1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2020, Microsoft Corporation. 4 * 5 * Author(s): Steve French <stfrench@microsoft.com> 6 * David Howells <dhowells@redhat.com> 7 */ 8 9 /* 10 #include <linux/module.h> 11 #include <linux/nsproxy.h> 12 #include <linux/slab.h> 13 #include <linux/magic.h> 14 #include <linux/security.h> 15 #include <net/net_namespace.h> 16 #ifdef CONFIG_CIFS_DFS_UPCALL 17 #include "dfs_cache.h" 18 #endif 19 */ 20 21 #include <linux/ctype.h> 22 #include <linux/fs_context.h> 23 #include <linux/fs_parser.h> 24 #include <linux/fs.h> 25 #include <linux/mount.h> 26 #include <linux/parser.h> 27 #include <linux/utsname.h> 28 #include "cifsfs.h" 29 #include "cifspdu.h" 30 #include "cifsglob.h" 31 #include "cifsproto.h" 32 #include "cifs_unicode.h" 33 #include "cifs_debug.h" 34 #include "cifs_fs_sb.h" 35 #include "ntlmssp.h" 36 #include "nterr.h" 37 #include "rfc1002pdu.h" 38 #include "fs_context.h" 39 40 DEFINE_MUTEX(cifs_mount_mutex); 41 42 static const match_table_t cifs_smb_version_tokens = { 43 { Smb_1, SMB1_VERSION_STRING }, 44 { Smb_20, SMB20_VERSION_STRING}, 45 { Smb_21, SMB21_VERSION_STRING }, 46 { Smb_30, SMB30_VERSION_STRING }, 47 { Smb_302, SMB302_VERSION_STRING }, 48 { Smb_302, ALT_SMB302_VERSION_STRING }, 49 { Smb_311, SMB311_VERSION_STRING }, 50 { Smb_311, ALT_SMB311_VERSION_STRING }, 51 { Smb_3any, SMB3ANY_VERSION_STRING }, 52 { Smb_default, SMBDEFAULT_VERSION_STRING }, 53 { Smb_version_err, NULL } 54 }; 55 56 static const match_table_t cifs_secflavor_tokens = { 57 { Opt_sec_krb5, "krb5" }, 58 { Opt_sec_krb5i, "krb5i" }, 59 { Opt_sec_krb5p, "krb5p" }, 60 { Opt_sec_ntlmsspi, "ntlmsspi" }, 61 { Opt_sec_ntlmssp, "ntlmssp" }, 62 { Opt_sec_ntlmv2, "nontlm" }, 63 { Opt_sec_ntlmv2, "ntlmv2" }, 64 { Opt_sec_ntlmv2i, "ntlmv2i" }, 65 { Opt_sec_none, "none" }, 66 67 { Opt_sec_err, NULL } 68 }; 69 70 const struct fs_parameter_spec smb3_fs_parameters[] = { 71 /* Mount options that take no arguments */ 72 fsparam_flag_no("user_xattr", Opt_user_xattr), 73 fsparam_flag_no("forceuid", Opt_forceuid), 74 fsparam_flag_no("multichannel", Opt_multichannel), 75 fsparam_flag_no("forcegid", Opt_forcegid), 76 fsparam_flag("noblocksend", Opt_noblocksend), 77 fsparam_flag("noautotune", Opt_noautotune), 78 fsparam_flag("nolease", Opt_nolease), 79 fsparam_flag_no("hard", Opt_hard), 80 fsparam_flag_no("soft", Opt_soft), 81 fsparam_flag_no("perm", Opt_perm), 82 fsparam_flag("nodelete", Opt_nodelete), 83 fsparam_flag_no("mapposix", Opt_mapposix), 84 fsparam_flag("mapchars", Opt_mapchars), 85 fsparam_flag("nomapchars", Opt_nomapchars), 86 fsparam_flag_no("sfu", Opt_sfu), 87 fsparam_flag("nodfs", Opt_nodfs), 88 fsparam_flag_no("posixpaths", Opt_posixpaths), 89 fsparam_flag_no("unix", Opt_unix), 90 fsparam_flag_no("linux", Opt_unix), 91 fsparam_flag_no("posix", Opt_unix), 92 fsparam_flag("nocase", Opt_nocase), 93 fsparam_flag("ignorecase", Opt_nocase), 94 fsparam_flag_no("brl", Opt_brl), 95 fsparam_flag_no("handlecache", Opt_handlecache), 96 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock), 97 fsparam_flag("forcemand", Opt_forcemandatorylock), 98 fsparam_flag("setuidfromacl", Opt_setuidfromacl), 99 fsparam_flag("idsfromsid", Opt_setuidfromacl), 100 fsparam_flag_no("setuids", Opt_setuids), 101 fsparam_flag_no("dynperm", Opt_dynperm), 102 fsparam_flag_no("intr", Opt_intr), 103 fsparam_flag_no("strictsync", Opt_strictsync), 104 fsparam_flag_no("serverino", Opt_serverino), 105 fsparam_flag("rwpidforward", Opt_rwpidforward), 106 fsparam_flag("cifsacl", Opt_cifsacl), 107 fsparam_flag_no("acl", Opt_acl), 108 fsparam_flag("locallease", Opt_locallease), 109 fsparam_flag("sign", Opt_sign), 110 fsparam_flag("ignore_signature", Opt_ignore_signature), 111 fsparam_flag("signloosely", Opt_ignore_signature), 112 fsparam_flag("seal", Opt_seal), 113 fsparam_flag("noac", Opt_noac), 114 fsparam_flag("fsc", Opt_fsc), 115 fsparam_flag("mfsymlinks", Opt_mfsymlinks), 116 fsparam_flag("multiuser", Opt_multiuser), 117 fsparam_flag("sloppy", Opt_sloppy), 118 fsparam_flag("nosharesock", Opt_nosharesock), 119 fsparam_flag_no("persistenthandles", Opt_persistent), 120 fsparam_flag_no("resilienthandles", Opt_resilient), 121 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay), 122 fsparam_flag("nosparse", Opt_nosparse), 123 fsparam_flag("domainauto", Opt_domainauto), 124 fsparam_flag("rdma", Opt_rdma), 125 fsparam_flag("modesid", Opt_modesid), 126 fsparam_flag("modefromsid", Opt_modesid), 127 fsparam_flag("rootfs", Opt_rootfs), 128 fsparam_flag("compress", Opt_compress), 129 fsparam_flag("witness", Opt_witness), 130 131 /* Mount options which take numeric value */ 132 fsparam_u32("backupuid", Opt_backupuid), 133 fsparam_u32("backupgid", Opt_backupgid), 134 fsparam_u32("uid", Opt_uid), 135 fsparam_u32("cruid", Opt_cruid), 136 fsparam_u32("gid", Opt_gid), 137 fsparam_u32("file_mode", Opt_file_mode), 138 fsparam_u32("dirmode", Opt_dirmode), 139 fsparam_u32("dir_mode", Opt_dirmode), 140 fsparam_u32("port", Opt_port), 141 fsparam_u32("min_enc_offload", Opt_min_enc_offload), 142 fsparam_u32("esize", Opt_min_enc_offload), 143 fsparam_u32("bsize", Opt_blocksize), 144 fsparam_u32("rasize", Opt_rasize), 145 fsparam_u32("rsize", Opt_rsize), 146 fsparam_u32("wsize", Opt_wsize), 147 fsparam_u32("actimeo", Opt_actimeo), 148 fsparam_u32("acdirmax", Opt_acdirmax), 149 fsparam_u32("acregmax", Opt_acregmax), 150 fsparam_u32("closetimeo", Opt_closetimeo), 151 fsparam_u32("echo_interval", Opt_echo_interval), 152 fsparam_u32("max_credits", Opt_max_credits), 153 fsparam_u32("max_cached_dirs", Opt_max_cached_dirs), 154 fsparam_u32("handletimeout", Opt_handletimeout), 155 fsparam_u64("snapshot", Opt_snapshot), 156 fsparam_u32("max_channels", Opt_max_channels), 157 158 /* Mount options which take string value */ 159 fsparam_string("source", Opt_source), 160 fsparam_string("user", Opt_user), 161 fsparam_string("username", Opt_user), 162 fsparam_string("pass", Opt_pass), 163 fsparam_string("password", Opt_pass), 164 fsparam_string("ip", Opt_ip), 165 fsparam_string("addr", Opt_ip), 166 fsparam_string("domain", Opt_domain), 167 fsparam_string("dom", Opt_domain), 168 fsparam_string("srcaddr", Opt_srcaddr), 169 fsparam_string("iocharset", Opt_iocharset), 170 fsparam_string("netbiosname", Opt_netbiosname), 171 fsparam_string("servern", Opt_servern), 172 fsparam_string("ver", Opt_ver), 173 fsparam_string("vers", Opt_vers), 174 fsparam_string("sec", Opt_sec), 175 fsparam_string("cache", Opt_cache), 176 177 /* Arguments that should be ignored */ 178 fsparam_flag("guest", Opt_ignore), 179 fsparam_flag("noatime", Opt_ignore), 180 fsparam_flag("relatime", Opt_ignore), 181 fsparam_flag("_netdev", Opt_ignore), 182 fsparam_flag_no("suid", Opt_ignore), 183 fsparam_flag_no("exec", Opt_ignore), 184 fsparam_flag_no("dev", Opt_ignore), 185 fsparam_flag_no("mand", Opt_ignore), 186 fsparam_flag_no("auto", Opt_ignore), 187 fsparam_string("cred", Opt_ignore), 188 fsparam_string("credentials", Opt_ignore), 189 /* 190 * UNC and prefixpath is now extracted from Opt_source 191 * in the new mount API so we can just ignore them going forward. 