1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2020, Microsoft Corporation.
4 *
5 * Author(s): Steve French <stfrench@microsoft.com>
6 * David Howells <dhowells@redhat.com>
7 */
8
9 /*
10 #include <linux/module.h>
11 #include <linux/nsproxy.h>
12 #include <linux/slab.h>
13 #include <linux/magic.h>
14 #include <linux/security.h>
15 #include <net/net_namespace.h>
16 #ifdef CONFIG_CIFS_DFS_UPCALL
17 #include "dfs_cache.h"
18 #endif
19 */
20
21 #include <linux/ctype.h>
22 #include <linux/fs_context.h>
23 #include <linux/fs_parser.h>
24 #include <linux/fs.h>
25 #include <linux/mount.h>
26 #include <linux/parser.h>
27 #include <linux/utsname.h>
28 #include "cifsfs.h"
29 #include "cifsglob.h"
30 #include "cifsproto.h"
31 #include "cifs_unicode.h"
32 #include "cifs_debug.h"
33 #include "cifs_fs_sb.h"
34 #include "ntlmssp.h"
35 #include "nterr.h"
36 #include "rfc1002pdu.h"
37 #include "fs_context.h"
38
39 DEFINE_MUTEX(cifs_mount_mutex);
40
41 static const match_table_t cifs_smb_version_tokens = {
42 { Smb_1, SMB1_VERSION_STRING },
43 { Smb_20, SMB20_VERSION_STRING},
44 { Smb_21, SMB21_VERSION_STRING },
45 { Smb_30, SMB30_VERSION_STRING },
46 { Smb_302, SMB302_VERSION_STRING },
47 { Smb_302, ALT_SMB302_VERSION_STRING },
48 { Smb_311, SMB311_VERSION_STRING },
49 { Smb_311, ALT_SMB311_VERSION_STRING },
50 { Smb_3any, SMB3ANY_VERSION_STRING },
51 { Smb_default, SMBDEFAULT_VERSION_STRING },
52 { Smb_version_err, NULL }
53 };
54
55 static const match_table_t cifs_secflavor_tokens = {
56 { Opt_sec_krb5, "krb5" },
57 { Opt_sec_krb5i, "krb5i" },
58 { Opt_sec_krb5p, "krb5p" },
59 { Opt_sec_ntlmsspi, "ntlmsspi" },
60 { Opt_sec_ntlmssp, "ntlmssp" },
61 { Opt_sec_ntlmv2, "nontlm" },
62 { Opt_sec_ntlmv2, "ntlmv2" },
63 { Opt_sec_ntlmv2i, "ntlmv2i" },
64 { Opt_sec_none, "none" },
65
66 { Opt_sec_err, NULL }
67 };
68
69 static const match_table_t cifs_upcall_target = {
70 { Opt_upcall_target_mount, "mount" },
71 { Opt_upcall_target_application, "app" },
72 { Opt_upcall_target_err, NULL }
73 };
74
75 const struct fs_parameter_spec smb3_fs_parameters[] = {
76 /* Mount options that take no arguments */
77 fsparam_flag_no("user_xattr", Opt_user_xattr),
78 fsparam_flag_no("forceuid", Opt_forceuid),
79 fsparam_flag_no("multichannel", Opt_multichannel),
80 fsparam_flag_no("forcegid", Opt_forcegid),
81 fsparam_flag("noblocksend", Opt_noblocksend),
82 fsparam_flag("noautotune", Opt_noautotune),
83 fsparam_flag_no("lease", Opt_lease),
84 fsparam_flag_no("hard", Opt_hard),
85 fsparam_flag_no("soft", Opt_soft),
86 fsparam_flag_no("perm", Opt_perm),
87 fsparam_flag("nodelete", Opt_nodelete),
88 fsparam_flag_no("mapposix", Opt_mapposix),
89 fsparam_flag("mapchars", Opt_mapchars),
90 fsparam_flag("nomapchars", Opt_nomapchars),
91 fsparam_flag_no("sfu", Opt_sfu),
92 fsparam_flag("nodfs", Opt_nodfs),
93 fsparam_flag_no("posixpaths", Opt_posixpaths),
94 fsparam_flag_no("unix", Opt_unix),
95 fsparam_flag_no("linux", Opt_unix),
96 fsparam_flag_no("posix", Opt_unix),
97 fsparam_flag("nocase", Opt_nocase),
98 fsparam_flag("ignorecase", Opt_nocase),
99 fsparam_flag_no("brl", Opt_brl),
100 fsparam_flag_no("handlecache", Opt_handlecache),
101 fsparam_flag("forcemandatorylock", Opt_forcemandatorylock),
102 fsparam_flag("forcemand", Opt_forcemandatorylock),
103 fsparam_flag("setuidfromacl", Opt_setuidfromacl),
104 fsparam_flag("idsfromsid", Opt_setuidfromacl),
105 fsparam_flag_no("setuids", Opt_setuids),
106 fsparam_flag_no("dynperm", Opt_dynperm),
107 fsparam_flag_no("intr", Opt_intr),
108 fsparam_flag_no("strictsync", Opt_strictsync),
109 fsparam_flag_no("serverino", Opt_serverino),
110 fsparam_flag("rwpidforward", Opt_rwpidforward),
111 fsparam_flag("cifsacl", Opt_cifsacl),
112 fsparam_flag_no("acl", Opt_acl),
113 fsparam_flag("locallease", Opt_locallease),
114 fsparam_flag("sign", Opt_sign),
115 fsparam_flag("ignore_signature", Opt_ignore_signature),
116 fsparam_flag("signloosely", Opt_ignore_signature),
117 fsparam_flag("seal", Opt_seal),
118 fsparam_flag("noac", Opt_noac),
119 fsparam_flag("fsc", Opt_fsc),
120 fsparam_flag("mfsymlinks", Opt_mfsymlinks),
121 fsparam_flag("multiuser", Opt_multiuser),
122 fsparam_flag("sloppy", Opt_sloppy),
123 fsparam_flag("nosharesock", Opt_nosharesock),
124 fsparam_flag_no("persistenthandles", Opt_persistent),
125 fsparam_flag_no("resilienthandles", Opt_resilient),
126 fsparam_flag_no("tcpnodelay", Opt_tcp_nodelay),
127 fsparam_flag("nosparse", Opt_nosparse),
128 fsparam_flag("domainauto", Opt_domainauto),
129 fsparam_flag("rdma", Opt_rdma),
130 fsparam_flag("modesid", Opt_modesid),
131 fsparam_flag("modefromsid", Opt_modesid),
132 fsparam_flag("rootfs", Opt_rootfs),
133 fsparam_flag("compress", Opt_compress),
134 fsparam_flag("witness", Opt_witness),
135 fsparam_flag_no("nativesocket", Opt_nativesocket),
136 fsparam_flag_no("unicode", Opt_unicode),
137 fsparam_flag_no("nbsessinit", Opt_nbsessinit),
138
139 /* Mount options which take uid or gid */
140 fsparam_uid("backupuid", Opt_backupuid),
141 fsparam_gid("backupgid", Opt_backupgid),
142 fsparam_uid("uid", Opt_uid),
143 fsparam_uid("cruid", Opt_cruid),
144 fsparam_gid("gid", Opt_gid),
145
146 /* Mount options which take numeric value */
147 fsparam_u32("file_mode", Opt_file_mode),
148 fsparam_u32("dirmode", Opt_dirmode),
149 fsparam_u32("dir_mode", Opt_dirmode),
150 fsparam_u32("port", Opt_port),
151 fsparam_u32("min_enc_offload", Opt_min_enc_offload),
152 fsparam_u32("retrans", Opt_retrans),
153 fsparam_u32("esize", Opt_min_enc_offload),
154 fsparam_u32("bsize", Opt_blocksize),
155 fsparam_u32("rasize", Opt_rasize),
156 fsparam_u32("rsize", Opt_rsize),
157 fsparam_u32("wsize", Opt_wsize),
158 fsparam_u32("actimeo", Opt_actimeo),
159 fsparam_u32("acdirmax", Opt_acdirmax),
160 fsparam_u32("acregmax", Opt_acregmax),
161 fsparam_u32("closetimeo", Opt_closetimeo),
162 fsparam_u32("echo_interval", Opt_echo_interval),
163 fsparam_u32("max_credits", Opt_max_credits),
164 fsparam_u32("max_cached_dirs", Opt_max_cached_dirs),
165 fsparam_u32("handletimeout", Opt_handletimeout),
166 fsparam_u64("snapshot", Opt_snapshot),
167 fsparam_u32("max_channels", Opt_max_channels),
168
169 /* Mount options which take string value */
170 fsparam_string("source", Opt_source),
171 fsparam_string("user", Opt_user),
172 fsparam_string("username", Opt_user),
173 fsparam_string("pass", Opt_pass),
174 fsparam_string("password", Opt_pass),
175 fsparam_string("pass2", Opt_pass2),
176 fsparam_string("password2", Opt_pass2),
177 fsparam_string("ip", Opt_ip),
178 fsparam_string("addr", Opt_ip),
179 fsparam_string("domain", Opt_domain),
180 fsparam_string("dom", Opt_domain),
181 fsparam_string("srcaddr", Opt_srcaddr),
182 fsparam_string("iocharset", Opt_iocharset),
183 fsparam_string("netbiosname", Opt_netbiosname),
184 fsparam_string("servern", Opt_servern),
185 fsparam_string("ver", Opt_ver),
186 fsparam_string("vers", Opt_vers),
187 fsparam_string("sec", Opt_sec),
188 fsparam_string("cache", Opt_cache),
189 fsparam_string("reparse", Opt_reparse),
190 fsparam_string("upcall_target", Opt_upcalltarget),
191 fsparam_string("symlink", Opt_symlink),
192 fsparam_string("symlinkroot", Opt_symlinkroot),
193
194 /* Arguments that should be ignored */
195 fsparam_flag("guest", Opt_ignore),
196 fsparam_flag("noatime", Opt_ignore),
197 fsparam_flag("relatime", Opt_ignore),
198 fsparam_flag("_netdev", Opt_ignore),
199 fsparam_flag_no("suid", Opt_ignore),
200 fsparam_flag_no("exec", Opt_ignore),
201 fsparam_flag_no("dev", Opt_ignore),
202 fsparam_flag_no("mand", Opt_ignore),
203 fsparam_flag_no("auto", Opt_ignore),
204 fsparam_string("cred", Opt_ignore),
205 fsparam_string("credentials", Opt_ignore),
206 /*
207 * UNC and prefixpath is now extracted from Opt_source
208 * in the new mount API so we can just ignore them going forward.
209 */
210 fsparam_string("unc", Opt_ignore),
211 fsparam_string("prefixpath", Opt_ignore),
212 {}
213 };
214
215 static int
cifs_parse_security_flavors(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)216 cifs_parse_security_flavors(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
217 {
218
219 substring_t args[MAX_OPT_ARGS];
220
221 /*
222 * With mount options, the last one should win. Reset any existing
223 * settings back to default.
