fs_context.c 45 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. /*
  3. * linux/fs/nfs/fs_context.c
  4. *
  5. * Copyright (C) 1992 Rick Sladkey
  6. * Conversion to new mount api Copyright (C) David Howells
  7. *
  8. * NFS mount handling.
  9. *
  10. * Split from fs/nfs/super.c by David Howells <dhowells@redhat.com>
  11. */
  12. #include <linux/compat.h>
  13. #include <linux/module.h>
  14. #include <linux/fs.h>
  15. #include <linux/fs_context.h>
  16. #include <linux/fs_parser.h>
  17. #include <linux/nfs_fs.h>
  18. #include <linux/nfs_mount.h>
  19. #include <linux/nfs4_mount.h>
  20. #include <net/handshake.h>
  21. #include "nfs.h"
  22. #include "internal.h"
  23. #include "nfstrace.h"
  24. #define NFSDBG_FACILITY NFSDBG_MOUNT
  25. #if IS_ENABLED(CONFIG_NFS_V3)
  26. #define NFS_DEFAULT_VERSION 3
  27. #else
  28. #define NFS_DEFAULT_VERSION 2
  29. #endif
  30. #define NFS_MAX_CONNECTIONS 16
  31. enum nfs_param {
  32. Opt_ac,
  33. Opt_acdirmax,
  34. Opt_acdirmin,
  35. Opt_acl,
  36. Opt_acregmax,
  37. Opt_acregmin,
  38. Opt_actimeo,
  39. Opt_addr,
  40. Opt_bg,
  41. Opt_bsize,
  42. Opt_clientaddr,
  43. Opt_cto,
  44. Opt_alignwrite,
  45. Opt_fatal_neterrors,
  46. Opt_fg,
  47. Opt_fscache,
  48. Opt_fscache_flag,
  49. Opt_hard,
  50. Opt_intr,
  51. Opt_local_lock,
  52. Opt_lock,
  53. Opt_lookupcache,
  54. Opt_migration,
  55. Opt_minorversion,
  56. Opt_mountaddr,
  57. Opt_mounthost,
  58. Opt_mountport,
  59. Opt_mountproto,
  60. Opt_mountvers,
  61. Opt_namelen,
  62. Opt_nconnect,
  63. Opt_max_connect,
  64. Opt_port,
  65. Opt_posix,
  66. Opt_proto,
  67. Opt_rdirplus,
  68. Opt_rdirplus_none,
  69. Opt_rdirplus_force,
  70. Opt_rdma,
  71. Opt_resvport,
  72. Opt_retrans,
  73. Opt_retry,
  74. Opt_rsize,
  75. Opt_sec,
  76. Opt_sharecache,
  77. Opt_sloppy,
  78. Opt_soft,
  79. Opt_softerr,
  80. Opt_softreval,
  81. Opt_source,
  82. Opt_tcp,
  83. Opt_timeo,
  84. Opt_trunkdiscovery,
  85. Opt_udp,
  86. Opt_v,
  87. Opt_vers,
  88. Opt_wsize,
  89. Opt_write,
  90. Opt_xprtsec,
  91. Opt_cert_serial,
  92. Opt_privkey_serial,
  93. };
  94. enum {
  95. Opt_fatal_neterrors_default,
  96. Opt_fatal_neterrors_enetunreach,
  97. Opt_fatal_neterrors_none,
  98. };
  99. static const struct constant_table nfs_param_enums_fatal_neterrors[] = {
  100. { "default", Opt_fatal_neterrors_default },
  101. { "ENETDOWN:ENETUNREACH", Opt_fatal_neterrors_enetunreach },
  102. { "ENETUNREACH:ENETDOWN", Opt_fatal_neterrors_enetunreach },
  103. { "none", Opt_fatal_neterrors_none },
  104. {}
  105. };
  106. enum {
  107. Opt_local_lock_all,
  108. Opt_local_lock_flock,
  109. Opt_local_lock_none,
  110. Opt_local_lock_posix,
  111. };
  112. static const struct constant_table nfs_param_enums_local_lock[] = {
  113. { "all", Opt_local_lock_all },
  114. { "flock", Opt_local_lock_flock },
  115. { "posix", Opt_local_lock_posix },
  116. { "none", Opt_local_lock_none },
  117. {}
  118. };
  119. enum {
  120. Opt_lookupcache_all,
  121. Opt_lookupcache_none,
  122. Opt_lookupcache_positive,
  123. };
  124. static const struct constant_table nfs_param_enums_lookupcache[] = {
  125. { "all", Opt_lookupcache_all },
  126. { "none", Opt_lookupcache_none },
  127. { "pos", Opt_lookupcache_positive },
  128. { "positive", Opt_lookupcache_positive },
  129. {}
  130. };
  131. enum {
  132. Opt_write_lazy,
  133. Opt_write_eager,
  134. Opt_write_wait,
  135. };
  136. static const struct constant_table nfs_param_enums_write[] = {
  137. { "lazy", Opt_write_lazy },
  138. { "eager", Opt_write_eager },
  139. { "wait", Opt_write_wait },
  140. {}
  141. };
  142. static const struct fs_parameter_spec nfs_fs_parameters[] = {
  143. fsparam_flag_no("ac", Opt_ac),
  144. fsparam_u32 ("acdirmax", Opt_acdirmax),
  145. fsparam_u32 ("acdirmin", Opt_acdirmin),
  146. fsparam_flag_no("acl", Opt_acl),
  147. fsparam_u32 ("acregmax", Opt_acregmax),
  148. fsparam_u32 ("acregmin", Opt_acregmin),
  149. fsparam_u32 ("actimeo", Opt_actimeo),
  150. fsparam_string("addr", Opt_addr),
  151. fsparam_flag ("bg", Opt_bg),
  152. fsparam_u32 ("bsize", Opt_bsize),
  153. fsparam_string("clientaddr", Opt_clientaddr),
  154. fsparam_flag_no("cto", Opt_cto),
  155. fsparam_flag_no("alignwrite", Opt_alignwrite),
  156. fsparam_enum("fatal_neterrors", Opt_fatal_neterrors,
  157. nfs_param_enums_fatal_neterrors),
  158. fsparam_flag ("fg", Opt_fg),
  159. fsparam_flag_no("fsc", Opt_fscache_flag),
  160. fsparam_string("fsc", Opt_fscache),
  161. fsparam_flag ("hard", Opt_hard),
  162. __fsparam(NULL, "intr", Opt_intr,
  163. fs_param_neg_with_no|fs_param_deprecated, NULL),
  164. fsparam_enum ("local_lock", Opt_local_lock, nfs_param_enums_local_lock),
  165. fsparam_flag_no("lock", Opt_lock),
  166. fsparam_enum ("lookupcache", Opt_lookupcache, nfs_param_enums_lookupcache),
  167. fsparam_flag_no("migration", Opt_migration),
  168. fsparam_u32 ("minorversion", Opt_minorversion),
  169. fsparam_string("mountaddr", Opt_mountaddr),
  170. fsparam_string("mounthost", Opt_mounthost),
  171. fsparam_u32 ("mountport", Opt_mountport),
  172. fsparam_string("mountproto", Opt_mountproto),
  173. fsparam_u32 ("mountvers", Opt_mountvers),
  174. fsparam_u32 ("namlen", Opt_namelen),
  175. fsparam_u32 ("nconnect", Opt_nconnect),
  176. fsparam_u32 ("max_connect", Opt_max_connect),
  177. fsparam_string("nfsvers", Opt_vers),
  178. fsparam_u32 ("port", Opt_port),
  179. fsparam_flag_no("posix", Opt_posix),
  180. fsparam_string("proto", Opt_proto),
  181. fsparam_flag_no("rdirplus", Opt_rdirplus), // rdirplus|nordirplus
  182. fsparam_string("rdirplus", Opt_rdirplus), // rdirplus=...
