1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2020, Microsoft Corporation.
4 *
5 * Author(s): Steve French <stfrench@microsoft.com>
6 * David Howells <dhowells@redhat.com>
7 */
8
9 /*
10 #include <linux/module.h>
11 #include <linux/nsproxy.h>
12 #include <linux/slab.h>
13 #include <linux/magic.h>
14 #include <linux/security.h>
15 #include <net/net_namespace.h>
16 #ifdef CONFIG_CIFS_DFS_UPCALL
17 #include "dfs_cache.h"
18 #endif
19 */
20
21 #include <linux/ctype.h>
22 #include <linux/fs_context.h>
23 #include <linux/fs_parser.h>
24 #include <linux/fs.h>
25 #include <linux/mount.h>
26 #include <linux/parser.h>
27 #include <linux/utsname.h>
28 #include "cifsfs.h"
29 #include "cifspdu.h"
30 #include "cifsglob.h"
31 #include "cifsproto.h"
32 #include "cifs_unicode.h"
33 #include "cifs_debug.h"
34 #include "cifs_fs_sb.h"
35 #include "ntlmssp.h"
36 #include "nterr.h"
37 #include "rfc1002pdu.h"
38 #include "fs_context.h"
39
40 static const match_table_t cifs_smb_version_tokens = {
41 { Smb_1, SMB1_VERSION_STRING },
42 { Smb_20, SMB20_VERSION_STRING},
43 { Smb_21, SMB21_VERSION_STRING },
44 { Smb_30, SMB30_VERSION_STRING },
45 { Smb_302, SMB302_VERSION_STRING },
46 { Smb_302, ALT_SMB302_VERSION_STRING },
47 { Smb_311, SMB311_VERSION_STRING },
48 { Smb_311, ALT_SMB311_VERSION_STRING },
49 { Smb_3any, SMB3ANY_VERSION_STRING },
50 { Smb_default, SMBDEFAULT_VERSION_STRING },
51 { Smb_version_err, NULL }
52 };
53
54 static const match_table_t cifs_secflavor_tokens = {
55 { Opt_sec_krb5, "krb5" },
56 { Opt_sec_krb5i, "krb5i" },
57 { Opt_sec_krb5p, "krb5p" },
58 { Opt_sec_ntlmsspi, "ntlmsspi" },
59 { Opt_sec_ntlmssp, "ntlmssp" },
60 { Opt_sec_ntlmv2, "nontlm" },
61 { Opt_sec_ntlmv2, "ntlmv2" },
62 { Opt_sec_ntlmv2i, "ntlmv2i" },
63 { Opt_sec_none, "none" },
64
65 { Opt_sec_err, NULL }
66 };
67
68 const struct fs_parameter_spec smb3_fs_parameters[] = {
69 /* Mount options that take no arguments */
70 fsparam_flag_no("user_xattr", Opt_user_xattr),
71 fsparam_flag_no("forceuid", Opt_forceuid),
72 fsparam_flag_no("multichannel", Opt_multichannel),
73 fsparam_flag_no("forcegid", Opt_forcegid),
74 fsparam_flag("noblocksend", Opt_noblocksend),
75 fsparam_flag("noautotune", Opt_noautotune),
76 fsparam_flag("nolease", Opt_nolease),
77 fsparam_flag_no("hard", Opt_hard),
78 fsparam_flag_no("soft", Opt_soft),
79 fsparam_flag_no("perm", Opt_perm),
80 fsparam_flag("nodelete", Opt_nodelete),
81 fsparam_flag_no("mapposix", Opt_mapposix),
82 fsparam_flag("mapchars", Opt_mapchars),
83 fsparam_flag("nomapchars", Opt_nomapchars),
84 fsparam_flag_no("sfu", Opt_sfu),
85 fsparam_flag("nodfs", Opt_nodfs),
86 fsparam_flag_no("posixpaths", Opt_posixpaths),
87 fsparam_flag_no("unix", Opt_unix),
88 fsparam_flag_no("linux", Opt_unix),
89 fsparam_flag_no("posix", Opt_unix),
90 fsparam_flag("nocase", Opt_nocase),
91 fsparam_flag("ignorecase", Opt_nocase),
92 fsparam_flag_no("brl", Opt_brl),
93 fsparam_flag_no("handlecache", Opt_handlecache),
94 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock),
95 fsparam_flag("forcemand", Opt_forcemandatorylock),
96 fsparam_flag("setuidfromacl", Opt_setuidfromacl),
97 fsparam_flag("idsfromsid", Opt_setuidfromacl),
98 fsparam_flag_no("setuids", Opt_setuids),
99 fsparam_flag_no("dynperm", Opt_dynperm),
100 fsparam_flag_no("intr", Opt_intr),
101 fsparam_flag_no("strictsync", Opt_strictsync),
102 fsparam_flag_no("serverino", Opt_serverino),
103 fsparam_flag("rwpidforward", Opt_rwpidforward),
104 fsparam_flag("cifsacl", Opt_cifsacl),
105 fsparam_flag_no("acl", Opt_acl),
106 fsparam_flag("locallease", Opt_locallease),
107 fsparam_flag("sign", Opt_sign),
108 fsparam_flag("ignore_signature", Opt_ignore_signature),
109 fsparam_flag("signloosely", Opt_ignore_signature),
110 fsparam_flag("seal", Opt_seal),
111 fsparam_flag("noac", Opt_noac),
112 fsparam_flag("fsc", Opt_fsc),
113 fsparam_flag("mfsymlinks", Opt_mfsymlinks),
114 fsparam_flag("multiuser", Opt_multiuser),
115 fsparam_flag("sloppy", Opt_sloppy),
116 fsparam_flag("nosharesock", Opt_nosharesock),
117 fsparam_flag_no("persistenthandles", Opt_persistent),
118 fsparam_flag_no("resilienthandles", Opt_resilient),
119 fsparam_flag("domainauto", Opt_domainauto),
120 fsparam_flag("rdma", Opt_rdma),
121 fsparam_flag("modesid", Opt_modesid),
122 fsparam_flag("modefromsid", Opt_modesid),
123 fsparam_flag("rootfs", Opt_rootfs),
124 fsparam_flag("compress", Opt_compress),
125 fsparam_flag("witness", Opt_witness),
126
127 /* Mount options which take numeric value */
128 fsparam_u32("backupuid", Opt_backupuid),
129 fsparam_u32("backupgid", Opt_backupgid),
130 fsparam_u32("uid", Opt_uid),
131 fsparam_u32("cruid", Opt_cruid),
132 fsparam_u32("gid", Opt_gid),
133 fsparam_u32("file_mode", Opt_file_mode),
134 fsparam_u32("dirmode", Opt_dirmode),
135 fsparam_u32("dir_mode", Opt_dirmode),
136 fsparam_u32("port", Opt_port),
137 fsparam_u32("min_enc_offload", Opt_min_enc_offload),
138 fsparam_u32("esize", Opt_min_enc_offload),
139 fsparam_u32("bsize", Opt_blocksize),
140 fsparam_u32("rasize", Opt_rasize),
141 fsparam_u32("rsize", Opt_rsize),
142 fsparam_u32("wsize", Opt_wsize),
143 fsparam_u32("actimeo", Opt_actimeo),
144 fsparam_u32("acdirmax", Opt_acdirmax),
145 fsparam_u32("acregmax", Opt_acregmax),
146 fsparam_u32("echo_interval", Opt_echo_interval),
147 fsparam_u32("max_credits", Opt_max_credits),
148 fsparam_u32("handletimeout", Opt_handletimeout),
149 fsparam_u32("snapshot", Opt_snapshot),
150 fsparam_u32("max_channels", Opt_max_channels),
151
152 /* Mount options which take string value */
153 fsparam_string("source", Opt_source),
154 fsparam_string("user", Opt_user),
155 fsparam_string("username", Opt_user),
156 fsparam_string("pass", Opt_pass),
