mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2025-01-27 00:04:47 +08:00
8202aa60f0
commit 41dbda16a0
upstream.
Whenever new parameter is added to smb configuration, It is possible
to break the execution of the IPC daemon by mismatch size of
request/response. This patch tries to reserve space in ipc request/response
in advance to prevent that.
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
408 lines
11 KiB
C
408 lines
11 KiB
C
/* SPDX-License-Identifier: GPL-2.0-or-later */
|
|
/*
|
|
* Copyright (C) 2018 Samsung Electronics Co., Ltd.
|
|
*
|
|
* linux-ksmbd-devel@lists.sourceforge.net
|
|
*/
|
|
|
|
#ifndef _LINUX_KSMBD_SERVER_H
|
|
#define _LINUX_KSMBD_SERVER_H
|
|
|
|
#include <linux/types.h>
|
|
|
|
/*
|
|
* This is a userspace ABI to communicate data between ksmbd and user IPC
|
|
* daemon using netlink. This is added to track and cache user account DB
|
|
* and share configuration info from userspace.
|
|
*
|
|
* - KSMBD_EVENT_HEARTBEAT_REQUEST(ksmbd_heartbeat)
|
|
* This event is to check whether user IPC daemon is alive. If user IPC
|
|
* daemon is dead, ksmbd keep existing connection till disconnecting and
|
|
* new connection will be denied.
|
|
*
|
|
* - KSMBD_EVENT_STARTING_UP(ksmbd_startup_request)
|
|
* This event is to receive the information that initializes the ksmbd
|
|
* server from the user IPC daemon and to start the server. The global
|
|
* section parameters are given from smb.conf as initialization
|
|
* information.
|
|
*
|
|
* - KSMBD_EVENT_SHUTTING_DOWN(ksmbd_shutdown_request)
|
|
* This event is to shutdown ksmbd server.
|
|
*
|
|
* - KSMBD_EVENT_LOGIN_REQUEST/RESPONSE(ksmbd_login_request/response)
|
|
* This event is to get user account info to user IPC daemon.
|
|
*
|
|
* - KSMBD_EVENT_SHARE_CONFIG_REQUEST/RESPONSE(ksmbd_share_config_request/response)
|
|
* This event is to get net share configuration info.
|
|
*
|
|
* - KSMBD_EVENT_TREE_CONNECT_REQUEST/RESPONSE(ksmbd_tree_connect_request/response)
|
|
* This event is to get session and tree connect info.
|
|
*
|
|
* - KSMBD_EVENT_TREE_DISCONNECT_REQUEST(ksmbd_tree_disconnect_request)
|
|
* This event is to send tree disconnect info to user IPC daemon.
|
|
*
|
|
* - KSMBD_EVENT_LOGOUT_REQUEST(ksmbd_logout_request)
|
|
* This event is to send logout request to user IPC daemon.
|
|
*
|
|
* - KSMBD_EVENT_RPC_REQUEST/RESPONSE(ksmbd_rpc_command)
|
|
* This event is to make DCE/RPC request like srvsvc, wkssvc, lsarpc,
|
|
* samr to be processed in userspace.
|
|
*
|
|
* - KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST/RESPONSE(ksmbd_spnego_authen_request/response)
|
|
* This event is to make kerberos authentication to be processed in
|
|
* userspace.
|
|
*/
|
|
|
|
#define KSMBD_GENL_NAME "SMBD_GENL"
|
|
#define KSMBD_GENL_VERSION 0x01
|
|
|
|
#define KSMBD_REQ_MAX_ACCOUNT_NAME_SZ 48
|
|
#define KSMBD_REQ_MAX_HASH_SZ 18
|
|
#define KSMBD_REQ_MAX_SHARE_NAME 64
|
|
|
|
/*
|
|
* IPC heartbeat frame to check whether user IPC daemon is alive.
|
|
*/
|
|
struct ksmbd_heartbeat {
|
|
__u32 handle;
|
|
};
|
|
|
|
/*
|
|
* Global config flags.
