Loading...
1/*
2 * fs/cifs/connect.c
3 *
4 * Copyright (C) International Business Machines Corp., 2002,2009
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21#include <linux/fs.h>
22#include <linux/net.h>
23#include <linux/string.h>
24#include <linux/list.h>
25#include <linux/wait.h>
26#include <linux/slab.h>
27#include <linux/pagemap.h>
28#include <linux/ctype.h>
29#include <linux/utsname.h>
30#include <linux/mempool.h>
31#include <linux/delay.h>
32#include <linux/completion.h>
33#include <linux/kthread.h>
34#include <linux/pagevec.h>
35#include <linux/freezer.h>
36#include <linux/namei.h>
37#include <asm/uaccess.h>
38#include <asm/processor.h>
39#include <linux/inet.h>
40#include <net/ipv6.h>
41#include "cifspdu.h"
42#include "cifsglob.h"
43#include "cifsproto.h"
44#include "cifs_unicode.h"
45#include "cifs_debug.h"
46#include "cifs_fs_sb.h"
47#include "ntlmssp.h"
48#include "nterr.h"
49#include "rfc1002pdu.h"
50#include "fscache.h"
51
52#define CIFS_PORT 445
53#define RFC1001_PORT 139
54
55/* SMB echo "timeout" -- FIXME: tunable? */
56#define SMB_ECHO_INTERVAL (60 * HZ)
57
58extern mempool_t *cifs_req_poolp;
59
60/* FIXME: should these be tunable? */
61#define TLINK_ERROR_EXPIRE (1 * HZ)
62#define TLINK_IDLE_EXPIRE (600 * HZ)
63
64static int ip_connect(struct TCP_Server_Info *server);
65static int generic_ip_connect(struct TCP_Server_Info *server);
66static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
67static void cifs_prune_tlinks(struct work_struct *work);
68static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
69 const char *devname);
70
71/*
72 * cifs tcp session reconnection
73 *
74 * mark tcp session as reconnecting so temporarily locked
75 * mark all smb sessions as reconnecting for tcp session
76 * reconnect tcp session
77 * wake up waiters on reconnection? - (not needed currently)
78 */
79static int
80cifs_reconnect(struct TCP_Server_Info *server)
81{
82 int rc = 0;
83 struct list_head *tmp, *tmp2;
84 struct cifs_ses *ses;
85 struct cifs_tcon *tcon;
86 struct mid_q_entry *mid_entry;
87 struct list_head retry_list;
88
89 spin_lock(&GlobalMid_Lock);
90 if (server->tcpStatus == CifsExiting) {
91 /* the demux thread will exit normally
92 next time through the loop */
93 spin_unlock(&GlobalMid_Lock);
94 return rc;
95 } else
96 server->tcpStatus = CifsNeedReconnect;
97 spin_unlock(&GlobalMid_Lock);
98 server->maxBuf = 0;
99
100 cFYI(1, "Reconnecting tcp session");
101
102 /* before reconnecting the tcp session, mark the smb session (uid)
103 and the tid bad so they are not used until reconnected */
104 cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
105 spin_lock(&cifs_tcp_ses_lock);
106 list_for_each(tmp, &server->smb_ses_list) {
107 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
108 ses->need_reconnect = true;
109 ses->ipc_tid = 0;
110 list_for_each(tmp2, &ses->tcon_list) {
111 tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
112 tcon->need_reconnect = true;
113 }
114 }
115 spin_unlock(&cifs_tcp_ses_lock);
116
117 /* do not want to be sending data on a socket we are freeing */
118 cFYI(1, "%s: tearing down socket", __func__);
119 mutex_lock(&server->srv_mutex);
120 if (server->ssocket) {
121 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
122 server->ssocket->flags);
123 kernel_sock_shutdown(server->ssocket, SHUT_WR);
124 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
125 server->ssocket->state,
126 server->ssocket->flags);
127 sock_release(server->ssocket);
128 server->ssocket = NULL;
129 }
130 server->sequence_number = 0;
131 server->session_estab = false;
132 kfree(server->session_key.response);
133 server->session_key.response = NULL;
134 server->session_key.len = 0;
135 server->lstrp = jiffies;
136 mutex_unlock(&server->srv_mutex);
137
138 /* mark submitted MIDs for retry and issue callback */
139 INIT_LIST_HEAD(&retry_list);
140 cFYI(1, "%s: moving mids to private list", __func__);
141 spin_lock(&GlobalMid_Lock);
142 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
143 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
144 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
145 mid_entry->midState = MID_RETRY_NEEDED;
146 list_move(&mid_entry->qhead, &retry_list);
147 }
148 spin_unlock(&GlobalMid_Lock);
149
150 cFYI(1, "%s: issuing mid callbacks", __func__);
151 list_for_each_safe(tmp, tmp2, &retry_list) {
152 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
153 list_del_init(&mid_entry->qhead);
154 mid_entry->callback(mid_entry);
155 }
156
157 do {
158 try_to_freeze();
159
160 /* we should try only the port we connected to before */
161 rc = generic_ip_connect(server);
162 if (rc) {
163 cFYI(1, "reconnect error %d", rc);
164 msleep(3000);
165 } else {
166 atomic_inc(&tcpSesReconnectCount);
167 spin_lock(&GlobalMid_Lock);
168 if (server->tcpStatus != CifsExiting)
169 server->tcpStatus = CifsNeedNegotiate;
170 spin_unlock(&GlobalMid_Lock);
171 }
172 } while (server->tcpStatus == CifsNeedReconnect);
173
174 return rc;
175}
176
177/*
178 return codes:
179 0 not a transact2, or all data present
180 >0 transact2 with that much data missing
181 -EINVAL = invalid transact2
182
183 */
184static int check2ndT2(struct smb_hdr *pSMB, unsigned int maxBufSize)
185{
186 struct smb_t2_rsp *pSMBt;
187 int remaining;
188 __u16 total_data_size, data_in_this_rsp;
189
190 if (pSMB->Command != SMB_COM_TRANSACTION2)
191 return 0;
192
193 /* check for plausible wct, bcc and t2 data and parm sizes */
194 /* check for parm and data offset going beyond end of smb */
195 if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
196 cFYI(1, "invalid transact2 word count");
197 return -EINVAL;
198 }
199
200 pSMBt = (struct smb_t2_rsp *)pSMB;
201
202 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
203 data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
204
205 if (total_data_size == data_in_this_rsp)
206 return 0;
207 else if (total_data_size < data_in_this_rsp) {
208 cFYI(1, "total data %d smaller than data in frame %d",
209 total_data_size, data_in_this_rsp);
210 return -EINVAL;
211 }
212
213 remaining = total_data_size - data_in_this_rsp;
214
215 cFYI(1, "missing %d bytes from transact2, check next response",
216 remaining);
217 if (total_data_size > maxBufSize) {
218 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
219 total_data_size, maxBufSize);
220 return -EINVAL;
221 }
222 return remaining;
223}
224
225static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
226{
227 struct smb_t2_rsp *pSMB2 = (struct smb_t2_rsp *)psecond;
228 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
229 char *data_area_of_target;
230 char *data_area_of_buf2;
231 int remaining;
232 unsigned int byte_count, total_in_buf;
233 __u16 total_data_size, total_in_buf2;
234
235 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
236
237 if (total_data_size !=
238 get_unaligned_le16(&pSMB2->t2_rsp.TotalDataCount))
239 cFYI(1, "total data size of primary and secondary t2 differ");
240
241 total_in_buf = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
242
243 remaining = total_data_size - total_in_buf;
244
245 if (remaining < 0)
246 return -EPROTO;
247
248 if (remaining == 0) /* nothing to do, ignore */
249 return 0;
250
251 total_in_buf2 = get_unaligned_le16(&pSMB2->t2_rsp.DataCount);
252 if (remaining < total_in_buf2) {
253 cFYI(1, "transact2 2nd response contains too much data");
254 }
255
256 /* find end of first SMB data area */
257 data_area_of_target = (char *)&pSMBt->hdr.Protocol +
258 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
259 /* validate target area */
260
261 data_area_of_buf2 = (char *)&pSMB2->hdr.Protocol +
262 get_unaligned_le16(&pSMB2->t2_rsp.DataOffset);
263
264 data_area_of_target += total_in_buf;
265
266 /* copy second buffer into end of first buffer */
267 total_in_buf += total_in_buf2;
268 /* is the result too big for the field? */
269 if (total_in_buf > USHRT_MAX)
270 return -EPROTO;
271 put_unaligned_le16(total_in_buf, &pSMBt->t2_rsp.DataCount);
272
273 /* fix up the BCC */
274 byte_count = get_bcc(pTargetSMB);
275 byte_count += total_in_buf2;
276 /* is the result too big for the field? */
277 if (byte_count > USHRT_MAX)
278 return -EPROTO;
279 put_bcc(byte_count, pTargetSMB);
280
281 byte_count = be32_to_cpu(pTargetSMB->smb_buf_length);
282 byte_count += total_in_buf2;
283 /* don't allow buffer to overflow */
284 if (byte_count > CIFSMaxBufSize)
285 return -ENOBUFS;
286 pTargetSMB->smb_buf_length = cpu_to_be32(byte_count);
287
288 memcpy(data_area_of_target, data_area_of_buf2, total_in_buf2);
289
290 if (remaining == total_in_buf2) {
291 cFYI(1, "found the last secondary response");
292 return 0; /* we are done */
293 } else /* more responses to go */
294 return 1;
295}
296
297static void
298cifs_echo_request(struct work_struct *work)
299{
300 int rc;
301 struct TCP_Server_Info *server = container_of(work,
302 struct TCP_Server_Info, echo.work);
303
304 /*
305 * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
306 * done, which is indicated by maxBuf != 0. Also, no need to ping if
307 * we got a response recently
308 */
309 if (server->maxBuf == 0 ||
310 time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
311 goto requeue_echo;
312
313 rc = CIFSSMBEcho(server);
314 if (rc)
315 cFYI(1, "Unable to send echo request to server: %s",
316 server->hostname);
317
318requeue_echo:
319 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
320}
321
322static bool
323allocate_buffers(char **bigbuf, char **smallbuf, unsigned int size,
324 bool is_large_buf)
325{
326 char *bbuf = *bigbuf, *sbuf = *smallbuf;
327
328 if (bbuf == NULL) {
329 bbuf = (char *)cifs_buf_get();
330 if (!bbuf) {
331 cERROR(1, "No memory for large SMB response");
332 msleep(3000);
333 /* retry will check if exiting */
334 return false;
335 }
336 } else if (is_large_buf) {
337 /* we are reusing a dirty large buf, clear its start */
338 memset(bbuf, 0, size);
339 }
340
341 if (sbuf == NULL) {
342 sbuf = (char *)cifs_small_buf_get();
343 if (!sbuf) {
344 cERROR(1, "No memory for SMB response");
345 msleep(1000);
346 /* retry will check if exiting */
347 return false;
348 }
349 /* beginning of smb buffer is cleared in our buf_get */
350 } else {
351 /* if existing small buf clear beginning */
352 memset(sbuf, 0, size);
353 }
354
355 *bigbuf = bbuf;
356 *smallbuf = sbuf;
357
358 return true;
359}
360
361static int
362read_from_socket(struct TCP_Server_Info *server, struct msghdr *smb_msg,
363 struct kvec *iov, unsigned int to_read,
364 unsigned int *ptotal_read, bool is_header_read)
365{
366 int length, rc = 0;
367 unsigned int total_read;
368 char *buf = iov->iov_base;
369
370 for (total_read = 0; total_read < to_read; total_read += length) {
371 length = kernel_recvmsg(server->ssocket, smb_msg, iov, 1,
372 to_read - total_read, 0);
373 if (server->tcpStatus == CifsExiting) {
374 /* then will exit */
375 rc = 2;
376 break;
377 } else if (server->tcpStatus == CifsNeedReconnect) {
378 cifs_reconnect(server);
379 /* Reconnect wakes up rspns q */
380 /* Now we will reread sock */
381 rc = 1;
382 break;
383 } else if (length == -ERESTARTSYS ||
384 length == -EAGAIN ||
385 length == -EINTR) {
386 /*
387 * Minimum sleep to prevent looping, allowing socket
388 * to clear and app threads to set tcpStatus
389 * CifsNeedReconnect if server hung.
390 */
391 usleep_range(1000, 2000);
392 length = 0;
393 if (!is_header_read)
394 continue;
395 /* Special handling for header read */
396 if (total_read) {
397 iov->iov_base = (to_read - total_read) +
398 buf;
399 iov->iov_len = to_read - total_read;
400 smb_msg->msg_control = NULL;
401 smb_msg->msg_controllen = 0;
402 rc = 3;
403 } else
404 rc = 1;
405 break;
406 } else if (length <= 0) {
407 cERROR(1, "Received no data, expecting %d",
408 to_read - total_read);
409 cifs_reconnect(server);
410 rc = 1;
411 break;
412 }
413 }
414
415 *ptotal_read = total_read;
416 return rc;
417}
418
419static bool
420check_rfc1002_header(struct TCP_Server_Info *server, char *buf)
421{
422 char temp = *buf;
423 unsigned int pdu_length = be32_to_cpu(
424 ((struct smb_hdr *)buf)->smb_buf_length);
425
426 /*
427 * The first byte big endian of the length field,
428 * is actually not part of the length but the type
429 * with the most common, zero, as regular data.
430 */
431 if (temp == (char) RFC1002_SESSION_KEEP_ALIVE) {
432 return false;
433 } else if (temp == (char)RFC1002_POSITIVE_SESSION_RESPONSE) {
434 cFYI(1, "Good RFC 1002 session rsp");
435 return false;
436 } else if (temp == (char)RFC1002_NEGATIVE_SESSION_RESPONSE) {
437 /*
438 * We get this from Windows 98 instead of an error on
439 * SMB negprot response.
440 */
441 cFYI(1, "Negative RFC1002 Session Response Error 0x%x)",
442 pdu_length);
443 /* give server a second to clean up */
444 msleep(1000);
445 /*
446 * Always try 445 first on reconnect since we get NACK
447 * on some if we ever connected to port 139 (the NACK
448 * is since we do not begin with RFC1001 session
449 * initialize frame).
450 */
451 cifs_set_port((struct sockaddr *)
452 &server->dstaddr, CIFS_PORT);
453 cifs_reconnect(server);
454 wake_up(&server->response_q);
455 return false;
456 } else if (temp != (char) 0) {
457 cERROR(1, "Unknown RFC 1002 frame");
458 cifs_dump_mem(" Received Data: ", buf, 4);
459 cifs_reconnect(server);
460 return false;
461 }
462
463 /* else we have an SMB response */
464 if ((pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) ||
465 (pdu_length < sizeof(struct smb_hdr) - 1 - 4)) {
466 cERROR(1, "Invalid size SMB length %d pdu_length %d",
467 4, pdu_length+4);
468 cifs_reconnect(server);
469 wake_up(&server->response_q);
470 return false;
471 }
472
473 return true;
474}
475
476static struct mid_q_entry *
477find_cifs_mid(struct TCP_Server_Info *server, struct smb_hdr *buf,
478 int *length, bool is_large_buf, bool *is_multi_rsp, char **bigbuf)
479{
480 struct mid_q_entry *mid = NULL, *tmp_mid, *ret = NULL;
481
482 spin_lock(&GlobalMid_Lock);
483 list_for_each_entry_safe(mid, tmp_mid, &server->pending_mid_q, qhead) {
484 if (mid->mid != buf->Mid ||
485 mid->midState != MID_REQUEST_SUBMITTED ||
486 mid->command != buf->Command)
487 continue;
488
489 if (*length == 0 && check2ndT2(buf, server->maxBuf) > 0) {
490 /* We have a multipart transact2 resp */
491 *is_multi_rsp = true;
492 if (mid->resp_buf) {
493 /* merge response - fix up 1st*/
494 *length = coalesce_t2(buf, mid->resp_buf);
495 if (*length > 0) {
496 *length = 0;
497 mid->multiRsp = true;
498 break;
499 }
500 /* All parts received or packet is malformed. */
501 mid->multiEnd = true;
502 goto multi_t2_fnd;
503 }
504 if (!is_large_buf) {
505 /*FIXME: switch to already allocated largebuf?*/
506 cERROR(1, "1st trans2 resp needs bigbuf");
507 } else {
508 /* Have first buffer */
509 mid->resp_buf = buf;
510 mid->largeBuf = true;
511 *bigbuf = NULL;
512 }
513 break;
514 }
515 mid->resp_buf = buf;
516 mid->largeBuf = is_large_buf;
517multi_t2_fnd:
518 if (*length == 0)
519 mid->midState = MID_RESPONSE_RECEIVED;
520 else
521 mid->midState = MID_RESPONSE_MALFORMED;
522#ifdef CONFIG_CIFS_STATS2
523 mid->when_received = jiffies;
524#endif
525 list_del_init(&mid->qhead);
526 ret = mid;
527 break;
528 }
529 spin_unlock(&GlobalMid_Lock);
530
531 return ret;
532}
533
534static void clean_demultiplex_info(struct TCP_Server_Info *server)
535{
536 int length;
537
538 /* take it off the list, if it's not already */
539 spin_lock(&cifs_tcp_ses_lock);
540 list_del_init(&server->tcp_ses_list);
541 spin_unlock(&cifs_tcp_ses_lock);
542
543 spin_lock(&GlobalMid_Lock);
544 server->tcpStatus = CifsExiting;
545 spin_unlock(&GlobalMid_Lock);
546 wake_up_all(&server->response_q);
547
548 /*
549 * Check if we have blocked requests that need to free. Note that
550 * cifs_max_pending is normally 50, but can be set at module install
551 * time to as little as two.
552 */
553 spin_lock(&GlobalMid_Lock);
554 if (atomic_read(&server->inFlight) >= cifs_max_pending)
555 atomic_set(&server->inFlight, cifs_max_pending - 1);
556 /*
557 * We do not want to set the max_pending too low or we could end up
558 * with the counter going negative.
559 */
560 spin_unlock(&GlobalMid_Lock);
561 /*
562 * Although there should not be any requests blocked on this queue it
563 * can not hurt to be paranoid and try to wake up requests that may
564 * haven been blocked when more than 50 at time were on the wire to the
565 * same server - they now will see the session is in exit state and get
566 * out of SendReceive.
567 */
568 wake_up_all(&server->request_q);
569 /* give those requests time to exit */
570 msleep(125);
571
572 if (server->ssocket) {
573 sock_release(server->ssocket);
574 server->ssocket = NULL;
575 }
576
577 if (!list_empty(&server->pending_mid_q)) {
578 struct list_head dispose_list;
579 struct mid_q_entry *mid_entry;
580 struct list_head *tmp, *tmp2;
581
582 INIT_LIST_HEAD(&dispose_list);
583 spin_lock(&GlobalMid_Lock);
584 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
585 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
586 cFYI(1, "Clearing mid 0x%x", mid_entry->mid);
587 mid_entry->midState = MID_SHUTDOWN;
588 list_move(&mid_entry->qhead, &dispose_list);
589 }
590 spin_unlock(&GlobalMid_Lock);
591
592 /* now walk dispose list and issue callbacks */
593 list_for_each_safe(tmp, tmp2, &dispose_list) {
594 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
595 cFYI(1, "Callback mid 0x%x", mid_entry->mid);
596 list_del_init(&mid_entry->qhead);
597 mid_entry->callback(mid_entry);
598 }
599 /* 1/8th of sec is more than enough time for them to exit */
600 msleep(125);
601 }
602
603 if (!list_empty(&server->pending_mid_q)) {
604 /*
605 * mpx threads have not exited yet give them at least the smb
606 * send timeout time for long ops.
607 *
608 * Due to delays on oplock break requests, we need to wait at
609 * least 45 seconds before giving up on a request getting a
610 * response and going ahead and killing cifsd.
611 */
612 cFYI(1, "Wait for exit from demultiplex thread");
613 msleep(46000);
614 /*
615 * If threads still have not exited they are probably never
616 * coming home not much else we can do but free the memory.
617 */
618 }
619
620 kfree(server->hostname);
621 kfree(server);
622
623 length = atomic_dec_return(&tcpSesAllocCount);
624 if (length > 0)
625 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
626 GFP_KERNEL);
627}
628
629static int
630cifs_demultiplex_thread(void *p)
631{
632 int length;
633 struct TCP_Server_Info *server = p;
634 unsigned int pdu_length, total_read;
635 char *buf = NULL, *bigbuf = NULL, *smallbuf = NULL;
636 struct smb_hdr *smb_buffer = NULL;
637 struct msghdr smb_msg;
638 struct kvec iov;
639 struct task_struct *task_to_wake = NULL;
640 struct mid_q_entry *mid_entry;
641 bool isLargeBuf = false;
642 bool isMultiRsp = false;
643 int rc;
644
645 current->flags |= PF_MEMALLOC;
646 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
647
648 length = atomic_inc_return(&tcpSesAllocCount);
649 if (length > 1)
650 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
651 GFP_KERNEL);
652
653 set_freezable();
654 while (server->tcpStatus != CifsExiting) {
655 if (try_to_freeze())
656 continue;
657
658 if (!allocate_buffers(&bigbuf, &smallbuf,
659 sizeof(struct smb_hdr), isLargeBuf))
660 continue;
661
662 isLargeBuf = false;
663 isMultiRsp = false;
664 smb_buffer = (struct smb_hdr *)smallbuf;
665 buf = smallbuf;
666 iov.iov_base = buf;
667 iov.iov_len = 4;
668 smb_msg.msg_control = NULL;
669 smb_msg.msg_controllen = 0;
670 pdu_length = 4; /* enough to get RFC1001 header */
671
672incomplete_rcv:
673 if (echo_retries > 0 && server->tcpStatus == CifsGood &&
674 time_after(jiffies, server->lstrp +
675 (echo_retries * SMB_ECHO_INTERVAL))) {
676 cERROR(1, "Server %s has not responded in %d seconds. "
677 "Reconnecting...", server->hostname,
678 (echo_retries * SMB_ECHO_INTERVAL / HZ));
679 cifs_reconnect(server);
680 wake_up(&server->response_q);
681 continue;
682 }
683
684 rc = read_from_socket(server, &smb_msg, &iov, pdu_length,
685 &total_read, true /* header read */);
686 if (rc == 3)
687 goto incomplete_rcv;
688 else if (rc == 2)
689 break;
690 else if (rc == 1)
691 continue;
692
693 /*
694 * The right amount was read from socket - 4 bytes,
695 * so we can now interpret the length field.
696 */
697
698 /*
699 * Note that RFC 1001 length is big endian on the wire,
700 * but we convert it here so it is always manipulated
701 * as host byte order.
702 */
703 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
704
705 cFYI(1, "rfc1002 length 0x%x", pdu_length+4);
706 if (!check_rfc1002_header(server, buf))
707 continue;
708
709 /* else length ok */
710 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
711 isLargeBuf = true;
712 memcpy(bigbuf, smallbuf, 4);
713 smb_buffer = (struct smb_hdr *)bigbuf;
714 buf = bigbuf;
715 }
716
717 iov.iov_base = 4 + buf;
718 iov.iov_len = pdu_length;
719 rc = read_from_socket(server, &smb_msg, &iov, pdu_length,
720 &total_read, false);
721 if (rc == 2)
722 break;
723 else if (rc == 1)
724 continue;
725
726 total_read += 4; /* account for rfc1002 hdr */
727
728 dump_smb(smb_buffer, total_read);
729
730 /*
731 * We know that we received enough to get to the MID as we
732 * checked the pdu_length earlier. Now check to see
733 * if the rest of the header is OK. We borrow the length
734 * var for the rest of the loop to avoid a new stack var.
735 *
736 * 48 bytes is enough to display the header and a little bit
737 * into the payload for debugging purposes.
738 */
739 length = checkSMB(smb_buffer, smb_buffer->Mid, total_read);
740 if (length != 0)
741 cifs_dump_mem("Bad SMB: ", buf,
742 min_t(unsigned int, total_read, 48));
743
744 server->lstrp = jiffies;
745
746 mid_entry = find_cifs_mid(server, smb_buffer, &length,
747 isLargeBuf, &isMultiRsp, &bigbuf);
748 if (mid_entry != NULL) {
749 mid_entry->callback(mid_entry);
750 /* Was previous buf put in mpx struct for multi-rsp? */
751 if (!isMultiRsp) {
752 /* smb buffer will be freed by user thread */
753 if (isLargeBuf)
754 bigbuf = NULL;
755 else
756 smallbuf = NULL;
757 }
758 } else if (length != 0) {
759 /* response sanity checks failed */
760 continue;
761 } else if (!is_valid_oplock_break(smb_buffer, server) &&
762 !isMultiRsp) {
763 cERROR(1, "No task to wake, unknown frame received! "
764 "NumMids %d", atomic_read(&midCount));
765 cifs_dump_mem("Received Data is: ", buf,
766 sizeof(struct smb_hdr));
767#ifdef CONFIG_CIFS_DEBUG2
768 cifs_dump_detail(smb_buffer);
769 cifs_dump_mids(server);
770#endif /* CIFS_DEBUG2 */
771
772 }
773 } /* end while !EXITING */
774
775 /* buffer usually freed in free_mid - need to free it here on exit */
776 cifs_buf_release(bigbuf);
777 if (smallbuf) /* no sense logging a debug message if NULL */
778 cifs_small_buf_release(smallbuf);
779
780 task_to_wake = xchg(&server->tsk, NULL);
781 clean_demultiplex_info(server);
782
783 /* if server->tsk was NULL then wait for a signal before exiting */
784 if (!task_to_wake) {
785 set_current_state(TASK_INTERRUPTIBLE);
786 while (!signal_pending(current)) {
787 schedule();
788 set_current_state(TASK_INTERRUPTIBLE);
789 }
790 set_current_state(TASK_RUNNING);
791 }
792
793 module_put_and_exit(0);
794}
795
796/* extract the host portion of the UNC string */
797static char *
798extract_hostname(const char *unc)
799{
800 const char *src;
801 char *dst, *delim;
802 unsigned int len;
803
804 /* skip double chars at beginning of string */
805 /* BB: check validity of these bytes? */
806 src = unc + 2;
807
808 /* delimiter between hostname and sharename is always '\\' now */
809 delim = strchr(src, '\\');
810 if (!delim)
811 return ERR_PTR(-EINVAL);
812
813 len = delim - src;
814 dst = kmalloc((len + 1), GFP_KERNEL);
815 if (dst == NULL)
816 return ERR_PTR(-ENOMEM);
817
818 memcpy(dst, src, len);
819 dst[len] = '\0';
820
821 return dst;
822}
823
824static int
825cifs_parse_mount_options(const char *mountdata, const char *devname,
826 struct smb_vol *vol)
827{
828 char *value, *data, *end;
829 char *mountdata_copy = NULL, *options;
830 unsigned int temp_len, i, j;
831 char separator[2];
832 short int override_uid = -1;
833 short int override_gid = -1;
834 bool uid_specified = false;
835 bool gid_specified = false;
836 char *nodename = utsname()->nodename;
837
838 separator[0] = ',';
839 separator[1] = 0;
840
841 /*
842 * does not have to be perfect mapping since field is
843 * informational, only used for servers that do not support
844 * port 445 and it can be overridden at mount time
845 */
846 memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
847 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
848 vol->source_rfc1001_name[i] = toupper(nodename[i]);
849
850 vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
851 /* null target name indicates to use *SMBSERVR default called name
852 if we end up sending RFC1001 session initialize */
853 vol->target_rfc1001_name[0] = 0;
854 vol->cred_uid = current_uid();
855 vol->linux_uid = current_uid();
856 vol->linux_gid = current_gid();
857
858 /* default to only allowing write access to owner of the mount */
859 vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
860
861 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
862 /* default is always to request posix paths. */
863 vol->posix_paths = 1;
864 /* default to using server inode numbers where available */
865 vol->server_ino = 1;
866
867 vol->actimeo = CIFS_DEF_ACTIMEO;
868
869 if (!mountdata)
870 goto cifs_parse_mount_err;
871
872 mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
873 if (!mountdata_copy)
874 goto cifs_parse_mount_err;
875
876 options = mountdata_copy;
877 end = options + strlen(options);
878 if (strncmp(options, "sep=", 4) == 0) {
879 if (options[4] != 0) {
880 separator[0] = options[4];
881 options += 5;
882 } else {
883 cFYI(1, "Null separator not allowed");
884 }
885 }
886
887 while ((data = strsep(&options, separator)) != NULL) {
888 if (!*data)
889 continue;
890 if ((value = strchr(data, '=')) != NULL)
891 *value++ = '\0';
892
893 /* Have to parse this before we parse for "user" */
894 if (strnicmp(data, "user_xattr", 10) == 0) {
895 vol->no_xattr = 0;
896 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
897 vol->no_xattr = 1;
898 } else if (strnicmp(data, "user", 4) == 0) {
899 if (!value) {
900 printk(KERN_WARNING
901 "CIFS: invalid or missing username\n");
902 goto cifs_parse_mount_err;
903 } else if (!*value) {
904 /* null user, ie anonymous, authentication */
905 vol->nullauth = 1;
906 }
907 if (strnlen(value, MAX_USERNAME_SIZE) <
908 MAX_USERNAME_SIZE) {
909 vol->username = kstrdup(value, GFP_KERNEL);
910 if (!vol->username) {
911 printk(KERN_WARNING "CIFS: no memory "
912 "for username\n");
913 goto cifs_parse_mount_err;
914 }
915 } else {
916 printk(KERN_WARNING "CIFS: username too long\n");
917 goto cifs_parse_mount_err;
918 }
919 } else if (strnicmp(data, "pass", 4) == 0) {
920 if (!value) {
921 vol->password = NULL;
922 continue;
923 } else if (value[0] == 0) {
924 /* check if string begins with double comma
925 since that would mean the password really
926 does start with a comma, and would not
927 indicate an empty string */
928 if (value[1] != separator[0]) {
929 vol->password = NULL;
930 continue;
931 }
932 }
933 temp_len = strlen(value);
934 /* removed password length check, NTLM passwords
935 can be arbitrarily long */
936
937 /* if comma in password, the string will be
938 prematurely null terminated. Commas in password are
939 specified across the cifs mount interface by a double
940 comma ie ,, and a comma used as in other cases ie ','
941 as a parameter delimiter/separator is single and due
942 to the strsep above is temporarily zeroed. */
943
944 /* NB: password legally can have multiple commas and
945 the only illegal character in a password is null */
946
947 if ((value[temp_len] == 0) &&
948 (value + temp_len < end) &&
949 (value[temp_len+1] == separator[0])) {
950 /* reinsert comma */
951 value[temp_len] = separator[0];
952 temp_len += 2; /* move after second comma */
953 while (value[temp_len] != 0) {
954 if (value[temp_len] == separator[0]) {
955 if (value[temp_len+1] ==
956 separator[0]) {
957 /* skip second comma */
958 temp_len++;
959 } else {
960 /* single comma indicating start
961 of next parm */
962 break;
963 }
964 }
965 temp_len++;
966 }
967 if (value[temp_len] == 0) {
968 options = NULL;
969 } else {
970 value[temp_len] = 0;
971 /* point option to start of next parm */
972 options = value + temp_len + 1;
973 }
974 /* go from value to value + temp_len condensing
975 double commas to singles. Note that this ends up
976 allocating a few bytes too many, which is ok */
977 vol->password = kzalloc(temp_len, GFP_KERNEL);
978 if (vol->password == NULL) {
979 printk(KERN_WARNING "CIFS: no memory "
980 "for password\n");
981 goto cifs_parse_mount_err;
982 }
983 for (i = 0, j = 0; i < temp_len; i++, j++) {
984 vol->password[j] = value[i];
985 if (value[i] == separator[0]
986 && value[i+1] == separator[0]) {
987 /* skip second comma */
988 i++;
989 }
990 }
991 vol->password[j] = 0;
992 } else {
993 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
994 if (vol->password == NULL) {
995 printk(KERN_WARNING "CIFS: no memory "
996 "for password\n");
997 goto cifs_parse_mount_err;
998 }
999 strcpy(vol->password, value);
1000 }
1001 } else if (!strnicmp(data, "ip", 2) ||
1002 !strnicmp(data, "addr", 4)) {
1003 if (!value || !*value) {
1004 vol->UNCip = NULL;
1005 } else if (strnlen(value, INET6_ADDRSTRLEN) <
1006 INET6_ADDRSTRLEN) {
1007 vol->UNCip = kstrdup(value, GFP_KERNEL);
1008 if (!vol->UNCip) {
1009 printk(KERN_WARNING "CIFS: no memory "
1010 "for UNC IP\n");
1011 goto cifs_parse_mount_err;
1012 }
1013 } else {
1014 printk(KERN_WARNING "CIFS: ip address "
1015 "too long\n");
1016 goto cifs_parse_mount_err;
1017 }
1018 } else if (strnicmp(data, "sec", 3) == 0) {
1019 if (!value || !*value) {
1020 cERROR(1, "no security value specified");
1021 continue;
1022 } else if (strnicmp(value, "krb5i", 5) == 0) {
1023 vol->secFlg |= CIFSSEC_MAY_KRB5 |
1024 CIFSSEC_MUST_SIGN;
1025 } else if (strnicmp(value, "krb5p", 5) == 0) {
1026 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
1027 CIFSSEC_MAY_KRB5; */
1028 cERROR(1, "Krb5 cifs privacy not supported");
1029 goto cifs_parse_mount_err;
1030 } else if (strnicmp(value, "krb5", 4) == 0) {
1031 vol->secFlg |= CIFSSEC_MAY_KRB5;
1032 } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
1033 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
1034 CIFSSEC_MUST_SIGN;
1035 } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1036 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
1037 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
1038 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
1039 CIFSSEC_MUST_SIGN;
1040 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
1041 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1042 } else if (strnicmp(value, "ntlmi", 5) == 0) {
1043 vol->secFlg |= CIFSSEC_MAY_NTLM |
1044 CIFSSEC_MUST_SIGN;
1045 } else if (strnicmp(value, "ntlm", 4) == 0) {
1046 /* ntlm is default so can be turned off too */
1047 vol->secFlg |= CIFSSEC_MAY_NTLM;
1048 } else if (strnicmp(value, "nontlm", 6) == 0) {
1049 /* BB is there a better way to do this? */
1050 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1051#ifdef CONFIG_CIFS_WEAK_PW_HASH
1052 } else if (strnicmp(value, "lanman", 6) == 0) {
1053 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1054#endif
1055 } else if (strnicmp(value, "none", 4) == 0) {
1056 vol->nullauth = 1;
1057 } else {
1058 cERROR(1, "bad security option: %s", value);
1059 goto cifs_parse_mount_err;
1060 }
1061 } else if (strnicmp(data, "vers", 3) == 0) {
1062 if (!value || !*value) {
1063 cERROR(1, "no protocol version specified"
1064 " after vers= mount option");
1065 } else if ((strnicmp(value, "cifs", 4) == 0) ||
1066 (strnicmp(value, "1", 1) == 0)) {
1067 /* this is the default */
1068 continue;
1069 }
1070 } else if ((strnicmp(data, "unc", 3) == 0)
1071 || (strnicmp(data, "target", 6) == 0)
1072 || (strnicmp(data, "path", 4) == 0)) {
1073 if (!value || !*value) {
1074 printk(KERN_WARNING "CIFS: invalid path to "
1075 "network resource\n");
1076 goto cifs_parse_mount_err;
1077 }
1078 if ((temp_len = strnlen(value, 300)) < 300) {
1079 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1080 if (vol->UNC == NULL)
1081 goto cifs_parse_mount_err;
1082 strcpy(vol->UNC, value);
1083 if (strncmp(vol->UNC, "//", 2) == 0) {
1084 vol->UNC[0] = '\\';
1085 vol->UNC[1] = '\\';
1086 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1087 printk(KERN_WARNING
1088 "CIFS: UNC Path does not begin "
1089 "with // or \\\\ \n");
1090 goto cifs_parse_mount_err;
1091 }
1092 } else {
1093 printk(KERN_WARNING "CIFS: UNC name too long\n");
1094 goto cifs_parse_mount_err;
1095 }
1096 } else if ((strnicmp(data, "domain", 3) == 0)
1097 || (strnicmp(data, "workgroup", 5) == 0)) {
1098 if (!value || !*value) {
1099 printk(KERN_WARNING "CIFS: invalid domain name\n");
1100 goto cifs_parse_mount_err;
1101 }
1102 /* BB are there cases in which a comma can be valid in
1103 a domain name and need special handling? */
1104 if (strnlen(value, 256) < 256) {
1105 vol->domainname = kstrdup(value, GFP_KERNEL);
1106 if (!vol->domainname) {
1107 printk(KERN_WARNING "CIFS: no memory "
1108 "for domainname\n");
1109 goto cifs_parse_mount_err;
1110 }
1111 cFYI(1, "Domain name set");
1112 } else {
1113 printk(KERN_WARNING "CIFS: domain name too "
1114 "long\n");
1115 goto cifs_parse_mount_err;
1116 }
1117 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1118 vol->srcaddr.ss_family = AF_UNSPEC;
1119
1120 if (!value || !*value) {
1121 printk(KERN_WARNING "CIFS: srcaddr value"
1122 " not specified.\n");
1123 goto cifs_parse_mount_err;
1124 }
1125 i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1126 value, strlen(value));
1127 if (i == 0) {
1128 printk(KERN_WARNING "CIFS: Could not parse"
1129 " srcaddr: %s\n",
1130 value);
1131 goto cifs_parse_mount_err;
1132 }
1133 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1134 if (!value || !*value) {
1135 printk(KERN_WARNING
1136 "CIFS: invalid path prefix\n");
1137 goto cifs_parse_mount_err;
1138 }
1139 if ((temp_len = strnlen(value, 1024)) < 1024) {
1140 if (value[0] != '/')
1141 temp_len++; /* missing leading slash */
1142 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1143 if (vol->prepath == NULL)
1144 goto cifs_parse_mount_err;
1145 if (value[0] != '/') {
1146 vol->prepath[0] = '/';
1147 strcpy(vol->prepath+1, value);
1148 } else
1149 strcpy(vol->prepath, value);
1150 cFYI(1, "prefix path %s", vol->prepath);
1151 } else {
1152 printk(KERN_WARNING "CIFS: prefix too long\n");
1153 goto cifs_parse_mount_err;
1154 }
1155 } else if (strnicmp(data, "iocharset", 9) == 0) {
1156 if (!value || !*value) {
1157 printk(KERN_WARNING "CIFS: invalid iocharset "
1158 "specified\n");
1159 goto cifs_parse_mount_err;
1160 }
1161 if (strnlen(value, 65) < 65) {
1162 if (strnicmp(value, "default", 7)) {
1163 vol->iocharset = kstrdup(value,
1164 GFP_KERNEL);
1165
1166 if (!vol->iocharset) {
1167 printk(KERN_WARNING "CIFS: no "
1168 "memory for"
1169 "charset\n");
1170 goto cifs_parse_mount_err;
1171 }
1172 }
1173 /* if iocharset not set then load_nls_default
1174 is used by caller */
1175 cFYI(1, "iocharset set to %s", value);
1176 } else {
1177 printk(KERN_WARNING "CIFS: iocharset name "
1178 "too long.\n");
1179 goto cifs_parse_mount_err;
1180 }
1181 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1182 vol->linux_uid = simple_strtoul(value, &value, 0);
1183 uid_specified = true;
1184 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1185 vol->cred_uid = simple_strtoul(value, &value, 0);
1186 } else if (!strnicmp(data, "forceuid", 8)) {
1187 override_uid = 1;
1188 } else if (!strnicmp(data, "noforceuid", 10)) {
1189 override_uid = 0;
1190 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1191 vol->linux_gid = simple_strtoul(value, &value, 0);
1192 gid_specified = true;
1193 } else if (!strnicmp(data, "forcegid", 8)) {
1194 override_gid = 1;
1195 } else if (!strnicmp(data, "noforcegid", 10)) {
1196 override_gid = 0;
1197 } else if (strnicmp(data, "file_mode", 4) == 0) {
1198 if (value && *value) {
1199 vol->file_mode =
1200 simple_strtoul(value, &value, 0);
1201 }
1202 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1203 if (value && *value) {
1204 vol->dir_mode =
1205 simple_strtoul(value, &value, 0);
1206 }
1207 } else if (strnicmp(data, "dirmode", 4) == 0) {
1208 if (value && *value) {
1209 vol->dir_mode =
1210 simple_strtoul(value, &value, 0);
1211 }
1212 } else if (strnicmp(data, "port", 4) == 0) {
1213 if (value && *value) {
1214 vol->port =
1215 simple_strtoul(value, &value, 0);
1216 }
1217 } else if (strnicmp(data, "rsize", 5) == 0) {
1218 if (value && *value) {
1219 vol->rsize =
1220 simple_strtoul(value, &value, 0);
1221 }
1222 } else if (strnicmp(data, "wsize", 5) == 0) {
1223 if (value && *value) {
1224 vol->wsize =
1225 simple_strtoul(value, &value, 0);
1226 }
1227 } else if (strnicmp(data, "sockopt", 5) == 0) {
1228 if (!value || !*value) {
1229 cERROR(1, "no socket option specified");
1230 continue;
1231 } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1232 vol->sockopt_tcp_nodelay = 1;
1233 }
1234 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1235 if (!value || !*value || (*value == ' ')) {
1236 cFYI(1, "invalid (empty) netbiosname");
1237 } else {
1238 memset(vol->source_rfc1001_name, 0x20,
1239 RFC1001_NAME_LEN);
1240 /*
1241 * FIXME: are there cases in which a comma can
1242 * be valid in workstation netbios name (and
1243 * need special handling)?
