1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2020, Microsoft Corporation. 4 * 5 * Author(s): Steve French <stfrench@microsoft.com> 6 * David Howells <dhowells@redhat.com> 7 */ 8 9 /* 10 #include <linux/module.h> 11 #include <linux/nsproxy.h> 12 #include <linux/slab.h> 13 #include <linux/magic.h> 14 #include <linux/security.h> 15 #include <net/net_namespace.h> 16 #ifdef CONFIG_CIFS_DFS_UPCALL 17 #include "dfs_cache.h" 18 #endif 19 */ 20 21 #include <linux/ctype.h> 22 #include <linux/fs_context.h> 23 #include <linux/fs_parser.h> 24 #include <linux/fs.h> 25 #include <linux/mount.h> 26 #include <linux/parser.h> 27 #include <linux/utsname.h> 28 #include "cifsfs.h" 29 #include "cifspdu.h" 30 #include "cifsglob.h" 31 #include "cifsproto.h" 32 #include "cifs_unicode.h" 33 #include "cifs_debug.h" 34 #include "cifs_fs_sb.h" 35 #include "ntlmssp.h" 36 #include "nterr.h" 37 #include "rfc1002pdu.h" 38 #include "fs_context.h" 39 40 static DEFINE_MUTEX(cifs_mount_mutex); 41 42 static const match_table_t cifs_smb_version_tokens = { 43 { Smb_1, SMB1_VERSION_STRING }, 44 { Smb_20, SMB20_VERSION_STRING}, 45 { Smb_21, SMB21_VERSION_STRING }, 46 { Smb_30, SMB30_VERSION_STRING }, 47 { Smb_302, SMB302_VERSION_STRING }, 48 { Smb_302, ALT_SMB302_VERSION_STRING }, 49 { Smb_311, SMB311_VERSION_STRING }, 50 { Smb_311, ALT_SMB311_VERSION_STRING }, 51 { Smb_3any, SMB3ANY_VERSION_STRING }, 52 { Smb_default, SMBDEFAULT_VERSION_STRING }, 53 { Smb_version_err, NULL } 54 }; 55 56 static const match_table_t cifs_secflavor_tokens = { 57 { Opt_sec_krb5, "krb5" }, 58 { Opt_sec_krb5i, "krb5i" }, 59 { Opt_sec_krb5p, "krb5p" }, 60 { Opt_sec_ntlmsspi, "ntlmsspi" }, 61 { Opt_sec_ntlmssp, "ntlmssp" }, 62 { Opt_sec_ntlmv2, "nontlm" }, 63 { Opt_sec_ntlmv2, "ntlmv2" }, 64 { Opt_sec_ntlmv2i, "ntlmv2i" }, 65 { Opt_sec_none, "none" }, 66 67 { Opt_sec_err, NULL } 68 }; 69 70 const struct fs_parameter_spec smb3_fs_parameters[] = { 71 /* Mount options that take no arguments */ 72 fsparam_flag_no("user_xattr", Opt_user_xattr), 73 fsparam_flag_no("forceuid", Opt_forceuid), 74 fsparam_flag_no("multichannel", Opt_multichannel), 75 fsparam_flag_no("forcegid", Opt_forcegid), 76 fsparam_flag("noblocksend", Opt_noblocksend), 77 fsparam_flag("noautotune", Opt_noautotune), 78 fsparam_flag("nolease", Opt_nolease), 79 fsparam_flag_no("hard", Opt_hard), 80 fsparam_flag_no("soft", Opt_soft), 81 fsparam_flag_no("perm", Opt_perm), 82 fsparam_flag("nodelete", Opt_nodelete), 83 fsparam_flag_no("mapposix", Opt_mapposix), 84 fsparam_flag("mapchars", Opt_mapchars), 85 fsparam_flag("nomapchars", Opt_nomapchars), 86 fsparam_flag_no("sfu", Opt_sfu), 87 fsparam_flag("nodfs", Opt_nodfs), 88 fsparam_flag_no("posixpaths", Opt_posixpaths), 89 fsparam_flag_no("unix", Opt_unix), 90 fsparam_flag_no("linux", Opt_unix), 91 fsparam_flag_no("posix", Opt_unix), 92 fsparam_flag("nocase", Opt_nocase), 93 fsparam_flag("ignorecase", Opt_nocase), 94 fsparam_flag_no("brl", Opt_brl), 95 fsparam_flag_no("handlecache", Opt_handlecache), 96 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock), 97 fsparam_flag("forcemand", Opt_forcemandatorylock), 98 fsparam_flag("setuidfromacl", Opt_setuidfromacl), 99 fsparam_flag("idsfromsid", Opt_setuidfromacl), 100 fsparam_flag_no("setuids", Opt_setuids), 101 fsparam_flag_no("dynperm", Opt_dynperm), 102 fsparam_flag_no("intr", Opt_intr), 103 fsparam_flag_no("strictsync", Opt_strictsync), 104 fsparam_flag_no("serverino", Opt_serverino), 105 fsparam_flag("rwpidforward", Opt_rwpidforward), 106 fsparam_flag("cifsacl", Opt_cifsacl), 107 fsparam_flag_no("acl", Opt_acl), 108 fsparam_flag("locallease", Opt_locallease), 109 fsparam_flag("sign", Opt_sign), 110 fsparam_flag("ignore_signature", Opt_ignore_signature), 111 fsparam_flag("signloosely", Opt_ignore_signature), 112 fsparam_flag("seal", Opt_seal), 113 fsparam_flag("noac", Opt_noac), 114 fsparam_flag("fsc", Opt_fsc), 115 fsparam_flag("mfsymlinks", Opt_mfsymlinks), 116 fsparam_flag("multiuser", Opt_multiuser), 117 fsparam_flag("sloppy", Opt_sloppy), 118 fsparam_flag("nosharesock", Opt_nosharesock), 119 fsparam_flag_no("persistenthandles", Opt_persistent), 120 fsparam_flag_no("resilienthandles", Opt_resilient), 121 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay), 122 fsparam_flag("nosparse", Opt_nosparse), 123 fsparam_flag("domainauto", Opt_domainauto), 124 fsparam_flag("rdma", Opt_rdma), 125 fsparam_flag("modesid", Opt_modesid), 126 fsparam_flag("modefromsid", Opt_modesid), 127 fsparam_flag("rootfs", Opt_rootfs), 128 fsparam_flag("compress", Opt_compress), 129 fsparam_flag("witness", Opt_witness), 130 131 /* Mount options which take numeric value */ 132 fsparam_u32("backupuid", Opt_backupuid), 133 fsparam_u32("backupgid", Opt_backupgid), 134 fsparam_u32("uid", Opt_uid), 135 fsparam_u32("cruid", Opt_cruid), 136 fsparam_u32("gid", Opt_gid), 137 fsparam_u32("file_mode", Opt_file_mode), 138 fsparam_u32("dirmode", Opt_dirmode), 139 fsparam_u32("dir_mode", Opt_dirmode), 140 fsparam_u32("port", Opt_port), 141 fsparam_u32("min_enc_offload", Opt_min_enc_offload), 142 fsparam_u32("esize", Opt_min_enc_offload), 143 fsparam_u32("bsize", Opt_blocksize), 144 fsparam_u32("rasize", Opt_rasize), 145 fsparam_u32("rsize", Opt_rsize), 146 fsparam_u32("wsize", Opt_wsize), 147 fsparam_u32("actimeo", Opt_actimeo), 148 fsparam_u32("acdirmax", Opt_acdirmax), 149 fsparam_u32("acregmax", Opt_acregmax), 150 fsparam_u32("closetimeo", Opt_closetimeo), 151 fsparam_u32("echo_interval", Opt_echo_interval), 152 fsparam_u32("max_credits", Opt_max_credits), 153 fsparam_u32("handletimeout", Opt_handletimeout), 154 fsparam_u64("snapshot", Opt_snapshot), 155 fsparam_u32("max_channels", Opt_max_channels), 156 157 /* Mount options which take string value */ 158 fsparam_string("source", Opt_source), 159 fsparam_string("user", Opt_user), 160 fsparam_string("username", Opt_user), 161 fsparam_string("pass", Opt_pass), 162 fsparam_string("password", Opt_pass), 163 fsparam_string("ip", Opt_ip), 164 fsparam_string("addr", Opt_ip), 165 fsparam_string("domain", Opt_domain), 166 fsparam_string("dom", Opt_domain), 167 fsparam_string("srcaddr", Opt_srcaddr), 168 fsparam_string("iocharset", Opt_iocharset), 169 fsparam_string("netbiosname", Opt_netbiosname), 170 fsparam_string("servern", Opt_servern), 171 fsparam_string("ver", Opt_ver), 172 fsparam_string("vers", Opt_vers), 173 fsparam_string("sec", Opt_sec), 174 fsparam_string("cache", Opt_cache), 175 176 /* Arguments that should be ignored */ 177 fsparam_flag("guest", Opt_ignore), 178 fsparam_flag("noatime", Opt_ignore), 179 fsparam_flag("relatime", Opt_ignore), 180 fsparam_flag("_netdev", Opt_ignore), 181 fsparam_flag_no("suid", Opt_ignore), 182 fsparam_flag_no("exec", Opt_ignore), 183 fsparam_flag_no("dev", Opt_ignore), 184 fsparam_flag_no("mand", Opt_ignore), 185 fsparam_flag_no("auto", Opt_ignore), 186 fsparam_string("cred", Opt_ignore), 187 fsparam_string("credentials", Opt_ignore), 188 /* 189 * UNC and prefixpath is now extracted from Opt_source 190 * in the new mount API so we can just ignore them going forward. 