224 */
225 ctx->sectype = Unspecified;
226 ctx->sign = false;
227
228 switch (match_token(value, cifs_secflavor_tokens, args)) {
229 case Opt_sec_krb5p:
230 cifs_errorf(fc, "sec=krb5p is not supported. Use sec=krb5,seal instead\n");
231 return 1;
232 case Opt_sec_krb5i:
233 ctx->sign = true;
234 fallthrough;
235 case Opt_sec_krb5:
236 ctx->sectype = Kerberos;
237 break;
238 case Opt_sec_ntlmsspi:
239 ctx->sign = true;
240 fallthrough;
241 case Opt_sec_ntlmssp:
242 ctx->sectype = RawNTLMSSP;
243 break;
244 case Opt_sec_ntlmv2i:
245 ctx->sign = true;
246 fallthrough;
247 case Opt_sec_ntlmv2:
248 ctx->sectype = NTLMv2;
249 break;
250 case Opt_sec_none:
251 ctx->nullauth = 1;
252 kfree(ctx->username);
253 ctx->username = NULL;
254 break;
255 default:
256 cifs_errorf(fc, "bad security option: %s\n", value);
257 return 1;
258 }
259
260 return 0;
261 }
262
263 static int
cifs_parse_upcall_target(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)264 cifs_parse_upcall_target(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
265 {
266 substring_t args[MAX_OPT_ARGS];
267
268 ctx->upcall_target = UPTARGET_UNSPECIFIED;
269
270 switch (match_token(value, cifs_upcall_target, args)) {
271 case Opt_upcall_target_mount:
272 ctx->upcall_target = UPTARGET_MOUNT;
273 break;
274 case Opt_upcall_target_application:
275 ctx->upcall_target = UPTARGET_APP;
276 break;
277
278 default:
279 cifs_errorf(fc, "bad upcall target: %s\n", value);
280 return 1;
281 }
282
283 return 0;
284 }
285
286 static const match_table_t cifs_cacheflavor_tokens = {
287 { Opt_cache_loose, "loose" },
288 { Opt_cache_strict, "strict" },
289 { Opt_cache_none, "none" },
290 { Opt_cache_ro, "ro" },
291 { Opt_cache_rw, "singleclient" },
292 { Opt_cache_err, NULL }
293 };
294
295 static int
cifs_parse_cache_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)296 cifs_parse_cache_flavor(struct fs_context *fc, char *value, struct smb3_fs_context *ctx)
297 {
298 substring_t args[MAX_OPT_ARGS];
299
300 switch (match_token(value, cifs_cacheflavor_tokens, args)) {
301 case Opt_cache_loose:
302 ctx->direct_io = false;
303 ctx->strict_io = false;
304 ctx->cache_ro = false;
305 ctx->cache_rw = false;
306 break;
307 case Opt_cache_strict:
308 ctx->direct_io = false;
309 ctx->strict_io = true;
310 ctx->cache_ro = false;
311 ctx->cache_rw = false;
312 break;
313 case Opt_cache_none:
314 ctx->direct_io = true;
315 ctx->strict_io = false;
316 ctx->cache_ro = false;
317 ctx->cache_rw = false;
318 break;
319 case Opt_cache_ro:
320 ctx->direct_io = false;
321 ctx->strict_io = false;
322 ctx->cache_ro = true;
323 ctx->cache_rw = false;
324 break;
325 case Opt_cache_rw:
326 ctx->direct_io = false;
327 ctx->strict_io = false;
328 ctx->cache_ro = false;
329 ctx->cache_rw = true;
330 break;
331 default:
332 cifs_errorf(fc, "bad cache= option: %s\n", value);
333 return 1;
334 }
335 return 0;
336 }
337
338 static const match_table_t reparse_flavor_tokens = {
339 { Opt_reparse_default, "default" },
340 { Opt_reparse_none, "none" },
341 { Opt_reparse_nfs, "nfs" },
342 { Opt_reparse_wsl, "wsl" },
343 { Opt_reparse_err, NULL },
344 };
345
parse_reparse_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)346 static int parse_reparse_flavor(struct fs_context *fc, char *value,
347 struct smb3_fs_context *ctx)
348 {
349 substring_t args[MAX_OPT_ARGS];
350
351 switch (match_token(value, reparse_flavor_tokens, args)) {
352 case Opt_reparse_default:
353 ctx->reparse_type = CIFS_REPARSE_TYPE_DEFAULT;
354 break;
355 case Opt_reparse_none:
356 ctx->reparse_type = CIFS_REPARSE_TYPE_NONE;
357 break;
358 case Opt_reparse_nfs:
359 ctx->reparse_type = CIFS_REPARSE_TYPE_NFS;
360 break;
361 case Opt_reparse_wsl:
362 ctx->reparse_type = CIFS_REPARSE_TYPE_WSL;
363 break;
364 default:
365 cifs_errorf(fc, "bad reparse= option: %s\n", value);
366 return 1;
367 }
368 return 0;
369 }
370
371 static const match_table_t symlink_flavor_tokens = {
372 { Opt_symlink_default, "default" },
373 { Opt_symlink_none, "none" },
374 { Opt_symlink_native, "native" },
375 { Opt_symlink_unix, "unix" },
376 { Opt_symlink_mfsymlinks, "mfsymlinks" },
377 { Opt_symlink_sfu, "sfu" },
378 { Opt_symlink_nfs, "nfs" },
379 { Opt_symlink_wsl, "wsl" },
380 { Opt_symlink_err, NULL },
381 };
382
parse_symlink_flavor(struct fs_context * fc,char * value,struct smb3_fs_context * ctx)383 static int parse_symlink_flavor(struct fs_context *fc, char *value,
384 struct smb3_fs_context *ctx)
385 {
386 substring_t args[MAX_OPT_ARGS];
387
388 switch (match_token(value, symlink_flavor_tokens, args)) {
389 case Opt_symlink_default:
390 ctx->symlink_type = CIFS_SYMLINK_TYPE_DEFAULT;
391 break;
392 case Opt_symlink_none:
393 ctx->symlink_type = CIFS_SYMLINK_TYPE_NONE;
394 break;
395 case Opt_symlink_native:
396 ctx->symlink_type = CIFS_SYMLINK_TYPE_NATIVE;
397 break;
398 case Opt_symlink_unix:
399 ctx->symlink_type = CIFS_SYMLINK_TYPE_UNIX;
400 break;
401 case Opt_symlink_mfsymlinks:
402 ctx->symlink_type = CIFS_SYMLINK_TYPE_MFSYMLINKS;
403 break;
404 case Opt_symlink_sfu:
405 ctx->symlink_type = CIFS_SYMLINK_TYPE_SFU;
406 break;
407 case Opt_symlink_nfs:
408 ctx->symlink_type = CIFS_SYMLINK_TYPE_NFS;
409 break;
410 case Opt_symlink_wsl:
411 ctx->symlink_type = CIFS_SYMLINK_TYPE_WSL;
412 break;
413 default:
414 cifs_errorf(fc, "bad symlink= option: %s\n", value);
415 return 1;
416 }
417 return 0;
418 }
419
420 #define DUP_CTX_STR(field) \
421 do { \
422 if (ctx->field) { \
423 new_ctx->field = kstrdup(ctx->field, GFP_ATOMIC); \
424 if (new_ctx->field == NULL) { \
425 smb3_cleanup_fs_context_contents(new_ctx); \
426 return -ENOMEM; \
427 } \
428 } \
429 } while (0)
430
431 int
smb3_fs_context_dup(struct smb3_fs_context * new_ctx,struct smb3_fs_context * ctx)432 smb3_fs_context_dup(struct smb3_fs_context *new_ctx, struct smb3_fs_context *ctx)
433 {
434 memcpy(new_ctx, ctx, sizeof(*ctx));
435 new_ctx->prepath = NULL;
436 new_ctx->nodename = NULL;
437 new_ctx->username = NULL;
438 new_ctx->password = NULL;
439 new_ctx->password2 = NULL;
440 new_ctx->server_hostname = NULL;
441 new_ctx->domainname = NULL;
442 new_ctx->UNC = NULL;
443 new_ctx->source = NULL;
444 new_ctx->iocharset = NULL;
445 new_ctx->leaf_fullpath = NULL;
446 new_ctx->dns_dom = NULL;
447 new_ctx->symlinkroot = NULL;
448 /*
449 * Make sure to stay in sync with smb3_cleanup_fs_context_contents()
450 */
451 DUP_CTX_STR(prepath);
452 DUP_CTX_STR(username);
453 DUP_CTX_STR(password);
454 DUP_CTX_STR(password2);
455 DUP_CTX_STR(server_hostname);
456 DUP_CTX_STR(UNC);
457 DUP_CTX_STR(source);
458 DUP_CTX_STR(domainname);
459 DUP_CTX_STR(nodename);
460 DUP_CTX_STR(iocharset);
461 DUP_CTX_STR(leaf_fullpath);
462 DUP_CTX_STR(dns_dom);
463 DUP_CTX_STR(symlinkroot);
464
465 return 0;
466 }
467
468 static int
cifs_parse_smb_version(struct fs_context * fc,char * value,struct smb3_fs_context * ctx,bool is_smb3)469 cifs_parse_smb_version(struct fs_context *fc, char *value, struct smb3_fs_context *ctx, bool is_smb3)
470 {
471 substring_t args[MAX_OPT_ARGS];
472
473 switch (match_token(value, cifs_smb_version_tokens, args)) {
474 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
475 case Smb_1:
476 if (disable_legacy_dialects) {
477 cifs_errorf(fc, "mount with legacy dialect disabled\n");
478 return 1;
479 }
480 if (is_smb3) {
481 cifs_errorf(fc, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
482 return 1;
483 }
484 cifs_errorf(fc, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
485 ctx->ops = &smb1_operations;
486 ctx->vals = &smb1_values;
487 break;
488 case Smb_20:
489 if (disable_legacy_dialects) {
490 cifs_errorf(fc, "mount with legacy dialect disabled\n");
491 return 1;
492 }
493 if (is_smb3) {
494 cifs_errorf(fc, "vers=2.0 not permitted when mounting with smb3\n");
495 return 1;
496 }
497 ctx->ops = &smb20_operations;
498 ctx->vals = &smb20_values;
499 break;
500 #else
501 case Smb_1:
502 cifs_errorf(fc, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
503 return 1;
504 case Smb_20:
505 cifs_errorf(fc, "vers=2.0 mount not permitted when legacy dialects disabled\n");
506 return 1;
507 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
508 case Smb_21:
509 ctx->ops = &smb21_operations;
510 ctx->vals = &smb21_values;
511 break;
512 case Smb_30:
513 ctx->ops = &smb30_operations;
514 ctx->vals = &smb30_values;
515 break;
516 case Smb_302:
517 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
518 ctx->vals = &smb302_values;
519 break;
520 case Smb_311:
521 ctx->ops = &smb311_operations;
522 ctx->vals = &smb311_values;
523 break;
524 case Smb_3any:
525 ctx->ops = &smb30_operations; /* currently identical with 3.0 */
526 ctx->vals = &smb3any_values;
527 break;
528 case Smb_default:
529 ctx->ops = &smb30_operations;
530 ctx->vals = &smbdefault_values;
531 break;
532 default:
533 cifs_errorf(fc, "Unknown vers= option specified: %s\n", value);
534 return 1;
535 }
536 return 0;
537 }
538
smb3_parse_opt(const char * options,const char * key,char ** val)539 int smb3_parse_opt(const char *options, const char *key, char **val)
540 {
541 int rc = -ENOENT;
542 char *opts, *orig, *p;
543
544 orig = opts = kstrdup(options, GFP_KERNEL);
545 if (!opts)
546 return -ENOMEM;
547
548 while ((p = strsep(&opts, ","))) {
549 char *nval;
550
551 if (!*p)
552 continue;
553 if (strncasecmp(p, key, strlen(key)))
554 continue;
555 nval = strchr(p, '=');
556 if (nval) {
557 if (nval == p)
558 continue;
559 *nval++ = 0;
560 *val = kstrdup(nval, GFP_KERNEL);
561 rc = !*val ? -ENOMEM : 0;
562 goto out;
563 }
564 }
565 out:
566 kfree(orig);
567 return rc;
568 }
569
570 /*
571 * Remove duplicate path delimiters. Windows is supposed to do that
572 * but there are some bugs that prevent rename from working if there are
573 * multiple delimiters.