1244 */
1245 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1246 /* don't ucase netbiosname for user */
1247 if (value[i] == 0)
1248 break;
1249 vol->source_rfc1001_name[i] = value[i];
1250 }
1251 /* The string has 16th byte zero still from
1252 set at top of the function */
1253 if (i == RFC1001_NAME_LEN && value[i] != 0)
1254 printk(KERN_WARNING "CIFS: netbiosname"
1255 " longer than 15 truncated.\n");
1256 }
1257 } else if (strnicmp(data, "servern", 7) == 0) {
1258 /* servernetbiosname specified override *SMBSERVER */
1259 if (!value || !*value || (*value == ' ')) {
1260 cFYI(1, "empty server netbiosname specified");
1261 } else {
1262 /* last byte, type, is 0x20 for servr type */
1263 memset(vol->target_rfc1001_name, 0x20,
1264 RFC1001_NAME_LEN_WITH_NULL);
1265
1266 for (i = 0; i < 15; i++) {
1267 /* BB are there cases in which a comma can be
1268 valid in this workstation netbios name
1269 (and need special handling)? */
1270
1271 /* user or mount helper must uppercase
1272 the netbiosname */
1273 if (value[i] == 0)
1274 break;
1275 else
1276 vol->target_rfc1001_name[i] =
1277 value[i];
1278 }
1279 /* The string has 16th byte zero still from
1280 set at top of the function */
1281 if (i == RFC1001_NAME_LEN && value[i] != 0)
1282 printk(KERN_WARNING "CIFS: server net"
1283 "biosname longer than 15 truncated.\n");
1284 }
1285 } else if (strnicmp(data, "actimeo", 7) == 0) {
1286 if (value && *value) {
1287 vol->actimeo = HZ * simple_strtoul(value,
1288 &value, 0);
1289 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1290 cERROR(1, "CIFS: attribute cache"
1291 "timeout too large");
1292 goto cifs_parse_mount_err;
1293 }
1294 }
1295 } else if (strnicmp(data, "credentials", 4) == 0) {
1296 /* ignore */
1297 } else if (strnicmp(data, "version", 3) == 0) {
1298 /* ignore */
1299 } else if (strnicmp(data, "guest", 5) == 0) {
1300 /* ignore */
1301 } else if (strnicmp(data, "rw", 2) == 0 && strlen(data) == 2) {
1302 /* ignore */
1303 } else if (strnicmp(data, "ro", 2) == 0) {
1304 /* ignore */
1305 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1306 vol->noblocksnd = 1;
1307 } else if (strnicmp(data, "noautotune", 10) == 0) {
1308 vol->noautotune = 1;
1309 } else if ((strnicmp(data, "suid", 4) == 0) ||
1310 (strnicmp(data, "nosuid", 6) == 0) ||
1311 (strnicmp(data, "exec", 4) == 0) ||
1312 (strnicmp(data, "noexec", 6) == 0) ||
1313 (strnicmp(data, "nodev", 5) == 0) ||
1314 (strnicmp(data, "noauto", 6) == 0) ||
1315 (strnicmp(data, "dev", 3) == 0)) {
1316 /* The mount tool or mount.cifs helper (if present)
1317 uses these opts to set flags, and the flags are read
1318 by the kernel vfs layer before we get here (ie
1319 before read super) so there is no point trying to
1320 parse these options again and set anything and it
1321 is ok to just ignore them */
1322 continue;
1323 } else if (strnicmp(data, "hard", 4) == 0) {
1324 vol->retry = 1;
1325 } else if (strnicmp(data, "soft", 4) == 0) {
1326 vol->retry = 0;
1327 } else if (strnicmp(data, "perm", 4) == 0) {
1328 vol->noperm = 0;
1329 } else if (strnicmp(data, "noperm", 6) == 0) {
1330 vol->noperm = 1;
1331 } else if (strnicmp(data, "mapchars", 8) == 0) {
1332 vol->remap = 1;
1333 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1334 vol->remap = 0;
1335 } else if (strnicmp(data, "sfu", 3) == 0) {
1336 vol->sfu_emul = 1;
1337 } else if (strnicmp(data, "nosfu", 5) == 0) {
1338 vol->sfu_emul = 0;
1339 } else if (strnicmp(data, "nodfs", 5) == 0) {
1340 vol->nodfs = 1;
1341 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1342 vol->posix_paths = 1;
1343 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1344 vol->posix_paths = 0;
1345 } else if (strnicmp(data, "nounix", 6) == 0) {
1346 vol->no_linux_ext = 1;
1347 } else if (strnicmp(data, "nolinux", 7) == 0) {
1348 vol->no_linux_ext = 1;
1349 } else if ((strnicmp(data, "nocase", 6) == 0) ||
1350 (strnicmp(data, "ignorecase", 10) == 0)) {
1351 vol->nocase = 1;
1352 } else if (strnicmp(data, "mand", 4) == 0) {
1353 /* ignore */
1354 } else if (strnicmp(data, "nomand", 6) == 0) {
1355 /* ignore */
1356 } else if (strnicmp(data, "_netdev", 7) == 0) {
1357 /* ignore */
1358 } else if (strnicmp(data, "brl", 3) == 0) {
1359 vol->nobrl = 0;
1360 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1361 (strnicmp(data, "nolock", 6) == 0)) {
1362 vol->nobrl = 1;
1363 /* turn off mandatory locking in mode
1364 if remote locking is turned off since the
1365 local vfs will do advisory */
1366 if (vol->file_mode ==
1367 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1368 vol->file_mode = S_IALLUGO;
1369 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1370 /* will take the shorter form "forcemand" as well */
1371 /* This mount option will force use of mandatory
1372 (DOS/Windows style) byte range locks, instead of
1373 using posix advisory byte range locks, even if the
1374 Unix extensions are available and posix locks would
1375 be supported otherwise. If Unix extensions are not
1376 negotiated this has no effect since mandatory locks
1377 would be used (mandatory locks is all that those
1378 those servers support) */
1379 vol->mand_lock = 1;
1380 } else if (strnicmp(data, "setuids", 7) == 0) {
1381 vol->setuids = 1;
1382 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1383 vol->setuids = 0;
1384 } else if (strnicmp(data, "dynperm", 7) == 0) {
1385 vol->dynperm = true;
1386 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1387 vol->dynperm = false;
1388 } else if (strnicmp(data, "nohard", 6) == 0) {
1389 vol->retry = 0;
1390 } else if (strnicmp(data, "nosoft", 6) == 0) {
1391 vol->retry = 1;
1392 } else if (strnicmp(data, "nointr", 6) == 0) {
1393 vol->intr = 0;
1394 } else if (strnicmp(data, "intr", 4) == 0) {
1395 vol->intr = 1;
1396 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1397 vol->nostrictsync = 1;
1398 } else if (strnicmp(data, "strictsync", 10) == 0) {
1399 vol->nostrictsync = 0;
1400 } else if (strnicmp(data, "serverino", 7) == 0) {
1401 vol->server_ino = 1;
1402 } else if (strnicmp(data, "noserverino", 9) == 0) {
1403 vol->server_ino = 0;
1404 } else if (strnicmp(data, "rwpidforward", 12) == 0) {
1405 vol->rwpidforward = 1;
1406 } else if (strnicmp(data, "cifsacl", 7) == 0) {
1407 vol->cifs_acl = 1;
1408 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1409 vol->cifs_acl = 0;
1410 } else if (strnicmp(data, "acl", 3) == 0) {
1411 vol->no_psx_acl = 0;
1412 } else if (strnicmp(data, "noacl", 5) == 0) {
1413 vol->no_psx_acl = 1;
1414 } else if (strnicmp(data, "locallease", 6) == 0) {
1415 vol->local_lease = 1;
1416 } else if (strnicmp(data, "sign", 4) == 0) {
1417 vol->secFlg |= CIFSSEC_MUST_SIGN;
1418 } else if (strnicmp(data, "seal", 4) == 0) {
1419 /* we do not do the following in secFlags because seal
1420 is a per tree connection (mount) not a per socket
1421 or per-smb connection option in the protocol */
1422 /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1423 vol->seal = 1;
1424 } else if (strnicmp(data, "direct", 6) == 0) {
1425 vol->direct_io = 1;
1426 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1427 vol->direct_io = 1;
1428 } else if (strnicmp(data, "strictcache", 11) == 0) {
1429 vol->strict_io = 1;
1430 } else if (strnicmp(data, "noac", 4) == 0) {
1431 printk(KERN_WARNING "CIFS: Mount option noac not "
1432 "supported. Instead set "
1433 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1434 } else if (strnicmp(data, "fsc", 3) == 0) {
1435#ifndef CONFIG_CIFS_FSCACHE
1436 cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
1437 "kernel config option set");
1438 goto cifs_parse_mount_err;
1439#endif
1440 vol->fsc = true;
1441 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1442 vol->mfsymlinks = true;
1443 } else if (strnicmp(data, "multiuser", 8) == 0) {
1444 vol->multiuser = true;
1445 } else
1446 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1447 data);
1448 }
1449 if (vol->UNC == NULL) {
1450 if (devname == NULL) {
1451 printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1452 "target\n");
1453 goto cifs_parse_mount_err;
1454 }
1455 if ((temp_len = strnlen(devname, 300)) < 300) {
1456 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1457 if (vol->UNC == NULL)
1458 goto cifs_parse_mount_err;
1459 strcpy(vol->UNC, devname);
1460 if (strncmp(vol->UNC, "//", 2) == 0) {
1461 vol->UNC[0] = '\\';
1462 vol->UNC[1] = '\\';
1463 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1464 printk(KERN_WARNING "CIFS: UNC Path does not "
1465 "begin with // or \\\\ \n");
1466 goto cifs_parse_mount_err;
1467 }
1468 value = strpbrk(vol->UNC+2, "/\\");
1469 if (value)
1470 *value = '\\';
1471 } else {
1472 printk(KERN_WARNING "CIFS: UNC name too long\n");
1473 goto cifs_parse_mount_err;
1474 }
1475 }
1476
1477 if (vol->multiuser && !(vol->secFlg & CIFSSEC_MAY_KRB5)) {
1478 cERROR(1, "Multiuser mounts currently require krb5 "
1479 "authentication!");
1480 goto cifs_parse_mount_err;
1481 }
1482
1483 if (vol->UNCip == NULL)
1484 vol->UNCip = &vol->UNC[2];
1485
1486 if (uid_specified)
1487 vol->override_uid = override_uid;
1488 else if (override_uid == 1)
1489 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1490 "specified with no uid= option.\n");
1491
1492 if (gid_specified)
1493 vol->override_gid = override_gid;
1494 else if (override_gid == 1)
1495 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1496 "specified with no gid= option.\n");
1497
1498 kfree(mountdata_copy);
1499 return 0;
1500
1501cifs_parse_mount_err:
1502 kfree(mountdata_copy);
1503 return 1;
1504}
1505
1506/** Returns true if srcaddr isn't specified and rhs isn't
1507 * specified, or if srcaddr is specified and
1508 * matches the IP address of the rhs argument.
1509 */
1510static bool
1511srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1512{
1513 switch (srcaddr->sa_family) {
1514 case AF_UNSPEC:
1515 return (rhs->sa_family == AF_UNSPEC);
1516 case AF_INET: {
1517 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1518 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1519 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1520 }
1521 case AF_INET6: {
1522 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1523 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1524 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1525 }
1526 default:
1527 WARN_ON(1);
1528 return false; /* don't expect to be here */
1529 }
1530}
1531
1532/*
1533 * If no port is specified in addr structure, we try to match with 445 port
1534 * and if it fails - with 139 ports. It should be called only if address
1535 * families of server and addr are equal.
1536 */
1537static bool
1538match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1539{
1540 __be16 port, *sport;
1541
1542 switch (addr->sa_family) {
1543 case AF_INET:
1544 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1545 port = ((struct sockaddr_in *) addr)->sin_port;
1546 break;
1547 case AF_INET6:
1548 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1549 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1550 break;
1551 default:
1552 WARN_ON(1);
1553 return false;
1554 }
1555
1556 if (!port) {
1557 port = htons(CIFS_PORT);
1558 if (port == *sport)
1559 return true;
1560
1561 port = htons(RFC1001_PORT);
1562 }
1563
1564 return port == *sport;
1565}
1566
1567static bool
1568match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1569 struct sockaddr *srcaddr)
1570{
1571 switch (addr->sa_family) {
1572 case AF_INET: {
1573 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1574 struct sockaddr_in *srv_addr4 =
1575 (struct sockaddr_in *)&server->dstaddr;
1576
1577 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
1578 return false;
1579 break;
1580 }
1581 case AF_INET6: {
1582 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1583 struct sockaddr_in6 *srv_addr6 =
1584 (struct sockaddr_in6 *)&server->dstaddr;
1585
1586 if (!ipv6_addr_equal(&addr6->sin6_addr,
1587 &srv_addr6->sin6_addr))
1588 return false;
1589 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
1590 return false;
1591 break;
1592 }
1593 default:
1594 WARN_ON(1);
1595 return false; /* don't expect to be here */
1596 }
1597
1598 if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1599 return false;
1600
1601 return true;
1602}
1603
1604static bool
1605match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1606{
1607 unsigned int secFlags;
1608
1609 if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1610 secFlags = vol->secFlg;
1611 else
1612 secFlags = global_secflags | vol->secFlg;
1613
1614 switch (server->secType) {
1615 case LANMAN:
1616 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1617 return false;
1618 break;
1619 case NTLMv2:
1620 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1621 return false;
1622 break;
1623 case NTLM:
1624 if (!(secFlags & CIFSSEC_MAY_NTLM))
1625 return false;
1626 break;
1627 case Kerberos:
1628 if (!(secFlags & CIFSSEC_MAY_KRB5))
1629 return false;
1630 break;
1631 case RawNTLMSSP:
1632 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1633 return false;
1634 break;
1635 default:
1636 /* shouldn't happen */
1637 return false;
1638 }
1639
1640 /* now check if signing mode is acceptable */
1641 if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
1642 (server->sec_mode & SECMODE_SIGN_REQUIRED))
1643 return false;
1644 else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
1645 (server->sec_mode &
1646 (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1647 return false;
1648
1649 return true;
1650}
1651
1652static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
1653 struct smb_vol *vol)
1654{
1655 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1656 return 0;
1657
1658 if (!match_address(server, addr,
1659 (struct sockaddr *)&vol->srcaddr))
1660 return 0;
1661
1662 if (!match_port(server, addr))
1663 return 0;
1664
1665 if (!match_security(server, vol))
1666 return 0;
1667
1668 return 1;
1669}
1670
1671static struct TCP_Server_Info *
1672cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1673{
1674 struct TCP_Server_Info *server;
1675
1676 spin_lock(&cifs_tcp_ses_lock);
1677 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
1678 if (!match_server(server, addr, vol))
1679 continue;
1680
1681 ++server->srv_count;
1682 spin_unlock(&cifs_tcp_ses_lock);
1683 cFYI(1, "Existing tcp session with server found");
1684 return server;
1685 }
1686 spin_unlock(&cifs_tcp_ses_lock);
1687 return NULL;
1688}
1689
1690static void
1691cifs_put_tcp_session(struct TCP_Server_Info *server)
1692{
1693 struct task_struct *task;
1694
1695 spin_lock(&cifs_tcp_ses_lock);
1696 if (--server->srv_count > 0) {
1697 spin_unlock(&cifs_tcp_ses_lock);
1698 return;
1699 }
1700
1701 put_net(cifs_net_ns(server));
1702
1703 list_del_init(&server->tcp_ses_list);
1704 spin_unlock(&cifs_tcp_ses_lock);
1705
1706 cancel_delayed_work_sync(&server->echo);
1707
1708 spin_lock(&GlobalMid_Lock);
1709 server->tcpStatus = CifsExiting;
1710 spin_unlock(&GlobalMid_Lock);
1711
1712 cifs_crypto_shash_release(server);
1713 cifs_fscache_release_client_cookie(server);
1714
1715 kfree(server->session_key.response);
1716 server->session_key.response = NULL;
1717 server->session_key.len = 0;
1718
1719 task = xchg(&server->tsk, NULL);
1720 if (task)
1721 force_sig(SIGKILL, task);
1722}
1723
1724static struct TCP_Server_Info *
1725cifs_get_tcp_session(struct smb_vol *volume_info)
1726{
1727 struct TCP_Server_Info *tcp_ses = NULL;
1728 struct sockaddr_storage addr;
1729 struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1730 struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1731 int rc;
1732
1733 memset(&addr, 0, sizeof(struct sockaddr_storage));
1734
1735 cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
1736
1737 if (volume_info->UNCip && volume_info->UNC) {
1738 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1739 volume_info->UNCip,
1740 strlen(volume_info->UNCip),
1741 volume_info->port);
1742 if (!rc) {
1743 /* we failed translating address */
1744 rc = -EINVAL;
1745 goto out_err;
1746 }
1747 } else if (volume_info->UNCip) {
1748 /* BB using ip addr as tcp_ses name to connect to the
1749 DFS root below */
1750 cERROR(1, "Connecting to DFS root not implemented yet");
1751 rc = -EINVAL;
1752 goto out_err;
1753 } else /* which tcp_sess DFS root would we conect to */ {
1754 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1755 "unc=//192.168.1.100/public) specified");
1756 rc = -EINVAL;
1757 goto out_err;
1758 }
1759
1760 /* see if we already have a matching tcp_ses */
1761 tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
1762 if (tcp_ses)
1763 return tcp_ses;
1764
1765 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1766 if (!tcp_ses) {
1767 rc = -ENOMEM;
1768 goto out_err;
1769 }
1770
1771 rc = cifs_crypto_shash_allocate(tcp_ses);
1772 if (rc) {
1773 cERROR(1, "could not setup hash structures rc %d", rc);
1774 goto out_err;
1775 }
1776
1777 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
1778 tcp_ses->hostname = extract_hostname(volume_info->UNC);
1779 if (IS_ERR(tcp_ses->hostname)) {
1780 rc = PTR_ERR(tcp_ses->hostname);
1781 goto out_err_crypto_release;
1782 }
1783
1784 tcp_ses->noblocksnd = volume_info->noblocksnd;
1785 tcp_ses->noautotune = volume_info->noautotune;
1786 tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
1787 atomic_set(&tcp_ses->inFlight, 0);
1788 init_waitqueue_head(&tcp_ses->response_q);
1789 init_waitqueue_head(&tcp_ses->request_q);
1790 INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1791 mutex_init(&tcp_ses->srv_mutex);
1792 memcpy(tcp_ses->workstation_RFC1001_name,
1793 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1794 memcpy(tcp_ses->server_RFC1001_name,
1795 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1796 tcp_ses->session_estab = false;
1797 tcp_ses->sequence_number = 0;
1798 tcp_ses->lstrp = jiffies;
1799 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1800 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
1801 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
1802
1803 /*
1804 * at this point we are the only ones with the pointer
1805 * to the struct since the kernel thread not created yet
1806 * no need to spinlock this init of tcpStatus or srv_count
1807 */
1808 tcp_ses->tcpStatus = CifsNew;
1809 memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1810 sizeof(tcp_ses->srcaddr));
1811 ++tcp_ses->srv_count;
1812
1813 if (addr.ss_family == AF_INET6) {
1814 cFYI(1, "attempting ipv6 connect");
1815 /* BB should we allow ipv6 on port 139? */
1816 /* other OS never observed in Wild doing 139 with v6 */
1817 memcpy(&tcp_ses->dstaddr, sin_server6,
1818 sizeof(struct sockaddr_in6));
1819 } else
1820 memcpy(&tcp_ses->dstaddr, sin_server,
1821 sizeof(struct sockaddr_in));
1822
1823 rc = ip_connect(tcp_ses);
1824 if (rc < 0) {
1825 cERROR(1, "Error connecting to socket. Aborting operation");
1826 goto out_err_crypto_release;
1827 }
1828
1829 /*
1830 * since we're in a cifs function already, we know that
1831 * this will succeed. No need for try_module_get().
1832 */
1833 __module_get(THIS_MODULE);
1834 tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
1835 tcp_ses, "cifsd");
1836 if (IS_ERR(tcp_ses->tsk)) {
1837 rc = PTR_ERR(tcp_ses->tsk);
1838 cERROR(1, "error %d create cifsd thread", rc);
1839 module_put(THIS_MODULE);
1840 goto out_err_crypto_release;
1841 }
1842 tcp_ses->tcpStatus = CifsNeedNegotiate;
1843
1844 /* thread spawned, put it on the list */
1845 spin_lock(&cifs_tcp_ses_lock);
1846 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
1847 spin_unlock(&cifs_tcp_ses_lock);
1848
1849 cifs_fscache_get_client_cookie(tcp_ses);
1850
1851 /* queue echo request delayed work */
1852 queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1853
1854 return tcp_ses;
1855
1856out_err_crypto_release:
1857 cifs_crypto_shash_release(tcp_ses);
1858
1859 put_net(cifs_net_ns(tcp_ses));
1860
1861out_err:
1862 if (tcp_ses) {
1863 if (!IS_ERR(tcp_ses->hostname))
1864 kfree(tcp_ses->hostname);
1865 if (tcp_ses->ssocket)
1866 sock_release(tcp_ses->ssocket);
1867 kfree(tcp_ses);
1868 }
1869 return ERR_PTR(rc);
1870}
1871
1872static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
1873{
1874 switch (ses->server->secType) {
1875 case Kerberos:
1876 if (vol->cred_uid != ses->cred_uid)
1877 return 0;
1878 break;
1879 default:
1880 /* anything else takes username/password */
1881 if (ses->user_name == NULL)
1882 return 0;
1883 if (strncmp(ses->user_name, vol->username,
1884 MAX_USERNAME_SIZE))
1885 return 0;
1886 if (strlen(vol->username) != 0 &&
1887 ses->password != NULL &&
1888 strncmp(ses->password,
1889 vol->password ? vol->password : "",
1890 MAX_PASSWORD_SIZE))
1891 return 0;
1892 }
1893 return 1;
1894}
1895
1896static struct cifs_ses *
1897cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
1898{
1899 struct cifs_ses *ses;
1900
1901 spin_lock(&cifs_tcp_ses_lock);
1902 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
1903 if (!match_session(ses, vol))
1904 continue;
1905 ++ses->ses_count;
1906 spin_unlock(&cifs_tcp_ses_lock);
1907 return ses;
1908 }
1909 spin_unlock(&cifs_tcp_ses_lock);
1910 return NULL;
1911}
1912
1913static void
1914cifs_put_smb_ses(struct cifs_ses *ses)
1915{
1916 int xid;
1917 struct TCP_Server_Info *server = ses->server;
1918
1919 cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
1920 spin_lock(&cifs_tcp_ses_lock);
1921 if (--ses->ses_count > 0) {
1922 spin_unlock(&cifs_tcp_ses_lock);
1923 return;
1924 }
1925
1926 list_del_init(&ses->smb_ses_list);
1927 spin_unlock(&cifs_tcp_ses_lock);
1928
1929 if (ses->status == CifsGood) {
1930 xid = GetXid();
1931 CIFSSMBLogoff(xid, ses);
1932 _FreeXid(xid);
1933 }
1934 sesInfoFree(ses);
1935 cifs_put_tcp_session(server);
1936}
1937
1938static bool warned_on_ntlm; /* globals init to false automatically */
1939
1940static struct cifs_ses *
1941cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
1942{
1943 int rc = -ENOMEM, xid;
1944 struct cifs_ses *ses;
1945 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
1946 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
1947
1948 xid = GetXid();
1949
1950 ses = cifs_find_smb_ses(server, volume_info);
1951 if (ses) {
1952 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
1953
1954 mutex_lock(&ses->session_mutex);
1955 rc = cifs_negotiate_protocol(xid, ses);
1956 if (rc) {
1957 mutex_unlock(&ses->session_mutex);
1958 /* problem -- put our ses reference */
1959 cifs_put_smb_ses(ses);
1960 FreeXid(xid);
1961 return ERR_PTR(rc);
1962 }
1963 if (ses->need_reconnect) {
1964 cFYI(1, "Session needs reconnect");
1965 rc = cifs_setup_session(xid, ses,
1966 volume_info->local_nls);
1967 if (rc) {
1968 mutex_unlock(&ses->session_mutex);
1969 /* problem -- put our reference */
1970 cifs_put_smb_ses(ses);
1971 FreeXid(xid);
1972 return ERR_PTR(rc);
1973 }
1974 }
1975 mutex_unlock(&ses->session_mutex);
1976
1977 /* existing SMB ses has a server reference already */
1978 cifs_put_tcp_session(server);
1979 FreeXid(xid);
1980 return ses;
1981 }
1982
1983 cFYI(1, "Existing smb sess not found");
1984 ses = sesInfoAlloc();
1985 if (ses == NULL)
1986 goto get_ses_fail;
1987
1988 /* new SMB session uses our server ref */
1989 ses->server = server;
1990 if (server->dstaddr.ss_family == AF_INET6)
1991 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
1992 else
1993 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
1994
1995 if (volume_info->username) {
1996 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
1997 if (!ses->user_name)
1998 goto get_ses_fail;
1999 }
2000
2001 /* volume_info->password freed at unmount */
2002 if (volume_info->password) {
2003 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2004 if (!ses->password)
2005 goto get_ses_fail;
2006 }
2007 if (volume_info->domainname) {
2008 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2009 if (!ses->domainName)
2010 goto get_ses_fail;
2011 }
2012 ses->cred_uid = volume_info->cred_uid;
2013 ses->linux_uid = volume_info->linux_uid;
2014
2015 /* ntlmv2 is much stronger than ntlm security, and has been broadly
2016 supported for many years, time to update default security mechanism */
2017 if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2018 warned_on_ntlm = true;
2019 cERROR(1, "default security mechanism requested. The default "
2020 "security mechanism will be upgraded from ntlm to "
2021 "ntlmv2 in kernel release 3.2");
2022 }
2023 ses->overrideSecFlg = volume_info->secFlg;
2024
2025 mutex_lock(&ses->session_mutex);
2026 rc = cifs_negotiate_protocol(xid, ses);
2027 if (!rc)
2028 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
2029 mutex_unlock(&ses->session_mutex);
2030 if (rc)
2031 goto get_ses_fail;
2032
2033 /* success, put it on the list */
2034 spin_lock(&cifs_tcp_ses_lock);
2035 list_add(&ses->smb_ses_list, &server->smb_ses_list);
2036 spin_unlock(&cifs_tcp_ses_lock);
2037
2038 FreeXid(xid);
2039 return ses;
2040
2041get_ses_fail:
2042 sesInfoFree(ses);
2043 FreeXid(xid);
2044 return ERR_PTR(rc);
2045}
2046
2047static int match_tcon(struct cifs_tcon *tcon, const char *unc)
2048{
2049 if (tcon->tidStatus == CifsExiting)
2050 return 0;
2051 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2052 return 0;
2053 return 1;
2054}
2055
2056static struct cifs_tcon *
2057cifs_find_tcon(struct cifs_ses *ses, const char *unc)
2058{
2059 struct list_head *tmp;
2060 struct cifs_tcon *tcon;
2061
2062 spin_lock(&cifs_tcp_ses_lock);
2063 list_for_each(tmp, &ses->tcon_list) {
2064 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
2065 if (!match_tcon(tcon, unc))
2066 continue;
2067 ++tcon->tc_count;
2068 spin_unlock(&cifs_tcp_ses_lock);
2069 return tcon;
2070 }
2071 spin_unlock(&cifs_tcp_ses_lock);
2072 return NULL;
2073}
2074
2075static void
2076cifs_put_tcon(struct cifs_tcon *tcon)
2077{
2078 int xid;
2079 struct cifs_ses *ses = tcon->ses;
2080
2081 cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
2082 spin_lock(&cifs_tcp_ses_lock);
2083 if (--tcon->tc_count > 0) {
2084 spin_unlock(&cifs_tcp_ses_lock);
2085 return;
2086 }
2087
2088 list_del_init(&tcon->tcon_list);
2089 spin_unlock(&cifs_tcp_ses_lock);
2090
2091 xid = GetXid();
2092 CIFSSMBTDis(xid, tcon);
2093 _FreeXid(xid);
2094
2095 cifs_fscache_release_super_cookie(tcon);
2096 tconInfoFree(tcon);
2097 cifs_put_smb_ses(ses);
2098}
2099
2100static struct cifs_tcon *
2101cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
2102{
2103 int rc, xid;
2104 struct cifs_tcon *tcon;
2105
2106 tcon = cifs_find_tcon(ses, volume_info->UNC);
2107 if (tcon) {
2108 cFYI(1, "Found match on UNC path");
2109 /* existing tcon already has a reference */
2110 cifs_put_smb_ses(ses);
2111 if (tcon->seal != volume_info->seal)
2112 cERROR(1, "transport encryption setting "
2113 "conflicts with existing tid");
2114 return tcon;
2115 }
2116
2117 tcon = tconInfoAlloc();
2118 if (tcon == NULL) {
2119 rc = -ENOMEM;
2120 goto out_fail;
2121 }
2122
2123 tcon->ses = ses;
2124 if (volume_info->password) {
2125 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2126 if (!tcon->password) {
2127 rc = -ENOMEM;
2128 goto out_fail;
2129 }
2130 }
2131
2132 if (strchr(volume_info->UNC + 3, '\\') == NULL
2133 && strchr(volume_info->UNC + 3, '/') == NULL) {
2134 cERROR(1, "Missing share name");
2135 rc = -ENODEV;
2136 goto out_fail;
2137 }
2138
2139 /* BB Do we need to wrap session_mutex around
2140 * this TCon call and Unix SetFS as
2141 * we do on SessSetup and reconnect? */
2142 xid = GetXid();
2143 rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2144 FreeXid(xid);
2145 cFYI(1, "CIFS Tcon rc = %d", rc);
2146 if (rc)
2147 goto out_fail;
2148
2149 if (volume_info->nodfs) {
2150 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2151 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2152 }
2153 tcon->seal = volume_info->seal;
2154 /* we can have only one retry value for a connection
2155 to a share so for resources mounted more than once
2156 to the same server share the last value passed in
2157 for the retry flag is used */
2158 tcon->retry = volume_info->retry;
2159 tcon->nocase = volume_info->nocase;
2160 tcon->local_lease = volume_info->local_lease;
2161
2162 spin_lock(&cifs_tcp_ses_lock);
2163 list_add(&tcon->tcon_list, &ses->tcon_list);
2164 spin_unlock(&cifs_tcp_ses_lock);
2165
2166 cifs_fscache_get_super_cookie(tcon);
2167
2168 return tcon;
2169
2170out_fail:
2171 tconInfoFree(tcon);
2172 return ERR_PTR(rc);
2173}
2174
2175void
2176cifs_put_tlink(struct tcon_link *tlink)
2177{
2178 if (!tlink || IS_ERR(tlink))
2179 return;
2180
2181 if (!atomic_dec_and_test(&tlink->tl_count) ||
2182 test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2183 tlink->tl_time = jiffies;
2184 return;
2185 }
2186
2187 if (!IS_ERR(tlink_tcon(tlink)))
2188 cifs_put_tcon(tlink_tcon(tlink));
2189 kfree(tlink);
2190 return;
2191}
2192
2193static inline struct tcon_link *
2194cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2195{
2196 return cifs_sb->master_tlink;
2197}
2198
2199static int
2200compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2201{
2202 struct cifs_sb_info *old = CIFS_SB(sb);
2203 struct cifs_sb_info *new = mnt_data->cifs_sb;
2204
2205 if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2206 return 0;
2207
2208 if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2209 (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2210 return 0;
2211
2212 if (old->rsize != new->rsize)
2213 return 0;
2214
2215 /*
2216 * We want to share sb only if we don't specify wsize or specified wsize
2217 * is greater or equal than existing one.
