1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (c) 2022 Paulo Alcantara <palcantara@suse.de> 4 */ 5 6 #include <linux/namei.h> 7 #include "cifsproto.h" 8 #include "cifs_debug.h" 9 #include "dns_resolve.h" 10 #include "fs_context.h" 11 #include "dfs.h" 12 13 /** 14 * dfs_parse_target_referral - set fs context for dfs target referral 15 * 16 * @full_path: full path in UNC format. 17 * @ref: dfs referral pointer. 18 * @ctx: smb3 fs context pointer. 19 * 20 * Return zero if dfs referral was parsed correctly, otherwise non-zero. 21 */ 22 int dfs_parse_target_referral(const char *full_path, const struct dfs_info3_param *ref, 23 struct smb3_fs_context *ctx) 24 { 25 int rc; 26 const char *prepath = NULL; 27 char *path; 28 29 if (!full_path || !*full_path || !ref || !ctx) 30 return -EINVAL; 31 32 if (WARN_ON_ONCE(!ref->node_name || ref->path_consumed < 0)) 33 return -EINVAL; 34 35 if (strlen(full_path) - ref->path_consumed) { 36 prepath = full_path + ref->path_consumed; 37 /* skip initial delimiter */ 38 if (*prepath == '/' || *prepath == '\\') 39 prepath++; 40 } 41 42 path = cifs_build_devname(ref->node_name, prepath); 43 if (IS_ERR(path)) 44 return PTR_ERR(path); 45 46 rc = smb3_parse_devname(path, ctx); 47 if (rc) 48 goto out; 49 50 rc = dns_resolve_server_name_to_ip(path, (struct sockaddr *)&ctx->dstaddr, NULL); 51 52 out: 53 kfree(path); 54 return rc; 55 } 56 57 static int get_session(struct cifs_mount_ctx *mnt_ctx, const char *full_path) 58 { 59 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 60 int rc; 61 62 ctx->leaf_fullpath = (char *)full_path; 63 rc = cifs_mount_get_session(mnt_ctx); 64 ctx->leaf_fullpath = NULL; 65 66 return rc; 67 } 68 69 static int add_root_smb_session(struct cifs_mount_ctx *mnt_ctx) 70 { 71 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 72 struct dfs_root_ses *root_ses; 73 struct cifs_ses *ses = mnt_ctx->ses; 74 75 if (ses) { 76 root_ses = kmalloc(sizeof(*root_ses), GFP_KERNEL); 77 if (!root_ses) 78 return -ENOMEM; 79 80 INIT_LIST_HEAD(&root_ses->list); 81 82 spin_lock(&cifs_tcp_ses_lock); 83 ses->ses_count++; 84 spin_unlock(&cifs_tcp_ses_lock); 85 root_ses->ses = ses; 86 list_add_tail(&root_ses->list, &mnt_ctx->dfs_ses_list); 87 } 88 ctx->dfs_root_ses = ses; 89 return 0; 90 } 91 92 static int get_dfs_conn(struct cifs_mount_ctx *mnt_ctx, const char *ref_path, const char *full_path, 93 const struct dfs_cache_tgt_iterator *tit) 94 { 95 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 96 struct dfs_info3_param ref = {}; 97 bool is_refsrv; 98 int rc, rc2; 99 100 rc = dfs_cache_get_tgt_referral(ref_path + 1, tit, &ref); 101 if (rc) 102 return rc; 103 104 rc = dfs_parse_target_referral(full_path + 1, &ref, ctx); 105 if (rc) 106 goto out; 107 108 cifs_mount_put_conns(mnt_ctx); 109 rc = get_session(mnt_ctx, ref_path); 110 if (rc) 111 goto out; 112 113 is_refsrv = !!