574 *
575 * Return a sanitized duplicate of @path or NULL for empty prefix paths.
576 * Otherwise, return ERR_PTR.
577 *
578 * @gfp indicates the GFP_* flags for kstrdup.
579 * The caller is responsible for freeing the original.
580 */
581 #define IS_DELIM(c) ((c) == '/' || (c) == '\\')
cifs_sanitize_prepath(char * prepath,gfp_t gfp)582 char *cifs_sanitize_prepath(char *prepath, gfp_t gfp)
583 {
584 char *cursor1 = prepath, *cursor2 = prepath;
585 char *s;
586
587 /* skip all prepended delimiters */
588 while (IS_DELIM(*cursor1))
589 cursor1++;
590
591 /* exit in case of only delimiters */
592 if (!*cursor1)
593 return NULL;
594
595 /* copy the first letter */
596 *cursor2 = *cursor1;
597
598 /* copy the remainder... */
599 while (*(cursor1++)) {
600 /* ... skipping all duplicated delimiters */
601 if (IS_DELIM(*cursor1) && IS_DELIM(*cursor2))
602 continue;
603 *(++cursor2) = *cursor1;
604 }
605
606 /* if the last character is a delimiter, skip it */
607 if (IS_DELIM(*(cursor2 - 1)))
608 cursor2--;
609
610 *cursor2 = '\0';
611 if (!*prepath)
612 return NULL;
613 s = kstrdup(prepath, gfp);
614 if (!s)
615 return ERR_PTR(-ENOMEM);
616 return s;
617 }
618
619 /*
620 * Return full path based on the values of @ctx->{UNC,prepath}.
621 *
622 * It is assumed that both values were already parsed by smb3_parse_devname().
623 */
smb3_fs_context_fullpath(const struct smb3_fs_context * ctx,char dirsep)624 char *smb3_fs_context_fullpath(const struct smb3_fs_context *ctx, char dirsep)
625 {
626 size_t ulen, plen;
627 char *s;
628
629 ulen = strlen(ctx->UNC);
630 plen = ctx->prepath ? strlen(ctx->prepath) + 1 : 0;
631
632 s = kmalloc(ulen + plen + 1, GFP_KERNEL);
633 if (!s)
634 return ERR_PTR(-ENOMEM);
635 memcpy(s, ctx->UNC, ulen);
636 if (plen) {
637 s[ulen] = dirsep;
638 memcpy(s + ulen + 1, ctx->prepath, plen);
639 }
640 s[ulen + plen] = '\0';
641 convert_delimiter(s, dirsep);
642 return s;
643 }
644
645 /*
646 * Parse a devname into substrings and populate the ctx->UNC and ctx->prepath
647 * fields with the result. Returns 0 on success and an error otherwise
648 * (e.g. ENOMEM or EINVAL)
649 */
650 int
smb3_parse_devname(const char * devname,struct smb3_fs_context * ctx)651 smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
652 {
653 char *pos;
654 const char *delims = "/\\";
655 size_t len;
656 int rc;
657
658 if (unlikely(!devname || !*devname)) {
659 cifs_dbg(VFS, "Device name not specified\n");
660 return -EINVAL;
661 }
662
663 /* make sure we have a valid UNC double delimiter prefix */
664 len = strspn(devname, delims);
665 if (len != 2) {
666 cifs_dbg(VFS, "UNC: path must begin with // or \\\\\n");
667 return -EINVAL;
668 }
669
670 /* find delimiter between host and sharename */
671 pos = strpbrk(devname + 2, delims);
672 if (!pos) {
673 cifs_dbg(VFS, "UNC: missing delimiter between hostname and share name\n");
674 return -EINVAL;
675 }
676
677 /* record the server hostname */
678 kfree(ctx->server_hostname);
679 ctx->server_hostname = kstrndup(devname + 2, pos - devname - 2, GFP_KERNEL);
680 if (!ctx->server_hostname)
681 return -ENOMEM;
682
683 /* skip past delimiter */
684 ++pos;
685
686 /* now go until next delimiter or end of string */
687 len = strcspn(pos, delims);
688 if (!len) {
689 cifs_dbg(VFS, "UNC: missing share name\n");
690 return -EINVAL;
691 }
692
693 /* move "pos" up to delimiter or NULL */
694 pos += len;
695 kfree(ctx->UNC);
696 ctx->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
697 if (!ctx->UNC)
698 return -ENOMEM;
699
700 convert_delimiter(ctx->UNC, '\\');
701
702 /* skip any delimiter */
703 if (*pos == '/' || *pos == '\\')
704 pos++;
705
706 kfree(ctx->prepath);
707 ctx->prepath = NULL;
708
709 /* If pos is NULL then no prepath */
710 if (!*pos)
711 return 0;
712
713 ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL);
714 if (IS_ERR(ctx->prepath)) {
715 rc = PTR_ERR(ctx->prepath);
716 ctx->prepath = NULL;
717 return rc;
718 }
719
720 return 0;
721 }
722
smb3_handle_conflicting_options(struct fs_context * fc)723 static int smb3_handle_conflicting_options(struct fs_context *fc)
724 {
725 struct smb3_fs_context *ctx = smb3_fc2context(fc);
726
727 if (ctx->multichannel_specified) {
728 if (ctx->multichannel) {
729 if (!ctx->max_channels_specified) {
730 ctx->max_channels = 2;
731 } else if (ctx->max_channels == 1) {
732 cifs_errorf(fc,
733 "max_channels must be greater than 1 when multichannel is enabled\n");
734 return -EINVAL;
735 }
736 } else {
737 if (!ctx->max_channels_specified) {
738 ctx->max_channels = 1;
739 } else if (ctx->max_channels > 1) {
740 cifs_errorf(fc,
741 "max_channels must be equal to 1 when multichannel is disabled\n");
742 return -EINVAL;
743 }
744 }
745 } else {
746 if (ctx->max_channels_specified) {
747 if (ctx->max_channels > 1)
748 ctx->multichannel = true;
749 else
750 ctx->multichannel = false;
751 } else {
752 ctx->multichannel = false;
753 ctx->max_channels = 1;
754 }
755 }
756
757 //resetting default values as remount doesn't initialize fs_context again
758 ctx->multichannel_specified = false;
759 ctx->max_channels_specified = false;
760
761 return 0;
762 }
763
764 static void smb3_fs_context_free(struct fs_context *fc);
765 static int smb3_fs_context_parse_param(struct fs_context *fc,
766 struct fs_parameter *param);
767 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
768 void *data);
769 static int smb3_get_tree(struct fs_context *fc);
770 static void smb3_sync_ses_chan_max(struct cifs_ses *ses, unsigned int max_channels);
771 static int smb3_reconfigure(struct fs_context *fc);
772
773 static const struct fs_context_operations smb3_fs_context_ops = {
774 .free = smb3_fs_context_free,
775 .parse_param = smb3_fs_context_parse_param,
776 .parse_monolithic = smb3_fs_context_parse_monolithic,
777 .get_tree = smb3_get_tree,
778 .reconfigure = smb3_reconfigure,
779 };
780
781 /*
782 * Parse a monolithic block of data from sys_mount().
783 * smb3_fs_context_parse_monolithic - Parse key[=val][,key[=val]]* mount data
784 * @ctx: The superblock configuration to fill in.
785 * @data: The data to parse
786 *
787 * Parse a blob of data that's in key[=val][,key[=val]]* form. This can be
788 * called from the ->monolithic_mount_data() fs_context operation.
789 *
790 * Returns 0 on success or the error returned by the ->parse_option() fs_context
791 * operation on failure.
792 */
smb3_fs_context_parse_monolithic(struct fs_context * fc,void * data)793 static int smb3_fs_context_parse_monolithic(struct fs_context *fc,
794 void *data)
795 {
796 char *options = data, *key;
797 int ret = 0;
798
799 if (!options)
800 return 0;
801
802 ret = security_sb_eat_lsm_opts(options, &fc->security);
803 if (ret)
804 return ret;
805
806 /* BB Need to add support for sep= here TBD */
807 while ((key = strsep(&options, ",")) != NULL) {
808 size_t len;
809 char *value;
810
811 if (*key == 0)
812 break;
813
814 /* Check if following character is the deliminator If yes,
815 * we have encountered a double deliminator reset the NULL
816 * character to the deliminator
817 */
818 while (options && options[0] == ',') {
819 len = strlen(key);
820 strcpy(key + len, options);
821 options = strchr(options, ',');
822 if (options)
823 *options++ = 0;
824 }
825
826
827 value = strchr(key, '=');
828 if (value) {
829 if (value == key)
830 continue;
831 *value++ = 0;
832 }
833
834 ret = vfs_parse_fs_string(fc, key, value);
835 if (ret < 0)
836 break;
837 }
838 return ret ?: smb3_handle_conflicting_options(fc);
839 }
840
841 /*
842 * Validate the preparsed information in the config.
