]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blame - fs/cifs/connect.c
projects / mirror_ubuntu-bionic-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
CIFS: Prepare credits code for a slot reservation
[mirror_ubuntu-bionic-kernel.git] / fs / cifs / connect.c
CommitLineData
1da177e4
LT		 1/*
2 * fs/cifs/connect.c
3 *
d185cda7 4 * Copyright (C) International Business Machines Corp., 2002,2009
1da177e4
LT		 5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
fb8c4b14 19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
1da177e4
LT		 20 */
21#include <linux/fs.h>
22#include <linux/net.h>
23#include <linux/string.h>
24#include <linux/list.h>
25#include <linux/wait.h>
5a0e3ad6 26#include <linux/slab.h>
1da177e4
LT		 27#include <linux/pagemap.h>
28#include <linux/ctype.h>
29#include <linux/utsname.h>
30#include <linux/mempool.h>
b8643e1b 31#include <linux/delay.h>
f191401f 32#include <linux/completion.h>
aaf737ad 33#include <linux/kthread.h>
0ae0efad 34#include <linux/pagevec.h>
7dfb7103 35#include <linux/freezer.h>
5c2503a8 36#include <linux/namei.h>
1da177e4
LT		 37#include <asm/uaccess.h>
38#include <asm/processor.h>
50b64e3b 39#include <linux/inet.h>
143cb494 40#include <linux/module.h>
8a8798a5 41#include <keys/user-type.h>
0e2bedaa 42#include <net/ipv6.h>
1da177e4
LT		 43#include "cifspdu.h"
44#include "cifsglob.h"
45#include "cifsproto.h"
46#include "cifs_unicode.h"
47#include "cifs_debug.h"
48#include "cifs_fs_sb.h"
49#include "ntlmssp.h"
50#include "nterr.h"
51#include "rfc1002pdu.h"
488f1d2d 52#include "fscache.h"
1da177e4
LT		 53
54#define CIFS_PORT 445
55#define RFC1001_PORT 139
56
c74093b6
JL		 57/* SMB echo "timeout" -- FIXME: tunable? */
58#define SMB_ECHO_INTERVAL (60 * HZ)
59
1da177e4
LT		 60extern mempool_t *cifs_req_poolp;
61
2de970ff 62/* FIXME: should these be tunable? */
9d002df4 63#define TLINK_ERROR_EXPIRE (1 * HZ)
2de970ff 64#define TLINK_IDLE_EXPIRE (600 * HZ)
9d002df4 65
a9f1b85e
PS		 66static int ip_connect(struct TCP_Server_Info *server);
67static int generic_ip_connect(struct TCP_Server_Info *server);
b647c35f 68static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
2de970ff 69static void cifs_prune_tlinks(struct work_struct *work);
b9bce2e9
JL		 70static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
71 const char *devname);
1da177e4 72
d5c5605c
JL		 73/*
74 * cifs tcp session reconnection
75 *
76 * mark tcp session as reconnecting so temporarily locked
77 * mark all smb sessions as reconnecting for tcp session
78 * reconnect tcp session
79 * wake up waiters on reconnection? - (not needed currently)
80 */
2cd646a2 81static int
1da177e4
LT		 82cifs_reconnect(struct TCP_Server_Info *server)
83{
84 int rc = 0;
f1987b44 85 struct list_head *tmp, *tmp2;
96daf2b0
SF		 86 struct cifs_ses *ses;
87 struct cifs_tcon *tcon;
fb8c4b14 88 struct mid_q_entry *mid_entry;
3c1105df 89 struct list_head retry_list;
50c2f753 90
1da177e4 91 spin_lock(&GlobalMid_Lock);
469ee614 92 if (server->tcpStatus == CifsExiting) {
fb8c4b14 93 /* the demux thread will exit normally
1da177e4
LT		 94 next time through the loop */
95 spin_unlock(&GlobalMid_Lock);
96 return rc;
97 } else
98 server->tcpStatus = CifsNeedReconnect;
99 spin_unlock(&GlobalMid_Lock);
100 server->maxBuf = 0;
101
b6b38f70 102 cFYI(1, "Reconnecting tcp session");
1da177e4
LT		 103
104 /* before reconnecting the tcp session, mark the smb session (uid)
105 and the tid bad so they are not used until reconnected */
2b84a36c 106 cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
3f9bcca7 107 spin_lock(&cifs_tcp_ses_lock);
14fbf50d 108 list_for_each(tmp, &server->smb_ses_list) {
96daf2b0 109 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
14fbf50d
JL		 110 ses->need_reconnect = true;
111 ses->ipc_tid = 0;
f1987b44 112 list_for_each(tmp2, &ses->tcon_list) {
96daf2b0 113 tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
3b795210 114 tcon->need_reconnect = true;
1da177e4 115 }
1da177e4 116 }
3f9bcca7 117 spin_unlock(&cifs_tcp_ses_lock);
2b84a36c 118
1da177e4 119 /* do not want to be sending data on a socket we are freeing */
2b84a36c 120 cFYI(1, "%s: tearing down socket", __func__);
72ca545b 121 mutex_lock(&server->srv_mutex);
fb8c4b14 122 if (server->ssocket) {
b6b38f70
JP		 123 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
124 server->ssocket->flags);
91cf45f0 125 kernel_sock_shutdown(server->ssocket, SHUT_WR);
b6b38f70 126 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
467a8f8d 127 server->ssocket->state,
b6b38f70 128 server->ssocket->flags);
1da177e4
LT		 129 sock_release(server->ssocket);
130 server->ssocket = NULL;
131 }
5d0d2882
SP		 132 server->sequence_number = 0;
133 server->session_estab = false;
21e73393
SP		 134 kfree(server->session_key.response);
135 server->session_key.response = NULL;
136 server->session_key.len = 0;
fda35943 137 server->lstrp = jiffies;
2b84a36c 138 mutex_unlock(&server->srv_mutex);
1da177e4 139
2b84a36c 140 /* mark submitted MIDs for retry and issue callback */
3c1105df
JL		 141 INIT_LIST_HEAD(&retry_list);
142 cFYI(1, "%s: moving mids to private list", __func__);
1da177e4 143 spin_lock(&GlobalMid_Lock);
2b84a36c
JL		 144 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
145 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
146 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
ad8b15f0 147 mid_entry->midState = MID_RETRY_NEEDED;
3c1105df
JL		 148 list_move(&mid_entry->qhead, &retry_list);
149 }
150 spin_unlock(&GlobalMid_Lock);
151
152 cFYI(1, "%s: issuing mid callbacks", __func__);
153 list_for_each_safe(tmp, tmp2, &retry_list) {
154 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
2b84a36c
JL		 155 list_del_init(&mid_entry->qhead);
156 mid_entry->callback(mid_entry);
1da177e4 157 }
1da177e4 158
7fdbaa1b 159 do {
6c3d8909 160 try_to_freeze();
a9f1b85e
PS		 161
162 /* we should try only the port we connected to before */
163 rc = generic_ip_connect(server);
fb8c4b14 164 if (rc) {
b6b38f70 165 cFYI(1, "reconnect error %d", rc);
0cb766ae 166 msleep(3000);
1da177e4
LT		 167 } else {
168 atomic_inc(&tcpSesReconnectCount);
169 spin_lock(&GlobalMid_Lock);
469ee614 170 if (server->tcpStatus != CifsExiting)
fd88ce93 171 server->tcpStatus = CifsNeedNegotiate;
fb8c4b14 172 spin_unlock(&GlobalMid_Lock);
1da177e4 173 }
7fdbaa1b 174 } while (server->tcpStatus == CifsNeedReconnect);
2b84a36c 175
1da177e4
LT		 176 return rc;
177}
178
fb8c4b14 179/*
e4eb295d
SF		 180 return codes:
181 0 not a transact2, or all data present
182 >0 transact2 with that much data missing
183 -EINVAL = invalid transact2
184
185 */
c974befa 186static int check2ndT2(struct smb_hdr *pSMB)
e4eb295d 187{
fb8c4b14 188 struct smb_t2_rsp *pSMBt;
e4eb295d 189 int remaining;
26ec2548 190 __u16 total_data_size, data_in_this_rsp;
e4eb295d 191
fb8c4b14 192 if (pSMB->Command != SMB_COM_TRANSACTION2)
e4eb295d
SF		 193 return 0;
194
fb8c4b14
SF		 195 /* check for plausible wct, bcc and t2 data and parm sizes */
196 /* check for parm and data offset going beyond end of smb */
197 if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
b6b38f70 198 cFYI(1, "invalid transact2 word count");
e4eb295d
SF		 199 return -EINVAL;
200 }
201
202 pSMBt = (struct smb_t2_rsp *)pSMB;
203
26ec2548
JL		 204 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
205 data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
e4eb295d 206
c0c7b905 207 if (total_data_size == data_in_this_rsp)
e4eb295d 208 return 0;
c0c7b905 209 else if (total_data_size < data_in_this_rsp) {
b6b38f70
JP		 210 cFYI(1, "total data %d smaller than data in frame %d",
211 total_data_size, data_in_this_rsp);
e4eb295d 212 return -EINVAL;
e4eb295d 213 }
c0c7b905
JL		 214
215 remaining = total_data_size - data_in_this_rsp;
216
217 cFYI(1, "missing %d bytes from transact2, check next response",
218 remaining);
c974befa 219 if (total_data_size > CIFSMaxBufSize) {
c0c7b905 220 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
c974befa 221 total_data_size, CIFSMaxBufSize);
c0c7b905
JL		 222 return -EINVAL;
223 }
224 return remaining;
e4eb295d
SF		 225}
226
fb8c4b14 227static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
e4eb295d 228{
f5fffcee 229 struct smb_t2_rsp *pSMBs = (struct smb_t2_rsp *)psecond;
e4eb295d 230 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
f5fffcee
JL		 231 char *data_area_of_tgt;
232 char *data_area_of_src;
26ec2548 233 int remaining;
f5fffcee
JL		 234 unsigned int byte_count, total_in_tgt;
235 __u16 tgt_total_cnt, src_total_cnt, total_in_src;
e4eb295d 236
f5fffcee
JL		 237 src_total_cnt = get_unaligned_le16(&pSMBs->t2_rsp.TotalDataCount);
238 tgt_total_cnt = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
e4eb295d 239
f5fffcee
JL		 240 if (tgt_total_cnt != src_total_cnt)
241 cFYI(1, "total data count of primary and secondary t2 differ "
242 "source=%hu target=%hu", src_total_cnt, tgt_total_cnt);
e4eb295d 243
f5fffcee 244 total_in_tgt = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
e4eb295d 245
f5fffcee 246 remaining = tgt_total_cnt - total_in_tgt;
50c2f753 247
f5fffcee
JL		 248 if (remaining < 0) {
249 cFYI(1, "Server sent too much data. tgt_total_cnt=%hu "
250 "total_in_tgt=%hu", tgt_total_cnt, total_in_tgt);
2a2047bc 251 return -EPROTO;
f5fffcee 252 }
e4eb295d 253
f5fffcee
JL		 254 if (remaining == 0) {
255 /* nothing to do, ignore */
256 cFYI(1, "no more data remains");
e4eb295d 257 return 0;
f5fffcee 258 }
50c2f753 259
f5fffcee
JL		 260 total_in_src = get_unaligned_le16(&pSMBs->t2_rsp.DataCount);
261 if (remaining < total_in_src)
b6b38f70 262 cFYI(1, "transact2 2nd response contains too much data");
e4eb295d
SF		 263
264 /* find end of first SMB data area */
f5fffcee 265 data_area_of_tgt = (char *)&pSMBt->hdr.Protocol +
26ec2548 266 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
e4eb295d 267
f5fffcee
JL		 268 /* validate target area */
269 data_area_of_src = (char *)&pSMBs->hdr.Protocol +
270 get_unaligned_le16(&pSMBs->t2_rsp.DataOffset);
e4eb295d 271
f5fffcee 272 data_area_of_tgt += total_in_tgt;
e4eb295d 273
f5fffcee 274 total_in_tgt += total_in_src;
2a2047bc 275 /* is the result too big for the field? */
f5fffcee
JL		 276 if (total_in_tgt > USHRT_MAX) {
277 cFYI(1, "coalesced DataCount too large (%u)", total_in_tgt);
2a2047bc 278 return -EPROTO;
f5fffcee
JL		 279 }
280 put_unaligned_le16(total_in_tgt, &pSMBt->t2_rsp.DataCount);
2a2047bc
JL		 281
282 /* fix up the BCC */
820a803f 283 byte_count = get_bcc(pTargetSMB);
f5fffcee 284 byte_count += total_in_src;
2a2047bc 285 /* is the result too big for the field? */
f5fffcee
JL		 286 if (byte_count > USHRT_MAX) {
287 cFYI(1, "coalesced BCC too large (%u)", byte_count);
2a2047bc 288 return -EPROTO;
f5fffcee 289 }
820a803f 290 put_bcc(byte_count, pTargetSMB);
e4eb295d 291
be8e3b00 292 byte_count = be32_to_cpu(pTargetSMB->smb_buf_length);
f5fffcee 293 byte_count += total_in_src;
2a2047bc 294 /* don't allow buffer to overflow */
f5fffcee
JL		 295 if (byte_count > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
296 cFYI(1, "coalesced BCC exceeds buffer size (%u)", byte_count);
2a2047bc 297 return -ENOBUFS;
f5fffcee 298 }
be8e3b00 299 pTargetSMB->smb_buf_length = cpu_to_be32(byte_count);
e4eb295d 300
f5fffcee
JL		 301 /* copy second buffer into end of first buffer */
302 memcpy(data_area_of_tgt, data_area_of_src, total_in_src);
2a2047bc 303
f5fffcee
JL		 304 if (remaining != total_in_src) {
305 /* more responses to go */
306 cFYI(1, "waiting for more secondary responses");
e4eb295d 307 return 1;
f5fffcee
JL		 308 }
309
310 /* we are done */
311 cFYI(1, "found the last secondary response");
312 return 0;
e4eb295d
SF		 313}
314
c74093b6
JL		 315static void
316cifs_echo_request(struct work_struct *work)
317{
318 int rc;
319 struct TCP_Server_Info *server = container_of(work,
320 struct TCP_Server_Info, echo.work);
321
247ec9b4 322 /*
195291e6
JL		 323 * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
324 * done, which is indicated by maxBuf != 0. Also, no need to ping if
325 * we got a response recently
247ec9b4 326 */
195291e6 327 if (server->maxBuf == 0 ||
247ec9b4 328 time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
c74093b6
JL		 329 goto requeue_echo;
330
331 rc = CIFSSMBEcho(server);
332 if (rc)
333 cFYI(1, "Unable to send echo request to server: %s",
334 server->hostname);
335
336requeue_echo:
337 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
338}
339
3d9c2472 340static bool
2a37ef94 341allocate_buffers(struct TCP_Server_Info *server)
3d9c2472 342{
2a37ef94
JL		 343 if (!server->bigbuf) {
344 server->bigbuf = (char *)cifs_buf_get();
345 if (!server->bigbuf) {
3d9c2472
PS		 346 cERROR(1, "No memory for large SMB response");
347 msleep(3000);
348 /* retry will check if exiting */
349 return false;
350 }
2a37ef94 351 } else if (server->large_buf) {
3d9c2472 352 /* we are reusing a dirty large buf, clear its start */
2a37ef94 353 memset(server->bigbuf, 0, sizeof(struct smb_hdr));
3d9c2472
PS		 354 }
355
2a37ef94
JL		 356 if (!server->smallbuf) {
357 server->smallbuf = (char *)cifs_small_buf_get();
358 if (!server->smallbuf) {
3d9c2472
PS		 359 cERROR(1, "No memory for SMB response");
360 msleep(1000);
361 /* retry will check if exiting */
362 return false;
363 }
364 /* beginning of smb buffer is cleared in our buf_get */
365 } else {
366 /* if existing small buf clear beginning */
2a37ef94 367 memset(server->smallbuf, 0, sizeof(struct smb_hdr));
3d9c2472
PS		 368 }
369
3d9c2472
PS		 370 return true;
371}
372
ba749e6d
JL		 373static bool
374server_unresponsive(struct TCP_Server_Info *server)
375{
376 if (echo_retries > 0 && server->tcpStatus == CifsGood &&
377 time_after(jiffies, server->lstrp +
378 (echo_retries * SMB_ECHO_INTERVAL))) {
379 cERROR(1, "Server %s has not responded in %d seconds. "
380 "Reconnecting...", server->hostname,
381 (echo_retries * SMB_ECHO_INTERVAL / HZ));
382 cifs_reconnect(server);
383 wake_up(&server->response_q);
384 return true;
385 }
386
387 return false;
388}
389
42c4dfc2
JL		 390/*
391 * kvec_array_init - clone a kvec array, and advance into it
392 * @new: pointer to memory for cloned array
393 * @iov: pointer to original array
394 * @nr_segs: number of members in original array
395 * @bytes: number of bytes to advance into the cloned array
396 *
397 * This function will copy the array provided in iov to a section of memory
398 * and advance the specified number of bytes into the new array. It returns
399 * the number of segments in the new array. "new" must be at least as big as
400 * the original iov array.
401 */
402static unsigned int
403kvec_array_init(struct kvec *new, struct kvec *iov, unsigned int nr_segs,
404 size_t bytes)
405{
406 size_t base = 0;
407
408 while (bytes || !iov->iov_len) {
409 int copy = min(bytes, iov->iov_len);
410
411 bytes -= copy;
412 base += copy;
413 if (iov->iov_len == base) {
414 iov++;
415 nr_segs--;
416 base = 0;
417 }
418 }
419 memcpy(new, iov, sizeof(*iov) * nr_segs);
420 new->iov_base += base;
421 new->iov_len -= base;
422 return nr_segs;
423}
424
1041e3f9
JL		 425static struct kvec *
426get_server_iovec(struct TCP_Server_Info *server, unsigned int nr_segs)
e7015fb1 427{
1041e3f9
JL		 428 struct kvec *new_iov;
429
430 if (server->iov && nr_segs <= server->nr_iov)
431 return server->iov;
432
433 /* not big enough -- allocate a new one and release the old */
434 new_iov = kmalloc(sizeof(*new_iov) * nr_segs, GFP_NOFS);
435 if (new_iov) {
436 kfree(server->iov);
437 server->iov = new_iov;
438 server->nr_iov = nr_segs;
439 }
440 return new_iov;
441}
442
e28bc5b1
JL		 443int
444cifs_readv_from_socket(struct TCP_Server_Info *server, struct kvec *iov_orig,
445 unsigned int nr_segs, unsigned int to_read)
e7015fb1 446{
a52c1eb7
JL		 447 int length = 0;
448 int total_read;
42c4dfc2 449 unsigned int segs;
e831e6cf 450 struct msghdr smb_msg;
42c4dfc2
JL		 451 struct kvec *iov;
452
1041e3f9 453 iov = get_server_iovec(server, nr_segs);
42c4dfc2
JL		 454 if (!iov)
455 return -ENOMEM;
e7015fb1 456
e831e6cf
JL		 457 smb_msg.msg_control = NULL;
458 smb_msg.msg_controllen = 0;
459
a52c1eb7 460 for (total_read = 0; to_read; total_read += length, to_read -= length) {
95edcff4
JL		 461 try_to_freeze();
462
ba749e6d 463 if (server_unresponsive(server)) {
a52c1eb7 464 total_read = -EAGAIN;
ba749e6d
JL		 465 break;
466 }
467
42c4dfc2
JL		 468 segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
469
470 length = kernel_recvmsg(server->ssocket, &smb_msg,
471 iov, segs, to_read, 0);
e7015fb1 472
e7015fb1 473 if (server->tcpStatus == CifsExiting) {
a52c1eb7 474 total_read = -ESHUTDOWN;
e7015fb1
PS		 475 break;
476 } else if (server->tcpStatus == CifsNeedReconnect) {
477 cifs_reconnect(server);
a52c1eb7 478 total_read = -EAGAIN;
e7015fb1
PS		 479 break;
480 } else if (length == -ERESTARTSYS ||
481 length == -EAGAIN ||
482 length == -EINTR) {
483 /*
484 * Minimum sleep to prevent looping, allowing socket
485 * to clear and app threads to set tcpStatus
486 * CifsNeedReconnect if server hung.
487 */
488 usleep_range(1000, 2000);
489 length = 0;
a52c1eb7 490 continue;
e7015fb1 491 } else if (length <= 0) {
a52c1eb7
JL		 492 cFYI(1, "Received no data or error: expecting %d "
493 "got %d", to_read, length);
e7015fb1 494 cifs_reconnect(server);
a52c1eb7 495 total_read = -EAGAIN;
e7015fb1
PS		 496 break;
497 }
498 }
a52c1eb7 499 return total_read;
e7015fb1 500}
e7015fb1 501
e28bc5b1
JL		 502int
503cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
504 unsigned int to_read)
42c4dfc2
JL		 505{
506 struct kvec iov;
507
508 iov.iov_base = buf;
509 iov.iov_len = to_read;
510
e28bc5b1 511 return cifs_readv_from_socket(server, &iov, 1, to_read);
e7015fb1
PS		 512}
513
98bac62c 514static bool
fe11e4cc 515is_smb_response(struct TCP_Server_Info *server, unsigned char type)
98bac62c 516{
98bac62c
PS		 517 /*
518 * The first byte big endian of the length field,
519 * is actually not part of the length but the type
520 * with the most common, zero, as regular data.
