Merge tag '4.3-rc-smb3-fixes' of git://git.samba.org/sfrench/cifs-2.6
[sfrench/cifs-2.6.git] / fs / cifs / connect.c
1 /*
2  *   fs/cifs/connect.c
3  *
4  *   Copyright (C) International Business Machines  Corp., 2002,2011
5  *   Author(s): Steve French (sfrench@us.ibm.com)
6  *
7  *   This library is free software; you can redistribute it and/or modify
8  *   it under the terms of the GNU Lesser General Public License as published
9  *   by the Free Software Foundation; either version 2.1 of the License, or
10  *   (at your option) any later version.
11  *
12  *   This library is distributed in the hope that it will be useful,
13  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
14  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
15  *   the GNU Lesser General Public License for more details.
16  *
17  *   You should have received a copy of the GNU Lesser General Public License
18  *   along with this library; if not, write to the Free Software
19  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20  */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/sched/signal.h>
25 #include <linux/list.h>
26 #include <linux/wait.h>
27 #include <linux/slab.h>
28 #include <linux/pagemap.h>
29 #include <linux/ctype.h>
30 #include <linux/utsname.h>
31 #include <linux/mempool.h>
32 #include <linux/delay.h>
33 #include <linux/completion.h>
34 #include <linux/kthread.h>
35 #include <linux/pagevec.h>
36 #include <linux/freezer.h>
37 #include <linux/namei.h>
38 #include <linux/uuid.h>
39 #include <linux/uaccess.h>
40 #include <asm/processor.h>
41 #include <linux/inet.h>
42 #include <linux/module.h>
43 #include <keys/user-type.h>
44 #include <net/ipv6.h>
45 #include <linux/parser.h>
46 #include <linux/bvec.h>
47 #include "cifspdu.h"
48 #include "cifsglob.h"
49 #include "cifsproto.h"
50 #include "cifs_unicode.h"
51 #include "cifs_debug.h"
52 #include "cifs_fs_sb.h"
53 #include "ntlmssp.h"
54 #include "nterr.h"
55 #include "rfc1002pdu.h"
56 #include "fscache.h"
57 #include "smb2proto.h"
58 #include "smbdirect.h"
59 #include "dns_resolve.h"
60 #include "cifsfs.h"
61 #ifdef CONFIG_CIFS_DFS_UPCALL
62 #include "dfs_cache.h"
63 #endif
64
65 extern mempool_t *cifs_req_poolp;
66 extern bool disable_legacy_dialects;
67
68 /* FIXME: should these be tunable? */
69 #define TLINK_ERROR_EXPIRE      (1 * HZ)
70 #define TLINK_IDLE_EXPIRE       (600 * HZ)
71
72 enum {
73         /* Mount options that take no arguments */
74         Opt_user_xattr, Opt_nouser_xattr,
75         Opt_forceuid, Opt_noforceuid,
76         Opt_forcegid, Opt_noforcegid,
77         Opt_noblocksend, Opt_noautotune,
78         Opt_hard, Opt_soft, Opt_perm, Opt_noperm,
79         Opt_mapposix, Opt_nomapposix,
80         Opt_mapchars, Opt_nomapchars, Opt_sfu,
81         Opt_nosfu, Opt_nodfs, Opt_posixpaths,
82         Opt_noposixpaths, Opt_nounix, Opt_unix,
83         Opt_nocase,
84         Opt_brl, Opt_nobrl,
85         Opt_handlecache, Opt_nohandlecache,
86         Opt_forcemandatorylock, Opt_setuidfromacl, Opt_setuids,
87         Opt_nosetuids, Opt_dynperm, Opt_nodynperm,
88         Opt_nohard, Opt_nosoft,
89         Opt_nointr, Opt_intr,
90         Opt_nostrictsync, Opt_strictsync,
91         Opt_serverino, Opt_noserverino,
92         Opt_rwpidforward, Opt_cifsacl, Opt_nocifsacl,
93         Opt_acl, Opt_noacl, Opt_locallease,
94         Opt_sign, Opt_seal, Opt_noac,
95         Opt_fsc, Opt_mfsymlinks,
96         Opt_multiuser, Opt_sloppy, Opt_nosharesock,
97         Opt_persistent, Opt_nopersistent,
98         Opt_resilient, Opt_noresilient,
99         Opt_domainauto, Opt_rdma, Opt_modesid,
100         Opt_compress,
101
102         /* Mount options which take numeric value */
103         Opt_backupuid, Opt_backupgid, Opt_uid,
104         Opt_cruid, Opt_gid, Opt_file_mode,
105         Opt_dirmode, Opt_port,
106         Opt_blocksize, Opt_rsize, Opt_wsize, Opt_actimeo,
107         Opt_echo_interval, Opt_max_credits, Opt_handletimeout,
108         Opt_snapshot,
109
110         /* Mount options which take string value */
111         Opt_user, Opt_pass, Opt_ip,
112         Opt_domain, Opt_srcaddr, Opt_iocharset,
113         Opt_netbiosname, Opt_servern,
114         Opt_ver, Opt_vers, Opt_sec, Opt_cache,
115
116         /* Mount options to be ignored */
117         Opt_ignore,
118
119         /* Options which could be blank */
120         Opt_blank_pass,
121         Opt_blank_user,
122         Opt_blank_ip,
123
124         Opt_err
125 };
126
127 static const match_table_t cifs_mount_option_tokens = {
128
129         { Opt_user_xattr, "user_xattr" },
130         { Opt_nouser_xattr, "nouser_xattr" },
131         { Opt_forceuid, "forceuid" },
132         { Opt_noforceuid, "noforceuid" },
133         { Opt_forcegid, "forcegid" },
134         { Opt_noforcegid, "noforcegid" },
135         { Opt_noblocksend, "noblocksend" },
136         { Opt_noautotune, "noautotune" },
137         { Opt_hard, "hard" },
138         { Opt_soft, "soft" },
139         { Opt_perm, "perm" },
140         { Opt_noperm, "noperm" },
141         { Opt_mapchars, "mapchars" }, /* SFU style */
142         { Opt_nomapchars, "nomapchars" },
143         { Opt_mapposix, "mapposix" }, /* SFM style */
144         { Opt_nomapposix, "nomapposix" },
145         { Opt_sfu, "sfu" },
146         { Opt_nosfu, "nosfu" },
147         { Opt_nodfs, "nodfs" },
148         { Opt_posixpaths, "posixpaths" },
149         { Opt_noposixpaths, "noposixpaths" },
150         { Opt_nounix, "nounix" },
151         { Opt_nounix, "nolinux" },
152         { Opt_nounix, "noposix" },
153         { Opt_unix, "unix" },
154         { Opt_unix, "linux" },
155         { Opt_unix, "posix" },
156         { Opt_nocase, "nocase" },
157         { Opt_nocase, "ignorecase" },
158         { Opt_brl, "brl" },
159         { Opt_nobrl, "nobrl" },
160         { Opt_handlecache, "handlecache" },
161         { Opt_nohandlecache, "nohandlecache" },
162         { Opt_nobrl, "nolock" },
163         { Opt_forcemandatorylock, "forcemandatorylock" },
164         { Opt_forcemandatorylock, "forcemand" },
165         { Opt_setuids, "setuids" },
166         { Opt_nosetuids, "nosetuids" },
167         { Opt_setuidfromacl, "idsfromsid" },
168         { Opt_dynperm, "dynperm" },
169         { Opt_nodynperm, "nodynperm" },
170         { Opt_nohard, "nohard" },
171         { Opt_nosoft, "nosoft" },
172         { Opt_nointr, "nointr" },
173         { Opt_intr, "intr" },
174         { Opt_nostrictsync, "nostrictsync" },
175         { Opt_strictsync, "strictsync" },
176         { Opt_serverino, "serverino" },
177         { Opt_noserverino, "noserverino" },
178         { Opt_rwpidforward, "rwpidforward" },
179         { Opt_modesid, "modefromsid" },
180         { Opt_cifsacl, "cifsacl" },
181         { Opt_nocifsacl, "nocifsacl" },
182         { Opt_acl, "acl" },
183         { Opt_noacl, "noacl" },
184         { Opt_locallease, "locallease" },
185         { Opt_sign, "sign" },
186         { Opt_seal, "seal" },
187         { Opt_noac, "noac" },
188         { Opt_fsc, "fsc" },
189         { Opt_mfsymlinks, "mfsymlinks" },
190         { Opt_multiuser, "multiuser" },
191         { Opt_sloppy, "sloppy" },
192         { Opt_nosharesock, "nosharesock" },
193         { Opt_persistent, "persistenthandles"},
194         { Opt_nopersistent, "nopersistenthandles"},
195         { Opt_resilient, "resilienthandles"},
196         { Opt_noresilient, "noresilienthandles"},
197         { Opt_domainauto, "domainauto"},
198         { Opt_rdma, "rdma"},
199
200         { Opt_backupuid, "backupuid=%s" },
201         { Opt_backupgid, "backupgid=%s" },
202         { Opt_uid, "uid=%s" },
203         { Opt_cruid, "cruid=%s" },
204         { Opt_gid, "gid=%s" },
205         { Opt_file_mode, "file_mode=%s" },
206         { Opt_dirmode, "dirmode=%s" },
207         { Opt_dirmode, "dir_mode=%s" },
208         { Opt_port, "port=%s" },
209         { Opt_blocksize, "bsize=%s" },
210         { Opt_rsize, "rsize=%s" },
211         { Opt_wsize, "wsize=%s" },
212         { Opt_actimeo, "actimeo=%s" },
213         { Opt_handletimeout, "handletimeout=%s" },
214         { Opt_echo_interval, "echo_interval=%s" },
215         { Opt_max_credits, "max_credits=%s" },
216         { Opt_snapshot, "snapshot=%s" },
217         { Opt_compress, "compress=%s" },
218
219         { Opt_blank_user, "user=" },
220         { Opt_blank_user, "username=" },
221         { Opt_user, "user=%s" },
222         { Opt_user, "username=%s" },
223         { Opt_blank_pass, "pass=" },
224         { Opt_blank_pass, "password=" },
225         { Opt_pass, "pass=%s" },
226         { Opt_pass, "password=%s" },
227         { Opt_blank_ip, "ip=" },
228         { Opt_blank_ip, "addr=" },
229         { Opt_ip, "ip=%s" },
230         { Opt_ip, "addr=%s" },
231         { Opt_ignore, "unc=%s" },
232         { Opt_ignore, "target=%s" },
233         { Opt_ignore, "path=%s" },
234         { Opt_domain, "dom=%s" },
235         { Opt_domain, "domain=%s" },
236         { Opt_domain, "workgroup=%s" },
237         { Opt_srcaddr, "srcaddr=%s" },
238         { Opt_ignore, "prefixpath=%s" },
239         { Opt_iocharset, "iocharset=%s" },
240         { Opt_netbiosname, "netbiosname=%s" },
241         { Opt_servern, "servern=%s" },
242         { Opt_ver, "ver=%s" },
243         { Opt_vers, "vers=%s" },
244         { Opt_sec, "sec=%s" },
245         { Opt_cache, "cache=%s" },
246
247         { Opt_ignore, "cred" },
248         { Opt_ignore, "credentials" },
249         { Opt_ignore, "cred=%s" },
250         { Opt_ignore, "credentials=%s" },
251         { Opt_ignore, "guest" },
252         { Opt_ignore, "rw" },
253         { Opt_ignore, "ro" },
254         { Opt_ignore, "suid" },
255         { Opt_ignore, "nosuid" },
256         { Opt_ignore, "exec" },
257         { Opt_ignore, "noexec" },
258         { Opt_ignore, "nodev" },
259         { Opt_ignore, "noauto" },
260         { Opt_ignore, "dev" },
261         { Opt_ignore, "mand" },
262         { Opt_ignore, "nomand" },
263         { Opt_ignore, "relatime" },
264         { Opt_ignore, "_netdev" },
265
266         { Opt_err, NULL }
267 };
268
269 enum {
270         Opt_sec_krb5, Opt_sec_krb5i, Opt_sec_krb5p,
271         Opt_sec_ntlmsspi, Opt_sec_ntlmssp,
272         Opt_ntlm, Opt_sec_ntlmi, Opt_sec_ntlmv2,
273         Opt_sec_ntlmv2i, Opt_sec_lanman,
274         Opt_sec_none,
275
276         Opt_sec_err
277 };
278
279 static const match_table_t cifs_secflavor_tokens = {
280         { Opt_sec_krb5, "krb5" },
281         { Opt_sec_krb5i, "krb5i" },
282         { Opt_sec_krb5p, "krb5p" },
283         { Opt_sec_ntlmsspi, "ntlmsspi" },
284         { Opt_sec_ntlmssp, "ntlmssp" },
285         { Opt_ntlm, "ntlm" },
286         { Opt_sec_ntlmi, "ntlmi" },
287         { Opt_sec_ntlmv2, "nontlm" },
288         { Opt_sec_ntlmv2, "ntlmv2" },
289         { Opt_sec_ntlmv2i, "ntlmv2i" },
290         { Opt_sec_lanman, "lanman" },
291         { Opt_sec_none, "none" },
292
293         { Opt_sec_err, NULL }
294 };
295
296 /* cache flavors */
297 enum {
298         Opt_cache_loose,
299         Opt_cache_strict,
300         Opt_cache_none,
301         Opt_cache_err
302 };
303
304 static const match_table_t cifs_cacheflavor_tokens = {
305         { Opt_cache_loose, "loose" },
306         { Opt_cache_strict, "strict" },
307         { Opt_cache_none, "none" },
308         { Opt_cache_err, NULL }
309 };
310
311 static const match_table_t cifs_smb_version_tokens = {
312         { Smb_1, SMB1_VERSION_STRING },
313         { Smb_20, SMB20_VERSION_STRING},
314         { Smb_21, SMB21_VERSION_STRING },
315         { Smb_30, SMB30_VERSION_STRING },
316         { Smb_302, SMB302_VERSION_STRING },
317         { Smb_302, ALT_SMB302_VERSION_STRING },
318         { Smb_311, SMB311_VERSION_STRING },
319         { Smb_311, ALT_SMB311_VERSION_STRING },
320         { Smb_3any, SMB3ANY_VERSION_STRING },
321         { Smb_default, SMBDEFAULT_VERSION_STRING },
322         { Smb_version_err, NULL }
323 };
324
325 static int ip_connect(struct TCP_Server_Info *server);
326 static int generic_ip_connect(struct TCP_Server_Info *server);
327 static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
328 static void cifs_prune_tlinks(struct work_struct *work);
329 static char *extract_hostname(const char *unc);
330
331 /*
332  * Resolve hostname and set ip addr in tcp ses. Useful for hostnames that may
333  * get their ip addresses changed at some point.