2218 */
2219 if (new->wsize && new->wsize < old->wsize)
2220 return 0;
2221
2222 if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2223 return 0;
2224
2225 if (old->mnt_file_mode != new->mnt_file_mode ||
2226 old->mnt_dir_mode != new->mnt_dir_mode)
2227 return 0;
2228
2229 if (strcmp(old->local_nls->charset, new->local_nls->charset))
2230 return 0;
2231
2232 if (old->actimeo != new->actimeo)
2233 return 0;
2234
2235 return 1;
2236}
2237
2238int
2239cifs_match_super(struct super_block *sb, void *data)
2240{
2241 struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2242 struct smb_vol *volume_info;
2243 struct cifs_sb_info *cifs_sb;
2244 struct TCP_Server_Info *tcp_srv;
2245 struct cifs_ses *ses;
2246 struct cifs_tcon *tcon;
2247 struct tcon_link *tlink;
2248 struct sockaddr_storage addr;
2249 int rc = 0;
2250
2251 memset(&addr, 0, sizeof(struct sockaddr_storage));
2252
2253 spin_lock(&cifs_tcp_ses_lock);
2254 cifs_sb = CIFS_SB(sb);
2255 tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2256 if (IS_ERR(tlink)) {
2257 spin_unlock(&cifs_tcp_ses_lock);
2258 return rc;
2259 }
2260 tcon = tlink_tcon(tlink);
2261 ses = tcon->ses;
2262 tcp_srv = ses->server;
2263
2264 volume_info = mnt_data->vol;
2265
2266 if (!volume_info->UNCip || !volume_info->UNC)
2267 goto out;
2268
2269 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2270 volume_info->UNCip,
2271 strlen(volume_info->UNCip),
2272 volume_info->port);
2273 if (!rc)
2274 goto out;
2275
2276 if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2277 !match_session(ses, volume_info) ||
2278 !match_tcon(tcon, volume_info->UNC)) {
2279 rc = 0;
2280 goto out;
2281 }
2282
2283 rc = compare_mount_options(sb, mnt_data);
2284out:
2285 spin_unlock(&cifs_tcp_ses_lock);
2286 cifs_put_tlink(tlink);
2287 return rc;
2288}
2289
2290int
2291get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
2292 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
2293 struct dfs_info3_param **preferrals, int remap)
2294{
2295 char *temp_unc;
2296 int rc = 0;
2297
2298 *pnum_referrals = 0;
2299 *preferrals = NULL;
2300
2301 if (pSesInfo->ipc_tid == 0) {
2302 temp_unc = kmalloc(2 /* for slashes */ +
2303 strnlen(pSesInfo->serverName,
2304 SERVER_NAME_LEN_WITH_NULL * 2)
2305 + 1 + 4 /* slash IPC$ */ + 2,
2306 GFP_KERNEL);
2307 if (temp_unc == NULL)
2308 return -ENOMEM;
2309 temp_unc[0] = '\\';
2310 temp_unc[1] = '\\';
2311 strcpy(temp_unc + 2, pSesInfo->serverName);
2312 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2313 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
2314 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
2315 kfree(temp_unc);
2316 }
2317 if (rc == 0)
2318 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
2319 pnum_referrals, nls_codepage, remap);
2320 /* BB map targetUNCs to dfs_info3 structures, here or
2321 in CIFSGetDFSRefer BB */
2322
2323 return rc;
2324}
2325
2326#ifdef CONFIG_DEBUG_LOCK_ALLOC
2327static struct lock_class_key cifs_key[2];
2328static struct lock_class_key cifs_slock_key[2];
2329
2330static inline void
2331cifs_reclassify_socket4(struct socket *sock)
2332{
2333 struct sock *sk = sock->sk;
2334 BUG_ON(sock_owned_by_user(sk));
2335 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2336 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2337}
2338
2339static inline void
2340cifs_reclassify_socket6(struct socket *sock)
2341{
2342 struct sock *sk = sock->sk;
2343 BUG_ON(sock_owned_by_user(sk));
2344 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2345 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2346}
2347#else
2348static inline void
2349cifs_reclassify_socket4(struct socket *sock)
2350{
2351}
2352
2353static inline void
2354cifs_reclassify_socket6(struct socket *sock)
2355{
2356}
2357#endif
2358
2359/* See RFC1001 section 14 on representation of Netbios names */
2360static void rfc1002mangle(char *target, char *source, unsigned int length)
2361{
2362 unsigned int i, j;
2363
2364 for (i = 0, j = 0; i < (length); i++) {
2365 /* mask a nibble at a time and encode */
2366 target[j] = 'A' + (0x0F & (source[i] >> 4));
2367 target[j+1] = 'A' + (0x0F & source[i]);
2368 j += 2;
2369 }
2370
2371}
2372
2373static int
2374bind_socket(struct TCP_Server_Info *server)
2375{
2376 int rc = 0;
2377 if (server->srcaddr.ss_family != AF_UNSPEC) {
2378 /* Bind to the specified local IP address */
2379 struct socket *socket = server->ssocket;
2380 rc = socket->ops->bind(socket,
2381 (struct sockaddr *) &server->srcaddr,
2382 sizeof(server->srcaddr));
2383 if (rc < 0) {
2384 struct sockaddr_in *saddr4;
2385 struct sockaddr_in6 *saddr6;
2386 saddr4 = (struct sockaddr_in *)&server->srcaddr;
2387 saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2388 if (saddr6->sin6_family == AF_INET6)
2389 cERROR(1, "cifs: "
2390 "Failed to bind to: %pI6c, error: %d\n",
2391 &saddr6->sin6_addr, rc);
2392 else
2393 cERROR(1, "cifs: "
2394 "Failed to bind to: %pI4, error: %d\n",
2395 &saddr4->sin_addr.s_addr, rc);
2396 }
2397 }
2398 return rc;
2399}
2400
2401static int
2402ip_rfc1001_connect(struct TCP_Server_Info *server)
2403{
2404 int rc = 0;
2405 /*
2406 * some servers require RFC1001 sessinit before sending
2407 * negprot - BB check reconnection in case where second
2408 * sessinit is sent but no second negprot
2409 */
2410 struct rfc1002_session_packet *ses_init_buf;
2411 struct smb_hdr *smb_buf;
2412 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2413 GFP_KERNEL);
2414 if (ses_init_buf) {
2415 ses_init_buf->trailer.session_req.called_len = 32;
2416
2417 if (server->server_RFC1001_name &&
2418 server->server_RFC1001_name[0] != 0)
2419 rfc1002mangle(ses_init_buf->trailer.
2420 session_req.called_name,
2421 server->server_RFC1001_name,
2422 RFC1001_NAME_LEN_WITH_NULL);
2423 else
2424 rfc1002mangle(ses_init_buf->trailer.
2425 session_req.called_name,
2426 DEFAULT_CIFS_CALLED_NAME,
2427 RFC1001_NAME_LEN_WITH_NULL);
2428
2429 ses_init_buf->trailer.session_req.calling_len = 32;
2430
2431 /*
2432 * calling name ends in null (byte 16) from old smb
2433 * convention.
2434 */
2435 if (server->workstation_RFC1001_name &&
2436 server->workstation_RFC1001_name[0] != 0)
2437 rfc1002mangle(ses_init_buf->trailer.
2438 session_req.calling_name,
2439 server->workstation_RFC1001_name,
2440 RFC1001_NAME_LEN_WITH_NULL);
2441 else
2442 rfc1002mangle(ses_init_buf->trailer.
2443 session_req.calling_name,
2444 "LINUX_CIFS_CLNT",
2445 RFC1001_NAME_LEN_WITH_NULL);
2446
2447 ses_init_buf->trailer.session_req.scope1 = 0;
2448 ses_init_buf->trailer.session_req.scope2 = 0;
2449 smb_buf = (struct smb_hdr *)ses_init_buf;
2450
2451 /* sizeof RFC1002_SESSION_REQUEST with no scope */
2452 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
2453 rc = smb_send(server, smb_buf, 0x44);
2454 kfree(ses_init_buf);
2455 /*
2456 * RFC1001 layer in at least one server
2457 * requires very short break before negprot
2458 * presumably because not expecting negprot
2459 * to follow so fast. This is a simple
2460 * solution that works without
2461 * complicating the code and causes no
2462 * significant slowing down on mount
2463 * for everyone else
2464 */
2465 usleep_range(1000, 2000);
2466 }
2467 /*
2468 * else the negprot may still work without this
2469 * even though malloc failed
2470 */
2471
2472 return rc;
2473}
2474
2475static int
2476generic_ip_connect(struct TCP_Server_Info *server)
2477{
2478 int rc = 0;
2479 __be16 sport;
2480 int slen, sfamily;
2481 struct socket *socket = server->ssocket;
2482 struct sockaddr *saddr;
2483
2484 saddr = (struct sockaddr *) &server->dstaddr;
2485
2486 if (server->dstaddr.ss_family == AF_INET6) {
2487 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2488 slen = sizeof(struct sockaddr_in6);
2489 sfamily = AF_INET6;
2490 } else {
2491 sport = ((struct sockaddr_in *) saddr)->sin_port;
2492 slen = sizeof(struct sockaddr_in);
2493 sfamily = AF_INET;
2494 }
2495
2496 if (socket == NULL) {
2497 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2498 IPPROTO_TCP, &socket, 1);
2499 if (rc < 0) {
2500 cERROR(1, "Error %d creating socket", rc);
2501 server->ssocket = NULL;
2502 return rc;
2503 }
2504
2505 /* BB other socket options to set KEEPALIVE, NODELAY? */
2506 cFYI(1, "Socket created");
2507 server->ssocket = socket;
2508 socket->sk->sk_allocation = GFP_NOFS;
2509 if (sfamily == AF_INET6)
2510 cifs_reclassify_socket6(socket);
2511 else
2512 cifs_reclassify_socket4(socket);
2513 }
2514
2515 rc = bind_socket(server);
2516 if (rc < 0)
2517 return rc;
2518
2519 /*
2520 * Eventually check for other socket options to change from
2521 * the default. sock_setsockopt not used because it expects
2522 * user space buffer
2523 */
2524 socket->sk->sk_rcvtimeo = 7 * HZ;
2525 socket->sk->sk_sndtimeo = 5 * HZ;
2526
2527 /* make the bufsizes depend on wsize/rsize and max requests */
2528 if (server->noautotune) {
2529 if (socket->sk->sk_sndbuf < (200 * 1024))
2530 socket->sk->sk_sndbuf = 200 * 1024;
2531 if (socket->sk->sk_rcvbuf < (140 * 1024))
2532 socket->sk->sk_rcvbuf = 140 * 1024;
2533 }
2534
2535 if (server->tcp_nodelay) {
2536 int val = 1;
2537 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2538 (char *)&val, sizeof(val));
2539 if (rc)
2540 cFYI(1, "set TCP_NODELAY socket option error %d", rc);
2541 }
2542
2543 cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
2544 socket->sk->sk_sndbuf,
2545 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
2546
2547 rc = socket->ops->connect(socket, saddr, slen, 0);
2548 if (rc < 0) {
2549 cFYI(1, "Error %d connecting to server", rc);
2550 sock_release(socket);
2551 server->ssocket = NULL;
2552 return rc;
2553 }
2554
2555 if (sport == htons(RFC1001_PORT))
2556 rc = ip_rfc1001_connect(server);
2557
2558 return rc;
2559}
2560
2561static int
2562ip_connect(struct TCP_Server_Info *server)
2563{
2564 __be16 *sport;
2565 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2566 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2567
2568 if (server->dstaddr.ss_family == AF_INET6)
2569 sport = &addr6->sin6_port;
2570 else
2571 sport = &addr->sin_port;
2572
2573 if (*sport == 0) {
2574 int rc;
2575
2576 /* try with 445 port at first */
2577 *sport = htons(CIFS_PORT);
2578
2579 rc = generic_ip_connect(server);
2580 if (rc >= 0)
2581 return rc;
2582
2583 /* if it failed, try with 139 port */
2584 *sport = htons(RFC1001_PORT);
2585 }
2586
2587 return generic_ip_connect(server);
2588}
2589
2590void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
2591 struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
2592{
2593 /* if we are reconnecting then should we check to see if
2594 * any requested capabilities changed locally e.g. via
2595 * remount but we can not do much about it here
2596 * if they have (even if we could detect it by the following)
2597 * Perhaps we could add a backpointer to array of sb from tcon
2598 * or if we change to make all sb to same share the same
2599 * sb as NFS - then we only have one backpointer to sb.
2600 * What if we wanted to mount the server share twice once with
2601 * and once without posixacls or posix paths? */
2602 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2603
2604 if (vol_info && vol_info->no_linux_ext) {
2605 tcon->fsUnixInfo.Capability = 0;
2606 tcon->unix_ext = 0; /* Unix Extensions disabled */
2607 cFYI(1, "Linux protocol extensions disabled");
2608 return;
2609 } else if (vol_info)
2610 tcon->unix_ext = 1; /* Unix Extensions supported */
2611
2612 if (tcon->unix_ext == 0) {
2613 cFYI(1, "Unix extensions disabled so not set on reconnect");
2614 return;
2615 }
2616
2617 if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
2618 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2619 cFYI(1, "unix caps which server supports %lld", cap);
2620 /* check for reconnect case in which we do not
2621 want to change the mount behavior if we can avoid it */
2622 if (vol_info == NULL) {
2623 /* turn off POSIX ACL and PATHNAMES if not set
2624 originally at mount time */
2625 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2626 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2627 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2628 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2629 cERROR(1, "POSIXPATH support change");
2630 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2631 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2632 cERROR(1, "possible reconnect error");
2633 cERROR(1, "server disabled POSIX path support");
2634 }
2635 }
2636
2637 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2638 cERROR(1, "per-share encryption not supported yet");
2639
2640 cap &= CIFS_UNIX_CAP_MASK;
2641 if (vol_info && vol_info->no_psx_acl)
2642 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2643 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
2644 cFYI(1, "negotiated posix acl support");
2645 if (cifs_sb)
2646 cifs_sb->mnt_cifs_flags |=
2647 CIFS_MOUNT_POSIXACL;
2648 }
2649
2650 if (vol_info && vol_info->posix_paths == 0)
2651 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2652 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
2653 cFYI(1, "negotiate posix pathnames");
2654 if (cifs_sb)
2655 cifs_sb->mnt_cifs_flags |=
2656 CIFS_MOUNT_POSIX_PATHS;
2657 }
2658
2659 if (cifs_sb && (cifs_sb->rsize > 127 * 1024)) {
2660 if ((cap & CIFS_UNIX_LARGE_READ_CAP) == 0) {
2661 cifs_sb->rsize = 127 * 1024;
2662 cFYI(DBG2, "larger reads not supported by srv");
2663 }
2664 }
2665
2666
2667 cFYI(1, "Negotiate caps 0x%x", (int)cap);
2668#ifdef CONFIG_CIFS_DEBUG2
2669 if (cap & CIFS_UNIX_FCNTL_CAP)
2670 cFYI(1, "FCNTL cap");
2671 if (cap & CIFS_UNIX_EXTATTR_CAP)
2672 cFYI(1, "EXTATTR cap");
2673 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2674 cFYI(1, "POSIX path cap");
2675 if (cap & CIFS_UNIX_XATTR_CAP)
2676 cFYI(1, "XATTR cap");
2677 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
2678 cFYI(1, "POSIX ACL cap");
2679 if (cap & CIFS_UNIX_LARGE_READ_CAP)
2680 cFYI(1, "very large read cap");
2681 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
2682 cFYI(1, "very large write cap");
2683 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
2684 cFYI(1, "transport encryption cap");
2685 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2686 cFYI(1, "mandatory transport encryption cap");
2687#endif /* CIFS_DEBUG2 */
2688 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
2689 if (vol_info == NULL) {
2690 cFYI(1, "resetting capabilities failed");
2691 } else
2692 cERROR(1, "Negotiating Unix capabilities "
2693 "with the server failed. Consider "
2694 "mounting with the Unix Extensions\n"
2695 "disabled, if problems are found, "
2696 "by specifying the nounix mount "
2697 "option.");
2698
2699 }
2700 }
2701}
2702
2703void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
2704 struct cifs_sb_info *cifs_sb)
2705{
2706 INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2707
2708 spin_lock_init(&cifs_sb->tlink_tree_lock);
2709 cifs_sb->tlink_tree = RB_ROOT;
2710
2711 if (pvolume_info->rsize > CIFSMaxBufSize) {
2712 cERROR(1, "rsize %d too large, using MaxBufSize",
2713 pvolume_info->rsize);
2714 cifs_sb->rsize = CIFSMaxBufSize;
2715 } else if ((pvolume_info->rsize) &&
2716 (pvolume_info->rsize <= CIFSMaxBufSize))
2717 cifs_sb->rsize = pvolume_info->rsize;
2718 else /* default */
2719 cifs_sb->rsize = CIFSMaxBufSize;
2720
2721 if (cifs_sb->rsize < 2048) {
2722 cifs_sb->rsize = 2048;
2723 /* Windows ME may prefer this */
2724 cFYI(1, "readsize set to minimum: 2048");
2725 }
2726
2727 /*
2728 * Temporarily set wsize for matching superblock. If we end up using
2729 * new sb then cifs_negotiate_wsize will later negotiate it downward
2730 * if needed.
2731 */
2732 cifs_sb->wsize = pvolume_info->wsize;
2733
2734 cifs_sb->mnt_uid = pvolume_info->linux_uid;
2735 cifs_sb->mnt_gid = pvolume_info->linux_gid;
2736 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2737 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
2738 cFYI(1, "file mode: 0x%x dir mode: 0x%x",
2739 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
2740
2741 cifs_sb->actimeo = pvolume_info->actimeo;
2742 cifs_sb->local_nls = pvolume_info->local_nls;
2743
2744 if (pvolume_info->noperm)
2745 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2746 if (pvolume_info->setuids)
2747 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2748 if (pvolume_info->server_ino)
2749 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2750 if (pvolume_info->remap)
2751 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2752 if (pvolume_info->no_xattr)
2753 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2754 if (pvolume_info->sfu_emul)
2755 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2756 if (pvolume_info->nobrl)
2757 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
2758 if (pvolume_info->nostrictsync)
2759 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
2760 if (pvolume_info->mand_lock)
2761 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
2762 if (pvolume_info->rwpidforward)
2763 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
2764 if (pvolume_info->cifs_acl)
2765 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
2766 if (pvolume_info->override_uid)
2767 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
2768 if (pvolume_info->override_gid)
2769 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
2770 if (pvolume_info->dynperm)
2771 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
2772 if (pvolume_info->fsc)
2773 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
2774 if (pvolume_info->multiuser)
2775 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
2776 CIFS_MOUNT_NO_PERM);
2777 if (pvolume_info->strict_io)
2778 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
2779 if (pvolume_info->direct_io) {
2780 cFYI(1, "mounting share using direct i/o");
2781 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
2782 }
2783 if (pvolume_info->mfsymlinks) {
2784 if (pvolume_info->sfu_emul) {
2785 cERROR(1, "mount option mfsymlinks ignored if sfu "
2786 "mount option is used");
2787 } else {
2788 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
2789 }
2790 }
2791
2792 if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
2793 cERROR(1, "mount option dynperm ignored if cifsacl "
2794 "mount option supported");
2795}
2796
2797/*
2798 * When the server supports very large writes via POSIX extensions, we can
2799 * allow up to 2^24-1, minus the size of a WRITE_AND_X header, not including
2800 * the RFC1001 length.
2801 *
2802 * Note that this might make for "interesting" allocation problems during
2803 * writeback however as we have to allocate an array of pointers for the
2804 * pages. A 16M write means ~32kb page array with PAGE_CACHE_SIZE == 4096.
2805 */
2806#define CIFS_MAX_WSIZE ((1<<24) - 1 - sizeof(WRITE_REQ) + 4)
2807
2808/*
2809 * When the server doesn't allow large posix writes, only allow a wsize of
2810 * 128k minus the size of the WRITE_AND_X header. That allows for a write up
2811 * to the maximum size described by RFC1002.
2812 */
2813#define CIFS_MAX_RFC1002_WSIZE (128 * 1024 - sizeof(WRITE_REQ) + 4)
2814
2815/*
2816 * The default wsize is 1M. find_get_pages seems to return a maximum of 256
2817 * pages in a single call. With PAGE_CACHE_SIZE == 4k, this means we can fill
2818 * a single wsize request with a single call.
2819 */
2820#define CIFS_DEFAULT_WSIZE (1024 * 1024)
2821
2822static unsigned int
2823cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
2824{
2825 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2826 struct TCP_Server_Info *server = tcon->ses->server;
2827 unsigned int wsize = pvolume_info->wsize ? pvolume_info->wsize :
2828 CIFS_DEFAULT_WSIZE;
2829
2830 /* can server support 24-bit write sizes? (via UNIX extensions) */
2831 if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
2832 wsize = min_t(unsigned int, wsize, CIFS_MAX_RFC1002_WSIZE);
2833
2834 /*
2835 * no CAP_LARGE_WRITE_X or is signing enabled without CAP_UNIX set?
2836 * Limit it to max buffer offered by the server, minus the size of the
2837 * WRITEX header, not including the 4 byte RFC1001 length.
2838 */
2839 if (!(server->capabilities & CAP_LARGE_WRITE_X) ||
2840 (!(server->capabilities & CAP_UNIX) &&
2841 (server->sec_mode & (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED))))
2842 wsize = min_t(unsigned int, wsize,
2843 server->maxBuf - sizeof(WRITE_REQ) + 4);
2844
2845 /* hard limit of CIFS_MAX_WSIZE */
2846 wsize = min_t(unsigned int, wsize, CIFS_MAX_WSIZE);
2847
2848 return wsize;
2849}
2850
2851static int
2852is_path_accessible(int xid, struct cifs_tcon *tcon,
2853 struct cifs_sb_info *cifs_sb, const char *full_path)
2854{
2855 int rc;
2856 FILE_ALL_INFO *pfile_info;
2857
2858 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
2859 if (pfile_info == NULL)
2860 return -ENOMEM;
2861
2862 rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
2863 0 /* not legacy */, cifs_sb->local_nls,
2864 cifs_sb->mnt_cifs_flags &
2865 CIFS_MOUNT_MAP_SPECIAL_CHR);
2866
2867 if (rc == -EOPNOTSUPP || rc == -EINVAL)
2868 rc = SMBQueryInformation(xid, tcon, full_path, pfile_info,
2869 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
2870 CIFS_MOUNT_MAP_SPECIAL_CHR);
2871 kfree(pfile_info);
2872 return rc;
2873}
2874
2875static void
2876cleanup_volume_info_contents(struct smb_vol *volume_info)
2877{
2878 kfree(volume_info->username);
2879 kzfree(volume_info->password);
2880 kfree(volume_info->UNC);
2881 if (volume_info->UNCip != volume_info->UNC + 2)
2882 kfree(volume_info->UNCip);
2883 kfree(volume_info->domainname);
2884 kfree(volume_info->iocharset);
2885 kfree(volume_info->prepath);
2886}
2887
2888void
2889cifs_cleanup_volume_info(struct smb_vol *volume_info)
2890{
2891 if (!volume_info)
2892 return;
2893 cleanup_volume_info_contents(volume_info);
2894 kfree(volume_info);
2895}
2896
2897
2898#ifdef CONFIG_CIFS_DFS_UPCALL
2899/* build_path_to_root returns full path to root when
2900 * we do not have an exiting connection (tcon) */
2901static char *
2902build_unc_path_to_root(const struct smb_vol *vol,
2903 const struct cifs_sb_info *cifs_sb)
2904{
2905 char *full_path, *pos;
2906 unsigned int pplen = vol->prepath ? strlen(vol->prepath) : 0;
2907 unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
2908
2909 full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
2910 if (full_path == NULL)
2911 return ERR_PTR(-ENOMEM);
2912
2913 strncpy(full_path, vol->UNC, unc_len);
2914 pos = full_path + unc_len;
2915
2916 if (pplen) {
2917 strncpy(pos, vol->prepath, pplen);
2918 pos += pplen;
2919 }
2920
2921 *pos = '\0'; /* add trailing null */
2922 convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
2923 cFYI(1, "%s: full_path=%s", __func__, full_path);
2924 return full_path;
2925}
2926
2927/*
2928 * Perform a dfs referral query for a share and (optionally) prefix
2929 *
2930 * If a referral is found, cifs_sb->mountdata will be (re-)allocated
2931 * to a string containing updated options for the submount. Otherwise it
2932 * will be left untouched.
2933 *
2934 * Returns the rc from get_dfs_path to the caller, which can be used to
2935 * determine whether there were referrals.
2936 */
2937static int
2938expand_dfs_referral(int xid, struct cifs_ses *pSesInfo,
2939 struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
2940 int check_prefix)
2941{
2942 int rc;
2943 unsigned int num_referrals = 0;
2944 struct dfs_info3_param *referrals = NULL;
2945 char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
2946
2947 full_path = build_unc_path_to_root(volume_info, cifs_sb);
2948 if (IS_ERR(full_path))
2949 return PTR_ERR(full_path);
2950
2951 /* For DFS paths, skip the first '\' of the UNC */
2952 ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
2953
2954 rc = get_dfs_path(xid, pSesInfo , ref_path, cifs_sb->local_nls,
2955 &num_referrals, &referrals,
2956 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
2957
2958 if (!rc && num_referrals > 0) {
2959 char *fake_devname = NULL;
2960
2961 mdata = cifs_compose_mount_options(cifs_sb->mountdata,
2962 full_path + 1, referrals,
2963 &fake_devname);
2964
2965 free_dfs_info_array(referrals, num_referrals);
2966
2967 if (IS_ERR(mdata)) {
2968 rc = PTR_ERR(mdata);
2969 mdata = NULL;
2970 } else {
2971 cleanup_volume_info_contents(volume_info);
2972 memset(volume_info, '\0', sizeof(*volume_info));
2973 rc = cifs_setup_volume_info(volume_info, mdata,
2974 fake_devname);
2975 }
2976 kfree(fake_devname);
2977 kfree(cifs_sb->mountdata);
2978 cifs_sb->mountdata = mdata;
2979 }
2980 kfree(full_path);
2981 return rc;
2982}
2983#endif
2984
2985static int
2986cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
2987 const char *devname)
2988{
2989 int rc = 0;
2990
2991 if (cifs_parse_mount_options(mount_data, devname, volume_info))
2992 return -EINVAL;
2993
2994 if (volume_info->nullauth) {
2995 cFYI(1, "null user");
2996 volume_info->username = kzalloc(1, GFP_KERNEL);
2997 if (volume_info->username == NULL)
2998 return -ENOMEM;
2999 } else if (volume_info->username) {
3000 /* BB fixme parse for domain name here */
3001 cFYI(1, "Username: %s", volume_info->username);
3002 } else {
3003 cifserror("No username specified");
3004 /* In userspace mount helper we can get user name from alternate
3005 locations such as env variables and files on disk */
3006 return -EINVAL;
3007 }
3008
3009 /* this is needed for ASCII cp to Unicode converts */
3010 if (volume_info->iocharset == NULL) {
3011 /* load_nls_default cannot return null */
3012 volume_info->local_nls = load_nls_default();
3013 } else {
3014 volume_info->local_nls = load_nls(volume_info->iocharset);
3015 if (volume_info->local_nls == NULL) {
3016 cERROR(1, "CIFS mount error: iocharset %s not found",
3017 volume_info->iocharset);
3018 return -ELIBACC;
3019 }
3020 }
3021
3022 return rc;
3023}
3024
3025struct smb_vol *
3026cifs_get_volume_info(char *mount_data, const char *devname)
3027{
3028 int rc;
3029 struct smb_vol *volume_info;
3030
3031 volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
3032 if (!volume_info)
3033 return ERR_PTR(-ENOMEM);
3034
3035 rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3036 if (rc) {
3037 cifs_cleanup_volume_info(volume_info);
3038 volume_info = ERR_PTR(rc);
3039 }
3040
3041 return volume_info;
3042}
3043
3044int
3045cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
3046{
3047 int rc = 0;
3048 int xid;
3049 struct cifs_ses *pSesInfo;
3050 struct cifs_tcon *tcon;
3051 struct TCP_Server_Info *srvTcp;
3052 char *full_path;
3053 struct tcon_link *tlink;
3054#ifdef CONFIG_CIFS_DFS_UPCALL
3055 int referral_walks_count = 0;
3056#endif
3057
3058 rc = bdi_setup_and_register(&cifs_sb->bdi, "cifs", BDI_CAP_MAP_COPY);
3059 if (rc)
3060 return rc;
3061
3062 cifs_sb->bdi.ra_pages = default_backing_dev_info.ra_pages;
3063
3064#ifdef CONFIG_CIFS_DFS_UPCALL
3065try_mount_again:
3066 /* cleanup activities if we're chasing a referral */
3067 if (referral_walks_count) {
3068 if (tcon)
3069 cifs_put_tcon(tcon);
3070 else if (pSesInfo)
3071 cifs_put_smb_ses(pSesInfo);
3072
3073 FreeXid(xid);
3074 }
3075#endif
3076 tcon = NULL;
3077 pSesInfo = NULL;
3078 srvTcp = NULL;
3079 full_path = NULL;
3080 tlink = NULL;
3081
3082 xid = GetXid();
3083
3084 /* get a reference to a tcp session */
3085 srvTcp = cifs_get_tcp_session(volume_info);
3086 if (IS_ERR(srvTcp)) {
3087 rc = PTR_ERR(srvTcp);
3088 bdi_destroy(&cifs_sb->bdi);
3089 goto out;
3090 }
3091
3092 /* get a reference to a SMB session */
3093 pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
3094 if (IS_ERR(pSesInfo)) {
3095 rc = PTR_ERR(pSesInfo);
3096 pSesInfo = NULL;
3097 goto mount_fail_check;
3098 }
3099
3100 /* search for existing tcon to this server share */
3101 tcon = cifs_get_tcon(pSesInfo, volume_info);
3102 if (IS_ERR(tcon)) {
3103 rc = PTR_ERR(tcon);
3104 tcon = NULL;
3105 goto remote_path_check;
3106 }
3107
3108 /* tell server which Unix caps we support */
3109 if (tcon->ses->capabilities & CAP_UNIX) {
3110 /* reset of caps checks mount to see if unix extensions
3111 disabled for just this mount */
3112 reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
3113 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3114 (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3115 CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3116 rc = -EACCES;
3117 goto mount_fail_check;
3118 }
3119 } else
3120 tcon->unix_ext = 0; /* server does not support them */
3121
3122 /* do not care if following two calls succeed - informational */
3123 if (!tcon->ipc) {
3124 CIFSSMBQFSDeviceInfo(xid, tcon);
3125 CIFSSMBQFSAttributeInfo(xid, tcon);
3126 }
3127
3128 if ((tcon->unix_ext == 0) && (cifs_sb->rsize > (1024 * 127))) {
3129 cifs_sb->rsize = 1024 * 127;
3130 cFYI(DBG2, "no very large read support, rsize now 127K");
3131 }
3132 if (!(tcon->ses->capabilities & CAP_LARGE_READ_X))
3133 cifs_sb->rsize = min(cifs_sb->rsize,
3134 (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
3135
3136 cifs_sb->wsize = cifs_negotiate_wsize(tcon, volume_info);
3137
3138remote_path_check:
3139#ifdef CONFIG_CIFS_DFS_UPCALL
3140 /*
3141 * Perform an unconditional check for whether there are DFS
3142 * referrals for this path without prefix, to provide support
3143 * for DFS referrals from w2k8 servers which don't seem to respond
3144 * with PATH_NOT_COVERED to requests that include the prefix.
