]>
Commit | Line | Data |
---|---|---|
9954bf92 DH |
1 | // SPDX-License-Identifier: GPL-2.0-only |
2 | /* | |
3 | * linux/fs/nfs/fs_context.c | |
4 | * | |
5 | * Copyright (C) 1992 Rick Sladkey | |
6 | * | |
7 | * NFS mount handling. | |
8 | * | |
9 | * Split from fs/nfs/super.c by David Howells <dhowells@redhat.com> | |
10 | */ | |
11 | ||
12 | #include <linux/module.h> | |
13 | #include <linux/fs.h> | |
e38bb238 SM |
14 | #include <linux/fs_context.h> |
15 | #include <linux/fs_parser.h> | |
9954bf92 DH |
16 | #include <linux/nfs_fs.h> |
17 | #include <linux/nfs_mount.h> | |
18 | #include <linux/nfs4_mount.h> | |
19 | #include "nfs.h" | |
20 | #include "internal.h" | |
21 | ||
22 | #define NFSDBG_FACILITY NFSDBG_MOUNT | |
23 | ||
24 | #if IS_ENABLED(CONFIG_NFS_V3) | |
25 | #define NFS_DEFAULT_VERSION 3 | |
26 | #else | |
27 | #define NFS_DEFAULT_VERSION 2 | |
28 | #endif | |
29 | ||
30 | #define NFS_MAX_CONNECTIONS 16 | |
31 | ||
e38bb238 SM |
32 | enum nfs_param { |
33 | Opt_ac, | |
34 | Opt_acdirmax, | |
35 | Opt_acdirmin, | |
36 | Opt_acl, | |
37 | Opt_acregmax, | |
38 | Opt_acregmin, | |
9954bf92 | 39 | Opt_actimeo, |
e38bb238 SM |
40 | Opt_addr, |
41 | Opt_bg, | |
42 | Opt_bsize, | |
43 | Opt_clientaddr, | |
44 | Opt_cto, | |
45 | Opt_fg, | |
46 | Opt_fscache, | |
47 | Opt_hard, | |
48 | Opt_intr, | |
49 | Opt_local_lock, | |
50 | Opt_lock, | |
51 | Opt_lookupcache, | |
52 | Opt_migration, | |
53 | Opt_minorversion, | |
54 | Opt_mountaddr, | |
55 | Opt_mounthost, | |
9954bf92 | 56 | Opt_mountport, |
e38bb238 | 57 | Opt_mountproto, |
9954bf92 | 58 | Opt_mountvers, |
e38bb238 | 59 | Opt_namelen, |
9954bf92 | 60 | Opt_nconnect, |
e38bb238 SM |
61 | Opt_port, |
62 | Opt_posix, | |
63 | Opt_proto, | |
64 | Opt_rdirplus, | |
65 | Opt_rdma, | |
66 | Opt_resvport, | |
67 | Opt_retrans, | |
68 | Opt_retry, | |
69 | Opt_rsize, | |
70 | Opt_sec, | |
71 | Opt_sharecache, | |
72 | Opt_sloppy, | |
73 | Opt_soft, | |
74 | Opt_softerr, | |
75 | Opt_source, | |
76 | Opt_tcp, | |
77 | Opt_timeo, | |
78 | Opt_udp, | |
79 | Opt_v, | |
80 | Opt_vers, | |
81 | Opt_wsize, | |
9954bf92 DH |
82 | }; |
83 | ||
e38bb238 SM |
84 | static const struct fs_parameter_spec nfs_param_specs[] = { |
85 | fsparam_flag_no("ac", Opt_ac), | |
86 | fsparam_u32 ("acdirmax", Opt_acdirmax), | |
87 | fsparam_u32 ("acdirmin", Opt_acdirmin), | |
88 | fsparam_flag_no("acl", Opt_acl), | |
89 | fsparam_u32 ("acregmax", Opt_acregmax), | |
90 | fsparam_u32 ("acregmin", Opt_acregmin), | |
91 | fsparam_u32 ("actimeo", Opt_actimeo), | |
92 | fsparam_string("addr", Opt_addr), | |
93 | fsparam_flag ("bg", Opt_bg), | |
94 | fsparam_u32 ("bsize", Opt_bsize), | |
95 | fsparam_string("clientaddr", Opt_clientaddr), | |
96 | fsparam_flag_no("cto", Opt_cto), | |
97 | fsparam_flag ("fg", Opt_fg), | |
98 | __fsparam(fs_param_is_string, "fsc", Opt_fscache, | |
99 | fs_param_neg_with_no|fs_param_v_optional), | |
100 | fsparam_flag ("hard", Opt_hard), | |
101 | __fsparam(fs_param_is_flag, "intr", Opt_intr, | |
102 | fs_param_neg_with_no|fs_param_deprecated), | |
103 | fsparam_enum ("local_lock", Opt_local_lock), | |
104 | fsparam_flag_no("lock", Opt_lock), | |
105 | fsparam_enum ("lookupcache", Opt_lookupcache), | |
106 | fsparam_flag_no("migration", Opt_migration), | |
107 | fsparam_u32 ("minorversion", Opt_minorversion), | |
108 | fsparam_string("mountaddr", Opt_mountaddr), | |
109 | fsparam_string("mounthost", Opt_mounthost), | |
110 | fsparam_u32 ("mountport", Opt_mountport), | |
111 | fsparam_string("mountproto", Opt_mountproto), | |
112 | fsparam_u32 ("mountvers", Opt_mountvers), | |
113 | fsparam_u32 ("namlen", Opt_namelen), | |
114 | fsparam_u32 ("nconnect", Opt_nconnect), | |
115 | fsparam_string("nfsvers", Opt_vers), | |
116 | fsparam_u32 ("port", Opt_port), | |
117 | fsparam_flag_no("posix", Opt_posix), | |
118 | fsparam_string("proto", Opt_proto), | |
119 | fsparam_flag_no("rdirplus", Opt_rdirplus), | |
120 | fsparam_flag ("rdma", Opt_rdma), | |
121 | fsparam_flag_no("resvport", Opt_resvport), | |
122 | fsparam_u32 ("retrans", Opt_retrans), | |
123 | fsparam_string("retry", Opt_retry), | |
124 | fsparam_u32 ("rsize", Opt_rsize), | |
125 | fsparam_string("sec", Opt_sec), | |
126 | fsparam_flag_no("sharecache", Opt_sharecache), | |
127 | fsparam_flag ("sloppy", Opt_sloppy), | |
128 | fsparam_flag ("soft", Opt_soft), | |
129 | fsparam_flag ("softerr", Opt_softerr), | |
130 | fsparam_string("source", Opt_source), | |
131 | fsparam_flag ("tcp", Opt_tcp), | |
132 | fsparam_u32 ("timeo", Opt_timeo), | |
133 | fsparam_flag ("udp", Opt_udp), | |
134 | fsparam_flag ("v2", Opt_v), | |
135 | fsparam_flag ("v3", Opt_v), | |
136 | fsparam_flag ("v4", Opt_v), | |
137 | fsparam_flag ("v4.0", Opt_v), | |
138 | fsparam_flag ("v4.1", Opt_v), | |
139 | fsparam_flag ("v4.2", Opt_v), | |
140 | fsparam_string("vers", Opt_vers), | |
141 | fsparam_u32 ("wsize", Opt_wsize), | |
142 | {} | |
9954bf92 DH |
143 | }; |
144 | ||
145 | enum { | |
e38bb238 SM |
146 | Opt_local_lock_all, |
147 | Opt_local_lock_flock, | |
148 | Opt_local_lock_none, | |
149 | Opt_local_lock_posix, | |
9954bf92 DH |
150 | }; |
151 | ||
152 | enum { | |
e38bb238 SM |
153 | Opt_lookupcache_all, |
154 | Opt_lookupcache_none, | |
155 | Opt_lookupcache_positive, | |
9954bf92 DH |
156 | }; |
157 | ||
e38bb238 SM |
158 | static const struct fs_parameter_enum nfs_param_enums[] = { |
159 | { Opt_local_lock, "all", Opt_local_lock_all }, | |
160 | { Opt_local_lock, "flock", Opt_local_lock_flock }, | |
161 | { Opt_local_lock, "none", Opt_local_lock_none }, | |
162 | { Opt_local_lock, "posix", Opt_local_lock_posix }, | |
163 | { Opt_lookupcache, "all", Opt_lookupcache_all }, | |
164 | { Opt_lookupcache, "none", Opt_lookupcache_none }, | |
165 | { Opt_lookupcache, "pos", Opt_lookupcache_positive }, | |
166 | { Opt_lookupcache, "positive", Opt_lookupcache_positive }, | |
167 | {} | |
168 | }; | |
9954bf92 | 169 | |
e38bb238 SM |
170 | static const struct fs_parameter_description nfs_fs_parameters = { |
171 | .name = "nfs", | |
172 | .specs = nfs_param_specs, | |
173 | .enums = nfs_param_enums, | |
9954bf92 DH |
174 | }; |
175 | ||
176 | enum { | |
