When creating new filesystem objects ksmbd translates between k*ids and
s*ids. For this it often uses struct smb_fattr and stashes the k*ids in
cf_uid and cf_gid. Let cf_uid and cf_gid always contain the final
information taking any potential idmapped mounts into account. When
finally translation cf_*id into s*ids translate them into the user
namespace of ksmbd since that is the relevant user namespace here.

Cc: Steve French <stfrench@microsoft.com>
Cc: Christoph Hellwig <hch@infradead.org>
Cc: Namjae Jeon <namjae.jeon@samsung.com>
Cc: Hyunchul Lee <hyc.lee@gmail.com>
Cc: Sergey Senozhatsky <senozhatsky@chromium.org>
Cc: linux-cifs@vger.kernel.org
Signed-off-by: NChristian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: NNamjae Jeon <linkinjeon@kernel.org>
Signed-off-by: NSteve French <stfrench@microsoft.com>

When transferring ownership information to the
client the k*ids are translated into raw *ids before they are sent over
the wire. The function currently erroneously translates the k*ids
according to the mount's idmapping. Instead, reporting the owning *ids
to userspace the underlying k*ids need to be mapped up in the caller's
user namespace. This is how stat() works.
The caller in this instance is ksmbd itself and ksmbd always runs in the
initial user namespace. Translate according to that.

The idmapping of the mount is already taken into account by the lower
filesystem and so kstat->*id will contain the mapped k*ids.

Switch to from_k*id_munged() which ensures that the overflow*id is
returned instead of the (*id_t)-1 when the k*id can't be translated.

Cc: Steve French <stfrench@microsoft.com>
Cc: Christoph Hellwig <hch@infradead.org>
Cc: Namjae Jeon <namjae.jeon@samsung.com>
Cc: Hyunchul Lee <hyc.lee@gmail.com>
Cc: Sergey Senozhatsky <senozhatsky@chromium.org>
Cc: linux-cifs@vger.kernel.org
Signed-off-by: NChristian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: NNamjae Jeon <linkinjeon@kernel.org>
Signed-off-by: NSteve French <stfrench@microsoft.com>

It's great that the new in-kernel ksmbd server will support idmapped
mounts out of the box! However, lookup is currently broken. Lookup
helpers such as lookup_one_len() call inode_permission() internally to
ensure that the caller is privileged over the inode of the base dentry
they are trying to lookup under. So the permission checking here is
currently wrong.

Linux v5.15 will gain a new lookup helper lookup_one() that does take
idmappings into account. I've added it as part of my patch series to
make btrfs support idmapped mounts. The new helper is in linux-next as
part of David's (Sterba) btrfs for-next branch as commit
c972214c133b ("namei: add mapping aware lookup helper").

I've said it before during one of my first reviews: I would very much
recommend adding fstests to [1]. It already seems to have very
rudimentary cifs support. There is a completely generic idmapped mount
testsuite that supports idmapped mounts.

[1]: https://git.kernel.org/pub/scm/fs/xfs/xfsprogs-dev.git/
Cc: Colin Ian King <colin.king@canonical.com>
Cc: Steve French <stfrench@microsoft.com>
Cc: Christoph Hellwig <hch@infradead.org>
Cc: Namjae Jeon <namjae.jeon@samsung.com>
Cc: Hyunchul Lee <hyc.lee@gmail.com>
Cc: Sergey Senozhatsky <senozhatsky@chromium.org>
Cc: David Sterba <dsterba@suse.com>
Cc: linux-cifs@vger.kernel.org
Signed-off-by: NChristian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: NNamjae Jeon <linkinjeon@kernel.org>
Signed-off-by: NSteve French <stfrench@microsoft.com>

