Merge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6
[pandora-kernel.git] / fs / cifs / connect.c
1 /*
2  *   fs/cifs/connect.c
3  *
4  *   Copyright (C) International Business Machines  Corp., 2002,2009
5  *   Author(s): Steve French (sfrench@us.ibm.com)
6  *
7  *   This library is free software; you can redistribute it and/or modify
8  *   it under the terms of the GNU Lesser General Public License as published
9  *   by the Free Software Foundation; either version 2.1 of the License, or
10  *   (at your option) any later version.
11  *
12  *   This library is distributed in the hope that it will be useful,
13  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
14  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
15  *   the GNU Lesser General Public License for more details.
16  *
17  *   You should have received a copy of the GNU Lesser General Public License
18  *   along with this library; if not, write to the Free Software
19  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20  */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/slab.h>
27 #include <linux/pagemap.h>
28 #include <linux/ctype.h>
29 #include <linux/utsname.h>
30 #include <linux/mempool.h>
31 #include <linux/delay.h>
32 #include <linux/completion.h>
33 #include <linux/kthread.h>
34 #include <linux/pagevec.h>
35 #include <linux/freezer.h>
36 #include <linux/namei.h>
37 #include <asm/uaccess.h>
38 #include <asm/processor.h>
39 #include <linux/inet.h>
40 #include <net/ipv6.h>
41 #include "cifspdu.h"
42 #include "cifsglob.h"
43 #include "cifsproto.h"
44 #include "cifs_unicode.h"
45 #include "cifs_debug.h"
46 #include "cifs_fs_sb.h"
47 #include "ntlmssp.h"
48 #include "nterr.h"
49 #include "rfc1002pdu.h"
50 #include "fscache.h"
51
52 #define CIFS_PORT 445
53 #define RFC1001_PORT 139
54
55 /* SMB echo "timeout" -- FIXME: tunable? */
56 #define SMB_ECHO_INTERVAL (60 * HZ)
57
58 extern mempool_t *cifs_req_poolp;
59
60 struct smb_vol {
61         char *username;
62         char *password;
63         char *domainname;
64         char *UNC;
65         char *UNCip;
66         char *iocharset;  /* local code page for mapping to and from Unicode */
67         char source_rfc1001_name[RFC1001_NAME_LEN_WITH_NULL]; /* clnt nb name */
68         char target_rfc1001_name[RFC1001_NAME_LEN_WITH_NULL]; /* srvr nb name */
69         uid_t cred_uid;
70         uid_t linux_uid;
71         gid_t linux_gid;
72         mode_t file_mode;
73         mode_t dir_mode;
74         unsigned secFlg;
75         bool retry:1;
76         bool intr:1;
77         bool setuids:1;
78         bool override_uid:1;
79         bool override_gid:1;
80         bool dynperm:1;
81         bool noperm:1;
82         bool no_psx_acl:1; /* set if posix acl support should be disabled */
83         bool cifs_acl:1;
84         bool no_xattr:1;   /* set if xattr (EA) support should be disabled*/
85         bool server_ino:1; /* use inode numbers from server ie UniqueId */
86         bool direct_io:1;
87         bool strict_io:1; /* strict cache behavior */
88         bool remap:1;      /* set to remap seven reserved chars in filenames */
89         bool posix_paths:1; /* unset to not ask for posix pathnames. */
90         bool no_linux_ext:1;
91         bool sfu_emul:1;
92         bool nullauth:1;   /* attempt to authenticate with null user */
93         bool nocase:1;     /* request case insensitive filenames */
94         bool nobrl:1;      /* disable sending byte range locks to srv */
95         bool mand_lock:1;  /* send mandatory not posix byte range lock reqs */
96         bool seal:1;       /* request transport encryption on share */
97         bool nodfs:1;      /* Do not request DFS, even if available */
98         bool local_lease:1; /* check leases only on local system, not remote */
99         bool noblocksnd:1;
100         bool noautotune:1;
101         bool nostrictsync:1; /* do not force expensive SMBflush on every sync */
102         bool fsc:1;     /* enable fscache */
103         bool mfsymlinks:1; /* use Minshall+French Symlinks */
104         bool multiuser:1;
105         unsigned int rsize;
106         unsigned int wsize;
107         bool sockopt_tcp_nodelay:1;
108         unsigned short int port;
109         unsigned long actimeo; /* attribute cache timeout (jiffies) */
110         char *prepath;
111         struct sockaddr_storage srcaddr; /* allow binding to a local IP */
112         struct nls_table *local_nls;
113 };
114
115 /* FIXME: should these be tunable? */
116 #define TLINK_ERROR_EXPIRE      (1 * HZ)
117 #define TLINK_IDLE_EXPIRE       (600 * HZ)
118
119 static int ip_connect(struct TCP_Server_Info *server);
120 static int generic_ip_connect(struct TCP_Server_Info *server);
121 static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
122 static void cifs_prune_tlinks(struct work_struct *work);
123
124 /*
125  * cifs tcp session reconnection
126  *
127  * mark tcp session as reconnecting so temporarily locked
128  * mark all smb sessions as reconnecting for tcp session
129  * reconnect tcp session
130  * wake up waiters on reconnection? - (not needed currently)
131  */
132 static int
133 cifs_reconnect(struct TCP_Server_Info *server)
134 {
135         int rc = 0;
136         struct list_head *tmp, *tmp2;
137         struct cifsSesInfo *ses;
138         struct cifsTconInfo *tcon;
139         struct mid_q_entry *mid_entry;
140
141         spin_lock(&GlobalMid_Lock);
142         if (server->tcpStatus == CifsExiting) {
143                 /* the demux thread will exit normally
144                 next time through the loop */
145                 spin_unlock(&GlobalMid_Lock);
146                 return rc;
147         } else
148                 server->tcpStatus = CifsNeedReconnect;
149         spin_unlock(&GlobalMid_Lock);
150         server->maxBuf = 0;
151
152         cFYI(1, "Reconnecting tcp session");
153
154         /* before reconnecting the tcp session, mark the smb session (uid)
155                 and the tid bad so they are not used until reconnected */
156         cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
157         spin_lock(&cifs_tcp_ses_lock);
158         list_for_each(tmp, &server->smb_ses_list) {
159                 ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list);
160                 ses->need_reconnect = true;
161                 ses->ipc_tid = 0;
162                 list_for_each(tmp2, &ses->tcon_list) {
163                         tcon = list_entry(tmp2, struct cifsTconInfo, tcon_list);
164                         tcon->need_reconnect = true;
165                 }
166         }
167         spin_unlock(&cifs_tcp_ses_lock);
168
169         /* do not want to be sending data on a socket we are freeing */
170         cFYI(1, "%s: tearing down socket", __func__);
171         mutex_lock(&server->srv_mutex);
172         if (server->ssocket) {
173                 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
174                         server->ssocket->flags);
175                 kernel_sock_shutdown(server->ssocket, SHUT_WR);
176                 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
177                         server->ssocket->state,
178                         server->ssocket->flags);
179                 sock_release(server->ssocket);
180                 server->ssocket = NULL;
181         }
182         server->sequence_number = 0;
183         server->session_estab = false;
184         kfree(server->session_key.response);
185         server->session_key.response = NULL;
186         server->session_key.len = 0;
187         server->lstrp = jiffies;
188         mutex_unlock(&server->srv_mutex);
189
190         /* mark submitted MIDs for retry and issue callback */
191         cFYI(1, "%s: issuing mid callbacks", __func__);
192         spin_lock(&GlobalMid_Lock);
193         list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
194                 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
195                 if (mid_entry->midState == MID_REQUEST_SUBMITTED)
196                         mid_entry->midState = MID_RETRY_NEEDED;
197                 list_del_init(&mid_entry->qhead);
198                 mid_entry->callback(mid_entry);
199         }
200         spin_unlock(&GlobalMid_Lock);
201
202         while (server->tcpStatus == CifsNeedReconnect) {
203                 try_to_freeze();
204
205                 /* we should try only the port we connected to before */
206                 rc = generic_ip_connect(server);
207                 if (rc) {
208                         cFYI(1, "reconnect error %d", rc);
209                         msleep(3000);
210                 } else {
211                         atomic_inc(&tcpSesReconnectCount);
212                         spin_lock(&GlobalMid_Lock);
213                         if (server->tcpStatus != CifsExiting)
214                                 server->tcpStatus = CifsNeedNegotiate;
215                         spin_unlock(&GlobalMid_Lock);
216                 }
217         }
218
219         return rc;
220 }
221
222 /*
223         return codes:
224                 0       not a transact2, or all data present
225                 >0      transact2 with that much data missing
226                 -EINVAL = invalid transact2
227
228  */
229 static int check2ndT2(struct smb_hdr *pSMB, unsigned int maxBufSize)
230 {
231         struct smb_t2_rsp *pSMBt;
232         int remaining;
233         __u16 total_data_size, data_in_this_rsp;
234
235         if (pSMB->Command != SMB_COM_TRANSACTION2)
236                 return 0;
237
238         /* check for plausible wct, bcc and t2 data and parm sizes */
239         /* check for parm and data offset going beyond end of smb */
240         if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
241                 cFYI(1, "invalid transact2 word count");
242                 return -EINVAL;
243         }
244
245         pSMBt = (struct smb_t2_rsp *)pSMB;
246
247         total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
248         data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
249
250         if (total_data_size == data_in_this_rsp)
251                 return 0;
252         else if (total_data_size < data_in_this_rsp) {
253                 cFYI(1, "total data %d smaller than data in frame %d",
254                         total_data_size, data_in_this_rsp);
255                 return -EINVAL;
256         }
257
258         remaining = total_data_size - data_in_this_rsp;
259
260         cFYI(1, "missing %d bytes from transact2, check next response",
261                 remaining);
262         if (total_data_size > maxBufSize) {
263                 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
264                         total_data_size, maxBufSize);
265                 return -EINVAL;
266         }
267         return remaining;
268 }
269
270 static int coalesce_t2(struct smb_hdr *psecond, struct smb_hdr *pTargetSMB)
271 {
272         struct smb_t2_rsp *pSMB2 = (struct smb_t2_rsp *)psecond;
273         struct smb_t2_rsp *pSMBt  = (struct smb_t2_rsp *)pTargetSMB;
274         char *data_area_of_target;
275         char *data_area_of_buf2;
276         int remaining;
277         __u16 byte_count, total_data_size, total_in_buf, total_in_buf2;
278
279         total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
280
281         if (total_data_size !=
282             get_unaligned_le16(&pSMB2->t2_rsp.TotalDataCount))
283                 cFYI(1, "total data size of primary and secondary t2 differ");
284
285         total_in_buf = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
286
287         remaining = total_data_size - total_in_buf;
288
289         if (remaining < 0)
290                 return -EINVAL;
291
292         if (remaining == 0) /* nothing to do, ignore */
293                 return 0;
294
295         total_in_buf2 = get_unaligned_le16(&pSMB2->t2_rsp.DataCount);
296         if (remaining < total_in_buf2) {
297                 cFYI(1, "transact2 2nd response contains too much data");
298         }
299
300         /* find end of first SMB data area */
301         data_area_of_target = (char *)&pSMBt->hdr.Protocol +
302                                 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
303         /* validate target area */
304
305         data_area_of_buf2 = (char *)&pSMB2->hdr.Protocol +
306                                 get_unaligned_le16(&pSMB2->t2_rsp.DataOffset);
307
308         data_area_of_target += total_in_buf;
309
310         /* copy second buffer into end of first buffer */
311         memcpy(data_area_of_target, data_area_of_buf2, total_in_buf2);
312         total_in_buf += total_in_buf2;
313         put_unaligned_le16(total_in_buf, &pSMBt->t2_rsp.DataCount);
314         byte_count = get_bcc_le(pTargetSMB);
315         byte_count += total_in_buf2;
316         put_bcc_le(byte_count, pTargetSMB);
317
318         byte_count = pTargetSMB->smb_buf_length;
319         byte_count += total_in_buf2;
320
321         /* BB also add check that we are not beyond maximum buffer size */
322
323         pTargetSMB->smb_buf_length = byte_count;
324
325         if (remaining == total_in_buf2) {
326                 cFYI(1, "found the last secondary response");
327                 return 0; /* we are done */
328         } else /* more responses to go */
329                 return 1;
330 }
331
332 static void
333 cifs_echo_request(struct work_struct *work)
334 {
335         int rc;
336         struct TCP_Server_Info *server = container_of(work,
337                                         struct TCP_Server_Info, echo.work);
338
339         /*
340          * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
341          * done, which is indicated by maxBuf != 0. Also, no need to ping if
342          * we got a response recently
343          */
344         if (server->maxBuf == 0 ||
345             time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
346                 goto requeue_echo;
347
348         rc = CIFSSMBEcho(server);
349         if (rc)
350                 cFYI(1, "Unable to send echo request to server: %s",
351                         server->hostname);
352
353 requeue_echo:
354         queue_delayed_work(system_nrt_wq, &server->echo, SMB_ECHO_INTERVAL);
355 }
356
357 static int
358 cifs_demultiplex_thread(struct TCP_Server_Info *server)
359 {
360         int length;
361         unsigned int pdu_length, total_read;
362         struct smb_hdr *smb_buffer = NULL;
363         struct smb_hdr *bigbuf = NULL;
364         struct smb_hdr *smallbuf = NULL;
365         struct msghdr smb_msg;
366         struct kvec iov;
367         struct socket *csocket = server->ssocket;
368         struct list_head *tmp, *tmp2;
369         struct task_struct *task_to_wake = NULL;
370         struct mid_q_entry *mid_entry;
371         char temp;
372         bool isLargeBuf = false;
373         bool isMultiRsp;
374         int reconnect;
375
376         current->flags |= PF_MEMALLOC;
377         cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
378
379         length = atomic_inc_return(&tcpSesAllocCount);
380         if (length > 1)
381                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
382                                 GFP_KERNEL);
383
384         set_freezable();
385         while (server->tcpStatus != CifsExiting) {
386                 if (try_to_freeze())
387                         continue;
388                 if (bigbuf == NULL) {
389                         bigbuf = cifs_buf_get();
390                         if (!bigbuf) {
391                                 cERROR(1, "No memory for large SMB response");
392                                 msleep(3000);
393                                 /* retry will check if exiting */
394                                 continue;
395                         }
396                 } else if (isLargeBuf) {
397                         /* we are reusing a dirty large buf, clear its start */
398                         memset(bigbuf, 0, sizeof(struct smb_hdr));
399                 }
400
401                 if (smallbuf == NULL) {
402                         smallbuf = cifs_small_buf_get();
403                         if (!smallbuf) {
404                                 cERROR(1, "No memory for SMB response");
405                                 msleep(1000);
406                                 /* retry will check if exiting */
407                                 continue;
408                         }
409                         /* beginning of smb buffer is cleared in our buf_get */
410                 } else /* if existing small buf clear beginning */
411                         memset(smallbuf, 0, sizeof(struct smb_hdr));
412
413                 isLargeBuf = false;
414                 isMultiRsp = false;
415                 smb_buffer = smallbuf;
416                 iov.iov_base = smb_buffer;
417                 iov.iov_len = 4;
418                 smb_msg.msg_control = NULL;
419                 smb_msg.msg_controllen = 0;
420                 pdu_length = 4; /* enough to get RFC1001 header */
421
422 incomplete_rcv:
423                 if (echo_retries > 0 && server->tcpStatus == CifsGood &&
424                     time_after(jiffies, server->lstrp +
425                                         (echo_retries * SMB_ECHO_INTERVAL))) {
426                         cERROR(1, "Server %s has not responded in %d seconds. "
