cifs: fix writeback race with file that is growing
[linux-3.10.git] / fs / cifs / connect.c
1 /*
2  *   fs/cifs/connect.c
3  *
4  *   Copyright (C) International Business Machines  Corp., 2002,2011
5  *   Author(s): Steve French (sfrench@us.ibm.com)
6  *
7  *   This library is free software; you can redistribute it and/or modify
8  *   it under the terms of the GNU Lesser General Public License as published
9  *   by the Free Software Foundation; either version 2.1 of the License, or
10  *   (at your option) any later version.
11  *
12  *   This library is distributed in the hope that it will be useful,
13  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
14  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
15  *   the GNU Lesser General Public License for more details.
16  *
17  *   You should have received a copy of the GNU Lesser General Public License
18  *   along with this library; if not, write to the Free Software
19  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20  */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/slab.h>
27 #include <linux/pagemap.h>
28 #include <linux/ctype.h>
29 #include <linux/utsname.h>
30 #include <linux/mempool.h>
31 #include <linux/delay.h>
32 #include <linux/completion.h>
33 #include <linux/kthread.h>
34 #include <linux/pagevec.h>
35 #include <linux/freezer.h>
36 #include <linux/namei.h>
37 #include <asm/uaccess.h>
38 #include <asm/processor.h>
39 #include <linux/inet.h>
40 #include <linux/module.h>
41 #include <keys/user-type.h>
42 #include <net/ipv6.h>
43 #include <linux/parser.h>
44
45 #include "cifspdu.h"
46 #include "cifsglob.h"
47 #include "cifsproto.h"
48 #include "cifs_unicode.h"
49 #include "cifs_debug.h"
50 #include "cifs_fs_sb.h"
51 #include "ntlmssp.h"
52 #include "nterr.h"
53 #include "rfc1002pdu.h"
54 #include "fscache.h"
55
56 #define CIFS_PORT 445
57 #define RFC1001_PORT 139
58
59 extern mempool_t *cifs_req_poolp;
60
61 /* FIXME: should these be tunable? */
62 #define TLINK_ERROR_EXPIRE      (1 * HZ)
63 #define TLINK_IDLE_EXPIRE       (600 * HZ)
64
65 enum {
66
67         /* Mount options that take no arguments */
68         Opt_user_xattr, Opt_nouser_xattr,
69         Opt_forceuid, Opt_noforceuid,
70         Opt_forcegid, Opt_noforcegid,
71         Opt_noblocksend, Opt_noautotune,
72         Opt_hard, Opt_soft, Opt_perm, Opt_noperm,
73         Opt_mapchars, Opt_nomapchars, Opt_sfu,
74         Opt_nosfu, Opt_nodfs, Opt_posixpaths,
75         Opt_noposixpaths, Opt_nounix,
76         Opt_nocase,
77         Opt_brl, Opt_nobrl,
78         Opt_forcemandatorylock, Opt_setuids,
79         Opt_nosetuids, Opt_dynperm, Opt_nodynperm,
80         Opt_nohard, Opt_nosoft,
81         Opt_nointr, Opt_intr,
82         Opt_nostrictsync, Opt_strictsync,
83         Opt_serverino, Opt_noserverino,
84         Opt_rwpidforward, Opt_cifsacl, Opt_nocifsacl,
85         Opt_acl, Opt_noacl, Opt_locallease,
86         Opt_sign, Opt_seal, Opt_noac,
87         Opt_fsc, Opt_mfsymlinks,
88         Opt_multiuser, Opt_sloppy,
89
90         /* Mount options which take numeric value */
91         Opt_backupuid, Opt_backupgid, Opt_uid,
92         Opt_cruid, Opt_gid, Opt_file_mode,
93         Opt_dirmode, Opt_port,
94         Opt_rsize, Opt_wsize, Opt_actimeo,
95
96         /* Mount options which take string value */
97         Opt_user, Opt_pass, Opt_ip,
98         Opt_unc, Opt_domain,
99         Opt_srcaddr, Opt_prefixpath,
100         Opt_iocharset, Opt_sockopt,
101         Opt_netbiosname, Opt_servern,
102         Opt_ver, Opt_vers, Opt_sec, Opt_cache,
103
104         /* Mount options to be ignored */
105         Opt_ignore,
106
107         /* Options which could be blank */
108         Opt_blank_pass,
109         Opt_blank_user,
110         Opt_blank_ip,
111
112         Opt_err
113 };
114
115 static const match_table_t cifs_mount_option_tokens = {
116
117         { Opt_user_xattr, "user_xattr" },
118         { Opt_nouser_xattr, "nouser_xattr" },
119         { Opt_forceuid, "forceuid" },
120         { Opt_noforceuid, "noforceuid" },
121         { Opt_forcegid, "forcegid" },
122         { Opt_noforcegid, "noforcegid" },
123         { Opt_noblocksend, "noblocksend" },
124         { Opt_noautotune, "noautotune" },
125         { Opt_hard, "hard" },
126         { Opt_soft, "soft" },
127         { Opt_perm, "perm" },
128         { Opt_noperm, "noperm" },
129         { Opt_mapchars, "mapchars" },
130         { Opt_nomapchars, "nomapchars" },
131         { Opt_sfu, "sfu" },
132         { Opt_nosfu, "nosfu" },
133         { Opt_nodfs, "nodfs" },
134         { Opt_posixpaths, "posixpaths" },
135         { Opt_noposixpaths, "noposixpaths" },
136         { Opt_nounix, "nounix" },
137         { Opt_nounix, "nolinux" },
138         { Opt_nocase, "nocase" },
139         { Opt_nocase, "ignorecase" },
140         { Opt_brl, "brl" },
141         { Opt_nobrl, "nobrl" },
142         { Opt_nobrl, "nolock" },
143         { Opt_forcemandatorylock, "forcemandatorylock" },
144         { Opt_forcemandatorylock, "forcemand" },
145         { Opt_setuids, "setuids" },
146         { Opt_nosetuids, "nosetuids" },
147         { Opt_dynperm, "dynperm" },
148         { Opt_nodynperm, "nodynperm" },
149         { Opt_nohard, "nohard" },
150         { Opt_nosoft, "nosoft" },
151         { Opt_nointr, "nointr" },
152         { Opt_intr, "intr" },
153         { Opt_nostrictsync, "nostrictsync" },
154         { Opt_strictsync, "strictsync" },
155         { Opt_serverino, "serverino" },
156         { Opt_noserverino, "noserverino" },
157         { Opt_rwpidforward, "rwpidforward" },
158         { Opt_cifsacl, "cifsacl" },
159         { Opt_nocifsacl, "nocifsacl" },
160         { Opt_acl, "acl" },
161         { Opt_noacl, "noacl" },
162         { Opt_locallease, "locallease" },
163         { Opt_sign, "sign" },
164         { Opt_seal, "seal" },
165         { Opt_noac, "noac" },
166         { Opt_fsc, "fsc" },
167         { Opt_mfsymlinks, "mfsymlinks" },
168         { Opt_multiuser, "multiuser" },
169         { Opt_sloppy, "sloppy" },
170
171         { Opt_backupuid, "backupuid=%s" },
172         { Opt_backupgid, "backupgid=%s" },
173         { Opt_uid, "uid=%s" },
174         { Opt_cruid, "cruid=%s" },
175         { Opt_gid, "gid=%s" },
176         { Opt_file_mode, "file_mode=%s" },
177         { Opt_dirmode, "dirmode=%s" },
178         { Opt_dirmode, "dir_mode=%s" },
179         { Opt_port, "port=%s" },
180         { Opt_rsize, "rsize=%s" },
181         { Opt_wsize, "wsize=%s" },
182         { Opt_actimeo, "actimeo=%s" },
183
184         { Opt_blank_user, "user=" },
185         { Opt_blank_user, "username=" },
186         { Opt_user, "user=%s" },
187         { Opt_user, "username=%s" },
188         { Opt_blank_pass, "pass=" },
189         { Opt_pass, "pass=%s" },
190         { Opt_pass, "password=%s" },
191         { Opt_blank_ip, "ip=" },
192         { Opt_blank_ip, "addr=" },
193         { Opt_ip, "ip=%s" },
194         { Opt_ip, "addr=%s" },
195         { Opt_unc, "unc=%s" },
196         { Opt_unc, "target=%s" },
197         { Opt_unc, "path=%s" },
198         { Opt_domain, "dom=%s" },
199         { Opt_domain, "domain=%s" },
200         { Opt_domain, "workgroup=%s" },
201         { Opt_srcaddr, "srcaddr=%s" },
202         { Opt_prefixpath, "prefixpath=%s" },
203         { Opt_iocharset, "iocharset=%s" },
204         { Opt_sockopt, "sockopt=%s" },
205         { Opt_netbiosname, "netbiosname=%s" },
206         { Opt_servern, "servern=%s" },
207         { Opt_ver, "ver=%s" },
208         { Opt_vers, "vers=%s" },
209         { Opt_sec, "sec=%s" },
210         { Opt_cache, "cache=%s" },
211
212         { Opt_ignore, "cred" },
213         { Opt_ignore, "credentials" },
214         { Opt_ignore, "cred=%s" },
215         { Opt_ignore, "credentials=%s" },
216         { Opt_ignore, "guest" },
217         { Opt_ignore, "rw" },
218         { Opt_ignore, "ro" },
219         { Opt_ignore, "suid" },
220         { Opt_ignore, "nosuid" },
221         { Opt_ignore, "exec" },
222         { Opt_ignore, "noexec" },
223         { Opt_ignore, "nodev" },
224         { Opt_ignore, "noauto" },
225         { Opt_ignore, "dev" },
226         { Opt_ignore, "mand" },
227         { Opt_ignore, "nomand" },
228         { Opt_ignore, "_netdev" },
229
230         { Opt_err, NULL }
231 };
232
233 enum {
234         Opt_sec_krb5, Opt_sec_krb5i, Opt_sec_krb5p,
235         Opt_sec_ntlmsspi, Opt_sec_ntlmssp,
236         Opt_ntlm, Opt_sec_ntlmi, Opt_sec_ntlmv2,
237         Opt_sec_ntlmv2i, Opt_sec_lanman,
238         Opt_sec_none,
239
240         Opt_sec_err
241 };
242
243 static const match_table_t cifs_secflavor_tokens = {
244         { Opt_sec_krb5, "krb5" },
245         { Opt_sec_krb5i, "krb5i" },
246         { Opt_sec_krb5p, "krb5p" },
247         { Opt_sec_ntlmsspi, "ntlmsspi" },
248         { Opt_sec_ntlmssp, "ntlmssp" },
249         { Opt_ntlm, "ntlm" },
250         { Opt_sec_ntlmi, "ntlmi" },
251         { Opt_sec_ntlmv2, "nontlm" },
252         { Opt_sec_ntlmv2, "ntlmv2" },
253         { Opt_sec_ntlmv2i, "ntlmv2i" },
254         { Opt_sec_lanman, "lanman" },
255         { Opt_sec_none, "none" },
256
257         { Opt_sec_err, NULL }
258 };
259
260 /* cache flavors */
261 enum {
262         Opt_cache_loose,
263         Opt_cache_strict,
264         Opt_cache_none,
265         Opt_cache_err
266 };
267
268 static const match_table_t cifs_cacheflavor_tokens = {
269         { Opt_cache_loose, "loose" },
270         { Opt_cache_strict, "strict" },
271         { Opt_cache_none, "none" },
272         { Opt_cache_err, NULL }
273 };
274
275 static const match_table_t cifs_smb_version_tokens = {
276         { Smb_1, SMB1_VERSION_STRING },
277         { Smb_21, SMB21_VERSION_STRING },
278         { Smb_30, SMB30_VERSION_STRING },
279 };
280
281 static int ip_connect(struct TCP_Server_Info *server);
282 static int generic_ip_connect(struct TCP_Server_Info *server);
283 static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
284 static void cifs_prune_tlinks(struct work_struct *work);
285 static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
286                                         const char *devname);
287
288 /*
289  * cifs tcp session reconnection
290  *
291  * mark tcp session as reconnecting so temporarily locked
292  * mark all smb sessions as reconnecting for tcp session
293  * reconnect tcp session
294  * wake up waiters on reconnection? - (not needed currently)
295  */
296 int
297 cifs_reconnect(struct TCP_Server_Info *server)
298 {
299         int rc = 0;
300         struct list_head *tmp, *tmp2;
301         struct cifs_ses *ses;
302         struct cifs_tcon *tcon;
303         struct mid_q_entry *mid_entry;
304         struct list_head retry_list;
305
306         spin_lock(&GlobalMid_Lock);
307         if (server->tcpStatus == CifsExiting) {
308                 /* the demux thread will exit normally
309                 next time through the loop */
310                 spin_unlock(&GlobalMid_Lock);
311                 return rc;
312         } else
313                 server->tcpStatus = CifsNeedReconnect;
314         spin_unlock(&GlobalMid_Lock);
315         server->maxBuf = 0;
316 #ifdef CONFIG_CIFS_SMB2
317         server->max_read = 0;
318 #endif
319
320         cFYI(1, "Reconnecting tcp session");
321
322         /* before reconnecting the tcp session, mark the smb session (uid)
323                 and the tid bad so they are not used until reconnected */
324         cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
325         spin_lock(&cifs_tcp_ses_lock);
326         list_for_each(tmp, &server->smb_ses_list) {
327                 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
328                 ses->need_reconnect = true;
329                 ses->ipc_tid = 0;
330                 list_for_each(tmp2, &ses->tcon_list) {
331                         tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
332                         tcon->need_reconnect = true;
333                 }
334         }
335         spin_unlock(&cifs_tcp_ses_lock);
336
337         /* do not want to be sending data on a socket we are freeing */
338         cFYI(1, "%s: tearing down socket", __func__);
339         mutex_lock(&server->srv_mutex);
340         if (server->ssocket) {
341                 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
342                         server->ssocket->flags);
343                 kernel_sock_shutdown(server->ssocket, SHUT_WR);
344                 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
345                         server->ssocket->state,
346                         server->ssocket->flags);
347                 sock_release(server->ssocket);
348                 server->ssocket = NULL;
349         }
350         server->sequence_number = 0;
351         server->session_estab = false;
352         kfree(server->session_key.response);
353         server->session_key.response = NULL;
354         server->session_key.len = 0;
355         server->lstrp = jiffies;
356         mutex_unlock(&server->srv_mutex);
357
358         /* mark submitted MIDs for retry and issue callback */
359         INIT_LIST_HEAD(&retry_list);
360         cFYI(1, "%s: moving mids to private list", __func__);
361         spin_lock(&GlobalMid_Lock);
362         list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
363                 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
364                 if (mid_entry->mid_state == MID_REQUEST_SUBMITTED)
365                         mid_entry->mid_state = MID_RETRY_NEEDED;
366                 list_move(&mid_entry->qhead, &retry_list);
367         }
368         spin_unlock(&GlobalMid_Lock);
369
370         cFYI(1, "%s: issuing mid callbacks", __func__);
371         list_for_each_safe(tmp, tmp2, &retry_list) {
372                 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
373                 list_del_init(&mid_entry->qhead);
374                 mid_entry->callback(mid_entry);
375         }
376
377         do {
378                 try_to_freeze();
379
380                 /* we should try only the port we connected to before */
381                 rc = generic_ip_connect(server);
382                 if (rc) {
383                         cFYI(1, "reconnect error %d", rc);
384                         msleep(3000);
385                 } else {
386                         atomic_inc(&tcpSesReconnectCount);
387                         spin_lock(&GlobalMid_Lock);
388                         if (server->tcpStatus != CifsExiting)
389                                 server->tcpStatus = CifsNeedNegotiate;
390                         spin_unlock(&GlobalMid_Lock);
391                 }
392         } while (server->tcpStatus == CifsNeedReconnect);
393
394         return rc;
395 }
396
397 static void
398 cifs_echo_request(struct work_struct *work)
399 {
400         int rc;
401         struct TCP_Server_Info *server = container_of(work,
402                                         struct TCP_Server_Info, echo.work);
403
404         /*
405          * We cannot send an echo if it is disabled or until the
406          * NEGOTIATE_PROTOCOL request is done, which is indicated by
407          * server->ops->need_neg() == true. Also, no need to ping if
408          * we got a response recently.
409          */
410         if (!server->ops->need_neg || server->ops->need_neg(server) ||
411             (server->ops->can_echo && !server->ops->can_echo(server)) ||
412             time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
413                 goto requeue_echo;
414
415         rc = server->ops->echo ? server->ops->echo(server) : -ENOSYS;
416         if (rc)
417                 cFYI(1, "Unable to send echo request to server: %s",
418                         server->hostname);
419
420 requeue_echo:
421         queue_delayed_work(cifsiod_wq, &server->echo, SMB_ECHO_INTERVAL);
422 }
423
424 static bool
425 allocate_buffers(struct TCP_Server_Info *server)
426 {
427         if (!server->bigbuf) {
428                 server->bigbuf = (char *)cifs_buf_get();
429                 if (!server->bigbuf) {
430                         cERROR(1, "No memory for large SMB response");
431                         msleep(3000);
432                         /* retry will check if exiting */
433                         return false;
434                 }
435         } else if (server->large_buf) {
436                 /* we are reusing a dirty large buf, clear its start */
437                 memset(server->bigbuf, 0, HEADER_SIZE(server));
438         }
439
440         if (!server->smallbuf) {
441                 server->smallbuf = (char *)cifs_small_buf_get();
442                 if (!server->smallbuf) {
443                         cERROR(1, "No memory for SMB response");
444                         msleep(1000);
445                         /* retry will check if exiting */
446                         return false;
447                 }
448                 /* beginning of smb buffer is cleared in our buf_get */
449         } else {
450                 /* if existing small buf clear beginning */
451                 memset(server->smallbuf, 0, HEADER_SIZE(server));
452         }
453
454         return true;
455 }
456
457 static bool
458 server_unresponsive(struct TCP_Server_Info *server)
459 {
460         /*
461          * We need to wait 2 echo intervals to make sure we handle such
462          * situations right:
463          * 1s  client sends a normal SMB request
464          * 2s  client gets a response
465          * 30s echo workqueue job pops, and decides we got a response recently
466          *     and don't need to send another
467          * ...
