1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2020, Microsoft Corporation. 4 * 5 * Author(s): Steve French <stfrench@microsoft.com> 6 * David Howells <dhowells@redhat.com> 7 */ 8 9 /* 10 #include <linux/module.h> 11 #include <linux/nsproxy.h> 12 #include <linux/slab.h> 13 #include <linux/magic.h> 14 #include <linux/security.h> 15 #include <net/net_namespace.h> 16 #ifdef CONFIG_CIFS_DFS_UPCALL 17 #include "dfs_cache.h" 18 #endif 19 */ 20 21 #include <linux/ctype.h> 22 #include <linux/fs_context.h> 23 #include <linux/fs_parser.h> 24 #include <linux/fs.h> 25 #include <linux/mount.h> 26 #include <linux/parser.h> 27 #include <linux/utsname.h> 28 #include "cifsfs.h" 29 #include "cifspdu.h" 30 #include "cifsglob.h" 31 #include "cifsproto.h" 32 #include "cifs_unicode.h" 33 #include "cifs_debug.h" 34 #include "cifs_fs_sb.h" 35 #include "ntlmssp.h" 36 #include "nterr.h" 37 #include "rfc1002pdu.h" 38 #include "fs_context.h" 39 40 DEFINE_MUTEX(cifs_mount_mutex); 41 42 static const match_table_t cifs_smb_version_tokens = { 43 { Smb_1, SMB1_VERSION_STRING }, 44 { Smb_20, SMB20_VERSION_STRING}, 45 { Smb_21, SMB21_VERSION_STRING }, 46 { Smb_30, SMB30_VERSION_STRING }, 47 { Smb_302, SMB302_VERSION_STRING }, 48 { Smb_302, ALT_SMB302_VERSION_STRING }, 49 { Smb_311, SMB311_VERSION_STRING }, 50 { Smb_311, ALT_SMB311_VERSION_STRING }, 51 { Smb_3any, SMB3ANY_VERSION_STRING }, 52 { Smb_default, SMBDEFAULT_VERSION_STRING }, 53 { Smb_version_err, NULL } 54 }; 55 56 static const match_table_t cifs_secflavor_tokens = { 57 { Opt_sec_krb5, "krb5" }, 58 { Opt_sec_krb5i, "krb5i" }, 59 { Opt_sec_krb5p, "krb5p" }, 60 { Opt_sec_ntlmsspi, "ntlmsspi" }, 61 { Opt_sec_ntlmssp, "ntlmssp" }, 62 { Opt_sec_ntlmv2, "nontlm" }, 63 { Opt_sec_ntlmv2, "ntlmv2" }, 64 { Opt_sec_ntlmv2i, "ntlmv2i" }, 65 { Opt_sec_none, "none" }, 66 67 { Opt_sec_err, NULL } 68 }; 69 70 const struct fs_parameter_spec smb3_fs_parameters[] = { 71 /* Mount options that take no arguments */ 72 fsparam_flag_no("user_xattr", Opt_user_xattr), 73 fsparam_flag_no("forceuid", Opt_forceuid), 74 fsparam_flag_no("multichannel", Opt_multichannel), 75 fsparam_flag_no("forcegid", Opt_forcegid), 76 fsparam_flag("noblocksend", Opt_noblocksend), 77 fsparam_flag("noautotune", Opt_noautotune), 78 fsparam_flag("nolease", Opt_nolease), 79 fsparam_flag_no("hard", Opt_hard), 80 fsparam_flag_no("soft", Opt_soft), 81 fsparam_flag_no("perm", Opt_perm), 82 fsparam_flag("nodelete", Opt_nodelete), 83 fsparam_flag_no("mapposix", Opt_mapposix), 84 fsparam_flag("mapchars", Opt_mapchars), 85 fsparam_flag("nomapchars", Opt_nomapchars), 86 fsparam_flag_no("sfu", Opt_sfu), 87 fsparam_flag("nodfs", Opt_nodfs), 88 fsparam_flag_no("posixpaths", Opt_posixpaths), 89 fsparam_flag_no("unix", Opt_unix), 90 fsparam_flag_no("linux", Opt_unix), 91 fsparam_flag_no("posix", Opt_unix), 92 fsparam_flag("nocase", Opt_nocase), 93 fsparam_flag("ignorecase", Opt_nocase), 94 fsparam_flag_no("brl", Opt_brl), 95 fsparam_flag_no("handlecache", Opt_handlecache), 96 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock), 97 fsparam_flag("forcemand", Opt_forcemandatorylock), 98 fsparam_flag("setuidfromacl", Opt_setuidfromacl), 99 fsparam_flag("idsfromsid", Opt_setuidfromacl), 100 fsparam_flag_no("setuids", Opt_setuids), 101 fsparam_flag_no("dynperm", Opt_dynperm), 102 fsparam_flag_no("intr", Opt_intr), 103 fsparam_flag_no("strictsync", Opt_strictsync), 104 fsparam_flag_no("serverino", Opt_serverino), 105 fsparam_flag("rwpidforward", Opt_rwpidforward), 106 fsparam_flag("cifsacl", Opt_cifsacl), 107 fsparam_flag_no("acl", Opt_acl), 108 fsparam_flag("locallease", Opt_locallease), 109 fsparam_flag("sign", Opt_sign), 110 fsparam_flag("ignore_signature", Opt_ignore_signature), 111 fsparam_flag("signloosely", Opt_ignore_signature), 112 fsparam_flag("seal", Opt_seal), 113 fsparam_flag("noac", Opt_noac), 114 fsparam_flag("fsc", Opt_fsc), 115 fsparam_flag("mfsymlinks", Opt_mfsymlinks), 116 fsparam_flag("multiuser", Opt_multiuser), 117 fsparam_flag("sloppy", Opt_sloppy), 118 fsparam_flag("nosharesock", Opt_nosharesock), 119 fsparam_flag_no("persistenthandles", Opt_persistent), 120 fsparam_flag_no("resilienthandles", Opt_resilient), 121 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay), 122 fsparam_flag("nosparse", Opt_nosparse), 123 fsparam_flag("domainauto", Opt_domainauto), 124 fsparam_flag("rdma", Opt_rdma), 125 fsparam_flag("modesid", Opt_modesid), 126 fsparam_flag("modefromsid", Opt_modesid), 127 fsparam_flag("rootfs", Opt_rootfs), 128 fsparam_flag("compress", Opt_compress), 129 fsparam_flag("witness", Opt_witness), 130 131 /* Mount options which take numeric value */ 132 fsparam_u32("backupuid", Opt_backupuid), 133 fsparam_u32("backupgid", Opt_backupgid), 134 fsparam_u32("uid", Opt_uid), 135 fsparam_u32("cruid", Opt_cruid), 136 fsparam_u32("gid", Opt_gid), 137 fsparam_u32("file_mode", Opt_file_mode), 138 fsparam_u32("dirmode", Opt_dirmode), 139 fsparam_u32("dir_mode", Opt_dirmode), 140 fsparam_u32("port", Opt_port), 141 fsparam_u32("min_enc_offload", Opt_min_enc_offload), 142 fsparam_u32("esize", Opt_min_enc_offload), 143 fsparam_u32("bsize", Opt_blocksize), 144 fsparam_u32("rasize", Opt_rasize), 145 fsparam_u32("rsize", Opt_rsize), 146 fsparam_u32("wsize", Opt_wsize), 147 fsparam_u32("actimeo", Opt_actimeo), 148 fsparam_u32("acdirmax", Opt_acdirmax), 149 fsparam_u32("acregmax", Opt_acregmax), 150 fsparam_u32("closetimeo", Opt_closetimeo), 151 fsparam_u32("echo_interval", Opt_echo_interval), 152 fsparam_u32("max_credits", Opt_max_credits), 153 fsparam_u32("max_cached_dirs", Opt_max_cached_dirs), 154 fsparam_u32("handletimeout", Opt_handletimeout), 155 fsparam_u64("snapshot", Opt_snapshot), 156 fsparam_u32("max_channels", Opt_max_channels), 157 158 /* Mount options which take string value */ 159 fsparam_string("source", Opt_source), 160 fsparam_string("user", Opt_user), 161 fsparam_string("username", Opt_user), 162 fsparam_string("pass", Opt_pass), 163 fsparam_string("password", Opt_pass), 164 fsparam_string("ip", Opt_ip), 165 fsparam_string("addr", Opt_ip), 166 fsparam_string("domain", Opt_domain), 167 fsparam_string("dom", Opt_domain), 168 fsparam_string("srcaddr", Opt_srcaddr), 169 fsparam_string("iocharset", Opt_iocharset), 170 fsparam_string("netbiosname", Opt_netbiosname), 171 fsparam_string("servern", Opt_servern), 172 fsparam_string("ver", Opt_ver), 173 fsparam_string("vers", Opt_vers), 174 fsparam_string("sec", Opt_sec), 175 fsparam_string("cache", Opt_cache), 176 177 /* Arguments that should be ignored */ 178 fsparam_flag("guest", Opt_ignore), 179 fsparam_flag("noatime", Opt_ignore), 180 fsparam_flag("relatime", Opt_ignore), 181 fsparam_flag("_netdev", Opt_ignore), 182 fsparam_flag_no("suid", Opt_ignore), 183 fsparam_flag_no("exec", Opt_ignore), 184 fsparam_flag_no("dev", Opt_ignore), 185 fsparam_flag_no("mand", Opt_ignore), 186 fsparam_flag_no("auto", Opt_ignore), 187 fsparam_string("cred", Opt_ignore), 188 fsparam_string("credentials", Opt_ignore), 189 /* 190 * UNC and prefixpath is now extracted from Opt_source 191 * in the new mount API so we can just ignore them going forward. 