1 // SPDX-License-Identifier: LGPL-2.1 2 /* 3 * 4 * Copyright (C) International Business Machines Corp., 2002,2011 5 * Author(s): Steve French (sfrench@us.ibm.com) 6 * 7 */ 8 #include <linux/fs.h> 9 #include <linux/net.h> 10 #include <linux/string.h> 11 #include <linux/sched/mm.h> 12 #include <linux/sched/signal.h> 13 #include <linux/list.h> 14 #include <linux/wait.h> 15 #include <linux/slab.h> 16 #include <linux/pagemap.h> 17 #include <linux/ctype.h> 18 #include <linux/utsname.h> 19 #include <linux/mempool.h> 20 #include <linux/delay.h> 21 #include <linux/completion.h> 22 #include <linux/kthread.h> 23 #include <linux/pagevec.h> 24 #include <linux/freezer.h> 25 #include <linux/namei.h> 26 #include <linux/uuid.h> 27 #include <linux/uaccess.h> 28 #include <asm/processor.h> 29 #include <linux/inet.h> 30 #include <linux/module.h> 31 #include <keys/user-type.h> 32 #include <net/ipv6.h> 33 #include <linux/parser.h> 34 #include <linux/bvec.h> 35 #include "cifspdu.h" 36 #include "cifsglob.h" 37 #include "cifsproto.h" 38 #include "cifs_unicode.h" 39 #include "cifs_debug.h" 40 #include "cifs_fs_sb.h" 41 #include "ntlmssp.h" 42 #include "nterr.h" 43 #include "rfc1002pdu.h" 44 #include "fscache.h" 45 #include "smb2proto.h" 46 #include "smbdirect.h" 47 #include "dns_resolve.h" 48 #ifdef CONFIG_CIFS_DFS_UPCALL 49 #include "dfs.h" 50 #include "dfs_cache.h" 51 #endif 52 #include "fs_context.h" 53 #include "cifs_swn.h" 54 55 /* FIXME: should these be tunable? */ 56 #define TLINK_ERROR_EXPIRE (1 * HZ) 57 #define TLINK_IDLE_EXPIRE (600 * HZ) 58 59 /* Drop the connection to not overload the server */ 60 #define MAX_STATUS_IO_TIMEOUT 5 61 62 static int ip_connect(struct TCP_Server_Info *server); 63 static int generic_ip_connect(struct TCP_Server_Info *server); 64 static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink); 65 static void cifs_prune_tlinks(struct work_struct *work); 66 67 /* 68 * Resolve hostname and set ip addr in tcp ses. Useful for hostnames that may 69 * get their ip addresses changed at some point. 70 * 71 * This should be called with server->srv_mutex held. 72 */ 73 static int reconn_set_ipaddr_from_hostname(struct TCP_Server_Info *server) 74 { 75 struct sockaddr_storage ss; 76 int rc; 77 78 if (!server->hostname) 79 return -EINVAL; 80 81 /* if server hostname isn't populated, there's nothing to do here */ 82 if (server->hostname[0] == '\0') 83 return 0; 84 85 spin_lock(&server->srv_lock); 86 ss = server->dstaddr; 87 spin_unlock(&server->srv_lock); 88 89 rc = dns_resolve_name(server->dns_dom, server->hostname, 90 strlen(server->hostname), 91 (struct sockaddr *)&ss); 92 if (!rc) { 93 spin_lock(&server->srv_lock); 94 memcpy(&server->dstaddr, &ss, sizeof(server->dstaddr)); 95 spin_unlock(&server->srv_lock); 96 } 97 return rc; 98 } 99 100 static void smb2_query_server_interfaces(struct work_struct *work) 101 { 102 int rc; 103 int xid; 104 struct cifs_tcon *tcon = container_of(work, 105 struct cifs_tcon, 106 query_interfaces.work); 107 struct TCP_Server_Info *server = tcon->ses->server; 108 109 /* 110 * query server network interfaces, in case they change 111 */ 112 if (!server->ops->query_server_interfaces) 113 return; 114 115 xid = get_xid(); 116 rc = server->ops->query_server_interfaces(xid, tcon, false); 117 free_xid(xid); 118 119 if (rc) { 120 if (rc == -EOPNOTSUPP) 121 return; 122 123 cifs_dbg(FYI, "%s: failed to query server interfaces: %d\n", 124 __func__, rc); 125 } 126 127 queue_delayed_work(cifsiod_wq, &tcon->query_interfaces, 128 (SMB_INTERFACE_POLL_INTERVAL * HZ)); 129 } 130 131 /* 132 * Update the tcpStatus for the server. 133 * This is used to signal the cifsd thread to call cifs_reconnect 134 * ONLY cifsd thread should call cifs_reconnect. For any other 135 * thread, use this function 136 * 137 * @server: the tcp ses for which reconnect is needed 138 * @all_channels: if this needs to be done for all channels 139 */ 140 void 141 cifs_signal_cifsd_for_reconnect(struct TCP_Server_Info *server, 142 bool all_channels) 143 { 144 struct TCP_Server_Info *pserver; 145 struct cifs_ses *ses; 146 int i; 147 148 /* If server is a channel, select the primary channel */ 149 pserver = SERVER_IS_CHAN(server) ? server->primary_server : server; 150 151 /* if we need to signal just this channel */ 152 if (!all_channels) { 153 spin_lock(&server->srv_lock); 154 if (server->tcpStatus != CifsExiting) 155 server->tcpStatus = CifsNeedReconnect; 156 spin_unlock(&server->srv_lock); 157 return; 158 } 159 160 spin_lock(&cifs_tcp_ses_lock); 161 list_for_each_entry(ses, &pserver->smb_ses_list, smb_ses_list) { 162 if (cifs_ses_exiting(ses)) 163 continue; 164 spin_lock(&ses->chan_lock); 165 for (i = 0; i < ses->chan_count; i++) { 166 if (!ses->chans[i].server) 167 continue; 168 169 spin_lock(&ses->chans[i].server->srv_lock); 170 if (ses->chans[i].server->tcpStatus != CifsExiting) 171 ses->chans[i].server->tcpStatus = CifsNeedReconnect; 172 spin_unlock(&ses->chans[i].server->srv_lock); 173 } 174 spin_unlock(&ses->chan_lock); 175 } 176 spin_unlock(&cifs_tcp_ses_lock); 177 } 178 179 /* 180 * Mark all sessions and tcons for reconnect. 181 * IMPORTANT: make sure that this gets called only from 182 * cifsd thread. For any other thread, use 183 * cifs_signal_cifsd_for_reconnect 184 * 185 * @server: the tcp ses for which reconnect is needed 186 * @server needs to be previously set to CifsNeedReconnect. 187 * @mark_smb_session: whether even sessions need to be marked 188 */ 189 void 190 cifs_mark_tcp_ses_conns_for_reconnect(struct TCP_Server_Info *server, 191 bool mark_smb_session) 192 { 193 struct TCP_Server_Info *pserver; 194 struct cifs_ses *ses, *nses; 195 struct cifs_tcon *tcon; 196 197 /* 198 * before reconnecting the tcp session, mark the smb session (uid) and the tid bad so they 199 * are not used until reconnected. 200 */ 201 cifs_dbg(FYI, "%s: marking necessary sessions and tcons for reconnect\n", __func__); 202 203 /* If server is a channel, select the primary channel */ 204 pserver = SERVER_IS_CHAN(server) ? server->primary_server : server; 205 206 /* 207 * if the server has been marked for termination, there is a 208 * chance that the remaining channels all need reconnect. To be 209 * on the safer side, mark the session and trees for reconnect 210 * for this scenario. This might cause a few redundant session 211 * setup and tree connect requests, but it is better than not doing 212 * a tree connect when needed, and all following requests failing 213 */ 214 if (server->terminate) { 215 mark_smb_session = true; 216 server = pserver; 217 } 218 219 spin_lock(&cifs_tcp_ses_lock); 220 list_for_each_entry_safe(ses, nses, &pserver->smb_ses_list, smb_ses_list) { 221 spin_lock(&ses->ses_lock); 222 if (ses->ses_status == SES_EXITING) { 223 spin_unlock(&ses->ses_lock); 224 continue; 225 } 226 spin_unlock(&ses->ses_lock); 227 228 spin_lock(&ses->chan_lock); 229 if (cifs_ses_get_chan_index(ses, server) == 230 CIFS_INVAL_CHAN_INDEX) { 231 spin_unlock(&ses->chan_lock); 232 continue; 233 } 234 235 if (!cifs_chan_is_iface_active(ses, server)) { 236 spin_unlock(&ses->chan_lock); 237 cifs_chan_update_iface(ses, server); 238 spin_lock(&ses->chan_lock); 239 } 240 241 if (!mark_smb_session && cifs_chan_needs_reconnect(ses, server)) { 242 spin_unlock(&ses->chan_lock); 243 continue; 244 } 245 246 if (mark_smb_session) 247 CIFS_SET_ALL_CHANS_NEED_RECONNECT(ses); 248 else 249 cifs_chan_set_need_reconnect(ses, server); 250 251 cifs_dbg(FYI, "%s: channel connect bitmap: 0x%lx\n", 252 __func__, ses->chans_need_reconnect); 253 254 /* If all channels need reconnect, then tcon needs reconnect */ 255 if (!mark_smb_session && !CIFS_ALL_CHANS_NEED_RECONNECT(ses)) { 256 spin_unlock(&ses->chan_lock); 257 continue; 258 } 259 spin_unlock(&ses->chan_lock); 260 261 spin_lock(&ses->ses_lock); 262 ses->ses_status = SES_NEED_RECON; 263 spin_unlock(&ses->ses_lock); 264 265 list_for_each_entry(tcon, &ses->tcon_list, tcon_list) { 266 tcon->need_reconnect = true; 267 spin_lock(&tcon->tc_lock); 268 tcon->status = TID_NEED_RECON; 269 spin_unlock(&tcon->tc_lock); 270 271 cancel_delayed_work(&tcon->query_interfaces); 272 } 273 if (ses->tcon_ipc) { 274 ses->tcon_ipc->need_reconnect = true; 275 spin_lock(&ses->tcon_ipc->tc_lock); 276 ses->tcon_ipc->status = TID_NEED_RECON; 277 spin_unlock(&ses->tcon_ipc->tc_lock); 278 } 279 } 280 spin_unlock(&cifs_tcp_ses_lock); 281 } 282 283 static void 284 cifs_abort_connection(struct TCP_Server_Info *server) 285 { 286 struct mid_q_entry *mid, *nmid; 287 struct list_head retry_list; 288 289 server->maxBuf = 0; 290 server->max_read = 0; 291 292 /* do not want to be sending data on a socket we are freeing */ 293 cifs_dbg(FYI, "%s: tearing down socket\n", __func__); 294 cifs_server_lock(server); 295 if (server->ssocket) { 296 cifs_dbg(FYI, "State: 0x%x Flags: 0x%lx\n", server->ssocket->state, 297 server->ssocket->flags); 298 kernel_sock_shutdown(server->ssocket, SHUT_WR); 299 cifs_dbg(FYI, "Post shutdown state: 0x%x Flags: 0x%lx\n", server->ssocket->state, 300 server->ssocket->flags); 301 sock_release(server->ssocket); 302 server->ssocket = NULL; 303 } 304 server->sequence_number = 0; 305 server->session_estab = false; 306 kfree_sensitive(server->session_key.response); 307 server->session_key.response = NULL; 308 server->session_key.len = 0; 309 server->lstrp = jiffies; 310 311 /* mark submitted MIDs for retry and issue callback */ 312 INIT_LIST_HEAD(&retry_list); 313 cifs_dbg(FYI, "%s: moving mids to private list\n", __func__); 314 spin_lock(&server->mid_lock); 315 list_for_each_entry_safe(mid, nmid, &server->pending_mid_q, qhead) { 316 kref_get(&mid->refcount); 317 if (mid->mid_state == MID_REQUEST_SUBMITTED) 318 mid->mid_state = MID_RETRY_NEEDED; 319 list_move(&mid->qhead, &retry_list); 320 mid->mid_flags |= MID_DELETED; 321 } 322 spin_unlock(&server->mid_lock); 323 cifs_server_unlock(server); 324 325 cifs_dbg(FYI, "%s: issuing mid callbacks\n", __func__); 326 list_for_each_entry_safe(mid, nmid, &retry_list, qhead) { 327 list_del_init(&mid->qhead); 328 mid->callback(mid); 329 release_mid(mid); 330 } 331 332 if (cifs_rdma_enabled(server)) { 333 cifs_server_lock(server); 334 smbd_destroy(server); 335 cifs_server_unlock(server); 336 } 337 } 338 339 static bool cifs_tcp_ses_needs_reconnect(struct TCP_Server_Info *server, int num_targets) 340 { 341 spin_lock(&server->srv_lock); 342 server->nr_targets = num_targets; 343 if (server->tcpStatus == CifsExiting) { 344 /* the demux thread will exit normally next time through the loop */ 345 spin_unlock(&server->srv_lock); 346 wake_up(&server->response_q); 347 return false; 348 } 349 350 cifs_dbg(FYI, "Mark tcp session as need reconnect\n"); 351 trace_smb3_reconnect(server->CurrentMid, server->conn_id, 352 server->hostname); 353 server->tcpStatus = CifsNeedReconnect; 354 355 spin_unlock(&server->srv_lock); 356 return true; 357 } 358 359 /* 360 * cifs tcp session reconnection 361 * 362 * mark tcp session as reconnecting so temporarily locked 363 * mark all smb sessions as reconnecting for tcp session 364 * reconnect tcp session 365 * wake up waiters on reconnection? - (not needed currently) 366 * 367 * if mark_smb_session is passed as true, unconditionally mark 368 * the smb session (and tcon) for reconnect as well. This value 369 * doesn't really matter for non-multichannel scenario. 370 * 371 */ 372 static int __cifs_reconnect(struct TCP_Server_Info *server, 373 bool mark_smb_session, bool once) 374 { 375 int rc = 0; 376 377 if (!cifs_tcp_ses_needs_reconnect(server, 1)) 378 return 0; 379 380 /* 381 * if smb session has been marked for reconnect, also reconnect all 382 * connections. This way, the other connections do not end up bad. 383 */ 384 if (mark_smb_session) 385 cifs_signal_cifsd_for_reconnect(server, mark_smb_session); 386 387 cifs_mark_tcp_ses_conns_for_reconnect(server, mark_smb_session); 388 389 cifs_abort_connection(server); 390 391 do { 392 try_to_freeze(); 393 cifs_server_lock(server); 394 395 if (!cifs_swn_set_server_dstaddr(server) && 396 !SERVER_IS_CHAN(server)) { 397 /* resolve the hostname again to make sure that IP address is up-to-date */ 398 rc = reconn_set_ipaddr_from_hostname(server); 399 cifs_dbg(FYI, "%s: reconn_set_ipaddr_from_hostname: rc=%d\n", __func__, rc); 400 } 401 402 if (cifs_rdma_enabled(server)) 403 rc = smbd_reconnect(server); 404 else 405 rc = generic_ip_connect(server); 406 if (rc) { 407 cifs_server_unlock(server); 408 cifs_dbg(FYI, "%s: reconnect error %d\n", __func__, rc); 409 /* If was asked to reconnect only once, do not try it more times */ 410 if (once) 411 break; 412 msleep(3000); 413 } else { 414 atomic_inc(&tcpSesReconnectCount); 415 set_credits(server, 1); 416 spin_lock(&server->srv_lock); 417 if (server->tcpStatus != CifsExiting) 418 server->tcpStatus = CifsNeedNegotiate; 419 spin_unlock(&server->srv_lock); 420 cifs_swn_reset_server_dstaddr(server); 421 cifs_server_unlock(server); 422 mod_delayed_work(cifsiod_wq, &server->reconnect, 0); 423 } 424 } while (server->tcpStatus == CifsNeedReconnect); 425 426 spin_lock(&server->srv_lock); 427 if (server->tcpStatus == CifsNeedNegotiate) 428 mod_delayed_work(cifsiod_wq, &server->echo, 0); 429 spin_unlock(&server->srv_lock); 430 431 wake_up(&server->response_q); 432 return rc; 433 } 434 435 #ifdef CONFIG_CIFS_DFS_UPCALL 436 static int __reconnect_target_locked(struct TCP_Server_Info *server, 437 const char *target) 438 { 439 int rc; 440 char *hostname; 441 442 if (!cifs_swn_set_server_dstaddr(server)) { 443 if (server->hostname != target) { 444 hostname = extract_hostname(target); 445 if (!IS_ERR(hostname)) { 446 spin_lock(&server->srv_lock); 447 kfree(server->hostname); 448 server->hostname = hostname; 449 spin_unlock(&server->srv_lock); 450 } else { 451 cifs_dbg(FYI, "%s: couldn't extract hostname or address from dfs target: %ld\n", 452 __func__, PTR_ERR(hostname)); 453 cifs_dbg(FYI, "%s: default to last target server: %s\n", __func__, 454 server->hostname); 455 } 456 } 457 /* resolve the hostname again to make sure that IP address is up-to-date. */ 458 rc = reconn_set_ipaddr_from_hostname(server); 459 cifs_dbg(FYI, "%s: reconn_set_ipaddr_from_hostname: rc=%d\n", __func__, rc); 460 } 461 /* Reconnect the socket */ 462 if (cifs_rdma_enabled(server)) 463 rc = smbd_reconnect(server); 464 else 465 rc = generic_ip_connect(server); 466 467 return rc; 468 } 469 470 static int reconnect_target_locked(struct TCP_Server_Info *server, 471 struct dfs_cache_tgt_list *tl, 472 struct dfs_cache_tgt_iterator **target_hint) 473 { 474 struct dfs_cache_tgt_iterator *tit; 475 int rc; 476 477 *target_hint = NULL; 478 479 /* If dfs target list is empty, then reconnect to last server */ 480 tit = dfs_cache_get_tgt_iterator(tl); 481 if (!tit) 482 return __reconnect_target_locked(server, server->hostname); 483 484 /* Otherwise, try every dfs target in @tl */ 485 do { 486 const char *target = dfs_cache_get_tgt_name(tit); 487 488 spin_lock(&server->srv_lock); 489 if (server->tcpStatus != CifsNeedReconnect) { 490 spin_unlock(&server->srv_lock); 491 return -ECONNRESET; 492 } 493 spin_unlock(&server->srv_lock); 494 rc = __reconnect_target_locked(server, target); 495 if (!rc) { 496 *target_hint = tit; 497 break; 498 } 499 } while ((tit = dfs_cache_get_next_tgt(tl, tit))); 500 return rc; 501 } 502 503 static int reconnect_dfs_server(struct TCP_Server_Info *server) 504 { 505 struct dfs_cache_tgt_iterator *target_hint = NULL; 506 const char *ref_path = server->leaf_fullpath + 1; 507 DFS_CACHE_TGT_LIST(tl); 508 int num_targets = 0; 509 int rc = 0; 510 511 /* 512 * Determine the number of dfs targets the referral path in @cifs_sb resolves to. 513 * 514 * smb2_reconnect() needs to know how long it should wait based upon the number of dfs 515 * targets (server->nr_targets). It's also possible that the cached referral was cleared 516 * through /proc/fs/cifs/dfscache or the target list is empty due to server settings after 517 * refreshing the referral, so, in this case, default it to 1. 518 */ 519 if (!dfs_cache_noreq_find(ref_path, NULL, &tl)) 520 num_targets = dfs_cache_get_nr_tgts(&tl); 521 if (!num_targets) 522 num_targets = 1; 523 524 if (!cifs_tcp_ses_needs_reconnect(server, num_targets)) 525 return 0; 526 527 /* 528 * Unconditionally mark all sessions & tcons for reconnect as we might be connecting to a 529 * different server or share during failover. It could be improved by adding some logic to 530 * only do that in case it connects to a different server or share, though. 531 */ 532 cifs_mark_tcp_ses_conns_for_reconnect(server, true); 533 534 cifs_abort_connection(server); 535 536 do { 537 try_to_freeze(); 538 cifs_server_lock(server); 539 540 rc = reconnect_target_locked(server, &tl, &target_hint); 541 if (rc) { 542 /* Failed to reconnect socket */ 543 cifs_server_unlock(server); 544 cifs_dbg(FYI, "%s: reconnect error %d\n", __func__, rc); 545 msleep(3000); 546 continue; 547 } 548 /* 549 * Socket was created. Update tcp session status to CifsNeedNegotiate so that a 550 * process waiting for reconnect will know it needs to re-establish session and tcon 551 * through the reconnected target server. 552 */ 553 atomic_inc(&tcpSesReconnectCount); 554 set_credits(server, 1); 555 spin_lock(&server->srv_lock); 556 if (server->tcpStatus != CifsExiting) 557 server->tcpStatus = CifsNeedNegotiate; 558 spin_unlock(&server->srv_lock); 559 cifs_swn_reset_server_dstaddr(server); 560 cifs_server_unlock(server); 561 mod_delayed_work(cifsiod_wq, &server->reconnect, 0); 562 } while (server->tcpStatus == CifsNeedReconnect); 563 564 dfs_cache_noreq_update_tgthint(ref_path, target_hint); 565 dfs_cache_free_tgts(&tl); 566 567 /* Need to set up echo worker again once connection has been established */ 568 spin_lock(&server->srv_lock); 569 if (server->tcpStatus == CifsNeedNegotiate) 570 mod_delayed_work(cifsiod_wq, &server->echo, 0); 571 spin_unlock(&server->srv_lock); 572 573 wake_up(&server->response_q); 574 return rc; 575 } 576 577 static int 578 _cifs_reconnect(struct TCP_Server_Info *server, bool mark_smb_session, bool once) 579 { 580 if (!server->leaf_fullpath) 581 return __cifs_reconnect(server, mark_smb_session, once); 582 return reconnect_dfs_server(server); 583 } 584 #else 585 static int 586 _cifs_reconnect(struct TCP_Server_Info *server, bool mark_smb_session, bool once) 587 { 588 return __cifs_reconnect(server, mark_smb_session, once); 589 } 590 #endif 591 592 int 593 cifs_reconnect(struct TCP_Server_Info *server, bool mark_smb_session) 594 { 595 return _cifs_reconnect(server, mark_smb_session, false); 596 } 597 598 static int 599 cifs_reconnect_once(struct TCP_Server_Info *server) 600 { 601 return _cifs_reconnect(server, true, true); 602 } 603 604 static void 605 cifs_echo_request(struct work_struct *work) 606 { 607 int rc; 608 struct TCP_Server_Info *server = container_of(work, 609 struct TCP_Server_Info, echo.work); 610 611 /* 612 * We cannot send an echo if it is disabled. 