]> git.openfabrics.org - ~shefty/rdma-dev.git/blob - fs/cifs/connect.c
602f77c304c90fc402c9ec221eff2b78be818081
[~shefty/rdma-dev.git] / fs / cifs / connect.c
1 /*
2  *   fs/cifs/connect.c
3  *
4  *   Copyright (C) International Business Machines  Corp., 2002,2009
5  *   Author(s): Steve French (sfrench@us.ibm.com)
6  *
7  *   This library is free software; you can redistribute it and/or modify
8  *   it under the terms of the GNU Lesser General Public License as published
9  *   by the Free Software Foundation; either version 2.1 of the License, or
10  *   (at your option) any later version.
11  *
12  *   This library is distributed in the hope that it will be useful,
13  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
14  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
15  *   the GNU Lesser General Public License for more details.
16  *
17  *   You should have received a copy of the GNU Lesser General Public License
18  *   along with this library; if not, write to the Free Software
19  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20  */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/slab.h>
27 #include <linux/pagemap.h>
28 #include <linux/ctype.h>
29 #include <linux/utsname.h>
30 #include <linux/mempool.h>
31 #include <linux/delay.h>
32 #include <linux/completion.h>
33 #include <linux/kthread.h>
34 #include <linux/pagevec.h>
35 #include <linux/freezer.h>
36 #include <linux/namei.h>
37 #include <asm/uaccess.h>
38 #include <asm/processor.h>
39 #include <linux/inet.h>
40 #include <linux/module.h>
41 #include <keys/user-type.h>
42 #include <net/ipv6.h>
43 #include "cifspdu.h"
44 #include "cifsglob.h"
45 #include "cifsproto.h"
46 #include "cifs_unicode.h"
47 #include "cifs_debug.h"
48 #include "cifs_fs_sb.h"
49 #include "ntlmssp.h"
50 #include "nterr.h"
51 #include "rfc1002pdu.h"
52 #include "fscache.h"
53
54 #define CIFS_PORT 445
55 #define RFC1001_PORT 139
56
57 /* SMB echo "timeout" -- FIXME: tunable? */
58 #define SMB_ECHO_INTERVAL (60 * HZ)
59
60 extern mempool_t *cifs_req_poolp;
61
62 /* FIXME: should these be tunable? */
63 #define TLINK_ERROR_EXPIRE      (1 * HZ)
64 #define TLINK_IDLE_EXPIRE       (600 * HZ)
65
66 static int ip_connect(struct TCP_Server_Info *server);
67 static int generic_ip_connect(struct TCP_Server_Info *server);
68 static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
69 static void cifs_prune_tlinks(struct work_struct *work);
70 static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
71                                         const char *devname);
72
73 /*
74  * cifs tcp session reconnection
75  *
76  * mark tcp session as reconnecting so temporarily locked
77  * mark all smb sessions as reconnecting for tcp session
78  * reconnect tcp session
79  * wake up waiters on reconnection? - (not needed currently)
80  */
81 static int
82 cifs_reconnect(struct TCP_Server_Info *server)
83 {
84         int rc = 0;
85         struct list_head *tmp, *tmp2;
86         struct cifs_ses *ses;
87         struct cifs_tcon *tcon;
88         struct mid_q_entry *mid_entry;
89         struct list_head retry_list;
90
91         spin_lock(&GlobalMid_Lock);
92         if (server->tcpStatus == CifsExiting) {
93                 /* the demux thread will exit normally
94                 next time through the loop */
95                 spin_unlock(&GlobalMid_Lock);
96                 return rc;
97         } else
98                 server->tcpStatus = CifsNeedReconnect;
99         spin_unlock(&GlobalMid_Lock);
100         server->maxBuf = 0;
101
102         cFYI(1, "Reconnecting tcp session");
103
104         /* before reconnecting the tcp session, mark the smb session (uid)
105                 and the tid bad so they are not used until reconnected */
106         cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
107         spin_lock(&cifs_tcp_ses_lock);
108         list_for_each(tmp, &server->smb_ses_list) {
109                 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
110                 ses->need_reconnect = true;
111                 ses->ipc_tid = 0;
112                 list_for_each(tmp2, &ses->tcon_list) {
113                         tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
114                         tcon->need_reconnect = true;
115                 }
116         }
117         spin_unlock(&cifs_tcp_ses_lock);
118
119         /* do not want to be sending data on a socket we are freeing */
120         cFYI(1, "%s: tearing down socket", __func__);
121         mutex_lock(&server->srv_mutex);
122         if (server->ssocket) {
123                 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
124                         server->ssocket->flags);
125                 kernel_sock_shutdown(server->ssocket, SHUT_WR);
126                 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
127                         server->ssocket->state,
128                         server->ssocket->flags);
129                 sock_release(server->ssocket);
130                 server->ssocket = NULL;
131         }
132         server->sequence_number = 0;
133         server->session_estab = false;
134         kfree(server->session_key.response);
135         server->session_key.response = NULL;
136         server->session_key.len = 0;
137         server->lstrp = jiffies;
138         mutex_unlock(&server->srv_mutex);
139
140         /* mark submitted MIDs for retry and issue callback */
141         INIT_LIST_HEAD(&retry_list);
142         cFYI(1, "%s: moving mids to private list", __func__);
143         spin_lock(&GlobalMid_Lock);
144         list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
145                 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
146                 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
147                         mid_entry->midState = MID_RETRY_NEEDED;
148                 list_move(&mid_entry->qhead, &retry_list);
149         }
150         spin_unlock(&GlobalMid_Lock);
151
152         cFYI(1, "%s: issuing mid callbacks", __func__);
153         list_for_each_safe(tmp, tmp2, &retry_list) {
154                 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
155                 list_del_init(&mid_entry->qhead);
156                 mid_entry->callback(mid_entry);
157         }
158
159         do {
160                 try_to_freeze();
161
162                 /* we should try only the port we connected to before */
163                 rc = generic_ip_connect(server);
164                 if (rc) {
165                         cFYI(1, "reconnect error %d", rc);
166                         msleep(3000);
167                 } else {
168                         atomic_inc(&tcpSesReconnectCount);
169                         spin_lock(&GlobalMid_Lock);
170                         if (server->tcpStatus != CifsExiting)
171                                 server->tcpStatus = CifsNeedNegotiate;
172                         spin_unlock(&GlobalMid_Lock);
173                 }
174         } while (server->tcpStatus == CifsNeedReconnect);
175
176         return rc;
177 }
178
179 /*
180         return codes:
181                 0       not a transact2, or all data present
182                 >0      transact2 with that much data missing
183                 -EINVAL = invalid transact2
184
185  */
186 static int check2ndT2(struct smb_hdr *pSMB)
187 {
188         struct smb_t2_rsp *pSMBt;
189         int remaining;
190         __u16 total_data_size, data_in_this_rsp;
191
192         if (pSMB->Command != SMB_COM_TRANSACTION2)
193                 return 0;
194
195         /* check for plausible wct, bcc and t2 data and parm sizes */
196         /* check for parm and data offset going beyond end of smb */
197         if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
198                 cFYI(1, "invalid transact2 word count");
199                 return -EINVAL;
200         }
201
202         pSMBt = (struct smb_t2_rsp *)pSMB;
203
204         total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
205         data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
206
207         if (total_data_size == data_in_this_rsp)
208                 return 0;
209         else if (total_data_size < data_in_this_rsp) {
210                 cFYI(1, "total data %d smaller than data in frame %d",
211                         total_data_size, data_in_this_rsp);
212                 return -EINVAL;
213         }
214
215         remaining = total_data_size - data_in_this_rsp;
216
217         cFYI(1, "missing %d bytes from transact2, check next response",
218                 remaining);
219         if (total_data_size > CIFSMaxBufSize) {
220                 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
221                         total_data_size, CIFSMaxBufSize);
222                 return -EINVAL;
223         }
224         return remaining;
225 }
226
227 static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
228 {
229         struct smb_t2_rsp *pSMBs = (struct smb_t2_rsp *)psecond;
230         struct smb_t2_rsp *pSMBt  = (struct smb_t2_rsp *)pTargetSMB;
231         char *data_area_of_tgt;
232         char *data_area_of_src;
233         int remaining;
234         unsigned int byte_count, total_in_tgt;
235         __u16 tgt_total_cnt, src_total_cnt, total_in_src;
236
237         src_total_cnt = get_unaligned_le16(&pSMBs->t2_rsp.TotalDataCount);
238         tgt_total_cnt = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
239
240         if (tgt_total_cnt != src_total_cnt)
241                 cFYI(1, "total data count of primary and secondary t2 differ "
242                         "source=%hu target=%hu", src_total_cnt, tgt_total_cnt);
243
244         total_in_tgt = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
245
246         remaining = tgt_total_cnt - total_in_tgt;
247
248         if (remaining < 0) {
249                 cFYI(1, "Server sent too much data. tgt_total_cnt=%hu "
250                         "total_in_tgt=%hu", tgt_total_cnt, total_in_tgt);
251                 return -EPROTO;
252         }
253
254         if (remaining == 0) {
255                 /* nothing to do, ignore */
256                 cFYI(1, "no more data remains");
257                 return 0;
258         }
259
260         total_in_src = get_unaligned_le16(&pSMBs->t2_rsp.DataCount);
261         if (remaining < total_in_src)
262                 cFYI(1, "transact2 2nd response contains too much data");
263
264         /* find end of first SMB data area */
265         data_area_of_tgt = (char *)&pSMBt->hdr.Protocol +
266                                 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
267
268         /* validate target area */
269         data_area_of_src = (char *)&pSMBs->hdr.Protocol +
270                                 get_unaligned_le16(&pSMBs->t2_rsp.DataOffset);
271
272         data_area_of_tgt += total_in_tgt;
273
274         total_in_tgt += total_in_src;
275         /* is the result too big for the field? */
276         if (total_in_tgt > USHRT_MAX) {
277                 cFYI(1, "coalesced DataCount too large (%u)", total_in_tgt);
278                 return -EPROTO;
279         }
280         put_unaligned_le16(total_in_tgt, &pSMBt->t2_rsp.DataCount);
281
282         /* fix up the BCC */
283         byte_count = get_bcc(pTargetSMB);
284         byte_count += total_in_src;
285         /* is the result too big for the field? */
286         if (byte_count > USHRT_MAX) {
287                 cFYI(1, "coalesced BCC too large (%u)", byte_count);
288                 return -EPROTO;
289         }
290         put_bcc(byte_count, pTargetSMB);
291
292         byte_count = be32_to_cpu(pTargetSMB->smb_buf_length);
293         byte_count += total_in_src;
294         /* don't allow buffer to overflow */
295         if (byte_count > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
296                 cFYI(1, "coalesced BCC exceeds buffer size (%u)", byte_count);
297                 return -ENOBUFS;
298         }
299         pTargetSMB->smb_buf_length = cpu_to_be32(byte_count);
300
301         /* copy second buffer into end of first buffer */
302         memcpy(data_area_of_tgt, data_area_of_src, total_in_src);
303
304         if (remaining != total_in_src) {
305                 /* more responses to go */
306                 cFYI(1, "waiting for more secondary responses");
307                 return 1;
308         }
309
310         /* we are done */
311         cFYI(1, "found the last secondary response");
312         return 0;
313 }
314
315 static void
316 cifs_echo_request(struct work_struct *work)
317 {
318         int rc;
319         struct TCP_Server_Info *server = container_of(work,
320                                         struct TCP_Server_Info, echo.work);
321
322         /*
323          * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
324          * done, which is indicated by maxBuf != 0. Also, no need to ping if
325          * we got a response recently
326          */
327         if (server->maxBuf == 0 ||
328             time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
329                 goto requeue_echo;
330
331         rc = CIFSSMBEcho(server);
332         if (rc)
333                 cFYI(1, "Unable to send echo request to server: %s",
334                         server->hostname);
335
336 requeue_echo:
337         queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
338 }
339
340 static bool
341 allocate_buffers(struct TCP_Server_Info *server)
342 {
343         if (!server->bigbuf) {
344                 server->bigbuf = (char *)cifs_buf_get();
345                 if (!server->bigbuf) {
346                         cERROR(1, "No memory for large SMB response");
347                         msleep(3000);
348                         /* retry will check if exiting */
349                         return false;
350                 }
351         } else if (server->large_buf) {
352                 /* we are reusing a dirty large buf, clear its start */
353                 memset(server->bigbuf, 0, sizeof(struct smb_hdr));
354         }
355
356         if (!server->smallbuf) {
357                 server->smallbuf = (char *)cifs_small_buf_get();
358                 if (!server->smallbuf) {
359                         cERROR(1, "No memory for SMB response");
360                         msleep(1000);
361                         /* retry will check if exiting */
362                         return false;
363                 }
364                 /* beginning of smb buffer is cleared in our buf_get */
365         } else {
366                 /* if existing small buf clear beginning */
367                 memset(server->smallbuf, 0, sizeof(struct smb_hdr));
368         }
369
370         return true;
371 }
372
373 static bool
374 server_unresponsive(struct TCP_Server_Info *server)
375 {
376         if (echo_retries > 0 && server->tcpStatus == CifsGood &&
377             time_after(jiffies, server->lstrp +
378                                 (echo_retries * SMB_ECHO_INTERVAL))) {
379                 cERROR(1, "Server %s has not responded in %d seconds. "
380                           "Reconnecting...", server->hostname,
381                           (echo_retries * SMB_ECHO_INTERVAL / HZ));
382                 cifs_reconnect(server);
383                 wake_up(&server->response_q);
384                 return true;
385         }
386
387         return false;
388 }
389
390 /*
391  * kvec_array_init - clone a kvec array, and advance into it
392  * @new:        pointer to memory for cloned array
393  * @iov:        pointer to original array
394  * @nr_segs:    number of members in original array
395  * @bytes:      number of bytes to advance into the cloned array
396  *
397  * This function will copy the array provided in iov to a section of memory
398  * and advance the specified number of bytes into the new array. It returns
399  * the number of segments in the new array. "new" must be at least as big as
400  * the original iov array.
