Loading...
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * Contains the CIFS DFS referral mounting routines used for handling
4 * traversal via DFS junction point
5 *
6 * Copyright (c) 2007 Igor Mammedov
7 * Copyright (C) International Business Machines Corp., 2008
8 * Author(s): Igor Mammedov (niallain@gmail.com)
9 * Steve French (sfrench@us.ibm.com)
10 */
11
12#include <linux/dcache.h>
13#include <linux/mount.h>
14#include <linux/namei.h>
15#include <linux/slab.h>
16#include <linux/vfs.h>
17#include <linux/fs.h>
18#include <linux/inet.h>
19#include "cifsglob.h"
20#include "cifsproto.h"
21#include "cifsfs.h"
22#include "dns_resolve.h"
23#include "cifs_debug.h"
24#include "dfs.h"
25#include "fs_context.h"
26
27static LIST_HEAD(cifs_dfs_automount_list);
28
29static void cifs_dfs_expire_automounts(struct work_struct *work);
30static DECLARE_DELAYED_WORK(cifs_dfs_automount_task,
31 cifs_dfs_expire_automounts);
32static int cifs_dfs_mountpoint_expiry_timeout = 500 * HZ;
33
34static void cifs_dfs_expire_automounts(struct work_struct *work)
35{
36 struct list_head *list = &cifs_dfs_automount_list;
37
38 mark_mounts_for_expiry(list);
39 if (!list_empty(list))
40 schedule_delayed_work(&cifs_dfs_automount_task,
41 cifs_dfs_mountpoint_expiry_timeout);
42}
43
44void cifs_dfs_release_automount_timer(void)
45{
46 BUG_ON(!list_empty(&cifs_dfs_automount_list));
47 cancel_delayed_work_sync(&cifs_dfs_automount_task);
48}
49
50/**
51 * cifs_build_devname - build a devicename from a UNC and optional prepath
52 * @nodename: pointer to UNC string
53 * @prepath: pointer to prefixpath (or NULL if there isn't one)
54 *
55 * Build a new cifs devicename after chasing a DFS referral. Allocate a buffer
56 * big enough to hold the final thing. Copy the UNC from the nodename, and
57 * concatenate the prepath onto the end of it if there is one.
58 *
59 * Returns pointer to the built string, or a ERR_PTR. Caller is responsible
60 * for freeing the returned string.
61 */
62char *
63cifs_build_devname(char *nodename, const char *prepath)
64{
65 size_t pplen;
66 size_t unclen;
67 char *dev;
68 char *pos;
69
70 /* skip over any preceding delimiters */
71 nodename += strspn(nodename, "\\");
72 if (!*nodename)
73 return ERR_PTR(-EINVAL);
74
75 /* get length of UNC and set pos to last char */
76 unclen = strlen(nodename);
77 pos = nodename + unclen - 1;
78
79 /* trim off any trailing delimiters */
80 while (*pos == '\\') {
81 --pos;
82 --unclen;
83 }
84
85 /* allocate a buffer:
86 * +2 for preceding "//"
87 * +1 for delimiter between UNC and prepath
88 * +1 for trailing NULL
89 */
90 pplen = prepath ? strlen(prepath) : 0;
91 dev = kmalloc(2 + unclen + 1 + pplen + 1, GFP_KERNEL);
92 if (!dev)
93 return ERR_PTR(-ENOMEM);
94
95 pos = dev;
96 /* add the initial "//" */
97 *pos = '/';
98 ++pos;
99 *pos = '/';
100 ++pos;
101
102 /* copy in the UNC portion from referral */
103 memcpy(pos, nodename, unclen);
104 pos += unclen;
105
106 /* copy the prefixpath remainder (if there is one) */
107 if (pplen) {
108 *pos = '/';
109 ++pos;
110 memcpy(pos, prepath, pplen);
111 pos += pplen;
112 }
113
114 /* NULL terminator */
115 *pos = '\0';
116
117 convert_delimiter(dev, '/');
118 return dev;
119}
120
121static int set_dest_addr(struct smb3_fs_context *ctx, const char *full_path)
122{
123 struct sockaddr *addr = (struct sockaddr *)&ctx->dstaddr;
124 int rc;
125
126 rc = dns_resolve_server_name_to_ip(full_path, addr, NULL);
127 if (!rc)
128 cifs_set_port(addr, ctx->port);
129 return rc;
130}
131
132/*
133 * Create a vfsmount that we can automount
134 */
135static struct vfsmount *cifs_dfs_do_automount(struct path *path)
136{
137 int rc;
138 struct dentry *mntpt = path->dentry;
139 struct fs_context *fc;
140 struct cifs_sb_info *cifs_sb;
141 void *page = NULL;
142 struct smb3_fs_context *ctx, *cur_ctx;
143 struct smb3_fs_context tmp;
144 char *full_path;
145 struct vfsmount *mnt;
146
147 if (IS_ROOT(mntpt))
148 return ERR_PTR(-ESTALE);
149
150 /*
151 * The MSDFS spec states that paths in DFS referral requests and
152 * responses must be prefixed by a single '\' character instead of
153 * the double backslashes usually used in the UNC. This function
154 * gives us the latter, so we must adjust the result.
