[mirror_ubuntu-hirsute-kernel.git] / fs / cifs / fs_context.c

// SPDX-License-Identifier: GPL-2.0-or-later
/*
 *   Copyright (C) 2020, Microsoft Corporation.
 *
 *   Author(s): Steve French <stfrench@microsoft.com>
 *              David Howells <dhowells@redhat.com>
 */

#include "cifsglob.h"
#include "cifs_debug.h"
#include "fs_context.h"

static const match_table_t cifs_smb_version_tokens = {
	{ Smb_1, SMB1_VERSION_STRING },
	{ Smb_20, SMB20_VERSION_STRING},
	{ Smb_21, SMB21_VERSION_STRING },
	{ Smb_30, SMB30_VERSION_STRING },
	{ Smb_302, SMB302_VERSION_STRING },
	{ Smb_302, ALT_SMB302_VERSION_STRING },
	{ Smb_311, SMB311_VERSION_STRING },
	{ Smb_311, ALT_SMB311_VERSION_STRING },
	{ Smb_3any, SMB3ANY_VERSION_STRING },
	{ Smb_default, SMBDEFAULT_VERSION_STRING },
	{ Smb_version_err, NULL }
};

int
cifs_parse_smb_version(char *value, struct smb3_fs_context *ctx, bool is_smb3)
{
	substring_t args[MAX_OPT_ARGS];

	switch (match_token(value, cifs_smb_version_tokens, args)) {
#ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
	case Smb_1:
		if (disable_legacy_dialects) {
			cifs_dbg(VFS, "mount with legacy dialect disabled\n");
			return 1;
		}
		if (is_smb3) {
			cifs_dbg(VFS, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
			return 1;
		}
		cifs_dbg(VFS, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
		ctx->ops = &smb1_operations;
		ctx->vals = &smb1_values;
		break;
	case Smb_20:
		if (disable_legacy_dialects) {
			cifs_dbg(VFS, "mount with legacy dialect disabled\n");
			return 1;
		}
		if (is_smb3) {
			cifs_dbg(VFS, "vers=2.0 not permitted when mounting with smb3\n");
			return 1;
		}
		ctx->ops = &smb20_operations;
		ctx->vals = &smb20_values;
		break;
#else
	case Smb_1:
		cifs_dbg(VFS, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
		return 1;
	case Smb_20:
		cifs_dbg(VFS, "vers=2.0 mount not permitted when legacy dialects disabled\n");
		return 1;
#endif /* CIFS_ALLOW_INSECURE_LEGACY */
	case Smb_21:
		ctx->ops = &smb21_operations;
		ctx->vals = &smb21_values;
		break;
	case Smb_30:
		ctx->ops = &smb30_operations;
		ctx->vals = &smb30_values;
		break;
	case Smb_302:
		ctx->ops = &smb30_operations; /* currently identical with 3.0 */
		ctx->vals = &smb302_values;
		break;
	case Smb_311:
		ctx->ops = &smb311_operations;
		ctx->vals = &smb311_values;
		break;
	case Smb_3any:
		ctx->ops = &smb30_operations; /* currently identical with 3.0 */
		ctx->vals = &smb3any_values;
		break;
	case Smb_default:
		ctx->ops = &smb30_operations; /* currently identical with 3.0 */
		ctx->vals = &smbdefault_values;
		break;
	default:
		cifs_dbg(VFS, "Unknown vers= option specified: %s\n", value);
		return 1;
	}
	return 0;
}

static const match_table_t cifs_secflavor_tokens = {
	{ Opt_sec_krb5, "krb5" },
	{ Opt_sec_krb5i, "krb5i" },
	{ Opt_sec_krb5p, "krb5p" },
	{ Opt_sec_ntlmsspi, "ntlmsspi" },
	{ Opt_sec_ntlmssp, "ntlmssp" },
	{ Opt_ntlm, "ntlm" },
	{ Opt_sec_ntlmi, "ntlmi" },
	{ Opt_sec_ntlmv2, "nontlm" },
	{ Opt_sec_ntlmv2, "ntlmv2" },
	{ Opt_sec_ntlmv2i, "ntlmv2i" },
	{ Opt_sec_lanman, "lanman" },
	{ Opt_sec_none, "none" },

	{ Opt_sec_err, NULL }
};

int cifs_parse_security_flavors(char *value, struct smb3_fs_context *ctx)
{

	substring_t args[MAX_OPT_ARGS];

