search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
CIFS: Fix memory over bound bug in cifs_parse_mount_options
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / fs / cifs / connect.c
blobc156d7d72fbd836190c59cf791f844bec30c8bd1
1 /*
2 * fs/cifs/connect.c
3 *
4 * Copyright (C) International Business Machines Corp., 2002,2009
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/pagemap.h>
27 #include <linux/ctype.h>
28 #include <linux/utsname.h>
29 #include <linux/mempool.h>
30 #include <linux/delay.h>
31 #include <linux/completion.h>
32 #include <linux/kthread.h>
33 #include <linux/pagevec.h>
34 #include <linux/freezer.h>
35 #include <linux/namei.h>
36 #include <asm/uaccess.h>
37 #include <asm/processor.h>
38 #include <linux/inet.h>
39 #include <net/ipv6.h>
40 #include "cifspdu.h"
41 #include "cifsglob.h"
42 #include "cifsproto.h"
43 #include "cifs_unicode.h"
44 #include "cifs_debug.h"
45 #include "cifs_fs_sb.h"
46 #include "ntlmssp.h"
47 #include "nterr.h"
48 #include "rfc1002pdu.h"
49 #include "cn_cifs.h"
50
51 #define CIFS_PORT 445
52 #define RFC1001_PORT 139
53
54 extern void SMBNTencrypt(unsigned char *passwd, unsigned char *c8,
55 unsigned char *p24);
56
57 extern mempool_t *cifs_req_poolp;
58
59 struct smb_vol {
60 char *username;
61 char *password;
62 char *domainname;
63 char *UNC;
64 char *UNCip;
65 char *iocharset; /* local code page for mapping to and from Unicode */
66 char source_rfc1001_name[16]; /* netbios name of client */
67 char target_rfc1001_name[16]; /* netbios name of server for Win9x/ME */
68 uid_t linux_uid;
69 gid_t linux_gid;
70 mode_t file_mode;
71 mode_t dir_mode;
72 unsigned secFlg;
73 bool retry:1;
74 bool intr:1;
75 bool setuids:1;
76 bool override_uid:1;
77 bool override_gid:1;
78 bool dynperm:1;
79 bool noperm:1;
80 bool no_psx_acl:1; /* set if posix acl support should be disabled */
81 bool cifs_acl:1;
82 bool no_xattr:1; /* set if xattr (EA) support should be disabled*/
83 bool server_ino:1; /* use inode numbers from server ie UniqueId */
84 bool direct_io:1;
85 bool remap:1; /* set to remap seven reserved chars in filenames */
86 bool posix_paths:1; /* unset to not ask for posix pathnames. */
87 bool no_linux_ext:1;
88 bool sfu_emul:1;
89 bool nullauth:1; /* attempt to authenticate with null user */
90 bool nocase:1; /* request case insensitive filenames */
91 bool nobrl:1; /* disable sending byte range locks to srv */
92 bool mand_lock:1; /* send mandatory not posix byte range lock reqs */
93 bool seal:1; /* request transport encryption on share */
94 bool nodfs:1; /* Do not request DFS, even if available */
95 bool local_lease:1; /* check leases only on local system, not remote */
96 bool noblocksnd:1;
97 bool noautotune:1;
98 bool nostrictsync:1; /* do not force expensive SMBflush on every sync */
99 unsigned int rsize;
100 unsigned int wsize;
101 unsigned int sockopt;
102 unsigned short int port;
103 char *prepath;
104 };
105
106 static int ipv4_connect(struct TCP_Server_Info *server);
107 static int ipv6_connect(struct TCP_Server_Info *server);
108
109 /*
110 * cifs tcp session reconnection
111 *
112 * mark tcp session as reconnecting so temporarily locked
113 * mark all smb sessions as reconnecting for tcp session
114 * reconnect tcp session
115 * wake up waiters on reconnection? - (not needed currently)
116 */
117 static int
118 cifs_reconnect(struct TCP_Server_Info *server)
119 {
120 int rc = 0;
121 struct list_head *tmp, *tmp2;
122 struct cifsSesInfo *ses;
123 struct cifsTconInfo *tcon;
124 struct mid_q_entry *mid_entry;
125
126 spin_lock(&GlobalMid_Lock);
127 if (server->tcpStatus == CifsExiting) {
128 /* the demux thread will exit normally
129 next time through the loop */
130 spin_unlock(&GlobalMid_Lock);
131 return rc;
132 } else
133 server->tcpStatus = CifsNeedReconnect;
134 spin_unlock(&GlobalMid_Lock);
135 server->maxBuf = 0;
136
137 cFYI(1, ("Reconnecting tcp session"));
138
139 /* before reconnecting the tcp session, mark the smb session (uid)
140 and the tid bad so they are not used until reconnected */
141 read_lock(&cifs_tcp_ses_lock);
142 list_for_each(tmp, &server->smb_ses_list) {
143 ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list);
144 ses->need_reconnect = true;
145 ses->ipc_tid = 0;
146 list_for_each(tmp2, &ses->tcon_list) {
147 tcon = list_entry(tmp2, struct cifsTconInfo, tcon_list);
148 tcon->need_reconnect = true;
149 }
150 }
151 read_unlock(&cifs_tcp_ses_lock);
152 /* do not want to be sending data on a socket we are freeing */
153 mutex_lock(&server->srv_mutex);
154 if (server->ssocket) {
155 cFYI(1, ("State: 0x%x Flags: 0x%lx", server->ssocket->state,
156 server->ssocket->flags));
157 kernel_sock_shutdown(server->ssocket, SHUT_WR);
158 cFYI(1, ("Post shutdown state: 0x%x Flags: 0x%lx",
159 server->ssocket->state,
160 server->ssocket->flags));
161 sock_release(server->ssocket);
162 server->ssocket = NULL;
163 }
164
165 spin_lock(&GlobalMid_Lock);
166 list_for_each(tmp, &server->pending_mid_q) {
167 mid_entry = list_entry(tmp, struct
168 mid_q_entry,
169 qhead);
170 if (mid_entry->midState == MID_REQUEST_SUBMITTED) {
171 /* Mark other intransit requests as needing
172 retry so we do not immediately mark the
173 session bad again (ie after we reconnect
174 below) as they timeout too */
175 mid_entry->midState = MID_RETRY_NEEDED;
176 }
177 }
178 spin_unlock(&GlobalMid_Lock);
179 mutex_unlock(&server->srv_mutex);
180
181 while ((server->tcpStatus != CifsExiting) &&
182 (server->tcpStatus != CifsGood)) {
183 try_to_freeze();
184 if (server->addr.sockAddr6.sin6_family == AF_INET6)
185 rc = ipv6_connect(server);
186 else
187 rc = ipv4_connect(server);
188 if (rc) {
189 cFYI(1, ("reconnect error %d", rc));
190 msleep(3000);
191 } else {
192 atomic_inc(&tcpSesReconnectCount);
193 spin_lock(&GlobalMid_Lock);
194 if (server->tcpStatus != CifsExiting)
195 server->tcpStatus = CifsGood;
196 server->sequence_number = 0;
197 spin_unlock(&GlobalMid_Lock);
198 /* atomic_set(&server->inFlight,0);*/
199 wake_up(&server->response_q);
200 }
201 }
202 return rc;
203 }
204
205 /*
206 return codes:
207 0 not a transact2, or all data present
208 >0 transact2 with that much data missing
209 -EINVAL = invalid transact2
210
211 */
212 static int check2ndT2(struct smb_hdr *pSMB, unsigned int maxBufSize)
213 {
214 struct smb_t2_rsp *pSMBt;
215 int total_data_size;
216 int data_in_this_rsp;
217 int remaining;
218
219 if (pSMB->Command != SMB_COM_TRANSACTION2)
220 return 0;
221
222 /* check for plausible wct, bcc and t2 data and parm sizes */
223 /* check for parm and data offset going beyond end of smb */
224 if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
225 cFYI(1, ("invalid transact2 word count"));
226 return -EINVAL;
227 }
228
229 pSMBt = (struct smb_t2_rsp *)pSMB;
230
231 total_data_size = le16_to_cpu(pSMBt->t2_rsp.TotalDataCount);
232 data_in_this_rsp = le16_to_cpu(pSMBt->t2_rsp.DataCount);
233
234 remaining = total_data_size - data_in_this_rsp;
235
236 if (remaining == 0)
237 return 0;
238 else if (remaining < 0) {
239 cFYI(1, ("total data %d smaller than data in frame %d",
240 total_data_size, data_in_this_rsp));
241 return -EINVAL;
242 } else {
243 cFYI(1, ("missing %d bytes from transact2, check next response",
244 remaining));
245 if (total_data_size > maxBufSize) {
246 cERROR(1, ("TotalDataSize %d is over maximum buffer %d",
247 total_data_size, maxBufSize));
248 return -EINVAL;
249 }
250 return remaining;
251 }
252 }
253
254 static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
255 {
256 struct smb_t2_rsp *pSMB2 = (struct smb_t2_rsp *)psecond;
257 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
258 int total_data_size;
259 int total_in_buf;
260 int remaining;
261 int total_in_buf2;
262 char *data_area_of_target;
263 char *data_area_of_buf2;
264 __u16 byte_count;
265
266 total_data_size = le16_to_cpu(pSMBt->t2_rsp.TotalDataCount);
267
268 if (total_data_size != le16_to_cpu(pSMB2->t2_rsp.TotalDataCount)) {
269 cFYI(1, ("total data size of primary and secondary t2 differ"));
270 }
271
272 total_in_buf = le16_to_cpu(pSMBt->t2_rsp.DataCount);
273
274 remaining = total_data_size - total_in_buf;
275
276 if (remaining < 0)
277 return -EINVAL;
278
279 if (remaining == 0) /* nothing to do, ignore */
280 return 0;
281
282 total_in_buf2 = le16_to_cpu(pSMB2->t2_rsp.DataCount);
283 if (remaining < total_in_buf2) {
284 cFYI(1, ("transact2 2nd response contains too much data"));
285 }
286
287 /* find end of first SMB data area */
288 data_area_of_target = (char *)&pSMBt->hdr.Protocol +
289 le16_to_cpu(pSMBt->t2_rsp.DataOffset);
290 /* validate target area */
291
292 data_area_of_buf2 = (char *) &pSMB2->hdr.Protocol +
293 le16_to_cpu(pSMB2->t2_rsp.DataOffset);
294
295 data_area_of_target += total_in_buf;
296
297 /* copy second buffer into end of first buffer */
298 memcpy(data_area_of_target, data_area_of_buf2, total_in_buf2);
299 total_in_buf += total_in_buf2;
300 pSMBt->t2_rsp.DataCount = cpu_to_le16(total_in_buf);
301 byte_count = le16_to_cpu(BCC_LE(pTargetSMB));
302 byte_count += total_in_buf2;
303 BCC_LE(pTargetSMB) = cpu_to_le16(byte_count);
304
305 byte_count = pTargetSMB->smb_buf_length;
306 byte_count += total_in_buf2;
307
308 /* BB also add check that we are not beyond maximum buffer size */
309
310 pTargetSMB->smb_buf_length = byte_count;
311
312 if (remaining == total_in_buf2) {
313 cFYI(1, ("found the last secondary response"));
314 return 0; /* we are done */
315 } else /* more responses to go */
316 return 1;
317
318 }
319
320 static int
321 cifs_demultiplex_thread(struct TCP_Server_Info *server)
322 {
323 int length;
324 unsigned int pdu_length, total_read;
325 struct smb_hdr *smb_buffer = NULL;
326 struct smb_hdr *bigbuf = NULL;
327 struct smb_hdr *smallbuf = NULL;
328 struct msghdr smb_msg;
329 struct kvec iov;
330 struct socket *csocket = server->ssocket;
331 struct list_head *tmp;
332 struct cifsSesInfo *ses;
333 struct task_struct *task_to_wake = NULL;
334 struct mid_q_entry *mid_entry;
335 char temp;
336 bool isLargeBuf = false;
337 bool isMultiRsp;
338 int reconnect;
339
340 current->flags |= PF_MEMALLOC;
341 cFYI(1, ("Demultiplex PID: %d", task_pid_nr(current)));
342
343 length = atomic_inc_return(&tcpSesAllocCount);
344 if (length > 1)
345 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
346 GFP_KERNEL);
347
348 set_freezable();
349 while (server->tcpStatus != CifsExiting) {
350 if (try_to_freeze())
351 continue;
352 if (bigbuf == NULL) {
353 bigbuf = cifs_buf_get();
354 if (!bigbuf) {
355 cERROR(1, ("No memory for large SMB response"));
356 msleep(3000);
357 /* retry will check if exiting */
358 continue;
359 }
360 } else if (isLargeBuf) {
361 /* we are reusing a dirty large buf, clear its start */
362 memset(bigbuf, 0, sizeof(struct smb_hdr));
363 }
364
365 if (smallbuf == NULL) {
366 smallbuf = cifs_small_buf_get();
367 if (!smallbuf) {
368 cERROR(1, ("No memory for SMB response"));
369 msleep(1000);
370 /* retry will check if exiting */
371 continue;
372 }
373 /* beginning of smb buffer is cleared in our buf_get */
374 } else /* if existing small buf clear beginning */
375 memset(smallbuf, 0, sizeof(struct smb_hdr));
376
377 isLargeBuf = false;
378 isMultiRsp = false;