155 */
156 cifs_sb = CIFS_SB(mntpt->d_sb);
157 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NO_DFS)
158 return ERR_PTR(-EREMOTE);
159
160 cur_ctx = cifs_sb->ctx;
161
162 fc = fs_context_for_submount(path->mnt->mnt_sb->s_type, mntpt);
163 if (IS_ERR(fc))
164 return ERR_CAST(fc);
165
166 ctx = smb3_fc2context(fc);
167
168 page = alloc_dentry_path();
169 full_path = dfs_get_automount_devname(mntpt, page);
170 if (IS_ERR(full_path)) {
171 mnt = ERR_CAST(full_path);
172 goto out;
173 }
174
175 convert_delimiter(full_path, '/');
176 cifs_dbg(FYI, "%s: full_path: %s\n", __func__, full_path);
177
178 tmp = *cur_ctx;
179 tmp.source = full_path;
180 tmp.leaf_fullpath = NULL;
181 tmp.UNC = tmp.prepath = NULL;
182
183 rc = smb3_fs_context_dup(ctx, &tmp);
184 if (rc) {
185 mnt = ERR_PTR(rc);
186 goto out;
187 }
188
189 rc = set_dest_addr(ctx, full_path);
190 if (rc) {
191 mnt = ERR_PTR(rc);
192 goto out;
193 }
194
195 rc = smb3_parse_devname(full_path, ctx);
196 if (!rc)
197 mnt = fc_mount(fc);
198 else
199 mnt = ERR_PTR(rc);
200
201out:
202 put_fs_context(fc);
203 free_dentry_path(page);
204 return mnt;
205}
206
207/*
208 * Attempt to automount the referral
209 */
210struct vfsmount *cifs_dfs_d_automount(struct path *path)
211{
212 struct vfsmount *newmnt;
213
214 cifs_dbg(FYI, "%s: %pd\n", __func__, path->dentry);
215
216 newmnt = cifs_dfs_do_automount(path);
217 if (IS_ERR(newmnt)) {
218 cifs_dbg(FYI, "leaving %s [automount failed]\n" , __func__);
219 return newmnt;
220 }
221
222 mntget(newmnt); /* prevent immediate expiration */
223 mnt_set_expiry(newmnt, &cifs_dfs_automount_list);
224 schedule_delayed_work(&cifs_dfs_automount_task,
225 cifs_dfs_mountpoint_expiry_timeout);
226 cifs_dbg(FYI, "leaving %s [ok]\n" , __func__);
227 return newmnt;
228}
229
230const struct inode_operations cifs_dfs_referral_inode_operations = {
231};
1/*
2 * Contains the CIFS DFS referral mounting routines used for handling
3 * traversal via DFS junction point
4 *
5 * Copyright (c) 2007 Igor Mammedov
6 * Copyright (C) International Business Machines Corp., 2008
7 * Author(s): Igor Mammedov (niallain@gmail.com)
8 * Steve French (sfrench@us.ibm.com)
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15#include <linux/dcache.h>
16#include <linux/mount.h>
17#include <linux/namei.h>
18#include <linux/slab.h>
19#include <linux/vfs.h>
20#include <linux/fs.h>
21#include "cifsglob.h"
22#include "cifsproto.h"
23#include "cifsfs.h"
24#include "dns_resolve.h"
25#include "cifs_debug.h"
26
27static LIST_HEAD(cifs_dfs_automount_list);
28
29static void cifs_dfs_expire_automounts(struct work_struct *work);
30static DECLARE_DELAYED_WORK(cifs_dfs_automount_task,
31 cifs_dfs_expire_automounts);
32static int cifs_dfs_mountpoint_expiry_timeout = 500 * HZ;
33
34static void cifs_dfs_expire_automounts(struct work_struct *work)
35{
36 struct list_head *list = &cifs_dfs_automount_list;
37
38 mark_mounts_for_expiry(list);
39 if (!list_empty(list))
40 schedule_delayed_work(&cifs_dfs_automount_task,
41 cifs_dfs_mountpoint_expiry_timeout);
42}
43
44void cifs_dfs_release_automount_timer(void)
45{
46 BUG_ON(!list_empty(&cifs_dfs_automount_list));
47 cancel_delayed_work_sync(&cifs_dfs_automount_task);
48}
49
50/**
51 * cifs_get_share_name - extracts share name from UNC
52 * @node_name: pointer to UNC string
53 *
54 * Extracts sharename form full UNC.
