cifs: on CONFIG_HIGHMEM machines, limit the rsize/wsize to the kmap space
[linux-2.6.git] / fs / cifs / connect.c
1 /*
2  *   fs/cifs/connect.c
3  *
4  *   Copyright (C) International Business Machines  Corp., 2002,2009
5  *   Author(s): Steve French (sfrench@us.ibm.com)
6  *
7  *   This library is free software; you can redistribute it and/or modify
8  *   it under the terms of the GNU Lesser General Public License as published
9  *   by the Free Software Foundation; either version 2.1 of the License, or
10  *   (at your option) any later version.
11  *
12  *   This library is distributed in the hope that it will be useful,
13  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
14  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
15  *   the GNU Lesser General Public License for more details.
16  *
17  *   You should have received a copy of the GNU Lesser General Public License
18  *   along with this library; if not, write to the Free Software
19  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20  */
21 #include <linux/fs.h>
22 #include <linux/net.h>
23 #include <linux/string.h>
24 #include <linux/list.h>
25 #include <linux/wait.h>
26 #include <linux/slab.h>
27 #include <linux/pagemap.h>
28 #include <linux/ctype.h>
29 #include <linux/utsname.h>
30 #include <linux/mempool.h>
31 #include <linux/delay.h>
32 #include <linux/completion.h>
33 #include <linux/kthread.h>
34 #include <linux/pagevec.h>
35 #include <linux/freezer.h>
36 #include <linux/namei.h>
37 #include <asm/uaccess.h>
38 #include <asm/processor.h>
39 #include <linux/inet.h>
40 #include <linux/module.h>
41 #include <keys/user-type.h>
42 #include <net/ipv6.h>
43 #include <linux/parser.h>
44
45 #include "cifspdu.h"
46 #include "cifsglob.h"
47 #include "cifsproto.h"
48 #include "cifs_unicode.h"
49 #include "cifs_debug.h"
50 #include "cifs_fs_sb.h"
51 #include "ntlmssp.h"
52 #include "nterr.h"
53 #include "rfc1002pdu.h"
54 #include "fscache.h"
55
56 #define CIFS_PORT 445
57 #define RFC1001_PORT 139
58
59 /* SMB echo "timeout" -- FIXME: tunable? */
60 #define SMB_ECHO_INTERVAL (60 * HZ)
61
62 extern mempool_t *cifs_req_poolp;
63
64 /* FIXME: should these be tunable? */
65 #define TLINK_ERROR_EXPIRE      (1 * HZ)
66 #define TLINK_IDLE_EXPIRE       (600 * HZ)
67
68 enum {
69
70         /* Mount options that take no arguments */
71         Opt_user_xattr, Opt_nouser_xattr,
72         Opt_forceuid, Opt_noforceuid,
73         Opt_noblocksend, Opt_noautotune,
74         Opt_hard, Opt_soft, Opt_perm, Opt_noperm,
75         Opt_mapchars, Opt_nomapchars, Opt_sfu,
76         Opt_nosfu, Opt_nodfs, Opt_posixpaths,
77         Opt_noposixpaths, Opt_nounix,
78         Opt_nocase,
79         Opt_brl, Opt_nobrl,
80         Opt_forcemandatorylock, Opt_setuids,
81         Opt_nosetuids, Opt_dynperm, Opt_nodynperm,
82         Opt_nohard, Opt_nosoft,
83         Opt_nointr, Opt_intr,
84         Opt_nostrictsync, Opt_strictsync,
85         Opt_serverino, Opt_noserverino,
86         Opt_rwpidforward, Opt_cifsacl, Opt_nocifsacl,
87         Opt_acl, Opt_noacl, Opt_locallease,
88         Opt_sign, Opt_seal, Opt_direct,
89         Opt_strictcache, Opt_noac,
90         Opt_fsc, Opt_mfsymlinks,
91         Opt_multiuser, Opt_sloppy,
92
93         /* Mount options which take numeric value */
94         Opt_backupuid, Opt_backupgid, Opt_uid,
95         Opt_cruid, Opt_gid, Opt_file_mode,
96         Opt_dirmode, Opt_port,
97         Opt_rsize, Opt_wsize, Opt_actimeo,
98
99         /* Mount options which take string value */
100         Opt_user, Opt_pass, Opt_ip,
101         Opt_unc, Opt_domain,
102         Opt_srcaddr, Opt_prefixpath,
103         Opt_iocharset, Opt_sockopt,
104         Opt_netbiosname, Opt_servern,
105         Opt_ver, Opt_sec,
106
107         /* Mount options to be ignored */
108         Opt_ignore,
109
110         /* Options which could be blank */
111         Opt_blank_pass,
112         Opt_blank_user,
113         Opt_blank_ip,
114
115         Opt_err
116 };
117
118 static const match_table_t cifs_mount_option_tokens = {
119
120         { Opt_user_xattr, "user_xattr" },
121         { Opt_nouser_xattr, "nouser_xattr" },
122         { Opt_forceuid, "forceuid" },
123         { Opt_noforceuid, "noforceuid" },
124         { Opt_noblocksend, "noblocksend" },
125         { Opt_noautotune, "noautotune" },
126         { Opt_hard, "hard" },
127         { Opt_soft, "soft" },
128         { Opt_perm, "perm" },
129         { Opt_noperm, "noperm" },
130         { Opt_mapchars, "mapchars" },
131         { Opt_nomapchars, "nomapchars" },
132         { Opt_sfu, "sfu" },
133         { Opt_nosfu, "nosfu" },
134         { Opt_nodfs, "nodfs" },
135         { Opt_posixpaths, "posixpaths" },
136         { Opt_noposixpaths, "noposixpaths" },
137         { Opt_nounix, "nounix" },
138         { Opt_nounix, "nolinux" },
139         { Opt_nocase, "nocase" },
140         { Opt_nocase, "ignorecase" },
141         { Opt_brl, "brl" },
142         { Opt_nobrl, "nobrl" },
143         { Opt_nobrl, "nolock" },
144         { Opt_forcemandatorylock, "forcemandatorylock" },
145         { Opt_forcemandatorylock, "forcemand" },
146         { Opt_setuids, "setuids" },
147         { Opt_nosetuids, "nosetuids" },
148         { Opt_dynperm, "dynperm" },
149         { Opt_nodynperm, "nodynperm" },
150         { Opt_nohard, "nohard" },
151         { Opt_nosoft, "nosoft" },
152         { Opt_nointr, "nointr" },
153         { Opt_intr, "intr" },
154         { Opt_nostrictsync, "nostrictsync" },
155         { Opt_strictsync, "strictsync" },
156         { Opt_serverino, "serverino" },
157         { Opt_noserverino, "noserverino" },
158         { Opt_rwpidforward, "rwpidforward" },
159         { Opt_cifsacl, "cifsacl" },
160         { Opt_nocifsacl, "nocifsacl" },
161         { Opt_acl, "acl" },
162         { Opt_noacl, "noacl" },
163         { Opt_locallease, "locallease" },
164         { Opt_sign, "sign" },
165         { Opt_seal, "seal" },
166         { Opt_direct, "direct" },
167         { Opt_direct, "directio" },
168         { Opt_direct, "forcedirectio" },
169         { Opt_strictcache, "strictcache" },
170         { Opt_noac, "noac" },
171         { Opt_fsc, "fsc" },
172         { Opt_mfsymlinks, "mfsymlinks" },
173         { Opt_multiuser, "multiuser" },
174         { Opt_sloppy, "sloppy" },
175
176         { Opt_backupuid, "backupuid=%s" },
177         { Opt_backupgid, "backupgid=%s" },
178         { Opt_uid, "uid=%s" },
179         { Opt_cruid, "cruid=%s" },
180         { Opt_gid, "gid=%s" },
181         { Opt_file_mode, "file_mode=%s" },
182         { Opt_dirmode, "dirmode=%s" },
183         { Opt_dirmode, "dir_mode=%s" },
184         { Opt_port, "port=%s" },
185         { Opt_rsize, "rsize=%s" },
186         { Opt_wsize, "wsize=%s" },
187         { Opt_actimeo, "actimeo=%s" },
188
189         { Opt_blank_user, "user=" },
190         { Opt_blank_user, "username=" },
191         { Opt_user, "user=%s" },
192         { Opt_user, "username=%s" },
193         { Opt_blank_pass, "pass=" },
194         { Opt_pass, "pass=%s" },
195         { Opt_pass, "password=%s" },
196         { Opt_blank_ip, "ip=" },
197         { Opt_blank_ip, "addr=" },
198         { Opt_ip, "ip=%s" },
199         { Opt_ip, "addr=%s" },
200         { Opt_unc, "unc=%s" },
201         { Opt_unc, "target=%s" },
202         { Opt_unc, "path=%s" },
203         { Opt_domain, "dom=%s" },
204         { Opt_domain, "domain=%s" },
205         { Opt_domain, "workgroup=%s" },
206         { Opt_srcaddr, "srcaddr=%s" },
207         { Opt_prefixpath, "prefixpath=%s" },
208         { Opt_iocharset, "iocharset=%s" },
209         { Opt_sockopt, "sockopt=%s" },
210         { Opt_netbiosname, "netbiosname=%s" },
211         { Opt_servern, "servern=%s" },
212         { Opt_ver, "ver=%s" },
213         { Opt_ver, "vers=%s" },
214         { Opt_ver, "version=%s" },
215         { Opt_sec, "sec=%s" },
216
217         { Opt_ignore, "cred" },
218         { Opt_ignore, "credentials" },
219         { Opt_ignore, "cred=%s" },
220         { Opt_ignore, "credentials=%s" },
221         { Opt_ignore, "guest" },
222         { Opt_ignore, "rw" },
223         { Opt_ignore, "ro" },
224         { Opt_ignore, "suid" },
225         { Opt_ignore, "nosuid" },
226         { Opt_ignore, "exec" },
227         { Opt_ignore, "noexec" },
228         { Opt_ignore, "nodev" },
229         { Opt_ignore, "noauto" },
230         { Opt_ignore, "dev" },
231         { Opt_ignore, "mand" },
232         { Opt_ignore, "nomand" },
233         { Opt_ignore, "_netdev" },
234
235         { Opt_err, NULL }
236 };
237
238 enum {
239         Opt_sec_krb5, Opt_sec_krb5i, Opt_sec_krb5p,
240         Opt_sec_ntlmsspi, Opt_sec_ntlmssp,
241         Opt_ntlm, Opt_sec_ntlmi, Opt_sec_ntlmv2i,
242         Opt_sec_nontlm, Opt_sec_lanman,
243         Opt_sec_none,
244
245         Opt_sec_err
246 };
247
248 static const match_table_t cifs_secflavor_tokens = {
249         { Opt_sec_krb5, "krb5" },
250         { Opt_sec_krb5i, "krb5i" },
251         { Opt_sec_krb5p, "krb5p" },
252         { Opt_sec_ntlmsspi, "ntlmsspi" },
253         { Opt_sec_ntlmssp, "ntlmssp" },
254         { Opt_ntlm, "ntlm" },
255         { Opt_sec_ntlmi, "ntlmi" },
256         { Opt_sec_ntlmv2i, "ntlmv2i" },
257         { Opt_sec_nontlm, "nontlm" },
258         { Opt_sec_lanman, "lanman" },
259         { Opt_sec_none, "none" },
260
261         { Opt_sec_err, NULL }
262 };
263
264 static int ip_connect(struct TCP_Server_Info *server);
265 static int generic_ip_connect(struct TCP_Server_Info *server);
266 static void tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink);
267 static void cifs_prune_tlinks(struct work_struct *work);
268 static int cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
269                                         const char *devname);
270
271 /*
272  * cifs tcp session reconnection
273  *
274  * mark tcp session as reconnecting so temporarily locked
275  * mark all smb sessions as reconnecting for tcp session
276  * reconnect tcp session
277  * wake up waiters on reconnection? - (not needed currently)
278  */
279 static int
280 cifs_reconnect(struct TCP_Server_Info *server)
281 {
282         int rc = 0;
283         struct list_head *tmp, *tmp2;
284         struct cifs_ses *ses;
285         struct cifs_tcon *tcon;
286         struct mid_q_entry *mid_entry;
287         struct list_head retry_list;
288
289         spin_lock(&GlobalMid_Lock);
290         if (server->tcpStatus == CifsExiting) {
291                 /* the demux thread will exit normally
292                 next time through the loop */
293                 spin_unlock(&GlobalMid_Lock);
294                 return rc;
295         } else
296                 server->tcpStatus = CifsNeedReconnect;
297         spin_unlock(&GlobalMid_Lock);
298         server->maxBuf = 0;
299
300         cFYI(1, "Reconnecting tcp session");
301
302         /* before reconnecting the tcp session, mark the smb session (uid)
303                 and the tid bad so they are not used until reconnected */
304         cFYI(1, "%s: marking sessions and tcons for reconnect", __func__);
305         spin_lock(&cifs_tcp_ses_lock);
306         list_for_each(tmp, &server->smb_ses_list) {
307                 ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
308                 ses->need_reconnect = true;
309                 ses->ipc_tid = 0;
310                 list_for_each(tmp2, &ses->tcon_list) {
311                         tcon = list_entry(tmp2, struct cifs_tcon, tcon_list);
312                         tcon->need_reconnect = true;
313                 }
314         }
315         spin_unlock(&cifs_tcp_ses_lock);
316
317         /* do not want to be sending data on a socket we are freeing */
318         cFYI(1, "%s: tearing down socket", __func__);
319         mutex_lock(&server->srv_mutex);
320         if (server->ssocket) {
321                 cFYI(1, "State: 0x%x Flags: 0x%lx", server->ssocket->state,
322                         server->ssocket->flags);
323                 kernel_sock_shutdown(server->ssocket, SHUT_WR);
324                 cFYI(1, "Post shutdown state: 0x%x Flags: 0x%lx",
325                         server->ssocket->state,
326                         server->ssocket->flags);
327                 sock_release(server->ssocket);
328                 server->ssocket = NULL;
329         }
330         server->sequence_number = 0;
331         server->session_estab = false;
332         kfree(server->session_key.response);
333         server->session_key.response = NULL;
334         server->session_key.len = 0;
335         server->lstrp = jiffies;
336         mutex_unlock(&server->srv_mutex);
337
338         /* mark submitted MIDs for retry and issue callback */
339         INIT_LIST_HEAD(&retry_list);
340         cFYI(1, "%s: moving mids to private list", __func__);
341         spin_lock(&GlobalMid_Lock);
342         list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
343                 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
344                 if (mid_entry->mid_state == MID_REQUEST_SUBMITTED)
345                         mid_entry->mid_state = MID_RETRY_NEEDED;
346                 list_move(&mid_entry->qhead, &retry_list);
347         }
348         spin_unlock(&GlobalMid_Lock);
349
350         cFYI(1, "%s: issuing mid callbacks", __func__);
351         list_for_each_safe(tmp, tmp2, &retry_list) {
352                 mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
353                 list_del_init(&mid_entry->qhead);
354                 mid_entry->callback(mid_entry);
355         }
356
357         do {
358                 try_to_freeze();
359
360                 /* we should try only the port we connected to before */
361                 rc = generic_ip_connect(server);
362                 if (rc) {
363                         cFYI(1, "reconnect error %d", rc);
364                         msleep(3000);
365                 } else {
366                         atomic_inc(&tcpSesReconnectCount);
367                         spin_lock(&GlobalMid_Lock);
368                         if (server->tcpStatus != CifsExiting)
369                                 server->tcpStatus = CifsNeedNegotiate;
370                         spin_unlock(&GlobalMid_Lock);
371                 }
372         } while (server->tcpStatus == CifsNeedReconnect);
373
374         return rc;
375 }
376
377 /*
378         return codes:
379                 0       not a transact2, or all data present
380                 >0      transact2 with that much data missing
381                 -EINVAL = invalid transact2
382
383  */
384 static int check2ndT2(char *buf)
385 {
386         struct smb_hdr *pSMB = (struct smb_hdr *)buf;
387         struct smb_t2_rsp *pSMBt;
388         int remaining;
389         __u16 total_data_size, data_in_this_rsp;
390
391         if (pSMB->Command != SMB_COM_TRANSACTION2)
392                 return 0;
393
394         /* check for plausible wct, bcc and t2 data and parm sizes */
395         /* check for parm and data offset going beyond end of smb */
396         if (pSMB->WordCount != 10) { /* coalesce_t2 depends on this */
397                 cFYI(1, "invalid transact2 word count");
398                 return -EINVAL;
399         }
400
401         pSMBt = (struct smb_t2_rsp *)pSMB;
402
403         total_data_size = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
404         data_in_this_rsp = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
405
406         if (total_data_size == data_in_this_rsp)
407                 return 0;
408         else if (total_data_size < data_in_this_rsp) {
409                 cFYI(1, "total data %d smaller than data in frame %d",
410                         total_data_size, data_in_this_rsp);
411                 return -EINVAL;
412         }
413
414         remaining = total_data_size - data_in_this_rsp;
415
416         cFYI(1, "missing %d bytes from transact2, check next response",
417                 remaining);
418         if (total_data_size > CIFSMaxBufSize) {
419                 cERROR(1, "TotalDataSize %d is over maximum buffer %d",
420                         total_data_size, CIFSMaxBufSize);
421                 return -EINVAL;
422         }
423         return remaining;
424 }
425
426 static int coalesce_t2(char *second_buf, struct smb_hdr *target_hdr)
427 {
428         struct smb_t2_rsp *pSMBs = (struct smb_t2_rsp *)second_buf;
429         struct smb_t2_rsp *pSMBt  = (struct smb_t2_rsp *)target_hdr;
430         char *data_area_of_tgt;
431         char *data_area_of_src;
432         int remaining;
433         unsigned int byte_count, total_in_tgt;
434         __u16 tgt_total_cnt, src_total_cnt, total_in_src;
435
436         src_total_cnt = get_unaligned_le16(&pSMBs->t2_rsp.TotalDataCount);
437         tgt_total_cnt = get_unaligned_le16(&pSMBt->t2_rsp.TotalDataCount);
438
439         if (tgt_total_cnt != src_total_cnt)
440                 cFYI(1, "total data count of primary and secondary t2 differ "
441                         "source=%hu target=%hu", src_total_cnt, tgt_total_cnt);
442
443         total_in_tgt = get_unaligned_le16(&pSMBt->t2_rsp.DataCount);
444
445         remaining = tgt_total_cnt - total_in_tgt;
446
447         if (remaining < 0) {
448                 cFYI(1, "Server sent too much data. tgt_total_cnt=%hu "
449                         "total_in_tgt=%hu", tgt_total_cnt, total_in_tgt);
450                 return -EPROTO;
451         }
452
453         if (remaining == 0) {
454                 /* nothing to do, ignore */
455                 cFYI(1, "no more data remains");
456                 return 0;
457         }
458
459         total_in_src = get_unaligned_le16(&pSMBs->t2_rsp.DataCount);
460         if (remaining < total_in_src)
461                 cFYI(1, "transact2 2nd response contains too much data");
462
463         /* find end of first SMB data area */
464         data_area_of_tgt = (char *)&pSMBt->hdr.Protocol +
465                                 get_unaligned_le16(&pSMBt->t2_rsp.DataOffset);
466
467         /* validate target area */
468         data_area_of_src = (char *)&pSMBs->hdr.Protocol +
469                                 get_unaligned_le16(&pSMBs->t2_rsp.DataOffset);
470
471         data_area_of_tgt += total_in_tgt;
472
473         total_in_tgt += total_in_src;
474         /* is the result too big for the field? */
475         if (total_in_tgt > USHRT_MAX) {
476                 cFYI(1, "coalesced DataCount too large (%u)", total_in_tgt);
477                 return -EPROTO;
478         }
479         put_unaligned_le16(total_in_tgt, &pSMBt->t2_rsp.DataCount);
480
481         /* fix up the BCC */
482         byte_count = get_bcc(target_hdr);
483         byte_count += total_in_src;
484         /* is the result too big for the field? */
485         if (byte_count > USHRT_MAX) {
486                 cFYI(1, "coalesced BCC too large (%u)", byte_count);
487                 return -EPROTO;
488         }
489         put_bcc(byte_count, target_hdr);
490
491         byte_count = be32_to_cpu(target_hdr->smb_buf_length);
492         byte_count += total_in_src;
493         /* don't allow buffer to overflow */
494         if (byte_count > CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4) {
495                 cFYI(1, "coalesced BCC exceeds buffer size (%u)", byte_count);
496                 return -ENOBUFS;
497         }
498         target_hdr->smb_buf_length = cpu_to_be32(byte_count);
499
500         /* copy second buffer into end of first buffer */
501         memcpy(data_area_of_tgt, data_area_of_src, total_in_src);
502
503         if (remaining != total_in_src) {
504                 /* more responses to go */
505                 cFYI(1, "waiting for more secondary responses");
506                 return 1;
507         }
508
509         /* we are done */
510         cFYI(1, "found the last secondary response");
511         return 0;
512 }
513
514 static void
515 cifs_echo_request(struct work_struct *work)
516 {
517         int rc;
518         struct TCP_Server_Info *server = container_of(work,
519                                         struct TCP_Server_Info, echo.work);
520
521         /*
522          * We cannot send an echo until the NEGOTIATE_PROTOCOL request is
523          * done, which is indicated by maxBuf != 0. Also, no need to ping if
524          * we got a response recently
525          */
526         if (server->maxBuf == 0 ||
527             time_before(jiffies, server->lstrp + SMB_ECHO_INTERVAL - HZ))
528                 goto requeue_echo;
529
530         rc = CIFSSMBEcho(server);
531         if (rc)
532                 cFYI(1, "Unable to send echo request to server: %s",
533                         server->hostname);
534
535 requeue_echo:
536         queue_delayed_work(cifsiod_wq, &server->echo, SMB_ECHO_INTERVAL);
537 }
538
539 static bool
540 allocate_buffers(struct TCP_Server_Info *server)
541 {
542         if (!server->bigbuf) {
543                 server->bigbuf = (char *)cifs_buf_get();
544                 if (!server->bigbuf) {
545                         cERROR(1, "No memory for large SMB response");
546                         msleep(3000);
547                         /* retry will check if exiting */
548                         return false;
549                 }
550         } else if (server->large_buf) {
551                 /* we are reusing a dirty large buf, clear its start */
552                 memset(server->bigbuf, 0, header_size());
553         }
554
555         if (!server->smallbuf) {
556                 server->smallbuf = (char *)cifs_small_buf_get();
557                 if (!server->smallbuf) {
558                         cERROR(1, "No memory for SMB response");
559                         msleep(1000);
560                         /* retry will check if exiting */
561                         return false;
562                 }
563                 /* beginning of smb buffer is cleared in our buf_get */
564         } else {
565                 /* if existing small buf clear beginning */
566                 memset(server->smallbuf, 0, header_size());
567         }
568
569         return true;
570 }
571
572 static bool
573 server_unresponsive(struct TCP_Server_Info *server)
574 {
575         /*
576          * We need to wait 2 echo intervals to make sure we handle such
577          * situations right:
578          * 1s  client sends a normal SMB request
579          * 2s  client gets a response
580          * 30s echo workqueue job pops, and decides we got a response recently
581          *     and don't need to send another
582          * ...
