]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blame - fs/cifs/connect.c
projects / mirror_ubuntu-bionic-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
CIFS: Move RFC1002 check to a separate function
[mirror_ubuntu-bionic-kernel.git] / fs / cifs / connect.c
CommitLineData
1da177e4
LT		 1/*
2 * fs/cifs/connect.c
3 *
d185cda7 4 * Copyright (C) International Business Machines Corp., 2002,2009
1da177e4
LT		 5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
fb8c4b14 19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
1da177e4
LT		 20 */
21#include <linux/fs.h>
22#include <linux/net.h>
23#include <linux/string.h>
24#include <linux/list.h>
25#include <linux/wait.h>
5a0e3ad6 26#include <linux/slab.h>
1da177e4
LT		 27#include <linux/pagemap.h>
28#include <linux/ctype.h>
29#include <linux/utsname.h>
30#include <linux/mempool.h>
b8643e1b 31#include <linux/delay.h>
f191401f 32#include <linux/completion.h>
aaf737ad 33#include <linux/kthread.h>
0ae0efad 34#include <linux/pagevec.h>
7dfb7103 35#include <linux/freezer.h>
5c2503a8 36#include <linux/namei.h>
1da177e4
LT		 37#include <asm/uaccess.h>
38#include <asm/processor.h>
50b64e3b 39#include <linux/inet.h>
0e2bedaa 40#include <net/ipv6.h>
1da177e4
LT		 41#include "cifspdu.h"
42#include "cifsglob.h"
43#include "cifsproto.h"
44#include "cifs_unicode.h"
45#include "cifs_debug.h"
46#include "cifs_fs_sb.h"
47#include "ntlmssp.h"
48#include "nterr.h"
49#include "rfc1002pdu.h"
488f1d2d 50#include "fscache.h"
1da177e4
LT		 51
52#define CIFS_PORT 445
53#define RFC1001_PORT 139
54
c74093b6
JL		 55/* SMB echo "timeout" -- FIXME: tunable? */
56#define SMB_ECHO_INTERVAL (60 * HZ)
57
1da177e4
LT		 58extern mempool_t *cifs_req_poolp;
59
2de970ff 60/* FIXME: should these be tunable? */
9d002df4 61#define TLINK_ERROR_EXPIRE (1 * HZ)
2de970ff 62#define TLINK_IDLE_EXPIRE (600 * HZ)
9d002df4 63
a9f1b85e
PS		 64static int ip_connect(struct TCP_Server_Info *server);
65static int generic_ip_connect(struct TCP_Server_Info *server);
b647c35f 66static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
2de970ff 67static void cifs_prune_tlinks(struct work_struct *work);
b9bce2e9
JL		 68static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
69 const char *devname);
1da177e4 70
d5c5605c
JL		 71/*
72 * cifs tcp session reconnection
73 *
74 * mark tcp session as reconnecting so temporarily locked
75 * mark all smb sessions as reconnecting for tcp session
76 * reconnect tcp session
77 * wake up waiters on reconnection? - (not needed currently)
78 */
2cd646a2 79static int
1da177e4
LT		 80cifs_reconnect(struct TCP_Server_Info *server)
81{
82 int rc = 0;
f1987b44 83 struct list_head *tmp, *tmp2;
96daf2b0
SF		 84 struct cifs_ses *ses;
85 struct cifs_tcon *tcon;
fb8c4b14 86 struct mid_q_entry *mid_entry;
3c1105df 87 struct list_head retry_list;
50c2f753 88
1da177e4 89 spin_lock(&GlobalMid_Lock);
469ee614 90 if (server->tcpStatus == CifsExiting) {
fb8c4b14 91 /* the demux thread will exit normally
1da177e4
LT		 92 next time through the loop */
93 spin_unlock(&GlobalMid_Lock);
94 return rc;
95 } else
96 server->tcpStatus = CifsNeedReconnect;
97 spin_unlock(&GlobalMid_Lock);
98 server->maxBuf = 0;
99
b6b38f70 100 cFYI(1, "Reconnecting tcp session");
1da177e4
LT		 101
102 /* before reconnecting the tcp session, mark the smb session (uid)
103 and the tid bad so they are not used until reconnected */
2b84a36c 104 cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
3f9bcca7 105 spin_lock(&cifs_tcp_ses_lock);
14fbf50d 106 list_for_each(tmp, &server->smb_ses_list) {
96daf2b0 107 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
14fbf50d
JL		 108 ses->need_reconnect = true;
109 ses->ipc_tid = 0;
f1987b44 110 list_for_each(tmp2, &ses->tcon_list) {
96daf2b0 111 tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
3b795210 112 tcon->need_reconnect = true;
1da177e4 113 }
1da177e4 114 }
3f9bcca7 115 spin_unlock(&cifs_tcp_ses_lock);
2b84a36c 116
1da177e4 117 /* do not want to be sending data on a socket we are freeing */
2b84a36c 118 cFYI(1, "%s: tearing down socket", __func__);
72ca545b 119 mutex_lock(&server->srv_mutex);
fb8c4b14 120 if (server->ssocket) {
b6b38f70
JP		 121 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
122 server->ssocket->flags);
91cf45f0 123 kernel_sock_shutdown(server->ssocket, SHUT_WR);
b6b38f70 124 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
467a8f8d 125 server->ssocket->state,
b6b38f70 126 server->ssocket->flags);
1da177e4
LT		 127 sock_release(server->ssocket);
128 server->ssocket = NULL;
129 }
5d0d2882
SP		 130 server->sequence_number = 0;
131 server->session_estab = false;
21e73393
SP		 132 kfree(server->session_key.response);
133 server->session_key.response = NULL;
134 server->session_key.len = 0;
fda35943 135 server->lstrp = jiffies;
2b84a36c 136 mutex_unlock(&server->srv_mutex);
1da177e4 137
2b84a36c 138 /* mark submitted MIDs for retry and issue callback */
3c1105df
JL		 139 INIT_LIST_HEAD(&retry_list);
140 cFYI(1, "%s: moving mids to private list", __func__);
1da177e4 141 spin_lock(&GlobalMid_Lock);
2b84a36c
JL		 142 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
143 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
144 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
ad8b15f0 145 mid_entry->midState = MID_RETRY_NEEDED;
3c1105df
JL		 146 list_move(&mid_entry->qhead, &retry_list);
147 }
148 spin_unlock(&GlobalMid_Lock);
149
150 cFYI(1, "%s: issuing mid callbacks", __func__);
151 list_for_each_safe(tmp, tmp2, &retry_list) {
152 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
2b84a36c
JL		 153 list_del_init(&mid_entry->qhead);
154 mid_entry->callback(mid_entry);
1da177e4 155 }
1da177e4 156
7fdbaa1b 157 do {
6c3d8909 158 try_to_freeze();
a9f1b85e
PS		 159
160 /* we should try only the port we connected to before */
161 rc = generic_ip_connect(server);
fb8c4b14 162 if (rc) {
b6b38f70 163 cFYI(1, "reconnect error %d", rc);
0cb766ae 164 msleep(3000);
1da177e4
LT		 165 } else {
166 atomic_inc(&tcpSesReconnectCount);
167 spin_lock(&GlobalMid_Lock);
469ee614 168 if (server->tcpStatus != CifsExiting)
fd88ce93 169 server->tcpStatus = CifsNeedNegotiate;
fb8c4b14 170 spin_unlock(&GlobalMid_Lock);
1da177e4 171 }
7fdbaa1b 172 } while (server->tcpStatus == CifsNeedReconnect);
2b84a36c 173
1da177e4
LT		 174 return rc;
175}
176
fb8c4b14 177/*
e4eb295d
SF		 178 return codes:
179 0 not a transact2, or all data present
180 >0 transact2 with that much data missing
181 -EINVAL = invalid transact2
182
183 */
fb8c4b14 184static int check2ndT2(struct smb_hdr *pSMB, unsigned int maxBufSize)
e4eb295d 185{
fb8c4b14 186 struct smb_t2_rsp *pSMBt;
e4eb295d 187 int remaining;
26ec2548 188 __u16 total_data_size, data_in_this_rsp;
e4eb295d 189
fb8c4b14 190 if (pSMB->Command != SMB_COM_TRANSACTION2)
e4eb295d
SF		 191 return 0;
192
fb8c4b14
SF		 193 /* check for plausible wct, bcc and t2 data and parm sizes */
194 /* check for parm and data offset going beyond end of smb */
195 if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
b6b38f70 196 cFYI(1, "invalid transact2 word count");
e4eb295d
SF		 197 return -EINVAL;
198 }
199
200 pSMBt = (struct smb_t2_rsp *)pSMB;
201
26ec2548
JL		 202 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
203 data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
e4eb295d 204
c0c7b905 205 if (total_data_size == data_in_this_rsp)
e4eb295d 206 return 0;
c0c7b905 207 else if (total_data_size < data_in_this_rsp) {
b6b38f70
JP		 208 cFYI(1, "total data %d smaller than data in frame %d",
209 total_data_size, data_in_this_rsp);
e4eb295d 210 return -EINVAL;
e4eb295d 211 }
c0c7b905
JL		 212
213 remaining = total_data_size - data_in_this_rsp;
214
215 cFYI(1, "missing %d bytes from transact2, check next response",
216 remaining);
217 if (total_data_size > maxBufSize) {
218 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
219 total_data_size, maxBufSize);
220 return -EINVAL;
221 }
222 return remaining;
e4eb295d
SF		 223}
224
fb8c4b14 225static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
e4eb295d
SF		 226{
227 struct smb_t2_rsp *pSMB2 = (struct smb_t2_rsp *)psecond;
228 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
fb8c4b14
SF		 229 char *data_area_of_target;
230 char *data_area_of_buf2;
26ec2548 231 int remaining;
2a2047bc
JL		 232 unsigned int byte_count, total_in_buf;
233 __u16 total_data_size, total_in_buf2;
e4eb295d 234
26ec2548 235 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
e4eb295d 236
26ec2548
JL		 237 if (total_data_size !=
238 get_unaligned_le16(&pSMB2->t2_rsp.TotalDataCount))
b6b38f70 239 cFYI(1, "total data size of primary and secondary t2 differ");
e4eb295d 240
26ec2548 241 total_in_buf = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
e4eb295d
SF		 242
243 remaining = total_data_size - total_in_buf;
50c2f753 244
fb8c4b14 245 if (remaining < 0)
2a2047bc 246 return -EPROTO;
e4eb295d 247
fb8c4b14 248 if (remaining == 0) /* nothing to do, ignore */
e4eb295d 249 return 0;
50c2f753 250
26ec2548 251 total_in_buf2 = get_unaligned_le16(&pSMB2->t2_rsp.DataCount);
fb8c4b14 252 if (remaining < total_in_buf2) {
b6b38f70 253 cFYI(1, "transact2 2nd response contains too much data");
e4eb295d
SF		 254 }
255
256 /* find end of first SMB data area */
fb8c4b14 257 data_area_of_target = (char *)&pSMBt->hdr.Protocol +
26ec2548 258 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
e4eb295d
SF		 259 /* validate target area */
260
26ec2548
JL		 261 data_area_of_buf2 = (char *)&pSMB2->hdr.Protocol +
262 get_unaligned_le16(&pSMB2->t2_rsp.DataOffset);
e4eb295d
SF		 263
264 data_area_of_target += total_in_buf;
265
266 /* copy second buffer into end of first buffer */
e4eb295d 267 total_in_buf += total_in_buf2;
2a2047bc
JL		 268 /* is the result too big for the field? */
269 if (total_in_buf > USHRT_MAX)
270 return -EPROTO;
26ec2548 271 put_unaligned_le16(total_in_buf, &pSMBt->t2_rsp.DataCount);
2a2047bc
JL		 272
273 /* fix up the BCC */
820a803f 274 byte_count = get_bcc(pTargetSMB);
e4eb295d 275 byte_count += total_in_buf2;
2a2047bc
JL		 276 /* is the result too big for the field? */
277 if (byte_count > USHRT_MAX)
278 return -EPROTO;
820a803f 279 put_bcc(byte_count, pTargetSMB);
e4eb295d 280
be8e3b00 281 byte_count = be32_to_cpu(pTargetSMB->smb_buf_length);
e4eb295d 282 byte_count += total_in_buf2;
2a2047bc
JL		 283 /* don't allow buffer to overflow */
284 if (byte_count > CIFSMaxBufSize)
285 return -ENOBUFS;
be8e3b00 286 pTargetSMB->smb_buf_length = cpu_to_be32(byte_count);
e4eb295d 287
2a2047bc
JL		 288 memcpy(data_area_of_target, data_area_of_buf2, total_in_buf2);
289
fb8c4b14 290 if (remaining == total_in_buf2) {
b6b38f70 291 cFYI(1, "found the last secondary response");
e4eb295d
SF		 292 return 0; /* we are done */
293 } else /* more responses to go */
294 return 1;
e4eb295d
SF		 295}
296
c74093b6
JL		 297static void
298cifs_echo_request(struct work_struct *work)
299{
300 int rc;
301 struct TCP_Server_Info *server = container_of(work,
302 struct TCP_Server_Info, echo.work);
303
247ec9b4 304 /*
195291e6
JL		 305 * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
306 * done, which is indicated by maxBuf != 0. Also, no need to ping if
307 * we got a response recently
247ec9b4 308 */
195291e6 309 if (server->maxBuf == 0 ||
247ec9b4 310 time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
c74093b6
JL		 311 goto requeue_echo;
312
313 rc = CIFSSMBEcho(server);
314 if (rc)
315 cFYI(1, "Unable to send echo request to server: %s",
316 server->hostname);
317
318requeue_echo:
319 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
320}
321
3d9c2472
PS		 322static bool
323allocate_buffers(char **bigbuf, char **smallbuf, unsigned int size,
324 bool is_large_buf)
325{
326 char *bbuf = *bigbuf, *sbuf = *smallbuf;
327
328 if (bbuf == NULL) {
329 bbuf = (char *)cifs_buf_get();
330 if (!bbuf) {
331 cERROR(1, "No memory for large SMB response");
332 msleep(3000);
333 /* retry will check if exiting */
334 return false;
335 }
336 } else if (is_large_buf) {
337 /* we are reusing a dirty large buf, clear its start */
338 memset(bbuf, 0, size);
339 }
340
341 if (sbuf == NULL) {
342 sbuf = (char *)cifs_small_buf_get();
343 if (!sbuf) {
344 cERROR(1, "No memory for SMB response");
345 msleep(1000);
346 /* retry will check if exiting */
347 return false;
348 }
349 /* beginning of smb buffer is cleared in our buf_get */
350 } else {
351 /* if existing small buf clear beginning */
352 memset(sbuf, 0, size);
353 }
354
355 *bigbuf = bbuf;
356 *smallbuf = sbuf;
357
358 return true;
359}
360
e7015fb1
PS		 361static int
362read_from_socket(struct TCP_Server_Info *server, struct msghdr *smb_msg,
363 struct kvec *iov, unsigned int to_read,
364 unsigned int *ptotal_read, bool is_header_read)
365{
366 int length, rc = 0;
367 unsigned int total_read;
368 char *buf = iov->iov_base;
369
370 for (total_read = 0; total_read < to_read; total_read += length) {
371 length = kernel_recvmsg(server->ssocket, smb_msg, iov, 1,
372 to_read - total_read, 0);
373 if (server->tcpStatus == CifsExiting) {
374 /* then will exit */
375 rc = 2;
376 break;
377 } else if (server->tcpStatus == CifsNeedReconnect) {
378 cifs_reconnect(server);
379 /* Reconnect wakes up rspns q */
380 /* Now we will reread sock */
381 rc = 1;
382 break;
383 } else if (length == -ERESTARTSYS ||
384 length == -EAGAIN ||
385 length == -EINTR) {
386 /*
387 * Minimum sleep to prevent looping, allowing socket
388 * to clear and app threads to set tcpStatus
389 * CifsNeedReconnect if server hung.
390 */
391 usleep_range(1000, 2000);
392 length = 0;
393 if (!is_header_read)
394 continue;
395 /* Special handling for header read */
396 if (total_read) {
397 iov->iov_base = (to_read - total_read) +
398 buf;
399 iov->iov_len = to_read - total_read;
400 smb_msg->msg_control = NULL;
401 smb_msg->msg_controllen = 0;
402 rc = 3;
403 } else
404 rc = 1;
405 break;
406 } else if (length <= 0) {
407 cERROR(1, "Received no data, expecting %d",
408 to_read - total_read);
409 cifs_reconnect(server);
410 rc = 1;
411 break;
412 }
413 }
414
415 *ptotal_read = total_read;
416 return rc;
417}
418
98bac62c
PS		 419static bool
420check_rfc1002_header(struct TCP_Server_Info *server, char *buf)
421{
422 char temp = *buf;
423 unsigned int pdu_length = be32_to_cpu(
424 ((struct smb_hdr *)buf)->smb_buf_length);
425
426 /*
427 * The first byte big endian of the length field,
428 * is actually not part of the length but the type
429 * with the most common, zero, as regular data.
430 */
431 if (temp == (char) RFC1002_SESSION_KEEP_ALIVE) {
432 return false;
433 } else if (temp == (char)RFC1002_POSITIVE_SESSION_RESPONSE) {
434 cFYI(1, "Good RFC 1002 session rsp");
435 return false;
436 } else if (temp == (char)RFC1002_NEGATIVE_SESSION_RESPONSE) {
437 /*
438 * We get this from Windows 98 instead of an error on
439 * SMB negprot response.
440 */
441 cFYI(1, "Negative RFC1002 Session Response Error 0x%x)",
442 pdu_length);
443 /* give server a second to clean up */
444 msleep(1000);
445 /*
446 * Always try 445 first on reconnect since we get NACK
447 * on some if we ever connected to port 139 (the NACK
448 * is since we do not begin with RFC1001 session
449 * initialize frame).