192 */ 193 fsparam_string("unc", Opt_ignore), 194 fsparam_string("prefixpath", Opt_ignore), 195 {} 196 }; 197 198 static int 199 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 200 { 201 202 substring_t args[MAX_OPT_ARGS]; 203 204 /* 205 * With mount options, the last one should win. Reset any existing 206 * settings back to default. 207 */ 208 ctx->sectype = Unspecified; 209 ctx->sign = false; 210 211 switch (match_token(value, cifs_secflavor_tokens, args)) { 212 case Opt_sec_krb5p: 213 cifs_errorf(fc, "sec=krb5p is not supported. Use sec=krb5,seal instead\n"); 214 return 1; 215 case Opt_sec_krb5i: 216 ctx->sign = true; 217 fallthrough; 218 case Opt_sec_krb5: 219 ctx->sectype = Kerberos; 220 break; 221 case Opt_sec_ntlmsspi: 222 ctx->sign = true; 223 fallthrough; 224 case Opt_sec_ntlmssp: 225 ctx->sectype = RawNTLMSSP; 226 break; 227 case Opt_sec_ntlmv2i: 228 ctx->sign = true; 229 fallthrough; 230 case Opt_sec_ntlmv2: 231 ctx->sectype = NTLMv2; 232 break; 233 case Opt_sec_none: 234 ctx->nullauth = 1; 235 kfree(ctx->username); 236 ctx->username = NULL; 237 break; 238 default: 239 cifs_errorf(fc, "bad security option: %s\n", value); 240 return 1; 241 } 242 243 return 0; 244 } 245 246 static const match_table_t cifs_cacheflavor_tokens = { 247 { Opt_cache_loose, "loose" }, 248 { Opt_cache_strict, "strict" }, 249 { Opt_cache_none, "none" }, 250 { Opt_cache_ro, "ro" }, 251 { Opt_cache_rw, "singleclient" }, 252 { Opt_cache_err, NULL } 253 }; 254 255 static int 256 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx) 257 { 258 substring_t args[MAX_OPT_ARGS]; 259 260 switch (match_token(value, cifs_cacheflavor_tokens, args)) { 261 case Opt_cache_loose: 262 ctx->direct_io = false; 263 ctx->strict_io = false; 264 ctx->cache_ro = false; 265 ctx->cache_rw = false; 266 break; 267 case Opt_cache_strict: 268 ctx->direct_io = false; 269 ctx->strict_io = true; 270 ctx->cache_ro = false; 271 ctx->cache_rw = false; 272 break; 273 case Opt_cache_none: 274 ctx->direct_io = true; 275 ctx->strict_io = false; 276 ctx->cache_ro = false; 277 ctx->cache_rw = false; 278 break; 279 case Opt_cache_ro: 280 ctx->direct_io = false; 281 ctx->strict_io = false; 282 ctx->cache_ro = true; 283 ctx->cache_rw = false; 284 break; 285 case Opt_cache_rw: 286 ctx->direct_io = false; 287 ctx->strict_io = false; 288 ctx->cache_ro = false; 289 ctx->cache_rw = true; 290 break; 291 default: 292 cifs_errorf(fc, "bad cache= option: %s\n", value); 293 return 1; 294 } 295 return 0; 296 } 297 298 #define DUP_CTX_STR(field) \ 299 do { \ 300 if (ctx->field) { \ 301 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \ 302 if (new_ctx->field == NULL) { \ 303 smb3_cleanup_fs_context_contents(new_ctx); \ 304 return -ENOMEM; \ 305 } \ 306 } \ 307 } while (0) 308 309 int 310 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx) 311 { 312 memcpy(new_ctx, ctx, sizeof(*ctx)); 313 new_ctx->prepath = NULL; 314 new_ctx->nodename = NULL; 315 new_ctx->username = NULL; 316 new_ctx->password = NULL; 317 new_ctx->server_hostname = NULL; 318 new_ctx->domainname = NULL; 319 new_ctx->UNC = NULL; 320 new_ctx->source = NULL; 321 new_ctx->iocharset = NULL; 322 new_ctx->leaf_fullpath = NULL; 323 /* 324 * Make sure to stay in sync with smb3_cleanup_fs_context_contents() 325 */ 326 DUP_CTX_STR(prepath); 327 DUP_CTX_STR(username); 328 DUP_CTX_STR(password); 329 DUP_CTX_STR(server_hostname); 330 DUP_CTX_STR(UNC); 331 DUP_CTX_STR(source); 332 DUP_CTX_STR(domainname); 333 DUP_CTX_STR(nodename); 334 DUP_CTX_STR(iocharset); 335 DUP_CTX_STR(leaf_fullpath); 336 337 return 0; 338 } 339 340 static int 341 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3) 342 { 343 substring_t args[MAX_OPT_ARGS]; 344 345 switch (match_token(value, cifs_smb_version_tokens, args)) { 346 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY 347 case Smb_1: 348 if (disable_legacy_dialects) { 349 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 350 return 1; 351 } 352 if (is_smb3) { 353 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n"); 354 return 1; 355 } 356 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n"); 357 ctx->ops = &smb1_operations; 358 ctx->vals = &smb1_values; 359 break; 360 case Smb_20: 361 if (disable_legacy_dialects) { 362 cifs_errorf(fc, "mount with legacy dialect disabled\n"); 363 return 1; 364 } 365 if (is_smb3) { 366 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n"); 367 return 1; 368 } 369 ctx->ops = &smb20_operations; 370 ctx->vals = &smb20_values; 371 break; 372 #else 373 case Smb_1: 374 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n"); 375 return 1; 376 case Smb_20: 377 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n"); 378 return 1; 379 #endif /* CIFS_ALLOW_INSECURE_LEGACY */ 380 case Smb_21: 381 ctx->ops = &smb21_operations; 382 ctx->vals = &smb21_values; 383 break; 384 case Smb_30: 385 ctx->ops = &smb30_operations; 386 ctx->vals = &smb30_values; 387 break; 388 case Smb_302: 389 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 390 ctx->vals = &smb302_values; 391 break; 392 case Smb_311: 393 ctx->ops = &smb311_operations; 394 ctx->vals = &smb311_values; 395 break; 396 case Smb_3any: 397 ctx->ops = &smb30_operations; /* currently identical with 3.0 */ 398 ctx->vals = &smb3any_values; 399 break; 400 case Smb_default: 401 ctx->ops = &smb30_operations; 402 ctx->vals = &smbdefault_values; 403 break; 404 default: 405 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value); 406 return 1; 407 } 408 return 0; 409 } 410 411 int smb3_parse_opt(const char *options, const char *key, char **val) 412 { 413 int rc = -ENOENT; 414 char *opts, *orig, *p; 415 416 orig = opts = kstrdup(options, GFP_KERNEL); 417 if (!opts) 418 return -ENOMEM; 419 420 while ((p = strsep(&opts, ","))) { 421 char *nval; 422 423 if (!*p) 424 continue; 425 if (strncasecmp(p, key, strlen(key))) 426 continue; 427 nval = strchr(p, '='); 428 if (nval) { 429 if (nval == p) 430 continue; 431 *nval++ = 0; 432 *val = kstrdup(nval, GFP_KERNEL); 433 rc = !*val ? -ENOMEM : 0; 434 goto out; 435 } 436 } 437 out: 438 kfree(orig); 439 return rc; 440 } 441 442 /* 443 * Remove duplicate path delimiters. Windows is supposed to do that 444 * but there are some bugs that prevent rename from working if there are 445 * multiple delimiters. 446 * 447 * Return a sanitized duplicate of @path or NULL for empty prefix paths. 448 * Otherwise, return ERR_PTR. 449 * 450 * @gfp indicates the GFP_* flags for kstrdup. 451 * The caller is responsible for freeing the original. 