1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2020, Microsoft Corporation. 4 * 5 * Author(s): Steve French <stfrench@microsoft.com> 6 * David Howells <dhowells@redhat.com> 7 */ 8 9 /* 10 #include <linux/module.h> 11 #include <linux/nsproxy.h> 12 #include <linux/slab.h> 13 #include <linux/magic.h> 14 #include <linux/security.h> 15 #include <net/net_namespace.h> 16 #ifdef CONFIG_CIFS_DFS_UPCALL 17 #include "dfs_cache.h" 18 #endif 19 */ 20 21 #include <linux/ctype.h> 22 #include <linux/fs_context.h> 23 #include <linux/fs_parser.h> 24 #include <linux/fs.h> 25 #include <linux/mount.h> 26 #include <linux/parser.h> 27 #include <linux/utsname.h> 28 #include "cifsfs.h" 29 #include "cifspdu.h" 30 #include "cifsglob.h" 31 #include "cifsproto.h" 32 #include "cifs_unicode.h" 33 #include "cifs_debug.h" 34 #include "cifs_fs_sb.h" 35 #include "ntlmssp.h" 36 #include "nterr.h" 37 #include "rfc1002pdu.h" 38 #include "fs_context.h" 39 40 static DEFINE_MUTEX(cifs_mount_mutex); 41 42 static const match_table_t cifs_smb_version_tokens = { 43 { Smb_1, SMB1_VERSION_STRING }, 44 { Smb_20, SMB20_VERSION_STRING}, 45 { Smb_21, SMB21_VERSION_STRING }, 46 { Smb_30, SMB30_VERSION_STRING }, 47 { Smb_302, SMB302_VERSION_STRING }, 48 { Smb_302, ALT_SMB302_VERSION_STRING }, 49 { Smb_311, SMB311_VERSION_STRING }, 50 { Smb_311, ALT_SMB311_VERSION_STRING }, 51 { Smb_3any, SMB3ANY_VERSION_STRING }, 52 { Smb_default, SMBDEFAULT_VERSION_STRING }, 53 { Smb_version_err, NULL } 54 }; 55 56 static const match_table_t cifs_secflavor_tokens = { 57 { Opt_sec_krb5, "krb5" }, 58 { Opt_sec_krb5i, "krb5i" }, 59 { Opt_sec_krb5p, "krb5p" }, 60 { Opt_sec_ntlmsspi, "ntlmsspi" }, 61 { Opt_sec_ntlmssp, "ntlmssp" }, 62 { Opt_sec_ntlmv2, "nontlm" }, 63 { Opt_sec_ntlmv2, "ntlmv2" }, 64 { Opt_sec_ntlmv2i, "ntlmv2i" }, 65 { Opt_sec_none, "none" }, 66 67 { Opt_sec_err, NULL } 68 }; 69 70 const struct fs_parameter_spec smb3_fs_parameters[] = { 71 /* Mount options that take no arguments */ 72 fsparam_flag_no("user_xattr", Opt_user_xattr), 73 fsparam_flag_no("forceuid", Opt_forceuid), 74 fsparam_flag_no("multichannel", Opt_multichannel), 75 fsparam_flag_no("forcegid", Opt_forcegid), 76 fsparam_flag("noblocksend", Opt_noblocksend), 77 fsparam_flag("noautotune", Opt_noautotune), 78 fsparam_flag("nolease", Opt_nolease), 79 fsparam_flag_no("hard", Opt_hard), 80 fsparam_flag_no("soft", Opt_soft), 81 fsparam_flag_no("perm", Opt_perm), 82 fsparam_flag("nodelete", Opt_nodelete), 83 fsparam_flag_no("mapposix", Opt_mapposix), 84 fsparam_flag("mapchars", Opt_mapchars), 85 fsparam_flag("nomapchars", Opt_nomapchars), 86 fsparam_flag_no("sfu", Opt_sfu), 87 fsparam_flag("nodfs", Opt_nodfs), 88 fsparam_flag_no("posixpaths", Opt_posixpaths), 89 fsparam_flag_no("unix", Opt_unix), 90 fsparam_flag_no("linux", Opt_unix), 91 fsparam_flag_no("posix", Opt_unix), 92 fsparam_flag("nocase", Opt_nocase), 93 fsparam_flag("ignorecase", Opt_nocase), 94 fsparam_flag_no("brl", Opt_brl), 95 fsparam_flag_no("handlecache", Opt_handlecache), 96 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock), 97 fsparam_flag("forcemand", Opt_forcemandatorylock), 98 fsparam_flag("setuidfromacl", Opt_setuidfromacl), 99 fsparam_flag("idsfromsid", Opt_setuidfromacl), 100 fsparam_flag_no("setuids", Opt_setuids), 101 fsparam_flag_no("dynperm", Opt_dynperm), 102 fsparam_flag_no("intr", Opt_intr), 103 fsparam_flag_no("strictsync", Opt_strictsync), 104 fsparam_flag_no("serverino", Opt_serverino), 105 fsparam_flag("rwpidforward", Opt_rwpidforward), 106 fsparam_flag("cifsacl", Opt_cifsacl), 107 fsparam_flag_no("acl", Opt_acl), 108 fsparam_flag("locallease", Opt_locallease), 109 fsparam_flag("sign", Opt_sign), 110 fsparam_flag("ignore_signature", Opt_ignore_signature), 111 fsparam_flag("signloosely", Opt_ignore_signature), 112 fsparam_flag("seal", Opt_seal), 113 fsparam_flag("noac", Opt_noac), 114 fsparam_flag("fsc", Opt_fsc), 115 fsparam_flag("mfsymlinks", Opt_mfsymlinks), 116 fsparam_flag("multiuser", Opt_multiuser), 117 fsparam_flag("sloppy", Opt_sloppy), 118 fsparam_flag("nosharesock", Opt_nosharesock), 119 fsparam_flag_no("persistenthandles", Opt_persistent), 120 fsparam_flag_no("resilienthandles", Opt_resilient), 121 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay), 122 fsparam_flag("nosparse", Opt_nosparse), 123 fsparam_flag("domainauto", Opt_domainauto), 124 fsparam_flag("rdma", Opt_rdma), 125 fsparam_flag("modesid", Opt_modesid), 126 fsparam_flag("modefromsid", Opt_modesid), 127 fsparam_flag("rootfs", Opt_rootfs), 128 fsparam_flag("compress", Opt_compress), 129 fsparam_flag("witness", Opt_witness), 130 131 /* Mount options which take numeric value */ 132 fsparam_u32("backupuid", Opt_backupuid), 133 fsparam_u32("backupgid", Opt_backupgid), 134 fsparam_u32("uid", Opt_uid), 135 fsparam_u32("cruid", Opt_cruid), 136 fsparam_u32("gid", Opt_gid), 137 fsparam_u32("file_mode", Opt_file_mode), 138 fsparam_u32("dirmode", Opt_dirmode), 139 fsparam_u32("dir_mode", Opt_dirmode), 140 fsparam_u32("port", Opt_port), 141 fsparam_u32("min_enc_offload", Opt_min_enc_offload), 142 fsparam_u32("esize", Opt_min_enc_offload), 143 fsparam_u32("bsize", Opt_blocksize), 144 fsparam_u32("rasize", Opt_rasize), 145 fsparam_u32("rsize", Opt_rsize), 146 fsparam_u32("wsize", Opt_wsize), 147 fsparam_u32("actimeo", Opt_actimeo), 148 fsparam_u32("acdirmax", Opt_acdirmax), 149 fsparam_u32("acregmax", Opt_acregmax), 150 fsparam_u32("closetimeo", Opt_closetimeo), 151 fsparam_u32("echo_interval", Opt_echo_interval), 152 fsparam_u32("max_credits", Opt_max_credits), 153 fsparam_u32("handletimeout", Opt_handletimeout), 154 fsparam_u64("snapshot", Opt_snapshot), 155 fsparam_u32("max_channels", Opt_max_channels), 156 157 /* Mount options which take string value */ 158 fsparam_string("source", Opt_source), 159 fsparam_string("user", Opt_user), 160 fsparam_string("username", Opt_user), 161 fsparam_string("pass", Opt_pass), 162 fsparam_string("password", Opt_pass), 163 fsparam_string("ip", Opt_ip), 164 fsparam_string("addr", Opt_ip), 165 fsparam_string("domain", Opt_domain), 166 fsparam_string("dom", Opt_domain), 167 fsparam_string("srcaddr", Opt_srcaddr), 168 fsparam_string("iocharset", Opt_iocharset), 169 fsparam_string("netbiosname", Opt_netbiosname), 170 fsparam_string("servern", Opt_servern), 171 fsparam_string("ver", Opt_ver), 172 fsparam_string("vers", Opt_vers), 173 fsparam_string("sec", Opt_sec), 174 fsparam_string("cache", Opt_cache), 175 176 /* Arguments that should be ignored */ 177 fsparam_flag("guest", Opt_ignore), 178 fsparam_flag("noatime", Opt_ignore), 179 fsparam_flag("relatime", Opt_ignore), 180 fsparam_flag("_netdev", Opt_ignore), 181 fsparam_flag_no("suid", Opt_ignore), 182 fsparam_flag_no("exec", Opt_ignore), 183 fsparam_flag_no("dev", Opt_ignore), 184 fsparam_flag_no("mand", Opt_ignore), 185 fsparam_flag_no("auto", Opt_ignore), 186 fsparam_string("cred", Opt_ignore), 187 fsparam_string("credentials", Opt_ignore), 188 /* 189 * UNC and prefixpath is now extracted from Opt_source 190 * in the new mount API so we can just ignore them going forward. 