fs/cifs/misc.c at v3.11 · tjh.dev/kernel

tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
kernel / fs / cifs / misc.c
at v3.11 606 lines 17 kB view raw
  1/*
  2 *   fs/cifs/misc.c
  3 *
  4 *   Copyright (C) International Business Machines  Corp., 2002,2008
  5 *   Author(s): Steve French (sfrench@us.ibm.com)
  6 *
  7 *   This library is free software; you can redistribute it and/or modify
  8 *   it under the terms of the GNU Lesser General Public License as published
  9 *   by the Free Software Foundation; either version 2.1 of the License, or
 10 *   (at your option) any later version.
 11 *
 12 *   This library is distributed in the hope that it will be useful,
 13 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 14 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
 15 *   the GNU Lesser General Public License for more details.
 16 *
 17 *   You should have received a copy of the GNU Lesser General Public License
 18 *   along with this library; if not, write to the Free Software
 19 *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
 20 */
 21
 22#include <linux/slab.h>
 23#include <linux/ctype.h>
 24#include <linux/mempool.h>
 25#include "cifspdu.h"
 26#include "cifsglob.h"
 27#include "cifsproto.h"
 28#include "cifs_debug.h"
 29#include "smberr.h"
 30#include "nterr.h"
 31#include "cifs_unicode.h"
 32#ifdef CONFIG_CIFS_SMB2
 33#include "smb2pdu.h"
 34#endif
 35
 36extern mempool_t *cifs_sm_req_poolp;
 37extern mempool_t *cifs_req_poolp;
 38
 39/* The xid serves as a useful identifier for each incoming vfs request,
 40   in a similar way to the mid which is useful to track each sent smb,
 41   and CurrentXid can also provide a running counter (although it
 42   will eventually wrap past zero) of the total vfs operations handled
 43   since the cifs fs was mounted */
 44
 45unsigned int
 46_get_xid(void)
 47{
 48	unsigned int xid;
 49
 50	spin_lock(&GlobalMid_Lock);
 51	GlobalTotalActiveXid++;
 52
 53	/* keep high water mark for number of simultaneous ops in filesystem */
 54	if (GlobalTotalActiveXid > GlobalMaxActiveXid)
 55		GlobalMaxActiveXid = GlobalTotalActiveXid;
 56	if (GlobalTotalActiveXid > 65000)
 57		cifs_dbg(FYI, "warning: more than 65000 requests active\n");
 58	xid = GlobalCurrentXid++;
 59	spin_unlock(&GlobalMid_Lock);
 60	return xid;
 61}
 62
 63void
 64_free_xid(unsigned int xid)
 65{
 66	spin_lock(&GlobalMid_Lock);
 67	/* if (GlobalTotalActiveXid == 0)
 68		BUG(); */
 69	GlobalTotalActiveXid--;
 70	spin_unlock(&GlobalMid_Lock);
 71}
 72
 73struct cifs_ses *
 74sesInfoAlloc(void)
 75{
 76	struct cifs_ses *ret_buf;
 77
 78	ret_buf = kzalloc(sizeof(struct cifs_ses), GFP_KERNEL);
 79	if (ret_buf) {
 80		atomic_inc(&sesInfoAllocCount);
 81		ret_buf->status = CifsNew;
 82		++ret_buf->ses_count;
 83		INIT_LIST_HEAD(&ret_buf->smb_ses_list);
 84		INIT_LIST_HEAD(&ret_buf->tcon_list);
 85		mutex_init(&ret_buf->session_mutex);
 86	}
 87	return ret_buf;
 88}
 89
 90void
 91sesInfoFree(struct cifs_ses *buf_to_free)
 92{
