Avoid beyond bounds copy while caching ACL
[zen-stable.git] / fs / cifs / connect.c
blob0ac595c8c2624fec58daac1c38479144333f5d7a
1 /*
2 * fs/cifs/connect.c
4 * Copyright (C) International Business Machines Corp., 2002,2009
5 * Author(s): Steve French (sfrench@us.ibm.com)
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/slab.h>
27 #include <linux/pagemap.h>
28 #include <linux/ctype.h>
29 #include <linux/utsname.h>
30 #include <linux/mempool.h>
31 #include <linux/delay.h>
32 #include <linux/completion.h>
33 #include <linux/kthread.h>
34 #include <linux/pagevec.h>
35 #include <linux/freezer.h>
36 #include <linux/namei.h>
37 #include <asm/uaccess.h>
38 #include <asm/processor.h>
39 #include <linux/inet.h>
40 #include <linux/module.h>
41 #include <keys/user-type.h>
42 #include <net/ipv6.h>
43 #include "cifspdu.h"
44 #include "cifsglob.h"
45 #include "cifsproto.h"
46 #include "cifs_unicode.h"
47 #include "cifs_debug.h"
48 #include "cifs_fs_sb.h"
49 #include "ntlmssp.h"
50 #include "nterr.h"
51 #include "rfc1002pdu.h"
52 #include "fscache.h"
54 #define CIFS_PORT 445
55 #define RFC1001_PORT 139
57 /* SMB echo "timeout" -- FIXME: tunable? */
58 #define SMB_ECHO_INTERVAL (60 * HZ)
60 extern mempool_t *cifs_req_poolp;
62 /* FIXME: should these be tunable? */
63 #define TLINK_ERROR_EXPIRE (1 * HZ)
64 #define TLINK_IDLE_EXPIRE (600 * HZ)
66 static int ip_connect(struct TCP_Server_Info *server);
67 static int generic_ip_connect(struct TCP_Server_Info *server);
68 static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
69 static void cifs_prune_tlinks(struct work_struct *work);
70 static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
71 const char *devname);
74 * cifs tcp session reconnection
76 * mark tcp session as reconnecting so temporarily locked
77 * mark all smb sessions as reconnecting for tcp session
78 * reconnect tcp session
79 * wake up waiters on reconnection? - (not needed currently)
81 static int
82 cifs_reconnect(struct TCP_Server_Info *server)
84 int rc = 0;
85 struct list_head *tmp, *tmp2;
86 struct cifs_ses *ses;
87 struct cifs_tcon *tcon;
88 struct mid_q_entry *mid_entry;
89 struct list_head retry_list;
91 spin_lock(&GlobalMid_Lock);
92 if (server->tcpStatus == CifsExiting) {
93 /* the demux thread will exit normally
94 next time through the loop */
95 spin_unlock(&GlobalMid_Lock);
96 return rc;
97 } else
98 server->tcpStatus = CifsNeedReconnect;
99 spin_unlock(&GlobalMid_Lock);
100 server->maxBuf = 0;
102 cFYI(1, "Reconnecting tcp session");
104 /* before reconnecting the tcp session, mark the smb session (uid)
105 and the tid bad so they are not used until reconnected */
106 cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
107 spin_lock(&cifs_tcp_ses_lock);
108 list_for_each(tmp, &server->smb_ses_list) {
109 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
110 ses->need_reconnect = true;
111 ses->ipc_tid = 0;
112 list_for_each(tmp2, &ses->tcon_list) {
113 tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
114 tcon->need_reconnect = true;
117 spin_unlock(&cifs_tcp_ses_lock);
119 /* do not want to be sending data on a socket we are freeing */
120 cFYI(1, "%s: tearing down socket", __func__);
121 mutex_lock(&server->srv_mutex);
122 if (server->ssocket) {
123 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
124 server->ssocket->flags);
125 kernel_sock_shutdown(server->ssocket, SHUT_WR);
126 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
127 server->ssocket->state,
128 server->ssocket->flags);
129 sock_release(server->ssocket);
130 server->ssocket = NULL;
132 server->sequence_number = 0;
133 server->session_estab = false;
134 kfree(server->session_key.response);
135 server->session_key.response = NULL;
136 server->session_key.len = 0;
137 server->lstrp = jiffies;
138 mutex_unlock(&server->srv_mutex);
140 /* mark submitted MIDs for retry and issue callback */
141 INIT_LIST_HEAD(&retry_list);
142 cFYI(1, "%s: moving mids to private list", __func__);
143 spin_lock(&GlobalMid_Lock);
144 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
145 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
146 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
147 mid_entry->midState = MID_RETRY_NEEDED;
148 list_move(&mid_entry->qhead, &retry_list);
150 spin_unlock(&GlobalMid_Lock);
152 cFYI(1, "%s: issuing mid callbacks", __func__);
153 list_for_each_safe(tmp, tmp2, &retry_list) {
154 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
155 list_del_init(&mid_entry->qhead);
156 mid_entry->callback(mid_entry);
159 do {
160 try_to_freeze();
162 /* we should try only the port we connected to before */
163 rc = generic_ip_connect(server);
164 if (rc) {
165 cFYI(1, "reconnect error %d", rc);
166 msleep(3000);
167 } else {
168 atomic_inc(&tcpSesReconnectCount);
169 spin_lock(&GlobalMid_Lock);
170 if (server->tcpStatus != CifsExiting)
171 server->tcpStatus = CifsNeedNegotiate;
172 spin_unlock(&GlobalMid_Lock);
174 } while (server->tcpStatus == CifsNeedReconnect);
176 return rc;
180 return codes:
181 0 not a transact2, or all data present
182 >0 transact2 with that much data missing
183 -EINVAL = invalid transact2
186 static int check2ndT2(struct smb_hdr *pSMB)
188 struct smb_t2_rsp *pSMBt;
189 int remaining;
190 __u16 total_data_size, data_in_this_rsp;
192 if (pSMB->Command != SMB_COM_TRANSACTION2)
193 return 0;
195 /* check for plausible wct, bcc and t2 data and parm sizes */
196 /* check for parm and data offset going beyond end of smb */
197 if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
198 cFYI(1, "invalid transact2 word count");
199 return -EINVAL;
202 pSMBt = (struct smb_t2_rsp *)pSMB;
204 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
205 data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
207 if (total_data_size == data_in_this_rsp)
208 return 0;
209 else if (total_data_size < data_in_this_rsp) {
210 cFYI(1, "total data %d smaller than data in frame %d",
211 total_data_size, data_in_this_rsp);
212 return -EINVAL;
215 remaining = total_data_size - data_in_this_rsp;
217 cFYI(1, "missing %d bytes from transact2, check next response",
218 remaining);
219 if (total_data_size > CIFSMaxBufSize) {
220 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
221 total_data_size, CIFSMaxBufSize);
222 return -EINVAL;
224 return remaining;
227 static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
229 struct smb_t2_rsp *pSMBs = (struct smb_t2_rsp *)psecond;
230 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
231 char *data_area_of_tgt;
232 char *data_area_of_src;
233 int remaining;
234 unsigned int byte_count, total_in_tgt;
235 __u16 tgt_total_cnt, src_total_cnt, total_in_src;
237 src_total_cnt = get_unaligned_le16(&pSMBs->t2_rsp.TotalDataCount);
238 tgt_total_cnt = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
240 if (tgt_total_cnt != src_total_cnt)
241 cFYI(1, "total data count of primary and secondary t2 differ "
242 "source=%hu target=%hu", src_total_cnt, tgt_total_cnt);
244 total_in_tgt = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
246 remaining = tgt_total_cnt - total_in_tgt;
248 if (remaining < 0) {
249 cFYI(1, "Server sent too much data. tgt_total_cnt=%hu "
250 "total_in_tgt=%hu", tgt_total_cnt, total_in_tgt);
251 return -EPROTO;
254 if (remaining == 0) {
255 /* nothing to do, ignore */
256 cFYI(1, "no more data remains");
257 return 0;
260 total_in_src = get_unaligned_le16(&pSMBs->t2_rsp.DataCount);
261 if (remaining < total_in_src)
262 cFYI(1, "transact2 2nd response contains too much data");
264 /* find end of first SMB data area */
265 data_area_of_tgt = (char *)&pSMBt->hdr.Protocol +
266 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
268 /* validate target area */
269 data_area_of_src = (char *)&pSMBs->hdr.Protocol +
270 get_unaligned_le16(&pSMBs->t2_rsp.DataOffset);
272 data_area_of_tgt += total_in_tgt;
274 total_in_tgt += total_in_src;
275 /* is the result too big for the field? */
276 if (total_in_tgt > USHRT_MAX) {
277 cFYI(1, "coalesced DataCount too large (%u)", total_in_tgt);
278 return -EPROTO;
280 put_unaligned_le16(total_in_tgt, &pSMBt->t2_rsp.DataCount);
282 /* fix up the BCC */
283 byte_count = get_bcc(pTargetSMB);
284 byte_count += total_in_src;
285 /* is the result too big for the field? */
286 if (byte_count > USHRT_MAX) {
287 cFYI(1, "coalesced BCC too large (%u)", byte_count);
288 return -EPROTO;
290 put_bcc(byte_count, pTargetSMB);
292 byte_count = be32_to_cpu(pTargetSMB->smb_buf_length);
293 byte_count += total_in_src;
294 /* don't allow buffer to overflow */
295 if (byte_count > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
296 cFYI(1, "coalesced BCC exceeds buffer size (%u)", byte_count);
297 return -ENOBUFS;
299 pTargetSMB->smb_buf_length = cpu_to_be32(byte_count);
301 /* copy second buffer into end of first buffer */
302 memcpy(data_area_of_tgt, data_area_of_src, total_in_src);
304 if (remaining != total_in_src) {
305 /* more responses to go */
306 cFYI(1, "waiting for more secondary responses");
307 return 1;
310 /* we are done */
311 cFYI(1, "found the last secondary response");
312 return 0;
315 static void
316 cifs_echo_request(struct work_struct *work)
318 int rc;
319 struct TCP_Server_Info *server = container_of(work,
320 struct TCP_Server_Info, echo.work);
323 * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
324 * done, which is indicated by maxBuf != 0. Also, no need to ping if
325 * we got a response recently
327 if (server->maxBuf == 0 ||
328 time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
329 goto requeue_echo;
331 rc = CIFSSMBEcho(server);
332 if (rc)
333 cFYI(1, "Unable to send echo request to server: %s",
334 server->hostname);
336 requeue_echo:
337 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
340 static bool
341 allocate_buffers(struct TCP_Server_Info *server)
343 if (!server->bigbuf) {
344 server->bigbuf = (char *)cifs_buf_get();
345 if (!server->bigbuf) {
346 cERROR(1, "No memory for large SMB response");
347 msleep(3000);
348 /* retry will check if exiting */
349 return false;
351 } else if (server->large_buf) {
352 /* we are reusing a dirty large buf, clear its start */
353 memset(server->bigbuf, 0, sizeof(struct smb_hdr));
356 if (!server->smallbuf) {
357 server->smallbuf = (char *)cifs_small_buf_get();
358 if (!server->smallbuf) {
359 cERROR(1, "No memory for SMB response");
360 msleep(1000);
361 /* retry will check if exiting */
362 return false;
364 /* beginning of smb buffer is cleared in our buf_get */
365 } else {
366 /* if existing small buf clear beginning */
367 memset(server->smallbuf, 0, sizeof(struct smb_hdr));
370 return true;
373 static bool
374 server_unresponsive(struct TCP_Server_Info *server)
376 if (echo_retries > 0 && server->tcpStatus == CifsGood &&
377 time_after(jiffies, server->lstrp +
378 (echo_retries * SMB_ECHO_INTERVAL))) {
379 cERROR(1, "Server %s has not responded in %d seconds. "
380 "Reconnecting...", server->hostname,
381 (echo_retries * SMB_ECHO_INTERVAL / HZ));
382 cifs_reconnect(server);
383 wake_up(&server->response_q);
384 return true;
387 return false;
391 * kvec_array_init - clone a kvec array, and advance into it
392 * @new: pointer to memory for cloned array
393 * @iov: pointer to original array
394 * @nr_segs: number of members in original array
395 * @bytes: number of bytes to advance into the cloned array
397 * This function will copy the array provided in iov to a section of memory
398 * and advance the specified number of bytes into the new array. It returns
399 * the number of segments in the new array. "new" must be at least as big as
400 * the original iov array.
402 static unsigned int
403 kvec_array_init(struct kvec *new, struct kvec *iov, unsigned int nr_segs,
404 size_t bytes)
406 size_t base = 0;
408 while (bytes || !iov->iov_len) {
409 int copy = min(bytes, iov->iov_len);
411 bytes -= copy;
412 base += copy;
413 if (iov->iov_len == base) {
414 iov++;
415 nr_segs--;
416 base = 0;
419 memcpy(new, iov, sizeof(*iov) * nr_segs);
420 new->iov_base += base;
421 new->iov_len -= base;
422 return nr_segs;
425 static struct kvec *
426 get_server_iovec(struct TCP_Server_Info *server, unsigned int nr_segs)
428 struct kvec *new_iov;
430 if (server->iov && nr_segs <= server->nr_iov)
431 return server->iov;
433 /* not big enough -- allocate a new one and release the old */
434 new_iov = kmalloc(sizeof(*new_iov) * nr_segs, GFP_NOFS);
435 if (new_iov) {
436 kfree(server->iov);
437 server->iov = new_iov;
438 server->nr_iov = nr_segs;
440 return new_iov;
444 cifs_readv_from_socket(struct TCP_Server_Info *server, struct kvec *iov_orig,
445 unsigned int nr_segs, unsigned int to_read)
447 int length = 0;
448 int total_read;
449 unsigned int segs;
450 struct msghdr smb_msg;
451 struct kvec *iov;
453 iov = get_server_iovec(server, nr_segs);
454 if (!iov)
455 return -ENOMEM;
457 smb_msg.msg_control = NULL;
458 smb_msg.msg_controllen = 0;
460 for (total_read = 0; to_read; total_read += length, to_read -= length) {
461 try_to_freeze();
463 if (server_unresponsive(server)) {
464 total_read = -EAGAIN;
465 break;
468 segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
470 length = kernel_recvmsg(server->ssocket, &smb_msg,
471 iov, segs, to_read, 0);
473 if (server->tcpStatus == CifsExiting) {
474 total_read = -ESHUTDOWN;
475 break;
476 } else if (server->tcpStatus == CifsNeedReconnect) {
477 cifs_reconnect(server);
478 total_read = -EAGAIN;
479 break;
480 } else if (length == -ERESTARTSYS ||
481 length == -EAGAIN ||
482 length == -EINTR) {
484 * Minimum sleep to prevent looping, allowing socket
485 * to clear and app threads to set tcpStatus
486 * CifsNeedReconnect if server hung.
488 usleep_range(1000, 2000);
489 length = 0;
490 continue;
491 } else if (length <= 0) {
492 cFYI(1, "Received no data or error: expecting %d "
493 "got %d", to_read, length);
494 cifs_reconnect(server);
495 total_read = -EAGAIN;
496 break;
499 return total_read;
503 cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
504 unsigned int to_read)
506 struct kvec iov;
508 iov.iov_base = buf;
509 iov.iov_len = to_read;
511 return cifs_readv_from_socket(server, &iov, 1, to_read);
514 static bool
515 is_smb_response(struct TCP_Server_Info *server, unsigned char type)
518 * The first byte big endian of the length field,
519 * is actually not part of the length but the type
520 * with the most common, zero, as regular data.
522 switch (type) {
523 case RFC1002_SESSION_MESSAGE:
524 /* Regular SMB response */
525 return true;
526 case RFC1002_SESSION_KEEP_ALIVE:
527 cFYI(1, "RFC 1002 session keep alive");
528 break;
529 case RFC1002_POSITIVE_SESSION_RESPONSE:
530 cFYI(1, "RFC 1002 positive session response");
531 break;
532 case RFC1002_NEGATIVE_SESSION_RESPONSE:
534 * We get this from Windows 98 instead of an error on
535 * SMB negprot response.
537 cFYI(1, "RFC 1002 negative session response");
538 /* give server a second to clean up */
539 msleep(1000);
541 * Always try 445 first on reconnect since we get NACK
542 * on some if we ever connected to port 139 (the NACK
543 * is since we do not begin with RFC1001 session
544 * initialize frame).