191 */ 192 fsparam_string("unc", Opt_ignore), 193 fsparam_string("prefixpath", Opt_ignore), 194 {} 195 }; 196 197 static int 198 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 199 { 200 201 substring_t args[MAX_OPT_ARGS]; 202 203 /* 204 * With mount options, the last one should win. Reset any existing 205 * settings back to default. 206 */ 207 ctx->sectype = Unspecified; 208 ctx->sign = false; 209 210 switch (match_token(value, cifs_secflavor_tokens, args)) { 211 case Opt_sec_krb5p: 212 cifs_errorf(fc, "sec=krb5p is not supported!\n"); 213 return 1; 214 case Opt_sec_krb5i: 215 ctx->sign = true; 216 fallthrough; 217 case Opt_sec_krb5: 218 ctx->sectype = Kerberos; 219 break; 220 case Opt_sec_ntlmsspi: 221 ctx->sign = true; 222 fallthrough; 223 case Opt_sec_ntlmssp: 224 ctx->sectype = RawNTLMSSP; 225 break; 226 case Opt_sec_ntlmv2i: 227 ctx->sign = true; 228 fallthrough; 229 case Opt_sec_ntlmv2: 230 ctx->sectype = NTLMv2; 231 break; 232 case Opt_sec_none: 233 ctx->nullauth = 1; 234 kfree(ctx->username); 235 ctx->username = NULL; 236 break; 237 default: 238 cifs_errorf(fc, "bad security option: %s\n", value); 239 return 1; 240 } 241 242 return 0; 243 } 244 245 static const match_table_t cifs_cacheflavor_tokens = { 246 { Opt_cache_loose, "loose" }, 247 { Opt_cache_strict, "strict" }, 248 { Opt_cache_none, "none" }, 249 { Opt_cache_ro, "ro" }, 250 { Opt_cache_rw, "singleclient" }, 251 { Opt_cache_err, NULL } 252 }; 253 254 static int 255 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 256 { 257 substring_t args[MAX_OPT_ARGS]; 258 259 switch (match_token(value, cifs_cacheflavor_tokens, args)) { 260 case Opt_cache_loose: 261 ctx->direct_io = false; 262 ctx->strict_io = false; 263 ctx->cache_ro = false; 264 ctx->cache_rw = false; 265 break; 266 case Opt_cache_strict: 267 ctx->direct_io = false; 268 ctx->strict_io = true; 269 ctx->cache_ro = false; 270 ctx->cache_rw = false; 271 break; 272 case Opt_cache_none: 273 ctx->direct_io = true; 274 ctx->strict_io = false; 275 ctx->cache_ro = false; 276 ctx->cache_rw = false; 277 break; 278 case Opt_cache_ro: 279 ctx->direct_io = false; 280 ctx->strict_io = false; 281 ctx->cache_ro = true; 282 ctx->cache_rw = false; 283 break; 284 case Opt_cache_rw: 285 ctx->direct_io = false; 286 ctx->strict_io = false; 287 ctx->cache_ro = false; 288 ctx->cache_rw = true; 289 break; 290 default: 291 cifs_errorf(fc, "bad cache= option: %s\n", value); 292 return 1; 293 } 294 return 0; 295 } 296 297 #define DUP_CTX_STR(field) \ 298 do { \ 299 if (ctx->field) { \ 300 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \ 301 if (new_ctx->field == NULL) { \ 302 smb3_cleanup_fs_context_contents(new_ctx); \ 303 return -ENOMEM; \ 304 } \ 305 } \ 306 } while (0) 307 308 int 309 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx) 310 { 311 memcpy(new_ctx, ctx, sizeof(*ctx)); 312 new_ctx->prepath = NULL; 313 new_ctx->nodename = NULL; 314 new_ctx->username = NULL; 315 new_ctx->password = NULL; 316 new_ctx->server_hostname = NULL; 317 new_ctx->domainname = NULL; 318 new_ctx->UNC = NULL; 319 new_ctx->source = NULL; 320 new_ctx->iocharset = NULL; 321 new_ctx->leaf_fullpath = NULL; 322 /* 323 * Make sure to stay in sync with smb3_cleanup_fs_context_contents() 324 */ 325 DUP_CTX_STR(prepath); 326 DUP_CTX_STR(username); 327 DUP_CTX_STR(password); 328 DUP_CTX_STR(server_hostname); 329 DUP_CTX_STR(UNC); 330 DUP_CTX_STR(source); 331 DUP_CTX_STR(domainname); 332 DUP_CTX_STR(nodename); 333 DUP_CTX_STR(iocharset); 334 DUP_CTX_STR(leaf_fullpath); 335 336 return 0; 337 } 338 339 static int 340 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3) 341 { 342 substring_t args[MAX_OPT_ARGS]; 343 344 switch (match_token(value, cifs_smb_version_tokens, args)) { 345 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY 346 case Smb_1: 347 if (disable_legacy_dialects) { 348 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 349 return 1; 350 } 351 if (is_smb3) { 352 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n"); 353 return 1; 354 } 355 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n"); 356 ctx->ops = &smb1_operations; 357 ctx->vals = &smb1_values; 358 break; 359 case Smb_20: 360 if (disable_legacy_dialects) { 361 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 362 return 1; 363 } 364 if (is_smb3) { 365 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n"); 366 return 1; 367 } 368 ctx->ops = &smb20_operations; 369 ctx->vals = &smb20_values; 370 break; 371 #else 372 case Smb_1: 373 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n"); 374 return 1; 375 case Smb_20: 376 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n"); 377 return 1; 378 #endif /* CIFS_ALLOW_INSECURE_LEGACY */ 379 case Smb_21: 380 ctx->ops = &smb21_operations; 381 ctx->vals = &smb21_values; 382 break; 383 case Smb_30: 384 ctx->ops = &smb30_operations; 385 ctx->vals = &smb30_values; 386 break; 387 case Smb_302: 388 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 389 ctx->vals = &smb302_values; 390 break; 391 case Smb_311: 392 ctx->ops = &smb311_operations; 393 ctx->vals = &smb311_values; 394 break; 395 case Smb_3any: 396 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 397 ctx->vals = &smb3any_values; 398 break; 399 case Smb_default: 400 ctx->ops = &smb30_operations; 401 ctx->vals = &smbdefault_values; 402 break; 403 default: 404 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value); 405 return 1; 406 } 407 return 0; 408 } 409 410 int smb3_parse_opt(const char *options, const char *key, char **val) 411 { 412 int rc = -ENOENT; 413 char *opts, *orig, *p; 414 415 orig = opts = kstrdup(options, GFP_KERNEL); 416 if (!opts) 417 return -ENOMEM; 418 419 while ((p = strsep(&opts, ","))) { 420 char *nval; 421 422 if (!*p) 423 continue; 424 if (strncasecmp(p, key, strlen(key))) 425 continue; 426 nval = strchr(p, '='); 427 if (nval) { 428 if (nval == p) 429 continue; 430 *nval++ = 0; 431 *val = kstrdup(nval, GFP_KERNEL); 432 rc = !*val ? -ENOMEM : 0; 433 goto out; 434 } 435 } 436 out: 437 kfree(orig); 438 return rc; 439 } 440 441 /* 442 * Remove duplicate path delimiters. Windows is supposed to do that 443 * but there are some bugs that prevent rename from working if there are 444 * multiple delimiters. 