e38bb238 SM |
177 | Opt_vers_2, |
178 | Opt_vers_3, | |
179 | Opt_vers_4, | |
180 | Opt_vers_4_0, | |
181 | Opt_vers_4_1, | |
182 | Opt_vers_4_2, | |
9954bf92 DH |
183 | }; |
184 | ||
e38bb238 SM |
185 | static const struct constant_table nfs_vers_tokens[] = { |
186 | { "2", Opt_vers_2 }, | |
187 | { "3", Opt_vers_3 }, | |
188 | { "4", Opt_vers_4 }, | |
189 | { "4.0", Opt_vers_4_0 }, | |
190 | { "4.1", Opt_vers_4_1 }, | |
191 | { "4.2", Opt_vers_4_2 }, | |
9954bf92 DH |
192 | }; |
193 | ||
194 | enum { | |
e38bb238 SM |
195 | Opt_xprt_rdma, |
196 | Opt_xprt_rdma6, | |
197 | Opt_xprt_tcp, | |
198 | Opt_xprt_tcp6, | |
199 | Opt_xprt_udp, | |
200 | Opt_xprt_udp6, | |
201 | nr__Opt_xprt | |
9954bf92 DH |
202 | }; |
203 | ||
e38bb238 SM |
204 | static const struct constant_table nfs_xprt_protocol_tokens[nr__Opt_xprt] = { |
205 | { "rdma", Opt_xprt_rdma }, | |
206 | { "rdma6", Opt_xprt_rdma6 }, | |
207 | { "tcp", Opt_xprt_tcp }, | |
208 | { "tcp6", Opt_xprt_tcp6 }, | |
209 | { "udp", Opt_xprt_udp }, | |
210 | { "udp6", Opt_xprt_udp6 }, | |
9954bf92 DH |
211 | }; |
212 | ||
213 | enum { | |
e38bb238 SM |
214 | Opt_sec_krb5, |
215 | Opt_sec_krb5i, | |
216 | Opt_sec_krb5p, | |
217 | Opt_sec_lkey, | |
218 | Opt_sec_lkeyi, | |
219 | Opt_sec_lkeyp, | |
220 | Opt_sec_none, | |
221 | Opt_sec_spkm, | |
222 | Opt_sec_spkmi, | |
223 | Opt_sec_spkmp, | |
224 | Opt_sec_sys, | |
225 | nr__Opt_sec | |
9954bf92 DH |
226 | }; |
227 | ||
e38bb238 SM |
228 | static const struct constant_table nfs_secflavor_tokens[] = { |
229 | { "krb5", Opt_sec_krb5 }, | |
230 | { "krb5i", Opt_sec_krb5i }, | |
231 | { "krb5p", Opt_sec_krb5p }, | |
232 | { "lkey", Opt_sec_lkey }, | |
233 | { "lkeyi", Opt_sec_lkeyi }, | |
234 | { "lkeyp", Opt_sec_lkeyp }, | |
235 | { "none", Opt_sec_none }, | |
236 | { "null", Opt_sec_none }, | |
237 | { "spkm3", Opt_sec_spkm }, | |
238 | { "spkm3i", Opt_sec_spkmi }, | |
239 | { "spkm3p", Opt_sec_spkmp }, | |
240 | { "sys", Opt_sec_sys }, | |
9954bf92 DH |
241 | }; |
242 | ||
5eb005ca | 243 | struct nfs_fs_context *nfs_alloc_parsed_mount_data(void) |
9954bf92 | 244 | { |
5eb005ca DH |
245 | struct nfs_fs_context *ctx; |
246 | ||
247 | ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); | |
248 | if (ctx) { | |
249 | ctx->timeo = NFS_UNSPEC_TIMEO; | |
250 | ctx->retrans = NFS_UNSPEC_RETRANS; | |
251 | ctx->acregmin = NFS_DEF_ACREGMIN; | |
252 | ctx->acregmax = NFS_DEF_ACREGMAX; | |
253 | ctx->acdirmin = NFS_DEF_ACDIRMIN; | |
254 | ctx->acdirmax = NFS_DEF_ACDIRMAX; | |
255 | ctx->mount_server.port = NFS_UNSPEC_PORT; | |
256 | ctx->nfs_server.port = NFS_UNSPEC_PORT; | |
257 | ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP; | |
258 | ctx->selected_flavor = RPC_AUTH_MAXFLAVOR; | |
259 | ctx->minorversion = 0; | |
260 | ctx->need_mount = true; | |
261 | ctx->net = current->nsproxy->net_ns; | |
262 | ctx->lsm_opts = NULL; | |
9954bf92 | 263 | } |
5eb005ca | 264 | return ctx; |
9954bf92 DH |
265 | } |
266 | ||
5eb005ca | 267 | void nfs_free_parsed_mount_data(struct nfs_fs_context *ctx) |
9954bf92 | 268 | { |
5eb005ca DH |
269 | if (ctx) { |
270 | kfree(ctx->client_address); | |
271 | kfree(ctx->mount_server.hostname); | |
272 | kfree(ctx->nfs_server.export_path); | |
273 | kfree(ctx->nfs_server.hostname); | |
274 | kfree(ctx->fscache_uniq); | |
275 | security_free_mnt_opts(&ctx->lsm_opts); | |
276 | kfree(ctx); | |
9954bf92 DH |
277 | } |
278 | } | |
279 | ||
280 | /* | |
281 | * Sanity-check a server address provided by the mount command. | |
282 | * | |
283 | * Address family must be initialized, and address must not be | |
284 | * the ANY address for that family. | |
285 | */ | |
286 | static int nfs_verify_server_address(struct sockaddr *addr) | |
287 | { | |
288 | switch (addr->sa_family) { | |
289 | case AF_INET: { | |
290 | struct sockaddr_in *sa = (struct sockaddr_in *)addr; | |
291 | return sa->sin_addr.s_addr != htonl(INADDR_ANY); | |
292 | } | |
293 | case AF_INET6: { | |
294 | struct in6_addr *sa = &((struct sockaddr_in6 *)addr)->sin6_addr; | |
295 | return !ipv6_addr_any(sa); | |
296 | } | |
297 | } | |
298 | ||
299 | dfprintk(MOUNT, "NFS: Invalid IP address specified\n"); | |
300 | return 0; | |
301 | } | |
302 | ||
303 | /* | |
304 | * Sanity check the NFS transport protocol. | |
305 | * | |
306 | */ | |
5eb005ca | 307 | static void nfs_validate_transport_protocol(struct nfs_fs_context *ctx) |
9954bf92 | 308 | { |
5eb005ca | 309 | switch (ctx->nfs_server.protocol) { |
9954bf92 DH |
310 | case XPRT_TRANSPORT_UDP: |
311 | case XPRT_TRANSPORT_TCP: | |
312 | case XPRT_TRANSPORT_RDMA: | |
313 | break; | |
314 | default: | |
5eb005ca | 315 | ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP; |
9954bf92 DH |
316 | } |
317 | } | |
318 | ||
319 | /* | |
320 | * For text based NFSv2/v3 mounts, the mount protocol transport default | |
321 | * settings should depend upon the specified NFS transport. | |
322 | */ | |
5eb005ca | 323 | static void nfs_set_mount_transport_protocol(struct nfs_fs_context *ctx) |
9954bf92 | 324 | { |
5eb005ca | 325 | nfs_validate_transport_protocol(ctx); |
9954bf92 | 326 | |
5eb005ca DH |
327 | if (ctx->mount_server.protocol == XPRT_TRANSPORT_UDP || |
328 | ctx->mount_server.protocol == XPRT_TRANSPORT_TCP) | |
9954bf92 | 329 | return; |
5eb005ca | 330 | switch (ctx->nfs_server.protocol) { |
9954bf92 | 331 | case XPRT_TRANSPORT_UDP: |
5eb005ca | 332 | ctx->mount_server.protocol = XPRT_TRANSPORT_UDP; |
9954bf92 DH |
333 | break; |
334 | case XPRT_TRANSPORT_TCP: | |
335 | case XPRT_TRANSPORT_RDMA: | |
5eb005ca | 336 | ctx->mount_server.protocol = XPRT_TRANSPORT_TCP; |
9954bf92 DH |
337 | } |
338 | } | |
339 | ||
340 | /* | |
341 | * Add 'flavor' to 'auth_info' if not already present. | |
342 | * Returns true if 'flavor' ends up in the list, false otherwise | |
343 | */ | |
e558100f DH |
344 | static int nfs_auth_info_add(struct nfs_fs_context *ctx, |
345 | struct nfs_auth_info *auth_info, | |
346 | rpc_authflavor_t flavor) | |
9954bf92 DH |
347 | { |
348 | unsigned int i; | |
349 | unsigned int max_flavor_len = ARRAY_SIZE(auth_info->flavors); | |
350 | ||
351 | /* make sure this flavor isn't already in the list */ | |