 93	if (buf_to_free == NULL) {
 94		cifs_dbg(FYI, "Null buffer passed to sesInfoFree\n");
 95		return;
 96	}
 97
 98	atomic_dec(&sesInfoAllocCount);
 99	kfree(buf_to_free->serverOS);
100	kfree(buf_to_free->serverDomain);
101	kfree(buf_to_free->serverNOS);
102	if (buf_to_free->password) {
103		memset(buf_to_free->password, 0, strlen(buf_to_free->password));
104		kfree(buf_to_free->password);
105	}
106	kfree(buf_to_free->user_name);
107	kfree(buf_to_free->domainName);
108	kfree(buf_to_free);
109}
110
111struct cifs_tcon *
112tconInfoAlloc(void)
113{
114	struct cifs_tcon *ret_buf;
115	ret_buf = kzalloc(sizeof(struct cifs_tcon), GFP_KERNEL);
116	if (ret_buf) {
117		atomic_inc(&tconInfoAllocCount);
118		ret_buf->tidStatus = CifsNew;
119		++ret_buf->tc_count;
120		INIT_LIST_HEAD(&ret_buf->openFileList);
121		INIT_LIST_HEAD(&ret_buf->tcon_list);
122#ifdef CONFIG_CIFS_STATS
123		spin_lock_init(&ret_buf->stat_lock);
124#endif
125	}
126	return ret_buf;
127}
128
129void
130tconInfoFree(struct cifs_tcon *buf_to_free)
131{
132	if (buf_to_free == NULL) {
133		cifs_dbg(FYI, "Null buffer passed to tconInfoFree\n");
134		return;
135	}
136	atomic_dec(&tconInfoAllocCount);
137	kfree(buf_to_free->nativeFileSystem);
138	if (buf_to_free->password) {
139		memset(buf_to_free->password, 0, strlen(buf_to_free->password));
140		kfree(buf_to_free->password);
141	}
142	kfree(buf_to_free);
143}
144
145struct smb_hdr *
146cifs_buf_get(void)
147{
148	struct smb_hdr *ret_buf = NULL;
149	size_t buf_size = sizeof(struct smb_hdr);
150
151#ifdef CONFIG_CIFS_SMB2
152	/*
153	 * SMB2 header is bigger than CIFS one - no problems to clean some
154	 * more bytes for CIFS.
155	 */
156	buf_size = sizeof(struct smb2_hdr);
157#endif
158	/*
159	 * We could use negotiated size instead of max_msgsize -
160	 * but it may be more efficient to always alloc same size
161	 * albeit slightly larger than necessary and maxbuffersize
162	 * defaults to this and can not be bigger.
163	 */
164	ret_buf = mempool_alloc(cifs_req_poolp, GFP_NOFS);
165
166	/* clear the first few header bytes */
167	/* for most paths, more is cleared in header_assemble */
168	if (ret_buf) {
169		memset(ret_buf, 0, buf_size + 3);
170		atomic_inc(&bufAllocCount);
171#ifdef CONFIG_CIFS_STATS2
172		atomic_inc(&totBufAllocCount);
173#endif /* CONFIG_CIFS_STATS2 */
174	}
175
176	return ret_buf;
177}
178
179void
180cifs_buf_release(void *buf_to_free)
181{
182	if (buf_to_free == NULL) {
183		/* cifs_dbg(FYI, "Null buffer passed to cifs_buf_release\n");*/
184		return;
185	}
186	mempool_free(buf_to_free, cifs_req_poolp);
187
188	atomic_dec(&bufAllocCount);
189	return;
190}
191
192struct smb_hdr *
193cifs_small_buf_get(void)
194{
195	struct smb_hdr *ret_buf = NULL;
196
197/* We could use negotiated size instead of max_msgsize -
198   but it may be more efficient to always alloc same size
199   albeit slightly larger than necessary and maxbuffersize
200   defaults to this and can not be bigger */
201	ret_buf = mempool_alloc(cifs_sm_req_poolp, GFP_NOFS);
