]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/blame - fs/cifs/connect.c
projects / mirror_ubuntu-zesty-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[CIFS] ACL and FSCACHE support no longer EXPERIMENTAL
[mirror_ubuntu-zesty-kernel.git] / fs / cifs / connect.c
CommitLineData
1da177e4
LT		 1/*
2 * fs/cifs/connect.c
3 *
d185cda7 4 * Copyright (C) International Business Machines Corp., 2002,2009
1da177e4
LT		 5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
fb8c4b14 19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
1da177e4
LT		 20 */
21#include <linux/fs.h>
22#include <linux/net.h>
23#include <linux/string.h>
24#include <linux/list.h>
25#include <linux/wait.h>
5a0e3ad6 26#include <linux/slab.h>
1da177e4
LT		 27#include <linux/pagemap.h>
28#include <linux/ctype.h>
29#include <linux/utsname.h>
30#include <linux/mempool.h>
b8643e1b 31#include <linux/delay.h>
f191401f 32#include <linux/completion.h>
aaf737ad 33#include <linux/kthread.h>
0ae0efad 34#include <linux/pagevec.h>
7dfb7103 35#include <linux/freezer.h>
5c2503a8 36#include <linux/namei.h>
1da177e4
LT		 37#include <asm/uaccess.h>
38#include <asm/processor.h>
50b64e3b 39#include <linux/inet.h>
143cb494 40#include <linux/module.h>
8a8798a5 41#include <keys/user-type.h>
0e2bedaa 42#include <net/ipv6.h>
1da177e4
LT		 43#include "cifspdu.h"
44#include "cifsglob.h"
45#include "cifsproto.h"
46#include "cifs_unicode.h"
47#include "cifs_debug.h"
48#include "cifs_fs_sb.h"
49#include "ntlmssp.h"
50#include "nterr.h"
51#include "rfc1002pdu.h"
488f1d2d 52#include "fscache.h"
1da177e4
LT		 53
54#define CIFS_PORT 445
55#define RFC1001_PORT 139
56
c74093b6
JL		 57/* SMB echo "timeout" -- FIXME: tunable? */
58#define SMB_ECHO_INTERVAL (60 * HZ)
59
1da177e4
LT		 60extern mempool_t *cifs_req_poolp;
61
2de970ff 62/* FIXME: should these be tunable? */
9d002df4 63#define TLINK_ERROR_EXPIRE (1 * HZ)
2de970ff 64#define TLINK_IDLE_EXPIRE (600 * HZ)
9d002df4 65
a9f1b85e
PS		 66static int ip_connect(struct TCP_Server_Info *server);
67static int generic_ip_connect(struct TCP_Server_Info *server);
b647c35f 68static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
2de970ff 69static void cifs_prune_tlinks(struct work_struct *work);
b9bce2e9
JL		 70static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
71 const char *devname);
1da177e4 72
d5c5605c
JL		 73/*
74 * cifs tcp session reconnection
75 *
76 * mark tcp session as reconnecting so temporarily locked
77 * mark all smb sessions as reconnecting for tcp session
78 * reconnect tcp session
79 * wake up waiters on reconnection? - (not needed currently)
80 */
2cd646a2 81static int
1da177e4
LT		 82cifs_reconnect(struct TCP_Server_Info *server)
83{
84 int rc = 0;
f1987b44 85 struct list_head *tmp, *tmp2;
96daf2b0
SF		 86 struct cifs_ses *ses;
87 struct cifs_tcon *tcon;
fb8c4b14 88 struct mid_q_entry *mid_entry;
3c1105df 89 struct list_head retry_list;
50c2f753 90
1da177e4 91 spin_lock(&GlobalMid_Lock);
469ee614 92 if (server->tcpStatus == CifsExiting) {
fb8c4b14 93 /* the demux thread will exit normally
1da177e4
LT		 94 next time through the loop */
95 spin_unlock(&GlobalMid_Lock);
96 return rc;
97 } else
98 server->tcpStatus = CifsNeedReconnect;
99 spin_unlock(&GlobalMid_Lock);
100 server->maxBuf = 0;
101
b6b38f70 102 cFYI(1, "Reconnecting tcp session");
1da177e4
LT		 103
104 /* before reconnecting the tcp session, mark the smb session (uid)
105 and the tid bad so they are not used until reconnected */
2b84a36c 106 cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
3f9bcca7 107 spin_lock(&cifs_tcp_ses_lock);
14fbf50d 108 list_for_each(tmp, &server->smb_ses_list) {
96daf2b0 109 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
14fbf50d
JL		 110 ses->need_reconnect = true;
111 ses->ipc_tid = 0;
f1987b44 112 list_for_each(tmp2, &ses->tcon_list) {
96daf2b0 113 tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
3b795210 114 tcon->need_reconnect = true;
1da177e4 115 }
1da177e4 116 }
3f9bcca7 117 spin_unlock(&cifs_tcp_ses_lock);
2b84a36c 118
1da177e4 119 /* do not want to be sending data on a socket we are freeing */
2b84a36c 120 cFYI(1, "%s: tearing down socket", __func__);
72ca545b 121 mutex_lock(&server->srv_mutex);
fb8c4b14 122 if (server->ssocket) {
b6b38f70
JP		 123 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
124 server->ssocket->flags);
91cf45f0 125 kernel_sock_shutdown(server->ssocket, SHUT_WR);
b6b38f70 126 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
467a8f8d 127 server->ssocket->state,
b6b38f70 128 server->ssocket->flags);
1da177e4
LT		 129 sock_release(server->ssocket);
130 server->ssocket = NULL;
131 }
5d0d2882
SP		 132 server->sequence_number = 0;
133 server->session_estab = false;
21e73393
SP		 134 kfree(server->session_key.response);
135 server->session_key.response = NULL;
136 server->session_key.len = 0;
fda35943 137 server->lstrp = jiffies;
2b84a36c 138 mutex_unlock(&server->srv_mutex);
1da177e4 139
2b84a36c 140 /* mark submitted MIDs for retry and issue callback */
3c1105df
JL		 141 INIT_LIST_HEAD(&retry_list);
142 cFYI(1, "%s: moving mids to private list", __func__);
1da177e4 143 spin_lock(&GlobalMid_Lock);
2b84a36c
JL		 144 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
145 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
146 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
ad8b15f0 147 mid_entry->midState = MID_RETRY_NEEDED;
3c1105df
JL		 148 list_move(&mid_entry->qhead, &retry_list);
149 }
150 spin_unlock(&GlobalMid_Lock);
151
152 cFYI(1, "%s: issuing mid callbacks", __func__);
153 list_for_each_safe(tmp, tmp2, &retry_list) {
154 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
2b84a36c
JL		 155 list_del_init(&mid_entry->qhead);
156 mid_entry->callback(mid_entry);
1da177e4 157 }
1da177e4 158
7fdbaa1b 159 do {
6c3d8909 160 try_to_freeze();
a9f1b85e
PS		 161
162 /* we should try only the port we connected to before */
163 rc = generic_ip_connect(server);
fb8c4b14 164 if (rc) {
b6b38f70 165 cFYI(1, "reconnect error %d", rc);
0cb766ae 166 msleep(3000);
1da177e4
LT		 167 } else {
168 atomic_inc(&tcpSesReconnectCount);
169 spin_lock(&GlobalMid_Lock);
469ee614 170 if (server->tcpStatus != CifsExiting)
fd88ce93 171 server->tcpStatus = CifsNeedNegotiate;
fb8c4b14 172 spin_unlock(&GlobalMid_Lock);
1da177e4 173 }
7fdbaa1b 174 } while (server->tcpStatus == CifsNeedReconnect);
2b84a36c 175
1da177e4
LT		 176 return rc;
177}
178
fb8c4b14 179/*
e4eb295d
SF		 180 return codes:
181 0 not a transact2, or all data present
182 >0 transact2 with that much data missing
183 -EINVAL = invalid transact2
184
185 */
c974befa 186static int check2ndT2(struct smb_hdr *pSMB)
e4eb295d 187{
fb8c4b14 188 struct smb_t2_rsp *pSMBt;
e4eb295d 189 int remaining;
26ec2548 190 __u16 total_data_size, data_in_this_rsp;
e4eb295d 191
fb8c4b14 192 if (pSMB->Command != SMB_COM_TRANSACTION2)
e4eb295d
SF		 193 return 0;
194
fb8c4b14
SF		 195 /* check for plausible wct, bcc and t2 data and parm sizes */
196 /* check for parm and data offset going beyond end of smb */
197 if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
b6b38f70 198 cFYI(1, "invalid transact2 word count");
e4eb295d
SF		 199 return -EINVAL;
200 }
201
202 pSMBt = (struct smb_t2_rsp *)pSMB;
203
26ec2548
JL		 204 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
205 data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
e4eb295d 206
c0c7b905 207 if (total_data_size == data_in_this_rsp)
e4eb295d 208 return 0;
c0c7b905 209 else if (total_data_size < data_in_this_rsp) {
b6b38f70
JP		 210 cFYI(1, "total data %d smaller than data in frame %d",
211 total_data_size, data_in_this_rsp);
e4eb295d 212 return -EINVAL;
e4eb295d 213 }
c0c7b905
JL		 214
215 remaining = total_data_size - data_in_this_rsp;
216
217 cFYI(1, "missing %d bytes from transact2, check next response",
218 remaining);
c974befa 219 if (total_data_size > CIFSMaxBufSize) {
c0c7b905 220 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
c974befa 221 total_data_size, CIFSMaxBufSize);
c0c7b905
JL		 222 return -EINVAL;
223 }
224 return remaining;
e4eb295d
SF		 225}
226
fb8c4b14 227static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
e4eb295d 228{
f5fffcee 229 struct smb_t2_rsp *pSMBs = (struct smb_t2_rsp *)psecond;
e4eb295d 230 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
f5fffcee
JL		 231 char *data_area_of_tgt;
232 char *data_area_of_src;
26ec2548 233 int remaining;
f5fffcee
JL		 234 unsigned int byte_count, total_in_tgt;
235 __u16 tgt_total_cnt, src_total_cnt, total_in_src;
e4eb295d 236
f5fffcee
JL		 237 src_total_cnt = get_unaligned_le16(&pSMBs->t2_rsp.TotalDataCount);
238 tgt_total_cnt = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
e4eb295d 239
f5fffcee
JL		 240 if (tgt_total_cnt != src_total_cnt)
241 cFYI(1, "total data count of primary and secondary t2 differ "
242 "source=%hu target=%hu", src_total_cnt, tgt_total_cnt);
e4eb295d 243
f5fffcee 244 total_in_tgt = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
e4eb295d 245
f5fffcee 246 remaining = tgt_total_cnt - total_in_tgt;
50c2f753 247
f5fffcee
JL		 248 if (remaining < 0) {
249 cFYI(1, "Server sent too much data. tgt_total_cnt=%hu "
250 "total_in_tgt=%hu", tgt_total_cnt, total_in_tgt);
2a2047bc 251 return -EPROTO;
f5fffcee 252 }
e4eb295d 253
f5fffcee
JL		 254 if (remaining == 0) {
255 /* nothing to do, ignore */
256 cFYI(1, "no more data remains");
e4eb295d 257 return 0;
f5fffcee 258 }
50c2f753 259
f5fffcee
JL		 260 total_in_src = get_unaligned_le16(&pSMBs->t2_rsp.DataCount);
261 if (remaining < total_in_src)
b6b38f70 262 cFYI(1, "transact2 2nd response contains too much data");
e4eb295d
SF		 263
264 /* find end of first SMB data area */
f5fffcee 265 data_area_of_tgt = (char *)&pSMBt->hdr.Protocol +
26ec2548 266 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
e4eb295d 267
f5fffcee
JL		 268 /* validate target area */
269 data_area_of_src = (char *)&pSMBs->hdr.Protocol +
270 get_unaligned_le16(&pSMBs->t2_rsp.DataOffset);
e4eb295d 271
f5fffcee 272 data_area_of_tgt += total_in_tgt;
e4eb295d 273
f5fffcee 274 total_in_tgt += total_in_src;
2a2047bc 275 /* is the result too big for the field? */
f5fffcee
JL		 276 if (total_in_tgt > USHRT_MAX) {
277 cFYI(1, "coalesced DataCount too large (%u)", total_in_tgt);
2a2047bc 278 return -EPROTO;
f5fffcee
JL		 279 }
280 put_unaligned_le16(total_in_tgt, &pSMBt->t2_rsp.DataCount);
2a2047bc
JL		 281
282 /* fix up the BCC */
820a803f 283 byte_count = get_bcc(pTargetSMB);
f5fffcee 284 byte_count += total_in_src;
2a2047bc 285 /* is the result too big for the field? */
f5fffcee
JL		 286 if (byte_count > USHRT_MAX) {
287 cFYI(1, "coalesced BCC too large (%u)", byte_count);
2a2047bc 288 return -EPROTO;
f5fffcee 289 }
820a803f 290 put_bcc(byte_count, pTargetSMB);
e4eb295d 291
be8e3b00 292 byte_count = be32_to_cpu(pTargetSMB->smb_buf_length);
f5fffcee 293 byte_count += total_in_src;
2a2047bc 294 /* don't allow buffer to overflow */
f5fffcee
JL		 295 if (byte_count > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
296 cFYI(1, "coalesced BCC exceeds buffer size (%u)", byte_count);
2a2047bc 297 return -ENOBUFS;
f5fffcee 298 }
be8e3b00 299 pTargetSMB->smb_buf_length = cpu_to_be32(byte_count);
e4eb295d 300
f5fffcee
JL		 301 /* copy second buffer into end of first buffer */
302 memcpy(data_area_of_tgt, data_area_of_src, total_in_src);
2a2047bc 303
f5fffcee
JL		 304 if (remaining != total_in_src) {
305 /* more responses to go */
306 cFYI(1, "waiting for more secondary responses");
e4eb295d 307 return 1;
f5fffcee
JL		 308 }
309
310 /* we are done */
311 cFYI(1, "found the last secondary response");
312 return 0;
e4eb295d
SF		 313}
314
c74093b6
JL		 315static void
316cifs_echo_request(struct work_struct *work)
317{
318 int rc;
319 struct TCP_Server_Info *server = container_of(work,
320 struct TCP_Server_Info, echo.work);
321
247ec9b4 322 /*
195291e6
JL		 323 * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
324 * done, which is indicated by maxBuf != 0. Also, no need to ping if
325 * we got a response recently
247ec9b4 326 */
195291e6 327 if (server->maxBuf == 0 ||
247ec9b4 328 time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
c74093b6
JL		 329 goto requeue_echo;
330
331 rc = CIFSSMBEcho(server);
332 if (rc)
333 cFYI(1, "Unable to send echo request to server: %s",
334 server->hostname);
335
336requeue_echo:
337 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
338}
339
3d9c2472 340static bool
2a37ef94 341allocate_buffers(struct TCP_Server_Info *server)
3d9c2472 342{
2a37ef94
JL		 343 if (!server->bigbuf) {
344 server->bigbuf = (char *)cifs_buf_get();
345 if (!server->bigbuf) {
3d9c2472
PS		 346 cERROR(1, "No memory for large SMB response");
347 msleep(3000);
348 /* retry will check if exiting */
349 return false;
350 }
2a37ef94 351 } else if (server->large_buf) {
3d9c2472 352 /* we are reusing a dirty large buf, clear its start */
2a37ef94 353 memset(server->bigbuf, 0, sizeof(struct smb_hdr));
3d9c2472
PS		 354 }
355
2a37ef94
JL		 356 if (!server->smallbuf) {
357 server->smallbuf = (char *)cifs_small_buf_get();
358 if (!server->smallbuf) {
3d9c2472
PS		 359 cERROR(1, "No memory for SMB response");
360 msleep(1000);
361 /* retry will check if exiting */
362 return false;
363 }
364 /* beginning of smb buffer is cleared in our buf_get */
365 } else {
366 /* if existing small buf clear beginning */
2a37ef94 367 memset(server->smallbuf, 0, sizeof(struct smb_hdr));
3d9c2472
PS		 368 }
369
3d9c2472
PS		 370 return true;
371}
372
ba749e6d
JL		 373static bool
374server_unresponsive(struct TCP_Server_Info *server)
375{
376 if (echo_retries > 0 && server->tcpStatus == CifsGood &&
377 time_after(jiffies, server->lstrp +
378 (echo_retries * SMB_ECHO_INTERVAL))) {
379 cERROR(1, "Server %s has not responded in %d seconds. "
380 "Reconnecting...", server->hostname,
381 (echo_retries * SMB_ECHO_INTERVAL / HZ));
382 cifs_reconnect(server);
383 wake_up(&server->response_q);
384 return true;
385 }
386
387 return false;
388}
389
42c4dfc2
JL		 390/*
391 * kvec_array_init - clone a kvec array, and advance into it
392 * @new: pointer to memory for cloned array
393 * @iov: pointer to original array
394 * @nr_segs: number of members in original array
395 * @bytes: number of bytes to advance into the cloned array
396 *
397 * This function will copy the array provided in iov to a section of memory
398 * and advance the specified number of bytes into the new array. It returns
399 * the number of segments in the new array. "new" must be at least as big as
400 * the original iov array.
401 */
402static unsigned int
403kvec_array_init(struct kvec *new, struct kvec *iov, unsigned int nr_segs,
404 size_t bytes)
405{
406 size_t base = 0;
407
408 while (bytes || !iov->iov_len) {
409 int copy = min(bytes, iov->iov_len);
410
411 bytes -= copy;
412 base += copy;
413 if (iov->iov_len == base) {
414 iov++;
415 nr_segs--;
416 base = 0;
417 }
418 }
419 memcpy(new, iov, sizeof(*iov) * nr_segs);
420 new->iov_base += base;
421 new->iov_len -= base;
422 return nr_segs;
423}
424
1041e3f9
JL		 425static struct kvec *
426get_server_iovec(struct TCP_Server_Info *server, unsigned int nr_segs)
e7015fb1 427{
1041e3f9
JL		 428 struct kvec *new_iov;
429
430 if (server->iov && nr_segs <= server->nr_iov)
431 return server->iov;
432
433 /* not big enough -- allocate a new one and release the old */
434 new_iov = kmalloc(sizeof(*new_iov) * nr_segs, GFP_NOFS);
435 if (new_iov) {
436 kfree(server->iov);
437 server->iov = new_iov;
438 server->nr_iov = nr_segs;
439 }
440 return new_iov;
441}
442
e28bc5b1
JL		 443int
444cifs_readv_from_socket(struct TCP_Server_Info *server, struct kvec *iov_orig,
445 unsigned int nr_segs, unsigned int to_read)
e7015fb1 446{
a52c1eb7
JL		 447 int length = 0;
448 int total_read;
42c4dfc2 449 unsigned int segs;
e831e6cf 450 struct msghdr smb_msg;
42c4dfc2
JL		 451 struct kvec *iov;
452
1041e3f9 453 iov = get_server_iovec(server, nr_segs);
42c4dfc2
JL		 454 if (!iov)
455 return -ENOMEM;
e7015fb1 456
e831e6cf
JL		 457 smb_msg.msg_control = NULL;
458 smb_msg.msg_controllen = 0;
459
a52c1eb7 460 for (total_read = 0; to_read; total_read += length, to_read -= length) {
95edcff4
JL		 461 try_to_freeze();
462
ba749e6d 463 if (server_unresponsive(server)) {
a52c1eb7 464 total_read = -EAGAIN;
ba749e6d
JL		 465 break;
466 }
467
42c4dfc2
JL		 468 segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
469
470 length = kernel_recvmsg(server->ssocket, &smb_msg,
471 iov, segs, to_read, 0);
e7015fb1 472
e7015fb1 473 if (server->tcpStatus == CifsExiting) {
a52c1eb7 474 total_read = -ESHUTDOWN;
e7015fb1
PS		 475 break;
476 } else if (server->tcpStatus == CifsNeedReconnect) {
477 cifs_reconnect(server);
a52c1eb7 478 total_read = -EAGAIN;
e7015fb1
PS		 479 break;
480 } else if (length == -ERESTARTSYS ||
481 length == -EAGAIN ||
482 length == -EINTR) {
483 /*
484 * Minimum sleep to prevent looping, allowing socket
485 * to clear and app threads to set tcpStatus
486 * CifsNeedReconnect if server hung.
487 */
488 usleep_range(1000, 2000);
489 length = 0;
a52c1eb7 490 continue;
e7015fb1 491 } else if (length <= 0) {
a52c1eb7
JL		 492 cFYI(1, "Received no data or error: expecting %d "
493 "got %d", to_read, length);
e7015fb1 494 cifs_reconnect(server);
a52c1eb7 495 total_read = -EAGAIN;
e7015fb1
PS		 496 break;
497 }
498 }
a52c1eb7 499 return total_read;
e7015fb1 500}
e7015fb1 501
e28bc5b1
JL		 502int
503cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
504 unsigned int to_read)
42c4dfc2
JL		 505{
506 struct kvec iov;
507
508 iov.iov_base = buf;
509 iov.iov_len = to_read;
510
e28bc5b1 511 return cifs_readv_from_socket(server, &iov, 1, to_read);
e7015fb1
PS		 512}
513
98bac62c 514static bool
fe11e4cc 515is_smb_response(struct TCP_Server_Info *server, unsigned char type)
98bac62c 516{
98bac62c
PS		 517 /*
518 * The first byte big endian of the length field,
519 * is actually not part of the length but the type
520 * with the most common, zero, as regular data.