546 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
547 cifs_reconnect(server);
548 wake_up(&server->response_q);
549 break;
550 default:
551 cERROR(1, "RFC 1002 unknown response type 0x%x", type);
552 cifs_reconnect(server);
555 return false;
558 static struct mid_q_entry *
559 find_mid(struct TCP_Server_Info *server, struct smb_hdr *buf)
561 struct mid_q_entry *mid;
563 spin_lock(&GlobalMid_Lock);
564 list_for_each_entry(mid, &server->pending_mid_q, qhead) {
565 if (mid->mid == buf->Mid &&
566 mid->midState == MID_REQUEST_SUBMITTED &&
567 mid->command == buf->Command) {
568 spin_unlock(&GlobalMid_Lock);
569 return mid;
572 spin_unlock(&GlobalMid_Lock);
573 return NULL;
576 void
577 dequeue_mid(struct mid_q_entry *mid, bool malformed)
579 #ifdef CONFIG_CIFS_STATS2
580 mid->when_received = jiffies;
581 #endif
582 spin_lock(&GlobalMid_Lock);
583 if (!malformed)
584 mid->midState = MID_RESPONSE_RECEIVED;
585 else
586 mid->midState = MID_RESPONSE_MALFORMED;
587 list_del_init(&mid->qhead);
588 spin_unlock(&GlobalMid_Lock);
591 static void
592 handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
593 struct smb_hdr *buf, int malformed)
595 if (malformed == 0 && check2ndT2(buf) > 0) {
596 mid->multiRsp = true;
597 if (mid->resp_buf) {
598 /* merge response - fix up 1st*/
599 malformed = coalesce_t2(buf, mid->resp_buf);
600 if (malformed > 0)
601 return;
603 /* All parts received or packet is malformed. */
604 mid->multiEnd = true;
605 return dequeue_mid(mid, malformed);
607 if (!server->large_buf) {
608 /*FIXME: switch to already allocated largebuf?*/
609 cERROR(1, "1st trans2 resp needs bigbuf");
610 } else {
611 /* Have first buffer */
612 mid->resp_buf = buf;
613 mid->largeBuf = true;
614 server->bigbuf = NULL;
616 return;
618 mid->resp_buf = buf;
619 mid->largeBuf = server->large_buf;
620 /* Was previous buf put in mpx struct for multi-rsp? */
621 if (!mid->multiRsp) {
622 /* smb buffer will be freed by user thread */
623 if (server->large_buf)
624 server->bigbuf = NULL;
625 else
626 server->smallbuf = NULL;
628 dequeue_mid(mid, malformed);
631 static void clean_demultiplex_info(struct TCP_Server_Info *server)
633 int length;
635 /* take it off the list, if it's not already */
636 spin_lock(&cifs_tcp_ses_lock);
637 list_del_init(&server->tcp_ses_list);
638 spin_unlock(&cifs_tcp_ses_lock);
640 spin_lock(&GlobalMid_Lock);
641 server->tcpStatus = CifsExiting;
642 spin_unlock(&GlobalMid_Lock);
643 wake_up_all(&server->response_q);
645 /* Check if we have blocked requests that need to free. */
646 spin_lock(&GlobalMid_Lock);
647 if (atomic_read(&server->inFlight) >= server->maxReq)
648 atomic_set(&server->inFlight, server->maxReq - 1);
650 * We do not want to set the max_pending too low or we could end up
651 * with the counter going negative.
653 spin_unlock(&GlobalMid_Lock);
655 * Although there should not be any requests blocked on this queue it
656 * can not hurt to be paranoid and try to wake up requests that may
657 * haven been blocked when more than 50 at time were on the wire to the
658 * same server - they now will see the session is in exit state and get
659 * out of SendReceive.
661 wake_up_all(&server->request_q);
662 /* give those requests time to exit */
663 msleep(125);
665 if (server->ssocket) {
666 sock_release(server->ssocket);
667 server->ssocket = NULL;
670 if (!list_empty(&server->pending_mid_q)) {
671 struct list_head dispose_list;
672 struct mid_q_entry *mid_entry;
673 struct list_head *tmp, *tmp2;
675 INIT_LIST_HEAD(&dispose_list);
676 spin_lock(&GlobalMid_Lock);
677 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
678 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
679 cFYI(1, "Clearing mid 0x%x", mid_entry->mid);
680 mid_entry->midState = MID_SHUTDOWN;
681 list_move(&mid_entry->qhead, &dispose_list);
683 spin_unlock(&GlobalMid_Lock);
685 /* now walk dispose list and issue callbacks */
686 list_for_each_safe(tmp, tmp2, &dispose_list) {
687 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
688 cFYI(1, "Callback mid 0x%x", mid_entry->mid);
689 list_del_init(&mid_entry->qhead);
690 mid_entry->callback(mid_entry);
692 /* 1/8th of sec is more than enough time for them to exit */
693 msleep(125);
696 if (!list_empty(&server->pending_mid_q)) {
698 * mpx threads have not exited yet give them at least the smb
699 * send timeout time for long ops.
701 * Due to delays on oplock break requests, we need to wait at
702 * least 45 seconds before giving up on a request getting a
703 * response and going ahead and killing cifsd.
705 cFYI(1, "Wait for exit from demultiplex thread");
706 msleep(46000);
708 * If threads still have not exited they are probably never
709 * coming home not much else we can do but free the memory.
713 kfree(server->hostname);
714 kfree(server->iov);
715 kfree(server);
717 length = atomic_dec_return(&tcpSesAllocCount);
718 if (length > 0)
719 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
720 GFP_KERNEL);
723 static int
724 standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
726 int length;
727 char *buf = server->smallbuf;
728 struct smb_hdr *smb_buffer = (struct smb_hdr *)buf;
729 unsigned int pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
731 /* make sure this will fit in a large buffer */
732 if (pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
733 cERROR(1, "SMB response too long (%u bytes)",
734 pdu_length);
735 cifs_reconnect(server);
736 wake_up(&server->response_q);
737 return -EAGAIN;
740 /* switch to large buffer if too big for a small one */
741 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
742 server->large_buf = true;
743 memcpy(server->bigbuf, server->smallbuf, server->total_read);
744 buf = server->bigbuf;
745 smb_buffer = (struct smb_hdr *)buf;
748 /* now read the rest */
749 length = cifs_read_from_socket(server,
750 buf + sizeof(struct smb_hdr) - 1,
751 pdu_length - sizeof(struct smb_hdr) + 1 + 4);
752 if (length < 0)
753 return length;
754 server->total_read += length;
756 dump_smb(smb_buffer, server->total_read);
759 * We know that we received enough to get to the MID as we
760 * checked the pdu_length earlier. Now check to see
761 * if the rest of the header is OK. We borrow the length
762 * var for the rest of the loop to avoid a new stack var.
764 * 48 bytes is enough to display the header and a little bit
765 * into the payload for debugging purposes.
767 length = checkSMB(smb_buffer, smb_buffer->Mid, server->total_read);
768 if (length != 0)
769 cifs_dump_mem("Bad SMB: ", buf,
770 min_t(unsigned int, server->total_read, 48));
772 if (!mid)
773 return length;
775 handle_mid(mid, server, smb_buffer, length);
776 return 0;
779 static int
780 cifs_demultiplex_thread(void *p)
782 int length;
783 struct TCP_Server_Info *server = p;
784 unsigned int pdu_length;
785 char *buf = NULL;
786 struct smb_hdr *smb_buffer = NULL;
787 struct task_struct *task_to_wake = NULL;
788 struct mid_q_entry *mid_entry;
790 current->flags |= PF_MEMALLOC;
791 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
793 length = atomic_inc_return(&tcpSesAllocCount);
794 if (length > 1)
795 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
796 GFP_KERNEL);
798 set_freezable();
799 while (server->tcpStatus != CifsExiting) {
800 if (try_to_freeze())
801 continue;
803 if (!allocate_buffers(server))
804 continue;
806 server->large_buf = false;
807 smb_buffer = (struct smb_hdr *)server->smallbuf;
808 buf = server->smallbuf;
809 pdu_length = 4; /* enough to get RFC1001 header */
811 length = cifs_read_from_socket(server, buf, pdu_length);
812 if (length < 0)
813 continue;
814 server->total_read = length;
817 * The right amount was read from socket - 4 bytes,
818 * so we can now interpret the length field.
820 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
822 cFYI(1, "RFC1002 header 0x%x", pdu_length);
823 if (!is_smb_response(server, buf[0]))
824 continue;
826 /* make sure we have enough to get to the MID */
827 if (pdu_length < sizeof(struct smb_hdr) - 1 - 4) {
828 cERROR(1, "SMB response too short (%u bytes)",
829 pdu_length);
830 cifs_reconnect(server);
831 wake_up(&server->response_q);
832 continue;
835 /* read down to the MID */
836 length = cifs_read_from_socket(server, buf + 4,
837 sizeof(struct smb_hdr) - 1 - 4);
838 if (length < 0)
839 continue;
840 server->total_read += length;
842 mid_entry = find_mid(server, smb_buffer);
844 if (!mid_entry || !mid_entry->receive)
845 length = standard_receive3(server, mid_entry);
846 else
847 length = mid_entry->receive(server, mid_entry);
849 if (length < 0)
850 continue;
852 if (server->large_buf) {
853 buf = server->bigbuf;
854 smb_buffer = (struct smb_hdr *)buf;
857 server->lstrp = jiffies;
858 if (mid_entry != NULL) {
859 if (!mid_entry->multiRsp || mid_entry->multiEnd)
860 mid_entry->callback(mid_entry);
861 } else if (!is_valid_oplock_break(smb_buffer, server)) {
862 cERROR(1, "No task to wake, unknown frame received! "
863 "NumMids %d", atomic_read(&midCount));
864 cifs_dump_mem("Received Data is: ", buf,
865 sizeof(struct smb_hdr));
866 #ifdef CONFIG_CIFS_DEBUG2
867 cifs_dump_detail(smb_buffer);
868 cifs_dump_mids(server);
869 #endif /* CIFS_DEBUG2 */
872 } /* end while !EXITING */
874 /* buffer usually freed in free_mid - need to free it here on exit */
875 cifs_buf_release(server->bigbuf);
876 if (server->smallbuf) /* no sense logging a debug message if NULL */
877 cifs_small_buf_release(server->smallbuf);
879 task_to_wake = xchg(&server->tsk, NULL);
880 clean_demultiplex_info(server);
882 /* if server->tsk was NULL then wait for a signal before exiting */
883 if (!task_to_wake) {
884 set_current_state(TASK_INTERRUPTIBLE);
885 while (!signal_pending(current)) {
886 schedule();
887 set_current_state(TASK_INTERRUPTIBLE);
889 set_current_state(TASK_RUNNING);
892 module_put_and_exit(0);
895 /* extract the host portion of the UNC string */
896 static char *
897 extract_hostname(const char *unc)
899 const char *src;
900 char *dst, *delim;
901 unsigned int len;
903 /* skip double chars at beginning of string */
904 /* BB: check validity of these bytes? */
905 src = unc + 2;
907 /* delimiter between hostname and sharename is always '\\' now */
908 delim = strchr(src, '\\');
909 if (!delim)
910 return ERR_PTR(-EINVAL);
912 len = delim - src;
913 dst = kmalloc((len + 1), GFP_KERNEL);
914 if (dst == NULL)
915 return ERR_PTR(-ENOMEM);
917 memcpy(dst, src, len);
918 dst[len] = '\0';
920 return dst;
923 static int
924 cifs_parse_mount_options(const char *mountdata, const char *devname,
925 struct smb_vol *vol)
927 char *value, *data, *end;
928 char *mountdata_copy = NULL, *options;
929 int err;
930 unsigned int temp_len, i, j;
931 char separator[2];
932 short int override_uid = -1;
933 short int override_gid = -1;
934 bool uid_specified = false;
935 bool gid_specified = false;
936 char *nodename = utsname()->nodename;
938 separator[0] = ',';
939 separator[1] = 0;
942 * does not have to be perfect mapping since field is
943 * informational, only used for servers that do not support
944 * port 445 and it can be overridden at mount time
946 memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
947 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
948 vol->source_rfc1001_name[i] = toupper(nodename[i]);
950 vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
951 /* null target name indicates to use *SMBSERVR default called name
952 if we end up sending RFC1001 session initialize */
953 vol->target_rfc1001_name[0] = 0;
954 vol->cred_uid = current_uid();
955 vol->linux_uid = current_uid();
956 vol->linux_gid = current_gid();
958 /* default to only allowing write access to owner of the mount */
959 vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
961 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
962 /* default is always to request posix paths. */
963 vol->posix_paths = 1;
964 /* default to using server inode numbers where available */
965 vol->server_ino = 1;
967 vol->actimeo = CIFS_DEF_ACTIMEO;
969 if (!mountdata)
970 goto cifs_parse_mount_err;
972 mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
973 if (!mountdata_copy)
974 goto cifs_parse_mount_err;
976 options = mountdata_copy;
977 end = options + strlen(options);
978 if (strncmp(options, "sep=", 4) == 0) {
979 if (options[4] != 0) {
980 separator[0] = options[4];
981 options += 5;
982 } else {
983 cFYI(1, "Null separator not allowed");
986 vol->backupuid_specified = false; /* no backup intent for a user */
987 vol->backupgid_specified = false; /* no backup intent for a group */
989 while ((data = strsep(&options, separator)) != NULL) {
990 if (!*data)
991 continue;
992 if ((value = strchr(data, '=')) != NULL)
993 *value++ = '\0';
995 /* Have to parse this before we parse for "user" */
996 if (strnicmp(data, "user_xattr", 10) == 0) {
997 vol->no_xattr = 0;
998 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
999 vol->no_xattr = 1;
1000 } else if (strnicmp(data, "user", 4) == 0) {
1001 if (!value) {
1002 printk(KERN_WARNING
1003 "CIFS: invalid or missing username\n");
1004 goto cifs_parse_mount_err;
1005 } else if (!*value) {
1006 /* null user, ie anonymous, authentication */
1007 vol->nullauth = 1;
1009 if (strnlen(value, MAX_USERNAME_SIZE) <
1010 MAX_USERNAME_SIZE) {
1011 vol->username = kstrdup(value, GFP_KERNEL);
1012 if (!vol->username) {
1013 printk(KERN_WARNING "CIFS: no memory "
1014 "for username\n");
1015 goto cifs_parse_mount_err;
1017 } else {
1018 printk(KERN_WARNING "CIFS: username too long\n");
1019 goto cifs_parse_mount_err;
1021 } else if (strnicmp(data, "pass", 4) == 0) {
1022 if (!value) {
1023 vol->password = NULL;
1024 continue;
1025 } else if (value[0] == 0) {
1026 /* check if string begins with double comma
1027 since that would mean the password really
1028 does start with a comma, and would not
1029 indicate an empty string */
1030 if (value[1] != separator[0]) {
1031 vol->password = NULL;
1032 continue;
1035 temp_len = strlen(value);
1036 /* removed password length check, NTLM passwords
1037 can be arbitrarily long */
1039 /* if comma in password, the string will be
1040 prematurely null terminated. Commas in password are
1041 specified across the cifs mount interface by a double
1042 comma ie ,, and a comma used as in other cases ie ','
1043 as a parameter delimiter/separator is single and due
1044 to the strsep above is temporarily zeroed. */
1046 /* NB: password legally can have multiple commas and