202	if (ret_buf) {
203	/* No need to clear memory here, cleared in header assemble */
204	/*	memset(ret_buf, 0, sizeof(struct smb_hdr) + 27);*/
205		atomic_inc(&smBufAllocCount);
206#ifdef CONFIG_CIFS_STATS2
207		atomic_inc(&totSmBufAllocCount);
208#endif /* CONFIG_CIFS_STATS2 */
209
210	}
211	return ret_buf;
212}
213
214void
215cifs_small_buf_release(void *buf_to_free)
216{
217
218	if (buf_to_free == NULL) {
219		cifs_dbg(FYI, "Null buffer passed to cifs_small_buf_release\n");
220		return;
221	}
222	mempool_free(buf_to_free, cifs_sm_req_poolp);
223
224	atomic_dec(&smBufAllocCount);
225	return;
226}
227
228/* NB: MID can not be set if treeCon not passed in, in that
229   case it is responsbility of caller to set the mid */
230void
231header_assemble(struct smb_hdr *buffer, char smb_command /* command */ ,
232		const struct cifs_tcon *treeCon, int word_count
233		/* length of fixed section (word count) in two byte units  */)
234{
235	char *temp = (char *) buffer;
236
237	memset(temp, 0, 256); /* bigger than MAX_CIFS_HDR_SIZE */
238
239	buffer->smb_buf_length = cpu_to_be32(
240	    (2 * word_count) + sizeof(struct smb_hdr) -
241	    4 /*  RFC 1001 length field does not count */  +
242	    2 /* for bcc field itself */) ;
243
244	buffer->Protocol[0] = 0xFF;
245	buffer->Protocol[1] = 'S';
246	buffer->Protocol[2] = 'M';
247	buffer->Protocol[3] = 'B';
248	buffer->Command = smb_command;
249	buffer->Flags = 0x00;	/* case sensitive */
250	buffer->Flags2 = SMBFLG2_KNOWS_LONG_NAMES;
251	buffer->Pid = cpu_to_le16((__u16)current->tgid);
252	buffer->PidHigh = cpu_to_le16((__u16)(current->tgid >> 16));
253	if (treeCon) {
254		buffer->Tid = treeCon->tid;
255		if (treeCon->ses) {
256			if (treeCon->ses->capabilities & CAP_UNICODE)
257				buffer->Flags2 |= SMBFLG2_UNICODE;
258			if (treeCon->ses->capabilities & CAP_STATUS32)
259				buffer->Flags2 |= SMBFLG2_ERR_STATUS;
260
261			/* Uid is not converted */
262			buffer->Uid = treeCon->ses->Suid;
263			buffer->Mid = get_next_mid(treeCon->ses->server);
264		}
265		if (treeCon->Flags & SMB_SHARE_IS_IN_DFS)
266			buffer->Flags2 |= SMBFLG2_DFS;
267		if (treeCon->nocase)
268			buffer->Flags  |= SMBFLG_CASELESS;
269		if ((treeCon->ses) && (treeCon->ses->server))
270			if (treeCon->ses->server->sign)
271				buffer->Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
272	}
273
274/*  endian conversion of flags is now done just before sending */
275	buffer->WordCount = (char) word_count;
276	return;
277}
278
279static int
280check_smb_hdr(struct smb_hdr *smb, __u16 mid)
281{
282	/* does it have the right SMB "signature" ? */
283	if (*(__le32 *) smb->Protocol != cpu_to_le32(0x424d53ff)) {
284		cifs_dbg(VFS, "Bad protocol string signature header 0x%x\n",
285			 *(unsigned int *)smb->Protocol);
286		return 1;
287	}
288
289	/* Make sure that message ids match */
290	if (mid != smb->Mid) {
291		cifs_dbg(VFS, "Mids do not match. received=%u expected=%u\n",
292			 smb->Mid, mid);
293		return 1;
294	}
295
296	/* if it's a response then accept */
