search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
rapidio/tsi721: switch to dma_zalloc_coherent
[linux-2.6.git] / fs / cifs / connect.c
blobd6a972df033800eb0c00f6116b3c4b6bb309bd87
1 /*
2 * fs/cifs/connect.c
3 *
4 * Copyright (C) International Business Machines Corp., 2002,2009
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/slab.h>
27 #include <linux/pagemap.h>
28 #include <linux/ctype.h>
29 #include <linux/utsname.h>
30 #include <linux/mempool.h>
31 #include <linux/delay.h>
32 #include <linux/completion.h>
33 #include <linux/kthread.h>
34 #include <linux/pagevec.h>
35 #include <linux/freezer.h>
36 #include <linux/namei.h>
37 #include <asm/uaccess.h>
38 #include <asm/processor.h>
39 #include <linux/inet.h>
40 #include <linux/module.h>
41 #include <net/ipv6.h>
42 #include "cifspdu.h"
43 #include "cifsglob.h"
44 #include "cifsproto.h"
45 #include "cifs_unicode.h"
46 #include "cifs_debug.h"
47 #include "cifs_fs_sb.h"
48 #include "ntlmssp.h"
49 #include "nterr.h"
50 #include "rfc1002pdu.h"
51 #include "fscache.h"
52
53 #define CIFS_PORT 445
54 #define RFC1001_PORT 139
55
56 /* SMB echo "timeout" -- FIXME: tunable? */
57 #define SMB_ECHO_INTERVAL (60 * HZ)
58
59 extern mempool_t *cifs_req_poolp;
60
61 /* FIXME: should these be tunable? */
62 #define TLINK_ERROR_EXPIRE (1 * HZ)
63 #define TLINK_IDLE_EXPIRE (600 * HZ)
64
65 static int ip_connect(struct TCP_Server_Info *server);
66 static int generic_ip_connect(struct TCP_Server_Info *server);
67 static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
68 static void cifs_prune_tlinks(struct work_struct *work);
69 static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
70 const char *devname);
71
72 /*
73 * cifs tcp session reconnection
74 *
75 * mark tcp session as reconnecting so temporarily locked
76 * mark all smb sessions as reconnecting for tcp session
77 * reconnect tcp session
78 * wake up waiters on reconnection? - (not needed currently)
79 */
80 static int
81 cifs_reconnect(struct TCP_Server_Info *server)
82 {
83 int rc = 0;
84 struct list_head *tmp, *tmp2;
85 struct cifs_ses *ses;
86 struct cifs_tcon *tcon;
87 struct mid_q_entry *mid_entry;
88 struct list_head retry_list;
89
90 spin_lock(&GlobalMid_Lock);
91 if (server->tcpStatus == CifsExiting) {
92 /* the demux thread will exit normally
93 next time through the loop */
94 spin_unlock(&GlobalMid_Lock);
95 return rc;
96 } else
97 server->tcpStatus = CifsNeedReconnect;
98 spin_unlock(&GlobalMid_Lock);
99 server->maxBuf = 0;
100
101 cFYI(1, "Reconnecting tcp session");
102
103 /* before reconnecting the tcp session, mark the smb session (uid)
104 and the tid bad so they are not used until reconnected */
105 cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
106 spin_lock(&cifs_tcp_ses_lock);
107 list_for_each(tmp, &server->smb_ses_list) {
108 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
109 ses->need_reconnect = true;
110 ses->ipc_tid = 0;
111 list_for_each(tmp2, &ses->tcon_list) {
112 tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
113 tcon->need_reconnect = true;
114 }
115 }
116 spin_unlock(&cifs_tcp_ses_lock);
117
118 /* do not want to be sending data on a socket we are freeing */
119 cFYI(1, "%s: tearing down socket", __func__);
120 mutex_lock(&server->srv_mutex);
121 if (server->ssocket) {
122 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
123 server->ssocket->flags);
124 kernel_sock_shutdown(server->ssocket, SHUT_WR);
125 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
126 server->ssocket->state,
127 server->ssocket->flags);
128 sock_release(server->ssocket);
129 server->ssocket = NULL;
130 }
131 server->sequence_number = 0;
132 server->session_estab = false;
133 kfree(server->session_key.response);
134 server->session_key.response = NULL;
135 server->session_key.len = 0;
136 server->lstrp = jiffies;
137 mutex_unlock(&server->srv_mutex);
138
139 /* mark submitted MIDs for retry and issue callback */
140 INIT_LIST_HEAD(&retry_list);
141 cFYI(1, "%s: moving mids to private list", __func__);
142 spin_lock(&GlobalMid_Lock);
143 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
144 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
145 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
146 mid_entry->midState = MID_RETRY_NEEDED;
147 list_move(&mid_entry->qhead, &retry_list);
148 }
149 spin_unlock(&GlobalMid_Lock);
150
151 cFYI(1, "%s: issuing mid callbacks", __func__);
152 list_for_each_safe(tmp, tmp2, &retry_list) {
153 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
154 list_del_init(&mid_entry->qhead);
155 mid_entry->callback(mid_entry);
156 }
157
158 do {
159 try_to_freeze();
160
161 /* we should try only the port we connected to before */
162 rc = generic_ip_connect(server);
163 if (rc) {
164 cFYI(1, "reconnect error %d", rc);
165 msleep(3000);
166 } else {
167 atomic_inc(&tcpSesReconnectCount);
168 spin_lock(&GlobalMid_Lock);
169 if (server->tcpStatus != CifsExiting)
170 server->tcpStatus = CifsNeedNegotiate;
171 spin_unlock(&GlobalMid_Lock);
172 }
173 } while (server->tcpStatus == CifsNeedReconnect);
174
175 return rc;
176 }
177
178 /*
179 return codes:
180 0 not a transact2, or all data present
181 >0 transact2 with that much data missing
182 -EINVAL = invalid transact2
183
184 */
185 static int check2ndT2(struct smb_hdr *pSMB)
186 {
187 struct smb_t2_rsp *pSMBt;
188 int remaining;
189 __u16 total_data_size, data_in_this_rsp;
190
191 if (pSMB->Command != SMB_COM_TRANSACTION2)
192 return 0;
193
194 /* check for plausible wct, bcc and t2 data and parm sizes */
195 /* check for parm and data offset going beyond end of smb */
196 if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
197 cFYI(1, "invalid transact2 word count");
198 return -EINVAL;
199 }
200
201 pSMBt = (struct smb_t2_rsp *)pSMB;
202
203 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
204 data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
205
206 if (total_data_size == data_in_this_rsp)
207 return 0;
208 else if (total_data_size < data_in_this_rsp) {
209 cFYI(1, "total data %d smaller than data in frame %d",
210 total_data_size, data_in_this_rsp);
211 return -EINVAL;
212 }
213
214 remaining = total_data_size - data_in_this_rsp;
215
216 cFYI(1, "missing %d bytes from transact2, check next response",
217 remaining);
218 if (total_data_size > CIFSMaxBufSize) {
219 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
220 total_data_size, CIFSMaxBufSize);
221 return -EINVAL;
222 }
223 return remaining;
224 }
225
226 static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
227 {
228 struct smb_t2_rsp *pSMB2 = (struct smb_t2_rsp *)psecond;
229 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
230 char *data_area_of_target;
231 char *data_area_of_buf2;
232 int remaining;
233 unsigned int byte_count, total_in_buf;
234 __u16 total_data_size, total_in_buf2;
235
236 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
237
238 if (total_data_size !=
239 get_unaligned_le16(&pSMB2->t2_rsp.TotalDataCount))
240 cFYI(1, "total data size of primary and secondary t2 differ");
241
242 total_in_buf = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
243
244 remaining = total_data_size - total_in_buf;
245
246 if (remaining < 0)
247 return -EPROTO;
248
249 if (remaining == 0) /* nothing to do, ignore */
250 return 0;
251
252 total_in_buf2 = get_unaligned_le16(&pSMB2->t2_rsp.DataCount);
253 if (remaining < total_in_buf2) {
254 cFYI(1, "transact2 2nd response contains too much data");
255 }
256
257 /* find end of first SMB data area */
258 data_area_of_target = (char *)&pSMBt->hdr.Protocol +
259 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
260 /* validate target area */
261
262 data_area_of_buf2 = (char *)&pSMB2->hdr.Protocol +
263 get_unaligned_le16(&pSMB2->t2_rsp.DataOffset);
264
265 data_area_of_target += total_in_buf;
266
267 /* copy second buffer into end of first buffer */
268 total_in_buf += total_in_buf2;
269 /* is the result too big for the field? */
270 if (total_in_buf > USHRT_MAX)
271 return -EPROTO;
272 put_unaligned_le16(total_in_buf, &pSMBt->t2_rsp.DataCount);
273
274 /* fix up the BCC */
275 byte_count = get_bcc(pTargetSMB);
276 byte_count += total_in_buf2;
277 /* is the result too big for the field? */
278 if (byte_count > USHRT_MAX)
279 return -EPROTO;
280 put_bcc(byte_count, pTargetSMB);
281
282 byte_count = be32_to_cpu(pTargetSMB->smb_buf_length);
283 byte_count += total_in_buf2;
284 /* don't allow buffer to overflow */
285 if (byte_count > CIFSMaxBufSize)
286 return -ENOBUFS;
287 pTargetSMB->smb_buf_length = cpu_to_be32(byte_count);
288
289 memcpy(data_area_of_target, data_area_of_buf2, total_in_buf2);
290
291 if (remaining == total_in_buf2) {
292 cFYI(1, "found the last secondary response");
293 return 0; /* we are done */
294 } else /* more responses to go */
295 return 1;
296 }
297
298 static void
299 cifs_echo_request(struct work_struct *work)
300 {
301 int rc;
302 struct TCP_Server_Info *server = container_of(work,
303 struct TCP_Server_Info, echo.work);
304
305 /*
306 * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
307 * done, which is indicated by maxBuf != 0. Also, no need to ping if
308 * we got a response recently
309 */
310 if (server->maxBuf == 0 ||
311 time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
312 goto requeue_echo;
313
314 rc = CIFSSMBEcho(server);
315 if (rc)
316 cFYI(1, "Unable to send echo request to server: %s",
317 server->hostname);
318
319 requeue_echo:
320 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
321 }
322
323 static bool
324 allocate_buffers(struct TCP_Server_Info *server)
325 {
326 if (!server->bigbuf) {
327 server->bigbuf = (char *)cifs_buf_get();
328 if (!server->bigbuf) {
329 cERROR(1, "No memory for large SMB response");
330 msleep(3000);
331 /* retry will check if exiting */
332 return false;
333 }
334 } else if (server->large_buf) {
335 /* we are reusing a dirty large buf, clear its start */
336 memset(server->bigbuf, 0, sizeof(struct smb_hdr));
337 }
338
339 if (!server->smallbuf) {
340 server->smallbuf = (char *)cifs_small_buf_get();
341 if (!server->smallbuf) {
342 cERROR(1, "No memory for SMB response");
343 msleep(1000);
344 /* retry will check if exiting */
345 return false;
346 }
347 /* beginning of smb buffer is cleared in our buf_get */
348 } else {
349 /* if existing small buf clear beginning */
350 memset(server->smallbuf, 0, sizeof(struct smb_hdr));
351 }
352
353 return true;
354 }
355
356 static bool
357 server_unresponsive(struct TCP_Server_Info *server)
358 {
359 if (echo_retries > 0 && server->tcpStatus == CifsGood &&
360 time_after(jiffies, server->lstrp +
361 (echo_retries * SMB_ECHO_INTERVAL))) {
362 cERROR(1, "Server %s has not responded in %d seconds. "
363 "Reconnecting...", server->hostname,
364 (echo_retries * SMB_ECHO_INTERVAL / HZ));
365 cifs_reconnect(server);
366 wake_up(&server->response_q);
367 return true;
368 }
369
370 return false;
371 }
372
373 /*
374 * kvec_array_init - clone a kvec array, and advance into it
375 * @new: pointer to memory for cloned array
376 * @iov: pointer to original array
377 * @nr_segs: number of members in original array
378 * @bytes: number of bytes to advance into the cloned array
379 *
380 * This function will copy the array provided in iov to a section of memory
381 * and advance the specified number of bytes into the new array. It returns
382 * the number of segments in the new array. "new" must be at least as big as
383 * the original iov array.
384 */
385 static unsigned int
386 kvec_array_init(struct kvec *new, struct kvec *iov, unsigned int nr_segs,
387 size_t bytes)
388 {
389 size_t base = 0;
390
391 while (bytes || !iov->iov_len) {
392 int copy = min(bytes, iov->iov_len);
393
394 bytes -= copy;
395 base += copy;
396 if (iov->iov_len == base) {
397 iov++;
398 nr_segs--;
399 base = 0;
400 }
401 }
402 memcpy(new, iov, sizeof(*iov) * nr_segs);
403 new->iov_base += base;
404 new->iov_len -= base;
405 return nr_segs;
406 }
407
408 static struct kvec *
409 get_server_iovec(struct TCP_Server_Info *server, unsigned int nr_segs)
410 {
411 struct kvec *new_iov;
412
413 if (server->iov && nr_segs <= server->nr_iov)
414 return server->iov;
415
416 /* not big enough -- allocate a new one and release the old */
417 new_iov = kmalloc(sizeof(*new_iov) * nr_segs, GFP_NOFS);
418 if (new_iov) {
419 kfree(server->iov);
420 server->iov = new_iov;
421 server->nr_iov = nr_segs;
422 }
423 return new_iov;
424 }
425
426 int
427 cifs_readv_from_socket(struct TCP_Server_Info *server, struct kvec *iov_orig,
428 unsigned int nr_segs, unsigned int to_read)
429 {
430 int length = 0;
431 int total_read;
432 unsigned int segs;
433 struct msghdr smb_msg;
434 struct kvec *iov;
435
436 iov = get_server_iovec(server, nr_segs);
437 if (!iov)
438 return -ENOMEM;
439
440 smb_msg.msg_control = NULL;
441 smb_msg.msg_controllen = 0;
442
443 for (total_read = 0; to_read; total_read += length, to_read -= length) {
444 if (server_unresponsive(server)) {
445 total_read = -EAGAIN;
446 break;
447 }
448
449 segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
450
451 length = kernel_recvmsg(server->ssocket, &smb_msg,
452 iov, segs, to_read, 0);
453
454 if (server->tcpStatus == CifsExiting) {
455 total_read = -ESHUTDOWN;
456 break;
457 } else if (server->tcpStatus == CifsNeedReconnect) {
458 cifs_reconnect(server);
459 total_read = -EAGAIN;
460 break;
461 } else if (length == -ERESTARTSYS ||
462 length == -EAGAIN ||
463 length == -EINTR) {
464 /*
465 * Minimum sleep to prevent looping, allowing socket
466 * to clear and app threads to set tcpStatus
467 * CifsNeedReconnect if server hung.
468 */
469 usleep_range(1000, 2000);
470 length = 0;
471 continue;
472 } else if (length <= 0) {
473 cFYI(1, "Received no data or error: expecting %d "
474 "got %d", to_read, length);
475 cifs_reconnect(server);
476 total_read = -EAGAIN;
477 break;
478 }
479 }
480 return total_read;
481 }
482
483 int
484 cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
485 unsigned int to_read)
486 {
487 struct kvec iov;
488
489 iov.iov_base = buf;
490 iov.iov_len = to_read;
491
492 return cifs_readv_from_socket(server, &iov, 1, to_read);
493 }
494
495 static bool
496 is_smb_response(struct TCP_Server_Info *server, unsigned char type)
497 {
498 /*
499 * The first byte big endian of the length field,
500 * is actually not part of the length but the type
501 * with the most common, zero, as regular data.
502 */
503 switch (type) {
504 case RFC1002_SESSION_MESSAGE:
505 /* Regular SMB response */
506 return true;
507 case RFC1002_SESSION_KEEP_ALIVE:
508 cFYI(1, "RFC 1002 session keep alive");
509 break;
510 case RFC1002_POSITIVE_SESSION_RESPONSE:
511 cFYI(1, "RFC 1002 positive session response");
512 break;
513 case RFC1002_NEGATIVE_SESSION_RESPONSE:
514 /*
515 * We get this from Windows 98 instead of an error on
516 * SMB negprot response.
517 */
518 cFYI(1, "RFC 1002 negative session response");
519 /* give server a second to clean up */
520 msleep(1000);
521 /*
522 * Always try 445 first on reconnect since we get NACK
523 * on some if we ever connected to port 139 (the NACK
524 * is since we do not begin with RFC1001 session
525 * initialize frame).
