1 // SPDX-License-Identifier: GPL-2.0
3 * Witness Service client for CIFS
5 * Copyright (c) 2020 Samuel Cabrero <scabrero@suse.de>
8 #include <linux/kref.h>
9 #include <net/genetlink.h>
10 #include <uapi/linux/cifs/cifs_netlink.h>
14 #include "cifsproto.h"
16 #include "cifs_debug.h"
19 static DEFINE_IDR(cifs_swnreg_idr);
20 static DEFINE_MUTEX(cifs_swnreg_idr_mutex);
24 struct kref ref_count;
27 const char *share_name;
29 bool share_name_notify;
32 struct cifs_tcon *tcon;
35 static int cifs_swn_auth_info_krb(struct cifs_tcon *tcon, struct sk_buff *skb)
39 ret = nla_put_flag(skb, CIFS_GENL_ATTR_SWN_KRB_AUTH);
46 static int cifs_swn_auth_info_ntlm(struct cifs_tcon *tcon, struct sk_buff *skb)
50 if (tcon->ses->user_name != NULL) {
51 ret = nla_put_string(skb, CIFS_GENL_ATTR_SWN_USER_NAME, tcon->ses->user_name);
56 if (tcon->ses->password != NULL) {
57 ret = nla_put_string(skb, CIFS_GENL_ATTR_SWN_PASSWORD, tcon->ses->password);
62 if (tcon->ses->domainName != NULL) {
63 ret = nla_put_string(skb, CIFS_GENL_ATTR_SWN_DOMAIN_NAME, tcon->ses->domainName);
72 * Sends a register message to the userspace daemon based on the registration.
73 * The authentication information to connect to the witness service is bundled
76 static int cifs_swn_send_register_message(struct cifs_swn_reg *swnreg)
79 struct genlmsghdr *hdr;
80 enum securityEnum authtype;
81 struct sockaddr_storage *addr;
84 skb = genlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
90 hdr = genlmsg_put(skb, 0, 0, &cifs_genl_family, 0, CIFS_GENL_CMD_SWN_REGISTER);
96 ret = nla_put_u32(skb, CIFS_GENL_ATTR_SWN_REGISTRATION_ID, swnreg->id);
100 ret = nla_put_string(skb, CIFS_GENL_ATTR_SWN_NET_NAME, swnreg->net_name);
104 ret = nla_put_string(skb, CIFS_GENL_ATTR_SWN_SHARE_NAME, swnreg->share_name);
109 * If there is an address stored use it instead of the server address, because we are
110 * in the process of reconnecting to it after a share has been moved or we have been
111 * told to switch to it (client move message). In these cases we unregister from the
112 * server address and register to the new address when we receive the notification.
114 if (swnreg->tcon->ses->server->use_swn_dstaddr)
115 addr = &swnreg->tcon->ses->server->swn_dstaddr;
117 addr = &swnreg->tcon->ses->server->dstaddr;
119 ret = nla_put(skb, CIFS_GENL_ATTR_SWN_IP, sizeof(struct sockaddr_storage), addr);
123 if (swnreg->net_name_notify) {
124 ret = nla_put_flag(skb, CIFS_GENL_ATTR_SWN_NET_NAME_NOTIFY);
129 if (swnreg->share_name_notify) {
130 ret = nla_put_flag(skb, CIFS_GENL_ATTR_SWN_SHARE_NAME_NOTIFY);
135 if (swnreg->ip_notify) {
136 ret = nla_put_flag(skb, CIFS_GENL_ATTR_SWN_IP_NOTIFY);
141 authtype = cifs_select_sectype(swnreg->tcon->ses->server, swnreg->tcon->ses->sectype);
144 ret = cifs_swn_auth_info_krb(swnreg->tcon, skb);
146 cifs_dbg(VFS, "%s: Failed to get kerberos auth info: %d\n", __func__, ret);
152 ret = cifs_swn_auth_info_ntlm(swnreg->tcon, skb);
154 cifs_dbg(VFS, "%s: Failed to get NTLM auth info: %d\n", __func__, ret);
159 cifs_dbg(VFS, "%s: secType %d not supported!\n", __func__, authtype);