583          * 65s kernel_recvmsg times out, and we see that we haven't gotten
584          *     a response in >60s.
585          */
586         if (server->tcpStatus == CifsGood &&
587             time_after(jiffies, server->lstrp + 2 * SMB_ECHO_INTERVAL)) {
588                 cERROR(1, "Server %s has not responded in %d seconds. "
589                           "Reconnecting...", server->hostname,
590                           (2 * SMB_ECHO_INTERVAL) / HZ);
591                 cifs_reconnect(server);
592                 wake_up(&server->response_q);
593                 return true;
594         }
595
596         return false;
597 }
598
599 /*
600  * kvec_array_init - clone a kvec array, and advance into it
601  * @new:        pointer to memory for cloned array
602  * @iov:        pointer to original array
603  * @nr_segs:    number of members in original array
604  * @bytes:      number of bytes to advance into the cloned array
605  *
606  * This function will copy the array provided in iov to a section of memory
607  * and advance the specified number of bytes into the new array. It returns
608  * the number of segments in the new array. "new" must be at least as big as
609  * the original iov array.
610  */
611 static unsigned int
612 kvec_array_init(struct kvec *new, struct kvec *iov, unsigned int nr_segs,
613                 size_t bytes)
614 {
615         size_t base = 0;
616
617         while (bytes || !iov->iov_len) {
618                 int copy = min(bytes, iov->iov_len);
619
620                 bytes -= copy;
621                 base += copy;
622                 if (iov->iov_len == base) {
623                         iov++;
624                         nr_segs--;
625                         base = 0;
626                 }
627         }
628         memcpy(new, iov, sizeof(*iov) * nr_segs);
629         new->iov_base += base;
630         new->iov_len -= base;
631         return nr_segs;
632 }
633
634 static struct kvec *
635 get_server_iovec(struct TCP_Server_Info *server, unsigned int nr_segs)
636 {
637         struct kvec *new_iov;
638
639         if (server->iov && nr_segs <= server->nr_iov)
640                 return server->iov;
641
642         /* not big enough -- allocate a new one and release the old */
643         new_iov = kmalloc(sizeof(*new_iov) * nr_segs, GFP_NOFS);
644         if (new_iov) {
645                 kfree(server->iov);
646                 server->iov = new_iov;
647                 server->nr_iov = nr_segs;
648         }
649         return new_iov;
650 }
651
652 int
653 cifs_readv_from_socket(struct TCP_Server_Info *server, struct kvec *iov_orig,
654                        unsigned int nr_segs, unsigned int to_read)
655 {
656         int length = 0;
657         int total_read;
658         unsigned int segs;
659         struct msghdr smb_msg;
660         struct kvec *iov;
661
662         iov = get_server_iovec(server, nr_segs);
663         if (!iov)
664                 return -ENOMEM;
665
666         smb_msg.msg_control = NULL;
667         smb_msg.msg_controllen = 0;
668
669         for (total_read = 0; to_read; total_read += length, to_read -= length) {
670                 try_to_freeze();
671
672                 if (server_unresponsive(server)) {
673                         total_read = -EAGAIN;
674                         break;
675                 }
676
677                 segs = kvec_array_init(iov, iov_orig, nr_segs, total_read);
678
679                 length = kernel_recvmsg(server->ssocket, &smb_msg,
680                                         iov, segs, to_read, 0);
681
682                 if (server->tcpStatus == CifsExiting) {
683                         total_read = -ESHUTDOWN;
684                         break;
685                 } else if (server->tcpStatus == CifsNeedReconnect) {
686                         cifs_reconnect(server);
687                         total_read = -EAGAIN;
688                         break;
689                 } else if (length == -ERESTARTSYS ||
690                            length == -EAGAIN ||
691                            length == -EINTR) {
692                         /*
693                          * Minimum sleep to prevent looping, allowing socket
694                          * to clear and app threads to set tcpStatus
695                          * CifsNeedReconnect if server hung.
696                          */
697                         usleep_range(1000, 2000);
698                         length = 0;
699                         continue;
700                 } else if (length <= 0) {
701                         cFYI(1, "Received no data or error: expecting %d "
702                                 "got %d", to_read, length);
703                         cifs_reconnect(server);
704                         total_read = -EAGAIN;
705                         break;
706                 }
707         }
708         return total_read;
709 }
710
711 int
712 cifs_read_from_socket(struct TCP_Server_Info *server, char *buf,
713                       unsigned int to_read)
714 {
715         struct kvec iov;
716
717         iov.iov_base = buf;
718         iov.iov_len = to_read;
719
720         return cifs_readv_from_socket(server, &iov, 1, to_read);
721 }
722
723 static bool
724 is_smb_response(struct TCP_Server_Info *server, unsigned char type)
725 {
726         /*
727          * The first byte big endian of the length field,
728          * is actually not part of the length but the type
729          * with the most common, zero, as regular data.
730          */
731         switch (type) {
732         case RFC1002_SESSION_MESSAGE:
733                 /* Regular SMB response */
734                 return true;
735         case RFC1002_SESSION_KEEP_ALIVE:
736                 cFYI(1, "RFC 1002 session keep alive");
737                 break;
738         case RFC1002_POSITIVE_SESSION_RESPONSE:
739                 cFYI(1, "RFC 1002 positive session response");
740                 break;
741         case RFC1002_NEGATIVE_SESSION_RESPONSE:
742                 /*
743                  * We get this from Windows 98 instead of an error on
744                  * SMB negprot response.
745                  */
746                 cFYI(1, "RFC 1002 negative session response");
747                 /* give server a second to clean up */
748                 msleep(1000);
749                 /*
750                  * Always try 445 first on reconnect since we get NACK
751                  * on some if we ever connected to port 139 (the NACK
752                  * is since we do not begin with RFC1001 session
753                  * initialize frame).
754                  */
755                 cifs_set_port((struct sockaddr *)&server->dstaddr, CIFS_PORT);
756                 cifs_reconnect(server);
757                 wake_up(&server->response_q);
758                 break;
759         default:
760                 cERROR(1, "RFC 1002 unknown response type 0x%x", type);
761                 cifs_reconnect(server);
762         }
763
764         return false;
765 }
766
767 static struct mid_q_entry *
768 find_mid(struct TCP_Server_Info *server, char *buffer)
769 {
770         struct smb_hdr *buf = (struct smb_hdr *)buffer;
771         struct mid_q_entry *mid;
772
773         spin_lock(&GlobalMid_Lock);
774         list_for_each_entry(mid, &server->pending_mid_q, qhead) {
775                 if (mid->mid == buf->Mid &&
776                     mid->mid_state == MID_REQUEST_SUBMITTED &&
777                     le16_to_cpu(mid->command) == buf->Command) {
778                         spin_unlock(&GlobalMid_Lock);
779                         return mid;
780                 }
781         }
782         spin_unlock(&GlobalMid_Lock);
783         return NULL;
784 }
785
786 void
787 dequeue_mid(struct mid_q_entry *mid, bool malformed)
788 {
789 #ifdef CONFIG_CIFS_STATS2
790         mid->when_received = jiffies;
791 #endif
792         spin_lock(&GlobalMid_Lock);
793         if (!malformed)
794                 mid->mid_state = MID_RESPONSE_RECEIVED;
795         else
796                 mid->mid_state = MID_RESPONSE_MALFORMED;
797         list_del_init(&mid->qhead);
798         spin_unlock(&GlobalMid_Lock);
799 }
800
801 static void
802 handle_mid(struct mid_q_entry *mid, struct TCP_Server_Info *server,
803            char *buf, int malformed)
804 {
805         if (malformed == 0 && check2ndT2(buf) > 0) {
806                 mid->multiRsp = true;
807                 if (mid->resp_buf) {
808                         /* merge response - fix up 1st*/
809                         malformed = coalesce_t2(buf, mid->resp_buf);
810                         if (malformed > 0)
811                                 return;
812
813                         /* All parts received or packet is malformed. */
814                         mid->multiEnd = true;
815                         return dequeue_mid(mid, malformed);
816                 }
817                 if (!server->large_buf) {
818                         /*FIXME: switch to already allocated largebuf?*/
819                         cERROR(1, "1st trans2 resp needs bigbuf");
820                 } else {
821                         /* Have first buffer */
822                         mid->resp_buf = buf;
823                         mid->large_buf = true;
824                         server->bigbuf = NULL;
825                 }
826                 return;
827         }
828         mid->resp_buf = buf;
829         mid->large_buf = server->large_buf;
830         /* Was previous buf put in mpx struct for multi-rsp? */
831         if (!mid->multiRsp) {
832                 /* smb buffer will be freed by user thread */
833                 if (server->large_buf)
834                         server->bigbuf = NULL;
835                 else
836                         server->smallbuf = NULL;
837         }
838         dequeue_mid(mid, malformed);
839 }
840
841 static void clean_demultiplex_info(struct TCP_Server_Info *server)
842 {
843         int length;
844
845         /* take it off the list, if it's not already */
846         spin_lock(&cifs_tcp_ses_lock);
847         list_del_init(&server->tcp_ses_list);
848         spin_unlock(&cifs_tcp_ses_lock);
849
850         spin_lock(&GlobalMid_Lock);
851         server->tcpStatus = CifsExiting;
852         spin_unlock(&GlobalMid_Lock);
853         wake_up_all(&server->response_q);
854
855         /* check if we have blocked requests that need to free */
856         spin_lock(&server->req_lock);
857         if (server->credits <= 0)
858                 server->credits = 1;
859         spin_unlock(&server->req_lock);
860         /*
861          * Although there should not be any requests blocked on this queue it
862          * can not hurt to be paranoid and try to wake up requests that may
863          * haven been blocked when more than 50 at time were on the wire to the
864          * same server - they now will see the session is in exit state and get
865          * out of SendReceive.
866          */
867         wake_up_all(&server->request_q);
868         /* give those requests time to exit */
869         msleep(125);
870
871         if (server->ssocket) {
872                 sock_release(server->ssocket);
873                 server->ssocket = NULL;
874         }
875
876         if (!list_empty(&server->pending_mid_q)) {
877                 struct list_head dispose_list;
878                 struct mid_q_entry *mid_entry;
879                 struct list_head *tmp, *tmp2;
880
881                 INIT_LIST_HEAD(&dispose_list);
882                 spin_lock(&GlobalMid_Lock);
883                 list_for_each_safe(tmp, tmp2, &server->pending_mid_q) {
884                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
885                         cFYI(1, "Clearing mid 0x%llx", mid_entry->mid);
886                         mid_entry->mid_state = MID_SHUTDOWN;
887                         list_move(&mid_entry->qhead, &dispose_list);
888                 }
889                 spin_unlock(&GlobalMid_Lock);
890
891                 /* now walk dispose list and issue callbacks */
892                 list_for_each_safe(tmp, tmp2, &dispose_list) {
893                         mid_entry = list_entry(tmp, struct mid_q_entry, qhead);
894                         cFYI(1, "Callback mid 0x%llx", mid_entry->mid);
895                         list_del_init(&mid_entry->qhead);
896                         mid_entry->callback(mid_entry);
897                 }
898                 /* 1/8th of sec is more than enough time for them to exit */
899                 msleep(125);
900         }
901
902         if (!list_empty(&server->pending_mid_q)) {
903                 /*
904                  * mpx threads have not exited yet give them at least the smb
905                  * send timeout time for long ops.
906                  *
907                  * Due to delays on oplock break requests, we need to wait at
908                  * least 45 seconds before giving up on a request getting a
909                  * response and going ahead and killing cifsd.
910                  */
911                 cFYI(1, "Wait for exit from demultiplex thread");
912                 msleep(46000);
913                 /*
914                  * If threads still have not exited they are probably never
915                  * coming home not much else we can do but free the memory.
916                  */
917         }
918
919         kfree(server->hostname);
920         kfree(server->iov);
921         kfree(server);
922
923         length = atomic_dec_return(&tcpSesAllocCount);
924         if (length > 0)
925                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
926                                 GFP_KERNEL);
927 }
928
929 static int
930 standard_receive3(struct TCP_Server_Info *server, struct mid_q_entry *mid)
931 {
932         int length;
933         char *buf = server->smallbuf;
934         unsigned int pdu_length = get_rfc1002_length(buf);
935
936         /* make sure this will fit in a large buffer */
937         if (pdu_length > CIFSMaxBufSize + max_header_size() - 4) {
938                 cERROR(1, "SMB response too long (%u bytes)",
939                         pdu_length);
940                 cifs_reconnect(server);
941                 wake_up(&server->response_q);
942                 return -EAGAIN;
943         }
944
945         /* switch to large buffer if too big for a small one */
946         if (pdu_length > MAX_CIFS_SMALL_BUFFER_SIZE - 4) {
947                 server->large_buf = true;
948                 memcpy(server->bigbuf, buf, server->total_read);
949                 buf = server->bigbuf;
950         }
951
952         /* now read the rest */
953         length = cifs_read_from_socket(server, buf + header_size() - 1,
954                                        pdu_length - header_size() + 1 + 4);
955         if (length < 0)
956                 return length;
957         server->total_read += length;
958
959         dump_smb(buf, server->total_read);
960
961         /*
962          * We know that we received enough to get to the MID as we
963          * checked the pdu_length earlier. Now check to see
964          * if the rest of the header is OK. We borrow the length
965          * var for the rest of the loop to avoid a new stack var.
966          *
967          * 48 bytes is enough to display the header and a little bit
968          * into the payload for debugging purposes.
969          */
970         length = checkSMB(buf, server->total_read);
971         if (length != 0)
972                 cifs_dump_mem("Bad SMB: ", buf,
973                         min_t(unsigned int, server->total_read, 48));
974
975         if (!mid)
976                 return length;
977
978         handle_mid(mid, server, buf, length);
979         return 0;
980 }
981
982 static int
983 cifs_demultiplex_thread(void *p)
984 {
985         int length;
986         struct TCP_Server_Info *server = p;
987         unsigned int pdu_length;
988         char *buf = NULL;
989         struct task_struct *task_to_wake = NULL;
990         struct mid_q_entry *mid_entry;
991
992         current->flags |= PF_MEMALLOC;
993         cFYI(1, "Demultiplex PID: %d", task_pid_nr(current));
994
995         length = atomic_inc_return(&tcpSesAllocCount);
996         if (length > 1)
997                 mempool_resize(cifs_req_poolp, length + cifs_min_rcv,
998                                 GFP_KERNEL);
999
1000         set_freezable();
1001         while (server->tcpStatus != CifsExiting) {
1002                 if (try_to_freeze())
1003                         continue;
1004
1005                 if (!allocate_buffers(server))
1006                         continue;
1007
1008                 server->large_buf = false;
1009                 buf = server->smallbuf;
1010                 pdu_length = 4; /* enough to get RFC1001 header */
1011
1012                 length = cifs_read_from_socket(server, buf, pdu_length);
1013                 if (length < 0)
1014                         continue;
1015                 server->total_read = length;
1016
1017                 /*
1018                  * The right amount was read from socket - 4 bytes,
1019                  * so we can now interpret the length field.