521 */
fe11e4cc
JL		 522 switch (type) {
523 case RFC1002_SESSION_MESSAGE:
524 /* Regular SMB response */
525 return true;
526 case RFC1002_SESSION_KEEP_ALIVE:
527 cFYI(1, "RFC 1002 session keep alive");
528 break;
529 case RFC1002_POSITIVE_SESSION_RESPONSE:
530 cFYI(1, "RFC 1002 positive session response");
531 break;
532 case RFC1002_NEGATIVE_SESSION_RESPONSE:
98bac62c
PS		 533 /*
534 * We get this from Windows 98 instead of an error on
535 * SMB negprot response.
536 */
fe11e4cc 537 cFYI(1, "RFC 1002 negative session response");
98bac62c
PS		 538 /* give server a second to clean up */
539 msleep(1000);
540 /*
541 * Always try 445 first on reconnect since we get NACK
542 * on some if we ever connected to port 139 (the NACK
543 * is since we do not begin with RFC1001 session
544 * initialize frame).
545 */
fe11e4cc 546 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
98bac62c
PS		 547 cifs_reconnect(server);
548 wake_up(&server->response_q);
fe11e4cc
JL		 549 break;
550 default:
551 cERROR(1, "RFC 1002 unknown response type 0x%x", type);
98bac62c 552 cifs_reconnect(server);
98bac62c
PS		 553 }
554
fe11e4cc 555 return false;
98bac62c
PS		 556}
557
ad69bae1 558static struct mid_q_entry *
ea1f4502 559find_mid(struct TCP_Server_Info *server, struct smb_hdr *buf)
ad69bae1 560{
ea1f4502 561 struct mid_q_entry *mid;
ad69bae1
PS		 562
563 spin_lock(&GlobalMid_Lock);
ea1f4502
JL		 564 list_for_each_entry(mid, &server->pending_mid_q, qhead) {
565 if (mid->mid == buf->Mid &&
566 mid->midState == MID_REQUEST_SUBMITTED &&
567 mid->command == buf->Command) {
568 spin_unlock(&GlobalMid_Lock);
569 return mid;
ad69bae1 570 }
ea1f4502
JL		 571 }
572 spin_unlock(&GlobalMid_Lock);
573 return NULL;
574}
575
e28bc5b1
JL		 576void
577dequeue_mid(struct mid_q_entry *mid, bool malformed)
ea1f4502 578{
ad69bae1 579#ifdef CONFIG_CIFS_STATS2
ea1f4502 580 mid->when_received = jiffies;
ad69bae1 581#endif
ea1f4502
JL		 582 spin_lock(&GlobalMid_Lock);
583 if (!malformed)
584 mid->midState = MID_RESPONSE_RECEIVED;
585 else
586 mid->midState = MID_RESPONSE_MALFORMED;
587 list_del_init(&mid->qhead);
ad69bae1 588 spin_unlock(&GlobalMid_Lock);
ea1f4502 589}
ad69bae1 590
c8054ebd
JL		 591static void
592handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
593 struct smb_hdr *buf, int malformed)
ea1f4502 594{
ffc00e27
JL		 595 if (malformed == 0 && check2ndT2(buf) > 0) {
596 mid->multiRsp = true;
ea1f4502
JL		 597 if (mid->resp_buf) {
598 /* merge response - fix up 1st*/
ffc00e27
JL		 599 malformed = coalesce_t2(buf, mid->resp_buf);
600 if (malformed > 0)
c8054ebd 601 return;
ffc00e27 602
ea1f4502
JL		 603 /* All parts received or packet is malformed. */
604 mid->multiEnd = true;
c8054ebd 605 return dequeue_mid(mid, malformed);
ea1f4502 606 }
2a37ef94 607 if (!server->large_buf) {
ea1f4502
JL		 608 /*FIXME: switch to already allocated largebuf?*/
609 cERROR(1, "1st trans2 resp needs bigbuf");
610 } else {
611 /* Have first buffer */
612 mid->resp_buf = buf;
613 mid->largeBuf = true;
2a37ef94 614 server->bigbuf = NULL;
ea1f4502 615 }
c8054ebd 616 return;
ea1f4502
JL		 617 }
618 mid->resp_buf = buf;
2a37ef94
JL		 619 mid->largeBuf = server->large_buf;
620 /* Was previous buf put in mpx struct for multi-rsp? */
621 if (!mid->multiRsp) {
622 /* smb buffer will be freed by user thread */
623 if (server->large_buf)
624 server->bigbuf = NULL;
625 else
626 server->smallbuf = NULL;
627 }
ffc00e27 628 dequeue_mid(mid, malformed);
ad69bae1
PS		 629}
630
762dfd10
PS		 631static void clean_demultiplex_info(struct TCP_Server_Info *server)
632{
633 int length;
634
635 /* take it off the list, if it's not already */
636 spin_lock(&cifs_tcp_ses_lock);
637 list_del_init(&server->tcp_ses_list);
638 spin_unlock(&cifs_tcp_ses_lock);
639
640 spin_lock(&GlobalMid_Lock);
641 server->tcpStatus = CifsExiting;
642 spin_unlock(&GlobalMid_Lock);
643 wake_up_all(&server->response_q);
644
2d86dbc9 645 /* check if we have blocked requests that need to free */
fc40f9cf 646 spin_lock(&server->req_lock);
2d86dbc9
PS		 647 if (server->credits <= 0)
648 server->credits = 1;
fc40f9cf 649 spin_unlock(&server->req_lock);
762dfd10
PS		 650 /*
651 * Although there should not be any requests blocked on this queue it
652 * can not hurt to be paranoid and try to wake up requests that may
653 * haven been blocked when more than 50 at time were on the wire to the
654 * same server - they now will see the session is in exit state and get
655 * out of SendReceive.
656 */
657 wake_up_all(&server->request_q);
658 /* give those requests time to exit */
659 msleep(125);
660
661 if (server->ssocket) {
662 sock_release(server->ssocket);
663 server->ssocket = NULL;
664 }
665
666 if (!list_empty(&server->pending_mid_q)) {
667 struct list_head dispose_list;
668 struct mid_q_entry *mid_entry;
669 struct list_head *tmp, *tmp2;
670
671 INIT_LIST_HEAD(&dispose_list);
672 spin_lock(&GlobalMid_Lock);
673 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
674 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
675 cFYI(1, "Clearing mid 0x%x", mid_entry->mid);
676 mid_entry->midState = MID_SHUTDOWN;
677 list_move(&mid_entry->qhead, &dispose_list);
678 }
679 spin_unlock(&GlobalMid_Lock);
680
681 /* now walk dispose list and issue callbacks */
682 list_for_each_safe(tmp, tmp2, &dispose_list) {
683 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
684 cFYI(1, "Callback mid 0x%x", mid_entry->mid);
685 list_del_init(&mid_entry->qhead);
686 mid_entry->callback(mid_entry);
687 }
688 /* 1/8th of sec is more than enough time for them to exit */
689 msleep(125);
690 }
691
692 if (!list_empty(&server->pending_mid_q)) {
693 /*
694 * mpx threads have not exited yet give them at least the smb
695 * send timeout time for long ops.
696 *
697 * Due to delays on oplock break requests, we need to wait at
698 * least 45 seconds before giving up on a request getting a
699 * response and going ahead and killing cifsd.
700 */
701 cFYI(1, "Wait for exit from demultiplex thread");
702 msleep(46000);
703 /*
704 * If threads still have not exited they are probably never
705 * coming home not much else we can do but free the memory.
706 */
707 }
708
709 kfree(server->hostname);
1041e3f9 710 kfree(server->iov);
762dfd10
PS		 711 kfree(server);
712
713 length = atomic_dec_return(&tcpSesAllocCount);
714 if (length > 0)
715 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
716 GFP_KERNEL);
717}
718
e9097ab4
JL		 719static int
720standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
721{
722 int length;
723 char *buf = server->smallbuf;
724 struct smb_hdr *smb_buffer = (struct smb_hdr *)buf;
725 unsigned int pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
726
727 /* make sure this will fit in a large buffer */
728 if (pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
729 cERROR(1, "SMB response too long (%u bytes)",
730 pdu_length);
731 cifs_reconnect(server);
732 wake_up(&server->response_q);
733 return -EAGAIN;
734 }
735
736 /* switch to large buffer if too big for a small one */
737 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
738 server->large_buf = true;
739 memcpy(server->bigbuf, server->smallbuf, server->total_read);
740 buf = server->bigbuf;
741 smb_buffer = (struct smb_hdr *)buf;
742 }
743
744 /* now read the rest */
e28bc5b1 745 length = cifs_read_from_socket(server,
e9097ab4
JL		 746 buf + sizeof(struct smb_hdr) - 1,
747 pdu_length - sizeof(struct smb_hdr) + 1 + 4);
748 if (length < 0)
749 return length;
750 server->total_read += length;
751
752 dump_smb(smb_buffer, server->total_read);
753
754 /*
755 * We know that we received enough to get to the MID as we
756 * checked the pdu_length earlier. Now check to see
757 * if the rest of the header is OK. We borrow the length
758 * var for the rest of the loop to avoid a new stack var.
759 *
760 * 48 bytes is enough to display the header and a little bit
761 * into the payload for debugging purposes.
762 */
763 length = checkSMB(smb_buffer, smb_buffer->Mid, server->total_read);
764 if (length != 0)
765 cifs_dump_mem("Bad SMB: ", buf,
766 min_t(unsigned int, server->total_read, 48));
767
ff4fa4a2
JL		 768 if (!mid)
769 return length;
e9097ab4 770
ff4fa4a2
JL		 771 handle_mid(mid, server, smb_buffer, length);
772 return 0;
e9097ab4
JL		 773}
774
1da177e4 775static int
7c97c200 776cifs_demultiplex_thread(void *p)
1da177e4
LT		 777{
778 int length;
7c97c200 779 struct TCP_Server_Info *server = p;
2a37ef94
JL		 780 unsigned int pdu_length;
781 char *buf = NULL;
1da177e4 782 struct smb_hdr *smb_buffer = NULL;
1da177e4
LT		 783 struct task_struct *task_to_wake = NULL;
784 struct mid_q_entry *mid_entry;
1da177e4 785
1da177e4 786 current->flags |= PF_MEMALLOC;
b6b38f70 787 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
93d0ec85
JL		 788
789 length = atomic_inc_return(&tcpSesAllocCount);
790 if (length > 1)
26f57364
SF		 791 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
792 GFP_KERNEL);
1da177e4 793
83144186 794 set_freezable();
469ee614 795 while (server->tcpStatus != CifsExiting) {
ede1327e
SF		 796 if (try_to_freeze())
797 continue;
b8643e1b 798
2a37ef94 799 if (!allocate_buffers(server))
3d9c2472 800 continue;
b8643e1b 801
2a37ef94
JL		 802 server->large_buf = false;
803 smb_buffer = (struct smb_hdr *)server->smallbuf;
804 buf = server->smallbuf;
f01d5e14 805 pdu_length = 4; /* enough to get RFC1001 header */
fda35943 806
e28bc5b1 807 length = cifs_read_from_socket(server, buf, pdu_length);
a52c1eb7 808 if (length < 0)
1da177e4 809 continue;
2a37ef94 810 server->total_read = length;
1da177e4 811
98bac62c
PS		 812 /*
813 * The right amount was read from socket - 4 bytes,
814 * so we can now interpret the length field.
815 */
be8e3b00 816 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
70ca734a 817
fe11e4cc
JL		 818 cFYI(1, "RFC1002 header 0x%x", pdu_length);
819 if (!is_smb_response(server, buf[0]))
fb8c4b14 820 continue;
e4eb295d 821
89482a56
JL		 822 /* make sure we have enough to get to the MID */
823 if (pdu_length < sizeof(struct smb_hdr) - 1 - 4) {
824 cERROR(1, "SMB response too short (%u bytes)",
825 pdu_length);
826 cifs_reconnect(server);
827 wake_up(&server->response_q);
828 continue;
e4eb295d 829 }
e7015fb1 830
89482a56 831 /* read down to the MID */
e28bc5b1
JL		 832 length = cifs_read_from_socket(server, buf + 4,
833 sizeof(struct smb_hdr) - 1 - 4);
89482a56 834 if (length < 0)
e4eb295d 835 continue;
2a37ef94 836 server->total_read += length;
1da177e4 837
c8054ebd 838 mid_entry = find_mid(server, smb_buffer);
50c2f753 839
44d22d84
JL		 840 if (!mid_entry || !mid_entry->receive)
841 length = standard_receive3(server, mid_entry);
842 else
843 length = mid_entry->receive(server, mid_entry);
71823baf 844
e9097ab4 845 if (length < 0)
fe11e4cc 846 continue;
1da177e4 847
e9097ab4 848 if (server->large_buf) {
2a37ef94 849 buf = server->bigbuf;
e9097ab4 850 smb_buffer = (struct smb_hdr *)buf;
e4eb295d 851 }
fda35943 852
fda35943 853 server->lstrp = jiffies;
2b84a36c 854 if (mid_entry != NULL) {
2a37ef94
JL		 855 if (!mid_entry->multiRsp || mid_entry->multiEnd)
856 mid_entry->callback(mid_entry);
ffc00e27 857 } else if (!is_valid_oplock_break(smb_buffer, server)) {
b6b38f70 858 cERROR(1, "No task to wake, unknown frame received! "
8097531a 859 "NumMids %d", atomic_read(&midCount));
3d9c2472 860 cifs_dump_mem("Received Data is: ", buf,
70ca734a 861 sizeof(struct smb_hdr));
3979877e
SF		 862#ifdef CONFIG_CIFS_DEBUG2
863 cifs_dump_detail(smb_buffer);
864 cifs_dump_mids(server);
865#endif /* CIFS_DEBUG2 */
50c2f753 866
e4eb295d
SF		 867 }
868 } /* end while !EXITING */
869
fd62cb7e 870 /* buffer usually freed in free_mid - need to free it here on exit */
2a37ef94
JL		 871 cifs_buf_release(server->bigbuf);
872 if (server->smallbuf) /* no sense logging a debug message if NULL */
873 cifs_small_buf_release(server->smallbuf);
1da177e4 874
b1c8d2b4 875 task_to_wake = xchg(&server->tsk, NULL);
762dfd10 876 clean_demultiplex_info(server);
50c2f753 877
b1c8d2b4
JL		 878 /* if server->tsk was NULL then wait for a signal before exiting */
879 if (!task_to_wake) {
880 set_current_state(TASK_INTERRUPTIBLE);
881 while (!signal_pending(current)) {
882 schedule();
883 set_current_state(TASK_INTERRUPTIBLE);
884 }
885 set_current_state(TASK_RUNNING);
886 }
887
0468a2cf 888 module_put_and_exit(0);
1da177e4
LT		 889}
890
c359cf3c
JL		 891/* extract the host portion of the UNC string */
892static char *
893extract_hostname(const char *unc)
894{
895 const char *src;
896 char *dst, *delim;
897 unsigned int len;
898
899 /* skip double chars at beginning of string */
900 /* BB: check validity of these bytes? */
901 src = unc + 2;
902
903 /* delimiter between hostname and sharename is always '\\' now */
904 delim = strchr(src, '\\');
905 if (!delim)
906 return ERR_PTR(-EINVAL);
907
908 len = delim - src;
909 dst = kmalloc((len + 1), GFP_KERNEL);
910 if (dst == NULL)
911 return ERR_PTR(-ENOMEM);
912
913 memcpy(dst, src, len);
914 dst[len] = '\0';
915
916 return dst;
917}
918
1da177e4 919static int
b946845a 920cifs_parse_mount_options(const char *mountdata, const char *devname,
50c2f753 921 struct smb_vol *vol)
1da177e4 922{
4906e50b 923 char *value, *data, *end;
957df453 924 char *mountdata_copy = NULL, *options;
3d3ea8e6 925 int err;
1da177e4
LT		 926 unsigned int temp_len, i, j;
927 char separator[2];
9b9d6b24
JL		 928 short int override_uid = -1;
929 short int override_gid = -1;
930 bool uid_specified = false;
931 bool gid_specified = false;
88463999 932 char *nodename = utsname()->nodename;
1da177e4
LT		 933
934 separator[0] = ',';
50c2f753 935 separator[1] = 0;
1da177e4 936
88463999
JL		 937 /*
938 * does not have to be perfect mapping since field is
939 * informational, only used for servers that do not support
940 * port 445 and it can be overridden at mount time
941 */
1397f2ee
JL		 942 memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
943 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
88463999
JL		 944 vol->source_rfc1001_name[i] = toupper(nodename[i]);
945
1397f2ee 946 vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
a10faeb2
SF		 947 /* null target name indicates to use *SMBSERVR default called name
948 if we end up sending RFC1001 session initialize */
949 vol->target_rfc1001_name[0] = 0;
3e4b3e1f
JL		 950 vol->cred_uid = current_uid();
951 vol->linux_uid = current_uid();
a001e5b5 952 vol->linux_gid = current_gid();
f55ed1a8
JL		 953
954 /* default to only allowing write access to owner of the mount */
955 vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1da177e4
LT		 956
957 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
ac67055e
JA		 958 /* default is always to request posix paths. */
959 vol->posix_paths = 1;
a0c9217f
JL		 960 /* default to using server inode numbers where available */
961 vol->server_ino = 1;
ac67055e 962
6d20e840
SJ		 963 vol->actimeo = CIFS_DEF_ACTIMEO;
964
b946845a
SF		 965 if (!mountdata)
966 goto cifs_parse_mount_err;
967
968 mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
969 if (!mountdata_copy)
970 goto cifs_parse_mount_err;
1da177e4 971
b946845a 972 options = mountdata_copy;
4906e50b 973 end = options + strlen(options);
50c2f753 974 if (strncmp(options, "sep=", 4) == 0) {
fb8c4b14 975 if (options[4] != 0) {
1da177e4
LT		 976 separator[0] = options[4];
977 options += 5;
978 } else {
b6b38f70 979 cFYI(1, "Null separator not allowed");
1da177e4
LT		 980 }
981 }
3d3ea8e6
SP		 982 vol->backupuid_specified = false; /* no backup intent for a user */
983 vol->backupgid_specified = false; /* no backup intent for a group */
50c2f753 984
1da177e4
LT		 985 while ((data = strsep(&options, separator)) != NULL) {
986 if (!*data)
987 continue;
988 if ((value = strchr(data, '=')) != NULL)
989 *value++ = '\0';
990
50c2f753
SF		 991 /* Have to parse this before we parse for "user" */
992 if (strnicmp(data, "user_xattr", 10) == 0) {
1da177e4 993 vol->no_xattr = 0;
50c2f753 994 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
1da177e4
LT		 995 vol->no_xattr = 1;
996 } else if (strnicmp(data, "user", 4) == 0) {
4b952a9b 997 if (!value) {
1da177e4
LT		 998 printk(KERN_WARNING
999 "CIFS: invalid or missing username\n");
b946845a 1000 goto cifs_parse_mount_err;
fb8c4b14 1001 } else if (!*value) {
4b952a9b
SF		 1002 /* null user, ie anonymous, authentication */
1003 vol->nullauth = 1;
1da177e4 1004 }
8727c8a8
SF		 1005 if (strnlen(value, MAX_USERNAME_SIZE) <
1006 MAX_USERNAME_SIZE) {
b946845a
SF		 1007 vol->username = kstrdup(value, GFP_KERNEL);
1008 if (!vol->username) {
1009 printk(KERN_WARNING "CIFS: no memory "
1010 "for username\n");
1011 goto cifs_parse_mount_err;
1012 }
1da177e4
LT		 1013 } else {
1014 printk(KERN_WARNING "CIFS: username too long\n");
b946845a 1015 goto cifs_parse_mount_err;
1da177e4
LT		 1016 }
1017 } else if (strnicmp(data, "pass", 4) == 0) {
1018 if (!value) {
1019 vol->password = NULL;
1020 continue;
fb8c4b14 1021 } else if (value[0] == 0) {
1da177e4
LT		 1022 /* check if string begins with double comma
1023 since that would mean the password really
1024 does start with a comma, and would not
1025 indicate an empty string */
fb8c4b14 1026 if (value[1] != separator[0]) {
1da177e4
LT		 1027 vol->password = NULL;
