1 // SPDX-License-Identifier: GPL-2.0-only
3 * linux/fs/nfs/fs_context.c
5 * Copyright (C) 1992 Rick Sladkey
6 * Conversion to new mount api Copyright (C) David Howells
10 * Split from fs/nfs/super.c by David Howells <dhowells@redhat.com>
13 #include <linux/module.h>
15 #include <linux/fs_context.h>
16 #include <linux/fs_parser.h>
17 #include <linux/nfs_fs.h>
18 #include <linux/nfs_mount.h>
19 #include <linux/nfs4_mount.h>
23 #define NFSDBG_FACILITY NFSDBG_MOUNT
25 #if IS_ENABLED(CONFIG_NFS_V3)
26 #define NFS_DEFAULT_VERSION 3
28 #define NFS_DEFAULT_VERSION 2
31 #define NFS_MAX_CONNECTIONS 16
96 static const struct constant_table nfs_param_enums_local_lock[] = {
97 { "all", Opt_local_lock_all },
98 { "flock", Opt_local_lock_flock },
99 { "posix", Opt_local_lock_posix },
100 { "none", Opt_local_lock_none },
106 Opt_lookupcache_none,
107 Opt_lookupcache_positive,
110 static const struct constant_table nfs_param_enums_lookupcache[] = {
111 { "all", Opt_lookupcache_all },
112 { "none", Opt_lookupcache_none },
113 { "pos", Opt_lookupcache_positive },
114 { "positive", Opt_lookupcache_positive },
124 static const struct constant_table nfs_param_enums_write[] = {
125 { "lazy", Opt_write_lazy },
126 { "eager", Opt_write_eager },
127 { "wait", Opt_write_wait },
131 static const struct fs_parameter_spec nfs_fs_parameters[] = {
132 fsparam_flag_no("ac", Opt_ac),
133 fsparam_u32 ("acdirmax", Opt_acdirmax),
134 fsparam_u32 ("acdirmin", Opt_acdirmin),
135 fsparam_flag_no("acl", Opt_acl),
136 fsparam_u32 ("acregmax", Opt_acregmax),
137 fsparam_u32 ("acregmin", Opt_acregmin),
138 fsparam_u32 ("actimeo", Opt_actimeo),
139 fsparam_string("addr", Opt_addr),
140 fsparam_flag ("bg", Opt_bg),
141 fsparam_u32 ("bsize", Opt_bsize),
142 fsparam_string("clientaddr", Opt_clientaddr),
143 fsparam_flag_no("cto", Opt_cto),
144 fsparam_flag ("fg", Opt_fg),
145 fsparam_flag_no("fsc", Opt_fscache_flag),
146 fsparam_string("fsc", Opt_fscache),
147 fsparam_flag ("hard", Opt_hard),
148 __fsparam(NULL, "intr", Opt_intr,
149 fs_param_neg_with_no|fs_param_deprecated, NULL),
150 fsparam_enum ("local_lock", Opt_local_lock, nfs_param_enums_local_lock),
151 fsparam_flag_no("lock", Opt_lock),
152 fsparam_enum ("lookupcache", Opt_lookupcache, nfs_param_enums_lookupcache),
153 fsparam_flag_no("migration", Opt_migration),
154 fsparam_u32 ("minorversion", Opt_minorversion),
155 fsparam_string("mountaddr", Opt_mountaddr),
156 fsparam_string("mounthost", Opt_mounthost),
157 fsparam_u32 ("mountport", Opt_mountport),
158 fsparam_string("mountproto", Opt_mountproto),
159 fsparam_u32 ("mountvers", Opt_mountvers),
160 fsparam_u32 ("namlen", Opt_namelen),
161 fsparam_u32 ("nconnect", Opt_nconnect),
162 fsparam_u32 ("max_connect", Opt_max_connect),
163 fsparam_string("nfsvers", Opt_vers),
164 fsparam_u32 ("port", Opt_port),
165 fsparam_flag_no("posix", Opt_posix),
166 fsparam_string("proto", Opt_proto),
167 fsparam_flag_no("rdirplus", Opt_rdirplus),
168 fsparam_flag ("rdma", Opt_rdma),
169 fsparam_flag_no("resvport", Opt_resvport),
170 fsparam_u32 ("retrans", Opt_retrans),
171 fsparam_string("retry", Opt_retry),
172 fsparam_u32 ("rsize", Opt_rsize),
173 fsparam_string("sec", Opt_sec),
174 fsparam_flag_no("sharecache", Opt_sharecache),
175 fsparam_flag ("sloppy", Opt_sloppy),
176 fsparam_flag ("soft", Opt_soft),
177 fsparam_flag ("softerr", Opt_softerr),
178 fsparam_flag ("softreval", Opt_softreval),
179 fsparam_string("source", Opt_source),
180 fsparam_flag ("tcp", Opt_tcp),
181 fsparam_u32 ("timeo", Opt_timeo),
182 fsparam_flag ("udp", Opt_udp),
183 fsparam_flag ("v2", Opt_v),
184 fsparam_flag ("v3", Opt_v),
185 fsparam_flag ("v4", Opt_v),
186 fsparam_flag ("v4.0", Opt_v),
187 fsparam_flag ("v4.1", Opt_v),
188 fsparam_flag ("v4.2", Opt_v),
189 fsparam_string("vers", Opt_vers),
190 fsparam_enum ("write", Opt_write, nfs_param_enums_write),
191 fsparam_u32 ("wsize", Opt_wsize),
204 static const struct constant_table nfs_vers_tokens[] = {
208 { "4.0", Opt_vers_4_0 },
209 { "4.1", Opt_vers_4_1 },
210 { "4.2", Opt_vers_4_2 },
224 static const struct constant_table nfs_xprt_protocol_tokens[] = {
225 { "rdma", Opt_xprt_rdma },
226 { "rdma6", Opt_xprt_rdma6 },
227 { "tcp", Opt_xprt_tcp },
228 { "tcp6", Opt_xprt_tcp6 },
229 { "udp", Opt_xprt_udp },
230 { "udp6", Opt_xprt_udp6 },
249 static const struct constant_table nfs_secflavor_tokens[] = {
250 { "krb5", Opt_sec_krb5 },
251 { "krb5i", Opt_sec_krb5i },
252 { "krb5p", Opt_sec_krb5p },
253 { "lkey", Opt_sec_lkey },
254 { "lkeyi", Opt_sec_lkeyi },
255 { "lkeyp", Opt_sec_lkeyp },
256 { "none", Opt_sec_none },
257 { "null", Opt_sec_none },
258 { "spkm3", Opt_sec_spkm },
259 { "spkm3i", Opt_sec_spkmi },
260 { "spkm3p", Opt_sec_spkmp },
261 { "sys", Opt_sec_sys },
266 * Sanity-check a server address provided by the mount command.
