search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Lockd: create permanent lockd sockets in current network namespace
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / fs / cifs / connect.c
blob986709a8d903294347a9b13fb3f61852f3877e7d
1 /*
2 * fs/cifs/connect.c
3 *
4 * Copyright (C) International Business Machines Corp., 2002,2009
5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/slab.h>
27 #include <linux/pagemap.h>
28 #include <linux/ctype.h>
29 #include <linux/utsname.h>
30 #include <linux/mempool.h>
31 #include <linux/delay.h>
32 #include <linux/completion.h>
33 #include <linux/kthread.h>
34 #include <linux/pagevec.h>
35 #include <linux/freezer.h>
36 #include <linux/namei.h>
37 #include <asm/uaccess.h>
38 #include <asm/processor.h>
39 #include <linux/inet.h>
40 #include <linux/module.h>
41 #include <keys/user-type.h>
42 #include <net/ipv6.h>
43 #include "cifspdu.h"
44 #include "cifsglob.h"
45 #include "cifsproto.h"
46 #include "cifs_unicode.h"
47 #include "cifs_debug.h"
48 #include "cifs_fs_sb.h"
49 #include "ntlmssp.h"
50 #include "nterr.h"
51 #include "rfc1002pdu.h"
52 #include "fscache.h"
53
54 #define CIFS_PORT 445
55 #define RFC1001_PORT 139
56
57 /* SMB echo "timeout" -- FIXME: tunable? */
58 #define SMB_ECHO_INTERVAL (60 * HZ)
59
60 extern mempool_t *cifs_req_poolp;
61
62 /* FIXME: should these be tunable? */
63 #define TLINK_ERROR_EXPIRE (1 * HZ)
64 #define TLINK_IDLE_EXPIRE (600 * HZ)
65
66 static int ip_connect(struct TCP_Server_Info *server);
67 static int generic_ip_connect(struct TCP_Server_Info *server);
68 static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
69 static void cifs_prune_tlinks(struct work_struct *work);
70 static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
71 const char *devname);
72
73 /*
74 * cifs tcp session reconnection
75 *
76 * mark tcp session as reconnecting so temporarily locked
77 * mark all smb sessions as reconnecting for tcp session
78 * reconnect tcp session
79 * wake up waiters on reconnection? - (not needed currently)
80 */
81 static int
82 cifs_reconnect(struct TCP_Server_Info *server)
83 {
84 int rc = 0;
85 struct list_head *tmp, *tmp2;
86 struct cifs_ses *ses;
87 struct cifs_tcon *tcon;
88 struct mid_q_entry *mid_entry;
89 struct list_head retry_list;
90
91 spin_lock(&GlobalMid_Lock);
92 if (server->tcpStatus == CifsExiting) {
93 /* the demux thread will exit normally
94 next time through the loop */
95 spin_unlock(&GlobalMid_Lock);
96 return rc;
97 } else
98 server->tcpStatus = CifsNeedReconnect;
99 spin_unlock(&GlobalMid_Lock);
100 server->maxBuf = 0;
101
102 cFYI(1, "Reconnecting tcp session");
103
104 /* before reconnecting the tcp session, mark the smb session (uid)
105 and the tid bad so they are not used until reconnected */
106 cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
107 spin_lock(&cifs_tcp_ses_lock);
108 list_for_each(tmp, &server->smb_ses_list) {
109 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
110 ses->need_reconnect = true;
111 ses->ipc_tid = 0;
112 list_for_each(tmp2, &ses->tcon_list) {
113 tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
114 tcon->need_reconnect = true;
115 }
116 }
117 spin_unlock(&cifs_tcp_ses_lock);
118
119 /* do not want to be sending data on a socket we are freeing */
120 cFYI(1, "%s: tearing down socket", __func__);
121 mutex_lock(&server->srv_mutex);
122 if (server->ssocket) {
123 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
124 server->ssocket->flags);
125 kernel_sock_shutdown(server->ssocket, SHUT_WR);
126 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
127 server->ssocket->state,
128 server->ssocket->flags);
129 sock_release(server->ssocket);
130 server->ssocket = NULL;
131 }
132 server->sequence_number = 0;
133 server->session_estab = false;
134 kfree(server->session_key.response);
135 server->session_key.response = NULL;
136 server->session_key.len = 0;
137 server->lstrp = jiffies;
138 mutex_unlock(&server->srv_mutex);
139
140 /* mark submitted MIDs for retry and issue callback */
141 INIT_LIST_HEAD(&retry_list);
142 cFYI(1, "%s: moving mids to private list", __func__);
143 spin_lock(&GlobalMid_Lock);
144 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
145 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
146 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
147 mid_entry->midState = MID_RETRY_NEEDED;
148 list_move(&mid_entry->qhead, &retry_list);
149 }
150 spin_unlock(&GlobalMid_Lock);
151
152 cFYI(1, "%s: issuing mid callbacks", __func__);
153 list_for_each_safe(tmp, tmp2, &retry_list) {
154 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
155 list_del_init(&mid_entry->qhead);
156 mid_entry->callback(mid_entry);
157 }
158
159 do {
160 try_to_freeze();
161
162 /* we should try only the port we connected to before */
163 rc = generic_ip_connect(server);
164 if (rc) {
165 cFYI(1, "reconnect error %d", rc);
166 msleep(3000);
167 } else {
168 atomic_inc(&tcpSesReconnectCount);
169 spin_lock(&GlobalMid_Lock);
170 if (server->tcpStatus != CifsExiting)
171 server->tcpStatus = CifsNeedNegotiate;
172 spin_unlock(&GlobalMid_Lock);
173 }
174 } while (server->tcpStatus == CifsNeedReconnect);
175
176 return rc;
177 }
178
179 /*
180 return codes:
181 0 not a transact2, or all data present
182 >0 transact2 with that much data missing
183 -EINVAL = invalid transact2
184
185 */
186 static int check2ndT2(struct smb_hdr *pSMB)
187 {
188 struct smb_t2_rsp *pSMBt;
189 int remaining;
190 __u16 total_data_size, data_in_this_rsp;
191
192 if (pSMB->Command != SMB_COM_TRANSACTION2)
193 return 0;
194
195 /* check for plausible wct, bcc and t2 data and parm sizes */
196 /* check for parm and data offset going beyond end of smb */
197 if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
198 cFYI(1, "invalid transact2 word count");
199 return -EINVAL;
200 }
201
202 pSMBt = (struct smb_t2_rsp *)pSMB;
203
204 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
205 data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
206
207 if (total_data_size == data_in_this_rsp)
208 return 0;
209 else if (total_data_size < data_in_this_rsp) {
210 cFYI(1, "total data %d smaller than data in frame %d",
211 total_data_size, data_in_this_rsp);
212 return -EINVAL;
213 }
214
215 remaining = total_data_size - data_in_this_rsp;
216
217 cFYI(1, "missing %d bytes from transact2, check next response",
218 remaining);
219 if (total_data_size > CIFSMaxBufSize) {
220 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
221 total_data_size, CIFSMaxBufSize);
222 return -EINVAL;
223 }
224 return remaining;
225 }
226
227 static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
228 {
229 struct smb_t2_rsp *pSMBs = (struct smb_t2_rsp *)psecond;
230 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
231 char *data_area_of_tgt;
232 char *data_area_of_src;
233 int remaining;
234 unsigned int byte_count, total_in_tgt;
235 __u16 tgt_total_cnt, src_total_cnt, total_in_src;
236
237 src_total_cnt = get_unaligned_le16(&pSMBs->t2_rsp.TotalDataCount);
238 tgt_total_cnt = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
239
240 if (tgt_total_cnt != src_total_cnt)
241 cFYI(1, "total data count of primary and secondary t2 differ "
242 "source=%hu target=%hu", src_total_cnt, tgt_total_cnt);
243
244 total_in_tgt = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
245
246 remaining = tgt_total_cnt - total_in_tgt;
247
248 if (remaining < 0) {
249 cFYI(1, "Server sent too much data. tgt_total_cnt=%hu "
250 "total_in_tgt=%hu", tgt_total_cnt, total_in_tgt);
251 return -EPROTO;
252 }
253
254 if (remaining == 0) {
255 /* nothing to do, ignore */
256 cFYI(1, "no more data remains");
257 return 0;
258 }
259
260 total_in_src = get_unaligned_le16(&pSMBs->t2_rsp.DataCount);
261 if (remaining < total_in_src)
262 cFYI(1, "transact2 2nd response contains too much data");
263
264 /* find end of first SMB data area */
265 data_area_of_tgt = (char *)&pSMBt->hdr.Protocol +
266 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
267
268 /* validate target area */
269 data_area_of_src = (char *)&pSMBs->hdr.Protocol +
270 get_unaligned_le16(&pSMBs->t2_rsp.DataOffset);
271
272 data_area_of_tgt += total_in_tgt;
273
274 total_in_tgt += total_in_src;
275 /* is the result too big for the field? */
276 if (total_in_tgt > USHRT_MAX) {
277 cFYI(1, "coalesced DataCount too large (%u)", total_in_tgt);
278 return -EPROTO;
279 }
280 put_unaligned_le16(total_in_tgt, &pSMBt->t2_rsp.DataCount);
281
282 /* fix up the BCC */
283 byte_count = get_bcc(pTargetSMB);
284 byte_count += total_in_src;
285 /* is the result too big for the field? */
286 if (byte_count > USHRT_MAX) {
287 cFYI(1, "coalesced BCC too large (%u)", byte_count);
288 return -EPROTO;
289 }
290 put_bcc(byte_count, pTargetSMB);
291
292 byte_count = be32_to_cpu(pTargetSMB->smb_buf_length);
293 byte_count += total_in_src;
294 /* don't allow buffer to overflow */
295 if (byte_count > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
296 cFYI(1, "coalesced BCC exceeds buffer size (%u)", byte_count);
297 return -ENOBUFS;
298 }
299 pTargetSMB->smb_buf_length = cpu_to_be32(byte_count);
300
301 /* copy second buffer into end of first buffer */
302 memcpy(data_area_of_tgt, data_area_of_src, total_in_src);
303
304 if (remaining != total_in_src) {
305 /* more responses to go */
306 cFYI(1, "waiting for more secondary responses");
307 return 1;
308 }
309
310 /* we are done */
311 cFYI(1, "found the last secondary response");
312 return 0;
313 }
314
315 static void
316 cifs_echo_request(struct work_struct *work)
317 {
318 int rc;
319 struct TCP_Server_Info *server = container_of(work,
320 struct TCP_Server_Info, echo.work);
321
322 /*
323 * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
324 * done, which is indicated by maxBuf != 0. Also, no need to ping if
325 * we got a response recently
326 */
327 if (server->maxBuf == 0 ||
328 time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
329 goto requeue_echo;
330
331 rc = CIFSSMBEcho(server);
332 if (rc)
333 cFYI(1, "Unable to send echo request to server: %s",
334 server->hostname);
335
336 requeue_echo:
337 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
338 }
339
340 static bool
341 allocate_buffers(struct TCP_Server_Info *server)
342 {
343 if (!server->bigbuf) {
344 server->bigbuf = (char *)cifs_buf_get();
345 if (!server->bigbuf) {
346 cERROR(1, "No memory for large SMB response");
347 msleep(3000);
348 /* retry will check if exiting */
349 return false;
350 }
351 } else if (server->large_buf) {
352 /* we are reusing a dirty large buf, clear its start */
353 memset(server->bigbuf, 0, sizeof(struct smb_hdr));
354 }
355
356 if (!server->smallbuf) {
357 server->smallbuf = (char *)cifs_small_buf_get();
358 if (!server->smallbuf) {
359 cERROR(1, "No memory for SMB response");
360 msleep(1000);
361 /* retry will check if exiting */
362 return false;
363 }
364 /* beginning of smb buffer is cleared in our buf_get */
365 } else {
366 /* if existing small buf clear beginning */
367 memset(server->smallbuf, 0, sizeof(struct smb_hdr));
368 }
369
370 return true;
371 }
372
373 static bool
374 server_unresponsive(struct TCP_Server_Info *server)
375 {
376 if (echo_retries > 0 && server->tcpStatus == CifsGood &&
377 time_after(jiffies, server->lstrp +
378 (echo_retries * SMB_ECHO_INTERVAL))) {
379 cERROR(1, "Server %s has not responded in %d seconds. "
380 "Reconnecting...", server->hostname,
381 (echo_retries * SMB_ECHO_INTERVAL / HZ));
382 cifs_reconnect(server);
383 wake_up(&server->response_q);
384 return true;
385 }
386
387 return false;
388 }
389
390 /*
391 * kvec_array_init - clone a kvec array, and advance into it
392 * @new: pointer to memory for cloned array
393 * @iov: pointer to original array
394 * @nr_segs: number of members in original array
395 * @bytes: number of bytes to advance into the cloned array
396 *
397 * This function will copy the array provided in iov to a section of memory
398 * and advance the specified number of bytes into the new array. It returns
399 * the number of segments in the new array. "new" must be at least as big as
400 * the original iov array.
401 */
402 static unsigned int
403 kvec_array_init(struct kvec *new, struct kvec *iov, unsigned int nr_segs,
404 size_t bytes)
405 {
406 size_t base = 0;
407
408 while (bytes || !iov->iov_len) {
409 int copy = min(bytes, iov->iov_len);
410
411 bytes -= copy;
412 base += copy;
413 if (iov->iov_len == base) {
414 iov++;
415 nr_segs--;
416 base = 0;
417 }
418 }
419 memcpy(new, iov, sizeof(*iov) * nr_segs);
420 new->iov_base += base;
421 new->iov_len -= base;
422 return nr_segs;
423 }
424
425 static struct kvec *
426 get_server_iovec(struct TCP_Server_Info *server, unsigned int nr_segs)
427 {
428 struct kvec *new_iov;
429
430 if (server->iov && nr_segs <= server->nr_iov)
431 return server->iov;
432
433 /* not big enough -- allocate a new one and release the old */
434 new_iov = kmalloc(sizeof(*new_iov) * nr_segs, GFP_NOFS);
435 if (new_iov) {
436 kfree(server->iov);
437 server->iov = new_iov;
438 server->nr_iov = nr_segs;
439 }
440 return new_iov;
441 }
442
443 int
444 cifs_readv_from_socket(struct TCP_Server_Info *server, struct kvec *iov_orig,
445 unsigned int nr_segs, unsigned int to_read)
446 {
447 int length = 0;
448 int total_read;
449 unsigned int segs;
450 struct msghdr smb_msg;
451 struct kvec *iov;
452
453 iov = get_server_iovec(server, nr_segs);
454 if (!iov)
455 return -ENOMEM;
456
457 smb_msg.msg_control = NULL;
458 smb_msg.msg_controllen = 0;
459
460 for (total_read = 0; to_read; total_read += length, to_read -= length) {
461 try_to_freeze();
462
463 if (server_unresponsive(server)) {
464 total_read = -EAGAIN;
465 break;
466 }
467
468 segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
469
470 length = kernel_recvmsg(server->ssocket, &smb_msg,
471 iov, segs, to_read, 0);
472
473 if (server->tcpStatus == CifsExiting) {
474 total_read = -ESHUTDOWN;
475 break;
476 } else if (server->tcpStatus == CifsNeedReconnect) {
477 cifs_reconnect(server);
478 total_read = -EAGAIN;
479 break;
480 } else if (length == -ERESTARTSYS ||
481 length == -EAGAIN ||
482 length == -EINTR) {
483 /*
484 * Minimum sleep to prevent looping, allowing socket
485 * to clear and app threads to set tcpStatus
486 * CifsNeedReconnect if server hung.
487 */
488 usleep_range(1000, 2000);
489 length = 0;
490 continue;
491 } else if (length <= 0) {
492 cFYI(1, "Received no data or error: expecting %d "
493 "got %d", to_read, length);
494 cifs_reconnect(server);
495 total_read = -EAGAIN;
496 break;
497 }
498 }
499 return total_read;
500 }
501
502 int
503 cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
504 unsigned int to_read)
505 {
506 struct kvec iov;
507
508 iov.iov_base = buf;
509 iov.iov_len = to_read;
510
511 return cifs_readv_from_socket(server, &iov, 1, to_read);
512 }
513
514 static bool
515 is_smb_response(struct TCP_Server_Info *server, unsigned char type)
516 {
517 /*
518 * The first byte big endian of the length field,
519 * is actually not part of the length but the type
520 * with the most common, zero, as regular data.
521 */
522 switch (type) {
523 case RFC1002_SESSION_MESSAGE:
524 /* Regular SMB response */
525 return true;
526 case RFC1002_SESSION_KEEP_ALIVE:
527 cFYI(1, "RFC 1002 session keep alive");
528 break;
529 case RFC1002_POSITIVE_SESSION_RESPONSE:
530 cFYI(1, "RFC 1002 positive session response");
531 break;
532 case RFC1002_NEGATIVE_SESSION_RESPONSE:
533 /*
534 * We get this from Windows 98 instead of an error on
535 * SMB negprot response.
536 */
537 cFYI(1, "RFC 1002 negative session response");
538 /* give server a second to clean up */
539 msleep(1000);
540 /*
541 * Always try 445 first on reconnect since we get NACK
542 * on some if we ever connected to port 139 (the NACK
543 * is since we do not begin with RFC1001 session
544 * initialize frame).
