xref: /openbmc/linux/fs/smb/client/fs_context.c (revision 79d0150d)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  *   Copyright (C) 2020, Microsoft Corporation.
4  *
5  *   Author(s): Steve French <stfrench@microsoft.com>
6  *              David Howells <dhowells@redhat.com>
7  */
8 
9 /*
10 #include <linux/module.h>
11 #include <linux/nsproxy.h>
12 #include <linux/slab.h>
13 #include <linux/magic.h>
14 #include <linux/security.h>
15 #include <net/net_namespace.h>
16 #ifdef CONFIG_CIFS_DFS_UPCALL
17 #include "dfs_cache.h"
18 #endif
19 */
20 
21 #include <linux/ctype.h>
22 #include <linux/fs_context.h>
23 #include <linux/fs_parser.h>
24 #include <linux/fs.h>
25 #include <linux/mount.h>
26 #include <linux/parser.h>
27 #include <linux/utsname.h>
28 #include "cifsfs.h"
29 #include "cifspdu.h"
30 #include "cifsglob.h"
31 #include "cifsproto.h"
32 #include "cifs_unicode.h"
33 #include "cifs_debug.h"
34 #include "cifs_fs_sb.h"
35 #include "ntlmssp.h"
36 #include "nterr.h"
37 #include "rfc1002pdu.h"
38 #include "fs_context.h"
39 
40 static DEFINE_MUTEX(cifs_mount_mutex);
41 
42 static const match_table_t cifs_smb_version_tokens = {
43 	{ Smb_1, SMB1_VERSION_STRING },
44 	{ Smb_20, SMB20_VERSION_STRING},
45 	{ Smb_21, SMB21_VERSION_STRING },
46 	{ Smb_30, SMB30_VERSION_STRING },
47 	{ Smb_302, SMB302_VERSION_STRING },
48 	{ Smb_302, ALT_SMB302_VERSION_STRING },
49 	{ Smb_311, SMB311_VERSION_STRING },
50 	{ Smb_311, ALT_SMB311_VERSION_STRING },
51 	{ Smb_3any, SMB3ANY_VERSION_STRING },
52 	{ Smb_default, SMBDEFAULT_VERSION_STRING },
53 	{ Smb_version_err, NULL }
54 };
55 
56 static const match_table_t cifs_secflavor_tokens = {
57 	{ Opt_sec_krb5, "krb5" },
58 	{ Opt_sec_krb5i, "krb5i" },
59 	{ Opt_sec_krb5p, "krb5p" },
60 	{ Opt_sec_ntlmsspi, "ntlmsspi" },
61 	{ Opt_sec_ntlmssp, "ntlmssp" },
62 	{ Opt_sec_ntlmv2, "nontlm" },
63 	{ Opt_sec_ntlmv2, "ntlmv2" },
64 	{ Opt_sec_ntlmv2i, "ntlmv2i" },
65 	{ Opt_sec_none, "none" },
66 
67 	{ Opt_sec_err, NULL }
68 };
69 
70 const struct fs_parameter_spec smb3_fs_parameters[] = {
71 	/* Mount options that take no arguments */
72 	fsparam_flag_no("user_xattr", Opt_user_xattr),
73 	fsparam_flag_no("forceuid", Opt_forceuid),
74 	fsparam_flag_no("multichannel", Opt_multichannel),
75 	fsparam_flag_no("forcegid", Opt_forcegid),
76 	fsparam_flag("noblocksend", Opt_noblocksend),
77 	fsparam_flag("noautotune", Opt_noautotune),
78 	fsparam_flag("nolease", Opt_nolease),
79 	fsparam_flag_no("hard", Opt_hard),
80 	fsparam_flag_no("soft", Opt_soft),
81 	fsparam_flag_no("perm", Opt_perm),
82 	fsparam_flag("nodelete", Opt_nodelete),
83 	fsparam_flag_no("mapposix", Opt_mapposix),
84 	fsparam_flag("mapchars", Opt_mapchars),
85 	fsparam_flag("nomapchars", Opt_nomapchars),
86 	fsparam_flag_no("sfu", Opt_sfu),
87 	fsparam_flag("nodfs", Opt_nodfs),
88 	fsparam_flag_no("posixpaths", Opt_posixpaths),
89 	fsparam_flag_no("unix", Opt_unix),
90 	fsparam_flag_no("linux", Opt_unix),
91 	fsparam_flag_no("posix", Opt_unix),
92 	fsparam_flag("nocase", Opt_nocase),
93 	fsparam_flag("ignorecase", Opt_nocase),
94 	fsparam_flag_no("brl", Opt_brl),
95 	fsparam_flag_no("handlecache", Opt_handlecache),
96 	fsparam_flag("forcemandatorylock", Opt_forcemandatorylock),
97 	fsparam_flag("forcemand", Opt_forcemandatorylock),
98 	fsparam_flag("setuidfromacl", Opt_setuidfromacl),
99 	fsparam_flag("idsfromsid", Opt_setuidfromacl),
100 	fsparam_flag_no("setuids", Opt_setuids),
101 	fsparam_flag_no("dynperm", Opt_dynperm),
102 	fsparam_flag_no("intr", Opt_intr),
103 	fsparam_flag_no("strictsync", Opt_strictsync),
104 	fsparam_flag_no("serverino", Opt_serverino),
105 	fsparam_flag("rwpidforward", Opt_rwpidforward),
106 	fsparam_flag("cifsacl", Opt_cifsacl),
107 	fsparam_flag_no("acl", Opt_acl),
108 	fsparam_flag("locallease", Opt_locallease),
109 	fsparam_flag("sign", Opt_sign),
110 	fsparam_flag("ignore_signature", Opt_ignore_signature),
111 	fsparam_flag("signloosely", Opt_ignore_signature),
112 	fsparam_flag("seal", Opt_seal),
113 	fsparam_flag("noac", Opt_noac),
114 	fsparam_flag("fsc", Opt_fsc),
115 	fsparam_flag("mfsymlinks", Opt_mfsymlinks),
116 	fsparam_flag("multiuser", Opt_multiuser),
117 	fsparam_flag("sloppy", Opt_sloppy),
118 	fsparam_flag("nosharesock", Opt_nosharesock),
119 	fsparam_flag_no("persistenthandles", Opt_persistent),
120 	fsparam_flag_no("resilienthandles", Opt_resilient),
121 	fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay),
122 	fsparam_flag("nosparse", Opt_nosparse),
123 	fsparam_flag("domainauto", Opt_domainauto),
124 	fsparam_flag("rdma", Opt_rdma),
125 	fsparam_flag("modesid", Opt_modesid),
126 	fsparam_flag("modefromsid", Opt_modesid),
127 	fsparam_flag("rootfs", Opt_rootfs),
128 	fsparam_flag("compress", Opt_compress),
129 	fsparam_flag("witness", Opt_witness),
130 
131 	/* Mount options which take numeric value */
132 	fsparam_u32("backupuid", Opt_backupuid),
133 	fsparam_u32("backupgid", Opt_backupgid),
134 	fsparam_u32("uid", Opt_uid),
135 	fsparam_u32("cruid", Opt_cruid),
136 	fsparam_u32("gid", Opt_gid),
137 	fsparam_u32("file_mode", Opt_file_mode),
138 	fsparam_u32("dirmode", Opt_dirmode),
139 	fsparam_u32("dir_mode", Opt_dirmode),
140 	fsparam_u32("port", Opt_port),
141 	fsparam_u32("min_enc_offload", Opt_min_enc_offload),
142 	fsparam_u32("esize", Opt_min_enc_offload),
143 	fsparam_u32("bsize", Opt_blocksize),
144 	fsparam_u32("rasize", Opt_rasize),
145 	fsparam_u32("rsize", Opt_rsize),
146 	fsparam_u32("wsize", Opt_wsize),
147 	fsparam_u32("actimeo", Opt_actimeo),
148 	fsparam_u32("acdirmax", Opt_acdirmax),
149 	fsparam_u32("acregmax", Opt_acregmax),
150 	fsparam_u32("closetimeo", Opt_closetimeo),
151 	fsparam_u32("echo_interval", Opt_echo_interval),
152 	fsparam_u32("max_credits", Opt_max_credits),
153 	fsparam_u32("handletimeout", Opt_handletimeout),
154 	fsparam_u64("snapshot", Opt_snapshot),
155 	fsparam_u32("max_channels", Opt_max_channels),
156 
157 	/* Mount options which take string value */
158 	fsparam_string("source", Opt_source),
159 	fsparam_string("user", Opt_user),
160 	fsparam_string("username", Opt_user),
161 	fsparam_string("pass", Opt_pass),
162 	fsparam_string("password", Opt_pass),
163 	fsparam_string("ip", Opt_ip),
164 	fsparam_string("addr", Opt_ip),
165 	fsparam_string("domain", Opt_domain),
166 	fsparam_string("dom", Opt_domain),
167 	fsparam_string("srcaddr", Opt_srcaddr),
168 	fsparam_string("iocharset", Opt_iocharset),
169 	fsparam_string("netbiosname", Opt_netbiosname),
170 	fsparam_string("servern", Opt_servern),
171 	fsparam_string("ver", Opt_ver),
172 	fsparam_string("vers", Opt_vers),
173 	fsparam_string("sec", Opt_sec),
174 	fsparam_string("cache", Opt_cache),
175 
176 	/* Arguments that should be ignored */
177 	fsparam_flag("guest", Opt_ignore),
178 	fsparam_flag("noatime", Opt_ignore),
179 	fsparam_flag("relatime", Opt_ignore),
180 	fsparam_flag("_netdev", Opt_ignore),
181 	fsparam_flag_no("suid", Opt_ignore),
182 	fsparam_flag_no("exec", Opt_ignore),
183 	fsparam_flag_no("dev", Opt_ignore),
184 	fsparam_flag_no("mand", Opt_ignore),
185 	fsparam_flag_no("auto", Opt_ignore),
186 	fsparam_string("cred", Opt_ignore),
187 	fsparam_string("credentials", Opt_ignore),
188 	/*
189 	 * UNC and prefixpath is now extracted from Opt_source
190 	 * in the new mount API so we can just ignore them going forward.