1028 continue;
1029 }
1030 }
1031 temp_len = strlen(value);
1032 /* removed password length check, NTLM passwords
1033 can be arbitrarily long */
1034
50c2f753 1035 /* if comma in password, the string will be
1da177e4
LT		 1036 prematurely null terminated. Commas in password are
1037 specified across the cifs mount interface by a double
1038 comma ie ,, and a comma used as in other cases ie ','
1039 as a parameter delimiter/separator is single and due
1040 to the strsep above is temporarily zeroed. */
1041
1042 /* NB: password legally can have multiple commas and
1043 the only illegal character in a password is null */
1044
50c2f753 1045 if ((value[temp_len] == 0) &&
4906e50b 1046 (value + temp_len < end) &&
09d1db5c 1047 (value[temp_len+1] == separator[0])) {
1da177e4
LT		 1048 /* reinsert comma */
1049 value[temp_len] = separator[0];
50c2f753
SF		 1050 temp_len += 2; /* move after second comma */
1051 while (value[temp_len] != 0) {
1da177e4 1052 if (value[temp_len] == separator[0]) {
50c2f753 1053 if (value[temp_len+1] ==
09d1db5c
SF		 1054 separator[0]) {
1055 /* skip second comma */
1056 temp_len++;
50c2f753 1057 } else {
1da177e4
LT		 1058 /* single comma indicating start
1059 of next parm */
1060 break;
1061 }
1062 }
1063 temp_len++;
1064 }
fb8c4b14 1065 if (value[temp_len] == 0) {
1da177e4
LT		 1066 options = NULL;
1067 } else {
1068 value[temp_len] = 0;
1069 /* point option to start of next parm */
1070 options = value + temp_len + 1;
1071 }
50c2f753 1072 /* go from value to value + temp_len condensing
1da177e4
LT		 1073 double commas to singles. Note that this ends up
1074 allocating a few bytes too many, which is ok */
e915fc49 1075 vol->password = kzalloc(temp_len, GFP_KERNEL);
fb8c4b14 1076 if (vol->password == NULL) {
50c2f753
SF		 1077 printk(KERN_WARNING "CIFS: no memory "
1078 "for password\n");
b946845a 1079 goto cifs_parse_mount_err;
433dc24f 1080 }
50c2f753 1081 for (i = 0, j = 0; i < temp_len; i++, j++) {
1da177e4 1082 vol->password[j] = value[i];
fb8c4b14 1083 if (value[i] == separator[0]
09d1db5c 1084 && value[i+1] == separator[0]) {
1da177e4
LT		 1085 /* skip second comma */
1086 i++;
1087 }
1088 }
1089 vol->password[j] = 0;
1090 } else {
e915fc49 1091 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
fb8c4b14 1092 if (vol->password == NULL) {
50c2f753
SF		 1093 printk(KERN_WARNING "CIFS: no memory "
1094 "for password\n");
b946845a 1095 goto cifs_parse_mount_err;
433dc24f 1096 }
1da177e4
LT		 1097 strcpy(vol->password, value);
1098 }
58f7f68f
JL		 1099 } else if (!strnicmp(data, "ip", 2) ||
1100 !strnicmp(data, "addr", 4)) {
1da177e4
LT		 1101 if (!value || !*value) {
1102 vol->UNCip = NULL;
50b64e3b
JL		 1103 } else if (strnlen(value, INET6_ADDRSTRLEN) <
1104 INET6_ADDRSTRLEN) {
b946845a
SF		 1105 vol->UNCip = kstrdup(value, GFP_KERNEL);
1106 if (!vol->UNCip) {
1107 printk(KERN_WARNING "CIFS: no memory "
1108 "for UNC IP\n");
1109 goto cifs_parse_mount_err;
1110 }
1da177e4 1111 } else {
50c2f753
SF		 1112 printk(KERN_WARNING "CIFS: ip address "
1113 "too long\n");
b946845a 1114 goto cifs_parse_mount_err;
1da177e4 1115 }
50c2f753
SF		 1116 } else if (strnicmp(data, "sec", 3) == 0) {
1117 if (!value || !*value) {
b6b38f70 1118 cERROR(1, "no security value specified");
50c2f753
SF		 1119 continue;
1120 } else if (strnicmp(value, "krb5i", 5) == 0) {
1121 vol->secFlg |= CIFSSEC_MAY_KRB5 |
189acaae 1122 CIFSSEC_MUST_SIGN;
bf820679 1123 } else if (strnicmp(value, "krb5p", 5) == 0) {
50c2f753
SF		 1124 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
1125 CIFSSEC_MAY_KRB5; */
b6b38f70 1126 cERROR(1, "Krb5 cifs privacy not supported");
b946845a 1127 goto cifs_parse_mount_err;
bf820679 1128 } else if (strnicmp(value, "krb5", 4) == 0) {
750d1151 1129 vol->secFlg |= CIFSSEC_MAY_KRB5;
ac683924
SF		 1130 } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
1131 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
1132 CIFSSEC_MUST_SIGN;
1133 } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1134 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
bf820679 1135 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
750d1151 1136 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
189acaae 1137 CIFSSEC_MUST_SIGN;
bf820679 1138 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
750d1151 1139 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
bf820679 1140 } else if (strnicmp(value, "ntlmi", 5) == 0) {
750d1151 1141 vol->secFlg |= CIFSSEC_MAY_NTLM |
189acaae 1142 CIFSSEC_MUST_SIGN;
bf820679
SF		 1143 } else if (strnicmp(value, "ntlm", 4) == 0) {
1144 /* ntlm is default so can be turned off too */
750d1151 1145 vol->secFlg |= CIFSSEC_MAY_NTLM;
bf820679 1146 } else if (strnicmp(value, "nontlm", 6) == 0) {
189acaae 1147 /* BB is there a better way to do this? */
750d1151 1148 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
189acaae
SF		 1149#ifdef CONFIG_CIFS_WEAK_PW_HASH
1150 } else if (strnicmp(value, "lanman", 6) == 0) {
50c2f753 1151 vol->secFlg |= CIFSSEC_MAY_LANMAN;
189acaae 1152#endif
bf820679 1153 } else if (strnicmp(value, "none", 4) == 0) {
189acaae 1154 vol->nullauth = 1;
50c2f753 1155 } else {
b6b38f70 1156 cERROR(1, "bad security option: %s", value);
b946845a 1157 goto cifs_parse_mount_err;
50c2f753 1158 }
1cb06d0b
SF		 1159 } else if (strnicmp(data, "vers", 3) == 0) {
1160 if (!value || !*value) {
1161 cERROR(1, "no protocol version specified"
1162 " after vers= mount option");
1163 } else if ((strnicmp(value, "cifs", 4) == 0) ||
1164 (strnicmp(value, "1", 1) == 0)) {
1165 /* this is the default */
1166 continue;
1cb06d0b 1167 }
1da177e4
LT		 1168 } else if ((strnicmp(data, "unc", 3) == 0)
1169 || (strnicmp(data, "target", 6) == 0)
1170 || (strnicmp(data, "path", 4) == 0)) {
1171 if (!value || !*value) {
50c2f753
SF		 1172 printk(KERN_WARNING "CIFS: invalid path to "
1173 "network resource\n");
b946845a 1174 goto cifs_parse_mount_err;
1da177e4
LT		 1175 }
1176 if ((temp_len = strnlen(value, 300)) < 300) {
50c2f753 1177 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
4523cc30 1178 if (vol->UNC == NULL)
b946845a 1179 goto cifs_parse_mount_err;
50c2f753 1180 strcpy(vol->UNC, value);
1da177e4
LT		 1181 if (strncmp(vol->UNC, "//", 2) == 0) {
1182 vol->UNC[0] = '\\';
1183 vol->UNC[1] = '\\';
50c2f753 1184 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1da177e4 1185 printk(KERN_WARNING
50c2f753
SF		 1186 "CIFS: UNC Path does not begin "
1187 "with // or \\\\ \n");
b946845a 1188 goto cifs_parse_mount_err;
1da177e4
LT		 1189 }
1190 } else {
1191 printk(KERN_WARNING "CIFS: UNC name too long\n");
b946845a 1192 goto cifs_parse_mount_err;
1da177e4
LT		 1193 }
1194 } else if ((strnicmp(data, "domain", 3) == 0)
1195 || (strnicmp(data, "workgroup", 5) == 0)) {
1196 if (!value || !*value) {
1197 printk(KERN_WARNING "CIFS: invalid domain name\n");
b946845a 1198 goto cifs_parse_mount_err;
1da177e4
LT		 1199 }
1200 /* BB are there cases in which a comma can be valid in
1201 a domain name and need special handling? */
3979877e 1202 if (strnlen(value, 256) < 256) {
b946845a
SF		 1203 vol->domainname = kstrdup(value, GFP_KERNEL);
1204 if (!vol->domainname) {
1205 printk(KERN_WARNING "CIFS: no memory "
1206 "for domainname\n");
1207 goto cifs_parse_mount_err;
1208 }
b6b38f70 1209 cFYI(1, "Domain name set");
1da177e4 1210 } else {
50c2f753
SF		 1211 printk(KERN_WARNING "CIFS: domain name too "
1212 "long\n");
b946845a 1213 goto cifs_parse_mount_err;
1da177e4 1214 }
3eb9a889
BG		 1215 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1216 vol->srcaddr.ss_family = AF_UNSPEC;
1217
1218 if (!value || !*value) {
1219 printk(KERN_WARNING "CIFS: srcaddr value"
1220 " not specified.\n");
b946845a 1221 goto cifs_parse_mount_err;
3eb9a889
BG		 1222 }
1223 i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1224 value, strlen(value));
b235f371 1225 if (i == 0) {
3eb9a889
BG		 1226 printk(KERN_WARNING "CIFS: Could not parse"
1227 " srcaddr: %s\n",
1228 value);
b946845a 1229 goto cifs_parse_mount_err;
3eb9a889 1230 }
50c2f753
SF		 1231 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1232 if (!value || !*value) {
1233 printk(KERN_WARNING
1234 "CIFS: invalid path prefix\n");
b946845a 1235 goto cifs_parse_mount_err;
50c2f753
SF		 1236 }
1237 if ((temp_len = strnlen(value, 1024)) < 1024) {
4523cc30 1238 if (value[0] != '/')
2fe87f02 1239 temp_len++; /* missing leading slash */
50c2f753
SF		 1240 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1241 if (vol->prepath == NULL)
b946845a 1242 goto cifs_parse_mount_err;
4523cc30 1243 if (value[0] != '/') {
2fe87f02 1244 vol->prepath[0] = '/';
50c2f753 1245 strcpy(vol->prepath+1, value);
2fe87f02 1246 } else
50c2f753 1247 strcpy(vol->prepath, value);
b6b38f70 1248 cFYI(1, "prefix path %s", vol->prepath);
50c2f753
SF		 1249 } else {
1250 printk(KERN_WARNING "CIFS: prefix too long\n");
b946845a 1251 goto cifs_parse_mount_err;
50c2f753 1252 }
1da177e4
LT		 1253 } else if (strnicmp(data, "iocharset", 9) == 0) {
1254 if (!value || !*value) {
63135e08
SF		 1255 printk(KERN_WARNING "CIFS: invalid iocharset "
1256 "specified\n");
b946845a 1257 goto cifs_parse_mount_err;
1da177e4
LT		 1258 }
1259 if (strnlen(value, 65) < 65) {
b946845a
SF		 1260 if (strnicmp(value, "default", 7)) {
1261 vol->iocharset = kstrdup(value,
1262 GFP_KERNEL);
1263
1264 if (!vol->iocharset) {
1265 printk(KERN_WARNING "CIFS: no "
1266 "memory for"
1267 "charset\n");
1268 goto cifs_parse_mount_err;
1269 }
1270 }
50c2f753
SF		 1271 /* if iocharset not set then load_nls_default
1272 is used by caller */
b6b38f70 1273 cFYI(1, "iocharset set to %s", value);
1da177e4 1274 } else {
63135e08
SF		 1275 printk(KERN_WARNING "CIFS: iocharset name "
1276 "too long.\n");
b946845a 1277 goto cifs_parse_mount_err;
1da177e4 1278 }
9b9d6b24
JL		 1279 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1280 vol->linux_uid = simple_strtoul(value, &value, 0);
1281 uid_specified = true;
bd763319
JL		 1282 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1283 vol->cred_uid = simple_strtoul(value, &value, 0);
9b9d6b24
JL		 1284 } else if (!strnicmp(data, "forceuid", 8)) {
1285 override_uid = 1;
1286 } else if (!strnicmp(data, "noforceuid", 10)) {
1287 override_uid = 0;
1288 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1289 vol->linux_gid = simple_strtoul(value, &value, 0);
1290 gid_specified = true;
1291 } else if (!strnicmp(data, "forcegid", 8)) {
1292 override_gid = 1;
1293 } else if (!strnicmp(data, "noforcegid", 10)) {
1294 override_gid = 0;
1da177e4
LT		 1295 } else if (strnicmp(data, "file_mode", 4) == 0) {
1296 if (value && *value) {
1297 vol->file_mode =
1298 simple_strtoul(value, &value, 0);
1299 }
1300 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1301 if (value && *value) {
1302 vol->dir_mode =
1303 simple_strtoul(value, &value, 0);
1304 }
1305 } else if (strnicmp(data, "dirmode", 4) == 0) {
1306 if (value && *value) {
1307 vol->dir_mode =
1308 simple_strtoul(value, &value, 0);
1309 }
1310 } else if (strnicmp(data, "port", 4) == 0) {
1311 if (value && *value) {
1312 vol->port =
1313 simple_strtoul(value, &value, 0);
1314 }
1315 } else if (strnicmp(data, "rsize", 5) == 0) {
1316 if (value && *value) {
1317 vol->rsize =
1318 simple_strtoul(value, &value, 0);
1319 }
1320 } else if (strnicmp(data, "wsize", 5) == 0) {
1321 if (value && *value) {
1322 vol->wsize =
1323 simple_strtoul(value, &value, 0);
1324 }
1325 } else if (strnicmp(data, "sockopt", 5) == 0) {
6a5fa236 1326 if (!value || !*value) {
b6b38f70 1327 cERROR(1, "no socket option specified");
6a5fa236
SF		 1328 continue;
1329 } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1330 vol->sockopt_tcp_nodelay = 1;
1da177e4
LT		 1331 }
1332 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1333 if (!value || !*value || (*value == ' ')) {
b6b38f70 1334 cFYI(1, "invalid (empty) netbiosname");
1da177e4 1335 } else {
1397f2ee
JL		 1336 memset(vol->source_rfc1001_name, 0x20,
1337 RFC1001_NAME_LEN);
1338 /*
1339 * FIXME: are there cases in which a comma can
1340 * be valid in workstation netbios name (and
1341 * need special handling)?
1342 */
1343 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1344 /* don't ucase netbiosname for user */
50c2f753 1345 if (value[i] == 0)
1da177e4 1346 break;
1397f2ee 1347 vol->source_rfc1001_name[i] = value[i];
1da177e4
LT		 1348 }
1349 /* The string has 16th byte zero still from
1350 set at top of the function */
1397f2ee 1351 if (i == RFC1001_NAME_LEN && value[i] != 0)
50c2f753
SF		 1352 printk(KERN_WARNING "CIFS: netbiosname"
1353 " longer than 15 truncated.\n");
a10faeb2
SF		 1354 }
1355 } else if (strnicmp(data, "servern", 7) == 0) {
1356 /* servernetbiosname specified override *SMBSERVER */
1357 if (!value || !*value || (*value == ' ')) {
b6b38f70 1358 cFYI(1, "empty server netbiosname specified");
a10faeb2
SF		 1359 } else {
1360 /* last byte, type, is 0x20 for servr type */
1397f2ee
JL		 1361 memset(vol->target_rfc1001_name, 0x20,
1362 RFC1001_NAME_LEN_WITH_NULL);
a10faeb2 1363
50c2f753 1364 for (i = 0; i < 15; i++) {
a10faeb2 1365 /* BB are there cases in which a comma can be
50c2f753
SF		 1366 valid in this workstation netbios name
1367 (and need special handling)? */
a10faeb2 1368
50c2f753
SF		 1369 /* user or mount helper must uppercase
1370 the netbiosname */
1371 if (value[i] == 0)
a10faeb2
SF		 1372 break;
1373 else
50c2f753
SF		 1374 vol->target_rfc1001_name[i] =
1375 value[i];
a10faeb2
SF		 1376 }
1377 /* The string has 16th byte zero still from
1378 set at top of the function */
1397f2ee 1379 if (i == RFC1001_NAME_LEN && value[i] != 0)
50c2f753
SF		 1380 printk(KERN_WARNING "CIFS: server net"
1381 "biosname longer than 15 truncated.\n");
1da177e4 1382 }
6d20e840
SJ		 1383 } else if (strnicmp(data, "actimeo", 7) == 0) {
1384 if (value && *value) {
1385 vol->actimeo = HZ * simple_strtoul(value,
1386 &value, 0);
1387 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1388 cERROR(1, "CIFS: attribute cache"
1389 "timeout too large");
b946845a 1390 goto cifs_parse_mount_err;
6d20e840
SJ		 1391 }
1392 }
1da177e4
LT		 1393 } else if (strnicmp(data, "credentials", 4) == 0) {
1394 /* ignore */
1395 } else if (strnicmp(data, "version", 3) == 0) {
1396 /* ignore */
50c2f753 1397 } else if (strnicmp(data, "guest", 5) == 0) {
1da177e4 1398 /* ignore */
c9c7fa00 1399 } else if (strnicmp(data, "rw", 2) == 0 && strlen(data) == 2) {
71a394fa
SF		 1400 /* ignore */
1401 } else if (strnicmp(data, "ro", 2) == 0) {
1402 /* ignore */
edf1ae40
SF		 1403 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1404 vol->noblocksnd = 1;
1405 } else if (strnicmp(data, "noautotune", 10) == 0) {
1406 vol->noautotune = 1;
1da177e4
LT		 1407 } else if ((strnicmp(data, "suid", 4) == 0) ||
1408 (strnicmp(data, "nosuid", 6) == 0) ||
1409 (strnicmp(data, "exec", 4) == 0) ||
1410 (strnicmp(data, "noexec", 6) == 0) ||
1411 (strnicmp(data, "nodev", 5) == 0) ||
1412 (strnicmp(data, "noauto", 6) == 0) ||
1413 (strnicmp(data, "dev", 3) == 0)) {
1414 /* The mount tool or mount.cifs helper (if present)
50c2f753
SF		 1415 uses these opts to set flags, and the flags are read
1416 by the kernel vfs layer before we get here (ie
1417 before read super) so there is no point trying to
1418 parse these options again and set anything and it
1419 is ok to just ignore them */
1da177e4 1420 continue;
1da177e4
LT		 1421 } else if (strnicmp(data, "hard", 4) == 0) {
1422 vol->retry = 1;
1423 } else if (strnicmp(data, "soft", 4) == 0) {
1424 vol->retry = 0;
1425 } else if (strnicmp(data, "perm", 4) == 0) {
1426 vol->noperm = 0;
1427 } else if (strnicmp(data, "noperm", 6) == 0) {
1428 vol->noperm = 1;
6a0b4824
SF		 1429 } else if (strnicmp(data, "mapchars", 8) == 0) {
1430 vol->remap = 1;
1431 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1432 vol->remap = 0;
50c2f753
SF		 1433 } else if (strnicmp(data, "sfu", 3) == 0) {
1434 vol->sfu_emul = 1;
1435 } else if (strnicmp(data, "nosfu", 5) == 0) {
1436 vol->sfu_emul = 0;
2c1b8615
SF		 1437 } else if (strnicmp(data, "nodfs", 5) == 0) {
1438 vol->nodfs = 1;
ac67055e
JA		 1439 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1440 vol->posix_paths = 1;
1441 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1442 vol->posix_paths = 0;
c18c842b
SF		 1443 } else if (strnicmp(data, "nounix", 6) == 0) {
1444 vol->no_linux_ext = 1;
1445 } else if (strnicmp(data, "nolinux", 7) == 0) {
1446 vol->no_linux_ext = 1;
50c2f753 1447 } else if ((strnicmp(data, "nocase", 6) == 0) ||
a10faeb2 1448 (strnicmp(data, "ignorecase", 10) == 0)) {
50c2f753 1449 vol->nocase = 1;
f636a348
JL		 1450 } else if (strnicmp(data, "mand", 4) == 0) {
1451 /* ignore */
1452 } else if (strnicmp(data, "nomand", 6) == 0) {
1453 /* ignore */
1454 } else if (strnicmp(data, "_netdev", 7) == 0) {
1455 /* ignore */
c46fa8ac
SF		 1456 } else if (strnicmp(data, "brl", 3) == 0) {
1457 vol->nobrl = 0;
50c2f753 1458 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1c955187 1459 (strnicmp(data, "nolock", 6) == 0)) {
c46fa8ac 1460 vol->nobrl = 1;
d3485d37
SF		 1461 /* turn off mandatory locking in mode
1462 if remote locking is turned off since the
1463 local vfs will do advisory */
50c2f753
SF		 1464 if (vol->file_mode ==
1465 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