334  *
335  * This should be called with server->srv_mutex held.
336  */
337 #ifdef CONFIG_CIFS_DFS_UPCALL
338 static int reconn_set_ipaddr(struct TCP_Server_Info *server)
339 {
340         int rc;
341         int len;
342         char *unc, *ipaddr = NULL;
343
344         if (!server->hostname)
345                 return -EINVAL;
346
347         len = strlen(server->hostname) + 3;
348
349         unc = kmalloc(len, GFP_KERNEL);
350         if (!unc) {
351                 cifs_dbg(FYI, "%s: failed to create UNC path\n", __func__);
352                 return -ENOMEM;
353         }
354         scnprintf(unc, len, "\\\\%s", server->hostname);
355
356         rc = dns_resolve_server_name_to_ip(unc, &ipaddr);
357         kfree(unc);
358
359         if (rc < 0) {
360                 cifs_dbg(FYI, "%s: failed to resolve server part of %s to IP: %d\n",
361                          __func__, server->hostname, rc);
362                 return rc;
363         }
364
365         rc = cifs_convert_address((struct sockaddr *)&server->dstaddr, ipaddr,
366                                   strlen(ipaddr));
367         kfree(ipaddr);
368
369         return !rc ? -1 : 0;
370 }
371 #else
372 static inline int reconn_set_ipaddr(struct TCP_Server_Info *server)
373 {
374         return 0;
375 }
376 #endif
377
378 #ifdef CONFIG_CIFS_DFS_UPCALL
379 struct super_cb_data {
380         struct TCP_Server_Info *server;
381         struct cifs_sb_info *cifs_sb;
382 };
383
384 /* These functions must be called with server->srv_mutex held */
385
386 static void super_cb(struct super_block *sb, void *arg)
387 {
388         struct super_cb_data *d = arg;
389         struct cifs_sb_info *cifs_sb;
390         struct cifs_tcon *tcon;
391
392         if (d->cifs_sb)
393                 return;
394
395         cifs_sb = CIFS_SB(sb);
396         tcon = cifs_sb_master_tcon(cifs_sb);
397         if (tcon->ses->server == d->server)
398                 d->cifs_sb = cifs_sb;
399 }
400
401 static inline struct cifs_sb_info *
402 find_super_by_tcp(struct TCP_Server_Info *server)
403 {
404         struct super_cb_data d = {
405                 .server = server,
406                 .cifs_sb = NULL,
407         };
408
409         iterate_supers_type(&cifs_fs_type, super_cb, &d);
410         return d.cifs_sb ? d.cifs_sb : ERR_PTR(-ENOENT);
411 }
412
413 static void reconn_inval_dfs_target(struct TCP_Server_Info *server,
414                                     struct cifs_sb_info *cifs_sb,
415                                     struct dfs_cache_tgt_list *tgt_list,
416                                     struct dfs_cache_tgt_iterator **tgt_it)
417 {
418         const char *name;
419
420         if (!cifs_sb || !cifs_sb->origin_fullpath || !tgt_list ||
421             !server->nr_targets)
422                 return;
423
424         if (!*tgt_it) {
425                 *tgt_it = dfs_cache_get_tgt_iterator(tgt_list);
426         } else {
427                 *tgt_it = dfs_cache_get_next_tgt(tgt_list, *tgt_it);
428                 if (!*tgt_it)
429                         *tgt_it = dfs_cache_get_tgt_iterator(tgt_list);
430         }
431
432         cifs_dbg(FYI, "%s: UNC: %s\n", __func__, cifs_sb->origin_fullpath);
433
434         name = dfs_cache_get_tgt_name(*tgt_it);
435
436         kfree(server->hostname);
437
438         server->hostname = extract_hostname(name);
439         if (IS_ERR(server->hostname)) {
440                 cifs_dbg(FYI,
441                          "%s: failed to extract hostname from target: %ld\n",
442                          __func__, PTR_ERR(server->hostname));
443         }
444 }
445
446 static inline int reconn_setup_dfs_targets(struct cifs_sb_info *cifs_sb,
447                                            struct dfs_cache_tgt_list *tl,
448                                            struct dfs_cache_tgt_iterator **it)
449 {
450         if (!cifs_sb->origin_fullpath)
451                 return -EOPNOTSUPP;
452         return dfs_cache_noreq_find(cifs_sb->origin_fullpath + 1, NULL, tl);
453 }
454 #endif
455
456 /*
457  * cifs tcp session reconnection
458  *
459  * mark tcp session as reconnecting so temporarily locked
460  * mark all smb sessions as reconnecting for tcp session
461  * reconnect tcp session
462  * wake up waiters on reconnection? - (not needed currently)
463  */
464 int
465 cifs_reconnect(struct TCP_Server_Info *server)
466 {
467         int rc = 0;
468         struct list_head *tmp, *tmp2;
469         struct cifs_ses *ses;
470         struct cifs_tcon *tcon;
471         struct mid_q_entry *mid_entry;
472         struct list_head retry_list;
473 #ifdef CONFIG_CIFS_DFS_UPCALL
474         struct cifs_sb_info *cifs_sb = NULL;
475         struct dfs_cache_tgt_list tgt_list = {0};
476         struct dfs_cache_tgt_iterator *tgt_it = NULL;
477 #endif
478
479         spin_lock(&GlobalMid_Lock);
480         server->nr_targets = 1;
481 #ifdef CONFIG_CIFS_DFS_UPCALL
482         spin_unlock(&GlobalMid_Lock);
483         cifs_sb = find_super_by_tcp(server);
484         if (IS_ERR(cifs_sb)) {
485                 rc = PTR_ERR(cifs_sb);
486                 cifs_dbg(FYI, "%s: will not do DFS failover: rc = %d\n",
487                          __func__, rc);
488                 cifs_sb = NULL;
489         } else {
490                 rc = reconn_setup_dfs_targets(cifs_sb, &tgt_list, &tgt_it);
491                 if (rc && (rc != -EOPNOTSUPP)) {
492                         cifs_dbg(VFS, "%s: no target servers for DFS failover\n",
493                                  __func__);
494                 } else {
495                         server->nr_targets = dfs_cache_get_nr_tgts(&tgt_list);
496                 }
497         }
498         cifs_dbg(FYI, "%s: will retry %d target(s)\n", __func__,
499                  server->nr_targets);
500         spin_lock(&GlobalMid_Lock);
501 #endif
502         if (server->tcpStatus == CifsExiting) {
503                 /* the demux thread will exit normally
504                 next time through the loop */
505                 spin_unlock(&GlobalMid_Lock);
506                 return rc;
507         } else
508                 server->tcpStatus = CifsNeedReconnect;
509         spin_unlock(&GlobalMid_Lock);
510         server->maxBuf = 0;
511         server->max_read = 0;
512
513         cifs_dbg(FYI, "Mark tcp session as need reconnect\n");
514         trace_smb3_reconnect(server->CurrentMid, server->hostname);
515
516         /* before reconnecting the tcp session, mark the smb session (uid)
517                 and the tid bad so they are not used until reconnected */
518         cifs_dbg(FYI, "%s: marking sessions and tcons for reconnect\n",
519                  __func__);
520         spin_lock(&cifs_tcp_ses_lock);
521         list_for_each(tmp, &server->smb_ses_list) {
522                 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
523                 ses->need_reconnect = true;
524                 list_for_each(tmp2, &ses->tcon_list) {
525                         tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
526                         tcon->need_reconnect = true;
527                 }
528                 if (ses->tcon_ipc)
529                         ses->tcon_ipc->need_reconnect = true;
530         }
531         spin_unlock(&cifs_tcp_ses_lock);
532
533         /* do not want to be sending data on a socket we are freeing */
534         cifs_dbg(FYI, "%s: tearing down socket\n", __func__);
535         mutex_lock(&server->srv_mutex);
536         if (server->ssocket) {
537                 cifs_dbg(FYI, "State: 0x%x Flags: 0x%lx\n",
538                          server->ssocket->state, server->ssocket->flags);
539                 kernel_sock_shutdown(server->ssocket, SHUT_WR);
540                 cifs_dbg(FYI, "Post shutdown state: 0x%x Flags: 0x%lx\n",
541                          server->ssocket->state, server->ssocket->flags);
542                 sock_release(server->ssocket);
543                 server->ssocket = NULL;
544         }
545         server->sequence_number = 0;
546         server->session_estab = false;
547         kfree(server->session_key.response);
548         server->session_key.response = NULL;
549         server->session_key.len = 0;
550         server->lstrp = jiffies;
551
552         /* mark submitted MIDs for retry and issue callback */
553         INIT_LIST_HEAD(&retry_list);
554         cifs_dbg(FYI, "%s: moving mids to private list\n", __func__);
555         spin_lock(&GlobalMid_Lock);
556         list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
557                 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
558                 if (mid_entry->mid_state == MID_REQUEST_SUBMITTED)
559                         mid_entry->mid_state = MID_RETRY_NEEDED;
560                 list_move(&mid_entry->qhead, &retry_list);
561         }
562         spin_unlock(&GlobalMid_Lock);
563         mutex_unlock(&server->srv_mutex);
564
565         cifs_dbg(FYI, "%s: issuing mid callbacks\n", __func__);
566         list_for_each_safe(tmp, tmp2, &retry_list) {
567                 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
568                 list_del_init(&mid_entry->qhead);
569                 mid_entry->callback(mid_entry);
570         }
571
572         if (cifs_rdma_enabled(server)) {
573                 mutex_lock(&server->srv_mutex);
574                 smbd_destroy(server);
575                 mutex_unlock(&server->srv_mutex);
576         }
577
578         do {
579                 try_to_freeze();
580
581                 mutex_lock(&server->srv_mutex);
582                 /*
583                  * Set up next DFS target server (if any) for reconnect. If DFS
584                  * feature is disabled, then we will retry last server we
585                  * connected to before.
586                  */
587                 if (cifs_rdma_enabled(server))
588                         rc = smbd_reconnect(server);
589                 else
590                         rc = generic_ip_connect(server);
591                 if (rc) {
592                         cifs_dbg(FYI, "reconnect error %d\n", rc);
593 #ifdef CONFIG_CIFS_DFS_UPCALL
594                         reconn_inval_dfs_target(server, cifs_sb, &tgt_list,
595                                                 &tgt_it);
596 #endif
597                         rc = reconn_set_ipaddr(server);
598                         if (rc) {
599                                 cifs_dbg(FYI, "%s: failed to resolve hostname: %d\n",
600                                          __func__, rc);
601                         }
602                         mutex_unlock(&server->srv_mutex);
603                         msleep(3000);
604                 } else {
605                         atomic_inc(&tcpSesReconnectCount);
606                         set_credits(server, 1);
607                         spin_lock(&GlobalMid_Lock);
608                         if (server->tcpStatus != CifsExiting)
609                                 server->tcpStatus = CifsNeedNegotiate;
610                         spin_unlock(&GlobalMid_Lock);
611                         mutex_unlock(&server->srv_mutex);
612                 }
613         } while (server->tcpStatus == CifsNeedReconnect);
614
615 #ifdef CONFIG_CIFS_DFS_UPCALL
616         if (tgt_it) {
617                 rc = dfs_cache_noreq_update_tgthint(cifs_sb->origin_fullpath + 1,
618                                                     tgt_it);
619                 if (rc) {
620                         cifs_dbg(VFS, "%s: failed to update DFS target hint: rc = %d\n",
621                                  __func__, rc);
622                 }
623                 rc = dfs_cache_update_vol(cifs_sb->origin_fullpath, server);
624                 if (rc) {
625                         cifs_dbg(VFS, "%s: failed to update vol info in DFS cache: rc = %d\n",
626                                  __func__, rc);
627                 }
628                 dfs_cache_free_tgts(&tgt_list);
629         }
630 #endif
631         if (server->tcpStatus == CifsNeedNegotiate)
632                 mod_delayed_work(cifsiod_wq, &server->echo, 0);
633
634         return rc;
635 }
636
637 static void
638 cifs_echo_request(struct work_struct *work)
639 {
640         int rc;
641         struct TCP_Server_Info *server = container_of(work,
642                                         struct TCP_Server_Info, echo.work);
643         unsigned long echo_interval;
644
645         /*
646          * If we need to renegotiate, set echo interval to zero to
647          * immediately call echo service where we can renegotiate.
648          */
649         if (server->tcpStatus == CifsNeedNegotiate)
650                 echo_interval = 0;
651         else
652                 echo_interval = server->echo_interval;
653
654         /*
655          * We cannot send an echo if it is disabled.
656          * Also, no need to ping if we got a response recently.
657          */
658
659         if (server->tcpStatus == CifsNeedReconnect ||
660             server->tcpStatus == CifsExiting ||
661             server->tcpStatus == CifsNew ||
662             (server->ops->can_echo && !server->ops->can_echo(server)) ||
663             time_before(jiffies, server->lstrp + echo_interval - HZ))
664                 goto requeue_echo;
665
666         rc = server->ops->echo ? server->ops->echo(server) : -ENOSYS;
667         if (rc)
668                 cifs_dbg(FYI, "Unable to send echo request to server: %s\n",
669                          server->hostname);
670
671 requeue_echo:
672         queue_delayed_work(cifsiod_wq, &server->echo, server->echo_interval);
673 }
674
675 static bool
676 allocate_buffers(struct TCP_Server_Info *server)
677 {
678         if (!server->bigbuf) {
679                 server->bigbuf = (char *)cifs_buf_get();
680                 if (!server->bigbuf) {
681                         cifs_dbg(VFS, "No memory for large SMB response\n");
682                         msleep(3000);
683                         /* retry will check if exiting */
684                         return false;
685                 }
686         } else if (server->large_buf) {
687                 /* we are reusing a dirty large buf, clear its start */
688                 memset(server->bigbuf, 0, HEADER_SIZE(server));
689         }
690
691         if (!server->smallbuf) {
692                 server->smallbuf = (char *)cifs_small_buf_get();
693                 if (!server->smallbuf) {
694                         cifs_dbg(VFS, "No memory for SMB response\n");
695                         msleep(1000);
696                         /* retry will check if exiting */
697                         return false;
698                 }
699                 /* beginning of smb buffer is cleared in our buf_get */
700         } else {
701                 /* if existing small buf clear beginning */
702                 memset(server->smallbuf, 0, HEADER_SIZE(server));
703         }
704
705         return true;
706 }
707
708 static bool
709 server_unresponsive(struct TCP_Server_Info *server)
710 {
711         /*
712          * We need to wait 3 echo intervals to make sure we handle such
713          * situations right:
714          * 1s  client sends a normal SMB request
715          * 3s  client gets a response
716          * 30s echo workqueue job pops, and decides we got a response recently
717          *     and don't need to send another
718          * ...