157 fsparam_string("password", Opt_pass),
158 fsparam_string("ip", Opt_ip),
159 fsparam_string("addr", Opt_ip),
160 fsparam_string("domain", Opt_domain),
161 fsparam_string("dom", Opt_domain),
162 fsparam_string("srcaddr", Opt_srcaddr),
163 fsparam_string("iocharset", Opt_iocharset),
164 fsparam_string("netbiosname", Opt_netbiosname),
165 fsparam_string("servern", Opt_servern),
166 fsparam_string("ver", Opt_ver),
167 fsparam_string("vers", Opt_vers),
168 fsparam_string("sec", Opt_sec),
169 fsparam_string("cache", Opt_cache),
170
171 /* Arguments that should be ignored */
172 fsparam_flag("guest", Opt_ignore),
173 fsparam_flag("noatime", Opt_ignore),
174 fsparam_flag("relatime", Opt_ignore),
175 fsparam_flag("_netdev", Opt_ignore),
176 fsparam_flag_no("suid", Opt_ignore),
177 fsparam_flag_no("exec", Opt_ignore),
178 fsparam_flag_no("dev", Opt_ignore),
179 fsparam_flag_no("mand", Opt_ignore),
180 fsparam_flag_no("auto", Opt_ignore),
181 fsparam_string("cred", Opt_ignore),
182 fsparam_string("credentials", Opt_ignore),
183 /*
184 * UNC and prefixpath is now extracted from Opt_source
185 * in the new mount API so we can just ignore them going forward.
186 */
187 fsparam_string("unc", Opt_ignore),
188 fsparam_string("prefixpath", Opt_ignore),
189 {}
190 };
191
192 static int
cifs_parse_security_flavors(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)193 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
194 {
195
196 substring_t args[MAX_OPT_ARGS];
197
198 /*
199 * With mount options, the last one should win. Reset any existing
200 * settings back to default.
201 */
202 ctx->sectype = Unspecified;
203 ctx->sign = false;
204
205 switch (match_token(value, cifs_secflavor_tokens, args)) {
206 case Opt_sec_krb5p:
207 cifs_errorf(fc, "sec=krb5p is not supported!\n");
208 return 1;
209 case Opt_sec_krb5i:
210 ctx->sign = true;
211 fallthrough;
212 case Opt_sec_krb5:
213 ctx->sectype = Kerberos;
214 break;
215 case Opt_sec_ntlmsspi:
216 ctx->sign = true;
217 fallthrough;
218 case Opt_sec_ntlmssp:
219 ctx->sectype = RawNTLMSSP;
220 break;
221 case Opt_sec_ntlmv2i:
222 ctx->sign = true;
223 fallthrough;
224 case Opt_sec_ntlmv2:
225 ctx->sectype = NTLMv2;
226 break;
227 case Opt_sec_none:
228 ctx->nullauth = 1;
229 break;
230 default:
231 cifs_errorf(fc, "bad security option: %s\n", value);
232 return 1;
233 }
234
235 return 0;
236 }
237
238 static const match_table_t cifs_cacheflavor_tokens = {
239 { Opt_cache_loose, "loose" },
240 { Opt_cache_strict, "strict" },
241 { Opt_cache_none, "none" },
242 { Opt_cache_ro, "ro" },
243 { Opt_cache_rw, "singleclient" },
244 { Opt_cache_err, NULL }
245 };
246
247 static int
cifs_parse_cache_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)248 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
249 {
250 substring_t args[MAX_OPT_ARGS];
251
252 switch (match_token(value, cifs_cacheflavor_tokens, args)) {
253 case Opt_cache_loose:
254 ctx->direct_io = false;
255 ctx->strict_io = false;
256 ctx->cache_ro = false;
257 ctx->cache_rw = false;
258 break;
259 case Opt_cache_strict:
260 ctx->direct_io = false;
261 ctx->strict_io = true;
262 ctx->cache_ro = false;
263 ctx->cache_rw = false;
264 break;
265 case Opt_cache_none:
266 ctx->direct_io = true;
267 ctx->strict_io = false;
268 ctx->cache_ro = false;
269 ctx->cache_rw = false;
270 break;
271 case Opt_cache_ro:
272 ctx->direct_io = false;
273 ctx->strict_io = false;
274 ctx->cache_ro = true;
275 ctx->cache_rw = false;
276 break;
277 case Opt_cache_rw:
278 ctx->direct_io = false;
279 ctx->strict_io = false;
280 ctx->cache_ro = false;
281 ctx->cache_rw = true;
282 break;
283 default:
284 cifs_errorf(fc, "bad cache= option: %s\n", value);
285 return 1;
286 }
287 return 0;
288 }
289
290 #define DUP_CTX_STR(field) \
291 do { \
292 if (ctx->field) { \
293 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \
294 if (new_ctx->field == NULL) { \
295 smb3_cleanup_fs_context_contents(new_ctx); \
296 return -ENOMEM; \
297 } \
298 } \
299 } while (0)
300
301 int
smb3_fs_context_dup(struct smb3_fs_context * new_ctx,struct smb3_fs_context * ctx)302 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx)
303 {
304 memcpy(new_ctx, ctx, sizeof(*ctx));
305 new_ctx->prepath = NULL;
306 new_ctx->mount_options = NULL;
307 new_ctx->nodename = NULL;
308 new_ctx->username = NULL;
309 new_ctx->password = NULL;
310 new_ctx->domainname = NULL;
311 new_ctx->UNC = NULL;
312 new_ctx->source = NULL;
313 new_ctx->iocharset = NULL;
314 /*
315 * Make sure to stay in sync with smb3_cleanup_fs_context_contents()
316 */
317 DUP_CTX_STR(prepath);
318 DUP_CTX_STR(mount_options);
319 DUP_CTX_STR(username);
320 DUP_CTX_STR(password);
321 DUP_CTX_STR(UNC);
322 DUP_CTX_STR(source);
323 DUP_CTX_STR(domainname);
324 DUP_CTX_STR(nodename);
325 DUP_CTX_STR(iocharset);
326
327 return 0;
328 }
329
330 static int
cifs_parse_smb_version(struct fs_context * fc,char * value,struct smb3_fs_context * ctx,bool is_smb3)331 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3)
332 {
333 substring_t args[MAX_OPT_ARGS];
334
335 switch (match_token(value, cifs_smb_version_tokens, args)) {
336 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
337 case Smb_1:
338 if (disable_legacy_dialects) {
339 cifs_errorf(fc, "mount with legacy dialect disabled\n");
340 return 1;
341 }
342 if (is_smb3) {
343 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
344 return 1;
345 }
346 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
347 ctx->ops = &smb1_operations;
348 ctx->vals = &smb1_values;
349 break;
350 case Smb_20:
351 if (disable_legacy_dialects) {
352 cifs_errorf(fc, "mount with legacy dialect disabled\n");
353 return 1;
354 }
355 if (is_smb3) {