3145 * Chase the referral if found, otherwise continue normally.
3146 */
3147 if (referral_walks_count == 0) {
3148 int refrc = expand_dfs_referral(xid, pSesInfo, volume_info,
3149 cifs_sb, false);
3150 if (!refrc) {
3151 referral_walks_count++;
3152 goto try_mount_again;
3153 }
3154 }
3155#endif
3156
3157 /* check if a whole path is not remote */
3158 if (!rc && tcon) {
3159 /* build_path_to_root works only when we have a valid tcon */
3160 full_path = cifs_build_path_to_root(volume_info, cifs_sb, tcon);
3161 if (full_path == NULL) {
3162 rc = -ENOMEM;
3163 goto mount_fail_check;
3164 }
3165 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
3166 if (rc != 0 && rc != -EREMOTE) {
3167 kfree(full_path);
3168 goto mount_fail_check;
3169 }
3170 kfree(full_path);
3171 }
3172
3173 /* get referral if needed */
3174 if (rc == -EREMOTE) {
3175#ifdef CONFIG_CIFS_DFS_UPCALL
3176 if (referral_walks_count > MAX_NESTED_LINKS) {
3177 /*
3178 * BB: when we implement proper loop detection,
3179 * we will remove this check. But now we need it
3180 * to prevent an indefinite loop if 'DFS tree' is
3181 * misconfigured (i.e. has loops).
3182 */
3183 rc = -ELOOP;
3184 goto mount_fail_check;
3185 }
3186
3187 rc = expand_dfs_referral(xid, pSesInfo, volume_info, cifs_sb,
3188 true);
3189
3190 if (!rc) {
3191 referral_walks_count++;
3192 goto try_mount_again;
3193 }
3194 goto mount_fail_check;
3195#else /* No DFS support, return error on mount */
3196 rc = -EOPNOTSUPP;
3197#endif
3198 }
3199
3200 if (rc)
3201 goto mount_fail_check;
3202
3203 /* now, hang the tcon off of the superblock */
3204 tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3205 if (tlink == NULL) {
3206 rc = -ENOMEM;
3207 goto mount_fail_check;
3208 }
3209
3210 tlink->tl_uid = pSesInfo->linux_uid;
3211 tlink->tl_tcon = tcon;
3212 tlink->tl_time = jiffies;
3213 set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
3214 set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3215
3216 cifs_sb->master_tlink = tlink;
3217 spin_lock(&cifs_sb->tlink_tree_lock);
3218 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
3219 spin_unlock(&cifs_sb->tlink_tree_lock);
3220
3221 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3222 TLINK_IDLE_EXPIRE);
3223
3224mount_fail_check:
3225 /* on error free sesinfo and tcon struct if needed */
3226 if (rc) {
3227 /* If find_unc succeeded then rc == 0 so we can not end */
3228 /* up accidentally freeing someone elses tcon struct */
3229 if (tcon)
3230 cifs_put_tcon(tcon);
3231 else if (pSesInfo)
3232 cifs_put_smb_ses(pSesInfo);
3233 else
3234 cifs_put_tcp_session(srvTcp);
3235 bdi_destroy(&cifs_sb->bdi);
3236 }
3237
3238out:
3239 FreeXid(xid);
3240 return rc;
3241}
3242
3243/*
3244 * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
3245 * pointer may be NULL.
3246 */
3247int
3248CIFSTCon(unsigned int xid, struct cifs_ses *ses,
3249 const char *tree, struct cifs_tcon *tcon,
3250 const struct nls_table *nls_codepage)
3251{
3252 struct smb_hdr *smb_buffer;
3253 struct smb_hdr *smb_buffer_response;
3254 TCONX_REQ *pSMB;
3255 TCONX_RSP *pSMBr;
3256 unsigned char *bcc_ptr;
3257 int rc = 0;
3258 int length;
3259 __u16 bytes_left, count;
3260
3261 if (ses == NULL)
3262 return -EIO;
3263
3264 smb_buffer = cifs_buf_get();
3265 if (smb_buffer == NULL)
3266 return -ENOMEM;
3267
3268 smb_buffer_response = smb_buffer;
3269
3270 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3271 NULL /*no tid */ , 4 /*wct */ );
3272
3273 smb_buffer->Mid = GetNextMid(ses->server);
3274 smb_buffer->Uid = ses->Suid;
3275 pSMB = (TCONX_REQ *) smb_buffer;
3276 pSMBr = (TCONX_RSP *) smb_buffer_response;
3277
3278 pSMB->AndXCommand = 0xFF;
3279 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
3280 bcc_ptr = &pSMB->Password[0];
3281 if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
3282 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
3283 *bcc_ptr = 0; /* password is null byte */
3284 bcc_ptr++; /* skip password */
3285 /* already aligned so no need to do it below */
3286 } else {
3287 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
3288 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3289 specified as required (when that support is added to
3290 the vfs in the future) as only NTLM or the much
3291 weaker LANMAN (which we do not send by default) is accepted
3292 by Samba (not sure whether other servers allow
3293 NTLMv2 password here) */
3294#ifdef CONFIG_CIFS_WEAK_PW_HASH
3295 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
3296 (ses->server->secType == LANMAN))
3297 calc_lanman_hash(tcon->password, ses->server->cryptkey,
3298 ses->server->sec_mode &
3299 SECMODE_PW_ENCRYPT ? true : false,
3300 bcc_ptr);
3301 else
3302#endif /* CIFS_WEAK_PW_HASH */
3303 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
3304 bcc_ptr);
3305
3306 bcc_ptr += CIFS_AUTH_RESP_SIZE;
3307 if (ses->capabilities & CAP_UNICODE) {
3308 /* must align unicode strings */
3309 *bcc_ptr = 0; /* null byte password */
3310 bcc_ptr++;
3311 }
3312 }
3313
3314 if (ses->server->sec_mode &
3315 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
3316 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3317
3318 if (ses->capabilities & CAP_STATUS32) {
3319 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3320 }
3321 if (ses->capabilities & CAP_DFS) {
3322 smb_buffer->Flags2 |= SMBFLG2_DFS;
3323 }
3324 if (ses->capabilities & CAP_UNICODE) {
3325 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3326 length =
3327 cifs_strtoUCS((__le16 *) bcc_ptr, tree,
3328 6 /* max utf8 char length in bytes */ *
3329 (/* server len*/ + 256 /* share len */), nls_codepage);
3330 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
3331 bcc_ptr += 2; /* skip trailing null */
3332 } else { /* ASCII */
3333 strcpy(bcc_ptr, tree);
3334 bcc_ptr += strlen(tree) + 1;
3335 }
3336 strcpy(bcc_ptr, "?????");
3337 bcc_ptr += strlen("?????");
3338 bcc_ptr += 1;
3339 count = bcc_ptr - &pSMB->Password[0];
3340 pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
3341 pSMB->hdr.smb_buf_length) + count);
3342 pSMB->ByteCount = cpu_to_le16(count);
3343
3344 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
3345 0);
3346
3347 /* above now done in SendReceive */
3348 if ((rc == 0) && (tcon != NULL)) {
3349 bool is_unicode;
3350
3351 tcon->tidStatus = CifsGood;
3352 tcon->need_reconnect = false;
3353 tcon->tid = smb_buffer_response->Tid;
3354 bcc_ptr = pByteArea(smb_buffer_response);
3355 bytes_left = get_bcc(smb_buffer_response);
3356 length = strnlen(bcc_ptr, bytes_left - 2);
3357 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3358 is_unicode = true;
3359 else
3360 is_unicode = false;
3361
3362
3363 /* skip service field (NB: this field is always ASCII) */
3364 if (length == 3) {
3365 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
3366 (bcc_ptr[2] == 'C')) {
3367 cFYI(1, "IPC connection");
3368 tcon->ipc = 1;
3369 }
3370 } else if (length == 2) {
3371 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
3372 /* the most common case */
3373 cFYI(1, "disk share connection");
3374 }
3375 }
3376 bcc_ptr += length + 1;
3377 bytes_left -= (length + 1);
3378 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
3379
3380 /* mostly informational -- no need to fail on error here */
3381 kfree(tcon->nativeFileSystem);
3382 tcon->nativeFileSystem = cifs_strndup_from_ucs(bcc_ptr,
3383 bytes_left, is_unicode,
3384 nls_codepage);
3385
3386 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
3387
3388 if ((smb_buffer_response->WordCount == 3) ||
3389 (smb_buffer_response->WordCount == 7))
3390 /* field is in same location */
3391 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3392 else
3393 tcon->Flags = 0;
3394 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
3395 } else if ((rc == 0) && tcon == NULL) {
3396 /* all we need to save for IPC$ connection */
3397 ses->ipc_tid = smb_buffer_response->Tid;
3398 }
3399
3400 cifs_buf_release(smb_buffer);
3401 return rc;
3402}
3403
3404void
3405cifs_umount(struct cifs_sb_info *cifs_sb)
3406{
3407 struct rb_root *root = &cifs_sb->tlink_tree;
3408 struct rb_node *node;
3409 struct tcon_link *tlink;
3410
3411 cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
3412
3413 spin_lock(&cifs_sb->tlink_tree_lock);
3414 while ((node = rb_first(root))) {
3415 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3416 cifs_get_tlink(tlink);
3417 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3418 rb_erase(node, root);
3419
3420 spin_unlock(&cifs_sb->tlink_tree_lock);
3421 cifs_put_tlink(tlink);
3422 spin_lock(&cifs_sb->tlink_tree_lock);
3423 }
3424 spin_unlock(&cifs_sb->tlink_tree_lock);
3425
3426 bdi_destroy(&cifs_sb->bdi);
3427 kfree(cifs_sb->mountdata);
3428 unload_nls(cifs_sb->local_nls);
3429 kfree(cifs_sb);
3430}
3431
3432int cifs_negotiate_protocol(unsigned int xid, struct cifs_ses *ses)
3433{
3434 int rc = 0;
3435 struct TCP_Server_Info *server = ses->server;
3436
3437 /* only send once per connect */
3438 if (server->maxBuf != 0)
3439 return 0;
3440
3441 rc = CIFSSMBNegotiate(xid, ses);
3442 if (rc == -EAGAIN) {
3443 /* retry only once on 1st time connection */
3444 rc = CIFSSMBNegotiate(xid, ses);
3445 if (rc == -EAGAIN)
3446 rc = -EHOSTDOWN;
3447 }
3448 if (rc == 0) {
3449 spin_lock(&GlobalMid_Lock);
3450 if (server->tcpStatus == CifsNeedNegotiate)
3451 server->tcpStatus = CifsGood;
3452 else
3453 rc = -EHOSTDOWN;
3454 spin_unlock(&GlobalMid_Lock);
3455
3456 }
3457
3458 return rc;
3459}
3460
3461
3462int cifs_setup_session(unsigned int xid, struct cifs_ses *ses,
3463 struct nls_table *nls_info)
3464{
3465 int rc = 0;
3466 struct TCP_Server_Info *server = ses->server;
3467
3468 ses->flags = 0;
3469 ses->capabilities = server->capabilities;
3470 if (linuxExtEnabled == 0)
3471 ses->capabilities &= (~CAP_UNIX);
3472
3473 cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
3474 server->sec_mode, server->capabilities, server->timeAdj);
3475
3476 rc = CIFS_SessSetup(xid, ses, nls_info);
3477 if (rc) {
3478 cERROR(1, "Send error in SessSetup = %d", rc);
3479 } else {
3480 mutex_lock(&ses->server->srv_mutex);
3481 if (!server->session_estab) {
3482 server->session_key.response = ses->auth_key.response;
3483 server->session_key.len = ses->auth_key.len;
3484 server->sequence_number = 0x2;
3485 server->session_estab = true;
3486 ses->auth_key.response = NULL;
3487 }
3488 mutex_unlock(&server->srv_mutex);
3489
3490 cFYI(1, "CIFS Session Established successfully");
3491 spin_lock(&GlobalMid_Lock);
3492 ses->status = CifsGood;
3493 ses->need_reconnect = false;
3494 spin_unlock(&GlobalMid_Lock);
3495 }
3496
3497 kfree(ses->auth_key.response);
3498 ses->auth_key.response = NULL;
3499 ses->auth_key.len = 0;
3500 kfree(ses->ntlmssp);
3501 ses->ntlmssp = NULL;
3502
3503 return rc;
3504}
3505
3506static struct cifs_tcon *
3507cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
3508{
3509 struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
3510 struct cifs_ses *ses;
3511 struct cifs_tcon *tcon = NULL;
3512 struct smb_vol *vol_info;
3513 char username[28]; /* big enough for "krb50x" + hex of ULONG_MAX 6+16 */
3514 /* We used to have this as MAX_USERNAME which is */
3515 /* way too big now (256 instead of 32) */
3516
3517 vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
3518 if (vol_info == NULL) {
3519 tcon = ERR_PTR(-ENOMEM);
3520 goto out;
3521 }
3522
3523 snprintf(username, sizeof(username), "krb50x%x", fsuid);
3524 vol_info->username = username;
3525 vol_info->local_nls = cifs_sb->local_nls;
3526 vol_info->linux_uid = fsuid;
3527 vol_info->cred_uid = fsuid;
3528 vol_info->UNC = master_tcon->treeName;
3529 vol_info->retry = master_tcon->retry;
3530 vol_info->nocase = master_tcon->nocase;
3531 vol_info->local_lease = master_tcon->local_lease;
3532 vol_info->no_linux_ext = !master_tcon->unix_ext;
3533
3534 /* FIXME: allow for other secFlg settings */
3535 vol_info->secFlg = CIFSSEC_MUST_KRB5;
3536
3537 /* get a reference for the same TCP session */
3538 spin_lock(&cifs_tcp_ses_lock);
3539 ++master_tcon->ses->server->srv_count;
3540 spin_unlock(&cifs_tcp_ses_lock);
3541
3542 ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
3543 if (IS_ERR(ses)) {
3544 tcon = (struct cifs_tcon *)ses;
3545 cifs_put_tcp_session(master_tcon->ses->server);
3546 goto out;
3547 }
3548
3549 tcon = cifs_get_tcon(ses, vol_info);
3550 if (IS_ERR(tcon)) {
3551 cifs_put_smb_ses(ses);
3552 goto out;
3553 }
3554
3555 if (ses->capabilities & CAP_UNIX)
3556 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
3557out:
3558 kfree(vol_info);
3559
3560 return tcon;
3561}
3562
3563struct cifs_tcon *
3564cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
3565{
3566 return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
3567}
3568
3569static int
3570cifs_sb_tcon_pending_wait(void *unused)
3571{
3572 schedule();
3573 return signal_pending(current) ? -ERESTARTSYS : 0;
3574}
3575
3576/* find and return a tlink with given uid */
3577static struct tcon_link *
3578tlink_rb_search(struct rb_root *root, uid_t uid)
3579{
3580 struct rb_node *node = root->rb_node;
3581 struct tcon_link *tlink;
3582
3583 while (node) {
3584 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3585
3586 if (tlink->tl_uid > uid)
3587 node = node->rb_left;
3588 else if (tlink->tl_uid < uid)
3589 node = node->rb_right;
3590 else
3591 return tlink;
3592 }
3593 return NULL;
3594}
3595
3596/* insert a tcon_link into the tree */
3597static void
3598tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
3599{
3600 struct rb_node **new = &(root->rb_node), *parent = NULL;
3601 struct tcon_link *tlink;
3602
3603 while (*new) {
3604 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
3605 parent = *new;
3606
3607 if (tlink->tl_uid > new_tlink->tl_uid)
3608 new = &((*new)->rb_left);
3609 else
3610 new = &((*new)->rb_right);
3611 }
3612
3613 rb_link_node(&new_tlink->tl_rbnode, parent, new);
3614 rb_insert_color(&new_tlink->tl_rbnode, root);
3615}
3616
3617/*
3618 * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
3619 * current task.
3620 *
3621 * If the superblock doesn't refer to a multiuser mount, then just return
3622 * the master tcon for the mount.
3623 *
3624 * First, search the rbtree for an existing tcon for this fsuid. If one
3625 * exists, then check to see if it's pending construction. If it is then wait
3626 * for construction to complete. Once it's no longer pending, check to see if
3627 * it failed and either return an error or retry construction, depending on
3628 * the timeout.
3629 *
3630 * If one doesn't exist then insert a new tcon_link struct into the tree and
3631 * try to construct a new one.
3632 */
3633struct tcon_link *
3634cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
3635{
3636 int ret;
3637 uid_t fsuid = current_fsuid();
3638 struct tcon_link *tlink, *newtlink;
3639
3640 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
3641 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
3642
3643 spin_lock(&cifs_sb->tlink_tree_lock);
3644 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
3645 if (tlink)
3646 cifs_get_tlink(tlink);
3647 spin_unlock(&cifs_sb->tlink_tree_lock);
3648
3649 if (tlink == NULL) {
3650 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
3651 if (newtlink == NULL)
3652 return ERR_PTR(-ENOMEM);
3653 newtlink->tl_uid = fsuid;
3654 newtlink->tl_tcon = ERR_PTR(-EACCES);
3655 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
3656 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
3657 cifs_get_tlink(newtlink);
3658
3659 spin_lock(&cifs_sb->tlink_tree_lock);
3660 /* was one inserted after previous search? */
3661 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
3662 if (tlink) {
3663 cifs_get_tlink(tlink);
3664 spin_unlock(&cifs_sb->tlink_tree_lock);
3665 kfree(newtlink);
3666 goto wait_for_construction;
3667 }
3668 tlink = newtlink;
3669 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
3670 spin_unlock(&cifs_sb->tlink_tree_lock);
3671 } else {
3672wait_for_construction:
3673 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
3674 cifs_sb_tcon_pending_wait,
3675 TASK_INTERRUPTIBLE);
3676 if (ret) {
3677 cifs_put_tlink(tlink);
3678 return ERR_PTR(ret);
3679 }
3680
3681 /* if it's good, return it */
3682 if (!IS_ERR(tlink->tl_tcon))
3683 return tlink;
3684
3685 /* return error if we tried this already recently */
3686 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
3687 cifs_put_tlink(tlink);
3688 return ERR_PTR(-EACCES);
3689 }
3690
3691 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
3692 goto wait_for_construction;
3693 }
3694
3695 tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
3696 clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
3697 wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
3698
3699 if (IS_ERR(tlink->tl_tcon)) {
3700 cifs_put_tlink(tlink);
3701 return ERR_PTR(-EACCES);
3702 }
3703
3704 return tlink;
3705}
3706
3707/*
3708 * periodic workqueue job that scans tcon_tree for a superblock and closes
3709 * out tcons.
3710 */
3711static void
3712cifs_prune_tlinks(struct work_struct *work)
3713{
3714 struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
3715 prune_tlinks.work);
3716 struct rb_root *root = &cifs_sb->tlink_tree;
3717 struct rb_node *node = rb_first(root);
3718 struct rb_node *tmp;
3719 struct tcon_link *tlink;
3720
3721 /*
3722 * Because we drop the spinlock in the loop in order to put the tlink
3723 * it's not guarded against removal of links from the tree. The only
3724 * places that remove entries from the tree are this function and
3725 * umounts. Because this function is non-reentrant and is canceled
3726 * before umount can proceed, this is safe.
3727 */
3728 spin_lock(&cifs_sb->tlink_tree_lock);
3729 node = rb_first(root);
3730 while (node != NULL) {
3731 tmp = node;
3732 node = rb_next(tmp);
3733 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
3734
3735 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
3736 atomic_read(&tlink->tl_count) != 0 ||
3737 time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
3738 continue;
3739
3740 cifs_get_tlink(tlink);
3741 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3742 rb_erase(tmp, root);
3743
3744 spin_unlock(&cifs_sb->tlink_tree_lock);
3745 cifs_put_tlink(tlink);
3746 spin_lock(&cifs_sb->tlink_tree_lock);
3747 }
3748 spin_unlock(&cifs_sb->tlink_tree_lock);
3749
3750 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3751 TLINK_IDLE_EXPIRE);
3752}
1/*
2 * fs/cifs/connect.c
3 *
4 * Copyright (C) International Business Machines Corp., 2002,2011
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21#include <linux/fs.h>
22#include <linux/net.h>
23#include <linux/string.h>
24#include <linux/list.h>
25#include <linux/wait.h>
26#include <linux/slab.h>
27#include <linux/pagemap.h>
28#include <linux/ctype.h>
29#include <linux/utsname.h>
30#include <linux/mempool.h>
31#include <linux/delay.h>
32#include <linux/completion.h>
33#include <linux/kthread.h>
34#include <linux/pagevec.h>
35#include <linux/freezer.h>
36#include <linux/namei.h>
37#include <asm/uaccess.h>
38#include <asm/processor.h>
39#include <linux/inet.h>
40#include <linux/module.h>
41#include <keys/user-type.h>
42#include <net/ipv6.h>
43#include <linux/parser.h>
44
45#include "cifspdu.h"
46#include "cifsglob.h"
47#include "cifsproto.h"
48#include "cifs_unicode.h"
49#include "cifs_debug.h"
50#include "cifs_fs_sb.h"
51#include "ntlmssp.h"
52#include "nterr.h"
53#include "rfc1002pdu.h"
54#include "fscache.h"
55
56#define CIFS_PORT 445
57#define RFC1001_PORT 139
58
59/* SMB echo "timeout" -- FIXME: tunable? */
60#define SMB_ECHO_INTERVAL (60 * HZ)
61
62extern mempool_t *cifs_req_poolp;
63
64/* FIXME: should these be tunable? */
65#define TLINK_ERROR_EXPIRE (1 * HZ)
66#define TLINK_IDLE_EXPIRE (600 * HZ)
67
68enum {
69
70 /* Mount options that take no arguments */
71 Opt_user_xattr, Opt_nouser_xattr,
72 Opt_forceuid, Opt_noforceuid,
73 Opt_noblocksend, Opt_noautotune,
74 Opt_hard, Opt_soft, Opt_perm, Opt_noperm,
75 Opt_mapchars, Opt_nomapchars, Opt_sfu,
76 Opt_nosfu, Opt_nodfs, Opt_posixpaths,
77 Opt_noposixpaths, Opt_nounix,
78 Opt_nocase,
79 Opt_brl, Opt_nobrl,
80 Opt_forcemandatorylock, Opt_setuids,
81 Opt_nosetuids, Opt_dynperm, Opt_nodynperm,
82 Opt_nohard, Opt_nosoft,
83 Opt_nointr, Opt_intr,
84 Opt_nostrictsync, Opt_strictsync,
85 Opt_serverino, Opt_noserverino,
86 Opt_rwpidforward, Opt_cifsacl, Opt_nocifsacl,
87 Opt_acl, Opt_noacl, Opt_locallease,
88 Opt_sign, Opt_seal, Opt_direct,
89 Opt_strictcache, Opt_noac,
90 Opt_fsc, Opt_mfsymlinks,
91 Opt_multiuser, Opt_sloppy,
92
93 /* Mount options which take numeric value */
94 Opt_backupuid, Opt_backupgid, Opt_uid,
95 Opt_cruid, Opt_gid, Opt_file_mode,
96 Opt_dirmode, Opt_port,
97 Opt_rsize, Opt_wsize, Opt_actimeo,
98
99 /* Mount options which take string value */
100 Opt_user, Opt_pass, Opt_ip,
101 Opt_unc, Opt_domain,
102 Opt_srcaddr, Opt_prefixpath,
103 Opt_iocharset, Opt_sockopt,
104 Opt_netbiosname, Opt_servern,
105 Opt_ver, Opt_vers, Opt_sec, Opt_cache,
106
107 /* Mount options to be ignored */
108 Opt_ignore,
109
110 /* Options which could be blank */
111 Opt_blank_pass,
112 Opt_blank_user,
113 Opt_blank_ip,
114
115 Opt_err
116};
117
118static const match_table_t cifs_mount_option_tokens = {
119
120 { Opt_user_xattr, "user_xattr" },
121 { Opt_nouser_xattr, "nouser_xattr" },
122 { Opt_forceuid, "forceuid" },
123 { Opt_noforceuid, "noforceuid" },
124 { Opt_noblocksend, "noblocksend" },
125 { Opt_noautotune, "noautotune" },
126 { Opt_hard, "hard" },
127 { Opt_soft, "soft" },
128 { Opt_perm, "perm" },
129 { Opt_noperm, "noperm" },
130 { Opt_mapchars, "mapchars" },
131 { Opt_nomapchars, "nomapchars" },
132 { Opt_sfu, "sfu" },
133 { Opt_nosfu, "nosfu" },
134 { Opt_nodfs, "nodfs" },
135 { Opt_posixpaths, "posixpaths" },
136 { Opt_noposixpaths, "noposixpaths" },
137 { Opt_nounix, "nounix" },
138 { Opt_nounix, "nolinux" },
139 { Opt_nocase, "nocase" },
140 { Opt_nocase, "ignorecase" },
141 { Opt_brl, "brl" },
142 { Opt_nobrl, "nobrl" },
143 { Opt_nobrl, "nolock" },
144 { Opt_forcemandatorylock, "forcemandatorylock" },
145 { Opt_forcemandatorylock, "forcemand" },
146 { Opt_setuids, "setuids" },
147 { Opt_nosetuids, "nosetuids" },
148 { Opt_dynperm, "dynperm" },
149 { Opt_nodynperm, "nodynperm" },
150 { Opt_nohard, "nohard" },
151 { Opt_nosoft, "nosoft" },
152 { Opt_nointr, "nointr" },
153 { Opt_intr, "intr" },
154 { Opt_nostrictsync, "nostrictsync" },
155 { Opt_strictsync, "strictsync" },
156 { Opt_serverino, "serverino" },
157 { Opt_noserverino, "noserverino" },
158 { Opt_rwpidforward, "rwpidforward" },
159 { Opt_cifsacl, "cifsacl" },
160 { Opt_nocifsacl, "nocifsacl" },
161 { Opt_acl, "acl" },
162 { Opt_noacl, "noacl" },
163 { Opt_locallease, "locallease" },
164 { Opt_sign, "sign" },
165 { Opt_seal, "seal" },
166 { Opt_direct, "direct" },
167 { Opt_direct, "directio" },
168 { Opt_direct, "forcedirectio" },
169 { Opt_strictcache, "strictcache" },
170 { Opt_noac, "noac" },
171 { Opt_fsc, "fsc" },
172 { Opt_mfsymlinks, "mfsymlinks" },
173 { Opt_multiuser, "multiuser" },
174 { Opt_sloppy, "sloppy" },
175
176 { Opt_backupuid, "backupuid=%s" },
177 { Opt_backupgid, "backupgid=%s" },
178 { Opt_uid, "uid=%s" },
179 { Opt_cruid, "cruid=%s" },
180 { Opt_gid, "gid=%s" },
181 { Opt_file_mode, "file_mode=%s" },
182 { Opt_dirmode, "dirmode=%s" },
183 { Opt_dirmode, "dir_mode=%s" },
184 { Opt_port, "port=%s" },
185 { Opt_rsize, "rsize=%s" },
186 { Opt_wsize, "wsize=%s" },
187 { Opt_actimeo, "actimeo=%s" },
188
189 { Opt_blank_user, "user=" },
190 { Opt_blank_user, "username=" },
191 { Opt_user, "user=%s" },
192 { Opt_user, "username=%s" },
193 { Opt_blank_pass, "pass=" },
194 { Opt_pass, "pass=%s" },
195 { Opt_pass, "password=%s" },
196 { Opt_blank_ip, "ip=" },
197 { Opt_blank_ip, "addr=" },
198 { Opt_ip, "ip=%s" },
199 { Opt_ip, "addr=%s" },
200 { Opt_unc, "unc=%s" },
201 { Opt_unc, "target=%s" },
202 { Opt_unc, "path=%s" },
203 { Opt_domain, "dom=%s" },
204 { Opt_domain, "domain=%s" },
205 { Opt_domain, "workgroup=%s" },
206 { Opt_srcaddr, "srcaddr=%s" },
207 { Opt_prefixpath, "prefixpath=%s" },
208 { Opt_iocharset, "iocharset=%s" },
209 { Opt_sockopt, "sockopt=%s" },
210 { Opt_netbiosname, "netbiosname=%s" },
211 { Opt_servern, "servern=%s" },
212 { Opt_ver, "ver=%s" },
213 { Opt_vers, "vers=%s" },
214 { Opt_sec, "sec=%s" },
215 { Opt_cache, "cache=%s" },
216
217 { Opt_ignore, "cred" },
218 { Opt_ignore, "credentials" },
219 { Opt_ignore, "cred=%s" },
220 { Opt_ignore, "credentials=%s" },
221 { Opt_ignore, "guest" },
222 { Opt_ignore, "rw" },
223 { Opt_ignore, "ro" },
224 { Opt_ignore, "suid" },
225 { Opt_ignore, "nosuid" },
226 { Opt_ignore, "exec" },
227 { Opt_ignore, "noexec" },
228 { Opt_ignore, "nodev" },
229 { Opt_ignore, "noauto" },
230 { Opt_ignore, "dev" },
231 { Opt_ignore, "mand" },
232 { Opt_ignore, "nomand" },
233 { Opt_ignore, "_netdev" },
234
235 { Opt_err, NULL }
236};
237
238enum {
239 Opt_sec_krb5, Opt_sec_krb5i, Opt_sec_krb5p,
240 Opt_sec_ntlmsspi, Opt_sec_ntlmssp,
241 Opt_ntlm, Opt_sec_ntlmi, Opt_sec_ntlmv2,
242 Opt_sec_ntlmv2i, Opt_sec_lanman,
243 Opt_sec_none,
244
245 Opt_sec_err
246};
247
248static const match_table_t cifs_secflavor_tokens = {
249 { Opt_sec_krb5, "krb5" },
250 { Opt_sec_krb5i, "krb5i" },
251 { Opt_sec_krb5p, "krb5p" },
252 { Opt_sec_ntlmsspi, "ntlmsspi" },
253 { Opt_sec_ntlmssp, "ntlmssp" },
254 { Opt_ntlm, "ntlm" },
255 { Opt_sec_ntlmi, "ntlmi" },
256 { Opt_sec_ntlmv2, "nontlm" },
257 { Opt_sec_ntlmv2, "ntlmv2" },
258 { Opt_sec_ntlmv2i, "ntlmv2i" },
259 { Opt_sec_lanman, "lanman" },
260 { Opt_sec_none, "none" },
261
262 { Opt_sec_err, NULL }
263};
264
265/* cache flavors */
266enum {
267 Opt_cache_loose,
268 Opt_cache_strict,
269 Opt_cache_none,
270 Opt_cache_err
271};
272
273static const match_table_t cifs_cacheflavor_tokens = {
274 { Opt_cache_loose, "loose" },
275 { Opt_cache_strict, "strict" },
276 { Opt_cache_none, "none" },
277 { Opt_cache_err, NULL }
278};
279
280static const match_table_t cifs_smb_version_tokens = {
281 { Smb_1, SMB1_VERSION_STRING },
282 { Smb_21, SMB21_VERSION_STRING },
283};
284
285static int ip_connect(struct TCP_Server_Info *server);
286static int generic_ip_connect(struct TCP_Server_Info *server);
287static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
288static void cifs_prune_tlinks(struct work_struct *work);
289static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
290 const char *devname);
291
292/*
293 * cifs tcp session reconnection
294 *
295 * mark tcp session as reconnecting so temporarily locked
296 * mark all smb sessions as reconnecting for tcp session
297 * reconnect tcp session
298 * wake up waiters on reconnection? - (not needed currently)
299 */
300static int
301cifs_reconnect(struct TCP_Server_Info *server)
302{
303 int rc = 0;
304 struct list_head *tmp, *tmp2;
305 struct cifs_ses *ses;
306 struct cifs_tcon *tcon;
307 struct mid_q_entry *mid_entry;
308 struct list_head retry_list;
309
310 spin_lock(&GlobalMid_Lock);
311 if (server->tcpStatus == CifsExiting) {
312 /* the demux thread will exit normally
313 next time through the loop */
314 spin_unlock(&GlobalMid_Lock);
315 return rc;
316 } else
317 server->tcpStatus = CifsNeedReconnect;
318 spin_unlock(&GlobalMid_Lock);
319 server->maxBuf = 0;
320
321 cFYI(1, "Reconnecting tcp session");
322
323 /* before reconnecting the tcp session, mark the smb session (uid)
324 and the tid bad so they are not used until reconnected */
325 cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
326 spin_lock(&cifs_tcp_ses_lock);
327 list_for_each(tmp, &server->smb_ses_list) {
328 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
329 ses->need_reconnect = true;
330 ses->ipc_tid = 0;
331 list_for_each(tmp2, &ses->tcon_list) {
332 tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
333 tcon->need_reconnect = true;
334 }
335 }