192 */ 193 fsparam_string("unc", Opt_ignore), 194 fsparam_string("prefixpath", Opt_ignore), 195 {} 196 }; 197 198 static int 199 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 200 { 201 202 substring_t args[MAX_OPT_ARGS]; 203 204 /* 205 * With mount options, the last one should win. Reset any existing 206 * settings back to default. 207 */ 208 ctx->sectype = Unspecified; 209 ctx->sign = false; 210 211 switch (match_token(value, cifs_secflavor_tokens, args)) { 212 case Opt_sec_krb5p: 213 cifs_errorf(fc, "sec=krb5p is not supported. Use sec=krb5,seal instead\n"); 214 return 1; 215 case Opt_sec_krb5i: 216 ctx->sign = true; 217 fallthrough; 218 case Opt_sec_krb5: 219 ctx->sectype = Kerberos; 220 break; 221 case Opt_sec_ntlmsspi: 222 ctx->sign = true; 223 fallthrough; 224 case Opt_sec_ntlmssp: 225 ctx->sectype = RawNTLMSSP; 226 break; 227 case Opt_sec_ntlmv2i: 228 ctx->sign = true; 229 fallthrough; 230 case Opt_sec_ntlmv2: 231 ctx->sectype = NTLMv2; 232 break; 233 case Opt_sec_none: 234 ctx->nullauth = 1; 235 kfree(ctx->username); 236 ctx->username = NULL; 237 break; 238 default: 239 cifs_errorf(fc, "bad security option: %s\n", value); 240 return 1; 241 } 242 243 return 0; 244 } 245 246 static const match_table_t cifs_cacheflavor_tokens = { 247 { Opt_cache_loose, "loose" }, 248 { Opt_cache_strict, "strict" }, 249 { Opt_cache_none, "none" }, 250 { Opt_cache_ro, "ro" }, 251 { Opt_cache_rw, "singleclient" }, 252 { Opt_cache_err, NULL } 253 }; 254 255 static int 256 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 257 { 258 substring_t args[MAX_OPT_ARGS]; 259 260 switch (match_token(value, cifs_cacheflavor_tokens, args)) { 261 case Opt_cache_loose: 262 ctx->direct_io = false; 263 ctx->strict_io = false; 264 ctx->cache_ro = false; 265 ctx->cache_rw = false; 266 break; 267 case Opt_cache_strict: 268 ctx->direct_io = false; 269 ctx->strict_io = true; 270 ctx->cache_ro = false; 271 ctx->cache_rw = false; 272 break; 273 case Opt_cache_none: 274 ctx->direct_io = true; 275 ctx->strict_io = false; 276 ctx->cache_ro = false; 277 ctx->cache_rw = false; 278 break; 279 case Opt_cache_ro: 280 ctx->direct_io = false; 281 ctx->strict_io = false; 282 ctx->cache_ro = true; 283 ctx->cache_rw = false; 284 break; 285 case Opt_cache_rw: 286 ctx->direct_io = false; 287 ctx->strict_io = false; 288 ctx->cache_ro = false; 289 ctx->cache_rw = true; 290 break; 291 default: 292 cifs_errorf(fc, "bad cache= option: %s\n", value); 293 return 1; 294 } 295 return 0; 296 } 297 298 #define DUP_CTX_STR(field) \ 299 do { \ 300 if (ctx->field) { \ 301 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \ 302 if (new_ctx->field == NULL) { \ 303 smb3_cleanup_fs_context_contents(new_ctx); \ 304 return -ENOMEM; \ 305 } \ 306 } \ 307 } while (0) 308 309 int 310 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx) 311 { 312 memcpy(new_ctx, ctx, sizeof(*ctx)); 313 new_ctx->prepath = NULL; 314 new_ctx->nodename = NULL; 315 new_ctx->username = NULL; 316 new_ctx->password = NULL; 317 new_ctx->server_hostname = NULL; 318 new_ctx->domainname = NULL; 319 new_ctx->UNC = NULL; 320 new_ctx->source = NULL; 321 new_ctx->iocharset = NULL; 322 new_ctx->leaf_fullpath = NULL; 323 /* 324 * Make sure to stay in sync with smb3_cleanup_fs_context_contents() 325 */ 326 DUP_CTX_STR(prepath); 327 DUP_CTX_STR(username); 328 DUP_CTX_STR(password); 329 DUP_CTX_STR(server_hostname); 330 DUP_CTX_STR(UNC); 331 DUP_CTX_STR(source); 332 DUP_CTX_STR(domainname); 333 DUP_CTX_STR(nodename); 334 DUP_CTX_STR(iocharset); 335 DUP_CTX_STR(leaf_fullpath); 336 337 return 0; 338 } 339 340 static int 341 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3) 342 { 343 substring_t args[MAX_OPT_ARGS]; 344 345 switch (match_token(value, cifs_smb_version_tokens, args)) { 346 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY 347 case Smb_1: 348 if (disable_legacy_dialects) { 349 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 350 return 1; 351 } 352 if (is_smb3) { 353 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n"); 354 return 1; 355 } 356 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n"); 357 ctx->ops = &smb1_operations; 358 ctx->vals = &smb1_values; 359 break; 360 case Smb_20: 361 if (disable_legacy_dialects) { 362 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 363 return 1; 364 } 365 if (is_smb3) { 366 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n"); 367 return 1; 368 } 369 ctx->ops = &smb20_operations; 370 ctx->vals = &smb20_values; 371 break; 372 #else 373 case Smb_1: 374 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n"); 375 return 1; 376 case Smb_20: 377 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n"); 378 return 1; 379 #endif /* CIFS_ALLOW_INSECURE_LEGACY */ 380 case Smb_21: 381 ctx->ops = &smb21_operations; 382 ctx->vals = &smb21_values; 383 break; 384 case Smb_30: 385 ctx->ops = &smb30_operations; 386 ctx->vals = &smb30_values; 387 break; 388 case Smb_302: 389 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 390 ctx->vals = &smb302_values; 391 break; 392 case Smb_311: 393 ctx->ops = &smb311_operations; 394 ctx->vals = &smb311_values; 395 break; 396 case Smb_3any: 397 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 398 ctx->vals = &smb3any_values; 399 break; 400 case Smb_default: 401 ctx->ops = &smb30_operations; 402 ctx->vals = &smbdefault_values; 403 break; 404 default: 405 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value); 406 return 1; 407 } 408 return 0; 409 } 410 411 int smb3_parse_opt(const char *options, const char *key, char **val) 412 { 413 int rc = -ENOENT; 414 char *opts, *orig, *p; 415 416 orig = opts = kstrdup(options, GFP_KERNEL); 417 if (!opts) 418 return -ENOMEM; 419 420 while ((p = strsep(&opts, ","))) { 421 char *nval; 422 423 if (!*p) 424 continue; 425 if (strncasecmp(p, key, strlen(key))) 426 continue; 427 nval = strchr(p, '='); 428 if (nval) { 429 if (nval == p) 430 continue; 431 *nval++ = 0; 432 *val = kstrdup(nval, GFP_KERNEL); 433 rc = !*val ? -ENOMEM : 0; 434 goto out; 435 } 436 } 437 out: 438 kfree(orig); 439 return rc; 440 } 441 442 /* 443 * Remove duplicate path delimiters. Windows is supposed to do that 444 * but there are some bugs that prevent rename from working if there are 445 * multiple delimiters. 446 * 447 * Return a sanitized duplicate of @path or NULL for empty prefix paths. 448 * Otherwise, return ERR_PTR. 449 * 450 * @gfp indicates the GFP_* flags for kstrdup. 451 * The caller is responsible for freeing the original. 