719          * 65s kernel_recvmsg times out, and we see that we haven't gotten
720          *     a response in >60s.
721          */
722         if ((server->tcpStatus == CifsGood ||
723             server->tcpStatus == CifsNeedNegotiate) &&
724             time_after(jiffies, server->lstrp + 3 * server->echo_interval)) {
725                 cifs_dbg(VFS, "Server %s has not responded in %lu seconds. Reconnecting...\n",
726                          server->hostname, (3 * server->echo_interval) / HZ);
727                 cifs_reconnect(server);
728                 wake_up(&server->response_q);
729                 return true;
730         }
731
732         return false;
733 }
734
735 static inline bool
736 zero_credits(struct TCP_Server_Info *server)
737 {
738         int val;
739
740         spin_lock(&server->req_lock);
741         val = server->credits + server->echo_credits + server->oplock_credits;
742         if (server->in_flight == 0 && val == 0) {
743                 spin_unlock(&server->req_lock);
744                 return true;
745         }
746         spin_unlock(&server->req_lock);
747         return false;
748 }
749
750 static int
751 cifs_readv_from_socket(struct TCP_Server_Info *server, struct msghdr *smb_msg)
752 {
753         int length = 0;
754         int total_read;
755
756         smb_msg->msg_control = NULL;
757         smb_msg->msg_controllen = 0;
758
759         for (total_read = 0; msg_data_left(smb_msg); total_read += length) {
760                 try_to_freeze();
761
762                 /* reconnect if no credits and no requests in flight */
763                 if (zero_credits(server)) {
764                         cifs_reconnect(server);
765                         return -ECONNABORTED;
766                 }
767
768                 if (server_unresponsive(server))
769                         return -ECONNABORTED;
770                 if (cifs_rdma_enabled(server) && server->smbd_conn)
771                         length = smbd_recv(server->smbd_conn, smb_msg);
772                 else
773                         length = sock_recvmsg(server->ssocket, smb_msg, 0);
774
775                 if (server->tcpStatus == CifsExiting)
776                         return -ESHUTDOWN;
777
778                 if (server->tcpStatus == CifsNeedReconnect) {
779                         cifs_reconnect(server);
780                         return -ECONNABORTED;
781                 }
782
783                 if (length == -ERESTARTSYS ||
784                     length == -EAGAIN ||
785                     length == -EINTR) {
786                         /*
787                          * Minimum sleep to prevent looping, allowing socket
788                          * to clear and app threads to set tcpStatus
789                          * CifsNeedReconnect if server hung.
790                          */
791                         usleep_range(1000, 2000);
792                         length = 0;
793                         continue;
794                 }
795
796                 if (length <= 0) {
797                         cifs_dbg(FYI, "Received no data or error: %d\n", length);
798                         cifs_reconnect(server);
799                         return -ECONNABORTED;
800                 }
801         }
802         return total_read;
803 }
804
805 int
806 cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
807                       unsigned int to_read)
808 {
809         struct msghdr smb_msg;
810         struct kvec iov = {.iov_base = buf, .iov_len = to_read};
811         iov_iter_kvec(&smb_msg.msg_iter, READ, &iov, 1, to_read);
812
813         return cifs_readv_from_socket(server, &smb_msg);
814 }
815
816 int
817 cifs_read_page_from_socket(struct TCP_Server_Info *server, struct page *page,
818         unsigned int page_offset, unsigned int to_read)
819 {
820         struct msghdr smb_msg;
821         struct bio_vec bv = {
822                 .bv_page = page, .bv_len = to_read, .bv_offset = page_offset};
823         iov_iter_bvec(&smb_msg.msg_iter, READ, &bv, 1, to_read);
824         return cifs_readv_from_socket(server, &smb_msg);
825 }
826
827 static bool
828 is_smb_response(struct TCP_Server_Info *server, unsigned char type)
829 {
830         /*
831          * The first byte big endian of the length field,
832          * is actually not part of the length but the type
833          * with the most common, zero, as regular data.
834          */
835         switch (type) {
836         case RFC1002_SESSION_MESSAGE:
837                 /* Regular SMB response */
838                 return true;
839         case RFC1002_SESSION_KEEP_ALIVE:
840                 cifs_dbg(FYI, "RFC 1002 session keep alive\n");
841                 break;
842         case RFC1002_POSITIVE_SESSION_RESPONSE:
843                 cifs_dbg(FYI, "RFC 1002 positive session response\n");
844                 break;
845         case RFC1002_NEGATIVE_SESSION_RESPONSE:
846                 /*
847                  * We get this from Windows 98 instead of an error on
848                  * SMB negprot response.
849                  */
850                 cifs_dbg(FYI, "RFC 1002 negative session response\n");
851                 /* give server a second to clean up */
852                 msleep(1000);
853                 /*
854                  * Always try 445 first on reconnect since we get NACK
855                  * on some if we ever connected to port 139 (the NACK
856                  * is since we do not begin with RFC1001 session
857                  * initialize frame).
858                  */
859                 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
860                 cifs_reconnect(server);
861                 wake_up(&server->response_q);
862                 break;
863         default:
864                 cifs_dbg(VFS, "RFC 1002 unknown response type 0x%x\n", type);
865                 cifs_reconnect(server);
866         }
867
868         return false;
869 }
870
871 void
872 dequeue_mid(struct mid_q_entry *mid, bool malformed)
873 {
874 #ifdef CONFIG_CIFS_STATS2
875         mid->when_received = jiffies;
876 #endif
877         spin_lock(&GlobalMid_Lock);
878         if (!malformed)
879                 mid->mid_state = MID_RESPONSE_RECEIVED;
880         else
881                 mid->mid_state = MID_RESPONSE_MALFORMED;
882         /*
883          * Trying to handle/dequeue a mid after the send_recv()
884          * function has finished processing it is a bug.
885          */
886         if (mid->mid_flags & MID_DELETED)
887                 printk_once(KERN_WARNING
888                             "trying to dequeue a deleted mid\n");
889         else
890                 list_del_init(&mid->qhead);
891         spin_unlock(&GlobalMid_Lock);
892 }
893
894 static void
895 handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
896            char *buf, int malformed)
897 {
898         if (server->ops->check_trans2 &&
899             server->ops->check_trans2(mid, server, buf, malformed))
900                 return;
901         mid->resp_buf = buf;
902         mid->large_buf = server->large_buf;
903         /* Was previous buf put in mpx struct for multi-rsp? */
904         if (!mid->multiRsp) {
905                 /* smb buffer will be freed by user thread */
906                 if (server->large_buf)
907                         server->bigbuf = NULL;
908                 else
909                         server->smallbuf = NULL;
910         }
911         dequeue_mid(mid, malformed);
912 }
913
914 static void clean_demultiplex_info(struct TCP_Server_Info *server)
915 {
916         int length;
917
918         /* take it off the list, if it's not already */
919         spin_lock(&cifs_tcp_ses_lock);
920         list_del_init(&server->tcp_ses_list);
921         spin_unlock(&cifs_tcp_ses_lock);
922
923         spin_lock(&GlobalMid_Lock);
924         server->tcpStatus = CifsExiting;
925         spin_unlock(&GlobalMid_Lock);
926         wake_up_all(&server->response_q);
927
928         /* check if we have blocked requests that need to free */
929         spin_lock(&server->req_lock);
930         if (server->credits <= 0)
931                 server->credits = 1;
932         spin_unlock(&server->req_lock);
933         /*
934          * Although there should not be any requests blocked on this queue it
935          * can not hurt to be paranoid and try to wake up requests that may
936          * haven been blocked when more than 50 at time were on the wire to the
937          * same server - they now will see the session is in exit state and get
938          * out of SendReceive.
939          */
940         wake_up_all(&server->request_q);
941         /* give those requests time to exit */
942         msleep(125);
943         if (cifs_rdma_enabled(server))
944                 smbd_destroy(server);
945         if (server->ssocket) {
946                 sock_release(server->ssocket);
947                 server->ssocket = NULL;
948         }
949
950         if (!list_empty(&server->pending_mid_q)) {
951                 struct list_head dispose_list;
952                 struct mid_q_entry *mid_entry;
953                 struct list_head *tmp, *tmp2;
954
955                 INIT_LIST_HEAD(&dispose_list);
956                 spin_lock(&GlobalMid_Lock);
957                 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
958                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
959                         cifs_dbg(FYI, "Clearing mid 0x%llx\n", mid_entry->mid);
960                         mid_entry->mid_state = MID_SHUTDOWN;
961                         list_move(&mid_entry->qhead, &dispose_list);
962                 }
963                 spin_unlock(&GlobalMid_Lock);
964
965                 /* now walk dispose list and issue callbacks */
966                 list_for_each_safe(tmp, tmp2, &dispose_list) {
967                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
968                         cifs_dbg(FYI, "Callback mid 0x%llx\n", mid_entry->mid);
969                         list_del_init(&mid_entry->qhead);
970                         mid_entry->callback(mid_entry);
971                 }
972                 /* 1/8th of sec is more than enough time for them to exit */
973                 msleep(125);
974         }
975
976         if (!list_empty(&server->pending_mid_q)) {
977                 /*
978                  * mpx threads have not exited yet give them at least the smb
979                  * send timeout time for long ops.
980                  *
981                  * Due to delays on oplock break requests, we need to wait at
982                  * least 45 seconds before giving up on a request getting a
983                  * response and going ahead and killing cifsd.
984                  */
985                 cifs_dbg(FYI, "Wait for exit from demultiplex thread\n");
986                 msleep(46000);
987                 /*
988                  * If threads still have not exited they are probably never
989                  * coming home not much else we can do but free the memory.
990                  */
991         }
992
993         kfree(server->hostname);
994         kfree(server);
995
996         length = atomic_dec_return(&tcpSesAllocCount);
997         if (length > 0)
998                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv);
999 }
1000
1001 static int
1002 standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
1003 {
1004         int length;
1005         char *buf = server->smallbuf;
1006         unsigned int pdu_length = server->pdu_size;
1007
1008         /* make sure this will fit in a large buffer */
1009         if (pdu_length > CIFSMaxBufSize + MAX_HEADER_SIZE(server) -
1010                 server->vals->header_preamble_size) {
1011                 cifs_dbg(VFS, "SMB response too long (%u bytes)\n", pdu_length);
1012                 cifs_reconnect(server);
1013                 wake_up(&server->response_q);
1014                 return -ECONNABORTED;
1015         }
1016
1017         /* switch to large buffer if too big for a small one */
1018         if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
1019                 server->large_buf = true;
1020                 memcpy(server->bigbuf, buf, server->total_read);
1021                 buf = server->bigbuf;
1022         }
1023
1024         /* now read the rest */
1025         length = cifs_read_from_socket(server, buf + HEADER_SIZE(server) - 1,
1026                                        pdu_length - HEADER_SIZE(server) + 1
1027                                        + server->vals->header_preamble_size);
1028
1029         if (length < 0)
1030                 return length;
1031         server->total_read += length;
1032
1033         dump_smb(buf, server->total_read);
1034
1035         return cifs_handle_standard(server, mid);
1036 }
1037
1038 int
1039 cifs_handle_standard(struct TCP_Server_Info *server, struct mid_q_entry *mid)
1040 {
1041         char *buf = server->large_buf ? server->bigbuf : server->smallbuf;
1042         int length;
1043
1044         /*
1045          * We know that we received enough to get to the MID as we
1046          * checked the pdu_length earlier. Now check to see
1047          * if the rest of the header is OK. We borrow the length
1048          * var for the rest of the loop to avoid a new stack var.
1049          *
1050          * 48 bytes is enough to display the header and a little bit
1051          * into the payload for debugging purposes.
1052          */
1053         length = server->ops->check_message(buf, server->total_read, server);
1054         if (length != 0)
1055                 cifs_dump_mem("Bad SMB: ", buf,
1056                         min_t(unsigned int, server->total_read, 48));
1057
1058         if (server->ops->is_session_expired &&
1059             server->ops->is_session_expired(buf)) {
1060                 cifs_reconnect(server);
1061                 wake_up(&server->response_q);
1062                 return -1;
1063         }
1064
1065         if (server->ops->is_status_pending &&
1066             server->ops->is_status_pending(buf, server))
1067                 return -1;
1068
1069         if (!mid)
1070                 return length;
1071
1072         handle_mid(mid, server, buf, length);
1073         return 0;
1074 }
1075
1076 static void
1077 smb2_add_credits_from_hdr(char *buffer, struct TCP_Server_Info *server)
1078 {
1079         struct smb2_sync_hdr *shdr = (struct smb2_sync_hdr *)buffer;
1080
1081         /*
1082          * SMB1 does not use credits.
1083          */
1084         if (server->vals->header_preamble_size)
1085                 return;
1086
1087         if (shdr->CreditRequest) {
1088                 spin_lock(&server->req_lock);
1089                 server->credits += le16_to_cpu(shdr->CreditRequest);
1090                 spin_unlock(&server->req_lock);
1091                 wake_up(&server->request_q);
1092         }
1093 }
1094
1095
1096 static int
1097 cifs_demultiplex_thread(void *p)
1098 {
1099         int i, num_mids, length;
1100         struct TCP_Server_Info *server = p;
1101         unsigned int pdu_length;
1102         unsigned int next_offset;
1103         char *buf = NULL;
1104         struct task_struct *task_to_wake = NULL;
1105         struct mid_q_entry *mids[MAX_COMPOUND];
1106         char *bufs[MAX_COMPOUND];
1107
1108         current->flags |= PF_MEMALLOC;
1109         cifs_dbg(FYI, "Demultiplex PID: %d\n", task_pid_nr(current));
1110
1111         length = atomic_inc_return(&tcpSesAllocCount);
1112         if (length > 1)
1113                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv);
1114
1115         set_freezable();
1116         while (server->tcpStatus != CifsExiting) {
1117                 if (try_to_freeze())
1118                         continue;
1119
1120                 if (!allocate_buffers(server))
1121                         continue;
1122
1123                 server->large_buf = false;
1124                 buf = server->smallbuf;
1125                 pdu_length = 4; /* enough to get RFC1001 header */
1126
1127                 length = cifs_read_from_socket(server, buf, pdu_length);
1128                 if (length < 0)
1129                         continue;
1130
1131                 if (server->vals->header_preamble_size == 0)
1132                         server->total_read = 0;
1133                 else
1134                         server->total_read = length;
1135
1136                 /*
1137                  * The right amount was read from socket - 4 bytes,
1138                  * so we can now interpret the length field.
