1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright (c) 2022 Paulo Alcantara <palcantara@suse.de>
4 */
5
6 #include "cifsproto.h"
7 #include "cifs_debug.h"
8 #include "dns_resolve.h"
9 #include "fs_context.h"
10 #include "dfs.h"
11
12 /**
13 * dfs_parse_target_referral - set fs context for dfs target referral
14 *
15 * @full_path: full path in UNC format.
16 * @ref: dfs referral pointer.
17 * @ctx: smb3 fs context pointer.
18 *
19 * Return zero if dfs referral was parsed correctly, otherwise non-zero.
20 */
dfs_parse_target_referral(const char * full_path,const struct dfs_info3_param * ref,struct smb3_fs_context * ctx)21 int dfs_parse_target_referral(const char *full_path, const struct dfs_info3_param *ref,
22 struct smb3_fs_context *ctx)
23 {
24 int rc;
25 const char *prepath = NULL;
26 char *path;
27
28 if (!full_path || !*full_path || !ref || !ctx)
29 return -EINVAL;
30
31 if (WARN_ON_ONCE(!ref->node_name || ref->path_consumed < 0))
32 return -EINVAL;
33
34 if (strlen(full_path) - ref->path_consumed) {
35 prepath = full_path + ref->path_consumed;
36 /* skip initial delimiter */
37 if (*prepath == '/' || *prepath == '\\')
38 prepath++;
39 }
40
41 path = cifs_build_devname(ref->node_name, prepath);
42 if (IS_ERR(path))
43 return PTR_ERR(path);
44
45 rc = smb3_parse_devname(path, ctx);
46 if (rc)
47 goto out;
48
49 rc = dns_resolve_server_name_to_ip(path, (struct sockaddr *)&ctx->dstaddr, NULL);
50
51 out:
52 kfree(path);
53 return rc;
54 }
55
get_session(struct cifs_mount_ctx * mnt_ctx,const char * full_path)56 static int get_session(struct cifs_mount_ctx *mnt_ctx, const char *full_path)
57 {
58 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx;
59 int rc;
60
61 ctx->leaf_fullpath = (char *)full_path;
62 rc = cifs_mount_get_session(mnt_ctx);
63 ctx->leaf_fullpath = NULL;
64
65 return rc;
66 }
67
68 /*
69 * Get an active reference of @ses so that next call to cifs_put_tcon() won't
70 * release it as any new DFS referrals must go through its IPC tcon.
71 */
add_root_smb_session(struct cifs_mount_ctx * mnt_ctx)72 static void add_root_smb_session(struct cifs_mount_ctx *mnt_ctx)
73 {
74 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx;
75 struct cifs_ses *ses = mnt_ctx->ses;
76
77 if (ses) {
78 spin_lock(&cifs_tcp_ses_lock);
79 cifs_smb_ses_inc_refcount(ses);
80 spin_unlock(&cifs_tcp_ses_lock);
81 }
82 ctx->dfs_root_ses = ses;
83 }
84
parse_dfs_target(struct smb3_fs_context * ctx,struct dfs_ref_walk * rw,struct dfs_info3_param * tgt)85 static inline int parse_dfs_target(struct smb3_fs_context *ctx,
86 struct dfs_ref_walk *rw,
87 struct dfs_info3_param *tgt)
88 {
89 int rc;
90 const char *fpath = ref_walk_fpath(rw) + 1;
91
92 rc = ref_walk_get_tgt(rw, tgt);
93 if (!rc)
94 rc = dfs_parse_target_referral(fpath, tgt, ctx);
95 return rc;
96 }
97
set_ref_paths(struct cifs_mount_ctx * mnt_ctx,struct dfs_info3_param * tgt,struct dfs_ref_walk * rw)98 static int set_ref_paths(struct cifs_mount_ctx *mnt_ctx,
99 struct dfs_info3_param *tgt,
100 struct dfs_ref_walk *rw)
101 {
102 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx;
103 struct cifs_sb_info *cifs_sb = mnt_ctx->cifs_sb;