When commanding chmod and chown on cifs&ksmbd, ksmbd allows it without file
permissions check. There is code to check it in settattr_prepare.
Instead of setting the inode directly, update the mode and uid/gid
through notify_change.
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

ksmbd is forcing to turn on FS_POSIX_ACL in Kconfig to use vfs acl
functions(posix_acl_alloc, get_acl, set_posix_acl). OpenWRT and other
platform doesn't use acl and this config is disable by default in
kernel. This patch use IS_ENABLED() to know acl config is enable and use
acl function if it is enable.
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Use proper errno instead of -1 in smb2_get_ksmbd_tcon().
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Update the comment for smb2_get_ksmbd_tcon().
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Change data type of function that return only 0 or 1 to boolean.
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

If smb2_get_name() then name is an error pointer.  In the clean up
code, we try to kfree() it and that will lead to an Oops.  Set it to
NULL instead.
Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

ksmbd create socket with IPv6 to listen both IPv4 and IPv6 connection
from client. Server should send IP addresses of NICs through network
interface info response. If Client connection is IPv4, Server should
fill IPv4 address in response buffer. But ss_family is always PF_INET6
on IPv6 socket. So This patch add ipv6_addr_v4mapped check to know
client connection is IPv4.
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Dan report a warning that is missing error code in smb2_lock
from static checker. This patch add error code to avoid static checker
warning.
Reported-by: NDan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Windows client disconnect connection by wrong signed SMB2 session
setup response on SMB3 multichannel mode.
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

ksmbd does not support RSS mode stably.
RSS mode enabling will be set later.
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Both Windows 10's SMB server and samba return STATUS_OBJECT_PATH_NOT_FOUND
when trying to access a nonexistent path.

This fixes Windows 10 File History tool. The latter relies on the server
returning STATUS_OBJECT_PATH_NOT_FOUND to figure out what part of the
target path needs to be created. Returning STATUS_OBJECT_NAME_INVALID
will make it stop and display an error to the user.
Signed-off-by: NMarios Makassikis <mmakassikis@freebox.fr>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Support for faster packet signing (using GMAC instead of CMAC) can
now be negotiated to some newer servers, including Windows.
See MS-SMB2 section 2.2.3.17.

This patch adds support for sending the new negotiate context with two
supported signing algorithms(AES-CMAC, HMAC-SHA256).
If client add support for AES_GMAC, Server will be supported later
depend on it.
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

This patch add negotiate context verification code to check bounds.
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

When user insert wrong password, ksmbd return STATUS_INVALID_PARAMETER
error status to client. It will make user confusing whether it is not
password problem. This patch change error status to
STATUS_LOGON_FAILURE. and return STATUS_INSUFFICIENT_RESOURCES if memory
allocation failed on session setup.
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Use smb2_compression_ctx instead of smb2_encryption_neg_context.
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

set RDMA capability for
FSCTL_QUERY_NETWORK_INTERFACE_INFO.
Signed-off-by: NHyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

CID 1502845 (#1 of 1): Unused value (UNUSED_VALUE)
value_overwrite: Overwriting previous write to err with value from
vfs_lock_file(filp, 0U, rlock, NULL).
6880                err = vfs_lock_file(filp, 0, rlock, NULL);
6881                if (err)
6882                        pr_err("rollback unlock fail : %d\n", err);
Reported-by: NCoverity Scan <scan-admin@coverity.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Coverity Scan seems to report false alarm.

*** CID 1505930:    (USE_AFTER_FREE)
/fs/ksmbd/smb2pdu.c: 2527 in smb2_open()
>>> CID 1505930:    (USE_AFTER_FREE)
>>> Passing freed pointer "context" as an argument to
>>> "check_context_err".

This patch remove unneeded check_context_err to make coverity scan
happy.
Reported-by: NCoverity Scan <scan-admin@coverity.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

For code cleanup, handle error cases first in
smb2_create_sd_buffers().
Reported-by: NDan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: NHyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

instead of -ENOENT, make smb2_find_context_vals
return NULL if the given context cannot be found.
Reported-by: NDan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: NHyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

the wait can be canceled by SMB2_CANCEL, SMB2_CLOSE,
SMB2_LOGOFF, disconnection or shutdown, we don't have
to use wait_event_interruptible.

