]> git.openfabrics.org - ~shefty/rdma-dev.git/blob - fs/cifs/connect.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6
[~shefty/rdma-dev.git] / fs / cifs / connect.c
1 /*
2  *   fs/cifs/connect.c
3  *
4  *   Copyright (C) International Business Machines  Corp., 2002,2009
5  *   Author(s): Steve French (sfrench@us.ibm.com)
6  *
7  *   This library is free software; you can redistribute it and/or modify
8  *   it under the terms of the GNU Lesser General Public License as published
9  *   by the Free Software Foundation; either version 2.1 of the License, or
10  *   (at your option) any later version.
11  *
12  *   This library is distributed in the hope that it will be useful,
13  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
14  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
15  *   the GNU Lesser General Public License for more details.
16  *
17  *   You should have received a copy of the GNU Lesser General Public License
18  *   along with this library; if not, write to the Free Software
19  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20  */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/slab.h>
27 #include <linux/pagemap.h>
28 #include <linux/ctype.h>
29 #include <linux/utsname.h>
30 #include <linux/mempool.h>
31 #include <linux/delay.h>
32 #include <linux/completion.h>
33 #include <linux/kthread.h>
34 #include <linux/pagevec.h>
35 #include <linux/freezer.h>
36 #include <linux/namei.h>
37 #include <asm/uaccess.h>
38 #include <asm/processor.h>
39 #include <linux/inet.h>
40 #include <net/ipv6.h>
41 #include "cifspdu.h"
42 #include "cifsglob.h"
43 #include "cifsproto.h"
44 #include "cifs_unicode.h"
45 #include "cifs_debug.h"
46 #include "cifs_fs_sb.h"
47 #include "ntlmssp.h"
48 #include "nterr.h"
49 #include "rfc1002pdu.h"
50 #include "fscache.h"
51
52 #define CIFS_PORT 445
53 #define RFC1001_PORT 139
54
55 extern void SMBNTencrypt(unsigned char *passwd, unsigned char *c8,
56                          unsigned char *p24);
57
58 extern mempool_t *cifs_req_poolp;
59
60 struct smb_vol {
61         char *username;
62         char *password;
63         char *domainname;
64         char *UNC;
65         char *UNCip;
66         char *iocharset;  /* local code page for mapping to and from Unicode */
67         char source_rfc1001_name[16]; /* netbios name of client */
68         char target_rfc1001_name[16]; /* netbios name of server for Win9x/ME */
69         uid_t cred_uid;
70         uid_t linux_uid;
71         gid_t linux_gid;
72         mode_t file_mode;
73         mode_t dir_mode;
74         unsigned secFlg;
75         bool retry:1;
76         bool intr:1;
77         bool setuids:1;
78         bool override_uid:1;
79         bool override_gid:1;
80         bool dynperm:1;
81         bool noperm:1;
82         bool no_psx_acl:1; /* set if posix acl support should be disabled */
83         bool cifs_acl:1;
84         bool no_xattr:1;   /* set if xattr (EA) support should be disabled*/
85         bool server_ino:1; /* use inode numbers from server ie UniqueId */
86         bool direct_io:1;
87         bool remap:1;      /* set to remap seven reserved chars in filenames */
88         bool posix_paths:1; /* unset to not ask for posix pathnames. */
89         bool no_linux_ext:1;
90         bool sfu_emul:1;
91         bool nullauth:1;   /* attempt to authenticate with null user */
92         bool nocase:1;     /* request case insensitive filenames */
93         bool nobrl:1;      /* disable sending byte range locks to srv */
94         bool mand_lock:1;  /* send mandatory not posix byte range lock reqs */
95         bool seal:1;       /* request transport encryption on share */
96         bool nodfs:1;      /* Do not request DFS, even if available */
97         bool local_lease:1; /* check leases only on local system, not remote */
98         bool noblocksnd:1;
99         bool noautotune:1;
100         bool nostrictsync:1; /* do not force expensive SMBflush on every sync */
101         bool fsc:1;     /* enable fscache */
102         bool mfsymlinks:1; /* use Minshall+French Symlinks */
103         bool multiuser:1;
104         unsigned int rsize;
105         unsigned int wsize;
106         bool sockopt_tcp_nodelay:1;
107         unsigned short int port;
108         char *prepath;
109         struct sockaddr_storage srcaddr; /* allow binding to a local IP */
110         struct nls_table *local_nls;
111 };
112
113 /* FIXME: should these be tunable? */
114 #define TLINK_ERROR_EXPIRE      (1 * HZ)
115 #define TLINK_IDLE_EXPIRE       (600 * HZ)
116
117 static int ipv4_connect(struct TCP_Server_Info *server);
118 static int ipv6_connect(struct TCP_Server_Info *server);
119 static void cifs_prune_tlinks(struct work_struct *work);
120
121 /*
122  * cifs tcp session reconnection
123  *
124  * mark tcp session as reconnecting so temporarily locked
125  * mark all smb sessions as reconnecting for tcp session
126  * reconnect tcp session
127  * wake up waiters on reconnection? - (not needed currently)
128  */
129 static int
130 cifs_reconnect(struct TCP_Server_Info *server)
131 {
132         int rc = 0;
133         struct list_head *tmp, *tmp2;
134         struct cifsSesInfo *ses;
135         struct cifsTconInfo *tcon;
136         struct mid_q_entry *mid_entry;
137
138         spin_lock(&GlobalMid_Lock);
139         if (server->tcpStatus == CifsExiting) {
140                 /* the demux thread will exit normally
141                 next time through the loop */
142                 spin_unlock(&GlobalMid_Lock);
143                 return rc;
144         } else
145                 server->tcpStatus = CifsNeedReconnect;
146         spin_unlock(&GlobalMid_Lock);
147         server->maxBuf = 0;
148
149         cFYI(1, "Reconnecting tcp session");
150
151         /* before reconnecting the tcp session, mark the smb session (uid)
152                 and the tid bad so they are not used until reconnected */
153         spin_lock(&cifs_tcp_ses_lock);
154         list_for_each(tmp, &server->smb_ses_list) {
155                 ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list);
156                 ses->need_reconnect = true;
157                 ses->ipc_tid = 0;
158                 list_for_each(tmp2, &ses->tcon_list) {
159                         tcon = list_entry(tmp2, struct cifsTconInfo, tcon_list);
160                         tcon->need_reconnect = true;
161                 }
162         }
163         spin_unlock(&cifs_tcp_ses_lock);
164         /* do not want to be sending data on a socket we are freeing */
165         mutex_lock(&server->srv_mutex);
166         if (server->ssocket) {
167                 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
168                         server->ssocket->flags);
169                 kernel_sock_shutdown(server->ssocket, SHUT_WR);
170                 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
171                         server->ssocket->state,
172                         server->ssocket->flags);
173                 sock_release(server->ssocket);
174                 server->ssocket = NULL;
175         }
176         server->sequence_number = 0;
177         server->session_estab = false;
178         kfree(server->session_key.response);
179         server->session_key.response = NULL;
180         server->session_key.len = 0;
181
182         spin_lock(&GlobalMid_Lock);
183         list_for_each(tmp, &server->pending_mid_q) {
184                 mid_entry = list_entry(tmp, struct
185                                         mid_q_entry,
186                                         qhead);
187                 if (mid_entry->midState == MID_REQUEST_SUBMITTED) {
188                                 /* Mark other intransit requests as needing
189                                    retry so we do not immediately mark the
190                                    session bad again (ie after we reconnect
191                                    below) as they timeout too */
192                         mid_entry->midState = MID_RETRY_NEEDED;
193                 }
194         }
195         spin_unlock(&GlobalMid_Lock);
196         mutex_unlock(&server->srv_mutex);
197
198         while ((server->tcpStatus != CifsExiting) &&
199                (server->tcpStatus != CifsGood)) {
200                 try_to_freeze();
201                 if (server->addr.sockAddr6.sin6_family == AF_INET6)
202                         rc = ipv6_connect(server);
203                 else
204                         rc = ipv4_connect(server);
205                 if (rc) {
206                         cFYI(1, "reconnect error %d", rc);
207                         msleep(3000);
208                 } else {
209                         atomic_inc(&tcpSesReconnectCount);
210                         spin_lock(&GlobalMid_Lock);
211                         if (server->tcpStatus != CifsExiting)
212                                 server->tcpStatus = CifsGood;
213                         spin_unlock(&GlobalMid_Lock);
214         /*              atomic_set(&server->inFlight,0);*/
215                         wake_up(&server->response_q);
216                 }
217         }
218         return rc;
219 }
220
221 /*
222         return codes:
223                 0       not a transact2, or all data present
224                 >0      transact2 with that much data missing
225                 -EINVAL = invalid transact2
226
227  */
228 static int check2ndT2(struct smb_hdr *pSMB, unsigned int maxBufSize)
229 {
230         struct smb_t2_rsp *pSMBt;
231         int total_data_size;
232         int data_in_this_rsp;
233         int remaining;
234
235         if (pSMB->Command != SMB_COM_TRANSACTION2)
236                 return 0;
237
238         /* check for plausible wct, bcc and t2 data and parm sizes */
239         /* check for parm and data offset going beyond end of smb */
240         if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
241                 cFYI(1, "invalid transact2 word count");
242                 return -EINVAL;
243         }
244
245         pSMBt = (struct smb_t2_rsp *)pSMB;
246
247         total_data_size = le16_to_cpu(pSMBt->t2_rsp.TotalDataCount);
248         data_in_this_rsp = le16_to_cpu(pSMBt->t2_rsp.DataCount);
249
250         remaining = total_data_size - data_in_this_rsp;
251
252         if (remaining == 0)
253                 return 0;
254         else if (remaining < 0) {
255                 cFYI(1, "total data %d smaller than data in frame %d",
256                         total_data_size, data_in_this_rsp);
257                 return -EINVAL;
258         } else {
259                 cFYI(1, "missing %d bytes from transact2, check next response",
260                         remaining);
261                 if (total_data_size > maxBufSize) {
262                         cERROR(1, "TotalDataSize %d is over maximum buffer %d",
263                                 total_data_size, maxBufSize);
264                         return -EINVAL;
265                 }
266                 return remaining;
267         }
268 }
269
270 static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
271 {
272         struct smb_t2_rsp *pSMB2 = (struct smb_t2_rsp *)psecond;
273         struct smb_t2_rsp *pSMBt  = (struct smb_t2_rsp *)pTargetSMB;
274         int total_data_size;
275         int total_in_buf;
276         int remaining;
277         int total_in_buf2;
278         char *data_area_of_target;
279         char *data_area_of_buf2;
280         __u16 byte_count;
281
282         total_data_size = le16_to_cpu(pSMBt->t2_rsp.TotalDataCount);
283
284         if (total_data_size != le16_to_cpu(pSMB2->t2_rsp.TotalDataCount)) {
285                 cFYI(1, "total data size of primary and secondary t2 differ");
286         }
287
288         total_in_buf = le16_to_cpu(pSMBt->t2_rsp.DataCount);
289
290         remaining = total_data_size - total_in_buf;
291
292         if (remaining < 0)
293                 return -EINVAL;
294
295         if (remaining == 0) /* nothing to do, ignore */
296                 return 0;
297
298         total_in_buf2 = le16_to_cpu(pSMB2->t2_rsp.DataCount);
299         if (remaining < total_in_buf2) {
300                 cFYI(1, "transact2 2nd response contains too much data");
301         }
302
303         /* find end of first SMB data area */
304         data_area_of_target = (char *)&pSMBt->hdr.Protocol +
305                                 le16_to_cpu(pSMBt->t2_rsp.DataOffset);
306         /* validate target area */
307
308         data_area_of_buf2 = (char *) &pSMB2->hdr.Protocol +
309                                         le16_to_cpu(pSMB2->t2_rsp.DataOffset);
310
311         data_area_of_target += total_in_buf;
312
313         /* copy second buffer into end of first buffer */
314         memcpy(data_area_of_target, data_area_of_buf2, total_in_buf2);
315         total_in_buf += total_in_buf2;
316         pSMBt->t2_rsp.DataCount = cpu_to_le16(total_in_buf);
317         byte_count = le16_to_cpu(BCC_LE(pTargetSMB));
318         byte_count += total_in_buf2;
319         BCC_LE(pTargetSMB) = cpu_to_le16(byte_count);
320
321         byte_count = pTargetSMB->smb_buf_length;
322         byte_count += total_in_buf2;
323
324         /* BB also add check that we are not beyond maximum buffer size */
325
326         pTargetSMB->smb_buf_length = byte_count;
327
328         if (remaining == total_in_buf2) {
329                 cFYI(1, "found the last secondary response");
330                 return 0; /* we are done */
331         } else /* more responses to go */
332                 return 1;
333
334 }
335
336 static int
337 cifs_demultiplex_thread(struct TCP_Server_Info *server)
338 {
339         int length;
340         unsigned int pdu_length, total_read;
341         struct smb_hdr *smb_buffer = NULL;
342         struct smb_hdr *bigbuf = NULL;
343         struct smb_hdr *smallbuf = NULL;
344         struct msghdr smb_msg;
345         struct kvec iov;
346         struct socket *csocket = server->ssocket;
347         struct list_head *tmp;
348         struct cifsSesInfo *ses;
349         struct task_struct *task_to_wake = NULL;
350         struct mid_q_entry *mid_entry;
351         char temp;
352         bool isLargeBuf = false;
353         bool isMultiRsp;
354         int reconnect;
355
356         current->flags |= PF_MEMALLOC;
357         cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
358
359         length = atomic_inc_return(&tcpSesAllocCount);
360         if (length > 1)
361                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
362                                 GFP_KERNEL);
363
364         set_freezable();
365         while (server->tcpStatus != CifsExiting) {
366                 if (try_to_freeze())
367                         continue;
368                 if (bigbuf == NULL) {
369                         bigbuf = cifs_buf_get();
370                         if (!bigbuf) {
371                                 cERROR(1, "No memory for large SMB response");
372                                 msleep(3000);
373                                 /* retry will check if exiting */
374                                 continue;
375                         }
376                 } else if (isLargeBuf) {
377                         /* we are reusing a dirty large buf, clear its start */
378                         memset(bigbuf, 0, sizeof(struct smb_hdr));
379                 }
380
381                 if (smallbuf == NULL) {
382                         smallbuf = cifs_small_buf_get();
383                         if (!smallbuf) {
384                                 cERROR(1, "No memory for SMB response");
385                                 msleep(1000);
386                                 /* retry will check if exiting */
387                                 continue;
388                         }
389                         /* beginning of smb buffer is cleared in our buf_get */
390                 } else /* if existing small buf clear beginning */
391                         memset(smallbuf, 0, sizeof(struct smb_hdr));
392
393                 isLargeBuf = false;
394                 isMultiRsp = false;
395                 smb_buffer = smallbuf;
396                 iov.iov_base = smb_buffer;
397                 iov.iov_len = 4;
398                 smb_msg.msg_control = NULL;
399                 smb_msg.msg_controllen = 0;
400                 pdu_length = 4; /* enough to get RFC1001 header */
401 incomplete_rcv:
402                 length =
403                     kernel_recvmsg(csocket, &smb_msg,
404                                 &iov, 1, pdu_length, 0 /* BB other flags? */);
405
406                 if (server->tcpStatus == CifsExiting) {
407                         break;
408                 } else if (server->tcpStatus == CifsNeedReconnect) {
409                         cFYI(1, "Reconnect after server stopped responding");
410                         cifs_reconnect(server);
411                         cFYI(1, "call to reconnect done");
412                         csocket = server->ssocket;
413                         continue;
414                 } else if (length == -ERESTARTSYS ||
415                            length == -EAGAIN ||
416                            length == -EINTR) {
417                         msleep(1); /* minimum sleep to prevent looping
418                                 allowing socket to clear and app threads to set
419                                 tcpStatus CifsNeedReconnect if server hung */
420                         if (pdu_length < 4) {
421                                 iov.iov_base = (4 - pdu_length) +
422                                                         (char *)smb_buffer;
423                                 iov.iov_len = pdu_length;
424                                 smb_msg.msg_control = NULL;
425                                 smb_msg.msg_controllen = 0;
426                                 goto incomplete_rcv;
427                         } else
428                                 continue;
429                 } else if (length <= 0) {
430                         cFYI(1, "Reconnect after unexpected peek error %d",
431                                 length);
432                         cifs_reconnect(server);
433                         csocket = server->ssocket;
434                         wake_up(&server->response_q);
