search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
cifs: sanitize username handling
[linux-2.6/btrfs-unstable.git] / fs / cifs / connect.c
blobb952a21e917b3aaa9cd12f7475b07f4580aeec7f
1 /*
2 * fs/cifs/connect.c
3 *
4 * Copyright (C) International Business Machines Corp., 2002,2009
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/slab.h>
27 #include <linux/pagemap.h>
28 #include <linux/ctype.h>
29 #include <linux/utsname.h>
30 #include <linux/mempool.h>
31 #include <linux/delay.h>
32 #include <linux/completion.h>
33 #include <linux/kthread.h>
34 #include <linux/pagevec.h>
35 #include <linux/freezer.h>
36 #include <linux/namei.h>
37 #include <asm/uaccess.h>
38 #include <asm/processor.h>
39 #include <linux/inet.h>
40 #include <linux/module.h>
41 #include <net/ipv6.h>
42 #include "cifspdu.h"
43 #include "cifsglob.h"
44 #include "cifsproto.h"
45 #include "cifs_unicode.h"
46 #include "cifs_debug.h"
47 #include "cifs_fs_sb.h"
48 #include "ntlmssp.h"
49 #include "nterr.h"
50 #include "rfc1002pdu.h"
51 #include "fscache.h"
52
53 #define CIFS_PORT 445
54 #define RFC1001_PORT 139
55
56 /* SMB echo "timeout" -- FIXME: tunable? */
57 #define SMB_ECHO_INTERVAL (60 * HZ)
58
59 extern mempool_t *cifs_req_poolp;
60
61 /* FIXME: should these be tunable? */
62 #define TLINK_ERROR_EXPIRE (1 * HZ)
63 #define TLINK_IDLE_EXPIRE (600 * HZ)
64
65 static int ip_connect(struct TCP_Server_Info *server);
66 static int generic_ip_connect(struct TCP_Server_Info *server);
67 static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
68 static void cifs_prune_tlinks(struct work_struct *work);
69 static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
70 const char *devname);
71
72 /*
73 * cifs tcp session reconnection
74 *
75 * mark tcp session as reconnecting so temporarily locked
76 * mark all smb sessions as reconnecting for tcp session
77 * reconnect tcp session
78 * wake up waiters on reconnection? - (not needed currently)
79 */
80 static int
81 cifs_reconnect(struct TCP_Server_Info *server)
82 {
83 int rc = 0;
84 struct list_head *tmp, *tmp2;
85 struct cifs_ses *ses;
86 struct cifs_tcon *tcon;
87 struct mid_q_entry *mid_entry;
88 struct list_head retry_list;
89
90 spin_lock(&GlobalMid_Lock);
91 if (server->tcpStatus == CifsExiting) {
92 /* the demux thread will exit normally
93 next time through the loop */
94 spin_unlock(&GlobalMid_Lock);
95 return rc;
96 } else
97 server->tcpStatus = CifsNeedReconnect;
98 spin_unlock(&GlobalMid_Lock);
99 server->maxBuf = 0;
100
101 cFYI(1, "Reconnecting tcp session");
102
103 /* before reconnecting the tcp session, mark the smb session (uid)
104 and the tid bad so they are not used until reconnected */
105 cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
106 spin_lock(&cifs_tcp_ses_lock);
107 list_for_each(tmp, &server->smb_ses_list) {
108 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
109 ses->need_reconnect = true;
110 ses->ipc_tid = 0;
111 list_for_each(tmp2, &ses->tcon_list) {
112 tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
113 tcon->need_reconnect = true;
114 }
115 }
116 spin_unlock(&cifs_tcp_ses_lock);
117
118 /* do not want to be sending data on a socket we are freeing */
119 cFYI(1, "%s: tearing down socket", __func__);
120 mutex_lock(&server->srv_mutex);
121 if (server->ssocket) {
122 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
123 server->ssocket->flags);
124 kernel_sock_shutdown(server->ssocket, SHUT_WR);
125 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
126 server->ssocket->state,
127 server->ssocket->flags);
128 sock_release(server->ssocket);
129 server->ssocket = NULL;
130 }
131 server->sequence_number = 0;
132 server->session_estab = false;
133 kfree(server->session_key.response);
134 server->session_key.response = NULL;
135 server->session_key.len = 0;
136 server->lstrp = jiffies;
137 mutex_unlock(&server->srv_mutex);
138
139 /* mark submitted MIDs for retry and issue callback */
140 INIT_LIST_HEAD(&retry_list);
141 cFYI(1, "%s: moving mids to private list", __func__);
142 spin_lock(&GlobalMid_Lock);
143 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
144 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
145 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
146 mid_entry->midState = MID_RETRY_NEEDED;
147 list_move(&mid_entry->qhead, &retry_list);
148 }
149 spin_unlock(&GlobalMid_Lock);
150
151 cFYI(1, "%s: issuing mid callbacks", __func__);
152 list_for_each_safe(tmp, tmp2, &retry_list) {
153 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
154 list_del_init(&mid_entry->qhead);
155 mid_entry->callback(mid_entry);
156 }
157
158 do {
159 try_to_freeze();
160
161 /* we should try only the port we connected to before */
162 rc = generic_ip_connect(server);
163 if (rc) {
164 cFYI(1, "reconnect error %d", rc);
165 msleep(3000);
166 } else {
167 atomic_inc(&tcpSesReconnectCount);
168 spin_lock(&GlobalMid_Lock);
169 if (server->tcpStatus != CifsExiting)
170 server->tcpStatus = CifsNeedNegotiate;
171 spin_unlock(&GlobalMid_Lock);
172 }
173 } while (server->tcpStatus == CifsNeedReconnect);
174
175 return rc;
176 }
177
178 /*
179 return codes:
180 0 not a transact2, or all data present
181 >0 transact2 with that much data missing
182 -EINVAL = invalid transact2
183
184 */
185 static int check2ndT2(struct smb_hdr *pSMB)
186 {
187 struct smb_t2_rsp *pSMBt;
188 int remaining;
189 __u16 total_data_size, data_in_this_rsp;
190
191 if (pSMB->Command != SMB_COM_TRANSACTION2)
192 return 0;
193
194 /* check for plausible wct, bcc and t2 data and parm sizes */
195 /* check for parm and data offset going beyond end of smb */
196 if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
197 cFYI(1, "invalid transact2 word count");
198 return -EINVAL;
199 }
200
201 pSMBt = (struct smb_t2_rsp *)pSMB;
202
203 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
204 data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
205
206 if (total_data_size == data_in_this_rsp)
207 return 0;
208 else if (total_data_size < data_in_this_rsp) {
209 cFYI(1, "total data %d smaller than data in frame %d",
210 total_data_size, data_in_this_rsp);
211 return -EINVAL;
212 }
213
214 remaining = total_data_size - data_in_this_rsp;
215
216 cFYI(1, "missing %d bytes from transact2, check next response",
217 remaining);
218 if (total_data_size > CIFSMaxBufSize) {
219 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
220 total_data_size, CIFSMaxBufSize);
221 return -EINVAL;
222 }
223 return remaining;
224 }
225
226 static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
227 {
228 struct smb_t2_rsp *pSMBs = (struct smb_t2_rsp *)psecond;
229 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
230 char *data_area_of_tgt;
231 char *data_area_of_src;
232 int remaining;
233 unsigned int byte_count, total_in_tgt;
234 __u16 tgt_total_cnt, src_total_cnt, total_in_src;
235
236 src_total_cnt = get_unaligned_le16(&pSMBs->t2_rsp.TotalDataCount);
237 tgt_total_cnt = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
238
239 if (tgt_total_cnt != src_total_cnt)
240 cFYI(1, "total data count of primary and secondary t2 differ "
241 "source=%hu target=%hu", src_total_cnt, tgt_total_cnt);
242
243 total_in_tgt = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
244
245 remaining = tgt_total_cnt - total_in_tgt;
246
247 if (remaining < 0) {
248 cFYI(1, "Server sent too much data. tgt_total_cnt=%hu "
249 "total_in_tgt=%hu", tgt_total_cnt, total_in_tgt);
250 return -EPROTO;
251 }
252
253 if (remaining == 0) {
254 /* nothing to do, ignore */
255 cFYI(1, "no more data remains");
256 return 0;
257 }
258
259 total_in_src = get_unaligned_le16(&pSMBs->t2_rsp.DataCount);
260 if (remaining < total_in_src)
261 cFYI(1, "transact2 2nd response contains too much data");
262
263 /* find end of first SMB data area */
264 data_area_of_tgt = (char *)&pSMBt->hdr.Protocol +
265 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
266
267 /* validate target area */
268 data_area_of_src = (char *)&pSMBs->hdr.Protocol +
269 get_unaligned_le16(&pSMBs->t2_rsp.DataOffset);
270
271 data_area_of_tgt += total_in_tgt;
272
273 total_in_tgt += total_in_src;
274 /* is the result too big for the field? */
275 if (total_in_tgt > USHRT_MAX) {
276 cFYI(1, "coalesced DataCount too large (%u)", total_in_tgt);
277 return -EPROTO;
278 }
279 put_unaligned_le16(total_in_tgt, &pSMBt->t2_rsp.DataCount);
280
281 /* fix up the BCC */
282 byte_count = get_bcc(pTargetSMB);
283 byte_count += total_in_src;
284 /* is the result too big for the field? */
285 if (byte_count > USHRT_MAX) {
286 cFYI(1, "coalesced BCC too large (%u)", byte_count);
287 return -EPROTO;
288 }
289 put_bcc(byte_count, pTargetSMB);
290
291 byte_count = be32_to_cpu(pTargetSMB->smb_buf_length);
292 byte_count += total_in_src;
293 /* don't allow buffer to overflow */
294 if (byte_count > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
295 cFYI(1, "coalesced BCC exceeds buffer size (%u)", byte_count);
296 return -ENOBUFS;
297 }
298 pTargetSMB->smb_buf_length = cpu_to_be32(byte_count);
299
300 /* copy second buffer into end of first buffer */
301 memcpy(data_area_of_tgt, data_area_of_src, total_in_src);
302
303 if (remaining != total_in_src) {
304 /* more responses to go */
305 cFYI(1, "waiting for more secondary responses");
306 return 1;
307 }
308
309 /* we are done */
310 cFYI(1, "found the last secondary response");
311 return 0;
312 }
313
314 static void
315 cifs_echo_request(struct work_struct *work)
316 {
317 int rc;
318 struct TCP_Server_Info *server = container_of(work,
319 struct TCP_Server_Info, echo.work);
320
321 /*
322 * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
323 * done, which is indicated by maxBuf != 0. Also, no need to ping if
324 * we got a response recently
325 */
326 if (server->maxBuf == 0 ||
327 time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
328 goto requeue_echo;
329
330 rc = CIFSSMBEcho(server);
331 if (rc)
332 cFYI(1, "Unable to send echo request to server: %s",
333 server->hostname);
334
335 requeue_echo:
336 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
337 }
338
339 static bool
340 allocate_buffers(struct TCP_Server_Info *server)
341 {
342 if (!server->bigbuf) {
343 server->bigbuf = (char *)cifs_buf_get();
344 if (!server->bigbuf) {
345 cERROR(1, "No memory for large SMB response");
346 msleep(3000);
347 /* retry will check if exiting */
348 return false;
349 }
350 } else if (server->large_buf) {
351 /* we are reusing a dirty large buf, clear its start */
352 memset(server->bigbuf, 0, sizeof(struct smb_hdr));
353 }
354
355 if (!server->smallbuf) {
356 server->smallbuf = (char *)cifs_small_buf_get();
357 if (!server->smallbuf) {
358 cERROR(1, "No memory for SMB response");
359 msleep(1000);
360 /* retry will check if exiting */
361 return false;
362 }
363 /* beginning of smb buffer is cleared in our buf_get */
364 } else {
365 /* if existing small buf clear beginning */
366 memset(server->smallbuf, 0, sizeof(struct smb_hdr));
367 }
368
369 return true;
370 }
371
372 static bool
373 server_unresponsive(struct TCP_Server_Info *server)
374 {
375 if (echo_retries > 0 && server->tcpStatus == CifsGood &&
376 time_after(jiffies, server->lstrp +
377 (echo_retries * SMB_ECHO_INTERVAL))) {
378 cERROR(1, "Server %s has not responded in %d seconds. "
379 "Reconnecting...", server->hostname,
380 (echo_retries * SMB_ECHO_INTERVAL / HZ));
381 cifs_reconnect(server);
382 wake_up(&server->response_q);
383 return true;
384 }
385
386 return false;
387 }
388
389 /*
390 * kvec_array_init - clone a kvec array, and advance into it
391 * @new: pointer to memory for cloned array
392 * @iov: pointer to original array
393 * @nr_segs: number of members in original array
394 * @bytes: number of bytes to advance into the cloned array
395 *
396 * This function will copy the array provided in iov to a section of memory
397 * and advance the specified number of bytes into the new array. It returns
398 * the number of segments in the new array. "new" must be at least as big as
399 * the original iov array.
400 */
401 static unsigned int
402 kvec_array_init(struct kvec *new, struct kvec *iov, unsigned int nr_segs,
403 size_t bytes)
404 {
405 size_t base = 0;
406
407 while (bytes || !iov->iov_len) {
408 int copy = min(bytes, iov->iov_len);
409
410 bytes -= copy;
411 base += copy;
412 if (iov->iov_len == base) {
413 iov++;
414 nr_segs--;
415 base = 0;
416 }
417 }
418 memcpy(new, iov, sizeof(*iov) * nr_segs);
419 new->iov_base += base;
420 new->iov_len -= base;
421 return nr_segs;
422 }
423
424 static struct kvec *
425 get_server_iovec(struct TCP_Server_Info *server, unsigned int nr_segs)
426 {
427 struct kvec *new_iov;
428
429 if (server->iov && nr_segs <= server->nr_iov)
430 return server->iov;
431
432 /* not big enough -- allocate a new one and release the old */
433 new_iov = kmalloc(sizeof(*new_iov) * nr_segs, GFP_NOFS);
434 if (new_iov) {
435 kfree(server->iov);
436 server->iov = new_iov;
437 server->nr_iov = nr_segs;
438 }
439 return new_iov;
440 }
441
442 int
443 cifs_readv_from_socket(struct TCP_Server_Info *server, struct kvec *iov_orig,
444 unsigned int nr_segs, unsigned int to_read)
445 {
446 int length = 0;
447 int total_read;
448 unsigned int segs;
449 struct msghdr smb_msg;
450 struct kvec *iov;
451
452 iov = get_server_iovec(server, nr_segs);
453 if (!iov)
454 return -ENOMEM;
455
456 smb_msg.msg_control = NULL;
457 smb_msg.msg_controllen = 0;
458
459 for (total_read = 0; to_read; total_read += length, to_read -= length) {
460 try_to_freeze();
461
462 if (server_unresponsive(server)) {
463 total_read = -EAGAIN;
464 break;
465 }
466
467 segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
468
469 length = kernel_recvmsg(server->ssocket, &smb_msg,
470 iov, segs, to_read, 0);
471
472 if (server->tcpStatus == CifsExiting) {
473 total_read = -ESHUTDOWN;
474 break;
475 } else if (server->tcpStatus == CifsNeedReconnect) {
476 cifs_reconnect(server);
477 total_read = -EAGAIN;
478 break;
479 } else if (length == -ERESTARTSYS ||
480 length == -EAGAIN ||
481 length == -EINTR) {
482 /*
483 * Minimum sleep to prevent looping, allowing socket
484 * to clear and app threads to set tcpStatus
485 * CifsNeedReconnect if server hung.
486 */
487 usleep_range(1000, 2000);
488 length = 0;
489 continue;
490 } else if (length <= 0) {
491 cFYI(1, "Received no data or error: expecting %d "
492 "got %d", to_read, length);
493 cifs_reconnect(server);
494 total_read = -EAGAIN;
495 break;
496 }
497 }
498 return total_read;
499 }
500
501 int
502 cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
503 unsigned int to_read)
504 {
505 struct kvec iov;
506
507 iov.iov_base = buf;
508 iov.iov_len = to_read;
509
510 return cifs_readv_from_socket(server, &iov, 1, to_read);
511 }
512
513 static bool
514 is_smb_response(struct TCP_Server_Info *server, unsigned char type)
515 {
516 /*
517 * The first byte big endian of the length field,
518 * is actually not part of the length but the type
519 * with the most common, zero, as regular data.