191 */ 192 fsparam_string("unc", Opt_ignore), 193 fsparam_string("prefixpath", Opt_ignore), 194 {} 195 }; 196 197 static int 198 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 199 { 200 201 substring_t args[MAX_OPT_ARGS]; 202 203 /* 204 * With mount options, the last one should win. Reset any existing 205 * settings back to default. 206 */ 207 ctx->sectype = Unspecified; 208 ctx->sign = false; 209 210 switch (match_token(value, cifs_secflavor_tokens, args)) { 211 case Opt_sec_krb5p: 212 cifs_errorf(fc, "sec=krb5p is not supported!\n"); 213 return 1; 214 case Opt_sec_krb5i: 215 ctx->sign = true; 216 fallthrough; 217 case Opt_sec_krb5: 218 ctx->sectype = Kerberos; 219 break; 220 case Opt_sec_ntlmsspi: 221 ctx->sign = true; 222 fallthrough; 223 case Opt_sec_ntlmssp: 224 ctx->sectype = RawNTLMSSP; 225 break; 226 case Opt_sec_ntlmv2i: 227 ctx->sign = true; 228 fallthrough; 229 case Opt_sec_ntlmv2: 230 ctx->sectype = NTLMv2; 231 break; 232 case Opt_sec_none: 233 ctx->nullauth = 1; 234 break; 235 default: 236 cifs_errorf(fc, "bad security option: %s\n", value); 237 return 1; 238 } 239 240 return 0; 241 } 242 243 static const match_table_t cifs_cacheflavor_tokens = { 244 { Opt_cache_loose, "loose" }, 245 { Opt_cache_strict, "strict" }, 246 { Opt_cache_none, "none" }, 247 { Opt_cache_ro, "ro" }, 248 { Opt_cache_rw, "singleclient" }, 249 { Opt_cache_err, NULL } 250 }; 251 252 static int 253 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 254 { 255 substring_t args[MAX_OPT_ARGS]; 256 257 switch (match_token(value, cifs_cacheflavor_tokens, args)) { 258 case Opt_cache_loose: 259 ctx->direct_io = false; 260 ctx->strict_io = false; 261 ctx->cache_ro = false; 262 ctx->cache_rw = false; 263 break; 264 case Opt_cache_strict: 265 ctx->direct_io = false; 266 ctx->strict_io = true; 267 ctx->cache_ro = false; 268 ctx->cache_rw = false; 269 break; 270 case Opt_cache_none: 271 ctx->direct_io = true; 272 ctx->strict_io = false; 273 ctx->cache_ro = false; 274 ctx->cache_rw = false; 275 break; 276 case Opt_cache_ro: 277 ctx->direct_io = false; 278 ctx->strict_io = false; 279 ctx->cache_ro = true; 280 ctx->cache_rw = false; 281 break; 282 case Opt_cache_rw: 283 ctx->direct_io = false; 284 ctx->strict_io = false; 285 ctx->cache_ro = false; 286 ctx->cache_rw = true; 287 break; 288 default: 289 cifs_errorf(fc, "bad cache= option: %s\n", value); 290 return 1; 291 } 292 return 0; 293 } 294 295 #define DUP_CTX_STR(field) \ 296 do { \ 297 if (ctx->field) { \ 298 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \ 299 if (new_ctx->field == NULL) { \ 300 smb3_cleanup_fs_context_contents(new_ctx); \ 301 return -ENOMEM; \ 302 } \ 303 } \ 304 } while (0) 305 306 int 307 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx) 308 { 309 memcpy(new_ctx, ctx, sizeof(*ctx)); 310 new_ctx->prepath = NULL; 311 new_ctx->nodename = NULL; 312 new_ctx->username = NULL; 313 new_ctx->password = NULL; 314 new_ctx->server_hostname = NULL; 315 new_ctx->domainname = NULL; 316 new_ctx->UNC = NULL; 317 new_ctx->source = NULL; 318 new_ctx->iocharset = NULL; 319 new_ctx->leaf_fullpath = NULL; 320 /* 321 * Make sure to stay in sync with smb3_cleanup_fs_context_contents() 322 */ 323 DUP_CTX_STR(prepath); 324 DUP_CTX_STR(username); 325 DUP_CTX_STR(password); 326 DUP_CTX_STR(server_hostname); 327 DUP_CTX_STR(UNC); 328 DUP_CTX_STR(source); 329 DUP_CTX_STR(domainname); 330 DUP_CTX_STR(nodename); 331 DUP_CTX_STR(iocharset); 332 DUP_CTX_STR(leaf_fullpath); 333 334 return 0; 335 } 336 337 static int 338 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3) 339 { 340 substring_t args[MAX_OPT_ARGS]; 341 342 switch (match_token(value, cifs_smb_version_tokens, args)) { 343 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY 344 case Smb_1: 345 if (disable_legacy_dialects) { 346 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 347 return 1; 348 } 349 if (is_smb3) { 350 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n"); 351 return 1; 352 } 353 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n"); 354 ctx->ops = &smb1_operations; 355 ctx->vals = &smb1_values; 356 break; 357 case Smb_20: 358 if (disable_legacy_dialects) { 359 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 360 return 1; 361 } 362 if (is_smb3) { 363 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n"); 364 return 1; 365 } 366 ctx->ops = &smb20_operations; 367 ctx->vals = &smb20_values; 368 break; 369 #else 370 case Smb_1: 371 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n"); 372 return 1; 373 case Smb_20: 374 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n"); 375 return 1; 376 #endif /* CIFS_ALLOW_INSECURE_LEGACY */ 377 case Smb_21: 378 ctx->ops = &smb21_operations; 379 ctx->vals = &smb21_values; 380 break; 381 case Smb_30: 382 ctx->ops = &smb30_operations; 383 ctx->vals = &smb30_values; 384 break; 385 case Smb_302: 386 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 387 ctx->vals = &smb302_values; 388 break; 389 case Smb_311: 390 ctx->ops = &smb311_operations; 391 ctx->vals = &smb311_values; 392 break; 393 case Smb_3any: 394 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 395 ctx->vals = &smb3any_values; 396 break; 397 case Smb_default: 398 ctx->ops = &smb30_operations; 399 ctx->vals = &smbdefault_values; 400 break; 401 default: 402 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value); 403 return 1; 404 } 405 return 0; 406 } 407 408 int smb3_parse_opt(const char *options, const char *key, char **val) 409 { 410 int rc = -ENOENT; 411 char *opts, *orig, *p; 412 413 orig = opts = kstrdup(options, GFP_KERNEL); 414 if (!opts) 415 return -ENOMEM; 416 417 while ((p = strsep(&opts, ","))) { 418 char *nval; 419 420 if (!*p) 421 continue; 422 if (strncasecmp(p, key, strlen(key))) 423 continue; 424 nval = strchr(p, '='); 425 if (nval) { 426 if (nval == p) 427 continue; 428 *nval++ = 0; 429 *val = kstrdup(nval, GFP_KERNEL); 430 rc = !