352 | for (i = 0; i < auth_info->flavor_len; i++) { | |
353 | if (flavor == auth_info->flavors[i]) | |
e558100f | 354 | return 0; |
9954bf92 DH |
355 | } |
356 | ||
357 | if (auth_info->flavor_len + 1 >= max_flavor_len) { | |
358 | dfprintk(MOUNT, "NFS: too many sec= flavors\n"); | |
e558100f | 359 | return -EINVAL; |
9954bf92 DH |
360 | } |
361 | ||
362 | auth_info->flavors[auth_info->flavor_len++] = flavor; | |
e558100f | 363 | return 0; |
9954bf92 DH |
364 | } |
365 | ||
366 | /* | |
367 | * Parse the value of the 'sec=' option. | |
368 | */ | |
e38bb238 SM |
369 | static int nfs_parse_security_flavors(struct nfs_fs_context *ctx, |
370 | struct fs_parameter *param) | |
9954bf92 | 371 | { |
9954bf92 | 372 | rpc_authflavor_t pseudoflavor; |
e38bb238 | 373 | char *string = param->string, *p; |
e558100f | 374 | int ret; |
9954bf92 | 375 | |
e38bb238 | 376 | dfprintk(MOUNT, "NFS: parsing %s=%s option\n", param->key, param->string); |
9954bf92 | 377 | |
e38bb238 SM |
378 | while ((p = strsep(&string, ":")) != NULL) { |
379 | if (!*p) | |
380 | continue; | |
381 | switch (lookup_constant(nfs_secflavor_tokens, p, -1)) { | |
9954bf92 DH |
382 | case Opt_sec_none: |
383 | pseudoflavor = RPC_AUTH_NULL; | |
384 | break; | |
385 | case Opt_sec_sys: | |
386 | pseudoflavor = RPC_AUTH_UNIX; | |
387 | break; | |
388 | case Opt_sec_krb5: | |
389 | pseudoflavor = RPC_AUTH_GSS_KRB5; | |
390 | break; | |
391 | case Opt_sec_krb5i: | |
392 | pseudoflavor = RPC_AUTH_GSS_KRB5I; | |
393 | break; | |
394 | case Opt_sec_krb5p: | |
395 | pseudoflavor = RPC_AUTH_GSS_KRB5P; | |
396 | break; | |
397 | case Opt_sec_lkey: | |
398 | pseudoflavor = RPC_AUTH_GSS_LKEY; | |
399 | break; | |
400 | case Opt_sec_lkeyi: | |
401 | pseudoflavor = RPC_AUTH_GSS_LKEYI; | |
402 | break; | |
403 | case Opt_sec_lkeyp: | |
404 | pseudoflavor = RPC_AUTH_GSS_LKEYP; | |
405 | break; | |
406 | case Opt_sec_spkm: | |
407 | pseudoflavor = RPC_AUTH_GSS_SPKM; | |
408 | break; | |
409 | case Opt_sec_spkmi: | |
410 | pseudoflavor = RPC_AUTH_GSS_SPKMI; | |
411 | break; | |
412 | case Opt_sec_spkmp: | |
413 | pseudoflavor = RPC_AUTH_GSS_SPKMP; | |
414 | break; | |
415 | default: | |
416 | dfprintk(MOUNT, | |
417 | "NFS: sec= option '%s' not recognized\n", p); | |
e558100f | 418 | return -EINVAL; |
9954bf92 DH |
419 | } |
420 | ||
e558100f DH |
421 | ret = nfs_auth_info_add(ctx, &ctx->auth_info, pseudoflavor); |
422 | if (ret < 0) | |
423 | return ret; | |
9954bf92 DH |
424 | } |
425 | ||
e558100f | 426 | return 0; |
9954bf92 DH |
427 | } |
428 | ||
e558100f | 429 | static int nfs_parse_version_string(struct nfs_fs_context *ctx, |
e38bb238 | 430 | const char *string) |
9954bf92 | 431 | { |
5eb005ca | 432 | ctx->flags &= ~NFS_MOUNT_VER3; |
e38bb238 | 433 | switch (lookup_constant(nfs_vers_tokens, string, -1)) { |
9954bf92 | 434 | case Opt_vers_2: |
5eb005ca | 435 | ctx->version = 2; |
9954bf92 DH |
436 | break; |
437 | case Opt_vers_3: | |
5eb005ca DH |
438 | ctx->flags |= NFS_MOUNT_VER3; |
439 | ctx->version = 3; | |
9954bf92 DH |
440 | break; |
441 | case Opt_vers_4: | |
442 | /* Backward compatibility option. In future, | |
443 | * the mount program should always supply | |
444 | * a NFSv4 minor version number. | |
445 | */ | |
5eb005ca | 446 | ctx->version = 4; |
9954bf92 DH |
447 | break; |
448 | case Opt_vers_4_0: | |
5eb005ca DH |
449 | ctx->version = 4; |
450 | ctx->minorversion = 0; | |
9954bf92 DH |
451 | break; |
452 | case Opt_vers_4_1: | |
5eb005ca DH |
453 | ctx->version = 4; |
454 | ctx->minorversion = 1; | |
9954bf92 DH |
455 | break; |
456 | case Opt_vers_4_2: | |
5eb005ca DH |
457 | ctx->version = 4; |
458 | ctx->minorversion = 2; | |
9954bf92 DH |
459 | break; |
460 | default: | |
e558100f DH |
461 | dfprintk(MOUNT, "NFS: Unsupported NFS version\n"); |
462 | return -EINVAL; | |
9954bf92 | 463 | } |
e558100f | 464 | return 0; |
9954bf92 DH |
465 | } |
466 | ||
9954bf92 | 467 | /* |
e38bb238 | 468 | * Parse a single mount parameter. |
9954bf92 | 469 | */ |
e38bb238 SM |
470 | static int nfs_fs_context_parse_param(struct nfs_fs_context *ctx, |
471 | struct fs_parameter *param) | |
9954bf92 | 472 | { |
e38bb238 SM |
473 | struct fs_parse_result result; |
474 | unsigned short protofamily, mountfamily; | |
475 | unsigned int len; | |
476 | int ret, opt; | |
9954bf92 | 477 | |
e38bb238 | 478 | dfprintk(MOUNT, "NFS: parsing nfs mount option '%s'\n", param->key); |
9954bf92 | 479 | |
e38bb238 SM |
480 | opt = fs_parse(NULL, &nfs_fs_parameters, param, &result); |
481 | if (opt < 0) | |
482 | return ctx->sloppy ? 1 : opt; | |
483 | ||
484 | switch (opt) { | |
9954bf92 DH |
485 | /* |
486 | * boolean options: foo/nofoo | |
487 | */ | |
cbd071b5 DH |
488 | case Opt_soft: |
489 | ctx->flags |= NFS_MOUNT_SOFT; | |
490 | ctx->flags &= ~NFS_MOUNT_SOFTERR; | |
491 | break; | |
492 | case Opt_softerr: | |
493 | ctx->flags |= NFS_MOUNT_SOFTERR; | |
494 | ctx->flags &= ~NFS_MOUNT_SOFT; | |
495 | break; | |
496 | case Opt_hard: | |
497 | ctx->flags &= ~(NFS_MOUNT_SOFT|NFS_MOUNT_SOFTERR); | |
498 | break; | |
499 | case Opt_posix: | |
e38bb238 SM |
500 | if (result.negated) |
501 | ctx->flags &= ~NFS_MOUNT_POSIX; | |
502 | else | |
503 | ctx->flags |= NFS_MOUNT_POSIX; | |
cbd071b5 DH |
504 | break; |
505 | case Opt_cto: | |
e38bb238 SM |
506 | if (result.negated) |
507 | ctx->flags |= NFS_MOUNT_NOCTO; | |
508 | else | |
509 | ctx->flags &= ~NFS_MOUNT_NOCTO; | |
cbd071b5 DH |
510 | break; |
511 | case Opt_ac: | |
e38bb238 SM |
512 | if (result.negated) |
513 | ctx->flags |= NFS_MOUNT_NOAC; | |
514 | else | |
515 | ctx->flags &= ~NFS_MOUNT_NOAC; | |
cbd071b5 DH |
516 | break; |
517 | case Opt_lock: | |
e38bb238 SM |
518 | if (result.negated) { |
519 | ctx->flags |= NFS_MOUNT_NONLM; | |
520 | ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL); | |
521 | } else { | |
522 | ctx->flags &= ~NFS_MOUNT_NONLM; | |
523 | ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL); | |
524 | } | |
cbd071b5 DH |
525 | break; |
526 | case Opt_udp: | |
527 | ctx->flags &= ~NFS_MOUNT_TCP; | |
528 | ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP; | |
529 | break; | |
530 | case Opt_tcp: | |