450 */
451 cifs_set_port((struct sockaddr *)
452 &server->dstaddr, CIFS_PORT);
453 cifs_reconnect(server);
454 wake_up(&server->response_q);
455 return false;
456 } else if (temp != (char) 0) {
457 cERROR(1, "Unknown RFC 1002 frame");
458 cifs_dump_mem(" Received Data: ", buf, 4);
459 cifs_reconnect(server);
460 return false;
461 }
462
463 /* else we have an SMB response */
464 if ((pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) ||
465 (pdu_length < sizeof(struct smb_hdr) - 1 - 4)) {
466 cERROR(1, "Invalid size SMB length %d pdu_length %d",
467 4, pdu_length+4);
468 cifs_reconnect(server);
469 wake_up(&server->response_q);
470 return false;
471 }
472
473 return true;
474}
475
1da177e4 476static int
7c97c200 477cifs_demultiplex_thread(void *p)
1da177e4
LT		 478{
479 int length;
7c97c200 480 struct TCP_Server_Info *server = p;
1da177e4 481 unsigned int pdu_length, total_read;
3d9c2472 482 char *buf = NULL, *bigbuf = NULL, *smallbuf = NULL;
1da177e4
LT		 483 struct smb_hdr *smb_buffer = NULL;
484 struct msghdr smb_msg;
485 struct kvec iov;
2b84a36c 486 struct list_head *tmp, *tmp2;
1da177e4
LT		 487 struct task_struct *task_to_wake = NULL;
488 struct mid_q_entry *mid_entry;
4b18f2a9
SF		 489 bool isLargeBuf = false;
490 bool isMultiRsp;
e7015fb1 491 int rc;
1da177e4 492
1da177e4 493 current->flags |= PF_MEMALLOC;
b6b38f70 494 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
93d0ec85
JL		 495
496 length = atomic_inc_return(&tcpSesAllocCount);
497 if (length > 1)
26f57364
SF		 498 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
499 GFP_KERNEL);
1da177e4 500
83144186 501 set_freezable();
469ee614 502 while (server->tcpStatus != CifsExiting) {
ede1327e
SF		 503 if (try_to_freeze())
504 continue;
b8643e1b 505
3d9c2472
PS		 506 if (!allocate_buffers(&bigbuf, &smallbuf,
507 sizeof(struct smb_hdr), isLargeBuf))
508 continue;
b8643e1b 509
4b18f2a9
SF		 510 isLargeBuf = false;
511 isMultiRsp = false;
3d9c2472
PS		 512 smb_buffer = (struct smb_hdr *)smallbuf;
513 buf = smallbuf;
514 iov.iov_base = buf;
1da177e4
LT		 515 iov.iov_len = 4;
516 smb_msg.msg_control = NULL;
517 smb_msg.msg_controllen = 0;
f01d5e14 518 pdu_length = 4; /* enough to get RFC1001 header */
fda35943 519
f01d5e14 520incomplete_rcv:
fd88ce93 521 if (echo_retries > 0 && server->tcpStatus == CifsGood &&
fda35943
SF		 522 time_after(jiffies, server->lstrp +
523 (echo_retries * SMB_ECHO_INTERVAL))) {
524 cERROR(1, "Server %s has not responded in %d seconds. "
525 "Reconnecting...", server->hostname,
526 (echo_retries * SMB_ECHO_INTERVAL / HZ));
527 cifs_reconnect(server);
fda35943
SF		 528 wake_up(&server->response_q);
529 continue;
530 }
531
e7015fb1
PS		 532 rc = read_from_socket(server, &smb_msg, &iov, pdu_length,
533 &total_read, true /* header read */);
534 if (rc == 3)
535 goto incomplete_rcv;
536 else if (rc == 2)
1da177e4 537 break;
e7015fb1 538 else if (rc == 1)
1da177e4 539 continue;
1da177e4 540
98bac62c
PS		 541 /*
542 * The right amount was read from socket - 4 bytes,
543 * so we can now interpret the length field.
544 */
46810cbf 545
98bac62c
PS		 546 /*
547 * Note that RFC 1001 length is big endian on the wire,
548 * but we convert it here so it is always manipulated
549 * as host byte order.
550 */
be8e3b00 551 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
70ca734a 552
b6b38f70 553 cFYI(1, "rfc1002 length 0x%x", pdu_length+4);
98bac62c 554 if (!check_rfc1002_header(server, buf))
fb8c4b14 555 continue;
e4eb295d
SF		 556
557 /* else length ok */
fb8c4b14 558 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
4b18f2a9 559 isLargeBuf = true;
e4eb295d 560 memcpy(bigbuf, smallbuf, 4);
3d9c2472
PS		 561 smb_buffer = (struct smb_hdr *)bigbuf;
562 buf = bigbuf;
e4eb295d 563 }
e7015fb1 564
3d9c2472 565 iov.iov_base = 4 + buf;
e4eb295d 566 iov.iov_len = pdu_length;
e7015fb1
PS		 567 rc = read_from_socket(server, &smb_msg, &iov, pdu_length,
568 &total_read, false);
569 if (rc == 2)
e4eb295d 570 break;
e7015fb1 571 else if (rc == 1)
e4eb295d 572 continue;
1da177e4 573
9587fcff 574 total_read += 4; /* account for rfc1002 hdr */
50c2f753 575
9587fcff 576 dump_smb(smb_buffer, total_read);
71823baf
JL		 577
578 /*
579 * We know that we received enough to get to the MID as we
580 * checked the pdu_length earlier. Now check to see
581 * if the rest of the header is OK. We borrow the length
582 * var for the rest of the loop to avoid a new stack var.
583 *
584 * 48 bytes is enough to display the header and a little bit
585 * into the payload for debugging purposes.
586 */
587 length = checkSMB(smb_buffer, smb_buffer->Mid, total_read);
588 if (length != 0)
3d9c2472
PS		 589 cifs_dump_mem("Bad SMB: ", buf,
590 min_t(unsigned int, total_read, 48));
1da177e4 591
2b84a36c 592 mid_entry = NULL;
fda35943
SF		 593 server->lstrp = jiffies;
594
e4eb295d 595 spin_lock(&GlobalMid_Lock);
2b84a36c 596 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
e4eb295d
SF		 597 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
598
146f9f65
JL		 599 if (mid_entry->mid != smb_buffer->Mid ||
600 mid_entry->midState != MID_REQUEST_SUBMITTED ||
601 mid_entry->command != smb_buffer->Command) {
602 mid_entry = NULL;
603 continue;
604 }
605
606 if (length == 0 &&
607 check2ndT2(smb_buffer, server->maxBuf) > 0) {
608 /* We have a multipart transact2 resp */
609 isMultiRsp = true;
610 if (mid_entry->resp_buf) {
611 /* merge response - fix up 1st*/
16541ba1
JL		 612 length = coalesce_t2(smb_buffer,
613 mid_entry->resp_buf);
614 if (length > 0) {
615 length = 0;
146f9f65
JL		 616 mid_entry->multiRsp = true;
617 break;
e4eb295d 618 } else {
16541ba1
JL		 619 /* all parts received or
620 * packet is malformed
621 */
146f9f65
JL		 622 mid_entry->multiEnd = true;
623 goto multi_t2_fnd;
624 }
625 } else {
626 if (!isLargeBuf) {
627 /*
628 * FIXME: switch to already
629 * allocated largebuf?
630 */
631 cERROR(1, "1st trans2 resp "
632 "needs bigbuf");
633 } else {
634 /* Have first buffer */
635 mid_entry->resp_buf =
636 smb_buffer;
637 mid_entry->largeBuf = true;
638 bigbuf = NULL;
e4eb295d 639 }
50c2f753 640 }
146f9f65
JL		 641 break;
642 }
643 mid_entry->resp_buf = smb_buffer;
644 mid_entry->largeBuf = isLargeBuf;
e4eb295d 645multi_t2_fnd:
146f9f65
JL		 646 if (length == 0)
647 mid_entry->midState = MID_RESPONSE_RECEIVED;
648 else
649 mid_entry->midState = MID_RESPONSE_MALFORMED;
1047abc1 650#ifdef CONFIG_CIFS_STATS2
146f9f65 651 mid_entry->when_received = jiffies;
1047abc1 652#endif
146f9f65 653 list_del_init(&mid_entry->qhead);
146f9f65 654 break;
1da177e4 655 }
e4eb295d 656 spin_unlock(&GlobalMid_Lock);
2b84a36c
JL		 657
658 if (mid_entry != NULL) {
3c1105df 659 mid_entry->callback(mid_entry);
cd63499c 660 /* Was previous buf put in mpx struct for multi-rsp? */
fb8c4b14 661 if (!isMultiRsp) {
cd63499c 662 /* smb buffer will be freed by user thread */
26f57364 663 if (isLargeBuf)
cd63499c 664 bigbuf = NULL;
26f57364 665 else
cd63499c
SF		 666 smallbuf = NULL;
667 }
71823baf
JL		 668 } else if (length != 0) {
669 /* response sanity checks failed */
670 continue;
4b18f2a9
SF		 671 } else if (!is_valid_oplock_break(smb_buffer, server) &&
672 !isMultiRsp) {
b6b38f70 673 cERROR(1, "No task to wake, unknown frame received! "
8097531a 674 "NumMids %d", atomic_read(&midCount));
3d9c2472 675 cifs_dump_mem("Received Data is: ", buf,
70ca734a 676 sizeof(struct smb_hdr));
3979877e
SF		 677#ifdef CONFIG_CIFS_DEBUG2
678 cifs_dump_detail(smb_buffer);
679 cifs_dump_mids(server);
680#endif /* CIFS_DEBUG2 */
50c2f753 681
e4eb295d
SF		 682 }
683 } /* end while !EXITING */
684
e7ddee90 685 /* take it off the list, if it's not already */
3f9bcca7 686 spin_lock(&cifs_tcp_ses_lock);
e7ddee90 687 list_del_init(&server->tcp_ses_list);
3f9bcca7 688 spin_unlock(&cifs_tcp_ses_lock);
e7ddee90 689
1da177e4
LT		 690 spin_lock(&GlobalMid_Lock);
691 server->tcpStatus = CifsExiting;
e691b9d1 692 spin_unlock(&GlobalMid_Lock);
dbdbb876 693 wake_up_all(&server->response_q);
e691b9d1 694
31ca3bc3
SF		 695 /* check if we have blocked requests that need to free */
696 /* Note that cifs_max_pending is normally 50, but
697 can be set at module install time to as little as two */
e691b9d1 698 spin_lock(&GlobalMid_Lock);
fb8c4b14 699 if (atomic_read(&server->inFlight) >= cifs_max_pending)
31ca3bc3
SF		 700 atomic_set(&server->inFlight, cifs_max_pending - 1);
701 /* We do not want to set the max_pending too low or we
702 could end up with the counter going negative */
1da177e4 703 spin_unlock(&GlobalMid_Lock);
50c2f753 704 /* Although there should not be any requests blocked on
1da177e4 705 this queue it can not hurt to be paranoid and try to wake up requests
09d1db5c 706 that may haven been blocked when more than 50 at time were on the wire
1da177e4
LT		 707 to the same server - they now will see the session is in exit state
708 and get out of SendReceive. */
709 wake_up_all(&server->request_q);
710 /* give those requests time to exit */
b8643e1b 711 msleep(125);
50c2f753 712
fb8c4b14 713 if (server->ssocket) {
e7015fb1 714 sock_release(server->ssocket);
1da177e4
LT		 715 server->ssocket = NULL;
716 }
fd62cb7e 717 /* buffer usually freed in free_mid - need to free it here on exit */
a8a11d39
MK		 718 cifs_buf_release(bigbuf);
719 if (smallbuf) /* no sense logging a debug message if NULL */
b8643e1b 720 cifs_small_buf_release(smallbuf);
1da177e4 721
9d78315b 722 if (!list_empty(&server->pending_mid_q)) {
3c1105df
JL		 723 struct list_head dispose_list;
724
725 INIT_LIST_HEAD(&dispose_list);
1da177e4 726 spin_lock(&GlobalMid_Lock);
2b84a36c 727 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
9d78315b 728 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
3c1105df
JL		 729 cFYI(1, "Clearing mid 0x%x", mid_entry->mid);
730 mid_entry->midState = MID_SHUTDOWN;
731 list_move(&mid_entry->qhead, &dispose_list);
732 }
733 spin_unlock(&GlobalMid_Lock);
734
735 /* now walk dispose list and issue callbacks */
736 list_for_each_safe(tmp, tmp2, &dispose_list) {
737 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
738 cFYI(1, "Callback mid 0x%x", mid_entry->mid);
2b84a36c
JL		 739 list_del_init(&mid_entry->qhead);
740 mid_entry->callback(mid_entry);
1da177e4 741 }
1da177e4 742 /* 1/8th of sec is more than enough time for them to exit */
b8643e1b 743 msleep(125);
1da177e4
LT		 744 }
745
f191401f 746 if (!list_empty(&server->pending_mid_q)) {
50c2f753 747 /* mpx threads have not exited yet give them
1da177e4 748 at least the smb send timeout time for long ops */
31ca3bc3
SF		 749 /* due to delays on oplock break requests, we need
750 to wait at least 45 seconds before giving up
751 on a request getting a response and going ahead
752 and killing cifsd */
b6b38f70 753 cFYI(1, "Wait for exit from demultiplex thread");
31ca3bc3 754 msleep(46000);
1da177e4
LT		 755 /* if threads still have not exited they are probably never
756 coming home not much else we can do but free the memory */
757 }
1da177e4 758
c359cf3c 759 kfree(server->hostname);
b1c8d2b4 760 task_to_wake = xchg(&server->tsk, NULL);
31ca3bc3 761 kfree(server);
93d0ec85
JL		 762
763 length = atomic_dec_return(&tcpSesAllocCount);
26f57364
SF		 764 if (length > 0)
765 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
766 GFP_KERNEL);
50c2f753 767
b1c8d2b4
JL		 768 /* if server->tsk was NULL then wait for a signal before exiting */
769 if (!task_to_wake) {
770 set_current_state(TASK_INTERRUPTIBLE);
771 while (!signal_pending(current)) {
772 schedule();
773 set_current_state(TASK_INTERRUPTIBLE);
774 }
775 set_current_state(TASK_RUNNING);
776 }
777
0468a2cf 778 module_put_and_exit(0);
1da177e4
LT		 779}
780
c359cf3c
JL		 781/* extract the host portion of the UNC string */
782static char *
783extract_hostname(const char *unc)
784{
785 const char *src;
786 char *dst, *delim;
787 unsigned int len;
788
789 /* skip double chars at beginning of string */
790 /* BB: check validity of these bytes? */
791 src = unc + 2;
792
793 /* delimiter between hostname and sharename is always '\\' now */
794 delim = strchr(src, '\\');
795 if (!delim)
796 return ERR_PTR(-EINVAL);
797
798 len = delim - src;
799 dst = kmalloc((len + 1), GFP_KERNEL);
800 if (dst == NULL)
801 return ERR_PTR(-ENOMEM);
802
803 memcpy(dst, src, len);
804 dst[len] = '\0';
805
806 return dst;
807}
808
1da177e4 809static int
b946845a 810cifs_parse_mount_options(const char *mountdata, const char *devname,
50c2f753 811 struct smb_vol *vol)
1da177e4 812{
4906e50b 813 char *value, *data, *end;
957df453 814 char *mountdata_copy = NULL, *options;
1da177e4
LT		 815 unsigned int temp_len, i, j;
816 char separator[2];
9b9d6b24
JL		 817 short int override_uid = -1;
818 short int override_gid = -1;
819 bool uid_specified = false;
820 bool gid_specified = false;
88463999 821 char *nodename = utsname()->nodename;
1da177e4
LT		 822
823 separator[0] = ',';
50c2f753 824 separator[1] = 0;
1da177e4 825
88463999
JL		 826 /*
827 * does not have to be perfect mapping since field is
828 * informational, only used for servers that do not support
829 * port 445 and it can be overridden at mount time
830 */
1397f2ee
JL		 831 memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
832 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
88463999
JL		 833 vol->source_rfc1001_name[i] = toupper(nodename[i]);
834
1397f2ee 835 vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
a10faeb2
SF		 836 /* null target name indicates to use *SMBSERVR default called name
837 if we end up sending RFC1001 session initialize */
838 vol->target_rfc1001_name[0] = 0;
3e4b3e1f
JL		 839 vol->cred_uid = current_uid();
840 vol->linux_uid = current_uid();
a001e5b5 841 vol->linux_gid = current_gid();
f55ed1a8
JL		 842
843 /* default to only allowing write access to owner of the mount */
844 vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1da177e4
LT		 845
846 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
ac67055e
JA		 847 /* default is always to request posix paths. */
848 vol->posix_paths = 1;
a0c9217f
JL		 849 /* default to using server inode numbers where available */
850 vol->server_ino = 1;
ac67055e 851
6d20e840
SJ		 852 vol->actimeo = CIFS_DEF_ACTIMEO;
853