(ref.flags & DFSREF_REFERRAL_SERVER); 114 115 rc = -EREMOTE; 116 if (ref.flags & DFSREF_STORAGE_SERVER) { 117 rc = cifs_mount_get_tcon(mnt_ctx); 118 if (rc) 119 goto out; 120 121 /* some servers may not advertise referral capability under ref.flags */ 122 is_refsrv |= is_tcon_dfs(mnt_ctx->tcon); 123 124 rc = cifs_is_path_remote(mnt_ctx); 125 } 126 127 dfs_cache_noreq_update_tgthint(ref_path + 1, tit); 128 129 if (rc == -EREMOTE && is_refsrv) { 130 rc2 = add_root_smb_session(mnt_ctx); 131 if (rc2) 132 rc = rc2; 133 } 134 135 out: 136 free_dfs_info_param(&ref); 137 return rc; 138 } 139 140 static int __dfs_mount_share(struct cifs_mount_ctx *mnt_ctx) 141 { 142 struct cifs_sb_info *cifs_sb = mnt_ctx->cifs_sb; 143 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 144 char *ref_path = NULL, *full_path = NULL; 145 struct dfs_cache_tgt_iterator *tit; 146 struct cifs_tcon *tcon; 147 char *origin_fullpath = NULL; 148 char sep = CIFS_DIR_SEP(cifs_sb); 149 int num_links = 0; 150 int rc; 151 152 ref_path = dfs_get_path(cifs_sb, ctx->UNC); 153 if (IS_ERR(ref_path)) 154 return PTR_ERR(ref_path); 155 156 full_path = smb3_fs_context_fullpath(ctx, sep); 157 if (IS_ERR(full_path)) { 158 rc = PTR_ERR(full_path); 159 full_path = NULL; 160 goto out; 161 } 162 163 origin_fullpath = kstrdup(full_path, GFP_KERNEL); 164 if (!origin_fullpath) { 165 rc = -ENOMEM; 166 goto out; 167 } 168 169 do { 170 struct dfs_cache_tgt_list tl = DFS_CACHE_TGT_LIST_INIT(tl); 171 172 rc = dfs_get_referral(mnt_ctx, ref_path + 1, NULL, &tl); 173 if (rc) 174 break; 175 176 tit = dfs_cache_get_tgt_iterator(&tl); 177 if (!tit) { 178 cifs_dbg(VFS, "%s: dfs referral (%s) with no targets\n", __func__, 179 ref_path + 1); 180 rc = -ENOENT; 181 dfs_cache_free_tgts(&tl); 182 break; 183 } 184 185 do { 186 rc = get_dfs_conn(mnt_ctx, ref_path, full_path, tit); 187 if (!rc) 188 break; 189 if (rc == -EREMOTE) { 190 if (++num_links > MAX_NESTED_LINKS) { 191 rc = -ELOOP; 192 break; 193 } 194 kfree(ref_path); 195 kfree(full_path); 196 ref_path = full_path = NULL; 197 198 full_path = smb3_fs_context_fullpath(ctx, sep); 199 if (IS_ERR(full_path)) { 200 rc = PTR_ERR(full_path); 201 full_path = NULL; 202 } else { 203 ref_path = dfs_get_path(cifs_sb, full_path); 204 if (IS_ERR(ref_path)) { 205 rc = PTR_ERR(ref_path); 206 ref_path = NULL; 207 } 208 } 209 break; 210 } 211 } while ((tit = dfs_cache_get_next_tgt(&tl, tit))); 212 dfs_cache_free_tgts(&tl); 213 } while (rc == -EREMOTE); 214 215 if (!rc) { 216 tcon = mnt_ctx->tcon; 217 218 spin_lock(&tcon->tc_lock); 219 if (!tcon->origin_fullpath) { 220 tcon->origin_fullpath = origin_fullpath; 221 origin_fullpath = NULL; 222 } 223 spin_unlock(&tcon->tc_lock); 224 225 if (list_empty(&tcon->dfs_ses_list)) { 226 list_replace_init(&mnt_ctx->dfs_ses_list, 227 &tcon->dfs_ses_list); 228 queue_delayed_work(dfscache_wq, &tcon->dfs_cache_work, 229 dfs_cache_get_ttl() * HZ); 230 } else { 231 dfs_put_root_smb_sessions(&mnt_ctx->dfs_ses_list); 232 } 233 } 234 235 out: 236 kfree(origin_fullpath); 237 kfree(ref_path); 238 kfree(full_path); 239 return rc; 240 } 241 242 int dfs_mount_share(struct cifs_mount_ctx *mnt_ctx, bool *isdfs) 243 { 244 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 245 struct cifs_ses *ses; 246 bool nodfs = ctx->nodfs; 247 int rc; 248 249 *isdfs = false; 250 rc = get_session(mnt_ctx, NULL); 251 if (rc) 252 return rc; 253 254 ctx->dfs_root_ses = mnt_ctx->ses; 255 /* 256 * If called with 'nodfs' mount option, then skip DFS resolving. Otherwise unconditionally 257 * try to get an DFS referral (even cached) to determine whether it is an DFS mount. 258 * 259 * Skip prefix path to provide support for DFS referrals from w2k8 servers which don't seem 260 * to respond with PATH_NOT_COVERED to requests that include the prefix. 