531 | ctx->flags |= NFS_MOUNT_TCP; | |
532 | ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP; | |
533 | break; | |
534 | case Opt_rdma: | |
535 | ctx->flags |= NFS_MOUNT_TCP; /* for side protocols */ | |
536 | ctx->nfs_server.protocol = XPRT_TRANSPORT_RDMA; | |
e38bb238 | 537 | xprt_load_transport(param->key); |
cbd071b5 DH |
538 | break; |
539 | case Opt_acl: | |
e38bb238 SM |
540 | if (result.negated) |
541 | ctx->flags |= NFS_MOUNT_NOACL; | |
542 | else | |
543 | ctx->flags &= ~NFS_MOUNT_NOACL; | |
cbd071b5 DH |
544 | break; |
545 | case Opt_rdirplus: | |
e38bb238 SM |
546 | if (result.negated) |
547 | ctx->flags |= NFS_MOUNT_NORDIRPLUS; | |
548 | else | |
549 | ctx->flags &= ~NFS_MOUNT_NORDIRPLUS; | |
cbd071b5 DH |
550 | break; |
551 | case Opt_sharecache: | |
e38bb238 SM |
552 | if (result.negated) |
553 | ctx->flags |= NFS_MOUNT_UNSHARED; | |
554 | else | |
555 | ctx->flags &= ~NFS_MOUNT_UNSHARED; | |
cbd071b5 DH |
556 | break; |
557 | case Opt_resvport: | |
e38bb238 SM |
558 | if (result.negated) |
559 | ctx->flags |= NFS_MOUNT_NORESVPORT; | |
560 | else | |
561 | ctx->flags &= ~NFS_MOUNT_NORESVPORT; | |
cbd071b5 DH |
562 | break; |
563 | case Opt_fscache: | |
cbd071b5 | 564 | kfree(ctx->fscache_uniq); |
e38bb238 SM |
565 | ctx->fscache_uniq = param->string; |
566 | param->string = NULL; | |
567 | if (result.negated) | |
568 | ctx->options &= ~NFS_OPTION_FSCACHE; | |
569 | else | |
570 | ctx->options |= NFS_OPTION_FSCACHE; | |
cbd071b5 DH |
571 | break; |
572 | case Opt_migration: | |
e38bb238 SM |
573 | if (result.negated) |
574 | ctx->options &= ~NFS_OPTION_MIGRATION; | |
575 | else | |
576 | ctx->options |= NFS_OPTION_MIGRATION; | |
cbd071b5 | 577 | break; |
9954bf92 DH |
578 | |
579 | /* | |
580 | * options that take numeric values | |
581 | */ | |
cbd071b5 | 582 | case Opt_port: |
e38bb238 SM |
583 | if (result.uint_32 > USHRT_MAX) |
584 | goto out_of_bounds; | |
585 | ctx->nfs_server.port = result.uint_32; | |
cbd071b5 DH |
586 | break; |
587 | case Opt_rsize: | |
e38bb238 | 588 | ctx->rsize = result.uint_32; |
cbd071b5 DH |
589 | break; |
590 | case Opt_wsize: | |
e38bb238 | 591 | ctx->wsize = result.uint_32; |
cbd071b5 DH |
592 | break; |
593 | case Opt_bsize: | |
e38bb238 | 594 | ctx->bsize = result.uint_32; |
cbd071b5 DH |
595 | break; |
596 | case Opt_timeo: | |
e38bb238 SM |
597 | if (result.uint_32 < 1 || result.uint_32 > INT_MAX) |
598 | goto out_of_bounds; | |
599 | ctx->timeo = result.uint_32; | |
cbd071b5 DH |
600 | break; |
601 | case Opt_retrans: | |
e38bb238 SM |
602 | if (result.uint_32 > INT_MAX) |
603 | goto out_of_bounds; | |
604 | ctx->retrans = result.uint_32; | |
cbd071b5 DH |
605 | break; |
606 | case Opt_acregmin: | |
e38bb238 | 607 | ctx->acregmin = result.uint_32; |
cbd071b5 DH |
608 | break; |
609 | case Opt_acregmax: | |
e38bb238 | 610 | ctx->acregmax = result.uint_32; |
cbd071b5 DH |
611 | break; |
612 | case Opt_acdirmin: | |
e38bb238 | 613 | ctx->acdirmin = result.uint_32; |
cbd071b5 DH |
614 | break; |
615 | case Opt_acdirmax: | |
e38bb238 | 616 | ctx->acdirmax = result.uint_32; |
cbd071b5 DH |
617 | break; |
618 | case Opt_actimeo: | |
e38bb238 SM |
619 | ctx->acregmin = result.uint_32; |
620 | ctx->acregmax = result.uint_32; | |
621 | ctx->acdirmin = result.uint_32; | |
622 | ctx->acdirmax = result.uint_32; | |
cbd071b5 DH |
623 | break; |
624 | case Opt_namelen: | |
e38bb238 | 625 | ctx->namlen = result.uint_32; |
cbd071b5 DH |
626 | break; |
627 | case Opt_mountport: | |
e38bb238 SM |
628 | if (result.uint_32 > USHRT_MAX) |
629 | goto out_of_bounds; | |
630 | ctx->mount_server.port = result.uint_32; | |
cbd071b5 DH |
631 | break; |
632 | case Opt_mountvers: | |
e38bb238 SM |
633 | if (result.uint_32 < NFS_MNT_VERSION || |
634 | result.uint_32 > NFS_MNT3_VERSION) | |
635 | goto out_of_bounds; | |
636 | ctx->mount_server.version = result.uint_32; | |
cbd071b5 DH |
637 | break; |
638 | case Opt_minorversion: | |
e38bb238 SM |
639 | if (result.uint_32 > NFS4_MAX_MINOR_VERSION) |
640 | goto out_of_bounds; | |
641 | ctx->minorversion = result.uint_32; | |
cbd071b5 | 642 | break; |
9954bf92 DH |
643 | |
644 | /* | |
645 | * options that take text values | |
646 | */ | |
e38bb238 SM |
647 | case Opt_v: |
648 | ret = nfs_parse_version_string(ctx, param->key + 1); | |
649 | if (ret < 0) | |
650 | return ret; | |
651 | break; | |
652 | case Opt_vers: | |
653 | ret = nfs_parse_version_string(ctx, param->string); | |
e558100f DH |
654 | if (ret < 0) |
655 | return ret; | |
cbd071b5 DH |
656 | break; |
657 | case Opt_sec: | |
e38bb238 | 658 | ret = nfs_parse_security_flavors(ctx, param); |
e558100f DH |
659 | if (ret < 0) |
660 | return ret; | |
cbd071b5 | 661 | break; |
cbd071b5 | 662 | |
e38bb238 SM |
663 | case Opt_proto: |
664 | protofamily = AF_INET; | |
665 | switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) { | |
cbd071b5 | 666 | case Opt_xprt_udp6: |
e38bb238 | 667 | protofamily = AF_INET6; |
cbd071b5 DH |
668 | /* fall through */ |
669 | case Opt_xprt_udp: | |
670 | ctx->flags &= ~NFS_MOUNT_TCP; | |
671 | ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP; | |
9954bf92 | 672 | break; |
cbd071b5 | 673 | case Opt_xprt_tcp6: |
e38bb238 | 674 | protofamily = AF_INET6; |
cbd071b5 DH |
675 | /* fall through */ |
676 | case Opt_xprt_tcp: | |
677 | ctx->flags |= NFS_MOUNT_TCP; | |
678 | ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP; | |
9954bf92 | 679 | break; |
cbd071b5 | 680 | case Opt_xprt_rdma6: |
e38bb238 | 681 | protofamily = AF_INET6; |
cbd071b5 DH |
682 | /* fall through */ |
683 | case Opt_xprt_rdma: | |
684 | /* vector side protocols to TCP */ | |
685 | ctx->flags |= NFS_MOUNT_TCP; | |
686 | ctx->nfs_server.protocol = XPRT_TRANSPORT_RDMA; | |
e38bb238 | 687 | xprt_load_transport(param->string); |
9954bf92 | 688 | break; |
cbd071b5 | 689 | default: |
e558100f | 690 | dfprintk(MOUNT, "NFS: unrecognized transport protocol\n"); |
cbd071b5 DH |
691 | return -EINVAL; |
692 | } | |
e38bb238 SM |
693 | |
694 | ctx->protofamily = protofamily; | |
cbd071b5 | 695 | break; |
e38bb238 | 696 | |
cbd071b5 | 697 | case Opt_mountproto: |
e38bb238 SM |
698 | mountfamily = AF_INET; |