356 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n");
357 return 1;
358 }
359 ctx->ops = &smb20_operations;
360 ctx->vals = &smb20_values;
361 break;
362 #else
363 case Smb_1:
364 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
365 return 1;
366 case Smb_20:
367 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n");
368 return 1;
369 #endif /* CIFS_ALLOW_INSECURE_LEGACY */
370 case Smb_21:
371 ctx->ops = &smb21_operations;
372 ctx->vals = &smb21_values;
373 break;
374 case Smb_30:
375 ctx->ops = &smb30_operations;
376 ctx->vals = &smb30_values;
377 break;
378 case Smb_302:
379 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
380 ctx->vals = &smb302_values;
381 break;
382 case Smb_311:
383 ctx->ops = &smb311_operations;
384 ctx->vals = &smb311_values;
385 break;
386 case Smb_3any:
387 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
388 ctx->vals = &smb3any_values;
389 break;
390 case Smb_default:
391 ctx->ops = &smb30_operations;
392 ctx->vals = &smbdefault_values;
393 break;
394 default:
395 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value);
396 return 1;
397 }
398 return 0;
399 }
400
smb3_parse_opt(const char * options,const char * key,char ** val)401 int smb3_parse_opt(const char *options, const char *key, char **val)
402 {
403 int rc = -ENOENT;
404 char *opts, *orig, *p;
405
406 orig = opts = kstrdup(options, GFP_KERNEL);
407 if (!opts)
408 return -ENOMEM;
409
410 while ((p = strsep(&opts, ","))) {
411 char *nval;
412
413 if (!*p)
414 continue;
415 if (strncasecmp(p, key, strlen(key)))
416 continue;
417 nval = strchr(p, '=');
418 if (nval) {
419 if (nval == p)
420 continue;
421 *nval++ = 0;
422 *val = kstrdup(nval, GFP_KERNEL);
423 rc = !*val ? -ENOMEM : 0;
424 goto out;
425 }
426 }
427 out:
428 kfree(orig);
429 return rc;
430 }
431
432 /*
433 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath
434 * fields with the result. Returns 0 on success and an error otherwise
435 * (e.g. ENOMEM or EINVAL)
436 */
437 int
smb3_parse_devname(const char * devname,struct smb3_fs_context * ctx)438 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
439 {
440 char *pos;
441 const char *delims = "/\\";
442 size_t len;
443
444 if (unlikely(!devname || !*devname)) {
445 cifs_dbg(VFS, "Device name not specified\n");
446 return -EINVAL;
447 }
448
449 /* make sure we have a valid UNC double delimiter prefix */
450 len = strspn(devname, delims);
451 if (len != 2)
452 return -EINVAL;
453
454 /* find delimiter between host and sharename */
455 pos = strpbrk(devname + 2, delims);
456 if (!pos)
457 return -EINVAL;
458
459 /* skip past delimiter */
460 ++pos;
461
462 /* now go until next delimiter or end of string */
463 len = strcspn(pos, delims);
464
465 /* move "pos" up to delimiter or NULL */
466 pos += len;
467 kfree(ctx->UNC);
468 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
469 if (!ctx->UNC)
470 return -ENOMEM;
471
472 convert_delimiter(ctx->UNC, '\\');
473
474 /* skip any delimiter */
475 if (*pos == '/' || *pos == '\\')
476 pos++;
477
478 kfree(ctx->prepath);
479 ctx->prepath = NULL;
480
481 /* If pos is NULL then no prepath */
482 if (!*pos)
483 return 0;
484
485 ctx->prepath = kstrdup(pos, GFP_KERNEL);
486 if (!ctx->prepath)
487 return -ENOMEM;
488
489 return 0;
490 }
491
492 static void smb3_fs_context_free(struct fs_context *fc);
493 static int smb3_fs_context_parse_param(struct fs_context *fc,
494 struct fs_parameter *param);
495 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
496 void *data);
497 static int smb3_get_tree(struct fs_context *fc);
498 static int smb3_reconfigure(struct fs_context *fc);
499
500 static const struct fs_context_operations smb3_fs_context_ops = {
501 .free = smb3_fs_context_free,
502 .parse_param = smb3_fs_context_parse_param,
503 .parse_monolithic = smb3_fs_context_parse_monolithic,
504 .get_tree = smb3_get_tree,
505 .reconfigure = smb3_reconfigure,
506 };
507
508 /*
509 * Parse a monolithic block of data from sys_mount().
510 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data
511 * @ctx: The superblock configuration to fill in.
512 * @data: The data to parse
513 *
514 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be
515 * called from the ->monolithic_mount_data() fs_context operation.
516 *
517 * Returns 0 on success or the error returned by the ->parse_option() fs_context
518 * operation on failure.
519 */
smb3_fs_context_parse_monolithic(struct fs_context * fc,void * data)520 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
521 void *data)
522 {
523 struct smb3_fs_context *ctx = smb3_fc2context(fc);
524 char *options = data, *key;
525 int ret = 0;
526
527 if (!options)
528 return 0;
529
530 ctx->mount_options = kstrdup(data, GFP_KERNEL);
531 if (ctx->mount_options == NULL)
532 return -ENOMEM;
533
534 ret = security_sb_eat_lsm_opts(options, &fc->security);
535 if (ret)
536 return ret;
537
538 /* BB Need to add support for sep= here TBD */
539 while ((key = strsep(&options, ",")) != NULL) {
540 size_t len;
541 char *value;
542
543 if (*key == 0)
544 break;
545
546 /* Check if following character is the deliminator If yes,
547 * we have encountered a double deliminator reset the NULL
548 * character to the deliminator
549 */
550 while (options && options[0] == ',') {
551 len = strlen(key);
552 strcpy(key + len, options);
553 options = strchr(options, ',');
554 if (options)
555 *options++ = 0;
556 }
557
558
559 len = 0;
560 value = strchr(key, '=');
561 if (value) {
562 if (value == key)
563 continue;
564 *value++ = 0;
565 len = strlen(value);
566 }
567
568 ret = vfs_parse_fs_string(fc, key, value, len);
569 if (ret < 0)
570 break;
571 }
572
573 return ret;
574 }
575
576 /*
577 * Validate the preparsed information in the config.