468          * 65s kernel_recvmsg times out, and we see that we haven't gotten
469          *     a response in >60s.
470          */
471         if (server->tcpStatus == CifsGood &&
472             time_after(jiffies, server->lstrp + 2 * SMB_ECHO_INTERVAL)) {
473                 cERROR(1, "Server %s has not responded in %d seconds. "
474                           "Reconnecting...", server->hostname,
475                           (2 * SMB_ECHO_INTERVAL) / HZ);
476                 cifs_reconnect(server);
477                 wake_up(&server->response_q);
478                 return true;
479         }
480
481         return false;
482 }
483
484 /*
485  * kvec_array_init - clone a kvec array, and advance into it
486  * @new:        pointer to memory for cloned array
487  * @iov:        pointer to original array
488  * @nr_segs:    number of members in original array
489  * @bytes:      number of bytes to advance into the cloned array
490  *
491  * This function will copy the array provided in iov to a section of memory
492  * and advance the specified number of bytes into the new array. It returns
493  * the number of segments in the new array. "new" must be at least as big as
494  * the original iov array.
495  */
496 static unsigned int
497 kvec_array_init(struct kvec *new, struct kvec *iov, unsigned int nr_segs,
498                 size_t bytes)
499 {
500         size_t base = 0;
501
502         while (bytes || !iov->iov_len) {
503                 int copy = min(bytes, iov->iov_len);
504
505                 bytes -= copy;
506                 base += copy;
507                 if (iov->iov_len == base) {
508                         iov++;
509                         nr_segs--;
510                         base = 0;
511                 }
512         }
513         memcpy(new, iov, sizeof(*iov) * nr_segs);
514         new->iov_base += base;
515         new->iov_len -= base;
516         return nr_segs;
517 }
518
519 static struct kvec *
520 get_server_iovec(struct TCP_Server_Info *server, unsigned int nr_segs)
521 {
522         struct kvec *new_iov;
523
524         if (server->iov && nr_segs <= server->nr_iov)
525                 return server->iov;
526
527         /* not big enough -- allocate a new one and release the old */
528         new_iov = kmalloc(sizeof(*new_iov) * nr_segs, GFP_NOFS);
529         if (new_iov) {
530                 kfree(server->iov);
531                 server->iov = new_iov;
532                 server->nr_iov = nr_segs;
533         }
534         return new_iov;
535 }
536
537 int
538 cifs_readv_from_socket(struct TCP_Server_Info *server, struct kvec *iov_orig,
539                        unsigned int nr_segs, unsigned int to_read)
540 {
541         int length = 0;
542         int total_read;
543         unsigned int segs;
544         struct msghdr smb_msg;
545         struct kvec *iov;
546
547         iov = get_server_iovec(server, nr_segs);
548         if (!iov)
549                 return -ENOMEM;
550
551         smb_msg.msg_control = NULL;
552         smb_msg.msg_controllen = 0;
553
554         for (total_read = 0; to_read; total_read += length, to_read -= length) {
555                 try_to_freeze();
556
557                 if (server_unresponsive(server)) {
558                         total_read = -EAGAIN;
559                         break;
560                 }
561
562                 segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
563
564                 length = kernel_recvmsg(server->ssocket, &smb_msg,
565                                         iov, segs, to_read, 0);
566
567                 if (server->tcpStatus == CifsExiting) {
568                         total_read = -ESHUTDOWN;
569                         break;
570                 } else if (server->tcpStatus == CifsNeedReconnect) {
571                         cifs_reconnect(server);
572                         total_read = -EAGAIN;
573                         break;
574                 } else if (length == -ERESTARTSYS ||
575                            length == -EAGAIN ||
576                            length == -EINTR) {
577                         /*
578                          * Minimum sleep to prevent looping, allowing socket
579                          * to clear and app threads to set tcpStatus
580                          * CifsNeedReconnect if server hung.
581                          */
582                         usleep_range(1000, 2000);
583                         length = 0;
584                         continue;
585                 } else if (length <= 0) {
586                         cFYI(1, "Received no data or error: expecting %d "
587                                 "got %d", to_read, length);
588                         cifs_reconnect(server);
589                         total_read = -EAGAIN;
590                         break;
591                 }
592         }
593         return total_read;
594 }
595
596 int
597 cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
598                       unsigned int to_read)
599 {
600         struct kvec iov;
601
602         iov.iov_base = buf;
603         iov.iov_len = to_read;
604
605         return cifs_readv_from_socket(server, &iov, 1, to_read);
606 }
607
608 static bool
609 is_smb_response(struct TCP_Server_Info *server, unsigned char type)
610 {
611         /*
612          * The first byte big endian of the length field,
613          * is actually not part of the length but the type
614          * with the most common, zero, as regular data.
615          */
616         switch (type) {
617         case RFC1002_SESSION_MESSAGE:
618                 /* Regular SMB response */
619                 return true;
620         case RFC1002_SESSION_KEEP_ALIVE:
621                 cFYI(1, "RFC 1002 session keep alive");
622                 break;
623         case RFC1002_POSITIVE_SESSION_RESPONSE:
624                 cFYI(1, "RFC 1002 positive session response");
625                 break;
626         case RFC1002_NEGATIVE_SESSION_RESPONSE:
627                 /*
628                  * We get this from Windows 98 instead of an error on
629                  * SMB negprot response.
630                  */
631                 cFYI(1, "RFC 1002 negative session response");
632                 /* give server a second to clean up */
633                 msleep(1000);
634                 /*
635                  * Always try 445 first on reconnect since we get NACK
636                  * on some if we ever connected to port 139 (the NACK
637                  * is since we do not begin with RFC1001 session
638                  * initialize frame).
639                  */
640                 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
641                 cifs_reconnect(server);
642                 wake_up(&server->response_q);
643                 break;
644         default:
645                 cERROR(1, "RFC 1002 unknown response type 0x%x", type);
646                 cifs_reconnect(server);
647         }
648
649         return false;
650 }
651
652 void
653 dequeue_mid(struct mid_q_entry *mid, bool malformed)
654 {
655 #ifdef CONFIG_CIFS_STATS2
656         mid->when_received = jiffies;
657 #endif
658         spin_lock(&GlobalMid_Lock);
659         if (!malformed)
660                 mid->mid_state = MID_RESPONSE_RECEIVED;
661         else
662                 mid->mid_state = MID_RESPONSE_MALFORMED;
663         list_del_init(&mid->qhead);
664         spin_unlock(&GlobalMid_Lock);
665 }
666
667 static void
668 handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
669            char *buf, int malformed)
670 {
671         if (server->ops->check_trans2 &&
672             server->ops->check_trans2(mid, server, buf, malformed))
673                 return;
674         mid->resp_buf = buf;
675         mid->large_buf = server->large_buf;
676         /* Was previous buf put in mpx struct for multi-rsp? */
677         if (!mid->multiRsp) {
678                 /* smb buffer will be freed by user thread */
679                 if (server->large_buf)
680                         server->bigbuf = NULL;
681                 else
682                         server->smallbuf = NULL;
683         }
684         dequeue_mid(mid, malformed);
685 }
686
687 static void clean_demultiplex_info(struct TCP_Server_Info *server)
688 {
689         int length;
690
691         /* take it off the list, if it's not already */
692         spin_lock(&cifs_tcp_ses_lock);
693         list_del_init(&server->tcp_ses_list);
694         spin_unlock(&cifs_tcp_ses_lock);
695
696         spin_lock(&GlobalMid_Lock);
697         server->tcpStatus = CifsExiting;
698         spin_unlock(&GlobalMid_Lock);
699         wake_up_all(&server->response_q);
700
701         /* check if we have blocked requests that need to free */
702         spin_lock(&server->req_lock);
703         if (server->credits <= 0)
704                 server->credits = 1;
705         spin_unlock(&server->req_lock);
706         /*
707          * Although there should not be any requests blocked on this queue it
708          * can not hurt to be paranoid and try to wake up requests that may
709          * haven been blocked when more than 50 at time were on the wire to the
710          * same server - they now will see the session is in exit state and get
711          * out of SendReceive.
712          */
713         wake_up_all(&server->request_q);
714         /* give those requests time to exit */
715         msleep(125);
716
717         if (server->ssocket) {
718                 sock_release(server->ssocket);
719                 server->ssocket = NULL;
720         }
721
722         if (!list_empty(&server->pending_mid_q)) {
723                 struct list_head dispose_list;
724                 struct mid_q_entry *mid_entry;
725                 struct list_head *tmp, *tmp2;
726
727                 INIT_LIST_HEAD(&dispose_list);
728                 spin_lock(&GlobalMid_Lock);
729                 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
730                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
731                         cFYI(1, "Clearing mid 0x%llx", mid_entry->mid);
732                         mid_entry->mid_state = MID_SHUTDOWN;
733                         list_move(&mid_entry->qhead, &dispose_list);
734                 }
735                 spin_unlock(&GlobalMid_Lock);
736
737                 /* now walk dispose list and issue callbacks */
738                 list_for_each_safe(tmp, tmp2, &dispose_list) {
739                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
740                         cFYI(1, "Callback mid 0x%llx", mid_entry->mid);
741                         list_del_init(&mid_entry->qhead);
742                         mid_entry->callback(mid_entry);
743                 }
744                 /* 1/8th of sec is more than enough time for them to exit */
745                 msleep(125);
746         }
747
748         if (!list_empty(&server->pending_mid_q)) {
749                 /*
750                  * mpx threads have not exited yet give them at least the smb
751                  * send timeout time for long ops.
752                  *
753                  * Due to delays on oplock break requests, we need to wait at
754                  * least 45 seconds before giving up on a request getting a
755                  * response and going ahead and killing cifsd.
756                  */
757                 cFYI(1, "Wait for exit from demultiplex thread");
758                 msleep(46000);
759                 /*
760                  * If threads still have not exited they are probably never
761                  * coming home not much else we can do but free the memory.
762                  */
763         }
764
765         kfree(server->hostname);
766         kfree(server->iov);
767         kfree(server);
768
769         length = atomic_dec_return(&tcpSesAllocCount);
770         if (length > 0)
771                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
772                                 GFP_KERNEL);
773 }
774
775 static int
776 standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
777 {
778         int length;
779         char *buf = server->smallbuf;
780         unsigned int pdu_length = get_rfc1002_length(buf);
781
782         /* make sure this will fit in a large buffer */
783         if (pdu_length > CIFSMaxBufSize + MAX_HEADER_SIZE(server) - 4) {
784                 cERROR(1, "SMB response too long (%u bytes)",
785                         pdu_length);
786                 cifs_reconnect(server);
787                 wake_up(&server->response_q);
788                 return -EAGAIN;
789         }
790
791         /* switch to large buffer if too big for a small one */
792         if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
793                 server->large_buf = true;
794                 memcpy(server->bigbuf, buf, server->total_read);
795                 buf = server->bigbuf;
796         }
797
798         /* now read the rest */
799         length = cifs_read_from_socket(server, buf + HEADER_SIZE(server) - 1,
800                                 pdu_length - HEADER_SIZE(server) + 1 + 4);
801         if (length < 0)
802                 return length;
803         server->total_read += length;
804
805         dump_smb(buf, server->total_read);
806
807         /*
808          * We know that we received enough to get to the MID as we
809          * checked the pdu_length earlier. Now check to see
810          * if the rest of the header is OK. We borrow the length
811          * var for the rest of the loop to avoid a new stack var.
812          *
813          * 48 bytes is enough to display the header and a little bit
814          * into the payload for debugging purposes.
815          */
816         length = server->ops->check_message(buf, server->total_read);
817         if (length != 0)
818                 cifs_dump_mem("Bad SMB: ", buf,
819                         min_t(unsigned int, server->total_read, 48));
820
821         if (server->ops->is_status_pending &&
822             server->ops->is_status_pending(buf, server, length))
823                 return -1;
824
825         if (!mid)
826                 return length;
827
828         handle_mid(mid, server, buf, length);
829         return 0;
830 }
831
832 static int
833 cifs_demultiplex_thread(void *p)
834 {
835         int length;
836         struct TCP_Server_Info *server = p;
837         unsigned int pdu_length;
838         char *buf = NULL;
839         struct task_struct *task_to_wake = NULL;
840         struct mid_q_entry *mid_entry;
841
842         current->flags |= PF_MEMALLOC;
843         cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
844
845         length = atomic_inc_return(&tcpSesAllocCount);
846         if (length > 1)
847                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
848                                 GFP_KERNEL);
849
850         set_freezable();
851         while (server->tcpStatus != CifsExiting) {
852                 if (try_to_freeze())
853                         continue;
854
855                 if (!allocate_buffers(server))
856                         continue;
857
858                 server->large_buf = false;
859                 buf = server->smallbuf;
860                 pdu_length = 4; /* enough to get RFC1001 header */
861
862                 length = cifs_read_from_socket(server, buf, pdu_length);
863                 if (length < 0)
864                         continue;
865                 server->total_read = length;
866
867                 /*
868                  * The right amount was read from socket - 4 bytes,
869                  * so we can now interpret the length field.