104 char *ref_path, *full_path;
105 int rc;
106
107 full_path = smb3_fs_context_fullpath(ctx, CIFS_DIR_SEP(cifs_sb));
108 if (IS_ERR(full_path))
109 return PTR_ERR(full_path);
110
111 if (!tgt || (tgt->server_type == DFS_TYPE_LINK &&
112 DFS_INTERLINK(tgt->flags)))
113 ref_path = dfs_get_path(cifs_sb, ctx->UNC);
114 else
115 ref_path = dfs_get_path(cifs_sb, full_path);
116 if (IS_ERR(ref_path)) {
117 rc = PTR_ERR(ref_path);
118 kfree(full_path);
119 return rc;
120 }
121 ref_walk_path(rw) = ref_path;
122 ref_walk_fpath(rw) = full_path;
123 return 0;
124 }
125
__dfs_referral_walk(struct cifs_mount_ctx * mnt_ctx,struct dfs_ref_walk * rw)126 static int __dfs_referral_walk(struct cifs_mount_ctx *mnt_ctx,
127 struct dfs_ref_walk *rw)
128 {
129 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx;
130 struct dfs_info3_param tgt = {};
131 bool is_refsrv;
132 int rc = -ENOENT;
133
134 again:
135 do {
136 if (ref_walk_empty(rw)) {
137 rc = dfs_get_referral(mnt_ctx, ref_walk_path(rw) + 1,
138 NULL, ref_walk_tl(rw));
139 if (rc) {
140 rc = cifs_mount_get_tcon(mnt_ctx);
141 if (!rc)
142 rc = cifs_is_path_remote(mnt_ctx);
143 continue;
144 }
145 if (!ref_walk_num_tgts(rw)) {
146 rc = -ENOENT;
147 continue;
148 }
149 }
150
151 while (ref_walk_next_tgt(rw)) {
152 rc = parse_dfs_target(ctx, rw, &tgt);
153 if (rc)
154 continue;
155
156 cifs_mount_put_conns(mnt_ctx);
157 rc = get_session(mnt_ctx, ref_walk_path(rw));
158 if (rc)
159 continue;
160
161 is_refsrv = tgt.server_type == DFS_TYPE_ROOT ||
162 DFS_INTERLINK(tgt.flags);
163 ref_walk_set_tgt_hint(rw);
164
165 if (tgt.flags & DFSREF_STORAGE_SERVER) {
166 rc = cifs_mount_get_tcon(mnt_ctx);
167 if (!rc)
168 rc = cifs_is_path_remote(mnt_ctx);
169 if (!rc)
170 break;
171 if (rc != -EREMOTE)
172 continue;
173 }
174
175 if (is_refsrv)
176 add_root_smb_session(mnt_ctx);
177
178 rc = ref_walk_advance(rw);
179 if (!rc) {
180 rc = set_ref_paths(mnt_ctx, &tgt, rw);
181 if (!rc) {
182 rc = -EREMOTE;
183 goto again;
184 }
185 }
186 if (rc != -ELOOP)
187 goto out;
188 }
189 } while (rc && ref_walk_descend(rw));
190
191 out:
192 free_dfs_info_param(&tgt);
193 return rc;
194 }
195
dfs_referral_walk(struct cifs_mount_ctx * mnt_ctx)196 static int dfs_referral_walk(struct cifs_mount_ctx *mnt_ctx)
197 {
198 struct dfs_ref_walk *rw;
199 int rc;
200
201 rw = ref_walk_alloc();
202 if (IS_ERR(rw))
203 return PTR_ERR(rw);
204
205 ref_walk_init(rw);
206 rc = set_ref_paths(mnt_ctx, NULL, rw);
207 if (!rc)
208 rc = __dfs_referral_walk(mnt_ctx, rw);
209 ref_walk_free(rw);
210 return rc;
211 }
212
__dfs_mount_share(struct cifs_mount_ctx * mnt_ctx)213 static int __dfs_mount_share(struct cifs_mount_ctx *mnt_ctx)
214 {
215 struct cifs_sb_info *cifs_sb = mnt_ctx->cifs_sb;
216 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx;
217 struct cifs_tcon *tcon;
218 char *origin_fullpath;
219 bool new_tcon = true;
220 int rc;
221
222 origin_fullpath = dfs_get_path(cifs_sb, ctx->source);
223 if (IS_ERR(origin_fullpath))
224 return PTR_ERR(origin_fullpath);
225
226 rc = dfs_referral_walk(mnt_ctx);
227 if (!rc) {
228 /*
229 * Prevent superblock from being created with any missing
230 * connections.
