Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mjg59/platf...
[pandora-kernel.git] / fs / cifs / connect.c
1 /*
2  *   fs/cifs/connect.c
3  *
4  *   Copyright (C) International Business Machines  Corp., 2002,2009
5  *   Author(s): Steve French (sfrench@us.ibm.com)
6  *
7  *   This library is free software; you can redistribute it and/or modify
8  *   it under the terms of the GNU Lesser General Public License as published
9  *   by the Free Software Foundation; either version 2.1 of the License, or
10  *   (at your option) any later version.
11  *
12  *   This library is distributed in the hope that it will be useful,
13  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
14  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
15  *   the GNU Lesser General Public License for more details.
16  *
17  *   You should have received a copy of the GNU Lesser General Public License
18  *   along with this library; if not, write to the Free Software
19  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20  */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/slab.h>
27 #include <linux/pagemap.h>
28 #include <linux/ctype.h>
29 #include <linux/utsname.h>
30 #include <linux/mempool.h>
31 #include <linux/delay.h>
32 #include <linux/completion.h>
33 #include <linux/kthread.h>
34 #include <linux/pagevec.h>
35 #include <linux/freezer.h>
36 #include <linux/namei.h>
37 #include <asm/uaccess.h>
38 #include <asm/processor.h>
39 #include <linux/inet.h>
40 #include <net/ipv6.h>
41 #include "cifspdu.h"
42 #include "cifsglob.h"
43 #include "cifsproto.h"
44 #include "cifs_unicode.h"
45 #include "cifs_debug.h"
46 #include "cifs_fs_sb.h"
47 #include "ntlmssp.h"
48 #include "nterr.h"
49 #include "rfc1002pdu.h"
50 #include "fscache.h"
51
52 #define CIFS_PORT 445
53 #define RFC1001_PORT 139
54
55 /* SMB echo "timeout" -- FIXME: tunable? */
56 #define SMB_ECHO_INTERVAL (60 * HZ)
57
58 extern mempool_t *cifs_req_poolp;
59
60 struct smb_vol {
61         char *username;
62         char *password;
63         char *domainname;
64         char *UNC;
65         char *UNCip;
66         char *iocharset;  /* local code page for mapping to and from Unicode */
67         char source_rfc1001_name[RFC1001_NAME_LEN_WITH_NULL]; /* clnt nb name */
68         char target_rfc1001_name[RFC1001_NAME_LEN_WITH_NULL]; /* srvr nb name */
69         uid_t cred_uid;
70         uid_t linux_uid;
71         gid_t linux_gid;
72         mode_t file_mode;
73         mode_t dir_mode;
74         unsigned secFlg;
75         bool retry:1;
76         bool intr:1;
77         bool setuids:1;
78         bool override_uid:1;
79         bool override_gid:1;
80         bool dynperm:1;
81         bool noperm:1;
82         bool no_psx_acl:1; /* set if posix acl support should be disabled */
83         bool cifs_acl:1;
84         bool no_xattr:1;   /* set if xattr (EA) support should be disabled*/
85         bool server_ino:1; /* use inode numbers from server ie UniqueId */
86         bool direct_io:1;
87         bool strict_io:1; /* strict cache behavior */
88         bool remap:1;      /* set to remap seven reserved chars in filenames */
89         bool posix_paths:1; /* unset to not ask for posix pathnames. */
90         bool no_linux_ext:1;
91         bool sfu_emul:1;
92         bool nullauth:1;   /* attempt to authenticate with null user */
93         bool nocase:1;     /* request case insensitive filenames */
94         bool nobrl:1;      /* disable sending byte range locks to srv */
95         bool mand_lock:1;  /* send mandatory not posix byte range lock reqs */
96         bool seal:1;       /* request transport encryption on share */
97         bool nodfs:1;      /* Do not request DFS, even if available */
98         bool local_lease:1; /* check leases only on local system, not remote */
99         bool noblocksnd:1;
100         bool noautotune:1;
101         bool nostrictsync:1; /* do not force expensive SMBflush on every sync */
102         bool fsc:1;     /* enable fscache */
103         bool mfsymlinks:1; /* use Minshall+French Symlinks */
104         bool multiuser:1;
105         unsigned int rsize;
106         unsigned int wsize;
107         bool sockopt_tcp_nodelay:1;
108         unsigned short int port;
109         unsigned long actimeo; /* attribute cache timeout (jiffies) */
110         char *prepath;
111         struct sockaddr_storage srcaddr; /* allow binding to a local IP */
112         struct nls_table *local_nls;
113 };
114
115 /* FIXME: should these be tunable? */
116 #define TLINK_ERROR_EXPIRE      (1 * HZ)
117 #define TLINK_IDLE_EXPIRE       (600 * HZ)
118
119 static int ip_connect(struct TCP_Server_Info *server);
120 static int generic_ip_connect(struct TCP_Server_Info *server);
121 static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
122 static void cifs_prune_tlinks(struct work_struct *work);
123
124 /*
125  * cifs tcp session reconnection
126  *
127  * mark tcp session as reconnecting so temporarily locked
128  * mark all smb sessions as reconnecting for tcp session
129  * reconnect tcp session
130  * wake up waiters on reconnection? - (not needed currently)
131  */
132 static int
133 cifs_reconnect(struct TCP_Server_Info *server)
134 {
135         int rc = 0;
136         struct list_head *tmp, *tmp2;
137         struct cifsSesInfo *ses;
138         struct cifsTconInfo *tcon;
139         struct mid_q_entry *mid_entry;
140
141         spin_lock(&GlobalMid_Lock);
142         if (server->tcpStatus == CifsExiting) {
143                 /* the demux thread will exit normally
144                 next time through the loop */
145                 spin_unlock(&GlobalMid_Lock);
146                 return rc;
147         } else
148                 server->tcpStatus = CifsNeedReconnect;
149         spin_unlock(&GlobalMid_Lock);
150         server->maxBuf = 0;
151
152         cFYI(1, "Reconnecting tcp session");
153
154         /* before reconnecting the tcp session, mark the smb session (uid)
155                 and the tid bad so they are not used until reconnected */
156         cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
157         spin_lock(&cifs_tcp_ses_lock);
158         list_for_each(tmp, &server->smb_ses_list) {
159                 ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list);
160                 ses->need_reconnect = true;
161                 ses->ipc_tid = 0;
162                 list_for_each(tmp2, &ses->tcon_list) {
163                         tcon = list_entry(tmp2, struct cifsTconInfo, tcon_list);
164                         tcon->need_reconnect = true;
165                 }
166         }
167         spin_unlock(&cifs_tcp_ses_lock);
168
169         /* do not want to be sending data on a socket we are freeing */
170         cFYI(1, "%s: tearing down socket", __func__);
171         mutex_lock(&server->srv_mutex);
172         if (server->ssocket) {
173                 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
174                         server->ssocket->flags);
175                 kernel_sock_shutdown(server->ssocket, SHUT_WR);
176                 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
177                         server->ssocket->state,
178                         server->ssocket->flags);
179                 sock_release(server->ssocket);
180                 server->ssocket = NULL;
181         }
182         server->sequence_number = 0;
183         server->session_estab = false;
184         kfree(server->session_key.response);
185         server->session_key.response = NULL;
186         server->session_key.len = 0;
187         server->lstrp = jiffies;
188         mutex_unlock(&server->srv_mutex);
189
190         /* mark submitted MIDs for retry and issue callback */
191         cFYI(1, "%s: issuing mid callbacks", __func__);
192         spin_lock(&GlobalMid_Lock);
193         list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
194                 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
195                 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
196                         mid_entry->midState = MID_RETRY_NEEDED;
197                 list_del_init(&mid_entry->qhead);
198                 mid_entry->callback(mid_entry);
199         }
200         spin_unlock(&GlobalMid_Lock);
201
202         while ((server->tcpStatus != CifsExiting) &&
203                (server->tcpStatus != CifsGood)) {
204                 try_to_freeze();
205
206                 /* we should try only the port we connected to before */
207                 rc = generic_ip_connect(server);
208                 if (rc) {
209                         cFYI(1, "reconnect error %d", rc);
210                         msleep(3000);
211                 } else {
212                         atomic_inc(&tcpSesReconnectCount);
213                         spin_lock(&GlobalMid_Lock);
214                         if (server->tcpStatus != CifsExiting)
215                                 server->tcpStatus = CifsGood;
216                         spin_unlock(&GlobalMid_Lock);
217                 }
218         }
219
220         return rc;
221 }
222
223 /*
224         return codes:
225                 0       not a transact2, or all data present
226                 >0      transact2 with that much data missing
227                 -EINVAL = invalid transact2
228
229  */
230 static int check2ndT2(struct smb_hdr *pSMB, unsigned int maxBufSize)
231 {
232         struct smb_t2_rsp *pSMBt;
233         int remaining;
234         __u16 total_data_size, data_in_this_rsp;
235
236         if (pSMB->Command != SMB_COM_TRANSACTION2)
237                 return 0;
238
239         /* check for plausible wct, bcc and t2 data and parm sizes */
240         /* check for parm and data offset going beyond end of smb */
241         if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
242                 cFYI(1, "invalid transact2 word count");
243                 return -EINVAL;
244         }
245
246         pSMBt = (struct smb_t2_rsp *)pSMB;
247
248         total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
249         data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
250
251         remaining = total_data_size - data_in_this_rsp;
252
253         if (remaining == 0)
254                 return 0;
255         else if (remaining < 0) {
256                 cFYI(1, "total data %d smaller than data in frame %d",
257                         total_data_size, data_in_this_rsp);
258                 return -EINVAL;
259         } else {
260                 cFYI(1, "missing %d bytes from transact2, check next response",
261                         remaining);
262                 if (total_data_size > maxBufSize) {
263                         cERROR(1, "TotalDataSize %d is over maximum buffer %d",
264                                 total_data_size, maxBufSize);
265                         return -EINVAL;
266                 }
267                 return remaining;
268         }
269 }
270
271 static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
272 {
273         struct smb_t2_rsp *pSMB2 = (struct smb_t2_rsp *)psecond;
274         struct smb_t2_rsp *pSMBt  = (struct smb_t2_rsp *)pTargetSMB;
275         char *data_area_of_target;
276         char *data_area_of_buf2;
277         int remaining;
278         __u16 byte_count, total_data_size, total_in_buf, total_in_buf2;
279
280         total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
281
282         if (total_data_size !=
283             get_unaligned_le16(&pSMB2->t2_rsp.TotalDataCount))
284                 cFYI(1, "total data size of primary and secondary t2 differ");
285
286         total_in_buf = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
287
288         remaining = total_data_size - total_in_buf;
289
290         if (remaining < 0)
291                 return -EINVAL;
292
293         if (remaining == 0) /* nothing to do, ignore */
294                 return 0;
295
296         total_in_buf2 = get_unaligned_le16(&pSMB2->t2_rsp.DataCount);
297         if (remaining < total_in_buf2) {
298                 cFYI(1, "transact2 2nd response contains too much data");
299         }
300
301         /* find end of first SMB data area */
302         data_area_of_target = (char *)&pSMBt->hdr.Protocol +
303                                 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
304         /* validate target area */
305
306         data_area_of_buf2 = (char *)&pSMB2->hdr.Protocol +
307                                 get_unaligned_le16(&pSMB2->t2_rsp.DataOffset);
308
309         data_area_of_target += total_in_buf;
310
311         /* copy second buffer into end of first buffer */
312         memcpy(data_area_of_target, data_area_of_buf2, total_in_buf2);
313         total_in_buf += total_in_buf2;
314         put_unaligned_le16(total_in_buf, &pSMBt->t2_rsp.DataCount);
315         byte_count = get_bcc_le(pTargetSMB);
316         byte_count += total_in_buf2;
317         put_bcc_le(byte_count, pTargetSMB);
318
319         byte_count = pTargetSMB->smb_buf_length;
320         byte_count += total_in_buf2;
321
322         /* BB also add check that we are not beyond maximum buffer size */
323
324         pTargetSMB->smb_buf_length = byte_count;
325
326         if (remaining == total_in_buf2) {
327                 cFYI(1, "found the last secondary response");
328                 return 0; /* we are done */
329         } else /* more responses to go */
330                 return 1;
331 }
332
333 static void
334 cifs_echo_request(struct work_struct *work)
335 {
336         int rc;
337         struct TCP_Server_Info *server = container_of(work,
338                                         struct TCP_Server_Info, echo.work);
339
340         /*
341          * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
342          * done, which is indicated by maxBuf != 0. Also, no need to ping if
343          * we got a response recently
344          */
345         if (server->maxBuf == 0 ||
346             time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
347                 goto requeue_echo;
348
349         rc = CIFSSMBEcho(server);
350         if (rc)
351                 cFYI(1, "Unable to send echo request to server: %s",
352                         server->hostname);
353
354 requeue_echo:
355         queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
356 }
357
358 static int
359 cifs_demultiplex_thread(struct TCP_Server_Info *server)
360 {
361         int length;
362         unsigned int pdu_length, total_read;
363         struct smb_hdr *smb_buffer = NULL;
364         struct smb_hdr *bigbuf = NULL;
365         struct smb_hdr *smallbuf = NULL;
366         struct msghdr smb_msg;
367         struct kvec iov;
368         struct socket *csocket = server->ssocket;
369         struct list_head *tmp, *tmp2;
370         struct task_struct *task_to_wake = NULL;
371         struct mid_q_entry *mid_entry;
372         char temp;
373         bool isLargeBuf = false;
374         bool isMultiRsp;
375         int reconnect;
376
377         current->flags |= PF_MEMALLOC;
378         cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
379
380         length = atomic_inc_return(&tcpSesAllocCount);
381         if (length > 1)
382                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
383                                 GFP_KERNEL);
384
385         set_freezable();
386         while (server->tcpStatus != CifsExiting) {
387                 if (try_to_freeze())
388                         continue;
389                 if (bigbuf == NULL) {
390                         bigbuf = cifs_buf_get();
391                         if (!bigbuf) {
392                                 cERROR(1, "No memory for large SMB response");
393                                 msleep(3000);
394                                 /* retry will check if exiting */
395                                 continue;
396                         }
397                 } else if (isLargeBuf) {
398                         /* we are reusing a dirty large buf, clear its start */
399                         memset(bigbuf, 0, sizeof(struct smb_hdr));
400                 }
401
402                 if (smallbuf == NULL) {
403                         smallbuf = cifs_small_buf_get();
404                         if (!smallbuf) {
405                                 cERROR(1, "No memory for SMB response");
406                                 msleep(1000);
407                                 /* retry will check if exiting */
408                                 continue;
409                         }
410                         /* beginning of smb buffer is cleared in our buf_get */
411                 } else /* if existing small buf clear beginning */
412                         memset(smallbuf, 0, sizeof(struct smb_hdr));
413
414                 isLargeBuf = false;
415                 isMultiRsp = false;
416                 smb_buffer = smallbuf;
417                 iov.iov_base = smb_buffer;
418                 iov.iov_len = 4;
419                 smb_msg.msg_control = NULL;
420                 smb_msg.msg_controllen = 0;
421                 pdu_length = 4; /* enough to get RFC1001 header */
422
423 incomplete_rcv:
424                 if (echo_retries > 0 &&
425                     time_after(jiffies, server->lstrp +
426                                         (echo_retries * SMB_ECHO_INTERVAL))) {
427                         cERROR(1, "Server %s has not responded in %d seconds. "
428                                   "Reconnecting...", server->hostname,
429                                   (echo_retries * SMB_ECHO_INTERVAL / HZ));
430                         cifs_reconnect(server);
431                         csocket = server->ssocket;
432                         wake_up(&server->response_q);
433                         continue;
434                 }
435
436                 length =
437                     kernel_recvmsg(csocket, &smb_msg,
438                                 &iov, 1, pdu_length, 0 /* BB other flags? */);
439
440                 if (server->tcpStatus == CifsExiting) {
441                         break;
442                 } else if (server->tcpStatus == CifsNeedReconnect) {
443                         cFYI(1, "Reconnect after server stopped responding");
444                         cifs_reconnect(server);
445                         cFYI(1, "call to reconnect done");
446                         csocket = server->ssocket;
447                         continue;
448                 } else if (length == -ERESTARTSYS ||
449                            length == -EAGAIN ||
450                            length == -EINTR) {
