search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
consistently use smb_buf_length as be32 for cifs (try 3)
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / fs / cifs / connect.c
blob5d331cdd0b27e1856ae8beee0543335b1ec90c47
1 /*
2 * fs/cifs/connect.c
3 *
4 * Copyright (C) International Business Machines Corp., 2002,2009
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/slab.h>
27 #include <linux/pagemap.h>
28 #include <linux/ctype.h>
29 #include <linux/utsname.h>
30 #include <linux/mempool.h>
31 #include <linux/delay.h>
32 #include <linux/completion.h>
33 #include <linux/kthread.h>
34 #include <linux/pagevec.h>
35 #include <linux/freezer.h>
36 #include <linux/namei.h>
37 #include <asm/uaccess.h>
38 #include <asm/processor.h>
39 #include <linux/inet.h>
40 #include <net/ipv6.h>
41 #include "cifspdu.h"
42 #include "cifsglob.h"
43 #include "cifsproto.h"
44 #include "cifs_unicode.h"
45 #include "cifs_debug.h"
46 #include "cifs_fs_sb.h"
47 #include "ntlmssp.h"
48 #include "nterr.h"
49 #include "rfc1002pdu.h"
50 #include "fscache.h"
51
52 #define CIFS_PORT 445
53 #define RFC1001_PORT 139
54
55 /* SMB echo "timeout" -- FIXME: tunable? */
56 #define SMB_ECHO_INTERVAL (60 * HZ)
57
58 extern mempool_t *cifs_req_poolp;
59
60 struct smb_vol {
61 char *username;
62 char *password;
63 char *domainname;
64 char *UNC;
65 char *UNCip;
66 char *iocharset; /* local code page for mapping to and from Unicode */
67 char source_rfc1001_name[RFC1001_NAME_LEN_WITH_NULL]; /* clnt nb name */
68 char target_rfc1001_name[RFC1001_NAME_LEN_WITH_NULL]; /* srvr nb name */
69 uid_t cred_uid;
70 uid_t linux_uid;
71 gid_t linux_gid;
72 mode_t file_mode;
73 mode_t dir_mode;
74 unsigned secFlg;
75 bool retry:1;
76 bool intr:1;
77 bool setuids:1;
78 bool override_uid:1;
79 bool override_gid:1;
80 bool dynperm:1;
81 bool noperm:1;
82 bool no_psx_acl:1; /* set if posix acl support should be disabled */
83 bool cifs_acl:1;
84 bool no_xattr:1; /* set if xattr (EA) support should be disabled*/
85 bool server_ino:1; /* use inode numbers from server ie UniqueId */
86 bool direct_io:1;
87 bool strict_io:1; /* strict cache behavior */
88 bool remap:1; /* set to remap seven reserved chars in filenames */
89 bool posix_paths:1; /* unset to not ask for posix pathnames. */
90 bool no_linux_ext:1;
91 bool sfu_emul:1;
92 bool nullauth:1; /* attempt to authenticate with null user */
93 bool nocase:1; /* request case insensitive filenames */
94 bool nobrl:1; /* disable sending byte range locks to srv */
95 bool mand_lock:1; /* send mandatory not posix byte range lock reqs */
96 bool seal:1; /* request transport encryption on share */
97 bool nodfs:1; /* Do not request DFS, even if available */
98 bool local_lease:1; /* check leases only on local system, not remote */
99 bool noblocksnd:1;
100 bool noautotune:1;
101 bool nostrictsync:1; /* do not force expensive SMBflush on every sync */
102 bool fsc:1; /* enable fscache */
103 bool mfsymlinks:1; /* use Minshall+French Symlinks */
104 bool multiuser:1;
105 bool use_smb2:1; /* force smb2 use on mount instead of cifs */
106 unsigned int rsize;
107 unsigned int wsize;
108 bool sockopt_tcp_nodelay:1;
109 unsigned short int port;
110 unsigned long actimeo; /* attribute cache timeout (jiffies) */
111 char *prepath;
112 struct sockaddr_storage srcaddr; /* allow binding to a local IP */
113 struct nls_table *local_nls;
114 };
115
116 /* FIXME: should these be tunable? */
117 #define TLINK_ERROR_EXPIRE (1 * HZ)
118 #define TLINK_IDLE_EXPIRE (600 * HZ)
119
120 static int ip_connect(struct TCP_Server_Info *server);
121 static int generic_ip_connect(struct TCP_Server_Info *server);
122 static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
123 static void cifs_prune_tlinks(struct work_struct *work);
124
125 /*
126 * cifs tcp session reconnection
127 *
128 * mark tcp session as reconnecting so temporarily locked
129 * mark all smb sessions as reconnecting for tcp session
130 * reconnect tcp session
131 * wake up waiters on reconnection? - (not needed currently)
132 */
133 static int
134 cifs_reconnect(struct TCP_Server_Info *server)
135 {
136 int rc = 0;
137 struct list_head *tmp, *tmp2;
138 struct cifsSesInfo *ses;
139 struct cifsTconInfo *tcon;
140 struct mid_q_entry *mid_entry;
141
142 spin_lock(&GlobalMid_Lock);
143 if (server->tcpStatus == CifsExiting) {
144 /* the demux thread will exit normally
145 next time through the loop */
146 spin_unlock(&GlobalMid_Lock);
147 return rc;
148 } else
149 server->tcpStatus = CifsNeedReconnect;
150 spin_unlock(&GlobalMid_Lock);
151 server->maxBuf = 0;
152
153 cFYI(1, "Reconnecting tcp session");
154
155 /* before reconnecting the tcp session, mark the smb session (uid)
156 and the tid bad so they are not used until reconnected */
157 cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
158 spin_lock(&cifs_tcp_ses_lock);
159 list_for_each(tmp, &server->smb_ses_list) {
160 ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list);
161 ses->need_reconnect = true;
162 ses->ipc_tid = 0;
163 list_for_each(tmp2, &ses->tcon_list) {
164 tcon = list_entry(tmp2, struct cifsTconInfo, tcon_list);
165 tcon->need_reconnect = true;
166 }
167 }
168 spin_unlock(&cifs_tcp_ses_lock);
169
170 /* do not want to be sending data on a socket we are freeing */
171 cFYI(1, "%s: tearing down socket", __func__);
172 mutex_lock(&server->srv_mutex);
173 if (server->ssocket) {
174 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
175 server->ssocket->flags);
176 kernel_sock_shutdown(server->ssocket, SHUT_WR);
177 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
178 server->ssocket->state,
179 server->ssocket->flags);
180 sock_release(server->ssocket);
181 server->ssocket = NULL;
182 }
183 server->sequence_number = 0;
184 server->session_estab = false;
185 kfree(server->session_key.response);
186 server->session_key.response = NULL;
187 server->session_key.len = 0;
188 server->lstrp = jiffies;
189 mutex_unlock(&server->srv_mutex);
190
191 /* mark submitted MIDs for retry and issue callback */
192 cFYI(1, "%s: issuing mid callbacks", __func__);
193 spin_lock(&GlobalMid_Lock);
194 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
195 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
196 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
197 mid_entry->midState = MID_RETRY_NEEDED;
198 list_del_init(&mid_entry->qhead);
199 mid_entry->callback(mid_entry);
200 }
201 spin_unlock(&GlobalMid_Lock);
202
203 while (server->tcpStatus == CifsNeedReconnect) {
204 try_to_freeze();
205
206 /* we should try only the port we connected to before */
207 rc = generic_ip_connect(server);
208 if (rc) {
209 cFYI(1, "reconnect error %d", rc);
210 msleep(3000);
211 } else {
212 atomic_inc(&tcpSesReconnectCount);
213 spin_lock(&GlobalMid_Lock);
214 if (server->tcpStatus != CifsExiting)
215 server->tcpStatus = CifsNeedNegotiate;
216 spin_unlock(&GlobalMid_Lock);
217 }
218 }
219
220 return rc;
221 }
222
223 /*
224 return codes:
225 0 not a transact2, or all data present
226 >0 transact2 with that much data missing
227 -EINVAL = invalid transact2
228
229 */
230 static int check2ndT2(struct smb_hdr *pSMB, unsigned int maxBufSize)
231 {
232 struct smb_t2_rsp *pSMBt;
233 int remaining;
234 __u16 total_data_size, data_in_this_rsp;
235
236 if (pSMB->Command != SMB_COM_TRANSACTION2)
237 return 0;
238
239 /* check for plausible wct, bcc and t2 data and parm sizes */
240 /* check for parm and data offset going beyond end of smb */
241 if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
242 cFYI(1, "invalid transact2 word count");
243 return -EINVAL;
244 }
245
246 pSMBt = (struct smb_t2_rsp *)pSMB;
247
248 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
249 data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
250
251 if (total_data_size == data_in_this_rsp)
252 return 0;
253 else if (total_data_size < data_in_this_rsp) {
254 cFYI(1, "total data %d smaller than data in frame %d",
255 total_data_size, data_in_this_rsp);
256 return -EINVAL;
257 }
258
259 remaining = total_data_size - data_in_this_rsp;
260
261 cFYI(1, "missing %d bytes from transact2, check next response",
262 remaining);
263 if (total_data_size > maxBufSize) {
264 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
265 total_data_size, maxBufSize);
266 return -EINVAL;
267 }
268 return remaining;
269 }
270
271 static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
272 {
273 struct smb_t2_rsp *pSMB2 = (struct smb_t2_rsp *)psecond;
274 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
275 char *data_area_of_target;
276 char *data_area_of_buf2;
277 int remaining;
278 unsigned int byte_count, total_in_buf;
279 __u16 total_data_size, total_in_buf2;
280
281 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
282
283 if (total_data_size !=
284 get_unaligned_le16(&pSMB2->t2_rsp.TotalDataCount))
285 cFYI(1, "total data size of primary and secondary t2 differ");
286
287 total_in_buf = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
288
289 remaining = total_data_size - total_in_buf;
290
291 if (remaining < 0)
292 return -EPROTO;
293
294 if (remaining == 0) /* nothing to do, ignore */
295 return 0;
296
297 total_in_buf2 = get_unaligned_le16(&pSMB2->t2_rsp.DataCount);
298 if (remaining < total_in_buf2) {
299 cFYI(1, "transact2 2nd response contains too much data");
300 }
301
302 /* find end of first SMB data area */
303 data_area_of_target = (char *)&pSMBt->hdr.Protocol +
304 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
305 /* validate target area */
306
307 data_area_of_buf2 = (char *)&pSMB2->hdr.Protocol +
308 get_unaligned_le16(&pSMB2->t2_rsp.DataOffset);
309
310 data_area_of_target += total_in_buf;
311
312 /* copy second buffer into end of first buffer */
313 total_in_buf += total_in_buf2;
314 /* is the result too big for the field? */
315 if (total_in_buf > USHRT_MAX)
316 return -EPROTO;
317 put_unaligned_le16(total_in_buf, &pSMBt->t2_rsp.DataCount);
318
319 /* fix up the BCC */
320 byte_count = get_bcc_le(pTargetSMB);
321 byte_count += total_in_buf2;
322 /* is the result too big for the field? */
323 if (byte_count > USHRT_MAX)
324 return -EPROTO;
325 put_bcc_le(byte_count, pTargetSMB);
326
327 byte_count = be32_to_cpu(pTargetSMB->smb_buf_length);
328 byte_count += total_in_buf2;
329 /* don't allow buffer to overflow */
330 if (byte_count > CIFSMaxBufSize)
331 return -ENOBUFS;
332 pTargetSMB->smb_buf_length = cpu_to_be32(byte_count);
333
334 memcpy(data_area_of_target, data_area_of_buf2, total_in_buf2);
335
336 if (remaining == total_in_buf2) {
337 cFYI(1, "found the last secondary response");
338 return 0; /* we are done */
339 } else /* more responses to go */
340 return 1;
341 }
342
343 static void
344 cifs_echo_request(struct work_struct *work)
345 {
346 int rc;
347 struct TCP_Server_Info *server = container_of(work,
348 struct TCP_Server_Info, echo.work);
349
350 /*
351 * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
352 * done, which is indicated by maxBuf != 0. Also, no need to ping if
353 * we got a response recently
354 */
355 if (server->maxBuf == 0 ||
356 time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
357 goto requeue_echo;
358
359 rc = CIFSSMBEcho(server);
360 if (rc)
361 cFYI(1, "Unable to send echo request to server: %s",
362 server->hostname);
363
364 requeue_echo:
365 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
366 }
367
368 static int
369 cifs_demultiplex_thread(struct TCP_Server_Info *server)
370 {
371 int length;
372 unsigned int pdu_length, total_read;
373 struct smb_hdr *smb_buffer = NULL;
374 struct smb_hdr *bigbuf = NULL;
375 struct smb_hdr *smallbuf = NULL;
376 struct msghdr smb_msg;
377 struct kvec iov;
378 struct socket *csocket = server->ssocket;
379 struct list_head *tmp, *tmp2;
380 struct task_struct *task_to_wake = NULL;
381 struct mid_q_entry *mid_entry;
382 char temp;
383 bool isLargeBuf = false;
384 bool isMultiRsp;
385 int reconnect;
386
387 current->flags |= PF_MEMALLOC;
388 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
389
390 length = atomic_inc_return(&tcpSesAllocCount);
391 if (length > 1)
392 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
393 GFP_KERNEL);
394
395 set_freezable();
396 while (server->tcpStatus != CifsExiting) {
397 if (try_to_freeze())
398 continue;
399 if (bigbuf == NULL) {
400 bigbuf = cifs_buf_get();
401 if (!bigbuf) {
402 cERROR(1, "No memory for large SMB response");
403 msleep(3000);
404 /* retry will check if exiting */
405 continue;
406 }
407 } else if (isLargeBuf) {
408 /* we are reusing a dirty large buf, clear its start */
409 memset(bigbuf, 0, sizeof(struct smb_hdr));
410 }
411
412 if (smallbuf == NULL) {
413 smallbuf = cifs_small_buf_get();