231 */
232 if (WARN_ON(!mnt_ctx->server))
233 rc = -EHOSTDOWN;
234 else if (WARN_ON(!mnt_ctx->ses))
235 rc = -EACCES;
236 else if (WARN_ON(!mnt_ctx->tcon))
237 rc = -ENOENT;
238 }
239 if (rc)
240 goto out;
241
242 tcon = mnt_ctx->tcon;
243 spin_lock(&tcon->tc_lock);
244 if (!tcon->origin_fullpath) {
245 tcon->origin_fullpath = origin_fullpath;
246 origin_fullpath = NULL;
247 } else {
248 new_tcon = false;
249 }
250 spin_unlock(&tcon->tc_lock);
251
252 if (new_tcon) {
253 queue_delayed_work(dfscache_wq, &tcon->dfs_cache_work,
254 dfs_cache_get_ttl() * HZ);
255 }
256
257 out:
258 kfree(origin_fullpath);
259 return rc;
260 }
261
262 /*
263 * If @ctx->dfs_automount, then update @ctx->dstaddr earlier with the DFS root
264 * server from where we'll start following any referrals. Otherwise rely on the
265 * value provided by mount(2) as the user might not have dns_resolver key set up
266 * and therefore failing to upcall to resolve UNC hostname under @ctx->source.
267 */
update_fs_context_dstaddr(struct smb3_fs_context * ctx)268 static int update_fs_context_dstaddr(struct smb3_fs_context *ctx)
269 {
270 struct sockaddr *addr = (struct sockaddr *)&ctx->dstaddr;
271 int rc = 0;
272
273 if (!ctx->nodfs && ctx->dfs_automount) {
274 rc = dns_resolve_server_name_to_ip(ctx->source, addr, NULL);
275 if (!rc)
276 cifs_set_port(addr, ctx->port);
277 ctx->dfs_automount = false;
278 }
279 return rc;
280 }
281
dfs_mount_share(struct cifs_mount_ctx * mnt_ctx,bool * isdfs)282 int dfs_mount_share(struct cifs_mount_ctx *mnt_ctx, bool *isdfs)
283 {
284 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx;
285 bool nodfs = ctx->nodfs;
286 int rc;
287
288 rc = update_fs_context_dstaddr(ctx);
289 if (rc)
290 return rc;
291
292 *isdfs = false;
293 rc = get_session(mnt_ctx, NULL);
294 if (rc)
295 return rc;
296
297 /*
298 * If called with 'nodfs' mount option, then skip DFS resolving. Otherwise unconditionally
299 * try to get an DFS referral (even cached) to determine whether it is an DFS mount.
300 *
301 * Skip prefix path to provide support for DFS referrals from w2k8 servers which don't seem
302 * to respond with PATH_NOT_COVERED to requests that include the prefix.