521 */
fe11e4cc
JL		 522 switch (type) {
523 case RFC1002_SESSION_MESSAGE:
524 /* Regular SMB response */
525 return true;
526 case RFC1002_SESSION_KEEP_ALIVE:
527 cFYI(1, "RFC 1002 session keep alive");
528 break;
529 case RFC1002_POSITIVE_SESSION_RESPONSE:
530 cFYI(1, "RFC 1002 positive session response");
531 break;
532 case RFC1002_NEGATIVE_SESSION_RESPONSE:
98bac62c
PS		 533 /*
534 * We get this from Windows 98 instead of an error on
535 * SMB negprot response.
536 */
fe11e4cc 537 cFYI(1, "RFC 1002 negative session response");
98bac62c
PS		 538 /* give server a second to clean up */
539 msleep(1000);
540 /*
541 * Always try 445 first on reconnect since we get NACK
542 * on some if we ever connected to port 139 (the NACK
543 * is since we do not begin with RFC1001 session
544 * initialize frame).
545 */
fe11e4cc 546 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
98bac62c
PS		 547 cifs_reconnect(server);
548 wake_up(&server->response_q);
fe11e4cc
JL		 549 break;
550 default:
551 cERROR(1, "RFC 1002 unknown response type 0x%x", type);
98bac62c 552 cifs_reconnect(server);
98bac62c
PS		 553 }
554
fe11e4cc 555 return false;
98bac62c
PS		 556}
557
ad69bae1 558static struct mid_q_entry *
ea1f4502 559find_mid(struct TCP_Server_Info *server, struct smb_hdr *buf)
ad69bae1 560{
ea1f4502 561 struct mid_q_entry *mid;
ad69bae1
PS		 562
563 spin_lock(&GlobalMid_Lock);
ea1f4502
JL		 564 list_for_each_entry(mid, &server->pending_mid_q, qhead) {
565 if (mid->mid == buf->Mid &&
566 mid->midState == MID_REQUEST_SUBMITTED &&
567 mid->command == buf->Command) {
568 spin_unlock(&GlobalMid_Lock);
569 return mid;
ad69bae1 570 }
ea1f4502
JL		 571 }
572 spin_unlock(&GlobalMid_Lock);
573 return NULL;
574}
575
e28bc5b1
JL		 576void
577dequeue_mid(struct mid_q_entry *mid, bool malformed)
ea1f4502 578{
ad69bae1 579#ifdef CONFIG_CIFS_STATS2
ea1f4502 580 mid->when_received = jiffies;
ad69bae1 581#endif
ea1f4502
JL		 582 spin_lock(&GlobalMid_Lock);
583 if (!malformed)
584 mid->midState = MID_RESPONSE_RECEIVED;
585 else
586 mid->midState = MID_RESPONSE_MALFORMED;
587 list_del_init(&mid->qhead);
ad69bae1 588 spin_unlock(&GlobalMid_Lock);
ea1f4502 589}
ad69bae1 590
c8054ebd
JL		 591static void
592handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
593 struct smb_hdr *buf, int malformed)
ea1f4502 594{
ffc00e27
JL		 595 if (malformed == 0 && check2ndT2(buf) > 0) {
596 mid->multiRsp = true;
ea1f4502
JL		 597 if (mid->resp_buf) {
598 /* merge response - fix up 1st*/
ffc00e27
JL		 599 malformed = coalesce_t2(buf, mid->resp_buf);
600 if (malformed > 0)
c8054ebd 601 return;
ffc00e27 602
ea1f4502
JL		 603 /* All parts received or packet is malformed. */
604 mid->multiEnd = true;
c8054ebd 605 return dequeue_mid(mid, malformed);
ea1f4502 606 }
2a37ef94 607 if (!server->large_buf) {
ea1f4502
JL		 608 /*FIXME: switch to already allocated largebuf?*/
609 cERROR(1, "1st trans2 resp needs bigbuf");
610 } else {
611 /* Have first buffer */
612 mid->resp_buf = buf;
613 mid->largeBuf = true;
2a37ef94 614 server->bigbuf = NULL;
ea1f4502 615 }
c8054ebd 616 return;
ea1f4502
JL		 617 }
618 mid->resp_buf = buf;
2a37ef94
JL		 619 mid->largeBuf = server->large_buf;
620 /* Was previous buf put in mpx struct for multi-rsp? */
621 if (!mid->multiRsp) {
622 /* smb buffer will be freed by user thread */
623 if (server->large_buf)
624 server->bigbuf = NULL;
625 else
626 server->smallbuf = NULL;
627 }
ffc00e27 628 dequeue_mid(mid, malformed);
ad69bae1
PS		 629}
630
762dfd10
PS		 631static void clean_demultiplex_info(struct TCP_Server_Info *server)
632{
633 int length;
634
635 /* take it off the list, if it's not already */
636 spin_lock(&cifs_tcp_ses_lock);
637 list_del_init(&server->tcp_ses_list);
638 spin_unlock(&cifs_tcp_ses_lock);
639
640 spin_lock(&GlobalMid_Lock);
641 server->tcpStatus = CifsExiting;
642 spin_unlock(&GlobalMid_Lock);
643 wake_up_all(&server->response_q);
644
645 /*
646 * Check if we have blocked requests that need to free. Note that
647 * cifs_max_pending is normally 50, but can be set at module install
648 * time to as little as two.
649 */
650 spin_lock(&GlobalMid_Lock);
651 if (atomic_read(&server->inFlight) >= cifs_max_pending)
652 atomic_set(&server->inFlight, cifs_max_pending - 1);
653 /*
654 * We do not want to set the max_pending too low or we could end up
655 * with the counter going negative.
656 */
657 spin_unlock(&GlobalMid_Lock);
658 /*
659 * Although there should not be any requests blocked on this queue it
660 * can not hurt to be paranoid and try to wake up requests that may
661 * haven been blocked when more than 50 at time were on the wire to the
662 * same server - they now will see the session is in exit state and get
663 * out of SendReceive.
664 */
665 wake_up_all(&server->request_q);
666 /* give those requests time to exit */
667 msleep(125);
668
669 if (server->ssocket) {
670 sock_release(server->ssocket);
671 server->ssocket = NULL;
672 }
673
674 if (!list_empty(&server->pending_mid_q)) {
675 struct list_head dispose_list;
676 struct mid_q_entry *mid_entry;
677 struct list_head *tmp, *tmp2;
678
679 INIT_LIST_HEAD(&dispose_list);
680 spin_lock(&GlobalMid_Lock);
681 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
682 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
683 cFYI(1, "Clearing mid 0x%x", mid_entry->mid);
684 mid_entry->midState = MID_SHUTDOWN;
685 list_move(&mid_entry->qhead, &dispose_list);
686 }
687 spin_unlock(&GlobalMid_Lock);
688
689 /* now walk dispose list and issue callbacks */
690 list_for_each_safe(tmp, tmp2, &dispose_list) {
691 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
692 cFYI(1, "Callback mid 0x%x", mid_entry->mid);
693 list_del_init(&mid_entry->qhead);
694 mid_entry->callback(mid_entry);
695 }
696 /* 1/8th of sec is more than enough time for them to exit */
697 msleep(125);
698 }
699
700 if (!list_empty(&server->pending_mid_q)) {
701 /*
702 * mpx threads have not exited yet give them at least the smb
703 * send timeout time for long ops.
704 *
705 * Due to delays on oplock break requests, we need to wait at
706 * least 45 seconds before giving up on a request getting a
707 * response and going ahead and killing cifsd.
708 */
709 cFYI(1, "Wait for exit from demultiplex thread");
710 msleep(46000);
711 /*
712 * If threads still have not exited they are probably never
713 * coming home not much else we can do but free the memory.
714 */
715 }
716
717 kfree(server->hostname);
1041e3f9 718 kfree(server->iov);
762dfd10
PS		 719 kfree(server);
720
721 length = atomic_dec_return(&tcpSesAllocCount);
722 if (length > 0)
723 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
724 GFP_KERNEL);
725}
726
e9097ab4
JL		 727static int
728standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
729{
730 int length;
731 char *buf = server->smallbuf;
732 struct smb_hdr *smb_buffer = (struct smb_hdr *)buf;
733 unsigned int pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
734
735 /* make sure this will fit in a large buffer */
736 if (pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
737 cERROR(1, "SMB response too long (%u bytes)",
738 pdu_length);
739 cifs_reconnect(server);
740 wake_up(&server->response_q);
741 return -EAGAIN;
742 }
743
744 /* switch to large buffer if too big for a small one */
745 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
746 server->large_buf = true;
747 memcpy(server->bigbuf, server->smallbuf, server->total_read);
748 buf = server->bigbuf;
749 smb_buffer = (struct smb_hdr *)buf;
750 }
751
752 /* now read the rest */
e28bc5b1 753 length = cifs_read_from_socket(server,
e9097ab4
JL		 754 buf + sizeof(struct smb_hdr) - 1,
755 pdu_length - sizeof(struct smb_hdr) + 1 + 4);
756 if (length < 0)
757 return length;
758 server->total_read += length;
759
760 dump_smb(smb_buffer, server->total_read);
761
762 /*
763 * We know that we received enough to get to the MID as we
764 * checked the pdu_length earlier. Now check to see
765 * if the rest of the header is OK. We borrow the length
766 * var for the rest of the loop to avoid a new stack var.
767 *
768 * 48 bytes is enough to display the header and a little bit
769 * into the payload for debugging purposes.
770 */
771 length = checkSMB(smb_buffer, smb_buffer->Mid, server->total_read);
772 if (length != 0)
773 cifs_dump_mem("Bad SMB: ", buf,
774 min_t(unsigned int, server->total_read, 48));
775
776 if (mid)
777 handle_mid(mid, server, smb_buffer, length);
778
779 return length;
780}
781
1da177e4 782static int
7c97c200 783cifs_demultiplex_thread(void *p)
1da177e4
LT		 784{
785 int length;
7c97c200 786 struct TCP_Server_Info *server = p;
2a37ef94
JL		 787 unsigned int pdu_length;
788 char *buf = NULL;
1da177e4 789 struct smb_hdr *smb_buffer = NULL;
1da177e4
LT		 790 struct task_struct *task_to_wake = NULL;
791 struct mid_q_entry *mid_entry;
1da177e4 792
1da177e4 793 current->flags |= PF_MEMALLOC;
b6b38f70 794 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
93d0ec85
JL		 795
796 length = atomic_inc_return(&tcpSesAllocCount);
797 if (length > 1)
26f57364
SF		 798 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
799 GFP_KERNEL);
1da177e4 800
83144186 801 set_freezable();
469ee614 802 while (server->tcpStatus != CifsExiting) {
ede1327e
SF		 803 if (try_to_freeze())
804 continue;
b8643e1b 805
2a37ef94 806 if (!allocate_buffers(server))
3d9c2472 807 continue;
b8643e1b 808
2a37ef94
JL		 809 server->large_buf = false;
810 smb_buffer = (struct smb_hdr *)server->smallbuf;
811 buf = server->smallbuf;
f01d5e14 812 pdu_length = 4; /* enough to get RFC1001 header */
fda35943 813
e28bc5b1 814 length = cifs_read_from_socket(server, buf, pdu_length);
a52c1eb7 815 if (length < 0)
1da177e4 816 continue;
2a37ef94 817 server->total_read = length;
1da177e4 818
98bac62c
PS		 819 /*
820 * The right amount was read from socket - 4 bytes,
821 * so we can now interpret the length field.
822 */
be8e3b00 823 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
70ca734a 824
fe11e4cc
JL		 825 cFYI(1, "RFC1002 header 0x%x", pdu_length);
826 if (!is_smb_response(server, buf[0]))
fb8c4b14 827 continue;
e4eb295d 828
89482a56
JL		 829 /* make sure we have enough to get to the MID */
830 if (pdu_length < sizeof(struct smb_hdr) - 1 - 4) {
831 cERROR(1, "SMB response too short (%u bytes)",
832 pdu_length);
833 cifs_reconnect(server);
834 wake_up(&server->response_q);
835 continue;
e4eb295d 836 }
e7015fb1 837
89482a56 838 /* read down to the MID */
e28bc5b1
JL		 839 length = cifs_read_from_socket(server, buf + 4,
840 sizeof(struct smb_hdr) - 1 - 4);
89482a56 841 if (length < 0)
e4eb295d 842 continue;
2a37ef94 843 server->total_read += length;
1da177e4 844
c8054ebd 845 mid_entry = find_mid(server, smb_buffer);
50c2f753 846
44d22d84
JL		 847 if (!mid_entry || !mid_entry->receive)
848 length = standard_receive3(server, mid_entry);
849 else
850 length = mid_entry->receive(server, mid_entry);
71823baf 851
e9097ab4 852 if (length < 0)
fe11e4cc 853 continue;
1da177e4 854
e9097ab4 855 if (server->large_buf) {
2a37ef94 856 buf = server->bigbuf;
e9097ab4 857 smb_buffer = (struct smb_hdr *)buf;
e4eb295d 858 }
fda35943 859
fda35943 860 server->lstrp = jiffies;
2b84a36c 861 if (mid_entry != NULL) {
2a37ef94
JL		 862 if (!mid_entry->multiRsp || mid_entry->multiEnd)
863 mid_entry->callback(mid_entry);
ffc00e27 864 } else if (!is_valid_oplock_break(smb_buffer, server)) {
b6b38f70 865 cERROR(1, "No task to wake, unknown frame received! "
8097531a 866 "NumMids %d", atomic_read(&midCount));
3d9c2472 867 cifs_dump_mem("Received Data is: ", buf,
70ca734a 868 sizeof(struct smb_hdr));
3979877e
SF		 869#ifdef CONFIG_CIFS_DEBUG2
870 cifs_dump_detail(smb_buffer);
871 cifs_dump_mids(server);
872#endif /* CIFS_DEBUG2 */
50c2f753 873
e4eb295d
SF		 874 }
875 } /* end while !EXITING */
876
fd62cb7e 877 /* buffer usually freed in free_mid - need to free it here on exit */
2a37ef94
JL		 878 cifs_buf_release(server->bigbuf);
879 if (server->smallbuf) /* no sense logging a debug message if NULL */
880 cifs_small_buf_release(server->smallbuf);
1da177e4 881
b1c8d2b4 882 task_to_wake = xchg(&server->tsk, NULL);
762dfd10 883 clean_demultiplex_info(server);
50c2f753 884
b1c8d2b4
JL		 885 /* if server->tsk was NULL then wait for a signal before exiting */
886 if (!task_to_wake) {
887 set_current_state(TASK_INTERRUPTIBLE);
888 while (!signal_pending(current)) {
889 schedule();
890 set_current_state(TASK_INTERRUPTIBLE);
891 }
892 set_current_state(TASK_RUNNING);
893 }
894
0468a2cf 895 module_put_and_exit(0);
1da177e4
LT		 896}
897
c359cf3c
JL		 898/* extract the host portion of the UNC string */
899static char *
900extract_hostname(const char *unc)
901{
902 const char *src;
903 char *dst, *delim;
904 unsigned int len;
905
906 /* skip double chars at beginning of string */
907 /* BB: check validity of these bytes? */
908 src = unc + 2;
909
910 /* delimiter between hostname and sharename is always '\\' now */
911 delim = strchr(src, '\\');
912 if (!delim)
913 return ERR_PTR(-EINVAL);
914
915 len = delim - src;
916 dst = kmalloc((len + 1), GFP_KERNEL);
917 if (dst == NULL)
918 return ERR_PTR(-ENOMEM);
919
920 memcpy(dst, src, len);
921 dst[len] = '\0';
922
923 return dst;
924}
925
1da177e4 926static int
b946845a 927cifs_parse_mount_options(const char *mountdata, const char *devname,
50c2f753 928 struct smb_vol *vol)
1da177e4 929{
4906e50b 930 char *value, *data, *end;
957df453 931 char *mountdata_copy = NULL, *options;
3d3ea8e6 932 int err;
1da177e4
LT		 933 unsigned int temp_len, i, j;
934 char separator[2];
9b9d6b24
JL		 935 short int override_uid = -1;
936 short int override_gid = -1;
937 bool uid_specified = false;
938 bool gid_specified = false;
88463999 939 char *nodename = utsname()->nodename;
1da177e4
LT		 940
941 separator[0] = ',';
50c2f753 942 separator[1] = 0;
1da177e4 943
88463999
JL		 944 /*
945 * does not have to be perfect mapping since field is
946 * informational, only used for servers that do not support
947 * port 445 and it can be overridden at mount time
948 */
1397f2ee
JL		 949 memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
950 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
88463999
JL		 951 vol->source_rfc1001_name[i] = toupper(nodename[i]);
952
1397f2ee 953 vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
a10faeb2
SF		 954 /* null target name indicates to use *SMBSERVR default called name
955 if we end up sending RFC1001 session initialize */
956 vol->target_rfc1001_name[0] = 0;
3e4b3e1f
JL		 957 vol->cred_uid = current_uid();
958 vol->linux_uid = current_uid();
a001e5b5 959 vol->linux_gid = current_gid();
f55ed1a8
JL		 960
961 /* default to only allowing write access to owner of the mount */
962 vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1da177e4