1047 the only illegal character in a password is null */
1049 if ((value[temp_len] == 0) &&
1050 (value + temp_len < end) &&
1051 (value[temp_len+1] == separator[0])) {
1052 /* reinsert comma */
1053 value[temp_len] = separator[0];
1054 temp_len += 2; /* move after second comma */
1055 while (value[temp_len] != 0) {
1056 if (value[temp_len] == separator[0]) {
1057 if (value[temp_len+1] ==
1058 separator[0]) {
1059 /* skip second comma */
1060 temp_len++;
1061 } else {
1062 /* single comma indicating start
1063 of next parm */
1064 break;
1067 temp_len++;
1069 if (value[temp_len] == 0) {
1070 options = NULL;
1071 } else {
1072 value[temp_len] = 0;
1073 /* point option to start of next parm */
1074 options = value + temp_len + 1;
1076 /* go from value to value + temp_len condensing
1077 double commas to singles. Note that this ends up
1078 allocating a few bytes too many, which is ok */
1079 vol->password = kzalloc(temp_len, GFP_KERNEL);
1080 if (vol->password == NULL) {
1081 printk(KERN_WARNING "CIFS: no memory "
1082 "for password\n");
1083 goto cifs_parse_mount_err;
1085 for (i = 0, j = 0; i < temp_len; i++, j++) {
1086 vol->password[j] = value[i];
1087 if (value[i] == separator[0]
1088 && value[i+1] == separator[0]) {
1089 /* skip second comma */
1090 i++;
1093 vol->password[j] = 0;
1094 } else {
1095 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
1096 if (vol->password == NULL) {
1097 printk(KERN_WARNING "CIFS: no memory "
1098 "for password\n");
1099 goto cifs_parse_mount_err;
1101 strcpy(vol->password, value);
1103 } else if (!strnicmp(data, "ip", 2) ||
1104 !strnicmp(data, "addr", 4)) {
1105 if (!value || !*value) {
1106 vol->UNCip = NULL;
1107 } else if (strnlen(value, INET6_ADDRSTRLEN) <
1108 INET6_ADDRSTRLEN) {
1109 vol->UNCip = kstrdup(value, GFP_KERNEL);
1110 if (!vol->UNCip) {
1111 printk(KERN_WARNING "CIFS: no memory "
1112 "for UNC IP\n");
1113 goto cifs_parse_mount_err;
1115 } else {
1116 printk(KERN_WARNING "CIFS: ip address "
1117 "too long\n");
1118 goto cifs_parse_mount_err;
1120 } else if (strnicmp(data, "sec", 3) == 0) {
1121 if (!value || !*value) {
1122 cERROR(1, "no security value specified");
1123 continue;
1124 } else if (strnicmp(value, "krb5i", 5) == 0) {
1125 vol->secFlg |= CIFSSEC_MAY_KRB5 |
1126 CIFSSEC_MUST_SIGN;
1127 } else if (strnicmp(value, "krb5p", 5) == 0) {
1128 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
1129 CIFSSEC_MAY_KRB5; */
1130 cERROR(1, "Krb5 cifs privacy not supported");
1131 goto cifs_parse_mount_err;
1132 } else if (strnicmp(value, "krb5", 4) == 0) {
1133 vol->secFlg |= CIFSSEC_MAY_KRB5;
1134 } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
1135 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
1136 CIFSSEC_MUST_SIGN;
1137 } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1138 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
1139 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
1140 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
1141 CIFSSEC_MUST_SIGN;
1142 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
1143 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1144 } else if (strnicmp(value, "ntlmi", 5) == 0) {
1145 vol->secFlg |= CIFSSEC_MAY_NTLM |
1146 CIFSSEC_MUST_SIGN;
1147 } else if (strnicmp(value, "ntlm", 4) == 0) {
1148 /* ntlm is default so can be turned off too */
1149 vol->secFlg |= CIFSSEC_MAY_NTLM;
1150 } else if (strnicmp(value, "nontlm", 6) == 0) {
1151 /* BB is there a better way to do this? */
1152 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1153 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1154 } else if (strnicmp(value, "lanman", 6) == 0) {
1155 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1156 #endif
1157 } else if (strnicmp(value, "none", 4) == 0) {
1158 vol->nullauth = 1;
1159 } else {
1160 cERROR(1, "bad security option: %s", value);
1161 goto cifs_parse_mount_err;
1163 } else if (strnicmp(data, "vers", 3) == 0) {
1164 if (!value || !*value) {
1165 cERROR(1, "no protocol version specified"
1166 " after vers= mount option");
1167 } else if ((strnicmp(value, "cifs", 4) == 0) ||
1168 (strnicmp(value, "1", 1) == 0)) {
1169 /* this is the default */
1170 continue;
1172 } else if ((strnicmp(data, "unc", 3) == 0)
1173 || (strnicmp(data, "target", 6) == 0)
1174 || (strnicmp(data, "path", 4) == 0)) {
1175 if (!value || !*value) {
1176 printk(KERN_WARNING "CIFS: invalid path to "
1177 "network resource\n");
1178 goto cifs_parse_mount_err;
1180 if ((temp_len = strnlen(value, 300)) < 300) {
1181 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1182 if (vol->UNC == NULL)
1183 goto cifs_parse_mount_err;
1184 strcpy(vol->UNC, value);
1185 if (strncmp(vol->UNC, "//", 2) == 0) {
1186 vol->UNC[0] = '\\';
1187 vol->UNC[1] = '\\';
1188 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1189 printk(KERN_WARNING
1190 "CIFS: UNC Path does not begin "
1191 "with // or \\\\ \n");
1192 goto cifs_parse_mount_err;
1194 } else {
1195 printk(KERN_WARNING "CIFS: UNC name too long\n");
1196 goto cifs_parse_mount_err;
1198 } else if ((strnicmp(data, "domain", 3) == 0)
1199 || (strnicmp(data, "workgroup", 5) == 0)) {
1200 if (!value || !*value) {
1201 printk(KERN_WARNING "CIFS: invalid domain name\n");
1202 goto cifs_parse_mount_err;
1204 /* BB are there cases in which a comma can be valid in
1205 a domain name and need special handling? */
1206 if (strnlen(value, 256) < 256) {
1207 vol->domainname = kstrdup(value, GFP_KERNEL);
1208 if (!vol->domainname) {
1209 printk(KERN_WARNING "CIFS: no memory "
1210 "for domainname\n");
1211 goto cifs_parse_mount_err;
1213 cFYI(1, "Domain name set");
1214 } else {
1215 printk(KERN_WARNING "CIFS: domain name too "
1216 "long\n");
1217 goto cifs_parse_mount_err;
1219 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1220 vol->srcaddr.ss_family = AF_UNSPEC;
1222 if (!value || !*value) {
1223 printk(KERN_WARNING "CIFS: srcaddr value"
1224 " not specified.\n");
1225 goto cifs_parse_mount_err;
1227 i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1228 value, strlen(value));
1229 if (i == 0) {
1230 printk(KERN_WARNING "CIFS: Could not parse"
1231 " srcaddr: %s\n",
1232 value);
1233 goto cifs_parse_mount_err;
1235 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1236 if (!value || !*value) {
1237 printk(KERN_WARNING
1238 "CIFS: invalid path prefix\n");
1239 goto cifs_parse_mount_err;
1241 if ((temp_len = strnlen(value, 1024)) < 1024) {
1242 if (value[0] != '/')
1243 temp_len++; /* missing leading slash */
1244 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1245 if (vol->prepath == NULL)
1246 goto cifs_parse_mount_err;
1247 if (value[0] != '/') {
1248 vol->prepath[0] = '/';
1249 strcpy(vol->prepath+1, value);
1250 } else
1251 strcpy(vol->prepath, value);
1252 cFYI(1, "prefix path %s", vol->prepath);
1253 } else {
1254 printk(KERN_WARNING "CIFS: prefix too long\n");
1255 goto cifs_parse_mount_err;
1257 } else if (strnicmp(data, "iocharset", 9) == 0) {
1258 if (!value || !*value) {
1259 printk(KERN_WARNING "CIFS: invalid iocharset "
1260 "specified\n");
1261 goto cifs_parse_mount_err;
1263 if (strnlen(value, 65) < 65) {
1264 if (strnicmp(value, "default", 7)) {
1265 vol->iocharset = kstrdup(value,
1266 GFP_KERNEL);
1268 if (!vol->iocharset) {
1269 printk(KERN_WARNING "CIFS: no "
1270 "memory for"
1271 "charset\n");
1272 goto cifs_parse_mount_err;
1275 /* if iocharset not set then load_nls_default
1276 is used by caller */
1277 cFYI(1, "iocharset set to %s", value);
1278 } else {
1279 printk(KERN_WARNING "CIFS: iocharset name "
1280 "too long.\n");
1281 goto cifs_parse_mount_err;
1283 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1284 vol->linux_uid = simple_strtoul(value, &value, 0);
1285 uid_specified = true;
1286 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1287 vol->cred_uid = simple_strtoul(value, &value, 0);
1288 } else if (!strnicmp(data, "forceuid", 8)) {
1289 override_uid = 1;
1290 } else if (!strnicmp(data, "noforceuid", 10)) {
1291 override_uid = 0;
1292 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1293 vol->linux_gid = simple_strtoul(value, &value, 0);
1294 gid_specified = true;
1295 } else if (!strnicmp(data, "forcegid", 8)) {
1296 override_gid = 1;
1297 } else if (!strnicmp(data, "noforcegid", 10)) {
1298 override_gid = 0;
1299 } else if (strnicmp(data, "file_mode", 4) == 0) {
1300 if (value && *value) {
1301 vol->file_mode =
1302 simple_strtoul(value, &value, 0);
1304 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1305 if (value && *value) {
1306 vol->dir_mode =
1307 simple_strtoul(value, &value, 0);
1309 } else if (strnicmp(data, "dirmode", 4) == 0) {
1310 if (value && *value) {
1311 vol->dir_mode =
1312 simple_strtoul(value, &value, 0);
1314 } else if (strnicmp(data, "port", 4) == 0) {
1315 if (value && *value) {
1316 vol->port =
1317 simple_strtoul(value, &value, 0);
1319 } else if (strnicmp(data, "rsize", 5) == 0) {
1320 if (value && *value) {
1321 vol->rsize =
1322 simple_strtoul(value, &value, 0);
1324 } else if (strnicmp(data, "wsize", 5) == 0) {
1325 if (value && *value) {
1326 vol->wsize =
1327 simple_strtoul(value, &value, 0);
1329 } else if (strnicmp(data, "sockopt", 5) == 0) {
1330 if (!value || !*value) {
1331 cERROR(1, "no socket option specified");
1332 continue;
1333 } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1334 vol->sockopt_tcp_nodelay = 1;
1336 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1337 if (!value || !*value || (*value == ' ')) {
1338 cFYI(1, "invalid (empty) netbiosname");
1339 } else {
1340 memset(vol->source_rfc1001_name, 0x20,
1341 RFC1001_NAME_LEN);
1343 * FIXME: are there cases in which a comma can
1344 * be valid in workstation netbios name (and
1345 * need special handling)?
1347 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1348 /* don't ucase netbiosname for user */
1349 if (value[i] == 0)
1350 break;
1351 vol->source_rfc1001_name[i] = value[i];
1353 /* The string has 16th byte zero still from
1354 set at top of the function */
1355 if (i == RFC1001_NAME_LEN && value[i] != 0)
1356 printk(KERN_WARNING "CIFS: netbiosname"
1357 " longer than 15 truncated.\n");
1359 } else if (strnicmp(data, "servern", 7) == 0) {
1360 /* servernetbiosname specified override *SMBSERVER */
1361 if (!value || !*value || (*value == ' ')) {
1362 cFYI(1, "empty server netbiosname specified");
1363 } else {
1364 /* last byte, type, is 0x20 for servr type */
1365 memset(vol->target_rfc1001_name, 0x20,
1366 RFC1001_NAME_LEN_WITH_NULL);
1368 for (i = 0; i < 15; i++) {
1369 /* BB are there cases in which a comma can be
1370 valid in this workstation netbios name
1371 (and need special handling)? */
1373 /* user or mount helper must uppercase
1374 the netbiosname */
1375 if (value[i] == 0)
1376 break;
1377 else
1378 vol->target_rfc1001_name[i] =
1379 value[i];
1381 /* The string has 16th byte zero still from
1382 set at top of the function */
1383 if (i == RFC1001_NAME_LEN && value[i] != 0)
1384 printk(KERN_WARNING "CIFS: server net"
1385 "biosname longer than 15 truncated.\n");
1387 } else if (strnicmp(data, "actimeo", 7) == 0) {
1388 if (value && *value) {
1389 vol->actimeo = HZ * simple_strtoul(value,
1390 &value, 0);
1391 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1392 cERROR(1, "CIFS: attribute cache"
1393 "timeout too large");
1394 goto cifs_parse_mount_err;
1397 } else if (strnicmp(data, "credentials", 4) == 0) {
1398 /* ignore */
1399 } else if (strnicmp(data, "version", 3) == 0) {
1400 /* ignore */
1401 } else if (strnicmp(data, "guest", 5) == 0) {
1402 /* ignore */
1403 } else if (strnicmp(data, "rw", 2) == 0 && strlen(data) == 2) {
1404 /* ignore */
1405 } else if (strnicmp(data, "ro", 2) == 0) {
1406 /* ignore */
1407 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1408 vol->noblocksnd = 1;
1409 } else if (strnicmp(data, "noautotune", 10) == 0) {
1410 vol->noautotune = 1;
1411 } else if ((strnicmp(data, "suid", 4) == 0) ||
1412 (strnicmp(data, "nosuid", 6) == 0) ||
1413 (strnicmp(data, "exec", 4) == 0) ||
1414 (strnicmp(data, "noexec", 6) == 0) ||
1415 (strnicmp(data, "nodev", 5) == 0) ||
1416 (strnicmp(data, "noauto", 6) == 0) ||
1417 (strnicmp(data, "dev", 3) == 0)) {
1418 /* The mount tool or mount.cifs helper (if present)
1419 uses these opts to set flags, and the flags are read
1420 by the kernel vfs layer before we get here (ie
1421 before read super) so there is no point trying to
1422 parse these options again and set anything and it
1423 is ok to just ignore them */
1424 continue;
1425 } else if (strnicmp(data, "hard", 4) == 0) {
1426 vol->retry = 1;
1427 } else if (strnicmp(data, "soft", 4) == 0) {
1428 vol->retry = 0;
1429 } else if (strnicmp(data, "perm", 4) == 0) {
1430 vol->noperm = 0;
1431 } else if (strnicmp(data, "noperm", 6) == 0) {
1432 vol->noperm = 1;
1433 } else if (strnicmp(data, "mapchars", 8) == 0) {
1434 vol->remap = 1;
1435 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1436 vol->remap = 0;
1437 } else if (strnicmp(data, "sfu", 3) == 0) {
1438 vol->sfu_emul = 1;
1439 } else if (strnicmp(data, "nosfu", 5) == 0) {
1440 vol->sfu_emul = 0;
1441 } else if (strnicmp(data, "nodfs", 5) == 0) {
1442 vol->nodfs = 1;
1443 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1444 vol->posix_paths = 1;
1445 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1446 vol->posix_paths = 0;
1447 } else if (strnicmp(data, "nounix", 6) == 0) {
1448 vol->no_linux_ext = 1;
1449 } else if (strnicmp(data, "nolinux", 7) == 0) {
1450 vol->no_linux_ext = 1;
1451 } else if ((strnicmp(data, "nocase", 6) == 0) ||
1452 (strnicmp(data, "ignorecase", 10) == 0)) {
1453 vol->nocase = 1;
1454 } else if (strnicmp(data, "mand", 4) == 0) {
1455 /* ignore */
1456 } else if (strnicmp(data, "nomand", 6) == 0) {
1457 /* ignore */
1458 } else if (strnicmp(data, "_netdev", 7) == 0) {
1459 /* ignore */
1460 } else if (strnicmp(data, "brl", 3) == 0) {
1461 vol->nobrl = 0;
1462 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1463 (strnicmp(data, "nolock", 6) == 0)) {
1464 vol->nobrl = 1;
1465 /* turn off mandatory locking in mode
1466 if remote locking is turned off since the
1467 local vfs will do advisory */
1468 if (vol->file_mode ==
1469 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1470 vol->file_mode = S_IALLUGO;
1471 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1472 /* will take the shorter form "forcemand" as well */
1473 /* This mount option will force use of mandatory
