]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blame - fs/cifs/connect.c
projects / mirror_ubuntu-bionic-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
CIFS: Separate protocol-specific code from transport routines
[mirror_ubuntu-bionic-kernel.git] / fs / cifs / connect.c
CommitLineData
1da177e4
LT		 1/*
2 * fs/cifs/connect.c
3 *
d185cda7 4 * Copyright (C) International Business Machines Corp., 2002,2009
1da177e4
LT		 5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
fb8c4b14 19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
1da177e4
LT		 20 */
21#include <linux/fs.h>
22#include <linux/net.h>
23#include <linux/string.h>
24#include <linux/list.h>
25#include <linux/wait.h>
5a0e3ad6 26#include <linux/slab.h>
1da177e4
LT		 27#include <linux/pagemap.h>
28#include <linux/ctype.h>
29#include <linux/utsname.h>
30#include <linux/mempool.h>
b8643e1b 31#include <linux/delay.h>
f191401f 32#include <linux/completion.h>
aaf737ad 33#include <linux/kthread.h>
0ae0efad 34#include <linux/pagevec.h>
7dfb7103 35#include <linux/freezer.h>
5c2503a8 36#include <linux/namei.h>
1da177e4
LT		 37#include <asm/uaccess.h>
38#include <asm/processor.h>
50b64e3b 39#include <linux/inet.h>
143cb494 40#include <linux/module.h>
8a8798a5 41#include <keys/user-type.h>
0e2bedaa 42#include <net/ipv6.h>
1da177e4
LT		 43#include "cifspdu.h"
44#include "cifsglob.h"
45#include "cifsproto.h"
46#include "cifs_unicode.h"
47#include "cifs_debug.h"
48#include "cifs_fs_sb.h"
49#include "ntlmssp.h"
50#include "nterr.h"
51#include "rfc1002pdu.h"
488f1d2d 52#include "fscache.h"
1da177e4
LT		 53
54#define CIFS_PORT 445
55#define RFC1001_PORT 139
56
c74093b6
JL		 57/* SMB echo "timeout" -- FIXME: tunable? */
58#define SMB_ECHO_INTERVAL (60 * HZ)
59
1da177e4
LT		 60extern mempool_t *cifs_req_poolp;
61
2de970ff 62/* FIXME: should these be tunable? */
9d002df4 63#define TLINK_ERROR_EXPIRE (1 * HZ)
2de970ff 64#define TLINK_IDLE_EXPIRE (600 * HZ)
9d002df4 65
a9f1b85e
PS		 66static int ip_connect(struct TCP_Server_Info *server);
67static int generic_ip_connect(struct TCP_Server_Info *server);
b647c35f 68static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
2de970ff 69static void cifs_prune_tlinks(struct work_struct *work);
b9bce2e9
JL		 70static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
71 const char *devname);
1da177e4 72
d5c5605c
JL		 73/*
74 * cifs tcp session reconnection
75 *
76 * mark tcp session as reconnecting so temporarily locked
77 * mark all smb sessions as reconnecting for tcp session
78 * reconnect tcp session
79 * wake up waiters on reconnection? - (not needed currently)
80 */
2cd646a2 81static int
1da177e4
LT		 82cifs_reconnect(struct TCP_Server_Info *server)
83{
84 int rc = 0;
f1987b44 85 struct list_head *tmp, *tmp2;
96daf2b0
SF		 86 struct cifs_ses *ses;
87 struct cifs_tcon *tcon;
fb8c4b14 88 struct mid_q_entry *mid_entry;
3c1105df 89 struct list_head retry_list;
50c2f753 90
1da177e4 91 spin_lock(&GlobalMid_Lock);
469ee614 92 if (server->tcpStatus == CifsExiting) {
fb8c4b14 93 /* the demux thread will exit normally
1da177e4
LT		 94 next time through the loop */
95 spin_unlock(&GlobalMid_Lock);
96 return rc;
97 } else
98 server->tcpStatus = CifsNeedReconnect;
99 spin_unlock(&GlobalMid_Lock);
100 server->maxBuf = 0;
101
b6b38f70 102 cFYI(1, "Reconnecting tcp session");
1da177e4
LT		 103
104 /* before reconnecting the tcp session, mark the smb session (uid)
105 and the tid bad so they are not used until reconnected */
2b84a36c 106 cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
3f9bcca7 107 spin_lock(&cifs_tcp_ses_lock);
14fbf50d 108 list_for_each(tmp, &server->smb_ses_list) {
96daf2b0 109 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
14fbf50d
JL		 110 ses->need_reconnect = true;
111 ses->ipc_tid = 0;
f1987b44 112 list_for_each(tmp2, &ses->tcon_list) {
96daf2b0 113 tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
3b795210 114 tcon->need_reconnect = true;
1da177e4 115 }
1da177e4 116 }
3f9bcca7 117 spin_unlock(&cifs_tcp_ses_lock);
2b84a36c 118
1da177e4 119 /* do not want to be sending data on a socket we are freeing */
2b84a36c 120 cFYI(1, "%s: tearing down socket", __func__);
72ca545b 121 mutex_lock(&server->srv_mutex);
fb8c4b14 122 if (server->ssocket) {
b6b38f70
JP		 123 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
124 server->ssocket->flags);
91cf45f0 125 kernel_sock_shutdown(server->ssocket, SHUT_WR);
b6b38f70 126 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
467a8f8d 127 server->ssocket->state,
b6b38f70 128 server->ssocket->flags);
1da177e4
LT		 129 sock_release(server->ssocket);
130 server->ssocket = NULL;
131 }
5d0d2882
SP		 132 server->sequence_number = 0;
133 server->session_estab = false;
21e73393
SP		 134 kfree(server->session_key.response);
135 server->session_key.response = NULL;
136 server->session_key.len = 0;
fda35943 137 server->lstrp = jiffies;
2b84a36c 138 mutex_unlock(&server->srv_mutex);
1da177e4 139
2b84a36c 140 /* mark submitted MIDs for retry and issue callback */
3c1105df
JL		 141 INIT_LIST_HEAD(&retry_list);
142 cFYI(1, "%s: moving mids to private list", __func__);
1da177e4 143 spin_lock(&GlobalMid_Lock);
2b84a36c
JL		 144 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
145 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
146 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
ad8b15f0 147 mid_entry->midState = MID_RETRY_NEEDED;
3c1105df
JL		 148 list_move(&mid_entry->qhead, &retry_list);
149 }
150 spin_unlock(&GlobalMid_Lock);
151
152 cFYI(1, "%s: issuing mid callbacks", __func__);
153 list_for_each_safe(tmp, tmp2, &retry_list) {
154 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
2b84a36c
JL		 155 list_del_init(&mid_entry->qhead);
156 mid_entry->callback(mid_entry);
1da177e4 157 }
1da177e4 158
7fdbaa1b 159 do {
6c3d8909 160 try_to_freeze();
a9f1b85e
PS		 161
162 /* we should try only the port we connected to before */
163 rc = generic_ip_connect(server);
fb8c4b14 164 if (rc) {
b6b38f70 165 cFYI(1, "reconnect error %d", rc);
0cb766ae 166 msleep(3000);
1da177e4
LT		 167 } else {
168 atomic_inc(&tcpSesReconnectCount);
169 spin_lock(&GlobalMid_Lock);
469ee614 170 if (server->tcpStatus != CifsExiting)
fd88ce93 171 server->tcpStatus = CifsNeedNegotiate;
fb8c4b14 172 spin_unlock(&GlobalMid_Lock);
1da177e4 173 }
7fdbaa1b 174 } while (server->tcpStatus == CifsNeedReconnect);
2b84a36c 175
1da177e4
LT		 176 return rc;
177}
178
fb8c4b14 179/*
e4eb295d
SF		 180 return codes:
181 0 not a transact2, or all data present
182 >0 transact2 with that much data missing
183 -EINVAL = invalid transact2
184
185 */
c974befa 186static int check2ndT2(struct smb_hdr *pSMB)
e4eb295d 187{
fb8c4b14 188 struct smb_t2_rsp *pSMBt;
e4eb295d 189 int remaining;
26ec2548 190 __u16 total_data_size, data_in_this_rsp;
e4eb295d 191
fb8c4b14 192 if (pSMB->Command != SMB_COM_TRANSACTION2)
e4eb295d
SF		 193 return 0;
194
fb8c4b14
SF		 195 /* check for plausible wct, bcc and t2 data and parm sizes */
196 /* check for parm and data offset going beyond end of smb */
197 if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
b6b38f70 198 cFYI(1, "invalid transact2 word count");
e4eb295d
SF		 199 return -EINVAL;
200 }
201
202 pSMBt = (struct smb_t2_rsp *)pSMB;
203
26ec2548
JL		 204 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
205 data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
e4eb295d 206
c0c7b905 207 if (total_data_size == data_in_this_rsp)
e4eb295d 208 return 0;
c0c7b905 209 else if (total_data_size < data_in_this_rsp) {
b6b38f70
JP		 210 cFYI(1, "total data %d smaller than data in frame %d",
211 total_data_size, data_in_this_rsp);
e4eb295d 212 return -EINVAL;
e4eb295d 213 }
c0c7b905
JL		 214
215 remaining = total_data_size - data_in_this_rsp;
216
217 cFYI(1, "missing %d bytes from transact2, check next response",
218 remaining);
c974befa 219 if (total_data_size > CIFSMaxBufSize) {
c0c7b905 220 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
c974befa 221 total_data_size, CIFSMaxBufSize);
c0c7b905
JL		 222 return -EINVAL;
223 }
224 return remaining;
e4eb295d
SF		 225}
226
fb8c4b14 227static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
e4eb295d 228{
f5fffcee 229 struct smb_t2_rsp *pSMBs = (struct smb_t2_rsp *)psecond;
e4eb295d 230 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
f5fffcee
JL		 231 char *data_area_of_tgt;
232 char *data_area_of_src;
26ec2548 233 int remaining;
f5fffcee
JL		 234 unsigned int byte_count, total_in_tgt;
235 __u16 tgt_total_cnt, src_total_cnt, total_in_src;
e4eb295d 236
f5fffcee
JL		 237 src_total_cnt = get_unaligned_le16(&pSMBs->t2_rsp.TotalDataCount);
238 tgt_total_cnt = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
e4eb295d 239
f5fffcee
JL		 240 if (tgt_total_cnt != src_total_cnt)
241 cFYI(1, "total data count of primary and secondary t2 differ "
242 "source=%hu target=%hu", src_total_cnt, tgt_total_cnt);
e4eb295d 243
f5fffcee 244 total_in_tgt = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
e4eb295d 245
f5fffcee 246 remaining = tgt_total_cnt - total_in_tgt;
50c2f753 247
f5fffcee
JL		 248 if (remaining < 0) {
249 cFYI(1, "Server sent too much data. tgt_total_cnt=%hu "
250 "total_in_tgt=%hu", tgt_total_cnt, total_in_tgt);
2a2047bc 251 return -EPROTO;
f5fffcee 252 }
e4eb295d 253
f5fffcee
JL		 254 if (remaining == 0) {
255 /* nothing to do, ignore */
256 cFYI(1, "no more data remains");
e4eb295d 257 return 0;
f5fffcee 258 }
50c2f753 259
f5fffcee
JL		 260 total_in_src = get_unaligned_le16(&pSMBs->t2_rsp.DataCount);
261 if (remaining < total_in_src)
b6b38f70 262 cFYI(1, "transact2 2nd response contains too much data");
e4eb295d
SF		 263
264 /* find end of first SMB data area */
f5fffcee 265 data_area_of_tgt = (char *)&pSMBt->hdr.Protocol +
26ec2548 266 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
e4eb295d 267
f5fffcee
JL		 268 /* validate target area */
269 data_area_of_src = (char *)&pSMBs->hdr.Protocol +
270 get_unaligned_le16(&pSMBs->t2_rsp.DataOffset);
e4eb295d 271
f5fffcee 272 data_area_of_tgt += total_in_tgt;
e4eb295d 273
f5fffcee 274 total_in_tgt += total_in_src;
2a2047bc 275 /* is the result too big for the field? */
f5fffcee
JL		 276 if (total_in_tgt > USHRT_MAX) {
277 cFYI(1, "coalesced DataCount too large (%u)", total_in_tgt);
2a2047bc 278 return -EPROTO;
f5fffcee
JL		 279 }
280 put_unaligned_le16(total_in_tgt, &pSMBt->t2_rsp.DataCount);
2a2047bc
JL		 281
282 /* fix up the BCC */
820a803f 283 byte_count = get_bcc(pTargetSMB);
f5fffcee 284 byte_count += total_in_src;
2a2047bc 285 /* is the result too big for the field? */
f5fffcee
JL		 286 if (byte_count > USHRT_MAX) {
287 cFYI(1, "coalesced BCC too large (%u)", byte_count);
2a2047bc 288 return -EPROTO;
f5fffcee 289 }
820a803f 290 put_bcc(byte_count, pTargetSMB);
e4eb295d 291
be8e3b00 292 byte_count = be32_to_cpu(pTargetSMB->smb_buf_length);
f5fffcee 293 byte_count += total_in_src;
2a2047bc 294 /* don't allow buffer to overflow */
f5fffcee
JL		 295 if (byte_count > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
296 cFYI(1, "coalesced BCC exceeds buffer size (%u)", byte_count);
2a2047bc 297 return -ENOBUFS;
f5fffcee 298 }
be8e3b00 299 pTargetSMB->smb_buf_length = cpu_to_be32(byte_count);
e4eb295d 300
f5fffcee
JL		 301 /* copy second buffer into end of first buffer */
302 memcpy(data_area_of_tgt, data_area_of_src, total_in_src);
2a2047bc 303
f5fffcee
JL		 304 if (remaining != total_in_src) {
305 /* more responses to go */
306 cFYI(1, "waiting for more secondary responses");
e4eb295d 307 return 1;
f5fffcee
JL		 308 }
309
310 /* we are done */
311 cFYI(1, "found the last secondary response");
312 return 0;
e4eb295d
SF		 313}
314
c74093b6
JL		 315static void
316cifs_echo_request(struct work_struct *work)
317{
318 int rc;
319 struct TCP_Server_Info *server = container_of(work,
320 struct TCP_Server_Info, echo.work);
321
247ec9b4 322 /*
195291e6
JL		 323 * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
324 * done, which is indicated by maxBuf != 0. Also, no need to ping if
325 * we got a response recently
247ec9b4 326 */
195291e6 327 if (server->maxBuf == 0 ||
247ec9b4 328 time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
c74093b6
JL		 329 goto requeue_echo;
330
331 rc = CIFSSMBEcho(server);
332 if (rc)
333 cFYI(1, "Unable to send echo request to server: %s",
334 server->hostname);
335
336requeue_echo:
337 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
338}
339
3d9c2472 340static bool
2a37ef94 341allocate_buffers(struct TCP_Server_Info *server)
3d9c2472 342{
2a37ef94
JL		 343 if (!server->bigbuf) {
344 server->bigbuf = (char *)cifs_buf_get();
345 if (!server->bigbuf) {
3d9c2472
PS		 346 cERROR(1, "No memory for large SMB response");
347 msleep(3000);
348 /* retry will check if exiting */
349 return false;
350 }
2a37ef94 351 } else if (server->large_buf) {
3d9c2472 352 /* we are reusing a dirty large buf, clear its start */
2a37ef94 353 memset(server->bigbuf, 0, sizeof(struct smb_hdr));
3d9c2472
PS		 354 }
355
2a37ef94
JL		 356 if (!server->smallbuf) {
357 server->smallbuf = (char *)cifs_small_buf_get();
358 if (!server->smallbuf) {
3d9c2472
PS		 359 cERROR(1, "No memory for SMB response");
360 msleep(1000);
361 /* retry will check if exiting */
362 return false;
363 }
364 /* beginning of smb buffer is cleared in our buf_get */
365 } else {
366 /* if existing small buf clear beginning */
2a37ef94 367 memset(server->smallbuf, 0, sizeof(struct smb_hdr));
3d9c2472
PS		 368 }
369
3d9c2472
PS		 370 return true;
371}
372
ba749e6d
JL		 373static bool
374server_unresponsive(struct TCP_Server_Info *server)
375{
6dae51a5
PS		 376 /*
377 * We need to wait 2 echo intervals to make sure we handle such
378 * situations right:
379 * 1s client sends a normal SMB request
380 * 2s client gets a response
381 * 30s echo workqueue job pops, and decides we got a response recently
382 * and don't need to send another
383 * ...
384 * 65s kernel_recvmsg times out, and we see that we haven't gotten
385 * a response in >60s.
386 */
387 if (server->tcpStatus == CifsGood &&
388 time_after(jiffies, server->lstrp + 2 * SMB_ECHO_INTERVAL)) {
ba749e6d
JL		 389 cERROR(1, "Server %s has not responded in %d seconds. "
390 "Reconnecting...", server->hostname,
6dae51a5 391 (2 * SMB_ECHO_INTERVAL) / HZ);
ba749e6d
JL		 392 cifs_reconnect(server);
393 wake_up(&server->response_q);
394 return true;
395 }
396
397 return false;
398}
399
42c4dfc2
JL		 400/*
401 * kvec_array_init - clone a kvec array, and advance into it
402 * @new: pointer to memory for cloned array
403 * @iov: pointer to original array
404 * @nr_segs: number of members in original array
405 * @bytes: number of bytes to advance into the cloned array
406 *
407 * This function will copy the array provided in iov to a section of memory
408 * and advance the specified number of bytes into the new array. It returns
409 * the number of segments in the new array. "new" must be at least as big as
410 * the original iov array.
411 */
412static unsigned int
413kvec_array_init(struct kvec *new, struct kvec *iov, unsigned int nr_segs,
414 size_t bytes)
415{
416 size_t base = 0;
417
418 while (bytes || !iov->iov_len) {
419 int copy = min(bytes, iov->iov_len);
420
421 bytes -= copy;
422 base += copy;
423 if (iov->iov_len == base) {
424 iov++;
425 nr_segs--;
426 base = 0;
427 }
428 }
429 memcpy(new, iov, sizeof(*iov) * nr_segs);
430 new->iov_base += base;
431 new->iov_len -= base;
432 return nr_segs;
433}
434
1041e3f9
JL		 435static struct kvec *
436get_server_iovec(struct TCP_Server_Info *server, unsigned int nr_segs)
e7015fb1 437{
1041e3f9
JL		 438 struct kvec *new_iov;
439
440 if (server->iov && nr_segs <= server->nr_iov)
441 return server->iov;
442
443 /* not big enough -- allocate a new one and release the old */
444 new_iov = kmalloc(sizeof(*new_iov) * nr_segs, GFP_NOFS);
445 if (new_iov) {
446 kfree(server->iov);
447 server->iov = new_iov;
448 server->nr_iov = nr_segs;
449 }
450 return new_iov;
451}
452
e28bc5b1
JL		 453int
454cifs_readv_from_socket(struct TCP_Server_Info *server, struct kvec *iov_orig,
455 unsigned int nr_segs, unsigned int to_read)
e7015fb1 456{
a52c1eb7
JL		 457 int length = 0;
458 int total_read;
42c4dfc2 459 unsigned int segs;
e831e6cf 460 struct msghdr smb_msg;
42c4dfc2
JL		 461 struct kvec *iov;
462
1041e3f9 463 iov = get_server_iovec(server, nr_segs);
42c4dfc2
JL		 464 if (!iov)
465 return -ENOMEM;
e7015fb1 466
e831e6cf
JL		 467 smb_msg.msg_control = NULL;
468 smb_msg.msg_controllen = 0;
469
a52c1eb7 470 for (total_read = 0; to_read; total_read += length, to_read -= length) {
95edcff4
JL		 471 try_to_freeze();
472
ba749e6d 473 if (server_unresponsive(server)) {
a52c1eb7 474 total_read = -EAGAIN;
ba749e6d
JL		 475 break;
476 }
477
42c4dfc2
JL		 478 segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
479
480 length = kernel_recvmsg(server->ssocket, &smb_msg,
481 iov, segs, to_read, 0);
e7015fb1 482
e7015fb1 483 if (server->tcpStatus == CifsExiting) {
a52c1eb7 484 total_read = -ESHUTDOWN;
e7015fb1
PS		 485 break;
486 } else if (server->tcpStatus == CifsNeedReconnect) {
487 cifs_reconnect(server);
a52c1eb7 488 total_read = -EAGAIN;
e7015fb1
PS		 489 break;
490 } else if (length == -ERESTARTSYS ||
491 length == -EAGAIN ||
492 length == -EINTR) {
493 /*
494 * Minimum sleep to prevent looping, allowing socket
495 * to clear and app threads to set tcpStatus
496 * CifsNeedReconnect if server hung.
