1// SPDX-License-Identifier: GPL-2.0 2/* 3 * Copyright (c) 2022 Paulo Alcantara <palcantara@suse.de> 4 */ 5 6#include "cifsproto.h" 7#include "cifs_debug.h" 8#include "dns_resolve.h" 9#include "fs_context.h" 10#include "dfs.h" 11 12/** 13 * dfs_parse_target_referral - set fs context for dfs target referral 14 * 15 * @full_path: full path in UNC format. 16 * @ref: dfs referral pointer. 17 * @ctx: smb3 fs context pointer. 18 * 19 * Return zero if dfs referral was parsed correctly, otherwise non-zero. 20 */ 21int dfs_parse_target_referral(const char *full_path, const struct dfs_info3_param *ref, 22 struct smb3_fs_context *ctx) 23{ 24 int rc; 25 const char *prepath = NULL; 26 char *path; 27 28 if (!full_path || !*full_path || !ref || !ctx) 29 return -EINVAL; 30 31 if (WARN_ON_ONCE(!ref->node_name || ref->path_consumed < 0)) 32 return -EINVAL; 33 34 if (strlen(full_path) - ref->path_consumed) { 35 prepath = full_path + ref->path_consumed; 36 /* skip initial delimiter */ 37 if (*prepath == '/' || *prepath == '\\') 38 prepath++; 39 } 40 41 path = cifs_build_devname(ref->node_name, prepath); 42 if (IS_ERR(path)) 43 return PTR_ERR(path); 44 45 rc = smb3_parse_devname(path, ctx); 46 if (rc) 47 goto out; 48 49 rc = dns_resolve_server_name_to_ip(path, (struct sockaddr *)&ctx->dstaddr, NULL); 50 51out: 52 kfree(path); 53 return rc; 54} 55 56static int get_session(struct cifs_mount_ctx *mnt_ctx, const char *full_path) 57{ 58 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 59 int rc; 60 61 ctx->leaf_fullpath = (char *)full_path; 62 rc = cifs_mount_get_session(mnt_ctx); 63 ctx->leaf_fullpath = NULL; 64 65 return rc; 66} 67 68/* 69 * Get an active reference of @ses so that next call to cifs_put_tcon() won't 70 * release it as any new DFS referrals must go through its IPC tcon. 71 */ 72static void add_root_smb_session(struct cifs_mount_ctx *mnt_ctx) 73{ 74 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 75 struct cifs_ses *ses = mnt_ctx->ses; 76 77 if (ses) { 78 spin_lock(&cifs_tcp_ses_lock); 79 cifs_smb_ses_inc_refcount(ses); 80 spin_unlock(&cifs_tcp_ses_lock); 81 } 82 ctx->dfs_root_ses = ses; 83} 84 85static inline int parse_dfs_target(struct smb3_fs_context *ctx, 86 struct dfs_ref_walk *rw, 87 struct dfs_info3_param *tgt) 88{ 89 int rc; 90 const char *fpath = ref_walk_fpath(rw) + 1; 91 92 rc = ref_walk_get_tgt(rw, tgt); 93 if (!rc) 94 rc = dfs_parse_target_referral(fpath, tgt, ctx); 95 return rc; 96} 97 98static int set_ref_paths(struct cifs_mount_ctx *mnt_ctx, 99 struct dfs_info3_param *tgt, 100 struct dfs_ref_walk *rw) 101{ 102 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 103 struct cifs_sb_info *cifs_sb = mnt_ctx->cifs_sb; 104 char *ref_path, *full_path; 105 int rc; 106 107 full_path = smb3_fs_context_fullpath(ctx, CIFS_DIR_SEP(cifs_sb)); 108 if (IS_ERR(full_path)) 109 return PTR_ERR(full_path); 