414 if (!smallbuf) {
415 cERROR(1, "No memory for SMB response");
416 msleep(1000);
417 /* retry will check if exiting */
418 continue;
419 }
420 /* beginning of smb buffer is cleared in our buf_get */
421 } else /* if existing small buf clear beginning */
422 memset(smallbuf, 0, sizeof(struct smb_hdr));
423
424 isLargeBuf = false;
425 isMultiRsp = false;
426 smb_buffer = smallbuf;
427 iov.iov_base = smb_buffer;
428 iov.iov_len = 4;
429 smb_msg.msg_control = NULL;
430 smb_msg.msg_controllen = 0;
431 pdu_length = 4; /* enough to get RFC1001 header */
432
433 incomplete_rcv:
434 if (echo_retries > 0 && server->tcpStatus == CifsGood &&
435 time_after(jiffies, server->lstrp +
436 (echo_retries * SMB_ECHO_INTERVAL))) {
437 cERROR(1, "Server %s has not responded in %d seconds. "
438 "Reconnecting...", server->hostname,
439 (echo_retries * SMB_ECHO_INTERVAL / HZ));
440 cifs_reconnect(server);
441 csocket = server->ssocket;
442 wake_up(&server->response_q);
443 continue;
444 }
445
446 length =
447 kernel_recvmsg(csocket, &smb_msg,
448 &iov, 1, pdu_length, 0 /* BB other flags? */);
449
450 if (server->tcpStatus == CifsExiting) {
451 break;
452 } else if (server->tcpStatus == CifsNeedReconnect) {
453 cFYI(1, "Reconnect after server stopped responding");
454 cifs_reconnect(server);
455 cFYI(1, "call to reconnect done");
456 csocket = server->ssocket;
457 continue;
458 } else if (length == -ERESTARTSYS ||
459 length == -EAGAIN ||
460 length == -EINTR) {
461 msleep(1); /* minimum sleep to prevent looping
462 allowing socket to clear and app threads to set
463 tcpStatus CifsNeedReconnect if server hung */
464 if (pdu_length < 4) {
465 iov.iov_base = (4 - pdu_length) +
466 (char *)smb_buffer;
467 iov.iov_len = pdu_length;
468 smb_msg.msg_control = NULL;
469 smb_msg.msg_controllen = 0;
470 goto incomplete_rcv;
471 } else
472 continue;
473 } else if (length <= 0) {
474 cFYI(1, "Reconnect after unexpected peek error %d",
475 length);
476 cifs_reconnect(server);
477 csocket = server->ssocket;
478 wake_up(&server->response_q);
479 continue;
480 } else if (length < pdu_length) {
481 cFYI(1, "requested %d bytes but only got %d bytes",
482 pdu_length, length);
483 pdu_length -= length;
484 msleep(1);
485 goto incomplete_rcv;
486 }
487
488 /* The right amount was read from socket - 4 bytes */
489 /* so we can now interpret the length field */
490
491 /* the first byte big endian of the length field,
492 is actually not part of the length but the type
493 with the most common, zero, as regular data */
494 temp = *((char *) smb_buffer);
495
496 /* Note that FC 1001 length is big endian on the wire,
497 but we convert it here so it is always manipulated
498 as host byte order */
499 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
500
501 cFYI(1, "rfc1002 length 0x%x", pdu_length+4);
502
503 if (temp == (char) RFC1002_SESSION_KEEP_ALIVE) {
504 continue;
505 } else if (temp == (char)RFC1002_POSITIVE_SESSION_RESPONSE) {
506 cFYI(1, "Good RFC 1002 session rsp");
507 continue;
508 } else if (temp == (char)RFC1002_NEGATIVE_SESSION_RESPONSE) {
509 /* we get this from Windows 98 instead of
510 an error on SMB negprot response */
511 cFYI(1, "Negative RFC1002 Session Response Error 0x%x)",
512 pdu_length);
513 /* give server a second to clean up */
514 msleep(1000);
515 /* always try 445 first on reconnect since we get NACK
516 * on some if we ever connected to port 139 (the NACK
517 * is since we do not begin with RFC1001 session
518 * initialize frame)
519 */
520 cifs_set_port((struct sockaddr *)
521 &server->dstaddr, CIFS_PORT);
522 cifs_reconnect(server);
523 csocket = server->ssocket;
524 wake_up(&server->response_q);
525 continue;
526 } else if (temp != (char) 0) {
527 cERROR(1, "Unknown RFC 1002 frame");
528 cifs_dump_mem(" Received Data: ", (char *)smb_buffer,
529 length);
530 cifs_reconnect(server);
531 csocket = server->ssocket;
532 continue;
533 }
534
535 /* else we have an SMB response */
536 if ((pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) ||
537 (pdu_length < sizeof(struct smb_hdr) - 1 - 4)) {
538 cERROR(1, "Invalid size SMB length %d pdu_length %d",
539 length, pdu_length+4);
540 cifs_reconnect(server);
541 csocket = server->ssocket;
542 wake_up(&server->response_q);
543 continue;
544 }
545
546 /* else length ok */
547 reconnect = 0;
548
549 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
550 isLargeBuf = true;
551 memcpy(bigbuf, smallbuf, 4);
552 smb_buffer = bigbuf;
553 }
554 length = 0;
555 iov.iov_base = 4 + (char *)smb_buffer;
556 iov.iov_len = pdu_length;
557 for (total_read = 0; total_read < pdu_length;
558 total_read += length) {
559 length = kernel_recvmsg(csocket, &smb_msg, &iov, 1,
560 pdu_length - total_read, 0);
561 if (server->tcpStatus == CifsExiting) {
562 /* then will exit */
563 reconnect = 2;
564 break;
565 } else if (server->tcpStatus == CifsNeedReconnect) {
566 cifs_reconnect(server);
567 csocket = server->ssocket;
568 /* Reconnect wakes up rspns q */
569 /* Now we will reread sock */
570 reconnect = 1;
571 break;
572 } else if (length == -ERESTARTSYS ||
573 length == -EAGAIN ||
574 length == -EINTR) {
575 msleep(1); /* minimum sleep to prevent looping,
576 allowing socket to clear and app
577 threads to set tcpStatus
578 CifsNeedReconnect if server hung*/
579 length = 0;
580 continue;
581 } else if (length <= 0) {
582 cERROR(1, "Received no data, expecting %d",
583 pdu_length - total_read);
584 cifs_reconnect(server);
585 csocket = server->ssocket;
586 reconnect = 1;
587 break;
588 }
589 }
590 if (reconnect == 2)
591 break;
592 else if (reconnect == 1)
593 continue;
594
595 total_read += 4; /* account for rfc1002 hdr */
596
597 dump_smb(smb_buffer, total_read);
598
599 /*
600 * We know that we received enough to get to the MID as we
601 * checked the pdu_length earlier. Now check to see
602 * if the rest of the header is OK. We borrow the length
603 * var for the rest of the loop to avoid a new stack var.
604 *
605 * 48 bytes is enough to display the header and a little bit
606 * into the payload for debugging purposes.
607 */
608 length = checkSMB(smb_buffer, smb_buffer->Mid, total_read);
609 if (length != 0)
610 cifs_dump_mem("Bad SMB: ", smb_buffer,
611 min_t(unsigned int, total_read, 48));
612
613 mid_entry = NULL;
614 server->lstrp = jiffies;
615
616 spin_lock(&GlobalMid_Lock);
617 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
618 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
619
620 if (mid_entry->mid != smb_buffer->Mid ||
621 mid_entry->midState != MID_REQUEST_SUBMITTED ||
622 mid_entry->command != smb_buffer->Command) {
623 mid_entry = NULL;
624 continue;
625 }
626
627 if (length == 0 &&
628 check2ndT2(smb_buffer, server->maxBuf) > 0) {
629 /* We have a multipart transact2 resp */
630 isMultiRsp = true;
631 if (mid_entry->resp_buf) {
632 /* merge response - fix up 1st*/
633 length = coalesce_t2(smb_buffer,
634 mid_entry->resp_buf);
635 if (length > 0) {
636 length = 0;
637 mid_entry->multiRsp = true;
638 break;
639 } else {
640 /* all parts received or
641 * packet is malformed
642 */
643 mid_entry->multiEnd = true;
644 goto multi_t2_fnd;
645 }
646 } else {
647 if (!isLargeBuf) {
648 /*
649 * FIXME: switch to already
650 * allocated largebuf?
651 */
652 cERROR(1, "1st trans2 resp "
653 "needs bigbuf");
654 } else {
655 /* Have first buffer */
656 mid_entry->resp_buf =
657 smb_buffer;
658 mid_entry->largeBuf = true;
659 bigbuf = NULL;
660 }
661 }
662 break;
663 }
664 mid_entry->resp_buf = smb_buffer;
665 mid_entry->largeBuf = isLargeBuf;
666 multi_t2_fnd:
667 if (length == 0)
668 mid_entry->midState = MID_RESPONSE_RECEIVED;
669 else
670 mid_entry->midState = MID_RESPONSE_MALFORMED;
671 #ifdef CONFIG_CIFS_STATS2
672 mid_entry->when_received = jiffies;
673 #endif
674 list_del_init(&mid_entry->qhead);
675 mid_entry->callback(mid_entry);
676 break;
677 }
678 spin_unlock(&GlobalMid_Lock);
679
680 if (mid_entry != NULL) {
681 /* Was previous buf put in mpx struct for multi-rsp? */
682 if (!isMultiRsp) {
683 /* smb buffer will be freed by user thread */
684 if (isLargeBuf)
685 bigbuf = NULL;
686 else
687 smallbuf = NULL;
688 }
689 } else if (length != 0) {
690 /* response sanity checks failed */
691 continue;
692 } else if (!is_valid_oplock_break(smb_buffer, server) &&
693 !isMultiRsp) {
694 cERROR(1, "No task to wake, unknown frame received! "
695 "NumMids %d", atomic_read(&midCount));
696 cifs_dump_mem("Received Data is: ", (char *)smb_buffer,
697 sizeof(struct smb_hdr));
698 #ifdef CONFIG_CIFS_DEBUG2
699 cifs_dump_detail(smb_buffer);
700 cifs_dump_mids(server);
701 #endif /* CIFS_DEBUG2 */
702
703 }
704 } /* end while !EXITING */
705
706 /* take it off the list, if it's not already */
707 spin_lock(&cifs_tcp_ses_lock);
708 list_del_init(&server->tcp_ses_list);
709 spin_unlock(&cifs_tcp_ses_lock);
710
711 spin_lock(&GlobalMid_Lock);
712 server->tcpStatus = CifsExiting;
713 spin_unlock(&GlobalMid_Lock);
714 wake_up_all(&server->response_q);
715
716 /* check if we have blocked requests that need to free */
717 /* Note that cifs_max_pending is normally 50, but
718 can be set at module install time to as little as two */
719 spin_lock(&GlobalMid_Lock);
720 if (atomic_read(&server->inFlight) >= cifs_max_pending)
721 atomic_set(&server->inFlight, cifs_max_pending - 1);
722 /* We do not want to set the max_pending too low or we
723 could end up with the counter going negative */
724 spin_unlock(&GlobalMid_Lock);
725 /* Although there should not be any requests blocked on
726 this queue it can not hurt to be paranoid and try to wake up requests
727 that may haven been blocked when more than 50 at time were on the wire
728 to the same server - they now will see the session is in exit state
729 and get out of SendReceive. */
730 wake_up_all(&server->request_q);
731 /* give those requests time to exit */
732 msleep(125);
733
734 if (server->ssocket) {
735 sock_release(csocket);
736 server->ssocket = NULL;
737 }
738 /* buffer usually freed in free_mid - need to free it here on exit */
739 cifs_buf_release(bigbuf);
740 if (smallbuf) /* no sense logging a debug message if NULL */
741 cifs_small_buf_release(smallbuf);
742
743 if (!list_empty(&server->pending_mid_q)) {
744 spin_lock(&GlobalMid_Lock);
745 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
746 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
747 cFYI(1, "Clearing Mid 0x%x - issuing callback",
748 mid_entry->mid);
749 list_del_init(&mid_entry->qhead);
750 mid_entry->callback(mid_entry);
751 }
752 spin_unlock(&GlobalMid_Lock);
753 /* 1/8th of sec is more than enough time for them to exit */
754 msleep(125);
755 }
756
757 if (!list_empty(&server->pending_mid_q)) {
758 /* mpx threads have not exited yet give them
759 at least the smb send timeout time for long ops */
760 /* due to delays on oplock break requests, we need
761 to wait at least 45 seconds before giving up
762 on a request getting a response and going ahead
763 and killing cifsd */
764 cFYI(1, "Wait for exit from demultiplex thread");
765 msleep(46000);
766 /* if threads still have not exited they are probably never
767 coming home not much else we can do but free the memory */
768 }
769
770 kfree(server->hostname);
771 task_to_wake = xchg(&server->tsk, NULL);
772 kfree(server);
773
774 length = atomic_dec_return(&tcpSesAllocCount);
775 if (length > 0)
776 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
777 GFP_KERNEL);
778
779 /* if server->tsk was NULL then wait for a signal before exiting */
780 if (!task_to_wake) {
781 set_current_state(TASK_INTERRUPTIBLE);
782 while (!signal_pending(current)) {
783 schedule();
784 set_current_state(TASK_INTERRUPTIBLE);
785 }
786 set_current_state(TASK_RUNNING);
787 }
788
789 module_put_and_exit(0);
790 }
791
792 /* extract the host portion of the UNC string */
793 static char *
794 extract_hostname(const char *unc)
795 {
796 const char *src;
797 char *dst, *delim;
798 unsigned int len;
799
800 /* skip double chars at beginning of string */
801 /* BB: check validity of these bytes? */
802 src = unc + 2;
803
804 /* delimiter between hostname and sharename is always '\\' now */
805 delim = strchr(src, '\\');
806 if (!delim)
807 return ERR_PTR(-EINVAL);
808
809 len = delim - src;
810 dst = kmalloc((len + 1), GFP_KERNEL);
811 if (dst == NULL)
812 return ERR_PTR(-ENOMEM);
813
814 memcpy(dst, src, len);
815 dst[len] = '\0';
816
817 return dst;
818 }
819
820 static int
821 cifs_parse_mount_options(char *options, const char *devname,
822 struct smb_vol *vol)
823 {
824 char *value, *data, *end;
825 unsigned int temp_len, i, j;
826 char separator[2];
827 short int override_uid = -1;
828 short int override_gid = -1;
829 bool uid_specified = false;