|
|
*/
|
|
#define KSMBD_GLOBAL_FLAG_INVALID (0)
|
|
#define KSMBD_GLOBAL_FLAG_SMB2_LEASES BIT(0)
|
|
#define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION BIT(1)
|
|
#define KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL BIT(2)
|
|
|
|
/*
|
|
* IPC request for ksmbd server startup
|
|
*/
|
|
struct ksmbd_startup_request {
|
|
__u32 flags; /* Flags for global config */
|
|
__s32 signing; /* Signing enabled */
|
|
__s8 min_prot[16]; /* The minimum SMB protocol version */
|
|
__s8 max_prot[16]; /* The maximum SMB protocol version */
|
|
__s8 netbios_name[16];
|
|
__s8 work_group[64]; /* Workgroup */
|
|
__s8 server_string[64]; /* Server string */
|
|
__u16 tcp_port; /* tcp port */
|
|
__u16 ipc_timeout; /*
|
|
* specifies the number of seconds
|
|
* server will wait for the userspace to
|
|
* reply to heartbeat frames.
|
|
*/
|
|
__u32 deadtime; /* Number of minutes of inactivity */
|
|
__u32 file_max; /* Limits the maximum number of open files */
|
|
__u32 smb2_max_write; /* MAX write size */
|
|
__u32 smb2_max_read; /* MAX read size */
|
|
__u32 smb2_max_trans; /* MAX trans size */
|
|
__u32 share_fake_fscaps; /*
|
|
* Support some special application that
|
|
* makes QFSINFO calls to check whether
|
|
* we set the SPARSE_FILES bit (0x40).
|
|
*/
|
|
__u32 sub_auth[3]; /* Subauth value for Security ID */
|
|
__u32 smb2_max_credits; /* MAX credits */
|
|
__u32 reserved[128]; /* Reserved room */
|
|
__u32 ifc_list_sz; /* interfaces list size */
|
|
__s8 ____payload[];
|
|
};
|
|
|
|
#define KSMBD_STARTUP_CONFIG_INTERFACES(s) ((s)->____payload)
|
|
|
|
/*
|
|
* IPC request to shutdown ksmbd server.
|
|
*/
|
|
struct ksmbd_shutdown_request {
|
|
__s32 reserved[16];
|
|
};
|
|
|
|
/*
|
|
* IPC user login request.
|
|
*/
|
|
struct ksmbd_login_request {
|
|
__u32 handle;
|
|
__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
|
|
__u32 reserved[16]; /* Reserved room */
|
|
};
|
|
|
|
/*
|
|
* IPC user login response.
|
|
*/
|
|
struct ksmbd_login_response {
|
|
__u32 handle;
|
|
__u32 gid; /* group id */
|
|
__u32 uid; /* user id */
|
|
__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
|
|
__u16 status;
|
|
__u16 hash_sz; /* hash size */
|
|
__s8 hash[KSMBD_REQ_MAX_HASH_SZ]; /* password hash */
|
|
__u32 reserved[16]; /* Reserved room */
|
|
};
|
|
|
|
/*
|
|
* IPC request to fetch net share config.
|
|
*/
|
|
struct ksmbd_share_config_request {
|
|
__u32 handle;
|
|
__s8 share_name[KSMBD_REQ_MAX_SHARE_NAME]; /* share name */
|
|
__u32 reserved[16]; /* Reserved room */
|
|
};
|
|
|
|
/*
|
|
* IPC response to the net share config request.
|
|
*/
|
|
struct ksmbd_share_config_response {
|
|
__u32 handle;
|
|
__u32 flags;
|
|
__u16 create_mask;
|
|
__u16 directory_mask;
|
|
__u16 force_create_mode;
|
|
__u16 force_directory_mode;
|
|
__u16 force_uid;
|
|
__u16 force_gid;
|
|
__u32 reserved[128]; /* Reserved room */
|
|
__u32 veto_list_sz;
|
|
__s8 ____payload[];
|
|
};
|
|
|
|
#define KSMBD_SHARE_CONFIG_VETO_LIST(s) ((s)->____payload)
|
|
|
|
static inline char *
|
|
ksmbd_share_config_path(struct ksmbd_share_config_response *sc)
|
|
{
|
|
char *p = sc->____payload;
|
|
|
|
if (sc->veto_list_sz)
|
|
p += sc->veto_list_sz + 1;
|
|
|
|
return p;
|
|
}
|
|
|
|
/*
|
|
* IPC request for tree connection. This request include session and tree
|
|
* connect info from client.