526 */
527 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
528 cifs_reconnect(server);
529 wake_up(&server->response_q);
530 break;
531 default:
532 cERROR(1, "RFC 1002 unknown response type 0x%x", type);
533 cifs_reconnect(server);
534 }
535
536 return false;
537 }
538
539 static struct mid_q_entry *
540 find_mid(struct TCP_Server_Info *server, struct smb_hdr *buf)
541 {
542 struct mid_q_entry *mid;
543
544 spin_lock(&GlobalMid_Lock);
545 list_for_each_entry(mid, &server->pending_mid_q, qhead) {
546 if (mid->mid == buf->Mid &&
547 mid->midState == MID_REQUEST_SUBMITTED &&
548 mid->command == buf->Command) {
549 spin_unlock(&GlobalMid_Lock);
550 return mid;
551 }
552 }
553 spin_unlock(&GlobalMid_Lock);
554 return NULL;
555 }
556
557 void
558 dequeue_mid(struct mid_q_entry *mid, bool malformed)
559 {
560 #ifdef CONFIG_CIFS_STATS2
561 mid->when_received = jiffies;
562 #endif
563 spin_lock(&GlobalMid_Lock);
564 if (!malformed)
565 mid->midState = MID_RESPONSE_RECEIVED;
566 else
567 mid->midState = MID_RESPONSE_MALFORMED;
568 list_del_init(&mid->qhead);
569 spin_unlock(&GlobalMid_Lock);
570 }
571
572 static void
573 handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
574 struct smb_hdr *buf, int malformed)
575 {
576 if (malformed == 0 && check2ndT2(buf) > 0) {
577 mid->multiRsp = true;
578 if (mid->resp_buf) {
579 /* merge response - fix up 1st*/
580 malformed = coalesce_t2(buf, mid->resp_buf);
581 if (malformed > 0)
582 return;
583
584 /* All parts received or packet is malformed. */
585 mid->multiEnd = true;
586 return dequeue_mid(mid, malformed);
587 }
588 if (!server->large_buf) {
589 /*FIXME: switch to already allocated largebuf?*/
590 cERROR(1, "1st trans2 resp needs bigbuf");
591 } else {
592 /* Have first buffer */
593 mid->resp_buf = buf;
594 mid->largeBuf = true;
595 server->bigbuf = NULL;
596 }
597 return;
598 }
599 mid->resp_buf = buf;
600 mid->largeBuf = server->large_buf;
601 /* Was previous buf put in mpx struct for multi-rsp? */
602 if (!mid->multiRsp) {
603 /* smb buffer will be freed by user thread */
604 if (server->large_buf)
605 server->bigbuf = NULL;
606 else
607 server->smallbuf = NULL;
608 }
609 dequeue_mid(mid, malformed);
610 }
611
612 static void clean_demultiplex_info(struct TCP_Server_Info *server)
613 {
614 int length;
615
616 /* take it off the list, if it's not already */
617 spin_lock(&cifs_tcp_ses_lock);
618 list_del_init(&server->tcp_ses_list);
619 spin_unlock(&cifs_tcp_ses_lock);
620
621 spin_lock(&GlobalMid_Lock);
622 server->tcpStatus = CifsExiting;
623 spin_unlock(&GlobalMid_Lock);
624 wake_up_all(&server->response_q);
625
626 /*
627 * Check if we have blocked requests that need to free. Note that
628 * cifs_max_pending is normally 50, but can be set at module install
629 * time to as little as two.
630 */
631 spin_lock(&GlobalMid_Lock);
632 if (atomic_read(&server->inFlight) >= cifs_max_pending)
633 atomic_set(&server->inFlight, cifs_max_pending - 1);
634 /*
635 * We do not want to set the max_pending too low or we could end up
636 * with the counter going negative.
637 */
638 spin_unlock(&GlobalMid_Lock);
639 /*
640 * Although there should not be any requests blocked on this queue it
641 * can not hurt to be paranoid and try to wake up requests that may
642 * haven been blocked when more than 50 at time were on the wire to the
643 * same server - they now will see the session is in exit state and get
644 * out of SendReceive.
645 */
646 wake_up_all(&server->request_q);
647 /* give those requests time to exit */
648 msleep(125);
649
650 if (server->ssocket) {
651 sock_release(server->ssocket);
652 server->ssocket = NULL;
653 }
654
655 if (!list_empty(&server->pending_mid_q)) {
656 struct list_head dispose_list;
657 struct mid_q_entry *mid_entry;
658 struct list_head *tmp, *tmp2;
659
660 INIT_LIST_HEAD(&dispose_list);
661 spin_lock(&GlobalMid_Lock);
662 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
663 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
664 cFYI(1, "Clearing mid 0x%x", mid_entry->mid);
665 mid_entry->midState = MID_SHUTDOWN;
666 list_move(&mid_entry->qhead, &dispose_list);
667 }
668 spin_unlock(&GlobalMid_Lock);
669
670 /* now walk dispose list and issue callbacks */
671 list_for_each_safe(tmp, tmp2, &dispose_list) {
672 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
673 cFYI(1, "Callback mid 0x%x", mid_entry->mid);
674 list_del_init(&mid_entry->qhead);
675 mid_entry->callback(mid_entry);
676 }
677 /* 1/8th of sec is more than enough time for them to exit */
678 msleep(125);
679 }
680
681 if (!list_empty(&server->pending_mid_q)) {
682 /*
683 * mpx threads have not exited yet give them at least the smb
684 * send timeout time for long ops.
685 *
686 * Due to delays on oplock break requests, we need to wait at
687 * least 45 seconds before giving up on a request getting a
688 * response and going ahead and killing cifsd.
689 */
690 cFYI(1, "Wait for exit from demultiplex thread");
691 msleep(46000);
692 /*
693 * If threads still have not exited they are probably never
694 * coming home not much else we can do but free the memory.
695 */
696 }
697
698 kfree(server->hostname);
699 kfree(server->iov);
700 kfree(server);
701
702 length = atomic_dec_return(&tcpSesAllocCount);
703 if (length > 0)
704 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
705 GFP_KERNEL);
706 }
707
708 static int
709 standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
710 {
711 int length;
712 char *buf = server->smallbuf;
713 struct smb_hdr *smb_buffer = (struct smb_hdr *)buf;
714 unsigned int pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
715
716 /* make sure this will fit in a large buffer */
717 if (pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
718 cERROR(1, "SMB response too long (%u bytes)",
719 pdu_length);
720 cifs_reconnect(server);
721 wake_up(&server->response_q);
722 return -EAGAIN;
723 }
724
725 /* switch to large buffer if too big for a small one */
726 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
727 server->large_buf = true;
728 memcpy(server->bigbuf, server->smallbuf, server->total_read);
729 buf = server->bigbuf;
730 smb_buffer = (struct smb_hdr *)buf;
731 }
732
733 /* now read the rest */
734 length = cifs_read_from_socket(server,
735 buf + sizeof(struct smb_hdr) - 1,
736 pdu_length - sizeof(struct smb_hdr) + 1 + 4);
737 if (length < 0)
738 return length;
739 server->total_read += length;
740
741 dump_smb(smb_buffer, server->total_read);
742
743 /*
744 * We know that we received enough to get to the MID as we
745 * checked the pdu_length earlier. Now check to see
746 * if the rest of the header is OK. We borrow the length
747 * var for the rest of the loop to avoid a new stack var.
748 *
749 * 48 bytes is enough to display the header and a little bit
750 * into the payload for debugging purposes.
751 */
752 length = checkSMB(smb_buffer, smb_buffer->Mid, server->total_read);
753 if (length != 0)
754 cifs_dump_mem("Bad SMB: ", buf,
755 min_t(unsigned int, server->total_read, 48));
756
757 if (mid)
758 handle_mid(mid, server, smb_buffer, length);
759
760 return length;
761 }
762
763 static int
764 cifs_demultiplex_thread(void *p)
765 {
766 int length;
767 struct TCP_Server_Info *server = p;
768 unsigned int pdu_length;
769 char *buf = NULL;
770 struct smb_hdr *smb_buffer = NULL;
771 struct task_struct *task_to_wake = NULL;
772 struct mid_q_entry *mid_entry;
773
774 current->flags |= PF_MEMALLOC;
775 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
776
777 length = atomic_inc_return(&tcpSesAllocCount);
778 if (length > 1)
779 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
780 GFP_KERNEL);
781
782 set_freezable();
783 while (server->tcpStatus != CifsExiting) {
784 if (try_to_freeze())
785 continue;
786
787 if (!allocate_buffers(server))
788 continue;
789
790 server->large_buf = false;
791 smb_buffer = (struct smb_hdr *)server->smallbuf;
792 buf = server->smallbuf;
793 pdu_length = 4; /* enough to get RFC1001 header */
794
795 length = cifs_read_from_socket(server, buf, pdu_length);
796 if (length < 0)
797 continue;
798 server->total_read = length;
799
800 /*
801 * The right amount was read from socket - 4 bytes,
802 * so we can now interpret the length field.
803 */
804 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
805
806 cFYI(1, "RFC1002 header 0x%x", pdu_length);
807 if (!is_smb_response(server, buf[0]))
808 continue;
809
810 /* make sure we have enough to get to the MID */
811 if (pdu_length < sizeof(struct smb_hdr) - 1 - 4) {
812 cERROR(1, "SMB response too short (%u bytes)",
813 pdu_length);
814 cifs_reconnect(server);
815 wake_up(&server->response_q);
816 continue;
817 }
818
819 /* read down to the MID */
820 length = cifs_read_from_socket(server, buf + 4,
821 sizeof(struct smb_hdr) - 1 - 4);
822 if (length < 0)
823 continue;
824 server->total_read += length;
825
826 mid_entry = find_mid(server, smb_buffer);
827
828 if (!mid_entry || !mid_entry->receive)
829 length = standard_receive3(server, mid_entry);
830 else
831 length = mid_entry->receive(server, mid_entry);
832
833 if (length < 0)
834 continue;
835
836 if (server->large_buf) {
837 buf = server->bigbuf;
838 smb_buffer = (struct smb_hdr *)buf;
839 }
840
841 server->lstrp = jiffies;
842 if (mid_entry != NULL) {
843 if (!mid_entry->multiRsp || mid_entry->multiEnd)
844 mid_entry->callback(mid_entry);
845 } else if (!is_valid_oplock_break(smb_buffer, server)) {
846 cERROR(1, "No task to wake, unknown frame received! "
847 "NumMids %d", atomic_read(&midCount));
848 cifs_dump_mem("Received Data is: ", buf,
849 sizeof(struct smb_hdr));
850 #ifdef CONFIG_CIFS_DEBUG2
851 cifs_dump_detail(smb_buffer);
852 cifs_dump_mids(server);
853 #endif /* CIFS_DEBUG2 */
854
855 }
856 } /* end while !EXITING */
857
858 /* buffer usually freed in free_mid - need to free it here on exit */
859 cifs_buf_release(server->bigbuf);
860 if (server->smallbuf) /* no sense logging a debug message if NULL */
861 cifs_small_buf_release(server->smallbuf);
862
863 task_to_wake = xchg(&server->tsk, NULL);
864 clean_demultiplex_info(server);
865
866 /* if server->tsk was NULL then wait for a signal before exiting */
867 if (!task_to_wake) {
868 set_current_state(TASK_INTERRUPTIBLE);
869 while (!signal_pending(current)) {
870 schedule();
871 set_current_state(TASK_INTERRUPTIBLE);
872 }
873 set_current_state(TASK_RUNNING);
874 }
875
876 module_put_and_exit(0);
877 }
878
879 /* extract the host portion of the UNC string */
880 static char *
881 extract_hostname(const char *unc)
882 {
883 const char *src;
884 char *dst, *delim;
885 unsigned int len;
886
887 /* skip double chars at beginning of string */
888 /* BB: check validity of these bytes? */
889 src = unc + 2;
890
891 /* delimiter between hostname and sharename is always '\\' now */
892 delim = strchr(src, '\\');
893 if (!delim)
894 return ERR_PTR(-EINVAL);
895
896 len = delim - src;
897 dst = kmalloc((len + 1), GFP_KERNEL);
898 if (dst == NULL)
899 return ERR_PTR(-ENOMEM);
900
901 memcpy(dst, src, len);
902 dst[len] = '\0';
903
904 return dst;
905 }
906
907 static int
908 cifs_parse_mount_options(const char *mountdata, const char *devname,
909 struct smb_vol *vol)
910 {
911 char *value, *data, *end;
912 char *mountdata_copy = NULL, *options;
913 int err;
914 unsigned int temp_len, i, j;
915 char separator[2];
916 short int override_uid = -1;
917 short int override_gid = -1;
918 bool uid_specified = false;
919 bool gid_specified = false;
920 char *nodename = utsname()->nodename;
921
922 separator[0] = ',';
923 separator[1] = 0;
924
925 /*
926 * does not have to be perfect mapping since field is
927 * informational, only used for servers that do not support
928 * port 445 and it can be overridden at mount time
929 */
930 memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
931 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
932 vol->source_rfc1001_name[i] = toupper(nodename[i]);
933
934 vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
935 /* null target name indicates to use *SMBSERVR default called name
936 if we end up sending RFC1001 session initialize */
937 vol->target_rfc1001_name[0] = 0;
938 vol->cred_uid = current_uid();
939 vol->linux_uid = current_uid();
940 vol->linux_gid = current_gid();
941
942 /* default to only allowing write access to owner of the mount */
943 vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
944
945 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
946 /* default is always to request posix paths. */
947 vol->posix_paths = 1;
948 /* default to using server inode numbers where available */
949 vol->server_ino = 1;
950
951 vol->actimeo = CIFS_DEF_ACTIMEO;
952
953 if (!mountdata)
954 goto cifs_parse_mount_err;
955
956 mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
957 if (!mountdata_copy)
958 goto cifs_parse_mount_err;
959
960 options = mountdata_copy;
961 end = options + strlen(options);
962 if (strncmp(options, "sep=", 4) == 0) {
963 if (options[4] != 0) {
964 separator[0] = options[4];
965 options += 5;
966 } else {
967 cFYI(1, "Null separator not allowed");
968 }
969 }
970 vol->backupuid_specified = false; /* no backup intent for a user */
971 vol->backupgid_specified = false; /* no backup intent for a group */
972
973 while ((data = strsep(&options, separator)) != NULL) {
974 if (!*data)
975 continue;
976 if ((value = strchr(data, '=')) != NULL)
977 *value++ = '\0';
978
979 /* Have to parse this before we parse for "user" */
980 if (strnicmp(data, "user_xattr", 10) == 0) {
981 vol->no_xattr = 0;
982 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
983 vol->no_xattr = 1;
984 } else if (strnicmp(data, "user", 4) == 0) {
985 if (!value) {
986 printk(KERN_WARNING
987 "CIFS: invalid or missing username\n");
988 goto cifs_parse_mount_err;
989 } else if (!*value) {
990 /* null user, ie anonymous, authentication */
991 vol->nullauth = 1;
992 }
993 if (strnlen(value, MAX_USERNAME_SIZE) <
994 MAX_USERNAME_SIZE) {
995 vol->username = kstrdup(value, GFP_KERNEL);
996 if (!vol->username) {
997 printk(KERN_WARNING "CIFS: no memory "
998 "for username\n");
999 goto cifs_parse_mount_err;
1000 }
1001 } else {
1002 printk(KERN_WARNING "CIFS: username too long\n");
1003 goto cifs_parse_mount_err;
1004 }
1005 } else if (strnicmp(data, "pass", 4) == 0) {
1006 if (!value) {
1007 vol->password = NULL;
1008 continue;
1009 } else if (value[0] == 0) {
1010 /* check if string begins with double comma
1011 since that would mean the password really
1012 does start with a comma, and would not
1013 indicate an empty string */
1014 if (value[1] != separator[0]) {
1015 vol->password = NULL;
1016 continue;
1017 }
1018 }
1019 temp_len = strlen(value);
1020 /* removed password length check, NTLM passwords
1021 can be arbitrarily long */
1022
1023 /* if comma in password, the string will be
1024 prematurely null terminated. Commas in password are
1025 specified across the cifs mount interface by a double
