projects / linux-2.6-microblaze.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge tag 'arm-dt-6.0' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
[linux-2.6-microblaze.git] / fs / cifs / sess.c
1 // SPDX-License-Identifier: LGPL-2.1
2 /*
3  *
4  *   SMB/CIFS session setup handling routines
5  *
6  *   Copyright (c) International Business Machines  Corp., 2006, 2009
7  *   Author(s): Steve French (sfrench@us.ibm.com)
8  *
9  */
10
11 #include "cifspdu.h"
12 #include "cifsglob.h"
13 #include "cifsproto.h"
14 #include "cifs_unicode.h"
15 #include "cifs_debug.h"
16 #include "ntlmssp.h"
17 #include "nterr.h"
18 #include <linux/utsname.h>
19 #include <linux/slab.h>
20 #include <linux/version.h>
21 #include "cifsfs.h"
22 #include "cifs_spnego.h"
23 #include "smb2proto.h"
24 #include "fs_context.h"
25
26 static int
27 cifs_ses_add_channel(struct cifs_sb_info *cifs_sb, struct cifs_ses *ses,
28                      struct cifs_server_iface *iface);
29
30 bool
31 is_server_using_iface(struct TCP_Server_Info *server,
32                       struct cifs_server_iface *iface)
33 {
34         struct sockaddr_in *i4 = (struct sockaddr_in *)&iface->sockaddr;
35         struct sockaddr_in6 *i6 = (struct sockaddr_in6 *)&iface->sockaddr;
36         struct sockaddr_in *s4 = (struct sockaddr_in *)&server->dstaddr;
37         struct sockaddr_in6 *s6 = (struct sockaddr_in6 *)&server->dstaddr;
38
39         if (server->dstaddr.ss_family != iface->sockaddr.ss_family)
40                 return false;
41         if (server->dstaddr.ss_family == AF_INET) {
42                 if (s4->sin_addr.s_addr != i4->sin_addr.s_addr)
43                         return false;
44         } else if (server->dstaddr.ss_family == AF_INET6) {
45                 if (memcmp(&s6->sin6_addr, &i6->sin6_addr,
46                            sizeof(i6->sin6_addr)) != 0)
47                         return false;
48         } else {
49                 /* unknown family.. */
50                 return false;
51         }
52         return true;
53 }
54
55 bool is_ses_using_iface(struct cifs_ses *ses, struct cifs_server_iface *iface)
56 {
57         int i;
58
59         spin_lock(&ses->chan_lock);
60         for (i = 0; i < ses->chan_count; i++) {
61                 if (ses->chans[i].iface == iface) {
62                         spin_unlock(&ses->chan_lock);
63                         return true;
64                 }
65         }
66         spin_unlock(&ses->chan_lock);
67         return false;
68 }
69
70 /* channel helper functions. assumed that chan_lock is held by caller. */
71
72 unsigned int
73 cifs_ses_get_chan_index(struct cifs_ses *ses,
74                         struct TCP_Server_Info *server)
75 {
76         unsigned int i;
77
78         for (i = 0; i < ses->chan_count; i++) {
79                 if (ses->chans[i].server == server)
80                         return i;
81         }
82
83         /* If we didn't find the channel, it is likely a bug */
84         if (server)
85                 cifs_dbg(VFS, "unable to get chan index for server: 0x%llx",
86                          server->conn_id);
87         WARN_ON(1);
88         return 0;
89 }
90
91 void
92 cifs_chan_set_in_reconnect(struct cifs_ses *ses,
93                              struct TCP_Server_Info *server)
94 {
95         unsigned int chan_index = cifs_ses_get_chan_index(ses, server);
96
97         ses->chans[chan_index].in_reconnect = true;
98 }
99
100 void
101 cifs_chan_clear_in_reconnect(struct cifs_ses *ses,
102                              struct TCP_Server_Info *server)
103 {
104         unsigned int chan_index = cifs_ses_get_chan_index(ses, server);
105
106         ses->chans[chan_index].in_reconnect = false;
107 }
108
109 bool
110 cifs_chan_in_reconnect(struct cifs_ses *ses,
111                           struct TCP_Server_Info *server)
112 {
113         unsigned int chan_index = cifs_ses_get_chan_index(ses, server);
114
115         return CIFS_CHAN_IN_RECONNECT(ses, chan_index);
116 }
117
118 void
119 cifs_chan_set_need_reconnect(struct cifs_ses *ses,
120                              struct TCP_Server_Info *server)
121 {
122         unsigned int chan_index = cifs_ses_get_chan_index(ses, server);
123
124         set_bit(chan_index, &ses->chans_need_reconnect);
125         cifs_dbg(FYI, "Set reconnect bitmask for chan %u; now 0x%lx\n",
126                  chan_index, ses->chans_need_reconnect);
127 }
128
129 void
130 cifs_chan_clear_need_reconnect(struct cifs_ses *ses,
131                                struct TCP_Server_Info *server)
132 {
133         unsigned int chan_index = cifs_ses_get_chan_index(ses, server);
134
135         clear_bit(chan_index, &ses->chans_need_reconnect);
136         cifs_dbg(FYI, "Cleared reconnect bitmask for chan %u; now 0x%lx\n",
137                  chan_index, ses->chans_need_reconnect);
138 }
139
140 bool
141 cifs_chan_needs_reconnect(struct cifs_ses *ses,
142                           struct TCP_Server_Info *server)
143 {
144         unsigned int chan_index = cifs_ses_get_chan_index(ses, server);
145
146         return CIFS_CHAN_NEEDS_RECONNECT(ses, chan_index);
147 }
148
149 bool
150 cifs_chan_is_iface_active(struct cifs_ses *ses,
151                           struct TCP_Server_Info *server)
152 {
153         unsigned int chan_index = cifs_ses_get_chan_index(ses, server);
154
155         return ses->chans[chan_index].iface &&
156                 ses->chans[chan_index].iface->is_active;
157 }
158
159 /* returns number of channels added */
160 int cifs_try_adding_channels(struct cifs_sb_info *cifs_sb, struct cifs_ses *ses)
161 {
162         int old_chan_count, new_chan_count;
163         int left;
164         int rc = 0;
165         int tries = 0;
166         struct cifs_server_iface *iface = NULL, *niface = NULL;
167
168         spin_lock(&ses->chan_lock);
169
170         new_chan_count = old_chan_count = ses->chan_count;
171         left = ses->chan_max - ses->chan_count;
172
173         if (left <= 0) {
174                 spin_unlock(&ses->chan_lock);
175                 cifs_dbg(FYI,
176                          "ses already at max_channels (%zu), nothing to open\n",
177                          ses->chan_max);
178                 return 0;
179         }
180
181         if (ses->server->dialect < SMB30_PROT_ID) {
182                 spin_unlock(&ses->chan_lock);
183                 cifs_dbg(VFS, "multichannel is not supported on this protocol version, use 3.0 or above\n");
184                 return 0;
185         }
186
187         if (!(ses->server->capabilities & SMB2_GLOBAL_CAP_MULTI_CHANNEL)) {
188                 ses->chan_max = 1;
189                 spin_unlock(&ses->chan_lock);
190                 cifs_dbg(VFS, "server %s does not support multichannel\n", ses->server->hostname);
191                 return 0;
192         }
193         spin_unlock(&ses->chan_lock);
194
195         /*
196          * Keep connecting to same, fastest, iface for all channels as
197          * long as its RSS. Try next fastest one if not RSS or channel
198          * creation fails.
199          */
200         spin_lock(&ses->iface_lock);
201         iface = list_first_entry(&ses->iface_list, struct cifs_server_iface,
202                                  iface_head);
203         spin_unlock(&ses->iface_lock);
204
205         while (left > 0) {
206
207                 tries++;
208                 if (tries > 3*ses->chan_max) {
209                         cifs_dbg(FYI, "too many channel open attempts (%d channels left to open)\n",
210                                  left);
211                         break;
212                 }
213
214                 spin_lock(&ses->iface_lock);
215                 if (!ses->iface_count) {
216                         spin_unlock(&ses->iface_lock);
217                         break;
218                 }
219
220                 list_for_each_entry_safe_from(iface, niface, &ses->iface_list,
221                                     iface_head) {
222                         /* skip ifaces that are unusable */
223                         if (!iface->is_active ||
224                             (is_ses_using_iface(ses, iface) &&
225                              !iface->rss_capable)) {
226                                 continue;
227                         }
228
229                         /* take ref before unlock */
230                         kref_get(&iface->refcount);
231
232                         spin_unlock(&ses->iface_lock);
233                         rc = cifs_ses_add_channel(cifs_sb, ses, iface);
234                         spin_lock(&ses->iface_lock);
235
236                         if (rc) {
237                                 cifs_dbg(VFS, "failed to open extra channel on iface:%pIS rc=%d\n",
238                                          &iface->sockaddr,
239                                          rc);
240                                 kref_put(&iface->refcount, release_iface);
241                                 continue;
242                         }
243
244                         cifs_dbg(FYI, "successfully opened new channel on iface:%pIS\n",
245                                  &iface->sockaddr);
246                         break;
247                 }
248                 spin_unlock(&ses->iface_lock);
249
250                 left--;
251                 new_chan_count++;
252         }
253
254         return new_chan_count - old_chan_count;
255 }
256
257 /*
258  * update the iface for the channel if necessary.
259  * will return 0 when iface is updated, 1 if removed, 2 otherwise
260  * Must be called with chan_lock held.