435                         continue;
436                 } else if (length < pdu_length) {
437                         cFYI(1, "requested %d bytes but only got %d bytes",
438                                   pdu_length, length);
439                         pdu_length -= length;
440                         msleep(1);
441                         goto incomplete_rcv;
442                 }
443
444                 /* The right amount was read from socket - 4 bytes */
445                 /* so we can now interpret the length field */
446
447                 /* the first byte big endian of the length field,
448                 is actually not part of the length but the type
449                 with the most common, zero, as regular data */
450                 temp = *((char *) smb_buffer);
451
452                 /* Note that FC 1001 length is big endian on the wire,
453                 but we convert it here so it is always manipulated
454                 as host byte order */
455                 pdu_length = be32_to_cpu((__force __be32)smb_buffer->smb_buf_length);
456                 smb_buffer->smb_buf_length = pdu_length;
457
458                 cFYI(1, "rfc1002 length 0x%x", pdu_length+4);
459
460                 if (temp == (char) RFC1002_SESSION_KEEP_ALIVE) {
461                         continue;
462                 } else if (temp == (char)RFC1002_POSITIVE_SESSION_RESPONSE) {
463                         cFYI(1, "Good RFC 1002 session rsp");
464                         continue;
465                 } else if (temp == (char)RFC1002_NEGATIVE_SESSION_RESPONSE) {
466                         /* we get this from Windows 98 instead of
467                            an error on SMB negprot response */
468                         cFYI(1, "Negative RFC1002 Session Response Error 0x%x)",
469                                 pdu_length);
470                         /* give server a second to clean up  */
471                         msleep(1000);
472                         /* always try 445 first on reconnect since we get NACK
473                          * on some if we ever connected to port 139 (the NACK
474                          * is since we do not begin with RFC1001 session
475                          * initialize frame)
476                          */
477                         cifs_set_port((struct sockaddr *)
478                                         &server->addr.sockAddr, CIFS_PORT);
479                         cifs_reconnect(server);
480                         csocket = server->ssocket;
481                         wake_up(&server->response_q);
482                         continue;
483                 } else if (temp != (char) 0) {
484                         cERROR(1, "Unknown RFC 1002 frame");
485                         cifs_dump_mem(" Received Data: ", (char *)smb_buffer,
486                                       length);
487                         cifs_reconnect(server);
488                         csocket = server->ssocket;
489                         continue;
490                 }
491
492                 /* else we have an SMB response */
493                 if ((pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) ||
494                             (pdu_length < sizeof(struct smb_hdr) - 1 - 4)) {
495                         cERROR(1, "Invalid size SMB length %d pdu_length %d",
496                                         length, pdu_length+4);
497                         cifs_reconnect(server);
498                         csocket = server->ssocket;
499                         wake_up(&server->response_q);
500                         continue;
501                 }
502
503                 /* else length ok */
504                 reconnect = 0;
505
506                 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
507                         isLargeBuf = true;
508                         memcpy(bigbuf, smallbuf, 4);
509                         smb_buffer = bigbuf;
510                 }
511                 length = 0;
512                 iov.iov_base = 4 + (char *)smb_buffer;
513                 iov.iov_len = pdu_length;
514                 for (total_read = 0; total_read < pdu_length;
515                      total_read += length) {
516                         length = kernel_recvmsg(csocket, &smb_msg, &iov, 1,
517                                                 pdu_length - total_read, 0);
518                         if (server->tcpStatus == CifsExiting) {
519                                 /* then will exit */
520                                 reconnect = 2;
521                                 break;
522                         } else if (server->tcpStatus == CifsNeedReconnect) {
523                                 cifs_reconnect(server);
524                                 csocket = server->ssocket;
525                                 /* Reconnect wakes up rspns q */
526                                 /* Now we will reread sock */
527                                 reconnect = 1;
528                                 break;
529                         } else if (length == -ERESTARTSYS ||
530                                    length == -EAGAIN ||
531                                    length == -EINTR) {
532                                 msleep(1); /* minimum sleep to prevent looping,
533                                               allowing socket to clear and app
534                                               threads to set tcpStatus
535                                               CifsNeedReconnect if server hung*/
536                                 length = 0;
537                                 continue;
538                         } else if (length <= 0) {
539                                 cERROR(1, "Received no data, expecting %d",
540                                               pdu_length - total_read);
541                                 cifs_reconnect(server);
542                                 csocket = server->ssocket;
543                                 reconnect = 1;
544                                 break;
545                         }
546                 }
547                 if (reconnect == 2)
548                         break;
549                 else if (reconnect == 1)
550                         continue;
551
552                 length += 4; /* account for rfc1002 hdr */
553
554
555                 dump_smb(smb_buffer, length);
556                 if (checkSMB(smb_buffer, smb_buffer->Mid, total_read+4)) {
557                         cifs_dump_mem("Bad SMB: ", smb_buffer, 48);
558                         continue;
559                 }
560
561
562                 task_to_wake = NULL;
563                 spin_lock(&GlobalMid_Lock);
564                 list_for_each(tmp, &server->pending_mid_q) {
565                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
566
567                         if ((mid_entry->mid == smb_buffer->Mid) &&
568                             (mid_entry->midState == MID_REQUEST_SUBMITTED) &&
569                             (mid_entry->command == smb_buffer->Command)) {
570                                 if (check2ndT2(smb_buffer,server->maxBuf) > 0) {
571                                         /* We have a multipart transact2 resp */
572                                         isMultiRsp = true;
573                                         if (mid_entry->resp_buf) {
574                                                 /* merge response - fix up 1st*/
575                                                 if (coalesce_t2(smb_buffer,
576                                                         mid_entry->resp_buf)) {
577                                                         mid_entry->multiRsp =
578                                                                  true;
579                                                         break;
580                                                 } else {
581                                                         /* all parts received */
582                                                         mid_entry->multiEnd =
583                                                                  true;
584                                                         goto multi_t2_fnd;
585                                                 }
586                                         } else {
587                                                 if (!isLargeBuf) {
588                                                         cERROR(1, "1st trans2 resp needs bigbuf");
589                                         /* BB maybe we can fix this up,  switch
590                                            to already allocated large buffer? */
591                                                 } else {
592                                                         /* Have first buffer */
593                                                         mid_entry->resp_buf =
594                                                                  smb_buffer;
595                                                         mid_entry->largeBuf =
596                                                                  true;
597                                                         bigbuf = NULL;
598                                                 }
599                                         }
600                                         break;
601                                 }
602                                 mid_entry->resp_buf = smb_buffer;
603                                 mid_entry->largeBuf = isLargeBuf;
604 multi_t2_fnd:
605                                 task_to_wake = mid_entry->tsk;
606                                 mid_entry->midState = MID_RESPONSE_RECEIVED;
607 #ifdef CONFIG_CIFS_STATS2
608                                 mid_entry->when_received = jiffies;
609 #endif
610                                 /* so we do not time out requests to  server
611                                 which is still responding (since server could
612                                 be busy but not dead) */
613                                 server->lstrp = jiffies;
614                                 break;
615                         }
616                 }
617                 spin_unlock(&GlobalMid_Lock);
618                 if (task_to_wake) {
619                         /* Was previous buf put in mpx struct for multi-rsp? */
620                         if (!isMultiRsp) {
621                                 /* smb buffer will be freed by user thread */
622                                 if (isLargeBuf)
623                                         bigbuf = NULL;
624                                 else
625                                         smallbuf = NULL;
626                         }
627                         wake_up_process(task_to_wake);
628                 } else if (!is_valid_oplock_break(smb_buffer, server) &&
629                            !isMultiRsp) {
630                         cERROR(1, "No task to wake, unknown frame received! "
631                                    "NumMids %d", midCount.counter);
632                         cifs_dump_mem("Received Data is: ", (char *)smb_buffer,
633                                       sizeof(struct smb_hdr));
634 #ifdef CONFIG_CIFS_DEBUG2
635                         cifs_dump_detail(smb_buffer);
636                         cifs_dump_mids(server);
637 #endif /* CIFS_DEBUG2 */
638
639                 }
640         } /* end while !EXITING */
641
642         /* take it off the list, if it's not already */
643         spin_lock(&cifs_tcp_ses_lock);
644         list_del_init(&server->tcp_ses_list);
645         spin_unlock(&cifs_tcp_ses_lock);
646
647         spin_lock(&GlobalMid_Lock);
648         server->tcpStatus = CifsExiting;
649         spin_unlock(&GlobalMid_Lock);
650         wake_up_all(&server->response_q);
651
652         /* check if we have blocked requests that need to free */
653         /* Note that cifs_max_pending is normally 50, but
654         can be set at module install time to as little as two */
655         spin_lock(&GlobalMid_Lock);
656         if (atomic_read(&server->inFlight) >= cifs_max_pending)
657                 atomic_set(&server->inFlight, cifs_max_pending - 1);
658         /* We do not want to set the max_pending too low or we
659         could end up with the counter going negative */
660         spin_unlock(&GlobalMid_Lock);
661         /* Although there should not be any requests blocked on
662         this queue it can not hurt to be paranoid and try to wake up requests
663         that may haven been blocked when more than 50 at time were on the wire
664         to the same server - they now will see the session is in exit state
665         and get out of SendReceive.  */
666         wake_up_all(&server->request_q);
667         /* give those requests time to exit */
668         msleep(125);
669
670         if (server->ssocket) {
671                 sock_release(csocket);
672                 server->ssocket = NULL;
673         }
674         /* buffer usuallly freed in free_mid - need to free it here on exit */
675         cifs_buf_release(bigbuf);
676         if (smallbuf) /* no sense logging a debug message if NULL */
677                 cifs_small_buf_release(smallbuf);
678
679         /*
680          * BB: we shouldn't have to do any of this. It shouldn't be
681          * possible to exit from the thread with active SMB sessions
682          */
683         spin_lock(&cifs_tcp_ses_lock);
684         if (list_empty(&server->pending_mid_q)) {
685                 /* loop through server session structures attached to this and
686                     mark them dead */
687                 list_for_each(tmp, &server->smb_ses_list) {
688                         ses = list_entry(tmp, struct cifsSesInfo,
689                                          smb_ses_list);
690                         ses->status = CifsExiting;
691                         ses->server = NULL;
692                 }
693                 spin_unlock(&cifs_tcp_ses_lock);
694         } else {
695                 /* although we can not zero the server struct pointer yet,
696                 since there are active requests which may depnd on them,
697                 mark the corresponding SMB sessions as exiting too */
698                 list_for_each(tmp, &server->smb_ses_list) {
699                         ses = list_entry(tmp, struct cifsSesInfo,
700                                          smb_ses_list);
701                         ses->status = CifsExiting;
702                 }
703
704                 spin_lock(&GlobalMid_Lock);
705                 list_for_each(tmp, &server->pending_mid_q) {
706                 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
707                         if (mid_entry->midState == MID_REQUEST_SUBMITTED) {
708                                 cFYI(1, "Clearing Mid 0x%x - waking up ",
709                                          mid_entry->mid);
710                                 task_to_wake = mid_entry->tsk;
711                                 if (task_to_wake)
712                                         wake_up_process(task_to_wake);
713                         }
714                 }
715                 spin_unlock(&GlobalMid_Lock);
716                 spin_unlock(&cifs_tcp_ses_lock);
717                 /* 1/8th of sec is more than enough time for them to exit */
718                 msleep(125);
719         }
720
721         if (!list_empty(&server->pending_mid_q)) {
722                 /* mpx threads have not exited yet give them
723                 at least the smb send timeout time for long ops */
724                 /* due to delays on oplock break requests, we need
725                 to wait at least 45 seconds before giving up
726                 on a request getting a response and going ahead
727                 and killing cifsd */
728                 cFYI(1, "Wait for exit from demultiplex thread");
729                 msleep(46000);
730                 /* if threads still have not exited they are probably never
731                 coming home not much else we can do but free the memory */
732         }
733
734         /* last chance to mark ses pointers invalid
735         if there are any pointing to this (e.g
736         if a crazy root user tried to kill cifsd
737         kernel thread explicitly this might happen) */
738         /* BB: This shouldn't be necessary, see above */
739         spin_lock(&cifs_tcp_ses_lock);
740         list_for_each(tmp, &server->smb_ses_list) {
741                 ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list);
742                 ses->server = NULL;
743         }
744         spin_unlock(&cifs_tcp_ses_lock);
745
746         kfree(server->hostname);
747         task_to_wake = xchg(&server->tsk, NULL);
748         kfree(server);
749
750         length = atomic_dec_return(&tcpSesAllocCount);
751         if (length  > 0)
752                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
753                                 GFP_KERNEL);
754
755         /* if server->tsk was NULL then wait for a signal before exiting */
756         if (!task_to_wake) {
757                 set_current_state(TASK_INTERRUPTIBLE);
758                 while (!signal_pending(current)) {
759                         schedule();
760                         set_current_state(TASK_INTERRUPTIBLE);
761                 }
762                 set_current_state(TASK_RUNNING);
763         }
764
765         module_put_and_exit(0);
766 }
767
768 /* extract the host portion of the UNC string */
769 static char *
770 extract_hostname(const char *unc)
771 {
772         const char *src;
773         char *dst, *delim;
774         unsigned int len;
775
776         /* skip double chars at beginning of string */
777         /* BB: check validity of these bytes? */
778         src = unc + 2;
779
780         /* delimiter between hostname and sharename is always '\\' now */
781         delim = strchr(src, '\\');
782         if (!delim)
783                 return ERR_PTR(-EINVAL);
784
785         len = delim - src;
786         dst = kmalloc((len + 1), GFP_KERNEL);
787         if (dst == NULL)
788                 return ERR_PTR(-ENOMEM);
789
790         memcpy(dst, src, len);
791         dst[len] = '\0';
792
793         return dst;
794 }