268 * Address family must be initialized, and address must not be
269 * the ANY address for that family.
271 static int nfs_verify_server_address(struct sockaddr *addr)
273 switch (addr->sa_family) {
275 struct sockaddr_in *sa = (struct sockaddr_in *)addr;
276 return sa->sin_addr.s_addr != htonl(INADDR_ANY);
279 struct in6_addr *sa = &((struct sockaddr_in6 *)addr)->sin6_addr;
280 return !ipv6_addr_any(sa);
284 dfprintk(MOUNT, "NFS: Invalid IP address specified\n");
288 #ifdef CONFIG_NFS_DISABLE_UDP_SUPPORT
289 static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx)
294 static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx)
296 if (ctx->version == 4)
303 * Sanity check the NFS transport protocol.
305 static int nfs_validate_transport_protocol(struct fs_context *fc,
306 struct nfs_fs_context *ctx)
308 switch (ctx->nfs_server.protocol) {
309 case XPRT_TRANSPORT_UDP:
310 if (nfs_server_transport_udp_invalid(ctx))
311 goto out_invalid_transport_udp;
313 case XPRT_TRANSPORT_TCP:
314 case XPRT_TRANSPORT_RDMA:
317 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
320 out_invalid_transport_udp:
321 return nfs_invalf(fc, "NFS: Unsupported transport protocol udp");
325 * For text based NFSv2/v3 mounts, the mount protocol transport default
326 * settings should depend upon the specified NFS transport.
328 static void nfs_set_mount_transport_protocol(struct nfs_fs_context *ctx)
330 if (ctx->mount_server.protocol == XPRT_TRANSPORT_UDP ||
331 ctx->mount_server.protocol == XPRT_TRANSPORT_TCP)
333 switch (ctx->nfs_server.protocol) {
334 case XPRT_TRANSPORT_UDP:
335 ctx->mount_server.protocol = XPRT_TRANSPORT_UDP;
337 case XPRT_TRANSPORT_TCP:
338 case XPRT_TRANSPORT_RDMA:
339 ctx->mount_server.protocol = XPRT_TRANSPORT_TCP;
344 * Add 'flavor' to 'auth_info' if not already present.
345 * Returns true if 'flavor' ends up in the list, false otherwise
347 static int nfs_auth_info_add(struct fs_context *fc,
348 struct nfs_auth_info *auth_info,
349 rpc_authflavor_t flavor)
352 unsigned int max_flavor_len = ARRAY_SIZE(auth_info->flavors);
354 /* make sure this flavor isn't already in the list */
355 for (i = 0; i < auth_info->flavor_len; i++) {
356 if (flavor == auth_info->flavors[i])
360 if (auth_info->flavor_len + 1 >= max_flavor_len)
361 return nfs_invalf(fc, "NFS: too many sec= flavors");
363 auth_info->flavors[auth_info->flavor_len++] = flavor;
368 * Parse the value of the 'sec=' option.
370 static int nfs_parse_security_flavors(struct fs_context *fc,
371 struct fs_parameter *param)
373 struct nfs_fs_context *ctx = nfs_fc2context(fc);
374 rpc_authflavor_t pseudoflavor;
375 char *string = param->string, *p;
378 dfprintk(MOUNT, "NFS: parsing %s=%s option\n", param->key, param->string);
380 while ((p = strsep(&string, ":")) != NULL) {
383 switch (lookup_constant(nfs_secflavor_tokens, p, -1)) {
385 pseudoflavor = RPC_AUTH_NULL;
388 pseudoflavor = RPC_AUTH_UNIX;
391 pseudoflavor = RPC_AUTH_GSS_KRB5;
394 pseudoflavor = RPC_AUTH_GSS_KRB5I;
397 pseudoflavor = RPC_AUTH_GSS_KRB5P;
400 pseudoflavor = RPC_AUTH_GSS_LKEY;
403 pseudoflavor = RPC_AUTH_GSS_LKEYI;
406 pseudoflavor = RPC_AUTH_GSS_LKEYP;
409 pseudoflavor = RPC_AUTH_GSS_SPKM;
412 pseudoflavor = RPC_AUTH_GSS_SPKMI;
415 pseudoflavor = RPC_AUTH_GSS_SPKMP;
418 return nfs_invalf(fc, "NFS: sec=%s option not recognized", p);
421 ret = nfs_auth_info_add(fc, &ctx->auth_info, pseudoflavor);
429 static int nfs_parse_version_string(struct fs_context *fc,
432 struct nfs_fs_context *ctx = nfs_fc2context(fc);
434 ctx->flags &= ~NFS_MOUNT_VER3;
435 switch (lookup_constant(nfs_vers_tokens, string, -1)) {
440 ctx->flags |= NFS_MOUNT_VER3;
444 /* Backward compatibility option. In future,
445 * the mount program should always supply
446 * a NFSv4 minor version number.
