4 * Copyright (C) International Business Machines Corp., 2009, 2013
6 * Author(s): Steve French (sfrench@us.ibm.com)
7 * Pavel Shilovsky (pshilovsky@samba.org) 2012
9 * Contains the routines for constructing the SMB2 PDUs themselves
11 * This library is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU Lesser General Public License as published
13 * by the Free Software Foundation; either version 2.1 of the License, or
14 * (at your option) any later version.
16 * This library is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
19 * the GNU Lesser General Public License for more details.
21 * You should have received a copy of the GNU Lesser General Public License
22 * along with this library; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
26 /* SMB2 PDU handling routines here - except for leftovers (eg session setup) */
27 /* Note that there are handle based routines which must be */
28 /* treated slightly differently for reconnection purposes since we never */
29 /* want to reuse a stale file handle and only the caller knows the file info */
32 #include <linux/kernel.h>
33 #include <linux/vfs.h>
34 #include <linux/task_io_accounting_ops.h>
35 #include <linux/uaccess.h>
36 #include <linux/pagemap.h>
37 #include <linux/xattr.h>
41 #include "cifsproto.h"
42 #include "smb2proto.h"
43 #include "cifs_unicode.h"
44 #include "cifs_debug.h"
46 #include "smb2status.h"
49 #include "cifs_spnego.h"
52 * The following table defines the expected "StructureSize" of SMB2 requests
53 * in order by SMB2 command. This is similar to "wct" in SMB/CIFS requests.
55 * Note that commands are defined in smb2pdu.h in le16 but the array below is
56 * indexed by command in host byte order.
58 static const int smb2_req_struct_sizes
[NUMBER_OF_SMB2_COMMANDS
] = {
59 /* SMB2_NEGOTIATE */ 36,
60 /* SMB2_SESSION_SETUP */ 25,
62 /* SMB2_TREE_CONNECT */ 9,
63 /* SMB2_TREE_DISCONNECT */ 4,
73 /* SMB2_QUERY_DIRECTORY */ 33,
74 /* SMB2_CHANGE_NOTIFY */ 32,
75 /* SMB2_QUERY_INFO */ 41,
76 /* SMB2_SET_INFO */ 33,
77 /* SMB2_OPLOCK_BREAK */ 24 /* BB this is 36 for LEASE_BREAK variant */
80 static int encryption_required(const struct cifs_tcon
*tcon
)
82 if ((tcon
->ses
->session_flags
& SMB2_SESSION_FLAG_ENCRYPT_DATA
) ||
83 (tcon
->share_flags
& SHI1005_FLAGS_ENCRYPT_DATA
))
89 smb2_hdr_assemble(struct smb2_sync_hdr
*shdr
, __le16 smb2_cmd
,
90 const struct cifs_tcon
*tcon
)
92 shdr
->ProtocolId
= SMB2_PROTO_NUMBER
;
93 shdr
->StructureSize
= cpu_to_le16(64);
94 shdr
->Command
= smb2_cmd
;
95 if (tcon
&& tcon
->ses
&& tcon
->ses
->server
) {
96 struct TCP_Server_Info
*server
= tcon
->ses
->server
;
98 spin_lock(&server
->req_lock
);
99 /* Request up to 2 credits but don't go over the limit. */
100 if (server
->credits
>= server
->max_credits
)
101 shdr
->CreditRequest
= cpu_to_le16(0);
103 shdr
->CreditRequest
= cpu_to_le16(
104 min_t(int, server
->max_credits
-
105 server
->credits
, 2));
106 spin_unlock(&server
->req_lock
);
108 shdr
->CreditRequest
= cpu_to_le16(2);
110 shdr
->ProcessId
= cpu_to_le32((__u16
)current
->tgid
);
115 /* GLOBAL_CAP_LARGE_MTU will only be set if dialect > SMB2.02 */
116 /* See sections 2.2.4 and 3.2.4.1.5 of MS-SMB2 */
117 if ((tcon
->ses
) && (tcon
->ses
->server
) &&
118 (tcon
->ses
->server
->capabilities
& SMB2_GLOBAL_CAP_LARGE_MTU
))
119 shdr
->CreditCharge
= cpu_to_le16(1);
120 /* else CreditCharge MBZ */
122 shdr
->TreeId
= tcon
->tid
;
123 /* Uid is not converted */
125 shdr
->SessionId
= tcon
->ses
->Suid
;
128 * If we would set SMB2_FLAGS_DFS_OPERATIONS on open we also would have
129 * to pass the path on the Open SMB prefixed by \\server\share.
130 * Not sure when we would need to do the augmented path (if ever) and
131 * setting this flag breaks the SMB2 open operation since it is
132 * illegal to send an empty path name (without \\server\share prefix)
133 * when the DFS flag is set in the SMB open header. We could
134 * consider setting the flag on all operations other than open
135 * but it is safer to net set it for now.
137 /* if (tcon->share_flags & SHI1005_FLAGS_DFS)
138 shdr->Flags |= SMB2_FLAGS_DFS_OPERATIONS; */
140 if (tcon
->ses
&& tcon
->ses
->server
&& tcon
->ses
->server
->sign
&&
141 !encryption_required(tcon
))
142 shdr
->Flags
|= SMB2_FLAGS_SIGNED
;
148 smb2_reconnect(__le16 smb2_command
, struct cifs_tcon
*tcon
)
151 struct nls_table
*nls_codepage
;
152 struct cifs_ses
*ses
;
153 struct TCP_Server_Info
*server
;
156 * SMB2s NegProt, SessSetup, Logoff do not have tcon yet so
157 * check for tcp and smb session status done differently
158 * for those three - in the calling routine.
163 if (smb2_command
== SMB2_TREE_CONNECT
)
166 if (tcon
->tidStatus
== CifsExiting
) {
168 * only tree disconnect, open, and write,
169 * (and ulogoff which does not have tcon)
170 * are allowed as we start force umount.
172 if ((smb2_command
!= SMB2_WRITE
) &&
173 (smb2_command
!= SMB2_CREATE
) &&
174 (smb2_command
!= SMB2_TREE_DISCONNECT
)) {
175 cifs_dbg(FYI
, "can not send cmd %d while umounting\n",
180 if ((!tcon
->ses
) || (tcon
->ses
->status
== CifsExiting
) ||
181 (!tcon
->ses
->server
))
185 server
= ses
->server
;
188 * Give demultiplex thread up to 10 seconds to reconnect, should be
189 * greater than cifs socket timeout which is 7 seconds
191 while (server
->tcpStatus
== CifsNeedReconnect
) {
193 * Return to caller for TREE_DISCONNECT and LOGOFF and CLOSE
194 * here since they are implicitly done when session drops.
196 switch (smb2_command
) {
198 * BB Should we keep oplock break and add flush to exceptions?
200 case SMB2_TREE_DISCONNECT
:
203 case SMB2_OPLOCK_BREAK
:
207 wait_event_interruptible_timeout(server
->response_q
,
208 (server
->tcpStatus
!= CifsNeedReconnect
), 10 * HZ
);
210 /* are we still trying to reconnect? */
211 if (server
->tcpStatus
!= CifsNeedReconnect
)
215 * on "soft" mounts we wait once. Hard mounts keep
216 * retrying until process is killed or server comes
220 cifs_dbg(FYI
, "gave up waiting on reconnect in smb_init\n");
225 if (!tcon
->ses
->need_reconnect
&& !tcon
->need_reconnect
)
228 nls_codepage
= load_nls_default();
231 * need to prevent multiple threads trying to simultaneously reconnect
232 * the same SMB session
234 mutex_lock(&tcon
->ses
->session_mutex
);
235 rc
= cifs_negotiate_protocol(0, tcon
->ses
);
236 if (!rc
&& tcon
->ses
->need_reconnect
)
237 rc
= cifs_setup_session(0, tcon
->ses
, nls_codepage
);
239 if (rc
|| !tcon
->need_reconnect
) {
240 mutex_unlock(&tcon
->ses
->session_mutex
);
244 cifs_mark_open_files_invalid(tcon
);
245 if (tcon
->use_persistent
)
246 tcon
->need_reopen_files
= true;
248 rc
= SMB2_tcon(0, tcon
->ses
, tcon
->treeName
, tcon
, nls_codepage
);
249 mutex_unlock(&tcon
->ses
->session_mutex
);
251 cifs_dbg(FYI
, "reconnect tcon rc = %d\n", rc
);
255 if (smb2_command
!= SMB2_INTERNAL_CMD
)
256 queue_delayed_work(cifsiod_wq
, &server
->reconnect
, 0);
258 atomic_inc(&tconInfoReconnectCount
);
261 * Check if handle based operation so we know whether we can continue
262 * or not without returning to caller to reset file handle.
265 * BB Is flush done by server on drop of tcp session? Should we special
266 * case it and skip above?
268 switch (smb2_command
) {
274 case SMB2_QUERY_DIRECTORY
:
275 case SMB2_CHANGE_NOTIFY
:
276 case SMB2_QUERY_INFO
:
280 unload_nls(nls_codepage
);
285 fill_small_buf(__le16 smb2_command
, struct cifs_tcon
*tcon
, void *buf
,
286 unsigned int *total_len
)
288 struct smb2_sync_pdu
*spdu
= (struct smb2_sync_pdu
*)buf
;
289 /* lookup word count ie StructureSize from table */
290 __u16 parmsize
= smb2_req_struct_sizes
[le16_to_cpu(smb2_command
)];
293 * smaller than SMALL_BUFFER_SIZE but bigger than fixed area of
294 * largest operations (Create)
298 smb2_hdr_assemble(&spdu
->sync_hdr
, smb2_command
, tcon
);
299 spdu
->StructureSize2
= cpu_to_le16(parmsize
);
301 *total_len
= parmsize
+ sizeof(struct smb2_sync_hdr
);
304 /* init request without RFC1001 length at the beginning */
306 smb2_plain_req_init(__le16 smb2_command
, struct cifs_tcon
*tcon
,
307 void **request_buf
, unsigned int *total_len
)
310 struct smb2_sync_hdr
*shdr
;
312 rc
= smb2_reconnect(smb2_command
, tcon
);
316 /* BB eventually switch this to SMB2 specific small buf size */
317 *request_buf
= cifs_small_buf_get();
318 if (*request_buf
== NULL
) {
319 /* BB should we add a retry in here if not a writepage? */
323 shdr
= (struct smb2_sync_hdr
*)(*request_buf
);
325 fill_small_buf(smb2_command
, tcon
, shdr
, total_len
);
328 #ifdef CONFIG_CIFS_STATS2
329 uint16_t com_code
= le16_to_cpu(smb2_command
);
331 cifs_stats_inc(&tcon
->stats
.smb2_stats
.smb2_com_sent
[com_code
]);
333 cifs_stats_inc(&tcon
->num_smbs_sent
);
340 * Allocate and return pointer to an SMB request hdr, and set basic
341 * SMB information in the SMB header. If the return code is zero, this
342 * function must have filled in request_buf pointer. The returned buffer
343 * has RFC1001 length at the beginning.