699 | switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) { | |
cbd071b5 | 700 | case Opt_xprt_udp6: |
e38bb238 | 701 | mountfamily = AF_INET6; |
cbd071b5 DH |
702 | /* fall through */ |
703 | case Opt_xprt_udp: | |
704 | ctx->mount_server.protocol = XPRT_TRANSPORT_UDP; | |
705 | break; | |
706 | case Opt_xprt_tcp6: | |
e38bb238 | 707 | mountfamily = AF_INET6; |
cbd071b5 DH |
708 | /* fall through */ |
709 | case Opt_xprt_tcp: | |
710 | ctx->mount_server.protocol = XPRT_TRANSPORT_TCP; | |
711 | break; | |
712 | case Opt_xprt_rdma: /* not used for side protocols */ | |
713 | default: | |
e558100f | 714 | dfprintk(MOUNT, "NFS: unrecognized transport protocol\n"); |
cbd071b5 DH |
715 | return -EINVAL; |
716 | } | |
e38bb238 | 717 | ctx->mountfamily = mountfamily; |
cbd071b5 | 718 | break; |
e38bb238 | 719 | |
cbd071b5 | 720 | case Opt_addr: |
e38bb238 SM |
721 | len = rpc_pton(ctx->net, param->string, param->size, |
722 | &ctx->nfs_server.address, | |
723 | sizeof(ctx->nfs_server._address)); | |
724 | if (len == 0) | |
cbd071b5 | 725 | goto out_invalid_address; |
e38bb238 | 726 | ctx->nfs_server.addrlen = len; |
cbd071b5 DH |
727 | break; |
728 | case Opt_clientaddr: | |
e38bb238 SM |
729 | kfree(ctx->client_address); |
730 | ctx->client_address = param->string; | |
731 | param->string = NULL; | |
cbd071b5 DH |
732 | break; |
733 | case Opt_mounthost: | |
e38bb238 SM |
734 | kfree(ctx->mount_server.hostname); |
735 | ctx->mount_server.hostname = param->string; | |
736 | param->string = NULL; | |
cbd071b5 DH |
737 | break; |
738 | case Opt_mountaddr: | |
e38bb238 SM |
739 | len = rpc_pton(ctx->net, param->string, param->size, |
740 | &ctx->mount_server.address, | |
741 | sizeof(ctx->mount_server._address)); | |
742 | if (len == 0) | |
cbd071b5 | 743 | goto out_invalid_address; |
e38bb238 | 744 | ctx->mount_server.addrlen = len; |
cbd071b5 DH |
745 | break; |
746 | case Opt_nconnect: | |
e38bb238 SM |
747 | if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_CONNECTIONS) |
748 | goto out_of_bounds; | |
749 | ctx->nfs_server.nconnect = result.uint_32; | |
cbd071b5 DH |
750 | break; |
751 | case Opt_lookupcache: | |
e38bb238 | 752 | switch (result.uint_32) { |
cbd071b5 DH |
753 | case Opt_lookupcache_all: |
754 | ctx->flags &= ~(NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE); | |
9954bf92 | 755 | break; |
cbd071b5 DH |
756 | case Opt_lookupcache_positive: |
757 | ctx->flags &= ~NFS_MOUNT_LOOKUP_CACHE_NONE; | |
758 | ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG; | |
9954bf92 | 759 | break; |
cbd071b5 DH |
760 | case Opt_lookupcache_none: |
761 | ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE; | |
9954bf92 | 762 | break; |
cbd071b5 | 763 | default: |
e38bb238 | 764 | goto out_invalid_value; |
cbd071b5 DH |
765 | } |
766 | break; | |
cbd071b5 | 767 | case Opt_local_lock: |
e38bb238 | 768 | switch (result.uint_32) { |
cbd071b5 DH |
769 | case Opt_local_lock_all: |
770 | ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | | |
771 | NFS_MOUNT_LOCAL_FCNTL); | |
9954bf92 | 772 | break; |
cbd071b5 DH |
773 | case Opt_local_lock_flock: |
774 | ctx->flags |= NFS_MOUNT_LOCAL_FLOCK; | |
9954bf92 | 775 | break; |
cbd071b5 DH |
776 | case Opt_local_lock_posix: |
777 | ctx->flags |= NFS_MOUNT_LOCAL_FCNTL; | |
9954bf92 | 778 | break; |
cbd071b5 DH |
779 | case Opt_local_lock_none: |
780 | ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK | | |
781 | NFS_MOUNT_LOCAL_FCNTL); | |
9954bf92 | 782 | break; |
cbd071b5 | 783 | default: |
e38bb238 | 784 | goto out_invalid_value; |
cbd071b5 DH |
785 | } |
786 | break; | |
9954bf92 DH |
787 | |
788 | /* | |
789 | * Special options | |
790 | */ | |
cbd071b5 | 791 | case Opt_sloppy: |
e38bb238 | 792 | ctx->sloppy = true; |
cbd071b5 DH |
793 | dfprintk(MOUNT, "NFS: relaxing parsing rules\n"); |
794 | break; | |
9954bf92 DH |
795 | } |
796 | ||
f8ee01e3 DH |
797 | return 0; |
798 | ||
f8ee01e3 | 799 | out_invalid_value: |
e38bb238 SM |
800 | printk(KERN_INFO "NFS: Bad mount option value specified\n"); |
801 | return -EINVAL; | |
802 | out_invalid_address: | |
803 | printk(KERN_INFO "NFS: Bad IP address specified\n"); | |
f8ee01e3 | 804 | return -EINVAL; |
e38bb238 SM |
805 | out_of_bounds: |
806 | printk(KERN_INFO "NFS: Value for '%s' out of range\n", param->key); | |
807 | return -ERANGE; | |
808 | } | |
809 | ||
810 | /* cribbed from generic_parse_monolithic and vfs_parse_fs_string */ | |
811 | static int nfs_fs_context_parse_option(struct nfs_fs_context *ctx, char *p) | |
812 | { | |
813 | int ret; | |
814 | char *key = p, *value; | |
815 | size_t v_size = 0; | |
816 | struct fs_parameter param; | |
817 | ||
818 | memset(¶m, 0, sizeof(param)); | |
819 | value = strchr(key, '='); | |
820 | if (value && value != key) { | |
821 | *value++ = 0; | |
822 | v_size = strlen(value); | |
823 | } | |
824 | param.key = key; | |
825 | param.type = fs_value_is_flag; | |
826 | param.size = v_size; | |
827 | if (v_size > 0) { | |
828 | param.type = fs_value_is_string; | |
829 | param.string = kmemdup_nul(value, v_size, GFP_KERNEL); | |
830 | if (!param.string) | |
831 | return -ENOMEM; | |
832 | } | |
833 | ret = nfs_fs_context_parse_param(ctx, ¶m); | |
834 | kfree(param.string); | |
835 | return ret; | |
f8ee01e3 DH |
836 | } |
837 | ||
838 | /* | |
839 | * Error-check and convert a string of mount options from user space into | |
840 | * a data structure. The whole mount string is processed; bad options are | |
841 | * skipped as they are encountered. If there were no errors, return 1; | |
842 | * otherwise return 0 (zero). | |
843 | */ | |
844 | int nfs_parse_mount_options(char *raw, struct nfs_fs_context *ctx) | |
845 | { | |
846 | char *p; | |
847 | int rc, sloppy = 0, invalid_option = 0; | |
848 | ||
849 | if (!raw) { | |
850 | dfprintk(MOUNT, "NFS: mount options string was NULL.\n"); | |
851 | return 1; | |
852 | } | |
853 | dfprintk(MOUNT, "NFS: nfs mount opts='%s'\n", raw); | |
854 | ||
855 | rc = security_sb_eat_lsm_opts(raw, &ctx->lsm_opts); | |
856 | if (rc) | |
857 | goto out_security_failure; | |
858 | ||
859 | while ((p = strsep(&raw, ",")) != NULL) { | |
860 | if (!*p) | |
861 | continue; | |
