projects / linux-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
cifs: fix bad buffer length check in coalesce_t2
[linux-block.git] / fs / cifs / connect.c
CommitLineData
1da177e4
LT		 1/*
2 * fs/cifs/connect.c
3 *
d185cda7 4 * Copyright (C) International Business Machines Corp., 2002,2009
1da177e4
LT		 5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
fb8c4b14 19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
1da177e4
LT		 20 */
21#include <linux/fs.h>
22#include <linux/net.h>
23#include <linux/string.h>
24#include <linux/list.h>
25#include <linux/wait.h>
5a0e3ad6 26#include <linux/slab.h>
1da177e4
LT		 27#include <linux/pagemap.h>
28#include <linux/ctype.h>
29#include <linux/utsname.h>
30#include <linux/mempool.h>
b8643e1b 31#include <linux/delay.h>
f191401f 32#include <linux/completion.h>
aaf737ad 33#include <linux/kthread.h>
0ae0efad 34#include <linux/pagevec.h>
7dfb7103 35#include <linux/freezer.h>
5c2503a8 36#include <linux/namei.h>
1da177e4
LT		 37#include <asm/uaccess.h>
38#include <asm/processor.h>
50b64e3b 39#include <linux/inet.h>
143cb494 40#include <linux/module.h>
0e2bedaa 41#include <net/ipv6.h>
1da177e4
LT		 42#include "cifspdu.h"
43#include "cifsglob.h"
44#include "cifsproto.h"
45#include "cifs_unicode.h"
46#include "cifs_debug.h"
47#include "cifs_fs_sb.h"
48#include "ntlmssp.h"
49#include "nterr.h"
50#include "rfc1002pdu.h"
488f1d2d 51#include "fscache.h"
1da177e4
LT		 52
53#define CIFS_PORT 445
54#define RFC1001_PORT 139
55
c74093b6
JL		 56/* SMB echo "timeout" -- FIXME: tunable? */
57#define SMB_ECHO_INTERVAL (60 * HZ)
58
1da177e4
LT		 59extern mempool_t *cifs_req_poolp;
60
2de970ff 61/* FIXME: should these be tunable? */
9d002df4 62#define TLINK_ERROR_EXPIRE (1 * HZ)
2de970ff 63#define TLINK_IDLE_EXPIRE (600 * HZ)
9d002df4 64
a9f1b85e
PS		 65static int ip_connect(struct TCP_Server_Info *server);
66static int generic_ip_connect(struct TCP_Server_Info *server);
b647c35f 67static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
2de970ff 68static void cifs_prune_tlinks(struct work_struct *work);
b9bce2e9
JL		 69static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
70 const char *devname);
1da177e4 71
d5c5605c
JL		 72/*
73 * cifs tcp session reconnection
74 *
75 * mark tcp session as reconnecting so temporarily locked
76 * mark all smb sessions as reconnecting for tcp session
77 * reconnect tcp session
78 * wake up waiters on reconnection? - (not needed currently)
79 */
2cd646a2 80static int
1da177e4
LT		 81cifs_reconnect(struct TCP_Server_Info *server)
82{
83 int rc = 0;
f1987b44 84 struct list_head *tmp, *tmp2;
96daf2b0
SF		 85 struct cifs_ses *ses;
86 struct cifs_tcon *tcon;
fb8c4b14 87 struct mid_q_entry *mid_entry;
3c1105df 88 struct list_head retry_list;
50c2f753 89
1da177e4 90 spin_lock(&GlobalMid_Lock);
469ee614 91 if (server->tcpStatus == CifsExiting) {
fb8c4b14 92 /* the demux thread will exit normally
1da177e4
LT		 93 next time through the loop */
94 spin_unlock(&GlobalMid_Lock);
95 return rc;
96 } else
97 server->tcpStatus = CifsNeedReconnect;
98 spin_unlock(&GlobalMid_Lock);
99 server->maxBuf = 0;
100
b6b38f70 101 cFYI(1, "Reconnecting tcp session");
1da177e4
LT		 102
103 /* before reconnecting the tcp session, mark the smb session (uid)
104 and the tid bad so they are not used until reconnected */
2b84a36c 105 cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
3f9bcca7 106 spin_lock(&cifs_tcp_ses_lock);
14fbf50d 107 list_for_each(tmp, &server->smb_ses_list) {
96daf2b0 108 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
14fbf50d
JL		 109 ses->need_reconnect = true;
110 ses->ipc_tid = 0;
f1987b44 111 list_for_each(tmp2, &ses->tcon_list) {
96daf2b0 112 tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
3b795210 113 tcon->need_reconnect = true;
1da177e4 114 }
1da177e4 115 }
3f9bcca7 116 spin_unlock(&cifs_tcp_ses_lock);
2b84a36c 117
1da177e4 118 /* do not want to be sending data on a socket we are freeing */
2b84a36c 119 cFYI(1, "%s: tearing down socket", __func__);
72ca545b 120 mutex_lock(&server->srv_mutex);
fb8c4b14 121 if (server->ssocket) {
b6b38f70
JP		 122 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
123 server->ssocket->flags);
91cf45f0 124 kernel_sock_shutdown(server->ssocket, SHUT_WR);
b6b38f70 125 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
467a8f8d 126 server->ssocket->state,
b6b38f70 127 server->ssocket->flags);
1da177e4
LT		 128 sock_release(server->ssocket);
129 server->ssocket = NULL;
130 }
5d0d2882
SP		 131 server->sequence_number = 0;
132 server->session_estab = false;
21e73393
SP		 133 kfree(server->session_key.response);
134 server->session_key.response = NULL;
135 server->session_key.len = 0;
fda35943 136 server->lstrp = jiffies;
2b84a36c 137 mutex_unlock(&server->srv_mutex);
1da177e4 138
2b84a36c 139 /* mark submitted MIDs for retry and issue callback */
3c1105df
JL		 140 INIT_LIST_HEAD(&retry_list);
141 cFYI(1, "%s: moving mids to private list", __func__);
1da177e4 142 spin_lock(&GlobalMid_Lock);
2b84a36c
JL		 143 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
144 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
145 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
ad8b15f0 146 mid_entry->midState = MID_RETRY_NEEDED;
3c1105df
JL		 147 list_move(&mid_entry->qhead, &retry_list);
148 }
149 spin_unlock(&GlobalMid_Lock);
150
151 cFYI(1, "%s: issuing mid callbacks", __func__);
152 list_for_each_safe(tmp, tmp2, &retry_list) {
153 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
2b84a36c
JL		 154 list_del_init(&mid_entry->qhead);
155 mid_entry->callback(mid_entry);
1da177e4 156 }
1da177e4 157
7fdbaa1b 158 do {
6c3d8909 159 try_to_freeze();
a9f1b85e
PS		 160
161 /* we should try only the port we connected to before */
162 rc = generic_ip_connect(server);
fb8c4b14 163 if (rc) {
b6b38f70 164 cFYI(1, "reconnect error %d", rc);
0cb766ae 165 msleep(3000);
1da177e4
LT		 166 } else {
167 atomic_inc(&tcpSesReconnectCount);
168 spin_lock(&GlobalMid_Lock);
469ee614 169 if (server->tcpStatus != CifsExiting)
fd88ce93 170 server->tcpStatus = CifsNeedNegotiate;
fb8c4b14 171 spin_unlock(&GlobalMid_Lock);
1da177e4 172 }
7fdbaa1b 173 } while (server->tcpStatus == CifsNeedReconnect);
2b84a36c 174
1da177e4
LT		 175 return rc;
176}
177
fb8c4b14 178/*
e4eb295d
SF		 179 return codes:
180 0 not a transact2, or all data present
181 >0 transact2 with that much data missing
182 -EINVAL = invalid transact2
183
184 */
c974befa 185static int check2ndT2(struct smb_hdr *pSMB)
e4eb295d 186{
fb8c4b14 187 struct smb_t2_rsp *pSMBt;
e4eb295d 188 int remaining;
26ec2548 189 __u16 total_data_size, data_in_this_rsp;
e4eb295d 190
fb8c4b14 191 if (pSMB->Command != SMB_COM_TRANSACTION2)
e4eb295d
SF		 192 return 0;
193
fb8c4b14
SF		 194 /* check for plausible wct, bcc and t2 data and parm sizes */
195 /* check for parm and data offset going beyond end of smb */
196 if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
b6b38f70 197 cFYI(1, "invalid transact2 word count");
e4eb295d
SF		 198 return -EINVAL;
199 }
200
201 pSMBt = (struct smb_t2_rsp *)pSMB;
202
26ec2548
JL		 203 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
204 data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
e4eb295d 205
c0c7b905 206 if (total_data_size == data_in_this_rsp)
e4eb295d 207 return 0;
c0c7b905 208 else if (total_data_size < data_in_this_rsp) {
b6b38f70
JP		 209 cFYI(1, "total data %d smaller than data in frame %d",
210 total_data_size, data_in_this_rsp);
e4eb295d 211 return -EINVAL;
e4eb295d 212 }
c0c7b905
JL		 213
214 remaining = total_data_size - data_in_this_rsp;
215
216 cFYI(1, "missing %d bytes from transact2, check next response",
217 remaining);
c974befa 218 if (total_data_size > CIFSMaxBufSize) {
c0c7b905 219 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
c974befa 220 total_data_size, CIFSMaxBufSize);
c0c7b905
JL		 221 return -EINVAL;
222 }
223 return remaining;
e4eb295d
SF		 224}
225
fb8c4b14 226static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
e4eb295d
SF		 227{
228 struct smb_t2_rsp *pSMB2 = (struct smb_t2_rsp *)psecond;
229 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
fb8c4b14
SF		 230 char *data_area_of_target;
231 char *data_area_of_buf2;
26ec2548 232 int remaining;
2a2047bc
JL		 233 unsigned int byte_count, total_in_buf;
234 __u16 total_data_size, total_in_buf2;
e4eb295d 235
26ec2548 236 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
e4eb295d 237
26ec2548
JL		 238 if (total_data_size !=
239 get_unaligned_le16(&pSMB2->t2_rsp.TotalDataCount))
b6b38f70 240 cFYI(1, "total data size of primary and secondary t2 differ");
e4eb295d 241
26ec2548 242 total_in_buf = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
e4eb295d
SF		 243
244 remaining = total_data_size - total_in_buf;
50c2f753 245
fb8c4b14 246 if (remaining < 0)
2a2047bc 247 return -EPROTO;
e4eb295d 248
fb8c4b14 249 if (remaining == 0) /* nothing to do, ignore */
e4eb295d 250 return 0;
50c2f753 251
26ec2548 252 total_in_buf2 = get_unaligned_le16(&pSMB2->t2_rsp.DataCount);
fb8c4b14 253 if (remaining < total_in_buf2) {
b6b38f70 254 cFYI(1, "transact2 2nd response contains too much data");
e4eb295d
SF		 255 }
256
257 /* find end of first SMB data area */
fb8c4b14 258 data_area_of_target = (char *)&pSMBt->hdr.Protocol +
26ec2548 259 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
e4eb295d
SF		 260 /* validate target area */
261
26ec2548
JL		 262 data_area_of_buf2 = (char *)&pSMB2->hdr.Protocol +
263 get_unaligned_le16(&pSMB2->t2_rsp.DataOffset);
e4eb295d
SF		 264
265 data_area_of_target += total_in_buf;
266
267 /* copy second buffer into end of first buffer */
e4eb295d 268 total_in_buf += total_in_buf2;
2a2047bc
JL		 269 /* is the result too big for the field? */
270 if (total_in_buf > USHRT_MAX)
271 return -EPROTO;
26ec2548 272 put_unaligned_le16(total_in_buf, &pSMBt->t2_rsp.DataCount);
2a2047bc
JL		 273
274 /* fix up the BCC */
820a803f 275 byte_count = get_bcc(pTargetSMB);
e4eb295d 276 byte_count += total_in_buf2;
2a2047bc
JL		 277 /* is the result too big for the field? */
278 if (byte_count > USHRT_MAX)
279 return -EPROTO;
820a803f 280 put_bcc(byte_count, pTargetSMB);
e4eb295d 281
be8e3b00 282 byte_count = be32_to_cpu(pTargetSMB->smb_buf_length);
e4eb295d 283 byte_count += total_in_buf2;
2a2047bc 284 /* don't allow buffer to overflow */
497728e1 285 if (byte_count > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4)
2a2047bc 286 return -ENOBUFS;
be8e3b00 287 pTargetSMB->smb_buf_length = cpu_to_be32(byte_count);
e4eb295d 288
2a2047bc
JL		 289 memcpy(data_area_of_target, data_area_of_buf2, total_in_buf2);
290
fb8c4b14 291 if (remaining == total_in_buf2) {
b6b38f70 292 cFYI(1, "found the last secondary response");
e4eb295d
SF		 293 return 0; /* we are done */
294 } else /* more responses to go */
295 return 1;
e4eb295d
SF		 296}
297
c74093b6
JL		 298static void
299cifs_echo_request(struct work_struct *work)
300{
301 int rc;
302 struct TCP_Server_Info *server = container_of(work,
303 struct TCP_Server_Info, echo.work);
304
247ec9b4 305 /*
195291e6
JL		 306 * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
307 * done, which is indicated by maxBuf != 0. Also, no need to ping if
308 * we got a response recently
247ec9b4 309 */
195291e6 310 if (server->maxBuf == 0 ||
247ec9b4 311 time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
c74093b6
JL		 312 goto requeue_echo;
313
314 rc = CIFSSMBEcho(server);
315 if (rc)
316 cFYI(1, "Unable to send echo request to server: %s",
317 server->hostname);
318
319requeue_echo:
320 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
321}
322
3d9c2472 323static bool
2a37ef94 324allocate_buffers(struct TCP_Server_Info *server)
3d9c2472 325{
2a37ef94
JL		 326 if (!server->bigbuf) {
327 server->bigbuf = (char *)cifs_buf_get();
328 if (!server->bigbuf) {
3d9c2472
PS		 329 cERROR(1, "No memory for large SMB response");
330 msleep(3000);
331 /* retry will check if exiting */
332 return false;
333 }
2a37ef94 334 } else if (server->large_buf) {
3d9c2472 335 /* we are reusing a dirty large buf, clear its start */
2a37ef94 336 memset(server->bigbuf, 0, sizeof(struct smb_hdr));
3d9c2472
PS		 337 }
338
2a37ef94
JL		 339 if (!server->smallbuf) {
340 server->smallbuf = (char *)cifs_small_buf_get();
341 if (!server->smallbuf) {
3d9c2472
PS		 342 cERROR(1, "No memory for SMB response");
343 msleep(1000);
344 /* retry will check if exiting */
345 return false;
346 }
347 /* beginning of smb buffer is cleared in our buf_get */
348 } else {
349 /* if existing small buf clear beginning */
2a37ef94 350 memset(server->smallbuf, 0, sizeof(struct smb_hdr));
3d9c2472
PS		 351 }
352
3d9c2472
PS		 353 return true;
354}
355
ba749e6d
JL		 356static bool
357server_unresponsive(struct TCP_Server_Info *server)
358{
359 if (echo_retries > 0 && server->tcpStatus == CifsGood &&
360 time_after(jiffies, server->lstrp +
361 (echo_retries * SMB_ECHO_INTERVAL))) {
362 cERROR(1, "Server %s has not responded in %d seconds. "
363 "Reconnecting...", server->hostname,
364 (echo_retries * SMB_ECHO_INTERVAL / HZ));
365 cifs_reconnect(server);
366 wake_up(&server->response_q);
367 return true;
368 }
369
370 return false;
371}
372
42c4dfc2
JL		 373/*
374 * kvec_array_init - clone a kvec array, and advance into it
375 * @new: pointer to memory for cloned array
376 * @iov: pointer to original array
377 * @nr_segs: number of members in original array
378 * @bytes: number of bytes to advance into the cloned array
379 *
380 * This function will copy the array provided in iov to a section of memory
381 * and advance the specified number of bytes into the new array. It returns
382 * the number of segments in the new array. "new" must be at least as big as
383 * the original iov array.
384 */
385static unsigned int
386kvec_array_init(struct kvec *new, struct kvec *iov, unsigned int nr_segs,
387 size_t bytes)
388{
389 size_t base = 0;
390
391 while (bytes || !iov->iov_len) {
392 int copy = min(bytes, iov->iov_len);
393
394 bytes -= copy;
395 base += copy;
396 if (iov->iov_len == base) {
397 iov++;
398 nr_segs--;
399 base = 0;
400 }
401 }
402 memcpy(new, iov, sizeof(*iov) * nr_segs);
403 new->iov_base += base;
404 new->iov_len -= base;
405 return nr_segs;
406}
407
1041e3f9
JL		 408static struct kvec *
409get_server_iovec(struct TCP_Server_Info *server, unsigned int nr_segs)
e7015fb1 410{
1041e3f9
JL		 411 struct kvec *new_iov;
412
413 if (server->iov && nr_segs <= server->nr_iov)
414 return server->iov;
415
416 /* not big enough -- allocate a new one and release the old */
417 new_iov = kmalloc(sizeof(*new_iov) * nr_segs, GFP_NOFS);
418 if (new_iov) {
419 kfree(server->iov);
420 server->iov = new_iov;
421 server->nr_iov = nr_segs;
422 }
423 return new_iov;
424}
425
e28bc5b1
JL		 426int
427cifs_readv_from_socket(struct TCP_Server_Info *server, struct kvec *iov_orig,
428 unsigned int nr_segs, unsigned int to_read)
e7015fb1 429{
a52c1eb7
JL		 430 int length = 0;
431 int total_read;
42c4dfc2 432 unsigned int segs;
e831e6cf 433 struct msghdr smb_msg;
42c4dfc2
JL		 434 struct kvec *iov;
435
1041e3f9 436 iov = get_server_iovec(server, nr_segs);
42c4dfc2
JL		 437 if (!iov)
438 return -ENOMEM;
e7015fb1 439
e831e6cf
JL		 440 smb_msg.msg_control = NULL;
441 smb_msg.msg_controllen = 0;
442
a52c1eb7 443 for (total_read = 0; to_read; total_read += length, to_read -= length) {
95edcff4
JL		 444 try_to_freeze();
445
ba749e6d 446 if (server_unresponsive(server)) {
a52c1eb7 447 total_read = -EAGAIN;
ba749e6d
JL		 448 break;
449 }
450
42c4dfc2
JL		 451 segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
452
453 length = kernel_recvmsg(server->ssocket, &smb_msg,
454 iov, segs, to_read, 0);
e7015fb1 455
e7015fb1 456 if (server->tcpStatus == CifsExiting) {
a52c1eb7 457 total_read = -ESHUTDOWN;
e7015fb1
PS		 458 break;
459 } else if (server->tcpStatus == CifsNeedReconnect) {
460 cifs_reconnect(server);
a52c1eb7 461 total_read = -EAGAIN;
e7015fb1
PS		 462 break;
463 } else if (length == -ERESTARTSYS ||
464 length == -EAGAIN ||
465 length == -EINTR) {
466 /*
467 * Minimum sleep to prevent looping, allowing socket
468 * to clear and app threads to set tcpStatus
469 * CifsNeedReconnect if server hung.
470 */
471 usleep_range(1000, 2000);
472 length = 0;
a52c1eb7 473 continue;
e7015fb1 474 } else if (length <= 0) {
a52c1eb7
JL		 475 cFYI(1, "Received no data or error: expecting %d "
476 "got %d", to_read, length);
e7015fb1 477 cifs_reconnect(server);
a52c1eb7 478 total_read = -EAGAIN;
e7015fb1
PS		 479 break;
480 }
481 }
a52c1eb7 482 return total_read;
e7015fb1 483}
e7015fb1 484
e28bc5b1
JL		 485int
486cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
487 unsigned int to_read)
42c4dfc2
JL		 488{
489 struct kvec iov;
490
491 iov.iov_base = buf;
492 iov.iov_len = to_read;
493
e28bc5b1 494 return cifs_readv_from_socket(server, &iov, 1, to_read);
e7015fb1
PS		 495}
496
98bac62c 497static bool
fe11e4cc 498is_smb_response(struct TCP_Server_Info *server, unsigned char type)
98bac62c 499{
98bac62c
PS		 500 /*
501 * The first byte big endian of the length field,
502 * is actually not part of the length but the type
503 * with the most common, zero, as regular data.