1020                  */
1021                 pdu_length = get_rfc1002_length(buf);
1022
1023                 cFYI(1, "RFC1002 header 0x%x", pdu_length);
1024                 if (!is_smb_response(server, buf[0]))
1025                         continue;
1026
1027                 /* make sure we have enough to get to the MID */
1028                 if (pdu_length < header_size() - 1 - 4) {
1029                         cERROR(1, "SMB response too short (%u bytes)",
1030                                 pdu_length);
1031                         cifs_reconnect(server);
1032                         wake_up(&server->response_q);
1033                         continue;
1034                 }
1035
1036                 /* read down to the MID */
1037                 length = cifs_read_from_socket(server, buf + 4,
1038                                                header_size() - 1 - 4);
1039                 if (length < 0)
1040                         continue;
1041                 server->total_read += length;
1042
1043                 mid_entry = find_mid(server, buf);
1044
1045                 if (!mid_entry || !mid_entry->receive)
1046                         length = standard_receive3(server, mid_entry);
1047                 else
1048                         length = mid_entry->receive(server, mid_entry);
1049
1050                 if (length < 0)
1051                         continue;
1052
1053                 if (server->large_buf)
1054                         buf = server->bigbuf;
1055
1056                 server->lstrp = jiffies;
1057                 if (mid_entry != NULL) {
1058                         if (!mid_entry->multiRsp || mid_entry->multiEnd)
1059                                 mid_entry->callback(mid_entry);
1060                 } else if (!is_valid_oplock_break(buf, server)) {
1061                         cERROR(1, "No task to wake, unknown frame received! "
1062                                    "NumMids %d", atomic_read(&midCount));
1063                         cifs_dump_mem("Received Data is: ", buf, header_size());
1064 #ifdef CONFIG_CIFS_DEBUG2
1065                         cifs_dump_detail(buf);
1066                         cifs_dump_mids(server);
1067 #endif /* CIFS_DEBUG2 */
1068
1069                 }
1070         } /* end while !EXITING */
1071
1072         /* buffer usually freed in free_mid - need to free it here on exit */
1073         cifs_buf_release(server->bigbuf);
1074         if (server->smallbuf) /* no sense logging a debug message if NULL */
1075                 cifs_small_buf_release(server->smallbuf);
1076
1077         task_to_wake = xchg(&server->tsk, NULL);
1078         clean_demultiplex_info(server);
1079
1080         /* if server->tsk was NULL then wait for a signal before exiting */
1081         if (!task_to_wake) {
1082                 set_current_state(TASK_INTERRUPTIBLE);
1083                 while (!signal_pending(current)) {
1084                         schedule();
1085                         set_current_state(TASK_INTERRUPTIBLE);
1086                 }
1087                 set_current_state(TASK_RUNNING);
1088         }
1089
1090         module_put_and_exit(0);
1091 }
1092
1093 /* extract the host portion of the UNC string */
1094 static char *
1095 extract_hostname(const char *unc)
1096 {
1097         const char *src;
1098         char *dst, *delim;
1099         unsigned int len;
1100
1101         /* skip double chars at beginning of string */
1102         /* BB: check validity of these bytes? */
1103         src = unc + 2;
1104
1105         /* delimiter between hostname and sharename is always '\\' now */
1106         delim = strchr(src, '\\');
1107         if (!delim)
1108                 return ERR_PTR(-EINVAL);
1109
1110         len = delim - src;
1111         dst = kmalloc((len + 1), GFP_KERNEL);
1112         if (dst == NULL)
1113                 return ERR_PTR(-ENOMEM);
1114
1115         memcpy(dst, src, len);
1116         dst[len] = '\0';
1117
1118         return dst;
1119 }
1120
1121 static int get_option_ul(substring_t args[], unsigned long *option)
1122 {
1123         int rc;
1124         char *string;
1125
1126         string = match_strdup(args);
1127         if (string == NULL)
1128                 return -ENOMEM;
1129         rc = kstrtoul(string, 0, option);
1130         kfree(string);
1131
1132         return rc;
1133 }
1134
1135
1136 static int cifs_parse_security_flavors(char *value,
1137                                        struct smb_vol *vol)
1138 {
1139
1140         substring_t args[MAX_OPT_ARGS];
1141
1142         switch (match_token(value, cifs_secflavor_tokens, args)) {
1143         case Opt_sec_krb5:
1144                 vol->secFlg |= CIFSSEC_MAY_KRB5;
1145                 break;
1146         case Opt_sec_krb5i:
1147                 vol->secFlg |= CIFSSEC_MAY_KRB5 | CIFSSEC_MUST_SIGN;
1148                 break;
1149         case Opt_sec_krb5p:
1150                 /* vol->secFlg |= CIFSSEC_MUST_SEAL | CIFSSEC_MAY_KRB5; */
1151                 cERROR(1, "Krb5 cifs privacy not supported");
1152                 break;
1153         case Opt_sec_ntlmssp:
1154                 vol->secFlg |= CIFSSEC_MAY_NTLMSSP;
1155                 break;
1156         case Opt_sec_ntlmsspi:
1157                 vol->secFlg |= CIFSSEC_MAY_NTLMSSP | CIFSSEC_MUST_SIGN;
1158                 break;
1159         case Opt_ntlm:
1160                 /* ntlm is default so can be turned off too */
1161                 vol->secFlg |= CIFSSEC_MAY_NTLM;
1162                 break;
1163         case Opt_sec_ntlmi:
1164                 vol->secFlg |= CIFSSEC_MAY_NTLM | CIFSSEC_MUST_SIGN;
1165                 break;
1166         case Opt_sec_nontlm:
1167                 vol->secFlg |= CIFSSEC_MAY_NTLMV2;
1168                 break;
1169         case Opt_sec_ntlmv2i:
1170                 vol->secFlg |= CIFSSEC_MAY_NTLMV2 | CIFSSEC_MUST_SIGN;
1171                 break;
1172 #ifdef CONFIG_CIFS_WEAK_PW_HASH
1173         case Opt_sec_lanman:
1174                 vol->secFlg |= CIFSSEC_MAY_LANMAN;
1175                 break;
1176 #endif
1177         case Opt_sec_none:
1178                 vol->nullauth = 1;
1179                 break;
1180         default:
1181                 cERROR(1, "bad security option: %s", value);
1182                 return 1;
1183         }
1184
1185         return 0;
1186 }
1187
1188 static int
1189 cifs_parse_mount_options(const char *mountdata, const char *devname,
1190                          struct smb_vol *vol)
1191 {
1192         char *data, *end;
1193         char *mountdata_copy = NULL, *options;
1194         unsigned int  temp_len, i, j;
1195         char separator[2];
1196         short int override_uid = -1;
1197         short int override_gid = -1;
1198         bool uid_specified = false;
1199         bool gid_specified = false;
1200         bool sloppy = false;
1201         char *invalid = NULL;
1202         char *nodename = utsname()->nodename;
1203         char *string = NULL;
1204         char *tmp_end, *value;
1205         char delim;
1206
1207         separator[0] = ',';
1208         separator[1] = 0;
1209         delim = separator[0];
1210
1211         /*
1212          * does not have to be perfect mapping since field is
1213          * informational, only used for servers that do not support
1214          * port 445 and it can be overridden at mount time
1215          */
1216         memset(vol->source_rfc1001_name, 0x20, RFC1001_NAME_LEN);
1217         for (i = 0; i < strnlen(nodename, RFC1001_NAME_LEN); i++)
1218                 vol->source_rfc1001_name[i] = toupper(nodename[i]);
1219
1220         vol->source_rfc1001_name[RFC1001_NAME_LEN] = 0;
1221         /* null target name indicates to use *SMBSERVR default called name
1222            if we end up sending RFC1001 session initialize */
1223         vol->target_rfc1001_name[0] = 0;
1224         vol->cred_uid = current_uid();
1225         vol->linux_uid = current_uid();
1226         vol->linux_gid = current_gid();
1227
1228         /* default to only allowing write access to owner of the mount */
1229         vol->dir_mode = vol->file_mode = S_IRUGO | S_IXUGO | S_IWUSR;
1230
1231         /* vol->retry default is 0 (i.e. "soft" limited retry not hard retry) */
1232         /* default is always to request posix paths. */
1233         vol->posix_paths = 1;
1234         /* default to using server inode numbers where available */
1235         vol->server_ino = 1;
1236
1237         vol->actimeo = CIFS_DEF_ACTIMEO;
1238
1239         if (!mountdata)
1240                 goto cifs_parse_mount_err;
1241
1242         mountdata_copy = kstrndup(mountdata, PAGE_SIZE, GFP_KERNEL);
1243         if (!mountdata_copy)
1244                 goto cifs_parse_mount_err;
1245
1246         options = mountdata_copy;
1247         end = options + strlen(options);
1248
1249         if (strncmp(options, "sep=", 4) == 0) {
1250                 if (options[4] != 0) {
1251                         separator[0] = options[4];
1252                         options += 5;
1253                 } else {
1254                         cFYI(1, "Null separator not allowed");
1255                 }
1256         }
1257         vol->backupuid_specified = false; /* no backup intent for a user */
1258         vol->backupgid_specified = false; /* no backup intent for a group */
1259
1260         while ((data = strsep(&options, separator)) != NULL) {
1261                 substring_t args[MAX_OPT_ARGS];
1262                 unsigned long option;
1263                 int token;
1264
1265                 if (!*data)
1266                         continue;
1267
1268                 token = match_token(data, cifs_mount_option_tokens, args);
1269
1270                 switch (token) {
1271
1272                 /* Ingnore the following */
1273                 case Opt_ignore:
1274                         break;
1275
1276                 /* Boolean values */
1277                 case Opt_user_xattr:
1278                         vol->no_xattr = 0;
1279                         break;
1280                 case Opt_nouser_xattr:
1281                         vol->no_xattr = 1;
1282                         break;
1283                 case Opt_forceuid:
1284                         override_uid = 1;
1285                         break;
1286                 case Opt_noforceuid:
1287                         override_uid = 0;
1288                         break;
1289                 case Opt_noblocksend:
1290                         vol->noblocksnd = 1;
1291                         break;
1292                 case Opt_noautotune:
1293                         vol->noautotune = 1;
1294                         break;
1295                 case Opt_hard:
1296                         vol->retry = 1;
1297                         break;
1298                 case Opt_soft:
1299                         vol->retry = 0;
1300                         break;
1301                 case Opt_perm:
1302                         vol->noperm = 0;
1303                         break;
1304                 case Opt_noperm:
1305                         vol->noperm = 1;
1306                         break;
1307                 case Opt_mapchars:
1308                         vol->remap = 1;
1309                         break;
1310                 case Opt_nomapchars:
1311                         vol->remap = 0;
1312                         break;
1313                 case Opt_sfu:
1314                         vol->sfu_emul = 1;
1315                         break;
1316                 case Opt_nosfu:
1317                         vol->sfu_emul = 0;
1318                         break;
1319                 case Opt_nodfs:
1320                         vol->nodfs = 1;
1321                         break;
1322                 case Opt_posixpaths:
1323                         vol->posix_paths = 1;
1324                         break;
1325                 case Opt_noposixpaths:
1326                         vol->posix_paths = 0;
1327                         break;
1328                 case Opt_nounix:
1329                         vol->no_linux_ext = 1;
1330                         break;
1331                 case Opt_nocase:
1332                         vol->nocase = 1;
1333                         break;
1334                 case Opt_brl:
1335                         vol->nobrl =  0;
1336                         break;
1337                 case Opt_nobrl:
1338                         vol->nobrl =  1;
1339                         /*
1340                          * turn off mandatory locking in mode
1341                          * if remote locking is turned off since the
1342                          * local vfs will do advisory
1343                          */
1344                         if (vol->file_mode ==
1345                                 (S_IALLUGO & ~(S_ISUID | S_IXGRP)))
1346                                 vol->file_mode = S_IALLUGO;
1347                         break;
1348                 case Opt_forcemandatorylock:
1349                         vol->mand_lock = 1;
1350                         break;
1351                 case Opt_setuids:
1352                         vol->setuids = 1;
1353                         break;
1354                 case Opt_nosetuids:
1355                         vol->setuids = 0;
1356                         break;
1357                 case Opt_dynperm:
1358                         vol->dynperm = true;
1359                         break;
1360                 case Opt_nodynperm:
1361                         vol->dynperm = false;
1362                         break;
1363                 case Opt_nohard:
1364                         vol->retry = 0;
1365                         break;
1366                 case Opt_nosoft:
1367                         vol->retry = 1;
1368                         break;
1369                 case Opt_nointr:
1370                         vol->intr = 0;
1371                         break;
1372                 case Opt_intr:
1373                         vol->intr = 1;
1374                         break;
1375                 case Opt_nostrictsync:
1376                         vol->nostrictsync = 1;
1377                         break;
1378                 case Opt_strictsync:
1379                         vol->nostrictsync = 0;
1380                         break;
1381                 case Opt_serverino:
1382                         vol->server_ino = 1;
1383                         break;
1384                 case Opt_noserverino:
1385                         vol->server_ino = 0;
1386                         break;
1387                 case Opt_rwpidforward:
1388                         vol->rwpidforward = 1;
1389                         break;
1390                 case Opt_cifsacl:
1391                         vol->cifs_acl = 1;
1392                         break;
1393                 case Opt_nocifsacl:
1394                         vol->cifs_acl = 0;
1395                         break;
1396                 case Opt_acl:
1397                         vol->no_psx_acl = 0;
1398                         break;
1399                 case Opt_noacl:
1400                         vol->no_psx_acl = 1;
1401                         break;
1402                 case Opt_locallease:
1403                         vol->local_lease = 1;
1404                         break;
1405                 case Opt_sign:
1406                         vol->secFlg |= CIFSSEC_MUST_SIGN;
1407                         break;
1408                 case Opt_seal:
1409                         /* we do not do the following in secFlags because seal
1410                          * is a per tree connection (mount) not a per socket
1411                          * or per-smb connection option in the protocol
1412                          * vol->secFlg |= CIFSSEC_MUST_SEAL;
1413                          */
1414                         vol->seal = 1;
1415                         break;
1416                 case Opt_direct:
1417                         vol->direct_io = 1;
1418                         break;
1419                 case Opt_strictcache:
1420                         vol->strict_io = 1;
1421                         break;
1422                 case Opt_noac:
1423                         printk(KERN_WARNING "CIFS: Mount option noac not "
1424                                 "supported. Instead set "
1425                                 "/proc/fs/cifs/LookupCacheEnabled to 0\n");
1426                         break;
1427                 case Opt_fsc:
1428 #ifndef CONFIG_CIFS_FSCACHE
1429                         cERROR(1, "FS-Cache support needs CONFIG_CIFS_FSCACHE "
1430                                   "kernel config option set");
1431                         goto cifs_parse_mount_err;
1432 #endif
1433                         vol->fsc = true;
1434                         break;
1435                 case Opt_mfsymlinks:
1436                         vol->mfsymlinks = true;
1437                         break;
1438                 case Opt_multiuser:
1439                         vol->multiuser = true;
1440                         break;
1441                 case Opt_sloppy:
1442                         sloppy = true;
1443                         break;
1444
1445                 /* Numeric Values */
1446                 case Opt_backupuid:
1447                         if (get_option_ul(args, &option)) {
1448                                 cERROR(1, "%s: Invalid backupuid value",
1449                                         __func__);
1450                                 goto cifs_parse_mount_err;
1451                         }
1452                         vol->backupuid = option;
1453                         vol->backupuid_specified = true;
1454                         break;
1455                 case Opt_backupgid:
1456                         if (get_option_ul(args, &option)) {
1457                                 cERROR(1, "%s: Invalid backupgid value",
1458                                         __func__);
1459                                 goto cifs_parse_mount_err;
1460                         }
1461                         vol->backupgid = option;
1462                         vol->backupgid_specified = true;
1463                         break;
1464                 case Opt_uid:
1465                         if (get_option_ul(args, &option)) {
1466                                 cERROR(1, "%s: Invalid uid value",
1467                                         __func__);
1468                                 goto cifs_parse_mount_err;
1469                         }
1470                         vol->linux_uid = option;
1471                         uid_specified = true;
1472                         break;
1473                 case Opt_cruid:
1474                         if (get_option_ul(args, &option)) {
1475                                 cERROR(1, "%s: Invalid cruid value",
1476                                         __func__);
1477                                 goto cifs_parse_mount_err;
1478                         }
1479                         vol->cred_uid = option;
1480                         break;
1481                 case Opt_gid:
1482                         if (get_option_ul(args, &option)) {
1483                                 cERROR(1, "%s: Invalid gid value",
1484                                                 __func__);
1485                                 goto cifs_parse_mount_err;
1486                         }
1487                         vol->linux_gid = option;
1488                         gid_specified = true;
1489                         break;
1490                 case Opt_file_mode:
1491                         if (get_option_ul(args, &option)) {
1492                                 cERROR(1, "%s: Invalid file_mode value",
1493                                         __func__);
1494                                 goto cifs_parse_mount_err;
1495                         }
1496                         vol->file_mode = option;
1497                         break;
1498                 case Opt_dirmode:
1499                         if (get_option_ul(args, &option)) {
1500                                 cERROR(1, "%s: Invalid dir_mode value",
1501                                         __func__);
1502                                 goto cifs_parse_mount_err;
1503                         }
1504                         vol->dir_mode = option;
1505                         break;
1506                 case Opt_port:
1507                         if (get_option_ul(args, &option)) {
1508                                 cERROR(1, "%s: Invalid port value",
1509                                         __func__);
1510                                 goto cifs_parse_mount_err;
1511                         }
1512                         vol->port = option;
1513                         break;
1514                 case Opt_rsize:
1515                         if (get_option_ul(args, &option)) {
1516                                 cERROR(1, "%s: Invalid rsize value",
1517                                         __func__);
1518                                 goto cifs_parse_mount_err;
1519                         }
1520                         vol->rsize = option;
1521                         break;
1522                 case Opt_wsize:
1523                         if (get_option_ul(args, &option)) {
1524                                 cERROR(1, "%s: Invalid wsize value",
1525                                         __func__);
1526                                 goto cifs_parse_mount_err;
1527                         }
1528                         vol->wsize = option;
1529                         break;
1530                 case Opt_actimeo:
1531                         if (get_option_ul(args, &option)) {
1532                                 cERROR(1, "%s: Invalid actimeo value",
1533                                         __func__);
1534                                 goto cifs_parse_mount_err;
1535                         }
1536                         vol->actimeo = HZ * option;
1537                         if (vol->actimeo > CIFS_MAX_ACTIMEO) {
1538                                 cERROR(1, "CIFS: attribute cache"
1539                                           "timeout too large");
1540                                 goto cifs_parse_mount_err;
1541                         }
1542                         break;
1543
1544                 /* String Arguments */
1545
1546                 case Opt_blank_user:
1547                         /* null user, ie. anonymous authentication */
1548                         vol->nullauth = 1;
1549                         vol->username = NULL;
1550                         break;
1551                 case Opt_user:
1552                         string = match_strdup(args);
1553                         if (string == NULL)
1554                                 goto out_nomem;
1555
1556                         if (strnlen(string, MAX_USERNAME_SIZE) >
1557                                                         MAX_USERNAME_SIZE) {
1558                                 printk(KERN_WARNING "CIFS: username too long\n");
1559                                 goto cifs_parse_mount_err;
1560                         }
1561                         vol->username = kstrdup(string, GFP_KERNEL);
1562                         if (!vol->username) {
1563                                 printk(KERN_WARNING "CIFS: no memory "
1564                                                     "for username\n");
1565                                 goto cifs_parse_mount_err;
1566                         }
1567                         break;
1568                 case Opt_blank_pass:
1569                         vol->password = NULL;
1570                         break;
1571                 case Opt_pass:
1572                         /* passwords have to be handled differently
1573                          * to allow the character used for deliminator
1574                          * to be passed within them
1575                          */
1576
1577                         /* Obtain the value string */
1578                         value = strchr(data, '=');
1579                         value++;
1580
1581                         /* Set tmp_end to end of the string */
1582                         tmp_end = (char *) value + strlen(value);
1583
1584                         /* Check if following character is the deliminator
1585                          * If yes, we have encountered a double deliminator
1586                          * reset the NULL character to the deliminator
1587                          */
1588                         if (tmp_end < end && tmp_end[1] == delim) {
1589                                 tmp_end[0] = delim;
1590
1591                                 /* Keep iterating until we get to a single
1592                                  * deliminator OR the end
1593                                  */
1594                                 while ((tmp_end = strchr(tmp_end, delim))
1595                                         != NULL && (tmp_end[1] == delim)) {
1596                                                 tmp_end = (char *) &tmp_end[2];
1597                                 }
1598
1599                                 /* Reset var options to point to next element */
1600                                 if (tmp_end) {
1601                                         tmp_end[0] = '\0';
1602                                         options = (char *) &tmp_end[1];
1603                                 } else
1604                                         /* Reached the end of the mount option
1605                                          * string */
1606                                         options = end;
1607                         }
1608
1609                         /* Now build new password string */
1610                         temp_len = strlen(value);
1611                         vol->password = kzalloc(temp_len+1, GFP_KERNEL);
1612                         if (vol->password == NULL) {
1613                                 printk(KERN_WARNING "CIFS: no memory "
1614                                                     "for password\n");
1615                                 goto cifs_parse_mount_err;
1616                         }
1617
1618                         for (i = 0, j = 0; i < temp_len; i++, j++) {
1619                                 vol->password[j] = value[i];
1620                                 if ((value[i] == delim) &&
1621                                      value[i+1] == delim)
1622                                         /* skip the second deliminator */
1623                                         i++;
1624                         }
1625                         vol->password[j] = '\0';
1626                         break;
1627                 case Opt_blank_ip:
1628                         vol->UNCip = NULL;
1629                         break;
1630                 case Opt_ip:
1631                         string = match_strdup(args);
1632                         if (string == NULL)
1633                                 goto out_nomem;
1634
1635                         if (strnlen(string, INET6_ADDRSTRLEN) >
1636                                                 INET6_ADDRSTRLEN) {
1637                                 printk(KERN_WARNING "CIFS: ip address "
1638                                                     "too long\n");
1639                                 goto cifs_parse_mount_err;
1640                         }
1641                         vol->UNCip = kstrdup(string, GFP_KERNEL);
1642                         if (!vol->UNCip) {
1643                                 printk(KERN_WARNING "CIFS: no memory "
1644                                                     "for UNC IP\n");
1645                                 goto cifs_parse_mount_err;
1646                         }
1647                         break;
1648                 case Opt_unc:
1649                         string = match_strdup(args);
1650                         if (string == NULL)
1651                                 goto out_nomem;
1652
1653                         temp_len = strnlen(string, 300);
1654                         if (temp_len  == 300) {
1655                                 printk(KERN_WARNING "CIFS: UNC name too long\n");
1656                                 goto cifs_parse_mount_err;
1657                         }
1658
1659                         vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1660                         if (vol->UNC == NULL) {
1661                                 printk(KERN_WARNING "CIFS: no memory for UNC\n");
1662                                 goto cifs_parse_mount_err;
1663                         }
1664                         strcpy(vol->UNC, string);
1665
1666                         if (strncmp(string, "//", 2) == 0) {
1667                                 vol->UNC[0] = '\\';
1668                                 vol->UNC[1] = '\\';
1669                         } else if (strncmp(string, "\\\\", 2) != 0) {
1670                                 printk(KERN_WARNING "CIFS: UNC Path does not "
1671                                                     "begin with // or \\\\\n");
1672                                 goto cifs_parse_mount_err;
1673                         }
1674
1675                         break;
1676                 case Opt_domain:
1677                         string = match_strdup(args);
1678                         if (string == NULL)
1679                                 goto out_nomem;
1680
1681                         if (strnlen(string, 256) == 256) {
1682                                 printk(KERN_WARNING "CIFS: domain name too"
1683                                                     " long\n");
1684                                 goto cifs_parse_mount_err;
1685                         }
1686
1687                         vol->domainname = kstrdup(string, GFP_KERNEL);
1688                         if (!vol->domainname) {
1689                                 printk(KERN_WARNING "CIFS: no memory "
1690                                                     "for domainname\n");
1691                                 goto cifs_parse_mount_err;
1692                         }
1693                         cFYI(1, "Domain name set");
1694                         break;
1695                 case Opt_srcaddr:
1696                         string = match_strdup(args);
1697                         if (string == NULL)
1698                                 goto out_nomem;
1699
1700                         if (!cifs_convert_address(
1701                                         (struct sockaddr *)&vol->srcaddr,
1702                                         string, strlen(string))) {
1703                                 printk(KERN_WARNING "CIFS:  Could not parse"
1704                                                     " srcaddr: %s\n", string);
1705                                 goto cifs_parse_mount_err;
1706                         }
1707                         break;
1708                 case Opt_prefixpath:
1709                         string = match_strdup(args);
1710                         if (string == NULL)
1711                                 goto out_nomem;
1712
1713                         temp_len = strnlen(string, 1024);
1714                         if (string[0] != '/')
1715                                 temp_len++; /* missing leading slash */
1716                         if (temp_len > 1024) {
1717                                 printk(KERN_WARNING "CIFS: prefix too long\n");
1718                                 goto cifs_parse_mount_err;
1719                         }
1720
1721                         vol->prepath = kmalloc(temp_len+1, GFP_KERNEL);
1722                         if (vol->prepath == NULL) {
1723                                 printk(KERN_WARNING "CIFS: no memory "
1724                                                     "for path prefix\n");
1725                                 goto cifs_parse_mount_err;
1726                         }
1727
1728                         if (string[0] != '/') {
1729                                 vol->prepath[0] = '/';
1730                                 strcpy(vol->prepath+1, string);
1731                         } else
1732                                 strcpy(vol->prepath, string);
1733
1734                         break;
1735                 case Opt_iocharset:
1736                         string = match_strdup(args);
1737                         if (string == NULL)
1738                                 goto out_nomem;
1739
1740                         if (strnlen(string, 1024) >= 65) {
1741                                 printk(KERN_WARNING "CIFS: iocharset name "
1742                                                     "too long.\n");
1743                                 goto cifs_parse_mount_err;
1744                         }
1745
1746                          if (strnicmp(string, "default", 7) != 0) {
1747                                 vol->iocharset = kstrdup(string,
1748                                                          GFP_KERNEL);
1749                                 if (!vol->iocharset) {
1750                                         printk(KERN_WARNING "CIFS: no memory"
1751                                                             "for charset\n");
1752                                         goto cifs_parse_mount_err;
1753                                 }
1754                         }
1755                         /* if iocharset not set then load_nls_default
1756                          * is used by caller
1757                          */
1758                         cFYI(1, "iocharset set to %s", string);
1759                         break;
1760                 case Opt_sockopt:
1761                         string = match_strdup(args);
1762                         if (string == NULL)
1763                                 goto out_nomem;
1764
1765                         if (strnicmp(string, "TCP_NODELAY", 11) == 0)
1766                                 vol->sockopt_tcp_nodelay = 1;
1767                         break;
1768                 case Opt_netbiosname:
1769                         string = match_strdup(args);
1770                         if (string == NULL)
1771                                 goto out_nomem;
1772
1773                         memset(vol->source_rfc1001_name, 0x20,
1774                                 RFC1001_NAME_LEN);
1775                         /*
1776                          * FIXME: are there cases in which a comma can
1777                          * be valid in workstation netbios name (and
1778                          * need special handling)?