497 */
498 usleep_range(1000, 2000);
499 length = 0;
a52c1eb7 500 continue;
e7015fb1 501 } else if (length <= 0) {
a52c1eb7
JL		 502 cFYI(1, "Received no data or error: expecting %d "
503 "got %d", to_read, length);
e7015fb1 504 cifs_reconnect(server);
a52c1eb7 505 total_read = -EAGAIN;
e7015fb1
PS		 506 break;
507 }
508 }
a52c1eb7 509 return total_read;
e7015fb1 510}
e7015fb1 511
e28bc5b1
JL		 512int
513cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
514 unsigned int to_read)
42c4dfc2
JL		 515{
516 struct kvec iov;
517
518 iov.iov_base = buf;
519 iov.iov_len = to_read;
520
e28bc5b1 521 return cifs_readv_from_socket(server, &iov, 1, to_read);
e7015fb1
PS		 522}
523
98bac62c 524static bool
fe11e4cc 525is_smb_response(struct TCP_Server_Info *server, unsigned char type)
98bac62c 526{
98bac62c
PS		 527 /*
528 * The first byte big endian of the length field,
529 * is actually not part of the length but the type
530 * with the most common, zero, as regular data.
531 */
fe11e4cc
JL		 532 switch (type) {
533 case RFC1002_SESSION_MESSAGE:
534 /* Regular SMB response */
535 return true;
536 case RFC1002_SESSION_KEEP_ALIVE:
537 cFYI(1, "RFC 1002 session keep alive");
538 break;
539 case RFC1002_POSITIVE_SESSION_RESPONSE:
540 cFYI(1, "RFC 1002 positive session response");
541 break;
542 case RFC1002_NEGATIVE_SESSION_RESPONSE:
98bac62c
PS		 543 /*
544 * We get this from Windows 98 instead of an error on
545 * SMB negprot response.
546 */
fe11e4cc 547 cFYI(1, "RFC 1002 negative session response");
98bac62c
PS		 548 /* give server a second to clean up */
549 msleep(1000);
550 /*
551 * Always try 445 first on reconnect since we get NACK
552 * on some if we ever connected to port 139 (the NACK
553 * is since we do not begin with RFC1001 session
554 * initialize frame).
555 */
fe11e4cc 556 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
98bac62c
PS		 557 cifs_reconnect(server);
558 wake_up(&server->response_q);
fe11e4cc
JL		 559 break;
560 default:
561 cERROR(1, "RFC 1002 unknown response type 0x%x", type);
98bac62c 562 cifs_reconnect(server);
98bac62c
PS		 563 }
564
fe11e4cc 565 return false;
98bac62c
PS		 566}
567
ad69bae1 568static struct mid_q_entry *
ea1f4502 569find_mid(struct TCP_Server_Info *server, struct smb_hdr *buf)
ad69bae1 570{
ea1f4502 571 struct mid_q_entry *mid;
ad69bae1
PS		 572
573 spin_lock(&GlobalMid_Lock);
ea1f4502
JL		 574 list_for_each_entry(mid, &server->pending_mid_q, qhead) {
575 if (mid->mid == buf->Mid &&
576 mid->midState == MID_REQUEST_SUBMITTED &&
577 mid->command == buf->Command) {
578 spin_unlock(&GlobalMid_Lock);
579 return mid;
ad69bae1 580 }
ea1f4502
JL		 581 }
582 spin_unlock(&GlobalMid_Lock);
583 return NULL;
584}
585
e28bc5b1
JL		 586void
587dequeue_mid(struct mid_q_entry *mid, bool malformed)
ea1f4502 588{
ad69bae1 589#ifdef CONFIG_CIFS_STATS2
ea1f4502 590 mid->when_received = jiffies;
ad69bae1 591#endif
ea1f4502
JL		 592 spin_lock(&GlobalMid_Lock);
593 if (!malformed)
594 mid->midState = MID_RESPONSE_RECEIVED;
595 else
596 mid->midState = MID_RESPONSE_MALFORMED;
597 list_del_init(&mid->qhead);
ad69bae1 598 spin_unlock(&GlobalMid_Lock);
ea1f4502 599}
ad69bae1 600
c8054ebd
JL		 601static void
602handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
603 struct smb_hdr *buf, int malformed)
ea1f4502 604{
ffc00e27
JL		 605 if (malformed == 0 && check2ndT2(buf) > 0) {
606 mid->multiRsp = true;
ea1f4502
JL		 607 if (mid->resp_buf) {
608 /* merge response - fix up 1st*/
ffc00e27
JL		 609 malformed = coalesce_t2(buf, mid->resp_buf);
610 if (malformed > 0)
c8054ebd 611 return;
ffc00e27 612
ea1f4502
JL		 613 /* All parts received or packet is malformed. */
614 mid->multiEnd = true;
c8054ebd 615 return dequeue_mid(mid, malformed);
ea1f4502 616 }
2a37ef94 617 if (!server->large_buf) {
ea1f4502
JL		 618 /*FIXME: switch to already allocated largebuf?*/
619 cERROR(1, "1st trans2 resp needs bigbuf");
620 } else {
621 /* Have first buffer */
622 mid->resp_buf = buf;
623 mid->largeBuf = true;
2a37ef94 624 server->bigbuf = NULL;
ea1f4502 625 }
c8054ebd 626 return;
ea1f4502
JL		 627 }
628 mid->resp_buf = buf;
2a37ef94
JL		 629 mid->largeBuf = server->large_buf;
630 /* Was previous buf put in mpx struct for multi-rsp? */
631 if (!mid->multiRsp) {
632 /* smb buffer will be freed by user thread */
633 if (server->large_buf)
634 server->bigbuf = NULL;
635 else
636 server->smallbuf = NULL;
637 }
ffc00e27 638 dequeue_mid(mid, malformed);
ad69bae1
PS		 639}
640
762dfd10
PS		 641static void clean_demultiplex_info(struct TCP_Server_Info *server)
642{
643 int length;
644
645 /* take it off the list, if it's not already */
646 spin_lock(&cifs_tcp_ses_lock);
647 list_del_init(&server->tcp_ses_list);
648 spin_unlock(&cifs_tcp_ses_lock);
649
650 spin_lock(&GlobalMid_Lock);
651 server->tcpStatus = CifsExiting;
652 spin_unlock(&GlobalMid_Lock);
653 wake_up_all(&server->response_q);
654
2d86dbc9 655 /* check if we have blocked requests that need to free */
fc40f9cf 656 spin_lock(&server->req_lock);
2d86dbc9
PS		 657 if (server->credits <= 0)
658 server->credits = 1;
fc40f9cf 659 spin_unlock(&server->req_lock);
762dfd10
PS		 660 /*
661 * Although there should not be any requests blocked on this queue it
662 * can not hurt to be paranoid and try to wake up requests that may
663 * haven been blocked when more than 50 at time were on the wire to the
664 * same server - they now will see the session is in exit state and get
665 * out of SendReceive.
666 */
667 wake_up_all(&server->request_q);
668 /* give those requests time to exit */
669 msleep(125);
670
671 if (server->ssocket) {
672 sock_release(server->ssocket);
673 server->ssocket = NULL;
674 }
675
676 if (!list_empty(&server->pending_mid_q)) {
677 struct list_head dispose_list;
678 struct mid_q_entry *mid_entry;
679 struct list_head *tmp, *tmp2;
680
681 INIT_LIST_HEAD(&dispose_list);
682 spin_lock(&GlobalMid_Lock);
683 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
684 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
685 cFYI(1, "Clearing mid 0x%x", mid_entry->mid);
686 mid_entry->midState = MID_SHUTDOWN;
687 list_move(&mid_entry->qhead, &dispose_list);
688 }
689 spin_unlock(&GlobalMid_Lock);
690
691 /* now walk dispose list and issue callbacks */
692 list_for_each_safe(tmp, tmp2, &dispose_list) {
693 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
694 cFYI(1, "Callback mid 0x%x", mid_entry->mid);
695 list_del_init(&mid_entry->qhead);
696 mid_entry->callback(mid_entry);
697 }
698 /* 1/8th of sec is more than enough time for them to exit */
699 msleep(125);
700 }
701
702 if (!list_empty(&server->pending_mid_q)) {
703 /*
704 * mpx threads have not exited yet give them at least the smb
705 * send timeout time for long ops.
706 *
707 * Due to delays on oplock break requests, we need to wait at
708 * least 45 seconds before giving up on a request getting a
709 * response and going ahead and killing cifsd.
710 */
711 cFYI(1, "Wait for exit from demultiplex thread");
712 msleep(46000);
713 /*
714 * If threads still have not exited they are probably never
715 * coming home not much else we can do but free the memory.
716 */
717 }
718
719 kfree(server->hostname);
1041e3f9 720 kfree(server->iov);
762dfd10
PS		 721 kfree(server);
722
723 length = atomic_dec_return(&tcpSesAllocCount);
724 if (length > 0)
725 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
726 GFP_KERNEL);
727}
728
e9097ab4
JL		 729static int
730standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
731{
732 int length;
733 char *buf = server->smallbuf;
734 struct smb_hdr *smb_buffer = (struct smb_hdr *)buf;
735 unsigned int pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
736
737 /* make sure this will fit in a large buffer */
738 if (pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
739 cERROR(1, "SMB response too long (%u bytes)",
740 pdu_length);
741 cifs_reconnect(server);
742 wake_up(&server->response_q);
743 return -EAGAIN;
744 }
745
746 /* switch to large buffer if too big for a small one */
747 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
748 server->large_buf = true;
749 memcpy(server->bigbuf, server->smallbuf, server->total_read);
750 buf = server->bigbuf;
751 smb_buffer = (struct smb_hdr *)buf;
752 }
753
754 /* now read the rest */
e28bc5b1 755 length = cifs_read_from_socket(server,
e9097ab4
JL		 756 buf + sizeof(struct smb_hdr) - 1,
757 pdu_length - sizeof(struct smb_hdr) + 1 + 4);
758 if (length < 0)
759 return length;
760 server->total_read += length;
761
762 dump_smb(smb_buffer, server->total_read);
763
764 /*
765 * We know that we received enough to get to the MID as we
766 * checked the pdu_length earlier. Now check to see
767 * if the rest of the header is OK. We borrow the length
768 * var for the rest of the loop to avoid a new stack var.
769 *
770 * 48 bytes is enough to display the header and a little bit
771 * into the payload for debugging purposes.
772 */
773 length = checkSMB(smb_buffer, smb_buffer->Mid, server->total_read);
774 if (length != 0)
775 cifs_dump_mem("Bad SMB: ", buf,
776 min_t(unsigned int, server->total_read, 48));
777
ff4fa4a2
JL		 778 if (!mid)
779 return length;
e9097ab4 780
ff4fa4a2
JL		 781 handle_mid(mid, server, smb_buffer, length);
782 return 0;
e9097ab4
JL		 783}
784
1da177e4 785static int
7c97c200 786cifs_demultiplex_thread(void *p)
1da177e4
LT		 787{
788 int length;
7c97c200 789 struct TCP_Server_Info *server = p;
2a37ef94
JL		 790 unsigned int pdu_length;
791 char *buf = NULL;
1da177e4 792 struct smb_hdr *smb_buffer = NULL;
1da177e4
LT		 793 struct task_struct *task_to_wake = NULL;
794 struct mid_q_entry *mid_entry;
1da177e4 795
1da177e4 796 current->flags |= PF_MEMALLOC;
b6b38f70 797 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
93d0ec85
JL		 798
799 length = atomic_inc_return(&tcpSesAllocCount);
800 if (length > 1)
26f57364
SF		 801 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
802 GFP_KERNEL);
1da177e4 803
83144186 804 set_freezable();
469ee614 805 while (server->tcpStatus != CifsExiting) {
ede1327e
SF		 806 if (try_to_freeze())
807 continue;
b8643e1b 808
2a37ef94 809 if (!allocate_buffers(server))
3d9c2472 810 continue;
b8643e1b 811
2a37ef94
JL		 812 server->large_buf = false;
813 smb_buffer = (struct smb_hdr *)server->smallbuf;
814 buf = server->smallbuf;
f01d5e14 815 pdu_length = 4; /* enough to get RFC1001 header */
fda35943 816
e28bc5b1 817 length = cifs_read_from_socket(server, buf, pdu_length);
a52c1eb7 818 if (length < 0)
1da177e4 819 continue;
2a37ef94 820 server->total_read = length;
1da177e4 821
98bac62c
PS		 822 /*
823 * The right amount was read from socket - 4 bytes,
824 * so we can now interpret the length field.
825 */
be8e3b00 826 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
70ca734a 827
fe11e4cc
JL		 828 cFYI(1, "RFC1002 header 0x%x", pdu_length);
829 if (!is_smb_response(server, buf[0]))
fb8c4b14 830 continue;
e4eb295d 831
89482a56
JL		 832 /* make sure we have enough to get to the MID */
833 if (pdu_length < sizeof(struct smb_hdr) - 1 - 4) {
834 cERROR(1, "SMB response too short (%u bytes)",
835 pdu_length);
836 cifs_reconnect(server);
837 wake_up(&server->response_q);
838 continue;
e4eb295d 839 }
e7015fb1 840
89482a56 841 /* read down to the MID */
e28bc5b1
JL		 842 length = cifs_read_from_socket(server, buf + 4,
843 sizeof(struct smb_hdr) - 1 - 4);
89482a56 844 if (length < 0)
e4eb295d 845 continue;
2a37ef94 846 server->total_read += length;
1da177e4 847
c8054ebd 848 mid_entry = find_mid(server, smb_buffer);
50c2f753 849
44d22d84
JL		 850 if (!mid_entry || !mid_entry->receive)
851 length = standard_receive3(server, mid_entry);
852 else
853 length = mid_entry->receive(server, mid_entry);
71823baf 854
e9097ab4 855 if (length < 0)
fe11e4cc 856 continue;
1da177e4 857
e9097ab4 858 if (server->large_buf) {
2a37ef94 859 buf = server->bigbuf;
e9097ab4 860 smb_buffer = (struct smb_hdr *)buf;
e4eb295d 861 }
fda35943 862
fda35943 863 server->lstrp = jiffies;
2b84a36c 864 if (mid_entry != NULL) {
2a37ef94
JL		 865 if (!mid_entry->multiRsp || mid_entry->multiEnd)
866 mid_entry->callback(mid_entry);
ffc00e27 867 } else if (!is_valid_oplock_break(smb_buffer, server)) {
b6b38f70 868 cERROR(1, "No task to wake, unknown frame received! "
8097531a 869 "NumMids %d", atomic_read(&midCount));
3d9c2472 870 cifs_dump_mem("Received Data is: ", buf,
70ca734a 871 sizeof(struct smb_hdr));
3979877e
SF		 872#ifdef CONFIG_CIFS_DEBUG2
873 cifs_dump_detail(smb_buffer);
874 cifs_dump_mids(server);
875#endif /* CIFS_DEBUG2 */
50c2f753 876
e4eb295d
SF		 877 }
878 } /* end while !EXITING */
879
fd62cb7e 880 /* buffer usually freed in free_mid - need to free it here on exit */
2a37ef94
JL		 881 cifs_buf_release(server->bigbuf);
882 if (server->smallbuf) /* no sense logging a debug message if NULL */
883 cifs_small_buf_release(server->smallbuf);
1da177e4 884
b1c8d2b4 885 task_to_wake = xchg(&server->tsk, NULL);
762dfd10 886 clean_demultiplex_info(server);
50c2f753 887
b1c8d2b4
JL		 888 /* if server->tsk was NULL then wait for a signal before exiting */
889 if (!task_to_wake) {
890 set_current_state(TASK_INTERRUPTIBLE);
891 while (!signal_pending(current)) {
892 schedule();
893 set_current_state(TASK_INTERRUPTIBLE);
894 }
895 set_current_state(TASK_RUNNING);
896 }
897
0468a2cf 898 module_put_and_exit(0);
1da177e4
LT		 899}
900
c359cf3c
JL		 901/* extract the host portion of the UNC string */
902static char *
903extract_hostname(const char *unc)
904{
905 const char *src;
906 char *dst, *delim;
907 unsigned int len;
908
909 /* skip double chars at beginning of string */
910 /* BB: check validity of these bytes? */
911 src = unc + 2;
912
913 /* delimiter between hostname and sharename is always '\\' now */
914 delim = strchr(src, '\\');
915 if (!delim)
916 return ERR_PTR(-EINVAL);
917
918 len = delim - src;
919 dst = kmalloc((len + 1), GFP_KERNEL);
920 if (dst == NULL)
921 return ERR_PTR(-ENOMEM);
922
923 memcpy(dst, src, len);
924 dst[len] = '\0';
925
926 return dst;
927}
928
1da177e4 929static int
b946845a 930cifs_parse_mount_options(const char *mountdata, const char *devname,
50c2f753 931 struct smb_vol *vol)
1da177e4 932{
4906e50b 933 char *value, *data, *end;
957df453 934 char *mountdata_copy = NULL, *options;
3d3ea8e6 935 int err;
1da177e4
LT		 936 unsigned int temp_len, i, j;
937 char separator[2];
9b9d6b24
JL		 938 short int override_uid = -1;
939 short int override_gid = -1;
940 bool uid_specified = false;
941 bool gid_specified = false;
88463999 942 char *nodename = utsname()->nodename;
1da177e4
LT		 943
944 separator[0] = ',';
50c2f753 945 separator[1] = 0;
1da177e4 946
88463999
JL		 947 /*
948 * does not have to be perfect mapping since field is
949 * informational, only used for servers that do not support
950 * port 445 and it can be overridden at mount time
951 */
1397f2ee
JL		 952 memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
953 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
88463999
JL		 954 vol->source_rfc1001_name[i] = toupper(nodename[i]);
955
1397f2ee 956 vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
a10faeb2
SF		 957 /* null target name indicates to use *SMBSERVR default called name