261  */
262 int
263 cifs_chan_update_iface(struct cifs_ses *ses, struct TCP_Server_Info *server)
264 {
265         unsigned int chan_index;
266         struct cifs_server_iface *iface = NULL;
267         struct cifs_server_iface *old_iface = NULL;
268         int rc = 0;
269
270         spin_lock(&ses->chan_lock);
271         chan_index = cifs_ses_get_chan_index(ses, server);
272         if (!chan_index) {
273                 spin_unlock(&ses->chan_lock);
274                 return 0;
275         }
276
277         if (ses->chans[chan_index].iface) {
278                 old_iface = ses->chans[chan_index].iface;
279                 if (old_iface->is_active) {
280                         spin_unlock(&ses->chan_lock);
281                         return 1;
282                 }
283         }
284         spin_unlock(&ses->chan_lock);
285
286         spin_lock(&ses->iface_lock);
287         /* then look for a new one */
288         list_for_each_entry(iface, &ses->iface_list, iface_head) {
289                 if (!iface->is_active ||
290                     (is_ses_using_iface(ses, iface) &&
291                      !iface->rss_capable)) {
292                         continue;
293                 }
294                 kref_get(&iface->refcount);
295         }
296
297         if (!list_entry_is_head(iface, &ses->iface_list, iface_head)) {
298                 rc = 1;
299                 iface = NULL;
300                 cifs_dbg(FYI, "unable to find a suitable iface\n");
301         }
302
303         /* now drop the ref to the current iface */
304         if (old_iface && iface) {
305                 kref_put(&old_iface->refcount, release_iface);
306                 cifs_dbg(FYI, "replacing iface: %pIS with %pIS\n",
307                          &old_iface->sockaddr,
308                          &iface->sockaddr);
309         } else if (old_iface) {
310                 kref_put(&old_iface->refcount, release_iface);
311                 cifs_dbg(FYI, "releasing ref to iface: %pIS\n",
312                          &old_iface->sockaddr);
313         } else {
314                 WARN_ON(!iface);
315                 cifs_dbg(FYI, "adding new iface: %pIS\n", &iface->sockaddr);
316         }
317         spin_unlock(&ses->iface_lock);
318
319         spin_lock(&ses->chan_lock);
320         chan_index = cifs_ses_get_chan_index(ses, server);
321         ses->chans[chan_index].iface = iface;
322
323         /* No iface is found. if secondary chan, drop connection */
324         if (!iface && CIFS_SERVER_IS_CHAN(server))
325                 ses->chans[chan_index].server = NULL;
326
327         spin_unlock(&ses->chan_lock);
328
329         if (!iface && CIFS_SERVER_IS_CHAN(server))
330                 cifs_put_tcp_session(server, false);
331
332         return rc;
333 }
334
335 /*
336  * If server is a channel of ses, return the corresponding enclosing
337  * cifs_chan otherwise return NULL.
338  */
339 struct cifs_chan *
340 cifs_ses_find_chan(struct cifs_ses *ses, struct TCP_Server_Info *server)
341 {
342         int i;
343
344         spin_lock(&ses->chan_lock);
345         for (i = 0; i < ses->chan_count; i++) {
346                 if (ses->chans[i].server == server) {
347                         spin_unlock(&ses->chan_lock);
348                         return &ses->chans[i];
349                 }
350         }
351         spin_unlock(&ses->chan_lock);
352         return NULL;
353 }
354
355 static int
356 cifs_ses_add_channel(struct cifs_sb_info *cifs_sb, struct cifs_ses *ses,
357                      struct cifs_server_iface *iface)
358 {
359         struct TCP_Server_Info *chan_server;
360         struct cifs_chan *chan;
361         struct smb3_fs_context ctx = {NULL};
362         static const char unc_fmt[] = "\\%s\\foo";
363         char unc[sizeof(unc_fmt)+SERVER_NAME_LEN_WITH_NULL] = {0};
364         struct sockaddr_in *ipv4 = (struct sockaddr_in *)&iface->sockaddr;
365         struct sockaddr_in6 *ipv6 = (struct sockaddr_in6 *)&iface->sockaddr;
366         int rc;
367         unsigned int xid = get_xid();
368
369         if (iface->sockaddr.ss_family == AF_INET)
370                 cifs_dbg(FYI, "adding channel to ses %p (speed:%zu bps rdma:%s ip:%pI4)\n",
371                          ses, iface->speed, iface->rdma_capable ? "yes" : "no",
372                          &ipv4->sin_addr);
373         else
374                 cifs_dbg(FYI, "adding channel to ses %p (speed:%zu bps rdma:%s ip:%pI6)\n",
375                          ses, iface->speed, iface->rdma_capable ? "yes" : "no",
376                          &ipv6->sin6_addr);
377
378         /*
379          * Setup a ctx with mostly the same info as the existing
380          * session and overwrite it with the requested iface data.
381          *
382          * We need to setup at least the fields used for negprot and
383          * sesssetup.
384          *
385          * We only need the ctx here, so we can reuse memory from
386          * the session and server without caring about memory
387          * management.
388          */
389
390         /* Always make new connection for now (TODO?) */
391         ctx.nosharesock = true;
392
393         /* Auth */
394         ctx.domainauto = ses->domainAuto;
395         ctx.domainname = ses->domainName;
396
397         /* no hostname for extra channels */
398         ctx.server_hostname = "";
399
400         ctx.username = ses->user_name;
401         ctx.password = ses->password;
402         ctx.sectype = ses->sectype;
403         ctx.sign = ses->sign;
404
405         /* UNC and paths */
406         /* XXX: Use ses->server->hostname? */
407         sprintf(unc, unc_fmt, ses->ip_addr);
408         ctx.UNC = unc;
409         ctx.prepath = "";
410
411         /* Reuse same version as master connection */
412         ctx.vals = ses->server->vals;
413         ctx.ops = ses->server->ops;
414
415         ctx.noblocksnd = ses->server->noblocksnd;
416         ctx.noautotune = ses->server->noautotune;
417         ctx.sockopt_tcp_nodelay = ses->server->tcp_nodelay;
418         ctx.echo_interval = ses->server->echo_interval / HZ;
419         ctx.max_credits = ses->server->max_credits;
420
421         /*
422          * This will be used for encoding/decoding user/domain/pw
423          * during sess setup auth.
424          */
425         ctx.local_nls = cifs_sb->local_nls;
426
427         /* Use RDMA if possible */
428         ctx.rdma = iface->rdma_capable;
429         memcpy(&ctx.dstaddr, &iface->sockaddr, sizeof(struct sockaddr_storage));
430
431         /* reuse master con client guid */
432         memcpy(&ctx.client_guid, ses->server->client_guid,
433                SMB2_CLIENT_GUID_SIZE);
434         ctx.use_client_guid = true;
435
436         chan_server = cifs_get_tcp_session(&ctx, ses->server);
437
438         spin_lock(&ses->chan_lock);
439         chan = &ses->chans[ses->chan_count];
440         chan->server = chan_server;
441         if (IS_ERR(chan->server)) {
442                 rc = PTR_ERR(chan->server);
443                 chan->server = NULL;
444                 spin_unlock(&ses->chan_lock);
445                 goto out;
446         }
447         chan->iface = iface;
448         ses->chan_count++;
449         atomic_set(&ses->chan_seq, 0);
450
451         /* Mark this channel as needing connect/setup */
452         cifs_chan_set_need_reconnect(ses, chan->server);
453
454         spin_unlock(&ses->chan_lock);
455
456         mutex_lock(&ses->session_mutex);
457         /*
458          * We need to allocate the server crypto now as we will need
459          * to sign packets before we generate the channel signing key
460          * (we sign with the session key)
461          */
462         rc = smb311_crypto_shash_allocate(chan->server);
463         if (rc) {
464                 cifs_dbg(VFS, "%s: crypto alloc failed\n", __func__);
465                 mutex_unlock(&ses->session_mutex);
466                 goto out;
467         }
468
469         rc = cifs_negotiate_protocol(xid, ses, chan->server);
470         if (!rc)
471                 rc = cifs_setup_session(xid, ses, chan->server, cifs_sb->local_nls);
472
473         mutex_unlock(&ses->session_mutex);
474
475 out:
476         if (rc && chan->server) {
477                 /*
478                  * we should avoid race with these delayed works before we
479                  * remove this channel
480                  */
481                 cancel_delayed_work_sync(&chan->server->echo);
482                 cancel_delayed_work_sync(&chan->server->resolve);
483                 cancel_delayed_work_sync(&chan->server->reconnect);
484
485                 spin_lock(&ses->chan_lock);
486                 /* we rely on all bits beyond chan_count to be clear */
487                 cifs_chan_clear_need_reconnect(ses, chan->server);
488                 ses->chan_count--;
489                 /*
490                  * chan_count should never reach 0 as at least the primary
491                  * channel is always allocated
492                  */
493                 WARN_ON(ses->chan_count < 1);
494                 spin_unlock(&ses->chan_lock);
495
496                 cifs_put_tcp_session(chan->server, 0);
497         }
498
499         return rc;
500 }
501