d3485d37 1466 vol->file_mode = S_IALLUGO;
13a6e42a
SF		 1467 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1468 /* will take the shorter form "forcemand" as well */
1469 /* This mount option will force use of mandatory
1470 (DOS/Windows style) byte range locks, instead of
1471 using posix advisory byte range locks, even if the
1472 Unix extensions are available and posix locks would
1473 be supported otherwise. If Unix extensions are not
1474 negotiated this has no effect since mandatory locks
1475 would be used (mandatory locks is all that those
1476 those servers support) */
1477 vol->mand_lock = 1;
1da177e4
LT		 1478 } else if (strnicmp(data, "setuids", 7) == 0) {
1479 vol->setuids = 1;
1480 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1481 vol->setuids = 0;
d0a9c078
JL		 1482 } else if (strnicmp(data, "dynperm", 7) == 0) {
1483 vol->dynperm = true;
1484 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1485 vol->dynperm = false;
1da177e4
LT		 1486 } else if (strnicmp(data, "nohard", 6) == 0) {
1487 vol->retry = 0;
1488 } else if (strnicmp(data, "nosoft", 6) == 0) {
1489 vol->retry = 1;
1490 } else if (strnicmp(data, "nointr", 6) == 0) {
1491 vol->intr = 0;
1492 } else if (strnicmp(data, "intr", 4) == 0) {
1493 vol->intr = 1;
be652445
SF		 1494 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1495 vol->nostrictsync = 1;
1496 } else if (strnicmp(data, "strictsync", 10) == 0) {
1497 vol->nostrictsync = 0;
50c2f753 1498 } else if (strnicmp(data, "serverino", 7) == 0) {
1da177e4 1499 vol->server_ino = 1;
50c2f753 1500 } else if (strnicmp(data, "noserverino", 9) == 0) {
1da177e4 1501 vol->server_ino = 0;
c9c7fa00 1502 } else if (strnicmp(data, "rwpidforward", 12) == 0) {
d4ffff1f 1503 vol->rwpidforward = 1;
50c2f753 1504 } else if (strnicmp(data, "cifsacl", 7) == 0) {
0a4b92c0
SF		 1505 vol->cifs_acl = 1;
1506 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1507 vol->cifs_acl = 0;
50c2f753 1508 } else if (strnicmp(data, "acl", 3) == 0) {
1da177e4 1509 vol->no_psx_acl = 0;
50c2f753 1510 } else if (strnicmp(data, "noacl", 5) == 0) {
1da177e4 1511 vol->no_psx_acl = 1;
84210e91
SF		 1512 } else if (strnicmp(data, "locallease", 6) == 0) {
1513 vol->local_lease = 1;
50c2f753 1514 } else if (strnicmp(data, "sign", 4) == 0) {
750d1151 1515 vol->secFlg |= CIFSSEC_MUST_SIGN;
95b1cb90
SF		 1516 } else if (strnicmp(data, "seal", 4) == 0) {
1517 /* we do not do the following in secFlags because seal
1518 is a per tree connection (mount) not a per socket
1519 or per-smb connection option in the protocol */
1520 /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1521 vol->seal = 1;
50c2f753 1522 } else if (strnicmp(data, "direct", 6) == 0) {
1da177e4 1523 vol->direct_io = 1;
50c2f753 1524 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1da177e4 1525 vol->direct_io = 1;
d39454ff
PS		 1526 } else if (strnicmp(data, "strictcache", 11) == 0) {
1527 vol->strict_io = 1;
1da177e4 1528 } else if (strnicmp(data, "noac", 4) == 0) {
50c2f753
SF		 1529 printk(KERN_WARNING "CIFS: Mount option noac not "
1530 "supported. Instead set "
1531 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
fa1df75d 1532 } else if (strnicmp(data, "fsc", 3) == 0) {
607a569d 1533#ifndef CONFIG_CIFS_FSCACHE
83fb086e 1534 cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
607a569d 1535 "kernel config option set");
b946845a 1536 goto cifs_parse_mount_err;
607a569d 1537#endif
fa1df75d 1538 vol->fsc = true;
736a3320
SM		 1539 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1540 vol->mfsymlinks = true;
0eb8a132
JL		 1541 } else if (strnicmp(data, "multiuser", 8) == 0) {
1542 vol->multiuser = true;
3d3ea8e6
SP		 1543 } else if (!strnicmp(data, "backupuid", 9) && value && *value) {
1544 err = kstrtouint(value, 0, &vol->backupuid);
1545 if (err < 0) {
1546 cERROR(1, "%s: Invalid backupuid value",
1547 __func__);
1548 goto cifs_parse_mount_err;
1549 }
1550 vol->backupuid_specified = true;
1551 } else if (!strnicmp(data, "backupgid", 9) && value && *value) {
1552 err = kstrtouint(value, 0, &vol->backupgid);
1553 if (err < 0) {
1554 cERROR(1, "%s: Invalid backupgid value",
1555 __func__);
1556 goto cifs_parse_mount_err;
1557 }
1558 vol->backupgid_specified = true;
1da177e4 1559 } else
50c2f753
SF		 1560 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1561 data);
1da177e4
LT		 1562 }
1563 if (vol->UNC == NULL) {
4523cc30 1564 if (devname == NULL) {
50c2f753
SF		 1565 printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1566 "target\n");
b946845a 1567 goto cifs_parse_mount_err;
1da177e4
LT		 1568 }
1569 if ((temp_len = strnlen(devname, 300)) < 300) {
50c2f753 1570 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
4523cc30 1571 if (vol->UNC == NULL)
b946845a 1572 goto cifs_parse_mount_err;
50c2f753 1573 strcpy(vol->UNC, devname);
1da177e4
LT		 1574 if (strncmp(vol->UNC, "//", 2) == 0) {
1575 vol->UNC[0] = '\\';
1576 vol->UNC[1] = '\\';
1577 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
50c2f753
SF		 1578 printk(KERN_WARNING "CIFS: UNC Path does not "
1579 "begin with // or \\\\ \n");
b946845a 1580 goto cifs_parse_mount_err;
1da177e4 1581 }
7c5e628f
IM		 1582 value = strpbrk(vol->UNC+2, "/\\");
1583 if (value)
1584 *value = '\\';
1da177e4
LT		 1585 } else {
1586 printk(KERN_WARNING "CIFS: UNC name too long\n");
b946845a 1587 goto cifs_parse_mount_err;
1da177e4
LT		 1588 }
1589 }
0eb8a132 1590
8a8798a5
JL		 1591#ifndef CONFIG_KEYS
1592 /* Muliuser mounts require CONFIG_KEYS support */
1593 if (vol->multiuser) {
1594 cERROR(1, "Multiuser mounts require kernels with "
1595 "CONFIG_KEYS enabled.");
b946845a 1596 goto cifs_parse_mount_err;
0eb8a132 1597 }
8a8798a5 1598#endif
0eb8a132 1599
fb8c4b14 1600 if (vol->UNCip == NULL)
1da177e4
LT		 1601 vol->UNCip = &vol->UNC[2];
1602
9b9d6b24
JL		 1603 if (uid_specified)
1604 vol->override_uid = override_uid;
1605 else if (override_uid == 1)
1606 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1607 "specified with no uid= option.\n");
1608
1609 if (gid_specified)
1610 vol->override_gid = override_gid;
1611 else if (override_gid == 1)
1612 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1613 "specified with no gid= option.\n");
1614
b946845a 1615 kfree(mountdata_copy);
1da177e4 1616 return 0;
b946845a
SF		 1617
1618cifs_parse_mount_err:
1619 kfree(mountdata_copy);
1620 return 1;
1da177e4
LT		 1621}
1622
3eb9a889
BG		 1623/** Returns true if srcaddr isn't specified and rhs isn't
1624 * specified, or if srcaddr is specified and
1625 * matches the IP address of the rhs argument.
1626 */
1627static bool
1628srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1629{
1630 switch (srcaddr->sa_family) {
1631 case AF_UNSPEC:
1632 return (rhs->sa_family == AF_UNSPEC);
1633 case AF_INET: {
1634 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1635 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1636 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1637 }
1638 case AF_INET6: {
1639 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1640 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1641 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1642 }
1643 default:
1644 WARN_ON(1);
1645 return false; /* don't expect to be here */
1646 }
1647}
1648
4b886136
PS		 1649/*
1650 * If no port is specified in addr structure, we try to match with 445 port
1651 * and if it fails - with 139 ports. It should be called only if address
1652 * families of server and addr are equal.
1653 */
1654static bool
1655match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1656{
6da97910 1657 __be16 port, *sport;
4b886136
PS		 1658
1659 switch (addr->sa_family) {
1660 case AF_INET:
1661 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1662 port = ((struct sockaddr_in *) addr)->sin_port;
1663 break;
1664 case AF_INET6:
1665 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1666 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1667 break;
1668 default:
1669 WARN_ON(1);
1670 return false;
1671 }
1672
1673 if (!port) {
1674 port = htons(CIFS_PORT);
1675 if (port == *sport)
1676 return true;
1677
1678 port = htons(RFC1001_PORT);
1679 }
1680
1681 return port == *sport;
1682}
3eb9a889 1683
4515148e 1684static bool
3eb9a889
BG		 1685match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1686 struct sockaddr *srcaddr)
4515148e 1687{
4515148e 1688 switch (addr->sa_family) {
a9f1b85e
PS		 1689 case AF_INET: {
1690 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1691 struct sockaddr_in *srv_addr4 =
1692 (struct sockaddr_in *)&server->dstaddr;
1693
1694 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
4515148e 1695 return false;
4515148e 1696 break;
a9f1b85e
PS		 1697 }
1698 case AF_INET6: {
1699 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1700 struct sockaddr_in6 *srv_addr6 =
1701 (struct sockaddr_in6 *)&server->dstaddr;
1702
4515148e 1703 if (!ipv6_addr_equal(&addr6->sin6_addr,
a9f1b85e 1704 &srv_addr6->sin6_addr))
4515148e 1705 return false;
a9f1b85e 1706 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
4515148e 1707 return false;
4515148e
JL		 1708 break;
1709 }
a9f1b85e
PS		 1710 default:
1711 WARN_ON(1);
1712 return false; /* don't expect to be here */
1713 }
4515148e 1714
3eb9a889
BG		 1715 if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1716 return false;
1717
4515148e
JL		 1718 return true;
1719}
1720
daf5b0b6
JL		 1721static bool
1722match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1723{
1724 unsigned int secFlags;
1725
1726 if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1727 secFlags = vol->secFlg;
1728 else
1729 secFlags = global_secflags | vol->secFlg;
1730
1731 switch (server->secType) {
1732 case LANMAN:
1733 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1734 return false;
1735 break;
1736 case NTLMv2:
1737 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1738 return false;
1739 break;
1740 case NTLM:
1741 if (!(secFlags & CIFSSEC_MAY_NTLM))
1742 return false;
1743 break;
1744 case Kerberos:
1745 if (!(secFlags & CIFSSEC_MAY_KRB5))
1746 return false;
1747 break;
1748 case RawNTLMSSP:
1749 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1750 return false;
1751 break;
1752 default:
1753 /* shouldn't happen */
1754 return false;
1755 }
1756
25985edc 1757 /* now check if signing mode is acceptable */
daf5b0b6 1758 if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
96daf2b0 1759 (server->sec_mode & SECMODE_SIGN_REQUIRED))
daf5b0b6
JL		 1760 return false;
1761 else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
96daf2b0 1762 (server->sec_mode &
daf5b0b6
JL		 1763 (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1764 return false;
1765
1766 return true;
1767}
1768
37bb04e5
PS		 1769static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
1770 struct smb_vol *vol)
1771{
1772 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1773 return 0;
1774
1775 if (!match_address(server, addr,
1776 (struct sockaddr *)&vol->srcaddr))
1777 return 0;
1778
1779 if (!match_port(server, addr))
1780 return 0;
1781
1782 if (!match_security(server, vol))
1783 return 0;
1784
1785 return 1;
1786}
1787
e7ddee90 1788static struct TCP_Server_Info *
daf5b0b6 1789cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1da177e4 1790{
e7ddee90 1791 struct TCP_Server_Info *server;
e7ddee90 1792
3f9bcca7 1793 spin_lock(&cifs_tcp_ses_lock);
4515148e 1794 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
37bb04e5 1795 if (!match_server(server, addr, vol))
daf5b0b6
JL		 1796 continue;
1797
e7ddee90 1798 ++server->srv_count;
3f9bcca7 1799 spin_unlock(&cifs_tcp_ses_lock);
b6b38f70 1800 cFYI(1, "Existing tcp session with server found");
e7ddee90 1801 return server;
1da177e4 1802 }
3f9bcca7 1803 spin_unlock(&cifs_tcp_ses_lock);
1da177e4
LT		 1804 return NULL;
1805}
1b20d672 1806
14fbf50d 1807static void
e7ddee90 1808cifs_put_tcp_session(struct TCP_Server_Info *server)
1da177e4 1809{
e7ddee90 1810 struct task_struct *task;
1b20d672 1811
3f9bcca7 1812 spin_lock(&cifs_tcp_ses_lock);
e7ddee90 1813 if (--server->srv_count > 0) {
3f9bcca7 1814 spin_unlock(&cifs_tcp_ses_lock);
e7ddee90 1815 return;
1da177e4 1816 }
1b20d672 1817
f1d0c998
RL		 1818 put_net(cifs_net_ns(server));
1819
e7ddee90 1820 list_del_init(&server->tcp_ses_list);
3f9bcca7 1821 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 1822
c74093b6
JL		 1823 cancel_delayed_work_sync(&server->echo);
1824
e7ddee90
JL		 1825 spin_lock(&GlobalMid_Lock);
1826 server->tcpStatus = CifsExiting;
1827 spin_unlock(&GlobalMid_Lock);
dea570e0 1828
d2b91521 1829 cifs_crypto_shash_release(server);
488f1d2d
SJ		 1830 cifs_fscache_release_client_cookie(server);
1831
21e73393
SP		 1832 kfree(server->session_key.response);
1833 server->session_key.response = NULL;
1834 server->session_key.len = 0;
1835
e7ddee90
JL		 1836 task = xchg(&server->tsk, NULL);
1837 if (task)
1838 force_sig(SIGKILL, task);
1da177e4
LT		 1839}
1840
63c038c2
JL		 1841static struct TCP_Server_Info *
1842cifs_get_tcp_session(struct smb_vol *volume_info)
1843{
1844 struct TCP_Server_Info *tcp_ses = NULL;
a9ac49d3 1845 struct sockaddr_storage addr;
63c038c2
JL		 1846 struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1847 struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1848 int rc;
1849
a9ac49d3 1850 memset(&addr, 0, sizeof(struct sockaddr_storage));
63c038c2 1851
b6b38f70 1852 cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
63c038c2 1853
1e68b2b2 1854 if (volume_info->UNCip && volume_info->UNC) {
50d97160
JL		 1855 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1856 volume_info->UNCip,
67b7626a 1857 strlen(volume_info->UNCip),
50d97160 1858 volume_info->port);
1e68b2b2 1859 if (!rc) {
63c038c2
JL		 1860 /* we failed translating address */
1861 rc = -EINVAL;
1862 goto out_err;
1863 }
63c038c2
JL		 1864 } else if (volume_info->UNCip) {
1865 /* BB using ip addr as tcp_ses name to connect to the
1866 DFS root below */
b6b38f70 1867 cERROR(1, "Connecting to DFS root not implemented yet");
63c038c2
JL		 1868 rc = -EINVAL;
1869 goto out_err;
1870 } else /* which tcp_sess DFS root would we conect to */ {
b6b38f70
JP		 1871 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1872 "unc=//192.168.1.100/public) specified");
63c038c2
JL		 1873 rc = -EINVAL;
1874 goto out_err;
1875 }
1876
1877 /* see if we already have a matching tcp_ses */
daf5b0b6 1878 tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
63c038c2
JL		 1879 if (tcp_ses)
1880 return tcp_ses;
1881
1882 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1883 if (!tcp_ses) {
1884 rc = -ENOMEM;
1885 goto out_err;
1886 }
1887
d2b91521
SP		 1888 rc = cifs_crypto_shash_allocate(tcp_ses);
1889 if (rc) {
1890 cERROR(1, "could not setup hash structures rc %d", rc);
1891 goto out_err;
1892 }
1893
f1d0c998 1894 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
63c038c2
JL		 1895 tcp_ses->hostname = extract_hostname(volume_info->UNC);
1896 if (IS_ERR(tcp_ses->hostname)) {
1897 rc = PTR_ERR(tcp_ses->hostname);
f7c5445a 1898 goto out_err_crypto_release;
63c038c2
JL		 1899 }
1900
1901 tcp_ses->noblocksnd = volume_info->noblocksnd;
1902 tcp_ses->noautotune = volume_info->noautotune;
6a5fa236 1903 tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
fc40f9cf 1904 tcp_ses->in_flight = 0;
2d86dbc9 1905 tcp_ses->credits = 1;
63c038c2
JL		 1906 init_waitqueue_head(&tcp_ses->response_q);
1907 init_waitqueue_head(&tcp_ses->request_q);
1908 INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1909 mutex_init(&tcp_ses->srv_mutex);
1910 memcpy(tcp_ses->workstation_RFC1001_name,
1911 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1912 memcpy(tcp_ses->server_RFC1001_name,
1913 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
5d0d2882 1914 tcp_ses->session_estab = false;
63c038c2 1915 tcp_ses->sequence_number = 0;
fda35943 1916 tcp_ses->lstrp = jiffies;
63c038c2
JL		 1917 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1918 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
c74093b6 1919 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
63c038c2
JL		 1920
1921 /*
1922 * at this point we are the only ones with the pointer
1923 * to the struct since the kernel thread not created yet
1924 * no need to spinlock this init of tcpStatus or srv_count
1925 */
1926 tcp_ses->tcpStatus = CifsNew;
3eb9a889
BG		 1927 memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1928 sizeof(tcp_ses->srcaddr));
63c038c2
JL		 1929 ++tcp_ses->srv_count;
1930
a9ac49d3 1931 if (addr.ss_family == AF_INET6) {
b6b38f70 1932 cFYI(1, "attempting ipv6 connect");
63c038c2
JL		 1933 /* BB should we allow ipv6 on port 139? */
1934 /* other OS never observed in Wild doing 139 with v6 */
a9f1b85e
PS		 1935 memcpy(&tcp_ses->dstaddr, sin_server6,
1936 sizeof(struct sockaddr_in6));
1937 } else
1938 memcpy(&tcp_ses->dstaddr, sin_server,
1939 sizeof(struct sockaddr_in));
1940
1941 rc = ip_connect(tcp_ses);
63c038c2 1942 if (rc < 0) {
b6b38f70 1943 cERROR(1, "Error connecting to socket. Aborting operation");
f7c5445a 1944 goto out_err_crypto_release;
63c038c2
JL		 1945 }
1946
1947 /*
1948 * since we're in a cifs function already, we know that
1949 * this will succeed. No need for try_module_get().
