projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
CIFS: Respect negotiated MaxMpxCount
[deliverable/linux.git] / fs / cifs / connect.c
CommitLineData
1da177e4
LT		 1/*
2 * fs/cifs/connect.c
3 *
d185cda7 4 * Copyright (C) International Business Machines Corp., 2002,2009
1da177e4
LT		 5 * Author(s): Steve French (sfrench@us.ibm.com)
6 *
7 * This library is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU Lesser General Public License as published
9 * by the Free Software Foundation; either version 2.1 of the License, or
10 * (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
15 * the GNU Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public License
18 * along with this library; if not, write to the Free Software
fb8c4b14 19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
1da177e4
LT		 20 */
21#include <linux/fs.h>
22#include <linux/net.h>
23#include <linux/string.h>
24#include <linux/list.h>
25#include <linux/wait.h>
5a0e3ad6 26#include <linux/slab.h>
1da177e4
LT		 27#include <linux/pagemap.h>
28#include <linux/ctype.h>
29#include <linux/utsname.h>
30#include <linux/mempool.h>
b8643e1b 31#include <linux/delay.h>
f191401f 32#include <linux/completion.h>
aaf737ad 33#include <linux/kthread.h>
0ae0efad 34#include <linux/pagevec.h>
7dfb7103 35#include <linux/freezer.h>
5c2503a8 36#include <linux/namei.h>
1da177e4
LT		 37#include <asm/uaccess.h>
38#include <asm/processor.h>
50b64e3b 39#include <linux/inet.h>
143cb494 40#include <linux/module.h>
8a8798a5 41#include <keys/user-type.h>
0e2bedaa 42#include <net/ipv6.h>
1da177e4
LT		 43#include "cifspdu.h"
44#include "cifsglob.h"
45#include "cifsproto.h"
46#include "cifs_unicode.h"
47#include "cifs_debug.h"
48#include "cifs_fs_sb.h"
49#include "ntlmssp.h"
50#include "nterr.h"
51#include "rfc1002pdu.h"
488f1d2d 52#include "fscache.h"
1da177e4
LT		 53
54#define CIFS_PORT 445
55#define RFC1001_PORT 139
56
c74093b6
JL		 57/* SMB echo "timeout" -- FIXME: tunable? */
58#define SMB_ECHO_INTERVAL (60 * HZ)
59
1da177e4
LT		 60extern mempool_t *cifs_req_poolp;
61
2de970ff 62/* FIXME: should these be tunable? */
9d002df4 63#define TLINK_ERROR_EXPIRE (1 * HZ)
2de970ff 64#define TLINK_IDLE_EXPIRE (600 * HZ)
9d002df4 65
a9f1b85e
PS		 66static int ip_connect(struct TCP_Server_Info *server);
67static int generic_ip_connect(struct TCP_Server_Info *server);
b647c35f 68static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
2de970ff 69static void cifs_prune_tlinks(struct work_struct *work);
b9bce2e9
JL		 70static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
71 const char *devname);
1da177e4 72
d5c5605c
JL		 73/*
74 * cifs tcp session reconnection
75 *
76 * mark tcp session as reconnecting so temporarily locked
77 * mark all smb sessions as reconnecting for tcp session
78 * reconnect tcp session
79 * wake up waiters on reconnection? - (not needed currently)
80 */
2cd646a2 81static int
1da177e4
LT		 82cifs_reconnect(struct TCP_Server_Info *server)
83{
84 int rc = 0;
f1987b44 85 struct list_head *tmp, *tmp2;
96daf2b0
SF		 86 struct cifs_ses *ses;
87 struct cifs_tcon *tcon;
fb8c4b14 88 struct mid_q_entry *mid_entry;
3c1105df 89 struct list_head retry_list;
50c2f753 90
1da177e4 91 spin_lock(&GlobalMid_Lock);
469ee614 92 if (server->tcpStatus == CifsExiting) {
fb8c4b14 93 /* the demux thread will exit normally
1da177e4
LT		 94 next time through the loop */
95 spin_unlock(&GlobalMid_Lock);
96 return rc;
97 } else
98 server->tcpStatus = CifsNeedReconnect;
99 spin_unlock(&GlobalMid_Lock);
100 server->maxBuf = 0;
101
b6b38f70 102 cFYI(1, "Reconnecting tcp session");
1da177e4
LT		 103
104 /* before reconnecting the tcp session, mark the smb session (uid)
105 and the tid bad so they are not used until reconnected */
2b84a36c 106 cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
3f9bcca7 107 spin_lock(&cifs_tcp_ses_lock);
14fbf50d 108 list_for_each(tmp, &server->smb_ses_list) {
96daf2b0 109 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
14fbf50d
JL		 110 ses->need_reconnect = true;
111 ses->ipc_tid = 0;
f1987b44 112 list_for_each(tmp2, &ses->tcon_list) {
96daf2b0 113 tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
3b795210 114 tcon->need_reconnect = true;
1da177e4 115 }
1da177e4 116 }
3f9bcca7 117 spin_unlock(&cifs_tcp_ses_lock);
2b84a36c 118
1da177e4 119 /* do not want to be sending data on a socket we are freeing */
2b84a36c 120 cFYI(1, "%s: tearing down socket", __func__);
72ca545b 121 mutex_lock(&server->srv_mutex);
fb8c4b14 122 if (server->ssocket) {
b6b38f70
JP		 123 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
124 server->ssocket->flags);
91cf45f0 125 kernel_sock_shutdown(server->ssocket, SHUT_WR);
b6b38f70 126 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
467a8f8d 127 server->ssocket->state,
b6b38f70 128 server->ssocket->flags);
1da177e4
LT		 129 sock_release(server->ssocket);
130 server->ssocket = NULL;
131 }
5d0d2882
SP		 132 server->sequence_number = 0;
133 server->session_estab = false;
21e73393
SP		 134 kfree(server->session_key.response);
135 server->session_key.response = NULL;
136 server->session_key.len = 0;
fda35943 137 server->lstrp = jiffies;
2b84a36c 138 mutex_unlock(&server->srv_mutex);
1da177e4 139
2b84a36c 140 /* mark submitted MIDs for retry and issue callback */
3c1105df
JL		 141 INIT_LIST_HEAD(&retry_list);
142 cFYI(1, "%s: moving mids to private list", __func__);
1da177e4 143 spin_lock(&GlobalMid_Lock);
2b84a36c
JL		 144 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
145 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
146 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
ad8b15f0 147 mid_entry->midState = MID_RETRY_NEEDED;
3c1105df
JL		 148 list_move(&mid_entry->qhead, &retry_list);
149 }
150 spin_unlock(&GlobalMid_Lock);
151
152 cFYI(1, "%s: issuing mid callbacks", __func__);
153 list_for_each_safe(tmp, tmp2, &retry_list) {
154 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
2b84a36c
JL		 155 list_del_init(&mid_entry->qhead);
156 mid_entry->callback(mid_entry);
1da177e4 157 }
1da177e4 158
7fdbaa1b 159 do {
6c3d8909 160 try_to_freeze();
a9f1b85e
PS		 161
162 /* we should try only the port we connected to before */
163 rc = generic_ip_connect(server);
fb8c4b14 164 if (rc) {
b6b38f70 165 cFYI(1, "reconnect error %d", rc);
0cb766ae 166 msleep(3000);
1da177e4
LT		 167 } else {
168 atomic_inc(&tcpSesReconnectCount);
169 spin_lock(&GlobalMid_Lock);
469ee614 170 if (server->tcpStatus != CifsExiting)
fd88ce93 171 server->tcpStatus = CifsNeedNegotiate;
fb8c4b14 172 spin_unlock(&GlobalMid_Lock);
1da177e4 173 }
7fdbaa1b 174 } while (server->tcpStatus == CifsNeedReconnect);
2b84a36c 175
1da177e4
LT		 176 return rc;
177}
178
fb8c4b14 179/*
e4eb295d
SF		 180 return codes:
181 0 not a transact2, or all data present
182 >0 transact2 with that much data missing
183 -EINVAL = invalid transact2
184
185 */
c974befa 186static int check2ndT2(struct smb_hdr *pSMB)
e4eb295d 187{
fb8c4b14 188 struct smb_t2_rsp *pSMBt;
e4eb295d 189 int remaining;
26ec2548 190 __u16 total_data_size, data_in_this_rsp;
e4eb295d 191
fb8c4b14 192 if (pSMB->Command != SMB_COM_TRANSACTION2)
e4eb295d
SF		 193 return 0;
194
fb8c4b14
SF		 195 /* check for plausible wct, bcc and t2 data and parm sizes */
196 /* check for parm and data offset going beyond end of smb */
197 if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
b6b38f70 198 cFYI(1, "invalid transact2 word count");
e4eb295d
SF		 199 return -EINVAL;
200 }
201
202 pSMBt = (struct smb_t2_rsp *)pSMB;
203
26ec2548
JL		 204 total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
205 data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
e4eb295d 206
c0c7b905 207 if (total_data_size == data_in_this_rsp)
e4eb295d 208 return 0;
c0c7b905 209 else if (total_data_size < data_in_this_rsp) {
b6b38f70
JP		 210 cFYI(1, "total data %d smaller than data in frame %d",
211 total_data_size, data_in_this_rsp);
e4eb295d 212 return -EINVAL;
e4eb295d 213 }
c0c7b905
JL		 214
215 remaining = total_data_size - data_in_this_rsp;
216
217 cFYI(1, "missing %d bytes from transact2, check next response",
218 remaining);
c974befa 219 if (total_data_size > CIFSMaxBufSize) {
c0c7b905 220 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
c974befa 221 total_data_size, CIFSMaxBufSize);
c0c7b905
JL		 222 return -EINVAL;
223 }
224 return remaining;
e4eb295d
SF		 225}
226
fb8c4b14 227static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
e4eb295d 228{
f5fffcee 229 struct smb_t2_rsp *pSMBs = (struct smb_t2_rsp *)psecond;
e4eb295d 230 struct smb_t2_rsp *pSMBt = (struct smb_t2_rsp *)pTargetSMB;
f5fffcee
JL		 231 char *data_area_of_tgt;
232 char *data_area_of_src;
26ec2548 233 int remaining;
f5fffcee
JL		 234 unsigned int byte_count, total_in_tgt;
235 __u16 tgt_total_cnt, src_total_cnt, total_in_src;
e4eb295d 236
f5fffcee
JL		 237 src_total_cnt = get_unaligned_le16(&pSMBs->t2_rsp.TotalDataCount);
238 tgt_total_cnt = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
e4eb295d 239
f5fffcee
JL		 240 if (tgt_total_cnt != src_total_cnt)
241 cFYI(1, "total data count of primary and secondary t2 differ "
242 "source=%hu target=%hu", src_total_cnt, tgt_total_cnt);
e4eb295d 243
f5fffcee 244 total_in_tgt = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
e4eb295d 245
f5fffcee 246 remaining = tgt_total_cnt - total_in_tgt;
50c2f753 247
f5fffcee
JL		 248 if (remaining < 0) {
249 cFYI(1, "Server sent too much data. tgt_total_cnt=%hu "
250 "total_in_tgt=%hu", tgt_total_cnt, total_in_tgt);
2a2047bc 251 return -EPROTO;
f5fffcee 252 }
e4eb295d 253
f5fffcee
JL		 254 if (remaining == 0) {
255 /* nothing to do, ignore */
256 cFYI(1, "no more data remains");
e4eb295d 257 return 0;
f5fffcee 258 }
50c2f753 259
f5fffcee
JL		 260 total_in_src = get_unaligned_le16(&pSMBs->t2_rsp.DataCount);
261 if (remaining < total_in_src)
b6b38f70 262 cFYI(1, "transact2 2nd response contains too much data");
e4eb295d
SF		 263
264 /* find end of first SMB data area */
f5fffcee 265 data_area_of_tgt = (char *)&pSMBt->hdr.Protocol +
26ec2548 266 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
e4eb295d 267
f5fffcee
JL		 268 /* validate target area */
269 data_area_of_src = (char *)&pSMBs->hdr.Protocol +
270 get_unaligned_le16(&pSMBs->t2_rsp.DataOffset);
e4eb295d 271
f5fffcee 272 data_area_of_tgt += total_in_tgt;
e4eb295d 273
f5fffcee 274 total_in_tgt += total_in_src;
2a2047bc 275 /* is the result too big for the field? */
f5fffcee
JL		 276 if (total_in_tgt > USHRT_MAX) {
277 cFYI(1, "coalesced DataCount too large (%u)", total_in_tgt);
2a2047bc 278 return -EPROTO;
f5fffcee
JL		 279 }
280 put_unaligned_le16(total_in_tgt, &pSMBt->t2_rsp.DataCount);
2a2047bc
JL		 281
282 /* fix up the BCC */
820a803f 283 byte_count = get_bcc(pTargetSMB);
f5fffcee 284 byte_count += total_in_src;
2a2047bc 285 /* is the result too big for the field? */
f5fffcee
JL		 286 if (byte_count > USHRT_MAX) {
287 cFYI(1, "coalesced BCC too large (%u)", byte_count);
2a2047bc 288 return -EPROTO;
f5fffcee 289 }
820a803f 290 put_bcc(byte_count, pTargetSMB);
e4eb295d 291
be8e3b00 292 byte_count = be32_to_cpu(pTargetSMB->smb_buf_length);
f5fffcee 293 byte_count += total_in_src;
2a2047bc 294 /* don't allow buffer to overflow */
f5fffcee
JL		 295 if (byte_count > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
296 cFYI(1, "coalesced BCC exceeds buffer size (%u)", byte_count);
2a2047bc 297 return -ENOBUFS;
f5fffcee 298 }
be8e3b00 299 pTargetSMB->smb_buf_length = cpu_to_be32(byte_count);
e4eb295d 300
f5fffcee
JL		 301 /* copy second buffer into end of first buffer */
302 memcpy(data_area_of_tgt, data_area_of_src, total_in_src);
2a2047bc 303
f5fffcee
JL		 304 if (remaining != total_in_src) {
305 /* more responses to go */
306 cFYI(1, "waiting for more secondary responses");
e4eb295d 307 return 1;
f5fffcee
JL		 308 }
309
310 /* we are done */
311 cFYI(1, "found the last secondary response");
312 return 0;
e4eb295d
SF		 313}
314
c74093b6
JL		 315static void
316cifs_echo_request(struct work_struct *work)
317{
318 int rc;
319 struct TCP_Server_Info *server = container_of(work,
320 struct TCP_Server_Info, echo.work);
321
247ec9b4 322 /*
195291e6
JL		 323 * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
324 * done, which is indicated by maxBuf != 0. Also, no need to ping if
325 * we got a response recently
247ec9b4 326 */
195291e6 327 if (server->maxBuf == 0 ||
247ec9b4 328 time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
c74093b6
JL		 329 goto requeue_echo;
330
331 rc = CIFSSMBEcho(server);
332 if (rc)
333 cFYI(1, "Unable to send echo request to server: %s",
334 server->hostname);
335
336requeue_echo:
337 queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
338}
339
3d9c2472 340static bool
2a37ef94 341allocate_buffers(struct TCP_Server_Info *server)
3d9c2472 342{
2a37ef94
JL		 343 if (!server->bigbuf) {
344 server->bigbuf = (char *)cifs_buf_get();
345 if (!server->bigbuf) {
3d9c2472
PS		 346 cERROR(1, "No memory for large SMB response");
347 msleep(3000);
348 /* retry will check if exiting */
349 return false;
350 }
2a37ef94 351 } else if (server->large_buf) {
3d9c2472 352 /* we are reusing a dirty large buf, clear its start */
2a37ef94 353 memset(server->bigbuf, 0, sizeof(struct smb_hdr));
3d9c2472
PS		 354 }
355
2a37ef94
JL		 356 if (!server->smallbuf) {
357 server->smallbuf = (char *)cifs_small_buf_get();
358 if (!server->smallbuf) {
3d9c2472
PS		 359 cERROR(1, "No memory for SMB response");
360 msleep(1000);
361 /* retry will check if exiting */
362 return false;
363 }
364 /* beginning of smb buffer is cleared in our buf_get */
365 } else {
366 /* if existing small buf clear beginning */
2a37ef94 367 memset(server->smallbuf, 0, sizeof(struct smb_hdr));
3d9c2472
PS		 368 }
369
3d9c2472
PS		 370 return true;
371}
372
ba749e6d
JL		 373static bool
374server_unresponsive(struct TCP_Server_Info *server)
375{
376 if (echo_retries > 0 && server->tcpStatus == CifsGood &&
377 time_after(jiffies, server->lstrp +
378 (echo_retries * SMB_ECHO_INTERVAL))) {
379 cERROR(1, "Server %s has not responded in %d seconds. "
380 "Reconnecting...", server->hostname,
381 (echo_retries * SMB_ECHO_INTERVAL / HZ));
382 cifs_reconnect(server);
383 wake_up(&server->response_q);
384 return true;
385 }
386
387 return false;
388}
389
42c4dfc2
JL		 390/*
391 * kvec_array_init - clone a kvec array, and advance into it
392 * @new: pointer to memory for cloned array
393 * @iov: pointer to original array
394 * @nr_segs: number of members in original array
395 * @bytes: number of bytes to advance into the cloned array
396 *
397 * This function will copy the array provided in iov to a section of memory
398 * and advance the specified number of bytes into the new array. It returns
399 * the number of segments in the new array. "new" must be at least as big as
400 * the original iov array.
401 */
402static unsigned int
403kvec_array_init(struct kvec *new, struct kvec *iov, unsigned int nr_segs,
404 size_t bytes)
405{
406 size_t base = 0;
407
408 while (bytes || !iov->iov_len) {
409 int copy = min(bytes, iov->iov_len);
410
411 bytes -= copy;
412 base += copy;
413 if (iov->iov_len == base) {
414 iov++;
415 nr_segs--;
416 base = 0;
417 }
418 }
419 memcpy(new, iov, sizeof(*iov) * nr_segs);
420 new->iov_base += base;
421 new->iov_len -= base;
422 return nr_segs;
423}
424
1041e3f9
JL		 425static struct kvec *
426get_server_iovec(struct TCP_Server_Info *server, unsigned int nr_segs)
e7015fb1 427{
1041e3f9
JL		 428 struct kvec *new_iov;
429
430 if (server->iov && nr_segs <= server->nr_iov)
431 return server->iov;
432
433 /* not big enough -- allocate a new one and release the old */
434 new_iov = kmalloc(sizeof(*new_iov) * nr_segs, GFP_NOFS);
435 if (new_iov) {
436 kfree(server->iov);
437 server->iov = new_iov;
438 server->nr_iov = nr_segs;
439 }
440 return new_iov;
441}
442
e28bc5b1
JL		 443int
444cifs_readv_from_socket(struct TCP_Server_Info *server, struct kvec *iov_orig,
445 unsigned int nr_segs, unsigned int to_read)
e7015fb1 446{
a52c1eb7
JL		 447 int length = 0;
448 int total_read;
42c4dfc2 449 unsigned int segs;
e831e6cf 450 struct msghdr smb_msg;
42c4dfc2
JL		 451 struct kvec *iov;
452
1041e3f9 453 iov = get_server_iovec(server, nr_segs);
42c4dfc2
JL		 454 if (!iov)
455 return -ENOMEM;
e7015fb1 456
e831e6cf
JL		 457 smb_msg.msg_control = NULL;
458 smb_msg.msg_controllen = 0;
459
a52c1eb7 460 for (total_read = 0; to_read; total_read += length, to_read -= length) {
95edcff4
JL		 461 try_to_freeze();
462
ba749e6d 463 if (server_unresponsive(server)) {
a52c1eb7 464 total_read = -EAGAIN;
ba749e6d
JL		 465 break;
466 }
467
42c4dfc2
JL		 468 segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
469
470 length = kernel_recvmsg(server->ssocket, &smb_msg,
471 iov, segs, to_read, 0);
e7015fb1 472
e7015fb1 473 if (server->tcpStatus == CifsExiting) {
a52c1eb7 474 total_read = -ESHUTDOWN;
e7015fb1
PS		 475 break;
476 } else if (server->tcpStatus == CifsNeedReconnect) {
477 cifs_reconnect(server);
a52c1eb7 478 total_read = -EAGAIN;
e7015fb1
PS		 479 break;
480 } else if (length == -ERESTARTSYS ||
481 length == -EAGAIN ||
482 length == -EINTR) {
483 /*
484 * Minimum sleep to prevent looping, allowing socket
485 * to clear and app threads to set tcpStatus
486 * CifsNeedReconnect if server hung.