303 */
304 if (!nodfs) {
305 rc = dfs_get_referral(mnt_ctx, ctx->UNC + 1, NULL, NULL);
306 if (rc) {
307 cifs_dbg(FYI, "%s: no dfs referral for %s: %d\n",
308 __func__, ctx->UNC + 1, rc);
309 cifs_dbg(FYI, "%s: assuming non-dfs mount...\n", __func__);
310 nodfs = true;
311 }
312 }
313 if (nodfs) {
314 rc = cifs_mount_get_tcon(mnt_ctx);
315 if (!rc)
316 rc = cifs_is_path_remote(mnt_ctx);
317 return rc;
318 }
319
320 *isdfs = true;
321 add_root_smb_session(mnt_ctx);
322 rc = __dfs_mount_share(mnt_ctx);
323 dfs_put_root_smb_sessions(mnt_ctx);
324 return rc;
325 }
326
327 /* Update dfs referral path of superblock */
update_server_fullpath(struct TCP_Server_Info * server,struct cifs_sb_info * cifs_sb,const char * target)328 static int update_server_fullpath(struct TCP_Server_Info *server, struct cifs_sb_info *cifs_sb,
329 const char *target)
330 {
331 int rc = 0;
332 size_t len = strlen(target);
333 char *refpath, *npath;
334
335 if (unlikely(len < 2 || *target != '\\'))
336 return -EINVAL;
337
338 if (target[1] == '\\') {
339 len += 1;
340 refpath = kmalloc(len, GFP_KERNEL);
341 if (!refpath)
342 return -ENOMEM;
343
344 scnprintf(refpath, len, "%s", target);
345 } else {
346 len += sizeof("\\");
347 refpath = kmalloc(len, GFP_KERNEL);
348 if (!refpath)
349 return -ENOMEM;
350
351 scnprintf(refpath, len, "\\%s", target);
352 }
353
354 npath = dfs_cache_canonical_path(refpath, cifs_sb->local_nls, cifs_remap(cifs_sb));
355 kfree(refpath);
356
357 if (IS_ERR(npath)) {
358 rc = PTR_ERR(npath);
359 } else {
360 mutex_lock(&server->refpath_lock);
361 spin_lock(&server->srv_lock);
362 kfree(server->leaf_fullpath);
363 server->leaf_fullpath = npath;
364 spin_unlock(&server->srv_lock);
365 mutex_unlock(&server->refpath_lock);
366 }
367 return rc;
368 }
369
target_share_matches_server(struct TCP_Server_Info * server,char * share,bool * target_match)370 static int target_share_matches_server(struct TCP_Server_Info *server, char *share,
371 bool *target_match)
372 {
373 int rc = 0;
374 const char *dfs_host;
375 size_t dfs_host_len;
376
377 *target_match = true;
378 extract_unc_hostname(share, &dfs_host, &dfs_host_len);
379
380 /* Check if hostnames or addresses match */
381 cifs_server_lock(server);
382 if (dfs_host_len != strlen(server->hostname) ||
383 strncasecmp(dfs_host, server->hostname, dfs_host_len)) {
384 cifs_dbg(FYI, "%s: %.*s doesn't match %s\n", __func__,
385 (int)dfs_host_len, dfs_host, server->hostname);
386 rc = match_target_ip(server, dfs_host, dfs_host_len, target_match);
387 if (rc)
388 cifs_dbg(VFS, "%s: failed to match target ip: %d\n", __func__, rc);
389 }
390 cifs_server_unlock(server);
391 return rc;
392 }
393
__tree_connect_ipc(const unsigned int xid,char * tree,struct cifs_sb_info * cifs_sb,struct cifs_ses * ses)394 static void __tree_connect_ipc(const unsigned int xid, char *tree,
395 struct cifs_sb_info *cifs_sb,
396 struct cifs_ses *ses)
397 {
398 struct TCP_Server_Info *server = ses->server;
399 struct cifs_tcon *tcon = ses->tcon_ipc;
400 int rc;
401
402 spin_lock(&ses->ses_lock);
403 spin_lock(&ses->chan_lock);
404 if (cifs_chan_needs_reconnect(ses, server) ||
405 ses->ses_status != SES_GOOD) {
406 spin_unlock(&ses->chan_lock);
407 spin_unlock(&ses->ses_lock);
408 cifs_server_dbg(FYI, "%s: skipping ipc reconnect due to disconnected ses\n",
409 __func__);
410 return;
411 }
412 spin_unlock(&ses->chan_lock);
413 spin_unlock(&ses->ses_lock);
414
415 cifs_server_lock(server);
416 scnprintf(tree, MAX_TREE_SIZE, "\\\\%s\\IPC$", server->hostname);
417 cifs_server_unlock(server);
418
419 rc = server->ops->tree_connect(xid, ses, tree, tcon,
420 cifs_sb->local_nls);
421 cifs_server_dbg(FYI, "%s: tree_reconnect %s: %d\n", __func__, tree, rc);
422 spin_lock(&tcon->tc_lock);
423 if (rc) {
424 tcon->status = TID_NEED_TCON;
425 } else {
426 tcon->status = TID_GOOD;
427 tcon->need_reconnect = false;
