Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/gerg/m68knommu
[~shefty/rdma-dev.git] / fs / cifs / connect.c
1 /*
2  *   fs/cifs/connect.c
3  *
4  *   Copyright (C) International Business Machines  Corp., 2002,2009
5  *   Author(s): Steve French (sfrench@us.ibm.com)
6  *
7  *   This library is free software; you can redistribute it and/or modify
8  *   it under the terms of the GNU Lesser General Public License as published
9  *   by the Free Software Foundation; either version 2.1 of the License, or
10  *   (at your option) any later version.
11  *
12  *   This library is distributed in the hope that it will be useful,
13  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
14  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
15  *   the GNU Lesser General Public License for more details.
16  *
17  *   You should have received a copy of the GNU Lesser General Public License
18  *   along with this library; if not, write to the Free Software
19  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20  */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/slab.h>
27 #include <linux/pagemap.h>
28 #include <linux/ctype.h>
29 #include <linux/utsname.h>
30 #include <linux/mempool.h>
31 #include <linux/delay.h>
32 #include <linux/completion.h>
33 #include <linux/kthread.h>
34 #include <linux/pagevec.h>
35 #include <linux/freezer.h>
36 #include <linux/namei.h>
37 #include <asm/uaccess.h>
38 #include <asm/processor.h>
39 #include <linux/inet.h>
40 #include <linux/module.h>
41 #include <keys/user-type.h>
42 #include <net/ipv6.h>
43 #include <linux/parser.h>
44
45 #include "cifspdu.h"
46 #include "cifsglob.h"
47 #include "cifsproto.h"
48 #include "cifs_unicode.h"
49 #include "cifs_debug.h"
50 #include "cifs_fs_sb.h"
51 #include "ntlmssp.h"
52 #include "nterr.h"
53 #include "rfc1002pdu.h"
54 #include "fscache.h"
55
56 #define CIFS_PORT 445
57 #define RFC1001_PORT 139
58
59 /* SMB echo "timeout" -- FIXME: tunable? */
60 #define SMB_ECHO_INTERVAL (60 * HZ)
61
62 extern mempool_t *cifs_req_poolp;
63
64 /* FIXME: should these be tunable? */
65 #define TLINK_ERROR_EXPIRE      (1 * HZ)
66 #define TLINK_IDLE_EXPIRE       (600 * HZ)
67
68 enum {
69
70         /* Mount options that take no arguments */
71         Opt_user_xattr, Opt_nouser_xattr,
72         Opt_forceuid, Opt_noforceuid,
73         Opt_noblocksend, Opt_noautotune,
74         Opt_hard, Opt_soft, Opt_perm, Opt_noperm,
75         Opt_mapchars, Opt_nomapchars, Opt_sfu,
76         Opt_nosfu, Opt_nodfs, Opt_posixpaths,
77         Opt_noposixpaths, Opt_nounix,
78         Opt_nocase,
79         Opt_brl, Opt_nobrl,
80         Opt_forcemandatorylock, Opt_setuids,
81         Opt_nosetuids, Opt_dynperm, Opt_nodynperm,
82         Opt_nohard, Opt_nosoft,
83         Opt_nointr, Opt_intr,
84         Opt_nostrictsync, Opt_strictsync,
85         Opt_serverino, Opt_noserverino,
86         Opt_rwpidforward, Opt_cifsacl, Opt_nocifsacl,
87         Opt_acl, Opt_noacl, Opt_locallease,
88         Opt_sign, Opt_seal, Opt_direct,
89         Opt_strictcache, Opt_noac,
90         Opt_fsc, Opt_mfsymlinks,
91         Opt_multiuser, Opt_sloppy,
92
93         /* Mount options which take numeric value */
94         Opt_backupuid, Opt_backupgid, Opt_uid,
95         Opt_cruid, Opt_gid, Opt_file_mode,
96         Opt_dirmode, Opt_port,
97         Opt_rsize, Opt_wsize, Opt_actimeo,
98
99         /* Mount options which take string value */
100         Opt_user, Opt_pass, Opt_ip,
101         Opt_unc, Opt_domain,
102         Opt_srcaddr, Opt_prefixpath,
103         Opt_iocharset, Opt_sockopt,
104         Opt_netbiosname, Opt_servern,
105         Opt_ver, Opt_sec,
106
107         /* Mount options to be ignored */
108         Opt_ignore,
109
110         /* Options which could be blank */
111         Opt_blank_pass,
112         Opt_blank_user,
113         Opt_blank_ip,
114
115         Opt_err
116 };
117
118 static const match_table_t cifs_mount_option_tokens = {
119
120         { Opt_user_xattr, "user_xattr" },
121         { Opt_nouser_xattr, "nouser_xattr" },
122         { Opt_forceuid, "forceuid" },
123         { Opt_noforceuid, "noforceuid" },
124         { Opt_noblocksend, "noblocksend" },
125         { Opt_noautotune, "noautotune" },
126         { Opt_hard, "hard" },
127         { Opt_soft, "soft" },
128         { Opt_perm, "perm" },
129         { Opt_noperm, "noperm" },
130         { Opt_mapchars, "mapchars" },
131         { Opt_nomapchars, "nomapchars" },
132         { Opt_sfu, "sfu" },
133         { Opt_nosfu, "nosfu" },
134         { Opt_nodfs, "nodfs" },
135         { Opt_posixpaths, "posixpaths" },
136         { Opt_noposixpaths, "noposixpaths" },
137         { Opt_nounix, "nounix" },
138         { Opt_nounix, "nolinux" },
139         { Opt_nocase, "nocase" },
140         { Opt_nocase, "ignorecase" },
141         { Opt_brl, "brl" },
142         { Opt_nobrl, "nobrl" },
143         { Opt_nobrl, "nolock" },
144         { Opt_forcemandatorylock, "forcemandatorylock" },
145         { Opt_forcemandatorylock, "forcemand" },
146         { Opt_setuids, "setuids" },
147         { Opt_nosetuids, "nosetuids" },
148         { Opt_dynperm, "dynperm" },
149         { Opt_nodynperm, "nodynperm" },
150         { Opt_nohard, "nohard" },
151         { Opt_nosoft, "nosoft" },
152         { Opt_nointr, "nointr" },
153         { Opt_intr, "intr" },
154         { Opt_nostrictsync, "nostrictsync" },
155         { Opt_strictsync, "strictsync" },
156         { Opt_serverino, "serverino" },
157         { Opt_noserverino, "noserverino" },
158         { Opt_rwpidforward, "rwpidforward" },
159         { Opt_cifsacl, "cifsacl" },
160         { Opt_nocifsacl, "nocifsacl" },
161         { Opt_acl, "acl" },
162         { Opt_noacl, "noacl" },
163         { Opt_locallease, "locallease" },
164         { Opt_sign, "sign" },
165         { Opt_seal, "seal" },
166         { Opt_direct, "direct" },
167         { Opt_direct, "forceddirectio" },
168         { Opt_strictcache, "strictcache" },
169         { Opt_noac, "noac" },
170         { Opt_fsc, "fsc" },
171         { Opt_mfsymlinks, "mfsymlinks" },
172         { Opt_multiuser, "multiuser" },
173         { Opt_sloppy, "sloppy" },
174
175         { Opt_backupuid, "backupuid=%s" },
176         { Opt_backupgid, "backupgid=%s" },
177         { Opt_uid, "uid=%s" },
178         { Opt_cruid, "cruid=%s" },
179         { Opt_gid, "gid=%s" },
180         { Opt_file_mode, "file_mode=%s" },
181         { Opt_dirmode, "dirmode=%s" },
182         { Opt_dirmode, "dir_mode=%s" },
183         { Opt_port, "port=%s" },
184         { Opt_rsize, "rsize=%s" },
185         { Opt_wsize, "wsize=%s" },
186         { Opt_actimeo, "actimeo=%s" },
187
188         { Opt_blank_user, "user=" },
189         { Opt_blank_user, "username=" },
190         { Opt_user, "user=%s" },
191         { Opt_user, "username=%s" },
192         { Opt_blank_pass, "pass=" },
193         { Opt_pass, "pass=%s" },
194         { Opt_pass, "password=%s" },
195         { Opt_blank_ip, "ip=" },
196         { Opt_blank_ip, "addr=" },
197         { Opt_ip, "ip=%s" },
198         { Opt_ip, "addr=%s" },
199         { Opt_unc, "unc=%s" },
200         { Opt_unc, "target=%s" },
201         { Opt_unc, "path=%s" },
202         { Opt_domain, "dom=%s" },
203         { Opt_domain, "domain=%s" },
204         { Opt_domain, "workgroup=%s" },
205         { Opt_srcaddr, "srcaddr=%s" },
206         { Opt_prefixpath, "prefixpath=%s" },
207         { Opt_iocharset, "iocharset=%s" },
208         { Opt_sockopt, "sockopt=%s" },
209         { Opt_netbiosname, "netbiosname=%s" },
210         { Opt_servern, "servern=%s" },
211         { Opt_ver, "ver=%s" },
212         { Opt_ver, "vers=%s" },
213         { Opt_ver, "version=%s" },
214         { Opt_sec, "sec=%s" },
215
216         { Opt_ignore, "cred" },
217         { Opt_ignore, "credentials" },
218         { Opt_ignore, "guest" },
219         { Opt_ignore, "rw" },
220         { Opt_ignore, "ro" },
221         { Opt_ignore, "suid" },
222         { Opt_ignore, "nosuid" },
223         { Opt_ignore, "exec" },
224         { Opt_ignore, "noexec" },
225         { Opt_ignore, "nodev" },
226         { Opt_ignore, "noauto" },
227         { Opt_ignore, "dev" },
228         { Opt_ignore, "mand" },
229         { Opt_ignore, "nomand" },
230         { Opt_ignore, "_netdev" },
231
232         { Opt_err, NULL }
233 };
234
235 enum {
236         Opt_sec_krb5, Opt_sec_krb5i, Opt_sec_krb5p,
237         Opt_sec_ntlmsspi, Opt_sec_ntlmssp,
238         Opt_ntlm, Opt_sec_ntlmi, Opt_sec_ntlmv2i,
239         Opt_sec_nontlm, Opt_sec_lanman,
240         Opt_sec_none,
241
242         Opt_sec_err
243 };
244
245 static const match_table_t cifs_secflavor_tokens = {
246         { Opt_sec_krb5, "krb5" },
247         { Opt_sec_krb5i, "krb5i" },
248         { Opt_sec_krb5p, "krb5p" },
249         { Opt_sec_ntlmsspi, "ntlmsspi" },
250         { Opt_sec_ntlmssp, "ntlmssp" },
251         { Opt_ntlm, "ntlm" },
252         { Opt_sec_ntlmi, "ntlmi" },
253         { Opt_sec_ntlmv2i, "ntlmv2i" },
254         { Opt_sec_nontlm, "nontlm" },
255         { Opt_sec_lanman, "lanman" },
256         { Opt_sec_none, "none" },
257
258         { Opt_sec_err, NULL }
259 };
260
261 static int ip_connect(struct TCP_Server_Info *server);
262 static int generic_ip_connect(struct TCP_Server_Info *server);
263 static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
264 static void cifs_prune_tlinks(struct work_struct *work);
265 static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
266                                         const char *devname);
267
268 /*
269  * cifs tcp session reconnection
270  *
271  * mark tcp session as reconnecting so temporarily locked
272  * mark all smb sessions as reconnecting for tcp session
273  * reconnect tcp session
274  * wake up waiters on reconnection? - (not needed currently)
275  */
276 static int
277 cifs_reconnect(struct TCP_Server_Info *server)
278 {
279         int rc = 0;
280         struct list_head *tmp, *tmp2;
281         struct cifs_ses *ses;
282         struct cifs_tcon *tcon;
283         struct mid_q_entry *mid_entry;
284         struct list_head retry_list;
285
286         spin_lock(&GlobalMid_Lock);
287         if (server->tcpStatus == CifsExiting) {
288                 /* the demux thread will exit normally
289                 next time through the loop */
290                 spin_unlock(&GlobalMid_Lock);
291                 return rc;
292         } else
293                 server->tcpStatus = CifsNeedReconnect;
294         spin_unlock(&GlobalMid_Lock);
295         server->maxBuf = 0;
296
297         cFYI(1, "Reconnecting tcp session");
298
299         /* before reconnecting the tcp session, mark the smb session (uid)
300                 and the tid bad so they are not used until reconnected */
301         cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
302         spin_lock(&cifs_tcp_ses_lock);
303         list_for_each(tmp, &server->smb_ses_list) {
304                 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
305                 ses->need_reconnect = true;
306                 ses->ipc_tid = 0;
307                 list_for_each(tmp2, &ses->tcon_list) {
308                         tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
309                         tcon->need_reconnect = true;
310                 }
311         }
312         spin_unlock(&cifs_tcp_ses_lock);
313
314         /* do not want to be sending data on a socket we are freeing */
315         cFYI(1, "%s: tearing down socket", __func__);
316         mutex_lock(&server->srv_mutex);
317         if (server->ssocket) {
318                 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
319                         server->ssocket->flags);
320                 kernel_sock_shutdown(server->ssocket, SHUT_WR);
321                 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
322                         server->ssocket->state,
323                         server->ssocket->flags);
324                 sock_release(server->ssocket);
325                 server->ssocket = NULL;
326         }
327         server->sequence_number = 0;
328         server->session_estab = false;
329         kfree(server->session_key.response);
330         server->session_key.response = NULL;
331         server->session_key.len = 0;
332         server->lstrp = jiffies;
333         mutex_unlock(&server->srv_mutex);
334
335         /* mark submitted MIDs for retry and issue callback */
336         INIT_LIST_HEAD(&retry_list);
337         cFYI(1, "%s: moving mids to private list", __func__);
338         spin_lock(&GlobalMid_Lock);
339         list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
340                 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
341                 if (mid_entry->mid_state == MID_REQUEST_SUBMITTED)
342                         mid_entry->mid_state = MID_RETRY_NEEDED;
343                 list_move(&mid_entry->qhead, &retry_list);
344         }
345         spin_unlock(&GlobalMid_Lock);
346
347         cFYI(1, "%s: issuing mid callbacks", __func__);
348         list_for_each_safe(tmp, tmp2, &retry_list) {
349                 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
350                 list_del_init(&mid_entry->qhead);
351                 mid_entry->callback(mid_entry);
352         }
353
354         do {
355                 try_to_freeze();
356
357                 /* we should try only the port we connected to before */
358                 rc = generic_ip_connect(server);
359                 if (rc) {
360                         cFYI(1, "reconnect error %d", rc);
361                         msleep(3000);
362                 } else {
363                         atomic_inc(&tcpSesReconnectCount);
364                         spin_lock(&GlobalMid_Lock);
365                         if (server->tcpStatus != CifsExiting)
366                                 server->tcpStatus = CifsNeedNegotiate;
367                         spin_unlock(&GlobalMid_Lock);
368                 }
369         } while (server->tcpStatus == CifsNeedReconnect);
370
371         return rc;
372 }
373
374 /*
375         return codes:
376                 0       not a transact2, or all data present
377                 >0      transact2 with that much data missing
378                 -EINVAL = invalid transact2
379
380  */
381 static int check2ndT2(char *buf)
382 {
383         struct smb_hdr *pSMB = (struct smb_hdr *)buf;