379 smb_buffer = smallbuf;
380 iov.iov_base = smb_buffer;
381 iov.iov_len = 4;
382 smb_msg.msg_control = NULL;
383 smb_msg.msg_controllen = 0;
384 pdu_length = 4; /* enough to get RFC1001 header */
385 incomplete_rcv:
386 length =
387 kernel_recvmsg(csocket, &smb_msg,
388 &iov, 1, pdu_length, 0 /* BB other flags? */);
389
390 if (server->tcpStatus == CifsExiting) {
391 break;
392 } else if (server->tcpStatus == CifsNeedReconnect) {
393 cFYI(1, ("Reconnect after server stopped responding"));
394 cifs_reconnect(server);
395 cFYI(1, ("call to reconnect done"));
396 csocket = server->ssocket;
397 continue;
398 } else if ((length == -ERESTARTSYS) || (length == -EAGAIN)) {
399 msleep(1); /* minimum sleep to prevent looping
400 allowing socket to clear and app threads to set
401 tcpStatus CifsNeedReconnect if server hung */
402 if (pdu_length < 4) {
403 iov.iov_base = (4 - pdu_length) +
404 (char *)smb_buffer;
405 iov.iov_len = pdu_length;
406 smb_msg.msg_control = NULL;
407 smb_msg.msg_controllen = 0;
408 goto incomplete_rcv;
409 } else
410 continue;
411 } else if (length <= 0) {
412 if (server->tcpStatus == CifsNew) {
413 cFYI(1, ("tcp session abend after SMBnegprot"));
414 /* some servers kill the TCP session rather than
415 returning an SMB negprot error, in which
416 case reconnecting here is not going to help,
417 and so simply return error to mount */
418 break;
419 }
420 if (!try_to_freeze() && (length == -EINTR)) {
421 cFYI(1, ("cifsd thread killed"));
422 break;
423 }
424 cFYI(1, ("Reconnect after unexpected peek error %d",
425 length));
426 cifs_reconnect(server);
427 csocket = server->ssocket;
428 wake_up(&server->response_q);
429 continue;
430 } else if (length < pdu_length) {
431 cFYI(1, ("requested %d bytes but only got %d bytes",
432 pdu_length, length));
433 pdu_length -= length;
434 msleep(1);
435 goto incomplete_rcv;
436 }
437
438 /* The right amount was read from socket - 4 bytes */
439 /* so we can now interpret the length field */
440
441 /* the first byte big endian of the length field,
442 is actually not part of the length but the type
443 with the most common, zero, as regular data */
444 temp = *((char *) smb_buffer);
445
446 /* Note that FC 1001 length is big endian on the wire,
447 but we convert it here so it is always manipulated
448 as host byte order */
449 pdu_length = be32_to_cpu((__force __be32)smb_buffer->smb_buf_length);
450 smb_buffer->smb_buf_length = pdu_length;
451
452 cFYI(1, ("rfc1002 length 0x%x", pdu_length+4));
453
454 if (temp == (char) RFC1002_SESSION_KEEP_ALIVE) {
455 continue;
456 } else if (temp == (char)RFC1002_POSITIVE_SESSION_RESPONSE) {
457 cFYI(1, ("Good RFC 1002 session rsp"));
458 continue;
459 } else if (temp == (char)RFC1002_NEGATIVE_SESSION_RESPONSE) {
460 /* we get this from Windows 98 instead of
461 an error on SMB negprot response */
462 cFYI(1, ("Negative RFC1002 Session Response Error 0x%x)",
463 pdu_length));
464 if (server->tcpStatus == CifsNew) {
465 /* if nack on negprot (rather than
466 ret of smb negprot error) reconnecting
467 not going to help, ret error to mount */
468 break;
469 } else {
470 /* give server a second to
471 clean up before reconnect attempt */
472 msleep(1000);
473 /* always try 445 first on reconnect
474 since we get NACK on some if we ever
475 connected to port 139 (the NACK is
476 since we do not begin with RFC1001
477 session initialize frame) */
478 server->addr.sockAddr.sin_port =
479 htons(CIFS_PORT);
480 cifs_reconnect(server);
481 csocket = server->ssocket;
482 wake_up(&server->response_q);
483 continue;
484 }
485 } else if (temp != (char) 0) {
486 cERROR(1, ("Unknown RFC 1002 frame"));
487 cifs_dump_mem(" Received Data: ", (char *)smb_buffer,
488 length);
489 cifs_reconnect(server);
490 csocket = server->ssocket;
491 continue;
492 }
493
494 /* else we have an SMB response */
495 if ((pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) ||
496 (pdu_length < sizeof(struct smb_hdr) - 1 - 4)) {
497 cERROR(1, ("Invalid size SMB length %d pdu_length %d",
498 length, pdu_length+4));
499 cifs_reconnect(server);
500 csocket = server->ssocket;
501 wake_up(&server->response_q);
502 continue;
503 }
504
505 /* else length ok */
506 reconnect = 0;
507
508 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
509 isLargeBuf = true;
510 memcpy(bigbuf, smallbuf, 4);
511 smb_buffer = bigbuf;
512 }
513 length = 0;
514 iov.iov_base = 4 + (char *)smb_buffer;
515 iov.iov_len = pdu_length;
516 for (total_read = 0; total_read < pdu_length;
517 total_read += length) {
518 length = kernel_recvmsg(csocket, &smb_msg, &iov, 1,
519 pdu_length - total_read, 0);
520 if ((server->tcpStatus == CifsExiting) ||
521 (length == -EINTR)) {
522 /* then will exit */
523 reconnect = 2;
524 break;
525 } else if (server->tcpStatus == CifsNeedReconnect) {
526 cifs_reconnect(server);
527 csocket = server->ssocket;
528 /* Reconnect wakes up rspns q */
529 /* Now we will reread sock */
530 reconnect = 1;
531 break;
532 } else if ((length == -ERESTARTSYS) ||
533 (length == -EAGAIN)) {
534 msleep(1); /* minimum sleep to prevent looping,
535 allowing socket to clear and app
536 threads to set tcpStatus
537 CifsNeedReconnect if server hung*/
538 length = 0;
539 continue;
540 } else if (length <= 0) {
541 cERROR(1, ("Received no data, expecting %d",
542 pdu_length - total_read));
543 cifs_reconnect(server);
544 csocket = server->ssocket;
545 reconnect = 1;
546 break;
547 }
548 }
549 if (reconnect == 2)
550 break;
551 else if (reconnect == 1)
552 continue;
553
554 length += 4; /* account for rfc1002 hdr */
555
556
557 dump_smb(smb_buffer, length);
558 if (checkSMB(smb_buffer, smb_buffer->Mid, total_read+4)) {
559 cifs_dump_mem("Bad SMB: ", smb_buffer, 48);
560 continue;
561 }
562
563
564 task_to_wake = NULL;
565 spin_lock(&GlobalMid_Lock);
566 list_for_each(tmp, &server->pending_mid_q) {
567 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
568
569 if ((mid_entry->mid == smb_buffer->Mid) &&
570 (mid_entry->midState == MID_REQUEST_SUBMITTED) &&
571 (mid_entry->command == smb_buffer->Command)) {
572 if (check2ndT2(smb_buffer,server->maxBuf) > 0) {
573 /* We have a multipart transact2 resp */
574 isMultiRsp = true;
575 if (mid_entry->resp_buf) {
576 /* merge response - fix up 1st*/
577 if (coalesce_t2(smb_buffer,
578 mid_entry->resp_buf)) {
579 mid_entry->multiRsp =
580 true;
581 break;
582 } else {
583 /* all parts received */
584 mid_entry->multiEnd =
585 true;
586 goto multi_t2_fnd;
587 }
588 } else {
589 if (!isLargeBuf) {
590 cERROR(1,("1st trans2 resp needs bigbuf"));
591 /* BB maybe we can fix this up, switch
592 to already allocated large buffer? */
593 } else {
594 /* Have first buffer */
595 mid_entry->resp_buf =
596 smb_buffer;
597 mid_entry->largeBuf =
598 true;
599 bigbuf = NULL;
600 }
601 }
602 break;
603 }
604 mid_entry->resp_buf = smb_buffer;
605 mid_entry->largeBuf = isLargeBuf;
606 multi_t2_fnd:
607 task_to_wake = mid_entry->tsk;
608 mid_entry->midState = MID_RESPONSE_RECEIVED;
609 #ifdef CONFIG_CIFS_STATS2
610 mid_entry->when_received = jiffies;
611 #endif
612 /* so we do not time out requests to server
613 which is still responding (since server could
614 be busy but not dead) */
615 server->lstrp = jiffies;
616 break;
617 }
618 }
619 spin_unlock(&GlobalMid_Lock);
620 if (task_to_wake) {
621 /* Was previous buf put in mpx struct for multi-rsp? */
622 if (!isMultiRsp) {
623 /* smb buffer will be freed by user thread */
624 if (isLargeBuf)
625 bigbuf = NULL;
626 else
627 smallbuf = NULL;
628 }
629 wake_up_process(task_to_wake);
630 } else if (!is_valid_oplock_break(smb_buffer, server) &&
631 !isMultiRsp) {
632 cERROR(1, ("No task to wake, unknown frame received! "
633 "NumMids %d", midCount.counter));
634 cifs_dump_mem("Received Data is: ", (char *)smb_buffer,
635 sizeof(struct smb_hdr));
636 #ifdef CONFIG_CIFS_DEBUG2
637 cifs_dump_detail(smb_buffer);
638 cifs_dump_mids(server);
639 #endif /* CIFS_DEBUG2 */
640
641 }
642 } /* end while !EXITING */
643
644 /* take it off the list, if it's not already */
645 write_lock(&cifs_tcp_ses_lock);
646 list_del_init(&server->tcp_ses_list);
647 write_unlock(&cifs_tcp_ses_lock);
648
649 spin_lock(&GlobalMid_Lock);
650 server->tcpStatus = CifsExiting;
651 spin_unlock(&GlobalMid_Lock);
652 wake_up_all(&server->response_q);
653
654 /* check if we have blocked requests that need to free */
655 /* Note that cifs_max_pending is normally 50, but
656 can be set at module install time to as little as two */
657 spin_lock(&GlobalMid_Lock);
658 if (atomic_read(&server->inFlight) >= cifs_max_pending)
659 atomic_set(&server->inFlight, cifs_max_pending - 1);
660 /* We do not want to set the max_pending too low or we
661 could end up with the counter going negative */
662 spin_unlock(&GlobalMid_Lock);
663 /* Although there should not be any requests blocked on
664 this queue it can not hurt to be paranoid and try to wake up requests
665 that may haven been blocked when more than 50 at time were on the wire
666 to the same server - they now will see the session is in exit state
667 and get out of SendReceive. */
668 wake_up_all(&server->request_q);
669 /* give those requests time to exit */
670 msleep(125);
671
672 if (server->ssocket) {
673 sock_release(csocket);
674 server->ssocket = NULL;
675 }
676 /* buffer usuallly freed in free_mid - need to free it here on exit */
677 cifs_buf_release(bigbuf);
678 if (smallbuf) /* no sense logging a debug message if NULL */
679 cifs_small_buf_release(smallbuf);
680
681 /*
682 * BB: we shouldn't have to do any of this. It shouldn't be
683 * possible to exit from the thread with active SMB sessions
684 */
685 read_lock(&cifs_tcp_ses_lock);
686 if (list_empty(&server->pending_mid_q)) {
687 /* loop through server session structures attached to this and
688 mark them dead */
689 list_for_each(tmp, &server->smb_ses_list) {
690 ses = list_entry(tmp, struct cifsSesInfo,
691 smb_ses_list);
692 ses->status = CifsExiting;
693 ses->server = NULL;
694 }
695 read_unlock(&cifs_tcp_ses_lock);
696 } else {
697 /* although we can not zero the server struct pointer yet,
698 since there are active requests which may depnd on them,
699 mark the corresponding SMB sessions as exiting too */
700 list_for_each(tmp, &server->smb_ses_list) {
701 ses = list_entry(tmp, struct cifsSesInfo,
702 smb_ses_list);
703 ses->status = CifsExiting;
704 }
705
706 spin_lock(&GlobalMid_Lock);
707 list_for_each(tmp, &server->pending_mid_q) {
708 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
709 if (mid_entry->midState == MID_REQUEST_SUBMITTED) {
710 cFYI(1, ("Clearing Mid 0x%x - waking up ",
711 mid_entry->mid));
712 task_to_wake = mid_entry->tsk;
713 if (task_to_wake)
714 wake_up_process(task_to_wake);
715 }
716 }
717 spin_unlock(&GlobalMid_Lock);
718 read_unlock(&cifs_tcp_ses_lock);
719 /* 1/8th of sec is more than enough time for them to exit */
720 msleep(125);
721 }
722
723 if (!list_empty(&server->pending_mid_q)) {
724 /* mpx threads have not exited yet give them
725 at least the smb send timeout time for long ops */
726 /* due to delays on oplock break requests, we need
727 to wait at least 45 seconds before giving up
728 on a request getting a response and going ahead
729 and killing cifsd */