55 * i.e. strips from UNC trailing path that is not part of share
56 * name and fixup missing '\' in the beginning of DFS node refferal
57 * if necessary.
58 * Returns pointer to share name on success or ERR_PTR on error.
59 * Caller is responsible for freeing returned string.
60 */
61static char *cifs_get_share_name(const char *node_name)
62{
63 int len;
64 char *UNC;
65 char *pSep;
66
67 len = strlen(node_name);
68 UNC = kmalloc(len+2 /*for term null and additional \ if it's missed */,
69 GFP_KERNEL);
70 if (!UNC)
71 return ERR_PTR(-ENOMEM);
72
73 /* get share name and server name */
74 if (node_name[1] != '\\') {
75 UNC[0] = '\\';
76 strncpy(UNC+1, node_name, len);
77 len++;
78 UNC[len] = 0;
79 } else {
80 strncpy(UNC, node_name, len);
81 UNC[len] = 0;
82 }
83
84 /* find server name end */
85 pSep = memchr(UNC+2, '\\', len-2);
86 if (!pSep) {
87 cERROR(1, "%s: no server name end in node name: %s",
88 __func__, node_name);
89 kfree(UNC);
90 return ERR_PTR(-EINVAL);
91 }
92
93 /* find sharename end */
94 pSep++;
95 pSep = memchr(UNC+(pSep-UNC), '\\', len-(pSep-UNC));
96 if (pSep) {
97 /* trim path up to sharename end
98 * now we have share name in UNC */
99 *pSep = 0;
100 }
101
102 return UNC;
103}
104
105
106/**
107 * cifs_compose_mount_options - creates mount options for refferral
108 * @sb_mountdata: parent/root DFS mount options (template)
109 * @fullpath: full path in UNC format
110 * @ref: server's referral
111 * @devname: pointer for saving device name
112 *
113 * creates mount options for submount based on template options sb_mountdata
114 * and replacing unc,ip,prefixpath options with ones we've got form ref_unc.
115 *
116 * Returns: pointer to new mount options or ERR_PTR.
117 * Caller is responcible for freeing retunrned value if it is not error.