545 */
546 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
547 cifs_reconnect(server);
548 wake_up(&server->response_q);
549 break;
550 default:
551 cERROR(1, "RFC 1002 unknown response type 0x%x", type);
552 cifs_reconnect(server);
553 }
554
555 return false;
556 }
557
558 static struct mid_q_entry *
559 find_mid(struct TCP_Server_Info *server, struct smb_hdr *buf)
560 {
561 struct mid_q_entry *mid;
562
563 spin_lock(&GlobalMid_Lock);
564 list_for_each_entry(mid, &server->pending_mid_q, qhead) {
565 if (mid->mid == buf->Mid &&
566 mid->midState == MID_REQUEST_SUBMITTED &&
567 mid->command == buf->Command) {
568 spin_unlock(&GlobalMid_Lock);
569 return mid;
570 }
571 }
572 spin_unlock(&GlobalMid_Lock);
573 return NULL;
574 }
575
576 void
577 dequeue_mid(struct mid_q_entry *mid, bool malformed)
578 {
579 #ifdef CONFIG_CIFS_STATS2
580 mid->when_received = jiffies;
581 #endif
582 spin_lock(&GlobalMid_Lock);
583 if (!malformed)
584 mid->midState = MID_RESPONSE_RECEIVED;
585 else
586 mid->midState = MID_RESPONSE_MALFORMED;
587 list_del_init(&mid->qhead);
588 spin_unlock(&GlobalMid_Lock);
589 }
590
591 static void
592 handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
593 struct smb_hdr *buf, int malformed)
594 {
595 if (malformed == 0 && check2ndT2(buf) > 0) {
596 mid->multiRsp = true;
597 if (mid->resp_buf) {
598 /* merge response - fix up 1st*/
599 malformed = coalesce_t2(buf, mid->resp_buf);
600 if (malformed > 0)
601 return;
602
603 /* All parts received or packet is malformed. */
604 mid->multiEnd = true;
605 return dequeue_mid(mid, malformed);
606 }
607 if (!server->large_buf) {
608 /*FIXME: switch to already allocated largebuf?*/
609 cERROR(1, "1st trans2 resp needs bigbuf");
610 } else {
611 /* Have first buffer */
612 mid->resp_buf = buf;
613 mid->largeBuf = true;
614 server->bigbuf = NULL;
615 }
616 return;
617 }
618 mid->resp_buf = buf;
619 mid->largeBuf = server->large_buf;
620 /* Was previous buf put in mpx struct for multi-rsp? */
621 if (!mid->multiRsp) {
622 /* smb buffer will be freed by user thread */
623 if (server->large_buf)
624 server->bigbuf = NULL;
625 else
626 server->smallbuf = NULL;
627 }
628 dequeue_mid(mid, malformed);
629 }
630
631 static void clean_demultiplex_info(struct TCP_Server_Info *server)
632 {
633 int length;
634
635 /* take it off the list, if it's not already */
636 spin_lock(&cifs_tcp_ses_lock);
637 list_del_init(&server->tcp_ses_list);
638 spin_unlock(&cifs_tcp_ses_lock);
639
640 spin_lock(&GlobalMid_Lock);
641 server->tcpStatus = CifsExiting;
642 spin_unlock(&GlobalMid_Lock);
643 wake_up_all(&server->response_q);
644
645 /*
646 * Check if we have blocked requests that need to free. Note that
647 * cifs_max_pending is normally 50, but can be set at module install
648 * time to as little as two.
649 */
650 spin_lock(&GlobalMid_Lock);
651 if (atomic_read(&server->inFlight) >= cifs_max_pending)
652 atomic_set(&server->inFlight, cifs_max_pending - 1);
653 /*
654 * We do not want to set the max_pending too low or we could end up
655 * with the counter going negative.
656 */
657 spin_unlock(&GlobalMid_Lock);
658 /*
659 * Although there should not be any requests blocked on this queue it
660 * can not hurt to be paranoid and try to wake up requests that may
661 * haven been blocked when more than 50 at time were on the wire to the
662 * same server - they now will see the session is in exit state and get
663 * out of SendReceive.
664 */
665 wake_up_all(&server->request_q);
666 /* give those requests time to exit */
667 msleep(125);
668
669 if (server->ssocket) {
670 sock_release(server->ssocket);
671 server->ssocket = NULL;
672 }
673
674 if (!list_empty(&server->pending_mid_q)) {
675 struct list_head dispose_list;
676 struct mid_q_entry *mid_entry;
677 struct list_head *tmp, *tmp2;
678
679 INIT_LIST_HEAD(&dispose_list);
680 spin_lock(&GlobalMid_Lock);
681 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
682 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
683 cFYI(1, "Clearing mid 0x%x", mid_entry->mid);
684 mid_entry->midState = MID_SHUTDOWN;
685 list_move(&mid_entry->qhead, &dispose_list);
686 }
687 spin_unlock(&GlobalMid_Lock);
688
689 /* now walk dispose list and issue callbacks */
690 list_for_each_safe(tmp, tmp2, &dispose_list) {
691 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
692 cFYI(1, "Callback mid 0x%x", mid_entry->mid);
693 list_del_init(&mid_entry->qhead);
694 mid_entry->callback(mid_entry);
695 }
696 /* 1/8th of sec is more than enough time for them to exit */
697 msleep(125);
698 }
699
700 if (!list_empty(&server->pending_mid_q)) {
701 /*
702 * mpx threads have not exited yet give them at least the smb
703 * send timeout time for long ops.
704 *
705 * Due to delays on oplock break requests, we need to wait at
706 * least 45 seconds before giving up on a request getting a
707 * response and going ahead and killing cifsd.
708 */
709 cFYI(1, "Wait for exit from demultiplex thread");
710 msleep(46000);
711 /*
712 * If threads still have not exited they are probably never
713 * coming home not much else we can do but free the memory.
714 */
715 }
716
717 kfree(server->hostname);
718 kfree(server->iov);
719 kfree(server);
720
721 length = atomic_dec_return(&tcpSesAllocCount);
722 if (length > 0)
723 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
724 GFP_KERNEL);
725 }
726
727 static int
728 standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
729 {
730 int length;
731 char *buf = server->smallbuf;
732 struct smb_hdr *smb_buffer = (struct smb_hdr *)buf;
733 unsigned int pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
734
735 /* make sure this will fit in a large buffer */
736 if (pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
737 cERROR(1, "SMB response too long (%u bytes)",
738 pdu_length);
739 cifs_reconnect(server);
740 wake_up(&server->response_q);
741 return -EAGAIN;
742 }
743
744 /* switch to large buffer if too big for a small one */
745 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
746 server->large_buf = true;
747 memcpy(server->bigbuf, server->smallbuf, server->total_read);
748 buf = server->bigbuf;
749 smb_buffer = (struct smb_hdr *)buf;
750 }
751
752 /* now read the rest */
753 length = cifs_read_from_socket(server,
754 buf + sizeof(struct smb_hdr) - 1,
755 pdu_length - sizeof(struct smb_hdr) + 1 + 4);
756 if (length < 0)
757 return length;
758 server->total_read += length;
759
760 dump_smb(smb_buffer, server->total_read);
761
762 /*
763 * We know that we received enough to get to the MID as we
764 * checked the pdu_length earlier. Now check to see
765 * if the rest of the header is OK. We borrow the length
766 * var for the rest of the loop to avoid a new stack var.
767 *
768 * 48 bytes is enough to display the header and a little bit
769 * into the payload for debugging purposes.
770 */
771 length = checkSMB(smb_buffer, smb_buffer->Mid, server->total_read);
772 if (length != 0)
773 cifs_dump_mem("Bad SMB: ", buf,
774 min_t(unsigned int, server->total_read, 48));
775
776 if (mid)
777 handle_mid(mid, server, smb_buffer, length);
778
779 return length;
780 }
781
782 static int
783 cifs_demultiplex_thread(void *p)
784 {
785 int length;
786 struct TCP_Server_Info *server = p;
787 unsigned int pdu_length;
788 char *buf = NULL;
789 struct smb_hdr *smb_buffer = NULL;
790 struct task_struct *task_to_wake = NULL;
791 struct mid_q_entry *mid_entry;
792
793 current->flags |= PF_MEMALLOC;
794 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
795
796 length = atomic_inc_return(&tcpSesAllocCount);
797 if (length > 1)
798 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
799 GFP_KERNEL);
800
801 set_freezable();
802 while (server->tcpStatus != CifsExiting) {
803 if (try_to_freeze())
804 continue;
805
806 if (!allocate_buffers(server))
807 continue;
808
809 server->large_buf = false;
810 smb_buffer = (struct smb_hdr *)server->smallbuf;
811 buf = server->smallbuf;
812 pdu_length = 4; /* enough to get RFC1001 header */
813
814 length = cifs_read_from_socket(server, buf, pdu_length);
815 if (length < 0)
816 continue;
817 server->total_read = length;
818
819 /*
820 * The right amount was read from socket - 4 bytes,
821 * so we can now interpret the length field.
822 */
823 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
824
825 cFYI(1, "RFC1002 header 0x%x", pdu_length);
826 if (!is_smb_response(server, buf[0]))
827 continue;
828
829 /* make sure we have enough to get to the MID */
830 if (pdu_length < sizeof(struct smb_hdr) - 1 - 4) {
831 cERROR(1, "SMB response too short (%u bytes)",
832 pdu_length);
833 cifs_reconnect(server);
834 wake_up(&server->response_q);
835 continue;
836 }
837
838 /* read down to the MID */
839 length = cifs_read_from_socket(server, buf + 4,
840 sizeof(struct smb_hdr) - 1 - 4);
841 if (length < 0)
842 continue;
843 server->total_read += length;
844
845 mid_entry = find_mid(server, smb_buffer);
846
847 if (!mid_entry || !mid_entry->receive)
848 length = standard_receive3(server, mid_entry);
849 else
850 length = mid_entry->receive(server, mid_entry);
851
852 if (length < 0)
853 continue;
854
855 if (server->large_buf) {
856 buf = server->bigbuf;
857 smb_buffer = (struct smb_hdr *)buf;
858 }
859
860 server->lstrp = jiffies;
861 if (mid_entry != NULL) {
862 if (!mid_entry->multiRsp || mid_entry->multiEnd)
863 mid_entry->callback(mid_entry);
864 } else if (!is_valid_oplock_break(smb_buffer, server)) {
865 cERROR(1, "No task to wake, unknown frame received! "
866 "NumMids %d", atomic_read(&midCount));
867 cifs_dump_mem("Received Data is: ", buf,
868 sizeof(struct smb_hdr));
869 #ifdef CONFIG_CIFS_DEBUG2
870 cifs_dump_detail(smb_buffer);
871 cifs_dump_mids(server);
872 #endif /* CIFS_DEBUG2 */
873
874 }
875 } /* end while !EXITING */
876
877 /* buffer usually freed in free_mid - need to free it here on exit */
878 cifs_buf_release(server->bigbuf);
879 if (server->smallbuf) /* no sense logging a debug message if NULL */
880 cifs_small_buf_release(server->smallbuf);
881
882 task_to_wake = xchg(&server->tsk, NULL);
883 clean_demultiplex_info(server);
884
885 /* if server->tsk was NULL then wait for a signal before exiting */
886 if (!task_to_wake) {
887 set_current_state(TASK_INTERRUPTIBLE);
888 while (!signal_pending(current)) {
889 schedule();
890 set_current_state(TASK_INTERRUPTIBLE);
891 }
892 set_current_state(TASK_RUNNING);
893 }
894
895 module_put_and_exit(0);
896 }
897
898 /* extract the host portion of the UNC string */
899 static char *
900 extract_hostname(const char *unc)
901 {
902 const char *src;
903 char *dst, *delim;
904 unsigned int len;
905
906 /* skip double chars at beginning of string */
907 /* BB: check validity of these bytes? */
908 src = unc + 2;
909
910 /* delimiter between hostname and sharename is always '\\' now */
911 delim = strchr(src, '\\');
912 if (!delim)
913 return ERR_PTR(-EINVAL);
914
915 len = delim - src;
916 dst = kmalloc((len + 1), GFP_KERNEL);
917 if (dst == NULL)
918 return ERR_PTR(-ENOMEM);
919
920 memcpy(dst, src, len);
921 dst[len] = '\0';
922
923 return dst;
924 }
925
926 static int
927 cifs_parse_mount_options(const char *mountdata, const char *devname,
928 struct smb_vol *vol)
929 {
930 char *value, *data, *end;
931 char *mountdata_copy = NULL, *options;
932 int err;
933 unsigned int temp_len, i, j;
934 char separator[2];
935 short int override_uid = -1;
936 short int override_gid = -1;
937 bool uid_specified = false;
938 bool gid_specified = false;
939 char *nodename = utsname()->nodename;
940
941 separator[0] = ',';
942 separator[1] = 0;
943
944 /*
945 * does not have to be perfect mapping since field is
946 * informational, only used for servers that do not support
947 * port 445 and it can be overridden at mount time
948 */
949 memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
950 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
951 vol->source_rfc1001_name[i] = toupper(nodename[i]);
952
953 vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
954 /* null target name indicates to use *SMBSERVR default called name
955 if we end up sending RFC1001 session initialize */
956 vol->target_rfc1001_name[0] = 0;
957 vol->cred_uid = current_uid();
958 vol->linux_uid = current_uid();
959 vol->linux_gid = current_gid();
960
961 /* default to only allowing write access to owner of the mount */
962 vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
963
964 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
965 /* default is always to request posix paths. */
966 vol->posix_paths = 1;
967 /* default to using server inode numbers where available */
968 vol->server_ino = 1;
969
970 vol->actimeo = CIFS_DEF_ACTIMEO;
971
972 if (!mountdata)
973 goto cifs_parse_mount_err;
974
975 mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
976 if (!mountdata_copy)
977 goto cifs_parse_mount_err;
978
979 options = mountdata_copy;
980 end = options + strlen(options);
981 if (strncmp(options, "sep=", 4) == 0) {
982 if (options[4] != 0) {
983 separator[0] = options[4];
984 options += 5;
985 } else {
986 cFYI(1, "Null separator not allowed");
987 }
988 }
989 vol->backupuid_specified = false; /* no backup intent for a user */
990 vol->backupgid_specified = false; /* no backup intent for a group */
991
992 while ((data = strsep(&options, separator)) != NULL) {
993 if (!*data)
994 continue;
995 if ((value = strchr(data, '=')) != NULL)
996 *value++ = '\0';
997
998 /* Have to parse this before we parse for "user" */
999 if (strnicmp(data, "user_xattr", 10) == 0) {
1000 vol->no_xattr = 0;
1001 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
1002 vol->no_xattr = 1;
1003 } else if (strnicmp(data, "user", 4) == 0) {
1004 if (!value) {
1005 printk(KERN_WARNING
1006 "CIFS: invalid or missing username\n");
1007 goto cifs_parse_mount_err;
1008 } else if (!*value) {
1009 /* null user, ie anonymous, authentication */
1010 vol->nullauth = 1;
1011 }
1012 if (strnlen(value, MAX_USERNAME_SIZE) <
1013 MAX_USERNAME_SIZE) {
1014 vol->username = kstrdup(value, GFP_KERNEL);
1015 if (!vol->username) {
1016 printk(KERN_WARNING "CIFS: no memory "
1017 "for username\n");
1018 goto cifs_parse_mount_err;
1019 }
1020 } else {
1021 printk(KERN_WARNING "CIFS: username too long\n");
1022 goto cifs_parse_mount_err;
1023 }
1024 } else if (strnicmp(data, "pass", 4) == 0) {
1025 if (!value) {
1026 vol->password = NULL;
1027 continue;
1028 } else if (value[0] == 0) {
1029 /* check if string begins with double comma
1030 since that would mean the password really
1031 does start with a comma, and would not
1032 indicate an empty string */
1033 if (value[1] != separator[0]) {
1034 vol->password = NULL;
1035 continue;
1036 }
1037 }
1038 temp_len = strlen(value);
1039 /* removed password length check, NTLM passwords
1040 can be arbitrarily long */
1041
1042 /* if comma in password, the string will be
1043 prematurely null terminated. Commas in password are
1044 specified across the cifs mount interface by a double
1045 comma ie ,, and a comma used as in other cases ie ','
1046 as a parameter delimiter/separator is single and due
1047 to the strsep above is temporarily zeroed. */
1048
1049 /* NB: password legally can have multiple commas and
1050 the only illegal character in a password is null */
1051
1052 if ((value[temp_len] == 0) &&
1053 (value + temp_len < end) &&
1054 (value[temp_len+1] == separator[0])) {
1055 /* reinsert comma */
1056 value[temp_len] = separator[0];
1057 temp_len += 2; /* move after second comma */
1058 while (value[temp_len] != 0) {
1059 if (value[temp_len] == separator[0]) {
1060 if (value[temp_len+1] ==
1061 separator[0]) {
1062 /* skip second comma */
1063 temp_len++;
1064 } else {
1065 /* single comma indicating start
1066 of next parm */
1067 break;
1068 }
1069 }
1070 temp_len++;
1071 }
1072 if (value[temp_len] == 0) {
1073 options = NULL;
1074 } else {
1075 value[temp_len] = 0;
1076 /* point option to start of next parm */
1077 options = value + temp_len + 1;
1078 }
1079 /* go from value to value + temp_len condensing
1080 double commas to singles. Note that this ends up
1081 allocating a few bytes too many, which is ok */
1082 vol->password = kzalloc(temp_len, GFP_KERNEL);
1083 if (vol->password == NULL) {
1084 printk(KERN_WARNING "CIFS: no memory "
1085 "for password\n");
1086 goto cifs_parse_mount_err;
1087 }
1088 for (i = 0, j = 0; i < temp_len; i++, j++) {
1089 vol->password[j] = value[i];
1090 if (value[i] == separator[0]
1091 && value[i+1] == separator[0]) {
1092 /* skip second comma */
1093 i++;
1094 }
1095 }
1096 vol->password[j] = 0;
1097 } else {
1098 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
1099 if (vol->password == NULL) {
1100 printk(KERN_WARNING "CIFS: no memory "
1101 "for password\n");
1102 goto cifs_parse_mount_err;
1103 }
1104 strcpy(vol->password, value);
1105 }
1106 } else if (!strnicmp(data, "ip", 2) ||
1107 !strnicmp(data, "addr", 4)) {
1108 if (!value || !*value) {
1109 vol->UNCip = NULL;
1110 } else if (strnlen(value, INET6_ADDRSTRLEN) <
1111 INET6_ADDRSTRLEN) {
1112 vol->UNCip = kstrdup(value, GFP_KERNEL);
1113 if (!vol->UNCip) {
1114 printk(KERN_WARNING "CIFS: no memory "
1115 "for UNC IP\n");
1116 goto cifs_parse_mount_err;
1117 }
1118 } else {
1119 printk(KERN_WARNING "CIFS: ip address "
1120 "too long\n");
1121 goto cifs_parse_mount_err;
1122 }
1123 } else if (strnicmp(data, "sec", 3) == 0) {
1124 if (!value || !*value) {
1125 cERROR(1, "no security value specified");
1126 continue;
1127 } else if (strnicmp(value, "krb5i", 5) == 0) {
1128 vol->secFlg |= CIFSSEC_MAY_KRB5 |
1129 CIFSSEC_MUST_SIGN;
1130 } else if (strnicmp(value, "krb5p", 5) == 0) {
1131 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
1132 CIFSSEC_MAY_KRB5; */
1133 cERROR(1, "Krb5 cifs privacy not supported");
