1 // SPDX-License-Identifier: GPL-2.0-only
3 * linux/fs/nfs/fs_context.c
5 * Copyright (C) 1992 Rick Sladkey
6 * Conversion to new mount api Copyright (C) David Howells
10 * Split from fs/nfs/super.c by David Howells <dhowells@redhat.com>
13 #include <linux/compat.h>
14 #include <linux/module.h>
16 #include <linux/fs_context.h>
17 #include <linux/fs_parser.h>
18 #include <linux/nfs_fs.h>
19 #include <linux/nfs_mount.h>
20 #include <linux/nfs4_mount.h>
22 #include <net/handshake.h>
29 #define NFSDBG_FACILITY NFSDBG_MOUNT
31 #if IS_ENABLED(CONFIG_NFS_V3)
32 #define NFS_DEFAULT_VERSION 3
34 #define NFS_DEFAULT_VERSION 2
37 #define NFS_MAX_CONNECTIONS 16
101 Opt_local_lock_posix,
104 static const struct constant_table nfs_param_enums_local_lock[] = {
105 { "all", Opt_local_lock_all },
106 { "flock", Opt_local_lock_flock },
107 { "posix", Opt_local_lock_posix },
108 { "none", Opt_local_lock_none },
114 Opt_lookupcache_none,
115 Opt_lookupcache_positive,
118 static const struct constant_table nfs_param_enums_lookupcache[] = {
119 { "all", Opt_lookupcache_all },
120 { "none", Opt_lookupcache_none },
121 { "pos", Opt_lookupcache_positive },
122 { "positive", Opt_lookupcache_positive },
132 static const struct constant_table nfs_param_enums_write[] = {
133 { "lazy", Opt_write_lazy },
134 { "eager", Opt_write_eager },
135 { "wait", Opt_write_wait },
139 static const struct fs_parameter_spec nfs_fs_parameters[] = {
140 fsparam_flag_no("ac", Opt_ac),
141 fsparam_u32 ("acdirmax", Opt_acdirmax),
142 fsparam_u32 ("acdirmin", Opt_acdirmin),
143 fsparam_flag_no("acl", Opt_acl),
144 fsparam_u32 ("acregmax", Opt_acregmax),
145 fsparam_u32 ("acregmin", Opt_acregmin),
146 fsparam_u32 ("actimeo", Opt_actimeo),
147 fsparam_string("addr", Opt_addr),
148 fsparam_flag ("bg", Opt_bg),
149 fsparam_u32 ("bsize", Opt_bsize),
150 fsparam_string("clientaddr", Opt_clientaddr),
151 fsparam_flag_no("cto", Opt_cto),
152 fsparam_flag ("fg", Opt_fg),
153 fsparam_flag_no("fsc", Opt_fscache_flag),
154 fsparam_string("fsc", Opt_fscache),
155 fsparam_flag ("hard", Opt_hard),
156 __fsparam(NULL, "intr", Opt_intr,
157 fs_param_neg_with_no|fs_param_deprecated, NULL),
158 fsparam_enum ("local_lock", Opt_local_lock, nfs_param_enums_local_lock),
159 fsparam_flag_no("lock", Opt_lock),
160 fsparam_enum ("lookupcache", Opt_lookupcache, nfs_param_enums_lookupcache),
161 fsparam_flag_no("migration", Opt_migration),
162 fsparam_u32 ("minorversion", Opt_minorversion),
163 fsparam_string("mountaddr", Opt_mountaddr),
164 fsparam_string("mounthost", Opt_mounthost),
165 fsparam_u32 ("mountport", Opt_mountport),
166 fsparam_string("mountproto", Opt_mountproto),
167 fsparam_u32 ("mountvers", Opt_mountvers),
168 fsparam_u32 ("namlen", Opt_namelen),
169 fsparam_u32 ("nconnect", Opt_nconnect),
170 fsparam_u32 ("max_connect", Opt_max_connect),
171 fsparam_string("nfsvers", Opt_vers),
172 fsparam_u32 ("port", Opt_port),
173 fsparam_flag_no("posix", Opt_posix),
174 fsparam_string("proto", Opt_proto),
175 fsparam_flag_no("rdirplus", Opt_rdirplus),
176 fsparam_flag ("rdma", Opt_rdma),
177 fsparam_flag_no("resvport", Opt_resvport),
178 fsparam_u32 ("retrans", Opt_retrans),
179 fsparam_string("retry", Opt_retry),
180 fsparam_u32 ("rsize", Opt_rsize),
181 fsparam_string("sec", Opt_sec),
182 fsparam_flag_no("sharecache", Opt_sharecache),
183 fsparam_flag ("sloppy", Opt_sloppy),
184 fsparam_flag ("soft", Opt_soft),
185 fsparam_flag ("softerr", Opt_softerr),
186 fsparam_flag ("softreval", Opt_softreval),
187 fsparam_string("source", Opt_source),
188 fsparam_flag ("tcp", Opt_tcp),
189 fsparam_u32 ("timeo", Opt_timeo),
190 fsparam_flag_no("trunkdiscovery", Opt_trunkdiscovery),
191 fsparam_flag ("udp", Opt_udp),
192 fsparam_flag ("v2", Opt_v),
193 fsparam_flag ("v3", Opt_v),
194 fsparam_flag ("v4", Opt_v),
195 fsparam_flag ("v4.0", Opt_v),
196 fsparam_flag ("v4.1", Opt_v),
197 fsparam_flag ("v4.2", Opt_v),
198 fsparam_string("vers", Opt_vers),
199 fsparam_enum ("write", Opt_write, nfs_param_enums_write),
200 fsparam_u32 ("wsize", Opt_wsize),
201 fsparam_string("xprtsec", Opt_xprtsec),
214 static const struct constant_table nfs_vers_tokens[] = {
218 { "4.0", Opt_vers_4_0 },
219 { "4.1", Opt_vers_4_1 },
220 { "4.2", Opt_vers_4_2 },
234 static const struct constant_table nfs_xprt_protocol_tokens[] = {
235 { "rdma", Opt_xprt_rdma },
236 { "rdma6", Opt_xprt_rdma6 },
237 { "tcp", Opt_xprt_tcp },
238 { "tcp6", Opt_xprt_tcp6 },
239 { "udp", Opt_xprt_udp },
240 { "udp6", Opt_xprt_udp6 },
259 static const struct constant_table nfs_secflavor_tokens[] = {
260 { "krb5", Opt_sec_krb5 },
261 { "krb5i", Opt_sec_krb5i },
262 { "krb5p", Opt_sec_krb5p },
263 { "lkey", Opt_sec_lkey },
264 { "lkeyi", Opt_sec_lkeyi },
265 { "lkeyp", Opt_sec_lkeyp },
266 { "none", Opt_sec_none },
267 { "null", Opt_sec_none },
268 { "spkm3", Opt_sec_spkm },
269 { "spkm3i", Opt_sec_spkmi },
270 { "spkm3p", Opt_sec_spkmp },
271 { "sys", Opt_sec_sys },
282 static const struct constant_table nfs_xprtsec_policies[] = {
283 { "none", Opt_xprtsec_none },
284 { "tls", Opt_xprtsec_tls },
285 { "mtls", Opt_xprtsec_mtls },
290 * Sanity-check a server address provided by the mount command.