870                  */
871                 pdu_length = get_rfc1002_length(buf);
872
873                 cFYI(1, "RFC1002 header 0x%x", pdu_length);
874                 if (!is_smb_response(server, buf[0]))
875                         continue;
876
877                 /* make sure we have enough to get to the MID */
878                 if (pdu_length < HEADER_SIZE(server) - 1 - 4) {
879                         cERROR(1, "SMB response too short (%u bytes)",
880                                 pdu_length);
881                         cifs_reconnect(server);
882                         wake_up(&server->response_q);
883                         continue;
884                 }
885
886                 /* read down to the MID */
887                 length = cifs_read_from_socket(server, buf + 4,
888                                                HEADER_SIZE(server) - 1 - 4);
889                 if (length < 0)
890                         continue;
891                 server->total_read += length;
892
893                 mid_entry = server->ops->find_mid(server, buf);
894
895                 if (!mid_entry || !mid_entry->receive)
896                         length = standard_receive3(server, mid_entry);
897                 else
898                         length = mid_entry->receive(server, mid_entry);
899
900                 if (length < 0)
901                         continue;
902
903                 if (server->large_buf)
904                         buf = server->bigbuf;
905
906                 server->lstrp = jiffies;
907                 if (mid_entry != NULL) {
908                         if (!mid_entry->multiRsp || mid_entry->multiEnd)
909                                 mid_entry->callback(mid_entry);
910                 } else if (!server->ops->is_oplock_break ||
911                            !server->ops->is_oplock_break(buf, server)) {
912                         cERROR(1, "No task to wake, unknown frame received! "
913                                    "NumMids %d", atomic_read(&midCount));
914                         cifs_dump_mem("Received Data is: ", buf,
915                                       HEADER_SIZE(server));
916 #ifdef CONFIG_CIFS_DEBUG2
917                         if (server->ops->dump_detail)
918                                 server->ops->dump_detail(buf);
919                         cifs_dump_mids(server);
920 #endif /* CIFS_DEBUG2 */
921
922                 }
923         } /* end while !EXITING */
924
925         /* buffer usually freed in free_mid - need to free it here on exit */
926         cifs_buf_release(server->bigbuf);
927         if (server->smallbuf) /* no sense logging a debug message if NULL */
928                 cifs_small_buf_release(server->smallbuf);
929
930         task_to_wake = xchg(&server->tsk, NULL);
931         clean_demultiplex_info(server);
932
933         /* if server->tsk was NULL then wait for a signal before exiting */
934         if (!task_to_wake) {
935                 set_current_state(TASK_INTERRUPTIBLE);
936                 while (!signal_pending(current)) {
937                         schedule();
938                         set_current_state(TASK_INTERRUPTIBLE);
939                 }
940                 set_current_state(TASK_RUNNING);
941         }
942
943         module_put_and_exit(0);
944 }
945
946 /* extract the host portion of the UNC string */
947 static char *
948 extract_hostname(const char *unc)
949 {
950         const char *src;
951         char *dst, *delim;
952         unsigned int len;
953
954         /* skip double chars at beginning of string */
955         /* BB: check validity of these bytes? */
956         src = unc + 2;
957
958         /* delimiter between hostname and sharename is always '\\' now */
959         delim = strchr(src, '\\');
960         if (!delim)
961                 return ERR_PTR(-EINVAL);
962
963         len = delim - src;
964         dst = kmalloc((len + 1), GFP_KERNEL);
965         if (dst == NULL)
966                 return ERR_PTR(-ENOMEM);
967
968         memcpy(dst, src, len);
969         dst[len] = '\0';
970
971         return dst;
972 }
973
974 static int get_option_ul(substring_t args[], unsigned long *option)
975 {
976         int rc;
977         char *string;
978
979         string = match_strdup(args);
980         if (string == NULL)
981                 return -ENOMEM;
982         rc = kstrtoul(string, 0, option);
983         kfree(string);
984
985         return rc;
986 }
987
988
989 static int cifs_parse_security_flavors(char *value,
990                                        struct smb_vol *vol)
991 {
992
993         substring_t args[MAX_OPT_ARGS];
994
995         switch (match_token(value, cifs_secflavor_tokens, args)) {
996         case Opt_sec_krb5:
997                 vol->secFlg |= CIFSSEC_MAY_KRB5;
998                 break;
999         case Opt_sec_krb5i:
1000                 vol->secFlg |= CIFSSEC_MAY_KRB5 | CIFSSEC_MUST_SIGN;
1001                 break;
1002         case Opt_sec_krb5p:
1003                 /* vol->secFlg |= CIFSSEC_MUST_SEAL | CIFSSEC_MAY_KRB5; */
1004                 cERROR(1, "Krb5 cifs privacy not supported");
1005                 break;
1006         case Opt_sec_ntlmssp:
1007                 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
1008                 break;
1009         case Opt_sec_ntlmsspi:
1010                 vol->secFlg |= CIFSSEC_MAY_NTLMSSP | CIFSSEC_MUST_SIGN;
1011                 break;
1012         case Opt_ntlm:
1013                 /* ntlm is default so can be turned off too */
1014                 vol->secFlg |= CIFSSEC_MAY_NTLM;
1015                 break;
1016         case Opt_sec_ntlmi:
1017                 vol->secFlg |= CIFSSEC_MAY_NTLM | CIFSSEC_MUST_SIGN;
1018                 break;
1019         case Opt_sec_ntlmv2:
1020                 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1021                 break;
1022         case Opt_sec_ntlmv2i:
1023                 vol->secFlg |= CIFSSEC_MAY_NTLMV2 | CIFSSEC_MUST_SIGN;
1024                 break;
1025 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1026         case Opt_sec_lanman:
1027                 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1028                 break;
1029 #endif
1030         case Opt_sec_none:
1031                 vol->nullauth = 1;
1032                 break;
1033         default:
1034                 cERROR(1, "bad security option: %s", value);
1035                 return 1;
1036         }
1037
1038         return 0;
1039 }
1040
1041 static int
1042 cifs_parse_cache_flavor(char *value, struct smb_vol *vol)
1043 {
1044         substring_t args[MAX_OPT_ARGS];
1045
1046         switch (match_token(value, cifs_cacheflavor_tokens, args)) {
1047         case Opt_cache_loose:
1048                 vol->direct_io = false;
1049                 vol->strict_io = false;
1050                 break;
1051         case Opt_cache_strict:
1052                 vol->direct_io = false;
1053                 vol->strict_io = true;
1054                 break;
1055         case Opt_cache_none:
1056                 vol->direct_io = true;
1057                 vol->strict_io = false;
1058                 break;
1059         default:
1060                 cERROR(1, "bad cache= option: %s", value);
1061                 return 1;
1062         }
1063         return 0;
1064 }
1065
1066 static int
1067 cifs_parse_smb_version(char *value, struct smb_vol *vol)
1068 {
1069         substring_t args[MAX_OPT_ARGS];
1070
1071         switch (match_token(value, cifs_smb_version_tokens, args)) {
1072         case Smb_1:
1073                 vol->ops = &smb1_operations;
1074                 vol->vals = &smb1_values;
1075                 break;
1076 #ifdef CONFIG_CIFS_SMB2
1077         case Smb_21:
1078                 vol->ops = &smb21_operations;
1079                 vol->vals = &smb21_values;
1080                 break;
1081         case Smb_30:
1082                 vol->ops = &smb21_operations; /* currently identical with 2.1 */
1083                 vol->vals = &smb30_values;
1084                 break;
1085 #endif
1086         default:
1087                 cERROR(1, "Unknown vers= option specified: %s", value);
1088                 return 1;
1089         }
1090         return 0;
1091 }
1092
1093 static int
1094 cifs_parse_mount_options(const char *mountdata, const char *devname,
1095                          struct smb_vol *vol)
1096 {
1097         char *data, *end;
1098         char *mountdata_copy = NULL, *options;
1099         unsigned int  temp_len, i, j;
1100         char separator[2];
1101         short int override_uid = -1;
1102         short int override_gid = -1;
1103         bool uid_specified = false;
1104         bool gid_specified = false;
1105         bool sloppy = false;
1106         char *invalid = NULL;
1107         char *nodename = utsname()->nodename;
1108         char *string = NULL;
1109         char *tmp_end, *value;
1110         char delim;
1111
1112         separator[0] = ',';
1113         separator[1] = 0;
1114         delim = separator[0];
1115
1116         /*
1117          * does not have to be perfect mapping since field is
1118          * informational, only used for servers that do not support
1119          * port 445 and it can be overridden at mount time
1120          */
1121         memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1122         for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1123                 vol->source_rfc1001_name[i] = toupper(nodename[i]);
1124
1125         vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1126         /* null target name indicates to use *SMBSERVR default called name
1127            if we end up sending RFC1001 session initialize */
1128         vol->target_rfc1001_name[0] = 0;
1129         vol->cred_uid = current_uid();
1130         vol->linux_uid = current_uid();
1131         vol->linux_gid = current_gid();
1132
1133         /* default to only allowing write access to owner of the mount */
1134         vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1135
1136         /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1137         /* default is always to request posix paths. */
1138         vol->posix_paths = 1;
1139         /* default to using server inode numbers where available */
1140         vol->server_ino = 1;
1141
1142         /* default is to use strict cifs caching semantics */
1143         vol->strict_io = true;
1144
1145         vol->actimeo = CIFS_DEF_ACTIMEO;
1146
1147         /* FIXME: add autonegotiation -- for now, SMB1 is default */
1148         vol->ops = &smb1_operations;
1149         vol->vals = &smb1_values;
1150
1151         if (!mountdata)
1152                 goto cifs_parse_mount_err;
1153
1154         mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
1155         if (!mountdata_copy)
1156                 goto cifs_parse_mount_err;
1157
1158         options = mountdata_copy;
1159         end = options + strlen(options);
1160
1161         if (strncmp(options, "sep=", 4) == 0) {
1162                 if (options[4] != 0) {
1163                         separator[0] = options[4];
1164                         options += 5;
1165                 } else {
1166                         cFYI(1, "Null separator not allowed");
1167                 }
1168         }
1169         vol->backupuid_specified = false; /* no backup intent for a user */
1170         vol->backupgid_specified = false; /* no backup intent for a group */
1171
1172         while ((data = strsep(&options, separator)) != NULL) {
1173                 substring_t args[MAX_OPT_ARGS];
1174                 unsigned long option;
1175                 int token;
1176
1177                 if (!*data)
1178                         continue;
1179
1180                 token = match_token(data, cifs_mount_option_tokens, args);
1181
1182                 switch (token) {
1183
1184                 /* Ingnore the following */
1185                 case Opt_ignore:
1186                         break;
1187
1188                 /* Boolean values */
1189                 case Opt_user_xattr:
1190                         vol->no_xattr = 0;
1191                         break;
1192                 case Opt_nouser_xattr:
1193                         vol->no_xattr = 1;
1194                         break;
1195                 case Opt_forceuid:
1196                         override_uid = 1;
1197                         break;
1198                 case Opt_noforceuid:
1199                         override_uid = 0;
1200                         break;
1201                 case Opt_forcegid:
1202                         override_gid = 1;
1203                         break;
1204                 case Opt_noforcegid:
1205                         override_gid = 0;
1206                         break;
1207                 case Opt_noblocksend:
1208                         vol->noblocksnd = 1;
1209                         break;
1210                 case Opt_noautotune:
1211                         vol->noautotune = 1;
1212                         break;
1213                 case Opt_hard:
1214                         vol->retry = 1;
1215                         break;
1216                 case Opt_soft:
1217                         vol->retry = 0;
1218                         break;
1219                 case Opt_perm:
1220                         vol->noperm = 0;
1221                         break;
1222                 case Opt_noperm:
1223                         vol->noperm = 1;
1224                         break;
1225                 case Opt_mapchars:
1226                         vol->remap = 1;
1227                         break;
1228                 case Opt_nomapchars:
1229                         vol->remap = 0;
1230                         break;
1231                 case Opt_sfu:
1232                         vol->sfu_emul = 1;
1233                         break;
1234                 case Opt_nosfu:
1235                         vol->sfu_emul = 0;
1236                         break;
1237                 case Opt_nodfs:
1238                         vol->nodfs = 1;
1239                         break;
1240                 case Opt_posixpaths:
1241                         vol->posix_paths = 1;
1242                         break;
1243                 case Opt_noposixpaths:
1244                         vol->posix_paths = 0;
1245                         break;
1246                 case Opt_nounix:
1247                         vol->no_linux_ext = 1;
1248                         break;
1249                 case Opt_nocase:
1250                         vol->nocase = 1;
1251                         break;
1252                 case Opt_brl:
1253                         vol->nobrl =  0;
1254                         break;
1255                 case Opt_nobrl:
1256                         vol->nobrl =  1;
1257                         /*
1258                          * turn off mandatory locking in mode
1259                          * if remote locking is turned off since the
1260                          * local vfs will do advisory
1261                          */
1262                         if (vol->file_mode ==
1263                                 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1264                                 vol->file_mode = S_IALLUGO;
1265                         break;
1266                 case Opt_forcemandatorylock:
1267                         vol->mand_lock = 1;
1268                         break;
1269                 case Opt_setuids:
1270                         vol->setuids = 1;
1271                         break;
1272                 case Opt_nosetuids:
1273                         vol->setuids = 0;
1274                         break;
1275                 case Opt_dynperm:
1276                         vol->dynperm = true;
1277                         break;
1278                 case Opt_nodynperm:
1279                         vol->dynperm = false;
1280                         break;
1281                 case Opt_nohard:
1282                         vol->retry = 0;
1283                         break;
1284                 case Opt_nosoft:
1285                         vol->retry = 1;
1286                         break;
1287                 case Opt_nointr:
1288                         vol->intr = 0;
1289                         break;
1290                 case Opt_intr:
1291                         vol->intr = 1;
1292                         break;
1293                 case Opt_nostrictsync:
1294                         vol->nostrictsync = 1;
1295                         break;
1296                 case Opt_strictsync:
1297                         vol->nostrictsync = 0;
1298                         break;
1299                 case Opt_serverino:
1300                         vol->server_ino = 1;
1301                         break;
1302                 case Opt_noserverino:
1303                         vol->server_ino = 0;
1304                         break;
1305                 case Opt_rwpidforward:
1306                         vol->rwpidforward = 1;
1307                         break;
1308                 case Opt_cifsacl:
1309                         vol->cifs_acl = 1;
1310                         break;
1311                 case Opt_nocifsacl:
1312                         vol->cifs_acl = 0;
1313                         break;
1314                 case Opt_acl:
1315                         vol->no_psx_acl = 0;
1316                         break;
1317                 case Opt_noacl:
1318                         vol->no_psx_acl = 1;
1319                         break;
1320                 case Opt_locallease:
1321                         vol->local_lease = 1;
1322                         break;
1323                 case Opt_sign:
1324                         vol->secFlg |= CIFSSEC_MUST_SIGN;
1325                         break;
1326                 case Opt_seal:
1327                         /* we do not do the following in secFlags because seal
1328                          * is a per tree connection (mount) not a per socket
1329                          * or per-smb connection option in the protocol
1330                          * vol->secFlg |= CIFSSEC_MUST_SEAL;
1331                          */
1332                         vol->seal = 1;
1333                         break;
1334                 case Opt_noac:
1335                         printk(KERN_WARNING "CIFS: Mount option noac not "
1336                                 "supported. Instead set "
1337                                 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1338                         break;
1339                 case Opt_fsc:
1340 #ifndef CONFIG_CIFS_FSCACHE
1341                         cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
1342                                   "kernel config option set");
1343                         goto cifs_parse_mount_err;
1344 #endif
1345                         vol->fsc = true;
1346                         break;
1347                 case Opt_mfsymlinks:
1348                         vol->mfsymlinks = true;
1349                         break;
1350                 case Opt_multiuser:
1351                         vol->multiuser = true;
1352                         break;
1353                 case Opt_sloppy:
1354                         sloppy = true;
1355                         break;
1356
1357                 /* Numeric Values */
1358                 case Opt_backupuid:
1359                         if (get_option_ul(args, &option)) {
1360                                 cERROR(1, "%s: Invalid backupuid value",
1361                                         __func__);
1362                                 goto cifs_parse_mount_err;
1363                         }
1364                         vol->backupuid = option;
1365                         vol->backupuid_specified = true;
1366                         break;
1367                 case Opt_backupgid:
1368                         if (get_option_ul(args, &option)) {
1369                                 cERROR(1, "%s: Invalid backupgid value",
1370                                         __func__);
1371                                 goto cifs_parse_mount_err;
1372                         }
1373                         vol->backupgid = option;
1374                         vol->backupgid_specified = true;
1375                         break;
1376                 case Opt_uid:
1377                         if (get_option_ul(args, &option)) {
1378                                 cERROR(1, "%s: Invalid uid value",
1379                                         __func__);
1380                                 goto cifs_parse_mount_err;
1381                         }
1382                         vol->linux_uid = option;
1383                         uid_specified = true;
1384                         break;
1385                 case Opt_cruid:
1386                         if (get_option_ul(args, &option)) {
1387                                 cERROR(1, "%s: Invalid cruid value",
1388                                         __func__);
1389                                 goto cifs_parse_mount_err;
1390                         }
1391                         vol->cred_uid = option;
1392                         break;
1393                 case Opt_gid:
1394                         if (get_option_ul(args, &option)) {
1395                                 cERROR(1, "%s: Invalid gid value",
1396                                                 __func__);
1397                                 goto cifs_parse_mount_err;
1398                         }
1399                         vol->linux_gid = option;
1400                         gid_specified = true;
1401                         break;
1402                 case Opt_file_mode:
1403                         if (get_option_ul(args, &option)) {
1404                                 cERROR(1, "%s: Invalid file_mode value",
1405                                         __func__);
1406                                 goto cifs_parse_mount_err;
1407                         }
1408                         vol->file_mode = option;
1409                         break;
1410                 case Opt_dirmode:
1411                         if (get_option_ul(args, &option)) {
1412                                 cERROR(1, "%s: Invalid dir_mode value",
1413                                         __func__);
1414                                 goto cifs_parse_mount_err;
1415                         }
1416                         vol->dir_mode = option;
1417                         break;
1418                 case Opt_port:
1419                         if (get_option_ul(args, &option)) {
1420                                 cERROR(1, "%s: Invalid port value",
1421                                         __func__);
1422                                 goto cifs_parse_mount_err;
1423                         }
1424                         vol->port = option;
1425                         break;
1426                 case Opt_rsize:
1427                         if (get_option_ul(args, &option)) {
1428                                 cERROR(1, "%s: Invalid rsize value",
1429                                         __func__);
1430                                 goto cifs_parse_mount_err;
1431                         }
1432                         vol->rsize = option;
1433                         break;
1434                 case Opt_wsize:
1435                         if (get_option_ul(args, &option)) {
1436                                 cERROR(1, "%s: Invalid wsize value",
1437                                         __func__);
1438                                 goto cifs_parse_mount_err;
1439                         }
1440                         vol->wsize = option;
1441                         break;
1442                 case Opt_actimeo:
1443                         if (get_option_ul(args, &option)) {
1444                                 cERROR(1, "%s: Invalid actimeo value",
1445                                         __func__);
1446                                 goto cifs_parse_mount_err;
1447                         }
1448                         vol->actimeo = HZ * option;
1449                         if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1450                                 cERROR(1, "CIFS: attribute cache"
1451                                           "timeout too large");
1452                                 goto cifs_parse_mount_err;
1453                         }
1454                         break;
1455
1456                 /* String Arguments */
1457
1458                 case Opt_blank_user:
1459                         /* null user, ie. anonymous authentication */
1460                         vol->nullauth = 1;
1461                         vol->username = NULL;
1462                         break;
1463                 case Opt_user:
1464                         string = match_strdup(args);
1465                         if (string == NULL)
1466                                 goto out_nomem;
1467
1468                         if (strnlen(string, MAX_USERNAME_SIZE) >
1469                                                         MAX_USERNAME_SIZE) {
1470                                 printk(KERN_WARNING "CIFS: username too long\n");
1471                                 goto cifs_parse_mount_err;
1472                         }
1473                         vol->username = kstrdup(string, GFP_KERNEL);
1474                         if (!vol->username) {
1475                                 printk(KERN_WARNING "CIFS: no memory "
1476                                                     "for username\n");
1477                                 goto cifs_parse_mount_err;
1478                         }
1479                         break;
1480                 case Opt_blank_pass:
1481                         vol->password = NULL;
1482                         break;
1483                 case Opt_pass:
1484                         /* passwords have to be handled differently
1485                          * to allow the character used for deliminator
1486                          * to be passed within them
1487                          */
1488
1489                         /* Obtain the value string */
1490                         value = strchr(data, '=');
1491                         value++;
1492
1493                         /* Set tmp_end to end of the string */
1494                         tmp_end = (char *) value + strlen(value);
1495
1496                         /* Check if following character is the deliminator
1497                          * If yes, we have encountered a double deliminator
1498                          * reset the NULL character to the deliminator
1499                          */
1500                         if (tmp_end < end && tmp_end[1] == delim) {
1501                                 tmp_end[0] = delim;
1502
1503                                 /* Keep iterating until we get to a single
1504                                  * deliminator OR the end
1505                                  */
1506                                 while ((tmp_end = strchr(tmp_end, delim))
1507                                         != NULL && (tmp_end[1] == delim)) {
1508                                                 tmp_end = (char *) &tmp_end[2];
1509                                 }
1510
1511                                 /* Reset var options to point to next element */
1512                                 if (tmp_end) {
1513                                         tmp_end[0] = '\0';
1514                                         options = (char *) &tmp_end[1];
1515                                 } else
1516                                         /* Reached the end of the mount option
1517                                          * string */
1518                                         options = end;
1519                         }
1520
1521                         /* Now build new password string */
1522                         temp_len = strlen(value);
1523                         vol->password = kzalloc(temp_len+1, GFP_KERNEL);
1524                         if (vol->password == NULL) {