795
796 static int
797 cifs_parse_mount_options(char *options, const char *devname,
798                          struct smb_vol *vol)
799 {
800         char *value;
801         char *data;
802         unsigned int  temp_len, i, j;
803         char separator[2];
804         short int override_uid = -1;
805         short int override_gid = -1;
806         bool uid_specified = false;
807         bool gid_specified = false;
808
809         separator[0] = ',';
810         separator[1] = 0;
811
812         if (Local_System_Name[0] != 0)
813                 memcpy(vol->source_rfc1001_name, Local_System_Name, 15);
814         else {
815                 char *nodename = utsname()->nodename;
816                 int n = strnlen(nodename, 15);
817                 memset(vol->source_rfc1001_name, 0x20, 15);
818                 for (i = 0; i < n; i++) {
819                         /* does not have to be perfect mapping since field is
820                         informational, only used for servers that do not support
821                         port 445 and it can be overridden at mount time */
822                         vol->source_rfc1001_name[i] = toupper(nodename[i]);
823                 }
824         }
825         vol->source_rfc1001_name[15] = 0;
826         /* null target name indicates to use *SMBSERVR default called name
827            if we end up sending RFC1001 session initialize */
828         vol->target_rfc1001_name[0] = 0;
829         vol->cred_uid = current_uid();
830         vol->linux_uid = current_uid();
831         vol->linux_gid = current_gid();
832
833         /* default to only allowing write access to owner of the mount */
834         vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
835
836         /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
837         /* default is always to request posix paths. */
838         vol->posix_paths = 1;
839         /* default to using server inode numbers where available */
840         vol->server_ino = 1;
841
842         if (!options)
843                 return 1;
844
845         if (strncmp(options, "sep=", 4) == 0) {
846                 if (options[4] != 0) {
847                         separator[0] = options[4];
848                         options += 5;
849                 } else {
850                         cFYI(1, "Null separator not allowed");
851                 }
852         }
853
854         while ((data = strsep(&options, separator)) != NULL) {
855                 if (!*data)
856                         continue;
857                 if ((value = strchr(data, '=')) != NULL)
858                         *value++ = '\0';
859
860                 /* Have to parse this before we parse for "user" */
861                 if (strnicmp(data, "user_xattr", 10) == 0) {
862                         vol->no_xattr = 0;
863                 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
864                         vol->no_xattr = 1;
865                 } else if (strnicmp(data, "user", 4) == 0) {
866                         if (!value) {
867                                 printk(KERN_WARNING
868                                        "CIFS: invalid or missing username\n");
869                                 return 1;       /* needs_arg; */
870                         } else if (!*value) {
871                                 /* null user, ie anonymous, authentication */
872                                 vol->nullauth = 1;
873                         }
874                         if (strnlen(value, 200) < 200) {
875                                 vol->username = value;
876                         } else {
877                                 printk(KERN_WARNING "CIFS: username too long\n");
878                                 return 1;
879                         }
880                 } else if (strnicmp(data, "pass", 4) == 0) {
881                         if (!value) {
882                                 vol->password = NULL;
883                                 continue;
884                         } else if (value[0] == 0) {
885                                 /* check if string begins with double comma
886                                    since that would mean the password really
887                                    does start with a comma, and would not
888                                    indicate an empty string */
889                                 if (value[1] != separator[0]) {
890                                         vol->password = NULL;
891                                         continue;
892                                 }
893                         }
894                         temp_len = strlen(value);
895                         /* removed password length check, NTLM passwords
896                                 can be arbitrarily long */
897
898                         /* if comma in password, the string will be
899                         prematurely null terminated.  Commas in password are
900                         specified across the cifs mount interface by a double
901                         comma ie ,, and a comma used as in other cases ie ','
902                         as a parameter delimiter/separator is single and due
903                         to the strsep above is temporarily zeroed. */
904
905                         /* NB: password legally can have multiple commas and
906                         the only illegal character in a password is null */
907
908                         if ((value[temp_len] == 0) &&
909                             (value[temp_len+1] == separator[0])) {
910                                 /* reinsert comma */
911                                 value[temp_len] = separator[0];
912                                 temp_len += 2;  /* move after second comma */
913                                 while (value[temp_len] != 0)  {
914                                         if (value[temp_len] == separator[0]) {
915                                                 if (value[temp_len+1] ==
916                                                      separator[0]) {
917                                                 /* skip second comma */
918                                                         temp_len++;
919                                                 } else {
920                                                 /* single comma indicating start
921                                                          of next parm */
922                                                         break;
923                                                 }
924                                         }
925                                         temp_len++;
926                                 }
927                                 if (value[temp_len] == 0) {
928                                         options = NULL;
929                                 } else {
930                                         value[temp_len] = 0;
931                                         /* point option to start of next parm */
932                                         options = value + temp_len + 1;
933                                 }
934                                 /* go from value to value + temp_len condensing
935                                 double commas to singles. Note that this ends up
936                                 allocating a few bytes too many, which is ok */
937                                 vol->password = kzalloc(temp_len, GFP_KERNEL);
938                                 if (vol->password == NULL) {
939                                         printk(KERN_WARNING "CIFS: no memory "
940                                                             "for password\n");
941                                         return 1;
942                                 }
943                                 for (i = 0, j = 0; i < temp_len; i++, j++) {
944                                         vol->password[j] = value[i];
945                                         if (value[i] == separator[0]
946                                                 && value[i+1] == separator[0]) {
947                                                 /* skip second comma */
948                                                 i++;
949                                         }
950                                 }
951                                 vol->password[j] = 0;
952                         } else {
953                                 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
954                                 if (vol->password == NULL) {
955                                         printk(KERN_WARNING "CIFS: no memory "
956                                                             "for password\n");
957                                         return 1;
958                                 }
959                                 strcpy(vol->password, value);
960                         }
961                 } else if (!strnicmp(data, "ip", 2) ||
962                            !strnicmp(data, "addr", 4)) {
963                         if (!value || !*value) {
964                                 vol->UNCip = NULL;
965                         } else if (strnlen(value, INET6_ADDRSTRLEN) <
966                                                         INET6_ADDRSTRLEN) {
967                                 vol->UNCip = value;
968                         } else {
969                                 printk(KERN_WARNING "CIFS: ip address "
970                                                     "too long\n");
971                                 return 1;
972                         }
973                 } else if (strnicmp(data, "sec", 3) == 0) {
974                         if (!value || !*value) {
975                                 cERROR(1, "no security value specified");
976                                 continue;
977                         } else if (strnicmp(value, "krb5i", 5) == 0) {
978                                 vol->secFlg |= CIFSSEC_MAY_KRB5 |
979                                         CIFSSEC_MUST_SIGN;
980                         } else if (strnicmp(value, "krb5p", 5) == 0) {
981                                 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
982                                         CIFSSEC_MAY_KRB5; */
983                                 cERROR(1, "Krb5 cifs privacy not supported");
984                                 return 1;
985                         } else if (strnicmp(value, "krb5", 4) == 0) {
986                                 vol->secFlg |= CIFSSEC_MAY_KRB5;
987 #ifdef CONFIG_CIFS_EXPERIMENTAL
988                         } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
989                                 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
990                                         CIFSSEC_MUST_SIGN;
991                         } else if (strnicmp(value, "ntlmssp", 7) == 0) {
992                                 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
993 #endif
994                         } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
995                                 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
996                                         CIFSSEC_MUST_SIGN;
997                         } else if (strnicmp(value, "ntlmv2", 6) == 0) {
998                                 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
999                         } else if (strnicmp(value, "ntlmi", 5) == 0) {
1000                                 vol->secFlg |= CIFSSEC_MAY_NTLM |
1001                                         CIFSSEC_MUST_SIGN;
1002                         } else if (strnicmp(value, "ntlm", 4) == 0) {
1003                                 /* ntlm is default so can be turned off too */
1004                                 vol->secFlg |= CIFSSEC_MAY_NTLM;
1005                         } else if (strnicmp(value, "nontlm", 6) == 0) {
1006                                 /* BB is there a better way to do this? */
1007                                 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1008 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1009                         } else if (strnicmp(value, "lanman", 6) == 0) {
1010                                 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1011 #endif
1012                         } else if (strnicmp(value, "none", 4) == 0) {
1013                                 vol->nullauth = 1;
1014                         } else {
1015                                 cERROR(1, "bad security option: %s", value);
1016                                 return 1;
1017                         }
1018                 } else if ((strnicmp(data, "unc", 3) == 0)
1019                            || (strnicmp(data, "target", 6) == 0)
1020                            || (strnicmp(data, "path", 4) == 0)) {
1021                         if (!value || !*value) {
1022                                 printk(KERN_WARNING "CIFS: invalid path to "
1023                                                     "network resource\n");
1024                                 return 1;       /* needs_arg; */
1025                         }
1026                         if ((temp_len = strnlen(value, 300)) < 300) {
1027                                 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1028                                 if (vol->UNC == NULL)
1029                                         return 1;
1030                                 strcpy(vol->UNC, value);
1031                                 if (strncmp(vol->UNC, "//", 2) == 0) {
1032                                         vol->UNC[0] = '\\';
1033                                         vol->UNC[1] = '\\';
1034                                 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1035                                         printk(KERN_WARNING
1036                                                "CIFS: UNC Path does not begin "
1037                                                "with // or \\\\ \n");
1038                                         return 1;
1039                                 }
1040                         } else {
1041                                 printk(KERN_WARNING "CIFS: UNC name too long\n");
1042                                 return 1;
1043                         }
1044                 } else if ((strnicmp(data, "domain", 3) == 0)
1045                            || (strnicmp(data, "workgroup", 5) == 0)) {
1046                         if (!value || !*value) {
1047                                 printk(KERN_WARNING "CIFS: invalid domain name\n");
1048                                 return 1;       /* needs_arg; */
1049                         }
1050                         /* BB are there cases in which a comma can be valid in
1051                         a domain name and need special handling? */
1052                         if (strnlen(value, 256) < 256) {
1053                                 vol->domainname = value;
1054                                 cFYI(1, "Domain name set");
1055                         } else {
1056                                 printk(KERN_WARNING "CIFS: domain name too "
1057                                                     "long\n");
1058                                 return 1;
1059                         }
1060                 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1061                         vol->srcaddr.ss_family = AF_UNSPEC;
1062
1063                         if (!value || !*value) {
1064                                 printk(KERN_WARNING "CIFS: srcaddr value"
1065                                        " not specified.\n");
1066                                 return 1;       /* needs_arg; */
1067                         }
1068                         i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1069                                                  value, strlen(value));
1070                         if (i == 0) {
1071                                 printk(KERN_WARNING "CIFS:  Could not parse"
1072                                        " srcaddr: %s\n",
1073                                        value);
1074                                 return 1;
1075                         }
1076                 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1077                         if (!value || !*value) {
1078                                 printk(KERN_WARNING
1079                                         "CIFS: invalid path prefix\n");
1080                                 return 1;       /* needs_argument */
1081                         }
1082                         if ((temp_len = strnlen(value, 1024)) < 1024) {
1083                                 if (value[0] != '/')
1084                                         temp_len++;  /* missing leading slash */
1085                                 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1086                                 if (vol->prepath == NULL)
1087                                         return 1;
1088                                 if (value[0] != '/') {
1089                                         vol->prepath[0] = '/';
1090                                         strcpy(vol->prepath+1, value);
1091                                 } else
1092                                         strcpy(vol->prepath, value);
1093                                 cFYI(1, "prefix path %s", vol->prepath);
1094                         } else {
1095                                 printk(KERN_WARNING "CIFS: prefix too long\n");
1096                                 return 1;
1097                         }
1098                 } else if (strnicmp(data, "iocharset", 9) == 0) {
1099                         if (!value || !*value) {
1100                                 printk(KERN_WARNING "CIFS: invalid iocharset "
1101                                                     "specified\n");
1102                                 return 1;       /* needs_arg; */
1103                         }
1104                         if (strnlen(value, 65) < 65) {
1105                                 if (strnicmp(value, "default", 7))
1106                                         vol->iocharset = value;
1107                                 /* if iocharset not set then load_nls_default