LT		 963
964 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
ac67055e
JA		 965 /* default is always to request posix paths. */
966 vol->posix_paths = 1;
a0c9217f
JL		 967 /* default to using server inode numbers where available */
968 vol->server_ino = 1;
ac67055e 969
6d20e840
SJ		 970 vol->actimeo = CIFS_DEF_ACTIMEO;
971
b946845a
SF		 972 if (!mountdata)
973 goto cifs_parse_mount_err;
974
975 mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
976 if (!mountdata_copy)
977 goto cifs_parse_mount_err;
1da177e4 978
b946845a 979 options = mountdata_copy;
4906e50b 980 end = options + strlen(options);
50c2f753 981 if (strncmp(options, "sep=", 4) == 0) {
fb8c4b14 982 if (options[4] != 0) {
1da177e4
LT		 983 separator[0] = options[4];
984 options += 5;
985 } else {
b6b38f70 986 cFYI(1, "Null separator not allowed");
1da177e4
LT		 987 }
988 }
3d3ea8e6
SP		 989 vol->backupuid_specified = false; /* no backup intent for a user */
990 vol->backupgid_specified = false; /* no backup intent for a group */
50c2f753 991
1da177e4
LT		 992 while ((data = strsep(&options, separator)) != NULL) {
993 if (!*data)
994 continue;
995 if ((value = strchr(data, '=')) != NULL)
996 *value++ = '\0';
997
50c2f753
SF		 998 /* Have to parse this before we parse for "user" */
999 if (strnicmp(data, "user_xattr", 10) == 0) {
1da177e4 1000 vol->no_xattr = 0;
50c2f753 1001 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
1da177e4
LT		 1002 vol->no_xattr = 1;
1003 } else if (strnicmp(data, "user", 4) == 0) {
4b952a9b 1004 if (!value) {
1da177e4
LT		 1005 printk(KERN_WARNING
1006 "CIFS: invalid or missing username\n");
b946845a 1007 goto cifs_parse_mount_err;
fb8c4b14 1008 } else if (!*value) {
4b952a9b
SF		 1009 /* null user, ie anonymous, authentication */
1010 vol->nullauth = 1;
1da177e4 1011 }
8727c8a8
SF		 1012 if (strnlen(value, MAX_USERNAME_SIZE) <
1013 MAX_USERNAME_SIZE) {
b946845a
SF		 1014 vol->username = kstrdup(value, GFP_KERNEL);
1015 if (!vol->username) {
1016 printk(KERN_WARNING "CIFS: no memory "
1017 "for username\n");
1018 goto cifs_parse_mount_err;
1019 }
1da177e4
LT		 1020 } else {
1021 printk(KERN_WARNING "CIFS: username too long\n");
b946845a 1022 goto cifs_parse_mount_err;
1da177e4
LT		 1023 }
1024 } else if (strnicmp(data, "pass", 4) == 0) {
1025 if (!value) {
1026 vol->password = NULL;
1027 continue;
fb8c4b14 1028 } else if (value[0] == 0) {
1da177e4
LT		 1029 /* check if string begins with double comma
1030 since that would mean the password really
1031 does start with a comma, and would not
1032 indicate an empty string */
fb8c4b14 1033 if (value[1] != separator[0]) {
1da177e4
LT		 1034 vol->password = NULL;
1035 continue;
1036 }
1037 }
1038 temp_len = strlen(value);
1039 /* removed password length check, NTLM passwords
1040 can be arbitrarily long */
1041
50c2f753 1042 /* if comma in password, the string will be
1da177e4
LT		 1043 prematurely null terminated. Commas in password are
1044 specified across the cifs mount interface by a double
1045 comma ie ,, and a comma used as in other cases ie ','
1046 as a parameter delimiter/separator is single and due
1047 to the strsep above is temporarily zeroed. */
1048
1049 /* NB: password legally can have multiple commas and
1050 the only illegal character in a password is null */
1051
50c2f753 1052 if ((value[temp_len] == 0) &&
4906e50b 1053 (value + temp_len < end) &&
09d1db5c 1054 (value[temp_len+1] == separator[0])) {
1da177e4
LT		 1055 /* reinsert comma */
1056 value[temp_len] = separator[0];
50c2f753
SF		 1057 temp_len += 2; /* move after second comma */
1058 while (value[temp_len] != 0) {
1da177e4 1059 if (value[temp_len] == separator[0]) {
50c2f753 1060 if (value[temp_len+1] ==
09d1db5c
SF		 1061 separator[0]) {
1062 /* skip second comma */
1063 temp_len++;
50c2f753 1064 } else {
1da177e4
LT		 1065 /* single comma indicating start
1066 of next parm */
1067 break;
1068 }
1069 }
1070 temp_len++;
1071 }
fb8c4b14 1072 if (value[temp_len] == 0) {
1da177e4
LT		 1073 options = NULL;
1074 } else {
1075 value[temp_len] = 0;
1076 /* point option to start of next parm */
1077 options = value + temp_len + 1;
1078 }
50c2f753 1079 /* go from value to value + temp_len condensing
1da177e4
LT		 1080 double commas to singles. Note that this ends up
1081 allocating a few bytes too many, which is ok */
e915fc49 1082 vol->password = kzalloc(temp_len, GFP_KERNEL);
fb8c4b14 1083 if (vol->password == NULL) {
50c2f753
SF		 1084 printk(KERN_WARNING "CIFS: no memory "
1085 "for password\n");
b946845a 1086 goto cifs_parse_mount_err;
433dc24f 1087 }
50c2f753 1088 for (i = 0, j = 0; i < temp_len; i++, j++) {
1da177e4 1089 vol->password[j] = value[i];
fb8c4b14 1090 if (value[i] == separator[0]
09d1db5c 1091 && value[i+1] == separator[0]) {
1da177e4
LT		 1092 /* skip second comma */
1093 i++;
1094 }
1095 }
1096 vol->password[j] = 0;
1097 } else {
e915fc49 1098 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
fb8c4b14 1099 if (vol->password == NULL) {
50c2f753
SF		 1100 printk(KERN_WARNING "CIFS: no memory "
1101 "for password\n");
b946845a 1102 goto cifs_parse_mount_err;
433dc24f 1103 }
1da177e4
LT		 1104 strcpy(vol->password, value);
1105 }
58f7f68f
JL		 1106 } else if (!strnicmp(data, "ip", 2) ||
1107 !strnicmp(data, "addr", 4)) {
1da177e4
LT		 1108 if (!value || !*value) {
1109 vol->UNCip = NULL;
50b64e3b
JL		 1110 } else if (strnlen(value, INET6_ADDRSTRLEN) <
1111 INET6_ADDRSTRLEN) {
b946845a
SF		 1112 vol->UNCip = kstrdup(value, GFP_KERNEL);
1113 if (!vol->UNCip) {
1114 printk(KERN_WARNING "CIFS: no memory "
1115 "for UNC IP\n");
1116 goto cifs_parse_mount_err;
1117 }
1da177e4 1118 } else {
50c2f753
SF		 1119 printk(KERN_WARNING "CIFS: ip address "
1120 "too long\n");
b946845a 1121 goto cifs_parse_mount_err;
1da177e4 1122 }
50c2f753
SF		 1123 } else if (strnicmp(data, "sec", 3) == 0) {
1124 if (!value || !*value) {
b6b38f70 1125 cERROR(1, "no security value specified");
50c2f753
SF		 1126 continue;
1127 } else if (strnicmp(value, "krb5i", 5) == 0) {
1128 vol->secFlg |= CIFSSEC_MAY_KRB5 |
189acaae 1129 CIFSSEC_MUST_SIGN;
bf820679 1130 } else if (strnicmp(value, "krb5p", 5) == 0) {
50c2f753
SF		 1131 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
1132 CIFSSEC_MAY_KRB5; */
b6b38f70 1133 cERROR(1, "Krb5 cifs privacy not supported");
b946845a 1134 goto cifs_parse_mount_err;
bf820679 1135 } else if (strnicmp(value, "krb5", 4) == 0) {
750d1151 1136 vol->secFlg |= CIFSSEC_MAY_KRB5;
ac683924
SF		 1137 } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
1138 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
1139 CIFSSEC_MUST_SIGN;
1140 } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1141 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
bf820679 1142 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
750d1151 1143 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
189acaae 1144 CIFSSEC_MUST_SIGN;
bf820679 1145 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
750d1151 1146 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
bf820679 1147 } else if (strnicmp(value, "ntlmi", 5) == 0) {
750d1151 1148 vol->secFlg |= CIFSSEC_MAY_NTLM |
189acaae 1149 CIFSSEC_MUST_SIGN;
bf820679
SF		 1150 } else if (strnicmp(value, "ntlm", 4) == 0) {
1151 /* ntlm is default so can be turned off too */
750d1151 1152 vol->secFlg |= CIFSSEC_MAY_NTLM;
bf820679 1153 } else if (strnicmp(value, "nontlm", 6) == 0) {
189acaae 1154 /* BB is there a better way to do this? */
750d1151 1155 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
189acaae
SF		 1156#ifdef CONFIG_CIFS_WEAK_PW_HASH
1157 } else if (strnicmp(value, "lanman", 6) == 0) {
50c2f753 1158 vol->secFlg |= CIFSSEC_MAY_LANMAN;
189acaae 1159#endif
bf820679 1160 } else if (strnicmp(value, "none", 4) == 0) {
189acaae 1161 vol->nullauth = 1;
50c2f753 1162 } else {
b6b38f70 1163 cERROR(1, "bad security option: %s", value);
b946845a 1164 goto cifs_parse_mount_err;
50c2f753 1165 }
1cb06d0b
SF		 1166 } else if (strnicmp(data, "vers", 3) == 0) {
1167 if (!value || !*value) {
1168 cERROR(1, "no protocol version specified"
1169 " after vers= mount option");
1170 } else if ((strnicmp(value, "cifs", 4) == 0) ||
1171 (strnicmp(value, "1", 1) == 0)) {
1172 /* this is the default */
1173 continue;
1cb06d0b 1174 }
1da177e4
LT		 1175 } else if ((strnicmp(data, "unc", 3) == 0)
1176 || (strnicmp(data, "target", 6) == 0)
1177 || (strnicmp(data, "path", 4) == 0)) {
1178 if (!value || !*value) {
50c2f753
SF		 1179 printk(KERN_WARNING "CIFS: invalid path to "
1180 "network resource\n");
b946845a 1181 goto cifs_parse_mount_err;
1da177e4
LT		 1182 }
1183 if ((temp_len = strnlen(value, 300)) < 300) {
50c2f753 1184 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
4523cc30 1185 if (vol->UNC == NULL)
b946845a 1186 goto cifs_parse_mount_err;
50c2f753 1187 strcpy(vol->UNC, value);
1da177e4
LT		 1188 if (strncmp(vol->UNC, "//", 2) == 0) {
1189 vol->UNC[0] = '\\';
1190 vol->UNC[1] = '\\';
50c2f753 1191 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1da177e4 1192 printk(KERN_WARNING
50c2f753
SF		 1193 "CIFS: UNC Path does not begin "
1194 "with // or \\\\ \n");
b946845a 1195 goto cifs_parse_mount_err;
1da177e4
LT		 1196 }
1197 } else {
1198 printk(KERN_WARNING "CIFS: UNC name too long\n");
b946845a 1199 goto cifs_parse_mount_err;
1da177e4
LT		 1200 }
1201 } else if ((strnicmp(data, "domain", 3) == 0)
1202 || (strnicmp(data, "workgroup", 5) == 0)) {
1203 if (!value || !*value) {
1204 printk(KERN_WARNING "CIFS: invalid domain name\n");
b946845a 1205 goto cifs_parse_mount_err;
1da177e4
LT		 1206 }
1207 /* BB are there cases in which a comma can be valid in
1208 a domain name and need special handling? */
3979877e 1209 if (strnlen(value, 256) < 256) {
b946845a
SF		 1210 vol->domainname = kstrdup(value, GFP_KERNEL);
1211 if (!vol->domainname) {
1212 printk(KERN_WARNING "CIFS: no memory "
1213 "for domainname\n");
1214 goto cifs_parse_mount_err;
1215 }
b6b38f70 1216 cFYI(1, "Domain name set");
1da177e4 1217 } else {
50c2f753
SF		 1218 printk(KERN_WARNING "CIFS: domain name too "
1219 "long\n");
b946845a 1220 goto cifs_parse_mount_err;
1da177e4 1221 }
3eb9a889
BG		 1222 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1223 vol->srcaddr.ss_family = AF_UNSPEC;
1224
1225 if (!value || !*value) {
1226 printk(KERN_WARNING "CIFS: srcaddr value"
1227 " not specified.\n");
b946845a 1228 goto cifs_parse_mount_err;
3eb9a889
BG		 1229 }
1230 i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1231 value, strlen(value));
b235f371 1232 if (i == 0) {
3eb9a889
BG		 1233 printk(KERN_WARNING "CIFS: Could not parse"
1234 " srcaddr: %s\n",
1235 value);
b946845a 1236 goto cifs_parse_mount_err;
3eb9a889 1237 }
50c2f753
SF		 1238 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1239 if (!value || !*value) {
1240 printk(KERN_WARNING
1241 "CIFS: invalid path prefix\n");
b946845a 1242 goto cifs_parse_mount_err;
50c2f753
SF		 1243 }
1244 if ((temp_len = strnlen(value, 1024)) < 1024) {
4523cc30 1245 if (value[0] != '/')
2fe87f02 1246 temp_len++; /* missing leading slash */
50c2f753
SF		 1247 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1248 if (vol->prepath == NULL)
b946845a 1249 goto cifs_parse_mount_err;
4523cc30 1250 if (value[0] != '/') {
2fe87f02 1251 vol->prepath[0] = '/';
50c2f753 1252 strcpy(vol->prepath+1, value);
2fe87f02 1253 } else
50c2f753 1254 strcpy(vol->prepath, value);
b6b38f70 1255 cFYI(1, "prefix path %s", vol->prepath);
50c2f753
SF		 1256 } else {
1257 printk(KERN_WARNING "CIFS: prefix too long\n");
b946845a 1258 goto cifs_parse_mount_err;
50c2f753 1259 }
1da177e4
LT		 1260 } else if (strnicmp(data, "iocharset", 9) == 0) {
1261 if (!value || !*value) {
63135e08
SF		 1262 printk(KERN_WARNING "CIFS: invalid iocharset "
1263 "specified\n");
b946845a 1264 goto cifs_parse_mount_err;
1da177e4
LT		 1265 }
1266 if (strnlen(value, 65) < 65) {
b946845a
SF		 1267 if (strnicmp(value, "default", 7)) {
1268 vol->iocharset = kstrdup(value,
1269 GFP_KERNEL);
1270
1271 if (!vol->iocharset) {
1272 printk(KERN_WARNING "CIFS: no "
1273 "memory for"
1274 "charset\n");
1275 goto cifs_parse_mount_err;
1276 }
1277 }
50c2f753
SF		 1278 /* if iocharset not set then load_nls_default
1279 is used by caller */
b6b38f70 1280 cFYI(1, "iocharset set to %s", value);
1da177e4 1281 } else {
63135e08
SF		 1282 printk(KERN_WARNING "CIFS: iocharset name "
1283 "too long.\n");
b946845a 1284 goto cifs_parse_mount_err;
1da177e4 1285 }
9b9d6b24
JL		 1286 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1287 vol->linux_uid = simple_strtoul(value, &value, 0);
1288 uid_specified = true;
bd763319
JL		 1289 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1290 vol->cred_uid = simple_strtoul(value, &value, 0);
9b9d6b24
JL		 1291 } else if (!strnicmp(data, "forceuid", 8)) {
1292 override_uid = 1;
1293 } else if (!strnicmp(data, "noforceuid", 10)) {
1294 override_uid = 0;
1295 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1296 vol->linux_gid = simple_strtoul(value, &value, 0);
1297 gid_specified = true;
1298 } else if (!strnicmp(data, "forcegid", 8)) {
1299 override_gid = 1;
1300 } else if (!strnicmp(data, "noforcegid", 10)) {
1301 override_gid = 0;
1da177e4
LT		 1302 } else if (strnicmp(data, "file_mode", 4) == 0) {
1303 if (value && *value) {
1304 vol->file_mode =
1305 simple_strtoul(value, &value, 0);
1306 }
1307 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1308 if (value && *value) {
1309 vol->dir_mode =
1310 simple_strtoul(value, &value, 0);
1311 }
1312 } else if (strnicmp(data, "dirmode", 4) == 0) {
1313 if (value && *value) {
1314 vol->dir_mode =
1315 simple_strtoul(value, &value, 0);
1316 }
1317 } else if (strnicmp(data, "port", 4) == 0) {
1318 if (value && *value) {
1319 vol->port =
1320 simple_strtoul(value, &value, 0);
1321 }
1322 } else if (strnicmp(data, "rsize", 5) == 0) {
1323 if (value && *value) {
1324 vol->rsize =
1325 simple_strtoul(value, &value, 0);
1326 }
1327 } else if (strnicmp(data, "wsize", 5) == 0) {
1328 if (value && *value) {
1329 vol->wsize =
1330 simple_strtoul(value, &value, 0);
1331 }
1332 } else if (strnicmp(data, "sockopt", 5) == 0) {
6a5fa236 1333 if (!value || !*value) {
b6b38f70 1334 cERROR(1, "no socket option specified");
6a5fa236
SF		 1335 continue;
1336 } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1337 vol->sockopt_tcp_nodelay = 1;
1da177e4
LT		 1338 }
1339 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1340 if (!value || !*value || (*value == ' ')) {
b6b38f70 1341 cFYI(1, "invalid (empty) netbiosname");
1da177e4 1342 } else {
1397f2ee
JL		 1343 memset(vol->source_rfc1001_name, 0x20,
1344 RFC1001_NAME_LEN);
1345 /*
1346 * FIXME: are there cases in which a comma can
1347 * be valid in workstation netbios name (and
1348 * need special handling)?