b946845a
SF		 854 if (!mountdata)
855 goto cifs_parse_mount_err;
856
857 mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
858 if (!mountdata_copy)
859 goto cifs_parse_mount_err;
1da177e4 860
b946845a 861 options = mountdata_copy;
4906e50b 862 end = options + strlen(options);
50c2f753 863 if (strncmp(options, "sep=", 4) == 0) {
fb8c4b14 864 if (options[4] != 0) {
1da177e4
LT		 865 separator[0] = options[4];
866 options += 5;
867 } else {
b6b38f70 868 cFYI(1, "Null separator not allowed");
1da177e4
LT		 869 }
870 }
50c2f753 871
1da177e4
LT		 872 while ((data = strsep(&options, separator)) != NULL) {
873 if (!*data)
874 continue;
875 if ((value = strchr(data, '=')) != NULL)
876 *value++ = '\0';
877
50c2f753
SF		 878 /* Have to parse this before we parse for "user" */
879 if (strnicmp(data, "user_xattr", 10) == 0) {
1da177e4 880 vol->no_xattr = 0;
50c2f753 881 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
1da177e4
LT		 882 vol->no_xattr = 1;
883 } else if (strnicmp(data, "user", 4) == 0) {
4b952a9b 884 if (!value) {
1da177e4
LT		 885 printk(KERN_WARNING
886 "CIFS: invalid or missing username\n");
b946845a 887 goto cifs_parse_mount_err;
fb8c4b14 888 } else if (!*value) {
4b952a9b
SF		 889 /* null user, ie anonymous, authentication */
890 vol->nullauth = 1;
1da177e4 891 }
8727c8a8
SF		 892 if (strnlen(value, MAX_USERNAME_SIZE) <
893 MAX_USERNAME_SIZE) {
b946845a
SF		 894 vol->username = kstrdup(value, GFP_KERNEL);
895 if (!vol->username) {
896 printk(KERN_WARNING "CIFS: no memory "
897 "for username\n");
898 goto cifs_parse_mount_err;
899 }
1da177e4
LT		 900 } else {
901 printk(KERN_WARNING "CIFS: username too long\n");
b946845a 902 goto cifs_parse_mount_err;
1da177e4
LT		 903 }
904 } else if (strnicmp(data, "pass", 4) == 0) {
905 if (!value) {
906 vol->password = NULL;
907 continue;
fb8c4b14 908 } else if (value[0] == 0) {
1da177e4
LT		 909 /* check if string begins with double comma
910 since that would mean the password really
911 does start with a comma, and would not
912 indicate an empty string */
fb8c4b14 913 if (value[1] != separator[0]) {
1da177e4
LT		 914 vol->password = NULL;
915 continue;
916 }
917 }
918 temp_len = strlen(value);
919 /* removed password length check, NTLM passwords
920 can be arbitrarily long */
921
50c2f753 922 /* if comma in password, the string will be
1da177e4
LT		 923 prematurely null terminated. Commas in password are
924 specified across the cifs mount interface by a double
925 comma ie ,, and a comma used as in other cases ie ','
926 as a parameter delimiter/separator is single and due
927 to the strsep above is temporarily zeroed. */
928
929 /* NB: password legally can have multiple commas and
930 the only illegal character in a password is null */
931
50c2f753 932 if ((value[temp_len] == 0) &&
4906e50b 933 (value + temp_len < end) &&
09d1db5c 934 (value[temp_len+1] == separator[0])) {
1da177e4
LT		 935 /* reinsert comma */
936 value[temp_len] = separator[0];
50c2f753
SF		 937 temp_len += 2; /* move after second comma */
938 while (value[temp_len] != 0) {
1da177e4 939 if (value[temp_len] == separator[0]) {
50c2f753 940 if (value[temp_len+1] ==
09d1db5c
SF		 941 separator[0]) {
942 /* skip second comma */
943 temp_len++;
50c2f753 944 } else {
1da177e4
LT		 945 /* single comma indicating start
946 of next parm */
947 break;
948 }
949 }
950 temp_len++;
951 }
fb8c4b14 952 if (value[temp_len] == 0) {
1da177e4
LT		 953 options = NULL;
954 } else {
955 value[temp_len] = 0;
956 /* point option to start of next parm */
957 options = value + temp_len + 1;
958 }
50c2f753 959 /* go from value to value + temp_len condensing
1da177e4
LT		 960 double commas to singles. Note that this ends up
961 allocating a few bytes too many, which is ok */
e915fc49 962 vol->password = kzalloc(temp_len, GFP_KERNEL);
fb8c4b14 963 if (vol->password == NULL) {
50c2f753
SF		 964 printk(KERN_WARNING "CIFS: no memory "
965 "for password\n");
b946845a 966 goto cifs_parse_mount_err;
433dc24f 967 }
50c2f753 968 for (i = 0, j = 0; i < temp_len; i++, j++) {
1da177e4 969 vol->password[j] = value[i];
fb8c4b14 970 if (value[i] == separator[0]
09d1db5c 971 && value[i+1] == separator[0]) {
1da177e4
LT		 972 /* skip second comma */
973 i++;
974 }
975 }
976 vol->password[j] = 0;
977 } else {
e915fc49 978 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
fb8c4b14 979 if (vol->password == NULL) {
50c2f753
SF		 980 printk(KERN_WARNING "CIFS: no memory "
981 "for password\n");
b946845a 982 goto cifs_parse_mount_err;
433dc24f 983 }
1da177e4
LT		 984 strcpy(vol->password, value);
985 }
58f7f68f
JL		 986 } else if (!strnicmp(data, "ip", 2) ||
987 !strnicmp(data, "addr", 4)) {
1da177e4
LT		 988 if (!value || !*value) {
989 vol->UNCip = NULL;
50b64e3b
JL		 990 } else if (strnlen(value, INET6_ADDRSTRLEN) <
991 INET6_ADDRSTRLEN) {
b946845a
SF		 992 vol->UNCip = kstrdup(value, GFP_KERNEL);
993 if (!vol->UNCip) {
994 printk(KERN_WARNING "CIFS: no memory "
995 "for UNC IP\n");
996 goto cifs_parse_mount_err;
997 }
1da177e4 998 } else {
50c2f753
SF		 999 printk(KERN_WARNING "CIFS: ip address "
1000 "too long\n");
b946845a 1001 goto cifs_parse_mount_err;
1da177e4 1002 }
50c2f753
SF		 1003 } else if (strnicmp(data, "sec", 3) == 0) {
1004 if (!value || !*value) {
b6b38f70 1005 cERROR(1, "no security value specified");
50c2f753
SF		 1006 continue;
1007 } else if (strnicmp(value, "krb5i", 5) == 0) {
1008 vol->secFlg |= CIFSSEC_MAY_KRB5 |
189acaae 1009 CIFSSEC_MUST_SIGN;
bf820679 1010 } else if (strnicmp(value, "krb5p", 5) == 0) {
50c2f753
SF		 1011 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
1012 CIFSSEC_MAY_KRB5; */
b6b38f70 1013 cERROR(1, "Krb5 cifs privacy not supported");
b946845a 1014 goto cifs_parse_mount_err;
bf820679 1015 } else if (strnicmp(value, "krb5", 4) == 0) {
750d1151 1016 vol->secFlg |= CIFSSEC_MAY_KRB5;
ac683924
SF		 1017 } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
1018 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
1019 CIFSSEC_MUST_SIGN;
1020 } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1021 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
bf820679 1022 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
750d1151 1023 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
189acaae 1024 CIFSSEC_MUST_SIGN;
bf820679 1025 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
750d1151 1026 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
bf820679 1027 } else if (strnicmp(value, "ntlmi", 5) == 0) {
750d1151 1028 vol->secFlg |= CIFSSEC_MAY_NTLM |
189acaae 1029 CIFSSEC_MUST_SIGN;
bf820679
SF		 1030 } else if (strnicmp(value, "ntlm", 4) == 0) {
1031 /* ntlm is default so can be turned off too */
750d1151 1032 vol->secFlg |= CIFSSEC_MAY_NTLM;
bf820679 1033 } else if (strnicmp(value, "nontlm", 6) == 0) {
189acaae 1034 /* BB is there a better way to do this? */
750d1151 1035 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
189acaae
SF		 1036#ifdef CONFIG_CIFS_WEAK_PW_HASH
1037 } else if (strnicmp(value, "lanman", 6) == 0) {
50c2f753 1038 vol->secFlg |= CIFSSEC_MAY_LANMAN;
189acaae 1039#endif
bf820679 1040 } else if (strnicmp(value, "none", 4) == 0) {
189acaae 1041 vol->nullauth = 1;
50c2f753 1042 } else {
b6b38f70 1043 cERROR(1, "bad security option: %s", value);
b946845a 1044 goto cifs_parse_mount_err;
50c2f753 1045 }
1cb06d0b
SF		 1046 } else if (strnicmp(data, "vers", 3) == 0) {
1047 if (!value || !*value) {
1048 cERROR(1, "no protocol version specified"
1049 " after vers= mount option");
1050 } else if ((strnicmp(value, "cifs", 4) == 0) ||
1051 (strnicmp(value, "1", 1) == 0)) {
1052 /* this is the default */
1053 continue;
1cb06d0b 1054 }
1da177e4
LT		 1055 } else if ((strnicmp(data, "unc", 3) == 0)
1056 || (strnicmp(data, "target", 6) == 0)
1057 || (strnicmp(data, "path", 4) == 0)) {
1058 if (!value || !*value) {
50c2f753
SF		 1059 printk(KERN_WARNING "CIFS: invalid path to "
1060 "network resource\n");
b946845a 1061 goto cifs_parse_mount_err;
1da177e4
LT		 1062 }
1063 if ((temp_len = strnlen(value, 300)) < 300) {
50c2f753 1064 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
4523cc30 1065 if (vol->UNC == NULL)
b946845a 1066 goto cifs_parse_mount_err;
50c2f753 1067 strcpy(vol->UNC, value);
1da177e4
LT		 1068 if (strncmp(vol->UNC, "//", 2) == 0) {
1069 vol->UNC[0] = '\\';
1070 vol->UNC[1] = '\\';
50c2f753 1071 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1da177e4 1072 printk(KERN_WARNING
50c2f753
SF		 1073 "CIFS: UNC Path does not begin "
1074 "with // or \\\\ \n");
b946845a 1075 goto cifs_parse_mount_err;
1da177e4
LT		 1076 }
1077 } else {
1078 printk(KERN_WARNING "CIFS: UNC name too long\n");
b946845a 1079 goto cifs_parse_mount_err;
1da177e4
LT		 1080 }
1081 } else if ((strnicmp(data, "domain", 3) == 0)
1082 || (strnicmp(data, "workgroup", 5) == 0)) {
1083 if (!value || !*value) {
1084 printk(KERN_WARNING "CIFS: invalid domain name\n");
b946845a 1085 goto cifs_parse_mount_err;
1da177e4
LT		 1086 }
1087 /* BB are there cases in which a comma can be valid in
1088 a domain name and need special handling? */
3979877e 1089 if (strnlen(value, 256) < 256) {
b946845a
SF		 1090 vol->domainname = kstrdup(value, GFP_KERNEL);
1091 if (!vol->domainname) {
1092 printk(KERN_WARNING "CIFS: no memory "
1093 "for domainname\n");
1094 goto cifs_parse_mount_err;
1095 }
b6b38f70 1096 cFYI(1, "Domain name set");
1da177e4 1097 } else {
50c2f753
SF		 1098 printk(KERN_WARNING "CIFS: domain name too "
1099 "long\n");
b946845a 1100 goto cifs_parse_mount_err;
1da177e4 1101 }
3eb9a889
BG		 1102 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1103 vol->srcaddr.ss_family = AF_UNSPEC;
1104
1105 if (!value || !*value) {
1106 printk(KERN_WARNING "CIFS: srcaddr value"
1107 " not specified.\n");
b946845a 1108 goto cifs_parse_mount_err;
3eb9a889
BG		 1109 }
1110 i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1111 value, strlen(value));
b235f371 1112 if (i == 0) {
3eb9a889
BG		 1113 printk(KERN_WARNING "CIFS: Could not parse"
1114 " srcaddr: %s\n",
1115 value);
b946845a 1116 goto cifs_parse_mount_err;
3eb9a889 1117 }
50c2f753
SF		 1118 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1119 if (!value || !*value) {
1120 printk(KERN_WARNING
1121 "CIFS: invalid path prefix\n");
b946845a 1122 goto cifs_parse_mount_err;
50c2f753
SF		 1123 }
1124 if ((temp_len = strnlen(value, 1024)) < 1024) {
4523cc30 1125 if (value[0] != '/')
2fe87f02 1126 temp_len++; /* missing leading slash */
50c2f753
SF		 1127 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1128 if (vol->prepath == NULL)
b946845a 1129 goto cifs_parse_mount_err;
4523cc30 1130 if (value[0] != '/') {
2fe87f02 1131 vol->prepath[0] = '/';
50c2f753 1132 strcpy(vol->prepath+1, value);
2fe87f02 1133 } else
50c2f753 1134 strcpy(vol->prepath, value);
b6b38f70 1135 cFYI(1, "prefix path %s", vol->prepath);
50c2f753
SF		 1136 } else {
1137 printk(KERN_WARNING "CIFS: prefix too long\n");
b946845a 1138 goto cifs_parse_mount_err;
50c2f753 1139 }
1da177e4
LT		 1140 } else if (strnicmp(data, "iocharset", 9) == 0) {
1141 if (!value || !*value) {
63135e08
SF		 1142 printk(KERN_WARNING "CIFS: invalid iocharset "
1143 "specified\n");
b946845a 1144 goto cifs_parse_mount_err;
1da177e4
LT		 1145 }
1146 if (strnlen(value, 65) < 65) {
b946845a
SF		 1147 if (strnicmp(value, "default", 7)) {
1148 vol->iocharset = kstrdup(value,
1149 GFP_KERNEL);
1150
1151 if (!vol->iocharset) {
1152 printk(KERN_WARNING "CIFS: no "
1153 "memory for"
1154 "charset\n");
1155 goto cifs_parse_mount_err;
1156 }
1157 }
50c2f753
SF		 1158 /* if iocharset not set then load_nls_default
1159 is used by caller */
b6b38f70 1160 cFYI(1, "iocharset set to %s", value);
1da177e4 1161 } else {
63135e08
SF		 1162 printk(KERN_WARNING "CIFS: iocharset name "
1163 "too long.\n");
b946845a 1164 goto cifs_parse_mount_err;
1da177e4 1165 }
9b9d6b24
JL		 1166 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1167 vol->linux_uid = simple_strtoul(value, &value, 0);
1168 uid_specified = true;
bd763319
JL		 1169 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1170 vol->cred_uid = simple_strtoul(value, &value, 0);
9b9d6b24
JL		 1171 } else if (!strnicmp(data, "forceuid", 8)) {
1172 override_uid = 1;
1173 } else if (!strnicmp(data, "noforceuid", 10)) {
1174 override_uid = 0;
1175 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1176 vol->linux_gid = simple_strtoul(value, &value, 0);
1177 gid_specified = true;
1178 } else if (!strnicmp(data, "forcegid", 8)) {
1179 override_gid = 1;
1180 } else if (!strnicmp(data, "noforcegid", 10)) {
1181 override_gid = 0;
1da177e4
LT		 1182 } else if (strnicmp(data, "file_mode", 4) == 0) {
1183 if (value && *value) {
1184 vol->file_mode =
1185 simple_strtoul(value, &value, 0);
1186 }
1187 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1188 if (value && *value) {
1189 vol->dir_mode =
1190 simple_strtoul(value, &value, 0);
1191 }
1192 } else if (strnicmp(data, "dirmode", 4) == 0) {
1193 if (value && *value) {
1194 vol->dir_mode =
1195 simple_strtoul(value, &value, 0);
1196 }
1197 } else if (strnicmp(data, "port", 4) == 0) {
1198 if (value && *value) {
1199 vol->port =
1200 simple_strtoul(value, &value, 0);
1201 }
1202 } else if (strnicmp(data, "rsize", 5) == 0) {
1203 if (value && *value) {
1204 vol->rsize =
1205 simple_strtoul(value, &value, 0);
1206 }
1207 } else if (strnicmp(data, "wsize", 5) == 0) {
1208 if (value && *value) {
1209 vol->wsize =
1210 simple_strtoul(value, &value, 0);
1211 }
1212 } else if (strnicmp(data, "sockopt", 5) == 0) {
6a5fa236 1213 if (!value || !*value) {
b6b38f70 1214 cERROR(1, "no socket option specified");
6a5fa236
SF		 1215 continue;
1216 } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1217 vol->sockopt_tcp_nodelay = 1;
1da177e4
LT		 1218 }
1219 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1220 if (!value || !*value || (*value == ' ')) {
b6b38f70 1221 cFYI(1, "invalid (empty) netbiosname");
1da177e4 1222 } else {
1397f2ee
JL		 1223 memset(vol->source_rfc1001_name, 0x20,
1224 RFC1001_NAME_LEN);
1225 /*
1226 * FIXME: are there cases in which a comma can
1227 * be valid in workstation netbios name (and
1228 * need special handling)?