  183. fsparam_flag ("rdma", Opt_rdma),
  184. fsparam_flag_no("resvport", Opt_resvport),
  185. fsparam_u32 ("retrans", Opt_retrans),
  186. fsparam_string("retry", Opt_retry),
  187. fsparam_u32 ("rsize", Opt_rsize),
  188. fsparam_string("sec", Opt_sec),
  189. fsparam_flag_no("sharecache", Opt_sharecache),
  190. fsparam_flag ("sloppy", Opt_sloppy),
  191. fsparam_flag ("soft", Opt_soft),
  192. fsparam_flag ("softerr", Opt_softerr),
  193. fsparam_flag ("softreval", Opt_softreval),
  194. fsparam_string("source", Opt_source),
  195. fsparam_flag ("tcp", Opt_tcp),
  196. fsparam_u32 ("timeo", Opt_timeo),
  197. fsparam_flag_no("trunkdiscovery", Opt_trunkdiscovery),
  198. fsparam_flag ("udp", Opt_udp),
  199. fsparam_flag ("v2", Opt_v),
  200. fsparam_flag ("v3", Opt_v),
  201. fsparam_flag ("v4", Opt_v),
  202. fsparam_flag ("v4.0", Opt_v),
  203. fsparam_flag ("v4.1", Opt_v),
  204. fsparam_flag ("v4.2", Opt_v),
  205. fsparam_string("vers", Opt_vers),
  206. fsparam_enum ("write", Opt_write, nfs_param_enums_write),
  207. fsparam_u32 ("wsize", Opt_wsize),
  208. fsparam_string("xprtsec", Opt_xprtsec),
  209. fsparam_s32("cert_serial", Opt_cert_serial),
  210. fsparam_s32("privkey_serial", Opt_privkey_serial),
  211. {}
  212. };
  213. enum {
  214. Opt_vers_2,
  215. Opt_vers_3,
  216. Opt_vers_4,
  217. Opt_vers_4_0,
  218. Opt_vers_4_1,
  219. Opt_vers_4_2,
  220. };
  221. static const struct constant_table nfs_vers_tokens[] = {
  222. { "2", Opt_vers_2 },
  223. { "3", Opt_vers_3 },
  224. { "4", Opt_vers_4 },
  225. { "4.0", Opt_vers_4_0 },
  226. { "4.1", Opt_vers_4_1 },
  227. { "4.2", Opt_vers_4_2 },
  228. {}
  229. };
  230. enum {
  231. Opt_xprt_rdma,
  232. Opt_xprt_rdma6,
  233. Opt_xprt_tcp,
  234. Opt_xprt_tcp6,
  235. Opt_xprt_udp,
  236. Opt_xprt_udp6,
  237. nr__Opt_xprt
  238. };
  239. static const struct constant_table nfs_xprt_protocol_tokens[] = {
  240. { "rdma", Opt_xprt_rdma },
  241. { "rdma6", Opt_xprt_rdma6 },
  242. { "tcp", Opt_xprt_tcp },
  243. { "tcp6", Opt_xprt_tcp6 },
  244. { "udp", Opt_xprt_udp },
  245. { "udp6", Opt_xprt_udp6 },
  246. {}
  247. };
  248. enum {
  249. Opt_sec_krb5,
  250. Opt_sec_krb5i,
  251. Opt_sec_krb5p,
  252. Opt_sec_lkey,
  253. Opt_sec_lkeyi,
  254. Opt_sec_lkeyp,
  255. Opt_sec_none,
  256. Opt_sec_spkm,
  257. Opt_sec_spkmi,
  258. Opt_sec_spkmp,
  259. Opt_sec_sys,
  260. nr__Opt_sec
  261. };
  262. static const struct constant_table nfs_secflavor_tokens[] = {
  263. { "krb5", Opt_sec_krb5 },
  264. { "krb5i", Opt_sec_krb5i },
  265. { "krb5p", Opt_sec_krb5p },
  266. { "lkey", Opt_sec_lkey },
  267. { "lkeyi", Opt_sec_lkeyi },
  268. { "lkeyp", Opt_sec_lkeyp },
  269. { "none", Opt_sec_none },
  270. { "null", Opt_sec_none },
  271. { "spkm3", Opt_sec_spkm },
  272. { "spkm3i", Opt_sec_spkmi },
  273. { "spkm3p", Opt_sec_spkmp },
  274. { "sys", Opt_sec_sys },
  275. {}
  276. };
  277. enum {
  278. Opt_xprtsec_none,
  279. Opt_xprtsec_tls,
  280. Opt_xprtsec_mtls,
  281. nr__Opt_xprtsec
  282. };
  283. static const struct constant_table nfs_xprtsec_policies[] = {
  284. { "none", Opt_xprtsec_none },
  285. { "tls", Opt_xprtsec_tls },
  286. { "mtls", Opt_xprtsec_mtls },
  287. {}
  288. };
  289. static const struct constant_table nfs_rdirplus_tokens[] = {
  290. { "none", Opt_rdirplus_none },
  291. { "force", Opt_rdirplus_force },
  292. {}
  293. };
  294. /*
  295. * Sanity-check a server address provided by the mount command.
  296. *
  297. * Address family must be initialized, and address must not be
  298. * the ANY address for that family.
  299. */
  300. static int nfs_verify_server_address(struct sockaddr_storage *addr)
  301. {
  302. switch (addr->ss_family) {
  303. case AF_INET: {
  304. struct sockaddr_in *sa = (struct sockaddr_in *)addr;
  305. return sa->sin_addr.s_addr != htonl(INADDR_ANY);
  306. }
  307. case AF_INET6: {
  308. struct in6_addr *sa = &((struct sockaddr_in6 *)addr)->sin6_addr;
  309. return !ipv6_addr_any(sa);
  310. }
  311. }
  312. return 0;
  313. }
  314. #ifdef CONFIG_NFS_DISABLE_UDP_SUPPORT
  315. static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx)
  316. {
  317. return true;
  318. }
  319. #else
  320. static bool nfs_server_transport_udp_invalid(const struct nfs_fs_context *ctx)
  321. {
  322. if (ctx->version == 4)
  323. return true;
  324. return false;
  325. }
  326. #endif
  327. /*
  328. * Sanity check the NFS transport protocol.
  329. */
  330. static int nfs_validate_transport_protocol(struct fs_context *fc,
  331. struct nfs_fs_context *ctx)
  332. {
  333. switch (ctx->nfs_server.protocol) {
  334. case XPRT_TRANSPORT_UDP:
  335. if (nfs_server_transport_udp_invalid(ctx))
  336. goto out_invalid_transport_udp;
  337. break;
  338. case XPRT_TRANSPORT_TCP:
  339. case XPRT_TRANSPORT_RDMA:
  340. break;
  341. default:
  342. ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
  343. }
  344. if (ctx->xprtsec.policy != RPC_XPRTSEC_NONE)
  345. switch (ctx->nfs_server.protocol) {
  346. case XPRT_TRANSPORT_TCP:
  347. ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP_TLS;
  348. break;
  349. default:
  350. goto out_invalid_xprtsec_policy;
  351. }
  352. return 0;
  353. out_invalid_transport_udp:
  354. return nfs_invalf(fc, "NFS: Unsupported transport protocol udp");
  355. out_invalid_xprtsec_policy:
  356. return nfs_invalf(fc, "NFS: Transport does not support xprtsec");
  357. }
  358. /*
  359. * For text based NFSv2/v3 mounts, the mount protocol transport default
  360. * settings should depend upon the specified NFS transport.
  361. */
  362. static void nfs_set_mount_transport_protocol(struct nfs_fs_context *ctx)
  363. {
  364. if (ctx->mount_server.protocol == XPRT_TRANSPORT_UDP ||
  365. ctx->mount_server.protocol == XPRT_TRANSPORT_TCP)
  366. return;
  367. switch (ctx->nfs_server.protocol) {
  368. case XPRT_TRANSPORT_UDP:
  369. ctx->mount_server.protocol = XPRT_TRANSPORT_UDP;
  370. break;
  371. case XPRT_TRANSPORT_TCP:
  372. case XPRT_TRANSPORT_RDMA:
  373. ctx->mount_server.protocol = XPRT_TRANSPORT_TCP;
  374. }
  375. }
  376. /*
  377. * Add 'flavor' to 'auth_info' if not already present.
  378. * Returns true if 'flavor' ends up in the list, false otherwise
  379. */
  380. static int nfs_auth_info_add(struct fs_context *fc,
  381. struct nfs_auth_info *auth_info,
  382. rpc_authflavor_t flavor)
  383. {
  384. unsigned int i;
  385. unsigned int max_flavor_len = ARRAY_SIZE(auth_info->flavors);
  386. /* make sure this flavor isn't already in the list */
  387. for (i = 0; i < auth_info->flavor_len; i++) {
  388. if (flavor == auth_info->flavors[i])
  389. return 0;
  390. }
  391. if (auth_info->flavor_len + 1 >= max_flavor_len)
  392. return nfs_invalf(fc, "NFS: too many sec= flavors");
  393. auth_info->flavors[auth_info->flavor_len++] = flavor;
  394. return 0;
  395. }
  396. /*
  397. * Parse the value of the 'sec=' option.