384         struct smb_t2_rsp *pSMBt;
385         int remaining;
386         __u16 total_data_size, data_in_this_rsp;
387
388         if (pSMB->Command != SMB_COM_TRANSACTION2)
389                 return 0;
390
391         /* check for plausible wct, bcc and t2 data and parm sizes */
392         /* check for parm and data offset going beyond end of smb */
393         if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
394                 cFYI(1, "invalid transact2 word count");
395                 return -EINVAL;
396         }
397
398         pSMBt = (struct smb_t2_rsp *)pSMB;
399
400         total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
401         data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
402
403         if (total_data_size == data_in_this_rsp)
404                 return 0;
405         else if (total_data_size < data_in_this_rsp) {
406                 cFYI(1, "total data %d smaller than data in frame %d",
407                         total_data_size, data_in_this_rsp);
408                 return -EINVAL;
409         }
410
411         remaining = total_data_size - data_in_this_rsp;
412
413         cFYI(1, "missing %d bytes from transact2, check next response",
414                 remaining);
415         if (total_data_size > CIFSMaxBufSize) {
416                 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
417                         total_data_size, CIFSMaxBufSize);
418                 return -EINVAL;
419         }
420         return remaining;
421 }
422
423 static int coalesce_t2(char *second_buf, struct smb_hdr *target_hdr)
424 {
425         struct smb_t2_rsp *pSMBs = (struct smb_t2_rsp *)second_buf;
426         struct smb_t2_rsp *pSMBt  = (struct smb_t2_rsp *)target_hdr;
427         char *data_area_of_tgt;
428         char *data_area_of_src;
429         int remaining;
430         unsigned int byte_count, total_in_tgt;
431         __u16 tgt_total_cnt, src_total_cnt, total_in_src;
432
433         src_total_cnt = get_unaligned_le16(&pSMBs->t2_rsp.TotalDataCount);
434         tgt_total_cnt = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
435
436         if (tgt_total_cnt != src_total_cnt)
437                 cFYI(1, "total data count of primary and secondary t2 differ "
438                         "source=%hu target=%hu", src_total_cnt, tgt_total_cnt);
439
440         total_in_tgt = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
441
442         remaining = tgt_total_cnt - total_in_tgt;
443
444         if (remaining < 0) {
445                 cFYI(1, "Server sent too much data. tgt_total_cnt=%hu "
446                         "total_in_tgt=%hu", tgt_total_cnt, total_in_tgt);
447                 return -EPROTO;
448         }
449
450         if (remaining == 0) {
451                 /* nothing to do, ignore */
452                 cFYI(1, "no more data remains");
453                 return 0;
454         }
455
456         total_in_src = get_unaligned_le16(&pSMBs->t2_rsp.DataCount);
457         if (remaining < total_in_src)
458                 cFYI(1, "transact2 2nd response contains too much data");
459
460         /* find end of first SMB data area */
461         data_area_of_tgt = (char *)&pSMBt->hdr.Protocol +
462                                 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
463
464         /* validate target area */
465         data_area_of_src = (char *)&pSMBs->hdr.Protocol +
466                                 get_unaligned_le16(&pSMBs->t2_rsp.DataOffset);
467
468         data_area_of_tgt += total_in_tgt;
469
470         total_in_tgt += total_in_src;
471         /* is the result too big for the field? */
472         if (total_in_tgt > USHRT_MAX) {
473                 cFYI(1, "coalesced DataCount too large (%u)", total_in_tgt);
474                 return -EPROTO;
475         }
476         put_unaligned_le16(total_in_tgt, &pSMBt->t2_rsp.DataCount);
477
478         /* fix up the BCC */
479         byte_count = get_bcc(target_hdr);
480         byte_count += total_in_src;
481         /* is the result too big for the field? */
482         if (byte_count > USHRT_MAX) {
483                 cFYI(1, "coalesced BCC too large (%u)", byte_count);
484                 return -EPROTO;
485         }
486         put_bcc(byte_count, target_hdr);
487
488         byte_count = be32_to_cpu(target_hdr->smb_buf_length);
489         byte_count += total_in_src;
490         /* don't allow buffer to overflow */
491         if (byte_count > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
492                 cFYI(1, "coalesced BCC exceeds buffer size (%u)", byte_count);
493                 return -ENOBUFS;
494         }
495         target_hdr->smb_buf_length = cpu_to_be32(byte_count);
496
497         /* copy second buffer into end of first buffer */
498         memcpy(data_area_of_tgt, data_area_of_src, total_in_src);
499
500         if (remaining != total_in_src) {
501                 /* more responses to go */
502                 cFYI(1, "waiting for more secondary responses");
503                 return 1;
504         }
505
506         /* we are done */
507         cFYI(1, "found the last secondary response");
508         return 0;
509 }
510
511 static void
512 cifs_echo_request(struct work_struct *work)
513 {
514         int rc;
515         struct TCP_Server_Info *server = container_of(work,
516                                         struct TCP_Server_Info, echo.work);
517
518         /*
519          * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
520          * done, which is indicated by maxBuf != 0. Also, no need to ping if
521          * we got a response recently
522          */
523         if (server->maxBuf == 0 ||
524             time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
525                 goto requeue_echo;
526
527         rc = CIFSSMBEcho(server);
528         if (rc)
529                 cFYI(1, "Unable to send echo request to server: %s",
530                         server->hostname);
531
532 requeue_echo:
533         queue_delayed_work(cifsiod_wq, &server->echo, SMB_ECHO_INTERVAL);
534 }
535
536 static bool
537 allocate_buffers(struct TCP_Server_Info *server)
538 {
539         if (!server->bigbuf) {
540                 server->bigbuf = (char *)cifs_buf_get();
541                 if (!server->bigbuf) {
542                         cERROR(1, "No memory for large SMB response");
543                         msleep(3000);
544                         /* retry will check if exiting */
545                         return false;
546                 }
547         } else if (server->large_buf) {
548                 /* we are reusing a dirty large buf, clear its start */
549                 memset(server->bigbuf, 0, header_size());
550         }
551
552         if (!server->smallbuf) {
553                 server->smallbuf = (char *)cifs_small_buf_get();
554                 if (!server->smallbuf) {
555                         cERROR(1, "No memory for SMB response");
556                         msleep(1000);
557                         /* retry will check if exiting */
558                         return false;
559                 }
560                 /* beginning of smb buffer is cleared in our buf_get */
561         } else {
562                 /* if existing small buf clear beginning */
563                 memset(server->smallbuf, 0, header_size());
564         }
565
566         return true;
567 }
568
569 static bool
570 server_unresponsive(struct TCP_Server_Info *server)
571 {
572         /*
573          * We need to wait 2 echo intervals to make sure we handle such
574          * situations right:
575          * 1s  client sends a normal SMB request
576          * 2s  client gets a response
577          * 30s echo workqueue job pops, and decides we got a response recently
578          *     and don't need to send another
579          * ...
580          * 65s kernel_recvmsg times out, and we see that we haven't gotten
581          *     a response in >60s.
582          */
583         if (server->tcpStatus == CifsGood &&
584             time_after(jiffies, server->lstrp + 2 * SMB_ECHO_INTERVAL)) {
585                 cERROR(1, "Server %s has not responded in %d seconds. "
586                           "Reconnecting...", server->hostname,
587                           (2 * SMB_ECHO_INTERVAL) / HZ);
588                 cifs_reconnect(server);
589                 wake_up(&server->response_q);
590                 return true;
591         }
592
593         return false;
594 }
595
596 /*
597  * kvec_array_init - clone a kvec array, and advance into it
598  * @new:        pointer to memory for cloned array
599  * @iov:        pointer to original array
600  * @nr_segs:    number of members in original array
601  * @bytes:      number of bytes to advance into the cloned array
602  *
603  * This function will copy the array provided in iov to a section of memory
604  * and advance the specified number of bytes into the new array. It returns
605  * the number of segments in the new array. "new" must be at least as big as
606  * the original iov array.
607  */
608 static unsigned int
609 kvec_array_init(struct kvec *new, struct kvec *iov, unsigned int nr_segs,
610                 size_t bytes)
611 {
612         size_t base = 0;
613
614         while (bytes || !iov->iov_len) {
615                 int copy = min(bytes, iov->iov_len);
616
617                 bytes -= copy;
618                 base += copy;
619                 if (iov->iov_len == base) {
620                         iov++;
621                         nr_segs--;
622                         base = 0;
623                 }
624         }
625         memcpy(new, iov, sizeof(*iov) * nr_segs);
626         new->iov_base += base;
627         new->iov_len -= base;
628         return nr_segs;
629 }
630
631 static struct kvec *
632 get_server_iovec(struct TCP_Server_Info *server, unsigned int nr_segs)
633 {
634         struct kvec *new_iov;
635
636         if (server->iov && nr_segs <= server->nr_iov)
637                 return server->iov;
638
639         /* not big enough -- allocate a new one and release the old */
640         new_iov = kmalloc(sizeof(*new_iov) * nr_segs, GFP_NOFS);
641         if (new_iov) {
642                 kfree(server->iov);
643                 server->iov = new_iov;
644                 server->nr_iov = nr_segs;
645         }
646         return new_iov;
647 }
648
649 int
650 cifs_readv_from_socket(struct TCP_Server_Info *server, struct kvec *iov_orig,
651                        unsigned int nr_segs, unsigned int to_read)
652 {
653         int length = 0;
654         int total_read;
655         unsigned int segs;
656         struct msghdr smb_msg;
657         struct kvec *iov;
658
659         iov = get_server_iovec(server, nr_segs);
660         if (!iov)
661                 return -ENOMEM;
662
663         smb_msg.msg_control = NULL;
664         smb_msg.msg_controllen = 0;
665
666         for (total_read = 0; to_read; total_read += length, to_read -= length) {
667                 try_to_freeze();
668
669                 if (server_unresponsive(server)) {
670                         total_read = -EAGAIN;
671                         break;
672                 }
673
674                 segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
675
676                 length = kernel_recvmsg(server->ssocket, &smb_msg,
677                                         iov, segs, to_read, 0);
678
679                 if (server->tcpStatus == CifsExiting) {
680                         total_read = -ESHUTDOWN;
681                         break;
682                 } else if (server->tcpStatus == CifsNeedReconnect) {
683                         cifs_reconnect(server);
684                         total_read = -EAGAIN;
685                         break;
686                 } else if (length == -ERESTARTSYS ||
687                            length == -EAGAIN ||
688                            length == -EINTR) {
689                         /*
690                          * Minimum sleep to prevent looping, allowing socket
691                          * to clear and app threads to set tcpStatus
692                          * CifsNeedReconnect if server hung.
693                          */
694                         usleep_range(1000, 2000);
695                         length = 0;
696                         continue;
697                 } else if (length <= 0) {
698                         cFYI(1, "Received no data or error: expecting %d "
699                                 "got %d", to_read, length);
700                         cifs_reconnect(server);
701                         total_read = -EAGAIN;
702                         break;
703                 }
704         }
705         return total_read;
706 }
707
708 int
709 cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
710                       unsigned int to_read)
711 {
712         struct kvec iov;
713
714         iov.iov_base = buf;
715         iov.iov_len = to_read;
716
717         return cifs_readv_from_socket(server, &iov, 1, to_read);
718 }
719
720 static bool
721 is_smb_response(struct TCP_Server_Info *server, unsigned char type)
722 {
723         /*
724          * The first byte big endian of the length field,
725          * is actually not part of the length but the type
726          * with the most common, zero, as regular data.
727          */
728         switch (type) {
729         case RFC1002_SESSION_MESSAGE:
730                 /* Regular SMB response */
731                 return true;
732         case RFC1002_SESSION_KEEP_ALIVE:
733                 cFYI(1, "RFC 1002 session keep alive");
734                 break;
735         case RFC1002_POSITIVE_SESSION_RESPONSE:
736                 cFYI(1, "RFC 1002 positive session response");
737                 break;
738         case RFC1002_NEGATIVE_SESSION_RESPONSE:
739                 /*
740                  * We get this from Windows 98 instead of an error on
741                  * SMB negprot response.
742                  */
743                 cFYI(1, "RFC 1002 negative session response");
744                 /* give server a second to clean up */
745                 msleep(1000);
746                 /*
747                  * Always try 445 first on reconnect since we get NACK
748                  * on some if we ever connected to port 139 (the NACK
749                  * is since we do not begin with RFC1001 session
750                  * initialize frame).