1779                          */
1780                         for (i = 0; i < RFC1001_NAME_LEN; i++) {
1781                                 /* don't ucase netbiosname for user */
1782                                 if (string[i] == 0)
1783                                         break;
1784                                 vol->source_rfc1001_name[i] = string[i];
1785                         }
1786                         /* The string has 16th byte zero still from
1787                          * set at top of the function
1788                          */
1789                         if (i == RFC1001_NAME_LEN && string[i] != 0)
1790                                 printk(KERN_WARNING "CIFS: netbiosname"
1791                                        " longer than 15 truncated.\n");
1792
1793                         break;
1794                 case Opt_servern:
1795                         /* servernetbiosname specified override *SMBSERVER */
1796                         string = match_strdup(args);
1797                         if (string == NULL)
1798                                 goto out_nomem;
1799
1800                         /* last byte, type, is 0x20 for servr type */
1801                         memset(vol->target_rfc1001_name, 0x20,
1802                                 RFC1001_NAME_LEN_WITH_NULL);
1803
1804                         /* BB are there cases in which a comma can be
1805                            valid in this workstation netbios name
1806                            (and need special handling)? */
1807
1808                         /* user or mount helper must uppercase the
1809                            netbios name */
1810                         for (i = 0; i < 15; i++) {
1811                                 if (string[i] == 0)
1812                                         break;
1813                                 vol->target_rfc1001_name[i] = string[i];
1814                         }
1815                         /* The string has 16th byte zero still from
1816                            set at top of the function  */
1817                         if (i == RFC1001_NAME_LEN && string[i] != 0)
1818                                 printk(KERN_WARNING "CIFS: server net"
1819                                        "biosname longer than 15 truncated.\n");
1820                         break;
1821                 case Opt_ver:
1822                         string = match_strdup(args);
1823                         if (string == NULL)
1824                                 goto out_nomem;
1825
1826                         if (strnicmp(string, "cifs", 4) == 0 ||
1827                             strnicmp(string, "1", 1) == 0) {
1828                                 /* This is the default */
1829                                 break;
1830                         }
1831                         /* For all other value, error */
1832                         printk(KERN_WARNING "CIFS: Invalid version"
1833                                             " specified\n");
1834                         goto cifs_parse_mount_err;
1835                 case Opt_sec:
1836                         string = match_strdup(args);
1837                         if (string == NULL)
1838                                 goto out_nomem;
1839
1840                         if (cifs_parse_security_flavors(string, vol) != 0)
1841                                 goto cifs_parse_mount_err;
1842                         break;
1843                 default:
1844                         /*
1845                          * An option we don't recognize. Save it off for later
1846                          * if we haven't already found one
1847                          */
1848                         if (!invalid)
1849                                 invalid = data;
1850                         break;
1851                 }
1852                 /* Free up any allocated string */
1853                 kfree(string);
1854                 string = NULL;
1855         }
1856
1857         if (!sloppy && invalid) {
1858                 printk(KERN_ERR "CIFS: Unknown mount option \"%s\"\n", invalid);
1859                 goto cifs_parse_mount_err;
1860         }
1861
1862 #ifndef CONFIG_KEYS
1863         /* Muliuser mounts require CONFIG_KEYS support */
1864         if (vol->multiuser) {
1865                 cERROR(1, "Multiuser mounts require kernels with "
1866                           "CONFIG_KEYS enabled.");
1867                 goto cifs_parse_mount_err;
1868         }
1869 #endif
1870
1871         if (vol->UNCip == NULL)
1872                 vol->UNCip = &vol->UNC[2];
1873
1874         if (uid_specified)
1875                 vol->override_uid = override_uid;
1876         else if (override_uid == 1)
1877                 printk(KERN_NOTICE "CIFS: ignoring forceuid mount option "
1878                                    "specified with no uid= option.\n");
1879
1880         if (gid_specified)
1881                 vol->override_gid = override_gid;
1882         else if (override_gid == 1)
1883                 printk(KERN_NOTICE "CIFS: ignoring forcegid mount option "
1884                                    "specified with no gid= option.\n");
1885
1886         kfree(mountdata_copy);
1887         return 0;
1888
1889 out_nomem:
1890         printk(KERN_WARNING "Could not allocate temporary buffer\n");
1891 cifs_parse_mount_err:
1892         kfree(string);
1893         kfree(mountdata_copy);
1894         return 1;
1895 }
1896
1897 /** Returns true if srcaddr isn't specified and rhs isn't
1898  * specified, or if srcaddr is specified and
1899  * matches the IP address of the rhs argument.
1900  */
1901 static bool
1902 srcip_matches(struct sockaddr *srcaddr, struct sockaddr *rhs)
1903 {
1904         switch (srcaddr->sa_family) {
1905         case AF_UNSPEC:
1906                 return (rhs->sa_family == AF_UNSPEC);
1907         case AF_INET: {
1908                 struct sockaddr_in *saddr4 = (struct sockaddr_in *)srcaddr;
1909                 struct sockaddr_in *vaddr4 = (struct sockaddr_in *)rhs;
1910                 return (saddr4->sin_addr.s_addr == vaddr4->sin_addr.s_addr);
1911         }
1912         case AF_INET6: {
1913                 struct sockaddr_in6 *saddr6 = (struct sockaddr_in6 *)srcaddr;
1914                 struct sockaddr_in6 *vaddr6 = (struct sockaddr_in6 *)&rhs;
1915                 return ipv6_addr_equal(&saddr6->sin6_addr, &vaddr6->sin6_addr);
1916         }
1917         default:
1918                 WARN_ON(1);
1919                 return false; /* don't expect to be here */
1920         }
1921 }
1922
1923 /*
1924  * If no port is specified in addr structure, we try to match with 445 port
1925  * and if it fails - with 139 ports. It should be called only if address
1926  * families of server and addr are equal.
1927  */
1928 static bool
1929 match_port(struct TCP_Server_Info *server, struct sockaddr *addr)
1930 {
1931         __be16 port, *sport;
1932
1933         switch (addr->sa_family) {
1934         case AF_INET:
1935                 sport = &((struct sockaddr_in *) &server->dstaddr)->sin_port;
1936                 port = ((struct sockaddr_in *) addr)->sin_port;
1937                 break;
1938         case AF_INET6:
1939                 sport = &((struct sockaddr_in6 *) &server->dstaddr)->sin6_port;
1940                 port = ((struct sockaddr_in6 *) addr)->sin6_port;
1941                 break;
1942         default:
1943                 WARN_ON(1);
1944                 return false;
1945         }
1946
1947         if (!port) {
1948                 port = htons(CIFS_PORT);
1949                 if (port == *sport)
1950                         return true;
1951
1952                 port = htons(RFC1001_PORT);
1953         }
1954
1955         return port == *sport;
1956 }
1957
1958 static bool
1959 match_address(struct TCP_Server_Info *server, struct sockaddr *addr,
1960               struct sockaddr *srcaddr)
1961 {
1962         switch (addr->sa_family) {
1963         case AF_INET: {
1964                 struct sockaddr_in *addr4 = (struct sockaddr_in *)addr;
1965                 struct sockaddr_in *srv_addr4 =
1966                                         (struct sockaddr_in *)&server->dstaddr;
1967
1968                 if (addr4->sin_addr.s_addr != srv_addr4->sin_addr.s_addr)
1969                         return false;
1970                 break;
1971         }
1972         case AF_INET6: {
1973                 struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)addr;
1974                 struct sockaddr_in6 *srv_addr6 =
1975                                         (struct sockaddr_in6 *)&server->dstaddr;
1976
1977                 if (!ipv6_addr_equal(&addr6->sin6_addr,
1978                                      &srv_addr6->sin6_addr))
1979                         return false;
1980                 if (addr6->sin6_scope_id != srv_addr6->sin6_scope_id)
1981                         return false;
1982                 break;
1983         }
1984         default:
1985                 WARN_ON(1);
1986                 return false; /* don't expect to be here */
1987         }
1988
1989         if (!srcip_matches(srcaddr, (struct sockaddr *)&server->srcaddr))
1990                 return false;
1991
1992         return true;
1993 }
1994
1995 static bool
1996 match_security(struct TCP_Server_Info *server, struct smb_vol *vol)
1997 {
1998         unsigned int secFlags;
1999
2000         if (vol->secFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
2001                 secFlags = vol->secFlg;
2002         else
2003                 secFlags = global_secflags | vol->secFlg;
2004
2005         switch (server->secType) {
2006         case LANMAN:
2007                 if (!(secFlags & (CIFSSEC_MAY_LANMAN|CIFSSEC_MAY_PLNTXT)))
2008                         return false;
2009                 break;
2010         case NTLMv2:
2011                 if (!(secFlags & CIFSSEC_MAY_NTLMV2))
2012                         return false;
2013                 break;
2014         case NTLM:
2015                 if (!(secFlags & CIFSSEC_MAY_NTLM))
2016                         return false;
2017                 break;
2018         case Kerberos:
2019                 if (!(secFlags & CIFSSEC_MAY_KRB5))
2020                         return false;
2021                 break;
2022         case RawNTLMSSP:
2023                 if (!(secFlags & CIFSSEC_MAY_NTLMSSP))
2024                         return false;
2025                 break;
2026         default:
2027                 /* shouldn't happen */
2028                 return false;
2029         }
2030
2031         /* now check if signing mode is acceptable */
2032         if ((secFlags & CIFSSEC_MAY_SIGN) == 0 &&
2033             (server->sec_mode & SECMODE_SIGN_REQUIRED))
2034                         return false;
2035         else if (((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) &&
2036                  (server->sec_mode &
2037                   (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED)) == 0)
2038                         return false;
2039
2040         return true;
2041 }
2042
2043 static int match_server(struct TCP_Server_Info *server, struct sockaddr *addr,
2044                          struct smb_vol *vol)
2045 {
2046         if (!net_eq(cifs_net_ns(server), current->nsproxy->net_ns))
2047                 return 0;
2048
2049         if (!match_address(server, addr,
2050                            (struct sockaddr *)&vol->srcaddr))
2051                 return 0;
2052
2053         if (!match_port(server, addr))
2054                 return 0;
2055
2056         if (!match_security(server, vol))
2057                 return 0;
2058
2059         return 1;
2060 }
2061
2062 static struct TCP_Server_Info *
2063 cifs_find_tcp_session(struct sockaddr *addr, struct smb_vol *vol)
2064 {
2065         struct TCP_Server_Info *server;
2066
2067         spin_lock(&cifs_tcp_ses_lock);
2068         list_for_each_entry(server, &cifs_tcp_ses_list, tcp_ses_list) {
2069                 if (!match_server(server, addr, vol))
2070                         continue;
2071
2072                 ++server->srv_count;
2073                 spin_unlock(&cifs_tcp_ses_lock);
2074                 cFYI(1, "Existing tcp session with server found");
2075                 return server;
2076         }
2077         spin_unlock(&cifs_tcp_ses_lock);
2078         return NULL;
2079 }
2080
2081 static void
2082 cifs_put_tcp_session(struct TCP_Server_Info *server)
2083 {
2084         struct task_struct *task;
2085
2086         spin_lock(&cifs_tcp_ses_lock);
2087         if (--server->srv_count > 0) {
2088                 spin_unlock(&cifs_tcp_ses_lock);
2089                 return;
2090         }
2091
2092         put_net(cifs_net_ns(server));
2093
2094         list_del_init(&server->tcp_ses_list);
2095         spin_unlock(&cifs_tcp_ses_lock);
2096
2097         cancel_delayed_work_sync(&server->echo);
2098
2099         spin_lock(&GlobalMid_Lock);
2100         server->tcpStatus = CifsExiting;
2101         spin_unlock(&GlobalMid_Lock);
2102
2103         cifs_crypto_shash_release(server);
2104         cifs_fscache_release_client_cookie(server);
2105
2106         kfree(server->session_key.response);
2107         server->session_key.response = NULL;
2108         server->session_key.len = 0;
2109
2110         task = xchg(&server->tsk, NULL);
2111         if (task)
2112                 force_sig(SIGKILL, task);
2113 }
2114
2115 static struct TCP_Server_Info *
2116 cifs_get_tcp_session(struct smb_vol *volume_info)
2117 {
2118         struct TCP_Server_Info *tcp_ses = NULL;
2119         struct sockaddr_storage addr;
2120         struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
2121         struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
2122         int rc;
2123
2124         memset(&addr, 0, sizeof(struct sockaddr_storage));
2125
2126         cFYI(1, "UNC: %s ip: %s", volume_info->UNC, volume_info->UNCip);
2127
2128         if (volume_info->UNCip && volume_info->UNC) {
2129                 rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2130                                         volume_info->UNCip,
2131                                         strlen(volume_info->UNCip),
2132                                         volume_info->port);
2133                 if (!rc) {
2134                         /* we failed translating address */
2135                         rc = -EINVAL;
2136                         goto out_err;
2137                 }
2138         } else if (volume_info->UNCip) {
2139                 /* BB using ip addr as tcp_ses name to connect to the
2140                    DFS root below */
2141                 cERROR(1, "Connecting to DFS root not implemented yet");
2142                 rc = -EINVAL;
2143                 goto out_err;
2144         } else /* which tcp_sess DFS root would we conect to */ {
2145                 cERROR(1, "CIFS mount error: No UNC path (e.g. -o "
2146                         "unc=//192.168.1.100/public) specified");
2147                 rc = -EINVAL;
2148                 goto out_err;
2149         }
2150
2151         /* see if we already have a matching tcp_ses */
2152         tcp_ses = cifs_find_tcp_session((struct sockaddr *)&addr, volume_info);
2153         if (tcp_ses)
2154                 return tcp_ses;
2155
2156         tcp_ses = kzalloc(sizeof(struct TCP_Server_Info), GFP_KERNEL);
2157         if (!tcp_ses) {
2158                 rc = -ENOMEM;
2159                 goto out_err;
2160         }
2161
2162         rc = cifs_crypto_shash_allocate(tcp_ses);
2163         if (rc) {
2164                 cERROR(1, "could not setup hash structures rc %d", rc);
2165                 goto out_err;
2166         }
2167
2168         cifs_set_net_ns(tcp_ses, get_net(current->nsproxy->net_ns));
2169         tcp_ses->hostname = extract_hostname(volume_info->UNC);
2170         if (IS_ERR(tcp_ses->hostname)) {
2171                 rc = PTR_ERR(tcp_ses->hostname);
2172                 goto out_err_crypto_release;
2173         }
2174
2175         tcp_ses->noblocksnd = volume_info->noblocksnd;
2176         tcp_ses->noautotune = volume_info->noautotune;
2177         tcp_ses->tcp_nodelay = volume_info->sockopt_tcp_nodelay;
2178         tcp_ses->in_flight = 0;
2179         tcp_ses->credits = 1;
2180         init_waitqueue_head(&tcp_ses->response_q);
2181         init_waitqueue_head(&tcp_ses->request_q);
2182         INIT_LIST_HEAD(&tcp_ses->pending_mid_q);
2183         mutex_init(&tcp_ses->srv_mutex);
2184         memcpy(tcp_ses->workstation_RFC1001_name,
2185                 volume_info->source_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
2186         memcpy(tcp_ses->server_RFC1001_name,
2187                 volume_info->target_rfc1001_name, RFC1001_NAME_LEN_WITH_NULL);
2188         tcp_ses->session_estab = false;
2189         tcp_ses->sequence_number = 0;
2190         tcp_ses->lstrp = jiffies;
2191         spin_lock_init(&tcp_ses->req_lock);
2192         INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
2193         INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
2194         INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
2195
2196         /*
2197          * at this point we are the only ones with the pointer
2198          * to the struct since the kernel thread not created yet
2199          * no need to spinlock this init of tcpStatus or srv_count
2200          */
2201         tcp_ses->tcpStatus = CifsNew;
2202         memcpy(&tcp_ses->srcaddr, &volume_info->srcaddr,
2203                sizeof(tcp_ses->srcaddr));
2204         ++tcp_ses->srv_count;
2205
2206         if (addr.ss_family == AF_INET6) {
2207                 cFYI(1, "attempting ipv6 connect");
2208                 /* BB should we allow ipv6 on port 139? */
2209                 /* other OS never observed in Wild doing 139 with v6 */
2210                 memcpy(&tcp_ses->dstaddr, sin_server6,
2211                        sizeof(struct sockaddr_in6));
2212         } else
2213                 memcpy(&tcp_ses->dstaddr, sin_server,
2214                        sizeof(struct sockaddr_in));
2215
2216         rc = ip_connect(tcp_ses);
2217         if (rc < 0) {
2218                 cERROR(1, "Error connecting to socket. Aborting operation");
2219                 goto out_err_crypto_release;
2220         }
2221
2222         /*
2223          * since we're in a cifs function already, we know that
2224          * this will succeed. No need for try_module_get().