191 	 */
192 	fsparam_string("unc", Opt_ignore),
193 	fsparam_string("prefixpath", Opt_ignore),
194 	{}
195 };
196 
197 static int
198 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
199 {
200 
201 	substring_t args[MAX_OPT_ARGS];
202 
203 	/*
204 	 * With mount options, the last one should win. Reset any existing
205 	 * settings back to default.
206 	 */
207 	ctx->sectype = Unspecified;
208 	ctx->sign = false;
209 
210 	switch (match_token(value, cifs_secflavor_tokens, args)) {
211 	case Opt_sec_krb5p:
212 		cifs_errorf(fc, "sec=krb5p is not supported!\n");
213 		return 1;
214 	case Opt_sec_krb5i:
215 		ctx->sign = true;
216 		fallthrough;
217 	case Opt_sec_krb5:
218 		ctx->sectype = Kerberos;
219 		break;
220 	case Opt_sec_ntlmsspi:
221 		ctx->sign = true;
222 		fallthrough;
223 	case Opt_sec_ntlmssp:
224 		ctx->sectype = RawNTLMSSP;
225 		break;
226 	case Opt_sec_ntlmv2i:
227 		ctx->sign = true;
228 		fallthrough;
229 	case Opt_sec_ntlmv2:
230 		ctx->sectype = NTLMv2;
231 		break;
232 	case Opt_sec_none:
233 		ctx->nullauth = 1;
234 		break;
235 	default:
236 		cifs_errorf(fc, "bad security option: %s\n", value);
237 		return 1;
238 	}
239 
240 	return 0;
241 }
242 
243 static const match_table_t cifs_cacheflavor_tokens = {
244 	{ Opt_cache_loose, "loose" },
245 	{ Opt_cache_strict, "strict" },
246 	{ Opt_cache_none, "none" },
247 	{ Opt_cache_ro, "ro" },
248 	{ Opt_cache_rw, "singleclient" },
249 	{ Opt_cache_err, NULL }
250 };
251 
252 static int
253 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
254 {
255 	substring_t args[MAX_OPT_ARGS];
256 
257 	switch (match_token(value, cifs_cacheflavor_tokens, args)) {
258 	case Opt_cache_loose:
259 		ctx->direct_io = false;
260 		ctx->strict_io = false;
261 		ctx->cache_ro = false;
262 		ctx->cache_rw = false;
263 		break;
264 	case Opt_cache_strict:
265 		ctx->direct_io = false;
266 		ctx->strict_io = true;
267 		ctx->cache_ro = false;
268 		ctx->cache_rw = false;
269 		break;
270 	case Opt_cache_none:
271 		ctx->direct_io = true;
272 		ctx->strict_io = false;
273 		ctx->cache_ro = false;
274 		ctx->cache_rw = false;
275 		break;
276 	case Opt_cache_ro:
277 		ctx->direct_io = false;
278 		ctx->strict_io = false;
279 		ctx->cache_ro = true;
280 		ctx->cache_rw = false;
281 		break;
282 	case Opt_cache_rw:
283 		ctx->direct_io = false;
284 		ctx->strict_io = false;
285 		ctx->cache_ro = false;
286 		ctx->cache_rw = true;
287 		break;
288 	default:
289 		cifs_errorf(fc, "bad cache= option: %s\n", value);
290 		return 1;
291 	}
292 	return 0;
293 }
294 
295 #define DUP_CTX_STR(field)						\
296 do {									\
297 	if (ctx->field) {						\
298 		new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC);	\
299 		if (new_ctx->field == NULL) {				\
300 			smb3_cleanup_fs_context_contents(new_ctx);	\
301 			return -ENOMEM;					\
302 		}							\
303 	}								\
304 } while (0)
305 
306 int
307 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx)
308 {
309 	memcpy(new_ctx, ctx, sizeof(*ctx));
310 	new_ctx->prepath = NULL;
311 	new_ctx->nodename = NULL;
312 	new_ctx->username = NULL;
313 	new_ctx->password = NULL;
314 	new_ctx->server_hostname = NULL;
315 	new_ctx->domainname = NULL;
316 	new_ctx->UNC = NULL;
317 	new_ctx->source = NULL;
318 	new_ctx->iocharset = NULL;
319 	new_ctx->leaf_fullpath = NULL;
320 	/*
321 	 * Make sure to stay in sync with smb3_cleanup_fs_context_contents()
322 	 */
323 	DUP_CTX_STR(prepath);
324 	DUP_CTX_STR(username);
325 	DUP_CTX_STR(password);
326 	DUP_CTX_STR(server_hostname);
327 	DUP_CTX_STR(UNC);
328 	DUP_CTX_STR(source);
329 	DUP_CTX_STR(domainname);
330 	DUP_CTX_STR(nodename);
331 	DUP_CTX_STR(iocharset);
332 	DUP_CTX_STR(leaf_fullpath);
333 
334 	return 0;
335 }
336 
337 static int
338 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3)
339 {
340 	substring_t args[MAX_OPT_ARGS];
341 
342 	switch (match_token(value, cifs_smb_version_tokens, args)) {
343 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
344 	case Smb_1:
345 		if (disable_legacy_dialects) {
346 			cifs_errorf(fc, "mount with legacy dialect disabled\n");
347 			return 1;
348 		}
349 		if (is_smb3) {
350 			cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
351 			return 1;
352 		}
353 		cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
354 		ctx->ops = &smb1_operations;
355 		ctx->vals = &smb1_values;
356 		break;
357 	case Smb_20:
358 		if (disable_legacy_dialects) {
359 			cifs_errorf(fc, "mount with legacy dialect disabled\n");
360 			return 1;
361 		}
362 		if (is_smb3) {
363 			cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n");
364 			return 1;
365 		}
366 		ctx->ops = &smb20_operations;
367 		ctx->vals = &smb20_values;
368 		break;
369 #else
370 	case Smb_1:
371 		cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
372 		return 1;
373 	case Smb_20:
374 		cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n");
375 		return 1;
376 #endif /* CIFS_ALLOW_INSECURE_LEGACY */
377 	case Smb_21:
378 		ctx->ops = &smb21_operations;
379 		ctx->vals = &smb21_values;
380 		break;
381 	case Smb_30:
382 		ctx->ops = &smb30_operations;
383 		ctx->vals = &smb30_values;
384 		break;
385 	case Smb_302:
386 		ctx->ops = &smb30_operations; /* currently identical with 3.0 */
387 		ctx->vals = &smb302_values;
388 		break;
389 	case Smb_311:
390 		ctx->ops = &smb311_operations;
391 		ctx->vals = &smb311_values;
392 		break;
393 	case Smb_3any:
394 		ctx->ops = &smb30_operations; /* currently identical with 3.0 */
395 		ctx->vals = &smb3any_values;
396 		break;
397 	case Smb_default:
398 		ctx->ops = &smb30_operations;
399 		ctx->vals = &smbdefault_values;
400 		break;
401 	default:
402 		cifs_errorf(fc, "Unknown vers= option specified: %s\n", value);
403 		return 1;
404 	}
405 	return 0;
406 }
407 