1139                  */
1140                 pdu_length = get_rfc1002_length(buf);
1141
1142                 cifs_dbg(FYI, "RFC1002 header 0x%x\n", pdu_length);
1143                 if (!is_smb_response(server, buf[0]))
1144                         continue;
1145 next_pdu:
1146                 server->pdu_size = pdu_length;
1147
1148                 /* make sure we have enough to get to the MID */
1149                 if (server->pdu_size < HEADER_SIZE(server) - 1 -
1150                     server->vals->header_preamble_size) {
1151                         cifs_dbg(VFS, "SMB response too short (%u bytes)\n",
1152                                  server->pdu_size);
1153                         cifs_reconnect(server);
1154                         wake_up(&server->response_q);
1155                         continue;
1156                 }
1157
1158                 /* read down to the MID */
1159                 length = cifs_read_from_socket(server,
1160                              buf + server->vals->header_preamble_size,
1161                              HEADER_SIZE(server) - 1
1162                              - server->vals->header_preamble_size);
1163                 if (length < 0)
1164                         continue;
1165                 server->total_read += length;
1166
1167                 if (server->ops->next_header) {
1168                         next_offset = server->ops->next_header(buf);
1169                         if (next_offset)
1170                                 server->pdu_size = next_offset;
1171                 }
1172
1173                 memset(mids, 0, sizeof(mids));
1174                 memset(bufs, 0, sizeof(bufs));
1175                 num_mids = 0;
1176
1177                 if (server->ops->is_transform_hdr &&
1178                     server->ops->receive_transform &&
1179                     server->ops->is_transform_hdr(buf)) {
1180                         length = server->ops->receive_transform(server,
1181                                                                 mids,
1182                                                                 bufs,
1183                                                                 &num_mids);
1184                 } else {
1185                         mids[0] = server->ops->find_mid(server, buf);
1186                         bufs[0] = buf;
1187                         num_mids = 1;
1188
1189                         if (!mids[0] || !mids[0]->receive)
1190                                 length = standard_receive3(server, mids[0]);
1191                         else
1192                                 length = mids[0]->receive(server, mids[0]);
1193                 }
1194
1195                 if (length < 0) {
1196                         for (i = 0; i < num_mids; i++)
1197                                 if (mids[i])
1198                                         cifs_mid_q_entry_release(mids[i]);
1199                         continue;
1200                 }
1201
1202                 server->lstrp = jiffies;
1203
1204                 for (i = 0; i < num_mids; i++) {
1205                         if (mids[i] != NULL) {
1206                                 mids[i]->resp_buf_size = server->pdu_size;
1207                                 if ((mids[i]->mid_flags & MID_WAIT_CANCELLED) &&
1208                                     mids[i]->mid_state == MID_RESPONSE_RECEIVED &&
1209                                     server->ops->handle_cancelled_mid)
1210                                         server->ops->handle_cancelled_mid(
1211                                                         mids[i]->resp_buf,
1212                                                         server);
1213
1214                                 if (!mids[i]->multiRsp || mids[i]->multiEnd)
1215                                         mids[i]->callback(mids[i]);
1216
1217                                 cifs_mid_q_entry_release(mids[i]);
1218                         } else if (server->ops->is_oplock_break &&
1219                                    server->ops->is_oplock_break(bufs[i],
1220                                                                 server)) {
1221                                 smb2_add_credits_from_hdr(bufs[i], server);
1222                                 cifs_dbg(FYI, "Received oplock break\n");
1223                         } else {
1224                                 cifs_dbg(VFS, "No task to wake, unknown frame "
1225                                          "received! NumMids %d\n",
1226                                          atomic_read(&midCount));
1227                                 cifs_dump_mem("Received Data is: ", bufs[i],
1228                                               HEADER_SIZE(server));
1229                                 smb2_add_credits_from_hdr(bufs[i], server);
1230 #ifdef CONFIG_CIFS_DEBUG2
1231                                 if (server->ops->dump_detail)
1232                                         server->ops->dump_detail(bufs[i],
1233                                                                  server);
1234                                 cifs_dump_mids(server);
1235 #endif /* CIFS_DEBUG2 */
1236                         }
1237                 }
1238
1239                 if (pdu_length > server->pdu_size) {
1240                         if (!allocate_buffers(server))
1241                                 continue;
1242                         pdu_length -= server->pdu_size;
1243                         server->total_read = 0;
1244                         server->large_buf = false;
1245                         buf = server->smallbuf;
1246                         goto next_pdu;
1247                 }
1248         } /* end while !EXITING */
1249
1250         /* buffer usually freed in free_mid - need to free it here on exit */
1251         cifs_buf_release(server->bigbuf);
1252         if (server->smallbuf) /* no sense logging a debug message if NULL */
1253                 cifs_small_buf_release(server->smallbuf);
1254
1255         task_to_wake = xchg(&server->tsk, NULL);
1256         clean_demultiplex_info(server);
1257
1258         /* if server->tsk was NULL then wait for a signal before exiting */
1259         if (!task_to_wake) {
1260                 set_current_state(TASK_INTERRUPTIBLE);
1261                 while (!signal_pending(current)) {
1262                         schedule();
1263                         set_current_state(TASK_INTERRUPTIBLE);
1264                 }
1265                 set_current_state(TASK_RUNNING);
1266         }
1267
1268         module_put_and_exit(0);
1269 }
1270
1271 /* extract the host portion of the UNC string */
1272 static char *
1273 extract_hostname(const char *unc)
1274 {
1275         const char *src;
1276         char *dst, *delim;
1277         unsigned int len;
1278
1279         /* skip double chars at beginning of string */
1280         /* BB: check validity of these bytes? */
1281         if (strlen(unc) < 3)
1282                 return ERR_PTR(-EINVAL);
1283         for (src = unc; *src && *src == '\\'; src++)
1284                 ;
1285         if (!*src)
1286                 return ERR_PTR(-EINVAL);
1287
1288         /* delimiter between hostname and sharename is always '\\' now */
1289         delim = strchr(src, '\\');
1290         if (!delim)
1291                 return ERR_PTR(-EINVAL);
1292
1293         len = delim - src;
1294         dst = kmalloc((len + 1), GFP_KERNEL);
1295         if (dst == NULL)
1296                 return ERR_PTR(-ENOMEM);
1297
1298         memcpy(dst, src, len);
1299         dst[len] = '\0';
1300
1301         return dst;
1302 }
1303
1304 static int get_option_ul(substring_t args[], unsigned long *option)
1305 {
1306         int rc;
1307         char *string;
1308
1309         string = match_strdup(args);
1310         if (string == NULL)
1311                 return -ENOMEM;
1312         rc = kstrtoul(string, 0, option);
1313         kfree(string);
1314
1315         return rc;
1316 }
1317
1318 static int get_option_uid(substring_t args[], kuid_t *result)
1319 {
1320         unsigned long value;
1321         kuid_t uid;
1322         int rc;
1323
1324         rc = get_option_ul(args, &value);
1325         if (rc)
1326                 return rc;
1327
1328         uid = make_kuid(current_user_ns(), value);
1329         if (!uid_valid(uid))
1330                 return -EINVAL;
1331
1332         *result = uid;
1333         return 0;
1334 }
1335
1336 static int get_option_gid(substring_t args[], kgid_t *result)
1337 {
1338         unsigned long value;
1339         kgid_t gid;
1340         int rc;
1341
1342         rc = get_option_ul(args, &value);
1343         if (rc)
1344                 return rc;
1345
1346         gid = make_kgid(current_user_ns(), value);
1347         if (!gid_valid(gid))
1348                 return -EINVAL;
1349
1350         *result = gid;
1351         return 0;
1352 }
1353
1354 static int cifs_parse_security_flavors(char *value,
1355                                        struct smb_vol *vol)
1356 {
1357
1358         substring_t args[MAX_OPT_ARGS];
1359
1360         /*
1361          * With mount options, the last one should win. Reset any existing
1362          * settings back to default.
1363          */
1364         vol->sectype = Unspecified;
1365         vol->sign = false;
1366
1367         switch (match_token(value, cifs_secflavor_tokens, args)) {
1368         case Opt_sec_krb5p:
1369                 cifs_dbg(VFS, "sec=krb5p is not supported!\n");
1370                 return 1;
1371         case Opt_sec_krb5i:
1372                 vol->sign = true;
1373                 /* Fallthrough */
1374         case Opt_sec_krb5:
1375                 vol->sectype = Kerberos;
1376                 break;
1377         case Opt_sec_ntlmsspi:
1378                 vol->sign = true;
1379                 /* Fallthrough */
1380         case Opt_sec_ntlmssp:
1381                 vol->sectype = RawNTLMSSP;
1382                 break;
1383         case Opt_sec_ntlmi:
1384                 vol->sign = true;
1385                 /* Fallthrough */
1386         case Opt_ntlm:
1387                 vol->sectype = NTLM;
1388                 break;
1389         case Opt_sec_ntlmv2i:
1390                 vol->sign = true;
1391                 /* Fallthrough */
1392         case Opt_sec_ntlmv2:
1393                 vol->sectype = NTLMv2;
1394                 break;
1395 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1396         case Opt_sec_lanman:
1397                 vol->sectype = LANMAN;
1398                 break;
1399 #endif
1400         case Opt_sec_none:
1401                 vol->nullauth = 1;
1402                 break;
1403         default:
1404                 cifs_dbg(VFS, "bad security option: %s\n", value);
1405                 return 1;
1406         }
1407
1408         return 0;
1409 }
1410
1411 static int
1412 cifs_parse_cache_flavor(char *value, struct smb_vol *vol)
1413 {
1414         substring_t args[MAX_OPT_ARGS];
1415
1416         switch (match_token(value, cifs_cacheflavor_tokens, args)) {
1417         case Opt_cache_loose:
1418                 vol->direct_io = false;
1419                 vol->strict_io = false;
1420                 break;
1421         case Opt_cache_strict:
1422                 vol->direct_io = false;
1423                 vol->strict_io = true;
1424                 break;
1425         case Opt_cache_none:
1426                 vol->direct_io = true;
1427                 vol->strict_io = false;
1428                 break;
1429         default:
1430                 cifs_dbg(VFS, "bad cache= option: %s\n", value);
1431                 return 1;
1432         }
1433         return 0;
1434 }
1435
1436 static int
1437 cifs_parse_smb_version(char *value, struct smb_vol *vol, bool is_smb3)
1438 {
1439         substring_t args[MAX_OPT_ARGS];
1440
1441         switch (match_token(value, cifs_smb_version_tokens, args)) {
1442 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
1443         case Smb_1:
1444                 if (disable_legacy_dialects) {
1445                         cifs_dbg(VFS, "mount with legacy dialect disabled\n");
1446                         return 1;
1447                 }
1448                 if (is_smb3) {
1449                         cifs_dbg(VFS, "vers=1.0 (cifs) not permitted when mounting with smb3\n");
1450                         return 1;
1451                 }
1452                 vol->ops = &smb1_operations;
1453                 vol->vals = &smb1_values;
1454                 break;
1455         case Smb_20:
1456                 if (disable_legacy_dialects) {
1457                         cifs_dbg(VFS, "mount with legacy dialect disabled\n");
1458                         return 1;
1459                 }
1460                 if (is_smb3) {
1461                         cifs_dbg(VFS, "vers=2.0 not permitted when mounting with smb3\n");
1462                         return 1;
1463                 }
1464                 vol->ops = &smb20_operations;
1465                 vol->vals = &smb20_values;
1466                 break;
1467 #else
1468         case Smb_1:
1469                 cifs_dbg(VFS, "vers=1.0 (cifs) mount not permitted when legacy dialects disabled\n");
1470                 return 1;
1471         case Smb_20:
1472                 cifs_dbg(VFS, "vers=2.0 mount not permitted when legacy dialects disabled\n");
1473                 return 1;
1474 #endif /* CIFS_ALLOW_INSECURE_LEGACY */
1475         case Smb_21:
1476                 vol->ops = &smb21_operations;
1477                 vol->vals = &smb21_values;
1478                 break;
1479         case Smb_30:
1480                 vol->ops = &smb30_operations;
1481                 vol->vals = &smb30_values;
1482                 break;
1483         case Smb_302:
1484                 vol->ops = &smb30_operations; /* currently identical with 3.0 */
1485                 vol->vals = &smb302_values;
1486                 break;
1487         case Smb_311:
1488                 vol->ops = &smb311_operations;
1489                 vol->vals = &smb311_values;
1490                 break;
1491         case Smb_3any:
1492                 vol->ops = &smb30_operations; /* currently identical with 3.0 */
1493                 vol->vals = &smb3any_values;
1494                 break;
1495         case Smb_default:
1496                 vol->ops = &smb30_operations; /* currently identical with 3.0 */
1497                 vol->vals = &smbdefault_values;
1498                 break;
1499         default:
1500                 cifs_dbg(VFS, "Unknown vers= option specified: %s\n", value);
1501                 return 1;
1502         }
1503         return 0;
1504 }
1505
1506 /*
1507  * Parse a devname into substrings and populate the vol->UNC and vol->prepath
1508  * fields with the result. Returns 0 on success and an error otherwise.