1349 */
1350 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1351 /* don't ucase netbiosname for user */
50c2f753 1352 if (value[i] == 0)
1da177e4 1353 break;
1397f2ee 1354 vol->source_rfc1001_name[i] = value[i];
1da177e4
LT		 1355 }
1356 /* The string has 16th byte zero still from
1357 set at top of the function */
1397f2ee 1358 if (i == RFC1001_NAME_LEN && value[i] != 0)
50c2f753
SF		 1359 printk(KERN_WARNING "CIFS: netbiosname"
1360 " longer than 15 truncated.\n");
a10faeb2
SF		 1361 }
1362 } else if (strnicmp(data, "servern", 7) == 0) {
1363 /* servernetbiosname specified override *SMBSERVER */
1364 if (!value || !*value || (*value == ' ')) {
b6b38f70 1365 cFYI(1, "empty server netbiosname specified");
a10faeb2
SF		 1366 } else {
1367 /* last byte, type, is 0x20 for servr type */
1397f2ee
JL		 1368 memset(vol->target_rfc1001_name, 0x20,
1369 RFC1001_NAME_LEN_WITH_NULL);
a10faeb2 1370
50c2f753 1371 for (i = 0; i < 15; i++) {
a10faeb2 1372 /* BB are there cases in which a comma can be
50c2f753
SF		 1373 valid in this workstation netbios name
1374 (and need special handling)? */
a10faeb2 1375
50c2f753
SF		 1376 /* user or mount helper must uppercase
1377 the netbiosname */
1378 if (value[i] == 0)
a10faeb2
SF		 1379 break;
1380 else
50c2f753
SF		 1381 vol->target_rfc1001_name[i] =
1382 value[i];
a10faeb2
SF		 1383 }
1384 /* The string has 16th byte zero still from
1385 set at top of the function */
1397f2ee 1386 if (i == RFC1001_NAME_LEN && value[i] != 0)
50c2f753
SF		 1387 printk(KERN_WARNING "CIFS: server net"
1388 "biosname longer than 15 truncated.\n");
1da177e4 1389 }
6d20e840
SJ		 1390 } else if (strnicmp(data, "actimeo", 7) == 0) {
1391 if (value && *value) {
1392 vol->actimeo = HZ * simple_strtoul(value,
1393 &value, 0);
1394 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1395 cERROR(1, "CIFS: attribute cache"
1396 "timeout too large");
b946845a 1397 goto cifs_parse_mount_err;
6d20e840
SJ		 1398 }
1399 }
1da177e4
LT		 1400 } else if (strnicmp(data, "credentials", 4) == 0) {
1401 /* ignore */
1402 } else if (strnicmp(data, "version", 3) == 0) {
1403 /* ignore */
50c2f753 1404 } else if (strnicmp(data, "guest", 5) == 0) {
1da177e4 1405 /* ignore */
c9c7fa00 1406 } else if (strnicmp(data, "rw", 2) == 0 && strlen(data) == 2) {
71a394fa
SF		 1407 /* ignore */
1408 } else if (strnicmp(data, "ro", 2) == 0) {
1409 /* ignore */
edf1ae40
SF		 1410 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1411 vol->noblocksnd = 1;
1412 } else if (strnicmp(data, "noautotune", 10) == 0) {
1413 vol->noautotune = 1;
1da177e4
LT		 1414 } else if ((strnicmp(data, "suid", 4) == 0) ||
1415 (strnicmp(data, "nosuid", 6) == 0) ||
1416 (strnicmp(data, "exec", 4) == 0) ||
1417 (strnicmp(data, "noexec", 6) == 0) ||
1418 (strnicmp(data, "nodev", 5) == 0) ||
1419 (strnicmp(data, "noauto", 6) == 0) ||
1420 (strnicmp(data, "dev", 3) == 0)) {
1421 /* The mount tool or mount.cifs helper (if present)
50c2f753
SF		 1422 uses these opts to set flags, and the flags are read
1423 by the kernel vfs layer before we get here (ie
1424 before read super) so there is no point trying to
1425 parse these options again and set anything and it
1426 is ok to just ignore them */
1da177e4 1427 continue;
1da177e4
LT		 1428 } else if (strnicmp(data, "hard", 4) == 0) {
1429 vol->retry = 1;
1430 } else if (strnicmp(data, "soft", 4) == 0) {
1431 vol->retry = 0;
1432 } else if (strnicmp(data, "perm", 4) == 0) {
1433 vol->noperm = 0;
1434 } else if (strnicmp(data, "noperm", 6) == 0) {
1435 vol->noperm = 1;
6a0b4824
SF		 1436 } else if (strnicmp(data, "mapchars", 8) == 0) {
1437 vol->remap = 1;
1438 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1439 vol->remap = 0;
50c2f753
SF		 1440 } else if (strnicmp(data, "sfu", 3) == 0) {
1441 vol->sfu_emul = 1;
1442 } else if (strnicmp(data, "nosfu", 5) == 0) {
1443 vol->sfu_emul = 0;
2c1b8615
SF		 1444 } else if (strnicmp(data, "nodfs", 5) == 0) {
1445 vol->nodfs = 1;
ac67055e
JA		 1446 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1447 vol->posix_paths = 1;
1448 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1449 vol->posix_paths = 0;
c18c842b
SF		 1450 } else if (strnicmp(data, "nounix", 6) == 0) {
1451 vol->no_linux_ext = 1;
1452 } else if (strnicmp(data, "nolinux", 7) == 0) {
1453 vol->no_linux_ext = 1;
50c2f753 1454 } else if ((strnicmp(data, "nocase", 6) == 0) ||
a10faeb2 1455 (strnicmp(data, "ignorecase", 10) == 0)) {
50c2f753 1456 vol->nocase = 1;
f636a348
JL		 1457 } else if (strnicmp(data, "mand", 4) == 0) {
1458 /* ignore */
1459 } else if (strnicmp(data, "nomand", 6) == 0) {
1460 /* ignore */
1461 } else if (strnicmp(data, "_netdev", 7) == 0) {
1462 /* ignore */
c46fa8ac
SF		 1463 } else if (strnicmp(data, "brl", 3) == 0) {
1464 vol->nobrl = 0;
50c2f753 1465 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1c955187 1466 (strnicmp(data, "nolock", 6) == 0)) {
c46fa8ac 1467 vol->nobrl = 1;
d3485d37
SF		 1468 /* turn off mandatory locking in mode
1469 if remote locking is turned off since the
1470 local vfs will do advisory */
50c2f753
SF		 1471 if (vol->file_mode ==
1472 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
d3485d37 1473 vol->file_mode = S_IALLUGO;
13a6e42a
SF		 1474 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1475 /* will take the shorter form "forcemand" as well */
1476 /* This mount option will force use of mandatory
1477 (DOS/Windows style) byte range locks, instead of
1478 using posix advisory byte range locks, even if the
1479 Unix extensions are available and posix locks would
1480 be supported otherwise. If Unix extensions are not
1481 negotiated this has no effect since mandatory locks
1482 would be used (mandatory locks is all that those
1483 those servers support) */
1484 vol->mand_lock = 1;
1da177e4
LT		 1485 } else if (strnicmp(data, "setuids", 7) == 0) {
1486 vol->setuids = 1;
1487 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1488 vol->setuids = 0;
d0a9c078
JL		 1489 } else if (strnicmp(data, "dynperm", 7) == 0) {
1490 vol->dynperm = true;
1491 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1492 vol->dynperm = false;
1da177e4
LT		 1493 } else if (strnicmp(data, "nohard", 6) == 0) {
1494 vol->retry = 0;
1495 } else if (strnicmp(data, "nosoft", 6) == 0) {
1496 vol->retry = 1;
1497 } else if (strnicmp(data, "nointr", 6) == 0) {
1498 vol->intr = 0;
1499 } else if (strnicmp(data, "intr", 4) == 0) {
1500 vol->intr = 1;
be652445
SF		 1501 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1502 vol->nostrictsync = 1;
1503 } else if (strnicmp(data, "strictsync", 10) == 0) {
1504 vol->nostrictsync = 0;
50c2f753 1505 } else if (strnicmp(data, "serverino", 7) == 0) {
1da177e4 1506 vol->server_ino = 1;
50c2f753 1507 } else if (strnicmp(data, "noserverino", 9) == 0) {
1da177e4 1508 vol->server_ino = 0;
c9c7fa00 1509 } else if (strnicmp(data, "rwpidforward", 12) == 0) {
d4ffff1f 1510 vol->rwpidforward = 1;
50c2f753 1511 } else if (strnicmp(data, "cifsacl", 7) == 0) {
0a4b92c0
SF		 1512 vol->cifs_acl = 1;
1513 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1514 vol->cifs_acl = 0;
50c2f753 1515 } else if (strnicmp(data, "acl", 3) == 0) {
1da177e4 1516 vol->no_psx_acl = 0;
50c2f753 1517 } else if (strnicmp(data, "noacl", 5) == 0) {
1da177e4 1518 vol->no_psx_acl = 1;
84210e91
SF		 1519 } else if (strnicmp(data, "locallease", 6) == 0) {
1520 vol->local_lease = 1;
50c2f753 1521 } else if (strnicmp(data, "sign", 4) == 0) {
750d1151 1522 vol->secFlg |= CIFSSEC_MUST_SIGN;
95b1cb90
SF		 1523 } else if (strnicmp(data, "seal", 4) == 0) {
1524 /* we do not do the following in secFlags because seal
1525 is a per tree connection (mount) not a per socket
1526 or per-smb connection option in the protocol */
1527 /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1528 vol->seal = 1;
50c2f753 1529 } else if (strnicmp(data, "direct", 6) == 0) {
1da177e4 1530 vol->direct_io = 1;
50c2f753 1531 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1da177e4 1532 vol->direct_io = 1;
d39454ff
PS		 1533 } else if (strnicmp(data, "strictcache", 11) == 0) {
1534 vol->strict_io = 1;
1da177e4 1535 } else if (strnicmp(data, "noac", 4) == 0) {
50c2f753
SF		 1536 printk(KERN_WARNING "CIFS: Mount option noac not "
1537 "supported. Instead set "
1538 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
fa1df75d 1539 } else if (strnicmp(data, "fsc", 3) == 0) {
607a569d 1540#ifndef CONFIG_CIFS_FSCACHE
83fb086e 1541 cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
607a569d 1542 "kernel config option set");
b946845a 1543 goto cifs_parse_mount_err;
607a569d 1544#endif
fa1df75d 1545 vol->fsc = true;
736a3320
SM		 1546 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1547 vol->mfsymlinks = true;
0eb8a132
JL		 1548 } else if (strnicmp(data, "multiuser", 8) == 0) {
1549 vol->multiuser = true;
3d3ea8e6
SP		 1550 } else if (!strnicmp(data, "backupuid", 9) && value && *value) {
1551 err = kstrtouint(value, 0, &vol->backupuid);
1552 if (err < 0) {
1553 cERROR(1, "%s: Invalid backupuid value",
1554 __func__);
1555 goto cifs_parse_mount_err;
1556 }
1557 vol->backupuid_specified = true;
1558 } else if (!strnicmp(data, "backupgid", 9) && value && *value) {
1559 err = kstrtouint(value, 0, &vol->backupgid);
1560 if (err < 0) {
1561 cERROR(1, "%s: Invalid backupgid value",
1562 __func__);
1563 goto cifs_parse_mount_err;
1564 }
1565 vol->backupgid_specified = true;
1da177e4 1566 } else
50c2f753
SF		 1567 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1568 data);
1da177e4
LT		 1569 }
1570 if (vol->UNC == NULL) {
4523cc30 1571 if (devname == NULL) {
50c2f753
SF		 1572 printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1573 "target\n");
b946845a 1574 goto cifs_parse_mount_err;
1da177e4
LT		 1575 }
1576 if ((temp_len = strnlen(devname, 300)) < 300) {
50c2f753 1577 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
4523cc30 1578 if (vol->UNC == NULL)
b946845a 1579 goto cifs_parse_mount_err;
50c2f753 1580 strcpy(vol->UNC, devname);
1da177e4
LT		 1581 if (strncmp(vol->UNC, "//", 2) == 0) {
1582 vol->UNC[0] = '\\';
1583 vol->UNC[1] = '\\';
1584 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
50c2f753
SF		 1585 printk(KERN_WARNING "CIFS: UNC Path does not "
1586 "begin with // or \\\\ \n");
b946845a 1587 goto cifs_parse_mount_err;
1da177e4 1588 }
7c5e628f
IM		 1589 value = strpbrk(vol->UNC+2, "/\\");
1590 if (value)
1591 *value = '\\';
1da177e4
LT		 1592 } else {
1593 printk(KERN_WARNING "CIFS: UNC name too long\n");
b946845a 1594 goto cifs_parse_mount_err;
1da177e4
LT		 1595 }
1596 }
0eb8a132 1597
8a8798a5
JL		 1598#ifndef CONFIG_KEYS
1599 /* Muliuser mounts require CONFIG_KEYS support */
1600 if (vol->multiuser) {
1601 cERROR(1, "Multiuser mounts require kernels with "
1602 "CONFIG_KEYS enabled.");
b946845a 1603 goto cifs_parse_mount_err;
0eb8a132 1604 }
8a8798a5 1605#endif
0eb8a132 1606
fb8c4b14 1607 if (vol->UNCip == NULL)
1da177e4
LT		 1608 vol->UNCip = &vol->UNC[2];
1609
9b9d6b24
JL		 1610 if (uid_specified)
1611 vol->override_uid = override_uid;
1612 else if (override_uid == 1)
1613 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1614 "specified with no uid= option.\n");
1615
1616 if (gid_specified)
1617 vol->override_gid = override_gid;
1618 else if (override_gid == 1)
1619 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1620 "specified with no gid= option.\n");
1621
b946845a 1622 kfree(mountdata_copy);
1da177e4 1623 return 0;
b946845a
SF		 1624
1625cifs_parse_mount_err:
1626 kfree(mountdata_copy);
1627 return 1;
1da177e4
LT		 1628}
1629
3eb9a889
BG		 1630/** Returns true if srcaddr isn't specified and rhs isn't
1631 * specified, or if srcaddr is specified and
1632 * matches the IP address of the rhs argument.
1633 */
1634static bool
1635srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1636{
1637 switch (srcaddr->sa_family) {
1638 case AF_UNSPEC:
1639 return (rhs->sa_family == AF_UNSPEC);
1640 case AF_INET: {
1641 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1642 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1643 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1644 }
1645 case AF_INET6: {
1646 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1647 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1648 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1649 }
1650 default:
1651 WARN_ON(1);
1652 return false; /* don't expect to be here */
1653 }
1654}
1655
4b886136
PS		 1656/*
1657 * If no port is specified in addr structure, we try to match with 445 port
1658 * and if it fails - with 139 ports. It should be called only if address
1659 * families of server and addr are equal.
1660 */
1661static bool
1662match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1663{
6da97910 1664 __be16 port, *sport;
4b886136
PS		 1665
1666 switch (addr->sa_family) {
1667 case AF_INET:
1668 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1669 port = ((struct sockaddr_in *) addr)->sin_port;
1670 break;
1671 case AF_INET6:
1672 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1673 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1674 break;
1675 default:
1676 WARN_ON(1);
1677 return false;
1678 }
1679
1680 if (!port) {
1681 port = htons(CIFS_PORT);
1682 if (port == *sport)
1683 return true;
1684
1685 port = htons(RFC1001_PORT);
1686 }
1687
1688 return port == *sport;
1689}
3eb9a889 1690
4515148e 1691static bool
3eb9a889
BG		 1692match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1693 struct sockaddr *srcaddr)
4515148e 1694{
4515148e 1695 switch (addr->sa_family) {
a9f1b85e
PS		 1696 case AF_INET: {
1697 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1698 struct sockaddr_in *srv_addr4 =
1699 (struct sockaddr_in *)&server->dstaddr;
1700
1701 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
4515148e 1702 return false;
4515148e 1703 break;
a9f1b85e
PS		 1704 }
1705 case AF_INET6: {
1706 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1707 struct sockaddr_in6 *srv_addr6 =
1708 (struct sockaddr_in6 *)&server->dstaddr;
1709
4515148e 1710 if (!ipv6_addr_equal(&addr6->sin6_addr,
a9f1b85e 1711 &srv_addr6->sin6_addr))
4515148e 1712 return false;
a9f1b85e 1713 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
4515148e 1714 return false;
4515148e
JL		 1715 break;
1716 }
a9f1b85e
PS		 1717 default:
1718 WARN_ON(1);
1719 return false; /* don't expect to be here */
1720 }
4515148e 1721
3eb9a889
BG		 1722 if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1723 return false;
1724
4515148e
JL		 1725 return true;
1726}
1727
daf5b0b6
JL		 1728static bool
1729match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1730{
1731 unsigned int secFlags;
1732
1733 if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1734 secFlags = vol->secFlg;
1735 else
1736 secFlags = global_secflags | vol->secFlg;
1737
1738 switch (server->secType) {
1739 case LANMAN:
1740 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1741 return false;
1742 break;
1743 case NTLMv2:
1744 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1745 return false;
1746 break;
1747 case NTLM:
1748 if (!(secFlags & CIFSSEC_MAY_NTLM))
1749 return false;
1750 break;
1751 case Kerberos:
1752 if (!(secFlags & CIFSSEC_MAY_KRB5))
1753 return false;
1754 break;
1755 case RawNTLMSSP:
1756 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1757 return false;
1758 break;
1759 default:
1760 /* shouldn't happen */
1761 return false;
1762 }
1763
25985edc 1764 /* now check if signing mode is acceptable */
daf5b0b6 1765 if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
96daf2b0 1766 (server->sec_mode & SECMODE_SIGN_REQUIRED))
daf5b0b6
JL		 1767 return false;
1768 else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
96daf2b0 1769 (server->sec_mode &
daf5b0b6
JL		 1770 (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1771 return false;
1772
1773 return true;
1774}
1775
37bb04e5
PS		 1776static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
1777 struct smb_vol *vol)
1778{
1779 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1780 return 0;
1781
1782 if (!match_address(server, addr,
1783 (struct sockaddr *)&vol->srcaddr))
1784 return 0;
1785
1786 if (!match_port(server, addr))
1787 return 0;
1788
1789 if (!match_security(server, vol))
1790 return 0;
1791
1792 return 1;
1793}
1794
e7ddee90 1795static struct TCP_Server_Info *
daf5b0b6 1796cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1da177e4 1797{
e7ddee90 1798 struct TCP_Server_Info *server;
e7ddee90 1799
3f9bcca7 1800 spin_lock(&cifs_tcp_ses_lock);
4515148e 1801 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
37bb04e5 1802 if (!match_server(server, addr, vol))
daf5b0b6
JL		 1803 continue;
1804
e7ddee90 1805 ++server->srv_count;
3f9bcca7 1806 spin_unlock(&cifs_tcp_ses_lock);
b6b38f70 1807 cFYI(1, "Existing tcp session with server found");
e7ddee90 1808 return server;
1da177e4 1809 }
3f9bcca7 1810 spin_unlock(&cifs_tcp_ses_lock);
1da177e4
LT		 1811 return NULL;
1812}
1b20d672 1813
14fbf50d 1814static void
e7ddee90 1815cifs_put_tcp_session(struct TCP_Server_Info *server)
1da177e4 1816{
e7ddee90 1817 struct task_struct *task;
1b20d672 1818
3f9bcca7 1819 spin_lock(&cifs_tcp_ses_lock);
e7ddee90 1820 if (--server->srv_count > 0) {
3f9bcca7 1821 spin_unlock(&cifs_tcp_ses_lock);
e7ddee90 1822 return;
1da177e4 1823 }
1b20d672 1824
f1d0c998
RL		 1825 put_net(cifs_net_ns(server));
1826
e7ddee90 1827 list_del_init(&server->tcp_ses_list);
3f9bcca7 1828 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 1829
c74093b6
JL		 1830 cancel_delayed_work_sync(&server->echo);
1831
e7ddee90
JL		 1832 spin_lock(&GlobalMid_Lock);
1833 server->tcpStatus = CifsExiting;
1834 spin_unlock(&GlobalMid_Lock);
dea570e0 1835
d2b91521 1836 cifs_crypto_shash_release(server);
488f1d2d
SJ		 1837 cifs_fscache_release_client_cookie(server);
1838
21e73393
SP		 1839 kfree(server->session_key.response);
1840 server->session_key.response = NULL;
1841 server->session_key.len = 0;
1842
e7ddee90
JL		 1843 task = xchg(&server->tsk, NULL);
1844 if (task)
1845 force_sig(SIGKILL, task);
1da177e4
LT		 1846}
1847
63c038c2
JL		 1848static struct TCP_Server_Info *
1849cifs_get_tcp_session(struct smb_vol *volume_info)
1850{
1851 struct TCP_Server_Info *tcp_ses = NULL;
a9ac49d3 1852 struct sockaddr_storage addr;
63c038c2
JL		 1853 struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1854 struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1855 int rc;
1856
a9ac49d3 1857 memset(&addr, 0, sizeof(struct sockaddr_storage));
63c038c2 1858
b6b38f70 1859 cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
63c038c2 1860
1e68b2b2 1861 if (volume_info->UNCip && volume_info->UNC) {
50d97160
JL		 1862 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1863 volume_info->UNCip,
67b7626a 1864 strlen(volume_info->UNCip),
50d97160 1865 volume_info->port);
1e68b2b2 1866 if (!rc) {
63c038c2
JL		 1867 /* we failed translating address */
1868 rc = -EINVAL;
1869 goto out_err;
1870 }
63c038c2
JL		 1871 } else if (volume_info->UNCip) {
1872 /* BB using ip addr as tcp_ses name to connect to the
1873 DFS root below */
b6b38f70 1874 cERROR(1, "Connecting to DFS root not implemented yet");
63c038c2
JL		 1875 rc = -EINVAL;
1876 goto out_err;
1877 } else /* which tcp_sess DFS root would we conect to */ {
b6b38f70
JP		 1878 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1879 "unc=//192.168.1.100/public) specified");
63c038c2
JL		 1880 rc = -EINVAL;
1881 goto out_err;
1882 }
1883
1884 /* see if we already have a matching tcp_ses */
daf5b0b6 1885 tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
63c038c2
JL		 1886 if (tcp_ses)
1887 return tcp_ses;
1888
1889 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1890 if (!tcp_ses) {
1891 rc = -ENOMEM;
1892 goto out_err;
1893 }
1894
d2b91521
SP		 1895 rc = cifs_crypto_shash_allocate(tcp_ses);
1896 if (rc) {
1897 cERROR(1, "could not setup hash structures rc %d", rc);
1898 goto out_err;
1899 }
1900
f1d0c998 1901 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
63c038c2
JL		 1902 tcp_ses->hostname = extract_hostname(volume_info->UNC);
1903 if (IS_ERR(tcp_ses->hostname)) {
1904 rc = PTR_ERR(tcp_ses->hostname);
f7c5445a 1905 goto out_err_crypto_release;
63c038c2
JL		 1906 }
1907
1908 tcp_ses->noblocksnd = volume_info->noblocksnd;
1909 tcp_ses->noautotune = volume_info->noautotune;
6a5fa236 1910 tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
63c038c2
JL		 1911 atomic_set(&tcp_ses->inFlight, 0);
1912 init_waitqueue_head(&tcp_ses->response_q);
1913 init_waitqueue_head(&tcp_ses->request_q);
1914 INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1915 mutex_init(&tcp_ses->srv_mutex);
1916 memcpy(tcp_ses->workstation_RFC1001_name,
1917 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1918 memcpy(tcp_ses->server_RFC1001_name,
1919 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
5d0d2882 1920 tcp_ses->session_estab = false;
63c038c2 1921 tcp_ses->sequence_number = 0;
fda35943 1922 tcp_ses->lstrp = jiffies;
63c038c2
JL		 1923 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1924 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
c74093b6 1925 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
63c038c2
JL		 1926
1927 /*
1928 * at this point we are the only ones with the pointer
1929 * to the struct since the kernel thread not created yet
1930 * no need to spinlock this init of tcpStatus or srv_count
1931 */
1932 tcp_ses->tcpStatus = CifsNew;
3eb9a889
BG		 1933 memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1934 sizeof(tcp_ses->srcaddr));
63c038c2
JL		 1935 ++tcp_ses->srv_count;
1936
a9ac49d3 1937 if (addr.ss_family == AF_INET6) {
b6b38f70 1938 cFYI(1, "attempting ipv6 connect");
63c038c2
JL		 1939 /* BB should we allow ipv6 on port 139? */
1940 /* other OS never observed in Wild doing 139 with v6 */
a9f1b85e
PS		 1941 memcpy(&tcp_ses->dstaddr, sin_server6,
1942 sizeof(struct sockaddr_in6));
1943 } else
1944 memcpy(&tcp_ses->dstaddr, sin_server,
1945 sizeof(struct sockaddr_in));
1946
1947 rc = ip_connect(tcp_ses);
63c038c2 1948 if (rc < 0) {
b6b38f70 1949 cERROR(1, "Error connecting to socket. Aborting operation");
f7c5445a 1950 goto out_err_crypto_release;
63c038c2
JL		 1951 }
1952
1953 /*
1954 * since we're in a cifs function already, we know that
1955 * this will succeed. No need for try_module_get().