830 bool gid_specified = false;
831 char *nodename = utsname()->nodename;
832
833 separator[0] = ',';
834 separator[1] = 0;
835
836 /*
837 * does not have to be perfect mapping since field is
838 * informational, only used for servers that do not support
839 * port 445 and it can be overridden at mount time
840 */
841 memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
842 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
843 vol->source_rfc1001_name[i] = toupper(nodename[i]);
844
845 vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
846 /* null target name indicates to use *SMBSERVR default called name
847 if we end up sending RFC1001 session initialize */
848 vol->target_rfc1001_name[0] = 0;
849 vol->cred_uid = current_uid();
850 vol->linux_uid = current_uid();
851 vol->linux_gid = current_gid();
852
853 /* default to only allowing write access to owner of the mount */
854 vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
855
856 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
857 /* default is always to request posix paths. */
858 vol->posix_paths = 1;
859 /* default to using server inode numbers where available */
860 vol->server_ino = 1;
861
862 vol->actimeo = CIFS_DEF_ACTIMEO;
863
864 if (!options)
865 return 1;
866
867 end = options + strlen(options);
868 if (strncmp(options, "sep=", 4) == 0) {
869 if (options[4] != 0) {
870 separator[0] = options[4];
871 options += 5;
872 } else {
873 cFYI(1, "Null separator not allowed");
874 }
875 }
876
877 while ((data = strsep(&options, separator)) != NULL) {
878 if (!*data)
879 continue;
880 if ((value = strchr(data, '=')) != NULL)
881 *value++ = '\0';
882
883 /* Have to parse this before we parse for "user" */
884 if (strnicmp(data, "user_xattr", 10) == 0) {
885 vol->no_xattr = 0;
886 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
887 vol->no_xattr = 1;
888 } else if (strnicmp(data, "user", 4) == 0) {
889 if (!value) {
890 printk(KERN_WARNING
891 "CIFS: invalid or missing username\n");
892 return 1; /* needs_arg; */
893 } else if (!*value) {
894 /* null user, ie anonymous, authentication */
895 vol->nullauth = 1;
896 }
897 if (strnlen(value, MAX_USERNAME_SIZE) <
898 MAX_USERNAME_SIZE) {
899 vol->username = value;
900 } else {
901 printk(KERN_WARNING "CIFS: username too long\n");
902 return 1;
903 }
904 } else if (strnicmp(data, "pass", 4) == 0) {
905 if (!value) {
906 vol->password = NULL;
907 continue;
908 } else if (value[0] == 0) {
909 /* check if string begins with double comma
910 since that would mean the password really
911 does start with a comma, and would not
912 indicate an empty string */
913 if (value[1] != separator[0]) {
914 vol->password = NULL;
915 continue;
916 }
917 }
918 temp_len = strlen(value);
919 /* removed password length check, NTLM passwords
920 can be arbitrarily long */
921
922 /* if comma in password, the string will be
923 prematurely null terminated. Commas in password are
924 specified across the cifs mount interface by a double
925 comma ie ,, and a comma used as in other cases ie ','
926 as a parameter delimiter/separator is single and due
927 to the strsep above is temporarily zeroed. */
928
929 /* NB: password legally can have multiple commas and
930 the only illegal character in a password is null */
931
932 if ((value[temp_len] == 0) &&
933 (value + temp_len < end) &&
934 (value[temp_len+1] == separator[0])) {
935 /* reinsert comma */
936 value[temp_len] = separator[0];
937 temp_len += 2; /* move after second comma */
938 while (value[temp_len] != 0) {
939 if (value[temp_len] == separator[0]) {
940 if (value[temp_len+1] ==
941 separator[0]) {
942 /* skip second comma */
943 temp_len++;
944 } else {
945 /* single comma indicating start
946 of next parm */
947 break;
948 }
949 }
950 temp_len++;
951 }
952 if (value[temp_len] == 0) {
953 options = NULL;
954 } else {
955 value[temp_len] = 0;
956 /* point option to start of next parm */
957 options = value + temp_len + 1;
958 }
959 /* go from value to value + temp_len condensing
960 double commas to singles. Note that this ends up
961 allocating a few bytes too many, which is ok */
962 vol->password = kzalloc(temp_len, GFP_KERNEL);
963 if (vol->password == NULL) {
964 printk(KERN_WARNING "CIFS: no memory "
965 "for password\n");
966 return 1;
967 }
968 for (i = 0, j = 0; i < temp_len; i++, j++) {
969 vol->password[j] = value[i];
970 if (value[i] == separator[0]
971 && value[i+1] == separator[0]) {
972 /* skip second comma */
973 i++;
974 }
975 }
976 vol->password[j] = 0;
977 } else {
978 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
979 if (vol->password == NULL) {
980 printk(KERN_WARNING "CIFS: no memory "
981 "for password\n");
982 return 1;
983 }
984 strcpy(vol->password, value);
985 }
986 } else if (!strnicmp(data, "ip", 2) ||
987 !strnicmp(data, "addr", 4)) {
988 if (!value || !*value) {
989 vol->UNCip = NULL;
990 } else if (strnlen(value, INET6_ADDRSTRLEN) <
991 INET6_ADDRSTRLEN) {
992 vol->UNCip = value;
993 } else {
994 printk(KERN_WARNING "CIFS: ip address "
995 "too long\n");
996 return 1;
997 }
998 } else if (strnicmp(data, "sec", 3) == 0) {
999 if (!value || !*value) {
1000 cERROR(1, "no security value specified");
1001 continue;
1002 } else if (strnicmp(value, "krb5i", 5) == 0) {
1003 vol->secFlg |= CIFSSEC_MAY_KRB5 |
1004 CIFSSEC_MUST_SIGN;
1005 } else if (strnicmp(value, "krb5p", 5) == 0) {
1006 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
1007 CIFSSEC_MAY_KRB5; */
1008 cERROR(1, "Krb5 cifs privacy not supported");
1009 return 1;
1010 } else if (strnicmp(value, "krb5", 4) == 0) {
1011 vol->secFlg |= CIFSSEC_MAY_KRB5;
1012 } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
1013 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
1014 CIFSSEC_MUST_SIGN;
1015 } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1016 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
1017 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
1018 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
1019 CIFSSEC_MUST_SIGN;
1020 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
1021 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1022 } else if (strnicmp(value, "ntlmi", 5) == 0) {
1023 vol->secFlg |= CIFSSEC_MAY_NTLM |
1024 CIFSSEC_MUST_SIGN;
1025 } else if (strnicmp(value, "ntlm", 4) == 0) {
1026 /* ntlm is default so can be turned off too */
1027 vol->secFlg |= CIFSSEC_MAY_NTLM;
1028 } else if (strnicmp(value, "nontlm", 6) == 0) {
1029 /* BB is there a better way to do this? */
1030 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1031 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1032 } else if (strnicmp(value, "lanman", 6) == 0) {
1033 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1034 #endif
1035 } else if (strnicmp(value, "none", 4) == 0) {
1036 vol->nullauth = 1;
1037 } else {
1038 cERROR(1, "bad security option: %s", value);
1039 return 1;
1040 }
1041 } else if (strnicmp(data, "vers", 3) == 0) {
1042 if (!value || !*value) {
1043 cERROR(1, "no protocol version specified"
1044 " after vers= mount option");
1045 } else if ((strnicmp(value, "cifs", 4) == 0) ||
1046 (strnicmp(value, "1", 1) == 0)) {
1047 /* this is the default */
1048 continue;
1049 } else if ((strnicmp(value, "smb2", 4) == 0) ||
1050 (strnicmp(value, "2", 1) == 0)) {
1051 #ifdef CONFIG_CIFS_SMB2
1052 vol->use_smb2 = true;
1053 #else
1054 cERROR(1, "smb2 support not enabled");
1055 #endif /* CONFIG_CIFS_SMB2 */
1056 }
1057 } else if ((strnicmp(data, "unc", 3) == 0)
1058 || (strnicmp(data, "target", 6) == 0)
1059 || (strnicmp(data, "path", 4) == 0)) {
1060 if (!value || !*value) {
1061 printk(KERN_WARNING "CIFS: invalid path to "
1062 "network resource\n");
1063 return 1; /* needs_arg; */
1064 }
1065 if ((temp_len = strnlen(value, 300)) < 300) {
1066 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1067 if (vol->UNC == NULL)
1068 return 1;
1069 strcpy(vol->UNC, value);
1070 if (strncmp(vol->UNC, "//", 2) == 0) {
1071 vol->UNC[0] = '\\';
1072 vol->UNC[1] = '\\';
1073 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1074 printk(KERN_WARNING
1075 "CIFS: UNC Path does not begin "
1076 "with // or \\\\ \n");
1077 return 1;
1078 }
1079 } else {
1080 printk(KERN_WARNING "CIFS: UNC name too long\n");
1081 return 1;
1082 }
1083 } else if ((strnicmp(data, "domain", 3) == 0)
1084 || (strnicmp(data, "workgroup", 5) == 0)) {
1085 if (!value || !*value) {
1086 printk(KERN_WARNING "CIFS: invalid domain name\n");
1087 return 1; /* needs_arg; */
1088 }
1089 /* BB are there cases in which a comma can be valid in
1090 a domain name and need special handling? */
1091 if (strnlen(value, 256) < 256) {
1092 vol->domainname = value;
1093 cFYI(1, "Domain name set");
1094 } else {
1095 printk(KERN_WARNING "CIFS: domain name too "
1096 "long\n");
1097 return 1;
1098 }
1099 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1100 vol->srcaddr.ss_family = AF_UNSPEC;
1101
1102 if (!value || !*value) {
1103 printk(KERN_WARNING "CIFS: srcaddr value"
1104 " not specified.\n");
1105 return 1; /* needs_arg; */
1106 }
1107 i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1108 value, strlen(value));
1109 if (i == 0) {
1110 printk(KERN_WARNING "CIFS: Could not parse"
1111 " srcaddr: %s\n",
1112 value);
1113 return 1;
1114 }
1115 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1116 if (!value || !*value) {
1117 printk(KERN_WARNING
1118 "CIFS: invalid path prefix\n");
1119 return 1; /* needs_argument */
1120 }
1121 if ((temp_len = strnlen(value, 1024)) < 1024) {
1122 if (value[0] != '/')
1123 temp_len++; /* missing leading slash */
1124 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1125 if (vol->prepath == NULL)
1126 return 1;
1127 if (value[0] != '/') {
1128 vol->prepath[0] = '/';
1129 strcpy(vol->prepath+1, value);
1130 } else
1131 strcpy(vol->prepath, value);
1132 cFYI(1, "prefix path %s", vol->prepath);
1133 } else {
1134 printk(KERN_WARNING "CIFS: prefix too long\n");
1135 return 1;
1136 }
1137 } else if (strnicmp(data, "iocharset", 9) == 0) {
1138 if (!value || !*value) {
1139 printk(KERN_WARNING "CIFS: invalid iocharset "
1140 "specified\n");
1141 return 1; /* needs_arg; */
1142 }
1143 if (strnlen(value, 65) < 65) {
1144 if (strnicmp(value, "default", 7))
1145 vol->iocharset = value;
1146 /* if iocharset not set then load_nls_default
1147 is used by caller */
1148 cFYI(1, "iocharset set to %s", value);
1149 } else {
1150 printk(KERN_WARNING "CIFS: iocharset name "
1151 "too long.\n");
1152 return 1;
1153 }
1154 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1155 vol->linux_uid = simple_strtoul(value, &value, 0);
1156 uid_specified = true;
1157 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1158 vol->cred_uid = simple_strtoul(value, &value, 0);
1159 } else if (!strnicmp(data, "forceuid", 8)) {
1160 override_uid = 1;
1161 } else if (!strnicmp(data, "noforceuid", 10)) {
1162 override_uid = 0;
1163 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1164 vol->linux_gid = simple_strtoul(value, &value, 0);
1165 gid_specified = true;
1166 } else if (!strnicmp(data, "forcegid", 8)) {
1167 override_gid = 1;
1168 } else if (!strnicmp(data, "noforcegid", 10)) {
1169 override_gid = 0;
1170 } else if (strnicmp(data, "file_mode", 4) == 0) {
1171 if (value && *value) {
1172 vol->file_mode =
1173 simple_strtoul(value, &value, 0);
1174 }
1175 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1176 if (value && *value) {
1177 vol->dir_mode =
1178 simple_strtoul(value, &value, 0);
1179 }
1180 } else if (strnicmp(data, "dirmode", 4) == 0) {
1181 if (value && *value) {
1182 vol->dir_mode =
1183 simple_strtoul(value, &value, 0);
1184 }
1185 } else if (strnicmp(data, "port", 4) == 0) {
1186 if (value && *value) {
1187 vol->port =
1188 simple_strtoul(value, &value, 0);
1189 }
1190 } else if (strnicmp(data, "rsize", 5) == 0) {
1191 if (value && *value) {
1192 vol->rsize =
1193 simple_strtoul(value, &value, 0);
1194 }
1195 } else if (strnicmp(data, "wsize", 5) == 0) {
1196 if (value && *value) {
1197 vol->wsize =
1198 simple_strtoul(value, &value, 0);
1199 }
1200 } else if (strnicmp(data, "sockopt", 5) == 0) {
1201 if (!value || !*value) {
1202 cERROR(1, "no socket option specified");
1203 continue;
1204 } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1205 vol->sockopt_tcp_nodelay = 1;
1206 }
1207 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1208 if (!value || !*value || (*value == ' ')) {
1209 cFYI(1, "invalid (empty) netbiosname");
1210 } else {
1211 memset(vol->source_rfc1001_name, 0x20,
1212 RFC1001_NAME_LEN);
1213 /*
1214 * FIXME: are there cases in which a comma can
1215 * be valid in workstation netbios name (and
1216 * need special handling)?