452 */ 453 #define IS_DELIM(c) ((c) == '/' || (c) == '\\') 454 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp) 455 { 456 char *cursor1 = prepath, *cursor2 = prepath; 457 char *s; 458 459 /* skip all prepended delimiters */ 460 while (IS_DELIM(*cursor1)) 461 cursor1++; 462 463 /* copy the first letter */ 464 *cursor2 = *cursor1; 465 466 /* copy the remainder... */ 467 while (*(cursor1++)) { 468 /* ... skipping all duplicated delimiters */ 469 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2)) 470 continue; 471 *(++cursor2) = *cursor1; 472 } 473 474 /* if the last character is a delimiter, skip it */ 475 if (IS_DELIM(*(cursor2 - 1))) 476 cursor2--; 477 478 *cursor2 = '\0'; 479 if (!*prepath) 480 return NULL; 481 s = kstrdup(prepath, gfp); 482 if (!s) 483 return ERR_PTR(-ENOMEM); 484 return s; 485 } 486 487 /* 488 * Return full path based on the values of @ctx->{UNC,prepath}. 489 * 490 * It is assumed that both values were already parsed by smb3_parse_devname(). 491 */ 492 char *smb3_fs_context_fullpath(const struct smb3_fs_context *ctx, char dirsep) 493 { 494 size_t ulen, plen; 495 char *s; 496 497 ulen = strlen(ctx->UNC); 498 plen = ctx->prepath ? strlen(ctx->prepath) + 1 : 0; 499 500 s = kmalloc(ulen + plen + 1, GFP_KERNEL); 501 if (!s) 502 return ERR_PTR(-ENOMEM); 503 memcpy(s, ctx->UNC, ulen); 504 if (plen) { 505 s[ulen] = dirsep; 506 memcpy(s + ulen + 1, ctx->prepath, plen); 507 } 508 s[ulen + plen] = '\0'; 509 convert_delimiter(s, dirsep); 510 return s; 511 } 512 513 /* 514 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath 515 * fields with the result. Returns 0 on success and an error otherwise 516 * (e.g. ENOMEM or EINVAL) 517 */ 518 int 519 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx) 520 { 521 char *pos; 522 const char *delims = "/\\"; 523 size_t len; 524 int rc; 525 526 if (unlikely(!devname || !*devname)) { 527 cifs_dbg(VFS, "Device name not specified\n"); 528 return -EINVAL; 529 } 530 531 /* make sure we have a valid UNC double delimiter prefix */ 532 len = strspn(devname, delims); 533 if (len != 2) 534 return -EINVAL; 535 536 /* find delimiter between host and sharename */ 537 pos = strpbrk(devname + 2, delims); 538 if (!pos) 539 return -EINVAL; 540 541 /* record the server hostname */ 542 kfree(ctx->server_hostname); 543 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL); 544 if (!ctx->server_hostname) 545 return -ENOMEM; 546 547 /* skip past delimiter */ 548 ++pos; 549 550 /* now go until next delimiter or end of string */ 551 len = strcspn(pos, delims); 552 if (!len) 553 return -EINVAL; 554 555 /* move "pos" up to delimiter or NULL */ 556 pos += len; 557 kfree(ctx->UNC); 558 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL); 559 if (!ctx->UNC) 560 return -ENOMEM; 561 562 convert_delimiter(ctx->UNC, '\\'); 563 564 /* skip any delimiter */ 565 if (*pos == '/' || *pos == '\\') 566 pos++; 567 568 kfree(ctx->prepath); 569 ctx->prepath = NULL; 570 571 /* If pos is NULL then no prepath */ 572 if (!*pos) 573 return 0; 574 575 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL); 576 if (IS_ERR(ctx->prepath)) { 577 rc = PTR_ERR(ctx->prepath); 578 ctx->prepath = NULL; 579 return rc; 580 } 581 582 return 0; 583 } 584 585 static void smb3_fs_context_free(struct fs_context *fc); 586 static int smb3_fs_context_parse_param(struct fs_context *fc, 587 struct fs_parameter *param); 588 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 589 void *data); 590 static int smb3_get_tree(struct fs_context *fc); 591 static int smb3_reconfigure(struct fs_context *fc); 592 593 static const struct fs_context_operations smb3_fs_context_ops = { 594 .free = smb3_fs_context_free, 595 .parse_param = smb3_fs_context_parse_param, 596 .parse_monolithic = smb3_fs_context_parse_monolithic, 597 .get_tree = smb3_get_tree, 598 .reconfigure = smb3_reconfigure, 599 }; 600 601 /* 602 * Parse a monolithic block of data from sys_mount(). 603 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data 604 * @ctx: The superblock configuration to fill in. 605 * @data: The data to parse 606 * 607 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be 608 * called from the ->monolithic_mount_data() fs_context operation. 609 * 610 * Returns 0 on success or the error returned by the ->parse_option() fs_context 611 * operation on failure. 612 */ 613 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 614 void *data) 615 { 616 char *options = data, *key; 617 int ret = 0; 618 619 if (!options) 620 return 0; 621 622 ret = security_sb_eat_lsm_opts(options, &fc->security); 623 if (ret) 624 return ret; 625 626 /* BB Need to add support for sep= here TBD */ 627 while ((key = strsep(&options, ",")) != NULL) { 628 size_t len; 629 char *value; 630 631 if (*key == 0) 632 break; 633 634 /* Check if following character is the deliminator If yes, 635 * we have encountered a double deliminator reset the NULL 636 * character to the deliminator 637 */ 638 while (options && options[0] == ',') { 639 len = strlen(key); 640 strcpy(key + len, options); 641 options = strchr(options, ','); 642 if (options) 643 *options++ = 0; 644 } 645 646 647 len = 0; 648 value = strchr(key, '='); 649 if (value) { 650 if (value == key) 651 continue; 652 *value++ = 0; 653 len = strlen(value); 654 } 655 656 ret = vfs_parse_fs_string(fc, key, value, len); 657 if (ret < 0) 658 break; 659 } 660 661 return ret; 662 } 663 664 /* 665 * Validate the preparsed information in the config. 666 */ 667 static int smb3_fs_context_validate(struct fs_context *fc) 668 { 669 struct smb3_fs_context *ctx = smb3_fc2context(fc); 670 671 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) { 672 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n"); 673 return -EOPNOTSUPP; 674 } 675 676 #ifndef CONFIG_KEYS 677 /* Muliuser mounts require CONFIG_KEYS support */ 678 if (ctx->multiuser) { 679 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n"); 680 return -1; 681 } 682 #endif 683 684 if (ctx->got_version == false) 685 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n"); 686 687 688 if (!ctx->UNC) { 689 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n"); 690 return -1; 691 } 692 693 /* make sure UNC has a share name */ 694 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) { 695 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n"); 696 return -ENOENT; 697 } 698 699 if (!ctx->got_ip) { 700 int len; 701 const char *slash; 702 703 /* No ip= option specified? Try to get it from UNC */ 704 /* Use the address part of the UNC. */ 705 slash = strchr(&ctx->UNC[2], '\\'); 706 len = slash - &ctx->UNC[2]; 707 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 708 &ctx->UNC[2], len)) { 709 pr_err("Unable to determine destination address\n"); 710 return -EHOSTUNREACH; 711 } 712 } 713 714 /* set the port that we got earlier */ 715 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port); 716 717 if (ctx->override_uid && !ctx->uid_specified) { 718 ctx->override_uid = 0; 719 pr_notice("ignoring forceuid mount option specified with no uid= option\n"); 720 } 721 722 if (ctx->override_gid && !ctx->gid_specified) { 723 ctx->override_gid = 0; 724 pr_notice("ignoring forcegid mount option specified with no gid= option\n"); 725 } 726 727 return 0; 728 } 729 730 static int smb3_get_tree_common(struct fs_context *fc) 731 { 732 struct smb3_fs_context *ctx = smb3_fc2context(fc); 733 struct dentry *root; 734 int rc = 0; 735 736 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx); 737 if (IS_ERR(root)) 738 return PTR_ERR(root); 739 740 fc->root = root; 741 742 return rc; 743 } 744 745 /* 746 * Create an SMB3 superblock from the parameters passed. 