*val ? -ENOMEM : 0; 431 goto out; 432 } 433 } 434 out: 435 kfree(orig); 436 return rc; 437 } 438 439 /* 440 * Remove duplicate path delimiters. Windows is supposed to do that 441 * but there are some bugs that prevent rename from working if there are 442 * multiple delimiters. 443 * 444 * Returns a sanitized duplicate of @path. @gfp indicates the GFP_* flags 445 * for kstrdup. 446 * The caller is responsible for freeing the original. 447 */ 448 #define IS_DELIM(c) ((c) == '/' || (c) == '\\') 449 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp) 450 { 451 char *cursor1 = prepath, *cursor2 = prepath; 452 453 /* skip all prepended delimiters */ 454 while (IS_DELIM(*cursor1)) 455 cursor1++; 456 457 /* copy the first letter */ 458 *cursor2 = *cursor1; 459 460 /* copy the remainder... */ 461 while (*(cursor1++)) { 462 /* ... skipping all duplicated delimiters */ 463 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2)) 464 continue; 465 *(++cursor2) = *cursor1; 466 } 467 468 /* if the last character is a delimiter, skip it */ 469 if (IS_DELIM(*(cursor2 - 1))) 470 cursor2--; 471 472 *(cursor2) = '\0'; 473 return kstrdup(prepath, gfp); 474 } 475 476 /* 477 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath 478 * fields with the result. Returns 0 on success and an error otherwise 479 * (e.g. ENOMEM or EINVAL) 480 */ 481 int 482 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx) 483 { 484 char *pos; 485 const char *delims = "/\\"; 486 size_t len; 487 488 if (unlikely(!devname || !*devname)) { 489 cifs_dbg(VFS, "Device name not specified\n"); 490 return -EINVAL; 491 } 492 493 /* make sure we have a valid UNC double delimiter prefix */ 494 len = strspn(devname, delims); 495 if (len != 2) 496 return -EINVAL; 497 498 /* find delimiter between host and sharename */ 499 pos = strpbrk(devname + 2, delims); 500 if (!pos) 501 return -EINVAL; 502 503 /* record the server hostname */ 504 kfree(ctx->server_hostname); 505 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL); 506 if (!ctx->server_hostname) 507 return -ENOMEM; 508 509 /* skip past delimiter */ 510 ++pos; 511 512 /* now go until next delimiter or end of string */ 513 len = strcspn(pos, delims); 514 515 /* move "pos" up to delimiter or NULL */ 516 pos += len; 517 kfree(ctx->UNC); 518 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL); 519 if (!ctx->UNC) 520 return -ENOMEM; 521 522 convert_delimiter(ctx->UNC, '\\'); 523 524 /* skip any delimiter */ 525 if (*pos == '/' || *pos == '\\') 526 pos++; 527 528 kfree(ctx->prepath); 529 ctx->prepath = NULL; 530 531 /* If pos is NULL then no prepath */ 532 if (!*pos) 533 return 0; 534 535 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL); 536 if (!ctx->prepath) 537 return -ENOMEM; 538 539 return 0; 540 } 541 542 static void smb3_fs_context_free(struct fs_context *fc); 543 static int smb3_fs_context_parse_param(struct fs_context *fc, 544 struct fs_parameter *param); 545 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 546 void *data); 547 static int smb3_get_tree(struct fs_context *fc); 548 static int smb3_reconfigure(struct fs_context *fc); 549 550 static const struct fs_context_operations smb3_fs_context_ops = { 551 .free = smb3_fs_context_free, 552 .parse_param = smb3_fs_context_parse_param, 553 .parse_monolithic = smb3_fs_context_parse_monolithic, 554 .get_tree = smb3_get_tree, 555 .reconfigure = smb3_reconfigure, 556 }; 557 558 /* 559 * Parse a monolithic block of data from sys_mount(). 560 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data 561 * @ctx: The superblock configuration to fill in. 562 * @data: The data to parse 563 * 564 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be 565 * called from the ->monolithic_mount_data() fs_context operation. 566 * 567 * Returns 0 on success or the error returned by the ->parse_option() fs_context 568 * operation on failure. 569 */ 570 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 571 void *data) 572 { 573 char *options = data, *key; 574 int ret = 0; 575 576 if (!options) 577 return 0; 578 579 ret = security_sb_eat_lsm_opts(options, &fc->security); 580 if (ret) 581 return ret; 582 583 /* BB Need to add support for sep= here TBD */ 584 while ((key = strsep(&options, ",")) != NULL) { 585 size_t len; 586 char *value; 587 588 if (*key == 0) 589 break; 590 591 /* Check if following character is the deliminator If yes, 592 * we have encountered a double deliminator reset the NULL 593 * character to the deliminator 594 */ 595 while (options && options[0] == ',') { 596 len = strlen(key); 597 strcpy(key + len, options); 598 options = strchr(options, ','); 599 if (options) 600 *options++ = 0; 601 } 602 603 604 len = 0; 605 value = strchr(key, '='); 606 if (value) { 607 if (value == key) 608 continue; 609 *value++ = 0; 610 len = strlen(value); 611 } 612 613 ret = vfs_parse_fs_string(fc, key, value, len); 614 if (ret < 0) 615 break; 616 } 617 618 return ret; 619 } 620 621 /* 622 * Validate the preparsed information in the config. 623 */ 624 static int smb3_fs_context_validate(struct fs_context *fc) 625 { 626 struct smb3_fs_context *ctx = smb3_fc2context(fc); 627 628 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) { 629 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n"); 630 return -EOPNOTSUPP; 631 } 632 633 #ifndef CONFIG_KEYS 634 /* Muliuser mounts require CONFIG_KEYS support */ 635 if (ctx->multiuser) { 636 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n"); 637 return -1; 638 } 639 #endif 640 641 if (ctx->got_version == false) 642 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n"); 643 644 645 if (!ctx->UNC) { 646 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n"); 647 return -1; 648 } 649 650 /* make sure UNC has a share name */ 651 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) { 652 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n"); 653 return -ENOENT; 654 } 655 656 if (!ctx->got_ip) { 657 int len; 658 const char *slash; 659 660 /* No ip= option specified? Try to get it from UNC */ 661 /* Use the address part of the UNC. */ 662 slash = strchr(&ctx->UNC[2], '\\'); 663 len = slash - &ctx->UNC[2]; 664 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 665 &ctx->UNC[2], len)) { 666 pr_err("Unable to determine destination address\n"); 667 return -EHOSTUNREACH; 668 } 669 } 670 671 /* set the port that we got earlier */ 672 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port); 673 674 if (ctx->override_uid && !ctx->uid_specified) { 675 ctx->override_uid = 0; 676 pr_notice("ignoring forceuid mount option specified with no uid= option\n"); 677 } 678 679 if (ctx->override_gid && !ctx->gid_specified) { 680 ctx->override_gid = 0; 681 pr_notice("ignoring forcegid mount option specified with no gid= option\n"); 682 } 683 684 return 0; 685 } 686 687 static int smb3_get_tree_common(struct fs_context *fc) 688 { 689 struct smb3_fs_context *ctx = smb3_fc2context(fc); 690 struct dentry *root; 691 int rc = 0; 692 693 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx); 694 if (IS_ERR(root)) 695 return PTR_ERR(root); 696 697 fc->root = root; 698 699 return rc; 700 } 701 702 /* 703 * Create an SMB3 superblock from the parameters passed. 