751                  */
752                 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
753                 cifs_reconnect(server);
754                 wake_up(&server->response_q);
755                 break;
756         default:
757                 cERROR(1, "RFC 1002 unknown response type 0x%x", type);
758                 cifs_reconnect(server);
759         }
760
761         return false;
762 }
763
764 static struct mid_q_entry *
765 find_mid(struct TCP_Server_Info *server, char *buffer)
766 {
767         struct smb_hdr *buf = (struct smb_hdr *)buffer;
768         struct mid_q_entry *mid;
769
770         spin_lock(&GlobalMid_Lock);
771         list_for_each_entry(mid, &server->pending_mid_q, qhead) {
772                 if (mid->mid == buf->Mid &&
773                     mid->mid_state == MID_REQUEST_SUBMITTED &&
774                     le16_to_cpu(mid->command) == buf->Command) {
775                         spin_unlock(&GlobalMid_Lock);
776                         return mid;
777                 }
778         }
779         spin_unlock(&GlobalMid_Lock);
780         return NULL;
781 }
782
783 void
784 dequeue_mid(struct mid_q_entry *mid, bool malformed)
785 {
786 #ifdef CONFIG_CIFS_STATS2
787         mid->when_received = jiffies;
788 #endif
789         spin_lock(&GlobalMid_Lock);
790         if (!malformed)
791                 mid->mid_state = MID_RESPONSE_RECEIVED;
792         else
793                 mid->mid_state = MID_RESPONSE_MALFORMED;
794         list_del_init(&mid->qhead);
795         spin_unlock(&GlobalMid_Lock);
796 }
797
798 static void
799 handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
800            char *buf, int malformed)
801 {
802         if (malformed == 0 && check2ndT2(buf) > 0) {
803                 mid->multiRsp = true;
804                 if (mid->resp_buf) {
805                         /* merge response - fix up 1st*/
806                         malformed = coalesce_t2(buf, mid->resp_buf);
807                         if (malformed > 0)
808                                 return;
809
810                         /* All parts received or packet is malformed. */
811                         mid->multiEnd = true;
812                         return dequeue_mid(mid, malformed);
813                 }
814                 if (!server->large_buf) {
815                         /*FIXME: switch to already allocated largebuf?*/
816                         cERROR(1, "1st trans2 resp needs bigbuf");
817                 } else {
818                         /* Have first buffer */
819                         mid->resp_buf = buf;
820                         mid->large_buf = true;
821                         server->bigbuf = NULL;
822                 }
823                 return;
824         }
825         mid->resp_buf = buf;
826         mid->large_buf = server->large_buf;
827         /* Was previous buf put in mpx struct for multi-rsp? */
828         if (!mid->multiRsp) {
829                 /* smb buffer will be freed by user thread */
830                 if (server->large_buf)
831                         server->bigbuf = NULL;
832                 else
833                         server->smallbuf = NULL;
834         }
835         dequeue_mid(mid, malformed);
836 }
837
838 static void clean_demultiplex_info(struct TCP_Server_Info *server)
839 {
840         int length;
841
842         /* take it off the list, if it's not already */
843         spin_lock(&cifs_tcp_ses_lock);
844         list_del_init(&server->tcp_ses_list);
845         spin_unlock(&cifs_tcp_ses_lock);
846
847         spin_lock(&GlobalMid_Lock);
848         server->tcpStatus = CifsExiting;
849         spin_unlock(&GlobalMid_Lock);
850         wake_up_all(&server->response_q);
851
852         /* check if we have blocked requests that need to free */
853         spin_lock(&server->req_lock);
854         if (server->credits <= 0)
855                 server->credits = 1;
856         spin_unlock(&server->req_lock);
857         /*
858          * Although there should not be any requests blocked on this queue it
859          * can not hurt to be paranoid and try to wake up requests that may
860          * haven been blocked when more than 50 at time were on the wire to the
861          * same server - they now will see the session is in exit state and get
862          * out of SendReceive.
863          */
864         wake_up_all(&server->request_q);
865         /* give those requests time to exit */
866         msleep(125);
867
868         if (server->ssocket) {
869                 sock_release(server->ssocket);
870                 server->ssocket = NULL;
871         }
872
873         if (!list_empty(&server->pending_mid_q)) {
874                 struct list_head dispose_list;
875                 struct mid_q_entry *mid_entry;
876                 struct list_head *tmp, *tmp2;
877
878                 INIT_LIST_HEAD(&dispose_list);
879                 spin_lock(&GlobalMid_Lock);
880                 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
881                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
882                         cFYI(1, "Clearing mid 0x%llx", mid_entry->mid);
883                         mid_entry->mid_state = MID_SHUTDOWN;
884                         list_move(&mid_entry->qhead, &dispose_list);
885                 }
886                 spin_unlock(&GlobalMid_Lock);
887
888                 /* now walk dispose list and issue callbacks */
889                 list_for_each_safe(tmp, tmp2, &dispose_list) {
890                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
891                         cFYI(1, "Callback mid 0x%llx", mid_entry->mid);
892                         list_del_init(&mid_entry->qhead);
893                         mid_entry->callback(mid_entry);
894                 }
895                 /* 1/8th of sec is more than enough time for them to exit */
896                 msleep(125);
897         }
898
899         if (!list_empty(&server->pending_mid_q)) {
900                 /*
901                  * mpx threads have not exited yet give them at least the smb
902                  * send timeout time for long ops.
903                  *
904                  * Due to delays on oplock break requests, we need to wait at
905                  * least 45 seconds before giving up on a request getting a
906                  * response and going ahead and killing cifsd.
907                  */
908                 cFYI(1, "Wait for exit from demultiplex thread");
909                 msleep(46000);
910                 /*
911                  * If threads still have not exited they are probably never
912                  * coming home not much else we can do but free the memory.
913                  */
914         }
915
916         kfree(server->hostname);
917         kfree(server->iov);
918         kfree(server);
919
920         length = atomic_dec_return(&tcpSesAllocCount);
921         if (length > 0)
922                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
923                                 GFP_KERNEL);
924 }
925
926 static int
927 standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
928 {
929         int length;
930         char *buf = server->smallbuf;
931         unsigned int pdu_length = get_rfc1002_length(buf);
932
933         /* make sure this will fit in a large buffer */
934         if (pdu_length > CIFSMaxBufSize + max_header_size() - 4) {
935                 cERROR(1, "SMB response too long (%u bytes)",
936                         pdu_length);
937                 cifs_reconnect(server);
938                 wake_up(&server->response_q);
939                 return -EAGAIN;
940         }
941
942         /* switch to large buffer if too big for a small one */
943         if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
944                 server->large_buf = true;
945                 memcpy(server->bigbuf, buf, server->total_read);
946                 buf = server->bigbuf;
947         }
948
949         /* now read the rest */
950         length = cifs_read_from_socket(server, buf + header_size() - 1,
951                                        pdu_length - header_size() + 1 + 4);
952         if (length < 0)
953                 return length;
954         server->total_read += length;
955
956         dump_smb(buf, server->total_read);
957
958         /*
959          * We know that we received enough to get to the MID as we
960          * checked the pdu_length earlier. Now check to see
961          * if the rest of the header is OK. We borrow the length
962          * var for the rest of the loop to avoid a new stack var.
963          *
964          * 48 bytes is enough to display the header and a little bit
965          * into the payload for debugging purposes.
966          */
967         length = checkSMB(buf, server->total_read);
968         if (length != 0)
969                 cifs_dump_mem("Bad SMB: ", buf,
970                         min_t(unsigned int, server->total_read, 48));
971
972         if (!mid)
973                 return length;
974
975         handle_mid(mid, server, buf, length);
976         return 0;
977 }
978
979 static int
980 cifs_demultiplex_thread(void *p)
981 {
982         int length;
983         struct TCP_Server_Info *server = p;
984         unsigned int pdu_length;
985         char *buf = NULL;
986         struct task_struct *task_to_wake = NULL;
987         struct mid_q_entry *mid_entry;
988
989         current->flags |= PF_MEMALLOC;
990         cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
991
992         length = atomic_inc_return(&tcpSesAllocCount);
993         if (length > 1)
994                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
995                                 GFP_KERNEL);
996
997         set_freezable();
998         while (server->tcpStatus != CifsExiting) {
999                 if (try_to_freeze())
1000                         continue;
1001
1002                 if (!allocate_buffers(server))
1003                         continue;
1004
1005                 server->large_buf = false;
1006                 buf = server->smallbuf;
1007                 pdu_length = 4; /* enough to get RFC1001 header */
1008
1009                 length = cifs_read_from_socket(server, buf, pdu_length);
1010                 if (length < 0)
1011                         continue;
1012                 server->total_read = length;
1013
1014                 /*
1015                  * The right amount was read from socket - 4 bytes,
1016                  * so we can now interpret the length field.
1017                  */
1018                 pdu_length = get_rfc1002_length(buf);
1019
1020                 cFYI(1, "RFC1002 header 0x%x", pdu_length);
1021                 if (!is_smb_response(server, buf[0]))
1022                         continue;
1023
1024                 /* make sure we have enough to get to the MID */
1025                 if (pdu_length < header_size() - 1 - 4) {
1026                         cERROR(1, "SMB response too short (%u bytes)",
1027                                 pdu_length);
1028                         cifs_reconnect(server);
1029                         wake_up(&server->response_q);
1030                         continue;
1031                 }
1032
1033                 /* read down to the MID */
1034                 length = cifs_read_from_socket(server, buf + 4,
1035                                                header_size() - 1 - 4);
1036                 if (length < 0)
1037                         continue;
1038                 server->total_read += length;
1039
1040                 mid_entry = find_mid(server, buf);
1041
1042                 if (!mid_entry || !mid_entry->receive)
1043                         length = standard_receive3(server, mid_entry);
1044                 else
1045                         length = mid_entry->receive(server, mid_entry);
1046
1047                 if (length < 0)
1048                         continue;
1049
1050                 if (server->large_buf)
1051                         buf = server->bigbuf;
1052
1053                 server->lstrp = jiffies;
1054                 if (mid_entry != NULL) {
1055                         if (!mid_entry->multiRsp || mid_entry->multiEnd)
1056                                 mid_entry->callback(mid_entry);
1057                 } else if (!is_valid_oplock_break(buf, server)) {
1058                         cERROR(1, "No task to wake, unknown frame received! "
1059                                    "NumMids %d", atomic_read(&midCount));
1060                         cifs_dump_mem("Received Data is: ", buf, header_size());
1061 #ifdef CONFIG_CIFS_DEBUG2
1062                         cifs_dump_detail(buf);
1063                         cifs_dump_mids(server);
1064 #endif /* CIFS_DEBUG2 */
1065
1066                 }
1067         } /* end while !EXITING */
1068
1069         /* buffer usually freed in free_mid - need to free it here on exit */
1070         cifs_buf_release(server->bigbuf);
1071         if (server->smallbuf) /* no sense logging a debug message if NULL */
1072                 cifs_small_buf_release(server->smallbuf);
1073
1074         task_to_wake = xchg(&server->tsk, NULL);
1075         clean_demultiplex_info(server);
1076
1077         /* if server->tsk was NULL then wait for a signal before exiting */
1078         if (!task_to_wake) {
1079                 set_current_state(TASK_INTERRUPTIBLE);
1080                 while (!signal_pending(current)) {
1081                         schedule();
1082                         set_current_state(TASK_INTERRUPTIBLE);
1083                 }
1084                 set_current_state(TASK_RUNNING);
1085         }
1086
1087         module_put_and_exit(0);
1088 }
1089
1090 /* extract the host portion of the UNC string */
1091 static char *
1092 extract_hostname(const char *unc)
1093 {
1094         const char *src;
1095         char *dst, *delim;
1096         unsigned int len;
1097
1098         /* skip double chars at beginning of string */
1099         /* BB: check validity of these bytes? */
1100         src = unc + 2;
1101
1102         /* delimiter between hostname and sharename is always '\\' now */
1103         delim = strchr(src, '\\');
1104         if (!delim)
1105                 return ERR_PTR(-EINVAL);
1106
1107         len = delim - src;
1108         dst = kmalloc((len + 1), GFP_KERNEL);
1109         if (dst == NULL)
1110                 return ERR_PTR(-ENOMEM);
1111
1112         memcpy(dst, src, len);
1113         dst[len] = '\0';
1114
1115         return dst;
1116 }
1117
1118 static int get_option_ul(substring_t args[], unsigned long *option)
1119 {
1120         int rc;
1121         char *string;
1122
1123         string = match_strdup(args);
1124         if (string == NULL)
1125                 return -ENOMEM;
1126         rc = kstrtoul(string, 0, option);
1127         kfree(string);
1128
1129         return rc;
1130 }
1131
1132
1133 static int cifs_parse_security_flavors(char *value,
1134                                        struct smb_vol *vol)
1135 {
1136
1137         substring_t args[MAX_OPT_ARGS];
1138
1139         switch (match_token(value, cifs_secflavor_tokens, args)) {
1140         case Opt_sec_krb5:
1141                 vol->secFlg |= CIFSSEC_MAY_KRB5;
1142                 break;
1143         case Opt_sec_krb5i:
1144                 vol->secFlg |= CIFSSEC_MAY_KRB5 | CIFSSEC_MUST_SIGN;
1145                 break;
1146         case Opt_sec_krb5p:
1147                 /* vol->secFlg |= CIFSSEC_MUST_SEAL | CIFSSEC_MAY_KRB5; */
1148                 cERROR(1, "Krb5 cifs privacy not supported");
1149                 break;
1150         case Opt_sec_ntlmssp:
1151                 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
1152                 break;
1153         case Opt_sec_ntlmsspi:
1154                 vol->secFlg |= CIFSSEC_MAY_NTLMSSP | CIFSSEC_MUST_SIGN;
1155                 break;
1156         case Opt_ntlm:
1157                 /* ntlm is default so can be turned off too */
1158                 vol->secFlg |= CIFSSEC_MAY_NTLM;
1159                 break;
1160         case Opt_sec_ntlmi:
1161                 vol->secFlg |= CIFSSEC_MAY_NTLM | CIFSSEC_MUST_SIGN;
1162                 break;
1163         case Opt_sec_nontlm:
1164                 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1165                 break;
1166         case Opt_sec_ntlmv2i:
1167                 vol->secFlg |= CIFSSEC_MAY_NTLMV2 | CIFSSEC_MUST_SIGN;
1168                 break;
1169 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1170         case Opt_sec_lanman:
1171                 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1172                 break;
1173 #endif
1174         case Opt_sec_none:
1175                 vol->nullauth = 1;
1176                 break;
1177         default:
1178                 cERROR(1, "bad security option: %s", value);
1179                 return 1;
1180         }
1181
1182         return 0;
1183 }
1184
1185 static int
1186 cifs_parse_mount_options(const char *mountdata, const char *devname,
1187                          struct smb_vol *vol)
1188 {
1189         char *data, *end;
1190         char *mountdata_copy = NULL, *options;
1191         unsigned int  temp_len, i, j;
1192         char separator[2];