862 | if (nfs_fs_context_parse_option(ctx, p) < 0) | |
863 | invalid_option = true; | |
864 | } | |
865 | ||
9954bf92 DH |
866 | if (!sloppy && invalid_option) |
867 | return 0; | |
868 | ||
5eb005ca | 869 | if (ctx->minorversion && ctx->version != 4) |
9954bf92 DH |
870 | goto out_minorversion_mismatch; |
871 | ||
5eb005ca DH |
872 | if (ctx->options & NFS_OPTION_MIGRATION && |
873 | (ctx->version != 4 || ctx->minorversion != 0)) | |
9954bf92 DH |
874 | goto out_migration_misuse; |
875 | ||
876 | /* | |
877 | * verify that any proto=/mountproto= options match the address | |
878 | * families in the addr=/mountaddr= options. | |
879 | */ | |
f8ee01e3 | 880 | if (ctx->protofamily != AF_UNSPEC && |
e558100f | 881 | ctx->protofamily != ctx->nfs_server.address.sa_family) |
9954bf92 DH |
882 | goto out_proto_mismatch; |
883 | ||
f8ee01e3 | 884 | if (ctx->mountfamily != AF_UNSPEC) { |
5eb005ca | 885 | if (ctx->mount_server.addrlen) { |
e558100f | 886 | if (ctx->mountfamily != ctx->mount_server.address.sa_family) |
9954bf92 DH |
887 | goto out_mountproto_mismatch; |
888 | } else { | |
e558100f | 889 | if (ctx->mountfamily != ctx->nfs_server.address.sa_family) |
9954bf92 DH |
890 | goto out_mountproto_mismatch; |
891 | } | |
892 | } | |
893 | ||
894 | return 1; | |
895 | ||
f8ee01e3 DH |
896 | out_minorversion_mismatch: |
897 | printk(KERN_INFO "NFS: mount option vers=%u does not support " | |
898 | "minorversion=%u\n", ctx->version, ctx->minorversion); | |
899 | return 0; | |
9954bf92 DH |
900 | out_mountproto_mismatch: |
901 | printk(KERN_INFO "NFS: mount server address does not match mountproto= " | |
902 | "option\n"); | |
903 | return 0; | |
904 | out_proto_mismatch: | |
905 | printk(KERN_INFO "NFS: server address does not match proto= option\n"); | |
906 | return 0; | |
9954bf92 DH |
907 | out_migration_misuse: |
908 | printk(KERN_INFO | |
909 | "NFS: 'migration' not supported for this NFS version\n"); | |
f8ee01e3 | 910 | return -EINVAL; |
9954bf92 DH |
911 | out_security_failure: |
912 | printk(KERN_INFO "NFS: security options invalid: %d\n", rc); | |
913 | return 0; | |
914 | } | |
915 | ||
916 | /* | |
917 | * Split "dev_name" into "hostname:export_path". | |
918 | * | |
919 | * The leftmost colon demarks the split between the server's hostname | |
920 | * and the export path. If the hostname starts with a left square | |
921 | * bracket, then it may contain colons. | |
922 | * | |
923 | * Note: caller frees hostname and export path, even on error. | |
924 | */ | |
e558100f DH |
925 | static int nfs_parse_devname(struct nfs_fs_context *ctx, |
926 | const char *dev_name, | |
927 | size_t maxnamlen, size_t maxpathlen) | |
9954bf92 DH |
928 | { |
929 | size_t len; | |
930 | char *end; | |
931 | ||
932 | if (unlikely(!dev_name || !*dev_name)) { | |
933 | dfprintk(MOUNT, "NFS: device name not specified\n"); | |
934 | return -EINVAL; | |
935 | } | |
936 | ||
937 | /* Is the host name protected with square brakcets? */ | |
938 | if (*dev_name == '[') { | |
939 | end = strchr(++dev_name, ']'); | |
940 | if (end == NULL || end[1] != ':') | |
941 | goto out_bad_devname; | |
942 | ||
943 | len = end - dev_name; | |
944 | end++; | |
945 | } else { | |
946 | char *comma; | |
947 | ||
948 | end = strchr(dev_name, ':'); | |
949 | if (end == NULL) | |
950 | goto out_bad_devname; | |
951 | len = end - dev_name; | |
952 | ||
953 | /* kill possible hostname list: not supported */ | |
954 | comma = strchr(dev_name, ','); | |
955 | if (comma != NULL && comma < end) | |
956 | len = comma - dev_name; | |
957 | } | |
958 | ||
959 | if (len > maxnamlen) | |
960 | goto out_hostname; | |
961 | ||
962 | /* N.B. caller will free nfs_server.hostname in all cases */ | |
e558100f DH |
963 | ctx->nfs_server.hostname = kmemdup_nul(dev_name, len, GFP_KERNEL); |
964 | if (!ctx->nfs_server.hostname) | |
9954bf92 DH |
965 | goto out_nomem; |
966 | len = strlen(++end); | |
967 | if (len > maxpathlen) | |
968 | goto out_path; | |
e558100f DH |
969 | ctx->nfs_server.export_path = kmemdup_nul(end, len, GFP_KERNEL); |
970 | if (!ctx->nfs_server.export_path) | |
9954bf92 DH |
971 | goto out_nomem; |
972 | ||
e558100f | 973 | dfprintk(MOUNT, "NFS: MNTPATH: '%s'\n", ctx->nfs_server.export_path); |
9954bf92 DH |
974 | return 0; |
975 | ||
976 | out_bad_devname: | |
977 | dfprintk(MOUNT, "NFS: device name not in host:path format\n"); | |
978 | return -EINVAL; | |
979 | ||
980 | out_nomem: | |
981 | dfprintk(MOUNT, "NFS: not enough memory to parse device name\n"); | |
982 | return -ENOMEM; | |
983 | ||
984 | out_hostname: | |
985 | dfprintk(MOUNT, "NFS: server hostname too long\n"); | |
986 | return -ENAMETOOLONG; | |
987 | ||
988 | out_path: | |
989 | dfprintk(MOUNT, "NFS: export pathname too long\n"); | |
990 | return -ENAMETOOLONG; | |
991 | } | |
992 | ||
993 | /* | |
e558100f | 994 | * Parse monolithic NFS2/NFS3 mount data |
9954bf92 DH |
995 | * - fills in the mount root filehandle |
996 | * | |
997 | * For option strings, user space handles the following behaviors: | |
998 | * | |
999 | * + DNS: mapping server host name to IP address ("addr=" option) | |
1000 | * | |
1001 | * + failure mode: how to behave if a mount request can't be handled | |
1002 | * immediately ("fg/bg" option) | |
1003 | * | |
1004 | * + retry: how often to retry a mount request ("retry=" option) | |
1005 | * | |
1006 | * + breaking back: trying proto=udp after proto=tcp, v2 after v3, | |
1007 | * mountproto=tcp after mountproto=udp, and so on | |
1008 | */ | |
1009 | static int nfs23_validate_mount_data(void *options, | |
5eb005ca | 1010 | struct nfs_fs_context *ctx, |
9954bf92 DH |
1011 | struct nfs_fh *mntfh, |
1012 | const char *dev_name) | |
1013 | { | |
1014 | struct nfs_mount_data *data = (struct nfs_mount_data *)options; | |
5eb005ca | 1015 | struct sockaddr *sap = (struct sockaddr *)&ctx->nfs_server.address; |
9954bf92 DH |
1016 | int extra_flags = NFS_MOUNT_LEGACY_INTERFACE; |
1017 | ||
1018 | if (data == NULL) | |
1019 | goto out_no_data; | |
1020 | ||
5eb005ca | 1021 | ctx->version = NFS_DEFAULT_VERSION; |
9954bf92 DH |
1022 | switch (data->version) { |
1023 | case 1: | |