704 */ 705 static int smb3_get_tree(struct fs_context *fc) 706 { 707 int err = smb3_fs_context_validate(fc); 708 int ret; 709 710 if (err) 711 return err; 712 mutex_lock(&cifs_mount_mutex); 713 ret = smb3_get_tree_common(fc); 714 mutex_unlock(&cifs_mount_mutex); 715 return ret; 716 } 717 718 static void smb3_fs_context_free(struct fs_context *fc) 719 { 720 struct smb3_fs_context *ctx = smb3_fc2context(fc); 721 722 smb3_cleanup_fs_context(ctx); 723 } 724 725 /* 726 * Compare the old and new proposed context during reconfigure 727 * and check if the changes are compatible. 728 */ 729 static int smb3_verify_reconfigure_ctx(struct fs_context *fc, 730 struct smb3_fs_context *new_ctx, 731 struct smb3_fs_context *old_ctx) 732 { 733 if (new_ctx->posix_paths != old_ctx->posix_paths) { 734 cifs_errorf(fc, "can not change posixpaths during remount\n"); 735 return -EINVAL; 736 } 737 if (new_ctx->sectype != old_ctx->sectype) { 738 cifs_errorf(fc, "can not change sec during remount\n"); 739 return -EINVAL; 740 } 741 if (new_ctx->multiuser != old_ctx->multiuser) { 742 cifs_errorf(fc, "can not change multiuser during remount\n"); 743 return -EINVAL; 744 } 745 if (new_ctx->UNC && 746 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) { 747 cifs_errorf(fc, "can not change UNC during remount\n"); 748 return -EINVAL; 749 } 750 if (new_ctx->username && 751 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) { 752 cifs_errorf(fc, "can not change username during remount\n"); 753 return -EINVAL; 754 } 755 if (new_ctx->password && 756 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) { 757 cifs_errorf(fc, "can not change password during remount\n"); 758 return -EINVAL; 759 } 760 if (new_ctx->domainname && 761 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) { 762 cifs_errorf(fc, "can not change domainname during remount\n"); 763 return -EINVAL; 764 } 765 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) { 766 cifs_errorf(fc, "can not change workstation_name during remount\n"); 767 return -EINVAL; 768 } 769 if (new_ctx->nodename && 770 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) { 771 cifs_errorf(fc, "can not change nodename during remount\n"); 772 return -EINVAL; 773 } 774 if (new_ctx->iocharset && 775 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) { 776 cifs_errorf(fc, "can not change iocharset during remount\n"); 777 return -EINVAL; 778 } 779 780 return 0; 781 } 782 783 #define STEAL_STRING(cifs_sb, ctx, field) \ 784 do { \ 785 kfree(ctx->field); \ 786 ctx->field = cifs_sb->ctx->field; \ 787 cifs_sb->ctx->field = NULL; \ 788 } while (0) 789 790 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \ 791 do { \ 792 kfree_sensitive(ctx->field); \ 793 ctx->field = cifs_sb->ctx->field; \ 794 cifs_sb->ctx->field = NULL; \ 795 } while (0) 796 797 static int smb3_reconfigure(struct fs_context *fc) 798 { 799 struct smb3_fs_context *ctx = smb3_fc2context(fc); 800 struct dentry *root = fc->root; 801 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb); 802 int rc; 803 804 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx); 805 if (rc) 806 return rc; 807 808 /* 809 * We can not change UNC/username/password/domainname/ 810 * workstation_name/nodename/iocharset 811 * during reconnect so ignore what we have in the new context and 812 * just use what we already have in cifs_sb->ctx. 813 */ 814 STEAL_STRING(cifs_sb, ctx, UNC); 815 STEAL_STRING(cifs_sb, ctx, source); 816 STEAL_STRING(cifs_sb, ctx, username); 817 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password); 818 STEAL_STRING(cifs_sb, ctx, domainname); 819 STEAL_STRING(cifs_sb, ctx, nodename); 820 STEAL_STRING(cifs_sb, ctx, iocharset); 821 822 /* if rsize or wsize not passed in on remount, use previous values */ 823 if (ctx->rsize == 0) 824 ctx->rsize = cifs_sb->ctx->rsize; 825 if (ctx->wsize == 0) 826 ctx->wsize = cifs_sb->ctx->wsize; 827 828 829 smb3_cleanup_fs_context_contents(cifs_sb->ctx); 830 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx); 831 smb3_update_mnt_flags(cifs_sb); 832 #ifdef CONFIG_CIFS_DFS_UPCALL 833 if (!rc) 834 rc = dfs_cache_remount_fs(cifs_sb); 835 #endif 836 837 return rc; 838 } 839 840 static int smb3_fs_context_parse_param(struct fs_context *fc, 841 struct fs_parameter *param) 842 { 843 struct fs_parse_result result; 844 struct smb3_fs_context *ctx = smb3_fc2context(fc); 845 int i, opt; 846 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3"); 847 bool skip_parsing = false; 848 kuid_t uid; 849 kgid_t gid; 850 851 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key); 852 853 /* 854 * fs_parse can not handle string options with an empty value so 855 * we will need special handling of them. 856 */ 857 if (param->type == fs_value_is_string && param->string[0] == 0) { 858 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) { 859 skip_parsing = true; 860 opt = Opt_pass; 861 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) { 862 skip_parsing = true; 863 opt = Opt_user; 864 } 865 } 866 867 if (!skip_parsing) { 868 opt = fs_parse(fc, smb3_fs_parameters, param, &result); 869 if (opt < 0) 870 return ctx->sloppy ? 