502 static __u32 cifs_ssetup_hdr(struct cifs_ses *ses,
503                              struct TCP_Server_Info *server,
504                              SESSION_SETUP_ANDX *pSMB)
505 {
506         __u32 capabilities = 0;
507
508         /* init fields common to all four types of SessSetup */
509         /* Note that offsets for first seven fields in req struct are same  */
510         /*      in CIFS Specs so does not matter which of 3 forms of struct */
511         /*      that we use in next few lines                               */
512         /* Note that header is initialized to zero in header_assemble */
513         pSMB->req.AndXCommand = 0xFF;
514         pSMB->req.MaxBufferSize = cpu_to_le16(min_t(u32,
515                                         CIFSMaxBufSize + MAX_CIFS_HDR_SIZE - 4,
516                                         USHRT_MAX));
517         pSMB->req.MaxMpxCount = cpu_to_le16(server->maxReq);
518         pSMB->req.VcNumber = cpu_to_le16(1);
519
520         /* Now no need to set SMBFLG_CASELESS or obsolete CANONICAL PATH */
521
522         /* BB verify whether signing required on neg or just on auth frame
523            (and NTLM case) */
524
525         capabilities = CAP_LARGE_FILES | CAP_NT_SMBS | CAP_LEVEL_II_OPLOCKS |
526                         CAP_LARGE_WRITE_X | CAP_LARGE_READ_X;
527
528         if (server->sign)
529                 pSMB->req.hdr.Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
530
531         if (ses->capabilities & CAP_UNICODE) {
532                 pSMB->req.hdr.Flags2 |= SMBFLG2_UNICODE;
533                 capabilities |= CAP_UNICODE;
534         }
535         if (ses->capabilities & CAP_STATUS32) {
536                 pSMB->req.hdr.Flags2 |= SMBFLG2_ERR_STATUS;
537                 capabilities |= CAP_STATUS32;
538         }
539         if (ses->capabilities & CAP_DFS) {
540                 pSMB->req.hdr.Flags2 |= SMBFLG2_DFS;
541                 capabilities |= CAP_DFS;
542         }
543         if (ses->capabilities & CAP_UNIX)
544                 capabilities |= CAP_UNIX;
545
546         return capabilities;
547 }
548
549 static void
550 unicode_oslm_strings(char **pbcc_area, const struct nls_table *nls_cp)
551 {
552         char *bcc_ptr = *pbcc_area;
553         int bytes_ret = 0;
554
555         /* Copy OS version */
556         bytes_ret = cifs_strtoUTF16((__le16 *)bcc_ptr, "Linux version ", 32,
557                                     nls_cp);
558         bcc_ptr += 2 * bytes_ret;
559         bytes_ret = cifs_strtoUTF16((__le16 *) bcc_ptr, init_utsname()->release,
560                                     32, nls_cp);
561         bcc_ptr += 2 * bytes_ret;
562         bcc_ptr += 2; /* trailing null */
563
564         bytes_ret = cifs_strtoUTF16((__le16 *) bcc_ptr, CIFS_NETWORK_OPSYS,
565                                     32, nls_cp);
566         bcc_ptr += 2 * bytes_ret;
567         bcc_ptr += 2; /* trailing null */
568
569         *pbcc_area = bcc_ptr;
570 }
571
572 static void unicode_domain_string(char **pbcc_area, struct cifs_ses *ses,
573                                    const struct nls_table *nls_cp)
574 {
575         char *bcc_ptr = *pbcc_area;
576         int bytes_ret = 0;
577
578         /* copy domain */
579         if (ses->domainName == NULL) {
580                 /* Sending null domain better than using a bogus domain name (as
581                 we did briefly in 2.6.18) since server will use its default */
582                 *bcc_ptr = 0;
583                 *(bcc_ptr+1) = 0;
584                 bytes_ret = 0;
585         } else
586                 bytes_ret = cifs_strtoUTF16((__le16 *) bcc_ptr, ses->domainName,
587                                             CIFS_MAX_DOMAINNAME_LEN, nls_cp);
588         bcc_ptr += 2 * bytes_ret;
589         bcc_ptr += 2;  /* account for null terminator */
590
591         *pbcc_area = bcc_ptr;
592 }
593
594
595 static void unicode_ssetup_strings(char **pbcc_area, struct cifs_ses *ses,
596                                    const struct nls_table *nls_cp)
597 {
598         char *bcc_ptr = *pbcc_area;
599         int bytes_ret = 0;
600
601         /* BB FIXME add check that strings total less
602         than 335 or will need to send them as arrays */
603
604         /* unicode strings, must be word aligned before the call */
605 /*      if ((long) bcc_ptr % 2) {
606                 *bcc_ptr = 0;
607                 bcc_ptr++;
608         } */
609         /* copy user */
610         if (ses->user_name == NULL) {
611                 /* null user mount */
612                 *bcc_ptr = 0;
613                 *(bcc_ptr+1) = 0;
614         } else {
615                 bytes_ret = cifs_strtoUTF16((__le16 *) bcc_ptr, ses->user_name,
616                                             CIFS_MAX_USERNAME_LEN, nls_cp);
617         }
618         bcc_ptr += 2 * bytes_ret;
619         bcc_ptr += 2; /* account for null termination */
620
621         unicode_domain_string(&bcc_ptr, ses, nls_cp);
622         unicode_oslm_strings(&bcc_ptr, nls_cp);
623
624         *pbcc_area = bcc_ptr;
625 }
626
627 static void ascii_ssetup_strings(char **pbcc_area, struct cifs_ses *ses,
628                                  const struct nls_table *nls_cp)
629 {
630         char *bcc_ptr = *pbcc_area;
631         int len;
632
633         /* copy user */
634         /* BB what about null user mounts - check that we do this BB */
635         /* copy user */
636         if (ses->user_name != NULL) {
637                 len = strscpy(bcc_ptr, ses->user_name, CIFS_MAX_USERNAME_LEN);
638                 if (WARN_ON_ONCE(len < 0))
639                         len = CIFS_MAX_USERNAME_LEN - 1;
640                 bcc_ptr += len;
641         }
642         /* else null user mount */
643         *bcc_ptr = 0;
644         bcc_ptr++; /* account for null termination */
645
646         /* copy domain */
647         if (ses->domainName != NULL) {
648                 len = strscpy(bcc_ptr, ses->domainName, CIFS_MAX_DOMAINNAME_LEN);
649                 if (WARN_ON_ONCE(len < 0))
650                         len = CIFS_MAX_DOMAINNAME_LEN - 1;
651                 bcc_ptr += len;
652         } /* else we will send a null domain name
653              so the server will default to its own domain */
654         *bcc_ptr = 0;
655         bcc_ptr++;
656
657         /* BB check for overflow here */
658
659         strcpy(bcc_ptr, "Linux version ");
660         bcc_ptr += strlen("Linux version ");
661         strcpy(bcc_ptr, init_utsname()->release);
662         bcc_ptr += strlen(init_utsname()->release) + 1;
663
664         strcpy(bcc_ptr, CIFS_NETWORK_OPSYS);
665         bcc_ptr += strlen(CIFS_NETWORK_OPSYS) + 1;
666
667         *pbcc_area = bcc_ptr;
668 }
669
670 static void
671 decode_unicode_ssetup(char **pbcc_area, int bleft, struct cifs_ses *ses,
672                       const struct nls_table *nls_cp)
673 {
674         int len;
675         char *data = *pbcc_area;
676
677         cifs_dbg(FYI, "bleft %d\n", bleft);
678
679         kfree(ses->serverOS);
680         ses->serverOS = cifs_strndup_from_utf16(data, bleft, true, nls_cp);
681         cifs_dbg(FYI, "serverOS=%s\n", ses->serverOS);
682         len = (UniStrnlen((wchar_t *) data, bleft / 2) * 2) + 2;
683         data += len;
684         bleft -= len;
685         if (bleft <= 0)
686                 return;
687
688         kfree(ses->serverNOS);
689         ses->serverNOS = cifs_strndup_from_utf16(data, bleft, true, nls_cp);
690         cifs_dbg(FYI, "serverNOS=%s\n", ses->serverNOS);
691         len = (UniStrnlen((wchar_t *) data, bleft / 2) * 2) + 2;
692         data += len;
693         bleft -= len;
694         if (bleft <= 0)
695                 return;
696
697         kfree(ses->serverDomain);
698         ses->serverDomain = cifs_strndup_from_utf16(data, bleft, true, nls_cp);
699         cifs_dbg(FYI, "serverDomain=%s\n", ses->serverDomain);
700
701         return;
702 }
703
704 static void decode_ascii_ssetup(char **pbcc_area, __u16 bleft,
705                                 struct cifs_ses *ses,
706                                 const struct nls_table *nls_cp)
707 {
708         int len;
709         char *bcc_ptr = *pbcc_area;
710
711         cifs_dbg(FYI, "decode sessetup ascii. bleft %d\n", bleft);
712
713         len = strnlen(bcc_ptr, bleft);
714         if (len >= bleft)
715                 return;
716
717         kfree(ses->serverOS);
718
719         ses->serverOS = kmalloc(len + 1, GFP_KERNEL);
720         if (ses->serverOS) {
721                 memcpy(ses->serverOS, bcc_ptr, len);
722                 ses->serverOS[len] = 0;
723                 if (strncmp(ses->serverOS, "OS/2", 4) == 0)
724                         cifs_dbg(FYI, "OS/2 server\n");
725         }
726
727         bcc_ptr += len + 1;
728         bleft -= len + 1;
729
730         len = strnlen(bcc_ptr, bleft);
731         if (len >= bleft)
732                 return;
733
734         kfree(ses->serverNOS);
735
736         ses->serverNOS = kmalloc(len + 1, GFP_KERNEL);
737         if (ses->serverNOS) {
738                 memcpy(ses->serverNOS, bcc_ptr, len);
739                 ses->serverNOS[len] = 0;
740         }
741
742         bcc_ptr += len + 1;
743         bleft -= len + 1;
744
745         len = strnlen(bcc_ptr, bleft);