578 */
smb3_fs_context_validate(struct fs_context * fc)579 static int smb3_fs_context_validate(struct fs_context *fc)
580 {
581 struct smb3_fs_context *ctx = smb3_fc2context(fc);
582
583 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) {
584 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n");
585 return -EOPNOTSUPP;
586 }
587
588 #ifndef CONFIG_KEYS
589 /* Muliuser mounts require CONFIG_KEYS support */
590 if (ctx->multiuser) {
591 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
592 return -1;
593 }
594 #endif
595
596 if (ctx->got_version == false)
597 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n");
598
599
600 if (!ctx->UNC) {
601 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n");
602 return -1;
603 }
604
605 /* make sure UNC has a share name */
606 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) {
607 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n");
608 return -ENOENT;
609 }
610
611 if (!ctx->got_ip) {
612 int len;
613 const char *slash;
614
615 /* No ip= option specified? Try to get it from UNC */
616 /* Use the address part of the UNC. */
617 slash = strchr(&ctx->UNC[2], '\\');
618 len = slash - &ctx->UNC[2];
619 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
620 &ctx->UNC[2], len)) {
621 pr_err("Unable to determine destination address\n");
622 return -EHOSTUNREACH;
623 }
624 }
625
626 /* set the port that we got earlier */
627 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port);
628
629 if (ctx->override_uid && !ctx->uid_specified) {
630 ctx->override_uid = 0;
631 pr_notice("ignoring forceuid mount option specified with no uid= option\n");
632 }
633
634 if (ctx->override_gid && !ctx->gid_specified) {
635 ctx->override_gid = 0;
636 pr_notice("ignoring forcegid mount option specified with no gid= option\n");
637 }
638
639 return 0;
640 }
641
smb3_get_tree_common(struct fs_context * fc)642 static int smb3_get_tree_common(struct fs_context *fc)
643 {
644 struct smb3_fs_context *ctx = smb3_fc2context(fc);
645 struct dentry *root;
646 int rc = 0;
647
648 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx);
649 if (IS_ERR(root))
650 return PTR_ERR(root);
651
652 fc->root = root;
653
654 return rc;
655 }
656
657 /*
658 * Create an SMB3 superblock from the parameters passed.
659 */
smb3_get_tree(struct fs_context * fc)660 static int smb3_get_tree(struct fs_context *fc)
661 {
662 int err = smb3_fs_context_validate(fc);
663
664 if (err)
665 return err;
666 return smb3_get_tree_common(fc);
667 }
668
smb3_fs_context_free(struct fs_context * fc)669 static void smb3_fs_context_free(struct fs_context *fc)
670 {
671 struct smb3_fs_context *ctx = smb3_fc2context(fc);
672
673 smb3_cleanup_fs_context(ctx);
674 }
675
676 /*
677 * Compare the old and new proposed context during reconfigure
678 * and check if the changes are compatible.
679 */
smb3_verify_reconfigure_ctx(struct fs_context * fc,struct smb3_fs_context * new_ctx,struct smb3_fs_context * old_ctx)680 static int smb3_verify_reconfigure_ctx(struct fs_context *fc,
681 struct smb3_fs_context *new_ctx,
682 struct smb3_fs_context *old_ctx)
683 {
684 if (new_ctx->posix_paths != old_ctx->posix_paths) {
685 cifs_errorf(fc, "can not change posixpaths during remount\n");
686 return -EINVAL;
687 }
688 if (new_ctx->sectype != old_ctx->sectype) {
689 cifs_errorf(fc, "can not change sec during remount\n");
690 return -EINVAL;
691 }
692 if (new_ctx->multiuser != old_ctx->multiuser) {
693 cifs_errorf(fc, "can not change multiuser during remount\n");
694 return -EINVAL;
695 }
696 if (new_ctx->UNC &&
697 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) {
698 cifs_errorf(fc, "can not change UNC during remount\n");
699 return -EINVAL;
700 }
701 if (new_ctx->username &&
702 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) {
703 cifs_errorf(fc, "can not change username during remount\n");
704 return -EINVAL;
705 }
706 if (new_ctx->password &&
707 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) {
708 cifs_errorf(fc, "can not change password during remount\n");
709 return -EINVAL;
710 }
711 if (new_ctx->domainname &&
712 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) {
713 cifs_errorf(fc, "can not change domainname during remount\n");
714 return -EINVAL;
715 }
716 if (new_ctx->nodename &&
717 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) {
718 cifs_errorf(fc, "can not change nodename during remount\n");
719 return -EINVAL;
720 }
721 if (new_ctx->iocharset &&
722 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) {
723 cifs_errorf(fc, "can not change iocharset during remount\n");
724 return -EINVAL;
725 }
726
727 return 0;
728 }
729
730 #define STEAL_STRING(cifs_sb, ctx, field) \
731 do { \
732 kfree(ctx->field); \
733 ctx->field = cifs_sb->ctx->field; \
734 cifs_sb->ctx->field = NULL; \
735 } while (0)
736
smb3_reconfigure(struct fs_context * fc)737 static int smb3_reconfigure(struct fs_context *fc)
738 {
739 struct smb3_fs_context *ctx = smb3_fc2context(fc);
740 struct dentry *root = fc->root;
741 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb);
742 int rc;
743
744 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx);
745 if (rc)
746 return rc;
747
748 /*
749 * We can not change UNC/username/password/domainname/nodename/iocharset
750 * during reconnect so ignore what we have in the new context and
751 * just use what we already have in cifs_sb->ctx.
752 */
753 STEAL_STRING(cifs_sb, ctx, UNC);
754 STEAL_STRING(cifs_sb, ctx, source);
755 STEAL_STRING(cifs_sb, ctx, username);
756 STEAL_STRING(cifs_sb, ctx, password);
757 STEAL_STRING(cifs_sb, ctx, domainname);
758 STEAL_STRING(cifs_sb, ctx, nodename);
759 STEAL_STRING(cifs_sb, ctx, iocharset);
760
761 /* if rsize or wsize not passed in on remount, use previous values */
762 if (ctx->rsize == 0)
763 ctx->rsize = cifs_sb->ctx->rsize;
764 if (ctx->wsize == 0)
765 ctx->wsize = cifs_sb->ctx->wsize;
766
767
768 smb3_cleanup_fs_context_contents(cifs_sb->ctx);
769 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx);
770 smb3_update_mnt_flags(cifs_sb);
771 #ifdef CONFIG_CIFS_DFS_UPCALL
772 if (!rc)
773 rc = dfs_cache_remount_fs(cifs_sb);
774 #endif
775
776 return rc;
777 }
778
smb3_fs_context_parse_param(struct fs_context * fc,struct fs_parameter * param)779 static int smb3_fs_context_parse_param(struct fs_context *fc,
780 struct fs_parameter *param)
781 {
782 struct fs_parse_result result;
783 struct smb3_fs_context *ctx = smb3_fc2context(fc);
784 int i, opt;
785 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3");
786 bool skip_parsing = false;
787 kuid_t uid;
788 kgid_t gid;
789
790 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key);
791
792 /*
793 * fs_parse can not handle string options with an empty value so
794 * we will need special handling of them.