1024 | data->namlen = 0; /* fall through */ | |
1025 | case 2: | |
1026 | data->bsize = 0; /* fall through */ | |
1027 | case 3: | |
1028 | if (data->flags & NFS_MOUNT_VER3) | |
1029 | goto out_no_v3; | |
1030 | data->root.size = NFS2_FHSIZE; | |
1031 | memcpy(data->root.data, data->old_root.data, NFS2_FHSIZE); | |
1032 | /* Turn off security negotiation */ | |
1033 | extra_flags |= NFS_MOUNT_SECFLAVOUR; | |
1034 | /* fall through */ | |
1035 | case 4: | |
1036 | if (data->flags & NFS_MOUNT_SECFLAVOUR) | |
1037 | goto out_no_sec; | |
1038 | /* fall through */ | |
1039 | case 5: | |
1040 | memset(data->context, 0, sizeof(data->context)); | |
1041 | /* fall through */ | |
1042 | case 6: | |
1043 | if (data->flags & NFS_MOUNT_VER3) { | |
1044 | if (data->root.size > NFS3_FHSIZE || data->root.size == 0) | |
1045 | goto out_invalid_fh; | |
1046 | mntfh->size = data->root.size; | |
5eb005ca | 1047 | ctx->version = 3; |
9954bf92 DH |
1048 | } else { |
1049 | mntfh->size = NFS2_FHSIZE; | |
5eb005ca | 1050 | ctx->version = 2; |
9954bf92 DH |
1051 | } |
1052 | ||
1053 | ||
1054 | memcpy(mntfh->data, data->root.data, mntfh->size); | |
1055 | if (mntfh->size < sizeof(mntfh->data)) | |
1056 | memset(mntfh->data + mntfh->size, 0, | |
1057 | sizeof(mntfh->data) - mntfh->size); | |
1058 | ||
1059 | /* | |
5eb005ca | 1060 | * Translate to nfs_fs_context, which nfs_fill_super |
9954bf92 DH |
1061 | * can deal with. |
1062 | */ | |
5eb005ca DH |
1063 | ctx->flags = data->flags & NFS_MOUNT_FLAGMASK; |
1064 | ctx->flags |= extra_flags; | |
1065 | ctx->rsize = data->rsize; | |
1066 | ctx->wsize = data->wsize; | |
1067 | ctx->timeo = data->timeo; | |
1068 | ctx->retrans = data->retrans; | |
1069 | ctx->acregmin = data->acregmin; | |
1070 | ctx->acregmax = data->acregmax; | |
1071 | ctx->acdirmin = data->acdirmin; | |
1072 | ctx->acdirmax = data->acdirmax; | |
1073 | ctx->need_mount = false; | |
9954bf92 DH |
1074 | |
1075 | memcpy(sap, &data->addr, sizeof(data->addr)); | |
5eb005ca DH |
1076 | ctx->nfs_server.addrlen = sizeof(data->addr); |
1077 | ctx->nfs_server.port = ntohs(data->addr.sin_port); | |
9954bf92 DH |
1078 | if (sap->sa_family != AF_INET || |
1079 | !nfs_verify_server_address(sap)) | |
1080 | goto out_no_address; | |
1081 | ||
1082 | if (!(data->flags & NFS_MOUNT_TCP)) | |
5eb005ca | 1083 | ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP; |
9954bf92 | 1084 | /* N.B. caller will free nfs_server.hostname in all cases */ |
5eb005ca DH |
1085 | ctx->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL); |
1086 | ctx->namlen = data->namlen; | |
1087 | ctx->bsize = data->bsize; | |
9954bf92 DH |
1088 | |
1089 | if (data->flags & NFS_MOUNT_SECFLAVOUR) | |
5eb005ca | 1090 | ctx->selected_flavor = data->pseudoflavor; |
9954bf92 | 1091 | else |
5eb005ca DH |
1092 | ctx->selected_flavor = RPC_AUTH_UNIX; |
1093 | if (!ctx->nfs_server.hostname) | |
9954bf92 DH |
1094 | goto out_nomem; |
1095 | ||
1096 | if (!(data->flags & NFS_MOUNT_NONLM)) | |
5eb005ca | 1097 | ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK| |
9954bf92 DH |
1098 | NFS_MOUNT_LOCAL_FCNTL); |
1099 | else | |
5eb005ca | 1100 | ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK| |
9954bf92 DH |
1101 | NFS_MOUNT_LOCAL_FCNTL); |
1102 | /* | |
1103 | * The legacy version 6 binary mount data from userspace has a | |
1104 | * field used only to transport selinux information into the | |
1105 | * the kernel. To continue to support that functionality we | |
1106 | * have a touch of selinux knowledge here in the NFS code. The | |
1107 | * userspace code converted context=blah to just blah so we are | |
1108 | * converting back to the full string selinux understands. | |
1109 | */ | |
1110 | if (data->context[0]){ | |
1111 | #ifdef CONFIG_SECURITY_SELINUX | |
1112 | int rc; | |
1113 | data->context[NFS_MAX_CONTEXT_LEN] = '\0'; | |
1114 | rc = security_add_mnt_opt("context", data->context, | |
5eb005ca | 1115 | strlen(data->context), ctx->lsm_opts); |
9954bf92 DH |
1116 | if (rc) |
1117 | return rc; | |
1118 | #else | |
1119 | return -EINVAL; | |
1120 | #endif | |
1121 | } | |
1122 | ||
1123 | break; | |
1124 | default: | |
1125 | return NFS_TEXT_DATA; | |
1126 | } | |
1127 | ||
1128 | return 0; | |
1129 | ||
1130 | out_no_data: | |
1131 | dfprintk(MOUNT, "NFS: mount program didn't pass any mount data\n"); | |
1132 | return -EINVAL; | |
1133 | ||
1134 | out_no_v3: | |
1135 | dfprintk(MOUNT, "NFS: nfs_mount_data version %d does not support v3\n", | |
1136 | data->version); | |
1137 | return -EINVAL; | |
1138 | ||
1139 | out_no_sec: | |
1140 | dfprintk(MOUNT, "NFS: nfs_mount_data version supports only AUTH_SYS\n"); | |
1141 | return -EINVAL; | |
1142 | ||
1143 | out_nomem: | |
1144 | dfprintk(MOUNT, "NFS: not enough memory to handle mount options\n"); | |
1145 | return -ENOMEM; | |
1146 | ||
1147 | out_no_address: | |
1148 | dfprintk(MOUNT, "NFS: mount program didn't pass remote address\n"); | |
1149 | return -EINVAL; | |
1150 | ||
1151 | out_invalid_fh: | |
1152 | dfprintk(MOUNT, "NFS: invalid root filehandle\n"); | |
1153 | return -EINVAL; | |
1154 | } | |
1155 | ||
1156 | #if IS_ENABLED(CONFIG_NFS_V4) | |
5eb005ca | 1157 | static void nfs4_validate_mount_flags(struct nfs_fs_context *ctx) |
9954bf92 | 1158 | { |
5eb005ca | 1159 | ctx->flags &= ~(NFS_MOUNT_NONLM|NFS_MOUNT_NOACL|NFS_MOUNT_VER3| |
9954bf92 DH |
1160 | NFS_MOUNT_LOCAL_FLOCK|NFS_MOUNT_LOCAL_FCNTL); |
1161 | } | |
1162 | ||
1163 | /* | |
1164 | * Validate NFSv4 mount options | |
1165 | */ | |
1166 | static int nfs4_validate_mount_data(void *options, | |
5eb005ca | 1167 | struct nfs_fs_context *ctx, |
9954bf92 DH |
1168 | const char *dev_name) |
1169 | { | |
5eb005ca | 1170 | struct sockaddr *sap = (struct sockaddr *)&ctx->nfs_server.address; |
9954bf92 DH |
1171 | struct nfs4_mount_data *data = (struct nfs4_mount_data *)options; |
1172 | char *c; | |
1173 | ||
1174 | if (data == NULL) | |
1175 | goto out_no_data; | |
1176 | ||
5eb005ca | 1177 | ctx->version = 4; |
9954bf92 DH |
1178 | |
1179 | switch (data->version) { | |
1180 | case 1: | |
5eb005ca | 1181 | if (data->host_addrlen > sizeof(ctx->nfs_server.address)) |
9954bf92 DH |