452 */ 453 #define IS_DELIM(c) ((c) == '/' || (c) == '\\') 454 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp) 455 { 456 char *cursor1 = prepath, *cursor2 = prepath; 457 char *s; 458 459 /* skip all prepended delimiters */ 460 while (IS_DELIM(*cursor1)) 461 cursor1++; 462 463 /* copy the first letter */ 464 *cursor2 = *cursor1; 465 466 /* copy the remainder... */ 467 while (*(cursor1++)) { 468 /* ... skipping all duplicated delimiters */ 469 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2)) 470 continue; 471 *(++cursor2) = *cursor1; 472 } 473 474 /* if the last character is a delimiter, skip it */ 475 if (IS_DELIM(*(cursor2 - 1))) 476 cursor2--; 477 478 *cursor2 = '\0'; 479 if (!*prepath) 480 return NULL; 481 s = kstrdup(prepath, gfp); 482 if (!s) 483 return ERR_PTR(-ENOMEM); 484 return s; 485 } 486 487 /* 488 * Return full path based on the values of @ctx->{UNC,prepath}. 489 * 490 * It is assumed that both values were already parsed by smb3_parse_devname(). 491 */ 492 char *smb3_fs_context_fullpath(const struct smb3_fs_context *ctx, char dirsep) 493 { 494 size_t ulen, plen; 495 char *s; 496 497 ulen = strlen(ctx->UNC); 498 plen = ctx->prepath ? strlen(ctx->prepath) + 1 : 0; 499 500 s = kmalloc(ulen + plen + 1, GFP_KERNEL); 501 if (!s) 502 return ERR_PTR(-ENOMEM); 503 memcpy(s, ctx->UNC, ulen); 504 if (plen) { 505 s[ulen] = dirsep; 506 memcpy(s + ulen + 1, ctx->prepath, plen); 507 } 508 s[ulen + plen] = '\0'; 509 convert_delimiter(s, dirsep); 510 return s; 511 } 512 513 /* 514 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath 515 * fields with the result. Returns 0 on success and an error otherwise 516 * (e.g. ENOMEM or EINVAL) 517 */ 518 int 519 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx) 520 { 521 char *pos; 522 const char *delims = "/\\"; 523 size_t len; 524 int rc; 525 526 if (unlikely(!devname || !*devname)) { 527 cifs_dbg(VFS, "Device name not specified\n"); 528 return -EINVAL; 529 } 530 531 /* make sure we have a valid UNC double delimiter prefix */ 532 len = strspn(devname, delims); 533 if (len != 2) 534 return -EINVAL; 535 536 /* find delimiter between host and sharename */ 537 pos = strpbrk(devname + 2, delims); 538 if (!pos) 539 return -EINVAL; 540 541 /* record the server hostname */ 542 kfree(ctx->server_hostname); 543 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL); 544 if (!ctx->server_hostname) 545 return -ENOMEM; 546 547 /* skip past delimiter */ 548 ++pos; 549 550 /* now go until next delimiter or end of string */ 551 len = strcspn(pos, delims); 552 if (!len) 553 return -EINVAL; 554 555 /* move "pos" up to delimiter or NULL */ 556 pos += len; 557 kfree(ctx->UNC); 558 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL); 559 if (!ctx->UNC) 560 return -ENOMEM; 561 562 convert_delimiter(ctx->UNC, '\\'); 563 564 /* skip any delimiter */ 565 if (*pos == '/' || *pos == '\\') 566 pos++; 567 568 kfree(ctx->prepath); 569 ctx->prepath = NULL; 570 571 /* If pos is NULL then no prepath */ 572 if (!*pos) 573 return 0; 574 575 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL); 576 if (IS_ERR(ctx->prepath)) { 577 rc = PTR_ERR(ctx->prepath); 578 ctx->prepath = NULL; 579 return rc; 580 } 581 582 return 0; 583 } 584 585 static void smb3_fs_context_free(struct fs_context *fc); 586 static int smb3_fs_context_parse_param(struct fs_context *fc, 587 struct fs_parameter *param); 588 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 589 void *data); 590 static int smb3_get_tree(struct fs_context *fc); 591 static int smb3_reconfigure(struct fs_context *fc); 592 593 static const struct fs_context_operations smb3_fs_context_ops = { 594 .free = smb3_fs_context_free, 595 .parse_param = smb3_fs_context_parse_param, 596 .parse_monolithic = smb3_fs_context_parse_monolithic, 597 .get_tree = smb3_get_tree, 598 .reconfigure = smb3_reconfigure, 599 }; 600 601 /* 602 * Parse a monolithic block of data from sys_mount(). 603 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data 604 * @ctx: The superblock configuration to fill in. 605 * @data: The data to parse 606 * 607 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be 608 * called from the ->monolithic_mount_data() fs_context operation. 609 * 610 * Returns 0 on success or the error returned by the ->parse_option() fs_context 611 * operation on failure. 612 */ 613 static int smb3_fs_context_parse_monolithic(struct fs_context *fc, 614 void *data) 615 { 616 char *options = data, *key; 617 int ret = 0; 618 619 if (!options) 620 return 0; 621 622 ret = security_sb_eat_lsm_opts(options, &fc->security); 623 if (ret) 624 return ret; 625 626 /* BB Need to add support for sep= here TBD */ 627 while ((key = strsep(&options, ",")) != NULL) { 628 size_t len; 629 char *value; 630 631 if (*key == 0) 632 break; 633 634 /* Check if following character is the deliminator If yes, 635 * we have encountered a double deliminator reset the NULL 636 * character to the deliminator 637 */ 638 while (options && options[0] == ',') { 639 len = strlen(key); 640 strcpy(key + len, options); 641 options = strchr(options, ','); 642 if (options) 643 *options++ = 0; 644 } 645 646 647 len = 0; 648 value = strchr(key, '='); 649 if (value) { 650 if (value == key) 651 continue; 652 *value++ = 0; 653 len = strlen(value); 654 } 655 656 ret = vfs_parse_fs_string(fc, key, value, len); 657 if (ret < 0) 658 break; 659 } 660 661 return ret; 662 } 663 664 /* 665 * Validate the preparsed information in the config. 666 */ 667 static int smb3_fs_context_validate(struct fs_context *fc) 668 { 669 struct smb3_fs_context *ctx = smb3_fc2context(fc); 670 671 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) { 672 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n"); 673 return -EOPNOTSUPP; 674 } 675 676 #ifndef CONFIG_KEYS 677 /* Muliuser mounts require CONFIG_KEYS support */ 678 if (ctx->multiuser) { 679 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n"); 680 return -1; 681 } 682 #endif 683 684 if (ctx->got_version == false) 685 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n"); 686 687 688 if (!ctx->UNC) { 689 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n"); 690 return -1; 691 } 692 693 /* make sure UNC has a share name */ 694 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) { 695 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n"); 696 return -ENOENT; 697 } 698 699 if (!ctx->got_ip) { 700 int len; 701 const char *slash; 702 703 /* No ip= option specified? Try to get it from UNC */ 704 /* Use the address part of the UNC. */ 705 slash = strchr(&ctx->UNC[2], '\\'); 706 len = slash - &ctx->UNC[2]; 707 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 708 &ctx->UNC[2], len)) { 709 pr_err("Unable to determine destination address\n"); 710 return -EHOSTUNREACH; 711 } 712 } 713 714 /* set the port that we got earlier */ 715 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port); 716 717 if (ctx->uid_specified && !ctx->forceuid_specified) { 718 ctx->override_uid = 1; 719 pr_notice("enabling forceuid mount option implicitly because uid= option is specified\n"); 720 } 721 722 if (ctx->gid_specified && !ctx->forcegid_specified) { 723 ctx->override_gid = 1; 724 pr_notice("enabling forcegid mount option implicitly because gid= option is specified\n"); 725 } 726 727 if (ctx->override_uid && !ctx->uid_specified) { 728 ctx->override_uid = 0; 729 pr_notice("ignoring forceuid mount option specified with no uid= option\n"); 730 } 731 732 if (ctx->override_gid && !ctx->gid_specified) { 733 ctx->override_gid = 0; 734 pr_notice("ignoring forcegid mount option specified with no gid= option\n"); 735 } 736 737 return 0; 738 } 739 740 static int smb3_get_tree_common(struct fs_context *fc) 741 { 742 struct smb3_fs_context *ctx = smb3_fc2context(fc); 743 struct dentry *root; 744 int rc = 0; 745 746 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx); 747 if (IS_ERR(root)) 748 return PTR_ERR(root); 749 750 fc->root = root; 751 752 return rc; 753 } 754 755 /* 756 * Create an SMB3 superblock from the parameters passed. 