  398. */
  399. static int nfs_parse_security_flavors(struct fs_context *fc,
  400. struct fs_parameter *param)
  401. {
  402. struct nfs_fs_context *ctx = nfs_fc2context(fc);
  403. rpc_authflavor_t pseudoflavor;
  404. char *string = param->string, *p;
  405. int ret;
  406. trace_nfs_mount_assign(param->key, string);
  407. while ((p = strsep(&string, ":")) != NULL) {
  408. if (!*p)
  409. continue;
  410. switch (lookup_constant(nfs_secflavor_tokens, p, -1)) {
  411. case Opt_sec_none:
  412. pseudoflavor = RPC_AUTH_NULL;
  413. break;
  414. case Opt_sec_sys:
  415. pseudoflavor = RPC_AUTH_UNIX;
  416. break;
  417. case Opt_sec_krb5:
  418. pseudoflavor = RPC_AUTH_GSS_KRB5;
  419. break;
  420. case Opt_sec_krb5i:
  421. pseudoflavor = RPC_AUTH_GSS_KRB5I;
  422. break;
  423. case Opt_sec_krb5p:
  424. pseudoflavor = RPC_AUTH_GSS_KRB5P;
  425. break;
  426. case Opt_sec_lkey:
  427. pseudoflavor = RPC_AUTH_GSS_LKEY;
  428. break;
  429. case Opt_sec_lkeyi:
  430. pseudoflavor = RPC_AUTH_GSS_LKEYI;
  431. break;
  432. case Opt_sec_lkeyp:
  433. pseudoflavor = RPC_AUTH_GSS_LKEYP;
  434. break;
  435. case Opt_sec_spkm:
  436. pseudoflavor = RPC_AUTH_GSS_SPKM;
  437. break;
  438. case Opt_sec_spkmi:
  439. pseudoflavor = RPC_AUTH_GSS_SPKMI;
  440. break;
  441. case Opt_sec_spkmp:
  442. pseudoflavor = RPC_AUTH_GSS_SPKMP;
  443. break;
  444. default:
  445. return nfs_invalf(fc, "NFS: sec=%s option not recognized", p);
  446. }
  447. ret = nfs_auth_info_add(fc, &ctx->auth_info, pseudoflavor);
  448. if (ret < 0)
  449. return ret;
  450. }
  451. return 0;
  452. }
  453. static int nfs_parse_xprtsec_policy(struct fs_context *fc,
  454. struct fs_parameter *param)
  455. {
  456. struct nfs_fs_context *ctx = nfs_fc2context(fc);
  457. trace_nfs_mount_assign(param->key, param->string);
  458. switch (lookup_constant(nfs_xprtsec_policies, param->string, -1)) {
  459. case Opt_xprtsec_none:
  460. ctx->xprtsec.policy = RPC_XPRTSEC_NONE;
  461. break;
  462. case Opt_xprtsec_tls:
  463. ctx->xprtsec.policy = RPC_XPRTSEC_TLS_ANON;
  464. break;
  465. case Opt_xprtsec_mtls:
  466. ctx->xprtsec.policy = RPC_XPRTSEC_TLS_X509;
  467. break;
  468. default:
  469. return nfs_invalf(fc, "NFS: Unrecognized transport security policy");
  470. }
  471. return 0;
  472. }
  473. static int nfs_parse_version_string(struct fs_context *fc,
  474. const char *string)
  475. {
  476. struct nfs_fs_context *ctx = nfs_fc2context(fc);
  477. ctx->flags &= ~NFS_MOUNT_VER3;
  478. switch (lookup_constant(nfs_vers_tokens, string, -1)) {
  479. case Opt_vers_2:
  480. ctx->version = 2;
  481. break;
  482. case Opt_vers_3:
  483. ctx->flags |= NFS_MOUNT_VER3;
  484. ctx->version = 3;
  485. break;
  486. case Opt_vers_4:
  487. /* Backward compatibility option. In future,
  488. * the mount program should always supply
  489. * a NFSv4 minor version number.
  490. */
  491. ctx->version = 4;
  492. break;
  493. case Opt_vers_4_0:
  494. ctx->version = 4;
  495. ctx->minorversion = 0;
  496. break;
  497. case Opt_vers_4_1:
  498. ctx->version = 4;
  499. ctx->minorversion = 1;
  500. break;
  501. case Opt_vers_4_2:
  502. ctx->version = 4;
  503. ctx->minorversion = 2;
  504. break;
  505. default:
  506. return nfs_invalf(fc, "NFS: Unsupported NFS version");
  507. }
  508. return 0;
  509. }
  510. #ifdef CONFIG_KEYS
  511. static int nfs_tls_key_verify(key_serial_t key_id)
  512. {
  513. struct key *key = key_lookup(key_id);
  514. int error = 0;
  515. if (IS_ERR(key)) {
  516. pr_err("key id %08x not found\n", key_id);
  517. return PTR_ERR(key);
  518. }
  519. if (test_bit(KEY_FLAG_REVOKED, &key->flags) ||
  520. test_bit(KEY_FLAG_INVALIDATED, &key->flags)) {
  521. pr_err("key id %08x revoked\n", key_id);
  522. error = -EKEYREVOKED;
  523. }
  524. key_put(key);
  525. return error;
  526. }
  527. #else
  528. static inline int nfs_tls_key_verify(key_serial_t key_id)
  529. {
  530. return -ENOENT;
  531. }
  532. #endif /* CONFIG_KEYS */
  533. /*
  534. * Parse a single mount parameter.
  535. */
  536. static int nfs_fs_context_parse_param(struct fs_context *fc,
  537. struct fs_parameter *param)
  538. {
  539. struct fs_parse_result result;
  540. struct nfs_fs_context *ctx = nfs_fc2context(fc);
  541. unsigned short protofamily, mountfamily;
  542. unsigned int len;
  543. int ret, opt;
  544. trace_nfs_mount_option(param);
  545. opt = fs_parse(fc, nfs_fs_parameters, param, &result);
  546. if (opt < 0)
  547. return (opt == -ENOPARAM && ctx->sloppy) ? 1 : opt;
  548. if (fc->security)
  549. ctx->has_sec_mnt_opts = 1;
  550. switch (opt) {
  551. case Opt_source:
  552. if (fc->source)
  553. return nfs_invalf(fc, "NFS: Multiple sources not supported");
  554. fc->source = param->string;
  555. param->string = NULL;
  556. break;
  557. /*
  558. * boolean options: foo/nofoo
  559. */
  560. case Opt_soft:
  561. ctx->flags |= NFS_MOUNT_SOFT;
  562. ctx->flags &= ~NFS_MOUNT_SOFTERR;
  563. break;
  564. case Opt_softerr:
  565. ctx->flags |= NFS_MOUNT_SOFTERR | NFS_MOUNT_SOFTREVAL;
  566. ctx->flags &= ~NFS_MOUNT_SOFT;
  567. break;
  568. case Opt_hard:
  569. ctx->flags &= ~(NFS_MOUNT_SOFT |
  570. NFS_MOUNT_SOFTERR |
  571. NFS_MOUNT_SOFTREVAL);
  572. break;
  573. case Opt_softreval:
  574. if (result.negated)
  575. ctx->flags &= ~NFS_MOUNT_SOFTREVAL;
  576. else
  577. ctx->flags |= NFS_MOUNT_SOFTREVAL;
  578. break;
  579. case Opt_posix:
  580. if (result.negated)
  581. ctx->flags &= ~NFS_MOUNT_POSIX;
  582. else
  583. ctx->flags |= NFS_MOUNT_POSIX;
  584. break;
  585. case Opt_cto:
  586. if (result.negated)
  587. ctx->flags |= NFS_MOUNT_NOCTO;
  588. else
  589. ctx->flags &= ~NFS_MOUNT_NOCTO;
  590. break;
  591. case Opt_trunkdiscovery:
  592. if (result.negated)
  593. ctx->flags &= ~NFS_MOUNT_TRUNK_DISCOVERY;
  594. else
  595. ctx->flags |= NFS_MOUNT_TRUNK_DISCOVERY;
  596. break;
  597. case Opt_alignwrite:
  598. if (result.negated)
  599. ctx->flags |= NFS_MOUNT_NO_ALIGNWRITE;
  600. else
  601. ctx->flags &= ~NFS_MOUNT_NO_ALIGNWRITE;
  602. break;
  603. case Opt_ac:
  604. if (result.negated)
  605. ctx->flags |= NFS_MOUNT_NOAC;
  606. else
  607. ctx->flags &= ~NFS_MOUNT_NOAC;
  608. break;
  609. case Opt_lock:
  610. if (result.negated) {
  611. ctx->lock_status = NFS_LOCK_NOLOCK;
  612. ctx->flags |= NFS_MOUNT_NONLM;
  613. ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL);
  614. } else {
  615. ctx->lock_status = NFS_LOCK_LOCK;
  616. ctx->flags &= ~NFS_MOUNT_NONLM;
  617. ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK | NFS_MOUNT_LOCAL_FCNTL);
  618. }
  619. break;
  620. case Opt_udp:
  621. ctx->flags &= ~NFS_MOUNT_TCP;
  622. ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
  623. break;
  624. case Opt_tcp:
  625. case Opt_rdma:
  626. ctx->flags |= NFS_MOUNT_TCP; /* for side protocols */
  627. ret = xprt_find_transport_ident(param->key);
  628. if (ret < 0)
  629. goto out_bad_transport;
  630. ctx->nfs_server.protocol = ret;
  631. break;
  632. case Opt_acl:
  633. if (result.negated)
  634. ctx->flags |= NFS_MOUNT_NOACL;
  635. else
  636. ctx->flags &= ~NFS_MOUNT_NOACL;
  637. break;
  638. case Opt_rdirplus:
  639. if (result.negated) {
  640. ctx->flags &= ~NFS_MOUNT_FORCE_RDIRPLUS;
  641. ctx->flags |= NFS_MOUNT_NORDIRPLUS;
  642. } else if (!param->string) {
  643. ctx->flags &= ~(NFS_MOUNT_NORDIRPLUS | NFS_MOUNT_FORCE_RDIRPLUS);
  644. } else {
  645. switch (lookup_constant(nfs_rdirplus_tokens, param->string, -1)) {
  646. case Opt_rdirplus_none:
  647. ctx->flags &= ~NFS_MOUNT_FORCE_RDIRPLUS;
  648. ctx->flags |= NFS_MOUNT_NORDIRPLUS;
  649. break;
  650. case Opt_rdirplus_force:
  651. ctx->flags &= ~NFS_MOUNT_NORDIRPLUS;
  652. ctx->flags |= NFS_MOUNT_FORCE_RDIRPLUS;