164 genlmsg_end(skb, hdr);
165 genlmsg_multicast(&cifs_genl_family, skb, 0, CIFS_GENL_MCGRP_SWN, GFP_ATOMIC);
167 cifs_dbg(FYI, "%s: Message to register for network name %s with id %d sent\n", __func__,
168 swnreg->net_name, swnreg->id);
173 genlmsg_cancel(skb, hdr);
180 * Sends an uregister message to the userspace daemon based on the registration
182 static int cifs_swn_send_unregister_message(struct cifs_swn_reg *swnreg)
185 struct genlmsghdr *hdr;
188 skb = genlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
192 hdr = genlmsg_put(skb, 0, 0, &cifs_genl_family, 0, CIFS_GENL_CMD_SWN_UNREGISTER);
198 ret = nla_put_u32(skb, CIFS_GENL_ATTR_SWN_REGISTRATION_ID, swnreg->id);
202 ret = nla_put_string(skb, CIFS_GENL_ATTR_SWN_NET_NAME, swnreg->net_name);
206 ret = nla_put_string(skb, CIFS_GENL_ATTR_SWN_SHARE_NAME, swnreg->share_name);
210 ret = nla_put(skb, CIFS_GENL_ATTR_SWN_IP, sizeof(struct sockaddr_storage),
211 &swnreg->tcon->ses->server->dstaddr);
215 if (swnreg->net_name_notify) {
216 ret = nla_put_flag(skb, CIFS_GENL_ATTR_SWN_NET_NAME_NOTIFY);
221 if (swnreg->share_name_notify) {
222 ret = nla_put_flag(skb, CIFS_GENL_ATTR_SWN_SHARE_NAME_NOTIFY);
227 if (swnreg->ip_notify) {
228 ret = nla_put_flag(skb, CIFS_GENL_ATTR_SWN_IP_NOTIFY);
233 genlmsg_end(skb, hdr);
234 genlmsg_multicast(&cifs_genl_family, skb, 0, CIFS_GENL_MCGRP_SWN, GFP_ATOMIC);
236 cifs_dbg(FYI, "%s: Message to unregister for network name %s with id %d sent\n", __func__,
237 swnreg->net_name, swnreg->id);
242 genlmsg_cancel(skb, hdr);
248 * Try to find a matching registration for the tcon's server name and share name.
249 * Calls to this function must be protected by cifs_swnreg_idr_mutex.
250 * TODO Try to avoid memory allocations
252 static struct cifs_swn_reg *cifs_find_swn_reg(struct cifs_tcon *tcon)
254 struct cifs_swn_reg *swnreg;
256 const char *share_name;
257 const char *net_name;
259 net_name = extract_hostname(tcon->treeName);
260 if (IS_ERR(net_name)) {
263 ret = PTR_ERR(net_name);
264 cifs_dbg(VFS, "%s: failed to extract host name from target '%s': %d\n",
265 __func__, tcon->treeName, ret);
266 return ERR_PTR(-EINVAL);
269 share_name = extract_sharename(tcon->treeName);
270 if (IS_ERR(share_name)) {
273 ret = PTR_ERR(share_name);
274 cifs_dbg(VFS, "%s: failed to extract share name from target '%s': %d\n",
275 __func__, tcon->treeName, ret);
277 return ERR_PTR(-EINVAL);
280 idr_for_each_entry(&cifs_swnreg_idr, swnreg, id) {
281 if (strcasecmp(swnreg->net_name, net_name) != 0
282 || strcasecmp(swnreg->share_name, share_name) != 0) {
286 cifs_dbg(FYI, "Existing swn registration for %s:%s found\n", swnreg->net_name,
298 return ERR_PTR(-EEXIST);
302 * Get a registration for the tcon's server and share name, allocating a new one if it does not
305 static struct cifs_swn_reg *cifs_get_swn_reg(struct cifs_tcon *tcon)
307 struct cifs_swn_reg *reg = NULL;
310 mutex_lock(&cifs_swnreg_idr_mutex);
312 /* Check if we are already registered for this network and share names */
313 reg = cifs_find_swn_reg(tcon);
315 kref_get(®->ref_count);