292 * Address family must be initialized, and address must not be
293 * the ANY address for that family.
295 static int nfs_verify_server_address(struct sockaddr_storage *addr)
297 switch (addr->ss_family) {
299 struct sockaddr_in *sa = (struct sockaddr_in *)addr;
300 return sa->sin_addr.s_addr != htonl(INADDR_ANY);
303 struct in6_addr *sa = &((struct sockaddr_in6 *)addr)->sin6_addr;
304 return !ipv6_addr_any(sa);
311 #ifdef CONFIG_NFS_DISABLE_UDP_SUPPORT
312 static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx)
317 static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx)
319 if (ctx->version == 4)
326 * Sanity check the NFS transport protocol.
328 static int nfs_validate_transport_protocol(struct fs_context *fc,
329 struct nfs_fs_context *ctx)
331 switch (ctx->nfs_server.protocol) {
332 case XPRT_TRANSPORT_UDP:
333 if (nfs_server_transport_udp_invalid(ctx))
334 goto out_invalid_transport_udp;
336 case XPRT_TRANSPORT_TCP:
337 case XPRT_TRANSPORT_RDMA:
340 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
343 if (ctx->xprtsec.policy != RPC_XPRTSEC_NONE)
344 switch (ctx->nfs_server.protocol) {
345 case XPRT_TRANSPORT_TCP:
346 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP_TLS;
349 goto out_invalid_xprtsec_policy;
353 out_invalid_transport_udp:
354 return nfs_invalf(fc, "NFS: Unsupported transport protocol udp");
355 out_invalid_xprtsec_policy:
356 return nfs_invalf(fc, "NFS: Transport does not support xprtsec");
360 * For text based NFSv2/v3 mounts, the mount protocol transport default
361 * settings should depend upon the specified NFS transport.
363 static void nfs_set_mount_transport_protocol(struct nfs_fs_context *ctx)
365 if (ctx->mount_server.protocol == XPRT_TRANSPORT_UDP ||
366 ctx->mount_server.protocol == XPRT_TRANSPORT_TCP)
368 switch (ctx->nfs_server.protocol) {
369 case XPRT_TRANSPORT_UDP:
370 ctx->mount_server.protocol = XPRT_TRANSPORT_UDP;
372 case XPRT_TRANSPORT_TCP:
373 case XPRT_TRANSPORT_RDMA:
374 ctx->mount_server.protocol = XPRT_TRANSPORT_TCP;
379 * Add 'flavor' to 'auth_info' if not already present.
380 * Returns true if 'flavor' ends up in the list, false otherwise
382 static int nfs_auth_info_add(struct fs_context *fc,
383 struct nfs_auth_info *auth_info,
384 rpc_authflavor_t flavor)
387 unsigned int max_flavor_len = ARRAY_SIZE(auth_info->flavors);
389 /* make sure this flavor isn't already in the list */
390 for (i = 0; i < auth_info->flavor_len; i++) {
391 if (flavor == auth_info->flavors[i])
395 if (auth_info->flavor_len + 1 >= max_flavor_len)
396 return nfs_invalf(fc, "NFS: too many sec= flavors");
398 auth_info->flavors[auth_info->flavor_len++] = flavor;
403 * Parse the value of the 'sec=' option.