451                         msleep(1); /* minimum sleep to prevent looping
452                                 allowing socket to clear and app threads to set
453                                 tcpStatus CifsNeedReconnect if server hung */
454                         if (pdu_length < 4) {
455                                 iov.iov_base = (4 - pdu_length) +
456                                                         (char *)smb_buffer;
457                                 iov.iov_len = pdu_length;
458                                 smb_msg.msg_control = NULL;
459                                 smb_msg.msg_controllen = 0;
460                                 goto incomplete_rcv;
461                         } else
462                                 continue;
463                 } else if (length <= 0) {
464                         cFYI(1, "Reconnect after unexpected peek error %d",
465                                 length);
466                         cifs_reconnect(server);
467                         csocket = server->ssocket;
468                         wake_up(&server->response_q);
469                         continue;
470                 } else if (length < pdu_length) {
471                         cFYI(1, "requested %d bytes but only got %d bytes",
472                                   pdu_length, length);
473                         pdu_length -= length;
474                         msleep(1);
475                         goto incomplete_rcv;
476                 }
477
478                 /* The right amount was read from socket - 4 bytes */
479                 /* so we can now interpret the length field */
480
481                 /* the first byte big endian of the length field,
482                 is actually not part of the length but the type
483                 with the most common, zero, as regular data */
484                 temp = *((char *) smb_buffer);
485
486                 /* Note that FC 1001 length is big endian on the wire,
487                 but we convert it here so it is always manipulated
488                 as host byte order */
489                 pdu_length = be32_to_cpu((__force __be32)smb_buffer->smb_buf_length);
490                 smb_buffer->smb_buf_length = pdu_length;
491
492                 cFYI(1, "rfc1002 length 0x%x", pdu_length+4);
493
494                 if (temp == (char) RFC1002_SESSION_KEEP_ALIVE) {
495                         continue;
496                 } else if (temp == (char)RFC1002_POSITIVE_SESSION_RESPONSE) {
497                         cFYI(1, "Good RFC 1002 session rsp");
498                         continue;
499                 } else if (temp == (char)RFC1002_NEGATIVE_SESSION_RESPONSE) {
500                         /* we get this from Windows 98 instead of
501                            an error on SMB negprot response */
502                         cFYI(1, "Negative RFC1002 Session Response Error 0x%x)",
503                                 pdu_length);
504                         /* give server a second to clean up  */
505                         msleep(1000);
506                         /* always try 445 first on reconnect since we get NACK
507                          * on some if we ever connected to port 139 (the NACK
508                          * is since we do not begin with RFC1001 session
509                          * initialize frame)
510                          */
511                         cifs_set_port((struct sockaddr *)
512                                         &server->dstaddr, CIFS_PORT);
513                         cifs_reconnect(server);
514                         csocket = server->ssocket;
515                         wake_up(&server->response_q);
516                         continue;
517                 } else if (temp != (char) 0) {
518                         cERROR(1, "Unknown RFC 1002 frame");
519                         cifs_dump_mem(" Received Data: ", (char *)smb_buffer,
520                                       length);
521                         cifs_reconnect(server);
522                         csocket = server->ssocket;
523                         continue;
524                 }
525
526                 /* else we have an SMB response */
527                 if ((pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) ||
528                             (pdu_length < sizeof(struct smb_hdr) - 1 - 4)) {
529                         cERROR(1, "Invalid size SMB length %d pdu_length %d",
530                                         length, pdu_length+4);
531                         cifs_reconnect(server);
532                         csocket = server->ssocket;
533                         wake_up(&server->response_q);
534                         continue;
535                 }
536
537                 /* else length ok */
538                 reconnect = 0;
539
540                 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
541                         isLargeBuf = true;
542                         memcpy(bigbuf, smallbuf, 4);
543                         smb_buffer = bigbuf;
544                 }
545                 length = 0;
546                 iov.iov_base = 4 + (char *)smb_buffer;
547                 iov.iov_len = pdu_length;
548                 for (total_read = 0; total_read < pdu_length;
549                      total_read += length) {
550                         length = kernel_recvmsg(csocket, &smb_msg, &iov, 1,
551                                                 pdu_length - total_read, 0);
552                         if (server->tcpStatus == CifsExiting) {
553                                 /* then will exit */
554                                 reconnect = 2;
555                                 break;
556                         } else if (server->tcpStatus == CifsNeedReconnect) {
557                                 cifs_reconnect(server);
558                                 csocket = server->ssocket;
559                                 /* Reconnect wakes up rspns q */
560                                 /* Now we will reread sock */
561                                 reconnect = 1;
562                                 break;
563                         } else if (length == -ERESTARTSYS ||
564                                    length == -EAGAIN ||
565                                    length == -EINTR) {
566                                 msleep(1); /* minimum sleep to prevent looping,
567                                               allowing socket to clear and app
568                                               threads to set tcpStatus
569                                               CifsNeedReconnect if server hung*/
570                                 length = 0;
571                                 continue;
572                         } else if (length <= 0) {
573                                 cERROR(1, "Received no data, expecting %d",
574                                               pdu_length - total_read);
575                                 cifs_reconnect(server);
576                                 csocket = server->ssocket;
577                                 reconnect = 1;
578                                 break;
579                         }
580                 }
581                 if (reconnect == 2)
582                         break;
583                 else if (reconnect == 1)
584                         continue;
585
586                 total_read += 4; /* account for rfc1002 hdr */
587
588                 dump_smb(smb_buffer, total_read);
589
590                 /*
591                  * We know that we received enough to get to the MID as we
592                  * checked the pdu_length earlier. Now check to see
593                  * if the rest of the header is OK. We borrow the length
594                  * var for the rest of the loop to avoid a new stack var.
595                  *
596                  * 48 bytes is enough to display the header and a little bit
597                  * into the payload for debugging purposes.
598                  */
599                 length = checkSMB(smb_buffer, smb_buffer->Mid, total_read);
600                 if (length != 0)
601                         cifs_dump_mem("Bad SMB: ", smb_buffer,
602                                         min_t(unsigned int, total_read, 48));
603
604                 mid_entry = NULL;
605                 server->lstrp = jiffies;
606
607                 spin_lock(&GlobalMid_Lock);
608                 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
609                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
610
611                         if ((mid_entry->mid == smb_buffer->Mid) &&
612                             (mid_entry->midState == MID_REQUEST_SUBMITTED) &&
613                             (mid_entry->command == smb_buffer->Command)) {
614                                 if (length == 0 &&
615                                    check2ndT2(smb_buffer, server->maxBuf) > 0) {
616                                         /* We have a multipart transact2 resp */
617                                         isMultiRsp = true;
618                                         if (mid_entry->resp_buf) {
619                                                 /* merge response - fix up 1st*/
620                                                 if (coalesce_t2(smb_buffer,
621                                                         mid_entry->resp_buf)) {
622                                                         mid_entry->multiRsp =
623                                                                  true;
624                                                         break;
625                                                 } else {
626                                                         /* all parts received */
627                                                         mid_entry->multiEnd =
628                                                                  true;
629                                                         goto multi_t2_fnd;
630                                                 }
631                                         } else {
632                                                 if (!isLargeBuf) {
633                                                         cERROR(1, "1st trans2 resp needs bigbuf");
634                                         /* BB maybe we can fix this up,  switch
635                                            to already allocated large buffer? */
636                                                 } else {
637                                                         /* Have first buffer */
638                                                         mid_entry->resp_buf =
639                                                                  smb_buffer;
640                                                         mid_entry->largeBuf =
641                                                                  true;
642                                                         bigbuf = NULL;
643                                                 }
644                                         }
645                                         break;
646                                 }
647                                 mid_entry->resp_buf = smb_buffer;
648                                 mid_entry->largeBuf = isLargeBuf;
649 multi_t2_fnd:
650                                 if (length == 0)
651                                         mid_entry->midState =
652                                                         MID_RESPONSE_RECEIVED;
653                                 else
654                                         mid_entry->midState =
655                                                         MID_RESPONSE_MALFORMED;
656 #ifdef CONFIG_CIFS_STATS2
657                                 mid_entry->when_received = jiffies;
658 #endif
659                                 list_del_init(&mid_entry->qhead);
660                                 mid_entry->callback(mid_entry);
661                                 break;
662                         }
663                         mid_entry = NULL;
664                 }
665                 spin_unlock(&GlobalMid_Lock);
666
667                 if (mid_entry != NULL) {
668                         /* Was previous buf put in mpx struct for multi-rsp? */
669                         if (!isMultiRsp) {
670                                 /* smb buffer will be freed by user thread */
671                                 if (isLargeBuf)
672                                         bigbuf = NULL;
673                                 else
674                                         smallbuf = NULL;
675                         }
676                 } else if (length != 0) {
677                         /* response sanity checks failed */
678                         continue;
679                 } else if (!is_valid_oplock_break(smb_buffer, server) &&
680                            !isMultiRsp) {
681                         cERROR(1, "No task to wake, unknown frame received! "
682                                    "NumMids %d", atomic_read(&midCount));
683                         cifs_dump_mem("Received Data is: ", (char *)smb_buffer,
684                                       sizeof(struct smb_hdr));
685 #ifdef CONFIG_CIFS_DEBUG2
686                         cifs_dump_detail(smb_buffer);
687                         cifs_dump_mids(server);
688 #endif /* CIFS_DEBUG2 */
689
690                 }
691         } /* end while !EXITING */
692
693         /* take it off the list, if it's not already */
694         spin_lock(&cifs_tcp_ses_lock);
695         list_del_init(&server->tcp_ses_list);
696         spin_unlock(&cifs_tcp_ses_lock);
697
698         spin_lock(&GlobalMid_Lock);
699         server->tcpStatus = CifsExiting;
700         spin_unlock(&GlobalMid_Lock);
701         wake_up_all(&server->response_q);
702
703         /* check if we have blocked requests that need to free */
704         /* Note that cifs_max_pending is normally 50, but
705         can be set at module install time to as little as two */
706         spin_lock(&GlobalMid_Lock);
707         if (atomic_read(&server->inFlight) >= cifs_max_pending)
708                 atomic_set(&server->inFlight, cifs_max_pending - 1);
709         /* We do not want to set the max_pending too low or we
710         could end up with the counter going negative */
711         spin_unlock(&GlobalMid_Lock);
712         /* Although there should not be any requests blocked on
713         this queue it can not hurt to be paranoid and try to wake up requests
714         that may haven been blocked when more than 50 at time were on the wire
715         to the same server - they now will see the session is in exit state
716         and get out of SendReceive.  */
717         wake_up_all(&server->request_q);
718         /* give those requests time to exit */
719         msleep(125);
720
721         if (server->ssocket) {
722                 sock_release(csocket);
723                 server->ssocket = NULL;
724         }
725         /* buffer usuallly freed in free_mid - need to free it here on exit */
726         cifs_buf_release(bigbuf);
727         if (smallbuf) /* no sense logging a debug message if NULL */
728                 cifs_small_buf_release(smallbuf);
729
730         if (!list_empty(&server->pending_mid_q)) {
731                 spin_lock(&GlobalMid_Lock);
732                 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
733                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
734                         cFYI(1, "Clearing Mid 0x%x - issuing callback",
735                                          mid_entry->mid);
736                         list_del_init(&mid_entry->qhead);
737                         mid_entry->callback(mid_entry);
738                 }
739                 spin_unlock(&GlobalMid_Lock);
740                 /* 1/8th of sec is more than enough time for them to exit */
741                 msleep(125);
742         }
743
744         if (!list_empty(&server->pending_mid_q)) {
745                 /* mpx threads have not exited yet give them
746                 at least the smb send timeout time for long ops */
747                 /* due to delays on oplock break requests, we need
748                 to wait at least 45 seconds before giving up
749                 on a request getting a response and going ahead
750                 and killing cifsd */
751                 cFYI(1, "Wait for exit from demultiplex thread");
752                 msleep(46000);
753                 /* if threads still have not exited they are probably never
754                 coming home not much else we can do but free the memory */
755         }
756
757         kfree(server->hostname);
758         task_to_wake = xchg(&server->tsk, NULL);
759         kfree(server);
760
761         length = atomic_dec_return(&tcpSesAllocCount);
762         if (length  > 0)
763                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
764                                 GFP_KERNEL);
765
766         /* if server->tsk was NULL then wait for a signal before exiting */
767         if (!task_to_wake) {
768                 set_current_state(TASK_INTERRUPTIBLE);
769                 while (!signal_pending(current)) {
770                         schedule();
771                         set_current_state(TASK_INTERRUPTIBLE);
772                 }
773                 set_current_state(TASK_RUNNING);
774         }
775
776         module_put_and_exit(0);
777 }
778
779 /* extract the host portion of the UNC string */
780 static char *
781 extract_hostname(const char *unc)
782 {
783         const char *src;
784         char *dst, *delim;
785         unsigned int len;
786
787         /* skip double chars at beginning of string */
788         /* BB: check validity of these bytes? */
789         src = unc + 2;
790
791         /* delimiter between hostname and sharename is always '\\' now */
792         delim = strchr(src, '\\');
793         if (!delim)
794                 return ERR_PTR(-EINVAL);
795
796         len = delim - src;
797         dst = kmalloc((len + 1), GFP_KERNEL);
798         if (dst == NULL)
799                 return ERR_PTR(-ENOMEM);
800
801         memcpy(dst, src, len);
802         dst[len] = '\0';
803
804         return dst;
805 }
806
807 static int
808 cifs_parse_mount_options(char *options, const char *devname,
809                          struct smb_vol *vol)
810 {
811         char *value;
812         char *data;
813         unsigned int  temp_len, i, j;
814         char separator[2];
815         short int override_uid = -1;
816         short int override_gid = -1;
817         bool uid_specified = false;