487 */
488 usleep_range(1000, 2000);
489 length = 0;
a52c1eb7 490 continue;
e7015fb1 491 } else if (length <= 0) {
a52c1eb7
JL		 492 cFYI(1, "Received no data or error: expecting %d "
493 "got %d", to_read, length);
e7015fb1 494 cifs_reconnect(server);
a52c1eb7 495 total_read = -EAGAIN;
e7015fb1
PS		 496 break;
497 }
498 }
a52c1eb7 499 return total_read;
e7015fb1 500}
e7015fb1 501
e28bc5b1
JL		 502int
503cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
504 unsigned int to_read)
42c4dfc2
JL		 505{
506 struct kvec iov;
507
508 iov.iov_base = buf;
509 iov.iov_len = to_read;
510
e28bc5b1 511 return cifs_readv_from_socket(server, &iov, 1, to_read);
e7015fb1
PS		 512}
513
98bac62c 514static bool
fe11e4cc 515is_smb_response(struct TCP_Server_Info *server, unsigned char type)
98bac62c 516{
98bac62c
PS		 517 /*
518 * The first byte big endian of the length field,
519 * is actually not part of the length but the type
520 * with the most common, zero, as regular data.
521 */
fe11e4cc
JL		 522 switch (type) {
523 case RFC1002_SESSION_MESSAGE:
524 /* Regular SMB response */
525 return true;
526 case RFC1002_SESSION_KEEP_ALIVE:
527 cFYI(1, "RFC 1002 session keep alive");
528 break;
529 case RFC1002_POSITIVE_SESSION_RESPONSE:
530 cFYI(1, "RFC 1002 positive session response");
531 break;
532 case RFC1002_NEGATIVE_SESSION_RESPONSE:
98bac62c
PS		 533 /*
534 * We get this from Windows 98 instead of an error on
535 * SMB negprot response.
536 */
fe11e4cc 537 cFYI(1, "RFC 1002 negative session response");
98bac62c
PS		 538 /* give server a second to clean up */
539 msleep(1000);
540 /*
541 * Always try 445 first on reconnect since we get NACK
542 * on some if we ever connected to port 139 (the NACK
543 * is since we do not begin with RFC1001 session
544 * initialize frame).
545 */
fe11e4cc 546 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
98bac62c
PS		 547 cifs_reconnect(server);
548 wake_up(&server->response_q);
fe11e4cc
JL		 549 break;
550 default:
551 cERROR(1, "RFC 1002 unknown response type 0x%x", type);
98bac62c 552 cifs_reconnect(server);
98bac62c
PS		 553 }
554
fe11e4cc 555 return false;
98bac62c
PS		 556}
557
ad69bae1 558static struct mid_q_entry *
ea1f4502 559find_mid(struct TCP_Server_Info *server, struct smb_hdr *buf)
ad69bae1 560{
ea1f4502 561 struct mid_q_entry *mid;
ad69bae1
PS		 562
563 spin_lock(&GlobalMid_Lock);
ea1f4502
JL		 564 list_for_each_entry(mid, &server->pending_mid_q, qhead) {
565 if (mid->mid == buf->Mid &&
566 mid->midState == MID_REQUEST_SUBMITTED &&
567 mid->command == buf->Command) {
568 spin_unlock(&GlobalMid_Lock);
569 return mid;
ad69bae1 570 }
ea1f4502
JL		 571 }
572 spin_unlock(&GlobalMid_Lock);
573 return NULL;
574}
575
e28bc5b1
JL		 576void
577dequeue_mid(struct mid_q_entry *mid, bool malformed)
ea1f4502 578{
ad69bae1 579#ifdef CONFIG_CIFS_STATS2
ea1f4502 580 mid->when_received = jiffies;
ad69bae1 581#endif
ea1f4502
JL		 582 spin_lock(&GlobalMid_Lock);
583 if (!malformed)
584 mid->midState = MID_RESPONSE_RECEIVED;
585 else
586 mid->midState = MID_RESPONSE_MALFORMED;
587 list_del_init(&mid->qhead);
ad69bae1 588 spin_unlock(&GlobalMid_Lock);
ea1f4502 589}
ad69bae1 590
c8054ebd
JL		 591static void
592handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
593 struct smb_hdr *buf, int malformed)
ea1f4502 594{
ffc00e27
JL		 595 if (malformed == 0 && check2ndT2(buf) > 0) {
596 mid->multiRsp = true;
ea1f4502
JL		 597 if (mid->resp_buf) {
598 /* merge response - fix up 1st*/
ffc00e27
JL		 599 malformed = coalesce_t2(buf, mid->resp_buf);
600 if (malformed > 0)
c8054ebd 601 return;
ffc00e27 602
ea1f4502
JL		 603 /* All parts received or packet is malformed. */
604 mid->multiEnd = true;
c8054ebd 605 return dequeue_mid(mid, malformed);
ea1f4502 606 }
2a37ef94 607 if (!server->large_buf) {
ea1f4502
JL		 608 /*FIXME: switch to already allocated largebuf?*/
609 cERROR(1, "1st trans2 resp needs bigbuf");
610 } else {
611 /* Have first buffer */
612 mid->resp_buf = buf;
613 mid->largeBuf = true;
2a37ef94 614 server->bigbuf = NULL;
ea1f4502 615 }
c8054ebd 616 return;
ea1f4502
JL		 617 }
618 mid->resp_buf = buf;
2a37ef94
JL		 619 mid->largeBuf = server->large_buf;
620 /* Was previous buf put in mpx struct for multi-rsp? */
621 if (!mid->multiRsp) {
622 /* smb buffer will be freed by user thread */
623 if (server->large_buf)
624 server->bigbuf = NULL;
625 else
626 server->smallbuf = NULL;
627 }
ffc00e27 628 dequeue_mid(mid, malformed);
ad69bae1
PS		 629}
630
762dfd10
PS		 631static void clean_demultiplex_info(struct TCP_Server_Info *server)
632{
633 int length;
634
635 /* take it off the list, if it's not already */
636 spin_lock(&cifs_tcp_ses_lock);
637 list_del_init(&server->tcp_ses_list);
638 spin_unlock(&cifs_tcp_ses_lock);
639
640 spin_lock(&GlobalMid_Lock);
641 server->tcpStatus = CifsExiting;
642 spin_unlock(&GlobalMid_Lock);
643 wake_up_all(&server->response_q);
644
10b9b98e 645 /* Check if we have blocked requests that need to free. */
762dfd10 646 spin_lock(&GlobalMid_Lock);
10b9b98e
PS		 647 if (atomic_read(&server->inFlight) >= server->maxReq)
648 atomic_set(&server->inFlight, server->maxReq - 1);
762dfd10
PS		 649 /*
650 * We do not want to set the max_pending too low or we could end up
651 * with the counter going negative.
652 */
653 spin_unlock(&GlobalMid_Lock);
654 /*
655 * Although there should not be any requests blocked on this queue it
656 * can not hurt to be paranoid and try to wake up requests that may
657 * haven been blocked when more than 50 at time were on the wire to the
658 * same server - they now will see the session is in exit state and get
659 * out of SendReceive.
660 */
661 wake_up_all(&server->request_q);
662 /* give those requests time to exit */
663 msleep(125);
664
665 if (server->ssocket) {
666 sock_release(server->ssocket);
667 server->ssocket = NULL;
668 }
669
670 if (!list_empty(&server->pending_mid_q)) {
671 struct list_head dispose_list;
672 struct mid_q_entry *mid_entry;
673 struct list_head *tmp, *tmp2;
674
675 INIT_LIST_HEAD(&dispose_list);
676 spin_lock(&GlobalMid_Lock);
677 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
678 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
679 cFYI(1, "Clearing mid 0x%x", mid_entry->mid);
680 mid_entry->midState = MID_SHUTDOWN;
681 list_move(&mid_entry->qhead, &dispose_list);
682 }
683 spin_unlock(&GlobalMid_Lock);
684
685 /* now walk dispose list and issue callbacks */
686 list_for_each_safe(tmp, tmp2, &dispose_list) {
687 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
688 cFYI(1, "Callback mid 0x%x", mid_entry->mid);
689 list_del_init(&mid_entry->qhead);
690 mid_entry->callback(mid_entry);
691 }
692 /* 1/8th of sec is more than enough time for them to exit */
693 msleep(125);
694 }
695
696 if (!list_empty(&server->pending_mid_q)) {
697 /*
698 * mpx threads have not exited yet give them at least the smb
699 * send timeout time for long ops.
700 *
701 * Due to delays on oplock break requests, we need to wait at
702 * least 45 seconds before giving up on a request getting a
703 * response and going ahead and killing cifsd.
704 */
705 cFYI(1, "Wait for exit from demultiplex thread");
706 msleep(46000);
707 /*
708 * If threads still have not exited they are probably never
709 * coming home not much else we can do but free the memory.
710 */
711 }
712
713 kfree(server->hostname);
1041e3f9 714 kfree(server->iov);
762dfd10
PS		 715 kfree(server);
716
717 length = atomic_dec_return(&tcpSesAllocCount);
718 if (length > 0)
719 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
720 GFP_KERNEL);
721}
722
e9097ab4
JL		 723static int
724standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
725{
726 int length;
727 char *buf = server->smallbuf;
728 struct smb_hdr *smb_buffer = (struct smb_hdr *)buf;
729 unsigned int pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
730
731 /* make sure this will fit in a large buffer */
732 if (pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
733 cERROR(1, "SMB response too long (%u bytes)",
734 pdu_length);
735 cifs_reconnect(server);
736 wake_up(&server->response_q);
737 return -EAGAIN;
738 }
739
740 /* switch to large buffer if too big for a small one */
741 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
742 server->large_buf = true;
743 memcpy(server->bigbuf, server->smallbuf, server->total_read);
744 buf = server->bigbuf;
745 smb_buffer = (struct smb_hdr *)buf;
746 }
747
748 /* now read the rest */
e28bc5b1 749 length = cifs_read_from_socket(server,
e9097ab4
JL		 750 buf + sizeof(struct smb_hdr) - 1,
751 pdu_length - sizeof(struct smb_hdr) + 1 + 4);
752 if (length < 0)
753 return length;
754 server->total_read += length;
755
756 dump_smb(smb_buffer, server->total_read);
757
758 /*
759 * We know that we received enough to get to the MID as we
760 * checked the pdu_length earlier. Now check to see
761 * if the rest of the header is OK. We borrow the length
762 * var for the rest of the loop to avoid a new stack var.
763 *
764 * 48 bytes is enough to display the header and a little bit
765 * into the payload for debugging purposes.
766 */
767 length = checkSMB(smb_buffer, smb_buffer->Mid, server->total_read);
768 if (length != 0)
769 cifs_dump_mem("Bad SMB: ", buf,
770 min_t(unsigned int, server->total_read, 48));
771
ff4fa4a2
JL		 772 if (!mid)
773 return length;
e9097ab4 774
ff4fa4a2
JL		 775 handle_mid(mid, server, smb_buffer, length);
776 return 0;
e9097ab4
JL		 777}
778
1da177e4 779static int
7c97c200 780cifs_demultiplex_thread(void *p)
1da177e4
LT		 781{
782 int length;
7c97c200 783 struct TCP_Server_Info *server = p;
2a37ef94
JL		 784 unsigned int pdu_length;
785 char *buf = NULL;
1da177e4 786 struct smb_hdr *smb_buffer = NULL;
1da177e4
LT		 787 struct task_struct *task_to_wake = NULL;
788 struct mid_q_entry *mid_entry;
1da177e4 789
1da177e4 790 current->flags |= PF_MEMALLOC;
b6b38f70 791 cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
93d0ec85
JL		 792
793 length = atomic_inc_return(&tcpSesAllocCount);
794 if (length > 1)
26f57364
SF		 795 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
796 GFP_KERNEL);
1da177e4 797
83144186 798 set_freezable();
469ee614 799 while (server->tcpStatus != CifsExiting) {
ede1327e
SF		 800 if (try_to_freeze())
801 continue;
b8643e1b 802
2a37ef94 803 if (!allocate_buffers(server))
3d9c2472 804 continue;
b8643e1b 805
2a37ef94
JL		 806 server->large_buf = false;
807 smb_buffer = (struct smb_hdr *)server->smallbuf;
808 buf = server->smallbuf;
f01d5e14 809 pdu_length = 4; /* enough to get RFC1001 header */
fda35943 810
e28bc5b1 811 length = cifs_read_from_socket(server, buf, pdu_length);
a52c1eb7 812 if (length < 0)
1da177e4 813 continue;
2a37ef94 814 server->total_read = length;
1da177e4 815
98bac62c
PS		 816 /*
817 * The right amount was read from socket - 4 bytes,
818 * so we can now interpret the length field.
819 */
be8e3b00 820 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
70ca734a 821
fe11e4cc
JL		 822 cFYI(1, "RFC1002 header 0x%x", pdu_length);
823 if (!is_smb_response(server, buf[0]))
fb8c4b14 824 continue;
e4eb295d 825
89482a56
JL		 826 /* make sure we have enough to get to the MID */
827 if (pdu_length < sizeof(struct smb_hdr) - 1 - 4) {
828 cERROR(1, "SMB response too short (%u bytes)",
829 pdu_length);
830 cifs_reconnect(server);
831 wake_up(&server->response_q);
832 continue;
e4eb295d 833 }
e7015fb1 834
89482a56 835 /* read down to the MID */
e28bc5b1
JL		 836 length = cifs_read_from_socket(server, buf + 4,
837 sizeof(struct smb_hdr) - 1 - 4);
89482a56 838 if (length < 0)
e4eb295d 839 continue;
2a37ef94 840 server->total_read += length;
1da177e4 841
c8054ebd 842 mid_entry = find_mid(server, smb_buffer);
50c2f753 843
44d22d84
JL		 844 if (!mid_entry || !mid_entry->receive)
845 length = standard_receive3(server, mid_entry);
846 else
847 length = mid_entry->receive(server, mid_entry);
71823baf 848
e9097ab4 849 if (length < 0)
fe11e4cc 850 continue;
1da177e4 851
e9097ab4 852 if (server->large_buf) {
2a37ef94 853 buf = server->bigbuf;
e9097ab4 854 smb_buffer = (struct smb_hdr *)buf;
e4eb295d 855 }
fda35943 856
fda35943 857 server->lstrp = jiffies;
2b84a36c 858 if (mid_entry != NULL) {
2a37ef94
JL		 859 if (!mid_entry->multiRsp || mid_entry->multiEnd)
860 mid_entry->callback(mid_entry);
ffc00e27 861 } else if (!is_valid_oplock_break(smb_buffer, server)) {
b6b38f70 862 cERROR(1, "No task to wake, unknown frame received! "
8097531a 863 "NumMids %d", atomic_read(&midCount));
3d9c2472 864 cifs_dump_mem("Received Data is: ", buf,
70ca734a 865 sizeof(struct smb_hdr));
3979877e
SF		 866#ifdef CONFIG_CIFS_DEBUG2
867 cifs_dump_detail(smb_buffer);
868 cifs_dump_mids(server);
869#endif /* CIFS_DEBUG2 */
50c2f753 870
e4eb295d
SF		 871 }
872 } /* end while !EXITING */
873
fd62cb7e 874 /* buffer usually freed in free_mid - need to free it here on exit */
2a37ef94
JL		 875 cifs_buf_release(server->bigbuf);
876 if (server->smallbuf) /* no sense logging a debug message if NULL */
877 cifs_small_buf_release(server->smallbuf);
1da177e4 878
b1c8d2b4 879 task_to_wake = xchg(&server->tsk, NULL);
762dfd10 880 clean_demultiplex_info(server);
50c2f753 881
b1c8d2b4
JL		 882 /* if server->tsk was NULL then wait for a signal before exiting */
883 if (!task_to_wake) {
884 set_current_state(TASK_INTERRUPTIBLE);
885 while (!signal_pending(current)) {
886 schedule();
887 set_current_state(TASK_INTERRUPTIBLE);
888 }
889 set_current_state(TASK_RUNNING);
890 }
891
0468a2cf 892 module_put_and_exit(0);
1da177e4
LT		 893}
894
c359cf3c
JL		 895/* extract the host portion of the UNC string */
896static char *
897extract_hostname(const char *unc)
898{
899 const char *src;
900 char *dst, *delim;
901 unsigned int len;
902
903 /* skip double chars at beginning of string */
904 /* BB: check validity of these bytes? */
905 src = unc + 2;
906
907 /* delimiter between hostname and sharename is always '\\' now */
908 delim = strchr(src, '\\');
909 if (!delim)
910 return ERR_PTR(-EINVAL);
911
912 len = delim - src;
913 dst = kmalloc((len + 1), GFP_KERNEL);
914 if (dst == NULL)
915 return ERR_PTR(-ENOMEM);
916
917 memcpy(dst, src, len);
918 dst[len] = '\0';
919
920 return dst;
921}
922
1da177e4 923static int
b946845a 924cifs_parse_mount_options(const char *mountdata, const char *devname,
50c2f753 925 struct smb_vol *vol)
1da177e4 926{
4906e50b 927 char *value, *data, *end;
957df453 928 char *mountdata_copy = NULL, *options;
3d3ea8e6 929 int err;
1da177e4
LT		 930 unsigned int temp_len, i, j;
931 char separator[2];
9b9d6b24
JL		 932 short int override_uid = -1;
933 short int override_gid = -1;
934 bool uid_specified = false;
935 bool gid_specified = false;
88463999 936 char *nodename = utsname()->nodename;
1da177e4
LT		 937
938 separator[0] = ',';
50c2f753 939 separator[1] = 0;
1da177e4 940
88463999
JL		 941 /*
942 * does not have to be perfect mapping since field is
943 * informational, only used for servers that do not support
944 * port 445 and it can be overridden at mount time
945 */
1397f2ee
JL		 946 memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
947 for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
88463999
JL		 948 vol->source_rfc1001_name[i] = toupper(nodename[i]);
949
1397f2ee 950 vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
