *ctx)
269 {
270 	struct sockaddr *addr = (struct sockaddr *)&ctx->dstaddr;
271 	int rc = 0;
272 
273 	if (!ctx->nodfs && ctx->dfs_automount) {
274 		rc = dns_resolve_server_name_to_ip(ctx->source, addr, NULL);
275 		if (!rc)
276 			cifs_set_port(addr, ctx->port);
277 		ctx->dfs_automount = false;
278 	}
279 	return rc;
280 }
281 
dfs_mount_share(struct cifs_mount_ctx * mnt_ctx,bool * isdfs)282 int dfs_mount_share(struct cifs_mount_ctx *mnt_ctx, bool *isdfs)
283 {
284 	struct smb3_fs_context *ctx = mnt_ctx->fs_ctx;
285 	bool nodfs = ctx->nodfs;
286 	int rc;
287 
288 	rc = update_fs_context_dstaddr(ctx);
289 	if (rc)
290 		return rc;
291 
292 	*isdfs = false;
293 	rc = get_session(mnt_ctx, NULL);
294 	if (rc)
295 		return rc;
296 
297 	/*
298 	 * If called with 'nodfs' mount option, then skip DFS resolving.  Otherwise unconditionally
299 	 * try to get an DFS referral (even cached) to determine whether it is an DFS mount.
300 	 *
301 	 * Skip prefix path to provide support for DFS referrals from w2k8 servers which don't seem
302 	 * to respond with PATH_NOT_COVERED to requests that include the prefix.
303 	 */
304 	if (!nodfs) {
305 		rc = dfs_get_referral(mnt_ctx, ctx->UNC + 1, NULL, NULL);
306 		if (rc) {
307 			cifs_dbg(FYI, "%s: no dfs referral for %s: %d\n",
308 				 __func__, ctx->UNC + 1, rc);
309 			cifs_dbg(FYI, "%s: assuming non-dfs mount...\n", __func__);
310 			nodfs = true;
311 		}
312 	}
313 	if (nodfs) {
314 		rc = cifs_mount_get_tcon(mnt_ctx);
315 		if (!rc)
316 			rc = cifs_is_path_remote(mnt_ctx);
317 		return rc;
318 	}
319 
320 	*isdfs = true;
321 	add_root_smb_session(mnt_ctx);
322 	rc = __dfs_mount_share(mnt_ctx);
323 	dfs_put_root_smb_sessions(mnt_ctx);
324 	return rc;
325 }
326 
target_share_matches_server(struct TCP_Server_Info * server,char * share,bool * target_match)327 static int target_share_matches_server(struct TCP_Server_Info *server, char *share,
328 				       bool *target_match)
329 {
330 	int rc = 0;
331 	const char *dfs_host;
332 	size_t dfs_host_len;
333 
334 	*target_match = true;
335 	extract_unc_hostname(share, &dfs_host, &dfs_host_len);
336 
337 	/* Check if hostnames or addresses match */
338 	cifs_server_lock(server);
339 	if (dfs_host_len != strlen(server->hostname) ||
340 	    strncasecmp(dfs_host, server->hostname, dfs_host_len)) {
341 		cifs_dbg(FYI, "%s: %.*s doesn't match %s\n", __func__,
342 			 (int)dfs_host_len, dfs_host, server->hostname);
343 		rc = match_target_ip(server, dfs_host, dfs_host_len, target_match);
344 		if (rc)
345 			cifs_dbg(VFS, "%s: failed to match target ip: %d\n", __func__, rc);
346 	}
347 	cifs_server_unlock(server);
348 	return rc;
349 }
350 
tree_connect_dfs_target(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,char * tree,bool islink,struct dfs_cache_tgt_list * tl)351 static int tree_connect_dfs_target(const unsigned int xid,
352 				   struct cifs_tcon *tcon,
353 				   struct cifs_sb_info *cifs_sb,
354 				   char *tree, bool islink,
355 				   struct dfs_cache_tgt_list *tl)
356 {
357 	const struct smb_version_operations *ops = tcon->ses->server->ops;
358 	struct TCP_Server_Info *server = tcon->ses->server;
359 	struct dfs_cache_tgt_iterator *tit;
360 	char *share = NULL, *prefix = NULL;
361 	bool target_match;
362 	int rc = -ENOENT;
363 
364 	/* Try to tree connect to all dfs targets */
365 	for (tit = dfs_cache_get_tgt_iterator(tl);