1182 | goto out_no_address; |
1183 | if (data->host_addrlen == 0) | |
1184 | goto out_no_address; | |
5eb005ca | 1185 | ctx->nfs_server.addrlen = data->host_addrlen; |
9954bf92 DH |
1186 | if (copy_from_user(sap, data->host_addr, data->host_addrlen)) |
1187 | return -EFAULT; | |
1188 | if (!nfs_verify_server_address(sap)) | |
1189 | goto out_no_address; | |
5eb005ca | 1190 | ctx->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port); |
9954bf92 DH |
1191 | |
1192 | if (data->auth_flavourlen) { | |
1193 | rpc_authflavor_t pseudoflavor; | |
1194 | if (data->auth_flavourlen > 1) | |
1195 | goto out_inval_auth; | |
1196 | if (copy_from_user(&pseudoflavor, | |
1197 | data->auth_flavours, | |
1198 | sizeof(pseudoflavor))) | |
1199 | return -EFAULT; | |
5eb005ca | 1200 | ctx->selected_flavor = pseudoflavor; |
9954bf92 | 1201 | } else |
5eb005ca | 1202 | ctx->selected_flavor = RPC_AUTH_UNIX; |
9954bf92 DH |
1203 | |
1204 | c = strndup_user(data->hostname.data, NFS4_MAXNAMLEN); | |
1205 | if (IS_ERR(c)) | |
1206 | return PTR_ERR(c); | |
5eb005ca | 1207 | ctx->nfs_server.hostname = c; |
9954bf92 DH |
1208 | |
1209 | c = strndup_user(data->mnt_path.data, NFS4_MAXPATHLEN); | |
1210 | if (IS_ERR(c)) | |
1211 | return PTR_ERR(c); | |
5eb005ca | 1212 | ctx->nfs_server.export_path = c; |
9954bf92 DH |
1213 | dfprintk(MOUNT, "NFS: MNTPATH: '%s'\n", c); |
1214 | ||
1215 | c = strndup_user(data->client_addr.data, 16); | |
1216 | if (IS_ERR(c)) | |
1217 | return PTR_ERR(c); | |
5eb005ca | 1218 | ctx->client_address = c; |
9954bf92 DH |
1219 | |
1220 | /* | |
5eb005ca | 1221 | * Translate to nfs_fs_context, which nfs4_fill_super |
9954bf92 DH |
1222 | * can deal with. |
1223 | */ | |
1224 | ||
5eb005ca DH |
1225 | ctx->flags = data->flags & NFS4_MOUNT_FLAGMASK; |
1226 | ctx->rsize = data->rsize; | |
1227 | ctx->wsize = data->wsize; | |
1228 | ctx->timeo = data->timeo; | |
1229 | ctx->retrans = data->retrans; | |
1230 | ctx->acregmin = data->acregmin; | |
1231 | ctx->acregmax = data->acregmax; | |
1232 | ctx->acdirmin = data->acdirmin; | |
1233 | ctx->acdirmax = data->acdirmax; | |
1234 | ctx->nfs_server.protocol = data->proto; | |
1235 | nfs_validate_transport_protocol(ctx); | |
1236 | if (ctx->nfs_server.protocol == XPRT_TRANSPORT_UDP) | |
9954bf92 DH |
1237 | goto out_invalid_transport_udp; |
1238 | ||
1239 | break; | |
1240 | default: | |
1241 | return NFS_TEXT_DATA; | |
1242 | } | |
1243 | ||
1244 | return 0; | |
1245 | ||
1246 | out_no_data: | |
1247 | dfprintk(MOUNT, "NFS4: mount program didn't pass any mount data\n"); | |
1248 | return -EINVAL; | |
1249 | ||
1250 | out_inval_auth: | |
1251 | dfprintk(MOUNT, "NFS4: Invalid number of RPC auth flavours %d\n", | |
1252 | data->auth_flavourlen); | |
1253 | return -EINVAL; | |
1254 | ||
1255 | out_no_address: | |
1256 | dfprintk(MOUNT, "NFS4: mount program didn't pass remote address\n"); | |
1257 | return -EINVAL; | |
1258 | ||
1259 | out_invalid_transport_udp: | |
1260 | dfprintk(MOUNT, "NFSv4: Unsupported transport protocol udp\n"); | |
1261 | return -EINVAL; | |
1262 | } | |
1263 | ||
1264 | int nfs_validate_mount_data(struct file_system_type *fs_type, | |
1265 | void *options, | |
5eb005ca | 1266 | struct nfs_fs_context *ctx, |
9954bf92 DH |
1267 | struct nfs_fh *mntfh, |
1268 | const char *dev_name) | |
1269 | { | |
1270 | if (fs_type == &nfs_fs_type) | |
5eb005ca DH |
1271 | return nfs23_validate_mount_data(options, ctx, mntfh, dev_name); |
1272 | return nfs4_validate_mount_data(options, ctx, dev_name); | |
9954bf92 DH |
1273 | } |
1274 | #else | |
1275 | int nfs_validate_mount_data(struct file_system_type *fs_type, | |
1276 | void *options, | |
5eb005ca | 1277 | struct nfs_fs_context *ctx, |
9954bf92 DH |
1278 | struct nfs_fh *mntfh, |
1279 | const char *dev_name) | |
1280 | { | |
5eb005ca | 1281 | return nfs23_validate_mount_data(options, ctx, mntfh, dev_name); |
9954bf92 DH |
1282 | } |
1283 | #endif | |
1284 | ||
1285 | int nfs_validate_text_mount_data(void *options, | |
5eb005ca | 1286 | struct nfs_fs_context *ctx, |
9954bf92 DH |
1287 | const char *dev_name) |
1288 | { | |
1289 | int port = 0; | |
1290 | int max_namelen = PAGE_SIZE; | |
1291 | int max_pathlen = NFS_MAXPATHLEN; | |
5eb005ca | 1292 | struct sockaddr *sap = (struct sockaddr *)&ctx->nfs_server.address; |
9954bf92 | 1293 | |
5eb005ca | 1294 | if (nfs_parse_mount_options((char *)options, ctx) == 0) |
9954bf92 DH |
1295 | return -EINVAL; |
1296 | ||
1297 | if (!nfs_verify_server_address(sap)) | |
1298 | goto out_no_address; | |
1299 | ||
5eb005ca | 1300 | if (ctx->version == 4) { |
9954bf92 | 1301 | #if IS_ENABLED(CONFIG_NFS_V4) |
5eb005ca | 1302 | if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA) |
9954bf92 DH |
1303 | port = NFS_RDMA_PORT; |
1304 | else | |
1305 | port = NFS_PORT; | |
1306 | max_namelen = NFS4_MAXNAMLEN; | |
1307 | max_pathlen = NFS4_MAXPATHLEN; | |
5eb005ca DH |
1308 | nfs_validate_transport_protocol(ctx); |
1309 | if (ctx->nfs_server.protocol == XPRT_TRANSPORT_UDP) | |
9954bf92 | 1310 | goto out_invalid_transport_udp; |
5eb005ca | 1311 | nfs4_validate_mount_flags(ctx); |
9954bf92 DH |
1312 | #else |
1313 | goto out_v4_not_compiled; | |
1314 | #endif /* CONFIG_NFS_V4 */ | |
1315 | } else { | |
5eb005ca DH |
1316 | nfs_set_mount_transport_protocol(ctx); |
1317 | if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA) | |
9954bf92 DH |
1318 | port = NFS_RDMA_PORT; |
1319 | } | |
1320 | ||
5eb005ca | 1321 | nfs_set_port(sap, &ctx->nfs_server.port, port); |
9954bf92 | 1322 | |
e558100f | 1323 | return nfs_parse_devname(ctx, dev_name, max_namelen, max_pathlen); |
9954bf92 DH |
1324 | |
1325 | #if !IS_ENABLED(CONFIG_NFS_V4) | |
1326 | out_v4_not_compiled: | |
1327 | dfprintk(MOUNT, "NFS: NFSv4 is not compiled into kernel\n"); | |
1328 | return -EPROTONOSUPPORT; | |
1329 | #else | |
1330 | out_invalid_transport_udp: | |
1331 | dfprintk(MOUNT, "NFSv4: Unsupported transport protocol udp\n"); | |
1332 | return -EINVAL; | |
1333 | #endif /* !CONFIG_NFS_V4 */ | |
1334 | ||
1335 | out_no_address: | |
1336 | dfprintk(MOUNT, "NFS: mount program didn't pass remote address\n"); | |
1337 | return -EINVAL; | |
1338 | } |