1026 comma ie ,, and a comma used as in other cases ie ','
1027 as a parameter delimiter/separator is single and due
1028 to the strsep above is temporarily zeroed. */
1029
1030 /* NB: password legally can have multiple commas and
1031 the only illegal character in a password is null */
1032
1033 if ((value[temp_len] == 0) &&
1034 (value + temp_len < end) &&
1035 (value[temp_len+1] == separator[0])) {
1036 /* reinsert comma */
1037 value[temp_len] = separator[0];
1038 temp_len += 2; /* move after second comma */
1039 while (value[temp_len] != 0) {
1040 if (value[temp_len] == separator[0]) {
1041 if (value[temp_len+1] ==
1042 separator[0]) {
1043 /* skip second comma */
1044 temp_len++;
1045 } else {
1046 /* single comma indicating start
1047 of next parm */
1048 break;
1049 }
1050 }
1051 temp_len++;
1052 }
1053 if (value[temp_len] == 0) {
1054 options = NULL;
1055 } else {
1056 value[temp_len] = 0;
1057 /* point option to start of next parm */
1058 options = value + temp_len + 1;
1059 }
1060 /* go from value to value + temp_len condensing
1061 double commas to singles. Note that this ends up
1062 allocating a few bytes too many, which is ok */
1063 vol->password = kzalloc(temp_len, GFP_KERNEL);
1064 if (vol->password == NULL) {
1065 printk(KERN_WARNING "CIFS: no memory "
1066 "for password\n");
1067 goto cifs_parse_mount_err;
1068 }
1069 for (i = 0, j = 0; i < temp_len; i++, j++) {
1070 vol->password[j] = value[i];
1071 if (value[i] == separator[0]
1072 && value[i+1] == separator[0]) {
1073 /* skip second comma */
1074 i++;
1075 }
1076 }
1077 vol->password[j] = 0;
1078 } else {
1079 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
1080 if (vol->password == NULL) {
1081 printk(KERN_WARNING "CIFS: no memory "
1082 "for password\n");
1083 goto cifs_parse_mount_err;
1084 }
1085 strcpy(vol->password, value);
1086 }
1087 } else if (!strnicmp(data, "ip", 2) ||
1088 !strnicmp(data, "addr", 4)) {
1089 if (!value || !*value) {
1090 vol->UNCip = NULL;
1091 } else if (strnlen(value, INET6_ADDRSTRLEN) <
1092 INET6_ADDRSTRLEN) {
1093 vol->UNCip = kstrdup(value, GFP_KERNEL);
1094 if (!vol->UNCip) {
1095 printk(KERN_WARNING "CIFS: no memory "
1096 "for UNC IP\n");
1097 goto cifs_parse_mount_err;
1098 }
1099 } else {
1100 printk(KERN_WARNING "CIFS: ip address "
1101 "too long\n");
1102 goto cifs_parse_mount_err;
1103 }
1104 } else if (strnicmp(data, "sec", 3) == 0) {
1105 if (!value || !*value) {
1106 cERROR(1, "no security value specified");
1107 continue;
1108 } else if (strnicmp(value, "krb5i", 5) == 0) {
1109 vol->secFlg |= CIFSSEC_MAY_KRB5 |
1110 CIFSSEC_MUST_SIGN;
1111 } else if (strnicmp(value, "krb5p", 5) == 0) {
1112 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
1113 CIFSSEC_MAY_KRB5; */
1114 cERROR(1, "Krb5 cifs privacy not supported");
1115 goto cifs_parse_mount_err;
1116 } else if (strnicmp(value, "krb5", 4) == 0) {
1117 vol->secFlg |= CIFSSEC_MAY_KRB5;
1118 } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
1119 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
1120 CIFSSEC_MUST_SIGN;
1121 } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1122 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
1123 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
1124 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
1125 CIFSSEC_MUST_SIGN;
1126 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
1127 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1128 } else if (strnicmp(value, "ntlmi", 5) == 0) {
1129 vol->secFlg |= CIFSSEC_MAY_NTLM |
1130 CIFSSEC_MUST_SIGN;
1131 } else if (strnicmp(value, "ntlm", 4) == 0) {
1132 /* ntlm is default so can be turned off too */
1133 vol->secFlg |= CIFSSEC_MAY_NTLM;
1134 } else if (strnicmp(value, "nontlm", 6) == 0) {
1135 /* BB is there a better way to do this? */
1136 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1137 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1138 } else if (strnicmp(value, "lanman", 6) == 0) {
1139 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1140 #endif
1141 } else if (strnicmp(value, "none", 4) == 0) {
1142 vol->nullauth = 1;
1143 } else {
1144 cERROR(1, "bad security option: %s", value);
1145 goto cifs_parse_mount_err;
1146 }
1147 } else if (strnicmp(data, "vers", 3) == 0) {
1148 if (!value || !*value) {
1149 cERROR(1, "no protocol version specified"
1150 " after vers= mount option");
1151 } else if ((strnicmp(value, "cifs", 4) == 0) ||
1152 (strnicmp(value, "1", 1) == 0)) {
1153 /* this is the default */
1154 continue;
1155 }
1156 } else if ((strnicmp(data, "unc", 3) == 0)
1157 || (strnicmp(data, "target", 6) == 0)
1158 || (strnicmp(data, "path", 4) == 0)) {
1159 if (!value || !*value) {
1160 printk(KERN_WARNING "CIFS: invalid path to "
1161 "network resource\n");
1162 goto cifs_parse_mount_err;
1163 }
1164 if ((temp_len = strnlen(value, 300)) < 300) {
1165 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1166 if (vol->UNC == NULL)
1167 goto cifs_parse_mount_err;
1168 strcpy(vol->UNC, value);
1169 if (strncmp(vol->UNC, "//", 2) == 0) {
1170 vol->UNC[0] = '\\';
1171 vol->UNC[1] = '\\';
1172 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1173 printk(KERN_WARNING
1174 "CIFS: UNC Path does not begin "
1175 "with // or \\\\ \n");
1176 goto cifs_parse_mount_err;
1177 }
1178 } else {
1179 printk(KERN_WARNING "CIFS: UNC name too long\n");
1180 goto cifs_parse_mount_err;
1181 }
1182 } else if ((strnicmp(data, "domain", 3) == 0)
1183 || (strnicmp(data, "workgroup", 5) == 0)) {
1184 if (!value || !*value) {
1185 printk(KERN_WARNING "CIFS: invalid domain name\n");
1186 goto cifs_parse_mount_err;
1187 }
1188 /* BB are there cases in which a comma can be valid in
1189 a domain name and need special handling? */
1190 if (strnlen(value, 256) < 256) {
1191 vol->domainname = kstrdup(value, GFP_KERNEL);
1192 if (!vol->domainname) {
1193 printk(KERN_WARNING "CIFS: no memory "
1194 "for domainname\n");
1195 goto cifs_parse_mount_err;
1196 }
1197 cFYI(1, "Domain name set");
1198 } else {
1199 printk(KERN_WARNING "CIFS: domain name too "
1200 "long\n");
1201 goto cifs_parse_mount_err;
1202 }
1203 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1204 vol->srcaddr.ss_family = AF_UNSPEC;
1205
1206 if (!value || !*value) {
1207 printk(KERN_WARNING "CIFS: srcaddr value"
1208 " not specified.\n");
1209 goto cifs_parse_mount_err;
1210 }
1211 i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1212 value, strlen(value));
1213 if (i == 0) {
1214 printk(KERN_WARNING "CIFS: Could not parse"
1215 " srcaddr: %s\n",
1216 value);
1217 goto cifs_parse_mount_err;
1218 }
1219 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1220 if (!value || !*value) {
1221 printk(KERN_WARNING
1222 "CIFS: invalid path prefix\n");
1223 goto cifs_parse_mount_err;
1224 }
1225 if ((temp_len = strnlen(value, 1024)) < 1024) {
1226 if (value[0] != '/')
1227 temp_len++; /* missing leading slash */
1228 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1229 if (vol->prepath == NULL)
1230 goto cifs_parse_mount_err;
1231 if (value[0] != '/') {
1232 vol->prepath[0] = '/';
1233 strcpy(vol->prepath+1, value);
1234 } else
1235 strcpy(vol->prepath, value);
1236 cFYI(1, "prefix path %s", vol->prepath);
1237 } else {
1238 printk(KERN_WARNING "CIFS: prefix too long\n");
1239 goto cifs_parse_mount_err;
1240 }
1241 } else if (strnicmp(data, "iocharset", 9) == 0) {
1242 if (!value || !*value) {
1243 printk(KERN_WARNING "CIFS: invalid iocharset "
1244 "specified\n");
1245 goto cifs_parse_mount_err;
1246 }
1247 if (strnlen(value, 65) < 65) {
1248 if (strnicmp(value, "default", 7)) {
1249 vol->iocharset = kstrdup(value,
1250 GFP_KERNEL);
1251
1252 if (!vol->iocharset) {
1253 printk(KERN_WARNING "CIFS: no "
1254 "memory for"
1255 "charset\n");
1256 goto cifs_parse_mount_err;
1257 }
1258 }
1259 /* if iocharset not set then load_nls_default
1260 is used by caller */
1261 cFYI(1, "iocharset set to %s", value);
1262 } else {
1263 printk(KERN_WARNING "CIFS: iocharset name "
1264 "too long.\n");
1265 goto cifs_parse_mount_err;
1266 }
1267 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1268 vol->linux_uid = simple_strtoul(value, &value, 0);
1269 uid_specified = true;
1270 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1271 vol->cred_uid = simple_strtoul(value, &value, 0);
1272 } else if (!strnicmp(data, "forceuid", 8)) {
1273 override_uid = 1;
1274 } else if (!strnicmp(data, "noforceuid", 10)) {
1275 override_uid = 0;
1276 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1277 vol->linux_gid = simple_strtoul(value, &value, 0);
1278 gid_specified = true;
1279 } else if (!strnicmp(data, "forcegid", 8)) {
1280 override_gid = 1;
1281 } else if (!strnicmp(data, "noforcegid", 10)) {
1282 override_gid = 0;
1283 } else if (strnicmp(data, "file_mode", 4) == 0) {
1284 if (value && *value) {
1285 vol->file_mode =
1286 simple_strtoul(value, &value, 0);
1287 }
1288 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1289 if (value && *value) {
1290 vol->dir_mode =
1291 simple_strtoul(value, &value, 0);
1292 }
1293 } else if (strnicmp(data, "dirmode", 4) == 0) {
1294 if (value && *value) {
1295 vol->dir_mode =
1296 simple_strtoul(value, &value, 0);
1297 }
1298 } else if (strnicmp(data, "port", 4) == 0) {
1299 if (value && *value) {
1300 vol->port =
1301 simple_strtoul(value, &value, 0);
1302 }
1303 } else if (strnicmp(data, "rsize", 5) == 0) {
1304 if (value && *value) {
1305 vol->rsize =
1306 simple_strtoul(value, &value, 0);
1307 }
1308 } else if (strnicmp(data, "wsize", 5) == 0) {
1309 if (value && *value) {
1310 vol->wsize =
1311 simple_strtoul(value, &value, 0);
1312 }
1313 } else if (strnicmp(data, "sockopt", 5) == 0) {
1314 if (!value || !*value) {
1315 cERROR(1, "no socket option specified");
1316 continue;
1317 } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1318 vol->sockopt_tcp_nodelay = 1;
1319 }
1320 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1321 if (!value || !*value || (*value == ' ')) {
1322 cFYI(1, "invalid (empty) netbiosname");
1323 } else {
1324 memset(vol->source_rfc1001_name, 0x20,
1325 RFC1001_NAME_LEN);
1326 /*
1327 * FIXME: are there cases in which a comma can
1328 * be valid in workstation netbios name (and
1329 * need special handling)?
1330 */
1331 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1332 /* don't ucase netbiosname for user */
1333 if (value[i] == 0)
1334 break;
1335 vol->source_rfc1001_name[i] = value[i];
1336 }
1337 /* The string has 16th byte zero still from
1338 set at top of the function */
1339 if (i == RFC1001_NAME_LEN && value[i] != 0)
1340 printk(KERN_WARNING "CIFS: netbiosname"
1341 " longer than 15 truncated.\n");
1342 }
1343 } else if (strnicmp(data, "servern", 7) == 0) {
1344 /* servernetbiosname specified override *SMBSERVER */
1345 if (!value || !*value || (*value == ' ')) {
1346 cFYI(1, "empty server netbiosname specified");
1347 } else {
1348 /* last byte, type, is 0x20 for servr type */
1349 memset(vol->target_rfc1001_name, 0x20,
1350 RFC1001_NAME_LEN_WITH_NULL);
1351
1352 for (i = 0; i < 15; i++) {
1353 /* BB are there cases in which a comma can be
1354 valid in this workstation netbios name
1355 (and need special handling)? */
1356
1357 /* user or mount helper must uppercase
1358 the netbiosname */
1359 if (value[i] == 0)
1360 break;
1361 else
1362 vol->target_rfc1001_name[i] =
1363 value[i];
1364 }
1365 /* The string has 16th byte zero still from
1366 set at top of the function */
1367 if (i == RFC1001_NAME_LEN && value[i] != 0)
1368 printk(KERN_WARNING "CIFS: server net"
1369 "biosname longer than 15 truncated.\n");
1370 }
1371 } else if (strnicmp(data, "actimeo", 7) == 0) {
1372 if (value && *value) {
1373 vol->actimeo = HZ * simple_strtoul(value,
1374 &value, 0);
1375 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1376 cERROR(1, "CIFS: attribute cache"
1377 "timeout too large");
1378 goto cifs_parse_mount_err;
1379 }
1380 }
1381 } else if (strnicmp(data, "credentials", 4) == 0) {
1382 /* ignore */
1383 } else if (strnicmp(data, "version", 3) == 0) {
1384 /* ignore */
1385 } else if (strnicmp(data, "guest", 5) == 0) {
1386 /* ignore */
1387 } else if (strnicmp(data, "rw", 2) == 0 && strlen(data) == 2) {
1388 /* ignore */
1389 } else if (strnicmp(data, "ro", 2) == 0) {
1390 /* ignore */
1391 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1392 vol->noblocksnd = 1;
1393 } else if (strnicmp(data, "noautotune", 10) == 0) {
1394 vol->noautotune = 1;
1395 } else if ((strnicmp(data, "suid", 4) == 0) ||
1396 (strnicmp(data, "nosuid", 6) == 0) ||
1397 (strnicmp(data, "exec", 4) == 0) ||
1398 (strnicmp(data, "noexec", 6) == 0) ||
1399 (strnicmp(data, "nodev", 5) == 0) ||
1400 (strnicmp(data, "noauto", 6) == 0) ||
1401 (strnicmp(data, "dev", 3) == 0)) {
1402 /* The mount tool or mount.cifs helper (if present)
1403 uses these opts to set flags, and the flags are read
1404 by the kernel vfs layer before we get here (ie
1405 before read super) so there is no point trying to
1406 parse these options again and set anything and it
1407 is ok to just ignore them */
1408 continue;
1409 } else if (strnicmp(data, "hard", 4) == 0) {
1410 vol->retry = 1;
1411 } else if (strnicmp(data, "soft", 4) == 0) {
1412 vol->retry = 0;
1413 } else if (strnicmp(data, "perm", 4) == 0) {
1414 vol->noperm = 0;
1415 } else if (strnicmp(data, "noperm", 6) == 0) {
1416 vol->noperm = 1;
1417 } else if (strnicmp(data, "mapchars", 8) == 0) {
1418 vol->remap = 1;
1419 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1420 vol->remap = 0;
1421 } else if (strnicmp(data, "sfu", 3) == 0) {
1422 vol->sfu_emul = 1;
1423 } else if (strnicmp(data, "nosfu", 5) == 0) {
1424 vol->sfu_emul = 0;
1425 } else if (strnicmp(data, "nodfs", 5) == 0) {
1426 vol->nodfs = 1;
1427 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1428 vol->posix_paths = 1;
1429 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1430 vol->posix_paths = 0;
1431 } else if (strnicmp(data, "nounix", 6) == 0) {
1432 vol->no_linux_ext = 1;
1433 } else if (strnicmp(data, "nolinux", 7) == 0) {
1434 vol->no_linux_ext = 1;
1435 } else if ((strnicmp(data, "nocase", 6) == 0) ||
1436 (strnicmp(data, "ignorecase", 10) == 0)) {
1437 vol->nocase = 1;
1438 } else if (strnicmp(data, "mand", 4) == 0) {
1439 /* ignore */
1440 } else if (strnicmp(data, "nomand", 6) == 0) {
1441 /* ignore */
1442 } else if (strnicmp(data, "_netdev", 7) == 0) {
1443 /* ignore */
1444 } else if (strnicmp(data, "brl", 3) == 0) {
1445 vol->nobrl = 0;
1446 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1447 (strnicmp(data, "nolock", 6) == 0)) {
1448 vol->nobrl = 1;
1449 /* turn off mandatory locking in mode
1450 if remote locking is turned off since the
1451 local vfs will do advisory */
1452 if (vol->file_mode ==
1453 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1454 vol->file_mode = S_IALLUGO;
1455 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1456 /* will take the shorter form "forcemand" as well */