  653. break;
  654. default:
  655. goto out_invalid_value;
  656. }
  657. }
  658. break;
  659. case Opt_sharecache:
  660. if (result.negated)
  661. ctx->flags |= NFS_MOUNT_UNSHARED;
  662. else
  663. ctx->flags &= ~NFS_MOUNT_UNSHARED;
  664. break;
  665. case Opt_resvport:
  666. if (result.negated)
  667. ctx->flags |= NFS_MOUNT_NORESVPORT;
  668. else
  669. ctx->flags &= ~NFS_MOUNT_NORESVPORT;
  670. break;
  671. case Opt_fscache_flag:
  672. if (result.negated)
  673. ctx->options &= ~NFS_OPTION_FSCACHE;
  674. else
  675. ctx->options |= NFS_OPTION_FSCACHE;
  676. kfree(ctx->fscache_uniq);
  677. ctx->fscache_uniq = NULL;
  678. break;
  679. case Opt_fscache:
  680. trace_nfs_mount_assign(param->key, param->string);
  681. ctx->options |= NFS_OPTION_FSCACHE;
  682. kfree(ctx->fscache_uniq);
  683. ctx->fscache_uniq = param->string;
  684. param->string = NULL;
  685. break;
  686. case Opt_migration:
  687. if (result.negated)
  688. ctx->options &= ~NFS_OPTION_MIGRATION;
  689. else
  690. ctx->options |= NFS_OPTION_MIGRATION;
  691. break;
  692. /*
  693. * options that take numeric values
  694. */
  695. case Opt_port:
  696. if (result.uint_32 > USHRT_MAX)
  697. goto out_of_bounds;
  698. ctx->nfs_server.port = result.uint_32;
  699. break;
  700. case Opt_rsize:
  701. ctx->rsize = result.uint_32;
  702. break;
  703. case Opt_wsize:
  704. ctx->wsize = result.uint_32;
  705. break;
  706. case Opt_bsize:
  707. ctx->bsize = result.uint_32;
  708. break;
  709. case Opt_timeo:
  710. if (result.uint_32 < 1 || result.uint_32 > INT_MAX)
  711. goto out_of_bounds;
  712. ctx->timeo = result.uint_32;
  713. break;
  714. case Opt_retrans:
  715. if (result.uint_32 > INT_MAX)
  716. goto out_of_bounds;
  717. ctx->retrans = result.uint_32;
  718. break;
  719. case Opt_acregmin:
  720. ctx->acregmin = result.uint_32;
  721. break;
  722. case Opt_acregmax:
  723. ctx->acregmax = result.uint_32;
  724. break;
  725. case Opt_acdirmin:
  726. ctx->acdirmin = result.uint_32;
  727. break;
  728. case Opt_acdirmax:
  729. ctx->acdirmax = result.uint_32;
  730. break;
  731. case Opt_actimeo:
  732. ctx->acregmin = result.uint_32;
  733. ctx->acregmax = result.uint_32;
  734. ctx->acdirmin = result.uint_32;
  735. ctx->acdirmax = result.uint_32;
  736. break;
  737. case Opt_namelen:
  738. ctx->namlen = result.uint_32;
  739. break;
  740. case Opt_mountport:
  741. if (result.uint_32 > USHRT_MAX)
  742. goto out_of_bounds;
  743. ctx->mount_server.port = result.uint_32;
  744. break;
  745. case Opt_mountvers:
  746. if (result.uint_32 < NFS_MNT_VERSION ||
  747. result.uint_32 > NFS_MNT3_VERSION)
  748. goto out_of_bounds;
  749. ctx->mount_server.version = result.uint_32;
  750. break;
  751. case Opt_minorversion:
  752. if (result.uint_32 < NFS4_MIN_MINOR_VERSION ||
  753. result.uint_32 > NFS4_MAX_MINOR_VERSION)
  754. goto out_of_bounds;
  755. ctx->minorversion = result.uint_32;
  756. break;
  757. /*
  758. * options that take text values
  759. */
  760. case Opt_v:
  761. ret = nfs_parse_version_string(fc, param->key + 1);
  762. if (ret < 0)
  763. return ret;
  764. break;
  765. case Opt_vers:
  766. if (!param->string)
  767. goto out_invalid_value;
  768. trace_nfs_mount_assign(param->key, param->string);
  769. ret = nfs_parse_version_string(fc, param->string);
  770. if (ret < 0)
  771. return ret;
  772. break;
  773. case Opt_sec:
  774. ret = nfs_parse_security_flavors(fc, param);
  775. if (ret < 0)
  776. return ret;
  777. break;
  778. case Opt_xprtsec:
  779. ret = nfs_parse_xprtsec_policy(fc, param);
  780. if (ret < 0)
  781. return ret;
  782. break;
  783. case Opt_cert_serial:
  784. ret = nfs_tls_key_verify(result.int_32);
  785. if (ret < 0)
  786. return ret;
  787. ctx->xprtsec.cert_serial = result.int_32;
  788. break;
  789. case Opt_privkey_serial:
  790. ret = nfs_tls_key_verify(result.int_32);
  791. if (ret < 0)
  792. return ret;
  793. ctx->xprtsec.privkey_serial = result.int_32;
  794. break;
  795. case Opt_proto:
  796. if (!param->string)
  797. goto out_invalid_value;
  798. trace_nfs_mount_assign(param->key, param->string);
  799. protofamily = AF_INET;
  800. switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) {
  801. case Opt_xprt_udp6:
  802. protofamily = AF_INET6;
  803. fallthrough;
  804. case Opt_xprt_udp:
  805. ctx->flags &= ~NFS_MOUNT_TCP;
  806. ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
  807. break;
  808. case Opt_xprt_tcp6:
  809. protofamily = AF_INET6;
  810. fallthrough;
  811. case Opt_xprt_tcp:
  812. ctx->flags |= NFS_MOUNT_TCP;
  813. ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
  814. break;
  815. case Opt_xprt_rdma6:
  816. protofamily = AF_INET6;
  817. fallthrough;
  818. case Opt_xprt_rdma:
  819. /* vector side protocols to TCP */
  820. ctx->flags |= NFS_MOUNT_TCP;
  821. ret = xprt_find_transport_ident(param->string);
  822. if (ret < 0)
  823. goto out_bad_transport;
  824. ctx->nfs_server.protocol = ret;
  825. break;
  826. default:
  827. goto out_bad_transport;
  828. }
  829. ctx->protofamily = protofamily;
  830. break;
  831. case Opt_mountproto:
  832. if (!param->string)
  833. goto out_invalid_value;
  834. trace_nfs_mount_assign(param->key, param->string);
  835. mountfamily = AF_INET;
  836. switch (lookup_constant(nfs_xprt_protocol_tokens, param->string, -1)) {
  837. case Opt_xprt_udp6:
  838. mountfamily = AF_INET6;
  839. fallthrough;
  840. case Opt_xprt_udp:
  841. ctx->mount_server.protocol = XPRT_TRANSPORT_UDP;
  842. break;
  843. case Opt_xprt_tcp6:
  844. mountfamily = AF_INET6;
  845. fallthrough;
  846. case Opt_xprt_tcp:
  847. ctx->mount_server.protocol = XPRT_TRANSPORT_TCP;
  848. break;
  849. case Opt_xprt_rdma: /* not used for side protocols */
  850. default:
  851. goto out_bad_transport;
  852. }
  853. ctx->mountfamily = mountfamily;
  854. break;
  855. case Opt_addr:
  856. trace_nfs_mount_assign(param->key, param->string);
  857. len = rpc_pton(fc->net_ns, param->string, param->size,
  858. &ctx->nfs_server.address,
  859. sizeof(ctx->nfs_server._address));
  860. if (len == 0)
  861. goto out_invalid_address;
  862. ctx->nfs_server.addrlen = len;
  863. break;
  864. case Opt_clientaddr:
  865. trace_nfs_mount_assign(param->key, param->string);
  866. kfree(ctx->client_address);
  867. ctx->client_address = param->string;
  868. param->string = NULL;
  869. break;
  870. case Opt_mounthost:
  871. trace_nfs_mount_assign(param->key, param->string);
  872. kfree(ctx->mount_server.hostname);
  873. ctx->mount_server.hostname = param->string;
  874. param->string = NULL;
  875. break;
  876. case Opt_mountaddr:
  877. trace_nfs_mount_assign(param->key, param->string);
  878. len = rpc_pton(fc->net_ns, param->string, param->size,
  879. &ctx->mount_server.address,
  880. sizeof(ctx->mount_server._address));
  881. if (len == 0)
  882. goto out_invalid_address;
  883. ctx->mount_server.addrlen = len;
  884. break;
  885. case Opt_nconnect:
  886. trace_nfs_mount_assign(param->key, param->string);
  887. if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_CONNECTIONS)
  888. goto out_of_bounds;
  889. ctx->nfs_server.nconnect = result.uint_32;
  890. break;
  891. case Opt_max_connect:
  892. trace_nfs_mount_assign(param->key, param->string);
  893. if (result.uint_32 < 1 || result.uint_32 > NFS_MAX_TRANSPORTS)
  894. goto out_of_bounds;
  895. ctx->nfs_server.max_connect = result.uint_32;
  896. break;
  897. case Opt_fatal_neterrors:
  898. trace_nfs_mount_assign(param->key, param->string);
  899. switch (result.uint_32) {
  900. case Opt_fatal_neterrors_default:
  901. if (fc->net_ns != &init_net)
  902. ctx->flags |= NFS_MOUNT_NETUNREACH_FATAL;
  903. else
  904. ctx->flags &= ~NFS_MOUNT_NETUNREACH_FATAL;