1525                                 printk(KERN_WARNING "CIFS: no memory "
1526                                                     "for password\n");
1527                                 goto cifs_parse_mount_err;
1528                         }
1529
1530                         for (i = 0, j = 0; i < temp_len; i++, j++) {
1531                                 vol->password[j] = value[i];
1532                                 if ((value[i] == delim) &&
1533                                      value[i+1] == delim)
1534                                         /* skip the second deliminator */
1535                                         i++;
1536                         }
1537                         vol->password[j] = '\0';
1538                         break;
1539                 case Opt_blank_ip:
1540                         vol->UNCip = NULL;
1541                         break;
1542                 case Opt_ip:
1543                         string = match_strdup(args);
1544                         if (string == NULL)
1545                                 goto out_nomem;
1546
1547                         if (strnlen(string, INET6_ADDRSTRLEN) >
1548                                                 INET6_ADDRSTRLEN) {
1549                                 printk(KERN_WARNING "CIFS: ip address "
1550                                                     "too long\n");
1551                                 goto cifs_parse_mount_err;
1552                         }
1553                         vol->UNCip = kstrdup(string, GFP_KERNEL);
1554                         if (!vol->UNCip) {
1555                                 printk(KERN_WARNING "CIFS: no memory "
1556                                                     "for UNC IP\n");
1557                                 goto cifs_parse_mount_err;
1558                         }
1559                         break;
1560                 case Opt_unc:
1561                         string = match_strdup(args);
1562                         if (string == NULL)
1563                                 goto out_nomem;
1564
1565                         temp_len = strnlen(string, 300);
1566                         if (temp_len  == 300) {
1567                                 printk(KERN_WARNING "CIFS: UNC name too long\n");
1568                                 goto cifs_parse_mount_err;
1569                         }
1570
1571                         vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1572                         if (vol->UNC == NULL) {
1573                                 printk(KERN_WARNING "CIFS: no memory for UNC\n");
1574                                 goto cifs_parse_mount_err;
1575                         }
1576                         strcpy(vol->UNC, string);
1577
1578                         if (strncmp(string, "//", 2) == 0) {
1579                                 vol->UNC[0] = '\\';
1580                                 vol->UNC[1] = '\\';
1581                         } else if (strncmp(string, "\\\\", 2) != 0) {
1582                                 printk(KERN_WARNING "CIFS: UNC Path does not "
1583                                                     "begin with // or \\\\\n");
1584                                 goto cifs_parse_mount_err;
1585                         }
1586
1587                         break;
1588                 case Opt_domain:
1589                         string = match_strdup(args);
1590                         if (string == NULL)
1591                                 goto out_nomem;
1592
1593                         if (strnlen(string, 256) == 256) {
1594                                 printk(KERN_WARNING "CIFS: domain name too"
1595                                                     " long\n");
1596                                 goto cifs_parse_mount_err;
1597                         }
1598
1599                         vol->domainname = kstrdup(string, GFP_KERNEL);
1600                         if (!vol->domainname) {
1601                                 printk(KERN_WARNING "CIFS: no memory "
1602                                                     "for domainname\n");
1603                                 goto cifs_parse_mount_err;
1604                         }
1605                         cFYI(1, "Domain name set");
1606                         break;
1607                 case Opt_srcaddr:
1608                         string = match_strdup(args);
1609                         if (string == NULL)
1610                                 goto out_nomem;
1611
1612                         if (!cifs_convert_address(
1613                                         (struct sockaddr *)&vol->srcaddr,
1614                                         string, strlen(string))) {
1615                                 printk(KERN_WARNING "CIFS:  Could not parse"
1616                                                     " srcaddr: %s\n", string);
1617                                 goto cifs_parse_mount_err;
1618                         }
1619                         break;
1620                 case Opt_prefixpath:
1621                         string = match_strdup(args);
1622                         if (string == NULL)
1623                                 goto out_nomem;
1624
1625                         temp_len = strnlen(string, 1024);
1626                         if (string[0] != '/')
1627                                 temp_len++; /* missing leading slash */
1628                         if (temp_len > 1024) {
1629                                 printk(KERN_WARNING "CIFS: prefix too long\n");
1630                                 goto cifs_parse_mount_err;
1631                         }
1632
1633                         vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1634                         if (vol->prepath == NULL) {
1635                                 printk(KERN_WARNING "CIFS: no memory "
1636                                                     "for path prefix\n");
1637                                 goto cifs_parse_mount_err;
1638                         }
1639
1640                         if (string[0] != '/') {
1641                                 vol->prepath[0] = '/';
1642                                 strcpy(vol->prepath+1, string);
1643                         } else
1644                                 strcpy(vol->prepath, string);
1645
1646                         break;
1647                 case Opt_iocharset:
1648                         string = match_strdup(args);
1649                         if (string == NULL)
1650                                 goto out_nomem;
1651
1652                         if (strnlen(string, 1024) >= 65) {
1653                                 printk(KERN_WARNING "CIFS: iocharset name "
1654                                                     "too long.\n");
1655                                 goto cifs_parse_mount_err;
1656                         }
1657
1658                          if (strnicmp(string, "default", 7) != 0) {
1659                                 vol->iocharset = kstrdup(string,
1660                                                          GFP_KERNEL);
1661                                 if (!vol->iocharset) {
1662                                         printk(KERN_WARNING "CIFS: no memory"
1663                                                             "for charset\n");
1664                                         goto cifs_parse_mount_err;
1665                                 }
1666                         }
1667                         /* if iocharset not set then load_nls_default
1668                          * is used by caller
1669                          */
1670                         cFYI(1, "iocharset set to %s", string);
1671                         break;
1672                 case Opt_sockopt:
1673                         string = match_strdup(args);
1674                         if (string == NULL)
1675                                 goto out_nomem;
1676
1677                         if (strnicmp(string, "TCP_NODELAY", 11) == 0) {
1678                                 printk(KERN_WARNING "CIFS: the "
1679                                         "sockopt=TCP_NODELAY option has been "
1680                                         "deprecated and will be removed "
1681                                         "in 3.9\n");
1682                                 vol->sockopt_tcp_nodelay = 1;
1683                         }
1684                         break;
1685                 case Opt_netbiosname:
1686                         string = match_strdup(args);
1687                         if (string == NULL)
1688                                 goto out_nomem;
1689
1690                         memset(vol->source_rfc1001_name, 0x20,
1691                                 RFC1001_NAME_LEN);
1692                         /*
1693                          * FIXME: are there cases in which a comma can
1694                          * be valid in workstation netbios name (and
1695                          * need special handling)?
1696                          */
1697                         for (i = 0; i < RFC1001_NAME_LEN; i++) {
1698                                 /* don't ucase netbiosname for user */
1699                                 if (string[i] == 0)
1700                                         break;
1701                                 vol->source_rfc1001_name[i] = string[i];
1702                         }
1703                         /* The string has 16th byte zero still from
1704                          * set at top of the function
1705                          */
1706                         if (i == RFC1001_NAME_LEN && string[i] != 0)
1707                                 printk(KERN_WARNING "CIFS: netbiosname"
1708                                        " longer than 15 truncated.\n");
1709
1710                         break;
1711                 case Opt_servern:
1712                         /* servernetbiosname specified override *SMBSERVER */
1713                         string = match_strdup(args);
1714                         if (string == NULL)
1715                                 goto out_nomem;
1716
1717                         /* last byte, type, is 0x20 for servr type */
1718                         memset(vol->target_rfc1001_name, 0x20,
1719                                 RFC1001_NAME_LEN_WITH_NULL);
1720
1721                         /* BB are there cases in which a comma can be
1722                            valid in this workstation netbios name
1723                            (and need special handling)? */
1724
1725                         /* user or mount helper must uppercase the
1726                            netbios name */
1727                         for (i = 0; i < 15; i++) {
1728                                 if (string[i] == 0)
1729                                         break;
1730                                 vol->target_rfc1001_name[i] = string[i];
1731                         }
1732                         /* The string has 16th byte zero still from
1733                            set at top of the function  */
1734                         if (i == RFC1001_NAME_LEN && string[i] != 0)
1735                                 printk(KERN_WARNING "CIFS: server net"
1736                                        "biosname longer than 15 truncated.\n");
1737                         break;
1738                 case Opt_ver:
1739                         string = match_strdup(args);
1740                         if (string == NULL)
1741                                 goto out_nomem;
1742
1743                         if (strnicmp(string, "1", 1) == 0) {
1744                                 /* This is the default */
1745                                 break;
1746                         }
1747                         /* For all other value, error */
1748                         printk(KERN_WARNING "CIFS: Invalid version"
1749                                             " specified\n");
1750                         goto cifs_parse_mount_err;
1751                 case Opt_vers:
1752                         string = match_strdup(args);
1753                         if (string == NULL)
1754                                 goto out_nomem;
1755
1756                         if (cifs_parse_smb_version(string, vol) != 0)
1757                                 goto cifs_parse_mount_err;
1758                         break;
1759                 case Opt_sec:
1760                         string = match_strdup(args);
1761                         if (string == NULL)
1762                                 goto out_nomem;
1763
1764                         if (cifs_parse_security_flavors(string, vol) != 0)
1765                                 goto cifs_parse_mount_err;
1766                         break;
1767                 case Opt_cache:
1768                         string = match_strdup(args);
1769                         if (string == NULL)
1770                                 goto out_nomem;
1771
1772                         if (cifs_parse_cache_flavor(string, vol) != 0)
1773                                 goto cifs_parse_mount_err;
1774                         break;
1775                 default:
1776                         /*
1777                          * An option we don't recognize. Save it off for later
1778                          * if we haven't already found one
1779                          */
1780                         if (!invalid)
1781                                 invalid = data;
1782                         break;
1783                 }
1784                 /* Free up any allocated string */
1785                 kfree(string);
1786                 string = NULL;
1787         }
1788
1789         if (!sloppy && invalid) {
1790                 printk(KERN_ERR "CIFS: Unknown mount option \"%s\"\n", invalid);
1791                 goto cifs_parse_mount_err;
1792         }
1793
1794 #ifndef CONFIG_KEYS
1795         /* Muliuser mounts require CONFIG_KEYS support */
1796         if (vol->multiuser) {
1797                 cERROR(1, "Multiuser mounts require kernels with "
1798                           "CONFIG_KEYS enabled.");
1799                 goto cifs_parse_mount_err;
1800         }
1801 #endif
1802
1803         if (vol->UNCip == NULL)
1804                 vol->UNCip = &vol->UNC[2];
1805
1806         if (uid_specified)
1807                 vol->override_uid = override_uid;
1808         else if (override_uid == 1)
1809                 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1810                                    "specified with no uid= option.\n");
1811
1812         if (gid_specified)
1813                 vol->override_gid = override_gid;
1814         else if (override_gid == 1)
1815                 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1816                                    "specified with no gid= option.\n");
1817
1818         kfree(mountdata_copy);
1819         return 0;
1820
1821 out_nomem:
1822         printk(KERN_WARNING "Could not allocate temporary buffer\n");
1823 cifs_parse_mount_err:
1824         kfree(string);
1825         kfree(mountdata_copy);
1826         return 1;
1827 }
1828
1829 /** Returns true if srcaddr isn't specified and rhs isn't
1830  * specified, or if srcaddr is specified and
1831  * matches the IP address of the rhs argument.
1832  */
1833 static bool
1834 srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1835 {
1836         switch (srcaddr->sa_family) {
1837         case AF_UNSPEC:
1838                 return (rhs->sa_family == AF_UNSPEC);
1839         case AF_INET: {
1840                 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1841                 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1842                 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1843         }
1844         case AF_INET6: {
1845                 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1846                 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1847                 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1848         }
1849         default:
1850                 WARN_ON(1);
1851                 return false; /* don't expect to be here */
1852         }
1853 }
1854
1855 /*
1856  * If no port is specified in addr structure, we try to match with 445 port
1857  * and if it fails - with 139 ports. It should be called only if address
1858  * families of server and addr are equal.
1859  */
1860 static bool
1861 match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1862 {
1863         __be16 port, *sport;
1864
1865         switch (addr->sa_family) {
1866         case AF_INET:
1867                 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1868                 port = ((struct sockaddr_in *) addr)->sin_port;
1869                 break;
1870         case AF_INET6:
1871                 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1872                 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1873                 break;
1874         default:
1875                 WARN_ON(1);
1876                 return false;
1877         }
1878
1879         if (!port) {
1880                 port = htons(CIFS_PORT);
1881                 if (port == *sport)
1882                         return true;
1883
1884                 port = htons(RFC1001_PORT);
1885         }
1886
1887         return port == *sport;
1888 }
1889
1890 static bool
1891 match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1892               struct sockaddr *srcaddr)
1893 {
1894         switch (addr->sa_family) {
1895         case AF_INET: {
1896                 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1897                 struct sockaddr_in *srv_addr4 =
1898                                         (struct sockaddr_in *)&server->dstaddr;
1899
1900                 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
1901                         return false;
1902                 break;
1903         }
1904         case AF_INET6: {
1905                 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1906                 struct sockaddr_in6 *srv_addr6 =
1907                                         (struct sockaddr_in6 *)&server->dstaddr;
1908
1909                 if (!ipv6_addr_equal(&addr6->sin6_addr,
1910                                      &srv_addr6->sin6_addr))
1911                         return false;
1912                 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
1913                         return false;
1914                 break;
1915         }
1916         default:
1917                 WARN_ON(1);
1918                 return false; /* don't expect to be here */
1919         }
1920
1921         if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1922                 return false;
1923
1924         return true;
1925 }
1926
1927 static bool
1928 match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1929 {
1930         unsigned int secFlags;
1931
1932         if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
1933                 secFlags = vol->secFlg;
1934         else
1935                 secFlags = global_secflags | vol->secFlg;
1936
1937         switch (server->secType) {
1938         case LANMAN:
1939                 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
1940                         return false;
1941                 break;
1942         case NTLMv2:
1943                 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
1944                         return false;
1945                 break;
1946         case NTLM:
1947                 if (!(secFlags & CIFSSEC_MAY_NTLM))
1948                         return false;
1949                 break;
1950         case Kerberos:
1951                 if (!(secFlags & CIFSSEC_MAY_KRB5))
1952                         return false;
1953                 break;
1954         case RawNTLMSSP:
1955                 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
1956                         return false;
1957                 break;
1958         default:
1959                 /* shouldn't happen */
1960                 return false;
1961         }
1962
1963         /* now check if signing mode is acceptable */
1964         if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
1965             (server->sec_mode & SECMODE_SIGN_REQUIRED))
1966                         return false;
1967         else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
1968                  (server->sec_mode &
1969                   (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
1970                         return false;
1971
1972         return true;
1973 }
1974
1975 static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
1976                          struct smb_vol *vol)
1977 {
1978         if ((server->vals != vol->vals) || (server->ops != vol->ops))
1979                 return 0;
1980
1981         if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
1982                 return 0;
1983
1984         if (!match_address(server, addr,
1985                            (struct sockaddr *)&vol->srcaddr))
1986                 return 0;
1987
1988         if (!match_port(server, addr))
1989                 return 0;
1990
1991         if (!match_security(server, vol))
1992                 return 0;
1993
1994         return 1;
1995 }
1996
1997 static struct TCP_Server_Info *
1998 cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
1999 {
2000         struct TCP_Server_Info *server;
2001
2002         spin_lock(&cifs_tcp_ses_lock);
2003         list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
2004                 if (!match_server(server, addr, vol))
2005                         continue;
2006
2007                 ++server->srv_count;
2008                 spin_unlock(&cifs_tcp_ses_lock);
2009                 cFYI(1, "Existing tcp session with server found");
2010                 return server;
2011         }
2012         spin_unlock(&cifs_tcp_ses_lock);
2013         return NULL;
2014 }
2015
2016 static void
2017 cifs_put_tcp_session(struct TCP_Server_Info *server)
2018 {
2019         struct task_struct *task;
2020
2021         spin_lock(&cifs_tcp_ses_lock);
2022         if (--server->srv_count > 0) {
2023                 spin_unlock(&cifs_tcp_ses_lock);
2024                 return;
2025         }
2026
2027         put_net(cifs_net_ns(server));
2028
2029         list_del_init(&server->tcp_ses_list);
2030         spin_unlock(&cifs_tcp_ses_lock);
2031
2032         cancel_delayed_work_sync(&server->echo);
2033
2034         spin_lock(&GlobalMid_Lock);
2035         server->tcpStatus = CifsExiting;
2036         spin_unlock(&GlobalMid_Lock);
2037
2038         cifs_crypto_shash_release(server);
2039         cifs_fscache_release_client_cookie(server);
2040
2041         kfree(server->session_key.response);
2042         server->session_key.response = NULL;
2043         server->session_key.len = 0;
2044
2045         task = xchg(&server->tsk, NULL);
2046         if (task)
2047                 force_sig(SIGKILL, task);
2048 }
2049
2050 static struct TCP_Server_Info *
2051 cifs_get_tcp_session(struct smb_vol *volume_info)
2052 {
2053         struct TCP_Server_Info *tcp_ses = NULL;
2054         struct sockaddr_storage addr;
2055         struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
2056         struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
2057         int rc;
2058
2059         memset(&addr, 0, sizeof(struct sockaddr_storage));
2060
2061         cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
2062
2063         if (volume_info->UNCip && volume_info->UNC) {
2064                 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2065                                         volume_info->UNCip,
2066                                         strlen(volume_info->UNCip),
2067                                         volume_info->port);
2068                 if (!rc) {
2069                         /* we failed translating address */
2070                         rc = -EINVAL;
2071                         goto out_err;
2072                 }
2073         } else if (volume_info->UNCip) {
2074                 /* BB using ip addr as tcp_ses name to connect to the
2075                    DFS root below */
2076                 cERROR(1, "Connecting to DFS root not implemented yet");
2077                 rc = -EINVAL;
2078                 goto out_err;
2079         } else /* which tcp_sess DFS root would we conect to */ {
2080                 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
2081                         "unc=//192.168.1.100/public) specified");
2082                 rc = -EINVAL;
2083                 goto out_err;
2084         }
2085
2086         /* see if we already have a matching tcp_ses */
2087         tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
2088         if (tcp_ses)
2089                 return tcp_ses;
2090
2091         tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
2092         if (!tcp_ses) {
2093                 rc = -ENOMEM;
2094                 goto out_err;
2095         }
2096
2097         rc = cifs_crypto_shash_allocate(tcp_ses);
2098         if (rc) {
2099                 cERROR(1, "could not setup hash structures rc %d", rc);
2100                 goto out_err;
2101         }
2102
2103         tcp_ses->ops = volume_info->ops;
2104         tcp_ses->vals = volume_info->vals;
2105         cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
2106         tcp_ses->hostname = extract_hostname(volume_info->UNC);
2107         if (IS_ERR(tcp_ses->hostname)) {
2108                 rc = PTR_ERR(tcp_ses->hostname);
2109                 goto out_err_crypto_release;
2110         }
2111
2112         tcp_ses->noblocksnd = volume_info->noblocksnd;
2113         tcp_ses->noautotune = volume_info->noautotune;
2114         tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
2115         tcp_ses->in_flight = 0;
2116         tcp_ses->credits = 1;
2117         init_waitqueue_head(&tcp_ses->response_q);
2118         init_waitqueue_head(&tcp_ses->request_q);
2119         INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
2120         mutex_init(&tcp_ses->srv_mutex);
2121         memcpy(tcp_ses->workstation_RFC1001_name,
2122                 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
2123         memcpy(tcp_ses->server_RFC1001_name,
2124                 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
2125         tcp_ses->session_estab = false;
2126         tcp_ses->sequence_number = 0;
2127         tcp_ses->lstrp = jiffies;
2128         spin_lock_init(&tcp_ses->req_lock);
2129         INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
2130         INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
2131         INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
2132
2133         /*
2134          * at this point we are the only ones with the pointer
2135          * to the struct since the kernel thread not created yet
2136          * no need to spinlock this init of tcpStatus or srv_count
2137          */
2138         tcp_ses->tcpStatus = CifsNew;
2139         memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
2140                sizeof(tcp_ses->srcaddr));
2141         ++tcp_ses->srv_count;
2142
2143         if (addr.ss_family == AF_INET6) {
2144                 cFYI(1, "attempting ipv6 connect");
2145                 /* BB should we allow ipv6 on port 139? */
2146                 /* other OS never observed in Wild doing 139 with v6 */
2147                 memcpy(&tcp_ses->dstaddr, sin_server6,
2148                        sizeof(struct sockaddr_in6));
2149         } else
2150                 memcpy(&tcp_ses->dstaddr, sin_server,
2151                        sizeof(struct sockaddr_in));
2152
2153         rc = ip_connect(tcp_ses);
2154         if (rc < 0) {
2155                 cERROR(1, "Error connecting to socket. Aborting operation");
2156                 goto out_err_crypto_release;
2157         }
2158
2159         /*
2160          * since we're in a cifs function already, we know that
2161          * this will succeed. No need for try_module_get().