1474 (DOS/Windows style) byte range locks, instead of
1475 using posix advisory byte range locks, even if the
1476 Unix extensions are available and posix locks would
1477 be supported otherwise. If Unix extensions are not
1478 negotiated this has no effect since mandatory locks
1479 would be used (mandatory locks is all that those
1480 those servers support) */
1481 vol->mand_lock = 1;
1482 } else if (strnicmp(data, "setuids", 7) == 0) {
1483 vol->setuids = 1;
1484 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1485 vol->setuids = 0;
1486 } else if (strnicmp(data, "dynperm", 7) == 0) {
1487 vol->dynperm = true;
1488 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1489 vol->dynperm = false;
1490 } else if (strnicmp(data, "nohard", 6) == 0) {
1491 vol->retry = 0;
1492 } else if (strnicmp(data, "nosoft", 6) == 0) {
1493 vol->retry = 1;
1494 } else if (strnicmp(data, "nointr", 6) == 0) {
1495 vol->intr = 0;
1496 } else if (strnicmp(data, "intr", 4) == 0) {
1497 vol->intr = 1;
1498 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1499 vol->nostrictsync = 1;
1500 } else if (strnicmp(data, "strictsync", 10) == 0) {
1501 vol->nostrictsync = 0;
1502 } else if (strnicmp(data, "serverino", 7) == 0) {
1503 vol->server_ino = 1;
1504 } else if (strnicmp(data, "noserverino", 9) == 0) {
1505 vol->server_ino = 0;
1506 } else if (strnicmp(data, "rwpidforward", 12) == 0) {
1507 vol->rwpidforward = 1;
1508 } else if (strnicmp(data, "cifsacl", 7) == 0) {
1509 vol->cifs_acl = 1;
1510 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1511 vol->cifs_acl = 0;
1512 } else if (strnicmp(data, "acl", 3) == 0) {
1513 vol->no_psx_acl = 0;
1514 } else if (strnicmp(data, "noacl", 5) == 0) {
1515 vol->no_psx_acl = 1;
1516 } else if (strnicmp(data, "locallease", 6) == 0) {
1517 vol->local_lease = 1;
1518 } else if (strnicmp(data, "sign", 4) == 0) {
1519 vol->secFlg |= CIFSSEC_MUST_SIGN;
1520 } else if (strnicmp(data, "seal", 4) == 0) {
1521 /* we do not do the following in secFlags because seal
1522 is a per tree connection (mount) not a per socket
1523 or per-smb connection option in the protocol */
1524 /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1525 vol->seal = 1;
1526 } else if (strnicmp(data, "direct", 6) == 0) {
1527 vol->direct_io = 1;
1528 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1529 vol->direct_io = 1;
1530 } else if (strnicmp(data, "strictcache", 11) == 0) {
1531 vol->strict_io = 1;
1532 } else if (strnicmp(data, "noac", 4) == 0) {
1533 printk(KERN_WARNING "CIFS: Mount option noac not "
1534 "supported. Instead set "
1535 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1536 } else if (strnicmp(data, "fsc", 3) == 0) {
1537 #ifndef CONFIG_CIFS_FSCACHE
1538 cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
1539 "kernel config option set");
1540 goto cifs_parse_mount_err;
1541 #endif
1542 vol->fsc = true;
1543 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1544 vol->mfsymlinks = true;
1545 } else if (strnicmp(data, "multiuser", 8) == 0) {
1546 vol->multiuser = true;
1547 } else if (!strnicmp(data, "backupuid", 9) && value && *value) {
1548 err = kstrtouint(value, 0, &vol->backupuid);
1549 if (err < 0) {
1550 cERROR(1, "%s: Invalid backupuid value",
1551 __func__);
1552 goto cifs_parse_mount_err;
1554 vol->backupuid_specified = true;
1555 } else if (!strnicmp(data, "backupgid", 9) && value && *value) {
1556 err = kstrtouint(value, 0, &vol->backupgid);
1557 if (err < 0) {
1558 cERROR(1, "%s: Invalid backupgid value",
1559 __func__);
1560 goto cifs_parse_mount_err;
1562 vol->backupgid_specified = true;
1563 } else
1564 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1565 data);
1567 if (vol->UNC == NULL) {
1568 if (devname == NULL) {
1569 printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1570 "target\n");
1571 goto cifs_parse_mount_err;
1573 if ((temp_len = strnlen(devname, 300)) < 300) {
1574 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1575 if (vol->UNC == NULL)
1576 goto cifs_parse_mount_err;
1577 strcpy(vol->UNC, devname);
1578 if (strncmp(vol->UNC, "//", 2) == 0) {
1579 vol->UNC[0] = '\\';
1580 vol->UNC[1] = '\\';
1581 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1582 printk(KERN_WARNING "CIFS: UNC Path does not "
1583 "begin with // or \\\\ \n");
1584 goto cifs_parse_mount_err;
1586 value = strpbrk(vol->UNC+2, "/\\");
1587 if (value)
1588 *value = '\\';
1589 } else {
1590 printk(KERN_WARNING "CIFS: UNC name too long\n");
1591 goto cifs_parse_mount_err;
1595 #ifndef CONFIG_KEYS
1596 /* Muliuser mounts require CONFIG_KEYS support */
1597 if (vol->multiuser) {
1598 cERROR(1, "Multiuser mounts require kernels with "
1599 "CONFIG_KEYS enabled.");
1600 goto cifs_parse_mount_err;
1602 #endif
1604 if (vol->UNCip == NULL)
1605 vol->UNCip = &vol->UNC[2];
1607 if (uid_specified)
1608 vol->override_uid = override_uid;
1609 else if (override_uid == 1)
1610 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1611 "specified with no uid= option.\n");
1613 if (gid_specified)
1614 vol->override_gid = override_gid;
1615 else if (override_gid == 1)
1616 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1617 "specified with no gid= option.\n");
1619 kfree(mountdata_copy);
1620 return 0;
1622 cifs_parse_mount_err:
1623 kfree(mountdata_copy);
1624 return 1;
1627 /** Returns true if srcaddr isn't specified and rhs isn't
1628 * specified, or if srcaddr is specified and
1629 * matches the IP address of the rhs argument.
1631 static bool
1632 srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1634 switch (srcaddr->sa_family) {
1635 case AF_UNSPEC:
1636 return (rhs->sa_family == AF_UNSPEC);
1637 case AF_INET: {
1638 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1639 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1640 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1642 case AF_INET6: {
1643 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1644 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1645 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1647 default:
1648 WARN_ON(1);
1649 return false; /* don't expect to be here */
1654 * If no port is specified in addr structure, we try to match with 445 port
1655 * and if it fails - with 139 ports. It should be called only if address
1656 * families of server and addr are equal.
1658 static bool
1659 match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1661 __be16 port, *sport;
1663 switch (addr->sa_family) {
1664 case AF_INET:
1665 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1666 port = ((struct sockaddr_in *) addr)->sin_port;
1667 break;
1668 case AF_INET6:
1669 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1670 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1671 break;
1672 default:
1673 WARN_ON(1);
1674 return false;
1677 if (!port) {
1678 port = htons(CIFS_PORT);
1679 if (port == *sport)
1680 return true;
1682 port = htons(RFC1001_PORT);
1685 return port == *sport;
1688 static bool
1689 match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1690 struct sockaddr *srcaddr)
1692 switch (addr->sa_family) {
1693 case AF_INET: {
1694 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1695 struct sockaddr_in *srv_addr4 =
1696 (struct sockaddr_in *)&server->dstaddr;
1698 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
1699 return false;
1700 break;
1702 case AF_INET6: {
1703 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1704 struct sockaddr_in6 *srv_addr6 =
1705 (struct sockaddr_in6 *)&server->dstaddr;
1707 if (!ipv6_addr_equal(&addr6->sin6_addr,
1708 &srv_addr6->sin6_addr))
1709 return false;
1710 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
1711 return false;
1712 break;
1714 default:
1715 WARN_ON(1);
1716 return false; /* don't expect to be here */
1719 if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1720 return false;
1722 return true;
1725 static bool
1726 match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1728 unsigned int secFlags;
1730 if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1731 secFlags = vol->secFlg;
1732 else
1733 secFlags = global_secflags | vol->secFlg;
1735 switch (server->secType) {
1736 case LANMAN:
1737 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1738 return false;
1739 break;
1740 case NTLMv2:
1741 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1742 return false;
1743 break;
1744 case NTLM:
1745 if (!(secFlags & CIFSSEC_MAY_NTLM))
1746 return false;
1747 break;
1748 case Kerberos:
1749 if (!(secFlags & CIFSSEC_MAY_KRB5))
1750 return false;
1751 break;
1752 case RawNTLMSSP:
1753 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1754 return false;
1755 break;
1756 default:
1757 /* shouldn't happen */
1758 return false;
1761 /* now check if signing mode is acceptable */
1762 if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
1763 (server->sec_mode & SECMODE_SIGN_REQUIRED))
1764 return false;
1765 else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
1766 (server->sec_mode &
1767 (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1768 return false;
1770 return true;
1773 static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
1774 struct smb_vol *vol)
1776 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1777 return 0;
1779 if (!match_address(server, addr,
1780 (struct sockaddr *)&vol->srcaddr))
1781 return 0;
1783 if (!match_port(server, addr))
1784 return 0;
1786 if (!match_security(server, vol))
1787 return 0;
1789 return 1;
1792 static struct TCP_Server_Info *
1793 cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1795 struct TCP_Server_Info *server;
1797 spin_lock(&cifs_tcp_ses_lock);
1798 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
1799 if (!match_server(server, addr, vol))
1800 continue;
1802 ++server->srv_count;
1803 spin_unlock(&cifs_tcp_ses_lock);
1804 cFYI(1, "Existing tcp session with server found");
1805 return server;
1807 spin_unlock(&cifs_tcp_ses_lock);
1808 return NULL;
1811 static void
1812 cifs_put_tcp_session(struct TCP_Server_Info *server)
1814 struct task_struct *task;
1816 spin_lock(&cifs_tcp_ses_lock);
1817 if (--server->srv_count > 0) {
1818 spin_unlock(&cifs_tcp_ses_lock);
1819 return;
1822 put_net(cifs_net_ns(server));
1824 list_del_init(&server->tcp_ses_list);
1825 spin_unlock(&cifs_tcp_ses_lock);
1827 cancel_delayed_work_sync(&server->echo);
1829 spin_lock(&GlobalMid_Lock);
1830 server->tcpStatus = CifsExiting;
1831 spin_unlock(&GlobalMid_Lock);
1833 cifs_crypto_shash_release(server);
1834 cifs_fscache_release_client_cookie(server);
1836 kfree(server->session_key.response);
1837 server->session_key.response = NULL;
1838 server->session_key.len = 0;
1840 task = xchg(&server->tsk, NULL);
1841 if (task)
1842 force_sig(SIGKILL, task);
1845 static struct TCP_Server_Info *
1846 cifs_get_tcp_session(struct smb_vol *volume_info)
1848 struct TCP_Server_Info *tcp_ses = NULL;
1849 struct sockaddr_storage addr;
1850 struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1851 struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1852 int rc;
1854 memset(&addr, 0, sizeof(struct sockaddr_storage));
1856 cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
1858 if (volume_info->UNCip && volume_info->UNC) {
1859 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1860 volume_info->UNCip,
1861 strlen(volume_info->UNCip),
1862 volume_info->port);
1863 if (!rc) {
1864 /* we failed translating address */
1865 rc = -EINVAL;
1866 goto out_err;
1868 } else if (volume_info->UNCip) {
1869 /* BB using ip addr as tcp_ses name to connect to the
1870 DFS root below */
1871 cERROR(1, "Connecting to DFS root not implemented yet");
1872 rc = -EINVAL;
1873 goto out_err;
1874 } else /* which tcp_sess DFS root would we conect to */ {
1875 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1876 "unc=//192.168.1.100/public) specified");
1877 rc = -EINVAL;
1878 goto out_err;
1881 /* see if we already have a matching tcp_ses */
1882 tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
1883 if (tcp_ses)
1884 return tcp_ses;
1886 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1887 if (!tcp_ses) {
1888 rc = -ENOMEM;
1889 goto out_err;
1892 rc = cifs_crypto_shash_allocate(tcp_ses);
1893 if (rc) {
1894 cERROR(1, "could not setup hash structures rc %d", rc);
1895 goto out_err;
1898 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
1899 tcp_ses->hostname = extract_hostname(volume_info->UNC);
1900 if (IS_ERR(tcp_ses->hostname)) {
1901 rc = PTR_ERR(tcp_ses->hostname);
1902 goto out_err_crypto_release;
1905 tcp_ses->noblocksnd = volume_info->noblocksnd;
1906 tcp_ses->noautotune = volume_info->noautotune;
1907 tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
1908 atomic_set(&tcp_ses->inFlight, 0);
1909 tcp_ses->maxReq = 1; /* enough to send negotiate request */
1910 init_waitqueue_head(&tcp_ses->response_q);
1911 init_waitqueue_head(&tcp_ses->request_q);
1912 INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1913 mutex_init(&tcp_ses->srv_mutex);
1914 memcpy(tcp_ses->workstation_RFC1001_name,
1915 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1916 memcpy(tcp_ses->server_RFC1001_name,
1917 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1918 tcp_ses->session_estab = false;
1919 tcp_ses->sequence_number = 0;
1920 tcp_ses->lstrp = jiffies;
1921 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1922 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
1923 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
1926 * at this point we are the only ones with the pointer
1927 * to the struct since the kernel thread not created yet
1928 * no need to spinlock this init of tcpStatus or srv_count
1930 tcp_ses->tcpStatus = CifsNew;
1931 memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1932 sizeof(tcp_ses->srcaddr));
1933 ++tcp_ses->srv_count;
1935 if (addr.ss_family == AF_INET6) {
1936 cFYI(1, "attempting ipv6 connect");
1937 /* BB should we allow ipv6 on port 139? */
1938 /* other OS never observed in Wild doing 139 with v6 */
1939 memcpy(&tcp_ses->dstaddr, sin_server6,
1940 sizeof(struct sockaddr_in6));
1941 } else
1942 memcpy(&tcp_ses->dstaddr, sin_server,
1943 sizeof(struct sockaddr_in));
1945 rc = ip_connect(tcp_ses);
1946 if (rc < 0) {
1947 cERROR(1, "Error connecting to socket. Aborting operation");
1948 goto out_err_crypto_release;
1952 * since we're in a cifs function already, we know that
1953 * this will succeed. No need for try_module_get().