818         bool gid_specified = false;
819         char *nodename = utsname()->nodename;
820
821         separator[0] = ',';
822         separator[1] = 0;
823
824         /*
825          * does not have to be perfect mapping since field is
826          * informational, only used for servers that do not support
827          * port 445 and it can be overridden at mount time
828          */
829         memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
830         for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
831                 vol->source_rfc1001_name[i] = toupper(nodename[i]);
832
833         vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
834         /* null target name indicates to use *SMBSERVR default called name
835            if we end up sending RFC1001 session initialize */
836         vol->target_rfc1001_name[0] = 0;
837         vol->cred_uid = current_uid();
838         vol->linux_uid = current_uid();
839         vol->linux_gid = current_gid();
840
841         /* default to only allowing write access to owner of the mount */
842         vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
843
844         /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
845         /* default is always to request posix paths. */
846         vol->posix_paths = 1;
847         /* default to using server inode numbers where available */
848         vol->server_ino = 1;
849
850         vol->actimeo = CIFS_DEF_ACTIMEO;
851
852         if (!options)
853                 return 1;
854
855         if (strncmp(options, "sep=", 4) == 0) {
856                 if (options[4] != 0) {
857                         separator[0] = options[4];
858                         options += 5;
859                 } else {
860                         cFYI(1, "Null separator not allowed");
861                 }
862         }
863
864         while ((data = strsep(&options, separator)) != NULL) {
865                 if (!*data)
866                         continue;
867                 if ((value = strchr(data, '=')) != NULL)
868                         *value++ = '\0';
869
870                 /* Have to parse this before we parse for "user" */
871                 if (strnicmp(data, "user_xattr", 10) == 0) {
872                         vol->no_xattr = 0;
873                 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
874                         vol->no_xattr = 1;
875                 } else if (strnicmp(data, "user", 4) == 0) {
876                         if (!value) {
877                                 printk(KERN_WARNING
878                                        "CIFS: invalid or missing username\n");
879                                 return 1;       /* needs_arg; */
880                         } else if (!*value) {
881                                 /* null user, ie anonymous, authentication */
882                                 vol->nullauth = 1;
883                         }
884                         if (strnlen(value, 200) < 200) {
885                                 vol->username = value;
886                         } else {
887                                 printk(KERN_WARNING "CIFS: username too long\n");
888                                 return 1;
889                         }
890                 } else if (strnicmp(data, "pass", 4) == 0) {
891                         if (!value) {
892                                 vol->password = NULL;
893                                 continue;
894                         } else if (value[0] == 0) {
895                                 /* check if string begins with double comma
896                                    since that would mean the password really
897                                    does start with a comma, and would not
898                                    indicate an empty string */
899                                 if (value[1] != separator[0]) {
900                                         vol->password = NULL;
901                                         continue;
902                                 }
903                         }
904                         temp_len = strlen(value);
905                         /* removed password length check, NTLM passwords
906                                 can be arbitrarily long */
907
908                         /* if comma in password, the string will be
909                         prematurely null terminated.  Commas in password are
910                         specified across the cifs mount interface by a double
911                         comma ie ,, and a comma used as in other cases ie ','
912                         as a parameter delimiter/separator is single and due
913                         to the strsep above is temporarily zeroed. */
914
915                         /* NB: password legally can have multiple commas and
916                         the only illegal character in a password is null */
917
918                         if ((value[temp_len] == 0) &&
919                             (value[temp_len+1] == separator[0])) {
920                                 /* reinsert comma */
921                                 value[temp_len] = separator[0];
922                                 temp_len += 2;  /* move after second comma */
923                                 while (value[temp_len] != 0)  {
924                                         if (value[temp_len] == separator[0]) {
925                                                 if (value[temp_len+1] ==
926                                                      separator[0]) {
927                                                 /* skip second comma */
928                                                         temp_len++;
929                                                 } else {
930                                                 /* single comma indicating start
931                                                          of next parm */
932                                                         break;
933                                                 }
934                                         }
935                                         temp_len++;
936                                 }
937                                 if (value[temp_len] == 0) {
938                                         options = NULL;
939                                 } else {
940                                         value[temp_len] = 0;
941                                         /* point option to start of next parm */
942                                         options = value + temp_len + 1;
943                                 }
944                                 /* go from value to value + temp_len condensing
945                                 double commas to singles. Note that this ends up
946                                 allocating a few bytes too many, which is ok */
947                                 vol->password = kzalloc(temp_len, GFP_KERNEL);
948                                 if (vol->password == NULL) {
949                                         printk(KERN_WARNING "CIFS: no memory "
950                                                             "for password\n");
951                                         return 1;
952                                 }
953                                 for (i = 0, j = 0; i < temp_len; i++, j++) {
954                                         vol->password[j] = value[i];
955                                         if (value[i] == separator[0]
956                                                 && value[i+1] == separator[0]) {
957                                                 /* skip second comma */
958                                                 i++;
959                                         }
960                                 }
961                                 vol->password[j] = 0;
962                         } else {
963                                 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
964                                 if (vol->password == NULL) {
965                                         printk(KERN_WARNING "CIFS: no memory "
966                                                             "for password\n");
967                                         return 1;
968                                 }
969                                 strcpy(vol->password, value);
970                         }
971                 } else if (!strnicmp(data, "ip", 2) ||
972                            !strnicmp(data, "addr", 4)) {
973                         if (!value || !*value) {
974                                 vol->UNCip = NULL;
975                         } else if (strnlen(value, INET6_ADDRSTRLEN) <
976                                                         INET6_ADDRSTRLEN) {
977                                 vol->UNCip = value;
978                         } else {
979                                 printk(KERN_WARNING "CIFS: ip address "
980                                                     "too long\n");
981                                 return 1;
982                         }
983                 } else if (strnicmp(data, "sec", 3) == 0) {
984                         if (!value || !*value) {
985                                 cERROR(1, "no security value specified");
986                                 continue;
987                         } else if (strnicmp(value, "krb5i", 5) == 0) {
988                                 vol->secFlg |= CIFSSEC_MAY_KRB5 |
989                                         CIFSSEC_MUST_SIGN;
990                         } else if (strnicmp(value, "krb5p", 5) == 0) {
991                                 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
992                                         CIFSSEC_MAY_KRB5; */
993                                 cERROR(1, "Krb5 cifs privacy not supported");
994                                 return 1;
995                         } else if (strnicmp(value, "krb5", 4) == 0) {
996                                 vol->secFlg |= CIFSSEC_MAY_KRB5;
997                         } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
998                                 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
999                                         CIFSSEC_MUST_SIGN;
1000                         } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1001                                 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
1002                         } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
1003                                 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
1004                                         CIFSSEC_MUST_SIGN;
1005                         } else if (strnicmp(value, "ntlmv2", 6) == 0) {
1006                                 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1007                         } else if (strnicmp(value, "ntlmi", 5) == 0) {
1008                                 vol->secFlg |= CIFSSEC_MAY_NTLM |
1009                                         CIFSSEC_MUST_SIGN;
1010                         } else if (strnicmp(value, "ntlm", 4) == 0) {
1011                                 /* ntlm is default so can be turned off too */
1012                                 vol->secFlg |= CIFSSEC_MAY_NTLM;
1013                         } else if (strnicmp(value, "nontlm", 6) == 0) {
1014                                 /* BB is there a better way to do this? */
1015                                 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1016 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1017                         } else if (strnicmp(value, "lanman", 6) == 0) {
1018                                 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1019 #endif
1020                         } else if (strnicmp(value, "none", 4) == 0) {
1021                                 vol->nullauth = 1;
1022                         } else {
1023                                 cERROR(1, "bad security option: %s", value);
1024                                 return 1;
1025                         }
1026                 } else if ((strnicmp(data, "unc", 3) == 0)
1027                            || (strnicmp(data, "target", 6) == 0)
1028                            || (strnicmp(data, "path", 4) == 0)) {
1029                         if (!value || !*value) {
1030                                 printk(KERN_WARNING "CIFS: invalid path to "
1031                                                     "network resource\n");
1032                                 return 1;       /* needs_arg; */
1033                         }
1034                         if ((temp_len = strnlen(value, 300)) < 300) {
1035                                 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1036                                 if (vol->UNC == NULL)
1037                                         return 1;
1038                                 strcpy(vol->UNC, value);
1039                                 if (strncmp(vol->UNC, "//", 2) == 0) {
1040                                         vol->UNC[0] = '\\';
1041                                         vol->UNC[1] = '\\';
1042                                 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1043                                         printk(KERN_WARNING
1044                                                "CIFS: UNC Path does not begin "
1045                                                "with // or \\\\ \n");
1046                                         return 1;
1047                                 }
1048                         } else {
1049                                 printk(KERN_WARNING "CIFS: UNC name too long\n");
1050                                 return 1;
1051                         }
1052                 } else if ((strnicmp(data, "domain", 3) == 0)
1053                            || (strnicmp(data, "workgroup", 5) == 0)) {
1054                         if (!value || !*value) {
1055                                 printk(KERN_WARNING "CIFS: invalid domain name\n");
1056                                 return 1;       /* needs_arg; */
1057                         }
1058                         /* BB are there cases in which a comma can be valid in
1059                         a domain name and need special handling? */
1060                         if (strnlen(value, 256) < 256) {
1061                                 vol->domainname = value;
1062                                 cFYI(1, "Domain name set");
1063                         } else {
1064                                 printk(KERN_WARNING "CIFS: domain name too "
1065                                                     "long\n");
1066                                 return 1;
1067                         }
1068                 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1069                         vol->srcaddr.ss_family = AF_UNSPEC;
1070
1071                         if (!value || !*value) {
1072                                 printk(KERN_WARNING "CIFS: srcaddr value"
1073                                        " not specified.\n");
1074                                 return 1;       /* needs_arg; */
1075                         }
1076                         i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1077                                                  value, strlen(value));
1078                         if (i == 0) {
1079                                 printk(KERN_WARNING "CIFS:  Could not parse"
1080                                        " srcaddr: %s\n",
1081                                        value);
1082                                 return 1;
1083                         }
1084                 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1085                         if (!value || !*value) {
1086                                 printk(KERN_WARNING
1087                                         "CIFS: invalid path prefix\n");
1088                                 return 1;       /* needs_argument */
1089                         }
1090                         if ((temp_len = strnlen(value, 1024)) < 1024) {
1091                                 if (value[0] != '/')
1092                                         temp_len++;  /* missing leading slash */
1093                                 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1094                                 if (vol->prepath == NULL)
1095                                         return 1;
1096                                 if (value[0] != '/') {
1097                                         vol->prepath[0] = '/';
1098                                         strcpy(vol->prepath+1, value);
1099                                 } else
1100                                         strcpy(vol->prepath, value);
1101                                 cFYI(1, "prefix path %s", vol->prepath);
1102                         } else {
1103                                 printk(KERN_WARNING "CIFS: prefix too long\n");
1104                                 return 1;
1105                         }
1106                 } else if (strnicmp(data, "iocharset", 9) == 0) {
1107                         if (!value || !*value) {
1108                                 printk(KERN_WARNING "CIFS: invalid iocharset "
1109                                                     "specified\n");
1110                                 return 1;       /* needs_arg; */
1111                         }
1112                         if (strnlen(value, 65) < 65) {
1113                                 if (strnicmp(value, "default", 7))
1114                                         vol->iocharset = value;
1115                                 /* if iocharset not set then load_nls_default
1116                                    is used by caller */
1117                                 cFYI(1, "iocharset set to %s", value);
1118                         } else {
1119                                 printk(KERN_WARNING "CIFS: iocharset name "
1120                                                     "too long.\n");
1121                                 return 1;
1122                         }
1123                 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1124                         vol->linux_uid = simple_strtoul(value, &value, 0);
1125                         uid_specified = true;
1126                 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1127                         vol->cred_uid = simple_strtoul(value, &value, 0);
1128                 } else if (!strnicmp(data, "forceuid", 8)) {
1129                         override_uid = 1;