520 */
521 switch (type) {
522 case RFC1002_SESSION_MESSAGE:
523 /* Regular SMB response */
524 return true;
525 case RFC1002_SESSION_KEEP_ALIVE:
526 cFYI(1, "RFC 1002 session keep alive");
527 break;
528 case RFC1002_POSITIVE_SESSION_RESPONSE:
529 cFYI(1, "RFC 1002 positive session response");
530 break;
531 case RFC1002_NEGATIVE_SESSION_RESPONSE:
532 /*
533 * We get this from Windows 98 instead of an error on
534 * SMB negprot response.
535 */
536 cFYI(1, "RFC 1002 negative session response");
537 /* give server a second to clean up */
538 msleep(1000);
539 /*
540 * Always try 445 first on reconnect since we get NACK
541 * on some if we ever connected to port 139 (the NACK
542 * is since we do not begin with RFC1001 session
543 * initialize frame).
544 */
545 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
546 cifs_reconnect(server);
547 wake_up(&server->response_q);
548 break;
549 default:
550 cERROR(1, "RFC 1002 unknown response type 0x%x", type);
551 cifs_reconnect(server);
552 }
553
554 return false;
555 }
556
557 static struct mid_q_entry *
558 find_mid(struct TCP_Server_Info *server, struct smb_hdr *buf)
559 {
560 struct mid_q_entry *mid;
561
562 spin_lock(&GlobalMid_Lock);
563 list_for_each_entry(mid, &server->pending_mid_q, qhead) {
564 if (mid->mid == buf->Mid &&
565 mid->midState == MID_REQUEST_SUBMITTED &&
566 mid->command == buf->Command) {
567 spin_unlock(&GlobalMid_Lock);
568 return mid;
569 }
570 }
571 spin_unlock(&GlobalMid_Lock);
572 return NULL;
573 }
574
575 void
576 dequeue_mid(struct mid_q_entry *mid, bool malformed)
577 {
578 #ifdef CONFIG_CIFS_STATS2
579 mid->when_received = jiffies;
580 #endif
581 spin_lock(&GlobalMid_Lock);
582 if (!malformed)
583 mid->midState = MID_RESPONSE_RECEIVED;
584 else
585 mid->midState = MID_RESPONSE_MALFORMED;
586 list_del_init(&mid->qhead);
587 spin_unlock(&GlobalMid_Lock);
588 }
589
590 static void
591 handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
592 struct smb_hdr *buf, int malformed)
593 {
594 if (malformed == 0 && check2ndT2(buf) > 0) {
595 mid->multiRsp = true;
596 if (mid->resp_buf) {
597 /* merge response - fix up 1st*/
598 malformed = coalesce_t2(buf, mid->resp_buf);
599 if (malformed > 0)
600 return;
601
602 /* All parts received or packet is malformed. */
603 mid->multiEnd = true;
604 return dequeue_mid(mid, malformed);
605 }
606 if (!server->large_buf) {
607 /*FIXME: switch to already allocated largebuf?*/
608 cERROR(1, "1st trans2 resp needs bigbuf");
609 } else {
610 /* Have first buffer */
611 mid->resp_buf = buf;
612 mid->largeBuf = true;
613 server->bigbuf = NULL;
614 }
615 return;
616 }
617 mid->resp_buf = buf;
618 mid->largeBuf = server->large_buf;
619 /* Was previous buf put in mpx struct for multi-rsp? */
620 if (!mid->multiRsp) {
621 /* smb buffer will be freed by user thread */
622 if (server->large_buf)
623 server->bigbuf = NULL;
624 else
625 server->smallbuf = NULL;
626 }
627 dequeue_mid(mid, malformed);
628 }
629
630 static void clean_demultiplex_info(struct TCP_Server_Info *server)
631 {
632 int length;
633
634 /* take it off the list, if it's not already */
635 spin_lock(&cifs_tcp_ses_lock);
636 list_del_init(&server->tcp_ses_list);
637 spin_unlock(&cifs_tcp_ses_lock);
638
639 spin_lock(&GlobalMid_Lock);
640 server->tcpStatus = CifsExiting;
641 spin_unlock(&GlobalMid_Lock);
642 wake_up_all(&server->response_q);
643
644 /*
645 * Check if we have blocked requests that need to free. Note that
646 * cifs_max_pending is normally 50, but can be set at module install
647 * time to as little as two.
648 */
649 spin_lock(&GlobalMid_Lock);
650 if (atomic_read(&server->inFlight) >= cifs_max_pending)
651 atomic_set(&server->inFlight, cifs_max_pending - 1);
652 /*
653 * We do not want to set the max_pending too low or we could end up
654 * with the counter going negative.
655 */
656 spin_unlock(&GlobalMid_Lock);
657 /*
658 * Although there should not be any requests blocked on this queue it
659 * can not hurt to be paranoid and try to wake up requests that may
660 * haven been blocked when more than 50 at time were on the wire to the
661 * same server - they now will see the session is in exit state and get
662 * out of SendReceive.
663 */
664 wake_up_all(&server->request_q);
665 /* give those requests time to exit */
666 msleep(125);
667
668 if (server->ssocket) {
669 sock_release(server->ssocket);
670 server->ssocket = NULL;
671 }
672
673 if (!list_empty(&server->pending_mid_q)) {
674 struct list_head dispose_list;
675 struct mid_q_entry *mid_entry;
676 struct list_head *tmp, *tmp2;
677
678 INIT_LIST_HEAD(&dispose_list);
679 spin_lock(&GlobalMid_Lock);
680 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
681 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
682 cFYI(1, "Clearing mid 0x%x", mid_entry->mid);
683 mid_entry->midState = MID_SHUTDOWN;
684 list_move(&mid_entry->qhead, &dispose_list);
685 }
686 spin_unlock(&GlobalMid_Lock);
687
688 /* now walk dispose list and issue callbacks */
689 list_for_each_safe(tmp, tmp2, &dispose_list) {
690 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
691 cFYI(1, "Callback mid 0x%x", mid_entry->mid);
692 list_del_init(&mid_entry->qhead);
693 mid_entry->callback(mid_entry);
694 }
695 /* 1/8th of sec is more than enough time for them to exit */
696 msleep(125);
697 }
698
699 if (!list_empty(&server->pending_mid_q)) {
700 /*
701 * mpx threads have not exited yet give them at least the smb
702 * send timeout time for long ops.
703 *
704 * Due to delays on oplock break requests, we need to wait at
705 * least 45 seconds before giving up on a request getting a
706 * response and going ahead and killing cifsd.
707 */
708 cFYI(1, "Wait for exit from demultiplex thread");
709 msleep(46000);
710 /*
711 * If threads still have not exited they are probably never
712 * coming home not much else we can do but free the memory.
713 */
714 }
715
716 kfree(server->hostname);
717 kfree(server->iov);
718 kfree(server);
719
720 length = atomic_dec_return(&tcpSesAllocCount);
721 if (length > 0)
722 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
723 GFP_KERNEL);
724 }
725
726 static int
727 standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
728 {
729 int length;
730 char *buf = server->smallbuf;
731 struct smb_hdr *smb_buffer = (struct smb_hdr *)buf;
732 unsigned int pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
733
734 /* make sure this will fit in a large buffer */
735 if (pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
736 cERROR(1, "SMB response too long (%u bytes)",
737 pdu_length);
738 cifs_reconnect(server);
739 wake_up(&server->response_q);
740 return -EAGAIN;
741 }
742
743 /* switch to large buffer if too big for a small one */
744 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
745 server->large_buf = true;
746 memcpy(server->bigbuf, server->smallbuf, server->total_read);
747 buf = server->bigbuf;
748 smb_buffer = (struct smb_hdr *)buf;
749 }
750
751 /* now read the rest */
752 length = cifs_read_from_socket(server,
753 buf + sizeof(struct smb_hdr) - 1,
754 pdu_length - sizeof(struct smb_hdr) + 1 + 4);
755 if (length < 0)
756 return length;
757 server->total_read += length;
758
759 dump_smb(smb_buffer, server->total_read);
760
761 /*
762 * We know that we received enough to get to the MID as we
763 * checked the pdu_length earlier. Now check to see
764 * if the rest of the header is OK. We borrow the length
765 * var for the rest of the loop to avoid a new stack var.
766 *
767 * 48 bytes is enough to display the header and a little bit
768 * into the payload for debugging purposes.
769 */
770 length = checkSMB(smb_buffer, smb_buffer->Mid, server->total_read);
771 if (length != 0)
772 cifs_dump_mem("Bad SMB: ", buf,
773 min_t(unsigned int, server->total_read, 48));
774
775 if (mid)
776 handle_mid(mid, server, smb_buffer, length);
777
778 return length;
779 }
780
781 static int
782 cifs_demultiplex_thread(void *p)
783 {
784 int length;
785 struct TCP_Server_Info *server = p;
786 unsigned int pdu_length;
787 char *buf = NULL;
788 struct smb_hdr *smb_buffer = NULL;
789 struct task_struct *task_to_wake = NULL;
790 struct mid_q_entry *mid_entry;
791
792 current->flags |= PF_MEMALLOC;
793 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
794
795 length = atomic_inc_return(&tcpSesAllocCount);
796 if (length > 1)
797 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
798 GFP_KERNEL);
799
800 set_freezable();
801 while (server->tcpStatus != CifsExiting) {
802 if (try_to_freeze())
803 continue;
804
805 if (!allocate_buffers(server))
806 continue;
807
808 server->large_buf = false;
809 smb_buffer = (struct smb_hdr *)server->smallbuf;
810 buf = server->smallbuf;
811 pdu_length = 4; /* enough to get RFC1001 header */
812
813 length = cifs_read_from_socket(server, buf, pdu_length);
814 if (length < 0)
815 continue;
816 server->total_read = length;
817
818 /*
819 * The right amount was read from socket - 4 bytes,
820 * so we can now interpret the length field.
821 */
822 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
823
824 cFYI(1, "RFC1002 header 0x%x", pdu_length);
825 if (!is_smb_response(server, buf[0]))
826 continue;
827
828 /* make sure we have enough to get to the MID */
829 if (pdu_length < sizeof(struct smb_hdr) - 1 - 4) {
830 cERROR(1, "SMB response too short (%u bytes)",
831 pdu_length);
832 cifs_reconnect(server);
833 wake_up(&server->response_q);
834 continue;
835 }
836
837 /* read down to the MID */
838 length = cifs_read_from_socket(server, buf + 4,
839 sizeof(struct smb_hdr) - 1 - 4);
840 if (length < 0)
841 continue;
842 server->total_read += length;
843
844 mid_entry = find_mid(server, smb_buffer);
845
846 if (!mid_entry || !mid_entry->receive)
847 length = standard_receive3(server, mid_entry);
848 else
849 length = mid_entry->receive(server, mid_entry);
850
851 if (length < 0)
852 continue;
853
854 if (server->large_buf) {
855 buf = server->bigbuf;
856 smb_buffer = (struct smb_hdr *)buf;
857 }
858
859 server->lstrp = jiffies;
860 if (mid_entry != NULL) {
861 if (!mid_entry->multiRsp || mid_entry->multiEnd)
862 mid_entry->callback(mid_entry);
863 } else if (!is_valid_oplock_break(smb_buffer, server)) {
864 cERROR(1, "No task to wake, unknown frame received! "
865 "NumMids %d", atomic_read(&midCount));
866 cifs_dump_mem("Received Data is: ", buf,
867 sizeof(struct smb_hdr));
868 #ifdef CONFIG_CIFS_DEBUG2
869 cifs_dump_detail(smb_buffer);
870 cifs_dump_mids(server);
871 #endif /* CIFS_DEBUG2 */
872
873 }
874 } /* end while !EXITING */
875
876 /* buffer usually freed in free_mid - need to free it here on exit */
877 cifs_buf_release(server->bigbuf);
878 if (server->smallbuf) /* no sense logging a debug message if NULL */
879 cifs_small_buf_release(server->smallbuf);
880
881 task_to_wake = xchg(&server->tsk, NULL);
882 clean_demultiplex_info(server);
883
884 /* if server->tsk was NULL then wait for a signal before exiting */
885 if (!task_to_wake) {
886 set_current_state(TASK_INTERRUPTIBLE);
887 while (!signal_pending(current)) {
888 schedule();
889 set_current_state(TASK_INTERRUPTIBLE);
890 }
891 set_current_state(TASK_RUNNING);
892 }
893
894 module_put_and_exit(0);
895 }
896
897 /* extract the host portion of the UNC string */
898 static char *
899 extract_hostname(const char *unc)
900 {
901 const char *src;
902 char *dst, *delim;
903 unsigned int len;
904
905 /* skip double chars at beginning of string */
906 /* BB: check validity of these bytes? */
907 src = unc + 2;
908
909 /* delimiter between hostname and sharename is always '\\' now */
910 delim = strchr(src, '\\');
911 if (!delim)
912 return ERR_PTR(-EINVAL);
913
914 len = delim - src;
915 dst = kmalloc((len + 1), GFP_KERNEL);
916 if (dst == NULL)
917 return ERR_PTR(-ENOMEM);
918
919 memcpy(dst, src, len);
920 dst[len] = '\0';
921
922 return dst;
923 }
924
925 static int
926 cifs_parse_mount_options(const char *mountdata, const char *devname,
927 struct smb_vol *vol)
928 {
929 char *value, *data, *end;
930 char *mountdata_copy = NULL, *options;
931 int err;
932 unsigned int temp_len, i, j;
933 char separator[2];
934 short int override_uid = -1;
935 short int override_gid = -1;
936 bool uid_specified = false;
937 bool gid_specified = false;
938 char *nodename = utsname()->nodename;
939
940 separator[0] = ',';
941 separator[1] = 0;
942
943 /*
944 * does not have to be perfect mapping since field is
945 * informational, only used for servers that do not support
946 * port 445 and it can be overridden at mount time
947 */
948 memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
949 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
950 vol->source_rfc1001_name[i] = toupper(nodename[i]);
951
952 vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
953 /* null target name indicates to use *SMBSERVR default called name
954 if we end up sending RFC1001 session initialize */
955 vol->target_rfc1001_name[0] = 0;
956 vol->cred_uid = current_uid();
957 vol->linux_uid = current_uid();