118 */
119char *cifs_compose_mount_options(const char *sb_mountdata,
120 const char *fullpath,
121 const struct dfs_info3_param *ref,
122 char **devname)
123{
124 int rc;
125 char *mountdata = NULL;
126 int md_len;
127 char *tkn_e;
128 char *srvIP = NULL;
129 char sep = ',';
130 int off, noff;
131
132 if (sb_mountdata == NULL)
133 return ERR_PTR(-EINVAL);
134
135 *devname = cifs_get_share_name(ref->node_name);
136 if (IS_ERR(*devname)) {
137 rc = PTR_ERR(*devname);
138 *devname = NULL;
139 goto compose_mount_options_err;
140 }
141
142 rc = dns_resolve_server_name_to_ip(*devname, &srvIP);
143 if (rc < 0) {
144 cFYI(1, "%s: Failed to resolve server part of %s to IP: %d",
145 __func__, *devname, rc);
146 goto compose_mount_options_err;
147 }
148
149 /* md_len = strlen(...) + 12 for 'sep+prefixpath='
150 * assuming that we have 'unc=' and 'ip=' in
151 * the original sb_mountdata
152 */
153 md_len = strlen(sb_mountdata) + rc + strlen(ref->node_name) + 12;
154 mountdata = kzalloc(md_len+1, GFP_KERNEL);
155 if (mountdata == NULL) {
156 rc = -ENOMEM;
157 goto compose_mount_options_err;
158 }
159
160 /* copy all options except of unc,ip,prefixpath */
161 off = 0;
162 if (strncmp(sb_mountdata, "sep=", 4) == 0) {
163 sep = sb_mountdata[4];
164 strncpy(mountdata, sb_mountdata, 5);
165 off += 5;
166 }
167
168 do {
169 tkn_e = strchr(sb_mountdata + off, sep);
170 if (tkn_e == NULL)
171 noff = strlen(sb_mountdata + off);
172 else
173 noff = tkn_e - (sb_mountdata + off) + 1;
174
175 if (strnicmp(sb_mountdata + off, "unc=", 4) == 0) {
176 off += noff;
177 continue;
178 }
179 if (strnicmp(sb_mountdata + off, "ip=", 3) == 0) {
180 off += noff;
181 continue;
182 }
183 if (strnicmp(sb_mountdata + off, "prefixpath=", 11) == 0) {
184 off += noff;
185 continue;
186 }
187 strncat(mountdata, sb_mountdata + off, noff);
188 off += noff;
189 } while (tkn_e);
190 strcat(mountdata, sb_mountdata + off);
191 mountdata[md_len] = '\0';
192
193 /* copy new IP and ref share name */
194 if (mountdata[strlen(mountdata) - 1] != sep)
195 strncat(mountdata, &sep, 1);
196 strcat(mountdata, "ip=");
197 strcat(mountdata, srvIP);
198 strncat(mountdata, &sep, 1);
199 strcat(mountdata, "unc=");
200 strcat(mountdata, *devname);
201
202 /* find & copy prefixpath */
203 tkn_e = strchr(ref->node_name + 2, '\\');
204 if (tkn_e == NULL) {
205 /* invalid unc, missing share name*/
206 rc = -EINVAL;
207 goto compose_mount_options_err;
208 }
209
210 tkn_e = strchr(tkn_e + 1, '\\');
211 if (tkn_e || (strlen(fullpath) - ref->path_consumed)) {
212 strncat(mountdata, &sep, 1);
213 strcat(mountdata, "prefixpath=");
214 if (tkn_e)
215 strcat(mountdata, tkn_e + 1);
216 strcat(mountdata, fullpath + ref->path_consumed);
217 }
218
219 /*cFYI(1, "%s: parent mountdata: %s", __func__,sb_mountdata);*/
220 /*cFYI(1, "%s: submount mountdata: %s", __func__, mountdata );*/
221
222compose_mount_options_out:
223 kfree(srvIP);
224 return mountdata;
225
226compose_mount_options_err:
227 kfree(mountdata);
228 mountdata = ERR_PTR(rc);
229 goto compose_mount_options_out;
230}
231
232/**
233 * cifs_dfs_do_refmount - mounts specified path using provided refferal
234 * @cifs_sb: parent/root superblock
235 * @fullpath: full path in UNC format
236 * @ref: server's referral
237 */
238static struct vfsmount *cifs_dfs_do_refmount(struct cifs_sb_info *cifs_sb,
239 const char *fullpath, const struct dfs_info3_param *ref)
240{
241 struct vfsmount *mnt;
242 char *mountdata;
243 char *devname = NULL;
244
245 /* strip first '\' from fullpath */