1955 __module_get(THIS_MODULE);
1956 tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
1957 tcp_ses, "cifsd");
1958 if (IS_ERR(tcp_ses->tsk)) {
1959 rc = PTR_ERR(tcp_ses->tsk);
1960 cERROR(1, "error %d create cifsd thread", rc);
1961 module_put(THIS_MODULE);
1962 goto out_err_crypto_release;
1964 tcp_ses->tcpStatus = CifsNeedNegotiate;
1966 /* thread spawned, put it on the list */
1967 spin_lock(&cifs_tcp_ses_lock);
1968 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
1969 spin_unlock(&cifs_tcp_ses_lock);
1971 cifs_fscache_get_client_cookie(tcp_ses);
1973 /* queue echo request delayed work */
1974 queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1976 return tcp_ses;
1978 out_err_crypto_release:
1979 cifs_crypto_shash_release(tcp_ses);
1981 put_net(cifs_net_ns(tcp_ses));
1983 out_err:
1984 if (tcp_ses) {
1985 if (!IS_ERR(tcp_ses->hostname))
1986 kfree(tcp_ses->hostname);
1987 if (tcp_ses->ssocket)
1988 sock_release(tcp_ses->ssocket);
1989 kfree(tcp_ses);
1991 return ERR_PTR(rc);
1994 static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
1996 switch (ses->server->secType) {
1997 case Kerberos:
1998 if (vol->cred_uid != ses->cred_uid)
1999 return 0;
2000 break;
2001 default:
2002 /* NULL username means anonymous session */
2003 if (ses->user_name == NULL) {
2004 if (!vol->nullauth)
2005 return 0;
2006 break;
2009 /* anything else takes username/password */
2010 if (strncmp(ses->user_name,
2011 vol->username ? vol->username : "",
2012 MAX_USERNAME_SIZE))
2013 return 0;
2014 if (strlen(vol->username) != 0 &&
2015 ses->password != NULL &&
2016 strncmp(ses->password,
2017 vol->password ? vol->password : "",
2018 MAX_PASSWORD_SIZE))
2019 return 0;
2021 return 1;
2024 static struct cifs_ses *
2025 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
2027 struct cifs_ses *ses;
2029 spin_lock(&cifs_tcp_ses_lock);
2030 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
2031 if (!match_session(ses, vol))
2032 continue;
2033 ++ses->ses_count;
2034 spin_unlock(&cifs_tcp_ses_lock);
2035 return ses;
2037 spin_unlock(&cifs_tcp_ses_lock);
2038 return NULL;
2041 static void
2042 cifs_put_smb_ses(struct cifs_ses *ses)
2044 int xid;
2045 struct TCP_Server_Info *server = ses->server;
2047 cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
2048 spin_lock(&cifs_tcp_ses_lock);
2049 if (--ses->ses_count > 0) {
2050 spin_unlock(&cifs_tcp_ses_lock);
2051 return;
2054 list_del_init(&ses->smb_ses_list);
2055 spin_unlock(&cifs_tcp_ses_lock);
2057 if (ses->status == CifsGood) {
2058 xid = GetXid();
2059 CIFSSMBLogoff(xid, ses);
2060 _FreeXid(xid);
2062 sesInfoFree(ses);
2063 cifs_put_tcp_session(server);
2066 #ifdef CONFIG_KEYS
2068 /* strlen("cifs:a:") + INET6_ADDRSTRLEN + 1 */
2069 #define CIFSCREDS_DESC_SIZE (7 + INET6_ADDRSTRLEN + 1)
2071 /* Populate username and pw fields from keyring if possible */
2072 static int
2073 cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
2075 int rc = 0;
2076 char *desc, *delim, *payload;
2077 ssize_t len;
2078 struct key *key;
2079 struct TCP_Server_Info *server = ses->server;
2080 struct sockaddr_in *sa;
2081 struct sockaddr_in6 *sa6;
2082 struct user_key_payload *upayload;
2084 desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
2085 if (!desc)
2086 return -ENOMEM;
2088 /* try to find an address key first */
2089 switch (server->dstaddr.ss_family) {
2090 case AF_INET:
2091 sa = (struct sockaddr_in *)&server->dstaddr;
2092 sprintf(desc, "cifs:a:%pI4", &sa->sin_addr.s_addr);
2093 break;
2094 case AF_INET6:
2095 sa6 = (struct sockaddr_in6 *)&server->dstaddr;
2096 sprintf(desc, "cifs:a:%pI6c", &sa6->sin6_addr.s6_addr);
2097 break;
2098 default:
2099 cFYI(1, "Bad ss_family (%hu)", server->dstaddr.ss_family);
2100 rc = -EINVAL;
2101 goto out_err;
2104 cFYI(1, "%s: desc=%s", __func__, desc);
2105 key = request_key(&key_type_logon, desc, "");
2106 if (IS_ERR(key)) {
2107 if (!ses->domainName) {
2108 cFYI(1, "domainName is NULL");
2109 rc = PTR_ERR(key);
2110 goto out_err;
2113 /* didn't work, try to find a domain key */
2114 sprintf(desc, "cifs:d:%s", ses->domainName);
2115 cFYI(1, "%s: desc=%s", __func__, desc);
2116 key = request_key(&key_type_logon, desc, "");
2117 if (IS_ERR(key)) {
2118 rc = PTR_ERR(key);
2119 goto out_err;
2123 down_read(&key->sem);
2124 upayload = key->payload.data;
2125 if (IS_ERR_OR_NULL(upayload)) {
2126 rc = upayload ? PTR_ERR(upayload) : -EINVAL;
2127 goto out_key_put;
2130 /* find first : in payload */
2131 payload = (char *)upayload->data;
2132 delim = strnchr(payload, upayload->datalen, ':');
2133 cFYI(1, "payload=%s", payload);
2134 if (!delim) {
2135 cFYI(1, "Unable to find ':' in payload (datalen=%d)",
2136 upayload->datalen);
2137 rc = -EINVAL;
2138 goto out_key_put;
2141 len = delim - payload;
2142 if (len > MAX_USERNAME_SIZE || len <= 0) {
2143 cFYI(1, "Bad value from username search (len=%zd)", len);
2144 rc = -EINVAL;
2145 goto out_key_put;
2148 vol->username = kstrndup(payload, len, GFP_KERNEL);
2149 if (!vol->username) {
2150 cFYI(1, "Unable to allocate %zd bytes for username", len);
2151 rc = -ENOMEM;
2152 goto out_key_put;
2154 cFYI(1, "%s: username=%s", __func__, vol->username);
2156 len = key->datalen - (len + 1);
2157 if (len > MAX_PASSWORD_SIZE || len <= 0) {
2158 cFYI(1, "Bad len for password search (len=%zd)", len);
2159 rc = -EINVAL;
2160 kfree(vol->username);
2161 vol->username = NULL;
2162 goto out_key_put;
2165 ++delim;
2166 vol->password = kstrndup(delim, len, GFP_KERNEL);
2167 if (!vol->password) {
2168 cFYI(1, "Unable to allocate %zd bytes for password", len);
2169 rc = -ENOMEM;
2170 kfree(vol->username);
2171 vol->username = NULL;
2172 goto out_key_put;
2175 out_key_put:
2176 up_read(&key->sem);
2177 key_put(key);
2178 out_err:
2179 kfree(desc);
2180 cFYI(1, "%s: returning %d", __func__, rc);
2181 return rc;
2183 #else /* ! CONFIG_KEYS */
2184 static inline int
2185 cifs_set_cifscreds(struct smb_vol *vol __attribute__((unused)),
2186 struct cifs_ses *ses __attribute__((unused)))
2188 return -ENOSYS;
2190 #endif /* CONFIG_KEYS */
2192 static bool warned_on_ntlm; /* globals init to false automatically */
2194 static struct cifs_ses *
2195 cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2197 int rc = -ENOMEM, xid;
2198 struct cifs_ses *ses;
2199 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2200 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2202 xid = GetXid();
2204 ses = cifs_find_smb_ses(server, volume_info);
2205 if (ses) {
2206 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
2208 mutex_lock(&ses->session_mutex);
2209 rc = cifs_negotiate_protocol(xid, ses);
2210 if (rc) {
2211 mutex_unlock(&ses->session_mutex);
2212 /* problem -- put our ses reference */
2213 cifs_put_smb_ses(ses);
2214 FreeXid(xid);
2215 return ERR_PTR(rc);
2217 if (ses->need_reconnect) {
2218 cFYI(1, "Session needs reconnect");
2219 rc = cifs_setup_session(xid, ses,
2220 volume_info->local_nls);
2221 if (rc) {
2222 mutex_unlock(&ses->session_mutex);
2223 /* problem -- put our reference */
2224 cifs_put_smb_ses(ses);
2225 FreeXid(xid);
2226 return ERR_PTR(rc);
2229 mutex_unlock(&ses->session_mutex);
2231 /* existing SMB ses has a server reference already */
2232 cifs_put_tcp_session(server);
2233 FreeXid(xid);
2234 return ses;
2237 cFYI(1, "Existing smb sess not found");
2238 ses = sesInfoAlloc();
2239 if (ses == NULL)
2240 goto get_ses_fail;
2242 /* new SMB session uses our server ref */
2243 ses->server = server;
2244 if (server->dstaddr.ss_family == AF_INET6)
2245 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
2246 else
2247 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
2249 if (volume_info->username) {
2250 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2251 if (!ses->user_name)
2252 goto get_ses_fail;
2255 /* volume_info->password freed at unmount */
2256 if (volume_info->password) {
2257 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2258 if (!ses->password)
2259 goto get_ses_fail;
2261 if (volume_info->domainname) {
2262 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2263 if (!ses->domainName)
2264 goto get_ses_fail;
2266 ses->cred_uid = volume_info->cred_uid;
2267 ses->linux_uid = volume_info->linux_uid;
2269 /* ntlmv2 is much stronger than ntlm security, and has been broadly
2270 supported for many years, time to update default security mechanism */
2271 if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2272 warned_on_ntlm = true;
2273 cERROR(1, "default security mechanism requested. The default "
2274 "security mechanism will be upgraded from ntlm to "
2275 "ntlmv2 in kernel release 3.3");
2277 ses->overrideSecFlg = volume_info->secFlg;
2279 mutex_lock(&ses->session_mutex);
2280 rc = cifs_negotiate_protocol(xid, ses);
2281 if (!rc)
2282 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
2283 mutex_unlock(&ses->session_mutex);
2284 if (rc)
2285 goto get_ses_fail;
2287 /* success, put it on the list */
2288 spin_lock(&cifs_tcp_ses_lock);
2289 list_add(&ses->smb_ses_list, &server->smb_ses_list);
2290 spin_unlock(&cifs_tcp_ses_lock);
2292 FreeXid(xid);
2293 return ses;
2295 get_ses_fail:
2296 sesInfoFree(ses);
2297 FreeXid(xid);
2298 return ERR_PTR(rc);
2301 static int match_tcon(struct cifs_tcon *tcon, const char *unc)
2303 if (tcon->tidStatus == CifsExiting)
2304 return 0;
2305 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2306 return 0;
2307 return 1;
2310 static struct cifs_tcon *
2311 cifs_find_tcon(struct cifs_ses *ses, const char *unc)
2313 struct list_head *tmp;
2314 struct cifs_tcon *tcon;
2316 spin_lock(&cifs_tcp_ses_lock);
2317 list_for_each(tmp, &ses->tcon_list) {
2318 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
2319 if (!match_tcon(tcon, unc))
2320 continue;
2321 ++tcon->tc_count;
2322 spin_unlock(&cifs_tcp_ses_lock);
2323 return tcon;
2325 spin_unlock(&cifs_tcp_ses_lock);
2326 return NULL;
2329 static void
2330 cifs_put_tcon(struct cifs_tcon *tcon)
2332 int xid;
2333 struct cifs_ses *ses = tcon->ses;
2335 cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
2336 spin_lock(&cifs_tcp_ses_lock);
2337 if (--tcon->tc_count > 0) {
2338 spin_unlock(&cifs_tcp_ses_lock);
2339 return;
2342 list_del_init(&tcon->tcon_list);
2343 spin_unlock(&cifs_tcp_ses_lock);
2345 xid = GetXid();
2346 CIFSSMBTDis(xid, tcon);
2347 _FreeXid(xid);
2349 cifs_fscache_release_super_cookie(tcon);
2350 tconInfoFree(tcon);
2351 cifs_put_smb_ses(ses);
2354 static struct cifs_tcon *
2355 cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
2357 int rc, xid;
2358 struct cifs_tcon *tcon;
2360 tcon = cifs_find_tcon(ses, volume_info->UNC);
2361 if (tcon) {
2362 cFYI(1, "Found match on UNC path");
2363 /* existing tcon already has a reference */
2364 cifs_put_smb_ses(ses);
2365 if (tcon->seal != volume_info->seal)
2366 cERROR(1, "transport encryption setting "
2367 "conflicts with existing tid");
2368 return tcon;
2371 tcon = tconInfoAlloc();
2372 if (tcon == NULL) {
2373 rc = -ENOMEM;
2374 goto out_fail;
2377 tcon->ses = ses;
2378 if (volume_info->password) {
2379 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2380 if (!tcon->password) {
2381 rc = -ENOMEM;
2382 goto out_fail;
2386 if (strchr(volume_info->UNC + 3, '\\') == NULL
2387 && strchr(volume_info->UNC + 3, '/') == NULL) {
2388 cERROR(1, "Missing share name");
2389 rc = -ENODEV;
2390 goto out_fail;
2393 /* BB Do we need to wrap session_mutex around
2394 * this TCon call and Unix SetFS as
2395 * we do on SessSetup and reconnect? */
2396 xid = GetXid();
2397 rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2398 FreeXid(xid);
2399 cFYI(1, "CIFS Tcon rc = %d", rc);
2400 if (rc)
2401 goto out_fail;
2403 if (volume_info->nodfs) {
2404 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2405 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2407 tcon->seal = volume_info->seal;
2408 /* we can have only one retry value for a connection
2409 to a share so for resources mounted more than once
2410 to the same server share the last value passed in
2411 for the retry flag is used */
2412 tcon->retry = volume_info->retry;
2413 tcon->nocase = volume_info->nocase;
2414 tcon->local_lease = volume_info->local_lease;
2416 spin_lock(&cifs_tcp_ses_lock);
2417 list_add(&tcon->tcon_list, &ses->tcon_list);
2418 spin_unlock(&cifs_tcp_ses_lock);
2420 cifs_fscache_get_super_cookie(tcon);
2422 return tcon;
2424 out_fail:
2425 tconInfoFree(tcon);
2426 return ERR_PTR(rc);
2429 void
2430 cifs_put_tlink(struct tcon_link *tlink)
2432 if (!tlink || IS_ERR(tlink))
2433 return;
2435 if (!atomic_dec_and_test(&tlink->tl_count) ||
2436 test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2437 tlink->tl_time = jiffies;
2438 return;
2441 if (!IS_ERR(tlink_tcon(tlink)))
2442 cifs_put_tcon(tlink_tcon(tlink));
2443 kfree(tlink);
2444 return;
2447 static inline struct tcon_link *
2448 cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2450 return cifs_sb->master_tlink;
2453 static int
2454 compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2456 struct cifs_sb_info *old = CIFS_SB(sb);
2457 struct cifs_sb_info *new = mnt_data->cifs_sb;
2459 if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2460 return 0;
2462 if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2463 (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2464 return 0;
2467 * We want to share sb only if we don't specify an r/wsize or
2468 * specified r/wsize is greater than or equal to existing one.
