1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * linux/fs/nfs/fs_context.c 4 * 5 * Copyright (C) 1992 Rick Sladkey 6 * Conversion to new mount api Copyright (C) David Howells 7 * 8 * NFS mount handling. 9 * 10 * Split from fs/nfs/super.c by David Howells <dhowells@redhat.com> 11 */ 12 13#include <linux/compat.h> 14#include <linux/module.h> 15#include <linux/fs.h> 16#include <linux/fs_context.h> 17#include <linux/fs_parser.h> 18#include <linux/nfs_fs.h> 19#include <linux/nfs_mount.h> 20#include <linux/nfs4_mount.h> 21 22#include <net/handshake.h> 23 24#include "nfs.h" 25#include "internal.h" 26 27#include "nfstrace.h" 28 29#define NFSDBG_FACILITY NFSDBG_MOUNT 30 31#if IS_ENABLED(CONFIG_NFS_V3) 32#define NFS_DEFAULT_VERSION 3 33#else 34#define NFS_DEFAULT_VERSION 2 35#endif 36 37#define NFS_MAX_CONNECTIONS 16 38 39enum nfs_param { 40 Opt_ac, 41 Opt_acdirmax, 42 Opt_acdirmin, 43 Opt_acl, 44 Opt_acregmax, 45 Opt_acregmin, 46 Opt_actimeo, 47 Opt_addr, 48 Opt_bg, 49 Opt_bsize, 50 Opt_clientaddr, 51 Opt_cto, 52 Opt_fg, 53 Opt_fscache, 54 Opt_fscache_flag, 55 Opt_hard, 56 Opt_intr, 57 Opt_local_lock, 58 Opt_lock, 59 Opt_lookupcache, 60 Opt_migration, 61 Opt_minorversion, 62 Opt_mountaddr, 63 Opt_mounthost, 64 Opt_mountport, 65 Opt_mountproto, 66 Opt_mountvers, 67 Opt_namelen, 68 Opt_nconnect, 69 Opt_max_connect, 70 Opt_port, 71 Opt_posix, 72 Opt_proto, 73 Opt_rdirplus, 74 Opt_rdma, 75 Opt_resvport, 76 Opt_retrans, 77 Opt_retry, 78 Opt_rsize, 79 Opt_sec, 80 Opt_sharecache, 81 Opt_sloppy, 82 Opt_soft, 83 Opt_softerr, 84 Opt_softreval, 85 Opt_source, 86 Opt_tcp, 87 Opt_timeo, 88 Opt_trunkdiscovery, 89 Opt_udp, 90 Opt_v, 91 Opt_vers, 92 Opt_wsize, 93 Opt_write, 94 Opt_xprtsec, 95}; 96 97enum { 98 Opt_local_lock_all, 99 Opt_local_lock_flock, 100 Opt_local_lock_none, 101 Opt_local_lock_posix, 102}; 103 104static const struct constant_table nfs_param_enums_local_lock[] = { 105 { "all", Opt_local_lock_all }, 106 { "flock", Opt_local_lock_flock }, 107 { "posix", Opt_local_lock_posix }, 108 { "none", Opt_local_lock_none }, 109 {} 110}; 111 112enum { 113 Opt_lookupcache_all, 114 Opt_lookupcache_none, 115 Opt_lookupcache_positive, 116}; 117 118static const struct constant_table nfs_param_enums_lookupcache[] = { 119 { "all", Opt_lookupcache_all }, 120 { "none", Opt_lookupcache_none }, 121 { "pos", Opt_lookupcache_positive }, 122 { "positive", Opt_lookupcache_positive }, 123 {} 124}; 125 126enum { 127 Opt_write_lazy, 128 Opt_write_eager, 129 Opt_write_wait, 130}; 131 132static const struct constant_table nfs_param_enums_write[] = { 133 { "lazy", Opt_write_lazy }, 134 { "eager", Opt_write_eager }, 135 { "wait", Opt_write_wait }, 136 {} 137}; 138 139static const struct fs_parameter_spec nfs_fs_parameters[] = { 140 fsparam_flag_no("ac", Opt_ac), 141 fsparam_u32 ("acdirmax", Opt_acdirmax), 142 fsparam_u32 ("acdirmin", Opt_acdirmin), 143 fsparam_flag_no("acl", Opt_acl), 144 fsparam_u32 ("acregmax", Opt_acregmax), 145 fsparam_u32 ("acregmin", Opt_acregmin), 146 fsparam_u32 ("actimeo", Opt_actimeo), 147 fsparam_string("addr", Opt_addr), 148 fsparam_flag ("bg", Opt_bg), 149 fsparam_u32 ("bsize", Opt_bsize), 150 fsparam_string("clientaddr", Opt_clientaddr), 151 fsparam_flag_no("cto", Opt_cto), 152 fsparam_flag ("fg", Opt_fg), 153 fsparam_flag_no("fsc", Opt_fscache_flag), 154 fsparam_string("fsc", Opt_fscache), 155 fsparam_flag ("hard", Opt_hard), 156 __fsparam(NULL, "intr", Opt_intr, 157 fs_param_neg_with_no|fs_param_deprecated, NULL), 158 fsparam_enum ("local_lock", Opt_local_lock, nfs_param_enums_local_lock), 159 fsparam_flag_no("lock", Opt_lock), 160 fsparam_enum ("lookupcache", Opt_lookupcache, nfs_param_enums_lookupcache), 161 fsparam_flag_no("migration", Opt_migration), 162 fsparam_u32 ("minorversion", Opt_minorversion), 163 fsparam_string("mountaddr", Opt_mountaddr), 164 fsparam_string("mounthost", Opt_mounthost), 165 fsparam_u32 ("mountport", Opt_mountport), 166 fsparam_string("mountproto", Opt_mountproto), 167 fsparam_u32 ("mountvers", Opt_mountvers), 168 fsparam_u32 ("namlen", Opt_namelen), 169 fsparam_u32 ("nconnect", Opt_nconnect), 170 fsparam_u32 ("max_connect", Opt_max_connect), 171 fsparam_string("nfsvers", Opt_vers), 172 fsparam_u32 ("port", Opt_port), 173 fsparam_flag_no("posix", Opt_posix), 174 fsparam_string("proto", Opt_proto), 175 fsparam_flag_no("rdirplus", Opt_rdirplus), 176 fsparam_flag ("rdma", Opt_rdma), 177 fsparam_flag_no("resvport", Opt_resvport), 178 fsparam_u32 ("retrans", Opt_retrans), 179 fsparam_string("retry", Opt_retry), 180 fsparam_u32 ("rsize", Opt_rsize), 181 fsparam_string("sec", Opt_sec), 182 fsparam_flag_no("sharecache", Opt_sharecache), 183 fsparam_flag ("sloppy", Opt_sloppy), 184 fsparam_flag ("soft", Opt_soft), 185 fsparam_flag ("softerr", Opt_softerr), 186 fsparam_flag ("softreval", Opt_softreval), 187 fsparam_string("source", Opt_source), 188 fsparam_flag ("tcp", Opt_tcp), 189 fsparam_u32 ("timeo", Opt_timeo), 190 fsparam_flag_no("trunkdiscovery", Opt_trunkdiscovery), 191 fsparam_flag ("udp", Opt_udp), 192 fsparam_flag ("v2", Opt_v), 193 fsparam_flag ("v3", Opt_v), 194 fsparam_flag ("v4", Opt_v), 195 fsparam_flag ("v4.0", Opt_v), 196 fsparam_flag ("v4.1", Opt_v), 197 fsparam_flag ("v4.2", Opt_v), 198 fsparam_string("vers", Opt_vers), 199 fsparam_enum ("write", Opt_write, nfs_param_enums_write), 200 fsparam_u32 ("wsize", Opt_wsize), 201 fsparam_string("xprtsec", Opt_xprtsec), 202 {} 203}; 204 205enum { 206 Opt_vers_2, 207 Opt_vers_3, 208 Opt_vers_4, 209 Opt_vers_4_0, 210 Opt_vers_4_1, 211 Opt_vers_4_2, 212}; 213 214static const struct constant_table nfs_vers_tokens[] = { 215 { "2", Opt_vers_2 }, 216 { "3", Opt_vers_3 }, 217 { "4", Opt_vers_4 }, 218 { "4.0", Opt_vers_4_0 }, 219 { "4.1", Opt_vers_4_1 }, 220 { "4.2", Opt_vers_4_2 }, 221 {} 222}; 223 224enum { 225 Opt_xprt_rdma, 226 Opt_xprt_rdma6, 227 Opt_xprt_tcp, 228 Opt_xprt_tcp6, 229 Opt_xprt_udp, 230 Opt_xprt_udp6, 