1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * linux/fs/nfs/fs_context.c 4 * 5 * Copyright (C) 1992 Rick Sladkey 6 * Conversion to new mount api Copyright (C) David Howells 7 * 8 * NFS mount handling. 9 * 10 * Split from fs/nfs/super.c by David Howells <dhowells@redhat.com> 11 */ 12 13 #include <linux/compat.h> 14 #include <linux/module.h> 15 #include <linux/fs.h> 16 #include <linux/fs_context.h> 17 #include <linux/fs_parser.h> 18 #include <linux/nfs_fs.h> 19 #include <linux/nfs_mount.h> 20 #include <linux/nfs4_mount.h> 21 22 #include <net/handshake.h> 23 24 #include "nfs.h" 25 #include "internal.h" 26 27 #include "nfstrace.h" 28 29 #define NFSDBG_FACILITY NFSDBG_MOUNT 30 31 #if IS_ENABLED(CONFIG_NFS_V3) 32 #define NFS_DEFAULT_VERSION 3 33 #else 34 #define NFS_DEFAULT_VERSION 2 35 #endif 36 37 #define NFS_MAX_CONNECTIONS 16 38 39 enum nfs_param { 40 Opt_ac, 41 Opt_acdirmax, 42 Opt_acdirmin, 43 Opt_acl, 44 Opt_acregmax, 45 Opt_acregmin, 46 Opt_actimeo, 47 Opt_addr, 48 Opt_bg, 49 Opt_bsize, 50 Opt_clientaddr, 51 Opt_cto, 52 Opt_alignwrite, 53 Opt_fatal_neterrors, 54 Opt_fg, 55 Opt_fscache, 56 Opt_fscache_flag, 57 Opt_hard, 58 Opt_intr, 59 Opt_local_lock, 60 Opt_lock, 61 Opt_lookupcache, 62 Opt_migration, 63 Opt_minorversion, 64 Opt_mountaddr, 65 Opt_mounthost, 66 Opt_mountport, 67 Opt_mountproto, 68 Opt_mountvers, 69 Opt_namelen, 70 Opt_nconnect, 71 Opt_max_connect, 72 Opt_port, 73 Opt_posix, 74 Opt_proto, 75 Opt_rdirplus, 76 Opt_rdirplus_none, 77 Opt_rdirplus_force, 78 Opt_rdma, 79 Opt_resvport, 80 Opt_retrans, 81 Opt_retry, 82 Opt_rsize, 83 Opt_sec, 84 Opt_sharecache, 85 Opt_sloppy, 86 Opt_soft, 87 Opt_softerr, 88 Opt_softreval, 89 Opt_source, 90 Opt_tcp, 91 Opt_timeo, 92 Opt_trunkdiscovery, 93 Opt_udp, 94 Opt_v, 95 Opt_vers, 96 Opt_wsize, 97 Opt_write, 98 Opt_xprtsec, 99 }; 100 101 enum { 102 Opt_fatal_neterrors_default, 103 Opt_fatal_neterrors_enetunreach, 104 Opt_fatal_neterrors_none, 105 }; 106 107 static const struct constant_table nfs_param_enums_fatal_neterrors[] = { 108 { "default", Opt_fatal_neterrors_default }, 109 { "ENETDOWN:ENETUNREACH", Opt_fatal_neterrors_enetunreach }, 110 { "ENETUNREACH:ENETDOWN", Opt_fatal_neterrors_enetunreach }, 111 { "none", Opt_fatal_neterrors_none }, 112 {} 113 }; 114 115 enum { 116 Opt_local_lock_all, 117 Opt_local_lock_flock, 118 Opt_local_lock_none, 119 Opt_local_lock_posix, 120 }; 121 122 static const struct constant_table nfs_param_enums_local_lock[] = { 123 { "all", Opt_local_lock_all }, 124 { "flock", Opt_local_lock_flock }, 125 { "posix", Opt_local_lock_posix }, 126 { "none", Opt_local_lock_none }, 127 {} 128 }; 129 130 enum { 131 Opt_lookupcache_all, 132 Opt_lookupcache_none, 133 Opt_lookupcache_positive, 134 }; 135 136 static const struct constant_table nfs_param_enums_lookupcache[] = { 137 { "all", Opt_lookupcache_all }, 138 { "none", Opt_lookupcache_none }, 139 { "pos", Opt_lookupcache_positive }, 140 { "positive", Opt_lookupcache_positive }, 141 {} 142 }; 143 144 enum { 145 Opt_write_lazy, 146 Opt_write_eager, 147 Opt_write_wait, 148 }; 149 150 static const struct constant_table nfs_param_enums_write[] = { 151 { "lazy", Opt_write_lazy }, 152 { "eager", Opt_write_eager }, 153 { "wait", Opt_write_wait }, 154 {} 155 }; 156 157 static const struct fs_parameter_spec nfs_fs_parameters[] = { 158 fsparam_flag_no("ac", Opt_ac), 159 fsparam_u32 ("acdirmax", Opt_acdirmax), 160 fsparam_u32 ("acdirmin", Opt_acdirmin), 161 fsparam_flag_no("acl", Opt_acl), 162 fsparam_u32 ("acregmax", Opt_acregmax), 163 fsparam_u32 ("acregmin", Opt_acregmin), 164 fsparam_u32 ("actimeo", Opt_actimeo), 165 fsparam_string("addr", Opt_addr), 166 fsparam_flag ("bg", Opt_bg), 167 fsparam_u32 ("bsize", Opt_bsize), 168 fsparam_string("clientaddr", Opt_clientaddr), 169 fsparam_flag_no("cto", Opt_cto), 170 fsparam_flag_no("alignwrite", Opt_alignwrite), 171 fsparam_enum("fatal_neterrors", Opt_fatal_neterrors, 172 nfs_param_enums_fatal_neterrors), 173 fsparam_flag ("fg", Opt_fg), 174 fsparam_flag_no("fsc", Opt_fscache_flag), 175 fsparam_string("fsc", Opt_fscache), 176 fsparam_flag ("hard", Opt_hard), 177 __fsparam(NULL, "intr", Opt_intr, 178 fs_param_neg_with_no|fs_param_deprecated, NULL), 179 fsparam_enum ("local_lock", Opt_local_lock, nfs_param_enums_local_lock), 180 fsparam_flag_no("lock", Opt_lock), 181 fsparam_enum ("lookupcache", Opt_lookupcache, nfs_param_enums_lookupcache), 182 fsparam_flag_no("migration", Opt_migration), 183 fsparam_u32 ("minorversion", Opt_minorversion), 184 fsparam_string("mountaddr", Opt_mountaddr), 185 fsparam_string("mounthost", Opt_mounthost), 186 fsparam_u32 ("mountport", Opt_mountport), 187 fsparam_string("mountproto", Opt_mountproto), 188 fsparam_u32 ("mountvers", Opt_mountvers), 189 fsparam_u32 ("namlen", Opt_namelen), 190 fsparam_u32 ("nconnect", Opt_nconnect), 191 fsparam_u32 ("max_connect", Opt_max_connect), 192 fsparam_string("nfsvers", Opt_vers), 193 fsparam_u32 ("port", Opt_port), 194 fsparam_flag_no("posix", Opt_posix), 195 fsparam_string("proto", Opt_proto), 196 fsparam_flag_no("rdirplus", Opt_rdirplus), // rdirplus|nordirplus 197 fsparam_string("rdirplus", Opt_rdirplus), // rdirplus=... 198 fsparam_flag ("rdma", Opt_rdma), 199 fsparam_flag_no("resvport", Opt_resvport), 200 fsparam_u32 ("retrans", Opt_retrans), 201 fsparam_string("retry", Opt_retry), 202 fsparam_u32 ("rsize", Opt_rsize), 203 fsparam_string("sec", Opt_sec), 204 fsparam_flag_no("sharecache", Opt_sharecache), 205 fsparam_flag ("sloppy", Opt_sloppy), 206 fsparam_flag ("soft", Opt_soft), 207 fsparam_flag ("softerr", Opt_softerr), 208 fsparam_flag ("softreval", Opt_softreval), 209 fsparam_string("source", Opt_source), 210 fsparam_flag ("tcp", Opt_tcp), 211 fsparam_u32 ("timeo", Opt_timeo), 212 fsparam_flag_no("trunkdiscovery", Opt_trunkdiscovery), 213 fsparam_flag ("udp", Opt_udp), 214 fsparam_flag ("v2", Opt_v), 215 fsparam_flag ("v3", Opt_v), 216 fsparam_flag ("v4", Opt_v), 217 fsparam_flag ("v4.0", Opt_v), 218 fsparam_flag ("v4.1", Opt_v), 219 fsparam_flag ("v4.2", Opt_v), 220 fsparam_string("vers", Opt_vers), 221 fsparam_enum ("write", Opt_write, nfs_param_enums_write), 222 fsparam_u32 ("wsize", Opt_wsize), 223 fsparam_string("xprtsec", Opt_xprtsec), 224 {} 225 }; 