|
|
*/
|
|
struct ksmbd_tree_connect_request {
|
|
__u32 handle;
|
|
__u16 account_flags;
|
|
__u16 flags;
|
|
__u64 session_id;
|
|
__u64 connect_id;
|
|
__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
|
|
__s8 share[KSMBD_REQ_MAX_SHARE_NAME];
|
|
__s8 peer_addr[64];
|
|
__u32 reserved[16]; /* Reserved room */
|
|
};
|
|
|
|
/*
|
|
* IPC Response structure for tree connection.
|
|
*/
|
|
struct ksmbd_tree_connect_response {
|
|
__u32 handle;
|
|
__u16 status;
|
|
__u16 connection_flags;
|
|
__u32 reserved[16]; /* Reserved room */
|
|
};
|
|
|
|
/*
|
|
* IPC Request struture to disconnect tree connection.
|
|
*/
|
|
struct ksmbd_tree_disconnect_request {
|
|
__u64 session_id; /* session id */
|
|
__u64 connect_id; /* tree connection id */
|
|
__u32 reserved[16]; /* Reserved room */
|
|
};
|
|
|
|
/*
|
|
* IPC Response structure to logout user account.
|
|
*/
|
|
struct ksmbd_logout_request {
|
|
__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
|
|
__u32 account_flags;
|
|
__u32 reserved[16]; /* Reserved room */
|
|
};
|
|
|
|
/*
|
|
* RPC command structure to send rpc request like srvsvc or wkssvc to
|
|
* IPC user daemon.
|
|
*/
|
|
struct ksmbd_rpc_command {
|
|
__u32 handle;
|
|
__u32 flags;
|
|
__u32 payload_sz;
|
|
__u8 payload[];
|
|
};
|
|
|
|
/*
|
|
* IPC Request Kerberos authentication
|
|
*/
|
|
struct ksmbd_spnego_authen_request {
|
|
__u32 handle;
|
|
__u16 spnego_blob_len; /* the length of spnego_blob */
|
|
__u8 spnego_blob[0]; /*
|
|
* the GSS token from SecurityBuffer of
|
|
* SMB2 SESSION SETUP request
|
|
*/
|
|
};
|
|
|
|
/*
|
|
* Response data which includes the GSS token and the session key generated by
|
|
* user daemon.
|
|
*/
|
|
struct ksmbd_spnego_authen_response {
|
|
__u32 handle;
|
|
struct ksmbd_login_response login_response; /*
|
|
* the login response with
|
|
* a user identified by the
|
|
* GSS token from a client
|
|
*/
|
|
__u16 session_key_len; /* the length of the session key */
|
|
__u16 spnego_blob_len; /*
|
|
* the length of the GSS token which will be
|
|
* stored in SecurityBuffer of SMB2 SESSION
|
|
* SETUP response
|
|
*/
|
|
__u8 payload[]; /* session key + AP_REP */
|
|
};
|
|
|
|
/*
|
|
* This also used as NETLINK attribute type value.
|
|
*
|
|
* NOTE:
|
|
* Response message type value should be equal to
|
|
* request message type value + 1.