504 */
fe11e4cc
JL		 505 switch (type) {
506 case RFC1002_SESSION_MESSAGE:
507 /* Regular SMB response */
508 return true;
509 case RFC1002_SESSION_KEEP_ALIVE:
510 cFYI(1, "RFC 1002 session keep alive");
511 break;
512 case RFC1002_POSITIVE_SESSION_RESPONSE:
513 cFYI(1, "RFC 1002 positive session response");
514 break;
515 case RFC1002_NEGATIVE_SESSION_RESPONSE:
98bac62c
PS		 516 /*
517 * We get this from Windows 98 instead of an error on
518 * SMB negprot response.
519 */
fe11e4cc 520 cFYI(1, "RFC 1002 negative session response");
98bac62c
PS		 521 /* give server a second to clean up */
522 msleep(1000);
523 /*
524 * Always try 445 first on reconnect since we get NACK
525 * on some if we ever connected to port 139 (the NACK
526 * is since we do not begin with RFC1001 session
527 * initialize frame).
528 */
fe11e4cc 529 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
98bac62c
PS		 530 cifs_reconnect(server);
531 wake_up(&server->response_q);
fe11e4cc
JL		 532 break;
533 default:
534 cERROR(1, "RFC 1002 unknown response type 0x%x", type);
98bac62c 535 cifs_reconnect(server);
98bac62c
PS		 536 }
537
fe11e4cc 538 return false;
98bac62c
PS		 539}
540
ad69bae1 541static struct mid_q_entry *
ea1f4502 542find_mid(struct TCP_Server_Info *server, struct smb_hdr *buf)
ad69bae1 543{
ea1f4502 544 struct mid_q_entry *mid;
ad69bae1
PS		 545
546 spin_lock(&GlobalMid_Lock);
ea1f4502
JL		 547 list_for_each_entry(mid, &server->pending_mid_q, qhead) {
548 if (mid->mid == buf->Mid &&
549 mid->midState == MID_REQUEST_SUBMITTED &&
550 mid->command == buf->Command) {
551 spin_unlock(&GlobalMid_Lock);
552 return mid;
ad69bae1 553 }
ea1f4502
JL		 554 }
555 spin_unlock(&GlobalMid_Lock);
556 return NULL;
557}
558
e28bc5b1
JL		 559void
560dequeue_mid(struct mid_q_entry *mid, bool malformed)
ea1f4502 561{
ad69bae1 562#ifdef CONFIG_CIFS_STATS2
ea1f4502 563 mid->when_received = jiffies;
ad69bae1 564#endif
ea1f4502
JL		 565 spin_lock(&GlobalMid_Lock);
566 if (!malformed)
567 mid->midState = MID_RESPONSE_RECEIVED;
568 else
569 mid->midState = MID_RESPONSE_MALFORMED;
570 list_del_init(&mid->qhead);
ad69bae1 571 spin_unlock(&GlobalMid_Lock);
ea1f4502 572}
ad69bae1 573
c8054ebd
JL		 574static void
575handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
576 struct smb_hdr *buf, int malformed)
ea1f4502 577{
ffc00e27
JL		 578 if (malformed == 0 && check2ndT2(buf) > 0) {
579 mid->multiRsp = true;
ea1f4502
JL		 580 if (mid->resp_buf) {
581 /* merge response - fix up 1st*/
ffc00e27
JL		 582 malformed = coalesce_t2(buf, mid->resp_buf);
583 if (malformed > 0)
c8054ebd 584 return;
ffc00e27 585
ea1f4502
JL		 586 /* All parts received or packet is malformed. */
587 mid->multiEnd = true;
c8054ebd 588 return dequeue_mid(mid, malformed);
ea1f4502 589 }
2a37ef94 590 if (!server->large_buf) {
ea1f4502
JL		 591 /*FIXME: switch to already allocated largebuf?*/
592 cERROR(1, "1st trans2 resp needs bigbuf");
593 } else {
594 /* Have first buffer */
595 mid->resp_buf = buf;
596 mid->largeBuf = true;
2a37ef94 597 server->bigbuf = NULL;
ea1f4502 598 }
c8054ebd 599 return;
ea1f4502
JL		 600 }
601 mid->resp_buf = buf;
2a37ef94
JL		 602 mid->largeBuf = server->large_buf;
603 /* Was previous buf put in mpx struct for multi-rsp? */
604 if (!mid->multiRsp) {
605 /* smb buffer will be freed by user thread */
606 if (server->large_buf)
607 server->bigbuf = NULL;
608 else
609 server->smallbuf = NULL;
610 }
ffc00e27 611 dequeue_mid(mid, malformed);
ad69bae1
PS		 612}
613
762dfd10
PS		 614static void clean_demultiplex_info(struct TCP_Server_Info *server)
615{
616 int length;
617
618 /* take it off the list, if it's not already */
619 spin_lock(&cifs_tcp_ses_lock);
620 list_del_init(&server->tcp_ses_list);
621 spin_unlock(&cifs_tcp_ses_lock);
622
623 spin_lock(&GlobalMid_Lock);
624 server->tcpStatus = CifsExiting;
625 spin_unlock(&GlobalMid_Lock);
626 wake_up_all(&server->response_q);
627
628 /*
629 * Check if we have blocked requests that need to free. Note that
630 * cifs_max_pending is normally 50, but can be set at module install
631 * time to as little as two.
632 */
633 spin_lock(&GlobalMid_Lock);
634 if (atomic_read(&server->inFlight) >= cifs_max_pending)
635 atomic_set(&server->inFlight, cifs_max_pending - 1);
636 /*
637 * We do not want to set the max_pending too low or we could end up
638 * with the counter going negative.
639 */
640 spin_unlock(&GlobalMid_Lock);
641 /*
642 * Although there should not be any requests blocked on this queue it
643 * can not hurt to be paranoid and try to wake up requests that may
644 * haven been blocked when more than 50 at time were on the wire to the
645 * same server - they now will see the session is in exit state and get
646 * out of SendReceive.
647 */
648 wake_up_all(&server->request_q);
649 /* give those requests time to exit */
650 msleep(125);
651
652 if (server->ssocket) {
653 sock_release(server->ssocket);
654 server->ssocket = NULL;
655 }
656
657 if (!list_empty(&server->pending_mid_q)) {
658 struct list_head dispose_list;
659 struct mid_q_entry *mid_entry;
660 struct list_head *tmp, *tmp2;
661
662 INIT_LIST_HEAD(&dispose_list);
663 spin_lock(&GlobalMid_Lock);
664 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
665 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
666 cFYI(1, "Clearing mid 0x%x", mid_entry->mid);
667 mid_entry->midState = MID_SHUTDOWN;
668 list_move(&mid_entry->qhead, &dispose_list);
669 }
670 spin_unlock(&GlobalMid_Lock);
671
672 /* now walk dispose list and issue callbacks */
673 list_for_each_safe(tmp, tmp2, &dispose_list) {
674 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
675 cFYI(1, "Callback mid 0x%x", mid_entry->mid);
676 list_del_init(&mid_entry->qhead);
677 mid_entry->callback(mid_entry);
678 }
679 /* 1/8th of sec is more than enough time for them to exit */
680 msleep(125);
681 }
682
683 if (!list_empty(&server->pending_mid_q)) {
684 /*
685 * mpx threads have not exited yet give them at least the smb
686 * send timeout time for long ops.
687 *
688 * Due to delays on oplock break requests, we need to wait at
689 * least 45 seconds before giving up on a request getting a
690 * response and going ahead and killing cifsd.
691 */
692 cFYI(1, "Wait for exit from demultiplex thread");
693 msleep(46000);
694 /*
695 * If threads still have not exited they are probably never
696 * coming home not much else we can do but free the memory.
697 */
698 }
699
700 kfree(server->hostname);
1041e3f9 701 kfree(server->iov);
762dfd10
PS		 702 kfree(server);
703
704 length = atomic_dec_return(&tcpSesAllocCount);
705 if (length > 0)
706 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
707 GFP_KERNEL);
708}
709
e9097ab4
JL		 710static int
711standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
712{
713 int length;
714 char *buf = server->smallbuf;
715 struct smb_hdr *smb_buffer = (struct smb_hdr *)buf;
716 unsigned int pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
717
718 /* make sure this will fit in a large buffer */
719 if (pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
720 cERROR(1, "SMB response too long (%u bytes)",
721 pdu_length);
722 cifs_reconnect(server);
723 wake_up(&server->response_q);
724 return -EAGAIN;
725 }
726
727 /* switch to large buffer if too big for a small one */
728 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
729 server->large_buf = true;
730 memcpy(server->bigbuf, server->smallbuf, server->total_read);
731 buf = server->bigbuf;
732 smb_buffer = (struct smb_hdr *)buf;
733 }
734
735 /* now read the rest */
e28bc5b1 736 length = cifs_read_from_socket(server,
e9097ab4
JL		 737 buf + sizeof(struct smb_hdr) - 1,
738 pdu_length - sizeof(struct smb_hdr) + 1 + 4);
739 if (length < 0)
740 return length;
741 server->total_read += length;
742
743 dump_smb(smb_buffer, server->total_read);
744
745 /*
746 * We know that we received enough to get to the MID as we
747 * checked the pdu_length earlier. Now check to see
748 * if the rest of the header is OK. We borrow the length
749 * var for the rest of the loop to avoid a new stack var.
750 *
751 * 48 bytes is enough to display the header and a little bit
752 * into the payload for debugging purposes.
753 */
754 length = checkSMB(smb_buffer, smb_buffer->Mid, server->total_read);
755 if (length != 0)
756 cifs_dump_mem("Bad SMB: ", buf,
757 min_t(unsigned int, server->total_read, 48));
758
759 if (mid)
760 handle_mid(mid, server, smb_buffer, length);
761
762 return length;
763}
764
1da177e4 765static int
7c97c200 766cifs_demultiplex_thread(void *p)
1da177e4
LT		 767{
768 int length;
7c97c200 769 struct TCP_Server_Info *server = p;
2a37ef94
JL		 770 unsigned int pdu_length;
771 char *buf = NULL;
1da177e4 772 struct smb_hdr *smb_buffer = NULL;
1da177e4
LT		 773 struct task_struct *task_to_wake = NULL;
774 struct mid_q_entry *mid_entry;
1da177e4 775
1da177e4 776 current->flags |= PF_MEMALLOC;
b6b38f70 777 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
93d0ec85
JL		 778
779 length = atomic_inc_return(&tcpSesAllocCount);
780 if (length > 1)
26f57364
SF		 781 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
782 GFP_KERNEL);
1da177e4 783
83144186 784 set_freezable();
469ee614 785 while (server->tcpStatus != CifsExiting) {
ede1327e
SF		 786 if (try_to_freeze())
787 continue;
b8643e1b 788
2a37ef94 789 if (!allocate_buffers(server))
3d9c2472 790 continue;
b8643e1b 791
2a37ef94
JL		 792 server->large_buf = false;
793 smb_buffer = (struct smb_hdr *)server->smallbuf;
794 buf = server->smallbuf;
f01d5e14 795 pdu_length = 4; /* enough to get RFC1001 header */
fda35943 796
e28bc5b1 797 length = cifs_read_from_socket(server, buf, pdu_length);
a52c1eb7 798 if (length < 0)
1da177e4 799 continue;
2a37ef94 800 server->total_read = length;
1da177e4 801
98bac62c
PS		 802 /*
803 * The right amount was read from socket - 4 bytes,
804 * so we can now interpret the length field.
805 */
be8e3b00 806 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
70ca734a 807
fe11e4cc
JL		 808 cFYI(1, "RFC1002 header 0x%x", pdu_length);
809 if (!is_smb_response(server, buf[0]))
fb8c4b14 810 continue;
e4eb295d 811
89482a56
JL		 812 /* make sure we have enough to get to the MID */
813 if (pdu_length < sizeof(struct smb_hdr) - 1 - 4) {
814 cERROR(1, "SMB response too short (%u bytes)",
815 pdu_length);
816 cifs_reconnect(server);
817 wake_up(&server->response_q);
818 continue;
e4eb295d 819 }
e7015fb1 820
89482a56 821 /* read down to the MID */
e28bc5b1
JL		 822 length = cifs_read_from_socket(server, buf + 4,
823 sizeof(struct smb_hdr) - 1 - 4);
89482a56 824 if (length < 0)
e4eb295d 825 continue;
2a37ef94 826 server->total_read += length;
1da177e4 827
c8054ebd 828 mid_entry = find_mid(server, smb_buffer);
50c2f753 829
44d22d84
JL		 830 if (!mid_entry || !mid_entry->receive)
831 length = standard_receive3(server, mid_entry);
832 else
833 length = mid_entry->receive(server, mid_entry);
71823baf 834
e9097ab4 835 if (length < 0)
fe11e4cc 836 continue;
1da177e4 837
e9097ab4 838 if (server->large_buf) {
2a37ef94 839 buf = server->bigbuf;
e9097ab4 840 smb_buffer = (struct smb_hdr *)buf;
e4eb295d 841 }
fda35943 842
fda35943 843 server->lstrp = jiffies;
2b84a36c 844 if (mid_entry != NULL) {
2a37ef94
JL		 845 if (!mid_entry->multiRsp || mid_entry->multiEnd)
846 mid_entry->callback(mid_entry);
ffc00e27 847 } else if (!is_valid_oplock_break(smb_buffer, server)) {
b6b38f70 848 cERROR(1, "No task to wake, unknown frame received! "
8097531a 849 "NumMids %d", atomic_read(&midCount));
3d9c2472 850 cifs_dump_mem("Received Data is: ", buf,
70ca734a 851 sizeof(struct smb_hdr));
3979877e
SF		 852#ifdef CONFIG_CIFS_DEBUG2
853 cifs_dump_detail(smb_buffer);
854 cifs_dump_mids(server);
855#endif /* CIFS_DEBUG2 */
50c2f753 856
e4eb295d
SF		 857 }
858 } /* end while !EXITING */
859
fd62cb7e 860 /* buffer usually freed in free_mid - need to free it here on exit */
2a37ef94
JL		 861 cifs_buf_release(server->bigbuf);
862 if (server->smallbuf) /* no sense logging a debug message if NULL */
863 cifs_small_buf_release(server->smallbuf);
1da177e4 864
b1c8d2b4 865 task_to_wake = xchg(&server->tsk, NULL);
762dfd10 866 clean_demultiplex_info(server);
50c2f753 867
b1c8d2b4
JL		 868 /* if server->tsk was NULL then wait for a signal before exiting */
869 if (!task_to_wake) {
870 set_current_state(TASK_INTERRUPTIBLE);
871 while (!signal_pending(current)) {
872 schedule();
873 set_current_state(TASK_INTERRUPTIBLE);
874 }
875 set_current_state(TASK_RUNNING);
876 }
877
0468a2cf 878 module_put_and_exit(0);
1da177e4
LT		 879}
880
c359cf3c
JL		 881/* extract the host portion of the UNC string */
882static char *
883extract_hostname(const char *unc)
884{
885 const char *src;
886 char *dst, *delim;
887 unsigned int len;
888
889 /* skip double chars at beginning of string */
890 /* BB: check validity of these bytes? */
891 src = unc + 2;
892
893 /* delimiter between hostname and sharename is always '\\' now */
894 delim = strchr(src, '\\');
895 if (!delim)
896 return ERR_PTR(-EINVAL);
897
898 len = delim - src;
899 dst = kmalloc((len + 1), GFP_KERNEL);
900 if (dst == NULL)
901 return ERR_PTR(-ENOMEM);
902
903 memcpy(dst, src, len);
904 dst[len] = '\0';
905
906 return dst;
907}
908
1da177e4 909static int
b946845a 910cifs_parse_mount_options(const char *mountdata, const char *devname,
50c2f753 911 struct smb_vol *vol)
1da177e4 912{
4906e50b 913 char *value, *data, *end;
957df453 914 char *mountdata_copy = NULL, *options;
3d3ea8e6 915 int err;
1da177e4
LT		 916 unsigned int temp_len, i, j;
917 char separator[2];
9b9d6b24
JL		 918 short int override_uid = -1;
919 short int override_gid = -1;
920 bool uid_specified = false;
921 bool gid_specified = false;
88463999 922 char *nodename = utsname()->nodename;
1da177e4
LT		 923
924 separator[0] = ',';
50c2f753 925 separator[1] = 0;
1da177e4 926
88463999
JL		 927 /*
928 * does not have to be perfect mapping since field is
929 * informational, only used for servers that do not support
930 * port 445 and it can be overridden at mount time
931 */
1397f2ee
JL		 932 memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
933 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
88463999
JL		 934 vol->source_rfc1001_name[i] = toupper(nodename[i]);
935
1397f2ee 936 vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
a10faeb2
SF		 937 /* null target name indicates to use *SMBSERVR default called name
938 if we end up sending RFC1001 session initialize */
939 vol->target_rfc1001_name[0] = 0;
3e4b3e1f
JL		 940 vol->cred_uid = current_uid();
941 vol->linux_uid = current_uid();
a001e5b5 942 vol->linux_gid = current_gid();
f55ed1a8
JL		 943
944 /* default to only allowing write access to owner of the mount */
945 vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1da177e4