405 static int nfs_parse_security_flavors(struct fs_context *fc,
406 struct fs_parameter *param)
408 struct nfs_fs_context *ctx = nfs_fc2context(fc);
409 rpc_authflavor_t pseudoflavor;
410 char *string = param->string, *p;
413 trace_nfs_mount_assign(param->key, string);
415 while ((p = strsep(&string, ":")) != NULL) {
418 switch (lookup_constant(nfs_secflavor_tokens, p, -1)) {
420 pseudoflavor = RPC_AUTH_NULL;
423 pseudoflavor = RPC_AUTH_UNIX;
426 pseudoflavor = RPC_AUTH_GSS_KRB5;
429 pseudoflavor = RPC_AUTH_GSS_KRB5I;
432 pseudoflavor = RPC_AUTH_GSS_KRB5P;
435 pseudoflavor = RPC_AUTH_GSS_LKEY;
438 pseudoflavor = RPC_AUTH_GSS_LKEYI;
441 pseudoflavor = RPC_AUTH_GSS_LKEYP;
444 pseudoflavor = RPC_AUTH_GSS_SPKM;
447 pseudoflavor = RPC_AUTH_GSS_SPKMI;
450 pseudoflavor = RPC_AUTH_GSS_SPKMP;
453 return nfs_invalf(fc, "NFS: sec=%s option not recognized", p);
456 ret = nfs_auth_info_add(fc, &ctx->auth_info, pseudoflavor);
464 static int nfs_parse_xprtsec_policy(struct fs_context *fc,
465 struct fs_parameter *param)
467 struct nfs_fs_context *ctx = nfs_fc2context(fc);
469 trace_nfs_mount_assign(param->key, param->string);
471 switch (lookup_constant(nfs_xprtsec_policies, param->string, -1)) {
472 case Opt_xprtsec_none:
473 ctx->xprtsec.policy = RPC_XPRTSEC_NONE;
475 case Opt_xprtsec_tls:
476 ctx->xprtsec.policy = RPC_XPRTSEC_TLS_ANON;
478 case Opt_xprtsec_mtls:
479 ctx->xprtsec.policy = RPC_XPRTSEC_TLS_X509;
482 return nfs_invalf(fc, "NFS: Unrecognized transport security policy");
487 static int nfs_parse_version_string(struct fs_context *fc,
490 struct nfs_fs_context *ctx = nfs_fc2context(fc);
492 ctx->flags &= ~NFS_MOUNT_VER3;
493 switch (lookup_constant(nfs_vers_tokens, string, -1)) {
498 ctx->flags |= NFS_MOUNT_VER3;
502 /* Backward compatibility option. In future,
503 * the mount program should always supply
504 * a NFSv4 minor version number.
510 ctx->minorversion = 0;
514 ctx->minorversion = 1;
518 ctx->minorversion = 2;
521 return nfs_invalf(fc, "NFS: Unsupported NFS version");
527 * Parse a single mount parameter.
529 static int nfs_fs_context_parse_param(struct fs_context *fc,
530 struct fs_parameter *param)
532 struct fs_parse_result result;
533 struct nfs_fs_context *ctx = nfs_fc2context(fc);
534 unsigned short protofamily, mountfamily;
538 trace_nfs_mount_option(param);
540 opt = fs_parse(fc, nfs_fs_parameters, param, &result);
542 return (opt == -ENOPARAM && ctx->sloppy) ? 1 : opt;
545 ctx->has_sec_mnt_opts = 1;
550 return nfs_invalf(fc, "NFS: Multiple sources not supported");
551 fc->source = param->string;
552 param->string = NULL;
556 * boolean options: foo/nofoo
559 ctx->flags |= NFS_MOUNT_SOFT;
560 ctx->flags &= ~NFS_MOUNT_SOFTERR;
563 ctx->flags |= NFS_MOUNT_SOFTERR | NFS_MOUNT_SOFTREVAL;
564 ctx->flags &= ~NFS_MOUNT_SOFT;
567 ctx->flags &= ~(NFS_MOUNT_SOFT |
569 NFS_MOUNT_SOFTREVAL);
573 ctx->flags &= ~NFS_MOUNT_SOFTREVAL;
575 ctx->flags |= NFS_MOUNT_SOFTREVAL;
579 ctx->flags &= ~NFS_MOUNT_POSIX;
581 ctx->flags |= NFS_MOUNT_POSIX;
585 ctx->flags |= NFS_MOUNT_NOCTO;
587 ctx->flags &= ~NFS_MOUNT_NOCTO;
589 case Opt_trunkdiscovery:
591 ctx->flags &= ~NFS_MOUNT_TRUNK_DISCOVERY;
593 ctx->flags |= NFS_MOUNT_TRUNK_DISCOVERY;
597 ctx->flags |= NFS_MOUNT_NOAC;
599 ctx->flags &= ~NFS_MOUNT_NOAC;
602 if (result.negated) {
603 ctx->lock_status = NFS_LOCK_NOLOCK;
604 ctx->flags |= NFS_MOUNT_NONLM;
605 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL);
607 ctx->lock_status = NFS_LOCK_LOCK;
608 ctx->flags &= ~NFS_MOUNT_NONLM;
609 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL);
613 ctx->flags &= ~NFS_MOUNT_TCP;
614 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
618 ctx->flags |= NFS_MOUNT_TCP; /* for side protocols */
619 ret = xprt_find_transport_ident(param->key);
621 goto out_bad_transport;
622 ctx->nfs_server.protocol = ret;
626 ctx->flags |= NFS_MOUNT_NOACL;
628 ctx->flags &= ~NFS_MOUNT_NOACL;
632 ctx->flags |= NFS_MOUNT_NORDIRPLUS;
634 ctx->flags &= ~NFS_MOUNT_NORDIRPLUS;
638 ctx->flags |= NFS_MOUNT_UNSHARED;
640 ctx->flags &= ~NFS_MOUNT_UNSHARED;
644 ctx->flags |= NFS_MOUNT_NORESVPORT;
646 ctx->flags &= ~NFS_MOUNT_NORESVPORT;
648 case Opt_fscache_flag:
650 ctx->options &= ~NFS_OPTION_FSCACHE;
652 ctx->options |= NFS_OPTION_FSCACHE;
653 kfree(ctx->fscache_uniq);
654 ctx->fscache_uniq = NULL;
657 trace_nfs_mount_assign(param->key, param->string);
658 ctx->options |= NFS_OPTION_FSCACHE;
659 kfree(ctx->fscache_uniq);
660 ctx->fscache_uniq = param->string;
661 param->string = NULL;
665 ctx->options &= ~NFS_OPTION_MIGRATION;
667 ctx->options |= NFS_OPTION_MIGRATION;
671 * options that take numeric values
674 if (result.uint_32 > USHRT_MAX)
676 ctx->nfs_server.port = result.uint_32;
679 ctx->rsize = result.uint_32;
682 ctx->wsize = result.uint_32;
685 ctx->bsize = result.uint_32;
688 if (result.uint_32 < 1 || result.uint_32 > INT_MAX)
690 ctx->timeo = result.uint_32;
693 if (result.uint_32 > INT_MAX)
695 ctx->retrans = result.uint_32;
698 ctx->acregmin = result.uint_32;
701 ctx->acregmax = result.uint_32;
704 ctx->acdirmin = result.uint_32;
707 ctx->acdirmax = result.uint_32;