795 */
796 if (param->type == fs_value_is_string && param->string[0] == 0) {
797 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) {
798 skip_parsing = true;
799 opt = Opt_pass;
800 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) {
801 skip_parsing = true;
802 opt = Opt_user;
803 }
804 }
805
806 if (!skip_parsing) {
807 opt = fs_parse(fc, smb3_fs_parameters, param, &result);
808 if (opt < 0)
809 return ctx->sloppy ? 1 : opt;
810 }
811
812 switch (opt) {
813 case Opt_compress:
814 ctx->compression = UNKNOWN_TYPE;
815 cifs_dbg(VFS,
816 "SMB3 compression support is experimental\n");
817 break;
818 case Opt_nodfs:
819 ctx->nodfs = 1;
820 break;
821 case Opt_hard:
822 if (result.negated)
823 ctx->retry = 0;
824 else
825 ctx->retry = 1;
826 break;
827 case Opt_soft:
828 if (result.negated)
829 ctx->retry = 1;
830 else
831 ctx->retry = 0;
832 break;
833 case Opt_mapposix:
834 if (result.negated)
835 ctx->remap = false;
836 else {
837 ctx->remap = true;
838 ctx->sfu_remap = false; /* disable SFU mapping */
839 }
840 break;
841 case Opt_user_xattr:
842 if (result.negated)
843 ctx->no_xattr = 1;
844 else
845 ctx->no_xattr = 0;
846 break;
847 case Opt_forceuid:
848 if (result.negated)
849 ctx->override_uid = 0;
850 else
851 ctx->override_uid = 1;
852 break;
853 case Opt_forcegid:
854 if (result.negated)
855 ctx->override_gid = 0;
856 else
857 ctx->override_gid = 1;
858 break;
859 case Opt_perm:
860 if (result.negated)
861 ctx->noperm = 1;
862 else
863 ctx->noperm = 0;
864 break;
865 case Opt_dynperm:
866 if (result.negated)
867 ctx->dynperm = 0;
868 else
869 ctx->dynperm = 1;
870 break;
871 case Opt_sfu:
872 if (result.negated)
873 ctx->sfu_emul = 0;
874 else
875 ctx->sfu_emul = 1;
876 break;
877 case Opt_noblocksend:
878 ctx->noblocksnd = 1;
879 break;
880 case Opt_noautotune:
881 ctx->noautotune = 1;
882 break;
883 case Opt_nolease:
884 ctx->no_lease = 1;
885 break;
886 case Opt_nodelete:
887 ctx->nodelete = 1;
888 break;
889 case Opt_multichannel:
890 if (result.negated) {
891 ctx->multichannel = false;
892 ctx->max_channels = 1;
893 } else {
894 ctx->multichannel = true;
895 /* if number of channels not specified, default to 2 */
896 if (ctx->max_channels < 2)
897 ctx->max_channels = 2;
898 }
899 break;
900 case Opt_uid:
901 uid = make_kuid(current_user_ns(), result.uint_32);
902 if (!uid_valid(uid))
903 goto cifs_parse_mount_err;
904 ctx->linux_uid = uid;
905 ctx->uid_specified = true;
906 break;
907 case Opt_cruid:
908 uid = make_kuid(current_user_ns(), result.uint_32);
909 if (!uid_valid(uid))
910 goto cifs_parse_mount_err;
911 ctx->cred_uid = uid;
912 ctx->cruid_specified = true;
913 break;
914 case Opt_backupuid:
915 uid = make_kuid(current_user_ns(), result.uint_32);
916 if (!uid_valid(uid))
917 goto cifs_parse_mount_err;
918 ctx->backupuid = uid;
919 ctx->backupuid_specified = true;
920 break;
921 case Opt_backupgid:
922 gid = make_kgid(current_user_ns(), result.uint_32);
923 if (!gid_valid(gid))
924 goto cifs_parse_mount_err;
925 ctx->backupgid = gid;
926 ctx->backupgid_specified = true;
927 break;
928 case Opt_gid:
929 gid = make_kgid(current_user_ns(), result.uint_32);
930 if (!gid_valid(gid))
931 goto cifs_parse_mount_err;
932 ctx->linux_gid = gid;
933 ctx->gid_specified = true;
934 break;
935 case Opt_port:
936 ctx->port = result.uint_32;
937 break;
938 case Opt_file_mode:
939 ctx->file_mode = result.uint_32;
940 break;
941 case Opt_dirmode:
942 ctx->dir_mode = result.uint_32;
943 break;
944 case Opt_min_enc_offload:
945 ctx->min_offload = result.uint_32;
946 break;
947 case Opt_blocksize:
948 /*
949 * inode blocksize realistically should never need to be
950 * less than 16K or greater than 16M and default is 1MB.
951 * Note that small inode block sizes (e.g. 64K) can lead
952 * to very poor performance of common tools like cp and scp
953 */
954 if ((result.uint_32 < CIFS_MAX_MSGSIZE) ||
955 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) {
956 cifs_errorf(fc, "%s: Invalid blocksize\n",
957 __func__);
958 goto cifs_parse_mount_err;
959 }
960 ctx->bsize = result.uint_32;
961 ctx->got_bsize = true;
962 break;
963 case Opt_rasize:
964 /*
965 * readahead size realistically should never need to be
966 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M
967 * (perhaps an exception should be considered in the
968 * for the case of a large number of channels
969 * when multichannel is negotiated) since that would lead
970 * to plenty of parallel I/O in flight to the server.