401  */
402 static unsigned int
403 kvec_array_init(struct kvec *new, struct kvec *iov, unsigned int nr_segs,
404                 size_t bytes)
405 {
406         size_t base = 0;
407
408         while (bytes || !iov->iov_len) {
409                 int copy = min(bytes, iov->iov_len);
410
411                 bytes -= copy;
412                 base += copy;
413                 if (iov->iov_len == base) {
414                         iov++;
415                         nr_segs--;
416                         base = 0;
417                 }
418         }
419         memcpy(new, iov, sizeof(*iov) * nr_segs);
420         new->iov_base += base;
421         new->iov_len -= base;
422         return nr_segs;
423 }
424
425 static struct kvec *
426 get_server_iovec(struct TCP_Server_Info *server, unsigned int nr_segs)
427 {
428         struct kvec *new_iov;
429
430         if (server->iov && nr_segs <= server->nr_iov)
431                 return server->iov;
432
433         /* not big enough -- allocate a new one and release the old */
434         new_iov = kmalloc(sizeof(*new_iov) * nr_segs, GFP_NOFS);
435         if (new_iov) {
436                 kfree(server->iov);
437                 server->iov = new_iov;
438                 server->nr_iov = nr_segs;
439         }
440         return new_iov;
441 }
442
443 int
444 cifs_readv_from_socket(struct TCP_Server_Info *server, struct kvec *iov_orig,
445                        unsigned int nr_segs, unsigned int to_read)
446 {
447         int length = 0;
448         int total_read;
449         unsigned int segs;
450         struct msghdr smb_msg;
451         struct kvec *iov;
452
453         iov = get_server_iovec(server, nr_segs);
454         if (!iov)
455                 return -ENOMEM;
456
457         smb_msg.msg_control = NULL;
458         smb_msg.msg_controllen = 0;
459
460         for (total_read = 0; to_read; total_read += length, to_read -= length) {
461                 try_to_freeze();
462
463                 if (server_unresponsive(server)) {
464                         total_read = -EAGAIN;
465                         break;
466                 }
467
468                 segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
469
470                 length = kernel_recvmsg(server->ssocket, &smb_msg,
471                                         iov, segs, to_read, 0);
472
473                 if (server->tcpStatus == CifsExiting) {
474                         total_read = -ESHUTDOWN;
475                         break;
476                 } else if (server->tcpStatus == CifsNeedReconnect) {
477                         cifs_reconnect(server);
478                         total_read = -EAGAIN;
479                         break;
480                 } else if (length == -ERESTARTSYS ||
481                            length == -EAGAIN ||
482                            length == -EINTR) {
483                         /*
484                          * Minimum sleep to prevent looping, allowing socket
485                          * to clear and app threads to set tcpStatus
486                          * CifsNeedReconnect if server hung.
487                          */
488                         usleep_range(1000, 2000);
489                         length = 0;
490                         continue;
491                 } else if (length <= 0) {
492                         cFYI(1, "Received no data or error: expecting %d "
493                                 "got %d", to_read, length);
494                         cifs_reconnect(server);
495                         total_read = -EAGAIN;
496                         break;
497                 }
498         }
499         return total_read;
500 }
501
502 int
503 cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
504                       unsigned int to_read)
505 {
506         struct kvec iov;
507
508         iov.iov_base = buf;
509         iov.iov_len = to_read;
510
511         return cifs_readv_from_socket(server, &iov, 1, to_read);
512 }
513
514 static bool
515 is_smb_response(struct TCP_Server_Info *server, unsigned char type)
516 {
517         /*
518          * The first byte big endian of the length field,
519          * is actually not part of the length but the type
520          * with the most common, zero, as regular data.
521          */
522         switch (type) {
523         case RFC1002_SESSION_MESSAGE:
524                 /* Regular SMB response */
525                 return true;
526         case RFC1002_SESSION_KEEP_ALIVE:
527                 cFYI(1, "RFC 1002 session keep alive");
528                 break;
529         case RFC1002_POSITIVE_SESSION_RESPONSE:
530                 cFYI(1, "RFC 1002 positive session response");
531                 break;
532         case RFC1002_NEGATIVE_SESSION_RESPONSE:
533                 /*
534                  * We get this from Windows 98 instead of an error on
535                  * SMB negprot response.
536                  */
537                 cFYI(1, "RFC 1002 negative session response");
538                 /* give server a second to clean up */
539                 msleep(1000);
540                 /*
541                  * Always try 445 first on reconnect since we get NACK
542                  * on some if we ever connected to port 139 (the NACK
543                  * is since we do not begin with RFC1001 session
544                  * initialize frame).
545                  */
546                 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
547                 cifs_reconnect(server);
548                 wake_up(&server->response_q);
549                 break;
550         default:
551                 cERROR(1, "RFC 1002 unknown response type 0x%x", type);
552                 cifs_reconnect(server);
553         }
554
555         return false;
556 }
557
558 static struct mid_q_entry *
559 find_mid(struct TCP_Server_Info *server, struct smb_hdr *buf)
560 {
561         struct mid_q_entry *mid;
562
563         spin_lock(&GlobalMid_Lock);
564         list_for_each_entry(mid, &server->pending_mid_q, qhead) {
565                 if (mid->mid == buf->Mid &&
566                     mid->midState == MID_REQUEST_SUBMITTED &&
567                     mid->command == buf->Command) {
568                         spin_unlock(&GlobalMid_Lock);
569                         return mid;
570                 }
571         }
572         spin_unlock(&GlobalMid_Lock);
573         return NULL;
574 }
575
576 void
577 dequeue_mid(struct mid_q_entry *mid, bool malformed)
578 {
579 #ifdef CONFIG_CIFS_STATS2
580         mid->when_received = jiffies;
581 #endif
582         spin_lock(&GlobalMid_Lock);
583         if (!malformed)
584                 mid->midState = MID_RESPONSE_RECEIVED;
585         else
586                 mid->midState = MID_RESPONSE_MALFORMED;
587         list_del_init(&mid->qhead);
588         spin_unlock(&GlobalMid_Lock);
589 }
590
591 static void
592 handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
593            struct smb_hdr *buf, int malformed)
594 {
595         if (malformed == 0 && check2ndT2(buf) > 0) {
596                 mid->multiRsp = true;
597                 if (mid->resp_buf) {
598                         /* merge response - fix up 1st*/
599                         malformed = coalesce_t2(buf, mid->resp_buf);
600                         if (malformed > 0)
601                                 return;
602
603                         /* All parts received or packet is malformed. */
604                         mid->multiEnd = true;
605                         return dequeue_mid(mid, malformed);
606                 }
607                 if (!server->large_buf) {
608                         /*FIXME: switch to already allocated largebuf?*/
609                         cERROR(1, "1st trans2 resp needs bigbuf");
610                 } else {
611                         /* Have first buffer */
612                         mid->resp_buf = buf;
613                         mid->largeBuf = true;
614                         server->bigbuf = NULL;
615                 }
616                 return;
617         }
618         mid->resp_buf = buf;
619         mid->largeBuf = server->large_buf;
620         /* Was previous buf put in mpx struct for multi-rsp? */
621         if (!mid->multiRsp) {
622                 /* smb buffer will be freed by user thread */
623                 if (server->large_buf)
624                         server->bigbuf = NULL;
625                 else
626                         server->smallbuf = NULL;
627         }
628         dequeue_mid(mid, malformed);
629 }
630
631 static void clean_demultiplex_info(struct TCP_Server_Info *server)
632 {
633         int length;
634
635         /* take it off the list, if it's not already */
636         spin_lock(&cifs_tcp_ses_lock);
637         list_del_init(&server->tcp_ses_list);
638         spin_unlock(&cifs_tcp_ses_lock);
639
640         spin_lock(&GlobalMid_Lock);
641         server->tcpStatus = CifsExiting;
642         spin_unlock(&GlobalMid_Lock);
643         wake_up_all(&server->response_q);
644
645         /*
646          * Check if we have blocked requests that need to free. Note that
647          * cifs_max_pending is normally 50, but can be set at module install
648          * time to as little as two.
649          */
650         spin_lock(&GlobalMid_Lock);
651         if (atomic_read(&server->inFlight) >= cifs_max_pending)
652                 atomic_set(&server->inFlight, cifs_max_pending - 1);
653         /*
654          * We do not want to set the max_pending too low or we could end up
655          * with the counter going negative.
656          */
657         spin_unlock(&GlobalMid_Lock);
658         /*
659          * Although there should not be any requests blocked on this queue it
660          * can not hurt to be paranoid and try to wake up requests that may
661          * haven been blocked when more than 50 at time were on the wire to the
662          * same server - they now will see the session is in exit state and get
663          * out of SendReceive.
664          */
665         wake_up_all(&server->request_q);
666         /* give those requests time to exit */
667         msleep(125);
668
669         if (server->ssocket) {
670                 sock_release(server->ssocket);
671                 server->ssocket = NULL;
672         }
673
674         if (!list_empty(&server->pending_mid_q)) {
675                 struct list_head dispose_list;
676                 struct mid_q_entry *mid_entry;
677                 struct list_head *tmp, *tmp2;
678
679                 INIT_LIST_HEAD(&dispose_list);
680                 spin_lock(&GlobalMid_Lock);
681                 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
682                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
683                         cFYI(1, "Clearing mid 0x%x", mid_entry->mid);
684                         mid_entry->midState = MID_SHUTDOWN;
685                         list_move(&mid_entry->qhead, &dispose_list);
686                 }
687                 spin_unlock(&GlobalMid_Lock);
688
689                 /* now walk dispose list and issue callbacks */
690                 list_for_each_safe(tmp, tmp2, &dispose_list) {
691                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
692                         cFYI(1, "Callback mid 0x%x", mid_entry->mid);
693                         list_del_init(&mid_entry->qhead);
694                         mid_entry->callback(mid_entry);
695                 }
696                 /* 1/8th of sec is more than enough time for them to exit */
697                 msleep(125);
698         }
699
700         if (!list_empty(&server->pending_mid_q)) {
701                 /*
702                  * mpx threads have not exited yet give them at least the smb
703                  * send timeout time for long ops.
704                  *
705                  * Due to delays on oplock break requests, we need to wait at
706                  * least 45 seconds before giving up on a request getting a
707                  * response and going ahead and killing cifsd.
708                  */
709                 cFYI(1, "Wait for exit from demultiplex thread");
710                 msleep(46000);
711                 /*
712                  * If threads still have not exited they are probably never
713                  * coming home not much else we can do but free the memory.
714                  */
715         }
716
717         kfree(server->hostname);
718         kfree(server->iov);
719         kfree(server);
720
721         length = atomic_dec_return(&tcpSesAllocCount);
722         if (length > 0)
723                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
724                                 GFP_KERNEL);
725 }
726
727 static int
728 standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
729 {
730         int length;
731         char *buf = server->smallbuf;
732         struct smb_hdr *smb_buffer = (struct smb_hdr *)buf;
733         unsigned int pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
734
735         /* make sure this will fit in a large buffer */
736         if (pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
737                 cERROR(1, "SMB response too long (%u bytes)",
738                         pdu_length);
739                 cifs_reconnect(server);
740                 wake_up(&server->response_q);
741                 return -EAGAIN;
742         }
743
744         /* switch to large buffer if too big for a small one */
745         if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
746                 server->large_buf = true;
747                 memcpy(server->bigbuf, server->smallbuf, server->total_read);
748                 buf = server->bigbuf;
749                 smb_buffer = (struct smb_hdr *)buf;
750         }
751
752         /* now read the rest */
753         length = cifs_read_from_socket(server,
754                           buf + sizeof(struct smb_hdr) - 1,
755                           pdu_length - sizeof(struct smb_hdr) + 1 + 4);
756         if (length < 0)
757                 return length;
758         server->total_read += length;
759
760         dump_smb(smb_buffer, server->total_read);
761
762         /*
763          * We know that we received enough to get to the MID as we
764          * checked the pdu_length earlier. Now check to see
765          * if the rest of the header is OK. We borrow the length
766          * var for the rest of the loop to avoid a new stack var.
767          *
768          * 48 bytes is enough to display the header and a little bit
769          * into the payload for debugging purposes.
770          */
771         length = checkSMB(smb_buffer, smb_buffer->Mid, server->total_read);
772         if (length != 0)
773                 cifs_dump_mem("Bad SMB: ", buf,
774                         min_t(unsigned int, server->total_read, 48));
775
776         if (!mid)
777                 return length;
778
779         handle_mid(mid, server, smb_buffer, length);
780         return 0;
781 }
782
783 static int
784 cifs_demultiplex_thread(void *p)
785 {
786         int length;
787         struct TCP_Server_Info *server = p;
788         unsigned int pdu_length;
789         char *buf = NULL;
790         struct smb_hdr *smb_buffer = NULL;
791         struct task_struct *task_to_wake = NULL;
792         struct mid_q_entry *mid_entry;
793
794         current->flags |= PF_MEMALLOC;
795         cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
796
797         length = atomic_inc_return(&tcpSesAllocCount);
798         if (length > 1)
799                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
800                                 GFP_KERNEL);
801
802         set_freezable();
803         while (server->tcpStatus != CifsExiting) {
804                 if (try_to_freeze())
805                         continue;
806
807                 if (!allocate_buffers(server))
808                         continue;
809
810                 server->large_buf = false;
811                 smb_buffer = (struct smb_hdr *)server->smallbuf;
812                 buf = server->smallbuf;
813                 pdu_length = 4; /* enough to get RFC1001 header */
814
815                 length = cifs_read_from_socket(server, buf, pdu_length);
816                 if (length < 0)
817                         continue;
818                 server->total_read = length;
819
820                 /*
821                  * The right amount was read from socket - 4 bytes,
822                  * so we can now interpret the length field.