1229 */
1230 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1231 /* don't ucase netbiosname for user */
50c2f753 1232 if (value[i] == 0)
1da177e4 1233 break;
1397f2ee 1234 vol->source_rfc1001_name[i] = value[i];
1da177e4
LT		 1235 }
1236 /* The string has 16th byte zero still from
1237 set at top of the function */
1397f2ee 1238 if (i == RFC1001_NAME_LEN && value[i] != 0)
50c2f753
SF		 1239 printk(KERN_WARNING "CIFS: netbiosname"
1240 " longer than 15 truncated.\n");
a10faeb2
SF		 1241 }
1242 } else if (strnicmp(data, "servern", 7) == 0) {
1243 /* servernetbiosname specified override *SMBSERVER */
1244 if (!value || !*value || (*value == ' ')) {
b6b38f70 1245 cFYI(1, "empty server netbiosname specified");
a10faeb2
SF		 1246 } else {
1247 /* last byte, type, is 0x20 for servr type */
1397f2ee
JL		 1248 memset(vol->target_rfc1001_name, 0x20,
1249 RFC1001_NAME_LEN_WITH_NULL);
a10faeb2 1250
50c2f753 1251 for (i = 0; i < 15; i++) {
a10faeb2 1252 /* BB are there cases in which a comma can be
50c2f753
SF		 1253 valid in this workstation netbios name
1254 (and need special handling)? */
a10faeb2 1255
50c2f753
SF		 1256 /* user or mount helper must uppercase
1257 the netbiosname */
1258 if (value[i] == 0)
a10faeb2
SF		 1259 break;
1260 else
50c2f753
SF		 1261 vol->target_rfc1001_name[i] =
1262 value[i];
a10faeb2
SF		 1263 }
1264 /* The string has 16th byte zero still from
1265 set at top of the function */
1397f2ee 1266 if (i == RFC1001_NAME_LEN && value[i] != 0)
50c2f753
SF		 1267 printk(KERN_WARNING "CIFS: server net"
1268 "biosname longer than 15 truncated.\n");
1da177e4 1269 }
6d20e840
SJ		 1270 } else if (strnicmp(data, "actimeo", 7) == 0) {
1271 if (value && *value) {
1272 vol->actimeo = HZ * simple_strtoul(value,
1273 &value, 0);
1274 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1275 cERROR(1, "CIFS: attribute cache"
1276 "timeout too large");
b946845a 1277 goto cifs_parse_mount_err;
6d20e840
SJ		 1278 }
1279 }
1da177e4
LT		 1280 } else if (strnicmp(data, "credentials", 4) == 0) {
1281 /* ignore */
1282 } else if (strnicmp(data, "version", 3) == 0) {
1283 /* ignore */
50c2f753 1284 } else if (strnicmp(data, "guest", 5) == 0) {
1da177e4 1285 /* ignore */
71a394fa
SF		 1286 } else if (strnicmp(data, "rw", 2) == 0) {
1287 /* ignore */
1288 } else if (strnicmp(data, "ro", 2) == 0) {
1289 /* ignore */
edf1ae40
SF		 1290 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1291 vol->noblocksnd = 1;
1292 } else if (strnicmp(data, "noautotune", 10) == 0) {
1293 vol->noautotune = 1;
1da177e4
LT		 1294 } else if ((strnicmp(data, "suid", 4) == 0) ||
1295 (strnicmp(data, "nosuid", 6) == 0) ||
1296 (strnicmp(data, "exec", 4) == 0) ||
1297 (strnicmp(data, "noexec", 6) == 0) ||
1298 (strnicmp(data, "nodev", 5) == 0) ||
1299 (strnicmp(data, "noauto", 6) == 0) ||
1300 (strnicmp(data, "dev", 3) == 0)) {
1301 /* The mount tool or mount.cifs helper (if present)
50c2f753
SF		 1302 uses these opts to set flags, and the flags are read
1303 by the kernel vfs layer before we get here (ie
1304 before read super) so there is no point trying to
1305 parse these options again and set anything and it
1306 is ok to just ignore them */
1da177e4 1307 continue;
1da177e4
LT		 1308 } else if (strnicmp(data, "hard", 4) == 0) {
1309 vol->retry = 1;
1310 } else if (strnicmp(data, "soft", 4) == 0) {
1311 vol->retry = 0;
1312 } else if (strnicmp(data, "perm", 4) == 0) {
1313 vol->noperm = 0;
1314 } else if (strnicmp(data, "noperm", 6) == 0) {
1315 vol->noperm = 1;
6a0b4824
SF		 1316 } else if (strnicmp(data, "mapchars", 8) == 0) {
1317 vol->remap = 1;
1318 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1319 vol->remap = 0;
50c2f753
SF		 1320 } else if (strnicmp(data, "sfu", 3) == 0) {
1321 vol->sfu_emul = 1;
1322 } else if (strnicmp(data, "nosfu", 5) == 0) {
1323 vol->sfu_emul = 0;
2c1b8615
SF		 1324 } else if (strnicmp(data, "nodfs", 5) == 0) {
1325 vol->nodfs = 1;
ac67055e
JA		 1326 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1327 vol->posix_paths = 1;
1328 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1329 vol->posix_paths = 0;
c18c842b
SF		 1330 } else if (strnicmp(data, "nounix", 6) == 0) {
1331 vol->no_linux_ext = 1;
1332 } else if (strnicmp(data, "nolinux", 7) == 0) {
1333 vol->no_linux_ext = 1;
50c2f753 1334 } else if ((strnicmp(data, "nocase", 6) == 0) ||
a10faeb2 1335 (strnicmp(data, "ignorecase", 10) == 0)) {
50c2f753 1336 vol->nocase = 1;
f636a348
JL		 1337 } else if (strnicmp(data, "mand", 4) == 0) {
1338 /* ignore */
1339 } else if (strnicmp(data, "nomand", 6) == 0) {
1340 /* ignore */
1341 } else if (strnicmp(data, "_netdev", 7) == 0) {
1342 /* ignore */
c46fa8ac
SF		 1343 } else if (strnicmp(data, "brl", 3) == 0) {
1344 vol->nobrl = 0;
50c2f753 1345 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1c955187 1346 (strnicmp(data, "nolock", 6) == 0)) {
c46fa8ac 1347 vol->nobrl = 1;
d3485d37
SF		 1348 /* turn off mandatory locking in mode
1349 if remote locking is turned off since the
1350 local vfs will do advisory */
50c2f753
SF		 1351 if (vol->file_mode ==
1352 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
d3485d37 1353 vol->file_mode = S_IALLUGO;
13a6e42a
SF		 1354 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1355 /* will take the shorter form "forcemand" as well */
1356 /* This mount option will force use of mandatory
1357 (DOS/Windows style) byte range locks, instead of
1358 using posix advisory byte range locks, even if the
1359 Unix extensions are available and posix locks would
1360 be supported otherwise. If Unix extensions are not
1361 negotiated this has no effect since mandatory locks
1362 would be used (mandatory locks is all that those
1363 those servers support) */
1364 vol->mand_lock = 1;
1da177e4
LT		 1365 } else if (strnicmp(data, "setuids", 7) == 0) {
1366 vol->setuids = 1;
1367 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1368 vol->setuids = 0;
d0a9c078
JL		 1369 } else if (strnicmp(data, "dynperm", 7) == 0) {
1370 vol->dynperm = true;
1371 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1372 vol->dynperm = false;
1da177e4
LT		 1373 } else if (strnicmp(data, "nohard", 6) == 0) {
1374 vol->retry = 0;
1375 } else if (strnicmp(data, "nosoft", 6) == 0) {
1376 vol->retry = 1;
1377 } else if (strnicmp(data, "nointr", 6) == 0) {
1378 vol->intr = 0;
1379 } else if (strnicmp(data, "intr", 4) == 0) {
1380 vol->intr = 1;
be652445
SF		 1381 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1382 vol->nostrictsync = 1;
1383 } else if (strnicmp(data, "strictsync", 10) == 0) {
1384 vol->nostrictsync = 0;
50c2f753 1385 } else if (strnicmp(data, "serverino", 7) == 0) {
1da177e4 1386 vol->server_ino = 1;
50c2f753 1387 } else if (strnicmp(data, "noserverino", 9) == 0) {
1da177e4 1388 vol->server_ino = 0;
d4ffff1f
PS		 1389 } else if (strnicmp(data, "rwpidforward", 4) == 0) {
1390 vol->rwpidforward = 1;
50c2f753 1391 } else if (strnicmp(data, "cifsacl", 7) == 0) {
0a4b92c0
SF		 1392 vol->cifs_acl = 1;
1393 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1394 vol->cifs_acl = 0;
50c2f753 1395 } else if (strnicmp(data, "acl", 3) == 0) {
1da177e4 1396 vol->no_psx_acl = 0;
50c2f753 1397 } else if (strnicmp(data, "noacl", 5) == 0) {
1da177e4 1398 vol->no_psx_acl = 1;
84210e91
SF		 1399 } else if (strnicmp(data, "locallease", 6) == 0) {
1400 vol->local_lease = 1;
50c2f753 1401 } else if (strnicmp(data, "sign", 4) == 0) {
750d1151 1402 vol->secFlg |= CIFSSEC_MUST_SIGN;
95b1cb90
SF		 1403 } else if (strnicmp(data, "seal", 4) == 0) {
1404 /* we do not do the following in secFlags because seal
1405 is a per tree connection (mount) not a per socket
1406 or per-smb connection option in the protocol */
1407 /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1408 vol->seal = 1;
50c2f753 1409 } else if (strnicmp(data, "direct", 6) == 0) {
1da177e4 1410 vol->direct_io = 1;
50c2f753 1411 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1da177e4 1412 vol->direct_io = 1;
d39454ff
PS		 1413 } else if (strnicmp(data, "strictcache", 11) == 0) {
1414 vol->strict_io = 1;
1da177e4 1415 } else if (strnicmp(data, "noac", 4) == 0) {
50c2f753
SF		 1416 printk(KERN_WARNING "CIFS: Mount option noac not "
1417 "supported. Instead set "
1418 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
fa1df75d 1419 } else if (strnicmp(data, "fsc", 3) == 0) {
607a569d 1420#ifndef CONFIG_CIFS_FSCACHE
83fb086e 1421 cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
607a569d 1422 "kernel config option set");
b946845a 1423 goto cifs_parse_mount_err;
607a569d 1424#endif
fa1df75d 1425 vol->fsc = true;
736a3320
SM		 1426 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1427 vol->mfsymlinks = true;
0eb8a132
JL		 1428 } else if (strnicmp(data, "multiuser", 8) == 0) {
1429 vol->multiuser = true;
1da177e4 1430 } else
50c2f753
SF		 1431 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1432 data);
1da177e4
LT		 1433 }
1434 if (vol->UNC == NULL) {
4523cc30 1435 if (devname == NULL) {
50c2f753
SF		 1436 printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1437 "target\n");
b946845a 1438 goto cifs_parse_mount_err;
1da177e4
LT		 1439 }
1440 if ((temp_len = strnlen(devname, 300)) < 300) {
50c2f753 1441 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
4523cc30 1442 if (vol->UNC == NULL)
b946845a 1443 goto cifs_parse_mount_err;
50c2f753 1444 strcpy(vol->UNC, devname);
1da177e4
LT		 1445 if (strncmp(vol->UNC, "//", 2) == 0) {
1446 vol->UNC[0] = '\\';
1447 vol->UNC[1] = '\\';
1448 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
50c2f753
SF		 1449 printk(KERN_WARNING "CIFS: UNC Path does not "
1450 "begin with // or \\\\ \n");
b946845a 1451 goto cifs_parse_mount_err;
1da177e4 1452 }
7c5e628f
IM		 1453 value = strpbrk(vol->UNC+2, "/\\");
1454 if (value)
1455 *value = '\\';
1da177e4
LT		 1456 } else {
1457 printk(KERN_WARNING "CIFS: UNC name too long\n");
b946845a 1458 goto cifs_parse_mount_err;
1da177e4
LT		 1459 }
1460 }
0eb8a132
JL		 1461
1462 if (vol->multiuser && !(vol->secFlg & CIFSSEC_MAY_KRB5)) {
1463 cERROR(1, "Multiuser mounts currently require krb5 "
1464 "authentication!");
b946845a 1465 goto cifs_parse_mount_err;
0eb8a132
JL		 1466 }
1467
fb8c4b14 1468 if (vol->UNCip == NULL)
1da177e4
LT		 1469 vol->UNCip = &vol->UNC[2];
1470
9b9d6b24
JL		 1471 if (uid_specified)
1472 vol->override_uid = override_uid;
1473 else if (override_uid == 1)
1474 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1475 "specified with no uid= option.\n");
1476
1477 if (gid_specified)
1478 vol->override_gid = override_gid;
1479 else if (override_gid == 1)
1480 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1481 "specified with no gid= option.\n");
1482
b946845a 1483 kfree(mountdata_copy);
1da177e4 1484 return 0;
b946845a
SF		 1485
1486cifs_parse_mount_err:
1487 kfree(mountdata_copy);
1488 return 1;
1da177e4
LT		 1489}
1490
3eb9a889
BG		 1491/** Returns true if srcaddr isn't specified and rhs isn't
1492 * specified, or if srcaddr is specified and
1493 * matches the IP address of the rhs argument.
1494 */
1495static bool
1496srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1497{
1498 switch (srcaddr->sa_family) {
1499 case AF_UNSPEC:
1500 return (rhs->sa_family == AF_UNSPEC);
1501 case AF_INET: {
1502 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1503 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1504 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1505 }
1506 case AF_INET6: {
1507 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1508 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1509 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1510 }
1511 default:
1512 WARN_ON(1);
1513 return false; /* don't expect to be here */
1514 }
1515}
1516
4b886136
PS		 1517/*
1518 * If no port is specified in addr structure, we try to match with 445 port
1519 * and if it fails - with 139 ports. It should be called only if address
1520 * families of server and addr are equal.
1521 */
1522static bool
1523match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1524{
6da97910 1525 __be16 port, *sport;
4b886136
PS		 1526
1527 switch (addr->sa_family) {
1528 case AF_INET:
1529 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1530 port = ((struct sockaddr_in *) addr)->sin_port;
1531 break;
1532 case AF_INET6:
1533 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1534 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1535 break;
1536 default:
1537 WARN_ON(1);
1538 return false;
1539 }
1540
1541 if (!port) {
1542 port = htons(CIFS_PORT);
1543 if (port == *sport)
1544 return true;
1545
1546 port = htons(RFC1001_PORT);
1547 }
1548
1549 return port == *sport;
1550}
3eb9a889 1551
4515148e 1552static bool
3eb9a889
BG		 1553match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1554 struct sockaddr *srcaddr)
4515148e 1555{
4515148e 1556 switch (addr->sa_family) {
a9f1b85e
PS		 1557 case AF_INET: {
1558 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1559 struct sockaddr_in *srv_addr4 =
1560 (struct sockaddr_in *)&server->dstaddr;
1561
1562 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
4515148e 1563 return false;
4515148e 1564 break;
a9f1b85e
PS		 1565 }
1566 case AF_INET6: {
1567 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1568 struct sockaddr_in6 *srv_addr6 =
1569 (struct sockaddr_in6 *)&server->dstaddr;
1570
4515148e 1571 if (!ipv6_addr_equal(&addr6->sin6_addr,
a9f1b85e 1572 &srv_addr6->sin6_addr))
4515148e 1573 return false;
a9f1b85e 1574 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
4515148e 1575 return false;
4515148e
JL		 1576 break;
1577 }
a9f1b85e
PS		 1578 default:
1579 WARN_ON(1);
1580 return false; /* don't expect to be here */
1581 }
4515148e 1582
3eb9a889
BG		 1583 if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1584 return false;
1585
4515148e
JL		 1586 return true;
1587}
1588
daf5b0b6
JL		 1589static bool
1590match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1591{
1592 unsigned int secFlags;
1593
1594 if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1595 secFlags = vol->secFlg;
1596 else
1597 secFlags = global_secflags | vol->secFlg;
1598
1599 switch (server->secType) {
1600 case LANMAN:
1601 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1602 return false;
1603 break;
1604 case NTLMv2:
1605 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1606 return false;
1607 break;
1608 case NTLM:
1609 if (!(secFlags & CIFSSEC_MAY_NTLM))
1610 return false;
1611 break;
1612 case Kerberos:
1613 if (!(secFlags & CIFSSEC_MAY_KRB5))
1614 return false;
1615 break;
1616 case RawNTLMSSP:
1617 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1618 return false;
1619 break;
1620 default:
1621 /* shouldn't happen */
1622 return false;
1623 }
1624
25985edc 1625 /* now check if signing mode is acceptable */
daf5b0b6 1626 if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
96daf2b0 1627 (server->sec_mode & SECMODE_SIGN_REQUIRED))
daf5b0b6
JL		 1628 return false;
1629 else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
96daf2b0 1630 (server->sec_mode &
daf5b0b6
JL		 1631 (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1632 return false;
1633
1634 return true;
1635}
1636
37bb04e5
PS		 1637static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
1638 struct smb_vol *vol)
1639{
1640 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1641 return 0;
1642
1643 if (!match_address(server, addr,
1644 (struct sockaddr *)&vol->srcaddr))
1645 return 0;
1646
1647 if (!match_port(server, addr))
1648 return 0;
1649
1650 if (!match_security(server, vol))
1651 return 0;
1652
1653 return 1;
1654}
1655
e7ddee90 1656static struct TCP_Server_Info *
daf5b0b6 1657cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1da177e4 1658{
e7ddee90 1659 struct TCP_Server_Info *server;
e7ddee90 1660
3f9bcca7 1661 spin_lock(&cifs_tcp_ses_lock);
4515148e 1662 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
37bb04e5 1663 if (!match_server(server, addr, vol))
daf5b0b6
JL		 1664 continue;
1665
e7ddee90 1666 ++server->srv_count;
3f9bcca7 1667 spin_unlock(&cifs_tcp_ses_lock);
b6b38f70 1668 cFYI(1, "Existing tcp session with server found");
e7ddee90 1669 return server;
1da177e4 1670 }
3f9bcca7 1671 spin_unlock(&cifs_tcp_ses_lock);
1da177e4
LT		 1672 return NULL;
1673}
1b20d672 1674
14fbf50d 1675static void
e7ddee90 1676cifs_put_tcp_session(struct TCP_Server_Info *server)
1da177e4 1677{
e7ddee90 1678 struct task_struct *task;
1b20d672 1679
3f9bcca7 1680 spin_lock(&cifs_tcp_ses_lock);
e7ddee90 1681 if (--server->srv_count > 0) {
3f9bcca7 1682 spin_unlock(&cifs_tcp_ses_lock);
e7ddee90 1683 return;
1da177e4 1684 }
1b20d672 1685
f1d0c998
RL		 1686 put_net(cifs_net_ns(server));
1687
e7ddee90 1688 list_del_init(&server->tcp_ses_list);
3f9bcca7 1689 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 1690
c74093b6
JL		 1691 cancel_delayed_work_sync(&server->echo);
1692
e7ddee90
JL		 1693 spin_lock(&GlobalMid_Lock);
1694 server->tcpStatus = CifsExiting;
1695 spin_unlock(&GlobalMid_Lock);
dea570e0 1696
d2b91521 1697 cifs_crypto_shash_release(server);
488f1d2d
SJ		 1698 cifs_fscache_release_client_cookie(server);
1699
21e73393
SP		 1700 kfree(server->session_key.response);
1701 server->session_key.response = NULL;
1702 server->session_key.len = 0;
1703
e7ddee90
JL		 1704 task = xchg(&server->tsk, NULL);
1705 if (task)
1706 force_sig(SIGKILL, task);
1da177e4
LT		 1707}
1708
63c038c2
JL		 1709static struct TCP_Server_Info *
1710cifs_get_tcp_session(struct smb_vol *volume_info)
1711{
1712 struct TCP_Server_Info *tcp_ses = NULL;
a9ac49d3 1713 struct sockaddr_storage addr;
63c038c2
JL		 1714 struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1715 struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1716 int rc;
1717
a9ac49d3 1718 memset(&addr, 0, sizeof(struct sockaddr_storage));
63c038c2 1719
b6b38f70 1720 cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
63c038c2 1721
1e68b2b2 1722 if (volume_info->UNCip && volume_info->UNC) {
50d97160
JL		 1723 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1724 volume_info->UNCip,
67b7626a 1725 strlen(volume_info->UNCip),
50d97160 1726 volume_info->port);
1e68b2b2 1727 if (!rc) {
63c038c2
JL		 1728 /* we failed translating address */
1729 rc = -EINVAL;
1730 goto out_err;
1731 }
63c038c2
JL		 1732 } else if (volume_info->UNCip) {
1733 /* BB using ip addr as tcp_ses name to connect to the
1734 DFS root below */
b6b38f70 1735 cERROR(1, "Connecting to DFS root not implemented yet");
63c038c2
JL		 1736 rc = -EINVAL;
1737 goto out_err;
1738 } else /* which tcp_sess DFS root would we conect to */ {
b6b38f70
JP		 1739 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1740 "unc=//192.168.1.100/public) specified");
63c038c2
JL		 1741 rc = -EINVAL;
1742 goto out_err;
1743 }
1744
1745 /* see if we already have a matching tcp_ses */
daf5b0b6 1746 tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
63c038c2
JL		 1747 if (tcp_ses)
1748 return tcp_ses;
1749
1750 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1751 if (!tcp_ses) {
1752 rc = -ENOMEM;
1753 goto out_err;
1754 }
1755
d2b91521
SP		 1756 rc = cifs_crypto_shash_allocate(tcp_ses);
1757 if (rc) {
1758 cERROR(1, "could not setup hash structures rc %d", rc);
1759 goto out_err;
1760 }
1761
f1d0c998 1762 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
63c038c2
JL		 1763 tcp_ses->hostname = extract_hostname(volume_info->UNC);
1764 if (IS_ERR(tcp_ses->hostname)) {
1765 rc = PTR_ERR(tcp_ses->hostname);
f7c5445a 1766 goto out_err_crypto_release;
63c038c2
JL		 1767 }
1768
1769 tcp_ses->noblocksnd = volume_info->noblocksnd;
1770 tcp_ses->noautotune = volume_info->noautotune;
6a5fa236 1771 tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
63c038c2
JL		 1772 atomic_set(&tcp_ses->inFlight, 0);
1773 init_waitqueue_head(&tcp_ses->response_q);
1774 init_waitqueue_head(&tcp_ses->request_q);
1775 INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1776 mutex_init(&tcp_ses->srv_mutex);
1777 memcpy(tcp_ses->workstation_RFC1001_name,
1778 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1779 memcpy(tcp_ses->server_RFC1001_name,
1780 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
5d0d2882 1781 tcp_ses->session_estab = false;
63c038c2 1782 tcp_ses->sequence_number = 0;
fda35943 1783 tcp_ses->lstrp = jiffies;
63c038c2
JL		 1784 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1785 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
c74093b6 1786 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
63c038c2
JL		 1787
1788 /*
1789 * at this point we are the only ones with the pointer
1790 * to the struct since the kernel thread not created yet
1791 * no need to spinlock this init of tcpStatus or srv_count
1792 */
1793 tcp_ses->tcpStatus = CifsNew;
3eb9a889
BG		 1794 memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1795 sizeof(tcp_ses->srcaddr));
63c038c2
JL		 1796 ++tcp_ses->srv_count;
1797
a9ac49d3 1798 if (addr.ss_family == AF_INET6) {
b6b38f70 1799 cFYI(1, "attempting ipv6 connect");
63c038c2
JL		 1800 /* BB should we allow ipv6 on port 139? */
1801 /* other OS never observed in Wild doing 139 with v6 */
a9f1b85e
PS		 1802 memcpy(&tcp_ses->dstaddr, sin_server6,
1803 sizeof(struct sockaddr_in6));
1804 } else
1805 memcpy(&tcp_ses->dstaddr, sin_server,
1806 sizeof(struct sockaddr_in));
1807
1808 rc = ip_connect(tcp_ses);
63c038c2 1809 if (rc < 0) {
b6b38f70 1810 cERROR(1, "Error connecting to socket. Aborting operation");
f7c5445a 1811 goto out_err_crypto_release;
63c038c2
JL		 1812 }
1813
1814 /*
1815 * since we're in a cifs function already, we know that
1816 * this will succeed. No need for try_module_get().