316 mutex_unlock(&cifs_swnreg_idr_mutex);
318 } else if (PTR_ERR(reg) != -EEXIST) {
319 mutex_unlock(&cifs_swnreg_idr_mutex);
323 reg = kmalloc(sizeof(struct cifs_swn_reg), GFP_ATOMIC);
325 mutex_unlock(&cifs_swnreg_idr_mutex);
326 return ERR_PTR(-ENOMEM);
329 kref_init(®->ref_count);
331 reg->id = idr_alloc(&cifs_swnreg_idr, reg, 1, 0, GFP_ATOMIC);
333 cifs_dbg(FYI, "%s: failed to allocate registration id\n", __func__);
338 reg->net_name = extract_hostname(tcon->treeName);
339 if (IS_ERR(reg->net_name)) {
340 ret = PTR_ERR(reg->net_name);
341 cifs_dbg(VFS, "%s: failed to extract host name from target: %d\n", __func__, ret);
345 reg->share_name = extract_sharename(tcon->treeName);
346 if (IS_ERR(reg->share_name)) {
347 ret = PTR_ERR(reg->share_name);
348 cifs_dbg(VFS, "%s: failed to extract share name from target: %d\n", __func__, ret);
352 reg->net_name_notify = true;
353 reg->share_name_notify = true;
354 reg->ip_notify = (tcon->capabilities & SMB2_SHARE_CAP_SCALEOUT);
358 mutex_unlock(&cifs_swnreg_idr_mutex);
363 kfree(reg->net_name);
365 idr_remove(&cifs_swnreg_idr, reg->id);
368 mutex_unlock(&cifs_swnreg_idr_mutex);
372 static void cifs_swn_reg_release(struct kref *ref)
374 struct cifs_swn_reg *swnreg = container_of(ref, struct cifs_swn_reg, ref_count);
377 ret = cifs_swn_send_unregister_message(swnreg);
379 cifs_dbg(VFS, "%s: Failed to send unregister message: %d\n", __func__, ret);
381 idr_remove(&cifs_swnreg_idr, swnreg->id);
382 kfree(swnreg->net_name);
383 kfree(swnreg->share_name);
387 static void cifs_put_swn_reg(struct cifs_swn_reg *swnreg)
389 mutex_lock(&cifs_swnreg_idr_mutex);
390 kref_put(&swnreg->ref_count, cifs_swn_reg_release);
391 mutex_unlock(&cifs_swnreg_idr_mutex);
394 static int cifs_swn_resource_state_changed(struct cifs_swn_reg *swnreg, const char *name, int state)
399 case CIFS_SWN_RESOURCE_STATE_UNAVAILABLE:
400 cifs_dbg(FYI, "%s: resource name '%s' become unavailable\n", __func__, name);
401 for (i = 0; i < swnreg->tcon->ses->chan_count; i++) {
402 spin_lock(&GlobalMid_Lock);
403 if (swnreg->tcon->ses->chans[i].server->tcpStatus != CifsExiting)
404 swnreg->tcon->ses->chans[i].server->tcpStatus = CifsNeedReconnect;
405 spin_unlock(&GlobalMid_Lock);
408 case CIFS_SWN_RESOURCE_STATE_AVAILABLE:
409 cifs_dbg(FYI, "%s: resource name '%s' become available\n", __func__, name);
410 for (i = 0; i < swnreg->tcon->ses->chan_count; i++) {
411 spin_lock(&GlobalMid_Lock);
412 if (swnreg->tcon->ses->chans[i].server->tcpStatus != CifsExiting)
413 swnreg->tcon->ses->chans[i].server->tcpStatus = CifsNeedReconnect;
414 spin_unlock(&GlobalMid_Lock);
417 case CIFS_SWN_RESOURCE_STATE_UNKNOWN:
418 cifs_dbg(FYI, "%s: resource name '%s' changed to unknown state\n", __func__, name);
424 static bool cifs_sockaddr_equal(struct sockaddr_storage *addr1, struct sockaddr_storage *addr2)
426 if (addr1->ss_family != addr2->ss_family)
429 if (addr1->ss_family == AF_INET) {
430 return (memcmp(&((const struct sockaddr_in *)addr1)->sin_addr,
431 &((const struct sockaddr_in *)addr2)->sin_addr,
432 sizeof(struct in_addr)) == 0);
435 if (addr1->ss_family == AF_INET6) {