823                  */
824                 pdu_length = be32_to_cpu(smb_buffer->smb_buf_length);
825
826                 cFYI(1, "RFC1002 header 0x%x", pdu_length);
827                 if (!is_smb_response(server, buf[0]))
828                         continue;
829
830                 /* make sure we have enough to get to the MID */
831                 if (pdu_length < sizeof(struct smb_hdr) - 1 - 4) {
832                         cERROR(1, "SMB response too short (%u bytes)",
833                                 pdu_length);
834                         cifs_reconnect(server);
835                         wake_up(&server->response_q);
836                         continue;
837                 }
838
839                 /* read down to the MID */
840                 length = cifs_read_from_socket(server, buf + 4,
841                                         sizeof(struct smb_hdr) - 1 - 4);
842                 if (length < 0)
843                         continue;
844                 server->total_read += length;
845
846                 mid_entry = find_mid(server, smb_buffer);
847
848                 if (!mid_entry || !mid_entry->receive)
849                         length = standard_receive3(server, mid_entry);
850                 else
851                         length = mid_entry->receive(server, mid_entry);
852
853                 if (length < 0)
854                         continue;
855
856                 if (server->large_buf) {
857                         buf = server->bigbuf;
858                         smb_buffer = (struct smb_hdr *)buf;
859                 }
860
861                 server->lstrp = jiffies;
862                 if (mid_entry != NULL) {
863                         if (!mid_entry->multiRsp || mid_entry->multiEnd)
864                                 mid_entry->callback(mid_entry);
865                 } else if (!is_valid_oplock_break(smb_buffer, server)) {
866                         cERROR(1, "No task to wake, unknown frame received! "
867                                    "NumMids %d", atomic_read(&midCount));
868                         cifs_dump_mem("Received Data is: ", buf,
869                                       sizeof(struct smb_hdr));
870 #ifdef CONFIG_CIFS_DEBUG2
871                         cifs_dump_detail(smb_buffer);
872                         cifs_dump_mids(server);
873 #endif /* CIFS_DEBUG2 */
874
875                 }
876         } /* end while !EXITING */
877
878         /* buffer usually freed in free_mid - need to free it here on exit */
879         cifs_buf_release(server->bigbuf);
880         if (server->smallbuf) /* no sense logging a debug message if NULL */
881                 cifs_small_buf_release(server->smallbuf);
882
883         task_to_wake = xchg(&server->tsk, NULL);
884         clean_demultiplex_info(server);
885
886         /* if server->tsk was NULL then wait for a signal before exiting */
887         if (!task_to_wake) {
888                 set_current_state(TASK_INTERRUPTIBLE);
889                 while (!signal_pending(current)) {
890                         schedule();
891                         set_current_state(TASK_INTERRUPTIBLE);
892                 }
893                 set_current_state(TASK_RUNNING);
894         }
895
896         module_put_and_exit(0);
897 }
898
899 /* extract the host portion of the UNC string */
900 static char *
901 extract_hostname(const char *unc)
902 {
903         const char *src;
904         char *dst, *delim;
905         unsigned int len;
906
907         /* skip double chars at beginning of string */
908         /* BB: check validity of these bytes? */
909         src = unc + 2;
910
911         /* delimiter between hostname and sharename is always '\\' now */
912         delim = strchr(src, '\\');
913         if (!delim)
914                 return ERR_PTR(-EINVAL);
915
916         len = delim - src;
917         dst = kmalloc((len + 1), GFP_KERNEL);
918         if (dst == NULL)
919                 return ERR_PTR(-ENOMEM);
920
921         memcpy(dst, src, len);
922         dst[len] = '\0';
923
924         return dst;
925 }
926
927 static int
928 cifs_parse_mount_options(const char *mountdata, const char *devname,
929                          struct smb_vol *vol)
930 {
931         char *value, *data, *end;
932         char *mountdata_copy = NULL, *options;
933         int err;
934         unsigned int  temp_len, i, j;
935         char separator[2];
936         short int override_uid = -1;
937         short int override_gid = -1;
938         bool uid_specified = false;
939         bool gid_specified = false;
940         char *nodename = utsname()->nodename;
941
942         separator[0] = ',';
943         separator[1] = 0;
944
945         /*
946          * does not have to be perfect mapping since field is
947          * informational, only used for servers that do not support
948          * port 445 and it can be overridden at mount time
949          */
950         memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
951         for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
952                 vol->source_rfc1001_name[i] = toupper(nodename[i]);
953
954         vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
955         /* null target name indicates to use *SMBSERVR default called name
956            if we end up sending RFC1001 session initialize */
957         vol->target_rfc1001_name[0] = 0;
958         vol->cred_uid = current_uid();
959         vol->linux_uid = current_uid();
960         vol->linux_gid = current_gid();
961
962         /* default to only allowing write access to owner of the mount */
963         vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
964
965         /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
966         /* default is always to request posix paths. */
967         vol->posix_paths = 1;
968         /* default to using server inode numbers where available */
969         vol->server_ino = 1;
970
971         vol->actimeo = CIFS_DEF_ACTIMEO;
972
973         if (!mountdata)
974                 goto cifs_parse_mount_err;
975
976         mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
977         if (!mountdata_copy)
978                 goto cifs_parse_mount_err;
979
980         options = mountdata_copy;
981         end = options + strlen(options);
982         if (strncmp(options, "sep=", 4) == 0) {
983                 if (options[4] != 0) {
984                         separator[0] = options[4];
985                         options += 5;
986                 } else {
987                         cFYI(1, "Null separator not allowed");
988                 }
989         }
990         vol->backupuid_specified = false; /* no backup intent for a user */
991         vol->backupgid_specified = false; /* no backup intent for a group */
992
993         while ((data = strsep(&options, separator)) != NULL) {
994                 if (!*data)
995                         continue;
996                 if ((value = strchr(data, '=')) != NULL)
997                         *value++ = '\0';
998
999                 /* Have to parse this before we parse for "user" */
1000                 if (strnicmp(data, "user_xattr", 10) == 0) {
1001                         vol->no_xattr = 0;
1002                 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
1003                         vol->no_xattr = 1;
1004                 } else if (strnicmp(data, "user", 4) == 0) {
1005                         if (!value) {
1006                                 printk(KERN_WARNING
1007                                        "CIFS: invalid or missing username\n");
1008                                 goto cifs_parse_mount_err;
1009                         } else if (!*value) {
1010                                 /* null user, ie anonymous, authentication */
1011                                 vol->nullauth = 1;
1012                         }
1013                         if (strnlen(value, MAX_USERNAME_SIZE) <
1014                                                 MAX_USERNAME_SIZE) {
1015                                 vol->username = kstrdup(value, GFP_KERNEL);
1016                                 if (!vol->username) {
1017                                         printk(KERN_WARNING "CIFS: no memory "
1018                                                             "for username\n");
1019                                         goto cifs_parse_mount_err;
1020                                 }
1021                         } else {
1022                                 printk(KERN_WARNING "CIFS: username too long\n");
1023                                 goto cifs_parse_mount_err;
1024                         }
1025                 } else if (strnicmp(data, "pass", 4) == 0) {
1026                         if (!value) {
1027                                 vol->password = NULL;
1028                                 continue;
1029                         } else if (value[0] == 0) {
1030                                 /* check if string begins with double comma
1031                                    since that would mean the password really
1032                                    does start with a comma, and would not
1033                                    indicate an empty string */
1034                                 if (value[1] != separator[0]) {
1035                                         vol->password = NULL;
1036                                         continue;
1037                                 }
1038                         }
1039                         temp_len = strlen(value);
1040                         /* removed password length check, NTLM passwords
1041                                 can be arbitrarily long */
1042
1043                         /* if comma in password, the string will be
1044                         prematurely null terminated.  Commas in password are
1045                         specified across the cifs mount interface by a double
1046                         comma ie ,, and a comma used as in other cases ie ','
1047                         as a parameter delimiter/separator is single and due
1048                         to the strsep above is temporarily zeroed. */
1049
1050                         /* NB: password legally can have multiple commas and
1051                         the only illegal character in a password is null */
1052
1053                         if ((value[temp_len] == 0) &&
1054                             (value + temp_len < end) &&
1055                             (value[temp_len+1] == separator[0])) {
1056                                 /* reinsert comma */
1057                                 value[temp_len] = separator[0];
1058                                 temp_len += 2;  /* move after second comma */
1059                                 while (value[temp_len] != 0)  {
1060                                         if (value[temp_len] == separator[0]) {
1061                                                 if (value[temp_len+1] ==
1062                                                      separator[0]) {
1063                                                 /* skip second comma */
1064                                                         temp_len++;
1065                                                 } else {
1066                                                 /* single comma indicating start
1067                                                          of next parm */
1068                                                         break;
1069                                                 }
1070                                         }
1071                                         temp_len++;
1072                                 }
1073                                 if (value[temp_len] == 0) {
1074                                         options = NULL;
1075                                 } else {
1076                                         value[temp_len] = 0;
1077                                         /* point option to start of next parm */
1078                                         options = value + temp_len + 1;
1079                                 }
1080                                 /* go from value to value + temp_len condensing
1081                                 double commas to singles. Note that this ends up
1082                                 allocating a few bytes too many, which is ok */
1083                                 vol->password = kzalloc(temp_len, GFP_KERNEL);
1084                                 if (vol->password == NULL) {
1085                                         printk(KERN_WARNING "CIFS: no memory "
1086                                                             "for password\n");
1087                                         goto cifs_parse_mount_err;
1088                                 }
1089                                 for (i = 0, j = 0; i < temp_len; i++, j++) {
1090                                         vol->password[j] = value[i];
1091                                         if (value[i] == separator[0]
1092                                                 && value[i+1] == separator[0]) {
1093                                                 /* skip second comma */
1094                                                 i++;
1095                                         }
1096                                 }
1097                                 vol->password[j] = 0;
1098                         } else {
1099                                 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
1100                                 if (vol->password == NULL) {
1101                                         printk(KERN_WARNING "CIFS: no memory "
1102                                                             "for password\n");
1103                                         goto cifs_parse_mount_err;
1104                                 }
1105                                 strcpy(vol->password, value);
1106                         }
1107                 } else if (!strnicmp(data, "ip", 2) ||
1108                            !strnicmp(data, "addr", 4)) {
1109                         if (!value || !*value) {
1110                                 vol->UNCip = NULL;
1111                         } else if (strnlen(value, INET6_ADDRSTRLEN) <
1112                                                         INET6_ADDRSTRLEN) {
1113                                 vol->UNCip = kstrdup(value, GFP_KERNEL);
1114                                 if (!vol->UNCip) {
1115                                         printk(KERN_WARNING "CIFS: no memory "
1116                                                             "for UNC IP\n");
1117                                         goto cifs_parse_mount_err;
1118                                 }
1119                         } else {
1120                                 printk(KERN_WARNING "CIFS: ip address "
1121                                                     "too long\n");
1122                                 goto cifs_parse_mount_err;
1123                         }
1124                 } else if (strnicmp(data, "sec", 3) == 0) {
1125                         if (!value || !*value) {
1126                                 cERROR(1, "no security value specified");
1127                                 continue;
1128                         } else if (strnicmp(value, "krb5i", 5) == 0) {
1129                                 vol->secFlg |= CIFSSEC_MAY_KRB5 |
1130                                         CIFSSEC_MUST_SIGN;
1131                         } else if (strnicmp(value, "krb5p", 5) == 0) {
1132                                 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
1133                                         CIFSSEC_MAY_KRB5; */
1134                                 cERROR(1, "Krb5 cifs privacy not supported");
1135                                 goto cifs_parse_mount_err;
1136                         } else if (strnicmp(value, "krb5", 4) == 0) {
1137                                 vol->secFlg |= CIFSSEC_MAY_KRB5;
1138                         } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
1139                                 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
1140                                         CIFSSEC_MUST_SIGN;
1141                         } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1142                                 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
1143                         } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
1144                                 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
1145                                         CIFSSEC_MUST_SIGN;
1146                         } else if (strnicmp(value, "ntlmv2", 6) == 0) {
1147                                 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1148                         } else if (strnicmp(value, "ntlmi", 5) == 0) {
1149                                 vol->secFlg |= CIFSSEC_MAY_NTLM |
1150                                         CIFSSEC_MUST_SIGN;
1151                         } else if (strnicmp(value, "ntlm", 4) == 0) {
1152                                 /* ntlm is default so can be turned off too */
1153                                 vol->secFlg |= CIFSSEC_MAY_NTLM;
1154                         } else if (strnicmp(value, "nontlm", 6) == 0) {
1155                                 /* BB is there a better way to do this? */
1156                                 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1157 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1158                         } else if (strnicmp(value, "lanman", 6) == 0) {
1159                                 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1160 #endif
1161                         } else if (strnicmp(value, "none", 4) == 0) {
1162                                 vol->nullauth = 1;
1163                         } else {
1164                                 cERROR(1, "bad security option: %s", value);
1165                                 goto cifs_parse_mount_err;
1166                         }
1167                 } else if (strnicmp(data, "vers", 3) == 0) {
1168                         if (!value || !*value) {
1169                                 cERROR(1, "no protocol version specified"
1170                                           " after vers= mount option");
1171                         } else if ((strnicmp(value, "cifs", 4) == 0) ||
1172                                    (strnicmp(value, "1", 1) == 0)) {
1173                                 /* this is the default */
1174                                 continue;
1175                         }
1176                 } else if ((strnicmp(data, "unc", 3) == 0)
1177                            || (strnicmp(data, "target", 6) == 0)
1178                            || (strnicmp(data, "path", 4) == 0)) {
1179                         if (!value || !*value) {
1180                                 printk(KERN_WARNING "CIFS: invalid path to "
1181                                                     "network resource\n");
1182                                 goto cifs_parse_mount_err;
1183                         }
1184                         if ((temp_len = strnlen(value, 300)) < 300) {
1185                                 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1186                                 if (vol->UNC == NULL)
1187                                         goto cifs_parse_mount_err;
1188                                 strcpy(vol->UNC, value);
1189                                 if (strncmp(vol->UNC, "//", 2) == 0) {