2162          */
2163         __module_get(THIS_MODULE);
2164         tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
2165                                   tcp_ses, "cifsd");
2166         if (IS_ERR(tcp_ses->tsk)) {
2167                 rc = PTR_ERR(tcp_ses->tsk);
2168                 cERROR(1, "error %d create cifsd thread", rc);
2169                 module_put(THIS_MODULE);
2170                 goto out_err_crypto_release;
2171         }
2172         tcp_ses->tcpStatus = CifsNeedNegotiate;
2173
2174         /* thread spawned, put it on the list */
2175         spin_lock(&cifs_tcp_ses_lock);
2176         list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
2177         spin_unlock(&cifs_tcp_ses_lock);
2178
2179         cifs_fscache_get_client_cookie(tcp_ses);
2180
2181         /* queue echo request delayed work */
2182         queue_delayed_work(cifsiod_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
2183
2184         return tcp_ses;
2185
2186 out_err_crypto_release:
2187         cifs_crypto_shash_release(tcp_ses);
2188
2189         put_net(cifs_net_ns(tcp_ses));
2190
2191 out_err:
2192         if (tcp_ses) {
2193                 if (!IS_ERR(tcp_ses->hostname))
2194                         kfree(tcp_ses->hostname);
2195                 if (tcp_ses->ssocket)
2196                         sock_release(tcp_ses->ssocket);
2197                 kfree(tcp_ses);
2198         }
2199         return ERR_PTR(rc);
2200 }
2201
2202 static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
2203 {
2204         switch (ses->server->secType) {
2205         case Kerberos:
2206                 if (vol->cred_uid != ses->cred_uid)
2207                         return 0;
2208                 break;
2209         default:
2210                 /* NULL username means anonymous session */
2211                 if (ses->user_name == NULL) {
2212                         if (!vol->nullauth)
2213                                 return 0;
2214                         break;
2215                 }
2216
2217                 /* anything else takes username/password */
2218                 if (strncmp(ses->user_name,
2219                             vol->username ? vol->username : "",
2220                             MAX_USERNAME_SIZE))
2221                         return 0;
2222                 if (strlen(vol->username) != 0 &&
2223                     ses->password != NULL &&
2224                     strncmp(ses->password,
2225                             vol->password ? vol->password : "",
2226                             MAX_PASSWORD_SIZE))
2227                         return 0;
2228         }
2229         return 1;
2230 }
2231
2232 static struct cifs_ses *
2233 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
2234 {
2235         struct cifs_ses *ses;
2236
2237         spin_lock(&cifs_tcp_ses_lock);
2238         list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
2239                 if (!match_session(ses, vol))
2240                         continue;
2241                 ++ses->ses_count;
2242                 spin_unlock(&cifs_tcp_ses_lock);
2243                 return ses;
2244         }
2245         spin_unlock(&cifs_tcp_ses_lock);
2246         return NULL;
2247 }
2248
2249 static void
2250 cifs_put_smb_ses(struct cifs_ses *ses)
2251 {
2252         unsigned int xid;
2253         struct TCP_Server_Info *server = ses->server;
2254
2255         cFYI(1, "%s: ses_count=%d", __func__, ses->ses_count);
2256         spin_lock(&cifs_tcp_ses_lock);
2257         if (--ses->ses_count > 0) {
2258                 spin_unlock(&cifs_tcp_ses_lock);
2259                 return;
2260         }
2261
2262         list_del_init(&ses->smb_ses_list);
2263         spin_unlock(&cifs_tcp_ses_lock);
2264
2265         if (ses->status == CifsGood && server->ops->logoff) {
2266                 xid = get_xid();
2267                 server->ops->logoff(xid, ses);
2268                 _free_xid(xid);
2269         }
2270         sesInfoFree(ses);
2271         cifs_put_tcp_session(server);
2272 }
2273
2274 #ifdef CONFIG_KEYS
2275
2276 /* strlen("cifs:a:") + INET6_ADDRSTRLEN + 1 */
2277 #define CIFSCREDS_DESC_SIZE (7 + INET6_ADDRSTRLEN + 1)
2278
2279 /* Populate username and pw fields from keyring if possible */
2280 static int
2281 cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
2282 {
2283         int rc = 0;
2284         char *desc, *delim, *payload;
2285         ssize_t len;
2286         struct key *key;
2287         struct TCP_Server_Info *server = ses->server;
2288         struct sockaddr_in *sa;
2289         struct sockaddr_in6 *sa6;
2290         struct user_key_payload *upayload;
2291
2292         desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
2293         if (!desc)
2294                 return -ENOMEM;
2295
2296         /* try to find an address key first */
2297         switch (server->dstaddr.ss_family) {
2298         case AF_INET:
2299                 sa = (struct sockaddr_in *)&server->dstaddr;
2300                 sprintf(desc, "cifs:a:%pI4", &sa->sin_addr.s_addr);
2301                 break;
2302         case AF_INET6:
2303                 sa6 = (struct sockaddr_in6 *)&server->dstaddr;
2304                 sprintf(desc, "cifs:a:%pI6c", &sa6->sin6_addr.s6_addr);
2305                 break;
2306         default:
2307                 cFYI(1, "Bad ss_family (%hu)", server->dstaddr.ss_family);
2308                 rc = -EINVAL;
2309                 goto out_err;
2310         }
2311
2312         cFYI(1, "%s: desc=%s", __func__, desc);
2313         key = request_key(&key_type_logon, desc, "");
2314         if (IS_ERR(key)) {
2315                 if (!ses->domainName) {
2316                         cFYI(1, "domainName is NULL");
2317                         rc = PTR_ERR(key);
2318                         goto out_err;
2319                 }
2320
2321                 /* didn't work, try to find a domain key */
2322                 sprintf(desc, "cifs:d:%s", ses->domainName);
2323                 cFYI(1, "%s: desc=%s", __func__, desc);
2324                 key = request_key(&key_type_logon, desc, "");
2325                 if (IS_ERR(key)) {
2326                         rc = PTR_ERR(key);
2327                         goto out_err;
2328                 }
2329         }
2330
2331         down_read(&key->sem);
2332         upayload = key->payload.data;
2333         if (IS_ERR_OR_NULL(upayload)) {
2334                 rc = upayload ? PTR_ERR(upayload) : -EINVAL;
2335                 goto out_key_put;
2336         }
2337
2338         /* find first : in payload */
2339         payload = (char *)upayload->data;
2340         delim = strnchr(payload, upayload->datalen, ':');
2341         cFYI(1, "payload=%s", payload);
2342         if (!delim) {
2343                 cFYI(1, "Unable to find ':' in payload (datalen=%d)",
2344                                 upayload->datalen);
2345                 rc = -EINVAL;
2346                 goto out_key_put;
2347         }
2348
2349         len = delim - payload;
2350         if (len > MAX_USERNAME_SIZE || len <= 0) {
2351                 cFYI(1, "Bad value from username search (len=%zd)", len);
2352                 rc = -EINVAL;
2353                 goto out_key_put;
2354         }
2355
2356         vol->username = kstrndup(payload, len, GFP_KERNEL);
2357         if (!vol->username) {
2358                 cFYI(1, "Unable to allocate %zd bytes for username", len);
2359                 rc = -ENOMEM;
2360                 goto out_key_put;
2361         }
2362         cFYI(1, "%s: username=%s", __func__, vol->username);
2363
2364         len = key->datalen - (len + 1);
2365         if (len > MAX_PASSWORD_SIZE || len <= 0) {
2366                 cFYI(1, "Bad len for password search (len=%zd)", len);
2367                 rc = -EINVAL;
2368                 kfree(vol->username);
2369                 vol->username = NULL;
2370                 goto out_key_put;
2371         }
2372
2373         ++delim;
2374         vol->password = kstrndup(delim, len, GFP_KERNEL);
2375         if (!vol->password) {
2376                 cFYI(1, "Unable to allocate %zd bytes for password", len);
2377                 rc = -ENOMEM;
2378                 kfree(vol->username);
2379                 vol->username = NULL;
2380                 goto out_key_put;
2381         }
2382
2383 out_key_put:
2384         up_read(&key->sem);
2385         key_put(key);
2386 out_err:
2387         kfree(desc);
2388         cFYI(1, "%s: returning %d", __func__, rc);
2389         return rc;
2390 }
2391 #else /* ! CONFIG_KEYS */
2392 static inline int
2393 cifs_set_cifscreds(struct smb_vol *vol __attribute__((unused)),
2394                    struct cifs_ses *ses __attribute__((unused)))
2395 {
2396         return -ENOSYS;
2397 }
2398 #endif /* CONFIG_KEYS */
2399
2400 static bool warned_on_ntlm;  /* globals init to false automatically */
2401
2402 static struct cifs_ses *
2403 cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2404 {
2405         int rc = -ENOMEM;
2406         unsigned int xid;
2407         struct cifs_ses *ses;
2408         struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2409         struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2410
2411         xid = get_xid();
2412
2413         ses = cifs_find_smb_ses(server, volume_info);
2414         if (ses) {
2415                 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
2416
2417                 mutex_lock(&ses->session_mutex);
2418                 rc = cifs_negotiate_protocol(xid, ses);
2419                 if (rc) {
2420                         mutex_unlock(&ses->session_mutex);
2421                         /* problem -- put our ses reference */
2422                         cifs_put_smb_ses(ses);
2423                         free_xid(xid);
2424                         return ERR_PTR(rc);
2425                 }
2426                 if (ses->need_reconnect) {
2427                         cFYI(1, "Session needs reconnect");
2428                         rc = cifs_setup_session(xid, ses,
2429                                                 volume_info->local_nls);
2430                         if (rc) {
2431                                 mutex_unlock(&ses->session_mutex);
2432                                 /* problem -- put our reference */
2433                                 cifs_put_smb_ses(ses);
2434                                 free_xid(xid);
2435                                 return ERR_PTR(rc);
2436                         }
2437                 }
2438                 mutex_unlock(&ses->session_mutex);
2439
2440                 /* existing SMB ses has a server reference already */
2441                 cifs_put_tcp_session(server);
2442                 free_xid(xid);
2443                 return ses;
2444         }
2445
2446         cFYI(1, "Existing smb sess not found");
2447         ses = sesInfoAlloc();
2448         if (ses == NULL)
2449                 goto get_ses_fail;
2450
2451         /* new SMB session uses our server ref */
2452         ses->server = server;
2453         if (server->dstaddr.ss_family == AF_INET6)
2454                 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
2455         else
2456                 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
2457
2458         if (volume_info->username) {
2459                 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2460                 if (!ses->user_name)
2461                         goto get_ses_fail;
2462         }
2463
2464         /* volume_info->password freed at unmount */
2465         if (volume_info->password) {
2466                 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2467                 if (!ses->password)
2468                         goto get_ses_fail;
2469         }
2470         if (volume_info->domainname) {
2471                 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2472                 if (!ses->domainName)
2473                         goto get_ses_fail;
2474         }
2475         ses->cred_uid = volume_info->cred_uid;
2476         ses->linux_uid = volume_info->linux_uid;
2477
2478         /* ntlmv2 is much stronger than ntlm security, and has been broadly
2479         supported for many years, time to update default security mechanism */
2480         if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2481                 warned_on_ntlm = true;
2482                 cERROR(1, "default security mechanism requested.  The default "
2483                         "security mechanism will be upgraded from ntlm to "
2484                         "ntlmv2 in kernel release 3.3");
2485         }
2486         ses->overrideSecFlg = volume_info->secFlg;
2487
2488         mutex_lock(&ses->session_mutex);
2489         rc = cifs_negotiate_protocol(xid, ses);
2490         if (!rc)
2491                 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
2492         mutex_unlock(&ses->session_mutex);
2493         if (rc)
2494                 goto get_ses_fail;
2495
2496         /* success, put it on the list */
2497         spin_lock(&cifs_tcp_ses_lock);
2498         list_add(&ses->smb_ses_list, &server->smb_ses_list);
2499         spin_unlock(&cifs_tcp_ses_lock);
2500
2501         free_xid(xid);
2502         return ses;
2503
2504 get_ses_fail:
2505         sesInfoFree(ses);
2506         free_xid(xid);
2507         return ERR_PTR(rc);
2508 }
2509
2510 static int match_tcon(struct cifs_tcon *tcon, const char *unc)
2511 {
2512         if (tcon->tidStatus == CifsExiting)
2513                 return 0;
2514         if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2515                 return 0;
2516         return 1;
2517 }
2518
2519 static struct cifs_tcon *
2520 cifs_find_tcon(struct cifs_ses *ses, const char *unc)
2521 {
2522         struct list_head *tmp;
2523         struct cifs_tcon *tcon;
2524
2525         spin_lock(&cifs_tcp_ses_lock);
2526         list_for_each(tmp, &ses->tcon_list) {
2527                 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
2528                 if (!match_tcon(tcon, unc))
2529                         continue;
2530                 ++tcon->tc_count;
2531                 spin_unlock(&cifs_tcp_ses_lock);
2532                 return tcon;
2533         }
2534         spin_unlock(&cifs_tcp_ses_lock);
2535         return NULL;
2536 }
2537
2538 static void
2539 cifs_put_tcon(struct cifs_tcon *tcon)
2540 {
2541         unsigned int xid;
2542         struct cifs_ses *ses = tcon->ses;
2543
2544         cFYI(1, "%s: tc_count=%d", __func__, tcon->tc_count);
2545         spin_lock(&cifs_tcp_ses_lock);
2546         if (--tcon->tc_count > 0) {
2547                 spin_unlock(&cifs_tcp_ses_lock);
2548                 return;
2549         }
2550
2551         list_del_init(&tcon->tcon_list);
2552         spin_unlock(&cifs_tcp_ses_lock);
2553
2554         xid = get_xid();
2555         if (ses->server->ops->tree_disconnect)
2556                 ses->server->ops->tree_disconnect(xid, tcon);
2557         _free_xid(xid);
2558
2559         cifs_fscache_release_super_cookie(tcon);
2560         tconInfoFree(tcon);
2561         cifs_put_smb_ses(ses);
2562 }
2563
2564 static struct cifs_tcon *
2565 cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
2566 {
2567         int rc, xid;
2568         struct cifs_tcon *tcon;
2569
2570         tcon = cifs_find_tcon(ses, volume_info->UNC);
2571         if (tcon) {
2572                 cFYI(1, "Found match on UNC path");
2573                 /* existing tcon already has a reference */
2574                 cifs_put_smb_ses(ses);
2575                 if (tcon->seal != volume_info->seal)
2576                         cERROR(1, "transport encryption setting "
2577                                    "conflicts with existing tid");
2578                 return tcon;
2579         }
2580
2581         if (!ses->server->ops->tree_connect) {
2582                 rc = -ENOSYS;
2583                 goto out_fail;
2584         }
2585
2586         tcon = tconInfoAlloc();
2587         if (tcon == NULL) {
2588                 rc = -ENOMEM;
2589                 goto out_fail;
2590         }
2591
2592         tcon->ses = ses;
2593         if (volume_info->password) {
2594                 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2595                 if (!tcon->password) {
2596                         rc = -ENOMEM;
2597                         goto out_fail;
2598                 }
2599         }
2600
2601         if (strchr(volume_info->UNC + 3, '\\') == NULL
2602             && strchr(volume_info->UNC + 3, '/') == NULL) {
2603                 cERROR(1, "Missing share name");
2604                 rc = -ENODEV;
2605                 goto out_fail;
2606         }
2607
2608         /*
2609          * BB Do we need to wrap session_mutex around this TCon call and Unix
2610          * SetFS as we do on SessSetup and reconnect?