1457 /* This mount option will force use of mandatory
1458 (DOS/Windows style) byte range locks, instead of
1459 using posix advisory byte range locks, even if the
1460 Unix extensions are available and posix locks would
1461 be supported otherwise. If Unix extensions are not
1462 negotiated this has no effect since mandatory locks
1463 would be used (mandatory locks is all that those
1464 those servers support) */
1465 vol->mand_lock = 1;
1466 } else if (strnicmp(data, "setuids", 7) == 0) {
1467 vol->setuids = 1;
1468 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1469 vol->setuids = 0;
1470 } else if (strnicmp(data, "dynperm", 7) == 0) {
1471 vol->dynperm = true;
1472 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1473 vol->dynperm = false;
1474 } else if (strnicmp(data, "nohard", 6) == 0) {
1475 vol->retry = 0;
1476 } else if (strnicmp(data, "nosoft", 6) == 0) {
1477 vol->retry = 1;
1478 } else if (strnicmp(data, "nointr", 6) == 0) {
1479 vol->intr = 0;
1480 } else if (strnicmp(data, "intr", 4) == 0) {
1481 vol->intr = 1;
1482 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1483 vol->nostrictsync = 1;
1484 } else if (strnicmp(data, "strictsync", 10) == 0) {
1485 vol->nostrictsync = 0;
1486 } else if (strnicmp(data, "serverino", 7) == 0) {
1487 vol->server_ino = 1;
1488 } else if (strnicmp(data, "noserverino", 9) == 0) {
1489 vol->server_ino = 0;
1490 } else if (strnicmp(data, "rwpidforward", 12) == 0) {
1491 vol->rwpidforward = 1;
1492 } else if (strnicmp(data, "cifsacl", 7) == 0) {
1493 vol->cifs_acl = 1;
1494 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1495 vol->cifs_acl = 0;
1496 } else if (strnicmp(data, "acl", 3) == 0) {
1497 vol->no_psx_acl = 0;
1498 } else if (strnicmp(data, "noacl", 5) == 0) {
1499 vol->no_psx_acl = 1;
1500 } else if (strnicmp(data, "locallease", 6) == 0) {
1501 vol->local_lease = 1;
1502 } else if (strnicmp(data, "sign", 4) == 0) {
1503 vol->secFlg |= CIFSSEC_MUST_SIGN;
1504 } else if (strnicmp(data, "seal", 4) == 0) {
1505 /* we do not do the following in secFlags because seal
1506 is a per tree connection (mount) not a per socket
1507 or per-smb connection option in the protocol */
1508 /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1509 vol->seal = 1;
1510 } else if (strnicmp(data, "direct", 6) == 0) {
1511 vol->direct_io = 1;
1512 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1513 vol->direct_io = 1;
1514 } else if (strnicmp(data, "strictcache", 11) == 0) {
1515 vol->strict_io = 1;
1516 } else if (strnicmp(data, "noac", 4) == 0) {
1517 printk(KERN_WARNING "CIFS: Mount option noac not "
1518 "supported. Instead set "
1519 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1520 } else if (strnicmp(data, "fsc", 3) == 0) {
1521 #ifndef CONFIG_CIFS_FSCACHE
1522 cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
1523 "kernel config option set");
1524 goto cifs_parse_mount_err;
1525 #endif
1526 vol->fsc = true;
1527 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1528 vol->mfsymlinks = true;
1529 } else if (strnicmp(data, "multiuser", 8) == 0) {
1530 vol->multiuser = true;
1531 } else if (!strnicmp(data, "backupuid", 9) && value && *value) {
1532 err = kstrtouint(value, 0, &vol->backupuid);
1533 if (err < 0) {
1534 cERROR(1, "%s: Invalid backupuid value",
1535 __func__);
1536 goto cifs_parse_mount_err;
1537 }
1538 vol->backupuid_specified = true;
1539 } else if (!strnicmp(data, "backupgid", 9) && value && *value) {
1540 err = kstrtouint(value, 0, &vol->backupgid);
1541 if (err < 0) {
1542 cERROR(1, "%s: Invalid backupgid value",
1543 __func__);
1544 goto cifs_parse_mount_err;
1545 }
1546 vol->backupgid_specified = true;
1547 } else
1548 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1549 data);
1550 }
1551 if (vol->UNC == NULL) {
1552 if (devname == NULL) {
1553 printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1554 "target\n");
1555 goto cifs_parse_mount_err;
1556 }
1557 if ((temp_len = strnlen(devname, 300)) < 300) {
1558 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1559 if (vol->UNC == NULL)
1560 goto cifs_parse_mount_err;
1561 strcpy(vol->UNC, devname);
1562 if (strncmp(vol->UNC, "//", 2) == 0) {
1563 vol->UNC[0] = '\\';
1564 vol->UNC[1] = '\\';
1565 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1566 printk(KERN_WARNING "CIFS: UNC Path does not "
1567 "begin with // or \\\\ \n");
1568 goto cifs_parse_mount_err;
1569 }
1570 value = strpbrk(vol->UNC+2, "/\\");
1571 if (value)
1572 *value = '\\';
1573 } else {
1574 printk(KERN_WARNING "CIFS: UNC name too long\n");
1575 goto cifs_parse_mount_err;
1576 }
1577 }
1578
1579 if (vol->multiuser && !(vol->secFlg & CIFSSEC_MAY_KRB5)) {
1580 cERROR(1, "Multiuser mounts currently require krb5 "
1581 "authentication!");
1582 goto cifs_parse_mount_err;
1583 }
1584
1585 if (vol->UNCip == NULL)
1586 vol->UNCip = &vol->UNC[2];
1587
1588 if (uid_specified)
1589 vol->override_uid = override_uid;
1590 else if (override_uid == 1)
1591 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1592 "specified with no uid= option.\n");
1593
1594 if (gid_specified)
1595 vol->override_gid = override_gid;
1596 else if (override_gid == 1)
1597 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1598 "specified with no gid= option.\n");
1599
1600 kfree(mountdata_copy);
1601 return 0;
1602
1603 cifs_parse_mount_err:
1604 kfree(mountdata_copy);
1605 return 1;
1606 }
1607
1608 /** Returns true if srcaddr isn't specified and rhs isn't
1609 * specified, or if srcaddr is specified and
1610 * matches the IP address of the rhs argument.
1611 */
1612 static bool
1613 srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1614 {
1615 switch (srcaddr->sa_family) {
1616 case AF_UNSPEC:
1617 return (rhs->sa_family == AF_UNSPEC);
1618 case AF_INET: {
1619 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1620 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1621 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1622 }
1623 case AF_INET6: {
1624 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1625 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1626 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1627 }
1628 default:
1629 WARN_ON(1);
1630 return false; /* don't expect to be here */
1631 }
1632 }
1633
1634 /*
1635 * If no port is specified in addr structure, we try to match with 445 port
1636 * and if it fails - with 139 ports. It should be called only if address
1637 * families of server and addr are equal.
1638 */
1639 static bool
1640 match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1641 {
1642 __be16 port, *sport;
1643
1644 switch (addr->sa_family) {
1645 case AF_INET:
1646 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1647 port = ((struct sockaddr_in *) addr)->sin_port;
1648 break;
1649 case AF_INET6:
1650 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1651 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1652 break;
1653 default:
1654 WARN_ON(1);
1655 return false;
1656 }
1657
1658 if (!port) {
1659 port = htons(CIFS_PORT);
1660 if (port == *sport)
1661 return true;
1662
1663 port = htons(RFC1001_PORT);
1664 }
1665
1666 return port == *sport;
1667 }
1668
1669 static bool
1670 match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1671 struct sockaddr *srcaddr)
1672 {
1673 switch (addr->sa_family) {
1674 case AF_INET: {
1675 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1676 struct sockaddr_in *srv_addr4 =
1677 (struct sockaddr_in *)&server->dstaddr;
1678
1679 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
1680 return false;
1681 break;
1682 }
1683 case AF_INET6: {
1684 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1685 struct sockaddr_in6 *srv_addr6 =
1686 (struct sockaddr_in6 *)&server->dstaddr;
1687
1688 if (!ipv6_addr_equal(&addr6->sin6_addr,
1689 &srv_addr6->sin6_addr))
1690 return false;
1691 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
1692 return false;
1693 break;
1694 }
1695 default:
1696 WARN_ON(1);
1697 return false; /* don't expect to be here */
1698 }
1699
1700 if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1701 return false;
1702
1703 return true;
1704 }
1705
1706 static bool
1707 match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1708 {
1709 unsigned int secFlags;
1710
1711 if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1712 secFlags = vol->secFlg;
1713 else
1714 secFlags = global_secflags | vol->secFlg;
1715
1716 switch (server->secType) {
1717 case LANMAN:
1718 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1719 return false;
1720 break;
1721 case NTLMv2:
1722 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1723 return false;
1724 break;
1725 case NTLM:
1726 if (!(secFlags & CIFSSEC_MAY_NTLM))
1727 return false;
1728 break;
1729 case Kerberos:
1730 if (!(secFlags & CIFSSEC_MAY_KRB5))
1731 return false;
1732 break;
1733 case RawNTLMSSP:
1734 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1735 return false;
1736 break;
1737 default:
1738 /* shouldn't happen */
1739 return false;
1740 }
1741
1742 /* now check if signing mode is acceptable */
1743 if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
1744 (server->sec_mode & SECMODE_SIGN_REQUIRED))
1745 return false;
1746 else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
1747 (server->sec_mode &
1748 (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1749 return false;
1750
1751 return true;
1752 }
1753
1754 static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
1755 struct smb_vol *vol)
1756 {
1757 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1758 return 0;
1759
1760 if (!match_address(server, addr,
1761 (struct sockaddr *)&vol->srcaddr))
1762 return 0;
1763
1764 if (!match_port(server, addr))
1765 return 0;
1766
1767 if (!match_security(server, vol))
1768 return 0;
1769
1770 return 1;
1771 }
1772
1773 static struct TCP_Server_Info *
1774 cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1775 {
1776 struct TCP_Server_Info *server;
1777
1778 spin_lock(&cifs_tcp_ses_lock);
1779 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
1780 if (!match_server(server, addr, vol))
1781 continue;
1782
1783 ++server->srv_count;
1784 spin_unlock(&cifs_tcp_ses_lock);
1785 cFYI(1, "Existing tcp session with server found");
1786 return server;
1787 }
1788 spin_unlock(&cifs_tcp_ses_lock);
1789 return NULL;
1790 }
1791
1792 static void
1793 cifs_put_tcp_session(struct TCP_Server_Info *server)
1794 {
1795 struct task_struct *task;
1796
1797 spin_lock(&cifs_tcp_ses_lock);
1798 if (--server->srv_count > 0) {
1799 spin_unlock(&cifs_tcp_ses_lock);
1800 return;
1801 }
1802
1803 put_net(cifs_net_ns(server));
1804
1805 list_del_init(&server->tcp_ses_list);
1806 spin_unlock(&cifs_tcp_ses_lock);
1807
1808 cancel_delayed_work_sync(&server->echo);
1809
1810 spin_lock(&GlobalMid_Lock);
1811 server->tcpStatus = CifsExiting;
1812 spin_unlock(&GlobalMid_Lock);
1813
1814 cifs_crypto_shash_release(server);
1815 cifs_fscache_release_client_cookie(server);
1816
1817 kfree(server->session_key.response);
1818 server->session_key.response = NULL;
1819 server->session_key.len = 0;
1820
1821 task = xchg(&server->tsk, NULL);
1822 if (task)
1823 force_sig(SIGKILL, task);
1824 }
1825
1826 static struct TCP_Server_Info *
1827 cifs_get_tcp_session(struct smb_vol *volume_info)
1828 {
1829 struct TCP_Server_Info *tcp_ses = NULL;
1830 struct sockaddr_storage addr;
1831 struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1832 struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1833 int rc;
1834
1835 memset(&addr, 0, sizeof(struct sockaddr_storage));
1836
1837 cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
1838
1839 if (volume_info->UNCip && volume_info->UNC) {
1840 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1841 volume_info->UNCip,
1842 strlen(volume_info->UNCip),
1843 volume_info->port);
1844 if (!rc) {
1845 /* we failed translating address */
1846 rc = -EINVAL;
1847 goto out_err;
1848 }
1849 } else if (volume_info->UNCip) {
1850 /* BB using ip addr as tcp_ses name to connect to the
1851 DFS root below */
1852 cERROR(1, "Connecting to DFS root not implemented yet");
1853 rc = -EINVAL;
1854 goto out_err;
1855 } else /* which tcp_sess DFS root would we conect to */ {
1856 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1857 "unc=//192.168.1.100/public) specified");
1858 rc = -EINVAL;
1859 goto out_err;
1860 }
1861
1862 /* see if we already have a matching tcp_ses */
1863 tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
1864 if (tcp_ses)
1865 return tcp_ses;
1866
1867 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1868 if (!tcp_ses) {
1869 rc = -ENOMEM;
1870 goto out_err;
1871 }
1872
1873 rc = cifs_crypto_shash_allocate(tcp_ses);
1874 if (rc) {
1875 cERROR(1, "could not setup hash structures rc %d", rc);
1876 goto out_err;
1877 }
1878
1879 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
1880 tcp_ses->hostname = extract_hostname(volume_info->UNC);
1881 if (IS_ERR(tcp_ses->hostname)) {
1882 rc = PTR_ERR(tcp_ses->hostname);
1883 goto out_err_crypto_release;
1884 }
1885
1886 tcp_ses->noblocksnd = volume_info->noblocksnd;
1887 tcp_ses->noautotune = volume_info->noautotune;
1888 tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
1889 atomic_set(&tcp_ses->inFlight, 0);
1890 init_waitqueue_head(&tcp_ses->response_q);
1891 init_waitqueue_head(&tcp_ses->request_q);
1892 INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1893 mutex_init(&tcp_ses->srv_mutex);
1894 memcpy(tcp_ses->workstation_RFC1001_name,
1895 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1896 memcpy(tcp_ses->server_RFC1001_name,
1897 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1898 tcp_ses->session_estab = false;
1899 tcp_ses->sequence_number = 0;
1900 tcp_ses->lstrp = jiffies;
1901 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1902 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
1903 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
1904
1905 /*
1906 * at this point we are the only ones with the pointer
1907 * to the struct since the kernel thread not created yet
1908 * no need to spinlock this init of tcpStatus or srv_count
1909 */
1910 tcp_ses->tcpStatus = CifsNew;
1911 memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1912 sizeof(tcp_ses->srcaddr));
1913 ++tcp_ses->srv_count;
1914
1915 if (addr.ss_family == AF_INET6) {
1916 cFYI(1, "attempting ipv6 connect");
1917 /* BB should we allow ipv6 on port 139? */
1918 /* other OS never observed in Wild doing 139 with v6 */
1919 memcpy(&tcp_ses->dstaddr, sin_server6,
1920 sizeof(struct sockaddr_in6));
1921 } else
1922 memcpy(&tcp_ses->dstaddr, sin_server,
1923 sizeof(struct sockaddr_in));
1924
1925 rc = ip_connect(tcp_ses);
1926 if (rc < 0) {
1927 cERROR(1, "Error connecting to socket. Aborting operation");
1928 goto out_err_crypto_release;
1929 }
1930
1931 /*
1932 * since we're in a cifs function already, we know that
1933 * this will succeed. No need for try_module_get().