408 int smb3_parse_opt(const char *options, const char *key, char **val)
409 {
410 	int rc = -ENOENT;
411 	char *opts, *orig, *p;
412 
413 	orig = opts = kstrdup(options, GFP_KERNEL);
414 	if (!opts)
415 		return -ENOMEM;
416 
417 	while ((p = strsep(&opts, ","))) {
418 		char *nval;
419 
420 		if (!*p)
421 			continue;
422 		if (strncasecmp(p, key, strlen(key)))
423 			continue;
424 		nval = strchr(p, '=');
425 		if (nval) {
426 			if (nval == p)
427 				continue;
428 			*nval++ = 0;
429 			*val = kstrdup(nval, GFP_KERNEL);
430 			rc = !*val ? -ENOMEM : 0;
431 			goto out;
432 		}
433 	}
434 out:
435 	kfree(orig);
436 	return rc;
437 }
438 
439 /*
440  * Remove duplicate path delimiters. Windows is supposed to do that
441  * but there are some bugs that prevent rename from working if there are
442  * multiple delimiters.
443  *
444  * Returns a sanitized duplicate of @path. @gfp indicates the GFP_* flags
445  * for kstrdup.
446  * The caller is responsible for freeing the original.
447  */
448 #define IS_DELIM(c) ((c) == '/' || (c) == '\\')
449 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp)
450 {
451 	char *cursor1 = prepath, *cursor2 = prepath;
452 
453 	/* skip all prepended delimiters */
454 	while (IS_DELIM(*cursor1))
455 		cursor1++;
456 
457 	/* copy the first letter */
458 	*cursor2 = *cursor1;
459 
460 	/* copy the remainder... */
461 	while (*(cursor1++)) {
462 		/* ... skipping all duplicated delimiters */
463 		if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2))
464 			continue;
465 		*(++cursor2) = *cursor1;
466 	}
467 
468 	/* if the last character is a delimiter, skip it */
469 	if (IS_DELIM(*(cursor2 - 1)))
470 		cursor2--;
471 
472 	*(cursor2) = '\0';
473 	return kstrdup(prepath, gfp);
474 }
475 
476 /*
477  * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath
478  * fields with the result. Returns 0 on success and an error otherwise
479  * (e.g. ENOMEM or EINVAL)
480  */
481 int
482 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
483 {
484 	char *pos;
485 	const char *delims = "/\\";
486 	size_t len;
487 
488 	if (unlikely(!devname || !*devname)) {
489 		cifs_dbg(VFS, "Device name not specified\n");
490 		return -EINVAL;
491 	}
492 
493 	/* make sure we have a valid UNC double delimiter prefix */
494 	len = strspn(devname, delims);
495 	if (len != 2)
496 		return -EINVAL;
497 
498 	/* find delimiter between host and sharename */
499 	pos = strpbrk(devname + 2, delims);
500 	if (!pos)
501 		return -EINVAL;
502 
503 	/* record the server hostname */
504 	kfree(ctx->server_hostname);
505 	ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL);
506 	if (!ctx->server_hostname)
507 		return -ENOMEM;
508 
509 	/* skip past delimiter */
510 	++pos;
511 
512 	/* now go until next delimiter or end of string */
513 	len = strcspn(pos, delims);
514 
515 	/* move "pos" up to delimiter or NULL */
516 	pos += len;
517 	kfree(ctx->UNC);
518 	ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
519 	if (!ctx->UNC)
520 		return -ENOMEM;
521 
522 	convert_delimiter(ctx->UNC, '\\');
523 
524 	/* skip any delimiter */
525 	if (*pos == '/' || *pos == '\\')
526 		pos++;
527 
528 	kfree(ctx->prepath);
529 	ctx->prepath = NULL;
530 
531 	/* If pos is NULL then no prepath */
532 	if (!*pos)
533 		return 0;
534 
535 	ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL);
536 	if (!ctx->prepath)
537 		return -ENOMEM;
538 
539 	return 0;
540 }
541 
542 static void smb3_fs_context_free(struct fs_context *fc);
543 static int smb3_fs_context_parse_param(struct fs_context *fc,
544 				       struct fs_parameter *param);
545 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
546 					    void *data);
547 static int smb3_get_tree(struct fs_context *fc);
548 static int smb3_reconfigure(struct fs_context *fc);
549 
550 static const struct fs_context_operations smb3_fs_context_ops = {
551 	.free			= smb3_fs_context_free,
552 	.parse_param		= smb3_fs_context_parse_param,
553 	.parse_monolithic	= smb3_fs_context_parse_monolithic,
554 	.get_tree		= smb3_get_tree,
555 	.reconfigure		= smb3_reconfigure,
556 };
557 
558 /*
559  * Parse a monolithic block of data from sys_mount().
560  * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data
561  * @ctx: The superblock configuration to fill in.
562  * @data: The data to parse
563  *
564  * Parse a blob of data that's in key[=val][,key[=val]]* form.  This can be
565  * called from the ->monolithic_mount_data() fs_context operation.
566  *
567  * Returns 0 on success or the error returned by the ->parse_option() fs_context
568  * operation on failure.
569  */
570 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
571 					   void *data)
572 {
573 	char *options = data, *key;
574 	int ret = 0;
575 
576 	if (!options)
577 		return 0;
578 
579 	ret = security_sb_eat_lsm_opts(options, &fc->security);
580 	if (ret)
581 		return ret;
582 
583 	/* BB Need to add support for sep= here TBD */
584 	while ((key = strsep(&options, ",")) != NULL) {
585 		size_t len;
586 		char *value;
587 
588 		if (*key == 0)
589 			break;
590 
591 		/* Check if following character is the deliminator If yes,
592 		 * we have encountered a double deliminator reset the NULL
593 		 * character to the deliminator
594 		 */
595 		while (options && options[0] == ',') {
596 			len = strlen(key);
597 			strcpy(key + len, options);
598 			options = strchr(options, ',');
599 			if (options)
600 				*options++ = 0;
601 		}
602 
603 
604 		len = 0;
605 		value = strchr(key, '=');
606 		if (value) {
607 			if (value == key)
608 				continue;
609 			*value++ = 0;
610 			len = strlen(value);
611 		}
612 
613 		ret = vfs_parse_fs_string(fc, key, value, len);
614 		if (ret < 0)
615 			break;
616 	}
617 
618 	return ret;
619 }
620 
621 /*
622  * Validate the preparsed information in the config.