843 */
smb3_fs_context_validate(struct fs_context * fc)844 static int smb3_fs_context_validate(struct fs_context *fc)
845 {
846 struct smb3_fs_context *ctx = smb3_fc2context(fc);
847
848 if (ctx->rdma && ctx->vals->protocol_id < SMB30_PROT_ID) {
849 cifs_errorf(fc, "SMB Direct requires Version >=3.0\n");
850 return -EOPNOTSUPP;
851 }
852
853 #ifndef CONFIG_KEYS
854 /* Muliuser mounts require CONFIG_KEYS support */
855 if (ctx->multiuser) {
856 cifs_errorf(fc, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
857 return -1;
858 }
859 #endif
860
861 if (ctx->got_version == false)
862 pr_warn_once("No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.\n");
863
864
865 if (!ctx->UNC) {
866 cifs_errorf(fc, "CIFS mount error: No usable UNC path provided in device string!\n");
867 return -1;
868 }
869
870 /* make sure UNC has a share name */
871 if (strlen(ctx->UNC) < 3 || !strchr(ctx->UNC + 3, '\\')) {
872 cifs_errorf(fc, "Malformed UNC. Unable to find share name.\n");
873 return -ENOENT;
874 }
875
876 if (!ctx->got_ip) {
877 int len;
878 const char *slash;
879
880 /* No ip= option specified? Try to get it from UNC */
881 /* Use the address part of the UNC. */
882 slash = strchr(&ctx->UNC[2], '\\');
883 len = slash - &ctx->UNC[2];
884 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
885 &ctx->UNC[2], len)) {
886 pr_err("Unable to determine destination address\n");
887 return -EHOSTUNREACH;
888 }
889 }
890
891 /* set the port that we got earlier */
892 cifs_set_port((struct sockaddr *)&ctx->dstaddr, ctx->port);
893
894 if (ctx->uid_specified && !ctx->forceuid_specified) {
895 ctx->override_uid = 1;
896 pr_notice("enabling forceuid mount option implicitly because uid= option is specified\n");
897 }
898
899 if (ctx->gid_specified && !ctx->forcegid_specified) {
900 ctx->override_gid = 1;
901 pr_notice("enabling forcegid mount option implicitly because gid= option is specified\n");
902 }
903
904 if (ctx->override_uid && !ctx->uid_specified) {
905 ctx->override_uid = 0;
906 pr_notice("ignoring forceuid mount option specified with no uid= option\n");
907 }
908
909 if (ctx->override_gid && !ctx->gid_specified) {
910 ctx->override_gid = 0;
911 pr_notice("ignoring forcegid mount option specified with no gid= option\n");
912 }
913
914 return 0;
915 }
916
smb3_get_tree_common(struct fs_context * fc)917 static int smb3_get_tree_common(struct fs_context *fc)
918 {
919 struct smb3_fs_context *ctx = smb3_fc2context(fc);
920 struct dentry *root;
921 int rc = 0;
922
923 root = cifs_smb3_do_mount(fc->fs_type, 0, ctx);
924 if (IS_ERR(root))
925 return PTR_ERR(root);
926
927 fc->root = root;
928
929 return rc;
930 }
931
932 /*
933 * Create an SMB3 superblock from the parameters passed.
934 */
smb3_get_tree(struct fs_context * fc)935 static int smb3_get_tree(struct fs_context *fc)
936 {
937 int err = smb3_fs_context_validate(fc);
938 int ret;
939
940 if (err)
941 return err;
942 cifs_mount_lock();
943 ret = smb3_get_tree_common(fc);
944 cifs_mount_unlock();
945 return ret;
946 }
947
smb3_fs_context_free(struct fs_context * fc)948 static void smb3_fs_context_free(struct fs_context *fc)
949 {
950 struct smb3_fs_context *ctx = smb3_fc2context(fc);
951
952 smb3_cleanup_fs_context(ctx);
953 }
954
955 /*
956 * Compare the old and new proposed context during reconfigure
957 * and check if the changes are compatible.
958 */
smb3_verify_reconfigure_ctx(struct fs_context * fc,struct smb3_fs_context * new_ctx,struct smb3_fs_context * old_ctx,bool need_recon)959 static int smb3_verify_reconfigure_ctx(struct fs_context *fc,
960 struct smb3_fs_context *new_ctx,
961 struct smb3_fs_context *old_ctx, bool need_recon)
962 {
963 if (new_ctx->posix_paths != old_ctx->posix_paths) {
964 cifs_errorf(fc, "can not change posixpaths during remount\n");
965 return -EINVAL;
966 }
967 if (new_ctx->sectype != old_ctx->sectype) {
968 cifs_errorf(fc, "can not change sec during remount\n");
969 return -EINVAL;
970 }
971 if (new_ctx->multiuser != old_ctx->multiuser) {
972 cifs_errorf(fc, "can not change multiuser during remount\n");
973 return -EINVAL;
974 }
975 if (new_ctx->UNC &&
976 (!old_ctx->UNC || strcmp(new_ctx->UNC, old_ctx->UNC))) {
977 cifs_errorf(fc, "can not change UNC during remount\n");
978 return -EINVAL;
979 }
980 if (new_ctx->username &&
981 (!old_ctx->username || strcmp(new_ctx->username, old_ctx->username))) {
982 cifs_errorf(fc, "can not change username during remount\n");
983 return -EINVAL;
984 }
985 if (new_ctx->password &&
986 (!old_ctx->password || strcmp(new_ctx->password, old_ctx->password))) {
987 if (need_recon == false) {
988 cifs_errorf(fc,
989 "can not change password of active session during remount\n");
990 return -EINVAL;
991 } else if (old_ctx->sectype == Kerberos) {
992 cifs_errorf(fc,
993 "can not change password for Kerberos via remount\n");
994 return -EINVAL;
995 }
996 }
997 if (new_ctx->domainname &&
998 (!old_ctx->domainname || strcmp(new_ctx->domainname, old_ctx->domainname))) {
999 cifs_errorf(fc, "can not change domainname during remount\n");
1000 return -EINVAL;
1001 }
1002 if (strcmp(new_ctx->workstation_name, old_ctx->workstation_name)) {
1003 cifs_errorf(fc, "can not change workstation_name during remount\n");
1004 return -EINVAL;
1005 }
1006 if (new_ctx->nodename &&
1007 (!old_ctx->nodename || strcmp(new_ctx->nodename, old_ctx->nodename))) {
1008 cifs_errorf(fc, "can not change nodename during remount\n");
1009 return -EINVAL;
1010 }
1011 if (new_ctx->iocharset &&
1012 (!old_ctx->iocharset || strcmp(new_ctx->iocharset, old_ctx->iocharset))) {
1013 cifs_errorf(fc, "can not change iocharset during remount\n");
1014 return -EINVAL;
1015 }
1016 if (new_ctx->unicode != old_ctx->unicode) {
1017 cifs_errorf(fc, "can not change unicode during remount\n");
1018 return -EINVAL;
1019 }
1020 if (new_ctx->rfc1001_sessinit != old_ctx->rfc1001_sessinit) {
1021 cifs_errorf(fc, "can not change nbsessinit during remount\n");
1022 return -EINVAL;
1023 }
1024
1025 return 0;
1026 }
1027
1028 #define STEAL_STRING(cifs_sb, ctx, field) \
1029 do { \
1030 kfree(ctx->field); \
1031 ctx->field = cifs_sb->ctx->field; \
1032 cifs_sb->ctx->field = NULL; \
1033 } while (0)
1034
1035 #define STEAL_STRING_SENSITIVE(cifs_sb, ctx, field) \
1036 do { \
1037 kfree_sensitive(ctx->field); \
1038 ctx->field = cifs_sb->ctx->field; \
1039 cifs_sb->ctx->field = NULL; \
1040 } while (0)
1041
smb3_sync_session_ctx_passwords(struct cifs_sb_info * cifs_sb,struct cifs_ses * ses)1042 int smb3_sync_session_ctx_passwords(struct cifs_sb_info *cifs_sb, struct cifs_ses *ses)
1043 {
1044 if (ses->password &&
1045 cifs_sb->ctx->password &&
1046 strcmp(ses->password, cifs_sb->ctx->password)) {
1047 kfree_sensitive(cifs_sb->ctx->password);
1048 cifs_sb->ctx->password = kstrdup(ses->password, GFP_KERNEL);
1049 if (!cifs_sb->ctx->password)
1050 return -ENOMEM;
1051 }
1052 if (ses->password2 &&
1053 cifs_sb->ctx->password2 &&
1054 strcmp(ses->password2, cifs_sb->ctx->password2)) {
1055 kfree_sensitive(cifs_sb->ctx->password2);
1056 cifs_sb->ctx->password2 = kstrdup(ses->password2, GFP_KERNEL);
1057 if (!cifs_sb->ctx->password2) {
1058 kfree_sensitive(cifs_sb->ctx->password);
1059 cifs_sb->ctx->password = NULL;
1060 return -ENOMEM;
1061 }
1062 }
1063 return 0;
1064 }
1065
1066 /*
1067 * smb3_sync_ses_chan_max - Synchronize the session's maximum channel count
1068 * @ses: pointer to the old CIFS session structure
1069 * @max_channels: new maximum number of channels to allow
1070 *
1071 * Updates the session's chan_max field to the new value, protecting the update
1072 * with the session's channel lock. This should be called whenever the maximum
1073 * allowed channels for a session changes (e.g., after a remount or reconfigure).
1074 */
smb3_sync_ses_chan_max(struct cifs_ses * ses,unsigned int max_channels)1075 static void smb3_sync_ses_chan_max(struct cifs_ses *ses, unsigned int max_channels)
1076 {
1077 spin_lock(&ses->chan_lock);
1078 ses->chan_max = max_channels;
1079 spin_unlock(&ses->chan_lock);
1080 }
1081
smb3_reconfigure(struct fs_context * fc)1082 static int smb3_reconfigure(struct fs_context *fc)
1083 {
1084 struct smb3_fs_context *ctx = smb3_fc2context(fc);
1085 struct dentry *root = fc->root;
1086 struct cifs_sb_info *cifs_sb = CIFS_SB(root->d_sb);
1087 struct cifs_ses *ses = cifs_sb_master_tcon(cifs_sb)->ses;
1088 unsigned int rsize = ctx->rsize, wsize = ctx->wsize;
1089 char *new_password = NULL, *new_password2 = NULL;
1090 bool need_recon = false;
1091 int rc;
1092
1093 if (ses->expired_pwd)
1094 need_recon = true;
1095
1096 rc = smb3_verify_reconfigure_ctx(fc, ctx, cifs_sb->ctx, need_recon);
1097 if (rc)
1098 return rc;
1099
1100 /*
1101 * We can not change UNC/username/password/domainname/
1102 * workstation_name/nodename/iocharset
1103 * during reconnect so ignore what we have in the new context and
1104 * just use what we already have in cifs_sb->ctx.