	/*
	 * With mount options, the last one should win. Reset any existing
	 * settings back to default.
	 */
	ctx->sectype = Unspecified;
	ctx->sign = false;

	switch (match_token(value, cifs_secflavor_tokens, args)) {
	case Opt_sec_krb5p:
		cifs_dbg(VFS, "sec=krb5p is not supported!\n");
		return 1;
	case Opt_sec_krb5i:
		ctx->sign = true;
		fallthrough;
	case Opt_sec_krb5:
		ctx->sectype = Kerberos;
		break;
	case Opt_sec_ntlmsspi:
		ctx->sign = true;
		fallthrough;
	case Opt_sec_ntlmssp:
		ctx->sectype = RawNTLMSSP;
		break;
	case Opt_sec_ntlmi:
		ctx->sign = true;
		fallthrough;
	case Opt_ntlm:
		ctx->sectype = NTLM;
		break;
	case Opt_sec_ntlmv2i:
		ctx->sign = true;
		fallthrough;
	case Opt_sec_ntlmv2:
		ctx->sectype = NTLMv2;
		break;
#ifdef CONFIG_CIFS_WEAK_PW_HASH
	case Opt_sec_lanman:
		ctx->sectype = LANMAN;
		break;
#endif
	case Opt_sec_none:
		ctx->nullauth = 1;
		break;
	default:
		cifs_dbg(VFS, "bad security option: %s\n", value);
		return 1;
	}

	return 0;
}

static const match_table_t cifs_cacheflavor_tokens = {
	{ Opt_cache_loose, "loose" },
	{ Opt_cache_strict, "strict" },
	{ Opt_cache_none, "none" },
	{ Opt_cache_ro, "ro" },
	{ Opt_cache_rw, "singleclient" },
	{ Opt_cache_err, NULL }
};

int
cifs_parse_cache_flavor(char *value, struct smb3_fs_context *ctx)
{
	substring_t args[MAX_OPT_ARGS];