297	if (smb->Flags & SMBFLG_RESPONSE)
298		return 0;
299
300	/* only one valid case where server sends us request */
301	if (smb->Command == SMB_COM_LOCKING_ANDX)
302		return 0;
303
304	cifs_dbg(VFS, "Server sent request, not response. mid=%u\n", smb->Mid);
305	return 1;
306}
307
308int
309checkSMB(char *buf, unsigned int total_read)
310{
311	struct smb_hdr *smb = (struct smb_hdr *)buf;
312	__u16 mid = smb->Mid;
313	__u32 rfclen = be32_to_cpu(smb->smb_buf_length);
314	__u32 clc_len;  /* calculated length */
315	cifs_dbg(FYI, "checkSMB Length: 0x%x, smb_buf_length: 0x%x\n",
316		 total_read, rfclen);
317
318	/* is this frame too small to even get to a BCC? */
319	if (total_read < 2 + sizeof(struct smb_hdr)) {
320		if ((total_read >= sizeof(struct smb_hdr) - 1)
321			    && (smb->Status.CifsError != 0)) {
322			/* it's an error return */
323			smb->WordCount = 0;
324			/* some error cases do not return wct and bcc */
325			return 0;
326		} else if ((total_read == sizeof(struct smb_hdr) + 1) &&
327				(smb->WordCount == 0)) {
328			char *tmp = (char *)smb;
329			/* Need to work around a bug in two servers here */
330			/* First, check if the part of bcc they sent was zero */
331			if (tmp[sizeof(struct smb_hdr)] == 0) {
332				/* some servers return only half of bcc
333				 * on simple responses (wct, bcc both zero)
334				 * in particular have seen this on
335				 * ulogoffX and FindClose. This leaves
336				 * one byte of bcc potentially unitialized
337				 */
338				/* zero rest of bcc */
339				tmp[sizeof(struct smb_hdr)+1] = 0;
340				return 0;
341			}
342			cifs_dbg(VFS, "rcvd invalid byte count (bcc)\n");
343		} else {
344			cifs_dbg(VFS, "Length less than smb header size\n");
345		}
346		return -EIO;
347	}
348
349	/* otherwise, there is enough to get to the BCC */
350	if (check_smb_hdr(smb, mid))
351		return -EIO;
352	clc_len = smbCalcSize(smb);
353
354	if (4 + rfclen != total_read) {
355		cifs_dbg(VFS, "Length read does not match RFC1001 length %d\n",
356			 rfclen);
357		return -EIO;
358	}
359
360	if (4 + rfclen != clc_len) {
361		/* check if bcc wrapped around for large read responses */
362		if ((rfclen > 64 * 1024) && (rfclen > clc_len)) {
363			/* check if lengths match mod 64K */
364			if (((4 + rfclen) & 0xFFFF) == (clc_len & 0xFFFF))
365				return 0; /* bcc wrapped */
366		}
367		cifs_dbg(FYI, "Calculated size %u vs length %u mismatch for mid=%u\n",
368			 clc_len, 4 + rfclen, smb->Mid);
369
370		if (4 + rfclen < clc_len) {
371			cifs_dbg(VFS, "RFC1001 size %u smaller than SMB for mid=%u\n",
372				 rfclen, smb->Mid);
373			return -EIO;
374		} else if (rfclen > clc_len + 512) {
375			/*
376			 * Some servers (Windows XP in particular) send more
377			 * data than the lengths in the SMB packet would
378			 * indicate on certain calls (byte range locks and
379			 * trans2 find first calls in particular). While the
380			 * client can handle such a frame by ignoring the
381			 * trailing data, we choose limit the amount of extra
382			 * data to 512 bytes.