1134 goto cifs_parse_mount_err;
1135 } else if (strnicmp(value, "krb5", 4) == 0) {
1136 vol->secFlg |= CIFSSEC_MAY_KRB5;
1137 } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
1138 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
1139 CIFSSEC_MUST_SIGN;
1140 } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1141 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
1142 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
1143 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
1144 CIFSSEC_MUST_SIGN;
1145 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
1146 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1147 } else if (strnicmp(value, "ntlmi", 5) == 0) {
1148 vol->secFlg |= CIFSSEC_MAY_NTLM |
1149 CIFSSEC_MUST_SIGN;
1150 } else if (strnicmp(value, "ntlm", 4) == 0) {
1151 /* ntlm is default so can be turned off too */
1152 vol->secFlg |= CIFSSEC_MAY_NTLM;
1153 } else if (strnicmp(value, "nontlm", 6) == 0) {
1154 /* BB is there a better way to do this? */
1155 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1156 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1157 } else if (strnicmp(value, "lanman", 6) == 0) {
1158 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1159 #endif
1160 } else if (strnicmp(value, "none", 4) == 0) {
1161 vol->nullauth = 1;
1162 } else {
1163 cERROR(1, "bad security option: %s", value);
1164 goto cifs_parse_mount_err;
1165 }
1166 } else if (strnicmp(data, "vers", 3) == 0) {
1167 if (!value || !*value) {
1168 cERROR(1, "no protocol version specified"
1169 " after vers= mount option");
1170 } else if ((strnicmp(value, "cifs", 4) == 0) ||
1171 (strnicmp(value, "1", 1) == 0)) {
1172 /* this is the default */
1173 continue;
1174 }
1175 } else if ((strnicmp(data, "unc", 3) == 0)
1176 || (strnicmp(data, "target", 6) == 0)
1177 || (strnicmp(data, "path", 4) == 0)) {
1178 if (!value || !*value) {
1179 printk(KERN_WARNING "CIFS: invalid path to "
1180 "network resource\n");
1181 goto cifs_parse_mount_err;
1182 }
1183 if ((temp_len = strnlen(value, 300)) < 300) {
1184 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1185 if (vol->UNC == NULL)
1186 goto cifs_parse_mount_err;
1187 strcpy(vol->UNC, value);
1188 if (strncmp(vol->UNC, "//", 2) == 0) {
1189 vol->UNC[0] = '\\';
1190 vol->UNC[1] = '\\';
1191 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1192 printk(KERN_WARNING
1193 "CIFS: UNC Path does not begin "
1194 "with // or \\\\ \n");
1195 goto cifs_parse_mount_err;
1196 }
1197 } else {
1198 printk(KERN_WARNING "CIFS: UNC name too long\n");
1199 goto cifs_parse_mount_err;
1200 }
1201 } else if ((strnicmp(data, "domain", 3) == 0)
1202 || (strnicmp(data, "workgroup", 5) == 0)) {
1203 if (!value || !*value) {
1204 printk(KERN_WARNING "CIFS: invalid domain name\n");
1205 goto cifs_parse_mount_err;
1206 }
1207 /* BB are there cases in which a comma can be valid in
1208 a domain name and need special handling? */
1209 if (strnlen(value, 256) < 256) {
1210 vol->domainname = kstrdup(value, GFP_KERNEL);
1211 if (!vol->domainname) {
1212 printk(KERN_WARNING "CIFS: no memory "
1213 "for domainname\n");
1214 goto cifs_parse_mount_err;
1215 }
1216 cFYI(1, "Domain name set");
1217 } else {
1218 printk(KERN_WARNING "CIFS: domain name too "
1219 "long\n");
1220 goto cifs_parse_mount_err;
1221 }
1222 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1223 vol->srcaddr.ss_family = AF_UNSPEC;
1224
1225 if (!value || !*value) {
1226 printk(KERN_WARNING "CIFS: srcaddr value"
1227 " not specified.\n");
1228 goto cifs_parse_mount_err;
1229 }
1230 i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1231 value, strlen(value));
1232 if (i == 0) {
1233 printk(KERN_WARNING "CIFS: Could not parse"
1234 " srcaddr: %s\n",
1235 value);
1236 goto cifs_parse_mount_err;
1237 }
1238 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1239 if (!value || !*value) {
1240 printk(KERN_WARNING
1241 "CIFS: invalid path prefix\n");
1242 goto cifs_parse_mount_err;
1243 }
1244 if ((temp_len = strnlen(value, 1024)) < 1024) {
1245 if (value[0] != '/')
1246 temp_len++; /* missing leading slash */
1247 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1248 if (vol->prepath == NULL)
1249 goto cifs_parse_mount_err;
1250 if (value[0] != '/') {
1251 vol->prepath[0] = '/';
1252 strcpy(vol->prepath+1, value);
1253 } else
1254 strcpy(vol->prepath, value);
1255 cFYI(1, "prefix path %s", vol->prepath);
1256 } else {
1257 printk(KERN_WARNING "CIFS: prefix too long\n");
1258 goto cifs_parse_mount_err;
1259 }
1260 } else if (strnicmp(data, "iocharset", 9) == 0) {
1261 if (!value || !*value) {
1262 printk(KERN_WARNING "CIFS: invalid iocharset "
1263 "specified\n");
1264 goto cifs_parse_mount_err;
1265 }
1266 if (strnlen(value, 65) < 65) {
1267 if (strnicmp(value, "default", 7)) {
1268 vol->iocharset = kstrdup(value,
1269 GFP_KERNEL);
1270
1271 if (!vol->iocharset) {
1272 printk(KERN_WARNING "CIFS: no "
1273 "memory for"
1274 "charset\n");
1275 goto cifs_parse_mount_err;
1276 }
1277 }
1278 /* if iocharset not set then load_nls_default
1279 is used by caller */
1280 cFYI(1, "iocharset set to %s", value);
1281 } else {
1282 printk(KERN_WARNING "CIFS: iocharset name "
1283 "too long.\n");
1284 goto cifs_parse_mount_err;
1285 }
1286 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1287 vol->linux_uid = simple_strtoul(value, &value, 0);
1288 uid_specified = true;
1289 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1290 vol->cred_uid = simple_strtoul(value, &value, 0);
1291 } else if (!strnicmp(data, "forceuid", 8)) {
1292 override_uid = 1;
1293 } else if (!strnicmp(data, "noforceuid", 10)) {
1294 override_uid = 0;
1295 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1296 vol->linux_gid = simple_strtoul(value, &value, 0);
1297 gid_specified = true;
1298 } else if (!strnicmp(data, "forcegid", 8)) {
1299 override_gid = 1;
1300 } else if (!strnicmp(data, "noforcegid", 10)) {
1301 override_gid = 0;
1302 } else if (strnicmp(data, "file_mode", 4) == 0) {
1303 if (value && *value) {
1304 vol->file_mode =
1305 simple_strtoul(value, &value, 0);
1306 }
1307 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1308 if (value && *value) {
1309 vol->dir_mode =
1310 simple_strtoul(value, &value, 0);
1311 }
1312 } else if (strnicmp(data, "dirmode", 4) == 0) {
1313 if (value && *value) {
1314 vol->dir_mode =
1315 simple_strtoul(value, &value, 0);
1316 }
1317 } else if (strnicmp(data, "port", 4) == 0) {
1318 if (value && *value) {
1319 vol->port =
1320 simple_strtoul(value, &value, 0);
1321 }
1322 } else if (strnicmp(data, "rsize", 5) == 0) {
1323 if (value && *value) {
1324 vol->rsize =
1325 simple_strtoul(value, &value, 0);
1326 }
1327 } else if (strnicmp(data, "wsize", 5) == 0) {
1328 if (value && *value) {
1329 vol->wsize =
1330 simple_strtoul(value, &value, 0);
1331 }
1332 } else if (strnicmp(data, "sockopt", 5) == 0) {
1333 if (!value || !*value) {
1334 cERROR(1, "no socket option specified");
1335 continue;
1336 } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1337 vol->sockopt_tcp_nodelay = 1;
1338 }
1339 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1340 if (!value || !*value || (*value == ' ')) {
1341 cFYI(1, "invalid (empty) netbiosname");
1342 } else {
1343 memset(vol->source_rfc1001_name, 0x20,
1344 RFC1001_NAME_LEN);
1345 /*
1346 * FIXME: are there cases in which a comma can
1347 * be valid in workstation netbios name (and
1348 * need special handling)?
1349 */
1350 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1351 /* don't ucase netbiosname for user */
1352 if (value[i] == 0)
1353 break;
1354 vol->source_rfc1001_name[i] = value[i];
1355 }
1356 /* The string has 16th byte zero still from
1357 set at top of the function */
1358 if (i == RFC1001_NAME_LEN && value[i] != 0)
1359 printk(KERN_WARNING "CIFS: netbiosname"
1360 " longer than 15 truncated.\n");
1361 }
1362 } else if (strnicmp(data, "servern", 7) == 0) {
1363 /* servernetbiosname specified override *SMBSERVER */
1364 if (!value || !*value || (*value == ' ')) {
1365 cFYI(1, "empty server netbiosname specified");
1366 } else {
1367 /* last byte, type, is 0x20 for servr type */
1368 memset(vol->target_rfc1001_name, 0x20,
1369 RFC1001_NAME_LEN_WITH_NULL);
1370
1371 for (i = 0; i < 15; i++) {
1372 /* BB are there cases in which a comma can be
1373 valid in this workstation netbios name
1374 (and need special handling)? */
1375
1376 /* user or mount helper must uppercase
1377 the netbiosname */
1378 if (value[i] == 0)
1379 break;
1380 else
1381 vol->target_rfc1001_name[i] =
1382 value[i];
1383 }
1384 /* The string has 16th byte zero still from
1385 set at top of the function */
1386 if (i == RFC1001_NAME_LEN && value[i] != 0)
1387 printk(KERN_WARNING "CIFS: server net"
1388 "biosname longer than 15 truncated.\n");
1389 }
1390 } else if (strnicmp(data, "actimeo", 7) == 0) {
1391 if (value && *value) {
1392 vol->actimeo = HZ * simple_strtoul(value,
1393 &value, 0);
1394 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1395 cERROR(1, "CIFS: attribute cache"
1396 "timeout too large");
1397 goto cifs_parse_mount_err;
1398 }
1399 }
1400 } else if (strnicmp(data, "credentials", 4) == 0) {
1401 /* ignore */
1402 } else if (strnicmp(data, "version", 3) == 0) {
1403 /* ignore */
1404 } else if (strnicmp(data, "guest", 5) == 0) {
1405 /* ignore */
1406 } else if (strnicmp(data, "rw", 2) == 0 && strlen(data) == 2) {
1407 /* ignore */
1408 } else if (strnicmp(data, "ro", 2) == 0) {
1409 /* ignore */
1410 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1411 vol->noblocksnd = 1;
1412 } else if (strnicmp(data, "noautotune", 10) == 0) {
1413 vol->noautotune = 1;
1414 } else if ((strnicmp(data, "suid", 4) == 0) ||
1415 (strnicmp(data, "nosuid", 6) == 0) ||
1416 (strnicmp(data, "exec", 4) == 0) ||
1417 (strnicmp(data, "noexec", 6) == 0) ||
1418 (strnicmp(data, "nodev", 5) == 0) ||
1419 (strnicmp(data, "noauto", 6) == 0) ||
1420 (strnicmp(data, "dev", 3) == 0)) {
1421 /* The mount tool or mount.cifs helper (if present)
1422 uses these opts to set flags, and the flags are read
1423 by the kernel vfs layer before we get here (ie
1424 before read super) so there is no point trying to
1425 parse these options again and set anything and it
1426 is ok to just ignore them */
1427 continue;
1428 } else if (strnicmp(data, "hard", 4) == 0) {
1429 vol->retry = 1;
1430 } else if (strnicmp(data, "soft", 4) == 0) {
1431 vol->retry = 0;
1432 } else if (strnicmp(data, "perm", 4) == 0) {
1433 vol->noperm = 0;
1434 } else if (strnicmp(data, "noperm", 6) == 0) {
1435 vol->noperm = 1;
1436 } else if (strnicmp(data, "mapchars", 8) == 0) {
1437 vol->remap = 1;
1438 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1439 vol->remap = 0;
1440 } else if (strnicmp(data, "sfu", 3) == 0) {
1441 vol->sfu_emul = 1;
1442 } else if (strnicmp(data, "nosfu", 5) == 0) {
1443 vol->sfu_emul = 0;
1444 } else if (strnicmp(data, "nodfs", 5) == 0) {
1445 vol->nodfs = 1;
1446 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1447 vol->posix_paths = 1;
1448 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1449 vol->posix_paths = 0;
1450 } else if (strnicmp(data, "nounix", 6) == 0) {
1451 vol->no_linux_ext = 1;
1452 } else if (strnicmp(data, "nolinux", 7) == 0) {
1453 vol->no_linux_ext = 1;
1454 } else if ((strnicmp(data, "nocase", 6) == 0) ||
1455 (strnicmp(data, "ignorecase", 10) == 0)) {
1456 vol->nocase = 1;
1457 } else if (strnicmp(data, "mand", 4) == 0) {
1458 /* ignore */
1459 } else if (strnicmp(data, "nomand", 6) == 0) {
1460 /* ignore */
1461 } else if (strnicmp(data, "_netdev", 7) == 0) {
1462 /* ignore */
1463 } else if (strnicmp(data, "brl", 3) == 0) {
1464 vol->nobrl = 0;
1465 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1466 (strnicmp(data, "nolock", 6) == 0)) {
1467 vol->nobrl = 1;
1468 /* turn off mandatory locking in mode
1469 if remote locking is turned off since the
1470 local vfs will do advisory */
1471 if (vol->file_mode ==
1472 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1473 vol->file_mode = S_IALLUGO;
1474 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1475 /* will take the shorter form "forcemand" as well */
1476 /* This mount option will force use of mandatory
1477 (DOS/Windows style) byte range locks, instead of
1478 using posix advisory byte range locks, even if the
1479 Unix extensions are available and posix locks would
1480 be supported otherwise. If Unix extensions are not
1481 negotiated this has no effect since mandatory locks
1482 would be used (mandatory locks is all that those
1483 those servers support) */
1484 vol->mand_lock = 1;
1485 } else if (strnicmp(data, "setuids", 7) == 0) {
1486 vol->setuids = 1;
1487 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1488 vol->setuids = 0;
1489 } else if (strnicmp(data, "dynperm", 7) == 0) {
1490 vol->dynperm = true;
1491 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1492 vol->dynperm = false;
1493 } else if (strnicmp(data, "nohard", 6) == 0) {
1494 vol->retry = 0;
1495 } else if (strnicmp(data, "nosoft", 6) == 0) {
1496 vol->retry = 1;
1497 } else if (strnicmp(data, "nointr", 6) == 0) {
1498 vol->intr = 0;
1499 } else if (strnicmp(data, "intr", 4) == 0) {
1500 vol->intr = 1;
1501 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1502 vol->nostrictsync = 1;
1503 } else if (strnicmp(data, "strictsync", 10) == 0) {
1504 vol->nostrictsync = 0;
1505 } else if (strnicmp(data, "serverino", 7) == 0) {
1506 vol->server_ino = 1;
1507 } else if (strnicmp(data, "noserverino", 9) == 0) {
1508 vol->server_ino = 0;
1509 } else if (strnicmp(data, "rwpidforward", 12) == 0) {
1510 vol->rwpidforward = 1;
1511 } else if (strnicmp(data, "cifsacl", 7) == 0) {
1512 vol->cifs_acl = 1;
1513 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1514 vol->cifs_acl = 0;
1515 } else if (strnicmp(data, "acl", 3) == 0) {
1516 vol->no_psx_acl = 0;
1517 } else if (strnicmp(data, "noacl", 5) == 0) {
1518 vol->no_psx_acl = 1;
1519 } else if (strnicmp(data, "locallease", 6) == 0) {
1520 vol->local_lease = 1;
1521 } else if (strnicmp(data, "sign", 4) == 0) {
1522 vol->secFlg |= CIFSSEC_MUST_SIGN;
1523 } else if (strnicmp(data, "seal", 4) == 0) {
1524 /* we do not do the following in secFlags because seal
1525 is a per tree connection (mount) not a per socket
1526 or per-smb connection option in the protocol */
1527 /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1528 vol->seal = 1;
1529 } else if (strnicmp(data, "direct", 6) == 0) {
1530 vol->direct_io = 1;
1531 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1532 vol->direct_io = 1;
1533 } else if (strnicmp(data, "strictcache", 11) == 0) {
1534 vol->strict_io = 1;
1535 } else if (strnicmp(data, "noac", 4) == 0) {
1536 printk(KERN_WARNING "CIFS: Mount option noac not "
1537 "supported. Instead set "
1538 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1539 } else if (strnicmp(data, "fsc", 3) == 0) {
1540 #ifndef CONFIG_CIFS_FSCACHE
1541 cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
1542 "kernel config option set");
1543 goto cifs_parse_mount_err;
1544 #endif
1545 vol->fsc = true;
1546 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1547 vol->mfsymlinks = true;
1548 } else if (strnicmp(data, "multiuser", 8) == 0) {
1549 vol->multiuser = true;
1550 } else if (!strnicmp(data, "backupuid", 9) && value && *value) {
1551 err = kstrtouint(value, 0, &vol->backupuid);
1552 if (err < 0) {
1553 cERROR(1, "%s: Invalid backupuid value",
1554 __func__);
1555 goto cifs_parse_mount_err;
1556 }
1557 vol->backupuid_specified = true;
1558 } else if (!strnicmp(data, "backupgid", 9) && value && *value) {
1559 err = kstrtouint(value, 0, &vol->backupgid);
1560 if (err < 0) {
1561 cERROR(1, "%s: Invalid backupgid value",
1562 __func__);
1563 goto cifs_parse_mount_err;
1564 }
1565 vol->backupgid_specified = true;
1566 } else
1567 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1568 data);
1569 }
1570 if (vol->UNC == NULL) {
1571 if (devname == NULL) {
1572 printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1573 "target\n");
1574 goto cifs_parse_mount_err;
1575 }
1576 if ((temp_len = strnlen(devname, 300)) < 300) {
1577 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1578 if (vol->UNC == NULL)
1579 goto cifs_parse_mount_err;
1580 strcpy(vol->UNC, devname);
1581 if (strncmp(vol->UNC, "//", 2) == 0) {
1582 vol->UNC[0] = '\\';
1583 vol->UNC[1] = '\\';
1584 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1585 printk(KERN_WARNING "CIFS: UNC Path does not "
1586 "begin with // or \\\\ \n");
1587 goto cifs_parse_mount_err;
1588 }
1589 value = strpbrk(vol->UNC+2, "/\\");
1590 if (value)
1591 *value = '\\';
1592 } else {
1593 printk(KERN_WARNING "CIFS: UNC name too long\n");
1594 goto cifs_parse_mount_err;
1595 }
1596 }
1597
1598 #ifndef CONFIG_KEYS
1599 /* Muliuser mounts require CONFIG_KEYS support */
1600 if (vol->multiuser) {
1601 cERROR(1, "Multiuser mounts require kernels with "
1602 "CONFIG_KEYS enabled.");
1603 goto cifs_parse_mount_err;
1604 }
1605 #endif
1606
1607 if (vol->UNCip == NULL)
1608 vol->UNCip = &vol->UNC[2];
1609
1610 if (uid_specified)
1611 vol->override_uid = override_uid;
1612 else if (override_uid == 1)
1613 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1614 "specified with no uid= option.\n");
1615
1616 if (gid_specified)
1617 vol->override_gid = override_gid;
1618 else if (override_gid == 1)
1619 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1620 "specified with no gid= option.\n");
1621
1622 kfree(mountdata_copy);
1623 return 0;
1624
1625 cifs_parse_mount_err:
1626 kfree(mountdata_copy);
1627 return 1;
1628 }
1629
1630 /** Returns true if srcaddr isn't specified and rhs isn't
1631 * specified, or if srcaddr is specified and
1632 * matches the IP address of the rhs argument.