366 	     tit; tit = dfs_cache_get_next_tgt(tl, tit)) {
367 		kfree(share);
368 		kfree(prefix);
369 		share = prefix = NULL;
370 
371 		/* Check if share matches with tcp ses */
372 		rc = dfs_cache_get_tgt_share(server->leaf_fullpath + 1, tit, &share, &prefix);
373 		if (rc) {
374 			cifs_dbg(VFS, "%s: failed to parse target share: %d\n", __func__, rc);
375 			break;
376 		}
377 
378 		rc = target_share_matches_server(server, share, &target_match);
379 		if (rc)
380 			break;
381 		if (!target_match) {
382 			rc = -EHOSTUNREACH;
383 			continue;
384 		}
385 
386 		dfs_cache_noreq_update_tgthint(server->leaf_fullpath + 1, tit);
387 		scnprintf(tree, MAX_TREE_SIZE, "\\%s", share);
388 		rc = ops->tree_connect(xid, tcon->ses, tree,
389 				       tcon, tcon->ses->local_nls);
390 		if (islink && !rc && cifs_sb)
391 			rc = cifs_update_super_prepath(cifs_sb, prefix);
392 		break;
393 	}
394 
395 	kfree(share);
396 	kfree(prefix);
397 	dfs_cache_free_tgts(tl);
398 	return rc;
399 }
400 
cifs_tree_connect(const unsigned int xid,struct cifs_tcon * tcon,const struct nls_table * nlsc)401 int cifs_tree_connect(const unsigned int xid, struct cifs_tcon *tcon, const struct nls_table *nlsc)
402 {
403 	int rc;
404 	struct TCP_Server_Info *server = tcon->ses->server;
405 	const struct smb_version_operations *ops = server->ops;
406 	DFS_CACHE_TGT_LIST(tl);
407 	struct cifs_sb_info *cifs_sb = NULL;
408 	struct super_block *sb = NULL;
409 	struct dfs_info3_param ref = {0};
410 	char *tree;
411 
412 	/* only send once per connect */
413 	spin_lock(&tcon->tc_lock);
414 
415 	/* if tcon is marked for needing reconnect, update state */
416 	if (tcon->need_reconnect)
417 		tcon->status = TID_NEED_TCON;
418 
419 	if (tcon->status == TID_GOOD) {
420 		spin_unlock(&tcon->tc_lock);
421 		return 0;
422 	}
423 
424 	if (tcon->status != TID_NEW &&
425 	    tcon->status != TID_NEED_TCON) {
426 		spin_unlock(&tcon->tc_lock);
427 		return -EHOSTDOWN;
428 	}
429 
430 	tcon->status = TID_IN_TCON;
431 	spin_unlock(&tcon->tc_lock);
432 
433 	tree = kzalloc(MAX_TREE_SIZE, GFP_KERNEL);
434 	if (!tree) {
435 		rc = -ENOMEM;
436 		goto out;
437 	}
438 
439 	if (tcon->ipc) {
440 		cifs_server_lock(server);
441 		scnprintf(tree, MAX_TREE_SIZE, "\\\\%s\\IPC$", server->hostname);
442 		cifs_server_unlock(server);
443 		rc = ops->tree_connect(xid, tcon->ses, tree, tcon, nlsc);
444 		goto out;
445 	}
446 
447 	sb = cifs_get_dfs_tcon_super(tcon);
448 	if (!IS_ERR(sb))
449 		cifs_sb = CIFS_SB(sb);
450 
451 	/* Tree connect to last share in @tcon->tree_name if no DFS referral */
452 	if (!server->leaf_fullpath ||
453 	    dfs_cache_noreq_find(server->leaf_fullpath + 1, &ref, &tl)) {
454 		rc = ops->tree_connect(xid, tcon->ses, tcon->tree_name,
455 				       tcon, tcon->ses->local_nls);
456 		goto out;
457 	}
458 
459 	rc = tree_connect_dfs_target(xid, tcon, cifs_sb, tree, ref.server_type == DFS_TYPE_LINK,
460 				     &tl);
461 	free_dfs_info_param(&ref);
462 
463 out:
464 	kfree(tree);
465 	cifs_put_tcp_super(sb);
466 
467 	if (rc) {
468 		spin_lock(&tcon->tc_lock);
469 		if (tcon->status == TID_IN_TCON)
470 			tcon->status = TID_NEED_TCON;
471 		spin_unlock(&tcon->tc_lock);
472 	} else {
473 		spin_lock(&tcon->tc_lock);
474 		if (tcon->status == TID_IN_TCON)
475 			tcon->status = TID_GOOD;
476 		tcon->need_reconnect = false;
477 		spin_unlock(&tcon->tc_lock);
478 	}
479 
480 	return rc;
481 }
482