730 cFYI(1, ("Wait for exit from demultiplex thread"));
731 msleep(46000);
732 /* if threads still have not exited they are probably never
733 coming home not much else we can do but free the memory */
734 }
735
736 /* last chance to mark ses pointers invalid
737 if there are any pointing to this (e.g
738 if a crazy root user tried to kill cifsd
739 kernel thread explicitly this might happen) */
740 /* BB: This shouldn't be necessary, see above */
741 read_lock(&cifs_tcp_ses_lock);
742 list_for_each(tmp, &server->smb_ses_list) {
743 ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list);
744 ses->server = NULL;
745 }
746 read_unlock(&cifs_tcp_ses_lock);
747
748 kfree(server->hostname);
749 task_to_wake = xchg(&server->tsk, NULL);
750 kfree(server);
751
752 length = atomic_dec_return(&tcpSesAllocCount);
753 if (length > 0)
754 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
755 GFP_KERNEL);
756
757 /* if server->tsk was NULL then wait for a signal before exiting */
758 if (!task_to_wake) {
759 set_current_state(TASK_INTERRUPTIBLE);
760 while (!signal_pending(current)) {
761 schedule();
762 set_current_state(TASK_INTERRUPTIBLE);
763 }
764 set_current_state(TASK_RUNNING);
765 }
766
767 module_put_and_exit(0);
768 }
769
770 /* extract the host portion of the UNC string */
771 static char *
772 extract_hostname(const char *unc)
773 {
774 const char *src;
775 char *dst, *delim;
776 unsigned int len;
777
778 /* skip double chars at beginning of string */
779 /* BB: check validity of these bytes? */
780 src = unc + 2;
781
782 /* delimiter between hostname and sharename is always '\\' now */
783 delim = strchr(src, '\\');
784 if (!delim)
785 return ERR_PTR(-EINVAL);
786
787 len = delim - src;
788 dst = kmalloc((len + 1), GFP_KERNEL);
789 if (dst == NULL)
790 return ERR_PTR(-ENOMEM);
791
792 memcpy(dst, src, len);
793 dst[len] = '\0';
794
795 return dst;
796 }
797
798 static int
799 cifs_parse_mount_options(char *options, const char *devname,
800 struct smb_vol *vol)
801 {
802 char *value, *data, *end;
803 unsigned int temp_len, i, j;
804 char separator[2];
805 short int override_uid = -1;
806 short int override_gid = -1;
807 bool uid_specified = false;
808 bool gid_specified = false;
809
810 separator[0] = ',';
811 separator[1] = 0;
812
813 if (Local_System_Name[0] != 0)
814 memcpy(vol->source_rfc1001_name, Local_System_Name, 15);
815 else {
816 char *nodename = utsname()->nodename;
817 int n = strnlen(nodename, 15);
818 memset(vol->source_rfc1001_name, 0x20, 15);
819 for (i = 0; i < n; i++) {
820 /* does not have to be perfect mapping since field is
821 informational, only used for servers that do not support
822 port 445 and it can be overridden at mount time */
823 vol->source_rfc1001_name[i] = toupper(nodename[i]);
824 }
825 }
826 vol->source_rfc1001_name[15] = 0;
827 /* null target name indicates to use *SMBSERVR default called name
828 if we end up sending RFC1001 session initialize */
829 vol->target_rfc1001_name[0] = 0;
830 vol->linux_uid = current_uid(); /* use current_euid() instead? */
831 vol->linux_gid = current_gid();
832
833 /* default to only allowing write access to owner of the mount */
834 vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
835
836 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
837 /* default is always to request posix paths. */
838 vol->posix_paths = 1;
839 /* default to using server inode numbers where available */
840 vol->server_ino = 1;
841
842 if (!options)
843 return 1;
844
845 end = options + strlen(options);
846 if (strncmp(options, "sep=", 4) == 0) {
847 if (options[4] != 0) {
848 separator[0] = options[4];
849 options += 5;
850 } else {
851 cFYI(1, ("Null separator not allowed"));
852 }
853 }
854
855 while ((data = strsep(&options, separator)) != NULL) {
856 if (!*data)
857 continue;
858 if ((value = strchr(data, '=')) != NULL)
859 *value++ = '\0';
860
861 /* Have to parse this before we parse for "user" */
862 if (strnicmp(data, "user_xattr", 10) == 0) {
863 vol->no_xattr = 0;
864 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
865 vol->no_xattr = 1;
866 } else if (strnicmp(data, "user", 4) == 0) {
867 if (!value) {
868 printk(KERN_WARNING
869 "CIFS: invalid or missing username\n");
870 return 1; /* needs_arg; */
871 } else if (!*value) {
872 /* null user, ie anonymous, authentication */
873 vol->nullauth = 1;
874 }
875 if (strnlen(value, 200) < 200) {
876 vol->username = value;
877 } else {
878 printk(KERN_WARNING "CIFS: username too long\n");
879 return 1;
880 }
881 } else if (strnicmp(data, "pass", 4) == 0) {
882 if (!value) {
883 vol->password = NULL;
884 continue;
885 } else if (value[0] == 0) {
886 /* check if string begins with double comma
887 since that would mean the password really
888 does start with a comma, and would not
889 indicate an empty string */
890 if (value[1] != separator[0]) {
891 vol->password = NULL;
892 continue;
893 }
894 }
895 temp_len = strlen(value);
896 /* removed password length check, NTLM passwords
897 can be arbitrarily long */
898
899 /* if comma in password, the string will be
900 prematurely null terminated. Commas in password are
901 specified across the cifs mount interface by a double
902 comma ie ,, and a comma used as in other cases ie ','
903 as a parameter delimiter/separator is single and due
904 to the strsep above is temporarily zeroed. */
905
906 /* NB: password legally can have multiple commas and
907 the only illegal character in a password is null */
908
909 if ((value[temp_len] == 0) &&
910 (value + temp_len < end) &&
911 (value[temp_len+1] == separator[0])) {
912 /* reinsert comma */
913 value[temp_len] = separator[0];
914 temp_len += 2; /* move after second comma */
915 while (value[temp_len] != 0) {
916 if (value[temp_len] == separator[0]) {
917 if (value[temp_len+1] ==
918 separator[0]) {
919 /* skip second comma */
920 temp_len++;
921 } else {
922 /* single comma indicating start
923 of next parm */
924 break;
925 }
926 }
927 temp_len++;
928 }
929 if (value[temp_len] == 0) {
930 options = NULL;
931 } else {
932 value[temp_len] = 0;
933 /* point option to start of next parm */
934 options = value + temp_len + 1;
935 }
936 /* go from value to value + temp_len condensing
937 double commas to singles. Note that this ends up
938 allocating a few bytes too many, which is ok */
939 vol->password = kzalloc(temp_len, GFP_KERNEL);
940 if (vol->password == NULL) {
941 printk(KERN_WARNING "CIFS: no memory "
942 "for password\n");
943 return 1;
944 }
945 for (i = 0, j = 0; i < temp_len; i++, j++) {
946 vol->password[j] = value[i];
947 if (value[i] == separator[0]
948 && value[i+1] == separator[0]) {
949 /* skip second comma */
950 i++;
951 }
952 }
953 vol->password[j] = 0;
954 } else {
955 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
956 if (vol->password == NULL) {
957 printk(KERN_WARNING "CIFS: no memory "
958 "for password\n");
959 return 1;
960 }
961 strcpy(vol->password, value);
962 }
963 } else if (!strnicmp(data, "ip", 2) ||
964 !strnicmp(data, "addr", 4)) {
965 if (!value || !*value) {
966 vol->UNCip = NULL;
967 } else if (strnlen(value, INET6_ADDRSTRLEN) <
968 INET6_ADDRSTRLEN) {
969 vol->UNCip = value;
970 } else {
971 printk(KERN_WARNING "CIFS: ip address "
972 "too long\n");
973 return 1;
974 }
975 } else if (strnicmp(data, "sec", 3) == 0) {
976 if (!value || !*value) {
977 cERROR(1, ("no security value specified"));
978 continue;
979 } else if (strnicmp(value, "krb5i", 5) == 0) {
980 vol->secFlg |= CIFSSEC_MAY_KRB5 |
981 CIFSSEC_MUST_SIGN;
982 } else if (strnicmp(value, "krb5p", 5) == 0) {
983 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
984 CIFSSEC_MAY_KRB5; */
985 cERROR(1, ("Krb5 cifs privacy not supported"));
986 return 1;
987 } else if (strnicmp(value, "krb5", 4) == 0) {
988 vol->secFlg |= CIFSSEC_MAY_KRB5;
989 #ifdef CONFIG_CIFS_EXPERIMENTAL
990 } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
991 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
992 CIFSSEC_MUST_SIGN;
993 } else if (strnicmp(value, "ntlmssp", 7) == 0) {
994 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
995 #endif
996 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
997 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
998 CIFSSEC_MUST_SIGN;
999 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
1000 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1001 } else if (strnicmp(value, "ntlmi", 5) == 0) {
1002 vol->secFlg |= CIFSSEC_MAY_NTLM |
1003 CIFSSEC_MUST_SIGN;
1004 } else if (strnicmp(value, "ntlm", 4) == 0) {
1005 /* ntlm is default so can be turned off too */
1006 vol->secFlg |= CIFSSEC_MAY_NTLM;
1007 } else if (strnicmp(value, "nontlm", 6) == 0) {
1008 /* BB is there a better way to do this? */
1009 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1010 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1011 } else if (strnicmp(value, "lanman", 6) == 0) {
1012 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1013 #endif
1014 } else if (strnicmp(value, "none", 4) == 0) {
1015 vol->nullauth = 1;
1016 } else {
1017 cERROR(1, ("bad security option: %s", value));
1018 return 1;
1019 }
1020 } else if ((strnicmp(data, "unc", 3) == 0)
1021 || (strnicmp(data, "target", 6) == 0)
1022 || (strnicmp(data, "path", 4) == 0)) {
1023 if (!value || !*value) {
1024 printk(KERN_WARNING "CIFS: invalid path to "
1025 "network resource\n");
1026 return 1; /* needs_arg; */
1027 }
1028 if ((temp_len = strnlen(value, 300)) < 300) {
1029 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1030 if (vol->UNC == NULL)
1031 return 1;
1032 strcpy(vol->UNC, value);
1033 if (strncmp(vol->UNC, "//", 2) == 0) {
1034 vol->UNC[0] = '\\';
1035 vol->UNC[1] = '\\';
1036 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1037 printk(KERN_WARNING
1038 "CIFS: UNC Path does not begin "
1039 "with // or \\\\ \n");
1040 return 1;
1041 }
1042 } else {
1043 printk(KERN_WARNING "CIFS: UNC name too long\n");
1044 return 1;
1045 }
1046 } else if ((strnicmp(data, "domain", 3) == 0)
1047 || (strnicmp(data, "workgroup", 5) == 0)) {
1048 if (!value || !*value) {
1049 printk(KERN_WARNING "CIFS: invalid domain name\n");
1050 return 1; /* needs_arg; */
1051 }
1052 /* BB are there cases in which a comma can be valid in
1053 a domain name and need special handling? */
1054 if (strnlen(value, 256) < 256) {
1055 vol->domainname = value;
1056 cFYI(1, ("Domain name set"));
1057 } else {
1058 printk(KERN_WARNING "CIFS: domain name too "
1059 "long\n");
1060 return 1;
1061 }
1062 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1063 if (!value || !*value) {
1064 printk(KERN_WARNING
1065 "CIFS: invalid path prefix\n");
1066 return 1; /* needs_argument */
1067 }
1068 if ((temp_len = strnlen(value, 1024)) < 1024) {
1069 if (value[0] != '/')
1070 temp_len++; /* missing leading slash */
1071 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1072 if (vol->prepath == NULL)
1073 return 1;
1074 if (value[0] != '/') {
1075 vol->prepath[0] = '/';
1076 strcpy(vol->prepath+1, value);
1077 } else
1078 strcpy(vol->prepath, value);
1079 cFYI(1, ("prefix path %s", vol->prepath));
1080 } else {
1081 printk(KERN_WARNING "CIFS: prefix too long\n");
1082 return 1;
1083 }
1084 } else if (strnicmp(data, "iocharset", 9) == 0) {