747 */ 748 static int smb3_get_tree(struct fs_context *fc) 749 { 750 int err = smb3_fs_context_validate(fc); 751 int ret; 752 753 if (err) 754 return err; 755 cifs_mount_lock(); 756 ret = smb3_get_tree_common(fc); 757 cifs_mount_unlock(); 758 return ret; 759 } 760 761 static void smb3_fs_context_free(struct fs_context *fc) 762 { 763 struct smb3_fs_context *ctx = smb3_fc2context(fc); 764 765 smb3_cleanup_fs_context(ctx); 766 } 767 768 /* 769 * Compare the old and new proposed context during reconfigure 770 * and check if the changes are compatible. 771 */ 772 static int smb3_verify_reconfigure_ctx(struct fs_context *fc, 773 struct smb3_fs_context *new_ctx, 774 struct smb3_fs_context *old_ctx, bool need_recon) 775 { 776 if (new_ctx->posix_paths != old_ctx->posix_paths) { 777 cifs_errorf(fc, "can not change posixpaths during remount\n"); 778 return -EINVAL; 779 } 780 if (new_ctx->sectype != old_ctx->sectype) { 781 cifs_errorf(fc, "can not change sec during remount\n"); 782 return -EINVAL; 783 } 784 if (new_ctx->multiuser != old_ctx->multiuser) { 785 cifs_errorf(fc, "can not change multiuser during remount\n"); 786 return -EINVAL; 787 } 788 if (new_ctx->UNC && 789 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) { 790 cifs_errorf(fc, "can not change UNC during remount\n"); 791 return -EINVAL; 792 } 793 if (new_ctx->username && 794 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) { 795 cifs_errorf(fc, "can not change username during remount\n"); 796 return -EINVAL; 797 } 798 if (new_ctx->password && 799 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) { 800 if (need_recon == false) { 801 cifs_errorf(fc, 802 "can not change password of active session during remount\n"); 803 return -EINVAL; 804 } else if (old_ctx->sectype == Kerberos) { 805 cifs_errorf(fc, 806 "can not change password for Kerberos via remount\n"); 807 return -EINVAL; 808 } 809 } 810 if (new_ctx->domainname && 811 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) { 812 cifs_errorf(fc, "can not change domainname during remount\n"); 813 return -EINVAL; 814 } 815 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) { 816 cifs_errorf(fc, "can not change workstation_name during remount\n"); 817 return -EINVAL; 818 } 819 if (new_ctx->nodename && 820 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) { 821 cifs_errorf(fc, "can not change nodename during remount\n"); 822 return -EINVAL; 823 } 824 if (new_ctx->iocharset && 825 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) { 826 cifs_errorf(fc, "can not change iocharset during remount\n"); 827 return -EINVAL; 828 } 829 830 return 0; 831 } 832 833 #define STEAL_STRING(cifs_sb, ctx, field) \ 834 do { \ 835 kfree(ctx->field); \ 836 ctx->field = cifs_sb->ctx->field; \ 837 cifs_sb->ctx->field = NULL; \ 838 } while (0) 839 840 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \ 841 do { \ 842 kfree_sensitive(ctx->field); \ 843 ctx->field = cifs_sb->ctx->field; \ 844 cifs_sb->ctx->field = NULL; \ 845 } while (0) 846 847 static int smb3_reconfigure(struct fs_context *fc) 848 { 849 struct smb3_fs_context *ctx = smb3_fc2context(fc); 850 struct dentry *root = fc->root; 851 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb); 852 struct cifs_ses *ses = cifs_sb_master_tcon(cifs_sb)->ses; 853 bool need_recon = false; 854 int rc; 855 856 if (ses->expired_pwd) 857 need_recon = true; 858 859 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx, need_recon); 860 if (rc) 861 return rc; 862 863 /* 864 * We can not change UNC/username/password/domainname/ 865 * workstation_name/nodename/iocharset 866 * during reconnect so ignore what we have in the new context and 867 * just use what we already have in cifs_sb->ctx. 868 */ 869 STEAL_STRING(cifs_sb, ctx, UNC); 870 STEAL_STRING(cifs_sb, ctx, source); 871 STEAL_STRING(cifs_sb, ctx, username); 872 if (need_recon == false) 873 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password); 874 else { 875 kfree_sensitive(ses->password); 876 ses->password = kstrdup(ctx->password, GFP_KERNEL); 877 } 878 STEAL_STRING(cifs_sb, ctx, domainname); 879 STEAL_STRING(cifs_sb, ctx, nodename); 880 STEAL_STRING(cifs_sb, ctx, iocharset); 881 882 /* if rsize or wsize not passed in on remount, use previous values */ 883 if (ctx->rsize == 0) 884 ctx->rsize = cifs_sb->ctx->rsize; 885 if (ctx->wsize == 0) 886 ctx->wsize = cifs_sb->ctx->wsize; 887 888 889 smb3_cleanup_fs_context_contents(cifs_sb->ctx); 890 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx); 891 smb3_update_mnt_flags(cifs_sb); 892 #ifdef CONFIG_CIFS_DFS_UPCALL 893 if (!rc) 894 rc = dfs_cache_remount_fs(cifs_sb); 895 #endif 896 897 return rc; 898 } 899 900 static int smb3_fs_context_parse_param(struct fs_context *fc, 901 struct fs_parameter *param) 902 { 903 struct fs_parse_result result; 904 struct smb3_fs_context *ctx = smb3_fc2context(fc); 905 int i, opt; 906 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3"); 907 bool skip_parsing = false; 908 kuid_t uid; 909 kgid_t gid; 910 911 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key); 912 913 /* 914 * fs_parse can not handle string options with an empty value so 915 * we will need special handling of them. 916 */ 917 if (param->type == fs_value_is_string && param->string[0] == 0) { 918 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) { 919 skip_parsing = true; 920 opt = Opt_pass; 921 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) { 922 skip_parsing = true; 923 opt = Opt_user; 924 } 925 } 926 927 if (!skip_parsing) { 928 opt = fs_parse(fc, smb3_fs_parameters, param, &result); 929 if (opt < 0) 930 return ctx->sloppy ? 