1 : opt; 871 } 872 873 switch (opt) { 874 case Opt_compress: 875 ctx->compression = UNKNOWN_TYPE; 876 cifs_dbg(VFS, 877 "SMB3 compression support is experimental\n"); 878 break; 879 case Opt_nodfs: 880 ctx->nodfs = 1; 881 break; 882 case Opt_hard: 883 if (result.negated) { 884 if (ctx->retry == 1) 885 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n"); 886 ctx->retry = 0; 887 } else 888 ctx->retry = 1; 889 break; 890 case Opt_soft: 891 if (result.negated) 892 ctx->retry = 1; 893 else { 894 if (ctx->retry == 1) 895 cifs_dbg(VFS, "conflicting hard vs soft mount options\n"); 896 ctx->retry = 0; 897 } 898 break; 899 case Opt_mapposix: 900 if (result.negated) 901 ctx->remap = false; 902 else { 903 ctx->remap = true; 904 ctx->sfu_remap = false; /* disable SFU mapping */ 905 } 906 break; 907 case Opt_mapchars: 908 if (result.negated) 909 ctx->sfu_remap = false; 910 else { 911 ctx->sfu_remap = true; 912 ctx->remap = false; /* disable SFM (mapposix) mapping */ 913 } 914 break; 915 case Opt_user_xattr: 916 if (result.negated) 917 ctx->no_xattr = 1; 918 else 919 ctx->no_xattr = 0; 920 break; 921 case Opt_forceuid: 922 if (result.negated) 923 ctx->override_uid = 0; 924 else 925 ctx->override_uid = 1; 926 break; 927 case Opt_forcegid: 928 if (result.negated) 929 ctx->override_gid = 0; 930 else 931 ctx->override_gid = 1; 932 break; 933 case Opt_perm: 934 if (result.negated) 935 ctx->noperm = 1; 936 else 937 ctx->noperm = 0; 938 break; 939 case Opt_dynperm: 940 if (result.negated) 941 ctx->dynperm = 0; 942 else 943 ctx->dynperm = 1; 944 break; 945 case Opt_sfu: 946 if (result.negated) 947 ctx->sfu_emul = 0; 948 else 949 ctx->sfu_emul = 1; 950 break; 951 case Opt_noblocksend: 952 ctx->noblocksnd = 1; 953 break; 954 case Opt_noautotune: 955 ctx->noautotune = 1; 956 break; 957 case Opt_nolease: 958 ctx->no_lease = 1; 959 break; 960 case Opt_nosparse: 961 ctx->no_sparse = 1; 962 break; 963 case Opt_nodelete: 964 ctx->nodelete = 1; 965 break; 966 case Opt_multichannel: 967 if (result.negated) { 968 ctx->multichannel = false; 969 ctx->max_channels = 1; 970 } else { 971 ctx->multichannel = true; 972 /* if number of channels not specified, default to 2 */ 973 if (ctx->max_channels < 2) 974 ctx->max_channels = 2; 975 } 976 break; 977 case Opt_uid: 978 uid = make_kuid(current_user_ns(), result.uint_32); 979 if (!uid_valid(uid)) 980 goto cifs_parse_mount_err; 981 ctx->linux_uid = uid; 982 ctx->uid_specified = true; 983 break; 984 case Opt_cruid: 985 uid = make_kuid(current_user_ns(), result.uint_32); 986 if (!uid_valid(uid)) 987 goto cifs_parse_mount_err; 988 ctx->cred_uid = uid; 989 ctx->cruid_specified = true; 990 break; 991 case Opt_backupuid: 992 uid = make_kuid(current_user_ns(), result.uint_32); 993 if (!uid_valid(uid)) 994 goto cifs_parse_mount_err; 995 ctx->backupuid = uid; 996 ctx->backupuid_specified = true; 997 break; 998 case Opt_backupgid: 999 gid = make_kgid(current_user_ns(), result.uint_32); 1000 if (!gid_valid(gid)) 1001 goto cifs_parse_mount_err; 1002 ctx->backupgid = gid; 1003 ctx->backupgid_specified = true; 1004 break; 1005 case Opt_gid: 1006 gid = make_kgid(current_user_ns(), result.uint_32); 1007 if (!gid_valid(gid)) 1008 goto cifs_parse_mount_err; 1009 ctx->linux_gid = gid; 1010 ctx->gid_specified = true; 1011 break; 1012 case Opt_port: 1013 ctx->port = result.uint_32; 1014 break; 1015 case Opt_file_mode: 1016 ctx->file_mode = result.uint_32; 1017 break; 1018 case Opt_dirmode: 1019 ctx->dir_mode = result.uint_32; 1020 break; 1021 case Opt_min_enc_offload: 1022 ctx->min_offload = result.uint_32; 1023 break; 1024 case Opt_blocksize: 1025 /* 1026 * inode blocksize realistically should never need to be 1027 * less than 16K or greater than 16M and default is 1MB. 1028 * Note that small inode block sizes (e.g. 64K) can lead 1029 * to very poor performance of common tools like cp and scp 1030 */ 1031 if ((result.uint_32 < CIFS_MAX_MSGSIZE) || 1032 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) { 1033 cifs_errorf(fc, "%s: Invalid blocksize\n", 1034 __func__); 1035 goto cifs_parse_mount_err; 1036 } 1037 ctx->bsize = result.uint_32; 1038 ctx->got_bsize = true; 1039 break; 1040 case Opt_rasize: 1041 /* 1042 * readahead size realistically should never need to be 1043 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M 1044 * (perhaps an exception should be considered in the 1045 * for the case of a large number of channels 1046 * when multichannel is negotiated) since that would lead 1047 * to plenty of parallel I/O in flight to the server. 1048 * Note that smaller read ahead sizes would 1049 * hurt performance of common tools like cp and scp 1050 * which often trigger sequential i/o with read ahead 1051 */ 1052 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) || 1053 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) { 1054 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n", 1055 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE); 1056 goto cifs_parse_mount_err; 1057 } 1058 ctx->rasize = result.uint_32; 1059 break; 1060 case Opt_rsize: 1061 ctx->rsize = result.uint_32; 1062 ctx->got_rsize = true; 1063 break; 1064 case Opt_wsize: 1065 ctx->wsize = result.uint_32; 1066 ctx->got_wsize = true; 1067 break; 1068 case Opt_acregmax: 1069 ctx->acregmax = HZ * result.uint_32; 1070 if (ctx->acregmax > CIFS_MAX_ACTIMEO) { 1071 cifs_errorf(fc, "acregmax too large\n"); 1072 goto cifs_parse_mount_err; 1073 } 1074 break; 1075 case Opt_acdirmax: 1076 ctx->acdirmax = HZ * result.uint_32; 1077 if (ctx->acdirmax > CIFS_MAX_ACTIMEO) { 1078 cifs_errorf(fc, "acdirmax too large\n"); 1079 goto cifs_parse_mount_err; 1080 } 1081 break; 1082 case Opt_actimeo: 1083 if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) { 1084 cifs_errorf(fc, "timeout too large\n"); 1085 goto cifs_parse_mount_err; 1086 } 1087 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) || 1088 (ctx->acregmax != CIFS_DEF_ACTIMEO)) { 1089 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n"); 1090 break; 1091 } 1092 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32; 1093 break; 1094 case Opt_closetimeo: 1095 ctx->closetimeo = HZ * result.uint_32; 1096 if (ctx->closetimeo > SMB3_MAX_DCLOSETIMEO) { 1097 cifs_errorf(fc, "closetimeo too large\n"); 1098 goto cifs_parse_mount_err; 1099 } 1100 break; 1101 case Opt_echo_interval: 1102 ctx->echo_interval = result.uint_32; 1103 break; 1104 case Opt_snapshot: 1105 ctx->snapshot_time = result.uint_64; 1106 break; 1107 case Opt_max_credits: 1108 if (result.uint_32 < 20 || result.uint_32 > 60000) { 1109 cifs_errorf(fc, "%s: Invalid max_credits value\n", 1110 __func__); 1111 goto cifs_parse_mount_err; 1112 } 1113 ctx->max_credits = result.uint_32; 1114 break; 1115 case Opt_max_channels: 1116 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) { 1117 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n", 1118 __func__, CIFS_MAX_CHANNELS); 1119 goto cifs_parse_mount_err; 1120 } 1121 ctx->max_channels = result.uint_32; 1122 /* If more than one channel requested ... they want multichan */ 1123 if (result.uint_32 > 1) 1124 ctx->multichannel = true; 1125 break; 1126 case Opt_handletimeout: 1127 ctx->handle_timeout = result.uint_32; 1128 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) { 1129 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n"); 