346 small_smb2_init(__le16 smb2_command
, struct cifs_tcon
*tcon
,
350 unsigned int total_len
;
351 struct smb2_pdu
*pdu
;
353 rc
= smb2_reconnect(smb2_command
, tcon
);
357 /* BB eventually switch this to SMB2 specific small buf size */
358 *request_buf
= cifs_small_buf_get();
359 if (*request_buf
== NULL
) {
360 /* BB should we add a retry in here if not a writepage? */
364 pdu
= (struct smb2_pdu
*)(*request_buf
);
366 fill_small_buf(smb2_command
, tcon
, get_sync_hdr(pdu
), &total_len
);
368 /* Note this is only network field converted to big endian */
369 pdu
->hdr
.smb2_buf_length
= cpu_to_be32(total_len
);
372 #ifdef CONFIG_CIFS_STATS2
373 uint16_t com_code
= le16_to_cpu(smb2_command
);
374 cifs_stats_inc(&tcon
->stats
.smb2_stats
.smb2_com_sent
[com_code
]);
376 cifs_stats_inc(&tcon
->num_smbs_sent
);
382 #ifdef CONFIG_CIFS_SMB311
383 /* offset is sizeof smb2_negotiate_req - 4 but rounded up to 8 bytes */
384 #define OFFSET_OF_NEG_CONTEXT 0x68 /* sizeof(struct smb2_negotiate_req) - 4 */
387 #define SMB2_PREAUTH_INTEGRITY_CAPABILITIES cpu_to_le16(1)
388 #define SMB2_ENCRYPTION_CAPABILITIES cpu_to_le16(2)
391 build_preauth_ctxt(struct smb2_preauth_neg_context
*pneg_ctxt
)
393 pneg_ctxt
->ContextType
= SMB2_PREAUTH_INTEGRITY_CAPABILITIES
;
394 pneg_ctxt
->DataLength
= cpu_to_le16(38);
395 pneg_ctxt
->HashAlgorithmCount
= cpu_to_le16(1);
396 pneg_ctxt
->SaltLength
= cpu_to_le16(SMB311_SALT_SIZE
);
397 get_random_bytes(pneg_ctxt
->Salt
, SMB311_SALT_SIZE
);
398 pneg_ctxt
->HashAlgorithms
= SMB2_PREAUTH_INTEGRITY_SHA512
;
402 build_encrypt_ctxt(struct smb2_encryption_neg_context
*pneg_ctxt
)
404 pneg_ctxt
->ContextType
= SMB2_ENCRYPTION_CAPABILITIES
;
405 pneg_ctxt
->DataLength
= cpu_to_le16(6);
406 pneg_ctxt
->CipherCount
= cpu_to_le16(2);
407 pneg_ctxt
->Ciphers
[0] = SMB2_ENCRYPTION_AES128_GCM
;
408 pneg_ctxt
->Ciphers
[1] = SMB2_ENCRYPTION_AES128_CCM
;
412 assemble_neg_contexts(struct smb2_negotiate_req
*req
)
415 /* +4 is to account for the RFC1001 len field */
416 char *pneg_ctxt
= (char *)req
+ OFFSET_OF_NEG_CONTEXT
+ 4;
418 build_preauth_ctxt((struct smb2_preauth_neg_context
*)pneg_ctxt
);
419 /* Add 2 to size to round to 8 byte boundary */
420 pneg_ctxt
+= 2 + sizeof(struct smb2_preauth_neg_context
);
421 build_encrypt_ctxt((struct smb2_encryption_neg_context
*)pneg_ctxt
);
422 req
->NegotiateContextOffset
= cpu_to_le32(OFFSET_OF_NEG_CONTEXT
);
423 req
->NegotiateContextCount
= cpu_to_le16(2);
424 inc_rfc1001_len(req
, 4 + sizeof(struct smb2_preauth_neg_context
) + 2
425 + sizeof(struct smb2_encryption_neg_context
)); /* calculate hash */
428 static void assemble_neg_contexts(struct smb2_negotiate_req
*req
)
436 * SMB2 Worker functions follow:
438 * The general structure of the worker functions is:
439 * 1) Call smb2_init (assembles SMB2 header)
440 * 2) Initialize SMB2 command specific fields in fixed length area of SMB
441 * 3) Call smb_sendrcv2 (sends request on socket and waits for response)
442 * 4) Decode SMB2 command specific fields in the fixed length area
443 * 5) Decode variable length data area (if any for this SMB2 command type)
444 * 6) Call free smb buffer
450 SMB2_negotiate(const unsigned int xid
, struct cifs_ses
*ses
)
452 struct smb2_negotiate_req
*req
;
453 struct smb2_negotiate_rsp
*rsp
;
458 struct TCP_Server_Info
*server
= ses
->server
;
459 int blob_offset
, blob_length
;
461 int flags
= CIFS_NEG_OP
;
463 cifs_dbg(FYI
, "Negotiate protocol\n");
466 WARN(1, "%s: server is NULL!\n", __func__
);
470 rc
= small_smb2_init(SMB2_NEGOTIATE
, NULL
, (void **) &req
);
474 req
->hdr
.sync_hdr
.SessionId
= 0;
476 req
->Dialects
[0] = cpu_to_le16(ses
->server
->vals
->protocol_id
);
478 req
->DialectCount
= cpu_to_le16(1); /* One vers= at a time for now */
479 inc_rfc1001_len(req
, 2);
481 /* only one of SMB2 signing flags may be set in SMB2 request */
483 req
->SecurityMode
= cpu_to_le16(SMB2_NEGOTIATE_SIGNING_REQUIRED
);
484 else if (global_secflags
& CIFSSEC_MAY_SIGN
)
485 req
->SecurityMode
= cpu_to_le16(SMB2_NEGOTIATE_SIGNING_ENABLED
);
487 req
->SecurityMode
= 0;
489 req
->Capabilities
= cpu_to_le32(ses
->server
->vals
->req_capabilities
);
491 /* ClientGUID must be zero for SMB2.02 dialect */
492 if (ses
->server
->vals
->protocol_id
== SMB20_PROT_ID
)
493 memset(req
->ClientGUID
, 0, SMB2_CLIENT_GUID_SIZE
);
495 memcpy(req
->ClientGUID
, server
->client_guid
,
496 SMB2_CLIENT_GUID_SIZE
);
497 if (ses
->server
->vals
->protocol_id
== SMB311_PROT_ID
)
498 assemble_neg_contexts(req
);
500 iov
[0].iov_base
= (char *)req
;
501 /* 4 for rfc1002 length field */
502 iov
[0].iov_len
= get_rfc1002_length(req
) + 4;
504 rc
= SendReceive2(xid
, ses
, iov
, 1, &resp_buftype
, flags
, &rsp_iov
);
505 cifs_small_buf_release(req
);
506 rsp
= (struct smb2_negotiate_rsp
*)rsp_iov
.iov_base
;
508 * No tcon so can't do
509 * cifs_stats_inc(&tcon->stats.smb2_stats.smb2_com_fail[SMB2...]);
514 cifs_dbg(FYI
, "mode 0x%x\n", rsp
->SecurityMode
);
516 /* BB we may eventually want to match the negotiated vs. requested
517 dialect, even though we are only requesting one at a time */
518 if (rsp
->DialectRevision
== cpu_to_le16(SMB20_PROT_ID
))
519 cifs_dbg(FYI
, "negotiated smb2.0 dialect\n");
520 else if (rsp
->DialectRevision
== cpu_to_le16(SMB21_PROT_ID
))
521 cifs_dbg(FYI
, "negotiated smb2.1 dialect\n");
522 else if (rsp
->DialectRevision
== cpu_to_le16(SMB30_PROT_ID
))
523 cifs_dbg(FYI
, "negotiated smb3.0 dialect\n");
524 else if (rsp
->DialectRevision
== cpu_to_le16(SMB302_PROT_ID
))
525 cifs_dbg(FYI
, "negotiated smb3.02 dialect\n");
526 #ifdef CONFIG_CIFS_SMB311
527 else if (rsp
->DialectRevision
== cpu_to_le16(SMB311_PROT_ID
))
528 cifs_dbg(FYI
, "negotiated smb3.1.1 dialect\n");
531 cifs_dbg(VFS
, "Illegal dialect returned by server 0x%x\n",
532 le16_to_cpu(rsp
->DialectRevision
));
536 server
->dialect
= le16_to_cpu(rsp
->DialectRevision
);
538 /* SMB2 only has an extended negflavor */
539 server
->negflavor
= CIFS_NEGFLAVOR_EXTENDED
;
540 /* set it to the maximum buffer size value we can send with 1 credit */
541 server
->maxBuf
= min_t(unsigned int, le32_to_cpu(rsp
->MaxTransactSize
),
542 SMB2_MAX_BUFFER_SIZE
);
543 server
->max_read
= le32_to_cpu(rsp
->MaxReadSize
);
544 server
->max_write
= le32_to_cpu(rsp
->MaxWriteSize
);
545 /* BB Do we need to validate the SecurityMode? */
546 server
->sec_mode
= le16_to_cpu(rsp
->SecurityMode
);
547 server
->capabilities
= le32_to_cpu(rsp
->Capabilities
);
549 server
->capabilities
|= SMB2_NT_FIND
| SMB2_LARGE_FILES
;
551 security_blob
= smb2_get_data_area_len(&blob_offset
, &blob_length
,
554 * See MS-SMB2 section 2.2.4: if no blob, client picks default which
556 * ses->sectype = RawNTLMSSP;
557 * but for time being this is our only auth choice so doesn't matter.
558 * We just found a server which sets blob length to zero expecting raw.
560 if (blob_length
== 0)
561 cifs_dbg(FYI
, "missing security blob on negprot\n");
563 rc
= cifs_enable_signing(server
, ses
->sign
);
567 rc
= decode_negTokenInit(security_blob
, blob_length
, server
);
574 free_rsp_buf(resp_buftype
, rsp
);
578 int smb3_validate_negotiate(const unsigned int xid
, struct cifs_tcon
*tcon
)
581 struct validate_negotiate_info_req vneg_inbuf
;
582 struct validate_negotiate_info_rsp
*pneg_rsp
;
585 cifs_dbg(FYI
, "validate negotiate\n");
588 * validation ioctl must be signed, so no point sending this if we
589 * can not sign it. We could eventually change this to selectively
590 * sign just this, the first and only signed request on a connection.
591 * This is good enough for now since a user who wants better security
592 * would also enable signing on the mount. Having validation of
593 * negotiate info for signed connections helps reduce attack vectors
595 if (tcon
->ses
->server
->sign
== false)
596 return 0; /* validation requires signing */
598 vneg_inbuf
.Capabilities
=
599 cpu_to_le32(tcon
->ses
->server
->vals
->req_capabilities
);
600 memcpy(vneg_inbuf
.Guid
, tcon
->ses
->server
->client_guid
,
601 SMB2_CLIENT_GUID_SIZE
);
604 vneg_inbuf
.SecurityMode
=
605 cpu_to_le16(SMB2_NEGOTIATE_SIGNING_REQUIRED
);
606 else if (global_secflags
& CIFSSEC_MAY_SIGN
)
607 vneg_inbuf
.SecurityMode
=
608 cpu_to_le16(SMB2_NEGOTIATE_SIGNING_ENABLED
);
610 vneg_inbuf
.SecurityMode
= 0;
612 vneg_inbuf
.DialectCount
= cpu_to_le16(1);
613 vneg_inbuf
.Dialects
[0] =
614 cpu_to_le16(tcon
->ses
->server
->vals
->protocol_id
);
616 rc
= SMB2_ioctl(xid
, tcon
, NO_FILE_ID
, NO_FILE_ID
,
617 FSCTL_VALIDATE_NEGOTIATE_INFO
, true /* is_fsctl */,
618 (char *)&vneg_inbuf
, sizeof(struct validate_negotiate_info_req
),
619 (char **)&pneg_rsp
, &rsplen
);
622 cifs_dbg(VFS
, "validate protocol negotiate failed: %d\n", rc
);
626 if (rsplen
!= sizeof(struct validate_negotiate_info_rsp
)) {
627 cifs_dbg(VFS
, "invalid size of protocol negotiate response\n");
631 /* check validate negotiate info response matches what we got earlier */
632 if (pneg_rsp
->Dialect
!=
633 cpu_to_le16(tcon
->ses
->server
->vals
->protocol_id
))
636 if (pneg_rsp
->SecurityMode
!= cpu_to_le16(tcon
->ses
->server
->sec_mode
))
639 /* do not validate server guid because not saved at negprot time yet */
641 if ((le32_to_cpu(pneg_rsp
->Capabilities
) | SMB2_NT_FIND
|
642 SMB2_LARGE_FILES
) != tcon
->ses
->server
->capabilities
)
645 /* validate negotiate successful */
646 cifs_dbg(FYI
, "validate negotiate info successful\n");
650 cifs_dbg(VFS
, "protocol revalidation - security settings mismatch\n");
654 struct SMB2_sess_data
{
656 struct cifs_ses
*ses
;
657 struct nls_table
*nls_cp
;
658 void (*func
)(struct SMB2_sess_data
*);
660 u64 previous_session
;
662 /* we will send the SMB in three pieces:
663 * a fixed length beginning part, an optional
664 * SPNEGO blob (which can be zero length), and a
665 * last part which will include the strings
666 * and rest of bcc area. This allows us to avoid
667 * a large buffer 17K allocation
674 SMB2_sess_alloc_buffer(struct SMB2_sess_data
*sess_data
)
677 struct cifs_ses
*ses
= sess_data
->ses
;
678 struct smb2_sess_setup_req
*req
;
679 struct TCP_Server_Info
*server
= ses
->server
;
681 rc
= small_smb2_init(SMB2_SESSION_SETUP
, NULL
, (void **) &req
);
685 /* First session, not a reauthenticate */
686 req
->hdr
.sync_hdr
.SessionId
= 0;
688 /* if reconnect, we need to send previous sess id, otherwise it is 0 */
689 req
->PreviousSessionId
= sess_data
->previous_session
;
691 req
->Flags
= 0; /* MBZ */
692 /* to enable echos and oplocks */
693 req
->hdr
.sync_hdr
.CreditRequest
= cpu_to_le16(3);
695 /* only one of SMB2 signing flags may be set in SMB2 request */
697 req
->SecurityMode
= SMB2_NEGOTIATE_SIGNING_REQUIRED
;
698 else if (global_secflags
& CIFSSEC_MAY_SIGN
) /* one flag unlike MUST_ */
699 req
->SecurityMode
= SMB2_NEGOTIATE_SIGNING_ENABLED
;
701 req
->SecurityMode
= 0;
703 req
->Capabilities
= 0;
704 req
->Channel
= 0; /* MBZ */
706 sess_data
->iov
[0].iov_base
= (char *)req
;
707 /* 4 for rfc1002 length field and 1 for pad */
708 sess_data
->iov
[0].iov_len
= get_rfc1002_length(req
) + 4 - 1;
710 * This variable will be used to clear the buffer
711 * allocated above in case of any error in the calling function.