383			 */
384			cifs_dbg(VFS, "RFC1001 size %u more than 512 bytes larger than SMB for mid=%u\n",
385				 rfclen, smb->Mid);
386			return -EIO;
387		}
388	}
389	return 0;
390}
391
392bool
393is_valid_oplock_break(char *buffer, struct TCP_Server_Info *srv)
394{
395	struct smb_hdr *buf = (struct smb_hdr *)buffer;
396	struct smb_com_lock_req *pSMB = (struct smb_com_lock_req *)buf;
397	struct list_head *tmp, *tmp1, *tmp2;
398	struct cifs_ses *ses;
399	struct cifs_tcon *tcon;
400	struct cifsInodeInfo *pCifsInode;
401	struct cifsFileInfo *netfile;
402
403	cifs_dbg(FYI, "Checking for oplock break or dnotify response\n");
404	if ((pSMB->hdr.Command == SMB_COM_NT_TRANSACT) &&
405	   (pSMB->hdr.Flags & SMBFLG_RESPONSE)) {
406		struct smb_com_transaction_change_notify_rsp *pSMBr =
407			(struct smb_com_transaction_change_notify_rsp *)buf;
408		struct file_notify_information *pnotify;
409		__u32 data_offset = 0;
410		if (get_bcc(buf) > sizeof(struct file_notify_information)) {
411			data_offset = le32_to_cpu(pSMBr->DataOffset);
412
413			pnotify = (struct file_notify_information *)
414				((char *)&pSMBr->hdr.Protocol + data_offset);
415			cifs_dbg(FYI, "dnotify on %s Action: 0x%x\n",
416				 pnotify->FileName, pnotify->Action);
417			/*   cifs_dump_mem("Rcvd notify Data: ",buf,
418				sizeof(struct smb_hdr)+60); */
419			return true;
420		}
421		if (pSMBr->hdr.Status.CifsError) {
422			cifs_dbg(FYI, "notify err 0x%d\n",
423				 pSMBr->hdr.Status.CifsError);
424			return true;
425		}
426		return false;
427	}
428	if (pSMB->hdr.Command != SMB_COM_LOCKING_ANDX)
429		return false;
430	if (pSMB->hdr.Flags & SMBFLG_RESPONSE) {
431		/* no sense logging error on invalid handle on oplock
432		   break - harmless race between close request and oplock
433		   break response is expected from time to time writing out
434		   large dirty files cached on the client */
435		if ((NT_STATUS_INVALID_HANDLE) ==
436		   le32_to_cpu(pSMB->hdr.Status.CifsError)) {
437			cifs_dbg(FYI, "invalid handle on oplock break\n");
438			return true;
439		} else if (ERRbadfid ==
440		   le16_to_cpu(pSMB->hdr.Status.DosError.Error)) {
441			return true;
442		} else {
443			return false; /* on valid oplock brk we get "request" */
444		}
445	}
446	if (pSMB->hdr.WordCount != 8)
447		return false;
448
449	cifs_dbg(FYI, "oplock type 0x%d level 0x%d\n",
450		 pSMB->LockType, pSMB->OplockLevel);
451	if (!(pSMB->LockType & LOCKING_ANDX_OPLOCK_RELEASE))
452		return false;
453
454	/* look up tcon based on tid & uid */
455	spin_lock(&cifs_tcp_ses_lock);
456	list_for_each(tmp, &srv->smb_ses_list) {
457		ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
458		list_for_each(tmp1, &ses->tcon_list) {
459			tcon = list_entry(tmp1, struct cifs_tcon, tcon_list);
460			if (tcon->tid != buf->Tid)
461				continue;
462
463			cifs_stats_inc(&tcon->stats.cifs_stats.num_oplock_brks);
464			spin_lock(&cifs_file_list_lock);
465			list_for_each(tmp2, &tcon->openFileList) {
466				netfile = list_entry(tmp2, struct cifsFileInfo,
467						     tlist);
468				if (pSMB->Fid != netfile->fid.netfid)
469					continue;
470
471				cifs_dbg(FYI, "file id match, oplock break\n");
472				pCifsInode = CIFS_I(netfile->dentry->d_inode);
473
474				cifs_set_oplock_level(pCifsInode,
475					pSMB->OplockLevel ? OPLOCK_READ : 0);
476				queue_work(cifsiod_wq,
477					   &netfile->oplock_break);
478				netfile->oplock_break_cancelled = false;
479
480				spin_unlock(&cifs_file_list_lock);
481				spin_unlock(&cifs_tcp_ses_lock);
482				return true;
483			}
484			spin_unlock(&cifs_file_list_lock);