2225          */
2226         __module_get(THIS_MODULE);
2227         tcp_ses->tsk = kthread_run(cifs_demultiplex_thread,
2228                                   tcp_ses, "cifsd");
2229         if (IS_ERR(tcp_ses->tsk)) {
2230                 rc = PTR_ERR(tcp_ses->tsk);
2231                 cERROR(1, "error %d create cifsd thread", rc);
2232                 module_put(THIS_MODULE);
2233                 goto out_err_crypto_release;
2234         }
2235         tcp_ses->tcpStatus = CifsNeedNegotiate;
2236
2237         /* thread spawned, put it on the list */
2238         spin_lock(&cifs_tcp_ses_lock);
2239         list_add(&tcp_ses->tcp_ses_list, &cifs_tcp_ses_list);
2240         spin_unlock(&cifs_tcp_ses_lock);
2241
2242         cifs_fscache_get_client_cookie(tcp_ses);
2243
2244         /* queue echo request delayed work */
2245         queue_delayed_work(cifsiod_wq, &tcp_ses->echo, SMB_ECHO_INTERVAL);
2246
2247         return tcp_ses;
2248
2249 out_err_crypto_release:
2250         cifs_crypto_shash_release(tcp_ses);
2251
2252         put_net(cifs_net_ns(tcp_ses));
2253
2254 out_err:
2255         if (tcp_ses) {
2256                 if (!IS_ERR(tcp_ses->hostname))
2257                         kfree(tcp_ses->hostname);
2258                 if (tcp_ses->ssocket)
2259                         sock_release(tcp_ses->ssocket);
2260                 kfree(tcp_ses);
2261         }
2262         return ERR_PTR(rc);
2263 }
2264
2265 static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
2266 {
2267         switch (ses->server->secType) {
2268         case Kerberos:
2269                 if (vol->cred_uid != ses->cred_uid)
2270                         return 0;
2271                 break;
2272         default:
2273                 /* NULL username means anonymous session */
2274                 if (ses->user_name == NULL) {
2275                         if (!vol->nullauth)
2276                                 return 0;
2277                         break;
2278                 }
2279
2280                 /* anything else takes username/password */
2281                 if (strncmp(ses->user_name,
2282                             vol->username ? vol->username : "",
2283                             MAX_USERNAME_SIZE))
2284                         return 0;
2285                 if (strlen(vol->username) != 0 &&
2286                     ses->password != NULL &&
2287                     strncmp(ses->password,
2288                             vol->password ? vol->password : "",
2289                             MAX_PASSWORD_SIZE))
2290                         return 0;
2291         }
2292         return 1;
2293 }
2294
2295 static struct cifs_ses *
2296 cifs_find_smb_ses(struct TCP_Server_Info *server, struct smb_vol *vol)
2297 {
2298         struct cifs_ses *ses;
2299
2300         spin_lock(&cifs_tcp_ses_lock);
2301         list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) {
2302                 if (!match_session(ses, vol))
2303                         continue;
2304                 ++ses->ses_count;
2305                 spin_unlock(&cifs_tcp_ses_lock);
2306                 return ses;
2307         }
2308         spin_unlock(&cifs_tcp_ses_lock);
2309         return NULL;
2310 }
2311
2312 static void
2313 cifs_put_smb_ses(struct cifs_ses *ses)
2314 {
2315         int xid;
2316         struct TCP_Server_Info *server = ses->server;
2317
2318         cFYI(1, "%s: ses_count=%d\n", __func__, ses->ses_count);
2319         spin_lock(&cifs_tcp_ses_lock);
2320         if (--ses->ses_count > 0) {
2321                 spin_unlock(&cifs_tcp_ses_lock);
2322                 return;
2323         }
2324
2325         list_del_init(&ses->smb_ses_list);
2326         spin_unlock(&cifs_tcp_ses_lock);
2327
2328         if (ses->status == CifsGood) {
2329                 xid = GetXid();
2330                 CIFSSMBLogoff(xid, ses);
2331                 _FreeXid(xid);
2332         }
2333         sesInfoFree(ses);
2334         cifs_put_tcp_session(server);
2335 }
2336
2337 #ifdef CONFIG_KEYS
2338
2339 /* strlen("cifs:a:") + INET6_ADDRSTRLEN + 1 */
2340 #define CIFSCREDS_DESC_SIZE (7 + INET6_ADDRSTRLEN + 1)
2341
2342 /* Populate username and pw fields from keyring if possible */
2343 static int
2344 cifs_set_cifscreds(struct smb_vol *vol, struct cifs_ses *ses)
2345 {
2346         int rc = 0;
2347         char *desc, *delim, *payload;
2348         ssize_t len;
2349         struct key *key;
2350         struct TCP_Server_Info *server = ses->server;
2351         struct sockaddr_in *sa;
2352         struct sockaddr_in6 *sa6;
2353         struct user_key_payload *upayload;
2354
2355         desc = kmalloc(CIFSCREDS_DESC_SIZE, GFP_KERNEL);
2356         if (!desc)
2357                 return -ENOMEM;
2358
2359         /* try to find an address key first */
2360         switch (server->dstaddr.ss_family) {
2361         case AF_INET:
2362                 sa = (struct sockaddr_in *)&server->dstaddr;
2363                 sprintf(desc, "cifs:a:%pI4", &sa->sin_addr.s_addr);
2364                 break;
2365         case AF_INET6:
2366                 sa6 = (struct sockaddr_in6 *)&server->dstaddr;
2367                 sprintf(desc, "cifs:a:%pI6c", &sa6->sin6_addr.s6_addr);
2368                 break;
2369         default:
2370                 cFYI(1, "Bad ss_family (%hu)", server->dstaddr.ss_family);
2371                 rc = -EINVAL;
2372                 goto out_err;
2373         }
2374
2375         cFYI(1, "%s: desc=%s", __func__, desc);
2376         key = request_key(&key_type_logon, desc, "");
2377         if (IS_ERR(key)) {
2378                 if (!ses->domainName) {
2379                         cFYI(1, "domainName is NULL");
2380                         rc = PTR_ERR(key);
2381                         goto out_err;
2382                 }
2383
2384                 /* didn't work, try to find a domain key */
2385                 sprintf(desc, "cifs:d:%s", ses->domainName);
2386                 cFYI(1, "%s: desc=%s", __func__, desc);
2387                 key = request_key(&key_type_logon, desc, "");
2388                 if (IS_ERR(key)) {
2389                         rc = PTR_ERR(key);
2390                         goto out_err;
2391                 }
2392         }
2393
2394         down_read(&key->sem);
2395         upayload = key->payload.data;
2396         if (IS_ERR_OR_NULL(upayload)) {
2397                 rc = upayload ? PTR_ERR(upayload) : -EINVAL;
2398                 goto out_key_put;
2399         }
2400
2401         /* find first : in payload */
2402         payload = (char *)upayload->data;
2403         delim = strnchr(payload, upayload->datalen, ':');
2404         cFYI(1, "payload=%s", payload);
2405         if (!delim) {
2406                 cFYI(1, "Unable to find ':' in payload (datalen=%d)",
2407                                 upayload->datalen);
2408                 rc = -EINVAL;
2409                 goto out_key_put;
2410         }
2411
2412         len = delim - payload;
2413         if (len > MAX_USERNAME_SIZE || len <= 0) {
2414                 cFYI(1, "Bad value from username search (len=%zd)", len);
2415                 rc = -EINVAL;
2416                 goto out_key_put;
2417         }
2418
2419         vol->username = kstrndup(payload, len, GFP_KERNEL);
2420         if (!vol->username) {
2421                 cFYI(1, "Unable to allocate %zd bytes for username", len);
2422                 rc = -ENOMEM;
2423                 goto out_key_put;
2424         }
2425         cFYI(1, "%s: username=%s", __func__, vol->username);
2426
2427         len = key->datalen - (len + 1);
2428         if (len > MAX_PASSWORD_SIZE || len <= 0) {
2429                 cFYI(1, "Bad len for password search (len=%zd)", len);
2430                 rc = -EINVAL;
2431                 kfree(vol->username);
2432                 vol->username = NULL;
2433                 goto out_key_put;
2434         }
2435
2436         ++delim;
2437         vol->password = kstrndup(delim, len, GFP_KERNEL);
2438         if (!vol->password) {
2439                 cFYI(1, "Unable to allocate %zd bytes for password", len);
2440                 rc = -ENOMEM;
2441                 kfree(vol->username);
2442                 vol->username = NULL;
2443                 goto out_key_put;
2444         }
2445
2446 out_key_put:
2447         up_read(&key->sem);
2448         key_put(key);
2449 out_err:
2450         kfree(desc);
2451         cFYI(1, "%s: returning %d", __func__, rc);
2452         return rc;
2453 }
2454 #else /* ! CONFIG_KEYS */
2455 static inline int
2456 cifs_set_cifscreds(struct smb_vol *vol __attribute__((unused)),
2457                    struct cifs_ses *ses __attribute__((unused)))
2458 {
2459         return -ENOSYS;
2460 }
2461 #endif /* CONFIG_KEYS */
2462
2463 static bool warned_on_ntlm;  /* globals init to false automatically */
2464
2465 static struct cifs_ses *
2466 cifs_get_smb_ses(struct TCP_Server_Info *server, struct smb_vol *volume_info)
2467 {
2468         int rc = -ENOMEM, xid;
2469         struct cifs_ses *ses;
2470         struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
2471         struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
2472
2473         xid = GetXid();
2474
2475         ses = cifs_find_smb_ses(server, volume_info);
2476         if (ses) {
2477                 cFYI(1, "Existing smb sess found (status=%d)", ses->status);
2478
2479                 mutex_lock(&ses->session_mutex);
2480                 rc = cifs_negotiate_protocol(xid, ses);
2481                 if (rc) {
2482                         mutex_unlock(&ses->session_mutex);
2483                         /* problem -- put our ses reference */
2484                         cifs_put_smb_ses(ses);
2485                         FreeXid(xid);
2486                         return ERR_PTR(rc);
2487                 }
2488                 if (ses->need_reconnect) {
2489                         cFYI(1, "Session needs reconnect");
2490                         rc = cifs_setup_session(xid, ses,
2491                                                 volume_info->local_nls);
2492                         if (rc) {
2493                                 mutex_unlock(&ses->session_mutex);
2494                                 /* problem -- put our reference */
2495                                 cifs_put_smb_ses(ses);
2496                                 FreeXid(xid);
2497                                 return ERR_PTR(rc);
2498                         }
2499                 }
2500                 mutex_unlock(&ses->session_mutex);
2501
2502                 /* existing SMB ses has a server reference already */
2503                 cifs_put_tcp_session(server);
2504                 FreeXid(xid);
2505                 return ses;
2506         }
2507
2508         cFYI(1, "Existing smb sess not found");
2509         ses = sesInfoAlloc();
2510         if (ses == NULL)
2511                 goto get_ses_fail;
2512
2513         /* new SMB session uses our server ref */
2514         ses->server = server;
2515         if (server->dstaddr.ss_family == AF_INET6)
2516                 sprintf(ses->serverName, "%pI6", &addr6->sin6_addr);
2517         else
2518                 sprintf(ses->serverName, "%pI4", &addr->sin_addr);
2519
2520         if (volume_info->username) {
2521                 ses->user_name = kstrdup(volume_info->username, GFP_KERNEL);
2522                 if (!ses->user_name)
2523                         goto get_ses_fail;
2524         }
2525
2526         /* volume_info->password freed at unmount */
2527         if (volume_info->password) {
2528                 ses->password = kstrdup(volume_info->password, GFP_KERNEL);
2529                 if (!ses->password)
2530                         goto get_ses_fail;
2531         }
2532         if (volume_info->domainname) {
2533                 ses->domainName = kstrdup(volume_info->domainname, GFP_KERNEL);
2534                 if (!ses->domainName)
2535                         goto get_ses_fail;
2536         }
2537         ses->cred_uid = volume_info->cred_uid;
2538         ses->linux_uid = volume_info->linux_uid;
2539
2540         /* ntlmv2 is much stronger than ntlm security, and has been broadly
2541         supported for many years, time to update default security mechanism */
2542         if ((volume_info->secFlg == 0) && warned_on_ntlm == false) {
2543                 warned_on_ntlm = true;
2544                 cERROR(1, "default security mechanism requested.  The default "
2545                         "security mechanism will be upgraded from ntlm to "
2546                         "ntlmv2 in kernel release 3.3");
2547         }
2548         ses->overrideSecFlg = volume_info->secFlg;
2549
2550         mutex_lock(&ses->session_mutex);
2551         rc = cifs_negotiate_protocol(xid, ses);
2552         if (!rc)
2553                 rc = cifs_setup_session(xid, ses, volume_info->local_nls);
2554         mutex_unlock(&ses->session_mutex);
2555         if (rc)
2556                 goto get_ses_fail;
2557
2558         /* success, put it on the list */
2559         spin_lock(&cifs_tcp_ses_lock);
2560         list_add(&ses->smb_ses_list, &server->smb_ses_list);
2561         spin_unlock(&cifs_tcp_ses_lock);
2562
2563         FreeXid(xid);
2564         return ses;
2565
2566 get_ses_fail:
2567         sesInfoFree(ses);
2568         FreeXid(xid);
2569         return ERR_PTR(rc);
2570 }
2571
2572 static int match_tcon(struct cifs_tcon *tcon, const char *unc)
2573 {
2574         if (tcon->tidStatus == CifsExiting)
2575                 return 0;
2576         if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
2577                 return 0;
2578         return 1;
2579 }
2580
2581 static struct cifs_tcon *
2582 cifs_find_tcon(struct cifs_ses *ses, const char *unc)
2583 {
2584         struct list_head *tmp;
2585         struct cifs_tcon *tcon;
2586
2587         spin_lock(&cifs_tcp_ses_lock);
2588         list_for_each(tmp, &ses->tcon_list) {
2589                 tcon = list_entry(tmp, struct cifs_tcon, tcon_list);
2590                 if (!match_tcon(tcon, unc))
2591                         continue;
2592                 ++tcon->tc_count;
2593                 spin_unlock(&cifs_tcp_ses_lock);
2594                 return tcon;
2595         }
2596         spin_unlock(&cifs_tcp_ses_lock);
2597         return NULL;
2598 }
2599
2600 static void
2601 cifs_put_tcon(struct cifs_tcon *tcon)
2602 {
2603         int xid;
2604         struct cifs_ses *ses = tcon->ses;
2605
2606         cFYI(1, "%s: tc_count=%d\n", __func__, tcon->tc_count);
2607         spin_lock(&cifs_tcp_ses_lock);
2608         if (--tcon->tc_count > 0) {
2609                 spin_unlock(&cifs_tcp_ses_lock);
2610                 return;
2611         }
2612
2613         list_del_init(&tcon->tcon_list);
2614         spin_unlock(&cifs_tcp_ses_lock);
2615
2616         xid = GetXid();
2617         CIFSSMBTDis(xid, tcon);
2618         _FreeXid(xid);
2619
2620         cifs_fscache_release_super_cookie(tcon);
2621         tconInfoFree(tcon);
2622         cifs_put_smb_ses(ses);
2623 }
2624
2625 static struct cifs_tcon *
2626 cifs_get_tcon(struct cifs_ses *ses, struct smb_vol *volume_info)
2627 {
2628         int rc, xid;
2629         struct cifs_tcon *tcon;
2630
2631         tcon = cifs_find_tcon(ses, volume_info->UNC);
2632         if (tcon) {
2633                 cFYI(1, "Found match on UNC path");
2634                 /* existing tcon already has a reference */
2635                 cifs_put_smb_ses(ses);
2636                 if (tcon->seal != volume_info->seal)
2637                         cERROR(1, "transport encryption setting "
2638                                    "conflicts with existing tid");
2639                 return tcon;
2640         }
2641
2642         tcon = tconInfoAlloc();
2643         if (tcon == NULL) {
2644                 rc = -ENOMEM;
2645                 goto out_fail;
2646         }
2647
2648         tcon->ses = ses;
2649         if (volume_info->password) {
2650                 tcon->password = kstrdup(volume_info->password, GFP_KERNEL);
2651                 if (!tcon->password) {
2652                         rc = -ENOMEM;
2653                         goto out_fail;
2654                 }
2655         }
2656
2657         if (strchr(volume_info->UNC + 3, '\\') == NULL
2658             && strchr(volume_info->UNC + 3, '/') == NULL) {
2659                 cERROR(1, "Missing share name");
2660                 rc = -ENODEV;
2661                 goto out_fail;
2662         }
2663
2664         /* BB Do we need to wrap session_mutex around
2665          * this TCon call and Unix SetFS as
2666          * we do on SessSetup and reconnect? */
2667         xid = GetXid();
2668         rc = CIFSTCon(xid, ses, volume_info->UNC, tcon, volume_info->local_nls);
2669         FreeXid(xid);
2670         cFYI(1, "CIFS Tcon rc = %d", rc);
2671         if (rc)
2672                 goto out_fail;
2673
2674         if (volume_info->nodfs) {
2675                 tcon->Flags &= ~SMB_SHARE_IS_IN_DFS;
2676                 cFYI(1, "DFS disabled (%d)", tcon->Flags);
2677         }
2678         tcon->seal = volume_info->seal;
2679         /* we can have only one retry value for a connection
2680            to a share so for resources mounted more than once
2681            to the same server share the last value passed in
2682            for the retry flag is used */
2683         tcon->retry = volume_info->retry;
2684         tcon->nocase = volume_info->nocase;
2685         tcon->local_lease = volume_info->local_lease;
2686
2687         spin_lock(&cifs_tcp_ses_lock);
2688         list_add(&tcon->tcon_list, &ses->tcon_list);
2689         spin_unlock(&cifs_tcp_ses_lock);
2690
2691         cifs_fscache_get_super_cookie(tcon);
2692
2693         return tcon;
2694
2695 out_fail:
2696         tconInfoFree(tcon);
2697         return ERR_PTR(rc);
2698 }
2699
2700 void
2701 cifs_put_tlink(struct tcon_link *tlink)
2702 {
2703         if (!tlink || IS_ERR(tlink))
2704                 return;
2705
2706         if (!atomic_dec_and_test(&tlink->tl_count) ||
2707             test_bit(TCON_LINK_IN_TREE, &tlink->tl_flags)) {
2708                 tlink->tl_time = jiffies;
2709                 return;
2710         }
2711
2712         if (!IS_ERR(tlink_tcon(tlink)))
2713                 cifs_put_tcon(tlink_tcon(tlink));
2714         kfree(tlink);
2715         return;
2716 }
2717
2718 static inline struct tcon_link *
2719 cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb)
2720 {
2721         return cifs_sb->master_tlink;
2722 }
2723
2724 static int
2725 compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data)
2726 {
2727         struct cifs_sb_info *old = CIFS_SB(sb);
2728         struct cifs_sb_info *new = mnt_data->cifs_sb;
2729
2730         if ((sb->s_flags & CIFS_MS_MASK) != (mnt_data->flags & CIFS_MS_MASK))
2731                 return 0;
2732
2733         if ((old->mnt_cifs_flags & CIFS_MOUNT_MASK) !=
2734             (new->mnt_cifs_flags & CIFS_MOUNT_MASK))
2735                 return 0;
2736
2737         /*
2738          * We want to share sb only if we don't specify an r/wsize or
2739          * specified r/wsize is greater than or equal to existing one.