452 ctx->minorversion = 0;
456 ctx->minorversion = 1;
460 ctx->minorversion = 2;
463 return nfs_invalf(fc, "NFS: Unsupported NFS version");
469 * Parse a single mount parameter.
471 static int nfs_fs_context_parse_param(struct fs_context *fc,
472 struct fs_parameter *param)
474 struct fs_parse_result result;
475 struct nfs_fs_context *ctx = nfs_fc2context(fc);
476 unsigned short protofamily, mountfamily;
480 dfprintk(MOUNT, "NFS: parsing nfs mount option '%s'\n", param->key);
482 opt = fs_parse(fc, nfs_fs_parameters, param, &result);
484 return ctx->sloppy ? 1 : opt;
487 ctx->has_sec_mnt_opts = 1;
492 return nfs_invalf(fc, "NFS: Multiple sources not supported");
493 fc->source = param->string;
494 param->string = NULL;
498 * boolean options: foo/nofoo
501 ctx->flags |= NFS_MOUNT_SOFT;
502 ctx->flags &= ~NFS_MOUNT_SOFTERR;
505 ctx->flags |= NFS_MOUNT_SOFTERR | NFS_MOUNT_SOFTREVAL;
506 ctx->flags &= ~NFS_MOUNT_SOFT;
509 ctx->flags &= ~(NFS_MOUNT_SOFT |
511 NFS_MOUNT_SOFTREVAL);
515 ctx->flags &= ~NFS_MOUNT_SOFTREVAL;
517 ctx->flags |= NFS_MOUNT_SOFTREVAL;
521 ctx->flags &= ~NFS_MOUNT_POSIX;
523 ctx->flags |= NFS_MOUNT_POSIX;
527 ctx->flags |= NFS_MOUNT_NOCTO;
529 ctx->flags &= ~NFS_MOUNT_NOCTO;
533 ctx->flags |= NFS_MOUNT_NOAC;
535 ctx->flags &= ~NFS_MOUNT_NOAC;
538 if (result.negated) {
539 ctx->flags |= NFS_MOUNT_NONLM;
540 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL);
542 ctx->flags &= ~NFS_MOUNT_NONLM;
543 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL);
547 ctx->flags &= ~NFS_MOUNT_TCP;
548 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
552 ctx->flags |= NFS_MOUNT_TCP; /* for side protocols */
553 ret = xprt_find_transport_ident(param->key);
555 goto out_bad_transport;
556 ctx->nfs_server.protocol = ret;
560 ctx->flags |= NFS_MOUNT_NOACL;
562 ctx->flags &= ~NFS_MOUNT_NOACL;
566 ctx->flags |= NFS_MOUNT_NORDIRPLUS;
568 ctx->flags &= ~NFS_MOUNT_NORDIRPLUS;
572 ctx->flags |= NFS_MOUNT_UNSHARED;
574 ctx->flags &= ~NFS_MOUNT_UNSHARED;
578 ctx->flags |= NFS_MOUNT_NORESVPORT;
580 ctx->flags &= ~NFS_MOUNT_NORESVPORT;
582 case Opt_fscache_flag:
584 ctx->options &= ~NFS_OPTION_FSCACHE;
586 ctx->options |= NFS_OPTION_FSCACHE;
587 kfree(ctx->fscache_uniq);
588 ctx->fscache_uniq = NULL;
591 ctx->options |= NFS_OPTION_FSCACHE;
592 kfree(ctx->fscache_uniq);
593 ctx->fscache_uniq = param->string;
594 param->string = NULL;
598 ctx->options &= ~NFS_OPTION_MIGRATION;
600 ctx->options |= NFS_OPTION_MIGRATION;
604 * options that take numeric values
607 if (result.uint_32 > USHRT_MAX)
609 ctx->nfs_server.port = result.uint_32;
612 ctx->rsize = result.uint_32;
615 ctx->wsize = result.uint_32;
618 ctx->bsize = result.uint_32;
621 if (result.uint_32 < 1 || result.uint_32 > INT_MAX)
623 ctx->timeo = result.uint_32;
626 if (result.uint_32 > INT_MAX)
628 ctx->retrans = result.uint_32;
631 ctx->acregmin = result.uint_32;
634 ctx->acregmax = result.uint_32;
637 ctx->acdirmin = result.uint_32;
640 ctx->acdirmax = result.uint_32;
643 ctx->acregmin = result.uint_32;
644 ctx->acregmax = result.uint_32;
645 ctx->acdirmin = result.uint_32;
646 ctx->acdirmax = result.uint_32;
649 ctx->namlen = result.uint_32;
652 if (result.uint_32 > USHRT_MAX)
654 ctx->mount_server.port = result.uint_32;
657 if (result.uint_32 < NFS_MNT_VERSION ||
658 result.uint_32 > NFS_MNT3_VERSION)
660 ctx->mount_server.version = result.uint_32;
662 case Opt_minorversion:
663 if (result.uint_32 > NFS4_MAX_MINOR_VERSION)
665 ctx->minorversion = result.uint_32;
669 * options that take text values
672 ret = nfs_parse_version_string(fc, param->key + 1);
677 ret = nfs_parse_version_string(fc, param->string);
682 ret = nfs_parse_security_flavors(fc, param);