226 227 enum { 228 Opt_vers_2, 229 Opt_vers_3, 230 Opt_vers_4, 231 Opt_vers_4_0, 232 Opt_vers_4_1, 233 Opt_vers_4_2, 234 }; 235 236 static const struct constant_table nfs_vers_tokens[] = { 237 { "2", Opt_vers_2 }, 238 { "3", Opt_vers_3 }, 239 { "4", Opt_vers_4 }, 240 { "4.0", Opt_vers_4_0 }, 241 { "4.1", Opt_vers_4_1 }, 242 { "4.2", Opt_vers_4_2 }, 243 {} 244 }; 245 246 enum { 247 Opt_xprt_rdma, 248 Opt_xprt_rdma6, 249 Opt_xprt_tcp, 250 Opt_xprt_tcp6, 251 Opt_xprt_udp, 252 Opt_xprt_udp6, 253 nr__Opt_xprt 254 }; 255 256 static const struct constant_table nfs_xprt_protocol_tokens[] = { 257 { "rdma", Opt_xprt_rdma }, 258 { "rdma6", Opt_xprt_rdma6 }, 259 { "tcp", Opt_xprt_tcp }, 260 { "tcp6", Opt_xprt_tcp6 }, 261 { "udp", Opt_xprt_udp }, 262 { "udp6", Opt_xprt_udp6 }, 263 {} 264 }; 265 266 enum { 267 Opt_sec_krb5, 268 Opt_sec_krb5i, 269 Opt_sec_krb5p, 270 Opt_sec_lkey, 271 Opt_sec_lkeyi, 272 Opt_sec_lkeyp, 273 Opt_sec_none, 274 Opt_sec_spkm, 275 Opt_sec_spkmi, 276 Opt_sec_spkmp, 277 Opt_sec_sys, 278 nr__Opt_sec 279 }; 280 281 static const struct constant_table nfs_secflavor_tokens[] = { 282 { "krb5", Opt_sec_krb5 }, 283 { "krb5i", Opt_sec_krb5i }, 284 { "krb5p", Opt_sec_krb5p }, 285 { "lkey", Opt_sec_lkey }, 286 { "lkeyi", Opt_sec_lkeyi }, 287 { "lkeyp", Opt_sec_lkeyp }, 288 { "none", Opt_sec_none }, 289 { "null", Opt_sec_none }, 290 { "spkm3", Opt_sec_spkm }, 291 { "spkm3i", Opt_sec_spkmi }, 292 { "spkm3p", Opt_sec_spkmp }, 293 { "sys", Opt_sec_sys }, 294 {} 295 }; 296 297 enum { 298 Opt_xprtsec_none, 299 Opt_xprtsec_tls, 300 Opt_xprtsec_mtls, 301 nr__Opt_xprtsec 302 }; 303 304 static const struct constant_table nfs_xprtsec_policies[] = { 305 { "none", Opt_xprtsec_none }, 306 { "tls", Opt_xprtsec_tls }, 307 { "mtls", Opt_xprtsec_mtls }, 308 {} 309 }; 310 311 static const struct constant_table nfs_rdirplus_tokens[] = { 312 { "none", Opt_rdirplus_none }, 313 { "force", Opt_rdirplus_force }, 314 {} 315 }; 316 317 /* 318 * Sanity-check a server address provided by the mount command. 319 * 320 * Address family must be initialized, and address must not be 321 * the ANY address for that family. 322 */ 323 static int nfs_verify_server_address(struct sockaddr_storage *addr) 324 { 325 switch (addr->ss_family) { 326 case AF_INET: { 327 struct sockaddr_in *sa = (struct sockaddr_in *)addr; 328 return sa->sin_addr.s_addr != htonl(INADDR_ANY); 329 } 330 case AF_INET6: { 331 struct in6_addr *sa = &((struct sockaddr_in6 *)addr)->sin6_addr; 332 return !ipv6_addr_any(sa); 333 } 334 } 335 336 return 0; 337 } 338 339 #ifdef CONFIG_NFS_DISABLE_UDP_SUPPORT 340 static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx) 341 { 342 return true; 343 } 344 #else 345 static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx) 346 { 347 if (ctx->version == 4) 348 return true; 349 return false; 350 } 351 #endif 352 353 /* 354 * Sanity check the NFS transport protocol. 355 */ 356 static int nfs_validate_transport_protocol(struct fs_context *fc, 357 struct nfs_fs_context *ctx) 358 { 359 switch (ctx->nfs_server.protocol) { 360 case XPRT_TRANSPORT_UDP: 361 if (nfs_server_transport_udp_invalid(ctx)) 362 goto out_invalid_transport_udp; 363 break; 364 case XPRT_TRANSPORT_TCP: 365 case XPRT_TRANSPORT_RDMA: 366 break; 367 default: 368 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP; 369 } 370 371 if (ctx->xprtsec.policy != RPC_XPRTSEC_NONE) 372 switch (ctx->nfs_server.protocol) { 373 case XPRT_TRANSPORT_TCP: 374 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP_TLS; 375 break; 376 default: 377 goto out_invalid_xprtsec_policy; 378 } 379 380 return 0; 381 out_invalid_transport_udp: 382 return nfs_invalf(fc, "NFS: Unsupported transport protocol udp"); 383 out_invalid_xprtsec_policy: 384 return nfs_invalf(fc, "NFS: Transport does not support xprtsec"); 385 } 386 387 /* 388 * For text based NFSv2/v3 mounts, the mount protocol transport default 389 * settings should depend upon the specified NFS transport. 390 */ 391 static void nfs_set_mount_transport_protocol(struct nfs_fs_context *ctx) 392 { 393 if (ctx->mount_server.protocol == XPRT_TRANSPORT_UDP || 394 ctx->mount_server.protocol == XPRT_TRANSPORT_TCP) 395 return; 396 switch (ctx->nfs_server.protocol) { 397 case XPRT_TRANSPORT_UDP: 398 ctx->mount_server.protocol = XPRT_TRANSPORT_UDP; 399 break; 400 case XPRT_TRANSPORT_TCP: 401 case XPRT_TRANSPORT_RDMA: 402 ctx->mount_server.protocol = XPRT_TRANSPORT_TCP; 403 } 404 } 405 406 /* 407 * Add 'flavor' to 'auth_info' if not already present. 408 * Returns true if 'flavor' ends up in the list, false otherwise 409 */ 410 static int nfs_auth_info_add(struct fs_context *fc, 411 struct nfs_auth_info *auth_info, 412 rpc_authflavor_t flavor) 413 { 414 unsigned int i; 415 unsigned int max_flavor_len = ARRAY_SIZE(auth_info->flavors); 416 417 /* make sure this flavor isn't already in the list */ 418 for (i = 0; i < auth_info->flavor_len; i++) { 419 if (flavor == auth_info->flavors[i]) 420 return 0; 421 } 422 423 if (auth_info->flavor_len + 1 >= max_flavor_len) 424 return nfs_invalf(fc, "NFS: too many sec= flavors"); 425 426 auth_info->flavors[auth_info->flavor_len++] = flavor; 427 return 0; 428 } 429 430 /* 431 * Parse the value of the 'sec=' option. 432 */ 433 static int nfs_parse_security_flavors(struct fs_context *fc, 434 struct fs_parameter *param) 435 { 436 struct nfs_fs_context *ctx = nfs_fc2context(fc); 437 rpc_authflavor_t pseudoflavor; 438 char *string = param->string, *p; 439 int ret; 440 441 trace_nfs_mount_assign(param->key, string); 442 443 while ((p = strsep(&string, ":")) != NULL) { 444 if (!