427                                   "Reconnecting...", server->hostname,
428                                   (echo_retries * SMB_ECHO_INTERVAL / HZ));
429                         cifs_reconnect(server);
430                         csocket = server->ssocket;
431                         wake_up(&server->response_q);
432                         continue;
433                 }
434
435                 length =
436                     kernel_recvmsg(csocket, &smb_msg,
437                                 &iov, 1, pdu_length, 0 /* BB other flags? */);
438
439                 if (server->tcpStatus == CifsExiting) {
440                         break;
441                 } else if (server->tcpStatus == CifsNeedReconnect) {
442                         cFYI(1, "Reconnect after server stopped responding");
443                         cifs_reconnect(server);
444                         cFYI(1, "call to reconnect done");
445                         csocket = server->ssocket;
446                         continue;
447                 } else if (length == -ERESTARTSYS ||
448                            length == -EAGAIN ||
449                            length == -EINTR) {
450                         msleep(1); /* minimum sleep to prevent looping
451                                 allowing socket to clear and app threads to set
452                                 tcpStatus CifsNeedReconnect if server hung */
453                         if (pdu_length < 4) {
454                                 iov.iov_base = (4 - pdu_length) +
455                                                         (char *)smb_buffer;
456                                 iov.iov_len = pdu_length;
457                                 smb_msg.msg_control = NULL;
458                                 smb_msg.msg_controllen = 0;
459                                 goto incomplete_rcv;
460                         } else
461                                 continue;
462                 } else if (length <= 0) {
463                         cFYI(1, "Reconnect after unexpected peek error %d",
464                                 length);
465                         cifs_reconnect(server);
466                         csocket = server->ssocket;
467                         wake_up(&server->response_q);
468                         continue;
469                 } else if (length < pdu_length) {
470                         cFYI(1, "requested %d bytes but only got %d bytes",
471                                   pdu_length, length);
472                         pdu_length -= length;
473                         msleep(1);
474                         goto incomplete_rcv;
475                 }
476
477                 /* The right amount was read from socket - 4 bytes */
478                 /* so we can now interpret the length field */
479
480                 /* the first byte big endian of the length field,
481                 is actually not part of the length but the type
482                 with the most common, zero, as regular data */
483                 temp = *((char *) smb_buffer);
484
485                 /* Note that FC 1001 length is big endian on the wire,
486                 but we convert it here so it is always manipulated
487                 as host byte order */
488                 pdu_length = be32_to_cpu((__force __be32)smb_buffer->smb_buf_length);
489                 smb_buffer->smb_buf_length = pdu_length;
490
491                 cFYI(1, "rfc1002 length 0x%x", pdu_length+4);
492
493                 if (temp == (char) RFC1002_SESSION_KEEP_ALIVE) {
494                         continue;
495                 } else if (temp == (char)RFC1002_POSITIVE_SESSION_RESPONSE) {
496                         cFYI(1, "Good RFC 1002 session rsp");
497                         continue;
498                 } else if (temp == (char)RFC1002_NEGATIVE_SESSION_RESPONSE) {
499                         /* we get this from Windows 98 instead of
500                            an error on SMB negprot response */
501                         cFYI(1, "Negative RFC1002 Session Response Error 0x%x)",
502                                 pdu_length);
503                         /* give server a second to clean up  */
504                         msleep(1000);
505                         /* always try 445 first on reconnect since we get NACK
506                          * on some if we ever connected to port 139 (the NACK
507                          * is since we do not begin with RFC1001 session
508                          * initialize frame)
509                          */
510                         cifs_set_port((struct sockaddr *)
511                                         &server->dstaddr, CIFS_PORT);
512                         cifs_reconnect(server);
513                         csocket = server->ssocket;
514                         wake_up(&server->response_q);
515                         continue;
516                 } else if (temp != (char) 0) {
517                         cERROR(1, "Unknown RFC 1002 frame");
518                         cifs_dump_mem(" Received Data: ", (char *)smb_buffer,
519                                       length);
520                         cifs_reconnect(server);
521                         csocket = server->ssocket;
522                         continue;
523                 }
524
525                 /* else we have an SMB response */
526                 if ((pdu_length > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) ||
527                             (pdu_length < sizeof(struct smb_hdr) - 1 - 4)) {
528                         cERROR(1, "Invalid size SMB length %d pdu_length %d",
529                                         length, pdu_length+4);
530                         cifs_reconnect(server);
531                         csocket = server->ssocket;
532                         wake_up(&server->response_q);
533                         continue;
534                 }
535
536                 /* else length ok */
537                 reconnect = 0;
538
539                 if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
540                         isLargeBuf = true;
541                         memcpy(bigbuf, smallbuf, 4);
542                         smb_buffer = bigbuf;
543                 }
544                 length = 0;
545                 iov.iov_base = 4 + (char *)smb_buffer;
546                 iov.iov_len = pdu_length;
547                 for (total_read = 0; total_read < pdu_length;
548                      total_read += length) {
549                         length = kernel_recvmsg(csocket, &smb_msg, &iov, 1,
550                                                 pdu_length - total_read, 0);
551                         if (server->tcpStatus == CifsExiting) {
552                                 /* then will exit */
553                                 reconnect = 2;
554                                 break;
555                         } else if (server->tcpStatus == CifsNeedReconnect) {
556                                 cifs_reconnect(server);
557                                 csocket = server->ssocket;
558                                 /* Reconnect wakes up rspns q */
559                                 /* Now we will reread sock */
560                                 reconnect = 1;
561                                 break;
562                         } else if (length == -ERESTARTSYS ||
563                                    length == -EAGAIN ||
564                                    length == -EINTR) {
565                                 msleep(1); /* minimum sleep to prevent looping,
566                                               allowing socket to clear and app
567                                               threads to set tcpStatus
568                                               CifsNeedReconnect if server hung*/
569                                 length = 0;
570                                 continue;
571                         } else if (length <= 0) {
572                                 cERROR(1, "Received no data, expecting %d",
573                                               pdu_length - total_read);
574                                 cifs_reconnect(server);
575                                 csocket = server->ssocket;
576                                 reconnect = 1;
577                                 break;
578                         }
579                 }
580                 if (reconnect == 2)
581                         break;
582                 else if (reconnect == 1)
583                         continue;
584
585                 total_read += 4; /* account for rfc1002 hdr */
586
587                 dump_smb(smb_buffer, total_read);
588
589                 /*
590                  * We know that we received enough to get to the MID as we
591                  * checked the pdu_length earlier. Now check to see
592                  * if the rest of the header is OK. We borrow the length
593                  * var for the rest of the loop to avoid a new stack var.
594                  *
595                  * 48 bytes is enough to display the header and a little bit
596                  * into the payload for debugging purposes.
597                  */
598                 length = checkSMB(smb_buffer, smb_buffer->Mid, total_read);
599                 if (length != 0)
600                         cifs_dump_mem("Bad SMB: ", smb_buffer,
601                                         min_t(unsigned int, total_read, 48));
602
603                 mid_entry = NULL;
604                 server->lstrp = jiffies;
605
606                 spin_lock(&GlobalMid_Lock);
607                 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
608                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
609
610                         if ((mid_entry->mid == smb_buffer->Mid) &&
611                             (mid_entry->midState == MID_REQUEST_SUBMITTED) &&
612                             (mid_entry->command == smb_buffer->Command)) {
613                                 if (length == 0 &&
614                                    check2ndT2(smb_buffer, server->maxBuf) > 0) {
615                                         /* We have a multipart transact2 resp */
616                                         isMultiRsp = true;
617                                         if (mid_entry->resp_buf) {
618                                                 /* merge response - fix up 1st*/
619                                                 if (coalesce_t2(smb_buffer,
620                                                         mid_entry->resp_buf)) {
621                                                         mid_entry->multiRsp =
622                                                                  true;
623                                                         break;
624                                                 } else {
625                                                         /* all parts received */
626                                                         mid_entry->multiEnd =
627                                                                  true;
628                                                         goto multi_t2_fnd;
629                                                 }
630                                         } else {
631                                                 if (!isLargeBuf) {
632                                                         cERROR(1, "1st trans2 resp needs bigbuf");
633                                         /* BB maybe we can fix this up,  switch
634                                            to already allocated large buffer? */
635                                                 } else {
636                                                         /* Have first buffer */
637                                                         mid_entry->resp_buf =
638                                                                  smb_buffer;
639                                                         mid_entry->largeBuf =
640                                                                  true;
641                                                         bigbuf = NULL;
642                                                 }
643                                         }
644                                         break;
645                                 }
646                                 mid_entry->resp_buf = smb_buffer;
647                                 mid_entry->largeBuf = isLargeBuf;
648 multi_t2_fnd:
649                                 if (length == 0)
650                                         mid_entry->midState =
651                                                         MID_RESPONSE_RECEIVED;
652                                 else
653                                         mid_entry->midState =
654                                                         MID_RESPONSE_MALFORMED;
655 #ifdef CONFIG_CIFS_STATS2
656                                 mid_entry->when_received = jiffies;
657 #endif
658                                 list_del_init(&mid_entry->qhead);
659                                 mid_entry->callback(mid_entry);
660                                 break;
661                         }
662                         mid_entry = NULL;
663                 }
664                 spin_unlock(&GlobalMid_Lock);
665
666                 if (mid_entry != NULL) {
667                         /* Was previous buf put in mpx struct for multi-rsp? */
668                         if (!isMultiRsp) {
669                                 /* smb buffer will be freed by user thread */
670                                 if (isLargeBuf)
671                                         bigbuf = NULL;
672                                 else
673                                         smallbuf = NULL;
674                         }
675                 } else if (length != 0) {
676                         /* response sanity checks failed */
677                         continue;
678                 } else if (!is_valid_oplock_break(smb_buffer, server) &&
679                            !isMultiRsp) {
680                         cERROR(1, "No task to wake, unknown frame received! "
681                                    "NumMids %d", atomic_read(&midCount));
682                         cifs_dump_mem("Received Data is: ", (char *)smb_buffer,
683                                       sizeof(struct smb_hdr));
684 #ifdef CONFIG_CIFS_DEBUG2
685                         cifs_dump_detail(smb_buffer);
686                         cifs_dump_mids(server);
687 #endif /* CIFS_DEBUG2 */
688
689                 }
690         } /* end while !EXITING */
691
692         /* take it off the list, if it's not already */
693         spin_lock(&cifs_tcp_ses_lock);
694         list_del_init(&server->tcp_ses_list);
695         spin_unlock(&cifs_tcp_ses_lock);
696
697         spin_lock(&GlobalMid_Lock);
698         server->tcpStatus = CifsExiting;
699         spin_unlock(&GlobalMid_Lock);
700         wake_up_all(&server->response_q);
701
702         /* check if we have blocked requests that need to free */
703         /* Note that cifs_max_pending is normally 50, but
704         can be set at module install time to as little as two */
705         spin_lock(&GlobalMid_Lock);
706         if (atomic_read(&server->inFlight) >= cifs_max_pending)
707                 atomic_set(&server->inFlight, cifs_max_pending - 1);
708         /* We do not want to set the max_pending too low or we
709         could end up with the counter going negative */
710         spin_unlock(&GlobalMid_Lock);
711         /* Although there should not be any requests blocked on
712         this queue it can not hurt to be paranoid and try to wake up requests
713         that may haven been blocked when more than 50 at time were on the wire
714         to the same server - they now will see the session is in exit state
715         and get out of SendReceive.  */
716         wake_up_all(&server->request_q);
717         /* give those requests time to exit */
718         msleep(125);
719
720         if (server->ssocket) {
721                 sock_release(csocket);
722                 server->ssocket = NULL;
723         }
724         /* buffer usuallly freed in free_mid - need to free it here on exit */
725         cifs_buf_release(bigbuf);
726         if (smallbuf) /* no sense logging a debug message if NULL */
727                 cifs_small_buf_release(smallbuf);
728
729         if (!list_empty(&server->pending_mid_q)) {
730                 spin_lock(&GlobalMid_Lock);
731                 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
732                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
733                         cFYI(1, "Clearing Mid 0x%x - issuing callback",
734                                          mid_entry->mid);
735                         list_del_init(&mid_entry->qhead);
736                         mid_entry->callback(mid_entry);
737                 }
738                 spin_unlock(&GlobalMid_Lock);
739                 /* 1/8th of sec is more than enough time for them to exit */
740                 msleep(125);
741         }
742
743         if (!list_empty(&server->pending_mid_q)) {
744                 /* mpx threads have not exited yet give them
745                 at least the smb send timeout time for long ops */