958 if we end up sending RFC1001 session initialize */
959 vol->target_rfc1001_name[0] = 0;
3e4b3e1f
JL		 960 vol->cred_uid = current_uid();
961 vol->linux_uid = current_uid();
a001e5b5 962 vol->linux_gid = current_gid();
f55ed1a8
JL		 963
964 /* default to only allowing write access to owner of the mount */
965 vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1da177e4
LT		 966
967 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
ac67055e
JA		 968 /* default is always to request posix paths. */
969 vol->posix_paths = 1;
a0c9217f
JL		 970 /* default to using server inode numbers where available */
971 vol->server_ino = 1;
ac67055e 972
6d20e840
SJ		 973 vol->actimeo = CIFS_DEF_ACTIMEO;
974
b946845a
SF		 975 if (!mountdata)
976 goto cifs_parse_mount_err;
977
978 mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
979 if (!mountdata_copy)
980 goto cifs_parse_mount_err;
1da177e4 981
b946845a 982 options = mountdata_copy;
4906e50b 983 end = options + strlen(options);
50c2f753 984 if (strncmp(options, "sep=", 4) == 0) {
fb8c4b14 985 if (options[4] != 0) {
1da177e4
LT		 986 separator[0] = options[4];
987 options += 5;
988 } else {
b6b38f70 989 cFYI(1, "Null separator not allowed");
1da177e4
LT		 990 }
991 }
3d3ea8e6
SP		 992 vol->backupuid_specified = false; /* no backup intent for a user */
993 vol->backupgid_specified = false; /* no backup intent for a group */
50c2f753 994
1da177e4
LT		 995 while ((data = strsep(&options, separator)) != NULL) {
996 if (!*data)
997 continue;
998 if ((value = strchr(data, '=')) != NULL)
999 *value++ = '\0';
1000
50c2f753
SF		 1001 /* Have to parse this before we parse for "user" */
1002 if (strnicmp(data, "user_xattr", 10) == 0) {
1da177e4 1003 vol->no_xattr = 0;
50c2f753 1004 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
1da177e4
LT		 1005 vol->no_xattr = 1;
1006 } else if (strnicmp(data, "user", 4) == 0) {
4b952a9b 1007 if (!value) {
1da177e4
LT		 1008 printk(KERN_WARNING
1009 "CIFS: invalid or missing username\n");
b946845a 1010 goto cifs_parse_mount_err;
fb8c4b14 1011 } else if (!*value) {
4b952a9b
SF		 1012 /* null user, ie anonymous, authentication */
1013 vol->nullauth = 1;
1da177e4 1014 }
8727c8a8
SF		 1015 if (strnlen(value, MAX_USERNAME_SIZE) <
1016 MAX_USERNAME_SIZE) {
b946845a
SF		 1017 vol->username = kstrdup(value, GFP_KERNEL);
1018 if (!vol->username) {
1019 printk(KERN_WARNING "CIFS: no memory "
1020 "for username\n");
1021 goto cifs_parse_mount_err;
1022 }
1da177e4
LT		 1023 } else {
1024 printk(KERN_WARNING "CIFS: username too long\n");
b946845a 1025 goto cifs_parse_mount_err;
1da177e4
LT		 1026 }
1027 } else if (strnicmp(data, "pass", 4) == 0) {
1028 if (!value) {
1029 vol->password = NULL;
1030 continue;
fb8c4b14 1031 } else if (value[0] == 0) {
1da177e4
LT		 1032 /* check if string begins with double comma
1033 since that would mean the password really
1034 does start with a comma, and would not
1035 indicate an empty string */
fb8c4b14 1036 if (value[1] != separator[0]) {
1da177e4
LT		 1037 vol->password = NULL;
1038 continue;
1039 }
1040 }
1041 temp_len = strlen(value);
1042 /* removed password length check, NTLM passwords
1043 can be arbitrarily long */
1044
50c2f753 1045 /* if comma in password, the string will be
1da177e4
LT		 1046 prematurely null terminated. Commas in password are
1047 specified across the cifs mount interface by a double
1048 comma ie ,, and a comma used as in other cases ie ','
1049 as a parameter delimiter/separator is single and due
1050 to the strsep above is temporarily zeroed. */
1051
1052 /* NB: password legally can have multiple commas and
1053 the only illegal character in a password is null */
1054
50c2f753 1055 if ((value[temp_len] == 0) &&
4906e50b 1056 (value + temp_len < end) &&
09d1db5c 1057 (value[temp_len+1] == separator[0])) {
1da177e4
LT		 1058 /* reinsert comma */
1059 value[temp_len] = separator[0];
50c2f753
SF		 1060 temp_len += 2; /* move after second comma */
1061 while (value[temp_len] != 0) {
1da177e4 1062 if (value[temp_len] == separator[0]) {
50c2f753 1063 if (value[temp_len+1] ==
09d1db5c
SF		 1064 separator[0]) {
1065 /* skip second comma */
1066 temp_len++;
50c2f753 1067 } else {
1da177e4
LT		 1068 /* single comma indicating start
1069 of next parm */
1070 break;
1071 }
1072 }
1073 temp_len++;
1074 }
fb8c4b14 1075 if (value[temp_len] == 0) {
1da177e4
LT		 1076 options = NULL;
1077 } else {
1078 value[temp_len] = 0;
1079 /* point option to start of next parm */
1080 options = value + temp_len + 1;
1081 }
50c2f753 1082 /* go from value to value + temp_len condensing
1da177e4
LT		 1083 double commas to singles. Note that this ends up
1084 allocating a few bytes too many, which is ok */
e915fc49 1085 vol->password = kzalloc(temp_len, GFP_KERNEL);
fb8c4b14 1086 if (vol->password == NULL) {
50c2f753
SF		 1087 printk(KERN_WARNING "CIFS: no memory "
1088 "for password\n");
b946845a 1089 goto cifs_parse_mount_err;
433dc24f 1090 }
50c2f753 1091 for (i = 0, j = 0; i < temp_len; i++, j++) {
1da177e4 1092 vol->password[j] = value[i];
fb8c4b14 1093 if (value[i] == separator[0]
09d1db5c 1094 && value[i+1] == separator[0]) {
1da177e4
LT		 1095 /* skip second comma */
1096 i++;
1097 }
1098 }
1099 vol->password[j] = 0;
1100 } else {
e915fc49 1101 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
fb8c4b14 1102 if (vol->password == NULL) {
50c2f753
SF		 1103 printk(KERN_WARNING "CIFS: no memory "
1104 "for password\n");
b946845a 1105 goto cifs_parse_mount_err;
433dc24f 1106 }
1da177e4
LT		 1107 strcpy(vol->password, value);
1108 }
58f7f68f
JL		 1109 } else if (!strnicmp(data, "ip", 2) ||
1110 !strnicmp(data, "addr", 4)) {
1da177e4
LT		 1111 if (!value || !*value) {
1112 vol->UNCip = NULL;
50b64e3b
JL		 1113 } else if (strnlen(value, INET6_ADDRSTRLEN) <
1114 INET6_ADDRSTRLEN) {
b946845a
SF		 1115 vol->UNCip = kstrdup(value, GFP_KERNEL);
1116 if (!vol->UNCip) {
1117 printk(KERN_WARNING "CIFS: no memory "
1118 "for UNC IP\n");
1119 goto cifs_parse_mount_err;
1120 }
1da177e4 1121 } else {
50c2f753
SF		 1122 printk(KERN_WARNING "CIFS: ip address "
1123 "too long\n");
b946845a 1124 goto cifs_parse_mount_err;
1da177e4 1125 }
50c2f753
SF		 1126 } else if (strnicmp(data, "sec", 3) == 0) {
1127 if (!value || !*value) {
b6b38f70 1128 cERROR(1, "no security value specified");
50c2f753
SF		 1129 continue;
1130 } else if (strnicmp(value, "krb5i", 5) == 0) {
1131 vol->secFlg |= CIFSSEC_MAY_KRB5 |
189acaae 1132 CIFSSEC_MUST_SIGN;
bf820679 1133 } else if (strnicmp(value, "krb5p", 5) == 0) {
50c2f753
SF		 1134 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
1135 CIFSSEC_MAY_KRB5; */
b6b38f70 1136 cERROR(1, "Krb5 cifs privacy not supported");
b946845a 1137 goto cifs_parse_mount_err;
bf820679 1138 } else if (strnicmp(value, "krb5", 4) == 0) {
750d1151 1139 vol->secFlg |= CIFSSEC_MAY_KRB5;
ac683924
SF		 1140 } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
1141 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
1142 CIFSSEC_MUST_SIGN;
1143 } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1144 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
bf820679 1145 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
750d1151 1146 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
189acaae 1147 CIFSSEC_MUST_SIGN;
bf820679 1148 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
750d1151 1149 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
bf820679 1150 } else if (strnicmp(value, "ntlmi", 5) == 0) {
750d1151 1151 vol->secFlg |= CIFSSEC_MAY_NTLM |
189acaae 1152 CIFSSEC_MUST_SIGN;
bf820679
SF		 1153 } else if (strnicmp(value, "ntlm", 4) == 0) {
1154 /* ntlm is default so can be turned off too */
750d1151 1155 vol->secFlg |= CIFSSEC_MAY_NTLM;
bf820679 1156 } else if (strnicmp(value, "nontlm", 6) == 0) {
189acaae 1157 /* BB is there a better way to do this? */
750d1151 1158 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
189acaae
SF		 1159#ifdef CONFIG_CIFS_WEAK_PW_HASH
1160 } else if (strnicmp(value, "lanman", 6) == 0) {
50c2f753 1161 vol->secFlg |= CIFSSEC_MAY_LANMAN;
189acaae 1162#endif
bf820679 1163 } else if (strnicmp(value, "none", 4) == 0) {
189acaae 1164 vol->nullauth = 1;
50c2f753 1165 } else {
b6b38f70 1166 cERROR(1, "bad security option: %s", value);
b946845a 1167 goto cifs_parse_mount_err;
50c2f753 1168 }
1cb06d0b
SF		 1169 } else if (strnicmp(data, "vers", 3) == 0) {
1170 if (!value || !*value) {
1171 cERROR(1, "no protocol version specified"
1172 " after vers= mount option");
1173 } else if ((strnicmp(value, "cifs", 4) == 0) ||
1174 (strnicmp(value, "1", 1) == 0)) {
1175 /* this is the default */
1176 continue;
1cb06d0b 1177 }
1da177e4
LT		 1178 } else if ((strnicmp(data, "unc", 3) == 0)
1179 || (strnicmp(data, "target", 6) == 0)
1180 || (strnicmp(data, "path", 4) == 0)) {
1181 if (!value || !*value) {
50c2f753
SF		 1182 printk(KERN_WARNING "CIFS: invalid path to "
1183 "network resource\n");
b946845a 1184 goto cifs_parse_mount_err;
1da177e4
LT		 1185 }
1186 if ((temp_len = strnlen(value, 300)) < 300) {
50c2f753 1187 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
4523cc30 1188 if (vol->UNC == NULL)
b946845a 1189 goto cifs_parse_mount_err;
50c2f753 1190 strcpy(vol->UNC, value);
1da177e4
LT		 1191 if (strncmp(vol->UNC, "//", 2) == 0) {
1192 vol->UNC[0] = '\\';
1193 vol->UNC[1] = '\\';
50c2f753 1194 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1da177e4 1195 printk(KERN_WARNING
50c2f753
SF		 1196 "CIFS: UNC Path does not begin "
1197 "with // or \\\\ \n");
b946845a 1198 goto cifs_parse_mount_err;
1da177e4
LT		 1199 }
1200 } else {
1201 printk(KERN_WARNING "CIFS: UNC name too long\n");
b946845a 1202 goto cifs_parse_mount_err;
1da177e4
LT		 1203 }
1204 } else if ((strnicmp(data, "domain", 3) == 0)
1205 || (strnicmp(data, "workgroup", 5) == 0)) {
1206 if (!value || !*value) {
1207 printk(KERN_WARNING "CIFS: invalid domain name\n");
b946845a 1208 goto cifs_parse_mount_err;
1da177e4
LT		 1209 }
1210 /* BB are there cases in which a comma can be valid in
1211 a domain name and need special handling? */
3979877e 1212 if (strnlen(value, 256) < 256) {
b946845a
SF		 1213 vol->domainname = kstrdup(value, GFP_KERNEL);
1214 if (!vol->domainname) {
1215 printk(KERN_WARNING "CIFS: no memory "
1216 "for domainname\n");
1217 goto cifs_parse_mount_err;
1218 }
b6b38f70 1219 cFYI(1, "Domain name set");
1da177e4 1220 } else {
50c2f753
SF		 1221 printk(KERN_WARNING "CIFS: domain name too "
1222 "long\n");
b946845a 1223 goto cifs_parse_mount_err;
1da177e4 1224 }
3eb9a889
BG		 1225 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1226 vol->srcaddr.ss_family = AF_UNSPEC;
1227
1228 if (!value || !*value) {
1229 printk(KERN_WARNING "CIFS: srcaddr value"
1230 " not specified.\n");
b946845a 1231 goto cifs_parse_mount_err;
3eb9a889
BG		 1232 }
1233 i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1234 value, strlen(value));
b235f371 1235 if (i == 0) {
3eb9a889
BG		 1236 printk(KERN_WARNING "CIFS: Could not parse"
1237 " srcaddr: %s\n",
1238 value);
b946845a 1239 goto cifs_parse_mount_err;
3eb9a889 1240 }
50c2f753
SF		 1241 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1242 if (!value || !*value) {
1243 printk(KERN_WARNING
1244 "CIFS: invalid path prefix\n");
b946845a 1245 goto cifs_parse_mount_err;
50c2f753
SF		 1246 }
1247 if ((temp_len = strnlen(value, 1024)) < 1024) {
4523cc30 1248 if (value[0] != '/')
2fe87f02 1249 temp_len++; /* missing leading slash */
50c2f753
SF		 1250 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1251 if (vol->prepath == NULL)
b946845a 1252 goto cifs_parse_mount_err;
4523cc30 1253 if (value[0] != '/') {
2fe87f02 1254 vol->prepath[0] = '/';
50c2f753 1255 strcpy(vol->prepath+1, value);
2fe87f02 1256 } else
50c2f753 1257 strcpy(vol->prepath, value);
b6b38f70 1258 cFYI(1, "prefix path %s", vol->prepath);
50c2f753
SF		 1259 } else {
1260 printk(KERN_WARNING "CIFS: prefix too long\n");
b946845a 1261 goto cifs_parse_mount_err;
50c2f753 1262 }
1da177e4
LT		 1263 } else if (strnicmp(data, "iocharset", 9) == 0) {
1264 if (!value || !*value) {
63135e08
SF		 1265 printk(KERN_WARNING "CIFS: invalid iocharset "
1266 "specified\n");
b946845a 1267 goto cifs_parse_mount_err;
1da177e4
LT		 1268 }
1269 if (strnlen(value, 65) < 65) {
b946845a
SF		 1270 if (strnicmp(value, "default", 7)) {
1271 vol->iocharset = kstrdup(value,
1272 GFP_KERNEL);
1273
1274 if (!vol->iocharset) {
1275 printk(KERN_WARNING "CIFS: no "
1276 "memory for"
1277 "charset\n");
1278 goto cifs_parse_mount_err;
1279 }
1280 }
50c2f753
SF		 1281 /* if iocharset not set then load_nls_default
1282 is used by caller */
b6b38f70 1283 cFYI(1, "iocharset set to %s", value);
1da177e4 1284 } else {
63135e08
SF		 1285 printk(KERN_WARNING "CIFS: iocharset name "
1286 "too long.\n");
b946845a 1287 goto cifs_parse_mount_err;
1da177e4 1288 }
9b9d6b24
JL		 1289 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1290 vol->linux_uid = simple_strtoul(value, &value, 0);
1291 uid_specified = true;
bd763319
JL		 1292 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1293 vol->cred_uid = simple_strtoul(value, &value, 0);
9b9d6b24
JL		 1294 } else if (!strnicmp(data, "forceuid", 8)) {
1295 override_uid = 1;
1296 } else if (!strnicmp(data, "noforceuid", 10)) {
1297 override_uid = 0;
1298 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1299 vol->linux_gid = simple_strtoul(value, &value, 0);
1300 gid_specified = true;
1301 } else if (!strnicmp(data, "forcegid", 8)) {
1302 override_gid = 1;
1303 } else if (!strnicmp(data, "noforcegid", 10)) {
1304 override_gid = 0;
1da177e4
LT		 1305 } else if (strnicmp(data, "file_mode", 4) == 0) {
1306 if (value && *value) {
1307 vol->file_mode =
1308 simple_strtoul(value, &value, 0);
1309 }
1310 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1311 if (value && *value) {
1312 vol->dir_mode =
1313 simple_strtoul(value, &value, 0);
1314 }
1315 } else if (strnicmp(data, "dirmode", 4) == 0) {
1316 if (value && *value) {
1317 vol->dir_mode =
1318 simple_strtoul(value, &value, 0);
1319 }
1320 } else if (strnicmp(data, "port", 4) == 0) {
1321 if (value && *value) {
1322 vol->port =
1323 simple_strtoul(value, &value, 0);
1324 }
1325 } else if (strnicmp(data, "rsize", 5) == 0) {
1326 if (value && *value) {
1327 vol->rsize =
1328 simple_strtoul(value, &value, 0);
1329 }
1330 } else if (strnicmp(data, "wsize", 5) == 0) {
1331 if (value && *value) {
1332 vol->wsize =
1333 simple_strtoul(value, &value, 0);
1334 }
1335 } else if (strnicmp(data, "sockopt", 5) == 0) {
6a5fa236 1336 if (!value || !*value) {
b6b38f70 1337 cERROR(1, "no socket option specified");
6a5fa236
SF		 1338 continue;
1339 } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1340 vol->sockopt_tcp_nodelay = 1;
1da177e4
LT		 1341 }
1342 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1343 if (!value || !*value || (*value == ' ')) {
b6b38f70 1344 cFYI(1, "invalid (empty) netbiosname");
1da177e4 1345 } else {
1397f2ee
JL		 1346 memset(vol->source_rfc1001_name, 0x20,
1347 RFC1001_NAME_LEN);
1348 /*
1349 * FIXME: are there cases in which a comma can
1350 * be valid in workstation netbios name (and
1351 * need special handling)?