1217 */
1218 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1219 /* don't ucase netbiosname for user */
1220 if (value[i] == 0)
1221 break;
1222 vol->source_rfc1001_name[i] = value[i];
1223 }
1224 /* The string has 16th byte zero still from
1225 set at top of the function */
1226 if (i == RFC1001_NAME_LEN && value[i] != 0)
1227 printk(KERN_WARNING "CIFS: netbiosname"
1228 " longer than 15 truncated.\n");
1229 }
1230 } else if (strnicmp(data, "servern", 7) == 0) {
1231 /* servernetbiosname specified override *SMBSERVER */
1232 if (!value || !*value || (*value == ' ')) {
1233 cFYI(1, "empty server netbiosname specified");
1234 } else {
1235 /* last byte, type, is 0x20 for servr type */
1236 memset(vol->target_rfc1001_name, 0x20,
1237 RFC1001_NAME_LEN_WITH_NULL);
1238
1239 for (i = 0; i < 15; i++) {
1240 /* BB are there cases in which a comma can be
1241 valid in this workstation netbios name
1242 (and need special handling)? */
1243
1244 /* user or mount helper must uppercase
1245 the netbiosname */
1246 if (value[i] == 0)
1247 break;
1248 else
1249 vol->target_rfc1001_name[i] =
1250 value[i];
1251 }
1252 /* The string has 16th byte zero still from
1253 set at top of the function */
1254 if (i == RFC1001_NAME_LEN && value[i] != 0)
1255 printk(KERN_WARNING "CIFS: server net"
1256 "biosname longer than 15 truncated.\n");
1257 }
1258 } else if (strnicmp(data, "actimeo", 7) == 0) {
1259 if (value && *value) {
1260 vol->actimeo = HZ * simple_strtoul(value,
1261 &value, 0);
1262 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1263 cERROR(1, "CIFS: attribute cache"
1264 "timeout too large");
1265 return 1;
1266 }
1267 }
1268 } else if (strnicmp(data, "credentials", 4) == 0) {
1269 /* ignore */
1270 } else if (strnicmp(data, "version", 3) == 0) {
1271 /* ignore */
1272 } else if (strnicmp(data, "guest", 5) == 0) {
1273 /* ignore */
1274 } else if (strnicmp(data, "rw", 2) == 0) {
1275 /* ignore */
1276 } else if (strnicmp(data, "ro", 2) == 0) {
1277 /* ignore */
1278 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1279 vol->noblocksnd = 1;
1280 } else if (strnicmp(data, "noautotune", 10) == 0) {
1281 vol->noautotune = 1;
1282 } else if ((strnicmp(data, "suid", 4) == 0) ||
1283 (strnicmp(data, "nosuid", 6) == 0) ||
1284 (strnicmp(data, "exec", 4) == 0) ||
1285 (strnicmp(data, "noexec", 6) == 0) ||
1286 (strnicmp(data, "nodev", 5) == 0) ||
1287 (strnicmp(data, "noauto", 6) == 0) ||
1288 (strnicmp(data, "dev", 3) == 0)) {
1289 /* The mount tool or mount.cifs helper (if present)
1290 uses these opts to set flags, and the flags are read
1291 by the kernel vfs layer before we get here (ie
1292 before read super) so there is no point trying to
1293 parse these options again and set anything and it
1294 is ok to just ignore them */
1295 continue;
1296 } else if (strnicmp(data, "hard", 4) == 0) {
1297 vol->retry = 1;
1298 } else if (strnicmp(data, "soft", 4) == 0) {
1299 vol->retry = 0;
1300 } else if (strnicmp(data, "perm", 4) == 0) {
1301 vol->noperm = 0;
1302 } else if (strnicmp(data, "noperm", 6) == 0) {
1303 vol->noperm = 1;
1304 } else if (strnicmp(data, "mapchars", 8) == 0) {
1305 vol->remap = 1;
1306 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1307 vol->remap = 0;
1308 } else if (strnicmp(data, "sfu", 3) == 0) {
1309 vol->sfu_emul = 1;
1310 } else if (strnicmp(data, "nosfu", 5) == 0) {
1311 vol->sfu_emul = 0;
1312 } else if (strnicmp(data, "nodfs", 5) == 0) {
1313 vol->nodfs = 1;
1314 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1315 vol->posix_paths = 1;
1316 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1317 vol->posix_paths = 0;
1318 } else if (strnicmp(data, "nounix", 6) == 0) {
1319 vol->no_linux_ext = 1;
1320 } else if (strnicmp(data, "nolinux", 7) == 0) {
1321 vol->no_linux_ext = 1;
1322 } else if ((strnicmp(data, "nocase", 6) == 0) ||
1323 (strnicmp(data, "ignorecase", 10) == 0)) {
1324 vol->nocase = 1;
1325 } else if (strnicmp(data, "mand", 4) == 0) {
1326 /* ignore */
1327 } else if (strnicmp(data, "nomand", 6) == 0) {
1328 /* ignore */
1329 } else if (strnicmp(data, "_netdev", 7) == 0) {
1330 /* ignore */
1331 } else if (strnicmp(data, "brl", 3) == 0) {
1332 vol->nobrl = 0;
1333 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1334 (strnicmp(data, "nolock", 6) == 0)) {
1335 vol->nobrl = 1;
1336 /* turn off mandatory locking in mode
1337 if remote locking is turned off since the
1338 local vfs will do advisory */
1339 if (vol->file_mode ==
1340 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1341 vol->file_mode = S_IALLUGO;
1342 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1343 /* will take the shorter form "forcemand" as well */
1344 /* This mount option will force use of mandatory
1345 (DOS/Windows style) byte range locks, instead of
1346 using posix advisory byte range locks, even if the
1347 Unix extensions are available and posix locks would
1348 be supported otherwise. If Unix extensions are not
1349 negotiated this has no effect since mandatory locks
1350 would be used (mandatory locks is all that those
1351 those servers support) */
1352 vol->mand_lock = 1;
1353 } else if (strnicmp(data, "setuids", 7) == 0) {
1354 vol->setuids = 1;
1355 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1356 vol->setuids = 0;
1357 } else if (strnicmp(data, "dynperm", 7) == 0) {
1358 vol->dynperm = true;
1359 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1360 vol->dynperm = false;
1361 } else if (strnicmp(data, "nohard", 6) == 0) {
1362 vol->retry = 0;
1363 } else if (strnicmp(data, "nosoft", 6) == 0) {
1364 vol->retry = 1;
1365 } else if (strnicmp(data, "nointr", 6) == 0) {
1366 vol->intr = 0;
1367 } else if (strnicmp(data, "intr", 4) == 0) {
1368 vol->intr = 1;
1369 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1370 vol->nostrictsync = 1;
1371 } else if (strnicmp(data, "strictsync", 10) == 0) {
1372 vol->nostrictsync = 0;
1373 } else if (strnicmp(data, "serverino", 7) == 0) {
1374 vol->server_ino = 1;
1375 } else if (strnicmp(data, "noserverino", 9) == 0) {
1376 vol->server_ino = 0;
1377 } else if (strnicmp(data, "cifsacl", 7) == 0) {
1378 vol->cifs_acl = 1;
1379 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1380 vol->cifs_acl = 0;
1381 } else if (strnicmp(data, "acl", 3) == 0) {
1382 vol->no_psx_acl = 0;
1383 } else if (strnicmp(data, "noacl", 5) == 0) {
1384 vol->no_psx_acl = 1;
1385 } else if (strnicmp(data, "locallease", 6) == 0) {
1386 vol->local_lease = 1;
1387 } else if (strnicmp(data, "sign", 4) == 0) {
1388 vol->secFlg |= CIFSSEC_MUST_SIGN;
1389 } else if (strnicmp(data, "seal", 4) == 0) {
1390 /* we do not do the following in secFlags because seal
1391 is a per tree connection (mount) not a per socket
1392 or per-smb connection option in the protocol */
1393 /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1394 vol->seal = 1;
1395 } else if (strnicmp(data, "direct", 6) == 0) {
1396 vol->direct_io = 1;
1397 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1398 vol->direct_io = 1;
1399 } else if (strnicmp(data, "strictcache", 11) == 0) {
1400 vol->strict_io = 1;
1401 } else if (strnicmp(data, "noac", 4) == 0) {
1402 printk(KERN_WARNING "CIFS: Mount option noac not "
1403 "supported. Instead set "
1404 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1405 } else if (strnicmp(data, "fsc", 3) == 0) {
1406 #ifndef CONFIG_CIFS_FSCACHE
1407 cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE"
1408 "kernel config option set");
1409 return 1;
1410 #endif
1411 vol->fsc = true;
1412 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1413 vol->mfsymlinks = true;
1414 } else if (strnicmp(data, "multiuser", 8) == 0) {
1415 vol->multiuser = true;
1416 } else
1417 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1418 data);
1419 }
1420 if (vol->UNC == NULL) {
1421 if (devname == NULL) {
1422 printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1423 "target\n");
1424 return 1;
1425 }
1426 if ((temp_len = strnlen(devname, 300)) < 300) {
1427 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1428 if (vol->UNC == NULL)
1429 return 1;
1430 strcpy(vol->UNC, devname);
1431 if (strncmp(vol->UNC, "//", 2) == 0) {
1432 vol->UNC[0] = '\\';
1433 vol->UNC[1] = '\\';
1434 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1435 printk(KERN_WARNING "CIFS: UNC Path does not "
1436 "begin with // or \\\\ \n");
1437 return 1;
1438 }
1439 value = strpbrk(vol->UNC+2, "/\\");
1440 if (value)
1441 *value = '\\';
1442 } else {
1443 printk(KERN_WARNING "CIFS: UNC name too long\n");
1444 return 1;
1445 }
1446 }
1447
1448 if (vol->multiuser && !(vol->secFlg & CIFSSEC_MAY_KRB5)) {
1449 cERROR(1, "Multiuser mounts currently require krb5 "
1450 "authentication!");
1451 return 1;
1452 }
1453
1454 if (vol->UNCip == NULL)
1455 vol->UNCip = &vol->UNC[2];
1456
1457 if (uid_specified)
1458 vol->override_uid = override_uid;
1459 else if (override_uid == 1)
1460 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1461 "specified with no uid= option.\n");
1462
1463 if (gid_specified)
1464 vol->override_gid = override_gid;
1465 else if (override_gid == 1)
1466 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1467 "specified with no gid= option.\n");
1468
1469 return 0;
1470 }
1471
1472 /** Returns true if srcaddr isn't specified and rhs isn't
1473 * specified, or if srcaddr is specified and
1474 * matches the IP address of the rhs argument.
1475 */
1476 static bool
1477 srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1478 {
1479 switch (srcaddr->sa_family) {
1480 case AF_UNSPEC:
1481 return (rhs->sa_family == AF_UNSPEC);
1482 case AF_INET: {
1483 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1484 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1485 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1486 }
1487 case AF_INET6: {
1488 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1489 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1490 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1491 }
1492 default:
1493 WARN_ON(1);
1494 return false; /* don't expect to be here */
1495 }
1496 }
1497
1498 /*
1499 * If no port is specified in addr structure, we try to match with 445 port
1500 * and if it fails - with 139 ports. It should be called only if address
1501 * families of server and addr are equal.
1502 */
1503 static bool
1504 match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1505 {
1506 __be16 port, *sport;
1507
1508 switch (addr->sa_family) {
1509 case AF_INET:
1510 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1511 port = ((struct sockaddr_in *) addr)->sin_port;
1512 break;
1513 case AF_INET6:
1514 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1515 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1516 break;
1517 default:
1518 WARN_ON(1);
1519 return false;
1520 }
1521
1522 if (!port) {
1523 port = htons(CIFS_PORT);
1524 if (port == *sport)
1525 return true;
1526
1527 port = htons(RFC1001_PORT);
1528 }
1529
1530 return port == *sport;
1531 }
1532
1533 static bool
1534 match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1535 struct sockaddr *srcaddr)
1536 {
1537 switch (addr->sa_family) {
1538 case AF_INET: {
1539 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1540 struct sockaddr_in *srv_addr4 =
1541 (struct sockaddr_in *)&server->dstaddr;
1542
1543 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
1544 return false;
1545 break;
1546 }
1547 case AF_INET6: {
1548 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1549 struct sockaddr_in6 *srv_addr6 =
1550 (struct sockaddr_in6 *)&server->dstaddr;
1551
1552 if (!ipv6_addr_equal(&addr6->sin6_addr,
1553 &srv_addr6->sin6_addr))
1554 return false;
1555 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
1556 return false;
1557 break;
1558 }
1559 default:
1560 WARN_ON(1);
1561 return false; /* don't expect to be here */
1562 }
1563
1564 if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1565 return false;
1566
1567 return true;
1568 }
1569
1570 static bool
1571 match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1572 {
1573 unsigned int secFlags;
1574
1575 if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1576 secFlags = vol->secFlg;
1577 else
1578 secFlags = global_secflags | vol->secFlg;
1579
1580 switch (server->secType) {
1581 case LANMAN:
1582 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1583 return false;
1584 break;
1585 case NTLMv2:
1586 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1587 return false;
1588 break;
1589 case NTLM:
1590 if (!(secFlags & CIFSSEC_MAY_NTLM))
1591 return false;
1592 break;
1593 case Kerberos:
1594 if (!(secFlags & CIFSSEC_MAY_KRB5))
1595 return false;
1596 break;
1597 case RawNTLMSSP:
1598 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1599 return false;
1600 break;
1601 default:
1602 /* shouldn't happen */
1603 return false;
1604 }
1605
1606 /* now check if signing mode is acceptable */
1607 if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
1608 (server->secMode & SECMODE_SIGN_REQUIRED))
1609 return false;
1610 else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
1611 (server->secMode &
1612 (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1613 return false;
1614
1615 return true;
1616 }
1617
1618 static struct TCP_Server_Info *
1619 cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1620 {
1621 struct TCP_Server_Info *server;
1622
1623 spin_lock(&cifs_tcp_ses_lock);
1624 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
1625 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1626 continue;
1627
1628 if (!match_address(server, addr,
1629 (struct sockaddr *)&vol->srcaddr))
1630 continue;
1631
1632 if (!match_port(server, addr))
1633 continue;
1634
1635 if (!match_security(server, vol))
1636 continue;
1637
1638 ++server->srv_count;
1639 spin_unlock(&cifs_tcp_ses_lock);
1640 cFYI(1, "Existing tcp session with server found");
1641 return server;
1642 }
1643 spin_unlock(&cifs_tcp_ses_lock);
1644 return NULL;
1645 }
1646
1647 static void
1648 cifs_put_tcp_session(struct TCP_Server_Info *server)
1649 {
1650 struct task_struct *task;
1651
1652 spin_lock(&cifs_tcp_ses_lock);
1653 if (--server->srv_count > 0) {
1654 spin_unlock(&cifs_tcp_ses_lock);
1655 return;
1656 }
1657
1658 put_net(cifs_net_ns(server));
1659
1660 list_del_init(&server->tcp_ses_list);
1661 spin_unlock(&cifs_tcp_ses_lock);
1662
1663 cancel_delayed_work_sync(&server->echo);
1664
1665 spin_lock(&GlobalMid_Lock);
1666 server->tcpStatus = CifsExiting;
1667 spin_unlock(&GlobalMid_Lock);
1668
1669 cifs_crypto_shash_release(server);
1670 cifs_fscache_release_client_cookie(server);
1671
1672 kfree(server->session_key.response);
1673 server->session_key.response = NULL;
1674 server->session_key.len = 0;
1675
1676 task = xchg(&server->tsk, NULL);
1677 if (task)
1678 force_sig(SIGKILL, task);
1679 }
1680
1681 static struct TCP_Server_Info *
1682 cifs_get_tcp_session(struct smb_vol *volume_info)
1683 {
1684 struct TCP_Server_Info *tcp_ses = NULL;
1685 struct sockaddr_storage addr;
1686 struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1687 struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1688 int rc;
1689
1690 memset(&addr, 0, sizeof(struct sockaddr_storage));
1691
1692 cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
1693
1694 if (volume_info->UNCip && volume_info->UNC) {
1695 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1696 volume_info->UNCip,
1697 strlen(volume_info->UNCip),
1698 volume_info->port);
1699 if (!rc) {
1700 /* we failed translating address */
1701 rc = -EINVAL;
1702 goto out_err;
1703 }
1704 } else if (volume_info->UNCip) {
1705 /* BB using ip addr as tcp_ses name to connect to the
1706 DFS root below */
1707 cERROR(1, "Connecting to DFS root not implemented yet");
1708 rc = -EINVAL;
1709 goto out_err;
1710 } else /* which tcp_sess DFS root would we conect to */ {
1711 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1712 "unc=//192.168.1.100/public) specified");
1713 rc = -EINVAL;
1714 goto out_err;
1715 }
1716
1717 /* see if we already have a matching tcp_ses */
1718 tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
1719 if (tcp_ses)
1720 return tcp_ses;
1721
1722 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1723 if (!tcp_ses) {
1724 rc = -ENOMEM;
1725 goto out_err;
1726 }
1727
1728 rc = cifs_crypto_shash_allocate(tcp_ses);
1729 if (rc) {
1730 cERROR(1, "could not setup hash structures rc %d", rc);
1731 goto out_err;
1732 }
1733
1734 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
1735 tcp_ses->hostname = extract_hostname(volume_info->UNC);
1736 if (IS_ERR(tcp_ses->hostname)) {
1737 rc = PTR_ERR(tcp_ses->hostname);
1738 goto out_err_crypto_release;
1739 }
1740
1741 tcp_ses->noblocksnd = volume_info->noblocksnd;
1742 tcp_ses->noautotune = volume_info->noautotune;
1743 tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
1744 atomic_set(&tcp_ses->inFlight, 0);
1745 init_waitqueue_head(&tcp_ses->response_q);
1746 init_waitqueue_head(&tcp_ses->request_q);
1747 INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1748 mutex_init(&tcp_ses->srv_mutex);
1749 memcpy(tcp_ses->workstation_RFC1001_name,
1750 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1751 memcpy(tcp_ses->server_RFC1001_name,
1752 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1753 tcp_ses->session_estab = false;
1754 tcp_ses->sequence_number = 0;
1755 tcp_ses->lstrp = jiffies;
1756 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1757 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
1758 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
1759
1760 /*
1761 * at this point we are the only ones with the pointer
1762 * to the struct since the kernel thread not created yet
1763 * no need to spinlock this init of tcpStatus or srv_count
1764 */
1765 tcp_ses->tcpStatus = CifsNew;
1766 memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1767 sizeof(tcp_ses->srcaddr));
1768 ++tcp_ses->srv_count;
1769
1770 if (addr.ss_family == AF_INET6) {
1771 cFYI(1, "attempting ipv6 connect");
1772 /* BB should we allow ipv6 on port 139? */
1773 /* other OS never observed in Wild doing 139 with v6 */
1774 memcpy(&tcp_ses->dstaddr, sin_server6,
1775 sizeof(struct sockaddr_in6));
1776 } else
1777 memcpy(&tcp_ses->dstaddr, sin_server,
1778 sizeof(struct sockaddr_in));
1779
1780 rc = ip_connect(tcp_ses);
1781 if (rc < 0) {
1782 cERROR(1, "Error connecting to socket. Aborting operation");
1783 goto out_err_crypto_release;
1784 }
1785
1786 /*
1787 * since we're in a cifs function already, we know that
1788 * this will succeed. No need for try_module_get().