246 mountdata = cifs_compose_mount_options(cifs_sb->mountdata,
247 fullpath + 1, ref, &devname);
248
249 if (IS_ERR(mountdata))
250 return (struct vfsmount *)mountdata;
251
252 mnt = vfs_kern_mount(&cifs_fs_type, 0, devname, mountdata);
253 kfree(mountdata);
254 kfree(devname);
255 return mnt;
256
257}
258
259static void dump_referral(const struct dfs_info3_param *ref)
260{
261 cFYI(1, "DFS: ref path: %s", ref->path_name);
262 cFYI(1, "DFS: node path: %s", ref->node_name);
263 cFYI(1, "DFS: fl: %hd, srv_type: %hd", ref->flags, ref->server_type);
264 cFYI(1, "DFS: ref_flags: %hd, path_consumed: %hd", ref->ref_flag,
265 ref->path_consumed);
266}
267
268/*
269 * Create a vfsmount that we can automount
270 */
271static struct vfsmount *cifs_dfs_do_automount(struct dentry *mntpt)
272{
273 struct dfs_info3_param *referrals = NULL;
274 unsigned int num_referrals = 0;
275 struct cifs_sb_info *cifs_sb;
276 struct cifs_ses *ses;
277 char *full_path;
278 int xid, i;
279 int rc;
280 struct vfsmount *mnt;
281 struct tcon_link *tlink;
282
283 cFYI(1, "in %s", __func__);
284 BUG_ON(IS_ROOT(mntpt));
285
286 /*
287 * The MSDFS spec states that paths in DFS referral requests and
288 * responses must be prefixed by a single '\' character instead of
289 * the double backslashes usually used in the UNC. This function
290 * gives us the latter, so we must adjust the result.
291 */
292 mnt = ERR_PTR(-ENOMEM);
293 full_path = build_path_from_dentry(mntpt);
294 if (full_path == NULL)
295 goto cdda_exit;
296
297 cifs_sb = CIFS_SB(mntpt->d_inode->i_sb);
298 tlink = cifs_sb_tlink(cifs_sb);
299 if (IS_ERR(tlink)) {
300 mnt = ERR_CAST(tlink);
301 goto free_full_path;
302 }
303 ses = tlink_tcon(tlink)->ses;
304
305 xid = GetXid();
306 rc = get_dfs_path(xid, ses, full_path + 1, cifs_sb->local_nls,
307 &num_referrals, &referrals,
308 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
309 FreeXid(xid);
310
311 cifs_put_tlink(tlink);
312
313 mnt = ERR_PTR(-ENOENT);
314 for (i = 0; i < num_referrals; i++) {
315 int len;
316 dump_referral(referrals + i);
317 /* connect to a node */
318 len = strlen(referrals[i].node_name);
319 if (len < 2) {
320 cERROR(1, "%s: Net Address path too short: %s",
321 __func__, referrals[i].node_name);
322 mnt = ERR_PTR(-EINVAL);
323 break;
324 }
325 mnt = cifs_dfs_do_refmount(cifs_sb,
326 full_path, referrals + i);
327 cFYI(1, "%s: cifs_dfs_do_refmount:%s , mnt:%p", __func__,
328 referrals[i].node_name, mnt);
329 if (!IS_ERR(mnt))
330 goto success;
331 }
332
333 /* no valid submounts were found; return error from get_dfs_path() by
334 * preference */
335 if (rc != 0)
336 mnt = ERR_PTR(rc);
337
338success:
339 free_dfs_info_array(referrals, num_referrals);
340free_full_path:
341 kfree(full_path);
342cdda_exit:
343 cFYI(1, "leaving %s" , __func__);
344 return mnt;
345}
346
347/*
348 * Attempt to automount the referral
349 */
350struct vfsmount *cifs_dfs_d_automount(struct path *path)
351{
352 struct vfsmount *newmnt;
353
354 cFYI(1, "in %s", __func__);
355
356 newmnt = cifs_dfs_do_automount(path->dentry);
357 if (IS_ERR(newmnt)) {
358 cFYI(1, "leaving %s [automount failed]" , __func__);
359 return newmnt;
360 }
361
362 mntget(newmnt); /* prevent immediate expiration */
363 mnt_set_expiry(newmnt, &cifs_dfs_automount_list);
364 schedule_delayed_work(&cifs_dfs_automount_task,
365 cifs_dfs_mountpoint_expiry_timeout);
366 cFYI(1, "leaving %s [ok]" , __func__);
367 return newmnt;
368}
369
370const struct inode_operations cifs_dfs_referral_inode_operations = {
371};