428 }
429 spin_unlock(&tcon->tc_lock);
430 }
431
tree_connect_ipc(const unsigned int xid,char * tree,struct cifs_sb_info * cifs_sb,struct cifs_tcon * tcon)432 static void tree_connect_ipc(const unsigned int xid, char *tree,
433 struct cifs_sb_info *cifs_sb,
434 struct cifs_tcon *tcon)
435 {
436 struct cifs_ses *ses = tcon->ses;
437
438 __tree_connect_ipc(xid, tree, cifs_sb, ses);
439 __tree_connect_ipc(xid, tree, cifs_sb, CIFS_DFS_ROOT_SES(ses));
440 }
441
__tree_connect_dfs_target(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,char * tree,bool islink,struct dfs_cache_tgt_list * tl)442 static int __tree_connect_dfs_target(const unsigned int xid, struct cifs_tcon *tcon,
443 struct cifs_sb_info *cifs_sb, char *tree, bool islink,
444 struct dfs_cache_tgt_list *tl)
445 {
446 int rc;
447 struct TCP_Server_Info *server = tcon->ses->server;
448 const struct smb_version_operations *ops = server->ops;
449 struct cifs_ses *root_ses = CIFS_DFS_ROOT_SES(tcon->ses);
450 char *share = NULL, *prefix = NULL;
451 struct dfs_cache_tgt_iterator *tit;
452 bool target_match;
453
454 tit = dfs_cache_get_tgt_iterator(tl);
455 if (!tit) {
456 rc = -ENOENT;
457 goto out;
458 }
459
460 /* Try to tree connect to all dfs targets */
461 for (; tit; tit = dfs_cache_get_next_tgt(tl, tit)) {
462 const char *target = dfs_cache_get_tgt_name(tit);
463 DFS_CACHE_TGT_LIST(ntl);
464
465 kfree(share);
466 kfree(prefix);
467 share = prefix = NULL;
468
469 /* Check if share matches with tcp ses */
470 rc = dfs_cache_get_tgt_share(server->leaf_fullpath + 1, tit, &share, &prefix);
471 if (rc) {
472 cifs_dbg(VFS, "%s: failed to parse target share: %d\n", __func__, rc);
473 break;
474 }
475
476 rc = target_share_matches_server(server, share, &target_match);
477 if (rc)
478 break;
479 if (!target_match) {
480 rc = -EHOSTUNREACH;
481 continue;
482 }
483
484 dfs_cache_noreq_update_tgthint(server->leaf_fullpath + 1, tit);
485 tree_connect_ipc(xid, tree, cifs_sb, tcon);
486
487 scnprintf(tree, MAX_TREE_SIZE, "\\%s", share);
488 if (!islink) {
489 rc = ops->tree_connect(xid, tcon->ses, tree, tcon, cifs_sb->local_nls);
490 break;
491 }
492
493 /*
494 * If no dfs referrals were returned from link target, then just do a TREE_CONNECT
495 * to it. Otherwise, cache the dfs referral and then mark current tcp ses for
496 * reconnect so either the demultiplex thread or the echo worker will reconnect to
497 * newly resolved target.
498 */
499 if (dfs_cache_find(xid, root_ses, cifs_sb->local_nls, cifs_remap(cifs_sb), target,
500 NULL, &ntl)) {
501 rc = ops->tree_connect(xid, tcon->ses, tree, tcon, cifs_sb->local_nls);
502 if (rc)
503 continue;
504
505 rc = cifs_update_super_prepath(cifs_sb, prefix);
506 } else {
507 /* Target is another dfs share */
508 rc = update_server_fullpath(server, cifs_sb, target);
509 dfs_cache_free_tgts(tl);
510
511 if (!rc) {
512 rc = -EREMOTE;
513 list_replace_init(&ntl.tl_list, &tl->tl_list);
514 } else
515 dfs_cache_free_tgts(&ntl);
516 }
517 break;
518 }
519
520 out:
521 kfree(share);
522 kfree(prefix);
523
524 return rc;
525 }
526
tree_connect_dfs_target(const unsigned int xid,struct cifs_tcon * tcon,struct cifs_sb_info * cifs_sb,char * tree,bool islink,struct dfs_cache_tgt_list * tl)527 static int tree_connect_dfs_target(const unsigned int xid, struct cifs_tcon *tcon,
528 struct cifs_sb_info *cifs_sb, char *tree, bool islink,
529 struct dfs_cache_tgt_list *tl)
530 {
531 int rc;
532 int num_links = 0;
533 struct TCP_Server_Info *server = tcon->ses->server;
534 char *old_fullpath = server->leaf_fullpath;
535
536 do {
537 rc = __tree_connect_dfs_target(xid, tcon, cifs_sb, tree, islink, tl);
538 if (!rc || rc != -EREMOTE)
539 break;
540 } while (rc = -ELOOP, ++num_links < MAX_NESTED_LINKS);
541 /*
542 * If we couldn't tree connect to any targets from last referral path, then
543 * retry it from newly resolved dfs referral.