1108                                    is used by caller */
1109                                 cFYI(1, "iocharset set to %s", value);
1110                         } else {
1111                                 printk(KERN_WARNING "CIFS: iocharset name "
1112                                                     "too long.\n");
1113                                 return 1;
1114                         }
1115                 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1116                         vol->linux_uid = simple_strtoul(value, &value, 0);
1117                         uid_specified = true;
1118                 } else if (!strnicmp(data, "forceuid", 8)) {
1119                         override_uid = 1;
1120                 } else if (!strnicmp(data, "noforceuid", 10)) {
1121                         override_uid = 0;
1122                 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1123                         vol->linux_gid = simple_strtoul(value, &value, 0);
1124                         gid_specified = true;
1125                 } else if (!strnicmp(data, "forcegid", 8)) {
1126                         override_gid = 1;
1127                 } else if (!strnicmp(data, "noforcegid", 10)) {
1128                         override_gid = 0;
1129                 } else if (strnicmp(data, "file_mode", 4) == 0) {
1130                         if (value && *value) {
1131                                 vol->file_mode =
1132                                         simple_strtoul(value, &value, 0);
1133                         }
1134                 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1135                         if (value && *value) {
1136                                 vol->dir_mode =
1137                                         simple_strtoul(value, &value, 0);
1138                         }
1139                 } else if (strnicmp(data, "dirmode", 4) == 0) {
1140                         if (value && *value) {
1141                                 vol->dir_mode =
1142                                         simple_strtoul(value, &value, 0);
1143                         }
1144                 } else if (strnicmp(data, "port", 4) == 0) {
1145                         if (value && *value) {
1146                                 vol->port =
1147                                         simple_strtoul(value, &value, 0);
1148                         }
1149                 } else if (strnicmp(data, "rsize", 5) == 0) {
1150                         if (value && *value) {
1151                                 vol->rsize =
1152                                         simple_strtoul(value, &value, 0);
1153                         }
1154                 } else if (strnicmp(data, "wsize", 5) == 0) {
1155                         if (value && *value) {
1156                                 vol->wsize =
1157                                         simple_strtoul(value, &value, 0);
1158                         }
1159                 } else if (strnicmp(data, "sockopt", 5) == 0) {
1160                         if (!value || !*value) {
1161                                 cERROR(1, "no socket option specified");
1162                                 continue;
1163                         } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1164                                 vol->sockopt_tcp_nodelay = 1;
1165                         }
1166                 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1167                         if (!value || !*value || (*value == ' ')) {
1168                                 cFYI(1, "invalid (empty) netbiosname");
1169                         } else {
1170                                 memset(vol->source_rfc1001_name, 0x20, 15);
1171                                 for (i = 0; i < 15; i++) {
1172                                 /* BB are there cases in which a comma can be
1173                                 valid in this workstation netbios name (and need
1174                                 special handling)? */
1175
1176                                 /* We do not uppercase netbiosname for user */
1177                                         if (value[i] == 0)
1178                                                 break;
1179                                         else
1180                                                 vol->source_rfc1001_name[i] =
1181                                                                 value[i];
1182                                 }
1183                                 /* The string has 16th byte zero still from
1184                                 set at top of the function  */
1185                                 if ((i == 15) && (value[i] != 0))
1186                                         printk(KERN_WARNING "CIFS: netbiosname"
1187                                                 " longer than 15 truncated.\n");
1188                         }
1189                 } else if (strnicmp(data, "servern", 7) == 0) {
1190                         /* servernetbiosname specified override *SMBSERVER */
1191                         if (!value || !*value || (*value == ' ')) {
1192                                 cFYI(1, "empty server netbiosname specified");
1193                         } else {
1194                                 /* last byte, type, is 0x20 for servr type */
1195                                 memset(vol->target_rfc1001_name, 0x20, 16);
1196
1197                                 for (i = 0; i < 15; i++) {
1198                                 /* BB are there cases in which a comma can be
1199                                    valid in this workstation netbios name
1200                                    (and need special handling)? */
1201
1202                                 /* user or mount helper must uppercase
1203                                    the netbiosname */
1204                                         if (value[i] == 0)
1205                                                 break;
1206                                         else
1207                                                 vol->target_rfc1001_name[i] =
1208                                                                 value[i];
1209                                 }
1210                                 /* The string has 16th byte zero still from
1211                                    set at top of the function  */
1212                                 if ((i == 15) && (value[i] != 0))
1213                                         printk(KERN_WARNING "CIFS: server net"
1214                                         "biosname longer than 15 truncated.\n");
1215                         }
1216                 } else if (strnicmp(data, "credentials", 4) == 0) {
1217                         /* ignore */
1218                 } else if (strnicmp(data, "version", 3) == 0) {
1219                         /* ignore */
1220                 } else if (strnicmp(data, "guest", 5) == 0) {
1221                         /* ignore */
1222                 } else if (strnicmp(data, "rw", 2) == 0) {
1223                         /* ignore */
1224                 } else if (strnicmp(data, "ro", 2) == 0) {
1225                         /* ignore */
1226                 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1227                         vol->noblocksnd = 1;
1228                 } else if (strnicmp(data, "noautotune", 10) == 0) {
1229                         vol->noautotune = 1;
1230                 } else if ((strnicmp(data, "suid", 4) == 0) ||
1231                                    (strnicmp(data, "nosuid", 6) == 0) ||
1232                                    (strnicmp(data, "exec", 4) == 0) ||
1233                                    (strnicmp(data, "noexec", 6) == 0) ||
1234                                    (strnicmp(data, "nodev", 5) == 0) ||
1235                                    (strnicmp(data, "noauto", 6) == 0) ||
1236                                    (strnicmp(data, "dev", 3) == 0)) {
1237                         /*  The mount tool or mount.cifs helper (if present)
1238                             uses these opts to set flags, and the flags are read
1239                             by the kernel vfs layer before we get here (ie
1240                             before read super) so there is no point trying to
1241                             parse these options again and set anything and it
1242                             is ok to just ignore them */
1243                         continue;
1244                 } else if (strnicmp(data, "hard", 4) == 0) {
1245                         vol->retry = 1;
1246                 } else if (strnicmp(data, "soft", 4) == 0) {
1247                         vol->retry = 0;
1248                 } else if (strnicmp(data, "perm", 4) == 0) {
1249                         vol->noperm = 0;
1250                 } else if (strnicmp(data, "noperm", 6) == 0) {
1251                         vol->noperm = 1;
1252                 } else if (strnicmp(data, "mapchars", 8) == 0) {
1253                         vol->remap = 1;
1254                 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1255                         vol->remap = 0;
1256                 } else if (strnicmp(data, "sfu", 3) == 0) {
1257                         vol->sfu_emul = 1;
1258                 } else if (strnicmp(data, "nosfu", 5) == 0) {
1259                         vol->sfu_emul = 0;
1260                 } else if (strnicmp(data, "nodfs", 5) == 0) {
1261                         vol->nodfs = 1;
1262                 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1263                         vol->posix_paths = 1;
1264                 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1265                         vol->posix_paths = 0;
1266                 } else if (strnicmp(data, "nounix", 6) == 0) {
1267                         vol->no_linux_ext = 1;
1268                 } else if (strnicmp(data, "nolinux", 7) == 0) {
1269                         vol->no_linux_ext = 1;
1270                 } else if ((strnicmp(data, "nocase", 6) == 0) ||
1271                            (strnicmp(data, "ignorecase", 10)  == 0)) {
1272                         vol->nocase = 1;
1273                 } else if (strnicmp(data, "mand", 4) == 0) {
1274                         /* ignore */
1275                 } else if (strnicmp(data, "nomand", 6) == 0) {
1276                         /* ignore */
1277                 } else if (strnicmp(data, "_netdev", 7) == 0) {
1278                         /* ignore */
1279                 } else if (strnicmp(data, "brl", 3) == 0) {
1280                         vol->nobrl =  0;
1281                 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1282                            (strnicmp(data, "nolock", 6) == 0)) {
1283                         vol->nobrl =  1;
1284                         /* turn off mandatory locking in mode
1285                         if remote locking is turned off since the
1286                         local vfs will do advisory */
1287                         if (vol->file_mode ==
1288                                 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1289                                 vol->file_mode = S_IALLUGO;
1290                 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1291                         /* will take the shorter form "forcemand" as well */
1292                         /* This mount option will force use of mandatory
1293                           (DOS/Windows style) byte range locks, instead of
1294                           using posix advisory byte range locks, even if the
1295                           Unix extensions are available and posix locks would
1296                           be supported otherwise. If Unix extensions are not
1297                           negotiated this has no effect since mandatory locks
1298                           would be used (mandatory locks is all that those
1299                           those servers support) */
1300                         vol->mand_lock = 1;
1301                 } else if (strnicmp(data, "setuids", 7) == 0) {
1302                         vol->setuids = 1;
1303                 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1304                         vol->setuids = 0;
1305                 } else if (strnicmp(data, "dynperm", 7) == 0) {
1306                         vol->dynperm = true;
1307                 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1308                         vol->dynperm = false;
1309                 } else if (strnicmp(data, "nohard", 6) == 0) {
1310                         vol->retry = 0;
1311                 } else if (strnicmp(data, "nosoft", 6) == 0) {
1312                         vol->retry = 1;
1313                 } else if (strnicmp(data, "nointr", 6) == 0) {
1314                         vol->intr = 0;
1315                 } else if (strnicmp(data, "intr", 4) == 0) {
1316                         vol->intr = 1;
1317                 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1318                         vol->nostrictsync = 1;
1319                 } else if (strnicmp(data, "strictsync", 10) == 0) {
1320                         vol->nostrictsync = 0;
1321                 } else if (strnicmp(data, "serverino", 7) == 0) {
1322                         vol->server_ino = 1;
1323                 } else if (strnicmp(data, "noserverino", 9) == 0) {
1324                         vol->server_ino = 0;
1325                 } else if (strnicmp(data, "cifsacl", 7) == 0) {
1326                         vol->cifs_acl = 1;
1327                 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1328                         vol->cifs_acl = 0;
1329                 } else if (strnicmp(data, "acl", 3) == 0) {
1330                         vol->no_psx_acl = 0;
1331                 } else if (strnicmp(data, "noacl", 5) == 0) {
1332                         vol->no_psx_acl = 1;
1333 #ifdef CONFIG_CIFS_EXPERIMENTAL
1334                 } else if (strnicmp(data, "locallease", 6) == 0) {
1335                         vol->local_lease = 1;
1336 #endif
1337                 } else if (strnicmp(data, "sign", 4) == 0) {
1338                         vol->secFlg |= CIFSSEC_MUST_SIGN;
1339                 } else if (strnicmp(data, "seal", 4) == 0) {
1340                         /* we do not do the following in secFlags because seal
1341                            is a per tree connection (mount) not a per socket
1342                            or per-smb connection option in the protocol */
1343                         /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1344                         vol->seal = 1;
1345                 } else if (strnicmp(data, "direct", 6) == 0) {
1346                         vol->direct_io = 1;
1347                 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1348                         vol->direct_io = 1;
1349                 } else if (strnicmp(data, "noac", 4) == 0) {
1350                         printk(KERN_WARNING "CIFS: Mount option noac not "
1351                                 "supported. Instead set "
1352                                 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1353                 } else if (strnicmp(data, "fsc", 3) == 0) {
1354                         vol->fsc = true;
1355                 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1356                         vol->mfsymlinks = true;
1357                 } else if (strnicmp(data, "multiuser", 8) == 0) {
1358                         vol->multiuser = true;
1359                 } else
1360                         printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1361                                                 data);
1362         }
1363         if (vol->UNC == NULL) {
1364                 if (devname == NULL) {
1365                         printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1366                                                 "target\n");
1367                         return 1;
1368                 }
1369                 if ((temp_len = strnlen(devname, 300)) < 300) {
1370                         vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1371                         if (vol->UNC == NULL)
1372                                 return 1;
1373                         strcpy(vol->UNC, devname);
1374                         if (strncmp(vol->UNC, "//", 2) == 0) {
1375                                 vol->UNC[0] = '\\';
1376                                 vol->UNC[1] = '\\';
1377                         } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1378                                 printk(KERN_WARNING "CIFS: UNC Path does not "
1379                                                     "begin with // or \\\\ \n");
1380                                 return 1;
1381                         }
1382                         value = strpbrk(vol->UNC+2, "/\\");
1383                         if (value)
1384                                 *value = '\\';
1385                 } else {
1386                         printk(KERN_WARNING "CIFS: UNC name too long\n");
1387                         return 1;
1388                 }
1389         }
1390
1391         if (vol->multiuser && !(vol->secFlg & CIFSSEC_MAY_KRB5)) {
1392                 cERROR(1, "Multiuser mounts currently require krb5 "
1393                           "authentication!");
1394                 return 1;
1395         }
1396
1397         if (vol->UNCip == NULL)
1398                 vol->UNCip = &vol->UNC[2];
1399
1400         if (uid_specified)
1401                 vol->override_uid = override_uid;
1402         else if (override_uid == 1)
1403                 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1404                                    "specified with no uid= option.\n");
1405
1406         if (gid_specified)
1407                 vol->override_gid = override_gid;
1408         else if (override_gid == 1)
1409                 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1410                                    "specified with no gid= option.\n");
1411
1412         return 0;
1413 }
1414
1415 /** Returns true if srcaddr isn't specified and rhs isn't
1416  * specified, or if srcaddr is specified and
1417  * matches the IP address of the rhs argument.