1190                                         vol->UNC[0] = '\\';
1191                                         vol->UNC[1] = '\\';
1192                                 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1193                                         printk(KERN_WARNING
1194                                                "CIFS: UNC Path does not begin "
1195                                                "with // or \\\\ \n");
1196                                         goto cifs_parse_mount_err;
1197                                 }
1198                         } else {
1199                                 printk(KERN_WARNING "CIFS: UNC name too long\n");
1200                                 goto cifs_parse_mount_err;
1201                         }
1202                 } else if ((strnicmp(data, "domain", 3) == 0)
1203                            || (strnicmp(data, "workgroup", 5) == 0)) {
1204                         if (!value || !*value) {
1205                                 printk(KERN_WARNING "CIFS: invalid domain name\n");
1206                                 goto cifs_parse_mount_err;
1207                         }
1208                         /* BB are there cases in which a comma can be valid in
1209                         a domain name and need special handling? */
1210                         if (strnlen(value, 256) < 256) {
1211                                 vol->domainname = kstrdup(value, GFP_KERNEL);
1212                                 if (!vol->domainname) {
1213                                         printk(KERN_WARNING "CIFS: no memory "
1214                                                             "for domainname\n");
1215                                         goto cifs_parse_mount_err;
1216                                 }
1217                                 cFYI(1, "Domain name set");
1218                         } else {
1219                                 printk(KERN_WARNING "CIFS: domain name too "
1220                                                     "long\n");
1221                                 goto cifs_parse_mount_err;
1222                         }
1223                 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1224                         vol->srcaddr.ss_family = AF_UNSPEC;
1225
1226                         if (!value || !*value) {
1227                                 printk(KERN_WARNING "CIFS: srcaddr value"
1228                                        " not specified.\n");
1229                                 goto cifs_parse_mount_err;
1230                         }
1231                         i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1232                                                  value, strlen(value));
1233                         if (i == 0) {
1234                                 printk(KERN_WARNING "CIFS:  Could not parse"
1235                                        " srcaddr: %s\n",
1236                                        value);
1237                                 goto cifs_parse_mount_err;
1238                         }
1239                 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1240                         if (!value || !*value) {
1241                                 printk(KERN_WARNING
1242                                         "CIFS: invalid path prefix\n");
1243                                 goto cifs_parse_mount_err;
1244                         }
1245                         if ((temp_len = strnlen(value, 1024)) < 1024) {
1246                                 if (value[0] != '/')
1247                                         temp_len++;  /* missing leading slash */
1248                                 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1249                                 if (vol->prepath == NULL)
1250                                         goto cifs_parse_mount_err;
1251                                 if (value[0] != '/') {
1252                                         vol->prepath[0] = '/';
1253                                         strcpy(vol->prepath+1, value);
1254                                 } else
1255                                         strcpy(vol->prepath, value);
1256                                 cFYI(1, "prefix path %s", vol->prepath);
1257                         } else {
1258                                 printk(KERN_WARNING "CIFS: prefix too long\n");
1259                                 goto cifs_parse_mount_err;
1260                         }
1261                 } else if (strnicmp(data, "iocharset", 9) == 0) {
1262                         if (!value || !*value) {
1263                                 printk(KERN_WARNING "CIFS: invalid iocharset "
1264                                                     "specified\n");
1265                                 goto cifs_parse_mount_err;
1266                         }
1267                         if (strnlen(value, 65) < 65) {
1268                                 if (strnicmp(value, "default", 7)) {
1269                                         vol->iocharset = kstrdup(value,
1270                                                                  GFP_KERNEL);
1271
1272                                         if (!vol->iocharset) {
1273                                                 printk(KERN_WARNING "CIFS: no "
1274                                                                    "memory for"
1275                                                                    "charset\n");
1276                                                 goto cifs_parse_mount_err;
1277                                         }
1278                                 }
1279                                 /* if iocharset not set then load_nls_default
1280                                    is used by caller */
1281                                 cFYI(1, "iocharset set to %s", value);
1282                         } else {
1283                                 printk(KERN_WARNING "CIFS: iocharset name "
1284                                                     "too long.\n");
1285                                 goto cifs_parse_mount_err;
1286                         }
1287                 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1288                         vol->linux_uid = simple_strtoul(value, &value, 0);
1289                         uid_specified = true;
1290                 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1291                         vol->cred_uid = simple_strtoul(value, &value, 0);
1292                 } else if (!strnicmp(data, "forceuid", 8)) {
1293                         override_uid = 1;
1294                 } else if (!strnicmp(data, "noforceuid", 10)) {
1295                         override_uid = 0;
1296                 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1297                         vol->linux_gid = simple_strtoul(value, &value, 0);
1298                         gid_specified = true;
1299                 } else if (!strnicmp(data, "forcegid", 8)) {
1300                         override_gid = 1;
1301                 } else if (!strnicmp(data, "noforcegid", 10)) {
1302                         override_gid = 0;
1303                 } else if (strnicmp(data, "file_mode", 4) == 0) {
1304                         if (value && *value) {
1305                                 vol->file_mode =
1306                                         simple_strtoul(value, &value, 0);
1307                         }
1308                 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1309                         if (value && *value) {
1310                                 vol->dir_mode =
1311                                         simple_strtoul(value, &value, 0);
1312                         }
1313                 } else if (strnicmp(data, "dirmode", 4) == 0) {
1314                         if (value && *value) {
1315                                 vol->dir_mode =
1316                                         simple_strtoul(value, &value, 0);
1317                         }
1318                 } else if (strnicmp(data, "port", 4) == 0) {
1319                         if (value && *value) {
1320                                 vol->port =
1321                                         simple_strtoul(value, &value, 0);
1322                         }
1323                 } else if (strnicmp(data, "rsize", 5) == 0) {
1324                         if (value && *value) {
1325                                 vol->rsize =
1326                                         simple_strtoul(value, &value, 0);
1327                         }
1328                 } else if (strnicmp(data, "wsize", 5) == 0) {
1329                         if (value && *value) {
1330                                 vol->wsize =
1331                                         simple_strtoul(value, &value, 0);
1332                         }
1333                 } else if (strnicmp(data, "sockopt", 5) == 0) {
1334                         if (!value || !*value) {
1335                                 cERROR(1, "no socket option specified");
1336                                 continue;
1337                         } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1338                                 vol->sockopt_tcp_nodelay = 1;
1339                         }
1340                 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1341                         if (!value || !*value || (*value == ' ')) {
1342                                 cFYI(1, "invalid (empty) netbiosname");
1343                         } else {
1344                                 memset(vol->source_rfc1001_name, 0x20,
1345                                         RFC1001_NAME_LEN);
1346                                 /*
1347                                  * FIXME: are there cases in which a comma can
1348                                  * be valid in workstation netbios name (and
1349                                  * need special handling)?
1350                                  */
1351                                 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1352                                         /* don't ucase netbiosname for user */
1353                                         if (value[i] == 0)
1354                                                 break;
1355                                         vol->source_rfc1001_name[i] = value[i];
1356                                 }
1357                                 /* The string has 16th byte zero still from
1358                                 set at top of the function  */
1359                                 if (i == RFC1001_NAME_LEN && value[i] != 0)
1360                                         printk(KERN_WARNING "CIFS: netbiosname"
1361                                                 " longer than 15 truncated.\n");
1362                         }
1363                 } else if (strnicmp(data, "servern", 7) == 0) {
1364                         /* servernetbiosname specified override *SMBSERVER */
1365                         if (!value || !*value || (*value == ' ')) {
1366                                 cFYI(1, "empty server netbiosname specified");
1367                         } else {
1368                                 /* last byte, type, is 0x20 for servr type */
1369                                 memset(vol->target_rfc1001_name, 0x20,
1370                                         RFC1001_NAME_LEN_WITH_NULL);
1371
1372                                 for (i = 0; i < 15; i++) {
1373                                 /* BB are there cases in which a comma can be
1374                                    valid in this workstation netbios name
1375                                    (and need special handling)? */
1376
1377                                 /* user or mount helper must uppercase
1378                                    the netbiosname */
1379                                         if (value[i] == 0)
1380                                                 break;
1381                                         else
1382                                                 vol->target_rfc1001_name[i] =
1383                                                                 value[i];
1384                                 }
1385                                 /* The string has 16th byte zero still from
1386                                    set at top of the function  */
1387                                 if (i == RFC1001_NAME_LEN && value[i] != 0)
1388                                         printk(KERN_WARNING "CIFS: server net"
1389                                         "biosname longer than 15 truncated.\n");
1390                         }
1391                 } else if (strnicmp(data, "actimeo", 7) == 0) {
1392                         if (value && *value) {
1393                                 vol->actimeo = HZ * simple_strtoul(value,
1394                                                                    &value, 0);
1395                                 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1396                                         cERROR(1, "CIFS: attribute cache"
1397                                                         "timeout too large");
1398                                         goto cifs_parse_mount_err;
1399                                 }
1400                         }
1401                 } else if (strnicmp(data, "credentials", 4) == 0) {
1402                         /* ignore */
1403                 } else if (strnicmp(data, "version", 3) == 0) {
1404                         /* ignore */
1405                 } else if (strnicmp(data, "guest", 5) == 0) {
1406                         /* ignore */
1407                 } else if (strnicmp(data, "rw", 2) == 0 && strlen(data) == 2) {
1408                         /* ignore */
1409                 } else if (strnicmp(data, "ro", 2) == 0) {
1410                         /* ignore */
1411                 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1412                         vol->noblocksnd = 1;
1413                 } else if (strnicmp(data, "noautotune", 10) == 0) {
1414                         vol->noautotune = 1;
1415                 } else if ((strnicmp(data, "suid", 4) == 0) ||
1416                                    (strnicmp(data, "nosuid", 6) == 0) ||
1417                                    (strnicmp(data, "exec", 4) == 0) ||
1418                                    (strnicmp(data, "noexec", 6) == 0) ||
1419                                    (strnicmp(data, "nodev", 5) == 0) ||
1420                                    (strnicmp(data, "noauto", 6) == 0) ||
1421                                    (strnicmp(data, "dev", 3) == 0)) {
1422                         /*  The mount tool or mount.cifs helper (if present)
1423                             uses these opts to set flags, and the flags are read
1424                             by the kernel vfs layer before we get here (ie
1425                             before read super) so there is no point trying to
1426                             parse these options again and set anything and it
1427                             is ok to just ignore them */
1428                         continue;
1429                 } else if (strnicmp(data, "hard", 4) == 0) {
1430                         vol->retry = 1;
1431                 } else if (strnicmp(data, "soft", 4) == 0) {
1432                         vol->retry = 0;
1433                 } else if (strnicmp(data, "perm", 4) == 0) {
1434                         vol->noperm = 0;
1435                 } else if (strnicmp(data, "noperm", 6) == 0) {
1436                         vol->noperm = 1;
1437                 } else if (strnicmp(data, "mapchars", 8) == 0) {
1438                         vol->remap = 1;
1439                 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1440                         vol->remap = 0;
1441                 } else if (strnicmp(data, "sfu", 3) == 0) {
1442                         vol->sfu_emul = 1;
1443                 } else if (strnicmp(data, "nosfu", 5) == 0) {
1444                         vol->sfu_emul = 0;
1445                 } else if (strnicmp(data, "nodfs", 5) == 0) {
1446                         vol->nodfs = 1;
1447                 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1448                         vol->posix_paths = 1;
1449                 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1450                         vol->posix_paths = 0;
1451                 } else if (strnicmp(data, "nounix", 6) == 0) {
1452                         vol->no_linux_ext = 1;
1453                 } else if (strnicmp(data, "nolinux", 7) == 0) {
1454                         vol->no_linux_ext = 1;
1455                 } else if ((strnicmp(data, "nocase", 6) == 0) ||
1456                            (strnicmp(data, "ignorecase", 10)  == 0)) {
1457                         vol->nocase = 1;
1458                 } else if (strnicmp(data, "mand", 4) == 0) {
1459                         /* ignore */
1460                 } else if (strnicmp(data, "nomand", 6) == 0) {
1461                         /* ignore */
1462                 } else if (strnicmp(data, "_netdev", 7) == 0) {
1463                         /* ignore */
1464                 } else if (strnicmp(data, "brl", 3) == 0) {
1465                         vol->nobrl =  0;
1466                 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1467                            (strnicmp(data, "nolock", 6) == 0)) {
1468                         vol->nobrl =  1;
1469                         /* turn off mandatory locking in mode
1470                         if remote locking is turned off since the
1471                         local vfs will do advisory */
1472                         if (vol->file_mode ==
1473                                 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1474                                 vol->file_mode = S_IALLUGO;
1475                 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1476                         /* will take the shorter form "forcemand" as well */
1477                         /* This mount option will force use of mandatory
1478                           (DOS/Windows style) byte range locks, instead of
1479                           using posix advisory byte range locks, even if the
1480                           Unix extensions are available and posix locks would
1481                           be supported otherwise. If Unix extensions are not
1482                           negotiated this has no effect since mandatory locks
1483                           would be used (mandatory locks is all that those
1484                           those servers support) */
1485                         vol->mand_lock = 1;
1486                 } else if (strnicmp(data, "setuids", 7) == 0) {
1487                         vol->setuids = 1;
1488                 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1489                         vol->setuids = 0;
1490                 } else if (strnicmp(data, "dynperm", 7) == 0) {
1491                         vol->dynperm = true;
1492                 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1493                         vol->dynperm = false;
1494                 } else if (strnicmp(data, "nohard", 6) == 0) {
1495                         vol->retry = 0;
1496                 } else if (strnicmp(data, "nosoft", 6) == 0) {
1497                         vol->retry = 1;
1498                 } else if (strnicmp(data, "nointr", 6) == 0) {
1499                         vol->intr = 0;
1500                 } else if (strnicmp(data, "intr", 4) == 0) {