1085 if (!value || !*value) {
1086 printk(KERN_WARNING "CIFS: invalid iocharset "
1087 "specified\n");
1088 return 1; /* needs_arg; */
1089 }
1090 if (strnlen(value, 65) < 65) {
1091 if (strnicmp(value, "default", 7))
1092 vol->iocharset = value;
1093 /* if iocharset not set then load_nls_default
1094 is used by caller */
1095 cFYI(1, ("iocharset set to %s", value));
1096 } else {
1097 printk(KERN_WARNING "CIFS: iocharset name "
1098 "too long.\n");
1099 return 1;
1100 }
1101 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1102 vol->linux_uid = simple_strtoul(value, &value, 0);
1103 uid_specified = true;
1104 } else if (!strnicmp(data, "forceuid", 8)) {
1105 override_uid = 1;
1106 } else if (!strnicmp(data, "noforceuid", 10)) {
1107 override_uid = 0;
1108 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1109 vol->linux_gid = simple_strtoul(value, &value, 0);
1110 gid_specified = true;
1111 } else if (!strnicmp(data, "forcegid", 8)) {
1112 override_gid = 1;
1113 } else if (!strnicmp(data, "noforcegid", 10)) {
1114 override_gid = 0;
1115 } else if (strnicmp(data, "file_mode", 4) == 0) {
1116 if (value && *value) {
1117 vol->file_mode =
1118 simple_strtoul(value, &value, 0);
1119 }
1120 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1121 if (value && *value) {
1122 vol->dir_mode =
1123 simple_strtoul(value, &value, 0);
1124 }
1125 } else if (strnicmp(data, "dirmode", 4) == 0) {
1126 if (value && *value) {
1127 vol->dir_mode =
1128 simple_strtoul(value, &value, 0);
1129 }
1130 } else if (strnicmp(data, "port", 4) == 0) {
1131 if (value && *value) {
1132 vol->port =
1133 simple_strtoul(value, &value, 0);
1134 }
1135 } else if (strnicmp(data, "rsize", 5) == 0) {
1136 if (value && *value) {
1137 vol->rsize =
1138 simple_strtoul(value, &value, 0);
1139 }
1140 } else if (strnicmp(data, "wsize", 5) == 0) {
1141 if (value && *value) {
1142 vol->wsize =
1143 simple_strtoul(value, &value, 0);
1144 }
1145 } else if (strnicmp(data, "sockopt", 5) == 0) {
1146 if (value && *value) {
1147 vol->sockopt =
1148 simple_strtoul(value, &value, 0);
1149 }
1150 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1151 if (!value || !*value || (*value == ' ')) {
1152 cFYI(1, ("invalid (empty) netbiosname"));
1153 } else {
1154 memset(vol->source_rfc1001_name, 0x20, 15);
1155 for (i = 0; i < 15; i++) {
1156 /* BB are there cases in which a comma can be
1157 valid in this workstation netbios name (and need
1158 special handling)? */
1159
1160 /* We do not uppercase netbiosname for user */
1161 if (value[i] == 0)
1162 break;
1163 else
1164 vol->source_rfc1001_name[i] =
1165 value[i];
1166 }
1167 /* The string has 16th byte zero still from
1168 set at top of the function */
1169 if ((i == 15) && (value[i] != 0))
1170 printk(KERN_WARNING "CIFS: netbiosname"
1171 " longer than 15 truncated.\n");
1172 }
1173 } else if (strnicmp(data, "servern", 7) == 0) {
1174 /* servernetbiosname specified override *SMBSERVER */
1175 if (!value || !*value || (*value == ' ')) {
1176 cFYI(1, ("empty server netbiosname specified"));
1177 } else {
1178 /* last byte, type, is 0x20 for servr type */
1179 memset(vol->target_rfc1001_name, 0x20, 16);
1180
1181 for (i = 0; i < 15; i++) {
1182 /* BB are there cases in which a comma can be
1183 valid in this workstation netbios name
1184 (and need special handling)? */
1185
1186 /* user or mount helper must uppercase
1187 the netbiosname */
1188 if (value[i] == 0)
1189 break;
1190 else
1191 vol->target_rfc1001_name[i] =
1192 value[i];
1193 }
1194 /* The string has 16th byte zero still from
1195 set at top of the function */
1196 if ((i == 15) && (value[i] != 0))
1197 printk(KERN_WARNING "CIFS: server net"
1198 "biosname longer than 15 truncated.\n");
1199 }
1200 } else if (strnicmp(data, "credentials", 4) == 0) {
1201 /* ignore */
1202 } else if (strnicmp(data, "version", 3) == 0) {
1203 /* ignore */
1204 } else if (strnicmp(data, "guest", 5) == 0) {
1205 /* ignore */
1206 } else if (strnicmp(data, "rw", 2) == 0) {
1207 /* ignore */
1208 } else if (strnicmp(data, "ro", 2) == 0) {
1209 /* ignore */
1210 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1211 vol->noblocksnd = 1;
1212 } else if (strnicmp(data, "noautotune", 10) == 0) {
1213 vol->noautotune = 1;
1214 } else if ((strnicmp(data, "suid", 4) == 0) ||
1215 (strnicmp(data, "nosuid", 6) == 0) ||
1216 (strnicmp(data, "exec", 4) == 0) ||
1217 (strnicmp(data, "noexec", 6) == 0) ||
1218 (strnicmp(data, "nodev", 5) == 0) ||
1219 (strnicmp(data, "noauto", 6) == 0) ||
1220 (strnicmp(data, "dev", 3) == 0)) {
1221 /* The mount tool or mount.cifs helper (if present)
1222 uses these opts to set flags, and the flags are read
1223 by the kernel vfs layer before we get here (ie
1224 before read super) so there is no point trying to
1225 parse these options again and set anything and it
1226 is ok to just ignore them */
1227 continue;
1228 } else if (strnicmp(data, "hard", 4) == 0) {
1229 vol->retry = 1;
1230 } else if (strnicmp(data, "soft", 4) == 0) {
1231 vol->retry = 0;
1232 } else if (strnicmp(data, "perm", 4) == 0) {
1233 vol->noperm = 0;
1234 } else if (strnicmp(data, "noperm", 6) == 0) {
1235 vol->noperm = 1;
1236 } else if (strnicmp(data, "mapchars", 8) == 0) {
1237 vol->remap = 1;
1238 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1239 vol->remap = 0;
1240 } else if (strnicmp(data, "sfu", 3) == 0) {
1241 vol->sfu_emul = 1;
1242 } else if (strnicmp(data, "nosfu", 5) == 0) {
1243 vol->sfu_emul = 0;
1244 } else if (strnicmp(data, "nodfs", 5) == 0) {
1245 vol->nodfs = 1;
1246 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1247 vol->posix_paths = 1;
1248 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1249 vol->posix_paths = 0;
1250 } else if (strnicmp(data, "nounix", 6) == 0) {
1251 vol->no_linux_ext = 1;
1252 } else if (strnicmp(data, "nolinux", 7) == 0) {
1253 vol->no_linux_ext = 1;
1254 } else if ((strnicmp(data, "nocase", 6) == 0) ||
1255 (strnicmp(data, "ignorecase", 10) == 0)) {
1256 vol->nocase = 1;
1257 } else if (strnicmp(data, "brl", 3) == 0) {
1258 vol->nobrl = 0;
1259 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1260 (strnicmp(data, "nolock", 6) == 0)) {
1261 vol->nobrl = 1;
1262 /* turn off mandatory locking in mode
1263 if remote locking is turned off since the
1264 local vfs will do advisory */
1265 if (vol->file_mode ==
1266 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1267 vol->file_mode = S_IALLUGO;
1268 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1269 /* will take the shorter form "forcemand" as well */
1270 /* This mount option will force use of mandatory
1271 (DOS/Windows style) byte range locks, instead of
1272 using posix advisory byte range locks, even if the
1273 Unix extensions are available and posix locks would
1274 be supported otherwise. If Unix extensions are not
1275 negotiated this has no effect since mandatory locks
1276 would be used (mandatory locks is all that those
1277 those servers support) */
1278 vol->mand_lock = 1;
1279 } else if (strnicmp(data, "setuids", 7) == 0) {
1280 vol->setuids = 1;
1281 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1282 vol->setuids = 0;
1283 } else if (strnicmp(data, "dynperm", 7) == 0) {
1284 vol->dynperm = true;
1285 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1286 vol->dynperm = false;
1287 } else if (strnicmp(data, "nohard", 6) == 0) {
1288 vol->retry = 0;
1289 } else if (strnicmp(data, "nosoft", 6) == 0) {
1290 vol->retry = 1;
1291 } else if (strnicmp(data, "nointr", 6) == 0) {
1292 vol->intr = 0;
1293 } else if (strnicmp(data, "intr", 4) == 0) {
1294 vol->intr = 1;
1295 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1296 vol->nostrictsync = 1;
1297 } else if (strnicmp(data, "strictsync", 10) == 0) {
1298 vol->nostrictsync = 0;
1299 } else if (strnicmp(data, "serverino", 7) == 0) {
1300 vol->server_ino = 1;
1301 } else if (strnicmp(data, "noserverino", 9) == 0) {
1302 vol->server_ino = 0;
1303 } else if (strnicmp(data, "cifsacl", 7) == 0) {
1304 vol->cifs_acl = 1;
1305 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1306 vol->cifs_acl = 0;
1307 } else if (strnicmp(data, "acl", 3) == 0) {
1308 vol->no_psx_acl = 0;
1309 } else if (strnicmp(data, "noacl", 5) == 0) {
1310 vol->no_psx_acl = 1;
1311 #ifdef CONFIG_CIFS_EXPERIMENTAL
1312 } else if (strnicmp(data, "locallease", 6) == 0) {
1313 vol->local_lease = 1;
1314 #endif
1315 } else if (strnicmp(data, "sign", 4) == 0) {
1316 vol->secFlg |= CIFSSEC_MUST_SIGN;
1317 } else if (strnicmp(data, "seal", 4) == 0) {
1318 /* we do not do the following in secFlags because seal
1319 is a per tree connection (mount) not a per socket
1320 or per-smb connection option in the protocol */
1321 /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1322 vol->seal = 1;
1323 } else if (strnicmp(data, "direct", 6) == 0) {
1324 vol->direct_io = 1;
1325 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1326 vol->direct_io = 1;
1327 } else if (strnicmp(data, "noac", 4) == 0) {
1328 printk(KERN_WARNING "CIFS: Mount option noac not "
1329 "supported. Instead set "
1330 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1331 } else
1332 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1333 data);
1334 }
1335 if (vol->UNC == NULL) {
1336 if (devname == NULL) {
1337 printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1338 "target\n");
1339 return 1;
1340 }
1341 if ((temp_len = strnlen(devname, 300)) < 300) {
1342 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1343 if (vol->UNC == NULL)
1344 return 1;
1345 strcpy(vol->UNC, devname);
1346 if (strncmp(vol->UNC, "//", 2) == 0) {
1347 vol->UNC[0] = '\\';
1348 vol->UNC[1] = '\\';
1349 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1350 printk(KERN_WARNING "CIFS: UNC Path does not "
1351 "begin with // or \\\\ \n");
1352 return 1;
1353 }
1354 value = strpbrk(vol->UNC+2, "/\\");
1355 if (value)
1356 *value = '\\';
1357 } else {
1358 printk(KERN_WARNING "CIFS: UNC name too long\n");
1359 return 1;
1360 }
1361 }
1362 if (vol->UNCip == NULL)
1363 vol->UNCip = &vol->UNC[2];
1364
1365 if (uid_specified)
1366 vol->override_uid = override_uid;
1367 else if (override_uid == 1)
1368 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1369 "specified with no uid= option.\n");
1370
1371 if (gid_specified)
1372 vol->override_gid = override_gid;
1373 else if (override_gid == 1)
1374 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1375 "specified with no gid= option.\n");
1376
1377 return 0;
1378 }
1379
1380 static struct TCP_Server_Info *
1381 cifs_find_tcp_session(struct sockaddr_storage *addr, unsigned short int port)
1382 {
1383 struct list_head *tmp;
1384 struct TCP_Server_Info *server;
1385 struct sockaddr_in *addr4 = (struct sockaddr_in *) addr;
1386 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) addr;
1387
1388 write_lock(&cifs_tcp_ses_lock);
1389 list_for_each(tmp, &cifs_tcp_ses_list) {
1390 server = list_entry(tmp, struct TCP_Server_Info,
1391 tcp_ses_list);
1392 /*
1393 * the demux thread can exit on its own while still in CifsNew
1394 * so don't accept any sockets in that state. Since the
1395 * tcpStatus never changes back to CifsNew it's safe to check
1396 * for this without a lock.