1130                 } else if (!strnicmp(data, "noforceuid", 10)) {
1131                         override_uid = 0;
1132                 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1133                         vol->linux_gid = simple_strtoul(value, &value, 0);
1134                         gid_specified = true;
1135                 } else if (!strnicmp(data, "forcegid", 8)) {
1136                         override_gid = 1;
1137                 } else if (!strnicmp(data, "noforcegid", 10)) {
1138                         override_gid = 0;
1139                 } else if (strnicmp(data, "file_mode", 4) == 0) {
1140                         if (value && *value) {
1141                                 vol->file_mode =
1142                                         simple_strtoul(value, &value, 0);
1143                         }
1144                 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1145                         if (value && *value) {
1146                                 vol->dir_mode =
1147                                         simple_strtoul(value, &value, 0);
1148                         }
1149                 } else if (strnicmp(data, "dirmode", 4) == 0) {
1150                         if (value && *value) {
1151                                 vol->dir_mode =
1152                                         simple_strtoul(value, &value, 0);
1153                         }
1154                 } else if (strnicmp(data, "port", 4) == 0) {
1155                         if (value && *value) {
1156                                 vol->port =
1157                                         simple_strtoul(value, &value, 0);
1158                         }
1159                 } else if (strnicmp(data, "rsize", 5) == 0) {
1160                         if (value && *value) {
1161                                 vol->rsize =
1162                                         simple_strtoul(value, &value, 0);
1163                         }
1164                 } else if (strnicmp(data, "wsize", 5) == 0) {
1165                         if (value && *value) {
1166                                 vol->wsize =
1167                                         simple_strtoul(value, &value, 0);
1168                         }
1169                 } else if (strnicmp(data, "sockopt", 5) == 0) {
1170                         if (!value || !*value) {
1171                                 cERROR(1, "no socket option specified");
1172                                 continue;
1173                         } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1174                                 vol->sockopt_tcp_nodelay = 1;
1175                         }
1176                 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1177                         if (!value || !*value || (*value == ' ')) {
1178                                 cFYI(1, "invalid (empty) netbiosname");
1179                         } else {
1180                                 memset(vol->source_rfc1001_name, 0x20,
1181                                         RFC1001_NAME_LEN);
1182                                 /*
1183                                  * FIXME: are there cases in which a comma can
1184                                  * be valid in workstation netbios name (and
1185                                  * need special handling)?
1186                                  */
1187                                 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1188                                         /* don't ucase netbiosname for user */
1189                                         if (value[i] == 0)
1190                                                 break;
1191                                         vol->source_rfc1001_name[i] = value[i];
1192                                 }
1193                                 /* The string has 16th byte zero still from
1194                                 set at top of the function  */
1195                                 if (i == RFC1001_NAME_LEN && value[i] != 0)
1196                                         printk(KERN_WARNING "CIFS: netbiosname"
1197                                                 " longer than 15 truncated.\n");
1198                         }
1199                 } else if (strnicmp(data, "servern", 7) == 0) {
1200                         /* servernetbiosname specified override *SMBSERVER */
1201                         if (!value || !*value || (*value == ' ')) {
1202                                 cFYI(1, "empty server netbiosname specified");
1203                         } else {
1204                                 /* last byte, type, is 0x20 for servr type */
1205                                 memset(vol->target_rfc1001_name, 0x20,
1206                                         RFC1001_NAME_LEN_WITH_NULL);
1207
1208                                 for (i = 0; i < 15; i++) {
1209                                 /* BB are there cases in which a comma can be
1210                                    valid in this workstation netbios name
1211                                    (and need special handling)? */
1212
1213                                 /* user or mount helper must uppercase
1214                                    the netbiosname */
1215                                         if (value[i] == 0)
1216                                                 break;
1217                                         else
1218                                                 vol->target_rfc1001_name[i] =
1219                                                                 value[i];
1220                                 }
1221                                 /* The string has 16th byte zero still from
1222                                    set at top of the function  */
1223                                 if (i == RFC1001_NAME_LEN && value[i] != 0)
1224                                         printk(KERN_WARNING "CIFS: server net"
1225                                         "biosname longer than 15 truncated.\n");
1226                         }
1227                 } else if (strnicmp(data, "actimeo", 7) == 0) {
1228                         if (value && *value) {
1229                                 vol->actimeo = HZ * simple_strtoul(value,
1230                                                                    &value, 0);
1231                                 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1232                                         cERROR(1, "CIFS: attribute cache"
1233                                                         "timeout too large");
1234                                         return 1;
1235                                 }
1236                         }
1237                 } else if (strnicmp(data, "credentials", 4) == 0) {
1238                         /* ignore */
1239                 } else if (strnicmp(data, "version", 3) == 0) {
1240                         /* ignore */
1241                 } else if (strnicmp(data, "guest", 5) == 0) {
1242                         /* ignore */
1243                 } else if (strnicmp(data, "rw", 2) == 0) {
1244                         /* ignore */
1245                 } else if (strnicmp(data, "ro", 2) == 0) {
1246                         /* ignore */
1247                 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1248                         vol->noblocksnd = 1;
1249                 } else if (strnicmp(data, "noautotune", 10) == 0) {
1250                         vol->noautotune = 1;
1251                 } else if ((strnicmp(data, "suid", 4) == 0) ||
1252                                    (strnicmp(data, "nosuid", 6) == 0) ||
1253                                    (strnicmp(data, "exec", 4) == 0) ||
1254                                    (strnicmp(data, "noexec", 6) == 0) ||
1255                                    (strnicmp(data, "nodev", 5) == 0) ||
1256                                    (strnicmp(data, "noauto", 6) == 0) ||
1257                                    (strnicmp(data, "dev", 3) == 0)) {
1258                         /*  The mount tool or mount.cifs helper (if present)
1259                             uses these opts to set flags, and the flags are read
1260                             by the kernel vfs layer before we get here (ie
1261                             before read super) so there is no point trying to
1262                             parse these options again and set anything and it
1263                             is ok to just ignore them */
1264                         continue;
1265                 } else if (strnicmp(data, "hard", 4) == 0) {
1266                         vol->retry = 1;
1267                 } else if (strnicmp(data, "soft", 4) == 0) {
1268                         vol->retry = 0;
1269                 } else if (strnicmp(data, "perm", 4) == 0) {
1270                         vol->noperm = 0;
1271                 } else if (strnicmp(data, "noperm", 6) == 0) {
1272                         vol->noperm = 1;
1273                 } else if (strnicmp(data, "mapchars", 8) == 0) {
1274                         vol->remap = 1;
1275                 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1276                         vol->remap = 0;
1277                 } else if (strnicmp(data, "sfu", 3) == 0) {
1278                         vol->sfu_emul = 1;
1279                 } else if (strnicmp(data, "nosfu", 5) == 0) {
1280                         vol->sfu_emul = 0;
1281                 } else if (strnicmp(data, "nodfs", 5) == 0) {
1282                         vol->nodfs = 1;
1283                 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1284                         vol->posix_paths = 1;
1285                 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1286                         vol->posix_paths = 0;
1287                 } else if (strnicmp(data, "nounix", 6) == 0) {
1288                         vol->no_linux_ext = 1;
1289                 } else if (strnicmp(data, "nolinux", 7) == 0) {
1290                         vol->no_linux_ext = 1;
1291                 } else if ((strnicmp(data, "nocase", 6) == 0) ||
1292                            (strnicmp(data, "ignorecase", 10)  == 0)) {
1293                         vol->nocase = 1;
1294                 } else if (strnicmp(data, "mand", 4) == 0) {
1295                         /* ignore */
1296                 } else if (strnicmp(data, "nomand", 6) == 0) {
1297                         /* ignore */
1298                 } else if (strnicmp(data, "_netdev", 7) == 0) {
1299                         /* ignore */
1300                 } else if (strnicmp(data, "brl", 3) == 0) {
1301                         vol->nobrl =  0;
1302                 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1303                            (strnicmp(data, "nolock", 6) == 0)) {
1304                         vol->nobrl =  1;
1305                         /* turn off mandatory locking in mode
1306                         if remote locking is turned off since the
1307                         local vfs will do advisory */
1308                         if (vol->file_mode ==
1309                                 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1310                                 vol->file_mode = S_IALLUGO;
1311                 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1312                         /* will take the shorter form "forcemand" as well */
1313                         /* This mount option will force use of mandatory
1314                           (DOS/Windows style) byte range locks, instead of
1315                           using posix advisory byte range locks, even if the
1316                           Unix extensions are available and posix locks would
1317                           be supported otherwise. If Unix extensions are not
1318                           negotiated this has no effect since mandatory locks
1319                           would be used (mandatory locks is all that those
1320                           those servers support) */
1321                         vol->mand_lock = 1;
1322                 } else if (strnicmp(data, "setuids", 7) == 0) {
1323                         vol->setuids = 1;
1324                 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1325                         vol->setuids = 0;
1326                 } else if (strnicmp(data, "dynperm", 7) == 0) {
1327                         vol->dynperm = true;
1328                 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1329                         vol->dynperm = false;
1330                 } else if (strnicmp(data, "nohard", 6) == 0) {
1331                         vol->retry = 0;
1332                 } else if (strnicmp(data, "nosoft", 6) == 0) {
1333                         vol->retry = 1;
1334                 } else if (strnicmp(data, "nointr", 6) == 0) {
1335                         vol->intr = 0;
1336                 } else if (strnicmp(data, "intr", 4) == 0) {
1337                         vol->intr = 1;
1338                 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1339                         vol->nostrictsync = 1;
1340                 } else if (strnicmp(data, "strictsync", 10) == 0) {
1341                         vol->nostrictsync = 0;
1342                 } else if (strnicmp(data, "serverino", 7) == 0) {
1343                         vol->server_ino = 1;
1344                 } else if (strnicmp(data, "noserverino", 9) == 0) {
1345                         vol->server_ino = 0;
1346                 } else if (strnicmp(data, "cifsacl", 7) == 0) {
1347                         vol->cifs_acl = 1;
1348                 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1349                         vol->cifs_acl = 0;
1350                 } else if (strnicmp(data, "acl", 3) == 0) {
1351                         vol->no_psx_acl = 0;
1352                 } else if (strnicmp(data, "noacl", 5) == 0) {
1353                         vol->no_psx_acl = 1;
1354                 } else if (strnicmp(data, "locallease", 6) == 0) {
1355                         vol->local_lease = 1;
1356                 } else if (strnicmp(data, "sign", 4) == 0) {
1357                         vol->secFlg |= CIFSSEC_MUST_SIGN;
1358                 } else if (strnicmp(data, "seal", 4) == 0) {
1359                         /* we do not do the following in secFlags because seal
1360                            is a per tree connection (mount) not a per socket
1361                            or per-smb connection option in the protocol */
1362                         /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1363                         vol->seal = 1;
1364                 } else if (strnicmp(data, "direct", 6) == 0) {
1365                         vol->direct_io = 1;
1366                 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1367                         vol->direct_io = 1;
1368                 } else if (strnicmp(data, "strictcache", 11) == 0) {
1369                         vol->strict_io = 1;
1370                 } else if (strnicmp(data, "noac", 4) == 0) {
1371                         printk(KERN_WARNING "CIFS: Mount option noac not "
1372                                 "supported. Instead set "
1373                                 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1374                 } else if (strnicmp(data, "fsc", 3) == 0) {
1375 #ifndef CONFIG_CIFS_FSCACHE
1376                         cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE"
1377                                   "kernel config option set");
1378                         return 1;
1379 #endif
1380                         vol->fsc = true;
1381                 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1382                         vol->mfsymlinks = true;
1383                 } else if (strnicmp(data, "multiuser", 8) == 0) {
1384                         vol->multiuser = true;
1385                 } else
1386                         printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1387                                                 data);
1388         }
1389         if (vol->UNC == NULL) {
1390                 if (devname == NULL) {
1391                         printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1392                                                 "target\n");
1393                         return 1;
1394                 }
1395                 if ((temp_len = strnlen(devname, 300)) < 300) {
1396                         vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1397                         if (vol->UNC == NULL)
1398                                 return 1;
1399                         strcpy(vol->UNC, devname);
1400                         if (strncmp(vol->UNC, "//", 2) == 0) {
1401                                 vol->UNC[0] = '\\';
1402                                 vol->UNC[1] = '\\';
1403                         } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1404                                 printk(KERN_WARNING "CIFS: UNC Path does not "
1405                                                     "begin with // or \\\\ \n");
1406                                 return 1;
1407                         }
1408                         value = strpbrk(vol->UNC+2, "/\\");
1409                         if (value)
1410                                 *value = '\\';
1411                 } else {
1412                         printk(KERN_WARNING "CIFS: UNC name too long\n");
1413                         return 1;
1414                 }
1415         }
1416
1417         if (vol->multiuser && !(vol->secFlg & CIFSSEC_MAY_KRB5)) {
1418                 cERROR(1, "Multiuser mounts currently require krb5 "
1419                           "authentication!");
1420                 return 1;
1421         }
1422
1423         if (vol->UNCip == NULL)
1424                 vol->UNCip = &vol->UNC[2];
1425
1426         if (uid_specified)
1427                 vol->override_uid = override_uid;
1428         else if (override_uid == 1)
1429                 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1430                                    "specified with no uid= option.\n");
1431
1432         if (gid_specified)
1433                 vol->override_gid = override_gid;
1434         else if (override_gid == 1)
1435                 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1436                                    "specified with no gid= option.\n");
1437
1438         return 0;
1439 }
1440
1441 /** Returns true if srcaddr isn't specified and rhs isn't
1442  * specified, or if srcaddr is specified and
1443  * matches the IP address of the rhs argument.