a10faeb2
SF		 951 /* null target name indicates to use *SMBSERVR default called name
952 if we end up sending RFC1001 session initialize */
953 vol->target_rfc1001_name[0] = 0;
3e4b3e1f
JL		 954 vol->cred_uid = current_uid();
955 vol->linux_uid = current_uid();
a001e5b5 956 vol->linux_gid = current_gid();
f55ed1a8
JL		 957
958 /* default to only allowing write access to owner of the mount */
959 vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1da177e4
LT		 960
961 /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
ac67055e
JA		 962 /* default is always to request posix paths. */
963 vol->posix_paths = 1;
a0c9217f
JL		 964 /* default to using server inode numbers where available */
965 vol->server_ino = 1;
ac67055e 966
6d20e840
SJ		 967 vol->actimeo = CIFS_DEF_ACTIMEO;
968
b946845a
SF		 969 if (!mountdata)
970 goto cifs_parse_mount_err;
971
972 mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
973 if (!mountdata_copy)
974 goto cifs_parse_mount_err;
1da177e4 975
b946845a 976 options = mountdata_copy;
4906e50b 977 end = options + strlen(options);
50c2f753 978 if (strncmp(options, "sep=", 4) == 0) {
fb8c4b14 979 if (options[4] != 0) {
1da177e4
LT		 980 separator[0] = options[4];
981 options += 5;
982 } else {
b6b38f70 983 cFYI(1, "Null separator not allowed");
1da177e4
LT		 984 }
985 }
3d3ea8e6
SP		 986 vol->backupuid_specified = false; /* no backup intent for a user */
987 vol->backupgid_specified = false; /* no backup intent for a group */
50c2f753 988
1da177e4
LT		 989 while ((data = strsep(&options, separator)) != NULL) {
990 if (!*data)
991 continue;
992 if ((value = strchr(data, '=')) != NULL)
993 *value++ = '\0';
994
50c2f753
SF		 995 /* Have to parse this before we parse for "user" */
996 if (strnicmp(data, "user_xattr", 10) == 0) {
1da177e4 997 vol->no_xattr = 0;
50c2f753 998 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
1da177e4
LT		 999 vol->no_xattr = 1;
1000 } else if (strnicmp(data, "user", 4) == 0) {
4b952a9b 1001 if (!value) {
1da177e4
LT		 1002 printk(KERN_WARNING
1003 "CIFS: invalid or missing username\n");
b946845a 1004 goto cifs_parse_mount_err;
fb8c4b14 1005 } else if (!*value) {
4b952a9b
SF		 1006 /* null user, ie anonymous, authentication */
1007 vol->nullauth = 1;
1da177e4 1008 }
8727c8a8
SF		 1009 if (strnlen(value, MAX_USERNAME_SIZE) <
1010 MAX_USERNAME_SIZE) {
b946845a
SF		 1011 vol->username = kstrdup(value, GFP_KERNEL);
1012 if (!vol->username) {
1013 printk(KERN_WARNING "CIFS: no memory "
1014 "for username\n");
1015 goto cifs_parse_mount_err;
1016 }
1da177e4
LT		 1017 } else {
1018 printk(KERN_WARNING "CIFS: username too long\n");
b946845a 1019 goto cifs_parse_mount_err;
1da177e4
LT		 1020 }
1021 } else if (strnicmp(data, "pass", 4) == 0) {
1022 if (!value) {
1023 vol->password = NULL;
1024 continue;
fb8c4b14 1025 } else if (value[0] == 0) {
1da177e4
LT		 1026 /* check if string begins with double comma
1027 since that would mean the password really
1028 does start with a comma, and would not
1029 indicate an empty string */
fb8c4b14 1030 if (value[1] != separator[0]) {
1da177e4
LT		 1031 vol->password = NULL;
1032 continue;
1033 }
1034 }
1035 temp_len = strlen(value);
1036 /* removed password length check, NTLM passwords
1037 can be arbitrarily long */
1038
50c2f753 1039 /* if comma in password, the string will be
1da177e4
LT		 1040 prematurely null terminated. Commas in password are
1041 specified across the cifs mount interface by a double
1042 comma ie ,, and a comma used as in other cases ie ','
1043 as a parameter delimiter/separator is single and due
1044 to the strsep above is temporarily zeroed. */
1045
1046 /* NB: password legally can have multiple commas and
1047 the only illegal character in a password is null */
1048
50c2f753 1049 if ((value[temp_len] == 0) &&
4906e50b 1050 (value + temp_len < end) &&
09d1db5c 1051 (value[temp_len+1] == separator[0])) {
1da177e4
LT		 1052 /* reinsert comma */
1053 value[temp_len] = separator[0];
50c2f753
SF		 1054 temp_len += 2; /* move after second comma */
1055 while (value[temp_len] != 0) {
1da177e4 1056 if (value[temp_len] == separator[0]) {
50c2f753 1057 if (value[temp_len+1] ==
09d1db5c
SF		 1058 separator[0]) {
1059 /* skip second comma */
1060 temp_len++;
50c2f753 1061 } else {
1da177e4
LT		 1062 /* single comma indicating start
1063 of next parm */
1064 break;
1065 }
1066 }
1067 temp_len++;
1068 }
fb8c4b14 1069 if (value[temp_len] == 0) {
1da177e4
LT		 1070 options = NULL;
1071 } else {
1072 value[temp_len] = 0;
1073 /* point option to start of next parm */
1074 options = value + temp_len + 1;
1075 }
50c2f753 1076 /* go from value to value + temp_len condensing
1da177e4
LT		 1077 double commas to singles. Note that this ends up
1078 allocating a few bytes too many, which is ok */
e915fc49 1079 vol->password = kzalloc(temp_len, GFP_KERNEL);
fb8c4b14 1080 if (vol->password == NULL) {
50c2f753
SF		 1081 printk(KERN_WARNING "CIFS: no memory "
1082 "for password\n");
b946845a 1083 goto cifs_parse_mount_err;
433dc24f 1084 }
50c2f753 1085 for (i = 0, j = 0; i < temp_len; i++, j++) {
1da177e4 1086 vol->password[j] = value[i];
fb8c4b14 1087 if (value[i] == separator[0]
09d1db5c 1088 && value[i+1] == separator[0]) {
1da177e4
LT		 1089 /* skip second comma */
1090 i++;
1091 }
1092 }
1093 vol->password[j] = 0;
1094 } else {
e915fc49 1095 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
fb8c4b14 1096 if (vol->password == NULL) {
50c2f753
SF		 1097 printk(KERN_WARNING "CIFS: no memory "
1098 "for password\n");
b946845a 1099 goto cifs_parse_mount_err;
433dc24f 1100 }
1da177e4
LT		 1101 strcpy(vol->password, value);
1102 }
58f7f68f
JL		 1103 } else if (!strnicmp(data, "ip", 2) ||
1104 !strnicmp(data, "addr", 4)) {
1da177e4
LT		 1105 if (!value || !*value) {
1106 vol->UNCip = NULL;
50b64e3b
JL		 1107 } else if (strnlen(value, INET6_ADDRSTRLEN) <
1108 INET6_ADDRSTRLEN) {
b946845a
SF		 1109 vol->UNCip = kstrdup(value, GFP_KERNEL);
1110 if (!vol->UNCip) {
1111 printk(KERN_WARNING "CIFS: no memory "
1112 "for UNC IP\n");
1113 goto cifs_parse_mount_err;
1114 }
1da177e4 1115 } else {
50c2f753
SF		 1116 printk(KERN_WARNING "CIFS: ip address "
1117 "too long\n");
b946845a 1118 goto cifs_parse_mount_err;
1da177e4 1119 }
50c2f753
SF		 1120 } else if (strnicmp(data, "sec", 3) == 0) {
1121 if (!value || !*value) {
b6b38f70 1122 cERROR(1, "no security value specified");
50c2f753
SF		 1123 continue;
1124 } else if (strnicmp(value, "krb5i", 5) == 0) {
1125 vol->secFlg |= CIFSSEC_MAY_KRB5 |
189acaae 1126 CIFSSEC_MUST_SIGN;
bf820679 1127 } else if (strnicmp(value, "krb5p", 5) == 0) {
50c2f753
SF		 1128 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
1129 CIFSSEC_MAY_KRB5; */
b6b38f70 1130 cERROR(1, "Krb5 cifs privacy not supported");
b946845a 1131 goto cifs_parse_mount_err;
bf820679 1132 } else if (strnicmp(value, "krb5", 4) == 0) {
750d1151 1133 vol->secFlg |= CIFSSEC_MAY_KRB5;
ac683924
SF		 1134 } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
1135 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
1136 CIFSSEC_MUST_SIGN;
1137 } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1138 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
bf820679 1139 } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
750d1151 1140 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
189acaae 1141 CIFSSEC_MUST_SIGN;
bf820679 1142 } else if (strnicmp(value, "ntlmv2", 6) == 0) {
750d1151 1143 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
bf820679 1144 } else if (strnicmp(value, "ntlmi", 5) == 0) {
750d1151 1145 vol->secFlg |= CIFSSEC_MAY_NTLM |
189acaae 1146 CIFSSEC_MUST_SIGN;
bf820679
SF		 1147 } else if (strnicmp(value, "ntlm", 4) == 0) {
1148 /* ntlm is default so can be turned off too */
750d1151 1149 vol->secFlg |= CIFSSEC_MAY_NTLM;
bf820679 1150 } else if (strnicmp(value, "nontlm", 6) == 0) {
189acaae 1151 /* BB is there a better way to do this? */
750d1151 1152 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
189acaae
SF		 1153#ifdef CONFIG_CIFS_WEAK_PW_HASH
1154 } else if (strnicmp(value, "lanman", 6) == 0) {
50c2f753 1155 vol->secFlg |= CIFSSEC_MAY_LANMAN;
189acaae 1156#endif
bf820679 1157 } else if (strnicmp(value, "none", 4) == 0) {
189acaae 1158 vol->nullauth = 1;
50c2f753 1159 } else {
b6b38f70 1160 cERROR(1, "bad security option: %s", value);
b946845a 1161 goto cifs_parse_mount_err;
50c2f753 1162 }
1cb06d0b
SF		 1163 } else if (strnicmp(data, "vers", 3) == 0) {
1164 if (!value || !*value) {
1165 cERROR(1, "no protocol version specified"
1166 " after vers= mount option");
1167 } else if ((strnicmp(value, "cifs", 4) == 0) ||
1168 (strnicmp(value, "1", 1) == 0)) {
1169 /* this is the default */
1170 continue;
1cb06d0b 1171 }
1da177e4
LT		 1172 } else if ((strnicmp(data, "unc", 3) == 0)
1173 || (strnicmp(data, "target", 6) == 0)
1174 || (strnicmp(data, "path", 4) == 0)) {
1175 if (!value || !*value) {
50c2f753
SF		 1176 printk(KERN_WARNING "CIFS: invalid path to "
1177 "network resource\n");
b946845a 1178 goto cifs_parse_mount_err;
1da177e4
LT		 1179 }
1180 if ((temp_len = strnlen(value, 300)) < 300) {
50c2f753 1181 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
4523cc30 1182 if (vol->UNC == NULL)
b946845a 1183 goto cifs_parse_mount_err;
50c2f753 1184 strcpy(vol->UNC, value);
1da177e4
LT		 1185 if (strncmp(vol->UNC, "//", 2) == 0) {
1186 vol->UNC[0] = '\\';
1187 vol->UNC[1] = '\\';
50c2f753 1188 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1da177e4 1189 printk(KERN_WARNING
50c2f753
SF		 1190 "CIFS: UNC Path does not begin "
1191 "with // or \\\\ \n");
b946845a 1192 goto cifs_parse_mount_err;
1da177e4
LT		 1193 }
1194 } else {
1195 printk(KERN_WARNING "CIFS: UNC name too long\n");
b946845a 1196 goto cifs_parse_mount_err;
1da177e4
LT		 1197 }
1198 } else if ((strnicmp(data, "domain", 3) == 0)
1199 || (strnicmp(data, "workgroup", 5) == 0)) {
1200 if (!value || !*value) {
1201 printk(KERN_WARNING "CIFS: invalid domain name\n");
b946845a 1202 goto cifs_parse_mount_err;
1da177e4
LT		 1203 }
1204 /* BB are there cases in which a comma can be valid in
1205 a domain name and need special handling? */
3979877e 1206 if (strnlen(value, 256) < 256) {
b946845a
SF		 1207 vol->domainname = kstrdup(value, GFP_KERNEL);
1208 if (!vol->domainname) {
1209 printk(KERN_WARNING "CIFS: no memory "
1210 "for domainname\n");
1211 goto cifs_parse_mount_err;
1212 }
b6b38f70 1213 cFYI(1, "Domain name set");
1da177e4 1214 } else {
50c2f753
SF		 1215 printk(KERN_WARNING "CIFS: domain name too "
1216 "long\n");
b946845a 1217 goto cifs_parse_mount_err;
1da177e4 1218 }
3eb9a889
BG		 1219 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1220 vol->srcaddr.ss_family = AF_UNSPEC;
1221
1222 if (!value || !*value) {
1223 printk(KERN_WARNING "CIFS: srcaddr value"
1224 " not specified.\n");
b946845a 1225 goto cifs_parse_mount_err;
3eb9a889
BG		 1226 }
1227 i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1228 value, strlen(value));
b235f371 1229 if (i == 0) {
3eb9a889
BG		 1230 printk(KERN_WARNING "CIFS: Could not parse"
1231 " srcaddr: %s\n",
1232 value);
b946845a 1233 goto cifs_parse_mount_err;
3eb9a889 1234 }
50c2f753
SF		 1235 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1236 if (!value || !*value) {
1237 printk(KERN_WARNING
1238 "CIFS: invalid path prefix\n");
b946845a 1239 goto cifs_parse_mount_err;
50c2f753
SF		 1240 }
1241 if ((temp_len = strnlen(value, 1024)) < 1024) {
4523cc30 1242 if (value[0] != '/')
2fe87f02 1243 temp_len++; /* missing leading slash */
50c2f753
SF		 1244 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1245 if (vol->prepath == NULL)
b946845a 1246 goto cifs_parse_mount_err;
4523cc30 1247 if (value[0] != '/') {
2fe87f02 1248 vol->prepath[0] = '/';
50c2f753 1249 strcpy(vol->prepath+1, value);
2fe87f02 1250 } else
50c2f753 1251 strcpy(vol->prepath, value);
b6b38f70 1252 cFYI(1, "prefix path %s", vol->prepath);
50c2f753
SF		 1253 } else {
1254 printk(KERN_WARNING "CIFS: prefix too long\n");
b946845a 1255 goto cifs_parse_mount_err;
50c2f753 1256 }
1da177e4
LT		 1257 } else if (strnicmp(data, "iocharset", 9) == 0) {
1258 if (!value || !*value) {
63135e08
SF		 1259 printk(KERN_WARNING "CIFS: invalid iocharset "
1260 "specified\n");
b946845a 1261 goto cifs_parse_mount_err;
1da177e4
LT		 1262 }
1263 if (strnlen(value, 65) < 65) {
b946845a
SF		 1264 if (strnicmp(value, "default", 7)) {
1265 vol->iocharset = kstrdup(value,
1266 GFP_KERNEL);
1267
1268 if (!vol->iocharset) {
1269 printk(KERN_WARNING "CIFS: no "
1270 "memory for"
1271 "charset\n");
1272 goto cifs_parse_mount_err;
1273 }
1274 }
50c2f753
SF		 1275 /* if iocharset not set then load_nls_default
1276 is used by caller */
b6b38f70 1277 cFYI(1, "iocharset set to %s", value);
1da177e4 1278 } else {
63135e08
SF		 1279 printk(KERN_WARNING "CIFS: iocharset name "
1280 "too long.\n");
b946845a 1281 goto cifs_parse_mount_err;
1da177e4 1282 }
9b9d6b24
JL		 1283 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1284 vol->linux_uid = simple_strtoul(value, &value, 0);
1285 uid_specified = true;
bd763319
JL		 1286 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1287 vol->cred_uid = simple_strtoul(value, &value, 0);
9b9d6b24
JL		 1288 } else if (!strnicmp(data, "forceuid", 8)) {
1289 override_uid = 1;
1290 } else if (!strnicmp(data, "noforceuid", 10)) {
1291 override_uid = 0;
1292 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1293 vol->linux_gid = simple_strtoul(value, &value, 0);
1294 gid_specified = true;
1295 } else if (!strnicmp(data, "forcegid", 8)) {
1296 override_gid = 1;
1297 } else if (!strnicmp(data, "noforcegid", 10)) {
1298 override_gid = 0;
1da177e4
LT		 1299 } else if (strnicmp(data, "file_mode", 4) == 0) {
1300 if (value && *value) {
1301 vol->file_mode =
1302 simple_strtoul(value, &value, 0);
1303 }
1304 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1305 if (value && *value) {
1306 vol->dir_mode =
1307 simple_strtoul(value, &value, 0);
1308 }
1309 } else if (strnicmp(data, "dirmode", 4) == 0) {
1310 if (value && *value) {
1311 vol->dir_mode =
1312 simple_strtoul(value, &value, 0);
1313 }
1314 } else if (strnicmp(data, "port", 4) == 0) {
1315 if (value && *value) {
1316 vol->port =
1317 simple_strtoul(value, &value, 0);
1318 }
1319 } else if (strnicmp(data, "rsize", 5) == 0) {
1320 if (value && *value) {
1321 vol->rsize =
1322 simple_strtoul(value, &value, 0);
1323 }
1324 } else if (strnicmp(data, "wsize", 5) == 0) {
1325 if (value && *value) {
1326 vol->wsize =
1327 simple_strtoul(value, &value, 0);
1328 }
1329 } else if (strnicmp(data, "sockopt", 5) == 0) {
6a5fa236 1330 if (!value || !*value) {
b6b38f70 1331 cERROR(1, "no socket option specified");
6a5fa236
SF		 1332 continue;
1333 } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1334 vol->sockopt_tcp_nodelay = 1;
1da177e4
LT		 1335 }
1336 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1337 if (!value || !*value || (*value == ' ')) {
b6b38f70 1338 cFYI(1, "invalid (empty) netbiosname");
1da177e4 1339 } else {
1397f2ee
JL		 1340 memset(vol->source_rfc1001_name, 0x20,
1341 RFC1001_NAME_LEN);
1342 /*
1343 * FIXME: are there cases in which a comma can
1344 * be valid in workstation netbios name (and
1345 * need special handling)?