613 * Also, no need to ping if we got a response recently. 614 */ 615 616 if (server->tcpStatus == CifsNeedReconnect || 617 server->tcpStatus == CifsExiting || 618 server->tcpStatus == CifsNew || 619 (server->ops->can_echo && !server->ops->can_echo(server)) || 620 time_before(jiffies, server->lstrp + server->echo_interval - HZ)) 621 goto requeue_echo; 622 623 rc = server->ops->echo ? server->ops->echo(server) : -ENOSYS; 624 cifs_server_dbg(FYI, "send echo request: rc = %d\n", rc); 625 626 /* Check witness registrations */ 627 cifs_swn_check(); 628 629 requeue_echo: 630 queue_delayed_work(cifsiod_wq, &server->echo, server->echo_interval); 631 } 632 633 static bool 634 allocate_buffers(struct TCP_Server_Info *server) 635 { 636 if (!server->bigbuf) { 637 server->bigbuf = (char *)cifs_buf_get(); 638 if (!server->bigbuf) { 639 cifs_server_dbg(VFS, "No memory for large SMB response\n"); 640 msleep(3000); 641 /* retry will check if exiting */ 642 return false; 643 } 644 } else if (server->large_buf) { 645 /* we are reusing a dirty large buf, clear its start */ 646 memset(server->bigbuf, 0, HEADER_SIZE(server)); 647 } 648 649 if (!server->smallbuf) { 650 server->smallbuf = (char *)cifs_small_buf_get(); 651 if (!server->smallbuf) { 652 cifs_server_dbg(VFS, "No memory for SMB response\n"); 653 msleep(1000); 654 /* retry will check if exiting */ 655 return false; 656 } 657 /* beginning of smb buffer is cleared in our buf_get */ 658 } else { 659 /* if existing small buf clear beginning */ 660 memset(server->smallbuf, 0, HEADER_SIZE(server)); 661 } 662 663 return true; 664 } 665 666 static bool 667 server_unresponsive(struct TCP_Server_Info *server) 668 { 669 /* 670 * If we're in the process of mounting a share or reconnecting a session 671 * and the server abruptly shut down (e.g. socket wasn't closed, packet 672 * had been ACK'ed but no SMB response), don't wait longer than 20s to 673 * negotiate protocol. 674 */ 675 spin_lock(&server->srv_lock); 676 if (server->tcpStatus == CifsInNegotiate && 677 time_after(jiffies, server->lstrp + 20 * HZ)) { 678 spin_unlock(&server->srv_lock); 679 cifs_reconnect(server, false); 680 return true; 681 } 682 /* 683 * We need to wait 3 echo intervals to make sure we handle such 684 * situations right: 685 * 1s client sends a normal SMB request 686 * 2s client gets a response 687 * 30s echo workqueue job pops, and decides we got a response recently 688 * and don't need to send another 689 * ... 690 * 65s kernel_recvmsg times out, and we see that we haven't gotten 691 * a response in >60s. 692 */ 693 if ((server->tcpStatus == CifsGood || 694 server->tcpStatus == CifsNeedNegotiate) && 695 (!server->ops->can_echo || server->ops->can_echo(server)) && 696 time_after(jiffies, server->lstrp + 3 * server->echo_interval)) { 697 spin_unlock(&server->srv_lock); 698 cifs_server_dbg(VFS, "has not responded in %lu seconds. Reconnecting...\n", 699 (3 * server->echo_interval) / HZ); 700 cifs_reconnect(server, false); 701 return true; 702 } 703 spin_unlock(&server->srv_lock); 704 705 return false; 706 } 707 708 static inline bool 709 zero_credits(struct TCP_Server_Info *server) 710 { 711 int val; 712 713 spin_lock(&server->req_lock); 714 val = server->credits + server->echo_credits + server->oplock_credits; 715 if (server->in_flight == 0 && val == 0) { 716 spin_unlock(&server->req_lock); 717 return true; 718 } 719 spin_unlock(&server->req_lock); 720 return false; 721 } 722 723 static int 724 cifs_readv_from_socket(struct TCP_Server_Info *server, struct msghdr *smb_msg) 725 { 726 int length = 0; 727 int total_read; 728 729 for (total_read = 0; msg_data_left(smb_msg); total_read += length) { 730 try_to_freeze(); 731 732 /* reconnect if no credits and no requests in flight */ 733 if (zero_credits(server)) { 734 cifs_reconnect(server, false); 735 return -ECONNABORTED; 736 } 737 738 if (server_unresponsive(server)) 739 return -ECONNABORTED; 740 if (cifs_rdma_enabled(server) && server->smbd_conn) 741 length = smbd_recv(server->smbd_conn, smb_msg); 742 else 743 length = sock_recvmsg(server->ssocket, smb_msg, 0); 744 745 spin_lock(&server->srv_lock); 746 if (server->tcpStatus == CifsExiting) { 747 spin_unlock(&server->srv_lock); 748 return -ESHUTDOWN; 749 } 750 751 if (server->tcpStatus == CifsNeedReconnect) { 752 spin_unlock(&server->srv_lock); 753 cifs_reconnect(server, false); 754 return -ECONNABORTED; 755 } 756 spin_unlock(&server->srv_lock); 757 758 if (length == -ERESTARTSYS || 759 length == -EAGAIN || 760 length == -EINTR) { 761 /* 762 * Minimum sleep to prevent looping, allowing socket 763 * to clear and app threads to set tcpStatus 764 * CifsNeedReconnect if server hung. 765 */ 766 usleep_range(1000, 2000); 767 length = 0; 768 continue; 769 } 770 771 if (length <= 0) { 772 cifs_dbg(FYI, "Received no data or error: %d\n", length); 773 cifs_reconnect(server, false); 774 return -ECONNABORTED; 775 } 776 } 777 return total_read; 778 } 779 780 int 781 cifs_read_from_socket(struct TCP_Server_Info *server, char *buf, 782 unsigned int to_read) 783 { 784 struct msghdr smb_msg = {}; 785 struct kvec iov = {.iov_base = buf, .iov_len = to_read}; 786 787 iov_iter_kvec(&smb_msg.msg_iter, ITER_DEST, &iov, 1, to_read); 788 789 return cifs_readv_from_socket(server, &smb_msg); 790 } 791 792 ssize_t 793 cifs_discard_from_socket(struct TCP_Server_Info *server, size_t to_read) 794 { 795 struct msghdr smb_msg = {}; 796 797 /* 798 * iov_iter_discard already sets smb_msg.type and count and iov_offset 799 * and cifs_readv_from_socket sets msg_control and msg_controllen 800 * so little to initialize in struct msghdr 801 */ 802 iov_iter_discard(&smb_msg.msg_iter, ITER_DEST, to_read); 803 804 return cifs_readv_from_socket(server, &smb_msg); 805 } 806 807 int 808 cifs_read_iter_from_socket(struct TCP_Server_Info *server, struct iov_iter *iter, 809 unsigned int to_read) 810 { 811 struct msghdr smb_msg = { .msg_iter = *iter }; 812 813 iov_iter_truncate(&smb_msg.msg_iter, to_read); 814 return cifs_readv_from_socket(server, &smb_msg); 815 } 816 817 static bool 818 is_smb_response(struct TCP_Server_Info *server, unsigned char type) 819 { 820 /* 821 * The first byte big endian of the length field, 822 * is actually not part of the length but the type 823 * with the most common, zero, as regular data. 824 */ 825 switch (type) { 826 case RFC1002_SESSION_MESSAGE: 827 /* Regular SMB response */ 828 return true; 829 case RFC1002_SESSION_KEEP_ALIVE: 830 /* 831 * RFC 1002 session keep alive can sent by the server only when 832 * we established a RFC 1002 session. But Samba servers send 833 * RFC 1002 session keep alive also over port 445 on which 834 * RFC 1002 session is not established. 835 */ 836 cifs_dbg(FYI, "RFC 1002 session keep alive\n"); 837 break; 838 case RFC1002_POSITIVE_SESSION_RESPONSE: 839 /* 840 * RFC 1002 positive session response cannot be returned 841 * for SMB request. RFC 1002 session response is handled 842 * exclusively in ip_rfc1001_connect() function. 843 */ 844 cifs_server_dbg(VFS, "RFC 1002 positive session response (unexpected)\n"); 845 cifs_reconnect(server, true); 846 break; 847 case RFC1002_NEGATIVE_SESSION_RESPONSE: 848 /* 849 * We get this from Windows 98 instead of an error on 850 * SMB negprot response, when we have not established 851 * RFC 1002 session (which means ip_rfc1001_connect() 852 * was skipped). Note that same still happens with 853 * Windows Server 2022 when connecting via port 139. 854 * So for this case when mount option -o nonbsessinit 855 * was not specified, try to reconnect with establishing 856 * RFC 1002 session. If new socket establishment with 857 * RFC 1002 session was successful then return to the 858 * mid's caller -EAGAIN, so it can retry the request. 859 */ 860 if (!cifs_rdma_enabled(server) && 861 server->tcpStatus == CifsInNegotiate && 862 !server->with_rfc1001 && 863 server->rfc1001_sessinit != 0) { 864 int rc, mid_rc; 865 struct mid_q_entry *mid, *nmid; 866 LIST_HEAD(dispose_list); 867 868 cifs_dbg(FYI, "RFC 1002 negative session response during SMB Negotiate, retrying with NetBIOS session\n"); 869 870 /* 871 * Before reconnect, delete all pending mids for this 872 * server, so reconnect would not signal connection 873 * aborted error to mid's callbacks. Note that for this 874 * server there should be exactly one pending mid 875 * corresponding to SMB1/SMB2 Negotiate packet. 876 */ 877 spin_lock(&server->mid_lock); 878 list_for_each_entry_safe(mid, nmid, &server->pending_mid_q, qhead) { 879 kref_get(&mid->refcount); 880 list_move(&mid->qhead, &dispose_list); 881 mid->mid_flags |= MID_DELETED; 882 } 883 spin_unlock(&server->mid_lock); 884 885 /* Now try to reconnect once with NetBIOS session. */ 886 server->with_rfc1001 = true; 887 rc = cifs_reconnect_once(server); 888 889 /* 890 * If reconnect was successful then indicate -EAGAIN 891 * to mid's caller. If reconnect failed with -EAGAIN 892 * then mask it as -EHOSTDOWN, so mid's caller would 893 * know that it failed. 894 */ 895 if (rc == 0) 896 mid_rc = -EAGAIN; 897 else if (rc == -EAGAIN) 898 mid_rc = -EHOSTDOWN; 899 else 900 mid_rc = rc; 901 902 /* 903 * After reconnect (either successful or unsuccessful) 904 * deliver reconnect status to mid's caller via mid's 905 * callback. Use MID_RC state which indicates that the 906 * return code should be read from mid_rc member. 907 */ 908 list_for_each_entry_safe(mid, nmid, &dispose_list, qhead) { 909 list_del_init(&mid->qhead); 910 mid->mid_rc = mid_rc; 911 mid->mid_state = MID_RC; 912 mid->callback(mid); 913 release_mid(mid); 914 } 915 916 /* 917 * If reconnect failed then wait two seconds. In most 918 * cases we were been called from the mount context and 919 * delivered failure to mid's callback will stop this 920 * receiver task thread and fails the mount process. 921 * So wait two seconds to prevent another reconnect 922 * in this task thread, which would be useless as the 923 * mount context will fail at all. 924 */ 925 if (rc != 0) 926 msleep(2000); 927 } else { 928 cifs_server_dbg(VFS, "RFC 1002 negative session response (unexpected)\n"); 929 cifs_reconnect(server, true); 930 } 931 break; 932 case RFC1002_RETARGET_SESSION_RESPONSE: 933 cifs_server_dbg(VFS, "RFC 1002 retarget session response (unexpected)\n"); 934 cifs_reconnect(server, true); 935 break; 936 default: 937 cifs_server_dbg(VFS, "RFC 1002 unknown response type 0x%x\n", type); 938 cifs_reconnect(server, true); 939 } 940 941 return false; 942 } 943 944 void 945 dequeue_mid(struct mid_q_entry *mid, bool malformed) 946 { 947 #ifdef CONFIG_CIFS_STATS2 948 mid->when_received = jiffies; 949 #endif 950 spin_lock(&mid->server->mid_lock); 951 if (!malformed) 952 mid->mid_state = MID_RESPONSE_RECEIVED; 953 else 954 mid->mid_state = MID_RESPONSE_MALFORMED; 955 /* 956 * Trying to handle/dequeue a mid after the send_recv() 957 * function has finished processing it is a bug. 958 */ 959 if (mid->mid_flags & MID_DELETED) { 960 spin_unlock(&mid->server->mid_lock); 961 pr_warn_once("trying to dequeue a deleted mid\n"); 962 } else { 963 list_del_init(&mid->qhead); 964 mid->mid_flags |= MID_DELETED; 965 spin_unlock(&mid->server->mid_lock); 966 } 967 } 968 969 static unsigned int 970 smb2_get_credits_from_hdr(char *buffer, struct TCP_Server_Info *server) 971 { 972 struct smb2_hdr *shdr = (struct smb2_hdr *)buffer; 973 974 /* 975 * SMB1 does not use credits. 976 */ 977 if (is_smb1(server)) 978 return 0; 979 980 return le16_to_cpu(shdr->CreditRequest); 981 } 982 983 static void 984 handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server, 985 char *buf, int malformed) 986 { 987 if (server->ops->check_trans2 && 988 server->ops->check_trans2(mid, server, buf, malformed)) 989 return; 990 mid->credits_received = smb2_get_credits_from_hdr(buf, server); 991 mid->resp_buf = buf; 992 mid->large_buf = server->large_buf; 993 /* Was previous buf put in mpx struct for multi-rsp? */ 994 if (!mid->multiRsp) { 995 /* smb buffer will be freed by user thread */ 996 if (server->large_buf) 997 server->bigbuf = NULL; 998 else 999 server->smallbuf = NULL; 1000 } 1001 dequeue_mid(mid, malformed); 1002 } 1003 1004 int 1005 cifs_enable_signing(struct TCP_Server_Info *server, bool mnt_sign_required) 1006 { 1007 bool srv_sign_required = server->sec_mode & server->vals->signing_required; 1008 bool srv_sign_enabled = server->sec_mode & server->vals->signing_enabled; 1009 bool mnt_sign_enabled; 1010 1011 /* 1012 * Is signing required by mnt options? If not then check 1013 * global_secflags to see if it is there. 1014 */ 1015 if (!mnt_sign_required) 1016 mnt_sign_required = ((global_secflags & CIFSSEC_MUST_SIGN) == 1017 CIFSSEC_MUST_SIGN); 1018 1019 /* 1020 * If signing is required then it's automatically enabled too, 1021 * otherwise, check to see if the secflags allow it. 1022 */ 1023 mnt_sign_enabled = mnt_sign_required ? mnt_sign_required : 1024 (global_secflags & CIFSSEC_MAY_SIGN); 1025 1026 /* If server requires signing, does client allow it? */ 1027 if (srv_sign_required) { 1028 if (!mnt_sign_enabled) { 1029 cifs_dbg(VFS, "Server requires signing, but it's disabled in SecurityFlags!\n"); 1030 return -EOPNOTSUPP; 1031 } 1032 server->sign = true; 1033 } 1034 1035 /* If client requires signing, does server allow it? */ 1036 if (mnt_sign_required) { 1037 if (!srv_sign_enabled) { 1038 cifs_dbg(VFS, "Server does not support signing!\n"); 1039 return -EOPNOTSUPP; 1040 } 1041 server->sign = true; 1042 } 1043 1044 if (cifs_rdma_enabled(server) && server->sign) 1045 cifs_dbg(VFS, "Signing is enabled, and RDMA read/write will be disabled\n"); 1046 1047 return 0; 1048 } 1049 1050 static noinline_for_stack void 1051 clean_demultiplex_info(struct TCP_Server_Info *server) 1052 { 1053 int length; 1054 1055 /* take it off the list, if it's not already */ 1056 spin_lock(&server->srv_lock); 1057 list_del_init(&server->tcp_ses_list); 1058 spin_unlock(&server->srv_lock); 1059 1060 cancel_delayed_work_sync(&server->echo); 1061 1062 spin_lock(&server->srv_lock); 1063 server->tcpStatus = CifsExiting; 1064 spin_unlock(&server->srv_lock); 1065 wake_up_all(&server->response_q); 1066 1067 /* check if we have blocked requests that need to free */ 1068 spin_lock(&server->req_lock); 1069 if (server->credits <= 0) 1070 server->credits = 1; 1071 spin_unlock(&server->req_lock); 1072 /* 1073 * Although there should not be any requests blocked on this queue it 1074 * can not hurt to be paranoid and try to wake up requests that may 1075 * haven been blocked when more than 50 at time were on the wire to the 1076 * same server - they now will see the session is in exit state and get 1077 * out of SendReceive. 1078 */ 1079 wake_up_all(&server->request_q); 1080 /* give those requests time to exit */ 1081 msleep(125); 1082 if (cifs_rdma_enabled(server)) 1083 smbd_destroy(server); 1084 if (server->ssocket) { 1085 sock_release(server->ssocket); 1086 server->ssocket = NULL; 1087 } 1088 1089 if (!list_empty(&server->pending_mid_q)) { 1090 struct mid_q_entry *mid_entry; 1091 struct list_head *tmp, *tmp2; 1092 LIST_HEAD(dispose_list); 1093 1094 spin_lock(&server->mid_lock); 1095 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) { 1096 mid_entry = list_entry(tmp, struct mid_q_entry, qhead); 1097 cifs_dbg(FYI, "Clearing mid %llu\n", mid_entry->mid); 1098 kref_get(&mid_entry->refcount); 1099 mid_entry->mid_state = MID_SHUTDOWN; 1100 list_move(&mid_entry->qhead, &dispose_list); 1101 mid_entry->mid_flags |= MID_DELETED; 1102 } 1103 spin_unlock(&server->mid_lock); 1104 1105 /* now walk dispose list and issue callbacks */ 1106 list_for_each_safe(tmp, tmp2, &dispose_list) { 1107 mid_entry = list_entry(tmp, struct mid_q_entry, qhead); 1108 cifs_dbg(FYI, "Callback mid %llu\n", mid_entry->mid); 1109 list_del_init(&mid_entry->qhead); 1110 mid_entry->callback(mid_entry); 1111 release_mid(mid_entry); 1112 } 1113 /* 1/8th of sec is more than enough time for them to exit */ 1114 msleep(125); 1115 } 1116 1117 if (!list_empty(&server->pending_mid_q)) { 1118 /* 1119 * mpx threads have not exited yet give them at least the smb 1120 * send timeout time for long ops. 1121 * 1122 * Due to delays on oplock break requests, we need to wait at 1123 * least 45 seconds before giving up on a request getting a 1124 * response and going ahead and killing cifsd. 1125 */ 1126 cifs_dbg(FYI, "Wait for exit from demultiplex thread\n"); 1127 msleep(46000); 1128 /* 1129 * If threads still have not exited they are probably never 1130 * coming home not much else we can do but free the memory. 