1501                         vol->intr = 1;
1502                 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1503                         vol->nostrictsync = 1;
1504                 } else if (strnicmp(data, "strictsync", 10) == 0) {
1505                         vol->nostrictsync = 0;
1506                 } else if (strnicmp(data, "serverino", 7) == 0) {
1507                         vol->server_ino = 1;
1508                 } else if (strnicmp(data, "noserverino", 9) == 0) {
1509                         vol->server_ino = 0;
1510                 } else if (strnicmp(data, "rwpidforward", 12) == 0) {
1511                         vol->rwpidforward = 1;
1512                 } else if (strnicmp(data, "cifsacl", 7) == 0) {
1513                         vol->cifs_acl = 1;
1514                 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1515                         vol->cifs_acl = 0;
1516                 } else if (strnicmp(data, "acl", 3) == 0) {
1517                         vol->no_psx_acl = 0;
1518                 } else if (strnicmp(data, "noacl", 5) == 0) {
1519                         vol->no_psx_acl = 1;
1520                 } else if (strnicmp(data, "locallease", 6) == 0) {
1521                         vol->local_lease = 1;
1522                 } else if (strnicmp(data, "sign", 4) == 0) {
1523                         vol->secFlg |= CIFSSEC_MUST_SIGN;
1524                 } else if (strnicmp(data, "seal", 4) == 0) {
1525                         /* we do not do the following in secFlags because seal
1526                            is a per tree connection (mount) not a per socket
1527                            or per-smb connection option in the protocol */
1528                         /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1529                         vol->seal = 1;
1530                 } else if (strnicmp(data, "direct", 6) == 0) {
1531                         vol->direct_io = 1;
1532                 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1533                         vol->direct_io = 1;
1534                 } else if (strnicmp(data, "strictcache", 11) == 0) {
1535                         vol->strict_io = 1;
1536                 } else if (strnicmp(data, "noac", 4) == 0) {
1537                         printk(KERN_WARNING "CIFS: Mount option noac not "
1538                                 "supported. Instead set "
1539                                 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1540                 } else if (strnicmp(data, "fsc", 3) == 0) {
1541 #ifndef CONFIG_CIFS_FSCACHE
1542                         cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
1543                                   "kernel config option set");
1544                         goto cifs_parse_mount_err;
1545 #endif
1546                         vol->fsc = true;
1547                 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1548                         vol->mfsymlinks = true;
1549                 } else if (strnicmp(data, "multiuser", 8) == 0) {
1550                         vol->multiuser = true;
1551                 } else if (!strnicmp(data, "backupuid", 9) && value && *value) {
1552                         err = kstrtouint(value, 0, &vol->backupuid);
1553                         if (err < 0) {
1554                                 cERROR(1, "%s: Invalid backupuid value",
1555                                         __func__);
1556                                 goto cifs_parse_mount_err;
1557                         }
1558                         vol->backupuid_specified = true;
1559                 } else if (!strnicmp(data, "backupgid", 9) && value && *value) {
1560                         err = kstrtouint(value, 0, &vol->backupgid);
1561                         if (err < 0) {
1562                                 cERROR(1, "%s: Invalid backupgid value",
1563                                         __func__);
1564                                 goto cifs_parse_mount_err;
1565                         }
1566                         vol->backupgid_specified = true;
1567                 } else
1568                         printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1569                                                 data);
1570         }
1571         if (vol->UNC == NULL) {
1572                 if (devname == NULL) {
1573                         printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1574                                                 "target\n");
1575                         goto cifs_parse_mount_err;
1576                 }
1577                 if ((temp_len = strnlen(devname, 300)) < 300) {
1578                         vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1579                         if (vol->UNC == NULL)
1580                                 goto cifs_parse_mount_err;
1581                         strcpy(vol->UNC, devname);
1582                         if (strncmp(vol->UNC, "//", 2) == 0) {
1583                                 vol->UNC[0] = '\\';
1584                                 vol->UNC[1] = '\\';
1585                         } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1586                                 printk(KERN_WARNING "CIFS: UNC Path does not "
1587                                                     "begin with // or \\\\ \n");
1588                                 goto cifs_parse_mount_err;
1589                         }
1590                         value = strpbrk(vol->UNC+2, "/\\");
1591                         if (value)
1592                                 *value = '\\';
1593                 } else {
1594                         printk(KERN_WARNING "CIFS: UNC name too long\n");
1595                         goto cifs_parse_mount_err;
1596                 }
1597         }
1598
1599 #ifndef CONFIG_KEYS
1600         /* Muliuser mounts require CONFIG_KEYS support */
1601         if (vol->multiuser) {
1602                 cERROR(1, "Multiuser mounts require kernels with "
1603                           "CONFIG_KEYS enabled.");
1604                 goto cifs_parse_mount_err;
1605         }
1606 #endif
1607
1608         if (vol->UNCip == NULL)
1609                 vol->UNCip = &vol->UNC[2];
1610
1611         if (uid_specified)
1612                 vol->override_uid = override_uid;
1613         else if (override_uid == 1)
1614                 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1615                                    "specified with no uid= option.\n");
1616
1617         if (gid_specified)
1618                 vol->override_gid = override_gid;
1619         else if (override_gid == 1)
1620                 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1621                                    "specified with no gid= option.\n");
1622
1623         kfree(mountdata_copy);
1624         return 0;
1625
1626 cifs_parse_mount_err:
1627         kfree(mountdata_copy);
1628         return 1;
1629 }
1630
1631 /** Returns true if srcaddr isn't specified and rhs isn't
1632  * specified, or if srcaddr is specified and
1633  * matches the IP address of the rhs argument.
1634  */
1635 static bool
1636 srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1637 {
1638         switch (srcaddr->sa_family) {
1639         case AF_UNSPEC:
1640                 return (rhs->sa_family == AF_UNSPEC);
1641         case AF_INET: {
1642                 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1643                 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1644                 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1645         }
1646         case AF_INET6: {
1647                 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1648                 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1649                 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1650         }
1651         default:
1652                 WARN_ON(1);
1653                 return false; /* don't expect to be here */
1654         }
1655 }
1656
1657 /*
1658  * If no port is specified in addr structure, we try to match with 445 port
1659  * and if it fails - with 139 ports. It should be called only if address
1660  * families of server and addr are equal.
1661  */
1662 static bool
1663 match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1664 {
1665         __be16 port, *sport;
1666
1667         switch (addr->sa_family) {
1668         case AF_INET:
1669                 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1670                 port = ((struct sockaddr_in *) addr)->sin_port;
1671                 break;
1672         case AF_INET6:
1673                 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1674                 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1675                 break;
1676         default:
1677                 WARN_ON(1);
1678                 return false;
1679         }
1680
1681         if (!port) {
1682                 port = htons(CIFS_PORT);
1683                 if (port == *sport)
1684                         return true;
1685
1686                 port = htons(RFC1001_PORT);
1687         }
1688
1689         return port == *sport;
1690 }
1691
1692 static bool
1693 match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1694               struct sockaddr *srcaddr)
1695 {
1696         switch (addr->sa_family) {
1697         case AF_INET: {
1698                 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1699                 struct sockaddr_in *srv_addr4 =
1700                                         (struct sockaddr_in *)&server->dstaddr;
1701
1702                 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
1703                         return false;
1704                 break;
1705         }
1706         case AF_INET6: {
1707                 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1708                 struct sockaddr_in6 *srv_addr6 =
1709                                         (struct sockaddr_in6 *)&server->dstaddr;
1710
1711                 if (!ipv6_addr_equal(&addr6->sin6_addr,
1712                                      &srv_addr6->sin6_addr))
1713                         return false;
1714                 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
1715                         return false;
1716                 break;
1717         }
1718         default:
1719                 WARN_ON(1);
1720                 return false; /* don't expect to be here */
1721         }
1722
1723         if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1724                 return false;
1725
1726         return true;
1727 }
1728
1729 static bool
1730 match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1731 {
1732         unsigned int secFlags;
1733
1734         if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1735                 secFlags = vol->secFlg;
1736         else
1737                 secFlags = global_secflags | vol->secFlg;
1738
1739         switch (server->secType) {
1740         case LANMAN:
1741                 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1742                         return false;
1743                 break;
1744         case NTLMv2:
1745                 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1746                         return false;
1747                 break;
1748         case NTLM:
1749                 if (!(secFlags & CIFSSEC_MAY_NTLM))
1750                         return false;
1751                 break;
1752         case Kerberos:
1753                 if (!(secFlags & CIFSSEC_MAY_KRB5))
1754                         return false;
1755                 break;
1756         case RawNTLMSSP:
1757                 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1758                         return false;
1759                 break;
1760         default:
1761                 /* shouldn't happen */
1762                 return false;
1763         }
1764
1765         /* now check if signing mode is acceptable */
1766         if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
1767             (server->sec_mode & SECMODE_SIGN_REQUIRED))
1768                         return false;
1769         else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
1770                  (server->sec_mode &
1771                   (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1772                         return false;
1773
1774         return true;
1775 }
1776
1777 static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
1778                          struct smb_vol *vol)
1779 {
1780         if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1781                 return 0;
1782
1783         if (!match_address(server, addr,
1784                            (struct sockaddr *)&vol->srcaddr))
1785                 return 0;
1786
1787         if (!match_port(server, addr))
1788                 return 0;
1789
1790         if (!match_security(server, vol))
1791                 return 0;
1792
1793         return 1;
1794 }
1795
1796 static struct TCP_Server_Info *
1797 cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1798 {
1799         struct TCP_Server_Info *server;
1800
1801         spin_lock(&cifs_tcp_ses_lock);
1802         list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
1803                 if (!match_server(server, addr, vol))
1804                         continue;
1805
1806                 ++server->srv_count;
1807                 spin_unlock(&cifs_tcp_ses_lock);
1808                 cFYI(1, "Existing tcp session with server found");
1809                 return server;
1810         }
1811         spin_unlock(&cifs_tcp_ses_lock);
1812         return NULL;
1813 }
1814
1815 static void
1816 cifs_put_tcp_session(struct TCP_Server_Info *server)
1817 {
1818         struct task_struct *task;
1819
1820         spin_lock(&cifs_tcp_ses_lock);
1821         if (--server->srv_count > 0) {
1822                 spin_unlock(&cifs_tcp_ses_lock);
1823                 return;
1824         }
1825
1826         put_net(cifs_net_ns(server));
1827
1828         list_del_init(&server->tcp_ses_list);
1829         spin_unlock(&cifs_tcp_ses_lock);
1830
1831         cancel_delayed_work_sync(&server->echo);
1832
1833         spin_lock(&GlobalMid_Lock);
1834         server->tcpStatus = CifsExiting;
1835         spin_unlock(&GlobalMid_Lock);
1836
1837         cifs_crypto_shash_release(server);
1838         cifs_fscache_release_client_cookie(server);
1839
1840         kfree(server->session_key.response);
1841         server->session_key.response = NULL;
1842         server->session_key.len = 0;
1843
1844         task = xchg(&server->tsk, NULL);
1845         if (task)
1846                 force_sig(SIGKILL, task);
1847 }
1848
1849 static struct TCP_Server_Info *
1850 cifs_get_tcp_session(struct smb_vol *volume_info)
1851 {
1852         struct TCP_Server_Info *tcp_ses = NULL;
1853         struct sockaddr_storage addr;
1854         struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1855         struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1856         int rc;
1857
1858         memset(&addr, 0, sizeof(struct sockaddr_storage));
1859
1860         cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
1861
1862         if (volume_info->UNCip && volume_info->UNC) {
1863                 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1864                                         volume_info->UNCip,
1865                                         strlen(volume_info->UNCip),
1866                                         volume_info->port);
1867                 if (!rc) {
1868                         /* we failed translating address */
1869                         rc = -EINVAL;
1870                         goto out_err;
1871                 }
1872         } else if (volume_info->UNCip) {
1873                 /* BB using ip addr as tcp_ses name to connect to the
1874                    DFS root below */
1875                 cERROR(1, "Connecting to DFS root not implemented yet");
1876                 rc = -EINVAL;
1877                 goto out_err;
1878         } else /* which tcp_sess DFS root would we conect to */ {
1879                 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1880                         "unc=//192.168.1.100/public) specified");
1881                 rc = -EINVAL;
1882                 goto out_err;
1883         }
1884
1885         /* see if we already have a matching tcp_ses */
1886         tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
1887         if (tcp_ses)
1888                 return tcp_ses;
1889
1890         tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1891         if (!tcp_ses) {
1892                 rc = -ENOMEM;
1893                 goto out_err;
1894         }
1895
1896         rc = cifs_crypto_shash_allocate(tcp_ses);
1897         if (rc) {
1898                 cERROR(1, "could not setup hash structures rc %d", rc);
1899                 goto out_err;
1900         }
1901
1902         cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
1903         tcp_ses->hostname = extract_hostname(volume_info->UNC);
1904         if (IS_ERR(tcp_ses->hostname)) {
1905                 rc = PTR_ERR(tcp_ses->hostname);
1906                 goto out_err_crypto_release;
1907         }
1908
1909         tcp_ses->noblocksnd = volume_info->noblocksnd;
1910         tcp_ses->noautotune = volume_info->noautotune;
1911         tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
1912         atomic_set(&tcp_ses->inFlight, 0);
1913         init_waitqueue_head(&tcp_ses->response_q);
1914         init_waitqueue_head(&tcp_ses->request_q);
1915         INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1916         mutex_init(&tcp_ses->srv_mutex);
1917         memcpy(tcp_ses->workstation_RFC1001_name,
1918                 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1919         memcpy(tcp_ses->server_RFC1001_name,
1920                 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1921         tcp_ses->session_estab = false;
1922         tcp_ses->sequence_number = 0;
1923         tcp_ses->lstrp = jiffies;
1924         INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1925         INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
1926         INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
1927
1928         /*
1929          * at this point we are the only ones with the pointer
1930          * to the struct since the kernel thread not created yet
1931          * no need to spinlock this init of tcpStatus or srv_count
1932          */
1933         tcp_ses->tcpStatus = CifsNew;
1934         memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1935                sizeof(tcp_ses->srcaddr));
1936         ++tcp_ses->srv_count;
1937
1938         if (addr.ss_family == AF_INET6) {
1939                 cFYI(1, "attempting ipv6 connect");
1940                 /* BB should we allow ipv6 on port 139? */
1941                 /* other OS never observed in Wild doing 139 with v6 */
1942                 memcpy(&tcp_ses->dstaddr, sin_server6,
1943                        sizeof(struct sockaddr_in6));
1944         } else
1945                 memcpy(&tcp_ses->dstaddr, sin_server,
1946                        sizeof(struct sockaddr_in));
1947
1948         rc = ip_connect(tcp_ses);
1949         if (rc < 0) {
1950                 cERROR(1, "Error connecting to socket. Aborting operation");
1951                 goto out_err_crypto_release;
1952         }
1953
1954         /*
1955          * since we're in a cifs function already, we know that
1956          * this will succeed. No need for try_module_get().