1352 */
1353 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1354 /* don't ucase netbiosname for user */
50c2f753 1355 if (value[i] == 0)
1da177e4 1356 break;
1397f2ee 1357 vol->source_rfc1001_name[i] = value[i];
1da177e4
LT		 1358 }
1359 /* The string has 16th byte zero still from
1360 set at top of the function */
1397f2ee 1361 if (i == RFC1001_NAME_LEN && value[i] != 0)
50c2f753
SF		 1362 printk(KERN_WARNING "CIFS: netbiosname"
1363 " longer than 15 truncated.\n");
a10faeb2
SF		 1364 }
1365 } else if (strnicmp(data, "servern", 7) == 0) {
1366 /* servernetbiosname specified override *SMBSERVER */
1367 if (!value || !*value || (*value == ' ')) {
b6b38f70 1368 cFYI(1, "empty server netbiosname specified");
a10faeb2
SF		 1369 } else {
1370 /* last byte, type, is 0x20 for servr type */
1397f2ee
JL		 1371 memset(vol->target_rfc1001_name, 0x20,
1372 RFC1001_NAME_LEN_WITH_NULL);
a10faeb2 1373
50c2f753 1374 for (i = 0; i < 15; i++) {
a10faeb2 1375 /* BB are there cases in which a comma can be
50c2f753
SF		 1376 valid in this workstation netbios name
1377 (and need special handling)? */
a10faeb2 1378
50c2f753
SF		 1379 /* user or mount helper must uppercase
1380 the netbiosname */
1381 if (value[i] == 0)
a10faeb2
SF		 1382 break;
1383 else
50c2f753
SF		 1384 vol->target_rfc1001_name[i] =
1385 value[i];
a10faeb2
SF		 1386 }
1387 /* The string has 16th byte zero still from
1388 set at top of the function */
1397f2ee 1389 if (i == RFC1001_NAME_LEN && value[i] != 0)
50c2f753
SF		 1390 printk(KERN_WARNING "CIFS: server net"
1391 "biosname longer than 15 truncated.\n");
1da177e4 1392 }
6d20e840
SJ		 1393 } else if (strnicmp(data, "actimeo", 7) == 0) {
1394 if (value && *value) {
1395 vol->actimeo = HZ * simple_strtoul(value,
1396 &value, 0);
1397 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1398 cERROR(1, "CIFS: attribute cache"
1399 "timeout too large");
b946845a 1400 goto cifs_parse_mount_err;
6d20e840
SJ		 1401 }
1402 }
1da177e4
LT		 1403 } else if (strnicmp(data, "credentials", 4) == 0) {
1404 /* ignore */
1405 } else if (strnicmp(data, "version", 3) == 0) {
1406 /* ignore */
50c2f753 1407 } else if (strnicmp(data, "guest", 5) == 0) {
1da177e4 1408 /* ignore */
c9c7fa00 1409 } else if (strnicmp(data, "rw", 2) == 0 && strlen(data) == 2) {
71a394fa
SF		 1410 /* ignore */
1411 } else if (strnicmp(data, "ro", 2) == 0) {
1412 /* ignore */
edf1ae40
SF		 1413 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1414 vol->noblocksnd = 1;
1415 } else if (strnicmp(data, "noautotune", 10) == 0) {
1416 vol->noautotune = 1;
1da177e4
LT		 1417 } else if ((strnicmp(data, "suid", 4) == 0) ||
1418 (strnicmp(data, "nosuid", 6) == 0) ||
1419 (strnicmp(data, "exec", 4) == 0) ||
1420 (strnicmp(data, "noexec", 6) == 0) ||
1421 (strnicmp(data, "nodev", 5) == 0) ||
1422 (strnicmp(data, "noauto", 6) == 0) ||
1423 (strnicmp(data, "dev", 3) == 0)) {
1424 /* The mount tool or mount.cifs helper (if present)
50c2f753
SF		 1425 uses these opts to set flags, and the flags are read
1426 by the kernel vfs layer before we get here (ie
1427 before read super) so there is no point trying to
1428 parse these options again and set anything and it
1429 is ok to just ignore them */
1da177e4 1430 continue;
1da177e4
LT		 1431 } else if (strnicmp(data, "hard", 4) == 0) {
1432 vol->retry = 1;
1433 } else if (strnicmp(data, "soft", 4) == 0) {
1434 vol->retry = 0;
1435 } else if (strnicmp(data, "perm", 4) == 0) {
1436 vol->noperm = 0;
1437 } else if (strnicmp(data, "noperm", 6) == 0) {
1438 vol->noperm = 1;
6a0b4824
SF		 1439 } else if (strnicmp(data, "mapchars", 8) == 0) {
1440 vol->remap = 1;
1441 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1442 vol->remap = 0;
50c2f753
SF		 1443 } else if (strnicmp(data, "sfu", 3) == 0) {
1444 vol->sfu_emul = 1;
1445 } else if (strnicmp(data, "nosfu", 5) == 0) {
1446 vol->sfu_emul = 0;
2c1b8615
SF		 1447 } else if (strnicmp(data, "nodfs", 5) == 0) {
1448 vol->nodfs = 1;
ac67055e
JA		 1449 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1450 vol->posix_paths = 1;
1451 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1452 vol->posix_paths = 0;
c18c842b
SF		 1453 } else if (strnicmp(data, "nounix", 6) == 0) {
1454 vol->no_linux_ext = 1;
1455 } else if (strnicmp(data, "nolinux", 7) == 0) {
1456 vol->no_linux_ext = 1;
50c2f753 1457 } else if ((strnicmp(data, "nocase", 6) == 0) ||
a10faeb2 1458 (strnicmp(data, "ignorecase", 10) == 0)) {
50c2f753 1459 vol->nocase = 1;
f636a348
JL		 1460 } else if (strnicmp(data, "mand", 4) == 0) {
1461 /* ignore */
1462 } else if (strnicmp(data, "nomand", 6) == 0) {
1463 /* ignore */
1464 } else if (strnicmp(data, "_netdev", 7) == 0) {
1465 /* ignore */
c46fa8ac
SF		 1466 } else if (strnicmp(data, "brl", 3) == 0) {
1467 vol->nobrl = 0;
50c2f753 1468 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1c955187 1469 (strnicmp(data, "nolock", 6) == 0)) {
c46fa8ac 1470 vol->nobrl = 1;
d3485d37
SF		 1471 /* turn off mandatory locking in mode
1472 if remote locking is turned off since the
1473 local vfs will do advisory */
50c2f753
SF		 1474 if (vol->file_mode ==
1475 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
d3485d37 1476 vol->file_mode = S_IALLUGO;
13a6e42a
SF		 1477 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1478 /* will take the shorter form "forcemand" as well */
1479 /* This mount option will force use of mandatory
1480 (DOS/Windows style) byte range locks, instead of
1481 using posix advisory byte range locks, even if the
1482 Unix extensions are available and posix locks would
1483 be supported otherwise. If Unix extensions are not
1484 negotiated this has no effect since mandatory locks
1485 would be used (mandatory locks is all that those
1486 those servers support) */
1487 vol->mand_lock = 1;
1da177e4
LT		 1488 } else if (strnicmp(data, "setuids", 7) == 0) {
1489 vol->setuids = 1;
1490 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1491 vol->setuids = 0;
d0a9c078
JL		 1492 } else if (strnicmp(data, "dynperm", 7) == 0) {
1493 vol->dynperm = true;
1494 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1495 vol->dynperm = false;
1da177e4
LT		 1496 } else if (strnicmp(data, "nohard", 6) == 0) {
1497 vol->retry = 0;
1498 } else if (strnicmp(data, "nosoft", 6) == 0) {
1499 vol->retry = 1;
1500 } else if (strnicmp(data, "nointr", 6) == 0) {
1501 vol->intr = 0;
1502 } else if (strnicmp(data, "intr", 4) == 0) {
1503 vol->intr = 1;
be652445
SF		 1504 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1505 vol->nostrictsync = 1;
1506 } else if (strnicmp(data, "strictsync", 10) == 0) {
1507 vol->nostrictsync = 0;
50c2f753 1508 } else if (strnicmp(data, "serverino", 7) == 0) {
1da177e4 1509 vol->server_ino = 1;
50c2f753 1510 } else if (strnicmp(data, "noserverino", 9) == 0) {
1da177e4 1511 vol->server_ino = 0;
c9c7fa00 1512 } else if (strnicmp(data, "rwpidforward", 12) == 0) {
d4ffff1f 1513 vol->rwpidforward = 1;
50c2f753 1514 } else if (strnicmp(data, "cifsacl", 7) == 0) {
0a4b92c0
SF		 1515 vol->cifs_acl = 1;
1516 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1517 vol->cifs_acl = 0;
50c2f753 1518 } else if (strnicmp(data, "acl", 3) == 0) {
1da177e4 1519 vol->no_psx_acl = 0;
50c2f753 1520 } else if (strnicmp(data, "noacl", 5) == 0) {
1da177e4 1521 vol->no_psx_acl = 1;
84210e91
SF		 1522 } else if (strnicmp(data, "locallease", 6) == 0) {
1523 vol->local_lease = 1;
50c2f753 1524 } else if (strnicmp(data, "sign", 4) == 0) {
750d1151 1525 vol->secFlg |= CIFSSEC_MUST_SIGN;
95b1cb90
SF		 1526 } else if (strnicmp(data, "seal", 4) == 0) {
1527 /* we do not do the following in secFlags because seal
1528 is a per tree connection (mount) not a per socket
1529 or per-smb connection option in the protocol */
1530 /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1531 vol->seal = 1;
50c2f753 1532 } else if (strnicmp(data, "direct", 6) == 0) {
1da177e4 1533 vol->direct_io = 1;
50c2f753 1534 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1da177e4 1535 vol->direct_io = 1;
d39454ff
PS		 1536 } else if (strnicmp(data, "strictcache", 11) == 0) {
1537 vol->strict_io = 1;
1da177e4 1538 } else if (strnicmp(data, "noac", 4) == 0) {
50c2f753
SF		 1539 printk(KERN_WARNING "CIFS: Mount option noac not "
1540 "supported. Instead set "
1541 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
fa1df75d 1542 } else if (strnicmp(data, "fsc", 3) == 0) {
607a569d 1543#ifndef CONFIG_CIFS_FSCACHE
83fb086e 1544 cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
607a569d 1545 "kernel config option set");
b946845a 1546 goto cifs_parse_mount_err;
607a569d 1547#endif
fa1df75d 1548 vol->fsc = true;
736a3320
SM		 1549 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1550 vol->mfsymlinks = true;
0eb8a132
JL		 1551 } else if (strnicmp(data, "multiuser", 8) == 0) {
1552 vol->multiuser = true;
3d3ea8e6
SP		 1553 } else if (!strnicmp(data, "backupuid", 9) && value && *value) {
1554 err = kstrtouint(value, 0, &vol->backupuid);
1555 if (err < 0) {
1556 cERROR(1, "%s: Invalid backupuid value",
1557 __func__);
1558 goto cifs_parse_mount_err;
1559 }
1560 vol->backupuid_specified = true;
1561 } else if (!strnicmp(data, "backupgid", 9) && value && *value) {
1562 err = kstrtouint(value, 0, &vol->backupgid);
1563 if (err < 0) {
1564 cERROR(1, "%s: Invalid backupgid value",
1565 __func__);
1566 goto cifs_parse_mount_err;
1567 }
1568 vol->backupgid_specified = true;
1da177e4 1569 } else
50c2f753
SF		 1570 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1571 data);
1da177e4
LT		 1572 }
1573 if (vol->UNC == NULL) {
4523cc30 1574 if (devname == NULL) {
50c2f753
SF		 1575 printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1576 "target\n");
b946845a 1577 goto cifs_parse_mount_err;
1da177e4
LT		 1578 }
1579 if ((temp_len = strnlen(devname, 300)) < 300) {
50c2f753 1580 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
4523cc30 1581 if (vol->UNC == NULL)
b946845a 1582 goto cifs_parse_mount_err;
50c2f753 1583 strcpy(vol->UNC, devname);
1da177e4
LT		 1584 if (strncmp(vol->UNC, "//", 2) == 0) {
1585 vol->UNC[0] = '\\';
1586 vol->UNC[1] = '\\';
1587 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
50c2f753
SF		 1588 printk(KERN_WARNING "CIFS: UNC Path does not "
1589 "begin with // or \\\\ \n");
b946845a 1590 goto cifs_parse_mount_err;
1da177e4 1591 }
7c5e628f
IM		 1592 value = strpbrk(vol->UNC+2, "/\\");
1593 if (value)
1594 *value = '\\';
1da177e4
LT		 1595 } else {
1596 printk(KERN_WARNING "CIFS: UNC name too long\n");
b946845a 1597 goto cifs_parse_mount_err;
1da177e4
LT		 1598 }
1599 }
0eb8a132 1600
8a8798a5
JL		 1601#ifndef CONFIG_KEYS
1602 /* Muliuser mounts require CONFIG_KEYS support */
1603 if (vol->multiuser) {
1604 cERROR(1, "Multiuser mounts require kernels with "
1605 "CONFIG_KEYS enabled.");
b946845a 1606 goto cifs_parse_mount_err;
0eb8a132 1607 }
8a8798a5 1608#endif
0eb8a132 1609
fb8c4b14 1610 if (vol->UNCip == NULL)
1da177e4
LT		 1611 vol->UNCip = &vol->UNC[2];
1612
9b9d6b24
JL		 1613 if (uid_specified)
1614 vol->override_uid = override_uid;
1615 else if (override_uid == 1)
1616 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1617 "specified with no uid= option.\n");
1618
1619 if (gid_specified)
1620 vol->override_gid = override_gid;
1621 else if (override_gid == 1)
1622 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1623 "specified with no gid= option.\n");
1624
b946845a 1625 kfree(mountdata_copy);
1da177e4 1626 return 0;
b946845a
SF		 1627
1628cifs_parse_mount_err:
1629 kfree(mountdata_copy);
1630 return 1;
1da177e4
LT		 1631}
1632
3eb9a889
BG		 1633/** Returns true if srcaddr isn't specified and rhs isn't
1634 * specified, or if srcaddr is specified and
1635 * matches the IP address of the rhs argument.
1636 */
1637static bool
1638srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1639{
1640 switch (srcaddr->sa_family) {
1641 case AF_UNSPEC:
1642 return (rhs->sa_family == AF_UNSPEC);
1643 case AF_INET: {
1644 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1645 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1646 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1647 }
1648 case AF_INET6: {
1649 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1650 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1651 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1652 }
1653 default:
1654 WARN_ON(1);
1655 return false; /* don't expect to be here */
1656 }
1657}
1658
4b886136
PS		 1659/*
1660 * If no port is specified in addr structure, we try to match with 445 port
1661 * and if it fails - with 139 ports. It should be called only if address
1662 * families of server and addr are equal.
1663 */
1664static bool
1665match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1666{
6da97910 1667 __be16 port, *sport;
4b886136
PS		 1668
1669 switch (addr->sa_family) {
1670 case AF_INET:
1671 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1672 port = ((struct sockaddr_in *) addr)->sin_port;
1673 break;
1674 case AF_INET6:
1675 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1676 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1677 break;
1678 default:
1679 WARN_ON(1);
1680 return false;
1681 }
1682
1683 if (!port) {
1684 port = htons(CIFS_PORT);
1685 if (port == *sport)
1686 return true;
1687
1688 port = htons(RFC1001_PORT);
1689 }
1690
1691 return port == *sport;
1692}
3eb9a889 1693
4515148e 1694static bool
3eb9a889
BG		 1695match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1696 struct sockaddr *srcaddr)
4515148e 1697{
4515148e 1698 switch (addr->sa_family) {
a9f1b85e
PS		 1699 case AF_INET: {
1700 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1701 struct sockaddr_in *srv_addr4 =
1702 (struct sockaddr_in *)&server->dstaddr;
1703
1704 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
4515148e 1705 return false;
4515148e 1706 break;
a9f1b85e
PS		 1707 }
1708 case AF_INET6: {
1709 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1710 struct sockaddr_in6 *srv_addr6 =
1711 (struct sockaddr_in6 *)&server->dstaddr;
1712
4515148e 1713 if (!ipv6_addr_equal(&addr6->sin6_addr,
a9f1b85e 1714 &srv_addr6->sin6_addr))
4515148e 1715 return false;
a9f1b85e 1716 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
4515148e 1717 return false;
4515148e
JL		 1718 break;
1719 }
a9f1b85e
PS		 1720 default:
1721 WARN_ON(1);
1722 return false; /* don't expect to be here */
1723 }
4515148e 1724
3eb9a889
BG		 1725 if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1726 return false;
1727
4515148e
JL		 1728 return true;
1729}
1730
daf5b0b6
JL		 1731static bool
1732match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1733{
1734 unsigned int secFlags;
1735
1736 if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1737 secFlags = vol->secFlg;
1738 else
1739 secFlags = global_secflags | vol->secFlg;
1740
1741 switch (server->secType) {
1742 case LANMAN:
1743 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1744 return false;
1745 break;
1746 case NTLMv2:
1747 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1748 return false;
1749 break;
1750 case NTLM:
1751 if (!(secFlags & CIFSSEC_MAY_NTLM))
1752 return false;
1753 break;
1754 case Kerberos:
1755 if (!(secFlags & CIFSSEC_MAY_KRB5))
1756 return false;
1757 break;
1758 case RawNTLMSSP:
1759 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1760 return false;
1761 break;
1762 default:
1763 /* shouldn't happen */
1764 return false;
1765 }
1766
25985edc 1767 /* now check if signing mode is acceptable */
daf5b0b6 1768 if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
96daf2b0 1769 (server->sec_mode & SECMODE_SIGN_REQUIRED))
daf5b0b6
JL		 1770 return false;
1771 else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
96daf2b0 1772 (server->sec_mode &
daf5b0b6
JL		 1773 (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1774 return false;
1775
1776 return true;
1777}
1778
37bb04e5
PS		 1779static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
1780 struct smb_vol *vol)
1781{
1782 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1783 return 0;
1784
1785 if (!match_address(server, addr,
1786 (struct sockaddr *)&vol->srcaddr))
1787 return 0;
1788
1789 if (!match_port(server, addr))
1790 return 0;
1791
1792 if (!match_security(server, vol))
1793 return 0;
1794
1795 return 1;
1796}
1797
e7ddee90 1798static struct TCP_Server_Info *
daf5b0b6 1799cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1da177e4 1800{
e7ddee90 1801 struct TCP_Server_Info *server;
e7ddee90 1802
3f9bcca7 1803 spin_lock(&cifs_tcp_ses_lock);
4515148e 1804 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
37bb04e5 1805 if (!match_server(server, addr, vol))
daf5b0b6
JL		 1806 continue;
1807
e7ddee90 1808 ++server->srv_count;
3f9bcca7 1809 spin_unlock(&cifs_tcp_ses_lock);
b6b38f70 1810 cFYI(1, "Existing tcp session with server found");
e7ddee90 1811 return server;
1da177e4 1812 }
3f9bcca7 1813 spin_unlock(&cifs_tcp_ses_lock);
1da177e4
LT		 1814 return NULL;
1815}
1b20d672 1816
14fbf50d 1817static void
e7ddee90 1818cifs_put_tcp_session(struct TCP_Server_Info *server)
1da177e4 1819{
e7ddee90 1820 struct task_struct *task;
1b20d672 1821
3f9bcca7 1822 spin_lock(&cifs_tcp_ses_lock);
e7ddee90 1823 if (--server->srv_count > 0) {
3f9bcca7 1824 spin_unlock(&cifs_tcp_ses_lock);
e7ddee90 1825 return;
1da177e4 1826 }
1b20d672 1827
f1d0c998
RL		 1828 put_net(cifs_net_ns(server));
1829
e7ddee90 1830 list_del_init(&server->tcp_ses_list);
3f9bcca7 1831 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 1832
c74093b6
JL		 1833 cancel_delayed_work_sync(&server->echo);
1834
e7ddee90
JL		 1835 spin_lock(&GlobalMid_Lock);
1836 server->tcpStatus = CifsExiting;
1837 spin_unlock(&GlobalMid_Lock);
dea570e0 1838
d2b91521 1839 cifs_crypto_shash_release(server);
488f1d2d
SJ		 1840 cifs_fscache_release_client_cookie(server);
1841
21e73393
SP		 1842 kfree(server->session_key.response);
1843 server->session_key.response = NULL;
1844 server->session_key.len = 0;
1845
e7ddee90
JL		 1846 task = xchg(&server->tsk, NULL);
1847 if (task)
1848 force_sig(SIGKILL, task);
1da177e4
LT		 1849}
1850
63c038c2
JL		 1851static struct TCP_Server_Info *
1852cifs_get_tcp_session(struct smb_vol *volume_info)
1853{
1854 struct TCP_Server_Info *tcp_ses = NULL;
a9ac49d3 1855 struct sockaddr_storage addr;
63c038c2
JL		 1856 struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1857 struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1858 int rc;
1859
a9ac49d3 1860 memset(&addr, 0, sizeof(struct sockaddr_storage));
63c038c2 1861
b6b38f70 1862 cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
63c038c2 1863
1e68b2b2 1864 if (volume_info->UNCip && volume_info->UNC) {
50d97160
JL		 1865 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1866 volume_info->UNCip,
67b7626a 1867 strlen(volume_info->UNCip),
50d97160 1868 volume_info->port);
1e68b2b2 1869 if (!rc) {
63c038c2
JL		 1870 /* we failed translating address */
1871 rc = -EINVAL;
1872 goto out_err;
1873 }
63c038c2
JL		 1874 } else if (volume_info->UNCip) {
1875 /* BB using ip addr as tcp_ses name to connect to the
1876 DFS root below */
b6b38f70 1877 cERROR(1, "Connecting to DFS root not implemented yet");
63c038c2
JL		 1878 rc = -EINVAL;
1879 goto out_err;
1880 } else /* which tcp_sess DFS root would we conect to */ {
b6b38f70
JP		 1881 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1882 "unc=//192.168.1.100/public) specified");
63c038c2
JL		 1883 rc = -EINVAL;
1884 goto out_err;
1885 }
1886
1887 /* see if we already have a matching tcp_ses */
daf5b0b6 1888 tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
63c038c2
JL		 1889 if (tcp_ses)
1890 return tcp_ses;
1891
1892 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1893 if (!tcp_ses) {
1894 rc = -ENOMEM;
1895 goto out_err;
1896 }
1897
d2b91521
SP		 1898 rc = cifs_crypto_shash_allocate(tcp_ses);
1899 if (rc) {
1900 cERROR(1, "could not setup hash structures rc %d", rc);
1901 goto out_err;
1902 }
1903
f1d0c998 1904 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
63c038c2
JL		 1905 tcp_ses->hostname = extract_hostname(volume_info->UNC);
1906 if (IS_ERR(tcp_ses->hostname)) {
1907 rc = PTR_ERR(tcp_ses->hostname);
f7c5445a 1908 goto out_err_crypto_release;
63c038c2
JL		 1909 }
1910
1911 tcp_ses->noblocksnd = volume_info->noblocksnd;
1912 tcp_ses->noautotune = volume_info->noautotune;
6a5fa236 1913 tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
fc40f9cf 1914 tcp_ses->in_flight = 0;
2d86dbc9 1915 tcp_ses->credits = 1;
63c038c2
JL		 1916 init_waitqueue_head(&tcp_ses->response_q);
1917 init_waitqueue_head(&tcp_ses->request_q);
1918 INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1919 mutex_init(&tcp_ses->srv_mutex);
1920 memcpy(tcp_ses->workstation_RFC1001_name,
1921 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1922 memcpy(tcp_ses->server_RFC1001_name,
1923 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
5d0d2882 1924 tcp_ses->session_estab = false;
63c038c2 1925 tcp_ses->sequence_number = 0;
fda35943 1926 tcp_ses->lstrp = jiffies;
63c038c2
JL		 1927 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1928 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
c74093b6 1929 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
63c038c2
JL		 1930
1931 /*
1932 * at this point we are the only ones with the pointer
1933 * to the struct since the kernel thread not created yet
1934 * no need to spinlock this init of tcpStatus or srv_count
1935 */
1936 tcp_ses->tcpStatus = CifsNew;
3eb9a889
BG		 1937 memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1938 sizeof(tcp_ses->srcaddr));
63c038c2
JL		 1939 ++tcp_ses->srv_count;
1940
a9ac49d3 1941 if (addr.ss_family == AF_INET6) {
b6b38f70 1942 cFYI(1, "attempting ipv6 connect");
63c038c2
JL		 1943 /* BB should we allow ipv6 on port 139? */
1944 /* other OS never observed in Wild doing 139 with v6 */
a9f1b85e
PS		 1945 memcpy(&tcp_ses->dstaddr, sin_server6,
1946 sizeof(struct sockaddr_in6));
1947 } else
1948 memcpy(&tcp_ses->dstaddr, sin_server,
1949 sizeof(struct sockaddr_in));
1950
1951 rc = ip_connect(tcp_ses);
63c038c2 1952 if (rc < 0) {
b6b38f70 1953 cERROR(1, "Error connecting to socket. Aborting operation");
f7c5445a 1954 goto out_err_crypto_release;
63c038c2
JL		 1955 }
1956
1957 /*
1958 * since we're in a cifs function already, we know that
1959 * this will succeed. No need for try_module_get().