1956 */
1957 __module_get(THIS_MODULE);
7c97c200 1958 tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
63c038c2
JL		 1959 tcp_ses, "cifsd");
1960 if (IS_ERR(tcp_ses->tsk)) {
1961 rc = PTR_ERR(tcp_ses->tsk);
b6b38f70 1962 cERROR(1, "error %d create cifsd thread", rc);
63c038c2 1963 module_put(THIS_MODULE);
f7c5445a 1964 goto out_err_crypto_release;
63c038c2 1965 }
fd88ce93 1966 tcp_ses->tcpStatus = CifsNeedNegotiate;
63c038c2
JL		 1967
1968 /* thread spawned, put it on the list */
3f9bcca7 1969 spin_lock(&cifs_tcp_ses_lock);
63c038c2 1970 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
3f9bcca7 1971 spin_unlock(&cifs_tcp_ses_lock);
63c038c2 1972
488f1d2d
SJ		 1973 cifs_fscache_get_client_cookie(tcp_ses);
1974
c74093b6
JL		 1975 /* queue echo request delayed work */
1976 queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1977
63c038c2
JL		 1978 return tcp_ses;
1979
f7c5445a 1980out_err_crypto_release:
d2b91521
SP		 1981 cifs_crypto_shash_release(tcp_ses);
1982
f1d0c998
RL		 1983 put_net(cifs_net_ns(tcp_ses));
1984
63c038c2
JL		 1985out_err:
1986 if (tcp_ses) {
8347a5cd
SF		 1987 if (!IS_ERR(tcp_ses->hostname))
1988 kfree(tcp_ses->hostname);
63c038c2
JL		 1989 if (tcp_ses->ssocket)
1990 sock_release(tcp_ses->ssocket);
1991 kfree(tcp_ses);
1992 }
1993 return ERR_PTR(rc);
1994}
1995
96daf2b0 1996static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
37bb04e5
PS		 1997{
1998 switch (ses->server->secType) {
1999 case Kerberos:
2000 if (vol->cred_uid != ses->cred_uid)
2001 return 0;
2002 break;
2003 default:
04febabc
JL		 2004 /* NULL username means anonymous session */
2005 if (ses->user_name == NULL) {
2006 if (!vol->nullauth)
2007 return 0;
2008 break;
2009 }
2010
37bb04e5 2011 /* anything else takes username/password */
04febabc
JL		 2012 if (strncmp(ses->user_name,
2013 vol->username ? vol->username : "",
37bb04e5
PS		 2014 MAX_USERNAME_SIZE))
2015 return 0;
2016 if (strlen(vol->username) != 0 &&
2017 ses->password != NULL &&
2018 strncmp(ses->password,
2019 vol->password ? vol->password : "",
2020 MAX_PASSWORD_SIZE))
2021 return 0;
2022 }
2023 return 1;
2024}
2025
96daf2b0 2026static struct cifs_ses *
4ff67b72 2027cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
1da177e4 2028{
96daf2b0 2029 struct cifs_ses *ses;
dea570e0 2030
3f9bcca7 2031 spin_lock(&cifs_tcp_ses_lock);
4ff67b72 2032 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
37bb04e5
PS		 2033 if (!match_session(ses, vol))
2034 continue;
14fbf50d 2035 ++ses->ses_count;
3f9bcca7 2036 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2037 return ses;
2038 }
3f9bcca7 2039 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2040 return NULL;
2041}
dea570e0 2042
14fbf50d 2043static void
96daf2b0 2044cifs_put_smb_ses(struct cifs_ses *ses)
14fbf50d
JL		 2045{
2046 int xid;
2047 struct TCP_Server_Info *server = ses->server;
dea570e0 2048
36988c76 2049 cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
3f9bcca7 2050 spin_lock(&cifs_tcp_ses_lock);
14fbf50d 2051 if (--ses->ses_count > 0) {
3f9bcca7 2052 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2053 return;
2054 }
dea570e0 2055
14fbf50d 2056 list_del_init(&ses->smb_ses_list);
3f9bcca7 2057 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 2058
14fbf50d
JL		 2059 if (ses->status == CifsGood) {
2060 xid = GetXid();
2061 CIFSSMBLogoff(xid, ses);
2062 _FreeXid(xid);
2063 }
2064 sesInfoFree(ses);
2065 cifs_put_tcp_session(server);
2066}
dea570e0 2067
8a8798a5
JL		 2068#ifdef CONFIG_KEYS
2069
2070/* strlen("cifs:a:") + INET6_ADDRSTRLEN + 1 */
2071#define CIFSCREDS_DESC_SIZE (7 + INET6_ADDRSTRLEN + 1)
2072
2073/* Populate username and pw fields from keyring if possible */
2074static int
2075cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
2076{
2077 int rc = 0;
2078 char *desc, *delim, *payload;
2079 ssize_t len;
2080 struct key *key;
2081 struct TCP_Server_Info *server = ses->server;
2082 struct sockaddr_in *sa;
2083 struct sockaddr_in6 *sa6;
2084 struct user_key_payload *upayload;
2085
2086 desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
2087 if (!desc)
2088 return -ENOMEM;
2089
2090 /* try to find an address key first */
2091 switch (server->dstaddr.ss_family) {
2092 case AF_INET:
2093 sa = (struct sockaddr_in *)&server->dstaddr;
2094 sprintf(desc, "cifs:a:%pI4", &sa->sin_addr.s_addr);
2095 break;
2096 case AF_INET6:
2097 sa6 = (struct sockaddr_in6 *)&server->dstaddr;
2098 sprintf(desc, "cifs:a:%pI6c", &sa6->sin6_addr.s6_addr);
2099 break;
2100 default:
2101 cFYI(1, "Bad ss_family (%hu)", server->dstaddr.ss_family);
2102 rc = -EINVAL;
2103 goto out_err;
2104 }
2105
2106 cFYI(1, "%s: desc=%s", __func__, desc);
2107 key = request_key(&key_type_logon, desc, "");
2108 if (IS_ERR(key)) {
2109 if (!ses->domainName) {
2110 cFYI(1, "domainName is NULL");
2111 rc = PTR_ERR(key);
2112 goto out_err;
2113 }
2114
2115 /* didn't work, try to find a domain key */
2116 sprintf(desc, "cifs:d:%s", ses->domainName);
2117 cFYI(1, "%s: desc=%s", __func__, desc);
2118 key = request_key(&key_type_logon, desc, "");
2119 if (IS_ERR(key)) {
2120 rc = PTR_ERR(key);
2121 goto out_err;
2122 }
2123 }
2124
2125 down_read(&key->sem);
2126 upayload = key->payload.data;
2127 if (IS_ERR_OR_NULL(upayload)) {
2128 rc = PTR_ERR(key);
2129 goto out_key_put;
2130 }
2131
2132 /* find first : in payload */
2133 payload = (char *)upayload->data;
2134 delim = strnchr(payload, upayload->datalen, ':');
2135 cFYI(1, "payload=%s", payload);
2136 if (!delim) {
2137 cFYI(1, "Unable to find ':' in payload (datalen=%d)",
2138 upayload->datalen);
2139 rc = -EINVAL;
2140 goto out_key_put;
2141 }
2142
2143 len = delim - payload;
2144 if (len > MAX_USERNAME_SIZE || len <= 0) {
2145 cFYI(1, "Bad value from username search (len=%ld)", len);
2146 rc = -EINVAL;
2147 goto out_key_put;
2148 }
2149
2150 vol->username = kstrndup(payload, len, GFP_KERNEL);
2151 if (!vol->username) {
2152 cFYI(1, "Unable to allocate %ld bytes for username", len);
2153 rc = -ENOMEM;
2154 goto out_key_put;
2155 }
2156 cFYI(1, "%s: username=%s", __func__, vol->username);
2157
2158 len = key->datalen - (len + 1);
2159 if (len > MAX_PASSWORD_SIZE || len <= 0) {
2160 cFYI(1, "Bad len for password search (len=%ld)", len);
2161 rc = -EINVAL;
2162 kfree(vol->username);
2163 vol->username = NULL;
2164 goto out_key_put;
2165 }
2166
2167 ++delim;
2168 vol->password = kstrndup(delim, len, GFP_KERNEL);
2169 if (!vol->password) {
2170 cFYI(1, "Unable to allocate %ld bytes for password", len);
2171 rc = -ENOMEM;
2172 kfree(vol->username);
2173 vol->username = NULL;
2174 goto out_key_put;
2175 }
2176
2177out_key_put:
2178 up_read(&key->sem);
2179 key_put(key);
2180out_err:
2181 kfree(desc);
2182 cFYI(1, "%s: returning %d", __func__, rc);
2183 return rc;
2184}
2185#else /* ! CONFIG_KEYS */
2186static inline int
2187cifs_set_cifscreds(struct smb_vol *vol __attribute__((unused)),
2188 struct cifs_ses *ses __attribute__((unused)))
2189{
2190 return -ENOSYS;
2191}
2192#endif /* CONFIG_KEYS */
2193
d9b94201
SF		 2194static bool warned_on_ntlm; /* globals init to false automatically */
2195
96daf2b0 2196static struct cifs_ses *
36988c76
JL		 2197cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2198{
2199 int rc = -ENOMEM, xid;
96daf2b0 2200 struct cifs_ses *ses;
a9f1b85e
PS		 2201 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2202 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
36988c76
JL		 2203
2204 xid = GetXid();
2205
4ff67b72 2206 ses = cifs_find_smb_ses(server, volume_info);
36988c76
JL		 2207 if (ses) {
2208 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
2209
36988c76 2210 mutex_lock(&ses->session_mutex);
198b5682
JL		 2211 rc = cifs_negotiate_protocol(xid, ses);
2212 if (rc) {
2213 mutex_unlock(&ses->session_mutex);
2214 /* problem -- put our ses reference */
2215 cifs_put_smb_ses(ses);
2216 FreeXid(xid);
2217 return ERR_PTR(rc);
2218 }
36988c76
JL		 2219 if (ses->need_reconnect) {
2220 cFYI(1, "Session needs reconnect");
2221 rc = cifs_setup_session(xid, ses,
2222 volume_info->local_nls);
2223 if (rc) {
2224 mutex_unlock(&ses->session_mutex);
2225 /* problem -- put our reference */
2226 cifs_put_smb_ses(ses);
2227 FreeXid(xid);
2228 return ERR_PTR(rc);
2229 }
2230 }
2231 mutex_unlock(&ses->session_mutex);
460cf341
JL		 2232
2233 /* existing SMB ses has a server reference already */
2234 cifs_put_tcp_session(server);
36988c76
JL		 2235 FreeXid(xid);
2236 return ses;
2237 }
2238
2239 cFYI(1, "Existing smb sess not found");
2240 ses = sesInfoAlloc();
2241 if (ses == NULL)
2242 goto get_ses_fail;
2243
2244 /* new SMB session uses our server ref */
2245 ses->server = server;
a9f1b85e
PS		 2246 if (server->dstaddr.ss_family == AF_INET6)
2247 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
36988c76 2248 else
a9f1b85e 2249 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
36988c76 2250
8727c8a8
SF		 2251 if (volume_info->username) {
2252 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2253 if (!ses->user_name)
2254 goto get_ses_fail;
2255 }
36988c76
JL		 2256
2257 /* volume_info->password freed at unmount */
2258 if (volume_info->password) {
2259 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2260 if (!ses->password)
2261 goto get_ses_fail;
2262 }
2263 if (volume_info->domainname) {
d3686d54
SP		 2264 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2265 if (!ses->domainName)
2266 goto get_ses_fail;
36988c76 2267 }
3e4b3e1f 2268 ses->cred_uid = volume_info->cred_uid;
36988c76 2269 ses->linux_uid = volume_info->linux_uid;
d9b94201
SF		 2270
2271 /* ntlmv2 is much stronger than ntlm security, and has been broadly
2272 supported for many years, time to update default security mechanism */
2273 if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2274 warned_on_ntlm = true;
2275 cERROR(1, "default security mechanism requested. The default "
2276 "security mechanism will be upgraded from ntlm to "
225de11e 2277 "ntlmv2 in kernel release 3.3");
d9b94201 2278 }
36988c76
JL		 2279 ses->overrideSecFlg = volume_info->secFlg;
2280
2281 mutex_lock(&ses->session_mutex);
198b5682
JL		 2282 rc = cifs_negotiate_protocol(xid, ses);
2283 if (!rc)
2284 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
36988c76 2285 mutex_unlock(&ses->session_mutex);
c8e56f1f 2286 if (rc)
36988c76
JL		 2287 goto get_ses_fail;
2288
2289 /* success, put it on the list */
3f9bcca7 2290 spin_lock(&cifs_tcp_ses_lock);
36988c76 2291 list_add(&ses->smb_ses_list, &server->smb_ses_list);
3f9bcca7 2292 spin_unlock(&cifs_tcp_ses_lock);
36988c76
JL		 2293
2294 FreeXid(xid);
2295 return ses;
2296
2297get_ses_fail:
2298 sesInfoFree(ses);
2299 FreeXid(xid);
2300 return ERR_PTR(rc);
2301}
2302
96daf2b0 2303static int match_tcon(struct cifs_tcon *tcon, const char *unc)
37bb04e5
PS		 2304{
2305 if (tcon->tidStatus == CifsExiting)
2306 return 0;
2307 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2308 return 0;
2309 return 1;
2310}
2311
96daf2b0
SF		 2312static struct cifs_tcon *
2313cifs_find_tcon(struct cifs_ses *ses, const char *unc)
f1987b44
JL		 2314{
2315 struct list_head *tmp;
96daf2b0 2316 struct cifs_tcon *tcon;
f1987b44 2317
3f9bcca7 2318 spin_lock(&cifs_tcp_ses_lock);
f1987b44 2319 list_for_each(tmp, &ses->tcon_list) {
96daf2b0 2320 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
37bb04e5 2321 if (!match_tcon(tcon, unc))
f1987b44 2322 continue;
f1987b44 2323 ++tcon->tc_count;
3f9bcca7 2324 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 2325 return tcon;
1da177e4 2326 }
3f9bcca7 2327 spin_unlock(&cifs_tcp_ses_lock);
1da177e4
LT		 2328 return NULL;
2329}
2330
f1987b44 2331static void
96daf2b0 2332cifs_put_tcon(struct cifs_tcon *tcon)
f1987b44
JL		 2333{
2334 int xid;
96daf2b0 2335 struct cifs_ses *ses = tcon->ses;
f1987b44 2336
d00c28de 2337 cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
3f9bcca7 2338 spin_lock(&cifs_tcp_ses_lock);
f1987b44 2339 if (--tcon->tc_count > 0) {
3f9bcca7 2340 spin_unlock(&cifs_tcp_ses_lock);
f1987b44
JL		 2341 return;
2342 }
2343
2344 list_del_init(&tcon->tcon_list);
3f9bcca7 2345 spin_unlock(&cifs_tcp_ses_lock);
f1987b44
JL		 2346
2347 xid = GetXid();
2348 CIFSSMBTDis(xid, tcon);
2349 _FreeXid(xid);
2350
d03382ce 2351 cifs_fscache_release_super_cookie(tcon);
9f841593 2352 tconInfoFree(tcon);
f1987b44
JL		 2353 cifs_put_smb_ses(ses);
2354}
2355
96daf2b0
SF		 2356static struct cifs_tcon *
2357cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
d00c28de
JL		 2358{
2359 int rc, xid;
96daf2b0 2360 struct cifs_tcon *tcon;
d00c28de
JL		 2361
2362 tcon = cifs_find_tcon(ses, volume_info->UNC);
2363 if (tcon) {
2364 cFYI(1, "Found match on UNC path");
2365 /* existing tcon already has a reference */
2366 cifs_put_smb_ses(ses);
2367 if (tcon->seal != volume_info->seal)
2368 cERROR(1, "transport encryption setting "
2369 "conflicts with existing tid");
2370 return tcon;
2371 }
2372
2373 tcon = tconInfoAlloc();
2374 if (tcon == NULL) {
2375 rc = -ENOMEM;
2376 goto out_fail;
2377 }
2378
2379 tcon->ses = ses;
2380 if (volume_info->password) {
2381 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2382 if (!tcon->password) {
2383 rc = -ENOMEM;
2384 goto out_fail;
2385 }
2386 }
2387
2388 if (strchr(volume_info->UNC + 3, '\\') == NULL
2389 && strchr(volume_info->UNC + 3, '/') == NULL) {
2390 cERROR(1, "Missing share name");
2391 rc = -ENODEV;
2392 goto out_fail;
2393 }
2394
2395 /* BB Do we need to wrap session_mutex around
2396 * this TCon call and Unix SetFS as
2397 * we do on SessSetup and reconnect? */
2398 xid = GetXid();
2399 rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2400 FreeXid(xid);
2401 cFYI(1, "CIFS Tcon rc = %d", rc);
2402 if (rc)
2403 goto out_fail;
2404
2405 if (volume_info->nodfs) {
2406 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2407 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2408 }
2409 tcon->seal = volume_info->seal;
2410 /* we can have only one retry value for a connection
2411 to a share so for resources mounted more than once
2412 to the same server share the last value passed in
2413 for the retry flag is used */
2414 tcon->retry = volume_info->retry;
2415 tcon->nocase = volume_info->nocase;
2416 tcon->local_lease = volume_info->local_lease;
2417
3f9bcca7 2418 spin_lock(&cifs_tcp_ses_lock);
d00c28de 2419 list_add(&tcon->tcon_list, &ses->tcon_list);
3f9bcca7 2420 spin_unlock(&cifs_tcp_ses_lock);
d00c28de 2421
d03382ce
SJ		 2422 cifs_fscache_get_super_cookie(tcon);
2423
d00c28de
JL		 2424 return tcon;
2425
2426out_fail:
2427 tconInfoFree(tcon);
2428 return ERR_PTR(rc);
2429}
2430
9d002df4
JL		 2431void
2432cifs_put_tlink(struct tcon_link *tlink)
2433{
2434 if (!tlink || IS_ERR(tlink))
2435 return;
2436
2437 if (!atomic_dec_and_test(&tlink->tl_count) ||
2438 test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2439 tlink->tl_time = jiffies;
2440 return;
2441 }
2442
2443 if (!IS_ERR(tlink_tcon(tlink)))
2444 cifs_put_tcon(tlink_tcon(tlink));
2445 kfree(tlink);
2446 return;
2447}
d00c28de 2448
25c7f41e 2449static inline struct tcon_link *
cd51875d
PS		 2450cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2451{
2452 return cifs_sb->master_tlink;
2453}
25c7f41e
PS		 2454
2455static int
2456compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2457{
2458 struct cifs_sb_info *old = CIFS_SB(sb);
2459 struct cifs_sb_info *new = mnt_data->cifs_sb;
2460
2461 if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2462 return 0;
2463
2464 if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2465 (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2466 return 0;
2467
25c7f41e 2468 /*
5eba8ab3
JL		 2469 * We want to share sb only if we don't specify an r/wsize or
2470 * specified r/wsize is greater than or equal to existing one.
25c7f41e
PS		 2471 */
2472 if (new->wsize && new->wsize < old->wsize)
2473 return 0;
2474
5eba8ab3
JL		 2475 if (new->rsize && new->rsize < old->rsize)
2476 return 0;
2477
25c7f41e
PS		 2478 if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2479 return 0;
2480
2481 if (old->mnt_file_mode != new->mnt_file_mode ||
2482 old->mnt_dir_mode != new->mnt_dir_mode)
2483 return 0;
2484
2485 if (strcmp(old->local_nls->charset, new->local_nls->charset))
2486 return 0;
2487
2488 if (old->actimeo != new->actimeo)
2489 return 0;
2490
2491 return 1;
2492}
2493
2494int
2495cifs_match_super(struct super_block *sb, void *data)
2496{
2497 struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2498 struct smb_vol *volume_info;
2499 struct cifs_sb_info *cifs_sb;
2500 struct TCP_Server_Info *tcp_srv;
96daf2b0
SF		 2501 struct cifs_ses *ses;
2502 struct cifs_tcon *tcon;
25c7f41e
PS		 2503 struct tcon_link *tlink;
2504 struct sockaddr_storage addr;
2505 int rc = 0;
2506
2507 memset(&addr, 0, sizeof(struct sockaddr_storage));
2508
2509 spin_lock(&cifs_tcp_ses_lock);
2510 cifs_sb = CIFS_SB(sb);
2511 tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2512 if (IS_ERR(tlink)) {
2513 spin_unlock(&cifs_tcp_ses_lock);
2514 return rc;
2515 }
2516 tcon = tlink_tcon(tlink);
2517 ses = tcon->ses;
2518 tcp_srv = ses->server;
2519
2520 volume_info = mnt_data->vol;
2521
2522 if (!volume_info->UNCip || !volume_info->UNC)
2523 goto out;
2524
2525 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2526 volume_info->UNCip,
2527 strlen(volume_info->UNCip),
2528 volume_info->port);
2529 if (!rc)
2530 goto out;
2531
2532 if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2533 !match_session(ses, volume_info) ||
2534 !match_tcon(tcon, volume_info->UNC)) {
2535 rc = 0;
2536 goto out;
2537 }
2538
2539 rc = compare_mount_options(sb, mnt_data);
2540out:
25c7f41e 2541 spin_unlock(&cifs_tcp_ses_lock);
f484b5d0 2542 cifs_put_tlink(tlink);
25c7f41e
PS		 2543 return rc;
2544}
2545
1da177e4 2546int
96daf2b0 2547get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
50c2f753 2548 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
366781c1 2549 struct dfs_info3_param **preferrals, int remap)
1da177e4
LT		 2550{
2551 char *temp_unc;
2552 int rc = 0;
2553
2554 *pnum_referrals = 0;
366781c1 2555 *preferrals = NULL;
1da177e4
LT		 2556
2557 if (pSesInfo->ipc_tid == 0) {
2558 temp_unc = kmalloc(2 /* for slashes */ +
50c2f753
SF		 2559 strnlen(pSesInfo->serverName,
2560 SERVER_NAME_LEN_WITH_NULL * 2)
1da177e4
LT		 2561 + 1 + 4 /* slash IPC$ */ + 2,
2562 GFP_KERNEL);
2563 if (temp_unc == NULL)
2564 return -ENOMEM;
2565 temp_unc[0] = '\\';
2566 temp_unc[1] = '\\';
2567 strcpy(temp_unc + 2, pSesInfo->serverName);
2568 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2569 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
b6b38f70 2570 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
1da177e4
LT		 2571 kfree(temp_unc);
2572 }
2573 if (rc == 0)
c2cf07d5 2574 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
737b758c 2575 pnum_referrals, nls_codepage, remap);
366781c1
SF		 2576 /* BB map targetUNCs to dfs_info3 structures, here or
2577 in CIFSGetDFSRefer BB */
1da177e4
LT		 2578
2579 return rc;
2580}
2581
09e50d55
JL		 2582#ifdef CONFIG_DEBUG_LOCK_ALLOC
2583static struct lock_class_key cifs_key[2];
2584static struct lock_class_key cifs_slock_key[2];
2585
2586static inline void
2587cifs_reclassify_socket4(struct socket *sock)
2588{
2589 struct sock *sk = sock->sk;
2590 BUG_ON(sock_owned_by_user(sk));
2591 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2592 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2593}
2594
2595static inline void
2596cifs_reclassify_socket6(struct socket *sock)
2597{
2598 struct sock *sk = sock->sk;
2599 BUG_ON(sock_owned_by_user(sk));
2600 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2601 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2602}
2603#else
2604static inline void
2605cifs_reclassify_socket4(struct socket *sock)
2606{
2607}
2608
2609static inline void
2610cifs_reclassify_socket6(struct socket *sock)
2611{
2612}
2613#endif
2614
1da177e4 2615/* See RFC1001 section 14 on representation of Netbios names */
50c2f753 2616static void rfc1002mangle(char *target, char *source, unsigned int length)
1da177e4 2617{
50c2f753 2618 unsigned int i, j;
1da177e4 2619
50c2f753 2620 for (i = 0, j = 0; i < (length); i++) {
1da177e4
LT		 2621 /* mask a nibble at a time and encode */
2622 target[j] = 'A' + (0x0F & (source[i] >> 4));
2623 target[j+1] = 'A' + (0x0F & source[i]);
50c2f753 2624 j += 2;
1da177e4
LT		 2625 }
2626
2627}
2628
3eb9a889
BG		 2629static int
2630bind_socket(struct TCP_Server_Info *server)
2631{
2632 int rc = 0;
2633 if (server->srcaddr.ss_family != AF_UNSPEC) {
2634 /* Bind to the specified local IP address */
2635 struct socket *socket = server->ssocket;
2636 rc = socket->ops->bind(socket,
2637 (struct sockaddr *) &server->srcaddr,
2638 sizeof(server->srcaddr));
2639 if (rc < 0) {
2640 struct sockaddr_in *saddr4;
2641 struct sockaddr_in6 *saddr6;
2642 saddr4 = (struct sockaddr_in *)&server->srcaddr;
2643 saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2644 if (saddr6->sin6_family == AF_INET6)
2645 cERROR(1, "cifs: "
2646 "Failed to bind to: %pI6c, error: %d\n",
2647 &saddr6->sin6_addr, rc);
2648 else
2649 cERROR(1, "cifs: "
2650 "Failed to bind to: %pI4, error: %d\n",
2651 &saddr4->sin_addr.s_addr, rc);
2652 }
2653 }
2654 return rc;
2655}
1da177e4
LT		 2656
2657static int
a9f1b85e 2658ip_rfc1001_connect(struct TCP_Server_Info *server)
1da177e4
LT		 2659{
2660 int rc = 0;
a9f1b85e
PS		 2661 /*
2662 * some servers require RFC1001 sessinit before sending
2663 * negprot - BB check reconnection in case where second
2664 * sessinit is sent but no second negprot
2665 */
2666 struct rfc1002_session_packet *ses_init_buf;
2667 struct smb_hdr *smb_buf;
2668 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2669 GFP_KERNEL);
2670 if (ses_init_buf) {
2671 ses_init_buf->trailer.session_req.called_len = 32;
2672
2673 if (server->server_RFC1001_name &&
2674 server->server_RFC1001_name[0] != 0)
2675 rfc1002mangle(ses_init_buf->trailer.