1346 */
1347 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1348 /* don't ucase netbiosname for user */
50c2f753 1349 if (value[i] == 0)
1da177e4 1350 break;
1397f2ee 1351 vol->source_rfc1001_name[i] = value[i];
1da177e4
LT		 1352 }
1353 /* The string has 16th byte zero still from
1354 set at top of the function */
1397f2ee 1355 if (i == RFC1001_NAME_LEN && value[i] != 0)
50c2f753
SF		 1356 printk(KERN_WARNING "CIFS: netbiosname"
1357 " longer than 15 truncated.\n");
a10faeb2
SF		 1358 }
1359 } else if (strnicmp(data, "servern", 7) == 0) {
1360 /* servernetbiosname specified override *SMBSERVER */
1361 if (!value || !*value || (*value == ' ')) {
b6b38f70 1362 cFYI(1, "empty server netbiosname specified");
a10faeb2
SF		 1363 } else {
1364 /* last byte, type, is 0x20 for servr type */
1397f2ee
JL		 1365 memset(vol->target_rfc1001_name, 0x20,
1366 RFC1001_NAME_LEN_WITH_NULL);
a10faeb2 1367
50c2f753 1368 for (i = 0; i < 15; i++) {
a10faeb2 1369 /* BB are there cases in which a comma can be
50c2f753
SF		 1370 valid in this workstation netbios name
1371 (and need special handling)? */
a10faeb2 1372
50c2f753
SF		 1373 /* user or mount helper must uppercase
1374 the netbiosname */
1375 if (value[i] == 0)
a10faeb2
SF		 1376 break;
1377 else
50c2f753
SF		 1378 vol->target_rfc1001_name[i] =
1379 value[i];
a10faeb2
SF		 1380 }
1381 /* The string has 16th byte zero still from
1382 set at top of the function */
1397f2ee 1383 if (i == RFC1001_NAME_LEN && value[i] != 0)
50c2f753
SF		 1384 printk(KERN_WARNING "CIFS: server net"
1385 "biosname longer than 15 truncated.\n");
1da177e4 1386 }
6d20e840
SJ		 1387 } else if (strnicmp(data, "actimeo", 7) == 0) {
1388 if (value && *value) {
1389 vol->actimeo = HZ * simple_strtoul(value,
1390 &value, 0);
1391 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1392 cERROR(1, "CIFS: attribute cache"
1393 "timeout too large");
b946845a 1394 goto cifs_parse_mount_err;
6d20e840
SJ		 1395 }
1396 }
1da177e4
LT		 1397 } else if (strnicmp(data, "credentials", 4) == 0) {
1398 /* ignore */
1399 } else if (strnicmp(data, "version", 3) == 0) {
1400 /* ignore */
50c2f753 1401 } else if (strnicmp(data, "guest", 5) == 0) {
1da177e4 1402 /* ignore */
c9c7fa00 1403 } else if (strnicmp(data, "rw", 2) == 0 && strlen(data) == 2) {
71a394fa
SF		 1404 /* ignore */
1405 } else if (strnicmp(data, "ro", 2) == 0) {
1406 /* ignore */
edf1ae40
SF		 1407 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1408 vol->noblocksnd = 1;
1409 } else if (strnicmp(data, "noautotune", 10) == 0) {
1410 vol->noautotune = 1;
1da177e4
LT		 1411 } else if ((strnicmp(data, "suid", 4) == 0) ||
1412 (strnicmp(data, "nosuid", 6) == 0) ||
1413 (strnicmp(data, "exec", 4) == 0) ||
1414 (strnicmp(data, "noexec", 6) == 0) ||
1415 (strnicmp(data, "nodev", 5) == 0) ||
1416 (strnicmp(data, "noauto", 6) == 0) ||
1417 (strnicmp(data, "dev", 3) == 0)) {
1418 /* The mount tool or mount.cifs helper (if present)
50c2f753
SF		 1419 uses these opts to set flags, and the flags are read
1420 by the kernel vfs layer before we get here (ie
1421 before read super) so there is no point trying to
1422 parse these options again and set anything and it
1423 is ok to just ignore them */
1da177e4 1424 continue;
1da177e4
LT		 1425 } else if (strnicmp(data, "hard", 4) == 0) {
1426 vol->retry = 1;
1427 } else if (strnicmp(data, "soft", 4) == 0) {
1428 vol->retry = 0;
1429 } else if (strnicmp(data, "perm", 4) == 0) {
1430 vol->noperm = 0;
1431 } else if (strnicmp(data, "noperm", 6) == 0) {
1432 vol->noperm = 1;
6a0b4824
SF		 1433 } else if (strnicmp(data, "mapchars", 8) == 0) {
1434 vol->remap = 1;
1435 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1436 vol->remap = 0;
50c2f753
SF		 1437 } else if (strnicmp(data, "sfu", 3) == 0) {
1438 vol->sfu_emul = 1;
1439 } else if (strnicmp(data, "nosfu", 5) == 0) {
1440 vol->sfu_emul = 0;
2c1b8615
SF		 1441 } else if (strnicmp(data, "nodfs", 5) == 0) {
1442 vol->nodfs = 1;
ac67055e
JA		 1443 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1444 vol->posix_paths = 1;
1445 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1446 vol->posix_paths = 0;
c18c842b
SF		 1447 } else if (strnicmp(data, "nounix", 6) == 0) {
1448 vol->no_linux_ext = 1;
1449 } else if (strnicmp(data, "nolinux", 7) == 0) {
1450 vol->no_linux_ext = 1;
50c2f753 1451 } else if ((strnicmp(data, "nocase", 6) == 0) ||
a10faeb2 1452 (strnicmp(data, "ignorecase", 10) == 0)) {
50c2f753 1453 vol->nocase = 1;
f636a348
JL		 1454 } else if (strnicmp(data, "mand", 4) == 0) {
1455 /* ignore */
1456 } else if (strnicmp(data, "nomand", 6) == 0) {
1457 /* ignore */
1458 } else if (strnicmp(data, "_netdev", 7) == 0) {
1459 /* ignore */
c46fa8ac
SF		 1460 } else if (strnicmp(data, "brl", 3) == 0) {
1461 vol->nobrl = 0;
50c2f753 1462 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1c955187 1463 (strnicmp(data, "nolock", 6) == 0)) {
c46fa8ac 1464 vol->nobrl = 1;
d3485d37
SF		 1465 /* turn off mandatory locking in mode
1466 if remote locking is turned off since the
1467 local vfs will do advisory */
50c2f753
SF		 1468 if (vol->file_mode ==
1469 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
d3485d37 1470 vol->file_mode = S_IALLUGO;
13a6e42a
SF		 1471 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1472 /* will take the shorter form "forcemand" as well */
1473 /* This mount option will force use of mandatory
1474 (DOS/Windows style) byte range locks, instead of
1475 using posix advisory byte range locks, even if the
1476 Unix extensions are available and posix locks would
1477 be supported otherwise. If Unix extensions are not
1478 negotiated this has no effect since mandatory locks
1479 would be used (mandatory locks is all that those
1480 those servers support) */
1481 vol->mand_lock = 1;
1da177e4
LT		 1482 } else if (strnicmp(data, "setuids", 7) == 0) {
1483 vol->setuids = 1;
1484 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1485 vol->setuids = 0;
d0a9c078
JL		 1486 } else if (strnicmp(data, "dynperm", 7) == 0) {
1487 vol->dynperm = true;
1488 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1489 vol->dynperm = false;
1da177e4
LT		 1490 } else if (strnicmp(data, "nohard", 6) == 0) {
1491 vol->retry = 0;
1492 } else if (strnicmp(data, "nosoft", 6) == 0) {
1493 vol->retry = 1;
1494 } else if (strnicmp(data, "nointr", 6) == 0) {
1495 vol->intr = 0;
1496 } else if (strnicmp(data, "intr", 4) == 0) {
1497 vol->intr = 1;
be652445
SF		 1498 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1499 vol->nostrictsync = 1;
1500 } else if (strnicmp(data, "strictsync", 10) == 0) {
1501 vol->nostrictsync = 0;
50c2f753 1502 } else if (strnicmp(data, "serverino", 7) == 0) {
1da177e4 1503 vol->server_ino = 1;
50c2f753 1504 } else if (strnicmp(data, "noserverino", 9) == 0) {
1da177e4 1505 vol->server_ino = 0;
c9c7fa00 1506 } else if (strnicmp(data, "rwpidforward", 12) == 0) {
d4ffff1f 1507 vol->rwpidforward = 1;
50c2f753 1508 } else if (strnicmp(data, "cifsacl", 7) == 0) {
0a4b92c0
SF		 1509 vol->cifs_acl = 1;
1510 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1511 vol->cifs_acl = 0;
50c2f753 1512 } else if (strnicmp(data, "acl", 3) == 0) {
1da177e4 1513 vol->no_psx_acl = 0;
50c2f753 1514 } else if (strnicmp(data, "noacl", 5) == 0) {
1da177e4 1515 vol->no_psx_acl = 1;
84210e91
SF		 1516 } else if (strnicmp(data, "locallease", 6) == 0) {
1517 vol->local_lease = 1;
50c2f753 1518 } else if (strnicmp(data, "sign", 4) == 0) {
750d1151 1519 vol->secFlg |= CIFSSEC_MUST_SIGN;
95b1cb90
SF		 1520 } else if (strnicmp(data, "seal", 4) == 0) {
1521 /* we do not do the following in secFlags because seal
1522 is a per tree connection (mount) not a per socket
1523 or per-smb connection option in the protocol */
1524 /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1525 vol->seal = 1;
50c2f753 1526 } else if (strnicmp(data, "direct", 6) == 0) {
1da177e4 1527 vol->direct_io = 1;
50c2f753 1528 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1da177e4 1529 vol->direct_io = 1;
d39454ff
PS		 1530 } else if (strnicmp(data, "strictcache", 11) == 0) {
1531 vol->strict_io = 1;
1da177e4 1532 } else if (strnicmp(data, "noac", 4) == 0) {
50c2f753
SF		 1533 printk(KERN_WARNING "CIFS: Mount option noac not "
1534 "supported. Instead set "
1535 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
fa1df75d 1536 } else if (strnicmp(data, "fsc", 3) == 0) {
607a569d 1537#ifndef CONFIG_CIFS_FSCACHE
83fb086e 1538 cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
607a569d 1539 "kernel config option set");
b946845a 1540 goto cifs_parse_mount_err;
607a569d 1541#endif
fa1df75d 1542 vol->fsc = true;
736a3320
SM		 1543 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1544 vol->mfsymlinks = true;
0eb8a132
JL		 1545 } else if (strnicmp(data, "multiuser", 8) == 0) {
1546 vol->multiuser = true;
3d3ea8e6
SP		 1547 } else if (!strnicmp(data, "backupuid", 9) && value && *value) {
1548 err = kstrtouint(value, 0, &vol->backupuid);
1549 if (err < 0) {
1550 cERROR(1, "%s: Invalid backupuid value",
1551 __func__);
1552 goto cifs_parse_mount_err;
1553 }
1554 vol->backupuid_specified = true;
1555 } else if (!strnicmp(data, "backupgid", 9) && value && *value) {
1556 err = kstrtouint(value, 0, &vol->backupgid);
1557 if (err < 0) {
1558 cERROR(1, "%s: Invalid backupgid value",
1559 __func__);
1560 goto cifs_parse_mount_err;
1561 }
1562 vol->backupgid_specified = true;
1da177e4 1563 } else
50c2f753
SF		 1564 printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1565 data);
1da177e4
LT		 1566 }
1567 if (vol->UNC == NULL) {
4523cc30 1568 if (devname == NULL) {
50c2f753
SF		 1569 printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1570 "target\n");
b946845a 1571 goto cifs_parse_mount_err;
1da177e4
LT		 1572 }
1573 if ((temp_len = strnlen(devname, 300)) < 300) {
50c2f753 1574 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
4523cc30 1575 if (vol->UNC == NULL)
b946845a 1576 goto cifs_parse_mount_err;
50c2f753 1577 strcpy(vol->UNC, devname);
1da177e4
LT		 1578 if (strncmp(vol->UNC, "//", 2) == 0) {
1579 vol->UNC[0] = '\\';
1580 vol->UNC[1] = '\\';
1581 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
50c2f753
SF		 1582 printk(KERN_WARNING "CIFS: UNC Path does not "
1583 "begin with // or \\\\ \n");
b946845a 1584 goto cifs_parse_mount_err;
1da177e4 1585 }
7c5e628f
IM		 1586 value = strpbrk(vol->UNC+2, "/\\");
1587 if (value)
1588 *value = '\\';
1da177e4
LT		 1589 } else {
1590 printk(KERN_WARNING "CIFS: UNC name too long\n");
b946845a 1591 goto cifs_parse_mount_err;
1da177e4
LT		 1592 }
1593 }
0eb8a132 1594
8a8798a5
JL		 1595#ifndef CONFIG_KEYS
1596 /* Muliuser mounts require CONFIG_KEYS support */
1597 if (vol->multiuser) {
1598 cERROR(1, "Multiuser mounts require kernels with "
1599 "CONFIG_KEYS enabled.");
b946845a 1600 goto cifs_parse_mount_err;
0eb8a132 1601 }
8a8798a5 1602#endif
0eb8a132 1603
fb8c4b14 1604 if (vol->UNCip == NULL)
1da177e4
LT		 1605 vol->UNCip = &vol->UNC[2];
1606
9b9d6b24
JL		 1607 if (uid_specified)
1608 vol->override_uid = override_uid;
1609 else if (override_uid == 1)
1610 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1611 "specified with no uid= option.\n");
1612
1613 if (gid_specified)
1614 vol->override_gid = override_gid;
1615 else if (override_gid == 1)
1616 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1617 "specified with no gid= option.\n");
1618
b946845a 1619 kfree(mountdata_copy);
1da177e4 1620 return 0;
b946845a
SF		 1621
1622cifs_parse_mount_err:
1623 kfree(mountdata_copy);
1624 return 1;
1da177e4
LT		 1625}
1626
3eb9a889
BG		 1627/** Returns true if srcaddr isn't specified and rhs isn't
1628 * specified, or if srcaddr is specified and
1629 * matches the IP address of the rhs argument.
1630 */
1631static bool
1632srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1633{
1634 switch (srcaddr->sa_family) {
1635 case AF_UNSPEC:
1636 return (rhs->sa_family == AF_UNSPEC);
1637 case AF_INET: {
1638 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1639 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1640 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1641 }
1642 case AF_INET6: {
1643 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1644 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1645 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1646 }
1647 default:
1648 WARN_ON(1);
1649 return false; /* don't expect to be here */
1650 }
1651}
1652
4b886136
PS		 1653/*
1654 * If no port is specified in addr structure, we try to match with 445 port
1655 * and if it fails - with 139 ports. It should be called only if address
1656 * families of server and addr are equal.
1657 */
1658static bool
1659match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1660{
6da97910 1661 __be16 port, *sport;
4b886136
PS		 1662
1663 switch (addr->sa_family) {
1664 case AF_INET:
1665 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1666 port = ((struct sockaddr_in *) addr)->sin_port;
1667 break;
1668 case AF_INET6:
1669 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1670 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1671 break;
1672 default:
1673 WARN_ON(1);
1674 return false;
1675 }
1676
1677 if (!port) {
1678 port = htons(CIFS_PORT);
1679 if (port == *sport)
1680 return true;
1681
1682 port = htons(RFC1001_PORT);
1683 }
1684
1685 return port == *sport;
1686}
3eb9a889 1687
4515148e 1688static bool
3eb9a889
BG		 1689match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1690 struct sockaddr *srcaddr)
4515148e 1691{
4515148e 1692 switch (addr->sa_family) {
a9f1b85e
PS		 1693 case AF_INET: {
1694 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1695 struct sockaddr_in *srv_addr4 =
1696 (struct sockaddr_in *)&server->dstaddr;
1697
1698 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
4515148e 1699 return false;
4515148e 1700 break;
a9f1b85e
PS		 1701 }
1702 case AF_INET6: {
1703 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1704 struct sockaddr_in6 *srv_addr6 =
1705 (struct sockaddr_in6 *)&server->dstaddr;
1706
4515148e 1707 if (!ipv6_addr_equal(&addr6->sin6_addr,
a9f1b85e 1708 &srv_addr6->sin6_addr))
4515148e 1709 return false;
a9f1b85e 1710 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
4515148e 1711 return false;
4515148e
JL		 1712 break;
1713 }
a9f1b85e
PS		 1714 default:
1715 WARN_ON(1);
1716 return false; /* don't expect to be here */
1717 }
4515148e 1718
3eb9a889
BG		 1719 if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1720 return false;
1721
4515148e
JL		 1722 return true;
1723}
1724
daf5b0b6
JL		 1725static bool
1726match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1727{
1728 unsigned int secFlags;
1729
1730 if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1731 secFlags = vol->secFlg;
1732 else
1733 secFlags = global_secflags | vol->secFlg;
1734
1735 switch (server->secType) {
1736 case LANMAN:
1737 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1738 return false;
1739 break;
1740 case NTLMv2:
1741 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1742 return false;
1743 break;
1744 case NTLM:
1745 if (!(secFlags & CIFSSEC_MAY_NTLM))
1746 return false;
1747 break;
1748 case Kerberos:
1749 if (!(secFlags & CIFSSEC_MAY_KRB5))
1750 return false;
1751 break;
1752 case RawNTLMSSP:
1753 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1754 return false;
1755 break;
1756 default:
1757 /* shouldn't happen */
1758 return false;
1759 }
1760
25985edc 1761 /* now check if signing mode is acceptable */
daf5b0b6 1762 if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
96daf2b0 1763 (server->sec_mode & SECMODE_SIGN_REQUIRED))
daf5b0b6
JL		 1764 return false;
1765 else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
96daf2b0 1766 (server->sec_mode &
daf5b0b6
JL		 1767 (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1768 return false;
1769
1770 return true;
1771}
1772
37bb04e5
PS		 1773static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
1774 struct smb_vol *vol)
1775{
1776 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1777 return 0;
1778
1779 if (!match_address(server, addr,
1780 (struct sockaddr *)&vol->srcaddr))
1781 return 0;
1782
1783 if (!match_port(server, addr))
1784 return 0;
1785
1786 if (!match_security(server, vol))
1787 return 0;
1788
1789 return 1;
1790}
1791
e7ddee90 1792static struct TCP_Server_Info *
daf5b0b6 1793cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1da177e4 1794{
e7ddee90 1795 struct TCP_Server_Info *server;
e7ddee90 1796
3f9bcca7 1797 spin_lock(&cifs_tcp_ses_lock);
4515148e 1798 list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
37bb04e5 1799 if (!match_server(server, addr, vol))
daf5b0b6
JL		 1800 continue;
1801
e7ddee90 1802 ++server->srv_count;
3f9bcca7 1803 spin_unlock(&cifs_tcp_ses_lock);
b6b38f70 1804 cFYI(1, "Existing tcp session with server found");
e7ddee90 1805 return server;
1da177e4 1806 }
3f9bcca7 1807 spin_unlock(&cifs_tcp_ses_lock);
1da177e4
LT		 1808 return NULL;
1809}
1b20d672 1810
14fbf50d 1811static void
e7ddee90 1812cifs_put_tcp_session(struct TCP_Server_Info *server)
1da177e4 1813{
e7ddee90 1814 struct task_struct *task;
1b20d672 1815
3f9bcca7 1816 spin_lock(&cifs_tcp_ses_lock);
e7ddee90 1817 if (--server->srv_count > 0) {
3f9bcca7 1818 spin_unlock(&cifs_tcp_ses_lock);
e7ddee90 1819 return;
1da177e4 1820 }
1b20d672 1821
f1d0c998
RL		 1822 put_net(cifs_net_ns(server));
1823
e7ddee90 1824 list_del_init(&server->tcp_ses_list);
3f9bcca7 1825 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 1826
c74093b6
JL		 1827 cancel_delayed_work_sync(&server->echo);
1828
e7ddee90
JL		 1829 spin_lock(&GlobalMid_Lock);
1830 server->tcpStatus = CifsExiting;
1831 spin_unlock(&GlobalMid_Lock);
dea570e0 1832
d2b91521 1833 cifs_crypto_shash_release(server);
488f1d2d
SJ		 1834 cifs_fscache_release_client_cookie(server);
1835
21e73393
SP		 1836 kfree(server->session_key.response);
1837 server->session_key.response = NULL;
1838 server->session_key.len = 0;
1839
e7ddee90
JL		 1840 task = xchg(&server->tsk, NULL);
1841 if (task)
1842 force_sig(SIGKILL, task);
1da177e4
LT		 1843}
1844
63c038c2
JL		 1845static struct TCP_Server_Info *
1846cifs_get_tcp_session(struct smb_vol *volume_info)
1847{
1848 struct TCP_Server_Info *tcp_ses = NULL;
a9ac49d3 1849 struct sockaddr_storage addr;
63c038c2
JL		 1850 struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1851 struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1852 int rc;
1853
a9ac49d3 1854 memset(&addr, 0, sizeof(struct sockaddr_storage));
63c038c2 1855
b6b38f70 1856 cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
63c038c2 1857
1e68b2b2 1858 if (volume_info->UNCip && volume_info->UNC) {
50d97160
JL		 1859 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1860 volume_info->UNCip,
67b7626a 1861 strlen(volume_info->UNCip),
50d97160 1862 volume_info->port);
1e68b2b2 1863 if (!rc) {
63c038c2
JL		 1864 /* we failed translating address */
1865 rc = -EINVAL;
1866 goto out_err;
1867 }
63c038c2
JL		 1868 } else if (volume_info->UNCip) {
1869 /* BB using ip addr as tcp_ses name to connect to the
1870 DFS root below */
b6b38f70 1871 cERROR(1, "Connecting to DFS root not implemented yet");
63c038c2
JL		 1872 rc = -EINVAL;
1873 goto out_err;
1874 } else /* which tcp_sess DFS root would we conect to */ {
b6b38f70
JP		 1875 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1876 "unc=//192.168.1.100/public) specified");
63c038c2
JL		 1877 rc = -EINVAL;
1878 goto out_err;
1879 }
1880
1881 /* see if we already have a matching tcp_ses */
daf5b0b6 1882 tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
63c038c2
JL		 1883 if (tcp_ses)
1884 return tcp_ses;
1885
1886 tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1887 if (!tcp_ses) {
1888 rc = -ENOMEM;
1889 goto out_err;
1890 }
1891
d2b91521
SP		 1892 rc = cifs_crypto_shash_allocate(tcp_ses);
1893 if (rc) {
1894 cERROR(1, "could not setup hash structures rc %d", rc);
1895 goto out_err;
1896 }
1897
f1d0c998 1898 cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
63c038c2
JL		 1899 tcp_ses->hostname = extract_hostname(volume_info->UNC);
1900 if (IS_ERR(tcp_ses->hostname)) {
1901 rc = PTR_ERR(tcp_ses->hostname);
f7c5445a 1902 goto out_err_crypto_release;
63c038c2
JL		 1903 }
1904
1905 tcp_ses->noblocksnd = volume_info->noblocksnd;
1906 tcp_ses->noautotune = volume_info->noautotune;
6a5fa236 1907 tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
63c038c2 1908 atomic_set(&tcp_ses->inFlight, 0);
10b9b98e 1909 tcp_ses->maxReq = 1; /* enough to send negotiate request */
63c038c2
JL		 1910 init_waitqueue_head(&tcp_ses->response_q);
1911 init_waitqueue_head(&tcp_ses->request_q);
1912 INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1913 mutex_init(&tcp_ses->srv_mutex);
1914 memcpy(tcp_ses->workstation_RFC1001_name,
1915 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1916 memcpy(tcp_ses->server_RFC1001_name,
1917 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
5d0d2882 1918 tcp_ses->session_estab = false;
63c038c2 1919 tcp_ses->sequence_number = 0;
fda35943 1920 tcp_ses->lstrp = jiffies;
63c038c2
JL		 1921 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1922 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
c74093b6 1923 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
63c038c2
JL		 1924
1925 /*
1926 * at this point we are the only ones with the pointer
1927 * to the struct since the kernel thread not created yet
1928 * no need to spinlock this init of tcpStatus or srv_count
1929 */
1930 tcp_ses->tcpStatus = CifsNew;
3eb9a889
BG		 1931 memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1932 sizeof(tcp_ses->srcaddr));
63c038c2
JL		 1933 ++tcp_ses->srv_count;
1934
a9ac49d3 1935 if (addr.ss_family == AF_INET6) {
b6b38f70 1936 cFYI(1, "attempting ipv6 connect");
63c038c2
JL		 1937 /* BB should we allow ipv6 on port 139? */
1938 /* other OS never observed in Wild doing 139 with v6 */
a9f1b85e
PS		 1939 memcpy(&tcp_ses->dstaddr, sin_server6,
1940 sizeof(struct sockaddr_in6));
1941 } else
1942 memcpy(&tcp_ses->dstaddr, sin_server,
1943 sizeof(struct sockaddr_in));
1944
1945 rc = ip_connect(tcp_ses);
63c038c2 1946 if (rc < 0) {
b6b38f70 1947 cERROR(1, "Error connecting to socket. Aborting operation");
f7c5445a 1948 goto out_err_crypto_release;
63c038c2
JL		 1949 }
1950
1951 /*
1952 * since we're in a cifs function already, we know that
1953 * this will succeed. No need for try_module_get().