231 nr__Opt_xprt 232}; 233 234static const struct constant_table nfs_xprt_protocol_tokens[] = { 235 { "rdma", Opt_xprt_rdma }, 236 { "rdma6", Opt_xprt_rdma6 }, 237 { "tcp", Opt_xprt_tcp }, 238 { "tcp6", Opt_xprt_tcp6 }, 239 { "udp", Opt_xprt_udp }, 240 { "udp6", Opt_xprt_udp6 }, 241 {} 242}; 243 244enum { 245 Opt_sec_krb5, 246 Opt_sec_krb5i, 247 Opt_sec_krb5p, 248 Opt_sec_lkey, 249 Opt_sec_lkeyi, 250 Opt_sec_lkeyp, 251 Opt_sec_none, 252 Opt_sec_spkm, 253 Opt_sec_spkmi, 254 Opt_sec_spkmp, 255 Opt_sec_sys, 256 nr__Opt_sec 257}; 258 259static const struct constant_table nfs_secflavor_tokens[] = { 260 { "krb5", Opt_sec_krb5 }, 261 { "krb5i", Opt_sec_krb5i }, 262 { "krb5p", Opt_sec_krb5p }, 263 { "lkey", Opt_sec_lkey }, 264 { "lkeyi", Opt_sec_lkeyi }, 265 { "lkeyp", Opt_sec_lkeyp }, 266 { "none", Opt_sec_none }, 267 { "null", Opt_sec_none }, 268 { "spkm3", Opt_sec_spkm }, 269 { "spkm3i", Opt_sec_spkmi }, 270 { "spkm3p", Opt_sec_spkmp }, 271 { "sys", Opt_sec_sys }, 272 {} 273}; 274 275enum { 276 Opt_xprtsec_none, 277 Opt_xprtsec_tls, 278 Opt_xprtsec_mtls, 279 nr__Opt_xprtsec 280}; 281 282static const struct constant_table nfs_xprtsec_policies[] = { 283 { "none", Opt_xprtsec_none }, 284 { "tls", Opt_xprtsec_tls }, 285 { "mtls", Opt_xprtsec_mtls }, 286 {} 287}; 288 289/* 290 * Sanity-check a server address provided by the mount command. 291 * 292 * Address family must be initialized, and address must not be 293 * the ANY address for that family. 294 */ 295static int nfs_verify_server_address(struct sockaddr_storage *addr) 296{ 297 switch (addr->ss_family) { 298 case AF_INET: { 299 struct sockaddr_in *sa = (struct sockaddr_in *)addr; 300 return sa->sin_addr.s_addr != htonl(INADDR_ANY); 301 } 302 case AF_INET6: { 303 struct in6_addr *sa = &((struct sockaddr_in6 *)addr)->sin6_addr; 304 return !ipv6_addr_any(sa); 305 } 306 } 307 308 return 0; 309} 310 311#ifdef CONFIG_NFS_DISABLE_UDP_SUPPORT 312static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx) 313{ 314 return true; 315} 316#else 317static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx) 318{ 319 if (ctx->version == 4) 320 return true; 321 return false; 322} 323#endif 324 325/* 326 * Sanity check the NFS transport protocol. 327 */ 328static int nfs_validate_transport_protocol(struct fs_context *fc, 329 struct nfs_fs_context *ctx) 330{ 331 switch (ctx->nfs_server.protocol) { 332 case XPRT_TRANSPORT_UDP: 333 if (nfs_server_transport_udp_invalid(ctx)) 334 goto out_invalid_transport_udp; 335 break; 336 case XPRT_TRANSPORT_TCP: 337 case XPRT_TRANSPORT_RDMA: 338 break; 339 default: 340 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP; 341 } 342 343 if (ctx->xprtsec.policy != RPC_XPRTSEC_NONE) 344 switch (ctx->nfs_server.protocol) { 345 case XPRT_TRANSPORT_TCP: 346 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP_TLS; 347 break; 348 default: 349 goto out_invalid_xprtsec_policy; 350 } 351 352 return 0; 353out_invalid_transport_udp: 354 return nfs_invalf(fc, "NFS: Unsupported transport protocol udp"); 355out_invalid_xprtsec_policy: 356 return nfs_invalf(fc, "NFS: Transport does not support xprtsec"); 357} 358 359/* 360 * For text based NFSv2/v3 mounts, the mount protocol transport default 361 * settings should depend upon the specified NFS transport. 362 */ 363static void nfs_set_mount_transport_protocol(struct nfs_fs_context *ctx) 364{ 365 if (ctx->mount_server.protocol == XPRT_TRANSPORT_UDP || 366 ctx->mount_server.protocol == XPRT_TRANSPORT_TCP) 367 return; 368 switch (ctx->nfs_server.protocol) { 369 case XPRT_TRANSPORT_UDP: 370 ctx->mount_server.protocol = XPRT_TRANSPORT_UDP; 371 break; 372 case XPRT_TRANSPORT_TCP: 373 case XPRT_TRANSPORT_RDMA: 374 ctx->mount_server.protocol = XPRT_TRANSPORT_TCP; 375 } 376} 377 378/* 379 * Add 'flavor' to 'auth_info' if not already present. 380 * Returns true if 'flavor' ends up in the list, false otherwise 381 */ 382static int nfs_auth_info_add(struct fs_context *fc, 383 struct nfs_auth_info *auth_info, 384 rpc_authflavor_t flavor) 385{ 386 unsigned int i; 387 unsigned int max_flavor_len = ARRAY_SIZE(auth_info->flavors); 388 389 /* make sure this flavor isn't already in the list */ 390 for (i = 0; i < auth_info->flavor_len; i++) { 391 if (flavor == auth_info->flavors[i]) 392 return 0; 393 } 394 395 if (auth_info->flavor_len + 1 >= max_flavor_len) 396 return nfs_invalf(fc, "NFS: too many sec= flavors"); 397 398 auth_info->flavors[auth_info->flavor_len++] = flavor; 399 return 0; 400} 401 402/* 403 * Parse the value of the 'sec=' option. 404 */ 405static int nfs_parse_security_flavors(struct fs_context *fc, 406 struct fs_parameter *param) 407{ 408 struct nfs_fs_context *ctx = nfs_fc2context(fc); 409 rpc_authflavor_t pseudoflavor; 410 char *string = param->string, *p; 411 int ret; 412 413 trace_nfs_mount_assign(param->key, string); 414 415 while ((p = strsep(&string, ":")) != NULL) { 416 if (!*p) 417 continue; 418 switch (lookup_constant(nfs_secflavor_tokens, p, -1)) { 419 case Opt_sec_none: 420 pseudoflavor = RPC_AUTH_NULL; 421 break; 422 case Opt_sec_sys: 423 pseudoflavor = RPC_AUTH_UNIX; 424 break; 425 case Opt_sec_krb5: 426 pseudoflavor = RPC_AUTH_GSS_KRB5; 427 break; 428 case Opt_sec_krb5i: 429 pseudoflavor = RPC_AUTH_GSS_KRB5I; 430 break; 431 case Opt_sec_krb5p: 432 pseudoflavor = RPC_AUTH_GSS_KRB5P; 433 break; 434 case Opt_sec_lkey: 435 pseudoflavor = RPC_AUTH_GSS_LKEY; 436 break; 437 case Opt_sec_lkeyi: 438 pseudoflavor = RPC_AUTH_GSS_LKEYI; 439 break; 440 case Opt_sec_lkeyp: 441 pseudoflavor = RPC_AUTH_GSS_LKEYP; 442 break; 443 case Opt_sec_spkm: 444 pseudoflavor = RPC_AUTH_GSS_SPKM; 445 break; 446 case Opt_sec_spkmi: 447 pseudoflavor = RPC_AUTH_GSS_SPKMI; 448 break; 449 case Opt_sec_spkmp: 450 pseudoflavor = RPC_AUTH_GSS_SPKMP; 451 break; 452 default: 453 return nfs_invalf(fc, "NFS: sec=%s option not recognized", p); 454 } 455 456 ret = nfs_auth_info_add(fc, &ctx->auth_info, pseudoflavor); 