1131 */ 1132 } 1133 1134 put_net(cifs_net_ns(server)); 1135 kfree(server->leaf_fullpath); 1136 kfree(server->hostname); 1137 kfree(server); 1138 1139 length = atomic_dec_return(&tcpSesAllocCount); 1140 if (length > 0) 1141 mempool_resize(cifs_req_poolp, length + cifs_min_rcv); 1142 } 1143 1144 static int 1145 standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid) 1146 { 1147 int length; 1148 char *buf = server->smallbuf; 1149 unsigned int pdu_length = server->pdu_size; 1150 1151 /* make sure this will fit in a large buffer */ 1152 if (pdu_length > CIFSMaxBufSize + MAX_HEADER_SIZE(server) - 1153 HEADER_PREAMBLE_SIZE(server)) { 1154 cifs_server_dbg(VFS, "SMB response too long (%u bytes)\n", pdu_length); 1155 cifs_reconnect(server, true); 1156 return -ECONNABORTED; 1157 } 1158 1159 /* switch to large buffer if too big for a small one */ 1160 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) { 1161 server->large_buf = true; 1162 memcpy(server->bigbuf, buf, server->total_read); 1163 buf = server->bigbuf; 1164 } 1165 1166 /* now read the rest */ 1167 length = cifs_read_from_socket(server, buf + HEADER_SIZE(server) - 1, 1168 pdu_length - MID_HEADER_SIZE(server)); 1169 1170 if (length < 0) 1171 return length; 1172 server->total_read += length; 1173 1174 dump_smb(buf, server->total_read); 1175 1176 return cifs_handle_standard(server, mid); 1177 } 1178 1179 int 1180 cifs_handle_standard(struct TCP_Server_Info *server, struct mid_q_entry *mid) 1181 { 1182 char *buf = server->large_buf ? server->bigbuf : server->smallbuf; 1183 int rc; 1184 1185 /* 1186 * We know that we received enough to get to the MID as we 1187 * checked the pdu_length earlier. Now check to see 1188 * if the rest of the header is OK. 1189 * 1190 * 48 bytes is enough to display the header and a little bit 1191 * into the payload for debugging purposes. 1192 */ 1193 rc = server->ops->check_message(buf, server->total_read, server); 1194 if (rc) 1195 cifs_dump_mem("Bad SMB: ", buf, 1196 min_t(unsigned int, server->total_read, 48)); 1197 1198 if (server->ops->is_session_expired && 1199 server->ops->is_session_expired(buf)) { 1200 cifs_reconnect(server, true); 1201 return -1; 1202 } 1203 1204 if (server->ops->is_status_pending && 1205 server->ops->is_status_pending(buf, server)) 1206 return -1; 1207 1208 if (!mid) 1209 return rc; 1210 1211 handle_mid(mid, server, buf, rc); 1212 return 0; 1213 } 1214 1215 static void 1216 smb2_add_credits_from_hdr(char *buffer, struct TCP_Server_Info *server) 1217 { 1218 struct smb2_hdr *shdr = (struct smb2_hdr *)buffer; 1219 int scredits, in_flight; 1220 1221 /* 1222 * SMB1 does not use credits. 1223 */ 1224 if (is_smb1(server)) 1225 return; 1226 1227 if (shdr->CreditRequest) { 1228 spin_lock(&server->req_lock); 1229 server->credits += le16_to_cpu(shdr->CreditRequest); 1230 scredits = server->credits; 1231 in_flight = server->in_flight; 1232 spin_unlock(&server->req_lock); 1233 wake_up(&server->request_q); 1234 1235 trace_smb3_hdr_credits(server->CurrentMid, 1236 server->conn_id, server->hostname, scredits, 1237 le16_to_cpu(shdr->CreditRequest), in_flight); 1238 cifs_server_dbg(FYI, "%s: added %u credits total=%d\n", 1239 __func__, le16_to_cpu(shdr->CreditRequest), 1240 scredits); 1241 } 1242 } 1243 1244 1245 static int 1246 cifs_demultiplex_thread(void *p) 1247 { 1248 int i, num_mids, length; 1249 struct TCP_Server_Info *server = p; 1250 unsigned int pdu_length; 1251 unsigned int next_offset; 1252 char *buf = NULL; 1253 struct task_struct *task_to_wake = NULL; 1254 struct mid_q_entry *mids[MAX_COMPOUND]; 1255 char *bufs[MAX_COMPOUND]; 1256 unsigned int noreclaim_flag, num_io_timeout = 0; 1257 bool pending_reconnect = false; 1258 1259 noreclaim_flag = memalloc_noreclaim_save(); 1260 cifs_dbg(FYI, "Demultiplex PID: %d\n", task_pid_nr(current)); 1261 1262 length = atomic_inc_return(&tcpSesAllocCount); 1263 if (length > 1) 1264 mempool_resize(cifs_req_poolp, length + cifs_min_rcv); 1265 1266 set_freezable(); 1267 allow_kernel_signal(SIGKILL); 1268 while (server->tcpStatus != CifsExiting) { 1269 if (try_to_freeze()) 1270 continue; 1271 1272 if (!allocate_buffers(server)) 1273 continue; 1274 1275 server->large_buf = false; 1276 buf = server->smallbuf; 1277 pdu_length = 4; /* enough to get RFC1001 header */ 1278 1279 length = cifs_read_from_socket(server, buf, pdu_length); 1280 if (length < 0) 1281 continue; 1282 1283 if (is_smb1(server)) 1284 server->total_read = length; 1285 else 1286 server->total_read = 0; 1287 1288 /* 1289 * The right amount was read from socket - 4 bytes, 1290 * so we can now interpret the length field. 1291 */ 1292 pdu_length = get_rfc1002_length(buf); 1293 1294 cifs_dbg(FYI, "RFC1002 header 0x%x\n", pdu_length); 1295 if (!is_smb_response(server, buf[0])) 1296 continue; 1297 1298 pending_reconnect = false; 1299 next_pdu: 1300 server->pdu_size = pdu_length; 1301 1302 /* make sure we have enough to get to the MID */ 1303 if (server->pdu_size < MID_HEADER_SIZE(server)) { 1304 cifs_server_dbg(VFS, "SMB response too short (%u bytes)\n", 1305 server->pdu_size); 1306 cifs_reconnect(server, true); 1307 continue; 1308 } 1309 1310 /* read down to the MID */ 1311 length = cifs_read_from_socket(server, 1312 buf + HEADER_PREAMBLE_SIZE(server), 1313 MID_HEADER_SIZE(server)); 1314 if (length < 0) 1315 continue; 1316 server->total_read += length; 1317 1318 if (server->ops->next_header) { 1319 if (server->ops->next_header(server, buf, &next_offset)) { 1320 cifs_dbg(VFS, "%s: malformed response (next_offset=%u)\n", 1321 __func__, next_offset); 1322 cifs_reconnect(server, true); 1323 continue; 1324 } 1325 if (next_offset) 1326 server->pdu_size = next_offset; 1327 } 1328 1329 memset(mids, 0, sizeof(mids)); 1330 memset(bufs, 0, sizeof(bufs)); 1331 num_mids = 0; 1332 1333 if (server->ops->is_transform_hdr && 1334 server->ops->receive_transform && 1335 server->ops->is_transform_hdr(buf)) { 1336 length = server->ops->receive_transform(server, 1337 mids, 1338 bufs, 1339 &num_mids); 1340 } else { 1341 mids[0] = server->ops->find_mid(server, buf); 1342 bufs[0] = buf; 1343 num_mids = 1; 1344 1345 if (!mids[0] || !mids[0]->receive) 1346 length = standard_receive3(server, mids[0]); 1347 else 1348 length = mids[0]->receive(server, mids[0]); 1349 } 1350 1351 if (length < 0) { 1352 for (i = 0; i < num_mids; i++) 1353 if (mids[i]) 1354 release_mid(mids[i]); 1355 continue; 1356 } 1357 1358 if (server->ops->is_status_io_timeout && 1359 server->ops->is_status_io_timeout(buf)) { 1360 num_io_timeout++; 1361 if (num_io_timeout > MAX_STATUS_IO_TIMEOUT) { 1362 cifs_server_dbg(VFS, 1363 "Number of request timeouts exceeded %d. Reconnecting", 1364 MAX_STATUS_IO_TIMEOUT); 1365 1366 pending_reconnect = true; 1367 num_io_timeout = 0; 1368 } 1369 } 1370 1371 server->lstrp = jiffies; 1372 1373 for (i = 0; i < num_mids; i++) { 1374 if (mids[i] != NULL) { 1375 mids[i]->resp_buf_size = server->pdu_size; 1376 1377 if (bufs[i] != NULL) { 1378 if (server->ops->is_network_name_deleted && 1379 server->ops->is_network_name_deleted(bufs[i], 1380 server)) { 1381 cifs_server_dbg(FYI, 1382 "Share deleted. Reconnect needed"); 1383 } 1384 } 1385 1386 if (!mids[i]->multiRsp || mids[i]->multiEnd) 1387 mids[i]->callback(mids[i]); 1388 1389 release_mid(mids[i]); 1390 } else if (server->ops->is_oplock_break && 1391 server->ops->is_oplock_break(bufs[i], 1392 server)) { 1393 smb2_add_credits_from_hdr(bufs[i], server); 1394 cifs_dbg(FYI, "Received oplock break\n"); 1395 } else { 1396 cifs_server_dbg(VFS, "No task to wake, unknown frame received! NumMids %d\n", 1397 atomic_read(&mid_count)); 1398 cifs_dump_mem("Received Data is: ", bufs[i], 1399 HEADER_SIZE(server)); 1400 smb2_add_credits_from_hdr(bufs[i], server); 1401 #ifdef CONFIG_CIFS_DEBUG2 1402 if (server->ops->dump_detail) 1403 server->ops->dump_detail(bufs[i], 1404 server); 1405 cifs_dump_mids(server); 1406 #endif /* CIFS_DEBUG2 */ 1407 } 1408 } 1409 1410 if (pdu_length > server->pdu_size) { 1411 if (!allocate_buffers(server)) 1412 continue; 1413 pdu_length -= server->pdu_size; 1414 server->total_read = 0; 1415 server->large_buf = false; 1416 buf = server->smallbuf; 1417 goto next_pdu; 1418 } 1419 1420 /* do this reconnect at the very end after processing all MIDs */ 1421 if (pending_reconnect) 1422 cifs_reconnect(server, true); 1423 1424 } /* end while !EXITING */ 1425 1426 /* buffer usually freed in free_mid - need to free it here on exit */ 1427 cifs_buf_release(server->bigbuf); 1428 if (server->smallbuf) /* no sense logging a debug message if NULL */ 1429 cifs_small_buf_release(server->smallbuf); 1430 1431 task_to_wake = xchg(&server->tsk, NULL); 1432 clean_demultiplex_info(server); 1433 1434 /* if server->tsk was NULL then wait for a signal before exiting */ 1435 if (!task_to_wake) { 1436 set_current_state(TASK_INTERRUPTIBLE); 1437 while (!signal_pending(current)) { 1438 schedule(); 1439 set_current_state(TASK_INTERRUPTIBLE); 1440 } 1441 set_current_state(TASK_RUNNING); 1442 } 1443 1444 memalloc_noreclaim_restore(noreclaim_flag); 1445 module_put_and_kthread_exit(0); 1446 } 1447 1448 int 1449 cifs_ipaddr_cmp(struct sockaddr *srcaddr, struct sockaddr *rhs) 1450 { 1451 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr; 1452 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs; 1453 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr; 1454 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)rhs; 1455 1456 switch (srcaddr->sa_family) { 1457 case AF_UNSPEC: 1458 switch (rhs->sa_family) { 1459 case AF_UNSPEC: 1460 return 0; 1461 case AF_INET: 1462 case AF_INET6: 1463 return 1; 1464 default: 1465 return -1; 1466 } 1467 case AF_INET: { 1468 switch (rhs->sa_family) { 1469 case AF_UNSPEC: 1470 return -1; 1471 case AF_INET: 1472 return memcmp(saddr4, vaddr4, 1473 sizeof(struct sockaddr_in)); 1474 case AF_INET6: 1475 return 1; 1476 default: 1477 return -1; 1478 } 1479 } 1480 case AF_INET6: { 1481 switch (rhs->sa_family) { 1482 case AF_UNSPEC: 1483 case AF_INET: 1484 return -1; 1485 case AF_INET6: 1486 return memcmp(saddr6, 1487 vaddr6, 1488 sizeof(struct sockaddr_in6)); 1489 default: 1490 return -1; 1491 } 1492 } 1493 default: 1494 return -1; /* don't expect to be here */ 1495 } 1496 } 1497 1498 /* 1499 * Returns true if srcaddr isn't specified and rhs isn't specified, or 1500 * if srcaddr is specified and matches the IP address of the rhs argument 1501 */ 1502 bool 1503 cifs_match_ipaddr(struct sockaddr *srcaddr, struct sockaddr *rhs) 1504 { 1505 switch (srcaddr->sa_family) { 1506 case AF_UNSPEC: 1507 return (rhs->sa_family == AF_UNSPEC); 1508 case AF_INET: { 1509 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr; 1510 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs; 1511 1512 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr); 1513 } 1514 case AF_INET6: { 1515 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr; 1516 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)rhs; 1517 1518 return (ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr) 1519 && saddr6->sin6_scope_id == vaddr6->sin6_scope_id); 1520 } 1521 default: 1522 WARN_ON(1); 1523 return false; /* don't expect to be here */ 1524 } 1525 } 1526 1527 /* 1528 * If no port is specified in addr structure, we try to match with 445 port 1529 * and if it fails - with 139 ports. It should be called only if address 1530 * families of server and addr are equal. 1531 */ 1532 static bool 1533 match_port(struct TCP_Server_Info *server, struct sockaddr *addr) 1534 { 1535 __be16 port, *sport; 1536 1537 /* SMBDirect manages its own ports, don't match it here */ 1538 if (server->rdma) 1539 return true; 1540 1541 switch (addr->sa_family) { 1542 case AF_INET: 1543 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port; 1544 port = ((struct sockaddr_in *) addr)->sin_port; 1545 break; 1546 case AF_INET6: 1547 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port; 1548 port = ((struct sockaddr_in6 *) addr)->sin6_port; 1549 break; 1550 default: 1551 WARN_ON(1); 1552 return false; 1553 } 1554 1555 if (!port) { 1556 port = htons(CIFS_PORT); 1557 if (port == *sport) 1558 return true; 1559 1560 port = htons(RFC1001_PORT); 1561 } 1562 1563 return port == *sport; 1564 } 1565 1566 static bool match_server_address(struct TCP_Server_Info *server, struct sockaddr *addr) 1567 { 1568 if (!cifs_match_ipaddr(addr, (struct sockaddr *)&server->dstaddr)) 1569 return false; 1570 1571 return true; 1572 } 1573 1574 static bool 1575 match_security(struct TCP_Server_Info *server, struct smb3_fs_context *ctx) 1576 { 1577 /* 1578 * The select_sectype function should either return the ctx->sectype 1579 * that was specified, or "Unspecified" if that sectype was not 1580 * compatible with the given NEGOTIATE request. 1581 */ 1582 if (server->ops->select_sectype(server, ctx->sectype) 1583 == Unspecified) 1584 return false; 1585 1586 /* 1587 * Now check if signing mode is acceptable. No need to check 1588 * global_secflags at this point since if MUST_SIGN is set then 1589 * the server->sign had better be too. 1590 */ 1591 if (ctx->sign && !server->sign) 1592 return false; 1593 1594 return true; 1595 } 1596 1597 /* this function must be called with srv_lock held */ 1598 static int match_server(struct TCP_Server_Info *server, 1599 struct smb3_fs_context *ctx, 1600 bool match_super) 1601 { 1602 struct sockaddr *addr = (struct sockaddr *)&ctx->dstaddr; 1603 1604 lockdep_assert_held(&server->srv_lock); 1605 1606 if (ctx->nosharesock) 1607 return 0; 1608 1609 /* this server does not share socket */ 1610 if (server->nosharesock) 1611 return 0; 1612 1613 if (!match_super && (ctx->dfs_conn || server->dfs_conn)) 1614 return 0; 1615 1616 /* If multidialect negotiation see if existing sessions match one */ 1617 if (strcmp(ctx->vals->version_string, SMB3ANY_VERSION_STRING) == 0) { 1618 if (server->vals->protocol_id < SMB30_PROT_ID) 1619 return 0; 1620 } else if (strcmp(ctx->vals->version_string, 1621 SMBDEFAULT_VERSION_STRING) == 0) { 1622 if (server->vals->protocol_id < SMB21_PROT_ID) 1623 return 0; 1624 } else if ((server->vals != ctx->vals) || (server->ops != ctx->ops)) 1625 return 0; 1626 1627 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns)) 1628 return 0; 1629 1630 if (!cifs_match_ipaddr((struct sockaddr *)&ctx->srcaddr, 1631 (struct sockaddr *)&server->srcaddr)) 1632 return 0; 1633 1634 if (strcasecmp(server->hostname, ctx->server_hostname) || 1635 !match_server_address(server, addr) || 1636 !match_port(server, addr)) 1637 return 0; 1638 1639 if (!match_security(server, ctx)) 1640 return 0; 1641 1642 if (server->echo_interval != ctx->echo_interval * HZ) 1643 return 0; 1644 1645 if (server->rdma != ctx->rdma) 1646 return 0; 1647 1648 if (server->ignore_signature != ctx->ignore_signature) 1649 return 0; 1650 1651 if (server->min_offload != ctx->min_offload) 1652 return 0; 1653 1654 if (server->retrans != ctx->retrans) 1655 return 0; 1656 1657 return 1; 1658 } 1659 1660 struct TCP_Server_Info * 1661 cifs_find_tcp_session(struct smb3_fs_context *ctx) 1662 { 1663 struct TCP_Server_Info *server; 1664 1665 spin_lock(&cifs_tcp_ses_lock); 1666 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) { 1667 spin_lock(&server->srv_lock); 1668 /* 1669 * Skip ses channels since they're only handled in lower layers 1670 * (e.g. cifs_send_recv). 1671 */ 1672 if (SERVER_IS_CHAN(server) || 1673 !match_server(server, ctx, false)) { 1674 spin_unlock(&server->srv_lock); 1675 continue; 1676 } 1677 spin_unlock(&server->srv_lock); 1678 1679 ++server->srv_count; 1680 spin_unlock(&cifs_tcp_ses_lock); 1681 cifs_dbg(FYI, "Existing tcp session with server found\n"); 1682 return server; 1683 } 1684 spin_unlock(&cifs_tcp_ses_lock); 1685 return NULL; 1686 } 1687 1688 void 1689 cifs_put_tcp_session(struct TCP_Server_Info *server, int from_reconnect) 1690 { 1691 struct task_struct *task; 1692 1693 spin_lock(&cifs_tcp_ses_lock); 1694 if (--server->srv_count > 0) { 1695 spin_unlock(&cifs_tcp_ses_lock); 1696 return; 1697 } 1698 1699 /* srv_count can never go negative */ 1700 WARN_ON(server->srv_count < 0); 1701 1702 list_del_init(&server->tcp_ses_list); 1703 spin_unlock(&cifs_tcp_ses_lock); 1704 1705 cancel_delayed_work_sync(&server->echo); 1706 1707 if (from_reconnect) 1708 /* 1709 * Avoid deadlock here: reconnect work calls 1710 * cifs_put_tcp_session() at its end. Need to be sure 1711 * that reconnect work does nothing with server pointer after 1712 * that step. 1713 */ 1714 cancel_delayed_work(&server->reconnect); 1715 else 1716 cancel_delayed_work_sync(&server->reconnect); 1717 1718 /* For secondary channels, we pick up ref-count on the primary server */ 1719 if (SERVER_IS_CHAN(server)) 1720 cifs_put_tcp_session(server->primary_server, from_reconnect); 1721 1722 spin_lock(&server->srv_lock); 1723 server->tcpStatus = CifsExiting; 1724 spin_unlock(&server->srv_lock); 1725 1726 cifs_crypto_secmech_release(server); 1727 1728 kfree_sensitive(server->session_key.response); 1729 server->session_key.response = NULL; 1730 server->session_key.len = 0; 1731 1732 task = xchg(&server->tsk, NULL); 1733 if (task) 1734 send_sig(SIGKILL, task, 1); 1735 } 1736 1737 struct TCP_Server_Info * 1738 cifs_get_tcp_session(struct smb3_fs_context *ctx, 1739 struct TCP_Server_Info *primary_server) 1740 { 1741 struct TCP_Server_Info *tcp_ses = NULL; 1742 int rc; 1743 1744 cifs_dbg(FYI, "UNC: %s\n", ctx->UNC); 1745 1746 /* see if we already have a matching tcp_ses */ 1747 tcp_ses = cifs_find_tcp_session(ctx); 1748 if (tcp_ses) 1749 return tcp_ses; 1750 1751 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL); 1752 if (!tcp_ses) { 1753 rc = -ENOMEM; 1754 goto out_err; 1755 } 1756 1757 tcp_ses->hostname = kstrdup(ctx->server_hostname, GFP_KERNEL); 1758 if (!tcp_ses->hostname) { 1759 rc = -ENOMEM; 1760 goto out_err; 1761 } 1762 1763 if (ctx->leaf_fullpath) { 1764 tcp_ses->leaf_fullpath = kstrdup(ctx->leaf_fullpath, GFP_KERNEL); 1765 if (!tcp_ses->leaf_fullpath) { 1766 rc = -ENOMEM; 1767 goto out_err; 1768 } 1769 } 1770 if (ctx->dns_dom) 1771 strscpy(tcp_ses->dns_dom, ctx->dns_dom); 1772 1773 if (ctx->nosharesock) 1774 tcp_ses->nosharesock = true; 1775 tcp_ses->dfs_conn = ctx->dfs_conn; 1776 1777 tcp_ses->ops = ctx->ops; 1778 tcp_ses->vals = ctx->vals; 1779 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns)); 1780 1781 tcp_ses->sign = ctx->sign; 1782 tcp_ses->conn_id = atomic_inc_return(&tcpSesNextId); 1783 tcp_ses->noblockcnt = ctx->rootfs; 1784 tcp_ses->noblocksnd = ctx->noblocksnd || ctx->rootfs; 1785 tcp_ses->noautotune = ctx->noautotune; 1786 tcp_ses->tcp_nodelay = ctx->sockopt_tcp_nodelay; 1787 tcp_ses->rdma = ctx->rdma; 1788 tcp_ses->in_flight = 0; 1789 tcp_ses->max_in_flight = 0; 1790 tcp_ses->credits = 1; 1791 if (primary_server) { 1792 spin_lock(&cifs_tcp_ses_lock); 1793 ++primary_server->srv_count; 1794 spin_unlock(&cifs_tcp_ses_lock); 1795 tcp_ses->primary_server = primary_server; 1796 } 1797 init_waitqueue_head(&tcp_ses->response_q); 1798 init_waitqueue_head(&tcp_ses->request_q); 1799 INIT_LIST_HEAD(&tcp_ses->pending_mid_q); 1800 mutex_init(&tcp_ses->_srv_mutex); 1801 memcpy(tcp_ses->workstation_RFC1001_name, 1802 ctx->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL); 1803 memcpy(tcp_ses->server_RFC1001_name, 1804 ctx->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL); 1805 tcp_ses->rfc1001_sessinit = ctx->rfc1001_sessinit; 1806 tcp_ses->with_rfc1001 = false; 1807 tcp_ses->session_estab = false; 1808 tcp_ses->sequence_number = 0; 1809 tcp_ses->channel_sequence_num = 0; /* only tracked for primary channel */ 1810 tcp_ses->reconnect_instance = 1; 1811 tcp_ses->lstrp = jiffies; 1812 tcp_ses->compression.requested = ctx->compress; 1813 spin_lock_init(&tcp_ses->req_lock); 1814 spin_lock_init(&tcp_ses->srv_lock); 1815 spin_lock_init(&tcp_ses->mid_lock); 1816 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list); 1817 INIT_LIST_HEAD(&tcp_ses->smb_ses_list); 1818 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request); 1819 INIT_DELAYED_WORK(&tcp_ses->reconnect, smb2_reconnect_server); 1820 mutex_init(&tcp_ses->reconnect_mutex); 1821 memcpy(&tcp_ses->srcaddr, &ctx->srcaddr, 1822 sizeof(tcp_ses->srcaddr)); 1823 memcpy(&tcp_ses->dstaddr, &ctx->dstaddr, 1824 sizeof(tcp_ses->dstaddr)); 1825 if (ctx->use_client_guid) 1826 memcpy(tcp_ses->client_guid, ctx->client_guid, 1827 SMB2_CLIENT_GUID_SIZE); 1828 else 1829 generate_random_uuid(tcp_ses->client_guid); 1830 /* 1831 * at this point we are the only ones with the pointer 1832 * to the struct since the kernel thread not created yet 1833 * no need to spinlock this init of tcpStatus or srv_count 1834 */ 1835 tcp_ses->tcpStatus = CifsNew; 1836 ++tcp_ses->srv_count; 1837 tcp_ses->echo_interval = ctx->echo_interval * HZ; 1838 1839 if (tcp_ses->rdma) { 1840 #ifndef CONFIG_CIFS_SMB_DIRECT 1841 cifs_dbg(VFS, "CONFIG_CIFS_SMB_DIRECT is not enabled\n"); 1842 rc = -ENOENT; 1843 goto out_err_crypto_release; 1844 #endif 1845 tcp_ses->smbd_conn = smbd_get_connection( 1846 tcp_ses, (struct sockaddr *)&ctx->dstaddr); 1847 if (tcp_ses->smbd_conn) { 1848 cifs_dbg(VFS, "RDMA transport established\n"); 1849 rc = 0; 1850 goto smbd_connected; 1851 } else { 1852 rc = -ENOENT; 1853 goto out_err_crypto_release; 1854 } 1855 } 1856 rc = ip_connect(tcp_ses); 1857 if (rc < 0) { 1858 cifs_dbg(VFS, "Error connecting to socket. Aborting operation.