2740          */
2741         if (new->wsize && new->wsize < old->wsize)
2742                 return 0;
2743
2744         if (new->rsize && new->rsize < old->rsize)
2745                 return 0;
2746
2747         if (old->mnt_uid != new->mnt_uid || old->mnt_gid != new->mnt_gid)
2748                 return 0;
2749
2750         if (old->mnt_file_mode != new->mnt_file_mode ||
2751             old->mnt_dir_mode != new->mnt_dir_mode)
2752                 return 0;
2753
2754         if (strcmp(old->local_nls->charset, new->local_nls->charset))
2755                 return 0;
2756
2757         if (old->actimeo != new->actimeo)
2758                 return 0;
2759
2760         return 1;
2761 }
2762
2763 int
2764 cifs_match_super(struct super_block *sb, void *data)
2765 {
2766         struct cifs_mnt_data *mnt_data = (struct cifs_mnt_data *)data;
2767         struct smb_vol *volume_info;
2768         struct cifs_sb_info *cifs_sb;
2769         struct TCP_Server_Info *tcp_srv;
2770         struct cifs_ses *ses;
2771         struct cifs_tcon *tcon;
2772         struct tcon_link *tlink;
2773         struct sockaddr_storage addr;
2774         int rc = 0;
2775
2776         memset(&addr, 0, sizeof(struct sockaddr_storage));
2777
2778         spin_lock(&cifs_tcp_ses_lock);
2779         cifs_sb = CIFS_SB(sb);
2780         tlink = cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
2781         if (IS_ERR(tlink)) {
2782                 spin_unlock(&cifs_tcp_ses_lock);
2783                 return rc;
2784         }
2785         tcon = tlink_tcon(tlink);
2786         ses = tcon->ses;
2787         tcp_srv = ses->server;
2788
2789         volume_info = mnt_data->vol;
2790
2791         if (!volume_info->UNCip || !volume_info->UNC)
2792                 goto out;
2793
2794         rc = cifs_fill_sockaddr((struct sockaddr *)&addr,
2795                                 volume_info->UNCip,
2796                                 strlen(volume_info->UNCip),
2797                                 volume_info->port);
2798         if (!rc)
2799                 goto out;
2800
2801         if (!match_server(tcp_srv, (struct sockaddr *)&addr, volume_info) ||
2802             !match_session(ses, volume_info) ||
2803             !match_tcon(tcon, volume_info->UNC)) {
2804                 rc = 0;
2805                 goto out;
2806         }
2807
2808         rc = compare_mount_options(sb, mnt_data);
2809 out:
2810         spin_unlock(&cifs_tcp_ses_lock);
2811         cifs_put_tlink(tlink);
2812         return rc;
2813 }
2814
2815 int
2816 get_dfs_path(int xid, struct cifs_ses *pSesInfo, const char *old_path,
2817              const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
2818              struct dfs_info3_param **preferrals, int remap)
2819 {
2820         char *temp_unc;
2821         int rc = 0;
2822
2823         *pnum_referrals = 0;
2824         *preferrals = NULL;
2825
2826         if (pSesInfo->ipc_tid == 0) {
2827                 temp_unc = kmalloc(2 /* for slashes */ +
2828                         strnlen(pSesInfo->serverName,
2829                                 SERVER_NAME_LEN_WITH_NULL * 2)
2830                                  + 1 + 4 /* slash IPC$ */  + 2,
2831                                 GFP_KERNEL);
2832                 if (temp_unc == NULL)
2833                         return -ENOMEM;
2834                 temp_unc[0] = '\\';
2835                 temp_unc[1] = '\\';
2836                 strcpy(temp_unc + 2, pSesInfo->serverName);
2837                 strcpy(temp_unc + 2 + strlen(pSesInfo->serverName), "\\IPC$");
2838                 rc = CIFSTCon(xid, pSesInfo, temp_unc, NULL, nls_codepage);
2839                 cFYI(1, "CIFS Tcon rc = %d ipc_tid = %d", rc, pSesInfo->ipc_tid);
2840                 kfree(temp_unc);
2841         }
2842         if (rc == 0)
2843                 rc = CIFSGetDFSRefer(xid, pSesInfo, old_path, preferrals,
2844                                      pnum_referrals, nls_codepage, remap);
2845         /* BB map targetUNCs to dfs_info3 structures, here or
2846                 in CIFSGetDFSRefer BB */
2847
2848         return rc;
2849 }
2850
2851 #ifdef CONFIG_DEBUG_LOCK_ALLOC
2852 static struct lock_class_key cifs_key[2];
2853 static struct lock_class_key cifs_slock_key[2];
2854
2855 static inline void
2856 cifs_reclassify_socket4(struct socket *sock)
2857 {
2858         struct sock *sk = sock->sk;
2859         BUG_ON(sock_owned_by_user(sk));
2860         sock_lock_init_class_and_name(sk, "slock-AF_INET-CIFS",
2861                 &cifs_slock_key[0], "sk_lock-AF_INET-CIFS", &cifs_key[0]);
2862 }
2863
2864 static inline void
2865 cifs_reclassify_socket6(struct socket *sock)
2866 {
2867         struct sock *sk = sock->sk;
2868         BUG_ON(sock_owned_by_user(sk));
2869         sock_lock_init_class_and_name(sk, "slock-AF_INET6-CIFS",
2870                 &cifs_slock_key[1], "sk_lock-AF_INET6-CIFS", &cifs_key[1]);
2871 }
2872 #else
2873 static inline void
2874 cifs_reclassify_socket4(struct socket *sock)
2875 {
2876 }
2877
2878 static inline void
2879 cifs_reclassify_socket6(struct socket *sock)
2880 {
2881 }
2882 #endif
2883
2884 /* See RFC1001 section 14 on representation of Netbios names */
2885 static void rfc1002mangle(char *target, char *source, unsigned int length)
2886 {
2887         unsigned int i, j;
2888
2889         for (i = 0, j = 0; i < (length); i++) {
2890                 /* mask a nibble at a time and encode */
2891                 target[j] = 'A' + (0x0F & (source[i] >> 4));
2892                 target[j+1] = 'A' + (0x0F & source[i]);
2893                 j += 2;
2894         }
2895
2896 }
2897
2898 static int
2899 bind_socket(struct TCP_Server_Info *server)
2900 {
2901         int rc = 0;
2902         if (server->srcaddr.ss_family != AF_UNSPEC) {
2903                 /* Bind to the specified local IP address */
2904                 struct socket *socket = server->ssocket;
2905                 rc = socket->ops->bind(socket,
2906                                        (struct sockaddr *) &server->srcaddr,
2907                                        sizeof(server->srcaddr));
2908                 if (rc < 0) {
2909                         struct sockaddr_in *saddr4;
2910                         struct sockaddr_in6 *saddr6;
2911                         saddr4 = (struct sockaddr_in *)&server->srcaddr;
2912                         saddr6 = (struct sockaddr_in6 *)&server->srcaddr;
2913                         if (saddr6->sin6_family == AF_INET6)
2914                                 cERROR(1, "cifs: "
2915                                        "Failed to bind to: %pI6c, error: %d\n",
2916                                        &saddr6->sin6_addr, rc);
2917                         else
2918                                 cERROR(1, "cifs: "
2919                                        "Failed to bind to: %pI4, error: %d\n",
2920                                        &saddr4->sin_addr.s_addr, rc);
2921                 }
2922         }
2923         return rc;
2924 }
2925
2926 static int
2927 ip_rfc1001_connect(struct TCP_Server_Info *server)
2928 {
2929         int rc = 0;
2930         /*
2931          * some servers require RFC1001 sessinit before sending
2932          * negprot - BB check reconnection in case where second
2933          * sessinit is sent but no second negprot
2934          */
2935         struct rfc1002_session_packet *ses_init_buf;
2936         struct smb_hdr *smb_buf;
2937         ses_init_buf = kzalloc(sizeof(struct rfc1002_session_packet),
2938                                GFP_KERNEL);
2939         if (ses_init_buf) {
2940                 ses_init_buf->trailer.session_req.called_len = 32;
2941
2942                 if (server->server_RFC1001_name &&
2943                     server->server_RFC1001_name[0] != 0)
2944                         rfc1002mangle(ses_init_buf->trailer.
2945                                       session_req.called_name,
2946                                       server->server_RFC1001_name,
2947                                       RFC1001_NAME_LEN_WITH_NULL);
2948                 else
2949                         rfc1002mangle(ses_init_buf->trailer.
2950                                       session_req.called_name,
2951                                       DEFAULT_CIFS_CALLED_NAME,
2952                                       RFC1001_NAME_LEN_WITH_NULL);
2953
2954                 ses_init_buf->trailer.session_req.calling_len = 32;
2955
2956                 /*
2957                  * calling name ends in null (byte 16) from old smb
2958                  * convention.
2959                  */
2960                 if (server->workstation_RFC1001_name &&
2961                     server->workstation_RFC1001_name[0] != 0)
2962                         rfc1002mangle(ses_init_buf->trailer.
2963                                       session_req.calling_name,
2964                                       server->workstation_RFC1001_name,
2965                                       RFC1001_NAME_LEN_WITH_NULL);
2966                 else
2967                         rfc1002mangle(ses_init_buf->trailer.
2968                                       session_req.calling_name,
2969                                       "LINUX_CIFS_CLNT",
2970                                       RFC1001_NAME_LEN_WITH_NULL);
2971
2972                 ses_init_buf->trailer.session_req.scope1 = 0;
2973                 ses_init_buf->trailer.session_req.scope2 = 0;
2974                 smb_buf = (struct smb_hdr *)ses_init_buf;
2975
2976                 /* sizeof RFC1002_SESSION_REQUEST with no scope */
2977                 smb_buf->smb_buf_length = cpu_to_be32(0x81000044);
2978                 rc = smb_send(server, smb_buf, 0x44);
2979                 kfree(ses_init_buf);
2980                 /*
2981                  * RFC1001 layer in at least one server
2982                  * requires very short break before negprot
2983                  * presumably because not expecting negprot
2984                  * to follow so fast.  This is a simple
2985                  * solution that works without
2986                  * complicating the code and causes no
2987                  * significant slowing down on mount
2988                  * for everyone else
2989                  */
2990                 usleep_range(1000, 2000);
2991         }
2992         /*
2993          * else the negprot may still work without this
2994          * even though malloc failed
2995          */
2996
2997         return rc;
2998 }
2999
3000 static int
3001 generic_ip_connect(struct TCP_Server_Info *server)
3002 {
3003         int rc = 0;
3004         __be16 sport;
3005         int slen, sfamily;
3006         struct socket *socket = server->ssocket;
3007         struct sockaddr *saddr;
3008
3009         saddr = (struct sockaddr *) &server->dstaddr;
3010
3011         if (server->dstaddr.ss_family == AF_INET6) {
3012                 sport = ((struct sockaddr_in6 *) saddr)->sin6_port;
3013                 slen = sizeof(struct sockaddr_in6);
3014                 sfamily = AF_INET6;
3015         } else {
3016                 sport = ((struct sockaddr_in *) saddr)->sin_port;
3017                 slen = sizeof(struct sockaddr_in);
3018                 sfamily = AF_INET;
3019         }
3020
3021         if (socket == NULL) {
3022                 rc = __sock_create(cifs_net_ns(server), sfamily, SOCK_STREAM,
3023                                    IPPROTO_TCP, &socket, 1);
3024                 if (rc < 0) {
3025                         cERROR(1, "Error %d creating socket", rc);
3026                         server->ssocket = NULL;
3027                         return rc;
3028                 }
3029
3030                 /* BB other socket options to set KEEPALIVE, NODELAY? */
3031                 cFYI(1, "Socket created");
3032                 server->ssocket = socket;
3033                 socket->sk->sk_allocation = GFP_NOFS;
3034                 if (sfamily == AF_INET6)
3035                         cifs_reclassify_socket6(socket);
3036                 else
3037                         cifs_reclassify_socket4(socket);
3038         }
3039
3040         rc = bind_socket(server);
3041         if (rc < 0)
3042                 return rc;
3043
3044         /*
3045          * Eventually check for other socket options to change from
3046          * the default. sock_setsockopt not used because it expects
3047          * user space buffer
3048          */
3049         socket->sk->sk_rcvtimeo = 7 * HZ;
3050         socket->sk->sk_sndtimeo = 5 * HZ;
3051
3052         /* make the bufsizes depend on wsize/rsize and max requests */
3053         if (server->noautotune) {
3054                 if (socket->sk->sk_sndbuf < (200 * 1024))
3055                         socket->sk->sk_sndbuf = 200 * 1024;
3056                 if (socket->sk->sk_rcvbuf < (140 * 1024))
3057                         socket->sk->sk_rcvbuf = 140 * 1024;
3058         }
3059
3060         if (server->tcp_nodelay) {
3061                 int val = 1;
3062                 rc = kernel_setsockopt(socket, SOL_TCP, TCP_NODELAY,
3063                                 (char *)&val, sizeof(val));
3064                 if (rc)
3065                         cFYI(1, "set TCP_NODELAY socket option error %d", rc);
3066         }
3067
3068          cFYI(1, "sndbuf %d rcvbuf %d rcvtimeo 0x%lx",
3069                  socket->sk->sk_sndbuf,
3070                  socket->sk->sk_rcvbuf, socket->sk->sk_rcvtimeo);
3071
3072         rc = socket->ops->connect(socket, saddr, slen, 0);
3073         if (rc < 0) {
3074                 cFYI(1, "Error %d connecting to server", rc);
3075                 sock_release(socket);
3076                 server->ssocket = NULL;
3077                 return rc;
3078         }
3079
3080         if (sport == htons(RFC1001_PORT))
3081                 rc = ip_rfc1001_connect(server);
3082
3083         return rc;
3084 }
3085
3086 static int
3087 ip_connect(struct TCP_Server_Info *server)
3088 {
3089         __be16 *sport;
3090         struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *)&server->dstaddr;
3091         struct sockaddr_in *addr = (struct sockaddr_in *)&server->dstaddr;
3092
3093         if (server->dstaddr.ss_family == AF_INET6)
3094                 sport = &addr6->sin6_port;
3095         else
3096                 sport = &addr->sin_port;
3097
3098         if (*sport == 0) {
3099                 int rc;
3100
3101                 /* try with 445 port at first */
3102                 *sport = htons(CIFS_PORT);
3103
3104                 rc = generic_ip_connect(server);
3105                 if (rc >= 0)
3106                         return rc;
3107
3108                 /* if it failed, try with 139 port */
3109                 *sport = htons(RFC1001_PORT);
3110         }
3111
3112         return generic_ip_connect(server);
3113 }
3114
3115 void reset_cifs_unix_caps(int xid, struct cifs_tcon *tcon,
3116                           struct cifs_sb_info *cifs_sb, struct smb_vol *vol_info)
3117 {
3118         /* if we are reconnecting then should we check to see if
3119          * any requested capabilities changed locally e.g. via
3120          * remount but we can not do much about it here
3121          * if they have (even if we could detect it by the following)
3122          * Perhaps we could add a backpointer to array of sb from tcon
3123          * or if we change to make all sb to same share the same
3124          * sb as NFS - then we only have one backpointer to sb.
3125          * What if we wanted to mount the server share twice once with
3126          * and once without posixacls or posix paths? */
3127         __u64 saved_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3128
3129         if (vol_info && vol_info->no_linux_ext) {
3130                 tcon->fsUnixInfo.Capability = 0;
3131                 tcon->unix_ext = 0; /* Unix Extensions disabled */
3132                 cFYI(1, "Linux protocol extensions disabled");
3133                 return;
3134         } else if (vol_info)
3135                 tcon->unix_ext = 1; /* Unix Extensions supported */
3136
3137         if (tcon->unix_ext == 0) {
3138                 cFYI(1, "Unix extensions disabled so not set on reconnect");
3139                 return;
3140         }
3141
3142         if (!CIFSSMBQFSUnixInfo(xid, tcon)) {
3143                 __u64 cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3144                 cFYI(1, "unix caps which server supports %lld", cap);
3145                 /* check for reconnect case in which we do not
3146                    want to change the mount behavior if we can avoid it */
3147                 if (vol_info == NULL) {
3148                         /* turn off POSIX ACL and PATHNAMES if not set
3149                            originally at mount time */
3150                         if ((saved_cap & CIFS_UNIX_POSIX_ACL_CAP) == 0)
3151                                 cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
3152                         if ((saved_cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
3153                                 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
3154                                         cERROR(1, "POSIXPATH support change");
3155                                 cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
3156                         } else if ((cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) == 0) {
3157                                 cERROR(1, "possible reconnect error");
3158                                 cERROR(1, "server disabled POSIX path support");
3159                         }
3160                 }
3161
3162                 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
3163                         cERROR(1, "per-share encryption not supported yet");
3164
3165                 cap &= CIFS_UNIX_CAP_MASK;
3166                 if (vol_info && vol_info->no_psx_acl)
3167                         cap &= ~CIFS_UNIX_POSIX_ACL_CAP;
3168                 else if (CIFS_UNIX_POSIX_ACL_CAP & cap) {
3169                         cFYI(1, "negotiated posix acl support");
3170                         if (cifs_sb)
3171                                 cifs_sb->mnt_cifs_flags |=
3172                                         CIFS_MOUNT_POSIXACL;
3173                 }
3174
3175                 if (vol_info && vol_info->posix_paths == 0)
3176                         cap &= ~CIFS_UNIX_POSIX_PATHNAMES_CAP;
3177                 else if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP) {
3178                         cFYI(1, "negotiate posix pathnames");
3179                         if (cifs_sb)
3180                                 cifs_sb->mnt_cifs_flags |=
3181                                         CIFS_MOUNT_POSIX_PATHS;
3182                 }
3183
3184                 cFYI(1, "Negotiate caps 0x%x", (int)cap);
3185 #ifdef CONFIG_CIFS_DEBUG2
3186                 if (cap & CIFS_UNIX_FCNTL_CAP)
3187                         cFYI(1, "FCNTL cap");
3188                 if (cap & CIFS_UNIX_EXTATTR_CAP)
3189                         cFYI(1, "EXTATTR cap");
3190                 if (cap & CIFS_UNIX_POSIX_PATHNAMES_CAP)
3191                         cFYI(1, "POSIX path cap");
3192                 if (cap & CIFS_UNIX_XATTR_CAP)
3193                         cFYI(1, "XATTR cap");
3194                 if (cap & CIFS_UNIX_POSIX_ACL_CAP)
3195                         cFYI(1, "POSIX ACL cap");
3196                 if (cap & CIFS_UNIX_LARGE_READ_CAP)
3197                         cFYI(1, "very large read cap");
3198                 if (cap & CIFS_UNIX_LARGE_WRITE_CAP)
3199                         cFYI(1, "very large write cap");
3200                 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP)
3201                         cFYI(1, "transport encryption cap");
3202                 if (cap & CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)
3203                         cFYI(1, "mandatory transport encryption cap");
3204 #endif /* CIFS_DEBUG2 */
3205                 if (CIFSSMBSetFSUnixInfo(xid, tcon, cap)) {
3206                         if (vol_info == NULL) {
3207                                 cFYI(1, "resetting capabilities failed");
3208                         } else
3209                                 cERROR(1, "Negotiating Unix capabilities "
3210                                            "with the server failed.  Consider "
3211                                            "mounting with the Unix Extensions\n"
3212                                            "disabled, if problems are found, "
3213                                            "by specifying the nounix mount "
3214                                            "option.");
3215
3216                 }
3217         }
3218 }
3219
3220 void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
3221                         struct cifs_sb_info *cifs_sb)
3222 {
3223         INIT_DELAYED_WORK(&cifs_sb->prune_tlinks, cifs_prune_tlinks);
3224
3225         spin_lock_init(&cifs_sb->tlink_tree_lock);
3226         cifs_sb->tlink_tree = RB_ROOT;
3227
3228         /*
3229          * Temporarily set r/wsize for matching superblock. If we end up using
3230          * new sb then client will later negotiate it downward if needed.
3231          */
3232         cifs_sb->rsize = pvolume_info->rsize;
3233         cifs_sb->wsize = pvolume_info->wsize;
3234
3235         cifs_sb->mnt_uid = pvolume_info->linux_uid;
3236         cifs_sb->mnt_gid = pvolume_info->linux_gid;
3237         cifs_sb->mnt_file_mode = pvolume_info->file_mode;
3238         cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
3239         cFYI(1, "file mode: 0x%hx  dir mode: 0x%hx",
3240                 cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
3241
3242         cifs_sb->actimeo = pvolume_info->actimeo;
3243         cifs_sb->local_nls = pvolume_info->local_nls;
3244
3245         if (pvolume_info->noperm)
3246                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
3247         if (pvolume_info->setuids)
3248                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
3249         if (pvolume_info->server_ino)
3250                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
3251         if (pvolume_info->remap)
3252                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
3253         if (pvolume_info->no_xattr)
3254                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
3255         if (pvolume_info->sfu_emul)
3256                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
3257         if (pvolume_info->nobrl)
3258                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
3259         if (pvolume_info->nostrictsync)
3260                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOSSYNC;
3261         if (pvolume_info->mand_lock)
3262                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NOPOSIXBRL;
3263         if (pvolume_info->rwpidforward)
3264                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
3265         if (pvolume_info->cifs_acl)
3266                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
3267         if (pvolume_info->backupuid_specified) {
3268                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
3269                 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
3270         }
3271         if (pvolume_info->backupgid_specified) {
3272                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
3273                 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
3274         }
3275         if (pvolume_info->override_uid)
3276                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
3277         if (pvolume_info->override_gid)
3278                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
3279         if (pvolume_info->dynperm)
3280                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
3281         if (pvolume_info->fsc)
3282                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_FSCACHE;
3283         if (pvolume_info->multiuser)
3284                 cifs_sb->mnt_cifs_flags |= (CIFS_MOUNT_MULTIUSER |
3285                                             CIFS_MOUNT_NO_PERM);
3286         if (pvolume_info->strict_io)
3287                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_STRICT_IO;
3288         if (pvolume_info->direct_io) {
3289                 cFYI(1, "mounting share using direct i/o");
3290                 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
3291         }
3292         if (pvolume_info->mfsymlinks) {
3293                 if (pvolume_info->sfu_emul) {
3294                         cERROR(1,  "mount option mfsymlinks ignored if sfu "
3295                                    "mount option is used");
3296                 } else {
3297                         cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MF_SYMLINKS;
3298                 }
3299         }
3300
3301         if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
3302                 cERROR(1, "mount option dynperm ignored if cifsacl "
3303                            "mount option supported");
3304 }
3305
3306 /*
3307  * When the server supports very large reads and writes via POSIX extensions,
3308  * we can allow up to 2^24-1, minus the size of a READ/WRITE_AND_X header, not
3309  * including the RFC1001 length.
3310  *
3311  * Note that this might make for "interesting" allocation problems during
3312  * writeback however as we have to allocate an array of pointers for the
3313  * pages. A 16M write means ~32kb page array with PAGE_CACHE_SIZE == 4096.
3314  *
3315  * For reads, there is a similar problem as we need to allocate an array
3316  * of kvecs to handle the receive, though that should only need to be done
3317  * once.
3318  */
3319 #define CIFS_MAX_WSIZE ((1<<24) - 1 - sizeof(WRITE_REQ) + 4)
3320 #define CIFS_MAX_RSIZE ((1<<24) - sizeof(READ_RSP) + 4)
3321
3322 /*
3323  * When the server doesn't allow large posix writes, only allow a rsize/wsize
3324  * of 2^17-1 minus the size of the call header. That allows for a read or
3325  * write up to the maximum size described by RFC1002.
3326  */
3327 #define CIFS_MAX_RFC1002_WSIZE ((1<<17) - 1 - sizeof(WRITE_REQ) + 4)
3328 #define CIFS_MAX_RFC1002_RSIZE ((1<<17) - 1 - sizeof(READ_RSP) + 4)
3329
3330 /*
3331  * The default wsize is 1M. find_get_pages seems to return a maximum of 256
3332  * pages in a single call. With PAGE_CACHE_SIZE == 4k, this means we can fill
3333  * a single wsize request with a single call.