485			spin_unlock(&cifs_tcp_ses_lock);
486			cifs_dbg(FYI, "No matching file for oplock break\n");
487			return true;
488		}
489	}
490	spin_unlock(&cifs_tcp_ses_lock);
491	cifs_dbg(FYI, "Can not process oplock break for non-existent connection\n");
492	return true;
493}
494
495void
496dump_smb(void *buf, int smb_buf_length)
497{
498	int i, j;
499	char debug_line[17];
500	unsigned char *buffer = buf;
501
502	if (traceSMB == 0)
503		return;
504
505	for (i = 0, j = 0; i < smb_buf_length; i++, j++) {
506		if (i % 8 == 0) {
507			/* have reached the beginning of line */
508			printk(KERN_DEBUG "| ");
509			j = 0;
510		}
511		printk("%0#4x ", buffer[i]);
512		debug_line[2 * j] = ' ';
513		if (isprint(buffer[i]))
514			debug_line[1 + (2 * j)] = buffer[i];
515		else
516			debug_line[1 + (2 * j)] = '_';
517
518		if (i % 8 == 7) {
519			/* reached end of line, time to print ascii */
520			debug_line[16] = 0;
521			printk(" | %s\n", debug_line);
522		}
523	}
524	for (; j < 8; j++) {
525		printk("     ");
526		debug_line[2 * j] = ' ';
527		debug_line[1 + (2 * j)] = ' ';
528	}
529	printk(" | %s\n", debug_line);
530	return;
531}
532
533void
534cifs_autodisable_serverino(struct cifs_sb_info *cifs_sb)
535{
536	if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SERVER_INUM) {
537		cifs_sb->mnt_cifs_flags &= ~CIFS_MOUNT_SERVER_INUM;
538		cifs_dbg(VFS, "Autodisabling the use of server inode numbers on %s. This server doesn't seem to support them properly. Hardlinks will not be recognized on this mount. Consider mounting with the \"noserverino\" option to silence this message.\n",
539			 cifs_sb_master_tcon(cifs_sb)->treeName);
540	}
541}
542
543void cifs_set_oplock_level(struct cifsInodeInfo *cinode, __u32 oplock)
544{
545	oplock &= 0xF;
546
547	if (oplock == OPLOCK_EXCLUSIVE) {
548		cinode->clientCanCacheAll = true;
549		cinode->clientCanCacheRead = true;
550		cifs_dbg(FYI, "Exclusive Oplock granted on inode %p\n",
551			 &cinode->vfs_inode);
552	} else if (oplock == OPLOCK_READ) {
553		cinode->clientCanCacheAll = false;
554		cinode->clientCanCacheRead = true;
555		cifs_dbg(FYI, "Level II Oplock granted on inode %p\n",
556			 &cinode->vfs_inode);
557	} else {
558		cinode->clientCanCacheAll = false;
559		cinode->clientCanCacheRead = false;
560	}
561}
562
563bool
564backup_cred(struct cifs_sb_info *cifs_sb)
565{
566	if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_CIFS_BACKUPUID) {
567		if (uid_eq(cifs_sb->mnt_backupuid, current_fsuid()))
568			return true;
569	}
570	if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_CIFS_BACKUPGID) {
571		if (in_group_p(cifs_sb->mnt_backupgid))
572			return true;
573	}
574
575	return false;
576}
577
578void
579cifs_del_pending_open(struct cifs_pending_open *open)
580{
581	spin_lock(&cifs_file_list_lock);
582	list_del(&open->olist);
583	spin_unlock(&cifs_file_list_lock);
584}
585
586void
587cifs_add_pending_open_locked(struct cifs_fid *fid, struct tcon_link *tlink,
588			     struct cifs_pending_open *open)
589{
590#ifdef CONFIG_CIFS_SMB2
591	memcpy(open->lease_key, fid->lease_key, SMB2_LEASE_KEY_SIZE);
592#endif
593	open->oplock = CIFS_OPLOCK_NO_CHANGE;
594	open->tlink = tlink;
595	fid->pending_open = open;
596	list_add_tail(&open->olist, &tlink_tcon(tlink)->pending_opens);
597}
598
599void
600cifs_add_pending_open(struct cifs_fid *fid, struct tcon_link *tlink,
601		      struct cifs_pending_open *open)
602{
603	spin_lock(&cifs_file_list_lock);
604	cifs_add_pending_open_locked(fid, tlink, open);
605	spin_unlock(&cifs_file_list_lock);
606}