688 protofamily = AF_INET;
689 switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) {
691 protofamily = AF_INET6;
694 ctx->flags &= ~NFS_MOUNT_TCP;
695 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
698 protofamily = AF_INET6;
701 ctx->flags |= NFS_MOUNT_TCP;
702 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
705 protofamily = AF_INET6;
708 /* vector side protocols to TCP */
709 ctx->flags |= NFS_MOUNT_TCP;
710 ret = xprt_find_transport_ident(param->string);
712 goto out_bad_transport;
713 ctx->nfs_server.protocol = ret;
716 goto out_bad_transport;
719 ctx->protofamily = protofamily;
723 mountfamily = AF_INET;
724 switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) {
726 mountfamily = AF_INET6;
729 ctx->mount_server.protocol = XPRT_TRANSPORT_UDP;
732 mountfamily = AF_INET6;
735 ctx->mount_server.protocol = XPRT_TRANSPORT_TCP;
737 case Opt_xprt_rdma: /* not used for side protocols */
739 goto out_bad_transport;
741 ctx->mountfamily = mountfamily;
745 len = rpc_pton(fc->net_ns, param->string, param->size,
746 &ctx->nfs_server.address,
747 sizeof(ctx->nfs_server._address));
749 goto out_invalid_address;
750 ctx->nfs_server.addrlen = len;
753 kfree(ctx->client_address);
754 ctx->client_address = param->string;
755 param->string = NULL;
758 kfree(ctx->mount_server.hostname);
759 ctx->mount_server.hostname = param->string;
760 param->string = NULL;
763 len = rpc_pton(fc->net_ns, param->string, param->size,
764 &ctx->mount_server.address,
765 sizeof(ctx->mount_server._address));
767 goto out_invalid_address;
768 ctx->mount_server.addrlen = len;
771 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_CONNECTIONS)
773 ctx->nfs_server.nconnect = result.uint_32;
775 case Opt_max_connect:
776 if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_TRANSPORTS)
778 ctx->nfs_server.max_connect = result.uint_32;
780 case Opt_lookupcache:
781 switch (result.uint_32) {
782 case Opt_lookupcache_all:
783 ctx->flags &= ~(NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE);
785 case Opt_lookupcache_positive:
786 ctx->flags &= ~NFS_MOUNT_LOOKUP_CACHE_NONE;
787 ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG;
789 case Opt_lookupcache_none:
790 ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE;
793 goto out_invalid_value;
797 switch (result.uint_32) {
798 case Opt_local_lock_all:
799 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK |
800 NFS_MOUNT_LOCAL_FCNTL);
802 case Opt_local_lock_flock:
803 ctx->flags |= NFS_MOUNT_LOCAL_FLOCK;
805 case Opt_local_lock_posix:
806 ctx->flags |= NFS_MOUNT_LOCAL_FCNTL;
808 case Opt_local_lock_none:
809 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK |
810 NFS_MOUNT_LOCAL_FCNTL);
813 goto out_invalid_value;
817 switch (result.uint_32) {
820 ~(NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT);
822 case Opt_write_eager:
823 ctx->flags |= NFS_MOUNT_WRITE_EAGER;
824 ctx->flags &= ~NFS_MOUNT_WRITE_WAIT;
828 NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT;
831 goto out_invalid_value;
840 dfprintk(MOUNT, "NFS: relaxing parsing rules\n");
847 return nfs_invalf(fc, "NFS: Bad mount option value specified");
849 return nfs_invalf(fc, "NFS: Bad IP address specified");
851 return nfs_invalf(fc, "NFS: Value for '%s' out of range", param->key);
853 return nfs_invalf(fc, "NFS: Unrecognized transport protocol");
857 * Split fc->source into "hostname:export_path".
859 * The leftmost colon demarks the split between the server's hostname
860 * and the export path. If the hostname starts with a left square
861 * bracket, then it may contain colons.
863 * Note: caller frees hostname and export path, even on error.