1950 */
1951 __module_get(THIS_MODULE);
7c97c200 1952 tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
63c038c2
JL		 1953 tcp_ses, "cifsd");
1954 if (IS_ERR(tcp_ses->tsk)) {
1955 rc = PTR_ERR(tcp_ses->tsk);
b6b38f70 1956 cERROR(1, "error %d create cifsd thread", rc);
63c038c2 1957 module_put(THIS_MODULE);
f7c5445a 1958 goto out_err_crypto_release;
63c038c2 1959 }
fd88ce93 1960 tcp_ses->tcpStatus = CifsNeedNegotiate;
63c038c2
JL		 1961
1962 /* thread spawned, put it on the list */
3f9bcca7 1963 spin_lock(&cifs_tcp_ses_lock);
63c038c2 1964 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
3f9bcca7 1965 spin_unlock(&cifs_tcp_ses_lock);
63c038c2 1966
488f1d2d
SJ		 1967 cifs_fscache_get_client_cookie(tcp_ses);
1968
c74093b6
JL		 1969 /* queue echo request delayed work */
1970 queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1971
63c038c2
JL		 1972 return tcp_ses;
1973
f7c5445a 1974out_err_crypto_release:
d2b91521
SP		 1975 cifs_crypto_shash_release(tcp_ses);
1976
f1d0c998
RL		 1977 put_net(cifs_net_ns(tcp_ses));
1978
63c038c2
JL		 1979out_err:
1980 if (tcp_ses) {
8347a5cd
SF		 1981 if (!IS_ERR(tcp_ses->hostname))
1982 kfree(tcp_ses->hostname);
63c038c2
JL		 1983 if (tcp_ses->ssocket)
1984 sock_release(tcp_ses->ssocket);
1985 kfree(tcp_ses);
1986 }
1987 return ERR_PTR(rc);
1988}
1989
96daf2b0 1990static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
37bb04e5
PS		 1991{
1992 switch (ses->server->secType) {
1993 case Kerberos:
1994 if (vol->cred_uid != ses->cred_uid)
1995 return 0;
1996 break;
1997 default:
04febabc
JL		 1998 /* NULL username means anonymous session */
1999 if (ses->user_name == NULL) {
2000 if (!vol->nullauth)
2001 return 0;
2002 break;
2003 }
2004
37bb04e5 2005 /* anything else takes username/password */
04febabc
JL		 2006 if (strncmp(ses->user_name,
2007 vol->username ? vol->username : "",
37bb04e5
PS		 2008 MAX_USERNAME_SIZE))
2009 return 0;
2010 if (strlen(vol->username) != 0 &&
2011 ses->password != NULL &&
2012 strncmp(ses->password,
2013 vol->password ? vol->password : "",
2014 MAX_PASSWORD_SIZE))
2015 return 0;
2016 }
2017 return 1;
2018}
2019
96daf2b0 2020static struct cifs_ses *
4ff67b72 2021cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
1da177e4 2022{
96daf2b0 2023 struct cifs_ses *ses;
dea570e0 2024
3f9bcca7 2025 spin_lock(&cifs_tcp_ses_lock);
4ff67b72 2026 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
37bb04e5
PS		 2027 if (!match_session(ses, vol))
2028 continue;
14fbf50d 2029 ++ses->ses_count;
3f9bcca7 2030 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2031 return ses;
2032 }
3f9bcca7 2033 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2034 return NULL;
2035}
dea570e0 2036
14fbf50d 2037static void
96daf2b0 2038cifs_put_smb_ses(struct cifs_ses *ses)
14fbf50d
JL		 2039{
2040 int xid;
2041 struct TCP_Server_Info *server = ses->server;
dea570e0 2042
36988c76 2043 cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
3f9bcca7 2044 spin_lock(&cifs_tcp_ses_lock);
14fbf50d 2045 if (--ses->ses_count > 0) {
3f9bcca7 2046 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2047 return;
2048 }
dea570e0 2049
14fbf50d 2050 list_del_init(&ses->smb_ses_list);
3f9bcca7 2051 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 2052
14fbf50d
JL		 2053 if (ses->status == CifsGood) {
2054 xid = GetXid();
2055 CIFSSMBLogoff(xid, ses);
2056 _FreeXid(xid);
2057 }
2058 sesInfoFree(ses);
2059 cifs_put_tcp_session(server);
2060}
dea570e0 2061
8a8798a5
JL		 2062#ifdef CONFIG_KEYS
2063
2064/* strlen("cifs:a:") + INET6_ADDRSTRLEN + 1 */
2065#define CIFSCREDS_DESC_SIZE (7 + INET6_ADDRSTRLEN + 1)
2066
2067/* Populate username and pw fields from keyring if possible */
2068static int
2069cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
2070{
2071 int rc = 0;
2072 char *desc, *delim, *payload;
2073 ssize_t len;
2074 struct key *key;
2075 struct TCP_Server_Info *server = ses->server;
2076 struct sockaddr_in *sa;
2077 struct sockaddr_in6 *sa6;
2078 struct user_key_payload *upayload;
2079
2080 desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
2081 if (!desc)
2082 return -ENOMEM;
2083
2084 /* try to find an address key first */
2085 switch (server->dstaddr.ss_family) {
2086 case AF_INET:
2087 sa = (struct sockaddr_in *)&server->dstaddr;
2088 sprintf(desc, "cifs:a:%pI4", &sa->sin_addr.s_addr);
2089 break;
2090 case AF_INET6:
2091 sa6 = (struct sockaddr_in6 *)&server->dstaddr;
2092 sprintf(desc, "cifs:a:%pI6c", &sa6->sin6_addr.s6_addr);
2093 break;
2094 default:
2095 cFYI(1, "Bad ss_family (%hu)", server->dstaddr.ss_family);
2096 rc = -EINVAL;
2097 goto out_err;
2098 }
2099
2100 cFYI(1, "%s: desc=%s", __func__, desc);
2101 key = request_key(&key_type_logon, desc, "");
2102 if (IS_ERR(key)) {
2103 if (!ses->domainName) {
2104 cFYI(1, "domainName is NULL");
2105 rc = PTR_ERR(key);
2106 goto out_err;
2107 }
2108
2109 /* didn't work, try to find a domain key */
2110 sprintf(desc, "cifs:d:%s", ses->domainName);
2111 cFYI(1, "%s: desc=%s", __func__, desc);
2112 key = request_key(&key_type_logon, desc, "");
2113 if (IS_ERR(key)) {
2114 rc = PTR_ERR(key);
2115 goto out_err;
2116 }
2117 }
2118
2119 down_read(&key->sem);
2120 upayload = key->payload.data;
2121 if (IS_ERR_OR_NULL(upayload)) {
4edc53c1 2122 rc = upayload ? PTR_ERR(upayload) : -EINVAL;
8a8798a5
JL		 2123 goto out_key_put;
2124 }
2125
2126 /* find first : in payload */
2127 payload = (char *)upayload->data;
2128 delim = strnchr(payload, upayload->datalen, ':');
2129 cFYI(1, "payload=%s", payload);
2130 if (!delim) {
2131 cFYI(1, "Unable to find ':' in payload (datalen=%d)",
2132 upayload->datalen);
2133 rc = -EINVAL;
2134 goto out_key_put;
2135 }
2136
2137 len = delim - payload;
2138 if (len > MAX_USERNAME_SIZE || len <= 0) {
000f9bb8 2139 cFYI(1, "Bad value from username search (len=%zd)", len);
8a8798a5
JL		 2140 rc = -EINVAL;
2141 goto out_key_put;
2142 }
2143
2144 vol->username = kstrndup(payload, len, GFP_KERNEL);
2145 if (!vol->username) {
000f9bb8 2146 cFYI(1, "Unable to allocate %zd bytes for username", len);
8a8798a5
JL		 2147 rc = -ENOMEM;
2148 goto out_key_put;
2149 }
2150 cFYI(1, "%s: username=%s", __func__, vol->username);
2151
2152 len = key->datalen - (len + 1);
2153 if (len > MAX_PASSWORD_SIZE || len <= 0) {
000f9bb8 2154 cFYI(1, "Bad len for password search (len=%zd)", len);
8a8798a5
JL		 2155 rc = -EINVAL;
2156 kfree(vol->username);
2157 vol->username = NULL;
2158 goto out_key_put;
2159 }
2160
2161 ++delim;
2162 vol->password = kstrndup(delim, len, GFP_KERNEL);
2163 if (!vol->password) {
000f9bb8 2164 cFYI(1, "Unable to allocate %zd bytes for password", len);
8a8798a5
JL		 2165 rc = -ENOMEM;
2166 kfree(vol->username);
2167 vol->username = NULL;
2168 goto out_key_put;
2169 }
2170
2171out_key_put:
2172 up_read(&key->sem);
2173 key_put(key);
2174out_err:
2175 kfree(desc);
2176 cFYI(1, "%s: returning %d", __func__, rc);
2177 return rc;
2178}
2179#else /* ! CONFIG_KEYS */
2180static inline int
2181cifs_set_cifscreds(struct smb_vol *vol __attribute__((unused)),
2182 struct cifs_ses *ses __attribute__((unused)))
2183{
2184 return -ENOSYS;
2185}
2186#endif /* CONFIG_KEYS */
2187
d9b94201
SF		 2188static bool warned_on_ntlm; /* globals init to false automatically */
2189
96daf2b0 2190static struct cifs_ses *
36988c76
JL		 2191cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2192{
2193 int rc = -ENOMEM, xid;
96daf2b0 2194 struct cifs_ses *ses;
a9f1b85e
PS		 2195 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2196 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
36988c76
JL		 2197
2198 xid = GetXid();
2199
4ff67b72 2200 ses = cifs_find_smb_ses(server, volume_info);
36988c76
JL		 2201 if (ses) {
2202 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
2203
36988c76 2204 mutex_lock(&ses->session_mutex);
198b5682
JL		 2205 rc = cifs_negotiate_protocol(xid, ses);
2206 if (rc) {
2207 mutex_unlock(&ses->session_mutex);
2208 /* problem -- put our ses reference */
2209 cifs_put_smb_ses(ses);
2210 FreeXid(xid);
2211 return ERR_PTR(rc);
2212 }
36988c76
JL		 2213 if (ses->need_reconnect) {
2214 cFYI(1, "Session needs reconnect");
2215 rc = cifs_setup_session(xid, ses,
2216 volume_info->local_nls);
2217 if (rc) {
2218 mutex_unlock(&ses->session_mutex);
2219 /* problem -- put our reference */
2220 cifs_put_smb_ses(ses);
2221 FreeXid(xid);
2222 return ERR_PTR(rc);
2223 }
2224 }
2225 mutex_unlock(&ses->session_mutex);
460cf341
JL		 2226
2227 /* existing SMB ses has a server reference already */
2228 cifs_put_tcp_session(server);
36988c76
JL		 2229 FreeXid(xid);
2230 return ses;
2231 }
2232
2233 cFYI(1, "Existing smb sess not found");
2234 ses = sesInfoAlloc();
2235 if (ses == NULL)
2236 goto get_ses_fail;
2237
2238 /* new SMB session uses our server ref */
2239 ses->server = server;
a9f1b85e
PS		 2240 if (server->dstaddr.ss_family == AF_INET6)
2241 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
36988c76 2242 else
a9f1b85e 2243 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
36988c76 2244
8727c8a8
SF		 2245 if (volume_info->username) {
2246 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2247 if (!ses->user_name)
2248 goto get_ses_fail;
2249 }
36988c76
JL		 2250
2251 /* volume_info->password freed at unmount */
2252 if (volume_info->password) {
2253 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2254 if (!ses->password)
2255 goto get_ses_fail;
2256 }
2257 if (volume_info->domainname) {
d3686d54
SP		 2258 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2259 if (!ses->domainName)
2260 goto get_ses_fail;
36988c76 2261 }
3e4b3e1f 2262 ses->cred_uid = volume_info->cred_uid;
36988c76 2263 ses->linux_uid = volume_info->linux_uid;
d9b94201
SF		 2264
2265 /* ntlmv2 is much stronger than ntlm security, and has been broadly
2266 supported for many years, time to update default security mechanism */
2267 if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2268 warned_on_ntlm = true;
2269 cERROR(1, "default security mechanism requested. The default "
2270 "security mechanism will be upgraded from ntlm to "
225de11e 2271 "ntlmv2 in kernel release 3.3");
d9b94201 2272 }
36988c76
JL		 2273 ses->overrideSecFlg = volume_info->secFlg;
2274
2275 mutex_lock(&ses->session_mutex);
198b5682
JL		 2276 rc = cifs_negotiate_protocol(xid, ses);
2277 if (!rc)
2278 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
36988c76 2279 mutex_unlock(&ses->session_mutex);
c8e56f1f 2280 if (rc)
36988c76
JL		 2281 goto get_ses_fail;
2282
2283 /* success, put it on the list */
3f9bcca7 2284 spin_lock(&cifs_tcp_ses_lock);
36988c76 2285 list_add(&ses->smb_ses_list, &server->smb_ses_list);
3f9bcca7 2286 spin_unlock(&cifs_tcp_ses_lock);
36988c76
JL		 2287
2288 FreeXid(xid);
2289 return ses;
2290
2291get_ses_fail:
2292 sesInfoFree(ses);
2293 FreeXid(xid);
2294 return ERR_PTR(rc);
2295}
2296
96daf2b0 2297static int match_tcon(struct cifs_tcon *tcon, const char *unc)
37bb04e5
PS		 2298{
2299 if (tcon->tidStatus == CifsExiting)
2300 return 0;
2301 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2302 return 0;
2303 return 1;
2304}
2305
96daf2b0
SF		 2306static struct cifs_tcon *
2307cifs_find_tcon(struct cifs_ses *ses, const char *unc)
f1987b44
JL		 2308{
2309 struct list_head *tmp;
96daf2b0 2310 struct cifs_tcon *tcon;
f1987b44 2311
3f9bcca7 2312 spin_lock(&cifs_tcp_ses_lock);
f1987b44 2313 list_for_each(tmp, &ses->tcon_list) {
96daf2b0 2314 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
37bb04e5 2315 if (!match_tcon(tcon, unc))
f1987b44 2316 continue;
f1987b44 2317 ++tcon->tc_count;
3f9bcca7 2318 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 2319 return tcon;
1da177e4 2320 }
3f9bcca7 2321 spin_unlock(&cifs_tcp_ses_lock);
1da177e4
LT		 2322 return NULL;
2323}
2324
f1987b44 2325static void
96daf2b0 2326cifs_put_tcon(struct cifs_tcon *tcon)
f1987b44
JL		 2327{
2328 int xid;
96daf2b0 2329 struct cifs_ses *ses = tcon->ses;
f1987b44 2330
d00c28de 2331 cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
3f9bcca7 2332 spin_lock(&cifs_tcp_ses_lock);
f1987b44 2333 if (--tcon->tc_count > 0) {
3f9bcca7 2334 spin_unlock(&cifs_tcp_ses_lock);
f1987b44
JL		 2335 return;
2336 }
2337
2338 list_del_init(&tcon->tcon_list);
3f9bcca7 2339 spin_unlock(&cifs_tcp_ses_lock);
f1987b44
JL		 2340
2341 xid = GetXid();
2342 CIFSSMBTDis(xid, tcon);
2343 _FreeXid(xid);
2344
d03382ce 2345 cifs_fscache_release_super_cookie(tcon);
9f841593 2346 tconInfoFree(tcon);
f1987b44
JL		 2347 cifs_put_smb_ses(ses);
2348}
2349
96daf2b0
SF		 2350static struct cifs_tcon *
2351cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
d00c28de
JL		 2352{
2353 int rc, xid;
96daf2b0 2354 struct cifs_tcon *tcon;
d00c28de
JL		 2355
2356 tcon = cifs_find_tcon(ses, volume_info->UNC);
2357 if (tcon) {
2358 cFYI(1, "Found match on UNC path");
2359 /* existing tcon already has a reference */
2360 cifs_put_smb_ses(ses);
2361 if (tcon->seal != volume_info->seal)
2362 cERROR(1, "transport encryption setting "
2363 "conflicts with existing tid");
2364 return tcon;
2365 }
2366
2367 tcon = tconInfoAlloc();
2368 if (tcon == NULL) {
2369 rc = -ENOMEM;
2370 goto out_fail;
2371 }
2372
2373 tcon->ses = ses;
2374 if (volume_info->password) {
2375 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2376 if (!tcon->password) {
2377 rc = -ENOMEM;
2378 goto out_fail;
2379 }
2380 }
2381
2382 if (strchr(volume_info->UNC + 3, '\\') == NULL
2383 && strchr(volume_info->UNC + 3, '/') == NULL) {
2384 cERROR(1, "Missing share name");
2385 rc = -ENODEV;
2386 goto out_fail;
2387 }
2388
2389 /* BB Do we need to wrap session_mutex around
2390 * this TCon call and Unix SetFS as
2391 * we do on SessSetup and reconnect? */
2392 xid = GetXid();
2393 rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2394 FreeXid(xid);
2395 cFYI(1, "CIFS Tcon rc = %d", rc);
2396 if (rc)
2397 goto out_fail;
2398
2399 if (volume_info->nodfs) {
2400 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2401 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2402 }
2403 tcon->seal = volume_info->seal;
2404 /* we can have only one retry value for a connection
2405 to a share so for resources mounted more than once
2406 to the same server share the last value passed in
2407 for the retry flag is used */
2408 tcon->retry = volume_info->retry;
2409 tcon->nocase = volume_info->nocase;
2410 tcon->local_lease = volume_info->local_lease;
2411
3f9bcca7 2412 spin_lock(&cifs_tcp_ses_lock);
d00c28de 2413 list_add(&tcon->tcon_list, &ses->tcon_list);
3f9bcca7 2414 spin_unlock(&cifs_tcp_ses_lock);
d00c28de 2415
d03382ce
SJ		 2416 cifs_fscache_get_super_cookie(tcon);
2417
d00c28de
JL		 2418 return tcon;
2419
2420out_fail:
2421 tconInfoFree(tcon);
2422 return ERR_PTR(rc);
2423}
2424
9d002df4
JL		 2425void
2426cifs_put_tlink(struct tcon_link *tlink)
2427{
2428 if (!tlink || IS_ERR(tlink))
2429 return;
2430
2431 if (!atomic_dec_and_test(&tlink->tl_count) ||
2432 test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2433 tlink->tl_time = jiffies;
2434 return;
2435 }
2436
2437 if (!IS_ERR(tlink_tcon(tlink)))
2438 cifs_put_tcon(tlink_tcon(tlink));
2439 kfree(tlink);
2440 return;
2441}
d00c28de 2442
25c7f41e 2443static inline struct tcon_link *
cd51875d
PS		 2444cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2445{
2446 return cifs_sb->master_tlink;
2447}
25c7f41e
PS		 2448
2449static int
2450compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2451{
2452 struct cifs_sb_info *old = CIFS_SB(sb);
2453 struct cifs_sb_info *new = mnt_data->cifs_sb;
2454
2455 if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2456 return 0;
2457
2458 if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2459 (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2460 return 0;
2461
25c7f41e 2462 /*
5eba8ab3
JL		 2463 * We want to share sb only if we don't specify an r/wsize or
2464 * specified r/wsize is greater than or equal to existing one.
25c7f41e
PS		 2465 */
2466 if (new->wsize && new->wsize < old->wsize)
2467 return 0;
2468
5eba8ab3
JL		 2469 if (new->rsize && new->rsize < old->rsize)
2470 return 0;
2471
25c7f41e
PS		 2472 if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2473 return 0;
2474
2475 if (old->mnt_file_mode != new->mnt_file_mode ||
2476 old->mnt_dir_mode != new->mnt_dir_mode)
2477 return 0;
2478
2479 if (strcmp(old->local_nls->charset, new->local_nls->charset))
2480 return 0;
2481
2482 if (old->actimeo != new->actimeo)
2483 return 0;
2484
2485 return 1;
2486}
2487
2488int
2489cifs_match_super(struct super_block *sb, void *data)
2490{
2491 struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2492 struct smb_vol *volume_info;
2493 struct cifs_sb_info *cifs_sb;
2494 struct TCP_Server_Info *tcp_srv;
96daf2b0
SF		 2495 struct cifs_ses *ses;
2496 struct cifs_tcon *tcon;
25c7f41e
PS		 2497 struct tcon_link *tlink;
2498 struct sockaddr_storage addr;
2499 int rc = 0;
2500
2501 memset(&addr, 0, sizeof(struct sockaddr_storage));
2502
2503 spin_lock(&cifs_tcp_ses_lock);
2504 cifs_sb = CIFS_SB(sb);
2505 tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2506 if (IS_ERR(tlink)) {
2507 spin_unlock(&cifs_tcp_ses_lock);
2508 return rc;
2509 }
2510 tcon = tlink_tcon(tlink);
2511 ses = tcon->ses;
2512 tcp_srv = ses->server;
2513
2514 volume_info = mnt_data->vol;
2515
2516 if (!volume_info->UNCip || !volume_info->UNC)
2517 goto out;
2518
2519 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2520 volume_info->UNCip,
2521 strlen(volume_info->UNCip),
2522 volume_info->port);
2523 if (!rc)
2524 goto out;
2525
2526 if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2527 !match_session(ses, volume_info) ||
2528 !match_tcon(tcon, volume_info->UNC)) {
2529 rc = 0;
2530 goto out;
2531 }
2532
2533 rc = compare_mount_options(sb, mnt_data);
2534out:
25c7f41e 2535 spin_unlock(&cifs_tcp_ses_lock);
f484b5d0 2536 cifs_put_tlink(tlink);
25c7f41e
PS		 2537 return rc;
2538}
2539
1da177e4 2540int
96daf2b0 2541get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
50c2f753 2542 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
366781c1 2543 struct dfs_info3_param **preferrals, int remap)
1da177e4
LT		 2544{
2545 char *temp_unc;
2546 int rc = 0;
2547
2548 *pnum_referrals = 0;
366781c1 2549 *preferrals = NULL;
1da177e4
LT		 2550
2551 if (pSesInfo->ipc_tid == 0) {
2552 temp_unc = kmalloc(2 /* for slashes */ +
50c2f753
SF		 2553 strnlen(pSesInfo->serverName,
2554 SERVER_NAME_LEN_WITH_NULL * 2)
1da177e4
LT		 2555 + 1 + 4 /* slash IPC$ */ + 2,
2556 GFP_KERNEL);
2557 if (temp_unc == NULL)
2558 return -ENOMEM;
2559 temp_unc[0] = '\\';
2560 temp_unc[1] = '\\';
2561 strcpy(temp_unc + 2, pSesInfo->serverName);
2562 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2563 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
b6b38f70 2564 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
1da177e4
LT		 2565 kfree(temp_unc);
2566 }
2567 if (rc == 0)
c2cf07d5 2568 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
737b758c 2569 pnum_referrals, nls_codepage, remap);
366781c1
SF		 2570 /* BB map targetUNCs to dfs_info3 structures, here or
2571 in CIFSGetDFSRefer BB */
1da177e4
LT		 2572
2573 return rc;
2574}
2575
09e50d55
JL		 2576#ifdef CONFIG_DEBUG_LOCK_ALLOC
2577static struct lock_class_key cifs_key[2];
2578static struct lock_class_key cifs_slock_key[2];
2579
2580static inline void
2581cifs_reclassify_socket4(struct socket *sock)
2582{
2583 struct sock *sk = sock->sk;
2584 BUG_ON(sock_owned_by_user(sk));
2585 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2586 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2587}
2588
2589static inline void
2590cifs_reclassify_socket6(struct socket *sock)
2591{
2592 struct sock *sk = sock->sk;
2593 BUG_ON(sock_owned_by_user(sk));
2594 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2595 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2596}
2597#else
2598static inline void
2599cifs_reclassify_socket4(struct socket *sock)
2600{
2601}
2602
2603static inline void
2604cifs_reclassify_socket6(struct socket *sock)
2605{
2606}
2607#endif
2608
1da177e4 2609/* See RFC1001 section 14 on representation of Netbios names */
50c2f753 2610static void rfc1002mangle(char *target, char *source, unsigned int length)
1da177e4 2611{
50c2f753 2612 unsigned int i, j;
1da177e4 2613
50c2f753 2614 for (i = 0, j = 0; i < (length); i++) {
1da177e4
LT		 2615 /* mask a nibble at a time and encode */
2616 target[j] = 'A' + (0x0F & (source[i] >> 4));
2617 target[j+1] = 'A' + (0x0F & source[i]);
50c2f753 2618 j += 2;
1da177e4
LT		 2619 }
2620
2621}
2622
3eb9a889
BG		 2623static int
2624bind_socket(struct TCP_Server_Info *server)
2625{
2626 int rc = 0;
2627 if (server->srcaddr.ss_family != AF_UNSPEC) {
2628 /* Bind to the specified local IP address */
2629 struct socket *socket = server->ssocket;
2630 rc = socket->ops->bind(socket,
2631 (struct sockaddr *) &server->srcaddr,
2632 sizeof(server->srcaddr));
2633 if (rc < 0) {
2634 struct sockaddr_in *saddr4;
2635 struct sockaddr_in6 *saddr6;
2636 saddr4 = (struct sockaddr_in *)&server->srcaddr;
2637 saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2638 if (saddr6->sin6_family == AF_INET6)
2639 cERROR(1, "cifs: "
2640 "Failed to bind to: %pI6c, error: %d\n",
2641 &saddr6->sin6_addr, rc);
2642 else
2643 cERROR(1, "cifs: "
2644 "Failed to bind to: %pI4, error: %d\n",
2645 &saddr4->sin_addr.s_addr, rc);
2646 }
2647 }
2648 return rc;
2649}
1da177e4
LT		 2650
2651static int
a9f1b85e 2652ip_rfc1001_connect(struct TCP_Server_Info *server)
1da177e4
LT		 2653{
2654 int rc = 0;
a9f1b85e
PS		 2655 /*
2656 * some servers require RFC1001 sessinit before sending
2657 * negprot - BB check reconnection in case where second
2658 * sessinit is sent but no second negprot
2659 */
2660 struct rfc1002_session_packet *ses_init_buf;
2661 struct smb_hdr *smb_buf;
2662 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2663 GFP_KERNEL);
2664 if (ses_init_buf) {
2665 ses_init_buf->trailer.session_req.called_len = 32;
2666
2667 if (server->server_RFC1001_name &&
2668 server->server_RFC1001_name[0] != 0)
2669 rfc1002mangle(ses_init_buf->trailer.