746         if (len > bleft)
747                 return;
748
749         /* No domain field in LANMAN case. Domain is
750            returned by old servers in the SMB negprot response */
751         /* BB For newer servers which do not support Unicode,
752            but thus do return domain here we could add parsing
753            for it later, but it is not very important */
754         cifs_dbg(FYI, "ascii: bytes left %d\n", bleft);
755 }
756
757 int decode_ntlmssp_challenge(char *bcc_ptr, int blob_len,
758                                     struct cifs_ses *ses)
759 {
760         unsigned int tioffset; /* challenge message target info area */
761         unsigned int tilen; /* challenge message target info area length  */
762         CHALLENGE_MESSAGE *pblob = (CHALLENGE_MESSAGE *)bcc_ptr;
763         __u32 server_flags;
764
765         if (blob_len < sizeof(CHALLENGE_MESSAGE)) {
766                 cifs_dbg(VFS, "challenge blob len %d too small\n", blob_len);
767                 return -EINVAL;
768         }
769
770         if (memcmp(pblob->Signature, "NTLMSSP", 8)) {
771                 cifs_dbg(VFS, "blob signature incorrect %s\n",
772                          pblob->Signature);
773                 return -EINVAL;
774         }
775         if (pblob->MessageType != NtLmChallenge) {
776                 cifs_dbg(VFS, "Incorrect message type %d\n",
777                          pblob->MessageType);
778                 return -EINVAL;
779         }
780
781         server_flags = le32_to_cpu(pblob->NegotiateFlags);
782         cifs_dbg(FYI, "%s: negotiate=0x%08x challenge=0x%08x\n", __func__,
783                  ses->ntlmssp->client_flags, server_flags);
784
785         if ((ses->ntlmssp->client_flags & (NTLMSSP_NEGOTIATE_SEAL | NTLMSSP_NEGOTIATE_SIGN)) &&
786             (!(server_flags & NTLMSSP_NEGOTIATE_56) && !(server_flags & NTLMSSP_NEGOTIATE_128))) {
787                 cifs_dbg(VFS, "%s: requested signing/encryption but server did not return either 56-bit or 128-bit session key size\n",
788                          __func__);
789                 return -EINVAL;
790         }
791         if (!(server_flags & NTLMSSP_NEGOTIATE_NTLM) && !(server_flags & NTLMSSP_NEGOTIATE_EXTENDED_SEC)) {
792                 cifs_dbg(VFS, "%s: server does not seem to support either NTLMv1 or NTLMv2\n", __func__);
793                 return -EINVAL;
794         }
795         if (ses->server->sign && !(server_flags & NTLMSSP_NEGOTIATE_SIGN)) {
796                 cifs_dbg(VFS, "%s: forced packet signing but server does not seem to support it\n",
797                          __func__);
798                 return -EOPNOTSUPP;
799         }
800         if ((ses->ntlmssp->client_flags & NTLMSSP_NEGOTIATE_KEY_XCH) &&
801             !(server_flags & NTLMSSP_NEGOTIATE_KEY_XCH))
802                 pr_warn_once("%s: authentication has been weakened as server does not support key exchange\n",
803                              __func__);
804
805         ses->ntlmssp->server_flags = server_flags;
806
807         memcpy(ses->ntlmssp->cryptkey, pblob->Challenge, CIFS_CRYPTO_KEY_SIZE);
808         /* In particular we can examine sign flags */
809         /* BB spec says that if AvId field of MsvAvTimestamp is populated then
810                 we must set the MIC field of the AUTHENTICATE_MESSAGE */
811
812         tioffset = le32_to_cpu(pblob->TargetInfoArray.BufferOffset);
813         tilen = le16_to_cpu(pblob->TargetInfoArray.Length);
814         if (tioffset > blob_len || tioffset + tilen > blob_len) {
815                 cifs_dbg(VFS, "tioffset + tilen too high %u + %u\n",
816                          tioffset, tilen);
817                 return -EINVAL;
818         }
819         if (tilen) {
820                 ses->auth_key.response = kmemdup(bcc_ptr + tioffset, tilen,
821                                                  GFP_KERNEL);
822                 if (!ses->auth_key.response) {
823                         cifs_dbg(VFS, "Challenge target info alloc failure\n");
824                         return -ENOMEM;
825                 }
826                 ses->auth_key.len = tilen;
827         }
828
829         return 0;
830 }
831
832 static int size_of_ntlmssp_blob(struct cifs_ses *ses, int base_size)
833 {
834         int sz = base_size + ses->auth_key.len
835                 - CIFS_SESS_KEY_SIZE + CIFS_CPHTXT_SIZE + 2;
836
837         if (ses->domainName)
838                 sz += sizeof(__le16) * strnlen(ses->domainName, CIFS_MAX_DOMAINNAME_LEN);
839         else
840                 sz += sizeof(__le16);
841
842         if (ses->user_name)
843                 sz += sizeof(__le16) * strnlen(ses->user_name, CIFS_MAX_USERNAME_LEN);
844         else
845                 sz += sizeof(__le16);
846
847         if (ses->workstation_name[0])
848                 sz += sizeof(__le16) * strnlen(ses->workstation_name,
849                                                ntlmssp_workstation_name_size(ses));
850         else
851                 sz += sizeof(__le16);
852
853         return sz;
854 }
855
856 static inline void cifs_security_buffer_from_str(SECURITY_BUFFER *pbuf,
857                                                  char *str_value,
858                                                  int str_length,
859                                                  unsigned char *pstart,
860                                                  unsigned char **pcur,
861                                                  const struct nls_table *nls_cp)
862 {
863         unsigned char *tmp = pstart;
864         int len;
865
866         if (!pbuf)
867                 return;
868
869         if (!pcur)
870                 pcur = &tmp;
871
872         if (!str_value) {
873                 pbuf->BufferOffset = cpu_to_le32(*pcur - pstart);
874                 pbuf->Length = 0;
875                 pbuf->MaximumLength = 0;
876                 *pcur += sizeof(__le16);
877         } else {
878                 len = cifs_strtoUTF16((__le16 *)*pcur,
879                                       str_value,
880                                       str_length,
881                                       nls_cp);
882                 len *= sizeof(__le16);
883                 pbuf->BufferOffset = cpu_to_le32(*pcur - pstart);
884                 pbuf->Length = cpu_to_le16(len);
885                 pbuf->MaximumLength = cpu_to_le16(len);
886                 *pcur += len;
887         }
888 }
889
890 /* BB Move to ntlmssp.c eventually */
891
892 int build_ntlmssp_negotiate_blob(unsigned char **pbuffer,
893                                  u16 *buflen,
894                                  struct cifs_ses *ses,
895                                  struct TCP_Server_Info *server,
896                                  const struct nls_table *nls_cp)
897 {
898         int rc = 0;
899         NEGOTIATE_MESSAGE *sec_blob;
900         __u32 flags;
901         unsigned char *tmp;
902         int len;
903
904         len = size_of_ntlmssp_blob(ses, sizeof(NEGOTIATE_MESSAGE));
905         *pbuffer = kmalloc(len, GFP_KERNEL);
906         if (!*pbuffer) {
907                 rc = -ENOMEM;
908                 cifs_dbg(VFS, "Error %d during NTLMSSP allocation\n", rc);
909                 *buflen = 0;
910                 goto setup_ntlm_neg_ret;
911         }
912         sec_blob = (NEGOTIATE_MESSAGE *)*pbuffer;
913
914         memset(*pbuffer, 0, sizeof(NEGOTIATE_MESSAGE));
915         memcpy(sec_blob->Signature, NTLMSSP_SIGNATURE, 8);
916         sec_blob->MessageType = NtLmNegotiate;
917
918         /* BB is NTLMV2 session security format easier to use here? */
919         flags = NTLMSSP_NEGOTIATE_56 |  NTLMSSP_REQUEST_TARGET |
920                 NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE |
921                 NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_EXTENDED_SEC |
922                 NTLMSSP_NEGOTIATE_ALWAYS_SIGN | NTLMSSP_NEGOTIATE_SEAL |
923                 NTLMSSP_NEGOTIATE_SIGN;
924         if (!server->session_estab || ses->ntlmssp->sesskey_per_smbsess)
925                 flags |= NTLMSSP_NEGOTIATE_KEY_XCH;
926
927         tmp = *pbuffer + sizeof(NEGOTIATE_MESSAGE);
928         ses->ntlmssp->client_flags = flags;
929         sec_blob->NegotiateFlags = cpu_to_le32(flags);
930
931         /* these fields should be null in negotiate phase MS-NLMP 3.1.5.1.1 */
932         cifs_security_buffer_from_str(&sec_blob->DomainName,
933                                       NULL,
934                                       CIFS_MAX_DOMAINNAME_LEN,
935                                       *pbuffer, &tmp,
936                                       nls_cp);
937
938         cifs_security_buffer_from_str(&sec_blob->WorkstationName,
939                                       NULL,
940                                       CIFS_MAX_WORKSTATION_LEN,
941                                       *pbuffer, &tmp,
942                                       nls_cp);
943
944         *buflen = tmp - *pbuffer;
945 setup_ntlm_neg_ret:
946         return rc;
947 }
948
949 /*
950  * Build ntlmssp blob with additional fields, such as version,
951  * supported by modern servers. For safety limit to SMB3 or later
952  * See notes in MS-NLMP Section 2.2.2.1 e.g.