971 * Note that smaller read ahead sizes would
972 * hurt performance of common tools like cp and scp
973 * which often trigger sequential i/o with read ahead
974 */
975 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) ||
976 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) {
977 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n",
978 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE);
979 goto cifs_parse_mount_err;
980 }
981 ctx->rasize = result.uint_32;
982 break;
983 case Opt_rsize:
984 ctx->rsize = result.uint_32;
985 ctx->got_rsize = true;
986 break;
987 case Opt_wsize:
988 ctx->wsize = result.uint_32;
989 ctx->got_wsize = true;
990 break;
991 case Opt_acregmax:
992 ctx->acregmax = HZ * result.uint_32;
993 if (ctx->acregmax > CIFS_MAX_ACTIMEO) {
994 cifs_errorf(fc, "acregmax too large\n");
995 goto cifs_parse_mount_err;
996 }
997 break;
998 case Opt_acdirmax:
999 ctx->acdirmax = HZ * result.uint_32;
1000 if (ctx->acdirmax > CIFS_MAX_ACTIMEO) {
1001 cifs_errorf(fc, "acdirmax too large\n");
1002 goto cifs_parse_mount_err;
1003 }
1004 break;
1005 case Opt_actimeo:
1006 if (HZ * result.uint_32 > CIFS_MAX_ACTIMEO) {
1007 cifs_errorf(fc, "timeout too large\n");
1008 goto cifs_parse_mount_err;
1009 }
1010 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) ||
1011 (ctx->acregmax != CIFS_DEF_ACTIMEO)) {
1012 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n");
1013 break;
1014 }
1015 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32;
1016 break;
1017 case Opt_echo_interval:
1018 ctx->echo_interval = result.uint_32;
1019 break;
1020 case Opt_snapshot:
1021 ctx->snapshot_time = result.uint_32;
1022 break;
1023 case Opt_max_credits:
1024 if (result.uint_32 < 20 || result.uint_32 > 60000) {
1025 cifs_errorf(fc, "%s: Invalid max_credits value\n",
1026 __func__);
1027 goto cifs_parse_mount_err;
1028 }
1029 ctx->max_credits = result.uint_32;
1030 break;
1031 case Opt_max_channels:
1032 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) {
1033 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n",
1034 __func__, CIFS_MAX_CHANNELS);
1035 goto cifs_parse_mount_err;
1036 }
1037 ctx->max_channels = result.uint_32;
1038 /* If more than one channel requested ... they want multichan */
1039 if (result.uint_32 > 1)
1040 ctx->multichannel = true;
1041 break;
1042 case Opt_handletimeout:
1043 ctx->handle_timeout = result.uint_32;
1044 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) {
1045 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n");
1046 goto cifs_parse_mount_err;
1047 }
1048 break;
1049 case Opt_source:
1050 kfree(ctx->UNC);
1051 ctx->UNC = NULL;
1052 switch (smb3_parse_devname(param->string, ctx)) {
1053 case 0:
1054 break;
1055 case -ENOMEM:
1056 cifs_errorf(fc, "Unable to allocate memory for devname\n");
1057 goto cifs_parse_mount_err;
1058 case -EINVAL:
1059 cifs_errorf(fc, "Malformed UNC in devname\n");
1060 goto cifs_parse_mount_err;
1061 default:
1062 cifs_errorf(fc, "Unknown error parsing devname\n");
1063 goto cifs_parse_mount_err;
1064 }
1065 ctx->source = kstrdup(param->string, GFP_KERNEL);
1066 if (ctx->source == NULL) {
1067 cifs_errorf(fc, "OOM when copying UNC string\n");
1068 goto cifs_parse_mount_err;
1069 }
1070 fc->source = kstrdup(param->string, GFP_KERNEL);
1071 if (fc->source == NULL) {
1072 cifs_errorf(fc, "OOM when copying UNC string\n");
1073 goto cifs_parse_mount_err;
1074 }
1075 break;
1076 case Opt_user:
1077 kfree(ctx->username);
1078 ctx->username = NULL;
1079 if (strlen(param->string) == 0) {
1080 /* null user, ie. anonymous authentication */
1081 ctx->nullauth = 1;
1082 break;
1083 }
1084
1085 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) >
1086 CIFS_MAX_USERNAME_LEN) {
1087 pr_warn("username too long\n");
1088 goto cifs_parse_mount_err;
1089 }
1090 ctx->username = kstrdup(param->string, GFP_KERNEL);
1091 if (ctx->username == NULL) {
1092 cifs_errorf(fc, "OOM when copying username string\n");
1093 goto cifs_parse_mount_err;
1094 }
1095 break;
1096 case Opt_pass:
1097 kfree(ctx->password);
1098 ctx->password = NULL;
1099 if (strlen(param->string) == 0)
1100 break;
1101
1102 ctx->password = kstrdup(param->string, GFP_KERNEL);
1103 if (ctx->password == NULL) {
1104 cifs_errorf(fc, "OOM when copying password string\n");
1105 goto cifs_parse_mount_err;
1106 }
1107 break;
1108 case Opt_ip:
1109 if (strlen(param->string) == 0) {
1110 ctx->got_ip = false;
1111 break;
1112 }
1113 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
1114 param->string,
1115 strlen(param->string))) {
1116 pr_err("bad ip= option (%s)\n", param->string);
1117 goto cifs_parse_mount_err;
1118 }
1119 ctx->got_ip = true;
1120 break;
1121 case Opt_domain:
1122 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN)
1123 == CIFS_MAX_DOMAINNAME_LEN) {
1124 pr_warn("domain name too long\n");
1125 goto cifs_parse_mount_err;
1126 }
1127
1128 kfree(ctx->domainname);
1129 ctx->domainname = kstrdup(param->string, GFP_KERNEL);
1130 if (ctx->domainname == NULL) {
1131 cifs_errorf(fc, "OOM when copying domainname string\n");
1132 goto cifs_parse_mount_err;
1133 }
1134 cifs_dbg(FYI, "Domain name set\n");
1135 break;
1136 case Opt_srcaddr:
1137 if (!cifs_convert_address(
1138 (struct sockaddr *)&ctx->srcaddr,
1139 param->string, strlen(param->string))) {
1140 pr_warn("Could not parse srcaddr: %s\n",
1141 param->string);
1142 goto cifs_parse_mount_err;
1143 }
1144 break;
1145 case Opt_iocharset:
1146 if (strnlen(param->string, 1024) >= 65) {
1147 pr_warn("iocharset name too long\n");
1148 goto cifs_parse_mount_err;
1149 }
1150
1151 if (strncasecmp(param->string, "default", 7) != 0) {
1152 kfree(ctx->iocharset);
1153 ctx->iocharset = kstrdup(param->string, GFP_KERNEL);
1154 if (ctx->iocharset == NULL) {
1155 cifs_errorf(fc, "OOM when copying iocharset string\n");
1156 goto cifs_parse_mount_err;
1157 }
1158 }
1159 /* if iocharset not set then load_nls_default
1160 * is used by caller
1161 */
1162 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset);
1163 break;
1164 case Opt_netbiosname:
1165 memset(ctx->source_rfc1001_name, 0x20,
1166 RFC1001_NAME_LEN);
1167 /*
1168 * FIXME: are there cases in which a comma can
1169 * be valid in workstation netbios name (and
1170 * need special handling)?
1171 */
1172 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1173 /* don't ucase netbiosname for user */
1174 if (param->string[i] == 0)
1175 break;
1176 ctx->source_rfc1001_name[i] = param->string[i];
1177 }
1178 /* The string has 16th byte zero still from
1179 * set at top of the function
1180 */
1181 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1182 pr_warn("netbiosname longer than 15 truncated\n");
1183 break;
1184 case Opt_servern:
1185 /* last byte, type, is 0x20 for servr type */
1186 memset(ctx->target_rfc1001_name, 0x20,
1187 RFC1001_NAME_LEN_WITH_NULL);
1188 /*
1189 * BB are there cases in which a comma can be valid in this
1190 * workstation netbios name (and need special handling)?