713 sess_data
->buf0_type
= CIFS_SMALL_BUFFER
;
719 SMB2_sess_free_buffer(struct SMB2_sess_data
*sess_data
)
721 free_rsp_buf(sess_data
->buf0_type
, sess_data
->iov
[0].iov_base
);
722 sess_data
->buf0_type
= CIFS_NO_BUFFER
;
726 SMB2_sess_sendreceive(struct SMB2_sess_data
*sess_data
)
729 struct smb2_sess_setup_req
*req
= sess_data
->iov
[0].iov_base
;
730 struct kvec rsp_iov
= { NULL
, 0 };
732 /* Testing shows that buffer offset must be at location of Buffer[0] */
733 req
->SecurityBufferOffset
=
734 cpu_to_le16(sizeof(struct smb2_sess_setup_req
) -
735 1 /* pad */ - 4 /* rfc1001 len */);
736 req
->SecurityBufferLength
= cpu_to_le16(sess_data
->iov
[1].iov_len
);
738 inc_rfc1001_len(req
, sess_data
->iov
[1].iov_len
- 1 /* pad */);
740 /* BB add code to build os and lm fields */
742 rc
= SendReceive2(sess_data
->xid
, sess_data
->ses
,
744 &sess_data
->buf0_type
,
745 CIFS_LOG_ERROR
| CIFS_NEG_OP
, &rsp_iov
);
746 cifs_small_buf_release(sess_data
->iov
[0].iov_base
);
747 memcpy(&sess_data
->iov
[0], &rsp_iov
, sizeof(struct kvec
));
753 SMB2_sess_establish_session(struct SMB2_sess_data
*sess_data
)
756 struct cifs_ses
*ses
= sess_data
->ses
;
758 mutex_lock(&ses
->server
->srv_mutex
);
759 if (ses
->server
->ops
->generate_signingkey
) {
760 rc
= ses
->server
->ops
->generate_signingkey(ses
);
763 "SMB3 session key generation failed\n");
764 mutex_unlock(&ses
->server
->srv_mutex
);
768 if (!ses
->server
->session_estab
) {
769 ses
->server
->sequence_number
= 0x2;
770 ses
->server
->session_estab
= true;
772 mutex_unlock(&ses
->server
->srv_mutex
);
774 cifs_dbg(FYI
, "SMB2/3 session established successfully\n");
775 spin_lock(&GlobalMid_Lock
);
776 ses
->status
= CifsGood
;
777 ses
->need_reconnect
= false;
778 spin_unlock(&GlobalMid_Lock
);
782 #ifdef CONFIG_CIFS_UPCALL
784 SMB2_auth_kerberos(struct SMB2_sess_data
*sess_data
)
787 struct cifs_ses
*ses
= sess_data
->ses
;
788 struct cifs_spnego_msg
*msg
;
789 struct key
*spnego_key
= NULL
;
790 struct smb2_sess_setup_rsp
*rsp
= NULL
;
792 rc
= SMB2_sess_alloc_buffer(sess_data
);
796 spnego_key
= cifs_get_spnego_key(ses
);
797 if (IS_ERR(spnego_key
)) {
798 rc
= PTR_ERR(spnego_key
);
803 msg
= spnego_key
->payload
.data
[0];
805 * check version field to make sure that cifs.upcall is
806 * sending us a response in an expected form
808 if (msg
->version
!= CIFS_SPNEGO_UPCALL_VERSION
) {
810 "bad cifs.upcall version. Expected %d got %d",
811 CIFS_SPNEGO_UPCALL_VERSION
, msg
->version
);
813 goto out_put_spnego_key
;
816 ses
->auth_key
.response
= kmemdup(msg
->data
, msg
->sesskey_len
,
818 if (!ses
->auth_key
.response
) {
820 "Kerberos can't allocate (%u bytes) memory",
823 goto out_put_spnego_key
;
825 ses
->auth_key
.len
= msg
->sesskey_len
;
827 sess_data
->iov
[1].iov_base
= msg
->data
+ msg
->sesskey_len
;
828 sess_data
->iov
[1].iov_len
= msg
->secblob_len
;
830 rc
= SMB2_sess_sendreceive(sess_data
);
832 goto out_put_spnego_key
;
834 rsp
= (struct smb2_sess_setup_rsp
*)sess_data
->iov
[0].iov_base
;
835 ses
->Suid
= rsp
->hdr
.sync_hdr
.SessionId
;
837 ses
->session_flags
= le16_to_cpu(rsp
->SessionFlags
);
838 if (ses
->session_flags
& SMB2_SESSION_FLAG_ENCRYPT_DATA
)
839 cifs_dbg(VFS
, "SMB3 encryption not supported yet\n");
841 rc
= SMB2_sess_establish_session(sess_data
);
843 key_invalidate(spnego_key
);
846 sess_data
->result
= rc
;
847 sess_data
->func
= NULL
;
848 SMB2_sess_free_buffer(sess_data
);
852 SMB2_auth_kerberos(struct SMB2_sess_data
*sess_data
)
854 cifs_dbg(VFS
, "Kerberos negotiated but upcall support disabled!\n");
855 sess_data
->result
= -EOPNOTSUPP
;
856 sess_data
->func
= NULL
;
861 SMB2_sess_auth_rawntlmssp_authenticate(struct SMB2_sess_data
*sess_data
);
864 SMB2_sess_auth_rawntlmssp_negotiate(struct SMB2_sess_data
*sess_data
)
867 struct cifs_ses
*ses
= sess_data
->ses
;
868 struct smb2_sess_setup_rsp
*rsp
= NULL
;
869 char *ntlmssp_blob
= NULL
;
870 bool use_spnego
= false; /* else use raw ntlmssp */
874 * If memory allocation is successful, caller of this function
877 ses
->ntlmssp
= kmalloc(sizeof(struct ntlmssp_auth
), GFP_KERNEL
);
882 ses
->ntlmssp
->sesskey_per_smbsess
= true;
884 rc
= SMB2_sess_alloc_buffer(sess_data
);
888 ntlmssp_blob
= kmalloc(sizeof(struct _NEGOTIATE_MESSAGE
),
890 if (ntlmssp_blob
== NULL
) {
895 build_ntlmssp_negotiate_blob(ntlmssp_blob
, ses
);
897 /* BB eventually need to add this */
898 cifs_dbg(VFS
, "spnego not supported for SMB2 yet\n");
902 blob_length
= sizeof(struct _NEGOTIATE_MESSAGE
);
903 /* with raw NTLMSSP we don't encapsulate in SPNEGO */
905 sess_data
->iov
[1].iov_base
= ntlmssp_blob
;
906 sess_data
->iov
[1].iov_len
= blob_length
;
908 rc
= SMB2_sess_sendreceive(sess_data
);
909 rsp
= (struct smb2_sess_setup_rsp
*)sess_data
->iov
[0].iov_base
;
911 /* If true, rc here is expected and not an error */
912 if (sess_data
->buf0_type
!= CIFS_NO_BUFFER
&&
913 rsp
->hdr
.sync_hdr
.Status
== STATUS_MORE_PROCESSING_REQUIRED
)
919 if (offsetof(struct smb2_sess_setup_rsp
, Buffer
) - 4 !=
920 le16_to_cpu(rsp
->SecurityBufferOffset
)) {
921 cifs_dbg(VFS
, "Invalid security buffer offset %d\n",
922 le16_to_cpu(rsp
->SecurityBufferOffset
));
926 rc
= decode_ntlmssp_challenge(rsp
->Buffer
,
927 le16_to_cpu(rsp
->SecurityBufferLength
), ses
);
931 cifs_dbg(FYI
, "rawntlmssp session setup challenge phase\n");
934 ses
->Suid
= rsp
->hdr
.sync_hdr
.SessionId
;
935 ses
->session_flags
= le16_to_cpu(rsp
->SessionFlags
);
936 if (ses
->session_flags
& SMB2_SESSION_FLAG_ENCRYPT_DATA
)
937 cifs_dbg(VFS
, "SMB3 encryption not supported yet\n");
941 SMB2_sess_free_buffer(sess_data
);
943 sess_data
->result
= 0;
944 sess_data
->func
= SMB2_sess_auth_rawntlmssp_authenticate
;
950 sess_data
->result
= rc
;
951 sess_data
->func
= NULL
;
955 SMB2_sess_auth_rawntlmssp_authenticate(struct SMB2_sess_data
*sess_data
)
958 struct cifs_ses
*ses
= sess_data
->ses
;
959 struct smb2_sess_setup_req
*req
;
960 struct smb2_sess_setup_rsp
*rsp
= NULL
;
961 unsigned char *ntlmssp_blob
= NULL
;
962 bool use_spnego
= false; /* else use raw ntlmssp */
965 rc
= SMB2_sess_alloc_buffer(sess_data
);
969 req
= (struct smb2_sess_setup_req
*) sess_data
->iov
[0].iov_base
;
970 req
->hdr
.sync_hdr
.SessionId
= ses
->Suid
;
972 rc
= build_ntlmssp_auth_blob(&ntlmssp_blob
, &blob_length
, ses
,
975 cifs_dbg(FYI
, "build_ntlmssp_auth_blob failed %d\n", rc
);
980 /* BB eventually need to add this */
981 cifs_dbg(VFS
, "spnego not supported for SMB2 yet\n");
985 sess_data
->iov
[1].iov_base
= ntlmssp_blob
;
986 sess_data
->iov
[1].iov_len
= blob_length
;
988 rc
= SMB2_sess_sendreceive(sess_data
);
992 rsp
= (struct smb2_sess_setup_rsp
*)sess_data
->iov
[0].iov_base
;
994 ses
->Suid
= rsp
->hdr
.sync_hdr
.SessionId
;
995 ses
->session_flags
= le16_to_cpu(rsp
->SessionFlags
);
996 if (ses
->session_flags
& SMB2_SESSION_FLAG_ENCRYPT_DATA
)
997 cifs_dbg(VFS
, "SMB3 encryption not supported yet\n");
999 rc
= SMB2_sess_establish_session(sess_data
);
1001 kfree(ntlmssp_blob
);
1002 SMB2_sess_free_buffer(sess_data
);
1003 kfree(ses
->ntlmssp
);
1004 ses
->ntlmssp
= NULL
;
1005 sess_data
->result
= rc
;
1006 sess_data
->func
= NULL
;
1010 SMB2_select_sec(struct cifs_ses
*ses
, struct SMB2_sess_data
*sess_data
)
1012 if (ses
->sectype
!= Kerberos
&& ses
->sectype
!= RawNTLMSSP
)
1013 ses
->sectype
= RawNTLMSSP
;
1015 switch (ses
->sectype
) {
1017 sess_data
->func
= SMB2_auth_kerberos
;
1020 sess_data
->func
= SMB2_sess_auth_rawntlmssp_negotiate
;
1023 cifs_dbg(VFS
, "secType %d not supported!\n", ses
->sectype
);
1031 SMB2_sess_setup(const unsigned int xid
, struct cifs_ses
*ses
,
1032 const struct nls_table
*nls_cp
)
1035 struct TCP_Server_Info
*server
= ses
->server
;
1036 struct SMB2_sess_data
*sess_data
;
1038 cifs_dbg(FYI
, "Session Setup\n");
1041 WARN(1, "%s: server is NULL!\n", __func__
);
1045 sess_data
= kzalloc(sizeof(struct SMB2_sess_data
), GFP_KERNEL
);
1049 rc
= SMB2_select_sec(ses
, sess_data
);
1052 sess_data
->xid
= xid
;
1053 sess_data
->ses
= ses
;
1054 sess_data
->buf0_type
= CIFS_NO_BUFFER
;
1055 sess_data
->nls_cp
= (struct nls_table
*) nls_cp
;
1057 while (sess_data
->func
)
1058 sess_data
->func(sess_data
);
1060 rc
= sess_data
->result
;
1067 SMB2_logoff(const unsigned int xid
, struct cifs_ses
*ses
)
1069 struct smb2_logoff_req
*req
; /* response is also trivial struct */
1071 struct TCP_Server_Info
*server
;
1074 cifs_dbg(FYI
, "disconnect session %p\n", ses
);
1076 if (ses
&& (ses
->server
))
1077 server
= ses
->server
;
1081 /* no need to send SMB logoff if uid already closed due to reconnect */
1082 if (ses
->need_reconnect
)
1083 goto smb2_session_already_dead
;
1085 rc
= small_smb2_init(SMB2_LOGOFF
, NULL
, (void **) &req
);
1089 /* since no tcon, smb2_init can not do this, so do here */
1090 req
->hdr
.sync_hdr
.SessionId
= ses
->Suid
;
1092 if (ses
->session_flags
& SMB2_SESSION_FLAG_ENCRYPT_DATA
)
1093 flags
|= CIFS_TRANSFORM_REQ
;
1094 else if (server
->sign
)
1095 req
->hdr
.sync_hdr
.Flags
|= SMB2_FLAGS_SIGNED
;
1097 rc
= SendReceiveNoRsp(xid
, ses
, (char *) req
, flags
);
1098 cifs_small_buf_release(req
);
1100 * No tcon so can't do
1101 * cifs_stats_inc(&tcon->stats.smb2_stats.smb2_com_fail[SMB2...]);
1104 smb2_session_already_dead
:
1108 static inline void cifs_stats_fail_inc(struct cifs_tcon
*tcon
, uint16_t code
)
1110 cifs_stats_inc(&tcon
->stats
.smb2_stats
.smb2_com_failed
[code
]);
1113 #define MAX_SHARENAME_LENGTH (255 /* server */ + 80 /* share */ + 1 /* NULL */)
1115 /* These are similar values to what Windows uses */
1116 static inline void init_copy_chunk_defaults(struct cifs_tcon
*tcon
)
1118 tcon
->max_chunks
= 256;
1119 tcon
->max_bytes_chunk
= 1048576;
1120 tcon
->max_bytes_copy
= 16777216;
1124 SMB2_tcon(const unsigned int xid
, struct cifs_ses
*ses
, const char *tree
,
1125 struct cifs_tcon
*tcon
, const struct nls_table
*cp
)
1127 struct smb2_tree_connect_req
*req
;
1128 struct smb2_tree_connect_rsp
*rsp
= NULL
;
1130 struct kvec rsp_iov
;
1134 struct TCP_Server_Info
*server
;
1135 __le16
*unc_path
= NULL
;
1138 cifs_dbg(FYI
, "TCON\n");
1140 if ((ses
->server
) && tree
)
1141 server
= ses
->server
;
1145 if (tcon
&& tcon
->bad_network_name
)
1148 if ((tcon
&& tcon
->seal
) &&
1149 ((ses
->server
->capabilities
& SMB2_GLOBAL_CAP_ENCRYPTION
) == 0)) {
1150 cifs_dbg(VFS
, "encryption requested but no server support");
1154 unc_path
= kmalloc(MAX_SHARENAME_LENGTH
* 2, GFP_KERNEL
);
1155 if (unc_path
== NULL
)
1158 unc_path_len
= cifs_strtoUTF16(unc_path
, tree
, strlen(tree
), cp
) + 1;
1160 if (unc_path_len
< 2) {
1165 rc
= small_smb2_init(SMB2_TREE_CONNECT
, tcon
, (void **) &req
);
1171 if (ses
->session_flags
& SMB2_SESSION_FLAG_ENCRYPT_DATA
)
1172 flags
|= CIFS_TRANSFORM_REQ
;
1175 /* since no tcon, smb2_init can not do this, so do here */
1176 req
->hdr
.sync_hdr
.SessionId
= ses
->Suid
;
1177 /* if (ses->server->sec_mode & SECMODE_SIGN_REQUIRED)
1178 req->hdr.Flags |= SMB2_FLAGS_SIGNED; */
1181 iov
[0].iov_base
= (char *)req
;
1182 /* 4 for rfc1002 length field and 1 for pad */
1183 iov
[0].iov_len
= get_rfc1002_length(req
) + 4 - 1;
1185 /* Testing shows that buffer offset must be at location of Buffer[0] */
1186 req
->PathOffset
= cpu_to_le16(sizeof(struct smb2_tree_connect_req
)
1187 - 1 /* pad */ - 4 /* do not count rfc1001 len field */);
1188 req
->PathLength
= cpu_to_le16(unc_path_len
- 2);
1189 iov