1817 */
1818 __module_get(THIS_MODULE);
7c97c200 1819 tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
63c038c2
JL		 1820 tcp_ses, "cifsd");
1821 if (IS_ERR(tcp_ses->tsk)) {
1822 rc = PTR_ERR(tcp_ses->tsk);
b6b38f70 1823 cERROR(1, "error %d create cifsd thread", rc);
63c038c2 1824 module_put(THIS_MODULE);
f7c5445a 1825 goto out_err_crypto_release;
63c038c2 1826 }
fd88ce93 1827 tcp_ses->tcpStatus = CifsNeedNegotiate;
63c038c2
JL		 1828
1829 /* thread spawned, put it on the list */
3f9bcca7 1830 spin_lock(&cifs_tcp_ses_lock);
63c038c2 1831 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
3f9bcca7 1832 spin_unlock(&cifs_tcp_ses_lock);
63c038c2 1833
488f1d2d
SJ		 1834 cifs_fscache_get_client_cookie(tcp_ses);
1835
c74093b6
JL		 1836 /* queue echo request delayed work */
1837 queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1838
63c038c2
JL		 1839 return tcp_ses;
1840
f7c5445a 1841out_err_crypto_release:
d2b91521
SP		 1842 cifs_crypto_shash_release(tcp_ses);
1843
f1d0c998
RL		 1844 put_net(cifs_net_ns(tcp_ses));
1845
63c038c2
JL		 1846out_err:
1847 if (tcp_ses) {
8347a5cd
SF		 1848 if (!IS_ERR(tcp_ses->hostname))
1849 kfree(tcp_ses->hostname);
63c038c2
JL		 1850 if (tcp_ses->ssocket)
1851 sock_release(tcp_ses->ssocket);
1852 kfree(tcp_ses);
1853 }
1854 return ERR_PTR(rc);
1855}
1856
96daf2b0 1857static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
37bb04e5
PS		 1858{
1859 switch (ses->server->secType) {
1860 case Kerberos:
1861 if (vol->cred_uid != ses->cred_uid)
1862 return 0;
1863 break;
1864 default:
1865 /* anything else takes username/password */
1866 if (ses->user_name == NULL)
1867 return 0;
1868 if (strncmp(ses->user_name, vol->username,
1869 MAX_USERNAME_SIZE))
1870 return 0;
1871 if (strlen(vol->username) != 0 &&
1872 ses->password != NULL &&
1873 strncmp(ses->password,
1874 vol->password ? vol->password : "",
1875 MAX_PASSWORD_SIZE))
1876 return 0;
1877 }
1878 return 1;
1879}
1880
96daf2b0 1881static struct cifs_ses *
4ff67b72 1882cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
1da177e4 1883{
96daf2b0 1884 struct cifs_ses *ses;
dea570e0 1885
3f9bcca7 1886 spin_lock(&cifs_tcp_ses_lock);
4ff67b72 1887 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
37bb04e5
PS		 1888 if (!match_session(ses, vol))
1889 continue;
14fbf50d 1890 ++ses->ses_count;
3f9bcca7 1891 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 1892 return ses;
1893 }
3f9bcca7 1894 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 1895 return NULL;
1896}
dea570e0 1897
14fbf50d 1898static void
96daf2b0 1899cifs_put_smb_ses(struct cifs_ses *ses)
14fbf50d
JL		 1900{
1901 int xid;
1902 struct TCP_Server_Info *server = ses->server;
dea570e0 1903
36988c76 1904 cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
3f9bcca7 1905 spin_lock(&cifs_tcp_ses_lock);
14fbf50d 1906 if (--ses->ses_count > 0) {
3f9bcca7 1907 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 1908 return;
1909 }
dea570e0 1910
14fbf50d 1911 list_del_init(&ses->smb_ses_list);
3f9bcca7 1912 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 1913
14fbf50d
JL		 1914 if (ses->status == CifsGood) {
1915 xid = GetXid();
1916 CIFSSMBLogoff(xid, ses);
1917 _FreeXid(xid);
1918 }
1919 sesInfoFree(ses);
1920 cifs_put_tcp_session(server);
1921}
dea570e0 1922
d9b94201
SF		 1923static bool warned_on_ntlm; /* globals init to false automatically */
1924
96daf2b0 1925static struct cifs_ses *
36988c76
JL		 1926cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
1927{
1928 int rc = -ENOMEM, xid;
96daf2b0 1929 struct cifs_ses *ses;
a9f1b85e
PS		 1930 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
1931 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
36988c76
JL		 1932
1933 xid = GetXid();
1934
4ff67b72 1935 ses = cifs_find_smb_ses(server, volume_info);
36988c76
JL		 1936 if (ses) {
1937 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
1938
36988c76 1939 mutex_lock(&ses->session_mutex);
198b5682
JL		 1940 rc = cifs_negotiate_protocol(xid, ses);
1941 if (rc) {
1942 mutex_unlock(&ses->session_mutex);
1943 /* problem -- put our ses reference */
1944 cifs_put_smb_ses(ses);
1945 FreeXid(xid);
1946 return ERR_PTR(rc);
1947 }
36988c76
JL		 1948 if (ses->need_reconnect) {
1949 cFYI(1, "Session needs reconnect");
1950 rc = cifs_setup_session(xid, ses,
1951 volume_info->local_nls);
1952 if (rc) {
1953 mutex_unlock(&ses->session_mutex);
1954 /* problem -- put our reference */
1955 cifs_put_smb_ses(ses);
1956 FreeXid(xid);
1957 return ERR_PTR(rc);
1958 }
1959 }
1960 mutex_unlock(&ses->session_mutex);
460cf341
JL		 1961
1962 /* existing SMB ses has a server reference already */
1963 cifs_put_tcp_session(server);
36988c76
JL		 1964 FreeXid(xid);
1965 return ses;
1966 }
1967
1968 cFYI(1, "Existing smb sess not found");
1969 ses = sesInfoAlloc();
1970 if (ses == NULL)
1971 goto get_ses_fail;
1972
1973 /* new SMB session uses our server ref */
1974 ses->server = server;
a9f1b85e
PS		 1975 if (server->dstaddr.ss_family == AF_INET6)
1976 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
36988c76 1977 else
a9f1b85e 1978 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
36988c76 1979
8727c8a8
SF		 1980 if (volume_info->username) {
1981 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
1982 if (!ses->user_name)
1983 goto get_ses_fail;
1984 }
36988c76
JL		 1985
1986 /* volume_info->password freed at unmount */
1987 if (volume_info->password) {
1988 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
1989 if (!ses->password)
1990 goto get_ses_fail;
1991 }
1992 if (volume_info->domainname) {
d3686d54
SP		 1993 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
1994 if (!ses->domainName)
1995 goto get_ses_fail;
36988c76 1996 }
3e4b3e1f 1997 ses->cred_uid = volume_info->cred_uid;
36988c76 1998 ses->linux_uid = volume_info->linux_uid;
d9b94201
SF		 1999
2000 /* ntlmv2 is much stronger than ntlm security, and has been broadly
2001 supported for many years, time to update default security mechanism */
2002 if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2003 warned_on_ntlm = true;
2004 cERROR(1, "default security mechanism requested. The default "
2005 "security mechanism will be upgraded from ntlm to "
c592a707 2006 "ntlmv2 in kernel release 3.1");
d9b94201 2007 }
36988c76
JL		 2008 ses->overrideSecFlg = volume_info->secFlg;
2009
2010 mutex_lock(&ses->session_mutex);
198b5682
JL		 2011 rc = cifs_negotiate_protocol(xid, ses);
2012 if (!rc)
2013 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
36988c76 2014 mutex_unlock(&ses->session_mutex);
c8e56f1f 2015 if (rc)
36988c76
JL		 2016 goto get_ses_fail;
2017
2018 /* success, put it on the list */
3f9bcca7 2019 spin_lock(&cifs_tcp_ses_lock);
36988c76 2020 list_add(&ses->smb_ses_list, &server->smb_ses_list);
3f9bcca7 2021 spin_unlock(&cifs_tcp_ses_lock);
36988c76
JL		 2022
2023 FreeXid(xid);
2024 return ses;
2025
2026get_ses_fail:
2027 sesInfoFree(ses);
2028 FreeXid(xid);
2029 return ERR_PTR(rc);
2030}
2031
96daf2b0 2032static int match_tcon(struct cifs_tcon *tcon, const char *unc)
37bb04e5
PS		 2033{
2034 if (tcon->tidStatus == CifsExiting)
2035 return 0;
2036 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2037 return 0;
2038 return 1;
2039}
2040
96daf2b0
SF		 2041static struct cifs_tcon *
2042cifs_find_tcon(struct cifs_ses *ses, const char *unc)
f1987b44
JL		 2043{
2044 struct list_head *tmp;
96daf2b0 2045 struct cifs_tcon *tcon;
f1987b44 2046
3f9bcca7 2047 spin_lock(&cifs_tcp_ses_lock);
f1987b44 2048 list_for_each(tmp, &ses->tcon_list) {
96daf2b0 2049 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
37bb04e5 2050 if (!match_tcon(tcon, unc))
f1987b44 2051 continue;
f1987b44 2052 ++tcon->tc_count;
3f9bcca7 2053 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 2054 return tcon;
1da177e4 2055 }
3f9bcca7 2056 spin_unlock(&cifs_tcp_ses_lock);
1da177e4
LT		 2057 return NULL;
2058}
2059
f1987b44 2060static void
96daf2b0 2061cifs_put_tcon(struct cifs_tcon *tcon)
f1987b44
JL		 2062{
2063 int xid;
96daf2b0 2064 struct cifs_ses *ses = tcon->ses;
f1987b44 2065
d00c28de 2066 cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
3f9bcca7 2067 spin_lock(&cifs_tcp_ses_lock);
f1987b44 2068 if (--tcon->tc_count > 0) {
3f9bcca7 2069 spin_unlock(&cifs_tcp_ses_lock);
f1987b44
JL		 2070 return;
2071 }
2072
2073 list_del_init(&tcon->tcon_list);
3f9bcca7 2074 spin_unlock(&cifs_tcp_ses_lock);
f1987b44
JL		 2075
2076 xid = GetXid();
2077 CIFSSMBTDis(xid, tcon);
2078 _FreeXid(xid);
2079
d03382ce 2080 cifs_fscache_release_super_cookie(tcon);
9f841593 2081 tconInfoFree(tcon);
f1987b44
JL		 2082 cifs_put_smb_ses(ses);
2083}
2084
96daf2b0
SF		 2085static struct cifs_tcon *
2086cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
d00c28de
JL		 2087{
2088 int rc, xid;
96daf2b0 2089 struct cifs_tcon *tcon;
d00c28de
JL		 2090
2091 tcon = cifs_find_tcon(ses, volume_info->UNC);
2092 if (tcon) {
2093 cFYI(1, "Found match on UNC path");
2094 /* existing tcon already has a reference */
2095 cifs_put_smb_ses(ses);
2096 if (tcon->seal != volume_info->seal)
2097 cERROR(1, "transport encryption setting "
2098 "conflicts with existing tid");
2099 return tcon;
2100 }
2101
2102 tcon = tconInfoAlloc();
2103 if (tcon == NULL) {
2104 rc = -ENOMEM;
2105 goto out_fail;
2106 }
2107
2108 tcon->ses = ses;
2109 if (volume_info->password) {
2110 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2111 if (!tcon->password) {
2112 rc = -ENOMEM;
2113 goto out_fail;
2114 }
2115 }
2116
2117 if (strchr(volume_info->UNC + 3, '\\') == NULL
2118 && strchr(volume_info->UNC + 3, '/') == NULL) {
2119 cERROR(1, "Missing share name");
2120 rc = -ENODEV;
2121 goto out_fail;
2122 }
2123
2124 /* BB Do we need to wrap session_mutex around
2125 * this TCon call and Unix SetFS as
2126 * we do on SessSetup and reconnect? */
2127 xid = GetXid();
2128 rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2129 FreeXid(xid);
2130 cFYI(1, "CIFS Tcon rc = %d", rc);
2131 if (rc)
2132 goto out_fail;
2133
2134 if (volume_info->nodfs) {
2135 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2136 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2137 }
2138 tcon->seal = volume_info->seal;
2139 /* we can have only one retry value for a connection
2140 to a share so for resources mounted more than once
2141 to the same server share the last value passed in
2142 for the retry flag is used */
2143 tcon->retry = volume_info->retry;
2144 tcon->nocase = volume_info->nocase;
2145 tcon->local_lease = volume_info->local_lease;
2146
3f9bcca7 2147 spin_lock(&cifs_tcp_ses_lock);
d00c28de 2148 list_add(&tcon->tcon_list, &ses->tcon_list);
3f9bcca7 2149 spin_unlock(&cifs_tcp_ses_lock);
d00c28de 2150
d03382ce
SJ		 2151 cifs_fscache_get_super_cookie(tcon);
2152
d00c28de
JL		 2153 return tcon;
2154
2155out_fail:
2156 tconInfoFree(tcon);
2157 return ERR_PTR(rc);
2158}
2159
9d002df4
JL		 2160void
2161cifs_put_tlink(struct tcon_link *tlink)
2162{
2163 if (!tlink || IS_ERR(tlink))
2164 return;
2165
2166 if (!atomic_dec_and_test(&tlink->tl_count) ||
2167 test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2168 tlink->tl_time = jiffies;
2169 return;
2170 }
2171
2172 if (!IS_ERR(tlink_tcon(tlink)))
2173 cifs_put_tcon(tlink_tcon(tlink));
2174 kfree(tlink);
2175 return;
2176}
d00c28de 2177
25c7f41e 2178static inline struct tcon_link *
cd51875d
PS		 2179cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2180{
2181 return cifs_sb->master_tlink;
2182}
25c7f41e
PS		 2183
2184static int
2185compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2186{
2187 struct cifs_sb_info *old = CIFS_SB(sb);
2188 struct cifs_sb_info *new = mnt_data->cifs_sb;
2189
2190 if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2191 return 0;
2192
2193 if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2194 (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2195 return 0;
2196
2197 if (old->rsize != new->rsize)
2198 return 0;
2199
2200 /*
2201 * We want to share sb only if we don't specify wsize or specified wsize
2202 * is greater or equal than existing one.
2203 */
2204 if (new->wsize && new->wsize < old->wsize)
2205 return 0;
2206
2207 if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2208 return 0;
2209
2210 if (old->mnt_file_mode != new->mnt_file_mode ||
2211 old->mnt_dir_mode != new->mnt_dir_mode)
2212 return 0;
2213
2214 if (strcmp(old->local_nls->charset, new->local_nls->charset))
2215 return 0;
2216
2217 if (old->actimeo != new->actimeo)
2218 return 0;
2219
2220 return 1;
2221}
2222
2223int
2224cifs_match_super(struct super_block *sb, void *data)
2225{
2226 struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2227 struct smb_vol *volume_info;
2228 struct cifs_sb_info *cifs_sb;
2229 struct TCP_Server_Info *tcp_srv;
96daf2b0
SF		 2230 struct cifs_ses *ses;
2231 struct cifs_tcon *tcon;
25c7f41e
PS		 2232 struct tcon_link *tlink;
2233 struct sockaddr_storage addr;
2234 int rc = 0;
2235
2236 memset(&addr, 0, sizeof(struct sockaddr_storage));
2237
2238 spin_lock(&cifs_tcp_ses_lock);
2239 cifs_sb = CIFS_SB(sb);
2240 tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2241 if (IS_ERR(tlink)) {
2242 spin_unlock(&cifs_tcp_ses_lock);
2243 return rc;
2244 }
2245 tcon = tlink_tcon(tlink);
2246 ses = tcon->ses;
2247 tcp_srv = ses->server;
2248
2249 volume_info = mnt_data->vol;
2250
2251 if (!volume_info->UNCip || !volume_info->UNC)
2252 goto out;
2253
2254 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2255 volume_info->UNCip,
2256 strlen(volume_info->UNCip),
2257 volume_info->port);
2258 if (!rc)
2259 goto out;
2260
2261 if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2262 !match_session(ses, volume_info) ||
2263 !match_tcon(tcon, volume_info->UNC)) {
2264 rc = 0;
2265 goto out;
2266 }
2267
2268 rc = compare_mount_options(sb, mnt_data);
2269out:
25c7f41e 2270 spin_unlock(&cifs_tcp_ses_lock);
f484b5d0 2271 cifs_put_tlink(tlink);
25c7f41e
PS		 2272 return rc;
2273}
2274
1da177e4 2275int
96daf2b0 2276get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
50c2f753 2277 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
366781c1 2278 struct dfs_info3_param **preferrals, int remap)
1da177e4
LT		 2279{
2280 char *temp_unc;
2281 int rc = 0;
2282
2283 *pnum_referrals = 0;
366781c1 2284 *preferrals = NULL;
1da177e4
LT		 2285
2286 if (pSesInfo->ipc_tid == 0) {
2287 temp_unc = kmalloc(2 /* for slashes */ +
50c2f753
SF		 2288 strnlen(pSesInfo->serverName,
2289 SERVER_NAME_LEN_WITH_NULL * 2)
1da177e4
LT		 2290 + 1 + 4 /* slash IPC$ */ + 2,
2291 GFP_KERNEL);
2292 if (temp_unc == NULL)
2293 return -ENOMEM;
2294 temp_unc[0] = '\\';
2295 temp_unc[1] = '\\';
2296 strcpy(temp_unc + 2, pSesInfo->serverName);
2297 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2298 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
b6b38f70 2299 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
1da177e4
LT		 2300 kfree(temp_unc);
2301 }
2302 if (rc == 0)
c2cf07d5 2303 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
737b758c 2304 pnum_referrals, nls_codepage, remap);
366781c1
SF		 2305 /* BB map targetUNCs to dfs_info3 structures, here or
2306 in CIFSGetDFSRefer BB */
1da177e4
LT		 2307
2308 return rc;
2309}
2310
09e50d55
JL		 2311#ifdef CONFIG_DEBUG_LOCK_ALLOC
2312static struct lock_class_key cifs_key[2];
2313static struct lock_class_key cifs_slock_key[2];
2314
2315static inline void
2316cifs_reclassify_socket4(struct socket *sock)
2317{
2318 struct sock *sk = sock->sk;
2319 BUG_ON(sock_owned_by_user(sk));
2320 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2321 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2322}
2323
2324static inline void
2325cifs_reclassify_socket6(struct socket *sock)
2326{
2327 struct sock *sk = sock->sk;
2328 BUG_ON(sock_owned_by_user(sk));
2329 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2330 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2331}
2332#else
2333static inline void
2334cifs_reclassify_socket4(struct socket *sock)
2335{
2336}
2337
2338static inline void
2339cifs_reclassify_socket6(struct socket *sock)
2340{
2341}
2342#endif
2343
1da177e4 2344/* See RFC1001 section 14 on representation of Netbios names */
50c2f753 2345static void rfc1002mangle(char *target, char *source, unsigned int length)
1da177e4 2346{
50c2f753 2347 unsigned int i, j;
1da177e4 2348
50c2f753 2349 for (i = 0, j = 0; i < (length); i++) {
1da177e4
LT		 2350 /* mask a nibble at a time and encode */
2351 target[j] = 'A' + (0x0F & (source[i] >> 4));
2352 target[j+1] = 'A' + (0x0F & source[i]);
50c2f753 2353 j += 2;
1da177e4
LT		 2354 }
2355
2356}
2357
3eb9a889
BG		 2358static int
2359bind_socket(struct TCP_Server_Info *server)
2360{
2361 int rc = 0;
2362 if (server->srcaddr.ss_family != AF_UNSPEC) {
2363 /* Bind to the specified local IP address */
2364 struct socket *socket = server->ssocket;
2365 rc = socket->ops->bind(socket,
2366 (struct sockaddr *) &server->srcaddr,
2367 sizeof(server->srcaddr));
2368 if (rc < 0) {
2369 struct sockaddr_in *saddr4;
2370 struct sockaddr_in6 *saddr6;
2371 saddr4 = (struct sockaddr_in *)&server->srcaddr;
2372 saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2373 if (saddr6->sin6_family == AF_INET6)
2374 cERROR(1, "cifs: "
2375 "Failed to bind to: %pI6c, error: %d\n",
2376 &saddr6->sin6_addr, rc);
2377 else
2378 cERROR(1, "cifs: "
2379 "Failed to bind to: %pI4, error: %d\n",
2380 &saddr4->sin_addr.s_addr, rc);
2381 }
2382 }
2383 return rc;
2384}
1da177e4
LT		 2385
2386static int
a9f1b85e 2387ip_rfc1001_connect(struct TCP_Server_Info *server)
1da177e4
LT		 2388{
2389 int rc = 0;
a9f1b85e
PS		 2390 /*
2391 * some servers require RFC1001 sessinit before sending
2392 * negprot - BB check reconnection in case where second
2393 * sessinit is sent but no second negprot
2394 */
2395 struct rfc1002_session_packet *ses_init_buf;
2396 struct smb_hdr *smb_buf;
2397 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2398 GFP_KERNEL);
2399 if (ses_init_buf) {
2400 ses_init_buf->trailer.session_req.called_len = 32;
2401
2402 if (server->server_RFC1001_name &&
2403 server->server_RFC1001_name[0] != 0)
2404 rfc1002mangle(ses_init_buf->trailer.