1954 */
1955 __module_get(THIS_MODULE);
7c97c200 1956 tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
63c038c2
JL		 1957 tcp_ses, "cifsd");
1958 if (IS_ERR(tcp_ses->tsk)) {
1959 rc = PTR_ERR(tcp_ses->tsk);
b6b38f70 1960 cERROR(1, "error %d create cifsd thread", rc);
63c038c2 1961 module_put(THIS_MODULE);
f7c5445a 1962 goto out_err_crypto_release;
63c038c2 1963 }
fd88ce93 1964 tcp_ses->tcpStatus = CifsNeedNegotiate;
63c038c2
JL		 1965
1966 /* thread spawned, put it on the list */
3f9bcca7 1967 spin_lock(&cifs_tcp_ses_lock);
63c038c2 1968 list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
3f9bcca7 1969 spin_unlock(&cifs_tcp_ses_lock);
63c038c2 1970
488f1d2d
SJ		 1971 cifs_fscache_get_client_cookie(tcp_ses);
1972
c74093b6
JL		 1973 /* queue echo request delayed work */
1974 queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1975
63c038c2
JL		 1976 return tcp_ses;
1977
f7c5445a 1978out_err_crypto_release:
d2b91521
SP		 1979 cifs_crypto_shash_release(tcp_ses);
1980
f1d0c998
RL		 1981 put_net(cifs_net_ns(tcp_ses));
1982
63c038c2
JL		 1983out_err:
1984 if (tcp_ses) {
8347a5cd
SF		 1985 if (!IS_ERR(tcp_ses->hostname))
1986 kfree(tcp_ses->hostname);
63c038c2
JL		 1987 if (tcp_ses->ssocket)
1988 sock_release(tcp_ses->ssocket);
1989 kfree(tcp_ses);
1990 }
1991 return ERR_PTR(rc);
1992}
1993
96daf2b0 1994static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
37bb04e5
PS		 1995{
1996 switch (ses->server->secType) {
1997 case Kerberos:
1998 if (vol->cred_uid != ses->cred_uid)
1999 return 0;
2000 break;
2001 default:
04febabc
JL		 2002 /* NULL username means anonymous session */
2003 if (ses->user_name == NULL) {
2004 if (!vol->nullauth)
2005 return 0;
2006 break;
2007 }
2008
37bb04e5 2009 /* anything else takes username/password */
04febabc
JL		 2010 if (strncmp(ses->user_name,
2011 vol->username ? vol->username : "",
37bb04e5
PS		 2012 MAX_USERNAME_SIZE))
2013 return 0;
2014 if (strlen(vol->username) != 0 &&
2015 ses->password != NULL &&
2016 strncmp(ses->password,
2017 vol->password ? vol->password : "",
2018 MAX_PASSWORD_SIZE))
2019 return 0;
2020 }
2021 return 1;
2022}
2023
96daf2b0 2024static struct cifs_ses *
4ff67b72 2025cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
1da177e4 2026{
96daf2b0 2027 struct cifs_ses *ses;
dea570e0 2028
3f9bcca7 2029 spin_lock(&cifs_tcp_ses_lock);
4ff67b72 2030 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
37bb04e5
PS		 2031 if (!match_session(ses, vol))
2032 continue;
14fbf50d 2033 ++ses->ses_count;
3f9bcca7 2034 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2035 return ses;
2036 }
3f9bcca7 2037 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2038 return NULL;
2039}
dea570e0 2040
14fbf50d 2041static void
96daf2b0 2042cifs_put_smb_ses(struct cifs_ses *ses)
14fbf50d
JL		 2043{
2044 int xid;
2045 struct TCP_Server_Info *server = ses->server;
dea570e0 2046
36988c76 2047 cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
3f9bcca7 2048 spin_lock(&cifs_tcp_ses_lock);
14fbf50d 2049 if (--ses->ses_count > 0) {
3f9bcca7 2050 spin_unlock(&cifs_tcp_ses_lock);
14fbf50d
JL		 2051 return;
2052 }
dea570e0 2053
14fbf50d 2054 list_del_init(&ses->smb_ses_list);
3f9bcca7 2055 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 2056
14fbf50d
JL		 2057 if (ses->status == CifsGood) {
2058 xid = GetXid();
2059 CIFSSMBLogoff(xid, ses);
2060 _FreeXid(xid);
2061 }
2062 sesInfoFree(ses);
2063 cifs_put_tcp_session(server);
2064}
dea570e0 2065
8a8798a5
JL		 2066#ifdef CONFIG_KEYS
2067
2068/* strlen("cifs:a:") + INET6_ADDRSTRLEN + 1 */
2069#define CIFSCREDS_DESC_SIZE (7 + INET6_ADDRSTRLEN + 1)
2070
2071/* Populate username and pw fields from keyring if possible */
2072static int
2073cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
2074{
2075 int rc = 0;
2076 char *desc, *delim, *payload;
2077 ssize_t len;
2078 struct key *key;
2079 struct TCP_Server_Info *server = ses->server;
2080 struct sockaddr_in *sa;
2081 struct sockaddr_in6 *sa6;
2082 struct user_key_payload *upayload;
2083
2084 desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
2085 if (!desc)
2086 return -ENOMEM;
2087
2088 /* try to find an address key first */
2089 switch (server->dstaddr.ss_family) {
2090 case AF_INET:
2091 sa = (struct sockaddr_in *)&server->dstaddr;
2092 sprintf(desc, "cifs:a:%pI4", &sa->sin_addr.s_addr);
2093 break;
2094 case AF_INET6:
2095 sa6 = (struct sockaddr_in6 *)&server->dstaddr;
2096 sprintf(desc, "cifs:a:%pI6c", &sa6->sin6_addr.s6_addr);
2097 break;
2098 default:
2099 cFYI(1, "Bad ss_family (%hu)", server->dstaddr.ss_family);
2100 rc = -EINVAL;
2101 goto out_err;
2102 }
2103
2104 cFYI(1, "%s: desc=%s", __func__, desc);
2105 key = request_key(&key_type_logon, desc, "");
2106 if (IS_ERR(key)) {
2107 if (!ses->domainName) {
2108 cFYI(1, "domainName is NULL");
2109 rc = PTR_ERR(key);
2110 goto out_err;
2111 }
2112
2113 /* didn't work, try to find a domain key */
2114 sprintf(desc, "cifs:d:%s", ses->domainName);
2115 cFYI(1, "%s: desc=%s", __func__, desc);
2116 key = request_key(&key_type_logon, desc, "");
2117 if (IS_ERR(key)) {
2118 rc = PTR_ERR(key);
2119 goto out_err;
2120 }
2121 }
2122
2123 down_read(&key->sem);
2124 upayload = key->payload.data;
2125 if (IS_ERR_OR_NULL(upayload)) {
4edc53c1 2126 rc = upayload ? PTR_ERR(upayload) : -EINVAL;
8a8798a5
JL		 2127 goto out_key_put;
2128 }
2129
2130 /* find first : in payload */
2131 payload = (char *)upayload->data;
2132 delim = strnchr(payload, upayload->datalen, ':');
2133 cFYI(1, "payload=%s", payload);
2134 if (!delim) {
2135 cFYI(1, "Unable to find ':' in payload (datalen=%d)",
2136 upayload->datalen);
2137 rc = -EINVAL;
2138 goto out_key_put;
2139 }
2140
2141 len = delim - payload;
2142 if (len > MAX_USERNAME_SIZE || len <= 0) {
000f9bb8 2143 cFYI(1, "Bad value from username search (len=%zd)", len);
8a8798a5
JL		 2144 rc = -EINVAL;
2145 goto out_key_put;
2146 }
2147
2148 vol->username = kstrndup(payload, len, GFP_KERNEL);
2149 if (!vol->username) {
000f9bb8 2150 cFYI(1, "Unable to allocate %zd bytes for username", len);
8a8798a5
JL		 2151 rc = -ENOMEM;
2152 goto out_key_put;
2153 }
2154 cFYI(1, "%s: username=%s", __func__, vol->username);
2155
2156 len = key->datalen - (len + 1);
2157 if (len > MAX_PASSWORD_SIZE || len <= 0) {
000f9bb8 2158 cFYI(1, "Bad len for password search (len=%zd)", len);
8a8798a5
JL		 2159 rc = -EINVAL;
2160 kfree(vol->username);
2161 vol->username = NULL;
2162 goto out_key_put;
2163 }
2164
2165 ++delim;
2166 vol->password = kstrndup(delim, len, GFP_KERNEL);
2167 if (!vol->password) {
000f9bb8 2168 cFYI(1, "Unable to allocate %zd bytes for password", len);
8a8798a5
JL		 2169 rc = -ENOMEM;
2170 kfree(vol->username);
2171 vol->username = NULL;
2172 goto out_key_put;
2173 }
2174
2175out_key_put:
2176 up_read(&key->sem);
2177 key_put(key);
2178out_err:
2179 kfree(desc);
2180 cFYI(1, "%s: returning %d", __func__, rc);
2181 return rc;
2182}
2183#else /* ! CONFIG_KEYS */
2184static inline int
2185cifs_set_cifscreds(struct smb_vol *vol __attribute__((unused)),
2186 struct cifs_ses *ses __attribute__((unused)))
2187{
2188 return -ENOSYS;
2189}
2190#endif /* CONFIG_KEYS */
2191
d9b94201
SF		 2192static bool warned_on_ntlm; /* globals init to false automatically */
2193
96daf2b0 2194static struct cifs_ses *
36988c76
JL		 2195cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2196{
2197 int rc = -ENOMEM, xid;
96daf2b0 2198 struct cifs_ses *ses;
a9f1b85e
PS		 2199 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2200 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
36988c76
JL		 2201
2202 xid = GetXid();
2203
4ff67b72 2204 ses = cifs_find_smb_ses(server, volume_info);
36988c76
JL		 2205 if (ses) {
2206 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
2207
36988c76 2208 mutex_lock(&ses->session_mutex);
198b5682
JL		 2209 rc = cifs_negotiate_protocol(xid, ses);
2210 if (rc) {
2211 mutex_unlock(&ses->session_mutex);
2212 /* problem -- put our ses reference */
2213 cifs_put_smb_ses(ses);
2214 FreeXid(xid);
2215 return ERR_PTR(rc);
2216 }
36988c76
JL		 2217 if (ses->need_reconnect) {
2218 cFYI(1, "Session needs reconnect");
2219 rc = cifs_setup_session(xid, ses,
2220 volume_info->local_nls);
2221 if (rc) {
2222 mutex_unlock(&ses->session_mutex);
2223 /* problem -- put our reference */
2224 cifs_put_smb_ses(ses);
2225 FreeXid(xid);
2226 return ERR_PTR(rc);
2227 }
2228 }
2229 mutex_unlock(&ses->session_mutex);
460cf341
JL		 2230
2231 /* existing SMB ses has a server reference already */
2232 cifs_put_tcp_session(server);
36988c76
JL		 2233 FreeXid(xid);
2234 return ses;
2235 }
2236
2237 cFYI(1, "Existing smb sess not found");
2238 ses = sesInfoAlloc();
2239 if (ses == NULL)
2240 goto get_ses_fail;
2241
2242 /* new SMB session uses our server ref */
2243 ses->server = server;
a9f1b85e
PS		 2244 if (server->dstaddr.ss_family == AF_INET6)
2245 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
36988c76 2246 else
a9f1b85e 2247 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
36988c76 2248
8727c8a8
SF		 2249 if (volume_info->username) {
2250 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2251 if (!ses->user_name)
2252 goto get_ses_fail;
2253 }
36988c76
JL		 2254
2255 /* volume_info->password freed at unmount */
2256 if (volume_info->password) {
2257 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2258 if (!ses->password)
2259 goto get_ses_fail;
2260 }
2261 if (volume_info->domainname) {
d3686d54
SP		 2262 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2263 if (!ses->domainName)
2264 goto get_ses_fail;
36988c76 2265 }
3e4b3e1f 2266 ses->cred_uid = volume_info->cred_uid;
36988c76 2267 ses->linux_uid = volume_info->linux_uid;
d9b94201
SF		 2268
2269 /* ntlmv2 is much stronger than ntlm security, and has been broadly
2270 supported for many years, time to update default security mechanism */
2271 if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2272 warned_on_ntlm = true;
2273 cERROR(1, "default security mechanism requested. The default "
2274 "security mechanism will be upgraded from ntlm to "
225de11e 2275 "ntlmv2 in kernel release 3.3");
d9b94201 2276 }
36988c76
JL		 2277 ses->overrideSecFlg = volume_info->secFlg;
2278
2279 mutex_lock(&ses->session_mutex);
198b5682
JL		 2280 rc = cifs_negotiate_protocol(xid, ses);
2281 if (!rc)
2282 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
36988c76 2283 mutex_unlock(&ses->session_mutex);
c8e56f1f 2284 if (rc)
36988c76
JL		 2285 goto get_ses_fail;
2286
2287 /* success, put it on the list */
3f9bcca7 2288 spin_lock(&cifs_tcp_ses_lock);
36988c76 2289 list_add(&ses->smb_ses_list, &server->smb_ses_list);
3f9bcca7 2290 spin_unlock(&cifs_tcp_ses_lock);
36988c76
JL		 2291
2292 FreeXid(xid);
2293 return ses;
2294
2295get_ses_fail:
2296 sesInfoFree(ses);
2297 FreeXid(xid);
2298 return ERR_PTR(rc);
2299}
2300
96daf2b0 2301static int match_tcon(struct cifs_tcon *tcon, const char *unc)
37bb04e5
PS		 2302{
2303 if (tcon->tidStatus == CifsExiting)
2304 return 0;
2305 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2306 return 0;
2307 return 1;
2308}
2309
96daf2b0
SF		 2310static struct cifs_tcon *
2311cifs_find_tcon(struct cifs_ses *ses, const char *unc)
f1987b44
JL		 2312{
2313 struct list_head *tmp;
96daf2b0 2314 struct cifs_tcon *tcon;
f1987b44 2315
3f9bcca7 2316 spin_lock(&cifs_tcp_ses_lock);
f1987b44 2317 list_for_each(tmp, &ses->tcon_list) {
96daf2b0 2318 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
37bb04e5 2319 if (!match_tcon(tcon, unc))
f1987b44 2320 continue;
f1987b44 2321 ++tcon->tc_count;
3f9bcca7 2322 spin_unlock(&cifs_tcp_ses_lock);
dea570e0 2323 return tcon;
1da177e4 2324 }
3f9bcca7 2325 spin_unlock(&cifs_tcp_ses_lock);
1da177e4
LT		 2326 return NULL;
2327}
2328
f1987b44 2329static void
96daf2b0 2330cifs_put_tcon(struct cifs_tcon *tcon)
f1987b44
JL		 2331{
2332 int xid;
96daf2b0 2333 struct cifs_ses *ses = tcon->ses;
f1987b44 2334
d00c28de 2335 cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
3f9bcca7 2336 spin_lock(&cifs_tcp_ses_lock);
f1987b44 2337 if (--tcon->tc_count > 0) {
3f9bcca7 2338 spin_unlock(&cifs_tcp_ses_lock);
f1987b44
JL		 2339 return;
2340 }
2341
2342 list_del_init(&tcon->tcon_list);
3f9bcca7 2343 spin_unlock(&cifs_tcp_ses_lock);
f1987b44
JL		 2344
2345 xid = GetXid();
2346 CIFSSMBTDis(xid, tcon);
2347 _FreeXid(xid);
2348
d03382ce 2349 cifs_fscache_release_super_cookie(tcon);
9f841593 2350 tconInfoFree(tcon);
f1987b44
JL		 2351 cifs_put_smb_ses(ses);
2352}
2353
96daf2b0
SF		 2354static struct cifs_tcon *
2355cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
d00c28de
JL		 2356{
2357 int rc, xid;
96daf2b0 2358 struct cifs_tcon *tcon;
d00c28de
JL		 2359
2360 tcon = cifs_find_tcon(ses, volume_info->UNC);
2361 if (tcon) {
2362 cFYI(1, "Found match on UNC path");
2363 /* existing tcon already has a reference */
2364 cifs_put_smb_ses(ses);
2365 if (tcon->seal != volume_info->seal)
2366 cERROR(1, "transport encryption setting "
2367 "conflicts with existing tid");
2368 return tcon;
2369 }
2370
2371 tcon = tconInfoAlloc();
2372 if (tcon == NULL) {
2373 rc = -ENOMEM;
2374 goto out_fail;
2375 }
2376
2377 tcon->ses = ses;
2378 if (volume_info->password) {
2379 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2380 if (!tcon->password) {
2381 rc = -ENOMEM;
2382 goto out_fail;
2383 }
2384 }
2385
2386 if (strchr(volume_info->UNC + 3, '\\') == NULL
2387 && strchr(volume_info->UNC + 3, '/') == NULL) {
2388 cERROR(1, "Missing share name");
2389 rc = -ENODEV;
2390 goto out_fail;
2391 }
2392
2393 /* BB Do we need to wrap session_mutex around
2394 * this TCon call and Unix SetFS as
2395 * we do on SessSetup and reconnect? */
2396 xid = GetXid();
2397 rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2398 FreeXid(xid);
2399 cFYI(1, "CIFS Tcon rc = %d", rc);
2400 if (rc)
2401 goto out_fail;
2402
2403 if (volume_info->nodfs) {
2404 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2405 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2406 }
2407 tcon->seal = volume_info->seal;
2408 /* we can have only one retry value for a connection
2409 to a share so for resources mounted more than once
2410 to the same server share the last value passed in
2411 for the retry flag is used */
2412 tcon->retry = volume_info->retry;
2413 tcon->nocase = volume_info->nocase;
2414 tcon->local_lease = volume_info->local_lease;
2415
3f9bcca7 2416 spin_lock(&cifs_tcp_ses_lock);
d00c28de 2417 list_add(&tcon->tcon_list, &ses->tcon_list);
3f9bcca7 2418 spin_unlock(&cifs_tcp_ses_lock);
d00c28de 2419
d03382ce
SJ		 2420 cifs_fscache_get_super_cookie(tcon);
2421
d00c28de
JL		 2422 return tcon;
2423
2424out_fail:
2425 tconInfoFree(tcon);
2426 return ERR_PTR(rc);
2427}
2428
9d002df4
JL		 2429void
2430cifs_put_tlink(struct tcon_link *tlink)
2431{
2432 if (!tlink || IS_ERR(tlink))
2433 return;
2434
2435 if (!atomic_dec_and_test(&tlink->tl_count) ||
2436 test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2437 tlink->tl_time = jiffies;
2438 return;
2439 }
2440
2441 if (!IS_ERR(tlink_tcon(tlink)))
2442 cifs_put_tcon(tlink_tcon(tlink));
2443 kfree(tlink);
2444 return;
2445}
d00c28de 2446
25c7f41e 2447static inline struct tcon_link *
cd51875d
PS		 2448cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2449{
2450 return cifs_sb->master_tlink;
2451}
25c7f41e
PS		 2452
2453static int
2454compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2455{
2456 struct cifs_sb_info *old = CIFS_SB(sb);
2457 struct cifs_sb_info *new = mnt_data->cifs_sb;
2458
2459 if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2460 return 0;
2461
2462 if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2463 (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2464 return 0;
2465
25c7f41e 2466 /*
5eba8ab3
JL		 2467 * We want to share sb only if we don't specify an r/wsize or
2468 * specified r/wsize is greater than or equal to existing one.