710 ctx->acregmin = result.uint_32;
711 ctx->acregmax = result.uint_32;
712 ctx->acdirmin = result.uint_32;
713 ctx->acdirmax = result.uint_32;
716 ctx->namlen = result.uint_32;
719 if (result.uint_32 > USHRT_MAX)
721 ctx->mount_server.port = result.uint_32;
724 if (result.uint_32 < NFS_MNT_VERSION ||
725 result.uint_32 > NFS_MNT3_VERSION)
727 ctx->mount_server.version = result.uint_32;
729 case Opt_minorversion:
730 if (result.uint_32 > NFS4_MAX_MINOR_VERSION)
732 ctx->minorversion = result.uint_32;
736 * options that take text values
739 ret = nfs_parse_version_string(fc, param->key + 1);
745 goto out_invalid_value;
746 trace_nfs_mount_assign(param->key, param->string);
747 ret = nfs_parse_version_string(fc, param->string);
752 ret = nfs_parse_security_flavors(fc, param);
757 ret = nfs_parse_xprtsec_policy(fc, param);
764 goto out_invalid_value;
765 trace_nfs_mount_assign(param->key, param->string);
766 protofamily = AF_INET;
767 switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) {
769 protofamily = AF_INET6;
772 ctx->flags &= ~NFS_MOUNT_TCP;
773 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
776 protofamily = AF_INET6;
779 ctx->flags |= NFS_MOUNT_TCP;
780 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
783 protofamily = AF_INET6;
786 /* vector side protocols to TCP */
787 ctx->flags |= NFS_MOUNT_TCP;
788 ret = xprt_find_transport_ident(param->string);
790 goto out_bad_transport;
791 ctx->nfs_server.protocol = ret;
794 goto out_bad_transport;
797 ctx->protofamily = protofamily;
802 goto out_invalid_value;
803 trace_nfs_mount_assign(param->key, param->string);
804 mountfamily = AF_INET;
805 switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) {
807 mountfamily = AF_INET6;
810 ctx->mount_server.protocol = XPRT_TRANSPORT_UDP;
813 mountfamily = AF_INET6;
816 ctx->mount_server.protocol = XPRT_TRANSPORT_TCP;
818 case Opt_xprt_rdma: /* not used for side protocols */
820 goto out_bad_transport;
822 ctx->mountfamily = mountfamily;
826 trace_nfs_mount_assign(param->key, param->string);
827 len = rpc_pton(fc->net_ns, param->string, param->size,
828 &ctx->nfs_server.address,
829 sizeof(ctx->nfs_server._address));
831 goto out_invalid_address;
832 ctx->nfs_server.addrlen = len;
835 trace_nfs_mount_assign(param->key, param->string);
836 kfree(ctx->client_address);
837 ctx->client_address = param->string;
838 param->string = NULL;
841 trace_nfs_mount_assign(param->key, param->string);
842 kfree(ctx->mount_server.hostname);
843 ctx->mount_server.hostname = param->string;
844 param->string = NULL;
847 trace_nfs_mount_assign(param->key, param->string);
848 len = rpc_pton(fc->net_ns, param->string, param->size,
849 &ctx->mount_server.address,
850 sizeof(ctx->mount_server._address));
852 goto out_invalid_address;
853 ctx->mount_server.addrlen = len;
856 trace_nfs_mount_assign(param->key, param->string);
857 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_CONNECTIONS)
859 ctx->nfs_server.nconnect = result.uint_32;
861 case Opt_max_connect:
862 trace_nfs_mount_assign(param->key, param->string);
863 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_TRANSPORTS)
865 ctx->nfs_server.max_connect = result.uint_32;
867 case Opt_lookupcache:
868 trace_nfs_mount_assign(param->key, param->string);
869 switch (result.uint_32) {
870 case Opt_lookupcache_all:
871 ctx->flags &= ~(NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE);
873 case Opt_lookupcache_positive:
874 ctx->flags &= ~NFS_MOUNT_LOOKUP_CACHE_NONE;
875 ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG;
877 case Opt_lookupcache_none:
878 ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE;
881 goto out_invalid_value;
885 trace_nfs_mount_assign(param->key, param->string);
886 switch (result.uint_32) {
887 case Opt_local_lock_all:
888 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK |
889 NFS_MOUNT_LOCAL_FCNTL);
891 case Opt_local_lock_flock:
892 ctx->flags |= NFS_MOUNT_LOCAL_FLOCK;
894 case Opt_local_lock_posix:
895 ctx->flags |= NFS_MOUNT_LOCAL_FCNTL;
897 case Opt_local_lock_none:
898 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK |
899 NFS_MOUNT_LOCAL_FCNTL);
902 goto out_invalid_value;
906 trace_nfs_mount_assign(param->key, param->string);
907 switch (result.uint_32) {
910 ~(NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT);
912 case Opt_write_eager:
913 ctx->flags |= NFS_MOUNT_WRITE_EAGER;
914 ctx->flags &= ~NFS_MOUNT_WRITE_WAIT;
918 NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT;
921 goto out_invalid_value;
936 return nfs_invalf(fc, "NFS: Bad mount option value specified");
938 return nfs_invalf(fc, "NFS: Bad IP address specified");
940 return nfs_invalf(fc, "NFS: Value for '%s' out of range", param->key);
942 return nfs_invalf(fc, "NFS: Unrecognized transport protocol");
946 * Split fc->source into "hostname:export_path".
948 * The leftmost colon demarks the split between the server's hostname
949 * and the export path. If the hostname starts with a left square
950 * bracket, then it may contain colons.
952 * Note: caller frees hostname and export path, even on error.