1633 */
1634 static bool
1635 srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1636 {
1637 switch (srcaddr->sa_family) {
1638 case AF_UNSPEC:
1639 return (rhs->sa_family == AF_UNSPEC);
1640 case AF_INET: {
1641 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1642 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1643 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1644 }
1645 case AF_INET6: {
1646 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1647 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1648 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1649 }
1650 default:
1651 WARN_ON(1);
1652 return false; /* don't expect to be here */
1653 }
1654 }
1655
1656 /*
1657 * If no port is specified in addr structure, we try to match with 445 port
1658 * and if it fails - with 139 ports. It should be called only if address
1659 * families of server and addr are equal.
1660 */
1661 static bool
1662 match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1663 {
1664 __be16 port, *sport;
1665
1666 switch (addr->sa_family) {
1667 case AF_INET:
1668 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1669 port = ((struct sockaddr_in *) addr)->sin_port;
1670 break;
1671 case AF_INET6:
1672 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1673 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1674 break;
1675 default:
1676 WARN_ON(1);
1677 return false;
1678 }
1679
1680 if (!port) {
1681 port = htons(CIFS_PORT);
1682 if (port == *sport)
1683 return true;
1684
1685 port = htons(RFC1001_PORT);
1686 }
1687
1688 return port == *sport;
1689 }
1690
1691 static bool
1692 match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1693 struct sockaddr *srcaddr)
1694 {
1695 switch (addr->sa_family) {
1696 case AF_INET: {
1697 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1698 struct sockaddr_in *srv_addr4 =
1699 (struct sockaddr_in *)&server->dstaddr;
1700
1701 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
1702 return false;
1703 break;
1704 }
1705 case AF_INET6: {
1706 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1707 struct sockaddr_in6 *srv_addr6 =
1708 (struct sockaddr_in6 *)&server->dstaddr;
1709
1710 if (!ipv6_addr_equal(&addr6->sin6_addr,
1711 &srv_addr6->sin6_addr))
1712 return false;
1713 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
1714 return false;
1715 break;
1716 }
1717 default:
1718 WARN_ON(1);
1719 return false; /* don't expect to be here */
1720 }
1721
1722 if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1723 return false;
1724
1725 return true;
1726 }
1727
1728 static bool
1729 match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1730 {
1731 unsigned int secFlags;
1732
1733 if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1734 secFlags = vol->secFlg;
1735 else
1736 secFlags = global_secflags | vol->secFlg;
1737
1738 switch (server->secType) {
1739 case LANMAN:
1740 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1741 return false;
1742 break;
1743 case NTLMv2:
1744 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1745 return false;
1746 break;
1747 case NTLM:
1748 if (!(secFlags & CIFSSEC_MAY_NTLM))
1749 return false;
1750 break;
1751 case Kerberos:
1752 if (!(secFlags & CIFSSEC_MAY_KRB5))
1753 return false;
1754 break;
1755 case RawNTLMSSP:
1756 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1757 return false;
1758 break;
1759 default:
1760 /* shouldn't happen */
1761 return false;
1762 }
1763
1764 /* now check if signing mode is acceptable */
1765 if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
1766 (server->sec_mode & SECMODE_SIGN_REQUIRED))
1767 return false;
1768 else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
1769 (server->sec_mode &
1770 (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1771 return false;
1772
1773 return true;
1774 }
1775
1776 static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
1777 struct smb_vol *vol)
1778 {
1779 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1780 return 0;
1781
1782 if (!match_address(server, addr,
1783 (struct sockaddr *)&vol->srcaddr))
1784 return 0;
1785
1786 if (!match_port(server, addr))
1787 return 0;
1788
1789 if (!match_security(server, vol))
1790 return 0;
1791
1792 return 1;
1793 }
1794
1795 static struct TCP_Server_Info *
1796 cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1797 {
1798 struct TCP_Server_Info *server;
1799
1800 spin_lock(&cifs_tcp_ses_lock);
1801 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
1802 if (!match_server(server, addr, vol))
1803 continue;
1804
1805 ++server->srv_count;
1806 spin_unlock(&cifs_tcp_ses_lock);
1807 cFYI(1, "Existing tcp session with server found");
1808 return server;
1809 }
1810 spin_unlock(&cifs_tcp_ses_lock);
1811 return NULL;
1812 }
1813
1814 static void
1815 cifs_put_tcp_session(struct TCP_Server_Info *server)
1816 {
1817 struct task_struct *task;
1818
1819 spin_lock(&cifs_tcp_ses_lock);
1820 if (--server->srv_count > 0) {
1821 spin_unlock(&cifs_tcp_ses_lock);
1822 return;
1823 }
1824
1825 put_net(cifs_net_ns(server));
1826
1827 list_del_init(&server->tcp_ses_list);
1828 spin_unlock(&cifs_tcp_ses_lock);
1829
1830 cancel_delayed_work_sync(&server->echo);
1831
1832 spin_lock(&GlobalMid_Lock);
1833 server->tcpStatus = CifsExiting;
1834 spin_unlock(&GlobalMid_Lock);
1835
1836 cifs_crypto_shash_release(server);
1837 cifs_fscache_release_client_cookie(server);
1838
1839 kfree(server->session_key.response);
1840 server->session_key.response = NULL;
1841 server->session_key.len = 0;
1842
1843 task = xchg(&server->tsk, NULL);
1844 if (task)
1845 force_sig(SIGKILL, task);
1846 }
1847
1848 static struct TCP_Server_Info *
1849 cifs_get_tcp_session(struct smb_vol *volume_info)
1850 {
1851 struct TCP_Server_Info *tcp_ses = NULL;
1852 struct sockaddr_storage addr;
1853 struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1854 struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1855 int rc;
1856
1857 memset(&addr, 0, sizeof(struct sockaddr_storage));
1858
1859 cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
1860
1861 if (volume_info->UNCip && volume_info->UNC) {
1862 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1863 volume_info->UNCip,
1864 strlen(volume_info->UNCip),
1865 volume_info->port);
1866 if (!rc) {
1867 /* we failed translating address */
1868 rc = -EINVAL;
1869 goto out_err;
1870 }
1871 } else if (volume_info->UNCip) {
1872 /* BB using ip addr as tcp_ses name to connect to the
1873 DFS root below */
1874 cERROR(1, "Connecting to DFS root not implemented yet");
1875 rc = -EINVAL;
1876 goto out_err;
1877 } else /* which tcp_sess DFS root would we conect to */ {
1878 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1879 "unc=//192.168.1.100/public) specified");
1880 rc = -EINVAL;
1881 goto out_err;
1882 }
1883
1884 /* see if we already have a matching tcp_ses */
1885 tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
1886 if (tcp_ses)
1887 return tcp_ses;
1888
1889 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1890 if (!tcp_ses) {
1891 rc = -ENOMEM;
1892 goto out_err;
1893 }
1894
1895 rc = cifs_crypto_shash_allocate(tcp_ses);
1896 if (rc) {
1897 cERROR(1, "could not setup hash structures rc %d", rc);
1898 goto out_err;
1899 }
1900
1901 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
1902 tcp_ses->hostname = extract_hostname(volume_info->UNC);
1903 if (IS_ERR(tcp_ses->hostname)) {
1904 rc = PTR_ERR(tcp_ses->hostname);
1905 goto out_err_crypto_release;
1906 }
1907
1908 tcp_ses->noblocksnd = volume_info->noblocksnd;
1909 tcp_ses->noautotune = volume_info->noautotune;
1910 tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
1911 atomic_set(&tcp_ses->inFlight, 0);
1912 init_waitqueue_head(&tcp_ses->response_q);
1913 init_waitqueue_head(&tcp_ses->request_q);
1914 INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1915 mutex_init(&tcp_ses->srv_mutex);
1916 memcpy(tcp_ses->workstation_RFC1001_name,
1917 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1918 memcpy(tcp_ses->server_RFC1001_name,
1919 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1920 tcp_ses->session_estab = false;
1921 tcp_ses->sequence_number = 0;
1922 tcp_ses->lstrp = jiffies;
1923 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1924 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
1925 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
1926
1927 /*
1928 * at this point we are the only ones with the pointer
1929 * to the struct since the kernel thread not created yet
1930 * no need to spinlock this init of tcpStatus or srv_count
1931 */
1932 tcp_ses->tcpStatus = CifsNew;
1933 memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1934 sizeof(tcp_ses->srcaddr));
1935 ++tcp_ses->srv_count;
1936
1937 if (addr.ss_family == AF_INET6) {
1938 cFYI(1, "attempting ipv6 connect");
1939 /* BB should we allow ipv6 on port 139? */
1940 /* other OS never observed in Wild doing 139 with v6 */
1941 memcpy(&tcp_ses->dstaddr, sin_server6,
1942 sizeof(struct sockaddr_in6));
1943 } else
1944 memcpy(&tcp_ses->dstaddr, sin_server,
1945 sizeof(struct sockaddr_in));
1946
1947 rc = ip_connect(tcp_ses);
1948 if (rc < 0) {
1949 cERROR(1, "Error connecting to socket. Aborting operation");
1950 goto out_err_crypto_release;
1951 }
1952
1953 /*
1954 * since we're in a cifs function already, we know that
1955 * this will succeed. No need for try_module_get().