1444  */
1445 static bool
1446 srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1447 {
1448         switch (srcaddr->sa_family) {
1449         case AF_UNSPEC:
1450                 return (rhs->sa_family == AF_UNSPEC);
1451         case AF_INET: {
1452                 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1453                 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1454                 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1455         }
1456         case AF_INET6: {
1457                 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1458                 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1459                 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1460         }
1461         default:
1462                 WARN_ON(1);
1463                 return false; /* don't expect to be here */
1464         }
1465 }
1466
1467 /*
1468  * If no port is specified in addr structure, we try to match with 445 port
1469  * and if it fails - with 139 ports. It should be called only if address
1470  * families of server and addr are equal.
1471  */
1472 static bool
1473 match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1474 {
1475         unsigned short int port, *sport;
1476
1477         switch (addr->sa_family) {
1478         case AF_INET:
1479                 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1480                 port = ((struct sockaddr_in *) addr)->sin_port;
1481                 break;
1482         case AF_INET6:
1483                 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1484                 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1485                 break;
1486         default:
1487                 WARN_ON(1);
1488                 return false;
1489         }
1490
1491         if (!port) {
1492                 port = htons(CIFS_PORT);
1493                 if (port == *sport)
1494                         return true;
1495
1496                 port = htons(RFC1001_PORT);
1497         }
1498
1499         return port == *sport;
1500 }
1501
1502 static bool
1503 match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1504               struct sockaddr *srcaddr)
1505 {
1506         switch (addr->sa_family) {
1507         case AF_INET: {
1508                 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1509                 struct sockaddr_in *srv_addr4 =
1510                                         (struct sockaddr_in *)&server->dstaddr;
1511
1512                 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
1513                         return false;
1514                 break;
1515         }
1516         case AF_INET6: {
1517                 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1518                 struct sockaddr_in6 *srv_addr6 =
1519                                         (struct sockaddr_in6 *)&server->dstaddr;
1520
1521                 if (!ipv6_addr_equal(&addr6->sin6_addr,
1522                                      &srv_addr6->sin6_addr))
1523                         return false;
1524                 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
1525                         return false;
1526                 break;
1527         }
1528         default:
1529                 WARN_ON(1);
1530                 return false; /* don't expect to be here */
1531         }
1532
1533         if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1534                 return false;
1535
1536         return true;
1537 }
1538
1539 static bool
1540 match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1541 {
1542         unsigned int secFlags;
1543
1544         if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1545                 secFlags = vol->secFlg;
1546         else
1547                 secFlags = global_secflags | vol->secFlg;
1548
1549         switch (server->secType) {
1550         case LANMAN:
1551                 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1552                         return false;
1553                 break;
1554         case NTLMv2:
1555                 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1556                         return false;
1557                 break;
1558         case NTLM:
1559                 if (!(secFlags & CIFSSEC_MAY_NTLM))
1560                         return false;
1561                 break;
1562         case Kerberos:
1563                 if (!(secFlags & CIFSSEC_MAY_KRB5))
1564                         return false;
1565                 break;
1566         case RawNTLMSSP:
1567                 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1568                         return false;
1569                 break;
1570         default:
1571                 /* shouldn't happen */
1572                 return false;
1573         }
1574
1575         /* now check if signing mode is acceptable */
1576         if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
1577             (server->secMode & SECMODE_SIGN_REQUIRED))
1578                         return false;
1579         else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
1580                  (server->secMode &
1581                   (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1582                         return false;
1583
1584         return true;
1585 }
1586
1587 static struct TCP_Server_Info *
1588 cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1589 {
1590         struct TCP_Server_Info *server;
1591
1592         spin_lock(&cifs_tcp_ses_lock);
1593         list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
1594                 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1595                         continue;
1596
1597                 if (!match_address(server, addr,
1598                                    (struct sockaddr *)&vol->srcaddr))
1599                         continue;
1600
1601                 if (!match_port(server, addr))
1602                         continue;
1603
1604                 if (!match_security(server, vol))
1605                         continue;
1606
1607                 ++server->srv_count;
1608                 spin_unlock(&cifs_tcp_ses_lock);
1609                 cFYI(1, "Existing tcp session with server found");
1610                 return server;
1611         }
1612         spin_unlock(&cifs_tcp_ses_lock);
1613         return NULL;
1614 }
1615
1616 static void
1617 cifs_put_tcp_session(struct TCP_Server_Info *server)
1618 {
1619         struct task_struct *task;
1620
1621         spin_lock(&cifs_tcp_ses_lock);
1622         if (--server->srv_count > 0) {
1623                 spin_unlock(&cifs_tcp_ses_lock);
1624                 return;
1625         }
1626
1627         put_net(cifs_net_ns(server));
1628
1629         list_del_init(&server->tcp_ses_list);
1630         spin_unlock(&cifs_tcp_ses_lock);
1631
1632         cancel_delayed_work_sync(&server->echo);
1633
1634         spin_lock(&GlobalMid_Lock);
1635         server->tcpStatus = CifsExiting;
1636         spin_unlock(&GlobalMid_Lock);
1637
1638         cifs_crypto_shash_release(server);
1639         cifs_fscache_release_client_cookie(server);
1640
1641         kfree(server->session_key.response);
1642         server->session_key.response = NULL;
1643         server->session_key.len = 0;
1644
1645         task = xchg(&server->tsk, NULL);
1646         if (task)
1647                 force_sig(SIGKILL, task);
1648 }
1649
1650 static struct TCP_Server_Info *
1651 cifs_get_tcp_session(struct smb_vol *volume_info)
1652 {
1653         struct TCP_Server_Info *tcp_ses = NULL;
1654         struct sockaddr_storage addr;
1655         struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1656         struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1657         int rc;
1658
1659         memset(&addr, 0, sizeof(struct sockaddr_storage));
1660
1661         cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
1662
1663         if (volume_info->UNCip && volume_info->UNC) {
1664                 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1665                                         volume_info->UNCip,
1666                                         strlen(volume_info->UNCip),
1667                                         volume_info->port);
1668                 if (!rc) {
1669                         /* we failed translating address */
1670                         rc = -EINVAL;
1671                         goto out_err;
1672                 }
1673         } else if (volume_info->UNCip) {
1674                 /* BB using ip addr as tcp_ses name to connect to the
1675                    DFS root below */
1676                 cERROR(1, "Connecting to DFS root not implemented yet");
1677                 rc = -EINVAL;
1678                 goto out_err;
1679         } else /* which tcp_sess DFS root would we conect to */ {
1680                 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1681                         "unc=//192.168.1.100/public) specified");
1682                 rc = -EINVAL;
1683                 goto out_err;
1684         }
1685
1686         /* see if we already have a matching tcp_ses */
1687         tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
1688         if (tcp_ses)
1689                 return tcp_ses;
1690
1691         tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1692         if (!tcp_ses) {
1693                 rc = -ENOMEM;
1694                 goto out_err;
1695         }
1696
1697         rc = cifs_crypto_shash_allocate(tcp_ses);
1698         if (rc) {
1699                 cERROR(1, "could not setup hash structures rc %d", rc);
1700                 goto out_err;
1701         }
1702
1703         cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
1704         tcp_ses->hostname = extract_hostname(volume_info->UNC);
1705         if (IS_ERR(tcp_ses->hostname)) {
1706                 rc = PTR_ERR(tcp_ses->hostname);
1707                 goto out_err_crypto_release;
1708         }
1709
1710         tcp_ses->noblocksnd = volume_info->noblocksnd;
1711         tcp_ses->noautotune = volume_info->noautotune;
1712         tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
1713         atomic_set(&tcp_ses->inFlight, 0);
1714         init_waitqueue_head(&tcp_ses->response_q);
1715         init_waitqueue_head(&tcp_ses->request_q);
1716         INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1717         mutex_init(&tcp_ses->srv_mutex);
1718         memcpy(tcp_ses->workstation_RFC1001_name,
1719                 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1720         memcpy(tcp_ses->server_RFC1001_name,
1721                 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1722         tcp_ses->session_estab = false;
1723         tcp_ses->sequence_number = 0;
1724         tcp_ses->lstrp = jiffies;
1725         INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1726         INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
1727         INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
1728
1729         /*
1730          * at this point we are the only ones with the pointer
1731          * to the struct since the kernel thread not created yet
1732          * no need to spinlock this init of tcpStatus or srv_count
1733          */
1734         tcp_ses->tcpStatus = CifsNew;
1735         memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1736                sizeof(tcp_ses->srcaddr));
1737         ++tcp_ses->srv_count;
1738
1739         if (addr.ss_family == AF_INET6) {
1740                 cFYI(1, "attempting ipv6 connect");
1741                 /* BB should we allow ipv6 on port 139? */
1742                 /* other OS never observed in Wild doing 139 with v6 */
1743                 memcpy(&tcp_ses->dstaddr, sin_server6,
1744                        sizeof(struct sockaddr_in6));
1745         } else
1746                 memcpy(&tcp_ses->dstaddr, sin_server,
1747                        sizeof(struct sockaddr_in));
1748
1749         rc = ip_connect(tcp_ses);
1750         if (rc < 0) {
1751                 cERROR(1, "Error connecting to socket. Aborting operation");
1752                 goto out_err_crypto_release;
1753         }
1754
1755         /*
1756          * since we're in a cifs function already, we know that
1757          * this will succeed. No need for try_module_get().