2470 if (new->wsize && new->wsize < old->wsize)
2471 return 0;
2473 if (new->rsize && new->rsize < old->rsize)
2474 return 0;
2476 if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2477 return 0;
2479 if (old->mnt_file_mode != new->mnt_file_mode ||
2480 old->mnt_dir_mode != new->mnt_dir_mode)
2481 return 0;
2483 if (strcmp(old->local_nls->charset, new->local_nls->charset))
2484 return 0;
2486 if (old->actimeo != new->actimeo)
2487 return 0;
2489 return 1;
2493 cifs_match_super(struct super_block *sb, void *data)
2495 struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2496 struct smb_vol *volume_info;
2497 struct cifs_sb_info *cifs_sb;
2498 struct TCP_Server_Info *tcp_srv;
2499 struct cifs_ses *ses;
2500 struct cifs_tcon *tcon;
2501 struct tcon_link *tlink;
2502 struct sockaddr_storage addr;
2503 int rc = 0;
2505 memset(&addr, 0, sizeof(struct sockaddr_storage));
2507 spin_lock(&cifs_tcp_ses_lock);
2508 cifs_sb = CIFS_SB(sb);
2509 tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2510 if (IS_ERR(tlink)) {
2511 spin_unlock(&cifs_tcp_ses_lock);
2512 return rc;
2514 tcon = tlink_tcon(tlink);
2515 ses = tcon->ses;
2516 tcp_srv = ses->server;
2518 volume_info = mnt_data->vol;
2520 if (!volume_info->UNCip || !volume_info->UNC)
2521 goto out;
2523 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2524 volume_info->UNCip,
2525 strlen(volume_info->UNCip),
2526 volume_info->port);
2527 if (!rc)
2528 goto out;
2530 if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2531 !match_session(ses, volume_info) ||
2532 !match_tcon(tcon, volume_info->UNC)) {
2533 rc = 0;
2534 goto out;
2537 rc = compare_mount_options(sb, mnt_data);
2538 out:
2539 spin_unlock(&cifs_tcp_ses_lock);
2540 cifs_put_tlink(tlink);
2541 return rc;
2545 get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
2546 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
2547 struct dfs_info3_param **preferrals, int remap)
2549 char *temp_unc;
2550 int rc = 0;
2552 *pnum_referrals = 0;
2553 *preferrals = NULL;
2555 if (pSesInfo->ipc_tid == 0) {
2556 temp_unc = kmalloc(2 /* for slashes */ +
2557 strnlen(pSesInfo->serverName,
2558 SERVER_NAME_LEN_WITH_NULL * 2)
2559 + 1 + 4 /* slash IPC$ */ + 2,
2560 GFP_KERNEL);
2561 if (temp_unc == NULL)
2562 return -ENOMEM;
2563 temp_unc[0] = '\\';
2564 temp_unc[1] = '\\';
2565 strcpy(temp_unc + 2, pSesInfo->serverName);
2566 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2567 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
2568 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
2569 kfree(temp_unc);
2571 if (rc == 0)
2572 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
2573 pnum_referrals, nls_codepage, remap);
2574 /* BB map targetUNCs to dfs_info3 structures, here or
2575 in CIFSGetDFSRefer BB */
2577 return rc;
2580 #ifdef CONFIG_DEBUG_LOCK_ALLOC
2581 static struct lock_class_key cifs_key[2];
2582 static struct lock_class_key cifs_slock_key[2];
2584 static inline void
2585 cifs_reclassify_socket4(struct socket *sock)
2587 struct sock *sk = sock->sk;
2588 BUG_ON(sock_owned_by_user(sk));
2589 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2590 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2593 static inline void
2594 cifs_reclassify_socket6(struct socket *sock)
2596 struct sock *sk = sock->sk;
2597 BUG_ON(sock_owned_by_user(sk));
2598 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2599 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2601 #else
2602 static inline void
2603 cifs_reclassify_socket4(struct socket *sock)
2607 static inline void
2608 cifs_reclassify_socket6(struct socket *sock)
2611 #endif
2613 /* See RFC1001 section 14 on representation of Netbios names */
2614 static void rfc1002mangle(char *target, char *source, unsigned int length)
2616 unsigned int i, j;
2618 for (i = 0, j = 0; i < (length); i++) {
2619 /* mask a nibble at a time and encode */
2620 target[j] = 'A' + (0x0F & (source[i] >> 4));
2621 target[j+1] = 'A' + (0x0F & source[i]);
2622 j += 2;
2627 static int
2628 bind_socket(struct TCP_Server_Info *server)
2630 int rc = 0;
2631 if (server->srcaddr.ss_family != AF_UNSPEC) {
2632 /* Bind to the specified local IP address */
2633 struct socket *socket = server->ssocket;
2634 rc = socket->ops->bind(socket,
2635 (struct sockaddr *) &server->srcaddr,
2636 sizeof(server->srcaddr));
2637 if (rc < 0) {
2638 struct sockaddr_in *saddr4;
2639 struct sockaddr_in6 *saddr6;
2640 saddr4 = (struct sockaddr_in *)&server->srcaddr;
2641 saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2642 if (saddr6->sin6_family == AF_INET6)
2643 cERROR(1, "cifs: "
2644 "Failed to bind to: %pI6c, error: %d\n",
2645 &saddr6->sin6_addr, rc);
2646 else
2647 cERROR(1, "cifs: "
2648 "Failed to bind to: %pI4, error: %d\n",
2649 &saddr4->sin_addr.s_addr, rc);
2652 return rc;
2655 static int
2656 ip_rfc1001_connect(struct TCP_Server_Info *server)
2658 int rc = 0;
2660 * some servers require RFC1001 sessinit before sending
2661 * negprot - BB check reconnection in case where second
2662 * sessinit is sent but no second negprot
2664 struct rfc1002_session_packet *ses_init_buf;
2665 struct smb_hdr *smb_buf;
2666 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2667 GFP_KERNEL);
2668 if (ses_init_buf) {
2669 ses_init_buf->trailer.session_req.called_len = 32;
2671 if (server->server_RFC1001_name &&
2672 server->server_RFC1001_name[0] != 0)
2673 rfc1002mangle(ses_init_buf->trailer.
2674 session_req.called_name,
2675 server->server_RFC1001_name,
2676 RFC1001_NAME_LEN_WITH_NULL);
2677 else
2678 rfc1002mangle(ses_init_buf->trailer.
2679 session_req.called_name,
2680 DEFAULT_CIFS_CALLED_NAME,
2681 RFC1001_NAME_LEN_WITH_NULL);
2683 ses_init_buf->trailer.session_req.calling_len = 32;
2686 * calling name ends in null (byte 16) from old smb
2687 * convention.
2689 if (server->workstation_RFC1001_name &&
2690 server->workstation_RFC1001_name[0] != 0)
2691 rfc1002mangle(ses_init_buf->trailer.
2692 session_req.calling_name,
2693 server->workstation_RFC1001_name,
2694 RFC1001_NAME_LEN_WITH_NULL);
2695 else
2696 rfc1002mangle(ses_init_buf->trailer.
2697 session_req.calling_name,
2698 "LINUX_CIFS_CLNT",
2699 RFC1001_NAME_LEN_WITH_NULL);
2701 ses_init_buf->trailer.session_req.scope1 = 0;
2702 ses_init_buf->trailer.session_req.scope2 = 0;
2703 smb_buf = (struct smb_hdr *)ses_init_buf;
2705 /* sizeof RFC1002_SESSION_REQUEST with no scope */
2706 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
2707 rc = smb_send(server, smb_buf, 0x44);
2708 kfree(ses_init_buf);
2710 * RFC1001 layer in at least one server
2711 * requires very short break before negprot
2712 * presumably because not expecting negprot
2713 * to follow so fast. This is a simple
2714 * solution that works without
2715 * complicating the code and causes no
2716 * significant slowing down on mount
2717 * for everyone else
2719 usleep_range(1000, 2000);
2722 * else the negprot may still work without this
2723 * even though malloc failed
2726 return rc;
2729 static int
2730 generic_ip_connect(struct TCP_Server_Info *server)
2732 int rc = 0;
2733 __be16 sport;
2734 int slen, sfamily;
2735 struct socket *socket = server->ssocket;
2736 struct sockaddr *saddr;
2738 saddr = (struct sockaddr *) &server->dstaddr;
2740 if (server->dstaddr.ss_family == AF_INET6) {
2741 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2742 slen = sizeof(struct sockaddr_in6);
2743 sfamily = AF_INET6;
2744 } else {
2745 sport = ((struct sockaddr_in *) saddr)->sin_port;
2746 slen = sizeof(struct sockaddr_in);
2747 sfamily = AF_INET;
2750 if (socket == NULL) {
2751 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2752 IPPROTO_TCP, &socket, 1);
2753 if (rc < 0) {
2754 cERROR(1, "Error %d creating socket", rc);
2755 server->ssocket = NULL;
2756 return rc;
2759 /* BB other socket options to set KEEPALIVE, NODELAY? */
2760 cFYI(1, "Socket created");
2761 server->ssocket = socket;
2762 socket->sk->sk_allocation = GFP_NOFS;
2763 if (sfamily == AF_INET6)
2764 cifs_reclassify_socket6(socket);
2765 else
2766 cifs_reclassify_socket4(socket);
2769 rc = bind_socket(server);
2770 if (rc < 0)
2771 return rc;
2774 * Eventually check for other socket options to change from
2775 * the default. sock_setsockopt not used because it expects
2776 * user space buffer
2778 socket->sk->sk_rcvtimeo = 7 * HZ;
2779 socket->sk->sk_sndtimeo = 5 * HZ;
2781 /* make the bufsizes depend on wsize/rsize and max requests */
2782 if (server->noautotune) {
2783 if (socket->sk->sk_sndbuf < (200 * 1024))
2784 socket->sk->sk_sndbuf = 200 * 1024;
2785 if (socket->sk->sk_rcvbuf < (140 * 1024))
2786 socket->sk->sk_rcvbuf = 140 * 1024;
2789 if (server->tcp_nodelay) {
2790 int val = 1;
2791 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2792 (char *)&val, sizeof(val));
2793 if (rc)
2794 cFYI(1, "set TCP_NODELAY socket option error %d", rc);
2797 cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
2798 socket->sk->sk_sndbuf,
2799 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
2801 rc = socket->ops->connect(socket, saddr, slen, 0);
2802 if (rc < 0) {
2803 cFYI(1, "Error %d connecting to server", rc);
2804 sock_release(socket);
2805 server->ssocket = NULL;
2806 return rc;
2809 if (sport == htons(RFC1001_PORT))
2810 rc = ip_rfc1001_connect(server);
2812 return rc;
2815 static int
2816 ip_connect(struct TCP_Server_Info *server)
2818 __be16 *sport;
2819 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2820 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2822 if (server->dstaddr.ss_family == AF_INET6)
2823 sport = &addr6->sin6_port;
2824 else
2825 sport = &addr->sin_port;
2827 if (*sport == 0) {
2828 int rc;
2830 /* try with 445 port at first */
2831 *sport = htons(CIFS_PORT);
2833 rc = generic_ip_connect(server);
2834 if (rc >= 0)
2835 return rc;
2837 /* if it failed, try with 139 port */
2838 *sport = htons(RFC1001_PORT);
2841 return generic_ip_connect(server);
2844 void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
2845 struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
2847 /* if we are reconnecting then should we check to see if
2848 * any requested capabilities changed locally e.g. via
2849 * remount but we can not do much about it here
2850 * if they have (even if we could detect it by the following)
2851 * Perhaps we could add a backpointer to array of sb from tcon
2852 * or if we change to make all sb to same share the same
2853 * sb as NFS - then we only have one backpointer to sb.
2854 * What if we wanted to mount the server share twice once with
2855 * and once without posixacls or posix paths? */
2856 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2858 if (vol_info && vol_info->no_linux_ext) {
2859 tcon->fsUnixInfo.Capability = 0;
2860 tcon->unix_ext = 0; /* Unix Extensions disabled */
2861 cFYI(1, "Linux protocol extensions disabled");
2862 return;
2863 } else if (vol_info)
2864 tcon->unix_ext = 1; /* Unix Extensions supported */
2866 if (tcon->unix_ext == 0) {
2867 cFYI(1, "Unix extensions disabled so not set on reconnect");
2868 return;
2871 if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
2872 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2873 cFYI(1, "unix caps which server supports %lld", cap);
2874 /* check for reconnect case in which we do not
2875 want to change the mount behavior if we can avoid it */
2876 if (vol_info == NULL) {
2877 /* turn off POSIX ACL and PATHNAMES if not set
2878 originally at mount time */
2879 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2880 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2881 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2882 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2883 cERROR(1, "POSIXPATH support change");
2884 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2885 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2886 cERROR(1, "possible reconnect error");
2887 cERROR(1, "server disabled POSIX path support");
2891 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2892 cERROR(1, "per-share encryption not supported yet");
2894 cap &= CIFS_UNIX_CAP_MASK;
2895 if (vol_info && vol_info->no_psx_acl)
2896 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2897 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
2898 cFYI(1, "negotiated posix acl support");
2899 if (cifs_sb)
2900 cifs_sb->mnt_cifs_flags |=
2901 CIFS_MOUNT_POSIXACL;
2904 if (vol_info && vol_info->posix_paths == 0)
2905 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2906 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
2907 cFYI(1, "negotiate posix pathnames");
2908 if (cifs_sb)
2909 cifs_sb->mnt_cifs_flags |=
2910 CIFS_MOUNT_POSIX_PATHS;
2913 cFYI(1, "Negotiate caps 0x%x", (int)cap);
2914 #ifdef CONFIG_CIFS_DEBUG2
2915 if (cap & CIFS_UNIX_FCNTL_CAP)
2916 cFYI(1, "FCNTL cap");
2917 if (cap & CIFS_UNIX_EXTATTR_CAP)
2918 cFYI(1, "EXTATTR cap");
2919 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2920 cFYI(1, "POSIX path cap");
2921 if (cap & CIFS_UNIX_XATTR_CAP)
2922 cFYI(1, "XATTR cap");
2923 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
2924 cFYI(1, "POSIX ACL cap");
2925 if (cap & CIFS_UNIX_LARGE_READ_CAP)
2926 cFYI(1, "very large read cap");
2927 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
2928 cFYI(1, "very large write cap");
2929 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
2930 cFYI(1, "transport encryption cap");
2931 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2932 cFYI(1, "mandatory transport encryption cap");
2933 #endif /* CIFS_DEBUG2 */
2934 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
2935 if (vol_info == NULL) {
2936 cFYI(1, "resetting capabilities failed");
2937 } else
2938 cERROR(1, "Negotiating Unix capabilities "
2939 "with the server failed. Consider "
2940 "mounting with the Unix Extensions\n"
2941 "disabled, if problems are found, "
2942 "by specifying the nounix mount "
2943 "option.");
2949 void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
2950 struct cifs_sb_info *cifs_sb)
2952 INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2954 spin_lock_init(&cifs_sb->tlink_tree_lock);
2955 cifs_sb->tlink_tree = RB_ROOT;
2958 * Temporarily set r/wsize for matching superblock. If we end up using
2959 * new sb then client will later negotiate it downward if needed.
2961 cifs_sb->rsize = pvolume_info->rsize;
2962 cifs_sb->wsize = pvolume_info->wsize;
2964 cifs_sb->mnt_uid = pvolume_info->linux_uid;
2965 cifs_sb->mnt_gid = pvolume_info->linux_gid;
2966 if (pvolume_info->backupuid_specified)
2967 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
2968 if (pvolume_info->backupgid_specified)
2969 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
2970 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2971 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
2972 cFYI(1, "file mode: 0x%hx dir mode: 0x%hx",
2973 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
2975 cifs_sb->actimeo = pvolume_info->actimeo;
2976 cifs_sb->local_nls = pvolume_info->local_nls;
2978 if (pvolume_info->noperm)
2979 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2980 if (pvolume_info->setuids)
2981 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2982 if (pvolume_info->server_ino)
2983 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2984 if (pvolume_info->remap)
2985 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2986 if (pvolume_info->no_xattr)
2987 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2988 if (pvolume_info->sfu_emul)
2989 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2990 if (pvolume_info->nobrl)
2991 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
2992 if (pvolume_info->nostrictsync)
2993 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
2994 if (pvolume_info->mand_lock)
2995 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
2996 if (pvolume_info->rwpidforward)
2997 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
2998 if (pvolume_info->cifs_acl)
2999 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
3000 if (pvolume_info->backupuid_specified)
3001 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
3002 if (pvolume_info->backupgid_specified)
3003 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
3004 if (pvolume_info->override_uid)
3005 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
3006 if (pvolume_info->override_gid)
3007 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
3008 if (pvolume_info->dynperm)
3009 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
3010 if (pvolume_info->fsc)
3011 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
3012 if (pvolume_info->multiuser)
3013 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
3014 CIFS_MOUNT_NO_PERM);
3015 if (pvolume_info->strict_io)
3016 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
3017 if (pvolume_info->direct_io) {
3018 cFYI(1, "mounting share using direct i/o");
3019 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
3021 if (pvolume_info->mfsymlinks) {
3022 if (pvolume_info->sfu_emul) {
3023 cERROR(1, "mount option mfsymlinks ignored if sfu "
3024 "mount option is used");
3025 } else {
3026 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
3030 if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
3031 cERROR(1, "mount option dynperm ignored if cifsacl "
3032 "mount option supported");
3036 * When the server supports very large reads and writes via POSIX extensions,
3037 * we can allow up to 2^24-1, minus the size of a READ/WRITE_AND_X header, not
3038 * including the RFC1001 length.
3040 * Note that this might make for "interesting" allocation problems during
3041 * writeback however as we have to allocate an array of pointers for the
3042 * pages. A 16M write means ~32kb page array with PAGE_CACHE_SIZE == 4096.
3044 * For reads, there is a similar problem as we need to allocate an array
3045 * of kvecs to handle the receive, though that should only need to be done
3046 * once.
3048 #define CIFS_MAX_WSIZE ((1<<24) - 1 - sizeof(WRITE_REQ) + 4)
3049 #define CIFS_MAX_RSIZE ((1<<24) - sizeof(READ_RSP) + 4)
3052 * When the server doesn't allow large posix writes, only allow a rsize/wsize
3053 * of 2^17-1 minus the size of the call header. That allows for a read or
3054 * write up to the maximum size described by RFC1002.
3056 #define CIFS_MAX_RFC1002_WSIZE ((1<<17) - 1 - sizeof(WRITE_REQ) + 4)
3057 #define CIFS_MAX_RFC1002_RSIZE ((1<<17) - 1 - sizeof(READ_RSP) + 4)
3060 * The default wsize is 1M. find_get_pages seems to return a maximum of 256
3061 * pages in a single call. With PAGE_CACHE_SIZE == 4k, this means we can fill
3062 * a single wsize request with a single call.
3064 #define CIFS_DEFAULT_IOSIZE (1024 * 1024)
3067 * Windows only supports a max of 60kb reads and 65535 byte writes. Default to
3068 * those values when posix extensions aren't in force. In actuality here, we
3069 * use 65536 to allow for a write that is a multiple of 4k. Most servers seem
3070 * to be ok with the extra byte even though Windows doesn't send writes that
3071 * are that large.