*p) 445 continue; 446 switch (lookup_constant(nfs_secflavor_tokens, p, -1)) { 447 case Opt_sec_none: 448 pseudoflavor = RPC_AUTH_NULL; 449 break; 450 case Opt_sec_sys: 451 pseudoflavor = RPC_AUTH_UNIX; 452 break; 453 case Opt_sec_krb5: 454 pseudoflavor = RPC_AUTH_GSS_KRB5; 455 break; 456 case Opt_sec_krb5i: 457 pseudoflavor = RPC_AUTH_GSS_KRB5I; 458 break; 459 case Opt_sec_krb5p: 460 pseudoflavor = RPC_AUTH_GSS_KRB5P; 461 break; 462 case Opt_sec_lkey: 463 pseudoflavor = RPC_AUTH_GSS_LKEY; 464 break; 465 case Opt_sec_lkeyi: 466 pseudoflavor = RPC_AUTH_GSS_LKEYI; 467 break; 468 case Opt_sec_lkeyp: 469 pseudoflavor = RPC_AUTH_GSS_LKEYP; 470 break; 471 case Opt_sec_spkm: 472 pseudoflavor = RPC_AUTH_GSS_SPKM; 473 break; 474 case Opt_sec_spkmi: 475 pseudoflavor = RPC_AUTH_GSS_SPKMI; 476 break; 477 case Opt_sec_spkmp: 478 pseudoflavor = RPC_AUTH_GSS_SPKMP; 479 break; 480 default: 481 return nfs_invalf(fc, "NFS: sec=%s option not recognized", p); 482 } 483 484 ret = nfs_auth_info_add(fc, &ctx->auth_info, pseudoflavor); 485 if (ret < 0) 486 return ret; 487 } 488 489 return 0; 490 } 491 492 static int nfs_parse_xprtsec_policy(struct fs_context *fc, 493 struct fs_parameter *param) 494 { 495 struct nfs_fs_context *ctx = nfs_fc2context(fc); 496 497 trace_nfs_mount_assign(param->key, param->string); 498 499 switch (lookup_constant(nfs_xprtsec_policies, param->string, -1)) { 500 case Opt_xprtsec_none: 501 ctx->xprtsec.policy = RPC_XPRTSEC_NONE; 502 break; 503 case Opt_xprtsec_tls: 504 ctx->xprtsec.policy = RPC_XPRTSEC_TLS_ANON; 505 break; 506 case Opt_xprtsec_mtls: 507 ctx->xprtsec.policy = RPC_XPRTSEC_TLS_X509; 508 break; 509 default: 510 return nfs_invalf(fc, "NFS: Unrecognized transport security policy"); 511 } 512 return 0; 513 } 514 515 static int nfs_parse_version_string(struct fs_context *fc, 516 const char *string) 517 { 518 struct nfs_fs_context *ctx = nfs_fc2context(fc); 519 520 ctx->flags &= ~NFS_MOUNT_VER3; 521 switch (lookup_constant(nfs_vers_tokens, string, -1)) { 522 case Opt_vers_2: 523 ctx->version = 2; 524 break; 525 case Opt_vers_3: 526 ctx->flags |= NFS_MOUNT_VER3; 527 ctx->version = 3; 528 break; 529 case Opt_vers_4: 530 /* Backward compatibility option. In future, 531 * the mount program should always supply 532 * a NFSv4 minor version number. 533 */ 534 ctx->version = 4; 535 break; 536 case Opt_vers_4_0: 537 ctx->version = 4; 538 ctx->minorversion = 0; 539 break; 540 case Opt_vers_4_1: 541 ctx->version = 4; 542 ctx->minorversion = 1; 543 break; 544 case Opt_vers_4_2: 545 ctx->version = 4; 546 ctx->minorversion = 2; 547 break; 548 default: 549 return nfs_invalf(fc, "NFS: Unsupported NFS version"); 550 } 551 return 0; 552 } 553 554 /* 555 * Parse a single mount parameter. 556 */ 557 static int nfs_fs_context_parse_param(struct fs_context *fc, 558 struct fs_parameter *param) 559 { 560 struct fs_parse_result result; 561 struct nfs_fs_context *ctx = nfs_fc2context(fc); 562 unsigned short protofamily, mountfamily; 563 unsigned int len; 564 int ret, opt; 565 566 trace_nfs_mount_option(param); 567 568 opt = fs_parse(fc, nfs_fs_parameters, param, &result); 569 if (opt < 0) 570 return (opt == -ENOPARAM && ctx->sloppy) ? 1 : opt; 571 572 if (fc->security) 573 ctx->has_sec_mnt_opts = 1; 574 575 switch (opt) { 576 case Opt_source: 577 if (fc->source) 578 return nfs_invalf(fc, "NFS: Multiple sources not supported"); 579 fc->source = param->string; 580 param->string = NULL; 581 break; 582 583 /* 584 * boolean options: foo/nofoo 585 */ 586 case Opt_soft: 587 ctx->flags |= NFS_MOUNT_SOFT; 588 ctx->flags &= ~NFS_MOUNT_SOFTERR; 589 break; 590 case Opt_softerr: 591 ctx->flags |= NFS_MOUNT_SOFTERR | NFS_MOUNT_SOFTREVAL; 592 ctx->flags &= ~NFS_MOUNT_SOFT; 593 break; 594 case Opt_hard: 595 ctx->flags &= ~(NFS_MOUNT_SOFT | 596 NFS_MOUNT_SOFTERR | 597 NFS_MOUNT_SOFTREVAL); 598 break; 599 case Opt_softreval: 600 if (result.negated) 601 ctx->flags &= ~NFS_MOUNT_SOFTREVAL; 602 else 603 ctx->flags |= NFS_MOUNT_SOFTREVAL; 604 break; 605 case Opt_posix: 606 if (result.negated) 607 ctx->flags &= ~NFS_MOUNT_POSIX; 608 else 609 ctx->flags |= NFS_MOUNT_POSIX; 610 break; 611 case Opt_cto: 612 if (result.negated) 613 ctx->flags |= NFS_MOUNT_NOCTO; 614 else 615 ctx->flags &= ~NFS_MOUNT_NOCTO; 616 break; 617 case Opt_trunkdiscovery: 618 if (result.negated) 619 ctx->flags &= ~NFS_MOUNT_TRUNK_DISCOVERY; 620 else 621 ctx->flags |= NFS_MOUNT_TRUNK_DISCOVERY; 622 break; 623 case Opt_alignwrite: 624 if (result.negated) 625 ctx->flags |= NFS_MOUNT_NO_ALIGNWRITE; 626 else 627 ctx->flags &= ~NFS_MOUNT_NO_ALIGNWRITE; 628 break; 629 case Opt_ac: 630 if (result.negated) 631 ctx->flags |= NFS_MOUNT_NOAC; 632 else 633 ctx->flags &= ~NFS_MOUNT_NOAC; 634 break; 635 case Opt_lock: 636 if (result.negated) { 637 ctx->lock_status = NFS_LOCK_NOLOCK; 638 ctx->flags |= NFS_MOUNT_NONLM; 639 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL); 640 } else { 641 ctx->lock_status = NFS_LOCK_LOCK; 642 ctx->flags &= ~NFS_MOUNT_NONLM; 643 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL); 644 } 645 break; 646 case Opt_udp: 647 ctx->flags &= ~NFS_MOUNT_TCP; 648 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP; 649 break; 650 case Opt_tcp: 651 case Opt_rdma: 652 ctx->flags |= NFS_MOUNT_TCP; /* for side protocols */ 653 ret = xprt_find_transport_ident(param->key); 654 if (ret < 0) 655 goto out_bad_transport; 656 ctx->nfs_server.protocol = ret; 657 break; 658 case Opt_acl: 659 if (result.negated) 660 ctx->flags |= NFS_MOUNT_NOACL; 661 else 662 ctx->flags &= ~NFS_MOUNT_NOACL; 663 break; 664 case Opt_rdirplus: 665 if (result.negated) { 666 ctx->flags &= ~NFS_MOUNT_FORCE_RDIRPLUS; 667 ctx->flags |= NFS_MOUNT_NORDIRPLUS; 668 } else if (!param->string) { 669 ctx->flags &= ~(NFS_MOUNT_NORDIRPLUS | NFS_MOUNT_FORCE_RDIRPLUS); 670 } else { 671 switch (lookup_constant(nfs_rdirplus_tokens, param->string, -1)) { 672 case Opt_rdirplus_none: 673 ctx->flags &= ~NFS_MOUNT_FORCE_RDIRPLUS; 674 ctx->flags |= NFS_MOUNT_NORDIRPLUS; 675 break; 676 case Opt_rdirplus_force: 677 ctx->flags &= ~NFS_MOUNT_NORDIRPLUS; 678 ctx->flags |= NFS_MOUNT_FORCE_RDIRPLUS; 679 break; 680 default: 681 goto out_invalid_value; 682 } 683 } 684 break; 685 case Opt_sharecache: 686 if (result.negated) 687 ctx->flags |= NFS_MOUNT_UNSHARED; 688 else 689 ctx->flags &= ~NFS_MOUNT_UNSHARED; 690 break; 691 case Opt_resvport: 692 if (result.negated) 693 ctx->flags |= NFS_MOUNT_NORESVPORT; 694 else 695 ctx->flags &= ~NFS_MOUNT_NORESVPORT; 696 break; 697 case Opt_fscache_flag: 698 if (result.negated) 699 ctx->options &= ~NFS_OPTION_FSCACHE; 700 else 701 ctx->options |= NFS_OPTION_FSCACHE; 702 kfree(ctx->fscache_uniq); 703 ctx->fscache_uniq = NULL; 704 break; 705 case Opt_fscache: 706 trace_nfs_mount_assign(param->key, param->string); 707 ctx->options |= NFS_OPTION_FSCACHE; 708 kfree(ctx->fscache_uniq); 709 ctx->fscache_uniq = param->string; 710 param->string = NULL; 711 break; 712 case Opt_migration: 713 if (result.negated) 714 ctx->options &= ~NFS_OPTION_MIGRATION; 715 else 716 ctx->options |= NFS_OPTION_MIGRATION; 717 break; 718 719 /* 720 * options that take numeric values 721 */ 722 case Opt_port: 723 if (result.uint_32 > USHRT_MAX) 724 goto out_of_bounds; 725 ctx->nfs_server.port = result.uint_32; 726 break; 727 case Opt_rsize: 728 ctx->rsize = result.uint_32; 729 break; 730 case Opt_wsize: 731 ctx->wsize = result.uint_32; 732 break; 733 case Opt_bsize: 734 ctx->bsize = result.uint_32; 735 break; 736 case Opt_timeo: 737 if (result.uint_32 < 1 || result.uint_32 > INT_MAX) 738 goto out_of_bounds; 739 ctx->timeo = result.uint_32; 740 break; 741 case Opt_retrans: 742 if (result.uint_32 > INT_MAX) 743 goto out_of_bounds; 744 ctx->retrans = result.uint_32; 745 break; 746 case Opt_acregmin: 747 ctx->acregmin = result.uint_32; 748 break; 749 case Opt_acregmax: 750 ctx->acregmax = result.uint_32; 751 break; 752 case Opt_acdirmin: 753 ctx->acdirmin = result.uint_32; 754 break; 755 case Opt_acdirmax: 756 ctx->acdirmax = result.uint_32; 757 break; 758 case Opt_actimeo: 759 ctx->acregmin = result.uint_32; 760 ctx->acregmax = result.uint_32; 761 ctx->acdirmin = result.uint_32; 762 ctx->acdirmax = result.uint_32; 763 break; 764 case Opt_namelen: 765 ctx->namlen = result.uint_32; 766 break; 767 case Opt_mountport: 768 if (result.uint_32 > USHRT_MAX) 769 goto out_of_bounds; 770 ctx->mount_server.port = result.uint_32; 771 break; 772 case Opt_mountvers: 773 if (result.uint_32 < NFS_MNT_VERSION || 774 result.uint_32 > NFS_MNT3_VERSION) 775 goto out_of_bounds; 776 ctx->mount_server.version = result.uint_32; 777 break; 778 case Opt_minorversion: 779 if (result.uint_32 > NFS4_MAX_MINOR_VERSION) 780 goto out_of_bounds; 781 ctx->minorversion = result.uint_32; 782 break; 783 784 /* 785 * options that take text values 786 */ 787 case Opt_v: 788 ret = nfs_parse_version_string(fc, param->key + 1); 789 if (ret < 0) 790 return ret; 791 break; 792 case Opt_vers: 793 if (!param->string) 794 goto out_invalid_value; 795 trace_nfs_mount_assign(param->key, param->string); 796 ret = nfs_parse_version_string(fc, param->string); 797 if (ret < 0) 798 return ret; 799 break; 800 case Opt_sec: 801 ret = nfs_parse_security_flavors(fc, param); 802 if (ret < 0) 803 return ret; 804 break; 805 case Opt_xprtsec: 806 ret = nfs_parse_xprtsec_policy(fc, param); 807 if (ret < 0) 808 return ret; 809 break; 810 811 case Opt_proto: 812 if (!param->string) 813 goto out_invalid_value; 814 trace_nfs_mount_assign(param->key, param->string); 815 protofamily = AF_INET; 816 switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) { 817 case Opt_xprt_udp6: 818 protofamily = AF_INET6; 819 fallthrough; 820 case Opt_xprt_udp: 821 ctx->flags &= ~NFS_MOUNT_TCP; 822 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP; 823 break; 824 case Opt_xprt_tcp6: 825 protofamily = AF_INET6; 826 fallthrough; 827 case Opt_xprt_tcp: 828 ctx->flags |= NFS_MOUNT_TCP; 829 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP; 830 break; 831 case Opt_xprt_rdma6: 832 protofamily = AF_INET6; 833 fallthrough; 834 case Opt_xprt_rdma: 835 /* vector side protocols to TCP */ 836 ctx->flags |= NFS_MOUNT_TCP; 837 ret = xprt_find_transport_ident(param->string); 838 if (ret < 0) 839 goto out_bad_transport; 840 ctx->nfs_server.protocol = ret; 841 break; 842 default: 843 goto out_bad_transport; 844 } 845 846 ctx->protofamily = protofamily; 847 break; 848 849 case Opt_mountproto: 850 if (!param->string) 851 goto out_invalid_value; 852 trace_nfs_mount_assign(param->key, param->string); 853 mountfamily = AF_INET; 854 switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) { 855 case Opt_xprt_udp6: 856 mountfamily = AF_INET6; 857 fallthrough; 858 case Opt_xprt_udp: 859 ctx->mount_server.protocol = XPRT_TRANSPORT_UDP; 860 break; 861 case Opt_xprt_tcp6: 862 mountfamily = AF_INET6; 863 fallthrough; 864 case Opt_xprt_tcp: 865 ctx->mount_server.protocol = XPRT_TRANSPORT_TCP; 866 break; 867 case Opt_xprt_rdma: /* not used for side protocols */ 868 default: 869 goto out_bad_transport; 870 } 871 ctx->mountfamily = mountfamily; 872 break; 873 874 case Opt_addr: 875 trace_nfs_mount_assign(param->key, param->string); 876 len = rpc_pton(fc->net_ns, param->string, param->size, 877 &ctx->nfs_server.address, 878 sizeof(ctx->nfs_server._address)); 879 if (len == 0) 880 goto out_invalid_address; 881 ctx->nfs_server.addrlen = len; 882 break; 883 case Opt_clientaddr: 884 trace_nfs_mount_assign(param->key, param->string); 885 kfree(ctx->client_address); 886 ctx->client_address = param->string; 887 param->string = NULL; 888 break; 889 case Opt_mounthost: 890 trace_nfs_mount_assign(param->key, param->string); 891 kfree(ctx->mount_server.hostname); 892 ctx->mount_server.hostname = param->string; 893 param->string = NULL; 894 break; 895 case Opt_mountaddr: 896 trace_nfs_mount_assign(param->key, param->string); 897 len = rpc_pton(fc->net_ns, param->string, param->size, 898 &ctx->mount_server.address, 899 sizeof(ctx->mount_server._address)); 900 if (len == 0) 901 goto out_invalid_address; 902 ctx->mount_server.addrlen = len; 903 break; 904 case Opt_nconnect: 905 trace_nfs_mount_assign(param->key, param->string); 906 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_CONNECTIONS) 907 goto out_of_bounds; 908 ctx->nfs_server.nconnect = result.uint_32; 909 break; 910 case Opt_max_connect: 911 trace_nfs_mount_assign(param->key, param->string); 912 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_TRANSPORTS) 913 goto out_of_bounds; 914 ctx->nfs_server.max_connect = result.uint_32; 915 break; 916 case Opt_fatal_neterrors: 917 trace_nfs_mount_assign(param->key, param->string); 918 switch (result.uint_32) { 919 case Opt_fatal_neterrors_default: 920 if (fc->net_ns != &init_net) 921 ctx->flags |= NFS_MOUNT_NETUNREACH_FATAL; 922 else 923 ctx->flags &= ~NFS_MOUNT_NETUNREACH_FATAL; 924 break; 925 case Opt_fatal_neterrors_enetunreach: 926 ctx->flags |= NFS_MOUNT_NETUNREACH_FATAL; 927 break; 928 case Opt_fatal_neterrors_none: 929 ctx->flags &= ~NFS_MOUNT_NETUNREACH_FATAL; 930 break; 931 default: 932 goto out_invalid_value; 933 } 934 break; 935 case Opt_lookupcache: 936 trace_nfs_mount_assign(param->key, param->string); 937 switch (result.uint_32) { 938 case Opt_lookupcache_all: 939 ctx->flags &= ~(NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE); 940 break; 941 case Opt_lookupcache_positive: 942 ctx->flags &= ~NFS_MOUNT_LOOKUP_CACHE_NONE; 943 ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG; 944 break; 945 case Opt_lookupcache_none: 946 ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE; 947 break; 948 default: 949 goto out_invalid_value; 950 } 951 break; 952 case Opt_local_lock: 953 trace_nfs_mount_assign(param->key, param->string); 954 switch (result.uint_32) { 955 case Opt_local_lock_all: 956 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | 957 NFS_MOUNT_LOCAL_FCNTL); 958 break; 959 case Opt_local_lock_flock: 960 ctx->flags |= NFS_MOUNT_LOCAL_FLOCK; 961 break; 962 case Opt_local_lock_posix: 963 ctx->flags |= NFS_MOUNT_LOCAL_FCNTL; 964 break; 965 case Opt_local_lock_none: 966 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK | 967 NFS_MOUNT_LOCAL_FCNTL); 968 break; 969 default: 970 goto out_invalid_value; 971 } 972 break; 973 case Opt_write: 974 trace_nfs_mount_assign(param->key, param->string); 975 switch (result.uint_32) { 976 case Opt_write_lazy: 977 ctx->flags &= 978 ~(NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT); 979 break; 980 case Opt_write_eager: 981 ctx->flags |= NFS_MOUNT_WRITE_EAGER; 982 ctx->flags &= ~NFS_MOUNT_WRITE_WAIT; 983 break; 984 case Opt_write_wait: 985 ctx->flags |= 986 NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT; 987 break; 988 default: 989 goto out_invalid_value; 990 } 991 break; 992 993 /* 994 * Special options 995 */ 996 case Opt_sloppy: 997 ctx->sloppy = true; 998 break; 999 } 1000 1001 return 0; 1002 1003 out_invalid_value: 1004 return nfs_invalf(fc, "NFS: Bad mount option value specified"); 1005 out_invalid_address: 1006 return nfs_invalf(fc, "NFS: Bad IP address specified"); 1007 out_of_bounds: 1008 return nfs_invalf(fc, "NFS: Value for '%s' out of range", param->key); 1009 out_bad_transport: 1010 return nfs_invalf(fc, "NFS: Unrecognized transport protocol"); 1011 } 1012 1013 /* 1014 * Split fc->source into "hostname:export_path". 1015 * 1016 * The leftmost colon demarks the split between the server's hostname 1017 * and the export path. If the hostname starts with a left square 1018 * bracket, then it may contain colons. 1019 * 1020 * Note: caller frees hostname and export path, even on error. 1021 */ 1022 static int nfs_parse_source(struct fs_context *fc, 1023 size_t maxnamlen, size_t maxpathlen) 1024 { 1025 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1026 const char *dev_name = fc->source; 1027 size_t len; 1028 const char *end; 1029 1030 if (unlikely(!dev_name || !*dev_name)) 1031 return -EINVAL; 1032 1033 /* Is the host name protected with square brakcets? */ 1034 if (*dev_name == '[') { 1035 end = strchr(++dev_name, ']'); 1036 if (end == NULL || end[1] != ':') 1037 goto out_bad_devname; 1038 1039 len = end - dev_name; 1040 end++; 1041 } else { 1042 const char *comma; 1043 1044 end = strchr(dev_name, ':'); 1045 if (end == NULL) 1046 goto out_bad_devname; 1047 len = end - dev_name; 1048 1049 /* kill possible hostname list: not supported */ 1050 comma = memchr(dev_name, ',', len); 1051 if (comma) 1052 len = comma - dev_name; 1053 } 1054 1055 if (len > maxnamlen) 1056 goto out_hostname; 1057 1058 kfree(ctx->nfs_server.hostname); 1059 1060 /* N.B. caller will free nfs_server.hostname in all cases */ 1061 ctx->nfs_server.hostname = kmemdup_nul(dev_name, len, GFP_KERNEL); 1062 if (!ctx->nfs_server.hostname) 1063 goto out_nomem; 1064 len = strlen(++end); 1065 if (len > maxpathlen) 1066 goto out_path; 1067 ctx->nfs_server.export_path = kmemdup_nul(end, len, GFP_KERNEL); 1068 if (!ctx->nfs_server.export_path) 1069 goto out_nomem; 1070 1071 trace_nfs_mount_path(ctx->nfs_server.export_path); 1072 return 0; 1073 1074 out_bad_devname: 1075 return nfs_invalf(fc, "NFS: device name not in host:path format"); 1076 out_nomem: 1077 nfs_errorf(fc, "NFS: not enough memory to parse device name"); 1078 return -ENOMEM; 1079 out_hostname: 1080 nfs_errorf(fc, "NFS: server hostname too long"); 1081 return -ENAMETOOLONG; 1082 out_path: 1083 nfs_errorf(fc, "NFS: export pathname too long"); 1084 return -ENAMETOOLONG; 1085 } 1086 1087 static inline bool is_remount_fc(struct fs_context *fc) 1088 { 1089 return fc->root != NULL; 1090 } 1091 1092 /* 1093 * Parse monolithic NFS2/NFS3 mount data 1094 * - fills in the mount root filehandle 1095 * 1096 * For option strings, user space handles the following behaviors: 1097 * 1098 * + DNS: mapping server host name to IP address ("addr=" option) 1099 * 1100 * + failure mode: how to behave if a mount request can't be handled 1101 * immediately ("fg/bg" option) 1102 * 1103 * + retry: how often to retry a mount request ("retry=" option) 1104 * 1105 * + breaking back: trying proto=udp after proto=tcp, v2 after v3, 1106 * mountproto=tcp after mountproto=udp, and so on 1107 */ 1108 static int nfs23_parse_monolithic(struct fs_context *fc, 1109 struct nfs_mount_data *data) 1110 { 1111 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1112 struct nfs_fh *mntfh = ctx->mntfh; 1113 struct sockaddr_storage *sap = &ctx->nfs_server._address; 1114 int extra_flags = NFS_MOUNT_LEGACY_INTERFACE; 1115 int ret; 1116 1117 if (data == NULL) 1118 goto out_no_data; 1119 1120 ctx->version = NFS_DEFAULT_VERSION; 1121 switch (data->version) { 1122 case 1: 1123 data->namlen = 0; 1124 fallthrough; 1125 case 2: 1126 data->bsize = 0; 1127 fallthrough; 1128 case 3: 1129 if (data->flags & NFS_MOUNT_VER3) 1130 goto out_no_v3; 1131 data->root.size = NFS2_FHSIZE; 1132 memcpy(data->root.data, data->old_root.data, NFS2_FHSIZE); 1133 /* Turn off security negotiation */ 1134 extra_flags |= NFS_MOUNT_SECFLAVOUR; 1135 fallthrough; 1136 case 4: 1137 if (data->flags & NFS_MOUNT_SECFLAVOUR) 1138 goto out_no_sec; 1139 fallthrough; 1140 case 5: 1141 memset(data->context, 0, sizeof(data->context)); 1142 fallthrough; 1143 case 6: 1144 if (data->flags & NFS_MOUNT_VER3) { 1145 if (data->root.size > NFS3_FHSIZE || data->root.size == 0) 1146 goto out_invalid_fh; 1147 mntfh->size = data->root.size; 1148 ctx->version = 3; 1149 } else { 1150 mntfh->size = NFS2_FHSIZE; 1151 ctx->version = 2; 1152 } 1153 1154 1155 memcpy(mntfh->data, data->root.data, mntfh->size); 1156 if (mntfh->size < sizeof(mntfh->data)) 1157 memset(mntfh->data + mntfh->size, 0, 1158 sizeof(mntfh->data) - mntfh->size); 1159 1160 /* 1161 * for proto == XPRT_TRANSPORT_UDP, which is what uses 1162 * to_exponential, implying shift: limit the shift value 1163 * to BITS_PER_LONG (majortimeo is unsigned long) 1164 */ 1165 if (!