1956 */
1957 __module_get(THIS_MODULE);
1958 tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
1959 tcp_ses, "cifsd");
1960 if (IS_ERR(tcp_ses->tsk)) {
1961 rc = PTR_ERR(tcp_ses->tsk);
1962 cERROR(1, "error %d create cifsd thread", rc);
1963 module_put(THIS_MODULE);
1964 goto out_err_crypto_release;
1965 }
1966 tcp_ses->tcpStatus = CifsNeedNegotiate;
1967
1968 /* thread spawned, put it on the list */
1969 spin_lock(&cifs_tcp_ses_lock);
1970 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
1971 spin_unlock(&cifs_tcp_ses_lock);
1972
1973 cifs_fscache_get_client_cookie(tcp_ses);
1974
1975 /* queue echo request delayed work */
1976 queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1977
1978 return tcp_ses;
1979
1980 out_err_crypto_release:
1981 cifs_crypto_shash_release(tcp_ses);
1982
1983 put_net(cifs_net_ns(tcp_ses));
1984
1985 out_err:
1986 if (tcp_ses) {
1987 if (!IS_ERR(tcp_ses->hostname))
1988 kfree(tcp_ses->hostname);
1989 if (tcp_ses->ssocket)
1990 sock_release(tcp_ses->ssocket);
1991 kfree(tcp_ses);
1992 }
1993 return ERR_PTR(rc);
1994 }
1995
1996 static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
1997 {
1998 switch (ses->server->secType) {
1999 case Kerberos:
2000 if (vol->cred_uid != ses->cred_uid)
2001 return 0;
2002 break;
2003 default:
2004 /* NULL username means anonymous session */
2005 if (ses->user_name == NULL) {
2006 if (!vol->nullauth)
2007 return 0;
2008 break;
2009 }
2010
2011 /* anything else takes username/password */
2012 if (strncmp(ses->user_name,
2013 vol->username ? vol->username : "",
2014 MAX_USERNAME_SIZE))
2015 return 0;
2016 if (strlen(vol->username) != 0 &&
2017 ses->password != NULL &&
2018 strncmp(ses->password,
2019 vol->password ? vol->password : "",
2020 MAX_PASSWORD_SIZE))
2021 return 0;
2022 }
2023 return 1;
2024 }
2025
2026 static struct cifs_ses *
2027 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
2028 {
2029 struct cifs_ses *ses;
2030
2031 spin_lock(&cifs_tcp_ses_lock);
2032 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
2033 if (!match_session(ses, vol))
2034 continue;
2035 ++ses->ses_count;
2036 spin_unlock(&cifs_tcp_ses_lock);
2037 return ses;
2038 }
2039 spin_unlock(&cifs_tcp_ses_lock);
2040 return NULL;
2041 }
2042
2043 static void
2044 cifs_put_smb_ses(struct cifs_ses *ses)
2045 {
2046 int xid;
2047 struct TCP_Server_Info *server = ses->server;
2048
2049 cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
2050 spin_lock(&cifs_tcp_ses_lock);
2051 if (--ses->ses_count > 0) {
2052 spin_unlock(&cifs_tcp_ses_lock);
2053 return;
2054 }
2055
2056 list_del_init(&ses->smb_ses_list);
2057 spin_unlock(&cifs_tcp_ses_lock);
2058
2059 if (ses->status == CifsGood) {
2060 xid = GetXid();
2061 CIFSSMBLogoff(xid, ses);
2062 _FreeXid(xid);
2063 }
2064 sesInfoFree(ses);
2065 cifs_put_tcp_session(server);
2066 }
2067
2068 #ifdef CONFIG_KEYS
2069
2070 /* strlen("cifs:a:") + INET6_ADDRSTRLEN + 1 */
2071 #define CIFSCREDS_DESC_SIZE (7 + INET6_ADDRSTRLEN + 1)
2072
2073 /* Populate username and pw fields from keyring if possible */
2074 static int
2075 cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
2076 {
2077 int rc = 0;
2078 char *desc, *delim, *payload;
2079 ssize_t len;
2080 struct key *key;
2081 struct TCP_Server_Info *server = ses->server;
2082 struct sockaddr_in *sa;
2083 struct sockaddr_in6 *sa6;
2084 struct user_key_payload *upayload;
2085
2086 desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
2087 if (!desc)
2088 return -ENOMEM;
2089
2090 /* try to find an address key first */
2091 switch (server->dstaddr.ss_family) {
2092 case AF_INET:
2093 sa = (struct sockaddr_in *)&server->dstaddr;
2094 sprintf(desc, "cifs:a:%pI4", &sa->sin_addr.s_addr);
2095 break;
2096 case AF_INET6:
2097 sa6 = (struct sockaddr_in6 *)&server->dstaddr;
2098 sprintf(desc, "cifs:a:%pI6c", &sa6->sin6_addr.s6_addr);
2099 break;
2100 default:
2101 cFYI(1, "Bad ss_family (%hu)", server->dstaddr.ss_family);
2102 rc = -EINVAL;
2103 goto out_err;
2104 }
2105
2106 cFYI(1, "%s: desc=%s", __func__, desc);
2107 key = request_key(&key_type_logon, desc, "");
2108 if (IS_ERR(key)) {
2109 if (!ses->domainName) {
2110 cFYI(1, "domainName is NULL");
2111 rc = PTR_ERR(key);
2112 goto out_err;
2113 }
2114
2115 /* didn't work, try to find a domain key */
2116 sprintf(desc, "cifs:d:%s", ses->domainName);
2117 cFYI(1, "%s: desc=%s", __func__, desc);
2118 key = request_key(&key_type_logon, desc, "");
2119 if (IS_ERR(key)) {
2120 rc = PTR_ERR(key);
2121 goto out_err;
2122 }
2123 }
2124
2125 down_read(&key->sem);
2126 upayload = key->payload.data;
2127 if (IS_ERR_OR_NULL(upayload)) {
2128 rc = PTR_ERR(key);
2129 goto out_key_put;
2130 }
2131
2132 /* find first : in payload */
2133 payload = (char *)upayload->data;
2134 delim = strnchr(payload, upayload->datalen, ':');
2135 cFYI(1, "payload=%s", payload);
2136 if (!delim) {
2137 cFYI(1, "Unable to find ':' in payload (datalen=%d)",
2138 upayload->datalen);
2139 rc = -EINVAL;
2140 goto out_key_put;
2141 }
2142
2143 len = delim - payload;
2144 if (len > MAX_USERNAME_SIZE || len <= 0) {
2145 cFYI(1, "Bad value from username search (len=%ld)", len);
2146 rc = -EINVAL;
2147 goto out_key_put;
2148 }
2149
2150 vol->username = kstrndup(payload, len, GFP_KERNEL);
2151 if (!vol->username) {
2152 cFYI(1, "Unable to allocate %ld bytes for username", len);
2153 rc = -ENOMEM;
2154 goto out_key_put;
2155 }
2156 cFYI(1, "%s: username=%s", __func__, vol->username);
2157
2158 len = key->datalen - (len + 1);
2159 if (len > MAX_PASSWORD_SIZE || len <= 0) {
2160 cFYI(1, "Bad len for password search (len=%ld)", len);
2161 rc = -EINVAL;
2162 kfree(vol->username);
2163 vol->username = NULL;
2164 goto out_key_put;
2165 }
2166
2167 ++delim;
2168 vol->password = kstrndup(delim, len, GFP_KERNEL);
2169 if (!vol->password) {
2170 cFYI(1, "Unable to allocate %ld bytes for password", len);
2171 rc = -ENOMEM;
2172 kfree(vol->username);
2173 vol->username = NULL;
2174 goto out_key_put;
2175 }
2176
2177 out_key_put:
2178 up_read(&key->sem);
2179 key_put(key);
2180 out_err:
2181 kfree(desc);
2182 cFYI(1, "%s: returning %d", __func__, rc);
2183 return rc;
2184 }
2185 #else /* ! CONFIG_KEYS */
2186 static inline int
2187 cifs_set_cifscreds(struct smb_vol *vol __attribute__((unused)),
2188 struct cifs_ses *ses __attribute__((unused)))
2189 {
2190 return -ENOSYS;
2191 }
2192 #endif /* CONFIG_KEYS */
2193
2194 static bool warned_on_ntlm; /* globals init to false automatically */
2195
2196 static struct cifs_ses *
2197 cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2198 {
2199 int rc = -ENOMEM, xid;
2200 struct cifs_ses *ses;
2201 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2202 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2203
2204 xid = GetXid();
2205
2206 ses = cifs_find_smb_ses(server, volume_info);
2207 if (ses) {
2208 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
2209
2210 mutex_lock(&ses->session_mutex);
2211 rc = cifs_negotiate_protocol(xid, ses);
2212 if (rc) {
2213 mutex_unlock(&ses->session_mutex);
2214 /* problem -- put our ses reference */
2215 cifs_put_smb_ses(ses);
2216 FreeXid(xid);
2217 return ERR_PTR(rc);
2218 }
2219 if (ses->need_reconnect) {
2220 cFYI(1, "Session needs reconnect");
2221 rc = cifs_setup_session(xid, ses,
2222 volume_info->local_nls);
2223 if (rc) {
2224 mutex_unlock(&ses->session_mutex);
2225 /* problem -- put our reference */
2226 cifs_put_smb_ses(ses);
2227 FreeXid(xid);
2228 return ERR_PTR(rc);
2229 }
2230 }
2231 mutex_unlock(&ses->session_mutex);
2232
2233 /* existing SMB ses has a server reference already */
2234 cifs_put_tcp_session(server);
2235 FreeXid(xid);
2236 return ses;
2237 }
2238
2239 cFYI(1, "Existing smb sess not found");
2240 ses = sesInfoAlloc();
2241 if (ses == NULL)
2242 goto get_ses_fail;
2243
2244 /* new SMB session uses our server ref */
2245 ses->server = server;
2246 if (server->dstaddr.ss_family == AF_INET6)
2247 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
2248 else
2249 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
2250
2251 if (volume_info->username) {
2252 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2253 if (!ses->user_name)
2254 goto get_ses_fail;
2255 }
2256
2257 /* volume_info->password freed at unmount */
2258 if (volume_info->password) {
2259 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2260 if (!ses->password)
2261 goto get_ses_fail;
2262 }
2263 if (volume_info->domainname) {
2264 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2265 if (!ses->domainName)
2266 goto get_ses_fail;
2267 }
2268 ses->cred_uid = volume_info->cred_uid;
2269 ses->linux_uid = volume_info->linux_uid;
2270
2271 /* ntlmv2 is much stronger than ntlm security, and has been broadly
2272 supported for many years, time to update default security mechanism */
2273 if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2274 warned_on_ntlm = true;
2275 cERROR(1, "default security mechanism requested. The default "
2276 "security mechanism will be upgraded from ntlm to "
2277 "ntlmv2 in kernel release 3.3");
2278 }
2279 ses->overrideSecFlg = volume_info->secFlg;
2280
2281 mutex_lock(&ses->session_mutex);
2282 rc = cifs_negotiate_protocol(xid, ses);
2283 if (!rc)
2284 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
2285 mutex_unlock(&ses->session_mutex);
2286 if (rc)
2287 goto get_ses_fail;
2288
2289 /* success, put it on the list */
2290 spin_lock(&cifs_tcp_ses_lock);
2291 list_add(&ses->smb_ses_list, &server->smb_ses_list);
2292 spin_unlock(&cifs_tcp_ses_lock);
2293
2294 FreeXid(xid);
2295 return ses;
2296
2297 get_ses_fail:
2298 sesInfoFree(ses);
2299 FreeXid(xid);
2300 return ERR_PTR(rc);
2301 }
2302
2303 static int match_tcon(struct cifs_tcon *tcon, const char *unc)
2304 {
2305 if (tcon->tidStatus == CifsExiting)
2306 return 0;
2307 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2308 return 0;
2309 return 1;
2310 }
2311
2312 static struct cifs_tcon *
2313 cifs_find_tcon(struct cifs_ses *ses, const char *unc)
2314 {
2315 struct list_head *tmp;
2316 struct cifs_tcon *tcon;
2317
2318 spin_lock(&cifs_tcp_ses_lock);
2319 list_for_each(tmp, &ses->tcon_list) {
2320 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
2321 if (!match_tcon(tcon, unc))
2322 continue;
2323 ++tcon->tc_count;
2324 spin_unlock(&cifs_tcp_ses_lock);
2325 return tcon;
2326 }
2327 spin_unlock(&cifs_tcp_ses_lock);
2328 return NULL;
2329 }
2330
2331 static void
2332 cifs_put_tcon(struct cifs_tcon *tcon)
2333 {
2334 int xid;
2335 struct cifs_ses *ses = tcon->ses;
2336
2337 cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
2338 spin_lock(&cifs_tcp_ses_lock);
2339 if (--tcon->tc_count > 0) {
2340 spin_unlock(&cifs_tcp_ses_lock);
2341 return;
2342 }
2343
2344 list_del_init(&tcon->tcon_list);
2345 spin_unlock(&cifs_tcp_ses_lock);
2346
2347 xid = GetXid();
2348 CIFSSMBTDis(xid, tcon);
2349 _FreeXid(xid);
2350
2351 cifs_fscache_release_super_cookie(tcon);
2352 tconInfoFree(tcon);
2353 cifs_put_smb_ses(ses);
2354 }
2355
2356 static struct cifs_tcon *
2357 cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
2358 {
2359 int rc, xid;
2360 struct cifs_tcon *tcon;
2361
2362 tcon = cifs_find_tcon(ses, volume_info->UNC);
2363 if (tcon) {
2364 cFYI(1, "Found match on UNC path");
2365 /* existing tcon already has a reference */
2366 cifs_put_smb_ses(ses);
2367 if (tcon->seal != volume_info->seal)
2368 cERROR(1, "transport encryption setting "
2369 "conflicts with existing tid");
2370 return tcon;
2371 }
2372
2373 tcon = tconInfoAlloc();
2374 if (tcon == NULL) {
2375 rc = -ENOMEM;
2376 goto out_fail;
2377 }
2378
2379 tcon->ses = ses;
2380 if (volume_info->password) {
2381 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2382 if (!tcon->password) {
2383 rc = -ENOMEM;
2384 goto out_fail;
2385 }
2386 }
2387
2388 if (strchr(volume_info->UNC + 3, '\\') == NULL
2389 && strchr(volume_info->UNC + 3, '/') == NULL) {
2390 cERROR(1, "Missing share name");
2391 rc = -ENODEV;
2392 goto out_fail;
2393 }
2394
2395 /* BB Do we need to wrap session_mutex around
2396 * this TCon call and Unix SetFS as
2397 * we do on SessSetup and reconnect? */
2398 xid = GetXid();
2399 rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2400 FreeXid(xid);
2401 cFYI(1, "CIFS Tcon rc = %d", rc);
2402 if (rc)
2403 goto out_fail;
2404
2405 if (volume_info->nodfs) {
2406 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2407 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2408 }
2409 tcon->seal = volume_info->seal;
2410 /* we can have only one retry value for a connection
2411 to a share so for resources mounted more than once
2412 to the same server share the last value passed in
2413 for the retry flag is used */
2414 tcon->retry = volume_info->retry;
2415 tcon->nocase = volume_info->nocase;
2416 tcon->local_lease = volume_info->local_lease;
2417
2418 spin_lock(&cifs_tcp_ses_lock);
2419 list_add(&tcon->tcon_list, &ses->tcon_list);
2420 spin_unlock(&cifs_tcp_ses_lock);
2421
2422 cifs_fscache_get_super_cookie(tcon);
2423
2424 return tcon;
2425
2426 out_fail:
2427 tconInfoFree(tcon);
2428 return ERR_PTR(rc);
2429 }
2430
2431 void
2432 cifs_put_tlink(struct tcon_link *tlink)
2433 {
2434 if (!tlink || IS_ERR(tlink))
2435 return;
2436
2437 if (!atomic_dec_and_test(&tlink->tl_count) ||
2438 test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2439 tlink->tl_time = jiffies;
2440 return;
2441 }
2442
2443 if (!IS_ERR(tlink_tcon(tlink)))
2444 cifs_put_tcon(tlink_tcon(tlink));
2445 kfree(tlink);
2446 return;
2447 }
2448
2449 static inline struct tcon_link *
2450 cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2451 {
2452 return cifs_sb->master_tlink;
2453 }
2454
2455 static int
2456 compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2457 {
2458 struct cifs_sb_info *old = CIFS_SB(sb);
2459 struct cifs_sb_info *new = mnt_data->cifs_sb;
2460
2461 if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2462 return 0;
2463
2464 if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2465 (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2466 return 0;
2467
2468 /*
2469 * We want to share sb only if we don't specify an r/wsize or
2470 * specified r/wsize is greater than or equal to existing one.
2471 */
2472 if (new->wsize && new->wsize < old->wsize)
2473 return 0;
2474
2475 if (new->rsize && new->rsize < old->rsize)
2476 return 0;
2477
2478 if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2479 return 0;
2480
2481 if (old->mnt_file_mode != new->mnt_file_mode ||
2482 old->mnt_dir_mode != new->mnt_dir_mode)
2483 return 0;
2484
2485 if (strcmp(old->local_nls->charset, new->local_nls->charset))
2486 return 0;
2487
2488 if (old->actimeo != new->actimeo)
2489 return 0;
2490
2491 return 1;
2492 }
2493
2494 int
2495 cifs_match_super(struct super_block *sb, void *data)
2496 {
2497 struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2498 struct smb_vol *volume_info;
2499 struct cifs_sb_info *cifs_sb;
2500 struct TCP_Server_Info *tcp_srv;
2501 struct cifs_ses *ses;
2502 struct cifs_tcon *tcon;
2503 struct tcon_link *tlink;
2504 struct sockaddr_storage addr;
2505 int rc = 0;
2506
2507 memset(&addr, 0, sizeof(struct sockaddr_storage));
2508
2509 spin_lock(&cifs_tcp_ses_lock);
2510 cifs_sb = CIFS_SB(sb);
2511 tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2512 if (IS_ERR(tlink)) {
2513 spin_unlock(&cifs_tcp_ses_lock);
2514 return rc;
2515 }
2516 tcon = tlink_tcon(tlink);
2517 ses = tcon->ses;
2518 tcp_srv = ses->server;
2519
2520 volume_info = mnt_data->vol;
2521
2522 if (!volume_info->UNCip || !volume_info->UNC)
2523 goto out;
2524
2525 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2526 volume_info->UNCip,
2527 strlen(volume_info->UNCip),
2528 volume_info->port);
2529 if (!rc)
2530 goto out;
2531
2532 if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2533 !match_session(ses, volume_info) ||
2534 !match_tcon(tcon, volume_info->UNC)) {
2535 rc = 0;
2536 goto out;
2537 }
2538
2539 rc = compare_mount_options(sb, mnt_data);
2540 out:
2541 spin_unlock(&cifs_tcp_ses_lock);
2542 cifs_put_tlink(tlink);
2543 return rc;
2544 }
2545
2546 int
2547 get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
2548 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
2549 struct dfs_info3_param **preferrals, int remap)
2550 {
2551 char *temp_unc;
2552 int rc = 0;
2553
2554 *pnum_referrals = 0;
2555 *preferrals = NULL;
2556
2557 if (pSesInfo->ipc_tid == 0) {
2558 temp_unc = kmalloc(2 /* for slashes */ +
2559 strnlen(pSesInfo->serverName,
2560 SERVER_NAME_LEN_WITH_NULL * 2)
2561 + 1 + 4 /* slash IPC$ */ + 2,
2562 GFP_KERNEL);
2563 if (temp_unc == NULL)
2564 return -ENOMEM;
2565 temp_unc[0] = '\\';
2566 temp_unc[1] = '\\';
2567 strcpy(temp_unc + 2, pSesInfo->serverName);
2568 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2569 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
2570 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
2571 kfree(temp_unc);
2572 }
2573 if (rc == 0)
2574 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
2575 pnum_referrals, nls_codepage, remap);
2576 /* BB map targetUNCs to dfs_info3 structures, here or
2577 in CIFSGetDFSRefer BB */
2578
2579 return rc;
2580 }
2581
2582 #ifdef CONFIG_DEBUG_LOCK_ALLOC
2583 static struct lock_class_key cifs_key[2];
2584 static struct lock_class_key cifs_slock_key[2];
2585
2586 static inline void
2587 cifs_reclassify_socket4(struct socket *sock)
2588 {
2589 struct sock *sk = sock->sk;
2590 BUG_ON(sock_owned_by_user(sk));
2591 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2592 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2593 }
2594
2595 static inline void
2596 cifs_reclassify_socket6(struct socket *sock)
2597 {
2598 struct sock *sk = sock->sk;
2599 BUG_ON(sock_owned_by_user(sk));
2600 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2601 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2602 }
2603 #else
2604 static inline void
2605 cifs_reclassify_socket4(struct socket *sock)
2606 {
2607 }
2608
2609 static inline void
2610 cifs_reclassify_socket6(struct socket *sock)
2611 {
2612 }
2613 #endif
2614
2615 /* See RFC1001 section 14 on representation of Netbios names */
2616 static void rfc1002mangle(char *target, char *source, unsigned int length)
2617 {
2618 unsigned int i, j;
2619
2620 for (i = 0, j = 0; i < (length); i++) {
2621 /* mask a nibble at a time and encode */
2622 target[j] = 'A' + (0x0F & (source[i] >> 4));
2623 target[j+1] = 'A' + (0x0F & source[i]);
2624 j += 2;
2625 }
2626
2627 }
2628
2629 static int
2630 bind_socket(struct TCP_Server_Info *server)
2631 {
2632 int rc = 0;
2633 if (server->srcaddr.ss_family != AF_UNSPEC) {
2634 /* Bind to the specified local IP address */
2635 struct socket *socket = server->ssocket;
2636 rc = socket->ops->bind(socket,
2637 (struct sockaddr *) &server->srcaddr,
2638 sizeof(server->srcaddr));
2639 if (rc < 0) {
2640 struct sockaddr_in *saddr4;
2641 struct sockaddr_in6 *saddr6;
2642 saddr4 = (struct sockaddr_in *)&server->srcaddr;
2643 saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2644 if (saddr6->sin6_family == AF_INET6)
2645 cERROR(1, "cifs: "
2646 "Failed to bind to: %pI6c, error: %d\n",
2647 &saddr6->sin6_addr, rc);
2648 else
2649 cERROR(1, "cifs: "
2650 "Failed to bind to: %pI4, error: %d\n",
2651 &saddr4->sin_addr.s_addr, rc);
2652 }
2653 }
2654 return rc;
2655 }
2656
2657 static int
2658 ip_rfc1001_connect(struct TCP_Server_Info *server)
2659 {
2660 int rc = 0;
2661 /*
2662 * some servers require RFC1001 sessinit before sending
2663 * negprot - BB check reconnection in case where second
2664 * sessinit is sent but no second negprot
2665 */
2666 struct rfc1002_session_packet *ses_init_buf;
2667 struct smb_hdr *smb_buf;
2668 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2669 GFP_KERNEL);
2670 if (ses_init_buf) {
2671 ses_init_buf->trailer.session_req.called_len = 32;
2672
2673 if (server->server_RFC1001_name &&
2674 server->server_RFC1001_name[0] != 0)
2675 rfc1002mangle(ses_init_buf->trailer.