|
|
*/
|
|
enum ksmbd_event {
|
|
KSMBD_EVENT_UNSPEC = 0,
|
|
KSMBD_EVENT_HEARTBEAT_REQUEST,
|
|
|
|
KSMBD_EVENT_STARTING_UP,
|
|
KSMBD_EVENT_SHUTTING_DOWN,
|
|
|
|
KSMBD_EVENT_LOGIN_REQUEST,
|
|
KSMBD_EVENT_LOGIN_RESPONSE = 5,
|
|
|
|
KSMBD_EVENT_SHARE_CONFIG_REQUEST,
|
|
KSMBD_EVENT_SHARE_CONFIG_RESPONSE,
|
|
|
|
KSMBD_EVENT_TREE_CONNECT_REQUEST,
|
|
KSMBD_EVENT_TREE_CONNECT_RESPONSE,
|
|
|
|
KSMBD_EVENT_TREE_DISCONNECT_REQUEST = 10,
|
|
|
|
KSMBD_EVENT_LOGOUT_REQUEST,
|
|
|
|
KSMBD_EVENT_RPC_REQUEST,
|
|
KSMBD_EVENT_RPC_RESPONSE,
|
|
|
|
KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST,
|
|
KSMBD_EVENT_SPNEGO_AUTHEN_RESPONSE = 15,
|
|
|
|
KSMBD_EVENT_MAX
|
|
};
|
|
|
|
/*
|
|
* Enumeration for IPC tree connect status.
|
|
*/
|
|
enum KSMBD_TREE_CONN_STATUS {
|
|
KSMBD_TREE_CONN_STATUS_OK = 0,
|
|
KSMBD_TREE_CONN_STATUS_NOMEM,
|
|
KSMBD_TREE_CONN_STATUS_NO_SHARE,
|
|
KSMBD_TREE_CONN_STATUS_NO_USER,
|
|
KSMBD_TREE_CONN_STATUS_INVALID_USER,
|
|
KSMBD_TREE_CONN_STATUS_HOST_DENIED = 5,
|
|
KSMBD_TREE_CONN_STATUS_CONN_EXIST,
|
|
KSMBD_TREE_CONN_STATUS_TOO_MANY_CONNS,
|
|
KSMBD_TREE_CONN_STATUS_TOO_MANY_SESSIONS,
|
|
KSMBD_TREE_CONN_STATUS_ERROR,
|
|
};
|
|
|
|
/*
|
|
* User config flags.
|
|
*/
|
|
#define KSMBD_USER_FLAG_INVALID (0)
|
|
#define KSMBD_USER_FLAG_OK BIT(0)
|
|
#define KSMBD_USER_FLAG_BAD_PASSWORD BIT(1)
|
|
#define KSMBD_USER_FLAG_BAD_UID BIT(2)
|
|
#define KSMBD_USER_FLAG_BAD_USER BIT(3)
|
|
#define KSMBD_USER_FLAG_GUEST_ACCOUNT BIT(4)
|
|
#define KSMBD_USER_FLAG_DELAY_SESSION BIT(5)
|
|
|
|
/*
|
|
* Share config flags.
|
|
*/
|
|
#define KSMBD_SHARE_FLAG_INVALID (0)
|
|
#define KSMBD_SHARE_FLAG_AVAILABLE BIT(0)
|
|
#define KSMBD_SHARE_FLAG_BROWSEABLE BIT(1)
|
|
#define KSMBD_SHARE_FLAG_WRITEABLE BIT(2)
|
|
#define KSMBD_SHARE_FLAG_READONLY BIT(3)
|
|
#define KSMBD_SHARE_FLAG_GUEST_OK BIT(4)
|
|
#define KSMBD_SHARE_FLAG_GUEST_ONLY BIT(5)
|
|
#define KSMBD_SHARE_FLAG_STORE_DOS_ATTRS BIT(6)
|
|
#define KSMBD_SHARE_FLAG_OPLOCKS BIT(7)
|
|
#define KSMBD_SHARE_FLAG_PIPE BIT(8)
|
|
#define KSMBD_SHARE_FLAG_HIDE_DOT_FILES BIT(9)
|
|
#define KSMBD_SHARE_FLAG_INHERIT_OWNER BIT(10)
|
|
#define KSMBD_SHARE_FLAG_STREAMS BIT(11)
|
|
#define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS BIT(12)
|
|
#define KSMBD_SHARE_FLAG_ACL_XATTR BIT(13)
|
|
|
|
/*
|
|
* Tree connect request flags.