1789 */
1790 __module_get(THIS_MODULE);
1791 tcp_ses->tsk = kthread_run((void *)(void *)cifs_demultiplex_thread,
1792 tcp_ses, "cifsd");
1793 if (IS_ERR(tcp_ses->tsk)) {
1794 rc = PTR_ERR(tcp_ses->tsk);
1795 cERROR(1, "error %d create cifsd thread", rc);
1796 module_put(THIS_MODULE);
1797 goto out_err_crypto_release;
1798 }
1799 tcp_ses->tcpStatus = CifsNeedNegotiate;
1800
1801 /* thread spawned, put it on the list */
1802 spin_lock(&cifs_tcp_ses_lock);
1803 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
1804 spin_unlock(&cifs_tcp_ses_lock);
1805
1806 cifs_fscache_get_client_cookie(tcp_ses);
1807
1808 /* queue echo request delayed work */
1809 queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1810
1811 return tcp_ses;
1812
1813 out_err_crypto_release:
1814 cifs_crypto_shash_release(tcp_ses);
1815
1816 put_net(cifs_net_ns(tcp_ses));
1817
1818 out_err:
1819 if (tcp_ses) {
1820 if (!IS_ERR(tcp_ses->hostname))
1821 kfree(tcp_ses->hostname);
1822 if (tcp_ses->ssocket)
1823 sock_release(tcp_ses->ssocket);
1824 kfree(tcp_ses);
1825 }
1826 return ERR_PTR(rc);
1827 }
1828
1829 static struct cifsSesInfo *
1830 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
1831 {
1832 struct cifsSesInfo *ses;
1833
1834 spin_lock(&cifs_tcp_ses_lock);
1835 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
1836 switch (server->secType) {
1837 case Kerberos:
1838 if (vol->cred_uid != ses->cred_uid)
1839 continue;
1840 break;
1841 default:
1842 /* anything else takes username/password */
1843 if (ses->user_name == NULL)
1844 continue;
1845 if (strncmp(ses->user_name, vol->username,
1846 MAX_USERNAME_SIZE))
1847 continue;
1848 if (strlen(vol->username) != 0 &&
1849 ses->password != NULL &&
1850 strncmp(ses->password,
1851 vol->password ? vol->password : "",
1852 MAX_PASSWORD_SIZE))
1853 continue;
1854 }
1855 ++ses->ses_count;
1856 spin_unlock(&cifs_tcp_ses_lock);
1857 return ses;
1858 }
1859 spin_unlock(&cifs_tcp_ses_lock);
1860 return NULL;
1861 }
1862
1863 static void
1864 cifs_put_smb_ses(struct cifsSesInfo *ses)
1865 {
1866 int xid;
1867 struct TCP_Server_Info *server = ses->server;
1868
1869 cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
1870 spin_lock(&cifs_tcp_ses_lock);
1871 if (--ses->ses_count > 0) {
1872 spin_unlock(&cifs_tcp_ses_lock);
1873 return;
1874 }
1875
1876 list_del_init(&ses->smb_ses_list);
1877 spin_unlock(&cifs_tcp_ses_lock);
1878
1879 if (ses->status == CifsGood) {
1880 xid = GetXid();
1881 CIFSSMBLogoff(xid, ses);
1882 _FreeXid(xid);
1883 }
1884 sesInfoFree(ses);
1885 cifs_put_tcp_session(server);
1886 }
1887
1888 static bool warned_on_ntlm; /* globals init to false automatically */
1889
1890 static struct cifsSesInfo *
1891 cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
1892 {
1893 int rc = -ENOMEM, xid;
1894 struct cifsSesInfo *ses;
1895 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
1896 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
1897
1898 xid = GetXid();
1899
1900 ses = cifs_find_smb_ses(server, volume_info);
1901 if (ses) {
1902 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
1903
1904 mutex_lock(&ses->session_mutex);
1905 rc = cifs_negotiate_protocol(xid, ses);
1906 if (rc) {
1907 mutex_unlock(&ses->session_mutex);
1908 /* problem -- put our ses reference */
1909 cifs_put_smb_ses(ses);
1910 FreeXid(xid);
1911 return ERR_PTR(rc);
1912 }
1913 if (ses->need_reconnect) {
1914 cFYI(1, "Session needs reconnect");
1915 rc = cifs_setup_session(xid, ses,
1916 volume_info->local_nls);
1917 if (rc) {
1918 mutex_unlock(&ses->session_mutex);
1919 /* problem -- put our reference */
1920 cifs_put_smb_ses(ses);
1921 FreeXid(xid);
1922 return ERR_PTR(rc);
1923 }
1924 }
1925 mutex_unlock(&ses->session_mutex);
1926
1927 /* existing SMB ses has a server reference already */
1928 cifs_put_tcp_session(server);
1929 FreeXid(xid);
1930 return ses;
1931 }
1932
1933 cFYI(1, "Existing smb sess not found");
1934 ses = sesInfoAlloc();
1935 if (ses == NULL)
1936 goto get_ses_fail;
1937
1938 /* new SMB session uses our server ref */
1939 ses->server = server;
1940 if (server->dstaddr.ss_family == AF_INET6)
1941 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
1942 else
1943 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
1944
1945 if (volume_info->username) {
1946 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
1947 if (!ses->user_name)
1948 goto get_ses_fail;
1949 }
1950
1951 /* volume_info->password freed at unmount */
1952 if (volume_info->password) {
1953 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
1954 if (!ses->password)
1955 goto get_ses_fail;
1956 }
1957 if (volume_info->domainname) {
1958 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
1959 if (!ses->domainName)
1960 goto get_ses_fail;
1961 }
1962 ses->cred_uid = volume_info->cred_uid;
1963 ses->linux_uid = volume_info->linux_uid;
1964
1965 /* ntlmv2 is much stronger than ntlm security, and has been broadly
1966 supported for many years, time to update default security mechanism */
1967 if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
1968 warned_on_ntlm = true;
1969 cERROR(1, "default security mechanism requested. The default "
1970 "security mechanism will be upgraded from ntlm to "
1971 "ntlmv2 in kernel release 2.6.41");
1972 }
1973 ses->overrideSecFlg = volume_info->secFlg;
1974
1975 mutex_lock(&ses->session_mutex);
1976 rc = cifs_negotiate_protocol(xid, ses);
1977 if (!rc)
1978 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
1979 mutex_unlock(&ses->session_mutex);
1980 if (rc)
1981 goto get_ses_fail;
1982
1983 /* success, put it on the list */
1984 spin_lock(&cifs_tcp_ses_lock);
1985 list_add(&ses->smb_ses_list, &server->smb_ses_list);
1986 spin_unlock(&cifs_tcp_ses_lock);
1987
1988 FreeXid(xid);
1989 return ses;
1990
1991 get_ses_fail:
1992 sesInfoFree(ses);
1993 FreeXid(xid);
1994 return ERR_PTR(rc);
1995 }
1996
1997 static struct cifsTconInfo *
1998 cifs_find_tcon(struct cifsSesInfo *ses, const char *unc)
1999 {
2000 struct list_head *tmp;
2001 struct cifsTconInfo *tcon;
2002
2003 spin_lock(&cifs_tcp_ses_lock);
2004 list_for_each(tmp, &ses->tcon_list) {
2005 tcon = list_entry(tmp, struct cifsTconInfo, tcon_list);
2006 if (tcon->tidStatus == CifsExiting)
2007 continue;
2008 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2009 continue;
2010
2011 ++tcon->tc_count;
2012 spin_unlock(&cifs_tcp_ses_lock);
2013 return tcon;
2014 }
2015 spin_unlock(&cifs_tcp_ses_lock);
2016 return NULL;
2017 }
2018
2019 static void
2020 cifs_put_tcon(struct cifsTconInfo *tcon)
2021 {
2022 int xid;
2023 struct cifsSesInfo *ses = tcon->ses;
2024
2025 cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
2026 spin_lock(&cifs_tcp_ses_lock);
2027 if (--tcon->tc_count > 0) {
2028 spin_unlock(&cifs_tcp_ses_lock);
2029 return;
2030 }
2031
2032 list_del_init(&tcon->tcon_list);
2033 spin_unlock(&cifs_tcp_ses_lock);
2034
2035 xid = GetXid();
2036 CIFSSMBTDis(xid, tcon);
2037 _FreeXid(xid);
2038
2039 cifs_fscache_release_super_cookie(tcon);
2040 tconInfoFree(tcon);
2041 cifs_put_smb_ses(ses);
2042 }
2043
2044 static struct cifsTconInfo *
2045 cifs_get_tcon(struct cifsSesInfo *ses, struct smb_vol *volume_info)
2046 {
2047 int rc, xid;
2048 struct cifsTconInfo *tcon;
2049
2050 tcon = cifs_find_tcon(ses, volume_info->UNC);
2051 if (tcon) {
2052 cFYI(1, "Found match on UNC path");
2053 /* existing tcon already has a reference */
2054 cifs_put_smb_ses(ses);
2055 if (tcon->seal != volume_info->seal)
2056 cERROR(1, "transport encryption setting "
2057 "conflicts with existing tid");
2058 return tcon;
2059 }
2060
2061 tcon = tconInfoAlloc();
2062 if (tcon == NULL) {
2063 rc = -ENOMEM;
2064 goto out_fail;
2065 }
2066
2067 tcon->ses = ses;
2068 if (volume_info->password) {
2069 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2070 if (!tcon->password) {
2071 rc = -ENOMEM;
2072 goto out_fail;
2073 }
2074 }
2075
2076 if (strchr(volume_info->UNC + 3, '\\') == NULL
2077 && strchr(volume_info->UNC + 3, '/') == NULL) {
2078 cERROR(1, "Missing share name");
2079 rc = -ENODEV;
2080 goto out_fail;
2081 }
2082
2083 /* BB Do we need to wrap session_mutex around
2084 * this TCon call and Unix SetFS as
2085 * we do on SessSetup and reconnect? */
2086 xid = GetXid();
2087 rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2088 FreeXid(xid);
2089 cFYI(1, "CIFS Tcon rc = %d", rc);
2090 if (rc)
2091 goto out_fail;
2092
2093 if (volume_info->nodfs) {
2094 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2095 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2096 }
2097 tcon->seal = volume_info->seal;
2098 /* we can have only one retry value for a connection
2099 to a share so for resources mounted more than once
2100 to the same server share the last value passed in
2101 for the retry flag is used */
2102 tcon->retry = volume_info->retry;
2103 tcon->nocase = volume_info->nocase;
2104 tcon->local_lease = volume_info->local_lease;
2105
2106 spin_lock(&cifs_tcp_ses_lock);
2107 list_add(&tcon->tcon_list, &ses->tcon_list);
2108 spin_unlock(&cifs_tcp_ses_lock);
2109
2110 cifs_fscache_get_super_cookie(tcon);
2111
2112 return tcon;
2113
2114 out_fail:
2115 tconInfoFree(tcon);
2116 return ERR_PTR(rc);
2117 }
2118
2119 void
2120 cifs_put_tlink(struct tcon_link *tlink)
2121 {
2122 if (!tlink || IS_ERR(tlink))
2123 return;
2124
2125 if (!atomic_dec_and_test(&tlink->tl_count) ||
2126 test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2127 tlink->tl_time = jiffies;
2128 return;
2129 }
2130
2131 if (!IS_ERR(tlink_tcon(tlink)))
2132 cifs_put_tcon(tlink_tcon(tlink));
2133 kfree(tlink);
2134 return;
2135 }
2136
2137 int
2138 get_dfs_path(int xid, struct cifsSesInfo *pSesInfo, const char *old_path,
2139 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
2140 struct dfs_info3_param **preferrals, int remap)
2141 {
2142 char *temp_unc;
2143 int rc = 0;
2144
2145 *pnum_referrals = 0;
2146 *preferrals = NULL;
2147
2148 if (pSesInfo->ipc_tid == 0) {
2149 temp_unc = kmalloc(2 /* for slashes */ +
2150 strnlen(pSesInfo->serverName,
2151 SERVER_NAME_LEN_WITH_NULL * 2)
2152 + 1 + 4 /* slash IPC$ */ + 2,
2153 GFP_KERNEL);
2154 if (temp_unc == NULL)
2155 return -ENOMEM;
2156 temp_unc[0] = '\\';
2157 temp_unc[1] = '\\';
2158 strcpy(temp_unc + 2, pSesInfo->serverName);
2159 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2160 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
2161 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
2162 kfree(temp_unc);
2163 }
2164 if (rc == 0)
2165 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
2166 pnum_referrals, nls_codepage, remap);
2167 /* BB map targetUNCs to dfs_info3 structures, here or
2168 in CIFSGetDFSRefer BB */
2169
2170 return rc;
2171 }
2172
2173 #ifdef CONFIG_DEBUG_LOCK_ALLOC
2174 static struct lock_class_key cifs_key[2];
2175 static struct lock_class_key cifs_slock_key[2];
2176
2177 static inline void
2178 cifs_reclassify_socket4(struct socket *sock)
2179 {
2180 struct sock *sk = sock->sk;
2181 BUG_ON(sock_owned_by_user(sk));
2182 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2183 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2184 }
2185
2186 static inline void
2187 cifs_reclassify_socket6(struct socket *sock)
2188 {
2189 struct sock *sk = sock->sk;
2190 BUG_ON(sock_owned_by_user(sk));
2191 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2192 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2193 }
2194 #else
2195 static inline void
2196 cifs_reclassify_socket4(struct socket *sock)
2197 {
2198 }
2199
2200 static inline void
2201 cifs_reclassify_socket6(struct socket *sock)
2202 {
2203 }
2204 #endif
2205
2206 /* See RFC1001 section 14 on representation of Netbios names */
2207 static void rfc1002mangle(char *target, char *source, unsigned int length)
2208 {
2209 unsigned int i, j;
2210
2211 for (i = 0, j = 0; i < (length); i++) {
2212 /* mask a nibble at a time and encode */
2213 target[j] = 'A' + (0x0F & (source[i] >> 4));
2214 target[j+1] = 'A' + (0x0F & source[i]);
2215 j += 2;
2216 }
2217
2218 }
2219
2220 static int
2221 bind_socket(struct TCP_Server_Info *server)
2222 {
2223 int rc = 0;
2224 if (server->srcaddr.ss_family != AF_UNSPEC) {
2225 /* Bind to the specified local IP address */
2226 struct socket *socket = server->ssocket;
2227 rc = socket->ops->bind(socket,
2228 (struct sockaddr *) &server->srcaddr,
2229 sizeof(server->srcaddr));
2230 if (rc < 0) {
2231 struct sockaddr_in *saddr4;
2232 struct sockaddr_in6 *saddr6;
2233 saddr4 = (struct sockaddr_in *)&server->srcaddr;
2234 saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2235 if (saddr6->sin6_family == AF_INET6)
2236 cERROR(1, "cifs: "
2237 "Failed to bind to: %pI6c, error: %d\n",
2238 &saddr6->sin6_addr, rc);
2239 else
2240 cERROR(1, "cifs: "
2241 "Failed to bind to: %pI4, error: %d\n",
2242 &saddr4->sin_addr.s_addr, rc);
2243 }
2244 }
2245 return rc;
2246 }
2247
2248 static int
2249 ip_rfc1001_connect(struct TCP_Server_Info *server)
2250 {
2251 int rc = 0;
2252 /*
2253 * some servers require RFC1001 sessinit before sending
2254 * negprot - BB check reconnection in case where second
2255 * sessinit is sent but no second negprot
2256 */
2257 struct rfc1002_session_packet *ses_init_buf;
2258 struct smb_hdr *smb_buf;
2259 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2260 GFP_KERNEL);
2261 if (ses_init_buf) {
2262 ses_init_buf->trailer.session_req.called_len = 32;
2263
2264 if (server->server_RFC1001_name &&
2265 server->server_RFC1001_name[0] != 0)
2266 rfc1002mangle(ses_init_buf->trailer.