1397 */
1398 if (server->tcpStatus == CifsNew)
1399 continue;
1400
1401 switch (addr->ss_family) {
1402 case AF_INET:
1403 if (addr4->sin_addr.s_addr ==
1404 server->addr.sockAddr.sin_addr.s_addr) {
1405 addr4->sin_port = htons(port);
1406 /* user overrode default port? */
1407 if (addr4->sin_port) {
1408 if (addr4->sin_port !=
1409 server->addr.sockAddr.sin_port)
1410 continue;
1411 }
1412 break;
1413 } else
1414 continue;
1415
1416 case AF_INET6:
1417 if (ipv6_addr_equal(&addr6->sin6_addr,
1418 &server->addr.sockAddr6.sin6_addr) &&
1419 (addr6->sin6_scope_id ==
1420 server->addr.sockAddr6.sin6_scope_id)) {
1421 addr6->sin6_port = htons(port);
1422 /* user overrode default port? */
1423 if (addr6->sin6_port) {
1424 if (addr6->sin6_port !=
1425 server->addr.sockAddr6.sin6_port)
1426 continue;
1427 }
1428 break;
1429 } else
1430 continue;
1431 }
1432
1433 ++server->srv_count;
1434 write_unlock(&cifs_tcp_ses_lock);
1435 cFYI(1, ("Existing tcp session with server found"));
1436 return server;
1437 }
1438 write_unlock(&cifs_tcp_ses_lock);
1439 return NULL;
1440 }
1441
1442 static void
1443 cifs_put_tcp_session(struct TCP_Server_Info *server)
1444 {
1445 struct task_struct *task;
1446
1447 write_lock(&cifs_tcp_ses_lock);
1448 if (--server->srv_count > 0) {
1449 write_unlock(&cifs_tcp_ses_lock);
1450 return;
1451 }
1452
1453 list_del_init(&server->tcp_ses_list);
1454 write_unlock(&cifs_tcp_ses_lock);
1455
1456 spin_lock(&GlobalMid_Lock);
1457 server->tcpStatus = CifsExiting;
1458 spin_unlock(&GlobalMid_Lock);
1459
1460 task = xchg(&server->tsk, NULL);
1461 if (task)
1462 force_sig(SIGKILL, task);
1463 }
1464
1465 static struct TCP_Server_Info *
1466 cifs_get_tcp_session(struct smb_vol *volume_info)
1467 {
1468 struct TCP_Server_Info *tcp_ses = NULL;
1469 struct sockaddr_storage addr;
1470 struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1471 struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1472 int rc;
1473
1474 memset(&addr, 0, sizeof(struct sockaddr_storage));
1475
1476 cFYI(1, ("UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip));
1477
1478 if (volume_info->UNCip && volume_info->UNC) {
1479 rc = cifs_convert_address(volume_info->UNCip, &addr);
1480 if (!rc) {
1481 /* we failed translating address */
1482 rc = -EINVAL;
1483 goto out_err;
1484 }
1485 } else if (volume_info->UNCip) {
1486 /* BB using ip addr as tcp_ses name to connect to the
1487 DFS root below */
1488 cERROR(1, ("Connecting to DFS root not implemented yet"));
1489 rc = -EINVAL;
1490 goto out_err;
1491 } else /* which tcp_sess DFS root would we conect to */ {
1492 cERROR(1,
1493 ("CIFS mount error: No UNC path (e.g. -o "
1494 "unc=//192.168.1.100/public) specified"));
1495 rc = -EINVAL;
1496 goto out_err;
1497 }
1498
1499 /* see if we already have a matching tcp_ses */
1500 tcp_ses = cifs_find_tcp_session(&addr, volume_info->port);
1501 if (tcp_ses)
1502 return tcp_ses;
1503
1504 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1505 if (!tcp_ses) {
1506 rc = -ENOMEM;
1507 goto out_err;
1508 }
1509
1510 tcp_ses->hostname = extract_hostname(volume_info->UNC);
1511 if (IS_ERR(tcp_ses->hostname)) {
1512 rc = PTR_ERR(tcp_ses->hostname);
1513 goto out_err;
1514 }
1515
1516 tcp_ses->noblocksnd = volume_info->noblocksnd;
1517 tcp_ses->noautotune = volume_info->noautotune;
1518 atomic_set(&tcp_ses->inFlight, 0);
1519 init_waitqueue_head(&tcp_ses->response_q);
1520 init_waitqueue_head(&tcp_ses->request_q);
1521 INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1522 mutex_init(&tcp_ses->srv_mutex);
1523 memcpy(tcp_ses->workstation_RFC1001_name,
1524 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1525 memcpy(tcp_ses->server_RFC1001_name,
1526 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1527 tcp_ses->sequence_number = 0;
1528 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1529 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
1530
1531 /*
1532 * at this point we are the only ones with the pointer
1533 * to the struct since the kernel thread not created yet
1534 * no need to spinlock this init of tcpStatus or srv_count
1535 */
1536 tcp_ses->tcpStatus = CifsNew;
1537 ++tcp_ses->srv_count;
1538
1539 if (addr.ss_family == AF_INET6) {
1540 cFYI(1, ("attempting ipv6 connect"));
1541 /* BB should we allow ipv6 on port 139? */
1542 /* other OS never observed in Wild doing 139 with v6 */
1543 sin_server6->sin6_port = htons(volume_info->port);
1544 memcpy(&tcp_ses->addr.sockAddr6, sin_server6,
1545 sizeof(struct sockaddr_in6));
1546 rc = ipv6_connect(tcp_ses);
1547 } else {
1548 sin_server->sin_port = htons(volume_info->port);
1549 memcpy(&tcp_ses->addr.sockAddr, sin_server,
1550 sizeof(struct sockaddr_in));
1551 rc = ipv4_connect(tcp_ses);
1552 }
1553 if (rc < 0) {
1554 cERROR(1, ("Error connecting to socket. Aborting operation"));
1555 goto out_err;
1556 }
1557
1558 /*
1559 * since we're in a cifs function already, we know that
1560 * this will succeed. No need for try_module_get().
1561 */
1562 __module_get(THIS_MODULE);
1563 tcp_ses->tsk = kthread_run((void *)(void *)cifs_demultiplex_thread,
1564 tcp_ses, "cifsd");
1565 if (IS_ERR(tcp_ses->tsk)) {
1566 rc = PTR_ERR(tcp_ses->tsk);
1567 cERROR(1, ("error %d create cifsd thread", rc));
1568 module_put(THIS_MODULE);
1569 goto out_err;
1570 }
1571
1572 /* thread spawned, put it on the list */
1573 write_lock(&cifs_tcp_ses_lock);
1574 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
1575 write_unlock(&cifs_tcp_ses_lock);
1576
1577 return tcp_ses;
1578
1579 out_err:
1580 if (tcp_ses) {
1581 if (!IS_ERR(tcp_ses->hostname))
1582 kfree(tcp_ses->hostname);
1583 if (tcp_ses->ssocket)
1584 sock_release(tcp_ses->ssocket);
1585 kfree(tcp_ses);
1586 }
1587 return ERR_PTR(rc);
1588 }
1589
1590 static struct cifsSesInfo *
1591 cifs_find_smb_ses(struct TCP_Server_Info *server, char *username)
1592 {
1593 struct list_head *tmp;
1594 struct cifsSesInfo *ses;
1595
1596 write_lock(&cifs_tcp_ses_lock);
1597 list_for_each(tmp, &server->smb_ses_list) {
1598 ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list);
1599 if (strncmp(ses->userName, username, MAX_USERNAME_SIZE))
1600 continue;
1601
1602 ++ses->ses_count;
1603 write_unlock(&cifs_tcp_ses_lock);
1604 return ses;
1605 }
1606 write_unlock(&cifs_tcp_ses_lock);
1607 return NULL;
1608 }
1609
1610 static void
1611 cifs_put_smb_ses(struct cifsSesInfo *ses)
1612 {
1613 int xid;
1614 struct TCP_Server_Info *server = ses->server;
1615
1616 write_lock(&cifs_tcp_ses_lock);
1617 if (--ses->ses_count > 0) {
1618 write_unlock(&cifs_tcp_ses_lock);
1619 return;
1620 }
1621
1622 list_del_init(&ses->smb_ses_list);
1623 write_unlock(&cifs_tcp_ses_lock);
1624
1625 if (ses->status == CifsGood) {
1626 xid = GetXid();
1627 CIFSSMBLogoff(xid, ses);
1628 _FreeXid(xid);
1629 }
1630 sesInfoFree(ses);
1631 cifs_put_tcp_session(server);
1632 }
1633
1634 static struct cifsTconInfo *
1635 cifs_find_tcon(struct cifsSesInfo *ses, const char *unc)
1636 {
1637 struct list_head *tmp;
1638 struct cifsTconInfo *tcon;
1639
1640 write_lock(&cifs_tcp_ses_lock);
1641 list_for_each(tmp, &ses->tcon_list) {
1642 tcon = list_entry(tmp, struct cifsTconInfo, tcon_list);
1643 if (tcon->tidStatus == CifsExiting)
1644 continue;
1645 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
1646 continue;
1647
1648 ++tcon->tc_count;
1649 write_unlock(&cifs_tcp_ses_lock);
1650 return tcon;
1651 }
1652 write_unlock(&cifs_tcp_ses_lock);
1653 return NULL;
1654 }
1655
1656 static void
1657 cifs_put_tcon(struct cifsTconInfo *tcon)
1658 {
1659 int xid;
1660 struct cifsSesInfo *ses = tcon->ses;
1661
1662 write_lock(&cifs_tcp_ses_lock);
1663 if (--tcon->tc_count > 0) {
1664 write_unlock(&cifs_tcp_ses_lock);
1665 return;
1666 }
1667
1668 list_del_init(&tcon->tcon_list);
1669 write_unlock(&cifs_tcp_ses_lock);
1670
1671 xid = GetXid();
1672 CIFSSMBTDis(xid, tcon);
1673 _FreeXid(xid);
1674
1675 tconInfoFree(tcon);
1676 cifs_put_smb_ses(ses);
1677 }
1678
1679 int
1680 get_dfs_path(int xid, struct cifsSesInfo *pSesInfo, const char *old_path,
1681 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
1682 struct dfs_info3_param **preferrals, int remap)
1683 {
1684 char *temp_unc;
1685 int rc = 0;
1686
1687 *pnum_referrals = 0;
1688 *preferrals = NULL;
1689
1690 if (pSesInfo->ipc_tid == 0) {
1691 temp_unc = kmalloc(2 /* for slashes */ +
1692 strnlen(pSesInfo->serverName,
1693 SERVER_NAME_LEN_WITH_NULL * 2)
1694 + 1 + 4 /* slash IPC$ */ + 2,
1695 GFP_KERNEL);
1696 if (temp_unc == NULL)
1697 return -ENOMEM;
1698 temp_unc[0] = '\\';
1699 temp_unc[1] = '\\';
1700 strcpy(temp_unc + 2, pSesInfo->serverName);
1701 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
1702 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
1703 cFYI(1,
1704 ("CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid));
1705 kfree(temp_unc);
1706 }
1707 if (rc == 0)
1708 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
1709 pnum_referrals, nls_codepage, remap);
1710 /* BB map targetUNCs to dfs_info3 structures, here or
1711 in CIFSGetDFSRefer BB */
1712
1713 return rc;
1714 }
1715
1716 #ifdef CONFIG_DEBUG_LOCK_ALLOC
1717 static struct lock_class_key cifs_key[2];
1718 static struct lock_class_key cifs_slock_key[2];
1719
1720 static inline void
1721 cifs_reclassify_socket4(struct socket *sock)
1722 {
1723 struct sock *sk = sock->sk;
1724 BUG_ON(sock_owned_by_user(sk));
1725 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
1726 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
1727 }
1728
1729 static inline void
1730 cifs_reclassify_socket6(struct socket *sock)
1731 {
1732 struct sock *sk = sock->sk;
1733 BUG_ON(sock_owned_by_user(sk));
1734 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
1735 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
1736 }
1737 #else
1738 static inline void
1739 cifs_reclassify_socket4(struct socket *sock)
1740 {
1741 }
1742
1743 static inline void
1744 cifs_reclassify_socket6(struct socket *sock)
1745 {
1746 }
1747 #endif
1748
1749 /* See RFC1001 section 14 on representation of Netbios names */
1750 static void rfc1002mangle(char *target, char *source, unsigned int length)
1751 {
1752 unsigned int i, j;
1753
1754 for (i = 0, j = 0; i < (length); i++) {
1755 /* mask a nibble at a time and encode */
1756 target[j] = 'A' + (0x0F & (source[i] >> 4));
1757 target[j+1] = 'A' + (0x0F & source[i]);
1758 j += 2;
1759 }
1760
1761 }
1762
1763
1764 static int
1765 ipv4_connect(struct TCP_Server_Info *server)
1766 {
1767 int rc = 0;
1768 bool connected = false;
1769 __be16 orig_port = 0;
1770 struct socket *socket = server->ssocket;
1771
1772 if (socket == NULL) {
1773 rc = sock_create_kern(PF_INET, SOCK_STREAM,
1774 IPPROTO_TCP, &socket);
1775 if (rc < 0) {
1776 cERROR(1, ("Error %d creating socket", rc));
1777 return rc;
1778 }
1779
1780 /* BB other socket options to set KEEPALIVE, NODELAY? */
1781 cFYI(1, ("Socket created"));
1782 server->ssocket = socket;
1783 socket->sk->sk_allocation = GFP_NOFS;
1784 cifs_reclassify_socket4(socket);
1785 }
1786
1787 /* user overrode default port */
1788 if (server->addr.sockAddr.sin_port) {
1789 rc = socket->ops->connect(socket, (struct sockaddr *)
1790 &server->addr.sockAddr,
1791 sizeof(struct sockaddr_in), 0);
1792 if (rc >= 0)
1793 connected = true;
1794 }
1795
1796 if (!connected) {
1797 /* save original port so we can retry user specified port
1798 later if fall back ports fail this time */
1799 orig_port = server->addr.sockAddr.sin_port;
1800
1801 /* do not retry on the same port we just failed on */
1802 if (server->addr.sockAddr.sin_port != htons(CIFS_PORT)) {
1803 server->addr.sockAddr.sin_port = htons(CIFS_PORT);
1804 rc = socket->ops->connect(socket,
1805 (struct sockaddr *)
1806 &server->addr.sockAddr,
1807 sizeof(struct sockaddr_in), 0);
1808 if (rc >= 0)
1809 connected = true;
1810 }
1811 }
1812 if (!connected) {
1813 server->addr.sockAddr.sin_port = htons(RFC1001_PORT);
1814 rc = socket->ops->connect(socket, (struct sockaddr *)
1815 &server->addr.sockAddr,
1816 sizeof(struct sockaddr_in), 0);
1817 if (rc >= 0)
1818 connected = true;
1819 }
1820
1821 /* give up here - unless we want to retry on different
1822 protocol families some day */
1823 if (!connected) {
1824 if (orig_port)
1825 server->addr.sockAddr.sin_port = orig_port;
1826 cFYI(1, ("Error %d connecting to server via ipv4", rc));
1827 sock_release(socket);
1828 server->ssocket = NULL;
1829 return rc;
1830 }
1831
1832
1833 /*
1834 * Eventually check for other socket options to change from
1835 * the default. sock_setsockopt not used because it expects
1836 * user space buffer
1837 */
1838 socket->sk->sk_rcvtimeo = 7 * HZ;
1839 socket->sk->sk_sndtimeo = 5 * HZ;
1840
1841 /* make the bufsizes depend on wsize/rsize and max requests */
1842 if (server->noautotune) {
1843 if (socket->sk->sk_sndbuf < (200 * 1024))
1844 socket->sk->sk_sndbuf = 200 * 1024;
1845 if (socket->sk->sk_rcvbuf < (140 * 1024))
1846 socket->sk->sk_rcvbuf = 140 * 1024;
1847 }
1848
1849 cFYI(1, ("sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
1850 socket->sk->sk_sndbuf,
1851 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo));
1852
1853 /* send RFC1001 sessinit */
1854 if (server->addr.sockAddr.sin_port == htons(RFC1001_PORT)) {
1855 /* some servers require RFC1001 sessinit before sending
1856 negprot - BB check reconnection in case where second
1857 sessinit is sent but no second negprot */
1858 struct rfc1002_session_packet *ses_init_buf;
1859 struct smb_hdr *smb_buf;
1860 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
1861 GFP_KERNEL);
1862 if (ses_init_buf) {
1863 ses_init_buf->trailer.session_req.called_len = 32;
1864 if (server->server_RFC1001_name &&
1865 server->server_RFC1001_name[0] != 0)
1866 rfc1002mangle(ses_init_buf->trailer.