1 : opt; 931 } 932 933 switch (opt) { 934 case Opt_compress: 935 ctx->compression = UNKNOWN_TYPE; 936 cifs_dbg(VFS, 937 "SMB3 compression support is experimental\n"); 938 break; 939 case Opt_nodfs: 940 ctx->nodfs = 1; 941 break; 942 case Opt_hard: 943 if (result.negated) { 944 if (ctx->retry == 1) 945 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n"); 946 ctx->retry = 0; 947 } else 948 ctx->retry = 1; 949 break; 950 case Opt_soft: 951 if (result.negated) 952 ctx->retry = 1; 953 else { 954 if (ctx->retry == 1) 955 cifs_dbg(VFS, "conflicting hard vs soft mount options\n"); 956 ctx->retry = 0; 957 } 958 break; 959 case Opt_mapposix: 960 if (result.negated) 961 ctx->remap = false; 962 else { 963 ctx->remap = true; 964 ctx->sfu_remap = false; /* disable SFU mapping */ 965 } 966 break; 967 case Opt_mapchars: 968 if (result.negated) 969 ctx->sfu_remap = false; 970 else { 971 ctx->sfu_remap = true; 972 ctx->remap = false; /* disable SFM (mapposix) mapping */ 973 } 974 break; 975 case Opt_user_xattr: 976 if (result.negated) 977 ctx->no_xattr = 1; 978 else 979 ctx->no_xattr = 0; 980 break; 981 case Opt_forceuid: 982 if (result.negated) 983 ctx->override_uid = 0; 984 else 985 ctx->override_uid = 1; 986 break; 987 case Opt_forcegid: 988 if (result.negated) 989 ctx->override_gid = 0; 990 else 991 ctx->override_gid = 1; 992 break; 993 case Opt_perm: 994 if (result.negated) 995 ctx->noperm = 1; 996 else 997 ctx->noperm = 0; 998 break; 999 case Opt_dynperm: 1000 if (result.negated) 1001 ctx->dynperm = 0; 1002 else 1003 ctx->dynperm = 1; 1004 break; 1005 case Opt_sfu: 1006 if (result.negated) 1007 ctx->sfu_emul = 0; 1008 else 1009 ctx->sfu_emul = 1; 1010 break; 1011 case Opt_noblocksend: 1012 ctx->noblocksnd = 1; 1013 break; 1014 case Opt_noautotune: 1015 ctx->noautotune = 1; 1016 break; 1017 case Opt_nolease: 1018 ctx->no_lease = 1; 1019 break; 1020 case Opt_nosparse: 1021 ctx->no_sparse = 1; 1022 break; 1023 case Opt_nodelete: 1024 ctx->nodelete = 1; 1025 break; 1026 case Opt_multichannel: 1027 if (result.negated) { 1028 ctx->multichannel = false; 1029 ctx->max_channels = 1; 1030 } else { 1031 ctx->multichannel = true; 1032 /* if number of channels not specified, default to 2 */ 1033 if (ctx->max_channels < 2) 1034 ctx->max_channels = 2; 1035 } 1036 break; 1037 case Opt_uid: 1038 uid = make_kuid(current_user_ns(), result.uint_32); 1039 if (!uid_valid(uid)) 1040 goto cifs_parse_mount_err; 1041 ctx->linux_uid = uid; 1042 ctx->uid_specified = true; 1043 break; 1044 case Opt_cruid: 1045 uid = make_kuid(current_user_ns(), result.uint_32); 1046 if (!uid_valid(uid)) 1047 goto cifs_parse_mount_err; 1048 ctx->cred_uid = uid; 1049 ctx->cruid_specified = true; 1050 break; 1051 case Opt_backupuid: 1052 uid = make_kuid(current_user_ns(), result.uint_32); 1053 if (!uid_valid(uid)) 1054 goto cifs_parse_mount_err; 1055 ctx->backupuid = uid; 1056 ctx->backupuid_specified = true; 1057 break; 1058 case Opt_backupgid: 1059 gid = make_kgid(current_user_ns(), result.uint_32); 1060 if (!gid_valid(gid)) 1061 goto cifs_parse_mount_err; 1062 ctx->backupgid = gid; 1063 ctx->backupgid_specified = true; 1064 break; 1065 case Opt_gid: 1066 gid = make_kgid(current_user_ns(), result.uint_32); 1067 if (!gid_valid(gid)) 1068 goto cifs_parse_mount_err; 1069 ctx->linux_gid = gid; 1070 ctx->gid_specified = true; 1071 break; 1072 case Opt_port: 1073 ctx->port = result.uint_32; 1074 break; 1075 case Opt_file_mode: 1076 ctx->file_mode = result.uint_32; 1077 break; 1078 case Opt_dirmode: 1079 ctx->dir_mode = result.uint_32; 1080 break; 1081 case Opt_min_enc_offload: 1082 ctx->min_offload = result.uint_32; 1083 break; 1084 case Opt_blocksize: 1085 /* 1086 * inode blocksize realistically should never need to be 1087 * less than 16K or greater than 16M and default is 1MB. 1088 * Note that small inode block sizes (e.g. 64K) can lead 1089 * to very poor performance of common tools like cp and scp 1090 */ 1091 if ((result.uint_32 < CIFS_MAX_MSGSIZE) || 1092 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) { 1093 cifs_errorf(fc, "%s: Invalid blocksize\n", 1094 __func__); 1095 goto cifs_parse_mount_err; 1096 } 1097 ctx->bsize = result.uint_32; 1098 ctx->got_bsize = true; 1099 break; 1100 case Opt_rasize: 1101 /* 1102 * readahead size realistically should never need to be 1103 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M 1104 * (perhaps an exception should be considered in the 1105 * for the case of a large number of channels 1106 * when multichannel is negotiated) since that would lead 1107 * to plenty of parallel I/O in flight to the server. 1108 * Note that smaller read ahead sizes would 1109 * hurt performance of common tools like cp and scp 1110 * which often trigger sequential i/o with read ahead 1111 */ 1112 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) || 1113 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) { 1114 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n", 1115 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE); 1116 goto cifs_parse_mount_err; 1117 } 1118 ctx->rasize = result.uint_32; 1119 break; 1120 case Opt_rsize: 1121 ctx->rsize = result.uint_32; 1122 ctx->got_rsize = true; 1123 break; 1124 case Opt_wsize: 1125 ctx->wsize = result.uint_32; 1126 ctx->got_wsize = true; 1127 if (ctx->wsize % PAGE_SIZE != 0) { 1128 ctx->wsize = round_down(ctx->wsize, PAGE_SIZE); 1129 if (ctx->wsize == 0) { 1130 ctx->wsize = PAGE_SIZE; 1131 cifs_dbg(VFS, "wsize too small, reset to minimum %ld\n", PAGE_SIZE); 1132 } else { 1133 cifs_dbg(VFS, 1134 "wsize rounded down to %d to multiple of PAGE_SIZE %ld\n", 1135 ctx->wsize, PAGE_SIZE); 1136 } 1137 } 1138 break; 1139 case Opt_acregmax: 1140 ctx->acregmax = HZ * result.uint_32; 1141 if (ctx->acregmax > CIFS_MAX_ACTIMEO) { 1142 cifs_errorf(fc, "acregmax too large\n"); 1143 goto cifs_parse_mount_err; 1144 } 1145 break; 1146 case Opt_acdirmax: 1147 ctx->acdirmax = HZ * result.uint_32; 1148 if (ctx->acdirmax > CIFS_MAX_ACTIMEO) { 1149 cifs_errorf(fc, "acdirmax too large\n"); 1150 goto cifs_parse_mount_err; 1151 } 1152 break; 1153 case Opt_actimeo: 1154 if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) { 1155 cifs_errorf(fc, "timeout too large\n"); 1156 goto cifs_parse_mount_err; 1157 } 1158 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) || 1159 (ctx->acregmax != CIFS_DEF_ACTIMEO)) { 1160 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n"); 1161 break; 1162 } 1163 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32; 1164 break; 1165 case Opt_closetimeo: 1166 ctx->closetimeo = HZ * result.uint_32; 1167 if (ctx->closetimeo > SMB3_MAX_DCLOSETIMEO) { 1168 cifs_errorf(fc, "closetimeo too large\n"); 1169 goto cifs_parse_mount_err; 1170 } 1171 break; 1172 case Opt_echo_interval: 1173 ctx->echo_interval = result.uint_32; 1174 break; 1175 case Opt_snapshot: 1176 ctx->snapshot_time = result.uint_64; 1177 break; 1178 case Opt_max_credits: 1179 if (result.uint_32 < 20 || result.uint_32 > 60000) { 1180 cifs_errorf(fc, "%s: Invalid max_credits value\n", 1181 __func__); 1182 goto cifs_parse_mount_err; 1183 } 1184 ctx->max_credits = result.uint_32; 1185 break; 1186 case Opt_max_channels: 1187 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) { 