110 111 if (!tgt || (tgt->server_type == DFS_TYPE_LINK && 112 DFS_INTERLINK(tgt->flags))) 113 ref_path = dfs_get_path(cifs_sb, ctx->UNC); 114 else 115 ref_path = dfs_get_path(cifs_sb, full_path); 116 if (IS_ERR(ref_path)) { 117 rc = PTR_ERR(ref_path); 118 kfree(full_path); 119 return rc; 120 } 121 ref_walk_path(rw) = ref_path; 122 ref_walk_fpath(rw) = full_path; 123 return 0; 124} 125 126static int __dfs_referral_walk(struct cifs_mount_ctx *mnt_ctx, 127 struct dfs_ref_walk *rw) 128{ 129 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 130 struct dfs_info3_param tgt = {}; 131 bool is_refsrv; 132 int rc = -ENOENT; 133 134again: 135 do { 136 if (ref_walk_empty(rw)) { 137 rc = dfs_get_referral(mnt_ctx, ref_walk_path(rw) + 1, 138 NULL, ref_walk_tl(rw)); 139 if (rc) { 140 rc = cifs_mount_get_tcon(mnt_ctx); 141 if (!rc) 142 rc = cifs_is_path_remote(mnt_ctx); 143 continue; 144 } 145 if (!ref_walk_num_tgts(rw)) { 146 rc = -ENOENT; 147 continue; 148 } 149 } 150 151 while (ref_walk_next_tgt(rw)) { 152 rc = parse_dfs_target(ctx, rw, &tgt); 153 if (rc) 154 continue; 155 156 cifs_mount_put_conns(mnt_ctx); 157 rc = get_session(mnt_ctx, ref_walk_path(rw)); 158 if (rc) 159 continue; 160 161 is_refsrv = tgt.server_type == DFS_TYPE_ROOT || 162 DFS_INTERLINK(tgt.flags); 163 ref_walk_set_tgt_hint(rw); 164 165 if (tgt.flags & DFSREF_STORAGE_SERVER) { 166 rc = cifs_mount_get_tcon(mnt_ctx); 167 if (!rc) 168 rc = cifs_is_path_remote(mnt_ctx); 169 if (!rc) 170 break; 171 if (rc != -EREMOTE) 172 continue; 173 } 174 175 if (is_refsrv) 176 add_root_smb_session(mnt_ctx); 177 178 rc = ref_walk_advance(rw); 179 if (!rc) { 180 rc = set_ref_paths(mnt_ctx, &tgt, rw); 181 if (!rc) { 182 rc = -EREMOTE; 183 goto again; 184 } 185 } 186 if (rc != -ELOOP) 187 goto out; 188 } 189 } while (rc && ref_walk_descend(rw)); 190 191out: 192 free_dfs_info_param(&tgt); 193 return rc; 194} 195 196static int dfs_referral_walk(struct cifs_mount_ctx *mnt_ctx) 197{ 198 struct dfs_ref_walk *rw; 199 int rc; 200 201 rw = ref_walk_alloc(); 202 if (IS_ERR(rw)) 203 return PTR_ERR(rw); 204 205 ref_walk_init(rw); 206 rc = set_ref_paths(mnt_ctx, NULL, rw); 207 if (!rc) 208 rc = __dfs_referral_walk(mnt_ctx, rw); 209 ref_walk_free(rw); 210 return rc; 211} 212 213static int __dfs_mount_share(struct cifs_mount_ctx *mnt_ctx) 214{ 215 struct cifs_sb_info *cifs_sb = mnt_ctx->cifs_sb; 216 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 217 struct cifs_tcon *tcon; 218 char *origin_fullpath; 219 bool new_tcon = true; 220 int rc; 221 222 origin_fullpath = dfs_get_path(cifs_sb, ctx->source); 223 if (IS_ERR(origin_fullpath)) 224 return PTR_ERR(origin_fullpath); 225 226 rc = dfs_referral_walk(mnt_ctx); 227 if (!rc) { 228 /* 229 * Prevent superblock from being created with any missing 230 * connections. 