1193         short int override_uid = -1;
1194         short int override_gid = -1;
1195         bool uid_specified = false;
1196         bool gid_specified = false;
1197         bool sloppy = false;
1198         char *invalid = NULL;
1199         char *nodename = utsname()->nodename;
1200         char *string = NULL;
1201         char *tmp_end, *value;
1202         char delim;
1203
1204         separator[0] = ',';
1205         separator[1] = 0;
1206         delim = separator[0];
1207
1208         /*
1209          * does not have to be perfect mapping since field is
1210          * informational, only used for servers that do not support
1211          * port 445 and it can be overridden at mount time
1212          */
1213         memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1214         for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1215                 vol->source_rfc1001_name[i] = toupper(nodename[i]);
1216
1217         vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1218         /* null target name indicates to use *SMBSERVR default called name
1219            if we end up sending RFC1001 session initialize */
1220         vol->target_rfc1001_name[0] = 0;
1221         vol->cred_uid = current_uid();
1222         vol->linux_uid = current_uid();
1223         vol->linux_gid = current_gid();
1224
1225         /* default to only allowing write access to owner of the mount */
1226         vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1227
1228         /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1229         /* default is always to request posix paths. */
1230         vol->posix_paths = 1;
1231         /* default to using server inode numbers where available */
1232         vol->server_ino = 1;
1233
1234         vol->actimeo = CIFS_DEF_ACTIMEO;
1235
1236         if (!mountdata)
1237                 goto cifs_parse_mount_err;
1238
1239         mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
1240         if (!mountdata_copy)
1241                 goto cifs_parse_mount_err;
1242
1243         options = mountdata_copy;
1244         end = options + strlen(options);
1245
1246         if (strncmp(options, "sep=", 4) == 0) {
1247                 if (options[4] != 0) {
1248                         separator[0] = options[4];
1249                         options += 5;
1250                 } else {
1251                         cFYI(1, "Null separator not allowed");
1252                 }
1253         }
1254         vol->backupuid_specified = false; /* no backup intent for a user */
1255         vol->backupgid_specified = false; /* no backup intent for a group */
1256
1257         while ((data = strsep(&options, separator)) != NULL) {
1258                 substring_t args[MAX_OPT_ARGS];
1259                 unsigned long option;
1260                 int token;
1261
1262                 if (!*data)
1263                         continue;
1264
1265                 token = match_token(data, cifs_mount_option_tokens, args);
1266
1267                 switch (token) {
1268
1269                 /* Ingnore the following */
1270                 case Opt_ignore:
1271                         break;
1272
1273                 /* Boolean values */
1274                 case Opt_user_xattr:
1275                         vol->no_xattr = 0;
1276                         break;
1277                 case Opt_nouser_xattr:
1278                         vol->no_xattr = 1;
1279                         break;
1280                 case Opt_forceuid:
1281                         override_uid = 1;
1282                         break;
1283                 case Opt_noforceuid:
1284                         override_uid = 0;
1285                         break;
1286                 case Opt_noblocksend:
1287                         vol->noblocksnd = 1;
1288                         break;
1289                 case Opt_noautotune:
1290                         vol->noautotune = 1;
1291                         break;
1292                 case Opt_hard:
1293                         vol->retry = 1;
1294                         break;
1295                 case Opt_soft:
1296                         vol->retry = 0;
1297                         break;
1298                 case Opt_perm:
1299                         vol->noperm = 0;
1300                         break;
1301                 case Opt_noperm:
1302                         vol->noperm = 1;
1303                         break;
1304                 case Opt_mapchars:
1305                         vol->remap = 1;
1306                         break;
1307                 case Opt_nomapchars:
1308                         vol->remap = 0;
1309                         break;
1310                 case Opt_sfu:
1311                         vol->sfu_emul = 1;
1312                         break;
1313                 case Opt_nosfu:
1314                         vol->sfu_emul = 0;
1315                         break;
1316                 case Opt_nodfs:
1317                         vol->nodfs = 1;
1318                         break;
1319                 case Opt_posixpaths:
1320                         vol->posix_paths = 1;
1321                         break;
1322                 case Opt_noposixpaths:
1323                         vol->posix_paths = 0;
1324                         break;
1325                 case Opt_nounix:
1326                         vol->no_linux_ext = 1;
1327                         break;
1328                 case Opt_nocase:
1329                         vol->nocase = 1;
1330                         break;
1331                 case Opt_brl:
1332                         vol->nobrl =  0;
1333                         break;
1334                 case Opt_nobrl:
1335                         vol->nobrl =  1;
1336                         /*
1337                          * turn off mandatory locking in mode
1338                          * if remote locking is turned off since the
1339                          * local vfs will do advisory
1340                          */
1341                         if (vol->file_mode ==
1342                                 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1343                                 vol->file_mode = S_IALLUGO;
1344                         break;
1345                 case Opt_forcemandatorylock:
1346                         vol->mand_lock = 1;
1347                         break;
1348                 case Opt_setuids:
1349                         vol->setuids = 1;
1350                         break;
1351                 case Opt_nosetuids:
1352                         vol->setuids = 0;
1353                         break;
1354                 case Opt_dynperm:
1355                         vol->dynperm = true;
1356                         break;
1357                 case Opt_nodynperm:
1358                         vol->dynperm = false;
1359                         break;
1360                 case Opt_nohard:
1361                         vol->retry = 0;
1362                         break;
1363                 case Opt_nosoft:
1364                         vol->retry = 1;
1365                         break;
1366                 case Opt_nointr:
1367                         vol->intr = 0;
1368                         break;
1369                 case Opt_intr:
1370                         vol->intr = 1;
1371                         break;
1372                 case Opt_nostrictsync:
1373                         vol->nostrictsync = 1;
1374                         break;
1375                 case Opt_strictsync:
1376                         vol->nostrictsync = 0;
1377                         break;
1378                 case Opt_serverino:
1379                         vol->server_ino = 1;
1380                         break;
1381                 case Opt_noserverino:
1382                         vol->server_ino = 0;
1383                         break;
1384                 case Opt_rwpidforward:
1385                         vol->rwpidforward = 1;
1386                         break;
1387                 case Opt_cifsacl:
1388                         vol->cifs_acl = 1;
1389                         break;
1390                 case Opt_nocifsacl:
1391                         vol->cifs_acl = 0;
1392                         break;
1393                 case Opt_acl:
1394                         vol->no_psx_acl = 0;
1395                         break;
1396                 case Opt_noacl:
1397                         vol->no_psx_acl = 1;
1398                         break;
1399                 case Opt_locallease:
1400                         vol->local_lease = 1;
1401                         break;
1402                 case Opt_sign:
1403                         vol->secFlg |= CIFSSEC_MUST_SIGN;
1404                         break;
1405                 case Opt_seal:
1406                         /* we do not do the following in secFlags because seal
1407                          * is a per tree connection (mount) not a per socket
1408                          * or per-smb connection option in the protocol
1409                          * vol->secFlg |= CIFSSEC_MUST_SEAL;
1410                          */
1411                         vol->seal = 1;
1412                         break;
1413                 case Opt_direct:
1414                         vol->direct_io = 1;
1415                         break;
1416                 case Opt_strictcache:
1417                         vol->strict_io = 1;
1418                         break;
1419                 case Opt_noac:
1420                         printk(KERN_WARNING "CIFS: Mount option noac not "
1421                                 "supported. Instead set "
1422                                 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1423                         break;
1424                 case Opt_fsc:
1425 #ifndef CONFIG_CIFS_FSCACHE
1426                         cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
1427                                   "kernel config option set");
1428                         goto cifs_parse_mount_err;
1429 #endif
1430                         vol->fsc = true;
1431                         break;
1432                 case Opt_mfsymlinks:
1433                         vol->mfsymlinks = true;
1434                         break;
1435                 case Opt_multiuser:
1436                         vol->multiuser = true;
1437                         break;
1438                 case Opt_sloppy:
1439                         sloppy = true;
1440                         break;
1441
1442                 /* Numeric Values */
1443                 case Opt_backupuid:
1444                         if (get_option_ul(args, &option)) {
1445                                 cERROR(1, "%s: Invalid backupuid value",
1446                                         __func__);
1447                                 goto cifs_parse_mount_err;
1448                         }
1449                         vol->backupuid = option;
1450                         vol->backupuid_specified = true;
1451                         break;
1452                 case Opt_backupgid:
1453                         if (get_option_ul(args, &option)) {
1454                                 cERROR(1, "%s: Invalid backupgid value",
1455                                         __func__);
1456                                 goto cifs_parse_mount_err;
1457                         }
1458                         vol->backupgid = option;
1459                         vol->backupgid_specified = true;
1460                         break;
1461                 case Opt_uid:
1462                         if (get_option_ul(args, &option)) {
1463                                 cERROR(1, "%s: Invalid uid value",
1464                                         __func__);
1465                                 goto cifs_parse_mount_err;
1466                         }
1467                         vol->linux_uid = option;
1468                         uid_specified = true;
1469                         break;
1470                 case Opt_cruid:
1471                         if (get_option_ul(args, &option)) {
1472                                 cERROR(1, "%s: Invalid cruid value",
1473                                         __func__);
1474                                 goto cifs_parse_mount_err;
1475                         }
1476                         vol->cred_uid = option;
1477                         break;
1478                 case Opt_gid:
1479                         if (get_option_ul(args, &option)) {
1480                                 cERROR(1, "%s: Invalid gid value",
1481                                                 __func__);
1482                                 goto cifs_parse_mount_err;
1483                         }
1484                         vol->linux_gid = option;
1485                         gid_specified = true;
1486                         break;
1487                 case Opt_file_mode:
1488                         if (get_option_ul(args, &option)) {
1489                                 cERROR(1, "%s: Invalid file_mode value",
1490                                         __func__);
1491                                 goto cifs_parse_mount_err;
1492                         }
1493                         vol->file_mode = option;
1494                         break;
1495                 case Opt_dirmode:
1496                         if (get_option_ul(args, &option)) {
1497                                 cERROR(1, "%s: Invalid dir_mode value",
1498                                         __func__);
1499                                 goto cifs_parse_mount_err;
1500                         }
1501                         vol->dir_mode = option;
1502                         break;
1503                 case Opt_port:
1504                         if (get_option_ul(args, &option)) {
1505                                 cERROR(1, "%s: Invalid port value",
1506                                         __func__);
1507                                 goto cifs_parse_mount_err;
1508                         }
1509                         vol->port = option;
1510                         break;
1511                 case Opt_rsize:
1512                         if (get_option_ul(args, &option)) {
1513                                 cERROR(1, "%s: Invalid rsize value",
1514                                         __func__);
1515                                 goto cifs_parse_mount_err;
1516                         }
1517                         vol->rsize = option;
1518                         break;
1519                 case Opt_wsize:
1520                         if (get_option_ul(args, &option)) {
1521                                 cERROR(1, "%s: Invalid wsize value",
1522                                         __func__);
1523                                 goto cifs_parse_mount_err;
1524                         }
1525                         vol->wsize = option;
1526                         break;
1527                 case Opt_actimeo:
1528                         if (get_option_ul(args, &option)) {
1529                                 cERROR(1, "%s: Invalid actimeo value",
1530                                         __func__);
1531                                 goto cifs_parse_mount_err;
1532                         }
1533                         vol->actimeo = HZ * option;
1534                         if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1535                                 cERROR(1, "CIFS: attribute cache"
1536                                           "timeout too large");
1537                                 goto cifs_parse_mount_err;
1538                         }
1539                         break;
1540
1541                 /* String Arguments */
1542
1543                 case Opt_blank_user:
1544                         /* null user, ie. anonymous authentication */
1545                         vol->nullauth = 1;
1546                         vol->username = NULL;
1547                         break;
1548                 case Opt_user:
1549                         string = match_strdup(args);
1550                         if (string == NULL)
1551                                 goto out_nomem;
1552
1553                         if (strnlen(string, MAX_USERNAME_SIZE) >
1554                                                         MAX_USERNAME_SIZE) {
1555                                 printk(KERN_WARNING "CIFS: username too long\n");
1556                                 goto cifs_parse_mount_err;
1557                         }
1558                         vol->username = kstrdup(string, GFP_KERNEL);
1559                         if (!vol->username) {
1560                                 printk(KERN_WARNING "CIFS: no memory "
1561                                                     "for username\n");
1562                                 goto cifs_parse_mount_err;
1563                         }
1564                         break;
1565                 case Opt_blank_pass:
1566                         vol->password = NULL;
1567                         break;
1568                 case Opt_pass:
1569                         /* passwords have to be handled differently
1570                          * to allow the character used for deliminator