2670 session_req.called_name,
2671 server->server_RFC1001_name,
2672 RFC1001_NAME_LEN_WITH_NULL);
2673 else
2674 rfc1002mangle(ses_init_buf->trailer.
2675 session_req.called_name,
2676 DEFAULT_CIFS_CALLED_NAME,
2677 RFC1001_NAME_LEN_WITH_NULL);
2678
2679 ses_init_buf->trailer.session_req.calling_len = 32;
2680
2681 /*
2682 * calling name ends in null (byte 16) from old smb
2683 * convention.
2684 */
2685 if (server->workstation_RFC1001_name &&
2686 server->workstation_RFC1001_name[0] != 0)
2687 rfc1002mangle(ses_init_buf->trailer.
2688 session_req.calling_name,
2689 server->workstation_RFC1001_name,
2690 RFC1001_NAME_LEN_WITH_NULL);
2691 else
2692 rfc1002mangle(ses_init_buf->trailer.
2693 session_req.calling_name,
2694 "LINUX_CIFS_CLNT",
2695 RFC1001_NAME_LEN_WITH_NULL);
2696
2697 ses_init_buf->trailer.session_req.scope1 = 0;
2698 ses_init_buf->trailer.session_req.scope2 = 0;
2699 smb_buf = (struct smb_hdr *)ses_init_buf;
2700
2701 /* sizeof RFC1002_SESSION_REQUEST with no scope */
be8e3b00 2702 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
a9f1b85e
PS		 2703 rc = smb_send(server, smb_buf, 0x44);
2704 kfree(ses_init_buf);
2705 /*
2706 * RFC1001 layer in at least one server
2707 * requires very short break before negprot
2708 * presumably because not expecting negprot
2709 * to follow so fast. This is a simple
2710 * solution that works without
2711 * complicating the code and causes no
2712 * significant slowing down on mount
2713 * for everyone else
2714 */
2715 usleep_range(1000, 2000);
2716 }
2717 /*
2718 * else the negprot may still work without this
2719 * even though malloc failed
2720 */
2721
2722 return rc;
2723}
2724
2725static int
2726generic_ip_connect(struct TCP_Server_Info *server)
2727{
2728 int rc = 0;
6da97910 2729 __be16 sport;
a9f1b85e 2730 int slen, sfamily;
bcf4b106 2731 struct socket *socket = server->ssocket;
a9f1b85e
PS		 2732 struct sockaddr *saddr;
2733
2734 saddr = (struct sockaddr *) &server->dstaddr;
2735
2736 if (server->dstaddr.ss_family == AF_INET6) {
2737 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2738 slen = sizeof(struct sockaddr_in6);
2739 sfamily = AF_INET6;
2740 } else {
2741 sport = ((struct sockaddr_in *) saddr)->sin_port;
2742 slen = sizeof(struct sockaddr_in);
2743 sfamily = AF_INET;
2744 }
1da177e4 2745
bcf4b106 2746 if (socket == NULL) {
f1d0c998
RL		 2747 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2748 IPPROTO_TCP, &socket, 1);
1da177e4 2749 if (rc < 0) {
b6b38f70 2750 cERROR(1, "Error %d creating socket", rc);
a9f1b85e 2751 server->ssocket = NULL;
1da177e4 2752 return rc;
1da177e4 2753 }
bcf4b106
JL		 2754
2755 /* BB other socket options to set KEEPALIVE, NODELAY? */
b6b38f70 2756 cFYI(1, "Socket created");
bcf4b106
JL		 2757 server->ssocket = socket;
2758 socket->sk->sk_allocation = GFP_NOFS;
a9f1b85e
PS		 2759 if (sfamily == AF_INET6)
2760 cifs_reclassify_socket6(socket);
2761 else
2762 cifs_reclassify_socket4(socket);
1da177e4
LT		 2763 }
2764
3eb9a889
BG		 2765 rc = bind_socket(server);
2766 if (rc < 0)
2767 return rc;
2768
bcf4b106
JL		 2769 /*
2770 * Eventually check for other socket options to change from
a9f1b85e
PS		 2771 * the default. sock_setsockopt not used because it expects
2772 * user space buffer
bcf4b106
JL		 2773 */
2774 socket->sk->sk_rcvtimeo = 7 * HZ;
da505c38 2775 socket->sk->sk_sndtimeo = 5 * HZ;
edf1ae40 2776
b387eaeb 2777 /* make the bufsizes depend on wsize/rsize and max requests */
bcf4b106
JL		 2778 if (server->noautotune) {
2779 if (socket->sk->sk_sndbuf < (200 * 1024))
2780 socket->sk->sk_sndbuf = 200 * 1024;
2781 if (socket->sk->sk_rcvbuf < (140 * 1024))
2782 socket->sk->sk_rcvbuf = 140 * 1024;
edf1ae40 2783 }
1da177e4 2784
6a5fa236 2785 if (server->tcp_nodelay) {
a9f1b85e 2786 int val = 1;
6a5fa236
SF		 2787 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2788 (char *)&val, sizeof(val));
2789 if (rc)
b6b38f70 2790 cFYI(1, "set TCP_NODELAY socket option error %d", rc);
6a5fa236
SF		 2791 }
2792
b6b38f70 2793 cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
bcf4b106 2794 socket->sk->sk_sndbuf,
b6b38f70 2795 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
bcf4b106 2796
ee1b3ea9
JL		 2797 rc = socket->ops->connect(socket, saddr, slen, 0);
2798 if (rc < 0) {
2799 cFYI(1, "Error %d connecting to server", rc);
2800 sock_release(socket);
2801 server->ssocket = NULL;
2802 return rc;
2803 }
2804
a9f1b85e
PS		 2805 if (sport == htons(RFC1001_PORT))
2806 rc = ip_rfc1001_connect(server);
50c2f753 2807
1da177e4
LT		 2808 return rc;
2809}
2810
2811static int
a9f1b85e 2812ip_connect(struct TCP_Server_Info *server)
1da177e4 2813{
6da97910 2814 __be16 *sport;
a9f1b85e
PS		 2815 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2816 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
1da177e4 2817
a9f1b85e
PS		 2818 if (server->dstaddr.ss_family == AF_INET6)
2819 sport = &addr6->sin6_port;
2820 else
2821 sport = &addr->sin_port;
1da177e4 2822
a9f1b85e
PS		 2823 if (*sport == 0) {
2824 int rc;
1da177e4 2825
a9f1b85e
PS		 2826 /* try with 445 port at first */
2827 *sport = htons(CIFS_PORT);
3eb9a889 2828
a9f1b85e 2829 rc = generic_ip_connect(server);
1da177e4 2830 if (rc >= 0)
a9f1b85e 2831 return rc;
6a5fa236 2832
a9f1b85e
PS		 2833 /* if it failed, try with 139 port */
2834 *sport = htons(RFC1001_PORT);
6a5fa236
SF		 2835 }
2836
a9f1b85e 2837 return generic_ip_connect(server);
1da177e4
LT		 2838}
2839
96daf2b0 2840void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
2c6292ae 2841 struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
8af18971
SF		 2842{
2843 /* if we are reconnecting then should we check to see if
2844 * any requested capabilities changed locally e.g. via
2845 * remount but we can not do much about it here
2846 * if they have (even if we could detect it by the following)
2847 * Perhaps we could add a backpointer to array of sb from tcon
2848 * or if we change to make all sb to same share the same
2849 * sb as NFS - then we only have one backpointer to sb.
2850 * What if we wanted to mount the server share twice once with
2851 * and once without posixacls or posix paths? */
2852 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
50c2f753 2853
c18c842b
SF		 2854 if (vol_info && vol_info->no_linux_ext) {
2855 tcon->fsUnixInfo.Capability = 0;
2856 tcon->unix_ext = 0; /* Unix Extensions disabled */
b6b38f70 2857 cFYI(1, "Linux protocol extensions disabled");
c18c842b
SF		 2858 return;
2859 } else if (vol_info)
2860 tcon->unix_ext = 1; /* Unix Extensions supported */
2861
2862 if (tcon->unix_ext == 0) {
b6b38f70 2863 cFYI(1, "Unix extensions disabled so not set on reconnect");
c18c842b
SF		 2864 return;
2865 }
50c2f753 2866
fb8c4b14 2867 if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
8af18971 2868 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
6848b733 2869 cFYI(1, "unix caps which server supports %lld", cap);
8af18971
SF		 2870 /* check for reconnect case in which we do not
2871 want to change the mount behavior if we can avoid it */
fb8c4b14 2872 if (vol_info == NULL) {
50c2f753 2873 /* turn off POSIX ACL and PATHNAMES if not set
8af18971
SF		 2874 originally at mount time */
2875 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2876 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
11b6d645
IM		 2877 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2878 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
b6b38f70 2879 cERROR(1, "POSIXPATH support change");
8af18971 2880 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
11b6d645 2881 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
b6b38f70
JP		 2882 cERROR(1, "possible reconnect error");
2883 cERROR(1, "server disabled POSIX path support");
11b6d645 2884 }
8af18971 2885 }
50c2f753 2886
6848b733
SF		 2887 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2888 cERROR(1, "per-share encryption not supported yet");
2889
8af18971 2890 cap &= CIFS_UNIX_CAP_MASK;
75865f8c 2891 if (vol_info && vol_info->no_psx_acl)
8af18971 2892 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
75865f8c 2893 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
b6b38f70 2894 cFYI(1, "negotiated posix acl support");
2c6292ae
AV		 2895 if (cifs_sb)
2896 cifs_sb->mnt_cifs_flags |=
2897 CIFS_MOUNT_POSIXACL;
8af18971
SF		 2898 }
2899
75865f8c 2900 if (vol_info && vol_info->posix_paths == 0)
8af18971 2901 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
75865f8c 2902 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
b6b38f70 2903 cFYI(1, "negotiate posix pathnames");
2c6292ae
AV		 2904 if (cifs_sb)
2905 cifs_sb->mnt_cifs_flags |=
8af18971
SF		 2906 CIFS_MOUNT_POSIX_PATHS;
2907 }
50c2f753 2908
b6b38f70 2909 cFYI(1, "Negotiate caps 0x%x", (int)cap);
8af18971 2910#ifdef CONFIG_CIFS_DEBUG2
75865f8c 2911 if (cap & CIFS_UNIX_FCNTL_CAP)
b6b38f70 2912 cFYI(1, "FCNTL cap");
75865f8c 2913 if (cap & CIFS_UNIX_EXTATTR_CAP)
b6b38f70 2914 cFYI(1, "EXTATTR cap");
75865f8c 2915 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
b6b38f70 2916 cFYI(1, "POSIX path cap");
75865f8c 2917 if (cap & CIFS_UNIX_XATTR_CAP)
b6b38f70 2918 cFYI(1, "XATTR cap");
75865f8c 2919 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
b6b38f70 2920 cFYI(1, "POSIX ACL cap");
75865f8c 2921 if (cap & CIFS_UNIX_LARGE_READ_CAP)
b6b38f70 2922 cFYI(1, "very large read cap");
75865f8c 2923 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
b6b38f70 2924 cFYI(1, "very large write cap");
6848b733
SF		 2925 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
2926 cFYI(1, "transport encryption cap");
2927 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2928 cFYI(1, "mandatory transport encryption cap");
8af18971
SF		 2929#endif /* CIFS_DEBUG2 */
2930 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
442aa310 2931 if (vol_info == NULL) {
b6b38f70 2932 cFYI(1, "resetting capabilities failed");
442aa310 2933 } else
b6b38f70 2934 cERROR(1, "Negotiating Unix capabilities "
5a44b319
SF		 2935 "with the server failed. Consider "
2936 "mounting with the Unix Extensions\n"
2937 "disabled, if problems are found, "
2938 "by specifying the nounix mount "
b6b38f70 2939 "option.");
5a44b319 2940
8af18971
SF		 2941 }
2942 }
2943}
2944
724d9f1c
PS		 2945void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
2946 struct cifs_sb_info *cifs_sb)
b1c8d2b4 2947{
2de970ff
JL		 2948 INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2949
2ced6f69
AV		 2950 spin_lock_init(&cifs_sb->tlink_tree_lock);
2951 cifs_sb->tlink_tree = RB_ROOT;
2952
25c7f41e 2953 /*
5eba8ab3
JL		 2954 * Temporarily set r/wsize for matching superblock. If we end up using
2955 * new sb then client will later negotiate it downward if needed.
25c7f41e 2956 */
5eba8ab3 2957 cifs_sb->rsize = pvolume_info->rsize;
25c7f41e
PS		 2958 cifs_sb->wsize = pvolume_info->wsize;
2959
3b795210
SF		 2960 cifs_sb->mnt_uid = pvolume_info->linux_uid;
2961 cifs_sb->mnt_gid = pvolume_info->linux_gid;
3d3ea8e6
SP		 2962 if (pvolume_info->backupuid_specified)
2963 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
2964 if (pvolume_info->backupgid_specified)
2965 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
3b795210
SF		 2966 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2967 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
5206efd6 2968 cFYI(1, "file mode: 0x%hx dir mode: 0x%hx",
b6b38f70 2969 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
3b795210 2970
6d20e840 2971 cifs_sb->actimeo = pvolume_info->actimeo;
724d9f1c 2972 cifs_sb->local_nls = pvolume_info->local_nls;
6d20e840 2973
3b795210
SF		 2974 if (pvolume_info->noperm)
2975 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2976 if (pvolume_info->setuids)
2977 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2978 if (pvolume_info->server_ino)
2979 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2980 if (pvolume_info->remap)
2981 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2982 if (pvolume_info->no_xattr)
2983 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2984 if (pvolume_info->sfu_emul)
2985 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2986 if (pvolume_info->nobrl)
2987 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
be652445 2988 if (pvolume_info->nostrictsync)
4717bed6 2989 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
13a6e42a
SF		 2990 if (pvolume_info->mand_lock)
2991 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
d4ffff1f
PS		 2992 if (pvolume_info->rwpidforward)
2993 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
3b795210
SF		 2994 if (pvolume_info->cifs_acl)
2995 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
3d3ea8e6
SP		 2996 if (pvolume_info->backupuid_specified)
2997 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
2998 if (pvolume_info->backupgid_specified)
2999 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
3b795210
SF		 3000 if (pvolume_info->override_uid)
3001 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
3002 if (pvolume_info->override_gid)
3003 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
3004 if (pvolume_info->dynperm)
3005 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
fa1df75d
SJ		 3006 if (pvolume_info->fsc)
3007 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
0eb8a132
JL		 3008 if (pvolume_info->multiuser)
3009 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
3010 CIFS_MOUNT_NO_PERM);
d39454ff
PS		 3011 if (pvolume_info->strict_io)
3012 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
3b795210 3013 if (pvolume_info->direct_io) {
b6b38f70 3014 cFYI(1, "mounting share using direct i/o");
3b795210
SF		 3015 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
3016 }
736a3320
SM		 3017 if (pvolume_info->mfsymlinks) {
3018 if (pvolume_info->sfu_emul) {
3019 cERROR(1, "mount option mfsymlinks ignored if sfu "
3020 "mount option is used");
3021 } else {
3022 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
3023 }
3024 }
3b795210
SF		 3025
3026 if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
b6b38f70
JP		 3027 cERROR(1, "mount option dynperm ignored if cifsacl "
3028 "mount option supported");
b1c8d2b4
JL		 3029}
3030
f7910cbd 3031/*
5eba8ab3
JL		 3032 * When the server supports very large reads and writes via POSIX extensions,
3033 * we can allow up to 2^24-1, minus the size of a READ/WRITE_AND_X header, not
3034 * including the RFC1001 length.
f7910cbd
JL		 3035 *
3036 * Note that this might make for "interesting" allocation problems during
1190f6a0
JL		 3037 * writeback however as we have to allocate an array of pointers for the
3038 * pages. A 16M write means ~32kb page array with PAGE_CACHE_SIZE == 4096.
5eba8ab3
JL		 3039 *
3040 * For reads, there is a similar problem as we need to allocate an array
3041 * of kvecs to handle the receive, though that should only need to be done
3042 * once.
f7910cbd 3043 */
1190f6a0 3044#define CIFS_MAX_WSIZE ((1<<24) - 1 - sizeof(WRITE_REQ) + 4)
5eba8ab3 3045#define CIFS_MAX_RSIZE ((1<<24) - sizeof(READ_RSP) + 4)
f7910cbd
JL		 3046
3047/*
5eba8ab3
JL		 3048 * When the server doesn't allow large posix writes, only allow a rsize/wsize
3049 * of 2^17-1 minus the size of the call header. That allows for a read or
3050 * write up to the maximum size described by RFC1002.
f7910cbd 3051 */
94443f43 3052#define CIFS_MAX_RFC1002_WSIZE ((1<<17) - 1 - sizeof(WRITE_REQ) + 4)
5eba8ab3 3053#define CIFS_MAX_RFC1002_RSIZE ((1<<17) - 1 - sizeof(READ_RSP) + 4)
f7910cbd
JL		 3054
3055/*
3056 * The default wsize is 1M. find_get_pages seems to return a maximum of 256
3057 * pages in a single call. With PAGE_CACHE_SIZE == 4k, this means we can fill
3058 * a single wsize request with a single call.
3059 */
5eba8ab3
JL		 3060#define CIFS_DEFAULT_IOSIZE (1024 * 1024)
3061
3062/*
ce91acb3
JL		 3063 * Windows only supports a max of 60kb reads and 65535 byte writes. Default to
3064 * those values when posix extensions aren't in force. In actuality here, we
3065 * use 65536 to allow for a write that is a multiple of 4k. Most servers seem
3066 * to be ok with the extra byte even though Windows doesn't send writes that
3067 * are that large.