2676 session_req.called_name,
2677 server->server_RFC1001_name,
2678 RFC1001_NAME_LEN_WITH_NULL);
2679 else
2680 rfc1002mangle(ses_init_buf->trailer.
2681 session_req.called_name,
2682 DEFAULT_CIFS_CALLED_NAME,
2683 RFC1001_NAME_LEN_WITH_NULL);
2684
2685 ses_init_buf->trailer.session_req.calling_len = 32;
2686
2687 /*
2688 * calling name ends in null (byte 16) from old smb
2689 * convention.
2690 */
2691 if (server->workstation_RFC1001_name &&
2692 server->workstation_RFC1001_name[0] != 0)
2693 rfc1002mangle(ses_init_buf->trailer.
2694 session_req.calling_name,
2695 server->workstation_RFC1001_name,
2696 RFC1001_NAME_LEN_WITH_NULL);
2697 else
2698 rfc1002mangle(ses_init_buf->trailer.
2699 session_req.calling_name,
2700 "LINUX_CIFS_CLNT",
2701 RFC1001_NAME_LEN_WITH_NULL);
2702
2703 ses_init_buf->trailer.session_req.scope1 = 0;
2704 ses_init_buf->trailer.session_req.scope2 = 0;
2705 smb_buf = (struct smb_hdr *)ses_init_buf;
2706
2707 /* sizeof RFC1002_SESSION_REQUEST with no scope */
2708 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
2709 rc = smb_send(server, smb_buf, 0x44);
2710 kfree(ses_init_buf);
2711 /*
2712 * RFC1001 layer in at least one server
2713 * requires very short break before negprot
2714 * presumably because not expecting negprot
2715 * to follow so fast. This is a simple
2716 * solution that works without
2717 * complicating the code and causes no
2718 * significant slowing down on mount
2719 * for everyone else
2720 */
2721 usleep_range(1000, 2000);
2722 }
2723 /*
2724 * else the negprot may still work without this
2725 * even though malloc failed
2726 */
2727
2728 return rc;
2729 }
2730
2731 static int
2732 generic_ip_connect(struct TCP_Server_Info *server)
2733 {
2734 int rc = 0;
2735 __be16 sport;
2736 int slen, sfamily;
2737 struct socket *socket = server->ssocket;
2738 struct sockaddr *saddr;
2739
2740 saddr = (struct sockaddr *) &server->dstaddr;
2741
2742 if (server->dstaddr.ss_family == AF_INET6) {
2743 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2744 slen = sizeof(struct sockaddr_in6);
2745 sfamily = AF_INET6;
2746 } else {
2747 sport = ((struct sockaddr_in *) saddr)->sin_port;
2748 slen = sizeof(struct sockaddr_in);
2749 sfamily = AF_INET;
2750 }
2751
2752 if (socket == NULL) {
2753 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2754 IPPROTO_TCP, &socket, 1);
2755 if (rc < 0) {
2756 cERROR(1, "Error %d creating socket", rc);
2757 server->ssocket = NULL;
2758 return rc;
2759 }
2760
2761 /* BB other socket options to set KEEPALIVE, NODELAY? */
2762 cFYI(1, "Socket created");
2763 server->ssocket = socket;
2764 socket->sk->sk_allocation = GFP_NOFS;
2765 if (sfamily == AF_INET6)
2766 cifs_reclassify_socket6(socket);
2767 else
2768 cifs_reclassify_socket4(socket);
2769 }
2770
2771 rc = bind_socket(server);
2772 if (rc < 0)
2773 return rc;
2774
2775 /*
2776 * Eventually check for other socket options to change from
2777 * the default. sock_setsockopt not used because it expects
2778 * user space buffer
2779 */
2780 socket->sk->sk_rcvtimeo = 7 * HZ;
2781 socket->sk->sk_sndtimeo = 5 * HZ;
2782
2783 /* make the bufsizes depend on wsize/rsize and max requests */
2784 if (server->noautotune) {
2785 if (socket->sk->sk_sndbuf < (200 * 1024))
2786 socket->sk->sk_sndbuf = 200 * 1024;
2787 if (socket->sk->sk_rcvbuf < (140 * 1024))
2788 socket->sk->sk_rcvbuf = 140 * 1024;
2789 }
2790
2791 if (server->tcp_nodelay) {
2792 int val = 1;
2793 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2794 (char *)&val, sizeof(val));
2795 if (rc)
2796 cFYI(1, "set TCP_NODELAY socket option error %d", rc);
2797 }
2798
2799 cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
2800 socket->sk->sk_sndbuf,
2801 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
2802
2803 rc = socket->ops->connect(socket, saddr, slen, 0);
2804 if (rc < 0) {
2805 cFYI(1, "Error %d connecting to server", rc);
2806 sock_release(socket);
2807 server->ssocket = NULL;
2808 return rc;
2809 }
2810
2811 if (sport == htons(RFC1001_PORT))
2812 rc = ip_rfc1001_connect(server);
2813
2814 return rc;
2815 }
2816
2817 static int
2818 ip_connect(struct TCP_Server_Info *server)
2819 {
2820 __be16 *sport;
2821 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2822 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2823
2824 if (server->dstaddr.ss_family == AF_INET6)
2825 sport = &addr6->sin6_port;
2826 else
2827 sport = &addr->sin_port;
2828
2829 if (*sport == 0) {
2830 int rc;
2831
2832 /* try with 445 port at first */
2833 *sport = htons(CIFS_PORT);
2834
2835 rc = generic_ip_connect(server);
2836 if (rc >= 0)
2837 return rc;
2838
2839 /* if it failed, try with 139 port */
2840 *sport = htons(RFC1001_PORT);
2841 }
2842
2843 return generic_ip_connect(server);
2844 }
2845
2846 void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
2847 struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
2848 {
2849 /* if we are reconnecting then should we check to see if
2850 * any requested capabilities changed locally e.g. via
2851 * remount but we can not do much about it here
2852 * if they have (even if we could detect it by the following)
2853 * Perhaps we could add a backpointer to array of sb from tcon
2854 * or if we change to make all sb to same share the same
2855 * sb as NFS - then we only have one backpointer to sb.
2856 * What if we wanted to mount the server share twice once with
2857 * and once without posixacls or posix paths? */
2858 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2859
2860 if (vol_info && vol_info->no_linux_ext) {
2861 tcon->fsUnixInfo.Capability = 0;
2862 tcon->unix_ext = 0; /* Unix Extensions disabled */
2863 cFYI(1, "Linux protocol extensions disabled");
2864 return;
2865 } else if (vol_info)
2866 tcon->unix_ext = 1; /* Unix Extensions supported */
2867
2868 if (tcon->unix_ext == 0) {
2869 cFYI(1, "Unix extensions disabled so not set on reconnect");
2870 return;
2871 }
2872
2873 if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
2874 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2875 cFYI(1, "unix caps which server supports %lld", cap);
2876 /* check for reconnect case in which we do not
2877 want to change the mount behavior if we can avoid it */
2878 if (vol_info == NULL) {
2879 /* turn off POSIX ACL and PATHNAMES if not set
2880 originally at mount time */
2881 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2882 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2883 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2884 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2885 cERROR(1, "POSIXPATH support change");
2886 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2887 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2888 cERROR(1, "possible reconnect error");
2889 cERROR(1, "server disabled POSIX path support");
2890 }
2891 }
2892
2893 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2894 cERROR(1, "per-share encryption not supported yet");
2895
2896 cap &= CIFS_UNIX_CAP_MASK;
2897 if (vol_info && vol_info->no_psx_acl)
2898 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2899 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
2900 cFYI(1, "negotiated posix acl support");
2901 if (cifs_sb)
2902 cifs_sb->mnt_cifs_flags |=
2903 CIFS_MOUNT_POSIXACL;
2904 }
2905
2906 if (vol_info && vol_info->posix_paths == 0)
2907 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2908 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
2909 cFYI(1, "negotiate posix pathnames");
2910 if (cifs_sb)
2911 cifs_sb->mnt_cifs_flags |=
2912 CIFS_MOUNT_POSIX_PATHS;
2913 }
2914
2915 cFYI(1, "Negotiate caps 0x%x", (int)cap);
2916 #ifdef CONFIG_CIFS_DEBUG2
2917 if (cap & CIFS_UNIX_FCNTL_CAP)
2918 cFYI(1, "FCNTL cap");
2919 if (cap & CIFS_UNIX_EXTATTR_CAP)
2920 cFYI(1, "EXTATTR cap");
2921 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2922 cFYI(1, "POSIX path cap");
2923 if (cap & CIFS_UNIX_XATTR_CAP)
2924 cFYI(1, "XATTR cap");
2925 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
2926 cFYI(1, "POSIX ACL cap");
2927 if (cap & CIFS_UNIX_LARGE_READ_CAP)
2928 cFYI(1, "very large read cap");
2929 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
2930 cFYI(1, "very large write cap");
2931 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
2932 cFYI(1, "transport encryption cap");
2933 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2934 cFYI(1, "mandatory transport encryption cap");
2935 #endif /* CIFS_DEBUG2 */
2936 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
2937 if (vol_info == NULL) {
2938 cFYI(1, "resetting capabilities failed");
2939 } else
2940 cERROR(1, "Negotiating Unix capabilities "
2941 "with the server failed. Consider "
2942 "mounting with the Unix Extensions\n"
2943 "disabled, if problems are found, "
2944 "by specifying the nounix mount "
2945 "option.");
2946
2947 }
2948 }
2949 }
2950
2951 void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
2952 struct cifs_sb_info *cifs_sb)
2953 {
2954 INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2955
2956 spin_lock_init(&cifs_sb->tlink_tree_lock);
2957 cifs_sb->tlink_tree = RB_ROOT;
2958
2959 /*
2960 * Temporarily set r/wsize for matching superblock. If we end up using
2961 * new sb then client will later negotiate it downward if needed.
2962 */
2963 cifs_sb->rsize = pvolume_info->rsize;
2964 cifs_sb->wsize = pvolume_info->wsize;
2965
2966 cifs_sb->mnt_uid = pvolume_info->linux_uid;
2967 cifs_sb->mnt_gid = pvolume_info->linux_gid;
2968 if (pvolume_info->backupuid_specified)
2969 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
2970 if (pvolume_info->backupgid_specified)
2971 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
2972 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2973 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
2974 cFYI(1, "file mode: 0x%hx dir mode: 0x%hx",
2975 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
2976
2977 cifs_sb->actimeo = pvolume_info->actimeo;
2978 cifs_sb->local_nls = pvolume_info->local_nls;
2979
2980 if (pvolume_info->noperm)
2981 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2982 if (pvolume_info->setuids)
2983 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2984 if (pvolume_info->server_ino)
2985 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2986 if (pvolume_info->remap)
2987 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2988 if (pvolume_info->no_xattr)
2989 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2990 if (pvolume_info->sfu_emul)
2991 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2992 if (pvolume_info->nobrl)
2993 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
2994 if (pvolume_info->nostrictsync)
2995 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
2996 if (pvolume_info->mand_lock)
2997 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
2998 if (pvolume_info->rwpidforward)
2999 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
3000 if (pvolume_info->cifs_acl)
3001 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
3002 if (pvolume_info->backupuid_specified)
3003 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
3004 if (pvolume_info->backupgid_specified)
3005 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
3006 if (pvolume_info->override_uid)
3007 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
3008 if (pvolume_info->override_gid)
3009 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
3010 if (pvolume_info->dynperm)
3011 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
3012 if (pvolume_info->fsc)
3013 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
3014 if (pvolume_info->multiuser)
3015 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
3016 CIFS_MOUNT_NO_PERM);
3017 if (pvolume_info->strict_io)
3018 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
3019 if (pvolume_info->direct_io) {
3020 cFYI(1, "mounting share using direct i/o");
3021 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
3022 }
3023 if (pvolume_info->mfsymlinks) {
3024 if (pvolume_info->sfu_emul) {
3025 cERROR(1, "mount option mfsymlinks ignored if sfu "
3026 "mount option is used");
3027 } else {
3028 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
3029 }
3030 }
3031
3032 if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
3033 cERROR(1, "mount option dynperm ignored if cifsacl "
3034 "mount option supported");
3035 }
3036
3037 /*
3038 * When the server supports very large reads and writes via POSIX extensions,
3039 * we can allow up to 2^24-1, minus the size of a READ/WRITE_AND_X header, not
3040 * including the RFC1001 length.
3041 *
3042 * Note that this might make for "interesting" allocation problems during
3043 * writeback however as we have to allocate an array of pointers for the
3044 * pages. A 16M write means ~32kb page array with PAGE_CACHE_SIZE == 4096.
3045 *
3046 * For reads, there is a similar problem as we need to allocate an array
3047 * of kvecs to handle the receive, though that should only need to be done
3048 * once.
3049 */
3050 #define CIFS_MAX_WSIZE ((1<<24) - 1 - sizeof(WRITE_REQ) + 4)
3051 #define CIFS_MAX_RSIZE ((1<<24) - sizeof(READ_RSP) + 4)
3052
3053 /*
3054 * When the server doesn't allow large posix writes, only allow a rsize/wsize
3055 * of 2^17-1 minus the size of the call header. That allows for a read or
3056 * write up to the maximum size described by RFC1002.
3057 */
3058 #define CIFS_MAX_RFC1002_WSIZE ((1<<17) - 1 - sizeof(WRITE_REQ) + 4)
3059 #define CIFS_MAX_RFC1002_RSIZE ((1<<17) - 1 - sizeof(READ_RSP) + 4)
3060
3061 /*
3062 * The default wsize is 1M. find_get_pages seems to return a maximum of 256
3063 * pages in a single call. With PAGE_CACHE_SIZE == 4k, this means we can fill
3064 * a single wsize request with a single call.
3065 */
3066 #define CIFS_DEFAULT_IOSIZE (1024 * 1024)
3067
3068 /*
3069 * Windows only supports a max of 60kb reads and 65535 byte writes. Default to
3070 * those values when posix extensions aren't in force. In actuality here, we
3071 * use 65536 to allow for a write that is a multiple of 4k. Most servers seem
3072 * to be ok with the extra byte even though Windows doesn't send writes that
3073 * are that large.