1509  */
1510 static int
1511 cifs_parse_devname(const char *devname, struct smb_vol *vol)
1512 {
1513         char *pos;
1514         const char *delims = "/\\";
1515         size_t len;
1516
1517         if (unlikely(!devname || !*devname)) {
1518                 cifs_dbg(VFS, "Device name not specified.\n");
1519                 return -EINVAL;
1520         }
1521
1522         /* make sure we have a valid UNC double delimiter prefix */
1523         len = strspn(devname, delims);
1524         if (len != 2)
1525                 return -EINVAL;
1526
1527         /* find delimiter between host and sharename */
1528         pos = strpbrk(devname + 2, delims);
1529         if (!pos)
1530                 return -EINVAL;
1531
1532         /* skip past delimiter */
1533         ++pos;
1534
1535         /* now go until next delimiter or end of string */
1536         len = strcspn(pos, delims);
1537
1538         /* move "pos" up to delimiter or NULL */
1539         pos += len;
1540         vol->UNC = kstrndup(devname, pos - devname, GFP_KERNEL);
1541         if (!vol->UNC)
1542                 return -ENOMEM;
1543
1544         convert_delimiter(vol->UNC, '\\');
1545
1546         /* skip any delimiter */
1547         if (*pos == '/' || *pos == '\\')
1548                 pos++;
1549
1550         /* If pos is NULL then no prepath */
1551         if (!*pos)
1552                 return 0;
1553
1554         vol->prepath = kstrdup(pos, GFP_KERNEL);
1555         if (!vol->prepath)
1556                 return -ENOMEM;
1557
1558         return 0;
1559 }
1560
1561 static int
1562 cifs_parse_mount_options(const char *mountdata, const char *devname,
1563                          struct smb_vol *vol, bool is_smb3)
1564 {
1565         char *data, *end;
1566         char *mountdata_copy = NULL, *options;
1567         unsigned int  temp_len, i, j;
1568         char separator[2];
1569         short int override_uid = -1;
1570         short int override_gid = -1;
1571         bool uid_specified = false;
1572         bool gid_specified = false;
1573         bool sloppy = false;
1574         char *invalid = NULL;
1575         char *nodename = utsname()->nodename;
1576         char *string = NULL;
1577         char *tmp_end, *value;
1578         char delim;
1579         bool got_ip = false;
1580         bool got_version = false;
1581         unsigned short port = 0;
1582         struct sockaddr *dstaddr = (struct sockaddr *)&vol->dstaddr;
1583
1584         separator[0] = ',';
1585         separator[1] = 0;
1586         delim = separator[0];
1587
1588         /* ensure we always start with zeroed-out smb_vol */
1589         memset(vol, 0, sizeof(*vol));
1590
1591         /*
1592          * does not have to be perfect mapping since field is
1593          * informational, only used for servers that do not support
1594          * port 445 and it can be overridden at mount time
1595          */
1596         memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1597         for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1598                 vol->source_rfc1001_name[i] = toupper(nodename[i]);
1599
1600         vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1601         /* null target name indicates to use *SMBSERVR default called name
1602            if we end up sending RFC1001 session initialize */
1603         vol->target_rfc1001_name[0] = 0;
1604         vol->cred_uid = current_uid();
1605         vol->linux_uid = current_uid();
1606         vol->linux_gid = current_gid();
1607         vol->bsize = 1024 * 1024; /* can improve cp performance significantly */
1608         /*
1609          * default to SFM style remapping of seven reserved characters
1610          * unless user overrides it or we negotiate CIFS POSIX where
1611          * it is unnecessary.  Can not simultaneously use more than one mapping
1612          * since then readdir could list files that open could not open
1613          */
1614         vol->remap = true;
1615
1616         /* default to only allowing write access to owner of the mount */
1617         vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1618
1619         /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1620         /* default is always to request posix paths. */
1621         vol->posix_paths = 1;
1622         /* default to using server inode numbers where available */
1623         vol->server_ino = 1;
1624
1625         /* default is to use strict cifs caching semantics */
1626         vol->strict_io = true;
1627
1628         vol->actimeo = CIFS_DEF_ACTIMEO;
1629
1630         /* Most clients set timeout to 0, allows server to use its default */
1631         vol->handle_timeout = 0; /* See MS-SMB2 spec section 2.2.14.2.12 */
1632
1633         /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */
1634         vol->ops = &smb30_operations;
1635         vol->vals = &smbdefault_values;
1636
1637         vol->echo_interval = SMB_ECHO_INTERVAL_DEFAULT;
1638
1639         if (!mountdata)
1640                 goto cifs_parse_mount_err;
1641
1642         mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
1643         if (!mountdata_copy)
1644                 goto cifs_parse_mount_err;
1645
1646         options = mountdata_copy;
1647         end = options + strlen(options);
1648
1649         if (strncmp(options, "sep=", 4) == 0) {
1650                 if (options[4] != 0) {
1651                         separator[0] = options[4];
1652                         options += 5;
1653                 } else {
1654                         cifs_dbg(FYI, "Null separator not allowed\n");
1655                 }
1656         }
1657         vol->backupuid_specified = false; /* no backup intent for a user */
1658         vol->backupgid_specified = false; /* no backup intent for a group */
1659
1660         switch (cifs_parse_devname(devname, vol)) {
1661         case 0:
1662                 break;
1663         case -ENOMEM:
1664                 cifs_dbg(VFS, "Unable to allocate memory for devname.\n");
1665                 goto cifs_parse_mount_err;
1666         case -EINVAL:
1667                 cifs_dbg(VFS, "Malformed UNC in devname.\n");
1668                 goto cifs_parse_mount_err;
1669         default:
1670                 cifs_dbg(VFS, "Unknown error parsing devname.\n");
1671                 goto cifs_parse_mount_err;
1672         }
1673
1674         while ((data = strsep(&options, separator)) != NULL) {
1675                 substring_t args[MAX_OPT_ARGS];
1676                 unsigned long option;
1677                 int token;
1678
1679                 if (!*data)
1680                         continue;
1681
1682                 token = match_token(data, cifs_mount_option_tokens, args);
1683
1684                 switch (token) {
1685
1686                 /* Ingnore the following */
1687                 case Opt_ignore:
1688                         break;
1689
1690                 /* Boolean values */
1691                 case Opt_user_xattr:
1692                         vol->no_xattr = 0;
1693                         break;
1694                 case Opt_nouser_xattr:
1695                         vol->no_xattr = 1;
1696                         break;
1697                 case Opt_forceuid:
1698                         override_uid = 1;
1699                         break;
1700                 case Opt_noforceuid:
1701                         override_uid = 0;
1702                         break;
1703                 case Opt_forcegid:
1704                         override_gid = 1;
1705                         break;
1706                 case Opt_noforcegid:
1707                         override_gid = 0;
1708                         break;
1709                 case Opt_noblocksend:
1710                         vol->noblocksnd = 1;
1711                         break;
1712                 case Opt_noautotune:
1713                         vol->noautotune = 1;
1714                         break;
1715                 case Opt_hard:
1716                         vol->retry = 1;
1717                         break;
1718                 case Opt_soft:
1719                         vol->retry = 0;
1720                         break;
1721                 case Opt_perm:
1722                         vol->noperm = 0;
1723                         break;
1724                 case Opt_noperm:
1725                         vol->noperm = 1;
1726                         break;
1727                 case Opt_mapchars:
1728                         vol->sfu_remap = true;
1729                         vol->remap = false; /* disable SFM mapping */
1730                         break;
1731                 case Opt_nomapchars:
1732                         vol->sfu_remap = false;
1733                         break;
1734                 case Opt_mapposix:
1735                         vol->remap = true;
1736                         vol->sfu_remap = false; /* disable SFU mapping */
1737                         break;
1738                 case Opt_nomapposix:
1739                         vol->remap = false;
1740                         break;
1741                 case Opt_sfu:
1742                         vol->sfu_emul = 1;
1743                         break;
1744                 case Opt_nosfu:
1745                         vol->sfu_emul = 0;
1746                         break;
1747                 case Opt_nodfs:
1748                         vol->nodfs = 1;
1749                         break;
1750                 case Opt_posixpaths:
1751                         vol->posix_paths = 1;
1752                         break;
1753                 case Opt_noposixpaths:
1754                         vol->posix_paths = 0;
1755                         break;
1756                 case Opt_nounix:
1757                         if (vol->linux_ext)
1758                                 cifs_dbg(VFS,
1759                                         "conflicting unix mount options\n");
1760                         vol->no_linux_ext = 1;
1761                         break;
1762                 case Opt_unix:
1763                         if (vol->no_linux_ext)
1764                                 cifs_dbg(VFS,
1765                                         "conflicting unix mount options\n");
1766                         vol->linux_ext = 1;
1767                         break;
1768                 case Opt_nocase:
1769                         vol->nocase = 1;
1770                         break;
1771                 case Opt_brl:
1772                         vol->nobrl =  0;
1773                         break;
1774                 case Opt_nobrl:
1775                         vol->nobrl =  1;
1776                         /*
1777                          * turn off mandatory locking in mode
1778                          * if remote locking is turned off since the
1779                          * local vfs will do advisory
1780                          */
1781                         if (vol->file_mode ==
1782                                 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1783                                 vol->file_mode = S_IALLUGO;
1784                         break;
1785                 case Opt_nohandlecache:
1786                         vol->nohandlecache = 1;
1787                         break;
1788                 case Opt_handlecache:
1789                         vol->nohandlecache = 0;
1790                         break;
1791                 case Opt_forcemandatorylock:
1792                         vol->mand_lock = 1;
1793                         break;
1794                 case Opt_setuids:
1795                         vol->setuids = 1;
1796                         break;
1797                 case Opt_nosetuids:
1798                         vol->setuids = 0;
1799                         break;
1800                 case Opt_setuidfromacl:
1801                         vol->setuidfromacl = 1;
1802                         break;
1803                 case Opt_dynperm:
1804                         vol->dynperm = true;
1805                         break;
1806                 case Opt_nodynperm:
1807                         vol->dynperm = false;
1808                         break;
1809                 case Opt_nohard:
1810                         vol->retry = 0;
1811                         break;
1812                 case Opt_nosoft:
1813                         vol->retry = 1;
1814                         break;
1815                 case Opt_nointr:
1816                         vol->intr = 0;
1817                         break;
1818                 case Opt_intr:
1819                         vol->intr = 1;
1820                         break;
1821                 case Opt_nostrictsync:
1822                         vol->nostrictsync = 1;
1823                         break;
1824                 case Opt_strictsync:
1825                         vol->nostrictsync = 0;
1826                         break;
1827                 case Opt_serverino:
1828                         vol->server_ino = 1;
1829                         break;
1830                 case Opt_noserverino:
1831                         vol->server_ino = 0;
1832                         break;
1833                 case Opt_rwpidforward:
1834                         vol->rwpidforward = 1;
1835                         break;
1836                 case Opt_modesid:
1837                         vol->mode_ace = 1;
1838                         break;
1839                 case Opt_cifsacl:
1840                         vol->cifs_acl = 1;
1841                         break;
1842                 case Opt_nocifsacl:
1843                         vol->cifs_acl = 0;
1844                         break;
1845                 case Opt_acl:
1846                         vol->no_psx_acl = 0;
1847                         break;
1848                 case Opt_noacl:
1849                         vol->no_psx_acl = 1;
1850                         break;
1851                 case Opt_locallease:
1852                         vol->local_lease = 1;
1853                         break;
1854                 case Opt_sign:
1855                         vol->sign = true;
1856                         break;
1857                 case Opt_seal:
1858                         /* we do not do the following in secFlags because seal
1859                          * is a per tree connection (mount) not a per socket
1860                          * or per-smb connection option in the protocol
1861                          * vol->secFlg |= CIFSSEC_MUST_SEAL;
1862                          */
1863                         vol->seal = 1;
1864                         break;
1865                 case Opt_noac:
1866                         pr_warn("CIFS: Mount option noac not supported. Instead set /proc/fs/cifs/LookupCacheEnabled to 0\n");
1867                         break;
1868                 case Opt_fsc:
1869 #ifndef CONFIG_CIFS_FSCACHE
1870                         cifs_dbg(VFS, "FS-Cache support needs CONFIG_CIFS_FSCACHE kernel config option set\n");
1871                         goto cifs_parse_mount_err;
1872 #endif
1873                         vol->fsc = true;
1874                         break;
1875                 case Opt_mfsymlinks:
1876                         vol->mfsymlinks = true;
1877                         break;
1878                 case Opt_multiuser:
1879                         vol->multiuser = true;
1880                         break;
1881                 case Opt_sloppy:
1882                         sloppy = true;
1883                         break;
1884                 case Opt_nosharesock:
1885                         vol->nosharesock = true;
1886                         break;
1887                 case Opt_nopersistent:
1888                         vol->nopersistent = true;
1889                         if (vol->persistent) {
1890                                 cifs_dbg(VFS,
1891                                   "persistenthandles mount options conflict\n");
1892                                 goto cifs_parse_mount_err;
1893                         }
1894                         break;
1895                 case Opt_persistent:
1896                         vol->persistent = true;
1897                         if ((vol->nopersistent) || (vol->resilient)) {
1898                                 cifs_dbg(VFS,
1899                                   "persistenthandles mount options conflict\n");
1900                                 goto cifs_parse_mount_err;
1901                         }
1902                         break;
1903                 case Opt_resilient:
1904                         vol->resilient = true;
1905                         if (vol->persistent) {
1906                                 cifs_dbg(VFS,
1907                                   "persistenthandles mount options conflict\n");
1908                                 goto cifs_parse_mount_err;
1909                         }
1910                         break;
1911                 case Opt_noresilient:
1912                         vol->resilient = false; /* already the default */
1913                         break;
1914                 case Opt_domainauto:
1915                         vol->domainauto = true;
1916                         break;
1917                 case Opt_rdma:
1918                         vol->rdma = true;
1919                         break;
1920                 case Opt_compress:
1921                         vol->compression = UNKNOWN_TYPE;
1922                         cifs_dbg(VFS,
1923                                 "SMB3 compression support is experimental\n");
1924                         break;
1925
1926                 /* Numeric Values */
1927                 case Opt_backupuid:
1928                         if (get_option_uid(args, &vol->backupuid)) {
1929                                 cifs_dbg(VFS, "%s: Invalid backupuid value\n",
1930                                          __func__);
1931                                 goto cifs_parse_mount_err;
1932                         }
1933                         vol->backupuid_specified = true;
1934                         break;
1935                 case Opt_backupgid:
1936                         if (get_option_gid(args, &vol->backupgid)) {
1937                                 cifs_dbg(VFS, "%s: Invalid backupgid value\n",
1938                                          __func__);
1939                                 goto cifs_parse_mount_err;
1940                         }
1941                         vol->backupgid_specified = true;
1942                         break;
1943                 case Opt_uid:
1944                         if (get_option_uid(args, &vol->linux_uid)) {
1945                                 cifs_dbg(VFS, "%s: Invalid uid value\n",
1946                                          __func__);
1947                                 goto cifs_parse_mount_err;
1948                         }
1949                         uid_specified = true;
1950                         break;
1951                 case Opt_cruid:
1952                         if (get_option_uid(args, &vol->cred_uid)) {
1953                                 cifs_dbg(VFS, "%s: Invalid cruid value\n",
1954                                          __func__);
1955                                 goto cifs_parse_mount_err;
1956                         }
1957                         break;
1958                 case Opt_gid:
1959                         if (get_option_gid(args, &vol->linux_gid)) {
1960                                 cifs_dbg(VFS, "%s: Invalid gid value\n",
1961                                          __func__);
1962                                 goto cifs_parse_mount_err;
1963                         }
1964                         gid_specified = true;
1965                         break;
1966                 case Opt_file_mode:
1967                         if (get_option_ul(args, &option)) {
1968                                 cifs_dbg(VFS, "%s: Invalid file_mode value\n",
1969                                          __func__);
1970                                 goto cifs_parse_mount_err;
1971                         }
1972                         vol->file_mode = option;
1973                         break;
1974                 case Opt_dirmode:
1975                         if (get_option_ul(args, &option)) {
1976                                 cifs_dbg(VFS, "%s: Invalid dir_mode value\n",
1977                                          __func__);
1978                                 goto cifs_parse_mount_err;
1979                         }
1980                         vol->dir_mode = option;
1981                         break;
1982                 case Opt_port:
1983                         if (get_option_ul(args, &option) ||
1984                             option > USHRT_MAX) {
1985                                 cifs_dbg(VFS, "%s: Invalid port value\n",
1986                                          __func__);
1987                                 goto cifs_parse_mount_err;
1988                         }
1989                         port = (unsigned short)option;
1990                         break;
1991                 case Opt_blocksize:
1992                         if (get_option_ul(args, &option)) {
1993                                 cifs_dbg(VFS, "%s: Invalid blocksize value\n",
1994                                         __func__);
1995                                 goto cifs_parse_mount_err;
1996                         }
1997                         /*
1998                          * inode blocksize realistically should never need to be
1999                          * less than 16K or greater than 16M and default is 1MB.