And this remove the warning from Coverity:

CID 1502834 (#1 of 1): Unused value (UNUSED_VALUE)
returned_value: Assigning value from ksmbd_vfs_posix_lock_wait(flock)
to err here, but that stored value is overwritten before it can be used.
Signed-off-by: NHyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Append ksmbd_lock into the connection's
lock list and the ksmbd_file's lock list.
And when a file is closed, detach ksmbd_lock
from these lists and free it.
Signed-off-by: NHyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

These lines are intended one tab too far.
Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

This patch change data type of volatile/persistent id to u64 to make
issue from idr_find and idr_remove(). !HAS_FILE_ID check will protect
integer overflow issue from idr_find and idr_remove().
Reported-by: NDan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Add missing kfree(conv_name) on error path.
Reported-by: NCoverity Scan <scan-admin@coverity.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

netdev can never be NULL in for_each_netdev loop.
This patch remove unneeded NULL check.
Reported-by: NCoverity Scan <scan-admin@coverity.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

There is a error handling case that passes control to label out_err
without pointer sess being assigned a value. The unassigned pointer
may be any garbage value and so the test of rc < 0 && sess maybe
true leading to sess being passed to the call to ksmbd_session_destroy.
Fix this by setting sess to NULL in this corner case.

Addresses-Coverity: ("Uninitialized pointer read")
Signed-off-by: NColin Ian King <colin.king@canonical.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Avoid calling mnt_user_ns() many time in
a function.

Cc: Christoph Hellwig <hch@infradead.org>
Cc: Christian Brauner <christian@brauner.io>
Signed-off-by: NHyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

For user namespace support, call vfs functions
with struct user_namespace got from struct path.

This patch have been tested mannually as below.

Create an id-mapped mount using the mount-idmapped utility
(https://github.com/brauner/mount-idmapped).
$ mount-idmapped --map-mount b:1003:1002:1 /home/foo <EXPORT DIR>/foo
(the user, "foo" is 1003, and the user "bar" is 1002).

And  mount the export directory using cifs with the user, "bar".
succeed to create/delete/stat/read/write files and directory in
the <EXPORT DIR>/foo. But fail with a bind mount for /home/foo.
Reviewed-by: NChristoph Hellwig <hch@lst.de>
Signed-off-by: NHyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

For user namespace support, we need to pass
struct user_namespace with struct dentry
to some functions. For reducing the number
of arguments, replace the struct dentry with
struct path in these functions.
Reviewed-by: NChristoph Hellwig <hch@lst.de>
Signed-off-by: NHyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Use ksmbd_vfs_lock_parent to get stable parent dentry and remove
PARENT_INODE macro.
Reviewed-by: NChristoph Hellwig <hch@lst.de>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Opencode to remove FP_INODE macro.
Reviewed-by: NChristoph Hellwig <hch@lst.de>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Using ->d_name can be broken due to races with rename().
So use %pd with ->d_name to print filename and In other cases,
use it under ->d_lock.
Reviewed-by: NChristoph Hellwig <hch@lst.de>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

ksmbd: allow PROTECTED_DACL_SECINFO and UNPROTECTED_DACL_SECINFO addition information in smb2 set info security

"cifsd: Fix regression in smb2_get_info" patch cause that dacl doesn't
work. windows send smb2 set info security with PROTECTED_DACL_SECINFO to
control dacl. But previous patch doesn't allow it.
This patch add PROTECTED_DACL_SECINFO and UNPROTECTED_DACL_SECINFO
addtional information flags in check.
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

replace request and respone buffer macro with inline functions.
Reviewed-by: NChristoph Hellwig <hch@lst.de>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Remove and replace macros with inline functions
in smb_common.h
Reviewed-by: NChristoph Hellwig <hch@lst.de>
Signed-off-by: NHyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>

Remove getting worker state macros
Reviewed-by: NChristoph Hellwig <hch@lst.de>
Signed-off-by: NHyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: NNamjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: NSteve French <stfrench@microsoft.com>