958 vol->linux_gid = current_gid();
959
960 /* default to only allowing write access to owner of the mount */
961 vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
962
963 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
964 /* default is always to request posix paths. */
965 vol->posix_paths = 1;
966 /* default to using server inode numbers where available */
967 vol->server_ino = 1;
968
969 vol->actimeo = CIFS_DEF_ACTIMEO;
970
971 if (!mountdata)
972 goto cifs_parse_mount_err;
973
974 mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
975 if (!mountdata_copy)
976 goto cifs_parse_mount_err;
977
978 options = mountdata_copy;
979 end = options + strlen(options);
980 if (strncmp(options, "sep=", 4) == 0) {
981 if (options[4] != 0) {
982 separator[0] = options[4];
983 options += 5;
984 } else {
985 cFYI(1, "Null separator not allowed");
986 }
987 }
988 vol->backupuid_specified = false; /* no backup intent for a user */
989 vol->backupgid_specified = false; /* no backup intent for a group */
990
991 while ((data = strsep(&options, separator)) != NULL) {
992 if (!*data)
993 continue;
994 if ((value = strchr(data, '=')) != NULL)
995 *value++ = '\0';
996
997 /* Have to parse this before we parse for "user" */
998 if (strnicmp(data, "user_xattr", 10) == 0) {
999 vol->no_xattr = 0;
1000 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
1001 vol->no_xattr = 1;
1002 } else if (strnicmp(data, "user", 4) == 0) {
1003 if (!value) {
1004 printk(KERN_WARNING
1005 "CIFS: invalid or missing username\n");
1006 goto cifs_parse_mount_err;
1007 } else if (!*value) {
1008 /* null user, ie anonymous, authentication */
1009 vol->nullauth = 1;
1010 }
1011 if (strnlen(value, MAX_USERNAME_SIZE) <
1012 MAX_USERNAME_SIZE) {
1013 vol->username = kstrdup(value, GFP_KERNEL);
1014 if (!vol->username) {
1015 printk(KERN_WARNING "CIFS: no memory "
1016 "for username\n");
1017 goto cifs_parse_mount_err;
1018 }
1019 } else {
1020 printk(KERN_WARNING "CIFS: username too long\n");
1021 goto cifs_parse_mount_err;
1022 }
1023 } else if (strnicmp(data, "pass", 4) == 0) {
1024 if (!value) {
1025 vol->password = NULL;
1026 continue;
1027 } else if (value[0] == 0) {
1028 /* check if string begins with double comma
1029 since that would mean the password really
1030 does start with a comma, and would not
1031 indicate an empty string */
1032 if (value[1] != separator[0]) {
1033 vol->password = NULL;
1034 continue;
1035 }
1036 }
1037 temp_len = strlen(value);
1038 /* removed password length check, NTLM passwords
1039 can be arbitrarily long */
1040
1041 /* if comma in password, the string will be
1042 prematurely null terminated. Commas in password are
1043 specified across the cifs mount interface by a double
1044 comma ie ,, and a comma used as in other cases ie ','
1045 as a parameter delimiter/separator is single and due
1046 to the strsep above is temporarily zeroed. */
1047
1048 /* NB: password legally can have multiple commas and
1049 the only illegal character in a password is null */
1050
1051 if ((value[temp_len] == 0) &&
1052 (value + temp_len < end) &&
1053 (value[temp_len+1] == separator[0])) {
1054 /* reinsert comma */
1055 value[temp_len] = separator[0];
1056 temp_len += 2; /* move after second comma */
1057 while (value[temp_len] != 0) {
1058 if (value[temp_len] == separator[0]) {
1059 if (value[temp_len+1] ==
1060 separator[0]) {
1061 /* skip second comma */
1062 temp_len++;
1063 } else {
1064 /* single comma indicating start
1065 of next parm */
1066 break;
1067 }
1068 }
1069 temp_len++;
1070 }
1071 if (value[temp_len] == 0) {
1072 options = NULL;
1073 } else {
1074 value[temp_len] = 0;
1075 /* point option to start of next parm */
1076 options = value + temp_len + 1;
1077 }
1078 /* go from value to value + temp_len condensing
1079 double commas to singles. Note that this ends up
1080 allocating a few bytes too many, which is ok */
1081 vol->password = kzalloc(temp_len, GFP_KERNEL);
1082 if (vol->password == NULL) {
1083 printk(KERN_WARNING "CIFS: no memory "
1084 "for password\n");
1085 goto cifs_parse_mount_err;
1086 }
1087 for (i = 0, j = 0; i < temp_len; i++, j++) {
1088 vol->password[j] = value[i];
1089 if (value[i] == separator[0]
1090 && value[i+1] == separator[0]) {
1091 /* skip second comma */
1092 i++;
1093 }
1094 }
1095 vol->password[j] = 0;
1096 } else {
1097 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
1098 if (vol->password == NULL) {
1099 printk(KERN_WARNING "CIFS: no memory "
1100 "for password\n");
1101 goto cifs_parse_mount_err;
1102 }
1103 strcpy(vol->password, value);
1104 }
1105 } else if (!strnicmp(data, "ip", 2) ||
1106 !strnicmp(data, "addr", 4)) {
1107 if (!value || !*value) {
1108 vol->UNCip = NULL;
1109 } else if (strnlen(value, INET6_ADDRSTRLEN) <
1110 INET6_ADDRSTRLEN) {
1111 vol->UNCip = kstrdup(value, GFP_KERNEL);
1112 if (!vol->UNCip) {
1113 printk(KERN_WARNING "CIFS: no memory "
1114 "for UNC IP\n");
1115 goto cifs_parse_mount_err;
1116 }
1117 } else {
1118 printk(KERN_WARNING "CIFS: ip address "
1119 "too long\n");
1120 goto cifs_parse_mount_err;
1121 }
1122 } else if (strnicmp(data, "sec", 3) == 0) {
1123 if (!value || !*value) {
1124 cERROR(1, "no security value specified");
1125 continue;
1126 } else if (strnicmp(value, "krb5i", 5) == 0) {
1127 vol->secFlg |= CIFSSEC_MAY_KRB5 |
1128 CIFSSEC_MUST_SIGN;
1129 } else if (strnicmp(value, "krb5p", 5) == 0) {
1130 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
1131 CIFSSEC_MAY_KRB5; */
1132 cERROR(1, "Krb5 cifs privacy not supported");
1133 goto cifs_parse_mount_err;
1134 } else if (strnicmp(value, "krb5", 4) == 0) {
1135 vol->secFlg |= CIFSSEC_MAY_KRB5;
1136 } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
1137 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
1138 CIFSSEC_MUST_SIGN;
1139 } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1140 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
1141 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
1142 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
1143 CIFSSEC_MUST_SIGN;
1144 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
1145 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1146 } else if (strnicmp(value, "ntlmi", 5) == 0) {
1147 vol->secFlg |= CIFSSEC_MAY_NTLM |
1148 CIFSSEC_MUST_SIGN;
1149 } else if (strnicmp(value, "ntlm", 4) == 0) {
1150 /* ntlm is default so can be turned off too */
1151 vol->secFlg |= CIFSSEC_MAY_NTLM;
1152 } else if (strnicmp(value, "nontlm", 6) == 0) {
1153 /* BB is there a better way to do this? */
1154 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1155 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1156 } else if (strnicmp(value, "lanman", 6) == 0) {
1157 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1158 #endif
1159 } else if (strnicmp(value, "none", 4) == 0) {
1160 vol->nullauth = 1;
1161 } else {
1162 cERROR(1, "bad security option: %s", value);
1163 goto cifs_parse_mount_err;
1164 }
1165 } else if (strnicmp(data, "vers", 3) == 0) {
1166 if (!value || !*value) {
1167 cERROR(1, "no protocol version specified"
1168 " after vers= mount option");
1169 } else if ((strnicmp(value, "cifs", 4) == 0) ||
1170 (strnicmp(value, "1", 1) == 0)) {
1171 /* this is the default */
1172 continue;
1173 }
1174 } else if ((strnicmp(data, "unc", 3) == 0)
1175 || (strnicmp(data, "target", 6) == 0)
1176 || (strnicmp(data, "path", 4) == 0)) {
1177 if (!value || !*value) {
1178 printk(KERN_WARNING "CIFS: invalid path to "
1179 "network resource\n");
1180 goto cifs_parse_mount_err;
1181 }
1182 if ((temp_len = strnlen(value, 300)) < 300) {
1183 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1184 if (vol->UNC == NULL)
1185 goto cifs_parse_mount_err;
1186 strcpy(vol->UNC, value);
1187 if (strncmp(vol->UNC, "//", 2) == 0) {
1188 vol->UNC[0] = '\\';
1189 vol->UNC[1] = '\\';
1190 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1191 printk(KERN_WARNING
1192 "CIFS: UNC Path does not begin "
1193 "with // or \\\\ \n");
1194 goto cifs_parse_mount_err;
1195 }
1196 } else {
1197 printk(KERN_WARNING "CIFS: UNC name too long\n");
1198 goto cifs_parse_mount_err;
1199 }
1200 } else if ((strnicmp(data, "domain", 3) == 0)
1201 || (strnicmp(data, "workgroup", 5) == 0)) {
1202 if (!value || !*value) {
1203 printk(KERN_WARNING "CIFS: invalid domain name\n");
1204 goto cifs_parse_mount_err;
1205 }
1206 /* BB are there cases in which a comma can be valid in
1207 a domain name and need special handling? */
1208 if (strnlen(value, 256) < 256) {
1209 vol->domainname = kstrdup(value, GFP_KERNEL);
1210 if (!vol->domainname) {
1211 printk(KERN_WARNING "CIFS: no memory "
1212 "for domainname\n");
1213 goto cifs_parse_mount_err;
1214 }
1215 cFYI(1, "Domain name set");
1216 } else {
1217 printk(KERN_WARNING "CIFS: domain name too "
1218 "long\n");
1219 goto cifs_parse_mount_err;
1220 }
1221 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1222 vol->srcaddr.ss_family = AF_UNSPEC;
1223
1224 if (!value || !*value) {
1225 printk(KERN_WARNING "CIFS: srcaddr value"
1226 " not specified.\n");
1227 goto cifs_parse_mount_err;
1228 }
1229 i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1230 value, strlen(value));
1231 if (i == 0) {
1232 printk(KERN_WARNING "CIFS: Could not parse"
1233 " srcaddr: %s\n",
1234 value);
1235 goto cifs_parse_mount_err;
1236 }
1237 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1238 if (!value || !*value) {
1239 printk(KERN_WARNING
1240 "CIFS: invalid path prefix\n");
1241 goto cifs_parse_mount_err;
1242 }
1243 if ((temp_len = strnlen(value, 1024)) < 1024) {
1244 if (value[0] != '/')
1245 temp_len++; /* missing leading slash */
1246 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1247 if (vol->prepath == NULL)
1248 goto cifs_parse_mount_err;
1249 if (value[0] != '/') {
1250 vol->prepath[0] = '/';
1251 strcpy(vol->prepath+1, value);
1252 } else
1253 strcpy(vol->prepath, value);
1254 cFYI(1, "prefix path %s", vol->prepath);
1255 } else {
1256 printk(KERN_WARNING "CIFS: prefix too long\n");
1257 goto cifs_parse_mount_err;
1258 }
1259 } else if (strnicmp(data, "iocharset", 9) == 0) {
1260 if (!value || !*value) {
1261 printk(KERN_WARNING "CIFS: invalid iocharset "
1262 "specified\n");
1263 goto cifs_parse_mount_err;
1264 }
1265 if (strnlen(value, 65) < 65) {
1266 if (strnicmp(value, "default", 7)) {
1267 vol->iocharset = kstrdup(value,
1268 GFP_KERNEL);
1269
1270 if (!vol->iocharset) {
1271 printk(KERN_WARNING "CIFS: no "
1272 "memory for"
1273 "charset\n");
1274 goto cifs_parse_mount_err;
1275 }
1276 }
1277 /* if iocharset not set then load_nls_default
1278 is used by caller */
1279 cFYI(1, "iocharset set to %s", value);
1280 } else {
1281 printk(KERN_WARNING "CIFS: iocharset name "
1282 "too long.\n");
1283 goto cifs_parse_mount_err;
1284 }
1285 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1286 vol->linux_uid = simple_strtoul(value, &value, 0);
1287 uid_specified = true;
1288 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1289 vol->cred_uid = simple_strtoul(value, &value, 0);
1290 } else if (!strnicmp(data, "forceuid", 8)) {
1291 override_uid = 1;
1292 } else if (!strnicmp(data, "noforceuid", 10)) {
1293 override_uid = 0;
1294 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1295 vol->linux_gid = simple_strtoul(value, &value, 0);
1296 gid_specified = true;
1297 } else if (!strnicmp(data, "forcegid", 8)) {
1298 override_gid = 1;
1299 } else if (!strnicmp(data, "noforcegid", 10)) {
1300 override_gid = 0;
1301 } else if (strnicmp(data, "file_mode", 4) == 0) {
1302 if (value && *value) {
1303 vol->file_mode =
1304 simple_strtoul(value, &value, 0);
1305 }
1306 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1307 if (value && *value) {
1308 vol->dir_mode =
1309 simple_strtoul(value, &value, 0);
1310 }
1311 } else if (strnicmp(data, "dirmode", 4) == 0) {
1312 if (value && *value) {
1313 vol->dir_mode =
1314 simple_strtoul(value, &value, 0);
1315 }
1316 } else if (strnicmp(data, "port", 4) == 0) {
1317 if (value && *value) {
1318 vol->port =
1319 simple_strtoul(value, &value, 0);
1320 }
1321 } else if (strnicmp(data, "rsize", 5) == 0) {
1322 if (value && *value) {
1323 vol->rsize =
1324 simple_strtoul(value, &value, 0);
1325 }
1326 } else if (strnicmp(data, "wsize", 5) == 0) {
1327 if (value && *value) {
1328 vol->wsize =
1329 simple_strtoul(value, &value, 0);
1330 }
1331 } else if (strnicmp(data, "sockopt", 5) == 0) {
1332 if (!value || !*value) {
1333 cERROR(1, "no socket option specified");
1334 continue;
1335 } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1336 vol->sockopt_tcp_nodelay = 1;
1337 }
1338 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1339 if (!value || !*value || (*value == ' ')) {
1340 cFYI(1, "invalid (empty) netbiosname");
1341 } else {
1342 memset(vol->source_rfc1001_name, 0x20,
1343 RFC1001_NAME_LEN);
1344 /*
1345 * FIXME: are there cases in which a comma can
1346 * be valid in workstation netbios name (and
1347 * need special handling)?