757 */ 758 static int smb3_get_tree(struct fs_context *fc) 759 { 760 int err = smb3_fs_context_validate(fc); 761 int ret; 762 763 if (err) 764 return err; 765 cifs_mount_lock(); 766 ret = smb3_get_tree_common(fc); 767 cifs_mount_unlock(); 768 return ret; 769 } 770 771 static void smb3_fs_context_free(struct fs_context *fc) 772 { 773 struct smb3_fs_context *ctx = smb3_fc2context(fc); 774 775 smb3_cleanup_fs_context(ctx); 776 } 777 778 /* 779 * Compare the old and new proposed context during reconfigure 780 * and check if the changes are compatible. 781 */ 782 static int smb3_verify_reconfigure_ctx(struct fs_context *fc, 783 struct smb3_fs_context *new_ctx, 784 struct smb3_fs_context *old_ctx, bool need_recon) 785 { 786 if (new_ctx->posix_paths != old_ctx->posix_paths) { 787 cifs_errorf(fc, "can not change posixpaths during remount\n"); 788 return -EINVAL; 789 } 790 if (new_ctx->sectype != old_ctx->sectype) { 791 cifs_errorf(fc, "can not change sec during remount\n"); 792 return -EINVAL; 793 } 794 if (new_ctx->multiuser != old_ctx->multiuser) { 795 cifs_errorf(fc, "can not change multiuser during remount\n"); 796 return -EINVAL; 797 } 798 if (new_ctx->UNC && 799 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) { 800 cifs_errorf(fc, "can not change UNC during remount\n"); 801 return -EINVAL; 802 } 803 if (new_ctx->username && 804 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) { 805 cifs_errorf(fc, "can not change username during remount\n"); 806 return -EINVAL; 807 } 808 if (new_ctx->password && 809 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) { 810 if (need_recon == false) { 811 cifs_errorf(fc, 812 "can not change password of active session during remount\n"); 813 return -EINVAL; 814 } else if (old_ctx->sectype == Kerberos) { 815 cifs_errorf(fc, 816 "can not change password for Kerberos via remount\n"); 817 return -EINVAL; 818 } 819 } 820 if (new_ctx->domainname && 821 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) { 822 cifs_errorf(fc, "can not change domainname during remount\n"); 823 return -EINVAL; 824 } 825 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) { 826 cifs_errorf(fc, "can not change workstation_name during remount\n"); 827 return -EINVAL; 828 } 829 if (new_ctx->nodename && 830 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) { 831 cifs_errorf(fc, "can not change nodename during remount\n"); 832 return -EINVAL; 833 } 834 if (new_ctx->iocharset && 835 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) { 836 cifs_errorf(fc, "can not change iocharset during remount\n"); 837 return -EINVAL; 838 } 839 840 return 0; 841 } 842 843 #define STEAL_STRING(cifs_sb, ctx, field) \ 844 do { \ 845 kfree(ctx->field); \ 846 ctx->field = cifs_sb->ctx->field; \ 847 cifs_sb->ctx->field = NULL; \ 848 } while (0) 849 850 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \ 851 do { \ 852 kfree_sensitive(ctx->field); \ 853 ctx->field = cifs_sb->ctx->field; \ 854 cifs_sb->ctx->field = NULL; \ 855 } while (0) 856 857 static int smb3_reconfigure(struct fs_context *fc) 858 { 859 struct smb3_fs_context *ctx = smb3_fc2context(fc); 860 struct dentry *root = fc->root; 861 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb); 862 struct cifs_ses *ses = cifs_sb_master_tcon(cifs_sb)->ses; 863 bool need_recon = false; 864 int rc; 865 866 if (ses->expired_pwd) 867 need_recon = true; 868 869 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx, need_recon); 870 if (rc) 871 return rc; 872 873 /* 874 * We can not change UNC/username/password/domainname/ 875 * workstation_name/nodename/iocharset 876 * during reconnect so ignore what we have in the new context and 877 * just use what we already have in cifs_sb->ctx. 878 */ 879 STEAL_STRING(cifs_sb, ctx, UNC); 880 STEAL_STRING(cifs_sb, ctx, source); 881 STEAL_STRING(cifs_sb, ctx, username); 882 if (need_recon == false) 883 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password); 884 else { 885 kfree_sensitive(ses->password); 886 ses->password = kstrdup(ctx->password, GFP_KERNEL); 887 } 888 STEAL_STRING(cifs_sb, ctx, domainname); 889 STEAL_STRING(cifs_sb, ctx, nodename); 890 STEAL_STRING(cifs_sb, ctx, iocharset); 891 892 /* if rsize or wsize not passed in on remount, use previous values */ 893 if (ctx->rsize == 0) 894 ctx->rsize = cifs_sb->ctx->rsize; 895 if (ctx->wsize == 0) 896 ctx->wsize = cifs_sb->ctx->wsize; 897 898 899 smb3_cleanup_fs_context_contents(cifs_sb->ctx); 900 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx); 901 smb3_update_mnt_flags(cifs_sb); 902 #ifdef CONFIG_CIFS_DFS_UPCALL 903 if (!rc) 904 rc = dfs_cache_remount_fs(cifs_sb); 905 #endif 906 907 return rc; 908 } 909 910 static int smb3_fs_context_parse_param(struct fs_context *fc, 911 struct fs_parameter *param) 912 { 913 struct fs_parse_result result; 914 struct smb3_fs_context *ctx = smb3_fc2context(fc); 915 int i, opt; 916 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3"); 917 bool skip_parsing = false; 918 kuid_t uid; 919 kgid_t gid; 920 921 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key); 922 923 /* 924 * fs_parse can not handle string options with an empty value so 925 * we will need special handling of them. 926 */ 927 if (param->type == fs_value_is_string && param->string[0] == 0) { 928 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) { 929 skip_parsing = true; 930 opt = Opt_pass; 931 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) { 932 skip_parsing = true; 933 opt = Opt_user; 934 } 935 } 936 937 if (!skip_parsing) { 938 opt = fs_parse(fc, smb3_fs_parameters, param, &result); 939 if (opt < 0) 940 return ctx->sloppy ? 