1758          */
1759         __module_get(THIS_MODULE);
1760         tcp_ses->tsk = kthread_run((void *)(void *)cifs_demultiplex_thread,
1761                                   tcp_ses, "cifsd");
1762         if (IS_ERR(tcp_ses->tsk)) {
1763                 rc = PTR_ERR(tcp_ses->tsk);
1764                 cERROR(1, "error %d create cifsd thread", rc);
1765                 module_put(THIS_MODULE);
1766                 goto out_err_crypto_release;
1767         }
1768
1769         /* thread spawned, put it on the list */
1770         spin_lock(&cifs_tcp_ses_lock);
1771         list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
1772         spin_unlock(&cifs_tcp_ses_lock);
1773
1774         cifs_fscache_get_client_cookie(tcp_ses);
1775
1776         /* queue echo request delayed work */
1777         queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1778
1779         return tcp_ses;
1780
1781 out_err_crypto_release:
1782         cifs_crypto_shash_release(tcp_ses);
1783
1784         put_net(cifs_net_ns(tcp_ses));
1785
1786 out_err:
1787         if (tcp_ses) {
1788                 if (!IS_ERR(tcp_ses->hostname))
1789                         kfree(tcp_ses->hostname);
1790                 if (tcp_ses->ssocket)
1791                         sock_release(tcp_ses->ssocket);
1792                 kfree(tcp_ses);
1793         }
1794         return ERR_PTR(rc);
1795 }
1796
1797 static struct cifsSesInfo *
1798 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
1799 {
1800         struct cifsSesInfo *ses;
1801
1802         spin_lock(&cifs_tcp_ses_lock);
1803         list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
1804                 switch (server->secType) {
1805                 case Kerberos:
1806                         if (vol->cred_uid != ses->cred_uid)
1807                                 continue;
1808                         break;
1809                 default:
1810                         /* anything else takes username/password */
1811                         if (strncmp(ses->userName, vol->username,
1812                                     MAX_USERNAME_SIZE))
1813                                 continue;
1814                         if (strlen(vol->username) != 0 &&
1815                             ses->password != NULL &&
1816                             strncmp(ses->password,
1817                                     vol->password ? vol->password : "",
1818                                     MAX_PASSWORD_SIZE))
1819                                 continue;
1820                 }
1821                 ++ses->ses_count;
1822                 spin_unlock(&cifs_tcp_ses_lock);
1823                 return ses;
1824         }
1825         spin_unlock(&cifs_tcp_ses_lock);
1826         return NULL;
1827 }
1828
1829 static void
1830 cifs_put_smb_ses(struct cifsSesInfo *ses)
1831 {
1832         int xid;
1833         struct TCP_Server_Info *server = ses->server;
1834
1835         cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
1836         spin_lock(&cifs_tcp_ses_lock);
1837         if (--ses->ses_count > 0) {
1838                 spin_unlock(&cifs_tcp_ses_lock);
1839                 return;
1840         }
1841
1842         list_del_init(&ses->smb_ses_list);
1843         spin_unlock(&cifs_tcp_ses_lock);
1844
1845         if (ses->status == CifsGood) {
1846                 xid = GetXid();
1847                 CIFSSMBLogoff(xid, ses);
1848                 _FreeXid(xid);
1849         }
1850         sesInfoFree(ses);
1851         cifs_put_tcp_session(server);
1852 }
1853
1854 static struct cifsSesInfo *
1855 cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
1856 {
1857         int rc = -ENOMEM, xid;
1858         struct cifsSesInfo *ses;
1859         struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
1860         struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
1861
1862         xid = GetXid();
1863
1864         ses = cifs_find_smb_ses(server, volume_info);
1865         if (ses) {
1866                 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
1867
1868                 mutex_lock(&ses->session_mutex);
1869                 rc = cifs_negotiate_protocol(xid, ses);
1870                 if (rc) {
1871                         mutex_unlock(&ses->session_mutex);
1872                         /* problem -- put our ses reference */
1873                         cifs_put_smb_ses(ses);
1874                         FreeXid(xid);
1875                         return ERR_PTR(rc);
1876                 }
1877                 if (ses->need_reconnect) {
1878                         cFYI(1, "Session needs reconnect");
1879                         rc = cifs_setup_session(xid, ses,
1880                                                 volume_info->local_nls);
1881                         if (rc) {
1882                                 mutex_unlock(&ses->session_mutex);
1883                                 /* problem -- put our reference */
1884                                 cifs_put_smb_ses(ses);
1885                                 FreeXid(xid);
1886                                 return ERR_PTR(rc);
1887                         }
1888                 }
1889                 mutex_unlock(&ses->session_mutex);
1890
1891                 /* existing SMB ses has a server reference already */
1892                 cifs_put_tcp_session(server);
1893                 FreeXid(xid);
1894                 return ses;
1895         }
1896
1897         cFYI(1, "Existing smb sess not found");
1898         ses = sesInfoAlloc();
1899         if (ses == NULL)
1900                 goto get_ses_fail;
1901
1902         /* new SMB session uses our server ref */
1903         ses->server = server;
1904         if (server->dstaddr.ss_family == AF_INET6)
1905                 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
1906         else
1907                 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
1908
1909         if (volume_info->username)
1910                 strncpy(ses->userName, volume_info->username,
1911                         MAX_USERNAME_SIZE);
1912
1913         /* volume_info->password freed at unmount */
1914         if (volume_info->password) {
1915                 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
1916                 if (!ses->password)
1917                         goto get_ses_fail;
1918         }
1919         if (volume_info->domainname) {
1920                 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
1921                 if (!ses->domainName)
1922                         goto get_ses_fail;
1923         }
1924         ses->cred_uid = volume_info->cred_uid;
1925         ses->linux_uid = volume_info->linux_uid;
1926         ses->overrideSecFlg = volume_info->secFlg;
1927
1928         mutex_lock(&ses->session_mutex);
1929         rc = cifs_negotiate_protocol(xid, ses);
1930         if (!rc)
1931                 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
1932         mutex_unlock(&ses->session_mutex);
1933         if (rc)
1934                 goto get_ses_fail;
1935
1936         /* success, put it on the list */
1937         spin_lock(&cifs_tcp_ses_lock);
1938         list_add(&ses->smb_ses_list, &server->smb_ses_list);
1939         spin_unlock(&cifs_tcp_ses_lock);
1940
1941         FreeXid(xid);
1942         return ses;
1943
1944 get_ses_fail:
1945         sesInfoFree(ses);
1946         FreeXid(xid);
1947         return ERR_PTR(rc);
1948 }
1949
1950 static struct cifsTconInfo *
1951 cifs_find_tcon(struct cifsSesInfo *ses, const char *unc)
1952 {
1953         struct list_head *tmp;
1954         struct cifsTconInfo *tcon;
1955
1956         spin_lock(&cifs_tcp_ses_lock);
1957         list_for_each(tmp, &ses->tcon_list) {
1958                 tcon = list_entry(tmp, struct cifsTconInfo, tcon_list);
1959                 if (tcon->tidStatus == CifsExiting)
1960                         continue;
1961                 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
1962                         continue;
1963
1964                 ++tcon->tc_count;
1965                 spin_unlock(&cifs_tcp_ses_lock);
1966                 return tcon;
1967         }
1968         spin_unlock(&cifs_tcp_ses_lock);
1969         return NULL;
1970 }
1971
1972 static void
1973 cifs_put_tcon(struct cifsTconInfo *tcon)
1974 {
1975         int xid;
1976         struct cifsSesInfo *ses = tcon->ses;
1977
1978         cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
1979         spin_lock(&cifs_tcp_ses_lock);
1980         if (--tcon->tc_count > 0) {
1981                 spin_unlock(&cifs_tcp_ses_lock);
1982                 return;
1983         }
1984
1985         list_del_init(&tcon->tcon_list);
1986         spin_unlock(&cifs_tcp_ses_lock);
1987
1988         xid = GetXid();
1989         CIFSSMBTDis(xid, tcon);
1990         _FreeXid(xid);
1991
1992         cifs_fscache_release_super_cookie(tcon);
1993         tconInfoFree(tcon);
1994         cifs_put_smb_ses(ses);
1995 }
1996
1997 static struct cifsTconInfo *
1998 cifs_get_tcon(struct cifsSesInfo *ses, struct smb_vol *volume_info)
1999 {
2000         int rc, xid;
2001         struct cifsTconInfo *tcon;
2002
2003         tcon = cifs_find_tcon(ses, volume_info->UNC);
2004         if (tcon) {
2005                 cFYI(1, "Found match on UNC path");
2006                 /* existing tcon already has a reference */
2007                 cifs_put_smb_ses(ses);
2008                 if (tcon->seal != volume_info->seal)
2009                         cERROR(1, "transport encryption setting "
2010                                    "conflicts with existing tid");
2011                 return tcon;
2012         }
2013
2014         tcon = tconInfoAlloc();
2015         if (tcon == NULL) {
2016                 rc = -ENOMEM;
2017                 goto out_fail;
2018         }
2019
2020         tcon->ses = ses;
2021         if (volume_info->password) {
2022                 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2023                 if (!tcon->password) {
2024                         rc = -ENOMEM;
2025                         goto out_fail;
2026                 }
2027         }
2028
2029         if (strchr(volume_info->UNC + 3, '\\') == NULL
2030             && strchr(volume_info->UNC + 3, '/') == NULL) {
2031                 cERROR(1, "Missing share name");
2032                 rc = -ENODEV;
2033                 goto out_fail;
2034         }
2035
2036         /* BB Do we need to wrap session_mutex around
2037          * this TCon call and Unix SetFS as
2038          * we do on SessSetup and reconnect? */
2039         xid = GetXid();
2040         rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2041         FreeXid(xid);
2042         cFYI(1, "CIFS Tcon rc = %d", rc);
2043         if (rc)
2044                 goto out_fail;
2045
2046         if (volume_info->nodfs) {
2047                 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2048                 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2049         }
2050         tcon->seal = volume_info->seal;
2051         /* we can have only one retry value for a connection
2052            to a share so for resources mounted more than once
2053            to the same server share the last value passed in
2054            for the retry flag is used */
2055         tcon->retry = volume_info->retry;
2056         tcon->nocase = volume_info->nocase;
2057         tcon->local_lease = volume_info->local_lease;
2058
2059         spin_lock(&cifs_tcp_ses_lock);
2060         list_add(&tcon->tcon_list, &ses->tcon_list);
2061         spin_unlock(&cifs_tcp_ses_lock);
2062
2063         cifs_fscache_get_super_cookie(tcon);
2064
2065         return tcon;
2066
2067 out_fail:
2068         tconInfoFree(tcon);
2069         return ERR_PTR(rc);
2070 }
2071
2072 void
2073 cifs_put_tlink(struct tcon_link *tlink)
2074 {
2075         if (!tlink || IS_ERR(tlink))
2076                 return;
2077
2078         if (!atomic_dec_and_test(&tlink->tl_count) ||
2079             test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2080                 tlink->tl_time = jiffies;
2081                 return;
2082         }
2083
2084         if (!IS_ERR(tlink_tcon(tlink)))
2085                 cifs_put_tcon(tlink_tcon(tlink));
2086         kfree(tlink);
2087         return;
2088 }
2089
2090 int
2091 get_dfs_path(int xid, struct cifsSesInfo *pSesInfo, const char *old_path,
2092              const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
2093              struct dfs_info3_param **preferrals, int remap)
2094 {
2095         char *temp_unc;
2096         int rc = 0;
2097
2098         *pnum_referrals = 0;
2099         *preferrals = NULL;
2100
2101         if (pSesInfo->ipc_tid == 0) {
2102                 temp_unc = kmalloc(2 /* for slashes */ +
2103                         strnlen(pSesInfo->serverName,
2104                                 SERVER_NAME_LEN_WITH_NULL * 2)
2105                                  + 1 + 4 /* slash IPC$ */  + 2,
2106                                 GFP_KERNEL);
2107                 if (temp_unc == NULL)
2108                         return -ENOMEM;
2109                 temp_unc[0] = '\\';
2110                 temp_unc[1] = '\\';
2111                 strcpy(temp_unc + 2, pSesInfo->serverName);
2112                 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2113                 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
2114                 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
2115                 kfree(temp_unc);
2116         }
2117         if (rc == 0)
2118                 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
2119                                      pnum_referrals, nls_codepage, remap);
2120         /* BB map targetUNCs to dfs_info3 structures, here or
2121                 in CIFSGetDFSRefer BB */
2122
2123         return rc;
2124 }
2125
2126 #ifdef CONFIG_DEBUG_LOCK_ALLOC
2127 static struct lock_class_key cifs_key[2];
2128 static struct lock_class_key cifs_slock_key[2];
2129
2130 static inline void
2131 cifs_reclassify_socket4(struct socket *sock)
2132 {
2133         struct sock *sk = sock->sk;
2134         BUG_ON(sock_owned_by_user(sk));
2135         sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2136                 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2137 }
2138
2139 static inline void
2140 cifs_reclassify_socket6(struct socket *sock)
2141 {
2142         struct sock *sk = sock->sk;
2143         BUG_ON(sock_owned_by_user(sk));
2144         sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2145                 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2146 }
2147 #else
2148 static inline void
2149 cifs_reclassify_socket4(struct socket *sock)
2150 {
2151 }
2152
2153 static inline void
2154 cifs_reclassify_socket6(struct socket *sock)
2155 {
2156 }
2157 #endif
2158
2159 /* See RFC1001 section 14 on representation of Netbios names */
2160 static void rfc1002mangle(char *target, char *source, unsigned int length)
2161 {
2162         unsigned int i, j;
2163
2164         for (i = 0, j = 0; i < (length); i++) {
2165                 /* mask a nibble at a time and encode */
2166                 target[j] = 'A' + (0x0F & (source[i] >> 4));
2167                 target[j+1] = 'A' + (0x0F & source[i]);
2168                 j += 2;
2169         }
2170
2171 }
2172
2173 static int
2174 bind_socket(struct TCP_Server_Info *server)
2175 {
2176         int rc = 0;
2177         if (server->srcaddr.ss_family != AF_UNSPEC) {
2178                 /* Bind to the specified local IP address */
2179                 struct socket *socket = server->ssocket;
2180                 rc = socket->ops->bind(socket,
2181                                        (struct sockaddr *) &server->srcaddr,
2182                                        sizeof(server->srcaddr));
2183                 if (rc < 0) {
2184                         struct sockaddr_in *saddr4;
2185                         struct sockaddr_in6 *saddr6;
2186                         saddr4 = (struct sockaddr_in *)&server->srcaddr;
2187                         saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2188                         if (saddr6->sin6_family == AF_INET6)
2189                                 cERROR(1, "cifs: "
2190                                        "Failed to bind to: %pI6c, error: %d\n",
2191                                        &saddr6->sin6_addr, rc);
2192                         else
2193                                 cERROR(1, "cifs: "
2194                                        "Failed to bind to: %pI4, error: %d\n",
2195                                        &saddr4->sin_addr.s_addr, rc);
2196                 }
2197         }
2198         return rc;
2199 }
2200
2201 static int
2202 ip_rfc1001_connect(struct TCP_Server_Info *server)
2203 {
2204         int rc = 0;
2205         /*
2206          * some servers require RFC1001 sessinit before sending
2207          * negprot - BB check reconnection in case where second
2208          * sessinit is sent but no second negprot
2209          */
2210         struct rfc1002_session_packet *ses_init_buf;
2211         struct smb_hdr *smb_buf;
2212         ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2213                                GFP_KERNEL);
2214         if (ses_init_buf) {
2215                 ses_init_buf->trailer.session_req.called_len = 32;
2216
2217                 if (server->server_RFC1001_name &&
2218                     server->server_RFC1001_name[0] != 0)
2219                         rfc1002mangle(ses_init_buf->trailer.