865 static int nfs_parse_source(struct fs_context *fc,
866 size_t maxnamlen, size_t maxpathlen)
868 struct nfs_fs_context *ctx = nfs_fc2context(fc);
869 const char *dev_name = fc->source;
873 if (unlikely(!dev_name || !*dev_name)) {
874 dfprintk(MOUNT, "NFS: device name not specified\n");
878 /* Is the host name protected with square brakcets? */
879 if (*dev_name == '[') {
880 end = strchr(++dev_name, ']');
881 if (end == NULL || end[1] != ':')
882 goto out_bad_devname;
884 len = end - dev_name;
889 end = strchr(dev_name, ':');
891 goto out_bad_devname;
892 len = end - dev_name;
894 /* kill possible hostname list: not supported */
895 comma = memchr(dev_name, ',', len);
897 len = comma - dev_name;
903 kfree(ctx->nfs_server.hostname);
905 /* N.B. caller will free nfs_server.hostname in all cases */
906 ctx->nfs_server.hostname = kmemdup_nul(dev_name, len, GFP_KERNEL);
907 if (!ctx->nfs_server.hostname)
910 if (len > maxpathlen)
912 ctx->nfs_server.export_path = kmemdup_nul(end, len, GFP_KERNEL);
913 if (!ctx->nfs_server.export_path)
916 dfprintk(MOUNT, "NFS: MNTPATH: '%s'\n", ctx->nfs_server.export_path);
920 return nfs_invalf(fc, "NFS: device name not in host:path format");
922 nfs_errorf(fc, "NFS: not enough memory to parse device name");
925 nfs_errorf(fc, "NFS: server hostname too long");
926 return -ENAMETOOLONG;
928 nfs_errorf(fc, "NFS: export pathname too long");
929 return -ENAMETOOLONG;
932 static inline bool is_remount_fc(struct fs_context *fc)
934 return fc->root != NULL;
938 * Parse monolithic NFS2/NFS3 mount data
939 * - fills in the mount root filehandle
941 * For option strings, user space handles the following behaviors:
943 * + DNS: mapping server host name to IP address ("addr=" option)
945 * + failure mode: how to behave if a mount request can't be handled
946 * immediately ("fg/bg" option)
948 * + retry: how often to retry a mount request ("retry=" option)
950 * + breaking back: trying proto=udp after proto=tcp, v2 after v3,
951 * mountproto=tcp after mountproto=udp, and so on
953 static int nfs23_parse_monolithic(struct fs_context *fc,
954 struct nfs_mount_data *data)
956 struct nfs_fs_context *ctx = nfs_fc2context(fc);
957 struct nfs_fh *mntfh = ctx->mntfh;
958 struct sockaddr *sap = (struct sockaddr *)&ctx->nfs_server.address;
959 int extra_flags = NFS_MOUNT_LEGACY_INTERFACE;
965 ctx->version = NFS_DEFAULT_VERSION;
966 switch (data->version) {
974 if (data->flags & NFS_MOUNT_VER3)
976 data->root.size = NFS2_FHSIZE;
977 memcpy(data->root.data, data->old_root.data, NFS2_FHSIZE);
978 /* Turn off security negotiation */
979 extra_flags |= NFS_MOUNT_SECFLAVOUR;
982 if (data->flags & NFS_MOUNT_SECFLAVOUR)
986 memset(data->context, 0, sizeof(data->context));
989 if (data->flags & NFS_MOUNT_VER3) {
990 if (data->root.size > NFS3_FHSIZE || data->root.size == 0)
992 mntfh->size = data->root.size;
995 mntfh->size = NFS2_FHSIZE;
1000 memcpy(mntfh->data, data->root.data, mntfh->size);
1001 if (mntfh->size < sizeof(mntfh->data))
1002 memset(mntfh->data + mntfh->size, 0,
1003 sizeof(mntfh->data) - mntfh->size);
1006 * for proto == XPRT_TRANSPORT_UDP, which is what uses
1007 * to_exponential, implying shift: limit the shift value
1008 * to BITS_PER_LONG (majortimeo is unsigned long)
1010 if (!(data->flags & NFS_MOUNT_TCP)) /* this will be UDP */
1011 if (data->retrans >= 64) /* shift value is too large */
1012 goto out_invalid_data;
1015 * Translate to nfs_fs_context, which nfs_fill_super
1018 ctx->flags = data->flags & NFS_MOUNT_FLAGMASK;
1019 ctx->flags |= extra_flags;
1020 ctx->rsize = data->rsize;
1021 ctx->wsize = data->wsize;
1022 ctx->timeo = data->timeo;
1023 ctx->retrans = data->retrans;
1024 ctx->acregmin = data->acregmin;
1025 ctx->acregmax = data->acregmax;
1026 ctx->acdirmin = data->acdirmin;
1027 ctx->acdirmax = data->acdirmax;
1028 ctx->need_mount = false;
1030 memcpy(sap, &data->addr, sizeof(data->addr));
1031 ctx->nfs_server.addrlen = sizeof(data->addr);
1032 ctx->nfs_server.port = ntohs(data->addr.sin_port);
1033 if (sap->sa_family != AF_INET ||
1034 !nfs_verify_server_address(sap))
1035 goto out_no_address;
1037 if (!(data->flags & NFS_MOUNT_TCP))
1038 ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
1039 /* N.B. caller will free nfs_server.hostname in all cases */
1040 ctx->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL);
1041 if (!ctx->nfs_server.hostname)
1044 ctx->namlen = data->namlen;
1045 ctx->bsize = data->bsize;
1047 if (data->flags & NFS_MOUNT_SECFLAVOUR)
1048 ctx->selected_flavor = data->pseudoflavor;
1050 ctx->selected_flavor = RPC_AUTH_UNIX;
1052 if (!(data->flags & NFS_MOUNT_NONLM))
1053 ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK|
1054 NFS_MOUNT_LOCAL_FCNTL);
1056 ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK|
1057 NFS_MOUNT_LOCAL_FCNTL);
1060 * The legacy version 6 binary mount data from userspace has a
1061 * field used only to transport selinux information into the
1062 * kernel. To continue to support that functionality we
1063 * have a touch of selinux knowledge here in the NFS code. The
1064 * userspace code converted context=blah to just blah so we are
1065 * converting back to the full string selinux understands.