LT		 946
947 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
ac67055e
JA		 948 /* default is always to request posix paths. */
949 vol->posix_paths = 1;
a0c9217f
JL		 950 /* default to using server inode numbers where available */
951 vol->server_ino = 1;
ac67055e 952
6d20e840
SJ		 953 vol->actimeo = CIFS_DEF_ACTIMEO;
954
b946845a
SF		 955 if (!mountdata)
956 goto cifs_parse_mount_err;
957
958 mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
959 if (!mountdata_copy)
960 goto cifs_parse_mount_err;
1da177e4 961
b946845a 962 options = mountdata_copy;
4906e50b 963 end = options + strlen(options);
50c2f753 964 if (strncmp(options, "sep=", 4) == 0) {
fb8c4b14 965 if (options[4] != 0) {
1da177e4
LT		 966 separator[0] = options[4];
967 options += 5;
968 } else {
b6b38f70 969 cFYI(1, "Null separator not allowed");
1da177e4
LT		 970 }
971 }
3d3ea8e6
SP		 972 vol->backupuid_specified = false; /* no backup intent for a user */
973 vol->backupgid_specified = false; /* no backup intent for a group */
50c2f753 974
1da177e4
LT		 975 while ((data = strsep(&options, separator)) != NULL) {
976 if (!*data)
977 continue;
978 if ((value = strchr(data, '=')) != NULL)
979 *value++ = '\0';
980
50c2f753
SF		 981 /* Have to parse this before we parse for "user" */
982 if (strnicmp(data, "user_xattr", 10) == 0) {
1da177e4 983 vol->no_xattr = 0;
50c2f753 984 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
1da177e4
LT		 985 vol->no_xattr = 1;
986 } else if (strnicmp(data, "user", 4) == 0) {
4b952a9b 987 if (!value) {
1da177e4
LT		 988 printk(KERN_WARNING
989 "CIFS: invalid or missing username\n");
b946845a 990 goto cifs_parse_mount_err;
fb8c4b14 991 } else if (!*value) {
4b952a9b
SF		 992 /* null user, ie anonymous, authentication */
993 vol->nullauth = 1;
1da177e4 994 }
8727c8a8
SF		 995 if (strnlen(value, MAX_USERNAME_SIZE) <
996 MAX_USERNAME_SIZE) {
b946845a
SF		 997 vol->username = kstrdup(value, GFP_KERNEL);
998 if (!vol->username) {
999 printk(KERN_WARNING "CIFS: no memory "
1000 "for username\n");
1001 goto cifs_parse_mount_err;
1002 }
1da177e4
LT		 1003 } else {
1004 printk(KERN_WARNING "CIFS: username too long\n");
b946845a 1005 goto cifs_parse_mount_err;
1da177e4
LT		 1006 }
1007 } else if (strnicmp(data, "pass", 4) == 0) {
1008 if (!value) {
1009 vol->password = NULL;
1010 continue;
fb8c4b14 1011 } else if (value[0] == 0) {
1da177e4
LT		 1012 /* check if string begins with double comma
1013 since that would mean the password really
1014 does start with a comma, and would not
1015 indicate an empty string */
fb8c4b14 1016 if (value[1] != separator[0]) {
1da177e4
LT		 1017 vol->password = NULL;
1018 continue;
1019 }
1020 }
1021 temp_len = strlen(value);
1022 /* removed password length check, NTLM passwords
1023 can be arbitrarily long */
1024
50c2f753 1025 /* if comma in password, the string will be
1da177e4
LT		 1026 prematurely null terminated. Commas in password are
1027 specified across the cifs mount interface by a double
1028 comma ie ,, and a comma used as in other cases ie ','
1029 as a parameter delimiter/separator is single and due
1030 to the strsep above is temporarily zeroed. */
1031
1032 /* NB: password legally can have multiple commas and
1033 the only illegal character in a password is null */
1034
50c2f753 1035 if ((value[temp_len] == 0) &&
4906e50b 1036 (value + temp_len < end) &&
09d1db5c 1037 (value[temp_len+1] == separator[0])) {
1da177e4
LT		 1038 /* reinsert comma */
1039 value[temp_len] = separator[0];
50c2f753
SF		 1040 temp_len += 2; /* move after second comma */
1041 while (value[temp_len] != 0) {
1da177e4 1042 if (value[temp_len] == separator[0]) {
50c2f753 1043 if (value[temp_len+1] ==
09d1db5c
SF		 1044 separator[0]) {
1045 /* skip second comma */
1046 temp_len++;
50c2f753 1047 } else {
1da177e4
LT		 1048 /* single comma indicating start
1049 of next parm */
1050 break;
1051 }
1052 }
1053 temp_len++;
1054 }
fb8c4b14 1055 if (value[temp_len] == 0) {
1da177e4
LT		 1056 options = NULL;
1057 } else {
1058 value[temp_len] = 0;
1059 /* point option to start of next parm */
1060 options = value + temp_len + 1;
1061 }
50c2f753 1062 /* go from value to value + temp_len condensing
1da177e4
LT		 1063 double commas to singles. Note that this ends up
1064 allocating a few bytes too many, which is ok */
e915fc49 1065 vol->password = kzalloc(temp_len, GFP_KERNEL);
fb8c4b14 1066 if (vol->password == NULL) {
50c2f753
SF		 1067 printk(KERN_WARNING "CIFS: no memory "
1068 "for password\n");
b946845a 1069 goto cifs_parse_mount_err;
433dc24f 1070 }
50c2f753 1071 for (i = 0, j = 0; i < temp_len; i++, j++) {
1da177e4 1072 vol->password[j] = value[i];
fb8c4b14 1073 if (value[i] == separator[0]
09d1db5c 1074 && value[i+1] == separator[0]) {
1da177e4
LT		 1075 /* skip second comma */
1076 i++;
1077 }
1078 }
1079 vol->password[j] = 0;
1080 } else {
e915fc49 1081 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
fb8c4b14 1082 if (vol->password == NULL) {
50c2f753
SF		 1083 printk(KERN_WARNING "CIFS: no memory "
1084 "for password\n");
b946845a 1085 goto cifs_parse_mount_err;
433dc24f 1086 }
1da177e4
LT		 1087 strcpy(vol->password, value);
1088 }
58f7f68f
JL		 1089 } else if (!strnicmp(data, "ip", 2) ||
1090 !strnicmp(data, "addr", 4)) {
1da177e4
LT		 1091 if (!value || !*value) {
1092 vol->UNCip = NULL;
50b64e3b
JL		 1093 } else if (strnlen(value, INET6_ADDRSTRLEN) <
1094 INET6_ADDRSTRLEN) {
b946845a
SF		 1095 vol->UNCip = kstrdup(value, GFP_KERNEL);
1096 if (!vol->UNCip) {
1097 printk(KERN_WARNING "CIFS: no memory "
1098 "for UNC IP\n");
1099 goto cifs_parse_mount_err;
1100 }
1da177e4 1101 } else {
50c2f753
SF		 1102 printk(KERN_WARNING "CIFS: ip address "
1103 "too long\n");
b946845a 1104 goto cifs_parse_mount_err;
1da177e4 1105 }
50c2f753
SF		 1106 } else if (strnicmp(data, "sec", 3) == 0) {
1107 if (!value || !*value) {
b6b38f70 1108 cERROR(1, "no security value specified");
50c2f753
SF		 1109 continue;
1110 } else if (strnicmp(value, "krb5i", 5) == 0) {
1111 vol->secFlg |= CIFSSEC_MAY_KRB5 |
189acaae 1112 CIFSSEC_MUST_SIGN;
bf820679 1113 } else if (strnicmp(value, "krb5p", 5) == 0) {
50c2f753
SF		 1114 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
1115 CIFSSEC_MAY_KRB5; */
b6b38f70 1116 cERROR(1, "Krb5 cifs privacy not supported");
b946845a 1117 goto cifs_parse_mount_err;
bf820679 1118 } else if (strnicmp(value, "krb5", 4) == 0) {
750d1151 1119 vol->secFlg |= CIFSSEC_MAY_KRB5;
ac683924
SF		 1120 } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
1121 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
1122 CIFSSEC_MUST_SIGN;
1123 } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1124 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
bf820679 1125 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
750d1151 1126 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
189acaae 1127 CIFSSEC_MUST_SIGN;
bf820679 1128 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
750d1151 1129 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
bf820679 1130 } else if (strnicmp(value, "ntlmi", 5) == 0) {
750d1151 1131 vol->secFlg |= CIFSSEC_MAY_NTLM |
189acaae 1132 CIFSSEC_MUST_SIGN;
bf820679
SF		 1133 } else if (strnicmp(value, "ntlm", 4) == 0) {
1134 /* ntlm is default so can be turned off too */
750d1151 1135 vol->secFlg |= CIFSSEC_MAY_NTLM;
bf820679 1136 } else if (strnicmp(value, "nontlm", 6) == 0) {
189acaae 1137 /* BB is there a better way to do this? */
750d1151 1138 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
189acaae
SF		 1139#ifdef CONFIG_CIFS_WEAK_PW_HASH
1140 } else if (strnicmp(value, "lanman", 6) == 0) {
50c2f753 1141 vol->secFlg |= CIFSSEC_MAY_LANMAN;
189acaae 1142#endif
bf820679 1143 } else if (strnicmp(value, "none", 4) == 0) {
189acaae 1144 vol->nullauth = 1;
50c2f753 1145 } else {
b6b38f70 1146 cERROR(1, "bad security option: %s", value);
b946845a 1147 goto cifs_parse_mount_err;
50c2f753 1148 }
1cb06d0b
SF		 1149 } else if (strnicmp(data, "vers", 3) == 0) {
1150 if (!value || !*value) {
1151 cERROR(1, "no protocol version specified"
1152 " after vers= mount option");
1153 } else if ((strnicmp(value, "cifs", 4) == 0) ||
1154 (strnicmp(value, "1", 1) == 0)) {
1155 /* this is the default */
1156 continue;
1cb06d0b 1157 }
1da177e4
LT		 1158 } else if ((strnicmp(data, "unc", 3) == 0)
1159 || (strnicmp(data, "target", 6) == 0)
1160 || (strnicmp(data, "path", 4) == 0)) {
1161 if (!value || !*value) {
50c2f753
SF		 1162 printk(KERN_WARNING "CIFS: invalid path to "
1163 "network resource\n");
b946845a 1164 goto cifs_parse_mount_err;
1da177e4
LT		 1165 }
1166 if ((temp_len = strnlen(value, 300)) < 300) {
50c2f753 1167 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
4523cc30 1168 if (vol->UNC == NULL)
b946845a 1169 goto cifs_parse_mount_err;
50c2f753 1170 strcpy(vol->UNC, value);
1da177e4
LT		 1171 if (strncmp(vol->UNC, "//", 2) == 0) {
1172 vol->UNC[0] = '\\';
1173 vol->UNC[1] = '\\';
50c2f753 1174 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1da177e4 1175 printk(KERN_WARNING
50c2f753
SF		 1176 "CIFS: UNC Path does not begin "
1177 "with // or \\\\ \n");
b946845a 1178 goto cifs_parse_mount_err;
1da177e4
LT		 1179 }
1180 } else {
1181 printk(KERN_WARNING "CIFS: UNC name too long\n");
b946845a 1182 goto cifs_parse_mount_err;
1da177e4
LT		 1183 }
1184 } else if ((strnicmp(data, "domain", 3) == 0)
1185 || (strnicmp(data, "workgroup", 5) == 0)) {
1186 if (!value || !*value) {
1187 printk(KERN_WARNING "CIFS: invalid domain name\n");
b946845a 1188 goto cifs_parse_mount_err;
1da177e4
LT		 1189 }
1190 /* BB are there cases in which a comma can be valid in
1191 a domain name and need special handling? */
3979877e 1192 if (strnlen(value, 256) < 256) {
b946845a
SF		 1193 vol->domainname = kstrdup(value, GFP_KERNEL);
1194 if (!vol->domainname) {
1195 printk(KERN_WARNING "CIFS: no memory "
1196 "for domainname\n");
1197 goto cifs_parse_mount_err;
1198 }
b6b38f70 1199 cFYI(1, "Domain name set");
1da177e4 1200 } else {
50c2f753
SF		 1201 printk(KERN_WARNING "CIFS: domain name too "
1202 "long\n");
b946845a 1203 goto cifs_parse_mount_err;
1da177e4 1204 }
3eb9a889
BG		 1205 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1206 vol->srcaddr.ss_family = AF_UNSPEC;
1207
1208 if (!value || !*value) {
1209 printk(KERN_WARNING "CIFS: srcaddr value"
1210 " not specified.\n");
b946845a 1211 goto cifs_parse_mount_err;
3eb9a889
BG		 1212 }
1213 i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1214 value, strlen(value));
b235f371 1215 if (i == 0) {
3eb9a889
BG		 1216 printk(KERN_WARNING "CIFS: Could not parse"
1217 " srcaddr: %s\n",
1218 value);
b946845a 1219 goto cifs_parse_mount_err;
3eb9a889 1220 }
50c2f753
SF		 1221 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1222 if (!value || !*value) {
1223 printk(KERN_WARNING
1224 "CIFS: invalid path prefix\n");
b946845a 1225 goto cifs_parse_mount_err;
50c2f753
SF		 1226 }
1227 if ((temp_len = strnlen(value, 1024)) < 1024) {
4523cc30 1228 if (value[0] != '/')
2fe87f02 1229 temp_len++; /* missing leading slash */
50c2f753
SF		 1230 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1231 if (vol->prepath == NULL)
b946845a 1232 goto cifs_parse_mount_err;
4523cc30 1233 if (value[0] != '/') {
2fe87f02 1234 vol->prepath[0] = '/';
50c2f753 1235 strcpy(vol->prepath+1, value);
2fe87f02 1236 } else
50c2f753 1237 strcpy(vol->prepath, value);
b6b38f70 1238 cFYI(1, "prefix path %s", vol->prepath);
50c2f753
SF		 1239 } else {
1240 printk(KERN_WARNING "CIFS: prefix too long\n");
b946845a 1241 goto cifs_parse_mount_err;
50c2f753 1242 }
1da177e4
LT		 1243 } else if (strnicmp(data, "iocharset", 9) == 0) {
1244 if (!value || !*value) {
63135e08
SF		 1245 printk(KERN_WARNING "CIFS: invalid iocharset "
1246 "specified\n");
b946845a 1247 goto cifs_parse_mount_err;
1da177e4
LT		 1248 }
1249 if (strnlen(value, 65) < 65) {
b946845a
SF		 1250 if (strnicmp(value, "default", 7)) {
1251 vol->iocharset = kstrdup(value,
1252 GFP_KERNEL);
1253
1254 if (!vol->iocharset) {
1255 printk(KERN_WARNING "CIFS: no "
1256 "memory for"
1257 "charset\n");
1258 goto cifs_parse_mount_err;
1259 }
1260 }
50c2f753
SF		 1261 /* if iocharset not set then load_nls_default
1262 is used by caller */
b6b38f70 1263 cFYI(1, "iocharset set to %s", value);
1da177e4 1264 } else {
63135e08
SF		 1265 printk(KERN_WARNING "CIFS: iocharset name "
1266 "too long.\n");
b946845a 1267 goto cifs_parse_mount_err;
1da177e4 1268 }
9b9d6b24
JL		 1269 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1270 vol->linux_uid = simple_strtoul(value, &value, 0);
1271 uid_specified = true;
bd763319
JL		 1272 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1273 vol->cred_uid = simple_strtoul(value, &value, 0);
9b9d6b24
JL		 1274 } else if (!strnicmp(data, "forceuid", 8)) {
1275 override_uid = 1;
1276 } else if (!strnicmp(data, "noforceuid", 10)) {
1277 override_uid = 0;
1278 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1279 vol->linux_gid = simple_strtoul(value, &value, 0);
1280 gid_specified = true;
1281 } else if (!strnicmp(data, "forcegid", 8)) {
1282 override_gid = 1;
1283 } else if (!strnicmp(data, "noforcegid", 10)) {
1284 override_gid = 0;
1da177e4
LT		 1285 } else if (strnicmp(data, "file_mode", 4) == 0) {
1286 if (value && *value) {
1287 vol->file_mode =
1288 simple_strtoul(value, &value, 0);
1289 }
1290 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1291 if (value && *value) {
1292 vol->dir_mode =
1293 simple_strtoul(value, &value, 0);
1294 }
1295 } else if (strnicmp(data, "dirmode", 4) == 0) {
1296 if (value && *value) {
1297 vol->dir_mode =
1298 simple_strtoul(value, &value, 0);
1299 }
1300 } else if (strnicmp(data, "port", 4) == 0) {
1301 if (value && *value) {
1302 vol->port =
1303 simple_strtoul(value, &value, 0);
1304 }
1305 } else if (strnicmp(data, "rsize", 5) == 0) {
1306 if (value && *value) {
1307 vol->rsize =
1308 simple_strtoul(value, &value, 0);
1309 }
1310 } else if (strnicmp(data, "wsize", 5) == 0) {
1311 if (value && *value) {
1312 vol->wsize =
1313 simple_strtoul(value, &value, 0);
1314 }
1315 } else if (strnicmp(data, "sockopt", 5) == 0) {
6a5fa236 1316 if (!value || !*value) {
b6b38f70 1317 cERROR(1, "no socket option specified");
6a5fa236
SF		 1318 continue;
1319 } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1320 vol->sockopt_tcp_nodelay = 1;
1da177e4
LT		 1321 }
1322 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1323 if (!value || !*value || (*value == ' ')) {
b6b38f70 1324 cFYI(1, "invalid (empty) netbiosname");
1da177e4 1325 } else {
1397f2ee
JL		 1326 memset(vol->source_rfc1001_name, 0x20,
1327 RFC1001_NAME_LEN);
1328 /*
1329 * FIXME: are there cases in which a comma can
1330 * be valid in workstation netbios name (and
1331 * need special handling)?