1191 */
1192
1193 /* user or mount helper must uppercase the netbios name */
1194 for (i = 0; i < 15; i++) {
1195 if (param->string[i] == 0)
1196 break;
1197 ctx->target_rfc1001_name[i] = param->string[i];
1198 }
1199
1200 /* The string has 16th byte zero still from set at top of function */
1201 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1202 pr_warn("server netbiosname longer than 15 truncated\n");
1203 break;
1204 case Opt_ver:
1205 /* version of mount userspace tools, not dialect */
1206 /* If interface changes in mount.cifs bump to new ver */
1207 if (strncasecmp(param->string, "1", 1) == 0) {
1208 if (strlen(param->string) > 1) {
1209 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n",
1210 param->string);
1211 goto cifs_parse_mount_err;
1212 }
1213 /* This is the default */
1214 break;
1215 }
1216 /* For all other value, error */
1217 pr_warn("Invalid mount helper version specified\n");
1218 goto cifs_parse_mount_err;
1219 case Opt_vers:
1220 /* protocol version (dialect) */
1221 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0)
1222 goto cifs_parse_mount_err;
1223 ctx->got_version = true;
1224 break;
1225 case Opt_sec:
1226 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0)
1227 goto cifs_parse_mount_err;
1228 break;
1229 case Opt_cache:
1230 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0)
1231 goto cifs_parse_mount_err;
1232 break;
1233 case Opt_witness:
1234 #ifndef CONFIG_CIFS_SWN_UPCALL
1235 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n");
1236 goto cifs_parse_mount_err;
1237 #endif
1238 ctx->witness = true;
1239 pr_warn_once("Witness protocol support is experimental\n");
1240 break;
1241 case Opt_rootfs:
1242 #ifndef CONFIG_CIFS_ROOT
1243 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n");
1244 goto cifs_parse_mount_err;
1245 #endif
1246 ctx->rootfs = true;
1247 break;
1248 case Opt_posixpaths:
1249 if (result.negated)
1250 ctx->posix_paths = 0;
1251 else
1252 ctx->posix_paths = 1;
1253 break;
1254 case Opt_unix:
1255 if (result.negated) {
1256 if (ctx->linux_ext == 1)
1257 pr_warn_once("conflicting posix mount options specified\n");
1258 ctx->linux_ext = 0;
1259 ctx->no_linux_ext = 1;
1260 } else {
1261 if (ctx->no_linux_ext == 1)
1262 pr_warn_once("conflicting posix mount options specified\n");
1263 ctx->linux_ext = 1;
1264 ctx->no_linux_ext = 0;
1265 }
1266 break;
1267 case Opt_nocase:
1268 ctx->nocase = 1;
1269 break;
1270 case Opt_brl:
1271 if (result.negated) {
1272 /*
1273 * turn off mandatory locking in mode
1274 * if remote locking is turned off since the
1275 * local vfs will do advisory
1276 */
1277 if (ctx->file_mode ==
1278 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1279 ctx->file_mode = S_IALLUGO;
1280 ctx->nobrl = 1;
1281 } else
1282 ctx->nobrl = 0;
1283 break;
1284 case Opt_handlecache:
1285 if (result.negated)
1286 ctx->nohandlecache = 1;
1287 else
1288 ctx->nohandlecache = 0;
1289 break;
1290 case Opt_forcemandatorylock:
1291 ctx->mand_lock = 1;
1292 break;
1293 case Opt_setuids:
1294 ctx->setuids = result.negated;
1295 break;
1296 case Opt_intr:
1297 ctx->intr = !result.negated;
1298 break;
1299 case Opt_setuidfromacl:
1300 ctx->setuidfromacl = 1;
1301 break;
1302 case Opt_strictsync:
1303 ctx->nostrictsync = result.negated;
1304 break;
1305 case Opt_serverino:
1306 ctx->server_ino = !result.negated;
1307 break;
1308 case Opt_rwpidforward:
1309 ctx->rwpidforward = 1;
1310 break;
1311 case Opt_modesid:
1312 ctx->mode_ace = 1;
1313 break;
1314 case Opt_cifsacl:
1315 ctx->cifs_acl = !result.negated;
1316 break;
1317 case Opt_acl:
1318 ctx->no_psx_acl = result.negated;
1319 break;
1320 case Opt_locallease:
1321 ctx->local_lease = 1;
1322 break;
1323 case Opt_sign:
1324 ctx->sign = true;
1325 break;
1326 case Opt_ignore_signature:
1327 ctx->sign = true;
1328 ctx->ignore_signature = true;
1329 break;
1330 case Opt_seal:
1331 /* we do not do the following in secFlags because seal
1332 * is a per tree connection (mount) not a per socket
1333 * or per-smb connection option in the protocol
1334 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1335 */
1336 ctx->seal = 1;
1337 break;
1338 case Opt_noac:
1339 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1340 break;
1341 case Opt_fsc:
1342 #ifndef CONFIG_CIFS_FSCACHE
1343 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1344 goto cifs_parse_mount_err;
1345 #endif
1346 ctx->fsc = true;
1347 break;
1348 case Opt_mfsymlinks:
1349 ctx->mfsymlinks = true;
1350 break;
1351 case Opt_multiuser:
1352 ctx->multiuser = true;
1353 break;
1354 case Opt_sloppy:
1355 ctx->sloppy = true;
1356 break;
1357 case Opt_nosharesock:
1358 ctx->nosharesock = true;
1359 break;
1360 case Opt_persistent:
1361 if (result.negated) {
1362 ctx->nopersistent = true;
1363 if (ctx->persistent) {
1364 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1365 goto cifs_parse_mount_err;
1366 }
1367 } else {
1368 ctx->persistent = true;
1369 if ((ctx->nopersistent) || (ctx->resilient)) {
1370 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1371 goto cifs_parse_mount_err;
1372 }
1373 }
1374 break;
1375 case Opt_resilient:
1376 if (result.negated) {
1377 ctx->resilient = false; /* already the default */
1378 } else {
1379 ctx->resilient = true;
1380 if (ctx->persistent) {
1381 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1382 goto cifs_parse_mount_err;
1383 }
1384 }
1385 break;
1386 case Opt_domainauto:
1387 ctx->domainauto = true;
1388 break;
1389 case Opt_rdma:
1390 ctx->rdma = true;
1391 break;
1392 }
1393 /* case Opt_ignore: - is ignored as expected ... */
1394
1395 return 0;
1396
1397 cifs_parse_mount_err:
1398 return -EINVAL;
1399 }
1400
smb3_init_fs_context(struct fs_context * fc)1401 int smb3_init_fs_context(struct fs_context *fc)
1402 {
1403 struct smb3_fs_context *ctx;
1404 char *nodename = utsname()->nodename;
1405 int i;
1406
1407 ctx = kzalloc(sizeof(struct smb3_fs_context), GFP_KERNEL);
1408 if (unlikely(!ctx))
1409 return -ENOMEM;
1410
1411 /*
1412 * does not have to be perfect mapping since field is
1413 * informational, only used for servers that do not support
1414 * port 445 and it can be overridden at mount time
1415 */
1416 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1417 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1418 ctx->source_rfc1001_name[i] = toupper(nodename[i]);
1419
1420 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1421 /*
1422 * null target name indicates to use *SMBSERVR default called name
1423 * if we end up sending RFC1001 session initialize
1424 */
1425 ctx->target_rfc1001_name[0] = 0;
1426 ctx->cred_uid = current_uid();
1427 ctx->linux_uid = current_uid();
1428 ctx->linux_gid = current_gid();
1429 /* By default 4MB read ahead size, 1MB block size */
1430 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */
1431 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */
1432
1433 /*
1434 * default to SFM style remapping of seven reserved characters
1435 * unless user overrides it or we negotiate CIFS POSIX where
1436 * it is unnecessary. Can not simultaneously use more than one mapping
1437 * since then readdir could list files that open could not open
1438 */
1439 ctx->remap = true;
1440
1441 /* default to only allowing write access to owner of the mount */
1442 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1443
1444 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1445 /* default is always to request posix paths. */
1446 ctx->posix_paths = 1;
1447 /* default to using server inode numbers where available */