2267 session_req.called_name,
2268 server->server_RFC1001_name,
2269 RFC1001_NAME_LEN_WITH_NULL);
2270 else
2271 rfc1002mangle(ses_init_buf->trailer.
2272 session_req.called_name,
2273 DEFAULT_CIFS_CALLED_NAME,
2274 RFC1001_NAME_LEN_WITH_NULL);
2275
2276 ses_init_buf->trailer.session_req.calling_len = 32;
2277
2278 /*
2279 * calling name ends in null (byte 16) from old smb
2280 * convention.
2281 */
2282 if (server->workstation_RFC1001_name &&
2283 server->workstation_RFC1001_name[0] != 0)
2284 rfc1002mangle(ses_init_buf->trailer.
2285 session_req.calling_name,
2286 server->workstation_RFC1001_name,
2287 RFC1001_NAME_LEN_WITH_NULL);
2288 else
2289 rfc1002mangle(ses_init_buf->trailer.
2290 session_req.calling_name,
2291 "LINUX_CIFS_CLNT",
2292 RFC1001_NAME_LEN_WITH_NULL);
2293
2294 ses_init_buf->trailer.session_req.scope1 = 0;
2295 ses_init_buf->trailer.session_req.scope2 = 0;
2296 smb_buf = (struct smb_hdr *)ses_init_buf;
2297
2298 /* sizeof RFC1002_SESSION_REQUEST with no scope */
2299 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
2300 rc = smb_send(server, smb_buf, 0x44);
2301 kfree(ses_init_buf);
2302 /*
2303 * RFC1001 layer in at least one server
2304 * requires very short break before negprot
2305 * presumably because not expecting negprot
2306 * to follow so fast. This is a simple
2307 * solution that works without
2308 * complicating the code and causes no
2309 * significant slowing down on mount
2310 * for everyone else
2311 */
2312 usleep_range(1000, 2000);
2313 }
2314 /*
2315 * else the negprot may still work without this
2316 * even though malloc failed
2317 */
2318
2319 return rc;
2320 }
2321
2322 static int
2323 generic_ip_connect(struct TCP_Server_Info *server)
2324 {
2325 int rc = 0;
2326 __be16 sport;
2327 int slen, sfamily;
2328 struct socket *socket = server->ssocket;
2329 struct sockaddr *saddr;
2330
2331 saddr = (struct sockaddr *) &server->dstaddr;
2332
2333 if (server->dstaddr.ss_family == AF_INET6) {
2334 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2335 slen = sizeof(struct sockaddr_in6);
2336 sfamily = AF_INET6;
2337 } else {
2338 sport = ((struct sockaddr_in *) saddr)->sin_port;
2339 slen = sizeof(struct sockaddr_in);
2340 sfamily = AF_INET;
2341 }
2342
2343 if (socket == NULL) {
2344 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2345 IPPROTO_TCP, &socket, 1);
2346 if (rc < 0) {
2347 cERROR(1, "Error %d creating socket", rc);
2348 server->ssocket = NULL;
2349 return rc;
2350 }
2351
2352 /* BB other socket options to set KEEPALIVE, NODELAY? */
2353 cFYI(1, "Socket created");
2354 server->ssocket = socket;
2355 socket->sk->sk_allocation = GFP_NOFS;
2356 if (sfamily == AF_INET6)
2357 cifs_reclassify_socket6(socket);
2358 else
2359 cifs_reclassify_socket4(socket);
2360 }
2361
2362 rc = bind_socket(server);
2363 if (rc < 0)
2364 return rc;
2365
2366 rc = socket->ops->connect(socket, saddr, slen, 0);
2367 if (rc < 0) {
2368 cFYI(1, "Error %d connecting to server", rc);
2369 sock_release(socket);
2370 server->ssocket = NULL;
2371 return rc;
2372 }
2373
2374 /*
2375 * Eventually check for other socket options to change from
2376 * the default. sock_setsockopt not used because it expects
2377 * user space buffer
2378 */
2379 socket->sk->sk_rcvtimeo = 7 * HZ;
2380 socket->sk->sk_sndtimeo = 5 * HZ;
2381
2382 /* make the bufsizes depend on wsize/rsize and max requests */
2383 if (server->noautotune) {
2384 if (socket->sk->sk_sndbuf < (200 * 1024))
2385 socket->sk->sk_sndbuf = 200 * 1024;
2386 if (socket->sk->sk_rcvbuf < (140 * 1024))
2387 socket->sk->sk_rcvbuf = 140 * 1024;
2388 }
2389
2390 if (server->tcp_nodelay) {
2391 int val = 1;
2392 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2393 (char *)&val, sizeof(val));
2394 if (rc)
2395 cFYI(1, "set TCP_NODELAY socket option error %d", rc);
2396 }
2397
2398 cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
2399 socket->sk->sk_sndbuf,
2400 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
2401
2402 if (sport == htons(RFC1001_PORT))
2403 rc = ip_rfc1001_connect(server);
2404
2405 return rc;
2406 }
2407
2408 static int
2409 ip_connect(struct TCP_Server_Info *server)
2410 {
2411 __be16 *sport;
2412 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2413 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2414
2415 if (server->dstaddr.ss_family == AF_INET6)
2416 sport = &addr6->sin6_port;
2417 else
2418 sport = &addr->sin_port;
2419
2420 if (*sport == 0) {
2421 int rc;
2422
2423 /* try with 445 port at first */
2424 *sport = htons(CIFS_PORT);
2425
2426 rc = generic_ip_connect(server);
2427 if (rc >= 0)
2428 return rc;
2429
2430 /* if it failed, try with 139 port */
2431 *sport = htons(RFC1001_PORT);
2432 }
2433
2434 return generic_ip_connect(server);
2435 }
2436
2437 void reset_cifs_unix_caps(int xid, struct cifsTconInfo *tcon,
2438 struct super_block *sb, struct smb_vol *vol_info)
2439 {
2440 /* if we are reconnecting then should we check to see if
2441 * any requested capabilities changed locally e.g. via
2442 * remount but we can not do much about it here
2443 * if they have (even if we could detect it by the following)
2444 * Perhaps we could add a backpointer to array of sb from tcon
2445 * or if we change to make all sb to same share the same
2446 * sb as NFS - then we only have one backpointer to sb.
2447 * What if we wanted to mount the server share twice once with
2448 * and once without posixacls or posix paths? */
2449 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2450
2451 if (vol_info && vol_info->no_linux_ext) {
2452 tcon->fsUnixInfo.Capability = 0;
2453 tcon->unix_ext = 0; /* Unix Extensions disabled */
2454 cFYI(1, "Linux protocol extensions disabled");
2455 return;
2456 } else if (vol_info)
2457 tcon->unix_ext = 1; /* Unix Extensions supported */
2458
2459 if (tcon->unix_ext == 0) {
2460 cFYI(1, "Unix extensions disabled so not set on reconnect");
2461 return;
2462 }
2463
2464 if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
2465 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2466
2467 /* check for reconnect case in which we do not
2468 want to change the mount behavior if we can avoid it */
2469 if (vol_info == NULL) {
2470 /* turn off POSIX ACL and PATHNAMES if not set
2471 originally at mount time */
2472 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2473 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2474 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2475 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2476 cERROR(1, "POSIXPATH support change");
2477 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2478 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2479 cERROR(1, "possible reconnect error");
2480 cERROR(1, "server disabled POSIX path support");
2481 }
2482 }
2483
2484 cap &= CIFS_UNIX_CAP_MASK;
2485 if (vol_info && vol_info->no_psx_acl)
2486 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2487 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
2488 cFYI(1, "negotiated posix acl support");
2489 if (sb)
2490 sb->s_flags |= MS_POSIXACL;
2491 }
2492
2493 if (vol_info && vol_info->posix_paths == 0)
2494 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2495 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
2496 cFYI(1, "negotiate posix pathnames");
2497 if (sb)
2498 CIFS_SB(sb)->mnt_cifs_flags |=
2499 CIFS_MOUNT_POSIX_PATHS;
2500 }
2501
2502 /* We might be setting the path sep back to a different
2503 form if we are reconnecting and the server switched its
2504 posix path capability for this share */
2505 if (sb && (CIFS_SB(sb)->prepathlen > 0))
2506 CIFS_SB(sb)->prepath[0] = CIFS_DIR_SEP(CIFS_SB(sb));
2507
2508 if (sb && (CIFS_SB(sb)->rsize > 127 * 1024)) {
2509 if ((cap & CIFS_UNIX_LARGE_READ_CAP) == 0) {
2510 CIFS_SB(sb)->rsize = 127 * 1024;
2511 cFYI(DBG2, "larger reads not supported by srv");
2512 }
2513 }
2514
2515
2516 cFYI(1, "Negotiate caps 0x%x", (int)cap);
2517 #ifdef CONFIG_CIFS_DEBUG2
2518 if (cap & CIFS_UNIX_FCNTL_CAP)
2519 cFYI(1, "FCNTL cap");
2520 if (cap & CIFS_UNIX_EXTATTR_CAP)
2521 cFYI(1, "EXTATTR cap");
2522 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2523 cFYI(1, "POSIX path cap");
2524 if (cap & CIFS_UNIX_XATTR_CAP)
2525 cFYI(1, "XATTR cap");
2526 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
2527 cFYI(1, "POSIX ACL cap");
2528 if (cap & CIFS_UNIX_LARGE_READ_CAP)
2529 cFYI(1, "very large read cap");
2530 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
2531 cFYI(1, "very large write cap");
2532 #endif /* CIFS_DEBUG2 */
2533 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
2534 if (vol_info == NULL) {
2535 cFYI(1, "resetting capabilities failed");
2536 } else
2537 cERROR(1, "Negotiating Unix capabilities "
2538 "with the server failed. Consider "
2539 "mounting with the Unix Extensions\n"
2540 "disabled, if problems are found, "
2541 "by specifying the nounix mount "
2542 "option.");
2543
2544 }
2545 }
2546 }
2547
2548 static void
2549 convert_delimiter(char *path, char delim)
2550 {
2551 int i;
2552 char old_delim;
2553
2554 if (path == NULL)
2555 return;
2556
2557 if (delim == '/')
2558 old_delim = '\\';
2559 else
2560 old_delim = '/';
2561
2562 for (i = 0; path[i] != '\0'; i++) {
2563 if (path[i] == old_delim)
2564 path[i] = delim;
2565 }
2566 }
2567
2568 static void setup_cifs_sb(struct smb_vol *pvolume_info,
2569 struct cifs_sb_info *cifs_sb)
2570 {
2571 INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2572
2573 if (pvolume_info->rsize > CIFSMaxBufSize) {
2574 cERROR(1, "rsize %d too large, using MaxBufSize",
2575 pvolume_info->rsize);
2576 cifs_sb->rsize = CIFSMaxBufSize;
2577 } else if ((pvolume_info->rsize) &&
2578 (pvolume_info->rsize <= CIFSMaxBufSize))
2579 cifs_sb->rsize = pvolume_info->rsize;
2580 else /* default */
2581 cifs_sb->rsize = CIFSMaxBufSize;
2582
2583 if (pvolume_info->wsize > PAGEVEC_SIZE * PAGE_CACHE_SIZE) {
2584 cERROR(1, "wsize %d too large, using 4096 instead",
2585 pvolume_info->wsize);
2586 cifs_sb->wsize = 4096;
2587 } else if (pvolume_info->wsize)
2588 cifs_sb->wsize = pvolume_info->wsize;
2589 else
2590 cifs_sb->wsize = min_t(const int,
2591 PAGEVEC_SIZE * PAGE_CACHE_SIZE,
2592 127*1024);
2593 /* old default of CIFSMaxBufSize was too small now
2594 that SMB Write2 can send multiple pages in kvec.