25c7f41e
PS		 2469 */
2470 if (new->wsize && new->wsize < old->wsize)
2471 return 0;
2472
5eba8ab3
JL		 2473 if (new->rsize && new->rsize < old->rsize)
2474 return 0;
2475
25c7f41e
PS		 2476 if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2477 return 0;
2478
2479 if (old->mnt_file_mode != new->mnt_file_mode ||
2480 old->mnt_dir_mode != new->mnt_dir_mode)
2481 return 0;
2482
2483 if (strcmp(old->local_nls->charset, new->local_nls->charset))
2484 return 0;
2485
2486 if (old->actimeo != new->actimeo)
2487 return 0;
2488
2489 return 1;
2490}
2491
2492int
2493cifs_match_super(struct super_block *sb, void *data)
2494{
2495 struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2496 struct smb_vol *volume_info;
2497 struct cifs_sb_info *cifs_sb;
2498 struct TCP_Server_Info *tcp_srv;
96daf2b0
SF		 2499 struct cifs_ses *ses;
2500 struct cifs_tcon *tcon;
25c7f41e
PS		 2501 struct tcon_link *tlink;
2502 struct sockaddr_storage addr;
2503 int rc = 0;
2504
2505 memset(&addr, 0, sizeof(struct sockaddr_storage));
2506
2507 spin_lock(&cifs_tcp_ses_lock);
2508 cifs_sb = CIFS_SB(sb);
2509 tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2510 if (IS_ERR(tlink)) {
2511 spin_unlock(&cifs_tcp_ses_lock);
2512 return rc;
2513 }
2514 tcon = tlink_tcon(tlink);
2515 ses = tcon->ses;
2516 tcp_srv = ses->server;
2517
2518 volume_info = mnt_data->vol;
2519
2520 if (!volume_info->UNCip || !volume_info->UNC)
2521 goto out;
2522
2523 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2524 volume_info->UNCip,
2525 strlen(volume_info->UNCip),
2526 volume_info->port);
2527 if (!rc)
2528 goto out;
2529
2530 if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2531 !match_session(ses, volume_info) ||
2532 !match_tcon(tcon, volume_info->UNC)) {
2533 rc = 0;
2534 goto out;
2535 }
2536
2537 rc = compare_mount_options(sb, mnt_data);
2538out:
25c7f41e 2539 spin_unlock(&cifs_tcp_ses_lock);
f484b5d0 2540 cifs_put_tlink(tlink);
25c7f41e
PS		 2541 return rc;
2542}
2543
1da177e4 2544int
96daf2b0 2545get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
50c2f753 2546 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
366781c1 2547 struct dfs_info3_param **preferrals, int remap)
1da177e4
LT		 2548{
2549 char *temp_unc;
2550 int rc = 0;
2551
2552 *pnum_referrals = 0;
366781c1 2553 *preferrals = NULL;
1da177e4
LT		 2554
2555 if (pSesInfo->ipc_tid == 0) {
2556 temp_unc = kmalloc(2 /* for slashes */ +
50c2f753
SF		 2557 strnlen(pSesInfo->serverName,
2558 SERVER_NAME_LEN_WITH_NULL * 2)
1da177e4
LT		 2559 + 1 + 4 /* slash IPC$ */ + 2,
2560 GFP_KERNEL);
2561 if (temp_unc == NULL)
2562 return -ENOMEM;
2563 temp_unc[0] = '\\';
2564 temp_unc[1] = '\\';
2565 strcpy(temp_unc + 2, pSesInfo->serverName);
2566 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2567 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
b6b38f70 2568 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
1da177e4
LT		 2569 kfree(temp_unc);
2570 }
2571 if (rc == 0)
c2cf07d5 2572 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
737b758c 2573 pnum_referrals, nls_codepage, remap);
366781c1
SF		 2574 /* BB map targetUNCs to dfs_info3 structures, here or
2575 in CIFSGetDFSRefer BB */
1da177e4
LT		 2576
2577 return rc;
2578}
2579
09e50d55
JL		 2580#ifdef CONFIG_DEBUG_LOCK_ALLOC
2581static struct lock_class_key cifs_key[2];
2582static struct lock_class_key cifs_slock_key[2];
2583
2584static inline void
2585cifs_reclassify_socket4(struct socket *sock)
2586{
2587 struct sock *sk = sock->sk;
2588 BUG_ON(sock_owned_by_user(sk));
2589 sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2590 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2591}
2592
2593static inline void
2594cifs_reclassify_socket6(struct socket *sock)
2595{
2596 struct sock *sk = sock->sk;
2597 BUG_ON(sock_owned_by_user(sk));
2598 sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2599 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2600}
2601#else
2602static inline void
2603cifs_reclassify_socket4(struct socket *sock)
2604{
2605}
2606
2607static inline void
2608cifs_reclassify_socket6(struct socket *sock)
2609{
2610}
2611#endif
2612
1da177e4 2613/* See RFC1001 section 14 on representation of Netbios names */
50c2f753 2614static void rfc1002mangle(char *target, char *source, unsigned int length)
1da177e4 2615{
50c2f753 2616 unsigned int i, j;
1da177e4 2617
50c2f753 2618 for (i = 0, j = 0; i < (length); i++) {
1da177e4
LT		 2619 /* mask a nibble at a time and encode */
2620 target[j] = 'A' + (0x0F & (source[i] >> 4));
2621 target[j+1] = 'A' + (0x0F & source[i]);
50c2f753 2622 j += 2;
1da177e4
LT		 2623 }
2624
2625}
2626
3eb9a889
BG		 2627static int
2628bind_socket(struct TCP_Server_Info *server)
2629{
2630 int rc = 0;
2631 if (server->srcaddr.ss_family != AF_UNSPEC) {
2632 /* Bind to the specified local IP address */
2633 struct socket *socket = server->ssocket;
2634 rc = socket->ops->bind(socket,
2635 (struct sockaddr *) &server->srcaddr,
2636 sizeof(server->srcaddr));
2637 if (rc < 0) {
2638 struct sockaddr_in *saddr4;
2639 struct sockaddr_in6 *saddr6;
2640 saddr4 = (struct sockaddr_in *)&server->srcaddr;
2641 saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2642 if (saddr6->sin6_family == AF_INET6)
2643 cERROR(1, "cifs: "
2644 "Failed to bind to: %pI6c, error: %d\n",
2645 &saddr6->sin6_addr, rc);
2646 else
2647 cERROR(1, "cifs: "
2648 "Failed to bind to: %pI4, error: %d\n",
2649 &saddr4->sin_addr.s_addr, rc);
2650 }
2651 }
2652 return rc;
2653}
1da177e4
LT		 2654
2655static int
a9f1b85e 2656ip_rfc1001_connect(struct TCP_Server_Info *server)
1da177e4
LT		 2657{
2658 int rc = 0;
a9f1b85e
PS		 2659 /*
2660 * some servers require RFC1001 sessinit before sending
2661 * negprot - BB check reconnection in case where second
2662 * sessinit is sent but no second negprot
2663 */
2664 struct rfc1002_session_packet *ses_init_buf;
2665 struct smb_hdr *smb_buf;
2666 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2667 GFP_KERNEL);
2668 if (ses_init_buf) {
2669 ses_init_buf->trailer.session_req.called_len = 32;
2670
2671 if (server->server_RFC1001_name &&
2672 server->server_RFC1001_name[0] != 0)
2673 rfc1002mangle(ses_init_buf->trailer.
2674 session_req.called_name,
2675 server->server_RFC1001_name,
2676 RFC1001_NAME_LEN_WITH_NULL);
2677 else
2678 rfc1002mangle(ses_init_buf->trailer.
2679 session_req.called_name,
2680 DEFAULT_CIFS_CALLED_NAME,
2681 RFC1001_NAME_LEN_WITH_NULL);
2682
2683 ses_init_buf->trailer.session_req.calling_len = 32;
2684
2685 /*
2686 * calling name ends in null (byte 16) from old smb
2687 * convention.
2688 */
2689 if (server->workstation_RFC1001_name &&
2690 server->workstation_RFC1001_name[0] != 0)
2691 rfc1002mangle(ses_init_buf->trailer.
2692 session_req.calling_name,
2693 server->workstation_RFC1001_name,
2694 RFC1001_NAME_LEN_WITH_NULL);
2695 else
2696 rfc1002mangle(ses_init_buf->trailer.
2697 session_req.calling_name,
2698 "LINUX_CIFS_CLNT",
2699 RFC1001_NAME_LEN_WITH_NULL);
2700
2701 ses_init_buf->trailer.session_req.scope1 = 0;
2702 ses_init_buf->trailer.session_req.scope2 = 0;
2703 smb_buf = (struct smb_hdr *)ses_init_buf;
2704
2705 /* sizeof RFC1002_SESSION_REQUEST with no scope */
be8e3b00 2706 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
a9f1b85e
PS		 2707 rc = smb_send(server, smb_buf, 0x44);
2708 kfree(ses_init_buf);
2709 /*
2710 * RFC1001 layer in at least one server
2711 * requires very short break before negprot
2712 * presumably because not expecting negprot
2713 * to follow so fast. This is a simple
2714 * solution that works without
2715 * complicating the code and causes no
2716 * significant slowing down on mount
2717 * for everyone else
2718 */
2719 usleep_range(1000, 2000);
2720 }
2721 /*
2722 * else the negprot may still work without this
2723 * even though malloc failed
2724 */
2725
2726 return rc;
2727}
2728
2729static int
2730generic_ip_connect(struct TCP_Server_Info *server)
2731{
2732 int rc = 0;
6da97910 2733 __be16 sport;
a9f1b85e 2734 int slen, sfamily;
bcf4b106 2735 struct socket *socket = server->ssocket;
a9f1b85e
PS		 2736 struct sockaddr *saddr;
2737
2738 saddr = (struct sockaddr *) &server->dstaddr;
2739
2740 if (server->dstaddr.ss_family == AF_INET6) {
2741 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2742 slen = sizeof(struct sockaddr_in6);
2743 sfamily = AF_INET6;
2744 } else {
2745 sport = ((struct sockaddr_in *) saddr)->sin_port;
2746 slen = sizeof(struct sockaddr_in);
2747 sfamily = AF_INET;
2748 }
1da177e4 2749
bcf4b106 2750 if (socket == NULL) {
f1d0c998
RL		 2751 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2752 IPPROTO_TCP, &socket, 1);
1da177e4 2753 if (rc < 0) {
b6b38f70 2754 cERROR(1, "Error %d creating socket", rc);
a9f1b85e 2755 server->ssocket = NULL;
1da177e4 2756 return rc;
1da177e4 2757 }
bcf4b106
JL		 2758
2759 /* BB other socket options to set KEEPALIVE, NODELAY? */
b6b38f70 2760 cFYI(1, "Socket created");
bcf4b106
JL		 2761 server->ssocket = socket;
2762 socket->sk->sk_allocation = GFP_NOFS;
a9f1b85e
PS		 2763 if (sfamily == AF_INET6)
2764 cifs_reclassify_socket6(socket);
2765 else
2766 cifs_reclassify_socket4(socket);
1da177e4
LT		 2767 }
2768
3eb9a889
BG		 2769 rc = bind_socket(server);
2770 if (rc < 0)
2771 return rc;
2772
bcf4b106
JL		 2773 /*
2774 * Eventually check for other socket options to change from
a9f1b85e
PS		 2775 * the default. sock_setsockopt not used because it expects
2776 * user space buffer
bcf4b106
JL		 2777 */
2778 socket->sk->sk_rcvtimeo = 7 * HZ;
da505c38 2779 socket->sk->sk_sndtimeo = 5 * HZ;
edf1ae40 2780
b387eaeb 2781 /* make the bufsizes depend on wsize/rsize and max requests */
bcf4b106
JL		 2782 if (server->noautotune) {
2783 if (socket->sk->sk_sndbuf < (200 * 1024))
2784 socket->sk->sk_sndbuf = 200 * 1024;
2785 if (socket->sk->sk_rcvbuf < (140 * 1024))
2786 socket->sk->sk_rcvbuf = 140 * 1024;
edf1ae40 2787 }
1da177e4 2788
6a5fa236 2789 if (server->tcp_nodelay) {
a9f1b85e 2790 int val = 1;
6a5fa236
SF		 2791 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2792 (char *)&val, sizeof(val));
2793 if (rc)
b6b38f70 2794 cFYI(1, "set TCP_NODELAY socket option error %d", rc);
6a5fa236
SF		 2795 }
2796
b6b38f70 2797 cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
bcf4b106 2798 socket->sk->sk_sndbuf,
b6b38f70 2799 socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
bcf4b106 2800
ee1b3ea9
JL		 2801 rc = socket->ops->connect(socket, saddr, slen, 0);
2802 if (rc < 0) {
2803 cFYI(1, "Error %d connecting to server", rc);
2804 sock_release(socket);
2805 server->ssocket = NULL;
2806 return rc;
2807 }
2808
a9f1b85e
PS		 2809 if (sport == htons(RFC1001_PORT))
2810 rc = ip_rfc1001_connect(server);
50c2f753 2811
1da177e4
LT		 2812 return rc;
2813}
2814
2815static int
a9f1b85e 2816ip_connect(struct TCP_Server_Info *server)
1da177e4 2817{
6da97910 2818 __be16 *sport;
a9f1b85e
PS		 2819 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2820 struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
1da177e4 2821
a9f1b85e
PS		 2822 if (server->dstaddr.ss_family == AF_INET6)
2823 sport = &addr6->sin6_port;
2824 else
2825 sport = &addr->sin_port;
1da177e4 2826
a9f1b85e
PS		 2827 if (*sport == 0) {
2828 int rc;
1da177e4 2829
a9f1b85e
PS		 2830 /* try with 445 port at first */
2831 *sport = htons(CIFS_PORT);
3eb9a889 2832
a9f1b85e 2833 rc = generic_ip_connect(server);
1da177e4 2834 if (rc >= 0)
a9f1b85e 2835 return rc;
6a5fa236 2836
a9f1b85e
PS		 2837 /* if it failed, try with 139 port */
2838 *sport = htons(RFC1001_PORT);
6a5fa236
SF		 2839 }
2840
a9f1b85e 2841 return generic_ip_connect(server);
1da177e4
LT		 2842}
2843
96daf2b0 2844void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
2c6292ae 2845 struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
8af18971
SF		 2846{
2847 /* if we are reconnecting then should we check to see if
2848 * any requested capabilities changed locally e.g. via
2849 * remount but we can not do much about it here
2850 * if they have (even if we could detect it by the following)
2851 * Perhaps we could add a backpointer to array of sb from tcon
2852 * or if we change to make all sb to same share the same
2853 * sb as NFS - then we only have one backpointer to sb.
2854 * What if we wanted to mount the server share twice once with
2855 * and once without posixacls or posix paths? */
2856 __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
50c2f753 2857
c18c842b
SF		 2858 if (vol_info && vol_info->no_linux_ext) {
2859 tcon->fsUnixInfo.Capability = 0;
2860 tcon->unix_ext = 0; /* Unix Extensions disabled */
b6b38f70 2861 cFYI(1, "Linux protocol extensions disabled");
c18c842b
SF		 2862 return;
2863 } else if (vol_info)
2864 tcon->unix_ext = 1; /* Unix Extensions supported */
2865
2866 if (tcon->unix_ext == 0) {
b6b38f70 2867 cFYI(1, "Unix extensions disabled so not set on reconnect");
c18c842b
SF		 2868 return;
2869 }
50c2f753 2870
fb8c4b14 2871 if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
8af18971 2872 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
6848b733 2873 cFYI(1, "unix caps which server supports %lld", cap);
8af18971
SF		 2874 /* check for reconnect case in which we do not
2875 want to change the mount behavior if we can avoid it */
fb8c4b14 2876 if (vol_info == NULL) {
50c2f753 2877 /* turn off POSIX ACL and PATHNAMES if not set
8af18971
SF		 2878 originally at mount time */
2879 if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2880 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
11b6d645
IM		 2881 if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2882 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
b6b38f70 2883 cERROR(1, "POSIXPATH support change");
8af18971 2884 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
11b6d645 2885 } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
b6b38f70
JP		 2886 cERROR(1, "possible reconnect error");
2887 cERROR(1, "server disabled POSIX path support");
11b6d645 2888 }
8af18971 2889 }
50c2f753 2890
6848b733
SF		 2891 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2892 cERROR(1, "per-share encryption not supported yet");
2893
8af18971 2894 cap &= CIFS_UNIX_CAP_MASK;
75865f8c 2895 if (vol_info && vol_info->no_psx_acl)
8af18971 2896 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
75865f8c 2897 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
b6b38f70 2898 cFYI(1, "negotiated posix acl support");
2c6292ae
AV		 2899 if (cifs_sb)
2900 cifs_sb->mnt_cifs_flags |=
2901 CIFS_MOUNT_POSIXACL;
8af18971
SF		 2902 }
2903
75865f8c 2904 if (vol_info && vol_info->posix_paths == 0)
8af18971 2905 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
75865f8c 2906 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
b6b38f70 2907 cFYI(1, "negotiate posix pathnames");
2c6292ae
AV		 2908 if (cifs_sb)
2909 cifs_sb->mnt_cifs_flags |=
8af18971
SF		 2910 CIFS_MOUNT_POSIX_PATHS;
2911 }
50c2f753 2912
b6b38f70 2913 cFYI(1, "Negotiate caps 0x%x", (int)cap);
8af18971 2914#ifdef CONFIG_CIFS_DEBUG2
75865f8c 2915 if (cap & CIFS_UNIX_FCNTL_CAP)
b6b38f70 2916 cFYI(1, "FCNTL cap");
75865f8c 2917 if (cap & CIFS_UNIX_EXTATTR_CAP)
b6b38f70 2918 cFYI(1, "EXTATTR cap");
75865f8c 2919 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
b6b38f70 2920 cFYI(1, "POSIX path cap");
75865f8c 2921 if (cap & CIFS_UNIX_XATTR_CAP)
b6b38f70 2922 cFYI(1, "XATTR cap");
75865f8c 2923 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
b6b38f70 2924 cFYI(1, "POSIX ACL cap");
75865f8c 2925 if (cap & CIFS_UNIX_LARGE_READ_CAP)
b6b38f70 2926 cFYI(1, "very large read cap");
75865f8c 2927 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
b6b38f70 2928 cFYI(1, "very large write cap");
6848b733
SF		 2929 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
2930 cFYI(1, "transport encryption cap");
2931 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2932 cFYI(1, "mandatory transport encryption cap");
8af18971
SF		 2933#endif /* CIFS_DEBUG2 */
2934 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
442aa310 2935 if (vol_info == NULL) {
b6b38f70 2936 cFYI(1, "resetting capabilities failed");
442aa310 2937 } else
b6b38f70 2938 cERROR(1, "Negotiating Unix capabilities "
5a44b319
SF		 2939 "with the server failed. Consider "
2940 "mounting with the Unix Extensions\n"
2941 "disabled, if problems are found, "
2942 "by specifying the nounix mount "
b6b38f70 2943 "option.");
5a44b319 2944
8af18971
SF		 2945 }
2946 }
2947}
2948
724d9f1c
PS		 2949void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
2950 struct cifs_sb_info *cifs_sb)
b1c8d2b4 2951{
2de970ff
JL		 2952 INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2953
2ced6f69
AV		 2954 spin_lock_init(&cifs_sb->tlink_tree_lock);
2955 cifs_sb->tlink_tree = RB_ROOT;
2956
25c7f41e 2957 /*
5eba8ab3
JL		 2958 * Temporarily set r/wsize for matching superblock. If we end up using
2959 * new sb then client will later negotiate it downward if needed.
25c7f41e 2960 */
5eba8ab3 2961 cifs_sb->rsize = pvolume_info->rsize;
25c7f41e
PS		 2962 cifs_sb->wsize = pvolume_info->wsize;
2963
3b795210
SF		 2964 cifs_sb->mnt_uid = pvolume_info->linux_uid;
2965 cifs_sb->mnt_gid = pvolume_info->linux_gid;
3d3ea8e6
SP		 2966 if (pvolume_info->backupuid_specified)
2967 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
2968 if (pvolume_info->backupgid_specified)
2969 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
3b795210
SF		 2970 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2971 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
5206efd6 2972 cFYI(1, "file mode: 0x%hx dir mode: 0x%hx",
b6b38f70 2973 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
3b795210 2974
6d20e840 2975 cifs_sb->actimeo = pvolume_info->actimeo;
724d9f1c 2976 cifs_sb->local_nls = pvolume_info->local_nls;
6d20e840 2977
3b795210
SF		 2978 if (pvolume_info->noperm)
2979 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2980 if (pvolume_info->setuids)
2981 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2982 if (pvolume_info->server_ino)
2983 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2984 if (pvolume_info->remap)
2985 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2986 if (pvolume_info->no_xattr)
2987 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2988 if (pvolume_info->sfu_emul)
2989 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2990 if (pvolume_info->nobrl)
2991 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
be652445 2992 if (pvolume_info->nostrictsync)
4717bed6 2993 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
13a6e42a
SF		 2994 if (pvolume_info->mand_lock)
2995 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
d4ffff1f
PS		 2996 if (pvolume_info->rwpidforward)
2997 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
3b795210
SF		 2998 if (pvolume_info->cifs_acl)
2999 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
3d3ea8e6
SP		 3000 if (pvolume_info->backupuid_specified)
3001 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
3002 if (pvolume_info->backupgid_specified)
3003 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
3b795210
SF		 3004 if (pvolume_info->override_uid)
3005 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
3006 if (pvolume_info->override_gid)
3007 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
3008 if (pvolume_info->dynperm)
3009 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
fa1df75d
SJ		 3010 if (pvolume_info->fsc)
3011 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
0eb8a132
JL		 3012 if (pvolume_info->multiuser)
3013 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
3014 CIFS_MOUNT_NO_PERM);
d39454ff
PS		 3015 if (pvolume_info->strict_io)
3016 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
3b795210 3017 if (pvolume_info->direct_io) {
b6b38f70 3018 cFYI(1, "mounting share using direct i/o");
3b795210
SF		 3019 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
3020 }
736a3320
SM		 3021 if (pvolume_info->mfsymlinks) {
3022 if (pvolume_info->sfu_emul) {
3023 cERROR(1, "mount option mfsymlinks ignored if sfu "
3024 "mount option is used");
3025 } else {
3026 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
3027 }
3028 }
3b795210
SF		 3029
3030 if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
b6b38f70
JP		 3031 cERROR(1, "mount option dynperm ignored if cifsacl "
3032 "mount option supported");
b1c8d2b4
JL		 3033}
3034
f7910cbd 3035/*
5eba8ab3
JL		 3036 * When the server supports very large reads and writes via POSIX extensions,
3037 * we can allow up to 2^24-1, minus the size of a READ/WRITE_AND_X header, not
3038 * including the RFC1001 length.
f7910cbd
JL		 3039 *
3040 * Note that this might make for "interesting" allocation problems during
1190f6a0
JL		 3041 * writeback however as we have to allocate an array of pointers for the
3042 * pages. A 16M write means ~32kb page array with PAGE_CACHE_SIZE == 4096.
5eba8ab3
JL		 3043 *
3044 * For reads, there is a similar problem as we need to allocate an array
3045 * of kvecs to handle the receive, though that should only need to be done
3046 * once.
f7910cbd 3047 */
1190f6a0 3048#define CIFS_MAX_WSIZE ((1<<24) - 1 - sizeof(WRITE_REQ) + 4)
5eba8ab3 3049#define CIFS_MAX_RSIZE ((1<<24) - sizeof(READ_RSP) + 4)
f7910cbd
JL		 3050
3051/*
5eba8ab3
JL		 3052 * When the server doesn't allow large posix writes, only allow a rsize/wsize
3053 * of 2^17-1 minus the size of the call header. That allows for a read or
3054 * write up to the maximum size described by RFC1002.
f7910cbd 3055 */
94443f43 3056#define CIFS_MAX_RFC1002_WSIZE ((1<<17) - 1 - sizeof(WRITE_REQ) + 4)
5eba8ab3 3057#define CIFS_MAX_RFC1002_RSIZE ((1<<17) - 1 - sizeof(READ_RSP) + 4)
f7910cbd
JL		 3058
3059/*
3060 * The default wsize is 1M. find_get_pages seems to return a maximum of 256
3061 * pages in a single call. With PAGE_CACHE_SIZE == 4k, this means we can fill
3062 * a single wsize request with a single call.