1332 */
1333 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1334 /* don't ucase netbiosname for user */
50c2f753 1335 if (value[i] == 0)
1da177e4 1336 break;
1397f2ee 1337 vol->source_rfc1001_name[i] = value[i];
1da177e4
LT		 1338 }
1339 /* The string has 16th byte zero still from
1340 set at top of the function */
1397f2ee 1341 if (i == RFC1001_NAME_LEN && value[i] != 0)
50c2f753
SF		 1342 printk(KERN_WARNING "CIFS: netbiosname"
1343 " longer than 15 truncated.\n");
a10faeb2
SF		 1344 }
1345 } else if (strnicmp(data, "servern", 7) == 0) {
1346 /* servernetbiosname specified override *SMBSERVER */
1347 if (!value || !*value || (*value == ' ')) {
b6b38f70 1348 cFYI(1, "empty server netbiosname specified");
a10faeb2
SF		 1349 } else {
1350 /* last byte, type, is 0x20 for servr type */
1397f2ee
JL		 1351 memset(vol->target_rfc1001_name, 0x20,
1352 RFC1001_NAME_LEN_WITH_NULL);
a10faeb2 1353
50c2f753 1354 for (i = 0; i < 15; i++) {
a10faeb2 1355 /* BB are there cases in which a comma can be
50c2f753
SF		 1356 valid in this workstation netbios name
1357 (and need special handling)? */
a10faeb2 1358
50c2f753
SF		 1359 /* user or mount helper must uppercase
1360 the netbiosname */
1361 if (value[i] == 0)
a10faeb2
SF		 1362 break;
1363 else
50c2f753
SF		 1364 vol->target_rfc1001_name[i] =
1365 value[i];
a10faeb2
SF		 1366 }
1367 /* The string has 16th byte zero still from
1368 set at top of the function */
1397f2ee 1369 if (i == RFC1001_NAME_LEN && value[i] != 0)
50c2f753
SF		 1370 printk(KERN_WARNING "CIFS: server net"
1371 "biosname longer than 15 truncated.\n");
1da177e4 1372 }
6d20e840
SJ		 1373 } else if (strnicmp(data, "actimeo", 7) == 0) {
1374 if (value && *value) {
1375 vol->actimeo = HZ * simple_strtoul(value,
1376 &value, 0);
1377 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1378 cERROR(1, "CIFS: attribute cache"
1379 "timeout too large");
b946845a 1380 goto cifs_parse_mount_err;
6d20e840
SJ		 1381 }
1382 }
1da177e4
LT		 1383 } else if (strnicmp(data, "credentials", 4) == 0) {
1384 /* ignore */
1385 } else if (strnicmp(data, "version", 3) == 0) {
1386 /* ignore */
50c2f753 1387 } else if (strnicmp(data, "guest", 5) == 0) {
1da177e4 1388 /* ignore */
c9c7fa00 1389 } else if (strnicmp(data, "rw", 2) == 0 && strlen(data) == 2) {
71a394fa
SF		 1390 /* ignore */
1391 } else if (strnicmp(data, "ro", 2) == 0) {
1392 /* ignore */
edf1ae40
SF		 1393 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1394 vol->noblocksnd = 1;
1395 } else if (strnicmp(data, "noautotune", 10) == 0) {
1396 vol->noautotune = 1;
1da177e4
LT		 1397 } else if ((strnicmp(data, "suid", 4) == 0) ||
1398 (strnicmp(data, "nosuid", 6) == 0) ||
1399 (strnicmp(data, "exec", 4) == 0) ||
1400 (strnicmp(data, "noexec", 6) == 0) ||
1401 (strnicmp(data, "nodev", 5) == 0) ||
1402 (strnicmp(data, "noauto", 6) == 0) ||
1403 (strnicmp(data, "dev", 3) == 0)) {
1404 /* The mount tool or mount.cifs helper (if present)
50c2f753
SF		 1405 uses these opts to set flags, and the flags are read
1406 by the kernel vfs layer before we get here (ie
1407 before read super) so there is no point trying to
1408 parse these options again and set anything and it
1409 is ok to just ignore them */
1da177e4 1410 continue;
1da177e4
LT		 1411 } else if (strnicmp(data, "hard", 4) == 0) {
1412 vol->retry = 1;
1413 } else if (strnicmp(data, "soft", 4) == 0) {
1414 vol->retry = 0;
1415 } else if (strnicmp(data, "perm", 4) == 0) {
1416 vol->noperm = 0;
1417 } else if (strnicmp(data, "noperm", 6) == 0) {
1418 vol->noperm = 1;
6a0b4824
SF		 1419 } else if (strnicmp(data, "mapchars", 8) == 0) {
1420 vol->remap = 1;
1421 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1422 vol->remap = 0;
50c2f753
SF		 1423 } else if (strnicmp(data, "sfu", 3) == 0) {
1424 vol->sfu_emul = 1;
1425 } else if (strnicmp(data, "nosfu", 5) == 0) {
1426 vol->sfu_emul = 0;
2c1b8615
SF		 1427 } else if (strnicmp(data, "nodfs", 5) == 0) {
1428 vol->nodfs = 1;
ac67055e
JA		 1429 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1430 vol->posix_paths = 1;
1431 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1432 vol->posix_paths = 0;
c18c842b
SF		 1433 } else if (strnicmp(data, "nounix", 6) == 0) {
1434 vol->no_linux_ext = 1;
1435 } else if (strnicmp(data, "nolinux", 7) == 0) {
1436 vol->no_linux_ext = 1;
50c2f753 1437 } else if ((strnicmp(data, "nocase", 6) == 0) ||
a10faeb2 1438 (strnicmp(data, "ignorecase", 10) == 0)) {
50c2f753 1439 vol->nocase = 1;
f636a348
JL		 1440 } else if (strnicmp(data, "mand", 4) == 0) {
1441 /* ignore */
1442 } else if (strnicmp(data, "nomand", 6) == 0) {
1443 /* ignore */
1444 } else if (strnicmp(data, "_netdev", 7) == 0) {
1445 /* ignore */
c46fa8ac
SF		 1446 } else if (strnicmp(data, "brl", 3) == 0) {
1447 vol->nobrl = 0;
50c2f753 1448 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1c955187 1449 (strnicmp(data, "nolock", 6) == 0)) {
c46fa8ac 1450 vol->nobrl = 1;
d3485d37
SF		 1451 /* turn off mandatory locking in mode
1452 if remote locking is turned off since the
1453 local vfs will do advisory */
50c2f753
SF		 1454 if (vol->file_mode ==
1455 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
d3485d37 1456 vol->file_mode = S_IALLUGO;
13a6e42a
SF		 1457 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1458 /* will take the shorter form "forcemand" as well */
1459 /* This mount option will force use of mandatory
1460 (DOS/Windows style) byte range locks, instead of
1461 using posix advisory byte range locks, even if the
1462 Unix extensions are available and posix locks would
1463 be supported otherwise. If Unix extensions are not
1464 negotiated this has no effect since mandatory locks
1465 would be used (mandatory locks is all that those
1466 those servers support) */
1467 vol->mand_lock = 1;
1da177e4
LT		 1468 } else if (strnicmp(data, "setuids", 7) == 0) {
1469 vol->setuids = 1;
1470 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1471 vol->setuids = 0;
d0a9c078
JL		 1472 } else if (strnicmp(data, "dynperm", 7) == 0) {
1473 vol->dynperm = true;
1474 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1475 vol->dynperm = false;
1da177e4
LT		 1476 } else if (strnicmp(data, "nohard", 6) == 0) {
1477 vol->retry = 0;
1478 } else if (strnicmp(data, "nosoft", 6) == 0) {
1479 vol->retry = 1;
1480 } else if (strnicmp(data, "nointr", 6) == 0) {
1481 vol->intr = 0;
1482 } else if (strnicmp(data, "intr", 4) == 0) {
1483 vol->intr = 1;
be652445
SF		 1484 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1485 vol->nostrictsync = 1;
1486 } else if (strnicmp(data, "strictsync", 10) == 0) {
1487 vol->nostrictsync = 0;
50c2f753 1488 } else if (strnicmp(data, "serverino", 7) == 0) {
1da177e4 1489 vol->server_ino = 1;
50c2f753 1490 } else if (strnicmp(data, "noserverino", 9) == 0) {
1da177e4 1491 vol->server_ino = 0;
c9c7fa00 1492 } else if (strnicmp(data, "rwpidforward", 12) == 0) {
d4ffff1f 1493 vol->rwpidforward = 1;
50c2f753 1494 } else if (strnicmp(data, "cifsacl", 7) == 0) {
0a4b92c0
SF		 1495 vol->cifs_acl = 1;
1496 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1497 vol->cifs_acl = 0;
50c2f753 1498 } else if (strnicmp(data, "acl", 3) == 0) {
1da177e4 1499 vol->no_psx_acl = 0;
50c2f753 1500 } else if (strnicmp(data, "noacl", 5) == 0) {
1da177e4 1501 vol->no_psx_acl = 1;
84210e91
SF		 1502 } else if (strnicmp(data, "locallease", 6) == 0) {
1503 vol->local_lease = 1;
50c2f753 1504 } else if (strnicmp(data, "sign", 4) == 0) {
750d1151 1505 vol->secFlg |= CIFSSEC_MUST_SIGN;
95b1cb90
SF		 1506 } else if (strnicmp(data, "seal", 4) == 0) {
1507 /* we do not do the following in secFlags because seal
1508 is a per tree connection (mount) not a per socket
1509 or per-smb connection option in the protocol */
1510 /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1511 vol->seal = 1;
50c2f753 1512 } else if (strnicmp(data, "direct", 6) == 0) {
1da177e4 1513 vol->direct_io = 1;
50c2f753 1514 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1da177e4 1515 vol->direct_io = 1;
d39454ff
PS		 1516 } else if (strnicmp(data, "strictcache", 11) == 0) {
1517 vol->strict_io = 1;
1da177e4 1518 } else if (strnicmp(data, "noac", 4) == 0) {
50c2f753
SF		 1519 printk(KERN_WARNING "CIFS: Mount option noac not "
1520 "supported. Instead set "
1521 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
fa1df75d 1522 } else if (strnicmp(data, "fsc", 3) == 0) {
607a569d 1523#ifndef CONFIG_CIFS_FSCACHE
83fb086e 1524 cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
607a569d 1525 "kernel config option set");
b946845a 1526 goto cifs_parse_mount_err;
607a569d 1527#endif
fa1df75d 1528 vol->fsc = true;
736a3320
SM		 1529 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1530 vol->mfsymlinks = true;
0eb8a132
JL		 1531 } else if (strnicmp(data, "multiuser", 8) == 0) {
1532 vol->multiuser = true;
3d3ea8e6
SP		 1533 } else if (!strnicmp(data, "backupuid", 9) && value && *value) {
1534 err = kstrtouint(value, 0, &vol->backupuid);
1535 if (err < 0) {
1536 cERROR(1, "%s: Invalid backupuid value",
1537 __func__);
1538 goto cifs_parse_mount_err;
1539 }
1540 vol->backupuid_specified = true;
1541 } else if (!strnicmp(data, "backupgid", 9) && value && *value) {
1542 err = kstrtouint(value, 0, &vol->backupgid);
1543 if (err < 0) {
1544 cERROR(1, "%s: Invalid backupgid value",
1545 __func__);
1546 goto cifs_parse_mount_err;
1547 }
1548 vol->backupgid_specified = true;
1da177e4 1549 } else
50c2f753
SF		 1550 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1551 data);
1da177e4
LT		 1552 }
1553 if (vol->UNC == NULL) {
4523cc30 1554 if (devname == NULL) {
50c2f753
SF		 1555 printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1556 "target\n");
b946845a 1557 goto cifs_parse_mount_err;
1da177e4
LT		 1558 }
1559 if ((temp_len = strnlen(devname, 300)) < 300) {
50c2f753 1560 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
4523cc30 1561 if (vol->UNC == NULL)
b946845a 1562 goto cifs_parse_mount_err;
50c2f753 1563 strcpy(vol->UNC, devname);
1da177e4
LT		 1564 if (strncmp(vol->UNC, "//", 2) == 0) {
1565 vol->UNC[0] = '\\';
1566 vol->UNC[1] = '\\';
1567 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
50c2f753
SF		 1568 printk(KERN_WARNING "CIFS: UNC Path does not "
1569 "begin with // or \\\\ \n");
b946845a 1570 goto cifs_parse_mount_err;
1da177e4 1571 }
7c5e628f
IM		 1572 value = strpbrk(vol->UNC+2, "/\\");
1573 if (value)
1574 *value = '\\';
1da177e4
LT		 1575 } else {
1576 printk(KERN_WARNING "CIFS: UNC name too long\n");
b946845a 1577 goto cifs_parse_mount_err;
1da177e4
LT		 1578 }
1579 }
0eb8a132
JL		 1580
1581 if (vol->multiuser && !(vol->secFlg & CIFSSEC_MAY_KRB5)) {
1582 cERROR(1, "Multiuser mounts currently require krb5 "
1583 "authentication!");
b946845a 1584 goto cifs_parse_mount_err;
0eb8a132
JL		 1585 }
1586
fb8c4b14 1587 if (vol->UNCip == NULL)
1da177e4
LT		 1588 vol->UNCip = &vol->UNC[2];
1589
9b9d6b24
JL		 1590 if (uid_specified)
1591 vol->override_uid = override_uid;
1592 else if (override_uid == 1)
1593 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1594 "specified with no uid= option.\n");
1595
1596 if (gid_specified)
1597 vol->override_gid = override_gid;
1598 else if (override_gid == 1)
1599 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1600 "specified with no gid= option.\n");
1601
b946845a 1602 kfree(mountdata_copy);
1da177e4 1603 return 0;
b946845a
SF		 1604
1605cifs_parse_mount_err:
1606 kfree(mountdata_copy);
1607 return 1;
1da177e4
LT		 1608}
1609
3eb9a889
BG		 1610/** Returns true if srcaddr isn't specified and rhs isn't
1611 * specified, or if srcaddr is specified and
1612 * matches the IP address of the rhs argument.
1613 */
1614static bool
1615srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1616{
1617 switch (srcaddr->sa_family) {
1618 case AF_UNSPEC:
1619 return (rhs->sa_family == AF_UNSPEC);
1620 case AF_INET: {
1621 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1622 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1623 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1624 }
1625 case AF_INET6: {
1626 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1627 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1628 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1629 }
1630 default:
1631 WARN_ON(1);
1632 return false; /* don't expect to be here */
1633 }
1634}
1635
4b886136
PS		 1636/*
1637 * If no port is specified in addr structure, we try to match with 445 port
1638 * and if it fails - with 139 ports. It should be called only if address
1639 * families of server and addr are equal.
1640 */
1641static bool
1642match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1643{
6da97910 1644 __be16 port, *sport;
4b886136
PS		 1645
1646 switch (addr->sa_family) {
1647 case AF_INET:
1648 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1649 port = ((struct sockaddr_in *) addr)->sin_port;
1650 break;
1651 case AF_INET6:
1652 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1653 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1654 break;
1655 default:
1656 WARN_ON(1);
1657 return false;
1658 }
1659
1660 if (!port) {
1661 port = htons(CIFS_PORT);
1662 if (port == *sport)
1663 return true;
1664
1665 port = htons(RFC1001_PORT);
1666 }
1667
1668 return port == *sport;
1669}
3eb9a889 1670
4515148e 1671static bool
3eb9a889
BG		 1672match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1673 struct sockaddr *srcaddr)
4515148e 1674{
4515148e 1675 switch (addr->sa_family) {
a9f1b85e
PS		 1676 case AF_INET: {
1677 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1678 struct sockaddr_in *srv_addr4 =
1679 (struct sockaddr_in *)&server->dstaddr;
1680
1681 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
4515148e 1682 return false;
4515148e 1683 break;
a9f1b85e
PS		 1684 }
1685 case AF_INET6: {
1686 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1687 struct sockaddr_in6 *srv_addr6 =
1688 (struct sockaddr_in6 *)&server->dstaddr;
1689
4515148e 1690 if (!ipv6_addr_equal(&addr6->sin6_addr,
a9f1b85e 1691 &srv_addr6->sin6_addr))
4515148e 1692 return false;
a9f1b85e 1693 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
4515148e 1694 return false;
4515148e
JL		 1695 break;
1696 }
a9f1b85e
PS		 1697 default:
1698 WARN_ON(1);
1699 return false; /* don't expect to be here */
1700 }
4515148e 1701
3eb9a889
BG		 1702 if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1703 return false;
1704
4515148e
JL		 1705 return true;
1706}
1707
daf5b0b6
JL		 1708static bool
1709match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1710{
1711 unsigned int secFlags;
1712
1713 if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1714 secFlags = vol->secFlg;
1715 else
1716 secFlags = global_secflags | vol->secFlg;
1717
1718 switch (server->secType) {
1719 case LANMAN:
1720 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1721 return false;
1722 break;
1723 case NTLMv2:
1724 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1725 return false;
1726 break;
1727 case NTLM:
1728 if (!(secFlags & CIFSSEC_MAY_NTLM))
1729 return false;
1730 break;
1731 case Kerberos:
1732 if (!(secFlags & CIFSSEC_MAY_KRB5))
1733 return false;
1734 break;
1735 case RawNTLMSSP:
1736 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1737 return false;
1738 break;
1739 default:
1740 /* shouldn't happen */
1741 return false;
1742 }
1743
25985edc 1744 /* now check if signing mode is acceptable */
daf5b0b6 1745 if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
96daf2b0 1746 (server->sec_mode & SECMODE_SIGN_REQUIRED))
daf5b0b6
JL		 1747 return false;
1748 else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
96daf2b0 1749 (server->sec_mode &
daf5b0b6
JL		 1750 (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1751 return false;
1752
1753 return true;
1754}
1755
37bb04e5
PS		 1756static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
1757 struct smb_vol *vol)
1758{
1759 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1760 return 0;
1761
1762 if (!match_address(server, addr,
1763 (struct sockaddr *)&vol->srcaddr))
1764 return 0;
1765
1766 if (!match_port(server, addr))
1767 return 0;
1768
1769 if (!match_security(server, vol))
1770 return 0;
1771
1772 return 1;
1773}
1774
e7ddee90 1775static struct TCP_Server_Info *
daf5b0b6 1776cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1da177e4 1777{
e7ddee90 1778 struct TCP_Server_Info *server;
e7ddee90 1779
3f9bcca7 1780 spin_lock(&cifs_tcp_ses_lock);
4515148e 1781 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
37bb04e5 1782 if (!match_server(server, addr, vol))
daf5b0b6
JL		 1783 continue;
1784
e7ddee90 1785 ++server->srv_count;
3f9bcca7 1786 spin_unlock(&cifs_tcp_ses_lock);
b6b38f70 1787 cFYI(1, "Existing tcp session with server found");
e7ddee90 1788 return server;
1da177e4 1789 }
3f9bcca7 1790 spin_unlock(&cifs_tcp_ses_lock);
1da177e4
LT		 1791 return NULL;
1792}
1b20d672 1793
14fbf50d 1794static void
e7ddee90 1795cifs_put_tcp_session(struct TCP_Server_Info *server)
1da177e4 1796{
e7ddee90 1797 struct task_struct *task;
1b20d672 1798
3f9bcca7 1799 spin_lock(&cifs_tcp_ses_lock);
e7ddee90 1800 if (--server->srv_count > 0) {
3f9bcca7 1801 spin_unlock(&cifs_tcp_ses_lock);
e7ddee90 1802 return;
1da177e4 1803 }
1b20d672 1804
f1d0c998
RL		 1805 put_net(cifs_net_ns(server));
1806
e7ddee90 1807 list_del_init(&server->tcp_ses_list);
3f9bcca7 1808 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 1809
c74093b6
JL		 1810 cancel_delayed_work_sync(&server->echo);
1811
e7ddee90
JL		 1812 spin_lock(&GlobalMid_Lock);
1813 server->tcpStatus = CifsExiting;
1814 spin_unlock(&GlobalMid_Lock);
dea570e0 1815
d2b91521 1816 cifs_crypto_shash_release(server);
488f1d2d
SJ		 1817 cifs_fscache_release_client_cookie(server);
1818
21e73393
SP		 1819 kfree(server->session_key.response);
1820 server->session_key.response = NULL;
1821 server->session_key.len = 0;
1822
e7ddee90
JL		 1823 task = xchg(&server->tsk, NULL);
1824 if (task)
1825 force_sig(SIGKILL, task);
1da177e4
LT		 1826}
1827
63c038c2
JL		 1828static struct TCP_Server_Info *
1829cifs_get_tcp_session(struct smb_vol *volume_info)
1830{
1831 struct TCP_Server_Info *tcp_ses = NULL;
a9ac49d3 1832 struct sockaddr_storage addr;
63c038c2
JL		 1833 struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1834 struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1835 int rc;
1836
a9ac49d3 1837 memset(&addr, 0, sizeof(struct sockaddr_storage));
63c038c2 1838
b6b38f70 1839 cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
63c038c2 1840
1e68b2b2 1841 if (volume_info->UNCip && volume_info->UNC) {
50d97160
JL		 1842 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1843 volume_info->UNCip,
67b7626a 1844 strlen(volume_info->UNCip),
50d97160 1845 volume_info->port);
1e68b2b2 1846 if (!rc) {
63c038c2
JL		 1847 /* we failed translating address */
1848 rc = -EINVAL;
1849 goto out_err;
1850 }
63c038c2
JL		 1851 } else if (volume_info->UNCip) {
1852 /* BB using ip addr as tcp_ses name to connect to the
1853 DFS root below */
b6b38f70 1854 cERROR(1, "Connecting to DFS root not implemented yet");
63c038c2
JL		 1855 rc = -EINVAL;
1856 goto out_err;
1857 } else /* which tcp_sess DFS root would we conect to */ {
b6b38f70
JP		 1858 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1859 "unc=//192.168.1.100/public) specified");
63c038c2
JL		 1860 rc = -EINVAL;
1861 goto out_err;
1862 }
1863
1864 /* see if we already have a matching tcp_ses */
daf5b0b6 1865 tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
63c038c2
JL		 1866 if (tcp_ses)
1867 return tcp_ses;
1868
1869 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1870 if (!tcp_ses) {
1871 rc = -ENOMEM;
1872 goto out_err;
1873 }
1874
d2b91521
SP		 1875 rc = cifs_crypto_shash_allocate(tcp_ses);
1876 if (rc) {
1877 cERROR(1, "could not setup hash structures rc %d", rc);
1878 goto out_err;
1879 }
1880
f1d0c998 1881 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
63c038c2
JL		 1882 tcp_ses->hostname = extract_hostname(volume_info->UNC);
1883 if (IS_ERR(tcp_ses->hostname)) {
1884 rc = PTR_ERR(tcp_ses->hostname);
f7c5445a 1885 goto out_err_crypto_release;
63c038c2
JL		 1886 }
1887
1888 tcp_ses->noblocksnd = volume_info->noblocksnd;
1889 tcp_ses->noautotune = volume_info->noautotune;
6a5fa236 1890 tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
63c038c2
JL		 1891 atomic_set(&tcp_ses->inFlight, 0);
1892 init_waitqueue_head(&tcp_ses->response_q);
1893 init_waitqueue_head(&tcp_ses->request_q);
1894 INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1895 mutex_init(&tcp_ses->srv_mutex);
1896 memcpy(tcp_ses->workstation_RFC1001_name,
1897 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1898 memcpy(tcp_ses->server_RFC1001_name,
1899 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
5d0d2882 1900 tcp_ses->session_estab = false;
63c038c2 1901 tcp_ses->sequence_number = 0;
fda35943 1902 tcp_ses->lstrp = jiffies;
63c038c2
JL		 1903 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1904 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
c74093b6 1905 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
63c038c2
JL		 1906
1907 /*
1908 * at this point we are the only ones with the pointer
1909 * to the struct since the kernel thread not created yet
1910 * no need to spinlock this init of tcpStatus or srv_count
1911 */
1912 tcp_ses->tcpStatus = CifsNew;
3eb9a889
BG		 1913 memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1914 sizeof(tcp_ses->srcaddr));
63c038c2
JL		 1915 ++tcp_ses->srv_count;
1916
a9ac49d3 1917 if (addr.ss_family == AF_INET6) {
b6b38f70 1918 cFYI(1, "attempting ipv6 connect");
63c038c2
JL		 1919 /* BB should we allow ipv6 on port 139? */
1920 /* other OS never observed in Wild doing 139 with v6 */
a9f1b85e
PS		 1921 memcpy(&tcp_ses->dstaddr, sin_server6,
1922 sizeof(struct sockaddr_in6));
1923 } else
1924 memcpy(&tcp_ses->dstaddr, sin_server,
1925 sizeof(struct sockaddr_in));
1926
1927 rc = ip_connect(tcp_ses);
63c038c2 1928 if (rc < 0) {
b6b38f70 1929 cERROR(1, "Error connecting to socket. Aborting operation");
f7c5445a 1930 goto out_err_crypto_release;
63c038c2
JL		 1931 }
1932
1933 /*
1934 * since we're in a cifs function already, we know that
1935 * this will succeed. No need for try_module_get().