2595 RFC1001 does not describe what happens when frame
2596 bigger than 128K is sent so use that as max in
2597 conjunction with 52K kvec constraint on arch with 4K
2598 page size */
2599
2600 if (cifs_sb->rsize < 2048) {
2601 cifs_sb->rsize = 2048;
2602 /* Windows ME may prefer this */
2603 cFYI(1, "readsize set to minimum: 2048");
2604 }
2605 /* calculate prepath */
2606 cifs_sb->prepath = pvolume_info->prepath;
2607 if (cifs_sb->prepath) {
2608 cifs_sb->prepathlen = strlen(cifs_sb->prepath);
2609 /* we can not convert the / to \ in the path
2610 separators in the prefixpath yet because we do not
2611 know (until reset_cifs_unix_caps is called later)
2612 whether POSIX PATH CAP is available. We normalize
2613 the / to \ after reset_cifs_unix_caps is called */
2614 pvolume_info->prepath = NULL;
2615 } else
2616 cifs_sb->prepathlen = 0;
2617 cifs_sb->mnt_uid = pvolume_info->linux_uid;
2618 cifs_sb->mnt_gid = pvolume_info->linux_gid;
2619 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2620 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
2621 cFYI(1, "file mode: 0x%x dir mode: 0x%x",
2622 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
2623
2624 cifs_sb->actimeo = pvolume_info->actimeo;
2625
2626 if (pvolume_info->noperm)
2627 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2628 if (pvolume_info->setuids)
2629 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2630 if (pvolume_info->server_ino)
2631 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2632 if (pvolume_info->remap)
2633 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2634 if (pvolume_info->no_xattr)
2635 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2636 if (pvolume_info->sfu_emul)
2637 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2638 if (pvolume_info->nobrl)
2639 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
2640 if (pvolume_info->nostrictsync)
2641 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
2642 if (pvolume_info->mand_lock)
2643 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
2644 if (pvolume_info->cifs_acl)
2645 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
2646 if (pvolume_info->override_uid)
2647 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
2648 if (pvolume_info->override_gid)
2649 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
2650 if (pvolume_info->dynperm)
2651 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
2652 if (pvolume_info->fsc)
2653 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
2654 if (pvolume_info->multiuser)
2655 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
2656 CIFS_MOUNT_NO_PERM);
2657 if (pvolume_info->strict_io)
2658 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
2659 if (pvolume_info->direct_io) {
2660 cFYI(1, "mounting share using direct i/o");
2661 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
2662 }
2663 if (pvolume_info->mfsymlinks) {
2664 if (pvolume_info->sfu_emul) {
2665 cERROR(1, "mount option mfsymlinks ignored if sfu "
2666 "mount option is used");
2667 } else {
2668 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
2669 }
2670 }
2671
2672 if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
2673 cERROR(1, "mount option dynperm ignored if cifsacl "
2674 "mount option supported");
2675 }
2676
2677 static int
2678 is_path_accessible(int xid, struct cifsTconInfo *tcon,
2679 struct cifs_sb_info *cifs_sb, const char *full_path)
2680 {
2681 int rc;
2682 FILE_ALL_INFO *pfile_info;
2683
2684 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
2685 if (pfile_info == NULL)
2686 return -ENOMEM;
2687
2688 rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
2689 0 /* not legacy */, cifs_sb->local_nls,
2690 cifs_sb->mnt_cifs_flags &
2691 CIFS_MOUNT_MAP_SPECIAL_CHR);
2692
2693 if (rc == -EOPNOTSUPP || rc == -EINVAL)
2694 rc = SMBQueryInformation(xid, tcon, full_path, pfile_info,
2695 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
2696 CIFS_MOUNT_MAP_SPECIAL_CHR);
2697 kfree(pfile_info);
2698 return rc;
2699 }
2700
2701 static void
2702 cleanup_volume_info(struct smb_vol **pvolume_info)
2703 {
2704 struct smb_vol *volume_info;
2705
2706 if (!pvolume_info || !*pvolume_info)
2707 return;
2708
2709 volume_info = *pvolume_info;
2710 kzfree(volume_info->password);
2711 kfree(volume_info->UNC);
2712 kfree(volume_info->prepath);
2713 kfree(volume_info);
2714 *pvolume_info = NULL;
2715 return;
2716 }
2717
2718 #ifdef CONFIG_CIFS_DFS_UPCALL
2719 /* build_path_to_root returns full path to root when
2720 * we do not have an exiting connection (tcon) */
2721 static char *
2722 build_unc_path_to_root(const struct smb_vol *volume_info,
2723 const struct cifs_sb_info *cifs_sb)
2724 {
2725 char *full_path;
2726
2727 int unc_len = strnlen(volume_info->UNC, MAX_TREE_SIZE + 1);
2728 full_path = kmalloc(unc_len + cifs_sb->prepathlen + 1, GFP_KERNEL);
2729 if (full_path == NULL)
2730 return ERR_PTR(-ENOMEM);
2731
2732 strncpy(full_path, volume_info->UNC, unc_len);
2733 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) {
2734 int i;
2735 for (i = 0; i < unc_len; i++) {
2736 if (full_path[i] == '\\')
2737 full_path[i] = '/';
2738 }
2739 }
2740
2741 if (cifs_sb->prepathlen)
2742 strncpy(full_path + unc_len, cifs_sb->prepath,
2743 cifs_sb->prepathlen);
2744
2745 full_path[unc_len + cifs_sb->prepathlen] = 0; /* add trailing null */
2746 return full_path;
2747 }
2748 #endif
2749
2750 int
2751 cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
2752 char *mount_data_global, const char *devname)
2753 {
2754 int rc;
2755 int xid;
2756 struct smb_vol *volume_info;
2757 struct cifsSesInfo *pSesInfo;
2758 struct cifsTconInfo *tcon;
2759 struct TCP_Server_Info *srvTcp;
2760 char *full_path;
2761 char *mount_data = mount_data_global;
2762 struct tcon_link *tlink;
2763 #ifdef CONFIG_CIFS_DFS_UPCALL
2764 struct dfs_info3_param *referrals = NULL;
2765 unsigned int num_referrals = 0;
2766 int referral_walks_count = 0;
2767 try_mount_again:
2768 #endif
2769 rc = 0;
2770 tcon = NULL;
2771 pSesInfo = NULL;
2772 srvTcp = NULL;
2773 full_path = NULL;
2774 tlink = NULL;
2775
2776 xid = GetXid();
2777
2778 volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
2779 if (!volume_info) {
2780 rc = -ENOMEM;
2781 goto out;
2782 }
2783
2784 if (cifs_parse_mount_options(mount_data, devname, volume_info)) {
2785 rc = -EINVAL;
2786 goto out;
2787 }
2788
2789 if (volume_info->nullauth) {
2790 cFYI(1, "null user");
2791 volume_info->username = "";
2792 } else if (volume_info->username) {
2793 /* BB fixme parse for domain name here */
2794 cFYI(1, "Username: %s", volume_info->username);
2795 } else {
2796 cifserror("No username specified");
2797 /* In userspace mount helper we can get user name from alternate
2798 locations such as env variables and files on disk */
2799 rc = -EINVAL;
2800 goto out;
2801 }
2802
2803 /* this is needed for ASCII cp to Unicode converts */
2804 if (volume_info->iocharset == NULL) {
2805 /* load_nls_default cannot return null */
2806 volume_info->local_nls = load_nls_default();
2807 } else {
2808 volume_info->local_nls = load_nls(volume_info->iocharset);
2809 if (volume_info->local_nls == NULL) {
2810 cERROR(1, "CIFS mount error: iocharset %s not found",
2811 volume_info->iocharset);
2812 rc = -ELIBACC;
2813 goto out;
2814 }
2815 }
2816 cifs_sb->local_nls = volume_info->local_nls;
2817
2818 /* get a reference to a tcp session */
2819 srvTcp = cifs_get_tcp_session(volume_info);
2820 if (IS_ERR(srvTcp)) {
2821 rc = PTR_ERR(srvTcp);
2822 goto out;
2823 }
2824
2825 /* get a reference to a SMB session */
2826 pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
2827 if (IS_ERR(pSesInfo)) {
2828 rc = PTR_ERR(pSesInfo);
2829 pSesInfo = NULL;
2830 goto mount_fail_check;
2831 }
2832
2833 setup_cifs_sb(volume_info, cifs_sb);
2834 if (pSesInfo->capabilities & CAP_LARGE_FILES)
2835 sb->s_maxbytes = MAX_LFS_FILESIZE;
2836 else
2837 sb->s_maxbytes = MAX_NON_LFS;
2838
2839 /* BB FIXME fix time_gran to be larger for LANMAN sessions */
2840 sb->s_time_gran = 100;
2841
2842 /* search for existing tcon to this server share */
2843 tcon = cifs_get_tcon(pSesInfo, volume_info);
2844 if (IS_ERR(tcon)) {
2845 rc = PTR_ERR(tcon);
2846 tcon = NULL;
2847 goto remote_path_check;
2848 }
2849
2850 /* do not care if following two calls succeed - informational */
2851 if (!tcon->ipc) {
2852 CIFSSMBQFSDeviceInfo(xid, tcon);
2853 CIFSSMBQFSAttributeInfo(xid, tcon);
2854 }
2855
2856 /* tell server which Unix caps we support */
2857 if (tcon->ses->capabilities & CAP_UNIX)
2858 /* reset of caps checks mount to see if unix extensions
2859 disabled for just this mount */
2860 reset_cifs_unix_caps(xid, tcon, sb, volume_info);
2861 else
2862 tcon->unix_ext = 0; /* server does not support them */
2863
2864 /* convert forward to back slashes in prepath here if needed */
2865 if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) == 0)
2866 convert_delimiter(cifs_sb->prepath, CIFS_DIR_SEP(cifs_sb));
2867
2868 if ((tcon->unix_ext == 0) && (cifs_sb->rsize > (1024 * 127))) {
2869 cifs_sb->rsize = 1024 * 127;
2870 cFYI(DBG2, "no very large read support, rsize now 127K");
2871 }
2872 if (!(tcon->ses->capabilities & CAP_LARGE_WRITE_X))
2873 cifs_sb->wsize = min(cifs_sb->wsize,
2874 (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
2875 if (!(tcon->ses->capabilities & CAP_LARGE_READ_X))
2876 cifs_sb->rsize = min(cifs_sb->rsize,
2877 (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
2878
2879 remote_path_check:
2880 /* check if a whole path (including prepath) is not remote */
2881 if (!rc && tcon) {
2882 /* build_path_to_root works only when we have a valid tcon */
2883 full_path = cifs_build_path_to_root(cifs_sb, tcon);
2884 if (full_path == NULL) {
2885 rc = -ENOMEM;
2886 goto mount_fail_check;
2887 }
2888 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
2889 if (rc != 0 && rc != -EREMOTE) {
2890 kfree(full_path);
2891 goto mount_fail_check;
2892 }
2893 kfree(full_path);
2894 }
2895
2896 /* get referral if needed */
2897 if (rc == -EREMOTE) {
2898 #ifdef CONFIG_CIFS_DFS_UPCALL
2899 if (referral_walks_count > MAX_NESTED_LINKS) {
2900 /*
2901 * BB: when we implement proper loop detection,
2902 * we will remove this check. But now we need it
2903 * to prevent an indefinite loop if 'DFS tree' is
2904 * misconfigured (i.e. has loops).
2905 */
2906 rc = -ELOOP;
2907 goto mount_fail_check;
2908 }
2909 /* convert forward to back slashes in prepath here if needed */
2910 if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) == 0)
2911 convert_delimiter(cifs_sb->prepath,
2912 CIFS_DIR_SEP(cifs_sb));
2913 full_path = build_unc_path_to_root(volume_info, cifs_sb);
2914 if (IS_ERR(full_path)) {
2915 rc = PTR_ERR(full_path);
2916 goto mount_fail_check;
2917 }
2918
2919 cFYI(1, "Getting referral for: %s", full_path);
2920 rc = get_dfs_path(xid, pSesInfo , full_path + 1,
2921 cifs_sb->local_nls, &num_referrals, &referrals,
2922 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
2923 if (!rc && num_referrals > 0) {
2924 char *fake_devname = NULL;
2925
2926 if (mount_data != mount_data_global)
2927 kfree(mount_data);
2928
2929 mount_data = cifs_compose_mount_options(
2930 cifs_sb->mountdata, full_path + 1,
2931 referrals, &fake_devname);
2932
2933 free_dfs_info_array(referrals, num_referrals);
2934 kfree(fake_devname);
2935 kfree(full_path);
2936
2937 if (IS_ERR(mount_data)) {
2938 rc = PTR_ERR(mount_data);
2939 mount_data = NULL;
2940 goto mount_fail_check;
2941 }
2942
2943 if (tcon)
2944 cifs_put_tcon(tcon);
2945 else if (pSesInfo)
2946 cifs_put_smb_ses(pSesInfo);
2947
2948 cleanup_volume_info(&volume_info);
2949 referral_walks_count++;
2950 FreeXid(xid);
2951 goto try_mount_again;
2952 }
2953 #else /* No DFS support, return error on mount */
2954 rc = -EOPNOTSUPP;
2955 #endif
2956 }
2957
2958 if (rc)
2959 goto mount_fail_check;
2960
2961 /* now, hang the tcon off of the superblock */
2962 tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
2963 if (tlink == NULL) {
2964 rc = -ENOMEM;
2965 goto mount_fail_check;
2966 }
2967
2968 tlink->tl_uid = pSesInfo->linux_uid;
2969 tlink->tl_tcon = tcon;
2970 tlink->tl_time = jiffies;
2971 set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
2972 set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
2973
2974 cifs_sb->master_tlink = tlink;
2975 spin_lock(&cifs_sb->tlink_tree_lock);
2976 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
2977 spin_unlock(&cifs_sb->tlink_tree_lock);
2978
2979 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
2980 TLINK_IDLE_EXPIRE);
2981
2982 mount_fail_check:
2983 /* on error free sesinfo and tcon struct if needed */
2984 if (rc) {
2985 if (mount_data != mount_data_global)
2986 kfree(mount_data);
2987 /* If find_unc succeeded then rc == 0 so we can not end */
2988 /* up accidentally freeing someone elses tcon struct */
2989 if (tcon)
2990 cifs_put_tcon(tcon);
2991 else if (pSesInfo)
2992 cifs_put_smb_ses(pSesInfo);
2993 else
2994 cifs_put_tcp_session(srvTcp);
2995 goto out;
2996 }
2997
2998 /* volume_info->password is freed above when existing session found
2999 (in which case it is not needed anymore) but when new sesion is created
3000 the password ptr is put in the new session structure (in which case the
3001 password will be freed at unmount time) */
3002 out:
3003 /* zero out password before freeing */
3004 cleanup_volume_info(&volume_info);
3005 FreeXid(xid);
3006 return rc;
3007 }
3008
3009 int
3010 CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
3011 const char *tree, struct cifsTconInfo *tcon,
3012 const struct nls_table *nls_codepage)
3013 {
3014 struct smb_hdr *smb_buffer;
3015 struct smb_hdr *smb_buffer_response;
3016 TCONX_REQ *pSMB;
3017 TCONX_RSP *pSMBr;
3018 unsigned char *bcc_ptr;
3019 int rc = 0;
3020 int length;
3021 __u16 bytes_left, count;
3022
3023 if (ses == NULL)
3024 return -EIO;
3025
3026 smb_buffer = cifs_buf_get();
3027 if (smb_buffer == NULL)
3028 return -ENOMEM;
3029
3030 smb_buffer_response = smb_buffer;
3031
3032 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3033 NULL /*no tid */ , 4 /*wct */ );
3034
3035 smb_buffer->Mid = GetNextMid(ses->server);
3036 smb_buffer->Uid = ses->Suid;
3037 pSMB = (TCONX_REQ *) smb_buffer;
3038 pSMBr = (TCONX_RSP *) smb_buffer_response;
3039
3040 pSMB->AndXCommand = 0xFF;
3041 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
3042 bcc_ptr = &pSMB->Password[0];
3043 if ((ses->server->secMode) & SECMODE_USER) {
3044 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
3045 *bcc_ptr = 0; /* password is null byte */
3046 bcc_ptr++; /* skip password */
3047 /* already aligned so no need to do it below */
3048 } else {
3049 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