(data->flags & NFS_MOUNT_TCP)) /* this will be UDP */ 1166 if (data->retrans >= 64) /* shift value is too large */ 1167 goto out_invalid_data; 1168 1169 /* 1170 * Translate to nfs_fs_context, which nfs_fill_super 1171 * can deal with. 1172 */ 1173 ctx->flags = data->flags & NFS_MOUNT_FLAGMASK; 1174 ctx->flags |= extra_flags; 1175 ctx->rsize = data->rsize; 1176 ctx->wsize = data->wsize; 1177 ctx->timeo = data->timeo; 1178 ctx->retrans = data->retrans; 1179 ctx->acregmin = data->acregmin; 1180 ctx->acregmax = data->acregmax; 1181 ctx->acdirmin = data->acdirmin; 1182 ctx->acdirmax = data->acdirmax; 1183 ctx->need_mount = false; 1184 1185 if (!is_remount_fc(fc)) { 1186 memcpy(sap, &data->addr, sizeof(data->addr)); 1187 ctx->nfs_server.addrlen = sizeof(data->addr); 1188 ctx->nfs_server.port = ntohs(data->addr.sin_port); 1189 } 1190 1191 if (sap->ss_family != AF_INET || 1192 !nfs_verify_server_address(sap)) 1193 goto out_no_address; 1194 1195 if (!(data->flags & NFS_MOUNT_TCP)) 1196 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP; 1197 /* N.B. caller will free nfs_server.hostname in all cases */ 1198 ctx->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL); 1199 if (!ctx->nfs_server.hostname) 1200 goto out_nomem; 1201 1202 ctx->namlen = data->namlen; 1203 ctx->bsize = data->bsize; 1204 1205 if (data->flags & NFS_MOUNT_SECFLAVOUR) 1206 ctx->selected_flavor = data->pseudoflavor; 1207 else 1208 ctx->selected_flavor = RPC_AUTH_UNIX; 1209 1210 if (!(data->flags & NFS_MOUNT_NONLM)) 1211 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK| 1212 NFS_MOUNT_LOCAL_FCNTL); 1213 else 1214 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK| 1215 NFS_MOUNT_LOCAL_FCNTL); 1216 1217 /* 1218 * The legacy version 6 binary mount data from userspace has a 1219 * field used only to transport selinux information into the 1220 * kernel. To continue to support that functionality we 1221 * have a touch of selinux knowledge here in the NFS code. The 1222 * userspace code converted context=blah to just blah so we are 1223 * converting back to the full string selinux understands. 1224 */ 1225 if (data->context[0]){ 1226 #ifdef CONFIG_SECURITY_SELINUX 1227 int ret; 1228 1229 data->context[NFS_MAX_CONTEXT_LEN] = '\0'; 1230 ret = vfs_parse_fs_string(fc, "context", 1231 data->context, strlen(data->context)); 1232 if (ret < 0) 1233 return ret; 1234 #else 1235 return -EINVAL; 1236 #endif 1237 } 1238 1239 break; 1240 default: 1241 goto generic; 1242 } 1243 1244 ret = nfs_validate_transport_protocol(fc, ctx); 1245 if (ret) 1246 return ret; 1247 1248 ctx->skip_reconfig_option_check = true; 1249 return 0; 1250 1251 generic: 1252 return generic_parse_monolithic(fc, data); 1253 1254 out_no_data: 1255 if (is_remount_fc(fc)) { 1256 ctx->skip_reconfig_option_check = true; 1257 return 0; 1258 } 1259 return nfs_invalf(fc, "NFS: mount program didn't pass any mount data"); 1260 1261 out_no_v3: 1262 return nfs_invalf(fc, "NFS: nfs_mount_data version does not support v3"); 1263 1264 out_no_sec: 1265 return nfs_invalf(fc, "NFS: nfs_mount_data version supports only AUTH_SYS"); 1266 1267 out_nomem: 1268 return -ENOMEM; 1269 1270 out_no_address: 1271 return nfs_invalf(fc, "NFS: mount program didn't pass remote address"); 1272 1273 out_invalid_fh: 1274 return nfs_invalf(fc, "NFS: invalid root filehandle"); 1275 1276 out_invalid_data: 1277 return nfs_invalf(fc, "NFS: invalid binary mount data"); 1278 } 1279 1280 #if IS_ENABLED(CONFIG_NFS_V4) 1281 struct compat_nfs_string { 1282 compat_uint_t len; 1283 compat_uptr_t data; 1284 }; 1285 1286 static inline void compat_nfs_string(struct nfs_string *dst, 1287 struct compat_nfs_string *src) 1288 { 1289 dst->data = compat_ptr(src->data); 1290 dst->len = src->len; 1291 } 1292 1293 struct compat_nfs4_mount_data_v1 { 1294 compat_int_t version; 1295 compat_int_t flags; 1296 compat_int_t rsize; 1297 compat_int_t wsize; 1298 compat_int_t timeo; 1299 compat_int_t retrans; 1300 compat_int_t acregmin; 1301 compat_int_t acregmax; 1302 compat_int_t acdirmin; 1303 compat_int_t acdirmax; 1304 struct compat_nfs_string client_addr; 1305 struct compat_nfs_string mnt_path; 1306 struct compat_nfs_string hostname; 1307 compat_uint_t host_addrlen; 1308 compat_uptr_t host_addr; 1309 compat_int_t proto; 1310 compat_int_t auth_flavourlen; 1311 compat_uptr_t auth_flavours; 1312 }; 1313 1314 static void nfs4_compat_mount_data_conv(struct nfs4_mount_data *data) 1315 { 1316 struct compat_nfs4_mount_data_v1 *compat = 1317 (struct compat_nfs4_mount_data_v1 *)data; 1318 1319 /* copy the fields backwards */ 1320 data->auth_flavours = compat_ptr(compat->auth_flavours); 1321 data->auth_flavourlen = compat->auth_flavourlen; 1322 data->proto = compat->proto; 1323 data->host_addr = compat_ptr(compat->host_addr); 1324 data->host_addrlen = compat->host_addrlen; 1325 compat_nfs_string(&data->hostname, &compat->hostname); 1326 compat_nfs_string(&data->mnt_path, &compat->mnt_path); 1327 compat_nfs_string(&data->client_addr, &compat->client_addr); 1328 data->acdirmax = compat->acdirmax; 1329 data->acdirmin = compat->acdirmin; 1330 data->acregmax = compat->acregmax; 1331 data->acregmin = compat->acregmin; 1332 data->retrans = compat->retrans; 1333 data->timeo = compat->timeo; 1334 data->wsize = compat->wsize; 1335 data->rsize = compat->rsize; 1336 data->flags = compat->flags; 1337 data->version = compat->version; 1338 } 1339 1340 /* 1341 * Validate NFSv4 mount options 1342 */ 1343 static int nfs4_parse_monolithic(struct fs_context *fc, 1344 struct nfs4_mount_data *data) 1345 { 1346 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1347 struct sockaddr_storage *sap = &ctx->nfs_server._address; 1348 int