2220                                       session_req.called_name,
2221                                       server->server_RFC1001_name,
2222                                       RFC1001_NAME_LEN_WITH_NULL);
2223                 else
2224                         rfc1002mangle(ses_init_buf->trailer.
2225                                       session_req.called_name,
2226                                       DEFAULT_CIFS_CALLED_NAME,
2227                                       RFC1001_NAME_LEN_WITH_NULL);
2228
2229                 ses_init_buf->trailer.session_req.calling_len = 32;
2230
2231                 /*
2232                  * calling name ends in null (byte 16) from old smb
2233                  * convention.
2234                  */
2235                 if (server->workstation_RFC1001_name &&
2236                     server->workstation_RFC1001_name[0] != 0)
2237                         rfc1002mangle(ses_init_buf->trailer.
2238                                       session_req.calling_name,
2239                                       server->workstation_RFC1001_name,
2240                                       RFC1001_NAME_LEN_WITH_NULL);
2241                 else
2242                         rfc1002mangle(ses_init_buf->trailer.
2243                                       session_req.calling_name,
2244                                       "LINUX_CIFS_CLNT",
2245                                       RFC1001_NAME_LEN_WITH_NULL);
2246
2247                 ses_init_buf->trailer.session_req.scope1 = 0;
2248                 ses_init_buf->trailer.session_req.scope2 = 0;
2249                 smb_buf = (struct smb_hdr *)ses_init_buf;
2250
2251                 /* sizeof RFC1002_SESSION_REQUEST with no scope */
2252                 smb_buf->smb_buf_length = 0x81000044;
2253                 rc = smb_send(server, smb_buf, 0x44);
2254                 kfree(ses_init_buf);
2255                 /*
2256                  * RFC1001 layer in at least one server
2257                  * requires very short break before negprot
2258                  * presumably because not expecting negprot
2259                  * to follow so fast.  This is a simple
2260                  * solution that works without
2261                  * complicating the code and causes no
2262                  * significant slowing down on mount
2263                  * for everyone else
2264                  */
2265                 usleep_range(1000, 2000);
2266         }
2267         /*
2268          * else the negprot may still work without this
2269          * even though malloc failed
2270          */
2271
2272         return rc;
2273 }
2274
2275 static int
2276 generic_ip_connect(struct TCP_Server_Info *server)
2277 {
2278         int rc = 0;
2279         unsigned short int sport;
2280         int slen, sfamily;
2281         struct socket *socket = server->ssocket;
2282         struct sockaddr *saddr;
2283
2284         saddr = (struct sockaddr *) &server->dstaddr;
2285
2286         if (server->dstaddr.ss_family == AF_INET6) {
2287                 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2288                 slen = sizeof(struct sockaddr_in6);
2289                 sfamily = AF_INET6;
2290         } else {
2291                 sport = ((struct sockaddr_in *) saddr)->sin_port;
2292                 slen = sizeof(struct sockaddr_in);
2293                 sfamily = AF_INET;
2294         }
2295
2296         if (socket == NULL) {
2297                 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2298                                    IPPROTO_TCP, &socket, 1);
2299                 if (rc < 0) {
2300                         cERROR(1, "Error %d creating socket", rc);
2301                         server->ssocket = NULL;
2302                         return rc;
2303                 }
2304
2305                 /* BB other socket options to set KEEPALIVE, NODELAY? */
2306                 cFYI(1, "Socket created");
2307                 server->ssocket = socket;
2308                 socket->sk->sk_allocation = GFP_NOFS;
2309                 if (sfamily == AF_INET6)
2310                         cifs_reclassify_socket6(socket);
2311                 else
2312                         cifs_reclassify_socket4(socket);
2313         }
2314
2315         rc = bind_socket(server);
2316         if (rc < 0)
2317                 return rc;
2318
2319         rc = socket->ops->connect(socket, saddr, slen, 0);
2320         if (rc < 0) {
2321                 cFYI(1, "Error %d connecting to server", rc);
2322                 sock_release(socket);
2323                 server->ssocket = NULL;
2324                 return rc;
2325         }
2326
2327         /*
2328          * Eventually check for other socket options to change from
2329          * the default. sock_setsockopt not used because it expects
2330          * user space buffer
2331          */
2332         socket->sk->sk_rcvtimeo = 7 * HZ;
2333         socket->sk->sk_sndtimeo = 5 * HZ;
2334
2335         /* make the bufsizes depend on wsize/rsize and max requests */
2336         if (server->noautotune) {
2337                 if (socket->sk->sk_sndbuf < (200 * 1024))
2338                         socket->sk->sk_sndbuf = 200 * 1024;
2339                 if (socket->sk->sk_rcvbuf < (140 * 1024))
2340                         socket->sk->sk_rcvbuf = 140 * 1024;
2341         }
2342
2343         if (server->tcp_nodelay) {
2344                 int val = 1;
2345                 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2346                                 (char *)&val, sizeof(val));
2347                 if (rc)
2348                         cFYI(1, "set TCP_NODELAY socket option error %d", rc);
2349         }
2350
2351          cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
2352                  socket->sk->sk_sndbuf,
2353                  socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
2354
2355         if (sport == htons(RFC1001_PORT))
2356                 rc = ip_rfc1001_connect(server);
2357
2358         return rc;
2359 }
2360
2361 static int
2362 ip_connect(struct TCP_Server_Info *server)
2363 {
2364         unsigned short int *sport;
2365         struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2366         struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2367
2368         if (server->dstaddr.ss_family == AF_INET6)
2369                 sport = &addr6->sin6_port;
2370         else
2371                 sport = &addr->sin_port;
2372
2373         if (*sport == 0) {
2374                 int rc;
2375
2376                 /* try with 445 port at first */
2377                 *sport = htons(CIFS_PORT);
2378
2379                 rc = generic_ip_connect(server);
2380                 if (rc >= 0)
2381                         return rc;
2382
2383                 /* if it failed, try with 139 port */
2384                 *sport = htons(RFC1001_PORT);
2385         }
2386
2387         return generic_ip_connect(server);
2388 }
2389
2390 void reset_cifs_unix_caps(int xid, struct cifsTconInfo *tcon,
2391                           struct super_block *sb, struct smb_vol *vol_info)
2392 {
2393         /* if we are reconnecting then should we check to see if
2394          * any requested capabilities changed locally e.g. via
2395          * remount but we can not do much about it here
2396          * if they have (even if we could detect it by the following)
2397          * Perhaps we could add a backpointer to array of sb from tcon
2398          * or if we change to make all sb to same share the same
2399          * sb as NFS - then we only have one backpointer to sb.
2400          * What if we wanted to mount the server share twice once with
2401          * and once without posixacls or posix paths? */
2402         __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2403
2404         if (vol_info && vol_info->no_linux_ext) {
2405                 tcon->fsUnixInfo.Capability = 0;
2406                 tcon->unix_ext = 0; /* Unix Extensions disabled */
2407                 cFYI(1, "Linux protocol extensions disabled");
2408                 return;
2409         } else if (vol_info)
2410                 tcon->unix_ext = 1; /* Unix Extensions supported */
2411
2412         if (tcon->unix_ext == 0) {
2413                 cFYI(1, "Unix extensions disabled so not set on reconnect");
2414                 return;
2415         }
2416
2417         if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
2418                 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2419
2420                 /* check for reconnect case in which we do not
2421                    want to change the mount behavior if we can avoid it */
2422                 if (vol_info == NULL) {
2423                         /* turn off POSIX ACL and PATHNAMES if not set
2424                            originally at mount time */
2425                         if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2426                                 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2427                         if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2428                                 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2429                                         cERROR(1, "POSIXPATH support change");
2430                                 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2431                         } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2432                                 cERROR(1, "possible reconnect error");
2433                                 cERROR(1, "server disabled POSIX path support");
2434                         }
2435                 }
2436
2437                 cap &= CIFS_UNIX_CAP_MASK;
2438                 if (vol_info && vol_info->no_psx_acl)
2439                         cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2440                 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
2441                         cFYI(1, "negotiated posix acl support");
2442                         if (sb)
2443                                 sb->s_flags |= MS_POSIXACL;
2444                 }
2445
2446                 if (vol_info && vol_info->posix_paths == 0)
2447                         cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2448                 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
2449                         cFYI(1, "negotiate posix pathnames");
2450                         if (sb)
2451                                 CIFS_SB(sb)->mnt_cifs_flags |=
2452                                         CIFS_MOUNT_POSIX_PATHS;
2453                 }
2454
2455                 /* We might be setting the path sep back to a different
2456                 form if we are reconnecting and the server switched its
2457                 posix path capability for this share */
2458                 if (sb && (CIFS_SB(sb)->prepathlen > 0))
2459                         CIFS_SB(sb)->prepath[0] = CIFS_DIR_SEP(CIFS_SB(sb));
2460
2461                 if (sb && (CIFS_SB(sb)->rsize > 127 * 1024)) {
2462                         if ((cap & CIFS_UNIX_LARGE_READ_CAP) == 0) {
2463                                 CIFS_SB(sb)->rsize = 127 * 1024;
2464                                 cFYI(DBG2, "larger reads not supported by srv");
2465                         }
2466                 }
2467
2468
2469                 cFYI(1, "Negotiate caps 0x%x", (int)cap);
2470 #ifdef CONFIG_CIFS_DEBUG2
2471                 if (cap & CIFS_UNIX_FCNTL_CAP)
2472                         cFYI(1, "FCNTL cap");
2473                 if (cap & CIFS_UNIX_EXTATTR_CAP)
2474                         cFYI(1, "EXTATTR cap");
2475                 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2476                         cFYI(1, "POSIX path cap");
2477                 if (cap & CIFS_UNIX_XATTR_CAP)
2478                         cFYI(1, "XATTR cap");
2479                 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
2480                         cFYI(1, "POSIX ACL cap");
2481                 if (cap & CIFS_UNIX_LARGE_READ_CAP)
2482                         cFYI(1, "very large read cap");
2483                 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
2484                         cFYI(1, "very large write cap");
2485 #endif /* CIFS_DEBUG2 */
2486                 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
2487                         if (vol_info == NULL) {
2488                                 cFYI(1, "resetting capabilities failed");
2489                         } else
2490                                 cERROR(1, "Negotiating Unix capabilities "
2491                                            "with the server failed.  Consider "
2492                                            "mounting with the Unix Extensions\n"
2493                                            "disabled, if problems are found, "
2494                                            "by specifying the nounix mount "
2495                                            "option.");
2496
2497                 }
2498         }
2499 }
2500
2501 static void
2502 convert_delimiter(char *path, char delim)
2503 {
2504         int i;
2505         char old_delim;
2506
2507         if (path == NULL)
2508                 return;
2509
2510         if (delim == '/')
2511                 old_delim = '\\';
2512         else
2513                 old_delim = '/';
2514
2515         for (i = 0; path[i] != '\0'; i++) {
2516                 if (path[i] == old_delim)
2517                         path[i] = delim;
2518         }
2519 }
2520
2521 static void setup_cifs_sb(struct smb_vol *pvolume_info,
2522                           struct cifs_sb_info *cifs_sb)
2523 {
2524         INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2525
2526         if (pvolume_info->rsize > CIFSMaxBufSize) {
2527                 cERROR(1, "rsize %d too large, using MaxBufSize",
2528                         pvolume_info->rsize);
2529                 cifs_sb->rsize = CIFSMaxBufSize;
2530         } else if ((pvolume_info->rsize) &&
2531                         (pvolume_info->rsize <= CIFSMaxBufSize))
2532                 cifs_sb->rsize = pvolume_info->rsize;
2533         else /* default */
2534                 cifs_sb->rsize = CIFSMaxBufSize;
2535
2536         if (pvolume_info->wsize > PAGEVEC_SIZE * PAGE_CACHE_SIZE) {
2537                 cERROR(1, "wsize %d too large, using 4096 instead",
2538                           pvolume_info->wsize);
2539                 cifs_sb->wsize = 4096;
2540         } else if (pvolume_info->wsize)
2541                 cifs_sb->wsize = pvolume_info->wsize;
2542         else
2543                 cifs_sb->wsize = min_t(const int,
2544                                         PAGEVEC_SIZE * PAGE_CACHE_SIZE,
2545                                         127*1024);
2546                 /* old default of CIFSMaxBufSize was too small now
2547                    that SMB Write2 can send multiple pages in kvec.