1571                          * to be passed within them
1572                          */
1573
1574                         /* Obtain the value string */
1575                         value = strchr(data, '=');
1576                         value++;
1577
1578                         /* Set tmp_end to end of the string */
1579                         tmp_end = (char *) value + strlen(value);
1580
1581                         /* Check if following character is the deliminator
1582                          * If yes, we have encountered a double deliminator
1583                          * reset the NULL character to the deliminator
1584                          */
1585                         if (tmp_end < end && tmp_end[1] == delim)
1586                                 tmp_end[0] = delim;
1587
1588                         /* Keep iterating until we get to a single deliminator
1589                          * OR the end
1590                          */
1591                         while ((tmp_end = strchr(tmp_end, delim)) != NULL &&
1592                                (tmp_end[1] == delim)) {
1593                                 tmp_end = (char *) &tmp_end[2];
1594                         }
1595
1596                         /* Reset var options to point to next element */
1597                         if (tmp_end) {
1598                                 tmp_end[0] = '\0';
1599                                 options = (char *) &tmp_end[1];
1600                         } else
1601                                 /* Reached the end of the mount option string */
1602                                 options = end;
1603
1604                         /* Now build new password string */
1605                         temp_len = strlen(value);
1606                         vol->password = kzalloc(temp_len+1, GFP_KERNEL);
1607                         if (vol->password == NULL) {
1608                                 printk(KERN_WARNING "CIFS: no memory "
1609                                                     "for password\n");
1610                                 goto cifs_parse_mount_err;
1611                         }
1612
1613                         for (i = 0, j = 0; i < temp_len; i++, j++) {
1614                                 vol->password[j] = value[i];
1615                                 if ((value[i] == delim) &&
1616                                      value[i+1] == delim)
1617                                         /* skip the second deliminator */
1618                                         i++;
1619                         }
1620                         vol->password[j] = '\0';
1621                         break;
1622                 case Opt_blank_ip:
1623                         vol->UNCip = NULL;
1624                         break;
1625                 case Opt_ip:
1626                         string = match_strdup(args);
1627                         if (string == NULL)
1628                                 goto out_nomem;
1629
1630                         if (strnlen(string, INET6_ADDRSTRLEN) >
1631                                                 INET6_ADDRSTRLEN) {
1632                                 printk(KERN_WARNING "CIFS: ip address "
1633                                                     "too long\n");
1634                                 goto cifs_parse_mount_err;
1635                         }
1636                         vol->UNCip = kstrdup(string, GFP_KERNEL);
1637                         if (!vol->UNCip) {
1638                                 printk(KERN_WARNING "CIFS: no memory "
1639                                                     "for UNC IP\n");
1640                                 goto cifs_parse_mount_err;
1641                         }
1642                         break;
1643                 case Opt_unc:
1644                         string = match_strdup(args);
1645                         if (string == NULL)
1646                                 goto out_nomem;
1647
1648                         temp_len = strnlen(string, 300);
1649                         if (temp_len  == 300) {
1650                                 printk(KERN_WARNING "CIFS: UNC name too long\n");
1651                                 goto cifs_parse_mount_err;
1652                         }
1653
1654                         vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1655                         if (vol->UNC == NULL) {
1656                                 printk(KERN_WARNING "CIFS: no memory for UNC\n");
1657                                 goto cifs_parse_mount_err;
1658                         }
1659                         strcpy(vol->UNC, string);
1660
1661                         if (strncmp(string, "//", 2) == 0) {
1662                                 vol->UNC[0] = '\\';
1663                                 vol->UNC[1] = '\\';
1664                         } else if (strncmp(string, "\\\\", 2) != 0) {
1665                                 printk(KERN_WARNING "CIFS: UNC Path does not "
1666                                                     "begin with // or \\\\\n");
1667                                 goto cifs_parse_mount_err;
1668                         }
1669
1670                         break;
1671                 case Opt_domain:
1672                         string = match_strdup(args);
1673                         if (string == NULL)
1674                                 goto out_nomem;
1675
1676                         if (strnlen(string, 256) == 256) {
1677                                 printk(KERN_WARNING "CIFS: domain name too"
1678                                                     " long\n");
1679                                 goto cifs_parse_mount_err;
1680                         }
1681
1682                         vol->domainname = kstrdup(string, GFP_KERNEL);
1683                         if (!vol->domainname) {
1684                                 printk(KERN_WARNING "CIFS: no memory "
1685                                                     "for domainname\n");
1686                                 goto cifs_parse_mount_err;
1687                         }
1688                         cFYI(1, "Domain name set");
1689                         break;
1690                 case Opt_srcaddr:
1691                         string = match_strdup(args);
1692                         if (string == NULL)
1693                                 goto out_nomem;
1694
1695                         if (!cifs_convert_address(
1696                                         (struct sockaddr *)&vol->srcaddr,
1697                                         string, strlen(string))) {
1698                                 printk(KERN_WARNING "CIFS:  Could not parse"
1699                                                     " srcaddr: %s\n", string);
1700                                 goto cifs_parse_mount_err;
1701                         }
1702                         break;
1703                 case Opt_prefixpath:
1704                         string = match_strdup(args);
1705                         if (string == NULL)
1706                                 goto out_nomem;
1707
1708                         temp_len = strnlen(string, 1024);
1709                         if (string[0] != '/')
1710                                 temp_len++; /* missing leading slash */
1711                         if (temp_len > 1024) {
1712                                 printk(KERN_WARNING "CIFS: prefix too long\n");
1713                                 goto cifs_parse_mount_err;
1714                         }
1715
1716                         vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1717                         if (vol->prepath == NULL) {
1718                                 printk(KERN_WARNING "CIFS: no memory "
1719                                                     "for path prefix\n");
1720                                 goto cifs_parse_mount_err;
1721                         }
1722
1723                         if (string[0] != '/') {
1724                                 vol->prepath[0] = '/';
1725                                 strcpy(vol->prepath+1, string);
1726                         } else
1727                                 strcpy(vol->prepath, string);
1728
1729                         break;
1730                 case Opt_iocharset:
1731                         string = match_strdup(args);
1732                         if (string == NULL)
1733                                 goto out_nomem;
1734
1735                         if (strnlen(string, 1024) >= 65) {
1736                                 printk(KERN_WARNING "CIFS: iocharset name "
1737                                                     "too long.\n");
1738                                 goto cifs_parse_mount_err;
1739                         }
1740
1741                          if (strnicmp(string, "default", 7) != 0) {
1742                                 vol->iocharset = kstrdup(string,
1743                                                          GFP_KERNEL);
1744                                 if (!vol->iocharset) {
1745                                         printk(KERN_WARNING "CIFS: no memory"
1746                                                             "for charset\n");
1747                                         goto cifs_parse_mount_err;
1748                                 }
1749                         }
1750                         /* if iocharset not set then load_nls_default
1751                          * is used by caller
1752                          */
1753                         cFYI(1, "iocharset set to %s", string);
1754                         break;
1755                 case Opt_sockopt:
1756                         string = match_strdup(args);
1757                         if (string == NULL)
1758                                 goto out_nomem;
1759
1760                         if (strnicmp(string, "TCP_NODELAY", 11) == 0)
1761                                 vol->sockopt_tcp_nodelay = 1;
1762                         break;
1763                 case Opt_netbiosname:
1764                         string = match_strdup(args);
1765                         if (string == NULL)
1766                                 goto out_nomem;
1767
1768                         memset(vol->source_rfc1001_name, 0x20,
1769                                 RFC1001_NAME_LEN);
1770                         /*
1771                          * FIXME: are there cases in which a comma can
1772                          * be valid in workstation netbios name (and
1773                          * need special handling)?
1774                          */
1775                         for (i = 0; i < RFC1001_NAME_LEN; i++) {
1776                                 /* don't ucase netbiosname for user */
1777                                 if (string[i] == 0)
1778                                         break;
1779                                 vol->source_rfc1001_name[i] = string[i];
1780                         }
1781                         /* The string has 16th byte zero still from
1782                          * set at top of the function
1783                          */
1784                         if (i == RFC1001_NAME_LEN && string[i] != 0)
1785                                 printk(KERN_WARNING "CIFS: netbiosname"
1786                                        " longer than 15 truncated.\n");
1787
1788                         break;
1789                 case Opt_servern:
1790                         /* servernetbiosname specified override *SMBSERVER */
1791                         string = match_strdup(args);
1792                         if (string == NULL)
1793                                 goto out_nomem;
1794
1795                         /* last byte, type, is 0x20 for servr type */
1796                         memset(vol->target_rfc1001_name, 0x20,
1797                                 RFC1001_NAME_LEN_WITH_NULL);
1798
1799                         /* BB are there cases in which a comma can be
1800                            valid in this workstation netbios name
1801                            (and need special handling)? */
1802
1803                         /* user or mount helper must uppercase the
1804                            netbios name */
1805                         for (i = 0; i < 15; i++) {
1806                                 if (string[i] == 0)
1807                                         break;
1808                                 vol->target_rfc1001_name[i] = string[i];
1809                         }
1810                         /* The string has 16th byte zero still from
1811                            set at top of the function  */
1812                         if (i == RFC1001_NAME_LEN && string[i] != 0)
1813                                 printk(KERN_WARNING "CIFS: server net"
1814                                        "biosname longer than 15 truncated.\n");
1815                         break;
1816                 case Opt_ver:
1817                         string = match_strdup(args);
1818                         if (string == NULL)
1819                                 goto out_nomem;
1820
1821                         if (strnicmp(string, "cifs", 4) == 0 ||
1822                             strnicmp(string, "1", 1) == 0) {
1823                                 /* This is the default */
1824                                 break;
1825                         }
1826                         /* For all other value, error */
1827                         printk(KERN_WARNING "CIFS: Invalid version"
1828                                             " specified\n");
1829                         goto cifs_parse_mount_err;
1830                 case Opt_sec:
1831                         string = match_strdup(args);
1832                         if (string == NULL)
1833                                 goto out_nomem;
1834
1835                         if (cifs_parse_security_flavors(string, vol) != 0)
1836                                 goto cifs_parse_mount_err;
1837                         break;
1838                 default:
1839                         /*
1840                          * An option we don't recognize. Save it off for later
1841                          * if we haven't already found one
1842                          */
1843                         if (!invalid)
1844                                 invalid = data;
1845                         break;
1846                 }
1847                 /* Free up any allocated string */
1848                 kfree(string);
1849                 string = NULL;
1850         }
1851
1852         if (!sloppy && invalid) {
1853                 printk(KERN_ERR "CIFS: Unknown mount option \"%s\"\n", invalid);
1854                 goto cifs_parse_mount_err;
1855         }
1856
1857 #ifndef CONFIG_KEYS
1858         /* Muliuser mounts require CONFIG_KEYS support */
1859         if (vol->multiuser) {
1860                 cERROR(1, "Multiuser mounts require kernels with "
1861                           "CONFIG_KEYS enabled.");
1862                 goto cifs_parse_mount_err;
1863         }
1864 #endif
1865
1866         if (vol->UNCip == NULL)
1867                 vol->UNCip = &vol->UNC[2];
1868
1869         if (uid_specified)
1870                 vol->override_uid = override_uid;
1871         else if (override_uid == 1)
1872                 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1873                                    "specified with no uid= option.\n");
1874
1875         if (gid_specified)
1876                 vol->override_gid = override_gid;
1877         else if (override_gid == 1)
1878                 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1879                                    "specified with no gid= option.\n");
1880
1881         kfree(mountdata_copy);
1882         return 0;
1883
1884 out_nomem:
1885         printk(KERN_WARNING "Could not allocate temporary buffer\n");
1886 cifs_parse_mount_err:
1887         kfree(string);
1888         kfree(mountdata_copy);
1889         return 1;
1890 }
1891
1892 /** Returns true if srcaddr isn't specified and rhs isn't
1893  * specified, or if srcaddr is specified and
1894  * matches the IP address of the rhs argument.
1895  */
1896 static bool
1897 srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1898 {
1899         switch (srcaddr->sa_family) {
1900         case AF_UNSPEC:
1901                 return (rhs->sa_family == AF_UNSPEC);
1902         case AF_INET: {
1903                 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1904                 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1905                 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1906         }
1907         case AF_INET6: {
1908                 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1909                 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1910                 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1911         }
1912         default:
1913                 WARN_ON(1);
1914                 return false; /* don't expect to be here */
1915         }
1916 }
1917
1918 /*
1919  * If no port is specified in addr structure, we try to match with 445 port
1920  * and if it fails - with 139 ports. It should be called only if address
1921  * families of server and addr are equal.