261 */ 262 if (!nodfs) { 263 rc = dfs_get_referral(mnt_ctx, ctx->UNC + 1, NULL, NULL); 264 if (rc) { 265 cifs_dbg(FYI, "%s: no dfs referral for %s: %d\n", 266 __func__, ctx->UNC + 1, rc); 267 cifs_dbg(FYI, "%s: assuming non-dfs mount...\n", __func__); 268 nodfs = true; 269 } 270 } 271 if (nodfs) { 272 rc = cifs_mount_get_tcon(mnt_ctx); 273 if (!rc) 274 rc = cifs_is_path_remote(mnt_ctx); 275 return rc; 276 } 277 278 *isdfs = true; 279 /* 280 * Prevent DFS root session of being put in the first call to 281 * cifs_mount_put_conns(). If another DFS root server was not found 282 * while chasing the referrals (@ctx->dfs_root_ses == @ses), then we 283 * can safely put extra refcount of @ses. 284 */ 285 ses = mnt_ctx->ses; 286 mnt_ctx->ses = NULL; 287 mnt_ctx->server = NULL; 288 rc = __dfs_mount_share(mnt_ctx); 289 if (ses == ctx->dfs_root_ses) 290 cifs_put_smb_ses(ses); 291 292 return rc; 293 } 294 295 /* Update dfs referral path of superblock */ 296 static int update_server_fullpath(struct TCP_Server_Info *server, struct cifs_sb_info *cifs_sb, 297 const char *target) 298 { 299 int rc = 0; 300 size_t len = strlen(target); 301 char *refpath, *npath; 302 303 if (unlikely(len < 2 || *target != '\\')) 304 return -EINVAL; 305 306 if (target[1] == '\\') { 307 len += 1; 308 refpath = kmalloc(len, GFP_KERNEL); 309 if (!refpath) 310 return -ENOMEM; 311 312 scnprintf(refpath, len, "%s", target); 313 } else { 314 len += sizeof("\\"); 315 refpath = kmalloc(len, GFP_KERNEL); 316 if (!refpath) 317 return -ENOMEM; 318 319 scnprintf(refpath, len, "\\%s", target); 320 } 321 322 npath = dfs_cache_canonical_path(refpath, cifs_sb->local_nls, cifs_remap(cifs_sb)); 323 kfree(refpath); 324 325 if (IS_ERR(npath)) { 326 rc = PTR_ERR(npath); 327 } else { 328 mutex_lock(&server->refpath_lock); 329 spin_lock(&server->srv_lock); 330 kfree(server->leaf_fullpath); 331 server->leaf_fullpath = npath; 332 spin_unlock(&server->srv_lock); 333 mutex_unlock(&server->refpath_lock); 334 } 335 return rc; 336 } 337 338 static int target_share_matches_server(struct TCP_Server_Info *server, char *share, 339 bool *target_match) 340 { 341 int rc = 0; 342 const char *dfs_host; 343 size_t dfs_host_len; 344 345 *target_match = true; 346 extract_unc_hostname(share, &dfs_host, &dfs_host_len); 347 348 /* Check if hostnames or addresses match */ 349 cifs_server_lock(server); 350 if (dfs_host_len != strlen(server->hostname) || 351 strncasecmp(dfs_host, server->hostname, dfs_host_len)) { 352 cifs_dbg(FYI, "%s: %.*s doesn't match %s\n", __func__, 353 (int)dfs_host_len, dfs_host, server->hostname); 354 rc = match_target_ip(server, dfs_host, dfs_host_len, target_match); 355 if (rc) 356 cifs_dbg(VFS, "%s: failed to match target ip: %d\n", __func__, rc); 357 } 358 cifs_server_unlock(server); 359 return rc; 360 } 361 362 static void __tree_connect_ipc(const unsigned int xid, char *tree, 363 struct cifs_sb_info *cifs_sb, 364 struct cifs_ses *ses) 365 { 366 struct TCP_Server_Info *server = ses->server; 367 struct cifs_tcon *tcon = ses->tcon_ipc; 368 int rc; 369 370 spin_lock(&ses->ses_lock); 371 spin_lock(&ses->chan_lock); 372 if (cifs_chan_needs_reconnect(ses, server) || 373 ses->ses_status != SES_GOOD) { 