336 spin_unlock(&cifs_tcp_ses_lock);
337
338 /* do not want to be sending data on a socket we are freeing */
339 cFYI(1, "%s: tearing down socket", __func__);
340 mutex_lock(&server->srv_mutex);
341 if (server->ssocket) {
342 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
343 server->ssocket->flags);
344 kernel_sock_shutdown(server->ssocket, SHUT_WR);
345 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
346 server->ssocket->state,
347 server->ssocket->flags);
348 sock_release(server->ssocket);
349 server->ssocket = NULL;
350 }
351 server->sequence_number = 0;
352 server->session_estab = false;
353 kfree(server->session_key.response);
354 server->session_key.response = NULL;
355 server->session_key.len = 0;
356 server->lstrp = jiffies;
357 mutex_unlock(&server->srv_mutex);
358
359 /* mark submitted MIDs for retry and issue callback */
360 INIT_LIST_HEAD(&retry_list);
361 cFYI(1, "%s: moving mids to private list", __func__);
362 spin_lock(&GlobalMid_Lock);
363 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
364 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
365 if (mid_entry->mid_state == MID_REQUEST_SUBMITTED)
366 mid_entry->mid_state = MID_RETRY_NEEDED;
367 list_move(&mid_entry->qhead, &retry_list);
368 }
369 spin_unlock(&GlobalMid_Lock);
370
371 cFYI(1, "%s: issuing mid callbacks", __func__);
372 list_for_each_safe(tmp, tmp2, &retry_list) {
373 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
374 list_del_init(&mid_entry->qhead);
375 mid_entry->callback(mid_entry);
376 }
377
378 do {
379 try_to_freeze();
380
381 /* we should try only the port we connected to before */
382 rc = generic_ip_connect(server);
383 if (rc) {
384 cFYI(1, "reconnect error %d", rc);
385 msleep(3000);
386 } else {
387 atomic_inc(&tcpSesReconnectCount);
388 spin_lock(&GlobalMid_Lock);
389 if (server->tcpStatus != CifsExiting)
390 server->tcpStatus = CifsNeedNegotiate;
391 spin_unlock(&GlobalMid_Lock);
392 }
393 } while (server->tcpStatus == CifsNeedReconnect);
394
395 return rc;
396}
397
398/*
399 return codes:
400 0 not a transact2, or all data present
401 >0 transact2 with that much data missing
402 -EINVAL = invalid transact2
403
404 */
405static int check2ndT2(char *buf)
406{
407 struct smb_hdr *pSMB = (struct smb_hdr *)buf;
408 struct smb_t2_rsp *pSMBt;
409 int remaining;
410 __u16 total_data_size, data_in_this_rsp;
411
412 if (pSMB->Command != SMB_COM_TRANSACTION2)
413 return 0;
414
415 /* check for plausible wct, bcc and t2 data and parm sizes */
416 /* check for parm and data offset going beyond end of smb */
417 if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
418 cFYI(1, "invalid transact2 word count");
419 return -EINVAL;
420 }
421
422 pSMBt = (struct smb_t2_rsp *)pSMB;
423
424 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
425 data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
426
427 if (total_data_size == data_in_this_rsp)
428 return 0;
429 else if (total_data_size < data_in_this_rsp) {
430 cFYI(1, "total data %d smaller than data in frame %d",
431 total_data_size, data_in_this_rsp);
432 return -EINVAL;
433 }
434
435 remaining = total_data_size - data_in_this_rsp;
436
437 cFYI(1, "missing %d bytes from transact2, check next response",
438 remaining);
439 if (total_data_size > CIFSMaxBufSize) {
440 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
441 total_data_size, CIFSMaxBufSize);
442 return -EINVAL;
443 }
444 return remaining;
445}
446
447static int coalesce_t2(char *second_buf, struct smb_hdr *target_hdr)
448{
449 struct smb_t2_rsp *pSMBs = (struct smb_t2_rsp *)second_buf;
450 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)target_hdr;
451 char *data_area_of_tgt;
452 char *data_area_of_src;
453 int remaining;
454 unsigned int byte_count, total_in_tgt;
455 __u16 tgt_total_cnt, src_total_cnt, total_in_src;
456
457 src_total_cnt = get_unaligned_le16(&pSMBs->t2_rsp.TotalDataCount);
458 tgt_total_cnt = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
459
460 if (tgt_total_cnt != src_total_cnt)
461 cFYI(1, "total data count of primary and secondary t2 differ "
462 "source=%hu target=%hu", src_total_cnt, tgt_total_cnt);
463
464 total_in_tgt = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
465
466 remaining = tgt_total_cnt - total_in_tgt;
467
468 if (remaining < 0) {
469 cFYI(1, "Server sent too much data. tgt_total_cnt=%hu "
470 "total_in_tgt=%hu", tgt_total_cnt, total_in_tgt);
471 return -EPROTO;
472 }
473
474 if (remaining == 0) {
475 /* nothing to do, ignore */
476 cFYI(1, "no more data remains");
477 return 0;
478 }
479
480 total_in_src = get_unaligned_le16(&pSMBs->t2_rsp.DataCount);
481 if (remaining < total_in_src)
482 cFYI(1, "transact2 2nd response contains too much data");
483
484 /* find end of first SMB data area */
485 data_area_of_tgt = (char *)&pSMBt->hdr.Protocol +
486 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
487
488 /* validate target area */
489 data_area_of_src = (char *)&pSMBs->hdr.Protocol +
490 get_unaligned_le16(&pSMBs->t2_rsp.DataOffset);
491
492 data_area_of_tgt += total_in_tgt;
493
494 total_in_tgt += total_in_src;
495 /* is the result too big for the field? */
496 if (total_in_tgt > USHRT_MAX) {
497 cFYI(1, "coalesced DataCount too large (%u)", total_in_tgt);
498 return -EPROTO;
499 }
500 put_unaligned_le16(total_in_tgt, &pSMBt->t2_rsp.DataCount);
501
502 /* fix up the BCC */
503 byte_count = get_bcc(target_hdr);
504 byte_count += total_in_src;
505 /* is the result too big for the field? */
506 if (byte_count > USHRT_MAX) {
507 cFYI(1, "coalesced BCC too large (%u)", byte_count);
508 return -EPROTO;
509 }
510 put_bcc(byte_count, target_hdr);
511
512 byte_count = be32_to_cpu(target_hdr->smb_buf_length);
513 byte_count += total_in_src;
514 /* don't allow buffer to overflow */
515 if (byte_count > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
516 cFYI(1, "coalesced BCC exceeds buffer size (%u)", byte_count);
517 return -ENOBUFS;
518 }
519 target_hdr->smb_buf_length = cpu_to_be32(byte_count);
520
521 /* copy second buffer into end of first buffer */
522 memcpy(data_area_of_tgt, data_area_of_src, total_in_src);
523
524 if (remaining != total_in_src) {
525 /* more responses to go */
526 cFYI(1, "waiting for more secondary responses");
527 return 1;
528 }
529
530 /* we are done */
531 cFYI(1, "found the last secondary response");
532 return 0;
533}
534
535static void
536cifs_echo_request(struct work_struct *work)
537{
538 int rc;
539 struct TCP_Server_Info *server = container_of(work,
540 struct TCP_Server_Info, echo.work);
541
542 /*
543 * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
544 * done, which is indicated by maxBuf != 0. Also, no need to ping if
545 * we got a response recently
546 */
547 if (server->maxBuf == 0 ||
548 time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
549 goto requeue_echo;
550
551 rc = CIFSSMBEcho(server);
552 if (rc)
553 cFYI(1, "Unable to send echo request to server: %s",
554 server->hostname);
555
556requeue_echo:
557 queue_delayed_work(cifsiod_wq, &server->echo, SMB_ECHO_INTERVAL);
558}
559
560static bool
561allocate_buffers(struct TCP_Server_Info *server)
562{
563 if (!server->bigbuf) {
564 server->bigbuf = (char *)cifs_buf_get();
565 if (!server->bigbuf) {
566 cERROR(1, "No memory for large SMB response");
567 msleep(3000);
568 /* retry will check if exiting */
569 return false;
570 }
571 } else if (server->large_buf) {
572 /* we are reusing a dirty large buf, clear its start */
573 memset(server->bigbuf, 0, HEADER_SIZE(server));
574 }
575
576 if (!server->smallbuf) {
577 server->smallbuf = (char *)cifs_small_buf_get();
578 if (!server->smallbuf) {
579 cERROR(1, "No memory for SMB response");
580 msleep(1000);
581 /* retry will check if exiting */
582 return false;
583 }
584 /* beginning of smb buffer is cleared in our buf_get */
585 } else {
586 /* if existing small buf clear beginning */
587 memset(server->smallbuf, 0, HEADER_SIZE(server));
588 }
589
590 return true;
591}
592
593static bool
594server_unresponsive(struct TCP_Server_Info *server)
595{
596 /*
597 * We need to wait 2 echo intervals to make sure we handle such
598 * situations right:
599 * 1s client sends a normal SMB request
600 * 2s client gets a response
601 * 30s echo workqueue job pops, and decides we got a response recently
602 * and don't need to send another
603 * ...
604 * 65s kernel_recvmsg times out, and we see that we haven't gotten
605 * a response in >60s.
606 */
607 if (server->tcpStatus == CifsGood &&
608 time_after(jiffies, server->lstrp + 2 * SMB_ECHO_INTERVAL)) {
609 cERROR(1, "Server %s has not responded in %d seconds. "
610 "Reconnecting...", server->hostname,
611 (2 * SMB_ECHO_INTERVAL) / HZ);
612 cifs_reconnect(server);
613 wake_up(&server->response_q);
614 return true;
615 }
616
617 return false;
618}
619
620/*
621 * kvec_array_init - clone a kvec array, and advance into it
622 * @new: pointer to memory for cloned array
623 * @iov: pointer to original array
624 * @nr_segs: number of members in original array
625 * @bytes: number of bytes to advance into the cloned array
626 *
627 * This function will copy the array provided in iov to a section of memory
628 * and advance the specified number of bytes into the new array. It returns
629 * the number of segments in the new array. "new" must be at least as big as
630 * the original iov array.
631 */
632static unsigned int
633kvec_array_init(struct kvec *new, struct kvec *iov, unsigned int nr_segs,
634 size_t bytes)
635{
636 size_t base = 0;
637
638 while (bytes || !iov->iov_len) {
639 int copy = min(bytes, iov->iov_len);
640
641 bytes -= copy;
642 base += copy;
643 if (iov->iov_len == base) {
644 iov++;
645 nr_segs--;
646 base = 0;
647 }
648 }
649 memcpy(new, iov, sizeof(*iov) * nr_segs);
650 new->iov_base += base;
651 new->iov_len -= base;
652 return nr_segs;
653}
654
655static struct kvec *
656get_server_iovec(struct TCP_Server_Info *server, unsigned int nr_segs)
657{
658 struct kvec *new_iov;
659
660 if (server->iov && nr_segs <= server->nr_iov)
661 return server->iov;
662
663 /* not big enough -- allocate a new one and release the old */
664 new_iov = kmalloc(sizeof(*new_iov) * nr_segs, GFP_NOFS);
665 if (new_iov) {
666 kfree(server->iov);
667 server->iov = new_iov;
668 server->nr_iov = nr_segs;
669 }
670 return new_iov;
671}
672
673int
674cifs_readv_from_socket(struct TCP_Server_Info *server, struct kvec *iov_orig,
675 unsigned int nr_segs, unsigned int to_read)
676{
677 int length = 0;
678 int total_read;
679 unsigned int segs;
680 struct msghdr smb_msg;
681 struct kvec *iov;
682
683 iov = get_server_iovec(server, nr_segs);
684 if (!iov)
685 return -ENOMEM;
686
687 smb_msg.msg_control = NULL;
688 smb_msg.msg_controllen = 0;
689
690 for (total_read = 0; to_read; total_read += length, to_read -= length) {
691 try_to_freeze();
692
693 if (server_unresponsive(server)) {
694 total_read = -EAGAIN;
695 break;
696 }
697
698 segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
699
700 length = kernel_recvmsg(server->ssocket, &smb_msg,
701 iov, segs, to_read, 0);
702
703 if (server->tcpStatus == CifsExiting) {
704 total_read = -ESHUTDOWN;
705 break;
706 } else if (server->tcpStatus == CifsNeedReconnect) {
707 cifs_reconnect(server);
708 total_read = -EAGAIN;
709 break;
710 } else if (length == -ERESTARTSYS ||
711 length == -EAGAIN ||
712 length == -EINTR) {
713 /*
714 * Minimum sleep to prevent looping, allowing socket
715 * to clear and app threads to set tcpStatus
716 * CifsNeedReconnect if server hung.
717 */
718 usleep_range(1000, 2000);
719 length = 0;
720 continue;
721 } else if (length <= 0) {
722 cFYI(1, "Received no data or error: expecting %d "
723 "got %d", to_read, length);
724 cifs_reconnect(server);
725 total_read = -EAGAIN;
726 break;
727 }
728 }
729 return total_read;
730}
731
732int
733cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
734 unsigned int to_read)
735{
736 struct kvec iov;
737
738 iov.iov_base = buf;
739 iov.iov_len = to_read;
740
741 return cifs_readv_from_socket(server, &iov, 1, to_read);
742}
743
744static bool
745is_smb_response(struct TCP_Server_Info *server, unsigned char type)
746{
747 /*
748 * The first byte big endian of the length field,
749 * is actually not part of the length but the type
750 * with the most common, zero, as regular data.
751 */
752 switch (type) {
753 case RFC1002_SESSION_MESSAGE:
754 /* Regular SMB response */
755 return true;
756 case RFC1002_SESSION_KEEP_ALIVE:
757 cFYI(1, "RFC 1002 session keep alive");
758 break;
759 case RFC1002_POSITIVE_SESSION_RESPONSE:
760 cFYI(1, "RFC 1002 positive session response");
761 break;
762 case RFC1002_NEGATIVE_SESSION_RESPONSE:
763 /*
764 * We get this from Windows 98 instead of an error on
765 * SMB negprot response.
766 */
767 cFYI(1, "RFC 1002 negative session response");
768 /* give server a second to clean up */
769 msleep(1000);
770 /*
771 * Always try 445 first on reconnect since we get NACK
772 * on some if we ever connected to port 139 (the NACK
773 * is since we do not begin with RFC1001 session
774 * initialize frame).
775 */
776 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
777 cifs_reconnect(server);
778 wake_up(&server->response_q);
779 break;
780 default:
781 cERROR(1, "RFC 1002 unknown response type 0x%x", type);
782 cifs_reconnect(server);
783 }
784
785 return false;
786}
787
788void
789dequeue_mid(struct mid_q_entry *mid, bool malformed)
790{
791#ifdef CONFIG_CIFS_STATS2
792 mid->when_received = jiffies;
793#endif
794 spin_lock(&GlobalMid_Lock);
795 if (!malformed)
796 mid->mid_state = MID_RESPONSE_RECEIVED;
797 else
798 mid->mid_state = MID_RESPONSE_MALFORMED;
799 list_del_init(&mid->qhead);
800 spin_unlock(&GlobalMid_Lock);
801}
802
803static void
804handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
805 char *buf, int malformed)
806{
807 if (malformed == 0 && check2ndT2(buf) > 0) {
808 mid->multiRsp = true;
809 if (mid->resp_buf) {
810 /* merge response - fix up 1st*/
811 malformed = coalesce_t2(buf, mid->resp_buf);
812 if (malformed > 0)
813 return;
814
815 /* All parts received or packet is malformed. */
816 mid->multiEnd = true;
817 return dequeue_mid(mid, malformed);
818 }
819 if (!server->large_buf) {
820 /*FIXME: switch to already allocated largebuf?*/
821 cERROR(1, "1st trans2 resp needs bigbuf");
822 } else {
823 /* Have first buffer */
824 mid->resp_buf = buf;
825 mid->large_buf = true;
826 server->bigbuf = NULL;
827 }
828 return;
829 }
830 mid->resp_buf = buf;
831 mid->large_buf = server->large_buf;
832 /* Was previous buf put in mpx struct for multi-rsp? */
833 if (!mid->multiRsp) {
834 /* smb buffer will be freed by user thread */
835 if (server->large_buf)
836 server->bigbuf = NULL;
837 else
838 server->smallbuf = NULL;
839 }
840 dequeue_mid(mid, malformed);
841}
842
843static void clean_demultiplex_info(struct TCP_Server_Info *server)
844{
845 int length;
846
847 /* take it off the list, if it's not already */
848 spin_lock(&cifs_tcp_ses_lock);
849 list_del_init(&server->tcp_ses_list);
850 spin_unlock(&cifs_tcp_ses_lock);
851
852 spin_lock(&GlobalMid_Lock);
853 server->tcpStatus = CifsExiting;
854 spin_unlock(&GlobalMid_Lock);
855 wake_up_all(&server->response_q);
856
857 /* check if we have blocked requests that need to free */
858 spin_lock(&server->req_lock);
859 if (server->credits <= 0)
860 server->credits = 1;
861 spin_unlock(&server->req_lock);
862 /*
863 * Although there should not be any requests blocked on this queue it
864 * can not hurt to be paranoid and try to wake up requests that may
865 * haven been blocked when more than 50 at time were on the wire to the
866 * same server - they now will see the session is in exit state and get
867 * out of SendReceive.
868 */
869 wake_up_all(&server->request_q);
870 /* give those requests time to exit */
871 msleep(125);
872
873 if (server->ssocket) {
874 sock_release(server->ssocket);
875 server->ssocket = NULL;
876 }
877
878 if (!list_empty(&server->pending_mid_q)) {
879 struct list_head dispose_list;
880 struct mid_q_entry *mid_entry;
881 struct list_head *tmp, *tmp2;
882
883 INIT_LIST_HEAD(&dispose_list);
884 spin_lock(&GlobalMid_Lock);
885 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
886 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
887 cFYI(1, "Clearing mid 0x%llx", mid_entry->mid);
888 mid_entry->mid_state = MID_SHUTDOWN;
889 list_move(&mid_entry->qhead, &dispose_list);
890 }
891 spin_unlock(&GlobalMid_Lock);
892
893 /* now walk dispose list and issue callbacks */
894 list_for_each_safe(tmp, tmp2, &dispose_list) {
895 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
896 cFYI(1, "Callback mid 0x%llx", mid_entry->mid);
897 list_del_init(&mid_entry->qhead);
898 mid_entry->callback(mid_entry);
899 }
900 /* 1/8th of sec is more than enough time for them to exit */
901 msleep(125);
902 }
903
904 if (!list_empty(&server->pending_mid_q)) {
905 /*
906 * mpx threads have not exited yet give them at least the smb
907 * send timeout time for long ops.
908 *
909 * Due to delays on oplock break requests, we need to wait at
910 * least 45 seconds before giving up on a request getting a
911 * response and going ahead and killing cifsd.
912 */
913 cFYI(1, "Wait for exit from demultiplex thread");
914 msleep(46000);
915 /*
916 * If threads still have not exited they are probably never
917 * coming home not much else we can do but free the memory.
918 */
919 }
920
921 kfree(server->hostname);
922 kfree(server->iov);
923 kfree(server);
924
925 length = atomic_dec_return(&tcpSesAllocCount);
926 if (length > 0)
927 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
928 GFP_KERNEL);
929}
930
931static int
932standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
933{
934 int length;
935 char *buf = server->smallbuf;
936 unsigned int pdu_length = get_rfc1002_length(buf);
937
938 /* make sure this will fit in a large buffer */
939 if (pdu_length > CIFSMaxBufSize + MAX_HEADER_SIZE(server) - 4) {
940 cERROR(1, "SMB response too long (%u bytes)",
941 pdu_length);
942 cifs_reconnect(server);
943 wake_up(&server->response_q);
944 return -EAGAIN;
945 }
946
947 /* switch to large buffer if too big for a small one */
948 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
949 server->large_buf = true;
950 memcpy(server->bigbuf, buf, server->total_read);
951 buf = server->bigbuf;
952 }
953
954 /* now read the rest */
955 length = cifs_read_from_socket(server, buf + HEADER_SIZE(server) - 1,
956 pdu_length - HEADER_SIZE(server) + 1 + 4);
957 if (length < 0)
958 return length;
959 server->total_read += length;
960
961 dump_smb(buf, server->total_read);
962
963 /*
964 * We know that we received enough to get to the MID as we
965 * checked the pdu_length earlier. Now check to see
966 * if the rest of the header is OK. We borrow the length
967 * var for the rest of the loop to avoid a new stack var.
968 *
969 * 48 bytes is enough to display the header and a little bit
970 * into the payload for debugging purposes.
971 */
972 length = server->ops->check_message(buf, server->total_read);
973 if (length != 0)
974 cifs_dump_mem("Bad SMB: ", buf,
975 min_t(unsigned int, server->total_read, 48));
976
977 if (!mid)
978 return length;
979
980 handle_mid(mid, server, buf, length);
981 return 0;
982}
983
984static int
985cifs_demultiplex_thread(void *p)
986{
987 int length;
988 struct TCP_Server_Info *server = p;
989 unsigned int pdu_length;
990 char *buf = NULL;
991 struct task_struct *task_to_wake = NULL;
992 struct mid_q_entry *mid_entry;
993
994 current->flags |= PF_MEMALLOC;
995 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
996
997 length = atomic_inc_return(&tcpSesAllocCount);
998 if (length > 1)
999 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
1000 GFP_KERNEL);
1001
1002 set_freezable();
1003 while (server->tcpStatus != CifsExiting) {
1004 if (try_to_freeze())
1005 continue;
1006
1007 if (!allocate_buffers(server))
1008 continue;
1009
1010 server->large_buf = false;
1011 buf = server->smallbuf;
1012 pdu_length = 4; /* enough to get RFC1001 header */
1013
1014 length = cifs_read_from_socket(server, buf, pdu_length);
1015 if (length < 0)
1016 continue;
1017 server->total_read = length;
1018
1019 /*
1020 * The right amount was read from socket - 4 bytes,
1021 * so we can now interpret the length field.
1022 */
1023 pdu_length = get_rfc1002_length(buf);
1024
1025 cFYI(1, "RFC1002 header 0x%x", pdu_length);
1026 if (!is_smb_response(server, buf[0]))
1027 continue;
1028
1029 /* make sure we have enough to get to the MID */
1030 if (pdu_length < HEADER_SIZE(server) - 1 - 4) {
1031 cERROR(1, "SMB response too short (%u bytes)",
1032 pdu_length);
1033 cifs_reconnect(server);
1034 wake_up(&server->response_q);
1035 continue;
1036 }
1037
1038 /* read down to the MID */
1039 length = cifs_read_from_socket(server, buf + 4,
1040 HEADER_SIZE(server) - 1 - 4);
1041 if (length < 0)
1042 continue;
1043 server->total_read += length;
1044
1045 mid_entry = server->ops->find_mid(server, buf);
1046
1047 if (!mid_entry || !mid_entry->receive)
1048 length = standard_receive3(server, mid_entry);
1049 else
1050 length = mid_entry->receive(server, mid_entry);
1051
1052 if (length < 0)
1053 continue;
1054
1055 if (server->large_buf)
1056 buf = server->bigbuf;
1057
1058 server->lstrp = jiffies;
1059 if (mid_entry != NULL) {
1060 if (!mid_entry->multiRsp || mid_entry->multiEnd)
1061 mid_entry->callback(mid_entry);
1062 } else if (!server->ops->is_oplock_break ||
1063 !server->ops->is_oplock_break(buf, server)) {
1064 cERROR(1, "No task to wake, unknown frame received! "
1065 "NumMids %d", atomic_read(&midCount));
1066 cifs_dump_mem("Received Data is: ", buf,
1067 HEADER_SIZE(server));
1068#ifdef CONFIG_CIFS_DEBUG2
1069 if (server->ops->dump_detail)
1070 server->ops->dump_detail(buf);
1071 cifs_dump_mids(server);
1072#endif /* CIFS_DEBUG2 */
1073
1074 }
1075 } /* end while !EXITING */
1076
1077 /* buffer usually freed in free_mid - need to free it here on exit */
1078 cifs_buf_release(server->bigbuf);
1079 if (server->smallbuf) /* no sense logging a debug message if NULL */
1080 cifs_small_buf_release(server->smallbuf);
1081
1082 task_to_wake = xchg(&server->tsk, NULL);
1083 clean_demultiplex_info(server);
1084
1085 /* if server->tsk was NULL then wait for a signal before exiting */
1086 if (!task_to_wake) {
1087 set_current_state(TASK_INTERRUPTIBLE);
1088 while (!signal_pending(current)) {
1089 schedule();
1090 set_current_state(TASK_INTERRUPTIBLE);
1091 }
1092 set_current_state(TASK_RUNNING);
1093 }
1094
1095 module_put_and_exit(0);
1096}
1097
1098/* extract the host portion of the UNC string */
1099static char *
1100extract_hostname(const char *unc)
1101{
1102 const char *src;
1103 char *dst, *delim;
1104 unsigned int len;
1105
1106 /* skip double chars at beginning of string */
1107 /* BB: check validity of these bytes? */
1108 src = unc + 2;
1109
1110 /* delimiter between hostname and sharename is always '\\' now */
1111 delim = strchr(src, '\\');
1112 if (!delim)
1113 return ERR_PTR(-EINVAL);
1114
1115 len = delim - src;
1116 dst = kmalloc((len + 1), GFP_KERNEL);
1117 if (dst == NULL)
1118 return ERR_PTR(-ENOMEM);
1119
1120 memcpy(dst, src, len);
1121 dst[len] = '\0';
1122
1123 return dst;
1124}
1125
1126static int get_option_ul(substring_t args[], unsigned long *option)
1127{
1128 int rc;
1129 char *string;
1130
1131 string = match_strdup(args);
1132 if (string == NULL)
1133 return -ENOMEM;
1134 rc = kstrtoul(string, 0, option);
1135 kfree(string);
1136
1137 return rc;
1138}
1139
1140
1141static int cifs_parse_security_flavors(char *value,
1142 struct smb_vol *vol)
1143{
1144
1145 substring_t args[MAX_OPT_ARGS];
1146
1147 switch (match_token(value, cifs_secflavor_tokens, args)) {
1148 case Opt_sec_krb5:
1149 vol->secFlg |= CIFSSEC_MAY_KRB5;
1150 break;
1151 case Opt_sec_krb5i:
1152 vol->secFlg |= CIFSSEC_MAY_KRB5 | CIFSSEC_MUST_SIGN;
1153 break;
1154 case Opt_sec_krb5p:
1155 /* vol->secFlg |= CIFSSEC_MUST_SEAL | CIFSSEC_MAY_KRB5; */
1156 cERROR(1, "Krb5 cifs privacy not supported");
1157 break;
1158 case Opt_sec_ntlmssp:
1159 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
1160 break;
1161 case Opt_sec_ntlmsspi:
1162 vol->secFlg |= CIFSSEC_MAY_NTLMSSP | CIFSSEC_MUST_SIGN;
1163 break;
1164 case Opt_ntlm:
1165 /* ntlm is default so can be turned off too */
1166 vol->secFlg |= CIFSSEC_MAY_NTLM;
1167 break;
1168 case Opt_sec_ntlmi:
1169 vol->secFlg |= CIFSSEC_MAY_NTLM | CIFSSEC_MUST_SIGN;
1170 break;
1171 case Opt_sec_ntlmv2:
1172 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1173 break;
1174 case Opt_sec_ntlmv2i:
1175 vol->secFlg |= CIFSSEC_MAY_NTLMV2 | CIFSSEC_MUST_SIGN;
1176 break;
1177#ifdef CONFIG_CIFS_WEAK_PW_HASH
1178 case Opt_sec_lanman:
1179 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1180 break;
1181#endif
1182 case Opt_sec_none:
1183 vol->nullauth = 1;
1184 break;
1185 default:
1186 cERROR(1, "bad security option: %s", value);
1187 return 1;
1188 }
1189
1190 return 0;
1191}
1192
1193static int
1194cifs_parse_cache_flavor(char *value, struct smb_vol *vol)
1195{
1196 substring_t args[MAX_OPT_ARGS];
1197
1198 switch (match_token(value, cifs_cacheflavor_tokens, args)) {
1199 case Opt_cache_loose:
1200 vol->direct_io = false;
1201 vol->strict_io = false;
1202 break;
1203 case Opt_cache_strict:
1204 vol->direct_io = false;
1205 vol->strict_io = true;
1206 break;
1207 case Opt_cache_none:
1208 vol->direct_io = true;
1209 vol->strict_io = false;
1210 break;
1211 default:
1212 cERROR(1, "bad cache= option: %s", value);
1213 return 1;
1214 }
1215 return 0;
1216}
1217
1218static int
1219cifs_parse_smb_version(char *value, struct smb_vol *vol)
1220{
1221 substring_t args[MAX_OPT_ARGS];
1222
1223 switch (match_token(value, cifs_smb_version_tokens, args)) {
1224 case Smb_1:
1225 vol->ops = &smb1_operations;
1226 vol->vals = &smb1_values;
1227 break;
1228#ifdef CONFIG_CIFS_SMB2
1229 case Smb_21:
1230 vol->ops = &smb21_operations;
1231 vol->vals = &smb21_values;
1232 break;
1233#endif
1234 default:
1235 cERROR(1, "Unknown vers= option specified: %s", value);
1236 return 1;
1237 }
1238 return 0;
1239}
1240
1241static int
1242cifs_parse_mount_options(const char *mountdata, const char *devname,
1243 struct smb_vol *vol)
1244{
1245 char *data, *end;
1246 char *mountdata_copy = NULL, *options;
1247 unsigned int temp_len, i, j;
1248 char separator[2];
1249 short int override_uid = -1;
1250 short int override_gid = -1;
1251 bool uid_specified = false;
1252 bool gid_specified = false;
1253 bool sloppy = false;
1254 char *invalid = NULL;
1255 char *nodename = utsname()->nodename;
1256 char *string = NULL;
1257 char *tmp_end, *value;
1258 char delim;
1259 bool cache_specified = false;
1260 static bool cache_warned = false;
1261
1262 separator[0] = ',';
1263 separator[1] = 0;
1264 delim = separator[0];
1265
1266 /*
1267 * does not have to be perfect mapping since field is
1268 * informational, only used for servers that do not support
1269 * port 445 and it can be overridden at mount time
1270 */
1271 memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1272 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1273 vol->source_rfc1001_name[i] = toupper(nodename[i]);
1274
1275 vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1276 /* null target name indicates to use *SMBSERVR default called name
1277 if we end up sending RFC1001 session initialize */
1278 vol->target_rfc1001_name[0] = 0;
1279 vol->cred_uid = current_uid();
1280 vol->linux_uid = current_uid();
1281 vol->linux_gid = current_gid();
1282
1283 /* default to only allowing write access to owner of the mount */
1284 vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1285
1286 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1287 /* default is always to request posix paths. */
1288 vol->posix_paths = 1;
1289 /* default to using server inode numbers where available */