1188 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n", 1189 __func__, CIFS_MAX_CHANNELS); 1190 goto cifs_parse_mount_err; 1191 } 1192 ctx->max_channels = result.uint_32; 1193 /* If more than one channel requested ... they want multichan */ 1194 if (result.uint_32 > 1) 1195 ctx->multichannel = true; 1196 break; 1197 case Opt_max_cached_dirs: 1198 if (result.uint_32 < 1) { 1199 cifs_errorf(fc, "%s: Invalid max_cached_dirs, needs to be 1 or more\n", 1200 __func__); 1201 goto cifs_parse_mount_err; 1202 } 1203 ctx->max_cached_dirs = result.uint_32; 1204 break; 1205 case Opt_handletimeout: 1206 ctx->handle_timeout = result.uint_32; 1207 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) { 1208 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n"); 1209 goto cifs_parse_mount_err; 1210 } 1211 break; 1212 case Opt_source: 1213 kfree(ctx->UNC); 1214 ctx->UNC = NULL; 1215 switch (smb3_parse_devname(param->string, ctx)) { 1216 case 0: 1217 break; 1218 case -ENOMEM: 1219 cifs_errorf(fc, "Unable to allocate memory for devname\n"); 1220 goto cifs_parse_mount_err; 1221 case -EINVAL: 1222 cifs_errorf(fc, "Malformed UNC in devname\n"); 1223 goto cifs_parse_mount_err; 1224 default: 1225 cifs_errorf(fc, "Unknown error parsing devname\n"); 1226 goto cifs_parse_mount_err; 1227 } 1228 ctx->source = smb3_fs_context_fullpath(ctx, '/'); 1229 if (IS_ERR(ctx->source)) { 1230 ctx->source = NULL; 1231 cifs_errorf(fc, "OOM when copying UNC string\n"); 1232 goto cifs_parse_mount_err; 1233 } 1234 fc->source = kstrdup(ctx->source, GFP_KERNEL); 1235 if (fc->source == NULL) { 1236 cifs_errorf(fc, "OOM when copying UNC string\n"); 1237 goto cifs_parse_mount_err; 1238 } 1239 break; 1240 case Opt_user: 1241 kfree(ctx->username); 1242 ctx->username = NULL; 1243 if (ctx->nullauth) 1244 break; 1245 if (strlen(param->string) == 0) { 1246 /* null user, ie. anonymous authentication */ 1247 ctx->nullauth = 1; 1248 break; 1249 } 1250 1251 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) > 1252 CIFS_MAX_USERNAME_LEN) { 1253 pr_warn("username too long\n"); 1254 goto cifs_parse_mount_err; 1255 } 1256 ctx->username = kstrdup(param->string, GFP_KERNEL); 1257 if (ctx->username == NULL) { 1258 cifs_errorf(fc, "OOM when copying username string\n"); 1259 goto cifs_parse_mount_err; 1260 } 1261 break; 1262 case Opt_pass: 1263 kfree_sensitive(ctx->password); 1264 ctx->password = NULL; 1265 if (strlen(param->string) == 0) 1266 break; 1267 1268 ctx->password = kstrdup(param->string, GFP_KERNEL); 1269 if (ctx->password == NULL) { 1270 cifs_errorf(fc, "OOM when copying password string\n"); 1271 goto cifs_parse_mount_err; 1272 } 1273 break; 1274 case Opt_ip: 1275 if (strlen(param->string) == 0) { 1276 ctx->got_ip = false; 1277 break; 1278 } 1279 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 1280 param->string, 1281 strlen(param->string))) { 1282 pr_err("bad ip= option (%s)\n", param->string); 1283 goto cifs_parse_mount_err; 1284 } 1285 ctx->got_ip = true; 1286 break; 1287 case Opt_domain: 1288 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN) 1289 == CIFS_MAX_DOMAINNAME_LEN) { 1290 pr_warn("domain name too long\n"); 1291 goto cifs_parse_mount_err; 1292 } 1293 1294 kfree(ctx->domainname); 1295 ctx->domainname = kstrdup(param->string, GFP_KERNEL); 1296 if (ctx->domainname == NULL) { 1297 cifs_errorf(fc, "OOM when copying domainname string\n"); 1298 goto cifs_parse_mount_err; 1299 } 1300 cifs_dbg(FYI, "Domain name set\n"); 1301 break; 1302 case Opt_srcaddr: 1303 if (!cifs_convert_address( 1304 (struct sockaddr *)&ctx->srcaddr, 1305 param->string, strlen(param->string))) { 1306 pr_warn("Could not parse srcaddr: %s\n", 1307 param->string); 1308 goto cifs_parse_mount_err; 1309 } 1310 break; 1311 case Opt_iocharset: 1312 if (strnlen(param->string, 1024) >= 65) { 1313 pr_warn("iocharset name too long\n"); 1314 goto cifs_parse_mount_err; 1315 } 1316 1317 if (strncasecmp(param->string, "default", 7) != 0) { 1318 kfree(ctx->iocharset); 1319 ctx->iocharset = kstrdup(param->string, GFP_KERNEL); 1320 if (ctx->iocharset == NULL) { 1321 cifs_errorf(fc, "OOM when copying iocharset string\n"); 1322 goto cifs_parse_mount_err; 1323 } 1324 } 1325 /* if iocharset not set then load_nls_default 1326 * is used by caller 1327 */ 1328 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset); 1329 break; 1330 case Opt_netbiosname: 1331 memset(ctx->source_rfc1001_name, 0x20, 1332 RFC1001_NAME_LEN); 1333 /* 1334 * FIXME: are there cases in which a comma can 1335 * be valid in workstation netbios name (and 1336 * need special handling)? 1337 */ 1338 for (i = 0; i < RFC1001_NAME_LEN; i++) { 1339 /* don't ucase netbiosname for user */ 1340 if (param->string[i] == 0) 1341 break; 1342 ctx->source_rfc1001_name[i] = param->string[i]; 1343 } 1344 /* The string has 16th byte zero still from 1345 * set at top of the function 1346 */ 1347 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1348 pr_warn("netbiosname longer than 15 truncated\n"); 1349 break; 1350 case Opt_servern: 1351 /* last byte, type, is 0x20 for servr type */ 1352 memset(ctx->target_rfc1001_name, 0x20, 1353 RFC1001_NAME_LEN_WITH_NULL); 1354 /* 1355 * BB are there cases in which a comma can be valid in this 1356 * workstation netbios name (and need special handling)? 1357 */ 1358 1359 /* user or mount helper must uppercase the netbios name */ 1360 for (i = 0; i < 15; i++) { 1361 if (param->string[i] == 0) 1362 break; 1363 ctx->target_rfc1001_name[i] = param->string[i]; 1364 } 1365 1366 /* The string has 16th byte zero still from set at top of function */ 1367 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1368 pr_warn("server netbiosname longer than 15 truncated\n"); 1369 break; 1370 case Opt_ver: 1371 /* version of mount userspace tools, not dialect */ 1372 /* If interface changes in mount.cifs bump to new ver */ 1373 if (strncasecmp(param->string, "1", 1) == 0) { 1374 if (strlen(param->string) > 1) { 1375 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n", 1376 param->string); 1377 goto cifs_parse_mount_err; 1378 } 1379 /* This is the default */ 1380 break; 1381 } 1382 /* For all other value, error */ 1383 pr_warn("Invalid mount helper version specified\n"); 1384 goto cifs_parse_mount_err; 1385 case Opt_vers: 1386 /* protocol version (dialect) */ 1387 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0) 1388 goto cifs_parse_mount_err; 1389 ctx->got_version = true; 1390 break; 1391 case Opt_sec: 1392 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0) 1393 goto cifs_parse_mount_err; 1394 break; 1395 case Opt_cache: 1396 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0) 1397 goto cifs_parse_mount_err; 1398 break; 1399 case Opt_witness: 1400 #ifndef CONFIG_CIFS_SWN_UPCALL 1401 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n"); 1402 goto cifs_parse_mount_err; 