2676 session_req.called_name,
2677 server->server_RFC1001_name,
2678 RFC1001_NAME_LEN_WITH_NULL);
2679 else
2680 rfc1002mangle(ses_init_buf->trailer.
2681 session_req.called_name,
2682 DEFAULT_CIFS_CALLED_NAME,
2683 RFC1001_NAME_LEN_WITH_NULL);
2684
2685 ses_init_buf->trailer.session_req.calling_len = 32;
2686
2687 /*
2688 * calling name ends in null (byte 16) from old smb
2689 * convention.
2690 */
2691 if (server->workstation_RFC1001_name &&
2692 server->workstation_RFC1001_name[0] != 0)
2693 rfc1002mangle(ses_init_buf->trailer.
2694 session_req.calling_name,
2695 server->workstation_RFC1001_name,
2696 RFC1001_NAME_LEN_WITH_NULL);
2697 else
2698 rfc1002mangle(ses_init_buf->trailer.
2699 session_req.calling_name,
2700 "LINUX_CIFS_CLNT",
2701 RFC1001_NAME_LEN_WITH_NULL);
2702
2703 ses_init_buf->trailer.session_req.scope1 = 0;
2704 ses_init_buf->trailer.session_req.scope2 = 0;
2705 smb_buf = (struct smb_hdr *)ses_init_buf;
2706
2707 /* sizeof RFC1002_SESSION_REQUEST with no scope */
be8e3b00 2708 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
a9f1b85e
PS		 2709 rc = smb_send(server, smb_buf, 0x44);
2710 kfree(ses_init_buf);
2711 /*
2712 * RFC1001 layer in at least one server
2713 * requires very short break before negprot
2714 * presumably because not expecting negprot
2715 * to follow so fast. This is a simple
2716 * solution that works without
2717 * complicating the code and causes no
2718 * significant slowing down on mount
2719 * for everyone else
2720 */
2721 usleep_range(1000, 2000);
2722 }
2723 /*
2724 * else the negprot may still work without this
2725 * even though malloc failed
2726 */
2727
2728 return rc;
2729}
2730
2731static int
2732generic_ip_connect(struct TCP_Server_Info *server)
2733{
2734 int rc = 0;
6da97910 2735 __be16 sport;
a9f1b85e 2736 int slen, sfamily;
bcf4b106 2737 struct socket *socket = server->ssocket;
a9f1b85e
PS		 2738 struct sockaddr *saddr;
2739
2740 saddr = (struct sockaddr *) &server->dstaddr;
2741
2742 if (server->dstaddr.ss_family == AF_INET6) {
2743 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2744 slen = sizeof(struct sockaddr_in6);
2745 sfamily = AF_INET6;
2746 } else {
2747 sport = ((struct sockaddr_in *) saddr)->sin_port;
2748 slen = sizeof(struct sockaddr_in);
2749 sfamily = AF_INET;
2750 }
1da177e4 2751
bcf4b106 2752 if (socket == NULL) {
f1d0c998
RL		 2753 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2754 IPPROTO_TCP, &socket, 1);
1da177e4 2755 if (rc < 0) {
b6b38f70 2756 cERROR(1, "Error %d creating socket", rc);
a9f1b85e 2757 server->ssocket = NULL;
1da177e4 2758 return rc;
1da177e4 2759 }
bcf4b106
JL		 2760
2761 /* BB other socket options to set KEEPALIVE, NODELAY? */
b6b38f70 2762 cFYI(1, "Socket created");
bcf4b106
JL		 2763 server->ssocket = socket;
2764 socket->sk->sk_allocation = GFP_NOFS;
a9f1b85e
PS		 2765 if (sfamily == AF_INET6)
2766 cifs_reclassify_socket6(socket);
2767 else
2768 cifs_reclassify_socket4(socket);
1da177e4
LT		 2769 }
2770
3eb9a889
BG		 2771 rc = bind_socket(server);
2772 if (rc < 0)
2773 return rc;
2774
bcf4b106
JL		 2775 /*
2776 * Eventually check for other socket options to change from
a9f1b85e
PS		 2777 * the default. sock_setsockopt not used because it expects
2778 * user space buffer
bcf4b106
JL		 2779 */
2780 socket->sk->sk_rcvtimeo = 7 * HZ;
da505c38 2781 socket->sk->sk_sndtimeo = 5 * HZ;
edf1ae40 2782
b387eaeb 2783 /* make the bufsizes depend on wsize/rsize and max requests */
bcf4b106
JL		 2784 if (server->noautotune) {
2785 if (socket->sk->sk_sndbuf < (200 * 1024))
2786 socket->sk->sk_sndbuf = 200 * 1024;
2787 if (socket->sk->sk_rcvbuf < (140 * 1024))
2788 socket->sk->sk_rcvbuf = 140 * 1024;
edf1ae40 2789 }
1da177e4 2790
6a5fa236 2791 if (server->tcp_nodelay) {
a9f1b85e 2792 int val = 1;
6a5fa236
SF		 2793 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2794 (char *)&val, sizeof(val));
2795 if (rc)
b6b38f70 2796 cFYI(1, "set TCP_NODELAY socket option error %d", rc);
6a5fa236
SF		 2797 }
2798
b6b38f70 2799 cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
bcf4b106 2800 socket->sk->sk_sndbuf,
b6b38f70 2801 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
bcf4b106 2802
ee1b3ea9
JL		 2803 rc = socket->ops->connect(socket, saddr, slen, 0);
2804 if (rc < 0) {
2805 cFYI(1, "Error %d connecting to server", rc);
2806 sock_release(socket);
2807 server->ssocket = NULL;
2808 return rc;
2809 }
2810
a9f1b85e
PS		 2811 if (sport == htons(RFC1001_PORT))
2812 rc = ip_rfc1001_connect(server);
50c2f753 2813
1da177e4
LT		 2814 return rc;
2815}
2816
2817static int
a9f1b85e 2818ip_connect(struct TCP_Server_Info *server)
1da177e4 2819{
6da97910 2820 __be16 *sport;
a9f1b85e
PS		 2821 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2822 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
1da177e4 2823
a9f1b85e
PS		 2824 if (server->dstaddr.ss_family == AF_INET6)
2825 sport = &addr6->sin6_port;
2826 else
2827 sport = &addr->sin_port;
1da177e4 2828
a9f1b85e
PS		 2829 if (*sport == 0) {
2830 int rc;
1da177e4 2831
a9f1b85e
PS		 2832 /* try with 445 port at first */
2833 *sport = htons(CIFS_PORT);
3eb9a889 2834
a9f1b85e 2835 rc = generic_ip_connect(server);
1da177e4 2836 if (rc >= 0)
a9f1b85e 2837 return rc;
6a5fa236 2838
a9f1b85e
PS		 2839 /* if it failed, try with 139 port */
2840 *sport = htons(RFC1001_PORT);
6a5fa236
SF		 2841 }
2842
a9f1b85e 2843 return generic_ip_connect(server);
1da177e4
LT		 2844}
2845
96daf2b0 2846void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
2c6292ae 2847 struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
8af18971
SF		 2848{
2849 /* if we are reconnecting then should we check to see if
2850 * any requested capabilities changed locally e.g. via
2851 * remount but we can not do much about it here
2852 * if they have (even if we could detect it by the following)
2853 * Perhaps we could add a backpointer to array of sb from tcon
2854 * or if we change to make all sb to same share the same
2855 * sb as NFS - then we only have one backpointer to sb.
2856 * What if we wanted to mount the server share twice once with
2857 * and once without posixacls or posix paths? */
2858 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
50c2f753 2859
c18c842b
SF		 2860 if (vol_info && vol_info->no_linux_ext) {
2861 tcon->fsUnixInfo.Capability = 0;
2862 tcon->unix_ext = 0; /* Unix Extensions disabled */
b6b38f70 2863 cFYI(1, "Linux protocol extensions disabled");
c18c842b
SF		 2864 return;
2865 } else if (vol_info)
2866 tcon->unix_ext = 1; /* Unix Extensions supported */
2867
2868 if (tcon->unix_ext == 0) {
b6b38f70 2869 cFYI(1, "Unix extensions disabled so not set on reconnect");
c18c842b
SF		 2870 return;
2871 }
50c2f753 2872
fb8c4b14 2873 if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
8af18971 2874 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
6848b733 2875 cFYI(1, "unix caps which server supports %lld", cap);
8af18971
SF		 2876 /* check for reconnect case in which we do not
2877 want to change the mount behavior if we can avoid it */
fb8c4b14 2878 if (vol_info == NULL) {
50c2f753 2879 /* turn off POSIX ACL and PATHNAMES if not set
8af18971
SF		 2880 originally at mount time */
2881 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2882 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
11b6d645
IM		 2883 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2884 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
b6b38f70 2885 cERROR(1, "POSIXPATH support change");
8af18971 2886 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
11b6d645 2887 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
b6b38f70
JP		 2888 cERROR(1, "possible reconnect error");
2889 cERROR(1, "server disabled POSIX path support");
11b6d645 2890 }
8af18971 2891 }
50c2f753 2892
6848b733
SF		 2893 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2894 cERROR(1, "per-share encryption not supported yet");
2895
8af18971 2896 cap &= CIFS_UNIX_CAP_MASK;
75865f8c 2897 if (vol_info && vol_info->no_psx_acl)
8af18971 2898 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
75865f8c 2899 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
b6b38f70 2900 cFYI(1, "negotiated posix acl support");
2c6292ae
AV		 2901 if (cifs_sb)
2902 cifs_sb->mnt_cifs_flags |=
2903 CIFS_MOUNT_POSIXACL;
8af18971
SF		 2904 }
2905
75865f8c 2906 if (vol_info && vol_info->posix_paths == 0)
8af18971 2907 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
75865f8c 2908 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
b6b38f70 2909 cFYI(1, "negotiate posix pathnames");
2c6292ae
AV		 2910 if (cifs_sb)
2911 cifs_sb->mnt_cifs_flags |=
8af18971
SF		 2912 CIFS_MOUNT_POSIX_PATHS;
2913 }
50c2f753 2914
b6b38f70 2915 cFYI(1, "Negotiate caps 0x%x", (int)cap);
8af18971 2916#ifdef CONFIG_CIFS_DEBUG2
75865f8c 2917 if (cap & CIFS_UNIX_FCNTL_CAP)
b6b38f70 2918 cFYI(1, "FCNTL cap");
75865f8c 2919 if (cap & CIFS_UNIX_EXTATTR_CAP)
b6b38f70 2920 cFYI(1, "EXTATTR cap");
75865f8c 2921 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
b6b38f70 2922 cFYI(1, "POSIX path cap");
75865f8c 2923 if (cap & CIFS_UNIX_XATTR_CAP)
b6b38f70 2924 cFYI(1, "XATTR cap");
75865f8c 2925 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
b6b38f70 2926 cFYI(1, "POSIX ACL cap");
75865f8c 2927 if (cap & CIFS_UNIX_LARGE_READ_CAP)
b6b38f70 2928 cFYI(1, "very large read cap");
75865f8c 2929 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
b6b38f70 2930 cFYI(1, "very large write cap");
6848b733
SF		 2931 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
2932 cFYI(1, "transport encryption cap");
2933 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2934 cFYI(1, "mandatory transport encryption cap");
8af18971
SF		 2935#endif /* CIFS_DEBUG2 */
2936 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
442aa310 2937 if (vol_info == NULL) {
b6b38f70 2938 cFYI(1, "resetting capabilities failed");
442aa310 2939 } else
b6b38f70 2940 cERROR(1, "Negotiating Unix capabilities "
5a44b319
SF		 2941 "with the server failed. Consider "
2942 "mounting with the Unix Extensions\n"
2943 "disabled, if problems are found, "
2944 "by specifying the nounix mount "
b6b38f70 2945 "option.");
5a44b319 2946
8af18971
SF		 2947 }
2948 }
2949}
2950
724d9f1c
PS		 2951void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
2952 struct cifs_sb_info *cifs_sb)
b1c8d2b4 2953{
2de970ff
JL		 2954 INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2955
2ced6f69
AV		 2956 spin_lock_init(&cifs_sb->tlink_tree_lock);
2957 cifs_sb->tlink_tree = RB_ROOT;
2958
25c7f41e 2959 /*
5eba8ab3
JL		 2960 * Temporarily set r/wsize for matching superblock. If we end up using
2961 * new sb then client will later negotiate it downward if needed.
25c7f41e 2962 */
5eba8ab3 2963 cifs_sb->rsize = pvolume_info->rsize;
25c7f41e
PS		 2964 cifs_sb->wsize = pvolume_info->wsize;
2965
3b795210
SF		 2966 cifs_sb->mnt_uid = pvolume_info->linux_uid;
2967 cifs_sb->mnt_gid = pvolume_info->linux_gid;
3d3ea8e6
SP		 2968 if (pvolume_info->backupuid_specified)
2969 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
2970 if (pvolume_info->backupgid_specified)
2971 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
3b795210
SF		 2972 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2973 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
5206efd6 2974 cFYI(1, "file mode: 0x%hx dir mode: 0x%hx",
b6b38f70 2975 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
3b795210 2976
6d20e840 2977 cifs_sb->actimeo = pvolume_info->actimeo;
724d9f1c 2978 cifs_sb->local_nls = pvolume_info->local_nls;
6d20e840 2979
3b795210
SF		 2980 if (pvolume_info->noperm)
2981 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2982 if (pvolume_info->setuids)
2983 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2984 if (pvolume_info->server_ino)
2985 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2986 if (pvolume_info->remap)
2987 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2988 if (pvolume_info->no_xattr)
2989 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2990 if (pvolume_info->sfu_emul)
2991 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2992 if (pvolume_info->nobrl)
2993 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
be652445 2994 if (pvolume_info->nostrictsync)
4717bed6 2995 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
13a6e42a
SF		 2996 if (pvolume_info->mand_lock)
2997 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
d4ffff1f
PS		 2998 if (pvolume_info->rwpidforward)
2999 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
3b795210
SF		 3000 if (pvolume_info->cifs_acl)
3001 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
3d3ea8e6
SP		 3002 if (pvolume_info->backupuid_specified)
3003 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
3004 if (pvolume_info->backupgid_specified)
3005 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
3b795210
SF		 3006 if (pvolume_info->override_uid)
3007 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
3008 if (pvolume_info->override_gid)
3009 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
3010 if (pvolume_info->dynperm)
3011 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
fa1df75d
SJ		 3012 if (pvolume_info->fsc)
3013 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
0eb8a132
JL		 3014 if (pvolume_info->multiuser)
3015 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
3016 CIFS_MOUNT_NO_PERM);
d39454ff
PS		 3017 if (pvolume_info->strict_io)
3018 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
3b795210 3019 if (pvolume_info->direct_io) {
b6b38f70 3020 cFYI(1, "mounting share using direct i/o");
3b795210
SF		 3021 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
3022 }
736a3320
SM		 3023 if (pvolume_info->mfsymlinks) {
3024 if (pvolume_info->sfu_emul) {
3025 cERROR(1, "mount option mfsymlinks ignored if sfu "
3026 "mount option is used");
3027 } else {
3028 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
3029 }
3030 }
3b795210
SF		 3031
3032 if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
b6b38f70
JP		 3033 cERROR(1, "mount option dynperm ignored if cifsacl "
3034 "mount option supported");
b1c8d2b4
JL		 3035}
3036
f7910cbd 3037/*
5eba8ab3
JL		 3038 * When the server supports very large reads and writes via POSIX extensions,
3039 * we can allow up to 2^24-1, minus the size of a READ/WRITE_AND_X header, not
3040 * including the RFC1001 length.
f7910cbd
JL		 3041 *
3042 * Note that this might make for "interesting" allocation problems during
1190f6a0
JL		 3043 * writeback however as we have to allocate an array of pointers for the
3044 * pages. A 16M write means ~32kb page array with PAGE_CACHE_SIZE == 4096.
5eba8ab3
JL		 3045 *
3046 * For reads, there is a similar problem as we need to allocate an array
3047 * of kvecs to handle the receive, though that should only need to be done
3048 * once.
f7910cbd 3049 */
1190f6a0 3050#define CIFS_MAX_WSIZE ((1<<24) - 1 - sizeof(WRITE_REQ) + 4)
5eba8ab3 3051#define CIFS_MAX_RSIZE ((1<<24) - sizeof(READ_RSP) + 4)
f7910cbd
JL		 3052
3053/*
5eba8ab3
JL		 3054 * When the server doesn't allow large posix writes, only allow a rsize/wsize
3055 * of 2^17-1 minus the size of the call header. That allows for a read or
3056 * write up to the maximum size described by RFC1002.
f7910cbd 3057 */
94443f43 3058#define CIFS_MAX_RFC1002_WSIZE ((1<<17) - 1 - sizeof(WRITE_REQ) + 4)
5eba8ab3 3059#define CIFS_MAX_RFC1002_RSIZE ((1<<17) - 1 - sizeof(READ_RSP) + 4)
f7910cbd
JL		 3060
3061/*
3062 * The default wsize is 1M. find_get_pages seems to return a maximum of 256
3063 * pages in a single call. With PAGE_CACHE_SIZE == 4k, this means we can fill
3064 * a single wsize request with a single call.