[1].iov_base
= unc_path
;
1190 iov
[1].iov_len
= unc_path_len
;
1192 inc_rfc1001_len(req
, unc_path_len
- 1 /* pad */);
1194 rc
= SendReceive2(xid
, ses
, iov
, 2, &resp_buftype
, flags
, &rsp_iov
);
1195 cifs_small_buf_release(req
);
1196 rsp
= (struct smb2_tree_connect_rsp
*)rsp_iov
.iov_base
;
1200 cifs_stats_fail_inc(tcon
, SMB2_TREE_CONNECT_HE
);
1201 tcon
->need_reconnect
= true;
1203 goto tcon_error_exit
;
1207 ses
->ipc_tid
= rsp
->hdr
.sync_hdr
.TreeId
;
1211 if (rsp
->ShareType
& SMB2_SHARE_TYPE_DISK
)
1212 cifs_dbg(FYI
, "connection to disk share\n");
1213 else if (rsp
->ShareType
& SMB2_SHARE_TYPE_PIPE
) {
1215 cifs_dbg(FYI
, "connection to pipe share\n");
1216 } else if (rsp
->ShareType
& SMB2_SHARE_TYPE_PRINT
) {
1218 cifs_dbg(FYI
, "connection to printer\n");
1220 cifs_dbg(VFS
, "unknown share type %d\n", rsp
->ShareType
);
1222 goto tcon_error_exit
;
1225 tcon
->share_flags
= le32_to_cpu(rsp
->ShareFlags
);
1226 tcon
->capabilities
= rsp
->Capabilities
; /* we keep caps little endian */
1227 tcon
->maximal_access
= le32_to_cpu(rsp
->MaximalAccess
);
1228 tcon
->tidStatus
= CifsGood
;
1229 tcon
->need_reconnect
= false;
1230 tcon
->tid
= rsp
->hdr
.sync_hdr
.TreeId
;
1231 strlcpy(tcon
->treeName
, tree
, sizeof(tcon
->treeName
));
1233 if ((rsp
->Capabilities
& SMB2_SHARE_CAP_DFS
) &&
1234 ((tcon
->share_flags
& SHI1005_FLAGS_DFS
) == 0))
1235 cifs_dbg(VFS
, "DFS capability contradicts DFS flag\n");
1236 init_copy_chunk_defaults(tcon
);
1237 if (tcon
->share_flags
& SHI1005_FLAGS_ENCRYPT_DATA
)
1238 cifs_dbg(VFS
, "Encrypted shares not supported");
1239 if (tcon
->ses
->server
->ops
->validate_negotiate
)
1240 rc
= tcon
->ses
->server
->ops
->validate_negotiate(xid
, tcon
);
1242 free_rsp_buf(resp_buftype
, rsp
);
1247 if (rsp
->hdr
.sync_hdr
.Status
== STATUS_BAD_NETWORK_NAME
) {
1248 cifs_dbg(VFS
, "BAD_NETWORK_NAME: %s\n", tree
);
1250 tcon
->bad_network_name
= true;
1256 SMB2_tdis(const unsigned int xid
, struct cifs_tcon
*tcon
)
1258 struct smb2_tree_disconnect_req
*req
; /* response is trivial */
1260 struct TCP_Server_Info
*server
;
1261 struct cifs_ses
*ses
= tcon
->ses
;
1264 cifs_dbg(FYI
, "Tree Disconnect\n");
1266 if (ses
&& (ses
->server
))
1267 server
= ses
->server
;
1271 if ((tcon
->need_reconnect
) || (tcon
->ses
->need_reconnect
))
1274 rc
= small_smb2_init(SMB2_TREE_DISCONNECT
, tcon
, (void **) &req
);
1278 if (encryption_required(tcon
))
1279 flags
|= CIFS_TRANSFORM_REQ
;
1281 rc
= SendReceiveNoRsp(xid
, ses
, (char *)req
, flags
);
1282 cifs_small_buf_release(req
);
1284 cifs_stats_fail_inc(tcon
, SMB2_TREE_DISCONNECT_HE
);
1290 static struct create_durable
*
1291 create_durable_buf(void)
1293 struct create_durable
*buf
;
1295 buf
= kzalloc(sizeof(struct create_durable
), GFP_KERNEL
);
1299 buf
->ccontext
.DataOffset
= cpu_to_le16(offsetof
1300 (struct create_durable
, Data
));
1301 buf
->ccontext
.DataLength
= cpu_to_le32(16);
1302 buf
->ccontext
.NameOffset
= cpu_to_le16(offsetof
1303 (struct create_durable
, Name
));
1304 buf
->ccontext
.NameLength
= cpu_to_le16(4);
1305 /* SMB2_CREATE_DURABLE_HANDLE_REQUEST is "DHnQ" */
1313 static struct create_durable
*
1314 create_reconnect_durable_buf(struct cifs_fid
*fid
)
1316 struct create_durable
*buf
;
1318 buf
= kzalloc(sizeof(struct create_durable
), GFP_KERNEL
);
1322 buf
->ccontext
.DataOffset
= cpu_to_le16(offsetof
1323 (struct create_durable
, Data
));
1324 buf
->ccontext
.DataLength
= cpu_to_le32(16);
1325 buf
->ccontext
.NameOffset
= cpu_to_le16(offsetof
1326 (struct create_durable
, Name
));
1327 buf
->ccontext
.NameLength
= cpu_to_le16(4);
1328 buf
->Data
.Fid
.PersistentFileId
= fid
->persistent_fid
;
1329 buf
->Data
.Fid
.VolatileFileId
= fid
->volatile_fid
;
1330 /* SMB2_CREATE_DURABLE_HANDLE_RECONNECT is "DHnC" */
1339 parse_lease_state(struct TCP_Server_Info
*server
, struct smb2_create_rsp
*rsp
,
1340 unsigned int *epoch
)
1343 struct create_context
*cc
;
1345 unsigned int remaining
;
1348 data_offset
= (char *)rsp
+ 4 + le32_to_cpu(rsp
->CreateContextsOffset
);
1349 remaining
= le32_to_cpu(rsp
->CreateContextsLength
);
1350 cc
= (struct create_context
*)data_offset
;
1351 while (remaining
>= sizeof(struct create_context
)) {
1352 name
= le16_to_cpu(cc
->NameOffset
) + (char *)cc
;
1353 if (le16_to_cpu(cc
->NameLength
) == 4 &&
1354 strncmp(name
, "RqLs", 4) == 0)
1355 return server
->ops
->parse_lease_buf(cc
, epoch
);
1357 next
= le32_to_cpu(cc
->Next
);
1361 cc
= (struct create_context
*)((char *)cc
+ next
);
1368 add_lease_context(struct TCP_Server_Info
*server
, struct kvec
*iov
,
1369 unsigned int *num_iovec
, __u8
*oplock
)
1371 struct smb2_create_req
*req
= iov
[0].iov_base
;
1372 unsigned int num
= *num_iovec
;
1374 iov
[num
].iov_base
= server
->ops
->create_lease_buf(oplock
+1, *oplock
);
1375 if (iov
[num
].iov_base
== NULL
)
1377 iov
[num
].iov_len
= server
->vals
->create_lease_size
;
1378 req
->RequestedOplockLevel
= SMB2_OPLOCK_LEVEL_LEASE
;
1379 if (!req
->CreateContextsOffset
)
1380 req
->CreateContextsOffset
= cpu_to_le32(
1381 sizeof(struct smb2_create_req
) - 4 +
1382 iov
[num
- 1].iov_len
);
1383 le32_add_cpu(&req
->CreateContextsLength
,
1384 server
->vals
->create_lease_size
);
1385 inc_rfc1001_len(&req
->hdr
, server
->vals
->create_lease_size
);
1386 *num_iovec
= num
+ 1;
1390 static struct create_durable_v2
*
1391 create_durable_v2_buf(struct cifs_fid
*pfid
)
1393 struct create_durable_v2
*buf
;
1395 buf
= kzalloc(sizeof(struct create_durable_v2
), GFP_KERNEL
);
1399 buf
->ccontext
.DataOffset
= cpu_to_le16(offsetof
1400 (struct create_durable_v2
, dcontext
));
1401 buf
->ccontext
.DataLength
= cpu_to_le32(sizeof(struct durable_context_v2
));
1402 buf
->ccontext
.NameOffset
= cpu_to_le16(offsetof
1403 (struct create_durable_v2
, Name
));
1404 buf
->ccontext
.NameLength
= cpu_to_le16(4);
1406 buf
->dcontext
.Timeout
= 0; /* Should this be configurable by workload */
1407 buf
->dcontext
.Flags
= cpu_to_le32(SMB2_DHANDLE_FLAG_PERSISTENT
);
1408 generate_random_uuid(buf
->dcontext
.CreateGuid
);
1409 memcpy(pfid
->create_guid
, buf
->dcontext
.CreateGuid
, 16);
1411 /* SMB2_CREATE_DURABLE_HANDLE_REQUEST is "DH2Q" */
1419 static struct create_durable_handle_reconnect_v2
*
1420 create_reconnect_durable_v2_buf(struct cifs_fid
*fid
)
1422 struct create_durable_handle_reconnect_v2
*buf
;
1424 buf
= kzalloc(sizeof(struct create_durable_handle_reconnect_v2
),
1429 buf
->ccontext
.DataOffset
=
1430 cpu_to_le16(offsetof(struct create_durable_handle_reconnect_v2
,
1432 buf
->ccontext
.DataLength
=
1433 cpu_to_le32(sizeof(struct durable_reconnect_context_v2
));
1434 buf
->ccontext
.NameOffset
=
1435 cpu_to_le16(offsetof(struct create_durable_handle_reconnect_v2
,
1437 buf
->ccontext
.NameLength
= cpu_to_le16(4);
1439 buf
->dcontext
.Fid
.PersistentFileId
= fid
->persistent_fid
;
1440 buf
->dcontext
.Fid
.VolatileFileId
= fid
->volatile_fid
;
1441 buf
->dcontext
.Flags
= cpu_to_le32(SMB2_DHANDLE_FLAG_PERSISTENT
);
1442 memcpy(buf
->dcontext
.CreateGuid
, fid
->create_guid
, 16);
1444 /* SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2 is "DH2C" */
1453 add_durable_v2_context(struct kvec
*iov
, unsigned int *num_iovec
,
1454 struct cifs_open_parms
*oparms
)
1456 struct smb2_create_req
*req
= iov
[0].iov_base
;
1457 unsigned int num
= *num_iovec
;
1459 iov
[num
].iov_base
= create_durable_v2_buf(oparms
->fid
);
1460 if (iov
[num
].iov_base
== NULL
)
1462 iov
[num
].iov_len
= sizeof(struct create_durable_v2
);
1463 if (!req
->CreateContextsOffset
)
1464 req
->CreateContextsOffset
=
1465 cpu_to_le32(sizeof(struct smb2_create_req
) - 4 +
1467 le32_add_cpu(&req
->CreateContextsLength
, sizeof(struct create_durable_v2
));
1468 inc_rfc1001_len(&req
->hdr
, sizeof(struct create_durable_v2
));
1469 *num_iovec
= num
+ 1;
1474 add_durable_reconnect_v2_context(struct kvec
*iov
, unsigned int *num_iovec
,
1475 struct cifs_open_parms
*oparms
)
1477 struct smb2_create_req
*req
= iov
[0].iov_base
;
1478 unsigned int num
= *num_iovec
;
1480 /* indicate that we don't need to relock the file */
1481 oparms
->reconnect
= false;
1483 iov
[num
].iov_base
= create_reconnect_durable_v2_buf(oparms
->fid
);
1484 if (iov
[num
].iov_base
== NULL
)
1486 iov
[num
].iov_len
= sizeof(struct create_durable_handle_reconnect_v2
);
1487 if (!req
->CreateContextsOffset
)
1488 req
->CreateContextsOffset
=
1489 cpu_to_le32(sizeof(struct smb2_create_req
) - 4 +
1491 le32_add_cpu(&req
->CreateContextsLength
,
1492 sizeof(struct create_durable_handle_reconnect_v2
));
1493 inc_rfc1001_len(&req
->hdr
,
1494 sizeof(struct create_durable_handle_reconnect_v2
));
1495 *num_iovec
= num
+ 1;
1500 add_durable_context(struct kvec
*iov
, unsigned int *num_iovec
,
1501 struct cifs_open_parms
*oparms
, bool use_persistent
)
1503 struct smb2_create_req
*req
= iov
[0].iov_base
;
1504 unsigned int num
= *num_iovec
;
1506 if (use_persistent
) {
1507 if (oparms
->reconnect
)
1508 return add_durable_reconnect_v2_context(iov
, num_iovec
,
1511 return add_durable_v2_context(iov
, num_iovec
, oparms
);
1514 if (oparms
->reconnect
) {
1515 iov
[num
].iov_base
= create_reconnect_durable_buf(oparms
->fid
);
1516 /* indicate that we don't need to relock the file */
1517 oparms
->reconnect
= false;
1519 iov
[num
].iov_base
= create_durable_buf();
1520 if (iov
[num
].iov_base
== NULL
)
1522 iov
[num
].iov_len
= sizeof(struct create_durable
);
1523 if (!req
->CreateContextsOffset
)
1524 req
->CreateContextsOffset
=
1525 cpu_to_le32(sizeof(struct smb2_create_req
) - 4 +
1527 le32_add_cpu(&req
->CreateContextsLength
, sizeof(struct create_durable
));
1528 inc_rfc1001_len(&req
->hdr
, sizeof(struct create_durable
));
1529 *num_iovec
= num
+ 1;
1534 SMB2_open(const unsigned int xid
, struct cifs_open_parms
*oparms
, __le16
*path
,
1535 __u8
*oplock
, struct smb2_file_all_info
*buf
,
1536 struct smb2_err_rsp
**err_buf
)
1538 struct smb2_create_req
*req
;
1539 struct smb2_create_rsp
*rsp
;
1540 struct TCP_Server_Info
*server
;
1541 struct cifs_tcon
*tcon
= oparms
->tcon
;
1542 struct cifs_ses
*ses
= tcon
->ses
;
1544 struct kvec rsp_iov
;
1547 __le16
*copy_path
= NULL
;
1550 unsigned int n_iov
= 2;
1551 __u32 file_attributes
= 0;
1552 char *dhc_buf
= NULL
, *lc_buf
= NULL
;
1555 cifs_dbg(FYI
, "create/open\n");
1557 if (ses
&& (ses
->server
))
1558 server
= ses
->server
;
1562 rc
= small_smb2_init(SMB2_CREATE
, tcon
, (void **) &req
);
1566 if (encryption_required(tcon
))
1567 flags
|= CIFS_TRANSFORM_REQ
;
1569 if (oparms
->create_options
& CREATE_OPTION_READONLY
)
1570 file_attributes
|= ATTR_READONLY
;
1571 if (oparms
->create_options
& CREATE_OPTION_SPECIAL
)
1572 file_attributes
|= ATTR_SYSTEM
;
1574 req
->ImpersonationLevel
= IL_IMPERSONATION
;
1575 req
->DesiredAccess
= cpu_to_le32(oparms
->desired_access
);
1576 /* File attributes ignored on open (used in create though) */
1577 req
->FileAttributes
= cpu_to_le32(file_attributes
);
1578 req
->ShareAccess
= FILE_SHARE_ALL_LE
;
1579 req
->CreateDisposition
= cpu_to_le32(oparms
->disposition
);
1580 req
->CreateOptions
= cpu_to_le32(oparms
->create_options
& CREATE_OPTIONS_MASK
);
1581 uni_path_len
= (2 * UniStrnlen((wchar_t *)path
, PATH_MAX
)) + 2;
1582 /* do not count rfc1001 len field */
1583 req
->NameOffset
= cpu_to_le16(sizeof(struct smb2_create_req
) - 4);
1585 iov
[0].iov_base
= (char *)req
;
1586 /* 4 for rfc1002 length field */
1587 iov
[0].iov_len