1957          */
1958         __module_get(THIS_MODULE);
1959         tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
1960                                   tcp_ses, "cifsd");
1961         if (IS_ERR(tcp_ses->tsk)) {
1962                 rc = PTR_ERR(tcp_ses->tsk);
1963                 cERROR(1, "error %d create cifsd thread", rc);
1964                 module_put(THIS_MODULE);
1965                 goto out_err_crypto_release;
1966         }
1967         tcp_ses->tcpStatus = CifsNeedNegotiate;
1968
1969         /* thread spawned, put it on the list */
1970         spin_lock(&cifs_tcp_ses_lock);
1971         list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
1972         spin_unlock(&cifs_tcp_ses_lock);
1973
1974         cifs_fscache_get_client_cookie(tcp_ses);
1975
1976         /* queue echo request delayed work */
1977         queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1978
1979         return tcp_ses;
1980
1981 out_err_crypto_release:
1982         cifs_crypto_shash_release(tcp_ses);
1983
1984         put_net(cifs_net_ns(tcp_ses));
1985
1986 out_err:
1987         if (tcp_ses) {
1988                 if (!IS_ERR(tcp_ses->hostname))
1989                         kfree(tcp_ses->hostname);
1990                 if (tcp_ses->ssocket)
1991                         sock_release(tcp_ses->ssocket);
1992                 kfree(tcp_ses);
1993         }
1994         return ERR_PTR(rc);
1995 }
1996
1997 static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
1998 {
1999         switch (ses->server->secType) {
2000         case Kerberos:
2001                 if (vol->cred_uid != ses->cred_uid)
2002                         return 0;
2003                 break;
2004         default:
2005                 /* NULL username means anonymous session */
2006                 if (ses->user_name == NULL) {
2007                         if (!vol->nullauth)
2008                                 return 0;
2009                         break;
2010                 }
2011
2012                 /* anything else takes username/password */
2013                 if (strncmp(ses->user_name,
2014                             vol->username ? vol->username : "",
2015                             MAX_USERNAME_SIZE))
2016                         return 0;
2017                 if (strlen(vol->username) != 0 &&
2018                     ses->password != NULL &&
2019                     strncmp(ses->password,
2020                             vol->password ? vol->password : "",
2021                             MAX_PASSWORD_SIZE))
2022                         return 0;
2023         }
2024         return 1;
2025 }
2026
2027 static struct cifs_ses *
2028 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
2029 {
2030         struct cifs_ses *ses;
2031
2032         spin_lock(&cifs_tcp_ses_lock);
2033         list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
2034                 if (!match_session(ses, vol))
2035                         continue;
2036                 ++ses->ses_count;
2037                 spin_unlock(&cifs_tcp_ses_lock);
2038                 return ses;
2039         }
2040         spin_unlock(&cifs_tcp_ses_lock);
2041         return NULL;
2042 }
2043
2044 static void
2045 cifs_put_smb_ses(struct cifs_ses *ses)
2046 {
2047         int xid;
2048         struct TCP_Server_Info *server = ses->server;
2049
2050         cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
2051         spin_lock(&cifs_tcp_ses_lock);
2052         if (--ses->ses_count > 0) {
2053                 spin_unlock(&cifs_tcp_ses_lock);
2054                 return;
2055         }
2056
2057         list_del_init(&ses->smb_ses_list);
2058         spin_unlock(&cifs_tcp_ses_lock);
2059
2060         if (ses->status == CifsGood) {
2061                 xid = GetXid();
2062                 CIFSSMBLogoff(xid, ses);
2063                 _FreeXid(xid);
2064         }
2065         sesInfoFree(ses);
2066         cifs_put_tcp_session(server);
2067 }
2068
2069 #ifdef CONFIG_KEYS
2070
2071 /* strlen("cifs:a:") + INET6_ADDRSTRLEN + 1 */
2072 #define CIFSCREDS_DESC_SIZE (7 + INET6_ADDRSTRLEN + 1)
2073
2074 /* Populate username and pw fields from keyring if possible */
2075 static int
2076 cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
2077 {
2078         int rc = 0;
2079         char *desc, *delim, *payload;
2080         ssize_t len;
2081         struct key *key;
2082         struct TCP_Server_Info *server = ses->server;
2083         struct sockaddr_in *sa;
2084         struct sockaddr_in6 *sa6;
2085         struct user_key_payload *upayload;
2086
2087         desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
2088         if (!desc)
2089                 return -ENOMEM;
2090
2091         /* try to find an address key first */
2092         switch (server->dstaddr.ss_family) {
2093         case AF_INET:
2094                 sa = (struct sockaddr_in *)&server->dstaddr;
2095                 sprintf(desc, "cifs:a:%pI4", &sa->sin_addr.s_addr);
2096                 break;
2097         case AF_INET6:
2098                 sa6 = (struct sockaddr_in6 *)&server->dstaddr;
2099                 sprintf(desc, "cifs:a:%pI6c", &sa6->sin6_addr.s6_addr);
2100                 break;
2101         default:
2102                 cFYI(1, "Bad ss_family (%hu)", server->dstaddr.ss_family);
2103                 rc = -EINVAL;
2104                 goto out_err;
2105         }
2106
2107         cFYI(1, "%s: desc=%s", __func__, desc);
2108         key = request_key(&key_type_logon, desc, "");
2109         if (IS_ERR(key)) {
2110                 if (!ses->domainName) {
2111                         cFYI(1, "domainName is NULL");
2112                         rc = PTR_ERR(key);
2113                         goto out_err;
2114                 }
2115
2116                 /* didn't work, try to find a domain key */
2117                 sprintf(desc, "cifs:d:%s", ses->domainName);
2118                 cFYI(1, "%s: desc=%s", __func__, desc);
2119                 key = request_key(&key_type_logon, desc, "");
2120                 if (IS_ERR(key)) {
2121                         rc = PTR_ERR(key);
2122                         goto out_err;
2123                 }
2124         }
2125
2126         down_read(&key->sem);
2127         upayload = key->payload.data;
2128         if (IS_ERR_OR_NULL(upayload)) {
2129                 rc = upayload ? PTR_ERR(upayload) : -EINVAL;
2130                 goto out_key_put;
2131         }
2132
2133         /* find first : in payload */
2134         payload = (char *)upayload->data;
2135         delim = strnchr(payload, upayload->datalen, ':');
2136         cFYI(1, "payload=%s", payload);
2137         if (!delim) {
2138                 cFYI(1, "Unable to find ':' in payload (datalen=%d)",
2139                                 upayload->datalen);
2140                 rc = -EINVAL;
2141                 goto out_key_put;
2142         }
2143
2144         len = delim - payload;
2145         if (len > MAX_USERNAME_SIZE || len <= 0) {
2146                 cFYI(1, "Bad value from username search (len=%zd)", len);
2147                 rc = -EINVAL;
2148                 goto out_key_put;
2149         }
2150
2151         vol->username = kstrndup(payload, len, GFP_KERNEL);
2152         if (!vol->username) {
2153                 cFYI(1, "Unable to allocate %zd bytes for username", len);
2154                 rc = -ENOMEM;
2155                 goto out_key_put;
2156         }
2157         cFYI(1, "%s: username=%s", __func__, vol->username);
2158
2159         len = key->datalen - (len + 1);
2160         if (len > MAX_PASSWORD_SIZE || len <= 0) {
2161                 cFYI(1, "Bad len for password search (len=%zd)", len);
2162                 rc = -EINVAL;
2163                 kfree(vol->username);
2164                 vol->username = NULL;
2165                 goto out_key_put;
2166         }
2167
2168         ++delim;
2169         vol->password = kstrndup(delim, len, GFP_KERNEL);
2170         if (!vol->password) {
2171                 cFYI(1, "Unable to allocate %zd bytes for password", len);
2172                 rc = -ENOMEM;
2173                 kfree(vol->username);
2174                 vol->username = NULL;
2175                 goto out_key_put;
2176         }
2177
2178 out_key_put:
2179         up_read(&key->sem);
2180         key_put(key);
2181 out_err:
2182         kfree(desc);
2183         cFYI(1, "%s: returning %d", __func__, rc);
2184         return rc;
2185 }
2186 #else /* ! CONFIG_KEYS */
2187 static inline int
2188 cifs_set_cifscreds(struct smb_vol *vol __attribute__((unused)),
2189                    struct cifs_ses *ses __attribute__((unused)))
2190 {
2191         return -ENOSYS;
2192 }
2193 #endif /* CONFIG_KEYS */
2194
2195 static bool warned_on_ntlm;  /* globals init to false automatically */
2196
2197 static struct cifs_ses *
2198 cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2199 {
2200         int rc = -ENOMEM, xid;
2201         struct cifs_ses *ses;
2202         struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2203         struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2204
2205         xid = GetXid();
2206
2207         ses = cifs_find_smb_ses(server, volume_info);
2208         if (ses) {
2209                 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
2210
2211                 mutex_lock(&ses->session_mutex);
2212                 rc = cifs_negotiate_protocol(xid, ses);
2213                 if (rc) {
2214                         mutex_unlock(&ses->session_mutex);
2215                         /* problem -- put our ses reference */
2216                         cifs_put_smb_ses(ses);
2217                         FreeXid(xid);
2218                         return ERR_PTR(rc);
2219                 }
2220                 if (ses->need_reconnect) {
2221                         cFYI(1, "Session needs reconnect");
2222                         rc = cifs_setup_session(xid, ses,
2223                                                 volume_info->local_nls);
2224                         if (rc) {
2225                                 mutex_unlock(&ses->session_mutex);
2226                                 /* problem -- put our reference */
2227                                 cifs_put_smb_ses(ses);
2228                                 FreeXid(xid);
2229                                 return ERR_PTR(rc);
2230                         }
2231                 }
2232                 mutex_unlock(&ses->session_mutex);
2233
2234                 /* existing SMB ses has a server reference already */
2235                 cifs_put_tcp_session(server);
2236                 FreeXid(xid);
2237                 return ses;
2238         }
2239
2240         cFYI(1, "Existing smb sess not found");
2241         ses = sesInfoAlloc();
2242         if (ses == NULL)
2243                 goto get_ses_fail;
2244
2245         /* new SMB session uses our server ref */
2246         ses->server = server;
2247         if (server->dstaddr.ss_family == AF_INET6)
2248                 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
2249         else
2250                 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
2251
2252         if (volume_info->username) {
2253                 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2254                 if (!ses->user_name)
2255                         goto get_ses_fail;
2256         }
2257
2258         /* volume_info->password freed at unmount */
2259         if (volume_info->password) {
2260                 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2261                 if (!ses->password)
2262                         goto get_ses_fail;
2263         }
2264         if (volume_info->domainname) {
2265                 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2266                 if (!ses->domainName)
2267                         goto get_ses_fail;
2268         }
2269         ses->cred_uid = volume_info->cred_uid;
2270         ses->linux_uid = volume_info->linux_uid;
2271
2272         /* ntlmv2 is much stronger than ntlm security, and has been broadly
2273         supported for many years, time to update default security mechanism */
2274         if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2275                 warned_on_ntlm = true;
2276                 cERROR(1, "default security mechanism requested.  The default "
2277                         "security mechanism will be upgraded from ntlm to "
2278                         "ntlmv2 in kernel release 3.3");
2279         }
2280         ses->overrideSecFlg = volume_info->secFlg;
2281
2282         mutex_lock(&ses->session_mutex);
2283         rc = cifs_negotiate_protocol(xid, ses);
2284         if (!rc)
2285                 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
2286         mutex_unlock(&ses->session_mutex);
2287         if (rc)
2288                 goto get_ses_fail;
2289
2290         /* success, put it on the list */
2291         spin_lock(&cifs_tcp_ses_lock);
2292         list_add(&ses->smb_ses_list, &server->smb_ses_list);
2293         spin_unlock(&cifs_tcp_ses_lock);
2294
2295         FreeXid(xid);
2296         return ses;
2297
2298 get_ses_fail:
2299         sesInfoFree(ses);
2300         FreeXid(xid);
2301         return ERR_PTR(rc);
2302 }
2303
2304 static int match_tcon(struct cifs_tcon *tcon, const char *unc)
2305 {
2306         if (tcon->tidStatus == CifsExiting)
2307                 return 0;
2308         if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2309                 return 0;
2310         return 1;
2311 }
2312
2313 static struct cifs_tcon *
2314 cifs_find_tcon(struct cifs_ses *ses, const char *unc)
2315 {
2316         struct list_head *tmp;
2317         struct cifs_tcon *tcon;
2318
2319         spin_lock(&cifs_tcp_ses_lock);
2320         list_for_each(tmp, &ses->tcon_list) {
2321                 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
2322                 if (!match_tcon(tcon, unc))
2323                         continue;
2324                 ++tcon->tc_count;