  905. break;
  906. case Opt_fatal_neterrors_enetunreach:
  907. ctx->flags |= NFS_MOUNT_NETUNREACH_FATAL;
  908. break;
  909. case Opt_fatal_neterrors_none:
  910. ctx->flags &= ~NFS_MOUNT_NETUNREACH_FATAL;
  911. break;
  912. default:
  913. goto out_invalid_value;
  914. }
  915. break;
  916. case Opt_lookupcache:
  917. trace_nfs_mount_assign(param->key, param->string);
  918. switch (result.uint_32) {
  919. case Opt_lookupcache_all:
  920. ctx->flags &= ~(NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE);
  921. break;
  922. case Opt_lookupcache_positive:
  923. ctx->flags &= ~NFS_MOUNT_LOOKUP_CACHE_NONE;
  924. ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG;
  925. break;
  926. case Opt_lookupcache_none:
  927. ctx->flags |= NFS_MOUNT_LOOKUP_CACHE_NONEG|NFS_MOUNT_LOOKUP_CACHE_NONE;
  928. break;
  929. default:
  930. goto out_invalid_value;
  931. }
  932. break;
  933. case Opt_local_lock:
  934. trace_nfs_mount_assign(param->key, param->string);
  935. switch (result.uint_32) {
  936. case Opt_local_lock_all:
  937. ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK |
  938. NFS_MOUNT_LOCAL_FCNTL);
  939. break;
  940. case Opt_local_lock_flock:
  941. ctx->flags |= NFS_MOUNT_LOCAL_FLOCK;
  942. break;
  943. case Opt_local_lock_posix:
  944. ctx->flags |= NFS_MOUNT_LOCAL_FCNTL;
  945. break;
  946. case Opt_local_lock_none:
  947. ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK |
  948. NFS_MOUNT_LOCAL_FCNTL);
  949. break;
  950. default:
  951. goto out_invalid_value;
  952. }
  953. break;
  954. case Opt_write:
  955. trace_nfs_mount_assign(param->key, param->string);
  956. switch (result.uint_32) {
  957. case Opt_write_lazy:
  958. ctx->flags &=
  959. ~(NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT);
  960. break;
  961. case Opt_write_eager:
  962. ctx->flags |= NFS_MOUNT_WRITE_EAGER;
  963. ctx->flags &= ~NFS_MOUNT_WRITE_WAIT;
  964. break;
  965. case Opt_write_wait:
  966. ctx->flags |=
  967. NFS_MOUNT_WRITE_EAGER | NFS_MOUNT_WRITE_WAIT;
  968. break;
  969. default:
  970. goto out_invalid_value;
  971. }
  972. break;
  973. /*
  974. * Special options
  975. */
  976. case Opt_sloppy:
  977. ctx->sloppy = true;
  978. break;
  979. }
  980. return 0;
  981. out_invalid_value:
  982. return nfs_invalf(fc, "NFS: Bad mount option value specified");
  983. out_invalid_address:
  984. return nfs_invalf(fc, "NFS: Bad IP address specified");
  985. out_of_bounds:
  986. return nfs_invalf(fc, "NFS: Value for '%s' out of range", param->key);
  987. out_bad_transport:
  988. return nfs_invalf(fc, "NFS: Unrecognized transport protocol");
  989. }
  990. /*
  991. * Split fc->source into "hostname:export_path".
  992. *
  993. * The leftmost colon demarks the split between the server's hostname
  994. * and the export path. If the hostname starts with a left square
  995. * bracket, then it may contain colons.
  996. *
  997. * Note: caller frees hostname and export path, even on error.
  998. */
  999. static int nfs_parse_source(struct fs_context *fc,
  1000. size_t maxnamlen, size_t maxpathlen)
  1001. {
  1002. struct nfs_fs_context *ctx = nfs_fc2context(fc);
  1003. const char *dev_name = fc->source;
  1004. size_t len;
  1005. const char *end;
  1006. if (unlikely(!dev_name || !*dev_name))
  1007. return -EINVAL;
  1008. /* Is the host name protected with square brakcets? */
  1009. if (*dev_name == '[') {
  1010. end = strchr(++dev_name, ']');
  1011. if (end == NULL || end[1] != ':')
  1012. goto out_bad_devname;
  1013. len = end - dev_name;
  1014. end++;
  1015. } else {
  1016. const char *comma;
  1017. end = strchr(dev_name, ':');
  1018. if (end == NULL)
  1019. goto out_bad_devname;
  1020. len = end - dev_name;
  1021. /* kill possible hostname list: not supported */
  1022. comma = memchr(dev_name, ',', len);
  1023. if (comma)
  1024. len = comma - dev_name;
  1025. }
  1026. if (len > maxnamlen)
  1027. goto out_hostname;
  1028. kfree(ctx->nfs_server.hostname);
  1029. /* N.B. caller will free nfs_server.hostname in all cases */
  1030. ctx->nfs_server.hostname = kmemdup_nul(dev_name, len, GFP_KERNEL);
  1031. if (!ctx->nfs_server.hostname)
  1032. goto out_nomem;
  1033. len = strlen(++end);
  1034. if (len > maxpathlen)
  1035. goto out_path;
  1036. ctx->nfs_server.export_path = kmemdup_nul(end, len, GFP_KERNEL);
  1037. if (!ctx->nfs_server.export_path)
  1038. goto out_nomem;
  1039. trace_nfs_mount_path(ctx->nfs_server.export_path);
  1040. return 0;
  1041. out_bad_devname:
  1042. return nfs_invalf(fc, "NFS: device name not in host:path format");
  1043. out_nomem:
  1044. nfs_errorf(fc, "NFS: not enough memory to parse device name");
  1045. return -ENOMEM;
  1046. out_hostname:
  1047. nfs_errorf(fc, "NFS: server hostname too long");
  1048. return -ENAMETOOLONG;
  1049. out_path:
  1050. nfs_errorf(fc, "NFS: export pathname too long");
  1051. return -ENAMETOOLONG;
  1052. }
  1053. static inline bool is_remount_fc(struct fs_context *fc)
  1054. {
  1055. return fc->root != NULL;
  1056. }
  1057. /*
  1058. * Parse monolithic NFS2/NFS3 mount data
  1059. * - fills in the mount root filehandle
  1060. *
  1061. * For option strings, user space handles the following behaviors:
  1062. *
  1063. * + DNS: mapping server host name to IP address ("addr=" option)
  1064. *
  1065. * + failure mode: how to behave if a mount request can't be handled
  1066. * immediately ("fg/bg" option)
  1067. *
  1068. * + retry: how often to retry a mount request ("retry=" option)
  1069. *
  1070. * + breaking back: trying proto=udp after proto=tcp, v2 after v3,
  1071. * mountproto=tcp after mountproto=udp, and so on
  1072. */
  1073. static int nfs23_parse_monolithic(struct fs_context *fc,
  1074. struct nfs_mount_data *data)
  1075. {
  1076. struct nfs_fs_context *ctx = nfs_fc2context(fc);
  1077. struct nfs_fh *mntfh = ctx->mntfh;
  1078. struct sockaddr_storage *sap = &ctx->nfs_server._address;
  1079. int extra_flags = NFS_MOUNT_LEGACY_INTERFACE;
  1080. int ret;
  1081. if (data == NULL)
  1082. goto out_no_data;
  1083. ctx->version = NFS_DEFAULT_VERSION;
  1084. switch (data->version) {
  1085. case 1:
  1086. data->namlen = 0;
  1087. fallthrough;
  1088. case 2:
  1089. data->bsize = 0;
  1090. fallthrough;
  1091. case 3:
  1092. if (data->flags & NFS_MOUNT_VER3)
  1093. goto out_no_v3;
  1094. data->root.size = NFS2_FHSIZE;
  1095. memcpy(data->root.data, data->old_root.data, NFS2_FHSIZE);
  1096. /* Turn off security negotiation */
  1097. extra_flags |= NFS_MOUNT_SECFLAVOUR;
  1098. fallthrough;
  1099. case 4:
  1100. if (data->flags & NFS_MOUNT_SECFLAVOUR)
  1101. goto out_no_sec;
  1102. fallthrough;
  1103. case 5:
  1104. memset(data->context, 0, sizeof(data->context));
  1105. fallthrough;
  1106. case 6:
  1107. if (data->flags & NFS_MOUNT_VER3) {
  1108. if (data->root.size > NFS3_FHSIZE || data->root.size == 0)
  1109. goto out_invalid_fh;
  1110. mntfh->size = data->root.size;
  1111. ctx->version = 3;
  1112. } else {
  1113. mntfh->size = NFS2_FHSIZE;
  1114. ctx->version = 2;
  1115. }
  1116. memcpy(mntfh->data, data->root.data, mntfh->size);
  1117. if (mntfh->size < sizeof(mntfh->data))
  1118. memset(mntfh->data + mntfh->size, 0,
  1119. sizeof(mntfh->data) - mntfh->size);
  1120. /*
  1121. * for proto == XPRT_TRANSPORT_UDP, which is what uses
  1122. * to_exponential, implying shift: limit the shift value
  1123. * to BITS_PER_LONG (majortimeo is unsigned long)
  1124. */
  1125. if (!(data->flags & NFS_MOUNT_TCP)) /* this will be UDP */
  1126. if (data->retrans >= 64) /* shift value is too large */
  1127. goto out_invalid_data;
  1128. /*
  1129. * Translate to nfs_fs_context, which nfs_fill_super
  1130. * can deal with.