1348 */
1349 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1350 /* don't ucase netbiosname for user */
1351 if (value[i] == 0)
1352 break;
1353 vol->source_rfc1001_name[i] = value[i];
1354 }
1355 /* The string has 16th byte zero still from
1356 set at top of the function */
1357 if (i == RFC1001_NAME_LEN && value[i] != 0)
1358 printk(KERN_WARNING "CIFS: netbiosname"
1359 " longer than 15 truncated.\n");
1360 }
1361 } else if (strnicmp(data, "servern", 7) == 0) {
1362 /* servernetbiosname specified override *SMBSERVER */
1363 if (!value || !*value || (*value == ' ')) {
1364 cFYI(1, "empty server netbiosname specified");
1365 } else {
1366 /* last byte, type, is 0x20 for servr type */
1367 memset(vol->target_rfc1001_name, 0x20,
1368 RFC1001_NAME_LEN_WITH_NULL);
1369
1370 for (i = 0; i < 15; i++) {
1371 /* BB are there cases in which a comma can be
1372 valid in this workstation netbios name
1373 (and need special handling)? */
1374
1375 /* user or mount helper must uppercase
1376 the netbiosname */
1377 if (value[i] == 0)
1378 break;
1379 else
1380 vol->target_rfc1001_name[i] =
1381 value[i];
1382 }
1383 /* The string has 16th byte zero still from
1384 set at top of the function */
1385 if (i == RFC1001_NAME_LEN && value[i] != 0)
1386 printk(KERN_WARNING "CIFS: server net"
1387 "biosname longer than 15 truncated.\n");
1388 }
1389 } else if (strnicmp(data, "actimeo", 7) == 0) {
1390 if (value && *value) {
1391 vol->actimeo = HZ * simple_strtoul(value,
1392 &value, 0);
1393 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1394 cERROR(1, "CIFS: attribute cache"
1395 "timeout too large");
1396 goto cifs_parse_mount_err;
1397 }
1398 }
1399 } else if (strnicmp(data, "credentials", 4) == 0) {
1400 /* ignore */
1401 } else if (strnicmp(data, "version", 3) == 0) {
1402 /* ignore */
1403 } else if (strnicmp(data, "guest", 5) == 0) {
1404 /* ignore */
1405 } else if (strnicmp(data, "rw", 2) == 0 && strlen(data) == 2) {
1406 /* ignore */
1407 } else if (strnicmp(data, "ro", 2) == 0) {
1408 /* ignore */
1409 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1410 vol->noblocksnd = 1;
1411 } else if (strnicmp(data, "noautotune", 10) == 0) {
1412 vol->noautotune = 1;
1413 } else if ((strnicmp(data, "suid", 4) == 0) ||
1414 (strnicmp(data, "nosuid", 6) == 0) ||
1415 (strnicmp(data, "exec", 4) == 0) ||
1416 (strnicmp(data, "noexec", 6) == 0) ||
1417 (strnicmp(data, "nodev", 5) == 0) ||
1418 (strnicmp(data, "noauto", 6) == 0) ||
1419 (strnicmp(data, "dev", 3) == 0)) {
1420 /* The mount tool or mount.cifs helper (if present)
1421 uses these opts to set flags, and the flags are read
1422 by the kernel vfs layer before we get here (ie
1423 before read super) so there is no point trying to
1424 parse these options again and set anything and it
1425 is ok to just ignore them */
1426 continue;
1427 } else if (strnicmp(data, "hard", 4) == 0) {
1428 vol->retry = 1;
1429 } else if (strnicmp(data, "soft", 4) == 0) {
1430 vol->retry = 0;
1431 } else if (strnicmp(data, "perm", 4) == 0) {
1432 vol->noperm = 0;
1433 } else if (strnicmp(data, "noperm", 6) == 0) {
1434 vol->noperm = 1;
1435 } else if (strnicmp(data, "mapchars", 8) == 0) {
1436 vol->remap = 1;
1437 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1438 vol->remap = 0;
1439 } else if (strnicmp(data, "sfu", 3) == 0) {
1440 vol->sfu_emul = 1;
1441 } else if (strnicmp(data, "nosfu", 5) == 0) {
1442 vol->sfu_emul = 0;
1443 } else if (strnicmp(data, "nodfs", 5) == 0) {
1444 vol->nodfs = 1;
1445 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1446 vol->posix_paths = 1;
1447 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1448 vol->posix_paths = 0;
1449 } else if (strnicmp(data, "nounix", 6) == 0) {
1450 vol->no_linux_ext = 1;
1451 } else if (strnicmp(data, "nolinux", 7) == 0) {
1452 vol->no_linux_ext = 1;
1453 } else if ((strnicmp(data, "nocase", 6) == 0) ||
1454 (strnicmp(data, "ignorecase", 10) == 0)) {
1455 vol->nocase = 1;
1456 } else if (strnicmp(data, "mand", 4) == 0) {
1457 /* ignore */
1458 } else if (strnicmp(data, "nomand", 6) == 0) {
1459 /* ignore */
1460 } else if (strnicmp(data, "_netdev", 7) == 0) {
1461 /* ignore */
1462 } else if (strnicmp(data, "brl", 3) == 0) {
1463 vol->nobrl = 0;
1464 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1465 (strnicmp(data, "nolock", 6) == 0)) {
1466 vol->nobrl = 1;
1467 /* turn off mandatory locking in mode
1468 if remote locking is turned off since the
1469 local vfs will do advisory */
1470 if (vol->file_mode ==
1471 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1472 vol->file_mode = S_IALLUGO;
1473 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1474 /* will take the shorter form "forcemand" as well */
1475 /* This mount option will force use of mandatory
1476 (DOS/Windows style) byte range locks, instead of
1477 using posix advisory byte range locks, even if the
1478 Unix extensions are available and posix locks would
1479 be supported otherwise. If Unix extensions are not
1480 negotiated this has no effect since mandatory locks
1481 would be used (mandatory locks is all that those
1482 those servers support) */
1483 vol->mand_lock = 1;
1484 } else if (strnicmp(data, "setuids", 7) == 0) {
1485 vol->setuids = 1;
1486 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1487 vol->setuids = 0;
1488 } else if (strnicmp(data, "dynperm", 7) == 0) {
1489 vol->dynperm = true;
1490 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1491 vol->dynperm = false;
1492 } else if (strnicmp(data, "nohard", 6) == 0) {
1493 vol->retry = 0;
1494 } else if (strnicmp(data, "nosoft", 6) == 0) {
1495 vol->retry = 1;
1496 } else if (strnicmp(data, "nointr", 6) == 0) {
1497 vol->intr = 0;
1498 } else if (strnicmp(data, "intr", 4) == 0) {
1499 vol->intr = 1;
1500 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1501 vol->nostrictsync = 1;
1502 } else if (strnicmp(data, "strictsync", 10) == 0) {
1503 vol->nostrictsync = 0;
1504 } else if (strnicmp(data, "serverino", 7) == 0) {
1505 vol->server_ino = 1;
1506 } else if (strnicmp(data, "noserverino", 9) == 0) {
1507 vol->server_ino = 0;
1508 } else if (strnicmp(data, "rwpidforward", 12) == 0) {
1509 vol->rwpidforward = 1;
1510 } else if (strnicmp(data, "cifsacl", 7) == 0) {
1511 vol->cifs_acl = 1;
1512 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1513 vol->cifs_acl = 0;
1514 } else if (strnicmp(data, "acl", 3) == 0) {
1515 vol->no_psx_acl = 0;
1516 } else if (strnicmp(data, "noacl", 5) == 0) {
1517 vol->no_psx_acl = 1;
1518 } else if (strnicmp(data, "locallease", 6) == 0) {
1519 vol->local_lease = 1;
1520 } else if (strnicmp(data, "sign", 4) == 0) {
1521 vol->secFlg |= CIFSSEC_MUST_SIGN;
1522 } else if (strnicmp(data, "seal", 4) == 0) {
1523 /* we do not do the following in secFlags because seal
1524 is a per tree connection (mount) not a per socket
1525 or per-smb connection option in the protocol */
1526 /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1527 vol->seal = 1;
1528 } else if (strnicmp(data, "direct", 6) == 0) {
1529 vol->direct_io = 1;
1530 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1531 vol->direct_io = 1;
1532 } else if (strnicmp(data, "strictcache", 11) == 0) {
1533 vol->strict_io = 1;
1534 } else if (strnicmp(data, "noac", 4) == 0) {
1535 printk(KERN_WARNING "CIFS: Mount option noac not "
1536 "supported. Instead set "
1537 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1538 } else if (strnicmp(data, "fsc", 3) == 0) {
1539 #ifndef CONFIG_CIFS_FSCACHE
1540 cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
1541 "kernel config option set");
1542 goto cifs_parse_mount_err;
1543 #endif
1544 vol->fsc = true;
1545 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1546 vol->mfsymlinks = true;
1547 } else if (strnicmp(data, "multiuser", 8) == 0) {
1548 vol->multiuser = true;
1549 } else if (!strnicmp(data, "backupuid", 9) && value && *value) {
1550 err = kstrtouint(value, 0, &vol->backupuid);
1551 if (err < 0) {
1552 cERROR(1, "%s: Invalid backupuid value",
1553 __func__);
1554 goto cifs_parse_mount_err;
1555 }
1556 vol->backupuid_specified = true;
1557 } else if (!strnicmp(data, "backupgid", 9) && value && *value) {
1558 err = kstrtouint(value, 0, &vol->backupgid);
1559 if (err < 0) {
1560 cERROR(1, "%s: Invalid backupgid value",
1561 __func__);
1562 goto cifs_parse_mount_err;
1563 }
1564 vol->backupgid_specified = true;
1565 } else
1566 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1567 data);
1568 }
1569 if (vol->UNC == NULL) {
1570 if (devname == NULL) {
1571 printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1572 "target\n");
1573 goto cifs_parse_mount_err;
1574 }
1575 if ((temp_len = strnlen(devname, 300)) < 300) {
1576 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1577 if (vol->UNC == NULL)
1578 goto cifs_parse_mount_err;
1579 strcpy(vol->UNC, devname);
1580 if (strncmp(vol->UNC, "//", 2) == 0) {
1581 vol->UNC[0] = '\\';
1582 vol->UNC[1] = '\\';
1583 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1584 printk(KERN_WARNING "CIFS: UNC Path does not "
1585 "begin with // or \\\\ \n");
1586 goto cifs_parse_mount_err;
1587 }
1588 value = strpbrk(vol->UNC+2, "/\\");
1589 if (value)
1590 *value = '\\';
1591 } else {
1592 printk(KERN_WARNING "CIFS: UNC name too long\n");
1593 goto cifs_parse_mount_err;
1594 }
1595 }
1596
1597 if (vol->multiuser && !(vol->secFlg & CIFSSEC_MAY_KRB5)) {
1598 cERROR(1, "Multiuser mounts currently require krb5 "
1599 "authentication!");
1600 goto cifs_parse_mount_err;
1601 }
1602
1603 if (vol->UNCip == NULL)
1604 vol->UNCip = &vol->UNC[2];
1605
1606 if (uid_specified)
1607 vol->override_uid = override_uid;
1608 else if (override_uid == 1)
1609 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1610 "specified with no uid= option.\n");
1611
1612 if (gid_specified)
1613 vol->override_gid = override_gid;
1614 else if (override_gid == 1)
1615 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1616 "specified with no gid= option.\n");
1617
1618 kfree(mountdata_copy);
1619 return 0;
1620
1621 cifs_parse_mount_err:
1622 kfree(mountdata_copy);
1623 return 1;
1624 }
1625
1626 /** Returns true if srcaddr isn't specified and rhs isn't
1627 * specified, or if srcaddr is specified and
1628 * matches the IP address of the rhs argument.
1629 */
1630 static bool
1631 srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1632 {
1633 switch (srcaddr->sa_family) {
1634 case AF_UNSPEC:
1635 return (rhs->sa_family == AF_UNSPEC);
1636 case AF_INET: {
1637 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1638 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1639 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1640 }
1641 case AF_INET6: {
1642 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1643 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1644 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1645 }
1646 default:
1647 WARN_ON(1);
1648 return false; /* don't expect to be here */
1649 }
1650 }
1651
1652 /*
1653 * If no port is specified in addr structure, we try to match with 445 port
1654 * and if it fails - with 139 ports. It should be called only if address
1655 * families of server and addr are equal.
1656 */
1657 static bool
1658 match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1659 {
1660 __be16 port, *sport;
1661
1662 switch (addr->sa_family) {
1663 case AF_INET:
1664 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1665 port = ((struct sockaddr_in *) addr)->sin_port;
1666 break;
1667 case AF_INET6:
1668 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1669 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1670 break;
1671 default:
1672 WARN_ON(1);
1673 return false;
1674 }
1675
1676 if (!port) {
1677 port = htons(CIFS_PORT);
1678 if (port == *sport)
1679 return true;
1680
1681 port = htons(RFC1001_PORT);
1682 }
1683
1684 return port == *sport;
1685 }
1686
1687 static bool
1688 match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1689 struct sockaddr *srcaddr)
1690 {
1691 switch (addr->sa_family) {
1692 case AF_INET: {
1693 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1694 struct sockaddr_in *srv_addr4 =
1695 (struct sockaddr_in *)&server->dstaddr;
1696
1697 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
1698 return false;
1699 break;
1700 }
1701 case AF_INET6: {
1702 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1703 struct sockaddr_in6 *srv_addr6 =
1704 (struct sockaddr_in6 *)&server->dstaddr;
1705
1706 if (!ipv6_addr_equal(&addr6->sin6_addr,
1707 &srv_addr6->sin6_addr))
1708 return false;
1709 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
1710 return false;
1711 break;
1712 }
1713 default:
1714 WARN_ON(1);
1715 return false; /* don't expect to be here */
1716 }
1717
1718 if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1719 return false;
1720
1721 return true;
1722 }
1723
1724 static bool
1725 match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1726 {
1727 unsigned int secFlags;
1728
1729 if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1730 secFlags = vol->secFlg;
1731 else
1732 secFlags = global_secflags | vol->secFlg;
1733
1734 switch (server->secType) {
1735 case LANMAN:
1736 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1737 return false;
1738 break;
1739 case NTLMv2:
1740 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1741 return false;
1742 break;
1743 case NTLM:
1744 if (!(secFlags & CIFSSEC_MAY_NTLM))
1745 return false;
1746 break;
1747 case Kerberos:
1748 if (!(secFlags & CIFSSEC_MAY_KRB5))
1749 return false;
1750 break;
1751 case RawNTLMSSP:
1752 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1753 return false;
1754 break;
1755 default:
1756 /* shouldn't happen */
1757 return false;
1758 }
1759
1760 /* now check if signing mode is acceptable */
1761 if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
1762 (server->sec_mode & SECMODE_SIGN_REQUIRED))
1763 return false;
1764 else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
1765 (server->sec_mode &
1766 (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1767 return false;
1768
1769 return true;
1770 }
1771
1772 static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
1773 struct smb_vol *vol)
1774 {
1775 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1776 return 0;
1777
1778 if (!match_address(server, addr,
1779 (struct sockaddr *)&vol->srcaddr))
1780 return 0;
1781
1782 if (!match_port(server, addr))
1783 return 0;
1784
1785 if (!match_security(server, vol))
1786 return 0;
1787
1788 return 1;
1789 }
1790
1791 static struct TCP_Server_Info *
1792 cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1793 {
1794 struct TCP_Server_Info *server;
1795
1796 spin_lock(&cifs_tcp_ses_lock);
1797 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
1798 if (!match_server(server, addr, vol))
1799 continue;
1800
1801 ++server->srv_count;
1802 spin_unlock(&cifs_tcp_ses_lock);
1803 cFYI(1, "Existing tcp session with server found");
1804 return server;
1805 }
1806 spin_unlock(&cifs_tcp_ses_lock);
1807 return NULL;
1808 }
1809
1810 static void
1811 cifs_put_tcp_session(struct TCP_Server_Info *server)
1812 {
1813 struct task_struct *task;
1814
1815 spin_lock(&cifs_tcp_ses_lock);
1816 if (--server->srv_count > 0) {
1817 spin_unlock(&cifs_tcp_ses_lock);
1818 return;
1819 }
1820
1821 put_net(cifs_net_ns(server));
1822
1823 list_del_init(&server->tcp_ses_list);
1824 spin_unlock(&cifs_tcp_ses_lock);
1825
1826 cancel_delayed_work_sync(&server->echo);
1827
1828 spin_lock(&GlobalMid_Lock);
1829 server->tcpStatus = CifsExiting;
1830 spin_unlock(&GlobalMid_Lock);
1831
1832 cifs_crypto_shash_release(server);
1833 cifs_fscache_release_client_cookie(server);
1834
1835 kfree(server->session_key.response);
1836 server->session_key.response = NULL;
1837 server->session_key.len = 0;
1838
1839 task = xchg(&server->tsk, NULL);
1840 if (task)
1841 force_sig(SIGKILL, task);
1842 }
1843
1844 static struct TCP_Server_Info *
1845 cifs_get_tcp_session(struct smb_vol *volume_info)
1846 {
1847 struct TCP_Server_Info *tcp_ses = NULL;
1848 struct sockaddr_storage addr;
1849 struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1850 struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1851 int rc;
1852
1853 memset(&addr, 0, sizeof(struct sockaddr_storage));
1854
1855 cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
1856
1857 if (volume_info->UNCip && volume_info->UNC) {
1858 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1859 volume_info->UNCip,
1860 strlen(volume_info->UNCip),
1861 volume_info->port);
1862 if (!rc) {
1863 /* we failed translating address */
1864 rc = -EINVAL;
1865 goto out_err;
1866 }
1867 } else if (volume_info->UNCip) {
1868 /* BB using ip addr as tcp_ses name to connect to the
1869 DFS root below */
1870 cERROR(1, "Connecting to DFS root not implemented yet");
1871 rc = -EINVAL;
1872 goto out_err;
1873 } else /* which tcp_sess DFS root would we conect to */ {
1874 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1875 "unc=//192.168.1.100/public) specified");
1876 rc = -EINVAL;
1877 goto out_err;
1878 }
1879
1880 /* see if we already have a matching tcp_ses */
1881 tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
1882 if (tcp_ses)
1883 return tcp_ses;
1884
1885 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1886 if (!tcp_ses) {
1887 rc = -ENOMEM;
1888 goto out_err;
1889 }
1890
1891 rc = cifs_crypto_shash_allocate(tcp_ses);
1892 if (rc) {
1893 cERROR(1, "could not setup hash structures rc %d", rc);
1894 goto out_err;
1895 }
1896
1897 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
1898 tcp_ses->hostname = extract_hostname(volume_info->UNC);
1899 if (IS_ERR(tcp_ses->hostname)) {
1900 rc = PTR_ERR(tcp_ses->hostname);
1901 goto out_err_crypto_release;
1902 }
1903
1904 tcp_ses->noblocksnd = volume_info->noblocksnd;
1905 tcp_ses->noautotune = volume_info->noautotune;
1906 tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
1907 atomic_set(&tcp_ses->inFlight, 0);
1908 init_waitqueue_head(&tcp_ses->response_q);
1909 init_waitqueue_head(&tcp_ses->request_q);
1910 INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1911 mutex_init(&tcp_ses->srv_mutex);
1912 memcpy(tcp_ses->workstation_RFC1001_name,
1913 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1914 memcpy(tcp_ses->server_RFC1001_name,
1915 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1916 tcp_ses->session_estab = false;
1917 tcp_ses->sequence_number = 0;
1918 tcp_ses->lstrp = jiffies;
1919 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1920 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
1921 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
1922
1923 /*
1924 * at this point we are the only ones with the pointer
1925 * to the struct since the kernel thread not created yet
1926 * no need to spinlock this init of tcpStatus or srv_count
1927 */
1928 tcp_ses->tcpStatus = CifsNew;
1929 memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1930 sizeof(tcp_ses->srcaddr));
1931 ++tcp_ses->srv_count;
1932
1933 if (addr.ss_family == AF_INET6) {
1934 cFYI(1, "attempting ipv6 connect");
1935 /* BB should we allow ipv6 on port 139? */
1936 /* other OS never observed in Wild doing 139 with v6 */
1937 memcpy(&tcp_ses->dstaddr, sin_server6,
1938 sizeof(struct sockaddr_in6));
1939 } else
1940 memcpy(&tcp_ses->dstaddr, sin_server,
1941 sizeof(struct sockaddr_in));
1942
1943 rc = ip_connect(tcp_ses);
1944 if (rc < 0) {
1945 cERROR(1, "Error connecting to socket. Aborting operation");
1946 goto out_err_crypto_release;
1947 }
1948
1949 /*
1950 * since we're in a cifs function already, we know that
1951 * this will succeed. No need for try_module_get().