1867 session_req.called_name,
1868 server->server_RFC1001_name,
1869 RFC1001_NAME_LEN_WITH_NULL);
1870 else
1871 rfc1002mangle(ses_init_buf->trailer.
1872 session_req.called_name,
1873 DEFAULT_CIFS_CALLED_NAME,
1874 RFC1001_NAME_LEN_WITH_NULL);
1875
1876 ses_init_buf->trailer.session_req.calling_len = 32;
1877
1878 /* calling name ends in null (byte 16) from old smb
1879 convention. */
1880 if (server->workstation_RFC1001_name &&
1881 server->workstation_RFC1001_name[0] != 0)
1882 rfc1002mangle(ses_init_buf->trailer.
1883 session_req.calling_name,
1884 server->workstation_RFC1001_name,
1885 RFC1001_NAME_LEN_WITH_NULL);
1886 else
1887 rfc1002mangle(ses_init_buf->trailer.
1888 session_req.calling_name,
1889 "LINUX_CIFS_CLNT",
1890 RFC1001_NAME_LEN_WITH_NULL);
1891
1892 ses_init_buf->trailer.session_req.scope1 = 0;
1893 ses_init_buf->trailer.session_req.scope2 = 0;
1894 smb_buf = (struct smb_hdr *)ses_init_buf;
1895 /* sizeof RFC1002_SESSION_REQUEST with no scope */
1896 smb_buf->smb_buf_length = 0x81000044;
1897 rc = smb_send(server, smb_buf, 0x44);
1898 kfree(ses_init_buf);
1899 msleep(1); /* RFC1001 layer in at least one server
1900 requires very short break before negprot
1901 presumably because not expecting negprot
1902 to follow so fast. This is a simple
1903 solution that works without
1904 complicating the code and causes no
1905 significant slowing down on mount
1906 for everyone else */
1907 }
1908 /* else the negprot may still work without this
1909 even though malloc failed */
1910
1911 }
1912
1913 return rc;
1914 }
1915
1916 static int
1917 ipv6_connect(struct TCP_Server_Info *server)
1918 {
1919 int rc = 0;
1920 bool connected = false;
1921 __be16 orig_port = 0;
1922 struct socket *socket = server->ssocket;
1923
1924 if (socket == NULL) {
1925 rc = sock_create_kern(PF_INET6, SOCK_STREAM,
1926 IPPROTO_TCP, &socket);
1927 if (rc < 0) {
1928 cERROR(1, ("Error %d creating ipv6 socket", rc));
1929 socket = NULL;
1930 return rc;
1931 }
1932
1933 /* BB other socket options to set KEEPALIVE, NODELAY? */
1934 cFYI(1, ("ipv6 Socket created"));
1935 server->ssocket = socket;
1936 socket->sk->sk_allocation = GFP_NOFS;
1937 cifs_reclassify_socket6(socket);
1938 }
1939
1940 /* user overrode default port */
1941 if (server->addr.sockAddr6.sin6_port) {
1942 rc = socket->ops->connect(socket,
1943 (struct sockaddr *) &server->addr.sockAddr6,
1944 sizeof(struct sockaddr_in6), 0);
1945 if (rc >= 0)
1946 connected = true;
1947 }
1948
1949 if (!connected) {
1950 /* save original port so we can retry user specified port
1951 later if fall back ports fail this time */
1952
1953 orig_port = server->addr.sockAddr6.sin6_port;
1954 /* do not retry on the same port we just failed on */
1955 if (server->addr.sockAddr6.sin6_port != htons(CIFS_PORT)) {
1956 server->addr.sockAddr6.sin6_port = htons(CIFS_PORT);
1957 rc = socket->ops->connect(socket, (struct sockaddr *)
1958 &server->addr.sockAddr6,
1959 sizeof(struct sockaddr_in6), 0);
1960 if (rc >= 0)
1961 connected = true;
1962 }
1963 }
1964 if (!connected) {
1965 server->addr.sockAddr6.sin6_port = htons(RFC1001_PORT);
1966 rc = socket->ops->connect(socket, (struct sockaddr *)
1967 &server->addr.sockAddr6,
1968 sizeof(struct sockaddr_in6), 0);
1969 if (rc >= 0)
1970 connected = true;
1971 }
1972
1973 /* give up here - unless we want to retry on different
1974 protocol families some day */
1975 if (!connected) {
1976 if (orig_port)
1977 server->addr.sockAddr6.sin6_port = orig_port;
1978 cFYI(1, ("Error %d connecting to server via ipv6", rc));
1979 sock_release(socket);
1980 server->ssocket = NULL;
1981 return rc;
1982 }
1983
1984 /*
1985 * Eventually check for other socket options to change from
1986 * the default. sock_setsockopt not used because it expects
1987 * user space buffer
1988 */
1989 socket->sk->sk_rcvtimeo = 7 * HZ;
1990 socket->sk->sk_sndtimeo = 5 * HZ;
1991 server->ssocket = socket;
1992
1993 return rc;
1994 }
1995
1996 void reset_cifs_unix_caps(int xid, struct cifsTconInfo *tcon,
1997 struct super_block *sb, struct smb_vol *vol_info)
1998 {
1999 /* if we are reconnecting then should we check to see if
2000 * any requested capabilities changed locally e.g. via
2001 * remount but we can not do much about it here
2002 * if they have (even if we could detect it by the following)
2003 * Perhaps we could add a backpointer to array of sb from tcon
2004 * or if we change to make all sb to same share the same
2005 * sb as NFS - then we only have one backpointer to sb.
2006 * What if we wanted to mount the server share twice once with
2007 * and once without posixacls or posix paths? */
2008 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2009
2010 if (vol_info && vol_info->no_linux_ext) {
2011 tcon->fsUnixInfo.Capability = 0;
2012 tcon->unix_ext = 0; /* Unix Extensions disabled */
2013 cFYI(1, ("Linux protocol extensions disabled"));
2014 return;
2015 } else if (vol_info)
2016 tcon->unix_ext = 1; /* Unix Extensions supported */
2017
2018 if (tcon->unix_ext == 0) {
2019 cFYI(1, ("Unix extensions disabled so not set on reconnect"));
2020 return;
2021 }
2022
2023 if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
2024 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2025
2026 /* check for reconnect case in which we do not
2027 want to change the mount behavior if we can avoid it */
2028 if (vol_info == NULL) {
2029 /* turn off POSIX ACL and PATHNAMES if not set
2030 originally at mount time */
2031 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2032 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2033 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2034 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2035 cERROR(1, ("POSIXPATH support change"));
2036 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2037 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2038 cERROR(1, ("possible reconnect error"));
2039 cERROR(1,
2040 ("server disabled POSIX path support"));
2041 }
2042 }
2043
2044 cap &= CIFS_UNIX_CAP_MASK;
2045 if (vol_info && vol_info->no_psx_acl)
2046 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2047 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
2048 cFYI(1, ("negotiated posix acl support"));
2049 if (sb)
2050 sb->s_flags |= MS_POSIXACL;
2051 }
2052
2053 if (vol_info && vol_info->posix_paths == 0)
2054 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2055 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
2056 cFYI(1, ("negotiate posix pathnames"));
2057 if (sb)
2058 CIFS_SB(sb)->mnt_cifs_flags |=
2059 CIFS_MOUNT_POSIX_PATHS;
2060 }
2061
2062 /* We might be setting the path sep back to a different
2063 form if we are reconnecting and the server switched its
2064 posix path capability for this share */
2065 if (sb && (CIFS_SB(sb)->prepathlen > 0))
2066 CIFS_SB(sb)->prepath[0] = CIFS_DIR_SEP(CIFS_SB(sb));
2067
2068 if (sb && (CIFS_SB(sb)->rsize > 127 * 1024)) {
2069 if ((cap & CIFS_UNIX_LARGE_READ_CAP) == 0) {
2070 CIFS_SB(sb)->rsize = 127 * 1024;
2071 cFYI(DBG2,
2072 ("larger reads not supported by srv"));
2073 }
2074 }
2075
2076
2077 cFYI(1, ("Negotiate caps 0x%x", (int)cap));
2078 #ifdef CONFIG_CIFS_DEBUG2
2079 if (cap & CIFS_UNIX_FCNTL_CAP)
2080 cFYI(1, ("FCNTL cap"));
2081 if (cap & CIFS_UNIX_EXTATTR_CAP)
2082 cFYI(1, ("EXTATTR cap"));
2083 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2084 cFYI(1, ("POSIX path cap"));
2085 if (cap & CIFS_UNIX_XATTR_CAP)
2086 cFYI(1, ("XATTR cap"));
2087 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
2088 cFYI(1, ("POSIX ACL cap"));
2089 if (cap & CIFS_UNIX_LARGE_READ_CAP)
2090 cFYI(1, ("very large read cap"));
2091 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
2092 cFYI(1, ("very large write cap"));
2093 #endif /* CIFS_DEBUG2 */
2094 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
2095 if (vol_info == NULL) {
2096 cFYI(1, ("resetting capabilities failed"));
2097 } else
2098 cERROR(1, ("Negotiating Unix capabilities "
2099 "with the server failed. Consider "
2100 "mounting with the Unix Extensions\n"
2101 "disabled, if problems are found, "
2102 "by specifying the nounix mount "
2103 "option."));
2104
2105 }
2106 }
2107 }
2108
2109 static void
2110 convert_delimiter(char *path, char delim)
2111 {
2112 int i;
2113 char old_delim;
2114
2115 if (path == NULL)
2116 return;
2117
2118 if (delim == '/')
2119 old_delim = '\\';
2120 else
2121 old_delim = '/';
2122
2123 for (i = 0; path[i] != '\0'; i++) {
2124 if (path[i] == old_delim)
2125 path[i] = delim;
2126 }
2127 }
2128
2129 static void setup_cifs_sb(struct smb_vol *pvolume_info,
2130 struct cifs_sb_info *cifs_sb)
2131 {
2132 if (pvolume_info->rsize > CIFSMaxBufSize) {
2133 cERROR(1, ("rsize %d too large, using MaxBufSize",
2134 pvolume_info->rsize));
2135 cifs_sb->rsize = CIFSMaxBufSize;
2136 } else if ((pvolume_info->rsize) &&
2137 (pvolume_info->rsize <= CIFSMaxBufSize))
2138 cifs_sb->rsize = pvolume_info->rsize;
2139 else /* default */
2140 cifs_sb->rsize = CIFSMaxBufSize;
2141
2142 if (pvolume_info->wsize > PAGEVEC_SIZE * PAGE_CACHE_SIZE) {
2143 cERROR(1, ("wsize %d too large, using 4096 instead",
2144 pvolume_info->wsize));
2145 cifs_sb->wsize = 4096;
2146 } else if (pvolume_info->wsize)
2147 cifs_sb->wsize = pvolume_info->wsize;
2148 else
2149 cifs_sb->wsize = min_t(const int,
2150 PAGEVEC_SIZE * PAGE_CACHE_SIZE,
2151 127*1024);
2152 /* old default of CIFSMaxBufSize was too small now
2153 that SMB Write2 can send multiple pages in kvec.