1 : opt; 941 } 942 943 switch (opt) { 944 case Opt_compress: 945 ctx->compression = UNKNOWN_TYPE; 946 cifs_dbg(VFS, 947 "SMB3 compression support is experimental\n"); 948 break; 949 case Opt_nodfs: 950 ctx->nodfs = 1; 951 break; 952 case Opt_hard: 953 if (result.negated) { 954 if (ctx->retry == 1) 955 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n"); 956 ctx->retry = 0; 957 } else 958 ctx->retry = 1; 959 break; 960 case Opt_soft: 961 if (result.negated) 962 ctx->retry = 1; 963 else { 964 if (ctx->retry == 1) 965 cifs_dbg(VFS, "conflicting hard vs soft mount options\n"); 966 ctx->retry = 0; 967 } 968 break; 969 case Opt_mapposix: 970 if (result.negated) 971 ctx->remap = false; 972 else { 973 ctx->remap = true; 974 ctx->sfu_remap = false; /* disable SFU mapping */ 975 } 976 break; 977 case Opt_mapchars: 978 if (result.negated) 979 ctx->sfu_remap = false; 980 else { 981 ctx->sfu_remap = true; 982 ctx->remap = false; /* disable SFM (mapposix) mapping */ 983 } 984 break; 985 case Opt_user_xattr: 986 if (result.negated) 987 ctx->no_xattr = 1; 988 else 989 ctx->no_xattr = 0; 990 break; 991 case Opt_forceuid: 992 if (result.negated) 993 ctx->override_uid = 0; 994 else 995 ctx->override_uid = 1; 996 ctx->forceuid_specified = true; 997 break; 998 case Opt_forcegid: 999 if (result.negated) 1000 ctx->override_gid = 0; 1001 else 1002 ctx->override_gid = 1; 1003 ctx->forcegid_specified = true; 1004 break; 1005 case Opt_perm: 1006 if (result.negated) 1007 ctx->noperm = 1; 1008 else 1009 ctx->noperm = 0; 1010 break; 1011 case Opt_dynperm: 1012 if (result.negated) 1013 ctx->dynperm = 0; 1014 else 1015 ctx->dynperm = 1; 1016 break; 1017 case Opt_sfu: 1018 if (result.negated) 1019 ctx->sfu_emul = 0; 1020 else 1021 ctx->sfu_emul = 1; 1022 break; 1023 case Opt_noblocksend: 1024 ctx->noblocksnd = 1; 1025 break; 1026 case Opt_noautotune: 1027 ctx->noautotune = 1; 1028 break; 1029 case Opt_nolease: 1030 ctx->no_lease = 1; 1031 break; 1032 case Opt_nosparse: 1033 ctx->no_sparse = 1; 1034 break; 1035 case Opt_nodelete: 1036 ctx->nodelete = 1; 1037 break; 1038 case Opt_multichannel: 1039 if (result.negated) { 1040 ctx->multichannel = false; 1041 ctx->max_channels = 1; 1042 } else { 1043 ctx->multichannel = true; 1044 /* if number of channels not specified, default to 2 */ 1045 if (ctx->max_channels < 2) 1046 ctx->max_channels = 2; 1047 } 1048 break; 1049 case Opt_uid: 1050 uid = make_kuid(current_user_ns(), result.uint_32); 1051 if (!uid_valid(uid)) 1052 goto cifs_parse_mount_err; 1053 ctx->linux_uid = uid; 1054 ctx->uid_specified = true; 1055 break; 1056 case Opt_cruid: 1057 uid = make_kuid(current_user_ns(), result.uint_32); 1058 if (!uid_valid(uid)) 1059 goto cifs_parse_mount_err; 1060 ctx->cred_uid = uid; 1061 ctx->cruid_specified = true; 1062 break; 1063 case Opt_backupuid: 1064 uid = make_kuid(current_user_ns(), result.uint_32); 1065 if (!uid_valid(uid)) 1066 goto cifs_parse_mount_err; 1067 ctx->backupuid = uid; 1068 ctx->backupuid_specified = true; 1069 break; 1070 case Opt_backupgid: 1071 gid = make_kgid(current_user_ns(), result.uint_32); 1072 if (!gid_valid(gid)) 1073 goto cifs_parse_mount_err; 1074 ctx->backupgid = gid; 1075 ctx->backupgid_specified = true; 1076 break; 1077 case Opt_gid: 1078 gid = make_kgid(current_user_ns(), result.uint_32); 1079 if (!gid_valid(gid)) 1080 goto cifs_parse_mount_err; 1081 ctx->linux_gid = gid; 1082 ctx->gid_specified = true; 1083 break; 1084 case Opt_port: 1085 ctx->port = result.uint_32; 1086 break; 1087 case Opt_file_mode: 1088 ctx->file_mode = result.uint_32; 1089 break; 1090 case Opt_dirmode: 1091 ctx->dir_mode = result.uint_32; 1092 break; 1093 case Opt_min_enc_offload: 1094 ctx->min_offload = result.uint_32; 1095 break; 1096 case Opt_blocksize: 1097 /* 1098 * inode blocksize realistically should never need to be 1099 * less than 16K or greater than 16M and default is 1MB. 1100 * Note that small inode block sizes (e.g. 64K) can lead 1101 * to very poor performance of common tools like cp and scp 1102 */ 1103 if ((result.uint_32 < CIFS_MAX_MSGSIZE) || 1104 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) { 1105 cifs_errorf(fc, "%s: Invalid blocksize\n", 1106 __func__); 1107 goto cifs_parse_mount_err; 1108 } 1109 ctx->bsize = result.uint_32; 1110 ctx->got_bsize = true; 1111 break; 1112 case Opt_rasize: 1113 /* 1114 * readahead size realistically should never need to be 1115 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M 1116 * (perhaps an exception should be considered in the 1117 * for the case of a large number of channels 1118 * when multichannel is negotiated) since that would lead 1119 * to plenty of parallel I/O in flight to the server. 1120 * Note that smaller read ahead sizes would 1121 * hurt performance of common tools like cp and scp 1122 * which often trigger sequential i/o with read ahead 1123 */ 1124 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) || 1125 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) { 1126 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n", 1127 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE); 1128 goto cifs_parse_mount_err; 1129 } 1130 ctx->rasize = result.uint_32; 1131 break; 1132 case Opt_rsize: 1133 ctx->rsize = result.uint_32; 1134 ctx->got_rsize = true; 1135 break; 1136 case Opt_wsize: 1137 ctx->wsize = result.uint_32; 1138 ctx->got_wsize = true; 1139 if (ctx->wsize % PAGE_SIZE != 0) { 1140 ctx->wsize = round_down(ctx->wsize, PAGE_SIZE); 1141 if (ctx->wsize == 0) { 1142 ctx->wsize = PAGE_SIZE; 1143 cifs_dbg(VFS, "wsize too small, reset to minimum %ld\n", PAGE_SIZE); 1144 } else { 1145 cifs_dbg(VFS, 1146 "wsize rounded down to %d to multiple of PAGE_SIZE %ld\n", 1147 ctx->wsize, PAGE_SIZE); 1148 } 1149 } 1150 break; 1151 case Opt_acregmax: 1152 ctx->acregmax = HZ * result.uint_32; 1153 if (ctx->acregmax > CIFS_MAX_ACTIMEO) { 1154 cifs_errorf(fc, "acregmax too large\n"); 1155 goto cifs_parse_mount_err; 1156 } 1157 break; 1158 case Opt_acdirmax: 1159 ctx->acdirmax = HZ * result.uint_32; 1160 if (ctx->acdirmax > CIFS_MAX_ACTIMEO) { 1161 cifs_errorf(fc, "acdirmax too large\n"); 1162 goto cifs_parse_mount_err; 1163 } 1164 break; 1165 case Opt_actimeo: 1166 if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) { 1167 cifs_errorf(fc, "timeout too large\n"); 1168 goto cifs_parse_mount_err; 1169 } 1170 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) || 1171 (ctx->acregmax != CIFS_DEF_ACTIMEO)) { 1172 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n"); 1173 break; 1174 } 1175 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32; 1176 break; 1177 case Opt_closetimeo: 1178 ctx->closetimeo = HZ * result.uint_32; 1179 if (ctx->closetimeo > SMB3_MAX_DCLOSETIMEO) { 1180 cifs_errorf(fc, "closetimeo too large\n"); 1181 goto cifs_parse_mount_err; 1182 } 1183 break; 1184 case Opt_echo_interval: 1185 ctx->echo_interval = result.uint_32; 1186 break; 1187 case Opt_snapshot: 1188 ctx->snapshot_time = result.uint_64; 1189 break; 1190 case Opt_max_credits: 1191 if (result.uint_32 < 20 || result.uint_32 > 60000) { 1192 cifs_errorf(fc, "%s: Invalid max_credits value\n", 1193 __func__); 1194 