= get_rfc1002_length(req
) + 4;
1589 /* MUST set path len (NameLength) to 0 opening root of share */
1590 req
->NameLength
= cpu_to_le16(uni_path_len
- 2);
1591 /* -1 since last byte is buf[0] which is sent below (path) */
1593 if (uni_path_len
% 8 != 0) {
1594 copy_size
= uni_path_len
/ 8 * 8;
1595 if (copy_size
< uni_path_len
)
1598 copy_path
= kzalloc(copy_size
, GFP_KERNEL
);
1601 memcpy((char *)copy_path
, (const char *)path
,
1603 uni_path_len
= copy_size
;
1607 iov
[1].iov_len
= uni_path_len
;
1608 iov
[1].iov_base
= path
;
1609 /* -1 since last byte is buf[0] which was counted in smb2_buf_len */
1610 inc_rfc1001_len(req
, uni_path_len
- 1);
1612 if (!server
->oplocks
)
1613 *oplock
= SMB2_OPLOCK_LEVEL_NONE
;
1615 if (!(server
->capabilities
& SMB2_GLOBAL_CAP_LEASING
) ||
1616 *oplock
== SMB2_OPLOCK_LEVEL_NONE
)
1617 req
->RequestedOplockLevel
= *oplock
;
1619 rc
= add_lease_context(server
, iov
, &n_iov
, oplock
);
1621 cifs_small_buf_release(req
);
1625 lc_buf
= iov
[n_iov
-1].iov_base
;
1628 if (*oplock
== SMB2_OPLOCK_LEVEL_BATCH
) {
1629 /* need to set Next field of lease context if we request it */
1630 if (server
->capabilities
& SMB2_GLOBAL_CAP_LEASING
) {
1631 struct create_context
*ccontext
=
1632 (struct create_context
*)iov
[n_iov
-1].iov_base
;
1634 cpu_to_le32(server
->vals
->create_lease_size
);
1637 rc
= add_durable_context(iov
, &n_iov
, oparms
,
1638 tcon
->use_persistent
);
1640 cifs_small_buf_release(req
);
1645 dhc_buf
= iov
[n_iov
-1].iov_base
;
1648 rc
= SendReceive2(xid
, ses
, iov
, n_iov
, &resp_buftype
, flags
, &rsp_iov
);
1649 cifs_small_buf_release(req
);
1650 rsp
= (struct smb2_create_rsp
*)rsp_iov
.iov_base
;
1653 cifs_stats_fail_inc(tcon
, SMB2_CREATE_HE
);
1655 *err_buf
= kmemdup(rsp
, get_rfc1002_length(rsp
) + 4,
1660 oparms
->fid
->persistent_fid
= rsp
->PersistentFileId
;
1661 oparms
->fid
->volatile_fid
= rsp
->VolatileFileId
;
1664 memcpy(buf
, &rsp
->CreationTime
, 32);
1665 buf
->AllocationSize
= rsp
->AllocationSize
;
1666 buf
->EndOfFile
= rsp
->EndofFile
;
1667 buf
->Attributes
= rsp
->FileAttributes
;
1668 buf
->NumberOfLinks
= cpu_to_le32(1);
1669 buf
->DeletePending
= 0;
1672 if (rsp
->OplockLevel
== SMB2_OPLOCK_LEVEL_LEASE
)
1673 *oplock
= parse_lease_state(server
, rsp
, &oparms
->fid
->epoch
);
1675 *oplock
= rsp
->OplockLevel
;
1680 free_rsp_buf(resp_buftype
, rsp
);
1685 * SMB2 IOCTL is used for both IOCTLs and FSCTLs
1688 SMB2_ioctl(const unsigned int xid
, struct cifs_tcon
*tcon
, u64 persistent_fid
,
1689 u64 volatile_fid
, u32 opcode
, bool is_fsctl
, char *in_data
,
1690 u32 indatalen
, char **out_data
, u32
*plen
/* returned data len */)
1692 struct smb2_ioctl_req
*req
;
1693 struct smb2_ioctl_rsp
*rsp
;
1694 struct smb2_sync_hdr
*shdr
;
1695 struct TCP_Server_Info
*server
;
1696 struct cifs_ses
*ses
;
1698 struct kvec rsp_iov
;
1704 cifs_dbg(FYI
, "SMB2 IOCTL\n");
1706 if (out_data
!= NULL
)
1709 /* zero out returned data len, in case of error */
1718 if (ses
&& (ses
->server
))
1719 server
= ses
->server
;
1723 rc
= small_smb2_init(SMB2_IOCTL
, tcon
, (void **) &req
);
1727 if (encryption_required(tcon
))
1728 flags
|= CIFS_TRANSFORM_REQ
;
1730 req
->CtlCode
= cpu_to_le32(opcode
);
1731 req
->PersistentFileId
= persistent_fid
;
1732 req
->VolatileFileId
= volatile_fid
;
1735 req
->InputCount
= cpu_to_le32(indatalen
);
1736 /* do not set InputOffset if no input data */
1738 cpu_to_le32(offsetof(struct smb2_ioctl_req
, Buffer
) - 4);
1739 iov
[1].iov_base
= in_data
;
1740 iov
[1].iov_len
= indatalen
;
1745 req
->OutputOffset
= 0;
1746 req
->OutputCount
= 0; /* MBZ */
1749 * Could increase MaxOutputResponse, but that would require more
1750 * than one credit. Windows typically sets this smaller, but for some
1751 * ioctls it may be useful to allow server to send more. No point
1752 * limiting what the server can send as long as fits in one credit
1754 req
->MaxOutputResponse
= cpu_to_le32(0xFF00); /* < 64K uses 1 credit */
1757 req
->Flags
= cpu_to_le32(SMB2_0_IOCTL_IS_FSCTL
);
1761 iov
[0].iov_base
= (char *)req
;
1764 * If no input data, the size of ioctl struct in
1765 * protocol spec still includes a 1 byte data buffer,
1766 * but if input data passed to ioctl, we do not
1767 * want to double count this, so we do not send
1768 * the dummy one byte of data in iovec[0] if sending
1769 * input data (in iovec[1]). We also must add 4 bytes
1770 * in first iovec to allow for rfc1002 length field.
1774 iov
[0].iov_len
= get_rfc1002_length(req
) + 4 - 1;
1775 inc_rfc1001_len(req
, indatalen
- 1);
1777 iov
[0].iov_len
= get_rfc1002_length(req
) + 4;
1780 rc
= SendReceive2(xid
, ses
, iov
, n_iov
, &resp_buftype
, flags
, &rsp_iov
);
1781 cifs_small_buf_release(req
);
1782 rsp
= (struct smb2_ioctl_rsp
*)rsp_iov
.iov_base
;
1784 if ((rc
!= 0) && (rc
!= -EINVAL
)) {
1785 cifs_stats_fail_inc(tcon
, SMB2_IOCTL_HE
);
1787 } else if (rc
== -EINVAL
) {
1788 if ((opcode
!= FSCTL_SRV_COPYCHUNK_WRITE
) &&
1789 (opcode
!= FSCTL_SRV_COPYCHUNK
)) {
1790 cifs_stats_fail_inc(tcon
, SMB2_IOCTL_HE
);
1795 /* check if caller wants to look at return data or just return rc */
1796 if ((plen
== NULL
) || (out_data
== NULL
))
1799 *plen
= le32_to_cpu(rsp
->OutputCount
);
1801 /* We check for obvious errors in the output buffer length and offset */
1803 goto ioctl_exit
; /* server returned no data */
1804 else if (*plen
> 0xFF00) {
1805 cifs_dbg(VFS
, "srv returned invalid ioctl length: %d\n", *plen
);
1811 if (get_rfc1002_length(rsp
) < le32_to_cpu(rsp
->OutputOffset
) + *plen
) {
1812 cifs_dbg(VFS
, "Malformed ioctl resp: len %d offset %d\n", *plen
,
1813 le32_to_cpu(rsp
->OutputOffset
));
1819 *out_data
= kmalloc(*plen
, GFP_KERNEL
);
1820 if (*out_data
== NULL
) {
1825 shdr
= get_sync_hdr(rsp
);
1826 memcpy(*out_data
, (char *)shdr
+ le32_to_cpu(rsp
->OutputOffset
), *plen
);
1828 free_rsp_buf(resp_buftype
, rsp
);
1833 * Individual callers to ioctl worker function follow
1837 SMB2_set_compression(const unsigned int xid
, struct cifs_tcon
*tcon
,
1838 u64 persistent_fid
, u64 volatile_fid
)
1841 struct compress_ioctl fsctl_input
;
1842 char *ret_data
= NULL
;
1844 fsctl_input
.CompressionState
=
1845 cpu_to_le16(COMPRESSION_FORMAT_DEFAULT
);
1847 rc
= SMB2_ioctl(xid
, tcon
, persistent_fid
, volatile_fid
,
1848 FSCTL_SET_COMPRESSION
, true /* is_fsctl */,
1849 (char *)&fsctl_input
/* data input */,
1850 2 /* in data len */, &ret_data
/* out data */, NULL
);
1852 cifs_dbg(FYI
, "set compression rc %d\n", rc
);
1858 SMB2_close(const unsigned int xid
, struct cifs_tcon
*tcon
,
1859 u64 persistent_fid
, u64 volatile_fid
)
1861 struct smb2_close_req
*req
;
1862 struct smb2_close_rsp
*rsp
;
1863 struct TCP_Server_Info
*server
;
1864 struct cifs_ses
*ses
= tcon
->ses
;
1866 struct kvec rsp_iov
;
1871 cifs_dbg(FYI
, "Close\n");
1873 if (ses
&& (ses
->server
))
1874 server
= ses
->server
;
1878 rc
= small_smb2_init(SMB2_CLOSE
, tcon
, (void **) &req
);
1882 if (encryption_required(tcon
))
1883 flags
|= CIFS_TRANSFORM_REQ
;
1885 req
->PersistentFileId
= persistent_fid
;
1886 req
->VolatileFileId
= volatile_fid
;
1888 iov
[0].iov_base
= (char *)req
;
1889 /* 4 for rfc1002 length field */
1890 iov
[0].iov_len
= get_rfc1002_length(req
) + 4;
1892 rc
= SendReceive2(xid
, ses
, iov
, 1, &resp_buftype
, flags
, &rsp_iov
);
1893 cifs_small_buf_release(req
);
1894 rsp
= (struct smb2_close_rsp
*)rsp_iov
.iov_base
;
1897 cifs_stats_fail_inc(tcon
, SMB2_CLOSE_HE
);
1901 /* BB FIXME - decode close response, update inode for caching */
1904 free_rsp_buf(resp_buftype
, rsp
);
1909 validate_buf(unsigned int offset
, unsigned int buffer_length
,
1910 struct smb2_hdr
*hdr
, unsigned int min_buf_size
)
1913 unsigned int smb_len
= be32_to_cpu(hdr
->smb2_buf_length
);
1914 char *end_of_smb
= smb_len
+ 4 /* RFC1001 length field */ + (char *)hdr
;
1915 char *begin_of_buf
= 4 /* RFC1001 len field */ + offset
+ (char *)hdr
;
1916 char *end_of_buf
= begin_of_buf
+ buffer_length
;
1919 if (buffer_length
< min_buf_size
) {
1920 cifs_dbg(VFS
, "buffer length %d smaller than minimum size %d\n",
1921 buffer_length
, min_buf_size
);
1925 /* check if beyond RFC1001 maximum length */
1926 if ((smb_len
> 0x7FFFFF) || (buffer_length
> 0x7FFFFF)) {
1927 cifs_dbg(VFS
, "buffer length %d or smb length %d too large\n",
1928 buffer_length
, smb_len
);
1932 if ((begin_of_buf
> end_of_smb
) || (end_of_buf
> end_of_smb
)) {
1933 cifs_dbg(VFS
, "illegal server response, bad offset to data\n");
1941 * If SMB buffer fields are valid, copy into temporary buffer to hold result.
1942 * Caller must free buffer.
1945 validate_and_copy_buf(unsigned int offset
, unsigned int buffer_length
,
1946 struct smb2_hdr
*hdr
, unsigned int minbufsize
,
1950 char *begin_of_buf
= 4 /* RFC1001 len field */ + offset
+ (char *)hdr
;
1956 rc
= validate_buf(offset
, buffer_length
, hdr
, minbufsize
);
1960 memcpy(data
, begin_of_buf
, buffer_length
);
1966 query_info(const unsigned int xid
, struct cifs_tcon
*tcon
,
1967 u64 persistent_fid
, u64 volatile_fid
, u8 info_class
,
1968 size_t output_len
, size_t min_len
, void *data
)
1970 struct smb2_query_info_req
*req
;
1971 struct smb2_query_info_rsp
*rsp
= NULL
;
1973 struct kvec rsp_iov
;
1976 struct TCP_Server_Info
*server
;
1977 struct cifs_ses
*ses
= tcon
->ses
;
1980 cifs_dbg(FYI
, "Query Info\n");
1982 if (ses
&& (ses
->server
))
1983 server
= ses
->server
;
1987 rc
= small_smb2_init(SMB2_QUERY_INFO
, tcon
, (void **) &req
);
1991 if (encryption_required(tcon
))
1992 flags
|= CIFS_TRANSFORM_REQ
;
1994 req
->InfoType
= SMB2_O_INFO_FILE
;
1995 req
->FileInfoClass
= info_class
;
1996 req
->PersistentFileId
= persistent_fid
;
1997 req
->VolatileFileId
= volatile_fid
;
1998 /* 4 for rfc1002 length field and 1 for Buffer */
1999 req
->InputBufferOffset
=
2000 cpu_to_le16(sizeof(struct smb2_query_info_req
) - 1 - 4);
2001 req
->OutputBufferLength
= cpu_to_le32(output_len
);
2003 iov
[0].iov_base
= (char *)req
;
2004 /* 4 for rfc1002 length field */
2005 iov
[0].iov_len
= get_rfc1002_length(req
) + 4;
2007 rc
= SendReceive2(xid
, ses
, iov
, 1, &resp_buftype
, flags
, &rsp_iov
);
2008 cifs_small_buf_release(req
);
2009 rsp
= (struct smb2_query_info_rsp
*)rsp_iov
.iov_base
;
2012 cifs_stats_fail_inc(tcon
, SMB2_QUERY_INFO_HE
);
2016 rc
= validate_and_copy_buf(le16_to_cpu(rsp
->OutputBufferOffset
),
2017 le32_to_cpu(rsp
->OutputBufferLength
),
2018 &rsp
->hdr
, min_len
, data
);
2021 free_rsp_buf(resp_buftype
, rsp
);
2026 SMB2_query_info(const unsigned int xid
, struct cifs_tcon
*tcon
,
2027 u64 persistent_fid
, u64 volatile_fid
,
2028 struct smb2_file_all_info
*data
)
2030 return query_info(xid
, tcon
, persistent_fid
, volatile_fid
,
2031 FILE_ALL_INFORMATION
,
2032 sizeof(struct smb2_file_all_info
) + PATH_MAX
* 2,
2033 sizeof(struct smb2_file_all_info
), data
);
2037 SMB2_get_srv_num(const unsigned int xid
, struct cifs_tcon
*tcon
,
2038 u64 persistent_fid
, u64 volatile_fid
, __le64
*uniqueid
)
2040 return query_info(xid
, tcon
, persistent_fid
, volatile_fid
,
2041 FILE_INTERNAL_INFORMATION
,
2042 sizeof(struct smb2_file_internal_info
),
2043 sizeof(struct smb2_file_internal_info
), uniqueid
);
2047 * This is a no-op for now. We're not really interested in the reply, but
2048 * rather in the fact that the server sent one and that server->lstrp
2051 * FIXME: maybe we should consider checking that the reply matches request?