374 spin_unlock(&ses->chan_lock); 375 spin_unlock(&ses->ses_lock); 376 cifs_server_dbg(FYI, "%s: skipping ipc reconnect due to disconnected ses\n", 377 __func__); 378 return; 379 } 380 spin_unlock(&ses->chan_lock); 381 spin_unlock(&ses->ses_lock); 382 383 cifs_server_lock(server); 384 scnprintf(tree, MAX_TREE_SIZE, "\\\\%s\\IPC$", server->hostname); 385 cifs_server_unlock(server); 386 387 rc = server->ops->tree_connect(xid, ses, tree, tcon, 388 cifs_sb->local_nls); 389 cifs_server_dbg(FYI, "%s: tree_reconnect %s: %d\n", __func__, tree, rc); 390 spin_lock(&tcon->tc_lock); 391 if (rc) { 392 tcon->status = TID_NEED_TCON; 393 } else { 394 tcon->status = TID_GOOD; 395 tcon->need_reconnect = false; 396 } 397 spin_unlock(&tcon->tc_lock); 398 } 399 400 static void tree_connect_ipc(const unsigned int xid, char *tree, 401 struct cifs_sb_info *cifs_sb, 402 struct cifs_tcon *tcon) 403 { 404 struct cifs_ses *ses = tcon->ses; 405 406 __tree_connect_ipc(xid, tree, cifs_sb, ses); 407 __tree_connect_ipc(xid, tree, cifs_sb, CIFS_DFS_ROOT_SES(ses)); 408 } 409 410 static int __tree_connect_dfs_target(const unsigned int xid, struct cifs_tcon *tcon, 411 struct cifs_sb_info *cifs_sb, char *tree, bool islink, 412 struct dfs_cache_tgt_list *tl) 413 { 414 int rc; 415 struct TCP_Server_Info *server = tcon->ses->server; 416 const struct smb_version_operations *ops = server->ops; 417 struct cifs_ses *root_ses = CIFS_DFS_ROOT_SES(tcon->ses); 418 char *share = NULL, *prefix = NULL; 419 struct dfs_cache_tgt_iterator *tit; 420 bool target_match; 421 422 tit = dfs_cache_get_tgt_iterator(tl); 423 if (!tit) { 424 rc = -ENOENT; 425 goto out; 426 } 427 428 /* Try to tree connect to all dfs targets */ 429 for (; tit; tit = dfs_cache_get_next_tgt(tl, tit)) { 430 const char *target = dfs_cache_get_tgt_name(tit); 431 struct dfs_cache_tgt_list ntl = DFS_CACHE_TGT_LIST_INIT(ntl); 432 433 kfree(share); 434 kfree(prefix); 435 share = prefix = NULL; 436 437 /* Check if share matches with tcp ses */ 438 rc = dfs_cache_get_tgt_share(server->leaf_fullpath + 1, tit, &share, &prefix); 439 if (rc) { 440 cifs_dbg(VFS, "%s: failed to parse target share: %d\n", __func__, rc); 441 break; 442 } 443 444 rc = target_share_matches_server(server, share, &target_match); 445 if (rc) 446 break; 447 if (!target_match) { 448 rc = -EHOSTUNREACH; 449 continue; 450 } 451 452 dfs_cache_noreq_update_tgthint(server->leaf_fullpath + 1, tit); 453 tree_connect_ipc(xid, tree, cifs_sb, tcon); 454 455 scnprintf(tree, MAX_TREE_SIZE, "\\%s", share); 456 if (!islink) { 457 rc = ops->tree_connect(xid, tcon->ses, tree, tcon, cifs_sb->local_nls); 458 break; 459 } 460 461 /* 462 * If no dfs referrals were returned from link target, then just do a TREE_CONNECT 463 * to it. Otherwise, cache the dfs referral and then mark current tcp ses for 464 * reconnect so either the demultiplex thread or the echo worker will reconnect to 465 * newly resolved target. 