746                 /* due to delays on oplock break requests, we need
747                 to wait at least 45 seconds before giving up
748                 on a request getting a response and going ahead
749                 and killing cifsd */
750                 cFYI(1, "Wait for exit from demultiplex thread");
751                 msleep(46000);
752                 /* if threads still have not exited they are probably never
753                 coming home not much else we can do but free the memory */
754         }
755
756         kfree(server->hostname);
757         task_to_wake = xchg(&server->tsk, NULL);
758         kfree(server);
759
760         length = atomic_dec_return(&tcpSesAllocCount);
761         if (length  > 0)
762                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
763                                 GFP_KERNEL);
764
765         /* if server->tsk was NULL then wait for a signal before exiting */
766         if (!task_to_wake) {
767                 set_current_state(TASK_INTERRUPTIBLE);
768                 while (!signal_pending(current)) {
769                         schedule();
770                         set_current_state(TASK_INTERRUPTIBLE);
771                 }
772                 set_current_state(TASK_RUNNING);
773         }
774
775         module_put_and_exit(0);
776 }
777
778 /* extract the host portion of the UNC string */
779 static char *
780 extract_hostname(const char *unc)
781 {
782         const char *src;
783         char *dst, *delim;
784         unsigned int len;
785
786         /* skip double chars at beginning of string */
787         /* BB: check validity of these bytes? */
788         src = unc + 2;
789
790         /* delimiter between hostname and sharename is always '\\' now */
791         delim = strchr(src, '\\');
792         if (!delim)
793                 return ERR_PTR(-EINVAL);
794
795         len = delim - src;
796         dst = kmalloc((len + 1), GFP_KERNEL);
797         if (dst == NULL)
798                 return ERR_PTR(-ENOMEM);
799
800         memcpy(dst, src, len);
801         dst[len] = '\0';
802
803         return dst;
804 }
805
806 static int
807 cifs_parse_mount_options(char *options, const char *devname,
808                          struct smb_vol *vol)
809 {
810         char *value;
811         char *data;
812         unsigned int  temp_len, i, j;
813         char separator[2];
814         short int override_uid = -1;
815         short int override_gid = -1;
816         bool uid_specified = false;
817         bool gid_specified = false;
818         char *nodename = utsname()->nodename;
819
820         separator[0] = ',';
821         separator[1] = 0;
822
823         /*
824          * does not have to be perfect mapping since field is
825          * informational, only used for servers that do not support
826          * port 445 and it can be overridden at mount time
827          */
828         memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
829         for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
830                 vol->source_rfc1001_name[i] = toupper(nodename[i]);
831
832         vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
833         /* null target name indicates to use *SMBSERVR default called name
834            if we end up sending RFC1001 session initialize */
835         vol->target_rfc1001_name[0] = 0;
836         vol->cred_uid = current_uid();
837         vol->linux_uid = current_uid();
838         vol->linux_gid = current_gid();
839
840         /* default to only allowing write access to owner of the mount */
841         vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
842
843         /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
844         /* default is always to request posix paths. */
845         vol->posix_paths = 1;
846         /* default to using server inode numbers where available */
847         vol->server_ino = 1;
848
849         vol->actimeo = CIFS_DEF_ACTIMEO;
850
851         if (!options)
852                 return 1;
853
854         if (strncmp(options, "sep=", 4) == 0) {
855                 if (options[4] != 0) {
856                         separator[0] = options[4];
857                         options += 5;
858                 } else {
859                         cFYI(1, "Null separator not allowed");
860                 }
861         }
862
863         while ((data = strsep(&options, separator)) != NULL) {
864                 if (!*data)
865                         continue;
866                 if ((value = strchr(data, '=')) != NULL)
867                         *value++ = '\0';
868
869                 /* Have to parse this before we parse for "user" */
870                 if (strnicmp(data, "user_xattr", 10) == 0) {
871                         vol->no_xattr = 0;
872                 } else if (strnicmp(data, "nouser_xattr", 12) == 0) {
873                         vol->no_xattr = 1;
874                 } else if (strnicmp(data, "user", 4) == 0) {
875                         if (!value) {
876                                 printk(KERN_WARNING
877                                        "CIFS: invalid or missing username\n");
878                                 return 1;       /* needs_arg; */
879                         } else if (!*value) {
880                                 /* null user, ie anonymous, authentication */
881                                 vol->nullauth = 1;
882                         }
883                         if (strnlen(value, MAX_USERNAME_SIZE) <
884                                                 MAX_USERNAME_SIZE) {
885                                 vol->username = value;
886                         } else {
887                                 printk(KERN_WARNING "CIFS: username too long\n");
888                                 return 1;
889                         }
890                 } else if (strnicmp(data, "pass", 4) == 0) {
891                         if (!value) {
892                                 vol->password = NULL;
893                                 continue;
894                         } else if (value[0] == 0) {
895                                 /* check if string begins with double comma
896                                    since that would mean the password really
897                                    does start with a comma, and would not
898                                    indicate an empty string */
899                                 if (value[1] != separator[0]) {
900                                         vol->password = NULL;
901                                         continue;
902                                 }
903                         }
904                         temp_len = strlen(value);
905                         /* removed password length check, NTLM passwords
906                                 can be arbitrarily long */
907
908                         /* if comma in password, the string will be
909                         prematurely null terminated.  Commas in password are
910                         specified across the cifs mount interface by a double
911                         comma ie ,, and a comma used as in other cases ie ','
912                         as a parameter delimiter/separator is single and due
913                         to the strsep above is temporarily zeroed. */
914
915                         /* NB: password legally can have multiple commas and
916                         the only illegal character in a password is null */
917
918                         if ((value[temp_len] == 0) &&
919                             (value[temp_len+1] == separator[0])) {
920                                 /* reinsert comma */
921                                 value[temp_len] = separator[0];
922                                 temp_len += 2;  /* move after second comma */
923                                 while (value[temp_len] != 0)  {
924                                         if (value[temp_len] == separator[0]) {
925                                                 if (value[temp_len+1] ==
926                                                      separator[0]) {
927                                                 /* skip second comma */
928                                                         temp_len++;
929                                                 } else {
930                                                 /* single comma indicating start
931                                                          of next parm */
932                                                         break;
933                                                 }
934                                         }
935                                         temp_len++;
936                                 }
937                                 if (value[temp_len] == 0) {
938                                         options = NULL;
939                                 } else {
940                                         value[temp_len] = 0;
941                                         /* point option to start of next parm */
942                                         options = value + temp_len + 1;
943                                 }
944                                 /* go from value to value + temp_len condensing
945                                 double commas to singles. Note that this ends up
946                                 allocating a few bytes too many, which is ok */
947                                 vol->password = kzalloc(temp_len, GFP_KERNEL);
948                                 if (vol->password == NULL) {
949                                         printk(KERN_WARNING "CIFS: no memory "
950                                                             "for password\n");
951                                         return 1;
952                                 }
953                                 for (i = 0, j = 0; i < temp_len; i++, j++) {
954                                         vol->password[j] = value[i];
955                                         if (value[i] == separator[0]
956                                                 && value[i+1] == separator[0]) {
957                                                 /* skip second comma */
958                                                 i++;
959                                         }
960                                 }
961                                 vol->password[j] = 0;
962                         } else {
963                                 vol->password = kzalloc(temp_len+1, GFP_KERNEL);
964                                 if (vol->password == NULL) {
965                                         printk(KERN_WARNING "CIFS: no memory "
966                                                             "for password\n");
967                                         return 1;
968                                 }
969                                 strcpy(vol->password, value);
970                         }
971                 } else if (!strnicmp(data, "ip", 2) ||
972                            !strnicmp(data, "addr", 4)) {
973                         if (!value || !*value) {
974                                 vol->UNCip = NULL;
975                         } else if (strnlen(value, INET6_ADDRSTRLEN) <
976                                                         INET6_ADDRSTRLEN) {
977                                 vol->UNCip = value;
978                         } else {
979                                 printk(KERN_WARNING "CIFS: ip address "
980                                                     "too long\n");
981                                 return 1;
982                         }
983                 } else if (strnicmp(data, "sec", 3) == 0) {
984                         if (!value || !*value) {
985                                 cERROR(1, "no security value specified");
986                                 continue;
987                         } else if (strnicmp(value, "krb5i", 5) == 0) {
988                                 vol->secFlg |= CIFSSEC_MAY_KRB5 |
989                                         CIFSSEC_MUST_SIGN;
990                         } else if (strnicmp(value, "krb5p", 5) == 0) {
991                                 /* vol->secFlg |= CIFSSEC_MUST_SEAL |
992                                         CIFSSEC_MAY_KRB5; */
993                                 cERROR(1, "Krb5 cifs privacy not supported");
994                                 return 1;
995                         } else if (strnicmp(value, "krb5", 4) == 0) {
996                                 vol->secFlg |= CIFSSEC_MAY_KRB5;
997                         } else if (strnicmp(value, "ntlmsspi", 8) == 0) {
998                                 vol->secFlg |= CIFSSEC_MAY_NTLMSSP |
999                                         CIFSSEC_MUST_SIGN;
1000                         } else if (strnicmp(value, "ntlmssp", 7) == 0) {
1001                                 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
1002                         } else if (strnicmp(value, "ntlmv2i", 7) == 0) {
1003                                 vol->secFlg |= CIFSSEC_MAY_NTLMV2 |
1004                                         CIFSSEC_MUST_SIGN;
1005                         } else if (strnicmp(value, "ntlmv2", 6) == 0) {
1006                                 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1007                         } else if (strnicmp(value, "ntlmi", 5) == 0) {
1008                                 vol->secFlg |= CIFSSEC_MAY_NTLM |
1009                                         CIFSSEC_MUST_SIGN;
1010                         } else if (strnicmp(value, "ntlm", 4) == 0) {
1011                                 /* ntlm is default so can be turned off too */
1012                                 vol->secFlg |= CIFSSEC_MAY_NTLM;
1013                         } else if (strnicmp(value, "nontlm", 6) == 0) {
1014                                 /* BB is there a better way to do this? */
1015                                 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1016 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1017                         } else if (strnicmp(value, "lanman", 6) == 0) {
1018                                 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1019 #endif
1020                         } else if (strnicmp(value, "none", 4) == 0) {
1021                                 vol->nullauth = 1;
1022                         } else {
1023                                 cERROR(1, "bad security option: %s", value);
1024                                 return 1;
1025                         }
1026                 } else if ((strnicmp(data, "unc", 3) == 0)
1027                            || (strnicmp(data, "target", 6) == 0)
1028                            || (strnicmp(data, "path", 4) == 0)) {
1029                         if (!value || !*value) {
1030                                 printk(KERN_WARNING "CIFS: invalid path to "
1031                                                     "network resource\n");
1032                                 return 1;       /* needs_arg; */
1033                         }
1034                         if ((temp_len = strnlen(value, 300)) < 300) {
1035                                 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1036                                 if (vol->UNC == NULL)
1037                                         return 1;
1038                                 strcpy(vol->UNC, value);
1039                                 if (strncmp(vol->UNC, "//", 2) == 0) {
1040                                         vol->UNC[0] = '\\';
1041                                         vol->UNC[1] = '\\';
1042                                 } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1043                                         printk(KERN_WARNING
1044                                                "CIFS: UNC Path does not begin "
1045                                                "with // or \\\\ \n");
1046                                         return 1;
1047                                 }
1048                         } else {
1049                                 printk(KERN_WARNING "CIFS: UNC name too long\n");
1050                                 return 1;
1051                         }
1052                 } else if ((strnicmp(data, "domain", 3) == 0)
1053                            || (strnicmp(data, "workgroup", 5) == 0)) {
1054                         if (!value || !*value) {
1055                                 printk(KERN_WARNING "CIFS: invalid domain name\n");
1056                                 return 1;       /* needs_arg; */
1057                         }
1058                         /* BB are there cases in which a comma can be valid in
1059                         a domain name and need special handling? */
1060                         if (strnlen(value, 256) < 256) {
1061                                 vol->domainname = value;
1062                                 cFYI(1, "Domain name set");
1063                         } else {
1064                                 printk(KERN_WARNING "CIFS: domain name too "
1065                                                     "long\n");
1066                                 return 1;
1067                         }
1068                 } else if (strnicmp(data, "srcaddr", 7) == 0) {