1418  */
1419 static bool
1420 srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1421 {
1422         switch (srcaddr->sa_family) {
1423         case AF_UNSPEC:
1424                 return (rhs->sa_family == AF_UNSPEC);
1425         case AF_INET: {
1426                 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1427                 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1428                 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1429         }
1430         case AF_INET6: {
1431                 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1432                 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1433                 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1434         }
1435         default:
1436                 WARN_ON(1);
1437                 return false; /* don't expect to be here */
1438         }
1439 }
1440
1441
1442 static bool
1443 match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1444               struct sockaddr *srcaddr)
1445 {
1446         struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1447         struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1448
1449         switch (addr->sa_family) {
1450         case AF_INET:
1451                 if (addr4->sin_addr.s_addr !=
1452                     server->addr.sockAddr.sin_addr.s_addr)
1453                         return false;
1454                 if (addr4->sin_port &&
1455                     addr4->sin_port != server->addr.sockAddr.sin_port)
1456                         return false;
1457                 break;
1458         case AF_INET6:
1459                 if (!ipv6_addr_equal(&addr6->sin6_addr,
1460                                      &server->addr.sockAddr6.sin6_addr))
1461                         return false;
1462                 if (addr6->sin6_scope_id !=
1463                     server->addr.sockAddr6.sin6_scope_id)
1464                         return false;
1465                 if (addr6->sin6_port &&
1466                     addr6->sin6_port != server->addr.sockAddr6.sin6_port)
1467                         return false;
1468                 break;
1469         }
1470
1471         if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1472                 return false;
1473
1474         return true;
1475 }
1476
1477 static bool
1478 match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1479 {
1480         unsigned int secFlags;
1481
1482         if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1483                 secFlags = vol->secFlg;
1484         else
1485                 secFlags = global_secflags | vol->secFlg;
1486
1487         switch (server->secType) {
1488         case LANMAN:
1489                 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1490                         return false;
1491                 break;
1492         case NTLMv2:
1493                 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1494                         return false;
1495                 break;
1496         case NTLM:
1497                 if (!(secFlags & CIFSSEC_MAY_NTLM))
1498                         return false;
1499                 break;
1500         case Kerberos:
1501                 if (!(secFlags & CIFSSEC_MAY_KRB5))
1502                         return false;
1503                 break;
1504         case RawNTLMSSP:
1505                 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1506                         return false;
1507                 break;
1508         default:
1509                 /* shouldn't happen */
1510                 return false;
1511         }
1512
1513         /* now check if signing mode is acceptible */
1514         if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
1515             (server->secMode & SECMODE_SIGN_REQUIRED))
1516                         return false;
1517         else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
1518                  (server->secMode &
1519                   (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1520                         return false;
1521
1522         return true;
1523 }
1524
1525 static struct TCP_Server_Info *
1526 cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1527 {
1528         struct TCP_Server_Info *server;
1529
1530         spin_lock(&cifs_tcp_ses_lock);
1531         list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
1532                 if (!match_address(server, addr,
1533                                    (struct sockaddr *)&vol->srcaddr))
1534                         continue;
1535
1536                 if (!match_security(server, vol))
1537                         continue;
1538
1539                 ++server->srv_count;
1540                 spin_unlock(&cifs_tcp_ses_lock);
1541                 cFYI(1, "Existing tcp session with server found");
1542                 return server;
1543         }
1544         spin_unlock(&cifs_tcp_ses_lock);
1545         return NULL;
1546 }
1547
1548 static void
1549 cifs_put_tcp_session(struct TCP_Server_Info *server)
1550 {
1551         struct task_struct *task;
1552
1553         spin_lock(&cifs_tcp_ses_lock);
1554         if (--server->srv_count > 0) {
1555                 spin_unlock(&cifs_tcp_ses_lock);
1556                 return;
1557         }
1558
1559         list_del_init(&server->tcp_ses_list);
1560         spin_unlock(&cifs_tcp_ses_lock);
1561
1562         spin_lock(&GlobalMid_Lock);
1563         server->tcpStatus = CifsExiting;
1564         spin_unlock(&GlobalMid_Lock);
1565
1566         cifs_crypto_shash_release(server);
1567         cifs_fscache_release_client_cookie(server);
1568
1569         kfree(server->session_key.response);
1570         server->session_key.response = NULL;
1571         server->session_key.len = 0;
1572
1573         task = xchg(&server->tsk, NULL);
1574         if (task)
1575                 force_sig(SIGKILL, task);
1576 }
1577
1578 static struct TCP_Server_Info *
1579 cifs_get_tcp_session(struct smb_vol *volume_info)
1580 {
1581         struct TCP_Server_Info *tcp_ses = NULL;
1582         struct sockaddr_storage addr;
1583         struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1584         struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1585         int rc;
1586
1587         memset(&addr, 0, sizeof(struct sockaddr_storage));
1588
1589         cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
1590
1591         if (volume_info->UNCip && volume_info->UNC) {
1592                 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1593                                         volume_info->UNCip,
1594                                         strlen(volume_info->UNCip),
1595                                         volume_info->port);
1596                 if (!rc) {
1597                         /* we failed translating address */
1598                         rc = -EINVAL;
1599                         goto out_err;
1600                 }
1601         } else if (volume_info->UNCip) {
1602                 /* BB using ip addr as tcp_ses name to connect to the
1603                    DFS root below */
1604                 cERROR(1, "Connecting to DFS root not implemented yet");
1605                 rc = -EINVAL;
1606                 goto out_err;
1607         } else /* which tcp_sess DFS root would we conect to */ {
1608                 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1609                         "unc=//192.168.1.100/public) specified");
1610                 rc = -EINVAL;
1611                 goto out_err;
1612         }
1613
1614         /* see if we already have a matching tcp_ses */
1615         tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
1616         if (tcp_ses)
1617                 return tcp_ses;
1618
1619         tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1620         if (!tcp_ses) {
1621                 rc = -ENOMEM;
1622                 goto out_err;
1623         }
1624
1625         rc = cifs_crypto_shash_allocate(tcp_ses);
1626         if (rc) {
1627                 cERROR(1, "could not setup hash structures rc %d", rc);
1628                 goto out_err;
1629         }
1630
1631         tcp_ses->hostname = extract_hostname(volume_info->UNC);
1632         if (IS_ERR(tcp_ses->hostname)) {
1633                 rc = PTR_ERR(tcp_ses->hostname);
1634                 goto out_err_crypto_release;
1635         }
1636
1637         tcp_ses->noblocksnd = volume_info->noblocksnd;
1638         tcp_ses->noautotune = volume_info->noautotune;
1639         tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
1640         atomic_set(&tcp_ses->inFlight, 0);
1641         init_waitqueue_head(&tcp_ses->response_q);
1642         init_waitqueue_head(&tcp_ses->request_q);
1643         INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1644         mutex_init(&tcp_ses->srv_mutex);
1645         memcpy(tcp_ses->workstation_RFC1001_name,
1646                 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1647         memcpy(tcp_ses->server_RFC1001_name,
1648                 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1649         tcp_ses->session_estab = false;
1650         tcp_ses->sequence_number = 0;
1651         INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1652         INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
1653
1654         /*
1655          * at this point we are the only ones with the pointer
1656          * to the struct since the kernel thread not created yet
1657          * no need to spinlock this init of tcpStatus or srv_count
1658          */
1659         tcp_ses->tcpStatus = CifsNew;
1660         memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1661                sizeof(tcp_ses->srcaddr));
1662         ++tcp_ses->srv_count;
1663
1664         if (addr.ss_family == AF_INET6) {
1665                 cFYI(1, "attempting ipv6 connect");
1666                 /* BB should we allow ipv6 on port 139? */
1667                 /* other OS never observed in Wild doing 139 with v6 */
1668                 memcpy(&tcp_ses->addr.sockAddr6, sin_server6,
1669                         sizeof(struct sockaddr_in6));
1670                 rc = ipv6_connect(tcp_ses);
1671         } else {
1672                 memcpy(&tcp_ses->addr.sockAddr, sin_server,
1673                         sizeof(struct sockaddr_in));
1674                 rc = ipv4_connect(tcp_ses);
1675         }
1676         if (rc < 0) {
1677                 cERROR(1, "Error connecting to socket. Aborting operation");
1678                 goto out_err_crypto_release;
1679         }
1680
1681         /*
1682          * since we're in a cifs function already, we know that
1683          * this will succeed. No need for try_module_get().
1684          */
1685         __module_get(THIS_MODULE);
1686         tcp_ses->tsk = kthread_run((void *)(void *)cifs_demultiplex_thread,
1687                                   tcp_ses, "cifsd");
1688         if (IS_ERR(tcp_ses->tsk)) {
1689                 rc = PTR_ERR(tcp_ses->tsk);
1690                 cERROR(1, "error %d create cifsd thread", rc);
1691                 module_put(THIS_MODULE);
1692                 goto out_err_crypto_release;
1693         }
1694
1695         /* thread spawned, put it on the list */
1696         spin_lock(&cifs_tcp_ses_lock);
1697         list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
1698         spin_unlock(&cifs_tcp_ses_lock);
1699
1700         cifs_fscache_get_client_cookie(tcp_ses);
1701
1702         return tcp_ses;
1703
1704 out_err_crypto_release:
1705         cifs_crypto_shash_release(tcp_ses);
1706
1707 out_err:
1708         if (tcp_ses) {
1709                 if (!IS_ERR(tcp_ses->hostname))
1710                         kfree(tcp_ses->hostname);
1711                 if (tcp_ses->ssocket)
1712                         sock_release(tcp_ses->ssocket);
1713                 kfree(tcp_ses);
1714         }
1715         return ERR_PTR(rc);
1716 }
1717
1718 static struct cifsSesInfo *
1719 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
1720 {
1721         struct cifsSesInfo *ses;
1722
1723         spin_lock(&cifs_tcp_ses_lock);
1724         list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
1725                 switch (server->secType) {
1726                 case Kerberos:
1727                         if (vol->cred_uid != ses->cred_uid)
1728                                 continue;
1729                         break;
1730                 default:
1731                         /* anything else takes username/password */
1732                         if (strncmp(ses->userName, vol->username,
1733                                     MAX_USERNAME_SIZE))
1734                                 continue;
1735                         if (strlen(vol->username) != 0 &&
1736                             ses->password != NULL &&
1737                             strncmp(ses->password,
1738                                     vol->password ? vol->password : "",
1739                                     MAX_PASSWORD_SIZE))
1740                                 continue;
1741                 }
1742                 ++ses->ses_count;
1743                 spin_unlock(&cifs_tcp_ses_lock);
1744                 return ses;
1745         }
1746         spin_unlock(&cifs_tcp_ses_lock);
1747         return NULL;
1748 }
1749
1750 static void
1751 cifs_put_smb_ses(struct cifsSesInfo *ses)
1752 {
1753         int xid;
1754         struct TCP_Server_Info *server = ses->server;
1755
1756         cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
1757         spin_lock(&cifs_tcp_ses_lock);
1758         if (--ses->ses_count > 0) {
1759                 spin_unlock(&cifs_tcp_ses_lock);
1760                 return;
1761         }
1762
1763         list_del_init(&ses->smb_ses_list);
1764         spin_unlock(&cifs_tcp_ses_lock);
1765
1766         if (ses->status == CifsGood) {
1767                 xid = GetXid();
1768                 CIFSSMBLogoff(xid, ses);
1769                 _FreeXid(xid);
1770         }
1771         sesInfoFree(ses);
1772         cifs_put_tcp_session(server);
1773 }
1774
1775 static struct cifsSesInfo *
1776 cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
1777 {
1778         int rc = -ENOMEM, xid;
1779         struct cifsSesInfo *ses;
1780
1781         xid = GetXid();
1782
1783         ses = cifs_find_smb_ses(server, volume_info);
1784         if (ses) {
1785                 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
1786
1787                 mutex_lock(&ses->session_mutex);
1788                 rc = cifs_negotiate_protocol(xid, ses);
1789                 if (rc) {
1790                         mutex_unlock(&ses->session_mutex);
1791                         /* problem -- put our ses reference */
1792                         cifs_put_smb_ses(ses);
1793                         FreeXid(xid);
1794                         return ERR_PTR(rc);
1795                 }
1796                 if (ses->need_reconnect) {
1797                         cFYI(1, "Session needs reconnect");
1798                         rc = cifs_setup_session(xid, ses,
1799                                                 volume_info->local_nls);
1800                         if (rc) {
1801                                 mutex_unlock(&ses->session_mutex);
1802                                 /* problem -- put our reference */
1803                                 cifs_put_smb_ses(ses);
1804                                 FreeXid(xid);
1805                                 return ERR_PTR(rc);
1806                         }
1807                 }
1808                 mutex_unlock(&ses->session_mutex);
1809
1810                 /* existing SMB ses has a server reference already */
1811                 cifs_put_tcp_session(server);
1812                 FreeXid(xid);
1813                 return ses;
1814         }
1815
1816         cFYI(1, "Existing smb sess not found");
1817         ses = sesInfoAlloc();
1818         if (ses == NULL)
1819                 goto get_ses_fail;
1820
1821         /* new SMB session uses our server ref */
1822         ses->server = server;
1823         if (server->addr.sockAddr6.sin6_family == AF_INET6)
1824                 sprintf(ses->serverName, "%pI6",
1825                         &server->addr.sockAddr6.sin6_addr);
1826         else
1827                 sprintf(ses->serverName, "%pI4",
1828                         &server->addr.sockAddr.sin_addr.s_addr);
1829
1830         if (volume_info->username)
1831                 strncpy(ses->userName, volume_info->username,
1832                         MAX_USERNAME_SIZE);
1833
1834         /* volume_info->password freed at unmount */
1835         if (volume_info->password) {
1836                 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
1837                 if (!ses->password)