457 if (ret < 0) 458 return ret; 459 } 460 461 return 0; 462} 463 464static int nfs_parse_xprtsec_policy(struct fs_context *fc, 465 struct fs_parameter *param) 466{ 467 struct nfs_fs_context *ctx = nfs_fc2context(fc); 468 469 trace_nfs_mount_assign(param->key, param->string); 470 471 switch (lookup_constant(nfs_xprtsec_policies, param->string, -1)) { 472 case Opt_xprtsec_none: 473 ctx->xprtsec.policy = RPC_XPRTSEC_NONE; 474 break; 475 case Opt_xprtsec_tls: 476 ctx->xprtsec.policy = RPC_XPRTSEC_TLS_ANON; 477 break; 478 case Opt_xprtsec_mtls: 479 ctx->xprtsec.policy = RPC_XPRTSEC_TLS_X509; 480 break; 481 default: 482 return nfs_invalf(fc, "NFS: Unrecognized transport security policy"); 483 } 484 return 0; 485} 486 487static int nfs_parse_version_string(struct fs_context *fc, 488 const char *string) 489{ 490 struct nfs_fs_context *ctx = nfs_fc2context(fc); 491 492 ctx->flags &= ~NFS_MOUNT_VER3; 493 switch (lookup_constant(nfs_vers_tokens, string, -1)) { 494 case Opt_vers_2: 495 ctx->version = 2; 496 break; 497 case Opt_vers_3: 498 ctx->flags |= NFS_MOUNT_VER3; 499 ctx->version = 3; 500 break; 501 case Opt_vers_4: 502 /* Backward compatibility option. In future, 503 * the mount program should always supply 504 * a NFSv4 minor version number. 505 */ 506 ctx->version = 4; 507 break; 508 case Opt_vers_4_0: 509 ctx->version = 4; 510 ctx->minorversion = 0; 511 break; 512 case Opt_vers_4_1: 513 ctx->version = 4; 514 ctx->minorversion = 1; 515 break; 516 case Opt_vers_4_2: 517 ctx->version = 4; 518 ctx->minorversion = 2; 519 break; 520 default: 521 return nfs_invalf(fc, "NFS: Unsupported NFS version"); 522 } 523 return 0; 524} 525 526/* 527 * Parse a single mount parameter. 528 */ 529static int nfs_fs_context_parse_param(struct fs_context *fc, 530 struct fs_parameter *param) 531{ 532 struct fs_parse_result result; 533 struct nfs_fs_context *ctx = nfs_fc2context(fc); 534 unsigned short protofamily, mountfamily; 535 unsigned int len; 536 int ret, opt; 537 538 trace_nfs_mount_option(param); 539 540 opt = fs_parse(fc, nfs_fs_parameters, param, &result); 541 if (opt < 0) 542 return (opt == -ENOPARAM && ctx->sloppy) ? 1 : opt; 543 544 if (fc->security) 545 ctx->has_sec_mnt_opts = 1; 546 547 switch (opt) { 548 case Opt_source: 549 if (fc->source) 550 return nfs_invalf(fc, "NFS: Multiple sources not supported"); 551 fc->source = param->string; 552 param->string = NULL; 553 break; 554 555 /* 556 * boolean options: foo/nofoo 557 */ 558 case Opt_soft: 559 ctx->flags |= NFS_MOUNT_SOFT; 560 ctx->flags &= ~NFS_MOUNT_SOFTERR; 561 break; 562 case Opt_softerr: 563 ctx->flags |= NFS_MOUNT_SOFTERR | NFS_MOUNT_SOFTREVAL; 564 ctx->flags &= ~NFS_MOUNT_SOFT; 565 break; 566 case Opt_hard: 567 ctx->flags &= ~(NFS_MOUNT_SOFT | 568 NFS_MOUNT_SOFTERR | 569 NFS_MOUNT_SOFTREVAL); 570 break; 571 case Opt_softreval: 572 if (result.negated) 573 ctx->flags &= ~NFS_MOUNT_SOFTREVAL; 574 else 575 ctx->flags |= NFS_MOUNT_SOFTREVAL; 576 break; 577 case Opt_posix: 578 if (result.negated) 579 ctx->flags &= ~NFS_MOUNT_POSIX; 580 else 581 ctx->flags |= NFS_MOUNT_POSIX; 582 break; 583 case Opt_cto: 584 if (result.negated) 585 ctx->flags |= NFS_MOUNT_NOCTO; 586 else 587 ctx->flags &= ~NFS_MOUNT_NOCTO; 588 break; 589 case Opt_trunkdiscovery: 590 if (result.negated) 591 ctx->flags &= ~NFS_MOUNT_TRUNK_DISCOVERY; 592 else 593 ctx->flags |= NFS_MOUNT_TRUNK_DISCOVERY; 594 break; 595 case Opt_ac: 596 if (result.negated) 597 ctx->flags |= NFS_MOUNT_NOAC; 598 else 599 ctx->flags &= ~NFS_MOUNT_NOAC; 600 break; 601 case Opt_lock: 602 if (result.negated) { 603 ctx->lock_status = NFS_LOCK_NOLOCK; 604 ctx->flags |= NFS_MOUNT_NONLM; 605 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL); 606 } else { 607 ctx->lock_status = NFS_LOCK_LOCK; 608 ctx->flags &= ~NFS_MOUNT_NONLM; 609 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL); 610 } 611 break; 612 case Opt_udp: 613 ctx->flags &= ~NFS_MOUNT_TCP; 614 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP; 615 break; 616 case Opt_tcp: 617 case Opt_rdma: 618 ctx->flags |= NFS_MOUNT_TCP; /* for side protocols */ 619 ret = xprt_find_transport_ident(param->key); 620 if (ret < 0) 621 goto out_bad_transport; 622 ctx->nfs_server.protocol = ret; 623 break; 624 case Opt_acl: 625 if (result.negated) 626 ctx->flags |= NFS_MOUNT_NOACL; 627 else 628 ctx->flags &= ~NFS_MOUNT_NOACL; 629 break; 630 case Opt_rdirplus: 631 if (result.negated) 632 ctx->flags |= NFS_MOUNT_NORDIRPLUS; 633 else 634 ctx->flags &= ~NFS_MOUNT_NORDIRPLUS; 635 break; 636 case Opt_sharecache: 637 if (result.negated) 638 ctx->flags |= NFS_MOUNT_UNSHARED; 639 else 640 ctx->flags &= ~NFS_MOUNT_UNSHARED; 641 break; 642 case Opt_resvport: 643 if (result.negated) 644 ctx->flags |= NFS_MOUNT_NORESVPORT; 645 else 646 ctx->flags &= ~NFS_MOUNT_NORESVPORT; 647 break; 648 case Opt_fscache_flag: 649 if (result.negated) 650 ctx->options &= ~NFS_OPTION_FSCACHE; 651 else 652 ctx->options |= NFS_OPTION_FSCACHE; 653 kfree(ctx->fscache_uniq); 654 ctx->fscache_uniq = NULL; 655 break; 656 case Opt_fscache: 657 trace_nfs_mount_assign(param->key, param->string); 658 ctx->options |= NFS_OPTION_FSCACHE; 659 kfree(ctx->fscache_uniq); 660 ctx->fscache_uniq = param->string; 661 param->string = NULL; 662 break; 663 case Opt_migration: 664 if (result.negated) 665 ctx->options &= ~NFS_OPTION_MIGRATION; 666 else 667 ctx->options |= NFS_OPTION_MIGRATION; 668 break; 669 670 /* 671 * options that take numeric values 672 */ 673 case Opt_port: 674 if (result.uint_32 > USHRT_MAX) 675 goto out_of_bounds; 676 ctx->nfs_server.port = result.uint_32; 677 break; 678 case Opt_rsize: 679 ctx->rsize = result.uint_32; 680 break; 681 case Opt_wsize: 682 ctx->wsize = result.uint_32; 683 break; 684 case Opt_bsize: 685 ctx->bsize = result.uint_32; 686 break; 687 case Opt_timeo: 688 if (result.uint_32 < 1 || result.uint_32 > INT_MAX) 689 goto out_of_bounds; 690 ctx->timeo = result.uint_32; 691 