954 static int nfs_parse_source(struct fs_context *fc,
955 size_t maxnamlen, size_t maxpathlen)
957 struct nfs_fs_context *ctx = nfs_fc2context(fc);
958 const char *dev_name = fc->source;
962 if (unlikely(!dev_name || !*dev_name))
965 /* Is the host name protected with square brakcets? */
966 if (*dev_name == '[') {
967 end = strchr(++dev_name, ']');
968 if (end == NULL || end[1] != ':')
969 goto out_bad_devname;
971 len = end - dev_name;
976 end = strchr(dev_name, ':');
978 goto out_bad_devname;
979 len = end - dev_name;
981 /* kill possible hostname list: not supported */
982 comma = memchr(dev_name, ',', len);
984 len = comma - dev_name;
990 kfree(ctx->nfs_server.hostname);
992 /* N.B. caller will free nfs_server.hostname in all cases */
993 ctx->nfs_server.hostname = kmemdup_nul(dev_name, len, GFP_KERNEL);
994 if (!ctx->nfs_server.hostname)
997 if (len > maxpathlen)
999 ctx->nfs_server.export_path = kmemdup_nul(end, len, GFP_KERNEL);
1000 if (!ctx->nfs_server.export_path)
1003 trace_nfs_mount_path(ctx->nfs_server.export_path);
1007 return nfs_invalf(fc, "NFS: device name not in host:path format");
1009 nfs_errorf(fc, "NFS: not enough memory to parse device name");
1012 nfs_errorf(fc, "NFS: server hostname too long");
1013 return -ENAMETOOLONG;
1015 nfs_errorf(fc, "NFS: export pathname too long");
1016 return -ENAMETOOLONG;
1019 static inline bool is_remount_fc(struct fs_context *fc)
1021 return fc->root != NULL;
1025 * Parse monolithic NFS2/NFS3 mount data
1026 * - fills in the mount root filehandle
1028 * For option strings, user space handles the following behaviors:
1030 * + DNS: mapping server host name to IP address ("addr=" option)
1032 * + failure mode: how to behave if a mount request can't be handled
1033 * immediately ("fg/bg" option)
1035 * + retry: how often to retry a mount request ("retry=" option)
1037 * + breaking back: trying proto=udp after proto=tcp, v2 after v3,
1038 * mountproto=tcp after mountproto=udp, and so on
1040 static int nfs23_parse_monolithic(struct fs_context *fc,
1041 struct nfs_mount_data *data)
1043 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1044 struct nfs_fh *mntfh = ctx->mntfh;
1045 struct sockaddr_storage *sap = &ctx->nfs_server._address;
1046 int extra_flags = NFS_MOUNT_LEGACY_INTERFACE;
1052 ctx->version = NFS_DEFAULT_VERSION;
1053 switch (data->version) {
1061 if (data->flags & NFS_MOUNT_VER3)
1063 data->root.size = NFS2_FHSIZE;
1064 memcpy(data->root.data, data->old_root.data, NFS2_FHSIZE);
1065 /* Turn off security negotiation */
1066 extra_flags |= NFS_MOUNT_SECFLAVOUR;
1069 if (data->flags & NFS_MOUNT_SECFLAVOUR)
1073 memset(data->context, 0, sizeof(data->context));
1076 if (data->flags & NFS_MOUNT_VER3) {
1077 if (data->root.size > NFS3_FHSIZE || data->root.size == 0)
1078 goto out_invalid_fh;
1079 mntfh->size = data->root.size;
1082 mntfh->size = NFS2_FHSIZE;
1087 memcpy(mntfh->data, data->root.data, mntfh->size);
1088 if (mntfh->size < sizeof(mntfh->data))
1089 memset(mntfh->data + mntfh->size, 0,
1090 sizeof(mntfh->data) - mntfh->size);
1093 * for proto == XPRT_TRANSPORT_UDP, which is what uses
1094 * to_exponential, implying shift: limit the shift value
1095 * to BITS_PER_LONG (majortimeo is unsigned long)
1097 if (!(data->flags & NFS_MOUNT_TCP)) /* this will be UDP */
1098 if (data->retrans >= 64) /* shift value is too large */
1099 goto out_invalid_data;
1102 * Translate to nfs_fs_context, which nfs_fill_super
1105 ctx->flags = data->flags & NFS_MOUNT_FLAGMASK;
1106 ctx->flags |= extra_flags;
1107 ctx->rsize = data->rsize;
1108 ctx->wsize = data->wsize;
1109 ctx->timeo = data->timeo;
1110 ctx->retrans = data->retrans;
1111 ctx->acregmin = data->acregmin;
1112 ctx->acregmax = data->acregmax;
1113 ctx->acdirmin = data->acdirmin;
1114 ctx->acdirmax = data->acdirmax;
1115 ctx->need_mount = false;
1117 if (!is_remount_fc(fc)) {
1118 memcpy(sap, &data->addr, sizeof(data->addr));
1119 ctx->nfs_server.addrlen = sizeof(data->addr);
1120 ctx->nfs_server.port = ntohs(data->addr.sin_port);
1123 if (sap->ss_family != AF_INET ||
1124 !nfs_verify_server_address(sap))
1125 goto out_no_address;
1127 if (!(data->flags & NFS_MOUNT_TCP))
1128 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
1129 /* N.B. caller will free nfs_server.hostname in all cases */
1130 ctx->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL);
1131 if (!ctx->nfs_server.hostname)
1134 ctx->namlen = data->namlen;
1135 ctx->bsize = data->bsize;
1137 if (data->flags & NFS_MOUNT_SECFLAVOUR)
1138 ctx->selected_flavor = data->pseudoflavor;
1140 ctx->selected_flavor = RPC_AUTH_UNIX;
1142 if (!(data->flags & NFS_MOUNT_NONLM))
1143 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK|
1144 NFS_MOUNT_LOCAL_FCNTL);
1146 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK|
1147 NFS_MOUNT_LOCAL_FCNTL);
1150 * The legacy version 6 binary mount data from userspace has a
1151 * field used only to transport selinux information into the
1152 * kernel. To continue to support that functionality we
1153 * have a touch of selinux knowledge here in the NFS code. The
1154 * userspace code converted context=blah to just blah so we are
1155 * converting back to the full string selinux understands.