2405 session_req.called_name,
2406 server->server_RFC1001_name,
2407 RFC1001_NAME_LEN_WITH_NULL);
2408 else
2409 rfc1002mangle(ses_init_buf->trailer.
2410 session_req.called_name,
2411 DEFAULT_CIFS_CALLED_NAME,
2412 RFC1001_NAME_LEN_WITH_NULL);
2413
2414 ses_init_buf->trailer.session_req.calling_len = 32;
2415
2416 /*
2417 * calling name ends in null (byte 16) from old smb
2418 * convention.
2419 */
2420 if (server->workstation_RFC1001_name &&
2421 server->workstation_RFC1001_name[0] != 0)
2422 rfc1002mangle(ses_init_buf->trailer.
2423 session_req.calling_name,
2424 server->workstation_RFC1001_name,
2425 RFC1001_NAME_LEN_WITH_NULL);
2426 else
2427 rfc1002mangle(ses_init_buf->trailer.
2428 session_req.calling_name,
2429 "LINUX_CIFS_CLNT",
2430 RFC1001_NAME_LEN_WITH_NULL);
2431
2432 ses_init_buf->trailer.session_req.scope1 = 0;
2433 ses_init_buf->trailer.session_req.scope2 = 0;
2434 smb_buf = (struct smb_hdr *)ses_init_buf;
2435
2436 /* sizeof RFC1002_SESSION_REQUEST with no scope */
be8e3b00 2437 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
a9f1b85e
PS		 2438 rc = smb_send(server, smb_buf, 0x44);
2439 kfree(ses_init_buf);
2440 /*
2441 * RFC1001 layer in at least one server
2442 * requires very short break before negprot
2443 * presumably because not expecting negprot
2444 * to follow so fast. This is a simple
2445 * solution that works without
2446 * complicating the code and causes no
2447 * significant slowing down on mount
2448 * for everyone else
2449 */
2450 usleep_range(1000, 2000);
2451 }
2452 /*
2453 * else the negprot may still work without this
2454 * even though malloc failed
2455 */
2456
2457 return rc;
2458}
2459
2460static int
2461generic_ip_connect(struct TCP_Server_Info *server)
2462{
2463 int rc = 0;
6da97910 2464 __be16 sport;
a9f1b85e 2465 int slen, sfamily;
bcf4b106 2466 struct socket *socket = server->ssocket;
a9f1b85e
PS		 2467 struct sockaddr *saddr;
2468
2469 saddr = (struct sockaddr *) &server->dstaddr;
2470
2471 if (server->dstaddr.ss_family == AF_INET6) {
2472 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2473 slen = sizeof(struct sockaddr_in6);
2474 sfamily = AF_INET6;
2475 } else {
2476 sport = ((struct sockaddr_in *) saddr)->sin_port;
2477 slen = sizeof(struct sockaddr_in);
2478 sfamily = AF_INET;
2479 }
1da177e4 2480
bcf4b106 2481 if (socket == NULL) {
f1d0c998
RL		 2482 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2483 IPPROTO_TCP, &socket, 1);
1da177e4 2484 if (rc < 0) {
b6b38f70 2485 cERROR(1, "Error %d creating socket", rc);
a9f1b85e 2486 server->ssocket = NULL;
1da177e4 2487 return rc;
1da177e4 2488 }
bcf4b106
JL		 2489
2490 /* BB other socket options to set KEEPALIVE, NODELAY? */
b6b38f70 2491 cFYI(1, "Socket created");
bcf4b106
JL		 2492 server->ssocket = socket;
2493 socket->sk->sk_allocation = GFP_NOFS;
a9f1b85e
PS		 2494 if (sfamily == AF_INET6)
2495 cifs_reclassify_socket6(socket);
2496 else
2497 cifs_reclassify_socket4(socket);
1da177e4
LT		 2498 }
2499
3eb9a889
BG		 2500 rc = bind_socket(server);
2501 if (rc < 0)
2502 return rc;
2503
bcf4b106
JL		 2504 /*
2505 * Eventually check for other socket options to change from
a9f1b85e
PS		 2506 * the default. sock_setsockopt not used because it expects
2507 * user space buffer
bcf4b106
JL		 2508 */
2509 socket->sk->sk_rcvtimeo = 7 * HZ;
da505c38 2510 socket->sk->sk_sndtimeo = 5 * HZ;
edf1ae40 2511
b387eaeb 2512 /* make the bufsizes depend on wsize/rsize and max requests */
bcf4b106
JL		 2513 if (server->noautotune) {
2514 if (socket->sk->sk_sndbuf < (200 * 1024))
2515 socket->sk->sk_sndbuf = 200 * 1024;
2516 if (socket->sk->sk_rcvbuf < (140 * 1024))
2517 socket->sk->sk_rcvbuf = 140 * 1024;
edf1ae40 2518 }
1da177e4 2519
6a5fa236 2520 if (server->tcp_nodelay) {
a9f1b85e 2521 int val = 1;
6a5fa236
SF		 2522 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2523 (char *)&val, sizeof(val));
2524 if (rc)
b6b38f70 2525 cFYI(1, "set TCP_NODELAY socket option error %d", rc);
6a5fa236
SF		 2526 }
2527
b6b38f70 2528 cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
bcf4b106 2529 socket->sk->sk_sndbuf,
b6b38f70 2530 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
bcf4b106 2531
ee1b3ea9
JL		 2532 rc = socket->ops->connect(socket, saddr, slen, 0);
2533 if (rc < 0) {
2534 cFYI(1, "Error %d connecting to server", rc);
2535 sock_release(socket);
2536 server->ssocket = NULL;
2537 return rc;
2538 }
2539
a9f1b85e
PS		 2540 if (sport == htons(RFC1001_PORT))
2541 rc = ip_rfc1001_connect(server);
50c2f753 2542
1da177e4
LT		 2543 return rc;
2544}
2545
2546static int
a9f1b85e 2547ip_connect(struct TCP_Server_Info *server)
1da177e4 2548{
6da97910 2549 __be16 *sport;
a9f1b85e
PS		 2550 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2551 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
1da177e4 2552
a9f1b85e
PS		 2553 if (server->dstaddr.ss_family == AF_INET6)
2554 sport = &addr6->sin6_port;
2555 else
2556 sport = &addr->sin_port;
1da177e4 2557
a9f1b85e
PS		 2558 if (*sport == 0) {
2559 int rc;
1da177e4 2560
a9f1b85e
PS		 2561 /* try with 445 port at first */
2562 *sport = htons(CIFS_PORT);
3eb9a889 2563
a9f1b85e 2564 rc = generic_ip_connect(server);
1da177e4 2565 if (rc >= 0)
a9f1b85e 2566 return rc;
6a5fa236 2567
a9f1b85e
PS		 2568 /* if it failed, try with 139 port */
2569 *sport = htons(RFC1001_PORT);
6a5fa236
SF		 2570 }
2571
a9f1b85e 2572 return generic_ip_connect(server);
1da177e4
LT		 2573}
2574
96daf2b0 2575void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
2c6292ae 2576 struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
8af18971
SF		 2577{
2578 /* if we are reconnecting then should we check to see if
2579 * any requested capabilities changed locally e.g. via
2580 * remount but we can not do much about it here
2581 * if they have (even if we could detect it by the following)
2582 * Perhaps we could add a backpointer to array of sb from tcon
2583 * or if we change to make all sb to same share the same
2584 * sb as NFS - then we only have one backpointer to sb.
2585 * What if we wanted to mount the server share twice once with
2586 * and once without posixacls or posix paths? */
2587 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
50c2f753 2588
c18c842b
SF		 2589 if (vol_info && vol_info->no_linux_ext) {
2590 tcon->fsUnixInfo.Capability = 0;
2591 tcon->unix_ext = 0; /* Unix Extensions disabled */
b6b38f70 2592 cFYI(1, "Linux protocol extensions disabled");
c18c842b
SF		 2593 return;
2594 } else if (vol_info)
2595 tcon->unix_ext = 1; /* Unix Extensions supported */
2596
2597 if (tcon->unix_ext == 0) {
b6b38f70 2598 cFYI(1, "Unix extensions disabled so not set on reconnect");
c18c842b
SF		 2599 return;
2600 }
50c2f753 2601
fb8c4b14 2602 if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
8af18971 2603 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
6848b733 2604 cFYI(1, "unix caps which server supports %lld", cap);
8af18971
SF		 2605 /* check for reconnect case in which we do not
2606 want to change the mount behavior if we can avoid it */
fb8c4b14 2607 if (vol_info == NULL) {
50c2f753 2608 /* turn off POSIX ACL and PATHNAMES if not set
8af18971
SF		 2609 originally at mount time */
2610 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2611 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
11b6d645
IM		 2612 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2613 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
b6b38f70 2614 cERROR(1, "POSIXPATH support change");
8af18971 2615 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
11b6d645 2616 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
b6b38f70
JP		 2617 cERROR(1, "possible reconnect error");
2618 cERROR(1, "server disabled POSIX path support");
11b6d645 2619 }
8af18971 2620 }
50c2f753 2621
6848b733
SF		 2622 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2623 cERROR(1, "per-share encryption not supported yet");
2624
8af18971 2625 cap &= CIFS_UNIX_CAP_MASK;
75865f8c 2626 if (vol_info && vol_info->no_psx_acl)
8af18971 2627 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
75865f8c 2628 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
b6b38f70 2629 cFYI(1, "negotiated posix acl support");
2c6292ae
AV		 2630 if (cifs_sb)
2631 cifs_sb->mnt_cifs_flags |=
2632 CIFS_MOUNT_POSIXACL;
8af18971
SF		 2633 }
2634
75865f8c 2635 if (vol_info && vol_info->posix_paths == 0)
8af18971 2636 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
75865f8c 2637 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
b6b38f70 2638 cFYI(1, "negotiate posix pathnames");
2c6292ae
AV		 2639 if (cifs_sb)
2640 cifs_sb->mnt_cifs_flags |=
8af18971
SF		 2641 CIFS_MOUNT_POSIX_PATHS;
2642 }
50c2f753 2643
2c6292ae 2644 if (cifs_sb && (cifs_sb->rsize > 127 * 1024)) {
75865f8c 2645 if ((cap & CIFS_UNIX_LARGE_READ_CAP) == 0) {
2c6292ae 2646 cifs_sb->rsize = 127 * 1024;
b6b38f70 2647 cFYI(DBG2, "larger reads not supported by srv");
75865f8c
SF		 2648 }
2649 }
50c2f753
SF		 2650
2651
b6b38f70 2652 cFYI(1, "Negotiate caps 0x%x", (int)cap);
8af18971 2653#ifdef CONFIG_CIFS_DEBUG2
75865f8c 2654 if (cap & CIFS_UNIX_FCNTL_CAP)
b6b38f70 2655 cFYI(1, "FCNTL cap");
75865f8c 2656 if (cap & CIFS_UNIX_EXTATTR_CAP)
b6b38f70 2657 cFYI(1, "EXTATTR cap");
75865f8c 2658 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
b6b38f70 2659 cFYI(1, "POSIX path cap");
75865f8c 2660 if (cap & CIFS_UNIX_XATTR_CAP)
b6b38f70 2661 cFYI(1, "XATTR cap");
75865f8c 2662 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
b6b38f70 2663 cFYI(1, "POSIX ACL cap");
75865f8c 2664 if (cap & CIFS_UNIX_LARGE_READ_CAP)
b6b38f70 2665 cFYI(1, "very large read cap");
75865f8c 2666 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
b6b38f70 2667 cFYI(1, "very large write cap");
6848b733
SF		 2668 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
2669 cFYI(1, "transport encryption cap");
2670 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2671 cFYI(1, "mandatory transport encryption cap");
8af18971
SF		 2672#endif /* CIFS_DEBUG2 */
2673 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
442aa310 2674 if (vol_info == NULL) {
b6b38f70 2675 cFYI(1, "resetting capabilities failed");
442aa310 2676 } else
b6b38f70 2677 cERROR(1, "Negotiating Unix capabilities "
5a44b319
SF		 2678 "with the server failed. Consider "
2679 "mounting with the Unix Extensions\n"
2680 "disabled, if problems are found, "
2681 "by specifying the nounix mount "
b6b38f70 2682 "option.");
5a44b319 2683
8af18971
SF		 2684 }
2685 }
2686}
2687
724d9f1c
PS		 2688void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
2689 struct cifs_sb_info *cifs_sb)
b1c8d2b4 2690{
2de970ff
JL		 2691 INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2692
2ced6f69
AV		 2693 spin_lock_init(&cifs_sb->tlink_tree_lock);
2694 cifs_sb->tlink_tree = RB_ROOT;
2695
3b795210 2696 if (pvolume_info->rsize > CIFSMaxBufSize) {
b6b38f70
JP		 2697 cERROR(1, "rsize %d too large, using MaxBufSize",
2698 pvolume_info->rsize);
3b795210
SF		 2699 cifs_sb->rsize = CIFSMaxBufSize;
2700 } else if ((pvolume_info->rsize) &&
2701 (pvolume_info->rsize <= CIFSMaxBufSize))
2702 cifs_sb->rsize = pvolume_info->rsize;
2703 else /* default */
2704 cifs_sb->rsize = CIFSMaxBufSize;
2705
3b795210
SF		 2706 if (cifs_sb->rsize < 2048) {
2707 cifs_sb->rsize = 2048;
2708 /* Windows ME may prefer this */
b6b38f70 2709 cFYI(1, "readsize set to minimum: 2048");
3b795210 2710 }
25c7f41e
PS		 2711
2712 /*
2713 * Temporarily set wsize for matching superblock. If we end up using
2714 * new sb then cifs_negotiate_wsize will later negotiate it downward
2715 * if needed.
2716 */
2717 cifs_sb->wsize = pvolume_info->wsize;
2718
3b795210
SF		 2719 cifs_sb->mnt_uid = pvolume_info->linux_uid;
2720 cifs_sb->mnt_gid = pvolume_info->linux_gid;
2721 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2722 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
b6b38f70
JP		 2723 cFYI(1, "file mode: 0x%x dir mode: 0x%x",
2724 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
3b795210 2725
6d20e840 2726 cifs_sb->actimeo = pvolume_info->actimeo;
724d9f1c 2727 cifs_sb->local_nls = pvolume_info->local_nls;
6d20e840 2728
3b795210
SF		 2729 if (pvolume_info->noperm)
2730 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2731 if (pvolume_info->setuids)
2732 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2733 if (pvolume_info->server_ino)
2734 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2735 if (pvolume_info->remap)
2736 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2737 if (pvolume_info->no_xattr)
2738 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2739 if (pvolume_info->sfu_emul)
2740 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2741 if (pvolume_info->nobrl)
2742 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
be652445 2743 if (pvolume_info->nostrictsync)
4717bed6 2744 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
13a6e42a
SF		 2745 if (pvolume_info->mand_lock)
2746 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
d4ffff1f
PS		 2747 if (pvolume_info->rwpidforward)
2748 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
3b795210
SF		 2749 if (pvolume_info->cifs_acl)
2750 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
2751 if (pvolume_info->override_uid)
2752 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
2753 if (pvolume_info->override_gid)
2754 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
2755 if (pvolume_info->dynperm)
2756 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
fa1df75d
SJ		 2757 if (pvolume_info->fsc)
2758 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
0eb8a132
JL		 2759 if (pvolume_info->multiuser)
2760 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
2761 CIFS_MOUNT_NO_PERM);
d39454ff
PS		 2762 if (pvolume_info->strict_io)
2763 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
3b795210 2764 if (pvolume_info->direct_io) {
b6b38f70 2765 cFYI(1, "mounting share using direct i/o");
3b795210
SF		 2766 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
2767 }
736a3320
SM		 2768 if (pvolume_info->mfsymlinks) {
2769 if (pvolume_info->sfu_emul) {
2770 cERROR(1, "mount option mfsymlinks ignored if sfu "
2771 "mount option is used");
2772 } else {
2773 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
2774 }
2775 }
3b795210
SF		 2776
2777 if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
b6b38f70
JP		 2778 cERROR(1, "mount option dynperm ignored if cifsacl "
2779 "mount option supported");
b1c8d2b4
JL		 2780}
2781
f7910cbd
JL		 2782/*
2783 * When the server supports very large writes via POSIX extensions, we can
1190f6a0
JL		 2784 * allow up to 2^24-1, minus the size of a WRITE_AND_X header, not including
2785 * the RFC1001 length.
f7910cbd
JL		 2786 *
2787 * Note that this might make for "interesting" allocation problems during
1190f6a0
JL		 2788 * writeback however as we have to allocate an array of pointers for the
2789 * pages. A 16M write means ~32kb page array with PAGE_CACHE_SIZE == 4096.
f7910cbd 2790 */
1190f6a0 2791#define CIFS_MAX_WSIZE ((1<<24) - 1 - sizeof(WRITE_REQ) + 4)
f7910cbd
JL		 2792
2793/*
1190f6a0
JL		 2794 * When the server doesn't allow large posix writes, only allow a wsize of
2795 * 128k minus the size of the WRITE_AND_X header. That allows for a write up
2796 * to the maximum size described by RFC1002.
f7910cbd 2797 */
1190f6a0 2798#define CIFS_MAX_RFC1002_WSIZE (128 * 1024 - sizeof(WRITE_REQ) + 4)
f7910cbd
JL		 2799
2800/*
2801 * The default wsize is 1M. find_get_pages seems to return a maximum of 256
2802 * pages in a single call. With PAGE_CACHE_SIZE == 4k, this means we can fill
2803 * a single wsize request with a single call.