2154 RFC1001 does not describe what happens when frame
2155 bigger than 128K is sent so use that as max in
2156 conjunction with 52K kvec constraint on arch with 4K
2157 page size */
2158
2159 if (cifs_sb->rsize < 2048) {
2160 cifs_sb->rsize = 2048;
2161 /* Windows ME may prefer this */
2162 cFYI(1, ("readsize set to minimum: 2048"));
2163 }
2164 /* calculate prepath */
2165 cifs_sb->prepath = pvolume_info->prepath;
2166 if (cifs_sb->prepath) {
2167 cifs_sb->prepathlen = strlen(cifs_sb->prepath);
2168 /* we can not convert the / to \ in the path
2169 separators in the prefixpath yet because we do not
2170 know (until reset_cifs_unix_caps is called later)
2171 whether POSIX PATH CAP is available. We normalize
2172 the / to \ after reset_cifs_unix_caps is called */
2173 pvolume_info->prepath = NULL;
2174 } else
2175 cifs_sb->prepathlen = 0;
2176 cifs_sb->mnt_uid = pvolume_info->linux_uid;
2177 cifs_sb->mnt_gid = pvolume_info->linux_gid;
2178 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2179 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
2180 cFYI(1, ("file mode: 0x%x dir mode: 0x%x",
2181 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode));
2182
2183 if (pvolume_info->noperm)
2184 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2185 if (pvolume_info->setuids)
2186 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2187 if (pvolume_info->server_ino)
2188 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2189 if (pvolume_info->remap)
2190 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2191 if (pvolume_info->no_xattr)
2192 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2193 if (pvolume_info->sfu_emul)
2194 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2195 if (pvolume_info->nobrl)
2196 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
2197 if (pvolume_info->nostrictsync)
2198 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
2199 if (pvolume_info->mand_lock)
2200 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
2201 if (pvolume_info->cifs_acl)
2202 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
2203 if (pvolume_info->override_uid)
2204 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
2205 if (pvolume_info->override_gid)
2206 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
2207 if (pvolume_info->dynperm)
2208 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
2209 if (pvolume_info->direct_io) {
2210 cFYI(1, ("mounting share using direct i/o"));
2211 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
2212 }
2213
2214 if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
2215 cERROR(1, ("mount option dynperm ignored if cifsacl "
2216 "mount option supported"));
2217 }
2218
2219 static int
2220 is_path_accessible(int xid, struct cifsTconInfo *tcon,
2221 struct cifs_sb_info *cifs_sb, const char *full_path)
2222 {
2223 int rc;
2224 FILE_ALL_INFO *pfile_info;
2225
2226 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
2227 if (pfile_info == NULL)
2228 return -ENOMEM;
2229
2230 rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
2231 0 /* not legacy */, cifs_sb->local_nls,
2232 cifs_sb->mnt_cifs_flags &
2233 CIFS_MOUNT_MAP_SPECIAL_CHR);
2234 kfree(pfile_info);
2235 return rc;
2236 }
2237
2238 static void
2239 cleanup_volume_info(struct smb_vol **pvolume_info)
2240 {
2241 struct smb_vol *volume_info;
2242
2243 if (!pvolume_info && !*pvolume_info)
2244 return;
2245
2246 volume_info = *pvolume_info;
2247 kzfree(volume_info->password);
2248 kfree(volume_info->UNC);
2249 kfree(volume_info->prepath);
2250 kfree(volume_info);
2251 *pvolume_info = NULL;
2252 return;
2253 }
2254
2255 #ifdef CONFIG_CIFS_DFS_UPCALL
2256 /* build_path_to_root returns full path to root when
2257 * we do not have an exiting connection (tcon) */
2258 static char *
2259 build_unc_path_to_root(const struct smb_vol *volume_info,
2260 const struct cifs_sb_info *cifs_sb)
2261 {
2262 char *full_path;
2263
2264 int unc_len = strnlen(volume_info->UNC, MAX_TREE_SIZE + 1);
2265 full_path = kmalloc(unc_len + cifs_sb->prepathlen + 1, GFP_KERNEL);
2266 if (full_path == NULL)
2267 return ERR_PTR(-ENOMEM);
2268
2269 strncpy(full_path, volume_info->UNC, unc_len);
2270 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) {
2271 int i;
2272 for (i = 0; i < unc_len; i++) {
2273 if (full_path[i] == '\\')
2274 full_path[i] = '/';
2275 }
2276 }
2277
2278 if (cifs_sb->prepathlen)
2279 strncpy(full_path + unc_len, cifs_sb->prepath,
2280 cifs_sb->prepathlen);
2281
2282 full_path[unc_len + cifs_sb->prepathlen] = 0; /* add trailing null */
2283 return full_path;
2284 }
2285 #endif
2286
2287 int
2288 cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
2289 char *mount_data_global, const char *devname)
2290 {
2291 int rc;
2292 int xid;
2293 struct smb_vol *volume_info;
2294 struct cifsSesInfo *pSesInfo;
2295 struct cifsTconInfo *tcon;
2296 struct TCP_Server_Info *srvTcp;
2297 char *full_path;
2298 char *mount_data = mount_data_global;
2299 #ifdef CONFIG_CIFS_DFS_UPCALL
2300 struct dfs_info3_param *referrals = NULL;
2301 unsigned int num_referrals = 0;
2302 int referral_walks_count = 0;
2303 try_mount_again:
2304 #endif
2305 rc = 0;
2306 tcon = NULL;
2307 pSesInfo = NULL;
2308 srvTcp = NULL;
2309 full_path = NULL;
2310
2311 xid = GetXid();
2312
2313 volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
2314 if (!volume_info) {
2315 rc = -ENOMEM;
2316 goto out;
2317 }
2318
2319 if (cifs_parse_mount_options(mount_data, devname, volume_info)) {
2320 rc = -EINVAL;
2321 goto out;
2322 }
2323
2324 if (volume_info->nullauth) {
2325 cFYI(1, ("null user"));
2326 volume_info->username = "";
2327 } else if (volume_info->username) {
2328 /* BB fixme parse for domain name here */
2329 cFYI(1, ("Username: %s", volume_info->username));
2330 } else {
2331 cifserror("No username specified");
2332 /* In userspace mount helper we can get user name from alternate
2333 locations such as env variables and files on disk */
2334 rc = -EINVAL;
2335 goto out;
2336 }
2337
2338
2339 /* this is needed for ASCII cp to Unicode converts */
2340 if (volume_info->iocharset == NULL) {
2341 cifs_sb->local_nls = load_nls_default();
2342 /* load_nls_default can not return null */
2343 } else {
2344 cifs_sb->local_nls = load_nls(volume_info->iocharset);
2345 if (cifs_sb->local_nls == NULL) {
2346 cERROR(1, ("CIFS mount error: iocharset %s not found",
2347 volume_info->iocharset));
2348 rc = -ELIBACC;
2349 goto out;
2350 }
2351 }
2352
2353 /* get a reference to a tcp session */
2354 srvTcp = cifs_get_tcp_session(volume_info);
2355 if (IS_ERR(srvTcp)) {
2356 rc = PTR_ERR(srvTcp);
2357 goto out;
2358 }
2359
2360 pSesInfo = cifs_find_smb_ses(srvTcp, volume_info->username);
2361 if (pSesInfo) {
2362 cFYI(1, ("Existing smb sess found (status=%d)",
2363 pSesInfo->status));
2364 /*
2365 * The existing SMB session already has a reference to srvTcp,
2366 * so we can put back the extra one we got before
2367 */
2368 cifs_put_tcp_session(srvTcp);
2369
2370 down(&pSesInfo->sesSem);
2371 if (pSesInfo->need_reconnect) {
2372 cFYI(1, ("Session needs reconnect"));
2373 rc = cifs_setup_session(xid, pSesInfo,
2374 cifs_sb->local_nls);
2375 }
2376 up(&pSesInfo->sesSem);
2377 } else if (!rc) {
2378 cFYI(1, ("Existing smb sess not found"));
2379 pSesInfo = sesInfoAlloc();
2380 if (pSesInfo == NULL) {
2381 rc = -ENOMEM;
2382 goto mount_fail_check;
2383 }
2384
2385 /* new SMB session uses our srvTcp ref */
2386 pSesInfo->server = srvTcp;
2387 if (srvTcp->addr.sockAddr6.sin6_family == AF_INET6)
2388 sprintf(pSesInfo->serverName, "%pI6",
2389 &srvTcp->addr.sockAddr6.sin6_addr);
2390 else
2391 sprintf(pSesInfo->serverName, "%pI4",
2392 &srvTcp->addr.sockAddr.sin_addr.s_addr);
2393
2394 write_lock(&cifs_tcp_ses_lock);
2395 list_add(&pSesInfo->smb_ses_list, &srvTcp->smb_ses_list);
2396 write_unlock(&cifs_tcp_ses_lock);
2397
2398 /* volume_info->password freed at unmount */
2399 if (volume_info->password) {
2400 pSesInfo->password = kstrdup(volume_info->password,
2401 GFP_KERNEL);
2402 if (!pSesInfo->password) {
2403 rc = -ENOMEM;
2404 goto mount_fail_check;
2405 }
2406 }
2407 if (volume_info->username)
2408 strncpy(pSesInfo->userName, volume_info->username,
2409 MAX_USERNAME_SIZE);
2410 if (volume_info->domainname) {
2411 int len = strlen(volume_info->domainname);
2412 pSesInfo->domainName = kmalloc(len + 1, GFP_KERNEL);
2413 if (pSesInfo->domainName)
2414 strcpy(pSesInfo->domainName,
2415 volume_info->domainname);
2416 }
2417 pSesInfo->linux_uid = volume_info->linux_uid;
2418 pSesInfo->overrideSecFlg = volume_info->secFlg;
2419 down(&pSesInfo->sesSem);
2420
2421 /* BB FIXME need to pass vol->secFlgs BB */
2422 rc = cifs_setup_session(xid, pSesInfo,
2423 cifs_sb->local_nls);
2424 up(&pSesInfo->sesSem);
2425 }
2426
2427 /* search for existing tcon to this server share */
2428 if (!rc) {
2429 setup_cifs_sb(volume_info, cifs_sb);
2430
2431 tcon = cifs_find_tcon(pSesInfo, volume_info->UNC);
2432 if (tcon) {
2433 cFYI(1, ("Found match on UNC path"));
2434 /* existing tcon already has a reference */
2435 cifs_put_smb_ses(pSesInfo);
2436 if (tcon->seal != volume_info->seal)
2437 cERROR(1, ("transport encryption setting "
2438 "conflicts with existing tid"));
2439 } else {
2440 tcon = tconInfoAlloc();
2441 if (tcon == NULL) {
2442 rc = -ENOMEM;
2443 goto mount_fail_check;
2444 }
2445
2446 tcon->ses = pSesInfo;
2447 if (volume_info->password) {
2448 tcon->password = kstrdup(volume_info->password,
2449 GFP_KERNEL);
2450 if (!tcon->password) {
2451 rc = -ENOMEM;
2452 goto mount_fail_check;
2453 }
2454 }
2455
2456 if ((strchr(volume_info->UNC + 3, '\\') == NULL)
2457 && (strchr(volume_info->UNC + 3, '/') == NULL)) {
2458 cERROR(1, ("Missing share name"));
2459 rc = -ENODEV;
2460 goto mount_fail_check;
2461 } else {
2462 /* BB Do we need to wrap sesSem around
2463 * this TCon call and Unix SetFS as
2464 * we do on SessSetup and reconnect? */
2465 rc = CIFSTCon(xid, pSesInfo, volume_info->UNC,
2466 tcon, cifs_sb->local_nls);
2467 cFYI(1, ("CIFS Tcon rc = %d", rc));
2468 if (volume_info->nodfs) {
2469 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2470 cFYI(1, ("DFS disabled (%d)",
2471 tcon->Flags));
2472 }
2473 }
2474 if (rc)
2475 goto remote_path_check;
2476 tcon->seal = volume_info->seal;
2477 write_lock(&cifs_tcp_ses_lock);
2478 list_add(&tcon->tcon_list, &pSesInfo->tcon_list);
2479 write_unlock(&cifs_tcp_ses_lock);
2480 }
2481
2482 /* we can have only one retry value for a connection
2483 to a share so for resources mounted more than once
2484 to the same server share the last value passed in
2485 for the retry flag is used */
2486 tcon->retry = volume_info->retry;
2487 tcon->nocase = volume_info->nocase;
2488 tcon->local_lease = volume_info->local_lease;
2489 }
2490 if (pSesInfo) {
2491 if (pSesInfo->capabilities & CAP_LARGE_FILES)
2492 sb->s_maxbytes = MAX_LFS_FILESIZE;
2493 else
2494 sb->s_maxbytes = MAX_NON_LFS;
2495 }
2496
2497 /* BB FIXME fix time_gran to be larger for LANMAN sessions */
2498 sb->s_time_gran = 100;
2499
2500 if (rc)
2501 goto remote_path_check;
2502
2503 cifs_sb->tcon = tcon;
2504
2505 /* do not care if following two calls succeed - informational */
2506 if (!tcon->ipc) {
2507 CIFSSMBQFSDeviceInfo(xid, tcon);
2508 CIFSSMBQFSAttributeInfo(xid, tcon);
2509 }
2510
2511 /* tell server which Unix caps we support */
2512 if (tcon->ses->capabilities & CAP_UNIX)
2513 /* reset of caps checks mount to see if unix extensions
2514 disabled for just this mount */
2515 reset_cifs_unix_caps(xid, tcon, sb, volume_info);
2516 else
2517 tcon->unix_ext = 0; /* server does not support them */
2518
2519 /* convert forward to back slashes in prepath here if needed */
2520 if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) == 0)
2521 convert_delimiter(cifs_sb->prepath, CIFS_DIR_SEP(cifs_sb));
2522
2523 if ((tcon->unix_ext == 0) && (cifs_sb->rsize > (1024 * 127))) {
2524 cifs_sb->rsize = 1024 * 127;
2525 cFYI(DBG2, ("no very large read support, rsize now 127K"));
2526 }
2527 if (!(tcon->ses->capabilities & CAP_LARGE_WRITE_X))
2528 cifs_sb->wsize = min(cifs_sb->wsize,
2529 (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
2530 if (!(tcon->ses->capabilities & CAP_LARGE_READ_X))
2531 cifs_sb->rsize = min(cifs_sb->rsize,
2532 (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
2533
2534 remote_path_check:
2535 /* check if a whole path (including prepath) is not remote */
2536 if (!rc && tcon) {
2537 /* build_path_to_root works only when we have a valid tcon */
2538 full_path = cifs_build_path_to_root(cifs_sb);
2539 if (full_path == NULL) {
2540 rc = -ENOMEM;
2541 goto mount_fail_check;
2542 }
2543 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
2544 if (rc != -EREMOTE) {
2545 kfree(full_path);
2546 goto mount_fail_check;
2547 }
2548 kfree(full_path);
2549 }
2550
2551 /* get referral if needed */
2552 if (rc == -EREMOTE) {
2553 #ifdef CONFIG_CIFS_DFS_UPCALL
2554 if (referral_walks_count > MAX_NESTED_LINKS) {
2555 /*
2556 * BB: when we implement proper loop detection,
2557 * we will remove this check. But now we need it
2558 * to prevent an indefinite loop if 'DFS tree' is
2559 * misconfigured (i.e. has loops).