1130 goto cifs_parse_mount_err; 1131 } 1132 break; 1133 case Opt_source: 1134 kfree(ctx->UNC); 1135 ctx->UNC = NULL; 1136 switch (smb3_parse_devname(param->string, ctx)) { 1137 case 0: 1138 break; 1139 case -ENOMEM: 1140 cifs_errorf(fc, "Unable to allocate memory for devname\n"); 1141 goto cifs_parse_mount_err; 1142 case -EINVAL: 1143 cifs_errorf(fc, "Malformed UNC in devname\n"); 1144 goto cifs_parse_mount_err; 1145 default: 1146 cifs_errorf(fc, "Unknown error parsing devname\n"); 1147 goto cifs_parse_mount_err; 1148 } 1149 ctx->source = kstrdup(param->string, GFP_KERNEL); 1150 if (ctx->source == NULL) { 1151 cifs_errorf(fc, "OOM when copying UNC string\n"); 1152 goto cifs_parse_mount_err; 1153 } 1154 fc->source = kstrdup(param->string, GFP_KERNEL); 1155 if (fc->source == NULL) { 1156 cifs_errorf(fc, "OOM when copying UNC string\n"); 1157 goto cifs_parse_mount_err; 1158 } 1159 break; 1160 case Opt_user: 1161 kfree(ctx->username); 1162 ctx->username = NULL; 1163 if (strlen(param->string) == 0) { 1164 /* null user, ie. anonymous authentication */ 1165 ctx->nullauth = 1; 1166 break; 1167 } 1168 1169 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) > 1170 CIFS_MAX_USERNAME_LEN) { 1171 pr_warn("username too long\n"); 1172 goto cifs_parse_mount_err; 1173 } 1174 ctx->username = kstrdup(param->string, GFP_KERNEL); 1175 if (ctx->username == NULL) { 1176 cifs_errorf(fc, "OOM when copying username string\n"); 1177 goto cifs_parse_mount_err; 1178 } 1179 break; 1180 case Opt_pass: 1181 kfree_sensitive(ctx->password); 1182 ctx->password = NULL; 1183 if (strlen(param->string) == 0) 1184 break; 1185 1186 ctx->password = kstrdup(param->string, GFP_KERNEL); 1187 if (ctx->password == NULL) { 1188 cifs_errorf(fc, "OOM when copying password string\n"); 1189 goto cifs_parse_mount_err; 1190 } 1191 break; 1192 case Opt_ip: 1193 if (strlen(param->string) == 0) { 1194 ctx->got_ip = false; 1195 break; 1196 } 1197 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 1198 param->string, 1199 strlen(param->string))) { 1200 pr_err("bad ip= option (%s)\n", param->string); 1201 goto cifs_parse_mount_err; 1202 } 1203 ctx->got_ip = true; 1204 break; 1205 case Opt_domain: 1206 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN) 1207 == CIFS_MAX_DOMAINNAME_LEN) { 1208 pr_warn("domain name too long\n"); 1209 goto cifs_parse_mount_err; 1210 } 1211 1212 kfree(ctx->domainname); 1213 ctx->domainname = kstrdup(param->string, GFP_KERNEL); 1214 if (ctx->domainname == NULL) { 1215 cifs_errorf(fc, "OOM when copying domainname string\n"); 1216 goto cifs_parse_mount_err; 1217 } 1218 cifs_dbg(FYI, "Domain name set\n"); 1219 break; 1220 case Opt_srcaddr: 1221 if (!cifs_convert_address( 1222 (struct sockaddr *)&ctx->srcaddr, 1223 param->string, strlen(param->string))) { 1224 pr_warn("Could not parse srcaddr: %s\n", 1225 param->string); 1226 goto cifs_parse_mount_err; 1227 } 1228 break; 1229 case Opt_iocharset: 1230 if (strnlen(param->string, 1024) >= 65) { 1231 pr_warn("iocharset name too long\n"); 1232 goto cifs_parse_mount_err; 1233 } 1234 1235 if (strncasecmp(param->string, "default", 7) != 0) { 1236 kfree(ctx->iocharset); 1237 ctx->iocharset = kstrdup(param->string, GFP_KERNEL); 1238 if (ctx->iocharset == NULL) { 1239 cifs_errorf(fc, "OOM when copying iocharset string\n"); 1240 goto cifs_parse_mount_err; 1241 } 1242 } 1243 /* if iocharset not set then load_nls_default 1244 * is used by caller 1245 */ 1246 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset); 1247 break; 1248 case Opt_netbiosname: 1249 memset(ctx->source_rfc1001_name, 0x20, 1250 RFC1001_NAME_LEN); 1251 /* 1252 * FIXME: are there cases in which a comma can 1253 * be valid in workstation netbios name (and 1254 * need special handling)? 1255 */ 1256 for (i = 0; i < RFC1001_NAME_LEN; i++) { 1257 /* don't ucase netbiosname for user */ 1258 if (param->string[i] == 0) 1259 break; 1260 ctx->source_rfc1001_name[i] = param->string[i]; 1261 } 1262 /* The string has 16th byte zero still from 1263 * set at top of the function 1264 */ 1265 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1266 pr_warn("netbiosname longer than 15 truncated\n"); 1267 break; 1268 case Opt_servern: 1269 /* last byte, type, is 0x20 for servr type */ 1270 memset(ctx->target_rfc1001_name, 0x20, 1271 RFC1001_NAME_LEN_WITH_NULL); 1272 /* 1273 * BB are there cases in which a comma can be valid in this 1274 * workstation netbios name (and need special handling)? 1275 */ 1276 1277 /* user or mount helper must uppercase the netbios name */ 1278 for (i = 0; i < 15; i++) { 1279 if (param->string[i] == 0) 1280 break; 1281 ctx->target_rfc1001_name[i] = param->string[i]; 1282 } 1283 1284 /* The string has 16th byte zero still from set at top of function */ 1285 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1286 pr_warn("server netbiosname longer than 15 truncated\n"); 1287 break; 1288 case Opt_ver: 1289 /* version of mount userspace tools, not dialect */ 1290 /* If interface changes in mount.cifs bump to new ver */ 1291 if (strncasecmp(param->string, "1", 1) == 0) { 1292 if (strlen(param->string) > 1) { 1293 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n", 1294 param->string); 1295 goto cifs_parse_mount_err; 1296 } 1297 /* This is the default */ 1298 break; 1299 } 1300 /* For all other value, error */ 1301 pr_warn("Invalid mount helper version specified\n"); 1302 goto cifs_parse_mount_err; 1303 case Opt_vers: 1304 /* protocol version (dialect) */ 1305 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0) 1306 goto cifs_parse_mount_err; 1307 ctx->got_version = true; 1308 break; 1309 case Opt_sec: 1310 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0) 1311 goto cifs_parse_mount_err; 1312 break; 1313 case Opt_cache: 1314 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0) 1315 goto cifs_parse_mount_err; 1316 break; 1317 case Opt_witness: 1318 #ifndef CONFIG_CIFS_SWN_UPCALL 1319 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n"); 1320 goto cifs_parse_mount_err; 1321 #endif 1322 ctx->witness = true; 1323 pr_warn_once("Witness protocol support is experimental\n"); 1324 break; 1325 case Opt_rootfs: 1326 #ifndef CONFIG_CIFS_ROOT 1327 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n"); 1328 goto cifs_parse_mount_err; 1329 #endif 1330 ctx->rootfs = true; 1331 break; 1332 case Opt_posixpaths: 1333 if (result.negated) 1334 ctx->posix_paths = 0; 1335 else 1336 ctx->posix_paths = 1; 1337 break; 1338 case Opt_unix: 1339 if (result.negated) { 1340 if (ctx->linux_ext == 1) 1341 