1952 */
1953 __module_get(THIS_MODULE);
1954 tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
1955 tcp_ses, "cifsd");
1956 if (IS_ERR(tcp_ses->tsk)) {
1957 rc = PTR_ERR(tcp_ses->tsk);
1958 cERROR(1, "error %d create cifsd thread", rc);
1959 module_put(THIS_MODULE);
1960 goto out_err_crypto_release;
1961 }
1962 tcp_ses->tcpStatus = CifsNeedNegotiate;
1963
1964 /* thread spawned, put it on the list */
1965 spin_lock(&cifs_tcp_ses_lock);
1966 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
1967 spin_unlock(&cifs_tcp_ses_lock);
1968
1969 cifs_fscache_get_client_cookie(tcp_ses);
1970
1971 /* queue echo request delayed work */
1972 queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1973
1974 return tcp_ses;
1975
1976 out_err_crypto_release:
1977 cifs_crypto_shash_release(tcp_ses);
1978
1979 put_net(cifs_net_ns(tcp_ses));
1980
1981 out_err:
1982 if (tcp_ses) {
1983 if (!IS_ERR(tcp_ses->hostname))
1984 kfree(tcp_ses->hostname);
1985 if (tcp_ses->ssocket)
1986 sock_release(tcp_ses->ssocket);
1987 kfree(tcp_ses);
1988 }
1989 return ERR_PTR(rc);
1990 }
1991
1992 static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
1993 {
1994 switch (ses->server->secType) {
1995 case Kerberos:
1996 if (vol->cred_uid != ses->cred_uid)
1997 return 0;
1998 break;
1999 default:
2000 /* NULL username means anonymous session */
2001 if (ses->user_name == NULL) {
2002 if (!vol->nullauth)
2003 return 0;
2004 break;
2005 }
2006
2007 /* anything else takes username/password */
2008 if (strncmp(ses->user_name,
2009 vol->username ? vol->username : "",
2010 MAX_USERNAME_SIZE))
2011 return 0;
2012 if (strlen(vol->username) != 0 &&
2013 ses->password != NULL &&
2014 strncmp(ses->password,
2015 vol->password ? vol->password : "",
2016 MAX_PASSWORD_SIZE))
2017 return 0;
2018 }
2019 return 1;
2020 }
2021
2022 static struct cifs_ses *
2023 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
2024 {
2025 struct cifs_ses *ses;
2026
2027 spin_lock(&cifs_tcp_ses_lock);
2028 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
2029 if (!match_session(ses, vol))
2030 continue;
2031 ++ses->ses_count;
2032 spin_unlock(&cifs_tcp_ses_lock);
2033 return ses;
2034 }
2035 spin_unlock(&cifs_tcp_ses_lock);
2036 return NULL;
2037 }
2038
2039 static void
2040 cifs_put_smb_ses(struct cifs_ses *ses)
2041 {
2042 int xid;
2043 struct TCP_Server_Info *server = ses->server;
2044
2045 cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
2046 spin_lock(&cifs_tcp_ses_lock);
2047 if (--ses->ses_count > 0) {
2048 spin_unlock(&cifs_tcp_ses_lock);
2049 return;
2050 }
2051
2052 list_del_init(&ses->smb_ses_list);
2053 spin_unlock(&cifs_tcp_ses_lock);
2054
2055 if (ses->status == CifsGood) {
2056 xid = GetXid();
2057 CIFSSMBLogoff(xid, ses);
2058 _FreeXid(xid);
2059 }
2060 sesInfoFree(ses);
2061 cifs_put_tcp_session(server);
2062 }
2063
2064 static bool warned_on_ntlm; /* globals init to false automatically */
2065
2066 static struct cifs_ses *
2067 cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2068 {
2069 int rc = -ENOMEM, xid;
2070 struct cifs_ses *ses;
2071 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2072 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2073
2074 xid = GetXid();
2075
2076 ses = cifs_find_smb_ses(server, volume_info);
2077 if (ses) {
2078 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
2079
2080 mutex_lock(&ses->session_mutex);
2081 rc = cifs_negotiate_protocol(xid, ses);
2082 if (rc) {
2083 mutex_unlock(&ses->session_mutex);
2084 /* problem -- put our ses reference */
2085 cifs_put_smb_ses(ses);
2086 FreeXid(xid);
2087 return ERR_PTR(rc);
2088 }
2089 if (ses->need_reconnect) {
2090 cFYI(1, "Session needs reconnect");
2091 rc = cifs_setup_session(xid, ses,
2092 volume_info->local_nls);
2093 if (rc) {
2094 mutex_unlock(&ses->session_mutex);
2095 /* problem -- put our reference */
2096 cifs_put_smb_ses(ses);
2097 FreeXid(xid);
2098 return ERR_PTR(rc);
2099 }
2100 }
2101 mutex_unlock(&ses->session_mutex);
2102
2103 /* existing SMB ses has a server reference already */
2104 cifs_put_tcp_session(server);
2105 FreeXid(xid);
2106 return ses;
2107 }
2108
2109 cFYI(1, "Existing smb sess not found");
2110 ses = sesInfoAlloc();
2111 if (ses == NULL)
2112 goto get_ses_fail;
2113
2114 /* new SMB session uses our server ref */
2115 ses->server = server;
2116 if (server->dstaddr.ss_family == AF_INET6)
2117 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
2118 else
2119 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
2120
2121 if (volume_info->username) {
2122 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2123 if (!ses->user_name)
2124 goto get_ses_fail;
2125 }
2126
2127 /* volume_info->password freed at unmount */
2128 if (volume_info->password) {
2129 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2130 if (!ses->password)
2131 goto get_ses_fail;
2132 }
2133 if (volume_info->domainname) {
2134 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2135 if (!ses->domainName)
2136 goto get_ses_fail;
2137 }
2138 ses->cred_uid = volume_info->cred_uid;
2139 ses->linux_uid = volume_info->linux_uid;
2140
2141 /* ntlmv2 is much stronger than ntlm security, and has been broadly
2142 supported for many years, time to update default security mechanism */
2143 if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2144 warned_on_ntlm = true;
2145 cERROR(1, "default security mechanism requested. The default "
2146 "security mechanism will be upgraded from ntlm to "
2147 "ntlmv2 in kernel release 3.3");
2148 }
2149 ses->overrideSecFlg = volume_info->secFlg;
2150
2151 mutex_lock(&ses->session_mutex);
2152 rc = cifs_negotiate_protocol(xid, ses);
2153 if (!rc)
2154 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
2155 mutex_unlock(&ses->session_mutex);
2156 if (rc)
2157 goto get_ses_fail;
2158
2159 /* success, put it on the list */
2160 spin_lock(&cifs_tcp_ses_lock);
2161 list_add(&ses->smb_ses_list, &server->smb_ses_list);
2162 spin_unlock(&cifs_tcp_ses_lock);
2163
2164 FreeXid(xid);
2165 return ses;
2166
2167 get_ses_fail:
2168 sesInfoFree(ses);
2169 FreeXid(xid);
2170 return ERR_PTR(rc);
2171 }
2172
2173 static int match_tcon(struct cifs_tcon *tcon, const char *unc)
2174 {
2175 if (tcon->tidStatus == CifsExiting)
2176 return 0;
2177 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2178 return 0;
2179 return 1;
2180 }
2181
2182 static struct cifs_tcon *
2183 cifs_find_tcon(struct cifs_ses *ses, const char *unc)
2184 {
2185 struct list_head *tmp;
2186 struct cifs_tcon *tcon;
2187
2188 spin_lock(&cifs_tcp_ses_lock);
2189 list_for_each(tmp, &ses->tcon_list) {
2190 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
2191 if (!match_tcon(tcon, unc))
2192 continue;
2193 ++tcon->tc_count;
2194 spin_unlock(&cifs_tcp_ses_lock);
2195 return tcon;
2196 }
2197 spin_unlock(&cifs_tcp_ses_lock);
2198 return NULL;
2199 }
2200
2201 static void
2202 cifs_put_tcon(struct cifs_tcon *tcon)
2203 {
2204 int xid;
2205 struct cifs_ses *ses = tcon->ses;
2206
2207 cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
2208 spin_lock(&cifs_tcp_ses_lock);
2209 if (--tcon->tc_count > 0) {
2210 spin_unlock(&cifs_tcp_ses_lock);
2211 return;
2212 }
2213
2214 list_del_init(&tcon->tcon_list);
2215 spin_unlock(&cifs_tcp_ses_lock);
2216
2217 xid = GetXid();
2218 CIFSSMBTDis(xid, tcon);
2219 _FreeXid(xid);
2220
2221 cifs_fscache_release_super_cookie(tcon);
2222 tconInfoFree(tcon);
2223 cifs_put_smb_ses(ses);
2224 }
2225
2226 static struct cifs_tcon *
2227 cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
2228 {
2229 int rc, xid;
2230 struct cifs_tcon *tcon;
2231
2232 tcon = cifs_find_tcon(ses, volume_info->UNC);
2233 if (tcon) {
2234 cFYI(1, "Found match on UNC path");
2235 /* existing tcon already has a reference */
2236 cifs_put_smb_ses(ses);
2237 if (tcon->seal != volume_info->seal)
2238 cERROR(1, "transport encryption setting "
2239 "conflicts with existing tid");
2240 return tcon;
2241 }
2242
2243 tcon = tconInfoAlloc();
2244 if (tcon == NULL) {
2245 rc = -ENOMEM;
2246 goto out_fail;
2247 }
2248
2249 tcon->ses = ses;
2250 if (volume_info->password) {
2251 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2252 if (!tcon->password) {
2253 rc = -ENOMEM;
2254 goto out_fail;
2255 }
2256 }
2257
2258 if (strchr(volume_info->UNC + 3, '\\') == NULL
2259 && strchr(volume_info->UNC + 3, '/') == NULL) {
2260 cERROR(1, "Missing share name");
2261 rc = -ENODEV;
2262 goto out_fail;
2263 }
2264
2265 /* BB Do we need to wrap session_mutex around
2266 * this TCon call and Unix SetFS as
2267 * we do on SessSetup and reconnect? */
2268 xid = GetXid();
2269 rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2270 FreeXid(xid);
2271 cFYI(1, "CIFS Tcon rc = %d", rc);
2272 if (rc)
2273 goto out_fail;
2274
2275 if (volume_info->nodfs) {
2276 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2277 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2278 }
2279 tcon->seal = volume_info->seal;
2280 /* we can have only one retry value for a connection
2281 to a share so for resources mounted more than once
2282 to the same server share the last value passed in
2283 for the retry flag is used */
2284 tcon->retry = volume_info->retry;
2285 tcon->nocase = volume_info->nocase;
2286 tcon->local_lease = volume_info->local_lease;
2287
2288 spin_lock(&cifs_tcp_ses_lock);
2289 list_add(&tcon->tcon_list, &ses->tcon_list);
2290 spin_unlock(&cifs_tcp_ses_lock);
2291
2292 cifs_fscache_get_super_cookie(tcon);
2293
2294 return tcon;
2295
2296 out_fail:
2297 tconInfoFree(tcon);
2298 return ERR_PTR(rc);
2299 }
2300
2301 void
2302 cifs_put_tlink(struct tcon_link *tlink)
2303 {
2304 if (!tlink || IS_ERR(tlink))
2305 return;
2306
2307 if (!atomic_dec_and_test(&tlink->tl_count) ||
2308 test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2309 tlink->tl_time = jiffies;
2310 return;
2311 }
2312
2313 if (!IS_ERR(tlink_tcon(tlink)))
2314 cifs_put_tcon(tlink_tcon(tlink));
2315 kfree(tlink);
2316 return;
2317 }
2318
2319 static inline struct tcon_link *
2320 cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2321 {
2322 return cifs_sb->master_tlink;
2323 }
2324
2325 static int
2326 compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2327 {
2328 struct cifs_sb_info *old = CIFS_SB(sb);
2329 struct cifs_sb_info *new = mnt_data->cifs_sb;
2330
2331 if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2332 return 0;
2333
2334 if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2335 (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2336 return 0;
2337
2338 /*
2339 * We want to share sb only if we don't specify an r/wsize or
2340 * specified r/wsize is greater than or equal to existing one.
2341 */
2342 if (new->wsize && new->wsize < old->wsize)
2343 return 0;
2344
2345 if (new->rsize && new->rsize < old->rsize)
2346 return 0;
2347
2348 if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2349 return 0;
2350
2351 if (old->mnt_file_mode != new->mnt_file_mode ||
2352 old->mnt_dir_mode != new->mnt_dir_mode)
2353 return 0;
2354
2355 if (strcmp(old->local_nls->charset, new->local_nls->charset))
2356 return 0;
2357
2358 if (old->actimeo != new->actimeo)
2359 return 0;
2360
2361 return 1;
2362 }
2363
2364 int
2365 cifs_match_super(struct super_block *sb, void *data)
2366 {
2367 struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2368 struct smb_vol *volume_info;
2369 struct cifs_sb_info *cifs_sb;
2370 struct TCP_Server_Info *tcp_srv;
2371 struct cifs_ses *ses;
2372 struct cifs_tcon *tcon;
2373 struct tcon_link *tlink;
2374 struct sockaddr_storage addr;
2375 int rc = 0;
2376
2377 memset(&addr, 0, sizeof(struct sockaddr_storage));
2378
2379 spin_lock(&cifs_tcp_ses_lock);
2380 cifs_sb = CIFS_SB(sb);
2381 tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2382 if (IS_ERR(tlink)) {
2383 spin_unlock(&cifs_tcp_ses_lock);
2384 return rc;
2385 }
2386 tcon = tlink_tcon(tlink);
2387 ses = tcon->ses;
2388 tcp_srv = ses->server;
2389
2390 volume_info = mnt_data->vol;
2391
2392 if (!volume_info->UNCip || !volume_info->UNC)
2393 goto out;
2394
2395 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2396 volume_info->UNCip,
2397 strlen(volume_info->UNCip),
2398 volume_info->port);
2399 if (!rc)
2400 goto out;
2401
2402 if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2403 !match_session(ses, volume_info) ||
2404 !match_tcon(tcon, volume_info->UNC)) {
2405 rc = 0;
2406 goto out;
2407 }
2408
2409 rc = compare_mount_options(sb, mnt_data);
2410 out:
2411 spin_unlock(&cifs_tcp_ses_lock);
2412 cifs_put_tlink(tlink);
2413 return rc;
2414 }
2415
2416 int
2417 get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
2418 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
2419 struct dfs_info3_param **preferrals, int remap)
2420 {
2421 char *temp_unc;
2422 int rc = 0;
2423
2424 *pnum_referrals = 0;
2425 *preferrals = NULL;
2426
2427 if (pSesInfo->ipc_tid == 0) {
2428 temp_unc = kmalloc(2 /* for slashes */ +
2429 strnlen(pSesInfo->serverName,
2430 SERVER_NAME_LEN_WITH_NULL * 2)
2431 + 1 + 4 /* slash IPC$ */ + 2,
2432 GFP_KERNEL);
2433 if (temp_unc == NULL)
2434 return -ENOMEM;
2435 temp_unc[0] = '\\';
2436 temp_unc[1] = '\\';
2437 strcpy(temp_unc + 2, pSesInfo->serverName);
2438 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2439 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
2440 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
2441 kfree(temp_unc);
2442 }
2443 if (rc == 0)
2444 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
2445 pnum_referrals, nls_codepage, remap);
2446 /* BB map targetUNCs to dfs_info3 structures, here or
2447 in CIFSGetDFSRefer BB */
2448
2449 return rc;
2450 }
2451
2452 #ifdef CONFIG_DEBUG_LOCK_ALLOC
2453 static struct lock_class_key cifs_key[2];
2454 static struct lock_class_key cifs_slock_key[2];
2455
2456 static inline void
2457 cifs_reclassify_socket4(struct socket *sock)
2458 {
2459 struct sock *sk = sock->sk;
2460 BUG_ON(sock_owned_by_user(sk));
2461 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2462 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2463 }
2464
2465 static inline void
2466 cifs_reclassify_socket6(struct socket *sock)
2467 {
2468 struct sock *sk = sock->sk;
2469 BUG_ON(sock_owned_by_user(sk));
2470 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2471 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2472 }
2473 #else
2474 static inline void
2475 cifs_reclassify_socket4(struct socket *sock)
2476 {
2477 }
2478
2479 static inline void
2480 cifs_reclassify_socket6(struct socket *sock)
2481 {
2482 }
2483 #endif
2484
2485 /* See RFC1001 section 14 on representation of Netbios names */
2486 static void rfc1002mangle(char *target, char *source, unsigned int length)
2487 {
2488 unsigned int i, j;
2489
2490 for (i = 0, j = 0; i < (length); i++) {
2491 /* mask a nibble at a time and encode */
2492 target[j] = 'A' + (0x0F & (source[i] >> 4));
2493 target[j+1] = 'A' + (0x0F & source[i]);
2494 j += 2;
2495 }
2496
2497 }
2498
2499 static int
2500 bind_socket(struct TCP_Server_Info *server)
2501 {
2502 int rc = 0;
2503 if (server->srcaddr.ss_family != AF_UNSPEC) {
2504 /* Bind to the specified local IP address */
2505 struct socket *socket = server->ssocket;
2506 rc = socket->ops->bind(socket,
2507 (struct sockaddr *) &server->srcaddr,
2508 sizeof(server->srcaddr));
2509 if (rc < 0) {
2510 struct sockaddr_in *saddr4;
2511 struct sockaddr_in6 *saddr6;
2512 saddr4 = (struct sockaddr_in *)&server->srcaddr;
2513 saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2514 if (saddr6->sin6_family == AF_INET6)
2515 cERROR(1, "cifs: "
2516 "Failed to bind to: %pI6c, error: %d\n",
2517 &saddr6->sin6_addr, rc);
2518 else
2519 cERROR(1, "cifs: "
2520 "Failed to bind to: %pI4, error: %d\n",
2521 &saddr4->sin_addr.s_addr, rc);
2522 }
2523 }
2524 return rc;
2525 }
2526
2527 static int
2528 ip_rfc1001_connect(struct TCP_Server_Info *server)
2529 {
2530 int rc = 0;
2531 /*
2532 * some servers require RFC1001 sessinit before sending
2533 * negprot - BB check reconnection in case where second
2534 * sessinit is sent but no second negprot
2535 */
2536 struct rfc1002_session_packet *ses_init_buf;
2537 struct smb_hdr *smb_buf;
2538 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2539 GFP_KERNEL);
2540 if (ses_init_buf) {
2541 ses_init_buf->trailer.session_req.called_len = 32;
2542
2543 if (server->server_RFC1001_name &&
2544 server->server_RFC1001_name[0] != 0)
2545 rfc1002mangle(ses_init_buf->trailer.