3068 *
3069 * Citation:
3070 *
3071 * http://blogs.msdn.com/b/openspecification/archive/2009/04/10/smb-maximum-transmit-buffer-size-and-performance-tuning.aspx
5eba8ab3
JL		 3072 */
3073#define CIFS_DEFAULT_NON_POSIX_RSIZE (60 * 1024)
ce91acb3 3074#define CIFS_DEFAULT_NON_POSIX_WSIZE (65536)
f7910cbd
JL		 3075
3076static unsigned int
96daf2b0 3077cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
f7910cbd
JL		 3078{
3079 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3080 struct TCP_Server_Info *server = tcon->ses->server;
ce91acb3
JL		 3081 unsigned int wsize;
3082
3083 /* start with specified wsize, or default */
3084 if (pvolume_info->wsize)
3085 wsize = pvolume_info->wsize;
3086 else if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
3087 wsize = CIFS_DEFAULT_IOSIZE;
3088 else
3089 wsize = CIFS_DEFAULT_NON_POSIX_WSIZE;
f7910cbd
JL		 3090
3091 /* can server support 24-bit write sizes? (via UNIX extensions) */
3092 if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
1190f6a0 3093 wsize = min_t(unsigned int, wsize, CIFS_MAX_RFC1002_WSIZE);
f7910cbd 3094
1190f6a0
JL		 3095 /*
3096 * no CAP_LARGE_WRITE_X or is signing enabled without CAP_UNIX set?
3097 * Limit it to max buffer offered by the server, minus the size of the
3098 * WRITEX header, not including the 4 byte RFC1001 length.
3099 */
3100 if (!(server->capabilities & CAP_LARGE_WRITE_X) ||
3101 (!(server->capabilities & CAP_UNIX) &&
3102 (server->sec_mode & (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED))))
3103 wsize = min_t(unsigned int, wsize,
3104 server->maxBuf - sizeof(WRITE_REQ) + 4);
f7910cbd
JL		 3105
3106 /* hard limit of CIFS_MAX_WSIZE */
3107 wsize = min_t(unsigned int, wsize, CIFS_MAX_WSIZE);
3108
3109 return wsize;
3110}
3111
5eba8ab3
JL		 3112static unsigned int
3113cifs_negotiate_rsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
3114{
3115 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3116 struct TCP_Server_Info *server = tcon->ses->server;
3117 unsigned int rsize, defsize;
3118
3119 /*
3120 * Set default value...
3121 *
3122 * HACK alert! Ancient servers have very small buffers. Even though
3123 * MS-CIFS indicates that servers are only limited by the client's
3124 * bufsize for reads, testing against win98se shows that it throws
3125 * INVALID_PARAMETER errors if you try to request too large a read.
3126 *
3127 * If the server advertises a MaxBufferSize of less than one page,
3128 * assume that it also can't satisfy reads larger than that either.
3129 *
3130 * FIXME: Is there a better heuristic for this?
3131 */
3132 if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_READ_CAP))
3133 defsize = CIFS_DEFAULT_IOSIZE;
3134 else if (server->capabilities & CAP_LARGE_READ_X)
3135 defsize = CIFS_DEFAULT_NON_POSIX_RSIZE;
3136 else if (server->maxBuf >= PAGE_CACHE_SIZE)
3137 defsize = CIFSMaxBufSize;
3138 else
3139 defsize = server->maxBuf - sizeof(READ_RSP);
3140
3141 rsize = pvolume_info->rsize ? pvolume_info->rsize : defsize;
3142
3143 /*
3144 * no CAP_LARGE_READ_X? Then MS-CIFS states that we must limit this to
3145 * the client's MaxBufferSize.
3146 */
3147 if (!(server->capabilities & CAP_LARGE_READ_X))
3148 rsize = min_t(unsigned int, CIFSMaxBufSize, rsize);
3149
3150 /* hard limit of CIFS_MAX_RSIZE */
3151 rsize = min_t(unsigned int, rsize, CIFS_MAX_RSIZE);
3152
3153 return rsize;
3154}
3155
e4cce94c 3156static int
96daf2b0 3157is_path_accessible(int xid, struct cifs_tcon *tcon,
e4cce94c
IM		 3158 struct cifs_sb_info *cifs_sb, const char *full_path)
3159{
3160 int rc;
e4cce94c
IM		 3161 FILE_ALL_INFO *pfile_info;
3162
e4cce94c
IM		 3163 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
3164 if (pfile_info == NULL)
3165 return -ENOMEM;
3166
3167 rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
3168 0 /* not legacy */, cifs_sb->local_nls,
3169 cifs_sb->mnt_cifs_flags &
3170 CIFS_MOUNT_MAP_SPECIAL_CHR);
221d1d79
JL		 3171
3172 if (rc == -EOPNOTSUPP || rc == -EINVAL)
3173 rc = SMBQueryInformation(xid, tcon, full_path, pfile_info,
3174 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
3175 CIFS_MOUNT_MAP_SPECIAL_CHR);
e4cce94c
IM		 3176 kfree(pfile_info);
3177 return rc;
3178}
3179
b9bce2e9
JL		 3180static void
3181cleanup_volume_info_contents(struct smb_vol *volume_info)
1bfe73c2 3182{
b946845a 3183 kfree(volume_info->username);
1bfe73c2 3184 kzfree(volume_info->password);
13589c43
SF		 3185 if (volume_info->UNCip != volume_info->UNC + 2)
3186 kfree(volume_info->UNCip);
95c75454 3187 kfree(volume_info->UNC);
b946845a
SF		 3188 kfree(volume_info->domainname);
3189 kfree(volume_info->iocharset);
1bfe73c2 3190 kfree(volume_info->prepath);
b9bce2e9
JL		 3191}
3192
3193void
3194cifs_cleanup_volume_info(struct smb_vol *volume_info)
3195{
3196 if (!volume_info)
3197 return;
3198 cleanup_volume_info_contents(volume_info);
1bfe73c2 3199 kfree(volume_info);
1bfe73c2
IM		 3200}
3201
b9bce2e9 3202
2d6d589d 3203#ifdef CONFIG_CIFS_DFS_UPCALL
1bfe73c2
IM		 3204/* build_path_to_root returns full path to root when
3205 * we do not have an exiting connection (tcon) */
3206static char *
b2a0fa15 3207build_unc_path_to_root(const struct smb_vol *vol,
1bfe73c2
IM		 3208 const struct cifs_sb_info *cifs_sb)
3209{
b2a0fa15
JL		 3210 char *full_path, *pos;
3211 unsigned int pplen = vol->prepath ? strlen(vol->prepath) : 0;
3212 unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
1bfe73c2 3213
b2a0fa15 3214 full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
1bfe73c2
IM		 3215 if (full_path == NULL)
3216 return ERR_PTR(-ENOMEM);
3217
b2a0fa15
JL		 3218 strncpy(full_path, vol->UNC, unc_len);
3219 pos = full_path + unc_len;
3220
3221 if (pplen) {
3222 strncpy(pos, vol->prepath, pplen);
3223 pos += pplen;
3224 }
3225
3226 *pos = '\0'; /* add trailing null */
f87d39d9 3227 convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
b2a0fa15 3228 cFYI(1, "%s: full_path=%s", __func__, full_path);
1bfe73c2
IM		 3229 return full_path;
3230}
dd613945
SF		 3231
3232/*
3233 * Perform a dfs referral query for a share and (optionally) prefix
3234 *
046462ab
SF		 3235 * If a referral is found, cifs_sb->mountdata will be (re-)allocated
3236 * to a string containing updated options for the submount. Otherwise it
3237 * will be left untouched.
dd613945
SF		 3238 *
3239 * Returns the rc from get_dfs_path to the caller, which can be used to
3240 * determine whether there were referrals.
3241 */
3242static int
96daf2b0 3243expand_dfs_referral(int xid, struct cifs_ses *pSesInfo,
dd613945 3244 struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
046462ab 3245 int check_prefix)
dd613945
SF		 3246{
3247 int rc;
3248 unsigned int num_referrals = 0;
3249 struct dfs_info3_param *referrals = NULL;
3250 char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
3251
3252 full_path = build_unc_path_to_root(volume_info, cifs_sb);
3253 if (IS_ERR(full_path))
3254 return PTR_ERR(full_path);
3255
3256 /* For DFS paths, skip the first '\' of the UNC */
3257 ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
3258
3259 rc = get_dfs_path(xid, pSesInfo , ref_path, cifs_sb->local_nls,
3260 &num_referrals, &referrals,
3261 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
3262
3263 if (!rc && num_referrals > 0) {
3264 char *fake_devname = NULL;
3265
3266 mdata = cifs_compose_mount_options(cifs_sb->mountdata,
3267 full_path + 1, referrals,
3268 &fake_devname);
3269
3270 free_dfs_info_array(referrals, num_referrals);
046462ab 3271
dd613945
SF		 3272 if (IS_ERR(mdata)) {
3273 rc = PTR_ERR(mdata);
3274 mdata = NULL;
b9bce2e9
JL		 3275 } else {
3276 cleanup_volume_info_contents(volume_info);
3277 memset(volume_info, '\0', sizeof(*volume_info));
3278 rc = cifs_setup_volume_info(volume_info, mdata,
3279 fake_devname);
dd613945 3280 }
b9bce2e9
JL		 3281 kfree(fake_devname);
3282 kfree(cifs_sb->mountdata);
046462ab 3283 cifs_sb->mountdata = mdata;
dd613945
SF		 3284 }
3285 kfree(full_path);
3286 return rc;
3287}
2d6d589d 3288#endif
1bfe73c2 3289
04db79b0
JL		 3290static int
3291cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
3292 const char *devname)
1da177e4 3293{
724d9f1c 3294 int rc = 0;
1da177e4 3295
04db79b0
JL		 3296 if (cifs_parse_mount_options(mount_data, devname, volume_info))
3297 return -EINVAL;
1da177e4 3298
7586b765 3299 if (volume_info->nullauth) {
04febabc
JL		 3300 cFYI(1, "Anonymous login");
3301 kfree(volume_info->username);
3302 volume_info->username = NULL;
7586b765 3303 } else if (volume_info->username) {
1da177e4 3304 /* BB fixme parse for domain name here */
b6b38f70 3305 cFYI(1, "Username: %s", volume_info->username);
1da177e4 3306 } else {
bf820679 3307 cifserror("No username specified");
50c2f753
SF		 3308 /* In userspace mount helper we can get user name from alternate
3309 locations such as env variables and files on disk */
04db79b0 3310 return -EINVAL;
1da177e4
LT		 3311 }
3312
1da177e4 3313 /* this is needed for ASCII cp to Unicode converts */
7586b765 3314 if (volume_info->iocharset == NULL) {
a5fc4ce0
JL		 3315 /* load_nls_default cannot return null */
3316 volume_info->local_nls = load_nls_default();
1da177e4 3317 } else {
a5fc4ce0
JL		 3318 volume_info->local_nls = load_nls(volume_info->iocharset);
3319 if (volume_info->local_nls == NULL) {
b6b38f70
JP		 3320 cERROR(1, "CIFS mount error: iocharset %s not found",
3321 volume_info->iocharset);
04db79b0 3322 return -ELIBACC;
1da177e4
LT		 3323 }
3324 }
724d9f1c 3325
724d9f1c
PS		 3326 return rc;
3327}
3328
04db79b0
JL		 3329struct smb_vol *
3330cifs_get_volume_info(char *mount_data, const char *devname)
3331{
3332 int rc;
3333 struct smb_vol *volume_info;
3334
3335 volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
3336 if (!volume_info)
3337 return ERR_PTR(-ENOMEM);
3338
3339 rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3340 if (rc) {
3341 cifs_cleanup_volume_info(volume_info);
3342 volume_info = ERR_PTR(rc);
3343 }
3344
3345 return volume_info;
3346}
3347
66bfaadc
JL		 3348/* make sure ra_pages is a multiple of rsize */
3349static inline unsigned int
3350cifs_ra_pages(struct cifs_sb_info *cifs_sb)
3351{
3352 unsigned int reads;
3353 unsigned int rsize_pages = cifs_sb->rsize / PAGE_CACHE_SIZE;
3354
3355 if (rsize_pages >= default_backing_dev_info.ra_pages)
3356 return default_backing_dev_info.ra_pages;
3357 else if (rsize_pages == 0)
3358 return rsize_pages;
3359
3360 reads = default_backing_dev_info.ra_pages / rsize_pages;
3361 return reads * rsize_pages;
3362}
3363
724d9f1c 3364int
2c6292ae 3365cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
724d9f1c 3366{
1daaae8f 3367 int rc;
724d9f1c 3368 int xid;
96daf2b0
SF		 3369 struct cifs_ses *pSesInfo;
3370 struct cifs_tcon *tcon;
724d9f1c
PS		 3371 struct TCP_Server_Info *srvTcp;
3372 char *full_path;
3373 struct tcon_link *tlink;
3374#ifdef CONFIG_CIFS_DFS_UPCALL
3375 int referral_walks_count = 0;
20547490 3376#endif
dd854466
AV		 3377
3378 rc = bdi_setup_and_register(&cifs_sb->bdi, "cifs", BDI_CAP_MAP_COPY);
3379 if (rc)
3380 return rc;
3381
20547490 3382#ifdef CONFIG_CIFS_DFS_UPCALL
724d9f1c
PS		 3383try_mount_again:
3384 /* cleanup activities if we're chasing a referral */
3385 if (referral_walks_count) {
3386 if (tcon)
3387 cifs_put_tcon(tcon);
3388 else if (pSesInfo)
3389 cifs_put_smb_ses(pSesInfo);
3390
724d9f1c
PS		 3391 FreeXid(xid);
3392 }
3393#endif
1daaae8f 3394 rc = 0;
724d9f1c
PS		 3395 tcon = NULL;
3396 pSesInfo = NULL;
3397 srvTcp = NULL;
3398 full_path = NULL;
3399 tlink = NULL;
3400
3401 xid = GetXid();
1da177e4 3402
63c038c2 3403 /* get a reference to a tcp session */
7586b765 3404 srvTcp = cifs_get_tcp_session(volume_info);
63c038c2
JL		 3405 if (IS_ERR(srvTcp)) {
3406 rc = PTR_ERR(srvTcp);
dd854466 3407 bdi_destroy(&cifs_sb->bdi);
63c038c2 3408 goto out;
1da177e4
LT		 3409 }
3410
36988c76
JL		 3411 /* get a reference to a SMB session */
3412 pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
3413 if (IS_ERR(pSesInfo)) {
3414 rc = PTR_ERR(pSesInfo);
3415 pSesInfo = NULL;
3416 goto mount_fail_check;
1da177e4 3417 }
50c2f753 3418
d00c28de
JL		 3419 /* search for existing tcon to this server share */
3420 tcon = cifs_get_tcon(pSesInfo, volume_info);
3421 if (IS_ERR(tcon)) {
3422 rc = PTR_ERR(tcon);
3423 tcon = NULL;
1bfe73c2 3424 goto remote_path_check;
d00c28de 3425 }
1bfe73c2 3426
d82c2df5 3427 /* tell server which Unix caps we support */
6848b733 3428 if (tcon->ses->capabilities & CAP_UNIX) {
d82c2df5
SF		 3429 /* reset of caps checks mount to see if unix extensions
3430 disabled for just this mount */
2c6292ae 3431 reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
6848b733
SF		 3432 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3433 (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3434 CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3435 rc = -EACCES;
3436 goto mount_fail_check;
3437 }
3438 } else
d82c2df5 3439 tcon->unix_ext = 0; /* server does not support them */
c18c842b 3440
6848b733
SF		 3441 /* do not care if following two calls succeed - informational */
3442 if (!tcon->ipc) {
3443 CIFSSMBQFSDeviceInfo(xid, tcon);
3444 CIFSSMBQFSAttributeInfo(xid, tcon);
3445 }
3446
f7910cbd 3447 cifs_sb->wsize = cifs_negotiate_wsize(tcon, volume_info);
5eba8ab3 3448 cifs_sb->rsize = cifs_negotiate_rsize(tcon, volume_info);
f7910cbd 3449
66bfaadc
JL		 3450 /* tune readahead according to rsize */
3451 cifs_sb->bdi.ra_pages = cifs_ra_pages(cifs_sb);
f7910cbd 3452
1bfe73c2 3453remote_path_check:
c1508ca2
SF		 3454#ifdef CONFIG_CIFS_DFS_UPCALL
3455 /*
3456 * Perform an unconditional check for whether there are DFS
3457 * referrals for this path without prefix, to provide support
3458 * for DFS referrals from w2k8 servers which don't seem to respond
3459 * with PATH_NOT_COVERED to requests that include the prefix.
3460 * Chase the referral if found, otherwise continue normally.
3461 */
3462 if (referral_walks_count == 0) {
3463 int refrc = expand_dfs_referral(xid, pSesInfo, volume_info,
046462ab 3464 cifs_sb, false);
c1508ca2
SF		 3465 if (!refrc) {
3466 referral_walks_count++;
3467 goto try_mount_again;
3468 }
3469 }
3470#endif
3471
f87d39d9 3472 /* check if a whole path is not remote */
70945643 3473 if (!rc && tcon) {
e4cce94c 3474 /* build_path_to_root works only when we have a valid tcon */
f87d39d9 3475 full_path = cifs_build_path_to_root(volume_info, cifs_sb, tcon);
e4cce94c
IM		 3476 if (full_path == NULL) {
3477 rc = -ENOMEM;
3478 goto mount_fail_check;
3479 }
3480 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
03ceace5 3481 if (rc != 0 && rc != -EREMOTE) {
e4cce94c
IM		 3482 kfree(full_path);
3483 goto mount_fail_check;
3484 }
3485 kfree(full_path);
3486 }
3487
1bfe73c2
IM		 3488 /* get referral if needed */
3489 if (rc == -EREMOTE) {
d036f50f 3490#ifdef CONFIG_CIFS_DFS_UPCALL
5c2503a8
IM		 3491 if (referral_walks_count > MAX_NESTED_LINKS) {
3492 /*
3493 * BB: when we implement proper loop detection,
3494 * we will remove this check. But now we need it
3495 * to prevent an indefinite loop if 'DFS tree' is
3496 * misconfigured (i.e. has loops).
3497 */
3498 rc = -ELOOP;
3499 goto mount_fail_check;
3500 }
1bfe73c2 3501
dd613945 3502 rc = expand_dfs_referral(xid, pSesInfo, volume_info, cifs_sb,
046462ab 3503 true);
7b91e266 3504
dd613945 3505 if (!rc) {
5c2503a8 3506 referral_walks_count++;
1bfe73c2
IM		 3507 goto try_mount_again;
3508 }
dd613945 3509 goto mount_fail_check;
d036f50f
SF		 3510#else /* No DFS support, return error on mount */
3511 rc = -EOPNOTSUPP;
3512#endif
1bfe73c2
IM		 3513 }
3514
9d002df4
JL		 3515 if (rc)
3516 goto mount_fail_check;
3517
3518 /* now, hang the tcon off of the superblock */
3519 tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3520 if (tlink == NULL) {
3521 rc = -ENOMEM;
3522 goto mount_fail_check;
3523 }
3524
b647c35f 3525 tlink->tl_uid = pSesInfo->linux_uid;
9d002df4
JL		 3526 tlink->tl_tcon = tcon;
3527 tlink->tl_time = jiffies;
3528 set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
3529 set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3530
b647c35f 3531 cifs_sb->master_tlink = tlink;
9d002df4 3532 spin_lock(&cifs_sb->tlink_tree_lock);
b647c35f 3533 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
9d002df4 3534 spin_unlock(&cifs_sb->tlink_tree_lock);
413e661c 3535
2de970ff
JL		 3536 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3537 TLINK_IDLE_EXPIRE);
3538
1bfe73c2
IM		 3539mount_fail_check:
3540 /* on error free sesinfo and tcon struct if needed */
3541 if (rc) {
1bfe73c2 3542 /* If find_unc succeeded then rc == 0 so we can not end */
25985edc 3543 /* up accidentally freeing someone elses tcon struct */
1bfe73c2
IM		 3544 if (tcon)
3545 cifs_put_tcon(tcon);
3546 else if (pSesInfo)
3547 cifs_put_smb_ses(pSesInfo);
3548 else
3549 cifs_put_tcp_session(srvTcp);
dd854466 3550 bdi_destroy(&cifs_sb->bdi);
1bfe73c2
IM		 3551 }
3552
70fe7dc0 3553out:
1da177e4
LT		 3554 FreeXid(xid);
3555 return rc;
3556}
3557
8d1bca32
JL		 3558/*
3559 * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
3560 * pointer may be NULL.