1936 */
1937 __module_get(THIS_MODULE);
7c97c200 1938 tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
63c038c2
JL		 1939 tcp_ses, "cifsd");
1940 if (IS_ERR(tcp_ses->tsk)) {
1941 rc = PTR_ERR(tcp_ses->tsk);
b6b38f70 1942 cERROR(1, "error %d create cifsd thread", rc);
63c038c2 1943 module_put(THIS_MODULE);
f7c5445a 1944 goto out_err_crypto_release;
63c038c2 1945 }
fd88ce93 1946 tcp_ses->tcpStatus = CifsNeedNegotiate;
63c038c2
JL		 1947
1948 /* thread spawned, put it on the list */
3f9bcca7 1949 spin_lock(&cifs_tcp_ses_lock);
63c038c2 1950 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
3f9bcca7 1951 spin_unlock(&cifs_tcp_ses_lock);
63c038c2 1952
488f1d2d
SJ		 1953 cifs_fscache_get_client_cookie(tcp_ses);
1954
c74093b6
JL		 1955 /* queue echo request delayed work */
1956 queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1957
63c038c2
JL		 1958 return tcp_ses;
1959
f7c5445a 1960out_err_crypto_release:
d2b91521
SP		 1961 cifs_crypto_shash_release(tcp_ses);
1962
f1d0c998
RL		 1963 put_net(cifs_net_ns(tcp_ses));
1964
63c038c2
JL		 1965out_err:
1966 if (tcp_ses) {
8347a5cd
SF		 1967 if (!IS_ERR(tcp_ses->hostname))
1968 kfree(tcp_ses->hostname);
63c038c2
JL		 1969 if (tcp_ses->ssocket)
1970 sock_release(tcp_ses->ssocket);
1971 kfree(tcp_ses);
1972 }
1973 return ERR_PTR(rc);
1974}
1975
96daf2b0 1976static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
37bb04e5
PS		 1977{
1978 switch (ses->server->secType) {
1979 case Kerberos:
1980 if (vol->cred_uid != ses->cred_uid)
1981 return 0;
1982 break;
1983 default:
1984 /* anything else takes username/password */
1985 if (ses->user_name == NULL)
1986 return 0;
1987 if (strncmp(ses->user_name, vol->username,
1988 MAX_USERNAME_SIZE))
1989 return 0;
1990 if (strlen(vol->username) != 0 &&
1991 ses->password != NULL &&
1992 strncmp(ses->password,
1993 vol->password ? vol->password : "",
1994 MAX_PASSWORD_SIZE))
1995 return 0;
1996 }
1997 return 1;
1998}
1999
96daf2b0 2000static struct cifs_ses *
4ff67b72 2001cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
1da177e4 2002{
96daf2b0 2003 struct cifs_ses *ses;
dea570e0 2004
3f9bcca7 2005 spin_lock(&cifs_tcp_ses_lock);
4ff67b72 2006 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
37bb04e5
PS		 2007 if (!match_session(ses, vol))
2008 continue;
14fbf50d 2009 ++ses->ses_count;
3f9bcca7 2010 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2011 return ses;
2012 }
3f9bcca7 2013 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2014 return NULL;
2015}
dea570e0 2016
14fbf50d 2017static void
96daf2b0 2018cifs_put_smb_ses(struct cifs_ses *ses)
14fbf50d
JL		 2019{
2020 int xid;
2021 struct TCP_Server_Info *server = ses->server;
dea570e0 2022
36988c76 2023 cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
3f9bcca7 2024 spin_lock(&cifs_tcp_ses_lock);
14fbf50d 2025 if (--ses->ses_count > 0) {
3f9bcca7 2026 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2027 return;
2028 }
dea570e0 2029
14fbf50d 2030 list_del_init(&ses->smb_ses_list);
3f9bcca7 2031 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 2032
14fbf50d
JL		 2033 if (ses->status == CifsGood) {
2034 xid = GetXid();
2035 CIFSSMBLogoff(xid, ses);
2036 _FreeXid(xid);
2037 }
2038 sesInfoFree(ses);
2039 cifs_put_tcp_session(server);
2040}
dea570e0 2041
d9b94201
SF		 2042static bool warned_on_ntlm; /* globals init to false automatically */
2043
96daf2b0 2044static struct cifs_ses *
36988c76
JL		 2045cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2046{
2047 int rc = -ENOMEM, xid;
96daf2b0 2048 struct cifs_ses *ses;
a9f1b85e
PS		 2049 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2050 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
36988c76
JL		 2051
2052 xid = GetXid();
2053
4ff67b72 2054 ses = cifs_find_smb_ses(server, volume_info);
36988c76
JL		 2055 if (ses) {
2056 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
2057
36988c76 2058 mutex_lock(&ses->session_mutex);
198b5682
JL		 2059 rc = cifs_negotiate_protocol(xid, ses);
2060 if (rc) {
2061 mutex_unlock(&ses->session_mutex);
2062 /* problem -- put our ses reference */
2063 cifs_put_smb_ses(ses);
2064 FreeXid(xid);
2065 return ERR_PTR(rc);
2066 }
36988c76
JL		 2067 if (ses->need_reconnect) {
2068 cFYI(1, "Session needs reconnect");
2069 rc = cifs_setup_session(xid, ses,
2070 volume_info->local_nls);
2071 if (rc) {
2072 mutex_unlock(&ses->session_mutex);
2073 /* problem -- put our reference */
2074 cifs_put_smb_ses(ses);
2075 FreeXid(xid);
2076 return ERR_PTR(rc);
2077 }
2078 }
2079 mutex_unlock(&ses->session_mutex);
460cf341
JL		 2080
2081 /* existing SMB ses has a server reference already */
2082 cifs_put_tcp_session(server);
36988c76
JL		 2083 FreeXid(xid);
2084 return ses;
2085 }
2086
2087 cFYI(1, "Existing smb sess not found");
2088 ses = sesInfoAlloc();
2089 if (ses == NULL)
2090 goto get_ses_fail;
2091
2092 /* new SMB session uses our server ref */
2093 ses->server = server;
a9f1b85e
PS		 2094 if (server->dstaddr.ss_family == AF_INET6)
2095 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
36988c76 2096 else
a9f1b85e 2097 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
36988c76 2098
8727c8a8
SF		 2099 if (volume_info->username) {
2100 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2101 if (!ses->user_name)
2102 goto get_ses_fail;
2103 }
36988c76
JL		 2104
2105 /* volume_info->password freed at unmount */
2106 if (volume_info->password) {
2107 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2108 if (!ses->password)
2109 goto get_ses_fail;
2110 }
2111 if (volume_info->domainname) {
d3686d54
SP		 2112 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2113 if (!ses->domainName)
2114 goto get_ses_fail;
36988c76 2115 }
3e4b3e1f 2116 ses->cred_uid = volume_info->cred_uid;
36988c76 2117 ses->linux_uid = volume_info->linux_uid;
d9b94201
SF		 2118
2119 /* ntlmv2 is much stronger than ntlm security, and has been broadly
2120 supported for many years, time to update default security mechanism */
2121 if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2122 warned_on_ntlm = true;
2123 cERROR(1, "default security mechanism requested. The default "
2124 "security mechanism will be upgraded from ntlm to "
9d1e397b 2125 "ntlmv2 in kernel release 3.2");
d9b94201 2126 }
36988c76
JL		 2127 ses->overrideSecFlg = volume_info->secFlg;
2128
2129 mutex_lock(&ses->session_mutex);
198b5682
JL		 2130 rc = cifs_negotiate_protocol(xid, ses);
2131 if (!rc)
2132 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
36988c76 2133 mutex_unlock(&ses->session_mutex);
c8e56f1f 2134 if (rc)
36988c76
JL		 2135 goto get_ses_fail;
2136
2137 /* success, put it on the list */
3f9bcca7 2138 spin_lock(&cifs_tcp_ses_lock);
36988c76 2139 list_add(&ses->smb_ses_list, &server->smb_ses_list);
3f9bcca7 2140 spin_unlock(&cifs_tcp_ses_lock);
36988c76
JL		 2141
2142 FreeXid(xid);
2143 return ses;
2144
2145get_ses_fail:
2146 sesInfoFree(ses);
2147 FreeXid(xid);
2148 return ERR_PTR(rc);
2149}
2150
96daf2b0 2151static int match_tcon(struct cifs_tcon *tcon, const char *unc)
37bb04e5
PS		 2152{
2153 if (tcon->tidStatus == CifsExiting)
2154 return 0;
2155 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2156 return 0;
2157 return 1;
2158}
2159
96daf2b0
SF		 2160static struct cifs_tcon *
2161cifs_find_tcon(struct cifs_ses *ses, const char *unc)
f1987b44
JL		 2162{
2163 struct list_head *tmp;
96daf2b0 2164 struct cifs_tcon *tcon;
f1987b44 2165
3f9bcca7 2166 spin_lock(&cifs_tcp_ses_lock);
f1987b44 2167 list_for_each(tmp, &ses->tcon_list) {
96daf2b0 2168 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
37bb04e5 2169 if (!match_tcon(tcon, unc))
f1987b44 2170 continue;
f1987b44 2171 ++tcon->tc_count;
3f9bcca7 2172 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 2173 return tcon;
1da177e4 2174 }
3f9bcca7 2175 spin_unlock(&cifs_tcp_ses_lock);
1da177e4
LT		 2176 return NULL;
2177}
2178
f1987b44 2179static void
96daf2b0 2180cifs_put_tcon(struct cifs_tcon *tcon)
f1987b44
JL		 2181{
2182 int xid;
96daf2b0 2183 struct cifs_ses *ses = tcon->ses;
f1987b44 2184
d00c28de 2185 cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
3f9bcca7 2186 spin_lock(&cifs_tcp_ses_lock);
f1987b44 2187 if (--tcon->tc_count > 0) {
3f9bcca7 2188 spin_unlock(&cifs_tcp_ses_lock);
f1987b44
JL		 2189 return;
2190 }
2191
2192 list_del_init(&tcon->tcon_list);
3f9bcca7 2193 spin_unlock(&cifs_tcp_ses_lock);
f1987b44
JL		 2194
2195 xid = GetXid();
2196 CIFSSMBTDis(xid, tcon);
2197 _FreeXid(xid);
2198
d03382ce 2199 cifs_fscache_release_super_cookie(tcon);
9f841593 2200 tconInfoFree(tcon);
f1987b44
JL		 2201 cifs_put_smb_ses(ses);
2202}
2203
96daf2b0
SF		 2204static struct cifs_tcon *
2205cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
d00c28de
JL		 2206{
2207 int rc, xid;
96daf2b0 2208 struct cifs_tcon *tcon;
d00c28de
JL		 2209
2210 tcon = cifs_find_tcon(ses, volume_info->UNC);
2211 if (tcon) {
2212 cFYI(1, "Found match on UNC path");
2213 /* existing tcon already has a reference */
2214 cifs_put_smb_ses(ses);
2215 if (tcon->seal != volume_info->seal)
2216 cERROR(1, "transport encryption setting "
2217 "conflicts with existing tid");
2218 return tcon;
2219 }
2220
2221 tcon = tconInfoAlloc();
2222 if (tcon == NULL) {
2223 rc = -ENOMEM;
2224 goto out_fail;
2225 }
2226
2227 tcon->ses = ses;
2228 if (volume_info->password) {
2229 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2230 if (!tcon->password) {
2231 rc = -ENOMEM;
2232 goto out_fail;
2233 }
2234 }
2235
2236 if (strchr(volume_info->UNC + 3, '\\') == NULL
2237 && strchr(volume_info->UNC + 3, '/') == NULL) {
2238 cERROR(1, "Missing share name");
2239 rc = -ENODEV;
2240 goto out_fail;
2241 }
2242
2243 /* BB Do we need to wrap session_mutex around
2244 * this TCon call and Unix SetFS as
2245 * we do on SessSetup and reconnect? */
2246 xid = GetXid();
2247 rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2248 FreeXid(xid);
2249 cFYI(1, "CIFS Tcon rc = %d", rc);
2250 if (rc)
2251 goto out_fail;
2252
2253 if (volume_info->nodfs) {
2254 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2255 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2256 }
2257 tcon->seal = volume_info->seal;
2258 /* we can have only one retry value for a connection
2259 to a share so for resources mounted more than once
2260 to the same server share the last value passed in
2261 for the retry flag is used */
2262 tcon->retry = volume_info->retry;
2263 tcon->nocase = volume_info->nocase;
2264 tcon->local_lease = volume_info->local_lease;
2265
3f9bcca7 2266 spin_lock(&cifs_tcp_ses_lock);
d00c28de 2267 list_add(&tcon->tcon_list, &ses->tcon_list);
3f9bcca7 2268 spin_unlock(&cifs_tcp_ses_lock);
d00c28de 2269
d03382ce
SJ		 2270 cifs_fscache_get_super_cookie(tcon);
2271
d00c28de
JL		 2272 return tcon;
2273
2274out_fail:
2275 tconInfoFree(tcon);
2276 return ERR_PTR(rc);
2277}
2278
9d002df4
JL		 2279void
2280cifs_put_tlink(struct tcon_link *tlink)
2281{
2282 if (!tlink || IS_ERR(tlink))
2283 return;
2284
2285 if (!atomic_dec_and_test(&tlink->tl_count) ||
2286 test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2287 tlink->tl_time = jiffies;
2288 return;
2289 }
2290
2291 if (!IS_ERR(tlink_tcon(tlink)))
2292 cifs_put_tcon(tlink_tcon(tlink));
2293 kfree(tlink);
2294 return;
2295}
d00c28de 2296
25c7f41e 2297static inline struct tcon_link *
cd51875d
PS		 2298cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2299{
2300 return cifs_sb->master_tlink;
2301}
25c7f41e
PS		 2302
2303static int
2304compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2305{
2306 struct cifs_sb_info *old = CIFS_SB(sb);
2307 struct cifs_sb_info *new = mnt_data->cifs_sb;
2308
2309 if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2310 return 0;
2311
2312 if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2313 (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2314 return 0;
2315
25c7f41e 2316 /*
5eba8ab3
JL		 2317 * We want to share sb only if we don't specify an r/wsize or
2318 * specified r/wsize is greater than or equal to existing one.
25c7f41e
PS		 2319 */
2320 if (new->wsize && new->wsize < old->wsize)
2321 return 0;
2322
5eba8ab3
JL		 2323 if (new->rsize && new->rsize < old->rsize)
2324 return 0;
2325
25c7f41e
PS		 2326 if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2327 return 0;
2328
2329 if (old->mnt_file_mode != new->mnt_file_mode ||
2330 old->mnt_dir_mode != new->mnt_dir_mode)
2331 return 0;
2332
2333 if (strcmp(old->local_nls->charset, new->local_nls->charset))
2334 return 0;
2335
2336 if (old->actimeo != new->actimeo)
2337 return 0;
2338
2339 return 1;
2340}
2341
2342int
2343cifs_match_super(struct super_block *sb, void *data)
2344{
2345 struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2346 struct smb_vol *volume_info;
2347 struct cifs_sb_info *cifs_sb;
2348 struct TCP_Server_Info *tcp_srv;
96daf2b0
SF		 2349 struct cifs_ses *ses;
2350 struct cifs_tcon *tcon;
25c7f41e
PS		 2351 struct tcon_link *tlink;
2352 struct sockaddr_storage addr;
2353 int rc = 0;
2354
2355 memset(&addr, 0, sizeof(struct sockaddr_storage));
2356
2357 spin_lock(&cifs_tcp_ses_lock);
2358 cifs_sb = CIFS_SB(sb);
2359 tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2360 if (IS_ERR(tlink)) {
2361 spin_unlock(&cifs_tcp_ses_lock);
2362 return rc;
2363 }
2364 tcon = tlink_tcon(tlink);
2365 ses = tcon->ses;
2366 tcp_srv = ses->server;
2367
2368 volume_info = mnt_data->vol;
2369
2370 if (!volume_info->UNCip || !volume_info->UNC)
2371 goto out;
2372
2373 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2374 volume_info->UNCip,
2375 strlen(volume_info->UNCip),
2376 volume_info->port);
2377 if (!rc)
2378 goto out;
2379
2380 if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2381 !match_session(ses, volume_info) ||
2382 !match_tcon(tcon, volume_info->UNC)) {
2383 rc = 0;
2384 goto out;
2385 }
2386
2387 rc = compare_mount_options(sb, mnt_data);
2388out:
25c7f41e 2389 spin_unlock(&cifs_tcp_ses_lock);
f484b5d0 2390 cifs_put_tlink(tlink);
25c7f41e
PS		 2391 return rc;
2392}
2393
1da177e4 2394int
96daf2b0 2395get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
50c2f753 2396 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
366781c1 2397 struct dfs_info3_param **preferrals, int remap)
1da177e4
LT		 2398{
2399 char *temp_unc;
2400 int rc = 0;
2401
2402 *pnum_referrals = 0;
366781c1 2403 *preferrals = NULL;
1da177e4
LT		 2404
2405 if (pSesInfo->ipc_tid == 0) {
2406 temp_unc = kmalloc(2 /* for slashes */ +
50c2f753
SF		 2407 strnlen(pSesInfo->serverName,
2408 SERVER_NAME_LEN_WITH_NULL * 2)
1da177e4
LT		 2409 + 1 + 4 /* slash IPC$ */ + 2,
2410 GFP_KERNEL);
2411 if (temp_unc == NULL)
2412 return -ENOMEM;
2413 temp_unc[0] = '\\';
2414 temp_unc[1] = '\\';
2415 strcpy(temp_unc + 2, pSesInfo->serverName);
2416 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2417 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
b6b38f70 2418 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
1da177e4
LT		 2419 kfree(temp_unc);
2420 }
2421 if (rc == 0)
c2cf07d5 2422 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
737b758c 2423 pnum_referrals, nls_codepage, remap);
366781c1
SF		 2424 /* BB map targetUNCs to dfs_info3 structures, here or
2425 in CIFSGetDFSRefer BB */
1da177e4
LT		 2426
2427 return rc;
2428}
2429
09e50d55
JL		 2430#ifdef CONFIG_DEBUG_LOCK_ALLOC
2431static struct lock_class_key cifs_key[2];
2432static struct lock_class_key cifs_slock_key[2];
2433
2434static inline void
2435cifs_reclassify_socket4(struct socket *sock)
2436{
2437 struct sock *sk = sock->sk;
2438 BUG_ON(sock_owned_by_user(sk));
2439 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2440 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2441}
2442
2443static inline void
2444cifs_reclassify_socket6(struct socket *sock)
2445{
2446 struct sock *sk = sock->sk;
2447 BUG_ON(sock_owned_by_user(sk));
2448 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2449 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2450}
2451#else
2452static inline void
2453cifs_reclassify_socket4(struct socket *sock)
2454{
2455}
2456
2457static inline void
2458cifs_reclassify_socket6(struct socket *sock)
2459{
2460}
2461#endif
2462
1da177e4 2463/* See RFC1001 section 14 on representation of Netbios names */
50c2f753 2464static void rfc1002mangle(char *target, char *source, unsigned int length)
1da177e4 2465{
50c2f753 2466 unsigned int i, j;
1da177e4 2467
50c2f753 2468 for (i = 0, j = 0; i < (length); i++) {
1da177e4
LT		 2469 /* mask a nibble at a time and encode */
2470 target[j] = 'A' + (0x0F & (source[i] >> 4));
2471 target[j+1] = 'A' + (0x0F & source[i]);
50c2f753 2472 j += 2;
1da177e4
LT		 2473 }
2474
2475}
2476
3eb9a889
BG		 2477static int
2478bind_socket(struct TCP_Server_Info *server)
2479{
2480 int rc = 0;
2481 if (server->srcaddr.ss_family != AF_UNSPEC) {
2482 /* Bind to the specified local IP address */
2483 struct socket *socket = server->ssocket;
2484 rc = socket->ops->bind(socket,
2485 (struct sockaddr *) &server->srcaddr,
2486 sizeof(server->srcaddr));
2487 if (rc < 0) {
2488 struct sockaddr_in *saddr4;
2489 struct sockaddr_in6 *saddr6;
2490 saddr4 = (struct sockaddr_in *)&server->srcaddr;
2491 saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2492 if (saddr6->sin6_family == AF_INET6)
2493 cERROR(1, "cifs: "
2494 "Failed to bind to: %pI6c, error: %d\n",
2495 &saddr6->sin6_addr, rc);
2496 else
2497 cERROR(1, "cifs: "
2498 "Failed to bind to: %pI4, error: %d\n",
2499 &saddr4->sin_addr.s_addr, rc);
2500 }
2501 }
2502 return rc;
2503}
1da177e4
LT		 2504
2505static int
a9f1b85e 2506ip_rfc1001_connect(struct TCP_Server_Info *server)
1da177e4
LT		 2507{
2508 int rc = 0;
a9f1b85e
PS		 2509 /*
2510 * some servers require RFC1001 sessinit before sending
2511 * negprot - BB check reconnection in case where second
2512 * sessinit is sent but no second negprot
2513 */
2514 struct rfc1002_session_packet *ses_init_buf;
2515 struct smb_hdr *smb_buf;
2516 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2517 GFP_KERNEL);
2518 if (ses_init_buf) {
2519 ses_init_buf->trailer.session_req.called_len = 32;
2520
2521 if (server->server_RFC1001_name &&
2522 server->server_RFC1001_name[0] != 0)
2523 rfc1002mangle(ses_init_buf->trailer.