\n"); 1859 goto out_err_crypto_release; 1860 } 1861 smbd_connected: 1862 /* 1863 * since we're in a cifs function already, we know that 1864 * this will succeed. No need for try_module_get(). 1865 */ 1866 __module_get(THIS_MODULE); 1867 tcp_ses->tsk = kthread_run(cifs_demultiplex_thread, 1868 tcp_ses, "cifsd"); 1869 if (IS_ERR(tcp_ses->tsk)) { 1870 rc = PTR_ERR(tcp_ses->tsk); 1871 cifs_dbg(VFS, "error %d create cifsd thread\n", rc); 1872 module_put(THIS_MODULE); 1873 goto out_err_crypto_release; 1874 } 1875 tcp_ses->min_offload = ctx->min_offload; 1876 tcp_ses->retrans = ctx->retrans; 1877 /* 1878 * at this point we are the only ones with the pointer 1879 * to the struct since the kernel thread not created yet 1880 * no need to spinlock this update of tcpStatus 1881 */ 1882 spin_lock(&tcp_ses->srv_lock); 1883 tcp_ses->tcpStatus = CifsNeedNegotiate; 1884 spin_unlock(&tcp_ses->srv_lock); 1885 1886 if ((ctx->max_credits < 20) || (ctx->max_credits > 60000)) 1887 tcp_ses->max_credits = SMB2_MAX_CREDITS_AVAILABLE; 1888 else 1889 tcp_ses->max_credits = ctx->max_credits; 1890 1891 tcp_ses->nr_targets = 1; 1892 tcp_ses->ignore_signature = ctx->ignore_signature; 1893 /* thread spawned, put it on the list */ 1894 spin_lock(&cifs_tcp_ses_lock); 1895 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list); 1896 spin_unlock(&cifs_tcp_ses_lock); 1897 1898 /* queue echo request delayed work */ 1899 queue_delayed_work(cifsiod_wq, &tcp_ses->echo, tcp_ses->echo_interval); 1900 1901 return tcp_ses; 1902 1903 out_err_crypto_release: 1904 cifs_crypto_secmech_release(tcp_ses); 1905 1906 put_net(cifs_net_ns(tcp_ses)); 1907 1908 out_err: 1909 if (tcp_ses) { 1910 if (SERVER_IS_CHAN(tcp_ses)) 1911 cifs_put_tcp_session(tcp_ses->primary_server, false); 1912 kfree(tcp_ses->hostname); 1913 kfree(tcp_ses->leaf_fullpath); 1914 if (tcp_ses->ssocket) 1915 sock_release(tcp_ses->ssocket); 1916 kfree(tcp_ses); 1917 } 1918 return ERR_PTR(rc); 1919 } 1920 1921 /* this function must be called with ses_lock and chan_lock held */ 1922 static int match_session(struct cifs_ses *ses, 1923 struct smb3_fs_context *ctx, 1924 bool match_super) 1925 { 1926 struct TCP_Server_Info *server = ses->server; 1927 enum securityEnum ctx_sec, ses_sec; 1928 1929 if (!match_super && ctx->dfs_root_ses != ses->dfs_root_ses) 1930 return 0; 1931 1932 /* 1933 * If an existing session is limited to less channels than 1934 * requested, it should not be reused 1935 */ 1936 if (ses->chan_max < ctx->max_channels) 1937 return 0; 1938 1939 ctx_sec = server->ops->select_sectype(server, ctx->sectype); 1940 ses_sec = server->ops->select_sectype(server, ses->sectype); 1941 1942 if (ctx_sec != ses_sec) 1943 return 0; 1944 1945 switch (ctx_sec) { 1946 case IAKerb: 1947 case Kerberos: 1948 if (!uid_eq(ctx->cred_uid, ses->cred_uid)) 1949 return 0; 1950 break; 1951 case NTLMv2: 1952 case RawNTLMSSP: 1953 default: 1954 /* NULL username means anonymous session */ 1955 if (ses->user_name == NULL) { 1956 if (!ctx->nullauth) 1957 return 0; 1958 break; 1959 } 1960 1961 /* anything else takes username/password */ 1962 if (strncmp(ses->user_name, 1963 ctx->username ? ctx->username : "", 1964 CIFS_MAX_USERNAME_LEN)) 1965 return 0; 1966 if ((ctx->username && strlen(ctx->username) != 0) && 1967 ses->password != NULL) { 1968 1969 /* New mount can only share sessions with an existing mount if: 1970 * 1. Both password and password2 match, or 1971 * 2. password2 of the old mount matches password of the new mount 1972 * and password of the old mount matches password2 of the new 1973 * mount 1974 */ 1975 if (ses->password2 != NULL && ctx->password2 != NULL) { 1976 if (!((strncmp(ses->password, ctx->password ? 1977 ctx->password : "", CIFS_MAX_PASSWORD_LEN) == 0 && 1978 strncmp(ses->password2, ctx->password2, 1979 CIFS_MAX_PASSWORD_LEN) == 0) || 1980 (strncmp(ses->password, ctx->password2, 1981 CIFS_MAX_PASSWORD_LEN) == 0 && 1982 strncmp(ses->password2, ctx->password ? 1983 ctx->password : "", CIFS_MAX_PASSWORD_LEN) == 0))) 1984 return 0; 1985 1986 } else if ((ses->password2 == NULL && ctx->password2 != NULL) || 1987 (ses->password2 != NULL && ctx->password2 == NULL)) { 1988 return 0; 1989 1990 } else { 1991 if (strncmp(ses->password, ctx->password ? 1992 ctx->password : "", CIFS_MAX_PASSWORD_LEN)) 1993 return 0; 1994 } 1995 } 1996 } 1997 1998 if (strcmp(ctx->local_nls->charset, ses->local_nls->charset)) 1999 return 0; 2000 2001 return 1; 2002 } 2003 2004 /** 2005 * cifs_setup_ipc - helper to setup the IPC tcon for the session 2006 * @ses: smb session to issue the request on 2007 * @ctx: the superblock configuration context to use for building the 2008 * new tree connection for the IPC (interprocess communication RPC) 2009 * 2010 * A new IPC connection is made and stored in the session 2011 * tcon_ipc. The IPC tcon has the same lifetime as the session. 2012 */ 2013 static int 2014 cifs_setup_ipc(struct cifs_ses *ses, struct smb3_fs_context *ctx) 2015 { 2016 int rc = 0, xid; 2017 struct cifs_tcon *tcon; 2018 char unc[SERVER_NAME_LENGTH + sizeof("//x/IPC$")] = {0}; 2019 bool seal = false; 2020 struct TCP_Server_Info *server = ses->server; 2021 2022 /* 2023 * If the mount request that resulted in the creation of the 2024 * session requires encryption, force IPC to be encrypted too. 2025 */ 2026 if (ctx->seal) { 2027 if (server->capabilities & SMB2_GLOBAL_CAP_ENCRYPTION) 2028 seal = true; 2029 else { 2030 cifs_server_dbg(VFS, 2031 "IPC: server doesn't support encryption\n"); 2032 return -EOPNOTSUPP; 2033 } 2034 } 2035 2036 /* no need to setup directory caching on IPC share, so pass in false */ 2037 tcon = tcon_info_alloc(false, netfs_trace_tcon_ref_new_ipc); 2038 if (tcon == NULL) 2039 return -ENOMEM; 2040 2041 spin_lock(&server->srv_lock); 2042 scnprintf(unc, sizeof(unc), "\\\\%s\\IPC$", server->hostname); 2043 spin_unlock(&server->srv_lock); 2044 2045 xid = get_xid(); 2046 tcon->ses = ses; 2047 tcon->ipc = true; 2048 tcon->seal = seal; 2049 rc = server->ops->tree_connect(xid, ses, unc, tcon, ctx->local_nls); 2050 free_xid(xid); 2051 2052 if (rc) { 2053 cifs_server_dbg(VFS, "failed to connect to IPC (rc=%d)\n", rc); 2054 tconInfoFree(tcon, netfs_trace_tcon_ref_free_ipc_fail); 2055 goto out; 2056 } 2057 2058 cifs_dbg(FYI, "IPC tcon rc=%d ipc tid=0x%x\n", rc, tcon->tid); 2059 2060 spin_lock(&tcon->tc_lock); 2061 tcon->status = TID_GOOD; 2062 spin_unlock(&tcon->tc_lock); 2063 ses->tcon_ipc = tcon; 2064 out: 2065 return rc; 2066 } 2067 2068 static struct cifs_ses * 2069 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb3_fs_context *ctx) 2070 { 2071 struct cifs_ses *ses, *ret = NULL; 2072 2073 spin_lock(&cifs_tcp_ses_lock); 2074 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) { 2075 spin_lock(&ses->ses_lock); 2076 if (ses->ses_status == SES_EXITING) { 2077 spin_unlock(&ses->ses_lock); 2078 continue; 2079 } 2080 spin_lock(&ses->chan_lock); 2081 if (match_session(ses, ctx, false)) { 2082 spin_unlock(&ses->chan_lock); 2083 spin_unlock(&ses->ses_lock); 2084 ret = ses; 2085 break; 2086 } 2087 spin_unlock(&ses->chan_lock); 2088 spin_unlock(&ses->ses_lock); 2089 } 2090 if (ret) 2091 cifs_smb_ses_inc_refcount(ret); 2092 spin_unlock(&cifs_tcp_ses_lock); 2093 return ret; 2094 } 2095 2096 void __cifs_put_smb_ses(struct cifs_ses *ses) 2097 { 2098 struct TCP_Server_Info *server = ses->server; 2099 struct cifs_tcon *tcon; 2100 unsigned int xid; 2101 size_t i; 2102 bool do_logoff; 2103 int rc; 2104 2105 spin_lock(&cifs_tcp_ses_lock); 2106 spin_lock(&ses->ses_lock); 2107 cifs_dbg(FYI, "%s: id=0x%llx ses_count=%d ses_status=%u ipc=%s\n", 2108 __func__, ses->Suid, ses->ses_count, ses->ses_status, 2109 ses->tcon_ipc ? ses->tcon_ipc->tree_name : "none"); 2110 if (ses->ses_status == SES_EXITING || --ses->ses_count > 0) { 2111 spin_unlock(&ses->ses_lock); 2112 spin_unlock(&cifs_tcp_ses_lock); 2113 return; 2114 } 2115 /* ses_count can never go negative */ 2116 WARN_ON(ses->ses_count < 0); 2117 2118 spin_lock(&ses->chan_lock); 2119 cifs_chan_clear_need_reconnect(ses, server); 2120 spin_unlock(&ses->chan_lock); 2121 2122 do_logoff = ses->ses_status == SES_GOOD && server->ops->logoff; 2123 ses->ses_status = SES_EXITING; 2124 tcon = ses->tcon_ipc; 2125 ses->tcon_ipc = NULL; 2126 spin_unlock(&ses->ses_lock); 2127 spin_unlock(&cifs_tcp_ses_lock); 2128 2129 /* 2130 * On session close, the IPC is closed and the server must release all 2131 * tcons of the session. No need to send a tree disconnect here. 2132 * 2133 * Besides, it will make the server to not close durable and resilient 2134 * files on session close, as specified in MS-SMB2 3.3.5.6 Receiving an 2135 * SMB2 LOGOFF Request. 2136 */ 2137 tconInfoFree(tcon, netfs_trace_tcon_ref_free_ipc); 2138 if (do_logoff) { 2139 xid = get_xid(); 2140 rc = server->ops->logoff(xid, ses); 2141 cifs_server_dbg(FYI, "%s: Session Logoff: rc=%d\n", 2142 __func__, rc); 2143 _free_xid(xid); 2144 } 2145 2146 spin_lock(&cifs_tcp_ses_lock); 2147 list_del_init(&ses->smb_ses_list); 2148 spin_unlock(&cifs_tcp_ses_lock); 2149 2150 /* close any extra channels */ 2151 for (i = 1; i < ses->chan_count; i++) { 2152 if (ses->chans[i].iface) { 2153 kref_put(&ses->chans[i].iface->refcount, release_iface); 2154 ses->chans[i].iface = NULL; 2155 } 2156 cifs_put_tcp_session(ses->chans[i].server, 0); 2157 ses->chans[i].server = NULL; 2158 } 2159 2160 /* we now account for primary channel in iface->refcount */ 2161 if (ses->chans[0].iface) { 2162 kref_put(&ses->chans[0].iface->refcount, release_iface); 2163 ses->chans[0].server = NULL; 2164 } 2165 2166 sesInfoFree(ses); 2167 cifs_put_tcp_session(server, 0); 2168 } 2169 2170 #ifdef CONFIG_KEYS 2171 2172 /* strlen("cifs:a:") + CIFS_MAX_DOMAINNAME_LEN + 1 */ 2173 #define CIFSCREDS_DESC_SIZE (7 + CIFS_MAX_DOMAINNAME_LEN + 1) 2174 2175 /* Populate username and pw fields from keyring if possible */ 2176 static int 2177 cifs_set_cifscreds(struct smb3_fs_context *ctx, struct cifs_ses *ses) 2178 { 2179 int rc = 0; 2180 int is_domain = 0; 2181 const char *delim, *payload; 2182 char *desc; 2183 ssize_t len; 2184 struct key *key; 2185 struct TCP_Server_Info *server = ses->server; 2186 struct sockaddr_in *sa; 2187 struct sockaddr_in6 *sa6; 2188 const struct user_key_payload *upayload; 2189 2190 desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL); 2191 if (!desc) 2192 return -ENOMEM; 2193 2194 /* try to find an address key first */ 2195 switch (server->dstaddr.ss_family) { 2196 case AF_INET: 2197 sa = (struct sockaddr_in *)&server->dstaddr; 2198 sprintf(desc, "cifs:a:%pI4", &sa->sin_addr.s_addr); 2199 break; 2200 case AF_INET6: 2201 sa6 = (struct sockaddr_in6 *)&server->dstaddr; 2202 sprintf(desc, "cifs:a:%pI6c", &sa6->sin6_addr.s6_addr); 2203 break; 2204 default: 2205 cifs_dbg(FYI, "Bad ss_family (%hu)\n", 2206 server->dstaddr.ss_family); 2207 rc = -EINVAL; 2208 goto out_err; 2209 } 2210 2211 cifs_dbg(FYI, "%s: desc=%s\n", __func__, desc); 2212 key = request_key(&key_type_logon, desc, ""); 2213 if (IS_ERR(key)) { 2214 if (!ses->domainName) { 2215 cifs_dbg(FYI, "domainName is NULL\n"); 2216 rc = PTR_ERR(key); 2217 goto out_err; 2218 } 2219 2220 /* didn't work, try to find a domain key */ 2221 sprintf(desc, "cifs:d:%s", ses->domainName); 2222 cifs_dbg(FYI, "%s: desc=%s\n", __func__, desc); 2223 key = request_key(&key_type_logon, desc, ""); 2224 if (IS_ERR(key)) { 2225 rc = PTR_ERR(key); 2226 goto out_err; 2227 } 2228 is_domain = 1; 2229 } 2230 2231 down_read(&key->sem); 2232 upayload = user_key_payload_locked(key); 2233 if (IS_ERR_OR_NULL(upayload)) { 2234 rc = upayload ? PTR_ERR(upayload) : -EINVAL; 2235 goto out_key_put; 2236 } 2237 2238 /* find first : in payload */ 2239 payload = upayload->data; 2240 delim = strnchr(payload, upayload->datalen, ':'); 2241 cifs_dbg(FYI, "payload=%s\n", payload); 2242 if (!delim) { 2243 cifs_dbg(FYI, "Unable to find ':' in payload (datalen=%d)\n", 2244 upayload->datalen); 2245 rc = -EINVAL; 2246 goto out_key_put; 2247 } 2248 2249 len = delim - payload; 2250 if (len > CIFS_MAX_USERNAME_LEN || len <= 0) { 2251 cifs_dbg(FYI, "Bad value from username search (len=%zd)\n", 2252 len); 2253 rc = -EINVAL; 2254 goto out_key_put; 2255 } 2256 2257 ctx->username = kstrndup(payload, len, GFP_KERNEL); 2258 if (!ctx->username) { 2259 cifs_dbg(FYI, "Unable to allocate %zd bytes for username\n", 2260 len); 2261 rc = -ENOMEM; 2262 goto out_key_put; 2263 } 2264 cifs_dbg(FYI, "%s: username=%s\n", __func__, ctx->username); 2265 2266 len = key->datalen - (len + 1); 2267 if (len > CIFS_MAX_PASSWORD_LEN || len <= 0) { 2268 cifs_dbg(FYI, "Bad len for password search (len=%zd)\n", len); 2269 rc = -EINVAL; 2270 kfree(ctx->username); 2271 ctx->username = NULL; 2272 goto out_key_put; 2273 } 2274 2275 ++delim; 2276 /* BB consider adding support for password2 (Key Rotation) for multiuser in future */ 2277 ctx->password = kstrndup(delim, len, GFP_KERNEL); 2278 if (!ctx->password) { 2279 cifs_dbg(FYI, "Unable to allocate %zd bytes for password\n", 2280 len); 2281 rc = -ENOMEM; 2282 kfree(ctx->username); 2283 ctx->username = NULL; 2284 goto out_key_put; 2285 } 2286 2287 /* 2288 * If we have a domain key then we must set the domainName in the 2289 * for the request. 2290 */ 2291 if (is_domain && ses->domainName) { 2292 ctx->domainname = kstrdup(ses->domainName, GFP_KERNEL); 2293 if (!ctx->domainname) { 2294 cifs_dbg(FYI, "Unable to allocate %zd bytes for domain\n", 2295 len); 2296 rc = -ENOMEM; 2297 kfree(ctx->username); 2298 ctx->username = NULL; 2299 kfree_sensitive(ctx->password); 2300 /* no need to free ctx->password2 since not allocated in this path */ 2301 ctx->password = NULL; 2302 goto out_key_put; 2303 } 2304 } 2305 2306 strscpy(ctx->workstation_name, ses->workstation_name, sizeof(ctx->workstation_name)); 2307 2308 out_key_put: 2309 up_read(&key->sem); 2310 key_put(key); 2311 out_err: 2312 kfree(desc); 2313 cifs_dbg(FYI, "%s: returning %d\n", __func__, rc); 2314 return rc; 2315 } 2316 #else /* ! CONFIG_KEYS */ 2317 static inline int 2318 cifs_set_cifscreds(struct smb3_fs_context *ctx __attribute__((unused)), 2319 struct cifs_ses *ses __attribute__((unused))) 2320 { 2321 return -ENOSYS; 2322 } 2323 #endif /* CONFIG_KEYS */ 2324 2325 /** 2326 * cifs_get_smb_ses - get a session matching @ctx data from @server 2327 * @server: server to setup the session to 2328 * @ctx: superblock configuration context to use to setup the session 2329 * 2330 * This function assumes it is being called from cifs_mount() where we 2331 * already got a server reference (server refcount +1). See 2332 * cifs_get_tcon() for refcount explanations. 