1069                         vol->srcaddr.ss_family = AF_UNSPEC;
1070
1071                         if (!value || !*value) {
1072                                 printk(KERN_WARNING "CIFS: srcaddr value"
1073                                        " not specified.\n");
1074                                 return 1;       /* needs_arg; */
1075                         }
1076                         i = cifs_convert_address((struct sockaddr *)&vol->srcaddr,
1077                                                  value, strlen(value));
1078                         if (i == 0) {
1079                                 printk(KERN_WARNING "CIFS:  Could not parse"
1080                                        " srcaddr: %s\n",
1081                                        value);
1082                                 return 1;
1083                         }
1084                 } else if (strnicmp(data, "prefixpath", 10) == 0) {
1085                         if (!value || !*value) {
1086                                 printk(KERN_WARNING
1087                                         "CIFS: invalid path prefix\n");
1088                                 return 1;       /* needs_argument */
1089                         }
1090                         if ((temp_len = strnlen(value, 1024)) < 1024) {
1091                                 if (value[0] != '/')
1092                                         temp_len++;  /* missing leading slash */
1093                                 vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1094                                 if (vol->prepath == NULL)
1095                                         return 1;
1096                                 if (value[0] != '/') {
1097                                         vol->prepath[0] = '/';
1098                                         strcpy(vol->prepath+1, value);
1099                                 } else
1100                                         strcpy(vol->prepath, value);
1101                                 cFYI(1, "prefix path %s", vol->prepath);
1102                         } else {
1103                                 printk(KERN_WARNING "CIFS: prefix too long\n");
1104                                 return 1;
1105                         }
1106                 } else if (strnicmp(data, "iocharset", 9) == 0) {
1107                         if (!value || !*value) {
1108                                 printk(KERN_WARNING "CIFS: invalid iocharset "
1109                                                     "specified\n");
1110                                 return 1;       /* needs_arg; */
1111                         }
1112                         if (strnlen(value, 65) < 65) {
1113                                 if (strnicmp(value, "default", 7))
1114                                         vol->iocharset = value;
1115                                 /* if iocharset not set then load_nls_default
1116                                    is used by caller */
1117                                 cFYI(1, "iocharset set to %s", value);
1118                         } else {
1119                                 printk(KERN_WARNING "CIFS: iocharset name "
1120                                                     "too long.\n");
1121                                 return 1;
1122                         }
1123                 } else if (!strnicmp(data, "uid", 3) && value && *value) {
1124                         vol->linux_uid = simple_strtoul(value, &value, 0);
1125                         uid_specified = true;
1126                 } else if (!strnicmp(data, "cruid", 5) && value && *value) {
1127                         vol->cred_uid = simple_strtoul(value, &value, 0);
1128                 } else if (!strnicmp(data, "forceuid", 8)) {
1129                         override_uid = 1;
1130                 } else if (!strnicmp(data, "noforceuid", 10)) {
1131                         override_uid = 0;
1132                 } else if (!strnicmp(data, "gid", 3) && value && *value) {
1133                         vol->linux_gid = simple_strtoul(value, &value, 0);
1134                         gid_specified = true;
1135                 } else if (!strnicmp(data, "forcegid", 8)) {
1136                         override_gid = 1;
1137                 } else if (!strnicmp(data, "noforcegid", 10)) {
1138                         override_gid = 0;
1139                 } else if (strnicmp(data, "file_mode", 4) == 0) {
1140                         if (value && *value) {
1141                                 vol->file_mode =
1142                                         simple_strtoul(value, &value, 0);
1143                         }
1144                 } else if (strnicmp(data, "dir_mode", 4) == 0) {
1145                         if (value && *value) {
1146                                 vol->dir_mode =
1147                                         simple_strtoul(value, &value, 0);
1148                         }
1149                 } else if (strnicmp(data, "dirmode", 4) == 0) {
1150                         if (value && *value) {
1151                                 vol->dir_mode =
1152                                         simple_strtoul(value, &value, 0);
1153                         }
1154                 } else if (strnicmp(data, "port", 4) == 0) {
1155                         if (value && *value) {
1156                                 vol->port =
1157                                         simple_strtoul(value, &value, 0);
1158                         }
1159                 } else if (strnicmp(data, "rsize", 5) == 0) {
1160                         if (value && *value) {
1161                                 vol->rsize =
1162                                         simple_strtoul(value, &value, 0);
1163                         }
1164                 } else if (strnicmp(data, "wsize", 5) == 0) {
1165                         if (value && *value) {
1166                                 vol->wsize =
1167                                         simple_strtoul(value, &value, 0);
1168                         }
1169                 } else if (strnicmp(data, "sockopt", 5) == 0) {
1170                         if (!value || !*value) {
1171                                 cERROR(1, "no socket option specified");
1172                                 continue;
1173                         } else if (strnicmp(value, "TCP_NODELAY", 11) == 0) {
1174                                 vol->sockopt_tcp_nodelay = 1;
1175                         }
1176                 } else if (strnicmp(data, "netbiosname", 4) == 0) {
1177                         if (!value || !*value || (*value == ' ')) {
1178                                 cFYI(1, "invalid (empty) netbiosname");
1179                         } else {
1180                                 memset(vol->source_rfc1001_name, 0x20,
1181                                         RFC1001_NAME_LEN);
1182                                 /*
1183                                  * FIXME: are there cases in which a comma can
1184                                  * be valid in workstation netbios name (and
1185                                  * need special handling)?
1186                                  */
1187                                 for (i = 0; i < RFC1001_NAME_LEN; i++) {
1188                                         /* don't ucase netbiosname for user */
1189                                         if (value[i] == 0)
1190                                                 break;
1191                                         vol->source_rfc1001_name[i] = value[i];
1192                                 }
1193                                 /* The string has 16th byte zero still from
1194                                 set at top of the function  */
1195                                 if (i == RFC1001_NAME_LEN && value[i] != 0)
1196                                         printk(KERN_WARNING "CIFS: netbiosname"
1197                                                 " longer than 15 truncated.\n");
1198                         }
1199                 } else if (strnicmp(data, "servern", 7) == 0) {
1200                         /* servernetbiosname specified override *SMBSERVER */
1201                         if (!value || !*value || (*value == ' ')) {
1202                                 cFYI(1, "empty server netbiosname specified");
1203                         } else {
1204                                 /* last byte, type, is 0x20 for servr type */
1205                                 memset(vol->target_rfc1001_name, 0x20,
1206                                         RFC1001_NAME_LEN_WITH_NULL);
1207
1208                                 for (i = 0; i < 15; i++) {
1209                                 /* BB are there cases in which a comma can be
1210                                    valid in this workstation netbios name
1211                                    (and need special handling)? */
1212
1213                                 /* user or mount helper must uppercase
1214                                    the netbiosname */
1215                                         if (value[i] == 0)
1216                                                 break;
1217                                         else
1218                                                 vol->target_rfc1001_name[i] =
1219                                                                 value[i];
1220                                 }
1221                                 /* The string has 16th byte zero still from
1222                                    set at top of the function  */
1223                                 if (i == RFC1001_NAME_LEN && value[i] != 0)
1224                                         printk(KERN_WARNING "CIFS: server net"
1225                                         "biosname longer than 15 truncated.\n");
1226                         }
1227                 } else if (strnicmp(data, "actimeo", 7) == 0) {
1228                         if (value && *value) {
1229                                 vol->actimeo = HZ * simple_strtoul(value,
1230                                                                    &value, 0);
1231                                 if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1232                                         cERROR(1, "CIFS: attribute cache"
1233                                                         "timeout too large");
1234                                         return 1;
1235                                 }
1236                         }
1237                 } else if (strnicmp(data, "credentials", 4) == 0) {
1238                         /* ignore */
1239                 } else if (strnicmp(data, "version", 3) == 0) {
1240                         /* ignore */
1241                 } else if (strnicmp(data, "guest", 5) == 0) {
1242                         /* ignore */
1243                 } else if (strnicmp(data, "rw", 2) == 0) {
1244                         /* ignore */
1245                 } else if (strnicmp(data, "ro", 2) == 0) {
1246                         /* ignore */
1247                 } else if (strnicmp(data, "noblocksend", 11) == 0) {
1248                         vol->noblocksnd = 1;
1249                 } else if (strnicmp(data, "noautotune", 10) == 0) {
1250                         vol->noautotune = 1;
1251                 } else if ((strnicmp(data, "suid", 4) == 0) ||
1252                                    (strnicmp(data, "nosuid", 6) == 0) ||
1253                                    (strnicmp(data, "exec", 4) == 0) ||
1254                                    (strnicmp(data, "noexec", 6) == 0) ||
1255                                    (strnicmp(data, "nodev", 5) == 0) ||
1256                                    (strnicmp(data, "noauto", 6) == 0) ||
1257                                    (strnicmp(data, "dev", 3) == 0)) {
1258                         /*  The mount tool or mount.cifs helper (if present)
1259                             uses these opts to set flags, and the flags are read
1260                             by the kernel vfs layer before we get here (ie
1261                             before read super) so there is no point trying to
1262                             parse these options again and set anything and it
1263                             is ok to just ignore them */
1264                         continue;
1265                 } else if (strnicmp(data, "hard", 4) == 0) {
1266                         vol->retry = 1;
1267                 } else if (strnicmp(data, "soft", 4) == 0) {
1268                         vol->retry = 0;
1269                 } else if (strnicmp(data, "perm", 4) == 0) {
1270                         vol->noperm = 0;
1271                 } else if (strnicmp(data, "noperm", 6) == 0) {
1272                         vol->noperm = 1;
1273                 } else if (strnicmp(data, "mapchars", 8) == 0) {
1274                         vol->remap = 1;
1275                 } else if (strnicmp(data, "nomapchars", 10) == 0) {
1276                         vol->remap = 0;
1277                 } else if (strnicmp(data, "sfu", 3) == 0) {
1278                         vol->sfu_emul = 1;
1279                 } else if (strnicmp(data, "nosfu", 5) == 0) {
1280                         vol->sfu_emul = 0;
1281                 } else if (strnicmp(data, "nodfs", 5) == 0) {
1282                         vol->nodfs = 1;
1283                 } else if (strnicmp(data, "posixpaths", 10) == 0) {
1284                         vol->posix_paths = 1;
1285                 } else if (strnicmp(data, "noposixpaths", 12) == 0) {
1286                         vol->posix_paths = 0;
1287                 } else if (strnicmp(data, "nounix", 6) == 0) {
1288                         vol->no_linux_ext = 1;
1289                 } else if (strnicmp(data, "nolinux", 7) == 0) {
1290                         vol->no_linux_ext = 1;
1291                 } else if ((strnicmp(data, "nocase", 6) == 0) ||
1292                            (strnicmp(data, "ignorecase", 10)  == 0)) {
1293                         vol->nocase = 1;
1294                 } else if (strnicmp(data, "mand", 4) == 0) {
1295                         /* ignore */
1296                 } else if (strnicmp(data, "nomand", 6) == 0) {
1297                         /* ignore */
1298                 } else if (strnicmp(data, "_netdev", 7) == 0) {
1299                         /* ignore */
1300                 } else if (strnicmp(data, "brl", 3) == 0) {
1301                         vol->nobrl =  0;
1302                 } else if ((strnicmp(data, "nobrl", 5) == 0) ||
1303                            (strnicmp(data, "nolock", 6) == 0)) {
1304                         vol->nobrl =  1;
1305                         /* turn off mandatory locking in mode
1306                         if remote locking is turned off since the
1307                         local vfs will do advisory */
1308                         if (vol->file_mode ==
1309                                 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1310                                 vol->file_mode = S_IALLUGO;
1311                 } else if (strnicmp(data, "forcemandatorylock", 9) == 0) {
1312                         /* will take the shorter form "forcemand" as well */
1313                         /* This mount option will force use of mandatory
1314                           (DOS/Windows style) byte range locks, instead of
1315                           using posix advisory byte range locks, even if the
1316                           Unix extensions are available and posix locks would
1317                           be supported otherwise. If Unix extensions are not
1318                           negotiated this has no effect since mandatory locks
1319                           would be used (mandatory locks is all that those
1320                           those servers support) */
1321                         vol->mand_lock = 1;
1322                 } else if (strnicmp(data, "setuids", 7) == 0) {
1323                         vol->setuids = 1;
1324                 } else if (strnicmp(data, "nosetuids", 9) == 0) {
1325                         vol->setuids = 0;
1326                 } else if (strnicmp(data, "dynperm", 7) == 0) {
1327                         vol->dynperm = true;
1328                 } else if (strnicmp(data, "nodynperm", 9) == 0) {
1329                         vol->dynperm = false;
1330                 } else if (strnicmp(data, "nohard", 6) == 0) {
1331                         vol->retry = 0;
1332                 } else if (strnicmp(data, "nosoft", 6) == 0) {
1333                         vol->retry = 1;
1334                 } else if (strnicmp(data, "nointr", 6) == 0) {
1335                         vol->intr = 0;
1336                 } else if (strnicmp(data, "intr", 4) == 0) {
1337                         vol->intr = 1;
1338                 } else if (strnicmp(data, "nostrictsync", 12) == 0) {
1339                         vol->nostrictsync = 1;
1340                 } else if (strnicmp(data, "strictsync", 10) == 0) {
1341                         vol->nostrictsync = 0;
1342                 } else if (strnicmp(data, "serverino", 7) == 0) {
1343                         vol->server_ino = 1;
1344                 } else if (strnicmp(data, "noserverino", 9) == 0) {
1345                         vol->server_ino = 0;
1346                 } else if (strnicmp(data, "cifsacl", 7) == 0) {
1347                         vol->cifs_acl = 1;