1960 */
1961 __module_get(THIS_MODULE);
7c97c200 1962 tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
63c038c2
JL		 1963 tcp_ses, "cifsd");
1964 if (IS_ERR(tcp_ses->tsk)) {
1965 rc = PTR_ERR(tcp_ses->tsk);
b6b38f70 1966 cERROR(1, "error %d create cifsd thread", rc);
63c038c2 1967 module_put(THIS_MODULE);
f7c5445a 1968 goto out_err_crypto_release;
63c038c2 1969 }
fd88ce93 1970 tcp_ses->tcpStatus = CifsNeedNegotiate;
63c038c2
JL		 1971
1972 /* thread spawned, put it on the list */
3f9bcca7 1973 spin_lock(&cifs_tcp_ses_lock);
63c038c2 1974 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
3f9bcca7 1975 spin_unlock(&cifs_tcp_ses_lock);
63c038c2 1976
488f1d2d
SJ		 1977 cifs_fscache_get_client_cookie(tcp_ses);
1978
c74093b6
JL		 1979 /* queue echo request delayed work */
1980 queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1981
63c038c2
JL		 1982 return tcp_ses;
1983
f7c5445a 1984out_err_crypto_release:
d2b91521
SP		 1985 cifs_crypto_shash_release(tcp_ses);
1986
f1d0c998
RL		 1987 put_net(cifs_net_ns(tcp_ses));
1988
63c038c2
JL		 1989out_err:
1990 if (tcp_ses) {
8347a5cd
SF		 1991 if (!IS_ERR(tcp_ses->hostname))
1992 kfree(tcp_ses->hostname);
63c038c2
JL		 1993 if (tcp_ses->ssocket)
1994 sock_release(tcp_ses->ssocket);
1995 kfree(tcp_ses);
1996 }
1997 return ERR_PTR(rc);
1998}
1999
96daf2b0 2000static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
37bb04e5
PS		 2001{
2002 switch (ses->server->secType) {
2003 case Kerberos:
2004 if (vol->cred_uid != ses->cred_uid)
2005 return 0;
2006 break;
2007 default:
04febabc
JL		 2008 /* NULL username means anonymous session */
2009 if (ses->user_name == NULL) {
2010 if (!vol->nullauth)
2011 return 0;
2012 break;
2013 }
2014
37bb04e5 2015 /* anything else takes username/password */
04febabc
JL		 2016 if (strncmp(ses->user_name,
2017 vol->username ? vol->username : "",
37bb04e5
PS		 2018 MAX_USERNAME_SIZE))
2019 return 0;
2020 if (strlen(vol->username) != 0 &&
2021 ses->password != NULL &&
2022 strncmp(ses->password,
2023 vol->password ? vol->password : "",
2024 MAX_PASSWORD_SIZE))
2025 return 0;
2026 }
2027 return 1;
2028}
2029
96daf2b0 2030static struct cifs_ses *
4ff67b72 2031cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
1da177e4 2032{
96daf2b0 2033 struct cifs_ses *ses;
dea570e0 2034
3f9bcca7 2035 spin_lock(&cifs_tcp_ses_lock);
4ff67b72 2036 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
37bb04e5
PS		 2037 if (!match_session(ses, vol))
2038 continue;
14fbf50d 2039 ++ses->ses_count;
3f9bcca7 2040 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2041 return ses;
2042 }
3f9bcca7 2043 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2044 return NULL;
2045}
dea570e0 2046
14fbf50d 2047static void
96daf2b0 2048cifs_put_smb_ses(struct cifs_ses *ses)
14fbf50d
JL		 2049{
2050 int xid;
2051 struct TCP_Server_Info *server = ses->server;
dea570e0 2052
36988c76 2053 cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
3f9bcca7 2054 spin_lock(&cifs_tcp_ses_lock);
14fbf50d 2055 if (--ses->ses_count > 0) {
3f9bcca7 2056 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2057 return;
2058 }
dea570e0 2059
14fbf50d 2060 list_del_init(&ses->smb_ses_list);
3f9bcca7 2061 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 2062
14fbf50d
JL		 2063 if (ses->status == CifsGood) {
2064 xid = GetXid();
2065 CIFSSMBLogoff(xid, ses);
2066 _FreeXid(xid);
2067 }
2068 sesInfoFree(ses);
2069 cifs_put_tcp_session(server);
2070}
dea570e0 2071
8a8798a5
JL		 2072#ifdef CONFIG_KEYS
2073
2074/* strlen("cifs:a:") + INET6_ADDRSTRLEN + 1 */
2075#define CIFSCREDS_DESC_SIZE (7 + INET6_ADDRSTRLEN + 1)
2076
2077/* Populate username and pw fields from keyring if possible */
2078static int
2079cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
2080{
2081 int rc = 0;
2082 char *desc, *delim, *payload;
2083 ssize_t len;
2084 struct key *key;
2085 struct TCP_Server_Info *server = ses->server;
2086 struct sockaddr_in *sa;
2087 struct sockaddr_in6 *sa6;
2088 struct user_key_payload *upayload;
2089
2090 desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
2091 if (!desc)
2092 return -ENOMEM;
2093
2094 /* try to find an address key first */
2095 switch (server->dstaddr.ss_family) {
2096 case AF_INET:
2097 sa = (struct sockaddr_in *)&server->dstaddr;
2098 sprintf(desc, "cifs:a:%pI4", &sa->sin_addr.s_addr);
2099 break;
2100 case AF_INET6:
2101 sa6 = (struct sockaddr_in6 *)&server->dstaddr;
2102 sprintf(desc, "cifs:a:%pI6c", &sa6->sin6_addr.s6_addr);
2103 break;
2104 default:
2105 cFYI(1, "Bad ss_family (%hu)", server->dstaddr.ss_family);
2106 rc = -EINVAL;
2107 goto out_err;
2108 }
2109
2110 cFYI(1, "%s: desc=%s", __func__, desc);
2111 key = request_key(&key_type_logon, desc, "");
2112 if (IS_ERR(key)) {
2113 if (!ses->domainName) {
2114 cFYI(1, "domainName is NULL");
2115 rc = PTR_ERR(key);
2116 goto out_err;
2117 }
2118
2119 /* didn't work, try to find a domain key */
2120 sprintf(desc, "cifs:d:%s", ses->domainName);
2121 cFYI(1, "%s: desc=%s", __func__, desc);
2122 key = request_key(&key_type_logon, desc, "");
2123 if (IS_ERR(key)) {
2124 rc = PTR_ERR(key);
2125 goto out_err;
2126 }
2127 }
2128
2129 down_read(&key->sem);
2130 upayload = key->payload.data;
2131 if (IS_ERR_OR_NULL(upayload)) {
4edc53c1 2132 rc = upayload ? PTR_ERR(upayload) : -EINVAL;
8a8798a5
JL		 2133 goto out_key_put;
2134 }
2135
2136 /* find first : in payload */
2137 payload = (char *)upayload->data;
2138 delim = strnchr(payload, upayload->datalen, ':');
2139 cFYI(1, "payload=%s", payload);
2140 if (!delim) {
2141 cFYI(1, "Unable to find ':' in payload (datalen=%d)",
2142 upayload->datalen);
2143 rc = -EINVAL;
2144 goto out_key_put;
2145 }
2146
2147 len = delim - payload;
2148 if (len > MAX_USERNAME_SIZE || len <= 0) {
000f9bb8 2149 cFYI(1, "Bad value from username search (len=%zd)", len);
8a8798a5
JL		 2150 rc = -EINVAL;
2151 goto out_key_put;
2152 }
2153
2154 vol->username = kstrndup(payload, len, GFP_KERNEL);
2155 if (!vol->username) {
000f9bb8 2156 cFYI(1, "Unable to allocate %zd bytes for username", len);
8a8798a5
JL		 2157 rc = -ENOMEM;
2158 goto out_key_put;
2159 }
2160 cFYI(1, "%s: username=%s", __func__, vol->username);
2161
2162 len = key->datalen - (len + 1);
2163 if (len > MAX_PASSWORD_SIZE || len <= 0) {
000f9bb8 2164 cFYI(1, "Bad len for password search (len=%zd)", len);
8a8798a5
JL		 2165 rc = -EINVAL;
2166 kfree(vol->username);
2167 vol->username = NULL;
2168 goto out_key_put;
2169 }
2170
2171 ++delim;
2172 vol->password = kstrndup(delim, len, GFP_KERNEL);
2173 if (!vol->password) {
000f9bb8 2174 cFYI(1, "Unable to allocate %zd bytes for password", len);
8a8798a5
JL		 2175 rc = -ENOMEM;
2176 kfree(vol->username);
2177 vol->username = NULL;
2178 goto out_key_put;
2179 }
2180
2181out_key_put:
2182 up_read(&key->sem);
2183 key_put(key);
2184out_err:
2185 kfree(desc);
2186 cFYI(1, "%s: returning %d", __func__, rc);
2187 return rc;
2188}
2189#else /* ! CONFIG_KEYS */
2190static inline int
2191cifs_set_cifscreds(struct smb_vol *vol __attribute__((unused)),
2192 struct cifs_ses *ses __attribute__((unused)))
2193{
2194 return -ENOSYS;
2195}
2196#endif /* CONFIG_KEYS */
2197
d9b94201
SF		 2198static bool warned_on_ntlm; /* globals init to false automatically */
2199
96daf2b0 2200static struct cifs_ses *
36988c76
JL		 2201cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2202{
2203 int rc = -ENOMEM, xid;
96daf2b0 2204 struct cifs_ses *ses;
a9f1b85e
PS		 2205 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2206 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
36988c76
JL		 2207
2208 xid = GetXid();
2209
4ff67b72 2210 ses = cifs_find_smb_ses(server, volume_info);
36988c76
JL		 2211 if (ses) {
2212 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
2213
36988c76 2214 mutex_lock(&ses->session_mutex);
198b5682
JL		 2215 rc = cifs_negotiate_protocol(xid, ses);
2216 if (rc) {
2217 mutex_unlock(&ses->session_mutex);
2218 /* problem -- put our ses reference */
2219 cifs_put_smb_ses(ses);
2220 FreeXid(xid);
2221 return ERR_PTR(rc);
2222 }
36988c76
JL		 2223 if (ses->need_reconnect) {
2224 cFYI(1, "Session needs reconnect");
2225 rc = cifs_setup_session(xid, ses,
2226 volume_info->local_nls);
2227 if (rc) {
2228 mutex_unlock(&ses->session_mutex);
2229 /* problem -- put our reference */
2230 cifs_put_smb_ses(ses);
2231 FreeXid(xid);
2232 return ERR_PTR(rc);
2233 }
2234 }
2235 mutex_unlock(&ses->session_mutex);
460cf341
JL		 2236
2237 /* existing SMB ses has a server reference already */
2238 cifs_put_tcp_session(server);
36988c76
JL		 2239 FreeXid(xid);
2240 return ses;
2241 }
2242
2243 cFYI(1, "Existing smb sess not found");
2244 ses = sesInfoAlloc();
2245 if (ses == NULL)
2246 goto get_ses_fail;
2247
2248 /* new SMB session uses our server ref */
2249 ses->server = server;
a9f1b85e
PS		 2250 if (server->dstaddr.ss_family == AF_INET6)
2251 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
36988c76 2252 else
a9f1b85e 2253 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
36988c76 2254
8727c8a8
SF		 2255 if (volume_info->username) {
2256 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2257 if (!ses->user_name)
2258 goto get_ses_fail;
2259 }
36988c76
JL		 2260
2261 /* volume_info->password freed at unmount */
2262 if (volume_info->password) {
2263 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2264 if (!ses->password)
2265 goto get_ses_fail;
2266 }
2267 if (volume_info->domainname) {
d3686d54
SP		 2268 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2269 if (!ses->domainName)
2270 goto get_ses_fail;
36988c76 2271 }
3e4b3e1f 2272 ses->cred_uid = volume_info->cred_uid;
36988c76 2273 ses->linux_uid = volume_info->linux_uid;
d9b94201
SF		 2274
2275 /* ntlmv2 is much stronger than ntlm security, and has been broadly
2276 supported for many years, time to update default security mechanism */
2277 if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2278 warned_on_ntlm = true;
2279 cERROR(1, "default security mechanism requested. The default "
2280 "security mechanism will be upgraded from ntlm to "
225de11e 2281 "ntlmv2 in kernel release 3.3");
d9b94201 2282 }
36988c76
JL		 2283 ses->overrideSecFlg = volume_info->secFlg;
2284
2285 mutex_lock(&ses->session_mutex);
198b5682
JL		 2286 rc = cifs_negotiate_protocol(xid, ses);
2287 if (!rc)
2288 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
36988c76 2289 mutex_unlock(&ses->session_mutex);
c8e56f1f 2290 if (rc)
36988c76
JL		 2291 goto get_ses_fail;
2292
2293 /* success, put it on the list */
3f9bcca7 2294 spin_lock(&cifs_tcp_ses_lock);
36988c76 2295 list_add(&ses->smb_ses_list, &server->smb_ses_list);
3f9bcca7 2296 spin_unlock(&cifs_tcp_ses_lock);
36988c76
JL		 2297
2298 FreeXid(xid);
2299 return ses;
2300
2301get_ses_fail:
2302 sesInfoFree(ses);
2303 FreeXid(xid);
2304 return ERR_PTR(rc);
2305}
2306
96daf2b0 2307static int match_tcon(struct cifs_tcon *tcon, const char *unc)
37bb04e5
PS		 2308{
2309 if (tcon->tidStatus == CifsExiting)
2310 return 0;
2311 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2312 return 0;
2313 return 1;
2314}
2315
96daf2b0
SF		 2316static struct cifs_tcon *
2317cifs_find_tcon(struct cifs_ses *ses, const char *unc)
f1987b44
JL		 2318{
2319 struct list_head *tmp;
96daf2b0 2320 struct cifs_tcon *tcon;
f1987b44 2321
3f9bcca7 2322 spin_lock(&cifs_tcp_ses_lock);
f1987b44 2323 list_for_each(tmp, &ses->tcon_list) {
96daf2b0 2324 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
37bb04e5 2325 if (!match_tcon(tcon, unc))
f1987b44 2326 continue;
f1987b44 2327 ++tcon->tc_count;
3f9bcca7 2328 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 2329 return tcon;
1da177e4 2330 }
3f9bcca7 2331 spin_unlock(&cifs_tcp_ses_lock);
1da177e4
LT		 2332 return NULL;
2333}
2334
f1987b44 2335static void
96daf2b0 2336cifs_put_tcon(struct cifs_tcon *tcon)
f1987b44
JL		 2337{
2338 int xid;
96daf2b0 2339 struct cifs_ses *ses = tcon->ses;
f1987b44 2340
d00c28de 2341 cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
3f9bcca7 2342 spin_lock(&cifs_tcp_ses_lock);
f1987b44 2343 if (--tcon->tc_count > 0) {
3f9bcca7 2344 spin_unlock(&cifs_tcp_ses_lock);
f1987b44
JL		 2345 return;
2346 }
2347
2348 list_del_init(&tcon->tcon_list);
3f9bcca7 2349 spin_unlock(&cifs_tcp_ses_lock);
f1987b44
JL		 2350
2351 xid = GetXid();
2352 CIFSSMBTDis(xid, tcon);
2353 _FreeXid(xid);
2354
d03382ce 2355 cifs_fscache_release_super_cookie(tcon);
9f841593 2356 tconInfoFree(tcon);
f1987b44
JL		 2357 cifs_put_smb_ses(ses);
2358}
2359
96daf2b0
SF		 2360static struct cifs_tcon *
2361cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
d00c28de
JL		 2362{
2363 int rc, xid;
96daf2b0 2364 struct cifs_tcon *tcon;
d00c28de
JL		 2365
2366 tcon = cifs_find_tcon(ses, volume_info->UNC);
2367 if (tcon) {
2368 cFYI(1, "Found match on UNC path");
2369 /* existing tcon already has a reference */
2370 cifs_put_smb_ses(ses);
2371 if (tcon->seal != volume_info->seal)
2372 cERROR(1, "transport encryption setting "
2373 "conflicts with existing tid");
2374 return tcon;
2375 }
2376
2377 tcon = tconInfoAlloc();
2378 if (tcon == NULL) {
2379 rc = -ENOMEM;
2380 goto out_fail;
2381 }
2382
2383 tcon->ses = ses;
2384 if (volume_info->password) {
2385 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2386 if (!tcon->password) {
2387 rc = -ENOMEM;
2388 goto out_fail;
2389 }
2390 }
2391
2392 if (strchr(volume_info->UNC + 3, '\\') == NULL
2393 && strchr(volume_info->UNC + 3, '/') == NULL) {
2394 cERROR(1, "Missing share name");
2395 rc = -ENODEV;
2396 goto out_fail;
2397 }
2398
2399 /* BB Do we need to wrap session_mutex around
2400 * this TCon call and Unix SetFS as
2401 * we do on SessSetup and reconnect? */
2402 xid = GetXid();
2403 rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2404 FreeXid(xid);
2405 cFYI(1, "CIFS Tcon rc = %d", rc);
2406 if (rc)
2407 goto out_fail;
2408
2409 if (volume_info->nodfs) {
2410 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2411 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2412 }
2413 tcon->seal = volume_info->seal;
2414 /* we can have only one retry value for a connection
2415 to a share so for resources mounted more than once
2416 to the same server share the last value passed in
2417 for the retry flag is used */
2418 tcon->retry = volume_info->retry;
2419 tcon->nocase = volume_info->nocase;
2420 tcon->local_lease = volume_info->local_lease;
2421
3f9bcca7 2422 spin_lock(&cifs_tcp_ses_lock);
d00c28de 2423 list_add(&tcon->tcon_list, &ses->tcon_list);
3f9bcca7 2424 spin_unlock(&cifs_tcp_ses_lock);
d00c28de 2425
d03382ce
SJ		 2426 cifs_fscache_get_super_cookie(tcon);
2427
d00c28de
JL		 2428 return tcon;
2429
2430out_fail:
2431 tconInfoFree(tcon);
2432 return ERR_PTR(rc);
2433}
2434
9d002df4
JL		 2435void
2436cifs_put_tlink(struct tcon_link *tlink)
2437{
2438 if (!tlink || IS_ERR(tlink))
2439 return;
2440
2441 if (!atomic_dec_and_test(&tlink->tl_count) ||
2442 test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2443 tlink->tl_time = jiffies;
2444 return;
2445 }
2446
2447 if (!IS_ERR(tlink_tcon(tlink)))
2448 cifs_put_tcon(tlink_tcon(tlink));
2449 kfree(tlink);
2450 return;
2451}
d00c28de 2452
25c7f41e 2453static inline struct tcon_link *
cd51875d
PS		 2454cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2455{
2456 return cifs_sb->master_tlink;
2457}
25c7f41e
PS		 2458
2459static int
2460compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2461{
2462 struct cifs_sb_info *old = CIFS_SB(sb);
2463 struct cifs_sb_info *new = mnt_data->cifs_sb;
2464
2465 if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2466 return 0;
2467
2468 if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2469 (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2470 return 0;
2471
25c7f41e 2472 /*
5eba8ab3
JL		 2473 * We want to share sb only if we don't specify an r/wsize or
2474 * specified r/wsize is greater than or equal to existing one.
25c7f41e
PS		 2475 */
2476 if (new->wsize && new->wsize < old->wsize)
2477 return 0;
2478
5eba8ab3
JL		 2479 if (new->rsize && new->rsize < old->rsize)
2480 return 0;
2481
25c7f41e
PS		 2482 if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2483 return 0;
2484
2485 if (old->mnt_file_mode != new->mnt_file_mode ||
2486 old->mnt_dir_mode != new->mnt_dir_mode)
2487 return 0;
2488
2489 if (strcmp(old->local_nls->charset, new->local_nls->charset))
2490 return 0;
2491
2492 if (old->actimeo != new->actimeo)
2493 return 0;
2494
2495 return 1;
2496}
2497
2498int
2499cifs_match_super(struct super_block *sb, void *data)
2500{
2501 struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2502 struct smb_vol *volume_info;
2503 struct cifs_sb_info *cifs_sb;
2504 struct TCP_Server_Info *tcp_srv;
96daf2b0
SF		 2505 struct cifs_ses *ses;
2506 struct cifs_tcon *tcon;
25c7f41e
PS		 2507 struct tcon_link *tlink;
2508 struct sockaddr_storage addr;
2509 int rc = 0;
2510
2511 memset(&addr, 0, sizeof(struct sockaddr_storage));
2512
2513 spin_lock(&cifs_tcp_ses_lock);
2514 cifs_sb = CIFS_SB(sb);
2515 tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2516 if (IS_ERR(tlink)) {
2517 spin_unlock(&cifs_tcp_ses_lock);
2518 return rc;
2519 }
2520 tcon = tlink_tcon(tlink);
2521 ses = tcon->ses;
2522 tcp_srv = ses->server;
2523
2524 volume_info = mnt_data->vol;
2525
2526 if (!volume_info->UNCip || !volume_info->UNC)
2527 goto out;
2528
2529 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2530 volume_info->UNCip,
2531 strlen(volume_info->UNCip),
2532 volume_info->port);
2533 if (!rc)
2534 goto out;
2535
2536 if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2537 !match_session(ses, volume_info) ||
2538 !match_tcon(tcon, volume_info->UNC)) {
2539 rc = 0;
2540 goto out;
2541 }
2542
2543 rc = compare_mount_options(sb, mnt_data);
2544out:
25c7f41e 2545 spin_unlock(&cifs_tcp_ses_lock);
f484b5d0 2546 cifs_put_tlink(tlink);
25c7f41e
PS		 2547 return rc;
2548}
2549
1da177e4 2550int
96daf2b0 2551get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
50c2f753 2552 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
366781c1 2553 struct dfs_info3_param **preferrals, int remap)
1da177e4
LT		 2554{
2555 char *temp_unc;
2556 int rc = 0;
2557
2558 *pnum_referrals = 0;
366781c1 2559 *preferrals = NULL;
1da177e4
LT		 2560
2561 if (pSesInfo->ipc_tid == 0) {
2562 temp_unc = kmalloc(2 /* for slashes */ +
50c2f753
SF		 2563 strnlen(pSesInfo->serverName,
2564 SERVER_NAME_LEN_WITH_NULL * 2)
1da177e4
LT		 2565 + 1 + 4 /* slash IPC$ */ + 2,
2566 GFP_KERNEL);
2567 if (temp_unc == NULL)
2568 return -ENOMEM;
2569 temp_unc[0] = '\\';
2570 temp_unc[1] = '\\';
2571 strcpy(temp_unc + 2, pSesInfo->serverName);
2572 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2573 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
b6b38f70 2574 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
1da177e4
LT		 2575 kfree(temp_unc);
2576 }
2577 if (rc == 0)
c2cf07d5 2578 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
737b758c 2579 pnum_referrals, nls_codepage, remap);
366781c1
SF		 2580 /* BB map targetUNCs to dfs_info3 structures, here or
2581 in CIFSGetDFSRefer BB */
1da177e4
LT		 2582
2583 return rc;
2584}
2585
09e50d55
JL		 2586#ifdef CONFIG_DEBUG_LOCK_ALLOC
2587static struct lock_class_key cifs_key[2];
2588static struct lock_class_key cifs_slock_key[2];
2589
2590static inline void
2591cifs_reclassify_socket4(struct socket *sock)
2592{
2593 struct sock *sk = sock->sk;
2594 BUG_ON(sock_owned_by_user(sk));
2595 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2596 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2597}
2598
2599static inline void
2600cifs_reclassify_socket6(struct socket *sock)
2601{
2602 struct sock *sk = sock->sk;
2603 BUG_ON(sock_owned_by_user(sk));
2604 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2605 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2606}
2607#else
2608static inline void
2609cifs_reclassify_socket4(struct socket *sock)
2610{
2611}
2612
2613static inline void
2614cifs_reclassify_socket6(struct socket *sock)
2615{
2616}
2617#endif
2618
1da177e4 2619/* See RFC1001 section 14 on representation of Netbios names */
50c2f753 2620static void rfc1002mangle(char *target, char *source, unsigned int length)
1da177e4 2621{
50c2f753 2622 unsigned int i, j;
1da177e4 2623
50c2f753 2624 for (i = 0, j = 0; i < (length); i++) {
1da177e4
LT		 2625 /* mask a nibble at a time and encode */
2626 target[j] = 'A' + (0x0F & (source[i] >> 4));
2627 target[j+1] = 'A' + (0x0F & source[i]);
50c2f753 2628 j += 2;
1da177e4
LT		 2629 }
2630
2631}
2632
3eb9a889
BG		 2633static int
2634bind_socket(struct TCP_Server_Info *server)
2635{
2636 int rc = 0;
2637 if (server->srcaddr.ss_family != AF_UNSPEC) {
2638 /* Bind to the specified local IP address */
2639 struct socket *socket = server->ssocket;
2640 rc = socket->ops->bind(socket,
2641 (struct sockaddr *) &server->srcaddr,
2642 sizeof(server->srcaddr));
2643 if (rc < 0) {
2644 struct sockaddr_in *saddr4;
2645 struct sockaddr_in6 *saddr6;
2646 saddr4 = (struct sockaddr_in *)&server->srcaddr;
2647 saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2648 if (saddr6->sin6_family == AF_INET6)
2649 cERROR(1, "cifs: "
2650 "Failed to bind to: %pI6c, error: %d\n",
2651 &saddr6->sin6_addr, rc);
2652 else
2653 cERROR(1, "cifs: "
2654 "Failed to bind to: %pI4, error: %d\n",
2655 &saddr4->sin_addr.s_addr, rc);
2656 }
2657 }
2658 return rc;
2659}
1da177e4
LT		 2660
2661static int
a9f1b85e 2662ip_rfc1001_connect(struct TCP_Server_Info *server)
1da177e4
LT		 2663{
2664 int rc = 0;
a9f1b85e
PS		 2665 /*
2666 * some servers require RFC1001 sessinit before sending
2667 * negprot - BB check reconnection in case where second
2668 * sessinit is sent but no second negprot
2669 */
2670 struct rfc1002_session_packet *ses_init_buf;
2671 struct smb_hdr *smb_buf;
2672 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2673 GFP_KERNEL);
2674 if (ses_init_buf) {
2675 ses_init_buf->trailer.session_req.called_len = 32;
2676
2677 if (server->server_RFC1001_name &&
2678 server->server_RFC1001_name[0] != 0)
2679 rfc1002mangle(ses_init_buf->trailer.