2333 */ 2334 struct cifs_ses * 2335 cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb3_fs_context *ctx) 2336 { 2337 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr; 2338 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr; 2339 struct cifs_ses *ses; 2340 unsigned int xid; 2341 int retries = 0; 2342 size_t len; 2343 int rc = 0; 2344 2345 xid = get_xid(); 2346 2347 ses = cifs_find_smb_ses(server, ctx); 2348 if (ses) { 2349 cifs_dbg(FYI, "Existing smb sess found (status=%d)\n", 2350 ses->ses_status); 2351 2352 spin_lock(&ses->chan_lock); 2353 if (cifs_chan_needs_reconnect(ses, server)) { 2354 spin_unlock(&ses->chan_lock); 2355 cifs_dbg(FYI, "Session needs reconnect\n"); 2356 2357 mutex_lock(&ses->session_mutex); 2358 2359 retry_old_session: 2360 rc = cifs_negotiate_protocol(xid, ses, server); 2361 if (rc) { 2362 mutex_unlock(&ses->session_mutex); 2363 /* problem -- put our ses reference */ 2364 cifs_put_smb_ses(ses); 2365 free_xid(xid); 2366 return ERR_PTR(rc); 2367 } 2368 2369 rc = cifs_setup_session(xid, ses, server, 2370 ctx->local_nls); 2371 if (rc) { 2372 if (((rc == -EACCES) || (rc == -EKEYEXPIRED) || 2373 (rc == -EKEYREVOKED)) && !retries && ses->password2) { 2374 retries++; 2375 cifs_dbg(FYI, "Session reconnect failed, retrying with alternate password\n"); 2376 swap(ses->password, ses->password2); 2377 goto retry_old_session; 2378 } 2379 mutex_unlock(&ses->session_mutex); 2380 /* problem -- put our reference */ 2381 cifs_put_smb_ses(ses); 2382 free_xid(xid); 2383 return ERR_PTR(rc); 2384 } 2385 mutex_unlock(&ses->session_mutex); 2386 2387 spin_lock(&ses->chan_lock); 2388 } 2389 spin_unlock(&ses->chan_lock); 2390 2391 /* existing SMB ses has a server reference already */ 2392 cifs_put_tcp_session(server, 0); 2393 free_xid(xid); 2394 return ses; 2395 } 2396 2397 rc = -ENOMEM; 2398 2399 cifs_dbg(FYI, "Existing smb sess not found\n"); 2400 ses = sesInfoAlloc(); 2401 if (ses == NULL) 2402 goto get_ses_fail; 2403 2404 /* new SMB session uses our server ref */ 2405 ses->server = server; 2406 if (server->dstaddr.ss_family == AF_INET6) 2407 sprintf(ses->ip_addr, "%pI6", &addr6->sin6_addr); 2408 else 2409 sprintf(ses->ip_addr, "%pI4", &addr->sin_addr); 2410 2411 if (ctx->username) { 2412 ses->user_name = kstrdup(ctx->username, GFP_KERNEL); 2413 if (!ses->user_name) 2414 goto get_ses_fail; 2415 } 2416 2417 /* ctx->password freed at unmount */ 2418 if (ctx->password) { 2419 ses->password = kstrdup(ctx->password, GFP_KERNEL); 2420 if (!ses->password) 2421 goto get_ses_fail; 2422 } 2423 /* ctx->password freed at unmount */ 2424 if (ctx->password2) { 2425 ses->password2 = kstrdup(ctx->password2, GFP_KERNEL); 2426 if (!ses->password2) 2427 goto get_ses_fail; 2428 } 2429 if (ctx->domainname) { 2430 ses->domainName = kstrdup(ctx->domainname, GFP_KERNEL); 2431 if (!ses->domainName) 2432 goto get_ses_fail; 2433 2434 len = strnlen(ctx->domainname, CIFS_MAX_DOMAINNAME_LEN); 2435 if (!cifs_netbios_name(ctx->domainname, len)) { 2436 ses->dns_dom = kstrndup(ctx->domainname, 2437 len, GFP_KERNEL); 2438 if (!ses->dns_dom) 2439 goto get_ses_fail; 2440 } 2441 } 2442 2443 strscpy(ses->workstation_name, ctx->workstation_name, sizeof(ses->workstation_name)); 2444 2445 if (ctx->domainauto) 2446 ses->domainAuto = ctx->domainauto; 2447 ses->cred_uid = ctx->cred_uid; 2448 ses->linux_uid = ctx->linux_uid; 2449 2450 ses->unicode = ctx->unicode; 2451 ses->sectype = ctx->sectype; 2452 ses->sign = ctx->sign; 2453 2454 /* 2455 *Explicitly marking upcall_target mount option for easier handling 2456 * by cifs_spnego.c and eventually cifs.upcall.c 2457 */ 2458 2459 switch (ctx->upcall_target) { 2460 case UPTARGET_UNSPECIFIED: /* default to app */ 2461 case UPTARGET_APP: 2462 ses->upcall_target = UPTARGET_APP; 2463 break; 2464 case UPTARGET_MOUNT: 2465 ses->upcall_target = UPTARGET_MOUNT; 2466 break; 2467 default: 2468 // should never happen 2469 ses->upcall_target = UPTARGET_APP; 2470 break; 2471 } 2472 2473 ses->local_nls = load_nls(ctx->local_nls->charset); 2474 2475 /* add server as first channel */ 2476 spin_lock(&ses->chan_lock); 2477 ses->chans[0].server = server; 2478 ses->chan_count = 1; 2479 ses->chan_max = ctx->multichannel ? ctx->max_channels:1; 2480 ses->chans_need_reconnect = 1; 2481 spin_unlock(&ses->chan_lock); 2482 2483 retry_new_session: 2484 mutex_lock(&ses->session_mutex); 2485 rc = cifs_negotiate_protocol(xid, ses, server); 2486 if (!rc) 2487 rc = cifs_setup_session(xid, ses, server, ctx->local_nls); 2488 mutex_unlock(&ses->session_mutex); 2489 2490 /* each channel uses a different signing key */ 2491 spin_lock(&ses->chan_lock); 2492 memcpy(ses->chans[0].signkey, ses->smb3signingkey, 2493 sizeof(ses->smb3signingkey)); 2494 spin_unlock(&ses->chan_lock); 2495 2496 if (rc) { 2497 if (((rc == -EACCES) || (rc == -EKEYEXPIRED) || 2498 (rc == -EKEYREVOKED)) && !retries && ses->password2) { 2499 retries++; 2500 cifs_dbg(FYI, "Session setup failed, retrying with alternate password\n"); 2501 swap(ses->password, ses->password2); 2502 goto retry_new_session; 2503 } else 2504 goto get_ses_fail; 2505 } 2506 2507 /* 2508 * success, put it on the list and add it as first channel 2509 * note: the session becomes active soon after this. So you'll 2510 * need to lock before changing something in the session. 2511 */ 2512 spin_lock(&cifs_tcp_ses_lock); 2513 ses->dfs_root_ses = ctx->dfs_root_ses; 2514 list_add(&ses->smb_ses_list, &server->smb_ses_list); 2515 spin_unlock(&cifs_tcp_ses_lock); 2516 2517 cifs_setup_ipc(ses, ctx); 2518 2519 free_xid(xid); 2520 2521 return ses; 2522 2523 get_ses_fail: 2524 sesInfoFree(ses); 2525 free_xid(xid); 2526 return ERR_PTR(rc); 2527 } 2528 2529 /* this function must be called with tc_lock held */ 2530 static int match_tcon(struct cifs_tcon *tcon, struct smb3_fs_context *ctx) 2531 { 2532 struct TCP_Server_Info *server = tcon->ses->server; 2533 2534 if (tcon->status == TID_EXITING) 2535 return 0; 2536 2537 if (tcon->origin_fullpath) { 2538 if (!ctx->source || 2539 !dfs_src_pathname_equal(ctx->source, 2540 tcon->origin_fullpath)) 2541 return 0; 2542 } else if (!server->leaf_fullpath && 2543 strncmp(tcon->tree_name, ctx->UNC, MAX_TREE_SIZE)) { 2544 return 0; 2545 } 2546 if (tcon->seal != ctx->seal) 2547 return 0; 2548 if (tcon->snapshot_time != ctx->snapshot_time) 2549 return 0; 2550 if (tcon->handle_timeout != ctx->handle_timeout) 2551 return 0; 2552 if (tcon->no_lease != ctx->no_lease) 2553 return 0; 2554 if (tcon->nodelete != ctx->nodelete) 2555 return 0; 2556 if (tcon->posix_extensions != ctx->linux_ext) 2557 return 0; 2558 return 1; 2559 } 2560 2561 static struct cifs_tcon * 2562 cifs_find_tcon(struct cifs_ses *ses, struct smb3_fs_context *ctx) 2563 { 2564 struct cifs_tcon *tcon; 2565 2566 spin_lock(&cifs_tcp_ses_lock); 2567 list_for_each_entry(tcon, &ses->tcon_list, tcon_list) { 2568 spin_lock(&tcon->tc_lock); 2569 if (!match_tcon(tcon, ctx)) { 2570 spin_unlock(&tcon->tc_lock); 2571 continue; 2572 } 2573 ++tcon->tc_count; 2574 trace_smb3_tcon_ref(tcon->debug_id, tcon->tc_count, 2575 netfs_trace_tcon_ref_get_find); 2576 spin_unlock(&tcon->tc_lock); 2577 spin_unlock(&cifs_tcp_ses_lock); 2578 return tcon; 2579 } 2580 spin_unlock(&cifs_tcp_ses_lock); 2581 return NULL; 2582 } 2583 2584 void 2585 cifs_put_tcon(struct cifs_tcon *tcon, enum smb3_tcon_ref_trace trace) 2586 { 2587 unsigned int xid; 2588 struct cifs_ses *ses; 2589 LIST_HEAD(ses_list); 2590 2591 /* 2592 * IPC tcon share the lifetime of their session and are 2593 * destroyed in the session put function 2594 */ 2595 if (tcon == NULL || tcon->ipc) 2596 return; 2597 2598 ses = tcon->ses; 2599 cifs_dbg(FYI, "%s: tc_count=%d\n", __func__, tcon->tc_count); 2600 spin_lock(&cifs_tcp_ses_lock); 2601 spin_lock(&tcon->tc_lock); 2602 trace_smb3_tcon_ref(tcon->debug_id, tcon->tc_count - 1, trace); 2603 if (--tcon->tc_count > 0) { 2604 spin_unlock(&tcon->tc_lock); 2605 spin_unlock(&cifs_tcp_ses_lock); 2606 return; 2607 } 2608 2609 /* tc_count can never go negative */ 2610 WARN_ON(tcon->tc_count < 0); 2611 2612 list_del_init(&tcon->tcon_list); 2613 tcon->status = TID_EXITING; 2614 spin_unlock(&tcon->tc_lock); 2615 spin_unlock(&cifs_tcp_ses_lock); 2616 2617 /* cancel polling of interfaces */ 2618 cancel_delayed_work_sync(&tcon->query_interfaces); 2619 #ifdef CONFIG_CIFS_DFS_UPCALL 2620 cancel_delayed_work_sync(&tcon->dfs_cache_work); 2621 list_replace_init(&tcon->dfs_ses_list, &ses_list); 2622 #endif 2623 2624 if (tcon->use_witness) { 2625 int rc; 2626 2627 rc = cifs_swn_unregister(tcon); 2628 if (rc < 0) { 2629 cifs_dbg(VFS, "%s: Failed to unregister for witness notifications: %d\n", 2630 __func__, rc); 2631 } 2632 } 2633 2634 xid = get_xid(); 2635 if (ses->server->ops->tree_disconnect) 2636 ses->server->ops->tree_disconnect(xid, tcon); 2637 _free_xid(xid); 2638 2639 cifs_fscache_release_super_cookie(tcon); 2640 tconInfoFree(tcon, netfs_trace_tcon_ref_free); 2641 cifs_put_smb_ses(ses); 2642 #ifdef CONFIG_CIFS_DFS_UPCALL 2643 dfs_put_root_smb_sessions(&ses_list); 2644 #endif 2645 } 2646 2647 /** 2648 * cifs_get_tcon - get a tcon matching @ctx data from @ses 2649 * @ses: smb session to issue the request on 2650 * @ctx: the superblock configuration context to use for building the 2651 * 2652 * - tcon refcount is the number of mount points using the tcon. 2653 * - ses refcount is the number of tcon using the session. 2654 * 2655 * 1. This function assumes it is being called from cifs_mount() where 2656 * we already got a session reference (ses refcount +1). 2657 * 2658 * 2. Since we're in the context of adding a mount point, the end 2659 * result should be either: 2660 * 2661 * a) a new tcon already allocated with refcount=1 (1 mount point) and 2662 * its session refcount incremented (1 new tcon). This +1 was 2663 * already done in (1). 2664 * 2665 * b) an existing tcon with refcount+1 (add a mount point to it) and 2666 * identical ses refcount (no new tcon). Because of (1) we need to 2667 * decrement the ses refcount. 2668 */ 2669 static struct cifs_tcon * 2670 cifs_get_tcon(struct cifs_ses *ses, struct smb3_fs_context *ctx) 2671 { 2672 struct cifs_tcon *tcon; 2673 bool nohandlecache; 2674 int rc, xid; 2675 2676 tcon = cifs_find_tcon(ses, ctx); 2677 if (tcon) { 2678 /* 2679 * tcon has refcount already incremented but we need to 2680 * decrement extra ses reference gotten by caller (case b) 2681 */ 2682 cifs_dbg(FYI, "Found match on UNC path\n"); 2683 cifs_put_smb_ses(ses); 2684 return tcon; 2685 } 2686 2687 if (!ses->server->ops->tree_connect) { 2688 rc = -ENOSYS; 2689 goto out_fail; 2690 } 2691 2692 if (ses->server->dialect >= SMB20_PROT_ID && 2693 (ses->server->capabilities & SMB2_GLOBAL_CAP_DIRECTORY_LEASING)) 2694 nohandlecache = ctx->nohandlecache || !dir_cache_timeout; 2695 else 2696 nohandlecache = true; 2697 tcon = tcon_info_alloc(!nohandlecache, netfs_trace_tcon_ref_new); 2698 if (tcon == NULL) { 2699 rc = -ENOMEM; 2700 goto out_fail; 2701 } 2702 tcon->nohandlecache = nohandlecache; 2703 2704 if (ctx->snapshot_time) { 2705 if (ses->server->vals->protocol_id == 0) { 2706 cifs_dbg(VFS, 2707 "Use SMB2 or later for snapshot mount option\n"); 2708 rc = -EOPNOTSUPP; 2709 goto out_fail; 2710 } else 2711 tcon->snapshot_time = ctx->snapshot_time; 2712 } 2713 2714 if (ctx->handle_timeout) { 2715 if (ses->server->vals->protocol_id == 0) { 2716 cifs_dbg(VFS, 2717 "Use SMB2.1 or later for handle timeout option\n"); 2718 rc = -EOPNOTSUPP; 2719 goto out_fail; 2720 } else 2721 tcon->handle_timeout = ctx->handle_timeout; 2722 } 2723 2724 tcon->ses = ses; 2725 if (ctx->password) { 2726 tcon->password = kstrdup(ctx->password, GFP_KERNEL); 2727 if (!tcon->password) { 2728 rc = -ENOMEM; 2729 goto out_fail; 2730 } 2731 } 2732 2733 if (ctx->seal) { 2734 if (ses->server->vals->protocol_id == 0) { 2735 cifs_dbg(VFS, 2736 "SMB3 or later required for encryption\n"); 2737 rc = -EOPNOTSUPP; 2738 goto out_fail; 2739 } else if (tcon->ses->server->capabilities & 2740 SMB2_GLOBAL_CAP_ENCRYPTION) 2741 tcon->seal = true; 2742 else { 2743 cifs_dbg(VFS, "Encryption is not supported on share\n"); 2744 rc = -EOPNOTSUPP; 2745 goto out_fail; 2746 } 2747 } 2748 2749 if (ctx->linux_ext) { 2750 if (ses->server->posix_ext_supported) { 2751 tcon->posix_extensions = true; 2752 pr_warn_once("SMB3.11 POSIX Extensions are experimental\n"); 2753 } else if ((ses->server->vals->protocol_id == SMB311_PROT_ID) || 2754 (strcmp(ses->server->vals->version_string, 2755 SMB3ANY_VERSION_STRING) == 0) || 2756 (strcmp(ses->server->vals->version_string, 2757 SMBDEFAULT_VERSION_STRING) == 0)) { 2758 cifs_dbg(VFS, "Server does not support mounting with posix SMB3.11 extensions\n"); 2759 rc = -EOPNOTSUPP; 2760 goto out_fail; 2761 } else if (ses->server->vals->protocol_id == SMB10_PROT_ID) 2762 if (cap_unix(ses)) 2763 cifs_dbg(FYI, "Unix Extensions requested on SMB1 mount\n"); 2764 else { 2765 cifs_dbg(VFS, "SMB1 Unix Extensions not supported by server\n"); 2766 rc = -EOPNOTSUPP; 2767 goto out_fail; 2768 } else { 2769 cifs_dbg(VFS, 2770 "Check vers= mount option. SMB3.11 disabled but required for POSIX extensions\n"); 2771 rc = -EOPNOTSUPP; 2772 goto out_fail; 2773 } 2774 } 2775 2776 xid = get_xid(); 2777 rc = ses->server->ops->tree_connect(xid, ses, ctx->UNC, tcon, 2778 ctx->local_nls); 2779 free_xid(xid); 2780 cifs_dbg(FYI, "Tcon rc = %d\n", rc); 2781 if (rc) 2782 goto out_fail; 2783 2784 tcon->use_persistent = false; 2785 /* check if SMB2 or later, CIFS does not support persistent handles */ 2786 if (ctx->persistent) { 2787 if (ses->server->vals->protocol_id == 0) { 2788 cifs_dbg(VFS, 2789 "SMB3 or later required for persistent handles\n"); 2790 rc = -EOPNOTSUPP; 2791 goto out_fail; 2792 } else if (ses->server->capabilities & 2793 SMB2_GLOBAL_CAP_PERSISTENT_HANDLES) 2794 tcon->use_persistent = true; 2795 else /* persistent handles requested but not supported */ { 2796 cifs_dbg(VFS, 2797 "Persistent handles not supported on share\n"); 2798 rc = -EOPNOTSUPP; 2799 goto out_fail; 2800 } 2801 } else if ((tcon->capabilities & SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY) 2802 && (ses->server->capabilities & SMB2_GLOBAL_CAP_PERSISTENT_HANDLES) 2803 && (ctx->nopersistent == false)) { 2804 cifs_dbg(FYI, "enabling persistent handles\n"); 2805 tcon->use_persistent = true; 2806 } else if (ctx->resilient) { 2807 if (ses->server->vals->protocol_id == 0) { 2808 cifs_dbg(VFS, 2809 "SMB2.1 or later required for resilient handles\n"); 2810 rc = -EOPNOTSUPP; 2811 goto out_fail; 2812 } 2813 tcon->use_resilient = true; 2814 } 2815 2816 tcon->use_witness = false; 2817 if (IS_ENABLED(CONFIG_CIFS_SWN_UPCALL) && ctx->witness) { 2818 if (ses->server->vals->protocol_id >= SMB30_PROT_ID) { 2819 if (tcon->capabilities & SMB2_SHARE_CAP_CLUSTER) { 2820 /* 2821 * Set witness in use flag in first place 2822 * to retry registration in the echo task 2823 */ 2824 tcon->use_witness = true; 2825 /* And try to register immediately */ 2826 rc = cifs_swn_register(tcon); 2827 if (rc < 0) { 2828 cifs_dbg(VFS, "Failed to register for witness notifications: %d\n", rc); 2829 goto out_fail; 2830 } 2831 } else { 2832 /* TODO: try to extend for non-cluster uses (eg multichannel) */ 2833 cifs_dbg(VFS, "witness requested on mount but no CLUSTER capability on share\n"); 2834 rc = -EOPNOTSUPP; 2835 goto out_fail; 2836 } 2837 } else { 2838 cifs_dbg(VFS, "SMB3 or later required for witness option\n"); 2839 rc = -EOPNOTSUPP; 2840 goto out_fail; 2841 } 2842 } 2843 2844 /* If the user really knows what they are doing they can override */ 2845 if (tcon->share_flags & SMB2_SHAREFLAG_NO_CACHING) { 2846 if (ctx->cache_ro) 2847 cifs_dbg(VFS, "cache=ro requested on mount but NO_CACHING flag set on share\n"); 2848 else if (ctx->cache_rw) 2849 cifs_dbg(VFS, "cache=singleclient requested on mount but NO_CACHING flag set on share\n"); 2850 } 2851 2852 if (ctx->no_lease) { 2853 if (ses->server->vals->protocol_id == 0) { 2854 cifs_dbg(VFS, 2855 "SMB2 or later required for nolease option\n"); 2856 rc = -EOPNOTSUPP; 2857 goto out_fail; 2858 } else 2859 tcon->no_lease = ctx->no_lease; 2860 } 2861 2862 /* 2863 * We can have only one retry value for a connection to a share so for 2864 * resources mounted more than once to the same server share the last 2865 * value passed in for the retry flag is used. 2866 */ 2867 tcon->retry = ctx->retry; 2868 tcon->nocase = ctx->nocase; 2869 tcon->broken_sparse_sup = ctx->no_sparse; 2870 tcon->max_cached_dirs = ctx->max_cached_dirs; 2871 tcon->nodelete = ctx->nodelete; 2872 tcon->local_lease = ctx->local_lease; 2873 INIT_LIST_HEAD(&tcon->pending_opens); 2874 tcon->status = TID_GOOD; 2875 2876 INIT_DELAYED_WORK(&tcon->query_interfaces, 2877 smb2_query_server_interfaces); 2878 if (ses->server->dialect >= SMB30_PROT_ID && 2879 (ses->server->capabilities & SMB2_GLOBAL_CAP_MULTI_CHANNEL)) { 2880 /* schedule query interfaces poll */ 2881 queue_delayed_work(cifsiod_wq, &tcon->query_interfaces, 2882 (SMB_INTERFACE_POLL_INTERVAL * HZ)); 2883 } 2884 #ifdef CONFIG_CIFS_DFS_UPCALL 2885 INIT_DELAYED_WORK(&tcon->dfs_cache_work, dfs_cache_refresh); 2886 #endif 2887 spin_lock(&cifs_tcp_ses_lock); 2888 list_add(&tcon->tcon_list, &ses->tcon_list); 2889 spin_unlock(&cifs_tcp_ses_lock); 2890 2891 return tcon; 2892 2893 out_fail: 2894 tconInfoFree(tcon, netfs_trace_tcon_ref_free_fail); 2895 return ERR_PTR(rc); 2896 } 2897 2898 void 2899 cifs_put_tlink(struct tcon_link *tlink) 2900 { 2901 if (!tlink || IS_ERR(tlink)) 2902 return; 2903 2904 if (!atomic_dec_and_test(&tlink->tl_count) || 2905 test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) { 2906 tlink->tl_time = jiffies; 2907 return; 2908 } 2909 2910 if (!IS_ERR(tlink_tcon(tlink))) 2911 cifs_put_tcon(tlink_tcon(tlink), netfs_trace_tcon_ref_put_tlink); 2912 kfree(tlink); 2913 } 2914 2915 static int 2916 compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data) 2917 { 2918 struct cifs_sb_info *old = CIFS_SB(sb); 2919 struct cifs_sb_info *new = mnt_data->cifs_sb; 2920 unsigned int oldflags = old->mnt_cifs_flags & CIFS_MOUNT_MASK; 2921 unsigned int newflags = new->mnt_cifs_flags & CIFS_MOUNT_MASK; 2922 2923 if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK)) 2924 return 0; 2925 2926 if (old->mnt_cifs_serverino_autodisabled) 2927 newflags &= ~CIFS_MOUNT_SERVER_INUM; 2928 2929 if (oldflags != newflags) 2930 return 0; 2931 2932 /* 2933 * We want to share sb only if we don't specify an r/wsize or 2934 * specified r/wsize is greater than or equal to existing one. 2935 */ 2936 if (new->ctx->wsize && new->ctx->wsize < old->ctx->wsize) 2937 return 0; 2938 2939 if (new->ctx->rsize && new->ctx->rsize < old->ctx->rsize) 2940 return 0; 2941 2942 if (!uid_eq(old->ctx->linux_uid, new->ctx->linux_uid) || 2943 !gid_eq(old->ctx->linux_gid, new->ctx->linux_gid)) 2944 return 0; 2945 2946 if (old->ctx->file_mode != new->ctx->file_mode || 2947 old->ctx->dir_mode != new->ctx->dir_mode) 2948 return 0; 2949 2950 if (strcmp(old->local_nls->charset, new->local_nls->charset)) 2951 return 0; 2952 2953 if (old->ctx->acregmax != new->ctx->acregmax) 2954 return 0; 2955 if (old->ctx->acdirmax != new->ctx->acdirmax) 2956 return 0; 2957 if (old->ctx->closetimeo != new->ctx->closetimeo) 2958 return 0; 2959 if (old->ctx->reparse_type != new->ctx->reparse_type) 2960 return 0; 2961 if (old->ctx->nonativesocket != new->ctx->nonativesocket) 2962 return 