2000                          * Note that small inode block sizes (e.g. 64K) can lead
2001                          * to very poor performance of common tools like cp and scp
2002                          */
2003                         if ((option < CIFS_MAX_MSGSIZE) ||
2004                            (option > (4 * SMB3_DEFAULT_IOSIZE))) {
2005                                 cifs_dbg(VFS, "%s: Invalid blocksize\n",
2006                                         __func__);
2007                                 goto cifs_parse_mount_err;
2008                         }
2009                         vol->bsize = option;
2010                         break;
2011                 case Opt_rsize:
2012                         if (get_option_ul(args, &option)) {
2013                                 cifs_dbg(VFS, "%s: Invalid rsize value\n",
2014                                          __func__);
2015                                 goto cifs_parse_mount_err;
2016                         }
2017                         vol->rsize = option;
2018                         break;
2019                 case Opt_wsize:
2020                         if (get_option_ul(args, &option)) {
2021                                 cifs_dbg(VFS, "%s: Invalid wsize value\n",
2022                                          __func__);
2023                                 goto cifs_parse_mount_err;
2024                         }
2025                         vol->wsize = option;
2026                         break;
2027                 case Opt_actimeo:
2028                         if (get_option_ul(args, &option)) {
2029                                 cifs_dbg(VFS, "%s: Invalid actimeo value\n",
2030                                          __func__);
2031                                 goto cifs_parse_mount_err;
2032                         }
2033                         vol->actimeo = HZ * option;
2034                         if (vol->actimeo > CIFS_MAX_ACTIMEO) {
2035                                 cifs_dbg(VFS, "attribute cache timeout too large\n");
2036                                 goto cifs_parse_mount_err;
2037                         }
2038                         break;
2039                 case Opt_handletimeout:
2040                         if (get_option_ul(args, &option)) {
2041                                 cifs_dbg(VFS, "%s: Invalid handletimeout value\n",
2042                                          __func__);
2043                                 goto cifs_parse_mount_err;
2044                         }
2045                         vol->handle_timeout = option;
2046                         if (vol->handle_timeout > SMB3_MAX_HANDLE_TIMEOUT) {
2047                                 cifs_dbg(VFS, "Invalid handle cache timeout, longer than 16 minutes\n");
2048                                 goto cifs_parse_mount_err;
2049                         }
2050                         break;
2051                 case Opt_echo_interval:
2052                         if (get_option_ul(args, &option)) {
2053                                 cifs_dbg(VFS, "%s: Invalid echo interval value\n",
2054                                          __func__);
2055                                 goto cifs_parse_mount_err;
2056                         }
2057                         vol->echo_interval = option;
2058                         break;
2059                 case Opt_snapshot:
2060                         if (get_option_ul(args, &option)) {
2061                                 cifs_dbg(VFS, "%s: Invalid snapshot time\n",
2062                                          __func__);
2063                                 goto cifs_parse_mount_err;
2064                         }
2065                         vol->snapshot_time = option;
2066                         break;
2067                 case Opt_max_credits:
2068                         if (get_option_ul(args, &option) || (option < 20) ||
2069                             (option > 60000)) {
2070                                 cifs_dbg(VFS, "%s: Invalid max_credits value\n",
2071                                          __func__);
2072                                 goto cifs_parse_mount_err;
2073                         }
2074                         vol->max_credits = option;
2075                         break;
2076
2077                 /* String Arguments */
2078
2079                 case Opt_blank_user:
2080                         /* null user, ie. anonymous authentication */
2081                         vol->nullauth = 1;
2082                         vol->username = NULL;
2083                         break;
2084                 case Opt_user:
2085                         string = match_strdup(args);
2086                         if (string == NULL)
2087                                 goto out_nomem;
2088
2089                         if (strnlen(string, CIFS_MAX_USERNAME_LEN) >
2090                                                         CIFS_MAX_USERNAME_LEN) {
2091                                 pr_warn("CIFS: username too long\n");
2092                                 goto cifs_parse_mount_err;
2093                         }
2094
2095                         kfree(vol->username);
2096                         vol->username = kstrdup(string, GFP_KERNEL);
2097                         if (!vol->username)
2098                                 goto cifs_parse_mount_err;
2099                         break;
2100                 case Opt_blank_pass:
2101                         /* passwords have to be handled differently
2102                          * to allow the character used for deliminator
2103                          * to be passed within them
2104                          */
2105
2106                         /*
2107                          * Check if this is a case where the  password
2108                          * starts with a delimiter
2109                          */
2110                         tmp_end = strchr(data, '=');
2111                         tmp_end++;
2112                         if (!(tmp_end < end && tmp_end[1] == delim)) {
2113                                 /* No it is not. Set the password to NULL */
2114                                 kzfree(vol->password);
2115                                 vol->password = NULL;
2116                                 break;
2117                         }
2118                         /* Fallthrough - to Opt_pass below.*/
2119                 case Opt_pass:
2120                         /* Obtain the value string */
2121                         value = strchr(data, '=');
2122                         value++;
2123
2124                         /* Set tmp_end to end of the string */
2125                         tmp_end = (char *) value + strlen(value);
2126
2127                         /* Check if following character is the deliminator
2128                          * If yes, we have encountered a double deliminator
2129                          * reset the NULL character to the deliminator
2130                          */
2131                         if (tmp_end < end && tmp_end[1] == delim) {
2132                                 tmp_end[0] = delim;
2133
2134                                 /* Keep iterating until we get to a single
2135                                  * deliminator OR the end
2136                                  */
2137                                 while ((tmp_end = strchr(tmp_end, delim))
2138                                         != NULL && (tmp_end[1] == delim)) {
2139                                                 tmp_end = (char *) &tmp_end[2];
2140                                 }
2141
2142                                 /* Reset var options to point to next element */
2143                                 if (tmp_end) {
2144                                         tmp_end[0] = '\0';
2145                                         options = (char *) &tmp_end[1];
2146                                 } else
2147                                         /* Reached the end of the mount option
2148                                          * string */
2149                                         options = end;
2150                         }
2151
2152                         kzfree(vol->password);
2153                         /* Now build new password string */
2154                         temp_len = strlen(value);
2155                         vol->password = kzalloc(temp_len+1, GFP_KERNEL);
2156                         if (vol->password == NULL) {
2157                                 pr_warn("CIFS: no memory for password\n");
2158                                 goto cifs_parse_mount_err;
2159                         }
2160
2161                         for (i = 0, j = 0; i < temp_len; i++, j++) {
2162                                 vol->password[j] = value[i];
2163                                 if ((value[i] == delim) &&
2164                                      value[i+1] == delim)
2165                                         /* skip the second deliminator */
2166                                         i++;
2167                         }
2168                         vol->password[j] = '\0';
2169                         break;
2170                 case Opt_blank_ip:
2171                         /* FIXME: should this be an error instead? */
2172                         got_ip = false;
2173                         break;
2174                 case Opt_ip:
2175                         string = match_strdup(args);
2176                         if (string == NULL)
2177                                 goto out_nomem;
2178
2179                         if (!cifs_convert_address(dstaddr, string,
2180                                         strlen(string))) {
2181                                 pr_err("CIFS: bad ip= option (%s).\n", string);
2182                                 goto cifs_parse_mount_err;
2183                         }
2184                         got_ip = true;
2185                         break;
2186                 case Opt_domain:
2187                         string = match_strdup(args);
2188                         if (string == NULL)
2189                                 goto out_nomem;
2190
2191                         if (strnlen(string, CIFS_MAX_DOMAINNAME_LEN)
2192                                         == CIFS_MAX_DOMAINNAME_LEN) {
2193                                 pr_warn("CIFS: domain name too long\n");
2194                                 goto cifs_parse_mount_err;
2195                         }
2196
2197                         kfree(vol->domainname);
2198                         vol->domainname = kstrdup(string, GFP_KERNEL);
2199                         if (!vol->domainname) {
2200                                 pr_warn("CIFS: no memory for domainname\n");
2201                                 goto cifs_parse_mount_err;
2202                         }
2203                         cifs_dbg(FYI, "Domain name set\n");
2204                         break;
2205                 case Opt_srcaddr:
2206                         string = match_strdup(args);
2207                         if (string == NULL)
2208                                 goto out_nomem;
2209
2210                         if (!cifs_convert_address(
2211                                         (struct sockaddr *)&vol->srcaddr,
2212                                         string, strlen(string))) {
2213                                 pr_warn("CIFS: Could not parse srcaddr: %s\n",
2214                                         string);
2215                                 goto cifs_parse_mount_err;
2216                         }
2217                         break;
2218                 case Opt_iocharset:
2219                         string = match_strdup(args);
2220                         if (string == NULL)
2221                                 goto out_nomem;
2222
2223                         if (strnlen(string, 1024) >= 65) {
2224                                 pr_warn("CIFS: iocharset name too long.\n");
2225                                 goto cifs_parse_mount_err;
2226                         }
2227
2228                          if (strncasecmp(string, "default", 7) != 0) {
2229                                 kfree(vol->iocharset);
2230                                 vol->iocharset = kstrdup(string,
2231                                                          GFP_KERNEL);
2232                                 if (!vol->iocharset) {
2233                                         pr_warn("CIFS: no memory for charset\n");
2234                                         goto cifs_parse_mount_err;
2235                                 }
2236                         }
2237                         /* if iocharset not set then load_nls_default
2238                          * is used by caller
2239                          */
2240                          cifs_dbg(FYI, "iocharset set to %s\n", string);
2241                         break;
2242                 case Opt_netbiosname:
2243                         string = match_strdup(args);
2244                         if (string == NULL)
2245                                 goto out_nomem;
2246
2247                         memset(vol->source_rfc1001_name, 0x20,
2248                                 RFC1001_NAME_LEN);
2249                         /*
2250                          * FIXME: are there cases in which a comma can
2251                          * be valid in workstation netbios name (and
2252                          * need special handling)?