953  */
954 int build_ntlmssp_smb3_negotiate_blob(unsigned char **pbuffer,
955                                  u16 *buflen,
956                                  struct cifs_ses *ses,
957                                  struct TCP_Server_Info *server,
958                                  const struct nls_table *nls_cp)
959 {
960         int rc = 0;
961         struct negotiate_message *sec_blob;
962         __u32 flags;
963         unsigned char *tmp;
964         int len;
965
966         len = size_of_ntlmssp_blob(ses, sizeof(struct negotiate_message));
967         *pbuffer = kmalloc(len, GFP_KERNEL);
968         if (!*pbuffer) {
969                 rc = -ENOMEM;
970                 cifs_dbg(VFS, "Error %d during NTLMSSP allocation\n", rc);
971                 *buflen = 0;
972                 goto setup_ntlm_smb3_neg_ret;
973         }
974         sec_blob = (struct negotiate_message *)*pbuffer;
975
976         memset(*pbuffer, 0, sizeof(struct negotiate_message));
977         memcpy(sec_blob->Signature, NTLMSSP_SIGNATURE, 8);
978         sec_blob->MessageType = NtLmNegotiate;
979
980         /* BB is NTLMV2 session security format easier to use here? */
981         flags = NTLMSSP_NEGOTIATE_56 |  NTLMSSP_REQUEST_TARGET |
982                 NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_UNICODE |
983                 NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_EXTENDED_SEC |
984                 NTLMSSP_NEGOTIATE_ALWAYS_SIGN | NTLMSSP_NEGOTIATE_SEAL |
985                 NTLMSSP_NEGOTIATE_SIGN | NTLMSSP_NEGOTIATE_VERSION;
986         if (!server->session_estab || ses->ntlmssp->sesskey_per_smbsess)
987                 flags |= NTLMSSP_NEGOTIATE_KEY_XCH;
988
989         sec_blob->Version.ProductMajorVersion = LINUX_VERSION_MAJOR;
990         sec_blob->Version.ProductMinorVersion = LINUX_VERSION_PATCHLEVEL;
991         sec_blob->Version.ProductBuild = cpu_to_le16(SMB3_PRODUCT_BUILD);
992         sec_blob->Version.NTLMRevisionCurrent = NTLMSSP_REVISION_W2K3;
993
994         tmp = *pbuffer + sizeof(struct negotiate_message);
995         ses->ntlmssp->client_flags = flags;
996         sec_blob->NegotiateFlags = cpu_to_le32(flags);
997
998         /* these fields should be null in negotiate phase MS-NLMP 3.1.5.1.1 */
999         cifs_security_buffer_from_str(&sec_blob->DomainName,
1000                                       NULL,
1001                                       CIFS_MAX_DOMAINNAME_LEN,
1002                                       *pbuffer, &tmp,
1003                                       nls_cp);
1004
1005         cifs_security_buffer_from_str(&sec_blob->WorkstationName,
1006                                       NULL,
1007                                       CIFS_MAX_WORKSTATION_LEN,
1008                                       *pbuffer, &tmp,
1009                                       nls_cp);
1010
1011         *buflen = tmp - *pbuffer;
1012 setup_ntlm_smb3_neg_ret:
1013         return rc;
1014 }
1015
1016
1017 int build_ntlmssp_auth_blob(unsigned char **pbuffer,
1018                                         u16 *buflen,
1019                                    struct cifs_ses *ses,
1020                                    struct TCP_Server_Info *server,
1021                                    const struct nls_table *nls_cp)
1022 {
1023         int rc;
1024         AUTHENTICATE_MESSAGE *sec_blob;
1025         __u32 flags;
1026         unsigned char *tmp;
1027         int len;
1028
1029         rc = setup_ntlmv2_rsp(ses, nls_cp);
1030         if (rc) {
1031                 cifs_dbg(VFS, "Error %d during NTLMSSP authentication\n", rc);
1032                 *buflen = 0;
1033                 goto setup_ntlmv2_ret;
1034         }
1035
1036         len = size_of_ntlmssp_blob(ses, sizeof(AUTHENTICATE_MESSAGE));
1037         *pbuffer = kmalloc(len, GFP_KERNEL);
1038         if (!*pbuffer) {
1039                 rc = -ENOMEM;
1040                 cifs_dbg(VFS, "Error %d during NTLMSSP allocation\n", rc);
1041                 *buflen = 0;
1042                 goto setup_ntlmv2_ret;
1043         }
1044         sec_blob = (AUTHENTICATE_MESSAGE *)*pbuffer;
1045
1046         memcpy(sec_blob->Signature, NTLMSSP_SIGNATURE, 8);
1047         sec_blob->MessageType = NtLmAuthenticate;
1048
1049         flags = ses->ntlmssp->server_flags | NTLMSSP_REQUEST_TARGET |
1050                 NTLMSSP_NEGOTIATE_TARGET_INFO | NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED;
1051
1052         tmp = *pbuffer + sizeof(AUTHENTICATE_MESSAGE);
1053         sec_blob->NegotiateFlags = cpu_to_le32(flags);
1054
1055         sec_blob->LmChallengeResponse.BufferOffset =
1056                                 cpu_to_le32(sizeof(AUTHENTICATE_MESSAGE));
1057         sec_blob->LmChallengeResponse.Length = 0;
1058         sec_blob->LmChallengeResponse.MaximumLength = 0;
1059
1060         sec_blob->NtChallengeResponse.BufferOffset =
1061                                 cpu_to_le32(tmp - *pbuffer);
1062         if (ses->user_name != NULL) {
1063                 memcpy(tmp, ses->auth_key.response + CIFS_SESS_KEY_SIZE,
1064                                 ses->auth_key.len - CIFS_SESS_KEY_SIZE);
1065                 tmp += ses->auth_key.len - CIFS_SESS_KEY_SIZE;
1066
1067                 sec_blob->NtChallengeResponse.Length =
1068                                 cpu_to_le16(ses->auth_key.len - CIFS_SESS_KEY_SIZE);
1069                 sec_blob->NtChallengeResponse.MaximumLength =
1070                                 cpu_to_le16(ses->auth_key.len - CIFS_SESS_KEY_SIZE);
1071         } else {
1072                 /*
1073                  * don't send an NT Response for anonymous access
1074                  */
1075                 sec_blob->NtChallengeResponse.Length = 0;
1076                 sec_blob->NtChallengeResponse.MaximumLength = 0;
1077         }
1078
1079         cifs_security_buffer_from_str(&sec_blob->DomainName,
1080                                       ses->domainName,
1081                                       CIFS_MAX_DOMAINNAME_LEN,
1082                                       *pbuffer, &tmp,
1083                                       nls_cp);
1084
1085         cifs_security_buffer_from_str(&sec_blob->UserName,
1086                                       ses->user_name,
1087                                       CIFS_MAX_USERNAME_LEN,
1088                                       *pbuffer, &tmp,
1089                                       nls_cp);
1090
1091         cifs_security_buffer_from_str(&sec_blob->WorkstationName,
1092                                       ses->workstation_name,
1093                                       ntlmssp_workstation_name_size(ses),
1094                                       *pbuffer, &tmp,
1095                                       nls_cp);
1096
1097         if ((ses->ntlmssp->server_flags & NTLMSSP_NEGOTIATE_KEY_XCH) &&
1098             (!ses->server->session_estab || ses->ntlmssp->sesskey_per_smbsess) &&
1099             !calc_seckey(ses)) {
1100                 memcpy(tmp, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE);
1101                 sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - *pbuffer);
1102                 sec_blob->SessionKey.Length = cpu_to_le16(CIFS_CPHTXT_SIZE);
1103                 sec_blob->SessionKey.MaximumLength =
1104                                 cpu_to_le16(CIFS_CPHTXT_SIZE);
1105                 tmp += CIFS_CPHTXT_SIZE;
1106         } else {
1107                 sec_blob->SessionKey.BufferOffset = cpu_to_le32(tmp - *pbuffer);
1108                 sec_blob->SessionKey.Length = 0;
1109                 sec_blob->SessionKey.MaximumLength = 0;
1110         }
1111
1112         *buflen = tmp - *pbuffer;
1113 setup_ntlmv2_ret:
1114         return rc;
1115 }
1116
1117 enum securityEnum
1118 cifs_select_sectype(struct TCP_Server_Info *server, enum securityEnum requested)
1119 {
1120         switch (server->negflavor) {
1121         case CIFS_NEGFLAVOR_EXTENDED:
1122                 switch (requested) {
1123                 case Kerberos:
1124                 case RawNTLMSSP:
1125                         return requested;
1126                 case Unspecified:
1127                         if (server->sec_ntlmssp &&
1128                             (global_secflags & CIFSSEC_MAY_NTLMSSP))
1129                                 return RawNTLMSSP;
1130                         if ((server->sec_kerberos || server->sec_mskerberos) &&
1131                             (global_secflags & CIFSSEC_MAY_KRB5))
1132                                 return Kerberos;
1133                         fallthrough;
1134                 default:
1135                         return Unspecified;
1136                 }
1137         case CIFS_NEGFLAVOR_UNENCAP:
1138                 switch (requested) {
1139                 case NTLMv2:
1140                         return requested;
1141                 case Unspecified:
1142                         if (global_secflags & CIFSSEC_MAY_NTLMV2)
1143                                 return NTLMv2;
1144                         break;
1145                 default:
1146                         break;
1147                 }
1148                 fallthrough;
1149         default:
1150                 return Unspecified;
1151         }
1152 }
1153
1154 struct sess_data {
1155         unsigned int xid;
1156         struct cifs_ses *ses;
1157         struct TCP_Server_Info *server;
1158         struct nls_table *nls_cp;
1159         void (*func)(struct sess_data *);
1160         int result;
1161
1162         /* we will send the SMB in three pieces:
1163          * a fixed length beginning part, an optional
1164          * SPNEGO blob (which can be zero length), and a
1165          * last part which will include the strings
1166          * and rest of bcc area. This allows us to avoid
1167          * a large buffer 17K allocation
1168          */
1169         int buf0_type;
1170         struct kvec iov[3];
1171 };
1172
1173 static int
1174 sess_alloc_buffer(struct sess_data *sess_data, int wct)
1175 {
1176         int rc;
1177         struct cifs_ses *ses = sess_data->ses;
1178         struct smb_hdr *smb_buf;
1179
1180         rc = small_smb_init_no_tc(SMB_COM_SESSION_SETUP_ANDX, wct, ses,
1181                                   (void **)&smb_buf);
1182
1183         if (rc)
1184                 return rc;
1185
1186         sess_data->iov[0].iov_base = (char *)smb_buf;
1187         sess_data->iov[0].iov_len = be32_to_cpu(smb_buf->smb_buf_length) + 4;
1188         /*
1189          * This variable will be used to clear the buffer
1190          * allocated above in case of any error in the calling function.