445 * 446 * Return a sanitized duplicate of @path or NULL for empty prefix paths. 447 * Otherwise, return ERR_PTR. 448 * 449 * @gfp indicates the GFP_* flags for kstrdup. 450 * The caller is responsible for freeing the original. 451 */ 452 #define IS_DELIM(c) ((c) == '/' || (c) == '\\') 453 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp) 454 { 455 char *cursor1 = prepath, *cursor2 = prepath; 456 char *s; 457 458 /* skip all prepended delimiters */ 459 while (IS_DELIM(*cursor1)) 460 cursor1++; 461 462 /* copy the first letter */ 463 *cursor2 = *cursor1; 464 465 /* copy the remainder... */ 466 while (*(cursor1++)) { 467 /* ... skipping all duplicated delimiters */ 468 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2)) 469 continue; 470 *(++cursor2) = *cursor1; 471 } 472 473 /* if the last character is a delimiter, skip it */ 474 if (IS_DELIM(*(cursor2 - 1))) 475 cursor2--; 476 477 *cursor2 = '\0'; 478 if (!*prepath) 479 return NULL; 480 s = kstrdup(prepath, gfp); 481 if (!s) 482 return ERR_PTR(-ENOMEM); 483 return s; 484 } 485 486 /* 487 * Return full path based on the values of @ctx->{UNC,prepath}. 488 * 489 * It is assumed that both values were already parsed by smb3_parse_devname(). 490 */ 491 char *smb3_fs_context_fullpath(const struct smb3_fs_context *ctx, char dirsep) 492 { 493 size_t ulen, plen; 494 char *s; 495 496 ulen = strlen(ctx->UNC); 497 plen = ctx->prepath ? strlen(ctx->prepath) + 1 : 0; 498 499 s = kmalloc(ulen + plen + 1, GFP_KERNEL); 500 if (!s) 501 return ERR_PTR(-ENOMEM); 502 memcpy(s, ctx->UNC, ulen); 503 if (plen) { 504 s[ulen] = dirsep; 505 memcpy(s + ulen + 1, ctx->prepath, plen); 506 } 507 s[ulen + plen] = '\0'; 508 convert_delimiter(s, dirsep); 509 return s; 510 } 511 512 /* 513 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath 514 * fields with the result. Returns 0 on success and an error otherwise 515 * (e.g. ENOMEM or EINVAL) 516 */ 517 int 518 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx) 519 { 520 char *pos; 521 const char *delims = "/\\"; 522 size_t len; 523 int rc; 524 525 if (unlikely(!devname || !*devname)) { 526 cifs_dbg(VFS, "Device name not specified\n"); 527 return -EINVAL; 528 } 529 530 /* make sure we have a valid UNC double delimiter prefix */ 531 len = strspn(devname, delims); 532 if (len != 2) 533 return -EINVAL; 534 535 /* find delimiter between host and sharename */ 536 pos = strpbrk(devname + 2, delims); 537 if (!pos) 538 return -EINVAL; 539 540 /* record the server hostname */ 541 kfree(ctx->server_hostname); 542 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL); 543 if (!ctx->server_hostname) 544 return -ENOMEM; 545 546 /* skip past delimiter */ 547 ++pos; 548 549 /* now go until next delimiter or end of string */ 550 len = strcspn(pos, delims); 551 if (!len) 552 return -EINVAL; 553 554 /* move "pos" up to delimiter or NULL */ 555 pos += len; 556 kfree(ctx->UNC); 557 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL); 558 if (!ctx->UNC) 559 return -ENOMEM; 560 561 convert_delimiter(ctx->UNC, '\\'); 562 563 /* skip any delimiter */ 564 if (*pos == '/' || *pos == '\\') 565 pos++; 566 567 kfree(ctx->prepath); 568 ctx->prepath = NULL; 569 570 /* If pos is NULL then no prepath */ 571 if (!*pos) 572 return 0; 573 574 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL); 575 if (IS_ERR(ctx->prepath)) { 576 rc = PTR_ERR(ctx->prepath); 577 ctx->prepath = NULL; 578 return rc; 579 } 580 581 return 0; 582 } 583 584 static void smb3_fs_context_free(struct fs_context *fc); 585 static int smb3_fs_context_parse_param(struct fs_context *fc, 586 struct fs_parameter *param); 587 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 588 void *data); 589 static int smb3_get_tree(struct fs_context *fc); 590 static int smb3_reconfigure(struct fs_context *fc); 591 592 static const struct fs_context_operations smb3_fs_context_ops = { 593 .free = smb3_fs_context_free, 594 .parse_param = smb3_fs_context_parse_param, 595 .parse_monolithic = smb3_fs_context_parse_monolithic, 596 .get_tree = smb3_get_tree, 597 .reconfigure = smb3_reconfigure, 598 }; 599 600 /* 601 * Parse a monolithic block of data from sys_mount(). 602 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data 603 * @ctx: The superblock configuration to fill in. 604 * @data: The data to parse 605 * 606 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be 607 * called from the ->monolithic_mount_data() fs_context operation. 608 * 609 * Returns 0 on success or the error returned by the ->parse_option() fs_context 610 * operation on failure. 611 */ 612 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 613 void *data) 614 { 615 char *options = data, *key; 616 int ret = 0; 617 618 if (!options) 619 return 0; 620 621 ret = security_sb_eat_lsm_opts(options, &fc->security); 622 if (ret) 623 return ret; 624 625 /* BB Need to add support for sep= here TBD */ 626 while ((key = strsep(&options, ",")) != NULL) { 627 size_t len; 628 char *value; 629 630 if (*key == 0) 631 break; 632 633 /* Check if following character is the deliminator If yes, 634 * we have encountered a double deliminator reset the NULL 635 * character to the deliminator 636 */ 637 while (options && options[0] == ',') { 638 len = strlen(key); 639 strcpy(key + len, options); 640 options = strchr(options, ','); 641 if (options) 642 *options++ = 0; 643 } 644 645 646 len = 0; 647 value = strchr(key, '='); 648 if (value) { 649 if (value == key) 650 continue; 651 *value++ = 0; 652 len = strlen(value); 653 } 654 655 ret = vfs_parse_fs_string(fc, key, value, len); 656 if (ret < 0) 657 break; 658 } 659 660 return ret; 661 } 662 663 /* 664 * Validate the preparsed information in the config. 665 */ 666 static int smb3_fs_context_validate(struct fs_context *fc) 667 { 668 struct smb3_fs_context *ctx = smb3_fc2context(fc); 669 670 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) { 671 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n"); 672 return -EOPNOTSUPP; 673 } 674 675 #ifndef CONFIG_KEYS 676 /* Muliuser mounts require CONFIG_KEYS support */ 677 if (ctx->multiuser) { 678 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n"); 679 return -1; 680 } 681 #endif 682 683 if (ctx->got_version == false) 684 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n"); 685 686 687 if (!ctx->UNC) { 688 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n"); 689 return -1; 690 } 691 692 /* make sure UNC has a share name */ 693 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) { 694 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n"); 695 return -ENOENT; 696 } 697 698 if (!ctx->got_ip) { 699 int len; 700 const char *slash; 701 702 /* No ip= option specified? Try