2253                          */
2254                         for (i = 0; i < RFC1001_NAME_LEN; i++) {
2255                                 /* don't ucase netbiosname for user */
2256                                 if (string[i] == 0)
2257                                         break;
2258                                 vol->source_rfc1001_name[i] = string[i];
2259                         }
2260                         /* The string has 16th byte zero still from
2261                          * set at top of the function
2262                          */
2263                         if (i == RFC1001_NAME_LEN && string[i] != 0)
2264                                 pr_warn("CIFS: netbiosname longer than 15 truncated.\n");
2265                         break;
2266                 case Opt_servern:
2267                         /* servernetbiosname specified override *SMBSERVER */
2268                         string = match_strdup(args);
2269                         if (string == NULL)
2270                                 goto out_nomem;
2271
2272                         /* last byte, type, is 0x20 for servr type */
2273                         memset(vol->target_rfc1001_name, 0x20,
2274                                 RFC1001_NAME_LEN_WITH_NULL);
2275
2276                         /* BB are there cases in which a comma can be
2277                            valid in this workstation netbios name
2278                            (and need special handling)? */
2279
2280                         /* user or mount helper must uppercase the
2281                            netbios name */
2282                         for (i = 0; i < 15; i++) {
2283                                 if (string[i] == 0)
2284                                         break;
2285                                 vol->target_rfc1001_name[i] = string[i];
2286                         }
2287                         /* The string has 16th byte zero still from
2288                            set at top of the function  */
2289                         if (i == RFC1001_NAME_LEN && string[i] != 0)
2290                                 pr_warn("CIFS: server netbiosname longer than 15 truncated.\n");
2291                         break;
2292                 case Opt_ver:
2293                         /* version of mount userspace tools, not dialect */
2294                         string = match_strdup(args);
2295                         if (string == NULL)
2296                                 goto out_nomem;
2297
2298                         /* If interface changes in mount.cifs bump to new ver */
2299                         if (strncasecmp(string, "1", 1) == 0) {
2300                                 if (strlen(string) > 1) {
2301                                         pr_warn("Bad mount helper ver=%s. Did "
2302                                                 "you want SMB1 (CIFS) dialect "
2303                                                 "and mean to type vers=1.0 "
2304                                                 "instead?\n", string);
2305                                         goto cifs_parse_mount_err;
2306                                 }
2307                                 /* This is the default */
2308                                 break;
2309                         }
2310                         /* For all other value, error */
2311                         pr_warn("CIFS: Invalid mount helper version specified\n");
2312                         goto cifs_parse_mount_err;
2313                 case Opt_vers:
2314                         /* protocol version (dialect) */
2315                         string = match_strdup(args);
2316                         if (string == NULL)
2317                                 goto out_nomem;
2318
2319                         if (cifs_parse_smb_version(string, vol, is_smb3) != 0)
2320                                 goto cifs_parse_mount_err;
2321                         got_version = true;
2322                         break;
2323                 case Opt_sec:
2324                         string = match_strdup(args);
2325                         if (string == NULL)
2326                                 goto out_nomem;
2327
2328                         if (cifs_parse_security_flavors(string, vol) != 0)
2329                                 goto cifs_parse_mount_err;
2330                         break;
2331                 case Opt_cache:
2332                         string = match_strdup(args);
2333                         if (string == NULL)
2334                                 goto out_nomem;
2335
2336                         if (cifs_parse_cache_flavor(string, vol) != 0)
2337                                 goto cifs_parse_mount_err;
2338                         break;
2339                 default:
2340                         /*
2341                          * An option we don't recognize. Save it off for later
2342                          * if we haven't already found one
2343                          */
2344                         if (!invalid)
2345                                 invalid = data;
2346                         break;
2347                 }
2348                 /* Free up any allocated string */
2349                 kfree(string);
2350                 string = NULL;
2351         }
2352
2353         if (!sloppy && invalid) {
2354                 pr_err("CIFS: Unknown mount option \"%s\"\n", invalid);
2355                 goto cifs_parse_mount_err;
2356         }
2357
2358         if (vol->rdma && vol->vals->protocol_id < SMB30_PROT_ID) {
2359                 cifs_dbg(VFS, "SMB Direct requires Version >=3.0\n");
2360                 goto cifs_parse_mount_err;
2361         }
2362
2363 #ifndef CONFIG_KEYS
2364         /* Muliuser mounts require CONFIG_KEYS support */
2365         if (vol->multiuser) {
2366                 cifs_dbg(VFS, "Multiuser mounts require kernels with CONFIG_KEYS enabled\n");
2367                 goto cifs_parse_mount_err;
2368         }
2369 #endif
2370         if (!vol->UNC) {
2371                 cifs_dbg(VFS, "CIFS mount error: No usable UNC path provided in device string!\n");
2372                 goto cifs_parse_mount_err;
2373         }
2374
2375         /* make sure UNC has a share name */
2376         if (!strchr(vol->UNC + 3, '\\')) {
2377                 cifs_dbg(VFS, "Malformed UNC. Unable to find share name.\n");
2378                 goto cifs_parse_mount_err;
2379         }
2380
2381         if (!got_ip) {
2382                 int len;
2383                 const char *slash;
2384
2385                 /* No ip= option specified? Try to get it from UNC */
2386                 /* Use the address part of the UNC. */
2387                 slash = strchr(&vol->UNC[2], '\\');
2388                 len = slash - &vol->UNC[2];
2389                 if (!cifs_convert_address(dstaddr, &vol->UNC[2], len)) {
2390                         pr_err("Unable to determine destination address.\n");
2391                         goto cifs_parse_mount_err;
2392                 }
2393         }
2394
2395         /* set the port that we got earlier */
2396         cifs_set_port(dstaddr, port);
2397
2398         if (uid_specified)
2399                 vol->override_uid = override_uid;
2400         else if (override_uid == 1)
2401                 pr_notice("CIFS: ignoring forceuid mount option specified with no uid= option.\n");
2402
2403         if (gid_specified)
2404                 vol->override_gid = override_gid;
2405         else if (override_gid == 1)
2406                 pr_notice("CIFS: ignoring forcegid mount option specified with no gid= option.\n");
2407
2408         if (got_version == false)
2409                 pr_warn("No dialect specified on mount. Default has changed to "
2410                         "a more secure dialect, SMB2.1 or later (e.g. SMB3), from CIFS "
2411                         "(SMB1). To use the less secure SMB1 dialect to access "
2412                         "old servers which do not support SMB3 (or SMB2.1) specify vers=1.0"
2413                         " on mount.\n");
2414
2415         kfree(mountdata_copy);
2416         return 0;
2417
2418 out_nomem:
2419         pr_warn("Could not allocate temporary buffer\n");
2420 cifs_parse_mount_err:
2421         kfree(string);
2422         kfree(mountdata_copy);
2423         return 1;
2424 }
2425
2426 /** Returns true if srcaddr isn't specified and rhs isn't
2427  * specified, or if srcaddr is specified and
2428  * matches the IP address of the rhs argument.
2429  */
2430 static bool
2431 srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
2432 {
2433         switch (srcaddr->sa_family) {
2434         case AF_UNSPEC:
2435                 return (rhs->sa_family == AF_UNSPEC);
2436         case AF_INET: {
2437                 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
2438                 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
2439                 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
2440         }
2441         case AF_INET6: {
2442                 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
2443                 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)rhs;
2444                 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
2445         }
2446         default:
2447                 WARN_ON(1);
2448                 return false; /* don't expect to be here */
2449         }
2450 }
2451
2452 /*
2453  * If no port is specified in addr structure, we try to match with 445 port
2454  * and if it fails - with 139 ports. It should be called only if address
2455  * families of server and addr are equal.
2456  */
2457 static bool
2458 match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
2459 {
2460         __be16 port, *sport;
2461
2462         /* SMBDirect manages its own ports, don't match it here */
2463         if (server->rdma)
2464                 return true;
2465
2466         switch (addr->sa_family) {
2467         case AF_INET:
2468                 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
2469                 port = ((struct sockaddr_in *) addr)->sin_port;
2470                 break;
2471         case AF_INET6:
2472                 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
2473                 port = ((struct sockaddr_in6 *) addr)->sin6_port;
2474                 break;
2475         default:
2476                 WARN_ON(1);
2477                 return false;
2478         }
2479
2480         if (!port) {
2481                 port = htons(CIFS_PORT);
2482                 if (port == *sport)
2483                         return true;
2484
2485                 port = htons(RFC1001_PORT);
2486         }
2487
2488         return port == *sport;
2489 }
2490
2491 static bool
2492 match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
2493               struct sockaddr *srcaddr)
2494 {
2495         switch (addr->sa_family) {
2496         case AF_INET: {
2497                 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
2498                 struct sockaddr_in *srv_addr4 =
2499                                         (struct sockaddr_in *)&server->dstaddr;
2500
2501                 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
2502                         return false;
2503                 break;
2504         }
2505         case AF_INET6: {
2506                 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
2507                 struct sockaddr_in6 *srv_addr6 =
2508                                         (struct sockaddr_in6 *)&server->dstaddr;
2509
2510                 if (!ipv6_addr_equal(&addr6->sin6_addr,
2511                                      &srv_addr6->sin6_addr))
2512                         return false;
2513                 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
2514                         return false;
2515                 break;
2516         }
2517         default:
2518                 WARN_ON(1);
2519                 return false; /* don't expect to be here */
2520         }
2521
2522         if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
2523                 return false;
2524
2525         return true;
2526 }
2527
2528 static bool
2529 match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
2530 {
2531         /*
2532          * The select_sectype function should either return the vol->sectype
2533          * that was specified, or "Unspecified" if that sectype was not
2534          * compatible with the given NEGOTIATE request.
2535          */
2536         if (server->ops->select_sectype(server, vol->sectype)
2537              == Unspecified)
2538                 return false;
2539
2540         /*
2541          * Now check if signing mode is acceptable. No need to check
2542          * global_secflags at this point since if MUST_SIGN is set then
2543          * the server->sign had better be too.
2544          */
2545         if (vol->sign && !server->sign)
2546                 return false;
2547
2548         return true;
2549 }
2550
2551 static int match_server(struct TCP_Server_Info *server, struct smb_vol *vol)
2552 {
2553         struct sockaddr *addr = (struct sockaddr *)&vol->dstaddr;
2554
2555         if (vol->nosharesock)
2556                 return 0;
2557
2558         /* If multidialect negotiation see if existing sessions match one */
2559         if (strcmp(vol->vals->version_string, SMB3ANY_VERSION_STRING) == 0) {
2560                 if (server->vals->protocol_id < SMB30_PROT_ID)
2561                         return 0;
2562         } else if (strcmp(vol->vals->version_string,
2563                    SMBDEFAULT_VERSION_STRING) == 0) {
2564                 if (server->vals->protocol_id < SMB21_PROT_ID)
2565                         return 0;
2566         } else if ((server->vals != vol->vals) || (server->ops != vol->ops))
2567                 return 0;
2568
2569         if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
2570                 return 0;
2571
2572         if (!match_address(server, addr,
2573                            (struct sockaddr *)&vol->srcaddr))
2574                 return 0;
2575
2576         if (!match_port(server, addr))
2577                 return 0;
2578
2579         if (!match_security(server, vol))
2580                 return 0;
2581
2582         if (server->echo_interval != vol->echo_interval * HZ)
2583                 return 0;
2584
2585         if (server->rdma != vol->rdma)
2586                 return 0;
2587
2588         return 1;
2589 }
2590
2591 struct TCP_Server_Info *
2592 cifs_find_tcp_session(struct smb_vol *vol)
2593 {
2594         struct TCP_Server_Info *server;
2595
2596         spin_lock(&cifs_tcp_ses_lock);
2597         list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
2598                 if (!match_server(server, vol))
2599                         continue;
2600
2601                 ++server->srv_count;
2602                 spin_unlock(&cifs_tcp_ses_lock);
2603                 cifs_dbg(FYI, "Existing tcp session with server found\n");
2604                 return server;
2605         }
2606         spin_unlock(&cifs_tcp_ses_lock);
2607         return NULL;
2608 }
2609
2610 void
2611 cifs_put_tcp_session(struct TCP_Server_Info *server, int from_reconnect)
2612 {
2613         struct task_struct *task;
2614
2615         spin_lock(&cifs_tcp_ses_lock);
2616         if (--server->srv_count > 0) {
2617                 spin_unlock(&cifs_tcp_ses_lock);
2618                 return;
2619         }
2620
2621         put_net(cifs_net_ns(server));
2622
2623         list_del_init(&server->tcp_ses_list);
2624         spin_unlock(&cifs_tcp_ses_lock);
2625
2626         cancel_delayed_work_sync(&server->echo);
2627
2628         if (from_reconnect)
2629                 /*
2630                  * Avoid deadlock here: reconnect work calls
2631                  * cifs_put_tcp_session() at its end. Need to be sure
2632                  * that reconnect work does nothing with server pointer after
2633                  * that step.
2634                  */
2635                 cancel_delayed_work(&server->reconnect);
2636         else
2637                 cancel_delayed_work_sync(&server->reconnect);
2638
2639         spin_lock(&GlobalMid_Lock);
2640         server->tcpStatus = CifsExiting;
2641         spin_unlock(&GlobalMid_Lock);
2642
2643         cifs_crypto_secmech_release(server);
2644         cifs_fscache_release_client_cookie(server);
2645
2646         kfree(server->session_key.response);
2647         server->session_key.response = NULL;
2648         server->session_key.len = 0;
2649
2650         task = xchg(&server->tsk, NULL);
2651         if (task)
2652                 send_sig(SIGKILL, task, 1);
2653 }
2654
2655 static struct TCP_Server_Info *
2656 cifs_get_tcp_session(struct smb_vol *volume_info)
2657 {
2658         struct TCP_Server_Info *tcp_ses = NULL;
2659         int rc;
2660
2661         cifs_dbg(FYI, "UNC: %s\n", volume_info->UNC);
2662
2663         /* see if we already have a matching tcp_ses */
2664         tcp_ses = cifs_find_tcp_session(volume_info);
2665         if (tcp_ses)
2666                 return tcp_ses;
2667
2668         tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
2669         if (!tcp_ses) {
2670                 rc = -ENOMEM;
2671                 goto out_err;
2672         }
2673
2674         tcp_ses->ops = volume_info->ops;
2675         tcp_ses->vals = volume_info->vals;
2676         cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
2677         tcp_ses->hostname = extract_hostname(volume_info->UNC);
2678         if (IS_ERR(tcp_ses->hostname)) {
2679                 rc = PTR_ERR(tcp_ses->hostname);
2680                 goto out_err_crypto_release;
2681         }
2682
2683         tcp_ses->noblocksnd = volume_info->noblocksnd;
2684         tcp_ses->noautotune = volume_info->noautotune;
2685         tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
2686         tcp_ses->rdma = volume_info->rdma;
2687         tcp_ses->in_flight = 0;
2688         tcp_ses->credits = 1;
2689         init_waitqueue_head(&tcp_ses->response_q);
2690         init_waitqueue_head(&tcp_ses->request_q);
2691         INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
2692         mutex_init(&tcp_ses->srv_mutex);
2693         memcpy(tcp_ses->workstation_RFC1001_name,
2694                 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
2695         memcpy(tcp_ses->server_RFC1001_name,
2696                 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
2697         tcp_ses->session_estab = false;
2698         tcp_ses->sequence_number = 0;
2699         tcp_ses->reconnect_instance = 1;
2700         tcp_ses->lstrp = jiffies;
2701         tcp_ses->compress_algorithm = cpu_to_le16(volume_info->compression);
2702         spin_lock_init(&tcp_ses->req_lock);
2703         INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
2704         INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
2705         INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
2706         INIT_DELAYED_WORK(&tcp_ses->reconnect, smb2_reconnect_server);
2707         mutex_init(&tcp_ses->reconnect_mutex);
2708         memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
2709                sizeof(tcp_ses->srcaddr));
2710         memcpy(&tcp_ses->dstaddr, &volume_info->dstaddr,
2711                 sizeof(tcp_ses->dstaddr));
2712         generate_random_uuid(tcp_ses->client_guid);
2713         /*
2714          * at this point we are the only ones with the pointer
2715          * to the struct since the kernel thread not created yet
2716          * no need to spinlock this init of tcpStatus or srv_count
2717          */
2718         tcp_ses->tcpStatus = CifsNew;
2719         ++tcp_ses->srv_count;
2720
2721         if (volume_info->echo_interval >= SMB_ECHO_INTERVAL_MIN &&
2722                 volume_info->echo_interval <= SMB_ECHO_INTERVAL_MAX)
2723                 tcp_ses->echo_interval = volume_info->echo_interval * HZ;
2724         else
2725                 tcp_ses->echo_interval = SMB_ECHO_INTERVAL_DEFAULT * HZ;
2726         if (tcp_ses->rdma) {
2727 #ifndef CONFIG_CIFS_SMB_DIRECT
2728                 cifs_dbg(VFS, "CONFIG_CIFS_SMB_DIRECT is not enabled\n");
2729                 rc = -ENOENT;
2730                 goto out_err_crypto_release;
2731 #endif
2732                 tcp_ses->smbd_conn = smbd_get_connection(
2733                         tcp_ses, (struct sockaddr *)&volume_info->dstaddr);
2734                 if (tcp_ses->smbd_conn) {
2735                         cifs_dbg(VFS, "RDMA transport established\n");
2736                         rc = 0;
2737                         goto smbd_connected;
2738                 } else {
2739                         rc = -ENOENT;
2740                         goto out_err_crypto_release;
2741                 }
2742         }
2743         rc = ip_connect(tcp_ses);
2744         if (rc < 0) {
2745                 cifs_dbg(VFS, "Error connecting to socket. Aborting operation.\n");
2746                 goto out_err_crypto_release;
2747         }
2748 smbd_connected:
2749         /*
2750          * since we're in a cifs function already, we know that
2751          * this will succeed. No need for try_module_get().