1067 if (data->context[0]){
1068 #ifdef CONFIG_SECURITY_SELINUX
1071 data->context[NFS_MAX_CONTEXT_LEN] = '\0';
1072 ret = vfs_parse_fs_string(fc, "context",
1073 data->context, strlen(data->context));
1086 ret = nfs_validate_transport_protocol(fc, ctx);
1090 ctx->skip_reconfig_option_check = true;
1094 return generic_parse_monolithic(fc, data);
1097 if (is_remount_fc(fc)) {
1098 ctx->skip_reconfig_option_check = true;
1101 return nfs_invalf(fc, "NFS: mount program didn't pass any mount data");
1104 return nfs_invalf(fc, "NFS: nfs_mount_data version does not support v3");
1107 return nfs_invalf(fc, "NFS: nfs_mount_data version supports only AUTH_SYS");
1110 dfprintk(MOUNT, "NFS: not enough memory to handle mount options");
1114 return nfs_invalf(fc, "NFS: mount program didn't pass remote address");
1117 return nfs_invalf(fc, "NFS: invalid root filehandle");
1120 return nfs_invalf(fc, "NFS: invalid binary mount data");
1123 #if IS_ENABLED(CONFIG_NFS_V4)
1124 struct compat_nfs_string {
1129 static inline void compat_nfs_string(struct nfs_string *dst,
1130 struct compat_nfs_string *src)
1132 dst->data = compat_ptr(src->data);
1133 dst->len = src->len;
1136 struct compat_nfs4_mount_data_v1 {
1137 compat_int_t version;
1142 compat_int_t retrans;
1143 compat_int_t acregmin;
1144 compat_int_t acregmax;
1145 compat_int_t acdirmin;
1146 compat_int_t acdirmax;
1147 struct compat_nfs_string client_addr;
1148 struct compat_nfs_string mnt_path;
1149 struct compat_nfs_string hostname;
1150 compat_uint_t host_addrlen;
1151 compat_uptr_t host_addr;
1153 compat_int_t auth_flavourlen;
1154 compat_uptr_t auth_flavours;
1157 static void nfs4_compat_mount_data_conv(struct nfs4_mount_data *data)
1159 struct compat_nfs4_mount_data_v1 *compat =
1160 (struct compat_nfs4_mount_data_v1 *)data;
1162 /* copy the fields backwards */
1163 data->auth_flavours = compat_ptr(compat->auth_flavours);
1164 data->auth_flavourlen = compat->auth_flavourlen;
1165 data->proto = compat->proto;
1166 data->host_addr = compat_ptr(compat->host_addr);
1167 data->host_addrlen = compat->host_addrlen;
1168 compat_nfs_string(&data->hostname, &compat->hostname);
1169 compat_nfs_string(&data->mnt_path, &compat->mnt_path);
1170 compat_nfs_string(&data->client_addr, &compat->client_addr);
1171 data->acdirmax = compat->acdirmax;
1172 data->acdirmin = compat->acdirmin;
1173 data->acregmax = compat->acregmax;
1174 data->acregmin = compat->acregmin;
1175 data->retrans = compat->retrans;
1176 data->timeo = compat->timeo;
1177 data->wsize = compat->wsize;
1178 data->rsize = compat->rsize;
1179 data->flags = compat->flags;
1180 data->version = compat->version;
1184 * Validate NFSv4 mount options
1186 static int nfs4_parse_monolithic(struct fs_context *fc,
1187 struct nfs4_mount_data *data)
1189 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1190 struct sockaddr *sap = (struct sockaddr *)&ctx->nfs_server.address;
1195 if (is_remount_fc(fc))
1197 return nfs_invalf(fc,
1198 "NFS4: mount program didn't pass any mount data");
1203 if (data->version != 1)
1204 return generic_parse_monolithic(fc, data);
1206 if (in_compat_syscall())
1207 nfs4_compat_mount_data_conv(data);
1209 if (data->host_addrlen > sizeof(ctx->nfs_server.address))
1210 goto out_no_address;
1211 if (data->host_addrlen == 0)
1212 goto out_no_address;
1213 ctx->nfs_server.addrlen = data->host_addrlen;
1214 if (copy_from_user(sap, data->host_addr, data->host_addrlen))
1216 if (!nfs_verify_server_address(sap))
1217 goto out_no_address;
1218 ctx->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port);
1220 if (data->auth_flavourlen) {
1221 rpc_authflavor_t pseudoflavor;
1223 if (data->auth_flavourlen > 1)
1224 goto out_inval_auth;
1225 if (copy_from_user(&pseudoflavor, data->auth_flavours,
1226 sizeof(pseudoflavor)))
1228 ctx->selected_flavor = pseudoflavor;
1230 ctx->selected_flavor = RPC_AUTH_UNIX;
1233 c = strndup_user(data->hostname.data, NFS4_MAXNAMLEN);
1236 ctx->nfs_server.hostname = c;
1238 c = strndup_user(data->mnt_path.data, NFS4_MAXPATHLEN);
1241 ctx->nfs_server.export_path = c;
1242 dfprintk(MOUNT, "NFS: MNTPATH: '%s'\n", c);
1244 c = strndup_user(data->client_addr.data, 16);
1247 ctx->client_address = c;
1250 * Translate to nfs_fs_context, which nfs_fill_super
1254 ctx->flags = data->flags & NFS4_MOUNT_FLAGMASK;
1255 ctx->rsize = data->rsize;
1256 ctx->wsize = data->wsize;
1257 ctx->timeo = data->timeo;
1258 ctx->retrans = data->retrans;
1259 ctx->acregmin = data->acregmin;
1260 ctx->acregmax = data->acregmax;
1261 ctx->acdirmin = data->acdirmin;
1262 ctx->acdirmax = data->acdirmax;
1263 ctx->nfs_server.protocol = data->proto;
1264 ret = nfs_validate_transport_protocol(fc, ctx);
1268 ctx->skip_reconfig_option_check = true;
1272 return nfs_invalf(fc, "NFS4: Invalid number of RPC auth flavours %d",
1273 data->auth_flavourlen);
1276 return nfs_invalf(fc, "NFS4: mount program didn't pass remote address");
1281 * Parse a monolithic block of data from sys_mount().