2054 smb2_echo_callback(struct mid_q_entry
*mid
)
2056 struct TCP_Server_Info
*server
= mid
->callback_data
;
2057 struct smb2_echo_rsp
*rsp
= (struct smb2_echo_rsp
*)mid
->resp_buf
;
2058 unsigned int credits_received
= 1;
2060 if (mid
->mid_state
== MID_RESPONSE_RECEIVED
)
2061 credits_received
= le16_to_cpu(rsp
->hdr
.sync_hdr
.CreditRequest
);
2063 mutex_lock(&server
->srv_mutex
);
2064 DeleteMidQEntry(mid
);
2065 mutex_unlock(&server
->srv_mutex
);
2066 add_credits(server
, credits_received
, CIFS_ECHO_OP
);
2069 void smb2_reconnect_server(struct work_struct
*work
)
2071 struct TCP_Server_Info
*server
= container_of(work
,
2072 struct TCP_Server_Info
, reconnect
.work
);
2073 struct cifs_ses
*ses
;
2074 struct cifs_tcon
*tcon
, *tcon2
;
2075 struct list_head tmp_list
;
2076 int tcon_exist
= false;
2078 /* Prevent simultaneous reconnects that can corrupt tcon->rlist list */
2079 mutex_lock(&server
->reconnect_mutex
);
2081 INIT_LIST_HEAD(&tmp_list
);
2082 cifs_dbg(FYI
, "Need negotiate, reconnecting tcons\n");
2084 spin_lock(&cifs_tcp_ses_lock
);
2085 list_for_each_entry(ses
, &server
->smb_ses_list
, smb_ses_list
) {
2086 list_for_each_entry(tcon
, &ses
->tcon_list
, tcon_list
) {
2087 if (tcon
->need_reconnect
|| tcon
->need_reopen_files
) {
2089 list_add_tail(&tcon
->rlist
, &tmp_list
);
2095 * Get the reference to server struct to be sure that the last call of
2096 * cifs_put_tcon() in the loop below won't release the server pointer.
2099 server
->srv_count
++;
2101 spin_unlock(&cifs_tcp_ses_lock
);
2103 list_for_each_entry_safe(tcon
, tcon2
, &tmp_list
, rlist
) {
2104 if (!smb2_reconnect(SMB2_INTERNAL_CMD
, tcon
))
2105 cifs_reopen_persistent_handles(tcon
);
2106 list_del_init(&tcon
->rlist
);
2107 cifs_put_tcon(tcon
);
2110 cifs_dbg(FYI
, "Reconnecting tcons finished\n");
2111 mutex_unlock(&server
->reconnect_mutex
);
2113 /* now we can safely release srv struct */
2115 cifs_put_tcp_session(server
, 1);
2119 SMB2_echo(struct TCP_Server_Info
*server
)
2121 struct smb2_echo_req
*req
;
2124 struct smb_rqst rqst
= { .rq_iov
= iov
,
2127 cifs_dbg(FYI
, "In echo request\n");
2129 if (server
->tcpStatus
== CifsNeedNegotiate
) {
2130 /* No need to send echo on newly established connections */
2131 queue_delayed_work(cifsiod_wq
, &server
->reconnect
, 0);
2135 rc
= small_smb2_init(SMB2_ECHO
, NULL
, (void **)&req
);
2139 req
->hdr
.sync_hdr
.CreditRequest
= cpu_to_le16(1);
2141 /* 4 for rfc1002 length field */
2143 iov
[0].iov_base
= (char *)req
;
2144 iov
[1].iov_len
= get_rfc1002_length(req
);
2145 iov
[1].iov_base
= (char *)req
+ 4;
2147 rc
= cifs_call_async(server
, &rqst
, NULL
, smb2_echo_callback
, NULL
,
2148 server
, CIFS_ECHO_OP
);
2150 cifs_dbg(FYI
, "Echo request failed: %d\n", rc
);
2152 cifs_small_buf_release(req
);
2157 SMB2_flush(const unsigned int xid
, struct cifs_tcon
*tcon
, u64 persistent_fid
,
2160 struct smb2_flush_req
*req
;
2161 struct TCP_Server_Info
*server
;
2162 struct cifs_ses
*ses
= tcon
->ses
;
2164 struct kvec rsp_iov
;
2169 cifs_dbg(FYI
, "Flush\n");
2171 if (ses
&& (ses
->server
))
2172 server
= ses
->server
;
2176 rc
= small_smb2_init(SMB2_FLUSH
, tcon
, (void **) &req
);
2180 if (encryption_required(tcon
))
2181 flags
|= CIFS_TRANSFORM_REQ
;
2183 req
->PersistentFileId
= persistent_fid
;
2184 req
->VolatileFileId
= volatile_fid
;
2186 iov
[0].iov_base
= (char *)req
;
2187 /* 4 for rfc1002 length field */
2188 iov
[0].iov_len
= get_rfc1002_length(req
) + 4;
2190 rc
= SendReceive2(xid
, ses
, iov
, 1, &resp_buftype
, flags
, &rsp_iov
);
2191 cifs_small_buf_release(req
);
2194 cifs_stats_fail_inc(tcon
, SMB2_FLUSH_HE
);
2196 free_rsp_buf(resp_buftype
, rsp_iov
.iov_base
);
2201 * To form a chain of read requests, any read requests after the first should
2202 * have the end_of_chain boolean set to true.
2205 smb2_new_read_req(void **buf
, unsigned int *total_len
,
2206 struct cifs_io_parms
*io_parms
, unsigned int remaining_bytes
,
2210 struct smb2_read_plain_req
*req
= NULL
;
2211 struct smb2_sync_hdr
*shdr
;
2213 rc
= smb2_plain_req_init(SMB2_READ
, io_parms
->tcon
, (void **) &req
,
2217 if (io_parms
->tcon
->ses
->server
== NULL
)
2218 return -ECONNABORTED
;
2220 shdr
= &req
->sync_hdr
;
2221 shdr
->ProcessId
= cpu_to_le32(io_parms
->pid
);
2223 req
->PersistentFileId
= io_parms
->persistent_fid
;
2224 req
->VolatileFileId
= io_parms
->volatile_fid
;
2225 req
->ReadChannelInfoOffset
= 0; /* reserved */
2226 req
->ReadChannelInfoLength
= 0; /* reserved */
2227 req
->Channel
= 0; /* reserved */
2228 req
->MinimumCount
= 0;
2229 req
->Length
= cpu_to_le32(io_parms
->length
);
2230 req
->Offset
= cpu_to_le64(io_parms
->offset
);
2232 if (request_type
& CHAINED_REQUEST
) {
2233 if (!(request_type
& END_OF_CHAIN
)) {
2234 /* next 8-byte aligned request */
2235 *total_len
= DIV_ROUND_UP(*total_len
, 8) * 8;
2236 shdr
->NextCommand
= cpu_to_le32(*total_len
);
2237 } else /* END_OF_CHAIN */
2238 shdr
->NextCommand
= 0;
2239 if (request_type
& RELATED_REQUEST
) {
2240 shdr
->Flags
|= SMB2_FLAGS_RELATED_OPERATIONS
;
2242 * Related requests use info from previous read request
2245 shdr
->SessionId
= 0xFFFFFFFF;
2246 shdr
->TreeId
= 0xFFFFFFFF;
2247 req
->PersistentFileId
= 0xFFFFFFFF;
2248 req
->VolatileFileId
= 0xFFFFFFFF;
2251 if (remaining_bytes
> io_parms
->length
)
2252 req
->RemainingBytes
= cpu_to_le32(remaining_bytes
);
2254 req
->RemainingBytes
= 0;
2261 smb2_readv_callback(struct mid_q_entry
*mid
)
2263 struct cifs_readdata
*rdata
= mid
->callback_data
;
2264 struct cifs_tcon
*tcon
= tlink_tcon(rdata
->cfile
->tlink
);
2265 struct TCP_Server_Info
*server
= tcon
->ses
->server
;
2266 struct smb2_sync_hdr
*shdr
=
2267 (struct smb2_sync_hdr
*)rdata
->iov
[1].iov_base
;
2268 unsigned int credits_received
= 1;
2269 struct smb_rqst rqst
= { .rq_iov
= rdata
->iov
,
2271 .rq_pages
= rdata
->pages
,
2272 .rq_npages
= rdata
->nr_pages
,
2273 .rq_pagesz
= rdata
->pagesz
,
2274 .rq_tailsz
= rdata
->tailsz
};
2276 cifs_dbg(FYI
, "%s: mid=%llu state=%d result=%d bytes=%u\n",
2277 __func__
, mid
->mid
, mid
->mid_state
, rdata
->result
,
2280 switch (mid
->mid_state
) {
2281 case MID_RESPONSE_RECEIVED
:
2282 credits_received
= le16_to_cpu(shdr
->CreditRequest
);
2283 /* result already set, check signature */
2287 rc
= smb2_verify_signature(&rqst
, server
);
2289 cifs_dbg(VFS
, "SMB signature verification returned error = %d\n",
2292 /* FIXME: should this be counted toward the initiating task? */
2293 task_io_account_read(rdata
->got_bytes
);
2294 cifs_stats_bytes_read(tcon
, rdata
->got_bytes
);
2296 case MID_REQUEST_SUBMITTED
:
2297 case MID_RETRY_NEEDED
:
2298 rdata
->result
= -EAGAIN
;
2299 if (server
->sign
&& rdata
->got_bytes
)
2300 /* reset bytes number since we can not check a sign */
2301 rdata
->got_bytes
= 0;
2302 /* FIXME: should this be counted toward the initiating task? */
2303 task_io_account_read(rdata
->got_bytes
);
2304 cifs_stats_bytes_read(tcon
, rdata
->got_bytes
);
2307 if (rdata
->result
!= -ENODATA
)
2308 rdata
->result
= -EIO
;
2312 cifs_stats_fail_inc(tcon
, SMB2_READ_HE
);
2314 queue_work(cifsiod_wq
, &rdata
->work
);
2315 mutex_lock(&server
->srv_mutex
);
2316 DeleteMidQEntry(mid
);
2317 mutex_unlock(&server
->srv_mutex
);
2318 add_credits(server
, credits_received
, 0);
2321 /* smb2_async_readv - send an async read, and set up mid to handle result */
2323 smb2_async_readv(struct cifs_readdata
*rdata
)
2327 struct smb2_sync_hdr
*shdr
;
2328 struct cifs_io_parms io_parms
;
2329 struct smb_rqst rqst
= { .rq_iov
= rdata
->iov
,
2331 struct TCP_Server_Info
*server
;
2332 unsigned int total_len
;
2335 cifs_dbg(FYI
, "%s: offset=%llu bytes=%u\n",
2336 __func__
, rdata
->offset
, rdata
->bytes
);
2338 io_parms
.tcon
= tlink_tcon(rdata
->cfile
->tlink
);
2339 io_parms
.offset
= rdata
->offset
;
2340 io_parms
.length
= rdata
->bytes
;
2341 io_parms
.persistent_fid
= rdata
->cfile
->fid
.persistent_fid
;
2342 io_parms
.volatile_fid
= rdata
->cfile
->fid
.volatile_fid
;
2343 io_parms
.pid
= rdata
->pid
;
2345 server
= io_parms
.tcon
->ses
->server
;
2347 rc
= smb2_new_read_req((void **) &buf
, &total_len
, &io_parms
, 0, 0);
2349 if (rc
== -EAGAIN
&& rdata
->credits
) {
2350 /* credits was reset by reconnect */
2352 /* reduce in_flight value since we won't send the req */
2353 spin_lock(&server
->req_lock
);
2354 server
->in_flight
--;
2355 spin_unlock(&server
->req_lock
);
2360 if (encryption_required(io_parms
.tcon
))
2361 flags
|= CIFS_TRANSFORM_REQ
;
2363 req_len
= cpu_to_be32(total_len
);
2365 rdata
->iov
[0].iov_base
= &req_len
;
2366 rdata
->iov
[0].iov_len
= sizeof(__be32
);
2367 rdata
->iov
[1].iov_base
= buf
;
2368 rdata
->iov
[1].iov_len
= total_len
;
2370 shdr
= (struct smb2_sync_hdr
*)buf
;
2372 if (rdata
->credits
) {
2373 shdr
->CreditCharge
= cpu_to_le16(DIV_ROUND_UP(rdata
->bytes
,
2374 SMB2_MAX_BUFFER_SIZE
));
2375 shdr
->CreditRequest
= shdr
->CreditCharge
;
2376 spin_lock(&server
->req_lock
);
2377 server
->credits
+= rdata
->credits
-
2378 le16_to_cpu(shdr
->CreditCharge
);
2379 spin_unlock(&server
->req_lock
);
2380 wake_up(&server
->request_q
);
2381 flags
|= CIFS_HAS_CREDITS
;
2384 kref_get(&rdata
->refcount
);
2385 rc
= cifs_call_async(io_parms
.tcon
->ses
->server
, &rqst
,
2386 cifs_readv_receive
, smb2_readv_callback
,
2387 NULL
, rdata
, flags
);
2389 kref_put(&rdata
->refcount
, cifs_readdata_release
);
2390 cifs_stats_fail_inc(io_parms
.tcon
, SMB2_READ_HE
);
2393 cifs_small_buf_release(buf
);
2398 SMB2_read(const unsigned int xid
, struct cifs_io_parms
*io_parms
,
2399 unsigned int *nbytes
, char **buf
, int *buf_type
)
2401 int resp_buftype
, rc
= -EACCES
;
2402 struct smb2_read_plain_req
*req
= NULL
;
2403 struct smb2_read_rsp
*rsp
= NULL
;
2404 struct smb2_sync_hdr
*shdr
;
2406 struct kvec rsp_iov
;
2407 unsigned int total_len
;
2409 struct smb_rqst rqst
= { .rq_iov
= iov
,
2411 int flags
= CIFS_LOG_ERROR
;
2412 struct cifs_ses
*ses
= io_parms
->tcon
->ses
;
2415 rc
= smb2_new_read_req((void **)&req
, &total_len
, io_parms
, 0, 0);
2419 if (encryption_required(io_parms
->tcon
))
2420 flags
|= CIFS_TRANSFORM_REQ
;
2422 req_len
= cpu_to_be32(total_len
);
2424 iov
[0].iov_base
= &req_len
;
2425 iov
[0].iov_len
= sizeof(__be32
);
2426 iov
[1].iov_base
= req
;
2427 iov
[1].iov_len
= total_len
;
2429 rc
= cifs_send_recv(xid
, ses
, &rqst
, &resp_buftype
, flags
, &rsp_iov
);
2430 cifs_small_buf_release(req
);
2432 rsp
= (struct smb2_read_rsp
*)rsp_iov
.iov_base
;
2433 shdr
= get_sync_hdr(rsp
);
2435 if (shdr
->Status
== STATUS_END_OF_FILE
) {
2436 free_rsp_buf(resp_buftype
, rsp_iov
.iov_base
);
2441 cifs_stats_fail_inc(io_parms
->tcon
, SMB2_READ_HE
);
2442 cifs_dbg(VFS
, "Send error in read = %d\n", rc
);
2444 *nbytes
= le32_to_cpu(rsp
->DataLength
);
2445 if ((*nbytes
> CIFS_MAX_MSGSIZE
) ||
2446 (*nbytes
> io_parms
->length
)) {
2447 cifs_dbg(FYI
, "bad length %d for count %d\n",
2448 *nbytes
, io_parms
->length
);
2455 memcpy(*buf
, (char *)shdr
+ rsp
->DataOffset
, *nbytes
);
2456 free_rsp_buf(resp_buftype
, rsp_iov
.iov_base
);
2457 } else if (resp_buftype
!= CIFS_NO_BUFFER
) {
2458 *buf
= rsp_iov
.iov_base
;
2459 if (resp_buftype
== CIFS_SMALL_BUFFER
)
2460 *buf_type
= CIFS_SMALL_BUFFER
;
2461 else if (resp_buftype
== CIFS_LARGE_BUFFER
)
2462 *buf_type
= CIFS_LARGE_BUFFER
;
2468 * Check the mid_state and signature on received buffer (if any), and queue the
2469 * workqueue completion task.