ret; 1349 char *c; 1350 1351 if (!data) { 1352 if (is_remount_fc(fc)) 1353 goto done; 1354 return nfs_invalf(fc, 1355 "NFS4: mount program didn't pass any mount data"); 1356 } 1357 1358 ctx->version = 4; 1359 1360 if (data->version != 1) 1361 return generic_parse_monolithic(fc, data); 1362 1363 if (in_compat_syscall()) 1364 nfs4_compat_mount_data_conv(data); 1365 1366 if (data->host_addrlen > sizeof(ctx->nfs_server.address)) 1367 goto out_no_address; 1368 if (data->host_addrlen == 0) 1369 goto out_no_address; 1370 ctx->nfs_server.addrlen = data->host_addrlen; 1371 if (copy_from_user(sap, data->host_addr, data->host_addrlen)) 1372 return -EFAULT; 1373 if (!nfs_verify_server_address(sap)) 1374 goto out_no_address; 1375 ctx->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port); 1376 1377 if (data->auth_flavourlen) { 1378 rpc_authflavor_t pseudoflavor; 1379 1380 if (data->auth_flavourlen > 1) 1381 goto out_inval_auth; 1382 if (copy_from_user(&pseudoflavor, data->auth_flavours, 1383 sizeof(pseudoflavor))) 1384 return -EFAULT; 1385 ctx->selected_flavor = pseudoflavor; 1386 } else { 1387 ctx->selected_flavor = RPC_AUTH_UNIX; 1388 } 1389 1390 c = strndup_user(data->hostname.data, NFS4_MAXNAMLEN); 1391 if (IS_ERR(c)) 1392 return PTR_ERR(c); 1393 ctx->nfs_server.hostname = c; 1394 1395 c = strndup_user(data->mnt_path.data, NFS4_MAXPATHLEN); 1396 if (IS_ERR(c)) 1397 return PTR_ERR(c); 1398 ctx->nfs_server.export_path = c; 1399 trace_nfs_mount_path(c); 1400 1401 c = strndup_user(data->client_addr.data, 16); 1402 if (IS_ERR(c)) 1403 return PTR_ERR(c); 1404 ctx->client_address = c; 1405 1406 /* 1407 * Translate to nfs_fs_context, which nfs_fill_super 1408 * can deal with. 1409 */ 1410 1411 ctx->flags = data->flags & NFS4_MOUNT_FLAGMASK; 1412 ctx->rsize = data->rsize; 1413 ctx->wsize = data->wsize; 1414 ctx->timeo = data->timeo; 1415 ctx->retrans = data->retrans; 1416 ctx->acregmin = data->acregmin; 1417 ctx->acregmax = data->acregmax; 1418 ctx->acdirmin = data->acdirmin; 1419 ctx->acdirmax = data->acdirmax; 1420 ctx->nfs_server.protocol = data->proto; 1421 ret = nfs_validate_transport_protocol(fc, ctx); 1422 if (ret) 1423 return ret; 1424 done: 1425 ctx->skip_reconfig_option_check = true; 1426 return 0; 1427 1428 out_inval_auth: 1429 return nfs_invalf(fc, "NFS4: Invalid number of RPC auth flavours %d", 1430 data->auth_flavourlen); 1431 1432 out_no_address: 1433 return nfs_invalf(fc, "NFS4: mount program didn't pass remote address"); 1434 } 1435 #endif 1436 1437 /* 1438 * Parse a monolithic block of data from sys_mount(). 1439 */ 1440 static int nfs_fs_context_parse_monolithic(struct fs_context *fc, 1441 void *data) 1442 { 1443 if (fc->fs_type == &nfs_fs_type) 1444 return nfs23_parse_monolithic(fc, data); 1445 1446 #if IS_ENABLED(CONFIG_NFS_V4) 1447 if (fc->fs_type == &nfs4_fs_type) 1448 return nfs4_parse_monolithic(fc, data); 1449 #endif 1450 1451 return nfs_invalf(fc, "NFS: Unsupported monolithic data version"); 1452 } 1453 1454 /* 1455 * Validate the preparsed information in the config. 1456 */ 1457 static int nfs_fs_context_validate(struct fs_context *fc) 1458 { 1459 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1460 struct nfs_subversion *nfs_mod; 1461 struct sockaddr_storage *sap = &ctx->nfs_server._address; 1462 int max_namelen = PAGE_SIZE; 1463 int max_pathlen = NFS_MAXPATHLEN; 1464 int port = 0; 1465 int ret; 1466 1467 if (!fc->source) 1468 goto out_no_device_name; 1469 1470 /* Check for sanity first. */ 1471 if (ctx->minorversion && ctx->version != 4) 1472 goto out_minorversion_mismatch; 1473 1474 if (ctx->options & NFS_OPTION_MIGRATION && 1475 (ctx->version != 4 || ctx->minorversion != 0)) 1476 goto out_migration_misuse; 1477 1478 /* Verify that any proto=/mountproto= options match the address 1479 * families in the addr=/mountaddr= options. 1480 */ 1481 if (ctx->protofamily != AF_UNSPEC && 1482 ctx->protofamily != ctx->nfs_server.address.sa_family) 1483 goto out_proto_mismatch; 1484 1485 if (ctx->mountfamily != AF_UNSPEC) { 1486 if (ctx->mount_server.addrlen) { 1487 if (ctx->mountfamily != ctx->mount_server.address.sa_family) 1488 goto out_mountproto_mismatch; 1489 } else { 1490 if (ctx->mountfamily != ctx->nfs_server.address.sa_family) 1491 goto out_mountproto_mismatch; 1492 } 1493 } 1494 1495 if (!nfs_verify_server_address(sap)) 1496 goto out_no_address; 1497 1498 ret = nfs_validate_transport_protocol(fc, ctx); 1499 if (ret) 1500 return ret; 1501 1502 if (ctx->version == 4) { 1503 if (IS_ENABLED(CONFIG_NFS_V4)) { 1504 if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA) 1505 port = NFS_RDMA_PORT; 1506 else 1507 port = NFS_PORT; 1508 max_namelen = NFS4_MAXNAMLEN; 1509 max_pathlen = NFS4_MAXPATHLEN; 1510 ctx->flags &= ~(NFS_MOUNT_NONLM | NFS_MOUNT_NOACL | 1511 NFS_MOUNT_VER3 | NFS_MOUNT_LOCAL_FLOCK | 1512 NFS_MOUNT_LOCAL_FCNTL); 1513 } else { 1514 goto out_v4_not_compiled; 1515 } 1516 } else { 1517 nfs_set_mount_transport_protocol(ctx); 1518 if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA) 1519 port = NFS_RDMA_PORT; 1520 } 1521 1522 nfs_set_port(sap, &ctx->nfs_server.port, port); 1523 1524 ret = nfs_parse_source(fc, max_namelen, max_pathlen); 1525 if (ret < 0) 1526 return ret; 1527 1528 /* Load the NFS protocol module if we haven't done so yet */ 1529 if (!ctx->nfs_mod) { 1530 nfs_mod = find_nfs_version(ctx->version); 1531 if (IS_ERR(nfs_mod)) { 1532 ret = PTR_ERR(nfs_mod); 1533 goto out_version_unavailable; 1534 } 1535 ctx->nfs_mod = nfs_mod; 1536 } 1537 1538 /* Ensure the filesystem context has the correct fs_type */ 1539 if (fc->fs_type != ctx->nfs_mod->nfs_fs) { 1540 module_put(fc->fs_type->owner); 1541 __module_get(ctx->nfs_mod->nfs_fs->owner); 1542 fc->fs_type = ctx->nfs_mod->nfs_fs; 1543 } 1544 return 0; 1545 1546 out_no_device_name: 1547 return nfs_invalf(fc, "NFS: Device name not specified"); 1548 out_v4_not_compiled: 1549 nfs_errorf(fc, "NFS: NFSv4 is not compiled into kernel"); 1550 return -EPROTONOSUPPORT; 1551 out_no_address: 1552 return nfs_invalf(fc, "NFS: mount program didn't pass remote address"); 1553 out_mountproto_mismatch: 1554 return nfs_invalf(fc, "NFS: Mount server address does not match mountproto= option"); 1555 out_proto_mismatch: 1556 return nfs_invalf(fc, "NFS: Server address does not match proto= option"); 1557 out_minorversion_mismatch: 1558 return nfs_invalf(fc, "NFS: Mount option vers=%u does not support minorversion=%u", 1559 ctx->version, ctx->minorversion); 1560 out_migration_misuse: 1561 return nfs_invalf(fc, "NFS: 'Migration' not supported for this NFS version"); 1562 out_version_unavailable: 1563 nfs_errorf(fc, "NFS: Version unavailable"); 1564 return ret; 1565 } 1566 1567 /* 1568 * Create an NFS superblock by the appropriate method. 