623  */
624 static int smb3_fs_context_validate(struct fs_context *fc)
625 {
626 	struct smb3_fs_context *ctx = smb3_fc2context(fc);
627 
628 	if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) {
629 		cifs_errorf(fc, "SMB Direct requires Version >=3.0\n");
630 		return -EOPNOTSUPP;
631 	}
632 
633 #ifndef CONFIG_KEYS
634 	/* Muliuser mounts require CONFIG_KEYS support */
635 	if (ctx->multiuser) {
636 		cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
637 		return -1;
638 	}
639 #endif
640 
641 	if (ctx->got_version == false)
642 		pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n");
643 
644 
645 	if (!ctx->UNC) {
646 		cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n");
647 		return -1;
648 	}
649 
650 	/* make sure UNC has a share name */
651 	if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) {
652 		cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n");
653 		return -ENOENT;
654 	}
655 
656 	if (!ctx->got_ip) {
657 		int len;
658 		const char *slash;
659 
660 		/* No ip= option specified? Try to get it from UNC */
661 		/* Use the address part of the UNC. */
662 		slash = strchr(&ctx->UNC[2], '\\');
663 		len = slash - &ctx->UNC[2];
664 		if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
665 					  &ctx->UNC[2], len)) {
666 			pr_err("Unable to determine destination address\n");
667 			return -EHOSTUNREACH;
668 		}
669 	}
670 
671 	/* set the port that we got earlier */
672 	cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port);
673 
674 	if (ctx->override_uid && !ctx->uid_specified) {
675 		ctx->override_uid = 0;
676 		pr_notice("ignoring forceuid mount option specified with no uid= option\n");
677 	}
678 
679 	if (ctx->override_gid && !ctx->gid_specified) {
680 		ctx->override_gid = 0;
681 		pr_notice("ignoring forcegid mount option specified with no gid= option\n");
682 	}
683 
684 	return 0;
685 }
686 
687 static int smb3_get_tree_common(struct fs_context *fc)
688 {
689 	struct smb3_fs_context *ctx = smb3_fc2context(fc);
690 	struct dentry *root;
691 	int rc = 0;
692 
693 	root = cifs_smb3_do_mount(fc->fs_type, 0, ctx);
694 	if (IS_ERR(root))
695 		return PTR_ERR(root);
696 
697 	fc->root = root;
698 
699 	return rc;
700 }
701 
702 /*
703  * Create an SMB3 superblock from the parameters passed.
704  */
705 static int smb3_get_tree(struct fs_context *fc)
706 {
707 	int err = smb3_fs_context_validate(fc);
708 	int ret;
709 
710 	if (err)
711 		return err;
712 	mutex_lock(&cifs_mount_mutex);
713 	ret = smb3_get_tree_common(fc);
714 	mutex_unlock(&cifs_mount_mutex);
715 	return ret;
716 }
717 
718 static void smb3_fs_context_free(struct fs_context *fc)
719 {
720 	struct smb3_fs_context *ctx = smb3_fc2context(fc);
721 
722 	smb3_cleanup_fs_context(ctx);
723 }
724 
725 /*
726  * Compare the old and new proposed context during reconfigure
727  * and check if the changes are compatible.
728  */
729 static int smb3_verify_reconfigure_ctx(struct fs_context *fc,
730 				       struct smb3_fs_context *new_ctx,
731 				       struct smb3_fs_context *old_ctx)
732 {
733 	if (new_ctx->posix_paths != old_ctx->posix_paths) {
734 		cifs_errorf(fc, "can not change posixpaths during remount\n");
735 		return -EINVAL;
736 	}
737 	if (new_ctx->sectype != old_ctx->sectype) {
738 		cifs_errorf(fc, "can not change sec during remount\n");
739 		return -EINVAL;
740 	}
741 	if (new_ctx->multiuser != old_ctx->multiuser) {
742 		cifs_errorf(fc, "can not change multiuser during remount\n");
743 		return -EINVAL;
744 	}
745 	if (new_ctx->UNC &&
746 	    (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) {
747 		cifs_errorf(fc, "can not change UNC during remount\n");
748 		return -EINVAL;
749 	}
750 	if (new_ctx->username &&
751 	    (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) {
752 		cifs_errorf(fc, "can not change username during remount\n");
753 		return -EINVAL;
754 	}
755 	if (new_ctx->password &&
756 	    (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) {
757 		cifs_errorf(fc, "can not change password during remount\n");
758 		return -EINVAL;
759 	}
760 	if (new_ctx->domainname &&
761 	    (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) {
762 		cifs_errorf(fc, "can not change domainname during remount\n");
763 		return -EINVAL;
764 	}
765 	if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) {
766 		cifs_errorf(fc, "can not change workstation_name during remount\n");
767 		return -EINVAL;
768 	}
769 	if (new_ctx->nodename &&
770 	    (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) {
771 		cifs_errorf(fc, "can not change nodename during remount\n");
772 		return -EINVAL;
773 	}
774 	if (new_ctx->iocharset &&
775 	    (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) {
776 		cifs_errorf(fc, "can not change iocharset during remount\n");
777 		return -EINVAL;
778 	}
779 
780 	return 0;
781 }
782 
783 #define STEAL_STRING(cifs_sb, ctx, field)				\
784 do {									\
785 	kfree(ctx->field);						\
786 	ctx->field = cifs_sb->ctx->field;				\
787 	cifs_sb->ctx->field = NULL;					\
788 } while (0)
789 
790 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field)			\
791 do {									\
792 	kfree_sensitive(ctx->field);					\
793 	ctx->field = cifs_sb->ctx->field;				\
794 	cifs_sb->ctx->field = NULL;					\
795 } while (0)
796 
797 static int smb3_reconfigure(struct fs_context *fc)
798 {
799 	struct smb3_fs_context *ctx = smb3_fc2context(fc);
800 	struct dentry *root = fc->root;
801 	struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb);
802 	int rc;
803 
804 	rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx);
805 	if (rc)
806 		return rc;
807 
808 	/*
809 	 * We can not change UNC/username/password/domainname/
810 	 * workstation_name/nodename/iocharset
811 	 * during reconnect so ignore what we have in the new context and
812 	 * just use what we already have in cifs_sb->ctx.
813 	 */
814 	STEAL_STRING(cifs_sb, ctx, UNC);
815 	STEAL_STRING(cifs_sb, ctx, source);
816 	STEAL_STRING(cifs_sb, ctx, username);
817 	STEAL_STRING_SENSITIVE(cifs_sb, ctx, password);
818 	STEAL_STRING(cifs_sb, ctx, domainname);
819 	STEAL_STRING(cifs_sb, ctx, nodename);
820 	STEAL_STRING(cifs_sb, ctx, iocharset);
821 
822 	/* if rsize or wsize not passed in on remount, use previous values */
823 	if (ctx->rsize == 0)
824 		ctx->rsize = cifs_sb->ctx->rsize;
825 	if (ctx->wsize == 0)
826 		ctx->wsize = cifs_sb->ctx->wsize;
827 
828 
829 	smb3_cleanup_fs_context_contents(cifs_sb->ctx);
830 	rc = smb3_fs_context_dup(cifs_sb->ctx, ctx);
831 	smb3_update_mnt_flags(cifs_sb);
832 #ifdef CONFIG_CIFS_DFS_UPCALL
833 	if (!rc)
834 		rc = dfs_cache_remount_fs(cifs_sb);
835 #endif
836 
837 	return rc;
838 }
839 
840 static int smb3_fs_context_parse_param(struct fs_context *fc,
841 				      struct fs_parameter *param)
842 {
843 	struct fs_parse_result result;
844 	struct smb3_fs_context *ctx = smb3_fc2context(fc);
845 	int i, opt;
846 	bool is_smb3 = !strcmp(fc->fs_type->name, "smb3");
847 	bool skip_parsing = false;
848 	kuid_t uid;
849 	kgid_t gid;
850 
851 	cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key);
852 
853 	/*
854 	 * fs_parse can not handle string options with an empty value so
855 	 * we will need special handling of them.