3063 */
5eba8ab3
JL		 3064#define CIFS_DEFAULT_IOSIZE (1024 * 1024)
3065
3066/*
ce91acb3
JL		 3067 * Windows only supports a max of 60kb reads and 65535 byte writes. Default to
3068 * those values when posix extensions aren't in force. In actuality here, we
3069 * use 65536 to allow for a write that is a multiple of 4k. Most servers seem
3070 * to be ok with the extra byte even though Windows doesn't send writes that
3071 * are that large.
3072 *
3073 * Citation:
3074 *
3075 * http://blogs.msdn.com/b/openspecification/archive/2009/04/10/smb-maximum-transmit-buffer-size-and-performance-tuning.aspx
5eba8ab3
JL		 3076 */
3077#define CIFS_DEFAULT_NON_POSIX_RSIZE (60 * 1024)
ce91acb3 3078#define CIFS_DEFAULT_NON_POSIX_WSIZE (65536)
f7910cbd
JL		 3079
3080static unsigned int
96daf2b0 3081cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
f7910cbd
JL		 3082{
3083 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3084 struct TCP_Server_Info *server = tcon->ses->server;
ce91acb3
JL		 3085 unsigned int wsize;
3086
3087 /* start with specified wsize, or default */
3088 if (pvolume_info->wsize)
3089 wsize = pvolume_info->wsize;
3090 else if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
3091 wsize = CIFS_DEFAULT_IOSIZE;
3092 else
3093 wsize = CIFS_DEFAULT_NON_POSIX_WSIZE;
f7910cbd
JL		 3094
3095 /* can server support 24-bit write sizes? (via UNIX extensions) */
3096 if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
1190f6a0 3097 wsize = min_t(unsigned int, wsize, CIFS_MAX_RFC1002_WSIZE);
f7910cbd 3098
1190f6a0
JL		 3099 /*
3100 * no CAP_LARGE_WRITE_X or is signing enabled without CAP_UNIX set?
3101 * Limit it to max buffer offered by the server, minus the size of the
3102 * WRITEX header, not including the 4 byte RFC1001 length.
3103 */
3104 if (!(server->capabilities & CAP_LARGE_WRITE_X) ||
3105 (!(server->capabilities & CAP_UNIX) &&
3106 (server->sec_mode & (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED))))
3107 wsize = min_t(unsigned int, wsize,
3108 server->maxBuf - sizeof(WRITE_REQ) + 4);
f7910cbd
JL		 3109
3110 /* hard limit of CIFS_MAX_WSIZE */
3111 wsize = min_t(unsigned int, wsize, CIFS_MAX_WSIZE);
3112
3113 return wsize;
3114}
3115
5eba8ab3
JL		 3116static unsigned int
3117cifs_negotiate_rsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
3118{
3119 __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3120 struct TCP_Server_Info *server = tcon->ses->server;
3121 unsigned int rsize, defsize;
3122
3123 /*
3124 * Set default value...
3125 *
3126 * HACK alert! Ancient servers have very small buffers. Even though
3127 * MS-CIFS indicates that servers are only limited by the client's
3128 * bufsize for reads, testing against win98se shows that it throws
3129 * INVALID_PARAMETER errors if you try to request too large a read.
3130 *
3131 * If the server advertises a MaxBufferSize of less than one page,
3132 * assume that it also can't satisfy reads larger than that either.
3133 *
3134 * FIXME: Is there a better heuristic for this?
3135 */
3136 if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_READ_CAP))
3137 defsize = CIFS_DEFAULT_IOSIZE;
3138 else if (server->capabilities & CAP_LARGE_READ_X)
3139 defsize = CIFS_DEFAULT_NON_POSIX_RSIZE;
3140 else if (server->maxBuf >= PAGE_CACHE_SIZE)
3141 defsize = CIFSMaxBufSize;
3142 else
3143 defsize = server->maxBuf - sizeof(READ_RSP);
3144
3145 rsize = pvolume_info->rsize ? pvolume_info->rsize : defsize;
3146
3147 /*
3148 * no CAP_LARGE_READ_X? Then MS-CIFS states that we must limit this to
3149 * the client's MaxBufferSize.
3150 */
3151 if (!(server->capabilities & CAP_LARGE_READ_X))
3152 rsize = min_t(unsigned int, CIFSMaxBufSize, rsize);
3153
3154 /* hard limit of CIFS_MAX_RSIZE */
3155 rsize = min_t(unsigned int, rsize, CIFS_MAX_RSIZE);
3156
3157 return rsize;
3158}
3159
e4cce94c 3160static int
96daf2b0 3161is_path_accessible(int xid, struct cifs_tcon *tcon,
e4cce94c
IM		 3162 struct cifs_sb_info *cifs_sb, const char *full_path)
3163{
3164 int rc;
e4cce94c
IM		 3165 FILE_ALL_INFO *pfile_info;
3166
e4cce94c
IM		 3167 pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
3168 if (pfile_info == NULL)
3169 return -ENOMEM;
3170
3171 rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
3172 0 /* not legacy */, cifs_sb->local_nls,
3173 cifs_sb->mnt_cifs_flags &
3174 CIFS_MOUNT_MAP_SPECIAL_CHR);
221d1d79
JL		 3175
3176 if (rc == -EOPNOTSUPP || rc == -EINVAL)
3177 rc = SMBQueryInformation(xid, tcon, full_path, pfile_info,
3178 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
3179 CIFS_MOUNT_MAP_SPECIAL_CHR);
e4cce94c
IM		 3180 kfree(pfile_info);
3181 return rc;
3182}
3183
b9bce2e9
JL		 3184static void
3185cleanup_volume_info_contents(struct smb_vol *volume_info)
1bfe73c2 3186{
b946845a 3187 kfree(volume_info->username);
1bfe73c2 3188 kzfree(volume_info->password);
13589c43
SF		 3189 if (volume_info->UNCip != volume_info->UNC + 2)
3190 kfree(volume_info->UNCip);
95c75454 3191 kfree(volume_info->UNC);
b946845a
SF		 3192 kfree(volume_info->domainname);
3193 kfree(volume_info->iocharset);
1bfe73c2 3194 kfree(volume_info->prepath);
b9bce2e9
JL		 3195}
3196
3197void
3198cifs_cleanup_volume_info(struct smb_vol *volume_info)
3199{
3200 if (!volume_info)
3201 return;
3202 cleanup_volume_info_contents(volume_info);
1bfe73c2 3203 kfree(volume_info);
1bfe73c2
IM		 3204}
3205
b9bce2e9 3206
2d6d589d 3207#ifdef CONFIG_CIFS_DFS_UPCALL
1bfe73c2
IM		 3208/* build_path_to_root returns full path to root when
3209 * we do not have an exiting connection (tcon) */
3210static char *
b2a0fa15 3211build_unc_path_to_root(const struct smb_vol *vol,
1bfe73c2
IM		 3212 const struct cifs_sb_info *cifs_sb)
3213{
b2a0fa15
JL		 3214 char *full_path, *pos;
3215 unsigned int pplen = vol->prepath ? strlen(vol->prepath) : 0;
3216 unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
1bfe73c2 3217
b2a0fa15 3218 full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
1bfe73c2
IM		 3219 if (full_path == NULL)
3220 return ERR_PTR(-ENOMEM);
3221
b2a0fa15
JL		 3222 strncpy(full_path, vol->UNC, unc_len);
3223 pos = full_path + unc_len;
3224
3225 if (pplen) {
3226 strncpy(pos, vol->prepath, pplen);
3227 pos += pplen;
3228 }
3229
3230 *pos = '\0'; /* add trailing null */
f87d39d9 3231 convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
b2a0fa15 3232 cFYI(1, "%s: full_path=%s", __func__, full_path);
1bfe73c2
IM		 3233 return full_path;
3234}
dd613945
SF		 3235
3236/*
3237 * Perform a dfs referral query for a share and (optionally) prefix
3238 *
046462ab
SF		 3239 * If a referral is found, cifs_sb->mountdata will be (re-)allocated
3240 * to a string containing updated options for the submount. Otherwise it
3241 * will be left untouched.
dd613945
SF		 3242 *
3243 * Returns the rc from get_dfs_path to the caller, which can be used to
3244 * determine whether there were referrals.
3245 */
3246static int
96daf2b0 3247expand_dfs_referral(int xid, struct cifs_ses *pSesInfo,
dd613945 3248 struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
046462ab 3249 int check_prefix)
dd613945
SF		 3250{
3251 int rc;
3252 unsigned int num_referrals = 0;
3253 struct dfs_info3_param *referrals = NULL;
3254 char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
3255
3256 full_path = build_unc_path_to_root(volume_info, cifs_sb);
3257 if (IS_ERR(full_path))
3258 return PTR_ERR(full_path);
3259
3260 /* For DFS paths, skip the first '\' of the UNC */
3261 ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
3262
3263 rc = get_dfs_path(xid, pSesInfo , ref_path, cifs_sb->local_nls,
3264 &num_referrals, &referrals,
3265 cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
3266
3267 if (!rc && num_referrals > 0) {
3268 char *fake_devname = NULL;
3269
3270 mdata = cifs_compose_mount_options(cifs_sb->mountdata,
3271 full_path + 1, referrals,
3272 &fake_devname);
3273
3274 free_dfs_info_array(referrals, num_referrals);
046462ab 3275
dd613945
SF		 3276 if (IS_ERR(mdata)) {
3277 rc = PTR_ERR(mdata);
3278 mdata = NULL;
b9bce2e9
JL		 3279 } else {
3280 cleanup_volume_info_contents(volume_info);
3281 memset(volume_info, '\0', sizeof(*volume_info));
3282 rc = cifs_setup_volume_info(volume_info, mdata,
3283 fake_devname);
dd613945 3284 }
b9bce2e9
JL		 3285 kfree(fake_devname);
3286 kfree(cifs_sb->mountdata);
046462ab 3287 cifs_sb->mountdata = mdata;
dd613945
SF		 3288 }
3289 kfree(full_path);
3290 return rc;
3291}
2d6d589d 3292#endif
1bfe73c2 3293
04db79b0
JL		 3294static int
3295cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
3296 const char *devname)
1da177e4 3297{
724d9f1c 3298 int rc = 0;
1da177e4 3299
04db79b0
JL		 3300 if (cifs_parse_mount_options(mount_data, devname, volume_info))
3301 return -EINVAL;
1da177e4 3302
7586b765 3303 if (volume_info->nullauth) {
04febabc
JL		 3304 cFYI(1, "Anonymous login");
3305 kfree(volume_info->username);
3306 volume_info->username = NULL;
7586b765 3307 } else if (volume_info->username) {
1da177e4 3308 /* BB fixme parse for domain name here */
b6b38f70 3309 cFYI(1, "Username: %s", volume_info->username);
1da177e4 3310 } else {
bf820679 3311 cifserror("No username specified");
50c2f753
SF		 3312 /* In userspace mount helper we can get user name from alternate
3313 locations such as env variables and files on disk */
04db79b0 3314 return -EINVAL;
1da177e4
LT		 3315 }
3316
1da177e4 3317 /* this is needed for ASCII cp to Unicode converts */
7586b765 3318 if (volume_info->iocharset == NULL) {
a5fc4ce0
JL		 3319 /* load_nls_default cannot return null */
3320 volume_info->local_nls = load_nls_default();
1da177e4 3321 } else {
a5fc4ce0
JL		 3322 volume_info->local_nls = load_nls(volume_info->iocharset);
3323 if (volume_info->local_nls == NULL) {
b6b38f70
JP		 3324 cERROR(1, "CIFS mount error: iocharset %s not found",
3325 volume_info->iocharset);
04db79b0 3326 return -ELIBACC;
1da177e4
LT		 3327 }
3328 }
724d9f1c 3329
724d9f1c
PS		 3330 return rc;
3331}
3332
04db79b0
JL		 3333struct smb_vol *
3334cifs_get_volume_info(char *mount_data, const char *devname)
3335{
3336 int rc;
3337 struct smb_vol *volume_info;
3338
3339 volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
3340 if (!volume_info)
3341 return ERR_PTR(-ENOMEM);
3342
3343 rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3344 if (rc) {
3345 cifs_cleanup_volume_info(volume_info);
3346 volume_info = ERR_PTR(rc);
3347 }
3348
3349 return volume_info;
3350}
3351
66bfaadc
JL		 3352/* make sure ra_pages is a multiple of rsize */
3353static inline unsigned int
3354cifs_ra_pages(struct cifs_sb_info *cifs_sb)
3355{
3356 unsigned int reads;
3357 unsigned int rsize_pages = cifs_sb->rsize / PAGE_CACHE_SIZE;
3358
3359 if (rsize_pages >= default_backing_dev_info.ra_pages)
3360 return default_backing_dev_info.ra_pages;
3361 else if (rsize_pages == 0)
3362 return rsize_pages;
3363
3364 reads = default_backing_dev_info.ra_pages / rsize_pages;
3365 return reads * rsize_pages;
3366}
3367
724d9f1c 3368int
2c6292ae 3369cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
724d9f1c
PS		 3370{
3371 int rc = 0;
3372 int xid;
96daf2b0
SF		 3373 struct cifs_ses *pSesInfo;
3374 struct cifs_tcon *tcon;
724d9f1c
PS		 3375 struct TCP_Server_Info *srvTcp;
3376 char *full_path;
3377 struct tcon_link *tlink;
3378#ifdef CONFIG_CIFS_DFS_UPCALL
3379 int referral_walks_count = 0;
20547490 3380#endif
dd854466
AV		 3381
3382 rc = bdi_setup_and_register(&cifs_sb->bdi, "cifs", BDI_CAP_MAP_COPY);
3383 if (rc)
3384 return rc;
3385
20547490 3386#ifdef CONFIG_CIFS_DFS_UPCALL
724d9f1c
PS		 3387try_mount_again:
3388 /* cleanup activities if we're chasing a referral */
3389 if (referral_walks_count) {
3390 if (tcon)
3391 cifs_put_tcon(tcon);
3392 else if (pSesInfo)
3393 cifs_put_smb_ses(pSesInfo);
3394
724d9f1c
PS		 3395 FreeXid(xid);
3396 }
3397#endif
3398 tcon = NULL;
3399 pSesInfo = NULL;
3400 srvTcp = NULL;
3401 full_path = NULL;
3402 tlink = NULL;
3403
3404 xid = GetXid();
1da177e4 3405
63c038c2 3406 /* get a reference to a tcp session */
7586b765 3407 srvTcp = cifs_get_tcp_session(volume_info);
63c038c2
JL		 3408 if (IS_ERR(srvTcp)) {
3409 rc = PTR_ERR(srvTcp);
dd854466 3410 bdi_destroy(&cifs_sb->bdi);
63c038c2 3411 goto out;
1da177e4
LT		 3412 }
3413
36988c76
JL		 3414 /* get a reference to a SMB session */
3415 pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
3416 if (IS_ERR(pSesInfo)) {
3417 rc = PTR_ERR(pSesInfo);
3418 pSesInfo = NULL;
3419 goto mount_fail_check;
1da177e4 3420 }
50c2f753 3421
d00c28de
JL		 3422 /* search for existing tcon to this server share */
3423 tcon = cifs_get_tcon(pSesInfo, volume_info);
3424 if (IS_ERR(tcon)) {
3425 rc = PTR_ERR(tcon);
3426 tcon = NULL;
1bfe73c2 3427 goto remote_path_check;
d00c28de 3428 }
1bfe73c2 3429
d82c2df5 3430 /* tell server which Unix caps we support */
6848b733 3431 if (tcon->ses->capabilities & CAP_UNIX) {
d82c2df5
SF		 3432 /* reset of caps checks mount to see if unix extensions
3433 disabled for just this mount */
2c6292ae 3434 reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
6848b733
SF		 3435 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3436 (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3437 CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3438 rc = -EACCES;
3439 goto mount_fail_check;
3440 }
3441 } else
d82c2df5 3442 tcon->unix_ext = 0; /* server does not support them */
c18c842b 3443
6848b733
SF		 3444 /* do not care if following two calls succeed - informational */
3445 if (!tcon->ipc) {
3446 CIFSSMBQFSDeviceInfo(xid, tcon);
3447 CIFSSMBQFSAttributeInfo(xid, tcon);
3448 }
3449
f7910cbd 3450 cifs_sb->wsize = cifs_negotiate_wsize(tcon, volume_info);
5eba8ab3 3451 cifs_sb->rsize = cifs_negotiate_rsize(tcon, volume_info);
f7910cbd 3452
66bfaadc
JL		 3453 /* tune readahead according to rsize */
3454 cifs_sb->bdi.ra_pages = cifs_ra_pages(cifs_sb);
f7910cbd 3455
1bfe73c2 3456remote_path_check:
c1508ca2
SF		 3457#ifdef CONFIG_CIFS_DFS_UPCALL
3458 /*
3459 * Perform an unconditional check for whether there are DFS
3460 * referrals for this path without prefix, to provide support
3461 * for DFS referrals from w2k8 servers which don't seem to respond
3462 * with PATH_NOT_COVERED to requests that include the prefix.
3463 * Chase the referral if found, otherwise continue normally.
3464 */
3465 if (referral_walks_count == 0) {
3466 int refrc = expand_dfs_referral(xid, pSesInfo, volume_info,
046462ab 3467 cifs_sb, false);
c1508ca2
SF		 3468 if (!refrc) {
3469 referral_walks_count++;
3470 goto try_mount_again;
3471 }
3472 }
3473#endif
3474
f87d39d9 3475 /* check if a whole path is not remote */
70945643 3476 if (!rc && tcon) {
e4cce94c 3477 /* build_path_to_root works only when we have a valid tcon */
f87d39d9 3478 full_path = cifs_build_path_to_root(volume_info, cifs_sb, tcon);
e4cce94c
IM		 3479 if (full_path == NULL) {
3480 rc = -ENOMEM;
3481 goto mount_fail_check;
3482 }
3483 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
03ceace5 3484 if (rc != 0 && rc != -EREMOTE) {
e4cce94c
IM		 3485 kfree(full_path);
3486 goto mount_fail_check;
3487 }
3488 kfree(full_path);
3489 }
3490
1bfe73c2
IM		 3491 /* get referral if needed */
3492 if (rc == -EREMOTE) {
d036f50f 3493#ifdef CONFIG_CIFS_DFS_UPCALL
5c2503a8
IM		 3494 if (referral_walks_count > MAX_NESTED_LINKS) {
3495 /*
3496 * BB: when we implement proper loop detection,
3497 * we will remove this check. But now we need it
3498 * to prevent an indefinite loop if 'DFS tree' is
3499 * misconfigured (i.e. has loops).
3500 */
3501 rc = -ELOOP;
3502 goto mount_fail_check;
3503 }
1bfe73c2 3504
dd613945 3505 rc = expand_dfs_referral(xid, pSesInfo, volume_info, cifs_sb,
046462ab 3506 true);
7b91e266 3507
dd613945 3508 if (!rc) {
5c2503a8 3509 referral_walks_count++;
1bfe73c2
IM		 3510 goto try_mount_again;
3511 }
dd613945 3512 goto mount_fail_check;
d036f50f
SF		 3513#else /* No DFS support, return error on mount */
3514 rc = -EOPNOTSUPP;
3515#endif
1bfe73c2
IM		 3516 }
3517
9d002df4
JL		 3518 if (rc)
3519 goto mount_fail_check;
3520
3521 /* now, hang the tcon off of the superblock */
3522 tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3523 if (tlink == NULL) {
3524 rc = -ENOMEM;
3525 goto mount_fail_check;
3526 }
3527
b647c35f 3528 tlink->tl_uid = pSesInfo->linux_uid;
9d002df4
JL		 3529 tlink->tl_tcon = tcon;
3530 tlink->tl_time = jiffies;
3531 set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
3532 set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3533
b647c35f 3534 cifs_sb->master_tlink = tlink;
9d002df4 3535 spin_lock(&cifs_sb->tlink_tree_lock);
b647c35f 3536 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
9d002df4 3537 spin_unlock(&cifs_sb->tlink_tree_lock);
413e661c 3538
2de970ff
JL		 3539 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
3540 TLINK_IDLE_EXPIRE);
3541
1bfe73c2
IM		 3542mount_fail_check:
3543 /* on error free sesinfo and tcon struct if needed */
3544 if (rc) {
1bfe73c2 3545 /* If find_unc succeeded then rc == 0 so we can not end */
25985edc 3546 /* up accidentally freeing someone elses tcon struct */
1bfe73c2
IM		 3547 if (tcon)
3548 cifs_put_tcon(tcon);
3549 else if (pSesInfo)
3550 cifs_put_smb_ses(pSesInfo);
3551 else
3552 cifs_put_tcp_session(srvTcp);
dd854466 3553 bdi_destroy(&cifs_sb->bdi);
1bfe73c2
IM		 3554 }
3555
70fe7dc0 3556out:
1da177e4
LT		 3557 FreeXid(xid);
3558 return rc;
3559}
3560
8d1bca32
JL		 3561/*
3562 * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
3563 * pointer may be NULL.