2325                 spin_unlock(&cifs_tcp_ses_lock);
2326                 return tcon;
2327         }
2328         spin_unlock(&cifs_tcp_ses_lock);
2329         return NULL;
2330 }
2331
2332 static void
2333 cifs_put_tcon(struct cifs_tcon *tcon)
2334 {
2335         int xid;
2336         struct cifs_ses *ses = tcon->ses;
2337
2338         cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
2339         spin_lock(&cifs_tcp_ses_lock);
2340         if (--tcon->tc_count > 0) {
2341                 spin_unlock(&cifs_tcp_ses_lock);
2342                 return;
2343         }
2344
2345         list_del_init(&tcon->tcon_list);
2346         spin_unlock(&cifs_tcp_ses_lock);
2347
2348         xid = GetXid();
2349         CIFSSMBTDis(xid, tcon);
2350         _FreeXid(xid);
2351
2352         cifs_fscache_release_super_cookie(tcon);
2353         tconInfoFree(tcon);
2354         cifs_put_smb_ses(ses);
2355 }
2356
2357 static struct cifs_tcon *
2358 cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
2359 {
2360         int rc, xid;
2361         struct cifs_tcon *tcon;
2362
2363         tcon = cifs_find_tcon(ses, volume_info->UNC);
2364         if (tcon) {
2365                 cFYI(1, "Found match on UNC path");
2366                 /* existing tcon already has a reference */
2367                 cifs_put_smb_ses(ses);
2368                 if (tcon->seal != volume_info->seal)
2369                         cERROR(1, "transport encryption setting "
2370                                    "conflicts with existing tid");
2371                 return tcon;
2372         }
2373
2374         tcon = tconInfoAlloc();
2375         if (tcon == NULL) {
2376                 rc = -ENOMEM;
2377                 goto out_fail;
2378         }
2379
2380         tcon->ses = ses;
2381         if (volume_info->password) {
2382                 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2383                 if (!tcon->password) {
2384                         rc = -ENOMEM;
2385                         goto out_fail;
2386                 }
2387         }
2388
2389         if (strchr(volume_info->UNC + 3, '\\') == NULL
2390             && strchr(volume_info->UNC + 3, '/') == NULL) {
2391                 cERROR(1, "Missing share name");
2392                 rc = -ENODEV;
2393                 goto out_fail;
2394         }
2395
2396         /* BB Do we need to wrap session_mutex around
2397          * this TCon call and Unix SetFS as
2398          * we do on SessSetup and reconnect? */
2399         xid = GetXid();
2400         rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2401         FreeXid(xid);
2402         cFYI(1, "CIFS Tcon rc = %d", rc);
2403         if (rc)
2404                 goto out_fail;
2405
2406         if (volume_info->nodfs) {
2407                 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2408                 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2409         }
2410         tcon->seal = volume_info->seal;
2411         /* we can have only one retry value for a connection
2412            to a share so for resources mounted more than once
2413            to the same server share the last value passed in
2414            for the retry flag is used */
2415         tcon->retry = volume_info->retry;
2416         tcon->nocase = volume_info->nocase;
2417         tcon->local_lease = volume_info->local_lease;
2418
2419         spin_lock(&cifs_tcp_ses_lock);
2420         list_add(&tcon->tcon_list, &ses->tcon_list);
2421         spin_unlock(&cifs_tcp_ses_lock);
2422
2423         cifs_fscache_get_super_cookie(tcon);
2424
2425         return tcon;
2426
2427 out_fail:
2428         tconInfoFree(tcon);
2429         return ERR_PTR(rc);
2430 }
2431
2432 void
2433 cifs_put_tlink(struct tcon_link *tlink)
2434 {
2435         if (!tlink || IS_ERR(tlink))
2436                 return;
2437
2438         if (!atomic_dec_and_test(&tlink->tl_count) ||
2439             test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2440                 tlink->tl_time = jiffies;
2441                 return;
2442         }
2443
2444         if (!IS_ERR(tlink_tcon(tlink)))
2445                 cifs_put_tcon(tlink_tcon(tlink));
2446         kfree(tlink);
2447         return;
2448 }
2449
2450 static inline struct tcon_link *
2451 cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2452 {
2453         return cifs_sb->master_tlink;
2454 }
2455
2456 static int
2457 compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2458 {
2459         struct cifs_sb_info *old = CIFS_SB(sb);
2460         struct cifs_sb_info *new = mnt_data->cifs_sb;
2461
2462         if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2463                 return 0;
2464
2465         if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2466             (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2467                 return 0;
2468
2469         /*
2470          * We want to share sb only if we don't specify an r/wsize or
2471          * specified r/wsize is greater than or equal to existing one.
2472          */
2473         if (new->wsize && new->wsize < old->wsize)
2474                 return 0;
2475
2476         if (new->rsize && new->rsize < old->rsize)
2477                 return 0;
2478
2479         if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2480                 return 0;
2481
2482         if (old->mnt_file_mode != new->mnt_file_mode ||
2483             old->mnt_dir_mode != new->mnt_dir_mode)
2484                 return 0;
2485
2486         if (strcmp(old->local_nls->charset, new->local_nls->charset))
2487                 return 0;
2488
2489         if (old->actimeo != new->actimeo)
2490                 return 0;
2491
2492         return 1;
2493 }
2494
2495 int
2496 cifs_match_super(struct super_block *sb, void *data)
2497 {
2498         struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2499         struct smb_vol *volume_info;
2500         struct cifs_sb_info *cifs_sb;
2501         struct TCP_Server_Info *tcp_srv;
2502         struct cifs_ses *ses;
2503         struct cifs_tcon *tcon;
2504         struct tcon_link *tlink;
2505         struct sockaddr_storage addr;
2506         int rc = 0;
2507
2508         memset(&addr, 0, sizeof(struct sockaddr_storage));
2509
2510         spin_lock(&cifs_tcp_ses_lock);
2511         cifs_sb = CIFS_SB(sb);
2512         tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2513         if (IS_ERR(tlink)) {
2514                 spin_unlock(&cifs_tcp_ses_lock);
2515                 return rc;
2516         }
2517         tcon = tlink_tcon(tlink);
2518         ses = tcon->ses;
2519         tcp_srv = ses->server;
2520
2521         volume_info = mnt_data->vol;
2522
2523         if (!volume_info->UNCip || !volume_info->UNC)
2524                 goto out;
2525
2526         rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2527                                 volume_info->UNCip,
2528                                 strlen(volume_info->UNCip),
2529                                 volume_info->port);
2530         if (!rc)
2531                 goto out;
2532
2533         if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2534             !match_session(ses, volume_info) ||
2535             !match_tcon(tcon, volume_info->UNC)) {
2536                 rc = 0;
2537                 goto out;
2538         }
2539
2540         rc = compare_mount_options(sb, mnt_data);
2541 out:
2542         spin_unlock(&cifs_tcp_ses_lock);
2543         cifs_put_tlink(tlink);
2544         return rc;
2545 }
2546
2547 int
2548 get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
2549              const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
2550              struct dfs_info3_param **preferrals, int remap)
2551 {
2552         char *temp_unc;
2553         int rc = 0;
2554
2555         *pnum_referrals = 0;
2556         *preferrals = NULL;
2557
2558         if (pSesInfo->ipc_tid == 0) {
2559                 temp_unc = kmalloc(2 /* for slashes */ +
2560                         strnlen(pSesInfo->serverName,
2561                                 SERVER_NAME_LEN_WITH_NULL * 2)
2562                                  + 1 + 4 /* slash IPC$ */  + 2,
2563                                 GFP_KERNEL);
2564                 if (temp_unc == NULL)
2565                         return -ENOMEM;
2566                 temp_unc[0] = '\\';
2567                 temp_unc[1] = '\\';
2568                 strcpy(temp_unc + 2, pSesInfo->serverName);
2569                 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2570                 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
2571                 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
2572                 kfree(temp_unc);
2573         }
2574         if (rc == 0)
2575                 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
2576                                      pnum_referrals, nls_codepage, remap);
2577         /* BB map targetUNCs to dfs_info3 structures, here or
2578                 in CIFSGetDFSRefer BB */
2579
2580         return rc;
2581 }
2582
2583 #ifdef CONFIG_DEBUG_LOCK_ALLOC
2584 static struct lock_class_key cifs_key[2];
2585 static struct lock_class_key cifs_slock_key[2];
2586
2587 static inline void
2588 cifs_reclassify_socket4(struct socket *sock)
2589 {
2590         struct sock *sk = sock->sk;
2591         BUG_ON(sock_owned_by_user(sk));
2592         sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2593                 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2594 }
2595
2596 static inline void
2597 cifs_reclassify_socket6(struct socket *sock)
2598 {
2599         struct sock *sk = sock->sk;
2600         BUG_ON(sock_owned_by_user(sk));
2601         sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2602                 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2603 }
2604 #else
2605 static inline void
2606 cifs_reclassify_socket4(struct socket *sock)
2607 {
2608 }
2609
2610 static inline void
2611 cifs_reclassify_socket6(struct socket *sock)
2612 {
2613 }
2614 #endif
2615
2616 /* See RFC1001 section 14 on representation of Netbios names */
2617 static void rfc1002mangle(char *target, char *source, unsigned int length)
2618 {
2619         unsigned int i, j;
2620
2621         for (i = 0, j = 0; i < (length); i++) {
2622                 /* mask a nibble at a time and encode */
2623                 target[j] = 'A' + (0x0F & (source[i] >> 4));
2624                 target[j+1] = 'A' + (0x0F & source[i]);
2625                 j += 2;
2626         }
2627
2628 }
2629
2630 static int
2631 bind_socket(struct TCP_Server_Info *server)
2632 {
2633         int rc = 0;
2634         if (server->srcaddr.ss_family != AF_UNSPEC) {
2635                 /* Bind to the specified local IP address */
2636                 struct socket *socket = server->ssocket;
2637                 rc = socket->ops->bind(socket,
2638                                        (struct sockaddr *) &server->srcaddr,
2639                                        sizeof(server->srcaddr));
2640                 if (rc < 0) {
2641                         struct sockaddr_in *saddr4;
2642                         struct sockaddr_in6 *saddr6;
2643                         saddr4 = (struct sockaddr_in *)&server->srcaddr;
2644                         saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2645                         if (saddr6->sin6_family == AF_INET6)
2646                                 cERROR(1, "cifs: "
2647                                        "Failed to bind to: %pI6c, error: %d\n",
2648                                        &saddr6->sin6_addr, rc);
2649                         else
2650                                 cERROR(1, "cifs: "
2651                                        "Failed to bind to: %pI4, error: %d\n",
2652                                        &saddr4->sin_addr.s_addr, rc);
2653                 }
2654         }
2655         return rc;
2656 }
2657
2658 static int
2659 ip_rfc1001_connect(struct TCP_Server_Info *server)
2660 {
2661         int rc = 0;
2662         /*
2663          * some servers require RFC1001 sessinit before sending
2664          * negprot - BB check reconnection in case where second
2665          * sessinit is sent but no second negprot
2666          */
2667         struct rfc1002_session_packet *ses_init_buf;
2668         struct smb_hdr *smb_buf;
2669         ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2670                                GFP_KERNEL);
2671         if (ses_init_buf) {
2672                 ses_init_buf->trailer.session_req.called_len = 32;
2673
2674                 if (server->server_RFC1001_name &&
2675                     server->server_RFC1001_name[0] != 0)
2676                         rfc1002mangle(ses_init_buf->trailer.
2677                                       session_req.called_name,
2678                                       server->server_RFC1001_name,
2679                                       RFC1001_NAME_LEN_WITH_NULL);
2680                 else
2681                         rfc1002mangle(ses_init_buf->trailer.
2682                                       session_req.called_name,
2683                                       DEFAULT_CIFS_CALLED_NAME,
2684                                       RFC1001_NAME_LEN_WITH_NULL);
2685
2686                 ses_init_buf->trailer.session_req.calling_len = 32;
2687
2688                 /*
2689                  * calling name ends in null (byte 16) from old smb
2690                  * convention.
2691                  */
2692                 if (server->workstation_RFC1001_name &&
2693                     server->workstation_RFC1001_name[0] != 0)
2694                         rfc1002mangle(ses_init_buf->trailer.
2695                                       session_req.calling_name,
2696                                       server->workstation_RFC1001_name,
2697                                       RFC1001_NAME_LEN_WITH_NULL);
2698                 else
2699                         rfc1002mangle(ses_init_buf->trailer.