1191          */
1192         sess_data->buf0_type = CIFS_SMALL_BUFFER;
1193
1194         /* 2000 big enough to fit max user, domain, NOS name etc. */
1195         sess_data->iov[2].iov_base = kmalloc(2000, GFP_KERNEL);
1196         if (!sess_data->iov[2].iov_base) {
1197                 rc = -ENOMEM;
1198                 goto out_free_smb_buf;
1199         }
1200
1201         return 0;
1202
1203 out_free_smb_buf:
1204         cifs_small_buf_release(smb_buf);
1205         sess_data->iov[0].iov_base = NULL;
1206         sess_data->iov[0].iov_len = 0;
1207         sess_data->buf0_type = CIFS_NO_BUFFER;
1208         return rc;
1209 }
1210
1211 static void
1212 sess_free_buffer(struct sess_data *sess_data)
1213 {
1214
1215         free_rsp_buf(sess_data->buf0_type, sess_data->iov[0].iov_base);
1216         sess_data->buf0_type = CIFS_NO_BUFFER;
1217         kfree(sess_data->iov[2].iov_base);
1218 }
1219
1220 static int
1221 sess_establish_session(struct sess_data *sess_data)
1222 {
1223         struct cifs_ses *ses = sess_data->ses;
1224         struct TCP_Server_Info *server = sess_data->server;
1225
1226         cifs_server_lock(server);
1227         if (!server->session_estab) {
1228                 if (server->sign) {
1229                         server->session_key.response =
1230                                 kmemdup(ses->auth_key.response,
1231                                 ses->auth_key.len, GFP_KERNEL);
1232                         if (!server->session_key.response) {
1233                                 cifs_server_unlock(server);
1234                                 return -ENOMEM;
1235                         }
1236                         server->session_key.len =
1237                                                 ses->auth_key.len;
1238                 }
1239                 server->sequence_number = 0x2;
1240                 server->session_estab = true;
1241         }
1242         cifs_server_unlock(server);
1243
1244         cifs_dbg(FYI, "CIFS session established successfully\n");
1245         return 0;
1246 }
1247
1248 static int
1249 sess_sendreceive(struct sess_data *sess_data)
1250 {
1251         int rc;
1252         struct smb_hdr *smb_buf = (struct smb_hdr *) sess_data->iov[0].iov_base;
1253         __u16 count;
1254         struct kvec rsp_iov = { NULL, 0 };
1255
1256         count = sess_data->iov[1].iov_len + sess_data->iov[2].iov_len;
1257         be32_add_cpu(&smb_buf->smb_buf_length, count);
1258         put_bcc(count, smb_buf);
1259
1260         rc = SendReceive2(sess_data->xid, sess_data->ses,
1261                           sess_data->iov, 3 /* num_iovecs */,
1262                           &sess_data->buf0_type,
1263                           CIFS_LOG_ERROR, &rsp_iov);
1264         cifs_small_buf_release(sess_data->iov[0].iov_base);
1265         memcpy(&sess_data->iov[0], &rsp_iov, sizeof(struct kvec));
1266
1267         return rc;
1268 }
1269
1270 static void
1271 sess_auth_ntlmv2(struct sess_data *sess_data)
1272 {
1273         int rc = 0;
1274         struct smb_hdr *smb_buf;
1275         SESSION_SETUP_ANDX *pSMB;
1276         char *bcc_ptr;
1277         struct cifs_ses *ses = sess_data->ses;
1278         struct TCP_Server_Info *server = sess_data->server;
1279         __u32 capabilities;
1280         __u16 bytes_remaining;
1281
1282         /* old style NTLM sessionsetup */
1283         /* wct = 13 */
1284         rc = sess_alloc_buffer(sess_data, 13);
1285         if (rc)
1286                 goto out;
1287
1288         pSMB = (SESSION_SETUP_ANDX *)sess_data->iov[0].iov_base;
1289         bcc_ptr = sess_data->iov[2].iov_base;
1290         capabilities = cifs_ssetup_hdr(ses, server, pSMB);
1291
1292         pSMB->req_no_secext.Capabilities = cpu_to_le32(capabilities);
1293
1294         /* LM2 password would be here if we supported it */
1295         pSMB->req_no_secext.CaseInsensitivePasswordLength = 0;
1296
1297         if (ses->user_name != NULL) {
1298                 /* calculate nlmv2 response and session key */
1299                 rc = setup_ntlmv2_rsp(ses, sess_data->nls_cp);
1300                 if (rc) {
1301                         cifs_dbg(VFS, "Error %d during NTLMv2 authentication\n", rc);
1302                         goto out;
1303                 }
1304
1305                 memcpy(bcc_ptr, ses->auth_key.response + CIFS_SESS_KEY_SIZE,
1306                                 ses->auth_key.len - CIFS_SESS_KEY_SIZE);
1307                 bcc_ptr += ses->auth_key.len - CIFS_SESS_KEY_SIZE;
1308
1309                 /* set case sensitive password length after tilen may get
1310                  * assigned, tilen is 0 otherwise.
1311                  */
1312                 pSMB->req_no_secext.CaseSensitivePasswordLength =
1313                         cpu_to_le16(ses->auth_key.len - CIFS_SESS_KEY_SIZE);
1314         } else {
1315                 pSMB->req_no_secext.CaseSensitivePasswordLength = 0;
1316         }
1317
1318         if (ses->capabilities & CAP_UNICODE) {
1319                 if (sess_data->iov[0].iov_len % 2) {
1320                         *bcc_ptr = 0;
1321                         bcc_ptr++;
1322                 }
1323                 unicode_ssetup_strings(&bcc_ptr, ses, sess_data->nls_cp);
1324         } else {
1325                 ascii_ssetup_strings(&bcc_ptr, ses, sess_data->nls_cp);
1326         }
1327
1328
1329         sess_data->iov[2].iov_len = (long) bcc_ptr -
1330                         (long) sess_data->iov[2].iov_base;
1331
1332         rc = sess_sendreceive(sess_data);
1333         if (rc)
1334                 goto out;
1335
1336         pSMB = (SESSION_SETUP_ANDX *)sess_data->iov[0].iov_base;
1337         smb_buf = (struct smb_hdr *)sess_data->iov[0].iov_base;
1338
1339         if (smb_buf->WordCount != 3) {
1340                 rc = -EIO;
1341                 cifs_dbg(VFS, "bad word count %d\n", smb_buf->WordCount);
1342                 goto out;
1343         }
1344
1345         if (le16_to_cpu(pSMB->resp.Action) & GUEST_LOGIN)
1346                 cifs_dbg(FYI, "Guest login\n"); /* BB mark SesInfo struct? */
1347
1348         ses->Suid = smb_buf->Uid;   /* UID left in wire format (le) */
1349         cifs_dbg(FYI, "UID = %llu\n", ses->Suid);
1350
1351         bytes_remaining = get_bcc(smb_buf);
1352         bcc_ptr = pByteArea(smb_buf);
1353
1354         /* BB check if Unicode and decode strings */
1355         if (bytes_remaining == 0) {
1356                 /* no string area to decode, do nothing */
1357         } else if (smb_buf->Flags2 & SMBFLG2_UNICODE) {
1358                 /* unicode string area must be word-aligned */
1359                 if (((unsigned long) bcc_ptr - (unsigned long) smb_buf) % 2) {
1360                         ++bcc_ptr;
1361                         --bytes_remaining;
1362                 }
1363                 decode_unicode_ssetup(&bcc_ptr, bytes_remaining, ses,
1364                                       sess_data->nls_cp);
1365         } else {
1366                 decode_ascii_ssetup(&bcc_ptr, bytes_remaining, ses,
1367                                     sess_data->nls_cp);
1368         }
1369
1370         rc = sess_establish_session(sess_data);
1371 out:
1372         sess_data->result = rc;
1373         sess_data->func = NULL;
1374         sess_free_buffer(sess_data);
1375         kfree(ses->auth_key.response);
1376         ses->auth_key.response = NULL;
1377 }
1378
1379 #ifdef CONFIG_CIFS_UPCALL
1380 static void
1381 sess_auth_kerberos(struct sess_data *sess_data)
1382 {
1383         int rc = 0;
1384         struct smb_hdr *smb_buf;
1385         SESSION_SETUP_ANDX *pSMB;
1386         char *bcc_ptr;
1387         struct cifs_ses *ses = sess_data->ses;