3334  */
3335 #define CIFS_DEFAULT_IOSIZE (1024 * 1024)
3336
3337 /*
3338  * Windows only supports a max of 60kb reads and 65535 byte writes. Default to
3339  * those values when posix extensions aren't in force. In actuality here, we
3340  * use 65536 to allow for a write that is a multiple of 4k. Most servers seem
3341  * to be ok with the extra byte even though Windows doesn't send writes that
3342  * are that large.
3343  *
3344  * Citation:
3345  *
3346  * http://blogs.msdn.com/b/openspecification/archive/2009/04/10/smb-maximum-transmit-buffer-size-and-performance-tuning.aspx
3347  */
3348 #define CIFS_DEFAULT_NON_POSIX_RSIZE (60 * 1024)
3349 #define CIFS_DEFAULT_NON_POSIX_WSIZE (65536)
3350
3351 /*
3352  * On hosts with high memory, we can't currently support wsize/rsize that are
3353  * larger than we can kmap at once. Cap the rsize/wsize at
3354  * LAST_PKMAP * PAGE_SIZE. We'll never be able to fill a read or write request
3355  * larger than that anyway.
3356  */
3357 #ifdef CONFIG_HIGHMEM
3358 #define CIFS_KMAP_SIZE_LIMIT    (LAST_PKMAP * PAGE_CACHE_SIZE)
3359 #else /* CONFIG_HIGHMEM */
3360 #define CIFS_KMAP_SIZE_LIMIT    (1<<24)
3361 #endif /* CONFIG_HIGHMEM */
3362
3363 static unsigned int
3364 cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
3365 {
3366         __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3367         struct TCP_Server_Info *server = tcon->ses->server;
3368         unsigned int wsize;
3369
3370         /* start with specified wsize, or default */
3371         if (pvolume_info->wsize)
3372                 wsize = pvolume_info->wsize;
3373         else if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
3374                 wsize = CIFS_DEFAULT_IOSIZE;
3375         else
3376                 wsize = CIFS_DEFAULT_NON_POSIX_WSIZE;
3377
3378         /* can server support 24-bit write sizes? (via UNIX extensions) */
3379         if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP))
3380                 wsize = min_t(unsigned int, wsize, CIFS_MAX_RFC1002_WSIZE);
3381
3382         /*
3383          * no CAP_LARGE_WRITE_X or is signing enabled without CAP_UNIX set?
3384          * Limit it to max buffer offered by the server, minus the size of the
3385          * WRITEX header, not including the 4 byte RFC1001 length.
3386          */
3387         if (!(server->capabilities & CAP_LARGE_WRITE_X) ||
3388             (!(server->capabilities & CAP_UNIX) &&
3389              (server->sec_mode & (SECMODE_SIGN_ENABLED|SECMODE_SIGN_REQUIRED))))
3390                 wsize = min_t(unsigned int, wsize,
3391                                 server->maxBuf - sizeof(WRITE_REQ) + 4);
3392
3393         /* limit to the amount that we can kmap at once */
3394         wsize = min_t(unsigned int, wsize, CIFS_KMAP_SIZE_LIMIT);
3395
3396         /* hard limit of CIFS_MAX_WSIZE */
3397         wsize = min_t(unsigned int, wsize, CIFS_MAX_WSIZE);
3398
3399         return wsize;
3400 }
3401
3402 static unsigned int
3403 cifs_negotiate_rsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info)
3404 {
3405         __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability);
3406         struct TCP_Server_Info *server = tcon->ses->server;
3407         unsigned int rsize, defsize;
3408
3409         /*
3410          * Set default value...
3411          *
3412          * HACK alert! Ancient servers have very small buffers. Even though
3413          * MS-CIFS indicates that servers are only limited by the client's
3414          * bufsize for reads, testing against win98se shows that it throws
3415          * INVALID_PARAMETER errors if you try to request too large a read.
3416          * OS/2 just sends back short reads.
3417          *
3418          * If the server doesn't advertise CAP_LARGE_READ_X, then assume that
3419          * it can't handle a read request larger than its MaxBufferSize either.
3420          */
3421         if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_READ_CAP))
3422                 defsize = CIFS_DEFAULT_IOSIZE;
3423         else if (server->capabilities & CAP_LARGE_READ_X)
3424                 defsize = CIFS_DEFAULT_NON_POSIX_RSIZE;
3425         else
3426                 defsize = server->maxBuf - sizeof(READ_RSP);
3427
3428         rsize = pvolume_info->rsize ? pvolume_info->rsize : defsize;
3429
3430         /*
3431          * no CAP_LARGE_READ_X? Then MS-CIFS states that we must limit this to
3432          * the client's MaxBufferSize.
3433          */
3434         if (!(server->capabilities & CAP_LARGE_READ_X))
3435                 rsize = min_t(unsigned int, CIFSMaxBufSize, rsize);
3436
3437         /* limit to the amount that we can kmap at once */
3438         rsize = min_t(unsigned int, rsize, CIFS_KMAP_SIZE_LIMIT);
3439
3440         /* hard limit of CIFS_MAX_RSIZE */
3441         rsize = min_t(unsigned int, rsize, CIFS_MAX_RSIZE);
3442
3443         return rsize;
3444 }
3445
3446 static int
3447 is_path_accessible(int xid, struct cifs_tcon *tcon,
3448                    struct cifs_sb_info *cifs_sb, const char *full_path)
3449 {
3450         int rc;
3451         FILE_ALL_INFO *pfile_info;
3452
3453         pfile_info = kmalloc(sizeof(FILE_ALL_INFO), GFP_KERNEL);
3454         if (pfile_info == NULL)
3455                 return -ENOMEM;
3456
3457         rc = CIFSSMBQPathInfo(xid, tcon, full_path, pfile_info,
3458                               0 /* not legacy */, cifs_sb->local_nls,
3459                               cifs_sb->mnt_cifs_flags &
3460                                 CIFS_MOUNT_MAP_SPECIAL_CHR);
3461
3462         if (rc == -EOPNOTSUPP || rc == -EINVAL)
3463                 rc = SMBQueryInformation(xid, tcon, full_path, pfile_info,
3464                                 cifs_sb->local_nls, cifs_sb->mnt_cifs_flags &
3465                                   CIFS_MOUNT_MAP_SPECIAL_CHR);
3466         kfree(pfile_info);
3467         return rc;
3468 }
3469
3470 static void
3471 cleanup_volume_info_contents(struct smb_vol *volume_info)
3472 {
3473         kfree(volume_info->username);
3474         kzfree(volume_info->password);
3475         if (volume_info->UNCip != volume_info->UNC + 2)
3476                 kfree(volume_info->UNCip);
3477         kfree(volume_info->UNC);
3478         kfree(volume_info->domainname);
3479         kfree(volume_info->iocharset);
3480         kfree(volume_info->prepath);
3481 }
3482
3483 void
3484 cifs_cleanup_volume_info(struct smb_vol *volume_info)
3485 {
3486         if (!volume_info)
3487                 return;
3488         cleanup_volume_info_contents(volume_info);
3489         kfree(volume_info);
3490 }
3491
3492
3493 #ifdef CONFIG_CIFS_DFS_UPCALL
3494 /* build_path_to_root returns full path to root when
3495  * we do not have an exiting connection (tcon) */
3496 static char *
3497 build_unc_path_to_root(const struct smb_vol *vol,
3498                 const struct cifs_sb_info *cifs_sb)
3499 {
3500         char *full_path, *pos;
3501         unsigned int pplen = vol->prepath ? strlen(vol->prepath) : 0;
3502         unsigned int unc_len = strnlen(vol->UNC, MAX_TREE_SIZE + 1);
3503
3504         full_path = kmalloc(unc_len + pplen + 1, GFP_KERNEL);
3505         if (full_path == NULL)
3506                 return ERR_PTR(-ENOMEM);
3507
3508         strncpy(full_path, vol->UNC, unc_len);
3509         pos = full_path + unc_len;
3510
3511         if (pplen) {
3512                 strncpy(pos, vol->prepath, pplen);
3513                 pos += pplen;
3514         }
3515
3516         *pos = '\0'; /* add trailing null */
3517         convert_delimiter(full_path, CIFS_DIR_SEP(cifs_sb));
3518         cFYI(1, "%s: full_path=%s", __func__, full_path);
3519         return full_path;
3520 }
3521
3522 /*
3523  * Perform a dfs referral query for a share and (optionally) prefix
3524  *
3525  * If a referral is found, cifs_sb->mountdata will be (re-)allocated
3526  * to a string containing updated options for the submount.  Otherwise it
3527  * will be left untouched.
3528  *
3529  * Returns the rc from get_dfs_path to the caller, which can be used to
3530  * determine whether there were referrals.
3531  */
3532 static int
3533 expand_dfs_referral(int xid, struct cifs_ses *pSesInfo,
3534                     struct smb_vol *volume_info, struct cifs_sb_info *cifs_sb,
3535                     int check_prefix)
3536 {
3537         int rc;
3538         unsigned int num_referrals = 0;
3539         struct dfs_info3_param *referrals = NULL;
3540         char *full_path = NULL, *ref_path = NULL, *mdata = NULL;
3541
3542         full_path = build_unc_path_to_root(volume_info, cifs_sb);
3543         if (IS_ERR(full_path))
3544                 return PTR_ERR(full_path);
3545
3546         /* For DFS paths, skip the first '\' of the UNC */
3547         ref_path = check_prefix ? full_path + 1 : volume_info->UNC + 1;
3548
3549         rc = get_dfs_path(xid, pSesInfo , ref_path, cifs_sb->local_nls,
3550                           &num_referrals, &referrals,
3551                           cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MAP_SPECIAL_CHR);
3552
3553         if (!rc && num_referrals > 0) {
3554                 char *fake_devname = NULL;
3555
3556                 mdata = cifs_compose_mount_options(cifs_sb->mountdata,
3557                                                    full_path + 1, referrals,
3558                                                    &fake_devname);
3559
3560                 free_dfs_info_array(referrals, num_referrals);
3561
3562                 if (IS_ERR(mdata)) {
3563                         rc = PTR_ERR(mdata);
3564                         mdata = NULL;
3565                 } else {
3566                         cleanup_volume_info_contents(volume_info);
3567                         memset(volume_info, '\0', sizeof(*volume_info));
3568                         rc = cifs_setup_volume_info(volume_info, mdata,
3569                                                         fake_devname);
3570                 }
3571                 kfree(fake_devname);
3572                 kfree(cifs_sb->mountdata);
3573                 cifs_sb->mountdata = mdata;
3574         }
3575         kfree(full_path);
3576         return rc;
3577 }
3578 #endif
3579
3580 static int
3581 cifs_setup_volume_info(struct smb_vol *volume_info, char *mount_data,
3582                         const char *devname)
3583 {
3584         int rc = 0;
3585
3586         if (cifs_parse_mount_options(mount_data, devname, volume_info))
3587                 return -EINVAL;
3588
3589         if (volume_info->nullauth) {
3590                 cFYI(1, "Anonymous login");
3591                 kfree(volume_info->username);
3592                 volume_info->username = NULL;
3593         } else if (volume_info->username) {
3594                 /* BB fixme parse for domain name here */
3595                 cFYI(1, "Username: %s", volume_info->username);
3596         } else {
3597                 cifserror("No username specified");
3598         /* In userspace mount helper we can get user name from alternate
3599            locations such as env variables and files on disk */
3600                 return -EINVAL;
3601         }
3602
3603         /* this is needed for ASCII cp to Unicode converts */
3604         if (volume_info->iocharset == NULL) {
3605                 /* load_nls_default cannot return null */
3606                 volume_info->local_nls = load_nls_default();
3607         } else {
3608                 volume_info->local_nls = load_nls(volume_info->iocharset);
3609                 if (volume_info->local_nls == NULL) {
3610                         cERROR(1, "CIFS mount error: iocharset %s not found",
3611                                  volume_info->iocharset);
3612                         return -ELIBACC;
3613                 }
3614         }
3615
3616         return rc;
3617 }
3618
3619 struct smb_vol *
3620 cifs_get_volume_info(char *mount_data, const char *devname)
3621 {
3622         int rc;
3623         struct smb_vol *volume_info;
3624
3625         volume_info = kzalloc(sizeof(struct smb_vol), GFP_KERNEL);
3626         if (!volume_info)
3627                 return ERR_PTR(-ENOMEM);
3628
3629         rc = cifs_setup_volume_info(volume_info, mount_data, devname);
3630         if (rc) {
3631                 cifs_cleanup_volume_info(volume_info);
3632                 volume_info = ERR_PTR(rc);
3633         }
3634
3635         return volume_info;
3636 }
3637
3638 int
3639 cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
3640 {
3641         int rc;
3642         int xid;
3643         struct cifs_ses *pSesInfo;
3644         struct cifs_tcon *tcon;
3645         struct TCP_Server_Info *srvTcp;
3646         char   *full_path;
3647         struct tcon_link *tlink;
3648 #ifdef CONFIG_CIFS_DFS_UPCALL
3649         int referral_walks_count = 0;
3650 #endif
3651
3652         rc = bdi_setup_and_register(&cifs_sb->bdi, "cifs", BDI_CAP_MAP_COPY);
3653         if (rc)
3654                 return rc;
3655
3656 #ifdef CONFIG_CIFS_DFS_UPCALL
3657 try_mount_again:
3658         /* cleanup activities if we're chasing a referral */
3659         if (referral_walks_count) {
3660                 if (tcon)
3661                         cifs_put_tcon(tcon);
3662                 else if (pSesInfo)
3663                         cifs_put_smb_ses(pSesInfo);
3664
3665                 FreeXid(xid);
3666         }
3667 #endif
3668         rc = 0;
3669         tcon = NULL;
3670         pSesInfo = NULL;
3671         srvTcp = NULL;
3672         full_path = NULL;
3673         tlink = NULL;
3674
3675         xid = GetXid();
3676
3677         /* get a reference to a tcp session */
3678         srvTcp = cifs_get_tcp_session(volume_info);
3679         if (IS_ERR(srvTcp)) {
3680                 rc = PTR_ERR(srvTcp);
3681                 bdi_destroy(&cifs_sb->bdi);
3682                 goto out;
3683         }
3684
3685         /* get a reference to a SMB session */
3686         pSesInfo = cifs_get_smb_ses(srvTcp, volume_info);
3687         if (IS_ERR(pSesInfo)) {
3688                 rc = PTR_ERR(pSesInfo);
3689                 pSesInfo = NULL;
3690                 goto mount_fail_check;
3691         }
3692
3693         /* search for existing tcon to this server share */
3694         tcon = cifs_get_tcon(pSesInfo, volume_info);
3695         if (IS_ERR(tcon)) {
3696                 rc = PTR_ERR(tcon);
3697                 tcon = NULL;
3698                 goto remote_path_check;
3699         }
3700
3701         /* tell server which Unix caps we support */
3702         if (tcon->ses->capabilities & CAP_UNIX) {
3703                 /* reset of caps checks mount to see if unix extensions
3704                    disabled for just this mount */
3705                 reset_cifs_unix_caps(xid, tcon, cifs_sb, volume_info);
3706                 if ((tcon->ses->server->tcpStatus == CifsNeedReconnect) &&
3707                     (le64_to_cpu(tcon->fsUnixInfo.Capability) &
3708                      CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP)) {
3709                         rc = -EACCES;
3710                         goto mount_fail_check;
3711                 }
3712         } else
3713                 tcon->unix_ext = 0; /* server does not support them */
3714
3715         /* do not care if following two calls succeed - informational */
3716         if (!tcon->ipc) {
3717                 CIFSSMBQFSDeviceInfo(xid, tcon);
3718                 CIFSSMBQFSAttributeInfo(xid, tcon);
3719         }
3720
3721         cifs_sb->wsize = cifs_negotiate_wsize(tcon, volume_info);
3722         cifs_sb->rsize = cifs_negotiate_rsize(tcon, volume_info);
3723
3724         /* tune readahead according to rsize */
3725         cifs_sb->bdi.ra_pages = cifs_sb->rsize / PAGE_CACHE_SIZE;
3726
3727 remote_path_check:
3728 #ifdef CONFIG_CIFS_DFS_UPCALL
3729         /*
3730          * Perform an unconditional check for whether there are DFS
3731          * referrals for this path without prefix, to provide support
3732          * for DFS referrals from w2k8 servers which don't seem to respond
3733          * with PATH_NOT_COVERED to requests that include the prefix.
3734          * Chase the referral if found, otherwise continue normally.
3735          */
3736         if (referral_walks_count == 0) {
3737                 int refrc = expand_dfs_referral(xid, pSesInfo, volume_info,
3738                                                 cifs_sb, false);
3739                 if (!refrc) {
3740                         referral_walks_count++;
3741                         goto try_mount_again;
3742                 }
3743         }
3744 #endif
3745
3746         /* check if a whole path is not remote */
3747         if (!rc && tcon) {
3748                 /* build_path_to_root works only when we have a valid tcon */
3749                 full_path = cifs_build_path_to_root(volume_info, cifs_sb, tcon);
3750                 if (full_path == NULL) {
3751                         rc = -ENOMEM;
3752                         goto mount_fail_check;
3753                 }
3754                 rc = is_path_accessible(xid, tcon, cifs_sb, full_path);
3755                 if (rc != 0 && rc != -EREMOTE) {
3756                         kfree(full_path);
3757                         goto mount_fail_check;
3758                 }
3759                 kfree(full_path);
3760         }
3761
3762         /* get referral if needed */
3763         if (rc == -EREMOTE) {
3764 #ifdef CONFIG_CIFS_DFS_UPCALL
3765                 if (referral_walks_count > MAX_NESTED_LINKS) {
3766                         /*
3767                          * BB: when we implement proper loop detection,
3768                          *     we will remove this check. But now we need it
3769                          *     to prevent an indefinite loop if 'DFS tree' is
3770                          *     misconfigured (i.e. has loops).
3771                          */
3772                         rc = -ELOOP;
3773                         goto mount_fail_check;
3774                 }
3775
3776                 rc = expand_dfs_referral(xid, pSesInfo, volume_info, cifs_sb,
3777                                          true);
3778
3779                 if (!rc) {
3780                         referral_walks_count++;
3781                         goto try_mount_again;
3782                 }
3783                 goto mount_fail_check;
3784 #else /* No DFS support, return error on mount */
3785                 rc = -EOPNOTSUPP;
3786 #endif
3787         }
3788
3789         if (rc)
3790                 goto mount_fail_check;
3791
3792         /* now, hang the tcon off of the superblock */
3793         tlink = kzalloc(sizeof *tlink, GFP_KERNEL);
3794         if (tlink == NULL) {
3795                 rc = -ENOMEM;
3796                 goto mount_fail_check;
3797         }
3798
3799         tlink->tl_uid = pSesInfo->linux_uid;
3800         tlink->tl_tcon = tcon;
3801         tlink->tl_time = jiffies;
3802         set_bit(TCON_LINK_MASTER, &tlink->tl_flags);
3803         set_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
3804
3805         cifs_sb->master_tlink = tlink;
3806         spin_lock(&cifs_sb->tlink_tree_lock);
3807         tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
3808         spin_unlock(&cifs_sb->tlink_tree_lock);
3809
3810         queue_delayed_work(cifsiod_wq, &cifs_sb->prune_tlinks,
3811                                 TLINK_IDLE_EXPIRE);
3812
3813 mount_fail_check:
3814         /* on error free sesinfo and tcon struct if needed */
3815         if (rc) {
3816                 /* If find_unc succeeded then rc == 0 so we can not end */
3817                 /* up accidentally freeing someone elses tcon struct */
3818                 if (tcon)
3819                         cifs_put_tcon(tcon);
3820                 else if (pSesInfo)
3821                         cifs_put_smb_ses(pSesInfo);
3822                 else
3823                         cifs_put_tcp_session(srvTcp);
3824                 bdi_destroy(&cifs_sb->bdi);
3825         }
3826
3827 out:
3828         FreeXid(xid);
3829         return rc;
3830 }
3831
3832 /*
3833  * Issue a TREE_CONNECT request. Note that for IPC$ shares, that the tcon
3834  * pointer may be NULL.