	switch (match_token(value, cifs_cacheflavor_tokens, args)) {
	case Opt_cache_loose:
		ctx->direct_io = false;
		ctx->strict_io = false;
		ctx->cache_ro = false;
		ctx->cache_rw = false;
		break;
	case Opt_cache_strict:
		ctx->direct_io = false;
		ctx->strict_io = true;
		ctx->cache_ro = false;
		ctx->cache_rw = false;
		break;
	case Opt_cache_none:
		ctx->direct_io = true;
		ctx->strict_io = false;
		ctx->cache_ro = false;
		ctx->cache_rw = false;
		break;
	case Opt_cache_ro:
		ctx->direct_io = false;
		ctx->strict_io = false;
		ctx->cache_ro = true;
		ctx->cache_rw = false;
		break;
	case Opt_cache_rw:
		ctx->direct_io = false;
		ctx->strict_io = false;
		ctx->cache_ro = false;
		ctx->cache_rw = true;
		break;
	default:
		cifs_dbg(VFS, "bad cache= option: %s\n", value);
		return 1;
	}
	return 0;
}
Commit	Line	Data
a6a9cffa RS	1	// SPDX-License-Identifier: GPL-2.0-or-later
	2	/*
	3	* Copyright (C) 2020, Microsoft Corporation.
	4	*
	5	* Author(s): Steve French <stfrench@microsoft.com>
	6	* David Howells <dhowells@redhat.com>
	7	*/
	8
5c6e5aa4 RS	9	#include "cifsglob.h"
	10	#include "cifs_debug.h"
	11	#include "fs_context.h"
	12
555782aa RS	13	static const match_table_t cifs_smb_version_tokens = {
	14	{ Smb_1, SMB1_VERSION_STRING },
	15	{ Smb_20, SMB20_VERSION_STRING},
	16	{ Smb_21, SMB21_VERSION_STRING },
	17	{ Smb_30, SMB30_VERSION_STRING },
	18	{ Smb_302, SMB302_VERSION_STRING },
	19	{ Smb_302, ALT_SMB302_VERSION_STRING },
	20	{ Smb_311, SMB311_VERSION_STRING },
	21	{ Smb_311, ALT_SMB311_VERSION_STRING },
	22	{ Smb_3any, SMB3ANY_VERSION_STRING },
	23	{ Smb_default, SMBDEFAULT_VERSION_STRING },
	24	{ Smb_version_err, NULL }
	25	};
	26
	27	int
3fa1c6d1	28	cifs_parse_smb_version(char value, struct smb3_fs_context ctx, bool is_smb3)
555782aa RS	29	{
	30	substring_t args[MAX_OPT_ARGS];
	31
	32	switch (match_token(value, cifs_smb_version_tokens, args)) {
	33	#ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
	34	case Smb_1:
	35	if (disable_legacy_dialects) {
	36	cifs_dbg(VFS, "mount with legacy dialect disabled\n");
	37	return 1;
	38	}
	39	if (is_smb3) {
	40	cifs_dbg(VFS, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
	41	return 1;
	42	}
	43	cifs_dbg(VFS, "Use of the less secure dialect vers=1.0 is not recommended unless required for access to very old servers\n");
3fa1c6d1 RS	44	ctx->ops = &smb1_operations;
3fa1c6d1 RS	45	ctx->vals = &smb1_values;
555782aa RS	46	break;
	47	case Smb_20:
	48	if (disable_legacy_dialects) {
	49	cifs_dbg(VFS, "mount with legacy dialect disabled\n");
	50	return 1;
	51	}
	52	if (is_smb3) {
	53	cifs_dbg(VFS, "vers=2.0 not permitted when mounting with smb3\n");
	54	return 1;
	55	}
3fa1c6d1 RS	56	ctx->ops = &smb20_operations;
3fa1c6d1 RS	57	ctx->vals = &smb20_values;
555782aa RS	58	break;
	59	#else
	60	case Smb_1:
	61	cifs_dbg(VFS, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
	62	return 1;
	63	case Smb_20:
	64	cifs_dbg(VFS, "vers=2.0 mount not permitted when legacy dialects disabled\n");
	65	return 1;
	66	#endif /* CIFS_ALLOW_INSECURE_LEGACY */
	67	case Smb_21:
3fa1c6d1 RS	68	ctx->ops = &smb21_operations;
3fa1c6d1 RS	69	ctx->vals = &smb21_values;
555782aa RS	70	break;
555782aa RS	71	case Smb_30:
3fa1c6d1 RS	72	ctx->ops = &smb30_operations;
3fa1c6d1 RS	73	ctx->vals = &smb30_values;
555782aa RS	74	break;
555782aa RS	75	case Smb_302:
3fa1c6d1 RS	76	ctx->ops = &smb30_operations; /* currently identical with 3.0 */
3fa1c6d1 RS	77	ctx->vals = &smb302_values;
555782aa RS	78	break;
555782aa RS	79	case Smb_311:
3fa1c6d1 RS	80	ctx->ops = &smb311_operations;
3fa1c6d1 RS	81	ctx->vals = &smb311_values;
555782aa RS	82	break;
555782aa RS	83	case Smb_3any:
3fa1c6d1 RS	84	ctx->ops = &smb30_operations; /* currently identical with 3.0 */
3fa1c6d1 RS	85	ctx->vals = &smb3any_values;
555782aa RS	86	break;
555782aa RS	87	case Smb_default:
3fa1c6d1 RS	88	ctx->ops = &smb30_operations; /* currently identical with 3.0 */