2472 smb2_writev_callback(struct mid_q_entry
*mid
)
2474 struct cifs_writedata
*wdata
= mid
->callback_data
;
2475 struct cifs_tcon
*tcon
= tlink_tcon(wdata
->cfile
->tlink
);
2476 struct TCP_Server_Info
*server
= tcon
->ses
->server
;
2477 unsigned int written
;
2478 struct smb2_write_rsp
*rsp
= (struct smb2_write_rsp
*)mid
->resp_buf
;
2479 unsigned int credits_received
= 1;
2481 switch (mid
->mid_state
) {
2482 case MID_RESPONSE_RECEIVED
:
2483 credits_received
= le16_to_cpu(rsp
->hdr
.sync_hdr
.CreditRequest
);
2484 wdata
->result
= smb2_check_receive(mid
, tcon
->ses
->server
, 0);
2485 if (wdata
->result
!= 0)
2488 written
= le32_to_cpu(rsp
->DataLength
);
2490 * Mask off high 16 bits when bytes written as returned
2491 * by the server is greater than bytes requested by the
2492 * client. OS/2 servers are known to set incorrect
2495 if (written
> wdata
->bytes
)
2498 if (written
< wdata
->bytes
)
2499 wdata
->result
= -ENOSPC
;
2501 wdata
->bytes
= written
;
2503 case MID_REQUEST_SUBMITTED
:
2504 case MID_RETRY_NEEDED
:
2505 wdata
->result
= -EAGAIN
;
2508 wdata
->result
= -EIO
;
2513 cifs_stats_fail_inc(tcon
, SMB2_WRITE_HE
);
2515 queue_work(cifsiod_wq
, &wdata
->work
);
2516 mutex_lock(&server
->srv_mutex
);
2517 DeleteMidQEntry(mid
);
2518 mutex_unlock(&server
->srv_mutex
);
2519 add_credits(tcon
->ses
->server
, credits_received
, 0);
2522 /* smb2_async_writev - send an async write, and set up mid to handle result */
2524 smb2_async_writev(struct cifs_writedata
*wdata
,
2525 void (*release
)(struct kref
*kref
))
2527 int rc
= -EACCES
, flags
= 0;
2528 struct smb2_write_req
*req
= NULL
;
2529 struct smb2_sync_hdr
*shdr
;
2530 struct cifs_tcon
*tcon
= tlink_tcon(wdata
->cfile
->tlink
);
2531 struct TCP_Server_Info
*server
= tcon
->ses
->server
;
2533 struct smb_rqst rqst
= { };
2535 rc
= small_smb2_init(SMB2_WRITE
, tcon
, (void **) &req
);
2537 if (rc
== -EAGAIN
&& wdata
->credits
) {
2538 /* credits was reset by reconnect */
2540 /* reduce in_flight value since we won't send the req */
2541 spin_lock(&server
->req_lock
);
2542 server
->in_flight
--;
2543 spin_unlock(&server
->req_lock
);
2545 goto async_writev_out
;
2548 if (encryption_required(tcon
))
2549 flags
|= CIFS_TRANSFORM_REQ
;
2551 shdr
= get_sync_hdr(req
);
2552 shdr
->ProcessId
= cpu_to_le32(wdata
->cfile
->pid
);
2554 req
->PersistentFileId
= wdata
->cfile
->fid
.persistent_fid
;
2555 req
->VolatileFileId
= wdata
->cfile
->fid
.volatile_fid
;
2556 req
->WriteChannelInfoOffset
= 0;
2557 req
->WriteChannelInfoLength
= 0;
2559 req
->Offset
= cpu_to_le64(wdata
->offset
);
2560 /* 4 for rfc1002 length field */
2561 req
->DataOffset
= cpu_to_le16(
2562 offsetof(struct smb2_write_req
, Buffer
) - 4);
2563 req
->RemainingBytes
= 0;
2565 /* 4 for rfc1002 length field and 1 for Buffer */
2567 iov
[0].iov_base
= req
;
2568 iov
[1].iov_len
= get_rfc1002_length(req
) - 1;
2569 iov
[1].iov_base
= (char *)req
+ 4;
2573 rqst
.rq_pages
= wdata
->pages
;
2574 rqst
.rq_npages
= wdata
->nr_pages
;
2575 rqst
.rq_pagesz
= wdata
->pagesz
;
2576 rqst
.rq_tailsz
= wdata
->tailsz
;
2578 cifs_dbg(FYI
, "async write at %llu %u bytes\n",
2579 wdata
->offset
, wdata
->bytes
);
2581 req
->Length
= cpu_to_le32(wdata
->bytes
);
2583 inc_rfc1001_len(&req
->hdr
, wdata
->bytes
- 1 /* Buffer */);
2585 if (wdata
->credits
) {
2586 shdr
->CreditCharge
= cpu_to_le16(DIV_ROUND_UP(wdata
->bytes
,
2587 SMB2_MAX_BUFFER_SIZE
));
2588 shdr
->CreditRequest
= shdr
->CreditCharge
;
2589 spin_lock(&server
->req_lock
);
2590 server
->credits
+= wdata
->credits
-
2591 le16_to_cpu(shdr
->CreditCharge
);
2592 spin_unlock(&server
->req_lock
);
2593 wake_up(&server
->request_q
);
2594 flags
|= CIFS_HAS_CREDITS
;
2597 kref_get(&wdata
->refcount
);
2598 rc
= cifs_call_async(server
, &rqst
, NULL
, smb2_writev_callback
, NULL
,
2602 kref_put(&wdata
->refcount
, release
);
2603 cifs_stats_fail_inc(tcon
, SMB2_WRITE_HE
);
2607 cifs_small_buf_release(req
);
2612 * SMB2_write function gets iov pointer to kvec array with n_vec as a length.
2613 * The length field from io_parms must be at least 1 and indicates a number of
2614 * elements with data to write that begins with position 1 in iov array. All
2615 * data length is specified by count.
2618 SMB2_write(const unsigned int xid
, struct cifs_io_parms
*io_parms
,
2619 unsigned int *nbytes
, struct kvec
*iov
, int n_vec
)
2622 struct smb2_write_req
*req
= NULL
;
2623 struct smb2_write_rsp
*rsp
= NULL
;
2625 struct kvec rsp_iov
;
2633 rc
= small_smb2_init(SMB2_WRITE
, io_parms
->tcon
, (void **) &req
);
2637 if (io_parms
->tcon
->ses
->server
== NULL
)
2638 return -ECONNABORTED
;
2640 if (encryption_required(io_parms
->tcon
))
2641 flags
|= CIFS_TRANSFORM_REQ
;
2643 req
->hdr
.sync_hdr
.ProcessId
= cpu_to_le32(io_parms
->pid
);
2645 req
->PersistentFileId
= io_parms
->persistent_fid
;
2646 req
->VolatileFileId
= io_parms
->volatile_fid
;
2647 req
->WriteChannelInfoOffset
= 0;
2648 req
->WriteChannelInfoLength
= 0;
2650 req
->Length
= cpu_to_le32(io_parms
->length
);
2651 req
->Offset
= cpu_to_le64(io_parms
->offset
);
2652 /* 4 for rfc1002 length field */
2653 req
->DataOffset
= cpu_to_le16(
2654 offsetof(struct smb2_write_req
, Buffer
) - 4);
2655 req
->RemainingBytes
= 0;
2657 iov
[0].iov_base
= (char *)req
;
2658 /* 4 for rfc1002 length field and 1 for Buffer */
2659 iov
[0].iov_len
= get_rfc1002_length(req
) + 4 - 1;
2661 /* length of entire message including data to be written */
2662 inc_rfc1001_len(req
, io_parms
->length
- 1 /* Buffer */);
2664 rc
= SendReceive2(xid
, io_parms
->tcon
->ses
, iov
, n_vec
+ 1,
2665 &resp_buftype
, flags
, &rsp_iov
);
2666 cifs_small_buf_release(req
);
2667 rsp
= (struct smb2_write_rsp
*)rsp_iov
.iov_base
;
2670 cifs_stats_fail_inc(io_parms
->tcon
, SMB2_WRITE_HE
);
2671 cifs_dbg(VFS
, "Send error in write = %d\n", rc
);
2673 *nbytes
= le32_to_cpu(rsp
->DataLength
);
2675 free_rsp_buf(resp_buftype
, rsp
);
2680 num_entries(char *bufstart
, char *end_of_buf
, char **lastentry
, size_t size
)
2683 unsigned int entrycount
= 0;
2684 unsigned int next_offset
= 0;
2685 FILE_DIRECTORY_INFO
*entryptr
;
2687 if (bufstart
== NULL
)
2690 entryptr
= (FILE_DIRECTORY_INFO
*)bufstart
;
2693 entryptr
= (FILE_DIRECTORY_INFO
*)
2694 ((char *)entryptr
+ next_offset
);
2696 if ((char *)entryptr
+ size
> end_of_buf
) {
2697 cifs_dbg(VFS
, "malformed search entry would overflow\n");
2701 len
= le32_to_cpu(entryptr
->FileNameLength
);
2702 if ((char *)entryptr
+ len
+ size
> end_of_buf
) {
2703 cifs_dbg(VFS
, "directory entry name would overflow frame end of buf %p\n",
2708 *lastentry
= (char *)entryptr
;
2711 next_offset
= le32_to_cpu(entryptr
->NextEntryOffset
);
2723 SMB2_query_directory(const unsigned int xid
, struct cifs_tcon
*tcon
,
2724 u64 persistent_fid
, u64 volatile_fid
, int index
,
2725 struct cifs_search_info
*srch_inf
)
2727 struct smb2_query_directory_req
*req
;
2728 struct smb2_query_directory_rsp
*rsp
= NULL
;
2730 struct kvec rsp_iov
;
2733 int resp_buftype
= CIFS_NO_BUFFER
;
2734 unsigned char *bufptr
;
2735 struct TCP_Server_Info
*server
;
2736 struct cifs_ses
*ses
= tcon
->ses
;
2737 __le16 asteriks
= cpu_to_le16('*');
2739 unsigned int output_size
= CIFSMaxBufSize
;
2740 size_t info_buf_size
;
2743 if (ses
&& (ses
->server
))
2744 server
= ses
->server
;
2748 rc
= small_smb2_init(SMB2_QUERY_DIRECTORY
, tcon
, (void **) &req
);
2752 if (encryption_required(tcon
))
2753 flags
|= CIFS_TRANSFORM_REQ
;
2755 switch (srch_inf
->info_level
) {
2756 case SMB_FIND_FILE_DIRECTORY_INFO
:
2757 req
->FileInformationClass
= FILE_DIRECTORY_INFORMATION
;
2758 info_buf_size
= sizeof(FILE_DIRECTORY_INFO
) - 1;
2760 case SMB_FIND_FILE_ID_FULL_DIR_INFO
:
2761 req
->FileInformationClass
= FILEID_FULL_DIRECTORY_INFORMATION
;
2762 info_buf_size
= sizeof(SEARCH_ID_FULL_DIR_INFO
) - 1;
2765 cifs_dbg(VFS
, "info level %u isn't supported\n",
2766 srch_inf
->info_level
);
2771 req
->FileIndex
= cpu_to_le32(index
);
2772 req
->PersistentFileId
= persistent_fid
;
2773 req
->VolatileFileId
= volatile_fid
;
2776 bufptr
= req
->Buffer
;
2777 memcpy(bufptr
, &asteriks
, len
);
2779 req
->FileNameOffset
=
2780 cpu_to_le16(sizeof(struct smb2_query_directory_req
) - 1 - 4);
2781 req
->FileNameLength
= cpu_to_le16(len
);
2783 * BB could be 30 bytes or so longer if we used SMB2 specific
2784 * buffer lengths, but this is safe and close enough.