goto cifs_parse_mount_err; 1195 } 1196 ctx->max_credits = result.uint_32; 1197 break; 1198 case Opt_max_channels: 1199 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) { 1200 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n", 1201 __func__, CIFS_MAX_CHANNELS); 1202 goto cifs_parse_mount_err; 1203 } 1204 ctx->max_channels = result.uint_32; 1205 /* If more than one channel requested ... they want multichan */ 1206 if (result.uint_32 > 1) 1207 ctx->multichannel = true; 1208 break; 1209 case Opt_max_cached_dirs: 1210 if (result.uint_32 < 1) { 1211 cifs_errorf(fc, "%s: Invalid max_cached_dirs, needs to be 1 or more\n", 1212 __func__); 1213 goto cifs_parse_mount_err; 1214 } 1215 ctx->max_cached_dirs = result.uint_32; 1216 break; 1217 case Opt_handletimeout: 1218 ctx->handle_timeout = result.uint_32; 1219 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) { 1220 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n"); 1221 goto cifs_parse_mount_err; 1222 } 1223 break; 1224 case Opt_source: 1225 kfree(ctx->UNC); 1226 ctx->UNC = NULL; 1227 switch (smb3_parse_devname(param->string, ctx)) { 1228 case 0: 1229 break; 1230 case -ENOMEM: 1231 cifs_errorf(fc, "Unable to allocate memory for devname\n"); 1232 goto cifs_parse_mount_err; 1233 case -EINVAL: 1234 cifs_errorf(fc, "Malformed UNC in devname\n"); 1235 goto cifs_parse_mount_err; 1236 default: 1237 cifs_errorf(fc, "Unknown error parsing devname\n"); 1238 goto cifs_parse_mount_err; 1239 } 1240 ctx->source = smb3_fs_context_fullpath(ctx, '/'); 1241 if (IS_ERR(ctx->source)) { 1242 ctx->source = NULL; 1243 cifs_errorf(fc, "OOM when copying UNC string\n"); 1244 goto cifs_parse_mount_err; 1245 } 1246 fc->source = kstrdup(ctx->source, GFP_KERNEL); 1247 if (fc->source == NULL) { 1248 cifs_errorf(fc, "OOM when copying UNC string\n"); 1249 goto cifs_parse_mount_err; 1250 } 1251 break; 1252 case Opt_user: 1253 kfree(ctx->username); 1254 ctx->username = NULL; 1255 if (ctx->nullauth) 1256 break; 1257 if (strlen(param->string) == 0) { 1258 /* null user, ie. anonymous authentication */ 1259 ctx->nullauth = 1; 1260 break; 1261 } 1262 1263 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) > 1264 CIFS_MAX_USERNAME_LEN) { 1265 pr_warn("username too long\n"); 1266 goto cifs_parse_mount_err; 1267 } 1268 ctx->username = kstrdup(param->string, GFP_KERNEL); 1269 if (ctx->username == NULL) { 1270 cifs_errorf(fc, "OOM when copying username string\n"); 1271 goto cifs_parse_mount_err; 1272 } 1273 break; 1274 case Opt_pass: 1275 kfree_sensitive(ctx->password); 1276 ctx->password = NULL; 1277 if (strlen(param->string) == 0) 1278 break; 1279 1280 ctx->password = kstrdup(param->string, GFP_KERNEL); 1281 if (ctx->password == NULL) { 1282 cifs_errorf(fc, "OOM when copying password string\n"); 1283 goto cifs_parse_mount_err; 1284 } 1285 break; 1286 case Opt_ip: 1287 if (strlen(param->string) == 0) { 1288 ctx->got_ip = false; 1289 break; 1290 } 1291 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr, 1292 param->string, 1293 strlen(param->string))) { 1294 pr_err("bad ip= option (%s)\n", param->string); 1295 goto cifs_parse_mount_err; 1296 } 1297 ctx->got_ip = true; 1298 break; 1299 case Opt_domain: 1300 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN) 1301 == CIFS_MAX_DOMAINNAME_LEN) { 1302 pr_warn("domain name too long\n"); 1303 goto cifs_parse_mount_err; 1304 } 1305 1306 kfree(ctx->domainname); 1307 ctx->domainname = kstrdup(param->string, GFP_KERNEL); 1308 if (ctx->domainname == NULL) { 1309 cifs_errorf(fc, "OOM when copying domainname string\n"); 1310 goto cifs_parse_mount_err; 1311 } 1312 cifs_dbg(FYI, "Domain name set\n"); 1313 break; 1314 case Opt_srcaddr: 1315 if (!cifs_convert_address( 1316 (struct sockaddr *)&ctx->srcaddr, 1317 param->string, strlen(param->string))) { 1318 pr_warn("Could not parse srcaddr: %s\n", 1319 param->string); 1320 goto cifs_parse_mount_err; 1321 } 1322 break; 1323 case Opt_iocharset: 1324 if (strnlen(param->string, 1024) >= 65) { 1325 pr_warn("iocharset name too long\n"); 1326 goto cifs_parse_mount_err; 1327 } 1328 1329 if (strncasecmp(param->string, "default", 7) != 0) { 1330 kfree(ctx->iocharset); 1331 ctx->iocharset = kstrdup(param->string, GFP_KERNEL); 1332 if (ctx->iocharset == NULL) { 1333 cifs_errorf(fc, "OOM when copying iocharset string\n"); 1334 goto cifs_parse_mount_err; 1335 } 1336 } 1337 /* if iocharset not set then load_nls_default 1338 * is used by caller 1339 */ 1340 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset); 1341 break; 1342 case Opt_netbiosname: 1343 memset(ctx->source_rfc1001_name, 0x20, 1344 RFC1001_NAME_LEN); 1345 /* 1346 * FIXME: are there cases in which a comma can 1347 * be valid in workstation netbios name (and 1348 * need special handling)? 1349 */ 1350 for (i = 0; i < RFC1001_NAME_LEN; i++) { 1351 /* don't ucase netbiosname for user */ 1352 if (param->string[i] == 0) 1353 break; 1354 ctx->source_rfc1001_name[i] = param->string[i]; 1355 } 1356 /* The string has 16th byte zero still from 1357 * set at top of the function 1358 */ 1359 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1360 pr_warn("netbiosname longer than 15 truncated\n"); 1361 break; 1362 case Opt_servern: 1363 /* last byte, type, is 0x20 for servr type */ 1364 memset(ctx->target_rfc1001_name, 0x20, 1365 RFC1001_NAME_LEN_WITH_NULL); 1366 /* 1367 * BB are there cases in which a comma can be valid in this 1368 * workstation netbios name (and need special handling)? 1369 */ 1370 1371 /* user or mount helper must uppercase the netbios name */ 1372 for (i = 0; i < 15; i++) { 1373 if (param->string[i] == 0) 1374 break; 1375 ctx->target_rfc1001_name[i] = param->string[i]; 1376 } 1377 1378 /* The string has 16th byte zero still from set at top of function */ 1379 if (i == RFC1001_NAME_LEN && param->string[i] != 0) 1380 pr_warn("server netbiosname longer than 15 truncated\n"); 1381 break; 1382 case Opt_ver: 1383 /* version of mount userspace tools, not dialect */ 1384 /* If interface changes in mount.cifs bump to new ver */ 1385 if (strncasecmp(param->string, "1", 1) == 0) { 1386 if (strlen(param->string) > 1) { 1387 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n", 1388 param->string); 1389 goto cifs_parse_mount_err; 1390 } 1391 /* This is the default */ 1392 break; 1393 } 1394 /* For all other value, error */ 1395 pr_warn("Invalid mount helper version specified\n"); 1396 goto cifs_parse_mount_err; 1397 case Opt_vers: 1398 /* protocol version (dialect) */ 1399 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0) 1400 goto cifs_parse_mount_err; 1401 ctx->got_version = true; 1402 break; 1403 case Opt_sec: 1404 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0) 1405 goto cifs_parse_mount_err; 1406 break; 1407 case Opt_cache: 1408 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0) 1409 goto cifs_parse_mount_err; 1410 break; 1411 case Opt_witness: 1412 #ifndef