break; 692 case Opt_retrans: 693 if (result.uint_32 > INT_MAX) 694 goto out_of_bounds; 695 ctx->retrans = result.uint_32; 696 break; 697 case Opt_acregmin: 698 ctx->acregmin = result.uint_32; 699 break; 700 case Opt_acregmax: 701 ctx->acregmax = result.uint_32; 702 break; 703 case Opt_acdirmin: 704 ctx->acdirmin = result.uint_32; 705 break; 706 case Opt_acdirmax: 707 ctx->acdirmax = result.uint_32; 708 break; 709 case Opt_actimeo: 710 ctx->acregmin = result.uint_32; 711 ctx->acregmax = result.uint_32; 712 ctx->acdirmin = result.uint_32; 713 ctx->acdirmax = result.uint_32; 714 break; 715 case Opt_namelen: 716 ctx->namlen = result.uint_32; 717 break; 718 case Opt_mountport: 719 if (result.uint_32 > USHRT_MAX) 720 goto out_of_bounds; 721 ctx->mount_server.port = result.uint_32; 722 break; 723 case Opt_mountvers: 724 if (result.uint_32 < NFS_MNT_VERSION || 725 result.uint_32 > NFS_MNT3_VERSION) 726 goto out_of_bounds; 727 ctx->mount_server.version = result.uint_32; 728 break; 729 case Opt_minorversion: 730 if (result.uint_32 > NFS4_MAX_MINOR_VERSION) 731 goto out_of_bounds; 732 ctx->minorversion = result.uint_32; 733 break; 734 735 /* 736 * options that take text values 737 */ 738 case Opt_v: 739 ret = nfs_parse_version_string(fc, param->key + 1); 740 if (ret < 0) 741 return ret; 742 break; 743 case Opt_vers: 744 if (!param->string) 745 goto out_invalid_value; 746 trace_nfs_mount_assign(param->key, param->string); 747 ret = nfs_parse_version_string(fc, param->string); 748 if (ret < 0) 749 return ret; 750 break; 751 case Opt_sec: 752 ret = nfs_parse_security_flavors(fc, param); 753 if (ret < 0) 754 return ret; 755 break; 756 case Opt_xprtsec: 757 ret = nfs_parse_xprtsec_policy(fc, param); 758 if (ret < 0) 759 return ret; 760 break; 761 762 case Opt_proto: 763 if (!param->string) 764 goto out_invalid_value; 765 trace_nfs_mount_assign(param->key, param->string); 766 protofamily = AF_INET; 767 switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) { 768 case Opt_xprt_udp6: 769 protofamily = AF_INET6; 770 fallthrough; 771 case Opt_xprt_udp: 772 ctx->flags &= ~NFS_MOUNT_TCP; 773 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP; 774 break; 775 case Opt_xprt_tcp6: 776 protofamily = AF_INET6; 777 fallthrough; 778 case Opt_xprt_tcp: 779 ctx->flags |= NFS_MOUNT_TCP; 780 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP; 781 break; 782 case Opt_xprt_rdma6: 783 protofamily = AF_INET6; 784 fallthrough; 785 case Opt_xprt_rdma: 786 /* vector side protocols to TCP */ 787 ctx->flags |= NFS_MOUNT_TCP; 788 ret = xprt_find_transport_ident(param->string); 789 if (ret < 0) 790 goto out_bad_transport; 791 ctx->nfs_server.protocol = ret; 792 break; 793 default: 794 goto out_bad_transport; 795 } 796 797 ctx->protofamily = protofamily; 798 break; 799 800 case Opt_mountproto: 801 if (!param->string) 802 goto out_invalid_value; 803 trace_nfs_mount_assign(param->key, param->string); 804 mountfamily = AF_INET; 805 switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) { 806 case Opt_xprt_udp6: 807 mountfamily = AF_INET6; 808 fallthrough; 809 case Opt_xprt_udp: 810 ctx->mount_server.protocol = XPRT_TRANSPORT_UDP; 811 break; 812 case Opt_xprt_tcp6: 813 mountfamily = AF_INET6; 814 fallthrough; 815 case Opt_xprt_tcp: 816 ctx->mount_server.protocol = XPRT_TRANSPORT_TCP; 817 break; 818 case Opt_xprt_rdma: /* not used for side protocols */ 819 default: 820 goto out_bad_transport; 821 } 822 ctx->mountfamily = mountfamily; 823 break; 824 825 case Opt_addr: 826 trace_nfs_mount_assign(param->key, param->string); 827 len = rpc_pton(fc->net_ns, param->string, param->size, 828 &ctx->nfs_server.address, 829 sizeof(ctx->nfs_server._address)); 830 if (len == 0) 831 goto out_invalid_address; 832 ctx->nfs_server.addrlen = len; 833 break; 834 case Opt_clientaddr: 835 trace_nfs_mount_assign(param->key, param->string); 836 kfree(ctx->client_address); 837 ctx->client_address = param->string; 838 param->string = NULL; 839 break; 840 case Opt_mounthost: 841 trace_nfs_mount_assign(param->key, param->string); 842 kfree(ctx->mount_server.hostname); 843 ctx->mount_server.hostname = param->string; 844 param->string = NULL; 845 break; 846 case Opt_mountaddr: 847 trace_nfs_mount_assign(param->key, param->string); 848 len = rpc_pton(fc->net_ns, param->string, param->size, 849 &ctx->mount_server.address, 850 sizeof(ctx->mount_server._address)); 851 if (len == 0) 852 goto out_invalid_address; 853 ctx->mount_server.addrlen = len; 854 break; 855 case Opt_nconnect: 856 trace_nfs_mount_assign(param->key, param->string); 857 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_CONNECTIONS) 858 goto out_of_bounds; 859 ctx->nfs_server.nconnect = result.uint_32; 860 break; 861 case Opt_max_connect: 862 trace_nfs_mount_assign(param->key, param->string); 863 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_TRANSPORTS) 864 goto out_of_bounds; 865 ctx->nfs_server.max_connect = result.uint_32; 866 break; 867 case Opt_lookupcache: 868 trace_nfs_mount_assign(param->key, param->string); 869 switch (result.uint_32) { 870 case Opt_lookupcache_all: 871 ctx->flags &= ~(NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE); 872 break; 873 case Opt_lookupcache_positive: 874 ctx->flags &= ~NFS_MOUNT_LOOKUP_CACHE_NONE; 875 ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG; 876 break; 877 case Opt_lookupcache_none: 878 ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE; 879 break; 880 default: 881 goto out_invalid_value; 882 } 883 break; 884 case Opt_local_lock: 885 trace_nfs_mount_assign(param->key, param->string); 886 switch (result.uint_32) { 887 case Opt_local_lock_all: 888 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | 889 NFS_MOUNT_LOCAL_FCNTL); 890 break; 891 case Opt_local_lock_flock: 892 ctx->flags |= NFS_MOUNT_LOCAL_FLOCK; 893 break; 894 case Opt_local_lock_posix: 895 ctx->flags |= NFS_MOUNT_LOCAL_FCNTL; 896 break; 897 case