1838                         goto get_ses_fail;
1839         }
1840         if (volume_info->domainname) {
1841                 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
1842                 if (!ses->domainName)
1843                         goto get_ses_fail;
1844         }
1845         ses->cred_uid = volume_info->cred_uid;
1846         ses->linux_uid = volume_info->linux_uid;
1847         ses->overrideSecFlg = volume_info->secFlg;
1848
1849         mutex_lock(&ses->session_mutex);
1850         rc = cifs_negotiate_protocol(xid, ses);
1851         if (!rc)
1852                 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
1853         mutex_unlock(&ses->session_mutex);
1854         if (rc)
1855                 goto get_ses_fail;
1856
1857         /* success, put it on the list */
1858         spin_lock(&cifs_tcp_ses_lock);
1859         list_add(&ses->smb_ses_list, &server->smb_ses_list);
1860         spin_unlock(&cifs_tcp_ses_lock);
1861
1862         FreeXid(xid);
1863         return ses;
1864
1865 get_ses_fail:
1866         sesInfoFree(ses);
1867         FreeXid(xid);
1868         return ERR_PTR(rc);
1869 }
1870
1871 static struct cifsTconInfo *
1872 cifs_find_tcon(struct cifsSesInfo *ses, const char *unc)
1873 {
1874         struct list_head *tmp;
1875         struct cifsTconInfo *tcon;
1876
1877         spin_lock(&cifs_tcp_ses_lock);
1878         list_for_each(tmp, &ses->tcon_list) {
1879                 tcon = list_entry(tmp, struct cifsTconInfo, tcon_list);
1880                 if (tcon->tidStatus == CifsExiting)
1881                         continue;
1882                 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
1883                         continue;
1884
1885                 ++tcon->tc_count;
1886                 spin_unlock(&cifs_tcp_ses_lock);
1887                 return tcon;
1888         }
1889         spin_unlock(&cifs_tcp_ses_lock);
1890         return NULL;
1891 }
1892
1893 static void
1894 cifs_put_tcon(struct cifsTconInfo *tcon)
1895 {
1896         int xid;
1897         struct cifsSesInfo *ses = tcon->ses;
1898
1899         cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
1900         spin_lock(&cifs_tcp_ses_lock);
1901         if (--tcon->tc_count > 0) {
1902                 spin_unlock(&cifs_tcp_ses_lock);
1903                 return;
1904         }
1905
1906         list_del_init(&tcon->tcon_list);
1907         spin_unlock(&cifs_tcp_ses_lock);
1908
1909         xid = GetXid();
1910         CIFSSMBTDis(xid, tcon);
1911         _FreeXid(xid);
1912
1913         cifs_fscache_release_super_cookie(tcon);
1914         tconInfoFree(tcon);
1915         cifs_put_smb_ses(ses);
1916 }
1917
1918 static struct cifsTconInfo *
1919 cifs_get_tcon(struct cifsSesInfo *ses, struct smb_vol *volume_info)
1920 {
1921         int rc, xid;
1922         struct cifsTconInfo *tcon;
1923
1924         tcon = cifs_find_tcon(ses, volume_info->UNC);
1925         if (tcon) {
1926                 cFYI(1, "Found match on UNC path");
1927                 /* existing tcon already has a reference */
1928                 cifs_put_smb_ses(ses);
1929                 if (tcon->seal != volume_info->seal)
1930                         cERROR(1, "transport encryption setting "
1931                                    "conflicts with existing tid");
1932                 return tcon;
1933         }
1934
1935         tcon = tconInfoAlloc();
1936         if (tcon == NULL) {
1937                 rc = -ENOMEM;
1938                 goto out_fail;
1939         }
1940
1941         tcon->ses = ses;
1942         if (volume_info->password) {
1943                 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
1944                 if (!tcon->password) {
1945                         rc = -ENOMEM;
1946                         goto out_fail;
1947                 }
1948         }
1949
1950         if (strchr(volume_info->UNC + 3, '\\') == NULL
1951             && strchr(volume_info->UNC + 3, '/') == NULL) {
1952                 cERROR(1, "Missing share name");
1953                 rc = -ENODEV;
1954                 goto out_fail;
1955         }
1956
1957         /* BB Do we need to wrap session_mutex around
1958          * this TCon call and Unix SetFS as
1959          * we do on SessSetup and reconnect? */
1960         xid = GetXid();
1961         rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
1962         FreeXid(xid);
1963         cFYI(1, "CIFS Tcon rc = %d", rc);
1964         if (rc)
1965                 goto out_fail;
1966
1967         if (volume_info->nodfs) {
1968                 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
1969                 cFYI(1, "DFS disabled (%d)", tcon->Flags);
1970         }
1971         tcon->seal = volume_info->seal;
1972         /* we can have only one retry value for a connection
1973            to a share so for resources mounted more than once
1974            to the same server share the last value passed in
1975            for the retry flag is used */
1976         tcon->retry = volume_info->retry;
1977         tcon->nocase = volume_info->nocase;
1978         tcon->local_lease = volume_info->local_lease;
1979
1980         spin_lock(&cifs_tcp_ses_lock);
1981         list_add(&tcon->tcon_list, &ses->tcon_list);
1982         spin_unlock(&cifs_tcp_ses_lock);
1983
1984         cifs_fscache_get_super_cookie(tcon);
1985
1986         return tcon;
1987
1988 out_fail:
1989         tconInfoFree(tcon);
1990         return ERR_PTR(rc);
1991 }
1992
1993 void
1994 cifs_put_tlink(struct tcon_link *tlink)
1995 {
1996         if (!tlink || IS_ERR(tlink))
1997                 return;
1998
1999         if (!atomic_dec_and_test(&tlink->tl_count) ||
2000             test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2001                 tlink->tl_time = jiffies;
2002                 return;
2003         }
2004
2005         if (!IS_ERR(tlink_tcon(tlink)))
2006                 cifs_put_tcon(tlink_tcon(tlink));
2007         kfree(tlink);
2008         return;
2009 }
2010
2011 int
2012 get_dfs_path(int xid, struct cifsSesInfo *pSesInfo, const char *old_path,
2013              const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
2014              struct dfs_info3_param **preferrals, int remap)
2015 {
2016         char *temp_unc;
2017         int rc = 0;
2018
2019         *pnum_referrals = 0;
2020         *preferrals = NULL;
2021
2022         if (pSesInfo->ipc_tid == 0) {
2023                 temp_unc = kmalloc(2 /* for slashes */ +
2024                         strnlen(pSesInfo->serverName,
2025                                 SERVER_NAME_LEN_WITH_NULL * 2)
2026                                  + 1 + 4 /* slash IPC$ */  + 2,
2027                                 GFP_KERNEL);
2028                 if (temp_unc == NULL)
2029                         return -ENOMEM;
2030                 temp_unc[0] = '\\';
2031                 temp_unc[1] = '\\';
2032                 strcpy(temp_unc + 2, pSesInfo->serverName);
2033                 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2034                 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
2035                 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
2036                 kfree(temp_unc);
2037         }
2038         if (rc == 0)
2039                 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
2040                                      pnum_referrals, nls_codepage, remap);
2041         /* BB map targetUNCs to dfs_info3 structures, here or
2042                 in CIFSGetDFSRefer BB */
2043
2044         return rc;
2045 }
2046
2047 #ifdef CONFIG_DEBUG_LOCK_ALLOC
2048 static struct lock_class_key cifs_key[2];
2049 static struct lock_class_key cifs_slock_key[2];
2050
2051 static inline void
2052 cifs_reclassify_socket4(struct socket *sock)
2053 {
2054         struct sock *sk = sock->sk;
2055         BUG_ON(sock_owned_by_user(sk));
2056         sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2057                 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2058 }
2059
2060 static inline void
2061 cifs_reclassify_socket6(struct socket *sock)
2062 {
2063         struct sock *sk = sock->sk;
2064         BUG_ON(sock_owned_by_user(sk));
2065         sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2066                 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2067 }
2068 #else
2069 static inline void
2070 cifs_reclassify_socket4(struct socket *sock)
2071 {
2072 }
2073
2074 static inline void
2075 cifs_reclassify_socket6(struct socket *sock)
2076 {
2077 }
2078 #endif
2079
2080 /* See RFC1001 section 14 on representation of Netbios names */
2081 static void rfc1002mangle(char *target, char *source, unsigned int length)
2082 {
2083         unsigned int i, j;
2084
2085         for (i = 0, j = 0; i < (length); i++) {
2086                 /* mask a nibble at a time and encode */
2087                 target[j] = 'A' + (0x0F & (source[i] >> 4));
2088                 target[j+1] = 'A' + (0x0F & source[i]);
2089                 j += 2;
2090         }
2091
2092 }
2093
2094 static int
2095 bind_socket(struct TCP_Server_Info *server)
2096 {
2097         int rc = 0;
2098         if (server->srcaddr.ss_family != AF_UNSPEC) {
2099                 /* Bind to the specified local IP address */
2100                 struct socket *socket = server->ssocket;
2101                 rc = socket->ops->bind(socket,
2102                                        (struct sockaddr *) &server->srcaddr,
2103                                        sizeof(server->srcaddr));
2104                 if (rc < 0) {
2105                         struct sockaddr_in *saddr4;
2106                         struct sockaddr_in6 *saddr6;
2107                         saddr4 = (struct sockaddr_in *)&server->srcaddr;
2108                         saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2109                         if (saddr6->sin6_family == AF_INET6)
2110                                 cERROR(1, "cifs: "
2111                                        "Failed to bind to: %pI6c, error: %d\n",
2112                                        &saddr6->sin6_addr, rc);
2113                         else
2114                                 cERROR(1, "cifs: "
2115                                        "Failed to bind to: %pI4, error: %d\n",
2116                                        &saddr4->sin_addr.s_addr, rc);
2117                 }
2118         }
2119         return rc;
2120 }
2121
2122 static int
2123 ipv4_connect(struct TCP_Server_Info *server)
2124 {
2125         int rc = 0;
2126         int val;
2127         bool connected = false;
2128         __be16 orig_port = 0;
2129         struct socket *socket = server->ssocket;
2130
2131         if (socket == NULL) {
2132                 rc = sock_create_kern(PF_INET, SOCK_STREAM,
2133                                       IPPROTO_TCP, &socket);
2134                 if (rc < 0) {
2135                         cERROR(1, "Error %d creating socket", rc);
2136                         return rc;
2137                 }
2138
2139                 /* BB other socket options to set KEEPALIVE, NODELAY? */
2140                 cFYI(1, "Socket created");
2141                 server->ssocket = socket;
2142                 socket->sk->sk_allocation = GFP_NOFS;
2143                 cifs_reclassify_socket4(socket);
2144         }
2145
2146         rc = bind_socket(server);
2147         if (rc < 0)
2148                 return rc;
2149
2150         /* user overrode default port */
2151         if (server->addr.sockAddr.sin_port) {
2152                 rc = socket->ops->connect(socket, (struct sockaddr *)
2153                                           &server->addr.sockAddr,
2154                                           sizeof(struct sockaddr_in), 0);
2155                 if (rc >= 0)
2156                         connected = true;
2157         }
2158
2159         if (!connected) {
2160                 /* save original port so we can retry user specified port
2161                         later if fall back ports fail this time  */
2162                 orig_port = server->addr.sockAddr.sin_port;
2163
2164                 /* do not retry on the same port we just failed on */
2165                 if (server->addr.sockAddr.sin_port != htons(CIFS_PORT)) {
2166                         server->addr.sockAddr.sin_port = htons(CIFS_PORT);
2167                         rc = socket->ops->connect(socket,
2168                                                 (struct sockaddr *)
2169                                                 &server->addr.sockAddr,
2170                                                 sizeof(struct sockaddr_in), 0);
2171                         if (rc >= 0)
2172                                 connected = true;
2173                 }
2174         }
2175         if (!connected) {
2176                 server->addr.sockAddr.sin_port = htons(RFC1001_PORT);
2177                 rc = socket->ops->connect(socket, (struct sockaddr *)
2178                                               &server->addr.sockAddr,
2179                                               sizeof(struct sockaddr_in), 0);
2180                 if (rc >= 0)
2181                         connected = true;
2182         }
2183
2184         /* give up here - unless we want to retry on different
2185                 protocol families some day */
2186         if (!connected) {
2187                 if (orig_port)
2188                         server->addr.sockAddr.sin_port = orig_port;
2189                 cFYI(1, "Error %d connecting to server via ipv4", rc);
2190                 sock_release(socket);
2191                 server->ssocket = NULL;
2192                 return rc;
2193         }
2194
2195
2196         /*
2197          * Eventually check for other socket options to change from
2198          *  the default. sock_setsockopt not used because it expects
2199          *  user space buffer
2200          */
2201         socket->sk->sk_rcvtimeo = 7 * HZ;
2202         socket->sk->sk_sndtimeo = 5 * HZ;
2203
2204         /* make the bufsizes depend on wsize/rsize and max requests */
2205         if (server->noautotune) {
2206                 if (socket->sk->sk_sndbuf < (200 * 1024))
2207                         socket->sk->sk_sndbuf = 200 * 1024;
2208                 if (socket->sk->sk_rcvbuf < (140 * 1024))
2209                         socket->sk->sk_rcvbuf = 140 * 1024;
2210         }
2211
2212         if (server->tcp_nodelay) {
2213                 val = 1;
2214                 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2215                                 (char *)&val, sizeof(val));
2216                 if (rc)
2217                         cFYI(1, "set TCP_NODELAY socket option error %d", rc);
2218         }
2219
2220          cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
2221                  socket->sk->sk_sndbuf,
2222                  socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
2223
2224         /* send RFC1001 sessinit */
2225         if (server->addr.sockAddr.sin_port == htons(RFC1001_PORT)) {
2226                 /* some servers require RFC1001 sessinit before sending
2227                 negprot - BB check reconnection in case where second
2228                 sessinit is sent but no second negprot */
2229                 struct rfc1002_session_packet *ses_init_buf;
2230                 struct smb_hdr *smb_buf;
2231                 ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2232                                        GFP_KERNEL);
2233                 if (ses_init_buf) {
2234                         ses_init_buf->trailer.session_req.called_len = 32;
2235                         if (server->server_RFC1001_name &&
2236                             server->server_RFC1001_name[0] != 0)
2237                                 rfc1002mangle(ses_init_buf->trailer.
2238                                                 session_req.called_name,
2239                                               server->server_RFC1001_name,
2240                                               RFC1001_NAME_LEN_WITH_NULL);
2241                         else
2242                                 rfc1002mangle(ses_init_buf->trailer.
2243                                                 session_req.called_name,
2244                                               DEFAULT_CIFS_CALLED_NAME,
2245                                               RFC1001_NAME_LEN_WITH_NULL);
2246
2247                         ses_init_buf->trailer.session_req.calling_len = 32;
2248
2249                         /* calling name ends in null (byte 16) from old smb
2250                         convention. */
2251                         if (server->workstation_RFC1001_name &&
2252                             server->workstation_RFC1001_name[0] != 0)
2253                                 rfc1002mangle(ses_init_buf->trailer.