  1131. */
  1132. ctx->flags = data->flags & NFS_MOUNT_FLAGMASK;
  1133. ctx->flags |= extra_flags;
  1134. ctx->rsize = data->rsize;
  1135. ctx->wsize = data->wsize;
  1136. ctx->timeo = data->timeo;
  1137. ctx->retrans = data->retrans;
  1138. ctx->acregmin = data->acregmin;
  1139. ctx->acregmax = data->acregmax;
  1140. ctx->acdirmin = data->acdirmin;
  1141. ctx->acdirmax = data->acdirmax;
  1142. ctx->need_mount = false;
  1143. if (!is_remount_fc(fc)) {
  1144. memcpy(sap, &data->addr, sizeof(data->addr));
  1145. ctx->nfs_server.addrlen = sizeof(data->addr);
  1146. ctx->nfs_server.port = ntohs(data->addr.sin_port);
  1147. }
  1148. if (sap->ss_family != AF_INET ||
  1149. !nfs_verify_server_address(sap))
  1150. goto out_no_address;
  1151. if (!(data->flags & NFS_MOUNT_TCP))
  1152. ctx->nfs_server.protocol = XPRT_TRANSPORT_UDP;
  1153. /* N.B. caller will free nfs_server.hostname in all cases */
  1154. ctx->nfs_server.hostname = kstrdup(data->hostname, GFP_KERNEL);
  1155. if (!ctx->nfs_server.hostname)
  1156. goto out_nomem;
  1157. ctx->namlen = data->namlen;
  1158. ctx->bsize = data->bsize;
  1159. if (data->flags & NFS_MOUNT_SECFLAVOUR)
  1160. ctx->selected_flavor = data->pseudoflavor;
  1161. else
  1162. ctx->selected_flavor = RPC_AUTH_UNIX;
  1163. if (!(data->flags & NFS_MOUNT_NONLM))
  1164. ctx->flags &= ~(NFS_MOUNT_LOCAL_FLOCK|
  1165. NFS_MOUNT_LOCAL_FCNTL);
  1166. else
  1167. ctx->flags |= (NFS_MOUNT_LOCAL_FLOCK|
  1168. NFS_MOUNT_LOCAL_FCNTL);
  1169. /*
  1170. * The legacy version 6 binary mount data from userspace has a
  1171. * field used only to transport selinux information into the
  1172. * kernel. To continue to support that functionality we
  1173. * have a touch of selinux knowledge here in the NFS code. The
  1174. * userspace code converted context=blah to just blah so we are
  1175. * converting back to the full string selinux understands.
  1176. */
  1177. if (data->context[0]){
  1178. #ifdef CONFIG_SECURITY_SELINUX
  1179. int ret;
  1180. data->context[NFS_MAX_CONTEXT_LEN] = '\0';
  1181. ret = vfs_parse_fs_string(fc, "context", data->context);
  1182. if (ret < 0)
  1183. return ret;
  1184. #else
  1185. return -EINVAL;
  1186. #endif
  1187. }
  1188. break;
  1189. default:
  1190. goto generic;
  1191. }
  1192. ret = nfs_validate_transport_protocol(fc, ctx);
  1193. if (ret)
  1194. return ret;
  1195. ctx->skip_reconfig_option_check = true;
  1196. return 0;
  1197. generic:
  1198. return generic_parse_monolithic(fc, data);
  1199. out_no_data:
  1200. if (is_remount_fc(fc)) {
  1201. ctx->skip_reconfig_option_check = true;
  1202. return 0;
  1203. }
  1204. return nfs_invalf(fc, "NFS: mount program didn't pass any mount data");
  1205. out_no_v3:
  1206. return nfs_invalf(fc, "NFS: nfs_mount_data version does not support v3");
  1207. out_no_sec:
  1208. return nfs_invalf(fc, "NFS: nfs_mount_data version supports only AUTH_SYS");
  1209. out_nomem:
  1210. return -ENOMEM;
  1211. out_no_address:
  1212. return nfs_invalf(fc, "NFS: mount program didn't pass remote address");
  1213. out_invalid_fh:
  1214. return nfs_invalf(fc, "NFS: invalid root filehandle");
  1215. out_invalid_data:
  1216. return nfs_invalf(fc, "NFS: invalid binary mount data");
  1217. }
  1218. #if IS_ENABLED(CONFIG_NFS_V4)
  1219. struct compat_nfs_string {
  1220. compat_uint_t len;
  1221. compat_uptr_t data;
  1222. };
  1223. static inline void compat_nfs_string(struct nfs_string *dst,
  1224. struct compat_nfs_string *src)
  1225. {
  1226. dst->data = compat_ptr(src->data);
  1227. dst->len = src->len;
  1228. }
  1229. struct compat_nfs4_mount_data_v1 {
  1230. compat_int_t version;
  1231. compat_int_t flags;
  1232. compat_int_t rsize;
  1233. compat_int_t wsize;
  1234. compat_int_t timeo;
  1235. compat_int_t retrans;
  1236. compat_int_t acregmin;
  1237. compat_int_t acregmax;
  1238. compat_int_t acdirmin;
  1239. compat_int_t acdirmax;
  1240. struct compat_nfs_string client_addr;
  1241. struct compat_nfs_string mnt_path;
  1242. struct compat_nfs_string hostname;
  1243. compat_uint_t host_addrlen;
  1244. compat_uptr_t host_addr;
  1245. compat_int_t proto;
  1246. compat_int_t auth_flavourlen;
  1247. compat_uptr_t auth_flavours;
  1248. };
  1249. static void nfs4_compat_mount_data_conv(struct nfs4_mount_data *data)
  1250. {
  1251. struct compat_nfs4_mount_data_v1 *compat =
  1252. (struct compat_nfs4_mount_data_v1 *)data;
  1253. /* copy the fields backwards */
  1254. data->auth_flavours = compat_ptr(compat->auth_flavours);
  1255. data->auth_flavourlen = compat->auth_flavourlen;
  1256. data->proto = compat->proto;
  1257. data->host_addr = compat_ptr(compat->host_addr);
  1258. data->host_addrlen = compat->host_addrlen;
  1259. compat_nfs_string(&data->hostname, &compat->hostname);
  1260. compat_nfs_string(&data->mnt_path, &compat->mnt_path);
  1261. compat_nfs_string(&data->client_addr, &compat->client_addr);
  1262. data->acdirmax = compat->acdirmax;
  1263. data->acdirmin = compat->acdirmin;
  1264. data->acregmax = compat->acregmax;
  1265. data->acregmin = compat->acregmin;
  1266. data->retrans = compat->retrans;
  1267. data->timeo = compat->timeo;
  1268. data->wsize = compat->wsize;
  1269. data->rsize = compat->rsize;
  1270. data->flags = compat->flags;
  1271. data->version = compat->version;
  1272. }
  1273. /*
  1274. * Validate NFSv4 mount options
  1275. */
  1276. static int nfs4_parse_monolithic(struct fs_context *fc,
  1277. struct nfs4_mount_data *data)
  1278. {
  1279. struct nfs_fs_context *ctx = nfs_fc2context(fc);
  1280. struct sockaddr_storage *sap = &ctx->nfs_server._address;
  1281. int ret;
  1282. char *c;
  1283. if (!data) {
  1284. if (is_remount_fc(fc))
  1285. goto done;
  1286. return nfs_invalf(fc,
  1287. "NFS4: mount program didn't pass any mount data");
  1288. }
  1289. ctx->version = 4;
  1290. if (data->version != 1)
  1291. return generic_parse_monolithic(fc, data);
  1292. if (in_compat_syscall())
  1293. nfs4_compat_mount_data_conv(data);
  1294. if (data->host_addrlen > sizeof(ctx->nfs_server.address))
  1295. goto out_no_address;
  1296. if (data->host_addrlen == 0)
  1297. goto out_no_address;
  1298. ctx->nfs_server.addrlen = data->host_addrlen;
  1299. if (copy_from_user(sap, data->host_addr, data->host_addrlen))
  1300. return -EFAULT;
  1301. if (!nfs_verify_server_address(sap))