CONFIG_CIFS_SWN_UPCALL 1413 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n"); 1414 goto cifs_parse_mount_err; 1415 #endif 1416 ctx->witness = true; 1417 pr_warn_once("Witness protocol support is experimental\n"); 1418 break; 1419 case Opt_rootfs: 1420 #ifndef CONFIG_CIFS_ROOT 1421 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n"); 1422 goto cifs_parse_mount_err; 1423 #endif 1424 ctx->rootfs = true; 1425 break; 1426 case Opt_posixpaths: 1427 if (result.negated) 1428 ctx->posix_paths = 0; 1429 else 1430 ctx->posix_paths = 1; 1431 break; 1432 case Opt_unix: 1433 if (result.negated) { 1434 if (ctx->linux_ext == 1) 1435 pr_warn_once("conflicting posix mount options specified\n"); 1436 ctx->linux_ext = 0; 1437 ctx->no_linux_ext = 1; 1438 } else { 1439 if (ctx->no_linux_ext == 1) 1440 pr_warn_once("conflicting posix mount options specified\n"); 1441 ctx->linux_ext = 1; 1442 ctx->no_linux_ext = 0; 1443 } 1444 break; 1445 case Opt_nocase: 1446 ctx->nocase = 1; 1447 break; 1448 case Opt_brl: 1449 if (result.negated) { 1450 /* 1451 * turn off mandatory locking in mode 1452 * if remote locking is turned off since the 1453 * local vfs will do advisory 1454 */ 1455 if (ctx->file_mode == 1456 (S_IALLUGO & ~(S_ISUID | S_IXGRP))) 1457 ctx->file_mode = S_IALLUGO; 1458 ctx->nobrl = 1; 1459 } else 1460 ctx->nobrl = 0; 1461 break; 1462 case Opt_handlecache: 1463 if (result.negated) 1464 ctx->nohandlecache = 1; 1465 else 1466 ctx->nohandlecache = 0; 1467 break; 1468 case Opt_forcemandatorylock: 1469 ctx->mand_lock = 1; 1470 break; 1471 case Opt_setuids: 1472 ctx->setuids = result.negated; 1473 break; 1474 case Opt_intr: 1475 ctx->intr = !result.negated; 1476 break; 1477 case Opt_setuidfromacl: 1478 ctx->setuidfromacl = 1; 1479 break; 1480 case Opt_strictsync: 1481 ctx->nostrictsync = result.negated; 1482 break; 1483 case Opt_serverino: 1484 ctx->server_ino = !result.negated; 1485 break; 1486 case Opt_rwpidforward: 1487 ctx->rwpidforward = 1; 1488 break; 1489 case Opt_modesid: 1490 ctx->mode_ace = 1; 1491 break; 1492 case Opt_cifsacl: 1493 ctx->cifs_acl = !result.negated; 1494 break; 1495 case Opt_acl: 1496 ctx->no_psx_acl = result.negated; 1497 break; 1498 case Opt_locallease: 1499 ctx->local_lease = 1; 1500 break; 1501 case Opt_sign: 1502 ctx->sign = true; 1503 break; 1504 case Opt_ignore_signature: 1505 ctx->sign = true; 1506 ctx->ignore_signature = true; 1507 break; 1508 case Opt_seal: 1509 /* we do not do the following in secFlags because seal 1510 * is a per tree connection (mount) not a per socket 1511 * or per-smb connection option in the protocol 1512 * vol->secFlg |= CIFSSEC_MUST_SEAL; 1513 */ 1514 ctx->seal = 1; 1515 break; 1516 case Opt_noac: 1517 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n"); 1518 break; 1519 case Opt_fsc: 1520 #ifndef CONFIG_CIFS_FSCACHE 1521 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n"); 1522 goto cifs_parse_mount_err; 1523 #endif 1524 ctx->fsc = true; 1525 break; 1526 case Opt_mfsymlinks: 1527 ctx->mfsymlinks = true; 1528 break; 1529 case Opt_multiuser: 1530 ctx->multiuser = true; 1531 break; 1532 case Opt_sloppy: 1533 ctx->sloppy = true; 1534 break; 1535 case Opt_nosharesock: 1536 ctx->nosharesock = true; 1537 break; 1538 case Opt_persistent: 1539 if (result.negated) { 1540 ctx->nopersistent = true; 1541 if (ctx->persistent) { 1542 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1543 goto cifs_parse_mount_err; 1544 } 1545 } else { 1546 ctx->persistent = true; 1547 if ((ctx->nopersistent) || (ctx->resilient)) { 1548 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1549 goto cifs_parse_mount_err; 1550 } 1551 } 1552 break; 1553 case Opt_resilient: 1554 if (result.negated) { 1555 ctx->resilient = false; /* already the default */ 1556 } else { 1557 ctx->resilient = true; 1558 if (ctx->persistent) { 1559 cifs_errorf(fc, "persistenthandles mount options conflict\n"); 1560 goto cifs_parse_mount_err; 1561 } 1562 } 1563 break; 1564 case Opt_tcp_nodelay: 1565 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */ 1566 if (result.negated) 1567 ctx->sockopt_tcp_nodelay = false; 1568 else 1569 ctx->sockopt_tcp_nodelay = true; 1570 break; 1571 case Opt_domainauto: 1572 ctx->domainauto = true; 1573 break; 1574 case Opt_rdma: 1575 ctx->rdma = true; 1576 break; 1577 } 1578 /* case Opt_ignore: - is ignored as expected ... */ 1579 1580 return 0; 1581 1582 cifs_parse_mount_err: 1583 kfree_sensitive(ctx->password); 1584 ctx->password = NULL; 1585 return -EINVAL; 1586 } 1587 1588 int smb3_init_fs_context(struct fs_context *fc) 1589 { 1590 struct smb3_fs_context *ctx; 1591 char *nodename = utsname()->nodename; 1592 int i; 1593 1594 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL); 1595 if (unlikely(!ctx)) 1596 return -ENOMEM; 1597 1598 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name)); 1599 1600 /* 1601 * does not have to be perfect mapping since field is 1602 * informational, only used for servers that do not support 1603 * port 445 and it can be overridden at mount time 1604 */ 1605 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN); 1606 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++) 1607 ctx->source_rfc1001_name[i] = toupper(nodename[i]); 1608 1609 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0; 1610 /* 1611 * null target name indicates to use *SMBSERVR default called name 1612 * if we end up sending RFC1001 session initialize 1613 */ 1614 ctx->target_rfc1001_name[0] = 0; 1615 ctx->cred_uid = current_uid(); 1616 ctx->linux_uid = current_uid(); 1617 ctx->linux_gid = current_gid(); 1618 /* By default 4MB read ahead size, 1MB block size */ 1619 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */ 1620 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */ 1621 1622 /* 1623 * default to SFM style remapping of seven reserved characters 1624 * unless user overrides it or we negotiate CIFS POSIX where 1625 * it is unnecessary. Can not simultaneously use more than one mapping 1626 * since then readdir could list files that open could not open 1627 */ 1628 ctx->remap = true; 1629 1630 /* default to only allowing write access to owner of the mount */ 1631 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR; 1632 1633 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */ 1634 /* default is always to request posix paths. */ 1635 ctx->posix_paths = 1; 1636 /* default to using server inode numbers where available */ 1637 ctx->server_ino = 1; 1638 1639 /* default is to use strict cifs caching semantics */ 1640 ctx->strict_io = true; 1641 1642 ctx->acregmax = CIFS_DEF_ACTIMEO; 1643 ctx->acdirmax = CIFS_DEF_ACTIMEO; 1644 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO; 1645 ctx->max_cached_dirs = MAX_CACHED_FIDS; 1646 /* Most clients set timeout to 0, allows server to use its default */ 1647 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */ 1648 1649 