3074 *
3075 * Citation:
3076 *
3077 * http://blogs.msdn.com/b/openspecification/archive/2009/04/10/smb-maximum-transmit-buffer-size-and-performance-tuning.aspx
3078 */
3079 #define CIFS_DEFAULT_NON_POSIX_RSIZE (60 * 1024)
3080 #define CIFS_DEFAULT_NON_POSIX_WSIZE (65536)
3081
3082 static unsigned int
3083 cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
3084 {
3085 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3086 struct TCP_Server_Info *server = tcon->ses->server;
3087 unsigned int wsize;
3088
3089 /* start with specified wsize, or default */
3090 if (pvolume_info->wsize)
3091 wsize = pvolume_info->wsize;
3092 else if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
3093 wsize = CIFS_DEFAULT_IOSIZE;
3094 else
3095 wsize = CIFS_DEFAULT_NON_POSIX_WSIZE;
3096
3097 /* can server support 24-bit write sizes? (via UNIX extensions) */
3098 if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
3099 wsize = min_t(unsigned int, wsize, CIFS_MAX_RFC1002_WSIZE);
3100
3101 /*
3102 * no CAP_LARGE_WRITE_X or is signing enabled without CAP_UNIX set?
3103 * Limit it to max buffer offered by the server, minus the size of the
3104 * WRITEX header, not including the 4 byte RFC1001 length.
3105 */
3106 if (!(server->capabilities & CAP_LARGE_WRITE_X) ||
3107 (!(server->capabilities & CAP_UNIX) &&
3108 (server->sec_mode & (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED))))
3109 wsize = min_t(unsigned int, wsize,
3110 server->maxBuf - sizeof(WRITE_REQ) + 4);
3111
3112 /* hard limit of CIFS_MAX_WSIZE */
3113 wsize = min_t(unsigned int, wsize, CIFS_MAX_WSIZE);
3114
3115 return wsize;
3116 }
3117
3118 static unsigned int
3119 cifs_negotiate_rsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
3120 {
3121 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3122 struct TCP_Server_Info *server = tcon->ses->server;
3123 unsigned int rsize, defsize;
3124
3125 /*
3126 * Set default value...
3127 *
3128 * HACK alert! Ancient servers have very small buffers. Even though
3129 * MS-CIFS indicates that servers are only limited by the client's
3130 * bufsize for reads, testing against win98se shows that it throws
3131 * INVALID_PARAMETER errors if you try to request too large a read.
3132 *
3133 * If the server advertises a MaxBufferSize of less than one page,
3134 * assume that it also can't satisfy reads larger than that either.
3135 *
3136 * FIXME: Is there a better heuristic for this?
3137 */
3138 if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_READ_CAP))
3139 defsize = CIFS_DEFAULT_IOSIZE;
3140 else if (server->capabilities & CAP_LARGE_READ_X)
3141 defsize = CIFS_DEFAULT_NON_POSIX_RSIZE;
3142 else if (server->maxBuf >= PAGE_CACHE_SIZE)
3143 defsize = CIFSMaxBufSize;
3144 else
3145 defsize = server->maxBuf - sizeof(READ_RSP);
3146
3147 rsize = pvolume_info->rsize ? pvolume_info->rsize : defsize;
3148
3149 /*
3150 * no CAP_LARGE_READ_X? Then MS-CIFS states that we must limit this to
3151 * the client's MaxBufferSize.
3152 */
3153 if (!(server->capabilities & CAP_LARGE_READ_X))
3154 rsize = min_t(unsigned int, CIFSMaxBufSize, rsize);
3155
3156 /* hard limit of CIFS_MAX_RSIZE */
3157 rsize = min_t(unsigned int, rsize, CIFS_MAX_RSIZE);
3158
3159 return rsize;
3160 }
3161
3162 static int
3163 is_path_accessible(int xid, struct cifs_tcon *tcon,
3164 struct cifs_sb_info *cifs_sb, const char *full_path)
3165 {
3166 int rc;
3167 FILE_ALL_INFO *pfile_info;
3168
3169 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
3170 if (pfile_info == NULL)
3171 return -ENOMEM;
3172
3173 rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
3174 0 /* not legacy */, cifs_sb->local_nls,
3175 cifs_sb->mnt_cifs_flags &
3176 CIFS_MOUNT_MAP_SPECIAL_CHR);
3177
3178 if (rc == -EOPNOTSUPP || rc == -EINVAL)
3179 rc = SMBQueryInformation(xid, tcon, full_path, pfile_info,
3180 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
3181 CIFS_MOUNT_MAP_SPECIAL_CHR);
3182 kfree(pfile_info);
3183 return rc;
3184 }
3185
3186 static void
3187 cleanup_volume_info_contents(struct smb_vol *volume_info)
3188 {
3189 kfree(volume_info->username);
3190 kzfree(volume_info->password);
3191 if (volume_info->UNCip != volume_info->UNC + 2)
3192 kfree(volume_info->UNCip);
3193 kfree(volume_info->UNC);
3194 kfree(volume_info->domainname);
3195 kfree(volume_info->iocharset);
3196 kfree(volume_info->prepath);
3197 }
3198
3199 void
3200 cifs_cleanup_volume_info(struct smb_vol *volume_info)
3201 {
3202 if (!volume_info)
3203 return;
3204 cleanup_volume_info_contents(volume_info);
3205 kfree(volume_info);
3206 }
3207
3208
3209 #ifdef CONFIG_CIFS_DFS_UPCALL
3210 /* build_path_to_root returns full path to root when
3211 * we do not have an exiting connection (tcon) */
3212 static char *
3213 build_unc_path_to_root(const struct smb_vol *vol,
3214 const struct cifs_sb_info *cifs_sb)
3215 {
3216 char *full_path, *pos;
3217 unsigned int pplen = vol->prepath ? strlen(vol->prepath) : 0;
3218 unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
3219
3220 full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
3221 if (full_path == NULL)
3222 return ERR_PTR(-ENOMEM);
3223
3224 strncpy(full_path, vol->UNC, unc_len);
3225 pos = full_path + unc_len;
3226
3227 if (pplen) {
3228 strncpy(pos, vol->prepath, pplen);
3229 pos += pplen;
3230 }
3231
3232 *pos = '\0'; /* add trailing null */
3233 convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
3234 cFYI(1, "%s: full_path=%s", __func__, full_path);
3235 return full_path;
3236 }
3237
3238 /*
3239 * Perform a dfs referral query for a share and (optionally) prefix
3240 *
3241 * If a referral is found, cifs_sb->mountdata will be (re-)allocated
3242 * to a string containing updated options for the submount. Otherwise it
3243 * will be left untouched.
3244 *
3245 * Returns the rc from get_dfs_path to the caller, which can be used to
3246 * determine whether there were referrals.
3247 */
3248 static int
3249 expand_dfs_referral(int xid, struct cifs_ses *pSesInfo,
3250 struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
3251 int check_prefix)
3252 {
3253 int rc;
3254 unsigned int num_referrals = 0;
3255 struct dfs_info3_param *referrals = NULL;
3256 char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
3257
3258 full_path = build_unc_path_to_root(volume_info, cifs_sb);
3259 if (IS_ERR(full_path))
3260 return PTR_ERR(full_path);
3261
3262 /* For DFS paths, skip the first '\' of the UNC */
3263 ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
3264
3265 rc = get_dfs_path(xid, pSesInfo , ref_path, cifs_sb->local_nls,
3266 &num_referrals, &referrals,
3267 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
3268
3269 if (!rc && num_referrals > 0) {
3270 char *fake_devname = NULL;
3271
3272 mdata = cifs_compose_mount_options(cifs_sb->mountdata,
3273 full_path + 1, referrals,
3274 &fake_devname);
3275
3276 free_dfs_info_array(referrals, num_referrals);
3277
3278 if (IS_ERR(mdata)) {
3279 rc = PTR_ERR(mdata);
3280 mdata = NULL;
3281 } else {
3282 cleanup_volume_info_contents(volume_info);
3283 memset(volume_info, '\0', sizeof(*volume_info));
3284 rc = cifs_setup_volume_info(volume_info, mdata,
3285 fake_devname);
3286 }
3287 kfree(fake_devname);
3288 kfree(cifs_sb->mountdata);
3289 cifs_sb->mountdata = mdata;
3290 }
3291 kfree(full_path);
3292 return rc;
3293 }
3294 #endif
3295
3296 static int
3297 cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
3298 const char *devname)
3299 {
3300 int rc = 0;
3301
3302 if (cifs_parse_mount_options(mount_data, devname, volume_info))
3303 return -EINVAL;
3304
3305 if (volume_info->nullauth) {
3306 cFYI(1, "Anonymous login");
3307 kfree(volume_info->username);
3308 volume_info->username = NULL;
3309 } else if (volume_info->username) {
3310 /* BB fixme parse for domain name here */
3311 cFYI(1, "Username: %s", volume_info->username);
3312 } else {
3313 cifserror("No username specified");
3314 /* In userspace mount helper we can get user name from alternate
3315 locations such as env variables and files on disk */
3316 return -EINVAL;
3317 }
3318
3319 /* this is needed for ASCII cp to Unicode converts */
3320 if (volume_info->iocharset == NULL) {
3321 /* load_nls_default cannot return null */
3322 volume_info->local_nls = load_nls_default();
3323 } else {
3324 volume_info->local_nls = load_nls(volume_info->iocharset);
3325 if (volume_info->local_nls == NULL) {
3326 cERROR(1, "CIFS mount error: iocharset %s not found",
3327 volume_info->iocharset);
3328 return -ELIBACC;
3329 }
3330 }
3331
3332 return rc;
3333 }
3334
3335 struct smb_vol *
3336 cifs_get_volume_info(char *mount_data, const char *devname)
3337 {
3338 int rc;
3339 struct smb_vol *volume_info;
3340
3341 volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
3342 if (!volume_info)
3343 return ERR_PTR(-ENOMEM);
3344
3345 rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3346 if (rc) {
3347 cifs_cleanup_volume_info(volume_info);
3348 volume_info = ERR_PTR(rc);
3349 }
3350
3351 return volume_info;
3352 }
3353
3354 /* make sure ra_pages is a multiple of rsize */
3355 static inline unsigned int
3356 cifs_ra_pages(struct cifs_sb_info *cifs_sb)
3357 {
3358 unsigned int reads;
3359 unsigned int rsize_pages = cifs_sb->rsize / PAGE_CACHE_SIZE;
3360
3361 if (rsize_pages >= default_backing_dev_info.ra_pages)
3362 return default_backing_dev_info.ra_pages;
3363 else if (rsize_pages == 0)
3364 return rsize_pages;
3365
3366 reads = default_backing_dev_info.ra_pages / rsize_pages;
3367 return reads * rsize_pages;
3368 }
3369
3370 int
3371 cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
3372 {
3373 int rc = 0;
3374 int xid;
3375 struct cifs_ses *pSesInfo;
3376 struct cifs_tcon *tcon;
3377 struct TCP_Server_Info *srvTcp;
3378 char *full_path;
3379 struct tcon_link *tlink;
3380 #ifdef CONFIG_CIFS_DFS_UPCALL
3381 int referral_walks_count = 0;
3382 #endif
3383
3384 rc = bdi_setup_and_register(&cifs_sb->bdi, "cifs", BDI_CAP_MAP_COPY);
3385 if (rc)
3386 return rc;
3387
3388 #ifdef CONFIG_CIFS_DFS_UPCALL
3389 try_mount_again:
3390 /* cleanup activities if we're chasing a referral */
3391 if (referral_walks_count) {
3392 if (tcon)
3393 cifs_put_tcon(tcon);
3394 else if (pSesInfo)
3395 cifs_put_smb_ses(pSesInfo);
3396
3397 FreeXid(xid);
3398 }
3399 #endif
3400 tcon = NULL;
3401 pSesInfo = NULL;
3402 srvTcp = NULL;
3403 full_path = NULL;
3404 tlink = NULL;
3405
3406 xid = GetXid();
3407
3408 /* get a reference to a tcp session */
3409 srvTcp = cifs_get_tcp_session(volume_info);
3410 if (IS_ERR(srvTcp)) {
3411 rc = PTR_ERR(srvTcp);
3412 bdi_destroy(&cifs_sb->bdi);
3413 goto out;
3414 }
3415
3416 /* get a reference to a SMB session */
3417 pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
3418 if (IS_ERR(pSesInfo)) {
3419 rc = PTR_ERR(pSesInfo);
3420 pSesInfo = NULL;
3421 goto mount_fail_check;
3422 }
3423
3424 /* search for existing tcon to this server share */
3425 tcon = cifs_get_tcon(pSesInfo, volume_info);
3426 if (IS_ERR(tcon)) {
3427 rc = PTR_ERR(tcon);
3428 tcon = NULL;
3429 goto remote_path_check;
3430 }
3431
3432 /* tell server which Unix caps we support */
3433 if (tcon->ses->capabilities & CAP_UNIX) {
3434 /* reset of caps checks mount to see if unix extensions
3435 disabled for just this mount */
3436 reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
3437 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3438 (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3439 CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3440 rc = -EACCES;
3441 goto mount_fail_check;
3442 }
3443 } else
3444 tcon->unix_ext = 0; /* server does not support them */
3445
3446 /* do not care if following two calls succeed - informational */
3447 if (!tcon->ipc) {
3448 CIFSSMBQFSDeviceInfo(xid, tcon);
3449 CIFSSMBQFSAttributeInfo(xid, tcon);
3450 }
3451
3452 cifs_sb->wsize = cifs_negotiate_wsize(tcon, volume_info);
3453 cifs_sb->rsize = cifs_negotiate_rsize(tcon, volume_info);
3454
3455 /* tune readahead according to rsize */
3456 cifs_sb->bdi.ra_pages = cifs_ra_pages(cifs_sb);
3457
3458 remote_path_check:
3459 #ifdef CONFIG_CIFS_DFS_UPCALL
3460 /*
3461 * Perform an unconditional check for whether there are DFS
3462 * referrals for this path without prefix, to provide support
3463 * for DFS referrals from w2k8 servers which don't seem to respond
3464 * with PATH_NOT_COVERED to requests that include the prefix.
3465 * Chase the referral if found, otherwise continue normally.
3466 */
3467 if (referral_walks_count == 0) {
3468 int refrc = expand_dfs_referral(xid, pSesInfo, volume_info,
3469 cifs_sb, false);
3470 if (!refrc) {
3471 referral_walks_count++;
3472 goto try_mount_again;
3473 }
3474 }
3475 #endif
3476
3477 /* check if a whole path is not remote */
3478 if (!rc && tcon) {
3479 /* build_path_to_root works only when we have a valid tcon */
3480 full_path = cifs_build_path_to_root(volume_info, cifs_sb, tcon);
3481 if (full_path == NULL) {
3482 rc = -ENOMEM;
3483 goto mount_fail_check;
3484 }
3485 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
3486 if (rc != 0 && rc != -EREMOTE) {
3487 kfree(full_path);
3488 goto mount_fail_check;
3489 }
3490 kfree(full_path);
3491 }
3492
3493 /* get referral if needed */
3494 if (rc == -EREMOTE) {
3495 #ifdef CONFIG_CIFS_DFS_UPCALL
3496 if (referral_walks_count > MAX_NESTED_LINKS) {
3497 /*
3498 * BB: when we implement proper loop detection,
3499 * we will remove this check. But now we need it
3500 * to prevent an indefinite loop if 'DFS tree' is
3501 * misconfigured (i.e. has loops).
3502 */
3503 rc = -ELOOP;
3504 goto mount_fail_check;
3505 }
3506
3507 rc = expand_dfs_referral(xid, pSesInfo, volume_info, cifs_sb,
3508 true);
3509
3510 if (!rc) {
3511 referral_walks_count++;
3512 goto try_mount_again;
3513 }
3514 goto mount_fail_check;
3515 #else /* No DFS support, return error on mount */
3516 rc = -EOPNOTSUPP;
3517 #endif
3518 }
3519
3520 if (rc)
3521 goto mount_fail_check;
3522
3523 /* now, hang the tcon off of the superblock */
3524 tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3525 if (tlink == NULL) {
3526 rc = -ENOMEM;
3527 goto mount_fail_check;
3528 }
3529
3530 tlink->tl_uid = pSesInfo->linux_uid;
3531 tlink->tl_tcon = tcon;
3532 tlink->tl_time = jiffies;
3533 set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
3534 set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3535
3536 cifs_sb->master_tlink = tlink;
3537 spin_lock(&cifs_sb->tlink_tree_lock);
3538 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
3539 spin_unlock(&cifs_sb->tlink_tree_lock);
3540
3541 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3542 TLINK_IDLE_EXPIRE);
3543
3544 mount_fail_check:
3545 /* on error free sesinfo and tcon struct if needed */
3546 if (rc) {
3547 /* If find_unc succeeded then rc == 0 so we can not end */
3548 /* up accidentally freeing someone elses tcon struct */
3549 if (tcon)
3550 cifs_put_tcon(tcon);
3551 else if (pSesInfo)
3552 cifs_put_smb_ses(pSesInfo);
3553 else
3554 cifs_put_tcp_session(srvTcp);
3555 bdi_destroy(&cifs_sb->bdi);
3556 }
3557
3558 out:
3559 FreeXid(xid);
3560 return rc;
3561 }
3562
3563 /*
3564 * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
3565 * pointer may be NULL.