856 	 */
857 	if (param->type == fs_value_is_string && param->string[0] == 0) {
858 		if (!strcmp("pass", param->key) || !strcmp("password", param->key)) {
859 			skip_parsing = true;
860 			opt = Opt_pass;
861 		} else if (!strcmp("user", param->key) || !strcmp("username", param->key)) {
862 			skip_parsing = true;
863 			opt = Opt_user;
864 		}
865 	}
866 
867 	if (!skip_parsing) {
868 		opt = fs_parse(fc, smb3_fs_parameters, param, &result);
869 		if (opt < 0)
870 			return ctx->sloppy ? 1 : opt;
871 	}
872 
873 	switch (opt) {
874 	case Opt_compress:
875 		ctx->compression = UNKNOWN_TYPE;
876 		cifs_dbg(VFS,
877 			"SMB3 compression support is experimental\n");
878 		break;
879 	case Opt_nodfs:
880 		ctx->nodfs = 1;
881 		break;
882 	case Opt_hard:
883 		if (result.negated) {
884 			if (ctx->retry == 1)
885 				cifs_dbg(VFS, "conflicting hard vs. soft mount options\n");
886 			ctx->retry = 0;
887 		} else
888 			ctx->retry = 1;
889 		break;
890 	case Opt_soft:
891 		if (result.negated)
892 			ctx->retry = 1;
893 		else {
894 			if (ctx->retry == 1)
895 				cifs_dbg(VFS, "conflicting hard vs soft mount options\n");
896 			ctx->retry = 0;
897 		}
898 		break;
899 	case Opt_mapposix:
900 		if (result.negated)
901 			ctx->remap = false;
902 		else {
903 			ctx->remap = true;
904 			ctx->sfu_remap = false; /* disable SFU mapping */
905 		}
906 		break;
907 	case Opt_mapchars:
908 		if (result.negated)
909 			ctx->sfu_remap = false;
910 		else {
911 			ctx->sfu_remap = true;
912 			ctx->remap = false; /* disable SFM (mapposix) mapping */
913 		}
914 		break;
915 	case Opt_user_xattr:
916 		if (result.negated)
917 			ctx->no_xattr = 1;
918 		else
919 			ctx->no_xattr = 0;
920 		break;
921 	case Opt_forceuid:
922 		if (result.negated)
923 			ctx->override_uid = 0;
924 		else
925 			ctx->override_uid = 1;
926 		break;
927 	case Opt_forcegid:
928 		if (result.negated)
929 			ctx->override_gid = 0;
930 		else
931 			ctx->override_gid = 1;
932 		break;
933 	case Opt_perm:
934 		if (result.negated)
935 			ctx->noperm = 1;
936 		else
937 			ctx->noperm = 0;
938 		break;
939 	case Opt_dynperm:
940 		if (result.negated)
941 			ctx->dynperm = 0;
942 		else
943 			ctx->dynperm = 1;
944 		break;
945 	case Opt_sfu:
946 		if (result.negated)
947 			ctx->sfu_emul = 0;
948 		else
949 			ctx->sfu_emul = 1;
950 		break;
951 	case Opt_noblocksend:
952 		ctx->noblocksnd = 1;
953 		break;
954 	case Opt_noautotune:
955 		ctx->noautotune = 1;
956 		break;
957 	case Opt_nolease:
958 		ctx->no_lease = 1;
959 		break;
960 	case Opt_nosparse:
961 		ctx->no_sparse = 1;
962 		break;
963 	case Opt_nodelete:
964 		ctx->nodelete = 1;
965 		break;
966 	case Opt_multichannel:
967 		if (result.negated) {
968 			ctx->multichannel = false;
969 			ctx->max_channels = 1;
970 		} else {
971 			ctx->multichannel = true;
972 			/* if number of channels not specified, default to 2 */
973 			if (ctx->max_channels < 2)
974 				ctx->max_channels = 2;
975 		}
976 		break;
977 	case Opt_uid:
978 		uid = make_kuid(current_user_ns(), result.uint_32);
979 		if (!uid_valid(uid))
980 			goto cifs_parse_mount_err;
981 		ctx->linux_uid = uid;
982 		ctx->uid_specified = true;
983 		break;
984 	case Opt_cruid:
985 		uid = make_kuid(current_user_ns(), result.uint_32);
986 		if (!uid_valid(uid))
987 			goto cifs_parse_mount_err;
988 		ctx->cred_uid = uid;
989 		ctx->cruid_specified = true;
990 		break;
991 	case Opt_backupuid:
992 		uid = make_kuid(current_user_ns(), result.uint_32);
993 		if (!uid_valid(uid))
994 			goto cifs_parse_mount_err;
995 		ctx->backupuid = uid;
996 		ctx->backupuid_specified = true;
997 		break;
998 	case Opt_backupgid:
999 		gid = make_kgid(current_user_ns(), result.uint_32);
1000 		if (!gid_valid(gid))
1001 			goto cifs_parse_mount_err;
1002 		ctx->backupgid = gid;
1003 		ctx->backupgid_specified = true;
1004 		break;
1005 	case Opt_gid:
1006 		gid = make_kgid(current_user_ns(), result.uint_32);
1007 		if (!gid_valid(gid))
1008 			goto cifs_parse_mount_err;
1009 		ctx->linux_gid = gid;
1010 		ctx->gid_specified = true;
1011 		break;
1012 	case Opt_port:
1013 		ctx->port = result.uint_32;
1014 		break;
1015 	case Opt_file_mode:
1016 		ctx->file_mode = result.uint_32;
1017 		break;
1018 	case Opt_dirmode:
1019 		ctx->dir_mode = result.uint_32;
1020 		break;
1021 	case Opt_min_enc_offload:
1022 		ctx->min_offload = result.uint_32;
1023 		break;
1024 	case Opt_blocksize:
1025 		/*
1026 		 * inode blocksize realistically should never need to be
1027 		 * less than 16K or greater than 16M and default is 1MB.
1028 		 * Note that small inode block sizes (e.g. 64K) can lead
1029 		 * to very poor performance of common tools like cp and scp
1030 		 */
1031 		if ((result.uint_32 < CIFS_MAX_MSGSIZE) ||
1032 		   (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) {
1033 			cifs_errorf(fc, "%s: Invalid blocksize\n",
1034 				__func__);
1035 			goto cifs_parse_mount_err;
1036 		}
1037 		ctx->bsize = result.uint_32;
1038 		ctx->got_bsize = true;
1039 		break;
1040 	case Opt_rasize:
1041 		/*
1042 		 * readahead size realistically should never need to be
1043 		 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M
1044 		 * (perhaps an exception should be considered in the
1045 		 * for the case of a large number of channels
1046 		 * when multichannel is negotiated) since that would lead
1047 		 * to plenty of parallel I/O in flight to the server.