3065 */
5eba8ab3
JL		 3066#define CIFS_DEFAULT_IOSIZE (1024 * 1024)
3067
3068/*
ce91acb3
JL		 3069 * Windows only supports a max of 60kb reads and 65535 byte writes. Default to
3070 * those values when posix extensions aren't in force. In actuality here, we
3071 * use 65536 to allow for a write that is a multiple of 4k. Most servers seem
3072 * to be ok with the extra byte even though Windows doesn't send writes that
3073 * are that large.
3074 *
3075 * Citation:
3076 *
3077 * http://blogs.msdn.com/b/openspecification/archive/2009/04/10/smb-maximum-transmit-buffer-size-and-performance-tuning.aspx
5eba8ab3
JL		 3078 */
3079#define CIFS_DEFAULT_NON_POSIX_RSIZE (60 * 1024)
ce91acb3 3080#define CIFS_DEFAULT_NON_POSIX_WSIZE (65536)
f7910cbd
JL		 3081
3082static unsigned int
96daf2b0 3083cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
f7910cbd
JL		 3084{
3085 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3086 struct TCP_Server_Info *server = tcon->ses->server;
ce91acb3
JL		 3087 unsigned int wsize;
3088
3089 /* start with specified wsize, or default */
3090 if (pvolume_info->wsize)
3091 wsize = pvolume_info->wsize;
3092 else if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
3093 wsize = CIFS_DEFAULT_IOSIZE;
3094 else
3095 wsize = CIFS_DEFAULT_NON_POSIX_WSIZE;
f7910cbd
JL		 3096
3097 /* can server support 24-bit write sizes? (via UNIX extensions) */
3098 if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
1190f6a0 3099 wsize = min_t(unsigned int, wsize, CIFS_MAX_RFC1002_WSIZE);
f7910cbd 3100
1190f6a0
JL		 3101 /*
3102 * no CAP_LARGE_WRITE_X or is signing enabled without CAP_UNIX set?
3103 * Limit it to max buffer offered by the server, minus the size of the
3104 * WRITEX header, not including the 4 byte RFC1001 length.
3105 */
3106 if (!(server->capabilities & CAP_LARGE_WRITE_X) ||
3107 (!(server->capabilities & CAP_UNIX) &&
3108 (server->sec_mode & (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED))))
3109 wsize = min_t(unsigned int, wsize,
3110 server->maxBuf - sizeof(WRITE_REQ) + 4);
f7910cbd
JL		 3111
3112 /* hard limit of CIFS_MAX_WSIZE */
3113 wsize = min_t(unsigned int, wsize, CIFS_MAX_WSIZE);
3114
3115 return wsize;
3116}
3117
5eba8ab3
JL		 3118static unsigned int
3119cifs_negotiate_rsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
3120{
3121 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3122 struct TCP_Server_Info *server = tcon->ses->server;
3123 unsigned int rsize, defsize;
3124
3125 /*
3126 * Set default value...
3127 *
3128 * HACK alert! Ancient servers have very small buffers. Even though
3129 * MS-CIFS indicates that servers are only limited by the client's
3130 * bufsize for reads, testing against win98se shows that it throws
3131 * INVALID_PARAMETER errors if you try to request too large a read.
3132 *
3133 * If the server advertises a MaxBufferSize of less than one page,
3134 * assume that it also can't satisfy reads larger than that either.
3135 *
3136 * FIXME: Is there a better heuristic for this?
3137 */
3138 if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_READ_CAP))
3139 defsize = CIFS_DEFAULT_IOSIZE;
3140 else if (server->capabilities & CAP_LARGE_READ_X)
3141 defsize = CIFS_DEFAULT_NON_POSIX_RSIZE;
3142 else if (server->maxBuf >= PAGE_CACHE_SIZE)
3143 defsize = CIFSMaxBufSize;
3144 else
3145 defsize = server->maxBuf - sizeof(READ_RSP);
3146
3147 rsize = pvolume_info->rsize ? pvolume_info->rsize : defsize;
3148
3149 /*
3150 * no CAP_LARGE_READ_X? Then MS-CIFS states that we must limit this to
3151 * the client's MaxBufferSize.
3152 */
3153 if (!(server->capabilities & CAP_LARGE_READ_X))
3154 rsize = min_t(unsigned int, CIFSMaxBufSize, rsize);
3155
3156 /* hard limit of CIFS_MAX_RSIZE */
3157 rsize = min_t(unsigned int, rsize, CIFS_MAX_RSIZE);
3158
3159 return rsize;
3160}
3161
e4cce94c 3162static int
96daf2b0 3163is_path_accessible(int xid, struct cifs_tcon *tcon,
e4cce94c
IM		 3164 struct cifs_sb_info *cifs_sb, const char *full_path)
3165{
3166 int rc;
e4cce94c
IM		 3167 FILE_ALL_INFO *pfile_info;
3168
e4cce94c
IM		 3169 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
3170 if (pfile_info == NULL)
3171 return -ENOMEM;
3172
3173 rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
3174 0 /* not legacy */, cifs_sb->local_nls,
3175 cifs_sb->mnt_cifs_flags &
3176 CIFS_MOUNT_MAP_SPECIAL_CHR);
221d1d79
JL		 3177
3178 if (rc == -EOPNOTSUPP || rc == -EINVAL)
3179 rc = SMBQueryInformation(xid, tcon, full_path, pfile_info,
3180 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
3181 CIFS_MOUNT_MAP_SPECIAL_CHR);
e4cce94c
IM		 3182 kfree(pfile_info);
3183 return rc;
3184}
3185
b9bce2e9
JL		 3186static void
3187cleanup_volume_info_contents(struct smb_vol *volume_info)
1bfe73c2 3188{
b946845a 3189 kfree(volume_info->username);
1bfe73c2 3190 kzfree(volume_info->password);
13589c43
SF		 3191 if (volume_info->UNCip != volume_info->UNC + 2)
3192 kfree(volume_info->UNCip);
95c75454 3193 kfree(volume_info->UNC);
b946845a
SF		 3194 kfree(volume_info->domainname);
3195 kfree(volume_info->iocharset);
1bfe73c2 3196 kfree(volume_info->prepath);
b9bce2e9
JL		 3197}
3198
3199void
3200cifs_cleanup_volume_info(struct smb_vol *volume_info)
3201{
3202 if (!volume_info)
3203 return;
3204 cleanup_volume_info_contents(volume_info);
1bfe73c2 3205 kfree(volume_info);
1bfe73c2
IM		 3206}
3207
b9bce2e9 3208
2d6d589d 3209#ifdef CONFIG_CIFS_DFS_UPCALL
1bfe73c2
IM		 3210/* build_path_to_root returns full path to root when
3211 * we do not have an exiting connection (tcon) */
3212static char *
b2a0fa15 3213build_unc_path_to_root(const struct smb_vol *vol,
1bfe73c2
IM		 3214 const struct cifs_sb_info *cifs_sb)
3215{
b2a0fa15
JL		 3216 char *full_path, *pos;
3217 unsigned int pplen = vol->prepath ? strlen(vol->prepath) : 0;
3218 unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
1bfe73c2 3219
b2a0fa15 3220 full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
1bfe73c2
IM		 3221 if (full_path == NULL)
3222 return ERR_PTR(-ENOMEM);
3223
b2a0fa15
JL		 3224 strncpy(full_path, vol->UNC, unc_len);
3225 pos = full_path + unc_len;
3226
3227 if (pplen) {
3228 strncpy(pos, vol->prepath, pplen);
3229 pos += pplen;
3230 }
3231
3232 *pos = '\0'; /* add trailing null */
f87d39d9 3233 convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
b2a0fa15 3234 cFYI(1, "%s: full_path=%s", __func__, full_path);
1bfe73c2
IM		 3235 return full_path;
3236}
dd613945
SF		 3237
3238/*
3239 * Perform a dfs referral query for a share and (optionally) prefix
3240 *
046462ab
SF		 3241 * If a referral is found, cifs_sb->mountdata will be (re-)allocated
3242 * to a string containing updated options for the submount. Otherwise it
3243 * will be left untouched.
dd613945
SF		 3244 *
3245 * Returns the rc from get_dfs_path to the caller, which can be used to
3246 * determine whether there were referrals.
3247 */
3248static int
96daf2b0 3249expand_dfs_referral(int xid, struct cifs_ses *pSesInfo,
dd613945 3250 struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
046462ab 3251 int check_prefix)
dd613945
SF		 3252{
3253 int rc;
3254 unsigned int num_referrals = 0;
3255 struct dfs_info3_param *referrals = NULL;
3256 char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
3257
3258 full_path = build_unc_path_to_root(volume_info, cifs_sb);
3259 if (IS_ERR(full_path))
3260 return PTR_ERR(full_path);
3261
3262 /* For DFS paths, skip the first '\' of the UNC */
3263 ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
3264
3265 rc = get_dfs_path(xid, pSesInfo , ref_path, cifs_sb->local_nls,
3266 &num_referrals, &referrals,
3267 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
3268
3269 if (!rc && num_referrals > 0) {
3270 char *fake_devname = NULL;
3271
3272 mdata = cifs_compose_mount_options(cifs_sb->mountdata,
3273 full_path + 1, referrals,
3274 &fake_devname);
3275
3276 free_dfs_info_array(referrals, num_referrals);
046462ab 3277
dd613945
SF		 3278 if (IS_ERR(mdata)) {
3279 rc = PTR_ERR(mdata);
3280 mdata = NULL;
b9bce2e9
JL		 3281 } else {
3282 cleanup_volume_info_contents(volume_info);
3283 memset(volume_info, '\0', sizeof(*volume_info));
3284 rc = cifs_setup_volume_info(volume_info, mdata,
3285 fake_devname);
dd613945 3286 }
b9bce2e9
JL		 3287 kfree(fake_devname);
3288 kfree(cifs_sb->mountdata);
046462ab 3289 cifs_sb->mountdata = mdata;
dd613945
SF		 3290 }
3291 kfree(full_path);
3292 return rc;
3293}
2d6d589d 3294#endif
1bfe73c2 3295
04db79b0
JL		 3296static int
3297cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
3298 const char *devname)
1da177e4 3299{
724d9f1c 3300 int rc = 0;
1da177e4 3301
04db79b0
JL		 3302 if (cifs_parse_mount_options(mount_data, devname, volume_info))
3303 return -EINVAL;
1da177e4 3304
7586b765 3305 if (volume_info->nullauth) {
04febabc
JL		 3306 cFYI(1, "Anonymous login");
3307 kfree(volume_info->username);
3308 volume_info->username = NULL;
7586b765 3309 } else if (volume_info->username) {
1da177e4 3310 /* BB fixme parse for domain name here */
b6b38f70 3311 cFYI(1, "Username: %s", volume_info->username);
1da177e4 3312 } else {
bf820679 3313 cifserror("No username specified");
50c2f753
SF		 3314 /* In userspace mount helper we can get user name from alternate
3315 locations such as env variables and files on disk */
04db79b0 3316 return -EINVAL;
1da177e4
LT		 3317 }
3318
1da177e4 3319 /* this is needed for ASCII cp to Unicode converts */
7586b765 3320 if (volume_info->iocharset == NULL) {
a5fc4ce0
JL		 3321 /* load_nls_default cannot return null */
3322 volume_info->local_nls = load_nls_default();
1da177e4 3323 } else {
a5fc4ce0
JL		 3324 volume_info->local_nls = load_nls(volume_info->iocharset);
3325 if (volume_info->local_nls == NULL) {
b6b38f70
JP		 3326 cERROR(1, "CIFS mount error: iocharset %s not found",
3327 volume_info->iocharset);
04db79b0 3328 return -ELIBACC;
1da177e4
LT		 3329 }
3330 }
724d9f1c 3331
724d9f1c
PS		 3332 return rc;
3333}
3334
04db79b0
JL		 3335struct smb_vol *
3336cifs_get_volume_info(char *mount_data, const char *devname)
3337{
3338 int rc;
3339 struct smb_vol *volume_info;
3340
3341 volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
3342 if (!volume_info)
3343 return ERR_PTR(-ENOMEM);
3344
3345 rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3346 if (rc) {
3347 cifs_cleanup_volume_info(volume_info);
3348 volume_info = ERR_PTR(rc);
3349 }
3350
3351 return volume_info;
3352}
3353
66bfaadc
JL		 3354/* make sure ra_pages is a multiple of rsize */
3355static inline unsigned int
3356cifs_ra_pages(struct cifs_sb_info *cifs_sb)
3357{
3358 unsigned int reads;
3359 unsigned int rsize_pages = cifs_sb->rsize / PAGE_CACHE_SIZE;
3360
3361 if (rsize_pages >= default_backing_dev_info.ra_pages)
3362 return default_backing_dev_info.ra_pages;
3363 else if (rsize_pages == 0)
3364 return rsize_pages;
3365
3366 reads = default_backing_dev_info.ra_pages / rsize_pages;
3367 return reads * rsize_pages;
3368}
3369
724d9f1c 3370int
2c6292ae 3371cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
724d9f1c
PS		 3372{
3373 int rc = 0;
3374 int xid;
96daf2b0
SF		 3375 struct cifs_ses *pSesInfo;
3376 struct cifs_tcon *tcon;
724d9f1c
PS		 3377 struct TCP_Server_Info *srvTcp;
3378 char *full_path;
3379 struct tcon_link *tlink;
3380#ifdef CONFIG_CIFS_DFS_UPCALL
3381 int referral_walks_count = 0;
20547490 3382#endif
dd854466
AV		 3383
3384 rc = bdi_setup_and_register(&cifs_sb->bdi, "cifs", BDI_CAP_MAP_COPY);
3385 if (rc)
3386 return rc;
3387
20547490 3388#ifdef CONFIG_CIFS_DFS_UPCALL
724d9f1c
PS		 3389try_mount_again:
3390 /* cleanup activities if we're chasing a referral */
3391 if (referral_walks_count) {
3392 if (tcon)
3393 cifs_put_tcon(tcon);
3394 else if (pSesInfo)
3395 cifs_put_smb_ses(pSesInfo);
3396
724d9f1c
PS		 3397 FreeXid(xid);
3398 }
3399#endif
3400 tcon = NULL;
3401 pSesInfo = NULL;
3402 srvTcp = NULL;
3403 full_path = NULL;
3404 tlink = NULL;
3405
3406 xid = GetXid();
1da177e4 3407
63c038c2 3408 /* get a reference to a tcp session */
7586b765 3409 srvTcp = cifs_get_tcp_session(volume_info);
63c038c2
JL		 3410 if (IS_ERR(srvTcp)) {
3411 rc = PTR_ERR(srvTcp);
dd854466 3412 bdi_destroy(&cifs_sb->bdi);
63c038c2 3413 goto out;
1da177e4
LT		 3414 }
3415
36988c76
JL		 3416 /* get a reference to a SMB session */
3417 pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
3418 if (IS_ERR(pSesInfo)) {
3419 rc = PTR_ERR(pSesInfo);
3420 pSesInfo = NULL;
3421 goto mount_fail_check;
1da177e4 3422 }
50c2f753 3423
d00c28de
JL		 3424 /* search for existing tcon to this server share */
3425 tcon = cifs_get_tcon(pSesInfo, volume_info);
3426 if (IS_ERR(tcon)) {
3427 rc = PTR_ERR(tcon);
3428 tcon = NULL;
1bfe73c2 3429 goto remote_path_check;
d00c28de 3430 }
1bfe73c2 3431
d82c2df5 3432 /* tell server which Unix caps we support */
6848b733 3433 if (tcon->ses->capabilities & CAP_UNIX) {
d82c2df5
SF		 3434 /* reset of caps checks mount to see if unix extensions
3435 disabled for just this mount */
2c6292ae 3436 reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
6848b733
SF		 3437 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3438 (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3439 CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3440 rc = -EACCES;
3441 goto mount_fail_check;
3442 }
3443 } else
d82c2df5 3444 tcon->unix_ext = 0; /* server does not support them */
c18c842b 3445
6848b733
SF		 3446 /* do not care if following two calls succeed - informational */
3447 if (!tcon->ipc) {
3448 CIFSSMBQFSDeviceInfo(xid, tcon);
3449 CIFSSMBQFSAttributeInfo(xid, tcon);
3450 }
3451
f7910cbd 3452 cifs_sb->wsize = cifs_negotiate_wsize(tcon, volume_info);
5eba8ab3 3453 cifs_sb->rsize = cifs_negotiate_rsize(tcon, volume_info);
f7910cbd 3454
66bfaadc
JL		 3455 /* tune readahead according to rsize */
3456 cifs_sb->bdi.ra_pages = cifs_ra_pages(cifs_sb);
f7910cbd 3457
1bfe73c2 3458remote_path_check:
c1508ca2
SF		 3459#ifdef CONFIG_CIFS_DFS_UPCALL
3460 /*
3461 * Perform an unconditional check for whether there are DFS
3462 * referrals for this path without prefix, to provide support
3463 * for DFS referrals from w2k8 servers which don't seem to respond
3464 * with PATH_NOT_COVERED to requests that include the prefix.
3465 * Chase the referral if found, otherwise continue normally.
3466 */
3467 if (referral_walks_count == 0) {
3468 int refrc = expand_dfs_referral(xid, pSesInfo, volume_info,
046462ab 3469 cifs_sb, false);
c1508ca2
SF		 3470 if (!refrc) {
3471 referral_walks_count++;
3472 goto try_mount_again;
3473 }
3474 }
3475#endif
3476
f87d39d9 3477 /* check if a whole path is not remote */
70945643 3478 if (!rc && tcon) {
e4cce94c 3479 /* build_path_to_root works only when we have a valid tcon */
f87d39d9 3480 full_path = cifs_build_path_to_root(volume_info, cifs_sb, tcon);
e4cce94c
IM		 3481 if (full_path == NULL) {
3482 rc = -ENOMEM;
3483 goto mount_fail_check;
3484 }
3485 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
03ceace5 3486 if (rc != 0 && rc != -EREMOTE) {
e4cce94c
IM		 3487 kfree(full_path);
3488 goto mount_fail_check;
3489 }
3490 kfree(full_path);
3491 }
3492
1bfe73c2
IM		 3493 /* get referral if needed */
3494 if (rc == -EREMOTE) {
d036f50f 3495#ifdef CONFIG_CIFS_DFS_UPCALL
5c2503a8
IM		 3496 if (referral_walks_count > MAX_NESTED_LINKS) {
3497 /*
3498 * BB: when we implement proper loop detection,
3499 * we will remove this check. But now we need it
3500 * to prevent an indefinite loop if 'DFS tree' is
3501 * misconfigured (i.e. has loops).
3502 */
3503 rc = -ELOOP;
3504 goto mount_fail_check;
3505 }
1bfe73c2 3506
dd613945 3507 rc = expand_dfs_referral(xid, pSesInfo, volume_info, cifs_sb,
046462ab 3508 true);
7b91e266 3509
dd613945 3510 if (!rc) {
5c2503a8 3511 referral_walks_count++;
1bfe73c2
IM		 3512 goto try_mount_again;
3513 }
dd613945 3514 goto mount_fail_check;
d036f50f
SF		 3515#else /* No DFS support, return error on mount */
3516 rc = -EOPNOTSUPP;
3517#endif
1bfe73c2
IM		 3518 }
3519
9d002df4
JL		 3520 if (rc)
3521 goto mount_fail_check;
3522
3523 /* now, hang the tcon off of the superblock */
3524 tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3525 if (tlink == NULL) {
3526 rc = -ENOMEM;
3527 goto mount_fail_check;
3528 }
3529
b647c35f 3530 tlink->tl_uid = pSesInfo->linux_uid;
9d002df4
JL		 3531 tlink->tl_tcon = tcon;
3532 tlink->tl_time = jiffies;
3533 set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
3534 set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3535
b647c35f 3536 cifs_sb->master_tlink = tlink;
9d002df4 3537 spin_lock(&cifs_sb->tlink_tree_lock);
b647c35f 3538 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
9d002df4 3539 spin_unlock(&cifs_sb->tlink_tree_lock);
413e661c 3540
2de970ff
JL		 3541 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3542 TLINK_IDLE_EXPIRE);
3543
1bfe73c2
IM		 3544mount_fail_check:
3545 /* on error free sesinfo and tcon struct if needed */
3546 if (rc) {
1bfe73c2 3547 /* If find_unc succeeded then rc == 0 so we can not end */
25985edc 3548 /* up accidentally freeing someone elses tcon struct */
1bfe73c2
IM		 3549 if (tcon)
3550 cifs_put_tcon(tcon);
3551 else if (pSesInfo)
3552 cifs_put_smb_ses(pSesInfo);
3553 else
3554 cifs_put_tcp_session(srvTcp);
dd854466 3555 bdi_destroy(&cifs_sb->bdi);
1bfe73c2
IM		 3556 }
3557
70fe7dc0 3558out:
1da177e4
LT		 3559 FreeXid(xid);
3560 return rc;
3561}
3562
8d1bca32
JL		 3563/*
3564 * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
3565 * pointer may be NULL.