2560 */
2561 rc = -ELOOP;
2562 goto mount_fail_check;
2563 }
2564 /* convert forward to back slashes in prepath here if needed */
2565 if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) == 0)
2566 convert_delimiter(cifs_sb->prepath,
2567 CIFS_DIR_SEP(cifs_sb));
2568 full_path = build_unc_path_to_root(volume_info, cifs_sb);
2569 if (IS_ERR(full_path)) {
2570 rc = PTR_ERR(full_path);
2571 goto mount_fail_check;
2572 }
2573
2574 cFYI(1, ("Getting referral for: %s", full_path));
2575 rc = get_dfs_path(xid, pSesInfo , full_path + 1,
2576 cifs_sb->local_nls, &num_referrals, &referrals,
2577 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
2578 if (!rc && num_referrals > 0) {
2579 char *fake_devname = NULL;
2580
2581 if (mount_data != mount_data_global)
2582 kfree(mount_data);
2583
2584 mount_data = cifs_compose_mount_options(
2585 cifs_sb->mountdata, full_path + 1,
2586 referrals, &fake_devname);
2587
2588 free_dfs_info_array(referrals, num_referrals);
2589 kfree(fake_devname);
2590 kfree(full_path);
2591
2592 if (IS_ERR(mount_data)) {
2593 rc = PTR_ERR(mount_data);
2594 mount_data = NULL;
2595 goto mount_fail_check;
2596 }
2597
2598 if (tcon)
2599 cifs_put_tcon(tcon);
2600 else if (pSesInfo)
2601 cifs_put_smb_ses(pSesInfo);
2602
2603 cleanup_volume_info(&volume_info);
2604 referral_walks_count++;
2605 FreeXid(xid);
2606 goto try_mount_again;
2607 }
2608 #else /* No DFS support, return error on mount */
2609 rc = -EOPNOTSUPP;
2610 #endif
2611 }
2612
2613 mount_fail_check:
2614 /* on error free sesinfo and tcon struct if needed */
2615 if (rc) {
2616 if (mount_data != mount_data_global)
2617 kfree(mount_data);
2618 /* If find_unc succeeded then rc == 0 so we can not end */
2619 /* up accidently freeing someone elses tcon struct */
2620 if (tcon)
2621 cifs_put_tcon(tcon);
2622 else if (pSesInfo)
2623 cifs_put_smb_ses(pSesInfo);
2624 else
2625 cifs_put_tcp_session(srvTcp);
2626 goto out;
2627 }
2628
2629 /* volume_info->password is freed above when existing session found
2630 (in which case it is not needed anymore) but when new sesion is created
2631 the password ptr is put in the new session structure (in which case the
2632 password will be freed at unmount time) */
2633 out:
2634 /* zero out password before freeing */
2635 cleanup_volume_info(&volume_info);
2636 FreeXid(xid);
2637 return rc;
2638 }
2639
2640 int
2641 CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
2642 const char *tree, struct cifsTconInfo *tcon,
2643 const struct nls_table *nls_codepage)
2644 {
2645 struct smb_hdr *smb_buffer;
2646 struct smb_hdr *smb_buffer_response;
2647 TCONX_REQ *pSMB;
2648 TCONX_RSP *pSMBr;
2649 unsigned char *bcc_ptr;
2650 int rc = 0;
2651 int length, bytes_left;
2652 __u16 count;
2653
2654 if (ses == NULL)
2655 return -EIO;
2656
2657 smb_buffer = cifs_buf_get();
2658 if (smb_buffer == NULL)
2659 return -ENOMEM;
2660
2661 smb_buffer_response = smb_buffer;
2662
2663 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
2664 NULL /*no tid */ , 4 /*wct */ );
2665
2666 smb_buffer->Mid = GetNextMid(ses->server);
2667 smb_buffer->Uid = ses->Suid;
2668 pSMB = (TCONX_REQ *) smb_buffer;
2669 pSMBr = (TCONX_RSP *) smb_buffer_response;
2670
2671 pSMB->AndXCommand = 0xFF;
2672 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
2673 bcc_ptr = &pSMB->Password[0];
2674 if ((ses->server->secMode) & SECMODE_USER) {
2675 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
2676 *bcc_ptr = 0; /* password is null byte */
2677 bcc_ptr++; /* skip password */
2678 /* already aligned so no need to do it below */
2679 } else {
2680 pSMB->PasswordLength = cpu_to_le16(CIFS_SESS_KEY_SIZE);
2681 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
2682 specified as required (when that support is added to
2683 the vfs in the future) as only NTLM or the much
2684 weaker LANMAN (which we do not send by default) is accepted
2685 by Samba (not sure whether other servers allow
2686 NTLMv2 password here) */
2687 #ifdef CONFIG_CIFS_WEAK_PW_HASH
2688 if ((extended_security & CIFSSEC_MAY_LANMAN) &&
2689 (ses->server->secType == LANMAN))
2690 calc_lanman_hash(tcon->password, ses->server->cryptKey,
2691 ses->server->secMode &
2692 SECMODE_PW_ENCRYPT ? true : false,
2693 bcc_ptr);
2694 else
2695 #endif /* CIFS_WEAK_PW_HASH */
2696 SMBNTencrypt(tcon->password, ses->server->cryptKey,
2697 bcc_ptr);
2698
2699 bcc_ptr += CIFS_SESS_KEY_SIZE;
2700 if (ses->capabilities & CAP_UNICODE) {
2701 /* must align unicode strings */
2702 *bcc_ptr = 0; /* null byte password */
2703 bcc_ptr++;
2704 }
2705 }
2706
2707 if (ses->server->secMode &
2708 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
2709 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
2710
2711 if (ses->capabilities & CAP_STATUS32) {
2712 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
2713 }
2714 if (ses->capabilities & CAP_DFS) {
2715 smb_buffer->Flags2 |= SMBFLG2_DFS;
2716 }
2717 if (ses->capabilities & CAP_UNICODE) {
2718 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
2719 length =
2720 cifs_strtoUCS((__le16 *) bcc_ptr, tree,
2721 6 /* max utf8 char length in bytes */ *
2722 (/* server len*/ + 256 /* share len */), nls_codepage);
2723 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
2724 bcc_ptr += 2; /* skip trailing null */
2725 } else { /* ASCII */
2726 strcpy(bcc_ptr, tree);
2727 bcc_ptr += strlen(tree) + 1;
2728 }
2729 strcpy(bcc_ptr, "?????");
2730 bcc_ptr += strlen("?????");
2731 bcc_ptr += 1;
2732 count = bcc_ptr - &pSMB->Password[0];
2733 pSMB->hdr.smb_buf_length += count;
2734 pSMB->ByteCount = cpu_to_le16(count);
2735
2736 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
2737 CIFS_STD_OP);
2738
2739 /* above now done in SendReceive */
2740 if ((rc == 0) && (tcon != NULL)) {
2741 bool is_unicode;
2742
2743 tcon->tidStatus = CifsGood;
2744 tcon->need_reconnect = false;
2745 tcon->tid = smb_buffer_response->Tid;
2746 bcc_ptr = pByteArea(smb_buffer_response);
2747 bytes_left = BCC(smb_buffer_response);
2748 length = strnlen(bcc_ptr, bytes_left - 2);
2749 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
2750 is_unicode = true;
2751 else
2752 is_unicode = false;
2753
2754
2755 /* skip service field (NB: this field is always ASCII) */
2756 if (length == 3) {
2757 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
2758 (bcc_ptr[2] == 'C')) {
2759 cFYI(1, ("IPC connection"));
2760 tcon->ipc = 1;
2761 }
2762 } else if (length == 2) {
2763 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
2764 /* the most common case */
2765 cFYI(1, ("disk share connection"));
2766 }
2767 }
2768 bcc_ptr += length + 1;
2769 bytes_left -= (length + 1);
2770 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
2771
2772 /* mostly informational -- no need to fail on error here */
2773 kfree(tcon->nativeFileSystem);
2774 tcon->nativeFileSystem = cifs_strndup_from_ucs(bcc_ptr,
2775 bytes_left, is_unicode,
2776 nls_codepage);
2777
2778 cFYI(1, ("nativeFileSystem=%s", tcon->nativeFileSystem));
2779
2780 if ((smb_buffer_response->WordCount == 3) ||
2781 (smb_buffer_response->WordCount == 7))
2782 /* field is in same location */
2783 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
2784 else
2785 tcon->Flags = 0;
2786 cFYI(1, ("Tcon flags: 0x%x ", tcon->Flags));
2787 } else if ((rc == 0) && tcon == NULL) {
2788 /* all we need to save for IPC$ connection */
2789 ses->ipc_tid = smb_buffer_response->Tid;
2790 }
2791
2792 cifs_buf_release(smb_buffer);
2793 return rc;
2794 }
2795
2796 int
2797 cifs_umount(struct super_block *sb, struct cifs_sb_info *cifs_sb)
2798 {
2799 int rc = 0;
2800 char *tmp;
2801
2802 if (cifs_sb->tcon)
2803 cifs_put_tcon(cifs_sb->tcon);
2804
2805 cifs_sb->tcon = NULL;
2806 tmp = cifs_sb->prepath;
2807 cifs_sb->prepathlen = 0;
2808 cifs_sb->prepath = NULL;
2809 kfree(tmp);
2810
2811 return rc;
2812 }
2813
2814 int cifs_setup_session(unsigned int xid, struct cifsSesInfo *pSesInfo,
2815 struct nls_table *nls_info)
2816 {
2817 int rc = 0;
2818 int first_time = 0;
2819 struct TCP_Server_Info *server = pSesInfo->server;
2820
2821 /* what if server changes its buffer size after dropping the session? */
2822 if (server->maxBuf == 0) /* no need to send on reconnect */ {
2823 rc = CIFSSMBNegotiate(xid, pSesInfo);
2824 if (rc == -EAGAIN) {
2825 /* retry only once on 1st time connection */
2826 rc = CIFSSMBNegotiate(xid, pSesInfo);
2827 if (rc == -EAGAIN)
2828 rc = -EHOSTDOWN;
2829 }
2830 if (rc == 0) {
2831 spin_lock(&GlobalMid_Lock);
2832 if (server->tcpStatus != CifsExiting)
2833 server->tcpStatus = CifsGood;
2834 else
2835 rc = -EHOSTDOWN;
2836 spin_unlock(&GlobalMid_Lock);
2837
2838 }
2839 first_time = 1;
2840 }
2841
2842 if (rc)
2843 goto ss_err_exit;
2844
2845 pSesInfo->flags = 0;
2846 pSesInfo->capabilities = server->capabilities;
2847 if (linuxExtEnabled == 0)
2848 pSesInfo->capabilities &= (~CAP_UNIX);
2849
2850 cFYI(1, ("Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
2851 server->secMode, server->capabilities, server->timeAdj));
2852
2853 rc = CIFS_SessSetup(xid, pSesInfo, first_time, nls_info);
2854 if (rc) {
2855 cERROR(1, ("Send error in SessSetup = %d", rc));
2856 } else {
2857 cFYI(1, ("CIFS Session Established successfully"));
2858 spin_lock(&GlobalMid_Lock);
2859 pSesInfo->status = CifsGood;
2860 pSesInfo->need_reconnect = false;
2861 spin_unlock(&GlobalMid_Lock);
2862 }
2863
2864 ss_err_exit:
2865 return rc;
2866 }
2867
Linux 2.6 ibm-acpi/thinkpad-acpi driver git tree