436 return (memcmp(&((const struct sockaddr_in6 *)addr1)->sin6_addr,
437 &((const struct sockaddr_in6 *)addr2)->sin6_addr,
438 sizeof(struct in6_addr)) == 0);
444 static int cifs_swn_store_swn_addr(const struct sockaddr_storage *new,
445 const struct sockaddr_storage *old,
446 struct sockaddr_storage *dst)
448 __be16 port = cpu_to_be16(CIFS_PORT);
450 if (old->ss_family == AF_INET) {
451 struct sockaddr_in *ipv4 = (struct sockaddr_in *)old;
453 port = ipv4->sin_port;
454 } else if (old->ss_family == AF_INET6) {
455 struct sockaddr_in6 *ipv6 = (struct sockaddr_in6 *)old;
457 port = ipv6->sin6_port;
460 if (new->ss_family == AF_INET) {
461 struct sockaddr_in *ipv4 = (struct sockaddr_in *)new;
463 ipv4->sin_port = port;
464 } else if (new->ss_family == AF_INET6) {
465 struct sockaddr_in6 *ipv6 = (struct sockaddr_in6 *)new;
467 ipv6->sin6_port = port;
475 static int cifs_swn_reconnect(struct cifs_tcon *tcon, struct sockaddr_storage *addr)
479 /* Store the reconnect address */
480 mutex_lock(&tcon->ses->server->srv_mutex);
481 if (cifs_sockaddr_equal(&tcon->ses->server->dstaddr, addr))
484 ret = cifs_swn_store_swn_addr(addr, &tcon->ses->server->dstaddr,
485 &tcon->ses->server->swn_dstaddr);
487 cifs_dbg(VFS, "%s: failed to store address: %d\n", __func__, ret);
490 tcon->ses->server->use_swn_dstaddr = true;
493 * Unregister to stop receiving notifications for the old IP address.
495 ret = cifs_swn_unregister(tcon);
497 cifs_dbg(VFS, "%s: Failed to unregister for witness notifications: %d\n",
503 * And register to receive notifications for the new IP address now that we have
504 * stored the new address.
506 ret = cifs_swn_register(tcon);
508 cifs_dbg(VFS, "%s: Failed to register for witness notifications: %d\n",
513 spin_lock(&GlobalMid_Lock);
514 if (tcon->ses->server->tcpStatus != CifsExiting)
515 tcon->ses->server->tcpStatus = CifsNeedReconnect;
516 spin_unlock(&GlobalMid_Lock);
519 mutex_unlock(&tcon->ses->server->srv_mutex);
524 static int cifs_swn_client_move(struct cifs_swn_reg *swnreg, struct sockaddr_storage *addr)
526 struct sockaddr_in *ipv4 = (struct sockaddr_in *)addr;
527 struct sockaddr_in6 *ipv6 = (struct sockaddr_in6 *)addr;
529 if (addr->ss_family == AF_INET)
530 cifs_dbg(FYI, "%s: move to %pI4\n", __func__, &ipv4->sin_addr);
531 else if (addr->ss_family == AF_INET6)
532 cifs_dbg(FYI, "%s: move to %pI6\n", __func__, &ipv6->sin6_addr);
534 return cifs_swn_reconnect(swnreg->tcon, addr);
537 int cifs_swn_notify(struct sk_buff *skb, struct genl_info *info)
539 struct cifs_swn_reg *swnreg;
543 if (info->attrs[CIFS_GENL_ATTR_SWN_REGISTRATION_ID]) {
546 swnreg_id = nla_get_u32(info->attrs[CIFS_GENL_ATTR_SWN_REGISTRATION_ID]);
547 mutex_lock(&cifs_swnreg_idr_mutex);
548 swnreg = idr_find(&cifs_swnreg_idr, swnreg_id);
549 mutex_unlock(&cifs_swnreg_idr_mutex);
550 if (swnreg == NULL) {
551 cifs_dbg(FYI, "%s: registration id %d not found\n", __func__, swnreg_id);
555 cifs_dbg(FYI, "%s: missing registration id attribute\n", __func__);
559 if (info->attrs[CIFS_GENL_ATTR_SWN_NOTIFICATION_TYPE]) {