1388         struct TCP_Server_Info *server = sess_data->server;
1389         __u32 capabilities;
1390         __u16 bytes_remaining;
1391         struct key *spnego_key = NULL;
1392         struct cifs_spnego_msg *msg;
1393         u16 blob_len;
1394
1395         /* extended security */
1396         /* wct = 12 */
1397         rc = sess_alloc_buffer(sess_data, 12);
1398         if (rc)
1399                 goto out;
1400
1401         pSMB = (SESSION_SETUP_ANDX *)sess_data->iov[0].iov_base;
1402         bcc_ptr = sess_data->iov[2].iov_base;
1403         capabilities = cifs_ssetup_hdr(ses, server, pSMB);
1404
1405         spnego_key = cifs_get_spnego_key(ses, server);
1406         if (IS_ERR(spnego_key)) {
1407                 rc = PTR_ERR(spnego_key);
1408                 spnego_key = NULL;
1409                 goto out;
1410         }
1411
1412         msg = spnego_key->payload.data[0];
1413         /*
1414          * check version field to make sure that cifs.upcall is
1415          * sending us a response in an expected form
1416          */
1417         if (msg->version != CIFS_SPNEGO_UPCALL_VERSION) {
1418                 cifs_dbg(VFS, "incorrect version of cifs.upcall (expected %d but got %d)\n",
1419                          CIFS_SPNEGO_UPCALL_VERSION, msg->version);
1420                 rc = -EKEYREJECTED;
1421                 goto out_put_spnego_key;
1422         }
1423
1424         ses->auth_key.response = kmemdup(msg->data, msg->sesskey_len,
1425                                          GFP_KERNEL);
1426         if (!ses->auth_key.response) {
1427                 cifs_dbg(VFS, "Kerberos can't allocate (%u bytes) memory\n",
1428                          msg->sesskey_len);
1429                 rc = -ENOMEM;
1430                 goto out_put_spnego_key;
1431         }
1432         ses->auth_key.len = msg->sesskey_len;
1433
1434         pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
1435         capabilities |= CAP_EXTENDED_SECURITY;
1436         pSMB->req.Capabilities = cpu_to_le32(capabilities);
1437         sess_data->iov[1].iov_base = msg->data + msg->sesskey_len;
1438         sess_data->iov[1].iov_len = msg->secblob_len;
1439         pSMB->req.SecurityBlobLength = cpu_to_le16(sess_data->iov[1].iov_len);
1440
1441         if (ses->capabilities & CAP_UNICODE) {
1442                 /* unicode strings must be word aligned */
1443                 if ((sess_data->iov[0].iov_len
1444                         + sess_data->iov[1].iov_len) % 2) {
1445                         *bcc_ptr = 0;
1446                         bcc_ptr++;
1447                 }
1448                 unicode_oslm_strings(&bcc_ptr, sess_data->nls_cp);
1449                 unicode_domain_string(&bcc_ptr, ses, sess_data->nls_cp);
1450         } else {
1451                 /* BB: is this right? */
1452                 ascii_ssetup_strings(&bcc_ptr, ses, sess_data->nls_cp);
1453         }
1454
1455         sess_data->iov[2].iov_len = (long) bcc_ptr -
1456                         (long) sess_data->iov[2].iov_base;
1457
1458         rc = sess_sendreceive(sess_data);
1459         if (rc)
1460                 goto out_put_spnego_key;
1461
1462         pSMB = (SESSION_SETUP_ANDX *)sess_data->iov[0].iov_base;
1463         smb_buf = (struct smb_hdr *)sess_data->iov[0].iov_base;
1464
1465         if (smb_buf->WordCount != 4) {
1466                 rc = -EIO;
1467                 cifs_dbg(VFS, "bad word count %d\n", smb_buf->WordCount);
1468                 goto out_put_spnego_key;
1469         }
1470
1471         if (le16_to_cpu(pSMB->resp.Action) & GUEST_LOGIN)
1472                 cifs_dbg(FYI, "Guest login\n"); /* BB mark SesInfo struct? */
1473
1474         ses->Suid = smb_buf->Uid;   /* UID left in wire format (le) */
1475         cifs_dbg(FYI, "UID = %llu\n", ses->Suid);
1476
1477         bytes_remaining = get_bcc(smb_buf);
1478         bcc_ptr = pByteArea(smb_buf);
1479
1480         blob_len = le16_to_cpu(pSMB->resp.SecurityBlobLength);
1481         if (blob_len > bytes_remaining) {
1482                 cifs_dbg(VFS, "bad security blob length %d\n",
1483                                 blob_len);
1484                 rc = -EINVAL;
1485                 goto out_put_spnego_key;
1486         }
1487         bcc_ptr += blob_len;
1488         bytes_remaining -= blob_len;
1489
1490         /* BB check if Unicode and decode strings */
1491         if (bytes_remaining == 0) {
1492                 /* no string area to decode, do nothing */
1493         } else if (smb_buf->Flags2 & SMBFLG2_UNICODE) {
1494                 /* unicode string area must be word-aligned */
1495                 if (((unsigned long) bcc_ptr - (unsigned long) smb_buf) % 2) {
1496                         ++bcc_ptr;
1497                         --bytes_remaining;
1498                 }
1499                 decode_unicode_ssetup(&bcc_ptr, bytes_remaining, ses,
1500                                       sess_data->nls_cp);
1501         } else {
1502                 decode_ascii_ssetup(&bcc_ptr, bytes_remaining, ses,
1503                                     sess_data->nls_cp);
1504         }
1505
1506         rc = sess_establish_session(sess_data);
1507 out_put_spnego_key:
1508         key_invalidate(spnego_key);
1509         key_put(spnego_key);
1510 out:
1511         sess_data->result = rc;
1512         sess_data->func = NULL;
1513         sess_free_buffer(sess_data);
1514         kfree(ses->auth_key.response);
1515         ses->auth_key.response = NULL;
1516 }
1517
1518 #endif /* ! CONFIG_CIFS_UPCALL */
1519
1520 /*
1521  * The required kvec buffers have to be allocated before calling this
1522  * function.
1523  */
1524 static int
1525 _sess_auth_rawntlmssp_assemble_req(struct sess_data *sess_data)
1526 {
1527         SESSION_SETUP_ANDX *pSMB;
1528         struct cifs_ses *ses = sess_data->ses;
1529         struct TCP_Server_Info *server = sess_data->server;
1530         __u32 capabilities;
1531         char *bcc_ptr;
1532
1533         pSMB = (SESSION_SETUP_ANDX *)sess_data->iov[0].iov_base;
1534
1535         capabilities = cifs_ssetup_hdr(ses, server, pSMB);
1536         if ((pSMB->req.hdr.Flags2 & SMBFLG2_UNICODE) == 0) {
1537                 cifs_dbg(VFS, "NTLMSSP requires Unicode support\n");
1538                 return -ENOSYS;
1539         }
1540
1541         pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
1542         capabilities |= CAP_EXTENDED_SECURITY;
1543         pSMB->req.Capabilities |= cpu_to_le32(capabilities);
1544
1545         bcc_ptr = sess_data->iov[2].iov_base;
1546         /* unicode strings must be word aligned */
1547         if ((sess_data->iov[0].iov_len + sess_data->iov[1].iov_len) % 2) {
1548                 *bcc_ptr = 0;
1549                 bcc_ptr++;
1550         }
1551         unicode_oslm_strings(&bcc_ptr, sess_data->nls_cp);
1552
1553         sess_data->iov[2].iov_len = (long) bcc_ptr -
1554                                         (long) sess_data->iov[2].iov_base;
1555
1556         return 0;
1557 }
1558
1559 static void
1560 sess_auth_rawntlmssp_authenticate(struct sess_data *sess_data);
1561
1562 static void
1563 sess_auth_rawntlmssp_negotiate(struct sess_data *sess_data)
1564 {
1565         int rc;
1566         struct smb_hdr *smb_buf;
1567         SESSION_SETUP_ANDX *pSMB;
1568         struct cifs_ses *ses = sess_data->ses;
1569         struct TCP_Server_Info *server = sess_data->server;
1570         __u16 bytes_remaining;
1571         char *bcc_ptr;
1572         unsigned char *ntlmsspblob = NULL;
1573         u16 blob_len;
1574
1575         cifs_dbg(FYI, "rawntlmssp session setup negotiate phase\n");
1576
1577         /*
1578          * if memory allocation is successful, caller of this function
1579          * frees it.