1403 #endif 1404 ctx->witness = true; 1405 pr_warn_once("Witness protocol support is experimental\n"); 1406 break; 1407 case Opt_rootfs: 1408 #ifndef CONFIG_CIFS_ROOT 1409 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n"); 1410 goto cifs_parse_mount_err; 1411 #endif 1412 ctx->rootfs = true; 1413 break; 1414 case Opt_posixpaths: 1415 if (result.negated) 1416 ctx->posix_paths = 0; 1417 else 1418 ctx->posix_paths = 1; 1419 break; 1420 case Opt_unix: 1421 if (result.negated) { 1422 if (ctx->linux_ext == 1) 1423 pr_warn_once("conflicting posix mount options specified\n"); 1424 ctx->linux_ext = 0; 1425 ctx->no_linux_ext = 1; 1426 } else { 1427 if (ctx->no_linux_ext == 1) 1428 pr_warn_once("conflicting posix mount options specified\n"); 1429 ctx->linux_ext = 1; 1430 ctx->no_linux_ext = 0; 1431 } 1432 break; 1433 case Opt_nocase: 1434 ctx->nocase = 1; 1435 break; 1436 case Opt_brl: 1437 if (result.negated) { 1438 /* 1439 * turn off mandatory locking in mode 1440 * if remote locking is turned off since the 1441 * local vfs will do advisory 1442 */ 1443 if (ctx->file_mode == 1444 (S_IALLUGO & ~(S_ISUID | S_IXGRP))) 1445 ctx->file_mode = S_IALLUGO; 1446 ctx->nobrl = 1; 1447 } else 1448 ctx->nobrl = 0; 1449 break; 1450 case Opt_handlecache: 1451 if (result.negated) 1452 ctx->nohandlecache = 1; 1453 else 1454 ctx->nohandlecache = 0; 1455 break; 1456 case Opt_forcemandatorylock: 1457 ctx->mand_lock = 1; 1458 break; 1459 case Opt_setuids: 1460 ctx->setuids = result.negated; 1461 break; 1462 case Opt_intr: 1463 ctx->intr = !result.negated; 1464 break; 1465 case Opt_setuidfromacl: 1466 ctx->setuidfromacl = 1; 1467 break; 1468 case Opt_strictsync: 1469 ctx->nostrictsync = result.negated; 1470 break; 1471 case Opt_serverino: 1472 ctx->server_ino = !result.negated; 1473 break; 1474 case Opt_rwpidforward: 1475 ctx->rwpidforward = 1; 1476 break; 1477 case Opt_modesid: 1478 ctx->mode_ace = 1; 1479 break; 1480 case Opt_cifsacl: 1481 ctx->cifs_acl = !result.negated; 1482 break; 1483 case Opt_acl: 1484 ctx->no_psx_acl = result.negated; 1485 break; 1486 case Opt_locallease: 1487 ctx->local_lease = 1; 1488 break; 1489 case Opt_sign: 1490 ctx->sign = true; 1491 break; 1492 case Opt_ignore_signature: 1493 ctx->sign = true; 1494 ctx->ignore_signature = true; 1495 break; 1496 case Opt_seal: 1497 /* we do not do the following in secFlags because seal 1498 * is a per tree connection (mount) not a per socket 1499 * or per-smb connection option in the protocol 1500 * vol->secFlg |= CIFSSEC_MUST_SEAL; 1501 */ 1502 ctx->seal = 1; 1503 break; 1504 case Opt_noac: 1505 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n"); 1506 break; 1507 case Opt_fsc: 1508 #ifndef CONFIG_CIFS_FSCACHE 1509 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n"); 1510 goto cifs_parse_mount_err; 1511 #endif 1512 ctx->fsc = true; 1513 break; 1514 case Opt_mfsymlinks: 1515 ctx->mfsymlinks = true; 1516 break; 1517 case Opt_multiuser: 1518 ctx->multiuser = true; 1519 break; 1520 case Opt_sloppy: 1521 ctx->sloppy = true; 1522 break; 1523 case Opt_nosharesock: 1524 ctx->nosharesock = true; 1525 break; 1526 case Opt_persistent: 1527 if (result.negated) { 1528 ctx->nopersistent = true; 1529 if (ctx->persistent) { 1530 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1531 goto cifs_parse_mount_err; 1532 } 1533 } else { 1534 ctx->persistent = true; 1535 if ((ctx->nopersistent) || (ctx->resilient)) { 1536 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1537 goto cifs_parse_mount_err; 1538 } 1539 } 1540 break; 1541 case Opt_resilient: 1542 if (result.negated) { 1543 ctx->resilient = false; /* already the default */ 1544 } else { 1545 ctx->resilient = true; 1546 if (ctx->persistent) { 1547 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1548 goto cifs_parse_mount_err; 1549 } 1550 } 1551 break; 1552 case Opt_tcp_nodelay: 1553 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */ 1554 if (result.negated) 1555 ctx->sockopt_tcp_nodelay = false; 1556 else 1557 ctx->sockopt_tcp_nodelay = true; 1558 break; 1559 case Opt_domainauto: 1560 ctx->domainauto = true; 1561 break; 1562 case Opt_rdma: 1563 ctx->rdma = true; 1564 break; 1565 } 1566 /* case Opt_ignore: - is ignored as expected ... */ 1567 1568 return 0; 1569 1570 cifs_parse_mount_err: 1571 kfree_sensitive(ctx->password); 1572 ctx->password = NULL; 1573 return -EINVAL; 1574 } 1575 1576 int smb3_init_fs_context(struct fs_context *fc) 1577 { 1578 struct smb3_fs_context *ctx; 1579 char *nodename = utsname()->nodename; 1580 int i; 1581 1582 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL); 1583 if (unlikely(!ctx)) 1584 return -ENOMEM; 1585 1586 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name)); 1587 1588 /* 1589 * does not have to be perfect mapping since field is 1590 * informational, only used for servers that do not support 1591 * port 445 and it can be overridden at mount time 1592 */ 1593 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN); 1594 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++) 1595 ctx->source_rfc1001_name[i] = toupper(nodename[i]); 1596 1597 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0; 1598 /* 1599 * null target name indicates to use *SMBSERVR default called name 1600 * if we end up sending RFC1001 session initialize 1601 */ 1602 ctx->target_rfc1001_name[0] = 0; 1603 ctx->cred_uid = current_uid(); 1604 ctx->linux_uid = current_uid(); 1605 ctx->linux_gid = current_gid(); 1606 /* By default 4MB read ahead size, 1MB block size */ 1607 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */ 1608 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */ 1609 1610 /* 1611 * default to SFM style remapping of seven reserved characters 1612 * unless user overrides it or we negotiate CIFS POSIX where 1613 * it is unnecessary. Can not simultaneously use more than one mapping 1614 * since then readdir could list files that open could not open 1615 */ 1616 ctx->remap = true; 1617 1618 /* default to only allowing write access to owner of the mount */ 1619 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR; 1620 1621 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */ 1622 /* default is always to request posix paths. */ 1623 ctx->posix_paths = 1; 1624 /* default to using server inode numbers where available */ 1625 ctx->server_ino = 1; 1626 1627 /* default is to use strict cifs caching semantics */ 1628 ctx->strict_io = true; 1629 1630 ctx->acregmax = CIFS_DEF_ACTIMEO; 1631 ctx->acdirmax = CIFS_DEF_ACTIMEO; 1632 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO; 1633 ctx->max_cached_dirs = MAX_CACHED_FIDS; 1634 /* Most clients set timeout to 0, allows server to use its default */ 1635 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */ 1636 1637 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */ 1638 ctx->ops = &smb30_operations; 1639 ctx->vals = &smbdefault_values; 1640 1641 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT; 1642 1643 /* default to no multichannel (single server connection) */ 1644 ctx->multichannel = false; 1645 ctx->max_channels = 1; 1646 1647 ctx->backupuid_specified = false; /* no backup intent for a user */ 1648 ctx->backupgid_specified = false; /* no backup intent for a group */ 1649 1650 /* 1651 * short int override_uid = -1; 1652 * short int override_gid = -1; 1653 * char *nodename = strdup(utsname()->nodename); 1654 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr; 1655 */ 1656 1657 fc->fs_private = ctx; 1658 fc->ops = &smb3_fs_context_ops; 1659 return 0; 1660 } 1661 1662 void 1663 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx) 1664 { 1665 if (ctx == NULL) 1666 return; 1667 1668 /* 1669 * Make sure this stays in sync with smb3_fs_context_dup() 1670 */ 1671 kfree(ctx->username); 1672 ctx->username = NULL; 1673 kfree_sensitive(ctx->password); 1674 ctx->password = NULL; 1675 kfree(ctx->server_hostname); 1676 ctx->server_hostname = NULL; 1677 kfree(ctx->UNC); 1678 ctx->UNC = NULL; 1679 kfree(ctx->source); 1680 ctx->source = NULL; 1681 kfree(ctx->domainname); 1682 ctx->domainname = NULL; 1683 kfree(ctx->nodename); 1684 ctx->nodename = NULL; 1685 kfree(ctx->iocharset); 1686 ctx->iocharset = NULL; 1687 kfree(ctx->prepath); 1688 ctx->prepath = NULL; 1689 kfree(ctx->leaf_fullpath); 1690 ctx->leaf_fullpath = NULL; 1691 } 1692 1693 void 1694 smb3_cleanup_fs_context(struct smb3_fs_context *ctx) 1695 { 1696 if (!ctx) 1697 return; 1698 smb3_cleanup_fs_context_contents(ctx); 1699 kfree(ctx); 1700 } 1701 1702 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb) 1703 { 1704 struct smb3_fs_context *ctx = cifs_sb->ctx; 1705 1706 if (ctx->nodfs) 1707 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS; 1708 else 1709 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS; 1710 1711 if (ctx->noperm) 1712 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM; 1713 else 1714 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM; 1715 1716 if (ctx->setuids) 1717 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID; 1718 else 1719 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID; 1720 1721 if (ctx->setuidfromacl) 1722 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL; 1723 else 1724 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL; 1725 1726 if (ctx->server_ino) 1727 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM; 1728 else 1729 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM; 1730 1731 if (ctx->remap) 1732 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR; 1733 else 1734 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR; 1735 1736 if (ctx->sfu_remap) 1737 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR; 1738 else 1739 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR; 1740 1741 if (ctx->no_xattr) 1742 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR; 1743 else 1744 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR; 1745 1746 if (ctx->sfu_emul) 1747 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL; 1748 else 1749 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL; 1750 1751 if (ctx->nobrl) 1752 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL; 1753 else 1754 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL; 1755 1756 if (ctx->nohandlecache) 1757 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE; 1758 else 1759 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE; 1760 1761 if (ctx->nostrictsync) 1762 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC; 1763 else 1764 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC; 1765 1766 if (ctx->mand_lock) 1767 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL; 1768 else 1769 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL; 1770 1771 if (ctx->rwpidforward) 1772 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD; 1773 else 1774 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD; 1775 1776 if (ctx->mode_ace) 1777 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID; 1778 else 1779 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID; 1780 1781 if (ctx->cifs_acl) 1782 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL; 1783 else 1784 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL; 1785 1786 if (ctx->backupuid_specified) 1787 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID; 1788 else 1789 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID; 1790 1791 if (ctx->backupgid_specified) 1792 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID; 1793 else 1794 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID; 1795 1796 if (ctx->override_uid) 1797 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID; 1798 else 1799 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID; 1800 1801 if (ctx->override_gid) 1802 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID; 1803 else 1804 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID; 1805 1806 if (ctx->dynperm) 1807 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM; 1808 else 1809 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM; 1810 1811 if (ctx->fsc) 1812 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE; 1813 else 1814 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE; 1815 1816 if (ctx->multiuser) 1817 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER | 1818 CIFS_MOUNT_NO_PERM); 1819 else 1820 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER; 1821 1822 1823 if (ctx->strict_io) 1824 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO; 1825 else 1826 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO; 1827 1828 if (ctx->direct_io) 1829 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO; 1830 else 1831 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO; 1832 1833 if (ctx->mfsymlinks) 1834 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS; 1835 else 1836 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS; 1837 if (ctx->mfsymlinks) { 1838 if (ctx->sfu_emul) { 1839 /* 1840 * Our SFU ("Services for Unix" emulation does not allow 1841 * creating symlinks but does allow reading existing SFU 1842 * symlinks (it does allow both creating and reading SFU 1843 * style mknod and FIFOs though). When "mfsymlinks" and 1844 * "sfu" are both enabled at the same time, it allows 1845 * reading both types of symlinks, but will only create 1846 * them with mfsymlinks format. This allows better 1847 * Apple compatibility (probably better for Samba too) 1848 * while still recognizing old Windows style symlinks. 1849 */ 1850 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n"); 1851 } 1852 } 1853 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN; 1854 1855 return; 1856 } 1857