2611          */
2612         xid = get_xid();
2613         rc = ses->server->ops->tree_connect(xid, ses, volume_info->UNC, tcon,
2614                                             volume_info->local_nls);
2615         free_xid(xid);
2616         cFYI(1, "Tcon rc = %d", rc);
2617         if (rc)
2618                 goto out_fail;
2619
2620         if (volume_info->nodfs) {
2621                 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2622                 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2623         }
2624         tcon->seal = volume_info->seal;
2625         /*
2626          * We can have only one retry value for a connection to a share so for
2627          * resources mounted more than once to the same server share the last
2628          * value passed in for the retry flag is used.
2629          */
2630         tcon->retry = volume_info->retry;
2631         tcon->nocase = volume_info->nocase;
2632         tcon->local_lease = volume_info->local_lease;
2633         INIT_LIST_HEAD(&tcon->pending_opens);
2634
2635         spin_lock(&cifs_tcp_ses_lock);
2636         list_add(&tcon->tcon_list, &ses->tcon_list);
2637         spin_unlock(&cifs_tcp_ses_lock);
2638
2639         cifs_fscache_get_super_cookie(tcon);
2640
2641         return tcon;
2642
2643 out_fail:
2644         tconInfoFree(tcon);
2645         return ERR_PTR(rc);
2646 }
2647
2648 void
2649 cifs_put_tlink(struct tcon_link *tlink)
2650 {
2651         if (!tlink || IS_ERR(tlink))
2652                 return;
2653
2654         if (!atomic_dec_and_test(&tlink->tl_count) ||
2655             test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2656                 tlink->tl_time = jiffies;
2657                 return;
2658         }
2659
2660         if (!IS_ERR(tlink_tcon(tlink)))
2661                 cifs_put_tcon(tlink_tcon(tlink));
2662         kfree(tlink);
2663         return;
2664 }
2665
2666 static inline struct tcon_link *
2667 cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2668 {
2669         return cifs_sb->master_tlink;
2670 }
2671
2672 static int
2673 compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2674 {
2675         struct cifs_sb_info *old = CIFS_SB(sb);
2676         struct cifs_sb_info *new = mnt_data->cifs_sb;
2677
2678         if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2679                 return 0;
2680
2681         if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2682             (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2683                 return 0;
2684
2685         /*
2686          * We want to share sb only if we don't specify an r/wsize or
2687          * specified r/wsize is greater than or equal to existing one.
2688          */
2689         if (new->wsize && new->wsize < old->wsize)
2690                 return 0;
2691
2692         if (new->rsize && new->rsize < old->rsize)
2693                 return 0;
2694
2695         if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2696                 return 0;
2697
2698         if (old->mnt_file_mode != new->mnt_file_mode ||
2699             old->mnt_dir_mode != new->mnt_dir_mode)
2700                 return 0;
2701
2702         if (strcmp(old->local_nls->charset, new->local_nls->charset))
2703                 return 0;
2704
2705         if (old->actimeo != new->actimeo)
2706                 return 0;
2707
2708         return 1;
2709 }
2710
2711 int
2712 cifs_match_super(struct super_block *sb, void *data)
2713 {
2714         struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2715         struct smb_vol *volume_info;
2716         struct cifs_sb_info *cifs_sb;
2717         struct TCP_Server_Info *tcp_srv;
2718         struct cifs_ses *ses;
2719         struct cifs_tcon *tcon;
2720         struct tcon_link *tlink;
2721         struct sockaddr_storage addr;
2722         int rc = 0;
2723
2724         memset(&addr, 0, sizeof(struct sockaddr_storage));
2725
2726         spin_lock(&cifs_tcp_ses_lock);
2727         cifs_sb = CIFS_SB(sb);
2728         tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2729         if (IS_ERR(tlink)) {
2730                 spin_unlock(&cifs_tcp_ses_lock);
2731                 return rc;
2732         }
2733         tcon = tlink_tcon(tlink);
2734         ses = tcon->ses;
2735         tcp_srv = ses->server;
2736
2737         volume_info = mnt_data->vol;
2738
2739         if (!volume_info->UNCip || !volume_info->UNC)
2740                 goto out;
2741
2742         rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2743                                 volume_info->UNCip,
2744                                 strlen(volume_info->UNCip),
2745                                 volume_info->port);
2746         if (!rc)
2747                 goto out;
2748
2749         if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2750             !match_session(ses, volume_info) ||
2751             !match_tcon(tcon, volume_info->UNC)) {
2752                 rc = 0;
2753                 goto out;
2754         }
2755
2756         rc = compare_mount_options(sb, mnt_data);
2757 out:
2758         spin_unlock(&cifs_tcp_ses_lock);
2759         cifs_put_tlink(tlink);
2760         return rc;
2761 }
2762
2763 int
2764 get_dfs_path(const unsigned int xid, struct cifs_ses *ses, const char *old_path,
2765              const struct nls_table *nls_codepage, unsigned int *num_referrals,
2766              struct dfs_info3_param **referrals, int remap)
2767 {
2768         char *temp_unc;
2769         int rc = 0;
2770
2771         if (!ses->server->ops->tree_connect || !ses->server->ops->get_dfs_refer)
2772                 return -ENOSYS;
2773
2774         *num_referrals = 0;
2775         *referrals = NULL;
2776
2777         if (ses->ipc_tid == 0) {
2778                 temp_unc = kmalloc(2 /* for slashes */ +
2779                         strnlen(ses->serverName, SERVER_NAME_LEN_WITH_NULL * 2)
2780                                 + 1 + 4 /* slash IPC$ */ + 2, GFP_KERNEL);
2781                 if (temp_unc == NULL)
2782                         return -ENOMEM;
2783                 temp_unc[0] = '\\';
2784                 temp_unc[1] = '\\';
2785                 strcpy(temp_unc + 2, ses->serverName);
2786                 strcpy(temp_unc + 2 + strlen(ses->serverName), "\\IPC$");
2787                 rc = ses->server->ops->tree_connect(xid, ses, temp_unc, NULL,
2788                                                     nls_codepage);
2789                 cFYI(1, "Tcon rc = %d ipc_tid = %d", rc, ses->ipc_tid);
2790                 kfree(temp_unc);
2791         }
2792         if (rc == 0)
2793                 rc = ses->server->ops->get_dfs_refer(xid, ses, old_path,
2794                                                      referrals, num_referrals,
2795                                                      nls_codepage, remap);
2796         /*
2797          * BB - map targetUNCs to dfs_info3 structures, here or in
2798          * ses->server->ops->get_dfs_refer.
2799          */
2800
2801         return rc;
2802 }
2803
2804 #ifdef CONFIG_DEBUG_LOCK_ALLOC
2805 static struct lock_class_key cifs_key[2];
2806 static struct lock_class_key cifs_slock_key[2];
2807
2808 static inline void
2809 cifs_reclassify_socket4(struct socket *sock)
2810 {
2811         struct sock *sk = sock->sk;
2812         BUG_ON(sock_owned_by_user(sk));
2813         sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2814                 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2815 }
2816
2817 static inline void
2818 cifs_reclassify_socket6(struct socket *sock)
2819 {
2820         struct sock *sk = sock->sk;
2821         BUG_ON(sock_owned_by_user(sk));
2822         sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2823                 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2824 }
2825 #else
2826 static inline void
2827 cifs_reclassify_socket4(struct socket *sock)
2828 {
2829 }
2830
2831 static inline void
2832 cifs_reclassify_socket6(struct socket *sock)
2833 {
2834 }
2835 #endif
2836
2837 /* See RFC1001 section 14 on representation of Netbios names */
2838 static void rfc1002mangle(char *target, char *source, unsigned int length)
2839 {
2840         unsigned int i, j;
2841
2842         for (i = 0, j = 0; i < (length); i++) {
2843                 /* mask a nibble at a time and encode */
2844                 target[j] = 'A' + (0x0F & (source[i] >> 4));
2845                 target[j+1] = 'A' + (0x0F & source[i]);
2846                 j += 2;
2847         }
2848
2849 }
2850
2851 static int
2852 bind_socket(struct TCP_Server_Info *server)
2853 {
2854         int rc = 0;
2855         if (server->srcaddr.ss_family != AF_UNSPEC) {
2856                 /* Bind to the specified local IP address */
2857                 struct socket *socket = server->ssocket;
2858                 rc = socket->ops->bind(socket,
2859                                        (struct sockaddr *) &server->srcaddr,
2860                                        sizeof(server->srcaddr));
2861                 if (rc < 0) {
2862                         struct sockaddr_in *saddr4;
2863                         struct sockaddr_in6 *saddr6;
2864                         saddr4 = (struct sockaddr_in *)&server->srcaddr;
2865                         saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2866                         if (saddr6->sin6_family == AF_INET6)
2867                                 cERROR(1, "cifs: "
2868                                        "Failed to bind to: %pI6c, error: %d",
2869                                        &saddr6->sin6_addr, rc);
2870                         else
2871                                 cERROR(1, "cifs: "
2872                                        "Failed to bind to: %pI4, error: %d",
2873                                        &saddr4->sin_addr.s_addr, rc);
2874                 }
2875         }
2876         return rc;
2877 }
2878
2879 static int
2880 ip_rfc1001_connect(struct TCP_Server_Info *server)
2881 {
2882         int rc = 0;
2883         /*
2884          * some servers require RFC1001 sessinit before sending
2885          * negprot - BB check reconnection in case where second
2886          * sessinit is sent but no second negprot
2887          */
2888         struct rfc1002_session_packet *ses_init_buf;
2889         struct smb_hdr *smb_buf;
2890         ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2891                                GFP_KERNEL);
2892         if (ses_init_buf) {
2893                 ses_init_buf->trailer.session_req.called_len = 32;
2894
2895                 if (server->server_RFC1001_name &&
2896                     server->server_RFC1001_name[0] != 0)
2897                         rfc1002mangle(ses_init_buf->trailer.
2898                                       session_req.called_name,
2899                                       server->server_RFC1001_name,
2900                                       RFC1001_NAME_LEN_WITH_NULL);
2901                 else
2902                         rfc1002mangle(ses_init_buf->trailer.
2903                                       session_req.called_name,
2904                                       DEFAULT_CIFS_CALLED_NAME,
2905                                       RFC1001_NAME_LEN_WITH_NULL);
2906
2907                 ses_init_buf->trailer.session_req.calling_len = 32;
2908
2909                 /*
2910                  * calling name ends in null (byte 16) from old smb
2911                  * convention.
2912                  */
2913                 if (server->workstation_RFC1001_name &&
2914                     server->workstation_RFC1001_name[0] != 0)
2915                         rfc1002mangle(ses_init_buf->trailer.
2916                                       session_req.calling_name,
2917                                       server->workstation_RFC1001_name,
2918                                       RFC1001_NAME_LEN_WITH_NULL);
2919                 else
2920                         rfc1002mangle(ses_init_buf->trailer.
2921                                       session_req.calling_name,
2922                                       "LINUX_CIFS_CLNT",
2923                                       RFC1001_NAME_LEN_WITH_NULL);
2924
2925                 ses_init_buf->trailer.session_req.scope1 = 0;
2926                 ses_init_buf->trailer.session_req.scope2 = 0;
2927                 smb_buf = (struct smb_hdr *)ses_init_buf;
2928
2929                 /* sizeof RFC1002_SESSION_REQUEST with no scope */
2930                 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
2931                 rc = smb_send(server, smb_buf, 0x44);
2932                 kfree(ses_init_buf);
2933                 /*
2934                  * RFC1001 layer in at least one server
2935                  * requires very short break before negprot
2936                  * presumably because not expecting negprot
2937                  * to follow so fast.  This is a simple
2938                  * solution that works without
2939                  * complicating the code and causes no
2940                  * significant slowing down on mount
2941                  * for everyone else
2942                  */
2943                 usleep_range(1000, 2000);
2944         }
2945         /*
2946          * else the negprot may still work without this
2947          * even though malloc failed
2948          */
2949
2950         return rc;
2951 }
2952
2953 static int
2954 generic_ip_connect(struct TCP_Server_Info *server)
2955 {
2956         int rc = 0;
2957         __be16 sport;
2958         int slen, sfamily;
2959         struct socket *socket = server->ssocket;
2960         struct sockaddr *saddr;
2961
2962         saddr = (struct sockaddr *) &server->dstaddr;
2963
2964         if (server->dstaddr.ss_family == AF_INET6) {
2965                 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
2966                 slen = sizeof(struct sockaddr_in6);
2967                 sfamily = AF_INET6;
2968         } else {
2969                 sport = ((struct sockaddr_in *) saddr)->sin_port;
2970                 slen = sizeof(struct sockaddr_in);
2971                 sfamily = AF_INET;
2972         }
2973
2974         if (socket == NULL) {
2975                 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
2976                                    IPPROTO_TCP, &socket, 1);
2977                 if (rc < 0) {
2978                         cERROR(1, "Error %d creating socket", rc);
2979                         server->ssocket = NULL;
2980                         return rc;
2981                 }
2982
2983                 /* BB other socket options to set KEEPALIVE, NODELAY? */
2984                 cFYI(1, "Socket created");
2985                 server->ssocket = socket;
2986                 socket->sk->sk_allocation = GFP_NOFS;
2987                 if (sfamily == AF_INET6)
2988                         cifs_reclassify_socket6(socket);
2989                 else
2990                         cifs_reclassify_socket4(socket);
2991         }
2992
2993         rc = bind_socket(server);
2994         if (rc < 0)
2995                 return rc;
2996
2997         /*
2998          * Eventually check for other socket options to change from
2999          * the default. sock_setsockopt not used because it expects
3000          * user space buffer
3001          */
3002         socket->sk->sk_rcvtimeo = 7 * HZ;
3003         socket->sk->sk_sndtimeo = 5 * HZ;
3004
3005         /* make the bufsizes depend on wsize/rsize and max requests */
3006         if (server->noautotune) {
3007                 if (socket->sk->sk_sndbuf < (200 * 1024))
3008                         socket->sk->sk_sndbuf = 200 * 1024;
3009                 if (socket->sk->sk_rcvbuf < (140 * 1024))
3010                         socket->sk->sk_rcvbuf = 140 * 1024;
3011         }
3012
3013         if (server->tcp_nodelay) {
3014                 int val = 1;
3015                 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
3016                                 (char *)&val, sizeof(val));
3017                 if (rc)
3018                         cFYI(1, "set TCP_NODELAY socket option error %d", rc);
3019         }
3020
3021          cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
3022                  socket->sk->sk_sndbuf,
3023                  socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
3024
3025         rc = socket->ops->connect(socket, saddr, slen, 0);
3026         if (rc < 0) {
3027                 cFYI(1, "Error %d connecting to server", rc);
3028                 sock_release(socket);
3029                 server->ssocket = NULL;
3030                 return rc;
3031         }
3032
3033         if (sport == htons(RFC1001_PORT))
3034                 rc = ip_rfc1001_connect(server);
3035
3036         return rc;
3037 }
3038
3039 static int
3040 ip_connect(struct TCP_Server_Info *server)
3041 {
3042         __be16 *sport;
3043         struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
3044         struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
3045
3046         if (server->dstaddr.ss_family == AF_INET6)
3047                 sport = &addr6->sin6_port;
3048         else
3049                 sport = &addr->sin_port;
3050
3051         if (*sport == 0) {
3052                 int rc;
3053
3054                 /* try with 445 port at first */
3055                 *sport = htons(CIFS_PORT);
3056
3057                 rc = generic_ip_connect(server);
3058                 if (rc >= 0)
3059                         return rc;
3060
3061                 /* if it failed, try with 139 port */
3062                 *sport = htons(RFC1001_PORT);
3063         }
3064
3065         return generic_ip_connect(server);
3066 }
3067
3068 void reset_cifs_unix_caps(unsigned int xid, struct cifs_tcon *tcon,
3069                           struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
3070 {
3071         /* if we are reconnecting then should we check to see if
3072          * any requested capabilities changed locally e.g. via
3073          * remount but we can not do much about it here
3074          * if they have (even if we could detect it by the following)
3075          * Perhaps we could add a backpointer to array of sb from tcon
3076          * or if we change to make all sb to same share the same
3077          * sb as NFS - then we only have one backpointer to sb.