3050 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3051 specified as required (when that support is added to
3052 the vfs in the future) as only NTLM or the much
3053 weaker LANMAN (which we do not send by default) is accepted
3054 by Samba (not sure whether other servers allow
3055 NTLMv2 password here) */
3056 #ifdef CONFIG_CIFS_WEAK_PW_HASH
3057 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
3058 (ses->server->secType == LANMAN))
3059 calc_lanman_hash(tcon->password, ses->server->cryptkey,
3060 ses->server->secMode &
3061 SECMODE_PW_ENCRYPT ? true : false,
3062 bcc_ptr);
3063 else
3064 #endif /* CIFS_WEAK_PW_HASH */
3065 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
3066 bcc_ptr);
3067
3068 bcc_ptr += CIFS_AUTH_RESP_SIZE;
3069 if (ses->capabilities & CAP_UNICODE) {
3070 /* must align unicode strings */
3071 *bcc_ptr = 0; /* null byte password */
3072 bcc_ptr++;
3073 }
3074 }
3075
3076 if (ses->server->secMode &
3077 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
3078 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3079
3080 if (ses->capabilities & CAP_STATUS32) {
3081 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3082 }
3083 if (ses->capabilities & CAP_DFS) {
3084 smb_buffer->Flags2 |= SMBFLG2_DFS;
3085 }
3086 if (ses->capabilities & CAP_UNICODE) {
3087 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3088 length =
3089 cifs_strtoUCS((__le16 *) bcc_ptr, tree,
3090 6 /* max utf8 char length in bytes */ *
3091 (/* server len*/ + 256 /* share len */), nls_codepage);
3092 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
3093 bcc_ptr += 2; /* skip trailing null */
3094 } else { /* ASCII */
3095 strcpy(bcc_ptr, tree);
3096 bcc_ptr += strlen(tree) + 1;
3097 }
3098 strcpy(bcc_ptr, "?????");
3099 bcc_ptr += strlen("?????");
3100 bcc_ptr += 1;
3101 count = bcc_ptr - &pSMB->Password[0];
3102 pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
3103 pSMB->hdr.smb_buf_length) + count);
3104 pSMB->ByteCount = cpu_to_le16(count);
3105
3106 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
3107 0);
3108
3109 /* above now done in SendReceive */
3110 if ((rc == 0) && (tcon != NULL)) {
3111 bool is_unicode;
3112
3113 tcon->tidStatus = CifsGood;
3114 tcon->need_reconnect = false;
3115 tcon->tid = smb_buffer_response->Tid;
3116 bcc_ptr = pByteArea(smb_buffer_response);
3117 bytes_left = get_bcc(smb_buffer_response);
3118 length = strnlen(bcc_ptr, bytes_left - 2);
3119 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3120 is_unicode = true;
3121 else
3122 is_unicode = false;
3123
3124
3125 /* skip service field (NB: this field is always ASCII) */
3126 if (length == 3) {
3127 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
3128 (bcc_ptr[2] == 'C')) {
3129 cFYI(1, "IPC connection");
3130 tcon->ipc = 1;
3131 }
3132 } else if (length == 2) {
3133 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
3134 /* the most common case */
3135 cFYI(1, "disk share connection");
3136 }
3137 }
3138 bcc_ptr += length + 1;
3139 bytes_left -= (length + 1);
3140 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
3141
3142 /* mostly informational -- no need to fail on error here */
3143 kfree(tcon->nativeFileSystem);
3144 tcon->nativeFileSystem = cifs_strndup_from_ucs(bcc_ptr,
3145 bytes_left, is_unicode,
3146 nls_codepage);
3147
3148 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
3149
3150 if ((smb_buffer_response->WordCount == 3) ||
3151 (smb_buffer_response->WordCount == 7))
3152 /* field is in same location */
3153 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3154 else
3155 tcon->Flags = 0;
3156 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
3157 } else if ((rc == 0) && tcon == NULL) {
3158 /* all we need to save for IPC$ connection */
3159 ses->ipc_tid = smb_buffer_response->Tid;
3160 }
3161
3162 cifs_buf_release(smb_buffer);
3163 return rc;
3164 }
3165
3166 int
3167 cifs_umount(struct super_block *sb, struct cifs_sb_info *cifs_sb)
3168 {
3169 struct rb_root *root = &cifs_sb->tlink_tree;
3170 struct rb_node *node;
3171 struct tcon_link *tlink;
3172 char *tmp;
3173
3174 cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
3175
3176 spin_lock(&cifs_sb->tlink_tree_lock);
3177 while ((node = rb_first(root))) {
3178 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3179 cifs_get_tlink(tlink);
3180 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3181 rb_erase(node, root);
3182
3183 spin_unlock(&cifs_sb->tlink_tree_lock);
3184 cifs_put_tlink(tlink);
3185 spin_lock(&cifs_sb->tlink_tree_lock);
3186 }
3187 spin_unlock(&cifs_sb->tlink_tree_lock);
3188
3189 tmp = cifs_sb->prepath;
3190 cifs_sb->prepathlen = 0;
3191 cifs_sb->prepath = NULL;
3192 kfree(tmp);
3193
3194 return 0;
3195 }
3196
3197 int cifs_negotiate_protocol(unsigned int xid, struct cifsSesInfo *ses)
3198 {
3199 int rc = 0;
3200 struct TCP_Server_Info *server = ses->server;
3201
3202 /* only send once per connect */
3203 if (server->maxBuf != 0)
3204 return 0;
3205
3206 rc = CIFSSMBNegotiate(xid, ses);
3207 if (rc == -EAGAIN) {
3208 /* retry only once on 1st time connection */
3209 rc = CIFSSMBNegotiate(xid, ses);
3210 if (rc == -EAGAIN)
3211 rc = -EHOSTDOWN;
3212 }
3213 if (rc == 0) {
3214 spin_lock(&GlobalMid_Lock);
3215 if (server->tcpStatus != CifsExiting)
3216 server->tcpStatus = CifsGood;
3217 else
3218 rc = -EHOSTDOWN;
3219 spin_unlock(&GlobalMid_Lock);
3220
3221 }
3222
3223 return rc;
3224 }
3225
3226
3227 int cifs_setup_session(unsigned int xid, struct cifsSesInfo *ses,
3228 struct nls_table *nls_info)
3229 {
3230 int rc = 0;
3231 struct TCP_Server_Info *server = ses->server;
3232
3233 ses->flags = 0;
3234 ses->capabilities = server->capabilities;
3235 if (linuxExtEnabled == 0)
3236 ses->capabilities &= (~CAP_UNIX);
3237
3238 cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
3239 server->secMode, server->capabilities, server->timeAdj);
3240
3241 rc = CIFS_SessSetup(xid, ses, nls_info);
3242 if (rc) {
3243 cERROR(1, "Send error in SessSetup = %d", rc);
3244 } else {
3245 mutex_lock(&ses->server->srv_mutex);
3246 if (!server->session_estab) {
3247 server->session_key.response = ses->auth_key.response;
3248 server->session_key.len = ses->auth_key.len;
3249 server->sequence_number = 0x2;
3250 server->session_estab = true;
3251 ses->auth_key.response = NULL;
3252 }
3253 mutex_unlock(&server->srv_mutex);
3254
3255 cFYI(1, "CIFS Session Established successfully");
3256 spin_lock(&GlobalMid_Lock);
3257 ses->status = CifsGood;
3258 ses->need_reconnect = false;
3259 spin_unlock(&GlobalMid_Lock);
3260 }
3261
3262 kfree(ses->auth_key.response);
3263 ses->auth_key.response = NULL;
3264 ses->auth_key.len = 0;
3265 kfree(ses->ntlmssp);
3266 ses->ntlmssp = NULL;
3267
3268 return rc;
3269 }
3270
3271 static struct cifsTconInfo *
3272 cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
3273 {
3274 struct cifsTconInfo *master_tcon = cifs_sb_master_tcon(cifs_sb);
3275 struct cifsSesInfo *ses;
3276 struct cifsTconInfo *tcon = NULL;
3277 struct smb_vol *vol_info;
3278 char username[28]; /* big enough for "krb50x" + hex of ULONG_MAX 6+16 */
3279 /* We used to have this as MAX_USERNAME which is */
3280 /* way too big now (256 instead of 32) */
3281
3282 vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
3283 if (vol_info == NULL) {
3284 tcon = ERR_PTR(-ENOMEM);
3285 goto out;
3286 }
3287
3288 snprintf(username, MAX_USERNAME_SIZE, "krb50x%x", fsuid);
3289 vol_info->username = username;
3290 vol_info->local_nls = cifs_sb->local_nls;
3291 vol_info->linux_uid = fsuid;
3292 vol_info->cred_uid = fsuid;
3293 vol_info->UNC = master_tcon->treeName;
3294 vol_info->retry = master_tcon->retry;
3295 vol_info->nocase = master_tcon->nocase;
3296 vol_info->local_lease = master_tcon->local_lease;
3297 vol_info->no_linux_ext = !master_tcon->unix_ext;
3298
3299 /* FIXME: allow for other secFlg settings */
3300 vol_info->secFlg = CIFSSEC_MUST_KRB5;
3301
3302 /* get a reference for the same TCP session */
3303 spin_lock(&cifs_tcp_ses_lock);
3304 ++master_tcon->ses->server->srv_count;
3305 spin_unlock(&cifs_tcp_ses_lock);
3306
3307 ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
3308 if (IS_ERR(ses)) {
3309 tcon = (struct cifsTconInfo *)ses;
3310 cifs_put_tcp_session(master_tcon->ses->server);
3311 goto out;
3312 }
3313
3314 tcon = cifs_get_tcon(ses, vol_info);
3315 if (IS_ERR(tcon)) {
3316 cifs_put_smb_ses(ses);
3317 goto out;
3318 }
3319
3320 if (ses->capabilities & CAP_UNIX)
3321 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
3322 out:
3323 kfree(vol_info);
3324
3325 return tcon;
3326 }
3327
3328 static inline struct tcon_link *
3329 cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
3330 {
3331 return cifs_sb->master_tlink;
3332 }
3333
3334 struct cifsTconInfo *
3335 cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
3336 {
3337 return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
3338 }
3339
3340 static int
3341 cifs_sb_tcon_pending_wait(void *unused)
3342 {
3343 schedule();
3344 return signal_pending(current) ? -ERESTARTSYS : 0;
3345 }
3346
3347 /* find and return a tlink with given uid */
3348 static struct tcon_link *
3349 tlink_rb_search(struct rb_root *root, uid_t uid)
3350 {
3351 struct rb_node *node = root->rb_node;
3352 struct tcon_link *tlink;
3353
3354 while (node) {
3355 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3356
3357 if (tlink->tl_uid > uid)
3358 node = node->rb_left;
3359 else if (tlink->tl_uid < uid)
3360 node = node->rb_right;
3361 else
3362 return tlink;
3363 }
3364 return NULL;
3365 }
3366
3367 /* insert a tcon_link into the tree */
3368 static void
3369 tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
3370 {
3371 struct rb_node **new = &(root->rb_node), *parent = NULL;
3372 struct tcon_link *tlink;
3373
3374 while (*new) {
3375 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
3376 parent = *new;
3377
3378 if (tlink->tl_uid > new_tlink->tl_uid)
3379 new = &((*new)->rb_left);
3380 else
3381 new = &((*new)->rb_right);
3382 }
3383
3384 rb_link_node(&new_tlink->tl_rbnode, parent, new);
3385 rb_insert_color(&new_tlink->tl_rbnode, root);
3386 }
3387
3388 /*
3389 * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
3390 * current task.
3391 *
3392 * If the superblock doesn't refer to a multiuser mount, then just return
3393 * the master tcon for the mount.
3394 *
3395 * First, search the rbtree for an existing tcon for this fsuid. If one
3396 * exists, then check to see if it's pending construction. If it is then wait
3397 * for construction to complete. Once it's no longer pending, check to see if
3398 * it failed and either return an error or retry construction, depending on
3399 * the timeout.
3400 *
3401 * If one doesn't exist then insert a new tcon_link struct into the tree and
3402 * try to construct a new one.
3403 */
3404 struct tcon_link *
3405 cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
3406 {
3407 int ret;
3408 uid_t fsuid = current_fsuid();
3409 struct tcon_link *tlink, *newtlink;
3410
3411 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
3412 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
3413
3414 spin_lock(&cifs_sb->tlink_tree_lock);
3415 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
3416 if (tlink)
3417 cifs_get_tlink(tlink);
3418 spin_unlock(&cifs_sb->tlink_tree_lock);
3419
3420 if (tlink == NULL) {
3421 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
3422 if (newtlink == NULL)
3423 return ERR_PTR(-ENOMEM);
3424 newtlink->tl_uid = fsuid;
3425 newtlink->tl_tcon = ERR_PTR(-EACCES);
3426 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
3427 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
3428 cifs_get_tlink(newtlink);
3429
3430 spin_lock(&cifs_sb->tlink_tree_lock);
3431 /* was one inserted after previous search? */
3432 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
3433 if (tlink) {
3434 cifs_get_tlink(tlink);
3435 spin_unlock(&cifs_sb->tlink_tree_lock);
3436 kfree(newtlink);
3437 goto wait_for_construction;
3438 }
3439 tlink = newtlink;
3440 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
3441 spin_unlock(&cifs_sb->tlink_tree_lock);
3442 } else {
3443 wait_for_construction:
3444 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
3445 cifs_sb_tcon_pending_wait,
3446 TASK_INTERRUPTIBLE);
3447 if (ret) {
3448 cifs_put_tlink(tlink);
3449 return ERR_PTR(ret);
3450 }
3451
3452 /* if it's good, return it */
3453 if (!IS_ERR(tlink->tl_tcon))
3454 return tlink;
3455
3456 /* return error if we tried this already recently */
3457 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
3458 cifs_put_tlink(tlink);
3459 return ERR_PTR(-EACCES);
3460 }
3461
3462 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
3463 goto wait_for_construction;
3464 }
3465
3466 tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
3467 clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
3468 wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
3469
3470 if (IS_ERR(tlink->tl_tcon)) {
3471 cifs_put_tlink(tlink);
3472 return ERR_PTR(-EACCES);
3473 }
3474
3475 return tlink;
3476 }
3477
3478 /*
3479 * periodic workqueue job that scans tcon_tree for a superblock and closes
3480 * out tcons.
3481 */
3482 static void
3483 cifs_prune_tlinks(struct work_struct *work)
3484 {
3485 struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
3486 prune_tlinks.work);
3487 struct rb_root *root = &cifs_sb->tlink_tree;
3488 struct rb_node *node = rb_first(root);
3489 struct rb_node *tmp;
3490 struct tcon_link *tlink;
3491
3492 /*
3493 * Because we drop the spinlock in the loop in order to put the tlink
3494 * it's not guarded against removal of links from the tree. The only
3495 * places that remove entries from the tree are this function and
3496 * umounts. Because this function is non-reentrant and is canceled
3497 * before umount can proceed, this is safe.
3498 */
3499 spin_lock(&cifs_sb->tlink_tree_lock);
3500 node = rb_first(root);
3501 while (node != NULL) {
3502 tmp = node;
3503 node = rb_next(tmp);
3504 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
3505
3506 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
3507 atomic_read(&tlink->tl_count) != 0 ||
3508 time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
3509 continue;
3510
3511 cifs_get_tlink(tlink);
3512 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3513 rb_erase(tmp, root);
3514
3515 spin_unlock(&cifs_sb->tlink_tree_lock);
3516 cifs_put_tlink(tlink);
3517 spin_lock(&cifs_sb->tlink_tree_lock);
3518 }
3519 spin_unlock(&cifs_sb->tlink_tree_lock);
3520
3521 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3522 TLINK_IDLE_EXPIRE);
3523 }
Linux 2.6 ibm-acpi/thinkpad-acpi driver git tree