3561 */
1da177e4 3562int
96daf2b0
SF		 3563CIFSTCon(unsigned int xid, struct cifs_ses *ses,
3564 const char *tree, struct cifs_tcon *tcon,
1da177e4
LT		 3565 const struct nls_table *nls_codepage)
3566{
3567 struct smb_hdr *smb_buffer;
3568 struct smb_hdr *smb_buffer_response;
3569 TCONX_REQ *pSMB;
3570 TCONX_RSP *pSMBr;
3571 unsigned char *bcc_ptr;
3572 int rc = 0;
690c522f
JL		 3573 int length;
3574 __u16 bytes_left, count;
1da177e4
LT		 3575
3576 if (ses == NULL)
3577 return -EIO;
3578
3579 smb_buffer = cifs_buf_get();
ca43e3be 3580 if (smb_buffer == NULL)
1da177e4 3581 return -ENOMEM;
ca43e3be 3582
1da177e4
LT		 3583 smb_buffer_response = smb_buffer;
3584
3585 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3586 NULL /*no tid */ , 4 /*wct */ );
1982c344
SF		 3587
3588 smb_buffer->Mid = GetNextMid(ses->server);
1da177e4
LT		 3589 smb_buffer->Uid = ses->Suid;
3590 pSMB = (TCONX_REQ *) smb_buffer;
3591 pSMBr = (TCONX_RSP *) smb_buffer_response;
3592
3593 pSMB->AndXCommand = 0xFF;
3594 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
1da177e4 3595 bcc_ptr = &pSMB->Password[0];
8d1bca32 3596 if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
eeac8047 3597 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
7c7b25bc 3598 *bcc_ptr = 0; /* password is null byte */
eeac8047 3599 bcc_ptr++; /* skip password */
7c7b25bc 3600 /* already aligned so no need to do it below */
eeac8047 3601 } else {
540b2e37 3602 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
eeac8047
SF		 3603 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3604 specified as required (when that support is added to
3605 the vfs in the future) as only NTLM or the much
7c7b25bc 3606 weaker LANMAN (which we do not send by default) is accepted
eeac8047
SF		 3607 by Samba (not sure whether other servers allow
3608 NTLMv2 password here) */
7c7b25bc 3609#ifdef CONFIG_CIFS_WEAK_PW_HASH
04912d6a 3610 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
00e485b0 3611 (ses->server->secType == LANMAN))
d3ba50b1 3612 calc_lanman_hash(tcon->password, ses->server->cryptkey,
96daf2b0 3613 ses->server->sec_mode &
4e53a3fb
JL		 3614 SECMODE_PW_ENCRYPT ? true : false,
3615 bcc_ptr);
7c7b25bc
SF		 3616 else
3617#endif /* CIFS_WEAK_PW_HASH */
ee2c9258 3618 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
9ef5992e 3619 bcc_ptr, nls_codepage);
eeac8047 3620
540b2e37 3621 bcc_ptr += CIFS_AUTH_RESP_SIZE;
fb8c4b14 3622 if (ses->capabilities & CAP_UNICODE) {
7c7b25bc
SF		 3623 /* must align unicode strings */
3624 *bcc_ptr = 0; /* null byte password */
3625 bcc_ptr++;
3626 }
eeac8047 3627 }
1da177e4 3628
96daf2b0 3629 if (ses->server->sec_mode &
a878fb22 3630 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
1da177e4
LT		 3631 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3632
3633 if (ses->capabilities & CAP_STATUS32) {
3634 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3635 }
3636 if (ses->capabilities & CAP_DFS) {
3637 smb_buffer->Flags2 |= SMBFLG2_DFS;
3638 }
3639 if (ses->capabilities & CAP_UNICODE) {
3640 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3641 length =
acbbb76a 3642 cifs_strtoUTF16((__le16 *) bcc_ptr, tree,
50c2f753 3643 6 /* max utf8 char length in bytes */ *
a878fb22
SF		 3644 (/* server len*/ + 256 /* share len */), nls_codepage);
3645 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
1da177e4
LT		 3646 bcc_ptr += 2; /* skip trailing null */
3647 } else { /* ASCII */
1da177e4
LT		 3648 strcpy(bcc_ptr, tree);
3649 bcc_ptr += strlen(tree) + 1;
3650 }
3651 strcpy(bcc_ptr, "?????");
3652 bcc_ptr += strlen("?????");
3653 bcc_ptr += 1;
3654 count = bcc_ptr - &pSMB->Password[0];
be8e3b00
SF		 3655 pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
3656 pSMB->hdr.smb_buf_length) + count);
1da177e4
LT		 3657 pSMB->ByteCount = cpu_to_le16(count);
3658
133672ef 3659 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
7749981e 3660 0);
1da177e4 3661
1da177e4
LT		 3662 /* above now done in SendReceive */
3663 if ((rc == 0) && (tcon != NULL)) {
0e0d2cf3
SF		 3664 bool is_unicode;
3665
1da177e4 3666 tcon->tidStatus = CifsGood;
3b795210 3667 tcon->need_reconnect = false;
1da177e4
LT		 3668 tcon->tid = smb_buffer_response->Tid;
3669 bcc_ptr = pByteArea(smb_buffer_response);
690c522f 3670 bytes_left = get_bcc(smb_buffer_response);
cc20c031 3671 length = strnlen(bcc_ptr, bytes_left - 2);
0e0d2cf3
SF		 3672 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3673 is_unicode = true;
3674 else
3675 is_unicode = false;
3676
cc20c031 3677
50c2f753 3678 /* skip service field (NB: this field is always ASCII) */
7f8ed420
SF		 3679 if (length == 3) {
3680 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
3681 (bcc_ptr[2] == 'C')) {
b6b38f70 3682 cFYI(1, "IPC connection");
7f8ed420
SF		 3683 tcon->ipc = 1;
3684 }
3685 } else if (length == 2) {
3686 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
3687 /* the most common case */
b6b38f70 3688 cFYI(1, "disk share connection");
7f8ed420
SF		 3689 }
3690 }
50c2f753 3691 bcc_ptr += length + 1;
cc20c031 3692 bytes_left -= (length + 1);
1da177e4 3693 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
cc20c031
JL		 3694
3695 /* mostly informational -- no need to fail on error here */
90a98b2f 3696 kfree(tcon->nativeFileSystem);
acbbb76a 3697 tcon->nativeFileSystem = cifs_strndup_from_utf16(bcc_ptr,
0e0d2cf3 3698 bytes_left, is_unicode,
cc20c031
JL		 3699 nls_codepage);
3700
b6b38f70 3701 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
cc20c031 3702
fb8c4b14 3703 if ((smb_buffer_response->WordCount == 3) ||
1a4e15a0
SF		 3704 (smb_buffer_response->WordCount == 7))
3705 /* field is in same location */
3979877e
SF		 3706 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3707 else
3708 tcon->Flags = 0;
b6b38f70 3709 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
1da177e4 3710 } else if ((rc == 0) && tcon == NULL) {
50c2f753 3711 /* all we need to save for IPC$ connection */
1da177e4
LT		 3712 ses->ipc_tid = smb_buffer_response->Tid;
3713 }
3714
a8a11d39 3715 cifs_buf_release(smb_buffer);
1da177e4
LT		 3716 return rc;
3717}
3718
2a9b9951
AV		 3719void
3720cifs_umount(struct cifs_sb_info *cifs_sb)
1da177e4 3721{
b647c35f
JL		 3722 struct rb_root *root = &cifs_sb->tlink_tree;
3723 struct rb_node *node;
3724 struct tcon_link *tlink;
9d002df4 3725
2de970ff
JL		 3726 cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
3727
b647c35f
JL		 3728 spin_lock(&cifs_sb->tlink_tree_lock);
3729 while ((node = rb_first(root))) {
3730 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3731 cifs_get_tlink(tlink);
3732 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3733 rb_erase(node, root);
1da177e4 3734
b647c35f
JL		 3735 spin_unlock(&cifs_sb->tlink_tree_lock);
3736 cifs_put_tlink(tlink);
3737 spin_lock(&cifs_sb->tlink_tree_lock);
3738 }
3739 spin_unlock(&cifs_sb->tlink_tree_lock);
50c2f753 3740
dd854466 3741 bdi_destroy(&cifs_sb->bdi);
d757d71b
AV		 3742 kfree(cifs_sb->mountdata);
3743 unload_nls(cifs_sb->local_nls);
3744 kfree(cifs_sb);
50c2f753 3745}
1da177e4 3746
96daf2b0 3747int cifs_negotiate_protocol(unsigned int xid, struct cifs_ses *ses)
1da177e4
LT		 3748{
3749 int rc = 0;
198b5682 3750 struct TCP_Server_Info *server = ses->server;
1da177e4 3751
198b5682
JL		 3752 /* only send once per connect */
3753 if (server->maxBuf != 0)
3754 return 0;
3755
2d86dbc9 3756 cifs_set_credits(server, 1);
198b5682
JL		 3757 rc = CIFSSMBNegotiate(xid, ses);
3758 if (rc == -EAGAIN) {
3759 /* retry only once on 1st time connection */
2d86dbc9 3760 cifs_set_credits(server, 1);
198b5682
JL		 3761 rc = CIFSSMBNegotiate(xid, ses);
3762 if (rc == -EAGAIN)
3763 rc = -EHOSTDOWN;
1da177e4 3764 }
198b5682
JL		 3765 if (rc == 0) {
3766 spin_lock(&GlobalMid_Lock);
7fdbaa1b 3767 if (server->tcpStatus == CifsNeedNegotiate)
198b5682
JL		 3768 server->tcpStatus = CifsGood;
3769 else
3770 rc = -EHOSTDOWN;
3771 spin_unlock(&GlobalMid_Lock);
26b994fa 3772
198b5682
JL		 3773 }
3774
3775 return rc;
3776}
3777
3778
96daf2b0 3779int cifs_setup_session(unsigned int xid, struct cifs_ses *ses,
198b5682
JL		 3780 struct nls_table *nls_info)
3781{
3782 int rc = 0;
3783 struct TCP_Server_Info *server = ses->server;
26b994fa 3784
198b5682
JL		 3785 ses->flags = 0;
3786 ses->capabilities = server->capabilities;
26b994fa 3787 if (linuxExtEnabled == 0)
198b5682 3788 ses->capabilities &= (~CAP_UNIX);
20418acd 3789
b6b38f70 3790 cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
96daf2b0 3791 server->sec_mode, server->capabilities, server->timeAdj);
cb7691b6 3792
198b5682 3793 rc = CIFS_SessSetup(xid, ses, nls_info);
26b994fa 3794 if (rc) {
b6b38f70 3795 cERROR(1, "Send error in SessSetup = %d", rc);
26b994fa 3796 } else {
5d0d2882
SP		 3797 mutex_lock(&ses->server->srv_mutex);
3798 if (!server->session_estab) {
21e73393 3799 server->session_key.response = ses->auth_key.response;
5d0d2882 3800 server->session_key.len = ses->auth_key.len;
21e73393
SP		 3801 server->sequence_number = 0x2;
3802 server->session_estab = true;
3803 ses->auth_key.response = NULL;
5d0d2882
SP		 3804 }
3805 mutex_unlock(&server->srv_mutex);
3806
b6b38f70 3807 cFYI(1, "CIFS Session Established successfully");
20418acd 3808 spin_lock(&GlobalMid_Lock);
198b5682
JL		 3809 ses->status = CifsGood;
3810 ses->need_reconnect = false;
20418acd 3811 spin_unlock(&GlobalMid_Lock);
1da177e4 3812 }
26b994fa 3813
21e73393
SP		 3814 kfree(ses->auth_key.response);
3815 ses->auth_key.response = NULL;
3816 ses->auth_key.len = 0;
d3686d54
SP		 3817 kfree(ses->ntlmssp);
3818 ses->ntlmssp = NULL;
21e73393 3819
1da177e4
LT		 3820 return rc;
3821}
3822
8a8798a5
JL		 3823static int
3824cifs_set_vol_auth(struct smb_vol *vol, struct cifs_ses *ses)
3825{
3826 switch (ses->server->secType) {
3827 case Kerberos:
3828 vol->secFlg = CIFSSEC_MUST_KRB5;
3829 return 0;
3830 case NTLMv2:
3831 vol->secFlg = CIFSSEC_MUST_NTLMV2;
3832 break;
3833 case NTLM:
3834 vol->secFlg = CIFSSEC_MUST_NTLM;
3835 break;
3836 case RawNTLMSSP:
3837 vol->secFlg = CIFSSEC_MUST_NTLMSSP;
3838 break;
3839 case LANMAN:
3840 vol->secFlg = CIFSSEC_MUST_LANMAN;
3841 break;
3842 }
3843
3844 return cifs_set_cifscreds(vol, ses);
3845}
3846
96daf2b0 3847static struct cifs_tcon *
9d002df4
JL		 3848cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
3849{
8a8798a5 3850 int rc;
96daf2b0
SF		 3851 struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
3852 struct cifs_ses *ses;
3853 struct cifs_tcon *tcon = NULL;
9d002df4 3854 struct smb_vol *vol_info;
9d002df4
JL		 3855
3856 vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
803ab977
DC		 3857 if (vol_info == NULL)
3858 return ERR_PTR(-ENOMEM);
9d002df4 3859
9d002df4
JL		 3860 vol_info->local_nls = cifs_sb->local_nls;
3861 vol_info->linux_uid = fsuid;
3862 vol_info->cred_uid = fsuid;
3863 vol_info->UNC = master_tcon->treeName;
3864 vol_info->retry = master_tcon->retry;
3865 vol_info->nocase = master_tcon->nocase;
3866 vol_info->local_lease = master_tcon->local_lease;
3867 vol_info->no_linux_ext = !master_tcon->unix_ext;
3868
8a8798a5
JL		 3869 rc = cifs_set_vol_auth(vol_info, master_tcon->ses);
3870 if (rc) {
3871 tcon = ERR_PTR(rc);
3872 goto out;
3873 }
9d002df4
JL		 3874
3875 /* get a reference for the same TCP session */
3f9bcca7 3876 spin_lock(&cifs_tcp_ses_lock);
9d002df4 3877 ++master_tcon->ses->server->srv_count;
3f9bcca7 3878 spin_unlock(&cifs_tcp_ses_lock);
9d002df4
JL		 3879
3880 ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
3881 if (IS_ERR(ses)) {
96daf2b0 3882 tcon = (struct cifs_tcon *)ses;
9d002df4
JL		 3883 cifs_put_tcp_session(master_tcon->ses->server);
3884 goto out;
3885 }
3886
3887 tcon = cifs_get_tcon(ses, vol_info);
3888 if (IS_ERR(tcon)) {
3889 cifs_put_smb_ses(ses);
3890 goto out;
3891 }
3892
3893 if (ses->capabilities & CAP_UNIX)
3894 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
3895out:
8a8798a5
JL		 3896 kfree(vol_info->username);
3897 kfree(vol_info->password);
9d002df4
JL		 3898 kfree(vol_info);
3899
3900 return tcon;
3901}
3902
96daf2b0 3903struct cifs_tcon *
9d002df4
JL		 3904cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
3905{
3906 return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
3907}
3908
3909static int
3910cifs_sb_tcon_pending_wait(void *unused)
3911{
3912 schedule();
3913 return signal_pending(current) ? -ERESTARTSYS : 0;
3914}
3915
b647c35f
JL		 3916/* find and return a tlink with given uid */
3917static struct tcon_link *
3918tlink_rb_search(struct rb_root *root, uid_t uid)
3919{
3920 struct rb_node *node = root->rb_node;
3921 struct tcon_link *tlink;
3922
3923 while (node) {
3924 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3925
3926 if (tlink->tl_uid > uid)
3927 node = node->rb_left;
3928 else if (tlink->tl_uid < uid)
3929 node = node->rb_right;
3930 else
3931 return tlink;
3932 }
3933 return NULL;
3934}
3935
3936/* insert a tcon_link into the tree */
3937static void
3938tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
3939{
3940 struct rb_node **new = &(root->rb_node), *parent = NULL;
3941 struct tcon_link *tlink;
3942
3943 while (*new) {
3944 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
3945 parent = *new;
3946
3947 if (tlink->tl_uid > new_tlink->tl_uid)
3948 new = &((*new)->rb_left);
3949 else
3950 new = &((*new)->rb_right);
3951 }
3952
3953 rb_link_node(&new_tlink->tl_rbnode, parent, new);
3954 rb_insert_color(&new_tlink->tl_rbnode, root);
3955}
3956
9d002df4
JL		 3957/*
3958 * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
3959 * current task.
3960 *
3961 * If the superblock doesn't refer to a multiuser mount, then just return
3962 * the master tcon for the mount.
3963 *
6ef933a3 3964 * First, search the rbtree for an existing tcon for this fsuid. If one
9d002df4
JL		 3965 * exists, then check to see if it's pending construction. If it is then wait
3966 * for construction to complete. Once it's no longer pending, check to see if
3967 * it failed and either return an error or retry construction, depending on
3968 * the timeout.
3969 *
3970 * If one doesn't exist then insert a new tcon_link struct into the tree and
3971 * try to construct a new one.
3972 */
3973struct tcon_link *
3974cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
3975{
3976 int ret;
b647c35f 3977 uid_t fsuid = current_fsuid();
9d002df4
JL		 3978 struct tcon_link *tlink, *newtlink;
3979
3980 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
3981 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
3982
3983 spin_lock(&cifs_sb->tlink_tree_lock);
b647c35f 3984 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
9d002df4
JL		 3985 if (tlink)
3986 cifs_get_tlink(tlink);
3987 spin_unlock(&cifs_sb->tlink_tree_lock);
3988
3989 if (tlink == NULL) {
3990 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
3991 if (newtlink == NULL)
3992 return ERR_PTR(-ENOMEM);
b647c35f 3993 newtlink->tl_uid = fsuid;
9d002df4
JL		 3994 newtlink->tl_tcon = ERR_PTR(-EACCES);
3995 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
3996 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
3997 cifs_get_tlink(newtlink);
3998
9d002df4
JL		 3999 spin_lock(&cifs_sb->tlink_tree_lock);
4000 /* was one inserted after previous search? */
b647c35f 4001 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
9d002df4
JL		 4002 if (tlink) {
4003 cifs_get_tlink(tlink);
4004 spin_unlock(&cifs_sb->tlink_tree_lock);
9d002df4
JL		 4005 kfree(newtlink);
4006 goto wait_for_construction;
4007 }
9d002df4 4008 tlink = newtlink;
b647c35f
JL		 4009 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
4010 spin_unlock(&cifs_sb->tlink_tree_lock);
9d002df4
JL		 4011 } else {
4012wait_for_construction:
4013 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
4014 cifs_sb_tcon_pending_wait,
4015 TASK_INTERRUPTIBLE);
4016 if (ret) {
4017 cifs_put_tlink(tlink);
4018 return ERR_PTR(ret);
4019 }
4020
4021 /* if it's good, return it */
4022 if (!IS_ERR(tlink->tl_tcon))
4023 return tlink;
4024
4025 /* return error if we tried this already recently */
4026 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
4027 cifs_put_tlink(tlink);
4028 return ERR_PTR(-EACCES);
4029 }
4030
4031 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
4032 goto wait_for_construction;
4033 }
4034
4035 tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
4036 clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
4037 wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
4038
4039 if (IS_ERR(tlink->tl_tcon)) {
4040 cifs_put_tlink(tlink);
4041 return ERR_PTR(-EACCES);
4042 }
4043
4044 return tlink;
4045}
2de970ff
JL		 4046
4047/*
4048 * periodic workqueue job that scans tcon_tree for a superblock and closes
4049 * out tcons.
4050 */
4051static void
4052cifs_prune_tlinks(struct work_struct *work)
4053{
4054 struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
4055 prune_tlinks.work);
b647c35f
JL		 4056 struct rb_root *root = &cifs_sb->tlink_tree;
4057 struct rb_node *node = rb_first(root);
4058 struct rb_node *tmp;
4059 struct tcon_link *tlink;
2de970ff 4060
b647c35f
JL		 4061 /*
4062 * Because we drop the spinlock in the loop in order to put the tlink
4063 * it's not guarded against removal of links from the tree. The only
4064 * places that remove entries from the tree are this function and
4065 * umounts. Because this function is non-reentrant and is canceled
4066 * before umount can proceed, this is safe.
4067 */
4068 spin_lock(&cifs_sb->tlink_tree_lock);
4069 node = rb_first(root);
4070 while (node != NULL) {
4071 tmp = node;
4072 node = rb_next(tmp);
4073 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
4074
4075 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
4076 atomic_read(&tlink->tl_count) != 0 ||
4077 time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
4078 continue;
2de970ff 4079
b647c35f
JL		 4080 cifs_get_tlink(tlink);
4081 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
4082 rb_erase(tmp, root);
4083
4084 spin_unlock(&cifs_sb->tlink_tree_lock);
4085 cifs_put_tlink(tlink);
4086 spin_lock(&cifs_sb->tlink_tree_lock);
4087 }
4088 spin_unlock(&cifs_sb->tlink_tree_lock);
2de970ff
JL		 4089
4090 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
4091 TLINK_IDLE_EXPIRE);
4092}
ubuntu-bionic-kernel mirror