1157 if (data->context[0]){
1158 #ifdef CONFIG_SECURITY_SELINUX
1161 data->context[NFS_MAX_CONTEXT_LEN] = '\0';
1162 ret = vfs_parse_fs_string(fc, "context",
1163 data->context, strlen(data->context));
1176 ret = nfs_validate_transport_protocol(fc, ctx);
1180 ctx->skip_reconfig_option_check = true;
1184 return generic_parse_monolithic(fc, data);
1187 if (is_remount_fc(fc)) {
1188 ctx->skip_reconfig_option_check = true;
1191 return nfs_invalf(fc, "NFS: mount program didn't pass any mount data");
1194 return nfs_invalf(fc, "NFS: nfs_mount_data version does not support v3");
1197 return nfs_invalf(fc, "NFS: nfs_mount_data version supports only AUTH_SYS");
1203 return nfs_invalf(fc, "NFS: mount program didn't pass remote address");
1206 return nfs_invalf(fc, "NFS: invalid root filehandle");
1209 return nfs_invalf(fc, "NFS: invalid binary mount data");
1212 #if IS_ENABLED(CONFIG_NFS_V4)
1213 struct compat_nfs_string {
1218 static inline void compat_nfs_string(struct nfs_string *dst,
1219 struct compat_nfs_string *src)
1221 dst->data = compat_ptr(src->data);
1222 dst->len = src->len;
1225 struct compat_nfs4_mount_data_v1 {
1226 compat_int_t version;
1231 compat_int_t retrans;
1232 compat_int_t acregmin;
1233 compat_int_t acregmax;
1234 compat_int_t acdirmin;
1235 compat_int_t acdirmax;
1236 struct compat_nfs_string client_addr;
1237 struct compat_nfs_string mnt_path;
1238 struct compat_nfs_string hostname;
1239 compat_uint_t host_addrlen;
1240 compat_uptr_t host_addr;
1242 compat_int_t auth_flavourlen;
1243 compat_uptr_t auth_flavours;
1246 static void nfs4_compat_mount_data_conv(struct nfs4_mount_data *data)
1248 struct compat_nfs4_mount_data_v1 *compat =
1249 (struct compat_nfs4_mount_data_v1 *)data;
1251 /* copy the fields backwards */
1252 data->auth_flavours = compat_ptr(compat->auth_flavours);
1253 data->auth_flavourlen = compat->auth_flavourlen;
1254 data->proto = compat->proto;
1255 data->host_addr = compat_ptr(compat->host_addr);
1256 data->host_addrlen = compat->host_addrlen;
1257 compat_nfs_string(&data->hostname, &compat->hostname);
1258 compat_nfs_string(&data->mnt_path, &compat->mnt_path);
1259 compat_nfs_string(&data->client_addr, &compat->client_addr);
1260 data->acdirmax = compat->acdirmax;
1261 data->acdirmin = compat->acdirmin;
1262 data->acregmax = compat->acregmax;
1263 data->acregmin = compat->acregmin;
1264 data->retrans = compat->retrans;
1265 data->timeo = compat->timeo;
1266 data->wsize = compat->wsize;
1267 data->rsize = compat->rsize;
1268 data->flags = compat->flags;
1269 data->version = compat->version;
1273 * Validate NFSv4 mount options
1275 static int nfs4_parse_monolithic(struct fs_context *fc,
1276 struct nfs4_mount_data *data)
1278 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1279 struct sockaddr_storage *sap = &ctx->nfs_server._address;
1284 if (is_remount_fc(fc))
1286 return nfs_invalf(fc,
1287 "NFS4: mount program didn't pass any mount data");
1292 if (data->version != 1)
1293 return generic_parse_monolithic(fc, data);
1295 if (in_compat_syscall())
1296 nfs4_compat_mount_data_conv(data);
1298 if (data->host_addrlen > sizeof(ctx->nfs_server.address))
1299 goto out_no_address;
1300 if (data->host_addrlen == 0)
1301 goto out_no_address;
1302 ctx->nfs_server.addrlen = data->host_addrlen;
1303 if (copy_from_user(sap, data->host_addr, data->host_addrlen))
1305 if (!nfs_verify_server_address(sap))
1306 goto out_no_address;
1307 ctx->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port);
1309 if (data->auth_flavourlen) {
1310 rpc_authflavor_t pseudoflavor;
1312 if (data->auth_flavourlen > 1)
1313 goto out_inval_auth;
1314 if (copy_from_user(&pseudoflavor, data->auth_flavours,
1315 sizeof(pseudoflavor)))
1317 ctx->selected_flavor = pseudoflavor;
1319 ctx->selected_flavor = RPC_AUTH_UNIX;
1322 c = strndup_user(data->hostname.data, NFS4_MAXNAMLEN);
1325 ctx->nfs_server.hostname = c;
1327 c = strndup_user(data->mnt_path.data, NFS4_MAXPATHLEN);
1330 ctx->nfs_server.export_path = c;
1331 trace_nfs_mount_path(c);
1333 c = strndup_user(data->client_addr.data, 16);
1336 ctx->client_address = c;
1339 * Translate to nfs_fs_context, which nfs_fill_super
1343 ctx->flags = data->flags & NFS4_MOUNT_FLAGMASK;
1344 ctx->rsize = data->rsize;
1345 ctx->wsize = data->wsize;
1346 ctx->timeo = data->timeo;
1347 ctx->retrans = data->retrans;
1348 ctx->acregmin = data->acregmin;
1349 ctx->acregmax = data->acregmax;
1350 ctx->acdirmin = data->acdirmin;
1351 ctx->acdirmax = data->acdirmax;
1352 ctx->nfs_server.protocol = data->proto;
1353 ret = nfs_validate_transport_protocol(fc, ctx);
1357 ctx->skip_reconfig_option_check = true;
1361 return nfs_invalf(fc, "NFS4: Invalid number of RPC auth flavours %d",
1362 data->auth_flavourlen);
1365 return nfs_invalf(fc, "NFS4: mount program didn't pass remote address");
1370 * Parse a monolithic block of data from sys_mount().