0; 2963 if (old->ctx->symlink_type != new->ctx->symlink_type) 2964 return 0; 2965 2966 return 1; 2967 } 2968 2969 static int match_prepath(struct super_block *sb, 2970 struct cifs_tcon *tcon, 2971 struct cifs_mnt_data *mnt_data) 2972 { 2973 struct smb3_fs_context *ctx = mnt_data->ctx; 2974 struct cifs_sb_info *old = CIFS_SB(sb); 2975 struct cifs_sb_info *new = mnt_data->cifs_sb; 2976 bool old_set = (old->mnt_cifs_flags & CIFS_MOUNT_USE_PREFIX_PATH) && 2977 old->prepath; 2978 bool new_set = (new->mnt_cifs_flags & CIFS_MOUNT_USE_PREFIX_PATH) && 2979 new->prepath; 2980 2981 if (tcon->origin_fullpath && 2982 dfs_src_pathname_equal(tcon->origin_fullpath, ctx->source)) 2983 return 1; 2984 2985 if (old_set && new_set && !strcmp(new->prepath, old->prepath)) 2986 return 1; 2987 else if (!old_set && !new_set) 2988 return 1; 2989 2990 return 0; 2991 } 2992 2993 int 2994 cifs_match_super(struct super_block *sb, void *data) 2995 { 2996 struct cifs_mnt_data *mnt_data = data; 2997 struct smb3_fs_context *ctx; 2998 struct cifs_sb_info *cifs_sb; 2999 struct TCP_Server_Info *tcp_srv; 3000 struct cifs_ses *ses; 3001 struct cifs_tcon *tcon; 3002 struct tcon_link *tlink; 3003 int rc = 0; 3004 3005 spin_lock(&cifs_tcp_ses_lock); 3006 cifs_sb = CIFS_SB(sb); 3007 3008 /* We do not want to use a superblock that has been shutdown */ 3009 if (CIFS_MOUNT_SHUTDOWN & cifs_sb->mnt_cifs_flags) { 3010 spin_unlock(&cifs_tcp_ses_lock); 3011 return 0; 3012 } 3013 3014 tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb)); 3015 if (IS_ERR_OR_NULL(tlink)) { 3016 pr_warn_once("%s: skip super matching due to bad tlink(%p)\n", 3017 __func__, tlink); 3018 spin_unlock(&cifs_tcp_ses_lock); 3019 return 0; 3020 } 3021 tcon = tlink_tcon(tlink); 3022 ses = tcon->ses; 3023 tcp_srv = ses->server; 3024 3025 ctx = mnt_data->ctx; 3026 3027 spin_lock(&tcp_srv->srv_lock); 3028 spin_lock(&ses->ses_lock); 3029 spin_lock(&ses->chan_lock); 3030 spin_lock(&tcon->tc_lock); 3031 if (!match_server(tcp_srv, ctx, true) || 3032 !match_session(ses, ctx, true) || 3033 !match_tcon(tcon, ctx) || 3034 !match_prepath(sb, tcon, mnt_data)) { 3035 rc = 0; 3036 goto out; 3037 } 3038 3039 rc = compare_mount_options(sb, mnt_data); 3040 out: 3041 spin_unlock(&tcon->tc_lock); 3042 spin_unlock(&ses->chan_lock); 3043 spin_unlock(&ses->ses_lock); 3044 spin_unlock(&tcp_srv->srv_lock); 3045 3046 spin_unlock(&cifs_tcp_ses_lock); 3047 cifs_put_tlink(tlink); 3048 return rc; 3049 } 3050 3051 #ifdef CONFIG_DEBUG_LOCK_ALLOC 3052 static struct lock_class_key cifs_key[2]; 3053 static struct lock_class_key cifs_slock_key[2]; 3054 3055 static inline void 3056 cifs_reclassify_socket4(struct socket *sock) 3057 { 3058 struct sock *sk = sock->sk; 3059 3060 BUG_ON(!sock_allow_reclassification(sk)); 3061 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS", 3062 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]); 3063 } 3064 3065 static inline void 3066 cifs_reclassify_socket6(struct socket *sock) 3067 { 3068 struct sock *sk = sock->sk; 3069 3070 BUG_ON(!sock_allow_reclassification(sk)); 3071 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS", 3072 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]); 3073 } 3074 #else 3075 static inline void 3076 cifs_reclassify_socket4(struct socket *sock) 3077 { 3078 } 3079 3080 static inline void 3081 cifs_reclassify_socket6(struct socket *sock) 3082 { 3083 } 3084 #endif 3085 3086 /* See RFC1001 section 14 on representation of Netbios names */ 3087 static void rfc1002mangle(char *target, char *source, unsigned int length) 3088 { 3089 unsigned int i, j; 3090 3091 for (i = 0, j = 0; i < (length); i++) { 3092 /* mask a nibble at a time and encode */ 3093 target[j] = 'A' + (0x0F & (source[i] >> 4)); 3094 target[j+1] = 'A' + (0x0F & source[i]); 3095 j += 2; 3096 } 3097 3098 } 3099 3100 static int 3101 bind_socket(struct TCP_Server_Info *server) 3102 { 3103 int rc = 0; 3104 3105 if (server->srcaddr.ss_family != AF_UNSPEC) { 3106 /* Bind to the specified local IP address */ 3107 struct socket *socket = server->ssocket; 3108 3109 rc = kernel_bind(socket, 3110 (struct sockaddr *) &server->srcaddr, 3111 sizeof(server->srcaddr)); 3112 if (rc < 0) { 3113 struct sockaddr_in *saddr4; 3114 struct sockaddr_in6 *saddr6; 3115 3116 saddr4 = (struct sockaddr_in *)&server->srcaddr; 3117 saddr6 = (struct sockaddr_in6 *)&server->srcaddr; 3118 if (saddr6->sin6_family == AF_INET6) 3119 cifs_server_dbg(VFS, "Failed to bind to: %pI6c, error: %d\n", 3120 &saddr6->sin6_addr, rc); 3121 else 3122 cifs_server_dbg(VFS, "Failed to bind to: %pI4, error: %d\n", 3123 &saddr4->sin_addr.s_addr, rc); 3124 } 3125 } 3126 return rc; 3127 } 3128 3129 static int 3130 smb_recv_kvec(struct TCP_Server_Info *server, struct msghdr *msg, size_t *recv) 3131 { 3132 int rc = 0; 3133 int retries = 0; 3134 int msg_flags = server->noblocksnd ? MSG_DONTWAIT : 0; 3135 3136 *recv = 0; 3137 3138 while (msg_data_left(msg)) { 3139 rc = sock_recvmsg(server->ssocket, msg, msg_flags); 3140 if (rc == -EAGAIN) { 3141 retries++; 3142 if (retries >= 14 || 3143 (!server->noblocksnd && (retries > 2))) { 3144 cifs_server_dbg(VFS, "sends on sock %p stuck for 15 seconds\n", 3145 server->ssocket); 3146 return -EAGAIN; 3147 } 3148 msleep(1 << retries); 3149 continue; 3150 } 3151 3152 if (rc < 0) 3153 return rc; 3154 3155 if (rc == 0) { 3156 cifs_dbg(FYI, "Received no data (TCP RST)\n"); 3157 return -ECONNABORTED; 3158 } 3159 3160 /* recv was at least partially successful */ 3161 *recv += rc; 3162 retries = 0; /* in case we get ENOSPC on the next send */ 3163 } 3164 return 0; 3165 } 3166 3167 static int 3168 ip_rfc1001_connect(struct TCP_Server_Info *server) 3169 { 3170 int rc = 0; 3171 /* 3172 * some servers require RFC1001 sessinit before sending 3173 * negprot - BB check reconnection in case where second 3174 * sessinit is sent but no second negprot 3175 */ 3176 struct rfc1002_session_packet req = {}; 3177 struct rfc1002_session_packet resp = {}; 3178 struct msghdr msg = {}; 3179 struct kvec iov = {}; 3180 unsigned int len; 3181 size_t sent; 3182 size_t recv; 3183 3184 req.trailer.session_req.called_len = sizeof(req.trailer.session_req.called_name); 3185 3186 if (server->server_RFC1001_name[0] != 0) 3187 rfc1002mangle(req.trailer.session_req.called_name, 3188 server->server_RFC1001_name, 3189 RFC1001_NAME_LEN_WITH_NULL); 3190 else 3191 rfc1002mangle(req.trailer.session_req.called_name, 3192 DEFAULT_CIFS_CALLED_NAME, 3193 RFC1001_NAME_LEN_WITH_NULL); 3194 3195 req.trailer.session_req.calling_len = sizeof(req.trailer.session_req.calling_name); 3196 3197 /* calling name ends in null (byte 16) from old smb convention */ 3198 if (server->workstation_RFC1001_name[0] != 0) 3199 rfc1002mangle(req.trailer.session_req.calling_name, 3200 server->workstation_RFC1001_name, 3201 RFC1001_NAME_LEN_WITH_NULL); 3202 else 3203 rfc1002mangle(req.trailer.session_req.calling_name, 3204 "LINUX_CIFS_CLNT", 3205 RFC1001_NAME_LEN_WITH_NULL); 3206 3207 /* 3208 * As per rfc1002, @len must be the number of bytes that follows the 3209 * length field of a rfc1002 session request payload. 3210 */ 3211 len = sizeof(req.trailer.session_req); 3212 req.type = RFC1002_SESSION_REQUEST; 3213 req.flags = 0; 3214 req.length = cpu_to_be16(len); 3215 len += offsetof(typeof(req), trailer.session_req); 3216 iov.iov_base = &req; 3217 iov.iov_len = len; 3218 iov_iter_kvec(&msg.msg_iter, ITER_SOURCE, &iov, 1, len); 3219 rc = smb_send_kvec(server, &msg, &sent); 3220 if (rc < 0 || len != sent) 3221 return (rc == -EINTR || rc == -EAGAIN) ? rc : -ECONNABORTED; 3222 3223 /* 3224 * RFC1001 layer in at least one server requires very short break before 3225 * negprot presumably because not expecting negprot to follow so fast. 3226 * For example DOS SMB servers cannot process negprot if it was received 3227 * before the server sent response for SESSION_REQUEST packet. So, wait 3228 * for the response, read it and parse it as it can contain useful error 3229 * information (e.g. specified server name was incorrect). For example 3230 * even the latest Windows Server 2022 SMB1 server over port 139 send 3231 * error if its server name was in SESSION_REQUEST packet incorrect. 3232 * Nowadays usage of port 139 is not common, so waiting for reply here 3233 * does not slowing down mounting of common case (over port 445). 3234 */ 3235 len = offsetof(typeof(resp), trailer); 3236 iov.iov_base = &resp; 3237 iov.iov_len = len; 3238 iov_iter_kvec(&msg.msg_iter, ITER_DEST, &iov, 1, len); 3239 rc = smb_recv_kvec(server, &msg, &recv); 3240 if (rc < 0 || recv != len) 3241 return (rc == -EINTR || rc == -EAGAIN) ? rc : -ECONNABORTED; 3242 3243 switch (resp.type) { 3244 case RFC1002_POSITIVE_SESSION_RESPONSE: 3245 if (be16_to_cpu(resp.length) != 0) { 3246 cifs_dbg(VFS, "RFC 1002 positive session response but with invalid non-zero length %u\n", 3247 be16_to_cpu(resp.length)); 3248 return -EIO; 3249 } 3250 cifs_dbg(FYI, "RFC 1002 positive session response"); 3251 break; 3252 case RFC1002_NEGATIVE_SESSION_RESPONSE: 3253 /* Read RFC1002 response error code and convert it to errno in rc */ 3254 len = sizeof(resp.trailer.neg_ses_resp_error_code); 3255 iov.iov_base = &resp.trailer.neg_ses_resp_error_code; 3256 iov.iov_len = len; 3257 iov_iter_kvec(&msg.msg_iter, ITER_DEST, &iov, 1, len); 3258 if (be16_to_cpu(resp.length) == len && 3259 smb_recv_kvec(server, &msg, &recv) == 0 && 3260 recv == len) { 3261 cifs_dbg(VFS, "RFC 1002 negative session response with error 0x%x\n", 3262 resp.trailer.neg_ses_resp_error_code); 3263 switch (resp.trailer.neg_ses_resp_error_code) { 3264 case RFC1002_NOT_LISTENING_CALLED: 3265 /* server does not listen for specified server name */ 3266 fallthrough; 3267 case RFC1002_NOT_PRESENT: 3268 /* server name is incorrect */ 3269 rc = -ENOENT; 3270 cifs_dbg(VFS, "Server rejected NetBIOS servername %.15s\n", 3271 server->server_RFC1001_name[0] ? 3272 server->server_RFC1001_name : 3273 DEFAULT_CIFS_CALLED_NAME); 3274 cifs_dbg(VFS, "Specify correct NetBIOS servername in source path or with -o servern= option\n"); 3275 break; 3276 case RFC1002_NOT_LISTENING_CALLING: 3277 /* client name was not accepted by server */ 3278 rc = -EACCES; 3279 cifs_dbg(VFS, "Server rejected NetBIOS clientname %.15s\n", 3280 server->workstation_RFC1001_name[0] ? 3281 server->workstation_RFC1001_name : 3282 "LINUX_CIFS_CLNT"); 3283 cifs_dbg(VFS, "Specify correct NetBIOS clientname with -o netbiosname= option\n"); 3284 break; 3285 case RFC1002_INSUFFICIENT_RESOURCE: 3286 /* remote server resource error */ 3287 rc = -EREMOTEIO; 3288 break; 3289 case RFC1002_UNSPECIFIED_ERROR: 3290 default: 3291 /* other/unknown error */ 3292 rc = -EIO; 3293 break; 3294 } 3295 } else { 3296 cifs_dbg(VFS, "RFC 1002 negative session response\n"); 3297 rc = -EIO; 3298 } 3299 return rc; 3300 case RFC1002_RETARGET_SESSION_RESPONSE: 3301 cifs_dbg(VFS, "RFC 1002 retarget session response\n"); 3302 if (be16_to_cpu(resp.length) == sizeof(resp.trailer.retarget_resp)) { 3303 len = sizeof(resp.trailer.retarget_resp); 3304 iov.iov_base = &resp.trailer.retarget_resp; 3305 iov.iov_len = len; 3306 iov_iter_kvec(&msg.msg_iter, ITER_DEST, &iov, 1, len); 3307 if (smb_recv_kvec(server, &msg, &recv) == 0 && recv == len) { 3308 cifs_dbg(VFS, "Server wants to redirect connection\n"); 3309 cifs_dbg(VFS, "Remount with options -o ip=%pI4,port=%u\n", 3310 &resp.trailer.retarget_resp.retarget_ip_addr, 3311 be16_to_cpu(resp.trailer.retarget_resp.port)); 3312 } 3313 } 3314 cifs_dbg(VFS, "Closing connection\n"); 3315 /* FIXME: Should we automatically redirect to new retarget_resp server? */ 3316 return -EMULTIHOP; 3317 default: 3318 cifs_dbg(VFS, "RFC 1002 unknown response type 0x%x\n", resp.type); 3319 return -EIO; 3320 } 3321 3322 server->with_rfc1001 = true; 3323 return 0; 3324 } 3325 3326 static int 3327 generic_ip_connect(struct TCP_Server_Info *server) 3328 { 3329 struct sockaddr *saddr; 3330 struct socket *socket; 3331 int slen, sfamily; 3332 __be16 sport; 3333 int rc = 0; 3334 3335 saddr = (struct sockaddr *) &server->dstaddr; 3336 3337 if (server->dstaddr.ss_family == AF_INET6) { 3338 struct sockaddr_in6 *ipv6 = (struct sockaddr_in6 *)&server->dstaddr; 3339 3340 sport = ipv6->sin6_port; 3341 slen = sizeof(struct sockaddr_in6); 3342 sfamily = AF_INET6; 3343 cifs_dbg(FYI, "%s: connecting to [%pI6]:%d\n", __func__, &ipv6->sin6_addr, 3344 ntohs(sport)); 3345 } else { 3346 struct sockaddr_in *ipv4 = (struct sockaddr_in *)&server->dstaddr; 3347 3348 sport = ipv4->sin_port; 3349 slen = sizeof(struct sockaddr_in); 3350 sfamily = AF_INET; 3351 cifs_dbg(FYI, "%s: connecting to %pI4:%d\n", __func__, &ipv4->sin_addr, 3352 ntohs(sport)); 3353 } 3354 3355 if (server->ssocket) { 3356 socket = server->ssocket; 3357 } else { 3358 struct net *net = cifs_net_ns(server); 3359 struct sock *sk; 3360 3361 rc = __sock_create(net, sfamily, SOCK_STREAM, 3362 IPPROTO_TCP, &server->ssocket, 1); 3363 if (rc < 0) { 3364 cifs_server_dbg(VFS, "Error %d creating socket\n", rc); 3365 return rc; 3366 } 3367 3368 sk = server->ssocket->sk; 3369 __netns_tracker_free(net, &sk->ns_tracker, false); 3370 sk->sk_net_refcnt = 1; 3371 get_net_track(net, &sk->ns_tracker, GFP_KERNEL); 3372 sock_inuse_add(net, 1); 3373 3374 /* BB other socket options to set KEEPALIVE, NODELAY? */ 3375 cifs_dbg(FYI, "Socket created\n"); 3376 socket = server->ssocket; 3377 socket->sk->sk_allocation = GFP_NOFS; 3378 socket->sk->sk_use_task_frag = false; 3379 if (sfamily == AF_INET6) 3380 cifs_reclassify_socket6(socket); 3381 else 3382 cifs_reclassify_socket4(socket); 3383 } 3384 3385 rc = bind_socket(server); 3386 if (rc < 0) 3387 return rc; 3388 3389 /* 3390 * Eventually check for other socket options to change from 3391 * the default. sock_setsockopt not used because it expects 3392 * user space buffer 3393 */ 3394 socket->sk->sk_rcvtimeo = 7 * HZ; 3395 socket->sk->sk_sndtimeo = 5 * HZ; 3396 3397 /* make the bufsizes depend on wsize/rsize and max requests */ 3398 if (server->noautotune) { 3399 if (socket->sk->sk_sndbuf < (200 * 1024)) 3400 socket->sk->sk_sndbuf = 200 * 1024; 3401 if (socket->sk->sk_rcvbuf < (140 * 1024)) 3402 socket->sk->sk_rcvbuf = 140 * 1024; 3403 } 3404 3405 if (server->tcp_nodelay) 3406 tcp_sock_set_nodelay(socket->sk); 3407 3408 cifs_dbg(FYI, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx\n", 3409 socket->sk->sk_sndbuf, 3410 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo); 3411 3412 rc = kernel_connect(socket, saddr, slen, 3413 server->noblockcnt ? O_NONBLOCK : 0); 3414 /* 3415 * When mounting SMB root file systems, we do not want to block in 3416 * connect. Otherwise bail out and then let cifs_reconnect() perform 3417 * reconnect failover - if possible. 3418 */ 3419 if (server->noblockcnt && rc == -EINPROGRESS) 3420 rc = 0; 3421 if (rc < 0) { 3422 cifs_dbg(FYI, "Error %d connecting to server\n", rc); 3423 trace_smb3_connect_err(server->hostname, server->conn_id, &server->dstaddr, rc); 3424 sock_release(socket); 3425 server->ssocket = NULL; 3426 return rc; 3427 } 3428 trace_smb3_connect_done(server->hostname, server->conn_id, &server->dstaddr); 3429 3430 /* 3431 * Establish RFC1001 NetBIOS session when it was explicitly requested 3432 * by mount option -o nbsessinit, or when connecting to default RFC1001 3433 * server port (139) and it was not explicitly disabled by mount option 3434 * -o nonbsessinit. 3435 */ 3436 if (server->with_rfc1001 || 3437 server->rfc1001_sessinit == 1 || 3438 (server->rfc1001_sessinit == -1 && sport == htons(RFC1001_PORT))) 3439 rc = ip_rfc1001_connect(server); 3440 3441 return rc; 3442 } 3443 3444 static int 3445 ip_connect(struct TCP_Server_Info *server) 3446 { 3447 __be16 *sport; 3448 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr; 3449 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr; 3450 3451 if (server->dstaddr.ss_family == AF_INET6) 3452 sport = &addr6->sin6_port; 3453 else 3454 sport = &addr->sin_port; 3455 3456 if (*sport == 0) { 3457 int rc; 3458 3459 /* try with 445 port at first */ 3460 *sport = htons(CIFS_PORT); 3461 3462 rc = generic_ip_connect(server); 3463 if (rc >= 0) 3464 return rc; 3465 3466 /* if it failed, try with 139 port */ 3467 *sport = htons(RFC1001_PORT); 3468 } 3469 3470 return generic_ip_connect(server); 3471 } 3472 3473 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY 3474 void reset_cifs_unix_caps(unsigned int xid, struct cifs_tcon *tcon, 3475 struct cifs_sb_info *cifs_sb, struct smb3_fs_context *ctx) 3476 { 3477 /* 3478 * If we are reconnecting then should we check to see if 3479 * any requested capabilities changed locally e.g. via 3480 * remount but we can not do much about it here 3481 * if they have (even if we could detect it by the following) 3482 * Perhaps we could add a backpointer to array of sb from tcon 3483 * or if we change to make all sb to same share the same 3484 * sb as NFS - then we only have one backpointer to sb. 3485 * What if we wanted to mount the server share twice once with 3486 * and once without posixacls or posix paths? 