1934 */
1935 __module_get(THIS_MODULE);
1936 tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
1937 tcp_ses, "cifsd");
1938 if (IS_ERR(tcp_ses->tsk)) {
1939 rc = PTR_ERR(tcp_ses->tsk);
1940 cERROR(1, "error %d create cifsd thread", rc);
1941 module_put(THIS_MODULE);
1942 goto out_err_crypto_release;
1943 }
1944 tcp_ses->tcpStatus = CifsNeedNegotiate;
1945
1946 /* thread spawned, put it on the list */
1947 spin_lock(&cifs_tcp_ses_lock);
1948 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
1949 spin_unlock(&cifs_tcp_ses_lock);
1950
1951 cifs_fscache_get_client_cookie(tcp_ses);
1952
1953 /* queue echo request delayed work */
1954 queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1955
1956 return tcp_ses;
1957
1958 out_err_crypto_release:
1959 cifs_crypto_shash_release(tcp_ses);
1960
1961 put_net(cifs_net_ns(tcp_ses));
1962
1963 out_err:
1964 if (tcp_ses) {
1965 if (!IS_ERR(tcp_ses->hostname))
1966 kfree(tcp_ses->hostname);
1967 if (tcp_ses->ssocket)
1968 sock_release(tcp_ses->ssocket);
1969 kfree(tcp_ses);
1970 }
1971 return ERR_PTR(rc);
1972 }
1973
1974 static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
1975 {
1976 switch (ses->server->secType) {
1977 case Kerberos:
1978 if (vol->cred_uid != ses->cred_uid)
1979 return 0;
1980 break;
1981 default:
1982 /* anything else takes username/password */
1983 if (ses->user_name == NULL)
1984 return 0;
1985 if (strncmp(ses->user_name, vol->username,
1986 MAX_USERNAME_SIZE))
1987 return 0;
1988 if (strlen(vol->username) != 0 &&
1989 ses->password != NULL &&
1990 strncmp(ses->password,
1991 vol->password ? vol->password : "",
1992 MAX_PASSWORD_SIZE))
1993 return 0;
1994 }
1995 return 1;
1996 }
1997
1998 static struct cifs_ses *
1999 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
2000 {
2001 struct cifs_ses *ses;
2002
2003 spin_lock(&cifs_tcp_ses_lock);
2004 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
2005 if (!match_session(ses, vol))
2006 continue;
2007 ++ses->ses_count;
2008 spin_unlock(&cifs_tcp_ses_lock);
2009 return ses;
2010 }
2011 spin_unlock(&cifs_tcp_ses_lock);
2012 return NULL;
2013 }
2014
2015 static void
2016 cifs_put_smb_ses(struct cifs_ses *ses)
2017 {
2018 int xid;
2019 struct TCP_Server_Info *server = ses->server;
2020
2021 cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
2022 spin_lock(&cifs_tcp_ses_lock);
2023 if (--ses->ses_count > 0) {
2024 spin_unlock(&cifs_tcp_ses_lock);
2025 return;
2026 }
2027
2028 list_del_init(&ses->smb_ses_list);
2029 spin_unlock(&cifs_tcp_ses_lock);
2030
2031 if (ses->status == CifsGood) {
2032 xid = GetXid();
2033 CIFSSMBLogoff(xid, ses);
2034 _FreeXid(xid);
2035 }
2036 sesInfoFree(ses);
2037 cifs_put_tcp_session(server);
2038 }
2039
2040 static bool warned_on_ntlm; /* globals init to false automatically */
2041
2042 static struct cifs_ses *
2043 cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2044 {
2045 int rc = -ENOMEM, xid;
2046 struct cifs_ses *ses;
2047 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2048 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2049
2050 xid = GetXid();
2051
2052 ses = cifs_find_smb_ses(server, volume_info);
2053 if (ses) {
2054 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
2055
2056 mutex_lock(&ses->session_mutex);
2057 rc = cifs_negotiate_protocol(xid, ses);
2058 if (rc) {
2059 mutex_unlock(&ses->session_mutex);
2060 /* problem -- put our ses reference */
2061 cifs_put_smb_ses(ses);
2062 FreeXid(xid);
2063 return ERR_PTR(rc);
2064 }
2065 if (ses->need_reconnect) {
2066 cFYI(1, "Session needs reconnect");
2067 rc = cifs_setup_session(xid, ses,
2068 volume_info->local_nls);
2069 if (rc) {
2070 mutex_unlock(&ses->session_mutex);
2071 /* problem -- put our reference */
2072 cifs_put_smb_ses(ses);
2073 FreeXid(xid);
2074 return ERR_PTR(rc);
2075 }
2076 }
2077 mutex_unlock(&ses->session_mutex);
2078
2079 /* existing SMB ses has a server reference already */
2080 cifs_put_tcp_session(server);
2081 FreeXid(xid);
2082 return ses;
2083 }
2084
2085 cFYI(1, "Existing smb sess not found");
2086 ses = sesInfoAlloc();
2087 if (ses == NULL)
2088 goto get_ses_fail;
2089
2090 /* new SMB session uses our server ref */
2091 ses->server = server;
2092 if (server->dstaddr.ss_family == AF_INET6)
2093 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
2094 else
2095 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
2096
2097 if (volume_info->username) {
2098 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2099 if (!ses->user_name)
2100 goto get_ses_fail;
2101 }
2102
2103 /* volume_info->password freed at unmount */
2104 if (volume_info->password) {
2105 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2106 if (!ses->password)
2107 goto get_ses_fail;
2108 }
2109 if (volume_info->domainname) {
2110 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2111 if (!ses->domainName)
2112 goto get_ses_fail;
2113 }
2114 ses->cred_uid = volume_info->cred_uid;
2115 ses->linux_uid = volume_info->linux_uid;
2116
2117 /* ntlmv2 is much stronger than ntlm security, and has been broadly
2118 supported for many years, time to update default security mechanism */
2119 if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2120 warned_on_ntlm = true;
2121 cERROR(1, "default security mechanism requested. The default "
2122 "security mechanism will be upgraded from ntlm to "
2123 "ntlmv2 in kernel release 3.2");
2124 }
2125 ses->overrideSecFlg = volume_info->secFlg;
2126
2127 mutex_lock(&ses->session_mutex);
2128 rc = cifs_negotiate_protocol(xid, ses);
2129 if (!rc)
2130 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
2131 mutex_unlock(&ses->session_mutex);
2132 if (rc)
2133 goto get_ses_fail;
2134
2135 /* success, put it on the list */
2136 spin_lock(&cifs_tcp_ses_lock);
2137 list_add(&ses->smb_ses_list, &server->smb_ses_list);
2138 spin_unlock(&cifs_tcp_ses_lock);
2139
2140 FreeXid(xid);
2141 return ses;
2142
2143 get_ses_fail:
2144 sesInfoFree(ses);
2145 FreeXid(xid);
2146 return ERR_PTR(rc);
2147 }
2148
2149 static int match_tcon(struct cifs_tcon *tcon, const char *unc)
2150 {
2151 if (tcon->tidStatus == CifsExiting)
2152 return 0;
2153 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2154 return 0;
2155 return 1;
2156 }
2157
2158 static struct cifs_tcon *
2159 cifs_find_tcon(struct cifs_ses *ses, const char *unc)
2160 {
2161 struct list_head *tmp;
2162 struct cifs_tcon *tcon;
2163
2164 spin_lock(&cifs_tcp_ses_lock);
2165 list_for_each(tmp, &ses->tcon_list) {
2166 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
2167 if (!match_tcon(tcon, unc))
2168 continue;
2169 ++tcon->tc_count;
2170 spin_unlock(&cifs_tcp_ses_lock);
2171 return tcon;
2172 }
2173 spin_unlock(&cifs_tcp_ses_lock);
2174 return NULL;
2175 }
2176
2177 static void
2178 cifs_put_tcon(struct cifs_tcon *tcon)
2179 {
2180 int xid;
2181 struct cifs_ses *ses = tcon->ses;
2182
2183 cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
2184 spin_lock(&cifs_tcp_ses_lock);
2185 if (--tcon->tc_count > 0) {
2186 spin_unlock(&cifs_tcp_ses_lock);
2187 return;
2188 }
2189
2190 list_del_init(&tcon->tcon_list);
2191 spin_unlock(&cifs_tcp_ses_lock);
2192
2193 xid = GetXid();
2194 CIFSSMBTDis(xid, tcon);
2195 _FreeXid(xid);
2196
2197 cifs_fscache_release_super_cookie(tcon);
2198 tconInfoFree(tcon);
2199 cifs_put_smb_ses(ses);
2200 }
2201
2202 static struct cifs_tcon *
2203 cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
2204 {
2205 int rc, xid;
2206 struct cifs_tcon *tcon;
2207
2208 tcon = cifs_find_tcon(ses, volume_info->UNC);
2209 if (tcon) {
2210 cFYI(1, "Found match on UNC path");
2211 /* existing tcon already has a reference */
2212 cifs_put_smb_ses(ses);
2213 if (tcon->seal != volume_info->seal)
2214 cERROR(1, "transport encryption setting "
2215 "conflicts with existing tid");
2216 return tcon;
2217 }
2218
2219 tcon = tconInfoAlloc();
2220 if (tcon == NULL) {
2221 rc = -ENOMEM;
2222 goto out_fail;
2223 }
2224
2225 tcon->ses = ses;
2226 if (volume_info->password) {
2227 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2228 if (!tcon->password) {
2229 rc = -ENOMEM;
2230 goto out_fail;
2231 }
2232 }
2233
2234 if (strchr(volume_info->UNC + 3, '\\') == NULL
2235 && strchr(volume_info->UNC + 3, '/') == NULL) {
2236 cERROR(1, "Missing share name");
2237 rc = -ENODEV;
2238 goto out_fail;
2239 }
2240
2241 /* BB Do we need to wrap session_mutex around
2242 * this TCon call and Unix SetFS as
2243 * we do on SessSetup and reconnect? */
2244 xid = GetXid();
2245 rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2246 FreeXid(xid);
2247 cFYI(1, "CIFS Tcon rc = %d", rc);
2248 if (rc)
2249 goto out_fail;
2250
2251 if (volume_info->nodfs) {
2252 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2253 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2254 }
2255 tcon->seal = volume_info->seal;
2256 /* we can have only one retry value for a connection
2257 to a share so for resources mounted more than once
2258 to the same server share the last value passed in
2259 for the retry flag is used */
2260 tcon->retry = volume_info->retry;
2261 tcon->nocase = volume_info->nocase;
2262 tcon->local_lease = volume_info->local_lease;
2263
2264 spin_lock(&cifs_tcp_ses_lock);
2265 list_add(&tcon->tcon_list, &ses->tcon_list);
2266 spin_unlock(&cifs_tcp_ses_lock);
2267
2268 cifs_fscache_get_super_cookie(tcon);
2269
2270 return tcon;
2271
2272 out_fail:
2273 tconInfoFree(tcon);
2274 return ERR_PTR(rc);
2275 }
2276
2277 void
2278 cifs_put_tlink(struct tcon_link *tlink)
2279 {
2280 if (!tlink || IS_ERR(tlink))
2281 return;
2282
2283 if (!atomic_dec_and_test(&tlink->tl_count) ||
2284 test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2285 tlink->tl_time = jiffies;
2286 return;
2287 }
2288
2289 if (!IS_ERR(tlink_tcon(tlink)))
2290 cifs_put_tcon(tlink_tcon(tlink));
2291 kfree(tlink);
2292 return;
2293 }
2294
2295 static inline struct tcon_link *
2296 cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2297 {
2298 return cifs_sb->master_tlink;
2299 }
2300
2301 static int
2302 compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2303 {
2304 struct cifs_sb_info *old = CIFS_SB(sb);
2305 struct cifs_sb_info *new = mnt_data->cifs_sb;
2306
2307 if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2308 return 0;
2309
2310 if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2311 (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2312 return 0;
2313
2314 /*
2315 * We want to share sb only if we don't specify an r/wsize or
2316 * specified r/wsize is greater than or equal to existing one.
2317 */
2318 if (new->wsize && new->wsize < old->wsize)
2319 return 0;
2320
2321 if (new->rsize && new->rsize < old->rsize)
2322 return 0;
2323
2324 if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2325 return 0;
2326
2327 if (old->mnt_file_mode != new->mnt_file_mode ||
2328 old->mnt_dir_mode != new->mnt_dir_mode)
2329 return 0;
2330
2331 if (strcmp(old->local_nls->charset, new->local_nls->charset))
2332 return 0;
2333
2334 if (old->actimeo != new->actimeo)
2335 return 0;
2336
2337 return 1;
2338 }
2339
2340 int
2341 cifs_match_super(struct super_block *sb, void *data)
2342 {
2343 struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2344 struct smb_vol *volume_info;
2345 struct cifs_sb_info *cifs_sb;
2346 struct TCP_Server_Info *tcp_srv;
2347 struct cifs_ses *ses;
2348 struct cifs_tcon *tcon;
2349 struct tcon_link *tlink;
2350 struct sockaddr_storage addr;
2351 int rc = 0;
2352
2353 memset(&addr, 0, sizeof(struct sockaddr_storage));
2354
2355 spin_lock(&cifs_tcp_ses_lock);
2356 cifs_sb = CIFS_SB(sb);
2357 tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2358 if (IS_ERR(tlink)) {
2359 spin_unlock(&cifs_tcp_ses_lock);
2360 return rc;
2361 }
2362 tcon = tlink_tcon(tlink);
2363 ses = tcon->ses;
2364 tcp_srv = ses->server;
2365
2366 volume_info = mnt_data->vol;
2367
2368 if (!volume_info->UNCip || !volume_info->UNC)
2369 goto out;
2370
2371 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2372 volume_info->UNCip,
2373 strlen(volume_info->UNCip),
2374 volume_info->port);
2375 if (!rc)
2376 goto out;
2377
2378 if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2379 !match_session(ses, volume_info) ||
2380 !match_tcon(tcon, volume_info->UNC)) {
2381 rc = 0;
2382 goto out;
2383 }
2384
2385 rc = compare_mount_options(sb, mnt_data);
2386 out:
2387 spin_unlock(&cifs_tcp_ses_lock);
2388 cifs_put_tlink(tlink);
2389 return rc;
2390 }
2391
2392 int
2393 get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
2394 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
2395 struct dfs_info3_param **preferrals, int remap)
2396 {
2397 char *temp_unc;
2398 int rc = 0;
2399
2400 *pnum_referrals = 0;
2401 *preferrals = NULL;
2402
2403 if (pSesInfo->ipc_tid == 0) {
2404 temp_unc = kmalloc(2 /* for slashes */ +
2405 strnlen(pSesInfo->serverName,
2406 SERVER_NAME_LEN_WITH_NULL * 2)
2407 + 1 + 4 /* slash IPC$ */ + 2,
2408 GFP_KERNEL);
2409 if (temp_unc == NULL)
2410 return -ENOMEM;
2411 temp_unc[0] = '\\';
2412 temp_unc[1] = '\\';
2413 strcpy(temp_unc + 2, pSesInfo->serverName);
2414 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2415 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
2416 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
2417 kfree(temp_unc);
2418 }
2419 if (rc == 0)
2420 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
2421 pnum_referrals, nls_codepage, remap);
2422 /* BB map targetUNCs to dfs_info3 structures, here or
2423 in CIFSGetDFSRefer BB */
2424
2425 return rc;
2426 }
2427
2428 #ifdef CONFIG_DEBUG_LOCK_ALLOC
2429 static struct lock_class_key cifs_key[2];
2430 static struct lock_class_key cifs_slock_key[2];
2431
2432 static inline void
2433 cifs_reclassify_socket4(struct socket *sock)
2434 {
2435 struct sock *sk = sock->sk;
2436 BUG_ON(sock_owned_by_user(sk));
2437 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2438 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2439 }
2440
2441 static inline void
2442 cifs_reclassify_socket6(struct socket *sock)
2443 {
2444 struct sock *sk = sock->sk;
2445 BUG_ON(sock_owned_by_user(sk));
2446 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2447 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2448 }
2449 #else
2450 static inline void
2451 cifs_reclassify_socket4(struct socket *sock)
2452 {
2453 }
2454
2455 static inline void
2456 cifs_reclassify_socket6(struct socket *sock)
2457 {
2458 }
2459 #endif
2460
2461 /* See RFC1001 section 14 on representation of Netbios names */
2462 static void rfc1002mangle(char *target, char *source, unsigned int length)
2463 {
2464 unsigned int i, j;
2465
2466 for (i = 0, j = 0; i < (length); i++) {
2467 /* mask a nibble at a time and encode */
2468 target[j] = 'A' + (0x0F & (source[i] >> 4));
2469 target[j+1] = 'A' + (0x0F & source[i]);
2470 j += 2;
2471 }
2472
2473 }
2474
2475 static int
2476 bind_socket(struct TCP_Server_Info *server)
2477 {
2478 int rc = 0;
2479 if (server->srcaddr.ss_family != AF_UNSPEC) {
2480 /* Bind to the specified local IP address */
2481 struct socket *socket = server->ssocket;
2482 rc = socket->ops->bind(socket,
2483 (struct sockaddr *) &server->srcaddr,
2484 sizeof(server->srcaddr));
2485 if (rc < 0) {
2486 struct sockaddr_in *saddr4;
2487 struct sockaddr_in6 *saddr6;
2488 saddr4 = (struct sockaddr_in *)&server->srcaddr;
2489 saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2490 if (saddr6->sin6_family == AF_INET6)
2491 cERROR(1, "cifs: "
2492 "Failed to bind to: %pI6c, error: %d\n",
2493 &saddr6->sin6_addr, rc);
2494 else
2495 cERROR(1, "cifs: "
2496 "Failed to bind to: %pI4, error: %d\n",
2497 &saddr4->sin_addr.s_addr, rc);
2498 }
2499 }
2500 return rc;
2501 }
2502
2503 static int
2504 ip_rfc1001_connect(struct TCP_Server_Info *server)
2505 {
2506 int rc = 0;
2507 /*
2508 * some servers require RFC1001 sessinit before sending
2509 * negprot - BB check reconnection in case where second
2510 * sessinit is sent but no second negprot
2511 */
2512 struct rfc1002_session_packet *ses_init_buf;
2513 struct smb_hdr *smb_buf;
2514 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2515 GFP_KERNEL);
2516 if (ses_init_buf) {
2517 ses_init_buf->trailer.session_req.called_len = 32;
2518
2519 if (server->server_RFC1001_name &&
2520 server->server_RFC1001_name[0] != 0)
2521 rfc1002mangle(ses_init_buf->trailer.