2254                                                 session_req.calling_name,
2255                                               server->workstation_RFC1001_name,
2256                                               RFC1001_NAME_LEN_WITH_NULL);
2257                         else
2258                                 rfc1002mangle(ses_init_buf->trailer.
2259                                                 session_req.calling_name,
2260                                               "LINUX_CIFS_CLNT",
2261                                               RFC1001_NAME_LEN_WITH_NULL);
2262
2263                         ses_init_buf->trailer.session_req.scope1 = 0;
2264                         ses_init_buf->trailer.session_req.scope2 = 0;
2265                         smb_buf = (struct smb_hdr *)ses_init_buf;
2266                         /* sizeof RFC1002_SESSION_REQUEST with no scope */
2267                         smb_buf->smb_buf_length = 0x81000044;
2268                         rc = smb_send(server, smb_buf, 0x44);
2269                         kfree(ses_init_buf);
2270                         msleep(1); /* RFC1001 layer in at least one server
2271                                       requires very short break before negprot
2272                                       presumably because not expecting negprot
2273                                       to follow so fast.  This is a simple
2274                                       solution that works without
2275                                       complicating the code and causes no
2276                                       significant slowing down on mount
2277                                       for everyone else */
2278                 }
2279                 /* else the negprot may still work without this
2280                 even though malloc failed */
2281
2282         }
2283
2284         return rc;
2285 }
2286
2287 static int
2288 ipv6_connect(struct TCP_Server_Info *server)
2289 {
2290         int rc = 0;
2291         int val;
2292         bool connected = false;
2293         __be16 orig_port = 0;
2294         struct socket *socket = server->ssocket;
2295
2296         if (socket == NULL) {
2297                 rc = sock_create_kern(PF_INET6, SOCK_STREAM,
2298                                       IPPROTO_TCP, &socket);
2299                 if (rc < 0) {
2300                         cERROR(1, "Error %d creating ipv6 socket", rc);
2301                         socket = NULL;
2302                         return rc;
2303                 }
2304
2305                 /* BB other socket options to set KEEPALIVE, NODELAY? */
2306                 cFYI(1, "ipv6 Socket created");
2307                 server->ssocket = socket;
2308                 socket->sk->sk_allocation = GFP_NOFS;
2309                 cifs_reclassify_socket6(socket);
2310         }
2311
2312         rc = bind_socket(server);
2313         if (rc < 0)
2314                 return rc;
2315
2316         /* user overrode default port */
2317         if (server->addr.sockAddr6.sin6_port) {
2318                 rc = socket->ops->connect(socket,
2319                                 (struct sockaddr *) &server->addr.sockAddr6,
2320                                 sizeof(struct sockaddr_in6), 0);
2321                 if (rc >= 0)
2322                         connected = true;
2323         }
2324
2325         if (!connected) {
2326                 /* save original port so we can retry user specified port
2327                         later if fall back ports fail this time  */
2328
2329                 orig_port = server->addr.sockAddr6.sin6_port;
2330                 /* do not retry on the same port we just failed on */
2331                 if (server->addr.sockAddr6.sin6_port != htons(CIFS_PORT)) {
2332                         server->addr.sockAddr6.sin6_port = htons(CIFS_PORT);
2333                         rc = socket->ops->connect(socket, (struct sockaddr *)
2334                                         &server->addr.sockAddr6,
2335                                         sizeof(struct sockaddr_in6), 0);
2336                         if (rc >= 0)
2337                                 connected = true;
2338                 }
2339         }
2340         if (!connected) {
2341                 server->addr.sockAddr6.sin6_port = htons(RFC1001_PORT);
2342                 rc = socket->ops->connect(socket, (struct sockaddr *)
2343                                 &server->addr.sockAddr6,
2344                                 sizeof(struct sockaddr_in6), 0);
2345                 if (rc >= 0)
2346                         connected = true;
2347         }
2348
2349         /* give up here - unless we want to retry on different
2350                 protocol families some day */
2351         if (!connected) {
2352                 if (orig_port)
2353                         server->addr.sockAddr6.sin6_port = orig_port;
2354                 cFYI(1, "Error %d connecting to server via ipv6", rc);
2355                 sock_release(socket);
2356                 server->ssocket = NULL;
2357                 return rc;
2358         }
2359
2360         /*
2361          * Eventually check for other socket options to change from
2362          * the default. sock_setsockopt not used because it expects
2363          * user space buffer
2364          */
2365         socket->sk->sk_rcvtimeo = 7 * HZ;
2366         socket->sk->sk_sndtimeo = 5 * HZ;
2367
2368         if (server->tcp_nodelay) {
2369                 val = 1;
2370                 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2371                                 (char *)&val, sizeof(val));
2372                 if (rc)
2373                         cFYI(1, "set TCP_NODELAY socket option error %d", rc);
2374         }
2375
2376         server->ssocket = socket;
2377
2378         return rc;
2379 }
2380
2381 void reset_cifs_unix_caps(int xid, struct cifsTconInfo *tcon,
2382                           struct super_block *sb, struct smb_vol *vol_info)
2383 {
2384         /* if we are reconnecting then should we check to see if
2385          * any requested capabilities changed locally e.g. via
2386          * remount but we can not do much about it here
2387          * if they have (even if we could detect it by the following)
2388          * Perhaps we could add a backpointer to array of sb from tcon
2389          * or if we change to make all sb to same share the same
2390          * sb as NFS - then we only have one backpointer to sb.
2391          * What if we wanted to mount the server share twice once with
2392          * and once without posixacls or posix paths? */
2393         __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2394
2395         if (vol_info && vol_info->no_linux_ext) {
2396                 tcon->fsUnixInfo.Capability = 0;
2397                 tcon->unix_ext = 0; /* Unix Extensions disabled */
2398                 cFYI(1, "Linux protocol extensions disabled");
2399                 return;
2400         } else if (vol_info)
2401                 tcon->unix_ext = 1; /* Unix Extensions supported */
2402
2403         if (tcon->unix_ext == 0) {
2404                 cFYI(1, "Unix extensions disabled so not set on reconnect");
2405                 return;
2406         }
2407
2408         if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
2409                 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2410
2411                 /* check for reconnect case in which we do not
2412                    want to change the mount behavior if we can avoid it */
2413                 if (vol_info == NULL) {
2414                         /* turn off POSIX ACL and PATHNAMES if not set
2415                            originally at mount time */
2416                         if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2417                                 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2418                         if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2419                                 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2420                                         cERROR(1, "POSIXPATH support change");
2421                                 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2422                         } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2423                                 cERROR(1, "possible reconnect error");
2424                                 cERROR(1, "server disabled POSIX path support");
2425                         }
2426                 }
2427
2428                 cap &= CIFS_UNIX_CAP_MASK;
2429                 if (vol_info && vol_info->no_psx_acl)
2430                         cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2431                 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
2432                         cFYI(1, "negotiated posix acl support");
2433                         if (sb)
2434                                 sb->s_flags |= MS_POSIXACL;
2435                 }
2436
2437                 if (vol_info && vol_info->posix_paths == 0)
2438                         cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2439                 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
2440                         cFYI(1, "negotiate posix pathnames");
2441                         if (sb)
2442                                 CIFS_SB(sb)->mnt_cifs_flags |=
2443                                         CIFS_MOUNT_POSIX_PATHS;
2444                 }
2445
2446                 /* We might be setting the path sep back to a different
2447                 form if we are reconnecting and the server switched its
2448                 posix path capability for this share */
2449                 if (sb && (CIFS_SB(sb)->prepathlen > 0))
2450                         CIFS_SB(sb)->prepath[0] = CIFS_DIR_SEP(CIFS_SB(sb));
2451
2452                 if (sb && (CIFS_SB(sb)->rsize > 127 * 1024)) {
2453                         if ((cap & CIFS_UNIX_LARGE_READ_CAP) == 0) {
2454                                 CIFS_SB(sb)->rsize = 127 * 1024;
2455                                 cFYI(DBG2, "larger reads not supported by srv");
2456                         }
2457                 }
2458
2459
2460                 cFYI(1, "Negotiate caps 0x%x", (int)cap);
2461 #ifdef CONFIG_CIFS_DEBUG2
2462                 if (cap & CIFS_UNIX_FCNTL_CAP)
2463                         cFYI(1, "FCNTL cap");
2464                 if (cap & CIFS_UNIX_EXTATTR_CAP)
2465                         cFYI(1, "EXTATTR cap");
2466                 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2467                         cFYI(1, "POSIX path cap");
2468                 if (cap & CIFS_UNIX_XATTR_CAP)
2469                         cFYI(1, "XATTR cap");
2470                 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
2471                         cFYI(1, "POSIX ACL cap");
2472                 if (cap & CIFS_UNIX_LARGE_READ_CAP)
2473                         cFYI(1, "very large read cap");
2474                 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
2475                         cFYI(1, "very large write cap");
2476 #endif /* CIFS_DEBUG2 */
2477                 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
2478                         if (vol_info == NULL) {
2479                                 cFYI(1, "resetting capabilities failed");
2480                         } else
2481                                 cERROR(1, "Negotiating Unix capabilities "
2482                                            "with the server failed.  Consider "
2483                                            "mounting with the Unix Extensions\n"
2484                                            "disabled, if problems are found, "
2485                                            "by specifying the nounix mount "
2486                                            "option.");
2487
2488                 }
2489         }
2490 }
2491
2492 static void
2493 convert_delimiter(char *path, char delim)
2494 {
2495         int i;
2496         char old_delim;
2497
2498         if (path == NULL)
2499                 return;
2500
2501         if (delim == '/')
2502                 old_delim = '\\';
2503         else
2504                 old_delim = '/';
2505
2506         for (i = 0; path[i] != '\0'; i++) {
2507                 if (path[i] == old_delim)
2508                         path[i] = delim;
2509         }
2510 }
2511
2512 static void setup_cifs_sb(struct smb_vol *pvolume_info,
2513                           struct cifs_sb_info *cifs_sb)
2514 {
2515         INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2516
2517         if (pvolume_info->rsize > CIFSMaxBufSize) {
2518                 cERROR(1, "rsize %d too large, using MaxBufSize",
2519                         pvolume_info->rsize);
2520                 cifs_sb->rsize = CIFSMaxBufSize;
2521         } else if ((pvolume_info->rsize) &&
2522                         (pvolume_info->rsize <= CIFSMaxBufSize))
2523                 cifs_sb->rsize = pvolume_info->rsize;
2524         else /* default */
2525                 cifs_sb->rsize = CIFSMaxBufSize;
2526
2527         if (pvolume_info->wsize > PAGEVEC_SIZE * PAGE_CACHE_SIZE) {
2528                 cERROR(1, "wsize %d too large, using 4096 instead",
2529                           pvolume_info->wsize);
2530                 cifs_sb->wsize = 4096;
2531         } else if (pvolume_info->wsize)
2532                 cifs_sb->wsize = pvolume_info->wsize;
2533         else
2534                 cifs_sb->wsize = min_t(const int,
2535                                         PAGEVEC_SIZE * PAGE_CACHE_SIZE,
2536                                         127*1024);
2537                 /* old default of CIFSMaxBufSize was too small now
2538                    that SMB Write2 can send multiple pages in kvec.