1922  */
1923 static bool
1924 match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1925 {
1926         __be16 port, *sport;
1927
1928         switch (addr->sa_family) {
1929         case AF_INET:
1930                 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1931                 port = ((struct sockaddr_in *) addr)->sin_port;
1932                 break;
1933         case AF_INET6:
1934                 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1935                 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1936                 break;
1937         default:
1938                 WARN_ON(1);
1939                 return false;
1940         }
1941
1942         if (!port) {
1943                 port = htons(CIFS_PORT);
1944                 if (port == *sport)
1945                         return true;
1946
1947                 port = htons(RFC1001_PORT);
1948         }
1949
1950         return port == *sport;
1951 }
1952
1953 static bool
1954 match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1955               struct sockaddr *srcaddr)
1956 {
1957         switch (addr->sa_family) {
1958         case AF_INET: {
1959                 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1960                 struct sockaddr_in *srv_addr4 =
1961                                         (struct sockaddr_in *)&server->dstaddr;
1962
1963                 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
1964                         return false;
1965                 break;
1966         }
1967         case AF_INET6: {
1968                 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1969                 struct sockaddr_in6 *srv_addr6 =
1970                                         (struct sockaddr_in6 *)&server->dstaddr;
1971
1972                 if (!ipv6_addr_equal(&addr6->sin6_addr,
1973                                      &srv_addr6->sin6_addr))
1974                         return false;
1975                 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
1976                         return false;
1977                 break;
1978         }
1979         default:
1980                 WARN_ON(1);
1981                 return false; /* don't expect to be here */
1982         }
1983
1984         if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1985                 return false;
1986
1987         return true;
1988 }
1989
1990 static bool
1991 match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1992 {
1993         unsigned int secFlags;
1994
1995         if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1996                 secFlags = vol->secFlg;
1997         else
1998                 secFlags = global_secflags | vol->secFlg;
1999
2000         switch (server->secType) {
2001         case LANMAN:
2002                 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
2003                         return false;
2004                 break;
2005         case NTLMv2:
2006                 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
2007                         return false;
2008                 break;
2009         case NTLM:
2010                 if (!(secFlags & CIFSSEC_MAY_NTLM))
2011                         return false;
2012                 break;
2013         case Kerberos:
2014                 if (!(secFlags & CIFSSEC_MAY_KRB5))
2015                         return false;
2016                 break;
2017         case RawNTLMSSP:
2018                 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
2019                         return false;
2020                 break;
2021         default:
2022                 /* shouldn't happen */
2023                 return false;
2024         }
2025
2026         /* now check if signing mode is acceptable */
2027         if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
2028             (server->sec_mode & SECMODE_SIGN_REQUIRED))
2029                         return false;
2030         else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
2031                  (server->sec_mode &
2032                   (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
2033                         return false;
2034
2035         return true;
2036 }
2037
2038 static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
2039                          struct smb_vol *vol)
2040 {
2041         if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
2042                 return 0;
2043
2044         if (!match_address(server, addr,
2045                            (struct sockaddr *)&vol->srcaddr))
2046                 return 0;
2047
2048         if (!match_port(server, addr))
2049                 return 0;
2050
2051         if (!match_security(server, vol))
2052                 return 0;
2053
2054         return 1;
2055 }
2056
2057 static struct TCP_Server_Info *
2058 cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
2059 {
2060         struct TCP_Server_Info *server;
2061
2062         spin_lock(&cifs_tcp_ses_lock);
2063         list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
2064                 if (!match_server(server, addr, vol))
2065                         continue;
2066
2067                 ++server->srv_count;
2068                 spin_unlock(&cifs_tcp_ses_lock);
2069                 cFYI(1, "Existing tcp session with server found");
2070                 return server;
2071         }
2072         spin_unlock(&cifs_tcp_ses_lock);
2073         return NULL;
2074 }
2075
2076 static void
2077 cifs_put_tcp_session(struct TCP_Server_Info *server)
2078 {
2079         struct task_struct *task;
2080
2081         spin_lock(&cifs_tcp_ses_lock);
2082         if (--server->srv_count > 0) {
2083                 spin_unlock(&cifs_tcp_ses_lock);
2084                 return;
2085         }
2086
2087         put_net(cifs_net_ns(server));
2088
2089         list_del_init(&server->tcp_ses_list);
2090         spin_unlock(&cifs_tcp_ses_lock);
2091
2092         cancel_delayed_work_sync(&server->echo);
2093
2094         spin_lock(&GlobalMid_Lock);
2095         server->tcpStatus = CifsExiting;
2096         spin_unlock(&GlobalMid_Lock);
2097
2098         cifs_crypto_shash_release(server);
2099         cifs_fscache_release_client_cookie(server);
2100
2101         kfree(server->session_key.response);
2102         server->session_key.response = NULL;
2103         server->session_key.len = 0;
2104
2105         task = xchg(&server->tsk, NULL);
2106         if (task)
2107                 force_sig(SIGKILL, task);
2108 }
2109
2110 static struct TCP_Server_Info *
2111 cifs_get_tcp_session(struct smb_vol *volume_info)
2112 {
2113         struct TCP_Server_Info *tcp_ses = NULL;
2114         struct sockaddr_storage addr;
2115         struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
2116         struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
2117         int rc;
2118
2119         memset(&addr, 0, sizeof(struct sockaddr_storage));
2120
2121         cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
2122
2123         if (volume_info->UNCip && volume_info->UNC) {
2124                 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2125                                         volume_info->UNCip,
2126                                         strlen(volume_info->UNCip),
2127                                         volume_info->port);
2128                 if (!rc) {
2129                         /* we failed translating address */
2130                         rc = -EINVAL;
2131                         goto out_err;
2132                 }
2133         } else if (volume_info->UNCip) {
2134                 /* BB using ip addr as tcp_ses name to connect to the
2135                    DFS root below */
2136                 cERROR(1, "Connecting to DFS root not implemented yet");
2137                 rc = -EINVAL;
2138                 goto out_err;
2139         } else /* which tcp_sess DFS root would we conect to */ {
2140                 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
2141                         "unc=//192.168.1.100/public) specified");
2142                 rc = -EINVAL;
2143                 goto out_err;
2144         }
2145
2146         /* see if we already have a matching tcp_ses */
2147         tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
2148         if (tcp_ses)
2149                 return tcp_ses;
2150
2151         tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
2152         if (!tcp_ses) {
2153                 rc = -ENOMEM;
2154                 goto out_err;
2155         }
2156
2157         rc = cifs_crypto_shash_allocate(tcp_ses);
2158         if (rc) {
2159                 cERROR(1, "could not setup hash structures rc %d", rc);
2160                 goto out_err;
2161         }
2162
2163         cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
2164         tcp_ses->hostname = extract_hostname(volume_info->UNC);
2165         if (IS_ERR(tcp_ses->hostname)) {
2166                 rc = PTR_ERR(tcp_ses->hostname);
2167                 goto out_err_crypto_release;
2168         }
2169
2170         tcp_ses->noblocksnd = volume_info->noblocksnd;
2171         tcp_ses->noautotune = volume_info->noautotune;
2172         tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
2173         tcp_ses->in_flight = 0;
2174         tcp_ses->credits = 1;
2175         init_waitqueue_head(&tcp_ses->response_q);
2176         init_waitqueue_head(&tcp_ses->request_q);
2177         INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
2178         mutex_init(&tcp_ses->srv_mutex);
2179         memcpy(tcp_ses->workstation_RFC1001_name,
2180                 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
2181         memcpy(tcp_ses->server_RFC1001_name,
2182                 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
2183         tcp_ses->session_estab = false;
2184         tcp_ses->sequence_number = 0;
2185         tcp_ses->lstrp = jiffies;
2186         INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
2187         INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
2188         INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
2189
2190         /*
2191          * at this point we are the only ones with the pointer
2192          * to the struct since the kernel thread not created yet
2193          * no need to spinlock this init of tcpStatus or srv_count
2194          */
2195         tcp_ses->tcpStatus = CifsNew;
2196         memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
2197                sizeof(tcp_ses->srcaddr));
2198         ++tcp_ses->srv_count;
2199
2200         if (addr.ss_family == AF_INET6) {
2201                 cFYI(1, "attempting ipv6 connect");
2202                 /* BB should we allow ipv6 on port 139? */
2203                 /* other OS never observed in Wild doing 139 with v6 */
2204                 memcpy(&tcp_ses->dstaddr, sin_server6,
2205                        sizeof(struct sockaddr_in6));
2206         } else
2207                 memcpy(&tcp_ses->dstaddr, sin_server,
2208                        sizeof(struct sockaddr_in));
2209
2210         rc = ip_connect(tcp_ses);
2211         if (rc < 0) {
2212                 cERROR(1, "Error connecting to socket. Aborting operation");
2213                 goto out_err_crypto_release;
2214         }
2215
2216         /*
2217          * since we're in a cifs function already, we know that
2218          * this will succeed. No need for try_module_get().
2219          */
2220         __module_get(THIS_MODULE);
2221         tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
2222                                   tcp_ses, "cifsd");
2223         if (IS_ERR(tcp_ses->tsk)) {
2224                 rc = PTR_ERR(tcp_ses->tsk);
2225                 cERROR(1, "error %d create cifsd thread", rc);
2226                 module_put(THIS_MODULE);
2227                 goto out_err_crypto_release;
2228         }
2229         tcp_ses->tcpStatus = CifsNeedNegotiate;
2230
2231         /* thread spawned, put it on the list */
2232         spin_lock(&cifs_tcp_ses_lock);
2233         list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
2234         spin_unlock(&cifs_tcp_ses_lock);
2235
2236         cifs_fscache_get_client_cookie(tcp_ses);
2237
2238         /* queue echo request delayed work */
2239         queue_delayed_work(cifsiod_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
2240
2241         return tcp_ses;
2242
2243 out_err_crypto_release:
2244         cifs_crypto_shash_release(tcp_ses);
2245
2246         put_net(cifs_net_ns(tcp_ses));
2247
2248 out_err:
2249         if (tcp_ses) {
2250                 if (!IS_ERR(tcp_ses->hostname))
2251                         kfree(tcp_ses->hostname);
2252                 if (tcp_ses->ssocket)
2253                         sock_release(tcp_ses->ssocket);
2254                 kfree(tcp_ses);
2255         }
2256         return ERR_PTR(rc);
2257 }
2258
2259 static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
2260 {
2261         switch (ses->server->secType) {
2262         case Kerberos:
2263                 if (vol->cred_uid != ses->cred_uid)
2264                         return 0;
2265                 break;
2266         default:
2267                 /* NULL username means anonymous session */
2268                 if (ses->user_name == NULL) {
2269                         if (!vol->nullauth)
2270                                 return 0;
2271                         break;
2272                 }
2273
2274                 /* anything else takes username/password */
2275                 if (strncmp(ses->user_name,
2276                             vol->username ? vol->username : "",
2277                             MAX_USERNAME_SIZE))
2278                         return 0;
2279                 if (strlen(vol->username) != 0 &&
2280                     ses->password != NULL &&
2281                     strncmp(ses->password,
2282                             vol->password ? vol->password : "",
2283                             MAX_PASSWORD_SIZE))
2284                         return 0;
2285         }
2286         return 1;
2287 }
2288
2289 static struct cifs_ses *
2290 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
2291 {
2292         struct cifs_ses *ses;
2293
2294         spin_lock(&cifs_tcp_ses_lock);
2295         list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
2296                 if (!match_session(ses, vol))
2297                         continue;
2298                 ++ses->ses_count;
2299                 spin_unlock(&cifs_tcp_ses_lock);
2300                 return ses;
2301         }
2302         spin_unlock(&cifs_tcp_ses_lock);
2303         return NULL;
2304 }
2305
2306 static void
2307 cifs_put_smb_ses(struct cifs_ses *ses)
2308 {
2309         int xid;
2310         struct TCP_Server_Info *server = ses->server;
2311
2312         cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
2313         spin_lock(&cifs_tcp_ses_lock);
2314         if (--ses->ses_count > 0) {
2315                 spin_unlock(&cifs_tcp_ses_lock);
2316                 return;
2317         }
2318
2319         list_del_init(&ses->smb_ses_list);
2320         spin_unlock(&cifs_tcp_ses_lock);
2321
2322         if (ses->status == CifsGood) {
2323                 xid = GetXid();