3835  */
3836 int
3837 CIFSTCon(unsigned int xid, struct cifs_ses *ses,
3838          const char *tree, struct cifs_tcon *tcon,
3839          const struct nls_table *nls_codepage)
3840 {
3841         struct smb_hdr *smb_buffer;
3842         struct smb_hdr *smb_buffer_response;
3843         TCONX_REQ *pSMB;
3844         TCONX_RSP *pSMBr;
3845         unsigned char *bcc_ptr;
3846         int rc = 0;
3847         int length;
3848         __u16 bytes_left, count;
3849
3850         if (ses == NULL)
3851                 return -EIO;
3852
3853         smb_buffer = cifs_buf_get();
3854         if (smb_buffer == NULL)
3855                 return -ENOMEM;
3856
3857         smb_buffer_response = smb_buffer;
3858
3859         header_assemble(smb_buffer, SMB_COM_TREE_CONNECT_ANDX,
3860                         NULL /*no tid */ , 4 /*wct */ );
3861
3862         smb_buffer->Mid = GetNextMid(ses->server);
3863         smb_buffer->Uid = ses->Suid;
3864         pSMB = (TCONX_REQ *) smb_buffer;
3865         pSMBr = (TCONX_RSP *) smb_buffer_response;
3866
3867         pSMB->AndXCommand = 0xFF;
3868         pSMB->Flags = cpu_to_le16(TCON_EXTENDED_SECINFO);
3869         bcc_ptr = &pSMB->Password[0];
3870         if (!tcon || (ses->server->sec_mode & SECMODE_USER)) {
3871                 pSMB->PasswordLength = cpu_to_le16(1);  /* minimum */
3872                 *bcc_ptr = 0; /* password is null byte */
3873                 bcc_ptr++;              /* skip password */
3874                 /* already aligned so no need to do it below */
3875         } else {
3876                 pSMB->PasswordLength = cpu_to_le16(CIFS_AUTH_RESP_SIZE);
3877                 /* BB FIXME add code to fail this if NTLMv2 or Kerberos
3878                    specified as required (when that support is added to
3879                    the vfs in the future) as only NTLM or the much
3880                    weaker LANMAN (which we do not send by default) is accepted
3881                    by Samba (not sure whether other servers allow
3882                    NTLMv2 password here) */
3883 #ifdef CONFIG_CIFS_WEAK_PW_HASH
3884                 if ((global_secflags & CIFSSEC_MAY_LANMAN) &&
3885                     (ses->server->secType == LANMAN))
3886                         calc_lanman_hash(tcon->password, ses->server->cryptkey,
3887                                          ses->server->sec_mode &
3888                                             SECMODE_PW_ENCRYPT ? true : false,
3889                                          bcc_ptr);
3890                 else
3891 #endif /* CIFS_WEAK_PW_HASH */
3892                 rc = SMBNTencrypt(tcon->password, ses->server->cryptkey,
3893                                         bcc_ptr, nls_codepage);
3894
3895                 bcc_ptr += CIFS_AUTH_RESP_SIZE;
3896                 if (ses->capabilities & CAP_UNICODE) {
3897                         /* must align unicode strings */
3898                         *bcc_ptr = 0; /* null byte password */
3899                         bcc_ptr++;
3900                 }
3901         }
3902
3903         if (ses->server->sec_mode &
3904                         (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
3905                 smb_buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3906
3907         if (ses->capabilities & CAP_STATUS32) {
3908                 smb_buffer->Flags2 |= SMBFLG2_ERR_STATUS;
3909         }
3910         if (ses->capabilities & CAP_DFS) {
3911                 smb_buffer->Flags2 |= SMBFLG2_DFS;
3912         }
3913         if (ses->capabilities & CAP_UNICODE) {
3914                 smb_buffer->Flags2 |= SMBFLG2_UNICODE;
3915                 length =
3916                     cifs_strtoUTF16((__le16 *) bcc_ptr, tree,
3917                         6 /* max utf8 char length in bytes */ *
3918                         (/* server len*/ + 256 /* share len */), nls_codepage);
3919                 bcc_ptr += 2 * length;  /* convert num 16 bit words to bytes */
3920                 bcc_ptr += 2;   /* skip trailing null */
3921         } else {                /* ASCII */
3922                 strcpy(bcc_ptr, tree);
3923                 bcc_ptr += strlen(tree) + 1;
3924         }
3925         strcpy(bcc_ptr, "?????");
3926         bcc_ptr += strlen("?????");
3927         bcc_ptr += 1;
3928         count = bcc_ptr - &pSMB->Password[0];
3929         pSMB->hdr.smb_buf_length = cpu_to_be32(be32_to_cpu(
3930                                         pSMB->hdr.smb_buf_length) + count);
3931         pSMB->ByteCount = cpu_to_le16(count);
3932
3933         rc = SendReceive(xid, ses, smb_buffer, smb_buffer_response, &length,
3934                          0);
3935
3936         /* above now done in SendReceive */
3937         if ((rc == 0) && (tcon != NULL)) {
3938                 bool is_unicode;
3939
3940                 tcon->tidStatus = CifsGood;
3941                 tcon->need_reconnect = false;
3942                 tcon->tid = smb_buffer_response->Tid;
3943                 bcc_ptr = pByteArea(smb_buffer_response);
3944                 bytes_left = get_bcc(smb_buffer_response);
3945                 length = strnlen(bcc_ptr, bytes_left - 2);
3946                 if (smb_buffer->Flags2 & SMBFLG2_UNICODE)
3947                         is_unicode = true;
3948                 else
3949                         is_unicode = false;
3950
3951
3952                 /* skip service field (NB: this field is always ASCII) */
3953                 if (length == 3) {
3954                         if ((bcc_ptr[0] == 'I') && (bcc_ptr[1] == 'P') &&
3955                             (bcc_ptr[2] == 'C')) {
3956                                 cFYI(1, "IPC connection");
3957                                 tcon->ipc = 1;
3958                         }
3959                 } else if (length == 2) {
3960                         if ((bcc_ptr[0] == 'A') && (bcc_ptr[1] == ':')) {
3961                                 /* the most common case */
3962                                 cFYI(1, "disk share connection");
3963                         }
3964                 }
3965                 bcc_ptr += length + 1;
3966                 bytes_left -= (length + 1);
3967                 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
3968
3969                 /* mostly informational -- no need to fail on error here */
3970                 kfree(tcon->nativeFileSystem);
3971                 tcon->nativeFileSystem = cifs_strndup_from_utf16(bcc_ptr,
3972                                                       bytes_left, is_unicode,
3973                                                       nls_codepage);
3974
3975                 cFYI(1, "nativeFileSystem=%s", tcon->nativeFileSystem);
3976
3977                 if ((smb_buffer_response->WordCount == 3) ||
3978                          (smb_buffer_response->WordCount == 7))
3979                         /* field is in same location */
3980                         tcon->Flags = le16_to_cpu(pSMBr->OptionalSupport);
3981                 else
3982                         tcon->Flags = 0;
3983                 cFYI(1, "Tcon flags: 0x%x ", tcon->Flags);
3984         } else if ((rc == 0) && tcon == NULL) {
3985                 /* all we need to save for IPC$ connection */
3986                 ses->ipc_tid = smb_buffer_response->Tid;
3987         }
3988
3989         cifs_buf_release(smb_buffer);
3990         return rc;
3991 }
3992
3993 void
3994 cifs_umount(struct cifs_sb_info *cifs_sb)
3995 {
3996         struct rb_root *root = &cifs_sb->tlink_tree;
3997         struct rb_node *node;
3998         struct tcon_link *tlink;
3999
4000         cancel_delayed_work_sync(&cifs_sb->prune_tlinks);
4001
4002         spin_lock(&cifs_sb->tlink_tree_lock);
4003         while ((node = rb_first(root))) {
4004                 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
4005                 cifs_get_tlink(tlink);
4006                 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
4007                 rb_erase(node, root);
4008
4009                 spin_unlock(&cifs_sb->tlink_tree_lock);
4010                 cifs_put_tlink(tlink);
4011                 spin_lock(&cifs_sb->tlink_tree_lock);
4012         }
4013         spin_unlock(&cifs_sb->tlink_tree_lock);
4014
4015         bdi_destroy(&cifs_sb->bdi);
4016         kfree(cifs_sb->mountdata);
4017         unload_nls(cifs_sb->local_nls);
4018         kfree(cifs_sb);
4019 }
4020
4021 int cifs_negotiate_protocol(unsigned int xid, struct cifs_ses *ses)
4022 {
4023         int rc = 0;
4024         struct TCP_Server_Info *server = ses->server;
4025
4026         /* only send once per connect */
4027         if (server->maxBuf != 0)
4028                 return 0;
4029
4030         cifs_set_credits(server, 1);
4031         rc = CIFSSMBNegotiate(xid, ses);
4032         if (rc == -EAGAIN) {
4033                 /* retry only once on 1st time connection */
4034                 cifs_set_credits(server, 1);
4035                 rc = CIFSSMBNegotiate(xid, ses);
4036                 if (rc == -EAGAIN)
4037                         rc = -EHOSTDOWN;
4038         }
4039         if (rc == 0) {
4040                 spin_lock(&GlobalMid_Lock);
4041                 if (server->tcpStatus == CifsNeedNegotiate)
4042                         server->tcpStatus = CifsGood;
4043                 else
4044                         rc = -EHOSTDOWN;
4045                 spin_unlock(&GlobalMid_Lock);
4046
4047         }
4048
4049         return rc;
4050 }
4051
4052
4053 int cifs_setup_session(unsigned int xid, struct cifs_ses *ses,
4054                         struct nls_table *nls_info)
4055 {
4056         int rc = 0;
4057         struct TCP_Server_Info *server = ses->server;
4058
4059         ses->flags = 0;
4060         ses->capabilities = server->capabilities;
4061         if (linuxExtEnabled == 0)
4062                 ses->capabilities &= (~CAP_UNIX);
4063
4064         cFYI(1, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d",
4065                  server->sec_mode, server->capabilities, server->timeAdj);
4066
4067         rc = CIFS_SessSetup(xid, ses, nls_info);
4068         if (rc) {
4069                 cERROR(1, "Send error in SessSetup = %d", rc);
4070         } else {
4071                 mutex_lock(&ses->server->srv_mutex);
4072                 if (!server->session_estab) {
4073                         server->session_key.response = ses->auth_key.response;
4074                         server->session_key.len = ses->auth_key.len;
4075                         server->sequence_number = 0x2;
4076                         server->session_estab = true;
4077                         ses->auth_key.response = NULL;
4078                 }
4079                 mutex_unlock(&server->srv_mutex);
4080
4081                 cFYI(1, "CIFS Session Established successfully");
4082                 spin_lock(&GlobalMid_Lock);
4083                 ses->status = CifsGood;
4084                 ses->need_reconnect = false;
4085                 spin_unlock(&GlobalMid_Lock);
4086         }
4087
4088         kfree(ses->auth_key.response);
4089         ses->auth_key.response = NULL;
4090         ses->auth_key.len = 0;
4091         kfree(ses->ntlmssp);
4092         ses->ntlmssp = NULL;
4093
4094         return rc;
4095 }
4096
4097 static int
4098 cifs_set_vol_auth(struct smb_vol *vol, struct cifs_ses *ses)
4099 {
4100         switch (ses->server->secType) {
4101         case Kerberos:
4102                 vol->secFlg = CIFSSEC_MUST_KRB5;
4103                 return 0;
4104         case NTLMv2:
4105                 vol->secFlg = CIFSSEC_MUST_NTLMV2;
4106                 break;
4107         case NTLM:
4108                 vol->secFlg = CIFSSEC_MUST_NTLM;
4109                 break;
4110         case RawNTLMSSP:
4111                 vol->secFlg = CIFSSEC_MUST_NTLMSSP;
4112                 break;
4113         case LANMAN:
4114                 vol->secFlg = CIFSSEC_MUST_LANMAN;
4115                 break;
4116         }
4117
4118         return cifs_set_cifscreds(vol, ses);
4119 }
4120
4121 static struct cifs_tcon *
4122 cifs_construct_tcon(struct cifs_sb_info *cifs_sb, uid_t fsuid)
4123 {
4124         int rc;
4125         struct cifs_tcon *master_tcon = cifs_sb_master_tcon(cifs_sb);
4126         struct cifs_ses *ses;
4127         struct cifs_tcon *tcon = NULL;
4128         struct smb_vol *vol_info;
4129
4130         vol_info = kzalloc(sizeof(*vol_info), GFP_KERNEL);
4131         if (vol_info == NULL)
4132                 return ERR_PTR(-ENOMEM);
4133
4134         vol_info->local_nls = cifs_sb->local_nls;
4135         vol_info->linux_uid = fsuid;
4136         vol_info->cred_uid = fsuid;
4137         vol_info->UNC = master_tcon->treeName;
4138         vol_info->retry = master_tcon->retry;
4139         vol_info->nocase = master_tcon->nocase;
4140         vol_info->local_lease = master_tcon->local_lease;
4141         vol_info->no_linux_ext = !master_tcon->unix_ext;
4142
4143         rc = cifs_set_vol_auth(vol_info, master_tcon->ses);
4144         if (rc) {
4145                 tcon = ERR_PTR(rc);
4146                 goto out;
4147         }
4148
4149         /* get a reference for the same TCP session */
4150         spin_lock(&cifs_tcp_ses_lock);
4151         ++master_tcon->ses->server->srv_count;
4152         spin_unlock(&cifs_tcp_ses_lock);
4153
4154         ses = cifs_get_smb_ses(master_tcon->ses->server, vol_info);
4155         if (IS_ERR(ses)) {
4156                 tcon = (struct cifs_tcon *)ses;
4157                 cifs_put_tcp_session(master_tcon->ses->server);
4158                 goto out;
4159         }
4160
4161         tcon = cifs_get_tcon(ses, vol_info);
4162         if (IS_ERR(tcon)) {
4163                 cifs_put_smb_ses(ses);
4164                 goto out;
4165         }
4166
4167         if (ses->capabilities & CAP_UNIX)
4168                 reset_cifs_unix_caps(0, tcon, NULL, vol_info);
4169 out:
4170         kfree(vol_info->username);
4171         kfree(vol_info->password);
4172         kfree(vol_info);
4173
4174         return tcon;
4175 }
4176
4177 struct cifs_tcon *
4178 cifs_sb_master_tcon(struct cifs_sb_info *cifs_sb)
4179 {
4180         return tlink_tcon(cifs_sb_master_tlink(cifs_sb));
4181 }
4182
4183 static int
4184 cifs_sb_tcon_pending_wait(void *unused)
4185 {
4186         schedule();
4187         return signal_pending(current) ? -ERESTARTSYS : 0;
4188 }
4189
4190 /* find and return a tlink with given uid */
4191 static struct tcon_link *
4192 tlink_rb_search(struct rb_root *root, uid_t uid)
4193 {
4194         struct rb_node *node = root->rb_node;
4195         struct tcon_link *tlink;
4196
4197         while (node) {
4198                 tlink = rb_entry(node, struct tcon_link, tl_rbnode);
4199
4200                 if (tlink->tl_uid > uid)
4201                         node = node->rb_left;
4202                 else if (tlink->tl_uid < uid)
4203                         node = node->rb_right;
4204                 else
4205                         return tlink;
4206         }
4207         return NULL;
4208 }
4209
4210 /* insert a tcon_link into the tree */
4211 static void
4212 tlink_rb_insert(struct rb_root *root, struct tcon_link *new_tlink)
4213 {
4214         struct rb_node **new = &(root->rb_node), *parent = NULL;
4215         struct tcon_link *tlink;
4216
4217         while (*new) {
4218                 tlink = rb_entry(*new, struct tcon_link, tl_rbnode);
4219                 parent = *new;
4220
4221                 if (tlink->tl_uid > new_tlink->tl_uid)
4222                         new = &((*new)->rb_left);
4223                 else
4224                         new = &((*new)->rb_right);
4225         }
4226
4227         rb_link_node(&new_tlink->tl_rbnode, parent, new);
4228         rb_insert_color(&new_tlink->tl_rbnode, root);
4229 }
4230
4231 /*
4232  * Find or construct an appropriate tcon given a cifs_sb and the fsuid of the
4233  * current task.
4234  *
4235  * If the superblock doesn't refer to a multiuser mount, then just return
4236  * the master tcon for the mount.
4237  *
4238  * First, search the rbtree for an existing tcon for this fsuid. If one
4239  * exists, then check to see if it's pending construction. If it is then wait
4240  * for construction to complete. Once it's no longer pending, check to see if
4241  * it failed and either return an error or retry construction, depending on
4242  * the timeout.
4243  *
4244  * If one doesn't exist then insert a new tcon_link struct into the tree and
4245  * try to construct a new one.
4246  */
4247 struct tcon_link *
4248 cifs_sb_tlink(struct cifs_sb_info *cifs_sb)
4249 {
4250         int ret;
4251         uid_t fsuid = current_fsuid();
4252         struct tcon_link *tlink, *newtlink;
4253
4254         if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
4255                 return cifs_get_tlink(cifs_sb_master_tlink(cifs_sb));
4256
4257         spin_lock(&cifs_sb->tlink_tree_lock);
4258         tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
4259         if (tlink)
4260                 cifs_get_tlink(tlink);
4261         spin_unlock(&cifs_sb->tlink_tree_lock);
4262
4263         if (tlink == NULL) {
4264                 newtlink = kzalloc(sizeof(*tlink), GFP_KERNEL);
4265                 if (newtlink == NULL)
4266                         return ERR_PTR(-ENOMEM);
4267                 newtlink->tl_uid = fsuid;
4268                 newtlink->tl_tcon = ERR_PTR(-EACCES);
4269                 set_bit(TCON_LINK_PENDING, &newtlink->tl_flags);
4270                 set_bit(TCON_LINK_IN_TREE, &newtlink->tl_flags);
4271                 cifs_get_tlink(newtlink);
4272
4273                 spin_lock(&cifs_sb->tlink_tree_lock);
4274                 /* was one inserted after previous search? */
4275                 tlink = tlink_rb_search(&cifs_sb->tlink_tree, fsuid);
4276                 if (tlink) {
4277                         cifs_get_tlink(tlink);
4278                         spin_unlock(&cifs_sb->tlink_tree_lock);
4279                         kfree(newtlink);
4280                         goto wait_for_construction;
4281                 }
4282                 tlink = newtlink;
4283                 tlink_rb_insert(&cifs_sb->tlink_tree, tlink);
4284                 spin_unlock(&cifs_sb->tlink_tree_lock);
4285         } else {
4286 wait_for_construction:
4287                 ret = wait_on_bit(&tlink->tl_flags, TCON_LINK_PENDING,
4288                                   cifs_sb_tcon_pending_wait,
4289                                   TASK_INTERRUPTIBLE);
4290                 if (ret) {
4291                         cifs_put_tlink(tlink);
4292                         return ERR_PTR(ret);
4293                 }
4294
4295                 /* if it's good, return it */
4296                 if (!IS_ERR(tlink->tl_tcon))
4297                         return tlink;
4298
4299                 /* return error if we tried this already recently */
4300                 if (time_before(jiffies, tlink->tl_time + TLINK_ERROR_EXPIRE)) {
4301                         cifs_put_tlink(tlink);
4302                         return ERR_PTR(-EACCES);
4303                 }
4304
4305                 if (test_and_set_bit(TCON_LINK_PENDING, &tlink->tl_flags))
4306                         goto wait_for_construction;
4307         }
4308
4309         tlink->tl_tcon = cifs_construct_tcon(cifs_sb, fsuid);
4310         clear_bit(TCON_LINK_PENDING, &tlink->tl_flags);
4311         wake_up_bit(&tlink->tl_flags, TCON_LINK_PENDING);
4312
4313         if (IS_ERR(tlink->tl_tcon)) {
4314                 cifs_put_tlink(tlink);
4315                 return ERR_PTR(-EACCES);
4316         }
4317
4318         return tlink;
4319 }
4320
4321 /*
4322  * periodic workqueue job that scans tcon_tree for a superblock and closes
4323  * out tcons.
4324  */
4325 static void
4326 cifs_prune_tlinks(struct work_struct *work)
4327 {
4328         struct cifs_sb_info *cifs_sb = container_of(work, struct cifs_sb_info,
4329                                                     prune_tlinks.work);
4330         struct rb_root *root = &cifs_sb->tlink_tree;
4331         struct rb_node *node = rb_first(root);
4332         struct rb_node *tmp;
4333         struct tcon_link *tlink;
4334
4335         /*
4336          * Because we drop the spinlock in the loop in order to put the tlink
4337          * it's not guarded against removal of links from the tree. The only
4338          * places that remove entries from the tree are this function and
4339          * umounts. Because this function is non-reentrant and is canceled
4340          * before umount can proceed, this is safe.
4341          */
4342         spin_lock(&cifs_sb->tlink_tree_lock);
4343         node = rb_first(root);
4344         while (node != NULL) {
4345                 tmp = node;
4346                 node = rb_next(tmp);
4347                 tlink = rb_entry(tmp, struct tcon_link, tl_rbnode);
4348
4349                 if (test_bit(TCON_LINK_MASTER, &tlink->tl_flags) ||
4350                     atomic_read(&tlink->tl_count) != 0 ||
4351                     time_after(tlink->tl_time + TLINK_IDLE_EXPIRE, jiffies))
4352                         continue;
4353
4354                 cifs_get_tlink(tlink);
4355                 clear_bit(TCON_LINK_IN_TREE, &tlink->tl_flags);
4356                 rb_erase(tmp, root);
4357
4358                 spin_unlock(&cifs_sb->tlink_tree_lock);
4359                 cifs_put_tlink(tlink);
4360                 spin_lock(&cifs_sb->tlink_tree_lock);
4361         }
4362         spin_unlock(&cifs_sb->tlink_tree_lock);
4363
4364         queue_delayed_work(cifsiod_wq, &cifs_sb->prune_tlinks,
4365                                 TLINK_IDLE_EXPIRE);
4366 }