  1302. goto out_no_address;
  1303. ctx->nfs_server.port = ntohs(((struct sockaddr_in *)sap)->sin_port);
  1304. if (data->auth_flavourlen) {
  1305. rpc_authflavor_t pseudoflavor;
  1306. if (data->auth_flavourlen > 1)
  1307. goto out_inval_auth;
  1308. if (copy_from_user(&pseudoflavor, data->auth_flavours,
  1309. sizeof(pseudoflavor)))
  1310. return -EFAULT;
  1311. ctx->selected_flavor = pseudoflavor;
  1312. } else {
  1313. ctx->selected_flavor = RPC_AUTH_UNIX;
  1314. }
  1315. c = strndup_user(data->hostname.data, NFS4_MAXNAMLEN);
  1316. if (IS_ERR(c))
  1317. return PTR_ERR(c);
  1318. ctx->nfs_server.hostname = c;
  1319. c = strndup_user(data->mnt_path.data, NFS4_MAXPATHLEN);
  1320. if (IS_ERR(c))
  1321. return PTR_ERR(c);
  1322. ctx->nfs_server.export_path = c;
  1323. trace_nfs_mount_path(c);
  1324. c = strndup_user(data->client_addr.data, 16);
  1325. if (IS_ERR(c))
  1326. return PTR_ERR(c);
  1327. ctx->client_address = c;
  1328. /*
  1329. * Translate to nfs_fs_context, which nfs_fill_super
  1330. * can deal with.
  1331. */
  1332. ctx->flags = data->flags & NFS4_MOUNT_FLAGMASK;
  1333. ctx->rsize = data->rsize;
  1334. ctx->wsize = data->wsize;
  1335. ctx->timeo = data->timeo;
  1336. ctx->retrans = data->retrans;
  1337. ctx->acregmin = data->acregmin;
  1338. ctx->acregmax = data->acregmax;
  1339. ctx->acdirmin = data->acdirmin;
  1340. ctx->acdirmax = data->acdirmax;
  1341. ctx->nfs_server.protocol = data->proto;
  1342. ret = nfs_validate_transport_protocol(fc, ctx);
  1343. if (ret)
  1344. return ret;
  1345. done:
  1346. ctx->skip_reconfig_option_check = true;
  1347. return 0;
  1348. out_inval_auth:
  1349. return nfs_invalf(fc, "NFS4: Invalid number of RPC auth flavours %d",
  1350. data->auth_flavourlen);
  1351. out_no_address:
  1352. return nfs_invalf(fc, "NFS4: mount program didn't pass remote address");
  1353. }
  1354. #endif
  1355. /*
  1356. * Parse a monolithic block of data from sys_mount().
  1357. */
  1358. static int nfs_fs_context_parse_monolithic(struct fs_context *fc,
  1359. void *data)
  1360. {
  1361. if (fc->fs_type == &nfs_fs_type)
  1362. return nfs23_parse_monolithic(fc, data);
  1363. #if IS_ENABLED(CONFIG_NFS_V4)
  1364. if (fc->fs_type == &nfs4_fs_type)
  1365. return nfs4_parse_monolithic(fc, data);
  1366. #endif
  1367. return nfs_invalf(fc, "NFS: Unsupported monolithic data version");
  1368. }
  1369. /*
  1370. * Validate the preparsed information in the config.
  1371. */
  1372. static int nfs_fs_context_validate(struct fs_context *fc)
  1373. {
  1374. struct nfs_fs_context *ctx = nfs_fc2context(fc);
  1375. struct nfs_subversion *nfs_mod;
  1376. struct sockaddr_storage *sap = &ctx->nfs_server._address;
  1377. int max_namelen = PAGE_SIZE;
  1378. int max_pathlen = NFS_MAXPATHLEN;
  1379. int port = 0;
  1380. int ret;
  1381. if (!fc->source)
  1382. goto out_no_device_name;
  1383. /* Check for sanity first. */
  1384. if (ctx->minorversion && ctx->version != 4)
  1385. goto out_minorversion_mismatch;
  1386. if (ctx->options & NFS_OPTION_MIGRATION &&
  1387. (ctx->version != 4 || ctx->minorversion != 0))
  1388. goto out_migration_misuse;
  1389. /* Verify that any proto=/mountproto= options match the address
  1390. * families in the addr=/mountaddr= options.
  1391. */
  1392. if (ctx->protofamily != AF_UNSPEC &&
  1393. ctx->protofamily != ctx->nfs_server.address.sa_family)
  1394. goto out_proto_mismatch;
  1395. if (ctx->mountfamily != AF_UNSPEC) {
  1396. if (ctx->mount_server.addrlen) {
  1397. if (ctx->mountfamily != ctx->mount_server.address.sa_family)
  1398. goto out_mountproto_mismatch;
  1399. } else {
  1400. if (ctx->mountfamily != ctx->nfs_server.address.sa_family)
  1401. goto out_mountproto_mismatch;
  1402. }
  1403. }
  1404. if (!nfs_verify_server_address(sap))
  1405. goto out_no_address;
  1406. ret = nfs_validate_transport_protocol(fc, ctx);
  1407. if (ret)
  1408. return ret;
  1409. if (ctx->version == 4) {
  1410. if (IS_ENABLED(CONFIG_NFS_V4)) {
  1411. if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA)
  1412. port = NFS_RDMA_PORT;
  1413. else
  1414. port = NFS_PORT;
  1415. max_namelen = NFS4_MAXNAMLEN;
  1416. max_pathlen = NFS4_MAXPATHLEN;
  1417. ctx->flags &= ~(NFS_MOUNT_NONLM | NFS_MOUNT_NOACL |
  1418. NFS_MOUNT_VER3 | NFS_MOUNT_LOCAL_FLOCK |
  1419. NFS_MOUNT_LOCAL_FCNTL);
  1420. } else {
  1421. goto out_v4_not_compiled;
  1422. }
  1423. } else {
  1424. nfs_set_mount_transport_protocol(ctx);
  1425. if (ctx->nfs_server.protocol == XPRT_TRANSPORT_RDMA)
  1426. port = NFS_RDMA_PORT;
  1427. }
  1428. nfs_set_port(sap, &ctx->nfs_server.port, port);
  1429. ret = nfs_parse_source(fc, max_namelen, max_pathlen);
  1430. if (ret < 0)
  1431. return ret;
  1432. /* Load the NFS protocol module if we haven't done so yet */
  1433. if (!ctx->nfs_mod) {
  1434. nfs_mod = find_nfs_version(ctx->version);
  1435. if (IS_ERR(nfs_mod)) {
  1436. ret = PTR_ERR(nfs_mod);
  1437. goto out_version_unavailable;
  1438. }
  1439. ctx->nfs_mod = nfs_mod;
  1440. }
  1441. /* Ensure the filesystem context has the correct fs_type */
  1442. if (fc->fs_type != ctx->nfs_mod->nfs_fs) {
  1443. module_put(fc->fs_type->owner);
  1444. __module_get(ctx->nfs_mod->nfs_fs->owner);
  1445. fc->fs_type = ctx->nfs_mod->nfs_fs;
  1446. }
  1447. return 0;
  1448. out_no_device_name:
  1449. return nfs_invalf(fc, "NFS: Device name not specified");
  1450. out_v4_not_compiled:
  1451. nfs_errorf(fc, "NFS: NFSv4 is not compiled into kernel");
  1452. return -EPROTONOSUPPORT;
  1453. out_no_address:
  1454. return nfs_invalf(fc, "NFS: mount program didn't pass remote address");
  1455. out_mountproto_mismatch:
  1456. return nfs_invalf(fc, "NFS: Mount server address does not match mountproto= option");
  1457. out_proto_mismatch:
  1458. return nfs_invalf(fc, "NFS: Server address does not match proto= option");
  1459. out_minorversion_mismatch:
  1460. return nfs_invalf(fc, "NFS: Mount option vers=%u does not support minorversion=%u",
  1461. ctx->version, ctx->minorversion);
  1462. out_migration_misuse:
  1463. return nfs_invalf(fc, "NFS: 'Migration' not supported for this NFS version");
  1464. out_version_unavailable:
  1465. nfs_errorf(fc, "NFS: Version unavailable");
  1466. return ret;
  1467. }
  1468. /*
  1469. * Create an NFS superblock by the appropriate method.