2546 session_req.called_name,
2547 server->server_RFC1001_name,
2548 RFC1001_NAME_LEN_WITH_NULL);
2549 else
2550 rfc1002mangle(ses_init_buf->trailer.
2551 session_req.called_name,
2552 DEFAULT_CIFS_CALLED_NAME,
2553 RFC1001_NAME_LEN_WITH_NULL);
2554
2555 ses_init_buf->trailer.session_req.calling_len = 32;
2556
2557 /*
2558 * calling name ends in null (byte 16) from old smb
2559 * convention.
2560 */
2561 if (server->workstation_RFC1001_name &&
2562 server->workstation_RFC1001_name[0] != 0)
2563 rfc1002mangle(ses_init_buf->trailer.
2564 session_req.calling_name,
2565 server->workstation_RFC1001_name,
2566 RFC1001_NAME_LEN_WITH_NULL);
2567 else
2568 rfc1002mangle(ses_init_buf->trailer.
2569 session_req.calling_name,
2570 "LINUX_CIFS_CLNT",
2571 RFC1001_NAME_LEN_WITH_NULL);
2572
2573 ses_init_buf->trailer.session_req.scope1 = 0;
2574 ses_init_buf->trailer.session_req.scope2 = 0;
2575 smb_buf = (struct smb_hdr *)ses_init_buf;
2576
2577 /* sizeof RFC1002_SESSION_REQUEST with no scope */
2578 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
2579 rc = smb_send(server, smb_buf, 0x44);
2580 kfree(ses_init_buf);
2581 /*
2582 * RFC1001 layer in at least one server
2583 * requires very short break before negprot
2584 * presumably because not expecting negprot
2585 * to follow so fast. This is a simple
2586 * solution that works without
2587 * complicating the code and causes no
2588 * significant slowing down on mount
2589 * for everyone else
2590 */
2591 usleep_range(1000, 2000);
2592 }
2593 /*
2594 * else the negprot may still work without this
2595 * even though malloc failed
2596 */
2597
2598 return rc;
2599 }
2600
2601 static int
2602 generic_ip_connect(struct TCP_Server_Info *server)
2603 {
2604 int rc = 0;
2605 __be16 sport;
2606 int slen, sfamily;
2607 struct socket *socket = server->ssocket;
2608 struct sockaddr *saddr;
2609
2610 saddr = (struct sockaddr *) &server->dstaddr;
2611
2612 if (server->dstaddr.ss_family == AF_INET6) {
2613 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2614 slen = sizeof(struct sockaddr_in6);
2615 sfamily = AF_INET6;
2616 } else {
2617 sport = ((struct sockaddr_in *) saddr)->sin_port;
2618 slen = sizeof(struct sockaddr_in);
2619 sfamily = AF_INET;
2620 }
2621
2622 if (socket == NULL) {
2623 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2624 IPPROTO_TCP, &socket, 1);
2625 if (rc < 0) {
2626 cERROR(1, "Error %d creating socket", rc);
2627 server->ssocket = NULL;
2628 return rc;
2629 }
2630
2631 /* BB other socket options to set KEEPALIVE, NODELAY? */
2632 cFYI(1, "Socket created");
2633 server->ssocket = socket;
2634 socket->sk->sk_allocation = GFP_NOFS;
2635 if (sfamily == AF_INET6)
2636 cifs_reclassify_socket6(socket);
2637 else
2638 cifs_reclassify_socket4(socket);
2639 }
2640
2641 rc = bind_socket(server);
2642 if (rc < 0)
2643 return rc;
2644
2645 /*
2646 * Eventually check for other socket options to change from
2647 * the default. sock_setsockopt not used because it expects
2648 * user space buffer
2649 */
2650 socket->sk->sk_rcvtimeo = 7 * HZ;
2651 socket->sk->sk_sndtimeo = 5 * HZ;
2652
2653 /* make the bufsizes depend on wsize/rsize and max requests */
2654 if (server->noautotune) {
2655 if (socket->sk->sk_sndbuf < (200 * 1024))
2656 socket->sk->sk_sndbuf = 200 * 1024;
2657 if (socket->sk->sk_rcvbuf < (140 * 1024))
2658 socket->sk->sk_rcvbuf = 140 * 1024;
2659 }
2660
2661 if (server->tcp_nodelay) {
2662 int val = 1;
2663 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2664 (char *)&val, sizeof(val));
2665 if (rc)
2666 cFYI(1, "set TCP_NODELAY socket option error %d", rc);
2667 }
2668
2669 cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
2670 socket->sk->sk_sndbuf,
2671 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
2672
2673 rc = socket->ops->connect(socket, saddr, slen, 0);
2674 if (rc < 0) {
2675 cFYI(1, "Error %d connecting to server", rc);
2676 sock_release(socket);
2677 server->ssocket = NULL;
2678 return rc;
2679 }
2680
2681 if (sport == htons(RFC1001_PORT))
2682 rc = ip_rfc1001_connect(server);
2683
2684 return rc;
2685 }
2686
2687 static int
2688 ip_connect(struct TCP_Server_Info *server)
2689 {
2690 __be16 *sport;
2691 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2692 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2693
2694 if (server->dstaddr.ss_family == AF_INET6)
2695 sport = &addr6->sin6_port;
2696 else
2697 sport = &addr->sin_port;
2698
2699 if (*sport == 0) {
2700 int rc;
2701
2702 /* try with 445 port at first */
2703 *sport = htons(CIFS_PORT);
2704
2705 rc = generic_ip_connect(server);
2706 if (rc >= 0)
2707 return rc;
2708
2709 /* if it failed, try with 139 port */
2710 *sport = htons(RFC1001_PORT);
2711 }
2712
2713 return generic_ip_connect(server);
2714 }
2715
2716 void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
2717 struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
2718 {
2719 /* if we are reconnecting then should we check to see if
2720 * any requested capabilities changed locally e.g. via
2721 * remount but we can not do much about it here
2722 * if they have (even if we could detect it by the following)
2723 * Perhaps we could add a backpointer to array of sb from tcon
2724 * or if we change to make all sb to same share the same
2725 * sb as NFS - then we only have one backpointer to sb.
2726 * What if we wanted to mount the server share twice once with
2727 * and once without posixacls or posix paths? */
2728 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2729
2730 if (vol_info && vol_info->no_linux_ext) {
2731 tcon->fsUnixInfo.Capability = 0;
2732 tcon->unix_ext = 0; /* Unix Extensions disabled */
2733 cFYI(1, "Linux protocol extensions disabled");
2734 return;
2735 } else if (vol_info)
2736 tcon->unix_ext = 1; /* Unix Extensions supported */
2737
2738 if (tcon->unix_ext == 0) {
2739 cFYI(1, "Unix extensions disabled so not set on reconnect");
2740 return;
2741 }
2742
2743 if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
2744 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2745 cFYI(1, "unix caps which server supports %lld", cap);
2746 /* check for reconnect case in which we do not
2747 want to change the mount behavior if we can avoid it */
2748 if (vol_info == NULL) {
2749 /* turn off POSIX ACL and PATHNAMES if not set
2750 originally at mount time */
2751 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2752 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2753 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2754 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2755 cERROR(1, "POSIXPATH support change");
2756 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2757 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2758 cERROR(1, "possible reconnect error");
2759 cERROR(1, "server disabled POSIX path support");
2760 }
2761 }
2762
2763 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2764 cERROR(1, "per-share encryption not supported yet");
2765
2766 cap &= CIFS_UNIX_CAP_MASK;
2767 if (vol_info && vol_info->no_psx_acl)
2768 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2769 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
2770 cFYI(1, "negotiated posix acl support");
2771 if (cifs_sb)
2772 cifs_sb->mnt_cifs_flags |=
2773 CIFS_MOUNT_POSIXACL;
2774 }
2775
2776 if (vol_info && vol_info->posix_paths == 0)
2777 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2778 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
2779 cFYI(1, "negotiate posix pathnames");
2780 if (cifs_sb)
2781 cifs_sb->mnt_cifs_flags |=
2782 CIFS_MOUNT_POSIX_PATHS;
2783 }
2784
2785 cFYI(1, "Negotiate caps 0x%x", (int)cap);
2786 #ifdef CONFIG_CIFS_DEBUG2
2787 if (cap & CIFS_UNIX_FCNTL_CAP)
2788 cFYI(1, "FCNTL cap");
2789 if (cap & CIFS_UNIX_EXTATTR_CAP)
2790 cFYI(1, "EXTATTR cap");
2791 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2792 cFYI(1, "POSIX path cap");
2793 if (cap & CIFS_UNIX_XATTR_CAP)
2794 cFYI(1, "XATTR cap");
2795 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
2796 cFYI(1, "POSIX ACL cap");
2797 if (cap & CIFS_UNIX_LARGE_READ_CAP)
2798 cFYI(1, "very large read cap");
2799 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
2800 cFYI(1, "very large write cap");
2801 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
2802 cFYI(1, "transport encryption cap");
2803 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2804 cFYI(1, "mandatory transport encryption cap");
2805 #endif /* CIFS_DEBUG2 */
2806 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
2807 if (vol_info == NULL) {
2808 cFYI(1, "resetting capabilities failed");
2809 } else
2810 cERROR(1, "Negotiating Unix capabilities "
2811 "with the server failed. Consider "
2812 "mounting with the Unix Extensions\n"
2813 "disabled, if problems are found, "
2814 "by specifying the nounix mount "
2815 "option.");
2816
2817 }
2818 }
2819 }
2820
2821 void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
2822 struct cifs_sb_info *cifs_sb)
2823 {
2824 INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2825
2826 spin_lock_init(&cifs_sb->tlink_tree_lock);
2827 cifs_sb->tlink_tree = RB_ROOT;
2828
2829 /*
2830 * Temporarily set r/wsize for matching superblock. If we end up using
2831 * new sb then client will later negotiate it downward if needed.
2832 */
2833 cifs_sb->rsize = pvolume_info->rsize;
2834 cifs_sb->wsize = pvolume_info->wsize;
2835
2836 cifs_sb->mnt_uid = pvolume_info->linux_uid;
2837 cifs_sb->mnt_gid = pvolume_info->linux_gid;
2838 if (pvolume_info->backupuid_specified)
2839 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
2840 if (pvolume_info->backupgid_specified)
2841 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
2842 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2843 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
2844 cFYI(1, "file mode: 0x%hx dir mode: 0x%hx",
2845 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
2846
2847 cifs_sb->actimeo = pvolume_info->actimeo;
2848 cifs_sb->local_nls = pvolume_info->local_nls;
2849
2850 if (pvolume_info->noperm)
2851 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2852 if (pvolume_info->setuids)
2853 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2854 if (pvolume_info->server_ino)
2855 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2856 if (pvolume_info->remap)
2857 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2858 if (pvolume_info->no_xattr)
2859 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2860 if (pvolume_info->sfu_emul)
2861 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2862 if (pvolume_info->nobrl)
2863 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
2864 if (pvolume_info->nostrictsync)
2865 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
2866 if (pvolume_info->mand_lock)
2867 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
2868 if (pvolume_info->rwpidforward)
2869 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
2870 if (pvolume_info->cifs_acl)
2871 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
2872 if (pvolume_info->backupuid_specified)
2873 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
2874 if (pvolume_info->backupgid_specified)
2875 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
2876 if (pvolume_info->override_uid)
2877 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
2878 if (pvolume_info->override_gid)
2879 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
2880 if (pvolume_info->dynperm)
2881 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
2882 if (pvolume_info->fsc)
2883 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
2884 if (pvolume_info->multiuser)
2885 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
2886 CIFS_MOUNT_NO_PERM);
2887 if (pvolume_info->strict_io)
2888 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
2889 if (pvolume_info->direct_io) {
2890 cFYI(1, "mounting share using direct i/o");
2891 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
2892 }
2893 if (pvolume_info->mfsymlinks) {
2894 if (pvolume_info->sfu_emul) {
2895 cERROR(1, "mount option mfsymlinks ignored if sfu "
2896 "mount option is used");
2897 } else {
2898 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
2899 }
2900 }
2901
2902 if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
2903 cERROR(1, "mount option dynperm ignored if cifsacl "
2904 "mount option supported");
2905 }
2906
2907 /*
2908 * When the server supports very large reads and writes via POSIX extensions,
2909 * we can allow up to 2^24-1, minus the size of a READ/WRITE_AND_X header, not
2910 * including the RFC1001 length.
2911 *
2912 * Note that this might make for "interesting" allocation problems during
2913 * writeback however as we have to allocate an array of pointers for the
2914 * pages. A 16M write means ~32kb page array with PAGE_CACHE_SIZE == 4096.
2915 *
2916 * For reads, there is a similar problem as we need to allocate an array
2917 * of kvecs to handle the receive, though that should only need to be done
2918 * once.
2919 */
2920 #define CIFS_MAX_WSIZE ((1<<24) - 1 - sizeof(WRITE_REQ) + 4)
2921 #define CIFS_MAX_RSIZE ((1<<24) - sizeof(READ_RSP) + 4)
2922
2923 /*
2924 * When the server doesn't allow large posix writes, only allow a rsize/wsize
2925 * of 2^17-1 minus the size of the call header. That allows for a read or
2926 * write up to the maximum size described by RFC1002.
2927 */
2928 #define CIFS_MAX_RFC1002_WSIZE ((1<<17) - 1 - sizeof(WRITE_REQ) + 4)
2929 #define CIFS_MAX_RFC1002_RSIZE ((1<<17) - 1 - sizeof(READ_RSP) + 4)
2930
2931 /*
2932 * The default wsize is 1M. find_get_pages seems to return a maximum of 256
2933 * pages in a single call. With PAGE_CACHE_SIZE == 4k, this means we can fill
2934 * a single wsize request with a single call.
2935 */
2936 #define CIFS_DEFAULT_IOSIZE (1024 * 1024)
2937
2938 /*
2939 * Windows only supports a max of 60kb reads and 65535 byte writes. Default to
2940 * those values when posix extensions aren't in force. In actuality here, we
2941 * use 65536 to allow for a write that is a multiple of 4k. Most servers seem
2942 * to be ok with the extra byte even though Windows doesn't send writes that
2943 * are that large.
2944 *
2945 * Citation:
2946 *
2947 * http://blogs.msdn.com/b/openspecification/archive/2009/04/10/smb-maximum-transmit-buffer-size-and-performance-tuning.aspx
2948 */
2949 #define CIFS_DEFAULT_NON_POSIX_RSIZE (60 * 1024)
2950 #define CIFS_DEFAULT_NON_POSIX_WSIZE (65536)
2951
2952 static unsigned int
2953 cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
2954 {
2955 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2956 struct TCP_Server_Info *server = tcon->ses->server;
2957 unsigned int wsize;
2958
2959 /* start with specified wsize, or default */
2960 if (pvolume_info->wsize)
2961 wsize = pvolume_info->wsize;
2962 else if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
2963 wsize = CIFS_DEFAULT_IOSIZE;
2964 else
2965 wsize = CIFS_DEFAULT_NON_POSIX_WSIZE;
2966
2967 /* can server support 24-bit write sizes? (via UNIX extensions) */
2968 if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
2969 wsize = min_t(unsigned int, wsize, CIFS_MAX_RFC1002_WSIZE);
2970
2971 /*
2972 * no CAP_LARGE_WRITE_X or is signing enabled without CAP_UNIX set?