3078          * What if we wanted to mount the server share twice once with
3079          * and once without posixacls or posix paths? */
3080         __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3081
3082         if (vol_info && vol_info->no_linux_ext) {
3083                 tcon->fsUnixInfo.Capability = 0;
3084                 tcon->unix_ext = 0; /* Unix Extensions disabled */
3085                 cFYI(1, "Linux protocol extensions disabled");
3086                 return;
3087         } else if (vol_info)
3088                 tcon->unix_ext = 1; /* Unix Extensions supported */
3089
3090         if (tcon->unix_ext == 0) {
3091                 cFYI(1, "Unix extensions disabled so not set on reconnect");
3092                 return;
3093         }
3094
3095         if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
3096                 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3097                 cFYI(1, "unix caps which server supports %lld", cap);
3098                 /* check for reconnect case in which we do not
3099                    want to change the mount behavior if we can avoid it */
3100                 if (vol_info == NULL) {
3101                         /* turn off POSIX ACL and PATHNAMES if not set
3102                            originally at mount time */
3103                         if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
3104                                 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
3105                         if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
3106                                 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
3107                                         cERROR(1, "POSIXPATH support change");
3108                                 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
3109                         } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
3110                                 cERROR(1, "possible reconnect error");
3111                                 cERROR(1, "server disabled POSIX path support");
3112                         }
3113                 }
3114
3115                 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
3116                         cERROR(1, "per-share encryption not supported yet");
3117
3118                 cap &= CIFS_UNIX_CAP_MASK;
3119                 if (vol_info && vol_info->no_psx_acl)
3120                         cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
3121                 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
3122                         cFYI(1, "negotiated posix acl support");
3123                         if (cifs_sb)
3124                                 cifs_sb->mnt_cifs_flags |=
3125                                         CIFS_MOUNT_POSIXACL;
3126                 }
3127
3128                 if (vol_info && vol_info->posix_paths == 0)
3129                         cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
3130                 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
3131                         cFYI(1, "negotiate posix pathnames");
3132                         if (cifs_sb)
3133                                 cifs_sb->mnt_cifs_flags |=
3134                                         CIFS_MOUNT_POSIX_PATHS;
3135                 }
3136
3137                 cFYI(1, "Negotiate caps 0x%x", (int)cap);
3138 #ifdef CONFIG_CIFS_DEBUG2
3139                 if (cap & CIFS_UNIX_FCNTL_CAP)
3140                         cFYI(1, "FCNTL cap");
3141                 if (cap & CIFS_UNIX_EXTATTR_CAP)
3142                         cFYI(1, "EXTATTR cap");
3143                 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
3144                         cFYI(1, "POSIX path cap");
3145                 if (cap & CIFS_UNIX_XATTR_CAP)
3146                         cFYI(1, "XATTR cap");
3147                 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
3148                         cFYI(1, "POSIX ACL cap");
3149                 if (cap & CIFS_UNIX_LARGE_READ_CAP)
3150                         cFYI(1, "very large read cap");
3151                 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
3152                         cFYI(1, "very large write cap");
3153                 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
3154                         cFYI(1, "transport encryption cap");
3155                 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
3156                         cFYI(1, "mandatory transport encryption cap");
3157 #endif /* CIFS_DEBUG2 */
3158                 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
3159                         if (vol_info == NULL) {
3160                                 cFYI(1, "resetting capabilities failed");
3161                         } else
3162                                 cERROR(1, "Negotiating Unix capabilities "
3163                                            "with the server failed. Consider "
3164                                            "mounting with the Unix Extensions "
3165                                            "disabled if problems are found "
3166                                            "by specifying the nounix mount "
3167                                            "option.");
3168
3169                 }
3170         }
3171 }
3172
3173 void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
3174                         struct cifs_sb_info *cifs_sb)
3175 {
3176         INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
3177
3178         spin_lock_init(&cifs_sb->tlink_tree_lock);
3179         cifs_sb->tlink_tree = RB_ROOT;
3180
3181         /*
3182          * Temporarily set r/wsize for matching superblock. If we end up using
3183          * new sb then client will later negotiate it downward if needed.
3184          */
3185         cifs_sb->rsize = pvolume_info->rsize;
3186         cifs_sb->wsize = pvolume_info->wsize;
3187
3188         cifs_sb->mnt_uid = pvolume_info->linux_uid;
3189         cifs_sb->mnt_gid = pvolume_info->linux_gid;
3190         cifs_sb->mnt_file_mode = pvolume_info->file_mode;
3191         cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
3192         cFYI(1, "file mode: 0x%hx  dir mode: 0x%hx",
3193                 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
3194
3195         cifs_sb->actimeo = pvolume_info->actimeo;
3196         cifs_sb->local_nls = pvolume_info->local_nls;
3197
3198         if (pvolume_info->noperm)
3199                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
3200         if (pvolume_info->setuids)
3201                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
3202         if (pvolume_info->server_ino)
3203                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
3204         if (pvolume_info->remap)
3205                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
3206         if (pvolume_info->no_xattr)
3207                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
3208         if (pvolume_info->sfu_emul)
3209                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
3210         if (pvolume_info->nobrl)
3211                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
3212         if (pvolume_info->nostrictsync)
3213                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
3214         if (pvolume_info->mand_lock)
3215                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
3216         if (pvolume_info->rwpidforward)
3217                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
3218         if (pvolume_info->cifs_acl)
3219                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
3220         if (pvolume_info->backupuid_specified) {
3221                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
3222                 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
3223         }
3224         if (pvolume_info->backupgid_specified) {
3225                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
3226                 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
3227         }
3228         if (pvolume_info->override_uid)
3229                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
3230         if (pvolume_info->override_gid)
3231                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
3232         if (pvolume_info->dynperm)
3233                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
3234         if (pvolume_info->fsc)
3235                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
3236         if (pvolume_info->multiuser)
3237                 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
3238                                             CIFS_MOUNT_NO_PERM);
3239         if (pvolume_info->strict_io)
3240                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
3241         if (pvolume_info->direct_io) {
3242                 cFYI(1, "mounting share using direct i/o");
3243                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
3244         }
3245         if (pvolume_info->mfsymlinks) {
3246                 if (pvolume_info->sfu_emul) {
3247                         cERROR(1,  "mount option mfsymlinks ignored if sfu "
3248                                    "mount option is used");
3249                 } else {
3250                         cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
3251                 }
3252         }
3253
3254         if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
3255                 cERROR(1, "mount option dynperm ignored if cifsacl "
3256                            "mount option supported");
3257 }
3258
3259 static void
3260 cleanup_volume_info_contents(struct smb_vol *volume_info)
3261 {
3262         kfree(volume_info->username);
3263         kzfree(volume_info->password);
3264         if (volume_info->UNCip != volume_info->UNC + 2)
3265                 kfree(volume_info->UNCip);
3266         kfree(volume_info->UNC);
3267         kfree(volume_info->domainname);
3268         kfree(volume_info->iocharset);
3269         kfree(volume_info->prepath);
3270 }
3271
3272 void
3273 cifs_cleanup_volume_info(struct smb_vol *volume_info)
3274 {
3275         if (!volume_info)
3276                 return;
3277         cleanup_volume_info_contents(volume_info);
3278         kfree(volume_info);
3279 }
3280
3281
3282 #ifdef CONFIG_CIFS_DFS_UPCALL
3283 /* build_path_to_root returns full path to root when
3284  * we do not have an exiting connection (tcon) */
3285 static char *
3286 build_unc_path_to_root(const struct smb_vol *vol,
3287                 const struct cifs_sb_info *cifs_sb)
3288 {
3289         char *full_path, *pos;
3290         unsigned int pplen = vol->prepath ? strlen(vol->prepath) : 0;
3291         unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
3292
3293         full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
3294         if (full_path == NULL)
3295                 return ERR_PTR(-ENOMEM);
3296
3297         strncpy(full_path, vol->UNC, unc_len);
3298         pos = full_path + unc_len;
3299
3300         if (pplen) {
3301                 strncpy(pos, vol->prepath, pplen);
3302                 pos += pplen;
3303         }
3304
3305         *pos = '\0'; /* add trailing null */
3306         convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
3307         cFYI(1, "%s: full_path=%s", __func__, full_path);
3308         return full_path;
3309 }
3310
3311 /*
3312  * Perform a dfs referral query for a share and (optionally) prefix
3313  *
3314  * If a referral is found, cifs_sb->mountdata will be (re-)allocated
3315  * to a string containing updated options for the submount.  Otherwise it
3316  * will be left untouched.
3317  *
3318  * Returns the rc from get_dfs_path to the caller, which can be used to
3319  * determine whether there were referrals.
3320  */
3321 static int
3322 expand_dfs_referral(const unsigned int xid, struct cifs_ses *ses,
3323                     struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
3324                     int check_prefix)
3325 {
3326         int rc;
3327         unsigned int num_referrals = 0;
3328         struct dfs_info3_param *referrals = NULL;
3329         char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
3330
3331         full_path = build_unc_path_to_root(volume_info, cifs_sb);
3332         if (IS_ERR(full_path))
3333                 return PTR_ERR(full_path);
3334
3335         /* For DFS paths, skip the first '\' of the UNC */
3336         ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
3337
3338         rc = get_dfs_path(xid, ses, ref_path, cifs_sb->local_nls,
3339                           &num_referrals, &referrals,
3340                           cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
3341
3342         if (!rc && num_referrals > 0) {
3343                 char *fake_devname = NULL;
3344
3345                 mdata = cifs_compose_mount_options(cifs_sb->mountdata,
3346                                                    full_path + 1, referrals,
3347                                                    &fake_devname);
3348
3349                 free_dfs_info_array(referrals, num_referrals);
3350
3351                 if (IS_ERR(mdata)) {
3352                         rc = PTR_ERR(mdata);
3353                         mdata = NULL;
3354                 } else {
3355                         cleanup_volume_info_contents(volume_info);
3356                         memset(volume_info, '\0', sizeof(*volume_info));
3357                         rc = cifs_setup_volume_info(volume_info, mdata,
3358                                                         fake_devname);
3359                 }
3360                 kfree(fake_devname);
3361                 kfree(cifs_sb->mountdata);
3362                 cifs_sb->mountdata = mdata;
3363         }
3364         kfree(full_path);
3365         return rc;
3366 }
3367 #endif
3368
3369 static int
3370 cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
3371                         const char *devname)
3372 {
3373         int rc = 0;
3374
3375         if (cifs_parse_mount_options(mount_data, devname, volume_info))
3376                 return -EINVAL;
3377
3378
3379         if (volume_info->nullauth) {
3380                 cFYI(1, "Anonymous login");
3381                 kfree(volume_info->username);
3382                 volume_info->username = NULL;
3383         } else if (volume_info->username) {
3384                 /* BB fixme parse for domain name here */
3385                 cFYI(1, "Username: %s", volume_info->username);
3386         } else {
3387                 cifserror("No username specified");
3388         /* In userspace mount helper we can get user name from alternate
3389            locations such as env variables and files on disk */
3390                 return -EINVAL;
3391         }
3392
3393         /* this is needed for ASCII cp to Unicode converts */
3394         if (volume_info->iocharset == NULL) {
3395                 /* load_nls_default cannot return null */
3396                 volume_info->local_nls = load_nls_default();
3397         } else {
3398                 volume_info->local_nls = load_nls(volume_info->iocharset);
3399                 if (volume_info->local_nls == NULL) {
3400                         cERROR(1, "CIFS mount error: iocharset %s not found",
3401                                  volume_info->iocharset);
3402                         return -ELIBACC;
3403                 }
3404         }
3405
3406         return rc;
3407 }
3408
3409 struct smb_vol *
3410 cifs_get_volume_info(char *mount_data, const char *devname)
3411 {
3412         int rc;
3413         struct smb_vol *volume_info;
3414
3415         volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
3416         if (!volume_info)
3417                 return ERR_PTR(-ENOMEM);
3418
3419         rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3420         if (rc) {
3421                 cifs_cleanup_volume_info(volume_info);
3422                 volume_info = ERR_PTR(rc);
3423         }
3424
3425         return volume_info;
3426 }
3427
3428 int
3429 cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
3430 {
3431         int rc;
3432         unsigned int xid;
3433         struct cifs_ses *ses;
3434         struct cifs_tcon *tcon;
3435         struct TCP_Server_Info *server;
3436         char   *full_path;
3437         struct tcon_link *tlink;
3438 #ifdef CONFIG_CIFS_DFS_UPCALL
3439         int referral_walks_count = 0;
3440 #endif
3441
3442         rc = bdi_setup_and_register(&cifs_sb->bdi, "cifs", BDI_CAP_MAP_COPY);
3443         if (rc)
3444                 return rc;
3445
3446 #ifdef CONFIG_CIFS_DFS_UPCALL
3447 try_mount_again:
3448         /* cleanup activities if we're chasing a referral */
3449         if (referral_walks_count) {
3450                 if (tcon)
3451                         cifs_put_tcon(tcon);
3452                 else if (ses)
3453                         cifs_put_smb_ses(ses);
3454
3455                 free_xid(xid);
3456         }
3457 #endif
3458         rc = 0;
3459         tcon = NULL;
3460         ses = NULL;
3461         server = NULL;
3462         full_path = NULL;
3463         tlink = NULL;
3464
3465         xid = get_xid();
3466
3467         /* get a reference to a tcp session */
3468         server = cifs_get_tcp_session(volume_info);
3469         if (IS_ERR(server)) {
3470                 rc = PTR_ERR(server);
3471                 bdi_destroy(&cifs_sb->bdi);
3472                 goto out;
3473         }
3474
3475         /* get a reference to a SMB session */
3476         ses = cifs_get_smb_ses(server, volume_info);
3477         if (IS_ERR(ses)) {
3478                 rc = PTR_ERR(ses);
3479                 ses = NULL;
3480                 goto mount_fail_check;
3481         }
3482
3483         /* search for existing tcon to this server share */
3484         tcon = cifs_get_tcon(ses, volume_info);
3485         if (IS_ERR(tcon)) {
3486                 rc = PTR_ERR(tcon);
3487                 tcon = NULL;
3488                 goto remote_path_check;
3489         }
3490
3491         /* tell server which Unix caps we support */
3492         if (cap_unix(tcon->ses)) {
3493                 /* reset of caps checks mount to see if unix extensions
3494                    disabled for just this mount */
3495                 reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
3496                 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3497                     (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3498                      CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3499                         rc = -EACCES;
3500                         goto mount_fail_check;
3501                 }
3502         } else
3503                 tcon->unix_ext = 0; /* server does not support them */
3504
3505         /* do not care if a following call succeed - informational */
3506         if (!tcon->ipc && server->ops->qfs_tcon)
3507                 server->ops->qfs_tcon(xid, tcon);
3508
3509         cifs_sb->wsize = server->ops->negotiate_wsize(tcon, volume_info);
3510         cifs_sb->rsize = server->ops->negotiate_rsize(tcon, volume_info);
3511
3512         /* tune readahead according to rsize */
3513         cifs_sb->bdi.ra_pages = cifs_sb->rsize / PAGE_CACHE_SIZE;
3514
3515 remote_path_check:
3516 #ifdef CONFIG_CIFS_DFS_UPCALL
3517         /*
3518          * Perform an unconditional check for whether there are DFS
3519          * referrals for this path without prefix, to provide support
3520          * for DFS referrals from w2k8 servers which don't seem to respond
3521          * with PATH_NOT_COVERED to requests that include the prefix.
3522          * Chase the referral if found, otherwise continue normally.
3523          */
3524         if (referral_walks_count == 0) {
3525                 int refrc = expand_dfs_referral(xid, ses, volume_info, cifs_sb,
3526                                                 false);
3527                 if (!refrc) {
3528                         referral_walks_count++;
3529                         goto try_mount_again;
3530                 }
3531         }
3532 #endif
3533
3534         /* check if a whole path is not remote */
3535         if (!rc && tcon) {
3536                 if (!server->ops->is_path_accessible) {
3537                         rc = -ENOSYS;
3538                         goto mount_fail_check;
3539                 }
3540                 /* build_path_to_root works only when we have a valid tcon */
3541                 full_path = build_path_to_root(volume_info, cifs_sb, tcon);
3542                 if (full_path == NULL) {
3543                         rc = -ENOMEM;
3544                         goto mount_fail_check;
3545                 }
3546                 rc = server->ops->is_path_accessible(xid, tcon, cifs_sb,
3547                                                      full_path);
3548                 if (rc != 0 && rc != -EREMOTE) {
3549                         kfree(full_path);
3550                         goto mount_fail_check;
3551                 }
3552                 kfree(full_path);
3553         }
3554
3555         /* get referral if needed */
3556         if (rc == -EREMOTE) {
3557 #ifdef CONFIG_CIFS_DFS_UPCALL
3558                 if (referral_walks_count > MAX_NESTED_LINKS) {
3559                         /*
3560                          * BB: when we implement proper loop detection,
3561                          *     we will remove this check. But now we need it
3562                          *     to prevent an indefinite loop if 'DFS tree' is
3563                          *     misconfigured (i.e. has loops).
3564                          */
3565                         rc = -ELOOP;
3566                         goto mount_fail_check;
3567                 }
3568
3569                 rc = expand_dfs_referral(xid, ses, volume_info, cifs_sb, true);
3570
3571                 if (!rc) {
3572                         referral_walks_count++;
3573                         goto try_mount_again;
3574                 }
3575                 goto mount_fail_check;
3576 #else /* No DFS support, return error on mount */
3577                 rc = -EOPNOTSUPP;
3578 #endif
3579         }
3580
3581         if (rc)
3582                 goto mount_fail_check;
3583
3584         /* now, hang the tcon off of the superblock */
3585         tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3586         if (tlink == NULL) {
3587                 rc = -ENOMEM;
3588                 goto mount_fail_check;
3589         }
3590
3591         tlink->tl_uid = ses->linux_uid;
3592         tlink->tl_tcon = tcon;
3593         tlink->tl_time = jiffies;
3594         set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
3595         set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3596
3597         cifs_sb->master_tlink = tlink;
3598         spin_lock(&cifs_sb->tlink_tree_lock);
3599         tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
3600         spin_unlock(&cifs_sb->tlink_tree_lock);
3601
3602         queue_delayed_work(cifsiod_wq, &cifs_sb->prune_tlinks,
3603                                 TLINK_IDLE_EXPIRE);
3604
3605 mount_fail_check:
3606         /* on error free sesinfo and tcon struct if needed */
3607         if (rc) {
3608                 /* If find_unc succeeded then rc == 0 so we can not end */
3609                 /* up accidentally freeing someone elses tcon struct */
3610                 if (tcon)
3611                         cifs_put_tcon(tcon);
3612                 else if (ses)
3613                         cifs_put_smb_ses(ses);
3614                 else
3615                         cifs_put_tcp_session(server);
3616                 bdi_destroy(&cifs_sb->bdi);
3617         }
3618
3619 out:
3620         free_xid(xid);
3621         return rc;
3622 }
3623
3624 /*
3625  * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
3626  * pointer may be NULL.