560 type = nla_get_u32(info->attrs[CIFS_GENL_ATTR_SWN_NOTIFICATION_TYPE]);
562 cifs_dbg(FYI, "%s: missing notification type attribute\n", __func__);
567 case CIFS_SWN_NOTIFICATION_RESOURCE_CHANGE: {
570 if (info->attrs[CIFS_GENL_ATTR_SWN_RESOURCE_NAME]) {
571 nla_strscpy(name, info->attrs[CIFS_GENL_ATTR_SWN_RESOURCE_NAME],
574 cifs_dbg(FYI, "%s: missing resource name attribute\n", __func__);
577 if (info->attrs[CIFS_GENL_ATTR_SWN_RESOURCE_STATE]) {
578 state = nla_get_u32(info->attrs[CIFS_GENL_ATTR_SWN_RESOURCE_STATE]);
580 cifs_dbg(FYI, "%s: missing resource state attribute\n", __func__);
583 return cifs_swn_resource_state_changed(swnreg, name, state);
585 case CIFS_SWN_NOTIFICATION_CLIENT_MOVE: {
586 struct sockaddr_storage addr;
588 if (info->attrs[CIFS_GENL_ATTR_SWN_IP]) {
589 nla_memcpy(&addr, info->attrs[CIFS_GENL_ATTR_SWN_IP], sizeof(addr));
591 cifs_dbg(FYI, "%s: missing IP address attribute\n", __func__);
594 return cifs_swn_client_move(swnreg, &addr);
597 cifs_dbg(FYI, "%s: unknown notification type %d\n", __func__, type);
604 int cifs_swn_register(struct cifs_tcon *tcon)
606 struct cifs_swn_reg *swnreg;
609 swnreg = cifs_get_swn_reg(tcon);
611 return PTR_ERR(swnreg);
613 ret = cifs_swn_send_register_message(swnreg);
615 cifs_dbg(VFS, "%s: Failed to send swn register message: %d\n", __func__, ret);
616 /* Do not put the swnreg or return error, the echo task will retry */
622 int cifs_swn_unregister(struct cifs_tcon *tcon)
624 struct cifs_swn_reg *swnreg;
626 mutex_lock(&cifs_swnreg_idr_mutex);
628 swnreg = cifs_find_swn_reg(tcon);
629 if (IS_ERR(swnreg)) {
630 mutex_unlock(&cifs_swnreg_idr_mutex);
631 return PTR_ERR(swnreg);
634 mutex_unlock(&cifs_swnreg_idr_mutex);
636 cifs_put_swn_reg(swnreg);
641 void cifs_swn_dump(struct seq_file *m)
643 struct cifs_swn_reg *swnreg;
644 struct sockaddr_in *sa;
645 struct sockaddr_in6 *sa6;
648 seq_puts(m, "Witness registrations:");
650 mutex_lock(&cifs_swnreg_idr_mutex);
651 idr_for_each_entry(&cifs_swnreg_idr, swnreg, id) {
652 seq_printf(m, "\nId: %u Refs: %u Network name: '%s'%s Share name: '%s'%s Ip address: ",
653 id, kref_read(&swnreg->ref_count),
654 swnreg->net_name, swnreg->net_name_notify ? "(y)" : "(n)",
655 swnreg->share_name, swnreg->share_name_notify ? "(y)" : "(n)");
656 switch (swnreg->tcon->ses->server->dstaddr.ss_family) {
658 sa = (struct sockaddr_in *) &swnreg->tcon->ses->server->dstaddr;
659 seq_printf(m, "%pI4", &sa->sin_addr.s_addr);
662 sa6 = (struct sockaddr_in6 *) &swnreg->tcon->ses->server->dstaddr;
663 seq_printf(m, "%pI6", &sa6->sin6_addr.s6_addr);
664 if (sa6->sin6_scope_id)
665 seq_printf(m, "%%%u", sa6->sin6_scope_id);
668 seq_puts(m, "(unknown)");
670 seq_printf(m, "%s", swnreg->ip_notify ? "(y)" : "(n)");
672 mutex_unlock(&cifs_swnreg_idr_mutex);
676 void cifs_swn_check(void)
678 struct cifs_swn_reg *swnreg;
682 mutex_lock(&cifs_swnreg_idr_mutex);
683 idr_for_each_entry(&cifs_swnreg_idr, swnreg, id) {
684 ret = cifs_swn_send_register_message(swnreg);
686 cifs_dbg(FYI, "%s: Failed to send register message: %d\n", __func__, ret);
688 mutex_unlock(&cifs_swnreg_idr_mutex);