3487 */ 3488 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability); 3489 3490 if (ctx && ctx->no_linux_ext) { 3491 tcon->fsUnixInfo.Capability = 0; 3492 tcon->unix_ext = 0; /* Unix Extensions disabled */ 3493 cifs_dbg(FYI, "Linux protocol extensions disabled\n"); 3494 return; 3495 } else if (ctx) 3496 tcon->unix_ext = 1; /* Unix Extensions supported */ 3497 3498 if (!tcon->unix_ext) { 3499 cifs_dbg(FYI, "Unix extensions disabled so not set on reconnect\n"); 3500 return; 3501 } 3502 3503 if (!CIFSSMBQFSUnixInfo(xid, tcon)) { 3504 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability); 3505 3506 cifs_dbg(FYI, "unix caps which server supports %lld\n", cap); 3507 /* 3508 * check for reconnect case in which we do not 3509 * want to change the mount behavior if we can avoid it 3510 */ 3511 if (ctx == NULL) { 3512 /* 3513 * turn off POSIX ACL and PATHNAMES if not set 3514 * originally at mount time 3515 */ 3516 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0) 3517 cap &= ~CIFS_UNIX_POSIX_ACL_CAP; 3518 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) { 3519 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) 3520 cifs_dbg(VFS, "POSIXPATH support change\n"); 3521 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP; 3522 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) { 3523 cifs_dbg(VFS, "possible reconnect error\n"); 3524 cifs_dbg(VFS, "server disabled POSIX path support\n"); 3525 } 3526 } 3527 3528 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP) 3529 cifs_dbg(VFS, "per-share encryption not supported yet\n"); 3530 3531 cap &= CIFS_UNIX_CAP_MASK; 3532 if (ctx && ctx->no_psx_acl) 3533 cap &= ~CIFS_UNIX_POSIX_ACL_CAP; 3534 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) { 3535 cifs_dbg(FYI, "negotiated posix acl support\n"); 3536 if (cifs_sb) 3537 cifs_sb->mnt_cifs_flags |= 3538 CIFS_MOUNT_POSIXACL; 3539 } 3540 3541 if (ctx && ctx->posix_paths == 0) 3542 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP; 3543 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) { 3544 cifs_dbg(FYI, "negotiate posix pathnames\n"); 3545 if (cifs_sb) 3546 cifs_sb->mnt_cifs_flags |= 3547 CIFS_MOUNT_POSIX_PATHS; 3548 } 3549 3550 cifs_dbg(FYI, "Negotiate caps 0x%x\n", (int)cap); 3551 #ifdef CONFIG_CIFS_DEBUG2 3552 if (cap & CIFS_UNIX_FCNTL_CAP) 3553 cifs_dbg(FYI, "FCNTL cap\n"); 3554 if (cap & CIFS_UNIX_EXTATTR_CAP) 3555 cifs_dbg(FYI, "EXTATTR cap\n"); 3556 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) 3557 cifs_dbg(FYI, "POSIX path cap\n"); 3558 if (cap & CIFS_UNIX_XATTR_CAP) 3559 cifs_dbg(FYI, "XATTR cap\n"); 3560 if (cap & CIFS_UNIX_POSIX_ACL_CAP) 3561 cifs_dbg(FYI, "POSIX ACL cap\n"); 3562 if (cap & CIFS_UNIX_LARGE_READ_CAP) 3563 cifs_dbg(FYI, "very large read cap\n"); 3564 if (cap & CIFS_UNIX_LARGE_WRITE_CAP) 3565 cifs_dbg(FYI, "very large write cap\n"); 3566 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP) 3567 cifs_dbg(FYI, "transport encryption cap\n"); 3568 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP) 3569 cifs_dbg(FYI, "mandatory transport encryption cap\n"); 3570 #endif /* CIFS_DEBUG2 */ 3571 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) { 3572 if (ctx == NULL) 3573 cifs_dbg(FYI, "resetting capabilities failed\n"); 3574 else 3575 cifs_dbg(VFS, "Negotiating Unix capabilities with the server failed. Consider mounting with the Unix Extensions disabled if problems are found by specifying the nounix mount option.\n"); 3576 3577 } 3578 } 3579 } 3580 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */ 3581 3582 int cifs_setup_cifs_sb(struct cifs_sb_info *cifs_sb) 3583 { 3584 struct smb3_fs_context *ctx = cifs_sb->ctx; 3585 3586 INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks); 3587 INIT_LIST_HEAD(&cifs_sb->tcon_sb_link); 3588 3589 spin_lock_init(&cifs_sb->tlink_tree_lock); 3590 cifs_sb->tlink_tree = RB_ROOT; 3591 3592 cifs_dbg(FYI, "file mode: %04ho dir mode: %04ho\n", 3593 ctx->file_mode, ctx->dir_mode); 3594 3595 /* this is needed for ASCII cp to Unicode converts */ 3596 if (ctx->iocharset == NULL) { 3597 /* load_nls_default cannot return null */ 3598 cifs_sb->local_nls = load_nls_default(); 3599 } else { 3600 cifs_sb->local_nls = load_nls(ctx->iocharset); 3601 if (cifs_sb->local_nls == NULL) { 3602 cifs_dbg(VFS, "CIFS mount error: iocharset %s not found\n", 3603 ctx->iocharset); 3604 return -ELIBACC; 3605 } 3606 } 3607 ctx->local_nls = cifs_sb->local_nls; 3608 3609 smb3_update_mnt_flags(cifs_sb); 3610 3611 if (ctx->direct_io) 3612 cifs_dbg(FYI, "mounting share using direct i/o\n"); 3613 if (ctx->cache_ro) { 3614 cifs_dbg(VFS, "mounting share with read only caching. Ensure that the share will not be modified while in use.\n"); 3615 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RO_CACHE; 3616 } else if (ctx->cache_rw) { 3617 cifs_dbg(VFS, "mounting share in single client RW caching mode. Ensure that no other systems will be accessing the share.\n"); 3618 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_RO_CACHE | 3619 CIFS_MOUNT_RW_CACHE); 3620 } 3621 3622 if ((ctx->cifs_acl) && (ctx->dynperm)) 3623 cifs_dbg(VFS, "mount option dynperm ignored if cifsacl mount option supported\n"); 3624 3625 if (ctx->prepath) { 3626 cifs_sb->prepath = kstrdup(ctx->prepath, GFP_KERNEL); 3627 if (cifs_sb->prepath == NULL) 3628 return -ENOMEM; 3629 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_USE_PREFIX_PATH; 3630 } 3631 3632 return 0; 3633 } 3634 3635 /* Release all succeed connections */ 3636 void cifs_mount_put_conns(struct cifs_mount_ctx *mnt_ctx) 3637 { 3638 int rc = 0; 3639 3640 if (mnt_ctx->tcon) 3641 cifs_put_tcon(mnt_ctx->tcon, netfs_trace_tcon_ref_put_mnt_ctx); 3642 else if (mnt_ctx->ses) 3643 cifs_put_smb_ses(mnt_ctx->ses); 3644 else if (mnt_ctx->server) 3645 cifs_put_tcp_session(mnt_ctx->server, 0); 3646 mnt_ctx->ses = NULL; 3647 mnt_ctx->tcon = NULL; 3648 mnt_ctx->server = NULL; 3649 mnt_ctx->cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_POSIX_PATHS; 3650 free_xid(mnt_ctx->xid); 3651 } 3652 3653 int cifs_mount_get_session(struct cifs_mount_ctx *mnt_ctx) 3654 { 3655 struct TCP_Server_Info *server = NULL; 3656 struct smb3_fs_context *ctx; 3657 struct cifs_ses *ses = NULL; 3658 unsigned int xid; 3659 int rc = 0; 3660 3661 xid = get_xid(); 3662 3663 if (WARN_ON_ONCE(!mnt_ctx || !mnt_ctx->fs_ctx)) { 3664 rc = -EINVAL; 3665 goto out; 3666 } 3667 ctx = mnt_ctx->fs_ctx; 3668 3669 /* get a reference to a tcp session */ 3670 server = cifs_get_tcp_session(ctx, NULL); 3671 if (IS_ERR(server)) { 3672 rc = PTR_ERR(server); 3673 server = NULL; 3674 goto out; 3675 } 3676 3677 /* get a reference to a SMB session */ 3678 ses = cifs_get_smb_ses(server, ctx); 3679 if (IS_ERR(ses)) { 3680 rc = PTR_ERR(ses); 3681 ses = NULL; 3682 goto out; 3683 } 3684 3685 if ((ctx->persistent == true) && (!(ses->server->capabilities & 3686 SMB2_GLOBAL_CAP_PERSISTENT_HANDLES))) { 3687 cifs_server_dbg(VFS, "persistent handles not supported by server\n"); 3688 rc = -EOPNOTSUPP; 3689 } 3690 3691 out: 3692 mnt_ctx->xid = xid; 3693 mnt_ctx->server = server; 3694 mnt_ctx->ses = ses; 3695 mnt_ctx->tcon = NULL; 3696 3697 return rc; 3698 } 3699 3700 int cifs_mount_get_tcon(struct cifs_mount_ctx *mnt_ctx) 3701 { 3702 struct TCP_Server_Info *server; 3703 struct cifs_sb_info *cifs_sb; 3704 struct smb3_fs_context *ctx; 3705 struct cifs_tcon *tcon = NULL; 3706 int rc = 0; 3707 3708 if (WARN_ON_ONCE(!mnt_ctx || !mnt_ctx->server || !mnt_ctx->ses || !mnt_ctx->fs_ctx || 3709 !mnt_ctx->cifs_sb)) { 3710 rc = -EINVAL; 3711 goto out; 3712 } 3713 server = mnt_ctx->server; 3714 ctx = mnt_ctx->fs_ctx; 3715 cifs_sb = mnt_ctx->cifs_sb; 3716 3717 /* search for existing tcon to this server share */ 3718 tcon = cifs_get_tcon(mnt_ctx->ses, ctx); 3719 if (IS_ERR(tcon)) { 3720 rc = PTR_ERR(tcon); 3721 tcon = NULL; 3722 goto out; 3723 } 3724 3725 /* if new SMB3.11 POSIX extensions are supported do not remap / and \ */ 3726 if (tcon->posix_extensions) 3727 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_POSIX_PATHS; 3728 3729 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY 3730 /* tell server which Unix caps we support */ 3731 if (cap_unix(tcon->ses)) { 3732 /* 3733 * reset of caps checks mount to see if unix extensions disabled 3734 * for just this mount. 3735 */ 3736 reset_cifs_unix_caps(mnt_ctx->xid, tcon, cifs_sb, ctx); 3737 spin_lock(&tcon->ses->server->srv_lock); 3738 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) && 3739 (le64_to_cpu(tcon->fsUnixInfo.Capability) & 3740 CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) { 3741 spin_unlock(&tcon->ses->server->srv_lock); 3742 rc = -EACCES; 3743 goto out; 3744 } 3745 spin_unlock(&tcon->ses->server->srv_lock); 3746 } else 3747 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */ 3748 tcon->unix_ext = 0; /* server does not support them */ 3749 3750 /* do not care if a following call succeed - informational */ 3751 if (!tcon->pipe && server->ops->qfs_tcon) { 3752 server->ops->qfs_tcon(mnt_ctx->xid, tcon, cifs_sb); 3753 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_RO_CACHE) { 3754 if (tcon->fsDevInfo.DeviceCharacteristics & 3755 cpu_to_le32(FILE_READ_ONLY_DEVICE)) 3756 cifs_dbg(VFS, "mounted to read only share\n"); 3757 else if ((cifs_sb->mnt_cifs_flags & 3758 CIFS_MOUNT_RW_CACHE) == 0) 3759 cifs_dbg(VFS, "read only mount of RW share\n"); 3760 /* no need to log a RW mount of a typical RW share */ 3761 } 3762 } 3763 3764 cifs_negotiate_iosize(server, cifs_sb->ctx, tcon); 3765 /* 3766 * The cookie is initialized from volume info returned above. 3767 * Inside cifs_fscache_get_super_cookie it checks 3768 * that we do not get super cookie twice. 3769 */ 3770 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_FSCACHE) 3771 cifs_fscache_get_super_cookie(tcon); 3772 3773 out: 3774 mnt_ctx->tcon = tcon; 3775 return rc; 3776 } 3777 3778 static int mount_setup_tlink(struct cifs_sb_info *cifs_sb, struct cifs_ses *ses, 3779 struct cifs_tcon *tcon) 3780 { 3781 struct tcon_link *tlink; 3782 3783 /* hang the tcon off of the superblock */ 3784 tlink = kzalloc(sizeof(*tlink), GFP_KERNEL); 3785 if (tlink == NULL) 3786 return -ENOMEM; 3787 3788 tlink->tl_uid = ses->linux_uid; 3789 tlink->tl_tcon = tcon; 3790 tlink->tl_time = jiffies; 3791 set_bit(TCON_LINK_MASTER, &tlink->tl_flags); 3792 set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags); 3793 3794 cifs_sb->master_tlink = tlink; 3795 spin_lock(&cifs_sb->tlink_tree_lock); 3796 tlink_rb_insert(&cifs_sb->tlink_tree, tlink); 3797 spin_unlock(&cifs_sb->tlink_tree_lock); 3798 3799 spin_lock(&tcon->sb_list_lock); 3800 list_add(&cifs_sb->tcon_sb_link, &tcon->cifs_sb_list); 3801 spin_unlock(&tcon->sb_list_lock); 3802 3803 queue_delayed_work(cifsiod_wq, &cifs_sb->prune_tlinks, 3804 TLINK_IDLE_EXPIRE); 3805 return 0; 3806 } 3807 3808 static int 3809 cifs_are_all_path_components_accessible(struct TCP_Server_Info *server, 3810 unsigned int xid, 3811 struct cifs_tcon *tcon, 3812 struct cifs_sb_info *cifs_sb, 3813 char *full_path, 3814 int added_treename) 3815 { 3816 int rc; 3817 char *s; 3818 char sep, tmp; 3819 int skip = added_treename ? 1 : 0; 3820 3821 sep = CIFS_DIR_SEP(cifs_sb); 3822 s = full_path; 3823 3824 rc = server->ops->is_path_accessible(xid, tcon, cifs_sb, ""); 3825 while (rc == 0) { 3826 /* skip separators */ 3827 while (*s == sep) 3828 s++; 3829 if (!*s) 3830 break; 3831 /* next separator */ 3832 while (*s && *s != sep) 3833 s++; 3834 /* 3835 * if the treename is added, we then have to skip the first 3836 * part within the separators 3837 */ 3838 if (skip) { 3839 skip = 0; 3840 continue; 3841 } 3842 /* 3843 * temporarily null-terminate the path at the end of 3844 * the current component 3845 */ 3846 tmp = *s; 3847 *s = 0; 3848 rc = server->ops->is_path_accessible(xid, tcon, cifs_sb, 3849 full_path); 3850 *s = tmp; 3851 } 3852 return rc; 3853 } 3854 3855 /* 3856 * Check if path is remote (i.e. a DFS share). 3857 * 3858 * Return -EREMOTE if it is, otherwise 0 or -errno. 3859 */ 3860 int cifs_is_path_remote(struct cifs_mount_ctx *mnt_ctx) 3861 { 3862 int rc; 3863 struct cifs_sb_info *cifs_sb = mnt_ctx->cifs_sb; 3864 struct TCP_Server_Info *server = mnt_ctx->server; 3865 unsigned int xid = mnt_ctx->xid; 3866 struct cifs_tcon *tcon = mnt_ctx->tcon; 3867 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 3868 char *full_path; 3869 3870 if (!server->ops->is_path_accessible) 3871 return -EOPNOTSUPP; 3872 3873 /* 3874 * cifs_build_path_to_root works only when we have a valid tcon 3875 */ 3876 full_path = cifs_build_path_to_root(ctx, cifs_sb, tcon, 3877 tcon->Flags & SMB_SHARE_IS_IN_DFS); 3878 if (full_path == NULL) 3879 return -ENOMEM; 3880 3881 cifs_dbg(FYI, "%s: full_path: %s\n", __func__, full_path); 3882 3883 rc = server->ops->is_path_accessible(xid, tcon, cifs_sb, 3884 full_path); 3885 if (rc != 0 && rc != -EREMOTE) 3886 goto out; 3887 3888 if (rc != -EREMOTE) { 3889 rc = cifs_are_all_path_components_accessible(server, xid, tcon, 3890 cifs_sb, full_path, tcon->Flags & SMB_SHARE_IS_IN_DFS); 3891 if (rc != 0) { 3892 cifs_server_dbg(VFS, "cannot query dirs between root and final path, enabling CIFS_MOUNT_USE_PREFIX_PATH\n"); 3893 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_USE_PREFIX_PATH; 3894 rc = 0; 3895 } 3896 } 3897 3898 out: 3899 kfree(full_path); 3900 return rc; 3901 } 3902 3903 #ifdef CONFIG_CIFS_DFS_UPCALL 3904 int cifs_mount(struct cifs_sb_info *cifs_sb, struct smb3_fs_context *ctx) 3905 { 3906 struct cifs_mount_ctx mnt_ctx = { .cifs_sb = cifs_sb, .fs_ctx = ctx, }; 3907 int rc; 3908 3909 rc = dfs_mount_share(&mnt_ctx); 3910 if (rc) 3911 goto error; 3912 if (!ctx->dfs_conn) 3913 goto out; 3914 3915 /* 3916 * After reconnecting to a different server, unique ids won't match anymore, so we disable 3917 * serverino. This prevents dentry revalidation to think the dentry are stale (ESTALE). 3918 */ 3919 cifs_autodisable_serverino(cifs_sb); 3920 /* 3921 * Force the use of prefix path to support failover on DFS paths that resolve to targets 3922 * that have different prefix paths. 3923 */ 3924 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_USE_PREFIX_PATH; 3925 kfree(cifs_sb->prepath); 3926 cifs_sb->prepath = ctx->prepath; 3927 ctx->prepath = NULL; 3928 3929 out: 3930 cifs_try_adding_channels(mnt_ctx.ses); 3931 rc = mount_setup_tlink(cifs_sb, mnt_ctx.ses, mnt_ctx.tcon); 3932 if (rc) 3933 goto error; 3934 3935 free_xid(mnt_ctx.xid); 3936 return rc; 3937 3938 error: 3939 cifs_mount_put_conns(&mnt_ctx); 3940 return rc; 3941 } 3942 #else 3943 int cifs_mount(struct cifs_sb_info *cifs_sb, struct smb3_fs_context *ctx) 3944 { 3945 int rc = 0; 3946 struct cifs_mount_ctx mnt_ctx = { .cifs_sb = cifs_sb, .fs_ctx = ctx, }; 3947 3948 rc = cifs_mount_get_session(&mnt_ctx); 3949 if (rc) 3950 goto error; 3951 3952 rc = cifs_mount_get_tcon(&mnt_ctx); 3953 if (!rc) { 3954 /* 3955 * Prevent superblock from being created with any missing 3956 * connections. 3957 */ 3958 if (WARN_ON(!mnt_ctx.server)) 3959 rc = -EHOSTDOWN; 3960 else if (WARN_ON(!mnt_ctx.ses)) 3961 rc = -EACCES; 3962 else if (WARN_ON(!mnt_ctx.tcon)) 3963 rc = -ENOENT; 3964 } 3965 if (rc) 3966 goto error; 3967 3968 rc = cifs_is_path_remote(&mnt_ctx); 3969 if (rc == -EREMOTE) 3970 rc = -EOPNOTSUPP; 3971 if (rc) 3972 goto error; 3973 3974 rc = mount_setup_tlink(cifs_sb, mnt_ctx.ses, mnt_ctx.tcon); 3975 if (rc) 3976 goto error; 3977 3978 free_xid(mnt_ctx.xid); 3979 return rc; 3980 3981 error: 3982 cifs_mount_put_conns(&mnt_ctx); 3983 return rc; 3984 } 3985 #endif 3986 3987 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY 3988 /* 3989 * Issue a TREE_CONNECT request. 3990 */ 3991 int 3992 CIFSTCon(const unsigned int xid, struct cifs_ses *ses, 3993 const char *tree, struct cifs_tcon *tcon, 3994 const struct nls_table *nls_codepage) 3995 { 3996 struct smb_hdr *smb_buffer; 3997 struct smb_hdr *smb_buffer_response; 3998 TCONX_REQ *pSMB; 3999 TCONX_RSP *pSMBr; 4000 unsigned char *bcc_ptr; 4001 int rc = 0; 4002 int length; 4003 __u16 bytes_left, count; 4004 4005 if (ses == NULL) 4006 return -EIO; 4007 4008 smb_buffer = cifs_buf_get(); 4009 if (smb_buffer == NULL) 4010 return -ENOMEM; 4011 4012 smb_buffer_response = smb_buffer; 4013 4014 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX, 4015 NULL /*no tid */, 4 /*wct */); 4016 4017 smb_buffer->Mid = get_next_mid(ses->server); 4018 smb_buffer->Uid = ses->Suid; 4019 pSMB = (TCONX_REQ *) smb_buffer; 4020 pSMBr = (TCONX_RSP *) smb_buffer_response; 4021 4022 pSMB->AndXCommand = 0xFF; 4023 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO); 4024 bcc_ptr = &pSMB->Password[0]; 4025 4026 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */ 4027 *bcc_ptr = 0; /* password is null byte */ 4028 bcc_ptr++; /* skip password */ 4029 /* already aligned so no need to do it below */ 4030 4031 if (ses->server->sign) 4032 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE; 4033 4034 if (ses->capabilities & CAP_STATUS32) 4035 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS; 4036 4037 if (ses->capabilities & CAP_DFS) 4038 smb_buffer->Flags2 |= SMBFLG2_DFS; 4039 4040 if (ses->capabilities & CAP_UNICODE) { 4041 smb_buffer->Flags2 |= SMBFLG2_UNICODE; 4042 length = 4043 cifs_strtoUTF16((__le16 *) bcc_ptr, tree, 4044 6 /* max utf8 char length in bytes */ * 4045 (/* server len*/ + 256 /* share len */), nls_codepage); 4046 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */ 4047 bcc_ptr += 2; /* skip trailing null */ 4048 } else { /* ASCII */ 4049 strcpy(bcc_ptr, tree); 4050 bcc_ptr += strlen(tree) + 1; 4051 } 4052 strcpy(bcc_ptr, "?????"); 4053 bcc_ptr += strlen("?????"); 4054 bcc_ptr += 1; 4055 count = bcc_ptr - &pSMB->Password[0]; 4056 be32_add_cpu(&pSMB->hdr.smb_buf_length, count); 4057 pSMB->ByteCount = cpu_to_le16(count); 4058 4059 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length, 4060 0); 4061 4062 /* above now done in SendReceive */ 4063 if (rc == 0) { 4064 bool is_unicode; 4065 4066 tcon->tid = smb_buffer_response->Tid; 4067 bcc_ptr = pByteArea(smb_buffer_response); 4068 bytes_left = get_bcc(smb_buffer_response); 4069 length = strnlen(bcc_ptr, bytes_left - 2); 4070 if (smb_buffer->Flags2 & SMBFLG2_UNICODE) 4071 is_unicode = true; 4072 else 4073 is_unicode = false; 4074 4075 4076 /* skip service field (NB: this field is always ASCII) */ 4077 if (length == 3) { 4078 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') && 4079 (bcc_ptr[2] == 'C')) { 4080 cifs_dbg(FYI, "IPC connection\n"); 4081 tcon->ipc = true; 4082 tcon->pipe = true; 4083 } 4084 } else if (length == 2) { 4085 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) { 4086 /* the most common case */ 4087 cifs_dbg(FYI, "disk share connection\n"); 4088 } 4089 } 4090 bcc_ptr += length + 1; 4091 bytes_left -= (length + 1); 4092 strscpy(tcon->tree_name, tree, sizeof(tcon->tree_name)); 4093 4094 /* mostly informational -- no need to fail on error here */ 4095 kfree(tcon->nativeFileSystem); 4096 tcon->nativeFileSystem = cifs_strndup_from_utf16(bcc_ptr, 4097 bytes_left, is_unicode, 4098 nls_codepage); 4099 4100 cifs_dbg(FYI, "nativeFileSystem=%s\n", tcon->nativeFileSystem); 4101 4102 if ((smb_buffer_response->WordCount == 3) || 4103 (smb_buffer_response->WordCount == 7)) 4104 /* field is in same location */ 4105 