1048 		 * Note that smaller read ahead sizes would
1049 		 * hurt performance of common tools like cp and scp
1050 		 * which often trigger sequential i/o with read ahead
1051 		 */
1052 		if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) ||
1053 		    (result.uint_32 < CIFS_DEFAULT_IOSIZE)) {
1054 			cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n",
1055 				__func__, result.uint_32, SMB3_DEFAULT_IOSIZE);
1056 			goto cifs_parse_mount_err;
1057 		}
1058 		ctx->rasize = result.uint_32;
1059 		break;
1060 	case Opt_rsize:
1061 		ctx->rsize = result.uint_32;
1062 		ctx->got_rsize = true;
1063 		break;
1064 	case Opt_wsize:
1065 		ctx->wsize = result.uint_32;
1066 		ctx->got_wsize = true;
1067 		break;
1068 	case Opt_acregmax:
1069 		ctx->acregmax = HZ * result.uint_32;
1070 		if (ctx->acregmax > CIFS_MAX_ACTIMEO) {
1071 			cifs_errorf(fc, "acregmax too large\n");
1072 			goto cifs_parse_mount_err;
1073 		}
1074 		break;
1075 	case Opt_acdirmax:
1076 		ctx->acdirmax = HZ * result.uint_32;
1077 		if (ctx->acdirmax > CIFS_MAX_ACTIMEO) {
1078 			cifs_errorf(fc, "acdirmax too large\n");
1079 			goto cifs_parse_mount_err;
1080 		}
1081 		break;
1082 	case Opt_actimeo:
1083 		if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) {
1084 			cifs_errorf(fc, "timeout too large\n");
1085 			goto cifs_parse_mount_err;
1086 		}
1087 		if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) ||
1088 		    (ctx->acregmax != CIFS_DEF_ACTIMEO)) {
1089 			cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n");
1090 			break;
1091 		}
1092 		ctx->acdirmax = ctx->acregmax = HZ * result.uint_32;
1093 		break;
1094 	case Opt_closetimeo:
1095 		ctx->closetimeo = HZ * result.uint_32;
1096 		if (ctx->closetimeo > SMB3_MAX_DCLOSETIMEO) {
1097 			cifs_errorf(fc, "closetimeo too large\n");
1098 			goto cifs_parse_mount_err;
1099 		}
1100 		break;
1101 	case Opt_echo_interval:
1102 		ctx->echo_interval = result.uint_32;
1103 		break;
1104 	case Opt_snapshot:
1105 		ctx->snapshot_time = result.uint_64;
1106 		break;
1107 	case Opt_max_credits:
1108 		if (result.uint_32 < 20 || result.uint_32 > 60000) {
1109 			cifs_errorf(fc, "%s: Invalid max_credits value\n",
1110 				 __func__);
1111 			goto cifs_parse_mount_err;
1112 		}
1113 		ctx->max_credits = result.uint_32;
1114 		break;
1115 	case Opt_max_channels:
1116 		if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) {
1117 			cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n",
1118 				 __func__, CIFS_MAX_CHANNELS);
1119 			goto cifs_parse_mount_err;
1120 		}
1121 		ctx->max_channels = result.uint_32;
1122 		/* If more than one channel requested ... they want multichan */
1123 		if (result.uint_32 > 1)
1124 			ctx->multichannel = true;
1125 		break;
1126 	case Opt_handletimeout:
1127 		ctx->handle_timeout = result.uint_32;
1128 		if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) {
1129 			cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n");
1130 			goto cifs_parse_mount_err;
1131 		}
1132 		break;
1133 	case Opt_source:
1134 		kfree(ctx->UNC);
1135 		ctx->UNC = NULL;
1136 		switch (smb3_parse_devname(param->string, ctx)) {
1137 		case 0:
1138 			break;
1139 		case -ENOMEM:
1140 			cifs_errorf(fc, "Unable to allocate memory for devname\n");
1141 			goto cifs_parse_mount_err;
1142 		case -EINVAL:
1143 			cifs_errorf(fc, "Malformed UNC in devname\n");
1144 			goto cifs_parse_mount_err;
1145 		default:
1146 			cifs_errorf(fc, "Unknown error parsing devname\n");
1147 			goto cifs_parse_mount_err;
1148 		}
1149 		ctx->source = kstrdup(param->string, GFP_KERNEL);
1150 		if (ctx->source == NULL) {
1151 			cifs_errorf(fc, "OOM when copying UNC string\n");
1152 			goto cifs_parse_mount_err;
1153 		}
1154 		fc->source = kstrdup(param->string, GFP_KERNEL);
1155 		if (fc->source == NULL) {
1156 			cifs_errorf(fc, "OOM when copying UNC string\n");
1157 			goto cifs_parse_mount_err;
1158 		}
1159 		break;
1160 	case Opt_user:
1161 		kfree(ctx->username);
1162 		ctx->username = NULL;
1163 		if (strlen(param->string) == 0) {
1164 			/* null user, ie. anonymous authentication */
1165 			ctx->nullauth = 1;
1166 			break;
1167 		}
1168 
1169 		if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) >
1170 		    CIFS_MAX_USERNAME_LEN) {
1171 			pr_warn("username too long\n");
1172 			goto cifs_parse_mount_err;
1173 		}
1174 		ctx->username = kstrdup(param->string, GFP_KERNEL);
1175 		if (ctx->username == NULL) {
1176 			cifs_errorf(fc, "OOM when copying username string\n");
1177 			goto cifs_parse_mount_err;
1178 		}
1179 		break;
1180 	case Opt_pass:
1181 		kfree_sensitive(ctx->password);
1182 		ctx->password = NULL;
1183 		if (strlen(param->string) == 0)
1184 			break;
1185 
1186 		ctx->password = kstrdup(param->string, GFP_KERNEL);
1187 		if (ctx->password == NULL) {
1188 			cifs_errorf(fc, "OOM when copying password string\n");
1189 			goto cifs_parse_mount_err;
1190 		}
1191 		break;
1192 	case Opt_ip:
1193 		if (strlen(param->string) == 0) {
1194 			ctx->got_ip = false;
1195 			break;
1196 		}
1197 		if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
1198 					  param->string,
1199 					  strlen(param->string))) {
1200 			pr_err("bad ip= option (%s)\n", param->string);
1201 			goto cifs_parse_mount_err;
1202 		}
1203 		ctx->got_ip = true;
1204 		break;
1205 	case Opt_domain:
1206 		if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN)
1207 				== CIFS_MAX_DOMAINNAME_LEN) {
1208 			pr_warn("domain name too long\n");
1209 			goto cifs_parse_mount_err;
1210 		}
1211 
1212 		kfree(ctx->domainname);
1213 		ctx->domainname = kstrdup(param->string, GFP_KERNEL);
1214 		if (ctx->domainname == NULL) {
1215 			cifs_errorf(fc, "OOM when copying domainname string\n");
1216 			goto cifs_parse_mount_err;
1217 		}
1218 		cifs_dbg(FYI, "Domain name set\n");
1219 		break;
1220 	case Opt_srcaddr:
1221 		if (!cifs_convert_address(
1222 				(struct sockaddr *)&ctx->srcaddr,
1223 				param->string, strlen(param->string))) {
1224 			pr_warn("Could not parse srcaddr: %s\n",
1225 				param->string);
1226 			goto cifs_parse_mount_err;
1227 		}
1228 		break;
1229 	case Opt_iocharset:
1230 		if (strnlen(param->string, 1024) >= 65) {
1231 			pr_warn("iocharset name too long\n");
1232 			goto cifs_parse_mount_err;
1233 		}
1234 
1235 		if (strncasecmp(param->string, "default", 7) != 0) {
1236 			kfree(ctx->iocharset);
1237 			ctx->iocharset = kstrdup(param->string, GFP_KERNEL);
1238 			if (ctx->iocharset == NULL) {
1239 				cifs_errorf(fc, "OOM when copying iocharset string\n");
1240 				goto cifs_parse_mount_err;
1241 			}
1242 		}
1243 		/* if iocharset not set then load_nls_default
1244 		 * is used by caller
1245 		 */
1246 		cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset);
1247 		break;
1248 	case Opt_netbiosname:
1249 		memset(ctx->source_rfc1001_name, 0x20,
1250 			RFC1001_NAME_LEN);
1251 		/*
1252 		 * FIXME: are there cases in which a comma can
1253 		 * be valid in workstation netbios name (and
1254 		 * need special handling)?
1255 		 */
1256 		for (i = 0; i < RFC1001_NAME_LEN; i++) {
1257 			/* don't ucase netbiosname for user */
1258 			if (param->string[i] == 0)
1259 				break;
1260 			ctx->source_rfc1001_name[i] = param->string[i];
1261 		}
1262 		/* The string has 16th byte zero still from
1263 		 * set at top of the function
1264 		 */
1265 		if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1266 			pr_warn("netbiosname longer than 15 truncated\n");
1267 		break;
1268 	case Opt_servern:
1269 		/* last byte, type, is 0x20 for servr type */
1270 		memset(ctx->target_rfc1001_name, 0x20,
1271 			RFC1001_NAME_LEN_WITH_NULL);
1272 		/*
1273 		 * BB are there cases in which a comma can be valid in this
1274 		 * workstation netbios name (and need special handling)?