2522 session_req.called_name,
2523 server->server_RFC1001_name,
2524 RFC1001_NAME_LEN_WITH_NULL);
2525 else
2526 rfc1002mangle(ses_init_buf->trailer.
2527 session_req.called_name,
2528 DEFAULT_CIFS_CALLED_NAME,
2529 RFC1001_NAME_LEN_WITH_NULL);
2530
2531 ses_init_buf->trailer.session_req.calling_len = 32;
2532
2533 /*
2534 * calling name ends in null (byte 16) from old smb
2535 * convention.
2536 */
2537 if (server->workstation_RFC1001_name &&
2538 server->workstation_RFC1001_name[0] != 0)
2539 rfc1002mangle(ses_init_buf->trailer.
2540 session_req.calling_name,
2541 server->workstation_RFC1001_name,
2542 RFC1001_NAME_LEN_WITH_NULL);
2543 else
2544 rfc1002mangle(ses_init_buf->trailer.
2545 session_req.calling_name,
2546 "LINUX_CIFS_CLNT",
2547 RFC1001_NAME_LEN_WITH_NULL);
2548
2549 ses_init_buf->trailer.session_req.scope1 = 0;
2550 ses_init_buf->trailer.session_req.scope2 = 0;
2551 smb_buf = (struct smb_hdr *)ses_init_buf;
2552
2553 /* sizeof RFC1002_SESSION_REQUEST with no scope */
2554 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
2555 rc = smb_send(server, smb_buf, 0x44);
2556 kfree(ses_init_buf);
2557 /*
2558 * RFC1001 layer in at least one server
2559 * requires very short break before negprot
2560 * presumably because not expecting negprot
2561 * to follow so fast. This is a simple
2562 * solution that works without
2563 * complicating the code and causes no
2564 * significant slowing down on mount
2565 * for everyone else
2566 */
2567 usleep_range(1000, 2000);
2568 }
2569 /*
2570 * else the negprot may still work without this
2571 * even though malloc failed
2572 */
2573
2574 return rc;
2575 }
2576
2577 static int
2578 generic_ip_connect(struct TCP_Server_Info *server)
2579 {
2580 int rc = 0;
2581 __be16 sport;
2582 int slen, sfamily;
2583 struct socket *socket = server->ssocket;
2584 struct sockaddr *saddr;
2585
2586 saddr = (struct sockaddr *) &server->dstaddr;
2587
2588 if (server->dstaddr.ss_family == AF_INET6) {
2589 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2590 slen = sizeof(struct sockaddr_in6);
2591 sfamily = AF_INET6;
2592 } else {
2593 sport = ((struct sockaddr_in *) saddr)->sin_port;
2594 slen = sizeof(struct sockaddr_in);
2595 sfamily = AF_INET;
2596 }
2597
2598 if (socket == NULL) {
2599 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2600 IPPROTO_TCP, &socket, 1);
2601 if (rc < 0) {
2602 cERROR(1, "Error %d creating socket", rc);
2603 server->ssocket = NULL;
2604 return rc;
2605 }
2606
2607 /* BB other socket options to set KEEPALIVE, NODELAY? */
2608 cFYI(1, "Socket created");
2609 server->ssocket = socket;
2610 socket->sk->sk_allocation = GFP_NOFS;
2611 if (sfamily == AF_INET6)
2612 cifs_reclassify_socket6(socket);
2613 else
2614 cifs_reclassify_socket4(socket);
2615 }
2616
2617 rc = bind_socket(server);
2618 if (rc < 0)
2619 return rc;
2620
2621 /*
2622 * Eventually check for other socket options to change from
2623 * the default. sock_setsockopt not used because it expects
2624 * user space buffer
2625 */
2626 socket->sk->sk_rcvtimeo = 7 * HZ;
2627 socket->sk->sk_sndtimeo = 5 * HZ;
2628
2629 /* make the bufsizes depend on wsize/rsize and max requests */
2630 if (server->noautotune) {
2631 if (socket->sk->sk_sndbuf < (200 * 1024))
2632 socket->sk->sk_sndbuf = 200 * 1024;
2633 if (socket->sk->sk_rcvbuf < (140 * 1024))
2634 socket->sk->sk_rcvbuf = 140 * 1024;
2635 }
2636
2637 if (server->tcp_nodelay) {
2638 int val = 1;
2639 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2640 (char *)&val, sizeof(val));
2641 if (rc)
2642 cFYI(1, "set TCP_NODELAY socket option error %d", rc);
2643 }
2644
2645 cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
2646 socket->sk->sk_sndbuf,
2647 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
2648
2649 rc = socket->ops->connect(socket, saddr, slen, 0);
2650 if (rc < 0) {
2651 cFYI(1, "Error %d connecting to server", rc);
2652 sock_release(socket);
2653 server->ssocket = NULL;
2654 return rc;
2655 }
2656
2657 if (sport == htons(RFC1001_PORT))
2658 rc = ip_rfc1001_connect(server);
2659
2660 return rc;
2661 }
2662
2663 static int
2664 ip_connect(struct TCP_Server_Info *server)
2665 {
2666 __be16 *sport;
2667 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2668 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2669
2670 if (server->dstaddr.ss_family == AF_INET6)
2671 sport = &addr6->sin6_port;
2672 else
2673 sport = &addr->sin_port;
2674
2675 if (*sport == 0) {
2676 int rc;
2677
2678 /* try with 445 port at first */
2679 *sport = htons(CIFS_PORT);
2680
2681 rc = generic_ip_connect(server);
2682 if (rc >= 0)
2683 return rc;
2684
2685 /* if it failed, try with 139 port */
2686 *sport = htons(RFC1001_PORT);
2687 }
2688
2689 return generic_ip_connect(server);
2690 }
2691
2692 void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
2693 struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
2694 {
2695 /* if we are reconnecting then should we check to see if
2696 * any requested capabilities changed locally e.g. via
2697 * remount but we can not do much about it here
2698 * if they have (even if we could detect it by the following)
2699 * Perhaps we could add a backpointer to array of sb from tcon
2700 * or if we change to make all sb to same share the same
2701 * sb as NFS - then we only have one backpointer to sb.
2702 * What if we wanted to mount the server share twice once with
2703 * and once without posixacls or posix paths? */
2704 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2705
2706 if (vol_info && vol_info->no_linux_ext) {
2707 tcon->fsUnixInfo.Capability = 0;
2708 tcon->unix_ext = 0; /* Unix Extensions disabled */
2709 cFYI(1, "Linux protocol extensions disabled");
2710 return;
2711 } else if (vol_info)
2712 tcon->unix_ext = 1; /* Unix Extensions supported */
2713
2714 if (tcon->unix_ext == 0) {
2715 cFYI(1, "Unix extensions disabled so not set on reconnect");
2716 return;
2717 }
2718
2719 if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
2720 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2721 cFYI(1, "unix caps which server supports %lld", cap);
2722 /* check for reconnect case in which we do not
2723 want to change the mount behavior if we can avoid it */
2724 if (vol_info == NULL) {
2725 /* turn off POSIX ACL and PATHNAMES if not set
2726 originally at mount time */
2727 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2728 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2729 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2730 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2731 cERROR(1, "POSIXPATH support change");
2732 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2733 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2734 cERROR(1, "possible reconnect error");
2735 cERROR(1, "server disabled POSIX path support");
2736 }
2737 }
2738
2739 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2740 cERROR(1, "per-share encryption not supported yet");
2741
2742 cap &= CIFS_UNIX_CAP_MASK;
2743 if (vol_info && vol_info->no_psx_acl)
2744 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2745 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
2746 cFYI(1, "negotiated posix acl support");
2747 if (cifs_sb)
2748 cifs_sb->mnt_cifs_flags |=
2749 CIFS_MOUNT_POSIXACL;
2750 }
2751
2752 if (vol_info && vol_info->posix_paths == 0)
2753 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2754 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
2755 cFYI(1, "negotiate posix pathnames");
2756 if (cifs_sb)
2757 cifs_sb->mnt_cifs_flags |=
2758 CIFS_MOUNT_POSIX_PATHS;
2759 }
2760
2761 cFYI(1, "Negotiate caps 0x%x", (int)cap);
2762 #ifdef CONFIG_CIFS_DEBUG2
2763 if (cap & CIFS_UNIX_FCNTL_CAP)
2764 cFYI(1, "FCNTL cap");
2765 if (cap & CIFS_UNIX_EXTATTR_CAP)
2766 cFYI(1, "EXTATTR cap");
2767 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2768 cFYI(1, "POSIX path cap");
2769 if (cap & CIFS_UNIX_XATTR_CAP)
2770 cFYI(1, "XATTR cap");
2771 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
2772 cFYI(1, "POSIX ACL cap");
2773 if (cap & CIFS_UNIX_LARGE_READ_CAP)
2774 cFYI(1, "very large read cap");
2775 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
2776 cFYI(1, "very large write cap");
2777 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
2778 cFYI(1, "transport encryption cap");
2779 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2780 cFYI(1, "mandatory transport encryption cap");
2781 #endif /* CIFS_DEBUG2 */
2782 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
2783 if (vol_info == NULL) {
2784 cFYI(1, "resetting capabilities failed");
2785 } else
2786 cERROR(1, "Negotiating Unix capabilities "
2787 "with the server failed. Consider "
2788 "mounting with the Unix Extensions\n"
2789 "disabled, if problems are found, "
2790 "by specifying the nounix mount "
2791 "option.");
2792
2793 }
2794 }
2795 }
2796
2797 void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
2798 struct cifs_sb_info *cifs_sb)
2799 {
2800 INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2801
2802 spin_lock_init(&cifs_sb->tlink_tree_lock);
2803 cifs_sb->tlink_tree = RB_ROOT;
2804
2805 /*
2806 * Temporarily set r/wsize for matching superblock. If we end up using
2807 * new sb then client will later negotiate it downward if needed.
2808 */
2809 cifs_sb->rsize = pvolume_info->rsize;
2810 cifs_sb->wsize = pvolume_info->wsize;
2811
2812 cifs_sb->mnt_uid = pvolume_info->linux_uid;
2813 cifs_sb->mnt_gid = pvolume_info->linux_gid;
2814 if (pvolume_info->backupuid_specified)
2815 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
2816 if (pvolume_info->backupgid_specified)
2817 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
2818 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2819 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
2820 cFYI(1, "file mode: 0x%x dir mode: 0x%x",
2821 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
2822
2823 cifs_sb->actimeo = pvolume_info->actimeo;
2824 cifs_sb->local_nls = pvolume_info->local_nls;
2825
2826 if (pvolume_info->noperm)
2827 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2828 if (pvolume_info->setuids)
2829 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2830 if (pvolume_info->server_ino)
2831 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2832 if (pvolume_info->remap)
2833 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2834 if (pvolume_info->no_xattr)
2835 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2836 if (pvolume_info->sfu_emul)
2837 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2838 if (pvolume_info->nobrl)
2839 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
2840 if (pvolume_info->nostrictsync)
2841 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
2842 if (pvolume_info->mand_lock)
2843 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
2844 if (pvolume_info->rwpidforward)
2845 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
2846 if (pvolume_info->cifs_acl)
2847 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
2848 if (pvolume_info->backupuid_specified)
2849 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
2850 if (pvolume_info->backupgid_specified)
2851 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
2852 if (pvolume_info->override_uid)
2853 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
2854 if (pvolume_info->override_gid)
2855 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
2856 if (pvolume_info->dynperm)
2857 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
2858 if (pvolume_info->fsc)
2859 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
2860 if (pvolume_info->multiuser)
2861 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
2862 CIFS_MOUNT_NO_PERM);
2863 if (pvolume_info->strict_io)
2864 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
2865 if (pvolume_info->direct_io) {
2866 cFYI(1, "mounting share using direct i/o");
2867 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
2868 }
2869 if (pvolume_info->mfsymlinks) {
2870 if (pvolume_info->sfu_emul) {
2871 cERROR(1, "mount option mfsymlinks ignored if sfu "
2872 "mount option is used");
2873 } else {
2874 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
2875 }
2876 }
2877
2878 if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
2879 cERROR(1, "mount option dynperm ignored if cifsacl "
2880 "mount option supported");
2881 }
2882
2883 /*
2884 * When the server supports very large reads and writes via POSIX extensions,
2885 * we can allow up to 2^24-1, minus the size of a READ/WRITE_AND_X header, not
2886 * including the RFC1001 length.
2887 *
2888 * Note that this might make for "interesting" allocation problems during
2889 * writeback however as we have to allocate an array of pointers for the
2890 * pages. A 16M write means ~32kb page array with PAGE_CACHE_SIZE == 4096.
2891 *
2892 * For reads, there is a similar problem as we need to allocate an array
2893 * of kvecs to handle the receive, though that should only need to be done
2894 * once.
2895 */
2896 #define CIFS_MAX_WSIZE ((1<<24) - 1 - sizeof(WRITE_REQ) + 4)
2897 #define CIFS_MAX_RSIZE ((1<<24) - sizeof(READ_RSP) + 4)
2898
2899 /*
2900 * When the server doesn't allow large posix writes, only allow a rsize/wsize
2901 * of 2^17-1 minus the size of the call header. That allows for a read or
2902 * write up to the maximum size described by RFC1002.
2903 */
2904 #define CIFS_MAX_RFC1002_WSIZE ((1<<17) - 1 - sizeof(WRITE_REQ) + 4)
2905 #define CIFS_MAX_RFC1002_RSIZE ((1<<17) - 1 - sizeof(READ_RSP) + 4)
2906
2907 /*
2908 * The default wsize is 1M. find_get_pages seems to return a maximum of 256
2909 * pages in a single call. With PAGE_CACHE_SIZE == 4k, this means we can fill
2910 * a single wsize request with a single call.
2911 */
2912 #define CIFS_DEFAULT_IOSIZE (1024 * 1024)
2913
2914 /*
2915 * Windows only supports a max of 60k reads. Default to that when posix
2916 * extensions aren't in force.
2917 */
2918 #define CIFS_DEFAULT_NON_POSIX_RSIZE (60 * 1024)
2919
2920 static unsigned int
2921 cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
2922 {
2923 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2924 struct TCP_Server_Info *server = tcon->ses->server;
2925 unsigned int wsize = pvolume_info->wsize ? pvolume_info->wsize :
2926 CIFS_DEFAULT_IOSIZE;
2927
2928 /* can server support 24-bit write sizes? (via UNIX extensions) */
2929 if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
2930 wsize = min_t(unsigned int, wsize, CIFS_MAX_RFC1002_WSIZE);
2931
2932 /*
2933 * no CAP_LARGE_WRITE_X or is signing enabled without CAP_UNIX set?
2934 * Limit it to max buffer offered by the server, minus the size of the
2935 * WRITEX header, not including the 4 byte RFC1001 length.