2324                 CIFSSMBLogoff(xid, ses);
2325                 _FreeXid(xid);
2326         }
2327         sesInfoFree(ses);
2328         cifs_put_tcp_session(server);
2329 }
2330
2331 #ifdef CONFIG_KEYS
2332
2333 /* strlen("cifs:a:") + INET6_ADDRSTRLEN + 1 */
2334 #define CIFSCREDS_DESC_SIZE (7 + INET6_ADDRSTRLEN + 1)
2335
2336 /* Populate username and pw fields from keyring if possible */
2337 static int
2338 cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
2339 {
2340         int rc = 0;
2341         char *desc, *delim, *payload;
2342         ssize_t len;
2343         struct key *key;
2344         struct TCP_Server_Info *server = ses->server;
2345         struct sockaddr_in *sa;
2346         struct sockaddr_in6 *sa6;
2347         struct user_key_payload *upayload;
2348
2349         desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
2350         if (!desc)
2351                 return -ENOMEM;
2352
2353         /* try to find an address key first */
2354         switch (server->dstaddr.ss_family) {
2355         case AF_INET:
2356                 sa = (struct sockaddr_in *)&server->dstaddr;
2357                 sprintf(desc, "cifs:a:%pI4", &sa->sin_addr.s_addr);
2358                 break;
2359         case AF_INET6:
2360                 sa6 = (struct sockaddr_in6 *)&server->dstaddr;
2361                 sprintf(desc, "cifs:a:%pI6c", &sa6->sin6_addr.s6_addr);
2362                 break;
2363         default:
2364                 cFYI(1, "Bad ss_family (%hu)", server->dstaddr.ss_family);
2365                 rc = -EINVAL;
2366                 goto out_err;
2367         }
2368
2369         cFYI(1, "%s: desc=%s", __func__, desc);
2370         key = request_key(&key_type_logon, desc, "");
2371         if (IS_ERR(key)) {
2372                 if (!ses->domainName) {
2373                         cFYI(1, "domainName is NULL");
2374                         rc = PTR_ERR(key);
2375                         goto out_err;
2376                 }
2377
2378                 /* didn't work, try to find a domain key */
2379                 sprintf(desc, "cifs:d:%s", ses->domainName);
2380                 cFYI(1, "%s: desc=%s", __func__, desc);
2381                 key = request_key(&key_type_logon, desc, "");
2382                 if (IS_ERR(key)) {
2383                         rc = PTR_ERR(key);
2384                         goto out_err;
2385                 }
2386         }
2387
2388         down_read(&key->sem);
2389         upayload = key->payload.data;
2390         if (IS_ERR_OR_NULL(upayload)) {
2391                 rc = upayload ? PTR_ERR(upayload) : -EINVAL;
2392                 goto out_key_put;
2393         }
2394
2395         /* find first : in payload */
2396         payload = (char *)upayload->data;
2397         delim = strnchr(payload, upayload->datalen, ':');
2398         cFYI(1, "payload=%s", payload);
2399         if (!delim) {
2400                 cFYI(1, "Unable to find ':' in payload (datalen=%d)",
2401                                 upayload->datalen);
2402                 rc = -EINVAL;
2403                 goto out_key_put;
2404         }
2405
2406         len = delim - payload;
2407         if (len > MAX_USERNAME_SIZE || len <= 0) {
2408                 cFYI(1, "Bad value from username search (len=%zd)", len);
2409                 rc = -EINVAL;
2410                 goto out_key_put;
2411         }
2412
2413         vol->username = kstrndup(payload, len, GFP_KERNEL);
2414         if (!vol->username) {
2415                 cFYI(1, "Unable to allocate %zd bytes for username", len);
2416                 rc = -ENOMEM;
2417                 goto out_key_put;
2418         }
2419         cFYI(1, "%s: username=%s", __func__, vol->username);
2420
2421         len = key->datalen - (len + 1);
2422         if (len > MAX_PASSWORD_SIZE || len <= 0) {
2423                 cFYI(1, "Bad len for password search (len=%zd)", len);
2424                 rc = -EINVAL;
2425                 kfree(vol->username);
2426                 vol->username = NULL;
2427                 goto out_key_put;
2428         }
2429
2430         ++delim;
2431         vol->password = kstrndup(delim, len, GFP_KERNEL);
2432         if (!vol->password) {
2433                 cFYI(1, "Unable to allocate %zd bytes for password", len);
2434                 rc = -ENOMEM;
2435                 kfree(vol->username);
2436                 vol->username = NULL;
2437                 goto out_key_put;
2438         }
2439
2440 out_key_put:
2441         up_read(&key->sem);
2442         key_put(key);
2443 out_err:
2444         kfree(desc);
2445         cFYI(1, "%s: returning %d", __func__, rc);
2446         return rc;
2447 }
2448 #else /* ! CONFIG_KEYS */
2449 static inline int
2450 cifs_set_cifscreds(struct smb_vol *vol __attribute__((unused)),
2451                    struct cifs_ses *ses __attribute__((unused)))
2452 {
2453         return -ENOSYS;
2454 }
2455 #endif /* CONFIG_KEYS */
2456
2457 static bool warned_on_ntlm;  /* globals init to false automatically */
2458
2459 static struct cifs_ses *
2460 cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2461 {
2462         int rc = -ENOMEM, xid;
2463         struct cifs_ses *ses;
2464         struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2465         struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2466
2467         xid = GetXid();
2468
2469         ses = cifs_find_smb_ses(server, volume_info);
2470         if (ses) {
2471                 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
2472
2473                 mutex_lock(&ses->session_mutex);
2474                 rc = cifs_negotiate_protocol(xid, ses);
2475                 if (rc) {
2476                         mutex_unlock(&ses->session_mutex);
2477                         /* problem -- put our ses reference */
2478                         cifs_put_smb_ses(ses);
2479                         FreeXid(xid);
2480                         return ERR_PTR(rc);
2481                 }
2482                 if (ses->need_reconnect) {
2483                         cFYI(1, "Session needs reconnect");
2484                         rc = cifs_setup_session(xid, ses,
2485                                                 volume_info->local_nls);
2486                         if (rc) {
2487                                 mutex_unlock(&ses->session_mutex);
2488                                 /* problem -- put our reference */
2489                                 cifs_put_smb_ses(ses);
2490                                 FreeXid(xid);
2491                                 return ERR_PTR(rc);
2492                         }
2493                 }
2494                 mutex_unlock(&ses->session_mutex);
2495
2496                 /* existing SMB ses has a server reference already */
2497                 cifs_put_tcp_session(server);
2498                 FreeXid(xid);
2499                 return ses;
2500         }
2501
2502         cFYI(1, "Existing smb sess not found");
2503         ses = sesInfoAlloc();
2504         if (ses == NULL)
2505                 goto get_ses_fail;
2506
2507         /* new SMB session uses our server ref */
2508         ses->server = server;
2509         if (server->dstaddr.ss_family == AF_INET6)
2510                 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
2511         else
2512                 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
2513
2514         if (volume_info->username) {
2515                 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2516                 if (!ses->user_name)
2517                         goto get_ses_fail;
2518         }
2519
2520         /* volume_info->password freed at unmount */
2521         if (volume_info->password) {
2522                 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2523                 if (!ses->password)
2524                         goto get_ses_fail;
2525         }
2526         if (volume_info->domainname) {
2527                 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2528                 if (!ses->domainName)
2529                         goto get_ses_fail;
2530         }
2531         ses->cred_uid = volume_info->cred_uid;
2532         ses->linux_uid = volume_info->linux_uid;
2533
2534         /* ntlmv2 is much stronger than ntlm security, and has been broadly
2535         supported for many years, time to update default security mechanism */
2536         if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2537                 warned_on_ntlm = true;
2538                 cERROR(1, "default security mechanism requested.  The default "
2539                         "security mechanism will be upgraded from ntlm to "
2540                         "ntlmv2 in kernel release 3.3");
2541         }
2542         ses->overrideSecFlg = volume_info->secFlg;
2543
2544         mutex_lock(&ses->session_mutex);
2545         rc = cifs_negotiate_protocol(xid, ses);
2546         if (!rc)
2547                 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
2548         mutex_unlock(&ses->session_mutex);
2549         if (rc)
2550                 goto get_ses_fail;
2551
2552         /* success, put it on the list */
2553         spin_lock(&cifs_tcp_ses_lock);
2554         list_add(&ses->smb_ses_list, &server->smb_ses_list);
2555         spin_unlock(&cifs_tcp_ses_lock);
2556
2557         FreeXid(xid);
2558         return ses;
2559
2560 get_ses_fail:
2561         sesInfoFree(ses);
2562         FreeXid(xid);
2563         return ERR_PTR(rc);
2564 }
2565
2566 static int match_tcon(struct cifs_tcon *tcon, const char *unc)
2567 {
2568         if (tcon->tidStatus == CifsExiting)
2569                 return 0;
2570         if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2571                 return 0;
2572         return 1;
2573 }
2574
2575 static struct cifs_tcon *
2576 cifs_find_tcon(struct cifs_ses *ses, const char *unc)
2577 {
2578         struct list_head *tmp;
2579         struct cifs_tcon *tcon;
2580
2581         spin_lock(&cifs_tcp_ses_lock);
2582         list_for_each(tmp, &ses->tcon_list) {
2583                 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
2584                 if (!match_tcon(tcon, unc))
2585                         continue;
2586                 ++tcon->tc_count;
2587                 spin_unlock(&cifs_tcp_ses_lock);
2588                 return tcon;
2589         }
2590         spin_unlock(&cifs_tcp_ses_lock);
2591         return NULL;
2592 }
2593
2594 static void
2595 cifs_put_tcon(struct cifs_tcon *tcon)
2596 {
2597         int xid;
2598         struct cifs_ses *ses = tcon->ses;
2599
2600         cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
2601         spin_lock(&cifs_tcp_ses_lock);
2602         if (--tcon->tc_count > 0) {
2603                 spin_unlock(&cifs_tcp_ses_lock);
2604                 return;
2605         }
2606
2607         list_del_init(&tcon->tcon_list);
2608         spin_unlock(&cifs_tcp_ses_lock);
2609
2610         xid = GetXid();
2611         CIFSSMBTDis(xid, tcon);
2612         _FreeXid(xid);
2613
2614         cifs_fscache_release_super_cookie(tcon);
2615         tconInfoFree(tcon);
2616         cifs_put_smb_ses(ses);
2617 }
2618
2619 static struct cifs_tcon *
2620 cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
2621 {
2622         int rc, xid;
2623         struct cifs_tcon *tcon;
2624
2625         tcon = cifs_find_tcon(ses, volume_info->UNC);
2626         if (tcon) {
2627                 cFYI(1, "Found match on UNC path");
2628                 /* existing tcon already has a reference */
2629                 cifs_put_smb_ses(ses);
2630                 if (tcon->seal != volume_info->seal)
2631                         cERROR(1, "transport encryption setting "
2632                                    "conflicts with existing tid");
2633                 return tcon;
2634         }
2635
2636         tcon = tconInfoAlloc();
2637         if (tcon == NULL) {
2638                 rc = -ENOMEM;
2639                 goto out_fail;
2640         }
2641
2642         tcon->ses = ses;
2643         if (volume_info->password) {
2644                 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2645                 if (!tcon->password) {
2646                         rc = -ENOMEM;
2647                         goto out_fail;
2648                 }
2649         }
2650
2651         if (strchr(volume_info->UNC + 3, '\\') == NULL
2652             && strchr(volume_info->UNC + 3, '/') == NULL) {
2653                 cERROR(1, "Missing share name");
2654                 rc = -ENODEV;
2655                 goto out_fail;
2656         }
2657
2658         /* BB Do we need to wrap session_mutex around
2659          * this TCon call and Unix SetFS as
2660          * we do on SessSetup and reconnect? */
2661         xid = GetXid();
2662         rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2663         FreeXid(xid);
2664         cFYI(1, "CIFS Tcon rc = %d", rc);
2665         if (rc)
2666                 goto out_fail;
2667
2668         if (volume_info->nodfs) {
2669                 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2670                 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2671         }
2672         tcon->seal = volume_info->seal;
2673         /* we can have only one retry value for a connection
2674            to a share so for resources mounted more than once
2675            to the same server share the last value passed in
2676            for the retry flag is used */
2677         tcon->retry = volume_info->retry;
2678         tcon->nocase = volume_info->nocase;
2679         tcon->local_lease = volume_info->local_lease;
2680
2681         spin_lock(&cifs_tcp_ses_lock);
2682         list_add(&tcon->tcon_list, &ses->tcon_list);
2683         spin_unlock(&cifs_tcp_ses_lock);
2684
2685         cifs_fscache_get_super_cookie(tcon);
2686
2687         return tcon;
2688
2689 out_fail:
2690         tconInfoFree(tcon);
2691         return ERR_PTR(rc);
2692 }
2693
2694 void
2695 cifs_put_tlink(struct tcon_link *tlink)
2696 {
2697         if (!tlink || IS_ERR(tlink))
2698                 return;
2699
2700         if (!atomic_dec_and_test(&tlink->tl_count) ||
2701             test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2702                 tlink->tl_time = jiffies;
2703                 return;
2704         }
2705
2706         if (!IS_ERR(tlink_tcon(tlink)))
2707                 cifs_put_tcon(tlink_tcon(tlink));
2708         kfree(tlink);
2709         return;
2710 }
2711
2712 static inline struct tcon_link *
2713 cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2714 {
2715         return cifs_sb->master_tlink;
2716 }
2717
2718 static int
2719 compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2720 {
2721         struct cifs_sb_info *old = CIFS_SB(sb);
2722         struct cifs_sb_info *new = mnt_data->cifs_sb;
2723
2724         if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2725                 return 0;
2726
2727         if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2728             (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2729                 return 0;
2730
2731         /*
2732          * We want to share sb only if we don't specify an r/wsize or
2733          * specified r/wsize is greater than or equal to existing one.