2548                    RFC1001 does not describe what happens when frame
2549                    bigger than 128K is sent so use that as max in
2550                    conjunction with 52K kvec constraint on arch with 4K
2551                    page size  */
2552
2553         if (cifs_sb->rsize < 2048) {
2554                 cifs_sb->rsize = 2048;
2555                 /* Windows ME may prefer this */
2556                 cFYI(1, "readsize set to minimum: 2048");
2557         }
2558         /* calculate prepath */
2559         cifs_sb->prepath = pvolume_info->prepath;
2560         if (cifs_sb->prepath) {
2561                 cifs_sb->prepathlen = strlen(cifs_sb->prepath);
2562                 /* we can not convert the / to \ in the path
2563                 separators in the prefixpath yet because we do not
2564                 know (until reset_cifs_unix_caps is called later)
2565                 whether POSIX PATH CAP is available. We normalize
2566                 the / to \ after reset_cifs_unix_caps is called */
2567                 pvolume_info->prepath = NULL;
2568         } else
2569                 cifs_sb->prepathlen = 0;
2570         cifs_sb->mnt_uid = pvolume_info->linux_uid;
2571         cifs_sb->mnt_gid = pvolume_info->linux_gid;
2572         cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2573         cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
2574         cFYI(1, "file mode: 0x%x  dir mode: 0x%x",
2575                 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
2576
2577         cifs_sb->actimeo = pvolume_info->actimeo;
2578
2579         if (pvolume_info->noperm)
2580                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2581         if (pvolume_info->setuids)
2582                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2583         if (pvolume_info->server_ino)
2584                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2585         if (pvolume_info->remap)
2586                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2587         if (pvolume_info->no_xattr)
2588                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2589         if (pvolume_info->sfu_emul)
2590                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2591         if (pvolume_info->nobrl)
2592                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
2593         if (pvolume_info->nostrictsync)
2594                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
2595         if (pvolume_info->mand_lock)
2596                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
2597         if (pvolume_info->cifs_acl)
2598                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
2599         if (pvolume_info->override_uid)
2600                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
2601         if (pvolume_info->override_gid)
2602                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
2603         if (pvolume_info->dynperm)
2604                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
2605         if (pvolume_info->fsc)
2606                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
2607         if (pvolume_info->multiuser)
2608                 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
2609                                             CIFS_MOUNT_NO_PERM);
2610         if (pvolume_info->strict_io)
2611                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
2612         if (pvolume_info->direct_io) {
2613                 cFYI(1, "mounting share using direct i/o");
2614                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
2615         }
2616         if (pvolume_info->mfsymlinks) {
2617                 if (pvolume_info->sfu_emul) {
2618                         cERROR(1,  "mount option mfsymlinks ignored if sfu "
2619                                    "mount option is used");
2620                 } else {
2621                         cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
2622                 }
2623         }
2624
2625         if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
2626                 cERROR(1, "mount option dynperm ignored if cifsacl "
2627                            "mount option supported");
2628 }
2629
2630 static int
2631 is_path_accessible(int xid, struct cifsTconInfo *tcon,
2632                    struct cifs_sb_info *cifs_sb, const char *full_path)
2633 {
2634         int rc;
2635         FILE_ALL_INFO *pfile_info;
2636
2637         pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
2638         if (pfile_info == NULL)
2639                 return -ENOMEM;
2640
2641         rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
2642                               0 /* not legacy */, cifs_sb->local_nls,
2643                               cifs_sb->mnt_cifs_flags &
2644                                 CIFS_MOUNT_MAP_SPECIAL_CHR);
2645         kfree(pfile_info);
2646         return rc;
2647 }
2648
2649 static void
2650 cleanup_volume_info(struct smb_vol **pvolume_info)
2651 {
2652         struct smb_vol *volume_info;
2653
2654         if (!pvolume_info || !*pvolume_info)
2655                 return;
2656
2657         volume_info = *pvolume_info;
2658         kzfree(volume_info->password);
2659         kfree(volume_info->UNC);
2660         kfree(volume_info->prepath);
2661         kfree(volume_info);
2662         *pvolume_info = NULL;
2663         return;
2664 }
2665
2666 #ifdef CONFIG_CIFS_DFS_UPCALL
2667 /* build_path_to_root returns full path to root when
2668  * we do not have an exiting connection (tcon) */
2669 static char *
2670 build_unc_path_to_root(const struct smb_vol *volume_info,
2671                 const struct cifs_sb_info *cifs_sb)
2672 {
2673         char *full_path;
2674
2675         int unc_len = strnlen(volume_info->UNC, MAX_TREE_SIZE + 1);
2676         full_path = kmalloc(unc_len + cifs_sb->prepathlen + 1, GFP_KERNEL);
2677         if (full_path == NULL)
2678                 return ERR_PTR(-ENOMEM);
2679
2680         strncpy(full_path, volume_info->UNC, unc_len);
2681         if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) {
2682                 int i;
2683                 for (i = 0; i < unc_len; i++) {
2684                         if (full_path[i] == '\\')
2685                                 full_path[i] = '/';
2686                 }
2687         }
2688
2689         if (cifs_sb->prepathlen)
2690                 strncpy(full_path + unc_len, cifs_sb->prepath,
2691                                 cifs_sb->prepathlen);
2692
2693         full_path[unc_len + cifs_sb->prepathlen] = 0; /* add trailing null */
2694         return full_path;
2695 }
2696 #endif
2697
2698 int
2699 cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
2700                 char *mount_data_global, const char *devname)
2701 {
2702         int rc;
2703         int xid;
2704         struct smb_vol *volume_info;
2705         struct cifsSesInfo *pSesInfo;
2706         struct cifsTconInfo *tcon;
2707         struct TCP_Server_Info *srvTcp;
2708         char   *full_path;
2709         char *mount_data = mount_data_global;
2710         struct tcon_link *tlink;
2711 #ifdef CONFIG_CIFS_DFS_UPCALL
2712         struct dfs_info3_param *referrals = NULL;
2713         unsigned int num_referrals = 0;
2714         int referral_walks_count = 0;
2715 try_mount_again:
2716 #endif
2717         rc = 0;
2718         tcon = NULL;
2719         pSesInfo = NULL;
2720         srvTcp = NULL;
2721         full_path = NULL;
2722         tlink = NULL;
2723
2724         xid = GetXid();
2725
2726         volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
2727         if (!volume_info) {
2728                 rc = -ENOMEM;
2729                 goto out;
2730         }
2731
2732         if (cifs_parse_mount_options(mount_data, devname, volume_info)) {
2733                 rc = -EINVAL;
2734                 goto out;
2735         }
2736
2737         if (volume_info->nullauth) {
2738                 cFYI(1, "null user");
2739                 volume_info->username = "";
2740         } else if (volume_info->username) {
2741                 /* BB fixme parse for domain name here */
2742                 cFYI(1, "Username: %s", volume_info->username);
2743         } else {
2744                 cifserror("No username specified");
2745         /* In userspace mount helper we can get user name from alternate
2746            locations such as env variables and files on disk */
2747                 rc = -EINVAL;
2748                 goto out;
2749         }
2750
2751         /* this is needed for ASCII cp to Unicode converts */
2752         if (volume_info->iocharset == NULL) {
2753                 /* load_nls_default cannot return null */
2754                 volume_info->local_nls = load_nls_default();
2755         } else {
2756                 volume_info->local_nls = load_nls(volume_info->iocharset);
2757                 if (volume_info->local_nls == NULL) {
2758                         cERROR(1, "CIFS mount error: iocharset %s not found",
2759                                  volume_info->iocharset);
2760                         rc = -ELIBACC;
2761                         goto out;
2762                 }
2763         }
2764         cifs_sb->local_nls = volume_info->local_nls;
2765
2766         /* get a reference to a tcp session */
2767         srvTcp = cifs_get_tcp_session(volume_info);
2768         if (IS_ERR(srvTcp)) {
2769                 rc = PTR_ERR(srvTcp);
2770                 goto out;
2771         }
2772
2773         /* get a reference to a SMB session */
2774         pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
2775         if (IS_ERR(pSesInfo)) {
2776                 rc = PTR_ERR(pSesInfo);
2777                 pSesInfo = NULL;
2778                 goto mount_fail_check;
2779         }
2780
2781         setup_cifs_sb(volume_info, cifs_sb);
2782         if (pSesInfo->capabilities & CAP_LARGE_FILES)
2783                 sb->s_maxbytes = MAX_LFS_FILESIZE;
2784         else
2785                 sb->s_maxbytes = MAX_NON_LFS;
2786
2787         /* BB FIXME fix time_gran to be larger for LANMAN sessions */
2788         sb->s_time_gran = 100;
2789
2790         /* search for existing tcon to this server share */
2791         tcon = cifs_get_tcon(pSesInfo, volume_info);
2792         if (IS_ERR(tcon)) {
2793                 rc = PTR_ERR(tcon);
2794                 tcon = NULL;
2795                 goto remote_path_check;
2796         }
2797
2798         /* do not care if following two calls succeed - informational */
2799         if (!tcon->ipc) {
2800                 CIFSSMBQFSDeviceInfo(xid, tcon);
2801                 CIFSSMBQFSAttributeInfo(xid, tcon);
2802         }
2803
2804         /* tell server which Unix caps we support */
2805         if (tcon->ses->capabilities & CAP_UNIX)
2806                 /* reset of caps checks mount to see if unix extensions
2807                    disabled for just this mount */
2808                 reset_cifs_unix_caps(xid, tcon, sb, volume_info);
2809         else
2810                 tcon->unix_ext = 0; /* server does not support them */
2811
2812         /* convert forward to back slashes in prepath here if needed */
2813         if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) == 0)
2814                 convert_delimiter(cifs_sb->prepath, CIFS_DIR_SEP(cifs_sb));
2815
2816         if ((tcon->unix_ext == 0) && (cifs_sb->rsize > (1024 * 127))) {
2817                 cifs_sb->rsize = 1024 * 127;
2818                 cFYI(DBG2, "no very large read support, rsize now 127K");
2819         }
2820         if (!(tcon->ses->capabilities & CAP_LARGE_WRITE_X))
2821                 cifs_sb->wsize = min(cifs_sb->wsize,
2822                                (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
2823         if (!(tcon->ses->capabilities & CAP_LARGE_READ_X))
2824                 cifs_sb->rsize = min(cifs_sb->rsize,
2825                                (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
2826
2827 remote_path_check:
2828         /* check if a whole path (including prepath) is not remote */
2829         if (!rc && cifs_sb->prepathlen && tcon) {
2830                 /* build_path_to_root works only when we have a valid tcon */
2831                 full_path = cifs_build_path_to_root(cifs_sb, tcon);
2832                 if (full_path == NULL) {
2833                         rc = -ENOMEM;
2834                         goto mount_fail_check;
2835                 }
2836                 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
2837                 if (rc != 0 && rc != -EREMOTE) {
2838                         kfree(full_path);
2839                         goto mount_fail_check;
2840                 }
2841                 kfree(full_path);
2842         }
2843
2844         /* get referral if needed */
2845         if (rc == -EREMOTE) {
2846 #ifdef CONFIG_CIFS_DFS_UPCALL
2847                 if (referral_walks_count > MAX_NESTED_LINKS) {
2848                         /*
2849                          * BB: when we implement proper loop detection,
2850                          *     we will remove this check. But now we need it
2851                          *     to prevent an indefinite loop if 'DFS tree' is
2852                          *     misconfigured (i.e. has loops).
2853                          */
2854                         rc = -ELOOP;
2855                         goto mount_fail_check;
2856                 }
2857                 /* convert forward to back slashes in prepath here if needed */
2858                 if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) == 0)
2859                         convert_delimiter(cifs_sb->prepath,
2860                                         CIFS_DIR_SEP(cifs_sb));
2861                 full_path = build_unc_path_to_root(volume_info, cifs_sb);
2862                 if (IS_ERR(full_path)) {
2863                         rc = PTR_ERR(full_path);
2864                         goto mount_fail_check;
2865                 }
2866
2867                 cFYI(1, "Getting referral for: %s", full_path);
2868                 rc = get_dfs_path(xid, pSesInfo , full_path + 1,
2869                         cifs_sb->local_nls, &num_referrals, &referrals,
2870                         cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
2871                 if (!rc && num_referrals > 0) {
2872                         char *fake_devname = NULL;
2873
2874                         if (mount_data != mount_data_global)