2936 */
2937 if (!(server->capabilities & CAP_LARGE_WRITE_X) ||
2938 (!(server->capabilities & CAP_UNIX) &&
2939 (server->sec_mode & (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED))))
2940 wsize = min_t(unsigned int, wsize,
2941 server->maxBuf - sizeof(WRITE_REQ) + 4);
2942
2943 /* hard limit of CIFS_MAX_WSIZE */
2944 wsize = min_t(unsigned int, wsize, CIFS_MAX_WSIZE);
2945
2946 return wsize;
2947 }
2948
2949 static unsigned int
2950 cifs_negotiate_rsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
2951 {
2952 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2953 struct TCP_Server_Info *server = tcon->ses->server;
2954 unsigned int rsize, defsize;
2955
2956 /*
2957 * Set default value...
2958 *
2959 * HACK alert! Ancient servers have very small buffers. Even though
2960 * MS-CIFS indicates that servers are only limited by the client's
2961 * bufsize for reads, testing against win98se shows that it throws
2962 * INVALID_PARAMETER errors if you try to request too large a read.
2963 *
2964 * If the server advertises a MaxBufferSize of less than one page,
2965 * assume that it also can't satisfy reads larger than that either.
2966 *
2967 * FIXME: Is there a better heuristic for this?
2968 */
2969 if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_READ_CAP))
2970 defsize = CIFS_DEFAULT_IOSIZE;
2971 else if (server->capabilities & CAP_LARGE_READ_X)
2972 defsize = CIFS_DEFAULT_NON_POSIX_RSIZE;
2973 else if (server->maxBuf >= PAGE_CACHE_SIZE)
2974 defsize = CIFSMaxBufSize;
2975 else
2976 defsize = server->maxBuf - sizeof(READ_RSP);
2977
2978 rsize = pvolume_info->rsize ? pvolume_info->rsize : defsize;
2979
2980 /*
2981 * no CAP_LARGE_READ_X? Then MS-CIFS states that we must limit this to
2982 * the client's MaxBufferSize.
2983 */
2984 if (!(server->capabilities & CAP_LARGE_READ_X))
2985 rsize = min_t(unsigned int, CIFSMaxBufSize, rsize);
2986
2987 /* hard limit of CIFS_MAX_RSIZE */
2988 rsize = min_t(unsigned int, rsize, CIFS_MAX_RSIZE);
2989
2990 return rsize;
2991 }
2992
2993 static int
2994 is_path_accessible(int xid, struct cifs_tcon *tcon,
2995 struct cifs_sb_info *cifs_sb, const char *full_path)
2996 {
2997 int rc;
2998 FILE_ALL_INFO *pfile_info;
2999
3000 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
3001 if (pfile_info == NULL)
3002 return -ENOMEM;
3003
3004 rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
3005 0 /* not legacy */, cifs_sb->local_nls,
3006 cifs_sb->mnt_cifs_flags &
3007 CIFS_MOUNT_MAP_SPECIAL_CHR);
3008
3009 if (rc == -EOPNOTSUPP || rc == -EINVAL)
3010 rc = SMBQueryInformation(xid, tcon, full_path, pfile_info,
3011 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
3012 CIFS_MOUNT_MAP_SPECIAL_CHR);
3013 kfree(pfile_info);
3014 return rc;
3015 }
3016
3017 static void
3018 cleanup_volume_info_contents(struct smb_vol *volume_info)
3019 {
3020 kfree(volume_info->username);
3021 kzfree(volume_info->password);
3022 if (volume_info->UNCip != volume_info->UNC + 2)
3023 kfree(volume_info->UNCip);
3024 kfree(volume_info->UNC);
3025 kfree(volume_info->domainname);
3026 kfree(volume_info->iocharset);
3027 kfree(volume_info->prepath);
3028 }
3029
3030 void
3031 cifs_cleanup_volume_info(struct smb_vol *volume_info)
3032 {
3033 if (!volume_info)
3034 return;
3035 cleanup_volume_info_contents(volume_info);
3036 kfree(volume_info);
3037 }
3038
3039
3040 #ifdef CONFIG_CIFS_DFS_UPCALL
3041 /* build_path_to_root returns full path to root when
3042 * we do not have an exiting connection (tcon) */
3043 static char *
3044 build_unc_path_to_root(const struct smb_vol *vol,
3045 const struct cifs_sb_info *cifs_sb)
3046 {
3047 char *full_path, *pos;
3048 unsigned int pplen = vol->prepath ? strlen(vol->prepath) : 0;
3049 unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
3050
3051 full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
3052 if (full_path == NULL)
3053 return ERR_PTR(-ENOMEM);
3054
3055 strncpy(full_path, vol->UNC, unc_len);
3056 pos = full_path + unc_len;
3057
3058 if (pplen) {
3059 strncpy(pos, vol->prepath, pplen);
3060 pos += pplen;
3061 }
3062
3063 *pos = '\0'; /* add trailing null */
3064 convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
3065 cFYI(1, "%s: full_path=%s", __func__, full_path);
3066 return full_path;
3067 }
3068
3069 /*
3070 * Perform a dfs referral query for a share and (optionally) prefix
3071 *
3072 * If a referral is found, cifs_sb->mountdata will be (re-)allocated
3073 * to a string containing updated options for the submount. Otherwise it
3074 * will be left untouched.
3075 *
3076 * Returns the rc from get_dfs_path to the caller, which can be used to
3077 * determine whether there were referrals.
3078 */
3079 static int
3080 expand_dfs_referral(int xid, struct cifs_ses *pSesInfo,
3081 struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
3082 int check_prefix)
3083 {
3084 int rc;
3085 unsigned int num_referrals = 0;
3086 struct dfs_info3_param *referrals = NULL;
3087 char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
3088
3089 full_path = build_unc_path_to_root(volume_info, cifs_sb);
3090 if (IS_ERR(full_path))
3091 return PTR_ERR(full_path);
3092
3093 /* For DFS paths, skip the first '\' of the UNC */
3094 ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
3095
3096 rc = get_dfs_path(xid, pSesInfo , ref_path, cifs_sb->local_nls,
3097 &num_referrals, &referrals,
3098 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
3099
3100 if (!rc && num_referrals > 0) {
3101 char *fake_devname = NULL;
3102
3103 mdata = cifs_compose_mount_options(cifs_sb->mountdata,
3104 full_path + 1, referrals,
3105 &fake_devname);
3106
3107 free_dfs_info_array(referrals, num_referrals);
3108
3109 if (IS_ERR(mdata)) {
3110 rc = PTR_ERR(mdata);
3111 mdata = NULL;
3112 } else {
3113 cleanup_volume_info_contents(volume_info);
3114 memset(volume_info, '\0', sizeof(*volume_info));
3115 rc = cifs_setup_volume_info(volume_info, mdata,
3116 fake_devname);
3117 }
3118 kfree(fake_devname);
3119 kfree(cifs_sb->mountdata);
3120 cifs_sb->mountdata = mdata;
3121 }
3122 kfree(full_path);
3123 return rc;
3124 }
3125 #endif
3126
3127 static int
3128 cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
3129 const char *devname)
3130 {
3131 int rc = 0;
3132
3133 if (cifs_parse_mount_options(mount_data, devname, volume_info))
3134 return -EINVAL;
3135
3136 if (volume_info->nullauth) {
3137 cFYI(1, "null user");
3138 volume_info->username = kzalloc(1, GFP_KERNEL);
3139 if (volume_info->username == NULL)
3140 return -ENOMEM;
3141 } else if (volume_info->username) {
3142 /* BB fixme parse for domain name here */
3143 cFYI(1, "Username: %s", volume_info->username);
3144 } else {
3145 cifserror("No username specified");
3146 /* In userspace mount helper we can get user name from alternate
3147 locations such as env variables and files on disk */
3148 return -EINVAL;
3149 }
3150
3151 /* this is needed for ASCII cp to Unicode converts */
3152 if (volume_info->iocharset == NULL) {
3153 /* load_nls_default cannot return null */
3154 volume_info->local_nls = load_nls_default();
3155 } else {
3156 volume_info->local_nls = load_nls(volume_info->iocharset);
3157 if (volume_info->local_nls == NULL) {
3158 cERROR(1, "CIFS mount error: iocharset %s not found",
3159 volume_info->iocharset);
3160 return -ELIBACC;
3161 }
3162 }
3163
3164 return rc;
3165 }
3166
3167 struct smb_vol *
3168 cifs_get_volume_info(char *mount_data, const char *devname)
3169 {
3170 int rc;
3171 struct smb_vol *volume_info;
3172
3173 volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
3174 if (!volume_info)
3175 return ERR_PTR(-ENOMEM);
3176
3177 rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3178 if (rc) {
3179 cifs_cleanup_volume_info(volume_info);
3180 volume_info = ERR_PTR(rc);
3181 }
3182
3183 return volume_info;
3184 }
3185
3186 /* make sure ra_pages is a multiple of rsize */
3187 static inline unsigned int
3188 cifs_ra_pages(struct cifs_sb_info *cifs_sb)
3189 {
3190 unsigned int reads;
3191 unsigned int rsize_pages = cifs_sb->rsize / PAGE_CACHE_SIZE;
3192
3193 if (rsize_pages >= default_backing_dev_info.ra_pages)
3194 return default_backing_dev_info.ra_pages;
3195 else if (rsize_pages == 0)
3196 return rsize_pages;
3197
3198 reads = default_backing_dev_info.ra_pages / rsize_pages;
3199 return reads * rsize_pages;
3200 }
3201
3202 int
3203 cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
3204 {
3205 int rc = 0;
3206 int xid;
3207 struct cifs_ses *pSesInfo;
3208 struct cifs_tcon *tcon;
3209 struct TCP_Server_Info *srvTcp;
3210 char *full_path;
3211 struct tcon_link *tlink;
3212 #ifdef CONFIG_CIFS_DFS_UPCALL
3213 int referral_walks_count = 0;
3214 #endif
3215
3216 rc = bdi_setup_and_register(&cifs_sb->bdi, "cifs", BDI_CAP_MAP_COPY);
3217 if (rc)
3218 return rc;
3219
3220 #ifdef CONFIG_CIFS_DFS_UPCALL
3221 try_mount_again:
3222 /* cleanup activities if we're chasing a referral */
3223 if (referral_walks_count) {
3224 if (tcon)
3225 cifs_put_tcon(tcon);
3226 else if (pSesInfo)
3227 cifs_put_smb_ses(pSesInfo);
3228
3229 FreeXid(xid);
3230 }
3231 #endif
3232 tcon = NULL;
3233 pSesInfo = NULL;
3234 srvTcp = NULL;
3235 full_path = NULL;
3236 tlink = NULL;
3237
3238 xid = GetXid();
3239
3240 /* get a reference to a tcp session */
3241 srvTcp = cifs_get_tcp_session(volume_info);
3242 if (IS_ERR(srvTcp)) {
3243 rc = PTR_ERR(srvTcp);
3244 bdi_destroy(&cifs_sb->bdi);
3245 goto out;
3246 }
3247
3248 /* get a reference to a SMB session */
3249 pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
3250 if (IS_ERR(pSesInfo)) {
3251 rc = PTR_ERR(pSesInfo);
3252 pSesInfo = NULL;
3253 goto mount_fail_check;
3254 }
3255
3256 /* search for existing tcon to this server share */
3257 tcon = cifs_get_tcon(pSesInfo, volume_info);
3258 if (IS_ERR(tcon)) {
3259 rc = PTR_ERR(tcon);
3260 tcon = NULL;
3261 goto remote_path_check;
3262 }
3263
3264 /* tell server which Unix caps we support */
3265 if (tcon->ses->capabilities & CAP_UNIX) {
3266 /* reset of caps checks mount to see if unix extensions
3267 disabled for just this mount */
3268 reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
3269 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3270 (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3271 CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3272 rc = -EACCES;
3273 goto mount_fail_check;
3274 }
3275 } else
3276 tcon->unix_ext = 0; /* server does not support them */
3277
3278 /* do not care if following two calls succeed - informational */
3279 if (!tcon->ipc) {
3280 CIFSSMBQFSDeviceInfo(xid, tcon);
3281 CIFSSMBQFSAttributeInfo(xid, tcon);
3282 }
3283
3284 cifs_sb->wsize = cifs_negotiate_wsize(tcon, volume_info);
3285 cifs_sb->rsize = cifs_negotiate_rsize(tcon, volume_info);
3286
3287 /* tune readahead according to rsize */
3288 cifs_sb->bdi.ra_pages = cifs_ra_pages(cifs_sb);
3289
3290 remote_path_check:
3291 #ifdef CONFIG_CIFS_DFS_UPCALL
3292 /*
3293 * Perform an unconditional check for whether there are DFS
3294 * referrals for this path without prefix, to provide support
3295 * for DFS referrals from w2k8 servers which don't seem to respond
3296 * with PATH_NOT_COVERED to requests that include the prefix.
3297 * Chase the referral if found, otherwise continue normally.
3298 */
3299 if (referral_walks_count == 0) {
3300 int refrc = expand_dfs_referral(xid, pSesInfo, volume_info,
3301 cifs_sb, false);
3302 if (!refrc) {
3303 referral_walks_count++;
3304 goto try_mount_again;
3305 }
3306 }
3307 #endif
3308
3309 /* check if a whole path is not remote */
3310 if (!rc && tcon) {
3311 /* build_path_to_root works only when we have a valid tcon */
3312 full_path = cifs_build_path_to_root(volume_info, cifs_sb, tcon);
3313 if (full_path == NULL) {
3314 rc = -ENOMEM;
3315 goto mount_fail_check;
3316 }
3317 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
3318 if (rc != 0 && rc != -EREMOTE) {
3319 kfree(full_path);
3320 goto mount_fail_check;
3321 }
3322 kfree(full_path);
3323 }
3324
3325 /* get referral if needed */
3326 if (rc == -EREMOTE) {
3327 #ifdef CONFIG_CIFS_DFS_UPCALL
3328 if (referral_walks_count > MAX_NESTED_LINKS) {
3329 /*
3330 * BB: when we implement proper loop detection,
3331 * we will remove this check. But now we need it
3332 * to prevent an indefinite loop if 'DFS tree' is
3333 * misconfigured (i.e. has loops).
3334 */
3335 rc = -ELOOP;
3336 goto mount_fail_check;
3337 }
3338
3339 rc = expand_dfs_referral(xid, pSesInfo, volume_info, cifs_sb,
3340 true);
3341
3342 if (!rc) {
3343 referral_walks_count++;
3344 goto try_mount_again;
3345 }
3346 goto mount_fail_check;
3347 #else /* No DFS support, return error on mount */
3348 rc = -EOPNOTSUPP;
3349 #endif
3350 }
3351
3352 if (rc)
3353 goto mount_fail_check;
3354
3355 /* now, hang the tcon off of the superblock */
3356 tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3357 if (tlink == NULL) {
3358 rc = -ENOMEM;
3359 goto mount_fail_check;
3360 }
3361
3362 tlink->tl_uid = pSesInfo->linux_uid;
3363 tlink->tl_tcon = tcon;
3364 tlink->tl_time = jiffies;
3365 set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
3366 set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3367
3368 cifs_sb->master_tlink = tlink;
3369 spin_lock(&cifs_sb->tlink_tree_lock);
3370 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
3371 spin_unlock(&cifs_sb->tlink_tree_lock);
3372
3373 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3374 TLINK_IDLE_EXPIRE);
3375
3376 mount_fail_check:
3377 /* on error free sesinfo and tcon struct if needed */
3378 if (rc) {
3379 /* If find_unc succeeded then rc == 0 so we can not end */
3380 /* up accidentally freeing someone elses tcon struct */
3381 if (tcon)
3382 cifs_put_tcon(tcon);
3383 else if (pSesInfo)
3384 cifs_put_smb_ses(pSesInfo);
3385 else
3386 cifs_put_tcp_session(srvTcp);
3387 bdi_destroy(&cifs_sb->bdi);
3388 }
3389
3390 out:
3391 FreeXid(xid);
3392 return rc;
3393 }
3394
3395 /*
3396 * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
3397 * pointer may be NULL.