2680 session_req.called_name,
2681 server->server_RFC1001_name,
2682 RFC1001_NAME_LEN_WITH_NULL);
2683 else
2684 rfc1002mangle(ses_init_buf->trailer.
2685 session_req.called_name,
2686 DEFAULT_CIFS_CALLED_NAME,
2687 RFC1001_NAME_LEN_WITH_NULL);
2688
2689 ses_init_buf->trailer.session_req.calling_len = 32;
2690
2691 /*
2692 * calling name ends in null (byte 16) from old smb
2693 * convention.
2694 */
2695 if (server->workstation_RFC1001_name &&
2696 server->workstation_RFC1001_name[0] != 0)
2697 rfc1002mangle(ses_init_buf->trailer.
2698 session_req.calling_name,
2699 server->workstation_RFC1001_name,
2700 RFC1001_NAME_LEN_WITH_NULL);
2701 else
2702 rfc1002mangle(ses_init_buf->trailer.
2703 session_req.calling_name,
2704 "LINUX_CIFS_CLNT",
2705 RFC1001_NAME_LEN_WITH_NULL);
2706
2707 ses_init_buf->trailer.session_req.scope1 = 0;
2708 ses_init_buf->trailer.session_req.scope2 = 0;
2709 smb_buf = (struct smb_hdr *)ses_init_buf;
2710
2711 /* sizeof RFC1002_SESSION_REQUEST with no scope */
be8e3b00 2712 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
a9f1b85e
PS		 2713 rc = smb_send(server, smb_buf, 0x44);
2714 kfree(ses_init_buf);
2715 /*
2716 * RFC1001 layer in at least one server
2717 * requires very short break before negprot
2718 * presumably because not expecting negprot
2719 * to follow so fast. This is a simple
2720 * solution that works without
2721 * complicating the code and causes no
2722 * significant slowing down on mount
2723 * for everyone else
2724 */
2725 usleep_range(1000, 2000);
2726 }
2727 /*
2728 * else the negprot may still work without this
2729 * even though malloc failed
2730 */
2731
2732 return rc;
2733}
2734
2735static int
2736generic_ip_connect(struct TCP_Server_Info *server)
2737{
2738 int rc = 0;
6da97910 2739 __be16 sport;
a9f1b85e 2740 int slen, sfamily;
bcf4b106 2741 struct socket *socket = server->ssocket;
a9f1b85e
PS		 2742 struct sockaddr *saddr;
2743
2744 saddr = (struct sockaddr *) &server->dstaddr;
2745
2746 if (server->dstaddr.ss_family == AF_INET6) {
2747 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2748 slen = sizeof(struct sockaddr_in6);
2749 sfamily = AF_INET6;
2750 } else {
2751 sport = ((struct sockaddr_in *) saddr)->sin_port;
2752 slen = sizeof(struct sockaddr_in);
2753 sfamily = AF_INET;
2754 }
1da177e4 2755
bcf4b106 2756 if (socket == NULL) {
f1d0c998
RL		 2757 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2758 IPPROTO_TCP, &socket, 1);
1da177e4 2759 if (rc < 0) {
b6b38f70 2760 cERROR(1, "Error %d creating socket", rc);
a9f1b85e 2761 server->ssocket = NULL;
1da177e4 2762 return rc;
1da177e4 2763 }
bcf4b106
JL		 2764
2765 /* BB other socket options to set KEEPALIVE, NODELAY? */
b6b38f70 2766 cFYI(1, "Socket created");
bcf4b106
JL		 2767 server->ssocket = socket;
2768 socket->sk->sk_allocation = GFP_NOFS;
a9f1b85e
PS		 2769 if (sfamily == AF_INET6)
2770 cifs_reclassify_socket6(socket);
2771 else
2772 cifs_reclassify_socket4(socket);
1da177e4
LT		 2773 }
2774
3eb9a889
BG		 2775 rc = bind_socket(server);
2776 if (rc < 0)
2777 return rc;
2778
bcf4b106
JL		 2779 /*
2780 * Eventually check for other socket options to change from
a9f1b85e
PS		 2781 * the default. sock_setsockopt not used because it expects
2782 * user space buffer
bcf4b106
JL		 2783 */
2784 socket->sk->sk_rcvtimeo = 7 * HZ;
da505c38 2785 socket->sk->sk_sndtimeo = 5 * HZ;
edf1ae40 2786
b387eaeb 2787 /* make the bufsizes depend on wsize/rsize and max requests */
bcf4b106
JL		 2788 if (server->noautotune) {
2789 if (socket->sk->sk_sndbuf < (200 * 1024))
2790 socket->sk->sk_sndbuf = 200 * 1024;
2791 if (socket->sk->sk_rcvbuf < (140 * 1024))
2792 socket->sk->sk_rcvbuf = 140 * 1024;
edf1ae40 2793 }
1da177e4 2794
6a5fa236 2795 if (server->tcp_nodelay) {
a9f1b85e 2796 int val = 1;
6a5fa236
SF		 2797 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2798 (char *)&val, sizeof(val));
2799 if (rc)
b6b38f70 2800 cFYI(1, "set TCP_NODELAY socket option error %d", rc);
6a5fa236
SF		 2801 }
2802
b6b38f70 2803 cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
bcf4b106 2804 socket->sk->sk_sndbuf,
b6b38f70 2805 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
bcf4b106 2806
ee1b3ea9
JL		 2807 rc = socket->ops->connect(socket, saddr, slen, 0);
2808 if (rc < 0) {
2809 cFYI(1, "Error %d connecting to server", rc);
2810 sock_release(socket);
2811 server->ssocket = NULL;
2812 return rc;
2813 }
2814
a9f1b85e
PS		 2815 if (sport == htons(RFC1001_PORT))
2816 rc = ip_rfc1001_connect(server);
50c2f753 2817
1da177e4
LT		 2818 return rc;
2819}
2820
2821static int
a9f1b85e 2822ip_connect(struct TCP_Server_Info *server)
1da177e4 2823{
6da97910 2824 __be16 *sport;
a9f1b85e
PS		 2825 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2826 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
1da177e4 2827
a9f1b85e
PS		 2828 if (server->dstaddr.ss_family == AF_INET6)
2829 sport = &addr6->sin6_port;
2830 else
2831 sport = &addr->sin_port;
1da177e4 2832
a9f1b85e
PS		 2833 if (*sport == 0) {
2834 int rc;
1da177e4 2835
a9f1b85e
PS		 2836 /* try with 445 port at first */
2837 *sport = htons(CIFS_PORT);
3eb9a889 2838
a9f1b85e 2839 rc = generic_ip_connect(server);
1da177e4 2840 if (rc >= 0)
a9f1b85e 2841 return rc;
6a5fa236 2842
a9f1b85e
PS		 2843 /* if it failed, try with 139 port */
2844 *sport = htons(RFC1001_PORT);
6a5fa236
SF		 2845 }
2846
a9f1b85e 2847 return generic_ip_connect(server);
1da177e4
LT		 2848}
2849
96daf2b0 2850void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
2c6292ae 2851 struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
8af18971
SF		 2852{
2853 /* if we are reconnecting then should we check to see if
2854 * any requested capabilities changed locally e.g. via
2855 * remount but we can not do much about it here
2856 * if they have (even if we could detect it by the following)
2857 * Perhaps we could add a backpointer to array of sb from tcon
2858 * or if we change to make all sb to same share the same
2859 * sb as NFS - then we only have one backpointer to sb.
2860 * What if we wanted to mount the server share twice once with
2861 * and once without posixacls or posix paths? */
2862 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
50c2f753 2863
c18c842b
SF		 2864 if (vol_info && vol_info->no_linux_ext) {
2865 tcon->fsUnixInfo.Capability = 0;
2866 tcon->unix_ext = 0; /* Unix Extensions disabled */
b6b38f70 2867 cFYI(1, "Linux protocol extensions disabled");
c18c842b
SF		 2868 return;
2869 } else if (vol_info)
2870 tcon->unix_ext = 1; /* Unix Extensions supported */
2871
2872 if (tcon->unix_ext == 0) {
b6b38f70 2873 cFYI(1, "Unix extensions disabled so not set on reconnect");
c18c842b
SF		 2874 return;
2875 }
50c2f753 2876
fb8c4b14 2877 if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
8af18971 2878 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
6848b733 2879 cFYI(1, "unix caps which server supports %lld", cap);
8af18971
SF		 2880 /* check for reconnect case in which we do not
2881 want to change the mount behavior if we can avoid it */
fb8c4b14 2882 if (vol_info == NULL) {
50c2f753 2883 /* turn off POSIX ACL and PATHNAMES if not set
8af18971
SF		 2884 originally at mount time */
2885 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2886 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
11b6d645
IM		 2887 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2888 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
b6b38f70 2889 cERROR(1, "POSIXPATH support change");
8af18971 2890 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
11b6d645 2891 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
b6b38f70
JP		 2892 cERROR(1, "possible reconnect error");
2893 cERROR(1, "server disabled POSIX path support");
11b6d645 2894 }
8af18971 2895 }
50c2f753 2896
6848b733
SF		 2897 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2898 cERROR(1, "per-share encryption not supported yet");
2899
8af18971 2900 cap &= CIFS_UNIX_CAP_MASK;
75865f8c 2901 if (vol_info && vol_info->no_psx_acl)
8af18971 2902 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
75865f8c 2903 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
b6b38f70 2904 cFYI(1, "negotiated posix acl support");
2c6292ae
AV		 2905 if (cifs_sb)
2906 cifs_sb->mnt_cifs_flags |=
2907 CIFS_MOUNT_POSIXACL;
8af18971
SF		 2908 }
2909
75865f8c 2910 if (vol_info && vol_info->posix_paths == 0)
8af18971 2911 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
75865f8c 2912 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
b6b38f70 2913 cFYI(1, "negotiate posix pathnames");
2c6292ae
AV		 2914 if (cifs_sb)
2915 cifs_sb->mnt_cifs_flags |=
8af18971
SF		 2916 CIFS_MOUNT_POSIX_PATHS;
2917 }
50c2f753 2918
b6b38f70 2919 cFYI(1, "Negotiate caps 0x%x", (int)cap);
8af18971 2920#ifdef CONFIG_CIFS_DEBUG2
75865f8c 2921 if (cap & CIFS_UNIX_FCNTL_CAP)
b6b38f70 2922 cFYI(1, "FCNTL cap");
75865f8c 2923 if (cap & CIFS_UNIX_EXTATTR_CAP)
b6b38f70 2924 cFYI(1, "EXTATTR cap");
75865f8c 2925 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
b6b38f70 2926 cFYI(1, "POSIX path cap");
75865f8c 2927 if (cap & CIFS_UNIX_XATTR_CAP)
b6b38f70 2928 cFYI(1, "XATTR cap");
75865f8c 2929 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
b6b38f70 2930 cFYI(1, "POSIX ACL cap");
75865f8c 2931 if (cap & CIFS_UNIX_LARGE_READ_CAP)
b6b38f70 2932 cFYI(1, "very large read cap");
75865f8c 2933 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
b6b38f70 2934 cFYI(1, "very large write cap");
6848b733
SF		 2935 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
2936 cFYI(1, "transport encryption cap");
2937 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2938 cFYI(1, "mandatory transport encryption cap");
8af18971
SF		 2939#endif /* CIFS_DEBUG2 */
2940 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
442aa310 2941 if (vol_info == NULL) {
b6b38f70 2942 cFYI(1, "resetting capabilities failed");
442aa310 2943 } else
b6b38f70 2944 cERROR(1, "Negotiating Unix capabilities "
5a44b319
SF		 2945 "with the server failed. Consider "
2946 "mounting with the Unix Extensions\n"
2947 "disabled, if problems are found, "
2948 "by specifying the nounix mount "
b6b38f70 2949 "option.");
5a44b319 2950
8af18971
SF		 2951 }
2952 }
2953}
2954
724d9f1c
PS		 2955void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
2956 struct cifs_sb_info *cifs_sb)
b1c8d2b4 2957{
2de970ff
JL		 2958 INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2959
2ced6f69
AV		 2960 spin_lock_init(&cifs_sb->tlink_tree_lock);
2961 cifs_sb->tlink_tree = RB_ROOT;
2962
25c7f41e 2963 /*
5eba8ab3
JL		 2964 * Temporarily set r/wsize for matching superblock. If we end up using
2965 * new sb then client will later negotiate it downward if needed.
25c7f41e 2966 */
5eba8ab3 2967 cifs_sb->rsize = pvolume_info->rsize;
25c7f41e
PS		 2968 cifs_sb->wsize = pvolume_info->wsize;
2969
3b795210
SF		 2970 cifs_sb->mnt_uid = pvolume_info->linux_uid;
2971 cifs_sb->mnt_gid = pvolume_info->linux_gid;
3d3ea8e6
SP		 2972 if (pvolume_info->backupuid_specified)
2973 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
2974 if (pvolume_info->backupgid_specified)
2975 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
3b795210
SF		 2976 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2977 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
5206efd6 2978 cFYI(1, "file mode: 0x%hx dir mode: 0x%hx",
b6b38f70 2979 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
3b795210 2980
6d20e840 2981 cifs_sb->actimeo = pvolume_info->actimeo;
724d9f1c 2982 cifs_sb->local_nls = pvolume_info->local_nls;
6d20e840 2983
3b795210
SF		 2984 if (pvolume_info->noperm)
2985 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2986 if (pvolume_info->setuids)
2987 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2988 if (pvolume_info->server_ino)
2989 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2990 if (pvolume_info->remap)
2991 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2992 if (pvolume_info->no_xattr)
2993 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2994 if (pvolume_info->sfu_emul)
2995 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2996 if (pvolume_info->nobrl)
2997 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
be652445 2998 if (pvolume_info->nostrictsync)
4717bed6 2999 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
13a6e42a
SF		 3000 if (pvolume_info->mand_lock)
3001 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
d4ffff1f
PS		 3002 if (pvolume_info->rwpidforward)
3003 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
3b795210
SF		 3004 if (pvolume_info->cifs_acl)
3005 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
3d3ea8e6
SP		 3006 if (pvolume_info->backupuid_specified)
3007 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
3008 if (pvolume_info->backupgid_specified)
3009 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
3b795210
SF		 3010 if (pvolume_info->override_uid)
3011 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
3012 if (pvolume_info->override_gid)
3013 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
3014 if (pvolume_info->dynperm)
3015 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
fa1df75d
SJ		 3016 if (pvolume_info->fsc)
3017 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
0eb8a132
JL		 3018 if (pvolume_info->multiuser)
3019 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
3020 CIFS_MOUNT_NO_PERM);
d39454ff
PS		 3021 if (pvolume_info->strict_io)
3022 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
3b795210 3023 if (pvolume_info->direct_io) {
b6b38f70 3024 cFYI(1, "mounting share using direct i/o");
3b795210
SF		 3025 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
3026 }
736a3320
SM		 3027 if (pvolume_info->mfsymlinks) {
3028 if (pvolume_info->sfu_emul) {
3029 cERROR(1, "mount option mfsymlinks ignored if sfu "
3030 "mount option is used");
3031 } else {
3032 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
3033 }
3034 }
3b795210
SF		 3035
3036 if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
b6b38f70
JP		 3037 cERROR(1, "mount option dynperm ignored if cifsacl "
3038 "mount option supported");
b1c8d2b4
JL		 3039}
3040
f7910cbd 3041/*
5eba8ab3
JL		 3042 * When the server supports very large reads and writes via POSIX extensions,
3043 * we can allow up to 2^24-1, minus the size of a READ/WRITE_AND_X header, not
3044 * including the RFC1001 length.
f7910cbd
JL		 3045 *
3046 * Note that this might make for "interesting" allocation problems during
1190f6a0
JL		 3047 * writeback however as we have to allocate an array of pointers for the
3048 * pages. A 16M write means ~32kb page array with PAGE_CACHE_SIZE == 4096.
5eba8ab3
JL		 3049 *
3050 * For reads, there is a similar problem as we need to allocate an array
3051 * of kvecs to handle the receive, though that should only need to be done
3052 * once.
f7910cbd 3053 */
1190f6a0 3054#define CIFS_MAX_WSIZE ((1<<24) - 1 - sizeof(WRITE_REQ) + 4)
5eba8ab3 3055#define CIFS_MAX_RSIZE ((1<<24) - sizeof(READ_RSP) + 4)
f7910cbd
JL		 3056
3057/*
5eba8ab3
JL		 3058 * When the server doesn't allow large posix writes, only allow a rsize/wsize
3059 * of 2^17-1 minus the size of the call header. That allows for a read or
3060 * write up to the maximum size described by RFC1002.
f7910cbd 3061 */
94443f43 3062#define CIFS_MAX_RFC1002_WSIZE ((1<<17) - 1 - sizeof(WRITE_REQ) + 4)
5eba8ab3 3063#define CIFS_MAX_RFC1002_RSIZE ((1<<17) - 1 - sizeof(READ_RSP) + 4)
f7910cbd
JL		 3064
3065/*
3066 * The default wsize is 1M. find_get_pages seems to return a maximum of 256
3067 * pages in a single call. With PAGE_CACHE_SIZE == 4k, this means we can fill
3068 * a single wsize request with a single call.
3069 */
5eba8ab3
JL		 3070#define CIFS_DEFAULT_IOSIZE (1024 * 1024)
3071
3072/*
ce91acb3
JL		 3073 * Windows only supports a max of 60kb reads and 65535 byte writes. Default to
3074 * those values when posix extensions aren't in force. In actuality here, we
3075 * use 65536 to allow for a write that is a multiple of 4k. Most servers seem
3076 * to be ok with the extra byte even though Windows doesn't send writes that
3077 * are that large.