1348                 } else if (strnicmp(data, "nocifsacl", 9) == 0) {
1349                         vol->cifs_acl = 0;
1350                 } else if (strnicmp(data, "acl", 3) == 0) {
1351                         vol->no_psx_acl = 0;
1352                 } else if (strnicmp(data, "noacl", 5) == 0) {
1353                         vol->no_psx_acl = 1;
1354                 } else if (strnicmp(data, "locallease", 6) == 0) {
1355                         vol->local_lease = 1;
1356                 } else if (strnicmp(data, "sign", 4) == 0) {
1357                         vol->secFlg |= CIFSSEC_MUST_SIGN;
1358                 } else if (strnicmp(data, "seal", 4) == 0) {
1359                         /* we do not do the following in secFlags because seal
1360                            is a per tree connection (mount) not a per socket
1361                            or per-smb connection option in the protocol */
1362                         /* vol->secFlg |= CIFSSEC_MUST_SEAL; */
1363                         vol->seal = 1;
1364                 } else if (strnicmp(data, "direct", 6) == 0) {
1365                         vol->direct_io = 1;
1366                 } else if (strnicmp(data, "forcedirectio", 13) == 0) {
1367                         vol->direct_io = 1;
1368                 } else if (strnicmp(data, "strictcache", 11) == 0) {
1369                         vol->strict_io = 1;
1370                 } else if (strnicmp(data, "noac", 4) == 0) {
1371                         printk(KERN_WARNING "CIFS: Mount option noac not "
1372                                 "supported. Instead set "
1373                                 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1374                 } else if (strnicmp(data, "fsc", 3) == 0) {
1375 #ifndef CONFIG_CIFS_FSCACHE
1376                         cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE"
1377                                   "kernel config option set");
1378                         return 1;
1379 #endif
1380                         vol->fsc = true;
1381                 } else if (strnicmp(data, "mfsymlinks", 10) == 0) {
1382                         vol->mfsymlinks = true;
1383                 } else if (strnicmp(data, "multiuser", 8) == 0) {
1384                         vol->multiuser = true;
1385                 } else
1386                         printk(KERN_WARNING "CIFS: Unknown mount option %s\n",
1387                                                 data);
1388         }
1389         if (vol->UNC == NULL) {
1390                 if (devname == NULL) {
1391                         printk(KERN_WARNING "CIFS: Missing UNC name for mount "
1392                                                 "target\n");
1393                         return 1;
1394                 }
1395                 if ((temp_len = strnlen(devname, 300)) < 300) {
1396                         vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1397                         if (vol->UNC == NULL)
1398                                 return 1;
1399                         strcpy(vol->UNC, devname);
1400                         if (strncmp(vol->UNC, "//", 2) == 0) {
1401                                 vol->UNC[0] = '\\';
1402                                 vol->UNC[1] = '\\';
1403                         } else if (strncmp(vol->UNC, "\\\\", 2) != 0) {
1404                                 printk(KERN_WARNING "CIFS: UNC Path does not "
1405                                                     "begin with // or \\\\ \n");
1406                                 return 1;
1407                         }
1408                         value = strpbrk(vol->UNC+2, "/\\");
1409                         if (value)
1410                                 *value = '\\';
1411                 } else {
1412                         printk(KERN_WARNING "CIFS: UNC name too long\n");
1413                         return 1;
1414                 }
1415         }
1416
1417         if (vol->multiuser && !(vol->secFlg & CIFSSEC_MAY_KRB5)) {
1418                 cERROR(1, "Multiuser mounts currently require krb5 "
1419                           "authentication!");
1420                 return 1;
1421         }
1422
1423         if (vol->UNCip == NULL)
1424                 vol->UNCip = &vol->UNC[2];
1425
1426         if (uid_specified)
1427                 vol->override_uid = override_uid;
1428         else if (override_uid == 1)
1429                 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1430                                    "specified with no uid= option.\n");
1431
1432         if (gid_specified)
1433                 vol->override_gid = override_gid;
1434         else if (override_gid == 1)
1435                 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1436                                    "specified with no gid= option.\n");
1437
1438         return 0;
1439 }
1440
1441 /** Returns true if srcaddr isn't specified and rhs isn't
1442  * specified, or if srcaddr is specified and
1443  * matches the IP address of the rhs argument.
1444  */
1445 static bool
1446 srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1447 {
1448         switch (srcaddr->sa_family) {
1449         case AF_UNSPEC:
1450                 return (rhs->sa_family == AF_UNSPEC);
1451         case AF_INET: {
1452                 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1453                 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1454                 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1455         }
1456         case AF_INET6: {
1457                 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1458                 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1459                 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1460         }
1461         default:
1462                 WARN_ON(1);
1463                 return false; /* don't expect to be here */
1464         }
1465 }
1466
1467 /*
1468  * If no port is specified in addr structure, we try to match with 445 port
1469  * and if it fails - with 139 ports. It should be called only if address
1470  * families of server and addr are equal.
1471  */
1472 static bool
1473 match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1474 {
1475         __be16 port, *sport;
1476
1477         switch (addr->sa_family) {
1478         case AF_INET:
1479                 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1480                 port = ((struct sockaddr_in *) addr)->sin_port;
1481                 break;
1482         case AF_INET6:
1483                 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1484                 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1485                 break;
1486         default:
1487                 WARN_ON(1);
1488                 return false;
1489         }
1490
1491         if (!port) {
1492                 port = htons(CIFS_PORT);
1493                 if (port == *sport)
1494                         return true;
1495
1496                 port = htons(RFC1001_PORT);
1497         }
1498
1499         return port == *sport;
1500 }
1501
1502 static bool
1503 match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1504               struct sockaddr *srcaddr)
1505 {
1506         switch (addr->sa_family) {
1507         case AF_INET: {
1508                 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1509                 struct sockaddr_in *srv_addr4 =
1510                                         (struct sockaddr_in *)&server->dstaddr;
1511
1512                 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
1513                         return false;
1514                 break;
1515         }
1516         case AF_INET6: {
1517                 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1518                 struct sockaddr_in6 *srv_addr6 =
1519                                         (struct sockaddr_in6 *)&server->dstaddr;
1520
1521                 if (!ipv6_addr_equal(&addr6->sin6_addr,
1522                                      &srv_addr6->sin6_addr))
1523                         return false;
1524                 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
1525                         return false;
1526                 break;
1527         }
1528         default:
1529                 WARN_ON(1);
1530                 return false; /* don't expect to be here */
1531         }
1532
1533         if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1534                 return false;
1535
1536         return true;
1537 }
1538
1539 static bool
1540 match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1541 {
1542         unsigned int secFlags;
1543
1544         if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1545                 secFlags = vol->secFlg;
1546         else
1547                 secFlags = global_secflags | vol->secFlg;
1548
1549         switch (server->secType) {
1550         case LANMAN:
1551                 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1552                         return false;
1553                 break;
1554         case NTLMv2:
1555                 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1556                         return false;
1557                 break;
1558         case NTLM:
1559                 if (!(secFlags & CIFSSEC_MAY_NTLM))
1560                         return false;
1561                 break;
1562         case Kerberos:
1563                 if (!(secFlags & CIFSSEC_MAY_KRB5))
1564                         return false;
1565                 break;
1566         case RawNTLMSSP:
1567                 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1568                         return false;
1569                 break;
1570         default:
1571                 /* shouldn't happen */
1572                 return false;
1573         }
1574
1575         /* now check if signing mode is acceptable */
1576         if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
1577             (server->secMode & SECMODE_SIGN_REQUIRED))
1578                         return false;
1579         else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
1580                  (server->secMode &
1581                   (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1582                         return false;
1583
1584         return true;
1585 }
1586
1587 static struct TCP_Server_Info *
1588 cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1589 {
1590         struct TCP_Server_Info *server;
1591
1592         spin_lock(&cifs_tcp_ses_lock);
1593         list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
1594                 if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1595                         continue;
1596
1597                 if (!match_address(server, addr,
1598                                    (struct sockaddr *)&vol->srcaddr))
1599                         continue;
1600
1601                 if (!match_port(server, addr))
1602                         continue;
1603
1604                 if (!match_security(server, vol))
1605                         continue;
1606
1607                 ++server->srv_count;
1608                 spin_unlock(&cifs_tcp_ses_lock);
1609                 cFYI(1, "Existing tcp session with server found");
1610                 return server;
1611         }
1612         spin_unlock(&cifs_tcp_ses_lock);
1613         return NULL;
1614 }
1615
1616 static void
1617 cifs_put_tcp_session(struct TCP_Server_Info *server)
1618 {
1619         struct task_struct *task;
1620
1621         spin_lock(&cifs_tcp_ses_lock);
1622         if (--server->srv_count > 0) {
1623                 spin_unlock(&cifs_tcp_ses_lock);
1624                 return;
1625         }
1626
1627         put_net(cifs_net_ns(server));
1628
1629         list_del_init(&server->tcp_ses_list);
1630         spin_unlock(&cifs_tcp_ses_lock);
1631
1632         cancel_delayed_work_sync(&server->echo);
1633
1634         spin_lock(&GlobalMid_Lock);
1635         server->tcpStatus = CifsExiting;
1636         spin_unlock(&GlobalMid_Lock);
1637
1638         cifs_crypto_shash_release(server);
1639         cifs_fscache_release_client_cookie(server);
1640
1641         kfree(server->session_key.response);
1642         server->session_key.response = NULL;
1643         server->session_key.len = 0;
1644
1645         task = xchg(&server->tsk, NULL);
1646         if (task)
1647                 force_sig(SIGKILL, task);
1648 }
1649
1650 static struct TCP_Server_Info *
1651 cifs_get_tcp_session(struct smb_vol *volume_info)
1652 {
1653         struct TCP_Server_Info *tcp_ses = NULL;
1654         struct sockaddr_storage addr;
1655         struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
1656         struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
1657         int rc;
1658
1659         memset(&addr, 0, sizeof(struct sockaddr_storage));
1660
1661         cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
1662
1663         if (volume_info->UNCip && volume_info->UNC) {
1664                 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
1665                                         volume_info->UNCip,
1666                                         strlen(volume_info->UNCip),
1667                                         volume_info->port);
1668                 if (!rc) {
1669                         /* we failed translating address */
1670                         rc = -EINVAL;
1671                         goto out_err;
1672                 }
1673         } else if (volume_info->UNCip) {
1674                 /* BB using ip addr as tcp_ses name to connect to the
1675                    DFS root below */
1676                 cERROR(1, "Connecting to DFS root not implemented yet");
1677                 rc = -EINVAL;
1678                 goto out_err;
1679         } else /* which tcp_sess DFS root would we conect to */ {
1680                 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
1681                         "unc=//192.168.1.100/public) specified");
1682                 rc = -EINVAL;
1683                 goto out_err;
1684         }
1685
1686         /* see if we already have a matching tcp_ses */
1687         tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
1688         if (tcp_ses)
1689                 return tcp_ses;
1690
1691         tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
1692         if (!tcp_ses) {
1693                 rc = -ENOMEM;
1694                 goto out_err;
1695         }
1696
1697         rc = cifs_crypto_shash_allocate(tcp_ses);
1698         if (rc) {
1699                 cERROR(1, "could not setup hash structures rc %d", rc);
1700                 goto out_err;
1701         }
1702
1703         cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
1704         tcp_ses->hostname = extract_hostname(volume_info->UNC);
1705         if (IS_ERR(tcp_ses->hostname)) {
1706                 rc = PTR_ERR(tcp_ses->hostname);
1707                 goto out_err_crypto_release;
1708         }
1709
1710         tcp_ses->noblocksnd = volume_info->noblocksnd;
1711         tcp_ses->noautotune = volume_info->noautotune;
1712         tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
1713         atomic_set(&tcp_ses->inFlight, 0);
1714         init_waitqueue_head(&tcp_ses->response_q);
1715         init_waitqueue_head(&tcp_ses->request_q);
1716         INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
1717         mutex_init(&tcp_ses->srv_mutex);
1718         memcpy(tcp_ses->workstation_RFC1001_name,
1719                 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1720         memcpy(tcp_ses->server_RFC1001_name,
1721                 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
1722         tcp_ses->session_estab = false;
1723         tcp_ses->sequence_number = 0;
1724         tcp_ses->lstrp = jiffies;
1725         INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
1726         INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
1727         INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
1728
1729         /*
1730          * at this point we are the only ones with the pointer
1731          * to the struct since the kernel thread not created yet
1732          * no need to spinlock this init of tcpStatus or srv_count
1733          */
1734         tcp_ses->tcpStatus = CifsNew;
1735         memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
1736                sizeof(tcp_ses->srcaddr));
1737         ++tcp_ses->srv_count;
1738
1739         if (addr.ss_family == AF_INET6) {
1740                 cFYI(1, "attempting ipv6 connect");
1741                 /* BB should we allow ipv6 on port 139? */
1742                 /* other OS never observed in Wild doing 139 with v6 */
1743                 memcpy(&tcp_ses->dstaddr, sin_server6,
1744                        sizeof(struct sockaddr_in6));
1745         } else
1746                 memcpy(&tcp_ses->dstaddr, sin_server,
1747                        sizeof(struct sockaddr_in));
1748
1749         rc = ip_connect(tcp_ses);
1750         if (rc < 0) {
1751                 cERROR(1, "Error connecting to socket. Aborting operation");
1752                 goto out_err_crypto_release;
1753         }
1754
1755         /*
1756          * since we're in a cifs function already, we know that
1757          * this will succeed. No need for try_module_get().