3566 */
3567 int
3568 CIFSTCon(unsigned int xid, struct cifs_ses *ses,
3569 const char *tree, struct cifs_tcon *tcon,
3570 const struct nls_table *nls_codepage)
3571 {
3572 struct smb_hdr *smb_buffer;
3573 struct smb_hdr *smb_buffer_response;
3574 TCONX_REQ *pSMB;
3575 TCONX_RSP *pSMBr;
3576 unsigned char *bcc_ptr;
3577 int rc = 0;
3578 int length;
3579 __u16 bytes_left, count;
3580
3581 if (ses == NULL)
3582 return -EIO;
3583
3584 smb_buffer = cifs_buf_get();
3585 if (smb_buffer == NULL)
3586 return -ENOMEM;
3587
3588 smb_buffer_response = smb_buffer;
3589
3590 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3591 NULL /*no tid */ , 4 /*wct */ );
3592
3593 smb_buffer->Mid = GetNextMid(ses->server);
3594 smb_buffer->Uid = ses->Suid;
3595 pSMB = (TCONX_REQ *) smb_buffer;
3596 pSMBr = (TCONX_RSP *) smb_buffer_response;
3597
3598 pSMB->AndXCommand = 0xFF;
3599 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
3600 bcc_ptr = &pSMB->Password[0];
3601 if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
3602 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
3603 *bcc_ptr = 0; /* password is null byte */
3604 bcc_ptr++; /* skip password */
3605 /* already aligned so no need to do it below */
3606 } else {
3607 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
3608 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3609 specified as required (when that support is added to
3610 the vfs in the future) as only NTLM or the much
3611 weaker LANMAN (which we do not send by default) is accepted
3612 by Samba (not sure whether other servers allow
3613 NTLMv2 password here) */
3614 #ifdef CONFIG_CIFS_WEAK_PW_HASH
3615 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
3616 (ses->server->secType == LANMAN))
3617 calc_lanman_hash(tcon->password, ses->server->cryptkey,
3618 ses->server->sec_mode &
3619 SECMODE_PW_ENCRYPT ? true : false,
3620 bcc_ptr);
3621 else
3622 #endif /* CIFS_WEAK_PW_HASH */
3623 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
3624 bcc_ptr, nls_codepage);
3625
3626 bcc_ptr += CIFS_AUTH_RESP_SIZE;
3627 if (ses->capabilities & CAP_UNICODE) {
3628 /* must align unicode strings */
3629 *bcc_ptr = 0; /* null byte password */
3630 bcc_ptr++;
3631 }
3632 }
3633
3634 if (ses->server->sec_mode &
3635 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
3636 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3637
3638 if (ses->capabilities & CAP_STATUS32) {
3639 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3640 }
3641 if (ses->capabilities & CAP_DFS) {
3642 smb_buffer->Flags2 |= SMBFLG2_DFS;
3643 }
3644 if (ses->capabilities & CAP_UNICODE) {
3645 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3646 length =
3647 cifs_strtoUTF16((__le16 *) bcc_ptr, tree,
3648 6 /* max utf8 char length in bytes */ *
3649 (/* server len*/ + 256 /* share len */), nls_codepage);
3650 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
3651 bcc_ptr += 2; /* skip trailing null */
3652 } else { /* ASCII */
3653 strcpy(bcc_ptr, tree);
3654 bcc_ptr += strlen(tree) + 1;
3655 }
3656 strcpy(bcc_ptr, "?????");
3657 bcc_ptr += strlen("?????");
3658 bcc_ptr += 1;
3659 count = bcc_ptr - &pSMB->Password[0];
3660 pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
3661 pSMB->hdr.smb_buf_length) + count);
3662 pSMB->ByteCount = cpu_to_le16(count);
3663
3664 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
3665 0);
3666
3667 /* above now done in SendReceive */
3668 if ((rc == 0) && (tcon != NULL)) {
3669 bool is_unicode;
3670
3671 tcon->tidStatus = CifsGood;
3672 tcon->need_reconnect = false;
3673 tcon->tid = smb_buffer_response->Tid;
3674 bcc_ptr = pByteArea(smb_buffer_response);
3675 bytes_left = get_bcc(smb_buffer_response);
3676 length = strnlen(bcc_ptr, bytes_left - 2);
3677 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3678 is_unicode = true;
3679 else
3680 is_unicode = false;
3681
3682
3683 /* skip service field (NB: this field is always ASCII) */
3684 if (length == 3) {
3685 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
3686 (bcc_ptr[2] == 'C')) {
3687 cFYI(1, "IPC connection");
3688 tcon->ipc = 1;
3689 }
3690 } else if (length == 2) {
3691 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
3692 /* the most common case */
3693 cFYI(1, "disk share connection");
3694 }
3695 }
3696 bcc_ptr += length + 1;
3697 bytes_left -= (length + 1);
3698 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
3699
3700 /* mostly informational -- no need to fail on error here */
3701 kfree(tcon->nativeFileSystem);
3702 tcon->nativeFileSystem = cifs_strndup_from_utf16(bcc_ptr,
3703 bytes_left, is_unicode,
3704 nls_codepage);
3705
3706 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
3707
3708 if ((smb_buffer_response->WordCount == 3) ||
3709 (smb_buffer_response->WordCount == 7))
3710 /* field is in same location */
3711 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3712 else
3713 tcon->Flags = 0;
3714 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
3715 } else if ((rc == 0) && tcon == NULL) {
3716 /* all we need to save for IPC$ connection */
3717 ses->ipc_tid = smb_buffer_response->Tid;
3718 }
3719
3720 cifs_buf_release(smb_buffer);
3721 return rc;
3722 }
3723
3724 void
3725 cifs_umount(struct cifs_sb_info *cifs_sb)
3726 {
3727 struct rb_root *root = &cifs_sb->tlink_tree;
3728 struct rb_node *node;
3729 struct tcon_link *tlink;
3730
3731 cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
3732
3733 spin_lock(&cifs_sb->tlink_tree_lock);
3734 while ((node = rb_first(root))) {
3735 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3736 cifs_get_tlink(tlink);
3737 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3738 rb_erase(node, root);
3739
3740 spin_unlock(&cifs_sb->tlink_tree_lock);
3741 cifs_put_tlink(tlink);
3742 spin_lock(&cifs_sb->tlink_tree_lock);
3743 }
3744 spin_unlock(&cifs_sb->tlink_tree_lock);
3745
3746 bdi_destroy(&cifs_sb->bdi);
3747 kfree(cifs_sb->mountdata);
3748 unload_nls(cifs_sb->local_nls);
3749 kfree(cifs_sb);
3750 }
3751
3752 int cifs_negotiate_protocol(unsigned int xid, struct cifs_ses *ses)
3753 {
3754 int rc = 0;
3755 struct TCP_Server_Info *server = ses->server;
3756
3757 /* only send once per connect */
3758 if (server->maxBuf != 0)
3759 return 0;
3760
3761 rc = CIFSSMBNegotiate(xid, ses);
3762 if (rc == -EAGAIN) {
3763 /* retry only once on 1st time connection */
3764 rc = CIFSSMBNegotiate(xid, ses);
3765 if (rc == -EAGAIN)
3766 rc = -EHOSTDOWN;
3767 }
3768 if (rc == 0) {
3769 spin_lock(&GlobalMid_Lock);
3770 if (server->tcpStatus == CifsNeedNegotiate)
3771 server->tcpStatus = CifsGood;
3772 else
3773 rc = -EHOSTDOWN;
3774 spin_unlock(&GlobalMid_Lock);
3775
3776 }
3777
3778 return rc;
3779 }
3780
3781
3782 int cifs_setup_session(unsigned int xid, struct cifs_ses *ses,
3783 struct nls_table *nls_info)
3784 {
3785 int rc = 0;
3786 struct TCP_Server_Info *server = ses->server;
3787
3788 ses->flags = 0;
3789 ses->capabilities = server->capabilities;
3790 if (linuxExtEnabled == 0)
3791 ses->capabilities &= (~CAP_UNIX);
3792
3793 cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
3794 server->sec_mode, server->capabilities, server->timeAdj);
3795
3796 rc = CIFS_SessSetup(xid, ses, nls_info);
3797 if (rc) {
3798 cERROR(1, "Send error in SessSetup = %d", rc);
3799 } else {
3800 mutex_lock(&ses->server->srv_mutex);
3801 if (!server->session_estab) {
3802 server->session_key.response = ses->auth_key.response;
3803 server->session_key.len = ses->auth_key.len;
3804 server->sequence_number = 0x2;
3805 server->session_estab = true;
3806 ses->auth_key.response = NULL;
3807 }
3808 mutex_unlock(&server->srv_mutex);
3809
3810 cFYI(1, "CIFS Session Established successfully");
3811 spin_lock(&GlobalMid_Lock);
3812 ses->status = CifsGood;
3813 ses->need_reconnect = false;
3814 spin_unlock(&GlobalMid_Lock);
3815 }
3816
3817 kfree(ses->auth_key.response);
3818 ses->auth_key.response = NULL;
3819 ses->auth_key.len = 0;
3820 kfree(ses->ntlmssp);
3821 ses->ntlmssp = NULL;
3822
3823 return rc;
3824 }
3825
3826 static int
3827 cifs_set_vol_auth(struct smb_vol *vol, struct cifs_ses *ses)
3828 {
3829 switch (ses->server->secType) {
3830 case Kerberos:
3831 vol->secFlg = CIFSSEC_MUST_KRB5;
3832 return 0;
3833 case NTLMv2:
3834 vol->secFlg = CIFSSEC_MUST_NTLMV2;
3835 break;
3836 case NTLM:
3837 vol->secFlg = CIFSSEC_MUST_NTLM;
3838 break;
3839 case RawNTLMSSP:
3840 vol->secFlg = CIFSSEC_MUST_NTLMSSP;
3841 break;
3842 case LANMAN:
3843 vol->secFlg = CIFSSEC_MUST_LANMAN;
3844 break;
3845 }
3846
3847 return cifs_set_cifscreds(vol, ses);
3848 }
3849
3850 static struct cifs_tcon *
3851 cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
3852 {
3853 int rc;
3854 struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
3855 struct cifs_ses *ses;
3856 struct cifs_tcon *tcon = NULL;
3857 struct smb_vol *vol_info;
3858
3859 vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
3860 if (vol_info == NULL) {
3861 tcon = ERR_PTR(-ENOMEM);
3862 goto out;
3863 }
3864
3865 vol_info->local_nls = cifs_sb->local_nls;
3866 vol_info->linux_uid = fsuid;
3867 vol_info->cred_uid = fsuid;
3868 vol_info->UNC = master_tcon->treeName;
3869 vol_info->retry = master_tcon->retry;
3870 vol_info->nocase = master_tcon->nocase;
3871 vol_info->local_lease = master_tcon->local_lease;
3872 vol_info->no_linux_ext = !master_tcon->unix_ext;
3873
3874 rc = cifs_set_vol_auth(vol_info, master_tcon->ses);
3875 if (rc) {
3876 tcon = ERR_PTR(rc);
3877 goto out;
3878 }
3879
3880 /* get a reference for the same TCP session */
3881 spin_lock(&cifs_tcp_ses_lock);
3882 ++master_tcon->ses->server->srv_count;
3883 spin_unlock(&cifs_tcp_ses_lock);
3884
3885 ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
3886 if (IS_ERR(ses)) {
3887 tcon = (struct cifs_tcon *)ses;
3888 cifs_put_tcp_session(master_tcon->ses->server);
3889 goto out;
3890 }
3891
3892 tcon = cifs_get_tcon(ses, vol_info);
3893 if (IS_ERR(tcon)) {
3894 cifs_put_smb_ses(ses);
3895 goto out;
3896 }
3897
3898 if (ses->capabilities & CAP_UNIX)
3899 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
3900 out:
3901 kfree(vol_info->username);
3902 kfree(vol_info->password);
3903 kfree(vol_info);
3904
3905 return tcon;
3906 }
3907
3908 struct cifs_tcon *
3909 cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
3910 {
3911 return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
3912 }
3913
3914 static int
3915 cifs_sb_tcon_pending_wait(void *unused)
3916 {
3917 schedule();
3918 return signal_pending(current) ? -ERESTARTSYS : 0;
3919 }
3920
3921 /* find and return a tlink with given uid */
3922 static struct tcon_link *
3923 tlink_rb_search(struct rb_root *root, uid_t uid)
3924 {
3925 struct rb_node *node = root->rb_node;
3926 struct tcon_link *tlink;
3927
3928 while (node) {
3929 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3930
3931 if (tlink->tl_uid > uid)
3932 node = node->rb_left;
3933 else if (tlink->tl_uid < uid)
3934 node = node->rb_right;
3935 else
3936 return tlink;
3937 }
3938 return NULL;
3939 }
3940
3941 /* insert a tcon_link into the tree */
3942 static void
3943 tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
3944 {
3945 struct rb_node **new = &(root->rb_node), *parent = NULL;
3946 struct tcon_link *tlink;
3947
3948 while (*new) {
3949 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
3950 parent = *new;
3951
3952 if (tlink->tl_uid > new_tlink->tl_uid)
3953 new = &((*new)->rb_left);
3954 else
3955 new = &((*new)->rb_right);
3956 }
3957
3958 rb_link_node(&new_tlink->tl_rbnode, parent, new);
3959 rb_insert_color(&new_tlink->tl_rbnode, root);
3960 }
3961
3962 /*
3963 * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
3964 * current task.
3965 *
3966 * If the superblock doesn't refer to a multiuser mount, then just return
3967 * the master tcon for the mount.
3968 *
3969 * First, search the rbtree for an existing tcon for this fsuid. If one
3970 * exists, then check to see if it's pending construction. If it is then wait
3971 * for construction to complete. Once it's no longer pending, check to see if
3972 * it failed and either return an error or retry construction, depending on
3973 * the timeout.
3974 *
3975 * If one doesn't exist then insert a new tcon_link struct into the tree and
3976 * try to construct a new one.
3977 */
3978 struct tcon_link *
3979 cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
3980 {
3981 int ret;
3982 uid_t fsuid = current_fsuid();
3983 struct tcon_link *tlink, *newtlink;
3984
3985 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
3986 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
3987
3988 spin_lock(&cifs_sb->tlink_tree_lock);
3989 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
3990 if (tlink)
3991 cifs_get_tlink(tlink);
3992 spin_unlock(&cifs_sb->tlink_tree_lock);
3993
3994 if (tlink == NULL) {
3995 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
3996 if (newtlink == NULL)
3997 return ERR_PTR(-ENOMEM);
3998 newtlink->tl_uid = fsuid;
3999 newtlink->tl_tcon = ERR_PTR(-EACCES);
4000 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
4001 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
4002 cifs_get_tlink(newtlink);
4003
4004 spin_lock(&cifs_sb->tlink_tree_lock);
4005 /* was one inserted after previous search? */
4006 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
4007 if (tlink) {
4008 cifs_get_tlink(tlink);
4009 spin_unlock(&cifs_sb->tlink_tree_lock);
4010 kfree(newtlink);
4011 goto wait_for_construction;
4012 }
4013 tlink = newtlink;
4014 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
4015 spin_unlock(&cifs_sb->tlink_tree_lock);
4016 } else {
4017 wait_for_construction:
4018 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
4019 cifs_sb_tcon_pending_wait,
4020 TASK_INTERRUPTIBLE);
4021 if (ret) {
4022 cifs_put_tlink(tlink);
4023 return ERR_PTR(ret);
4024 }
4025
4026 /* if it's good, return it */
4027 if (!IS_ERR(tlink->tl_tcon))
4028 return tlink;
4029
4030 /* return error if we tried this already recently */
4031 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
4032 cifs_put_tlink(tlink);
4033 return ERR_PTR(-EACCES);
4034 }
4035
4036 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
4037 goto wait_for_construction;
4038 }
4039
4040 tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
4041 clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
4042 wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
4043
4044 if (IS_ERR(tlink->tl_tcon)) {
4045 cifs_put_tlink(tlink);
4046 return ERR_PTR(-EACCES);
4047 }
4048
4049 return tlink;
4050 }
4051
4052 /*
4053 * periodic workqueue job that scans tcon_tree for a superblock and closes
4054 * out tcons.
4055 */
4056 static void
4057 cifs_prune_tlinks(struct work_struct *work)
4058 {
4059 struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
4060 prune_tlinks.work);
4061 struct rb_root *root = &cifs_sb->tlink_tree;
4062 struct rb_node *node = rb_first(root);
4063 struct rb_node *tmp;
4064 struct tcon_link *tlink;
4065
4066 /*
4067 * Because we drop the spinlock in the loop in order to put the tlink
4068 * it's not guarded against removal of links from the tree. The only
4069 * places that remove entries from the tree are this function and
4070 * umounts. Because this function is non-reentrant and is canceled
4071 * before umount can proceed, this is safe.
4072 */
4073 spin_lock(&cifs_sb->tlink_tree_lock);
4074 node = rb_first(root);
4075 while (node != NULL) {
4076 tmp = node;
4077 node = rb_next(tmp);
4078 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
4079
4080 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
4081 atomic_read(&tlink->tl_count) != 0 ||
4082 time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
4083 continue;
4084
4085 cifs_get_tlink(tlink);
4086 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
4087 rb_erase(tmp, root);
4088
4089 spin_unlock(&cifs_sb->tlink_tree_lock);
4090 cifs_put_tlink(tlink);
4091 spin_lock(&cifs_sb->tlink_tree_lock);
4092 }
4093 spin_unlock(&cifs_sb->tlink_tree_lock);
4094
4095 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
4096 TLINK_IDLE_EXPIRE);
4097 }
Linux 2.6 ibm-acpi/thinkpad-acpi driver git tree