2804 */
2805#define CIFS_DEFAULT_WSIZE (1024 * 1024)
2806
2807static unsigned int
96daf2b0 2808cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
f7910cbd
JL		 2809{
2810 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2811 struct TCP_Server_Info *server = tcon->ses->server;
2812 unsigned int wsize = pvolume_info->wsize ? pvolume_info->wsize :
2813 CIFS_DEFAULT_WSIZE;
2814
2815 /* can server support 24-bit write sizes? (via UNIX extensions) */
2816 if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
1190f6a0 2817 wsize = min_t(unsigned int, wsize, CIFS_MAX_RFC1002_WSIZE);
f7910cbd 2818
1190f6a0
JL		 2819 /*
2820 * no CAP_LARGE_WRITE_X or is signing enabled without CAP_UNIX set?
2821 * Limit it to max buffer offered by the server, minus the size of the
2822 * WRITEX header, not including the 4 byte RFC1001 length.
2823 */
2824 if (!(server->capabilities & CAP_LARGE_WRITE_X) ||
2825 (!(server->capabilities & CAP_UNIX) &&
2826 (server->sec_mode & (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED))))
2827 wsize = min_t(unsigned int, wsize,
2828 server->maxBuf - sizeof(WRITE_REQ) + 4);
f7910cbd
JL		 2829
2830 /* hard limit of CIFS_MAX_WSIZE */
2831 wsize = min_t(unsigned int, wsize, CIFS_MAX_WSIZE);
2832
2833 return wsize;
2834}
2835
e4cce94c 2836static int
96daf2b0 2837is_path_accessible(int xid, struct cifs_tcon *tcon,
e4cce94c
IM		 2838 struct cifs_sb_info *cifs_sb, const char *full_path)
2839{
2840 int rc;
e4cce94c
IM		 2841 FILE_ALL_INFO *pfile_info;
2842
e4cce94c
IM		 2843 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
2844 if (pfile_info == NULL)
2845 return -ENOMEM;
2846
2847 rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
2848 0 /* not legacy */, cifs_sb->local_nls,
2849 cifs_sb->mnt_cifs_flags &
2850 CIFS_MOUNT_MAP_SPECIAL_CHR);
221d1d79
JL		 2851
2852 if (rc == -EOPNOTSUPP || rc == -EINVAL)
2853 rc = SMBQueryInformation(xid, tcon, full_path, pfile_info,
2854 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
2855 CIFS_MOUNT_MAP_SPECIAL_CHR);
e4cce94c
IM		 2856 kfree(pfile_info);
2857 return rc;
2858}
2859
b9bce2e9
JL		 2860static void
2861cleanup_volume_info_contents(struct smb_vol *volume_info)
1bfe73c2 2862{
b946845a 2863 kfree(volume_info->username);
1bfe73c2
IM		 2864 kzfree(volume_info->password);
2865 kfree(volume_info->UNC);
b946845a
SF		 2866 kfree(volume_info->UNCip);
2867 kfree(volume_info->domainname);
2868 kfree(volume_info->iocharset);
1bfe73c2 2869 kfree(volume_info->prepath);
b9bce2e9
JL		 2870}
2871
2872void
2873cifs_cleanup_volume_info(struct smb_vol *volume_info)
2874{
2875 if (!volume_info)
2876 return;
2877 cleanup_volume_info_contents(volume_info);
1bfe73c2 2878 kfree(volume_info);
1bfe73c2
IM		 2879}
2880
b9bce2e9 2881
2d6d589d 2882#ifdef CONFIG_CIFS_DFS_UPCALL
1bfe73c2
IM		 2883/* build_path_to_root returns full path to root when
2884 * we do not have an exiting connection (tcon) */
2885static char *
b2a0fa15 2886build_unc_path_to_root(const struct smb_vol *vol,
1bfe73c2
IM		 2887 const struct cifs_sb_info *cifs_sb)
2888{
b2a0fa15
JL		 2889 char *full_path, *pos;
2890 unsigned int pplen = vol->prepath ? strlen(vol->prepath) : 0;
2891 unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
1bfe73c2 2892
b2a0fa15 2893 full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
1bfe73c2
IM		 2894 if (full_path == NULL)
2895 return ERR_PTR(-ENOMEM);
2896
b2a0fa15
JL		 2897 strncpy(full_path, vol->UNC, unc_len);
2898 pos = full_path + unc_len;
2899
2900 if (pplen) {
2901 strncpy(pos, vol->prepath, pplen);
2902 pos += pplen;
2903 }
2904
2905 *pos = '\0'; /* add trailing null */
f87d39d9 2906 convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
b2a0fa15 2907 cFYI(1, "%s: full_path=%s", __func__, full_path);
1bfe73c2
IM		 2908 return full_path;
2909}
dd613945
SF		 2910
2911/*
2912 * Perform a dfs referral query for a share and (optionally) prefix
2913 *
046462ab
SF		 2914 * If a referral is found, cifs_sb->mountdata will be (re-)allocated
2915 * to a string containing updated options for the submount. Otherwise it
2916 * will be left untouched.
dd613945
SF		 2917 *
2918 * Returns the rc from get_dfs_path to the caller, which can be used to
2919 * determine whether there were referrals.
2920 */
2921static int
96daf2b0 2922expand_dfs_referral(int xid, struct cifs_ses *pSesInfo,
dd613945 2923 struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
046462ab 2924 int check_prefix)
dd613945
SF		 2925{
2926 int rc;
2927 unsigned int num_referrals = 0;
2928 struct dfs_info3_param *referrals = NULL;
2929 char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
2930
2931 full_path = build_unc_path_to_root(volume_info, cifs_sb);
2932 if (IS_ERR(full_path))
2933 return PTR_ERR(full_path);
2934
2935 /* For DFS paths, skip the first '\' of the UNC */
2936 ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
2937
2938 rc = get_dfs_path(xid, pSesInfo , ref_path, cifs_sb->local_nls,
2939 &num_referrals, &referrals,
2940 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
2941
2942 if (!rc && num_referrals > 0) {
2943 char *fake_devname = NULL;
2944
2945 mdata = cifs_compose_mount_options(cifs_sb->mountdata,
2946 full_path + 1, referrals,
2947 &fake_devname);
2948
2949 free_dfs_info_array(referrals, num_referrals);
046462ab 2950
dd613945
SF		 2951 if (IS_ERR(mdata)) {
2952 rc = PTR_ERR(mdata);
2953 mdata = NULL;
b9bce2e9
JL		 2954 } else {
2955 cleanup_volume_info_contents(volume_info);
2956 memset(volume_info, '\0', sizeof(*volume_info));
2957 rc = cifs_setup_volume_info(volume_info, mdata,
2958 fake_devname);
dd613945 2959 }
b9bce2e9
JL		 2960 kfree(fake_devname);
2961 kfree(cifs_sb->mountdata);
046462ab 2962 cifs_sb->mountdata = mdata;
dd613945
SF		 2963 }
2964 kfree(full_path);
2965 return rc;
2966}
2d6d589d 2967#endif
1bfe73c2 2968
04db79b0
JL		 2969static int
2970cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
2971 const char *devname)
1da177e4 2972{
724d9f1c 2973 int rc = 0;
1da177e4 2974
04db79b0
JL		 2975 if (cifs_parse_mount_options(mount_data, devname, volume_info))
2976 return -EINVAL;
1da177e4 2977
7586b765 2978 if (volume_info->nullauth) {
b6b38f70 2979 cFYI(1, "null user");
446b23a7 2980 volume_info->username = kzalloc(1, GFP_KERNEL);
04db79b0
JL		 2981 if (volume_info->username == NULL)
2982 return -ENOMEM;
7586b765 2983 } else if (volume_info->username) {
1da177e4 2984 /* BB fixme parse for domain name here */
b6b38f70 2985 cFYI(1, "Username: %s", volume_info->username);
1da177e4 2986 } else {
bf820679 2987 cifserror("No username specified");
50c2f753
SF		 2988 /* In userspace mount helper we can get user name from alternate
2989 locations such as env variables and files on disk */
04db79b0 2990 return -EINVAL;
1da177e4
LT		 2991 }
2992
1da177e4 2993 /* this is needed for ASCII cp to Unicode converts */
7586b765 2994 if (volume_info->iocharset == NULL) {
a5fc4ce0
JL		 2995 /* load_nls_default cannot return null */
2996 volume_info->local_nls = load_nls_default();
1da177e4 2997 } else {
a5fc4ce0
JL		 2998 volume_info->local_nls = load_nls(volume_info->iocharset);
2999 if (volume_info->local_nls == NULL) {
b6b38f70
JP		 3000 cERROR(1, "CIFS mount error: iocharset %s not found",
3001 volume_info->iocharset);
04db79b0 3002 return -ELIBACC;
1da177e4
LT		 3003 }
3004 }
724d9f1c 3005
724d9f1c
PS		 3006 return rc;
3007}
3008
04db79b0
JL		 3009struct smb_vol *
3010cifs_get_volume_info(char *mount_data, const char *devname)
3011{
3012 int rc;
3013 struct smb_vol *volume_info;
3014
3015 volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
3016 if (!volume_info)
3017 return ERR_PTR(-ENOMEM);
3018
3019 rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3020 if (rc) {
3021 cifs_cleanup_volume_info(volume_info);
3022 volume_info = ERR_PTR(rc);
3023 }
3024
3025 return volume_info;
3026}
3027
724d9f1c 3028int
2c6292ae 3029cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
724d9f1c
PS		 3030{
3031 int rc = 0;
3032 int xid;
96daf2b0
SF		 3033 struct cifs_ses *pSesInfo;
3034 struct cifs_tcon *tcon;
724d9f1c
PS		 3035 struct TCP_Server_Info *srvTcp;
3036 char *full_path;
3037 struct tcon_link *tlink;
3038#ifdef CONFIG_CIFS_DFS_UPCALL
3039 int referral_walks_count = 0;
20547490 3040#endif
dd854466
AV		 3041
3042 rc = bdi_setup_and_register(&cifs_sb->bdi, "cifs", BDI_CAP_MAP_COPY);
3043 if (rc)
3044 return rc;
3045
3046 cifs_sb->bdi.ra_pages = default_backing_dev_info.ra_pages;
3047
20547490 3048#ifdef CONFIG_CIFS_DFS_UPCALL
724d9f1c
PS		 3049try_mount_again:
3050 /* cleanup activities if we're chasing a referral */
3051 if (referral_walks_count) {
3052 if (tcon)
3053 cifs_put_tcon(tcon);
3054 else if (pSesInfo)
3055 cifs_put_smb_ses(pSesInfo);
3056
724d9f1c
PS		 3057 FreeXid(xid);
3058 }
3059#endif
3060 tcon = NULL;
3061 pSesInfo = NULL;
3062 srvTcp = NULL;
3063 full_path = NULL;
3064 tlink = NULL;
3065
3066 xid = GetXid();
1da177e4 3067
63c038c2 3068 /* get a reference to a tcp session */
7586b765 3069 srvTcp = cifs_get_tcp_session(volume_info);
63c038c2
JL		 3070 if (IS_ERR(srvTcp)) {
3071 rc = PTR_ERR(srvTcp);
dd854466 3072 bdi_destroy(&cifs_sb->bdi);
63c038c2 3073 goto out;
1da177e4
LT		 3074 }
3075
36988c76
JL		 3076 /* get a reference to a SMB session */
3077 pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
3078 if (IS_ERR(pSesInfo)) {
3079 rc = PTR_ERR(pSesInfo);
3080 pSesInfo = NULL;
3081 goto mount_fail_check;
1da177e4 3082 }
50c2f753 3083
d00c28de
JL		 3084 /* search for existing tcon to this server share */
3085 tcon = cifs_get_tcon(pSesInfo, volume_info);
3086 if (IS_ERR(tcon)) {
3087 rc = PTR_ERR(tcon);
3088 tcon = NULL;
1bfe73c2 3089 goto remote_path_check;
d00c28de 3090 }
1bfe73c2 3091
d82c2df5 3092 /* tell server which Unix caps we support */
6848b733 3093 if (tcon->ses->capabilities & CAP_UNIX) {
d82c2df5
SF		 3094 /* reset of caps checks mount to see if unix extensions
3095 disabled for just this mount */
2c6292ae 3096 reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
6848b733
SF		 3097 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3098 (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3099 CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3100 rc = -EACCES;
3101 goto mount_fail_check;
3102 }
3103 } else
d82c2df5 3104 tcon->unix_ext = 0; /* server does not support them */
c18c842b 3105
6848b733
SF		 3106 /* do not care if following two calls succeed - informational */
3107 if (!tcon->ipc) {
3108 CIFSSMBQFSDeviceInfo(xid, tcon);
3109 CIFSSMBQFSAttributeInfo(xid, tcon);
3110 }
3111
d82c2df5
SF		 3112 if ((tcon->unix_ext == 0) && (cifs_sb->rsize > (1024 * 127))) {
3113 cifs_sb->rsize = 1024 * 127;
b6b38f70 3114 cFYI(DBG2, "no very large read support, rsize now 127K");
1da177e4 3115 }
d82c2df5
SF		 3116 if (!(tcon->ses->capabilities & CAP_LARGE_READ_X))
3117 cifs_sb->rsize = min(cifs_sb->rsize,
3118 (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
1da177e4 3119
f7910cbd
JL		 3120 cifs_sb->wsize = cifs_negotiate_wsize(tcon, volume_info);
3121
1bfe73c2 3122remote_path_check:
c1508ca2
SF		 3123#ifdef CONFIG_CIFS_DFS_UPCALL
3124 /*
3125 * Perform an unconditional check for whether there are DFS
3126 * referrals for this path without prefix, to provide support
3127 * for DFS referrals from w2k8 servers which don't seem to respond
3128 * with PATH_NOT_COVERED to requests that include the prefix.
3129 * Chase the referral if found, otherwise continue normally.
3130 */
3131 if (referral_walks_count == 0) {
3132 int refrc = expand_dfs_referral(xid, pSesInfo, volume_info,
046462ab 3133 cifs_sb, false);
c1508ca2
SF		 3134 if (!refrc) {
3135 referral_walks_count++;
3136 goto try_mount_again;
3137 }
3138 }
3139#endif
3140
f87d39d9 3141 /* check if a whole path is not remote */
70945643 3142 if (!rc && tcon) {
e4cce94c 3143 /* build_path_to_root works only when we have a valid tcon */
f87d39d9 3144 full_path = cifs_build_path_to_root(volume_info, cifs_sb, tcon);
e4cce94c
IM		 3145 if (full_path == NULL) {
3146 rc = -ENOMEM;
3147 goto mount_fail_check;
3148 }
3149 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
03ceace5 3150 if (rc != 0 && rc != -EREMOTE) {
e4cce94c
IM		 3151 kfree(full_path);
3152 goto mount_fail_check;
3153 }
3154 kfree(full_path);
3155 }
3156
1bfe73c2
IM		 3157 /* get referral if needed */
3158 if (rc == -EREMOTE) {
d036f50f 3159#ifdef CONFIG_CIFS_DFS_UPCALL
5c2503a8
IM		 3160 if (referral_walks_count > MAX_NESTED_LINKS) {
3161 /*
3162 * BB: when we implement proper loop detection,
3163 * we will remove this check. But now we need it
3164 * to prevent an indefinite loop if 'DFS tree' is
3165 * misconfigured (i.e. has loops).
3166 */
3167 rc = -ELOOP;
3168 goto mount_fail_check;
3169 }
1bfe73c2 3170
dd613945 3171 rc = expand_dfs_referral(xid, pSesInfo, volume_info, cifs_sb,
046462ab 3172 true);
7b91e266 3173
dd613945 3174 if (!rc) {
5c2503a8 3175 referral_walks_count++;
1bfe73c2
IM		 3176 goto try_mount_again;
3177 }
dd613945 3178 goto mount_fail_check;
d036f50f
SF		 3179#else /* No DFS support, return error on mount */
3180 rc = -EOPNOTSUPP;
3181#endif
1bfe73c2
IM		 3182 }
3183
9d002df4
JL		 3184 if (rc)
3185 goto mount_fail_check;
3186
3187 /* now, hang the tcon off of the superblock */
3188 tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3189 if (tlink == NULL) {
3190 rc = -ENOMEM;
3191 goto mount_fail_check;
3192 }
3193
b647c35f 3194 tlink->tl_uid = pSesInfo->linux_uid;
9d002df4
JL		 3195 tlink->tl_tcon = tcon;
3196 tlink->tl_time = jiffies;
3197 set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
3198 set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3199
b647c35f 3200 cifs_sb->master_tlink = tlink;
9d002df4 3201 spin_lock(&cifs_sb->tlink_tree_lock);
b647c35f 3202 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
9d002df4 3203 spin_unlock(&cifs_sb->tlink_tree_lock);
413e661c 3204
2de970ff
JL		 3205 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3206 TLINK_IDLE_EXPIRE);
3207
1bfe73c2
IM		 3208mount_fail_check:
3209 /* on error free sesinfo and tcon struct if needed */
3210 if (rc) {
1bfe73c2 3211 /* If find_unc succeeded then rc == 0 so we can not end */
25985edc 3212 /* up accidentally freeing someone elses tcon struct */
1bfe73c2
IM		 3213 if (tcon)
3214 cifs_put_tcon(tcon);
3215 else if (pSesInfo)
3216 cifs_put_smb_ses(pSesInfo);
3217 else
3218 cifs_put_tcp_session(srvTcp);
dd854466 3219 bdi_destroy(&cifs_sb->bdi);
1bfe73c2
IM		 3220 }
3221
70fe7dc0 3222out:
1da177e4
LT		 3223 FreeXid(xid);
3224 return rc;
3225}
3226
8d1bca32
JL		 3227/*
3228 * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
3229 * pointer may be NULL.