2973 * Limit it to max buffer offered by the server, minus the size of the
2974 * WRITEX header, not including the 4 byte RFC1001 length.
2975 */
2976 if (!(server->capabilities & CAP_LARGE_WRITE_X) ||
2977 (!(server->capabilities & CAP_UNIX) &&
2978 (server->sec_mode & (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED))))
2979 wsize = min_t(unsigned int, wsize,
2980 server->maxBuf - sizeof(WRITE_REQ) + 4);
2981
2982 /* hard limit of CIFS_MAX_WSIZE */
2983 wsize = min_t(unsigned int, wsize, CIFS_MAX_WSIZE);
2984
2985 return wsize;
2986 }
2987
2988 static unsigned int
2989 cifs_negotiate_rsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
2990 {
2991 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2992 struct TCP_Server_Info *server = tcon->ses->server;
2993 unsigned int rsize, defsize;
2994
2995 /*
2996 * Set default value...
2997 *
2998 * HACK alert! Ancient servers have very small buffers. Even though
2999 * MS-CIFS indicates that servers are only limited by the client's
3000 * bufsize for reads, testing against win98se shows that it throws
3001 * INVALID_PARAMETER errors if you try to request too large a read.
3002 *
3003 * If the server advertises a MaxBufferSize of less than one page,
3004 * assume that it also can't satisfy reads larger than that either.
3005 *
3006 * FIXME: Is there a better heuristic for this?
3007 */
3008 if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_READ_CAP))
3009 defsize = CIFS_DEFAULT_IOSIZE;
3010 else if (server->capabilities & CAP_LARGE_READ_X)
3011 defsize = CIFS_DEFAULT_NON_POSIX_RSIZE;
3012 else if (server->maxBuf >= PAGE_CACHE_SIZE)
3013 defsize = CIFSMaxBufSize;
3014 else
3015 defsize = server->maxBuf - sizeof(READ_RSP);
3016
3017 rsize = pvolume_info->rsize ? pvolume_info->rsize : defsize;
3018
3019 /*
3020 * no CAP_LARGE_READ_X? Then MS-CIFS states that we must limit this to
3021 * the client's MaxBufferSize.
3022 */
3023 if (!(server->capabilities & CAP_LARGE_READ_X))
3024 rsize = min_t(unsigned int, CIFSMaxBufSize, rsize);
3025
3026 /* hard limit of CIFS_MAX_RSIZE */
3027 rsize = min_t(unsigned int, rsize, CIFS_MAX_RSIZE);
3028
3029 return rsize;
3030 }
3031
3032 static int
3033 is_path_accessible(int xid, struct cifs_tcon *tcon,
3034 struct cifs_sb_info *cifs_sb, const char *full_path)
3035 {
3036 int rc;
3037 FILE_ALL_INFO *pfile_info;
3038
3039 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
3040 if (pfile_info == NULL)
3041 return -ENOMEM;
3042
3043 rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
3044 0 /* not legacy */, cifs_sb->local_nls,
3045 cifs_sb->mnt_cifs_flags &
3046 CIFS_MOUNT_MAP_SPECIAL_CHR);
3047
3048 if (rc == -EOPNOTSUPP || rc == -EINVAL)
3049 rc = SMBQueryInformation(xid, tcon, full_path, pfile_info,
3050 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
3051 CIFS_MOUNT_MAP_SPECIAL_CHR);
3052 kfree(pfile_info);
3053 return rc;
3054 }
3055
3056 static void
3057 cleanup_volume_info_contents(struct smb_vol *volume_info)
3058 {
3059 kfree(volume_info->username);
3060 kzfree(volume_info->password);
3061 if (volume_info->UNCip != volume_info->UNC + 2)
3062 kfree(volume_info->UNCip);
3063 kfree(volume_info->UNC);
3064 kfree(volume_info->domainname);
3065 kfree(volume_info->iocharset);
3066 kfree(volume_info->prepath);
3067 }
3068
3069 void
3070 cifs_cleanup_volume_info(struct smb_vol *volume_info)
3071 {
3072 if (!volume_info)
3073 return;
3074 cleanup_volume_info_contents(volume_info);
3075 kfree(volume_info);
3076 }
3077
3078
3079 #ifdef CONFIG_CIFS_DFS_UPCALL
3080 /* build_path_to_root returns full path to root when
3081 * we do not have an exiting connection (tcon) */
3082 static char *
3083 build_unc_path_to_root(const struct smb_vol *vol,
3084 const struct cifs_sb_info *cifs_sb)
3085 {
3086 char *full_path, *pos;
3087 unsigned int pplen = vol->prepath ? strlen(vol->prepath) : 0;
3088 unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
3089
3090 full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
3091 if (full_path == NULL)
3092 return ERR_PTR(-ENOMEM);
3093
3094 strncpy(full_path, vol->UNC, unc_len);
3095 pos = full_path + unc_len;
3096
3097 if (pplen) {
3098 strncpy(pos, vol->prepath, pplen);
3099 pos += pplen;
3100 }
3101
3102 *pos = '\0'; /* add trailing null */
3103 convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
3104 cFYI(1, "%s: full_path=%s", __func__, full_path);
3105 return full_path;
3106 }
3107
3108 /*
3109 * Perform a dfs referral query for a share and (optionally) prefix
3110 *
3111 * If a referral is found, cifs_sb->mountdata will be (re-)allocated
3112 * to a string containing updated options for the submount. Otherwise it
3113 * will be left untouched.
3114 *
3115 * Returns the rc from get_dfs_path to the caller, which can be used to
3116 * determine whether there were referrals.
3117 */
3118 static int
3119 expand_dfs_referral(int xid, struct cifs_ses *pSesInfo,
3120 struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
3121 int check_prefix)
3122 {
3123 int rc;
3124 unsigned int num_referrals = 0;
3125 struct dfs_info3_param *referrals = NULL;
3126 char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
3127
3128 full_path = build_unc_path_to_root(volume_info, cifs_sb);
3129 if (IS_ERR(full_path))
3130 return PTR_ERR(full_path);
3131
3132 /* For DFS paths, skip the first '\' of the UNC */
3133 ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
3134
3135 rc = get_dfs_path(xid, pSesInfo , ref_path, cifs_sb->local_nls,
3136 &num_referrals, &referrals,
3137 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
3138
3139 if (!rc && num_referrals > 0) {
3140 char *fake_devname = NULL;
3141
3142 mdata = cifs_compose_mount_options(cifs_sb->mountdata,
3143 full_path + 1, referrals,
3144 &fake_devname);
3145
3146 free_dfs_info_array(referrals, num_referrals);
3147
3148 if (IS_ERR(mdata)) {
3149 rc = PTR_ERR(mdata);
3150 mdata = NULL;
3151 } else {
3152 cleanup_volume_info_contents(volume_info);
3153 memset(volume_info, '\0', sizeof(*volume_info));
3154 rc = cifs_setup_volume_info(volume_info, mdata,
3155 fake_devname);
3156 }
3157 kfree(fake_devname);
3158 kfree(cifs_sb->mountdata);
3159 cifs_sb->mountdata = mdata;
3160 }
3161 kfree(full_path);
3162 return rc;
3163 }
3164 #endif
3165
3166 static int
3167 cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
3168 const char *devname)
3169 {
3170 int rc = 0;
3171
3172 if (cifs_parse_mount_options(mount_data, devname, volume_info))
3173 return -EINVAL;
3174
3175 if (volume_info->nullauth) {
3176 cFYI(1, "Anonymous login");
3177 kfree(volume_info->username);
3178 volume_info->username = NULL;
3179 } else if (volume_info->username) {
3180 /* BB fixme parse for domain name here */
3181 cFYI(1, "Username: %s", volume_info->username);
3182 } else {
3183 cifserror("No username specified");
3184 /* In userspace mount helper we can get user name from alternate
3185 locations such as env variables and files on disk */
3186 return -EINVAL;
3187 }
3188
3189 /* this is needed for ASCII cp to Unicode converts */
3190 if (volume_info->iocharset == NULL) {
3191 /* load_nls_default cannot return null */
3192 volume_info->local_nls = load_nls_default();
3193 } else {
3194 volume_info->local_nls = load_nls(volume_info->iocharset);
3195 if (volume_info->local_nls == NULL) {
3196 cERROR(1, "CIFS mount error: iocharset %s not found",
3197 volume_info->iocharset);
3198 return -ELIBACC;
3199 }
3200 }
3201
3202 return rc;
3203 }
3204
3205 struct smb_vol *
3206 cifs_get_volume_info(char *mount_data, const char *devname)
3207 {
3208 int rc;
3209 struct smb_vol *volume_info;
3210
3211 volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
3212 if (!volume_info)
3213 return ERR_PTR(-ENOMEM);
3214
3215 rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3216 if (rc) {
3217 cifs_cleanup_volume_info(volume_info);
3218 volume_info = ERR_PTR(rc);
3219 }
3220
3221 return volume_info;
3222 }
3223
3224 /* make sure ra_pages is a multiple of rsize */
3225 static inline unsigned int
3226 cifs_ra_pages(struct cifs_sb_info *cifs_sb)
3227 {
3228 unsigned int reads;
3229 unsigned int rsize_pages = cifs_sb->rsize / PAGE_CACHE_SIZE;
3230
3231 if (rsize_pages >= default_backing_dev_info.ra_pages)
3232 return default_backing_dev_info.ra_pages;
3233 else if (rsize_pages == 0)
3234 return rsize_pages;
3235
3236 reads = default_backing_dev_info.ra_pages / rsize_pages;
3237 return reads * rsize_pages;
3238 }
3239
3240 int
3241 cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
3242 {
3243 int rc = 0;
3244 int xid;
3245 struct cifs_ses *pSesInfo;
3246 struct cifs_tcon *tcon;
3247 struct TCP_Server_Info *srvTcp;
3248 char *full_path;
3249 struct tcon_link *tlink;
3250 #ifdef CONFIG_CIFS_DFS_UPCALL
3251 int referral_walks_count = 0;
3252 #endif
3253
3254 rc = bdi_setup_and_register(&cifs_sb->bdi, "cifs", BDI_CAP_MAP_COPY);
3255 if (rc)
3256 return rc;
3257
3258 #ifdef CONFIG_CIFS_DFS_UPCALL
3259 try_mount_again:
3260 /* cleanup activities if we're chasing a referral */
3261 if (referral_walks_count) {
3262 if (tcon)
3263 cifs_put_tcon(tcon);
3264 else if (pSesInfo)
3265 cifs_put_smb_ses(pSesInfo);
3266
3267 FreeXid(xid);
3268 }
3269 #endif
3270 tcon = NULL;
3271 pSesInfo = NULL;
3272 srvTcp = NULL;
3273 full_path = NULL;
3274 tlink = NULL;
3275
3276 xid = GetXid();
3277
3278 /* get a reference to a tcp session */
3279 srvTcp = cifs_get_tcp_session(volume_info);
3280 if (IS_ERR(srvTcp)) {
3281 rc = PTR_ERR(srvTcp);
3282 bdi_destroy(&cifs_sb->bdi);
3283 goto out;
3284 }
3285
3286 /* get a reference to a SMB session */
3287 pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
3288 if (IS_ERR(pSesInfo)) {
3289 rc = PTR_ERR(pSesInfo);
3290 pSesInfo = NULL;
3291 goto mount_fail_check;
3292 }
3293
3294 /* search for existing tcon to this server share */
3295 tcon = cifs_get_tcon(pSesInfo, volume_info);
3296 if (IS_ERR(tcon)) {
3297 rc = PTR_ERR(tcon);
3298 tcon = NULL;
3299 goto remote_path_check;
3300 }
3301
3302 /* tell server which Unix caps we support */
3303 if (tcon->ses->capabilities & CAP_UNIX) {
3304 /* reset of caps checks mount to see if unix extensions
3305 disabled for just this mount */
3306 reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
3307 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3308 (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3309 CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3310 rc = -EACCES;
3311 goto mount_fail_check;
3312 }
3313 } else
3314 tcon->unix_ext = 0; /* server does not support them */
3315
3316 /* do not care if following two calls succeed - informational */
3317 if (!tcon->ipc) {
3318 CIFSSMBQFSDeviceInfo(xid, tcon);
3319 CIFSSMBQFSAttributeInfo(xid, tcon);
3320 }
3321
3322 cifs_sb->wsize = cifs_negotiate_wsize(tcon, volume_info);
3323 cifs_sb->rsize = cifs_negotiate_rsize(tcon, volume_info);
3324
3325 /* tune readahead according to rsize */
3326 cifs_sb->bdi.ra_pages = cifs_ra_pages(cifs_sb);
3327
3328 remote_path_check:
3329 #ifdef CONFIG_CIFS_DFS_UPCALL
3330 /*
3331 * Perform an unconditional check for whether there are DFS
3332 * referrals for this path without prefix, to provide support
3333 * for DFS referrals from w2k8 servers which don't seem to respond
3334 * with PATH_NOT_COVERED to requests that include the prefix.
3335 * Chase the referral if found, otherwise continue normally.
3336 */
3337 if (referral_walks_count == 0) {
3338 int refrc = expand_dfs_referral(xid, pSesInfo, volume_info,
3339 cifs_sb, false);
3340 if (!refrc) {
3341 referral_walks_count++;
3342 goto try_mount_again;
3343 }
3344 }
3345 #endif
3346
3347 /* check if a whole path is not remote */
3348 if (!rc && tcon) {
3349 /* build_path_to_root works only when we have a valid tcon */
3350 full_path = cifs_build_path_to_root(volume_info, cifs_sb, tcon);
3351 if (full_path == NULL) {
3352 rc = -ENOMEM;
3353 goto mount_fail_check;
3354 }
3355 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
3356 if (rc != 0 && rc != -EREMOTE) {
3357 kfree(full_path);
3358 goto mount_fail_check;
3359 }
3360 kfree(full_path);
3361 }
3362
3363 /* get referral if needed */
3364 if (rc == -EREMOTE) {
3365 #ifdef CONFIG_CIFS_DFS_UPCALL
3366 if (referral_walks_count > MAX_NESTED_LINKS) {
3367 /*
3368 * BB: when we implement proper loop detection,
3369 * we will remove this check. But now we need it
3370 * to prevent an indefinite loop if 'DFS tree' is
3371 * misconfigured (i.e. has loops).
3372 */
3373 rc = -ELOOP;
3374 goto mount_fail_check;
3375 }
3376
3377 rc = expand_dfs_referral(xid, pSesInfo, volume_info, cifs_sb,
3378 true);
3379
3380 if (!rc) {
3381 referral_walks_count++;
3382 goto try_mount_again;
3383 }
3384 goto mount_fail_check;
3385 #else /* No DFS support, return error on mount */
3386 rc = -EOPNOTSUPP;
3387 #endif
3388 }
3389
3390 if (rc)
3391 goto mount_fail_check;
3392
3393 /* now, hang the tcon off of the superblock */
3394 tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3395 if (tlink == NULL) {
3396 rc = -ENOMEM;
3397 goto mount_fail_check;
3398 }
3399
3400 tlink->tl_uid = pSesInfo->linux_uid;
3401 tlink->tl_tcon = tcon;
3402 tlink->tl_time = jiffies;
3403 set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
3404 set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3405
3406 cifs_sb->master_tlink = tlink;
3407 spin_lock(&cifs_sb->tlink_tree_lock);
3408 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
3409 spin_unlock(&cifs_sb->tlink_tree_lock);
3410
3411 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3412 TLINK_IDLE_EXPIRE);
3413
3414 mount_fail_check:
3415 /* on error free sesinfo and tcon struct if needed */
3416 if (rc) {
3417 /* If find_unc succeeded then rc == 0 so we can not end */
3418 /* up accidentally freeing someone elses tcon struct */
3419 if (tcon)
3420 cifs_put_tcon(tcon);
3421 else if (pSesInfo)
3422 cifs_put_smb_ses(pSesInfo);
3423 else
3424 cifs_put_tcp_session(srvTcp);
3425 bdi_destroy(&cifs_sb->bdi);
3426 }
3427
3428 out:
3429 FreeXid(xid);
3430 return rc;
3431 }
3432
3433 /*
3434 * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
3435 * pointer may be NULL.