Opt_local_lock_none: 898 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK | 899 NFS_MOUNT_LOCAL_FCNTL); 900 break; 901 default: 902 goto out_invalid_value; 903 } 904 break; 905 case Opt_write: 906 trace_nfs_mount_assign(param->key, param->string); 907 switch (result.uint_32) { 908 case Opt_write_lazy: 909 ctx->flags &= 910 ~(NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT); 911 break; 912 case Opt_write_eager: 913 ctx->flags |= NFS_MOUNT_WRITE_EAGER; 914 ctx->flags &= ~NFS_MOUNT_WRITE_WAIT; 915 break; 916 case Opt_write_wait: 917 ctx->flags |= 918 NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT; 919 break; 920 default: 921 goto out_invalid_value; 922 } 923 break; 924 925 /* 926 * Special options 927 */ 928 case Opt_sloppy: 929 ctx->sloppy = true; 930 break; 931 } 932 933 return 0; 934 935out_invalid_value: 936 return nfs_invalf(fc, "NFS: Bad mount option value specified"); 937out_invalid_address: 938 return nfs_invalf(fc, "NFS: Bad IP address specified"); 939out_of_bounds: 940 return nfs_invalf(fc, "NFS: Value for '%s' out of range", param->key); 941out_bad_transport: 942 return nfs_invalf(fc, "NFS: Unrecognized transport protocol"); 943} 944 945/* 946 * Split fc->source into "hostname:export_path". 947 * 948 * The leftmost colon demarks the split between the server's hostname 949 * and the export path. If the hostname starts with a left square 950 * bracket, then it may contain colons. 951 * 952 * Note: caller frees hostname and export path, even on error. 953 */ 954static int nfs_parse_source(struct fs_context *fc, 955 size_t maxnamlen, size_t maxpathlen) 956{ 957 struct nfs_fs_context *ctx = nfs_fc2context(fc); 958 const char *dev_name = fc->source; 959 size_t len; 960 const char *end; 961 962 if (unlikely(!dev_name || !*dev_name)) 963 return -EINVAL; 964 965 /* Is the host name protected with square brakcets? */ 966 if (*dev_name == '[') { 967 end = strchr(++dev_name, ']'); 968 if (end == NULL || end[1] != ':') 969 goto out_bad_devname; 970 971 len = end - dev_name; 972 end++; 973 } else { 974 const char *comma; 975 976 end = strchr(dev_name, ':'); 977 if (end == NULL) 978 goto out_bad_devname; 979 len = end - dev_name; 980 981 /* kill possible hostname list: not supported */ 982 comma = memchr(dev_name, ',', len); 983 if (comma) 984 len = comma - dev_name; 985 } 986 987 if (len > maxnamlen) 988 goto out_hostname; 989 990 kfree(ctx->nfs_server.hostname); 991 992 /* N.B. caller will free nfs_server.hostname in all cases */ 993 ctx->nfs_server.hostname = kmemdup_nul(dev_name, len, GFP_KERNEL); 994 if (!ctx->nfs_server.hostname) 995 goto out_nomem; 996 len = strlen(++end); 997 if (len > maxpathlen) 998 goto out_path; 999 ctx->nfs_server.export_path = kmemdup_nul(end, len, GFP_KERNEL); 1000 if (!ctx->nfs_server.export_path) 1001 goto out_nomem; 1002 1003 trace_nfs_mount_path(ctx->nfs_server.export_path); 1004 return 0; 1005 1006out_bad_devname: 1007 return nfs_invalf(fc, "NFS: device name not in host:path format"); 1008out_nomem: 1009 nfs_errorf(fc, "NFS: not enough memory to parse device name"); 1010 return -ENOMEM; 1011out_hostname: 1012 nfs_errorf(fc, "NFS: server hostname too long"); 1013 return -ENAMETOOLONG; 1014out_path: 1015 nfs_errorf(fc, "NFS: export pathname too long"); 1016 return -ENAMETOOLONG; 1017} 1018 1019static inline bool is_remount_fc(struct fs_context *fc) 1020{ 1021 return fc->root != NULL; 1022} 1023 1024/* 1025 * Parse monolithic NFS2/NFS3 mount data 1026 * - fills in the mount root filehandle 1027 * 1028 * For option strings, user space handles the following behaviors: 1029 * 1030 * + DNS: mapping server host name to IP address ("addr=" option) 1031 * 1032 * + failure mode: how to behave if a mount request can't be handled 1033 * immediately ("fg/bg" option) 1034 * 1035 * + retry: how often to retry a mount request ("retry=" option) 1036 * 1037 * + breaking back: trying proto=udp after proto=tcp, v2 after v3, 1038 * mountproto=tcp after mountproto=udp, and so on 1039 */ 1040static int nfs23_parse_monolithic(struct fs_context *fc, 1041 struct nfs_mount_data *data) 1042{ 1043 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1044 struct nfs_fh *mntfh = ctx->mntfh; 1045 struct sockaddr_storage *sap = &ctx->nfs_server._address; 1046 int extra_flags = NFS_MOUNT_LEGACY_INTERFACE; 1047 int ret; 1048 1049 if (data == NULL) 1050 goto out_no_data; 1051 1052 ctx->version = NFS_DEFAULT_VERSION; 1053 switch (data->version) { 1054 case 1: 1055 data->namlen = 0; 1056 fallthrough; 1057 case 2: 1058 data->bsize = 0; 1059 fallthrough; 1060 case 3: 1061 if (data->flags & NFS_MOUNT_VER3) 1062 goto out_no_v3; 1063 data->root.size = NFS2_FHSIZE; 1064 memcpy(data->root.data, data->old_root.data, NFS2_FHSIZE); 1065 /* Turn off security negotiation */ 1066 extra_flags |= NFS_MOUNT_SECFLAVOUR; 1067 fallthrough; 1068 case 4: 1069 if (data->flags & NFS_MOUNT_SECFLAVOUR) 1070 goto out_no_sec; 1071 fallthrough; 1072 case 5: 1073 memset(data->context, 0, sizeof(data->context)); 1074 fallthrough; 1075 case 6: 1076 if (data->flags & NFS_MOUNT_VER3) { 1077 if (data->root.size > NFS3_FHSIZE || data->root.size == 0) 1078 goto out_invalid_fh; 1079 mntfh->size = data->root.size; 1080 ctx->version = 3; 1081 } else { 1082 mntfh->size = NFS2_FHSIZE; 1083 ctx->version = 2; 1084 } 1085 1086 1087 memcpy(mntfh->data, data->root.data, mntfh->size); 1088 if (mntfh->size < sizeof(mntfh->data)) 1089 memset(mntfh->data + mntfh->size, 0, 1090 sizeof(mntfh->data) - mntfh->size); 1091 1092 /* 1093 * for proto == XPRT_TRANSPORT_UDP, which is what uses 1094 * to_exponential, implying shift: limit the shift value 1095 * to BITS_PER_LONG (majortimeo is unsigned long) 1096 */ 1097 if (!