1290 vol->server_ino = 1;
1291
1292 vol->actimeo = CIFS_DEF_ACTIMEO;
1293
1294 /* FIXME: add autonegotiation -- for now, SMB1 is default */
1295 vol->ops = &smb1_operations;
1296 vol->vals = &smb1_values;
1297
1298 if (!mountdata)
1299 goto cifs_parse_mount_err;
1300
1301 mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
1302 if (!mountdata_copy)
1303 goto cifs_parse_mount_err;
1304
1305 options = mountdata_copy;
1306 end = options + strlen(options);
1307
1308 if (strncmp(options, "sep=", 4) == 0) {
1309 if (options[4] != 0) {
1310 separator[0] = options[4];
1311 options += 5;
1312 } else {
1313 cFYI(1, "Null separator not allowed");
1314 }
1315 }
1316 vol->backupuid_specified = false; /* no backup intent for a user */
1317 vol->backupgid_specified = false; /* no backup intent for a group */
1318
1319 while ((data = strsep(&options, separator)) != NULL) {
1320 substring_t args[MAX_OPT_ARGS];
1321 unsigned long option;
1322 int token;
1323
1324 if (!*data)
1325 continue;
1326
1327 token = match_token(data, cifs_mount_option_tokens, args);
1328
1329 switch (token) {
1330
1331 /* Ingnore the following */
1332 case Opt_ignore:
1333 break;
1334
1335 /* Boolean values */
1336 case Opt_user_xattr:
1337 vol->no_xattr = 0;
1338 break;
1339 case Opt_nouser_xattr:
1340 vol->no_xattr = 1;
1341 break;
1342 case Opt_forceuid:
1343 override_uid = 1;
1344 break;
1345 case Opt_noforceuid:
1346 override_uid = 0;
1347 break;
1348 case Opt_noblocksend:
1349 vol->noblocksnd = 1;
1350 break;
1351 case Opt_noautotune:
1352 vol->noautotune = 1;
1353 break;
1354 case Opt_hard:
1355 vol->retry = 1;
1356 break;
1357 case Opt_soft:
1358 vol->retry = 0;
1359 break;
1360 case Opt_perm:
1361 vol->noperm = 0;
1362 break;
1363 case Opt_noperm:
1364 vol->noperm = 1;
1365 break;
1366 case Opt_mapchars:
1367 vol->remap = 1;
1368 break;
1369 case Opt_nomapchars:
1370 vol->remap = 0;
1371 break;
1372 case Opt_sfu:
1373 vol->sfu_emul = 1;
1374 break;
1375 case Opt_nosfu:
1376 vol->sfu_emul = 0;
1377 break;
1378 case Opt_nodfs:
1379 vol->nodfs = 1;
1380 break;
1381 case Opt_posixpaths:
1382 vol->posix_paths = 1;
1383 break;
1384 case Opt_noposixpaths:
1385 vol->posix_paths = 0;
1386 break;
1387 case Opt_nounix:
1388 vol->no_linux_ext = 1;
1389 break;
1390 case Opt_nocase:
1391 vol->nocase = 1;
1392 break;
1393 case Opt_brl:
1394 vol->nobrl = 0;
1395 break;
1396 case Opt_nobrl:
1397 vol->nobrl = 1;
1398 /*
1399 * turn off mandatory locking in mode
1400 * if remote locking is turned off since the
1401 * local vfs will do advisory
1402 */
1403 if (vol->file_mode ==
1404 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1405 vol->file_mode = S_IALLUGO;
1406 break;
1407 case Opt_forcemandatorylock:
1408 vol->mand_lock = 1;
1409 break;
1410 case Opt_setuids:
1411 vol->setuids = 1;
1412 break;
1413 case Opt_nosetuids:
1414 vol->setuids = 0;
1415 break;
1416 case Opt_dynperm:
1417 vol->dynperm = true;
1418 break;
1419 case Opt_nodynperm:
1420 vol->dynperm = false;
1421 break;
1422 case Opt_nohard:
1423 vol->retry = 0;
1424 break;
1425 case Opt_nosoft:
1426 vol->retry = 1;
1427 break;
1428 case Opt_nointr:
1429 vol->intr = 0;
1430 break;
1431 case Opt_intr:
1432 vol->intr = 1;
1433 break;
1434 case Opt_nostrictsync:
1435 vol->nostrictsync = 1;
1436 break;
1437 case Opt_strictsync:
1438 vol->nostrictsync = 0;
1439 break;
1440 case Opt_serverino:
1441 vol->server_ino = 1;
1442 break;
1443 case Opt_noserverino:
1444 vol->server_ino = 0;
1445 break;
1446 case Opt_rwpidforward:
1447 vol->rwpidforward = 1;
1448 break;
1449 case Opt_cifsacl:
1450 vol->cifs_acl = 1;
1451 break;
1452 case Opt_nocifsacl:
1453 vol->cifs_acl = 0;
1454 break;
1455 case Opt_acl:
1456 vol->no_psx_acl = 0;
1457 break;
1458 case Opt_noacl:
1459 vol->no_psx_acl = 1;
1460 break;
1461 case Opt_locallease:
1462 vol->local_lease = 1;
1463 break;
1464 case Opt_sign:
1465 vol->secFlg |= CIFSSEC_MUST_SIGN;
1466 break;
1467 case Opt_seal:
1468 /* we do not do the following in secFlags because seal
1469 * is a per tree connection (mount) not a per socket
1470 * or per-smb connection option in the protocol
1471 * vol->secFlg |= CIFSSEC_MUST_SEAL;
1472 */
1473 vol->seal = 1;
1474 break;
1475 case Opt_direct:
1476 cache_specified = true;
1477 vol->direct_io = true;
1478 vol->strict_io = false;
1479 cERROR(1, "The \"directio\" option will be removed in "
1480 "3.7. Please switch to the \"cache=none\" "
1481 "option.");
1482 break;
1483 case Opt_strictcache:
1484 cache_specified = true;
1485 vol->direct_io = false;
1486 vol->strict_io = true;
1487 cERROR(1, "The \"strictcache\" option will be removed "
1488 "in 3.7. Please switch to the \"cache=strict\" "
1489 "option.");
1490 break;
1491 case Opt_noac:
1492 printk(KERN_WARNING "CIFS: Mount option noac not "
1493 "supported. Instead set "
1494 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1495 break;
1496 case Opt_fsc:
1497#ifndef CONFIG_CIFS_FSCACHE
1498 cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
1499 "kernel config option set");
1500 goto cifs_parse_mount_err;
1501#endif
1502 vol->fsc = true;
1503 break;
1504 case Opt_mfsymlinks:
1505 vol->mfsymlinks = true;
1506 break;
1507 case Opt_multiuser:
1508 vol->multiuser = true;
1509 break;
1510 case Opt_sloppy:
1511 sloppy = true;
1512 break;
1513
1514 /* Numeric Values */
1515 case Opt_backupuid:
1516 if (get_option_ul(args, &option)) {
1517 cERROR(1, "%s: Invalid backupuid value",
1518 __func__);
1519 goto cifs_parse_mount_err;
1520 }
1521 vol->backupuid = option;
1522 vol->backupuid_specified = true;
1523 break;
1524 case Opt_backupgid:
1525 if (get_option_ul(args, &option)) {
1526 cERROR(1, "%s: Invalid backupgid value",
1527 __func__);
1528 goto cifs_parse_mount_err;
1529 }
1530 vol->backupgid = option;
1531 vol->backupgid_specified = true;
1532 break;
1533 case Opt_uid:
1534 if (get_option_ul(args, &option)) {
1535 cERROR(1, "%s: Invalid uid value",
1536 __func__);
1537 goto cifs_parse_mount_err;
1538 }
1539 vol->linux_uid = option;
1540 uid_specified = true;
1541 break;
1542 case Opt_cruid:
1543 if (get_option_ul(args, &option)) {
1544 cERROR(1, "%s: Invalid cruid value",
1545 __func__);
1546 goto cifs_parse_mount_err;
1547 }
1548 vol->cred_uid = option;
1549 break;
1550 case Opt_gid:
1551 if (get_option_ul(args, &option)) {
1552 cERROR(1, "%s: Invalid gid value",
1553 __func__);
1554 goto cifs_parse_mount_err;
1555 }
1556 vol->linux_gid = option;
1557 gid_specified = true;
1558 break;
1559 case Opt_file_mode:
1560 if (get_option_ul(args, &option)) {
1561 cERROR(1, "%s: Invalid file_mode value",
1562 __func__);
1563 goto cifs_parse_mount_err;
1564 }
1565 vol->file_mode = option;
1566 break;
1567 case Opt_dirmode:
1568 if (get_option_ul(args, &option)) {
1569 cERROR(1, "%s: Invalid dir_mode value",
1570 __func__);
1571 goto cifs_parse_mount_err;
1572 }
1573 vol->dir_mode = option;
1574 break;
1575 case Opt_port:
1576 if (get_option_ul(args, &option)) {
1577 cERROR(1, "%s: Invalid port value",
1578 __func__);
1579 goto cifs_parse_mount_err;
1580 }
1581 vol->port = option;
1582 break;
1583 case Opt_rsize:
1584 if (get_option_ul(args, &option)) {
1585 cERROR(1, "%s: Invalid rsize value",
1586 __func__);
1587 goto cifs_parse_mount_err;
1588 }
1589 vol->rsize = option;
1590 break;
1591 case Opt_wsize:
1592 if (get_option_ul(args, &option)) {
1593 cERROR(1, "%s: Invalid wsize value",
1594 __func__);
1595 goto cifs_parse_mount_err;
1596 }
1597 vol->wsize = option;
1598 break;
1599 case Opt_actimeo:
1600 if (get_option_ul(args, &option)) {
1601 cERROR(1, "%s: Invalid actimeo value",
1602 __func__);
1603 goto cifs_parse_mount_err;
1604 }
1605 vol->actimeo = HZ * option;
1606 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1607 cERROR(1, "CIFS: attribute cache"
1608 "timeout too large");
1609 goto cifs_parse_mount_err;
1610 }
1611 break;
1612
1613 /* String Arguments */
1614
1615 case Opt_blank_user:
1616 /* null user, ie. anonymous authentication */
1617 vol->nullauth = 1;
1618 vol->username = NULL;
1619 break;
1620 case Opt_user:
1621 string = match_strdup(args);
1622 if (string == NULL)
1623 goto out_nomem;
1624
1625 if (strnlen(string, MAX_USERNAME_SIZE) >
1626 MAX_USERNAME_SIZE) {
1627 printk(KERN_WARNING "CIFS: username too long\n");
1628 goto cifs_parse_mount_err;
1629 }
1630 vol->username = kstrdup(string, GFP_KERNEL);
1631 if (!vol->username) {
1632 printk(KERN_WARNING "CIFS: no memory "
1633 "for username\n");
1634 goto cifs_parse_mount_err;
1635 }
1636 break;
1637 case Opt_blank_pass:
1638 vol->password = NULL;
1639 break;
1640 case Opt_pass:
1641 /* passwords have to be handled differently
1642 * to allow the character used for deliminator
1643 * to be passed within them
1644 */
1645
1646 /* Obtain the value string */
1647 value = strchr(data, '=');
1648 value++;
1649
1650 /* Set tmp_end to end of the string */
1651 tmp_end = (char *) value + strlen(value);
1652
1653 /* Check if following character is the deliminator
1654 * If yes, we have encountered a double deliminator
1655 * reset the NULL character to the deliminator
1656 */
1657 if (tmp_end < end && tmp_end[1] == delim) {
1658 tmp_end[0] = delim;
1659
1660 /* Keep iterating until we get to a single
1661 * deliminator OR the end
1662 */
1663 while ((tmp_end = strchr(tmp_end, delim))
1664 != NULL && (tmp_end[1] == delim)) {
1665 tmp_end = (char *) &tmp_end[2];
1666 }
1667
1668 /* Reset var options to point to next element */
1669 if (tmp_end) {
1670 tmp_end[0] = '\0';
1671 options = (char *) &tmp_end[1];
1672 } else
1673 /* Reached the end of the mount option
1674 * string */
1675 options = end;
1676 }
1677
1678 /* Now build new password string */
1679 temp_len = strlen(value);
1680 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
1681 if (vol->password == NULL) {
1682 printk(KERN_WARNING "CIFS: no memory "
1683 "for password\n");
1684 goto cifs_parse_mount_err;
1685 }
1686
1687 for (i = 0, j = 0; i < temp_len; i++, j++) {
1688 vol->password[j] = value[i];
1689 if ((value[i] == delim) &&
1690 value[i+1] == delim)
1691 /* skip the second deliminator */
1692 i++;
1693 }
1694 vol->password[j] = '\0';
1695 break;
1696 case Opt_blank_ip:
1697 vol->UNCip = NULL;
1698 break;
1699 case Opt_ip:
1700 string = match_strdup(args);
1701 if (string == NULL)
1702 goto out_nomem;
1703
1704 if (strnlen(string, INET6_ADDRSTRLEN) >
1705 INET6_ADDRSTRLEN) {
1706 printk(KERN_WARNING "CIFS: ip address "
1707 "too long\n");
1708 goto cifs_parse_mount_err;
1709 }
1710 vol->UNCip = kstrdup(string, GFP_KERNEL);
1711 if (!vol->UNCip) {
1712 printk(KERN_WARNING "CIFS: no memory "
1713 "for UNC IP\n");
1714 goto cifs_parse_mount_err;
1715 }
1716 break;
1717 case Opt_unc:
1718 string = match_strdup(args);
1719 if (string == NULL)
1720 goto out_nomem;
1721
1722 temp_len = strnlen(string, 300);
1723 if (temp_len == 300) {
1724 printk(KERN_WARNING "CIFS: UNC name too long\n");
1725 goto cifs_parse_mount_err;
1726 }
1727
1728 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1729 if (vol->UNC == NULL) {
1730 printk(KERN_WARNING "CIFS: no memory for UNC\n");
1731 goto cifs_parse_mount_err;
1732 }
1733 strcpy(vol->UNC, string);
1734
1735 if (strncmp(string, "//", 2) == 0) {
1736 vol->UNC[0] = '\\';
1737 vol->UNC[1] = '\\';
1738 } else if (strncmp(string, "\\\\", 2) != 0) {
1739 printk(KERN_WARNING "CIFS: UNC Path does not "
1740 "begin with // or \\\\\n");
1741 goto cifs_parse_mount_err;
1742 }
1743
1744 break;
1745 case Opt_domain:
1746 string = match_strdup(args);
1747 if (string == NULL)
1748 goto out_nomem;
1749
1750 if (strnlen(string, 256) == 256) {
1751 printk(KERN_WARNING "CIFS: domain name too"
1752 " long\n");
1753 goto cifs_parse_mount_err;
1754 }
1755
1756 vol->domainname = kstrdup(string, GFP_KERNEL);
1757 if (!vol->domainname) {
1758 printk(KERN_WARNING "CIFS: no memory "
1759 "for domainname\n");
1760 goto cifs_parse_mount_err;
1761 }
1762 cFYI(1, "Domain name set");
1763 break;
1764 case Opt_srcaddr:
1765 string = match_strdup(args);
1766 if (string == NULL)
1767 goto out_nomem;
1768
1769 if (!cifs_convert_address(
1770 (struct sockaddr *)&vol->srcaddr,
1771 string, strlen(string))) {
1772 printk(KERN_WARNING "CIFS: Could not parse"
1773 " srcaddr: %s\n", string);
1774 goto cifs_parse_mount_err;
1775 }
1776 break;
1777 case Opt_prefixpath:
1778 string = match_strdup(args);
1779 if (string == NULL)
1780 goto out_nomem;
1781
1782 temp_len = strnlen(string, 1024);
1783 if (string[0] != '/')
1784 temp_len++; /* missing leading slash */
1785 if (temp_len > 1024) {
1786 printk(KERN_WARNING "CIFS: prefix too long\n");
1787 goto cifs_parse_mount_err;
1788 }
1789
1790 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1791 if (vol->prepath == NULL) {
1792 printk(KERN_WARNING "CIFS: no memory "
1793 "for path prefix\n");
1794 goto cifs_parse_mount_err;
1795 }
1796
1797 if (string[0] != '/') {
1798 vol->prepath[0] = '/';
1799 strcpy(vol->prepath+1, string);
1800 } else
1801 strcpy(vol->prepath, string);
1802
1803 break;
1804 case Opt_iocharset:
1805 string = match_strdup(args);
1806 if (string == NULL)
1807 goto out_nomem;
1808
1809 if (strnlen(string, 1024) >= 65) {
1810 printk(KERN_WARNING "CIFS: iocharset name "
1811 "too long.\n");
1812 goto cifs_parse_mount_err;
1813 }
1814
1815 if (strnicmp(string, "default", 7) != 0) {
1816 vol->iocharset = kstrdup(string,
1817 GFP_KERNEL);
1818 if (!vol->iocharset) {
1819 printk(KERN_WARNING "CIFS: no memory"
1820 "for charset\n");
1821 goto cifs_parse_mount_err;
1822 }
1823 }
1824 /* if iocharset not set then load_nls_default
1825 * is used by caller
1826 */
1827 cFYI(1, "iocharset set to %s", string);
1828 break;
1829 case Opt_sockopt:
1830 string = match_strdup(args);
1831 if (string == NULL)
1832 goto out_nomem;
1833
1834 if (strnicmp(string, "TCP_NODELAY", 11) == 0)
1835 vol->sockopt_tcp_nodelay = 1;
1836 break;
1837 case Opt_netbiosname:
1838 string = match_strdup(args);
1839 if (string == NULL)
1840 goto out_nomem;
1841
1842 memset(vol->source_rfc1001_name, 0x20,
1843 RFC1001_NAME_LEN);
1844 /*
1845 * FIXME: are there cases in which a comma can
1846 * be valid in workstation netbios name (and
1847 * need special handling)?
1848 */
1849 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1850 /* don't ucase netbiosname for user */
1851 if (string[i] == 0)
1852 break;
1853 vol->source_rfc1001_name[i] = string[i];
1854 }
1855 /* The string has 16th byte zero still from
1856 * set at top of the function
1857 */
1858 if (i == RFC1001_NAME_LEN && string[i] != 0)
1859 printk(KERN_WARNING "CIFS: netbiosname"
1860 " longer than 15 truncated.\n");
1861
1862 break;
1863 case Opt_servern:
1864 /* servernetbiosname specified override *SMBSERVER */
1865 string = match_strdup(args);
1866 if (string == NULL)
1867 goto out_nomem;
1868
1869 /* last byte, type, is 0x20 for servr type */
1870 memset(vol->target_rfc1001_name, 0x20,
1871 RFC1001_NAME_LEN_WITH_NULL);
1872
1873 /* BB are there cases in which a comma can be
1874 valid in this workstation netbios name
1875 (and need special handling)? */
1876
1877 /* user or mount helper must uppercase the
1878 netbios name */
1879 for (i = 0; i < 15; i++) {
1880 if (string[i] == 0)
1881 break;
1882 vol->target_rfc1001_name[i] = string[i];
1883 }
1884 /* The string has 16th byte zero still from
1885 set at top of the function */
1886 if (i == RFC1001_NAME_LEN && string[i] != 0)
1887 printk(KERN_WARNING "CIFS: server net"
1888 "biosname longer than 15 truncated.\n");
1889 break;
1890 case Opt_ver:
1891 string = match_strdup(args);
1892 if (string == NULL)
1893 goto out_nomem;
1894
1895 if (strnicmp(string, "1", 1) == 0) {
1896 /* This is the default */
1897 break;
1898 }
1899 /* For all other value, error */
1900 printk(KERN_WARNING "CIFS: Invalid version"
1901 " specified\n");
1902 goto cifs_parse_mount_err;
1903 case Opt_vers:
1904 string = match_strdup(args);
1905 if (string == NULL)
1906 goto out_nomem;
1907
1908 if (cifs_parse_smb_version(string, vol) != 0)
1909 goto cifs_parse_mount_err;
1910 break;
1911 case Opt_sec:
1912 string = match_strdup(args);
1913 if (string == NULL)
1914 goto out_nomem;
1915
1916 if (cifs_parse_security_flavors(string, vol) != 0)
1917 goto cifs_parse_mount_err;
1918 break;
1919 case Opt_cache:
1920 cache_specified = true;
1921 string = match_strdup(args);
1922 if (string == NULL)
1923 goto out_nomem;
1924
1925 if (cifs_parse_cache_flavor(string, vol) != 0)
1926 goto cifs_parse_mount_err;
1927 break;
1928 default:
1929 /*
1930 * An option we don't recognize. Save it off for later
1931 * if we haven't already found one
1932 */
1933 if (!invalid)
1934 invalid = data;
1935 break;
1936 }
1937 /* Free up any allocated string */
1938 kfree(string);
1939 string = NULL;
1940 }
1941
1942 if (!sloppy && invalid) {
1943 printk(KERN_ERR "CIFS: Unknown mount option \"%s\"\n", invalid);
1944 goto cifs_parse_mount_err;
1945 }
1946
1947#ifndef CONFIG_KEYS
1948 /* Muliuser mounts require CONFIG_KEYS support */
1949 if (vol->multiuser) {
1950 cERROR(1, "Multiuser mounts require kernels with "
1951 "CONFIG_KEYS enabled.");
1952 goto cifs_parse_mount_err;
1953 }
1954#endif
1955
1956 if (vol->UNCip == NULL)
1957 vol->UNCip = &vol->UNC[2];
1958
1959 if (uid_specified)
1960 vol->override_uid = override_uid;
1961 else if (override_uid == 1)
1962 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1963 "specified with no uid= option.\n");
1964
1965 if (gid_specified)
1966 vol->override_gid = override_gid;
1967 else if (override_gid == 1)
1968 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1969 "specified with no gid= option.\n");
1970
1971 /* FIXME: remove this block in 3.7 */
1972 if (!cache_specified && !cache_warned) {
1973 cache_warned = true;
1974 printk(KERN_NOTICE "CIFS: no cache= option specified, using "
1975 "\"cache=loose\". This default will change "
1976 "to \"cache=strict\" in 3.7.\n");
1977 }
1978
1979 kfree(mountdata_copy);
1980 return 0;
1981
1982out_nomem:
1983 printk(KERN_WARNING "Could not allocate temporary buffer\n");
1984cifs_parse_mount_err:
1985 kfree(string);
1986 kfree(mountdata_copy);
1987 return 1;
1988}
1989
1990/** Returns true if srcaddr isn't specified and rhs isn't
1991 * specified, or if srcaddr is specified and
1992 * matches the IP address of the rhs argument.
1993 */
1994static bool
1995srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1996{
1997 switch (srcaddr->sa_family) {
1998 case AF_UNSPEC:
1999 return (rhs->sa_family == AF_UNSPEC);
2000 case AF_INET: {
2001 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
2002 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
2003 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
2004 }
2005 case AF_INET6: {
2006 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
2007 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
2008 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
2009 }
2010 default:
2011 WARN_ON(1);
2012 return false; /* don't expect to be here */
2013 }
2014}
2015
2016/*
2017 * If no port is specified in addr structure, we try to match with 445 port
2018 * and if it fails - with 139 ports. It should be called only if address
2019 * families of server and addr are equal.
2020 */
2021static bool
2022match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
2023{
2024 __be16 port, *sport;
2025
2026 switch (addr->sa_family) {
2027 case AF_INET:
2028 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
2029 port = ((struct sockaddr_in *) addr)->sin_port;
2030 break;
2031 case AF_INET6:
2032 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
2033 port = ((struct sockaddr_in6 *) addr)->sin6_port;
2034 break;
2035 default:
2036 WARN_ON(1);
2037 return false;
2038 }
2039
2040 if (!port) {
2041 port = htons(CIFS_PORT);
2042 if (port == *sport)
2043 return true;
2044
2045 port = htons(RFC1001_PORT);
2046 }
2047
2048 return port == *sport;
2049}
2050
2051static bool
2052match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
2053 struct sockaddr *srcaddr)
2054{
2055 switch (addr->sa_family) {
2056 case AF_INET: {
2057 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
2058 struct sockaddr_in *srv_addr4 =
2059 (struct sockaddr_in *)&server->dstaddr;
2060
2061 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
2062 return false;
2063 break;
2064 }
2065 case AF_INET6: {
2066 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
2067 struct sockaddr_in6 *srv_addr6 =
2068 (struct sockaddr_in6 *)&server->dstaddr;
2069
2070 if (!ipv6_addr_equal(&addr6->sin6_addr,
2071 &srv_addr6->sin6_addr))
2072 return false;
2073 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
2074 return false;
2075 break;
2076 }
2077 default:
2078 WARN_ON(1);
2079 return false; /* don't expect to be here */
2080 }
2081
2082 if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
2083 return false;
2084
2085 return true;
2086}
2087
2088static bool
2089match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
2090{
2091 unsigned int secFlags;
2092
2093 if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
2094 secFlags = vol->secFlg;
2095 else
2096 secFlags = global_secflags | vol->secFlg;
2097
2098 switch (server->secType) {
2099 case LANMAN:
2100 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
2101 return false;
2102 break;
2103 case NTLMv2:
2104 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
2105 return false;
2106 break;
2107 case NTLM:
2108 if (!(secFlags & CIFSSEC_MAY_NTLM))
2109 return false;
2110 break;
2111 case Kerberos:
2112 if (!(secFlags & CIFSSEC_MAY_KRB5))
2113 return false;
2114 break;
2115 case RawNTLMSSP:
2116 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
2117 return false;
2118 break;
2119 default:
2120 /* shouldn't happen */
2121 return false;
2122 }
2123
2124 /* now check if signing mode is acceptable */
2125 if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
2126 (server->sec_mode & SECMODE_SIGN_REQUIRED))
2127 return false;
2128 else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
2129 (server->sec_mode &
2130 (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
2131 return false;
2132
2133 return true;
2134}
2135
2136static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
2137 struct smb_vol *vol)
2138{
2139 if ((server->vals != vol->vals) || (server->ops != vol->ops))
2140 return 0;
2141
2142 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
2143 return 0;
2144
2145 if (!match_address(server, addr,
2146 (struct sockaddr *)&vol->srcaddr))
2147 return 0;
2148
2149 if (!match_port(server, addr))
2150 return 0;
2151
2152 if (!match_security(server, vol))
2153 return 0;
2154
2155 return 1;
2156}
2157
2158static struct TCP_Server_Info *
2159cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
2160{
2161 struct TCP_Server_Info *server;
2162
2163 spin_lock(&cifs_tcp_ses_lock);
2164 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
2165 if (!match_server(server, addr, vol))
2166 continue;
2167
2168 ++server->srv_count;
2169 spin_unlock(&cifs_tcp_ses_lock);
2170 cFYI(1, "Existing tcp session with server found");
2171 return server;
2172 }
2173 spin_unlock(&cifs_tcp_ses_lock);
2174 return NULL;
2175}
2176
2177static void
2178cifs_put_tcp_session(struct TCP_Server_Info *server)
2179{
2180 struct task_struct *task;
2181
2182 spin_lock(&cifs_tcp_ses_lock);
2183 if (--server->srv_count > 0) {
2184 spin_unlock(&cifs_tcp_ses_lock);
2185 return;
2186 }
2187
2188 put_net(cifs_net_ns(server));
2189
2190 list_del_init(&server->tcp_ses_list);
2191 spin_unlock(&cifs_tcp_ses_lock);
2192
2193 cancel_delayed_work_sync(&server->echo);
2194
2195 spin_lock(&GlobalMid_Lock);
2196 server->tcpStatus = CifsExiting;
2197 spin_unlock(&GlobalMid_Lock);
2198
2199 cifs_crypto_shash_release(server);
2200 cifs_fscache_release_client_cookie(server);
2201
2202 kfree(server->session_key.response);
2203 server->session_key.response = NULL;
2204 server->session_key.len = 0;
2205
2206 task = xchg(&server->tsk, NULL);
2207 if (task)
2208 force_sig(SIGKILL, task);
2209}
2210
2211static struct TCP_Server_Info *
2212cifs_get_tcp_session(struct smb_vol *volume_info)
2213{
2214 struct TCP_Server_Info *tcp_ses = NULL;
2215 struct sockaddr_storage addr;
2216 struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
2217 struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
2218 int rc;
2219
2220 memset(&addr, 0, sizeof(struct sockaddr_storage));
2221
2222 cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
2223
2224 if (volume_info->UNCip && volume_info->UNC) {
2225 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2226 volume_info->UNCip,
2227 strlen(volume_info->UNCip),
2228 volume_info->port);
2229 if (!rc) {
2230 /* we failed translating address */
2231 rc = -EINVAL;
2232 goto out_err;
2233 }
2234 } else if (volume_info->UNCip) {
2235 /* BB using ip addr as tcp_ses name to connect to the
2236 DFS root below */
2237 cERROR(1, "Connecting to DFS root not implemented yet");
2238 rc = -EINVAL;
2239 goto out_err;
2240 } else /* which tcp_sess DFS root would we conect to */ {
2241 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
2242 "unc=//192.168.1.100/public) specified");
2243 rc = -EINVAL;
2244 goto out_err;
2245 }
2246
2247 /* see if we already have a matching tcp_ses */
2248 tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
2249 if (tcp_ses)
2250 return tcp_ses;
2251
2252 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
2253 if (!tcp_ses) {
2254 rc = -ENOMEM;
2255 goto out_err;
2256 }
2257
2258 rc = cifs_crypto_shash_allocate(tcp_ses);
2259 if (rc) {
2260 cERROR(1, "could not setup hash structures rc %d", rc);
2261 goto out_err;
2262 }
2263
2264 tcp_ses->ops = volume_info->ops;
2265 tcp_ses->vals = volume_info->vals;
2266 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
2267 tcp_ses->hostname = extract_hostname(volume_info->UNC);
2268 if (IS_ERR(tcp_ses->hostname)) {
2269 rc = PTR_ERR(tcp_ses->hostname);
2270 goto out_err_crypto_release;
2271 }
2272
2273 tcp_ses->noblocksnd = volume_info->noblocksnd;
2274 tcp_ses->noautotune = volume_info->noautotune;
2275 tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
2276 tcp_ses->in_flight = 0;
2277 tcp_ses->credits = 1;
2278 init_waitqueue_head(&tcp_ses->response_q);
2279 init_waitqueue_head(&tcp_ses->request_q);
2280 INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
2281 mutex_init(&tcp_ses->srv_mutex);
2282 memcpy(tcp_ses->workstation_RFC1001_name,
2283 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
2284 memcpy(tcp_ses->server_RFC1001_name,
2285 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
2286 tcp_ses->session_estab = false;
2287 tcp_ses->sequence_number = 0;
2288 tcp_ses->lstrp = jiffies;
2289 spin_lock_init(&tcp_ses->req_lock);
2290 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
2291 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
2292 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
2293
2294 /*
2295 * at this point we are the only ones with the pointer
2296 * to the struct since the kernel thread not created yet
2297 * no need to spinlock this init of tcpStatus or srv_count
2298 */
2299 tcp_ses->tcpStatus = CifsNew;
2300 memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
2301 sizeof(tcp_ses->srcaddr));
2302 ++tcp_ses->srv_count;
2303
2304 if (addr.ss_family == AF_INET6) {
2305 cFYI(1, "attempting ipv6 connect");
2306 /* BB should we allow ipv6 on port 139? */
2307 /* other OS never observed in Wild doing 139 with v6 */
2308 memcpy(&tcp_ses->dstaddr, sin_server6,
2309 sizeof(struct sockaddr_in6));
2310 } else
2311 memcpy(&tcp_ses->dstaddr, sin_server,
2312 sizeof(struct sockaddr_in));
2313
2314 rc = ip_connect(tcp_ses);
2315 if (rc < 0) {
2316 cERROR(1, "Error connecting to socket. Aborting operation");
2317 goto out_err_crypto_release;
2318 }
2319
2320 /*
2321 * since we're in a cifs function already, we know that
2322 * this will succeed. No need for try_module_get().