to get it from UNC */ 703 /* Use the address part of the UNC. */ 704 slash = strchr(&ctx->UNC[2], '\\'); 705 len = slash - &ctx->UNC[2]; 706 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 707 &ctx->UNC[2], len)) { 708 pr_err("Unable to determine destination address\n"); 709 return -EHOSTUNREACH; 710 } 711 } 712 713 /* set the port that we got earlier */ 714 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port); 715 716 if (ctx->override_uid && !ctx->uid_specified) { 717 ctx->override_uid = 0; 718 pr_notice("ignoring forceuid mount option specified with no uid= option\n"); 719 } 720 721 if (ctx->override_gid && !ctx->gid_specified) { 722 ctx->override_gid = 0; 723 pr_notice("ignoring forcegid mount option specified with no gid= option\n"); 724 } 725 726 return 0; 727 } 728 729 static int smb3_get_tree_common(struct fs_context *fc) 730 { 731 struct smb3_fs_context *ctx = smb3_fc2context(fc); 732 struct dentry *root; 733 int rc = 0; 734 735 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx); 736 if (IS_ERR(root)) 737 return PTR_ERR(root); 738 739 fc->root = root; 740 741 return rc; 742 } 743 744 /* 745 * Create an SMB3 superblock from the parameters passed. 746 */ 747 static int smb3_get_tree(struct fs_context *fc) 748 { 749 int err = smb3_fs_context_validate(fc); 750 int ret; 751 752 if (err) 753 return err; 754 mutex_lock(&cifs_mount_mutex); 755 ret = smb3_get_tree_common(fc); 756 mutex_unlock(&cifs_mount_mutex); 757 return ret; 758 } 759 760 static void smb3_fs_context_free(struct fs_context *fc) 761 { 762 struct smb3_fs_context *ctx = smb3_fc2context(fc); 763 764 smb3_cleanup_fs_context(ctx); 765 } 766 767 /* 768 * Compare the old and new proposed context during reconfigure 769 * and check if the changes are compatible. 770 */ 771 static int smb3_verify_reconfigure_ctx(struct fs_context *fc, 772 struct smb3_fs_context *new_ctx, 773 struct smb3_fs_context *old_ctx) 774 { 775 if (new_ctx->posix_paths != old_ctx->posix_paths) { 776 cifs_errorf(fc, "can not change posixpaths during remount\n"); 777 return -EINVAL; 778 } 779 if (new_ctx->sectype != old_ctx->sectype) { 780 cifs_errorf(fc, "can not change sec during remount\n"); 781 return -EINVAL; 782 } 783 if (new_ctx->multiuser != old_ctx->multiuser) { 784 cifs_errorf(fc, "can not change multiuser during remount\n"); 785 return -EINVAL; 786 } 787 if (new_ctx->UNC && 788 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) { 789 cifs_errorf(fc, "can not change UNC during remount\n"); 790 return -EINVAL; 791 } 792 if (new_ctx->username && 793 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) { 794 cifs_errorf(fc, "can not change username during remount\n"); 795 return -EINVAL; 796 } 797 if (new_ctx->password && 798 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) { 799 cifs_errorf(fc, "can not change password during remount\n"); 800 return -EINVAL; 801 } 802 if (new_ctx->domainname && 803 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) { 804 cifs_errorf(fc, "can not change domainname during remount\n"); 805 return -EINVAL; 806 } 807 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) { 808 cifs_errorf(fc, "can not change workstation_name during remount\n"); 809 return -EINVAL; 810 } 811 if (new_ctx->nodename && 812 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) { 813 cifs_errorf(fc, "can not change nodename during remount\n"); 814 return -EINVAL; 815 } 816 if (new_ctx->iocharset && 817 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) { 818 cifs_errorf(fc, "can not change iocharset during remount\n"); 819 return -EINVAL; 820 } 821 822 return 0; 823 } 824 825 #define STEAL_STRING(cifs_sb, ctx, field) \ 826 do { \ 827 kfree(ctx->field); \ 828 ctx->field = cifs_sb->ctx->field; \ 829 cifs_sb->ctx->field = NULL; \ 830 } while (0) 831 832 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \ 833 do { \ 834 kfree_sensitive(ctx->field); \ 835 ctx->field = cifs_sb->ctx->field; \ 836 cifs_sb->ctx->field = NULL; \ 837 } while (0) 838 839 static int smb3_reconfigure(struct fs_context *fc) 840 { 841 struct smb3_fs_context *ctx = smb3_fc2context(fc); 842 struct dentry *root = fc->root; 843 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb); 844 int rc; 845 846 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx); 847 if (rc) 848 return rc; 849 850 /* 851 * We can not change UNC/username/password/domainname/ 852 * workstation_name/nodename/iocharset 853 * during reconnect so ignore what we have in the new context and 854 * just use what we already have in cifs_sb->ctx. 855 */ 856 STEAL_STRING(cifs_sb, ctx, UNC); 857 STEAL_STRING(cifs_sb, ctx, source); 858 STEAL_STRING(cifs_sb, ctx, username); 859 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password); 860 STEAL_STRING(cifs_sb, ctx, domainname); 861 STEAL_STRING(cifs_sb, ctx, nodename); 862 STEAL_STRING(cifs_sb, ctx, iocharset); 863 864 /* if rsize or wsize not passed in on remount, use previous values */ 865 if (ctx->rsize == 0) 866 ctx->rsize = cifs_sb->ctx->rsize; 867 if (ctx->wsize == 0) 868 ctx->wsize = cifs_sb->ctx->wsize; 869 870 871 smb3_cleanup_fs_context_contents(cifs_sb->ctx); 872 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx); 873 smb3_update_mnt_flags(cifs_sb); 874 #ifdef CONFIG_CIFS_DFS_UPCALL 875 if (!rc) 876 rc = dfs_cache_remount_fs(cifs_sb); 877 #endif 878 879 return rc; 880 } 881 882 static int smb3_fs_context_parse_param(struct fs_context *fc, 883 struct fs_parameter *param) 884 { 885 struct fs_parse_result result; 886 struct smb3_fs_context *ctx = smb3_fc2context(fc); 887 int i, opt; 888 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3"); 889 bool skip_parsing = false; 890 kuid_t uid; 891 kgid_t gid; 892 893 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key); 894 895 /* 896 * fs_parse can not handle string options with an empty value so 897 * we will need special handling of them. 898 */ 899 if (param->type == fs_value_is_string && param->string[0] == 0) { 900 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) { 901 skip_parsing = true; 902 opt = Opt_pass; 903 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) { 904 skip_parsing = true; 905 opt = Opt_user; 906 } 907 } 908 909 if (!skip_parsing) { 910 opt = fs_parse(fc, smb3_fs_parameters, param, &result); 911 if (opt < 0) 912 return ctx->sloppy ? 