pr_warn_once("conflicting posix mount options specified\n"); 1342 ctx->linux_ext = 0; 1343 ctx->no_linux_ext = 1; 1344 } else { 1345 if (ctx->no_linux_ext == 1) 1346 pr_warn_once("conflicting posix mount options specified\n"); 1347 ctx->linux_ext = 1; 1348 ctx->no_linux_ext = 0; 1349 } 1350 break; 1351 case Opt_nocase: 1352 ctx->nocase = 1; 1353 break; 1354 case Opt_brl: 1355 if (result.negated) { 1356 /* 1357 * turn off mandatory locking in mode 1358 * if remote locking is turned off since the 1359 * local vfs will do advisory 1360 */ 1361 if (ctx->file_mode == 1362 (S_IALLUGO & ~(S_ISUID | S_IXGRP))) 1363 ctx->file_mode = S_IALLUGO; 1364 ctx->nobrl = 1; 1365 } else 1366 ctx->nobrl = 0; 1367 break; 1368 case Opt_handlecache: 1369 if (result.negated) 1370 ctx->nohandlecache = 1; 1371 else 1372 ctx->nohandlecache = 0; 1373 break; 1374 case Opt_forcemandatorylock: 1375 ctx->mand_lock = 1; 1376 break; 1377 case Opt_setuids: 1378 ctx->setuids = result.negated; 1379 break; 1380 case Opt_intr: 1381 ctx->intr = !result.negated; 1382 break; 1383 case Opt_setuidfromacl: 1384 ctx->setuidfromacl = 1; 1385 break; 1386 case Opt_strictsync: 1387 ctx->nostrictsync = result.negated; 1388 break; 1389 case Opt_serverino: 1390 ctx->server_ino = !result.negated; 1391 break; 1392 case Opt_rwpidforward: 1393 ctx->rwpidforward = 1; 1394 break; 1395 case Opt_modesid: 1396 ctx->mode_ace = 1; 1397 break; 1398 case Opt_cifsacl: 1399 ctx->cifs_acl = !result.negated; 1400 break; 1401 case Opt_acl: 1402 ctx->no_psx_acl = result.negated; 1403 break; 1404 case Opt_locallease: 1405 ctx->local_lease = 1; 1406 break; 1407 case Opt_sign: 1408 ctx->sign = true; 1409 break; 1410 case Opt_ignore_signature: 1411 ctx->sign = true; 1412 ctx->ignore_signature = true; 1413 break; 1414 case Opt_seal: 1415 /* we do not do the following in secFlags because seal 1416 * is a per tree connection (mount) not a per socket 1417 * or per-smb connection option in the protocol 1418 * vol->secFlg |= CIFSSEC_MUST_SEAL; 1419 */ 1420 ctx->seal = 1; 1421 break; 1422 case Opt_noac: 1423 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n"); 1424 break; 1425 case Opt_fsc: 1426 #ifndef CONFIG_CIFS_FSCACHE 1427 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n"); 1428 goto cifs_parse_mount_err; 1429 #endif 1430 ctx->fsc = true; 1431 break; 1432 case Opt_mfsymlinks: 1433 ctx->mfsymlinks = true; 1434 break; 1435 case Opt_multiuser: 1436 ctx->multiuser = true; 1437 break; 1438 case Opt_sloppy: 1439 ctx->sloppy = true; 1440 break; 1441 case Opt_nosharesock: 1442 ctx->nosharesock = true; 1443 break; 1444 case Opt_persistent: 1445 if (result.negated) { 1446 ctx->nopersistent = true; 1447 if (ctx->persistent) { 1448 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1449 goto cifs_parse_mount_err; 1450 } 1451 } else { 1452 ctx->persistent = true; 1453 if ((ctx->nopersistent) || (ctx->resilient)) { 1454 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1455 goto cifs_parse_mount_err; 1456 } 1457 } 1458 break; 1459 case Opt_resilient: 1460 if (result.negated) { 1461 ctx->resilient = false; /* already the default */ 1462 } else { 1463 ctx->resilient = true; 1464 if (ctx->persistent) { 1465 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1466 goto cifs_parse_mount_err; 1467 } 1468 } 1469 break; 1470 case Opt_tcp_nodelay: 1471 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */ 1472 if (result.negated) 1473 ctx->sockopt_tcp_nodelay = false; 1474 else 1475 ctx->sockopt_tcp_nodelay = true; 1476 break; 1477 case Opt_domainauto: 1478 ctx->domainauto = true; 1479 break; 1480 case Opt_rdma: 1481 ctx->rdma = true; 1482 break; 1483 } 1484 /* case Opt_ignore: - is ignored as expected ... */ 1485 1486 return 0; 1487 1488 cifs_parse_mount_err: 1489 kfree_sensitive(ctx->password); 1490 return -EINVAL; 1491 } 1492 1493 int smb3_init_fs_context(struct fs_context *fc) 1494 { 1495 struct smb3_fs_context *ctx; 1496 char *nodename = utsname()->nodename; 1497 int i; 1498 1499 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL); 1500 if (unlikely(!ctx)) 1501 return -ENOMEM; 1502 1503 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name)); 1504 1505 /* 1506 * does not have to be perfect mapping since field is 1507 * informational, only used for servers that do not support 1508 * port 445 and it can be overridden at mount time 1509 */ 1510 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN); 1511 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++) 1512 ctx->source_rfc1001_name[i] = toupper(nodename[i]); 1513 1514 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0; 1515 /* 1516 * null target name indicates to use *SMBSERVR default called name 1517 * if we end up sending RFC1001 session initialize 1518 */ 1519 ctx->target_rfc1001_name[0] = 0; 1520 ctx->cred_uid = current_uid(); 1521 ctx->linux_uid = current_uid(); 1522 ctx->linux_gid = current_gid(); 1523 /* By default 4MB read ahead size, 1MB block size */ 1524 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */ 1525 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */ 1526 1527 /* 1528 * default to SFM style remapping of seven reserved characters 1529 * unless user overrides it or we negotiate CIFS POSIX where 1530 * it is unnecessary. Can not simultaneously use more than one mapping 1531 * since then readdir could list files that open could not open 1532 */ 1533 ctx->remap = true; 1534 1535 /* default to only allowing write access to owner of the mount */ 1536 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR; 1537 1538 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */ 1539 /* default is always to request posix paths. */ 1540 ctx->posix_paths = 1; 1541 /* default to using server inode numbers where available */ 1542 ctx->server_ino = 1; 1543 1544 /* default is to use strict cifs caching semantics */ 1545 ctx->strict_io = true; 1546 1547 ctx->acregmax = CIFS_DEF_ACTIMEO; 1548 ctx->acdirmax = CIFS_DEF_ACTIMEO; 1549 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO; 1550 1551 /* Most clients set timeout to 0, allows server to use its default */ 1552 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */ 1553 1554 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */ 1555 ctx->ops = &smb30_operations; 1556 ctx->vals = &smbdefault_values; 1557 1558 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT; 1559 1560 /* default to no multichannel (single server connection) */ 1561 ctx->multichannel = false; 1562 ctx->max_channels = 1; 1563 1564 ctx->backupuid_specified = false; /* no