  1470. */
  1471. static int nfs_get_tree(struct fs_context *fc)
  1472. {
  1473. struct nfs_fs_context *ctx = nfs_fc2context(fc);
  1474. int err = nfs_fs_context_validate(fc);
  1475. if (err)
  1476. return err;
  1477. if (!ctx->internal)
  1478. return ctx->nfs_mod->rpc_ops->try_get_tree(fc);
  1479. else
  1480. return nfs_get_tree_common(fc);
  1481. }
  1482. /*
  1483. * Handle duplication of a configuration. The caller copied *src into *sc, but
  1484. * it can't deal with resource pointers in the filesystem context, so we have
  1485. * to do that. We need to clear pointers, copy data or get extra refs as
  1486. * appropriate.
  1487. */
  1488. static int nfs_fs_context_dup(struct fs_context *fc, struct fs_context *src_fc)
  1489. {
  1490. struct nfs_fs_context *src = nfs_fc2context(src_fc), *ctx;
  1491. ctx = kmemdup(src, sizeof(struct nfs_fs_context), GFP_KERNEL);
  1492. if (!ctx)
  1493. return -ENOMEM;
  1494. ctx->mntfh = nfs_alloc_fhandle();
  1495. if (!ctx->mntfh) {
  1496. kfree(ctx);
  1497. return -ENOMEM;
  1498. }
  1499. nfs_copy_fh(ctx->mntfh, src->mntfh);
  1500. get_nfs_version(ctx->nfs_mod);
  1501. ctx->client_address = NULL;
  1502. ctx->mount_server.hostname = NULL;
  1503. ctx->nfs_server.export_path = NULL;
  1504. ctx->nfs_server.hostname = NULL;
  1505. ctx->fscache_uniq = NULL;
  1506. ctx->clone_data.fattr = NULL;
  1507. fc->fs_private = ctx;
  1508. return 0;
  1509. }
  1510. static void nfs_fs_context_free(struct fs_context *fc)
  1511. {
  1512. struct nfs_fs_context *ctx = nfs_fc2context(fc);
  1513. if (ctx) {
  1514. if (ctx->server)
  1515. nfs_free_server(ctx->server);
  1516. if (ctx->nfs_mod)
  1517. put_nfs_version(ctx->nfs_mod);
  1518. kfree(ctx->client_address);
  1519. kfree(ctx->mount_server.hostname);
  1520. kfree(ctx->nfs_server.export_path);
  1521. kfree(ctx->nfs_server.hostname);
  1522. kfree(ctx->fscache_uniq);
  1523. nfs_free_fhandle(ctx->mntfh);
  1524. nfs_free_fattr(ctx->clone_data.fattr);
  1525. kfree(ctx);
  1526. }
  1527. }
  1528. static const struct fs_context_operations nfs_fs_context_ops = {
  1529. .free = nfs_fs_context_free,
  1530. .dup = nfs_fs_context_dup,
  1531. .parse_param = nfs_fs_context_parse_param,
  1532. .parse_monolithic = nfs_fs_context_parse_monolithic,
  1533. .get_tree = nfs_get_tree,
  1534. .reconfigure = nfs_reconfigure,
  1535. };
  1536. /*
  1537. * Prepare superblock configuration. We use the namespaces attached to the
  1538. * context. This may be the current process's namespaces, or it may be a
  1539. * container's namespaces.
  1540. */
  1541. static int nfs_init_fs_context(struct fs_context *fc)
  1542. {
  1543. struct nfs_fs_context *ctx;
  1544. ctx = kzalloc_obj(struct nfs_fs_context);
  1545. if (unlikely(!ctx))
  1546. return -ENOMEM;
  1547. ctx->mntfh = nfs_alloc_fhandle();
  1548. if (unlikely(!ctx->mntfh)) {
  1549. kfree(ctx);
  1550. return -ENOMEM;
  1551. }
  1552. ctx->protofamily = AF_UNSPEC;
  1553. ctx->mountfamily = AF_UNSPEC;
  1554. ctx->mount_server.port = NFS_UNSPEC_PORT;
  1555. if (fc->root) {
  1556. /* reconfigure, start with the current config */
  1557. struct nfs_server *nfss = fc->root->d_sb->s_fs_info;
  1558. struct net *net = nfss->nfs_client->cl_net;
  1559. ctx->flags = nfss->flags;
  1560. ctx->rsize = nfss->rsize;
  1561. ctx->wsize = nfss->wsize;
  1562. ctx->retrans = nfss->client->cl_timeout->to_retries;
  1563. ctx->selected_flavor = nfss->client->cl_auth->au_flavor;
  1564. ctx->acregmin = nfss->acregmin / HZ;
  1565. ctx->acregmax = nfss->acregmax / HZ;
  1566. ctx->acdirmin = nfss->acdirmin / HZ;
  1567. ctx->acdirmax = nfss->acdirmax / HZ;
  1568. ctx->timeo = 10U * nfss->client->cl_timeout->to_initval / HZ;
  1569. ctx->nfs_server.port = nfss->port;
  1570. ctx->nfs_server.addrlen = nfss->nfs_client->cl_addrlen;
  1571. ctx->version = nfss->nfs_client->rpc_ops->version;
  1572. ctx->minorversion = nfss->nfs_client->cl_minorversion;
  1573. memcpy(&ctx->nfs_server._address, &nfss->nfs_client->cl_addr,
  1574. ctx->nfs_server.addrlen);
  1575. if (fc->net_ns != net) {
  1576. put_net(fc->net_ns);
  1577. fc->net_ns = get_net(net);
  1578. }
  1579. ctx->nfs_mod = nfss->nfs_client->cl_nfs_mod;
  1580. get_nfs_version(ctx->nfs_mod);
  1581. } else {
  1582. /* defaults */
  1583. ctx->timeo = NFS_UNSPEC_TIMEO;
  1584. ctx->retrans = NFS_UNSPEC_RETRANS;
  1585. ctx->acregmin = NFS_DEF_ACREGMIN;
  1586. ctx->acregmax = NFS_DEF_ACREGMAX;
  1587. ctx->acdirmin = NFS_DEF_ACDIRMIN;
  1588. ctx->acdirmax = NFS_DEF_ACDIRMAX;
  1589. ctx->nfs_server.port = NFS_UNSPEC_PORT;
  1590. ctx->nfs_server.protocol = XPRT_TRANSPORT_TCP;
  1591. ctx->selected_flavor = RPC_AUTH_MAXFLAVOR;
  1592. ctx->minorversion = 0;
  1593. ctx->need_mount = true;
  1594. ctx->xprtsec.policy = RPC_XPRTSEC_NONE;
  1595. ctx->xprtsec.cert_serial = TLS_NO_CERT;
  1596. ctx->xprtsec.privkey_serial = TLS_NO_PRIVKEY;
  1597. if (fc->net_ns != &init_net)
  1598. ctx->flags |= NFS_MOUNT_NETUNREACH_FATAL;
  1599. fc->s_iflags |= SB_I_STABLE_WRITES;
  1600. }
  1601. fc->fs_private = ctx;
  1602. fc->ops = &nfs_fs_context_ops;
  1603. return 0;
  1604. }
  1605. struct file_system_type nfs_fs_type = {
  1606. .owner = THIS_MODULE,
  1607. .name = "nfs",
  1608. .init_fs_context = nfs_init_fs_context,
  1609. .parameters = nfs_fs_parameters,
  1610. .kill_sb = nfs_kill_super,
  1611. .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA,
  1612. };
  1613. MODULE_ALIAS_FS("nfs");
  1614. EXPORT_SYMBOL_GPL(nfs_fs_type);
  1615. #if IS_ENABLED(CONFIG_NFS_V4)
  1616. struct file_system_type nfs4_fs_type = {
  1617. .owner = THIS_MODULE,
  1618. .name = "nfs4",
  1619. .init_fs_context = nfs_init_fs_context,
  1620. .parameters = nfs_fs_parameters,
  1621. .kill_sb = nfs_kill_super,
  1622. .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA,
  1623. };
  1624. MODULE_ALIAS_FS("nfs4");
  1625. MODULE_ALIAS("nfs4");
  1626. EXPORT_SYMBOL_GPL(nfs4_fs_type);
  1627. #endif /* CONFIG_NFS_V4 */