1758          */
1759         __module_get(THIS_MODULE);
1760         tcp_ses->tsk = kthread_run((void *)(void *)cifs_demultiplex_thread,
1761                                   tcp_ses, "cifsd");
1762         if (IS_ERR(tcp_ses->tsk)) {
1763                 rc = PTR_ERR(tcp_ses->tsk);
1764                 cERROR(1, "error %d create cifsd thread", rc);
1765                 module_put(THIS_MODULE);
1766                 goto out_err_crypto_release;
1767         }
1768         tcp_ses->tcpStatus = CifsNeedNegotiate;
1769
1770         /* thread spawned, put it on the list */
1771         spin_lock(&cifs_tcp_ses_lock);
1772         list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
1773         spin_unlock(&cifs_tcp_ses_lock);
1774
1775         cifs_fscache_get_client_cookie(tcp_ses);
1776
1777         /* queue echo request delayed work */
1778         queue_delayed_work(system_nrt_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
1779
1780         return tcp_ses;
1781
1782 out_err_crypto_release:
1783         cifs_crypto_shash_release(tcp_ses);
1784
1785         put_net(cifs_net_ns(tcp_ses));
1786
1787 out_err:
1788         if (tcp_ses) {
1789                 if (!IS_ERR(tcp_ses->hostname))
1790                         kfree(tcp_ses->hostname);
1791                 if (tcp_ses->ssocket)
1792                         sock_release(tcp_ses->ssocket);
1793                 kfree(tcp_ses);
1794         }
1795         return ERR_PTR(rc);
1796 }
1797
1798 static struct cifsSesInfo *
1799 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
1800 {
1801         struct cifsSesInfo *ses;
1802
1803         spin_lock(&cifs_tcp_ses_lock);
1804         list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
1805                 switch (server->secType) {
1806                 case Kerberos:
1807                         if (vol->cred_uid != ses->cred_uid)
1808                                 continue;
1809                         break;
1810                 default:
1811                         /* anything else takes username/password */
1812                         if (ses->user_name == NULL)
1813                                 continue;
1814                         if (strncmp(ses->user_name, vol->username,
1815                                     MAX_USERNAME_SIZE))
1816                                 continue;
1817                         if (strlen(vol->username) != 0 &&
1818                             ses->password != NULL &&
1819                             strncmp(ses->password,
1820                                     vol->password ? vol->password : "",
1821                                     MAX_PASSWORD_SIZE))
1822                                 continue;
1823                 }
1824                 ++ses->ses_count;
1825                 spin_unlock(&cifs_tcp_ses_lock);
1826                 return ses;
1827         }
1828         spin_unlock(&cifs_tcp_ses_lock);
1829         return NULL;
1830 }
1831
1832 static void
1833 cifs_put_smb_ses(struct cifsSesInfo *ses)
1834 {
1835         int xid;
1836         struct TCP_Server_Info *server = ses->server;
1837
1838         cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
1839         spin_lock(&cifs_tcp_ses_lock);
1840         if (--ses->ses_count > 0) {
1841                 spin_unlock(&cifs_tcp_ses_lock);
1842                 return;
1843         }
1844
1845         list_del_init(&ses->smb_ses_list);
1846         spin_unlock(&cifs_tcp_ses_lock);
1847
1848         if (ses->status == CifsGood) {
1849                 xid = GetXid();
1850                 CIFSSMBLogoff(xid, ses);
1851                 _FreeXid(xid);
1852         }
1853         sesInfoFree(ses);
1854         cifs_put_tcp_session(server);
1855 }
1856
1857 static bool warned_on_ntlm;  /* globals init to false automatically */
1858
1859 static struct cifsSesInfo *
1860 cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
1861 {
1862         int rc = -ENOMEM, xid;
1863         struct cifsSesInfo *ses;
1864         struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
1865         struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
1866
1867         xid = GetXid();
1868
1869         ses = cifs_find_smb_ses(server, volume_info);
1870         if (ses) {
1871                 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
1872
1873                 mutex_lock(&ses->session_mutex);
1874                 rc = cifs_negotiate_protocol(xid, ses);
1875                 if (rc) {
1876                         mutex_unlock(&ses->session_mutex);
1877                         /* problem -- put our ses reference */
1878                         cifs_put_smb_ses(ses);
1879                         FreeXid(xid);
1880                         return ERR_PTR(rc);
1881                 }
1882                 if (ses->need_reconnect) {
1883                         cFYI(1, "Session needs reconnect");
1884                         rc = cifs_setup_session(xid, ses,
1885                                                 volume_info->local_nls);
1886                         if (rc) {
1887                                 mutex_unlock(&ses->session_mutex);
1888                                 /* problem -- put our reference */
1889                                 cifs_put_smb_ses(ses);
1890                                 FreeXid(xid);
1891                                 return ERR_PTR(rc);
1892                         }
1893                 }
1894                 mutex_unlock(&ses->session_mutex);
1895
1896                 /* existing SMB ses has a server reference already */
1897                 cifs_put_tcp_session(server);
1898                 FreeXid(xid);
1899                 return ses;
1900         }
1901
1902         cFYI(1, "Existing smb sess not found");
1903         ses = sesInfoAlloc();
1904         if (ses == NULL)
1905                 goto get_ses_fail;
1906
1907         /* new SMB session uses our server ref */
1908         ses->server = server;
1909         if (server->dstaddr.ss_family == AF_INET6)
1910                 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
1911         else
1912                 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
1913
1914         if (volume_info->username) {
1915                 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
1916                 if (!ses->user_name)
1917                         goto get_ses_fail;
1918         }
1919
1920         /* volume_info->password freed at unmount */
1921         if (volume_info->password) {
1922                 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
1923                 if (!ses->password)
1924                         goto get_ses_fail;
1925         }
1926         if (volume_info->domainname) {
1927                 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
1928                 if (!ses->domainName)
1929                         goto get_ses_fail;
1930         }
1931         ses->cred_uid = volume_info->cred_uid;
1932         ses->linux_uid = volume_info->linux_uid;
1933
1934         /* ntlmv2 is much stronger than ntlm security, and has been broadly
1935         supported for many years, time to update default security mechanism */
1936         if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
1937                 warned_on_ntlm = true;
1938                 cERROR(1, "default security mechanism requested.  The default "
1939                         "security mechanism will be upgraded from ntlm to "
1940                         "ntlmv2 in kernel release 2.6.41");
1941         }
1942         ses->overrideSecFlg = volume_info->secFlg;
1943
1944         mutex_lock(&ses->session_mutex);
1945         rc = cifs_negotiate_protocol(xid, ses);
1946         if (!rc)
1947                 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
1948         mutex_unlock(&ses->session_mutex);
1949         if (rc)
1950                 goto get_ses_fail;
1951
1952         /* success, put it on the list */
1953         spin_lock(&cifs_tcp_ses_lock);
1954         list_add(&ses->smb_ses_list, &server->smb_ses_list);
1955         spin_unlock(&cifs_tcp_ses_lock);
1956
1957         FreeXid(xid);
1958         return ses;
1959
1960 get_ses_fail:
1961         sesInfoFree(ses);
1962         FreeXid(xid);
1963         return ERR_PTR(rc);
1964 }
1965
1966 static struct cifsTconInfo *
1967 cifs_find_tcon(struct cifsSesInfo *ses, const char *unc)
1968 {
1969         struct list_head *tmp;
1970         struct cifsTconInfo *tcon;
1971
1972         spin_lock(&cifs_tcp_ses_lock);
1973         list_for_each(tmp, &ses->tcon_list) {
1974                 tcon = list_entry(tmp, struct cifsTconInfo, tcon_list);
1975                 if (tcon->tidStatus == CifsExiting)
1976                         continue;
1977                 if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
1978                         continue;
1979
1980                 ++tcon->tc_count;
1981                 spin_unlock(&cifs_tcp_ses_lock);
1982                 return tcon;
1983         }
1984         spin_unlock(&cifs_tcp_ses_lock);
1985         return NULL;
1986 }
1987
1988 static void
1989 cifs_put_tcon(struct cifsTconInfo *tcon)
1990 {
1991         int xid;
1992         struct cifsSesInfo *ses = tcon->ses;
1993
1994         cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
1995         spin_lock(&cifs_tcp_ses_lock);
1996         if (--tcon->tc_count > 0) {
1997                 spin_unlock(&cifs_tcp_ses_lock);
1998                 return;
1999         }
2000
2001         list_del_init(&tcon->tcon_list);
2002         spin_unlock(&cifs_tcp_ses_lock);
2003
2004         xid = GetXid();
2005         CIFSSMBTDis(xid, tcon);
2006         _FreeXid(xid);
2007
2008         cifs_fscache_release_super_cookie(tcon);
2009         tconInfoFree(tcon);
2010         cifs_put_smb_ses(ses);
2011 }
2012
2013 static struct cifsTconInfo *
2014 cifs_get_tcon(struct cifsSesInfo *ses, struct smb_vol *volume_info)
2015 {
2016         int rc, xid;
2017         struct cifsTconInfo *tcon;
2018
2019         tcon = cifs_find_tcon(ses, volume_info->UNC);
2020         if (tcon) {
2021                 cFYI(1, "Found match on UNC path");
2022                 /* existing tcon already has a reference */
2023                 cifs_put_smb_ses(ses);
2024                 if (tcon->seal != volume_info->seal)
2025                         cERROR(1, "transport encryption setting "
2026                                    "conflicts with existing tid");
2027                 return tcon;
2028         }
2029
2030         tcon = tconInfoAlloc();
2031         if (tcon == NULL) {
2032                 rc = -ENOMEM;
2033                 goto out_fail;
2034         }
2035
2036         tcon->ses = ses;
2037         if (volume_info->password) {
2038                 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2039                 if (!tcon->password) {
2040                         rc = -ENOMEM;
2041                         goto out_fail;
2042                 }
2043         }
2044
2045         if (strchr(volume_info->UNC + 3, '\\') == NULL
2046             && strchr(volume_info->UNC + 3, '/') == NULL) {
2047                 cERROR(1, "Missing share name");
2048                 rc = -ENODEV;
2049                 goto out_fail;
2050         }
2051
2052         /* BB Do we need to wrap session_mutex around
2053          * this TCon call and Unix SetFS as
2054          * we do on SessSetup and reconnect? */
2055         xid = GetXid();
2056         rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2057         FreeXid(xid);
2058         cFYI(1, "CIFS Tcon rc = %d", rc);
2059         if (rc)
2060                 goto out_fail;
2061
2062         if (volume_info->nodfs) {
2063                 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2064                 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2065         }
2066         tcon->seal = volume_info->seal;
2067         /* we can have only one retry value for a connection
2068            to a share so for resources mounted more than once
2069            to the same server share the last value passed in
2070            for the retry flag is used */
2071         tcon->retry = volume_info->retry;
2072         tcon->nocase = volume_info->nocase;
2073         tcon->local_lease = volume_info->local_lease;
2074
2075         spin_lock(&cifs_tcp_ses_lock);
2076         list_add(&tcon->tcon_list, &ses->tcon_list);
2077         spin_unlock(&cifs_tcp_ses_lock);
2078
2079         cifs_fscache_get_super_cookie(tcon);
2080
2081         return tcon;
2082
2083 out_fail:
2084         tconInfoFree(tcon);
2085         return ERR_PTR(rc);
2086 }
2087
2088 void
2089 cifs_put_tlink(struct tcon_link *tlink)
2090 {
2091         if (!tlink || IS_ERR(tlink))
2092                 return;
2093
2094         if (!atomic_dec_and_test(&tlink->tl_count) ||
2095             test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2096                 tlink->tl_time = jiffies;
2097                 return;
2098         }
2099
2100         if (!IS_ERR(tlink_tcon(tlink)))
2101                 cifs_put_tcon(tlink_tcon(tlink));
2102         kfree(tlink);
2103         return;
2104 }
2105
2106 int
2107 get_dfs_path(int xid, struct cifsSesInfo *pSesInfo, const char *old_path,
2108              const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
2109              struct dfs_info3_param **preferrals, int remap)
2110 {
2111         char *temp_unc;
2112         int rc = 0;
2113
2114         *pnum_referrals = 0;
2115         *preferrals = NULL;
2116
2117         if (pSesInfo->ipc_tid == 0) {
2118                 temp_unc = kmalloc(2 /* for slashes */ +
2119                         strnlen(pSesInfo->serverName,
2120                                 SERVER_NAME_LEN_WITH_NULL * 2)
2121                                  + 1 + 4 /* slash IPC$ */  + 2,
2122                                 GFP_KERNEL);
2123                 if (temp_unc == NULL)
2124                         return -ENOMEM;
2125                 temp_unc[0] = '\\';
2126                 temp_unc[1] = '\\';
2127                 strcpy(temp_unc + 2, pSesInfo->serverName);
2128                 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2129                 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
2130                 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
2131                 kfree(temp_unc);
2132         }
2133         if (rc == 0)
2134                 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
2135                                      pnum_referrals, nls_codepage, remap);
2136         /* BB map targetUNCs to dfs_info3 structures, here or
2137                 in CIFSGetDFSRefer BB */
2138
2139         return rc;
2140 }
2141
2142 #ifdef CONFIG_DEBUG_LOCK_ALLOC
2143 static struct lock_class_key cifs_key[2];
2144 static struct lock_class_key cifs_slock_key[2];
2145
2146 static inline void
2147 cifs_reclassify_socket4(struct socket *sock)
2148 {
2149         struct sock *sk = sock->sk;
2150         BUG_ON(sock_owned_by_user(sk));
2151         sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2152                 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2153 }
2154
2155 static inline void
2156 cifs_reclassify_socket6(struct socket *sock)
2157 {
2158         struct sock *sk = sock->sk;
2159         BUG_ON(sock_owned_by_user(sk));
2160         sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2161                 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2162 }
2163 #else
2164 static inline void
2165 cifs_reclassify_socket4(struct socket *sock)
2166 {
2167 }
2168
2169 static inline void
2170 cifs_reclassify_socket6(struct socket *sock)
2171 {
2172 }
2173 #endif
2174
2175 /* See RFC1001 section 14 on representation of Netbios names */
2176 static void rfc1002mangle(char *target, char *source, unsigned int length)
2177 {
2178         unsigned int i, j;
2179
2180         for (i = 0, j = 0; i < (length); i++) {
2181                 /* mask a nibble at a time and encode */
2182                 target[j] = 'A' + (0x0F & (source[i] >> 4));
2183                 target[j+1] = 'A' + (0x0F & source[i]);
2184                 j += 2;
2185         }
2186
2187 }
2188
2189 static int
2190 bind_socket(struct TCP_Server_Info *server)
2191 {
2192         int rc = 0;
2193         if (server->srcaddr.ss_family != AF_UNSPEC) {
2194                 /* Bind to the specified local IP address */
2195                 struct socket *socket = server->ssocket;
2196                 rc = socket->ops->bind(socket,
2197                                        (struct sockaddr *) &server->srcaddr,
2198                                        sizeof(server->srcaddr));
2199                 if (rc < 0) {
2200                         struct sockaddr_in *saddr4;
2201                         struct sockaddr_in6 *saddr6;
2202                         saddr4 = (struct sockaddr_in *)&server->srcaddr;
2203                         saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2204                         if (saddr6->sin6_family == AF_INET6)
2205                                 cERROR(1, "cifs: "
2206                                        "Failed to bind to: %pI6c, error: %d\n",
2207                                        &saddr6->sin6_addr, rc);
2208                         else
2209                                 cERROR(1, "cifs: "
2210                                        "Failed to bind to: %pI4, error: %d\n",
2211                                        &saddr4->sin_addr.s_addr, rc);
2212                 }
2213         }
2214         return rc;
2215 }
2216
2217 static int
2218 ip_rfc1001_connect(struct TCP_Server_Info *server)
2219 {
2220         int rc = 0;
2221         /*
2222          * some servers require RFC1001 sessinit before sending
2223          * negprot - BB check reconnection in case where second
2224          * sessinit is sent but no second negprot
2225          */
2226         struct rfc1002_session_packet *ses_init_buf;
2227         struct smb_hdr *smb_buf;
2228         ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2229                                GFP_KERNEL);
2230         if (ses_init_buf) {
2231                 ses_init_buf->trailer.session_req.called_len = 32;
2232
2233                 if (server->server_RFC1001_name &&
2234                     server->server_RFC1001_name[0] != 0)
2235                         rfc1002mangle(ses_init_buf->trailer.