backup intent for a user */ 1565 ctx->backupgid_specified = false; /* no backup intent for a group */ 1566 1567 /* 1568 * short int override_uid = -1; 1569 * short int override_gid = -1; 1570 * char *nodename = strdup(utsname()->nodename); 1571 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr; 1572 */ 1573 1574 fc->fs_private = ctx; 1575 fc->ops = &smb3_fs_context_ops; 1576 return 0; 1577 } 1578 1579 void 1580 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx) 1581 { 1582 if (ctx == NULL) 1583 return; 1584 1585 /* 1586 * Make sure this stays in sync with smb3_fs_context_dup() 1587 */ 1588 kfree(ctx->username); 1589 ctx->username = NULL; 1590 kfree_sensitive(ctx->password); 1591 ctx->password = NULL; 1592 kfree(ctx->server_hostname); 1593 ctx->server_hostname = NULL; 1594 kfree(ctx->UNC); 1595 ctx->UNC = NULL; 1596 kfree(ctx->source); 1597 ctx->source = NULL; 1598 kfree(ctx->domainname); 1599 ctx->domainname = NULL; 1600 kfree(ctx->nodename); 1601 ctx->nodename = NULL; 1602 kfree(ctx->iocharset); 1603 ctx->iocharset = NULL; 1604 kfree(ctx->prepath); 1605 ctx->prepath = NULL; 1606 kfree(ctx->leaf_fullpath); 1607 ctx->leaf_fullpath = NULL; 1608 } 1609 1610 void 1611 smb3_cleanup_fs_context(struct smb3_fs_context *ctx) 1612 { 1613 if (!ctx) 1614 return; 1615 smb3_cleanup_fs_context_contents(ctx); 1616 kfree(ctx); 1617 } 1618 1619 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb) 1620 { 1621 struct smb3_fs_context *ctx = cifs_sb->ctx; 1622 1623 if (ctx->nodfs) 1624 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS; 1625 else 1626 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS; 1627 1628 if (ctx->noperm) 1629 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM; 1630 else 1631 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM; 1632 1633 if (ctx->setuids) 1634 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID; 1635 else 1636 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID; 1637 1638 if (ctx->setuidfromacl) 1639 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL; 1640 else 1641 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL; 1642 1643 if (ctx->server_ino) 1644 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM; 1645 else 1646 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM; 1647 1648 if (ctx->remap) 1649 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR; 1650 else 1651 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR; 1652 1653 if (ctx->sfu_remap) 1654 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR; 1655 else 1656 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR; 1657 1658 if (ctx->no_xattr) 1659 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR; 1660 else 1661 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR; 1662 1663 if (ctx->sfu_emul) 1664 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL; 1665 else 1666 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL; 1667 1668 if (ctx->nobrl) 1669 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL; 1670 else 1671 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL; 1672 1673 if (ctx->nohandlecache) 1674 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE; 1675 else 1676 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE; 1677 1678 if (ctx->nostrictsync) 1679 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC; 1680 else 1681 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC; 1682 1683 if (ctx->mand_lock) 1684 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL; 1685 else 1686 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL; 1687 1688 if (ctx->rwpidforward) 1689 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD; 1690 else 1691 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD; 1692 1693 if (ctx->mode_ace) 1694 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID; 1695 else 1696 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID; 1697 1698 if (ctx->cifs_acl) 1699 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL; 1700 else 1701 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL; 1702 1703 if (ctx->backupuid_specified) 1704 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID; 1705 else 1706 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID; 1707 1708 if (ctx->backupgid_specified) 1709 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID; 1710 else 1711 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID; 1712 1713 if (ctx->override_uid) 1714 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID; 1715 else 1716 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID; 1717 1718 if (ctx->override_gid) 1719 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID; 1720 else 1721 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID; 1722 1723 if (ctx->dynperm) 1724 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM; 1725 else 1726 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM; 1727 1728 if (ctx->fsc) 1729 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE; 1730 else 1731 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE; 1732 1733 if (ctx->multiuser) 1734 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER | 1735 CIFS_MOUNT_NO_PERM); 1736 else 1737 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER; 1738 1739 1740 if (ctx->strict_io) 1741 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO; 1742 else 1743 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO; 1744 1745 if (ctx->direct_io) 1746 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO; 1747 else 1748 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO; 1749 1750 if (ctx->mfsymlinks) 1751 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS; 1752 else 1753 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS; 1754 if (ctx->mfsymlinks) { 1755 if (ctx->sfu_emul) { 1756 /* 1757 * Our SFU ("Services for Unix" emulation does not allow 1758 * creating symlinks but does allow reading existing SFU 1759 * symlinks (it does allow both creating and reading SFU 1760 * style mknod and FIFOs though). When "mfsymlinks" and 1761 * "sfu" are both enabled at the same time, it allows 1762 * reading both types of symlinks, but will only create 1763 * them with mfsymlinks format. This allows better 1764 * Apple compatibility (probably better for Samba too) 1765 * while still recognizing old Windows style symlinks. 1766 */ 1767 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n"); 1768 } 1769 } 1770 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN; 1771 1772 return; 1773 } 1774