1372 static int nfs_fs_context_parse_monolithic(struct fs_context *fc,
1375 if (fc->fs_type == &nfs_fs_type)
1376 return nfs23_parse_monolithic(fc, data);
1378 #if IS_ENABLED(CONFIG_NFS_V4)
1379 if (fc->fs_type == &nfs4_fs_type)
1380 return nfs4_parse_monolithic(fc, data);
1383 return nfs_invalf(fc, "NFS: Unsupported monolithic data version");
1387 * Validate the preparsed information in the config.
1389 static int nfs_fs_context_validate(struct fs_context *fc)
1391 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1392 struct nfs_subversion *nfs_mod;
1393 struct sockaddr_storage *sap = &ctx->nfs_server._address;
1394 int max_namelen = PAGE_SIZE;
1395 int max_pathlen = NFS_MAXPATHLEN;
1400 goto out_no_device_name;
1402 /* Check for sanity first. */
1403 if (ctx->minorversion && ctx->version != 4)
1404 goto out_minorversion_mismatch;
1406 if (ctx->options & NFS_OPTION_MIGRATION &&
1407 (ctx->version != 4 || ctx->minorversion != 0))
1408 goto out_migration_misuse;
1410 /* Verify that any proto=/mountproto= options match the address
1411 * families in the addr=/mountaddr= options.
1413 if (ctx->protofamily != AF_UNSPEC &&
1414 ctx->protofamily != ctx->nfs_server.address.sa_family)
1415 goto out_proto_mismatch;
1417 if (ctx->mountfamily != AF_UNSPEC) {
1418 if (ctx->mount_server.addrlen) {
1419 if (ctx->mountfamily != ctx->mount_server.address.sa_family)
1420 goto out_mountproto_mismatch;
1422 if (ctx->mountfamily != ctx->nfs_server.address.sa_family)
1423 goto out_mountproto_mismatch;
1427 if (!nfs_verify_server_address(sap))
1428 goto out_no_address;
1430 ret = nfs_validate_transport_protocol(fc, ctx);
1434 if (ctx->version == 4) {
1435 if (IS_ENABLED(CONFIG_NFS_V4)) {
1436 if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA)
1437 port = NFS_RDMA_PORT;
1440 max_namelen = NFS4_MAXNAMLEN;
1441 max_pathlen = NFS4_MAXPATHLEN;
1442 ctx->flags &= ~(NFS_MOUNT_NONLM | NFS_MOUNT_NOACL |
1443 NFS_MOUNT_VER3 | NFS_MOUNT_LOCAL_FLOCK |
1444 NFS_MOUNT_LOCAL_FCNTL);
1446 goto out_v4_not_compiled;
1449 nfs_set_mount_transport_protocol(ctx);
1450 if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA)
1451 port = NFS_RDMA_PORT;
1454 nfs_set_port(sap, &ctx->nfs_server.port, port);
1456 ret = nfs_parse_source(fc, max_namelen, max_pathlen);
1460 /* Load the NFS protocol module if we haven't done so yet */
1461 if (!ctx->nfs_mod) {
1462 nfs_mod = get_nfs_version(ctx->version);
1463 if (IS_ERR(nfs_mod)) {
1464 ret = PTR_ERR(nfs_mod);
1465 goto out_version_unavailable;
1467 ctx->nfs_mod = nfs_mod;
1470 /* Ensure the filesystem context has the correct fs_type */
1471 if (fc->fs_type != ctx->nfs_mod->nfs_fs) {
1472 module_put(fc->fs_type->owner);
1473 __module_get(ctx->nfs_mod->nfs_fs->owner);
1474 fc->fs_type = ctx->nfs_mod->nfs_fs;
1479 return nfs_invalf(fc, "NFS: Device name not specified");
1480 out_v4_not_compiled:
1481 nfs_errorf(fc, "NFS: NFSv4 is not compiled into kernel");
1482 return -EPROTONOSUPPORT;
1484 return nfs_invalf(fc, "NFS: mount program didn't pass remote address");
1485 out_mountproto_mismatch:
1486 return nfs_invalf(fc, "NFS: Mount server address does not match mountproto= option");
1488 return nfs_invalf(fc, "NFS: Server address does not match proto= option");
1489 out_minorversion_mismatch:
1490 return nfs_invalf(fc, "NFS: Mount option vers=%u does not support minorversion=%u",
1491 ctx->version, ctx->minorversion);
1492 out_migration_misuse:
1493 return nfs_invalf(fc, "NFS: 'Migration' not supported for this NFS version");
1494 out_version_unavailable:
1495 nfs_errorf(fc, "NFS: Version unavailable");
1500 * Create an NFS superblock by the appropriate method.