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */ 1650 ctx->ops = &smb30_operations; 1651 ctx->vals = &smbdefault_values; 1652 1653 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT; 1654 1655 /* default to no multichannel (single server connection) */ 1656 ctx->multichannel = false; 1657 ctx->max_channels = 1; 1658 1659 ctx->backupuid_specified = false; /* no backup intent for a user */ 1660 ctx->backupgid_specified = false; /* no backup intent for a group */ 1661 1662 /* 1663 * short int override_uid = -1; 1664 * short int override_gid = -1; 1665 * char *nodename = strdup(utsname()->nodename); 1666 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr; 1667 */ 1668 1669 fc->fs_private = ctx; 1670 fc->ops = &smb3_fs_context_ops; 1671 return 0; 1672 } 1673 1674 void 1675 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx) 1676 { 1677 if (ctx == NULL) 1678 return; 1679 1680 /* 1681 * Make sure this stays in sync with smb3_fs_context_dup() 1682 */ 1683 kfree(ctx->username); 1684 ctx->username = NULL; 1685 kfree_sensitive(ctx->password); 1686 ctx->password = NULL; 1687 kfree(ctx->server_hostname); 1688 ctx->server_hostname = NULL; 1689 kfree(ctx->UNC); 1690 ctx->UNC = NULL; 1691 kfree(ctx->source); 1692 ctx->source = NULL; 1693 kfree(ctx->domainname); 1694 ctx->domainname = NULL; 1695 kfree(ctx->nodename); 1696 ctx->nodename = NULL; 1697 kfree(ctx->iocharset); 1698 ctx->iocharset = NULL; 1699 kfree(ctx->prepath); 1700 ctx->prepath = NULL; 1701 kfree(ctx->leaf_fullpath); 1702 ctx->leaf_fullpath = NULL; 1703 } 1704 1705 void 1706 smb3_cleanup_fs_context(struct smb3_fs_context *ctx) 1707 { 1708 if (!ctx) 1709 return; 1710 smb3_cleanup_fs_context_contents(ctx); 1711 kfree(ctx); 1712 } 1713 1714 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb) 1715 { 1716 struct smb3_fs_context *ctx = cifs_sb->ctx; 1717 1718 if (ctx->nodfs) 1719 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS; 1720 else 1721 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS; 1722 1723 if (ctx->noperm) 1724 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM; 1725 else 1726 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM; 1727 1728 if (ctx->setuids) 1729 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID; 1730 else 1731 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID; 1732 1733 if (ctx->setuidfromacl) 1734 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL; 1735 else 1736 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL; 1737 1738 if (ctx->server_ino) 1739 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM; 1740 else 1741 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM; 1742 1743 if (ctx->remap) 1744 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR; 1745 else 1746 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR; 1747 1748 if (ctx->sfu_remap) 1749 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR; 1750 else 1751 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR; 1752 1753 if (ctx->no_xattr) 1754 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR; 1755 else 1756 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR; 1757 1758 if (ctx->sfu_emul) 1759 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL; 1760 else 1761 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL; 1762 1763 if (ctx->nobrl) 1764 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL; 1765 else 1766 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL; 1767 1768 if (ctx->nohandlecache) 1769 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE; 1770 else 1771 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE; 1772 1773 if (ctx->nostrictsync) 1774 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC; 1775 else 1776 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC; 1777 1778 if (ctx->mand_lock) 1779 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL; 1780 else 1781 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL; 1782 1783 if (ctx->rwpidforward) 1784 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD; 1785 else 1786 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD; 1787 1788 if (ctx->mode_ace) 1789 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID; 1790 else 1791 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID; 1792 1793 if (ctx->cifs_acl) 1794 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL; 1795 else 1796 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL; 1797 1798 if (ctx->backupuid_specified) 1799 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID; 1800 else 1801 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID; 1802 1803 if (ctx->backupgid_specified) 1804 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID; 1805 else 1806 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID; 1807 1808 if (ctx->override_uid) 1809 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID; 1810 else 1811 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID; 1812 1813 if (ctx->override_gid) 1814 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID; 1815 else 1816 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID; 1817 1818 if (ctx->dynperm) 1819 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM; 1820 else 1821 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM; 1822 1823 if (ctx->fsc) 1824 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE; 1825 else 1826 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE; 1827 1828 if (ctx->multiuser) 1829 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER | 1830 CIFS_MOUNT_NO_PERM); 1831 else 1832 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER; 1833 1834 1835 if (ctx->strict_io) 1836 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO; 1837 else 1838 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO; 1839 1840 if (ctx->direct_io) 1841 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO; 1842 else 1843 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO; 1844 1845 if (ctx->mfsymlinks) 1846 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS; 1847 else 1848 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS; 1849 if (ctx->mfsymlinks) { 1850 if (ctx->sfu_emul) { 1851 /* 1852 * Our SFU ("Services for Unix" emulation does not allow 1853 * creating symlinks but does allow reading existing SFU 1854 * symlinks (it does allow both creating and reading SFU 1855 * style mknod and FIFOs though). When "mfsymlinks" and 1856 * "sfu" are both enabled at the same time, it allows 1857 * reading both types of symlinks, but will only create 1858 * them with mfsymlinks format. This allows better 1859 * Apple compatibility (probably better for Samba too) 1860 * while still recognizing old Windows style symlinks. 1861 */ 1862 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n"); 1863 } 1864 } 1865 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN; 1866 1867 return; 1868 } 1869