1 : opt; 913 } 914 915 switch (opt) { 916 case Opt_compress: 917 ctx->compression = UNKNOWN_TYPE; 918 cifs_dbg(VFS, 919 "SMB3 compression support is experimental\n"); 920 break; 921 case Opt_nodfs: 922 ctx->nodfs = 1; 923 break; 924 case Opt_hard: 925 if (result.negated) { 926 if (ctx->retry == 1) 927 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n"); 928 ctx->retry = 0; 929 } else 930 ctx->retry = 1; 931 break; 932 case Opt_soft: 933 if (result.negated) 934 ctx->retry = 1; 935 else { 936 if (ctx->retry == 1) 937 cifs_dbg(VFS, "conflicting hard vs soft mount options\n"); 938 ctx->retry = 0; 939 } 940 break; 941 case Opt_mapposix: 942 if (result.negated) 943 ctx->remap = false; 944 else { 945 ctx->remap = true; 946 ctx->sfu_remap = false; /* disable SFU mapping */ 947 } 948 break; 949 case Opt_mapchars: 950 if (result.negated) 951 ctx->sfu_remap = false; 952 else { 953 ctx->sfu_remap = true; 954 ctx->remap = false; /* disable SFM (mapposix) mapping */ 955 } 956 break; 957 case Opt_user_xattr: 958 if (result.negated) 959 ctx->no_xattr = 1; 960 else 961 ctx->no_xattr = 0; 962 break; 963 case Opt_forceuid: 964 if (result.negated) 965 ctx->override_uid = 0; 966 else 967 ctx->override_uid = 1; 968 break; 969 case Opt_forcegid: 970 if (result.negated) 971 ctx->override_gid = 0; 972 else 973 ctx->override_gid = 1; 974 break; 975 case Opt_perm: 976 if (result.negated) 977 ctx->noperm = 1; 978 else 979 ctx->noperm = 0; 980 break; 981 case Opt_dynperm: 982 if (result.negated) 983 ctx->dynperm = 0; 984 else 985 ctx->dynperm = 1; 986 break; 987 case Opt_sfu: 988 if (result.negated) 989 ctx->sfu_emul = 0; 990 else 991 ctx->sfu_emul = 1; 992 break; 993 case Opt_noblocksend: 994 ctx->noblocksnd = 1; 995 break; 996 case Opt_noautotune: 997 ctx->noautotune = 1; 998 break; 999 case Opt_nolease: 1000 ctx->no_lease = 1; 1001 break; 1002 case Opt_nosparse: 1003 ctx->no_sparse = 1; 1004 break; 1005 case Opt_nodelete: 1006 ctx->nodelete = 1; 1007 break; 1008 case Opt_multichannel: 1009 if (result.negated) { 1010 ctx->multichannel = false; 1011 ctx->max_channels = 1; 1012 } else { 1013 ctx->multichannel = true; 1014 /* if number of channels not specified, default to 2 */ 1015 if (ctx->max_channels < 2) 1016 ctx->max_channels = 2; 1017 } 1018 break; 1019 case Opt_uid: 1020 uid = make_kuid(current_user_ns(), result.uint_32); 1021 if (!uid_valid(uid)) 1022 goto cifs_parse_mount_err; 1023 ctx->linux_uid = uid; 1024 ctx->uid_specified = true; 1025 break; 1026 case Opt_cruid: 1027 uid = make_kuid(current_user_ns(), result.uint_32); 1028 if (!uid_valid(uid)) 1029 goto cifs_parse_mount_err; 1030 ctx->cred_uid = uid; 1031 ctx->cruid_specified = true; 1032 break; 1033 case Opt_backupuid: 1034 uid = make_kuid(current_user_ns(), result.uint_32); 1035 if (!uid_valid(uid)) 1036 goto cifs_parse_mount_err; 1037 ctx->backupuid = uid; 1038 ctx->backupuid_specified = true; 1039 break; 1040 case Opt_backupgid: 1041 gid = make_kgid(current_user_ns(), result.uint_32); 1042 if (!gid_valid(gid)) 1043 goto cifs_parse_mount_err; 1044 ctx->backupgid = gid; 1045 ctx->backupgid_specified = true; 1046 break; 1047 case Opt_gid: 1048 gid = make_kgid(current_user_ns(), result.uint_32); 1049 if (!gid_valid(gid)) 1050 goto cifs_parse_mount_err; 1051 ctx->linux_gid = gid; 1052 ctx->gid_specified = true; 1053 break; 1054 case Opt_port: 1055 ctx->port = result.uint_32; 1056 break; 1057 case Opt_file_mode: 1058 ctx->file_mode = result.uint_32; 1059 break; 1060 case Opt_dirmode: 1061 ctx->dir_mode = result.uint_32; 1062 break; 1063 case Opt_min_enc_offload: 1064 ctx->min_offload = result.uint_32; 1065 break; 1066 case Opt_blocksize: 1067 /* 1068 * inode blocksize realistically should never need to be 1069 * less than 16K or greater than 16M and default is 1MB. 1070 * Note that small inode block sizes (e.g. 64K) can lead 1071 * to very poor performance of common tools like cp and scp 1072 */ 1073 if ((result.uint_32 < CIFS_MAX_MSGSIZE) || 1074 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) { 1075 cifs_errorf(fc, "%s: Invalid blocksize\n", 1076 __func__); 1077 goto cifs_parse_mount_err; 1078 } 1079 ctx->bsize = result.uint_32; 1080 ctx->got_bsize = true; 1081 break; 1082 case Opt_rasize: 1083 /* 1084 * readahead size realistically should never need to be 1085 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M 1086 * (perhaps an exception should be considered in the 1087 * for the case of a large number of channels 1088 * when multichannel is negotiated) since that would lead 1089 * to plenty of parallel I/O in flight to the server. 1090 * Note that smaller read ahead sizes would 1091 * hurt performance of common tools like cp and scp 1092 * which often trigger sequential i/o with read ahead 1093 */ 1094 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) || 1095 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) { 1096 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n", 1097 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE); 1098 goto cifs_parse_mount_err; 1099 } 1100 ctx->rasize = result.uint_32; 1101 break; 1102 case Opt_rsize: 1103 ctx->rsize = result.uint_32; 1104 ctx->got_rsize = true; 1105 break; 1106 case Opt_wsize: 1107 ctx->wsize = result.uint_32; 1108 ctx->got_wsize = true; 1109 break; 1110 case Opt_acregmax: 1111 ctx->acregmax = HZ * result.uint_32; 1112 if (ctx->acregmax > CIFS_MAX_ACTIMEO) { 1113 cifs_errorf(fc, "acregmax too large\n"); 1114 goto cifs_parse_mount_err; 1115 } 1116 break; 1117 case Opt_acdirmax: 1118 ctx->acdirmax = HZ * result.uint_32; 1119 if (ctx->acdirmax > CIFS_MAX_ACTIMEO) { 1120 cifs_errorf(fc, "acdirmax too large\n"); 1121 goto cifs_parse_mount_err; 1122 } 1123 break; 1124 case Opt_actimeo: 1125 if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) { 1126 cifs_errorf(fc, "timeout too large\n"); 1127 goto cifs_parse_mount_err; 1128 } 1129 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) || 1130 (ctx->acregmax != CIFS_DEF_ACTIMEO)) { 1131 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n"); 1132 break; 1133 } 1134 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32; 1135 break; 1136 case Opt_closetimeo: 1137 ctx->closetimeo = HZ * result.uint_32; 1138 if (ctx->closetimeo > SMB3_MAX_DCLOSETIMEO) { 1139 cifs_errorf(fc, "closetimeo too large\n"); 1140 goto cifs_parse_mount_err; 1141 } 1142 break; 1143 case Opt_echo_interval: 1144 ctx->echo_interval = result.uint_32; 1145 break; 1146 case Opt_snapshot: 1147 ctx->snapshot_time = result.uint_64; 1148 break; 1149 case Opt_max_credits: 1150 if (result.uint_32 < 20 || result.uint_32 > 60000) { 1151 cifs_errorf(fc, "%s: Invalid max_credits value\n", 1152 __func__); 1153 goto cifs_parse_mount_err; 1154 } 1155 ctx->max_credits = result.uint_32; 1156 break; 1157 case Opt_max_channels: 1158 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) { 1159 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n", 1160 __func__, CIFS_MAX_CHANNELS); 1161 goto cifs_parse_mount_err; 1162 } 1163 ctx->max_channels = result.uint_32; 1164 /* If more than one channel requested ... they want multichan */ 1165 if (result.uint_32 > 1) 1166 ctx->multichannel = true; 1167 break; 1168 case Opt_handletimeout: 1169 ctx->handle_timeout = result.uint_32; 1170 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) { 1171 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n"); 1172 goto cifs_parse_mount_err; 1173 } 1174 break; 1175 case Opt_source: 1176 kfree(ctx->UNC); 1177 ctx->UNC = NULL; 1178 switch (smb3_parse_devname(param->string, ctx)) { 1179 case 0: 1180 break; 1181 case -ENOMEM: 1182 cifs_errorf(fc, "Unable to allocate memory for devname\n"); 1183 goto cifs_parse_mount_err; 1184 case -EINVAL: 1185 cifs_errorf(fc, "Malformed UNC in devname\n"); 1186 goto cifs_parse_mount_err; 1187 default: 1188 cifs_errorf(fc, "Unknown error parsing devname\n"); 1189 goto cifs_parse_mount_err; 1190 } 1191 ctx->source = smb3_fs_context_fullpath(ctx, '/'); 1192 if (IS_ERR(ctx->source)) { 1193 ctx->source = NULL; 1194 cifs_errorf(fc, "OOM when copying UNC string\n"); 1195 goto cifs_parse_mount_err; 1196 } 1197 fc->source = kstrdup(ctx->source, GFP_KERNEL); 1198 if (fc->source == NULL) { 1199 cifs_errorf(fc, "OOM when copying UNC string\n"); 1200 goto cifs_parse_mount_err; 1201 } 1202 break; 1203 case Opt_user: 1204 kfree(ctx->username); 1205 ctx->username = NULL; 1206 if (ctx->nullauth) 1207 break; 1208 if (strlen(param->string) == 0) { 1209 /* null user, ie. anonymous authentication */ 1210 ctx->nullauth = 1; 1211 break; 1212 } 1213 1214 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) > 1215 CIFS_MAX_USERNAME_LEN) { 1216 pr_warn("username too long\n"); 1217 goto cifs_parse_mount_err; 1218 } 1219 ctx->username = kstrdup(param->string, GFP_KERNEL); 1220 if (ctx->username == NULL) { 1221 cifs_errorf(fc, "OOM when copying username string\n"); 1222 goto cifs_parse_mount_err; 1223 } 1224 break; 1225 case Opt_pass: 1226 kfree_sensitive(ctx->password); 1227 ctx->password = NULL; 1228 if (strlen(param->string) == 0) 1229 break; 1230 1231 ctx->password = kstrdup(param->string, GFP_KERNEL); 1232 if (ctx->password == NULL) { 1233 cifs_errorf(fc, "OOM when copying password string\n"); 1234 goto cifs_parse_mount_err; 1235 } 1236 break; 1237 case Opt_ip: 1238 if (strlen(param->string) == 0) { 1239 ctx->got_ip = false; 1240 break; 1241 } 1242 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 1243 param->string, 1244 strlen(param->string))) { 1245 pr_err("bad ip= option (%s)\n", param->string); 1246 goto cifs_parse_mount_err; 1247 } 1248 ctx->got_ip = true; 1249 break; 1250 case Opt_domain: 1251 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN) 1252 == CIFS_MAX_DOMAINNAME_LEN) { 1253 pr_warn("domain name too long\n"); 1254 goto cifs_parse_mount_err; 1255 } 1256 1257 kfree(ctx->domainname); 1258 ctx->domainname = kstrdup(param->string, GFP_KERNEL); 1259 if (ctx->domainname == NULL) { 1260 cifs_errorf(fc, "OOM when copying domainname string\n"); 1261 goto cifs_parse_mount_err; 1262 } 1263 cifs_dbg(FYI, "Domain name set\n"); 1264 break; 1265 case Opt_srcaddr: 1266 if (!cifs_convert_address( 1267 (struct sockaddr *)&ctx->srcaddr, 1268 param->string, strlen(param->string))) { 1269 pr_warn("Could not parse srcaddr: %s\n", 1270 param->string); 1271 goto cifs_parse_mount_err; 1272 } 1273 break; 1274 case Opt_iocharset: 1275 if (strnlen(param->string, 1024) >= 65) { 1276 pr_warn("iocharset name too long\n"); 1277 goto cifs_parse_mount_err; 1278 } 1279 1280 if (strncasecmp(param->string, "default", 7) != 0) { 1281 kfree(ctx->iocharset); 1282 ctx->iocharset = kstrdup(param->string, GFP_KERNEL); 1283 if (ctx->iocharset == NULL) { 1284 cifs_errorf(fc, "OOM when copying iocharset string\n"); 1285 goto cifs_parse_mount_err; 1286 } 1287 } 1288 /* if iocharset not set then load_nls_default 1289 * is used by caller 1290 */ 1291 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset); 1292 break; 1293 case Opt_netbiosname: 1294 memset(ctx->source_rfc1001_name, 0x20, 1295 RFC1001_NAME_LEN); 1296 /* 1297 * FIXME: are there cases in which a comma can 1298 * be valid in workstation netbios name (and 1299 * need special handling)? 1300 */ 1301 for (i = 0; i < RFC1001_NAME_LEN; i++) { 1302 /* don't ucase netbiosname for user */ 1303 if (param->string[i] == 0) 1304 break; 1305 ctx->source_rfc1001_name[i] = param->string[i]; 1306 } 1307 /* The string has 16th byte zero still from 1308 * set at top of the function 1309 */ 1310 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1311 pr_warn("netbiosname longer than 15 truncated\n"); 1312 break; 1313 case Opt_servern: 1314 /* last byte, type, is 0x20 for servr type */ 1315 memset(ctx->target_rfc1001_name, 0x20, 1316 RFC1001_NAME_LEN_WITH_NULL); 1317 /* 1318 * BB are there cases in which a comma can be valid in this 1319 * workstation netbios name (and need special handling)? 1320 */ 1321 1322 /* user or mount helper must uppercase the netbios name */ 1323 for (i = 0; i < 15; i++) { 1324 if (param->string[i] == 0) 1325 break; 1326 ctx->target_rfc1001_name[i] = param->string[i]; 1327 } 1328 1329 /* The string has 16th byte zero still from set at top of function */ 1330 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1331 pr_warn("server netbiosname longer than 15 truncated\n"); 1332 break; 1333 case Opt_ver: 1334 /* version of mount userspace tools, not dialect */ 1335 /* If interface changes in mount.cifs bump to new ver */ 1336 if (strncasecmp(param->string, "1", 1) == 0) { 1337 if (strlen(param->string) > 1) { 1338 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n", 1339 param->string); 1340 goto cifs_parse_mount_err; 1341 } 1342 /* This is the default */ 1343 break; 1344 } 1345 /* For all other value, error */ 1346 pr_warn("Invalid mount helper version specified\n"); 1347 goto cifs_parse_mount_err; 1348 case Opt_vers: 1349 /* protocol version (dialect) */ 1350 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0) 1351 goto cifs_parse_mount_err; 1352 ctx->got_version = true; 1353 break; 1354 case Opt_sec: 1355 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0) 1356 goto cifs_parse_mount_err; 1357 break; 1358 case Opt_cache: 1359 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0) 1360 goto cifs_parse_mount_err; 1361 break; 1362 case Opt_witness: 1363 #ifndef CONFIG_CIFS_SWN_UPCALL 1364 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n"); 1365 goto cifs_parse_mount_err; 1366 #endif 1367 ctx->witness = true; 1368 pr_warn_once("Witness protocol support is experimental\n"); 1369 break; 1370 case Opt_rootfs: 1371 #ifndef CONFIG_CIFS_ROOT 1372 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n"); 1373 goto