1105 */
1106 STEAL_STRING(cifs_sb, ctx, UNC);
1107 STEAL_STRING(cifs_sb, ctx, source);
1108 STEAL_STRING(cifs_sb, ctx, username);
1109
1110 if (need_recon == false)
1111 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password);
1112 else {
1113 if (ctx->password) {
1114 new_password = kstrdup(ctx->password, GFP_KERNEL);
1115 if (!new_password)
1116 return -ENOMEM;
1117 } else
1118 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password);
1119 }
1120
1121 /*
1122 * if a new password2 has been specified, then reset it's value
1123 * inside the ses struct
1124 */
1125 if (ctx->password2) {
1126 new_password2 = kstrdup(ctx->password2, GFP_KERNEL);
1127 if (!new_password2) {
1128 kfree_sensitive(new_password);
1129 return -ENOMEM;
1130 }
1131 } else
1132 STEAL_STRING_SENSITIVE(cifs_sb, ctx, password2);
1133
1134 /*
1135 * we may update the passwords in the ses struct below. Make sure we do
1136 * not race with smb2_reconnect
1137 */
1138 mutex_lock(&ses->session_mutex);
1139
1140 /*
1141 * smb2_reconnect may swap password and password2 in case session setup
1142 * failed. First get ctx passwords in sync with ses passwords. It should
1143 * be okay to do this even if this function were to return an error at a
1144 * later stage
1145 */
1146 rc = smb3_sync_session_ctx_passwords(cifs_sb, ses);
1147 if (rc) {
1148 mutex_unlock(&ses->session_mutex);
1149 kfree_sensitive(new_password);
1150 kfree_sensitive(new_password2);
1151 return rc;
1152 }
1153
1154 /*
1155 * now that allocations for passwords are done, commit them
1156 */
1157 if (new_password) {
1158 kfree_sensitive(ses->password);
1159 ses->password = new_password;
1160 }
1161 if (new_password2) {
1162 kfree_sensitive(ses->password2);
1163 ses->password2 = new_password2;
1164 }
1165
1166 /*
1167 * If multichannel or max_channels has changed, update the session's channels accordingly.
1168 * This may add or remove channels to match the new configuration.
1169 */
1170 if ((ctx->multichannel != cifs_sb->ctx->multichannel) ||
1171 (ctx->max_channels != cifs_sb->ctx->max_channels)) {
1172
1173 /* Synchronize ses->chan_max with the new mount context */
1174 smb3_sync_ses_chan_max(ses, ctx->max_channels);
1175 /* Now update the session's channels to match the new configuration */
1176 /* Prevent concurrent scaling operations */
1177 spin_lock(&ses->ses_lock);
1178 if (ses->flags & CIFS_SES_FLAG_SCALE_CHANNELS) {
1179 spin_unlock(&ses->ses_lock);
1180 mutex_unlock(&ses->session_mutex);
1181 return -EINVAL;
1182 }
1183 ses->flags |= CIFS_SES_FLAG_SCALE_CHANNELS;
1184 spin_unlock(&ses->ses_lock);
1185
1186 mutex_unlock(&ses->session_mutex);
1187
1188 rc = smb3_update_ses_channels(ses, ses->server,
1189 false /* from_reconnect */,
1190 false /* disable_mchan */);
1191
1192 /* Clear scaling flag after operation */
1193 spin_lock(&ses->ses_lock);
1194 ses->flags &= ~CIFS_SES_FLAG_SCALE_CHANNELS;
1195 spin_unlock(&ses->ses_lock);
1196 } else {
1197 mutex_unlock(&ses->session_mutex);
1198 }
1199
1200 STEAL_STRING(cifs_sb, ctx, domainname);
1201 STEAL_STRING(cifs_sb, ctx, nodename);
1202 STEAL_STRING(cifs_sb, ctx, iocharset);
1203
1204 /* if rsize or wsize not passed in on remount, use previous values */
1205 ctx->rsize = rsize ? CIFS_ALIGN_RSIZE(fc, rsize) : cifs_sb->ctx->rsize;
1206 ctx->wsize = wsize ? CIFS_ALIGN_WSIZE(fc, wsize) : cifs_sb->ctx->wsize;
1207
1208 smb3_cleanup_fs_context_contents(cifs_sb->ctx);
1209 rc = smb3_fs_context_dup(cifs_sb->ctx, ctx);
1210 smb3_update_mnt_flags(cifs_sb);
1211 #ifdef CONFIG_CIFS_DFS_UPCALL
1212 if (!rc)
1213 rc = dfs_cache_remount_fs(cifs_sb);
1214 #endif
1215
1216 return rc;
1217 }
1218
smb3_fs_context_parse_param(struct fs_context * fc,struct fs_parameter * param)1219 static int smb3_fs_context_parse_param(struct fs_context *fc,
1220 struct fs_parameter *param)
1221 {
1222 struct fs_parse_result result;
1223 struct smb3_fs_context *ctx = smb3_fc2context(fc);
1224 int i, opt;
1225 bool is_smb3 = !strcmp(fc->fs_type->name, "smb3");
1226 bool skip_parsing = false;
1227 char *hostname;
1228
1229 cifs_dbg(FYI, "CIFS: parsing cifs mount option '%s'\n", param->key);
1230
1231 /*
1232 * fs_parse can not handle string options with an empty value so
1233 * we will need special handling of them.
1234 */
1235 if (param->type == fs_value_is_string && param->string[0] == 0) {
1236 if (!strcmp("pass", param->key) || !strcmp("password", param->key)) {
1237 skip_parsing = true;
1238 opt = Opt_pass;
1239 } else if (!strcmp("user", param->key) || !strcmp("username", param->key)) {
1240 skip_parsing = true;
1241 opt = Opt_user;
1242 } else if (!strcmp("pass2", param->key) || !strcmp("password2", param->key)) {
1243 skip_parsing = true;
1244 opt = Opt_pass2;
1245 }
1246 }
1247
1248 if (!skip_parsing) {
1249 opt = fs_parse(fc, smb3_fs_parameters, param, &result);
1250 if (opt < 0)
1251 return ctx->sloppy ? 1 : opt;
1252 }
1253
1254 switch (opt) {
1255 case Opt_compress:
1256 if (!IS_ENABLED(CONFIG_CIFS_COMPRESSION)) {
1257 cifs_errorf(fc, "CONFIG_CIFS_COMPRESSION kernel config option is unset\n");
1258 goto cifs_parse_mount_err;
1259 }
1260 ctx->compress = true;
1261 cifs_dbg(VFS, "SMB3 compression support is experimental\n");
1262 break;
1263 case Opt_nodfs:
1264 ctx->nodfs = 1;
1265 break;
1266 case Opt_hard:
1267 if (result.negated) {
1268 if (ctx->retry == 1)
1269 cifs_dbg(VFS, "conflicting hard vs. soft mount options\n");
1270 ctx->retry = 0;
1271 } else
1272 ctx->retry = 1;
1273 break;
1274 case Opt_soft:
1275 if (result.negated)
1276 ctx->retry = 1;
1277 else {
1278 if (ctx->retry == 1)
1279 cifs_dbg(VFS, "conflicting hard vs soft mount options\n");
1280 ctx->retry = 0;
1281 }
1282 break;
1283 case Opt_mapposix:
1284 if (result.negated)
1285 ctx->remap = false;
1286 else {
1287 ctx->remap = true;
1288 ctx->sfu_remap = false; /* disable SFU mapping */
1289 }
1290 break;
1291 case Opt_mapchars:
1292 if (result.negated)
1293 ctx->sfu_remap = false;
1294 else {
1295 ctx->sfu_remap = true;
1296 ctx->remap = false; /* disable SFM (mapposix) mapping */
1297 }
1298 break;
1299 case Opt_user_xattr:
1300 if (result.negated)
1301 ctx->no_xattr = 1;
1302 else
1303 ctx->no_xattr = 0;
1304 break;
1305 case Opt_forceuid:
1306 if (result.negated)
1307 ctx->override_uid = 0;
1308 else
1309 ctx->override_uid = 1;
1310 ctx->forceuid_specified = true;
1311 break;
1312 case Opt_forcegid:
1313 if (result.negated)
1314 ctx->override_gid = 0;
1315 else
1316 ctx->override_gid = 1;
1317 ctx->forcegid_specified = true;
1318 break;
1319 case Opt_perm:
1320 if (result.negated)
1321 ctx->noperm = 1;
1322 else
1323 ctx->noperm = 0;
1324 break;
1325 case Opt_dynperm:
1326 if (result.negated)
1327 ctx->dynperm = 0;
1328 else
1329 ctx->dynperm = 1;
1330 break;
1331 case Opt_sfu:
1332 if (result.negated)
1333 ctx->sfu_emul = 0;
1334 else
1335 ctx->sfu_emul = 1;
1336 break;
1337 case Opt_noblocksend:
1338 ctx->noblocksnd = 1;
1339 break;
1340 case Opt_noautotune:
1341 ctx->noautotune = 1;
1342 break;
1343 case Opt_lease:
1344 ctx->no_lease = result.negated;
1345 break;
1346 case Opt_nosparse:
1347 ctx->no_sparse = 1;
1348 break;
1349 case Opt_nodelete:
1350 ctx->nodelete = 1;
1351 break;
1352 case Opt_multichannel:
1353 ctx->multichannel_specified = true;
1354 if (result.negated)
1355 ctx->multichannel = false;
1356 else
1357 ctx->multichannel = true;
1358 break;
1359 case Opt_uid:
1360 ctx->linux_uid = result.uid;
1361 ctx->uid_specified = true;
1362 break;
1363 case Opt_cruid:
1364 ctx->cred_uid = result.uid;
1365 ctx->cruid_specified = true;
1366 break;
1367 case Opt_backupuid:
1368 ctx->backupuid = result.uid;
1369 ctx->backupuid_specified = true;
1370 break;
1371 case Opt_backupgid:
1372 ctx->backupgid = result.gid;
1373 ctx->backupgid_specified = true;
1374 break;
1375 case Opt_gid:
1376 ctx->linux_gid = result.gid;
1377 ctx->gid_specified = true;
1378 break;
1379 case Opt_port:
1380 ctx->port = result.uint_32;
1381 break;
1382 case Opt_file_mode:
1383 ctx->file_mode = result.uint_32;
1384 break;
1385 case Opt_dirmode:
1386 ctx->dir_mode = result.uint_32;
1387 break;
1388 case Opt_min_enc_offload:
1389 ctx->min_offload = result.uint_32;
1390 break;
1391 case Opt_retrans:
1392 ctx->retrans = result.uint_32;
1393 break;
1394 case Opt_blocksize:
1395 /*
1396 * inode blocksize realistically should never need to be
1397 * less than 16K or greater than 16M and default is 1MB.
1398 * Note that small inode block sizes (e.g. 64K) can lead
1399 * to very poor performance of common tools like cp and scp
1400 */
1401 if ((result.uint_32 < CIFS_MAX_MSGSIZE) ||
1402 (result.uint_32 > (4 * SMB3_DEFAULT_IOSIZE))) {
1403 cifs_errorf(fc, "%s: Invalid blocksize\n",
1404 __func__);
1405 goto cifs_parse_mount_err;
1406 }
1407 ctx->bsize = CIFS_ALIGN_BSIZE(fc, result.uint_32);
1408 ctx->got_bsize = true;
1409 break;
1410 case Opt_rasize:
1411 /*
1412 * readahead size realistically should never need to be
1413 * less than 1M (CIFS_DEFAULT_IOSIZE) or greater than 32M
1414 * (perhaps an exception should be considered in the
1415 * for the case of a large number of channels
1416 * when multichannel is negotiated) since that would lead
1417 * to plenty of parallel I/O in flight to the server.