231 */ 232 if (WARN_ON(!mnt_ctx->server)) 233 rc = -EHOSTDOWN; 234 else if (WARN_ON(!mnt_ctx->ses)) 235 rc = -EACCES; 236 else if (WARN_ON(!mnt_ctx->tcon)) 237 rc = -ENOENT; 238 } 239 if (rc) 240 goto out; 241 242 tcon = mnt_ctx->tcon; 243 spin_lock(&tcon->tc_lock); 244 if (!tcon->origin_fullpath) { 245 tcon->origin_fullpath = origin_fullpath; 246 origin_fullpath = NULL; 247 } else { 248 new_tcon = false; 249 } 250 spin_unlock(&tcon->tc_lock); 251 252 if (new_tcon) { 253 queue_delayed_work(dfscache_wq, &tcon->dfs_cache_work, 254 dfs_cache_get_ttl() * HZ); 255 } 256 257out: 258 kfree(origin_fullpath); 259 return rc; 260} 261 262/* 263 * If @ctx->dfs_automount, then update @ctx->dstaddr earlier with the DFS root 264 * server from where we'll start following any referrals. Otherwise rely on the 265 * value provided by mount(2) as the user might not have dns_resolver key set up 266 * and therefore failing to upcall to resolve UNC hostname under @ctx->source. 267 */ 268static int update_fs_context_dstaddr(struct smb3_fs_context *ctx) 269{ 270 struct sockaddr *addr = (struct sockaddr *)&ctx->dstaddr; 271 int rc = 0; 272 273 if (!ctx->nodfs && ctx->dfs_automount) { 274 rc = dns_resolve_server_name_to_ip(ctx->source, addr, NULL); 275 if (!rc) 276 cifs_set_port(addr, ctx->port); 277 ctx->dfs_automount = false; 278 } 279 return rc; 280} 281 282int dfs_mount_share(struct cifs_mount_ctx *mnt_ctx, bool *isdfs) 283{ 284 struct smb3_fs_context *ctx = mnt_ctx->fs_ctx; 285 bool nodfs = ctx->nodfs; 286 int rc; 287 288 rc = update_fs_context_dstaddr(ctx); 289 if (rc) 290 return rc; 291 292 *isdfs = false; 293 rc = get_session(mnt_ctx, NULL); 294 if (rc) 295 return rc; 296 297 /* 298 * If called with 'nodfs' mount option, then skip DFS resolving. Otherwise unconditionally 299 * try to get an DFS referral (even cached) to determine whether it is an DFS mount. 300 * 301 * Skip prefix path to provide support for DFS referrals from w2k8 servers which don't seem 302 * to respond with PATH_NOT_COVERED to requests that include the prefix. 303 */ 304 if (!nodfs) { 305 rc = dfs_get_referral(mnt_ctx, ctx->UNC + 1, NULL, NULL); 306 if (rc) { 307 cifs_dbg(FYI, "%s: no dfs referral for %s: %d\n", 308 __func__, ctx->UNC + 1, rc); 309 cifs_dbg(FYI, "%s: assuming non-dfs mount...\n", __func__); 310 nodfs = true; 311 } 312 } 313 if (nodfs) { 314 rc = cifs_mount_get_tcon(mnt_ctx); 315 if (!rc) 316 rc = cifs_is_path_remote(mnt_ctx); 317 return rc; 318 } 319 320 *isdfs = true; 321 add_root_smb_session(mnt_ctx); 322 rc = __dfs_mount_share(mnt_ctx); 323 dfs_put_root_smb_sessions(mnt_ctx); 324 return rc; 325} 326 327/* Update dfs referral path of superblock */ 328static int update_server_fullpath(struct TCP_Server_Info *server, struct cifs_sb_info *cifs_sb, 329 const char *target) 330{ 331 int rc = 0; 332 size_t len = strlen(target); 333 char *refpath, *npath; 334 335 if (unlikely(len < 2 || *target != '\\')) 336 return -EINVAL; 337 338 if (target[1] == '\\') { 339 len += 1; 340 refpath = kmalloc(len, GFP_KERNEL); 341 if (!refpath) 342 return -ENOMEM; 343 344 scnprintf(refpath, len, "%s", target); 345 } else { 346 len += sizeof("\\"); 347 refpath = kmalloc(len, GFP_KERNEL); 348 if (!refpath) 349 return -ENOMEM; 350 351 scnprintf(refpath, len, "\\%s", target); 352 } 353 354 npath = dfs_cache_canonical_path(refpath, cifs_sb->local_nls, cifs_remap(cifs_sb)); 355 kfree(refpath); 356 357 if (IS_ERR(npath)) { 358 rc = PTR_ERR(npath); 359 } else { 360 mutex_lock(&server->refpath_lock); 361 spin_lock(&server->srv_lock); 362 kfree(server->leaf_fullpath); 363 server->leaf_fullpath = npath; 364 spin_unlock(&server->srv_lock); 365 mutex_unlock(&server->refpath_lock); 366 } 367 return rc; 368} 369 370static int target_share_matches_server(struct TCP_Server_Info *server, char *share, 371 bool *target_match) 372{ 373 int rc = 0; 374 const char *dfs_host; 375 size_t dfs_host_len; 376 377 *target_match = true; 378 extract_unc_hostname(share, &dfs_host, &dfs_host_len); 379 380 /* Check if hostnames or addresses match */ 381 cifs_server_lock(server); 382 if (dfs_host_len != strlen(server->hostname) || 383 strncasecmp(dfs_host, server->hostname, dfs_host_len)) { 384 cifs_dbg(FYI, "%s: %.*s doesn't match %s\n", __func__, 385 (int)dfs_host_len, dfs_host, server->hostname); 386 rc = match_target_ip(server, dfs_host, dfs_host_len, target_match); 387 if (rc) 388 cifs_dbg(VFS, "%s: failed to match target ip: %d\n", __func__, rc); 389 } 390 cifs_server_unlock(server); 391 return rc; 392} 393 394static void __tree_connect_ipc(const unsigned int xid, char *tree, 395 struct cifs_sb_info *cifs_sb, 396 struct cifs_ses *ses) 397{ 398 struct TCP_Server_Info *server = ses->server; 399 struct cifs_tcon *tcon = ses->tcon_ipc; 400 int rc; 401 402 spin_lock(&ses->ses_lock); 403 spin_lock(&ses->chan_lock); 404 if (cifs_chan_needs_reconnect(ses, server) || 405 ses->ses_status != SES_GOOD) { 406 spin_unlock(&ses->chan_lock); 407 spin_unlock(&ses->ses_lock); 408 cifs_server_dbg(FYI, "%s: skipping ipc reconnect due to disconnected ses\n", 409 __func__); 410 return; 411 } 412 spin_unlock(&ses->chan_lock); 413 spin_unlock(&ses->ses_lock); 414 415 cifs_server_lock(server); 416 scnprintf(tree, MAX_TREE_SIZE, "\\\\%s\\IPC$", server->hostname); 417 cifs_server_unlock(server); 418 419 rc = server->ops->tree_connect(xid, ses, tree, tcon, 420 cifs_sb->local_nls); 421 cifs_server_dbg(FYI, "%s: tree_reconnect %s: %d\n", __func__, tree, rc); 422 spin_lock(&tcon->tc_lock); 423 if (rc) { 424 tcon->status = TID_NEED_TCON; 425 } else { 426 tcon->status = TID_GOOD; 427 tcon->need_reconnect = false; 428 } 429 spin_unlock(&tcon->tc_lock); 430} 431 432static void tree_connect_ipc(const unsigned int xid, char *tree, 433 struct cifs_sb_info *cifs_sb, 434 struct cifs_tcon *tcon) 435{ 