3073 * Citation:
3075 * http://blogs.msdn.com/b/openspecification/archive/2009/04/10/smb-maximum-transmit-buffer-size-and-performance-tuning.aspx
3077 #define CIFS_DEFAULT_NON_POSIX_RSIZE (60 * 1024)
3078 #define CIFS_DEFAULT_NON_POSIX_WSIZE (65536)
3080 static unsigned int
3081 cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
3083 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3084 struct TCP_Server_Info *server = tcon->ses->server;
3085 unsigned int wsize;
3087 /* start with specified wsize, or default */
3088 if (pvolume_info->wsize)
3089 wsize = pvolume_info->wsize;
3090 else if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
3091 wsize = CIFS_DEFAULT_IOSIZE;
3092 else
3093 wsize = CIFS_DEFAULT_NON_POSIX_WSIZE;
3095 /* can server support 24-bit write sizes? (via UNIX extensions) */
3096 if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
3097 wsize = min_t(unsigned int, wsize, CIFS_MAX_RFC1002_WSIZE);
3100 * no CAP_LARGE_WRITE_X or is signing enabled without CAP_UNIX set?
3101 * Limit it to max buffer offered by the server, minus the size of the
3102 * WRITEX header, not including the 4 byte RFC1001 length.
3104 if (!(server->capabilities & CAP_LARGE_WRITE_X) ||
3105 (!(server->capabilities & CAP_UNIX) &&
3106 (server->sec_mode & (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED))))
3107 wsize = min_t(unsigned int, wsize,
3108 server->maxBuf - sizeof(WRITE_REQ) + 4);
3110 /* hard limit of CIFS_MAX_WSIZE */
3111 wsize = min_t(unsigned int, wsize, CIFS_MAX_WSIZE);
3113 return wsize;
3116 static unsigned int
3117 cifs_negotiate_rsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
3119 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3120 struct TCP_Server_Info *server = tcon->ses->server;
3121 unsigned int rsize, defsize;
3124 * Set default value...
3126 * HACK alert! Ancient servers have very small buffers. Even though
3127 * MS-CIFS indicates that servers are only limited by the client's
3128 * bufsize for reads, testing against win98se shows that it throws
3129 * INVALID_PARAMETER errors if you try to request too large a read.
3131 * If the server advertises a MaxBufferSize of less than one page,
3132 * assume that it also can't satisfy reads larger than that either.
3134 * FIXME: Is there a better heuristic for this?
3136 if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_READ_CAP))
3137 defsize = CIFS_DEFAULT_IOSIZE;
3138 else if (server->capabilities & CAP_LARGE_READ_X)
3139 defsize = CIFS_DEFAULT_NON_POSIX_RSIZE;
3140 else if (server->maxBuf >= PAGE_CACHE_SIZE)
3141 defsize = CIFSMaxBufSize;
3142 else
3143 defsize = server->maxBuf - sizeof(READ_RSP);
3145 rsize = pvolume_info->rsize ? pvolume_info->rsize : defsize;
3148 * no CAP_LARGE_READ_X? Then MS-CIFS states that we must limit this to
3149 * the client's MaxBufferSize.
3151 if (!(server->capabilities & CAP_LARGE_READ_X))
3152 rsize = min_t(unsigned int, CIFSMaxBufSize, rsize);
3154 /* hard limit of CIFS_MAX_RSIZE */
3155 rsize = min_t(unsigned int, rsize, CIFS_MAX_RSIZE);
3157 return rsize;
3160 static int
3161 is_path_accessible(int xid, struct cifs_tcon *tcon,
3162 struct cifs_sb_info *cifs_sb, const char *full_path)
3164 int rc;
3165 FILE_ALL_INFO *pfile_info;
3167 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
3168 if (pfile_info == NULL)
3169 return -ENOMEM;
3171 rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
3172 0 /* not legacy */, cifs_sb->local_nls,
3173 cifs_sb->mnt_cifs_flags &
3174 CIFS_MOUNT_MAP_SPECIAL_CHR);
3176 if (rc == -EOPNOTSUPP || rc == -EINVAL)
3177 rc = SMBQueryInformation(xid, tcon, full_path, pfile_info,
3178 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
3179 CIFS_MOUNT_MAP_SPECIAL_CHR);
3180 kfree(pfile_info);
3181 return rc;
3184 static void
3185 cleanup_volume_info_contents(struct smb_vol *volume_info)
3187 kfree(volume_info->username);
3188 kzfree(volume_info->password);
3189 if (volume_info->UNCip != volume_info->UNC + 2)
3190 kfree(volume_info->UNCip);
3191 kfree(volume_info->UNC);
3192 kfree(volume_info->domainname);
3193 kfree(volume_info->iocharset);
3194 kfree(volume_info->prepath);
3197 void
3198 cifs_cleanup_volume_info(struct smb_vol *volume_info)
3200 if (!volume_info)
3201 return;
3202 cleanup_volume_info_contents(volume_info);
3203 kfree(volume_info);
3207 #ifdef CONFIG_CIFS_DFS_UPCALL
3208 /* build_path_to_root returns full path to root when
3209 * we do not have an exiting connection (tcon) */
3210 static char *
3211 build_unc_path_to_root(const struct smb_vol *vol,
3212 const struct cifs_sb_info *cifs_sb)
3214 char *full_path, *pos;
3215 unsigned int pplen = vol->prepath ? strlen(vol->prepath) : 0;
3216 unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
3218 full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
3219 if (full_path == NULL)
3220 return ERR_PTR(-ENOMEM);
3222 strncpy(full_path, vol->UNC, unc_len);
3223 pos = full_path + unc_len;
3225 if (pplen) {
3226 strncpy(pos, vol->prepath, pplen);
3227 pos += pplen;
3230 *pos = '\0'; /* add trailing null */
3231 convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
3232 cFYI(1, "%s: full_path=%s", __func__, full_path);
3233 return full_path;
3237 * Perform a dfs referral query for a share and (optionally) prefix
3239 * If a referral is found, cifs_sb->mountdata will be (re-)allocated
3240 * to a string containing updated options for the submount. Otherwise it
3241 * will be left untouched.
3243 * Returns the rc from get_dfs_path to the caller, which can be used to
3244 * determine whether there were referrals.
3246 static int
3247 expand_dfs_referral(int xid, struct cifs_ses *pSesInfo,
3248 struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
3249 int check_prefix)
3251 int rc;
3252 unsigned int num_referrals = 0;
3253 struct dfs_info3_param *referrals = NULL;
3254 char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
3256 full_path = build_unc_path_to_root(volume_info, cifs_sb);
3257 if (IS_ERR(full_path))
3258 return PTR_ERR(full_path);
3260 /* For DFS paths, skip the first '\' of the UNC */
3261 ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
3263 rc = get_dfs_path(xid, pSesInfo , ref_path, cifs_sb->local_nls,
3264 &num_referrals, &referrals,
3265 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
3267 if (!rc && num_referrals > 0) {
3268 char *fake_devname = NULL;
3270 mdata = cifs_compose_mount_options(cifs_sb->mountdata,
3271 full_path + 1, referrals,
3272 &fake_devname);
3274 free_dfs_info_array(referrals, num_referrals);
3276 if (IS_ERR(mdata)) {
3277 rc = PTR_ERR(mdata);
3278 mdata = NULL;
3279 } else {
3280 cleanup_volume_info_contents(volume_info);
3281 memset(volume_info, '\0', sizeof(*volume_info));
3282 rc = cifs_setup_volume_info(volume_info, mdata,
3283 fake_devname);
3285 kfree(fake_devname);
3286 kfree(cifs_sb->mountdata);
3287 cifs_sb->mountdata = mdata;
3289 kfree(full_path);
3290 return rc;
3292 #endif
3294 static int
3295 cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
3296 const char *devname)
3298 int rc = 0;
3300 if (cifs_parse_mount_options(mount_data, devname, volume_info))
3301 return -EINVAL;
3303 if (volume_info->nullauth) {
3304 cFYI(1, "Anonymous login");
3305 kfree(volume_info->username);
3306 volume_info->username = NULL;
3307 } else if (volume_info->username) {
3308 /* BB fixme parse for domain name here */
3309 cFYI(1, "Username: %s", volume_info->username);
3310 } else {
3311 cifserror("No username specified");
3312 /* In userspace mount helper we can get user name from alternate
3313 locations such as env variables and files on disk */
3314 return -EINVAL;
3317 /* this is needed for ASCII cp to Unicode converts */
3318 if (volume_info->iocharset == NULL) {
3319 /* load_nls_default cannot return null */
3320 volume_info->local_nls = load_nls_default();
3321 } else {
3322 volume_info->local_nls = load_nls(volume_info->iocharset);
3323 if (volume_info->local_nls == NULL) {
3324 cERROR(1, "CIFS mount error: iocharset %s not found",
3325 volume_info->iocharset);
3326 return -ELIBACC;
3330 return rc;
3333 struct smb_vol *
3334 cifs_get_volume_info(char *mount_data, const char *devname)
3336 int rc;
3337 struct smb_vol *volume_info;
3339 volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
3340 if (!volume_info)
3341 return ERR_PTR(-ENOMEM);
3343 rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3344 if (rc) {
3345 cifs_cleanup_volume_info(volume_info);
3346 volume_info = ERR_PTR(rc);
3349 return volume_info;
3352 /* make sure ra_pages is a multiple of rsize */
3353 static inline unsigned int
3354 cifs_ra_pages(struct cifs_sb_info *cifs_sb)
3356 unsigned int reads;
3357 unsigned int rsize_pages = cifs_sb->rsize / PAGE_CACHE_SIZE;
3359 if (rsize_pages >= default_backing_dev_info.ra_pages)
3360 return default_backing_dev_info.ra_pages;
3361 else if (rsize_pages == 0)
3362 return rsize_pages;
3364 reads = default_backing_dev_info.ra_pages / rsize_pages;
3365 return reads * rsize_pages;
3369 cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
3371 int rc;
3372 int xid;
3373 struct cifs_ses *pSesInfo;
3374 struct cifs_tcon *tcon;
3375 struct TCP_Server_Info *srvTcp;
3376 char *full_path;
3377 struct tcon_link *tlink;
3378 #ifdef CONFIG_CIFS_DFS_UPCALL
3379 int referral_walks_count = 0;
3380 #endif
3382 rc = bdi_setup_and_register(&cifs_sb->bdi, "cifs", BDI_CAP_MAP_COPY);
3383 if (rc)
3384 return rc;
3386 #ifdef CONFIG_CIFS_DFS_UPCALL
3387 try_mount_again:
3388 /* cleanup activities if we're chasing a referral */
3389 if (referral_walks_count) {
3390 if (tcon)
3391 cifs_put_tcon(tcon);
3392 else if (pSesInfo)
3393 cifs_put_smb_ses(pSesInfo);
3395 FreeXid(xid);
3397 #endif
3398 rc = 0;
3399 tcon = NULL;
3400 pSesInfo = NULL;
3401 srvTcp = NULL;
3402 full_path = NULL;
3403 tlink = NULL;
3405 xid = GetXid();
3407 /* get a reference to a tcp session */
3408 srvTcp = cifs_get_tcp_session(volume_info);
3409 if (IS_ERR(srvTcp)) {
3410 rc = PTR_ERR(srvTcp);
3411 bdi_destroy(&cifs_sb->bdi);
3412 goto out;
3415 /* get a reference to a SMB session */
3416 pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
3417 if (IS_ERR(pSesInfo)) {
3418 rc = PTR_ERR(pSesInfo);
3419 pSesInfo = NULL;
3420 goto mount_fail_check;
3423 /* search for existing tcon to this server share */
3424 tcon = cifs_get_tcon(pSesInfo, volume_info);
3425 if (IS_ERR(tcon)) {
3426 rc = PTR_ERR(tcon);
3427 tcon = NULL;
3428 goto remote_path_check;
3431 /* tell server which Unix caps we support */
3432 if (tcon->ses->capabilities & CAP_UNIX) {
3433 /* reset of caps checks mount to see if unix extensions
3434 disabled for just this mount */
3435 reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
3436 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3437 (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3438 CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3439 rc = -EACCES;
3440 goto mount_fail_check;
3442 } else
3443 tcon->unix_ext = 0; /* server does not support them */
3445 /* do not care if following two calls succeed - informational */
3446 if (!tcon->ipc) {
3447 CIFSSMBQFSDeviceInfo(xid, tcon);
3448 CIFSSMBQFSAttributeInfo(xid, tcon);
3451 cifs_sb->wsize = cifs_negotiate_wsize(tcon, volume_info);
3452 cifs_sb->rsize = cifs_negotiate_rsize(tcon, volume_info);
3454 /* tune readahead according to rsize */
3455 cifs_sb->bdi.ra_pages = cifs_ra_pages(cifs_sb);
3457 remote_path_check:
3458 #ifdef CONFIG_CIFS_DFS_UPCALL
3460 * Perform an unconditional check for whether there are DFS
3461 * referrals for this path without prefix, to provide support
3462 * for DFS referrals from w2k8 servers which don't seem to respond
3463 * with PATH_NOT_COVERED to requests that include the prefix.
3464 * Chase the referral if found, otherwise continue normally.
3466 if (referral_walks_count == 0) {
3467 int refrc = expand_dfs_referral(xid, pSesInfo, volume_info,
3468 cifs_sb, false);
3469 if (!refrc) {
3470 referral_walks_count++;
3471 goto try_mount_again;
3474 #endif
3476 /* check if a whole path is not remote */
3477 if (!rc && tcon) {
3478 /* build_path_to_root works only when we have a valid tcon */
3479 full_path = cifs_build_path_to_root(volume_info, cifs_sb, tcon);
3480 if (full_path == NULL) {
3481 rc = -ENOMEM;
3482 goto mount_fail_check;
3484 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
3485 if (rc != 0 && rc != -EREMOTE) {
3486 kfree(full_path);
3487 goto mount_fail_check;
3489 kfree(full_path);
3492 /* get referral if needed */
3493 if (rc == -EREMOTE) {
3494 #ifdef CONFIG_CIFS_DFS_UPCALL
3495 if (referral_walks_count > MAX_NESTED_LINKS) {
3497 * BB: when we implement proper loop detection,
3498 * we will remove this check. But now we need it
3499 * to prevent an indefinite loop if 'DFS tree' is
3500 * misconfigured (i.e. has loops).
3502 rc = -ELOOP;
3503 goto mount_fail_check;
3506 rc = expand_dfs_referral(xid, pSesInfo, volume_info, cifs_sb,
3507 true);
3509 if (!rc) {
3510 referral_walks_count++;
3511 goto try_mount_again;
3513 goto mount_fail_check;
3514 #else /* No DFS support, return error on mount */
3515 rc = -EOPNOTSUPP;
3516 #endif
3519 if (rc)
3520 goto mount_fail_check;
3522 /* now, hang the tcon off of the superblock */
3523 tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3524 if (tlink == NULL) {
3525 rc = -ENOMEM;
3526 goto mount_fail_check;
3529 tlink->tl_uid = pSesInfo->linux_uid;
3530 tlink->tl_tcon = tcon;
3531 tlink->tl_time = jiffies;
3532 set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
3533 set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3535 cifs_sb->master_tlink = tlink;
3536 spin_lock(&cifs_sb->tlink_tree_lock);
3537 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
3538 spin_unlock(&cifs_sb->tlink_tree_lock);
3540 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3541 TLINK_IDLE_EXPIRE);
3543 mount_fail_check:
3544 /* on error free sesinfo and tcon struct if needed */
3545 if (rc) {
3546 /* If find_unc succeeded then rc == 0 so we can not end */
3547 /* up accidentally freeing someone elses tcon struct */
3548 if (tcon)
3549 cifs_put_tcon(tcon);
3550 else if (pSesInfo)
3551 cifs_put_smb_ses(pSesInfo);
3552 else
3553 cifs_put_tcp_session(srvTcp);
3554 bdi_destroy(&cifs_sb->bdi);
3557 out:
3558 FreeXid(xid);
3559 return rc;
3563 * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
3564 * pointer may be NULL.