1448 ctx->server_ino = 1;
1449
1450 /* default is to use strict cifs caching semantics */
1451 ctx->strict_io = true;
1452
1453 ctx->acregmax = CIFS_DEF_ACTIMEO;
1454 ctx->acdirmax = CIFS_DEF_ACTIMEO;
1455
1456 /* Most clients set timeout to 0, allows server to use its default */
1457 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */
1458
1459 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
1460 ctx->ops = &smb30_operations;
1461 ctx->vals = &smbdefault_values;
1462
1463 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
1464
1465 /* default to no multichannel (single server connection) */
1466 ctx->multichannel = false;
1467 ctx->max_channels = 1;
1468
1469 ctx->backupuid_specified = false; /* no backup intent for a user */
1470 ctx->backupgid_specified = false; /* no backup intent for a group */
1471
1472 /*
1473 * short int override_uid = -1;
1474 * short int override_gid = -1;
1475 * char *nodename = strdup(utsname()->nodename);
1476 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
1477 */
1478
1479 fc->fs_private = ctx;
1480 fc->ops = &smb3_fs_context_ops;
1481 return 0;
1482 }
1483
1484 void
smb3_cleanup_fs_context_contents(struct smb3_fs_context * ctx)1485 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx)
1486 {
1487 if (ctx == NULL)
1488 return;
1489
1490 /*
1491 * Make sure this stays in sync with smb3_fs_context_dup()
1492 */
1493 kfree(ctx->mount_options);
1494 ctx->mount_options = NULL;
1495 kfree(ctx->username);
1496 ctx->username = NULL;
1497 kfree_sensitive(ctx->password);
1498 ctx->password = NULL;
1499 kfree(ctx->UNC);
1500 ctx->UNC = NULL;
1501 kfree(ctx->source);
1502 ctx->source = NULL;
1503 kfree(ctx->domainname);
1504 ctx->domainname = NULL;
1505 kfree(ctx->nodename);
1506 ctx->nodename = NULL;
1507 kfree(ctx->iocharset);
1508 ctx->iocharset = NULL;
1509 kfree(ctx->prepath);
1510 ctx->prepath = NULL;
1511 }
1512
1513 void
smb3_cleanup_fs_context(struct smb3_fs_context * ctx)1514 smb3_cleanup_fs_context(struct smb3_fs_context *ctx)
1515 {
1516 if (!ctx)
1517 return;
1518 smb3_cleanup_fs_context_contents(ctx);
1519 kfree(ctx);
1520 }
1521
smb3_update_mnt_flags(struct cifs_sb_info * cifs_sb)1522 void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb)
1523 {
1524 struct smb3_fs_context *ctx = cifs_sb->ctx;
1525
1526 if (ctx->nodfs)
1527 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_DFS;
1528 else
1529 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_DFS;
1530
1531 if (ctx->noperm)
1532 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
1533 else
1534 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_PERM;
1535
1536 if (ctx->setuids)
1537 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
1538 else
1539 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SET_UID;
1540
1541 if (ctx->setuidfromacl)
1542 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UID_FROM_ACL;
1543 else
1544 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UID_FROM_ACL;
1545
1546 if (ctx->server_ino)
1547 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
1548 else
1549 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM;
1550
1551 if (ctx->remap)
1552 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SFM_CHR;
1553 else
1554 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SFM_CHR;
1555
1556 if (ctx->sfu_remap)
1557 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
1558 else
1559 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR;
1560
1561 if (ctx->no_xattr)
1562 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
1563 else
1564 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_XATTR;
1565
1566 if (ctx->sfu_emul)
1567 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
1568 else
1569 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_UNX_EMUL;
1570
1571 if (ctx->nobrl)
1572 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
1573 else
1574 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_BRL;
1575
1576 if (ctx->nohandlecache)
1577 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_HANDLE_CACHE;
1578 else
1579 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NO_HANDLE_CACHE;
1580
1581 if (ctx->nostrictsync)
1582 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
1583 else
1584 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOSSYNC;
1585
1586 if (ctx->mand_lock)
1587 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
1588 else
1589 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_NOPOSIXBRL;
1590
1591 if (ctx->rwpidforward)
1592 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
1593 else
1594 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_RWPIDFORWARD;
1595
1596 if (ctx->mode_ace)
1597 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MODE_FROM_SID;
1598 else
1599 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MODE_FROM_SID;
1600
1601 if (ctx->cifs_acl)
1602 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
1603 else
1604 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_ACL;
1605
1606 if (ctx->backupuid_specified)
1607 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
1608 else
1609 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPUID;
1610
1611 if (ctx->backupgid_specified)
1612 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
1613 else
1614 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_CIFS_BACKUPGID;
1615
1616 if (ctx->override_uid)
1617 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
1618 else
1619 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_UID;
1620
1621 if (ctx->override_gid)
1622 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
1623 else
1624 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_OVERR_GID;
1625
1626 if (ctx->dynperm)
1627 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
1628 else
1629 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DYNPERM;
1630
1631 if (ctx->fsc)
1632 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
1633 else
1634 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_FSCACHE;
1635
1636 if (ctx->multiuser)
1637 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
1638 CIFS_MOUNT_NO_PERM);
1639 else
1640 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MULTIUSER;
1641
1642
1643 if (ctx->strict_io)
1644 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
1645 else
1646 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_STRICT_IO;
1647
1648 if (ctx->direct_io)
1649 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
1650 else
1651 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_DIRECT_IO;
1652
1653 if (ctx->mfsymlinks)
1654 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
1655 else
1656 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_MF_SYMLINKS;
1657 if (ctx->mfsymlinks) {
1658 if (ctx->sfu_emul) {
1659 /*
1660 * Our SFU ("Services for Unix" emulation does not allow
1661 * creating symlinks but does allow reading existing SFU
1662 * symlinks (it does allow both creating and reading SFU
1663 * style mknod and FIFOs though). When "mfsymlinks" and
1664 * "sfu" are both enabled at the same time, it allows
1665 * reading both types of symlinks, but will only create
1666 * them with mfsymlinks format. This allows better
1667 * Apple compatibility (probably better for Samba too)
1668 * while still recognizing old Windows style symlinks.
1669 */
1670 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n");
1671 }
1672 }
1673 cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SHUTDOWN;
1674
1675 return;
1676 }
1677