2323 */
2324 __module_get(THIS_MODULE);
2325 tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
2326 tcp_ses, "cifsd");
2327 if (IS_ERR(tcp_ses->tsk)) {
2328 rc = PTR_ERR(tcp_ses->tsk);
2329 cERROR(1, "error %d create cifsd thread", rc);
2330 module_put(THIS_MODULE);
2331 goto out_err_crypto_release;
2332 }
2333 tcp_ses->tcpStatus = CifsNeedNegotiate;
2334
2335 /* thread spawned, put it on the list */
2336 spin_lock(&cifs_tcp_ses_lock);
2337 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
2338 spin_unlock(&cifs_tcp_ses_lock);
2339
2340 cifs_fscache_get_client_cookie(tcp_ses);
2341
2342 /* queue echo request delayed work */
2343 queue_delayed_work(cifsiod_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
2344
2345 return tcp_ses;
2346
2347out_err_crypto_release:
2348 cifs_crypto_shash_release(tcp_ses);
2349
2350 put_net(cifs_net_ns(tcp_ses));
2351
2352out_err:
2353 if (tcp_ses) {
2354 if (!IS_ERR(tcp_ses->hostname))
2355 kfree(tcp_ses->hostname);
2356 if (tcp_ses->ssocket)
2357 sock_release(tcp_ses->ssocket);
2358 kfree(tcp_ses);
2359 }
2360 return ERR_PTR(rc);
2361}
2362
2363static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
2364{
2365 switch (ses->server->secType) {
2366 case Kerberos:
2367 if (vol->cred_uid != ses->cred_uid)
2368 return 0;
2369 break;
2370 default:
2371 /* NULL username means anonymous session */
2372 if (ses->user_name == NULL) {
2373 if (!vol->nullauth)
2374 return 0;
2375 break;
2376 }
2377
2378 /* anything else takes username/password */
2379 if (strncmp(ses->user_name,
2380 vol->username ? vol->username : "",
2381 MAX_USERNAME_SIZE))
2382 return 0;
2383 if (strlen(vol->username) != 0 &&
2384 ses->password != NULL &&
2385 strncmp(ses->password,
2386 vol->password ? vol->password : "",
2387 MAX_PASSWORD_SIZE))
2388 return 0;
2389 }
2390 return 1;
2391}
2392
2393static struct cifs_ses *
2394cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
2395{
2396 struct cifs_ses *ses;
2397
2398 spin_lock(&cifs_tcp_ses_lock);
2399 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
2400 if (!match_session(ses, vol))
2401 continue;
2402 ++ses->ses_count;
2403 spin_unlock(&cifs_tcp_ses_lock);
2404 return ses;
2405 }
2406 spin_unlock(&cifs_tcp_ses_lock);
2407 return NULL;
2408}
2409
2410static void
2411cifs_put_smb_ses(struct cifs_ses *ses)
2412{
2413 int xid;
2414 struct TCP_Server_Info *server = ses->server;
2415
2416 cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
2417 spin_lock(&cifs_tcp_ses_lock);
2418 if (--ses->ses_count > 0) {
2419 spin_unlock(&cifs_tcp_ses_lock);
2420 return;
2421 }
2422
2423 list_del_init(&ses->smb_ses_list);
2424 spin_unlock(&cifs_tcp_ses_lock);
2425
2426 if (ses->status == CifsGood) {
2427 xid = GetXid();
2428 CIFSSMBLogoff(xid, ses);
2429 _FreeXid(xid);
2430 }
2431 sesInfoFree(ses);
2432 cifs_put_tcp_session(server);
2433}
2434
2435#ifdef CONFIG_KEYS
2436
2437/* strlen("cifs:a:") + INET6_ADDRSTRLEN + 1 */
2438#define CIFSCREDS_DESC_SIZE (7 + INET6_ADDRSTRLEN + 1)
2439
2440/* Populate username and pw fields from keyring if possible */
2441static int
2442cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
2443{
2444 int rc = 0;
2445 char *desc, *delim, *payload;
2446 ssize_t len;
2447 struct key *key;
2448 struct TCP_Server_Info *server = ses->server;
2449 struct sockaddr_in *sa;
2450 struct sockaddr_in6 *sa6;
2451 struct user_key_payload *upayload;
2452
2453 desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
2454 if (!desc)
2455 return -ENOMEM;
2456
2457 /* try to find an address key first */
2458 switch (server->dstaddr.ss_family) {
2459 case AF_INET:
2460 sa = (struct sockaddr_in *)&server->dstaddr;
2461 sprintf(desc, "cifs:a:%pI4", &sa->sin_addr.s_addr);
2462 break;
2463 case AF_INET6:
2464 sa6 = (struct sockaddr_in6 *)&server->dstaddr;
2465 sprintf(desc, "cifs:a:%pI6c", &sa6->sin6_addr.s6_addr);
2466 break;
2467 default:
2468 cFYI(1, "Bad ss_family (%hu)", server->dstaddr.ss_family);
2469 rc = -EINVAL;
2470 goto out_err;
2471 }
2472
2473 cFYI(1, "%s: desc=%s", __func__, desc);
2474 key = request_key(&key_type_logon, desc, "");
2475 if (IS_ERR(key)) {
2476 if (!ses->domainName) {
2477 cFYI(1, "domainName is NULL");
2478 rc = PTR_ERR(key);
2479 goto out_err;
2480 }
2481
2482 /* didn't work, try to find a domain key */
2483 sprintf(desc, "cifs:d:%s", ses->domainName);
2484 cFYI(1, "%s: desc=%s", __func__, desc);
2485 key = request_key(&key_type_logon, desc, "");
2486 if (IS_ERR(key)) {
2487 rc = PTR_ERR(key);
2488 goto out_err;
2489 }
2490 }
2491
2492 down_read(&key->sem);
2493 upayload = key->payload.data;
2494 if (IS_ERR_OR_NULL(upayload)) {
2495 rc = upayload ? PTR_ERR(upayload) : -EINVAL;
2496 goto out_key_put;
2497 }
2498
2499 /* find first : in payload */
2500 payload = (char *)upayload->data;
2501 delim = strnchr(payload, upayload->datalen, ':');
2502 cFYI(1, "payload=%s", payload);
2503 if (!delim) {
2504 cFYI(1, "Unable to find ':' in payload (datalen=%d)",
2505 upayload->datalen);
2506 rc = -EINVAL;
2507 goto out_key_put;
2508 }
2509
2510 len = delim - payload;
2511 if (len > MAX_USERNAME_SIZE || len <= 0) {
2512 cFYI(1, "Bad value from username search (len=%zd)", len);
2513 rc = -EINVAL;
2514 goto out_key_put;
2515 }
2516
2517 vol->username = kstrndup(payload, len, GFP_KERNEL);
2518 if (!vol->username) {
2519 cFYI(1, "Unable to allocate %zd bytes for username", len);
2520 rc = -ENOMEM;
2521 goto out_key_put;
2522 }
2523 cFYI(1, "%s: username=%s", __func__, vol->username);
2524
2525 len = key->datalen - (len + 1);
2526 if (len > MAX_PASSWORD_SIZE || len <= 0) {
2527 cFYI(1, "Bad len for password search (len=%zd)", len);
2528 rc = -EINVAL;
2529 kfree(vol->username);
2530 vol->username = NULL;
2531 goto out_key_put;
2532 }
2533
2534 ++delim;
2535 vol->password = kstrndup(delim, len, GFP_KERNEL);
2536 if (!vol->password) {
2537 cFYI(1, "Unable to allocate %zd bytes for password", len);
2538 rc = -ENOMEM;
2539 kfree(vol->username);
2540 vol->username = NULL;
2541 goto out_key_put;
2542 }
2543
2544out_key_put:
2545 up_read(&key->sem);
2546 key_put(key);
2547out_err:
2548 kfree(desc);
2549 cFYI(1, "%s: returning %d", __func__, rc);
2550 return rc;
2551}
2552#else /* ! CONFIG_KEYS */
2553static inline int
2554cifs_set_cifscreds(struct smb_vol *vol __attribute__((unused)),
2555 struct cifs_ses *ses __attribute__((unused)))
2556{
2557 return -ENOSYS;
2558}
2559#endif /* CONFIG_KEYS */
2560
2561static bool warned_on_ntlm; /* globals init to false automatically */
2562
2563static struct cifs_ses *
2564cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2565{
2566 int rc = -ENOMEM, xid;
2567 struct cifs_ses *ses;
2568 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2569 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2570
2571 xid = GetXid();
2572
2573 ses = cifs_find_smb_ses(server, volume_info);
2574 if (ses) {
2575 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
2576
2577 mutex_lock(&ses->session_mutex);
2578 rc = cifs_negotiate_protocol(xid, ses);
2579 if (rc) {
2580 mutex_unlock(&ses->session_mutex);
2581 /* problem -- put our ses reference */
2582 cifs_put_smb_ses(ses);
2583 FreeXid(xid);
2584 return ERR_PTR(rc);
2585 }
2586 if (ses->need_reconnect) {
2587 cFYI(1, "Session needs reconnect");
2588 rc = cifs_setup_session(xid, ses,
2589 volume_info->local_nls);
2590 if (rc) {
2591 mutex_unlock(&ses->session_mutex);
2592 /* problem -- put our reference */
2593 cifs_put_smb_ses(ses);
2594 FreeXid(xid);
2595 return ERR_PTR(rc);
2596 }
2597 }
2598 mutex_unlock(&ses->session_mutex);
2599
2600 /* existing SMB ses has a server reference already */
2601 cifs_put_tcp_session(server);
2602 FreeXid(xid);
2603 return ses;
2604 }
2605
2606 cFYI(1, "Existing smb sess not found");
2607 ses = sesInfoAlloc();
2608 if (ses == NULL)
2609 goto get_ses_fail;
2610
2611 /* new SMB session uses our server ref */
2612 ses->server = server;
2613 if (server->dstaddr.ss_family == AF_INET6)
2614 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
2615 else
2616 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
2617
2618 if (volume_info->username) {
2619 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2620 if (!ses->user_name)
2621 goto get_ses_fail;
2622 }
2623
2624 /* volume_info->password freed at unmount */
2625 if (volume_info->password) {
2626 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2627 if (!ses->password)
2628 goto get_ses_fail;
2629 }
2630 if (volume_info->domainname) {
2631 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2632 if (!ses->domainName)
2633 goto get_ses_fail;
2634 }
2635 ses->cred_uid = volume_info->cred_uid;
2636 ses->linux_uid = volume_info->linux_uid;
2637
2638 /* ntlmv2 is much stronger than ntlm security, and has been broadly
2639 supported for many years, time to update default security mechanism */
2640 if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2641 warned_on_ntlm = true;
2642 cERROR(1, "default security mechanism requested. The default "
2643 "security mechanism will be upgraded from ntlm to "
2644 "ntlmv2 in kernel release 3.3");
2645 }
2646 ses->overrideSecFlg = volume_info->secFlg;
2647
2648 mutex_lock(&ses->session_mutex);
2649 rc = cifs_negotiate_protocol(xid, ses);
2650 if (!rc)
2651 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
2652 mutex_unlock(&ses->session_mutex);
2653 if (rc)
2654 goto get_ses_fail;
2655
2656 /* success, put it on the list */
2657 spin_lock(&cifs_tcp_ses_lock);
2658 list_add(&ses->smb_ses_list, &server->smb_ses_list);
2659 spin_unlock(&cifs_tcp_ses_lock);
2660
2661 FreeXid(xid);
2662 return ses;
2663
2664get_ses_fail:
2665 sesInfoFree(ses);
2666 FreeXid(xid);
2667 return ERR_PTR(rc);
2668}
2669
2670static int match_tcon(struct cifs_tcon *tcon, const char *unc)
2671{
2672 if (tcon->tidStatus == CifsExiting)
2673 return 0;
2674 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2675 return 0;
2676 return 1;
2677}
2678
2679static struct cifs_tcon *
2680cifs_find_tcon(struct cifs_ses *ses, const char *unc)
2681{
2682 struct list_head *tmp;
2683 struct cifs_tcon *tcon;
2684
2685 spin_lock(&cifs_tcp_ses_lock);
2686 list_for_each(tmp, &ses->tcon_list) {
2687 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
2688 if (!match_tcon(tcon, unc))
2689 continue;
2690 ++tcon->tc_count;
2691 spin_unlock(&cifs_tcp_ses_lock);
2692 return tcon;
2693 }
2694 spin_unlock(&cifs_tcp_ses_lock);
2695 return NULL;
2696}
2697
2698static void
2699cifs_put_tcon(struct cifs_tcon *tcon)
2700{
2701 int xid;
2702 struct cifs_ses *ses = tcon->ses;
2703
2704 cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
2705 spin_lock(&cifs_tcp_ses_lock);
2706 if (--tcon->tc_count > 0) {
2707 spin_unlock(&cifs_tcp_ses_lock);
2708 return;
2709 }
2710
2711 list_del_init(&tcon->tcon_list);
2712 spin_unlock(&cifs_tcp_ses_lock);
2713
2714 xid = GetXid();
2715 CIFSSMBTDis(xid, tcon);
2716 _FreeXid(xid);
2717
2718 cifs_fscache_release_super_cookie(tcon);
2719 tconInfoFree(tcon);
2720 cifs_put_smb_ses(ses);
2721}
2722
2723static struct cifs_tcon *
2724cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
2725{
2726 int rc, xid;
2727 struct cifs_tcon *tcon;
2728
2729 tcon = cifs_find_tcon(ses, volume_info->UNC);
2730 if (tcon) {
2731 cFYI(1, "Found match on UNC path");
2732 /* existing tcon already has a reference */
2733 cifs_put_smb_ses(ses);
2734 if (tcon->seal != volume_info->seal)
2735 cERROR(1, "transport encryption setting "
2736 "conflicts with existing tid");
2737 return tcon;
2738 }
2739
2740 tcon = tconInfoAlloc();
2741 if (tcon == NULL) {
2742 rc = -ENOMEM;
2743 goto out_fail;
2744 }
2745
2746 tcon->ses = ses;
2747 if (volume_info->password) {
2748 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2749 if (!tcon->password) {
2750 rc = -ENOMEM;
2751 goto out_fail;
2752 }
2753 }
2754
2755 if (strchr(volume_info->UNC + 3, '\\') == NULL
2756 && strchr(volume_info->UNC + 3, '/') == NULL) {
2757 cERROR(1, "Missing share name");
2758 rc = -ENODEV;
2759 goto out_fail;
2760 }
2761
2762 /* BB Do we need to wrap session_mutex around
2763 * this TCon call and Unix SetFS as
2764 * we do on SessSetup and reconnect? */
2765 xid = GetXid();
2766 rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2767 FreeXid(xid);
2768 cFYI(1, "CIFS Tcon rc = %d", rc);
2769 if (rc)
2770 goto out_fail;
2771
2772 if (volume_info->nodfs) {
2773 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2774 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2775 }
2776 tcon->seal = volume_info->seal;
2777 /* we can have only one retry value for a connection
2778 to a share so for resources mounted more than once
2779 to the same server share the last value passed in
2780 for the retry flag is used */
2781 tcon->retry = volume_info->retry;
2782 tcon->nocase = volume_info->nocase;
2783 tcon->local_lease = volume_info->local_lease;
2784
2785 spin_lock(&cifs_tcp_ses_lock);
2786 list_add(&tcon->tcon_list, &ses->tcon_list);
2787 spin_unlock(&cifs_tcp_ses_lock);
2788
2789 cifs_fscache_get_super_cookie(tcon);
2790
2791 return tcon;
2792
2793out_fail:
2794 tconInfoFree(tcon);
2795 return ERR_PTR(rc);
2796}
2797
2798void
2799cifs_put_tlink(struct tcon_link *tlink)
2800{
2801 if (!tlink || IS_ERR(tlink))
2802 return;
2803
2804 if (!atomic_dec_and_test(&tlink->tl_count) ||
2805 test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2806 tlink->tl_time = jiffies;
2807 return;
2808 }
2809
2810 if (!IS_ERR(tlink_tcon(tlink)))
2811 cifs_put_tcon(tlink_tcon(tlink));
2812 kfree(tlink);
2813 return;
2814}
2815
2816static inline struct tcon_link *
2817cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2818{
2819 return cifs_sb->master_tlink;
2820}
2821
2822static int
2823compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2824{
2825 struct cifs_sb_info *old = CIFS_SB(sb);
2826 struct cifs_sb_info *new = mnt_data->cifs_sb;
2827
2828 if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2829 return 0;
2830
2831 if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2832 (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2833 return 0;
2834
2835 /*
2836 * We want to share sb only if we don't specify an r/wsize or
2837 * specified r/wsize is greater than or equal to existing one.
2838 */
2839 if (new->wsize && new->wsize < old->wsize)
2840 return 0;
2841
2842 if (new->rsize && new->rsize < old->rsize)
2843 return 0;
2844
2845 if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2846 return 0;
2847
2848 if (old->mnt_file_mode != new->mnt_file_mode ||
2849 old->mnt_dir_mode != new->mnt_dir_mode)
2850 return 0;
2851
2852 if (strcmp(old->local_nls->charset, new->local_nls->charset))
2853 return 0;
2854
2855 if (old->actimeo != new->actimeo)
2856 return 0;
2857
2858 return 1;
2859}
2860
2861int
2862cifs_match_super(struct super_block *sb, void *data)
2863{
2864 struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2865 struct smb_vol *volume_info;
2866 struct cifs_sb_info *cifs_sb;
2867 struct TCP_Server_Info *tcp_srv;
2868 struct cifs_ses *ses;
2869 struct cifs_tcon *tcon;
2870 struct tcon_link *tlink;
2871 struct sockaddr_storage addr;
2872 int rc = 0;
2873
2874 memset(&addr, 0, sizeof(struct sockaddr_storage));
2875
2876 spin_lock(&cifs_tcp_ses_lock);
2877 cifs_sb = CIFS_SB(sb);
2878 tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2879 if (IS_ERR(tlink)) {
2880 spin_unlock(&cifs_tcp_ses_lock);
2881 return rc;
2882 }
2883 tcon = tlink_tcon(tlink);
2884 ses = tcon->ses;
2885 tcp_srv = ses->server;
2886
2887 volume_info = mnt_data->vol;
2888
2889 if (!volume_info->UNCip || !volume_info->UNC)
2890 goto out;
2891
2892 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2893 volume_info->UNCip,
2894 strlen(volume_info->UNCip),
2895 volume_info->port);
2896 if (!rc)
2897 goto out;
2898
2899 if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2900 !match_session(ses, volume_info) ||
2901 !match_tcon(tcon, volume_info->UNC)) {
2902 rc = 0;
2903 goto out;
2904 }
2905
2906 rc = compare_mount_options(sb, mnt_data);
2907out:
2908 spin_unlock(&cifs_tcp_ses_lock);
2909 cifs_put_tlink(tlink);
2910 return rc;
2911}
2912
2913int
2914get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
2915 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
2916 struct dfs_info3_param **preferrals, int remap)
2917{
2918 char *temp_unc;
2919 int rc = 0;
2920
2921 *pnum_referrals = 0;
2922 *preferrals = NULL;
2923
2924 if (pSesInfo->ipc_tid == 0) {
2925 temp_unc = kmalloc(2 /* for slashes */ +
2926 strnlen(pSesInfo->serverName,
2927 SERVER_NAME_LEN_WITH_NULL * 2)
2928 + 1 + 4 /* slash IPC$ */ + 2,
2929 GFP_KERNEL);
2930 if (temp_unc == NULL)
2931 return -ENOMEM;
2932 temp_unc[0] = '\\';
2933 temp_unc[1] = '\\';
2934 strcpy(temp_unc + 2, pSesInfo->serverName);
2935 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2936 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
2937 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
2938 kfree(temp_unc);
2939 }
2940 if (rc == 0)
2941 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
2942 pnum_referrals, nls_codepage, remap);
2943 /* BB map targetUNCs to dfs_info3 structures, here or
2944 in CIFSGetDFSRefer BB */
2945
2946 return rc;
2947}
2948
2949#ifdef CONFIG_DEBUG_LOCK_ALLOC
2950static struct lock_class_key cifs_key[2];
2951static struct lock_class_key cifs_slock_key[2];
2952
2953static inline void
2954cifs_reclassify_socket4(struct socket *sock)
2955{
2956 struct sock *sk = sock->sk;
2957 BUG_ON(sock_owned_by_user(sk));
2958 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2959 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2960}
2961
2962static inline void
2963cifs_reclassify_socket6(struct socket *sock)
2964{
2965 struct sock *sk = sock->sk;
2966 BUG_ON(sock_owned_by_user(sk));
2967 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2968 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2969}
2970#else
2971static inline void
2972cifs_reclassify_socket4(struct socket *sock)
2973{
2974}
2975
2976static inline void
2977cifs_reclassify_socket6(struct socket *sock)
2978{
2979}
2980#endif
2981
2982/* See RFC1001 section 14 on representation of Netbios names */
2983static void rfc1002mangle(char *target, char *source, unsigned int length)
2984{
2985 unsigned int i, j;
2986
2987 for (i = 0, j = 0; i < (length); i++) {
2988 /* mask a nibble at a time and encode */
2989 target[j] = 'A' + (0x0F & (source[i] >> 4));
2990 target[j+1] = 'A' + (0x0F & source[i]);
2991 j += 2;
2992 }
2993
2994}
2995
2996static int
2997bind_socket(struct TCP_Server_Info *server)
2998{
2999 int rc = 0;
3000 if (server->srcaddr.ss_family != AF_UNSPEC) {
3001 /* Bind to the specified local IP address */
3002 struct socket *socket = server->ssocket;
3003 rc = socket->ops->bind(socket,
3004 (struct sockaddr *) &server->srcaddr,
3005 sizeof(server->srcaddr));
3006 if (rc < 0) {
3007 struct sockaddr_in *saddr4;
3008 struct sockaddr_in6 *saddr6;
3009 saddr4 = (struct sockaddr_in *)&server->srcaddr;
3010 saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
3011 if (saddr6->sin6_family == AF_INET6)
3012 cERROR(1, "cifs: "
3013 "Failed to bind to: %pI6c, error: %d\n",
3014 &saddr6->sin6_addr, rc);
3015 else
3016 cERROR(1, "cifs: "
3017 "Failed to bind to: %pI4, error: %d\n",
3018 &saddr4->sin_addr.s_addr, rc);
3019 }
3020 }
3021 return rc;
3022}
3023
3024static int
3025ip_rfc1001_connect(struct TCP_Server_Info *server)
3026{
3027 int rc = 0;
3028 /*
3029 * some servers require RFC1001 sessinit before sending
3030 * negprot - BB check reconnection in case where second
3031 * sessinit is sent but no second negprot
3032 */
3033 struct rfc1002_session_packet *ses_init_buf;
3034 struct smb_hdr *smb_buf;
3035 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
3036 GFP_KERNEL);
3037 if (ses_init_buf) {
3038 ses_init_buf->trailer.session_req.called_len = 32;
3039
3040 if (server->server_RFC1001_name &&
3041 server->server_RFC1001_name[0] != 0)
3042 rfc1002mangle(ses_init_buf->trailer.
3043 session_req.called_name,
3044 server->server_RFC1001_name,
3045 RFC1001_NAME_LEN_WITH_NULL);
3046 else
3047 rfc1002mangle(ses_init_buf->trailer.
3048 session_req.called_name,
3049 DEFAULT_CIFS_CALLED_NAME,
3050 RFC1001_NAME_LEN_WITH_NULL);
3051
3052 ses_init_buf->trailer.session_req.calling_len = 32;
3053
3054 /*
3055 * calling name ends in null (byte 16) from old smb
3056 * convention.
3057 */
3058 if (server->workstation_RFC1001_name &&
3059 server->workstation_RFC1001_name[0] != 0)
3060 rfc1002mangle(ses_init_buf->trailer.
3061 session_req.calling_name,
3062 server->workstation_RFC1001_name,
3063 RFC1001_NAME_LEN_WITH_NULL);
3064 else
3065 rfc1002mangle(ses_init_buf->trailer.
3066 session_req.calling_name,
3067 "LINUX_CIFS_CLNT",
3068 RFC1001_NAME_LEN_WITH_NULL);
3069
3070 ses_init_buf->trailer.session_req.scope1 = 0;
3071 ses_init_buf->trailer.session_req.scope2 = 0;
3072 smb_buf = (struct smb_hdr *)ses_init_buf;
3073
3074 /* sizeof RFC1002_SESSION_REQUEST with no scope */
3075 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
3076 rc = smb_send(server, smb_buf, 0x44);
3077 kfree(ses_init_buf);
3078 /*
3079 * RFC1001 layer in at least one server
3080 * requires very short break before negprot
3081 * presumably because not expecting negprot
3082 * to follow so fast. This is a simple
3083 * solution that works without
3084 * complicating the code and causes no
3085 * significant slowing down on mount
3086 * for everyone else
3087 */
3088 usleep_range(1000, 2000);
3089 }
3090 /*
3091 * else the negprot may still work without this
3092 * even though malloc failed
3093 */
3094
3095 return rc;
3096}
3097
3098static int
3099generic_ip_connect(struct TCP_Server_Info *server)
3100{
3101 int rc = 0;
3102 __be16 sport;
3103 int slen, sfamily;
3104 struct socket *socket = server->ssocket;
3105 struct sockaddr *saddr;
3106
3107 saddr = (struct sockaddr *) &server->dstaddr;
3108
3109 if (server->dstaddr.ss_family == AF_INET6) {
3110 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
3111 slen = sizeof(struct sockaddr_in6);
3112 sfamily = AF_INET6;
3113 } else {
3114 sport = ((struct sockaddr_in *) saddr)->sin_port;
3115 slen = sizeof(struct sockaddr_in);
3116 sfamily = AF_INET;
3117 }
3118
3119 if (socket == NULL) {
3120 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
3121 IPPROTO_TCP, &socket, 1);
3122 if (rc < 0) {
3123 cERROR(1, "Error %d creating socket", rc);
3124 server->ssocket = NULL;
3125 return rc;
3126 }
3127
3128 /* BB other socket options to set KEEPALIVE, NODELAY? */
3129 cFYI(1, "Socket created");
3130 server->ssocket = socket;
3131 socket->sk->sk_allocation = GFP_NOFS;
3132 if (sfamily == AF_INET6)
3133 cifs_reclassify_socket6(socket);
3134 else
3135 cifs_reclassify_socket4(socket);
3136 }
3137
3138 rc = bind_socket(server);
3139 if (rc < 0)
3140 return rc;
3141
3142 /*
3143 * Eventually check for other socket options to change from
3144 * the default. sock_setsockopt not used because it expects
3145 * user space buffer
3146 */
3147 socket->sk->sk_rcvtimeo = 7 * HZ;
3148 socket->sk->sk_sndtimeo = 5 * HZ;
3149
3150 /* make the bufsizes depend on wsize/rsize and max requests */
3151 if (server->noautotune) {
3152 if (socket->sk->sk_sndbuf < (200 * 1024))
3153 socket->sk->sk_sndbuf = 200 * 1024;
3154 if (socket->sk->sk_rcvbuf < (140 * 1024))
3155 socket->sk->sk_rcvbuf = 140 * 1024;
3156 }
3157
3158 if (server->tcp_nodelay) {
3159 int val = 1;
3160 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
3161 (char *)&val, sizeof(val));
3162 if (rc)
3163 cFYI(1, "set TCP_NODELAY socket option error %d", rc);
3164 }
3165
3166 cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
3167 socket->sk->sk_sndbuf,
3168 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
3169
3170 rc = socket->ops->connect(socket, saddr, slen, 0);
3171 if (rc < 0) {
3172 cFYI(1, "Error %d connecting to server", rc);
3173 sock_release(socket);
3174 server->ssocket = NULL;
3175 return rc;
3176 }
3177
3178 if (sport == htons(RFC1001_PORT))
3179 rc = ip_rfc1001_connect(server);
3180
3181 return rc;
3182}
3183
3184static int
3185ip_connect(struct TCP_Server_Info *server)
3186{
3187 __be16 *sport;
3188 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
3189 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
3190
3191 if (server->dstaddr.ss_family == AF_INET6)
3192 sport = &addr6->sin6_port;
3193 else
3194 sport = &addr->sin_port;
3195
3196 if (*sport == 0) {
3197 int rc;
3198
3199 /* try with 445 port at first */
3200 *sport = htons(CIFS_PORT);
3201
3202 rc = generic_ip_connect(server);
3203 if (rc >= 0)
3204 return rc;
3205
3206 /* if it failed, try with 139 port */
3207 *sport = htons(RFC1001_PORT);
3208 }
3209
3210 return generic_ip_connect(server);
3211}
3212
3213void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
3214 struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
3215{
3216 /* if we are reconnecting then should we check to see if
3217 * any requested capabilities changed locally e.g. via
3218 * remount but we can not do much about it here
3219 * if they have (even if we could detect it by the following)
3220 * Perhaps we could add a backpointer to array of sb from tcon
3221 * or if we change to make all sb to same share the same
3222 * sb as NFS - then we only have one backpointer to sb.
3223 * What if we wanted to mount the server share twice once with
3224 * and once without posixacls or posix paths? */
3225 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3226
3227 if (vol_info && vol_info->no_linux_ext) {
3228 tcon->fsUnixInfo.Capability = 0;
3229 tcon->unix_ext = 0; /* Unix Extensions disabled */
3230 cFYI(1, "Linux protocol extensions disabled");
3231 return;
3232 } else if (vol_info)
3233 tcon->unix_ext = 1; /* Unix Extensions supported */
3234
3235 if (tcon->unix_ext == 0) {
3236 cFYI(1, "Unix extensions disabled so not set on reconnect");
3237 return;
3238 }
3239
3240 if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
3241 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3242 cFYI(1, "unix caps which server supports %lld", cap);
3243 /* check for reconnect case in which we do not
3244 want to change the mount behavior if we can avoid it */
3245 if (vol_info == NULL) {
3246 /* turn off POSIX ACL and PATHNAMES if not set
3247 originally at mount time */
3248 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
3249 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
3250 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
3251 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
3252 cERROR(1, "POSIXPATH support change");
3253 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
3254 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
3255 cERROR(1, "possible reconnect error");
3256 cERROR(1, "server disabled POSIX path support");
3257 }
3258 }
3259
3260 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
3261 cERROR(1, "per-share encryption not supported yet");
3262
3263 cap &= CIFS_UNIX_CAP_MASK;
3264 if (vol_info && vol_info->no_psx_acl)
3265 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
3266 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
3267 cFYI(1, "negotiated posix acl support");
3268 if (cifs_sb)
3269 cifs_sb->mnt_cifs_flags |=
3270 CIFS_MOUNT_POSIXACL;
3271 }
3272
3273 if (vol_info && vol_info->posix_paths == 0)
3274 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
3275 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
3276 cFYI(1, "negotiate posix pathnames");
3277 if (cifs_sb)
3278 cifs_sb->mnt_cifs_flags |=
3279 CIFS_MOUNT_POSIX_PATHS;
3280 }
3281
3282 cFYI(1, "Negotiate caps 0x%x", (int)cap);
3283#ifdef CONFIG_CIFS_DEBUG2
3284 if (cap & CIFS_UNIX_FCNTL_CAP)
3285 cFYI(1, "FCNTL cap");
3286 if (cap & CIFS_UNIX_EXTATTR_CAP)
3287 cFYI(1, "EXTATTR cap");
3288 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
3289 cFYI(1, "POSIX path cap");
3290 if (cap & CIFS_UNIX_XATTR_CAP)
3291 cFYI(1, "XATTR cap");
3292 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
3293 cFYI(1, "POSIX ACL cap");
3294 if (cap & CIFS_UNIX_LARGE_READ_CAP)
3295 cFYI(1, "very large read cap");
3296 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
3297 cFYI(1, "very large write cap");
3298 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
3299 cFYI(1, "transport encryption cap");
3300 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
3301 cFYI(1, "mandatory transport encryption cap");
3302#endif /* CIFS_DEBUG2 */
3303 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
3304 if (vol_info == NULL) {
3305 cFYI(1, "resetting capabilities failed");
3306 } else
3307 cERROR(1, "Negotiating Unix capabilities "
3308 "with the server failed. Consider "
3309 "mounting with the Unix Extensions\n"
3310 "disabled, if problems are found, "
3311 "by specifying the nounix mount "
3312 "option.");
3313
3314 }
3315 }
3316}
3317
3318void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
3319 struct cifs_sb_info *cifs_sb)
3320{
3321 INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
3322
3323 spin_lock_init(&cifs_sb->tlink_tree_lock);
3324 cifs_sb->tlink_tree = RB_ROOT;
3325
3326 /*
3327 * Temporarily set r/wsize for matching superblock. If we end up using
3328 * new sb then client will later negotiate it downward if needed.
3329 */
3330 cifs_sb->rsize = pvolume_info->rsize;
3331 cifs_sb->wsize = pvolume_info->wsize;
3332
3333 cifs_sb->mnt_uid = pvolume_info->linux_uid;
3334 cifs_sb->mnt_gid = pvolume_info->linux_gid;
3335 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
3336 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
3337 cFYI(1, "file mode: 0x%hx dir mode: 0x%hx",
3338 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
3339
3340 cifs_sb->actimeo = pvolume_info->actimeo;
3341 cifs_sb->local_nls = pvolume_info->local_nls;
3342
3343 if (pvolume_info->noperm)
3344 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
3345 if (pvolume_info->setuids)
3346 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
3347 if (pvolume_info->server_ino)
3348 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
3349 if (pvolume_info->remap)
3350 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
3351 if (pvolume_info->no_xattr)
3352 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
3353 if (pvolume_info->sfu_emul)
3354 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
3355 if (pvolume_info->nobrl)
3356 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
3357 if (pvolume_info->nostrictsync)
3358 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
3359 if (pvolume_info->mand_lock)
3360 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
3361 if (pvolume_info->rwpidforward)
3362 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
3363 if (pvolume_info->cifs_acl)
3364 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
3365 if (pvolume_info->backupuid_specified) {
3366 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
3367 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
3368 }
3369 if (pvolume_info->backupgid_specified) {
3370 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
3371 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
3372 }
3373 if (pvolume_info->override_uid)
3374 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
3375 if (pvolume_info->override_gid)
3376 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
3377 if (pvolume_info->dynperm)
3378 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
3379 if (pvolume_info->fsc)
3380 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
3381 if (pvolume_info->multiuser)
3382 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
3383 CIFS_MOUNT_NO_PERM);
3384 if (pvolume_info->strict_io)
3385 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
3386 if (pvolume_info->direct_io) {
3387 cFYI(1, "mounting share using direct i/o");
3388 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
3389 }
3390 if (pvolume_info->mfsymlinks) {
3391 if (pvolume_info->sfu_emul) {
3392 cERROR(1, "mount option mfsymlinks ignored if sfu "
3393 "mount option is used");
3394 } else {
3395 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
3396 }
3397 }
3398
3399 if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
3400 cERROR(1, "mount option dynperm ignored if cifsacl "
3401 "mount option supported");
3402}
3403
3404/*
3405 * When the server supports very large reads and writes via POSIX extensions,
3406 * we can allow up to 2^24-1, minus the size of a READ/WRITE_AND_X header, not
3407 * including the RFC1001 length.
3408 *
3409 * Note that this might make for "interesting" allocation problems during
3410 * writeback however as we have to allocate an array of pointers for the
3411 * pages. A 16M write means ~32kb page array with PAGE_CACHE_SIZE == 4096.
3412 *
3413 * For reads, there is a similar problem as we need to allocate an array
3414 * of kvecs to handle the receive, though that should only need to be done
3415 * once.
3416 */
3417#define CIFS_MAX_WSIZE ((1<<24) - 1 - sizeof(WRITE_REQ) + 4)
3418#define CIFS_MAX_RSIZE ((1<<24) - sizeof(READ_RSP) + 4)
3419
3420/*
3421 * When the server doesn't allow large posix writes, only allow a rsize/wsize
3422 * of 2^17-1 minus the size of the call header. That allows for a read or
3423 * write up to the maximum size described by RFC1002.
3424 */
3425#define CIFS_MAX_RFC1002_WSIZE ((1<<17) - 1 - sizeof(WRITE_REQ) + 4)
3426#define CIFS_MAX_RFC1002_RSIZE ((1<<17) - 1 - sizeof(READ_RSP) + 4)
3427
3428/*
3429 * The default wsize is 1M. find_get_pages seems to return a maximum of 256
3430 * pages in a single call. With PAGE_CACHE_SIZE == 4k, this means we can fill
3431 * a single wsize request with a single call.
3432 */
3433#define CIFS_DEFAULT_IOSIZE (1024 * 1024)
3434
3435/*
3436 * Windows only supports a max of 60kb reads and 65535 byte writes. Default to
3437 * those values when posix extensions aren't in force. In actuality here, we
3438 * use 65536 to allow for a write that is a multiple of 4k. Most servers seem
3439 * to be ok with the extra byte even though Windows doesn't send writes that
3440 * are that large.
3441 *
3442 * Citation:
3443 *
3444 * http://blogs.msdn.com/b/openspecification/archive/2009/04/10/smb-maximum-transmit-buffer-size-and-performance-tuning.aspx
3445 */
3446#define CIFS_DEFAULT_NON_POSIX_RSIZE (60 * 1024)
3447#define CIFS_DEFAULT_NON_POSIX_WSIZE (65536)
3448
3449/*
3450 * On hosts with high memory, we can't currently support wsize/rsize that are
3451 * larger than we can kmap at once. Cap the rsize/wsize at
3452 * LAST_PKMAP * PAGE_SIZE. We'll never be able to fill a read or write request
3453 * larger than that anyway.