1283 static int nfs_fs_context_parse_monolithic(struct fs_context *fc,
1286 if (fc->fs_type == &nfs_fs_type)
1287 return nfs23_parse_monolithic(fc, data);
1289 #if IS_ENABLED(CONFIG_NFS_V4)
1290 if (fc->fs_type == &nfs4_fs_type)
1291 return nfs4_parse_monolithic(fc, data);
1294 return nfs_invalf(fc, "NFS: Unsupported monolithic data version");
1298 * Validate the preparsed information in the config.
1300 static int nfs_fs_context_validate(struct fs_context *fc)
1302 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1303 struct nfs_subversion *nfs_mod;
1304 struct sockaddr *sap = (struct sockaddr *)&ctx->nfs_server.address;
1305 int max_namelen = PAGE_SIZE;
1306 int max_pathlen = NFS_MAXPATHLEN;
1311 goto out_no_device_name;
1313 /* Check for sanity first. */
1314 if (ctx->minorversion && ctx->version != 4)
1315 goto out_minorversion_mismatch;
1317 if (ctx->options & NFS_OPTION_MIGRATION &&
1318 (ctx->version != 4 || ctx->minorversion != 0))
1319 goto out_migration_misuse;
1321 /* Verify that any proto=/mountproto= options match the address
1322 * families in the addr=/mountaddr= options.
1324 if (ctx->protofamily != AF_UNSPEC &&
1325 ctx->protofamily != ctx->nfs_server.address.sa_family)
1326 goto out_proto_mismatch;
1328 if (ctx->mountfamily != AF_UNSPEC) {
1329 if (ctx->mount_server.addrlen) {
1330 if (ctx->mountfamily != ctx->mount_server.address.sa_family)
1331 goto out_mountproto_mismatch;
1333 if (ctx->mountfamily != ctx->nfs_server.address.sa_family)
1334 goto out_mountproto_mismatch;
1338 if (!nfs_verify_server_address(sap))
1339 goto out_no_address;
1341 ret = nfs_validate_transport_protocol(fc, ctx);
1345 if (ctx->version == 4) {
1346 if (IS_ENABLED(CONFIG_NFS_V4)) {
1347 if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA)
1348 port = NFS_RDMA_PORT;
1351 max_namelen = NFS4_MAXNAMLEN;
1352 max_pathlen = NFS4_MAXPATHLEN;
1353 ctx->flags &= ~(NFS_MOUNT_NONLM | NFS_MOUNT_NOACL |
1354 NFS_MOUNT_VER3 | NFS_MOUNT_LOCAL_FLOCK |
1355 NFS_MOUNT_LOCAL_FCNTL);
1357 goto out_v4_not_compiled;
1360 nfs_set_mount_transport_protocol(ctx);
1361 if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA)
1362 port = NFS_RDMA_PORT;
1365 nfs_set_port(sap, &ctx->nfs_server.port, port);
1367 ret = nfs_parse_source(fc, max_namelen, max_pathlen);
1371 /* Load the NFS protocol module if we haven't done so yet */
1372 if (!ctx->nfs_mod) {
1373 nfs_mod = get_nfs_version(ctx->version);
1374 if (IS_ERR(nfs_mod)) {
1375 ret = PTR_ERR(nfs_mod);
1376 goto out_version_unavailable;
1378 ctx->nfs_mod = nfs_mod;
1381 /* Ensure the filesystem context has the correct fs_type */
1382 if (fc->fs_type != ctx->nfs_mod->nfs_fs) {
1383 module_put(fc->fs_type->owner);
1384 __module_get(ctx->nfs_mod->nfs_fs->owner);
1385 fc->fs_type = ctx->nfs_mod->nfs_fs;
1390 return nfs_invalf(fc, "NFS: Device name not specified");
1391 out_v4_not_compiled:
1392 nfs_errorf(fc, "NFS: NFSv4 is not compiled into kernel");
1393 return -EPROTONOSUPPORT;
1395 return nfs_invalf(fc, "NFS: mount program didn't pass remote address");
1396 out_mountproto_mismatch:
1397 return nfs_invalf(fc, "NFS: Mount server address does not match mountproto= option");
1399 return nfs_invalf(fc, "NFS: Server address does not match proto= option");
1400 out_minorversion_mismatch:
1401 return nfs_invalf(fc, "NFS: Mount option vers=%u does not support minorversion=%u",
1402 ctx->version, ctx->minorversion);
1403 out_migration_misuse:
1404 return nfs_invalf(fc, "NFS: 'Migration' not supported for this NFS version");
1405 out_version_unavailable:
1406 nfs_errorf(fc, "NFS: Version unavailable");
1411 * Create an NFS superblock by the appropriate method.