2236                                       session_req.called_name,
2237                                       server->server_RFC1001_name,
2238                                       RFC1001_NAME_LEN_WITH_NULL);
2239                 else
2240                         rfc1002mangle(ses_init_buf->trailer.
2241                                       session_req.called_name,
2242                                       DEFAULT_CIFS_CALLED_NAME,
2243                                       RFC1001_NAME_LEN_WITH_NULL);
2244
2245                 ses_init_buf->trailer.session_req.calling_len = 32;
2246
2247                 /*
2248                  * calling name ends in null (byte 16) from old smb
2249                  * convention.
2250                  */
2251                 if (server->workstation_RFC1001_name &&
2252                     server->workstation_RFC1001_name[0] != 0)
2253                         rfc1002mangle(ses_init_buf->trailer.
2254                                       session_req.calling_name,
2255                                       server->workstation_RFC1001_name,
2256                                       RFC1001_NAME_LEN_WITH_NULL);
2257                 else
2258                         rfc1002mangle(ses_init_buf->trailer.
2259                                       session_req.calling_name,
2260                                       "LINUX_CIFS_CLNT",
2261                                       RFC1001_NAME_LEN_WITH_NULL);
2262
2263                 ses_init_buf->trailer.session_req.scope1 = 0;
2264                 ses_init_buf->trailer.session_req.scope2 = 0;
2265                 smb_buf = (struct smb_hdr *)ses_init_buf;
2266
2267                 /* sizeof RFC1002_SESSION_REQUEST with no scope */
2268                 smb_buf->smb_buf_length = 0x81000044;
2269                 rc = smb_send(server, smb_buf, 0x44);
2270                 kfree(ses_init_buf);
2271                 /*
2272                  * RFC1001 layer in at least one server
2273                  * requires very short break before negprot
2274                  * presumably because not expecting negprot
2275                  * to follow so fast.  This is a simple
2276                  * solution that works without
2277                  * complicating the code and causes no
2278                  * significant slowing down on mount
2279                  * for everyone else
2280                  */
2281                 usleep_range(1000, 2000);
2282         }
2283         /*
2284          * else the negprot may still work without this
2285          * even though malloc failed
2286          */
2287
2288         return rc;
2289 }
2290
2291 static int
2292 generic_ip_connect(struct TCP_Server_Info *server)
2293 {
2294         int rc = 0;
2295         __be16 sport;
2296         int slen, sfamily;
2297         struct socket *socket = server->ssocket;
2298         struct sockaddr *saddr;
2299
2300         saddr = (struct sockaddr *) &server->dstaddr;
2301
2302         if (server->dstaddr.ss_family == AF_INET6) {
2303                 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2304                 slen = sizeof(struct sockaddr_in6);
2305                 sfamily = AF_INET6;
2306         } else {
2307                 sport = ((struct sockaddr_in *) saddr)->sin_port;
2308                 slen = sizeof(struct sockaddr_in);
2309                 sfamily = AF_INET;
2310         }
2311
2312         if (socket == NULL) {
2313                 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2314                                    IPPROTO_TCP, &socket, 1);
2315                 if (rc < 0) {
2316                         cERROR(1, "Error %d creating socket", rc);
2317                         server->ssocket = NULL;
2318                         return rc;
2319                 }
2320
2321                 /* BB other socket options to set KEEPALIVE, NODELAY? */
2322                 cFYI(1, "Socket created");
2323                 server->ssocket = socket;
2324                 socket->sk->sk_allocation = GFP_NOFS;
2325                 if (sfamily == AF_INET6)
2326                         cifs_reclassify_socket6(socket);
2327                 else
2328                         cifs_reclassify_socket4(socket);
2329         }
2330
2331         rc = bind_socket(server);
2332         if (rc < 0)
2333                 return rc;
2334
2335         rc = socket->ops->connect(socket, saddr, slen, 0);
2336         if (rc < 0) {
2337                 cFYI(1, "Error %d connecting to server", rc);
2338                 sock_release(socket);
2339                 server->ssocket = NULL;
2340                 return rc;
2341         }
2342
2343         /*
2344          * Eventually check for other socket options to change from
2345          * the default. sock_setsockopt not used because it expects
2346          * user space buffer
2347          */
2348         socket->sk->sk_rcvtimeo = 7 * HZ;
2349         socket->sk->sk_sndtimeo = 5 * HZ;
2350
2351         /* make the bufsizes depend on wsize/rsize and max requests */
2352         if (server->noautotune) {
2353                 if (socket->sk->sk_sndbuf < (200 * 1024))
2354                         socket->sk->sk_sndbuf = 200 * 1024;
2355                 if (socket->sk->sk_rcvbuf < (140 * 1024))
2356                         socket->sk->sk_rcvbuf = 140 * 1024;
2357         }
2358
2359         if (server->tcp_nodelay) {
2360                 int val = 1;
2361                 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
2362                                 (char *)&val, sizeof(val));
2363                 if (rc)
2364                         cFYI(1, "set TCP_NODELAY socket option error %d", rc);
2365         }
2366
2367          cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
2368                  socket->sk->sk_sndbuf,
2369                  socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
2370
2371         if (sport == htons(RFC1001_PORT))
2372                 rc = ip_rfc1001_connect(server);
2373
2374         return rc;
2375 }
2376
2377 static int
2378 ip_connect(struct TCP_Server_Info *server)
2379 {
2380         __be16 *sport;
2381         struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2382         struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2383
2384         if (server->dstaddr.ss_family == AF_INET6)
2385                 sport = &addr6->sin6_port;
2386         else
2387                 sport = &addr->sin_port;
2388
2389         if (*sport == 0) {
2390                 int rc;
2391
2392                 /* try with 445 port at first */
2393                 *sport = htons(CIFS_PORT);
2394
2395                 rc = generic_ip_connect(server);
2396                 if (rc >= 0)
2397                         return rc;
2398
2399                 /* if it failed, try with 139 port */
2400                 *sport = htons(RFC1001_PORT);
2401         }
2402
2403         return generic_ip_connect(server);
2404 }
2405
2406 void reset_cifs_unix_caps(int xid, struct cifsTconInfo *tcon,
2407                           struct super_block *sb, struct smb_vol *vol_info)
2408 {
2409         /* if we are reconnecting then should we check to see if
2410          * any requested capabilities changed locally e.g. via
2411          * remount but we can not do much about it here
2412          * if they have (even if we could detect it by the following)
2413          * Perhaps we could add a backpointer to array of sb from tcon
2414          * or if we change to make all sb to same share the same
2415          * sb as NFS - then we only have one backpointer to sb.
2416          * What if we wanted to mount the server share twice once with
2417          * and once without posixacls or posix paths? */
2418         __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2419
2420         if (vol_info && vol_info->no_linux_ext) {
2421                 tcon->fsUnixInfo.Capability = 0;
2422                 tcon->unix_ext = 0; /* Unix Extensions disabled */
2423                 cFYI(1, "Linux protocol extensions disabled");
2424                 return;
2425         } else if (vol_info)
2426                 tcon->unix_ext = 1; /* Unix Extensions supported */
2427
2428         if (tcon->unix_ext == 0) {
2429                 cFYI(1, "Unix extensions disabled so not set on reconnect");
2430                 return;
2431         }
2432
2433         if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
2434                 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
2435
2436                 /* check for reconnect case in which we do not
2437                    want to change the mount behavior if we can avoid it */
2438                 if (vol_info == NULL) {
2439                         /* turn off POSIX ACL and PATHNAMES if not set
2440                            originally at mount time */
2441                         if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
2442                                 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2443                         if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2444                                 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2445                                         cERROR(1, "POSIXPATH support change");
2446                                 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2447                         } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
2448                                 cERROR(1, "possible reconnect error");
2449                                 cERROR(1, "server disabled POSIX path support");
2450                         }
2451                 }
2452
2453                 cap &= CIFS_UNIX_CAP_MASK;
2454                 if (vol_info && vol_info->no_psx_acl)
2455                         cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
2456                 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
2457                         cFYI(1, "negotiated posix acl support");
2458                         if (sb)
2459                                 sb->s_flags |= MS_POSIXACL;
2460                 }
2461
2462                 if (vol_info && vol_info->posix_paths == 0)
2463                         cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
2464                 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
2465                         cFYI(1, "negotiate posix pathnames");
2466                         if (sb)
2467                                 CIFS_SB(sb)->mnt_cifs_flags |=
2468                                         CIFS_MOUNT_POSIX_PATHS;
2469                 }
2470
2471                 /* We might be setting the path sep back to a different
2472                 form if we are reconnecting and the server switched its
2473                 posix path capability for this share */
2474                 if (sb && (CIFS_SB(sb)->prepathlen > 0))
2475                         CIFS_SB(sb)->prepath[0] = CIFS_DIR_SEP(CIFS_SB(sb));
2476
2477                 if (sb && (CIFS_SB(sb)->rsize > 127 * 1024)) {
2478                         if ((cap & CIFS_UNIX_LARGE_READ_CAP) == 0) {
2479                                 CIFS_SB(sb)->rsize = 127 * 1024;
2480                                 cFYI(DBG2, "larger reads not supported by srv");
2481                         }
2482                 }
2483
2484
2485                 cFYI(1, "Negotiate caps 0x%x", (int)cap);
2486 #ifdef CONFIG_CIFS_DEBUG2
2487                 if (cap & CIFS_UNIX_FCNTL_CAP)
2488                         cFYI(1, "FCNTL cap");
2489                 if (cap & CIFS_UNIX_EXTATTR_CAP)
2490                         cFYI(1, "EXTATTR cap");
2491                 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
2492                         cFYI(1, "POSIX path cap");
2493                 if (cap & CIFS_UNIX_XATTR_CAP)
2494                         cFYI(1, "XATTR cap");
2495                 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
2496                         cFYI(1, "POSIX ACL cap");
2497                 if (cap & CIFS_UNIX_LARGE_READ_CAP)
2498                         cFYI(1, "very large read cap");
2499                 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
2500                         cFYI(1, "very large write cap");
2501 #endif /* CIFS_DEBUG2 */
2502                 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
2503                         if (vol_info == NULL) {
2504                                 cFYI(1, "resetting capabilities failed");
2505                         } else
2506                                 cERROR(1, "Negotiating Unix capabilities "
2507                                            "with the server failed.  Consider "
2508                                            "mounting with the Unix Extensions\n"
2509                                            "disabled, if problems are found, "
2510                                            "by specifying the nounix mount "
2511                                            "option.");
2512
2513                 }
2514         }
2515 }
2516
2517 static void
2518 convert_delimiter(char *path, char delim)
2519 {
2520         int i;
2521         char old_delim;
2522
2523         if (path == NULL)
2524                 return;
2525
2526         if (delim == '/')
2527                 old_delim = '\\';
2528         else
2529                 old_delim = '/';
2530
2531         for (i = 0; path[i] != '\0'; i++) {
2532                 if (path[i] == old_delim)
2533                         path[i] = delim;
2534         }
2535 }
2536
2537 static void setup_cifs_sb(struct smb_vol *pvolume_info,
2538                           struct cifs_sb_info *cifs_sb)
2539 {
2540         INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
2541
2542         if (pvolume_info->rsize > CIFSMaxBufSize) {
2543                 cERROR(1, "rsize %d too large, using MaxBufSize",
2544                         pvolume_info->rsize);
2545                 cifs_sb->rsize = CIFSMaxBufSize;
2546         } else if ((pvolume_info->rsize) &&
2547                         (pvolume_info->rsize <= CIFSMaxBufSize))
2548                 cifs_sb->rsize = pvolume_info->rsize;
2549         else /* default */
2550                 cifs_sb->rsize = CIFSMaxBufSize;
2551
2552         if (pvolume_info->wsize > PAGEVEC_SIZE * PAGE_CACHE_SIZE) {
2553                 cERROR(1, "wsize %d too large, using 4096 instead",
2554                           pvolume_info->wsize);
2555                 cifs_sb->wsize = 4096;
2556         } else if (pvolume_info->wsize)
2557                 cifs_sb->wsize = pvolume_info->wsize;
2558         else
2559                 cifs_sb->wsize = min_t(const int,
2560                                         PAGEVEC_SIZE * PAGE_CACHE_SIZE,
2561                                         127*1024);
2562                 /* old default of CIFSMaxBufSize was too small now
2563                    that SMB Write2 can send multiple pages in kvec.