2524 session_req.called_name,
2525 server->server_RFC1001_name,
2526 RFC1001_NAME_LEN_WITH_NULL);
2527 else
2528 rfc1002mangle(ses_init_buf->trailer.
2529 session_req.called_name,
2530 DEFAULT_CIFS_CALLED_NAME,
2531 RFC1001_NAME_LEN_WITH_NULL);
2532
2533 ses_init_buf->trailer.session_req.calling_len = 32;
2534
2535 /*
2536 * calling name ends in null (byte 16) from old smb
2537 * convention.
2538 */
2539 if (server->workstation_RFC1001_name &&
2540 server->workstation_RFC1001_name[0] != 0)
2541 rfc1002mangle(ses_init_buf->trailer.
2542 session_req.calling_name,
2543 server->workstation_RFC1001_name,
2544 RFC1001_NAME_LEN_WITH_NULL);
2545 else
2546 rfc1002mangle(ses_init_buf->trailer.
2547 session_req.calling_name,
2548 "LINUX_CIFS_CLNT",
2549 RFC1001_NAME_LEN_WITH_NULL);
2550
2551 ses_init_buf->trailer.session_req.scope1 = 0;
2552 ses_init_buf->trailer.session_req.scope2 = 0;
2553 smb_buf = (struct smb_hdr *)ses_init_buf;
2554
2555 /* sizeof RFC1002_SESSION_REQUEST with no scope */
be8e3b00 2556 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
a9f1b85e
PS		 2557 rc = smb_send(server, smb_buf, 0x44);
2558 kfree(ses_init_buf);
2559 /*
2560 * RFC1001 layer in at least one server
2561 * requires very short break before negprot
2562 * presumably because not expecting negprot
2563 * to follow so fast. This is a simple
2564 * solution that works without
2565 * complicating the code and causes no
2566 * significant slowing down on mount
2567 * for everyone else
2568 */
2569 usleep_range(1000, 2000);
2570 }
2571 /*
2572 * else the negprot may still work without this
2573 * even though malloc failed
2574 */
2575
2576 return rc;
2577}
2578
2579static int
2580generic_ip_connect(struct TCP_Server_Info *server)
2581{
2582 int rc = 0;
6da97910 2583 __be16 sport;
a9f1b85e 2584 int slen, sfamily;
bcf4b106 2585 struct socket *socket = server->ssocket;
a9f1b85e
PS		 2586 struct sockaddr *saddr;
2587
2588 saddr = (struct sockaddr *) &server->dstaddr;
2589
2590 if (server->dstaddr.ss_family == AF_INET6) {
2591 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2592 slen = sizeof(struct sockaddr_in6);
2593 sfamily = AF_INET6;
2594 } else {
2595 sport = ((struct sockaddr_in *) saddr)->sin_port;
2596 slen = sizeof(struct sockaddr_in);
2597 sfamily = AF_INET;
2598 }
1da177e4 2599
bcf4b106 2600 if (socket == NULL) {
f1d0c998
RL		 2601 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2602 IPPROTO_TCP, &socket, 1);
1da177e4 2603 if (rc < 0) {
b6b38f70 2604 cERROR(1, "Error %d creating socket", rc);
a9f1b85e 2605 server->ssocket = NULL;
1da177e4 2606 return rc;
1da177e4 2607 }
bcf4b106
JL		 2608
2609 /* BB other socket options to set KEEPALIVE, NODELAY? */
b6b38f70 2610 cFYI(1, "Socket created");
bcf4b106
JL		 2611 server->ssocket = socket;
2612 socket->sk->sk_allocation = GFP_NOFS;
a9f1b85e
PS		 2613 if (sfamily == AF_INET6)
2614 cifs_reclassify_socket6(socket);
2615 else
2616 cifs_reclassify_socket4(socket);
1da177e4
LT		 2617 }
2618
3eb9a889
BG		 2619 rc = bind_socket(server);
2620 if (rc < 0)
2621 return rc;
2622
bcf4b106
JL		 2623 /*
2624 * Eventually check for other socket options to change from
a9f1b85e
PS		 2625 * the default. sock_setsockopt not used because it expects
2626 * user space buffer
bcf4b106
JL		 2627 */
2628 socket->sk->sk_rcvtimeo = 7 * HZ;
da505c38 2629 socket->sk->sk_sndtimeo = 5 * HZ;
edf1ae40 2630
b387eaeb 2631 /* make the bufsizes depend on wsize/rsize and max requests */
bcf4b106
JL		 2632 if (server->noautotune) {
2633 if (socket->sk->sk_sndbuf < (200 * 1024))
2634 socket->sk->sk_sndbuf = 200 * 1024;
2635 if (socket->sk->sk_rcvbuf < (140 * 1024))
2636 socket->sk->sk_rcvbuf = 140 * 1024;
edf1ae40 2637 }
1da177e4 2638
6a5fa236 2639 if (server->tcp_nodelay) {
a9f1b85e 2640 int val = 1;
6a5fa236
SF		 2641 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2642 (char *)&val, sizeof(val));
2643 if (rc)
b6b38f70 2644 cFYI(1, "set TCP_NODELAY socket option error %d", rc);
6a5fa236
SF		 2645 }
2646
b6b38f70 2647 cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
bcf4b106 2648 socket->sk->sk_sndbuf,
b6b38f70 2649 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
bcf4b106 2650
ee1b3ea9
JL		 2651 rc = socket->ops->connect(socket, saddr, slen, 0);
2652 if (rc < 0) {
2653 cFYI(1, "Error %d connecting to server", rc);
2654 sock_release(socket);
2655 server->ssocket = NULL;
2656 return rc;
2657 }
2658
a9f1b85e
PS		 2659 if (sport == htons(RFC1001_PORT))
2660 rc = ip_rfc1001_connect(server);
50c2f753 2661
1da177e4
LT		 2662 return rc;
2663}
2664
2665static int
a9f1b85e 2666ip_connect(struct TCP_Server_Info *server)
1da177e4 2667{
6da97910 2668 __be16 *sport;
a9f1b85e
PS		 2669 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2670 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
1da177e4 2671
a9f1b85e
PS		 2672 if (server->dstaddr.ss_family == AF_INET6)
2673 sport = &addr6->sin6_port;
2674 else
2675 sport = &addr->sin_port;
1da177e4 2676
a9f1b85e
PS		 2677 if (*sport == 0) {
2678 int rc;
1da177e4 2679
a9f1b85e
PS		 2680 /* try with 445 port at first */
2681 *sport = htons(CIFS_PORT);
3eb9a889 2682
a9f1b85e 2683 rc = generic_ip_connect(server);
1da177e4 2684 if (rc >= 0)
a9f1b85e 2685 return rc;
6a5fa236 2686
a9f1b85e
PS		 2687 /* if it failed, try with 139 port */
2688 *sport = htons(RFC1001_PORT);
6a5fa236
SF		 2689 }
2690
a9f1b85e 2691 return generic_ip_connect(server);
1da177e4
LT		 2692}
2693
96daf2b0 2694void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
2c6292ae 2695 struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
8af18971
SF		 2696{
2697 /* if we are reconnecting then should we check to see if
2698 * any requested capabilities changed locally e.g. via
2699 * remount but we can not do much about it here
2700 * if they have (even if we could detect it by the following)
2701 * Perhaps we could add a backpointer to array of sb from tcon
2702 * or if we change to make all sb to same share the same
2703 * sb as NFS - then we only have one backpointer to sb.
2704 * What if we wanted to mount the server share twice once with
2705 * and once without posixacls or posix paths? */
2706 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
50c2f753 2707
c18c842b
SF		 2708 if (vol_info && vol_info->no_linux_ext) {
2709 tcon->fsUnixInfo.Capability = 0;
2710 tcon->unix_ext = 0; /* Unix Extensions disabled */
b6b38f70 2711 cFYI(1, "Linux protocol extensions disabled");
c18c842b
SF		 2712 return;
2713 } else if (vol_info)
2714 tcon->unix_ext = 1; /* Unix Extensions supported */
2715
2716 if (tcon->unix_ext == 0) {
b6b38f70 2717 cFYI(1, "Unix extensions disabled so not set on reconnect");
c18c842b
SF		 2718 return;
2719 }
50c2f753 2720
fb8c4b14 2721 if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
8af18971 2722 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
6848b733 2723 cFYI(1, "unix caps which server supports %lld", cap);
8af18971
SF		 2724 /* check for reconnect case in which we do not
2725 want to change the mount behavior if we can avoid it */
fb8c4b14 2726 if (vol_info == NULL) {
50c2f753 2727 /* turn off POSIX ACL and PATHNAMES if not set
8af18971
SF		 2728 originally at mount time */
2729 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2730 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
11b6d645
IM		 2731 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2732 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
b6b38f70 2733 cERROR(1, "POSIXPATH support change");
8af18971 2734 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
11b6d645 2735 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
b6b38f70
JP		 2736 cERROR(1, "possible reconnect error");
2737 cERROR(1, "server disabled POSIX path support");
11b6d645 2738 }
8af18971 2739 }
50c2f753 2740
6848b733
SF		 2741 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2742 cERROR(1, "per-share encryption not supported yet");
2743
8af18971 2744 cap &= CIFS_UNIX_CAP_MASK;
75865f8c 2745 if (vol_info && vol_info->no_psx_acl)
8af18971 2746 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
75865f8c 2747 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
b6b38f70 2748 cFYI(1, "negotiated posix acl support");
2c6292ae
AV		 2749 if (cifs_sb)
2750 cifs_sb->mnt_cifs_flags |=
2751 CIFS_MOUNT_POSIXACL;
8af18971
SF		 2752 }
2753
75865f8c 2754 if (vol_info && vol_info->posix_paths == 0)
8af18971 2755 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
75865f8c 2756 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
b6b38f70 2757 cFYI(1, "negotiate posix pathnames");
2c6292ae
AV		 2758 if (cifs_sb)
2759 cifs_sb->mnt_cifs_flags |=
8af18971
SF		 2760 CIFS_MOUNT_POSIX_PATHS;
2761 }
50c2f753 2762
b6b38f70 2763 cFYI(1, "Negotiate caps 0x%x", (int)cap);
8af18971 2764#ifdef CONFIG_CIFS_DEBUG2
75865f8c 2765 if (cap & CIFS_UNIX_FCNTL_CAP)
b6b38f70 2766 cFYI(1, "FCNTL cap");
75865f8c 2767 if (cap & CIFS_UNIX_EXTATTR_CAP)
b6b38f70 2768 cFYI(1, "EXTATTR cap");
75865f8c 2769 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
b6b38f70 2770 cFYI(1, "POSIX path cap");
75865f8c 2771 if (cap & CIFS_UNIX_XATTR_CAP)
b6b38f70 2772 cFYI(1, "XATTR cap");
75865f8c 2773 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
b6b38f70 2774 cFYI(1, "POSIX ACL cap");
75865f8c 2775 if (cap & CIFS_UNIX_LARGE_READ_CAP)
b6b38f70 2776 cFYI(1, "very large read cap");
75865f8c 2777 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
b6b38f70 2778 cFYI(1, "very large write cap");
6848b733
SF		 2779 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
2780 cFYI(1, "transport encryption cap");
2781 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2782 cFYI(1, "mandatory transport encryption cap");
8af18971
SF		 2783#endif /* CIFS_DEBUG2 */
2784 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
442aa310 2785 if (vol_info == NULL) {
b6b38f70 2786 cFYI(1, "resetting capabilities failed");
442aa310 2787 } else
b6b38f70 2788 cERROR(1, "Negotiating Unix capabilities "
5a44b319
SF		 2789 "with the server failed. Consider "
2790 "mounting with the Unix Extensions\n"
2791 "disabled, if problems are found, "
2792 "by specifying the nounix mount "
b6b38f70 2793 "option.");
5a44b319 2794
8af18971
SF		 2795 }
2796 }
2797}
2798
724d9f1c
PS		 2799void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
2800 struct cifs_sb_info *cifs_sb)
b1c8d2b4 2801{
2de970ff
JL		 2802 INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2803
2ced6f69
AV		 2804 spin_lock_init(&cifs_sb->tlink_tree_lock);
2805 cifs_sb->tlink_tree = RB_ROOT;
2806
25c7f41e 2807 /*
5eba8ab3
JL		 2808 * Temporarily set r/wsize for matching superblock. If we end up using
2809 * new sb then client will later negotiate it downward if needed.
25c7f41e 2810 */
5eba8ab3 2811 cifs_sb->rsize = pvolume_info->rsize;
25c7f41e
PS		 2812 cifs_sb->wsize = pvolume_info->wsize;
2813
3b795210
SF		 2814 cifs_sb->mnt_uid = pvolume_info->linux_uid;
2815 cifs_sb->mnt_gid = pvolume_info->linux_gid;
3d3ea8e6
SP		 2816 if (pvolume_info->backupuid_specified)
2817 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
2818 if (pvolume_info->backupgid_specified)
2819 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
3b795210
SF		 2820 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2821 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
b6b38f70
JP		 2822 cFYI(1, "file mode: 0x%x dir mode: 0x%x",
2823 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
3b795210 2824
6d20e840 2825 cifs_sb->actimeo = pvolume_info->actimeo;
724d9f1c 2826 cifs_sb->local_nls = pvolume_info->local_nls;
6d20e840 2827
3b795210
SF		 2828 if (pvolume_info->noperm)
2829 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2830 if (pvolume_info->setuids)
2831 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2832 if (pvolume_info->server_ino)
2833 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2834 if (pvolume_info->remap)
2835 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2836 if (pvolume_info->no_xattr)
2837 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2838 if (pvolume_info->sfu_emul)
2839 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2840 if (pvolume_info->nobrl)
2841 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
be652445 2842 if (pvolume_info->nostrictsync)
4717bed6 2843 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
13a6e42a
SF		 2844 if (pvolume_info->mand_lock)
2845 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
d4ffff1f
PS		 2846 if (pvolume_info->rwpidforward)
2847 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
3b795210
SF		 2848 if (pvolume_info->cifs_acl)
2849 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
3d3ea8e6
SP		 2850 if (pvolume_info->backupuid_specified)
2851 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
2852 if (pvolume_info->backupgid_specified)
2853 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
3b795210
SF		 2854 if (pvolume_info->override_uid)
2855 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
2856 if (pvolume_info->override_gid)
2857 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
2858 if (pvolume_info->dynperm)
2859 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
fa1df75d
SJ		 2860 if (pvolume_info->fsc)
2861 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
0eb8a132
JL		 2862 if (pvolume_info->multiuser)
2863 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
2864 CIFS_MOUNT_NO_PERM);
d39454ff
PS		 2865 if (pvolume_info->strict_io)
2866 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
3b795210 2867 if (pvolume_info->direct_io) {
b6b38f70 2868 cFYI(1, "mounting share using direct i/o");
3b795210
SF		 2869 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
2870 }
736a3320
SM		 2871 if (pvolume_info->mfsymlinks) {
2872 if (pvolume_info->sfu_emul) {
2873 cERROR(1, "mount option mfsymlinks ignored if sfu "
2874 "mount option is used");
2875 } else {
2876 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
2877 }
2878 }
3b795210
SF		 2879
2880 if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
b6b38f70
JP		 2881 cERROR(1, "mount option dynperm ignored if cifsacl "
2882 "mount option supported");
b1c8d2b4
JL		 2883}
2884
f7910cbd 2885/*
5eba8ab3
JL		 2886 * When the server supports very large reads and writes via POSIX extensions,
2887 * we can allow up to 2^24-1, minus the size of a READ/WRITE_AND_X header, not
2888 * including the RFC1001 length.
f7910cbd
JL		 2889 *
2890 * Note that this might make for "interesting" allocation problems during
1190f6a0
JL		 2891 * writeback however as we have to allocate an array of pointers for the
2892 * pages. A 16M write means ~32kb page array with PAGE_CACHE_SIZE == 4096.
5eba8ab3
JL		 2893 *
2894 * For reads, there is a similar problem as we need to allocate an array
2895 * of kvecs to handle the receive, though that should only need to be done
2896 * once.
f7910cbd 2897 */
1190f6a0 2898#define CIFS_MAX_WSIZE ((1<<24) - 1 - sizeof(WRITE_REQ) + 4)
5eba8ab3 2899#define CIFS_MAX_RSIZE ((1<<24) - sizeof(READ_RSP) + 4)
f7910cbd
JL		 2900
2901/*
5eba8ab3
JL		 2902 * When the server doesn't allow large posix writes, only allow a rsize/wsize
2903 * of 2^17-1 minus the size of the call header. That allows for a read or
2904 * write up to the maximum size described by RFC1002.
f7910cbd 2905 */
94443f43 2906#define CIFS_MAX_RFC1002_WSIZE ((1<<17) - 1 - sizeof(WRITE_REQ) + 4)
5eba8ab3 2907#define CIFS_MAX_RFC1002_RSIZE ((1<<17) - 1 - sizeof(READ_RSP) + 4)
f7910cbd
JL		 2908
2909/*
2910 * The default wsize is 1M. find_get_pages seems to return a maximum of 256
2911 * pages in a single call. With PAGE_CACHE_SIZE == 4k, this means we can fill
2912 * a single wsize request with a single call.
2913 */
5eba8ab3
JL		 2914#define CIFS_DEFAULT_IOSIZE (1024 * 1024)
2915
2916/*
2917 * Windows only supports a max of 60k reads. Default to that when posix
2918 * extensions aren't in force.