3564 */
1da177e4 3565int
96daf2b0
SF		 3566CIFSTCon(unsigned int xid, struct cifs_ses *ses,
3567 const char *tree, struct cifs_tcon *tcon,
1da177e4
LT		 3568 const struct nls_table *nls_codepage)
3569{
3570 struct smb_hdr *smb_buffer;
3571 struct smb_hdr *smb_buffer_response;
3572 TCONX_REQ *pSMB;
3573 TCONX_RSP *pSMBr;
3574 unsigned char *bcc_ptr;
3575 int rc = 0;
690c522f
JL		 3576 int length;
3577 __u16 bytes_left, count;
1da177e4
LT		 3578
3579 if (ses == NULL)
3580 return -EIO;
3581
3582 smb_buffer = cifs_buf_get();
ca43e3be 3583 if (smb_buffer == NULL)
1da177e4 3584 return -ENOMEM;
ca43e3be 3585
1da177e4
LT		 3586 smb_buffer_response = smb_buffer;
3587
3588 header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3589 NULL /*no tid */ , 4 /*wct */ );
1982c344
SF		 3590
3591 smb_buffer->Mid = GetNextMid(ses->server);
1da177e4
LT		 3592 smb_buffer->Uid = ses->Suid;
3593 pSMB = (TCONX_REQ *) smb_buffer;
3594 pSMBr = (TCONX_RSP *) smb_buffer_response;
3595
3596 pSMB->AndXCommand = 0xFF;
3597 pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
1da177e4 3598 bcc_ptr = &pSMB->Password[0];
8d1bca32 3599 if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
eeac8047 3600 pSMB->PasswordLength = cpu_to_le16(1); /* minimum */
7c7b25bc 3601 *bcc_ptr = 0; /* password is null byte */
eeac8047 3602 bcc_ptr++; /* skip password */
7c7b25bc 3603 /* already aligned so no need to do it below */
eeac8047 3604 } else {
540b2e37 3605 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
eeac8047
SF		 3606 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3607 specified as required (when that support is added to
3608 the vfs in the future) as only NTLM or the much
7c7b25bc 3609 weaker LANMAN (which we do not send by default) is accepted
eeac8047
SF		 3610 by Samba (not sure whether other servers allow
3611 NTLMv2 password here) */
7c7b25bc 3612#ifdef CONFIG_CIFS_WEAK_PW_HASH
04912d6a 3613 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
00e485b0 3614 (ses->server->secType == LANMAN))
d3ba50b1 3615 calc_lanman_hash(tcon->password, ses->server->cryptkey,
96daf2b0 3616 ses->server->sec_mode &
4e53a3fb
JL		 3617 SECMODE_PW_ENCRYPT ? true : false,
3618 bcc_ptr);
7c7b25bc
SF		 3619 else
3620#endif /* CIFS_WEAK_PW_HASH */
ee2c9258 3621 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
9ef5992e 3622 bcc_ptr, nls_codepage);
eeac8047 3623
540b2e37 3624 bcc_ptr += CIFS_AUTH_RESP_SIZE;
fb8c4b14 3625 if (ses->capabilities & CAP_UNICODE) {
7c7b25bc
SF		 3626 /* must align unicode strings */
3627 *bcc_ptr = 0; /* null byte password */
3628 bcc_ptr++;
3629 }
eeac8047 3630 }
1da177e4 3631
96daf2b0 3632 if (ses->server->sec_mode &
a878fb22 3633 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
1da177e4
LT		 3634 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3635
3636 if (ses->capabilities & CAP_STATUS32) {
3637 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3638 }
3639 if (ses->capabilities & CAP_DFS) {
3640 smb_buffer->Flags2 |= SMBFLG2_DFS;
3641 }
3642 if (ses->capabilities & CAP_UNICODE) {
3643 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3644 length =
acbbb76a 3645 cifs_strtoUTF16((__le16 *) bcc_ptr, tree,
50c2f753 3646 6 /* max utf8 char length in bytes */ *
a878fb22
SF		 3647 (/* server len*/ + 256 /* share len */), nls_codepage);
3648 bcc_ptr += 2 * length; /* convert num 16 bit words to bytes */
1da177e4
LT		 3649 bcc_ptr += 2; /* skip trailing null */
3650 } else { /* ASCII */
1da177e4
LT		 3651 strcpy(bcc_ptr, tree);
3652 bcc_ptr += strlen(tree) + 1;
3653 }
3654 strcpy(bcc_ptr, "?????");
3655 bcc_ptr += strlen("?????");
3656 bcc_ptr += 1;
3657 count = bcc_ptr - &pSMB->Password[0];
be8e3b00
SF		 3658 pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
3659 pSMB->hdr.smb_buf_length) + count);
1da177e4
LT		 3660 pSMB->ByteCount = cpu_to_le16(count);
3661
133672ef 3662 rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
7749981e 3663 0);
1da177e4 3664
1da177e4
LT		 3665 /* above now done in SendReceive */
3666 if ((rc == 0) && (tcon != NULL)) {
0e0d2cf3
SF		 3667 bool is_unicode;
3668
1da177e4 3669 tcon->tidStatus = CifsGood;
3b795210 3670 tcon->need_reconnect = false;
1da177e4
LT		 3671 tcon->tid = smb_buffer_response->Tid;
3672 bcc_ptr = pByteArea(smb_buffer_response);
690c522f 3673 bytes_left = get_bcc(smb_buffer_response);
cc20c031 3674 length = strnlen(bcc_ptr, bytes_left - 2);
0e0d2cf3
SF		 3675 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3676 is_unicode = true;
3677 else
3678 is_unicode = false;
3679
cc20c031 3680
50c2f753 3681 /* skip service field (NB: this field is always ASCII) */
7f8ed420
SF		 3682 if (length == 3) {
3683 if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
3684 (bcc_ptr[2] == 'C')) {
b6b38f70 3685 cFYI(1, "IPC connection");
7f8ed420
SF		 3686 tcon->ipc = 1;
3687 }
3688 } else if (length == 2) {
3689 if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
3690 /* the most common case */
b6b38f70 3691 cFYI(1, "disk share connection");
7f8ed420
SF		 3692 }
3693 }
50c2f753 3694 bcc_ptr += length + 1;
cc20c031 3695 bytes_left -= (length + 1);
1da177e4 3696 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
cc20c031
JL		 3697
3698 /* mostly informational -- no need to fail on error here */
90a98b2f 3699 kfree(tcon->nativeFileSystem);
acbbb76a 3700 tcon->nativeFileSystem = cifs_strndup_from_utf16(bcc_ptr,
0e0d2cf3 3701 bytes_left, is_unicode,
cc20c031
JL		 3702 nls_codepage);
3703
b6b38f70 3704 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
cc20c031 3705
fb8c4b14 3706 if ((smb_buffer_response->WordCount == 3) ||
1a4e15a0
SF		 3707 (smb_buffer_response->WordCount == 7))
3708 /* field is in same location */
3979877e
SF		 3709 tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3710 else
3711 tcon->Flags = 0;
b6b38f70 3712 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
1da177e4 3713 } else if ((rc == 0) && tcon == NULL) {
50c2f753 3714 /* all we need to save for IPC$ connection */
1da177e4
LT		 3715 ses->ipc_tid = smb_buffer_response->Tid;
3716 }
3717
a8a11d39 3718 cifs_buf_release(smb_buffer);
1da177e4
LT		 3719 return rc;
3720}
3721
2a9b9951
AV		 3722void
3723cifs_umount(struct cifs_sb_info *cifs_sb)
1da177e4 3724{
b647c35f
JL		 3725 struct rb_root *root = &cifs_sb->tlink_tree;
3726 struct rb_node *node;
3727 struct tcon_link *tlink;
9d002df4 3728
2de970ff
JL		 3729 cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
3730
b647c35f
JL		 3731 spin_lock(&cifs_sb->tlink_tree_lock);
3732 while ((node = rb_first(root))) {
3733 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3734 cifs_get_tlink(tlink);
3735 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3736 rb_erase(node, root);
1da177e4 3737
b647c35f
JL		 3738 spin_unlock(&cifs_sb->tlink_tree_lock);
3739 cifs_put_tlink(tlink);
3740 spin_lock(&cifs_sb->tlink_tree_lock);
3741 }
3742 spin_unlock(&cifs_sb->tlink_tree_lock);
50c2f753 3743
dd854466 3744 bdi_destroy(&cifs_sb->bdi);
d757d71b
AV		 3745 kfree(cifs_sb->mountdata);
3746 unload_nls(cifs_sb->local_nls);
3747 kfree(cifs_sb);
50c2f753 3748}
1da177e4 3749
96daf2b0 3750int cifs_negotiate_protocol(unsigned int xid, struct cifs_ses *ses)
1da177e4
LT		 3751{
3752 int rc = 0;
198b5682 3753 struct TCP_Server_Info *server = ses->server;
1da177e4 3754
198b5682
JL		 3755 /* only send once per connect */
3756 if (server->maxBuf != 0)
3757 return 0;
3758
3759 rc = CIFSSMBNegotiate(xid, ses);
3760 if (rc == -EAGAIN) {
3761 /* retry only once on 1st time connection */
3762 rc = CIFSSMBNegotiate(xid, ses);
3763 if (rc == -EAGAIN)
3764 rc = -EHOSTDOWN;
1da177e4 3765 }
198b5682
JL		 3766 if (rc == 0) {
3767 spin_lock(&GlobalMid_Lock);
7fdbaa1b 3768 if (server->tcpStatus == CifsNeedNegotiate)
198b5682
JL		 3769 server->tcpStatus = CifsGood;
3770 else
3771 rc = -EHOSTDOWN;
3772 spin_unlock(&GlobalMid_Lock);
26b994fa 3773
198b5682
JL		 3774 }
3775
3776 return rc;
3777}
3778
3779
96daf2b0 3780int cifs_setup_session(unsigned int xid, struct cifs_ses *ses,
198b5682
JL		 3781 struct nls_table *nls_info)
3782{
3783 int rc = 0;
3784 struct TCP_Server_Info *server = ses->server;
26b994fa 3785
198b5682
JL		 3786 ses->flags = 0;
3787 ses->capabilities = server->capabilities;
26b994fa 3788 if (linuxExtEnabled == 0)
198b5682 3789 ses->capabilities &= (~CAP_UNIX);
20418acd 3790
b6b38f70 3791 cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
96daf2b0 3792 server->sec_mode, server->capabilities, server->timeAdj);
cb7691b6 3793
198b5682 3794 rc = CIFS_SessSetup(xid, ses, nls_info);
26b994fa 3795 if (rc) {
b6b38f70 3796 cERROR(1, "Send error in SessSetup = %d", rc);
26b994fa 3797 } else {
5d0d2882
SP		 3798 mutex_lock(&ses->server->srv_mutex);
3799 if (!server->session_estab) {
21e73393 3800 server->session_key.response = ses->auth_key.response;
5d0d2882 3801 server->session_key.len = ses->auth_key.len;
21e73393
SP		 3802 server->sequence_number = 0x2;
3803 server->session_estab = true;
3804 ses->auth_key.response = NULL;
5d0d2882
SP		 3805 }
3806 mutex_unlock(&server->srv_mutex);
3807
b6b38f70 3808 cFYI(1, "CIFS Session Established successfully");
20418acd 3809 spin_lock(&GlobalMid_Lock);
198b5682
JL		 3810 ses->status = CifsGood;
3811 ses->need_reconnect = false;
20418acd 3812 spin_unlock(&GlobalMid_Lock);
1da177e4 3813 }
26b994fa 3814
21e73393
SP		 3815 kfree(ses->auth_key.response);
3816 ses->auth_key.response = NULL;
3817 ses->auth_key.len = 0;
d3686d54
SP		 3818 kfree(ses->ntlmssp);
3819 ses->ntlmssp = NULL;
21e73393 3820
1da177e4
LT		 3821 return rc;
3822}
3823
8a8798a5
JL		 3824static int
3825cifs_set_vol_auth(struct smb_vol *vol, struct cifs_ses *ses)
3826{
3827 switch (ses->server->secType) {
3828 case Kerberos:
3829 vol->secFlg = CIFSSEC_MUST_KRB5;
3830 return 0;
3831 case NTLMv2:
3832 vol->secFlg = CIFSSEC_MUST_NTLMV2;
3833 break;
3834 case NTLM:
3835 vol->secFlg = CIFSSEC_MUST_NTLM;
3836 break;
3837 case RawNTLMSSP:
3838 vol->secFlg = CIFSSEC_MUST_NTLMSSP;
3839 break;
3840 case LANMAN:
3841 vol->secFlg = CIFSSEC_MUST_LANMAN;
3842 break;
3843 }
3844
3845 return cifs_set_cifscreds(vol, ses);
3846}
3847
96daf2b0 3848static struct cifs_tcon *
9d002df4
JL		 3849cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
3850{
8a8798a5 3851 int rc;
96daf2b0
SF		 3852 struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
3853 struct cifs_ses *ses;
3854 struct cifs_tcon *tcon = NULL;
9d002df4 3855 struct smb_vol *vol_info;
9d002df4
JL		 3856
3857 vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
803ab977
DC		 3858 if (vol_info == NULL)
3859 return ERR_PTR(-ENOMEM);
9d002df4 3860
9d002df4
JL		 3861 vol_info->local_nls = cifs_sb->local_nls;
3862 vol_info->linux_uid = fsuid;
3863 vol_info->cred_uid = fsuid;
3864 vol_info->UNC = master_tcon->treeName;
3865 vol_info->retry = master_tcon->retry;
3866 vol_info->nocase = master_tcon->nocase;
3867 vol_info->local_lease = master_tcon->local_lease;
3868 vol_info->no_linux_ext = !master_tcon->unix_ext;
3869
8a8798a5
JL		 3870 rc = cifs_set_vol_auth(vol_info, master_tcon->ses);
3871 if (rc) {
3872 tcon = ERR_PTR(rc);
3873 goto out;
3874 }
9d002df4
JL		 3875
3876 /* get a reference for the same TCP session */
3f9bcca7 3877 spin_lock(&cifs_tcp_ses_lock);
9d002df4 3878 ++master_tcon->ses->server->srv_count;
3f9bcca7 3879 spin_unlock(&cifs_tcp_ses_lock);
9d002df4
JL		 3880
3881 ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
3882 if (IS_ERR(ses)) {
96daf2b0 3883 tcon = (struct cifs_tcon *)ses;
9d002df4
JL		 3884 cifs_put_tcp_session(master_tcon->ses->server);
3885 goto out;
3886 }
3887
3888 tcon = cifs_get_tcon(ses, vol_info);
3889 if (IS_ERR(tcon)) {
3890 cifs_put_smb_ses(ses);
3891 goto out;
3892 }
3893
3894 if (ses->capabilities & CAP_UNIX)
3895 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
3896out:
8a8798a5
JL		 3897 kfree(vol_info->username);
3898 kfree(vol_info->password);
9d002df4
JL		 3899 kfree(vol_info);
3900
3901 return tcon;
3902}
3903
96daf2b0 3904struct cifs_tcon *
9d002df4
JL		 3905cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
3906{
3907 return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
3908}
3909
3910static int
3911cifs_sb_tcon_pending_wait(void *unused)
3912{
3913 schedule();
3914 return signal_pending(current) ? -ERESTARTSYS : 0;
3915}
3916
b647c35f
JL		 3917/* find and return a tlink with given uid */
3918static struct tcon_link *
3919tlink_rb_search(struct rb_root *root, uid_t uid)
3920{
3921 struct rb_node *node = root->rb_node;
3922 struct tcon_link *tlink;
3923
3924 while (node) {
3925 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3926
3927 if (tlink->tl_uid > uid)
3928 node = node->rb_left;
3929 else if (tlink->tl_uid < uid)
3930 node = node->rb_right;
3931 else
3932 return tlink;
3933 }
3934 return NULL;
3935}
3936
3937/* insert a tcon_link into the tree */
3938static void
3939tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
3940{
3941 struct rb_node **new = &(root->rb_node), *parent = NULL;
3942 struct tcon_link *tlink;
3943
3944 while (*new) {
3945 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
3946 parent = *new;
3947
3948 if (tlink->tl_uid > new_tlink->tl_uid)
3949 new = &((*new)->rb_left);
3950 else
3951 new = &((*new)->rb_right);
3952 }
3953
3954 rb_link_node(&new_tlink->tl_rbnode, parent, new);
3955 rb_insert_color(&new_tlink->tl_rbnode, root);
3956}
3957
9d002df4
JL		 3958/*
3959 * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
3960 * current task.
3961 *
3962 * If the superblock doesn't refer to a multiuser mount, then just return
3963 * the master tcon for the mount.
3964 *
6ef933a3 3965 * First, search the rbtree for an existing tcon for this fsuid. If one
9d002df4
JL		 3966 * exists, then check to see if it's pending construction. If it is then wait
3967 * for construction to complete. Once it's no longer pending, check to see if
3968 * it failed and either return an error or retry construction, depending on
3969 * the timeout.
3970 *
3971 * If one doesn't exist then insert a new tcon_link struct into the tree and
3972 * try to construct a new one.
3973 */
3974struct tcon_link *
3975cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
3976{
3977 int ret;
b647c35f 3978 uid_t fsuid = current_fsuid();
9d002df4
JL		 3979 struct tcon_link *tlink, *newtlink;
3980
3981 if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
3982 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
3983
3984 spin_lock(&cifs_sb->tlink_tree_lock);
b647c35f 3985 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
9d002df4
JL		 3986 if (tlink)
3987 cifs_get_tlink(tlink);
3988 spin_unlock(&cifs_sb->tlink_tree_lock);
3989
3990 if (tlink == NULL) {
3991 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
3992 if (newtlink == NULL)
3993 return ERR_PTR(-ENOMEM);
b647c35f 3994 newtlink->tl_uid = fsuid;
9d002df4
JL		 3995 newtlink->tl_tcon = ERR_PTR(-EACCES);
3996 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
3997 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
3998 cifs_get_tlink(newtlink);
3999
9d002df4
JL		 4000 spin_lock(&cifs_sb->tlink_tree_lock);
4001 /* was one inserted after previous search? */
b647c35f 4002 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
9d002df4
JL		 4003 if (tlink) {
4004 cifs_get_tlink(tlink);
4005 spin_unlock(&cifs_sb->tlink_tree_lock);
9d002df4
JL		 4006 kfree(newtlink);
4007 goto wait_for_construction;
4008 }
9d002df4 4009 tlink = newtlink;
b647c35f
JL		 4010 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
4011 spin_unlock(&cifs_sb->tlink_tree_lock);
9d002df4
JL		 4012 } else {
4013wait_for_construction:
4014 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
4015 cifs_sb_tcon_pending_wait,
4016 TASK_INTERRUPTIBLE);
4017 if (ret) {
4018 cifs_put_tlink(tlink);
4019 return ERR_PTR(ret);
4020 }
4021
4022 /* if it's good, return it */
4023 if (!IS_ERR(tlink->tl_tcon))
4024 return tlink;
4025
4026 /* return error if we tried this already recently */
4027 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
4028 cifs_put_tlink(tlink);
4029 return ERR_PTR(-EACCES);
4030 }
4031
4032 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
4033 goto wait_for_construction;
4034 }
4035
4036 tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
4037 clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
4038 wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
4039
4040 if (IS_ERR(tlink->tl_tcon)) {
4041 cifs_put_tlink(tlink);
4042 return ERR_PTR(-EACCES);
4043 }
4044
4045 return tlink;
4046}
2de970ff
JL		 4047
4048/*
4049 * periodic workqueue job that scans tcon_tree for a superblock and closes
4050 * out tcons.
4051 */
4052static void
4053cifs_prune_tlinks(struct work_struct *work)
4054{
4055 struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
4056 prune_tlinks.work);
b647c35f
JL		 4057 struct rb_root *root = &cifs_sb->tlink_tree;
4058 struct rb_node *node = rb_first(root);
4059 struct rb_node *tmp;
4060 struct tcon_link *tlink;
2de970ff 4061
b647c35f
JL		 4062 /*
4063 * Because we drop the spinlock in the loop in order to put the tlink
4064 * it's not guarded against removal of links from the tree. The only
4065 * places that remove entries from the tree are this function and
4066 * umounts. Because this function is non-reentrant and is canceled
4067 * before umount can proceed, this is safe.
4068 */
4069 spin_lock(&cifs_sb->tlink_tree_lock);
4070 node = rb_first(root);
4071 while (node != NULL) {
4072 tmp = node;
4073 node = rb_next(tmp);
4074 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
4075
4076 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
4077 atomic_read(&tlink->tl_count) != 0 ||
4078 time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
4079 continue;
2de970ff 4080
b647c35f
JL		 4081 cifs_get_tlink(tlink);
4082 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
4083 rb_erase(tmp, root);
4084
4085 spin_unlock(&cifs_sb->tlink_tree_lock);
4086 cifs_put_tlink(tlink);
4087 spin_lock(&cifs_sb->tlink_tree_lock);
4088 }
4089 spin_unlock(&cifs_sb->tlink_tree_lock);
2de970ff
JL		 4090
4091 queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
4092 TLINK_IDLE_EXPIRE);
4093}
Linux kernel - Deliverables
This page took 0.852711 seconds and 5 git commands to generate.