(data->flags & NFS_MOUNT_TCP)) /* this will be UDP */ 1098 if (data->retrans >= 64) /* shift value is too large */ 1099 goto out_invalid_data; 1100 1101 /* 1102 * Translate to nfs_fs_context, which nfs_fill_super 1103 * can deal with. 1104 */ 1105 ctx->flags = data->flags & NFS_MOUNT_FLAGMASK; 1106 ctx->flags |= extra_flags; 1107 ctx->rsize = data->rsize; 1108 ctx->wsize = data->wsize; 1109 ctx->timeo = data->timeo; 1110 ctx->retrans = data->retrans; 1111 ctx->acregmin = data->acregmin; 1112 ctx->acregmax = data->acregmax; 1113 ctx->acdirmin = data->acdirmin; 1114 ctx->acdirmax = data->acdirmax; 1115 ctx->need_mount = false; 1116 1117 if (!is_remount_fc(fc)) { 1118 memcpy(sap, &data->addr, sizeof(data->addr)); 1119 ctx->nfs_server.addrlen = sizeof(data->addr); 1120 ctx->nfs_server.port = ntohs(data->addr.sin_port); 1121 } 1122 1123 if (sap->ss_family != AF_INET || 1124 !nfs_verify_server_address(sap)) 1125 goto out_no_address; 1126 1127 if (!(data->flags & NFS_MOUNT_TCP)) 1128 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP; 1129 /* N.B. caller will free nfs_server.hostname in all cases */ 1130 ctx->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL); 1131 if (!ctx->nfs_server.hostname) 1132 goto out_nomem; 1133 1134 ctx->namlen = data->namlen; 1135 ctx->bsize = data->bsize; 1136 1137 if (data->flags & NFS_MOUNT_SECFLAVOUR) 1138 ctx->selected_flavor = data->pseudoflavor; 1139 else 1140 ctx->selected_flavor = RPC_AUTH_UNIX; 1141 1142 if (!(data->flags & NFS_MOUNT_NONLM)) 1143 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK| 1144 NFS_MOUNT_LOCAL_FCNTL); 1145 else 1146 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK| 1147 NFS_MOUNT_LOCAL_FCNTL); 1148 1149 /* 1150 * The legacy version 6 binary mount data from userspace has a 1151 * field used only to transport selinux information into the 1152 * kernel. To continue to support that functionality we 1153 * have a touch of selinux knowledge here in the NFS code. The 1154 * userspace code converted context=blah to just blah so we are 1155 * converting back to the full string selinux understands. 1156 */ 1157 if (data->context[0]){ 1158#ifdef CONFIG_SECURITY_SELINUX 1159 int ret; 1160 1161 data->context[NFS_MAX_CONTEXT_LEN] = '\0'; 1162 ret = vfs_parse_fs_string(fc, "context", 1163 data->context, strlen(data->context)); 1164 if (ret < 0) 1165 return ret; 1166#else 1167 return -EINVAL; 1168#endif 1169 } 1170 1171 break; 1172 default: 1173 goto generic; 1174 } 1175 1176 ret = nfs_validate_transport_protocol(fc, ctx); 1177 if (ret) 1178 return ret; 1179 1180 ctx->skip_reconfig_option_check = true; 1181 return 0; 1182 1183generic: 1184 return generic_parse_monolithic(fc, data); 1185 1186out_no_data: 1187 if (is_remount_fc(fc)) { 1188 ctx->skip_reconfig_option_check = true; 1189 return 0; 1190 } 1191 return nfs_invalf(fc, "NFS: mount program didn't pass any mount data"); 1192 1193out_no_v3: 1194 return nfs_invalf(fc, "NFS: nfs_mount_data version does not support v3"); 1195 1196out_no_sec: 1197 return nfs_invalf(fc, "NFS: nfs_mount_data version supports only AUTH_SYS"); 1198 1199out_nomem: 1200 return -ENOMEM; 1201 1202out_no_address: 1203 return nfs_invalf(fc, "NFS: mount program didn't pass remote address"); 1204 1205out_invalid_fh: 1206 return nfs_invalf(fc, "NFS: invalid root filehandle"); 1207 1208out_invalid_data: 1209 return nfs_invalf(fc, "NFS: invalid binary mount data"); 1210} 1211 1212#if IS_ENABLED(CONFIG_NFS_V4) 1213struct compat_nfs_string { 1214 compat_uint_t len; 1215 compat_uptr_t data; 1216}; 1217 1218static inline void compat_nfs_string(struct nfs_string *dst, 1219 struct compat_nfs_string *src) 1220{ 1221 dst->data = compat_ptr(src->data); 1222 dst->len = src->len; 1223} 1224 1225struct compat_nfs4_mount_data_v1 { 1226 compat_int_t version; 1227 compat_int_t flags; 1228 compat_int_t rsize; 1229 compat_int_t wsize; 1230 compat_int_t timeo; 1231 compat_int_t retrans; 1232 compat_int_t acregmin; 1233 compat_int_t acregmax; 1234 compat_int_t acdirmin; 1235 compat_int_t acdirmax; 1236 struct compat_nfs_string client_addr; 1237 struct compat_nfs_string mnt_path; 1238 struct compat_nfs_string hostname; 1239 compat_uint_t host_addrlen; 1240 compat_uptr_t host_addr; 1241 compat_int_t proto; 1242 compat_int_t auth_flavourlen; 1243 compat_uptr_t auth_flavours; 1244}; 1245 1246static void nfs4_compat_mount_data_conv(struct nfs4_mount_data *data) 1247{ 1248 struct compat_nfs4_mount_data_v1 *compat = 1249 (struct compat_nfs4_mount_data_v1 *)data; 1250 1251 /* copy the fields backwards */ 1252 data->auth_flavours = compat_ptr(compat->auth_flavours); 1253 data->auth_flavourlen = compat->auth_flavourlen; 1254 data->proto = compat->proto; 1255 data->host_addr = compat_ptr(compat->host_addr); 1256 data->host_addrlen = compat->host_addrlen; 1257 compat_nfs_string(&data->hostname, &compat->hostname); 1258 compat_nfs_string(&data->mnt_path, &compat->mnt_path); 1259 compat_nfs_string(&data->client_addr, &compat->client_addr); 1260 data->acdirmax = compat->acdirmax; 1261 data->acdirmin = compat->acdirmin; 1262 data->acregmax = compat->acregmax; 1263 data->acregmin = compat->acregmin; 1264 data->retrans = compat->retrans; 1265 data->timeo = compat->timeo; 1266 data->wsize = compat->wsize; 1267 data->rsize = compat->rsize; 1268 data->flags = compat->flags; 1269 data->version = compat->version; 1270} 1271 1272/* 1273 * Validate NFSv4 mount options 1274 */ 1275static int nfs4_parse_monolithic(struct fs_context *fc, 1276 struct nfs4_mount_data *data) 1277{ 1278 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1279 struct sockaddr_storage *sap = &ctx->nfs_server._address; 1280 int ret; 1281 char *c; 1282 1283 if (!data) { 1284 if (is_remount_fc(fc)) 1285 goto done; 1286 return nfs_invalf(fc, 1287 "NFS4: mount program didn't pass any mount data"); 1288 } 1289 1290 ctx->version = 4; 1291 1292 if (data->version != 1) 1293 return generic_parse_monolithic(fc, data); 1294 1295 if (in_compat_syscall()) 1296 nfs4_compat_mount_data_conv(data); 1297 1298 if (data->host_addrlen > sizeof(ctx->nfs_server.address)) 1299 goto out_no_address; 1300 if (data->host_addrlen == 0) 1301 goto out_no_address; 1302 ctx->nfs_server.addrlen = data->host_addrlen; 1303 if (copy_from_user(sap, data->host_addr, data->host_addrlen)) 1304 return -EFAULT; 1305 if (!nfs_verify_server_address(sap)) 1306 goto out_no_address; 1307 ctx->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port); 1308 1309 if (data->auth_flavourlen) { 1310 rpc_authflavor_t pseudoflavor; 1311 1312 if (data->auth_flavourlen > 1) 1313 goto out_inval_auth; 1314 if (copy_from_user(&pseudoflavor, data->auth_flavours, 1315 sizeof(pseudoflavor))) 1316 return -EFAULT; 1317 ctx->selected_flavor = pseudoflavor; 1318 } else { 1319 ctx->selected_flavor = RPC_AUTH_UNIX; 1320 } 1321 1322 c = strndup_user(data->hostname.data, NFS4_MAXNAMLEN); 1323 if (IS_ERR(c)) 1324 return PTR_ERR(c); 1325 ctx->nfs_server.hostname = c; 1326 1327 c = strndup_user(data->mnt_path.data, NFS4_MAXPATHLEN); 1328 if (IS_ERR(c)) 1329 return PTR_ERR(c); 1330 ctx->nfs_server.export_path = c; 1331 trace_nfs_mount_path(c); 1332 1333 c = strndup_user(data->client_addr.data, 16); 1334 if (IS_ERR(c)) 1335 return PTR_ERR(c); 1336 ctx->client_address = c; 1337 1338 /* 1339 * Translate to nfs_fs_context, which nfs_fill_super 1340 * can deal with. 1341 */ 1342 1343 ctx->flags = data->flags & NFS4_MOUNT_FLAGMASK; 1344 ctx->rsize = data->rsize; 1345 ctx->wsize = data->wsize; 1346 ctx->timeo = data->timeo; 1347 ctx->retrans = data->retrans; 1348 ctx->acregmin = data->acregmin; 1349 ctx->acregmax = data->acregmax; 1350 ctx->acdirmin = data->acdirmin; 1351 ctx->acdirmax = data->acdirmax; 1352 ctx->nfs_server.protocol = data->proto; 1353 ret = nfs_validate_transport_protocol(fc, ctx); 1354 if (ret) 1355 return ret; 1356done: 1357 ctx->skip_reconfig_option_check = true; 1358 return 0; 1359 1360out_inval_auth: 1361 return nfs_invalf(fc, "NFS4: Invalid number of RPC auth flavours %d", 1362 data->auth_flavourlen); 1363 1364out_no_address: 1365 return nfs_invalf(fc, "NFS4: mount program didn't pass remote address"); 1366} 1367#endif 1368 1369/* 1370 * Parse a monolithic block of data from sys_mount(). 1371 */ 1372static int nfs_fs_context_parse_monolithic(struct fs_context *fc, 1373 void *data) 1374{ 1375 if (fc->fs_type == &nfs_fs_type) 1376 return nfs23_parse_monolithic(fc, data); 1377 1378#if IS_ENABLED(CONFIG_NFS_V4) 1379 if (fc->fs_type == &nfs4_fs_type) 1380 return nfs4_parse_monolithic(fc, data); 1381#endif 1382 1383 return nfs_invalf(fc, "NFS: Unsupported monolithic data version"); 1384} 1385 1386/* 1387 * Validate the preparsed information in the config. 1388 */ 1389static int nfs_fs_context_validate(struct fs_context *fc) 1390{ 1391 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1392 struct nfs_subversion *nfs_mod; 1393 struct sockaddr_storage *sap = &ctx->nfs_server._address; 1394 int max_namelen = PAGE_SIZE; 1395 int max_pathlen = NFS_MAXPATHLEN; 1396 int port = 0; 1397 int ret; 1398 1399 if (!fc->source) 1400 goto out_no_device_name; 1401 1402 /* Check for sanity first. */ 1403 if (ctx->minorversion && ctx->version != 4) 1404 goto out_minorversion_mismatch; 1405 1406 if (ctx->options & NFS_OPTION_MIGRATION && 1407 (ctx->version != 4 || ctx->minorversion != 0)) 1408 goto out_migration_misuse; 1409 1410 /* Verify that any proto=/mountproto= options match the address 1411 * families in the addr=/mountaddr= options. 1412 */ 1413 if (ctx->protofamily != AF_UNSPEC && 1414 ctx->protofamily != ctx->nfs_server.address.sa_family) 1415 goto out_proto_mismatch; 1416 1417 if (ctx->mountfamily != AF_UNSPEC) { 1418 if (ctx->mount_server.addrlen) { 1419 if (ctx->mountfamily != ctx->mount_server.address.sa_family) 1420 goto out_mountproto_mismatch; 1421 } else { 1422 if (ctx->mountfamily != ctx->nfs_server.address.sa_family) 1423 goto out_mountproto_mismatch; 1424 } 1425 } 1426 1427 if (!nfs_verify_server_address(sap)) 1428 goto out_no_address; 1429 1430 ret = nfs_validate_transport_protocol(fc, ctx); 1431 if (ret) 1432 return ret; 1433 1434 if (ctx->version == 4) { 1435 if (IS_ENABLED(CONFIG_NFS_V4)) { 1436 if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA) 1437 port = NFS_RDMA_PORT; 1438 else 1439 port = NFS_PORT; 1440 max_namelen = NFS4_MAXNAMLEN; 1441 max_pathlen = NFS4_MAXPATHLEN; 1442 ctx->flags &= ~(NFS_MOUNT_NONLM | NFS_MOUNT_NOACL | 1443 NFS_MOUNT_VER3 | NFS_MOUNT_LOCAL_FLOCK | 1444 NFS_MOUNT_LOCAL_FCNTL); 1445 } else { 1446 goto out_v4_not_compiled; 1447 } 1448 } else { 1449 nfs_set_mount_transport_protocol(ctx); 1450 if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA) 1451 port = NFS_RDMA_PORT; 1452 } 1453 1454 nfs_set_port(sap, &ctx->nfs_server.port, port); 1455 1456 ret = nfs_parse_source(fc, max_namelen, max_pathlen); 1457 if (ret < 0) 1458 return ret; 1459 1460 /* Load the NFS protocol module if we haven't done so yet */ 1461 if (!ctx->nfs_mod) { 1462 nfs_mod = get_nfs_version(ctx->version); 1463 if (IS_ERR(nfs_mod)) { 1464 ret = PTR_ERR(nfs_mod); 1465 goto out_version_unavailable; 1466 } 1467 ctx->nfs_mod = nfs_mod; 1468 } 1469 1470 /* Ensure the filesystem context has the correct fs_type */ 1471 if (fc->fs_type != ctx->nfs_mod->nfs_fs) { 1472 module_put(fc->fs_type->owner); 1473 __module_get(ctx->nfs_mod->nfs_fs->owner); 1474 fc->fs_type = ctx->nfs_mod->nfs_fs; 1475 } 1476 return 0; 1477 1478out_no_device_name: 1479 return nfs_invalf(fc, "NFS: Device name not specified"); 1480out_v4_not_compiled: 1481 nfs_errorf(fc, "NFS: NFSv4 is not compiled into kernel"); 1482 return -EPROTONOSUPPORT; 1483out_no_address: 1484 return nfs_invalf(fc, "NFS: mount program didn't pass remote address"); 1485out_mountproto_mismatch: 1486 return nfs_invalf(fc, "NFS: Mount server address does not match mountproto= option"); 1487out_proto_mismatch: 1488 return nfs_invalf(fc, "NFS: Server address does not match proto= option"); 1489out_minorversion_mismatch: 1490 return nfs_invalf(fc, "NFS: Mount option vers=%u does not support minorversion=%u", 1491 ctx->version, ctx->minorversion); 1492out_migration_misuse: 1493 return nfs_invalf(fc, "NFS: 'Migration' not supported for this NFS version"); 1494out_version_unavailable: 1495 nfs_errorf(fc, "NFS: Version unavailable"); 1496 return ret; 1497} 1498 1499/* 1500 * Create an NFS superblock by the appropriate method. 