cifs_parse_mount_err; 1374 #endif 1375 ctx->rootfs = true; 1376 break; 1377 case Opt_posixpaths: 1378 if (result.negated) 1379 ctx->posix_paths = 0; 1380 else 1381 ctx->posix_paths = 1; 1382 break; 1383 case Opt_unix: 1384 if (result.negated) { 1385 if (ctx->linux_ext == 1) 1386 pr_warn_once("conflicting posix mount options specified\n"); 1387 ctx->linux_ext = 0; 1388 ctx->no_linux_ext = 1; 1389 } else { 1390 if (ctx->no_linux_ext == 1) 1391 pr_warn_once("conflicting posix mount options specified\n"); 1392 ctx->linux_ext = 1; 1393 ctx->no_linux_ext = 0; 1394 } 1395 break; 1396 case Opt_nocase: 1397 ctx->nocase = 1; 1398 break; 1399 case Opt_brl: 1400 if (result.negated) { 1401 /* 1402 * turn off mandatory locking in mode 1403 * if remote locking is turned off since the 1404 * local vfs will do advisory 1405 */ 1406 if (ctx->file_mode == 1407 (S_IALLUGO & ~(S_ISUID | S_IXGRP))) 1408 ctx->file_mode = S_IALLUGO; 1409 ctx->nobrl = 1; 1410 } else 1411 ctx->nobrl = 0; 1412 break; 1413 case Opt_handlecache: 1414 if (result.negated) 1415 ctx->nohandlecache = 1; 1416 else 1417 ctx->nohandlecache = 0; 1418 break; 1419 case Opt_forcemandatorylock: 1420 ctx->mand_lock = 1; 1421 break; 1422 case Opt_setuids: 1423 ctx->setuids = result.negated; 1424 break; 1425 case Opt_intr: 1426 ctx->intr = !result.negated; 1427 break; 1428 case Opt_setuidfromacl: 1429 ctx->setuidfromacl = 1; 1430 break; 1431 case Opt_strictsync: 1432 ctx->nostrictsync = result.negated; 1433 break; 1434 case Opt_serverino: 1435 ctx->server_ino = !result.negated; 1436 break; 1437 case Opt_rwpidforward: 1438 ctx->rwpidforward = 1; 1439 break; 1440 case Opt_modesid: 1441 ctx->mode_ace = 1; 1442 break; 1443 case Opt_cifsacl: 1444 ctx->cifs_acl = !result.negated; 1445 break; 1446 case Opt_acl: 1447 ctx->no_psx_acl = result.negated; 1448 break; 1449 case Opt_locallease: 1450 ctx->local_lease = 1; 1451 break; 1452 case Opt_sign: 1453 ctx->sign = true; 1454 break; 1455 case Opt_ignore_signature: 1456 ctx->sign = true; 1457 ctx->ignore_signature = true; 1458 break; 1459 case Opt_seal: 1460 /* we do not do the following in secFlags because seal 1461 * is a per tree connection (mount) not a per socket 1462 * or per-smb connection option in the protocol 1463 * vol->secFlg |= CIFSSEC_MUST_SEAL; 1464 */ 1465 ctx->seal = 1; 1466 break; 1467 case Opt_noac: 1468 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n"); 1469 break; 1470 case Opt_fsc: 1471 #ifndef CONFIG_CIFS_FSCACHE 1472 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n"); 1473 goto cifs_parse_mount_err; 1474 #endif 1475 ctx->fsc = true; 1476 break; 1477 case Opt_mfsymlinks: 1478 ctx->mfsymlinks = true; 1479 break; 1480 case Opt_multiuser: 1481 ctx->multiuser = true; 1482 break; 1483 case Opt_sloppy: 1484 ctx->sloppy = true; 1485 break; 1486 case Opt_nosharesock: 1487 ctx->nosharesock = true; 1488 break; 1489 case Opt_persistent: 1490 if (result.negated) { 1491 ctx->nopersistent = true; 1492 if (ctx->persistent) { 1493 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1494 goto cifs_parse_mount_err; 1495 } 1496 } else { 1497 ctx->persistent = true; 1498 if ((ctx->nopersistent) || (ctx->resilient)) { 1499 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1500 goto cifs_parse_mount_err; 1501 } 1502 } 1503 break; 1504 case Opt_resilient: 1505 if (result.negated) { 1506 ctx->resilient = false; /* already the default */ 1507 } else { 1508 ctx->resilient = true; 1509 if (ctx->persistent) { 1510 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1511 goto cifs_parse_mount_err; 1512 } 1513 } 1514 break; 1515 case Opt_tcp_nodelay: 1516 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */ 1517 if (result.negated) 1518 ctx->sockopt_tcp_nodelay = false; 1519 else 1520 ctx->sockopt_tcp_nodelay = true; 1521 break; 1522 case Opt_domainauto: 1523 ctx->domainauto = true; 1524 break; 1525 case Opt_rdma: 1526 ctx->rdma = true; 1527 break; 1528 } 1529 /* case Opt_ignore: - is ignored as expected ... */ 1530 1531 return 0; 1532 1533 cifs_parse_mount_err: 1534 kfree_sensitive(ctx->password); 1535 return -EINVAL; 1536 } 1537 1538 int smb3_init_fs_context(struct fs_context *fc) 1539 { 1540 struct smb3_fs_context *ctx; 1541 char *nodename = utsname()->nodename; 1542 int i; 1543 1544 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL); 1545 if (unlikely(!ctx)) 1546 return -ENOMEM; 1547 1548 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name)); 1549 1550 /* 1551 * does not have to be perfect mapping since field is 1552 * informational, only used for servers that do not support 1553 * port 445 and it can be overridden at mount time 1554 */ 1555 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN); 1556 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++) 1557 ctx->source_rfc1001_name[i] = toupper(nodename[i]); 1558 1559 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0; 1560 /* 1561 * null target name indicates to use *SMBSERVR default called name 1562 * if we end up sending RFC1001 session initialize 1563 */ 1564 ctx->target_rfc1001_name[0] = 0; 1565 ctx->cred_uid = current_uid(); 1566 ctx->linux_uid = current_uid(); 1567 ctx->linux_gid = current_gid(); 1568 /* By default 4MB read ahead size, 1MB block size */ 1569 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */ 1570 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */ 1571 1572 /* 1573 * default to SFM style remapping of seven reserved characters 1574 * unless user overrides it or we negotiate CIFS POSIX where 1575 * it is unnecessary. Can not simultaneously use more than one mapping 1576 * since then readdir could list files that open could not open 1577 */ 1578 ctx->remap = true; 1579 1580 /* default to only allowing write access to owner of the mount */ 1581 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR; 1582 1583 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */ 1584 /* default is always to request posix paths. */ 1585 ctx->posix_paths = 1; 1586 /* default to using server inode numbers where available */ 1587 ctx->server_ino = 1; 1588 1589 /* default is to use strict cifs caching semantics */ 1590 ctx->strict_io = true; 1591 1592 ctx->acregmax = CIFS_DEF_ACTIMEO; 1593 ctx->acdirmax = CIFS_DEF_ACTIMEO; 1594 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO; 1595 1596 /* Most clients set timeout to 0, allows server to use its default */ 1597 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */ 1598 1599 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */ 1600 ctx->ops = &smb30_operations; 1601 ctx->vals = &smbdefault_values; 1602 1603 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT; 1604 1605 /* default to no multichannel (single server connection) */ 1606 ctx->multichannel = false; 1607 ctx->max_channels = 1; 1608 1609 ctx->backupuid_specified = false; /* no backup intent for a user */ 1610 ctx->backupgid_specified = false; /* no backup intent for a group */ 1611 1612 /* 1613 * short int override_uid = -1; 1614 * short int override_gid = -1; 1615 * char *nodename = strdup(utsname()->nodename); 1616 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr; 1617 */ 1618 1619 fc->fs_private = ctx; 1620 fc->ops = &smb3_fs_context_ops; 1621 return 0; 1622 } 1623 1624 void 1625 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx) 1626 { 1627 if (ctx == NULL) 1628 return; 1629 1630 /* 1631 * Make sure this stays in sync with smb3_fs_context_dup() 1632 */ 1633 kfree(ctx->username); 1634 ctx->username = NULL; 1635 kfree_sensitive(ctx->password); 1636 ctx->password = NULL; 1637 kfree(ctx->server_hostname); 1638 ctx->server_hostname = NULL; 1639 kfree(ctx->UNC); 1640 ctx->UNC = NULL; 1641 kfree(ctx->source); 1642 ctx->source = NULL; 1643 kfree(ctx->domainname); 1644 ctx->domainname = NULL; 1645 kfree(ctx->nodename); 1646 ctx->nodename = NULL; 1647 kfree(ctx->iocharset); 1648 ctx->iocharset = NULL; 1649 kfree(ctx->prepath); 1650 ctx->prepath = NULL; 1651 kfree(ctx->leaf_fullpath); 1652 ctx->leaf_fullpath = NULL; 1653 } 1654 1655 void 1656 smb3_cleanup_fs_context(struct smb3_fs_context *ctx) 1657 { 1658 if (!ctx) 1659 return; 1660 smb3_cleanup_fs_context_contents(ctx); 1661 kfree(ctx); 1662 } 1663 1664 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb) 1665 { 1666 struct smb3_fs_context *ctx = cifs_sb->ctx; 1667 1668 if (ctx->nodfs) 1669 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS; 1670 else 1671 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS; 1672 1673 if (ctx->noperm) 1674 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM; 1675 else 1676 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM; 1677 1678 if (ctx->setuids) 1679 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID; 1680 else 1681 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID; 1682 1683 if (ctx->setuidfromacl) 1684 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL; 1685 else 1686 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL; 1687 1688 if (ctx->server_ino) 1689 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM; 1690 else 1691 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM; 1692 1693 if (ctx->remap) 1694 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR; 1695 else 1696 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR; 1697 1698 if (ctx->sfu_remap) 1699 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR; 1700 else 1701 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR; 1702 1703 if (ctx->no_xattr) 1704 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR; 1705 else 1706 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR; 1707 1708 if (ctx->sfu_emul) 1709 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL; 1710 else 1711 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL; 1712 1713 if (ctx->nobrl) 1714 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL; 1715 else 1716 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL; 1717 1718 if (ctx->nohandlecache) 1719 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE; 1720 else 1721 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE; 1722 1723 if (ctx->nostrictsync) 1724 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC; 1725 else 1726 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC; 1727 1728 if (ctx->mand_lock) 1729 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL; 1730 else 1731 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL; 1732 1733 if (ctx->rwpidforward) 1734 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD; 1735 else 1736 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD; 1737 1738 if (ctx->mode_ace) 1739 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID; 1740 else 1741 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID; 1742 1743 if (ctx->cifs_acl) 1744 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL; 1745 else 1746 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL; 1747 1748 if (ctx->backupuid_specified) 1749 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID; 1750 else 1751 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID; 1752 1753 if (ctx->backupgid_specified) 1754 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID; 1755 else 1756 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID; 1757 1758 if (ctx->override_uid) 1759 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID; 1760 else 1761 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID; 1762 1763 if (ctx->override_gid) 1764 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID; 1765 else 1766 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID; 1767 1768 if (ctx->dynperm) 1769 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM; 1770 else 1771 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM; 1772 1773 if (ctx->fsc) 1774 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE; 1775 else 1776 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE; 1777 1778 if (ctx->multiuser) 1779 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER | 1780 CIFS_MOUNT_NO_PERM); 1781 else 1782 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER; 1783 1784 1785 if (ctx->strict_io) 1786 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO; 1787 else 1788 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO; 1789 1790 if (ctx->direct_io) 1791 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO; 1792 else 1793 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO; 1794 1795 if (ctx->mfsymlinks) 1796 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS; 1797 else 1798 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS; 1799 if (ctx->mfsymlinks) { 1800 if (ctx->sfu_emul) { 1801 /* 1802 * Our SFU ("Services for Unix" emulation does not allow 1803 * creating symlinks but does allow reading existing SFU 1804 * symlinks (it does allow both creating and reading SFU 1805 * style mknod and FIFOs though). When "mfsymlinks" and 1806 * "sfu" are both enabled at the same time, it allows 1807 * reading both types of symlinks, but will only create 1808 * them with mfsymlinks format. This allows better 1809 * Apple compatibility (probably better for Samba too) 1810 * while still recognizing old Windows style symlinks. 1811 */ 1812 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n"); 1813 } 1814 } 1815 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN; 1816 1817 return; 1818 } 1819