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport); 4106 else 4107 tcon->Flags = 0; 4108 cifs_dbg(FYI, "Tcon flags: 0x%x\n", tcon->Flags); 4109 4110 /* 4111 * reset_cifs_unix_caps calls QFSInfo which requires 4112 * need_reconnect to be false, but we would not need to call 4113 * reset_caps if this were not a reconnect case so must check 4114 * need_reconnect flag here. The caller will also clear 4115 * need_reconnect when tcon was successful but needed to be 4116 * cleared earlier in the case of unix extensions reconnect 4117 */ 4118 if (tcon->need_reconnect && tcon->unix_ext) { 4119 cifs_dbg(FYI, "resetting caps for %s\n", tcon->tree_name); 4120 tcon->need_reconnect = false; 4121 reset_cifs_unix_caps(xid, tcon, NULL, NULL); 4122 } 4123 } 4124 cifs_buf_release(smb_buffer); 4125 return rc; 4126 } 4127 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */ 4128 4129 static void delayed_free(struct rcu_head *p) 4130 { 4131 struct cifs_sb_info *cifs_sb = container_of(p, struct cifs_sb_info, rcu); 4132 4133 unload_nls(cifs_sb->local_nls); 4134 smb3_cleanup_fs_context(cifs_sb->ctx); 4135 kfree(cifs_sb); 4136 } 4137 4138 void 4139 cifs_umount(struct cifs_sb_info *cifs_sb) 4140 { 4141 struct rb_root *root = &cifs_sb->tlink_tree; 4142 struct rb_node *node; 4143 struct tcon_link *tlink; 4144 struct cifs_tcon *tcon = NULL; 4145 4146 cancel_delayed_work_sync(&cifs_sb->prune_tlinks); 4147 4148 if (cifs_sb->master_tlink) { 4149 tcon = cifs_sb->master_tlink->tl_tcon; 4150 if (tcon) { 4151 spin_lock(&tcon->sb_list_lock); 4152 list_del_init(&cifs_sb->tcon_sb_link); 4153 spin_unlock(&tcon->sb_list_lock); 4154 } 4155 } 4156 4157 spin_lock(&cifs_sb->tlink_tree_lock); 4158 while ((node = rb_first(root))) { 4159 tlink = rb_entry(node, struct tcon_link, tl_rbnode); 4160 cifs_get_tlink(tlink); 4161 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags); 4162 rb_erase(node, root); 4163 4164 spin_unlock(&cifs_sb->tlink_tree_lock); 4165 cifs_put_tlink(tlink); 4166 spin_lock(&cifs_sb->tlink_tree_lock); 4167 } 4168 spin_unlock(&cifs_sb->tlink_tree_lock); 4169 4170 kfree(cifs_sb->prepath); 4171 call_rcu(&cifs_sb->rcu, delayed_free); 4172 } 4173 4174 int 4175 cifs_negotiate_protocol(const unsigned int xid, struct cifs_ses *ses, 4176 struct TCP_Server_Info *server) 4177 { 4178 bool in_retry = false; 4179 int rc = 0; 4180 4181 if (!server->ops->need_neg || !server->ops->negotiate) 4182 return -ENOSYS; 4183 4184 retry: 4185 /* only send once per connect */ 4186 spin_lock(&server->srv_lock); 4187 if (server->tcpStatus != CifsGood && 4188 server->tcpStatus != CifsNew && 4189 server->tcpStatus != CifsNeedNegotiate) { 4190 spin_unlock(&server->srv_lock); 4191 return -EHOSTDOWN; 4192 } 4193 4194 if (!server->ops->need_neg(server) && 4195 server->tcpStatus == CifsGood) { 4196 spin_unlock(&server->srv_lock); 4197 return 0; 4198 } 4199 4200 server->tcpStatus = CifsInNegotiate; 4201 spin_unlock(&server->srv_lock); 4202 4203 rc = server->ops->negotiate(xid, ses, server); 4204 if (rc == -EAGAIN) { 4205 /* Allow one retry attempt */ 4206 if (!in_retry) { 4207 in_retry = true; 4208 goto retry; 4209 } 4210 rc = -EHOSTDOWN; 4211 } 4212 if (rc == 0) { 4213 spin_lock(&server->srv_lock); 4214 if (server->tcpStatus == CifsInNegotiate) 4215 server->tcpStatus = CifsGood; 4216 else 4217 rc = -EHOSTDOWN; 4218 spin_unlock(&server->srv_lock); 4219 } else { 4220 spin_lock(&server->srv_lock); 4221 if (server->tcpStatus == CifsInNegotiate) 4222 server->tcpStatus = CifsNeedNegotiate; 4223 spin_unlock(&server->srv_lock); 4224 } 4225 4226 return rc; 4227 } 4228 4229 int 4230 cifs_setup_session(const unsigned int xid, struct cifs_ses *ses, 4231 struct TCP_Server_Info *server, 4232 struct nls_table *nls_info) 4233 { 4234 int rc = 0; 4235 struct TCP_Server_Info *pserver = SERVER_IS_CHAN(server) ? server->primary_server : server; 4236 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&pserver->dstaddr; 4237 struct sockaddr_in *addr = (struct sockaddr_in *)&pserver->dstaddr; 4238 bool is_binding = false; 4239 4240 spin_lock(&ses->ses_lock); 4241 cifs_dbg(FYI, "%s: channel connect bitmap: 0x%lx\n", 4242 __func__, ses->chans_need_reconnect); 4243 4244 if (ses->ses_status != SES_GOOD && 4245 ses->ses_status != SES_NEW && 4246 ses->ses_status != SES_NEED_RECON) { 4247 spin_unlock(&ses->ses_lock); 4248 return -EHOSTDOWN; 4249 } 4250 4251 /* only send once per connect */ 4252 spin_lock(&ses->chan_lock); 4253 if (CIFS_ALL_CHANS_GOOD(ses)) { 4254 if (ses->ses_status == SES_NEED_RECON) 4255 ses->ses_status = SES_GOOD; 4256 spin_unlock(&ses->chan_lock); 4257 spin_unlock(&ses->ses_lock); 4258 return 0; 4259 } 4260 4261 cifs_chan_set_in_reconnect(ses, server); 4262 is_binding = !CIFS_ALL_CHANS_NEED_RECONNECT(ses); 4263 spin_unlock(&ses->chan_lock); 4264 4265 if (!is_binding) { 4266 ses->ses_status = SES_IN_SETUP; 4267 4268 /* force iface_list refresh */ 4269 ses->iface_last_update = 0; 4270 } 4271 spin_unlock(&ses->ses_lock); 4272 4273 /* update ses ip_addr only for primary chan */ 4274 if (server == pserver) { 4275 if (server->dstaddr.ss_family == AF_INET6) 4276 scnprintf(ses->ip_addr, sizeof(ses->ip_addr), "%pI6", &addr6->sin6_addr); 4277 else 4278 scnprintf(ses->ip_addr, sizeof(ses->ip_addr), "%pI4", &addr->sin_addr); 4279 } 4280 4281 if (!is_binding) { 4282 ses->capabilities = server->capabilities; 4283 if (!linuxExtEnabled) 4284 ses->capabilities &= (~server->vals->cap_unix); 4285 4286 /* 4287 * Check if the server supports specified encoding mode. 4288 * Zero value in vals->cap_unicode indidcates that chosen 4289 * protocol dialect does not support non-UNICODE mode. 4290 */ 4291 if (ses->unicode == 1 && server->vals->cap_unicode != 0 && 4292 !(server->capabilities & server->vals->cap_unicode)) { 4293 cifs_dbg(VFS, "Server does not support mounting in UNICODE mode\n"); 4294 rc = -EOPNOTSUPP; 4295 } else if (ses->unicode == 0 && server->vals->cap_unicode == 0) { 4296 cifs_dbg(VFS, "Server does not support mounting in non-UNICODE mode\n"); 4297 rc = -EOPNOTSUPP; 4298 } else if (ses->unicode == 0) { 4299 /* 4300 * When UNICODE mode was explicitly disabled then 4301 * do not announce client UNICODE capability. 4302 */ 4303 ses->capabilities &= (~server->vals->cap_unicode); 4304 } 4305 4306 if (ses->auth_key.response) { 4307 cifs_dbg(FYI, "Free previous auth_key.response = %p\n", 4308 ses->auth_key.response); 4309 kfree_sensitive(ses->auth_key.response); 4310 ses->auth_key.response = NULL; 4311 ses->auth_key.len = 0; 4312 } 4313 } 4314 4315 cifs_dbg(FYI, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d\n", 4316 server->sec_mode, server->capabilities, server->timeAdj); 4317 4318 if (!rc) { 4319 if (server->ops->sess_setup) 4320 rc = server->ops->sess_setup(xid, ses, server, nls_info); 4321 else 4322 rc = -ENOSYS; 4323 } 4324 4325 if (rc) { 4326 cifs_server_dbg(VFS, "Send error in SessSetup = %d\n", rc); 4327 spin_lock(&ses->ses_lock); 4328 if (ses->ses_status == SES_IN_SETUP) 4329 ses->ses_status = SES_NEED_RECON; 4330 spin_lock(&ses->chan_lock); 4331 cifs_chan_clear_in_reconnect(ses, server); 4332 spin_unlock(&ses->chan_lock); 4333 spin_unlock(&ses->ses_lock); 4334 } else { 4335 spin_lock(&ses->ses_lock); 4336 if (ses->ses_status == SES_IN_SETUP) 4337 ses->ses_status = SES_GOOD; 4338 spin_lock(&ses->chan_lock); 4339 cifs_chan_clear_in_reconnect(ses, server); 4340 cifs_chan_clear_need_reconnect(ses, server); 4341 spin_unlock(&ses->chan_lock); 4342 spin_unlock(&ses->ses_lock); 4343 } 4344 4345 return rc; 4346 } 4347 4348 static int 4349 cifs_set_vol_auth(struct smb3_fs_context *ctx, struct cifs_ses *ses) 4350 { 4351 ctx->sectype = ses->sectype; 4352 4353 /* krb5 is special, since we don't need username or pw */ 4354 if (ctx->sectype == Kerberos) 4355 return 0; 4356 4357 return cifs_set_cifscreds(ctx, ses); 4358 } 4359 4360 static struct cifs_tcon * 4361 cifs_construct_tcon(struct cifs_sb_info *cifs_sb, kuid_t fsuid) 4362 { 4363 int rc; 4364 struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb); 4365 struct cifs_ses *ses; 4366 struct cifs_tcon *tcon = NULL; 4367 struct smb3_fs_context *ctx; 4368 char *origin_fullpath = NULL; 4369 4370 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); 4371 if (ctx == NULL) 4372 return ERR_PTR(-ENOMEM); 4373 4374 ctx->local_nls = cifs_sb->local_nls; 4375 ctx->linux_uid = fsuid; 4376 ctx->cred_uid = fsuid; 4377 ctx->UNC = master_tcon->tree_name; 4378 ctx->retry = master_tcon->retry; 4379 ctx->nocase = master_tcon->nocase; 4380 ctx->nohandlecache = master_tcon->nohandlecache; 4381 ctx->local_lease = master_tcon->local_lease; 4382 ctx->no_lease = master_tcon->no_lease; 4383 ctx->resilient = master_tcon->use_resilient; 4384 ctx->persistent = master_tcon->use_persistent; 4385 ctx->handle_timeout = master_tcon->handle_timeout; 4386 ctx->no_linux_ext = !master_tcon->unix_ext; 4387 ctx->linux_ext = master_tcon->posix_extensions; 4388 ctx->sectype = master_tcon->ses->sectype; 4389 ctx->sign = master_tcon->ses->sign; 4390 ctx->seal = master_tcon->seal; 4391 ctx->witness = master_tcon->use_witness; 4392 ctx->dfs_root_ses = master_tcon->ses->dfs_root_ses; 4393 ctx->unicode = master_tcon->ses->unicode; 4394 4395 rc = cifs_set_vol_auth(ctx, master_tcon->ses); 4396 if (rc) { 4397 tcon = ERR_PTR(rc); 4398 goto out; 4399 } 4400 4401 /* get a reference for the same TCP session */ 4402 spin_lock(&cifs_tcp_ses_lock); 4403 ++master_tcon->ses->server->srv_count; 4404 spin_unlock(&cifs_tcp_ses_lock); 4405 4406 ses = cifs_get_smb_ses(master_tcon->ses->server, ctx); 4407 if (IS_ERR(ses)) { 4408 tcon = ERR_CAST(ses); 4409 cifs_put_tcp_session(master_tcon->ses->server, 0); 4410 goto out; 4411 } 4412 4413 #ifdef CONFIG_CIFS_DFS_UPCALL 4414 spin_lock(&master_tcon->tc_lock); 4415 if (master_tcon->origin_fullpath) { 4416 spin_unlock(&master_tcon->tc_lock); 4417 origin_fullpath = dfs_get_path(cifs_sb, cifs_sb->ctx->source); 4418 if (IS_ERR(origin_fullpath)) { 4419 tcon = ERR_CAST(origin_fullpath); 4420 origin_fullpath = NULL; 4421 cifs_put_smb_ses(ses); 4422 goto out; 4423 } 4424 } else { 4425 spin_unlock(&master_tcon->tc_lock); 4426 } 4427 #endif 4428 4429 tcon = cifs_get_tcon(ses, ctx); 4430 if (IS_ERR(tcon)) { 4431 cifs_put_smb_ses(ses); 4432 goto out; 4433 } 4434 4435 #ifdef CONFIG_CIFS_DFS_UPCALL 4436 if (origin_fullpath) { 4437 spin_lock(&tcon->tc_lock); 4438 tcon->origin_fullpath = origin_fullpath; 4439 spin_unlock(&tcon->tc_lock); 4440 origin_fullpath = NULL; 4441 queue_delayed_work(dfscache_wq, &tcon->dfs_cache_work, 4442 dfs_cache_get_ttl() * HZ); 4443 } 4444 #endif 4445 4446 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY 4447 if (cap_unix(ses)) 4448 reset_cifs_unix_caps(0, tcon, NULL, ctx); 4449 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */ 4450 4451 out: 4452 kfree(ctx->username); 4453 kfree_sensitive(ctx->password); 4454 kfree(origin_fullpath); 4455 kfree(ctx); 4456 4457 return tcon; 4458 } 4459 4460 struct cifs_tcon * 4461 cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb) 4462 { 4463 return tlink_tcon(cifs_sb_master_tlink(cifs_sb)); 4464 } 4465 4466 /* find and return a tlink with given uid */ 4467 static struct tcon_link * 4468 tlink_rb_search(struct rb_root *root, kuid_t uid) 4469 { 4470 struct rb_node *node = root->rb_node; 4471 struct tcon_link *tlink; 4472 4473 while (node) { 4474 tlink = rb_entry(node, struct tcon_link, tl_rbnode); 4475 4476 if (uid_gt(tlink->tl_uid, uid)) 4477 node = node->rb_left; 4478 else if (uid_lt(tlink->tl_uid, uid)) 4479 node = node->rb_right; 4480 else 4481 return tlink; 4482 } 4483 return NULL; 4484 } 4485 4486 /* insert a tcon_link into the tree */ 4487 static void 4488 tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink) 4489 { 4490 struct rb_node **new = &(root->rb_node), *parent = NULL; 4491 struct tcon_link *tlink; 4492 4493 while (*new) { 4494 tlink = rb_entry(*new, struct tcon_link, tl_rbnode); 4495 parent = *new; 4496 4497 if (uid_gt(tlink->tl_uid, new_tlink->tl_uid)) 4498 new = &((*new)->rb_left); 4499 else 4500 new = &((*new)->rb_right); 4501 } 4502 4503 rb_link_node(&new_tlink->tl_rbnode, parent, new); 4504 rb_insert_color(&new_tlink->tl_rbnode, root); 4505 } 4506 4507 /* 4508 * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the 4509 * current task. 4510 * 4511 * If the superblock doesn't refer to a multiuser mount, then just return 4512 * the master tcon for the mount. 4513 * 4514 * First, search the rbtree for an existing tcon for this fsuid. If one 4515 * exists, then check to see if it's pending construction. If it is then wait 4516 * for construction to complete. Once it's no longer pending, check to see if 4517 * it failed and either return an error or retry construction, depending on 4518 * the timeout. 4519 * 4520 * If one doesn't exist then insert a new tcon_link struct into the tree and 4521 * try to construct a new one. 4522 * 4523 * REMEMBER to call cifs_put_tlink() after successful calls to cifs_sb_tlink, 4524 * to avoid refcount issues 4525 */ 4526 struct tcon_link * 4527 cifs_sb_tlink(struct cifs_sb_info *cifs_sb) 4528 { 4529 struct tcon_link *tlink, *newtlink; 4530 kuid_t fsuid = current_fsuid(); 4531 int err; 4532 4533 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER)) 4534 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb)); 4535 4536 spin_lock(&cifs_sb->tlink_tree_lock); 4537 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid); 4538 if (tlink) 4539 cifs_get_tlink(tlink); 4540 spin_unlock(&cifs_sb->tlink_tree_lock); 4541 4542 if (tlink == NULL) { 4543 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL); 4544 if (newtlink == NULL) 4545 return ERR_PTR(-ENOMEM); 4546 newtlink->tl_uid = fsuid; 4547 newtlink->tl_tcon = ERR_PTR(-EACCES); 4548 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags); 4549 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags); 4550 cifs_get_tlink(newtlink); 4551 4552 spin_lock(&cifs_sb->tlink_tree_lock); 4553 /* was one inserted after previous search? */ 4554 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid); 4555 if (tlink) { 4556 cifs_get_tlink(tlink); 4557 spin_unlock(&cifs_sb->tlink_tree_lock); 4558 kfree(newtlink); 4559 goto wait_for_construction; 4560 } 4561 tlink = newtlink; 4562 tlink_rb_insert(&cifs_sb->tlink_tree, tlink); 4563 spin_unlock(&cifs_sb->tlink_tree_lock); 4564 } else { 4565 wait_for_construction: 4566 err = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING, 4567 TASK_INTERRUPTIBLE); 4568 if (err) { 4569 cifs_put_tlink(tlink); 4570 return ERR_PTR(-ERESTARTSYS); 4571 } 4572 4573 /* if it's good, return it */ 4574 if (!IS_ERR(tlink->tl_tcon)) 4575 return tlink; 4576 4577 /* return error if we tried this already recently */ 4578 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) { 4579 err = PTR_ERR(tlink->tl_tcon); 4580 cifs_put_tlink(tlink); 4581 return ERR_PTR(err); 4582 } 4583 4584 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags)) 4585 goto wait_for_construction; 4586 } 4587 4588 tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid); 4589 clear_bit(TCON_LINK_PENDING, &tlink->tl_flags); 4590 wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING); 4591 4592 if (IS_ERR(tlink->tl_tcon)) { 4593 err = PTR_ERR(tlink->tl_tcon); 4594 if (err == -ENOKEY) 4595 err = -EACCES; 4596 cifs_put_tlink(tlink); 4597 return ERR_PTR(err); 4598 } 4599 4600 return tlink; 4601 } 4602 4603 /* 4604 * periodic workqueue job that scans tcon_tree for a superblock and closes 4605 * out tcons. 4606 */ 4607 static void 4608 cifs_prune_tlinks(struct work_struct *work) 4609 { 4610 struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info, 4611 prune_tlinks.work); 4612 struct rb_root *root = &cifs_sb->tlink_tree; 4613 struct rb_node *node; 4614 struct rb_node *tmp; 4615 struct tcon_link *tlink; 4616 4617 /* 4618 * Because we drop the spinlock in the loop in order to put the tlink 4619 * it's not guarded against removal of links from the tree. The only 4620 * places that remove entries from the tree are this function and 4621 * umounts. Because this function is non-reentrant and is canceled 4622 * before umount can proceed, this is safe. 4623 */ 4624 spin_lock(&cifs_sb->tlink_tree_lock); 4625 node = rb_first(root); 4626 while (node != NULL) { 4627 tmp = node; 4628 node = rb_next(tmp); 4629 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode); 4630 4631 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) || 4632 atomic_read(&tlink->tl_count) != 0 || 4633 time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies)) 4634 continue; 4635 4636 cifs_get_tlink(tlink); 4637 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags); 4638 rb_erase(tmp, root); 4639 4640 spin_unlock(&cifs_sb->tlink_tree_lock); 4641 cifs_put_tlink(tlink); 4642 spin_lock(&cifs_sb->tlink_tree_lock); 4643 } 4644 spin_unlock(&cifs_sb->tlink_tree_lock); 4645 4646 queue_delayed_work(cifsiod_wq, &cifs_sb->prune_tlinks, 4647 TLINK_IDLE_EXPIRE); 4648 } 4649 4650 #ifndef CONFIG_CIFS_DFS_UPCALL 4651 int cifs_tree_connect(const unsigned int xid, struct cifs_tcon *tcon) 4652 { 4653 const struct smb_version_operations *ops = tcon->ses->server->ops; 4654 int rc; 4655 4656 /* only send once per connect */ 4657 spin_lock(&tcon->tc_lock); 4658 4659 /* if tcon is marked for needing reconnect, update state */ 4660 if (tcon->need_reconnect) 4661 tcon->status = TID_NEED_TCON; 4662 4663 if (tcon->status == TID_GOOD) { 4664 spin_unlock(&tcon->tc_lock); 4665 return 0; 4666 } 4667 4668 if (tcon->status != TID_NEW && 4669 tcon->status != TID_NEED_TCON) { 4670 spin_unlock(&tcon->tc_lock); 4671 return -EHOSTDOWN; 4672 } 4673 4674 tcon->status = TID_IN_TCON; 4675 spin_unlock(&tcon->tc_lock); 4676 4677 rc = ops->tree_connect(xid, tcon->ses, tcon->tree_name, 4678 tcon, tcon->ses->local_nls); 4679 if (rc) { 4680 spin_lock(&tcon->tc_lock); 4681 if (tcon->status == TID_IN_TCON) 4682 tcon->status = TID_NEED_TCON; 4683 spin_unlock(&tcon->tc_lock); 4684 } else { 4685 spin_lock(&tcon->tc_lock); 4686 if (tcon->status == TID_IN_TCON) 4687 tcon->status = TID_GOOD; 4688 tcon->need_reconnect = false; 4689 spin_unlock(&tcon->tc_lock); 4690 } 4691 4692 return rc; 4693 } 4694 #endif 4695