3230 */
1da177e4 3231int
96daf2b0
SF		 3232CIFSTCon(unsigned int xid, struct cifs_ses *ses,
3233 const char *tree, struct cifs_tcon *tcon,
1da177e4
LT		 3234 const struct nls_table *nls_codepage)
3235{
3236 struct smb_hdr *smb_buffer;
3237 struct smb_hdr *smb_buffer_response;
3238 TCONX_REQ *pSMB;
3239 TCONX_RSP *pSMBr;
3240 unsigned char *bcc_ptr;
3241 int rc = 0;
690c522f
JL		 3242 int length;
3243 __u16 bytes_left, count;
1da177e4
LT		 3244
3245 if (ses == NULL)
3246 return -EIO;
3247
3248 smb_buffer = cifs_buf_get();
ca43e3be 3249 if (smb_buffer == NULL)
1da177e4 3250 return -ENOMEM;
ca43e3be 3251
1da177e4
LT		 3252 smb_buffer_response = smb_buffer;
3253
3254 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3255 NULL /*no tid */ , 4 /*wct */ );
1982c344
SF		 3256
3257 smb_buffer->Mid = GetNextMid(ses->server);
1da177e4
LT		 3258 smb_buffer->Uid = ses->Suid;
3259 pSMB = (TCONX_REQ *) smb_buffer;
3260 pSMBr = (TCONX_RSP *) smb_buffer_response;
3261
3262 pSMB->AndXCommand = 0xFF;
3263 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
1da177e4 3264 bcc_ptr = &pSMB->Password[0];
8d1bca32 3265 if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
eeac8047 3266 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
7c7b25bc 3267 *bcc_ptr = 0; /* password is null byte */
eeac8047 3268 bcc_ptr++; /* skip password */
7c7b25bc 3269 /* already aligned so no need to do it below */
eeac8047 3270 } else {
540b2e37 3271 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
eeac8047
SF		 3272 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3273 specified as required (when that support is added to
3274 the vfs in the future) as only NTLM or the much
7c7b25bc 3275 weaker LANMAN (which we do not send by default) is accepted
eeac8047
SF		 3276 by Samba (not sure whether other servers allow
3277 NTLMv2 password here) */
7c7b25bc 3278#ifdef CONFIG_CIFS_WEAK_PW_HASH
04912d6a 3279 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
00e485b0 3280 (ses->server->secType == LANMAN))
d3ba50b1 3281 calc_lanman_hash(tcon->password, ses->server->cryptkey,
96daf2b0 3282 ses->server->sec_mode &
4e53a3fb
JL		 3283 SECMODE_PW_ENCRYPT ? true : false,
3284 bcc_ptr);
7c7b25bc
SF		 3285 else
3286#endif /* CIFS_WEAK_PW_HASH */
ee2c9258
SP		 3287 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
3288 bcc_ptr);
eeac8047 3289
540b2e37 3290 bcc_ptr += CIFS_AUTH_RESP_SIZE;
fb8c4b14 3291 if (ses->capabilities & CAP_UNICODE) {
7c7b25bc
SF		 3292 /* must align unicode strings */
3293 *bcc_ptr = 0; /* null byte password */
3294 bcc_ptr++;
3295 }
eeac8047 3296 }
1da177e4 3297
96daf2b0 3298 if (ses->server->sec_mode &
a878fb22 3299 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
1da177e4
LT		 3300 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3301
3302 if (ses->capabilities & CAP_STATUS32) {
3303 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3304 }
3305 if (ses->capabilities & CAP_DFS) {
3306 smb_buffer->Flags2 |= SMBFLG2_DFS;
3307 }
3308 if (ses->capabilities & CAP_UNICODE) {
3309 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3310 length =
50c2f753
SF		 3311 cifs_strtoUCS((__le16 *) bcc_ptr, tree,
3312 6 /* max utf8 char length in bytes */ *
a878fb22
SF		 3313 (/* server len*/ + 256 /* share len */), nls_codepage);
3314 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
1da177e4
LT		 3315 bcc_ptr += 2; /* skip trailing null */
3316 } else { /* ASCII */
1da177e4
LT		 3317 strcpy(bcc_ptr, tree);
3318 bcc_ptr += strlen(tree) + 1;
3319 }
3320 strcpy(bcc_ptr, "?????");
3321 bcc_ptr += strlen("?????");
3322 bcc_ptr += 1;
3323 count = bcc_ptr - &pSMB->Password[0];
be8e3b00
SF		 3324 pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
3325 pSMB->hdr.smb_buf_length) + count);
1da177e4
LT		 3326 pSMB->ByteCount = cpu_to_le16(count);
3327
133672ef 3328 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
7749981e 3329 0);
1da177e4 3330
1da177e4
LT		 3331 /* above now done in SendReceive */
3332 if ((rc == 0) && (tcon != NULL)) {
0e0d2cf3
SF		 3333 bool is_unicode;
3334
1da177e4 3335 tcon->tidStatus = CifsGood;
3b795210 3336 tcon->need_reconnect = false;
1da177e4
LT		 3337 tcon->tid = smb_buffer_response->Tid;
3338 bcc_ptr = pByteArea(smb_buffer_response);
690c522f 3339 bytes_left = get_bcc(smb_buffer_response);
cc20c031 3340 length = strnlen(bcc_ptr, bytes_left - 2);
0e0d2cf3
SF		 3341 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3342 is_unicode = true;
3343 else
3344 is_unicode = false;
3345
cc20c031 3346
50c2f753 3347 /* skip service field (NB: this field is always ASCII) */
7f8ed420
SF		 3348 if (length == 3) {
3349 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
3350 (bcc_ptr[2] == 'C')) {
b6b38f70 3351 cFYI(1, "IPC connection");
7f8ed420
SF		 3352 tcon->ipc = 1;
3353 }
3354 } else if (length == 2) {
3355 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
3356 /* the most common case */
b6b38f70 3357 cFYI(1, "disk share connection");
7f8ed420
SF		 3358 }
3359 }
50c2f753 3360 bcc_ptr += length + 1;
cc20c031 3361 bytes_left -= (length + 1);
1da177e4 3362 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
cc20c031
JL		 3363
3364 /* mostly informational -- no need to fail on error here */
90a98b2f 3365 kfree(tcon->nativeFileSystem);
d185cda7 3366 tcon->nativeFileSystem = cifs_strndup_from_ucs(bcc_ptr,
0e0d2cf3 3367 bytes_left, is_unicode,
cc20c031
JL		 3368 nls_codepage);
3369
b6b38f70 3370 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
cc20c031 3371
fb8c4b14 3372 if ((smb_buffer_response->WordCount == 3) ||
1a4e15a0
SF		 3373 (smb_buffer_response->WordCount == 7))
3374 /* field is in same location */
3979877e
SF		 3375 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3376 else
3377 tcon->Flags = 0;
b6b38f70 3378 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
1da177e4 3379 } else if ((rc == 0) && tcon == NULL) {
50c2f753 3380 /* all we need to save for IPC$ connection */
1da177e4
LT		 3381 ses->ipc_tid = smb_buffer_response->Tid;
3382 }
3383
a8a11d39 3384 cifs_buf_release(smb_buffer);
1da177e4
LT		 3385 return rc;
3386}
3387
2a9b9951
AV		 3388void
3389cifs_umount(struct cifs_sb_info *cifs_sb)
1da177e4 3390{
b647c35f
JL		 3391 struct rb_root *root = &cifs_sb->tlink_tree;
3392 struct rb_node *node;
3393 struct tcon_link *tlink;
9d002df4 3394
2de970ff
JL		 3395 cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
3396
b647c35f
JL		 3397 spin_lock(&cifs_sb->tlink_tree_lock);
3398 while ((node = rb_first(root))) {
3399 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3400 cifs_get_tlink(tlink);
3401 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3402 rb_erase(node, root);
1da177e4 3403
b647c35f
JL		 3404 spin_unlock(&cifs_sb->tlink_tree_lock);
3405 cifs_put_tlink(tlink);
3406 spin_lock(&cifs_sb->tlink_tree_lock);
3407 }
3408 spin_unlock(&cifs_sb->tlink_tree_lock);
50c2f753 3409
dd854466 3410 bdi_destroy(&cifs_sb->bdi);
d757d71b
AV		 3411 kfree(cifs_sb->mountdata);
3412 unload_nls(cifs_sb->local_nls);
3413 kfree(cifs_sb);
50c2f753 3414}
1da177e4 3415
96daf2b0 3416int cifs_negotiate_protocol(unsigned int xid, struct cifs_ses *ses)
1da177e4
LT		 3417{
3418 int rc = 0;
198b5682 3419 struct TCP_Server_Info *server = ses->server;
1da177e4 3420
198b5682
JL		 3421 /* only send once per connect */
3422 if (server->maxBuf != 0)
3423 return 0;
3424
3425 rc = CIFSSMBNegotiate(xid, ses);
3426 if (rc == -EAGAIN) {
3427 /* retry only once on 1st time connection */
3428 rc = CIFSSMBNegotiate(xid, ses);
3429 if (rc == -EAGAIN)
3430 rc = -EHOSTDOWN;
1da177e4 3431 }
198b5682
JL		 3432 if (rc == 0) {
3433 spin_lock(&GlobalMid_Lock);
7fdbaa1b 3434 if (server->tcpStatus == CifsNeedNegotiate)
198b5682
JL		 3435 server->tcpStatus = CifsGood;
3436 else
3437 rc = -EHOSTDOWN;
3438 spin_unlock(&GlobalMid_Lock);
26b994fa 3439
198b5682
JL		 3440 }
3441
3442 return rc;
3443}
3444
3445
96daf2b0 3446int cifs_setup_session(unsigned int xid, struct cifs_ses *ses,
198b5682
JL		 3447 struct nls_table *nls_info)
3448{
3449 int rc = 0;
3450 struct TCP_Server_Info *server = ses->server;
26b994fa 3451
198b5682
JL		 3452 ses->flags = 0;
3453 ses->capabilities = server->capabilities;
26b994fa 3454 if (linuxExtEnabled == 0)
198b5682 3455 ses->capabilities &= (~CAP_UNIX);
20418acd 3456
b6b38f70 3457 cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
96daf2b0 3458 server->sec_mode, server->capabilities, server->timeAdj);
cb7691b6 3459
198b5682 3460 rc = CIFS_SessSetup(xid, ses, nls_info);
26b994fa 3461 if (rc) {
b6b38f70 3462 cERROR(1, "Send error in SessSetup = %d", rc);
26b994fa 3463 } else {
5d0d2882
SP		 3464 mutex_lock(&ses->server->srv_mutex);
3465 if (!server->session_estab) {
21e73393 3466 server->session_key.response = ses->auth_key.response;
5d0d2882 3467 server->session_key.len = ses->auth_key.len;
21e73393
SP		 3468 server->sequence_number = 0x2;
3469 server->session_estab = true;
3470 ses->auth_key.response = NULL;
5d0d2882
SP		 3471 }
3472 mutex_unlock(&server->srv_mutex);
3473
b6b38f70 3474 cFYI(1, "CIFS Session Established successfully");
20418acd 3475 spin_lock(&GlobalMid_Lock);
198b5682
JL		 3476 ses->status = CifsGood;
3477 ses->need_reconnect = false;
20418acd 3478 spin_unlock(&GlobalMid_Lock);
1da177e4 3479 }
26b994fa 3480
21e73393
SP		 3481 kfree(ses->auth_key.response);
3482 ses->auth_key.response = NULL;
3483 ses->auth_key.len = 0;
d3686d54
SP		 3484 kfree(ses->ntlmssp);
3485 ses->ntlmssp = NULL;
21e73393 3486
1da177e4
LT		 3487 return rc;
3488}
3489
96daf2b0 3490static struct cifs_tcon *
9d002df4
JL		 3491cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
3492{
96daf2b0
SF		 3493 struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
3494 struct cifs_ses *ses;
3495 struct cifs_tcon *tcon = NULL;
9d002df4 3496 struct smb_vol *vol_info;
34c87901
SF		 3497 char username[28]; /* big enough for "krb50x" + hex of ULONG_MAX 6+16 */
3498 /* We used to have this as MAX_USERNAME which is */
3499 /* way too big now (256 instead of 32) */
9d002df4
JL		 3500
3501 vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
3502 if (vol_info == NULL) {
3503 tcon = ERR_PTR(-ENOMEM);
3504 goto out;
3505 }
3506
ea1be1a3 3507 snprintf(username, sizeof(username), "krb50x%x", fsuid);
9d002df4
JL		 3508 vol_info->username = username;
3509 vol_info->local_nls = cifs_sb->local_nls;
3510 vol_info->linux_uid = fsuid;
3511 vol_info->cred_uid = fsuid;
3512 vol_info->UNC = master_tcon->treeName;
3513 vol_info->retry = master_tcon->retry;
3514 vol_info->nocase = master_tcon->nocase;
3515 vol_info->local_lease = master_tcon->local_lease;
3516 vol_info->no_linux_ext = !master_tcon->unix_ext;
3517
3518 /* FIXME: allow for other secFlg settings */
3519 vol_info->secFlg = CIFSSEC_MUST_KRB5;
3520
3521 /* get a reference for the same TCP session */
3f9bcca7 3522 spin_lock(&cifs_tcp_ses_lock);
9d002df4 3523 ++master_tcon->ses->server->srv_count;
3f9bcca7 3524 spin_unlock(&cifs_tcp_ses_lock);
9d002df4
JL		 3525
3526 ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
3527 if (IS_ERR(ses)) {
96daf2b0 3528 tcon = (struct cifs_tcon *)ses;
9d002df4
JL		 3529 cifs_put_tcp_session(master_tcon->ses->server);
3530 goto out;
3531 }
3532
3533 tcon = cifs_get_tcon(ses, vol_info);
3534 if (IS_ERR(tcon)) {
3535 cifs_put_smb_ses(ses);
3536 goto out;
3537 }
3538
3539 if (ses->capabilities & CAP_UNIX)
3540 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
3541out:
3542 kfree(vol_info);
3543
3544 return tcon;
3545}
3546
96daf2b0 3547struct cifs_tcon *
9d002df4
JL		 3548cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
3549{
3550 return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
3551}
3552
3553static int
3554cifs_sb_tcon_pending_wait(void *unused)
3555{
3556 schedule();
3557 return signal_pending(current) ? -ERESTARTSYS : 0;
3558}
3559
b647c35f
JL		 3560/* find and return a tlink with given uid */
3561static struct tcon_link *
3562tlink_rb_search(struct rb_root *root, uid_t uid)
3563{
3564 struct rb_node *node = root->rb_node;
3565 struct tcon_link *tlink;
3566
3567 while (node) {
3568 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3569
3570 if (tlink->tl_uid > uid)
3571 node = node->rb_left;
3572 else if (tlink->tl_uid < uid)
3573 node = node->rb_right;
3574 else
3575 return tlink;
3576 }
3577 return NULL;
3578}
3579
3580/* insert a tcon_link into the tree */
3581static void
3582tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
3583{
3584 struct rb_node **new = &(root->rb_node), *parent = NULL;
3585 struct tcon_link *tlink;
3586
3587 while (*new) {
3588 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
3589 parent = *new;
3590
3591 if (tlink->tl_uid > new_tlink->tl_uid)
3592 new = &((*new)->rb_left);
3593 else
3594 new = &((*new)->rb_right);
3595 }
3596
3597 rb_link_node(&new_tlink->tl_rbnode, parent, new);
3598 rb_insert_color(&new_tlink->tl_rbnode, root);
3599}
3600
9d002df4
JL		 3601/*
3602 * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
3603 * current task.
3604 *
3605 * If the superblock doesn't refer to a multiuser mount, then just return
3606 * the master tcon for the mount.
3607 *
6ef933a3 3608 * First, search the rbtree for an existing tcon for this fsuid. If one
9d002df4
JL		 3609 * exists, then check to see if it's pending construction. If it is then wait
3610 * for construction to complete. Once it's no longer pending, check to see if
3611 * it failed and either return an error or retry construction, depending on
3612 * the timeout.
3613 *
3614 * If one doesn't exist then insert a new tcon_link struct into the tree and
3615 * try to construct a new one.
3616 */
3617struct tcon_link *
3618cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
3619{
3620 int ret;
b647c35f 3621 uid_t fsuid = current_fsuid();
9d002df4
JL		 3622 struct tcon_link *tlink, *newtlink;
3623
3624 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
3625 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
3626
3627 spin_lock(&cifs_sb->tlink_tree_lock);
b647c35f 3628 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
9d002df4
JL		 3629 if (tlink)
3630 cifs_get_tlink(tlink);
3631 spin_unlock(&cifs_sb->tlink_tree_lock);
3632
3633 if (tlink == NULL) {
3634 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
3635 if (newtlink == NULL)
3636 return ERR_PTR(-ENOMEM);
b647c35f 3637 newtlink->tl_uid = fsuid;
9d002df4
JL		 3638 newtlink->tl_tcon = ERR_PTR(-EACCES);
3639 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
3640 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
3641 cifs_get_tlink(newtlink);
3642
9d002df4
JL		 3643 spin_lock(&cifs_sb->tlink_tree_lock);
3644 /* was one inserted after previous search? */
b647c35f 3645 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
9d002df4
JL		 3646 if (tlink) {
3647 cifs_get_tlink(tlink);
3648 spin_unlock(&cifs_sb->tlink_tree_lock);
9d002df4
JL		 3649 kfree(newtlink);
3650 goto wait_for_construction;
3651 }
9d002df4 3652 tlink = newtlink;
b647c35f
JL		 3653 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
3654 spin_unlock(&cifs_sb->tlink_tree_lock);
9d002df4
JL		 3655 } else {
3656wait_for_construction:
3657 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
3658 cifs_sb_tcon_pending_wait,
3659 TASK_INTERRUPTIBLE);
3660 if (ret) {
3661 cifs_put_tlink(tlink);
3662 return ERR_PTR(ret);
3663 }
3664
3665 /* if it's good, return it */
3666 if (!IS_ERR(tlink->tl_tcon))
3667 return tlink;
3668
3669 /* return error if we tried this already recently */
3670 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
3671 cifs_put_tlink(tlink);
3672 return ERR_PTR(-EACCES);
3673 }
3674
3675 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
3676 goto wait_for_construction;
3677 }
3678
3679 tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
3680 clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
3681 wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
3682
3683 if (IS_ERR(tlink->tl_tcon)) {
3684 cifs_put_tlink(tlink);
3685 return ERR_PTR(-EACCES);
3686 }
3687
3688 return tlink;
3689}
2de970ff
JL		 3690
3691/*
3692 * periodic workqueue job that scans tcon_tree for a superblock and closes
3693 * out tcons.
3694 */
3695static void
3696cifs_prune_tlinks(struct work_struct *work)
3697{
3698 struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
3699 prune_tlinks.work);
b647c35f
JL		 3700 struct rb_root *root = &cifs_sb->tlink_tree;
3701 struct rb_node *node = rb_first(root);
3702 struct rb_node *tmp;
3703 struct tcon_link *tlink;
2de970ff 3704
b647c35f
JL		 3705 /*
3706 * Because we drop the spinlock in the loop in order to put the tlink
3707 * it's not guarded against removal of links from the tree. The only
3708 * places that remove entries from the tree are this function and
3709 * umounts. Because this function is non-reentrant and is canceled
3710 * before umount can proceed, this is safe.
3711 */
3712 spin_lock(&cifs_sb->tlink_tree_lock);
3713 node = rb_first(root);
3714 while (node != NULL) {
3715 tmp = node;
3716 node = rb_next(tmp);
3717 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
3718
3719 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
3720 atomic_read(&tlink->tl_count) != 0 ||
3721 time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
3722 continue;
2de970ff 3723
b647c35f
JL		 3724 cifs_get_tlink(tlink);
3725 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3726 rb_erase(tmp, root);
3727
3728 spin_unlock(&cifs_sb->tlink_tree_lock);
3729 cifs_put_tlink(tlink);
3730 spin_lock(&cifs_sb->tlink_tree_lock);
3731 }
3732 spin_unlock(&cifs_sb->tlink_tree_lock);
2de970ff
JL		 3733
3734 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3735 TLINK_IDLE_EXPIRE);
3736}
ubuntu-bionic-kernel mirror