3fa1c6d1 RS	89	ctx->vals = &smbdefault_values;
555782aa RS	90	break;
	91	default:
	92	cifs_dbg(VFS, "Unknown vers= option specified: %s\n", value);
	93	return 1;
	94	}
	95	return 0;
	96	}
	97
5c6e5aa4 RS	98	static const match_table_t cifs_secflavor_tokens = {
	99	{ Opt_sec_krb5, "krb5" },
	100	{ Opt_sec_krb5i, "krb5i" },
	101	{ Opt_sec_krb5p, "krb5p" },
	102	{ Opt_sec_ntlmsspi, "ntlmsspi" },
	103	{ Opt_sec_ntlmssp, "ntlmssp" },
	104	{ Opt_ntlm, "ntlm" },
	105	{ Opt_sec_ntlmi, "ntlmi" },
	106	{ Opt_sec_ntlmv2, "nontlm" },
	107	{ Opt_sec_ntlmv2, "ntlmv2" },
	108	{ Opt_sec_ntlmv2i, "ntlmv2i" },
	109	{ Opt_sec_lanman, "lanman" },
	110	{ Opt_sec_none, "none" },
	111
	112	{ Opt_sec_err, NULL }
	113	};
	114
3fa1c6d1	115	int cifs_parse_security_flavors(char value, struct smb3_fs_context ctx)
5c6e5aa4 RS	116	{
	117
	118	substring_t args[MAX_OPT_ARGS];
	119
	120	/*
	121	* With mount options, the last one should win. Reset any existing
	122	* settings back to default.
	123	*/
3fa1c6d1 RS	124	ctx->sectype = Unspecified;
3fa1c6d1 RS	125	ctx->sign = false;
5c6e5aa4 RS	126
	127	switch (match_token(value, cifs_secflavor_tokens, args)) {
	128	case Opt_sec_krb5p:
	129	cifs_dbg(VFS, "sec=krb5p is not supported!\n");
	130	return 1;
	131	case Opt_sec_krb5i:
3fa1c6d1	132	ctx->sign = true;
5c6e5aa4 RS	133	fallthrough;
5c6e5aa4 RS	134	case Opt_sec_krb5:
3fa1c6d1	135	ctx->sectype = Kerberos;
5c6e5aa4 RS	136	break;
5c6e5aa4 RS	137	case Opt_sec_ntlmsspi:
3fa1c6d1	138	ctx->sign = true;
5c6e5aa4 RS	139	fallthrough;
5c6e5aa4 RS	140	case Opt_sec_ntlmssp:
3fa1c6d1	141	ctx->sectype = RawNTLMSSP;
5c6e5aa4 RS	142	break;
5c6e5aa4 RS	143	case Opt_sec_ntlmi:
3fa1c6d1	144	ctx->sign = true;
5c6e5aa4 RS	145	fallthrough;
5c6e5aa4 RS	146	case Opt_ntlm:
3fa1c6d1	147	ctx->sectype = NTLM;
5c6e5aa4 RS	148	break;
5c6e5aa4 RS	149	case Opt_sec_ntlmv2i:
3fa1c6d1	150	ctx->sign = true;
5c6e5aa4 RS	151	fallthrough;
5c6e5aa4 RS	152	case Opt_sec_ntlmv2:
3fa1c6d1	153	ctx->sectype = NTLMv2;
5c6e5aa4 RS	154	break;
	155	#ifdef CONFIG_CIFS_WEAK_PW_HASH
	156	case Opt_sec_lanman:
3fa1c6d1	157	ctx->sectype = LANMAN;
5c6e5aa4 RS	158	break;
	159	#endif
	160	case Opt_sec_none:
3fa1c6d1	161	ctx->nullauth = 1;
5c6e5aa4 RS	162	break;
	163	default:
	164	cifs_dbg(VFS, "bad security option: %s\n", value);
	165	return 1;
	166	}
	167
	168	return 0;
	169	}
2f20f076 RS	170
	171	static const match_table_t cifs_cacheflavor_tokens = {
	172	{ Opt_cache_loose, "loose" },
	173	{ Opt_cache_strict, "strict" },
	174	{ Opt_cache_none, "none" },
	175	{ Opt_cache_ro, "ro" },
	176	{ Opt_cache_rw, "singleclient" },
	177	{ Opt_cache_err, NULL }
	178	};
	179
	180	int
3fa1c6d1	181	cifs_parse_cache_flavor(char value, struct smb3_fs_context ctx)
2f20f076 RS	182	{
	183	substring_t args[MAX_OPT_ARGS];
	184
	185	switch (match_token(value, cifs_cacheflavor_tokens, args)) {
	186	case Opt_cache_loose:
3fa1c6d1 RS	187	ctx->direct_io = false;
	188	ctx->strict_io = false;
	189	ctx->cache_ro = false;
	190	ctx->cache_rw = false;
2f20f076 RS	191	break;
2f20f076 RS	192	case Opt_cache_strict:
3fa1c6d1 RS	193	ctx->direct_io = false;
	194	ctx->strict_io = true;
	195	ctx->cache_ro = false;
	196	ctx->cache_rw = false;
2f20f076 RS	197	break;
2f20f076 RS	198	case Opt_cache_none:
3fa1c6d1 RS	199	ctx->direct_io = true;
	200	ctx->strict_io = false;
	201	ctx->cache_ro = false;
	202	ctx->cache_rw = false;
2f20f076 RS	203	break;
2f20f076 RS	204	case Opt_cache_ro:
3fa1c6d1 RS	205	ctx->direct_io = false;
	206	ctx->strict_io = false;
	207	ctx->cache_ro = true;
	208	ctx->cache_rw = false;
2f20f076 RS	209	break;
2f20f076 RS	210	case Opt_cache_rw:
3fa1c6d1 RS	211	ctx->direct_io = false;
	212	ctx->strict_io = false;
	213	ctx->cache_ro = false;
	214	ctx->cache_rw = true;
2f20f076 RS	215	break;
	216	default:
	217	cifs_dbg(VFS, "bad cache= option: %s\n", value);
	218	return 1;
	219	}
	220	return 0;
	221	}