2700                                       session_req.calling_name,
2701                                       "LINUX_CIFS_CLNT",
2702                                       RFC1001_NAME_LEN_WITH_NULL);
2703
2704                 ses_init_buf->trailer.session_req.scope1 = 0;
2705                 ses_init_buf->trailer.session_req.scope2 = 0;
2706                 smb_buf = (struct smb_hdr *)ses_init_buf;
2707
2708                 /* sizeof RFC1002_SESSION_REQUEST with no scope */
2709                 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
2710                 rc = smb_send(server, smb_buf, 0x44);
2711                 kfree(ses_init_buf);
2712                 /*
2713                  * RFC1001 layer in at least one server
2714                  * requires very short break before negprot
2715                  * presumably because not expecting negprot
2716                  * to follow so fast.  This is a simple
2717                  * solution that works without
2718                  * complicating the code and causes no
2719                  * significant slowing down on mount
2720                  * for everyone else
2721                  */
2722                 usleep_range(1000, 2000);
2723         }
2724         /*
2725          * else the negprot may still work without this
2726          * even though malloc failed
2727          */
2728
2729         return rc;
2730 }
2731
2732 static int
2733 generic_ip_connect(struct TCP_Server_Info *server)
2734 {
2735         int rc = 0;
2736         __be16 sport;
2737         int slen, sfamily;
2738         struct socket *socket = server->ssocket;
2739         struct sockaddr *saddr;
2740
2741         saddr = (struct sockaddr *) &server->dstaddr;
2742
2743         if (server->dstaddr.ss_family == AF_INET6) {
2744                 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2745                 slen = sizeof(struct sockaddr_in6);
2746                 sfamily = AF_INET6;
2747         } else {
2748                 sport = ((struct sockaddr_in *) saddr)->sin_port;
2749                 slen = sizeof(struct sockaddr_in);
2750                 sfamily = AF_INET;
2751         }
2752
2753         if (socket == NULL) {
2754                 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2755                                    IPPROTO_TCP, &socket, 1);
2756                 if (rc < 0) {
2757                         cERROR(1, "Error %d creating socket", rc);
2758                         server->ssocket = NULL;
2759                         return rc;
2760                 }
2761
2762                 /* BB other socket options to set KEEPALIVE, NODELAY? */
2763                 cFYI(1, "Socket created");
2764                 server->ssocket = socket;
2765                 socket->sk->sk_allocation = GFP_NOFS;
2766                 if (sfamily == AF_INET6)
2767                         cifs_reclassify_socket6(socket);
2768                 else
2769                         cifs_reclassify_socket4(socket);
2770         }
2771
2772         rc = bind_socket(server);
2773         if (rc < 0)
2774                 return rc;
2775
2776         /*
2777          * Eventually check for other socket options to change from
2778          * the default. sock_setsockopt not used because it expects
2779          * user space buffer
2780          */
2781         socket->sk->sk_rcvtimeo = 7 * HZ;
2782         socket->sk->sk_sndtimeo = 5 * HZ;
2783
2784         /* make the bufsizes depend on wsize/rsize and max requests */
2785         if (server->noautotune) {
2786                 if (socket->sk->sk_sndbuf < (200 * 1024))
2787                         socket->sk->sk_sndbuf = 200 * 1024;
2788                 if (socket->sk->sk_rcvbuf < (140 * 1024))
2789                         socket->sk->sk_rcvbuf = 140 * 1024;
2790         }
2791
2792         if (server->tcp_nodelay) {
2793                 int val = 1;
2794                 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2795                                 (char *)&val, sizeof(val));
2796                 if (rc)
2797                         cFYI(1, "set TCP_NODELAY socket option error %d", rc);
2798         }
2799
2800          cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
2801                  socket->sk->sk_sndbuf,
2802                  socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
2803
2804         rc = socket->ops->connect(socket, saddr, slen, 0);
2805         if (rc < 0) {
2806                 cFYI(1, "Error %d connecting to server", rc);
2807                 sock_release(socket);
2808                 server->ssocket = NULL;
2809                 return rc;
2810         }
2811
2812         if (sport == htons(RFC1001_PORT))
2813                 rc = ip_rfc1001_connect(server);
2814
2815         return rc;
2816 }
2817
2818 static int
2819 ip_connect(struct TCP_Server_Info *server)
2820 {
2821         __be16 *sport;
2822         struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2823         struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2824
2825         if (server->dstaddr.ss_family == AF_INET6)
2826                 sport = &addr6->sin6_port;
2827         else
2828                 sport = &addr->sin_port;
2829
2830         if (*sport == 0) {
2831                 int rc;
2832
2833                 /* try with 445 port at first */
2834                 *sport = htons(CIFS_PORT);
2835
2836                 rc = generic_ip_connect(server);
2837                 if (rc >= 0)
2838                         return rc;
2839
2840                 /* if it failed, try with 139 port */
2841                 *sport = htons(RFC1001_PORT);
2842         }
2843
2844         return generic_ip_connect(server);
2845 }
2846
2847 void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
2848                           struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
2849 {
2850         /* if we are reconnecting then should we check to see if
2851          * any requested capabilities changed locally e.g. via
2852          * remount but we can not do much about it here
2853          * if they have (even if we could detect it by the following)
2854          * Perhaps we could add a backpointer to array of sb from tcon
2855          * or if we change to make all sb to same share the same
2856          * sb as NFS - then we only have one backpointer to sb.
2857          * What if we wanted to mount the server share twice once with
2858          * and once without posixacls or posix paths? */
2859         __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2860
2861         if (vol_info && vol_info->no_linux_ext) {
2862                 tcon->fsUnixInfo.Capability = 0;
2863                 tcon->unix_ext = 0; /* Unix Extensions disabled */
2864                 cFYI(1, "Linux protocol extensions disabled");
2865                 return;
2866         } else if (vol_info)
2867                 tcon->unix_ext = 1; /* Unix Extensions supported */
2868
2869         if (tcon->unix_ext == 0) {
2870                 cFYI(1, "Unix extensions disabled so not set on reconnect");
2871                 return;
2872         }
2873
2874         if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
2875                 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2876                 cFYI(1, "unix caps which server supports %lld", cap);
2877                 /* check for reconnect case in which we do not
2878                    want to change the mount behavior if we can avoid it */
2879                 if (vol_info == NULL) {
2880                         /* turn off POSIX ACL and PATHNAMES if not set
2881                            originally at mount time */
2882                         if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2883                                 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2884                         if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2885                                 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2886                                         cERROR(1, "POSIXPATH support change");
2887                                 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2888                         } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2889                                 cERROR(1, "possible reconnect error");
2890                                 cERROR(1, "server disabled POSIX path support");
2891                         }
2892                 }
2893
2894                 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2895                         cERROR(1, "per-share encryption not supported yet");
2896
2897                 cap &= CIFS_UNIX_CAP_MASK;
2898                 if (vol_info && vol_info->no_psx_acl)
2899                         cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2900                 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
2901                         cFYI(1, "negotiated posix acl support");
2902                         if (cifs_sb)
2903                                 cifs_sb->mnt_cifs_flags |=
2904                                         CIFS_MOUNT_POSIXACL;
2905                 }
2906
2907                 if (vol_info && vol_info->posix_paths == 0)
2908                         cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2909                 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
2910                         cFYI(1, "negotiate posix pathnames");
2911                         if (cifs_sb)
2912                                 cifs_sb->mnt_cifs_flags |=
2913                                         CIFS_MOUNT_POSIX_PATHS;
2914                 }
2915
2916                 cFYI(1, "Negotiate caps 0x%x", (int)cap);
2917 #ifdef CONFIG_CIFS_DEBUG2
2918                 if (cap & CIFS_UNIX_FCNTL_CAP)
2919                         cFYI(1, "FCNTL cap");
2920                 if (cap & CIFS_UNIX_EXTATTR_CAP)
2921                         cFYI(1, "EXTATTR cap");
2922                 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2923                         cFYI(1, "POSIX path cap");
2924                 if (cap & CIFS_UNIX_XATTR_CAP)
2925                         cFYI(1, "XATTR cap");
2926                 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
2927                         cFYI(1, "POSIX ACL cap");
2928                 if (cap & CIFS_UNIX_LARGE_READ_CAP)
2929                         cFYI(1, "very large read cap");
2930                 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
2931                         cFYI(1, "very large write cap");
2932                 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
2933                         cFYI(1, "transport encryption cap");
2934                 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
2935                         cFYI(1, "mandatory transport encryption cap");
2936 #endif /* CIFS_DEBUG2 */
2937                 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
2938                         if (vol_info == NULL) {
2939                                 cFYI(1, "resetting capabilities failed");
2940                         } else
2941                                 cERROR(1, "Negotiating Unix capabilities "
2942                                            "with the server failed.  Consider "
2943                                            "mounting with the Unix Extensions\n"
2944                                            "disabled, if problems are found, "
2945                                            "by specifying the nounix mount "
2946                                            "option.");
2947
2948                 }
2949         }
2950 }
2951
2952 void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
2953                         struct cifs_sb_info *cifs_sb)
2954 {
2955         INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2956
2957         spin_lock_init(&cifs_sb->tlink_tree_lock);
2958         cifs_sb->tlink_tree = RB_ROOT;
2959
2960         /*
2961          * Temporarily set r/wsize for matching superblock. If we end up using
2962          * new sb then client will later negotiate it downward if needed.
2963          */
2964         cifs_sb->rsize = pvolume_info->rsize;
2965         cifs_sb->wsize = pvolume_info->wsize;
2966
2967         cifs_sb->mnt_uid = pvolume_info->linux_uid;
2968         cifs_sb->mnt_gid = pvolume_info->linux_gid;
2969         if (pvolume_info->backupuid_specified)
2970                 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
2971         if (pvolume_info->backupgid_specified)
2972                 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
2973         cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2974         cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
2975         cFYI(1, "file mode: 0x%hx  dir mode: 0x%hx",
2976                 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
2977
2978         cifs_sb->actimeo = pvolume_info->actimeo;
2979         cifs_sb->local_nls = pvolume_info->local_nls;
2980
2981         if (pvolume_info->noperm)
2982                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2983         if (pvolume_info->setuids)
2984                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2985         if (pvolume_info->server_ino)
2986                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2987         if (pvolume_info->remap)
2988                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2989         if (pvolume_info->no_xattr)
2990                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2991         if (pvolume_info->sfu_emul)
2992                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2993         if (pvolume_info->nobrl)
2994                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
2995         if (pvolume_info->nostrictsync)
2996                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
2997         if (pvolume_info->mand_lock)
2998                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
2999         if (pvolume_info->rwpidforward)
3000                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
3001         if (pvolume_info->cifs_acl)
3002                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
3003         if (pvolume_info->backupuid_specified)
3004                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
3005         if (pvolume_info->backupgid_specified)
3006                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
3007         if (pvolume_info->override_uid)
3008                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
3009         if (pvolume_info->override_gid)
3010                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
3011         if (pvolume_info->dynperm)
3012                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
3013         if (pvolume_info->fsc)
3014                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
3015         if (pvolume_info->multiuser)
3016                 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
3017                                             CIFS_MOUNT_NO_PERM);
3018         if (pvolume_info->strict_io)
3019                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
3020         if (pvolume_info->direct_io) {
3021                 cFYI(1, "mounting share using direct i/o");
3022                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
3023         }
3024         if (pvolume_info->mfsymlinks) {
3025                 if (pvolume_info->sfu_emul) {
3026                         cERROR(1,  "mount option mfsymlinks ignored if sfu "
3027                                    "mount option is used");
3028                 } else {
3029                         cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
3030                 }
3031         }
3032
3033         if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
3034                 cERROR(1, "mount option dynperm ignored if cifsacl "
3035                            "mount option supported");
3036 }
3037
3038 /*
3039  * When the server supports very large reads and writes via POSIX extensions,
3040  * we can allow up to 2^24-1, minus the size of a READ/WRITE_AND_X header, not
3041  * including the RFC1001 length.
3042  *
3043  * Note that this might make for "interesting" allocation problems during
3044  * writeback however as we have to allocate an array of pointers for the
3045  * pages. A 16M write means ~32kb page array with PAGE_CACHE_SIZE == 4096.
3046  *
3047  * For reads, there is a similar problem as we need to allocate an array
3048  * of kvecs to handle the receive, though that should only need to be done
3049  * once.
3050  */
3051 #define CIFS_MAX_WSIZE ((1<<24) - 1 - sizeof(WRITE_REQ) + 4)
3052 #define CIFS_MAX_RSIZE ((1<<24) - sizeof(READ_RSP) + 4)
3053
3054 /*
3055  * When the server doesn't allow large posix writes, only allow a rsize/wsize
3056  * of 2^17-1 minus the size of the call header. That allows for a read or
3057  * write up to the maximum size described by RFC1002.
3058  */
3059 #define CIFS_MAX_RFC1002_WSIZE ((1<<17) - 1 - sizeof(WRITE_REQ) + 4)
3060 #define CIFS_MAX_RFC1002_RSIZE ((1<<17) - 1 - sizeof(READ_RSP) + 4)
3061
3062 /*
3063  * The default wsize is 1M. find_get_pages seems to return a maximum of 256
3064  * pages in a single call. With PAGE_CACHE_SIZE == 4k, this means we can fill
3065  * a single wsize request with a single call.
3066  */
3067 #define CIFS_DEFAULT_IOSIZE (1024 * 1024)
3068
3069 /*
3070  * Windows only supports a max of 60kb reads and 65535 byte writes. Default to
3071  * those values when posix extensions aren't in force. In actuality here, we
3072  * use 65536 to allow for a write that is a multiple of 4k. Most servers seem
3073  * to be ok with the extra byte even though Windows doesn't send writes that
3074  * are that large.
3075  *
3076  * Citation:
3077  *
3078  * http://blogs.msdn.com/b/openspecification/archive/2009/04/10/smb-maximum-transmit-buffer-size-and-performance-tuning.aspx
3079  */
3080 #define CIFS_DEFAULT_NON_POSIX_RSIZE (60 * 1024)
3081 #define CIFS_DEFAULT_NON_POSIX_WSIZE (65536)
3082
3083 static unsigned int
3084 cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
3085 {
3086         __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3087         struct TCP_Server_Info *server = tcon->ses->server;
3088         unsigned int wsize;
3089
3090         /* start with specified wsize, or default */
3091         if (pvolume_info->wsize)
3092                 wsize = pvolume_info->wsize;
3093         else if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
3094                 wsize = CIFS_DEFAULT_IOSIZE;
3095         else
3096                 wsize = CIFS_DEFAULT_NON_POSIX_WSIZE;
3097
3098         /* can server support 24-bit write sizes? (via UNIX extensions) */
3099         if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
3100                 wsize = min_t(unsigned int, wsize, CIFS_MAX_RFC1002_WSIZE);
3101
3102         /*
3103          * no CAP_LARGE_WRITE_X or is signing enabled without CAP_UNIX set?
3104          * Limit it to max buffer offered by the server, minus the size of the
3105          * WRITEX header, not including the 4 byte RFC1001 length.
3106          */