2734          */
2735         if (new->wsize && new->wsize < old->wsize)
2736                 return 0;
2737
2738         if (new->rsize && new->rsize < old->rsize)
2739                 return 0;
2740
2741         if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2742                 return 0;
2743
2744         if (old->mnt_file_mode != new->mnt_file_mode ||
2745             old->mnt_dir_mode != new->mnt_dir_mode)
2746                 return 0;
2747
2748         if (strcmp(old->local_nls->charset, new->local_nls->charset))
2749                 return 0;
2750
2751         if (old->actimeo != new->actimeo)
2752                 return 0;
2753
2754         return 1;
2755 }
2756
2757 int
2758 cifs_match_super(struct super_block *sb, void *data)
2759 {
2760         struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2761         struct smb_vol *volume_info;
2762         struct cifs_sb_info *cifs_sb;
2763         struct TCP_Server_Info *tcp_srv;
2764         struct cifs_ses *ses;
2765         struct cifs_tcon *tcon;
2766         struct tcon_link *tlink;
2767         struct sockaddr_storage addr;
2768         int rc = 0;
2769
2770         memset(&addr, 0, sizeof(struct sockaddr_storage));
2771
2772         spin_lock(&cifs_tcp_ses_lock);
2773         cifs_sb = CIFS_SB(sb);
2774         tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2775         if (IS_ERR(tlink)) {
2776                 spin_unlock(&cifs_tcp_ses_lock);
2777                 return rc;
2778         }
2779         tcon = tlink_tcon(tlink);
2780         ses = tcon->ses;
2781         tcp_srv = ses->server;
2782
2783         volume_info = mnt_data->vol;
2784
2785         if (!volume_info->UNCip || !volume_info->UNC)
2786                 goto out;
2787
2788         rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2789                                 volume_info->UNCip,
2790                                 strlen(volume_info->UNCip),
2791                                 volume_info->port);
2792         if (!rc)
2793                 goto out;
2794
2795         if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2796             !match_session(ses, volume_info) ||
2797             !match_tcon(tcon, volume_info->UNC)) {
2798                 rc = 0;
2799                 goto out;
2800         }
2801
2802         rc = compare_mount_options(sb, mnt_data);
2803 out:
2804         spin_unlock(&cifs_tcp_ses_lock);
2805         cifs_put_tlink(tlink);
2806         return rc;
2807 }
2808
2809 int
2810 get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
2811              const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
2812              struct dfs_info3_param **preferrals, int remap)
2813 {
2814         char *temp_unc;
2815         int rc = 0;
2816
2817         *pnum_referrals = 0;
2818         *preferrals = NULL;
2819
2820         if (pSesInfo->ipc_tid == 0) {
2821                 temp_unc = kmalloc(2 /* for slashes */ +
2822                         strnlen(pSesInfo->serverName,
2823                                 SERVER_NAME_LEN_WITH_NULL * 2)
2824                                  + 1 + 4 /* slash IPC$ */  + 2,
2825                                 GFP_KERNEL);
2826                 if (temp_unc == NULL)
2827                         return -ENOMEM;
2828                 temp_unc[0] = '\\';
2829                 temp_unc[1] = '\\';
2830                 strcpy(temp_unc + 2, pSesInfo->serverName);
2831                 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2832                 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
2833                 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
2834                 kfree(temp_unc);
2835         }
2836         if (rc == 0)
2837                 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
2838                                      pnum_referrals, nls_codepage, remap);
2839         /* BB map targetUNCs to dfs_info3 structures, here or
2840                 in CIFSGetDFSRefer BB */
2841
2842         return rc;
2843 }
2844
2845 #ifdef CONFIG_DEBUG_LOCK_ALLOC
2846 static struct lock_class_key cifs_key[2];
2847 static struct lock_class_key cifs_slock_key[2];
2848
2849 static inline void
2850 cifs_reclassify_socket4(struct socket *sock)
2851 {
2852         struct sock *sk = sock->sk;
2853         BUG_ON(sock_owned_by_user(sk));
2854         sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2855                 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2856 }
2857
2858 static inline void
2859 cifs_reclassify_socket6(struct socket *sock)
2860 {
2861         struct sock *sk = sock->sk;
2862         BUG_ON(sock_owned_by_user(sk));
2863         sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2864                 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2865 }
2866 #else
2867 static inline void
2868 cifs_reclassify_socket4(struct socket *sock)
2869 {
2870 }
2871
2872 static inline void
2873 cifs_reclassify_socket6(struct socket *sock)
2874 {
2875 }
2876 #endif
2877
2878 /* See RFC1001 section 14 on representation of Netbios names */
2879 static void rfc1002mangle(char *target, char *source, unsigned int length)
2880 {
2881         unsigned int i, j;
2882
2883         for (i = 0, j = 0; i < (length); i++) {
2884                 /* mask a nibble at a time and encode */
2885                 target[j] = 'A' + (0x0F & (source[i] >> 4));
2886                 target[j+1] = 'A' + (0x0F & source[i]);
2887                 j += 2;
2888         }
2889
2890 }
2891
2892 static int
2893 bind_socket(struct TCP_Server_Info *server)
2894 {
2895         int rc = 0;
2896         if (server->srcaddr.ss_family != AF_UNSPEC) {
2897                 /* Bind to the specified local IP address */
2898                 struct socket *socket = server->ssocket;
2899                 rc = socket->ops->bind(socket,
2900                                        (struct sockaddr *) &server->srcaddr,
2901                                        sizeof(server->srcaddr));
2902                 if (rc < 0) {
2903                         struct sockaddr_in *saddr4;
2904                         struct sockaddr_in6 *saddr6;
2905                         saddr4 = (struct sockaddr_in *)&server->srcaddr;
2906                         saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2907                         if (saddr6->sin6_family == AF_INET6)
2908                                 cERROR(1, "cifs: "
2909                                        "Failed to bind to: %pI6c, error: %d\n",
2910                                        &saddr6->sin6_addr, rc);
2911                         else
2912                                 cERROR(1, "cifs: "
2913                                        "Failed to bind to: %pI4, error: %d\n",
2914                                        &saddr4->sin_addr.s_addr, rc);
2915                 }
2916         }
2917         return rc;
2918 }
2919
2920 static int
2921 ip_rfc1001_connect(struct TCP_Server_Info *server)
2922 {
2923         int rc = 0;
2924         /*
2925          * some servers require RFC1001 sessinit before sending
2926          * negprot - BB check reconnection in case where second
2927          * sessinit is sent but no second negprot
2928          */
2929         struct rfc1002_session_packet *ses_init_buf;
2930         struct smb_hdr *smb_buf;
2931         ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2932                                GFP_KERNEL);
2933         if (ses_init_buf) {
2934                 ses_init_buf->trailer.session_req.called_len = 32;
2935
2936                 if (server->server_RFC1001_name &&
2937                     server->server_RFC1001_name[0] != 0)
2938                         rfc1002mangle(ses_init_buf->trailer.
2939                                       session_req.called_name,
2940                                       server->server_RFC1001_name,
2941                                       RFC1001_NAME_LEN_WITH_NULL);
2942                 else
2943                         rfc1002mangle(ses_init_buf->trailer.
2944                                       session_req.called_name,
2945                                       DEFAULT_CIFS_CALLED_NAME,
2946                                       RFC1001_NAME_LEN_WITH_NULL);
2947
2948                 ses_init_buf->trailer.session_req.calling_len = 32;
2949
2950                 /*
2951                  * calling name ends in null (byte 16) from old smb
2952                  * convention.
2953                  */
2954                 if (server->workstation_RFC1001_name &&
2955                     server->workstation_RFC1001_name[0] != 0)
2956                         rfc1002mangle(ses_init_buf->trailer.
2957                                       session_req.calling_name,
2958                                       server->workstation_RFC1001_name,
2959                                       RFC1001_NAME_LEN_WITH_NULL);
2960                 else
2961                         rfc1002mangle(ses_init_buf->trailer.
2962                                       session_req.calling_name,
2963                                       "LINUX_CIFS_CLNT",
2964                                       RFC1001_NAME_LEN_WITH_NULL);
2965
2966                 ses_init_buf->trailer.session_req.scope1 = 0;
2967                 ses_init_buf->trailer.session_req.scope2 = 0;
2968                 smb_buf = (struct smb_hdr *)ses_init_buf;
2969
2970                 /* sizeof RFC1002_SESSION_REQUEST with no scope */
2971                 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
2972                 rc = smb_send(server, smb_buf, 0x44);
2973                 kfree(ses_init_buf);
2974                 /*
2975                  * RFC1001 layer in at least one server
2976                  * requires very short break before negprot
2977                  * presumably because not expecting negprot
2978                  * to follow so fast.  This is a simple
2979                  * solution that works without
2980                  * complicating the code and causes no
2981                  * significant slowing down on mount
2982                  * for everyone else
2983                  */
2984                 usleep_range(1000, 2000);
2985         }
2986         /*
2987          * else the negprot may still work without this
2988          * even though malloc failed
2989          */
2990
2991         return rc;
2992 }
2993
2994 static int
2995 generic_ip_connect(struct TCP_Server_Info *server)
2996 {
2997         int rc = 0;
2998         __be16 sport;
2999         int slen, sfamily;
3000         struct socket *socket = server->ssocket;
3001         struct sockaddr *saddr;
3002
3003         saddr = (struct sockaddr *) &server->dstaddr;
3004
3005         if (server->dstaddr.ss_family == AF_INET6) {
3006                 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
3007                 slen = sizeof(struct sockaddr_in6);
3008                 sfamily = AF_INET6;
3009         } else {
3010                 sport = ((struct sockaddr_in *) saddr)->sin_port;
3011                 slen = sizeof(struct sockaddr_in);
3012                 sfamily = AF_INET;
3013         }
3014
3015         if (socket == NULL) {
3016                 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
3017                                    IPPROTO_TCP, &socket, 1);
3018                 if (rc < 0) {
3019                         cERROR(1, "Error %d creating socket", rc);
3020                         server->ssocket = NULL;
3021                         return rc;
3022                 }
3023
3024                 /* BB other socket options to set KEEPALIVE, NODELAY? */
3025                 cFYI(1, "Socket created");
3026                 server->ssocket = socket;
3027                 socket->sk->sk_allocation = GFP_NOFS;
3028                 if (sfamily == AF_INET6)
3029                         cifs_reclassify_socket6(socket);
3030                 else
3031                         cifs_reclassify_socket4(socket);
3032         }
3033
3034         rc = bind_socket(server);
3035         if (rc < 0)
3036                 return rc;
3037
3038         /*
3039          * Eventually check for other socket options to change from
3040          * the default. sock_setsockopt not used because it expects
3041          * user space buffer
3042          */
3043         socket->sk->sk_rcvtimeo = 7 * HZ;
3044         socket->sk->sk_sndtimeo = 5 * HZ;
3045
3046         /* make the bufsizes depend on wsize/rsize and max requests */
3047         if (server->noautotune) {
3048                 if (socket->sk->sk_sndbuf < (200 * 1024))
3049                         socket->sk->sk_sndbuf = 200 * 1024;
3050                 if (socket->sk->sk_rcvbuf < (140 * 1024))
3051                         socket->sk->sk_rcvbuf = 140 * 1024;
3052         }
3053
3054         if (server->tcp_nodelay) {
3055                 int val = 1;
3056                 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
3057                                 (char *)&val, sizeof(val));
3058                 if (rc)
3059                         cFYI(1, "set TCP_NODELAY socket option error %d", rc);
3060         }
3061
3062          cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
3063                  socket->sk->sk_sndbuf,
3064                  socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
3065
3066         rc = socket->ops->connect(socket, saddr, slen, 0);
3067         if (rc < 0) {
3068                 cFYI(1, "Error %d connecting to server", rc);
3069                 sock_release(socket);
3070                 server->ssocket = NULL;
3071                 return rc;
3072         }
3073
3074         if (sport == htons(RFC1001_PORT))
3075                 rc = ip_rfc1001_connect(server);
3076
3077         return rc;
3078 }
3079
3080 static int
3081 ip_connect(struct TCP_Server_Info *server)
3082 {
3083         __be16 *sport;
3084         struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
3085         struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
3086
3087         if (server->dstaddr.ss_family == AF_INET6)
3088                 sport = &addr6->sin6_port;
3089         else
3090                 sport = &addr->sin_port;
3091
3092         if (*sport == 0) {
3093                 int rc;
3094
3095                 /* try with 445 port at first */
3096                 *sport = htons(CIFS_PORT);
3097
3098                 rc = generic_ip_connect(server);
3099                 if (rc >= 0)
3100                         return rc;
3101
3102                 /* if it failed, try with 139 port */
3103                 *sport = htons(RFC1001_PORT);
3104         }
3105
3106         return generic_ip_connect(server);
3107 }
3108
3109 void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
3110                           struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
3111 {
3112         /* if we are reconnecting then should we check to see if
3113          * any requested capabilities changed locally e.g. via
3114          * remount but we can not do much about it here
3115          * if they have (even if we could detect it by the following)
3116          * Perhaps we could add a backpointer to array of sb from tcon
3117          * or if we change to make all sb to same share the same
3118          * sb as NFS - then we only have one backpointer to sb.
3119          * What if we wanted to mount the server share twice once with
3120          * and once without posixacls or posix paths? */
3121         __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3122
3123         if (vol_info && vol_info->no_linux_ext) {
3124                 tcon->fsUnixInfo.Capability = 0;
3125                 tcon->unix_ext = 0; /* Unix Extensions disabled */
3126                 cFYI(1, "Linux protocol extensions disabled");
3127                 return;
3128         } else if (vol_info)
3129                 tcon->unix_ext = 1; /* Unix Extensions supported */
3130
3131         if (tcon->unix_ext == 0) {
3132                 cFYI(1, "Unix extensions disabled so not set on reconnect");
3133                 return;
3134         }
3135
3136         if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
3137                 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3138                 cFYI(1, "unix caps which server supports %lld", cap);
3139                 /* check for reconnect case in which we do not
3140                    want to change the mount behavior if we can avoid it */
3141                 if (vol_info == NULL) {
3142                         /* turn off POSIX ACL and PATHNAMES if not set
3143                            originally at mount time */
3144                         if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
3145                                 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
3146                         if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
3147                                 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
3148                                         cERROR(1, "POSIXPATH support change");
3149                                 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
3150                         } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
3151                                 cERROR(1, "possible reconnect error");
3152                                 cERROR(1, "server disabled POSIX path support");
3153                         }
3154                 }
3155
3156                 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
3157                         cERROR(1, "per-share encryption not supported yet");
3158
3159                 cap &= CIFS_UNIX_CAP_MASK;
3160                 if (vol_info && vol_info->no_psx_acl)
3161                         cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
3162                 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
3163                         cFYI(1, "negotiated posix acl support");
3164                         if (cifs_sb)
3165                                 cifs_sb->mnt_cifs_flags |=
3166                                         CIFS_MOUNT_POSIXACL;
3167                 }
3168
3169                 if (vol_info && vol_info->posix_paths == 0)
3170                         cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
3171                 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
3172                         cFYI(1, "negotiate posix pathnames");
3173                         if (cifs_sb)
3174                                 cifs_sb->mnt_cifs_flags |=
3175                                         CIFS_MOUNT_POSIX_PATHS;
3176                 }
3177
3178                 cFYI(1, "Negotiate caps 0x%x", (int)cap);
3179 #ifdef CONFIG_CIFS_DEBUG2
3180                 if (cap & CIFS_UNIX_FCNTL_CAP)
3181                         cFYI(1, "FCNTL cap");
3182                 if (cap & CIFS_UNIX_EXTATTR_CAP)
3183                         cFYI(1, "EXTATTR cap");
3184                 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
3185                         cFYI(1, "POSIX path cap");
3186                 if (cap & CIFS_UNIX_XATTR_CAP)
3187                         cFYI(1, "XATTR cap");
3188                 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
3189                         cFYI(1, "POSIX ACL cap");
3190                 if (cap & CIFS_UNIX_LARGE_READ_CAP)
3191                         cFYI(1, "very large read cap");
3192                 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
3193                         cFYI(1, "very large write cap");
3194                 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
3195                         cFYI(1, "transport encryption cap");
3196                 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
3197                         cFYI(1, "mandatory transport encryption cap");
3198 #endif /* CIFS_DEBUG2 */
3199                 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
3200                         if (vol_info == NULL) {
3201                                 cFYI(1, "resetting capabilities failed");
3202                         } else
3203                                 cERROR(1, "Negotiating Unix capabilities "
3204                                            "with the server failed.  Consider "
3205                                            "mounting with the Unix Extensions\n"
3206                                            "disabled, if problems are found, "
3207                                            "by specifying the nounix mount "
3208                                            "option.");
3209
3210                 }
3211         }
3212 }
3213
3214 void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,