3398 */
3399 int
3400 CIFSTCon(unsigned int xid, struct cifs_ses *ses,
3401 const char *tree, struct cifs_tcon *tcon,
3402 const struct nls_table *nls_codepage)
3403 {
3404 struct smb_hdr *smb_buffer;
3405 struct smb_hdr *smb_buffer_response;
3406 TCONX_REQ *pSMB;
3407 TCONX_RSP *pSMBr;
3408 unsigned char *bcc_ptr;
3409 int rc = 0;
3410 int length;
3411 __u16 bytes_left, count;
3412
3413 if (ses == NULL)
3414 return -EIO;
3415
3416 smb_buffer = cifs_buf_get();
3417 if (smb_buffer == NULL)
3418 return -ENOMEM;
3419
3420 smb_buffer_response = smb_buffer;
3421
3422 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3423 NULL /*no tid */ , 4 /*wct */ );
3424
3425 smb_buffer->Mid = GetNextMid(ses->server);
3426 smb_buffer->Uid = ses->Suid;
3427 pSMB = (TCONX_REQ *) smb_buffer;
3428 pSMBr = (TCONX_RSP *) smb_buffer_response;
3429
3430 pSMB->AndXCommand = 0xFF;
3431 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
3432 bcc_ptr = &pSMB->Password[0];
3433 if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
3434 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
3435 *bcc_ptr = 0; /* password is null byte */
3436 bcc_ptr++; /* skip password */
3437 /* already aligned so no need to do it below */
3438 } else {
3439 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
3440 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3441 specified as required (when that support is added to
3442 the vfs in the future) as only NTLM or the much
3443 weaker LANMAN (which we do not send by default) is accepted
3444 by Samba (not sure whether other servers allow
3445 NTLMv2 password here) */
3446 #ifdef CONFIG_CIFS_WEAK_PW_HASH
3447 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
3448 (ses->server->secType == LANMAN))
3449 calc_lanman_hash(tcon->password, ses->server->cryptkey,
3450 ses->server->sec_mode &
3451 SECMODE_PW_ENCRYPT ? true : false,
3452 bcc_ptr);
3453 else
3454 #endif /* CIFS_WEAK_PW_HASH */
3455 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
3456 bcc_ptr, nls_codepage);
3457
3458 bcc_ptr += CIFS_AUTH_RESP_SIZE;
3459 if (ses->capabilities & CAP_UNICODE) {
3460 /* must align unicode strings */
3461 *bcc_ptr = 0; /* null byte password */
3462 bcc_ptr++;
3463 }
3464 }
3465
3466 if (ses->server->sec_mode &
3467 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
3468 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3469
3470 if (ses->capabilities & CAP_STATUS32) {
3471 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3472 }
3473 if (ses->capabilities & CAP_DFS) {
3474 smb_buffer->Flags2 |= SMBFLG2_DFS;
3475 }
3476 if (ses->capabilities & CAP_UNICODE) {
3477 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3478 length =
3479 cifs_strtoUCS((__le16 *) bcc_ptr, tree,
3480 6 /* max utf8 char length in bytes */ *
3481 (/* server len*/ + 256 /* share len */), nls_codepage);
3482 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
3483 bcc_ptr += 2; /* skip trailing null */
3484 } else { /* ASCII */
3485 strcpy(bcc_ptr, tree);
3486 bcc_ptr += strlen(tree) + 1;
3487 }
3488 strcpy(bcc_ptr, "?????");
3489 bcc_ptr += strlen("?????");
3490 bcc_ptr += 1;
3491 count = bcc_ptr - &pSMB->Password[0];
3492 pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
3493 pSMB->hdr.smb_buf_length) + count);
3494 pSMB->ByteCount = cpu_to_le16(count);
3495
3496 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
3497 0);
3498
3499 /* above now done in SendReceive */
3500 if ((rc == 0) && (tcon != NULL)) {
3501 bool is_unicode;
3502
3503 tcon->tidStatus = CifsGood;
3504 tcon->need_reconnect = false;
3505 tcon->tid = smb_buffer_response->Tid;
3506 bcc_ptr = pByteArea(smb_buffer_response);
3507 bytes_left = get_bcc(smb_buffer_response);
3508 length = strnlen(bcc_ptr, bytes_left - 2);
3509 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3510 is_unicode = true;
3511 else
3512 is_unicode = false;
3513
3514
3515 /* skip service field (NB: this field is always ASCII) */
3516 if (length == 3) {
3517 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
3518 (bcc_ptr[2] == 'C')) {
3519 cFYI(1, "IPC connection");
3520 tcon->ipc = 1;
3521 }
3522 } else if (length == 2) {
3523 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
3524 /* the most common case */
3525 cFYI(1, "disk share connection");
3526 }
3527 }
3528 bcc_ptr += length + 1;
3529 bytes_left -= (length + 1);
3530 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
3531
3532 /* mostly informational -- no need to fail on error here */
3533 kfree(tcon->nativeFileSystem);
3534 tcon->nativeFileSystem = cifs_strndup_from_ucs(bcc_ptr,
3535 bytes_left, is_unicode,
3536 nls_codepage);
3537
3538 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
3539
3540 if ((smb_buffer_response->WordCount == 3) ||
3541 (smb_buffer_response->WordCount == 7))
3542 /* field is in same location */
3543 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3544 else
3545 tcon->Flags = 0;
3546 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
3547 } else if ((rc == 0) && tcon == NULL) {
3548 /* all we need to save for IPC$ connection */
3549 ses->ipc_tid = smb_buffer_response->Tid;
3550 }
3551
3552 cifs_buf_release(smb_buffer);
3553 return rc;
3554 }
3555
3556 void
3557 cifs_umount(struct cifs_sb_info *cifs_sb)
3558 {
3559 struct rb_root *root = &cifs_sb->tlink_tree;
3560 struct rb_node *node;
3561 struct tcon_link *tlink;
3562
3563 cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
3564
3565 spin_lock(&cifs_sb->tlink_tree_lock);
3566 while ((node = rb_first(root))) {
3567 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3568 cifs_get_tlink(tlink);
3569 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3570 rb_erase(node, root);
3571
3572 spin_unlock(&cifs_sb->tlink_tree_lock);
3573 cifs_put_tlink(tlink);
3574 spin_lock(&cifs_sb->tlink_tree_lock);
3575 }
3576 spin_unlock(&cifs_sb->tlink_tree_lock);
3577
3578 bdi_destroy(&cifs_sb->bdi);
3579 kfree(cifs_sb->mountdata);
3580 unload_nls(cifs_sb->local_nls);
3581 kfree(cifs_sb);
3582 }
3583
3584 int cifs_negotiate_protocol(unsigned int xid, struct cifs_ses *ses)
3585 {
3586 int rc = 0;
3587 struct TCP_Server_Info *server = ses->server;
3588
3589 /* only send once per connect */
3590 if (server->maxBuf != 0)
3591 return 0;
3592
3593 rc = CIFSSMBNegotiate(xid, ses);
3594 if (rc == -EAGAIN) {
3595 /* retry only once on 1st time connection */
3596 rc = CIFSSMBNegotiate(xid, ses);
3597 if (rc == -EAGAIN)
3598 rc = -EHOSTDOWN;
3599 }
3600 if (rc == 0) {
3601 spin_lock(&GlobalMid_Lock);
3602 if (server->tcpStatus == CifsNeedNegotiate)
3603 server->tcpStatus = CifsGood;
3604 else
3605 rc = -EHOSTDOWN;
3606 spin_unlock(&GlobalMid_Lock);
3607
3608 }
3609
3610 return rc;
3611 }
3612
3613
3614 int cifs_setup_session(unsigned int xid, struct cifs_ses *ses,
3615 struct nls_table *nls_info)
3616 {
3617 int rc = 0;
3618 struct TCP_Server_Info *server = ses->server;
3619
3620 ses->flags = 0;
3621 ses->capabilities = server->capabilities;
3622 if (linuxExtEnabled == 0)
3623 ses->capabilities &= (~CAP_UNIX);
3624
3625 cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
3626 server->sec_mode, server->capabilities, server->timeAdj);
3627
3628 rc = CIFS_SessSetup(xid, ses, nls_info);
3629 if (rc) {
3630 cERROR(1, "Send error in SessSetup = %d", rc);
3631 } else {
3632 mutex_lock(&ses->server->srv_mutex);
3633 if (!server->session_estab) {
3634 server->session_key.response = ses->auth_key.response;
3635 server->session_key.len = ses->auth_key.len;
3636 server->sequence_number = 0x2;
3637 server->session_estab = true;
3638 ses->auth_key.response = NULL;
3639 }
3640 mutex_unlock(&server->srv_mutex);
3641
3642 cFYI(1, "CIFS Session Established successfully");
3643 spin_lock(&GlobalMid_Lock);
3644 ses->status = CifsGood;
3645 ses->need_reconnect = false;
3646 spin_unlock(&GlobalMid_Lock);
3647 }
3648
3649 kfree(ses->auth_key.response);
3650 ses->auth_key.response = NULL;
3651 ses->auth_key.len = 0;
3652 kfree(ses->ntlmssp);
3653 ses->ntlmssp = NULL;
3654
3655 return rc;
3656 }
3657
3658 static struct cifs_tcon *
3659 cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
3660 {
3661 struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
3662 struct cifs_ses *ses;
3663 struct cifs_tcon *tcon = NULL;
3664 struct smb_vol *vol_info;
3665 char username[28]; /* big enough for "krb50x" + hex of ULONG_MAX 6+16 */
3666 /* We used to have this as MAX_USERNAME which is */
3667 /* way too big now (256 instead of 32) */
3668
3669 vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
3670 if (vol_info == NULL) {
3671 tcon = ERR_PTR(-ENOMEM);
3672 goto out;
3673 }
3674
3675 snprintf(username, sizeof(username), "krb50x%x", fsuid);
3676 vol_info->username = username;
3677 vol_info->local_nls = cifs_sb->local_nls;
3678 vol_info->linux_uid = fsuid;
3679 vol_info->cred_uid = fsuid;
3680 vol_info->UNC = master_tcon->treeName;
3681 vol_info->retry = master_tcon->retry;
3682 vol_info->nocase = master_tcon->nocase;
3683 vol_info->local_lease = master_tcon->local_lease;
3684 vol_info->no_linux_ext = !master_tcon->unix_ext;
3685
3686 /* FIXME: allow for other secFlg settings */
3687 vol_info->secFlg = CIFSSEC_MUST_KRB5;
3688
3689 /* get a reference for the same TCP session */
3690 spin_lock(&cifs_tcp_ses_lock);
3691 ++master_tcon->ses->server->srv_count;
3692 spin_unlock(&cifs_tcp_ses_lock);
3693
3694 ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
3695 if (IS_ERR(ses)) {
3696 tcon = (struct cifs_tcon *)ses;
3697 cifs_put_tcp_session(master_tcon->ses->server);
3698 goto out;
3699 }
3700
3701 tcon = cifs_get_tcon(ses, vol_info);
3702 if (IS_ERR(tcon)) {
3703 cifs_put_smb_ses(ses);
3704 goto out;
3705 }
3706
3707 if (ses->capabilities & CAP_UNIX)
3708 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
3709 out:
3710 kfree(vol_info);
3711
3712 return tcon;
3713 }
3714
3715 struct cifs_tcon *
3716 cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
3717 {
3718 return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
3719 }
3720
3721 static int
3722 cifs_sb_tcon_pending_wait(void *unused)
3723 {
3724 schedule();
3725 return signal_pending(current) ? -ERESTARTSYS : 0;
3726 }
3727
3728 /* find and return a tlink with given uid */
3729 static struct tcon_link *
3730 tlink_rb_search(struct rb_root *root, uid_t uid)
3731 {
3732 struct rb_node *node = root->rb_node;
3733 struct tcon_link *tlink;
3734
3735 while (node) {
3736 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3737
3738 if (tlink->tl_uid > uid)
3739 node = node->rb_left;
3740 else if (tlink->tl_uid < uid)
3741 node = node->rb_right;
3742 else
3743 return tlink;
3744 }
3745 return NULL;
3746 }
3747
3748 /* insert a tcon_link into the tree */
3749 static void
3750 tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
3751 {
3752 struct rb_node **new = &(root->rb_node), *parent = NULL;
3753 struct tcon_link *tlink;
3754
3755 while (*new) {
3756 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
3757 parent = *new;
3758
3759 if (tlink->tl_uid > new_tlink->tl_uid)
3760 new = &((*new)->rb_left);
3761 else
3762 new = &((*new)->rb_right);
3763 }
3764
3765 rb_link_node(&new_tlink->tl_rbnode, parent, new);
3766 rb_insert_color(&new_tlink->tl_rbnode, root);
3767 }
3768
3769 /*
3770 * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
3771 * current task.
3772 *
3773 * If the superblock doesn't refer to a multiuser mount, then just return
3774 * the master tcon for the mount.
3775 *
3776 * First, search the rbtree for an existing tcon for this fsuid. If one
3777 * exists, then check to see if it's pending construction. If it is then wait
3778 * for construction to complete. Once it's no longer pending, check to see if
3779 * it failed and either return an error or retry construction, depending on
3780 * the timeout.
3781 *
3782 * If one doesn't exist then insert a new tcon_link struct into the tree and
3783 * try to construct a new one.
3784 */
3785 struct tcon_link *
3786 cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
3787 {
3788 int ret;
3789 uid_t fsuid = current_fsuid();
3790 struct tcon_link *tlink, *newtlink;
3791
3792 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
3793 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
3794
3795 spin_lock(&cifs_sb->tlink_tree_lock);
3796 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
3797 if (tlink)
3798 cifs_get_tlink(tlink);
3799 spin_unlock(&cifs_sb->tlink_tree_lock);
3800
3801 if (tlink == NULL) {
3802 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
3803 if (newtlink == NULL)
3804 return ERR_PTR(-ENOMEM);
3805 newtlink->tl_uid = fsuid;
3806 newtlink->tl_tcon = ERR_PTR(-EACCES);
3807 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
3808 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
3809 cifs_get_tlink(newtlink);
3810
3811 spin_lock(&cifs_sb->tlink_tree_lock);
3812 /* was one inserted after previous search? */
3813 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
3814 if (tlink) {
3815 cifs_get_tlink(tlink);
3816 spin_unlock(&cifs_sb->tlink_tree_lock);
3817 kfree(newtlink);
3818 goto wait_for_construction;
3819 }
3820 tlink = newtlink;
3821 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
3822 spin_unlock(&cifs_sb->tlink_tree_lock);
3823 } else {
3824 wait_for_construction:
3825 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
3826 cifs_sb_tcon_pending_wait,
3827 TASK_INTERRUPTIBLE);
3828 if (ret) {
3829 cifs_put_tlink(tlink);
3830 return ERR_PTR(ret);
3831 }
3832
3833 /* if it's good, return it */
3834 if (!IS_ERR(tlink->tl_tcon))
3835 return tlink;
3836
3837 /* return error if we tried this already recently */
3838 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
3839 cifs_put_tlink(tlink);
3840 return ERR_PTR(-EACCES);
3841 }
3842
3843 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
3844 goto wait_for_construction;
3845 }
3846
3847 tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
3848 clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
3849 wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
3850
3851 if (IS_ERR(tlink->tl_tcon)) {
3852 cifs_put_tlink(tlink);
3853 return ERR_PTR(-EACCES);
3854 }
3855
3856 return tlink;
3857 }
3858
3859 /*
3860 * periodic workqueue job that scans tcon_tree for a superblock and closes
3861 * out tcons.
3862 */
3863 static void
3864 cifs_prune_tlinks(struct work_struct *work)
3865 {
3866 struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
3867 prune_tlinks.work);
3868 struct rb_root *root = &cifs_sb->tlink_tree;
3869 struct rb_node *node = rb_first(root);
3870 struct rb_node *tmp;
3871 struct tcon_link *tlink;
3872
3873 /*
3874 * Because we drop the spinlock in the loop in order to put the tlink
3875 * it's not guarded against removal of links from the tree. The only
3876 * places that remove entries from the tree are this function and
3877 * umounts. Because this function is non-reentrant and is canceled
3878 * before umount can proceed, this is safe.
3879 */
3880 spin_lock(&cifs_sb->tlink_tree_lock);
3881 node = rb_first(root);
3882 while (node != NULL) {
3883 tmp = node;
3884 node = rb_next(tmp);
3885 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
3886
3887 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
3888 atomic_read(&tlink->tl_count) != 0 ||
3889 time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
3890 continue;
3891
3892 cifs_get_tlink(tlink);
3893 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3894 rb_erase(tmp, root);
3895
3896 spin_unlock(&cifs_sb->tlink_tree_lock);
3897 cifs_put_tlink(tlink);
3898 spin_lock(&cifs_sb->tlink_tree_lock);
3899 }
3900 spin_unlock(&cifs_sb->tlink_tree_lock);
3901
3902 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3903 TLINK_IDLE_EXPIRE);
3904 }
Linus' kernel tree