436 struct cifs_ses *ses = tcon->ses; 437 438 __tree_connect_ipc(xid, tree, cifs_sb, ses); 439 __tree_connect_ipc(xid, tree, cifs_sb, CIFS_DFS_ROOT_SES(ses)); 440} 441 442static int __tree_connect_dfs_target(const unsigned int xid, struct cifs_tcon *tcon, 443 struct cifs_sb_info *cifs_sb, char *tree, bool islink, 444 struct dfs_cache_tgt_list *tl) 445{ 446 int rc; 447 struct TCP_Server_Info *server = tcon->ses->server; 448 const struct smb_version_operations *ops = server->ops; 449 struct cifs_ses *root_ses = CIFS_DFS_ROOT_SES(tcon->ses); 450 char *share = NULL, *prefix = NULL; 451 struct dfs_cache_tgt_iterator *tit; 452 bool target_match; 453 454 tit = dfs_cache_get_tgt_iterator(tl); 455 if (!tit) { 456 rc = -ENOENT; 457 goto out; 458 } 459 460 /* Try to tree connect to all dfs targets */ 461 for (; tit; tit = dfs_cache_get_next_tgt(tl, tit)) { 462 const char *target = dfs_cache_get_tgt_name(tit); 463 DFS_CACHE_TGT_LIST(ntl); 464 465 kfree(share); 466 kfree(prefix); 467 share = prefix = NULL; 468 469 /* Check if share matches with tcp ses */ 470 rc = dfs_cache_get_tgt_share(server->leaf_fullpath + 1, tit, &share, &prefix); 471 if (rc) { 472 cifs_dbg(VFS, "%s: failed to parse target share: %d\n", __func__, rc); 473 break; 474 } 475 476 rc = target_share_matches_server(server, share, &target_match); 477 if (rc) 478 break; 479 if (!target_match) { 480 rc = -EHOSTUNREACH; 481 continue; 482 } 483 484 dfs_cache_noreq_update_tgthint(server->leaf_fullpath + 1, tit); 485 tree_connect_ipc(xid, tree, cifs_sb, tcon); 486 487 scnprintf(tree, MAX_TREE_SIZE, "\\%s", share); 488 if (!islink) { 489 rc = ops->tree_connect(xid, tcon->ses, tree, tcon, cifs_sb->local_nls); 490 break; 491 } 492 493 /* 494 * If no dfs referrals were returned from link target, then just do a TREE_CONNECT 495 * to it. Otherwise, cache the dfs referral and then mark current tcp ses for 496 * reconnect so either the demultiplex thread or the echo worker will reconnect to 497 * newly resolved target. 498 */ 499 if (dfs_cache_find(xid, root_ses, cifs_sb->local_nls, cifs_remap(cifs_sb), target, 500 NULL, &ntl)) { 501 rc = ops->tree_connect(xid, tcon->ses, tree, tcon, cifs_sb->local_nls); 502 if (rc) 503 continue; 504 505 rc = cifs_update_super_prepath(cifs_sb, prefix); 506 } else { 507 /* Target is another dfs share */ 508 rc = update_server_fullpath(server, cifs_sb, target); 509 dfs_cache_free_tgts(tl); 510 511 if (!rc) { 512 rc = -EREMOTE; 513 list_replace_init(&ntl.tl_list, &tl->tl_list); 514 } else 515 dfs_cache_free_tgts(&ntl); 516 } 517 break; 518 } 519 520out: 521 kfree(share); 522 kfree(prefix); 523 524 return rc; 525} 526 527static int tree_connect_dfs_target(const unsigned int xid, struct cifs_tcon *tcon, 528 struct cifs_sb_info *cifs_sb, char *tree, bool islink, 529 struct dfs_cache_tgt_list *tl) 530{ 531 int rc; 532 int num_links = 0; 533 struct TCP_Server_Info *server = tcon->ses->server; 534 char *old_fullpath = server->leaf_fullpath; 535 536 do { 537 rc = __tree_connect_dfs_target(xid, tcon, cifs_sb, tree, islink, tl); 538 if (!rc || rc != -EREMOTE) 539 break; 540 } while (rc = -ELOOP, ++num_links < MAX_NESTED_LINKS); 541 /* 542 * If we couldn't tree connect to any targets from last referral path, then 543 * retry it from newly resolved dfs referral. 