3436 */
3437 int
3438 CIFSTCon(unsigned int xid, struct cifs_ses *ses,
3439 const char *tree, struct cifs_tcon *tcon,
3440 const struct nls_table *nls_codepage)
3441 {
3442 struct smb_hdr *smb_buffer;
3443 struct smb_hdr *smb_buffer_response;
3444 TCONX_REQ *pSMB;
3445 TCONX_RSP *pSMBr;
3446 unsigned char *bcc_ptr;
3447 int rc = 0;
3448 int length;
3449 __u16 bytes_left, count;
3450
3451 if (ses == NULL)
3452 return -EIO;
3453
3454 smb_buffer = cifs_buf_get();
3455 if (smb_buffer == NULL)
3456 return -ENOMEM;
3457
3458 smb_buffer_response = smb_buffer;
3459
3460 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3461 NULL /*no tid */ , 4 /*wct */ );
3462
3463 smb_buffer->Mid = GetNextMid(ses->server);
3464 smb_buffer->Uid = ses->Suid;
3465 pSMB = (TCONX_REQ *) smb_buffer;
3466 pSMBr = (TCONX_RSP *) smb_buffer_response;
3467
3468 pSMB->AndXCommand = 0xFF;
3469 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
3470 bcc_ptr = &pSMB->Password[0];
3471 if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
3472 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
3473 *bcc_ptr = 0; /* password is null byte */
3474 bcc_ptr++; /* skip password */
3475 /* already aligned so no need to do it below */
3476 } else {
3477 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
3478 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3479 specified as required (when that support is added to
3480 the vfs in the future) as only NTLM or the much
3481 weaker LANMAN (which we do not send by default) is accepted
3482 by Samba (not sure whether other servers allow
3483 NTLMv2 password here) */
3484 #ifdef CONFIG_CIFS_WEAK_PW_HASH
3485 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
3486 (ses->server->secType == LANMAN))
3487 calc_lanman_hash(tcon->password, ses->server->cryptkey,
3488 ses->server->sec_mode &
3489 SECMODE_PW_ENCRYPT ? true : false,
3490 bcc_ptr);
3491 else
3492 #endif /* CIFS_WEAK_PW_HASH */
3493 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
3494 bcc_ptr, nls_codepage);
3495
3496 bcc_ptr += CIFS_AUTH_RESP_SIZE;
3497 if (ses->capabilities & CAP_UNICODE) {
3498 /* must align unicode strings */
3499 *bcc_ptr = 0; /* null byte password */
3500 bcc_ptr++;
3501 }
3502 }
3503
3504 if (ses->server->sec_mode &
3505 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
3506 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3507
3508 if (ses->capabilities & CAP_STATUS32) {
3509 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3510 }
3511 if (ses->capabilities & CAP_DFS) {
3512 smb_buffer->Flags2 |= SMBFLG2_DFS;
3513 }
3514 if (ses->capabilities & CAP_UNICODE) {
3515 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3516 length =
3517 cifs_strtoUCS((__le16 *) bcc_ptr, tree,
3518 6 /* max utf8 char length in bytes */ *
3519 (/* server len*/ + 256 /* share len */), nls_codepage);
3520 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
3521 bcc_ptr += 2; /* skip trailing null */
3522 } else { /* ASCII */
3523 strcpy(bcc_ptr, tree);
3524 bcc_ptr += strlen(tree) + 1;
3525 }
3526 strcpy(bcc_ptr, "?????");
3527 bcc_ptr += strlen("?????");
3528 bcc_ptr += 1;
3529 count = bcc_ptr - &pSMB->Password[0];
3530 pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
3531 pSMB->hdr.smb_buf_length) + count);
3532 pSMB->ByteCount = cpu_to_le16(count);
3533
3534 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
3535 0);
3536
3537 /* above now done in SendReceive */
3538 if ((rc == 0) && (tcon != NULL)) {
3539 bool is_unicode;
3540
3541 tcon->tidStatus = CifsGood;
3542 tcon->need_reconnect = false;
3543 tcon->tid = smb_buffer_response->Tid;
3544 bcc_ptr = pByteArea(smb_buffer_response);
3545 bytes_left = get_bcc(smb_buffer_response);
3546 length = strnlen(bcc_ptr, bytes_left - 2);
3547 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3548 is_unicode = true;
3549 else
3550 is_unicode = false;
3551
3552
3553 /* skip service field (NB: this field is always ASCII) */
3554 if (length == 3) {
3555 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
3556 (bcc_ptr[2] == 'C')) {
3557 cFYI(1, "IPC connection");
3558 tcon->ipc = 1;
3559 }
3560 } else if (length == 2) {
3561 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
3562 /* the most common case */
3563 cFYI(1, "disk share connection");
3564 }
3565 }
3566 bcc_ptr += length + 1;
3567 bytes_left -= (length + 1);
3568 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
3569
3570 /* mostly informational -- no need to fail on error here */
3571 kfree(tcon->nativeFileSystem);
3572 tcon->nativeFileSystem = cifs_strndup_from_ucs(bcc_ptr,
3573 bytes_left, is_unicode,
3574 nls_codepage);
3575
3576 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
3577
3578 if ((smb_buffer_response->WordCount == 3) ||
3579 (smb_buffer_response->WordCount == 7))
3580 /* field is in same location */
3581 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3582 else
3583 tcon->Flags = 0;
3584 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
3585 } else if ((rc == 0) && tcon == NULL) {
3586 /* all we need to save for IPC$ connection */
3587 ses->ipc_tid = smb_buffer_response->Tid;
3588 }
3589
3590 cifs_buf_release(smb_buffer);
3591 return rc;
3592 }
3593
3594 void
3595 cifs_umount(struct cifs_sb_info *cifs_sb)
3596 {
3597 struct rb_root *root = &cifs_sb->tlink_tree;
3598 struct rb_node *node;
3599 struct tcon_link *tlink;
3600
3601 cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
3602
3603 spin_lock(&cifs_sb->tlink_tree_lock);
3604 while ((node = rb_first(root))) {
3605 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3606 cifs_get_tlink(tlink);
3607 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3608 rb_erase(node, root);
3609
3610 spin_unlock(&cifs_sb->tlink_tree_lock);
3611 cifs_put_tlink(tlink);
3612 spin_lock(&cifs_sb->tlink_tree_lock);
3613 }
3614 spin_unlock(&cifs_sb->tlink_tree_lock);
3615
3616 bdi_destroy(&cifs_sb->bdi);
3617 kfree(cifs_sb->mountdata);
3618 unload_nls(cifs_sb->local_nls);
3619 kfree(cifs_sb);
3620 }
3621
3622 int cifs_negotiate_protocol(unsigned int xid, struct cifs_ses *ses)
3623 {
3624 int rc = 0;
3625 struct TCP_Server_Info *server = ses->server;
3626
3627 /* only send once per connect */
3628 if (server->maxBuf != 0)
3629 return 0;
3630
3631 rc = CIFSSMBNegotiate(xid, ses);
3632 if (rc == -EAGAIN) {
3633 /* retry only once on 1st time connection */
3634 rc = CIFSSMBNegotiate(xid, ses);
3635 if (rc == -EAGAIN)
3636 rc = -EHOSTDOWN;
3637 }
3638 if (rc == 0) {
3639 spin_lock(&GlobalMid_Lock);
3640 if (server->tcpStatus == CifsNeedNegotiate)
3641 server->tcpStatus = CifsGood;
3642 else
3643 rc = -EHOSTDOWN;
3644 spin_unlock(&GlobalMid_Lock);
3645
3646 }
3647
3648 return rc;
3649 }
3650
3651
3652 int cifs_setup_session(unsigned int xid, struct cifs_ses *ses,
3653 struct nls_table *nls_info)
3654 {
3655 int rc = 0;
3656 struct TCP_Server_Info *server = ses->server;
3657
3658 ses->flags = 0;
3659 ses->capabilities = server->capabilities;
3660 if (linuxExtEnabled == 0)
3661 ses->capabilities &= (~CAP_UNIX);
3662
3663 cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
3664 server->sec_mode, server->capabilities, server->timeAdj);
3665
3666 rc = CIFS_SessSetup(xid, ses, nls_info);
3667 if (rc) {
3668 cERROR(1, "Send error in SessSetup = %d", rc);
3669 } else {
3670 mutex_lock(&ses->server->srv_mutex);
3671 if (!server->session_estab) {
3672 server->session_key.response = ses->auth_key.response;
3673 server->session_key.len = ses->auth_key.len;
3674 server->sequence_number = 0x2;
3675 server->session_estab = true;
3676 ses->auth_key.response = NULL;
3677 }
3678 mutex_unlock(&server->srv_mutex);
3679
3680 cFYI(1, "CIFS Session Established successfully");
3681 spin_lock(&GlobalMid_Lock);
3682 ses->status = CifsGood;
3683 ses->need_reconnect = false;
3684 spin_unlock(&GlobalMid_Lock);
3685 }
3686
3687 kfree(ses->auth_key.response);
3688 ses->auth_key.response = NULL;
3689 ses->auth_key.len = 0;
3690 kfree(ses->ntlmssp);
3691 ses->ntlmssp = NULL;
3692
3693 return rc;
3694 }
3695
3696 static struct cifs_tcon *
3697 cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
3698 {
3699 struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
3700 struct cifs_ses *ses;
3701 struct cifs_tcon *tcon = NULL;
3702 struct smb_vol *vol_info;
3703 char username[28]; /* big enough for "krb50x" + hex of ULONG_MAX 6+16 */
3704 /* We used to have this as MAX_USERNAME which is */
3705 /* way too big now (256 instead of 32) */
3706
3707 vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
3708 if (vol_info == NULL) {
3709 tcon = ERR_PTR(-ENOMEM);
3710 goto out;
3711 }
3712
3713 snprintf(username, sizeof(username), "krb50x%x", fsuid);
3714 vol_info->username = username;
3715 vol_info->local_nls = cifs_sb->local_nls;
3716 vol_info->linux_uid = fsuid;
3717 vol_info->cred_uid = fsuid;
3718 vol_info->UNC = master_tcon->treeName;
3719 vol_info->retry = master_tcon->retry;
3720 vol_info->nocase = master_tcon->nocase;
3721 vol_info->local_lease = master_tcon->local_lease;
3722 vol_info->no_linux_ext = !master_tcon->unix_ext;
3723
3724 /* FIXME: allow for other secFlg settings */
3725 vol_info->secFlg = CIFSSEC_MUST_KRB5;
3726
3727 /* get a reference for the same TCP session */
3728 spin_lock(&cifs_tcp_ses_lock);
3729 ++master_tcon->ses->server->srv_count;
3730 spin_unlock(&cifs_tcp_ses_lock);
3731
3732 ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
3733 if (IS_ERR(ses)) {
3734 tcon = (struct cifs_tcon *)ses;
3735 cifs_put_tcp_session(master_tcon->ses->server);
3736 goto out;
3737 }
3738
3739 tcon = cifs_get_tcon(ses, vol_info);
3740 if (IS_ERR(tcon)) {
3741 cifs_put_smb_ses(ses);
3742 goto out;
3743 }
3744
3745 if (ses->capabilities & CAP_UNIX)
3746 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
3747 out:
3748 kfree(vol_info);
3749
3750 return tcon;
3751 }
3752
3753 struct cifs_tcon *
3754 cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
3755 {
3756 return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
3757 }
3758
3759 static int
3760 cifs_sb_tcon_pending_wait(void *unused)
3761 {
3762 schedule();
3763 return signal_pending(current) ? -ERESTARTSYS : 0;
3764 }
3765
3766 /* find and return a tlink with given uid */
3767 static struct tcon_link *
3768 tlink_rb_search(struct rb_root *root, uid_t uid)
3769 {
3770 struct rb_node *node = root->rb_node;
3771 struct tcon_link *tlink;
3772
3773 while (node) {
3774 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3775
3776 if (tlink->tl_uid > uid)
3777 node = node->rb_left;
3778 else if (tlink->tl_uid < uid)
3779 node = node->rb_right;
3780 else
3781 return tlink;
3782 }
3783 return NULL;
3784 }
3785
3786 /* insert a tcon_link into the tree */
3787 static void
3788 tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
3789 {
3790 struct rb_node **new = &(root->rb_node), *parent = NULL;
3791 struct tcon_link *tlink;
3792
3793 while (*new) {
3794 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
3795 parent = *new;
3796
3797 if (tlink->tl_uid > new_tlink->tl_uid)
3798 new = &((*new)->rb_left);
3799 else
3800 new = &((*new)->rb_right);
3801 }
3802
3803 rb_link_node(&new_tlink->tl_rbnode, parent, new);
3804 rb_insert_color(&new_tlink->tl_rbnode, root);
3805 }
3806
3807 /*
3808 * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
3809 * current task.
3810 *
3811 * If the superblock doesn't refer to a multiuser mount, then just return
3812 * the master tcon for the mount.
3813 *
3814 * First, search the rbtree for an existing tcon for this fsuid. If one
3815 * exists, then check to see if it's pending construction. If it is then wait
3816 * for construction to complete. Once it's no longer pending, check to see if
3817 * it failed and either return an error or retry construction, depending on
3818 * the timeout.
3819 *
3820 * If one doesn't exist then insert a new tcon_link struct into the tree and
3821 * try to construct a new one.
3822 */
3823 struct tcon_link *
3824 cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
3825 {
3826 int ret;
3827 uid_t fsuid = current_fsuid();
3828 struct tcon_link *tlink, *newtlink;
3829
3830 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
3831 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
3832
3833 spin_lock(&cifs_sb->tlink_tree_lock);
3834 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
3835 if (tlink)
3836 cifs_get_tlink(tlink);
3837 spin_unlock(&cifs_sb->tlink_tree_lock);
3838
3839 if (tlink == NULL) {
3840 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
3841 if (newtlink == NULL)
3842 return ERR_PTR(-ENOMEM);
3843 newtlink->tl_uid = fsuid;
3844 newtlink->tl_tcon = ERR_PTR(-EACCES);
3845 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
3846 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
3847 cifs_get_tlink(newtlink);
3848
3849 spin_lock(&cifs_sb->tlink_tree_lock);
3850 /* was one inserted after previous search? */
3851 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
3852 if (tlink) {
3853 cifs_get_tlink(tlink);
3854 spin_unlock(&cifs_sb->tlink_tree_lock);
3855 kfree(newtlink);
3856 goto wait_for_construction;
3857 }
3858 tlink = newtlink;
3859 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
3860 spin_unlock(&cifs_sb->tlink_tree_lock);
3861 } else {
3862 wait_for_construction:
3863 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
3864 cifs_sb_tcon_pending_wait,
3865 TASK_INTERRUPTIBLE);
3866 if (ret) {
3867 cifs_put_tlink(tlink);
3868 return ERR_PTR(ret);
3869 }
3870
3871 /* if it's good, return it */
3872 if (!IS_ERR(tlink->tl_tcon))
3873 return tlink;
3874
3875 /* return error if we tried this already recently */
3876 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
3877 cifs_put_tlink(tlink);
3878 return ERR_PTR(-EACCES);
3879 }
3880
3881 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
3882 goto wait_for_construction;
3883 }
3884
3885 tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
3886 clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
3887 wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
3888
3889 if (IS_ERR(tlink->tl_tcon)) {
3890 cifs_put_tlink(tlink);
3891 return ERR_PTR(-EACCES);
3892 }
3893
3894 return tlink;
3895 }
3896
3897 /*
3898 * periodic workqueue job that scans tcon_tree for a superblock and closes
3899 * out tcons.
3900 */
3901 static void
3902 cifs_prune_tlinks(struct work_struct *work)
3903 {
3904 struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
3905 prune_tlinks.work);
3906 struct rb_root *root = &cifs_sb->tlink_tree;
3907 struct rb_node *node = rb_first(root);
3908 struct rb_node *tmp;
3909 struct tcon_link *tlink;
3910
3911 /*
3912 * Because we drop the spinlock in the loop in order to put the tlink
3913 * it's not guarded against removal of links from the tree. The only
3914 * places that remove entries from the tree are this function and
3915 * umounts. Because this function is non-reentrant and is canceled
3916 * before umount can proceed, this is safe.
3917 */
3918 spin_lock(&cifs_sb->tlink_tree_lock);
3919 node = rb_first(root);
3920 while (node != NULL) {
3921 tmp = node;
3922 node = rb_next(tmp);
3923 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
3924
3925 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
3926 atomic_read(&tlink->tl_count) != 0 ||
3927 time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
3928 continue;
3929
3930 cifs_get_tlink(tlink);
3931 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3932 rb_erase(tmp, root);
3933
3934 spin_unlock(&cifs_sb->tlink_tree_lock);
3935 cifs_put_tlink(tlink);
3936 spin_lock(&cifs_sb->tlink_tree_lock);
3937 }
3938 spin_unlock(&cifs_sb->tlink_tree_lock);
3939
3940 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3941 TLINK_IDLE_EXPIRE);
3942 }
(deprecated) Btrfs devel tree