544 */
545 if (rc && server->leaf_fullpath != old_fullpath)
546 cifs_signal_cifsd_for_reconnect(server, true);
547
548 dfs_cache_free_tgts(tl);
549 return rc;
550 }
551
cifs_tree_connect(const unsigned int xid,struct cifs_tcon * tcon,const struct nls_table * nlsc)552 int cifs_tree_connect(const unsigned int xid, struct cifs_tcon *tcon, const struct nls_table *nlsc)
553 {
554 int rc;
555 struct TCP_Server_Info *server = tcon->ses->server;
556 const struct smb_version_operations *ops = server->ops;
557 DFS_CACHE_TGT_LIST(tl);
558 struct cifs_sb_info *cifs_sb = NULL;
559 struct super_block *sb = NULL;
560 struct dfs_info3_param ref = {0};
561 char *tree;
562
563 /* only send once per connect */
564 spin_lock(&tcon->tc_lock);
565
566 /* if tcon is marked for needing reconnect, update state */
567 if (tcon->need_reconnect)
568 tcon->status = TID_NEED_TCON;
569
570 if (tcon->status == TID_GOOD) {
571 spin_unlock(&tcon->tc_lock);
572 return 0;
573 }
574
575 if (tcon->status != TID_NEW &&
576 tcon->status != TID_NEED_TCON) {
577 spin_unlock(&tcon->tc_lock);
578 return -EHOSTDOWN;
579 }
580
581 tcon->status = TID_IN_TCON;
582 spin_unlock(&tcon->tc_lock);
583
584 tree = kzalloc(MAX_TREE_SIZE, GFP_KERNEL);
585 if (!tree) {
586 rc = -ENOMEM;
587 goto out;
588 }
589
590 if (tcon->ipc) {
591 cifs_server_lock(server);
592 scnprintf(tree, MAX_TREE_SIZE, "\\\\%s\\IPC$", server->hostname);
593 cifs_server_unlock(server);
594 rc = ops->tree_connect(xid, tcon->ses, tree, tcon, nlsc);
595 goto out;
596 }
597
598 sb = cifs_get_dfs_tcon_super(tcon);
599 if (!IS_ERR(sb))
600 cifs_sb = CIFS_SB(sb);
601
602 /*
603 * Tree connect to last share in @tcon->tree_name whether dfs super or
604 * cached dfs referral was not found.
605 */
606 if (!cifs_sb || !server->leaf_fullpath ||
607 dfs_cache_noreq_find(server->leaf_fullpath + 1, &ref, &tl)) {
608 rc = ops->tree_connect(xid, tcon->ses, tcon->tree_name, tcon,
609 cifs_sb ? cifs_sb->local_nls : nlsc);
610 goto out;
611 }
612
613 rc = tree_connect_dfs_target(xid, tcon, cifs_sb, tree, ref.server_type == DFS_TYPE_LINK,
614 &tl);
615 free_dfs_info_param(&ref);
616
617 out:
618 kfree(tree);
619 cifs_put_tcp_super(sb);
620
621 if (rc) {
622 spin_lock(&tcon->tc_lock);
623 if (tcon->status == TID_IN_TCON)
624 tcon->status = TID_NEED_TCON;
625 spin_unlock(&tcon->tc_lock);
626 } else {
627 spin_lock(&tcon->tc_lock);
628 if (tcon->status == TID_IN_TCON)
629 tcon->status = TID_GOOD;
630 tcon->need_reconnect = false;
631 spin_unlock(&tcon->tc_lock);
632 }
633
634 return rc;
635 }
636