1418 * Note that smaller read ahead sizes would
1419 * hurt performance of common tools like cp and scp
1420 * which often trigger sequential i/o with read ahead
1421 */
1422 if ((result.uint_32 > (8 * SMB3_DEFAULT_IOSIZE)) ||
1423 (result.uint_32 < CIFS_DEFAULT_IOSIZE)) {
1424 cifs_errorf(fc, "%s: Invalid rasize %d vs. %d\n",
1425 __func__, result.uint_32, SMB3_DEFAULT_IOSIZE);
1426 goto cifs_parse_mount_err;
1427 }
1428 ctx->rasize = result.uint_32;
1429 break;
1430 case Opt_rsize:
1431 ctx->rsize = CIFS_ALIGN_RSIZE(fc, result.uint_32);
1432 ctx->got_rsize = true;
1433 ctx->vol_rsize = ctx->rsize;
1434 break;
1435 case Opt_wsize:
1436 ctx->wsize = CIFS_ALIGN_WSIZE(fc, result.uint_32);
1437 ctx->got_wsize = true;
1438 ctx->vol_wsize = ctx->wsize;
1439 break;
1440 case Opt_acregmax:
1441 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1442 cifs_errorf(fc, "acregmax too large\n");
1443 goto cifs_parse_mount_err;
1444 }
1445 ctx->acregmax = HZ * result.uint_32;
1446 break;
1447 case Opt_acdirmax:
1448 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1449 cifs_errorf(fc, "acdirmax too large\n");
1450 goto cifs_parse_mount_err;
1451 }
1452 ctx->acdirmax = HZ * result.uint_32;
1453 break;
1454 case Opt_actimeo:
1455 if (result.uint_32 > CIFS_MAX_ACTIMEO / HZ) {
1456 cifs_errorf(fc, "timeout too large\n");
1457 goto cifs_parse_mount_err;
1458 }
1459 if ((ctx->acdirmax != CIFS_DEF_ACTIMEO) ||
1460 (ctx->acregmax != CIFS_DEF_ACTIMEO)) {
1461 cifs_errorf(fc, "actimeo ignored since acregmax or acdirmax specified\n");
1462 break;
1463 }
1464 ctx->acdirmax = ctx->acregmax = HZ * result.uint_32;
1465 break;
1466 case Opt_closetimeo:
1467 if (result.uint_32 > SMB3_MAX_DCLOSETIMEO / HZ) {
1468 cifs_errorf(fc, "closetimeo too large\n");
1469 goto cifs_parse_mount_err;
1470 }
1471 ctx->closetimeo = HZ * result.uint_32;
1472 break;
1473 case Opt_echo_interval:
1474 if (result.uint_32 < SMB_ECHO_INTERVAL_MIN ||
1475 result.uint_32 > SMB_ECHO_INTERVAL_MAX) {
1476 cifs_errorf(fc, "echo interval is out of bounds\n");
1477 goto cifs_parse_mount_err;
1478 }
1479 ctx->echo_interval = result.uint_32;
1480 break;
1481 case Opt_snapshot:
1482 ctx->snapshot_time = result.uint_64;
1483 break;
1484 case Opt_max_credits:
1485 if (result.uint_32 < 20 || result.uint_32 > 60000) {
1486 cifs_errorf(fc, "%s: Invalid max_credits value\n",
1487 __func__);
1488 goto cifs_parse_mount_err;
1489 }
1490 ctx->max_credits = result.uint_32;
1491 break;
1492 case Opt_max_channels:
1493 ctx->max_channels_specified = true;
1494 if (result.uint_32 < 1 || result.uint_32 > CIFS_MAX_CHANNELS) {
1495 cifs_errorf(fc, "%s: Invalid max_channels value, needs to be 1-%d\n",
1496 __func__, CIFS_MAX_CHANNELS);
1497 goto cifs_parse_mount_err;
1498 }
1499 ctx->max_channels = result.uint_32;
1500 break;
1501 case Opt_max_cached_dirs:
1502 if (result.uint_32 < 1) {
1503 cifs_errorf(fc, "%s: Invalid max_cached_dirs, needs to be 1 or more\n",
1504 __func__);
1505 goto cifs_parse_mount_err;
1506 }
1507 ctx->max_cached_dirs = result.uint_32;
1508 break;
1509 case Opt_handletimeout:
1510 ctx->handle_timeout = result.uint_32;
1511 if (ctx->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) {
1512 cifs_errorf(fc, "Invalid handle cache timeout, longer than 16 minutes\n");
1513 goto cifs_parse_mount_err;
1514 }
1515 break;
1516 case Opt_source:
1517 kfree(ctx->UNC);
1518 ctx->UNC = NULL;
1519 switch (smb3_parse_devname(param->string, ctx)) {
1520 case 0:
1521 break;
1522 case -ENOMEM:
1523 cifs_errorf(fc, "Unable to allocate memory for devname\n");
1524 goto cifs_parse_mount_err;
1525 case -EINVAL:
1526 cifs_errorf(fc, "Malformed UNC in devname\n");
1527 goto cifs_parse_mount_err;
1528 default:
1529 cifs_errorf(fc, "Unknown error parsing devname\n");
1530 goto cifs_parse_mount_err;
1531 }
1532 kfree(ctx->source);
1533 ctx->source = smb3_fs_context_fullpath(ctx, '/');
1534 if (IS_ERR(ctx->source)) {
1535 ctx->source = NULL;
1536 cifs_errorf(fc, "OOM when copying UNC string\n");
1537 goto cifs_parse_mount_err;
1538 }
1539 kfree(fc->source);
1540 fc->source = kstrdup(ctx->source, GFP_KERNEL);
1541 if (fc->source == NULL) {
1542 cifs_errorf(fc, "OOM when copying UNC string\n");
1543 goto cifs_parse_mount_err;
1544 }
1545 hostname = extract_hostname(ctx->UNC);
1546 if (IS_ERR(hostname)) {
1547 cifs_errorf(fc, "Cannot extract hostname from UNC string\n");
1548 goto cifs_parse_mount_err;
1549 }
1550 /* last byte, type, is 0x20 for servr type */
1551 memset(ctx->target_rfc1001_name, 0x20, RFC1001_NAME_LEN_WITH_NULL);
1552 for (i = 0; i < RFC1001_NAME_LEN && hostname[i] != 0; i++)
1553 ctx->target_rfc1001_name[i] = toupper(hostname[i]);
1554 kfree(hostname);
1555 break;
1556 case Opt_user:
1557 kfree(ctx->username);
1558 ctx->username = NULL;
1559 if (ctx->nullauth)
1560 break;
1561 if (strlen(param->string) == 0) {
1562 /* null user, ie. anonymous authentication */
1563 ctx->nullauth = 1;
1564 break;
1565 }
1566
1567 if (strnlen(param->string, CIFS_MAX_USERNAME_LEN) ==
1568 CIFS_MAX_USERNAME_LEN) {
1569 pr_warn("username too long\n");
1570 goto cifs_parse_mount_err;
1571 }
1572 ctx->username = no_free_ptr(param->string);
1573 break;
1574 case Opt_pass:
1575 kfree_sensitive(ctx->password);
1576 ctx->password = NULL;
1577 if (strlen(param->string) == 0)
1578 break;
1579 ctx->password = no_free_ptr(param->string);
1580 break;
1581 case Opt_pass2:
1582 kfree_sensitive(ctx->password2);
1583 ctx->password2 = NULL;
1584 if (strlen(param->string) == 0)
1585 break;
1586 ctx->password2 = no_free_ptr(param->string);
1587 break;
1588 case Opt_ip:
1589 if (strlen(param->string) == 0) {
1590 ctx->got_ip = false;
1591 break;
1592 }
1593 if (!cifs_convert_address((struct sockaddr *)&ctx->dstaddr,
1594 param->string,
1595 strlen(param->string))) {
1596 pr_err("bad ip= option (%s)\n", param->string);
1597 goto cifs_parse_mount_err;
1598 }
1599 ctx->got_ip = true;
1600 break;
1601 case Opt_domain:
1602 if (strnlen(param->string, CIFS_MAX_DOMAINNAME_LEN)
1603 == CIFS_MAX_DOMAINNAME_LEN) {
1604 pr_warn("domain name too long\n");
1605 goto cifs_parse_mount_err;
1606 }
1607
1608 kfree(ctx->domainname);
1609 ctx->domainname = no_free_ptr(param->string);
1610 cifs_dbg(FYI, "Domain name set\n");
1611 break;
1612 case Opt_srcaddr:
1613 if (!cifs_convert_address(
1614 (struct sockaddr *)&ctx->srcaddr,
1615 param->string, strlen(param->string))) {
1616 pr_warn("Could not parse srcaddr: %s\n",
1617 param->string);
1618 goto cifs_parse_mount_err;
1619 }
1620 break;
1621 case Opt_iocharset:
1622 if (strnlen(param->string, 1024) >= 65) {
1623 pr_warn("iocharset name too long\n");
1624 goto cifs_parse_mount_err;
1625 }
1626
1627 if (strncasecmp(param->string, "default", 7) != 0) {
1628 kfree(ctx->iocharset);
1629 ctx->iocharset = no_free_ptr(param->string);
1630 }
1631 /* if iocharset not set then load_nls_default
1632 * is used by caller
1633 */
1634 cifs_dbg(FYI, "iocharset set to %s\n", ctx->iocharset);
1635 break;
1636 case Opt_netbiosname:
1637 memset(ctx->source_rfc1001_name, 0x20,
1638 RFC1001_NAME_LEN);
1639 /*
1640 * FIXME: are there cases in which a comma can
1641 * be valid in workstation netbios name (and
1642 * need special handling)?
1643 */
1644 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1645 /* don't ucase netbiosname for user */
1646 if (param->string[i] == 0)
1647 break;
1648 ctx->source_rfc1001_name[i] = param->string[i];
1649 }
1650 /* The string has 16th byte zero still from
1651 * set at top of the function
1652 */
1653 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1654 pr_warn("netbiosname longer than 15 truncated\n");
1655 break;
1656 case Opt_servern:
1657 /* last byte, type, is 0x20 for servr type */
1658 memset(ctx->target_rfc1001_name, 0x20,
1659 RFC1001_NAME_LEN_WITH_NULL);
1660 /*
1661 * BB are there cases in which a comma can be valid in this
1662 * workstation netbios name (and need special handling)?