1413 static int nfs_get_tree(struct fs_context *fc)
1415 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1416 int err = nfs_fs_context_validate(fc);
1421 return ctx->nfs_mod->rpc_ops->try_get_tree(fc);
1423 return nfs_get_tree_common(fc);
1427 * Handle duplication of a configuration. The caller copied *src into *sc, but
1428 * it can't deal with resource pointers in the filesystem context, so we have
1429 * to do that. We need to clear pointers, copy data or get extra refs as
1432 static int nfs_fs_context_dup(struct fs_context *fc, struct fs_context *src_fc)
1434 struct nfs_fs_context *src = nfs_fc2context(src_fc), *ctx;
1436 ctx = kmemdup(src, sizeof(struct nfs_fs_context), GFP_KERNEL);
1440 ctx->mntfh = nfs_alloc_fhandle();
1445 nfs_copy_fh(ctx->mntfh, src->mntfh);
1447 __module_get(ctx->nfs_mod->owner);
1448 ctx->client_address = NULL;
1449 ctx->mount_server.hostname = NULL;
1450 ctx->nfs_server.export_path = NULL;
1451 ctx->nfs_server.hostname = NULL;
1452 ctx->fscache_uniq = NULL;
1453 ctx->clone_data.fattr = NULL;
1454 fc->fs_private = ctx;
1458 static void nfs_fs_context_free(struct fs_context *fc)
1460 struct nfs_fs_context *ctx = nfs_fc2context(fc);
1464 nfs_free_server(ctx->server);
1466 put_nfs_version(ctx->nfs_mod);
1467 kfree(ctx->client_address);
1468 kfree(ctx->mount_server.hostname);
1469 kfree(ctx->nfs_server.export_path);
1470 kfree(ctx->nfs_server.hostname);
1471 kfree(ctx->fscache_uniq);
1472 nfs_free_fhandle(ctx->mntfh);
1473 nfs_free_fattr(ctx->clone_data.fattr);
1478 static const struct fs_context_operations nfs_fs_context_ops = {
1479 .free = nfs_fs_context_free,
1480 .dup = nfs_fs_context_dup,
1481 .parse_param = nfs_fs_context_parse_param,
1482 .parse_monolithic = nfs_fs_context_parse_monolithic,
1483 .get_tree = nfs_get_tree,
1484 .reconfigure = nfs_reconfigure,
1488 * Prepare superblock configuration. We use the namespaces attached to the
1489 * context. This may be the current process's namespaces, or it may be a
1490 * container's namespaces.
1492 static int nfs_init_fs_context(struct fs_context *fc)
1494 struct nfs_fs_context *ctx;
1496 ctx = kzalloc(sizeof(struct nfs_fs_context), GFP_KERNEL);
1500 ctx->mntfh = nfs_alloc_fhandle();
1501 if (unlikely(!ctx->mntfh)) {
1506 ctx->protofamily = AF_UNSPEC;
1507 ctx->mountfamily = AF_UNSPEC;
1508 ctx->mount_server.port = NFS_UNSPEC_PORT;
1511 /* reconfigure, start with the current config */
1512 struct nfs_server *nfss = fc->root->d_sb->s_fs_info;
1513 struct net *net = nfss->nfs_client->cl_net;
1515 ctx->flags = nfss->flags;
1516 ctx->rsize = nfss->rsize;
1517 ctx->wsize = nfss->wsize;
1518 ctx->retrans = nfss->client->cl_timeout->to_retries;
1519 ctx->selected_flavor = nfss->client->cl_auth->au_flavor;
1520 ctx->acregmin = nfss->acregmin / HZ;
1521 ctx->acregmax = nfss->acregmax / HZ;
1522 ctx->acdirmin = nfss->acdirmin / HZ;
1523 ctx->acdirmax = nfss->acdirmax / HZ;
1524 ctx->timeo = 10U * nfss->client->cl_timeout->to_initval / HZ;
1525 ctx->nfs_server.port = nfss->port;
1526 ctx->nfs_server.addrlen = nfss->nfs_client->cl_addrlen;
1527 ctx->version = nfss->nfs_client->rpc_ops->version;
1528 ctx->minorversion = nfss->nfs_client->cl_minorversion;
1530 memcpy(&ctx->nfs_server.address, &nfss->nfs_client->cl_addr,
1531 ctx->nfs_server.addrlen);
1533 if (fc->net_ns != net) {
1534 put_net(fc->net_ns);
1535 fc->net_ns = get_net(net);
1538 ctx->nfs_mod = nfss->nfs_client->cl_nfs_mod;
1539 __module_get(ctx->nfs_mod->owner);
1542 ctx->timeo = NFS_UNSPEC_TIMEO;
1543 ctx->retrans = NFS_UNSPEC_RETRANS;
1544 ctx->acregmin = NFS_DEF_ACREGMIN;
1545 ctx->acregmax = NFS_DEF_ACREGMAX;
1546 ctx->acdirmin = NFS_DEF_ACDIRMIN;
1547 ctx->acdirmax = NFS_DEF_ACDIRMAX;
1548 ctx->nfs_server.port = NFS_UNSPEC_PORT;
1549 ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
1550 ctx->selected_flavor = RPC_AUTH_MAXFLAVOR;
1551 ctx->minorversion = 0;
1552 ctx->need_mount = true;
1554 fc->s_iflags |= SB_I_STABLE_WRITES;
1556 fc->fs_private = ctx;
1557 fc->ops = &nfs_fs_context_ops;
1561 struct file_system_type nfs_fs_type = {
1562 .owner = THIS_MODULE,
1564 .init_fs_context = nfs_init_fs_context,
1565 .parameters = nfs_fs_parameters,
1566 .kill_sb = nfs_kill_super,
1567 .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA,
1569 MODULE_ALIAS_FS("nfs");
1570 EXPORT_SYMBOL_GPL(nfs_fs_type);
1572 #if IS_ENABLED(CONFIG_NFS_V4)
1573 struct file_system_type nfs4_fs_type = {
1574 .owner = THIS_MODULE,
1576 .init_fs_context = nfs_init_fs_context,
1577 .parameters = nfs_fs_parameters,
1578 .kill_sb = nfs_kill_super,
1579 .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA,
1581 MODULE_ALIAS_FS("nfs4");
1582 MODULE_ALIAS("nfs4");
1583 EXPORT_SYMBOL_GPL(nfs4_fs_type);
1584 #endif /* CONFIG_NFS_V4 */