1580          */
1581         ses->ntlmssp = kmalloc(sizeof(struct ntlmssp_auth), GFP_KERNEL);
1582         if (!ses->ntlmssp) {
1583                 rc = -ENOMEM;
1584                 goto out;
1585         }
1586         ses->ntlmssp->sesskey_per_smbsess = false;
1587
1588         /* wct = 12 */
1589         rc = sess_alloc_buffer(sess_data, 12);
1590         if (rc)
1591                 goto out;
1592
1593         pSMB = (SESSION_SETUP_ANDX *)sess_data->iov[0].iov_base;
1594
1595         /* Build security blob before we assemble the request */
1596         rc = build_ntlmssp_negotiate_blob(&ntlmsspblob,
1597                                      &blob_len, ses, server,
1598                                      sess_data->nls_cp);
1599         if (rc)
1600                 goto out_free_ntlmsspblob;
1601
1602         sess_data->iov[1].iov_len = blob_len;
1603         sess_data->iov[1].iov_base = ntlmsspblob;
1604         pSMB->req.SecurityBlobLength = cpu_to_le16(blob_len);
1605
1606         rc = _sess_auth_rawntlmssp_assemble_req(sess_data);
1607         if (rc)
1608                 goto out_free_ntlmsspblob;
1609
1610         rc = sess_sendreceive(sess_data);
1611
1612         pSMB = (SESSION_SETUP_ANDX *)sess_data->iov[0].iov_base;
1613         smb_buf = (struct smb_hdr *)sess_data->iov[0].iov_base;
1614
1615         /* If true, rc here is expected and not an error */
1616         if (sess_data->buf0_type != CIFS_NO_BUFFER &&
1617             smb_buf->Status.CifsError ==
1618                         cpu_to_le32(NT_STATUS_MORE_PROCESSING_REQUIRED))
1619                 rc = 0;
1620
1621         if (rc)
1622                 goto out_free_ntlmsspblob;
1623
1624         cifs_dbg(FYI, "rawntlmssp session setup challenge phase\n");
1625
1626         if (smb_buf->WordCount != 4) {
1627                 rc = -EIO;
1628                 cifs_dbg(VFS, "bad word count %d\n", smb_buf->WordCount);
1629                 goto out_free_ntlmsspblob;
1630         }
1631
1632         ses->Suid = smb_buf->Uid;   /* UID left in wire format (le) */
1633         cifs_dbg(FYI, "UID = %llu\n", ses->Suid);
1634
1635         bytes_remaining = get_bcc(smb_buf);
1636         bcc_ptr = pByteArea(smb_buf);
1637
1638         blob_len = le16_to_cpu(pSMB->resp.SecurityBlobLength);
1639         if (blob_len > bytes_remaining) {
1640                 cifs_dbg(VFS, "bad security blob length %d\n",
1641                                 blob_len);
1642                 rc = -EINVAL;
1643                 goto out_free_ntlmsspblob;
1644         }
1645
1646         rc = decode_ntlmssp_challenge(bcc_ptr, blob_len, ses);
1647
1648 out_free_ntlmsspblob:
1649         kfree(ntlmsspblob);
1650 out:
1651         sess_free_buffer(sess_data);
1652
1653         if (!rc) {
1654                 sess_data->func = sess_auth_rawntlmssp_authenticate;
1655                 return;
1656         }
1657
1658         /* Else error. Cleanup */
1659         kfree(ses->auth_key.response);
1660         ses->auth_key.response = NULL;
1661         kfree(ses->ntlmssp);
1662         ses->ntlmssp = NULL;
1663
1664         sess_data->func = NULL;
1665         sess_data->result = rc;
1666 }
1667
1668 static void
1669 sess_auth_rawntlmssp_authenticate(struct sess_data *sess_data)
1670 {
1671         int rc;
1672         struct smb_hdr *smb_buf;
1673         SESSION_SETUP_ANDX *pSMB;
1674         struct cifs_ses *ses = sess_data->ses;
1675         struct TCP_Server_Info *server = sess_data->server;
1676         __u16 bytes_remaining;
1677         char *bcc_ptr;
1678         unsigned char *ntlmsspblob = NULL;
1679         u16 blob_len;
1680
1681         cifs_dbg(FYI, "rawntlmssp session setup authenticate phase\n");
1682
1683         /* wct = 12 */
1684         rc = sess_alloc_buffer(sess_data, 12);
1685         if (rc)
1686                 goto out;
1687
1688         /* Build security blob before we assemble the request */
1689         pSMB = (SESSION_SETUP_ANDX *)sess_data->iov[0].iov_base;
1690         smb_buf = (struct smb_hdr *)pSMB;
1691         rc = build_ntlmssp_auth_blob(&ntlmsspblob,
1692                                         &blob_len, ses, server,
1693                                         sess_data->nls_cp);
1694         if (rc)
1695                 goto out_free_ntlmsspblob;
1696         sess_data->iov[1].iov_len = blob_len;
1697         sess_data->iov[1].iov_base = ntlmsspblob;
1698         pSMB->req.SecurityBlobLength = cpu_to_le16(blob_len);
1699         /*
1700          * Make sure that we tell the server that we are using
1701          * the uid that it just gave us back on the response
1702          * (challenge)
1703          */
1704         smb_buf->Uid = ses->Suid;
1705
1706         rc = _sess_auth_rawntlmssp_assemble_req(sess_data);
1707         if (rc)
1708                 goto out_free_ntlmsspblob;
1709
1710         rc = sess_sendreceive(sess_data);
1711         if (rc)
1712                 goto out_free_ntlmsspblob;
1713
1714         pSMB = (SESSION_SETUP_ANDX *)sess_data->iov[0].iov_base;
1715         smb_buf = (struct smb_hdr *)sess_data->iov[0].iov_base;
1716         if (smb_buf->WordCount != 4) {
1717                 rc = -EIO;
1718                 cifs_dbg(VFS, "bad word count %d\n", smb_buf->WordCount);
1719                 goto out_free_ntlmsspblob;
1720         }
1721
1722         if (le16_to_cpu(pSMB->resp.Action) & GUEST_LOGIN)
1723                 cifs_dbg(FYI, "Guest login\n"); /* BB mark SesInfo struct? */
1724
1725         if (ses->Suid != smb_buf->Uid) {
1726                 ses->Suid = smb_buf->Uid;
1727                 cifs_dbg(FYI, "UID changed! new UID = %llu\n", ses->Suid);
1728         }
1729
1730         bytes_remaining = get_bcc(smb_buf);
1731         bcc_ptr = pByteArea(smb_buf);
1732         blob_len = le16_to_cpu(pSMB->resp.SecurityBlobLength);
1733         if (blob_len > bytes_remaining) {
1734                 cifs_dbg(VFS, "bad security blob length %d\n",
1735                                 blob_len);
1736                 rc = -EINVAL;
1737                 goto out_free_ntlmsspblob;
1738         }
1739         bcc_ptr += blob_len;
1740         bytes_remaining -= blob_len;
1741
1742
1743         /* BB check if Unicode and decode strings */
1744         if (bytes_remaining == 0) {
1745                 /* no string area to decode, do nothing */
1746         } else if (smb_buf->Flags2 & SMBFLG2_UNICODE) {
1747                 /* unicode string area must be word-aligned */
1748                 if (((unsigned long) bcc_ptr - (unsigned long) smb_buf) % 2) {
1749                         ++bcc_ptr;
1750                         --bytes_remaining;
1751                 }
1752                 decode_unicode_ssetup(&bcc_ptr, bytes_remaining, ses,
1753                                       sess_data->nls_cp);
1754         } else {
1755                 decode_ascii_ssetup(&bcc_ptr, bytes_remaining, ses,
1756                                     sess_data->nls_cp);
1757         }
1758
1759 out_free_ntlmsspblob:
1760         kfree(ntlmsspblob);
1761 out:
1762         sess_free_buffer(sess_data);
1763
1764         if (!rc)
1765                 rc = sess_establish_session(sess_data);
1766
1767         /* Cleanup */
1768         kfree(ses->auth_key.response);
1769         ses->auth_key.response = NULL;
1770         kfree(ses->ntlmssp);
1771         ses->ntlmssp = NULL;
1772
1773         sess_data->func = NULL;
1774         sess_data->result = rc;
1775 }
1776
1777 static int select_sec(struct sess_data *sess_data)
1778 {
1779         int type;
1780         struct cifs_ses *ses = sess_data->ses;
1781         struct TCP_Server_Info *server = sess_data->server;
1782
1783         type = cifs_select_sectype(server, ses->sectype);
1784         cifs_dbg(FYI, "sess setup type %d\n", type);
1785         if (type == Unspecified) {
1786                 cifs_dbg(VFS, "Unable to select appropriate authentication method!\n");
1787                 return -EINVAL;
1788         }
1789
1790         switch (type) {
1791         case NTLMv2:
1792                 sess_data->func = sess_auth_ntlmv2;
1793                 break;
1794         case Kerberos:
1795 #ifdef CONFIG_CIFS_UPCALL
1796                 sess_data->func = sess_auth_kerberos;
1797                 break;
1798 #else
1799                 cifs_dbg(VFS, "Kerberos negotiated but upcall support disabled!\n");
1800                 return -ENOSYS;
1801 #endif /* CONFIG_CIFS_UPCALL */
1802         case RawNTLMSSP:
1803                 sess_data->func = sess_auth_rawntlmssp_negotiate;
1804                 break;
1805         default:
1806                 cifs_dbg(VFS, "secType %d not supported!\n", type);
1807                 return -ENOSYS;
1808         }
1809
1810         return 0;
1811 }
1812
1813 int CIFS_SessSetup(const unsigned int xid, struct cifs_ses *ses,
1814                    struct TCP_Server_Info *server,
1815                    const struct nls_table *nls_cp)
1816 {
1817         int rc = 0;
1818         struct sess_data *sess_data;
1819
1820         if (ses == NULL) {
1821                 WARN(1, "%s: ses == NULL!", __func__);
1822                 return -EINVAL;
1823         }
1824
1825         sess_data = kzalloc(sizeof(struct sess_data), GFP_KERNEL);
1826         if (!sess_data)
1827                 return -ENOMEM;
1828
1829         sess_data->xid = xid;
1830         sess_data->ses = ses;
1831         sess_data->server = server;
1832         sess_data->buf0_type = CIFS_NO_BUFFER;
1833         sess_data->nls_cp = (struct nls_table *) nls_cp;
1834
1835         rc = select_sec(sess_data);
1836         if (rc)
1837                 goto out;
1838
1839         while (sess_data->func)
1840                 sess_data->func(sess_data);
1841
1842         /* Store result before we free sess_data */
1843         rc = sess_data->result;
1844
1845 out:
1846         kfree(sess_data);
1847         return rc;
1848 }
MicroBlaze GIT Repository