1663 */
1664
1665 /* user or mount helper must uppercase the netbios name */
1666 for (i = 0; i < 15; i++) {
1667 if (param->string[i] == 0)
1668 break;
1669 ctx->target_rfc1001_name[i] = param->string[i];
1670 }
1671
1672 /* The string has 16th byte zero still from set at top of function */
1673 if (i == RFC1001_NAME_LEN && param->string[i] != 0)
1674 pr_warn("server netbiosname longer than 15 truncated\n");
1675 break;
1676 case Opt_nbsessinit:
1677 ctx->rfc1001_sessinit = !result.negated;
1678 cifs_dbg(FYI, "rfc1001_sessinit set to %d\n", ctx->rfc1001_sessinit);
1679 break;
1680 case Opt_ver:
1681 /* version of mount userspace tools, not dialect */
1682 /* If interface changes in mount.cifs bump to new ver */
1683 if (strncasecmp(param->string, "1", 1) == 0) {
1684 if (strlen(param->string) > 1) {
1685 pr_warn("Bad mount helper ver=%s. Did you want SMB1 (CIFS) dialect and mean to type vers=1.0 instead?\n",
1686 param->string);
1687 goto cifs_parse_mount_err;
1688 }
1689 /* This is the default */
1690 break;
1691 }
1692 /* For all other value, error */
1693 pr_warn("Invalid mount helper version specified\n");
1694 goto cifs_parse_mount_err;
1695 case Opt_vers:
1696 /* protocol version (dialect) */
1697 if (cifs_parse_smb_version(fc, param->string, ctx, is_smb3) != 0)
1698 goto cifs_parse_mount_err;
1699 ctx->got_version = true;
1700 break;
1701 case Opt_sec:
1702 if (cifs_parse_security_flavors(fc, param->string, ctx) != 0)
1703 goto cifs_parse_mount_err;
1704 break;
1705 case Opt_upcalltarget:
1706 if (cifs_parse_upcall_target(fc, param->string, ctx) != 0)
1707 goto cifs_parse_mount_err;
1708 break;
1709 case Opt_cache:
1710 if (cifs_parse_cache_flavor(fc, param->string, ctx) != 0)
1711 goto cifs_parse_mount_err;
1712 break;
1713 case Opt_witness:
1714 #ifndef CONFIG_CIFS_SWN_UPCALL
1715 cifs_errorf(fc, "Witness support needs CONFIG_CIFS_SWN_UPCALL config option\n");
1716 goto cifs_parse_mount_err;
1717 #endif
1718 ctx->witness = true;
1719 pr_warn_once("Witness protocol support is experimental\n");
1720 break;
1721 case Opt_unicode:
1722 ctx->unicode = !result.negated;
1723 cifs_dbg(FYI, "unicode set to %d\n", ctx->unicode);
1724 break;
1725 case Opt_rootfs:
1726 #ifndef CONFIG_CIFS_ROOT
1727 cifs_dbg(VFS, "rootfs support requires CONFIG_CIFS_ROOT config option\n");
1728 goto cifs_parse_mount_err;
1729 #endif
1730 ctx->rootfs = true;
1731 break;
1732 case Opt_posixpaths:
1733 if (result.negated)
1734 ctx->posix_paths = 0;
1735 else
1736 ctx->posix_paths = 1;
1737 break;
1738 case Opt_unix:
1739 if (result.negated) {
1740 if (ctx->linux_ext == 1)
1741 pr_warn_once("conflicting posix mount options specified\n");
1742 ctx->linux_ext = 0;
1743 ctx->no_linux_ext = 1;
1744 } else {
1745 if (ctx->no_linux_ext == 1)
1746 pr_warn_once("conflicting posix mount options specified\n");
1747 ctx->linux_ext = 1;
1748 ctx->no_linux_ext = 0;
1749 ctx->nonativesocket = 1; /* POSIX mounts use NFS style reparse points */
1750 }
1751 break;
1752 case Opt_nocase:
1753 ctx->nocase = 1;
1754 break;
1755 case Opt_brl:
1756 if (result.negated) {
1757 /*
1758 * turn off mandatory locking in mode
1759 * if remote locking is turned off since the
1760 * local vfs will do advisory
1761 */
1762 if (ctx->file_mode ==
1763 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1764 ctx->file_mode = S_IALLUGO;
1765 ctx->nobrl = 1;
1766 } else
1767 ctx->nobrl = 0;
1768 break;
1769 case Opt_handlecache:
1770 if (result.negated)
1771 ctx->nohandlecache = 1;
1772 else
1773 ctx->nohandlecache = 0;
1774 break;
1775 case Opt_forcemandatorylock:
1776 ctx->mand_lock = 1;
1777 break;
1778 case Opt_setuids:
1779 ctx->setuids = result.negated;
1780 break;
1781 case Opt_intr:
1782 ctx->intr = !result.negated;
1783 break;
1784 case Opt_setuidfromacl:
1785 ctx->setuidfromacl = 1;
1786 break;
1787 case Opt_strictsync:
1788 ctx->nostrictsync = result.negated;
1789 break;
1790 case Opt_serverino:
1791 ctx->server_ino = !result.negated;
1792 break;
1793 case Opt_rwpidforward:
1794 ctx->rwpidforward = 1;
1795 break;
1796 case Opt_modesid:
1797 ctx->mode_ace = 1;
1798 break;
1799 case Opt_cifsacl:
1800 ctx->cifs_acl = !result.negated;
1801 break;
1802 case Opt_acl:
1803 ctx->no_psx_acl = result.negated;
1804 break;
1805 case Opt_locallease:
1806 ctx->local_lease = 1;
1807 break;
1808 case Opt_sign:
1809 ctx->sign = true;
1810 break;
1811 case Opt_ignore_signature:
1812 ctx->sign = true;
1813 ctx->ignore_signature = true;
1814 break;
1815 case Opt_seal:
1816 /* we do not do the following in secFlags because seal
1817 * is a per tree connection (mount) not a per socket
1818 * or per-smb connection option in the protocol
1819 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1820 */
1821 ctx->seal = 1;
1822 break;
1823 case Opt_noac:
1824 pr_warn("Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1825 break;
1826 case Opt_fsc:
1827 #ifndef CONFIG_CIFS_FSCACHE
1828 cifs_errorf(fc, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1829 goto cifs_parse_mount_err;
1830 #endif
1831 ctx->fsc = true;
1832 break;
1833 case Opt_mfsymlinks:
1834 ctx->mfsymlinks = true;
1835 break;
1836 case Opt_multiuser:
1837 ctx->multiuser = true;
1838 break;
1839 case Opt_sloppy:
1840 ctx->sloppy = true;
1841 break;
1842 case Opt_nosharesock:
1843 ctx->nosharesock = true;
1844 break;
1845 case Opt_persistent:
1846 if (result.negated) {
1847 ctx->nopersistent = true;
1848 if (ctx->persistent) {
1849 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1850 goto cifs_parse_mount_err;
1851 }
1852 } else {
1853 ctx->persistent = true;
1854 if ((ctx->nopersistent) || (ctx->resilient)) {
1855 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1856 goto cifs_parse_mount_err;
1857 }
1858 }
1859 break;
1860 case Opt_resilient:
1861 if (result.negated) {
1862 ctx->resilient = false; /* already the default */
1863 } else {
1864 ctx->resilient = true;
1865 if (ctx->persistent) {
1866 cifs_errorf(fc, "persistenthandles mount options conflict\n");
1867 goto cifs_parse_mount_err;
1868 }
1869 }
1870 break;
1871 case Opt_tcp_nodelay:
1872 /* tcp nodelay should not usually be needed since we CORK/UNCORK the socket */
1873 if (result.negated)
1874 ctx->sockopt_tcp_nodelay = false;
1875 else
1876 ctx->sockopt_tcp_nodelay = true;
1877 break;
1878 case Opt_domainauto:
1879 ctx->domainauto = true;
1880 break;
1881 case Opt_rdma:
1882 ctx->rdma = true;
1883 break;
1884 case Opt_reparse:
1885 if (parse_reparse_flavor(fc, param->string, ctx))
1886 goto cifs_parse_mount_err;
1887 break;
1888 case Opt_nativesocket:
1889 ctx->nonativesocket = result.negated;
1890 break;
1891 case Opt_symlink:
1892 if (parse_symlink_flavor(fc, param->string, ctx))
1893 goto cifs_parse_mount_err;
1894 break;
1895 case Opt_symlinkroot:
1896 if (param->string[0] != '/') {
1897 cifs_errorf(fc, "symlinkroot mount options must be absolute path\n");
1898 goto cifs_parse_mount_err;
1899 }
1900 if (strnlen(param->string, PATH_MAX) == PATH_MAX) {
1901 cifs_errorf(fc, "symlinkroot path too long (max path length: %u)\n",
1902 PATH_MAX - 1);
1903 goto cifs_parse_mount_err;
1904 }
1905 kfree(ctx->symlinkroot);
1906 ctx->symlinkroot = param->string;
1907 param->string = NULL;
1908 break;
1909 }
1910 /* case Opt_ignore: - is ignored as expected ... */
1911
1912 if (ctx->multiuser && ctx->upcall_target == UPTARGET_MOUNT) {
1913 cifs_errorf(fc, "multiuser mount option not supported with upcalltarget set as 'mount'\n");
1914 goto cifs_parse_mount_err;
1915 }
1916
1917 return 0;
1918
1919 cifs_parse_mount_err:
1920 kfree_sensitive(ctx->password);
1921 ctx->password = NULL;
1922 kfree_sensitive(ctx->password2);
1923 ctx->password2 = NULL;
1924 kfree(ctx->source);
1925 ctx->source = NULL;
1926 kfree(fc->source);
1927 fc->source = NULL;
1928 return -EINVAL;
1929 }
1930
smb3_init_fs_context(struct fs_context * fc)1931 int smb3_init_fs_context(struct fs_context *fc)
1932 {
1933 struct smb3_fs_context *ctx;
1934 char *nodename = utsname()->nodename;
1935 int i;
1936
1937 ctx = kzalloc_obj(struct smb3_fs_context);
1938 if (unlikely(!ctx))
1939 return -ENOMEM;
1940
1941 strscpy(ctx->workstation_name, nodename, sizeof(ctx->workstation_name));
1942
1943 /*
1944 * does not have to be perfect mapping since field is
1945 * informational, only used for servers that do not support
1946 * port 445 and it can be overridden at mount time
1947 */
1948 memset(ctx->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1949 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1950 ctx->source_rfc1001_name[i] = toupper(nodename[i]);