1569 */ 1570 static int nfs_get_tree(struct fs_context *fc) 1571 { 1572 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1573 int err = nfs_fs_context_validate(fc); 1574 1575 if (err) 1576 return err; 1577 if (!ctx->internal) 1578 return ctx->nfs_mod->rpc_ops->try_get_tree(fc); 1579 else 1580 return nfs_get_tree_common(fc); 1581 } 1582 1583 /* 1584 * Handle duplication of a configuration. The caller copied *src into *sc, but 1585 * it can't deal with resource pointers in the filesystem context, so we have 1586 * to do that. We need to clear pointers, copy data or get extra refs as 1587 * appropriate. 1588 */ 1589 static int nfs_fs_context_dup(struct fs_context *fc, struct fs_context *src_fc) 1590 { 1591 struct nfs_fs_context *src = nfs_fc2context(src_fc), *ctx; 1592 1593 ctx = kmemdup(src, sizeof(struct nfs_fs_context), GFP_KERNEL); 1594 if (!ctx) 1595 return -ENOMEM; 1596 1597 ctx->mntfh = nfs_alloc_fhandle(); 1598 if (!ctx->mntfh) { 1599 kfree(ctx); 1600 return -ENOMEM; 1601 } 1602 nfs_copy_fh(ctx->mntfh, src->mntfh); 1603 1604 get_nfs_version(ctx->nfs_mod); 1605 ctx->client_address = NULL; 1606 ctx->mount_server.hostname = NULL; 1607 ctx->nfs_server.export_path = NULL; 1608 ctx->nfs_server.hostname = NULL; 1609 ctx->fscache_uniq = NULL; 1610 ctx->clone_data.fattr = NULL; 1611 fc->fs_private = ctx; 1612 return 0; 1613 } 1614 1615 static void nfs_fs_context_free(struct fs_context *fc) 1616 { 1617 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1618 1619 if (ctx) { 1620 if (ctx->server) 1621 nfs_free_server(ctx->server); 1622 if (ctx->nfs_mod) 1623 put_nfs_version(ctx->nfs_mod); 1624 kfree(ctx->client_address); 1625 kfree(ctx->mount_server.hostname); 1626 kfree(ctx->nfs_server.export_path); 1627 kfree(ctx->nfs_server.hostname); 1628 kfree(ctx->fscache_uniq); 1629 nfs_free_fhandle(ctx->mntfh); 1630 nfs_free_fattr(ctx->clone_data.fattr); 1631 kfree(ctx); 1632 } 1633 } 1634 1635 static const struct fs_context_operations nfs_fs_context_ops = { 1636 .free = nfs_fs_context_free, 1637 .dup = nfs_fs_context_dup, 1638 .parse_param = nfs_fs_context_parse_param, 1639 .parse_monolithic = nfs_fs_context_parse_monolithic, 1640 .get_tree = nfs_get_tree, 1641 .reconfigure = nfs_reconfigure, 1642 }; 1643 1644 /* 1645 * Prepare superblock configuration. We use the namespaces attached to the 1646 * context. This may be the current process's namespaces, or it may be a 1647 * container's namespaces. 1648 */ 1649 static int nfs_init_fs_context(struct fs_context *fc) 1650 { 1651 struct nfs_fs_context *ctx; 1652 1653 ctx = kzalloc(sizeof(struct nfs_fs_context), GFP_KERNEL); 1654 if (unlikely(!ctx)) 1655 return -ENOMEM; 1656 1657 ctx->mntfh = nfs_alloc_fhandle(); 1658 if (unlikely(!ctx->mntfh)) { 1659 kfree(ctx); 1660 return -ENOMEM; 1661 } 1662 1663 ctx->protofamily = AF_UNSPEC; 1664 ctx->mountfamily = AF_UNSPEC; 1665 ctx->mount_server.port = NFS_UNSPEC_PORT; 1666 1667 if (fc->root) { 1668 /* reconfigure, start with the current config */ 1669 struct nfs_server *nfss = fc->root->d_sb->s_fs_info; 1670 struct net *net = nfss->nfs_client->cl_net; 1671 1672 ctx->flags = nfss->flags; 1673 ctx->rsize = nfss->rsize; 1674 ctx->wsize = nfss->wsize; 1675 ctx->retrans = nfss->client->cl_timeout->to_retries; 1676 ctx->selected_flavor = nfss->client->cl_auth->au_flavor; 1677 ctx->acregmin = nfss->acregmin / HZ; 1678 ctx->acregmax = nfss->acregmax / HZ; 1679 ctx->acdirmin = nfss->acdirmin / HZ; 1680 ctx->acdirmax = nfss->acdirmax / HZ; 1681 ctx->timeo = 10U * nfss->client->cl_timeout->to_initval / HZ; 1682 ctx->nfs_server.port = nfss->port; 1683 ctx->nfs_server.addrlen = nfss->nfs_client->cl_addrlen; 1684 ctx->version = nfss->nfs_client->rpc_ops->version; 1685 ctx->minorversion = nfss->nfs_client->cl_minorversion; 1686 1687 memcpy(&ctx->nfs_server._address, &nfss->nfs_client->cl_addr, 1688 ctx->nfs_server.addrlen); 1689 1690 if (fc->net_ns != net) { 1691 put_net(fc->net_ns); 1692 fc->net_ns = get_net(net); 1693 } 1694 1695 ctx->nfs_mod = nfss->nfs_client->cl_nfs_mod; 1696 get_nfs_version(ctx->nfs_mod); 1697 } else { 1698 /* defaults */ 1699 ctx->timeo = NFS_UNSPEC_TIMEO; 1700 ctx->retrans = NFS_UNSPEC_RETRANS; 1701 ctx->acregmin = NFS_DEF_ACREGMIN; 1702 ctx->acregmax = NFS_DEF_ACREGMAX; 1703 ctx->acdirmin = NFS_DEF_ACDIRMIN; 1704 ctx->acdirmax = NFS_DEF_ACDIRMAX; 1705 ctx->nfs_server.port = NFS_UNSPEC_PORT; 1706 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP; 1707 ctx->selected_flavor = RPC_AUTH_MAXFLAVOR; 1708 ctx->minorversion = 0; 1709 ctx->need_mount = true; 1710 ctx->xprtsec.policy = RPC_XPRTSEC_NONE; 1711 ctx->xprtsec.cert_serial = TLS_NO_CERT; 1712 ctx->xprtsec.privkey_serial = TLS_NO_PRIVKEY; 1713 1714 if (fc->net_ns != &init_net) 1715 ctx->flags |= NFS_MOUNT_NETUNREACH_FATAL; 1716 1717 fc->s_iflags |= SB_I_STABLE_WRITES; 1718 } 1719 fc->fs_private = ctx; 1720 fc->ops = &nfs_fs_context_ops; 1721 return 0; 1722 } 1723 1724 struct file_system_type nfs_fs_type = { 1725 .owner = THIS_MODULE, 1726 .name = "nfs", 1727 .init_fs_context = nfs_init_fs_context, 1728 .parameters = nfs_fs_parameters, 1729 .kill_sb = nfs_kill_super, 1730 .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA, 1731 }; 1732 MODULE_ALIAS_FS("nfs"); 1733 EXPORT_SYMBOL_GPL(nfs_fs_type); 1734 1735 #if IS_ENABLED(CONFIG_NFS_V4) 1736 struct file_system_type nfs4_fs_type = { 1737 .owner = THIS_MODULE, 1738 .name = "nfs4", 1739 .init_fs_context = nfs_init_fs_context, 1740 .parameters = nfs_fs_parameters, 1741 .kill_sb = nfs_kill_super, 1742 .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA, 1743 }; 1744 MODULE_ALIAS_FS("nfs4"); 1745 MODULE_ALIAS("nfs4"); 1746 EXPORT_SYMBOL_GPL(nfs4_fs_type); 1747 #endif /* CONFIG_NFS_V4 */ 1748