2564                    RFC1001 does not describe what happens when frame
2565                    bigger than 128K is sent so use that as max in
2566                    conjunction with 52K kvec constraint on arch with 4K
2567                    page size  */
2568
2569         if (cifs_sb->rsize < 2048) {
2570                 cifs_sb->rsize = 2048;
2571                 /* Windows ME may prefer this */
2572                 cFYI(1, "readsize set to minimum: 2048");
2573         }
2574         /* calculate prepath */
2575         cifs_sb->prepath = pvolume_info->prepath;
2576         if (cifs_sb->prepath) {
2577                 cifs_sb->prepathlen = strlen(cifs_sb->prepath);
2578                 /* we can not convert the / to \ in the path
2579                 separators in the prefixpath yet because we do not
2580                 know (until reset_cifs_unix_caps is called later)
2581                 whether POSIX PATH CAP is available. We normalize
2582                 the / to \ after reset_cifs_unix_caps is called */
2583                 pvolume_info->prepath = NULL;
2584         } else
2585                 cifs_sb->prepathlen = 0;
2586         cifs_sb->mnt_uid = pvolume_info->linux_uid;
2587         cifs_sb->mnt_gid = pvolume_info->linux_gid;
2588         cifs_sb->mnt_file_mode = pvolume_info->file_mode;
2589         cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
2590         cFYI(1, "file mode: 0x%x  dir mode: 0x%x",
2591                 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
2592
2593         cifs_sb->actimeo = pvolume_info->actimeo;
2594
2595         if (pvolume_info->noperm)
2596                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
2597         if (pvolume_info->setuids)
2598                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
2599         if (pvolume_info->server_ino)
2600                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
2601         if (pvolume_info->remap)
2602                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
2603         if (pvolume_info->no_xattr)
2604                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
2605         if (pvolume_info->sfu_emul)
2606                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
2607         if (pvolume_info->nobrl)
2608                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
2609         if (pvolume_info->nostrictsync)
2610                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
2611         if (pvolume_info->mand_lock)
2612                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
2613         if (pvolume_info->cifs_acl)
2614                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
2615         if (pvolume_info->override_uid)
2616                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
2617         if (pvolume_info->override_gid)
2618                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
2619         if (pvolume_info->dynperm)
2620                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
2621         if (pvolume_info->fsc)
2622                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
2623         if (pvolume_info->multiuser)
2624                 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
2625                                             CIFS_MOUNT_NO_PERM);
2626         if (pvolume_info->strict_io)
2627                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
2628         if (pvolume_info->direct_io) {
2629                 cFYI(1, "mounting share using direct i/o");
2630                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
2631         }
2632         if (pvolume_info->mfsymlinks) {
2633                 if (pvolume_info->sfu_emul) {
2634                         cERROR(1,  "mount option mfsymlinks ignored if sfu "
2635                                    "mount option is used");
2636                 } else {
2637                         cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
2638                 }
2639         }
2640
2641         if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
2642                 cERROR(1, "mount option dynperm ignored if cifsacl "
2643                            "mount option supported");
2644 }
2645
2646 static int
2647 is_path_accessible(int xid, struct cifsTconInfo *tcon,
2648                    struct cifs_sb_info *cifs_sb, const char *full_path)
2649 {
2650         int rc;
2651         FILE_ALL_INFO *pfile_info;
2652
2653         pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
2654         if (pfile_info == NULL)
2655                 return -ENOMEM;
2656
2657         rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
2658                               0 /* not legacy */, cifs_sb->local_nls,
2659                               cifs_sb->mnt_cifs_flags &
2660                                 CIFS_MOUNT_MAP_SPECIAL_CHR);
2661         kfree(pfile_info);
2662         return rc;
2663 }
2664
2665 static void
2666 cleanup_volume_info(struct smb_vol **pvolume_info)
2667 {
2668         struct smb_vol *volume_info;
2669
2670         if (!pvolume_info || !*pvolume_info)
2671                 return;
2672
2673         volume_info = *pvolume_info;
2674         kzfree(volume_info->password);
2675         kfree(volume_info->UNC);
2676         kfree(volume_info->prepath);
2677         kfree(volume_info);
2678         *pvolume_info = NULL;
2679         return;
2680 }
2681
2682 #ifdef CONFIG_CIFS_DFS_UPCALL
2683 /* build_path_to_root returns full path to root when
2684  * we do not have an exiting connection (tcon) */
2685 static char *
2686 build_unc_path_to_root(const struct smb_vol *volume_info,
2687                 const struct cifs_sb_info *cifs_sb)
2688 {
2689         char *full_path;
2690
2691         int unc_len = strnlen(volume_info->UNC, MAX_TREE_SIZE + 1);
2692         full_path = kmalloc(unc_len + cifs_sb->prepathlen + 1, GFP_KERNEL);
2693         if (full_path == NULL)
2694                 return ERR_PTR(-ENOMEM);
2695
2696         strncpy(full_path, volume_info->UNC, unc_len);
2697         if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) {
2698                 int i;
2699                 for (i = 0; i < unc_len; i++) {
2700                         if (full_path[i] == '\\')
2701                                 full_path[i] = '/';
2702                 }
2703         }
2704
2705         if (cifs_sb->prepathlen)
2706                 strncpy(full_path + unc_len, cifs_sb->prepath,
2707                                 cifs_sb->prepathlen);
2708
2709         full_path[unc_len + cifs_sb->prepathlen] = 0; /* add trailing null */
2710         return full_path;
2711 }
2712 #endif
2713
2714 int
2715 cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
2716                 char *mount_data_global, const char *devname)
2717 {
2718         int rc;
2719         int xid;
2720         struct smb_vol *volume_info;
2721         struct cifsSesInfo *pSesInfo;
2722         struct cifsTconInfo *tcon;
2723         struct TCP_Server_Info *srvTcp;
2724         char   *full_path;
2725         char *mount_data = mount_data_global;
2726         struct tcon_link *tlink;
2727 #ifdef CONFIG_CIFS_DFS_UPCALL
2728         struct dfs_info3_param *referrals = NULL;
2729         unsigned int num_referrals = 0;
2730         int referral_walks_count = 0;
2731 try_mount_again:
2732 #endif
2733         rc = 0;
2734         tcon = NULL;
2735         pSesInfo = NULL;
2736         srvTcp = NULL;
2737         full_path = NULL;
2738         tlink = NULL;
2739
2740         xid = GetXid();
2741
2742         volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
2743         if (!volume_info) {
2744                 rc = -ENOMEM;
2745                 goto out;
2746         }
2747
2748         if (cifs_parse_mount_options(mount_data, devname, volume_info)) {
2749                 rc = -EINVAL;
2750                 goto out;
2751         }
2752
2753         if (volume_info->nullauth) {
2754                 cFYI(1, "null user");
2755                 volume_info->username = "";
2756         } else if (volume_info->username) {
2757                 /* BB fixme parse for domain name here */
2758                 cFYI(1, "Username: %s", volume_info->username);
2759         } else {
2760                 cifserror("No username specified");
2761         /* In userspace mount helper we can get user name from alternate
2762            locations such as env variables and files on disk */
2763                 rc = -EINVAL;
2764                 goto out;
2765         }
2766
2767         /* this is needed for ASCII cp to Unicode converts */
2768         if (volume_info->iocharset == NULL) {
2769                 /* load_nls_default cannot return null */
2770                 volume_info->local_nls = load_nls_default();
2771         } else {
2772                 volume_info->local_nls = load_nls(volume_info->iocharset);
2773                 if (volume_info->local_nls == NULL) {
2774                         cERROR(1, "CIFS mount error: iocharset %s not found",
2775                                  volume_info->iocharset);
2776                         rc = -ELIBACC;
2777                         goto out;
2778                 }
2779         }
2780         cifs_sb->local_nls = volume_info->local_nls;
2781
2782         /* get a reference to a tcp session */
2783         srvTcp = cifs_get_tcp_session(volume_info);
2784         if (IS_ERR(srvTcp)) {
2785                 rc = PTR_ERR(srvTcp);
2786                 goto out;
2787         }
2788
2789         /* get a reference to a SMB session */
2790         pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
2791         if (IS_ERR(pSesInfo)) {
2792                 rc = PTR_ERR(pSesInfo);
2793                 pSesInfo = NULL;
2794                 goto mount_fail_check;
2795         }
2796
2797         setup_cifs_sb(volume_info, cifs_sb);
2798         if (pSesInfo->capabilities & CAP_LARGE_FILES)
2799                 sb->s_maxbytes = MAX_LFS_FILESIZE;
2800         else
2801                 sb->s_maxbytes = MAX_NON_LFS;
2802
2803         /* BB FIXME fix time_gran to be larger for LANMAN sessions */
2804         sb->s_time_gran = 100;
2805
2806         /* search for existing tcon to this server share */
2807         tcon = cifs_get_tcon(pSesInfo, volume_info);
2808         if (IS_ERR(tcon)) {
2809                 rc = PTR_ERR(tcon);
2810                 tcon = NULL;
2811                 goto remote_path_check;
2812         }
2813
2814         /* do not care if following two calls succeed - informational */
2815         if (!tcon->ipc) {
2816                 CIFSSMBQFSDeviceInfo(xid, tcon);
2817                 CIFSSMBQFSAttributeInfo(xid, tcon);
2818         }
2819
2820         /* tell server which Unix caps we support */
2821         if (tcon->ses->capabilities & CAP_UNIX)
2822                 /* reset of caps checks mount to see if unix extensions
2823                    disabled for just this mount */
2824                 reset_cifs_unix_caps(xid, tcon, sb, volume_info);
2825         else
2826                 tcon->unix_ext = 0; /* server does not support them */
2827
2828         /* convert forward to back slashes in prepath here if needed */
2829         if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) == 0)
2830                 convert_delimiter(cifs_sb->prepath, CIFS_DIR_SEP(cifs_sb));
2831
2832         if ((tcon->unix_ext == 0) && (cifs_sb->rsize > (1024 * 127))) {
2833                 cifs_sb->rsize = 1024 * 127;
2834                 cFYI(DBG2, "no very large read support, rsize now 127K");
2835         }
2836         if (!(tcon->ses->capabilities & CAP_LARGE_WRITE_X))
2837                 cifs_sb->wsize = min(cifs_sb->wsize,
2838                                (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
2839         if (!(tcon->ses->capabilities & CAP_LARGE_READ_X))
2840                 cifs_sb->rsize = min(cifs_sb->rsize,
2841                                (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
2842
2843 remote_path_check:
2844         /* check if a whole path (including prepath) is not remote */
2845         if (!rc && tcon) {
2846                 /* build_path_to_root works only when we have a valid tcon */
2847                 full_path = cifs_build_path_to_root(cifs_sb, tcon);
2848                 if (full_path == NULL) {
2849                         rc = -ENOMEM;
2850                         goto mount_fail_check;
2851                 }
2852                 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
2853                 if (rc != 0 && rc != -EREMOTE) {
2854                         kfree(full_path);
2855                         goto mount_fail_check;
2856                 }
2857                 kfree(full_path);
2858         }
2859
2860         /* get referral if needed */
2861         if (rc == -EREMOTE) {
2862 #ifdef CONFIG_CIFS_DFS_UPCALL
2863                 if (referral_walks_count > MAX_NESTED_LINKS) {
2864                         /*
2865                          * BB: when we implement proper loop detection,
2866                          *     we will remove this check. But now we need it
2867                          *     to prevent an indefinite loop if 'DFS tree' is
2868                          *     misconfigured (i.e. has loops).
2869                          */
2870                         rc = -ELOOP;
2871                         goto mount_fail_check;
2872                 }
2873                 /* convert forward to back slashes in prepath here if needed */
2874                 if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) == 0)
2875                         convert_delimiter(cifs_sb->prepath,
2876           &