3078 *
3079 * Citation:
3080 *
3081 * http://blogs.msdn.com/b/openspecification/archive/2009/04/10/smb-maximum-transmit-buffer-size-and-performance-tuning.aspx
5eba8ab3
JL		 3082 */
3083#define CIFS_DEFAULT_NON_POSIX_RSIZE (60 * 1024)
ce91acb3 3084#define CIFS_DEFAULT_NON_POSIX_WSIZE (65536)
f7910cbd
JL		 3085
3086static unsigned int
96daf2b0 3087cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
f7910cbd
JL		 3088{
3089 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3090 struct TCP_Server_Info *server = tcon->ses->server;
ce91acb3
JL		 3091 unsigned int wsize;
3092
3093 /* start with specified wsize, or default */
3094 if (pvolume_info->wsize)
3095 wsize = pvolume_info->wsize;
3096 else if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
3097 wsize = CIFS_DEFAULT_IOSIZE;
3098 else
3099 wsize = CIFS_DEFAULT_NON_POSIX_WSIZE;
f7910cbd
JL		 3100
3101 /* can server support 24-bit write sizes? (via UNIX extensions) */
3102 if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
1190f6a0 3103 wsize = min_t(unsigned int, wsize, CIFS_MAX_RFC1002_WSIZE);
f7910cbd 3104
1190f6a0
JL		 3105 /*
3106 * no CAP_LARGE_WRITE_X or is signing enabled without CAP_UNIX set?
3107 * Limit it to max buffer offered by the server, minus the size of the
3108 * WRITEX header, not including the 4 byte RFC1001 length.
3109 */
3110 if (!(server->capabilities & CAP_LARGE_WRITE_X) ||
3111 (!(server->capabilities & CAP_UNIX) &&
3112 (server->sec_mode & (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED))))
3113 wsize = min_t(unsigned int, wsize,
3114 server->maxBuf - sizeof(WRITE_REQ) + 4);
f7910cbd
JL		 3115
3116 /* hard limit of CIFS_MAX_WSIZE */
3117 wsize = min_t(unsigned int, wsize, CIFS_MAX_WSIZE);
3118
3119 return wsize;
3120}
3121
5eba8ab3
JL		 3122static unsigned int
3123cifs_negotiate_rsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
3124{
3125 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3126 struct TCP_Server_Info *server = tcon->ses->server;
3127 unsigned int rsize, defsize;
3128
3129 /*
3130 * Set default value...
3131 *
3132 * HACK alert! Ancient servers have very small buffers. Even though
3133 * MS-CIFS indicates that servers are only limited by the client's
3134 * bufsize for reads, testing against win98se shows that it throws
3135 * INVALID_PARAMETER errors if you try to request too large a read.
3136 *
3137 * If the server advertises a MaxBufferSize of less than one page,
3138 * assume that it also can't satisfy reads larger than that either.
3139 *
3140 * FIXME: Is there a better heuristic for this?
3141 */
3142 if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_READ_CAP))
3143 defsize = CIFS_DEFAULT_IOSIZE;
3144 else if (server->capabilities & CAP_LARGE_READ_X)
3145 defsize = CIFS_DEFAULT_NON_POSIX_RSIZE;
3146 else if (server->maxBuf >= PAGE_CACHE_SIZE)
3147 defsize = CIFSMaxBufSize;
3148 else
3149 defsize = server->maxBuf - sizeof(READ_RSP);
3150
3151 rsize = pvolume_info->rsize ? pvolume_info->rsize : defsize;
3152
3153 /*
3154 * no CAP_LARGE_READ_X? Then MS-CIFS states that we must limit this to
3155 * the client's MaxBufferSize.
3156 */
3157 if (!(server->capabilities & CAP_LARGE_READ_X))
3158 rsize = min_t(unsigned int, CIFSMaxBufSize, rsize);
3159
3160 /* hard limit of CIFS_MAX_RSIZE */
3161 rsize = min_t(unsigned int, rsize, CIFS_MAX_RSIZE);
3162
3163 return rsize;
3164}
3165
e4cce94c 3166static int
96daf2b0 3167is_path_accessible(int xid, struct cifs_tcon *tcon,
e4cce94c
IM		 3168 struct cifs_sb_info *cifs_sb, const char *full_path)
3169{
3170 int rc;
e4cce94c
IM		 3171 FILE_ALL_INFO *pfile_info;
3172
e4cce94c
IM		 3173 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
3174 if (pfile_info == NULL)
3175 return -ENOMEM;
3176
3177 rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
3178 0 /* not legacy */, cifs_sb->local_nls,
3179 cifs_sb->mnt_cifs_flags &
3180 CIFS_MOUNT_MAP_SPECIAL_CHR);
221d1d79
JL		 3181
3182 if (rc == -EOPNOTSUPP || rc == -EINVAL)
3183 rc = SMBQueryInformation(xid, tcon, full_path, pfile_info,
3184 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
3185 CIFS_MOUNT_MAP_SPECIAL_CHR);
e4cce94c
IM		 3186 kfree(pfile_info);
3187 return rc;
3188}
3189
b9bce2e9
JL		 3190static void
3191cleanup_volume_info_contents(struct smb_vol *volume_info)
1bfe73c2 3192{
b946845a 3193 kfree(volume_info->username);
1bfe73c2 3194 kzfree(volume_info->password);
13589c43
SF		 3195 if (volume_info->UNCip != volume_info->UNC + 2)
3196 kfree(volume_info->UNCip);
95c75454 3197 kfree(volume_info->UNC);
b946845a
SF		 3198 kfree(volume_info->domainname);
3199 kfree(volume_info->iocharset);
1bfe73c2 3200 kfree(volume_info->prepath);
b9bce2e9
JL		 3201}
3202
3203void
3204cifs_cleanup_volume_info(struct smb_vol *volume_info)
3205{
3206 if (!volume_info)
3207 return;
3208 cleanup_volume_info_contents(volume_info);
1bfe73c2 3209 kfree(volume_info);
1bfe73c2
IM		 3210}
3211
b9bce2e9 3212
2d6d589d 3213#ifdef CONFIG_CIFS_DFS_UPCALL
1bfe73c2
IM		 3214/* build_path_to_root returns full path to root when
3215 * we do not have an exiting connection (tcon) */
3216static char *
b2a0fa15 3217build_unc_path_to_root(const struct smb_vol *vol,
1bfe73c2
IM		 3218 const struct cifs_sb_info *cifs_sb)
3219{
b2a0fa15
JL		 3220 char *full_path, *pos;
3221 unsigned int pplen = vol->prepath ? strlen(vol->prepath) : 0;
3222 unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
1bfe73c2 3223
b2a0fa15 3224 full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
1bfe73c2
IM		 3225 if (full_path == NULL)
3226 return ERR_PTR(-ENOMEM);
3227
b2a0fa15
JL		 3228 strncpy(full_path, vol->UNC, unc_len);
3229 pos = full_path + unc_len;
3230
3231 if (pplen) {
3232 strncpy(pos, vol->prepath, pplen);
3233 pos += pplen;
3234 }
3235
3236 *pos = '\0'; /* add trailing null */
f87d39d9 3237 convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
b2a0fa15 3238 cFYI(1, "%s: full_path=%s", __func__, full_path);
1bfe73c2
IM		 3239 return full_path;
3240}
dd613945
SF		 3241
3242/*
3243 * Perform a dfs referral query for a share and (optionally) prefix
3244 *
046462ab
SF		 3245 * If a referral is found, cifs_sb->mountdata will be (re-)allocated
3246 * to a string containing updated options for the submount. Otherwise it
3247 * will be left untouched.
dd613945
SF		 3248 *
3249 * Returns the rc from get_dfs_path to the caller, which can be used to
3250 * determine whether there were referrals.
3251 */
3252static int
96daf2b0 3253expand_dfs_referral(int xid, struct cifs_ses *pSesInfo,
dd613945 3254 struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
046462ab 3255 int check_prefix)
dd613945
SF		 3256{
3257 int rc;
3258 unsigned int num_referrals = 0;
3259 struct dfs_info3_param *referrals = NULL;
3260 char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
3261
3262 full_path = build_unc_path_to_root(volume_info, cifs_sb);
3263 if (IS_ERR(full_path))
3264 return PTR_ERR(full_path);
3265
3266 /* For DFS paths, skip the first '\' of the UNC */
3267 ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
3268
3269 rc = get_dfs_path(xid, pSesInfo , ref_path, cifs_sb->local_nls,
3270 &num_referrals, &referrals,
3271 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
3272
3273 if (!rc && num_referrals > 0) {
3274 char *fake_devname = NULL;
3275
3276 mdata = cifs_compose_mount_options(cifs_sb->mountdata,
3277 full_path + 1, referrals,
3278 &fake_devname);
3279
3280 free_dfs_info_array(referrals, num_referrals);
046462ab 3281
dd613945
SF		 3282 if (IS_ERR(mdata)) {
3283 rc = PTR_ERR(mdata);
3284 mdata = NULL;
b9bce2e9
JL		 3285 } else {
3286 cleanup_volume_info_contents(volume_info);
3287 memset(volume_info, '\0', sizeof(*volume_info));
3288 rc = cifs_setup_volume_info(volume_info, mdata,
3289 fake_devname);
dd613945 3290 }
b9bce2e9
JL		 3291 kfree(fake_devname);
3292 kfree(cifs_sb->mountdata);
046462ab 3293 cifs_sb->mountdata = mdata;
dd613945
SF		 3294 }
3295 kfree(full_path);
3296 return rc;
3297}
2d6d589d 3298#endif
1bfe73c2 3299
04db79b0
JL		 3300static int
3301cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
3302 const char *devname)
1da177e4 3303{
724d9f1c 3304 int rc = 0;
1da177e4 3305
04db79b0
JL		 3306 if (cifs_parse_mount_options(mount_data, devname, volume_info))
3307 return -EINVAL;
1da177e4 3308
7586b765 3309 if (volume_info->nullauth) {
04febabc
JL		 3310 cFYI(1, "Anonymous login");
3311 kfree(volume_info->username);
3312 volume_info->username = NULL;
7586b765 3313 } else if (volume_info->username) {
1da177e4 3314 /* BB fixme parse for domain name here */
b6b38f70 3315 cFYI(1, "Username: %s", volume_info->username);
1da177e4 3316 } else {
bf820679 3317 cifserror("No username specified");
50c2f753
SF		 3318 /* In userspace mount helper we can get user name from alternate
3319 locations such as env variables and files on disk */
04db79b0 3320 return -EINVAL;
1da177e4
LT		 3321 }
3322
1da177e4 3323 /* this is needed for ASCII cp to Unicode converts */
7586b765 3324 if (volume_info->iocharset == NULL) {
a5fc4ce0
JL		 3325 /* load_nls_default cannot return null */
3326 volume_info->local_nls = load_nls_default();
1da177e4 3327 } else {
a5fc4ce0
JL		 3328 volume_info->local_nls = load_nls(volume_info->iocharset);
3329 if (volume_info->local_nls == NULL) {
b6b38f70
JP		 3330 cERROR(1, "CIFS mount error: iocharset %s not found",
3331 volume_info->iocharset);
04db79b0 3332 return -ELIBACC;
1da177e4
LT		 3333 }
3334 }
724d9f1c 3335
724d9f1c
PS		 3336 return rc;
3337}
3338
04db79b0
JL		 3339struct smb_vol *
3340cifs_get_volume_info(char *mount_data, const char *devname)
3341{
3342 int rc;
3343 struct smb_vol *volume_info;
3344
3345 volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
3346 if (!volume_info)
3347 return ERR_PTR(-ENOMEM);
3348
3349 rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3350 if (rc) {
3351 cifs_cleanup_volume_info(volume_info);
3352 volume_info = ERR_PTR(rc);
3353 }
3354
3355 return volume_info;
3356}
3357
66bfaadc
JL		 3358/* make sure ra_pages is a multiple of rsize */
3359static inline unsigned int
3360cifs_ra_pages(struct cifs_sb_info *cifs_sb)
3361{
3362 unsigned int reads;
3363 unsigned int rsize_pages = cifs_sb->rsize / PAGE_CACHE_SIZE;
3364
3365 if (rsize_pages >= default_backing_dev_info.ra_pages)
3366 return default_backing_dev_info.ra_pages;
3367 else if (rsize_pages == 0)
3368 return rsize_pages;
3369
3370 reads = default_backing_dev_info.ra_pages / rsize_pages;
3371 return reads * rsize_pages;
3372}
3373
724d9f1c 3374int
2c6292ae 3375cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
724d9f1c 3376{
1daaae8f 3377 int rc;
724d9f1c 3378 int xid;
96daf2b0
SF		 3379 struct cifs_ses *pSesInfo;
3380 struct cifs_tcon *tcon;
724d9f1c
PS		 3381 struct TCP_Server_Info *srvTcp;
3382 char *full_path;
3383 struct tcon_link *tlink;
3384#ifdef CONFIG_CIFS_DFS_UPCALL
3385 int referral_walks_count = 0;
20547490 3386#endif
dd854466
AV		 3387
3388 rc = bdi_setup_and_register(&cifs_sb->bdi, "cifs", BDI_CAP_MAP_COPY);
3389 if (rc)
3390 return rc;
3391
20547490 3392#ifdef CONFIG_CIFS_DFS_UPCALL
724d9f1c
PS		 3393try_mount_again:
3394 /* cleanup activities if we're chasing a referral */
3395 if (referral_walks_count) {
3396 if (tcon)
3397 cifs_put_tcon(tcon);
3398 else if (pSesInfo)
3399 cifs_put_smb_ses(pSesInfo);
3400
724d9f1c
PS		 3401 FreeXid(xid);
3402 }
3403#endif
1daaae8f 3404 rc = 0;
724d9f1c
PS		 3405 tcon = NULL;
3406 pSesInfo = NULL;
3407 srvTcp = NULL;
3408 full_path = NULL;
3409 tlink = NULL;
3410
3411 xid = GetXid();
1da177e4 3412
63c038c2 3413 /* get a reference to a tcp session */
7586b765 3414 srvTcp = cifs_get_tcp_session(volume_info);
63c038c2
JL		 3415 if (IS_ERR(srvTcp)) {
3416 rc = PTR_ERR(srvTcp);
dd854466 3417 bdi_destroy(&cifs_sb->bdi);
63c038c2 3418 goto out;
1da177e4
LT		 3419 }
3420
36988c76
JL		 3421 /* get a reference to a SMB session */
3422 pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
3423 if (IS_ERR(pSesInfo)) {
3424 rc = PTR_ERR(pSesInfo);
3425 pSesInfo = NULL;
3426 goto mount_fail_check;
1da177e4 3427 }
50c2f753 3428
d00c28de
JL		 3429 /* search for existing tcon to this server share */
3430 tcon = cifs_get_tcon(pSesInfo, volume_info);
3431 if (IS_ERR(tcon)) {
3432 rc = PTR_ERR(tcon);
3433 tcon = NULL;
1bfe73c2 3434 goto remote_path_check;
d00c28de 3435 }
1bfe73c2 3436
d82c2df5 3437 /* tell server which Unix caps we support */
6848b733 3438 if (tcon->ses->capabilities & CAP_UNIX) {
d82c2df5
SF		 3439 /* reset of caps checks mount to see if unix extensions
3440 disabled for just this mount */
2c6292ae 3441 reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
6848b733
SF		 3442 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3443 (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3444 CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3445 rc = -EACCES;
3446 goto mount_fail_check;
3447 }
3448 } else
d82c2df5 3449 tcon->unix_ext = 0; /* server does not support them */
c18c842b 3450
6848b733
SF		 3451 /* do not care if following two calls succeed - informational */
3452 if (!tcon->ipc) {
3453 CIFSSMBQFSDeviceInfo(xid, tcon);
3454 CIFSSMBQFSAttributeInfo(xid, tcon);
3455 }
3456
f7910cbd 3457 cifs_sb->wsize = cifs_negotiate_wsize(tcon, volume_info);
5eba8ab3 3458 cifs_sb->rsize = cifs_negotiate_rsize(tcon, volume_info);
f7910cbd 3459
66bfaadc
JL		 3460 /* tune readahead according to rsize */
3461 cifs_sb->bdi.ra_pages = cifs_ra_pages(cifs_sb);
f7910cbd 3462
1bfe73c2 3463remote_path_check:
c1508ca2
SF		 3464#ifdef CONFIG_CIFS_DFS_UPCALL
3465 /*
3466 * Perform an unconditional check for whether there are DFS
3467 * referrals for this path without prefix, to provide support
3468 * for DFS referrals from w2k8 servers which don't seem to respond
3469 * with PATH_NOT_COVERED to requests that include the prefix.
3470 * Chase the referral if found, otherwise continue normally.
3471 */
3472 if (referral_walks_count == 0) {
3473 int refrc = expand_dfs_referral(xid, pSesInfo, volume_info,
046462ab 3474 cifs_sb, false);
c1508ca2
SF		 3475 if (!refrc) {
3476 referral_walks_count++;
3477 goto try_mount_again;
3478 }
3479 }
3480#endif
3481
f87d39d9 3482 /* check if a whole path is not remote */
70945643 3483 if (!rc && tcon) {
e4cce94c 3484 /* build_path_to_root works only when we have a valid tcon */
f87d39d9 3485 full_path = cifs_build_path_to_root(volume_info, cifs_sb, tcon);
e4cce94c
IM		 3486 if (full_path == NULL) {
3487 rc = -ENOMEM;
3488 goto mount_fail_check;
3489 }
3490 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
03ceace5 3491 if (rc != 0 && rc != -EREMOTE) {
e4cce94c
IM		 3492 kfree(full_path);
3493 goto mount_fail_check;
3494 }
3495 kfree(full_path);
3496 }
3497
1bfe73c2
IM		 3498 /* get referral if needed */
3499 if (rc == -EREMOTE) {
d036f50f 3500#ifdef CONFIG_CIFS_DFS_UPCALL
5c2503a8
IM		 3501 if (referral_walks_count > MAX_NESTED_LINKS) {
3502 /*
3503 * BB: when we implement proper loop detection,
3504 * we will remove this check. But now we need it
3505 * to prevent an indefinite loop if 'DFS tree' is
3506 * misconfigured (i.e. has loops).
3507 */
3508 rc = -ELOOP;
3509 goto mount_fail_check;
3510 }
1bfe73c2 3511
dd613945 3512 rc = expand_dfs_referral(xid, pSesInfo, volume_info, cifs_sb,
046462ab 3513 true);
7b91e266 3514
dd613945 3515 if (!rc) {
5c2503a8 3516 referral_walks_count++;
1bfe73c2
IM		 3517 goto try_mount_again;
3518 }
dd613945 3519 goto mount_fail_check;
d036f50f
SF		 3520#else /* No DFS support, return error on mount */
3521 rc = -EOPNOTSUPP;
3522#endif
1bfe73c2
IM		 3523 }
3524
9d002df4
JL		 3525 if (rc)
3526 goto mount_fail_check;
3527
3528 /* now, hang the tcon off of the superblock */
3529 tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3530 if (tlink == NULL) {
3531 rc = -ENOMEM;
3532 goto mount_fail_check;
3533 }
3534
b647c35f 3535 tlink->tl_uid = pSesInfo->linux_uid;
9d002df4
JL		 3536 tlink->tl_tcon = tcon;
3537 tlink->tl_time = jiffies;
3538 set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
3539 set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3540
b647c35f 3541 cifs_sb->master_tlink = tlink;
9d002df4 3542 spin_lock(&cifs_sb->tlink_tree_lock);
b647c35f 3543 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
9d002df4 3544 spin_unlock(&cifs_sb->tlink_tree_lock);
413e661c 3545
2de970ff
JL		 3546 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3547 TLINK_IDLE_EXPIRE);
3548
1bfe73c2
IM		 3549mount_fail_check:
3550 /* on error free sesinfo and tcon struct if needed */
3551 if (rc) {
1bfe73c2 3552 /* If find_unc succeeded then rc == 0 so we can not end */
25985edc 3553 /* up accidentally freeing someone elses tcon struct */
1bfe73c2
IM		 3554 if (tcon)
3555 cifs_put_tcon(tcon);
3556 else if (pSesInfo)
3557 cifs_put_smb_ses(pSesInfo);
3558 else
3559 cifs_put_tcp_session(srvTcp);
dd854466 3560 bdi_destroy(&cifs_sb->bdi);
1bfe73c2
IM		 3561 }
3562
70fe7dc0 3563out:
1da177e4
LT		 3564 FreeXid(xid);
3565 return rc;
3566}
3567
8d1bca32
JL		 3568/*
3569 * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
3570 * pointer may be NULL.