1275 		 */
1276 
1277 		/* user or mount helper must uppercase the netbios name */
1278 		for (i = 0; i < 15; i++) {
1279 			if (param->string[i] == 0)
1280 				break;
1281 			ctx->target_rfc1001_name[i] = param->string[i];
1282 		}
1283 
1284 		/* The string has 16th byte zero still from set at top of function */
1285 		if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1286 			pr_warn("server netbiosname longer than 15 truncated\n");
1287 		break;
1288 	case Opt_ver:
1289 		/* version of mount userspace tools, not dialect */
1290 		/* If interface changes in mount.cifs bump to new ver */
1291 		if (strncasecmp(param->string, "1", 1) == 0) {
1292 			if (strlen(param->string) > 1) {
1293 				pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n",
1294 					param->string);
1295 				goto cifs_parse_mount_err;
1296 			}
1297 			/* This is the default */
1298 			break;
1299 		}
1300 		/* For all other value, error */
1301 		pr_warn("Invalid mount helper version specified\n");
1302 		goto cifs_parse_mount_err;
1303 	case Opt_vers:
1304 		/* protocol version (dialect) */
1305 		if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0)
1306 			goto cifs_parse_mount_err;
1307 		ctx->got_version = true;
1308 		break;
1309 	case Opt_sec:
1310 		if (cifs_parse_security_flavors(fc, param->string, ctx) != 0)
1311 			goto cifs_parse_mount_err;
1312 		break;
1313 	case Opt_cache:
1314 		if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0)
1315 			goto cifs_parse_mount_err;
1316 		break;
1317 	case Opt_witness:
1318 #ifndef CONFIG_CIFS_SWN_UPCALL
1319 		cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n");
1320 			goto cifs_parse_mount_err;
1321 #endif
1322 		ctx->witness = true;
1323 		pr_warn_once("Witness protocol support is experimental\n");
1324 		break;
1325 	case Opt_rootfs:
1326 #ifndef CONFIG_CIFS_ROOT
1327 		cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n");
1328 		goto cifs_parse_mount_err;
1329 #endif
1330 		ctx->rootfs = true;
1331 		break;
1332 	case Opt_posixpaths:
1333 		if (result.negated)
1334 			ctx->posix_paths = 0;
1335 		else
1336 			ctx->posix_paths = 1;
1337 		break;
1338 	case Opt_unix:
1339 		if (result.negated) {
1340 			if (ctx->linux_ext == 1)
1341 				pr_warn_once("conflicting posix mount options specified\n");
1342 			ctx->linux_ext = 0;
1343 			ctx->no_linux_ext = 1;
1344 		} else {
1345 			if (ctx->no_linux_ext == 1)
1346 				pr_warn_once("conflicting posix mount options specified\n");
1347 			ctx->linux_ext = 1;
1348 			ctx->no_linux_ext = 0;
1349 		}
1350 		break;
1351 	case Opt_nocase:
1352 		ctx->nocase = 1;
1353 		break;
1354 	case Opt_brl:
1355 		if (result.negated) {
1356 			/*
1357 			 * turn off mandatory locking in mode
1358 			 * if remote locking is turned off since the
1359 			 * local vfs will do advisory
1360 			 */
1361 			if (ctx->file_mode ==
1362 				(S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1363 				ctx->file_mode = S_IALLUGO;
1364 			ctx->nobrl =  1;
1365 		} else
1366 			ctx->nobrl =  0;
1367 		break;
1368 	case Opt_handlecache:
1369 		if (result.negated)
1370 			ctx->nohandlecache = 1;
1371 		else
1372 			ctx->nohandlecache = 0;
1373 		break;
1374 	case Opt_forcemandatorylock:
1375 		ctx->mand_lock = 1;
1376 		break;
1377 	case Opt_setuids:
1378 		ctx->setuids = result.negated;
1379 		break;
1380 	case Opt_intr:
1381 		ctx->intr = !result.negated;
1382 		break;
1383 	case Opt_setuidfromacl:
1384 		ctx->setuidfromacl = 1;
1385 		break;
1386 	case Opt_strictsync:
1387 		ctx->nostrictsync = result.negated;
1388 		break;
1389 	case Opt_serverino:
1390 		ctx->server_ino = !result.negated;
1391 		break;
1392 	case Opt_rwpidforward:
1393 		ctx->rwpidforward = 1;
1394 		break;
1395 	case Opt_modesid:
1396 		ctx->mode_ace = 1;
1397 		break;
1398 	case Opt_cifsacl:
1399 		ctx->cifs_acl = !result.negated;
1400 		break;
1401 	case Opt_acl:
1402 		ctx->no_psx_acl = result.negated;
1403 		break;
1404 	case Opt_locallease:
1405 		ctx->local_lease = 1;
1406 		break;
1407 	case Opt_sign:
1408 		ctx->sign = true;
1409 		break;
1410 	case Opt_ignore_signature:
1411 		ctx->sign = true;
1412 		ctx->ignore_signature = true;
1413 		break;
1414 	case Opt_seal:
1415 		/* we do not do the following in secFlags because seal
1416 		 * is a per tree connection (mount) not a per socket
1417 		 * or per-smb connection option in the protocol
1418 		 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1419 		 */
1420 		ctx->seal = 1;
1421 		break;
1422 	case Opt_noac:
1423 		pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1424 		break;
1425 	case Opt_fsc:
1426 #ifndef CONFIG_CIFS_FSCACHE
1427 		cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1428 		goto cifs_parse_mount_err;
1429 #endif
1430 		ctx->fsc = true;
1431 		break;
1432 	case Opt_mfsymlinks:
1433 		ctx->mfsymlinks = true;
1434 		break;
1435 	case Opt_multiuser:
1436 		ctx->multiuser = true;
1437 		break;
1438 	case Opt_sloppy:
1439 		ctx->sloppy = true;
1440 		break;
1441 	case Opt_nosharesock:
1442 		ctx->nosharesock = true;
1443 		break;
1444 	case Opt_persistent:
1445 		if (result.negated) {
1446 			ctx->nopersistent = true;
1447 			if (ctx->persistent) {
1448 				cifs_errorf(fc, "persistenthandles mount options conflict\n");
1449 				goto cifs_parse_mount_err;
1450 			}
1451 		} else {
1452 			ctx->persistent = true;
1453 			if ((ctx->nopersistent) || (ctx->resilient)) {
1454 				cifs_errorf(fc, "persistenthandles mount options conflict\n");
1455 				goto cifs_parse_mount_err;
1456 			}
1457 		}
1458 		break;
1459 	case Opt_resilient:
1460 		if (result.negated) {
1461 			ctx->resilient = false; /* already the default */
1462 		} else {
1463 			ctx->resilient = true;
1464 			if (ctx->persistent) {
1465 				cifs_errorf(fc, "persistenthandles mount options conflict\n");
1466 				goto cifs_parse_mount_err;
1467 			}
1468 		}
1469 		break;
1470 	case Opt_tcp_nodelay:
1471 		/* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */
1472 		if (result.negated)
1473 			ctx->sockopt_tcp_nodelay = false;
1474 		else
1475 			ctx->sockopt_tcp_nodelay = true;
1476 		break;
1477 	case Opt_domainauto:
1478 		ctx->domainauto = true;
1479 		break;
1480 	case Opt_rdma:
1481 		ctx->rdma = true;
1482 		break;
1483 	}
1484 	/* case Opt_ignore: - is ignored as expected ... */
1485 
1486 	return 0;
1487 
1488  cifs_parse_mount_err:
1489 	kfree_sensitive(ctx->password);
1490 	return -EINVAL;
1491 }
1492 
1493 int smb3_init_fs_context(struct fs_context *fc)
1494 {
1495 	struct smb3_fs_context *ctx;
1496 	char *nodename = utsname()->nodename;
1497 	int i;
1498 
1499 	ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL);
1500 	if (unlikely(!ctx))
1501 		return -ENOMEM;
1502 
1503 	strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name));
1504 
1505 	/*
1506 	 * does not have to be perfect mapping since field is
1507 	 * informational, only used for servers that do not support
1508 	 * port 445 and it can be overridden at mount time
1509 	 */
1510 	memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1511 	for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1512 		ctx->source_rfc1001_name[i] = toupper(nodename[i]);
1513 
1514 	ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1515 	/*
1516 	 * null target name indicates to use *SMBSERVR default called name
1517 	 *  if we end up sending RFC1001 session initialize
1518 	 */
1519 	ctx->target_rfc1001_name[0] = 0;
1520 	ctx->cred_uid = current_uid();
1521 	ctx->linux_uid = current_uid();
1522 	ctx->linux_gid = current_gid();
1523 	/* By default 4MB read ahead size, 1MB block size */
1524 	ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */
1525 	ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */
1526 
1527 	/*
1528 	 * default to SFM style remapping of seven reserved characters
1529 	 * unless user overrides it or we negotiate CIFS POSIX where
1530 	 * it is unnecessary.  Can not simultaneously use more than one mapping