2752          */
2753         __module_get(THIS_MODULE);
2754         tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
2755                                   tcp_ses, "cifsd");
2756         if (IS_ERR(tcp_ses->tsk)) {
2757                 rc = PTR_ERR(tcp_ses->tsk);
2758                 cifs_dbg(VFS, "error %d create cifsd thread\n", rc);
2759                 module_put(THIS_MODULE);
2760                 goto out_err_crypto_release;
2761         }
2762         tcp_ses->tcpStatus = CifsNeedNegotiate;
2763
2764         tcp_ses->nr_targets = 1;
2765
2766         /* thread spawned, put it on the list */
2767         spin_lock(&cifs_tcp_ses_lock);
2768         list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
2769         spin_unlock(&cifs_tcp_ses_lock);
2770
2771         cifs_fscache_get_client_cookie(tcp_ses);
2772
2773         /* queue echo request delayed work */
2774         queue_delayed_work(cifsiod_wq, &tcp_ses->echo, tcp_ses->echo_interval);
2775
2776         return tcp_ses;
2777
2778 out_err_crypto_release:
2779         cifs_crypto_secmech_release(tcp_ses);
2780
2781         put_net(cifs_net_ns(tcp_ses));
2782
2783 out_err:
2784         if (tcp_ses) {
2785                 if (!IS_ERR(tcp_ses->hostname))
2786                         kfree(tcp_ses->hostname);
2787                 if (tcp_ses->ssocket)
2788                         sock_release(tcp_ses->ssocket);
2789                 kfree(tcp_ses);
2790         }
2791         return ERR_PTR(rc);
2792 }
2793
2794 static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
2795 {
2796         if (vol->sectype != Unspecified &&
2797             vol->sectype != ses->sectype)
2798                 return 0;
2799
2800         switch (ses->sectype) {
2801         case Kerberos:
2802                 if (!uid_eq(vol->cred_uid, ses->cred_uid))
2803                         return 0;
2804                 break;
2805         default:
2806                 /* NULL username means anonymous session */
2807                 if (ses->user_name == NULL) {
2808                         if (!vol->nullauth)
2809                                 return 0;
2810                         break;
2811                 }
2812
2813                 /* anything else takes username/password */
2814                 if (strncmp(ses->user_name,
2815                             vol->username ? vol->username : "",
2816                             CIFS_MAX_USERNAME_LEN))
2817                         return 0;
2818                 if ((vol->username && strlen(vol->username) != 0) &&
2819                     ses->password != NULL &&
2820                     strncmp(ses->password,
2821                             vol->password ? vol->password : "",
2822                             CIFS_MAX_PASSWORD_LEN))
2823                         return 0;
2824         }
2825         return 1;
2826 }
2827
2828 /**
2829  * cifs_setup_ipc - helper to setup the IPC tcon for the session
2830  *
2831  * A new IPC connection is made and stored in the session
2832  * tcon_ipc. The IPC tcon has the same lifetime as the session.
2833  */
2834 static int
2835 cifs_setup_ipc(struct cifs_ses *ses, struct smb_vol *volume_info)
2836 {
2837         int rc = 0, xid;
2838         struct cifs_tcon *tcon;
2839         struct nls_table *nls_codepage;
2840         char unc[SERVER_NAME_LENGTH + sizeof("//x/IPC$")] = {0};
2841         bool seal = false;
2842
2843         /*
2844          * If the mount request that resulted in the creation of the
2845          * session requires encryption, force IPC to be encrypted too.
2846          */
2847         if (volume_info->seal) {
2848                 if (ses->server->capabilities & SMB2_GLOBAL_CAP_ENCRYPTION)
2849                         seal = true;
2850                 else {
2851                         cifs_dbg(VFS,
2852                                  "IPC: server doesn't support encryption\n");
2853                         return -EOPNOTSUPP;
2854                 }
2855         }
2856
2857         tcon = tconInfoAlloc();
2858         if (tcon == NULL)
2859                 return -ENOMEM;
2860
2861         scnprintf(unc, sizeof(unc), "\\\\%s\\IPC$", ses->server->hostname);
2862
2863         /* cannot fail */
2864         nls_codepage = load_nls_default();
2865
2866         xid = get_xid();
2867         tcon->ses = ses;
2868         tcon->ipc = true;
2869         tcon->seal = seal;
2870         rc = ses->server->ops->tree_connect(xid, ses, unc, tcon, nls_codepage);
2871         free_xid(xid);
2872
2873         if (rc) {
2874                 cifs_dbg(VFS, "failed to connect to IPC (rc=%d)\n", rc);
2875                 tconInfoFree(tcon);
2876                 goto out;
2877         }
2878
2879         cifs_dbg(FYI, "IPC tcon rc = %d ipc tid = %d\n", rc, tcon->tid);
2880
2881         ses->tcon_ipc = tcon;
2882 out:
2883         unload_nls(nls_codepage);
2884         return rc;
2885 }
2886
2887 /**
2888  * cifs_free_ipc - helper to release the session IPC tcon
2889  *
2890  * Needs to be called everytime a session is destroyed
2891  */
2892 static int
2893 cifs_free_ipc(struct cifs_ses *ses)
2894 {
2895         int rc = 0, xid;
2896         struct cifs_tcon *tcon = ses->tcon_ipc;
2897
2898         if (tcon == NULL)
2899                 return 0;
2900
2901         if (ses->server->ops->tree_disconnect) {
2902                 xid = get_xid();
2903                 rc = ses->server->ops->tree_disconnect(xid, tcon);
2904                 free_xid(xid);
2905         }
2906
2907         if (rc)
2908                 cifs_dbg(FYI, "failed to disconnect IPC tcon (rc=%d)\n", rc);
2909
2910         tconInfoFree(tcon);
2911         ses->tcon_ipc = NULL;
2912         return rc;
2913 }
2914
2915 static struct cifs_ses *
2916 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
2917 {
2918         struct cifs_ses *ses;
2919
2920         spin_lock(&cifs_tcp_ses_lock);
2921         list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
2922                 if (ses->status == CifsExiting)
2923                         continue;
2924                 if (!match_session(ses, vol))
2925                         continue;
2926                 ++ses->ses_count;
2927                 spin_unlock(&cifs_tcp_ses_lock);
2928                 return ses;
2929         }
2930         spin_unlock(&cifs_tcp_ses_lock);
2931         return NULL;
2932 }
2933
2934 void cifs_put_smb_ses(struct cifs_ses *ses)
2935 {
2936         unsigned int rc, xid;
2937         struct TCP_Server_Info *server = ses->server;
2938
2939         cifs_dbg(FYI, "%s: ses_count=%d\n", __func__, ses->ses_count);
2940
2941         spin_lock(&cifs_tcp_ses_lock);
2942         if (ses->status == CifsExiting) {
2943                 spin_unlock(&cifs_tcp_ses_lock);
2944                 return;
2945         }
2946         if (--ses->ses_count > 0) {
2947                 spin_unlock(&cifs_tcp_ses_lock);
2948                 return;
2949         }
2950         if (ses->status == CifsGood)
2951                 ses->status = CifsExiting;
2952         spin_unlock(&cifs_tcp_ses_lock);
2953
2954         cifs_free_ipc(ses);
2955
2956         if (ses->status == CifsExiting && server->ops->logoff) {
2957                 xid = get_xid();
2958                 rc = server->ops->logoff(xid, ses);
2959                 if (rc)
2960                         cifs_dbg(VFS, "%s: Session Logoff failure rc=%d\n",
2961                                 __func__, rc);
2962                 _free_xid(xid);
2963         }
2964
2965         spin_lock(&cifs_tcp_ses_lock);
2966         list_del_init(&ses->smb_ses_list);
2967         spin_unlock(&cifs_tcp_ses_lock);
2968
2969         sesInfoFree(ses);
2970         cifs_put_tcp_session(server, 0);
2971 }
2972
2973 #ifdef CONFIG_KEYS
2974
2975 /* strlen("cifs:a:") + CIFS_MAX_DOMAINNAME_LEN + 1 */
2976 #define CIFSCREDS_DESC_SIZE (7 + CIFS_MAX_DOMAINNAME_LEN + 1)
2977
2978 /* Populate username and pw fields from keyring if possible */
2979 static int
2980 cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
2981 {
2982         int rc = 0;
2983         const char *delim, *payload;
2984         char *desc;
2985         ssize_t len;
2986         struct key *key;
2987         struct TCP_Server_Info *server = ses->server;
2988         struct sockaddr_in *sa;
2989         struct sockaddr_in6 *sa6;
2990         const struct user_key_payload *upayload;
2991
2992         desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
2993         if (!desc)
2994                 return -ENOMEM;
2995
2996         /* try to find an address key first */
2997         switch (server->dstaddr.ss_family) {
2998         case AF_INET:
2999                 sa = (struct sockaddr_in *)&server->dstaddr;
3000                 sprintf(desc, "cifs:a:%pI4", &sa->sin_addr.s_addr);
3001                 break;
3002         case AF_INET6:
3003                 sa6 = (struct sockaddr_in6 *)&server->dstaddr;
3004                 sprintf(desc, "cifs:a:%pI6c", &sa6->sin6_addr.s6_addr);
3005                 break;
3006         default:
3007                 cifs_dbg(FYI, "Bad ss_family (%hu)\n",
3008                          server->dstaddr.ss_family);
3009                 rc = -EINVAL;
3010                 goto out_err;
3011         }
3012
3013         cifs_dbg(FYI, "%s: desc=%s\n", __func__, desc);
3014         key = request_key(&key_type_logon, desc, "");
3015         if (IS_ERR(key)) {
3016                 if (!ses->domainName) {
3017                         cifs_dbg(FYI, "domainName is NULL\n");
3018                         rc = PTR_ERR(key);
3019                         goto out_err;
3020                 }
3021
3022                 /* didn't work, try to find a domain key */
3023                 sprintf(desc, "cifs:d:%s", ses->domainName);
3024                 cifs_dbg(FYI, "%s: desc=%s\n", __func__, desc);
3025                 key = request_key(&key_type_logon, desc, "");
3026                 if (IS_ERR(key)) {
3027                         rc = PTR_ERR(key);
3028                         goto out_err;
3029                 }
3030         }
3031
3032         down_read(&key->sem);
3033         upayload = user_key_payload_locked(key);
3034         if (IS_ERR_OR_NULL(upayload)) {
3035                 rc = upayload ? PTR_ERR(upayload) : -EINVAL;
3036                 goto out_key_put;
3037         }
3038
3039         /* find first : in payload */
3040         payload = upayload->data;
3041         delim = strnchr(payload, upayload->datalen, ':');
3042         cifs_dbg(FYI, "payload=%s\n", payload);
3043         if (!delim) {
3044                 cifs_dbg(FYI, "Unable to find ':' in payload (datalen=%d)\n",
3045                          upayload->datalen);
3046                 rc = -EINVAL;
3047                 goto out_key_put;
3048         }
3049
3050         len = delim - payload;
3051         if (len > CIFS_MAX_USERNAME_LEN || len <= 0) {
3052                 cifs_dbg(FYI, "Bad value from username search (len=%zd)\n",
3053                          len);
3054                 rc = -EINVAL;
3055                 goto out_key_put;
3056         }
3057
3058         vol->username = kstrndup(payload, len, GFP_KERNEL);
3059         if (!vol->username) {
3060                 cifs_dbg(FYI, "Unable to allocate %zd bytes for username\n",
3061                          len);
3062                 rc = -ENOMEM;
3063                 goto out_key_put;
3064         }
3065         cifs_dbg(FYI, "%s: username=%s\n", __func__, vol->username);
3066
3067         len = key->datalen - (len + 1);
3068         if (len > CIFS_MAX_PASSWORD_LEN || len <= 0) {
3069                 cifs_dbg(FYI, "Bad len for password search (len=%zd)\n", len);
3070                 rc = -EINVAL;
3071                 kfree(vol->username);
3072                 vol->username = NULL;
3073                 goto out_key_put;
3074         }
3075
3076         ++delim;
3077         vol->password = kstrndup(delim, len, GFP_KERNEL);
3078         if (!vol->password) {
3079                 cifs_dbg(FYI, "Unable to allocate %zd bytes for password\n",
3080                          len);
3081                 rc = -ENOMEM;
3082                 kfree(vol->username);
3083                 vol->username = NULL;
3084                 goto out_key_put;
3085         }
3086
3087 out_key_put:
3088         up_read(&key->sem);
3089         key_put(key);
3090 out_err:
3091         kfree(desc);
3092         cifs_dbg(FYI, "%s: returning %d\n", __func__, rc);
3093         return rc;
3094 }
3095 #else /* ! CONFIG_KEYS */
3096 static inline int
3097 cifs_set_cifscreds(struct smb_vol *vol __attribute__((unused)),
3098                    struct cifs_ses *ses __attribute__((unused)))
3099 {
3100         return -ENOSYS;
3101 }
3102 #endif /* CONFIG_KEYS */
3103
3104 /**
3105  * cifs_get_smb_ses - get a session matching @volume_info data from @server
3106  *
3107  * This function assumes it is being called from cifs_mount() where we
3108  * already got a server reference&nb