2539                    RFC1001 does not describe what happens when frame
2540                    bigger than 128K is sent so use that as max in
2541                    conjunction with 52K kvec constraint on arch with 4K
2542                    page size  */
2543
2544         if (cifs_sb->rsize < 2048) {
2545                 cifs_sb->rsize = 2048;
2546                 /* Windows ME may prefer this */
2547                 cFYI(1, "readsize set to minimum: 2048");
2548         }
2549         /* calculate prepath */
2550         cifs_sb->prepath = pvolume_info->prepath;
2551         if (cifs_sb->prepath) {
2552                 cifs_sb->prepathlen = strlen(cifs_sb->prepath);
2553                 /* we can not convert the / to \ in the path
2554                 separators in the prefixpath yet because we do not
2555                 know (until reset_cifs_unix_caps is called later)
2556                 whether POSIX PATH CAP is available. We normalize
2557                 the / to \ after reset_cifs_unix_caps is called */
2558                 pvolume_info->prepath = NULL;
2559         } else
2560                 cifs_sb->prepathlen = 0;
2561         cifs_sb->mnt_uid = pvolume_info->linux_uid;
2562         cifs_sb->mnt_gid = pvolume_info->linux_gid;
2563         cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2564         cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
2565         cFYI(1, "file mode: 0x%x  dir mode: 0x%x",
2566                 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
2567
2568         if (pvolume_info->noperm)
2569                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2570         if (pvolume_info->setuids)
2571                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2572         if (pvolume_info->server_ino)
2573                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2574         if (pvolume_info->remap)
2575                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2576         if (pvolume_info->no_xattr)
2577                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2578         if (pvolume_info->sfu_emul)
2579                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2580         if (pvolume_info->nobrl)
2581                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
2582         if (pvolume_info->nostrictsync)
2583                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
2584         if (pvolume_info->mand_lock)
2585                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
2586         if (pvolume_info->cifs_acl)
2587                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
2588         if (pvolume_info->override_uid)
2589                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
2590         if (pvolume_info->override_gid)
2591                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
2592         if (pvolume_info->dynperm)
2593                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
2594         if (pvolume_info->fsc)
2595                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
2596         if (pvolume_info->multiuser)
2597                 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
2598                                             CIFS_MOUNT_NO_PERM);
2599         if (pvolume_info->direct_io) {
2600                 cFYI(1, "mounting share using direct i/o");
2601                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
2602         }
2603         if (pvolume_info->mfsymlinks) {
2604                 if (pvolume_info->sfu_emul) {
2605                         cERROR(1,  "mount option mfsymlinks ignored if sfu "
2606                                    "mount option is used");
2607                 } else {
2608                         cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
2609                 }
2610         }
2611
2612         if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
2613                 cERROR(1, "mount option dynperm ignored if cifsacl "
2614                            "mount option supported");
2615 }
2616
2617 static int
2618 is_path_accessible(int xid, struct cifsTconInfo *tcon,
2619                    struct cifs_sb_info *cifs_sb, const char *full_path)
2620 {
2621         int rc;
2622         FILE_ALL_INFO *pfile_info;
2623
2624         pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
2625         if (pfile_info == NULL)
2626                 return -ENOMEM;
2627
2628         rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
2629                               0 /* not legacy */, cifs_sb->local_nls,
2630                               cifs_sb->mnt_cifs_flags &
2631                                 CIFS_MOUNT_MAP_SPECIAL_CHR);
2632         kfree(pfile_info);
2633         return rc;
2634 }
2635
2636 static void
2637 cleanup_volume_info(struct smb_vol **pvolume_info)
2638 {
2639         struct smb_vol *volume_info;
2640
2641         if (!pvolume_info || !*pvolume_info)
2642                 return;
2643
2644         volume_info = *pvolume_info;
2645         kzfree(volume_info->password);
2646         kfree(volume_info->UNC);
2647         kfree(volume_info->prepath);
2648         kfree(volume_info);
2649         *pvolume_info = NULL;
2650         return;
2651 }
2652
2653 #ifdef CONFIG_CIFS_DFS_UPCALL
2654 /* build_path_to_root returns full path to root when
2655  * we do not have an exiting connection (tcon) */
2656 static char *
2657 build_unc_path_to_root(const struct smb_vol *volume_info,
2658                 const struct cifs_sb_info *cifs_sb)
2659 {
2660         char *full_path;
2661
2662         int unc_len = strnlen(volume_info->UNC, MAX_TREE_SIZE + 1);
2663         full_path = kmalloc(unc_len + cifs_sb->prepathlen + 1, GFP_KERNEL);
2664         if (full_path == NULL)
2665                 return ERR_PTR(-ENOMEM);
2666
2667         strncpy(full_path, volume_info->UNC, unc_len);
2668         if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) {
2669                 int i;
2670                 for (i = 0; i < unc_len; i++) {
2671                         if (full_path[i] == '\\')
2672                                 full_path[i] = '/';
2673                 }
2674         }
2675
2676         if (cifs_sb->prepathlen)
2677                 strncpy(full_path + unc_len, cifs_sb->prepath,
2678                                 cifs_sb->prepathlen);
2679
2680         full_path[unc_len + cifs_sb->prepathlen] = 0; /* add trailing null */
2681         return full_path;
2682 }
2683 #endif
2684
2685 int
2686 cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
2687                 char *mount_data_global, const char *devname)
2688 {
2689         int rc;
2690         int xid;
2691         struct smb_vol *volume_info;
2692         struct cifsSesInfo *pSesInfo;
2693         struct cifsTconInfo *tcon;
2694         struct TCP_Server_Info *srvTcp;
2695         char   *full_path;
2696         char *mount_data = mount_data_global;
2697         struct tcon_link *tlink;
2698 #ifdef CONFIG_CIFS_DFS_UPCALL
2699         struct dfs_info3_param *referrals = NULL;
2700         unsigned int num_referrals = 0;
2701         int referral_walks_count = 0;
2702 try_mount_again:
2703 #endif
2704         rc = 0;
2705         tcon = NULL;
2706         pSesInfo = NULL;
2707         srvTcp = NULL;
2708         full_path = NULL;
2709         tlink = NULL;
2710
2711         xid = GetXid();
2712
2713         volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
2714         if (!volume_info) {
2715                 rc = -ENOMEM;
2716                 goto out;
2717         }
2718
2719         if (cifs_parse_mount_options(mount_data, devname, volume_info)) {
2720                 rc = -EINVAL;
2721                 goto out;
2722         }
2723
2724         if (volume_info->nullauth) {
2725                 cFYI(1, "null user");
2726                 volume_info->username = "";
2727         } else if (volume_info->username) {
2728                 /* BB fixme parse for domain name here */
2729                 cFYI(1, "Username: %s", volume_info->username);
2730         } else {
2731                 cifserror("No username specified");
2732         /* In userspace mount helper we can get user name from alternate
2733            locations such as env variables and files on disk */
2734                 rc = -EINVAL;
2735                 goto out;
2736         }
2737
2738         /* this is needed for ASCII cp to Unicode converts */
2739         if (volume_info->iocharset == NULL) {
2740                 /* load_nls_default cannot return null */
2741                 volume_info->local_nls = load_nls_default();
2742         } else {
2743                 volume_info->local_nls = load_nls(volume_info->iocharset);
2744                 if (volume_info->local_nls == NULL) {
2745                         cERROR(1, "CIFS mount error: iocharset %s not found",
2746                                  volume_info->iocharset);
2747                         rc = -ELIBACC;
2748                         goto out;
2749                 }
2750         }
2751         cifs_sb->local_nls = volume_info->local_nls;
2752
2753         /* get a reference to a tcp session */
2754         srvTcp = cifs_get_tcp_session(volume_info);
2755         if (IS_ERR(srvTcp)) {
2756                 rc = PTR_ERR(srvTcp);
2757                 goto out;
2758         }
2759
2760         /* get a reference to a SMB session */
2761         pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
2762         if (IS_ERR(pSesInfo)) {
2763                 rc = PTR_ERR(pSesInfo);
2764                 pSesInfo = NULL;
2765                 goto mount_fail_check;
2766         }
2767
2768         setup_cifs_sb(volume_info, cifs_sb);
2769         if (pSesInfo->capabilities & CAP_LARGE_FILES)
2770                 sb->s_maxbytes = MAX_LFS_FILESIZE;
2771         else
2772                 sb->s_maxbytes = MAX_NON_LFS;
2773
2774         /* BB FIXME fix time_gran to be larger for LANMAN sessions */
2775         sb->s_time_gran = 100;
2776
2777         /* search for existing tcon to this server share */
2778         tcon = cifs_get_tcon(pSesInfo, volume_info);
2779         if (IS_ERR(tcon)) {
2780                 rc = PTR_ERR(tcon);
2781                 tcon = NULL;
2782                 goto remote_path_check;
2783         }
2784
2785         /* do not care if following two calls succeed - informational */
2786         if (!tcon->ipc) {
2787                 CIFSSMBQFSDeviceInfo(xid, tcon);
2788                 CIFSSMBQFSAttributeInfo(xid, tcon);
2789         }
2790
2791         /* tell server which Unix caps we support */
2792         if (tcon->ses->capabilities & CAP_UNIX)
2793                 /* reset of caps checks mount to see if unix extensions
2794                    disabled for just this mount */
2795                 reset_cifs_unix_caps(xid, tcon, sb, volume_info);
2796         else
2797                 tcon->unix_ext = 0; /* server does not support them */
2798
2799         /* convert forward to back slashes in prepath here if needed */
2800         if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) == 0)
2801                 convert_delimiter(cifs_sb->prepath, CIFS_DIR_SEP(cifs_sb));
2802
2803         if ((tcon->unix_ext == 0) && (cifs_sb->rsize > (1024 * 127))) {
2804                 cifs_sb->rsize = 1024 * 127;
2805                 cFYI(DBG2, "no very large read support, rsize now 127K");
2806         }
2807         if (!(tcon->ses->capabilities & CAP_LARGE_WRITE_X))
2808                 cifs_sb->wsize = min(cifs_sb->wsize,
2809                                (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
2810         if (!(tcon->ses->capabilities & CAP_LARGE_READ_X))
2811                 cifs_sb->rsize = min(cifs_sb->rsize,
2812                                (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
2813
2814 remote_path_check:
2815         /* check if a whole path (including prepath) is not remote */
2816         if (!rc && cifs_sb->prepathlen && tcon) {
2817                 /* build_path_to_root works only when we have a valid tcon */
2818                 full_path = cifs_build_path_to_root(cifs_sb);
2819                 if (full_path == NULL) {
2820                         rc = -ENOMEM;
2821                         goto mount_fail_check;
2822                 }
2823                 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
2824                 if (rc != -EREMOTE) {
2825                         kfree(full_path);
2826                         goto mount_fail_check;
2827                 }
2828                 kfree(full_path);
2829         }
2830
2831         /* get referral if needed */
2832         if (rc == -EREMOTE) {
2833 #ifdef CONFIG_CIFS_DFS_UPCALL
2834                 if (referral_walks_count > MAX_NESTED_LINKS) {
2835                         /*
2836                          * BB: when we implement proper loop detection,
2837                          *     we will remove this check. But now we need it
2838                          *     to prevent an indefinite loop if 'DFS tree' is
2839                          *     misconfigured (i.e. has loops).
2840                          */
2841                         rc = -ELOOP;
2842                         goto mount_fail_check;
2843                 }
2844                 /* convert forward to back slashes in prepath here if needed */
2845                 if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) == 0)
2846                         convert_delimiter(cifs_sb->prepath,
2847                                         CIFS_DIR_SEP(cifs_sb));
2848                 full_path = build_unc_path_to_root(volume_info, cifs_sb);
2849                 if (IS_ERR(full_path)) {
2850                         rc = PTR_ERR(full_path);
2851                         goto mount_fail_check;
2852                 }
2853
2854                 cFYI(1, "Getting referral for: %s", full_path);
2855                 rc = get_dfs_path(xid, pSesInfo , full_path + 1,
2856                         cifs_sb->local_nls, &num_referrals, &referrals,
2857                         cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
2858                 if (!rc && num_referrals > 0) {
2859                         char *fake_devname = NULL;
2860
2861                         if (mount_data != mount_data_global)
2862                                 kfree(mount_data);
2863
2864                         mount_data = cifs_compose_mount_options(
2865                                         cifs_sb->mountdata, full_path + 1,
2866                                         referrals, &fake_devname);
2867
2868                         free_dfs_info_array(referrals, num_referrals);
2869                         kfree(fake_devname);
2870                         kfree(full_path);
2871
2872                         if (IS_ERR(mount_data)) {
2873                                 rc = PTR_ERR(mount_data);
2874                                 mount_data = NULL;
2875                                 goto mount_fail_check;
2876                         }
2877
2878                         if (tcon)
2879                                 cifs_put_tcon(tcon);
2880                         else if (pSesInfo)
2881                                 cifs_put_smb_ses(pSesInfo);
2882
2883                         cleanup_volume_info(&volume_info);
2884                         referral_walks_count++;
2885                         FreeXid(xid);
2886                         goto try_mount_again;
2887                 }
2888 #else /* No DFS support, return error on mount */
2889                 rc = -EOPNOTSUPP;
2890 #endif
2891         }
2892
2893         if (rc)
2894                 goto mount_fail_check;
2895
2896         /* now, hang the tcon off of the superblock */
2897         tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
2898         if (tlink == NULL) {
2899                 rc = -ENOMEM;
2900                 goto mount_fail_check;
2901         }
2902
2903         tlink->tl_index = pSesInfo->linux_uid;
2904         tlink->tl_tcon = tcon;
2905         tlink->tl_time = jiffies;
2906         set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
2907         set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
2908
2909         rc = radix_tree_preload(GFP_KERNEL);
2910         if (rc == -ENOMEM) {
2911                 kfree(tlink);
2912                 goto mount_fail_check;
2913         }
2914
2915         spin_lock(&cifs_sb->tlink_tree_lock);
2916         radix_tree_insert(&cifs_sb->tlink_tree, pSesInfo->linux_uid, tlink);
2917         radix_tree_tag_set(&cifs_sb->tlink_tree, pSesInfo->linux_uid,
2918                            CIFS_TLINK_MASTER_TAG);
2919         spin_unlock(&cifs_sb->tlink_tree_lock);
2920         radix_tree_preload_end();
2921
2922         queue_delayed_work(system_nrt_wq, &cifs_sb->prune_tlinks,
2923                                 TLINK_IDLE_EXPIRE);
2924
2925 mount_fail_check:
2926         /* on error free sesinfo and tcon struct if needed */
2927         if (rc) {
2928                 if (mount_data != mount_data_global)
2929                         kfree(mount_data);
2930                 /* If find_unc succeeded then rc == 0 so we can not end */
2931                 /* up accidently freeing someone elses tcon struct */
2932                 if (tcon)
2933                         cifs_put_tcon(tcon);
2934                 else if (pSesInfo)
2935                         cifs_put_smb_ses(pSesInfo);
2936                 else
2937                         cifs_put_tcp_session(srvTcp);
2938                 goto out;
2939         }
2940
2941         /* volume_info->password is freed above when existing session found
2942         (in which case it is not needed anymore) but when new sesion is created
2943         the password ptr is put in the new session structure (in which case the
2944         password will be freed at unmount time) */
2945 out:
2946         /* zero out password before freeing */
2947         cleanup_volume_info(&volume_info);
2948         FreeXid(xid);
2949         return rc;
2950 }
2951
2952 int
2953 CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
2954          const char *tree, struct cifsTconInfo *tcon,
2955          const struct nls_table *nls_codepage)
2956 {
2957         struct smb_hdr *smb_buffer;
2958         struct smb_hdr *smb_buffer_response;
2959         TCONX_REQ *pSMB;
2960         TCONX_RSP *pSMBr;
2961         unsigned char *bcc_ptr;
2962         int rc = 0;
2963         int length, bytes_left;
2964         __u16 count;
2965
2966         if (ses == NULL)
2967                 return -EIO;
2968
2969         smb_buffer = cifs_buf_get();
2970         if (smb_buffer == NULL)
2971                 return -ENOMEM;
2972
2973         smb_buffer_response = smb_buffer;
2974
2975         header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
2976                         NULL /*no tid */ , 4 /*wct */ );
2977
2978         smb_buffer->Mid = GetNextMid(ses->server);
2979         smb_buffer->Uid = ses->Suid;
2980         pSMB = (TCONX_REQ *) smb_buffer;
2981         pSMBr = (TCONX_RSP *) smb_buffer_response;
2982
2983         pSMB->AndXCommand = 0xFF;
2984         pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
2985         bcc_ptr = &pSMB->Password[0];
2986         if ((ses->server->secMode) & SECMODE_USER) {
2987                 pSMB->PasswordLength = cpu_to_le16(1);  /* minimum */
2988                 *bcc_ptr = 0; /* password is null byte */
2989                 bcc_ptr++;              /* skip password */
2990                 /* already aligned so no need to do it below */
2991         } else {
2992                 pSMB->PasswordLength = cpu_to_le16(CIFS_SESS_KEY_SIZE);
2993                 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
2994                    specified as required (when that support is added to