3627  */
3628 int
3629 CIFSTCon(const unsigned int xid, struct cifs_ses *ses,
3630          const char *tree, struct cifs_tcon *tcon,
3631          const struct nls_table *nls_codepage)
3632 {
3633         struct smb_hdr *smb_buffer;
3634         struct smb_hdr *smb_buffer_response;
3635         TCONX_REQ *pSMB;
3636         TCONX_RSP *pSMBr;
3637         unsigned char *bcc_ptr;
3638         int rc = 0;
3639         int length;
3640         __u16 bytes_left, count;
3641
3642         if (ses == NULL)
3643                 return -EIO;
3644
3645         smb_buffer = cifs_buf_get();
3646         if (smb_buffer == NULL)
3647                 return -ENOMEM;
3648
3649         smb_buffer_response = smb_buffer;
3650
3651         header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3652                         NULL /*no tid */ , 4 /*wct */ );
3653
3654         smb_buffer->Mid = get_next_mid(ses->server);
3655         smb_buffer->Uid = ses->Suid;
3656         pSMB = (TCONX_REQ *) smb_buffer;
3657         pSMBr = (TCONX_RSP *) smb_buffer_response;
3658
3659         pSMB->AndXCommand = 0xFF;
3660         pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
3661         bcc_ptr = &pSMB->Password[0];
3662         if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
3663                 pSMB->PasswordLength = cpu_to_le16(1);  /* minimum */
3664                 *bcc_ptr = 0; /* password is null byte */
3665                 bcc_ptr++;              /* skip password */
3666                 /* already aligned so no need to do it below */
3667         } else {
3668                 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
3669                 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3670                    specified as required (when that support is added to
3671                    the vfs in the future) as only NTLM or the much
3672                    weaker LANMAN (which we do not send by default) is accepted
3673                    by Samba (not sure whether other servers allow
3674                    NTLMv2 password here) */
3675 #ifdef CONFIG_CIFS_WEAK_PW_HASH
3676                 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
3677                     (ses->server->secType == LANMAN))
3678                         calc_lanman_hash(tcon->password, ses->server->cryptkey,
3679                                          ses->server->sec_mode &
3680                                             SECMODE_PW_ENCRYPT ? true : false,
3681                                          bcc_ptr);
3682                 else
3683 #endif /* CIFS_WEAK_PW_HASH */
3684                 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
3685                                         bcc_ptr, nls_codepage);
3686
3687                 bcc_ptr += CIFS_AUTH_RESP_SIZE;
3688                 if (ses->capabilities & CAP_UNICODE) {
3689                         /* must align unicode strings */
3690                         *bcc_ptr = 0; /* null byte password */
3691                         bcc_ptr++;
3692                 }
3693         }
3694
3695         if (ses->server->sec_mode &
3696                         (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
3697                 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3698
3699         if (ses->capabilities & CAP_STATUS32) {
3700                 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3701         }
3702         if (ses->capabilities & CAP_DFS) {
3703                 smb_buffer->Flags2 |= SMBFLG2_DFS;
3704         }
3705         if (ses->capabilities & CAP_UNICODE) {
3706                 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3707                 length =
3708                     cifs_strtoUTF16((__le16 *) bcc_ptr, tree,
3709                         6 /* max utf8 char length in bytes */ *
3710                         (/* server len*/ + 256 /* share len */), nls_codepage);
3711                 bcc_ptr += 2 * length;  /* convert num 16 bit words to bytes */
3712                 bcc_ptr += 2;   /* skip trailing null */
3713         } else {                /* ASCII */
3714                 strcpy(bcc_ptr, tree);
3715                 bcc_ptr += strlen(tree) + 1;
3716         }
3717         strcpy(bcc_ptr, "?????");
3718         bcc_ptr += strlen("?????");
3719         bcc_ptr += 1;
3720         count = bcc_ptr - &pSMB->Password[0];
3721         pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
3722                                         pSMB->hdr.smb_buf_length) + count);
3723         pSMB->ByteCount = cpu_to_le16(count);
3724
3725         rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
3726                          0);
3727
3728         /* above now done in SendReceive */
3729         if ((rc == 0) && (tcon != NULL)) {
3730                 bool is_unicode;
3731
3732                 tcon->tidStatus = CifsGood;
3733                 tcon->need_reconnect = false;
3734                 tcon->tid = smb_buffer_response->Tid;
3735                 bcc_ptr = pByteArea(smb_buffer_response);
3736                 bytes_left = get_bcc(smb_buffer_response);
3737                 length = strnlen(bcc_ptr, bytes_left - 2);
3738                 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3739                         is_unicode = true;
3740                 else
3741                         is_unicode = false;
3742
3743
3744                 /* skip service field (NB: this field is always ASCII) */
3745                 if (length == 3) {
3746                         if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
3747                             (bcc_ptr[2] == 'C')) {
3748                                 cFYI(1, "IPC connection");
3749                                 tcon->ipc = 1;
3750                         }
3751                 } else if (length == 2) {
3752                         if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
3753                                 /* the most common case */
3754                                 cFYI(1, "disk share connection");
3755                         }
3756                 }
3757                 bcc_ptr += length + 1;
3758                 bytes_left -= (length + 1);
3759                 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
3760
3761                 /* mostly informational -- no need to fail on error here */
3762                 kfree(tcon->nativeFileSystem);
3763                 tcon->nativeFileSystem = cifs_strndup_from_utf16(bcc_ptr,
3764                                                       bytes_left, is_unicode,
3765                                                       nls_codepage);
3766
3767                 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
3768
3769                 if ((smb_buffer_response->WordCount == 3) ||
3770                          (smb_buffer_response->WordCount == 7))
3771                         /* field is in same location */
3772                         tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3773                 else
3774                         tcon->Flags = 0;
3775                 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
3776         } else if ((rc == 0) && tcon == NULL) {
3777                 /* all we need to save for IPC$ connection */
3778                 ses->ipc_tid = smb_buffer_response->Tid;
3779         }
3780
3781         cifs_buf_release(smb_buffer);
3782         return rc;
3783 }
3784
3785 void
3786 cifs_umount(struct cifs_sb_info *cifs_sb)
3787 {
3788         struct rb_root *root = &cifs_sb->tlink_tree;
3789         struct rb_node *node;
3790         struct tcon_link *tlink;
3791
3792         cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
3793
3794         spin_lock(&cifs_sb->tlink_tree_lock);
3795         while ((node = rb_first(root))) {
3796                 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3797                 cifs_get_tlink(tlink);
3798                 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3799                 rb_erase(node, root);
3800
3801                 spin_unlock(&cifs_sb->tlink_tree_lock);
3802                 cifs_put_tlink(tlink);
3803                 spin_lock(&cifs_sb->tlink_tree_lock);
3804         }
3805         spin_unlock(&cifs_sb->tlink_tree_lock);
3806
3807         bdi_destroy(&cifs_sb->bdi);
3808         kfree(cifs_sb->mountdata);
3809         unload_nls(cifs_sb->local_nls);
3810         kfree(cifs_sb);
3811 }
3812
3813 int
3814 cifs_negotiate_protocol(const unsigned int xid, struct cifs_ses *ses)
3815 {
3816         int rc = 0;
3817         struct TCP_Server_Info *server = ses->server;
3818
3819         if (!server->ops->need_neg || !server->ops->negotiate)
3820                 return -ENOSYS;
3821
3822         /* only send once per connect */
3823         if (!server->ops->need_neg(server))
3824                 return 0;
3825
3826         set_credits(server, 1);
3827
3828         rc = server->ops->negotiate(xid, ses);
3829         if (rc == 0) {
3830                 spin_lock(&GlobalMid_Lock);
3831                 if (server->tcpStatus == CifsNeedNegotiate)
3832                         server->tcpStatus = CifsGood;
3833                 else
3834                         rc = -EHOSTDOWN;
3835                 spin_unlock(&GlobalMid_Lock);
3836         }
3837
3838         return rc;
3839 }
3840
3841 int
3842 cifs_setup_session(const unsigned int xid, struct cifs_ses *ses,
3843                    struct nls_table *nls_info)
3844 {
3845         int rc = -ENOSYS;
3846         struct TCP_Server_Info *server = ses->server;
3847
3848         ses->flags = 0;
3849         ses->capabilities = server->capabilities;
3850         if (linuxExtEnabled == 0)
3851                 ses->capabilities &= (~server->vals->cap_unix);
3852
3853         cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
3854                  server->sec_mode, server->capabilities, server->timeAdj);
3855
3856         if (server->ops->sess_setup)
3857                 rc = server->ops->sess_setup(xid, ses, nls_info);
3858
3859         if (rc) {
3860                 cERROR(1, "Send error in SessSetup = %d", rc);
3861         } else {
3862                 mutex_lock(&ses->server->srv_mutex);
3863                 if (!server->session_estab) {
3864                         server->session_key.response = ses->auth_key.response;
3865                         server->session_key.len = ses->auth_key.len;
3866                         server->sequence_number = 0x2;
3867                         server->session_estab = true;
3868                         ses->auth_key.response = NULL;
3869                 }
3870                 mutex_unlock(&server->srv_mutex);
3871
3872                 cFYI(1, "CIFS Session Established successfully");
3873                 spin_lock(&GlobalMid_Lock);
3874                 ses->status = CifsGood;
3875                 ses->need_reconnect = false;
3876                 spin_unlock(&GlobalMid_Lock);
3877         }
3878
3879         kfree(ses->auth_key.response);
3880         ses->auth_key.response = NULL;
3881         ses->auth_key.len = 0;
3882         kfree(ses->ntlmssp);
3883         ses->ntlmssp = NULL;
3884
3885         return rc;
3886 }
3887
3888 static int
3889 cifs_set_vol_auth(struct smb_vol *vol, struct cifs_ses *ses)
3890 {
3891         switch (ses->server->secType) {
3892         case Kerberos:
3893                 vol->secFlg = CIFSSEC_MUST_KRB5;
3894                 return 0;
3895         case NTLMv2:
3896                 vol->secFlg = CIFSSEC_MUST_NTLMV2;
3897                 break;
3898         case NTLM:
3899                 vol->secFlg = CIFSSEC_MUST_NTLM;
3900                 break;
3901         case RawNTLMSSP:
3902                 vol->secFlg = CIFSSEC_MUST_NTLMSSP;
3903                 break;
3904         case LANMAN:
3905                 vol->secFlg = CIFSSEC_MUST_LANMAN;
3906                 break;
3907         }
3908
3909         return cifs_set_cifscreds(vol, ses);
3910 }
3911
3912 static struct cifs_tcon *
3913 cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
3914 {
3915         int rc;
3916         struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
3917         struct cifs_ses *ses;
3918         struct cifs_tcon *tcon = NULL;
3919         struct smb_vol *vol_info;
3920
3921         vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
3922         if (vol_info == NULL)
3923                 return ERR_PTR(-ENOMEM);
3924
3925         vol_info->local_nls = cifs_sb->local_nls;
3926         vol_info->linux_uid = fsuid;
3927         vol_info->cred_uid = fsuid;
3928         vol_info->UNC = master_tcon->treeName;
3929         vol_info->retry = master_tcon->retry;
3930         vol_info->nocase = master_tcon->nocase;
3931         vol_info->local_lease = master_tcon->local_lease;
3932         vol_info->no_linux_ext = !master_tcon->unix_ext;
3933
3934         rc = cifs_set_vol_auth(vol_info, master_tcon->ses);
3935         if (rc) {
3936                 tcon = ERR_PTR(rc);
3937                 goto out;
3938         }
3939
3940         /* get a reference for the same TCP session */
3941         spin_lock(&cifs_tcp_ses_lock);
3942         ++master_tcon->ses->server->srv_count;
3943         spin_unlock(&cifs_tcp_ses_lock);
3944
3945         ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
3946         if (IS_ERR(ses)) {
3947                 tcon = (struct cifs_tcon *)ses;
3948                 cifs_put_tcp_session(master_tcon->ses->server);
3949                 goto out;
3950         }
3951
3952         tcon = cifs_get_tcon(ses, vol_info);
3953         if (IS_ERR(tcon)) {
3954                 cifs_put_smb_ses(ses);
3955                 goto out;
3956         }
3957
3958         if (cap_unix(ses))
3959                 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
3960 out:
3961         kfree(vol_info->username);
3962         kfree(vol_info->password);
3963         kfree(vol_info);
3964
3965         return tcon;
3966 }
3967
3968 struct cifs_tcon *
3969 cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
3970 {
3971         return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
3972 }
3973
3974 static int
3975 cifs_sb_tcon_pending_wait(void *unused)
3976 {
3977         schedule();
3978         return signal_pending(current) ? -ERESTARTSYS : 0;
3979 }
3980
3981 /* find and return a tlink with given uid */
3982 static struct tcon_link *
3983 tlink_rb_search(struct rb_root *root, uid_t uid)
3984 {
3985         struct rb_node *node = root->rb_node;
3986         struct tcon_link *tlink;
3987
3988         while (node) {
3989                 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
3990
3991                 if (tlink->tl_uid > uid)
3992                         node = node->rb_left;
3993                 else if (tlink->tl_uid < uid)
3994                         node = node->rb_right;
3995                 else
3996                         return tlink;
3997         }
3998         return NULL;
3999 }
4000
4001 /* insert a tcon_link into the tree */
4002 static void
4003 tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
4004 {
4005         struct rb_node **new = &(root->rb_node), *parent = NULL;
4006         struct tcon_link *tlink;
4007
4008         while (*new) {
4009                 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
4010                 parent = *new;
4011
4012                 if (tlink->tl_uid > new_tlink->tl_uid)
4013                         new = &((*new)->rb_left);
4014                 else
4015                         new = &((*new)->rb_right);
4016         }
4017
4018         rb_link_node(&new_tlink->tl_rbnode, parent, new);
4019         rb_insert_color(&new_tlink->tl_rbnode, root);
4020 }
4021
4022 /*
4023  * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
4024  * current task.
4025  *
4026  * If the superblock doesn't refer to a multiuser mount, then just return
4027  * the master tcon for the mount.
4028  *
4029  * First, search the rbtree for an existing tcon for this fsuid. If one
4030  * exists, then check to see if it's pending construction. If it is then wait
4031  * for construction to complete. Once it's no longer pending, check to see if
4032  * it failed and either return an error or retry construction, depending on
4033  * the timeout.
4034  *
4035  * If one doesn't exist then insert a new tcon_link struct into the tree and
4036  * try to construct a new one.
4037  */
4038 struct tcon_link *
4039 cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
4040 {
4041         int ret;
4042         uid_t fsuid = current_fsuid();
4043         struct tcon_link *tlink, *newtlink;
4044
4045         if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
4046                 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
4047
4048         spin_lock(&cifs_sb->tlink_tree_lock);
4049         tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
4050         if (tlink)
4051                 cifs_get_tlink(tlink);
4052         spin_unlock(&cifs_sb->tlink_tree_lock);
4053
4054         if (tlink == NULL) {
4055                 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
4056                 if (newtlink == NULL)
4057                         return ERR_PTR(-ENOMEM);
4058                 newtlink->tl_uid = fsuid;
4059                 newtlink->tl_tcon = ERR_PTR(-EACCES);
4060                 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
4061                 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
4062                 cifs_get_tlink(newtlink);
4063
4064                 spin_lock(&cifs_sb->tlink_tree_lock);
4065                 /* was one inserted after previous search? */
4066                 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
4067                 if (tlink) {
4068                         cifs_get_tlink(tlink);
4069                         spin_unlock(&cifs_sb->tlink_tree_lock);
4070                         kfree(newtlink);
4071                         goto wait_for_construction;
4072                 }
4073                 tlink = newtlink;
4074                 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
4075                 spin_unlock(&cifs_sb->tlink_tree_lock);
4076         } else {
4077 wait_for_construction:
4078                 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
4079                                   cifs_sb_tcon_pending_wait,
4080                                   TASK_INTERRUPTIBLE);
4081                 if (ret) {
4082                         cifs_put_tlink(tlink);
4083                         return ERR_PTR(ret);
4084                 }
4085
4086                 /* if it's good, return it */
4087                 if (!IS_ERR(tlink->tl_tcon))
4088                         return tlink;
4089
4090                 /* return error if we tried this already recently */
4091                 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
4092                         cifs_put_tlink(tlink);
4093                         return ERR_PTR(-EACCES);
4094                 }
4095
4096                 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
4097                         goto wait_for_construction;
4098         }
4099
4100         tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
4101         clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
4102         wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
4103
4104         if (IS_ERR(tlink->tl_tcon)) {
4105                 cifs_put_tlink(tlink);
4106                 return ERR_PTR(-EACCES);
4107         }
4108
4109         return tlink;
4110 }
4111
4112 /*
4113  * periodic workqueue job that scans tcon_tree for a superblock and closes
4114  * out tcons.
4115  */
4116 static void
4117 cifs_prune_tlinks(struct work_struct *work)
4118 {
4119         struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
4120                                                     prune_tlinks.work);
4121         struct rb_root *root = &cifs_sb->tlink_tree;
4122         struct rb_node *node = rb_first(root);
4123         struct rb_node *tmp;
4124         struct tcon_link *tlink;
4125
4126         /*
4127          * Because we drop the spinlock in the loop in order to put the tlink
4128          * it's not guarded against removal of links from the tree. The only
4129          * places that remove entries from the tree are this function and
4130          * umounts. Because this function is non-reentrant and is canceled
4131          * before umount can proceed, this is safe.
4132          */
4133         spin_lock(&cifs_sb->tlink_tree_lock);
4134         node = rb_first(root);
4135         while (node != NULL) {
4136                 tmp = node;
4137                 node = rb_next(tmp);
4138                 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
4139
4140                 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
4141                     atomic_read(&tlink->tl_count) != 0 ||
4142                     time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
4143                         continue;
4144
4145                 cifs_get_tlink(tlink);
4146                 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
4147                 rb_erase(tmp, root);
4148
4149                 spin_unlock(&cifs_sb->tlink_tree_lock);
4150                 cifs_put_tlink(tlink);
4151                 spin_lock(&cifs_sb->tlink_tree_lock);
4152         }
4153         spin_unlock(&cifs_sb->tlink_tree_lock);
4154
4155         queue_delayed_work(cifsiod_wq, &cifs_sb->prune_tlinks,
4156                                 TLINK_IDLE_EXPIRE);
4157 }