3567 CIFSTCon(unsigned int xid, struct cifs_ses *ses,
3568 const char *tree, struct cifs_tcon *tcon,
3569 const struct nls_table *nls_codepage)
3571 struct smb_hdr *smb_buffer;
3572 struct smb_hdr *smb_buffer_response;
3573 TCONX_REQ *pSMB;
3574 TCONX_RSP *pSMBr;
3575 unsigned char *bcc_ptr;
3576 int rc = 0;
3577 int length;
3578 __u16 bytes_left, count;
3580 if (ses == NULL)
3581 return -EIO;
3583 smb_buffer = cifs_buf_get();
3584 if (smb_buffer == NULL)
3585 return -ENOMEM;
3587 smb_buffer_response = smb_buffer;
3589 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3590 NULL /*no tid */ , 4 /*wct */ );
3592 smb_buffer->Mid = GetNextMid(ses->server);
3593 smb_buffer->Uid = ses->Suid;
3594 pSMB = (TCONX_REQ *) smb_buffer;
3595 pSMBr = (TCONX_RSP *) smb_buffer_response;
3597 pSMB->AndXCommand = 0xFF;
3598 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
3599 bcc_ptr = &pSMB->Password[0];
3600 if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
3601 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
3602 *bcc_ptr = 0; /* password is null byte */
3603 bcc_ptr++; /* skip password */
3604 /* already aligned so no need to do it below */
3605 } else {
3606 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
3607 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3608 specified as required (when that support is added to
3609 the vfs in the future) as only NTLM or the much
3610 weaker LANMAN (which we do not send by default) is accepted
3611 by Samba (not sure whether other servers allow
3612 NTLMv2 password here) */
3613 #ifdef CONFIG_CIFS_WEAK_PW_HASH
3614 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
3615 (ses->server->secType == LANMAN))
3616 calc_lanman_hash(tcon->password, ses->server->cryptkey,
3617 ses->server->sec_mode &
3618 SECMODE_PW_ENCRYPT ? true : false,
3619 bcc_ptr);
3620 else
3621 #endif /* CIFS_WEAK_PW_HASH */
3622 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
3623 bcc_ptr, nls_codepage);
3625 bcc_ptr += CIFS_AUTH_RESP_SIZE;
3626 if (ses->capabilities & CAP_UNICODE) {
3627 /* must align unicode strings */
3628 *bcc_ptr = 0; /* null byte password */
3629 bcc_ptr++;
3633 if (ses->server->sec_mode &
3634 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
3635 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3637 if (ses->capabilities & CAP_STATUS32) {
3638 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3640 if (ses->capabilities & CAP_DFS) {
3641 smb_buffer->Flags2 |= SMBFLG2_DFS;
3643 if (ses->capabilities & CAP_UNICODE) {
3644 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3645 length =
3646 cifs_strtoUTF16((__le16 *) bcc_ptr, tree,
3647 6 /* max utf8 char length in bytes */ *
3648 (/* server len*/ + 256 /* share len */), nls_codepage);
3649 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
3650 bcc_ptr += 2; /* skip trailing null */
3651 } else { /* ASCII */
3652 strcpy(bcc_ptr, tree);
3653 bcc_ptr += strlen(tree) + 1;
3655 strcpy(bcc_ptr, "?????");
3656 bcc_ptr += strlen("?????");
3657 bcc_ptr += 1;
3658 count = bcc_ptr - &pSMB->Password[0];
3659 pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
3660 pSMB->hdr.smb_buf_length) + count);
3661 pSMB->ByteCount = cpu_to_le16(count);
3663 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
3666 /* above now done in SendReceive */
3667 if ((rc == 0) && (tcon != NULL)) {
3668 bool is_unicode;
3670 tcon->tidStatus = CifsGood;
3671 tcon->need_reconnect = false;
3672 tcon->tid = smb_buffer_response->Tid;
3673 bcc_ptr = pByteArea(smb_buffer_response);
3674 bytes_left = get_bcc(smb_buffer_response);
3675 length = strnlen(bcc_ptr, bytes_left - 2);
3676 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3677 is_unicode = true;
3678 else
3679 is_unicode = false;
3682 /* skip service field (NB: this field is always ASCII) */
3683 if (length == 3) {
3684 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
3685 (bcc_ptr[2] == 'C')) {
3686 cFYI(1, "IPC connection");
3687 tcon->ipc = 1;
3689 } else if (length == 2) {
3690 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
3691 /* the most common case */
3692 cFYI(1, "disk share connection");
3695 bcc_ptr += length + 1;
3696 bytes_left -= (length + 1);
3697 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
3699 /* mostly informational -- no need to fail on error here */
3700 kfree(tcon->nativeFileSystem);
3701 tcon->nativeFileSystem = cifs_strndup_from_utf16(bcc_ptr,
3702 bytes_left, is_unicode,
3703 nls_codepage);
3705 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
3707 if ((smb_buffer_response->WordCount == 3) ||
3708 (smb_buffer_response->WordCount == 7))
3709 /* field is in same location */
3710 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3711 else
3712 tcon->Flags = 0;
3713 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
3714 } else if ((rc == 0) && tcon == NULL) {
3715 /* all we need to save for IPC$ connection */
3716 ses->ipc_tid = smb_buffer_response->Tid;
3719 cifs_buf_release(smb_buffer);
3720 return rc;
3723 void
3724 cifs_umount(struct cifs_sb_info *cifs_sb)
3726 struct rb_root *root = &cifs_sb->tlink_tree;
3727 struct rb_node *node;
3728 struct tcon_link *tlink;
3730 cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
3732 spin_lock(&cifs_sb->tlink_tree_lock);
3733 while ((node = rb_first(root))) {
3734 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3735 cifs_get_tlink(tlink);
3736 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3737 rb_erase(node, root);
3739 spin_unlock(&cifs_sb->tlink_tree_lock);
3740 cifs_put_tlink(tlink);
3741 spin_lock(&cifs_sb->tlink_tree_lock);
3743 spin_unlock(&cifs_sb->tlink_tree_lock);
3745 bdi_destroy(&cifs_sb->bdi);
3746 kfree(cifs_sb->mountdata);
3747 unload_nls(cifs_sb->local_nls);
3748 kfree(cifs_sb);
3751 int cifs_negotiate_protocol(unsigned int xid, struct cifs_ses *ses)
3753 int rc = 0;
3754 struct TCP_Server_Info *server = ses->server;
3756 /* only send once per connect */
3757 if (server->maxBuf != 0)
3758 return 0;
3760 rc = CIFSSMBNegotiate(xid, ses);
3761 if (rc == -EAGAIN) {
3762 /* retry only once on 1st time connection */
3763 rc = CIFSSMBNegotiate(xid, ses);
3764 if (rc == -EAGAIN)
3765 rc = -EHOSTDOWN;
3767 if (rc == 0) {
3768 spin_lock(&GlobalMid_Lock);
3769 if (server->tcpStatus == CifsNeedNegotiate)
3770 server->tcpStatus = CifsGood;
3771 else
3772 rc = -EHOSTDOWN;
3773 spin_unlock(&GlobalMid_Lock);
3777 return rc;
3781 int cifs_setup_session(unsigned int xid, struct cifs_ses *ses,
3782 struct nls_table *nls_info)
3784 int rc = 0;
3785 struct TCP_Server_Info *server = ses->server;
3787 ses->flags = 0;
3788 ses->capabilities = server->capabilities;
3789 if (linuxExtEnabled == 0)
3790 ses->capabilities &= (~CAP_UNIX);
3792 cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
3793 server->sec_mode, server->capabilities, server->timeAdj);
3795 rc = CIFS_SessSetup(xid, ses, nls_info);
3796 if (rc) {
3797 cERROR(1, "Send error in SessSetup = %d", rc);
3798 } else {
3799 mutex_lock(&ses->server->srv_mutex);
3800 if (!server->session_estab) {
3801 server->session_key.response = ses->auth_key.response;
3802 server->session_key.len = ses->auth_key.len;
3803 server->sequence_number = 0x2;
3804 server->session_estab = true;
3805 ses->auth_key.response = NULL;
3807 mutex_unlock(&server->srv_mutex);
3809 cFYI(1, "CIFS Session Established successfully");
3810 spin_lock(&GlobalMid_Lock);
3811 ses->status = CifsGood;
3812 ses->need_reconnect = false;
3813 spin_unlock(&GlobalMid_Lock);
3816 kfree(ses->auth_key.response);
3817 ses->auth_key.response = NULL;
3818 ses->auth_key.len = 0;
3819 kfree(ses->ntlmssp);
3820 ses->ntlmssp = NULL;
3822 return rc;
3825 static int
3826 cifs_set_vol_auth(struct smb_vol *vol, struct cifs_ses *ses)
3828 switch (ses->server->secType) {
3829 case Kerberos:
3830 vol->secFlg = CIFSSEC_MUST_KRB5;
3831 return 0;
3832 case NTLMv2:
3833 vol->secFlg = CIFSSEC_MUST_NTLMV2;
3834 break;
3835 case NTLM:
3836 vol->secFlg = CIFSSEC_MUST_NTLM;
3837 break;
3838 case RawNTLMSSP:
3839 vol->secFlg = CIFSSEC_MUST_NTLMSSP;
3840 break;
3841 case LANMAN:
3842 vol->secFlg = CIFSSEC_MUST_LANMAN;
3843 break;
3846 return cifs_set_cifscreds(vol, ses);
3849 static struct cifs_tcon *
3850 cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
3852 int rc;
3853 struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
3854 struct cifs_ses *ses;
3855 struct cifs_tcon *tcon = NULL;
3856 struct smb_vol *vol_info;
3858 vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
3859 if (vol_info == NULL)
3860 return ERR_PTR(-ENOMEM);
3862 vol_info->local_nls = cifs_sb->local_nls;
3863 vol_info->linux_uid = fsuid;
3864 vol_info->cred_uid = fsuid;
3865 vol_info->UNC = master_tcon->treeName;
3866 vol_info->retry = master_tcon->retry;
3867 vol_info->nocase = master_tcon->nocase;
3868 vol_info->local_lease = master_tcon->local_lease;
3869 vol_info->no_linux_ext = !master_tcon->unix_ext;
3871 rc = cifs_set_vol_auth(vol_info, master_tcon->ses);
3872 if (rc) {
3873 tcon = ERR_PTR(rc);
3874 goto out;
3877 /* get a reference for the same TCP session */
3878 spin_lock(&cifs_tcp_ses_lock);
3879 ++master_tcon->ses->server->srv_count;
3880 spin_unlock(&cifs_tcp_ses_lock);
3882 ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
3883 if (IS_ERR(ses)) {
3884 tcon = (struct cifs_tcon *)ses;
3885 cifs_put_tcp_session(master_tcon->ses->server);
3886 goto out;
3889 tcon = cifs_get_tcon(ses, vol_info);
3890 if (IS_ERR(tcon)) {
3891 cifs_put_smb_ses(ses);
3892 goto out;
3895 if (ses->capabilities & CAP_UNIX)
3896 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
3897 out:
3898 kfree(vol_info->username);
3899 kfree(vol_info->password);
3900 kfree(vol_info);
3902 return tcon;
3905 struct cifs_tcon *
3906 cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
3908 return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
3911 static int
3912 cifs_sb_tcon_pending_wait(void *unused)
3914 schedule();
3915 return signal_pending(current) ? -ERESTARTSYS : 0;
3918 /* find and return a tlink with given uid */
3919 static struct tcon_link *
3920 tlink_rb_search(struct rb_root *root, uid_t uid)
3922 struct rb_node *node = root->rb_node;
3923 struct tcon_link *tlink;
3925 while (node) {
3926 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3928 if (tlink->tl_uid > uid)
3929 node = node->rb_left;
3930 else if (tlink->tl_uid < uid)
3931 node = node->rb_right;
3932 else
3933 return tlink;
3935 return NULL;
3938 /* insert a tcon_link into the tree */
3939 static void
3940 tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
3942 struct rb_node **new = &(root->rb_node), *parent = NULL;
3943 struct tcon_link *tlink;
3945 while (*new) {
3946 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
3947 parent = *new;
3949 if (tlink->tl_uid > new_tlink->tl_uid)
3950 new = &((*new)->rb_left);
3951 else
3952 new = &((*new)->rb_right);
3955 rb_link_node(&new_tlink->tl_rbnode, parent, new);
3956 rb_insert_color(&new_tlink->tl_rbnode, root);
3960 * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
3961 * current task.
3963 * If the superblock doesn't refer to a multiuser mount, then just return
3964 * the master tcon for the mount.
3966 * First, search the rbtree for an existing tcon for this fsuid. If one
3967 * exists, then check to see if it's pending construction. If it is then wait
3968 * for construction to complete. Once it's no longer pending, check to see if
3969 * it failed and either return an error or retry construction, depending on
3970 * the timeout.
3972 * If one doesn't exist then insert a new tcon_link struct into the tree and
3973 * try to construct a new one.
3975 struct tcon_link *
3976 cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
3978 int ret;
3979 uid_t fsuid = current_fsuid();
3980 struct tcon_link *tlink, *newtlink;
3982 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
3983 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
3985 spin_lock(&cifs_sb->tlink_tree_lock);
3986 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
3987 if (tlink)
3988 cifs_get_tlink(tlink);
3989 spin_unlock(&cifs_sb->tlink_tree_lock);
3991 if (tlink == NULL) {
3992 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
3993 if (newtlink == NULL)
3994 return ERR_PTR(-ENOMEM);
3995 newtlink->tl_uid = fsuid;
3996 newtlink->tl_tcon = ERR_PTR(-EACCES);
3997 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
3998 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
3999 cifs_get_tlink(newtlink);
4001 spin_lock(&cifs_sb->tlink_tree_lock);
4002 /* was one inserted after previous search? */
4003 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
4004 if (tlink) {
4005 cifs_get_tlink(tlink);
4006 spin_unlock(&cifs_sb->tlink_tree_lock);
4007 kfree(newtlink);
4008 goto wait_for_construction;
4010 tlink = newtlink;
4011 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
4012 spin_unlock(&cifs_sb->tlink_tree_lock);
4013 } else {
4014 wait_for_construction:
4015 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
4016 cifs_sb_tcon_pending_wait,
4017 TASK_INTERRUPTIBLE);
4018 if (ret) {
4019 cifs_put_tlink(tlink);
4020 return ERR_PTR(ret);
4023 /* if it's good, return it */
4024 if (!IS_ERR(tlink->tl_tcon))
4025 return tlink;
4027 /* return error if we tried this already recently */
4028 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
4029 cifs_put_tlink(tlink);
4030 return ERR_PTR(-EACCES);
4033 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
4034 goto wait_for_construction;
4037 tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
4038 clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
4039 wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
4041 if (IS_ERR(tlink->tl_tcon)) {
4042 cifs_put_tlink(tlink);
4043 return ERR_PTR(-EACCES);
4046 return tlink;
4050 * periodic workqueue job that scans tcon_tree for a superblock and closes
4051 * out tcons.
4053 static void
4054 cifs_prune_tlinks(struct work_struct *work)
4056 struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
4057 prune_tlinks.work);
4058 struct rb_root *root = &cifs_sb->tlink_tree;
4059 struct rb_node *node = rb_first(root);
4060 struct rb_node *tmp;
4061 struct tcon_link *tlink;
4064 * Because we drop the spinlock in the loop in order to put the tlink
4065 * it's not guarded against removal of links from the tree. The only
4066 * places that remove entries from the tree are this function and
4067 * umounts. Because this function is non-reentrant and is canceled
4068 * before umount can proceed, this is safe.
4070 spin_lock(&cifs_sb->tlink_tree_lock);
4071 node = rb_first(root);
4072 while (node != NULL) {
4073 tmp = node;
4074 node = rb_next(tmp);
4075 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
4077 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
4078 atomic_read(&tlink->tl_count) != 0 ||
4079 time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
4080 continue;
4082 cifs_get_tlink(tlink);
4083 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
4084 rb_erase(tmp, root);
4086 spin_unlock(&cifs_sb->tlink_tree_lock);
4087 cifs_put_tlink(tlink);
4088 spin_lock(&cifs_sb->tlink_tree_lock);
4090 spin_unlock(&cifs_sb->tlink_tree_lock);
4092 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
4093 TLINK_IDLE_EXPIRE);