544 */ 545 if (rc && server->leaf_fullpath != old_fullpath) 546 cifs_signal_cifsd_for_reconnect(server, true); 547 548 dfs_cache_free_tgts(tl); 549 return rc; 550} 551 552int cifs_tree_connect(const unsigned int xid, struct cifs_tcon *tcon, const struct nls_table *nlsc) 553{ 554 int rc; 555 struct TCP_Server_Info *server = tcon->ses->server; 556 const struct smb_version_operations *ops = server->ops; 557 DFS_CACHE_TGT_LIST(tl); 558 struct cifs_sb_info *cifs_sb = NULL; 559 struct super_block *sb = NULL; 560 struct dfs_info3_param ref = {0}; 561 char *tree; 562 563 /* only send once per connect */ 564 spin_lock(&tcon->tc_lock); 565 566 /* if tcon is marked for needing reconnect, update state */ 567 if (tcon->need_reconnect) 568 tcon->status = TID_NEED_TCON; 569 570 if (tcon->status == TID_GOOD) { 571 spin_unlock(&tcon->tc_lock); 572 return 0; 573 } 574 575 if (tcon->status != TID_NEW && 576 tcon->status != TID_NEED_TCON) { 577 spin_unlock(&tcon->tc_lock); 578 return -EHOSTDOWN; 579 } 580 581 tcon->status = TID_IN_TCON; 582 spin_unlock(&tcon->tc_lock); 583 584 tree = kzalloc(MAX_TREE_SIZE, GFP_KERNEL); 585 if (!tree) { 586 rc = -ENOMEM; 587 goto out; 588 } 589 590 if (tcon->ipc) { 591 cifs_server_lock(server); 592 scnprintf(tree, MAX_TREE_SIZE, "\\\\%s\\IPC$", server->hostname); 593 cifs_server_unlock(server); 594 rc = ops->tree_connect(xid, tcon->ses, tree, tcon, nlsc); 595 goto out; 596 } 597 598 sb = cifs_get_dfs_tcon_super(tcon); 599 if (!IS_ERR(sb)) 600 cifs_sb = CIFS_SB(sb); 601 602 /* 603 * Tree connect to last share in @tcon->tree_name whether dfs super or 604 * cached dfs referral was not found. 605 */ 606 if (!cifs_sb || !server->leaf_fullpath || 607 dfs_cache_noreq_find(server->leaf_fullpath + 1, &ref, &tl)) { 608 rc = ops->tree_connect(xid, tcon->ses, tcon->tree_name, tcon, 609 cifs_sb ? cifs_sb->local_nls : nlsc); 610 goto out; 611 } 612 613 rc = tree_connect_dfs_target(xid, tcon, cifs_sb, tree, ref.server_type == DFS_TYPE_LINK, 614 &tl); 615 free_dfs_info_param(&ref); 616 617out: 618 kfree(tree); 619 cifs_put_tcp_super(sb); 620 621 if (rc) { 622 spin_lock(&tcon->tc_lock); 623 if (tcon->status == TID_IN_TCON) 624 tcon->status = TID_NEED_TCON; 625 spin_unlock(&tcon->tc_lock); 626 } else { 627 spin_lock(&tcon->tc_lock); 628 if (tcon->status == TID_IN_TCON) 629 tcon->status = TID_GOOD; 630 tcon->need_reconnect = false; 631 spin_unlock(&tcon->tc_lock); 632 } 633 634 return rc; 635} 636