466 */ 467 if (dfs_cache_find(xid, root_ses, cifs_sb->local_nls, cifs_remap(cifs_sb), target, 468 NULL, &ntl)) { 469 rc = ops->tree_connect(xid, tcon->ses, tree, tcon, cifs_sb->local_nls); 470 if (rc) 471 continue; 472 473 rc = cifs_update_super_prepath(cifs_sb, prefix); 474 } else { 475 /* Target is another dfs share */ 476 rc = update_server_fullpath(server, cifs_sb, target); 477 dfs_cache_free_tgts(tl); 478 479 if (!rc) { 480 rc = -EREMOTE; 481 list_replace_init(&ntl.tl_list, &tl->tl_list); 482 } else 483 dfs_cache_free_tgts(&ntl); 484 } 485 break; 486 } 487 488 out: 489 kfree(share); 490 kfree(prefix); 491 492 return rc; 493 } 494 495 static int tree_connect_dfs_target(const unsigned int xid, struct cifs_tcon *tcon, 496 struct cifs_sb_info *cifs_sb, char *tree, bool islink, 497 struct dfs_cache_tgt_list *tl) 498 { 499 int rc; 500 int num_links = 0; 501 struct TCP_Server_Info *server = tcon->ses->server; 502 char *old_fullpath = server->leaf_fullpath; 503 504 do { 505 rc = __tree_connect_dfs_target(xid, tcon, cifs_sb, tree, islink, tl); 506 if (!rc || rc != -EREMOTE) 507 break; 508 } while (rc = -ELOOP, ++num_links < MAX_NESTED_LINKS); 509 /* 510 * If we couldn't tree connect to any targets from last referral path, then 511 * retry it from newly resolved dfs referral. 512 */ 513 if (rc && server->leaf_fullpath != old_fullpath) 514 cifs_signal_cifsd_for_reconnect(server, true); 515 516 dfs_cache_free_tgts(tl); 517 return rc; 518 } 519 520 int cifs_tree_connect(const unsigned int xid, struct cifs_tcon *tcon, const struct nls_table *nlsc) 521 { 522 int rc; 523 struct TCP_Server_Info *server = tcon->ses->server; 524 const struct smb_version_operations *ops = server->ops; 525 struct dfs_cache_tgt_list tl = DFS_CACHE_TGT_LIST_INIT(tl); 526 struct cifs_sb_info *cifs_sb = NULL; 527 struct super_block *sb = NULL; 528 struct dfs_info3_param ref = {0}; 529 char *tree; 530 531 /* only send once per connect */ 532 spin_lock(&tcon->tc_lock); 533 if (tcon->status == TID_GOOD) { 534 spin_unlock(&tcon->tc_lock); 535 return 0; 536 } 537 538 if (tcon->status != TID_NEW && 539 tcon->status != TID_NEED_TCON) { 540 spin_unlock(&tcon->tc_lock); 541 return -EHOSTDOWN; 542 } 543 544 tcon->status = TID_IN_TCON; 545 spin_unlock(&tcon->tc_lock); 546 547 tree = kzalloc(MAX_TREE_SIZE, GFP_KERNEL); 548 if (!tree) { 549 rc = -ENOMEM; 550 goto out; 551 } 552 553 if (tcon->ipc) { 554 cifs_server_lock(server); 555 scnprintf(tree, MAX_TREE_SIZE, "\\\\%s\\IPC$", server->hostname); 556 cifs_server_unlock(server); 557 rc = ops->tree_connect(xid, tcon->ses, tree, tcon, nlsc); 558 goto out; 559 } 560 561 sb = cifs_get_dfs_tcon_super(tcon); 562 if (!IS_ERR(sb)) 563 cifs_sb = CIFS_SB(sb); 564 565 /* 566 * Tree connect to last share in @tcon->tree_name whether dfs super or 567 * cached dfs referral was not found. 568 */ 569 if (!cifs_sb || !server->leaf_fullpath || 570 dfs_cache_noreq_find(server->leaf_fullpath + 1, &ref, &tl)) { 571 rc = ops->tree_connect(xid, tcon->ses, tcon->tree_name, tcon, 572 cifs_sb ? cifs_sb->local_nls : nlsc); 573 goto out; 574 } 575 576 rc = tree_connect_dfs_target(xid, tcon, cifs_sb, tree, ref.server_type == DFS_TYPE_LINK, 577 &tl); 578 free_dfs_info_param(&ref); 579 580 out: 581 kfree(tree); 582 cifs_put_tcp_super(sb); 583 584 if (rc) { 585 spin_lock(&tcon->tc_lock); 586 if (tcon->status == TID_IN_TCON) 587 tcon->status = TID_NEED_TCON; 588 spin_unlock(&tcon->tc_lock); 589 } else { 590 spin_lock(&tcon->tc_lock); 591 if (tcon->status == TID_IN_TCON) 592 tcon->status = TID_GOOD; 593 spin_unlock(&tcon->tc_lock); 594 tcon->need_reconnect = false; 595 } 596 597 return rc; 598 } 599