1501 */ 1502static int nfs_get_tree(struct fs_context *fc) 1503{ 1504 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1505 int err = nfs_fs_context_validate(fc); 1506 1507 if (err) 1508 return err; 1509 if (!ctx->internal) 1510 return ctx->nfs_mod->rpc_ops->try_get_tree(fc); 1511 else 1512 return nfs_get_tree_common(fc); 1513} 1514 1515/* 1516 * Handle duplication of a configuration. The caller copied *src into *sc, but 1517 * it can't deal with resource pointers in the filesystem context, so we have 1518 * to do that. We need to clear pointers, copy data or get extra refs as 1519 * appropriate. 1520 */ 1521static int nfs_fs_context_dup(struct fs_context *fc, struct fs_context *src_fc) 1522{ 1523 struct nfs_fs_context *src = nfs_fc2context(src_fc), *ctx; 1524 1525 ctx = kmemdup(src, sizeof(struct nfs_fs_context), GFP_KERNEL); 1526 if (!ctx) 1527 return -ENOMEM; 1528 1529 ctx->mntfh = nfs_alloc_fhandle(); 1530 if (!ctx->mntfh) { 1531 kfree(ctx); 1532 return -ENOMEM; 1533 } 1534 nfs_copy_fh(ctx->mntfh, src->mntfh); 1535 1536 __module_get(ctx->nfs_mod->owner); 1537 ctx->client_address = NULL; 1538 ctx->mount_server.hostname = NULL; 1539 ctx->nfs_server.export_path = NULL; 1540 ctx->nfs_server.hostname = NULL; 1541 ctx->fscache_uniq = NULL; 1542 ctx->clone_data.fattr = NULL; 1543 fc->fs_private = ctx; 1544 return 0; 1545} 1546 1547static void nfs_fs_context_free(struct fs_context *fc) 1548{ 1549 struct nfs_fs_context *ctx = nfs_fc2context(fc); 1550 1551 if (ctx) { 1552 if (ctx->server) 1553 nfs_free_server(ctx->server); 1554 if (ctx->nfs_mod) 1555 put_nfs_version(ctx->nfs_mod); 1556 kfree(ctx->client_address); 1557 kfree(ctx->mount_server.hostname); 1558 kfree(ctx->nfs_server.export_path); 1559 kfree(ctx->nfs_server.hostname); 1560 kfree(ctx->fscache_uniq); 1561 nfs_free_fhandle(ctx->mntfh); 1562 nfs_free_fattr(ctx->clone_data.fattr); 1563 kfree(ctx); 1564 } 1565} 1566 1567static const struct fs_context_operations nfs_fs_context_ops = { 1568 .free = nfs_fs_context_free, 1569 .dup = nfs_fs_context_dup, 1570 .parse_param = nfs_fs_context_parse_param, 1571 .parse_monolithic = nfs_fs_context_parse_monolithic, 1572 .get_tree = nfs_get_tree, 1573 .reconfigure = nfs_reconfigure, 1574}; 1575 1576/* 1577 * Prepare superblock configuration. We use the namespaces attached to the 1578 * context. This may be the current process's namespaces, or it may be a 1579 * container's namespaces. 1580 */ 1581static int nfs_init_fs_context(struct fs_context *fc) 1582{ 1583 struct nfs_fs_context *ctx; 1584 1585 ctx = kzalloc(sizeof(struct nfs_fs_context), GFP_KERNEL); 1586 if (unlikely(!ctx)) 1587 return -ENOMEM; 1588 1589 ctx->mntfh = nfs_alloc_fhandle(); 1590 if (unlikely(!ctx->mntfh)) { 1591 kfree(ctx); 1592 return -ENOMEM; 1593 } 1594 1595 ctx->protofamily = AF_UNSPEC; 1596 ctx->mountfamily = AF_UNSPEC; 1597 ctx->mount_server.port = NFS_UNSPEC_PORT; 1598 1599 if (fc->root) { 1600 /* reconfigure, start with the current config */ 1601 struct nfs_server *nfss = fc->root->d_sb->s_fs_info; 1602 struct net *net = nfss->nfs_client->cl_net; 1603 1604 ctx->flags = nfss->flags; 1605 ctx->rsize = nfss->rsize; 1606 ctx->wsize = nfss->wsize; 1607 ctx->retrans = nfss->client->cl_timeout->to_retries; 1608 ctx->selected_flavor = nfss->client->cl_auth->au_flavor; 1609 ctx->acregmin = nfss->acregmin / HZ; 1610 ctx->acregmax = nfss->acregmax / HZ; 1611 ctx->acdirmin = nfss->acdirmin / HZ; 1612 ctx->acdirmax = nfss->acdirmax / HZ; 1613 ctx->timeo = 10U * nfss->client->cl_timeout->to_initval / HZ; 1614 ctx->nfs_server.port = nfss->port; 1615 ctx->nfs_server.addrlen = nfss->nfs_client->cl_addrlen; 1616 ctx->version = nfss->nfs_client->rpc_ops->version; 1617 ctx->minorversion = nfss->nfs_client->cl_minorversion; 1618 1619 memcpy(&ctx->nfs_server._address, &nfss->nfs_client->cl_addr, 1620 ctx->nfs_server.addrlen); 1621 1622 if (fc->net_ns != net) { 1623 put_net(fc->net_ns); 1624 fc->net_ns = get_net(net); 1625 } 1626 1627 ctx->nfs_mod = nfss->nfs_client->cl_nfs_mod; 1628 __module_get(ctx->nfs_mod->owner); 1629 } else { 1630 /* defaults */ 1631 ctx->timeo = NFS_UNSPEC_TIMEO; 1632 ctx->retrans = NFS_UNSPEC_RETRANS; 1633 ctx->acregmin = NFS_DEF_ACREGMIN; 1634 ctx->acregmax = NFS_DEF_ACREGMAX; 1635 ctx->acdirmin = NFS_DEF_ACDIRMIN; 1636 ctx->acdirmax = NFS_DEF_ACDIRMAX; 1637 ctx->nfs_server.port = NFS_UNSPEC_PORT; 1638 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP; 1639 ctx->selected_flavor = RPC_AUTH_MAXFLAVOR; 1640 ctx->minorversion = 0; 1641 ctx->need_mount = true; 1642 ctx->xprtsec.policy = RPC_XPRTSEC_NONE; 1643 ctx->xprtsec.cert_serial = TLS_NO_CERT; 1644 ctx->xprtsec.privkey_serial = TLS_NO_PRIVKEY; 1645 1646 fc->s_iflags |= SB_I_STABLE_WRITES; 1647 } 1648 fc->fs_private = ctx; 1649 fc->ops = &nfs_fs_context_ops; 1650 return 0; 1651} 1652 1653struct file_system_type nfs_fs_type = { 1654 .owner = THIS_MODULE, 1655 .name = "nfs", 1656 .init_fs_context = nfs_init_fs_context, 1657 .parameters = nfs_fs_parameters, 1658 .kill_sb = nfs_kill_super, 1659 .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA, 1660}; 1661MODULE_ALIAS_FS("nfs"); 1662EXPORT_SYMBOL_GPL(nfs_fs_type); 1663 1664#if IS_ENABLED(CONFIG_NFS_V4) 1665struct file_system_type nfs4_fs_type = { 1666 .owner = THIS_MODULE, 1667 .name = "nfs4", 1668 .init_fs_context = nfs_init_fs_context, 1669 .parameters = nfs_fs_parameters, 1670 .kill_sb = nfs_kill_super, 1671 .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA, 1672}; 1673MODULE_ALIAS_FS("nfs4"); 1674MODULE_ALIAS("nfs4"); 1675EXPORT_SYMBOL_GPL(nfs4_fs_type); 1676#endif /* CONFIG_NFS_V4 */ 1677