3571 */
1da177e4 3572int
96daf2b0
SF		 3573CIFSTCon(unsigned int xid, struct cifs_ses *ses,
3574 const char *tree, struct cifs_tcon *tcon,
1da177e4
LT		 3575 const struct nls_table *nls_codepage)
3576{
3577 struct smb_hdr *smb_buffer;
3578 struct smb_hdr *smb_buffer_response;
3579 TCONX_REQ *pSMB;
3580 TCONX_RSP *pSMBr;
3581 unsigned char *bcc_ptr;
3582 int rc = 0;
690c522f
JL		 3583 int length;
3584 __u16 bytes_left, count;
1da177e4
LT		 3585
3586 if (ses == NULL)
3587 return -EIO;
3588
3589 smb_buffer = cifs_buf_get();
ca43e3be 3590 if (smb_buffer == NULL)
1da177e4 3591 return -ENOMEM;
ca43e3be 3592
1da177e4
LT		 3593 smb_buffer_response = smb_buffer;
3594
3595 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3596 NULL /*no tid */ , 4 /*wct */ );
1982c344
SF		 3597
3598 smb_buffer->Mid = GetNextMid(ses->server);
1da177e4
LT		 3599 smb_buffer->Uid = ses->Suid;
3600 pSMB = (TCONX_REQ *) smb_buffer;
3601 pSMBr = (TCONX_RSP *) smb_buffer_response;
3602
3603 pSMB->AndXCommand = 0xFF;
3604 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
1da177e4 3605 bcc_ptr = &pSMB->Password[0];
8d1bca32 3606 if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
eeac8047 3607 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
7c7b25bc 3608 *bcc_ptr = 0; /* password is null byte */
eeac8047 3609 bcc_ptr++; /* skip password */
7c7b25bc 3610 /* already aligned so no need to do it below */
eeac8047 3611 } else {
540b2e37 3612 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
eeac8047
SF		 3613 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3614 specified as required (when that support is added to
3615 the vfs in the future) as only NTLM or the much
7c7b25bc 3616 weaker LANMAN (which we do not send by default) is accepted
eeac8047
SF		 3617 by Samba (not sure whether other servers allow
3618 NTLMv2 password here) */
7c7b25bc 3619#ifdef CONFIG_CIFS_WEAK_PW_HASH
04912d6a 3620 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
00e485b0 3621 (ses->server->secType == LANMAN))
d3ba50b1 3622 calc_lanman_hash(tcon->password, ses->server->cryptkey,
96daf2b0 3623 ses->server->sec_mode &
4e53a3fb
JL		 3624 SECMODE_PW_ENCRYPT ? true : false,
3625 bcc_ptr);
7c7b25bc
SF		 3626 else
3627#endif /* CIFS_WEAK_PW_HASH */
ee2c9258 3628 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
9ef5992e 3629 bcc_ptr, nls_codepage);
eeac8047 3630
540b2e37 3631 bcc_ptr += CIFS_AUTH_RESP_SIZE;
fb8c4b14 3632 if (ses->capabilities & CAP_UNICODE) {
7c7b25bc
SF		 3633 /* must align unicode strings */
3634 *bcc_ptr = 0; /* null byte password */
3635 bcc_ptr++;
3636 }
eeac8047 3637 }
1da177e4 3638
96daf2b0 3639 if (ses->server->sec_mode &
a878fb22 3640 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
1da177e4
LT		 3641 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3642
3643 if (ses->capabilities & CAP_STATUS32) {
3644 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3645 }
3646 if (ses->capabilities & CAP_DFS) {
3647 smb_buffer->Flags2 |= SMBFLG2_DFS;
3648 }
3649 if (ses->capabilities & CAP_UNICODE) {
3650 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3651 length =
acbbb76a 3652 cifs_strtoUTF16((__le16 *) bcc_ptr, tree,
50c2f753 3653 6 /* max utf8 char length in bytes */ *
a878fb22
SF		 3654 (/* server len*/ + 256 /* share len */), nls_codepage);
3655 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
1da177e4
LT		 3656 bcc_ptr += 2; /* skip trailing null */
3657 } else { /* ASCII */
1da177e4
LT		 3658 strcpy(bcc_ptr, tree);
3659 bcc_ptr += strlen(tree) + 1;
3660 }
3661 strcpy(bcc_ptr, "?????");
3662 bcc_ptr += strlen("?????");
3663 bcc_ptr += 1;
3664 count = bcc_ptr - &pSMB->Password[0];
be8e3b00
SF		 3665 pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
3666 pSMB->hdr.smb_buf_length) + count);
1da177e4
LT		 3667 pSMB->ByteCount = cpu_to_le16(count);
3668
133672ef 3669 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
7749981e 3670 0);
1da177e4 3671
1da177e4
LT		 3672 /* above now done in SendReceive */
3673 if ((rc == 0) && (tcon != NULL)) {
0e0d2cf3
SF		 3674 bool is_unicode;
3675
1da177e4 3676 tcon->tidStatus = CifsGood;
3b795210 3677 tcon->need_reconnect = false;
1da177e4
LT		 3678 tcon->tid = smb_buffer_response->Tid;
3679 bcc_ptr = pByteArea(smb_buffer_response);
690c522f 3680 bytes_left = get_bcc(smb_buffer_response);
cc20c031 3681 length = strnlen(bcc_ptr, bytes_left - 2);
0e0d2cf3
SF		 3682 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3683 is_unicode = true;
3684 else
3685 is_unicode = false;
3686
cc20c031 3687
50c2f753 3688 /* skip service field (NB: this field is always ASCII) */
7f8ed420
SF		 3689 if (length == 3) {
3690 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
3691 (bcc_ptr[2] == 'C')) {
b6b38f70 3692 cFYI(1, "IPC connection");
7f8ed420
SF		 3693 tcon->ipc = 1;
3694 }
3695 } else if (length == 2) {
3696 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
3697 /* the most common case */
b6b38f70 3698 cFYI(1, "disk share connection");
7f8ed420
SF		 3699 }
3700 }
50c2f753 3701 bcc_ptr += length + 1;
cc20c031 3702 bytes_left -= (length + 1);
1da177e4 3703 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
cc20c031
JL		 3704
3705 /* mostly informational -- no need to fail on error here */
90a98b2f 3706 kfree(tcon->nativeFileSystem);
acbbb76a 3707 tcon->nativeFileSystem = cifs_strndup_from_utf16(bcc_ptr,
0e0d2cf3 3708 bytes_left, is_unicode,
cc20c031
JL		 3709 nls_codepage);
3710
b6b38f70 3711 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
cc20c031 3712
fb8c4b14 3713 if ((smb_buffer_response->WordCount == 3) ||
1a4e15a0
SF		 3714 (smb_buffer_response->WordCount == 7))
3715 /* field is in same location */
3979877e
SF		 3716 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3717 else
3718 tcon->Flags = 0;
b6b38f70 3719 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
1da177e4 3720 } else if ((rc == 0) && tcon == NULL) {
50c2f753 3721 /* all we need to save for IPC$ connection */
1da177e4
LT		 3722 ses->ipc_tid = smb_buffer_response->Tid;
3723 }
3724
a8a11d39 3725 cifs_buf_release(smb_buffer);
1da177e4
LT		 3726 return rc;
3727}
3728
2a9b9951
AV		 3729void
3730cifs_umount(struct cifs_sb_info *cifs_sb)
1da177e4 3731{
b647c35f
JL		 3732 struct rb_root *root = &cifs_sb->tlink_tree;
3733 struct rb_node *node;
3734 struct tcon_link *tlink;
9d002df4 3735
2de970ff
JL		 3736 cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
3737
b647c35f
JL		 3738 spin_lock(&cifs_sb->tlink_tree_lock);
3739 while ((node = rb_first(root))) {
3740 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3741 cifs_get_tlink(tlink);
3742 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3743 rb_erase(node, root);
1da177e4 3744
b647c35f
JL		 3745 spin_unlock(&cifs_sb->tlink_tree_lock);
3746 cifs_put_tlink(tlink);
3747 spin_lock(&cifs_sb->tlink_tree_lock);
3748 }
3749 spin_unlock(&cifs_sb->tlink_tree_lock);
50c2f753 3750
dd854466 3751 bdi_destroy(&cifs_sb->bdi);
d757d71b
AV		 3752 kfree(cifs_sb->mountdata);
3753 unload_nls(cifs_sb->local_nls);
3754 kfree(cifs_sb);
50c2f753 3755}
1da177e4 3756
96daf2b0 3757int cifs_negotiate_protocol(unsigned int xid, struct cifs_ses *ses)
1da177e4
LT		 3758{
3759 int rc = 0;
198b5682 3760 struct TCP_Server_Info *server = ses->server;
1da177e4 3761
198b5682
JL		 3762 /* only send once per connect */
3763 if (server->maxBuf != 0)
3764 return 0;
3765
2d86dbc9 3766 cifs_set_credits(server, 1);
198b5682
JL		 3767 rc = CIFSSMBNegotiate(xid, ses);
3768 if (rc == -EAGAIN) {
3769 /* retry only once on 1st time connection */
2d86dbc9 3770 cifs_set_credits(server, 1);
198b5682
JL		 3771 rc = CIFSSMBNegotiate(xid, ses);
3772 if (rc == -EAGAIN)
3773 rc = -EHOSTDOWN;
1da177e4 3774 }
198b5682
JL		 3775 if (rc == 0) {
3776 spin_lock(&GlobalMid_Lock);
7fdbaa1b 3777 if (server->tcpStatus == CifsNeedNegotiate)
198b5682
JL		 3778 server->tcpStatus = CifsGood;
3779 else
3780 rc = -EHOSTDOWN;
3781 spin_unlock(&GlobalMid_Lock);
26b994fa 3782
198b5682
JL		 3783 }
3784
3785 return rc;
3786}
3787
3788
96daf2b0 3789int cifs_setup_session(unsigned int xid, struct cifs_ses *ses,
198b5682
JL		 3790 struct nls_table *nls_info)
3791{
3792 int rc = 0;
3793 struct TCP_Server_Info *server = ses->server;
26b994fa 3794
198b5682
JL		 3795 ses->flags = 0;
3796 ses->capabilities = server->capabilities;
26b994fa 3797 if (linuxExtEnabled == 0)
198b5682 3798 ses->capabilities &= (~CAP_UNIX);
20418acd 3799
b6b38f70 3800 cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
96daf2b0 3801 server->sec_mode, server->capabilities, server->timeAdj);
cb7691b6 3802
198b5682 3803 rc = CIFS_SessSetup(xid, ses, nls_info);
26b994fa 3804 if (rc) {
b6b38f70 3805 cERROR(1, "Send error in SessSetup = %d", rc);
26b994fa 3806 } else {
5d0d2882
SP		 3807 mutex_lock(&ses->server->srv_mutex);
3808 if (!server->session_estab) {
21e73393 3809 server->session_key.response = ses->auth_key.response;
5d0d2882 3810 server->session_key.len = ses->auth_key.len;
21e73393
SP		 3811 server->sequence_number = 0x2;
3812 server->session_estab = true;
3813 ses->auth_key.response = NULL;
5d0d2882
SP		 3814 }
3815 mutex_unlock(&server->srv_mutex);
3816
b6b38f70 3817 cFYI(1, "CIFS Session Established successfully");
20418acd 3818 spin_lock(&GlobalMid_Lock);
198b5682
JL		 3819 ses->status = CifsGood;
3820 ses->need_reconnect = false;
20418acd 3821 spin_unlock(&GlobalMid_Lock);
1da177e4 3822 }
26b994fa 3823
21e73393
SP		 3824 kfree(ses->auth_key.response);
3825 ses->auth_key.response = NULL;
3826 ses->auth_key.len = 0;
d3686d54
SP		 3827 kfree(ses->ntlmssp);
3828 ses->ntlmssp = NULL;
21e73393 3829
1da177e4
LT		 3830 return rc;
3831}
3832
8a8798a5
JL		 3833static int
3834cifs_set_vol_auth(struct smb_vol *vol, struct cifs_ses *ses)
3835{
3836 switch (ses->server->secType) {
3837 case Kerberos:
3838 vol->secFlg = CIFSSEC_MUST_KRB5;
3839 return 0;
3840 case NTLMv2:
3841 vol->secFlg = CIFSSEC_MUST_NTLMV2;
3842 break;
3843 case NTLM:
3844 vol->secFlg = CIFSSEC_MUST_NTLM;
3845 break;
3846 case RawNTLMSSP:
3847 vol->secFlg = CIFSSEC_MUST_NTLMSSP;
3848 break;
3849 case LANMAN:
3850 vol->secFlg = CIFSSEC_MUST_LANMAN;
3851 break;
3852 }
3853
3854 return cifs_set_cifscreds(vol, ses);
3855}
3856
96daf2b0 3857static struct cifs_tcon *
9d002df4
JL		 3858cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
3859{
8a8798a5 3860 int rc;
96daf2b0
SF		 3861 struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
3862 struct cifs_ses *ses;
3863 struct cifs_tcon *tcon = NULL;
9d002df4 3864 struct smb_vol *vol_info;
9d002df4
JL		 3865
3866 vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
803ab977
DC		 3867 if (vol_info == NULL)
3868 return ERR_PTR(-ENOMEM);
9d002df4 3869
9d002df4
JL		 3870 vol_info->local_nls = cifs_sb->local_nls;
3871 vol_info->linux_uid = fsuid;
3872 vol_info->cred_uid = fsuid;
3873 vol_info->UNC = master_tcon->treeName;
3874 vol_info->retry = master_tcon->retry;
3875 vol_info->nocase = master_tcon->nocase;
3876 vol_info->local_lease = master_tcon->local_lease;
3877 vol_info->no_linux_ext = !master_tcon->unix_ext;
3878
8a8798a5
JL		 3879 rc = cifs_set_vol_auth(vol_info, master_tcon->ses);
3880 if (rc) {
3881 tcon = ERR_PTR(rc);
3882 goto out;
3883 }
9d002df4
JL		 3884
3885 /* get a reference for the same TCP session */
3f9bcca7 3886 spin_lock(&cifs_tcp_ses_lock);
9d002df4 3887 ++master_tcon->ses->server->srv_count;
3f9bcca7 3888 spin_unlock(&cifs_tcp_ses_lock);
9d002df4
JL		 3889
3890 ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
3891 if (IS_ERR(ses)) {
96daf2b0 3892 tcon = (struct cifs_tcon *)ses;
9d002df4
JL		 3893 cifs_put_tcp_session(master_tcon->ses->server);
3894 goto out;
3895 }
3896
3897 tcon = cifs_get_tcon(ses, vol_info);
3898 if (IS_ERR(tcon)) {
3899 cifs_put_smb_ses(ses);
3900 goto out;
3901 }
3902
3903 if (ses->capabilities & CAP_UNIX)
3904 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
3905out:
8a8798a5
JL		 3906 kfree(vol_info->username);
3907 kfree(vol_info->password);
9d002df4
JL		 3908 kfree(vol_info);
3909
3910 return tcon;
3911}
3912
96daf2b0 3913struct cifs_tcon *
9d002df4
JL		 3914cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
3915{
3916 return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
3917}
3918
3919static int
3920cifs_sb_tcon_pending_wait(void *unused)
3921{
3922 schedule();
3923 return signal_pending(current) ? -ERESTARTSYS : 0;
3924}
3925
b647c35f
JL		 3926/* find and return a tlink with given uid */
3927static struct tcon_link *
3928tlink_rb_search(struct rb_root *root, uid_t uid)
3929{
3930 struct rb_node *node = root->rb_node;
3931 struct tcon_link *tlink;
3932
3933 while (node) {
3934 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3935
3936 if (tlink->tl_uid > uid)
3937 node = node->rb_left;
3938 else if (tlink->tl_uid < uid)
3939 node = node->rb_right;
3940 else
3941 return tlink;
3942 }
3943 return NULL;
3944}
3945
3946/* insert a tcon_link into the tree */
3947static void
3948tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
3949{
3950 struct rb_node **new = &(root->rb_node), *parent = NULL;
3951 struct tcon_link *tlink;
3952
3953 while (*new) {
3954 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
3955 parent = *new;
3956
3957 if (tlink->tl_uid > new_tlink->tl_uid)
3958 new = &((*new)->rb_left);
3959 else
3960 new = &((*new)->rb_right);
3961 }
3962
3963 rb_link_node(&new_tlink->tl_rbnode, parent, new);
3964 rb_insert_color(&new_tlink->tl_rbnode, root);
3965}
3966
9d002df4
JL		 3967/*
3968 * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
3969 * current task.
3970 *
3971 * If the superblock doesn't refer to a multiuser mount, then just return
3972 * the master tcon for the mount.
3973 *
6ef933a3 3974 * First, search the rbtree for an existing tcon for this fsuid. If one
9d002df4
JL		 3975 * exists, then check to see if it's pending construction. If it is then wait
3976 * for construction to complete. Once it's no longer pending, check to see if
3977 * it failed and either return an error or retry construction, depending on
3978 * the timeout.
3979 *
3980 * If one doesn't exist then insert a new tcon_link struct into the tree and
3981 * try to construct a new one.
3982 */
3983struct tcon_link *
3984cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
3985{
3986 int ret;
b647c35f 3987 uid_t fsuid = current_fsuid();
9d002df4
JL		 3988 struct tcon_link *tlink, *newtlink;
3989
3990 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
3991 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
3992
3993 spin_lock(&cifs_sb->tlink_tree_lock);
b647c35f 3994 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
9d002df4
JL		 3995 if (tlink)
3996 cifs_get_tlink(tlink);
3997 spin_unlock(&cifs_sb->tlink_tree_lock);
3998
3999 if (tlink == NULL) {
4000 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
4001 if (newtlink == NULL)
4002 return ERR_PTR(-ENOMEM);
b647c35f 4003 newtlink->tl_uid = fsuid;
9d002df4
JL		 4004 newtlink->tl_tcon = ERR_PTR(-EACCES);
4005 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
4006 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
4007 cifs_get_tlink(newtlink);
4008
9d002df4
JL		 4009 spin_lock(&cifs_sb->tlink_tree_lock);
4010 /* was one inserted after previous search? */
b647c35f 4011 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
9d002df4
JL		 4012 if (tlink) {
4013 cifs_get_tlink(tlink);
4014 spin_unlock(&cifs_sb->tlink_tree_lock);
9d002df4
JL		 4015 kfree(newtlink);
4016 goto wait_for_construction;
4017 }
9d002df4 4018 tlink = newtlink;
b647c35f
JL		 4019 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
4020 spin_unlock(&cifs_sb->tlink_tree_lock);
9d002df4
JL		 4021 } else {
4022wait_for_construction:
4023 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
4024 cifs_sb_tcon_pending_wait,
4025 TASK_INTERRUPTIBLE);
4026 if (ret) {
4027 cifs_put_tlink(tlink);
4028 return ERR_PTR(ret);
4029 }
4030
4031 /* if it's good, return it */
4032 if (!IS_ERR(tlink->tl_tcon))
4033 return tlink;
4034
4035 /* return error if we tried this already recently */
4036 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
4037 cifs_put_tlink(tlink);
4038 return ERR_PTR(-EACCES);
4039 }
4040
4041 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
4042 goto wait_for_construction;
4043 }
4044
4045 tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
4046 clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
4047 wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
4048
4049 if (IS_ERR(tlink->tl_tcon)) {
4050 cifs_put_tlink(tlink);
4051 return ERR_PTR(-EACCES);
4052 }
4053
4054 return tlink;
4055}
2de970ff
JL		 4056
4057/*
4058 * periodic workqueue job that scans tcon_tree for a superblock and closes
4059 * out tcons.
4060 */
4061static void
4062cifs_prune_tlinks(struct work_struct *work)
4063{
4064 struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
4065 prune_tlinks.work);
b647c35f
JL		 4066 struct rb_root *root = &cifs_sb->tlink_tree;
4067 struct rb_node *node = rb_first(root);
4068 struct rb_node *tmp;
4069 struct tcon_link *tlink;
2de970ff 4070
b647c35f
JL		 4071 /*
4072 * Because we drop the spinlock in the loop in order to put the tlink
4073 * it's not guarded against removal of links from the tree. The only
4074 * places that remove entries from the tree are this function and
4075 * umounts. Because this function is non-reentrant and is canceled
4076 * before umount can proceed, this is safe.
4077 */
4078 spin_lock(&cifs_sb->tlink_tree_lock);
4079 node = rb_first(root);
4080 while (node != NULL) {
4081 tmp = node;
4082 node = rb_next(tmp);
4083 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
4084
4085 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
4086 atomic_read(&tlink->tl_count) != 0 ||
4087 time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
4088 continue;
2de970ff 4089
b647c35f
JL		 4090 cifs_get_tlink(tlink);
4091 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
4092 rb_erase(tmp, root);
4093
4094 spin_unlock(&cifs_sb->tlink_tree_lock);
4095 cifs_put_tlink(tlink);
4096 spin_lock(&cifs_sb->tlink_tree_lock);
4097 }
4098 spin_unlock(&cifs_sb->tlink_tree_lock);
2de970ff
JL		 4099
4100 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
4101 TLINK_IDLE_EXPIRE);
4102}
ubuntu-bionic-kernel mirror