1502 static int nfs_get_tree(struct fs_context *fc)
1504 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1505 int err = nfs_fs_context_validate(fc);
1510 return ctx->nfs_mod->rpc_ops->try_get_tree(fc);
1512 return nfs_get_tree_common(fc);
1516 * Handle duplication of a configuration. The caller copied *src into *sc, but
1517 * it can't deal with resource pointers in the filesystem context, so we have
1518 * to do that. We need to clear pointers, copy data or get extra refs as
1521 static int nfs_fs_context_dup(struct fs_context *fc, struct fs_context *src_fc)
1523 struct nfs_fs_context *src = nfs_fc2context(src_fc), *ctx;
1525 ctx = kmemdup(src, sizeof(struct nfs_fs_context), GFP_KERNEL);
1529 ctx->mntfh = nfs_alloc_fhandle();
1534 nfs_copy_fh(ctx->mntfh, src->mntfh);
1536 __module_get(ctx->nfs_mod->owner);
1537 ctx->client_address = NULL;
1538 ctx->mount_server.hostname = NULL;
1539 ctx->nfs_server.export_path = NULL;
1540 ctx->nfs_server.hostname = NULL;
1541 ctx->fscache_uniq = NULL;
1542 ctx->clone_data.fattr = NULL;
1543 fc->fs_private = ctx;
1547 static void nfs_fs_context_free(struct fs_context *fc)
1549 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1553 nfs_free_server(ctx->server);
1555 put_nfs_version(ctx->nfs_mod);
1556 kfree(ctx->client_address);
1557 kfree(ctx->mount_server.hostname);
1558 kfree(ctx->nfs_server.export_path);
1559 kfree(ctx->nfs_server.hostname);
1560 kfree(ctx->fscache_uniq);
1561 nfs_free_fhandle(ctx->mntfh);
1562 nfs_free_fattr(ctx->clone_data.fattr);
1567 static const struct fs_context_operations nfs_fs_context_ops = {
1568 .free = nfs_fs_context_free,
1569 .dup = nfs_fs_context_dup,
1570 .parse_param = nfs_fs_context_parse_param,
1571 .parse_monolithic = nfs_fs_context_parse_monolithic,
1572 .get_tree = nfs_get_tree,
1573 .reconfigure = nfs_reconfigure,
1577 * Prepare superblock configuration. We use the namespaces attached to the
1578 * context. This may be the current process's namespaces, or it may be a
1579 * container's namespaces.
1581 static int nfs_init_fs_context(struct fs_context *fc)
1583 struct nfs_fs_context *ctx;
1585 ctx = kzalloc(sizeof(struct nfs_fs_context), GFP_KERNEL);
1589 ctx->mntfh = nfs_alloc_fhandle();
1590 if (unlikely(!ctx->mntfh)) {
1595 ctx->protofamily = AF_UNSPEC;
1596 ctx->mountfamily = AF_UNSPEC;
1597 ctx->mount_server.port = NFS_UNSPEC_PORT;
1600 /* reconfigure, start with the current config */
1601 struct nfs_server *nfss = fc->root->d_sb->s_fs_info;
1602 struct net *net = nfss->nfs_client->cl_net;
1604 ctx->flags = nfss->flags;
1605 ctx->rsize = nfss->rsize;
1606 ctx->wsize = nfss->wsize;
1607 ctx->retrans = nfss->client->cl_timeout->to_retries;
1608 ctx->selected_flavor = nfss->client->cl_auth->au_flavor;
1609 ctx->acregmin = nfss->acregmin / HZ;
1610 ctx->acregmax = nfss->acregmax / HZ;
1611 ctx->acdirmin = nfss->acdirmin / HZ;
1612 ctx->acdirmax = nfss->acdirmax / HZ;
1613 ctx->timeo = 10U * nfss->client->cl_timeout->to_initval / HZ;
1614 ctx->nfs_server.port = nfss->port;
1615 ctx->nfs_server.addrlen = nfss->nfs_client->cl_addrlen;
1616 ctx->version = nfss->nfs_client->rpc_ops->version;
1617 ctx->minorversion = nfss->nfs_client->cl_minorversion;
1619 memcpy(&ctx->nfs_server._address, &nfss->nfs_client->cl_addr,
1620 ctx->nfs_server.addrlen);
1622 if (fc->net_ns != net) {
1623 put_net(fc->net_ns);
1624 fc->net_ns = get_net(net);
1627 ctx->nfs_mod = nfss->nfs_client->cl_nfs_mod;
1628 __module_get(ctx->nfs_mod->owner);
1631 ctx->timeo = NFS_UNSPEC_TIMEO;
1632 ctx->retrans = NFS_UNSPEC_RETRANS;
1633 ctx->acregmin = NFS_DEF_ACREGMIN;
1634 ctx->acregmax = NFS_DEF_ACREGMAX;
1635 ctx->acdirmin = NFS_DEF_ACDIRMIN;
1636 ctx->acdirmax = NFS_DEF_ACDIRMAX;
1637 ctx->nfs_server.port = NFS_UNSPEC_PORT;
1638 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
1639 ctx->selected_flavor = RPC_AUTH_MAXFLAVOR;
1640 ctx->minorversion = 0;
1641 ctx->need_mount = true;
1642 ctx->xprtsec.policy = RPC_XPRTSEC_NONE;
1643 ctx->xprtsec.cert_serial = TLS_NO_CERT;
1644 ctx->xprtsec.privkey_serial = TLS_NO_PRIVKEY;
1646 fc->s_iflags |= SB_I_STABLE_WRITES;
1648 fc->fs_private = ctx;
1649 fc->ops = &nfs_fs_context_ops;
1653 struct file_system_type nfs_fs_type = {
1654 .owner = THIS_MODULE,
1656 .init_fs_context = nfs_init_fs_context,
1657 .parameters = nfs_fs_parameters,
1658 .kill_sb = nfs_kill_super,
1659 .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA,
1661 MODULE_ALIAS_FS("nfs");
1662 EXPORT_SYMBOL_GPL(nfs_fs_type);
1664 #if IS_ENABLED(CONFIG_NFS_V4)
1665 struct file_system_type nfs4_fs_type = {
1666 .owner = THIS_MODULE,
1668 .init_fs_context = nfs_init_fs_context,
1669 .parameters = nfs_fs_parameters,
1670 .kill_sb = nfs_kill_super,
1671 .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA,
1673 MODULE_ALIAS_FS("nfs4");
1674 MODULE_ALIAS("nfs4");
1675 EXPORT_SYMBOL_GPL(nfs4_fs_type);
1676 #endif /* CONFIG_NFS_V4 */
projects / linux.git / blob