1531 	 * since then readdir could list files that open could not open
1532 	 */
1533 	ctx->remap = true;
1534 
1535 	/* default to only allowing write access to owner of the mount */
1536 	ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1537 
1538 	/* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1539 	/* default is always to request posix paths. */
1540 	ctx->posix_paths = 1;
1541 	/* default to using server inode numbers where available */
1542 	ctx->server_ino = 1;
1543 
1544 	/* default is to use strict cifs caching semantics */
1545 	ctx->strict_io = true;
1546 
1547 	ctx->acregmax = CIFS_DEF_ACTIMEO;
1548 	ctx->acdirmax = CIFS_DEF_ACTIMEO;
1549 	ctx->closetimeo = SMB3_DEF_DCLOSETIMEO;
1550 
1551 	/* Most clients set timeout to 0, allows server to use its default */
1552 	ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */
1553 
1554 	/* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
1555 	ctx->ops = &smb30_operations;
1556 	ctx->vals = &smbdefault_values;
1557 
1558 	ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
1559 
1560 	/* default to no multichannel (single server connection) */
1561 	ctx->multichannel = false;
1562 	ctx->max_channels = 1;
1563 
1564 	ctx->backupuid_specified = false; /* no backup intent for a user */
1565 	ctx->backupgid_specified = false; /* no backup intent for a group */
1566 
1567 /*
1568  *	short int override_uid = -1;
1569  *	short int override_gid = -1;
1570  *	char *nodename = strdup(utsname()->nodename);
1571  *	struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
1572  */
1573 
1574 	fc->fs_private = ctx;
1575 	fc->ops = &smb3_fs_context_ops;
1576 	return 0;
1577 }
1578 
1579 void
1580 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx)
1581 {
1582 	if (ctx == NULL)
1583 		return;
1584 
1585 	/*
1586 	 * Make sure this stays in sync with smb3_fs_context_dup()
1587 	 */
1588 	kfree(ctx->username);
1589 	ctx->username = NULL;
1590 	kfree_sensitive(ctx->password);
1591 	ctx->password = NULL;
1592 	kfree(ctx->server_hostname);
1593 	ctx->server_hostname = NULL;
1594 	kfree(ctx->UNC);
1595 	ctx->UNC = NULL;
1596 	kfree(ctx->source);
1597 	ctx->source = NULL;
1598 	kfree(ctx->domainname);
1599 	ctx->domainname = NULL;
1600 	kfree(ctx->nodename);
1601 	ctx->nodename = NULL;
1602 	kfree(ctx->iocharset);
1603 	ctx->iocharset = NULL;
1604 	kfree(ctx->prepath);
1605 	ctx->prepath = NULL;
1606 	kfree(ctx->leaf_fullpath);
1607 	ctx->leaf_fullpath = NULL;
1608 }
1609 
1610 void
1611 smb3_cleanup_fs_context(struct smb3_fs_context *ctx)
1612 {
1613 	if (!ctx)
1614 		return;
1615 	smb3_cleanup_fs_context_contents(ctx);
1616 	kfree(ctx);
1617 }
1618 
1619 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb)
1620 {
1621 	struct smb3_fs_context *ctx = cifs_sb->ctx;
1622 
1623 	if (ctx->nodfs)
1624 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS;
1625 	else
1626 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS;
1627 
1628 	if (ctx->noperm)
1629 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
1630 	else
1631 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM;
1632 
1633 	if (ctx->setuids)
1634 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
1635 	else
1636 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID;
1637 
1638 	if (ctx->setuidfromacl)
1639 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL;
1640 	else
1641 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL;
1642 
1643 	if (ctx->server_ino)
1644 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
1645 	else
1646 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM;
1647 
1648 	if (ctx->remap)
1649 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR;
1650 	else
1651 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR;
1652 
1653 	if (ctx->sfu_remap)
1654 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
1655 	else
1656 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR;
1657 
1658 	if (ctx->no_xattr)
1659 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
1660 	else
1661 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR;
1662 
1663 	if (ctx->sfu_emul)
1664 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
1665 	else
1666 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL;
1667 
1668 	if (ctx->nobrl)
1669 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
1670 	else
1671 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL;
1672 
1673 	if (ctx->nohandlecache)
1674 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE;
1675 	else
1676 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE;
1677 
1678 	if (ctx->nostrictsync)
1679 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
1680 	else
1681 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC;
1682 
1683 	if (ctx->mand_lock)
1684 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
1685 	else
1686 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL;
1687 
1688 	if (ctx->rwpidforward)
1689 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
1690 	else
1691 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD;
1692 
1693 	if (ctx->mode_ace)
1694 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID;
1695 	else
1696 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID;
1697 
1698 	if (ctx->cifs_acl)
1699 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
1700 	else
1701 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL;
1702 
1703 	if (ctx->backupuid_specified)
1704 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
1705 	else
1706 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID;
1707 
1708 	if (ctx->backupgid_specified)
1709 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
1710 	else
1711 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID;
1712 
1713 	if (ctx->override_uid)
1714 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
1715 	else
1716 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID;
1717 
1718 	if (ctx->override_gid)
1719 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
1720 	else
1721 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID;
1722 
1723 	if (ctx->dynperm)
1724 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
1725 	else
1726 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM;
1727 
1728 	if (ctx->fsc)
1729 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
1730 	else
1731 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE;
1732 
1733 	if (ctx->multiuser)
1734 		cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
1735 					    CIFS_MOUNT_NO_PERM);
1736 	else
1737 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER;
1738 
1739 
1740 	if (ctx->strict_io)
1741 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
1742 	else
1743 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO;
1744 
1745 	if (ctx->direct_io)
1746 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
1747 	else
1748 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO;
1749 
1750 	if (ctx->mfsymlinks)
1751 		cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
1752 	else
1753 		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS;
1754 	if (ctx->mfsymlinks) {
1755 		if (ctx->sfu_emul) {
1756 			/*
1757 			 * Our SFU ("Services for Unix" emulation does not allow
1758 			 * creating symlinks but does allow reading existing SFU
1759 			 * symlinks (it does allow both creating and reading SFU
1760 			 * style mknod and FIFOs though). When "mfsymlinks" and
1761 			 * "sfu" are both enabled at the same time, it allows
1762 			 * reading both types of symlinks, but will only create
1763 			 * them with mfsymlinks format. This allows better
1764 			 * Apple compatibility (probably better for Samba too)
1765 			 * while still recognizing old Windows style symlinks.
1766 			 */
1767 			cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n");
1768 		}
1769 	}
1770 	cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN;
1771 
1772 	return;
1773 }
1774