3566 */
1da177e4 3567int
96daf2b0
SF		 3568CIFSTCon(unsigned int xid, struct cifs_ses *ses,
3569 const char *tree, struct cifs_tcon *tcon,
1da177e4
LT		 3570 const struct nls_table *nls_codepage)
3571{
3572 struct smb_hdr *smb_buffer;
3573 struct smb_hdr *smb_buffer_response;
3574 TCONX_REQ *pSMB;
3575 TCONX_RSP *pSMBr;
3576 unsigned char *bcc_ptr;
3577 int rc = 0;
690c522f
JL		 3578 int length;
3579 __u16 bytes_left, count;
1da177e4
LT		 3580
3581 if (ses == NULL)
3582 return -EIO;
3583
3584 smb_buffer = cifs_buf_get();
ca43e3be 3585 if (smb_buffer == NULL)
1da177e4 3586 return -ENOMEM;
ca43e3be 3587
1da177e4
LT		 3588 smb_buffer_response = smb_buffer;
3589
3590 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3591 NULL /*no tid */ , 4 /*wct */ );
1982c344
SF		 3592
3593 smb_buffer->Mid = GetNextMid(ses->server);
1da177e4
LT		 3594 smb_buffer->Uid = ses->Suid;
3595 pSMB = (TCONX_REQ *) smb_buffer;
3596 pSMBr = (TCONX_RSP *) smb_buffer_response;
3597
3598 pSMB->AndXCommand = 0xFF;
3599 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
1da177e4 3600 bcc_ptr = &pSMB->Password[0];
8d1bca32 3601 if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
eeac8047 3602 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
7c7b25bc 3603 *bcc_ptr = 0; /* password is null byte */
eeac8047 3604 bcc_ptr++; /* skip password */
7c7b25bc 3605 /* already aligned so no need to do it below */
eeac8047 3606 } else {
540b2e37 3607 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
eeac8047
SF		 3608 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3609 specified as required (when that support is added to
3610 the vfs in the future) as only NTLM or the much
7c7b25bc 3611 weaker LANMAN (which we do not send by default) is accepted
eeac8047
SF		 3612 by Samba (not sure whether other servers allow
3613 NTLMv2 password here) */
7c7b25bc 3614#ifdef CONFIG_CIFS_WEAK_PW_HASH
04912d6a 3615 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
00e485b0 3616 (ses->server->secType == LANMAN))
d3ba50b1 3617 calc_lanman_hash(tcon->password, ses->server->cryptkey,
96daf2b0 3618 ses->server->sec_mode &
4e53a3fb
JL		 3619 SECMODE_PW_ENCRYPT ? true : false,
3620 bcc_ptr);
7c7b25bc
SF		 3621 else
3622#endif /* CIFS_WEAK_PW_HASH */
ee2c9258 3623 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
9ef5992e 3624 bcc_ptr, nls_codepage);
eeac8047 3625
540b2e37 3626 bcc_ptr += CIFS_AUTH_RESP_SIZE;
fb8c4b14 3627 if (ses->capabilities & CAP_UNICODE) {
7c7b25bc
SF		 3628 /* must align unicode strings */
3629 *bcc_ptr = 0; /* null byte password */
3630 bcc_ptr++;
3631 }
eeac8047 3632 }
1da177e4 3633
96daf2b0 3634 if (ses->server->sec_mode &
a878fb22 3635 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
1da177e4
LT		 3636 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3637
3638 if (ses->capabilities & CAP_STATUS32) {
3639 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3640 }
3641 if (ses->capabilities & CAP_DFS) {
3642 smb_buffer->Flags2 |= SMBFLG2_DFS;
3643 }
3644 if (ses->capabilities & CAP_UNICODE) {
3645 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3646 length =
50c2f753
SF		 3647 cifs_strtoUCS((__le16 *) bcc_ptr, tree,
3648 6 /* max utf8 char length in bytes */ *
a878fb22
SF		 3649 (/* server len*/ + 256 /* share len */), nls_codepage);
3650 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
1da177e4
LT		 3651 bcc_ptr += 2; /* skip trailing null */
3652 } else { /* ASCII */
1da177e4
LT		 3653 strcpy(bcc_ptr, tree);
3654 bcc_ptr += strlen(tree) + 1;
3655 }
3656 strcpy(bcc_ptr, "?????");
3657 bcc_ptr += strlen("?????");
3658 bcc_ptr += 1;
3659 count = bcc_ptr - &pSMB->Password[0];
be8e3b00
SF		 3660 pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
3661 pSMB->hdr.smb_buf_length) + count);
1da177e4
LT		 3662 pSMB->ByteCount = cpu_to_le16(count);
3663
133672ef 3664 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
7749981e 3665 0);
1da177e4 3666
1da177e4
LT		 3667 /* above now done in SendReceive */
3668 if ((rc == 0) && (tcon != NULL)) {
0e0d2cf3
SF		 3669 bool is_unicode;
3670
1da177e4 3671 tcon->tidStatus = CifsGood;
3b795210 3672 tcon->need_reconnect = false;
1da177e4
LT		 3673 tcon->tid = smb_buffer_response->Tid;
3674 bcc_ptr = pByteArea(smb_buffer_response);
690c522f 3675 bytes_left = get_bcc(smb_buffer_response);
cc20c031 3676 length = strnlen(bcc_ptr, bytes_left - 2);
0e0d2cf3
SF		 3677 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3678 is_unicode = true;
3679 else
3680 is_unicode = false;
3681
cc20c031 3682
50c2f753 3683 /* skip service field (NB: this field is always ASCII) */
7f8ed420
SF		 3684 if (length == 3) {
3685 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
3686 (bcc_ptr[2] == 'C')) {
b6b38f70 3687 cFYI(1, "IPC connection");
7f8ed420
SF		 3688 tcon->ipc = 1;
3689 }
3690 } else if (length == 2) {
3691 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
3692 /* the most common case */
b6b38f70 3693 cFYI(1, "disk share connection");
7f8ed420
SF		 3694 }
3695 }
50c2f753 3696 bcc_ptr += length + 1;
cc20c031 3697 bytes_left -= (length + 1);
1da177e4 3698 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
cc20c031
JL		 3699
3700 /* mostly informational -- no need to fail on error here */
90a98b2f 3701 kfree(tcon->nativeFileSystem);
d185cda7 3702 tcon->nativeFileSystem = cifs_strndup_from_ucs(bcc_ptr,
0e0d2cf3 3703 bytes_left, is_unicode,
cc20c031
JL		 3704 nls_codepage);
3705
b6b38f70 3706 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
cc20c031 3707
fb8c4b14 3708 if ((smb_buffer_response->WordCount == 3) ||
1a4e15a0
SF		 3709 (smb_buffer_response->WordCount == 7))
3710 /* field is in same location */
3979877e
SF		 3711 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3712 else
3713 tcon->Flags = 0;
b6b38f70 3714 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
1da177e4 3715 } else if ((rc == 0) && tcon == NULL) {
50c2f753 3716 /* all we need to save for IPC$ connection */
1da177e4
LT		 3717 ses->ipc_tid = smb_buffer_response->Tid;
3718 }
3719
a8a11d39 3720 cifs_buf_release(smb_buffer);
1da177e4
LT		 3721 return rc;
3722}
3723
2a9b9951
AV		 3724void
3725cifs_umount(struct cifs_sb_info *cifs_sb)
1da177e4 3726{
b647c35f
JL		 3727 struct rb_root *root = &cifs_sb->tlink_tree;
3728 struct rb_node *node;
3729 struct tcon_link *tlink;
9d002df4 3730
2de970ff
JL		 3731 cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
3732
b647c35f
JL		 3733 spin_lock(&cifs_sb->tlink_tree_lock);
3734 while ((node = rb_first(root))) {
3735 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3736 cifs_get_tlink(tlink);
3737 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3738 rb_erase(node, root);
1da177e4 3739
b647c35f
JL		 3740 spin_unlock(&cifs_sb->tlink_tree_lock);
3741 cifs_put_tlink(tlink);
3742 spin_lock(&cifs_sb->tlink_tree_lock);
3743 }
3744 spin_unlock(&cifs_sb->tlink_tree_lock);
50c2f753 3745
dd854466 3746 bdi_destroy(&cifs_sb->bdi);
d757d71b
AV		 3747 kfree(cifs_sb->mountdata);
3748 unload_nls(cifs_sb->local_nls);
3749 kfree(cifs_sb);
50c2f753 3750}
1da177e4 3751
96daf2b0 3752int cifs_negotiate_protocol(unsigned int xid, struct cifs_ses *ses)
1da177e4
LT		 3753{
3754 int rc = 0;
198b5682 3755 struct TCP_Server_Info *server = ses->server;
1da177e4 3756
198b5682
JL		 3757 /* only send once per connect */
3758 if (server->maxBuf != 0)
3759 return 0;
3760
3761 rc = CIFSSMBNegotiate(xid, ses);
3762 if (rc == -EAGAIN) {
3763 /* retry only once on 1st time connection */
3764 rc = CIFSSMBNegotiate(xid, ses);
3765 if (rc == -EAGAIN)
3766 rc = -EHOSTDOWN;
1da177e4 3767 }
198b5682
JL		 3768 if (rc == 0) {
3769 spin_lock(&GlobalMid_Lock);
7fdbaa1b 3770 if (server->tcpStatus == CifsNeedNegotiate)
198b5682
JL		 3771 server->tcpStatus = CifsGood;
3772 else
3773 rc = -EHOSTDOWN;
3774 spin_unlock(&GlobalMid_Lock);
26b994fa 3775
198b5682
JL		 3776 }
3777
3778 return rc;
3779}
3780
3781
96daf2b0 3782int cifs_setup_session(unsigned int xid, struct cifs_ses *ses,
198b5682
JL		 3783 struct nls_table *nls_info)
3784{
3785 int rc = 0;
3786 struct TCP_Server_Info *server = ses->server;
26b994fa 3787
198b5682
JL		 3788 ses->flags = 0;
3789 ses->capabilities = server->capabilities;
26b994fa 3790 if (linuxExtEnabled == 0)
198b5682 3791 ses->capabilities &= (~CAP_UNIX);
20418acd 3792
b6b38f70 3793 cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
96daf2b0 3794 server->sec_mode, server->capabilities, server->timeAdj);
cb7691b6 3795
198b5682 3796 rc = CIFS_SessSetup(xid, ses, nls_info);
26b994fa 3797 if (rc) {
b6b38f70 3798 cERROR(1, "Send error in SessSetup = %d", rc);
26b994fa 3799 } else {
5d0d2882
SP		 3800 mutex_lock(&ses->server->srv_mutex);
3801 if (!server->session_estab) {
21e73393 3802 server->session_key.response = ses->auth_key.response;
5d0d2882 3803 server->session_key.len = ses->auth_key.len;
21e73393
SP		 3804 server->sequence_number = 0x2;
3805 server->session_estab = true;
3806 ses->auth_key.response = NULL;
5d0d2882
SP		 3807 }
3808 mutex_unlock(&server->srv_mutex);
3809
b6b38f70 3810 cFYI(1, "CIFS Session Established successfully");
20418acd 3811 spin_lock(&GlobalMid_Lock);
198b5682
JL		 3812 ses->status = CifsGood;
3813 ses->need_reconnect = false;
20418acd 3814 spin_unlock(&GlobalMid_Lock);
1da177e4 3815 }
26b994fa 3816
21e73393
SP		 3817 kfree(ses->auth_key.response);
3818 ses->auth_key.response = NULL;
3819 ses->auth_key.len = 0;
d3686d54
SP		 3820 kfree(ses->ntlmssp);
3821 ses->ntlmssp = NULL;
21e73393 3822
1da177e4
LT		 3823 return rc;
3824}
3825
8a8798a5
JL		 3826static int
3827cifs_set_vol_auth(struct smb_vol *vol, struct cifs_ses *ses)
3828{
3829 switch (ses->server->secType) {
3830 case Kerberos:
3831 vol->secFlg = CIFSSEC_MUST_KRB5;
3832 return 0;
3833 case NTLMv2:
3834 vol->secFlg = CIFSSEC_MUST_NTLMV2;
3835 break;
3836 case NTLM:
3837 vol->secFlg = CIFSSEC_MUST_NTLM;
3838 break;
3839 case RawNTLMSSP:
3840 vol->secFlg = CIFSSEC_MUST_NTLMSSP;
3841 break;
3842 case LANMAN:
3843 vol->secFlg = CIFSSEC_MUST_LANMAN;
3844 break;
3845 }
3846
3847 return cifs_set_cifscreds(vol, ses);
3848}
3849
96daf2b0 3850static struct cifs_tcon *
9d002df4
JL		 3851cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
3852{
8a8798a5 3853 int rc;
96daf2b0
SF		 3854 struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
3855 struct cifs_ses *ses;
3856 struct cifs_tcon *tcon = NULL;
9d002df4 3857 struct smb_vol *vol_info;
9d002df4
JL		 3858
3859 vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
3860 if (vol_info == NULL) {
3861 tcon = ERR_PTR(-ENOMEM);
3862 goto out;
3863 }
3864
9d002df4
JL		 3865 vol_info->local_nls = cifs_sb->local_nls;
3866 vol_info->linux_uid = fsuid;
3867 vol_info->cred_uid = fsuid;
3868 vol_info->UNC = master_tcon->treeName;
3869 vol_info->retry = master_tcon->retry;
3870 vol_info->nocase = master_tcon->nocase;
3871 vol_info->local_lease = master_tcon->local_lease;
3872 vol_info->no_linux_ext = !master_tcon->unix_ext;
3873
8a8798a5
JL		 3874 rc = cifs_set_vol_auth(vol_info, master_tcon->ses);
3875 if (rc) {
3876 tcon = ERR_PTR(rc);
3877 goto out;
3878 }
9d002df4
JL		 3879
3880 /* get a reference for the same TCP session */
3f9bcca7 3881 spin_lock(&cifs_tcp_ses_lock);
9d002df4 3882 ++master_tcon->ses->server->srv_count;
3f9bcca7 3883 spin_unlock(&cifs_tcp_ses_lock);
9d002df4
JL		 3884
3885 ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
3886 if (IS_ERR(ses)) {
96daf2b0 3887 tcon = (struct cifs_tcon *)ses;
9d002df4
JL		 3888 cifs_put_tcp_session(master_tcon->ses->server);
3889 goto out;
3890 }
3891
3892 tcon = cifs_get_tcon(ses, vol_info);
3893 if (IS_ERR(tcon)) {
3894 cifs_put_smb_ses(ses);
3895 goto out;
3896 }
3897
3898 if (ses->capabilities & CAP_UNIX)
3899 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
3900out:
8a8798a5
JL		 3901 kfree(vol_info->username);
3902 kfree(vol_info->password);
9d002df4
JL		 3903 kfree(vol_info);
3904
3905 return tcon;
3906}
3907
96daf2b0 3908struct cifs_tcon *
9d002df4
JL		 3909cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
3910{
3911 return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
3912}
3913
3914static int
3915cifs_sb_tcon_pending_wait(void *unused)
3916{
3917 schedule();
3918 return signal_pending(current) ? -ERESTARTSYS : 0;
3919}
3920
b647c35f
JL		 3921/* find and return a tlink with given uid */
3922static struct tcon_link *
3923tlink_rb_search(struct rb_root *root, uid_t uid)
3924{
3925 struct rb_node *node = root->rb_node;
3926 struct tcon_link *tlink;
3927
3928 while (node) {
3929 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3930
3931 if (tlink->tl_uid > uid)
3932 node = node->rb_left;
3933 else if (tlink->tl_uid < uid)
3934 node = node->rb_right;
3935 else
3936 return tlink;
3937 }
3938 return NULL;
3939}
3940
3941/* insert a tcon_link into the tree */
3942static void
3943tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
3944{
3945 struct rb_node **new = &(root->rb_node), *parent = NULL;
3946 struct tcon_link *tlink;
3947
3948 while (*new) {
3949 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
3950 parent = *new;
3951
3952 if (tlink->tl_uid > new_tlink->tl_uid)
3953 new = &((*new)->rb_left);
3954 else
3955 new = &((*new)->rb_right);
3956 }
3957
3958 rb_link_node(&new_tlink->tl_rbnode, parent, new);
3959 rb_insert_color(&new_tlink->tl_rbnode, root);
3960}
3961
9d002df4
JL		 3962/*
3963 * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
3964 * current task.
3965 *
3966 * If the superblock doesn't refer to a multiuser mount, then just return
3967 * the master tcon for the mount.
3968 *
6ef933a3 3969 * First, search the rbtree for an existing tcon for this fsuid. If one
9d002df4
JL		 3970 * exists, then check to see if it's pending construction. If it is then wait
3971 * for construction to complete. Once it's no longer pending, check to see if
3972 * it failed and either return an error or retry construction, depending on
3973 * the timeout.
3974 *
3975 * If one doesn't exist then insert a new tcon_link struct into the tree and
3976 * try to construct a new one.
3977 */
3978struct tcon_link *
3979cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
3980{
3981 int ret;
b647c35f 3982 uid_t fsuid = current_fsuid();
9d002df4
JL		 3983 struct tcon_link *tlink, *newtlink;
3984
3985 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
3986 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
3987
3988 spin_lock(&cifs_sb->tlink_tree_lock);
b647c35f 3989 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
9d002df4
JL		 3990 if (tlink)
3991 cifs_get_tlink(tlink);
3992 spin_unlock(&cifs_sb->tlink_tree_lock);
3993
3994 if (tlink == NULL) {
3995 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
3996 if (newtlink == NULL)
3997 return ERR_PTR(-ENOMEM);
b647c35f 3998 newtlink->tl_uid = fsuid;
9d002df4
JL		 3999 newtlink->tl_tcon = ERR_PTR(-EACCES);
4000 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
4001 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
4002 cifs_get_tlink(newtlink);
4003
9d002df4
JL		 4004 spin_lock(&cifs_sb->tlink_tree_lock);
4005 /* was one inserted after previous search? */
b647c35f 4006 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
9d002df4
JL		 4007 if (tlink) {
4008 cifs_get_tlink(tlink);
4009 spin_unlock(&cifs_sb->tlink_tree_lock);
9d002df4
JL		 4010 kfree(newtlink);
4011 goto wait_for_construction;
4012 }
9d002df4 4013 tlink = newtlink;
b647c35f
JL		 4014 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
4015 spin_unlock(&cifs_sb->tlink_tree_lock);
9d002df4
JL		 4016 } else {
4017wait_for_construction:
4018 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
4019 cifs_sb_tcon_pending_wait,
4020 TASK_INTERRUPTIBLE);
4021 if (ret) {
4022 cifs_put_tlink(tlink);
4023 return ERR_PTR(ret);
4024 }
4025
4026 /* if it's good, return it */
4027 if (!IS_ERR(tlink->tl_tcon))
4028 return tlink;
4029
4030 /* return error if we tried this already recently */
4031 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
4032 cifs_put_tlink(tlink);
4033 return ERR_PTR(-EACCES);
4034 }
4035
4036 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
4037 goto wait_for_construction;
4038 }
4039
4040 tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
4041 clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
4042 wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
4043
4044 if (IS_ERR(tlink->tl_tcon)) {
4045 cifs_put_tlink(tlink);
4046 return ERR_PTR(-EACCES);
4047 }
4048
4049 return tlink;
4050}
2de970ff
JL		 4051
4052/*
4053 * periodic workqueue job that scans tcon_tree for a superblock and closes
4054 * out tcons.
4055 */
4056static void
4057cifs_prune_tlinks(struct work_struct *work)
4058{
4059 struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
4060 prune_tlinks.work);
b647c35f
JL		 4061 struct rb_root *root = &cifs_sb->tlink_tree;
4062 struct rb_node *node = rb_first(root);
4063 struct rb_node *tmp;
4064 struct tcon_link *tlink;
2de970ff 4065
b647c35f
JL		 4066 /*
4067 * Because we drop the spinlock in the loop in order to put the tlink
4068 * it's not guarded against removal of links from the tree. The only
4069 * places that remove entries from the tree are this function and
4070 * umounts. Because this function is non-reentrant and is canceled
4071 * before umount can proceed, this is safe.
4072 */
4073 spin_lock(&cifs_sb->tlink_tree_lock);
4074 node = rb_first(root);
4075 while (node != NULL) {
4076 tmp = node;
4077 node = rb_next(tmp);
4078 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
4079
4080 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
4081 atomic_read(&tlink->tl_count) != 0 ||
4082 time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
4083 continue;
2de970ff 4084
b647c35f
JL		 4085 cifs_get_tlink(tlink);
4086 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
4087 rb_erase(tmp, root);
4088
4089 spin_unlock(&cifs_sb->tlink_tree_lock);
4090 cifs_put_tlink(tlink);
4091 spin_lock(&cifs_sb->tlink_tree_lock);
4092 }
4093 spin_unlock(&cifs_sb->tlink_tree_lock);
2de970ff
JL		 4094
4095 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
4096 TLINK_IDLE_EXPIRE);
4097}
ubuntu-zesty-kernel mirror