cifs: move security mount options into fs_context.ch

This patch moves the parsing of security mount options into
fs_context.ch.  There are no changes to any logic.

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
This commit is contained in:
Ronnie Sahlberg 2020-10-21 10:37:11 +10:00 коммит произвёл Steve French
Родитель a6a9cffad0
Коммит 5c6e5aa496
3 изменённых файлов: 96 добавлений и 85 удалений

Просмотреть файл

@ -61,6 +61,7 @@
#ifdef CONFIG_CIFS_DFS_UPCALL
#include "dfs_cache.h"
#endif
#include "fs_context.h"
extern mempool_t *cifs_req_poolp;
extern bool disable_legacy_dialects;
@ -279,33 +280,6 @@ static const match_table_t cifs_mount_option_tokens = {
{ Opt_err, NULL }
};
enum {
Opt_sec_krb5, Opt_sec_krb5i, Opt_sec_krb5p,
Opt_sec_ntlmsspi, Opt_sec_ntlmssp,
Opt_ntlm, Opt_sec_ntlmi, Opt_sec_ntlmv2,
Opt_sec_ntlmv2i, Opt_sec_lanman,
Opt_sec_none,
Opt_sec_err
};
static const match_table_t cifs_secflavor_tokens = {
{ Opt_sec_krb5, "krb5" },
{ Opt_sec_krb5i, "krb5i" },
{ Opt_sec_krb5p, "krb5p" },
{ Opt_sec_ntlmsspi, "ntlmsspi" },
{ Opt_sec_ntlmssp, "ntlmssp" },
{ Opt_ntlm, "ntlm" },
{ Opt_sec_ntlmi, "ntlmi" },
{ Opt_sec_ntlmv2, "nontlm" },
{ Opt_sec_ntlmv2, "ntlmv2" },
{ Opt_sec_ntlmv2i, "ntlmv2i" },
{ Opt_sec_lanman, "lanman" },
{ Opt_sec_none, "none" },
{ Opt_sec_err, NULL }
};
/* cache flavors */
enum {
Opt_cache_loose,
@ -1372,63 +1346,6 @@ static int get_option_gid(substring_t args[], kgid_t *result)
return 0;
}
static int cifs_parse_security_flavors(char *value,
struct smb_vol *vol)
{
substring_t args[MAX_OPT_ARGS];
/*
* With mount options, the last one should win. Reset any existing
* settings back to default.
*/
vol->sectype = Unspecified;
vol->sign = false;
switch (match_token(value, cifs_secflavor_tokens, args)) {
case Opt_sec_krb5p:
cifs_dbg(VFS, "sec=krb5p is not supported!\n");
return 1;
case Opt_sec_krb5i:
vol->sign = true;
fallthrough;
case Opt_sec_krb5:
vol->sectype = Kerberos;
break;
case Opt_sec_ntlmsspi:
vol->sign = true;
fallthrough;
case Opt_sec_ntlmssp:
vol->sectype = RawNTLMSSP;
break;
case Opt_sec_ntlmi:
vol->sign = true;
fallthrough;
case Opt_ntlm:
vol->sectype = NTLM;
break;
case Opt_sec_ntlmv2i:
vol->sign = true;
fallthrough;
case Opt_sec_ntlmv2:
vol->sectype = NTLMv2;
break;
#ifdef CONFIG_CIFS_WEAK_PW_HASH
case Opt_sec_lanman:
vol->sectype = LANMAN;
break;
#endif
case Opt_sec_none:
vol->nullauth = 1;
break;
default:
cifs_dbg(VFS, "bad security option: %s\n", value);
return 1;
}
return 0;
}
static int
cifs_parse_cache_flavor(char *value, struct smb_vol *vol)
{

Просмотреть файл

@ -6,3 +6,79 @@
* David Howells <dhowells@redhat.com>
*/
#include "cifsglob.h"
#include "cifs_debug.h"
#include "fs_context.h"
static const match_table_t cifs_secflavor_tokens = {
{ Opt_sec_krb5, "krb5" },
{ Opt_sec_krb5i, "krb5i" },
{ Opt_sec_krb5p, "krb5p" },
{ Opt_sec_ntlmsspi, "ntlmsspi" },
{ Opt_sec_ntlmssp, "ntlmssp" },
{ Opt_ntlm, "ntlm" },
{ Opt_sec_ntlmi, "ntlmi" },
{ Opt_sec_ntlmv2, "nontlm" },
{ Opt_sec_ntlmv2, "ntlmv2" },
{ Opt_sec_ntlmv2i, "ntlmv2i" },
{ Opt_sec_lanman, "lanman" },
{ Opt_sec_none, "none" },
{ Opt_sec_err, NULL }
};
int cifs_parse_security_flavors(char *value, struct smb_vol *vol)
{
substring_t args[MAX_OPT_ARGS];
/*
* With mount options, the last one should win. Reset any existing
* settings back to default.
*/
vol->sectype = Unspecified;
vol->sign = false;
switch (match_token(value, cifs_secflavor_tokens, args)) {
case Opt_sec_krb5p:
cifs_dbg(VFS, "sec=krb5p is not supported!\n");
return 1;
case Opt_sec_krb5i:
vol->sign = true;
fallthrough;
case Opt_sec_krb5:
vol->sectype = Kerberos;
break;
case Opt_sec_ntlmsspi:
vol->sign = true;
fallthrough;
case Opt_sec_ntlmssp:
vol->sectype = RawNTLMSSP;
break;
case Opt_sec_ntlmi:
vol->sign = true;
fallthrough;
case Opt_ntlm:
vol->sectype = NTLM;
break;
case Opt_sec_ntlmv2i:
vol->sign = true;
fallthrough;
case Opt_sec_ntlmv2:
vol->sectype = NTLMv2;
break;
#ifdef CONFIG_CIFS_WEAK_PW_HASH
case Opt_sec_lanman:
vol->sectype = LANMAN;
break;
#endif
case Opt_sec_none:
vol->nullauth = 1;
break;
default:
cifs_dbg(VFS, "bad security option: %s\n", value);
return 1;
}
return 0;
}

Просмотреть файл

@ -9,7 +9,25 @@
#ifndef _FS_CONTEXT_H
#define _FS_CONTEXT_H
#include <linux/parser.h>
#include "cifsglob.h"
enum cifs_sec_param {
Opt_sec_krb5,
Opt_sec_krb5i,
Opt_sec_krb5p,
Opt_sec_ntlmsspi,
Opt_sec_ntlmssp,
Opt_ntlm,
Opt_sec_ntlmi,
Opt_sec_ntlmv2,
Opt_sec_ntlmv2i,
Opt_sec_lanman,
Opt_sec_none,
Opt_sec_err
};
int cifs_parse_security_flavors(char *value, struct smb_vol *vol);
#endif