|
|
*/
|
|
#define KSMBD_TREE_CONN_FLAG_REQUEST_SMB1 (0)
|
|
#define KSMBD_TREE_CONN_FLAG_REQUEST_IPV6 BIT(0)
|
|
#define KSMBD_TREE_CONN_FLAG_REQUEST_SMB2 BIT(1)
|
|
|
|
/*
|
|
* Tree connect flags.
|
|
*/
|
|
#define KSMBD_TREE_CONN_FLAG_GUEST_ACCOUNT BIT(0)
|
|
#define KSMBD_TREE_CONN_FLAG_READ_ONLY BIT(1)
|
|
#define KSMBD_TREE_CONN_FLAG_WRITABLE BIT(2)
|
|
#define KSMBD_TREE_CONN_FLAG_ADMIN_ACCOUNT BIT(3)
|
|
|
|
/*
|
|
* RPC over IPC.
|
|
*/
|
|
#define KSMBD_RPC_METHOD_RETURN BIT(0)
|
|
#define KSMBD_RPC_SRVSVC_METHOD_INVOKE BIT(1)
|
|
#define KSMBD_RPC_SRVSVC_METHOD_RETURN (KSMBD_RPC_SRVSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
|
|
#define KSMBD_RPC_WKSSVC_METHOD_INVOKE BIT(2)
|
|
#define KSMBD_RPC_WKSSVC_METHOD_RETURN (KSMBD_RPC_WKSSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
|
|
#define KSMBD_RPC_IOCTL_METHOD (BIT(3) | KSMBD_RPC_METHOD_RETURN)
|
|
#define KSMBD_RPC_OPEN_METHOD BIT(4)
|
|
#define KSMBD_RPC_WRITE_METHOD BIT(5)
|
|
#define KSMBD_RPC_READ_METHOD (BIT(6) | KSMBD_RPC_METHOD_RETURN)
|
|
#define KSMBD_RPC_CLOSE_METHOD BIT(7)
|
|
#define KSMBD_RPC_RAP_METHOD (BIT(8) | KSMBD_RPC_METHOD_RETURN)
|
|
#define KSMBD_RPC_RESTRICTED_CONTEXT BIT(9)
|
|
#define KSMBD_RPC_SAMR_METHOD_INVOKE BIT(10)
|
|
#define KSMBD_RPC_SAMR_METHOD_RETURN (KSMBD_RPC_SAMR_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
|
|
#define KSMBD_RPC_LSARPC_METHOD_INVOKE BIT(11)
|
|
#define KSMBD_RPC_LSARPC_METHOD_RETURN (KSMBD_RPC_LSARPC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
|
|
|
|
/*
|
|
* RPC status definitions.
|
|
*/
|
|
#define KSMBD_RPC_OK 0
|
|
#define KSMBD_RPC_EBAD_FUNC 0x00000001
|
|
#define KSMBD_RPC_EACCESS_DENIED 0x00000005
|
|
#define KSMBD_RPC_EBAD_FID 0x00000006
|
|
#define KSMBD_RPC_ENOMEM 0x00000008
|
|
#define KSMBD_RPC_EBAD_DATA 0x0000000D
|
|
#define KSMBD_RPC_ENOTIMPLEMENTED 0x00000040
|
|
#define KSMBD_RPC_EINVALID_PARAMETER 0x00000057
|
|
#define KSMBD_RPC_EMORE_DATA 0x000000EA
|
|
#define KSMBD_RPC_EINVALID_LEVEL 0x0000007C
|
|
#define KSMBD_RPC_SOME_NOT_MAPPED 0x00000107
|
|
|
|
#define KSMBD_CONFIG_OPT_DISABLED 0
|
|
#define KSMBD_CONFIG_OPT_ENABLED 1
|
|
#define KSMBD_CONFIG_OPT_AUTO 2
|
|
#define KSMBD_CONFIG_OPT_MANDATORY 3
|
|
|
|
#endif /* _LINUX_KSMBD_SERVER_H */
|