1951 ctx->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1952
1953 /*
1954 * null target name indicates to use *SMBSERVR default called name
1955 * if we end up sending RFC1001 session initialize
1956 */
1957 ctx->target_rfc1001_name[0] = 0;
1958
1959 ctx->rfc1001_sessinit = -1; /* autodetect based on port number */
1960
1961 ctx->cred_uid = current_uid();
1962 ctx->linux_uid = current_uid();
1963 ctx->linux_gid = current_gid();
1964 /* By default 4MB read ahead size, 1MB block size */
1965 ctx->bsize = CIFS_DEFAULT_IOSIZE; /* can improve cp performance significantly */
1966 ctx->rasize = 0; /* 0 = use default (ie negotiated rsize) for read ahead pages */
1967
1968 /*
1969 * default to SFM style remapping of seven reserved characters
1970 * unless user overrides it or we negotiate CIFS POSIX where
1971 * it is unnecessary. Can not simultaneously use more than one mapping
1972 * since then readdir could list files that open could not open
1973 */
1974 ctx->remap = true;
1975
1976 /* default to only allowing write access to owner of the mount */
1977 ctx->dir_mode = ctx->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1978
1979 /* ctx->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1980 /* default is always to request posix paths. */
1981 ctx->posix_paths = 1;
1982 /* default to using server inode numbers where available */
1983 ctx->server_ino = 1;
1984
1985 /* default is to use strict cifs caching semantics */
1986 ctx->strict_io = true;
1987
1988 ctx->acregmax = CIFS_DEF_ACTIMEO;
1989 ctx->acdirmax = CIFS_DEF_ACTIMEO;
1990 ctx->closetimeo = SMB3_DEF_DCLOSETIMEO;
1991 ctx->max_cached_dirs = MAX_CACHED_FIDS;
1992 /* Most clients set timeout to 0, allows server to use its default */
1993 ctx->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */
1994
1995 /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
1996 ctx->ops = &smb30_operations;
1997 ctx->vals = &smbdefault_values;
1998
1999 ctx->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
2000
2001 /* default to no multichannel (single server connection) */
2002 ctx->multichannel = false;
2003 ctx->multichannel_specified = false;
2004 ctx->max_channels_specified = false;
2005 ctx->max_channels = 1;
2006
2007 ctx->backupuid_specified = false; /* no backup intent for a user */
2008 ctx->backupgid_specified = false; /* no backup intent for a group */
2009
2010 ctx->retrans = 0;
2011 ctx->reparse_type = CIFS_REPARSE_TYPE_DEFAULT;
2012 ctx->symlink_type = CIFS_SYMLINK_TYPE_DEFAULT;
2013 ctx->nonativesocket = 0;
2014
2015 ctx->unicode = -1; /* autodetect, but prefer UNICODE mode */
2016
2017 /*
2018 * short int override_uid = -1;
2019 * short int override_gid = -1;
2020 * char *nodename = strdup(utsname()->nodename);
2021 * struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
2022 */
2023
2024 fc->fs_private = ctx;
2025 fc->ops = &smb3_fs_context_ops;
2026 return 0;
2027 }
2028
2029 void
smb3_cleanup_fs_context_contents(struct smb3_fs_context * ctx)2030 smb3_cleanup_fs_context_contents(struct smb3_fs_context *ctx)
2031 {
2032 if (ctx == NULL)
2033 return;
2034
2035 /*
2036 * Make sure this stays in sync with smb3_fs_context_dup()
2037 */
2038 kfree(ctx->username);
2039 ctx->username = NULL;
2040 kfree_sensitive(ctx->password);
2041 ctx->password = NULL;
2042 kfree_sensitive(ctx->password2);
2043 ctx->password2 = NULL;
2044 kfree(ctx->server_hostname);
2045 ctx->server_hostname = NULL;
2046 kfree(ctx->UNC);
2047 ctx->UNC = NULL;
2048 kfree(ctx->source);
2049 ctx->source = NULL;
2050 kfree(ctx->domainname);
2051 ctx->domainname = NULL;
2052 kfree(ctx->nodename);
2053 ctx->nodename = NULL;
2054 kfree(ctx->iocharset);
2055 ctx->iocharset = NULL;
2056 kfree(ctx->prepath);
2057 ctx->prepath = NULL;
2058 kfree(ctx->leaf_fullpath);
2059 ctx->leaf_fullpath = NULL;
2060 kfree(ctx->dns_dom);
2061 ctx->dns_dom = NULL;
2062 kfree(ctx->symlinkroot);
2063 ctx->symlinkroot = NULL;
2064 }
2065
2066 void
smb3_cleanup_fs_context(struct smb3_fs_context * ctx)2067 smb3_cleanup_fs_context(struct smb3_fs_context *ctx)
2068 {
2069 if (!ctx)
2070 return;
2071 smb3_cleanup_fs_context_contents(ctx);
2072 kfree(ctx);
2073 }
2074
smb3_update_mnt_flags(struct cifs_sb_info * cifs_sb)2075 unsigned int smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb)
2076 {
2077 unsigned int sbflags = cifs_sb_flags(cifs_sb);
2078 struct smb3_fs_context *ctx = cifs_sb->ctx;
2079
2080 if (ctx->nodfs)
2081 sbflags |= CIFS_MOUNT_NO_DFS;
2082 else
2083 sbflags &= ~CIFS_MOUNT_NO_DFS;
2084
2085 if (ctx->noperm)
2086 sbflags |= CIFS_MOUNT_NO_PERM;
2087 else
2088 sbflags &= ~CIFS_MOUNT_NO_PERM;
2089
2090 if (ctx->setuids)
2091 sbflags |= CIFS_MOUNT_SET_UID;
2092 else
2093 sbflags &= ~CIFS_MOUNT_SET_UID;
2094
2095 if (ctx->setuidfromacl)
2096 sbflags |= CIFS_MOUNT_UID_FROM_ACL;
2097 else
2098 sbflags &= ~CIFS_MOUNT_UID_FROM_ACL;
2099
2100 if (ctx->server_ino)
2101 sbflags |= CIFS_MOUNT_SERVER_INUM;
2102 else
2103 sbflags &= ~CIFS_MOUNT_SERVER_INUM;
2104
2105 if (ctx->remap)
2106 sbflags |= CIFS_MOUNT_MAP_SFM_CHR;
2107 else
2108 sbflags &= ~CIFS_MOUNT_MAP_SFM_CHR;
2109
2110 if (ctx->sfu_remap)
2111 sbflags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2112 else
2113 sbflags &= ~CIFS_MOUNT_MAP_SPECIAL_CHR;
2114
2115 if (ctx->no_xattr)
2116 sbflags |= CIFS_MOUNT_NO_XATTR;
2117 else
2118 sbflags &= ~CIFS_MOUNT_NO_XATTR;
2119
2120 if (ctx->sfu_emul)
2121 sbflags |= CIFS_MOUNT_UNX_EMUL;
2122 else
2123 sbflags &= ~CIFS_MOUNT_UNX_EMUL;
2124
2125 if (ctx->nobrl)
2126 sbflags |= CIFS_MOUNT_NO_BRL;
2127 else
2128 sbflags &= ~CIFS_MOUNT_NO_BRL;
2129
2130 if (ctx->nohandlecache)
2131 sbflags |= CIFS_MOUNT_NO_HANDLE_CACHE;
2132 else
2133 sbflags &= ~CIFS_MOUNT_NO_HANDLE_CACHE;
2134
2135 if (ctx->nostrictsync)
2136 sbflags |= CIFS_MOUNT_NOSSYNC;
2137 else
2138 sbflags &= ~CIFS_MOUNT_NOSSYNC;
2139
2140 if (ctx->mand_lock)
2141 sbflags |= CIFS_MOUNT_NOPOSIXBRL;
2142 else
2143 sbflags &= ~CIFS_MOUNT_NOPOSIXBRL;
2144
2145 if (ctx->rwpidforward)
2146 sbflags |= CIFS_MOUNT_RWPIDFORWARD;
2147 else
2148 sbflags &= ~CIFS_MOUNT_RWPIDFORWARD;
2149
2150 if (ctx->mode_ace)
2151 sbflags |= CIFS_MOUNT_MODE_FROM_SID;
2152 else
2153 sbflags &= ~CIFS_MOUNT_MODE_FROM_SID;
2154
2155 if (ctx->cifs_acl)
2156 sbflags |= CIFS_MOUNT_CIFS_ACL;
2157 else
2158 sbflags &= ~CIFS_MOUNT_CIFS_ACL;
2159
2160 if (ctx->backupuid_specified)
2161 sbflags |= CIFS_MOUNT_CIFS_BACKUPUID;
2162 else
2163 sbflags &= ~CIFS_MOUNT_CIFS_BACKUPUID;
2164
2165 if (ctx->backupgid_specified)
2166 sbflags |= CIFS_MOUNT_CIFS_BACKUPGID;
2167 else
2168 sbflags &= ~CIFS_MOUNT_CIFS_BACKUPGID;
2169
2170 if (ctx->override_uid)
2171 sbflags |= CIFS_MOUNT_OVERR_UID;
2172 else
2173 sbflags &= ~CIFS_MOUNT_OVERR_UID;
2174
2175 if (ctx->override_gid)
2176 sbflags |= CIFS_MOUNT_OVERR_GID;
2177 else
2178 sbflags &= ~CIFS_MOUNT_OVERR_GID;
2179
2180 if (ctx->dynperm)
2181 sbflags |= CIFS_MOUNT_DYNPERM;
2182 else
2183 sbflags &= ~CIFS_MOUNT_DYNPERM;
2184
2185 if (ctx->fsc)
2186 sbflags |= CIFS_MOUNT_FSCACHE;
2187 else
2188 sbflags &= ~CIFS_MOUNT_FSCACHE;
2189
2190 if (ctx->multiuser)
2191 sbflags |= CIFS_MOUNT_MULTIUSER | CIFS_MOUNT_NO_PERM;
2192 else
2193 sbflags &= ~CIFS_MOUNT_MULTIUSER;
2194
2195
2196 if (ctx->strict_io)
2197 sbflags |= CIFS_MOUNT_STRICT_IO;
2198 else
2199 sbflags &= ~CIFS_MOUNT_STRICT_IO;
2200
2201 if (ctx->direct_io)
2202 sbflags |= CIFS_MOUNT_DIRECT_IO;
2203 else
2204 sbflags &= ~CIFS_MOUNT_DIRECT_IO;
2205
2206 if (ctx->mfsymlinks)
2207 sbflags |= CIFS_MOUNT_MF_SYMLINKS;
2208 else
2209 sbflags &= ~CIFS_MOUNT_MF_SYMLINKS;
2210
2211 if (ctx->mfsymlinks && ctx->sfu_emul) {
2212 /*
2213 * Our SFU ("Services for Unix") emulation allows now
2214 * creating new and reading existing SFU symlinks.
2215 * Older Linux kernel versions were not able to neither
2216 * read existing nor create new SFU symlinks. But
2217 * creating and reading SFU style mknod and FIFOs was
2218 * supported for long time. When "mfsymlinks" and
2219 * "sfu" are both enabled at the same time, it allows
2220 * reading both types of symlinks, but will only create
2221 * them with mfsymlinks format. This allows better
2222 * Apple compatibility, compatibility with older Linux
2223 * kernel clients (probably better for Samba too)
2224 * while still recognizing old Windows style symlinks.
2225 */
2226 cifs_dbg(VFS, "mount options mfsymlinks and sfu both enabled\n");
2227 }
2228 sbflags &= ~CIFS_MOUNT_SHUTDOWN;
2229 atomic_set(&cifs_sb->mnt_cifs_flags, sbflags);
2230 return sbflags;
2231 }
2232