2919 */
2920#define CIFS_DEFAULT_NON_POSIX_RSIZE (60 * 1024)
f7910cbd
JL		 2921
2922static unsigned int
96daf2b0 2923cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
f7910cbd
JL		 2924{
2925 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2926 struct TCP_Server_Info *server = tcon->ses->server;
2927 unsigned int wsize = pvolume_info->wsize ? pvolume_info->wsize :
5eba8ab3 2928 CIFS_DEFAULT_IOSIZE;
f7910cbd
JL		 2929
2930 /* can server support 24-bit write sizes? (via UNIX extensions) */
2931 if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
1190f6a0 2932 wsize = min_t(unsigned int, wsize, CIFS_MAX_RFC1002_WSIZE);
f7910cbd 2933
1190f6a0
JL		 2934 /*
2935 * no CAP_LARGE_WRITE_X or is signing enabled without CAP_UNIX set?
2936 * Limit it to max buffer offered by the server, minus the size of the
2937 * WRITEX header, not including the 4 byte RFC1001 length.
2938 */
2939 if (!(server->capabilities & CAP_LARGE_WRITE_X) ||
2940 (!(server->capabilities & CAP_UNIX) &&
2941 (server->sec_mode & (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED))))
2942 wsize = min_t(unsigned int, wsize,
2943 server->maxBuf - sizeof(WRITE_REQ) + 4);
f7910cbd
JL		 2944
2945 /* hard limit of CIFS_MAX_WSIZE */
2946 wsize = min_t(unsigned int, wsize, CIFS_MAX_WSIZE);
2947
2948 return wsize;
2949}
2950
5eba8ab3
JL		 2951static unsigned int
2952cifs_negotiate_rsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
2953{
2954 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2955 struct TCP_Server_Info *server = tcon->ses->server;
2956 unsigned int rsize, defsize;
2957
2958 /*
2959 * Set default value...
2960 *
2961 * HACK alert! Ancient servers have very small buffers. Even though
2962 * MS-CIFS indicates that servers are only limited by the client's
2963 * bufsize for reads, testing against win98se shows that it throws
2964 * INVALID_PARAMETER errors if you try to request too large a read.
2965 *
2966 * If the server advertises a MaxBufferSize of less than one page,
2967 * assume that it also can't satisfy reads larger than that either.
2968 *
2969 * FIXME: Is there a better heuristic for this?
2970 */
2971 if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_READ_CAP))
2972 defsize = CIFS_DEFAULT_IOSIZE;
2973 else if (server->capabilities & CAP_LARGE_READ_X)
2974 defsize = CIFS_DEFAULT_NON_POSIX_RSIZE;
2975 else if (server->maxBuf >= PAGE_CACHE_SIZE)
2976 defsize = CIFSMaxBufSize;
2977 else
2978 defsize = server->maxBuf - sizeof(READ_RSP);
2979
2980 rsize = pvolume_info->rsize ? pvolume_info->rsize : defsize;
2981
2982 /*
2983 * no CAP_LARGE_READ_X? Then MS-CIFS states that we must limit this to
2984 * the client's MaxBufferSize.
2985 */
2986 if (!(server->capabilities & CAP_LARGE_READ_X))
2987 rsize = min_t(unsigned int, CIFSMaxBufSize, rsize);
2988
2989 /* hard limit of CIFS_MAX_RSIZE */
2990 rsize = min_t(unsigned int, rsize, CIFS_MAX_RSIZE);
2991
2992 return rsize;
2993}
2994
e4cce94c 2995static int
96daf2b0 2996is_path_accessible(int xid, struct cifs_tcon *tcon,
e4cce94c
IM		 2997 struct cifs_sb_info *cifs_sb, const char *full_path)
2998{
2999 int rc;
e4cce94c
IM		 3000 FILE_ALL_INFO *pfile_info;
3001
e4cce94c
IM		 3002 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
3003 if (pfile_info == NULL)
3004 return -ENOMEM;
3005
3006 rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
3007 0 /* not legacy */, cifs_sb->local_nls,
3008 cifs_sb->mnt_cifs_flags &
3009 CIFS_MOUNT_MAP_SPECIAL_CHR);
221d1d79
JL		 3010
3011 if (rc == -EOPNOTSUPP || rc == -EINVAL)
3012 rc = SMBQueryInformation(xid, tcon, full_path, pfile_info,
3013 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
3014 CIFS_MOUNT_MAP_SPECIAL_CHR);
e4cce94c
IM		 3015 kfree(pfile_info);
3016 return rc;
3017}
3018
b9bce2e9
JL		 3019static void
3020cleanup_volume_info_contents(struct smb_vol *volume_info)
1bfe73c2 3021{
b946845a 3022 kfree(volume_info->username);
1bfe73c2 3023 kzfree(volume_info->password);
13589c43
SF		 3024 if (volume_info->UNCip != volume_info->UNC + 2)
3025 kfree(volume_info->UNCip);
95c75454 3026 kfree(volume_info->UNC);
b946845a
SF		 3027 kfree(volume_info->domainname);
3028 kfree(volume_info->iocharset);
1bfe73c2 3029 kfree(volume_info->prepath);
b9bce2e9
JL		 3030}
3031
3032void
3033cifs_cleanup_volume_info(struct smb_vol *volume_info)
3034{
3035 if (!volume_info)
3036 return;
3037 cleanup_volume_info_contents(volume_info);
1bfe73c2 3038 kfree(volume_info);
1bfe73c2
IM		 3039}
3040
b9bce2e9 3041
2d6d589d 3042#ifdef CONFIG_CIFS_DFS_UPCALL
1bfe73c2
IM		 3043/* build_path_to_root returns full path to root when
3044 * we do not have an exiting connection (tcon) */
3045static char *
b2a0fa15 3046build_unc_path_to_root(const struct smb_vol *vol,
1bfe73c2
IM		 3047 const struct cifs_sb_info *cifs_sb)
3048{
b2a0fa15
JL		 3049 char *full_path, *pos;
3050 unsigned int pplen = vol->prepath ? strlen(vol->prepath) : 0;
3051 unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
1bfe73c2 3052
b2a0fa15 3053 full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
1bfe73c2
IM		 3054 if (full_path == NULL)
3055 return ERR_PTR(-ENOMEM);
3056
b2a0fa15
JL		 3057 strncpy(full_path, vol->UNC, unc_len);
3058 pos = full_path + unc_len;
3059
3060 if (pplen) {
3061 strncpy(pos, vol->prepath, pplen);
3062 pos += pplen;
3063 }
3064
3065 *pos = '\0'; /* add trailing null */
f87d39d9 3066 convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
b2a0fa15 3067 cFYI(1, "%s: full_path=%s", __func__, full_path);
1bfe73c2
IM		 3068 return full_path;
3069}
dd613945
SF		 3070
3071/*
3072 * Perform a dfs referral query for a share and (optionally) prefix
3073 *
046462ab
SF		 3074 * If a referral is found, cifs_sb->mountdata will be (re-)allocated
3075 * to a string containing updated options for the submount. Otherwise it
3076 * will be left untouched.
dd613945
SF		 3077 *
3078 * Returns the rc from get_dfs_path to the caller, which can be used to
3079 * determine whether there were referrals.
3080 */
3081static int
96daf2b0 3082expand_dfs_referral(int xid, struct cifs_ses *pSesInfo,
dd613945 3083 struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
046462ab 3084 int check_prefix)
dd613945
SF		 3085{
3086 int rc;
3087 unsigned int num_referrals = 0;
3088 struct dfs_info3_param *referrals = NULL;
3089 char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
3090
3091 full_path = build_unc_path_to_root(volume_info, cifs_sb);
3092 if (IS_ERR(full_path))
3093 return PTR_ERR(full_path);
3094
3095 /* For DFS paths, skip the first '\' of the UNC */
3096 ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
3097
3098 rc = get_dfs_path(xid, pSesInfo , ref_path, cifs_sb->local_nls,
3099 &num_referrals, &referrals,
3100 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
3101
3102 if (!rc && num_referrals > 0) {
3103 char *fake_devname = NULL;
3104
3105 mdata = cifs_compose_mount_options(cifs_sb->mountdata,
3106 full_path + 1, referrals,
3107 &fake_devname);
3108
3109 free_dfs_info_array(referrals, num_referrals);
046462ab 3110
dd613945
SF		 3111 if (IS_ERR(mdata)) {
3112 rc = PTR_ERR(mdata);
3113 mdata = NULL;
b9bce2e9
JL		 3114 } else {
3115 cleanup_volume_info_contents(volume_info);
3116 memset(volume_info, '\0', sizeof(*volume_info));
3117 rc = cifs_setup_volume_info(volume_info, mdata,
3118 fake_devname);
dd613945 3119 }
b9bce2e9
JL		 3120 kfree(fake_devname);
3121 kfree(cifs_sb->mountdata);
046462ab 3122 cifs_sb->mountdata = mdata;
dd613945
SF		 3123 }
3124 kfree(full_path);
3125 return rc;
3126}
2d6d589d 3127#endif
1bfe73c2 3128
04db79b0
JL		 3129static int
3130cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
3131 const char *devname)
1da177e4 3132{
724d9f1c 3133 int rc = 0;
1da177e4 3134
04db79b0
JL		 3135 if (cifs_parse_mount_options(mount_data, devname, volume_info))
3136 return -EINVAL;
1da177e4 3137
7586b765 3138 if (volume_info->nullauth) {
b6b38f70 3139 cFYI(1, "null user");
446b23a7 3140 volume_info->username = kzalloc(1, GFP_KERNEL);
04db79b0
JL		 3141 if (volume_info->username == NULL)
3142 return -ENOMEM;
7586b765 3143 } else if (volume_info->username) {
1da177e4 3144 /* BB fixme parse for domain name here */
b6b38f70 3145 cFYI(1, "Username: %s", volume_info->username);
1da177e4 3146 } else {
bf820679 3147 cifserror("No username specified");
50c2f753
SF		 3148 /* In userspace mount helper we can get user name from alternate
3149 locations such as env variables and files on disk */
04db79b0 3150 return -EINVAL;
1da177e4
LT		 3151 }
3152
1da177e4 3153 /* this is needed for ASCII cp to Unicode converts */
7586b765 3154 if (volume_info->iocharset == NULL) {
a5fc4ce0
JL		 3155 /* load_nls_default cannot return null */
3156 volume_info->local_nls = load_nls_default();
1da177e4 3157 } else {
a5fc4ce0
JL		 3158 volume_info->local_nls = load_nls(volume_info->iocharset);
3159 if (volume_info->local_nls == NULL) {
b6b38f70
JP		 3160 cERROR(1, "CIFS mount error: iocharset %s not found",
3161 volume_info->iocharset);
04db79b0 3162 return -ELIBACC;
1da177e4
LT		 3163 }
3164 }
724d9f1c 3165
724d9f1c
PS		 3166 return rc;
3167}
3168
04db79b0
JL		 3169struct smb_vol *
3170cifs_get_volume_info(char *mount_data, const char *devname)
3171{
3172 int rc;
3173 struct smb_vol *volume_info;
3174
3175 volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
3176 if (!volume_info)
3177 return ERR_PTR(-ENOMEM);
3178
3179 rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3180 if (rc) {
3181 cifs_cleanup_volume_info(volume_info);
3182 volume_info = ERR_PTR(rc);
3183 }
3184
3185 return volume_info;
3186}
3187
66bfaadc
JL		 3188/* make sure ra_pages is a multiple of rsize */
3189static inline unsigned int
3190cifs_ra_pages(struct cifs_sb_info *cifs_sb)
3191{
3192 unsigned int reads;
3193 unsigned int rsize_pages = cifs_sb->rsize / PAGE_CACHE_SIZE;
3194
3195 if (rsize_pages >= default_backing_dev_info.ra_pages)
3196 return default_backing_dev_info.ra_pages;
3197 else if (rsize_pages == 0)
3198 return rsize_pages;
3199
3200 reads = default_backing_dev_info.ra_pages / rsize_pages;
3201 return reads * rsize_pages;
3202}
3203
724d9f1c 3204int
2c6292ae 3205cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
724d9f1c
PS		 3206{
3207 int rc = 0;
3208 int xid;
96daf2b0
SF		 3209 struct cifs_ses *pSesInfo;
3210 struct cifs_tcon *tcon;
724d9f1c
PS		 3211 struct TCP_Server_Info *srvTcp;
3212 char *full_path;
3213 struct tcon_link *tlink;
3214#ifdef CONFIG_CIFS_DFS_UPCALL
3215 int referral_walks_count = 0;
20547490 3216#endif
dd854466
AV		 3217
3218 rc = bdi_setup_and_register(&cifs_sb->bdi, "cifs", BDI_CAP_MAP_COPY);
3219 if (rc)
3220 return rc;
3221
20547490 3222#ifdef CONFIG_CIFS_DFS_UPCALL
724d9f1c
PS		 3223try_mount_again:
3224 /* cleanup activities if we're chasing a referral */
3225 if (referral_walks_count) {
3226 if (tcon)
3227 cifs_put_tcon(tcon);
3228 else if (pSesInfo)
3229 cifs_put_smb_ses(pSesInfo);
3230
724d9f1c
PS		 3231 FreeXid(xid);
3232 }
3233#endif
3234 tcon = NULL;
3235 pSesInfo = NULL;
3236 srvTcp = NULL;
3237 full_path = NULL;
3238 tlink = NULL;
3239
3240 xid = GetXid();
1da177e4 3241
63c038c2 3242 /* get a reference to a tcp session */
7586b765 3243 srvTcp = cifs_get_tcp_session(volume_info);
63c038c2
JL		 3244 if (IS_ERR(srvTcp)) {
3245 rc = PTR_ERR(srvTcp);
dd854466 3246 bdi_destroy(&cifs_sb->bdi);
63c038c2 3247 goto out;
1da177e4
LT		 3248 }
3249
36988c76
JL		 3250 /* get a reference to a SMB session */
3251 pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
3252 if (IS_ERR(pSesInfo)) {
3253 rc = PTR_ERR(pSesInfo);
3254 pSesInfo = NULL;
3255 goto mount_fail_check;
1da177e4 3256 }
50c2f753 3257
d00c28de
JL		 3258 /* search for existing tcon to this server share */
3259 tcon = cifs_get_tcon(pSesInfo, volume_info);
3260 if (IS_ERR(tcon)) {
3261 rc = PTR_ERR(tcon);
3262 tcon = NULL;
1bfe73c2 3263 goto remote_path_check;
d00c28de 3264 }
1bfe73c2 3265
d82c2df5 3266 /* tell server which Unix caps we support */
6848b733 3267 if (tcon->ses->capabilities & CAP_UNIX) {
d82c2df5
SF		 3268 /* reset of caps checks mount to see if unix extensions
3269 disabled for just this mount */
2c6292ae 3270 reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
6848b733
SF		 3271 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3272 (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3273 CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3274 rc = -EACCES;
3275 goto mount_fail_check;
3276 }
3277 } else
d82c2df5 3278 tcon->unix_ext = 0; /* server does not support them */
c18c842b 3279
6848b733
SF		 3280 /* do not care if following two calls succeed - informational */
3281 if (!tcon->ipc) {
3282 CIFSSMBQFSDeviceInfo(xid, tcon);
3283 CIFSSMBQFSAttributeInfo(xid, tcon);
3284 }
3285
f7910cbd 3286 cifs_sb->wsize = cifs_negotiate_wsize(tcon, volume_info);
5eba8ab3 3287 cifs_sb->rsize = cifs_negotiate_rsize(tcon, volume_info);
f7910cbd 3288
66bfaadc
JL		 3289 /* tune readahead according to rsize */
3290 cifs_sb->bdi.ra_pages = cifs_ra_pages(cifs_sb);
f7910cbd 3291
1bfe73c2 3292remote_path_check:
c1508ca2
SF		 3293#ifdef CONFIG_CIFS_DFS_UPCALL
3294 /*
3295 * Perform an unconditional check for whether there are DFS
3296 * referrals for this path without prefix, to provide support
3297 * for DFS referrals from w2k8 servers which don't seem to respond
3298 * with PATH_NOT_COVERED to requests that include the prefix.
3299 * Chase the referral if found, otherwise continue normally.
3300 */
3301 if (referral_walks_count == 0) {
3302 int refrc = expand_dfs_referral(xid, pSesInfo, volume_info,
046462ab 3303 cifs_sb, false);
c1508ca2
SF		 3304 if (!refrc) {
3305 referral_walks_count++;
3306 goto try_mount_again;
3307 }
3308 }
3309#endif
3310
f87d39d9 3311 /* check if a whole path is not remote */
70945643 3312 if (!rc && tcon) {
e4cce94c 3313 /* build_path_to_root works only when we have a valid tcon */
f87d39d9 3314 full_path = cifs_build_path_to_root(volume_info, cifs_sb, tcon);
e4cce94c
IM		 3315 if (full_path == NULL) {
3316 rc = -ENOMEM;
3317 goto mount_fail_check;
3318 }
3319 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
03ceace5 3320 if (rc != 0 && rc != -EREMOTE) {
e4cce94c
IM		 3321 kfree(full_path);
3322 goto mount_fail_check;
3323 }
3324 kfree(full_path);
3325 }
3326
1bfe73c2
IM		 3327 /* get referral if needed */
3328 if (rc == -EREMOTE) {
d036f50f 3329#ifdef CONFIG_CIFS_DFS_UPCALL
5c2503a8
IM		 3330 if (referral_walks_count > MAX_NESTED_LINKS) {
3331 /*
3332 * BB: when we implement proper loop detection,
3333 * we will remove this check. But now we need it
3334 * to prevent an indefinite loop if 'DFS tree' is
3335 * misconfigured (i.e. has loops).
3336 */
3337 rc = -ELOOP;
3338 goto mount_fail_check;
3339 }
1bfe73c2 3340
dd613945 3341 rc = expand_dfs_referral(xid, pSesInfo, volume_info, cifs_sb,
046462ab 3342 true);
7b91e266 3343
dd613945 3344 if (!rc) {
5c2503a8 3345 referral_walks_count++;
1bfe73c2
IM		 3346 goto try_mount_again;
3347 }
dd613945 3348 goto mount_fail_check;
d036f50f
SF		 3349#else /* No DFS support, return error on mount */
3350 rc = -EOPNOTSUPP;
3351#endif
1bfe73c2
IM		 3352 }
3353
9d002df4
JL		 3354 if (rc)
3355 goto mount_fail_check;
3356
3357 /* now, hang the tcon off of the superblock */
3358 tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3359 if (tlink == NULL) {
3360 rc = -ENOMEM;
3361 goto mount_fail_check;
3362 }
3363
b647c35f 3364 tlink->tl_uid = pSesInfo->linux_uid;
9d002df4
JL		 3365 tlink->tl_tcon = tcon;
3366 tlink->tl_time = jiffies;
3367 set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
3368 set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3369
b647c35f 3370 cifs_sb->master_tlink = tlink;
9d002df4 3371 spin_lock(&cifs_sb->tlink_tree_lock);
b647c35f 3372 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
9d002df4 3373 spin_unlock(&cifs_sb->tlink_tree_lock);
413e661c 3374
2de970ff
JL		 3375 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3376 TLINK_IDLE_EXPIRE);
3377
1bfe73c2
IM		 3378mount_fail_check:
3379 /* on error free sesinfo and tcon struct if needed */
3380 if (rc) {
1bfe73c2 3381 /* If find_unc succeeded then rc == 0 so we can not end */
25985edc 3382 /* up accidentally freeing someone elses tcon struct */
1bfe73c2
IM		 3383 if (tcon)
3384 cifs_put_tcon(tcon);
3385 else if (pSesInfo)
3386 cifs_put_smb_ses(pSesInfo);
3387 else
3388 cifs_put_tcp_session(srvTcp);
dd854466 3389 bdi_destroy(&cifs_sb->bdi);
1bfe73c2
IM		 3390 }
3391
70fe7dc0 3392out:
1da177e4
LT		 3393 FreeXid(xid);
3394 return rc;
3395}
3396
8d1bca32
JL		 3397/*
3398 * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
3399 * pointer may be NULL.