3454 */
3455#ifdef CONFIG_HIGHMEM
3456#define CIFS_KMAP_SIZE_LIMIT (LAST_PKMAP * PAGE_CACHE_SIZE)
3457#else /* CONFIG_HIGHMEM */
3458#define CIFS_KMAP_SIZE_LIMIT (1<<24)
3459#endif /* CONFIG_HIGHMEM */
3460
3461static unsigned int
3462cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
3463{
3464 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3465 struct TCP_Server_Info *server = tcon->ses->server;
3466 unsigned int wsize;
3467
3468 /* start with specified wsize, or default */
3469 if (pvolume_info->wsize)
3470 wsize = pvolume_info->wsize;
3471 else if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
3472 wsize = CIFS_DEFAULT_IOSIZE;
3473 else
3474 wsize = CIFS_DEFAULT_NON_POSIX_WSIZE;
3475
3476 /* can server support 24-bit write sizes? (via UNIX extensions) */
3477 if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
3478 wsize = min_t(unsigned int, wsize, CIFS_MAX_RFC1002_WSIZE);
3479
3480 /*
3481 * no CAP_LARGE_WRITE_X or is signing enabled without CAP_UNIX set?
3482 * Limit it to max buffer offered by the server, minus the size of the
3483 * WRITEX header, not including the 4 byte RFC1001 length.
3484 */
3485 if (!(server->capabilities & CAP_LARGE_WRITE_X) ||
3486 (!(server->capabilities & CAP_UNIX) &&
3487 (server->sec_mode & (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED))))
3488 wsize = min_t(unsigned int, wsize,
3489 server->maxBuf - sizeof(WRITE_REQ) + 4);
3490
3491 /* limit to the amount that we can kmap at once */
3492 wsize = min_t(unsigned int, wsize, CIFS_KMAP_SIZE_LIMIT);
3493
3494 /* hard limit of CIFS_MAX_WSIZE */
3495 wsize = min_t(unsigned int, wsize, CIFS_MAX_WSIZE);
3496
3497 return wsize;
3498}
3499
3500static unsigned int
3501cifs_negotiate_rsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
3502{
3503 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3504 struct TCP_Server_Info *server = tcon->ses->server;
3505 unsigned int rsize, defsize;
3506
3507 /*
3508 * Set default value...
3509 *
3510 * HACK alert! Ancient servers have very small buffers. Even though
3511 * MS-CIFS indicates that servers are only limited by the client's
3512 * bufsize for reads, testing against win98se shows that it throws
3513 * INVALID_PARAMETER errors if you try to request too large a read.
3514 * OS/2 just sends back short reads.
3515 *
3516 * If the server doesn't advertise CAP_LARGE_READ_X, then assume that
3517 * it can't handle a read request larger than its MaxBufferSize either.
3518 */
3519 if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_READ_CAP))
3520 defsize = CIFS_DEFAULT_IOSIZE;
3521 else if (server->capabilities & CAP_LARGE_READ_X)
3522 defsize = CIFS_DEFAULT_NON_POSIX_RSIZE;
3523 else
3524 defsize = server->maxBuf - sizeof(READ_RSP);
3525
3526 rsize = pvolume_info->rsize ? pvolume_info->rsize : defsize;
3527
3528 /*
3529 * no CAP_LARGE_READ_X? Then MS-CIFS states that we must limit this to
3530 * the client's MaxBufferSize.
3531 */
3532 if (!(server->capabilities & CAP_LARGE_READ_X))
3533 rsize = min_t(unsigned int, CIFSMaxBufSize, rsize);
3534
3535 /* limit to the amount that we can kmap at once */
3536 rsize = min_t(unsigned int, rsize, CIFS_KMAP_SIZE_LIMIT);
3537
3538 /* hard limit of CIFS_MAX_RSIZE */
3539 rsize = min_t(unsigned int, rsize, CIFS_MAX_RSIZE);
3540
3541 return rsize;
3542}
3543
3544static int
3545is_path_accessible(int xid, struct cifs_tcon *tcon,
3546 struct cifs_sb_info *cifs_sb, const char *full_path)
3547{
3548 int rc;
3549 FILE_ALL_INFO *pfile_info;
3550
3551 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
3552 if (pfile_info == NULL)
3553 return -ENOMEM;
3554
3555 rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
3556 0 /* not legacy */, cifs_sb->local_nls,
3557 cifs_sb->mnt_cifs_flags &
3558 CIFS_MOUNT_MAP_SPECIAL_CHR);
3559
3560 if (rc == -EOPNOTSUPP || rc == -EINVAL)
3561 rc = SMBQueryInformation(xid, tcon, full_path, pfile_info,
3562 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
3563 CIFS_MOUNT_MAP_SPECIAL_CHR);
3564 kfree(pfile_info);
3565 return rc;
3566}
3567
3568static void
3569cleanup_volume_info_contents(struct smb_vol *volume_info)
3570{
3571 kfree(volume_info->username);
3572 kzfree(volume_info->password);
3573 if (volume_info->UNCip != volume_info->UNC + 2)
3574 kfree(volume_info->UNCip);
3575 kfree(volume_info->UNC);
3576 kfree(volume_info->domainname);
3577 kfree(volume_info->iocharset);
3578 kfree(volume_info->prepath);
3579}
3580
3581void
3582cifs_cleanup_volume_info(struct smb_vol *volume_info)
3583{
3584 if (!volume_info)
3585 return;
3586 cleanup_volume_info_contents(volume_info);
3587 kfree(volume_info);
3588}
3589
3590
3591#ifdef CONFIG_CIFS_DFS_UPCALL
3592/* build_path_to_root returns full path to root when
3593 * we do not have an exiting connection (tcon) */
3594static char *
3595build_unc_path_to_root(const struct smb_vol *vol,
3596 const struct cifs_sb_info *cifs_sb)
3597{
3598 char *full_path, *pos;
3599 unsigned int pplen = vol->prepath ? strlen(vol->prepath) : 0;
3600 unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
3601
3602 full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
3603 if (full_path == NULL)
3604 return ERR_PTR(-ENOMEM);
3605
3606 strncpy(full_path, vol->UNC, unc_len);
3607 pos = full_path + unc_len;
3608
3609 if (pplen) {
3610 strncpy(pos, vol->prepath, pplen);
3611 pos += pplen;
3612 }
3613
3614 *pos = '\0'; /* add trailing null */
3615 convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
3616 cFYI(1, "%s: full_path=%s", __func__, full_path);
3617 return full_path;
3618}
3619
3620/*
3621 * Perform a dfs referral query for a share and (optionally) prefix
3622 *
3623 * If a referral is found, cifs_sb->mountdata will be (re-)allocated
3624 * to a string containing updated options for the submount. Otherwise it
3625 * will be left untouched.
3626 *
3627 * Returns the rc from get_dfs_path to the caller, which can be used to
3628 * determine whether there were referrals.
3629 */
3630static int
3631expand_dfs_referral(int xid, struct cifs_ses *pSesInfo,
3632 struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
3633 int check_prefix)
3634{
3635 int rc;
3636 unsigned int num_referrals = 0;
3637 struct dfs_info3_param *referrals = NULL;
3638 char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
3639
3640 full_path = build_unc_path_to_root(volume_info, cifs_sb);
3641 if (IS_ERR(full_path))
3642 return PTR_ERR(full_path);
3643
3644 /* For DFS paths, skip the first '\' of the UNC */
3645 ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
3646
3647 rc = get_dfs_path(xid, pSesInfo , ref_path, cifs_sb->local_nls,
3648 &num_referrals, &referrals,
3649 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
3650
3651 if (!rc && num_referrals > 0) {
3652 char *fake_devname = NULL;
3653
3654 mdata = cifs_compose_mount_options(cifs_sb->mountdata,
3655 full_path + 1, referrals,
3656 &fake_devname);
3657
3658 free_dfs_info_array(referrals, num_referrals);
3659
3660 if (IS_ERR(mdata)) {
3661 rc = PTR_ERR(mdata);
3662 mdata = NULL;
3663 } else {
3664 cleanup_volume_info_contents(volume_info);
3665 memset(volume_info, '\0', sizeof(*volume_info));
3666 rc = cifs_setup_volume_info(volume_info, mdata,
3667 fake_devname);
3668 }
3669 kfree(fake_devname);
3670 kfree(cifs_sb->mountdata);
3671 cifs_sb->mountdata = mdata;
3672 }
3673 kfree(full_path);
3674 return rc;
3675}
3676#endif
3677
3678static int
3679cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
3680 const char *devname)
3681{
3682 int rc = 0;
3683
3684 if (cifs_parse_mount_options(mount_data, devname, volume_info))
3685 return -EINVAL;
3686
3687
3688 if (volume_info->nullauth) {
3689 cFYI(1, "Anonymous login");
3690 kfree(volume_info->username);
3691 volume_info->username = NULL;
3692 } else if (volume_info->username) {
3693 /* BB fixme parse for domain name here */
3694 cFYI(1, "Username: %s", volume_info->username);
3695 } else {
3696 cifserror("No username specified");
3697 /* In userspace mount helper we can get user name from alternate
3698 locations such as env variables and files on disk */
3699 return -EINVAL;
3700 }
3701
3702 /* this is needed for ASCII cp to Unicode converts */
3703 if (volume_info->iocharset == NULL) {
3704 /* load_nls_default cannot return null */
3705 volume_info->local_nls = load_nls_default();
3706 } else {
3707 volume_info->local_nls = load_nls(volume_info->iocharset);
3708 if (volume_info->local_nls == NULL) {
3709 cERROR(1, "CIFS mount error: iocharset %s not found",
3710 volume_info->iocharset);
3711 return -ELIBACC;
3712 }
3713 }
3714
3715 return rc;
3716}
3717
3718struct smb_vol *
3719cifs_get_volume_info(char *mount_data, const char *devname)
3720{
3721 int rc;
3722 struct smb_vol *volume_info;
3723
3724 volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
3725 if (!volume_info)
3726 return ERR_PTR(-ENOMEM);
3727
3728 rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3729 if (rc) {
3730 cifs_cleanup_volume_info(volume_info);
3731 volume_info = ERR_PTR(rc);
3732 }
3733
3734 return volume_info;
3735}
3736
3737int
3738cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
3739{
3740 int rc;
3741 int xid;
3742 struct cifs_ses *pSesInfo;
3743 struct cifs_tcon *tcon;
3744 struct TCP_Server_Info *srvTcp;
3745 char *full_path;
3746 struct tcon_link *tlink;
3747#ifdef CONFIG_CIFS_DFS_UPCALL
3748 int referral_walks_count = 0;
3749#endif
3750
3751 rc = bdi_setup_and_register(&cifs_sb->bdi, "cifs", BDI_CAP_MAP_COPY);
3752 if (rc)
3753 return rc;
3754
3755#ifdef CONFIG_CIFS_DFS_UPCALL
3756try_mount_again:
3757 /* cleanup activities if we're chasing a referral */
3758 if (referral_walks_count) {
3759 if (tcon)
3760 cifs_put_tcon(tcon);
3761 else if (pSesInfo)
3762 cifs_put_smb_ses(pSesInfo);
3763
3764 FreeXid(xid);
3765 }
3766#endif
3767 rc = 0;
3768 tcon = NULL;
3769 pSesInfo = NULL;
3770 srvTcp = NULL;
3771 full_path = NULL;
3772 tlink = NULL;
3773
3774 xid = GetXid();
3775
3776 /* get a reference to a tcp session */
3777 srvTcp = cifs_get_tcp_session(volume_info);
3778 if (IS_ERR(srvTcp)) {
3779 rc = PTR_ERR(srvTcp);
3780 bdi_destroy(&cifs_sb->bdi);
3781 goto out;
3782 }
3783
3784 /* get a reference to a SMB session */
3785 pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
3786 if (IS_ERR(pSesInfo)) {
3787 rc = PTR_ERR(pSesInfo);
3788 pSesInfo = NULL;
3789 goto mount_fail_check;
3790 }
3791
3792 /* search for existing tcon to this server share */
3793 tcon = cifs_get_tcon(pSesInfo, volume_info);
3794 if (IS_ERR(tcon)) {
3795 rc = PTR_ERR(tcon);
3796 tcon = NULL;
3797 goto remote_path_check;
3798 }
3799
3800 /* tell server which Unix caps we support */
3801 if (tcon->ses->capabilities & CAP_UNIX) {
3802 /* reset of caps checks mount to see if unix extensions
3803 disabled for just this mount */
3804 reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
3805 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3806 (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3807 CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3808 rc = -EACCES;
3809 goto mount_fail_check;
3810 }
3811 } else
3812 tcon->unix_ext = 0; /* server does not support them */
3813
3814 /* do not care if following two calls succeed - informational */
3815 if (!tcon->ipc) {
3816 CIFSSMBQFSDeviceInfo(xid, tcon);
3817 CIFSSMBQFSAttributeInfo(xid, tcon);
3818 }
3819
3820 cifs_sb->wsize = cifs_negotiate_wsize(tcon, volume_info);
3821 cifs_sb->rsize = cifs_negotiate_rsize(tcon, volume_info);
3822
3823 /* tune readahead according to rsize */
3824 cifs_sb->bdi.ra_pages = cifs_sb->rsize / PAGE_CACHE_SIZE;
3825
3826remote_path_check:
3827#ifdef CONFIG_CIFS_DFS_UPCALL
3828 /*
3829 * Perform an unconditional check for whether there are DFS
3830 * referrals for this path without prefix, to provide support
3831 * for DFS referrals from w2k8 servers which don't seem to respond
3832 * with PATH_NOT_COVERED to requests that include the prefix.
3833 * Chase the referral if found, otherwise continue normally.
3834 */
3835 if (referral_walks_count == 0) {
3836 int refrc = expand_dfs_referral(xid, pSesInfo, volume_info,
3837 cifs_sb, false);
3838 if (!refrc) {
3839 referral_walks_count++;
3840 goto try_mount_again;
3841 }
3842 }
3843#endif
3844
3845 /* check if a whole path is not remote */
3846 if (!rc && tcon) {
3847 /* build_path_to_root works only when we have a valid tcon */
3848 full_path = cifs_build_path_to_root(volume_info, cifs_sb, tcon);
3849 if (full_path == NULL) {
3850 rc = -ENOMEM;
3851 goto mount_fail_check;
3852 }
3853 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
3854 if (rc != 0 && rc != -EREMOTE) {
3855 kfree(full_path);
3856 goto mount_fail_check;
3857 }
3858 kfree(full_path);
3859 }
3860
3861 /* get referral if needed */
3862 if (rc == -EREMOTE) {
3863#ifdef CONFIG_CIFS_DFS_UPCALL
3864 if (referral_walks_count > MAX_NESTED_LINKS) {
3865 /*
3866 * BB: when we implement proper loop detection,
3867 * we will remove this check. But now we need it
3868 * to prevent an indefinite loop if 'DFS tree' is
3869 * misconfigured (i.e. has loops).
3870 */
3871 rc = -ELOOP;
3872 goto mount_fail_check;
3873 }
3874
3875 rc = expand_dfs_referral(xid, pSesInfo, volume_info, cifs_sb,
3876 true);
3877
3878 if (!rc) {
3879 referral_walks_count++;
3880 goto try_mount_again;
3881 }
3882 goto mount_fail_check;
3883#else /* No DFS support, return error on mount */
3884 rc = -EOPNOTSUPP;
3885#endif
3886 }
3887
3888 if (rc)
3889 goto mount_fail_check;
3890
3891 /* now, hang the tcon off of the superblock */
3892 tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3893 if (tlink == NULL) {
3894 rc = -ENOMEM;
3895 goto mount_fail_check;
3896 }
3897
3898 tlink->tl_uid = pSesInfo->linux_uid;
3899 tlink->tl_tcon = tcon;
3900 tlink->tl_time = jiffies;
3901 set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
3902 set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3903
3904 cifs_sb->master_tlink = tlink;
3905 spin_lock(&cifs_sb->tlink_tree_lock);
3906 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
3907 spin_unlock(&cifs_sb->tlink_tree_lock);
3908
3909 queue_delayed_work(cifsiod_wq, &cifs_sb->prune_tlinks,
3910 TLINK_IDLE_EXPIRE);
3911
3912mount_fail_check:
3913 /* on error free sesinfo and tcon struct if needed */
3914 if (rc) {
3915 /* If find_unc succeeded then rc == 0 so we can not end */
3916 /* up accidentally freeing someone elses tcon struct */
3917 if (tcon)
3918 cifs_put_tcon(tcon);
3919 else if (pSesInfo)
3920 cifs_put_smb_ses(pSesInfo);
3921 else
3922 cifs_put_tcp_session(srvTcp);
3923 bdi_destroy(&cifs_sb->bdi);
3924 }
3925
3926out:
3927 FreeXid(xid);
3928 return rc;
3929}
3930
3931/*
3932 * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
3933 * pointer may be NULL.
3934 */
3935int
3936CIFSTCon(unsigned int xid, struct cifs_ses *ses,
3937 const char *tree, struct cifs_tcon *tcon,
3938 const struct nls_table *nls_codepage)
3939{
3940 struct smb_hdr *smb_buffer;
3941 struct smb_hdr *smb_buffer_response;
3942 TCONX_REQ *pSMB;
3943 TCONX_RSP *pSMBr;
3944 unsigned char *bcc_ptr;
3945 int rc = 0;
3946 int length;
3947 __u16 bytes_left, count;
3948
3949 if (ses == NULL)
3950 return -EIO;
3951
3952 smb_buffer = cifs_buf_get();
3953 if (smb_buffer == NULL)
3954 return -ENOMEM;
3955
3956 smb_buffer_response = smb_buffer;
3957
3958 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3959 NULL /*no tid */ , 4 /*wct */ );
3960
3961 smb_buffer->Mid = get_next_mid(ses->server);
3962 smb_buffer->Uid = ses->Suid;
3963 pSMB = (TCONX_REQ *) smb_buffer;
3964 pSMBr = (TCONX_RSP *) smb_buffer_response;
3965
3966 pSMB->AndXCommand = 0xFF;
3967 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
3968 bcc_ptr = &pSMB->Password[0];
3969 if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
3970 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
3971 *bcc_ptr = 0; /* password is null byte */
3972 bcc_ptr++; /* skip password */
3973 /* already aligned so no need to do it below */
3974 } else {
3975 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
3976 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3977 specified as required (when that support is added to
3978 the vfs in the future) as only NTLM or the much
3979 weaker LANMAN (which we do not send by default) is accepted
3980 by Samba (not sure whether other servers allow
3981 NTLMv2 password here) */
3982#ifdef CONFIG_CIFS_WEAK_PW_HASH
3983 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
3984 (ses->server->secType == LANMAN))
3985 calc_lanman_hash(tcon->password, ses->server->cryptkey,
3986 ses->server->sec_mode &
3987 SECMODE_PW_ENCRYPT ? true : false,
3988 bcc_ptr);
3989 else
3990#endif /* CIFS_WEAK_PW_HASH */
3991 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
3992 bcc_ptr, nls_codepage);
3993
3994 bcc_ptr += CIFS_AUTH_RESP_SIZE;
3995 if (ses->capabilities & CAP_UNICODE) {
3996 /* must align unicode strings */
3997 *bcc_ptr = 0; /* null byte password */
3998 bcc_ptr++;
3999 }
4000 }
4001
4002 if (ses->server->sec_mode &
4003 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
4004 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
4005
4006 if (ses->capabilities & CAP_STATUS32) {
4007 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
4008 }
4009 if (ses->capabilities & CAP_DFS) {
4010 smb_buffer->Flags2 |= SMBFLG2_DFS;
4011 }
4012 if (ses->capabilities & CAP_UNICODE) {
4013 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
4014 length =
4015 cifs_strtoUTF16((__le16 *) bcc_ptr, tree,
4016 6 /* max utf8 char length in bytes */ *
4017 (/* server len*/ + 256 /* share len */), nls_codepage);
4018 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
4019 bcc_ptr += 2; /* skip trailing null */
4020 } else { /* ASCII */
4021 strcpy(bcc_ptr, tree);
4022 bcc_ptr += strlen(tree) + 1;
4023 }
4024 strcpy(bcc_ptr, "?????");
4025 bcc_ptr += strlen("?????");
4026 bcc_ptr += 1;
4027 count = bcc_ptr - &pSMB->Password[0];
4028 pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
4029 pSMB->hdr.smb_buf_length) + count);
4030 pSMB->ByteCount = cpu_to_le16(count);
4031
4032 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
4033 0);
4034
4035 /* above now done in SendReceive */
4036 if ((rc == 0) && (tcon != NULL)) {
4037 bool is_unicode;
4038
4039 tcon->tidStatus = CifsGood;
4040 tcon->need_reconnect = false;
4041 tcon->tid = smb_buffer_response->Tid;
4042 bcc_ptr = pByteArea(smb_buffer_response);
4043 bytes_left = get_bcc(smb_buffer_response);
4044 length = strnlen(bcc_ptr, bytes_left - 2);
4045 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
4046 is_unicode = true;
4047 else
4048 is_unicode = false;
4049
4050
4051 /* skip service field (NB: this field is always ASCII) */
4052 if (length == 3) {
4053 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
4054 (bcc_ptr[2] == 'C')) {
4055 cFYI(1, "IPC connection");
4056 tcon->ipc = 1;
4057 }
4058 } else if (length == 2) {
4059 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
4060 /* the most common case */
4061 cFYI(1, "disk share connection");
4062 }
4063 }
4064 bcc_ptr += length + 1;
4065 bytes_left -= (length + 1);
4066 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
4067
4068 /* mostly informational -- no need to fail on error here */
4069 kfree(tcon->nativeFileSystem);
4070 tcon->nativeFileSystem = cifs_strndup_from_utf16(bcc_ptr,
4071 bytes_left, is_unicode,
4072 nls_codepage);
4073
4074 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
4075
4076 if ((smb_buffer_response->WordCount == 3) ||
4077 (smb_buffer_response->WordCount == 7))
4078 /* field is in same location */
4079 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
4080 else
4081 tcon->Flags = 0;
4082 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
4083 } else if ((rc == 0) && tcon == NULL) {
4084 /* all we need to save for IPC$ connection */
4085 ses->ipc_tid = smb_buffer_response->Tid;
4086 }
4087
4088 cifs_buf_release(smb_buffer);
4089 return rc;
4090}
4091
4092void
4093cifs_umount(struct cifs_sb_info *cifs_sb)
4094{
4095 struct rb_root *root = &cifs_sb->tlink_tree;
4096 struct rb_node *node;
4097 struct tcon_link *tlink;
4098
4099 cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
4100
4101 spin_lock(&cifs_sb->tlink_tree_lock);
4102 while ((node = rb_first(root))) {
4103 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
4104 cifs_get_tlink(tlink);
4105 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
4106 rb_erase(node, root);
4107
4108 spin_unlock(&cifs_sb->tlink_tree_lock);
4109 cifs_put_tlink(tlink);
4110 spin_lock(&cifs_sb->tlink_tree_lock);
4111 }
4112 spin_unlock(&cifs_sb->tlink_tree_lock);
4113
4114 bdi_destroy(&cifs_sb->bdi);
4115 kfree(cifs_sb->mountdata);
4116 unload_nls(cifs_sb->local_nls);
4117 kfree(cifs_sb);
4118}
4119
4120int cifs_negotiate_protocol(unsigned int xid, struct cifs_ses *ses)
4121{
4122 int rc = 0;
4123 struct TCP_Server_Info *server = ses->server;
4124
4125 /* only send once per connect */
4126 if (server->maxBuf != 0)
4127 return 0;
4128
4129 set_credits(server, 1);
4130 rc = CIFSSMBNegotiate(xid, ses);
4131 if (rc == -EAGAIN) {
4132 /* retry only once on 1st time connection */
4133 set_credits(server, 1);
4134 rc = CIFSSMBNegotiate(xid, ses);
4135 if (rc == -EAGAIN)
4136 rc = -EHOSTDOWN;
4137 }
4138 if (rc == 0) {
4139 spin_lock(&GlobalMid_Lock);
4140 if (server->tcpStatus == CifsNeedNegotiate)
4141 server->tcpStatus = CifsGood;
4142 else
4143 rc = -EHOSTDOWN;
4144 spin_unlock(&GlobalMid_Lock);
4145
4146 }
4147
4148 return rc;
4149}
4150
4151
4152int cifs_setup_session(unsigned int xid, struct cifs_ses *ses,
4153 struct nls_table *nls_info)
4154{
4155 int rc = 0;
4156 struct TCP_Server_Info *server = ses->server;
4157
4158 ses->flags = 0;
4159 ses->capabilities = server->capabilities;
4160 if (linuxExtEnabled == 0)
4161 ses->capabilities &= (~CAP_UNIX);
4162
4163 cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
4164 server->sec_mode, server->capabilities, server->timeAdj);
4165
4166 rc = CIFS_SessSetup(xid, ses, nls_info);
4167 if (rc) {
4168 cERROR(1, "Send error in SessSetup = %d", rc);
4169 } else {
4170 mutex_lock(&ses->server->srv_mutex);
4171 if (!server->session_estab) {
4172 server->session_key.response = ses->auth_key.response;
4173 server->session_key.len = ses->auth_key.len;
4174 server->sequence_number = 0x2;
4175 server->session_estab = true;
4176 ses->auth_key.response = NULL;
4177 }
4178 mutex_unlock(&server->srv_mutex);
4179
4180 cFYI(1, "CIFS Session Established successfully");
4181 spin_lock(&GlobalMid_Lock);
4182 ses->status = CifsGood;
4183 ses->need_reconnect = false;
4184 spin_unlock(&GlobalMid_Lock);
4185 }
4186
4187 kfree(ses->auth_key.response);
4188 ses->auth_key.response = NULL;
4189 ses->auth_key.len = 0;
4190 kfree(ses->ntlmssp);
4191 ses->ntlmssp = NULL;
4192
4193 return rc;
4194}
4195
4196static int
4197cifs_set_vol_auth(struct smb_vol *vol, struct cifs_ses *ses)
4198{
4199 switch (ses->server->secType) {
4200 case Kerberos:
4201 vol->secFlg = CIFSSEC_MUST_KRB5;
4202 return 0;
4203 case NTLMv2:
4204 vol->secFlg = CIFSSEC_MUST_NTLMV2;
4205 break;
4206 case NTLM:
4207 vol->secFlg = CIFSSEC_MUST_NTLM;
4208 break;
4209 case RawNTLMSSP:
4210 vol->secFlg = CIFSSEC_MUST_NTLMSSP;
4211 break;
4212 case LANMAN:
4213 vol->secFlg = CIFSSEC_MUST_LANMAN;
4214 break;
4215 }
4216
4217 return cifs_set_cifscreds(vol, ses);
4218}
4219
4220static struct cifs_tcon *
4221cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
4222{
4223 int rc;
4224 struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
4225 struct cifs_ses *ses;
4226 struct cifs_tcon *tcon = NULL;
4227 struct smb_vol *vol_info;
4228
4229 vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
4230 if (vol_info == NULL)
4231 return ERR_PTR(-ENOMEM);
4232
4233 vol_info->local_nls = cifs_sb->local_nls;
4234 vol_info->linux_uid = fsuid;
4235 vol_info->cred_uid = fsuid;
4236 vol_info->UNC = master_tcon->treeName;
4237 vol_info->retry = master_tcon->retry;
4238 vol_info->nocase = master_tcon->nocase;
4239 vol_info->local_lease = master_tcon->local_lease;
4240 vol_info->no_linux_ext = !master_tcon->unix_ext;
4241
4242 rc = cifs_set_vol_auth(vol_info, master_tcon->ses);
4243 if (rc) {
4244 tcon = ERR_PTR(rc);
4245 goto out;
4246 }
4247
4248 /* get a reference for the same TCP session */
4249 spin_lock(&cifs_tcp_ses_lock);
4250 ++master_tcon->ses->server->srv_count;
4251 spin_unlock(&cifs_tcp_ses_lock);
4252
4253 ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
4254 if (IS_ERR(ses)) {
4255 tcon = (struct cifs_tcon *)ses;
4256 cifs_put_tcp_session(master_tcon->ses->server);
4257 goto out;
4258 }
4259
4260 tcon = cifs_get_tcon(ses, vol_info);
4261 if (IS_ERR(tcon)) {
4262 cifs_put_smb_ses(ses);
4263 goto out;
4264 }
4265
4266 if (ses->capabilities & CAP_UNIX)
4267 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
4268out:
4269 kfree(vol_info->username);
4270 kfree(vol_info->password);
4271 kfree(vol_info);
4272
4273 return tcon;
4274}
4275
4276struct cifs_tcon *
4277cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
4278{
4279 return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
4280}
4281
4282static int
4283cifs_sb_tcon_pending_wait(void *unused)
4284{
4285 schedule();
4286 return signal_pending(current) ? -ERESTARTSYS : 0;
4287}
4288
4289/* find and return a tlink with given uid */
4290static struct tcon_link *
4291tlink_rb_search(struct rb_root *root, uid_t uid)
4292{
4293 struct rb_node *node = root->rb_node;
4294 struct tcon_link *tlink;
4295
4296 while (node) {
4297 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
4298
4299 if (tlink->tl_uid > uid)
4300 node = node->rb_left;
4301 else if (tlink->tl_uid < uid)
4302 node = node->rb_right;
4303 else
4304 return tlink;
4305 }
4306 return NULL;
4307}
4308
4309/* insert a tcon_link into the tree */
4310static void
4311tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
4312{
4313 struct rb_node **new = &(root->rb_node), *parent = NULL;
4314 struct tcon_link *tlink;
4315
4316 while (*new) {
4317 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
4318 parent = *new;
4319
4320 if (tlink->tl_uid > new_tlink->tl_uid)
4321 new = &((*new)->rb_left);
4322 else
4323 new = &((*new)->rb_right);
4324 }
4325
4326 rb_link_node(&new_tlink->tl_rbnode, parent, new);
4327 rb_insert_color(&new_tlink->tl_rbnode, root);
4328}
4329
4330/*
4331 * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
4332 * current task.
4333 *
4334 * If the superblock doesn't refer to a multiuser mount, then just return
4335 * the master tcon for the mount.
4336 *
4337 * First, search the rbtree for an existing tcon for this fsuid. If one
4338 * exists, then check to see if it's pending construction. If it is then wait
4339 * for construction to complete. Once it's no longer pending, check to see if
4340 * it failed and either return an error or retry construction, depending on
4341 * the timeout.
4342 *
4343 * If one doesn't exist then insert a new tcon_link struct into the tree and
4344 * try to construct a new one.
4345 */
4346struct tcon_link *
4347cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
4348{
4349 int ret;
4350 uid_t fsuid = current_fsuid();
4351 struct tcon_link *tlink, *newtlink;
4352
4353 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
4354 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
4355
4356 spin_lock(&cifs_sb->tlink_tree_lock);
4357 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
4358 if (tlink)
4359 cifs_get_tlink(tlink);
4360 spin_unlock(&cifs_sb->tlink_tree_lock);
4361
4362 if (tlink == NULL) {
4363 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
4364 if (newtlink == NULL)
4365 return ERR_PTR(-ENOMEM);
4366 newtlink->tl_uid = fsuid;
4367 newtlink->tl_tcon = ERR_PTR(-EACCES);
4368 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
4369 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
4370 cifs_get_tlink(newtlink);
4371
4372 spin_lock(&cifs_sb->tlink_tree_lock);
4373 /* was one inserted after previous search? */
4374 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
4375 if (tlink) {
4376 cifs_get_tlink(tlink);
4377 spin_unlock(&cifs_sb->tlink_tree_lock);
4378 kfree(newtlink);
4379 goto wait_for_construction;
4380 }
4381 tlink = newtlink;
4382 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
4383 spin_unlock(&cifs_sb->tlink_tree_lock);
4384 } else {
4385wait_for_construction:
4386 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
4387 cifs_sb_tcon_pending_wait,
4388 TASK_INTERRUPTIBLE);
4389 if (ret) {
4390 cifs_put_tlink(tlink);
4391 return ERR_PTR(ret);
4392 }
4393
4394 /* if it's good, return it */
4395 if (!IS_ERR(tlink->tl_tcon))
4396 return tlink;
4397
4398 /* return error if we tried this already recently */
4399 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
4400 cifs_put_tlink(tlink);
4401 return ERR_PTR(-EACCES);
4402 }
4403
4404 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
4405 goto wait_for_construction;
4406 }
4407
4408 tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
4409 clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
4410 wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
4411
4412 if (IS_ERR(tlink->tl_tcon)) {
4413 cifs_put_tlink(tlink);
4414 return ERR_PTR(-EACCES);
4415 }
4416
4417 return tlink;
4418}
4419
4420/*
4421 * periodic workqueue job that scans tcon_tree for a superblock and closes
4422 * out tcons.
4423 */
4424static void
4425cifs_prune_tlinks(struct work_struct *work)
4426{
4427 struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
4428 prune_tlinks.work);
4429 struct rb_root *root = &cifs_sb->tlink_tree;
4430 struct rb_node *node = rb_first(root);
4431 struct rb_node *tmp;
4432 struct tcon_link *tlink;
4433
4434 /*
4435 * Because we drop the spinlock in the loop in order to put the tlink
4436 * it's not guarded against removal of links from the tree. The only
4437 * places that remove entries from the tree are this function and
4438 * umounts. Because this function is non-reentrant and is canceled
4439 * before umount can proceed, this is safe.
4440 */
4441 spin_lock(&cifs_sb->tlink_tree_lock);
4442 node = rb_first(root);
4443 while (node != NULL) {
4444 tmp = node;
4445 node = rb_next(tmp);
4446 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
4447
4448 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
4449 atomic_read(&tlink->tl_count) != 0 ||
4450 time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
4451 continue;
4452
4453 cifs_get_tlink(tlink);
4454 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
4455 rb_erase(tmp, root);
4456
4457 spin_unlock(&cifs_sb->tlink_tree_lock);
4458 cifs_put_tlink(tlink);
4459 spin_lock(&cifs_sb->tlink_tree_lock);
4460 }
4461 spin_unlock(&cifs_sb->tlink_tree_lock);
4462
4463 queue_delayed_work(cifsiod_wq, &cifs_sb->prune_tlinks,
4464 TLINK_IDLE_EXPIRE);
4465}