3400 */
1da177e4 3401int
96daf2b0
SF		 3402CIFSTCon(unsigned int xid, struct cifs_ses *ses,
3403 const char *tree, struct cifs_tcon *tcon,
1da177e4
LT		 3404 const struct nls_table *nls_codepage)
3405{
3406 struct smb_hdr *smb_buffer;
3407 struct smb_hdr *smb_buffer_response;
3408 TCONX_REQ *pSMB;
3409 TCONX_RSP *pSMBr;
3410 unsigned char *bcc_ptr;
3411 int rc = 0;
690c522f
JL		 3412 int length;
3413 __u16 bytes_left, count;
1da177e4
LT		 3414
3415 if (ses == NULL)
3416 return -EIO;
3417
3418 smb_buffer = cifs_buf_get();
ca43e3be 3419 if (smb_buffer == NULL)
1da177e4 3420 return -ENOMEM;
ca43e3be 3421
1da177e4
LT		 3422 smb_buffer_response = smb_buffer;
3423
3424 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3425 NULL /*no tid */ , 4 /*wct */ );
1982c344
SF		 3426
3427 smb_buffer->Mid = GetNextMid(ses->server);
1da177e4
LT		 3428 smb_buffer->Uid = ses->Suid;
3429 pSMB = (TCONX_REQ *) smb_buffer;
3430 pSMBr = (TCONX_RSP *) smb_buffer_response;
3431
3432 pSMB->AndXCommand = 0xFF;
3433 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
1da177e4 3434 bcc_ptr = &pSMB->Password[0];
8d1bca32 3435 if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
eeac8047 3436 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
7c7b25bc 3437 *bcc_ptr = 0; /* password is null byte */
eeac8047 3438 bcc_ptr++; /* skip password */
7c7b25bc 3439 /* already aligned so no need to do it below */
eeac8047 3440 } else {
540b2e37 3441 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
eeac8047
SF		 3442 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3443 specified as required (when that support is added to
3444 the vfs in the future) as only NTLM or the much
7c7b25bc 3445 weaker LANMAN (which we do not send by default) is accepted
eeac8047
SF		 3446 by Samba (not sure whether other servers allow
3447 NTLMv2 password here) */
7c7b25bc 3448#ifdef CONFIG_CIFS_WEAK_PW_HASH
04912d6a 3449 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
00e485b0 3450 (ses->server->secType == LANMAN))
d3ba50b1 3451 calc_lanman_hash(tcon->password, ses->server->cryptkey,
96daf2b0 3452 ses->server->sec_mode &
4e53a3fb
JL		 3453 SECMODE_PW_ENCRYPT ? true : false,
3454 bcc_ptr);
7c7b25bc
SF		 3455 else
3456#endif /* CIFS_WEAK_PW_HASH */
ee2c9258 3457 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
9ef5992e 3458 bcc_ptr, nls_codepage);
eeac8047 3459
540b2e37 3460 bcc_ptr += CIFS_AUTH_RESP_SIZE;
fb8c4b14 3461 if (ses->capabilities & CAP_UNICODE) {
7c7b25bc
SF		 3462 /* must align unicode strings */
3463 *bcc_ptr = 0; /* null byte password */
3464 bcc_ptr++;
3465 }
eeac8047 3466 }
1da177e4 3467
96daf2b0 3468 if (ses->server->sec_mode &
a878fb22 3469 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
1da177e4
LT		 3470 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3471
3472 if (ses->capabilities & CAP_STATUS32) {
3473 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3474 }
3475 if (ses->capabilities & CAP_DFS) {
3476 smb_buffer->Flags2 |= SMBFLG2_DFS;
3477 }
3478 if (ses->capabilities & CAP_UNICODE) {
3479 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3480 length =
50c2f753
SF		 3481 cifs_strtoUCS((__le16 *) bcc_ptr, tree,
3482 6 /* max utf8 char length in bytes */ *
a878fb22
SF		 3483 (/* server len*/ + 256 /* share len */), nls_codepage);
3484 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
1da177e4
LT		 3485 bcc_ptr += 2; /* skip trailing null */
3486 } else { /* ASCII */
1da177e4
LT		 3487 strcpy(bcc_ptr, tree);
3488 bcc_ptr += strlen(tree) + 1;
3489 }
3490 strcpy(bcc_ptr, "?????");
3491 bcc_ptr += strlen("?????");
3492 bcc_ptr += 1;
3493 count = bcc_ptr - &pSMB->Password[0];
be8e3b00
SF		 3494 pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
3495 pSMB->hdr.smb_buf_length) + count);
1da177e4
LT		 3496 pSMB->ByteCount = cpu_to_le16(count);
3497
133672ef 3498 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
7749981e 3499 0);
1da177e4 3500
1da177e4
LT		 3501 /* above now done in SendReceive */
3502 if ((rc == 0) && (tcon != NULL)) {
0e0d2cf3
SF		 3503 bool is_unicode;
3504
1da177e4 3505 tcon->tidStatus = CifsGood;
3b795210 3506 tcon->need_reconnect = false;
1da177e4
LT		 3507 tcon->tid = smb_buffer_response->Tid;
3508 bcc_ptr = pByteArea(smb_buffer_response);
690c522f 3509 bytes_left = get_bcc(smb_buffer_response);
cc20c031 3510 length = strnlen(bcc_ptr, bytes_left - 2);
0e0d2cf3
SF		 3511 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3512 is_unicode = true;
3513 else
3514 is_unicode = false;
3515
cc20c031 3516
50c2f753 3517 /* skip service field (NB: this field is always ASCII) */
7f8ed420
SF		 3518 if (length == 3) {
3519 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
3520 (bcc_ptr[2] == 'C')) {
b6b38f70 3521 cFYI(1, "IPC connection");
7f8ed420
SF		 3522 tcon->ipc = 1;
3523 }
3524 } else if (length == 2) {
3525 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
3526 /* the most common case */
b6b38f70 3527 cFYI(1, "disk share connection");
7f8ed420
SF		 3528 }
3529 }
50c2f753 3530 bcc_ptr += length + 1;
cc20c031 3531 bytes_left -= (length + 1);
1da177e4 3532 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
cc20c031
JL		 3533
3534 /* mostly informational -- no need to fail on error here */
90a98b2f 3535 kfree(tcon->nativeFileSystem);
d185cda7 3536 tcon->nativeFileSystem = cifs_strndup_from_ucs(bcc_ptr,
0e0d2cf3 3537 bytes_left, is_unicode,
cc20c031
JL		 3538 nls_codepage);
3539
b6b38f70 3540 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
cc20c031 3541
fb8c4b14 3542 if ((smb_buffer_response->WordCount == 3) ||
1a4e15a0
SF		 3543 (smb_buffer_response->WordCount == 7))
3544 /* field is in same location */
3979877e
SF		 3545 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3546 else
3547 tcon->Flags = 0;
b6b38f70 3548 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
1da177e4 3549 } else if ((rc == 0) && tcon == NULL) {
50c2f753 3550 /* all we need to save for IPC$ connection */
1da177e4
LT		 3551 ses->ipc_tid = smb_buffer_response->Tid;
3552 }
3553
a8a11d39 3554 cifs_buf_release(smb_buffer);
1da177e4
LT		 3555 return rc;
3556}
3557
2a9b9951
AV		 3558void
3559cifs_umount(struct cifs_sb_info *cifs_sb)
1da177e4 3560{
b647c35f
JL		 3561 struct rb_root *root = &cifs_sb->tlink_tree;
3562 struct rb_node *node;
3563 struct tcon_link *tlink;
9d002df4 3564
2de970ff
JL		 3565 cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
3566
b647c35f
JL		 3567 spin_lock(&cifs_sb->tlink_tree_lock);
3568 while ((node = rb_first(root))) {
3569 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3570 cifs_get_tlink(tlink);
3571 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3572 rb_erase(node, root);
1da177e4 3573
b647c35f
JL		 3574 spin_unlock(&cifs_sb->tlink_tree_lock);
3575 cifs_put_tlink(tlink);
3576 spin_lock(&cifs_sb->tlink_tree_lock);
3577 }
3578 spin_unlock(&cifs_sb->tlink_tree_lock);
50c2f753 3579
dd854466 3580 bdi_destroy(&cifs_sb->bdi);
d757d71b
AV		 3581 kfree(cifs_sb->mountdata);
3582 unload_nls(cifs_sb->local_nls);
3583 kfree(cifs_sb);
50c2f753 3584}
1da177e4 3585
96daf2b0 3586int cifs_negotiate_protocol(unsigned int xid, struct cifs_ses *ses)
1da177e4
LT		 3587{
3588 int rc = 0;
198b5682 3589 struct TCP_Server_Info *server = ses->server;
1da177e4 3590
198b5682
JL		 3591 /* only send once per connect */
3592 if (server->maxBuf != 0)
3593 return 0;
3594
3595 rc = CIFSSMBNegotiate(xid, ses);
3596 if (rc == -EAGAIN) {
3597 /* retry only once on 1st time connection */
3598 rc = CIFSSMBNegotiate(xid, ses);
3599 if (rc == -EAGAIN)
3600 rc = -EHOSTDOWN;
1da177e4 3601 }
198b5682
JL		 3602 if (rc == 0) {
3603 spin_lock(&GlobalMid_Lock);
7fdbaa1b 3604 if (server->tcpStatus == CifsNeedNegotiate)
198b5682
JL		 3605 server->tcpStatus = CifsGood;
3606 else
3607 rc = -EHOSTDOWN;
3608 spin_unlock(&GlobalMid_Lock);
26b994fa 3609
198b5682
JL		 3610 }
3611
3612 return rc;
3613}
3614
3615
96daf2b0 3616int cifs_setup_session(unsigned int xid, struct cifs_ses *ses,
198b5682
JL		 3617 struct nls_table *nls_info)
3618{
3619 int rc = 0;
3620 struct TCP_Server_Info *server = ses->server;
26b994fa 3621
198b5682
JL		 3622 ses->flags = 0;
3623 ses->capabilities = server->capabilities;
26b994fa 3624 if (linuxExtEnabled == 0)
198b5682 3625 ses->capabilities &= (~CAP_UNIX);
20418acd 3626
b6b38f70 3627 cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
96daf2b0 3628 server->sec_mode, server->capabilities, server->timeAdj);
cb7691b6 3629
198b5682 3630 rc = CIFS_SessSetup(xid, ses, nls_info);
26b994fa 3631 if (rc) {
b6b38f70 3632 cERROR(1, "Send error in SessSetup = %d", rc);
26b994fa 3633 } else {
5d0d2882
SP		 3634 mutex_lock(&ses->server->srv_mutex);
3635 if (!server->session_estab) {
21e73393 3636 server->session_key.response = ses->auth_key.response;
5d0d2882 3637 server->session_key.len = ses->auth_key.len;
21e73393
SP		 3638 server->sequence_number = 0x2;
3639 server->session_estab = true;
3640 ses->auth_key.response = NULL;
5d0d2882
SP		 3641 }
3642 mutex_unlock(&server->srv_mutex);
3643
b6b38f70 3644 cFYI(1, "CIFS Session Established successfully");
20418acd 3645 spin_lock(&GlobalMid_Lock);
198b5682
JL		 3646 ses->status = CifsGood;
3647 ses->need_reconnect = false;
20418acd 3648 spin_unlock(&GlobalMid_Lock);
1da177e4 3649 }
26b994fa 3650
21e73393
SP		 3651 kfree(ses->auth_key.response);
3652 ses->auth_key.response = NULL;
3653 ses->auth_key.len = 0;
d3686d54
SP		 3654 kfree(ses->ntlmssp);
3655 ses->ntlmssp = NULL;
21e73393 3656
1da177e4
LT		 3657 return rc;
3658}
3659
96daf2b0 3660static struct cifs_tcon *
9d002df4
JL		 3661cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
3662{
96daf2b0
SF		 3663 struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
3664 struct cifs_ses *ses;
3665 struct cifs_tcon *tcon = NULL;
9d002df4 3666 struct smb_vol *vol_info;
34c87901
SF		 3667 char username[28]; /* big enough for "krb50x" + hex of ULONG_MAX 6+16 */
3668 /* We used to have this as MAX_USERNAME which is */
3669 /* way too big now (256 instead of 32) */
9d002df4
JL		 3670
3671 vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
3672 if (vol_info == NULL) {
3673 tcon = ERR_PTR(-ENOMEM);
3674 goto out;
3675 }
3676
ea1be1a3 3677 snprintf(username, sizeof(username), "krb50x%x", fsuid);
9d002df4
JL		 3678 vol_info->username = username;
3679 vol_info->local_nls = cifs_sb->local_nls;
3680 vol_info->linux_uid = fsuid;
3681 vol_info->cred_uid = fsuid;
3682 vol_info->UNC = master_tcon->treeName;
3683 vol_info->retry = master_tcon->retry;
3684 vol_info->nocase = master_tcon->nocase;
3685 vol_info->local_lease = master_tcon->local_lease;
3686 vol_info->no_linux_ext = !master_tcon->unix_ext;
3687
3688 /* FIXME: allow for other secFlg settings */
3689 vol_info->secFlg = CIFSSEC_MUST_KRB5;
3690
3691 /* get a reference for the same TCP session */
3f9bcca7 3692 spin_lock(&cifs_tcp_ses_lock);
9d002df4 3693 ++master_tcon->ses->server->srv_count;
3f9bcca7 3694 spin_unlock(&cifs_tcp_ses_lock);
9d002df4
JL		 3695
3696 ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
3697 if (IS_ERR(ses)) {
96daf2b0 3698 tcon = (struct cifs_tcon *)ses;
9d002df4
JL		 3699 cifs_put_tcp_session(master_tcon->ses->server);
3700 goto out;
3701 }
3702
3703 tcon = cifs_get_tcon(ses, vol_info);
3704 if (IS_ERR(tcon)) {
3705 cifs_put_smb_ses(ses);
3706 goto out;
3707 }
3708
3709 if (ses->capabilities & CAP_UNIX)
3710 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
3711out:
3712 kfree(vol_info);
3713
3714 return tcon;
3715}
3716
96daf2b0 3717struct cifs_tcon *
9d002df4
JL		 3718cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
3719{
3720 return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
3721}
3722
3723static int
3724cifs_sb_tcon_pending_wait(void *unused)
3725{
3726 schedule();
3727 return signal_pending(current) ? -ERESTARTSYS : 0;
3728}
3729
b647c35f
JL		 3730/* find and return a tlink with given uid */
3731static struct tcon_link *
3732tlink_rb_search(struct rb_root *root, uid_t uid)
3733{
3734 struct rb_node *node = root->rb_node;
3735 struct tcon_link *tlink;
3736
3737 while (node) {
3738 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3739
3740 if (tlink->tl_uid > uid)
3741 node = node->rb_left;
3742 else if (tlink->tl_uid < uid)
3743 node = node->rb_right;
3744 else
3745 return tlink;
3746 }
3747 return NULL;
3748}
3749
3750/* insert a tcon_link into the tree */
3751static void
3752tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
3753{
3754 struct rb_node **new = &(root->rb_node), *parent = NULL;
3755 struct tcon_link *tlink;
3756
3757 while (*new) {
3758 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
3759 parent = *new;
3760
3761 if (tlink->tl_uid > new_tlink->tl_uid)
3762 new = &((*new)->rb_left);
3763 else
3764 new = &((*new)->rb_right);
3765 }
3766
3767 rb_link_node(&new_tlink->tl_rbnode, parent, new);
3768 rb_insert_color(&new_tlink->tl_rbnode, root);
3769}
3770
9d002df4
JL		 3771/*
3772 * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
3773 * current task.
3774 *
3775 * If the superblock doesn't refer to a multiuser mount, then just return
3776 * the master tcon for the mount.
3777 *
6ef933a3 3778 * First, search the rbtree for an existing tcon for this fsuid. If one
9d002df4
JL		 3779 * exists, then check to see if it's pending construction. If it is then wait
3780 * for construction to complete. Once it's no longer pending, check to see if
3781 * it failed and either return an error or retry construction, depending on
3782 * the timeout.
3783 *
3784 * If one doesn't exist then insert a new tcon_link struct into the tree and
3785 * try to construct a new one.
3786 */
3787struct tcon_link *
3788cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
3789{
3790 int ret;
b647c35f 3791 uid_t fsuid = current_fsuid();
9d002df4
JL		 3792 struct tcon_link *tlink, *newtlink;
3793
3794 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
3795 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
3796
3797 spin_lock(&cifs_sb->tlink_tree_lock);
b647c35f 3798 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
9d002df4
JL		 3799 if (tlink)
3800 cifs_get_tlink(tlink);
3801 spin_unlock(&cifs_sb->tlink_tree_lock);
3802
3803 if (tlink == NULL) {
3804 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
3805 if (newtlink == NULL)
3806 return ERR_PTR(-ENOMEM);
b647c35f 3807 newtlink->tl_uid = fsuid;
9d002df4
JL		 3808 newtlink->tl_tcon = ERR_PTR(-EACCES);
3809 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
3810 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
3811 cifs_get_tlink(newtlink);
3812
9d002df4
JL		 3813 spin_lock(&cifs_sb->tlink_tree_lock);
3814 /* was one inserted after previous search? */
b647c35f 3815 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
9d002df4
JL		 3816 if (tlink) {
3817 cifs_get_tlink(tlink);
3818 spin_unlock(&cifs_sb->tlink_tree_lock);
9d002df4
JL		 3819 kfree(newtlink);
3820 goto wait_for_construction;
3821 }
9d002df4 3822 tlink = newtlink;
b647c35f
JL		 3823 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
3824 spin_unlock(&cifs_sb->tlink_tree_lock);
9d002df4
JL		 3825 } else {
3826wait_for_construction:
3827 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
3828 cifs_sb_tcon_pending_wait,
3829 TASK_INTERRUPTIBLE);
3830 if (ret) {
3831 cifs_put_tlink(tlink);
3832 return ERR_PTR(ret);
3833 }
3834
3835 /* if it's good, return it */
3836 if (!IS_ERR(tlink->tl_tcon))
3837 return tlink;
3838
3839 /* return error if we tried this already recently */
3840 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
3841 cifs_put_tlink(tlink);
3842 return ERR_PTR(-EACCES);
3843 }
3844
3845 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
3846 goto wait_for_construction;
3847 }
3848
3849 tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
3850 clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
3851 wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
3852
3853 if (IS_ERR(tlink->tl_tcon)) {
3854 cifs_put_tlink(tlink);
3855 return ERR_PTR(-EACCES);
3856 }
3857
3858 return tlink;
3859}
2de970ff
JL		 3860
3861/*
3862 * periodic workqueue job that scans tcon_tree for a superblock and closes
3863 * out tcons.
3864 */
3865static void
3866cifs_prune_tlinks(struct work_struct *work)
3867{
3868 struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
3869 prune_tlinks.work);
b647c35f
JL		 3870 struct rb_root *root = &cifs_sb->tlink_tree;
3871 struct rb_node *node = rb_first(root);
3872 struct rb_node *tmp;
3873 struct tcon_link *tlink;
2de970ff 3874
b647c35f
JL		 3875 /*
3876 * Because we drop the spinlock in the loop in order to put the tlink
3877 * it's not guarded against removal of links from the tree. The only
3878 * places that remove entries from the tree are this function and
3879 * umounts. Because this function is non-reentrant and is canceled
3880 * before umount can proceed, this is safe.
3881 */
3882 spin_lock(&cifs_sb->tlink_tree_lock);
3883 node = rb_first(root);
3884 while (node != NULL) {
3885 tmp = node;
3886 node = rb_next(tmp);
3887 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
3888
3889 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
3890 atomic_read(&tlink->tl_count) != 0 ||
3891 time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
3892 continue;
2de970ff 3893
b647c35f
JL		 3894 cifs_get_tlink(tlink);
3895 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3896 rb_erase(tmp, root);
3897
3898 spin_unlock(&cifs_sb->tlink_tree_lock);
3899 cifs_put_tlink(tlink);
3900 spin_lock(&cifs_sb->tlink_tree_lock);
3901 }
3902 spin_unlock(&cifs_sb->tlink_tree_lock);
2de970ff
JL		 3903
3904 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3905 TLINK_IDLE_EXPIRE);
3906}
Linux 6.x block layer and io_uring tree(s)