2786 output_size
= min_t(unsigned int, output_size
, server
->maxBuf
);
2787 output_size
= min_t(unsigned int, output_size
, 2 << 15);
2788 req
->OutputBufferLength
= cpu_to_le32(output_size
);
2790 iov
[0].iov_base
= (char *)req
;
2791 /* 4 for RFC1001 length and 1 for Buffer */
2792 iov
[0].iov_len
= get_rfc1002_length(req
) + 4 - 1;
2794 iov
[1].iov_base
= (char *)(req
->Buffer
);
2795 iov
[1].iov_len
= len
;
2797 inc_rfc1001_len(req
, len
- 1 /* Buffer */);
2799 rc
= SendReceive2(xid
, ses
, iov
, 2, &resp_buftype
, flags
, &rsp_iov
);
2800 cifs_small_buf_release(req
);
2801 rsp
= (struct smb2_query_directory_rsp
*)rsp_iov
.iov_base
;
2804 if (rc
== -ENODATA
&&
2805 rsp
->hdr
.sync_hdr
.Status
== STATUS_NO_MORE_FILES
) {
2806 srch_inf
->endOfSearch
= true;
2809 cifs_stats_fail_inc(tcon
, SMB2_QUERY_DIRECTORY_HE
);
2813 rc
= validate_buf(le16_to_cpu(rsp
->OutputBufferOffset
),
2814 le32_to_cpu(rsp
->OutputBufferLength
), &rsp
->hdr
,
2819 srch_inf
->unicode
= true;
2821 if (srch_inf
->ntwrk_buf_start
) {
2822 if (srch_inf
->smallBuf
)
2823 cifs_small_buf_release(srch_inf
->ntwrk_buf_start
);
2825 cifs_buf_release(srch_inf
->ntwrk_buf_start
);
2827 srch_inf
->ntwrk_buf_start
= (char *)rsp
;
2828 srch_inf
->srch_entries_start
= srch_inf
->last_entry
= 4 /* rfclen */ +
2829 (char *)&rsp
->hdr
+ le16_to_cpu(rsp
->OutputBufferOffset
);
2830 /* 4 for rfc1002 length field */
2831 end_of_smb
= get_rfc1002_length(rsp
) + 4 + (char *)&rsp
->hdr
;
2832 srch_inf
->entries_in_buffer
=
2833 num_entries(srch_inf
->srch_entries_start
, end_of_smb
,
2834 &srch_inf
->last_entry
, info_buf_size
);
2835 srch_inf
->index_of_last_entry
+= srch_inf
->entries_in_buffer
;
2836 cifs_dbg(FYI
, "num entries %d last_index %lld srch start %p srch end %p\n",
2837 srch_inf
->entries_in_buffer
, srch_inf
->index_of_last_entry
,
2838 srch_inf
->srch_entries_start
, srch_inf
->last_entry
);
2839 if (resp_buftype
== CIFS_LARGE_BUFFER
)
2840 srch_inf
->smallBuf
= false;
2841 else if (resp_buftype
== CIFS_SMALL_BUFFER
)
2842 srch_inf
->smallBuf
= true;
2844 cifs_dbg(VFS
, "illegal search buffer type\n");
2849 free_rsp_buf(resp_buftype
, rsp
);
2854 send_set_info(const unsigned int xid
, struct cifs_tcon
*tcon
,
2855 u64 persistent_fid
, u64 volatile_fid
, u32 pid
, int info_class
,
2856 unsigned int num
, void **data
, unsigned int *size
)
2858 struct smb2_set_info_req
*req
;
2859 struct smb2_set_info_rsp
*rsp
= NULL
;
2861 struct kvec rsp_iov
;
2865 struct TCP_Server_Info
*server
;
2866 struct cifs_ses
*ses
= tcon
->ses
;
2869 if (ses
&& (ses
->server
))
2870 server
= ses
->server
;
2877 iov
= kmalloc(sizeof(struct kvec
) * num
, GFP_KERNEL
);
2881 rc
= small_smb2_init(SMB2_SET_INFO
, tcon
, (void **) &req
);
2887 if (encryption_required(tcon
))
2888 flags
|= CIFS_TRANSFORM_REQ
;
2890 req
->hdr
.sync_hdr
.ProcessId
= cpu_to_le32(pid
);
2892 req
->InfoType
= SMB2_O_INFO_FILE
;
2893 req
->FileInfoClass
= info_class
;
2894 req
->PersistentFileId
= persistent_fid
;
2895 req
->VolatileFileId
= volatile_fid
;
2897 /* 4 for RFC1001 length and 1 for Buffer */
2899 cpu_to_le16(sizeof(struct smb2_set_info_req
) - 1 - 4);
2900 req
->BufferLength
= cpu_to_le32(*size
);
2902 inc_rfc1001_len(req
, *size
- 1 /* Buffer */);
2904 memcpy(req
->Buffer
, *data
, *size
);
2906 iov
[0].iov_base
= (char *)req
;
2907 /* 4 for RFC1001 length */
2908 iov
[0].iov_len
= get_rfc1002_length(req
) + 4;
2910 for (i
= 1; i
< num
; i
++) {
2911 inc_rfc1001_len(req
, size
[i
]);
2912 le32_add_cpu(&req
->BufferLength
, size
[i
]);
2913 iov
[i
].iov_base
= (char *)data
[i
];
2914 iov
[i
].iov_len
= size
[i
];
2917 rc
= SendReceive2(xid
, ses
, iov
, num
, &resp_buftype
, flags
, &rsp_iov
);
2918 cifs_small_buf_release(req
);
2919 rsp
= (struct smb2_set_info_rsp
*)rsp_iov
.iov_base
;
2922 cifs_stats_fail_inc(tcon
, SMB2_SET_INFO_HE
);
2924 free_rsp_buf(resp_buftype
, rsp
);
2930 SMB2_rename(const unsigned int xid
, struct cifs_tcon
*tcon
,
2931 u64 persistent_fid
, u64 volatile_fid
, __le16
*target_file
)
2933 struct smb2_file_rename_info info
;
2935 unsigned int size
[2];
2937 int len
= (2 * UniStrnlen((wchar_t *)target_file
, PATH_MAX
));
2939 data
= kmalloc(sizeof(void *) * 2, GFP_KERNEL
);
2943 info
.ReplaceIfExists
= 1; /* 1 = replace existing target with new */
2944 /* 0 = fail if target already exists */
2945 info
.RootDirectory
= 0; /* MBZ for network ops (why does spec say?) */
2946 info
.FileNameLength
= cpu_to_le32(len
);
2949 size
[0] = sizeof(struct smb2_file_rename_info
);
2951 data
[1] = target_file
;
2952 size
[1] = len
+ 2 /* null */;
2954 rc
= send_set_info(xid
, tcon
, persistent_fid
, volatile_fid
,
2955 current
->tgid
, FILE_RENAME_INFORMATION
, 2, data
,
2962 SMB2_rmdir(const unsigned int xid
, struct cifs_tcon
*tcon
,
2963 u64 persistent_fid
, u64 volatile_fid
)
2965 __u8 delete_pending
= 1;
2969 data
= &delete_pending
;
2970 size
= 1; /* sizeof __u8 */
2972 return send_set_info(xid
, tcon
, persistent_fid
, volatile_fid
,
2973 current
->tgid
, FILE_DISPOSITION_INFORMATION
, 1, &data
,
2978 SMB2_set_hardlink(const unsigned int xid
, struct cifs_tcon
*tcon
,
2979 u64 persistent_fid
, u64 volatile_fid
, __le16
*target_file
)
2981 struct smb2_file_link_info info
;
2983 unsigned int size
[2];
2985 int len
= (2 * UniStrnlen((wchar_t *)target_file
, PATH_MAX
));
2987 data
= kmalloc(sizeof(void *) * 2, GFP_KERNEL
);
2991 info
.ReplaceIfExists
= 0; /* 1 = replace existing link with new */
2992 /* 0 = fail if link already exists */
2993 info
.RootDirectory
= 0; /* MBZ for network ops (why does spec say?) */
2994 info
.FileNameLength
= cpu_to_le32(len
);
2997 size
[0] = sizeof(struct smb2_file_link_info
);
2999 data
[1] = target_file
;
3000 size
[1] = len
+ 2 /* null */;
3002 rc
= send_set_info(xid
, tcon
, persistent_fid
, volatile_fid
,
3003 current
->tgid
, FILE_LINK_INFORMATION
, 2, data
, size
);
3009 SMB2_set_eof(const unsigned int xid
, struct cifs_tcon
*tcon
, u64 persistent_fid
,
3010 u64 volatile_fid
, u32 pid
, __le64
*eof
, bool is_falloc
)
3012 struct smb2_file_eof_info info
;
3016 info
.EndOfFile
= *eof
;
3019 size
= sizeof(struct smb2_file_eof_info
);
3022 return send_set_info(xid
, tcon
, persistent_fid
, volatile_fid
,
3023 pid
, FILE_ALLOCATION_INFORMATION
, 1, &data
, &size
);
3025 return send_set_info(xid
, tcon
, persistent_fid
, volatile_fid
,
3026 pid
, FILE_END_OF_FILE_INFORMATION
, 1, &data
, &size
);
3030 SMB2_set_info(const unsigned int xid
, struct cifs_tcon
*tcon
,
3031 u64 persistent_fid
, u64 volatile_fid
, FILE_BASIC_INFO
*buf
)
3034 size
= sizeof(FILE_BASIC_INFO
);
3035 return send_set_info(xid
, tcon
, persistent_fid
, volatile_fid
,
3036 current
->tgid
, FILE_BASIC_INFORMATION
, 1,
3037 (void **)&buf
, &size
);
3041 SMB2_oplock_break(const unsigned int xid
, struct cifs_tcon
*tcon
,
3042 const u64 persistent_fid
, const u64 volatile_fid
,
3046 struct smb2_oplock_break
*req
= NULL
;
3047 int flags
= CIFS_OBREAK_OP
;
3049 cifs_dbg(FYI
, "SMB2_oplock_break\n");
3050 rc
= small_smb2_init(SMB2_OPLOCK_BREAK
, tcon
, (void **) &req
);
3054 if (encryption_required(tcon
))
3055 flags
|= CIFS_TRANSFORM_REQ
;
3057 req
->VolatileFid
= volatile_fid
;
3058 req
->PersistentFid
= persistent_fid
;
3059 req
->OplockLevel
= oplock_level
;
3060 req
->hdr
.sync_hdr
.CreditRequest
= cpu_to_le16(1);
3062 rc
= SendReceiveNoRsp(xid
, tcon
->ses
, (char *) req
, flags
);
3063 cifs_small_buf_release(req
);
3066 cifs_stats_fail_inc(tcon
, SMB2_OPLOCK_BREAK_HE
);
3067 cifs_dbg(FYI
, "Send error in Oplock Break = %d\n", rc
);
3074 copy_fs_info_to_kstatfs(struct smb2_fs_full_size_info
*pfs_inf
,
3075 struct kstatfs
*kst
)
3077 kst
->f_bsize
= le32_to_cpu(pfs_inf
->BytesPerSector
) *
3078 le32_to_cpu(pfs_inf
->SectorsPerAllocationUnit
);
3079 kst
->f_blocks
= le64_to_cpu(pfs_inf
->TotalAllocationUnits
);
3080 kst
->f_bfree
= le64_to_cpu(pfs_inf
->ActualAvailableAllocationUnits
);
3081 kst
->f_bavail
= le64_to_cpu(pfs_inf
->CallerAvailableAllocationUnits
);
3086 build_qfs_info_req(struct kvec
*iov
, struct cifs_tcon
*tcon
, int level
,
3087 int outbuf_len
, u64 persistent_fid
, u64 volatile_fid
)
3090 struct smb2_query_info_req
*req
;
3092 cifs_dbg(FYI
, "Query FSInfo level %d\n", level
);
3094 if ((tcon
->ses
== NULL
) || (tcon
->ses
->server
== NULL
))
3097 rc
= small_smb2_init(SMB2_QUERY_INFO
, tcon
, (void **) &req
);
3101 req
->InfoType
= SMB2_O_INFO_FILESYSTEM
;
3102 req
->FileInfoClass
= level
;
3103 req
->PersistentFileId
= persistent_fid
;
3104 req
->VolatileFileId
= volatile_fid
;
3105 /* 4 for rfc1002 length field and 1 for pad */
3106 req
->InputBufferOffset
=
3107 cpu_to_le16(sizeof(struct smb2_query_info_req
) - 1 - 4);
3108 req
->OutputBufferLength
= cpu_to_le32(
3109 outbuf_len
+ sizeof(struct smb2_query_info_rsp
) - 1 - 4);
3111 iov
->iov_base
= (char *)req
;
3112 /* 4 for rfc1002 length field */
3113 iov
->iov_len
= get_rfc1002_length(req
) + 4;
3118 SMB2_QFS_info(const unsigned int xid
, struct cifs_tcon
*tcon
,
3119 u64 persistent_fid
, u64 volatile_fid
, struct kstatfs
*fsdata
)
3121 struct smb2_query_info_rsp
*rsp
= NULL
;
3123 struct kvec rsp_iov
;
3126 struct cifs_ses
*ses
= tcon
->ses
;
3127 struct smb2_fs_full_size_info
*info
= NULL
;
3130 rc
= build_qfs_info_req(&iov
, tcon
, FS_FULL_SIZE_INFORMATION
,
3131 sizeof(struct smb2_fs_full_size_info
),
3132 persistent_fid
, volatile_fid
);
3136 if (encryption_required(tcon
))
3137 flags
|= CIFS_TRANSFORM_REQ
;
3139 rc
= SendReceive2(xid
, ses
, &iov
, 1, &resp_buftype
, flags
, &rsp_iov
);
3140 cifs_small_buf_release(iov
.iov_base
);
3142 cifs_stats_fail_inc(tcon
, SMB2_QUERY_INFO_HE
);
3145 rsp
= (struct smb2_query_info_rsp
*)rsp_iov
.iov_base
;
3147 info
= (struct smb2_fs_full_size_info
*)(4 /* RFC1001 len */ +
3148 le16_to_cpu(rsp
->OutputBufferOffset
) + (char *)&rsp
->hdr
);
3149 rc
= validate_buf(le16_to_cpu(rsp
->OutputBufferOffset
),
3150 le32_to_cpu(rsp
->OutputBufferLength
), &rsp
->hdr
,
3151 sizeof(struct smb2_fs_full_size_info
));
3153 copy_fs_info_to_kstatfs(info
, fsdata
);
3156 free_rsp_buf(resp_buftype
, rsp_iov
.iov_base
);
3161 SMB2_QFS_attr(const unsigned int xid
, struct cifs_tcon
*tcon
,
3162 u64 persistent_fid
, u64 volatile_fid
, int level
)
3164 struct smb2_query_info_rsp
*rsp
= NULL
;
3166 struct kvec rsp_iov
;
3168 int resp_buftype
, max_len
, min_len
;
3169 struct cifs_ses
*ses
= tcon
->ses
;
3170 unsigned int rsp_len
, offset
;
3173 if (level
== FS_DEVICE_INFORMATION
) {
3174 max_len
= sizeof(FILE_SYSTEM_DEVICE_INFO
);
3175 min_len
= sizeof(FILE_SYSTEM_DEVICE_INFO
);
3176 } else if (level
== FS_ATTRIBUTE_INFORMATION
) {
3177 max_len
= sizeof(FILE_SYSTEM_ATTRIBUTE_INFO
);
3178 min_len
= MIN_FS_ATTR_INFO_SIZE
;
3179 } else if (level
== FS_SECTOR_SIZE_INFORMATION
) {
3180 max_len
= sizeof(struct smb3_fs_ss_info
);
3181 min_len
= sizeof(struct smb3_fs_ss_info
);
3183 cifs_dbg(FYI
, "Invalid qfsinfo level %d\n", level
);
3187 rc
= build_qfs_info_req(&iov
, tcon
, level
, max_len
,
3188 persistent_fid
, volatile_fid
);
3192 if (encryption_required(tcon
))
3193 flags
|= CIFS_TRANSFORM_REQ
;
3195 rc
= SendReceive2(xid
, ses
, &iov
, 1, &resp_buftype
, flags
, &rsp_iov
);
3196 cifs_small_buf_release(iov
.iov_base
);
3198 cifs_stats_fail_inc(tcon
, SMB2_QUERY_INFO_HE
);
3201 rsp
= (struct smb2_query_info_rsp
*)rsp_iov
.iov_base
;
3203 rsp_len
= le32_to_cpu(rsp
->OutputBufferLength
);
3204 offset
= le16_to_cpu(rsp
->OutputBufferOffset
);
3205 rc
= validate_buf(offset
, rsp_len
, &rsp
->hdr
, min_len
);
3209 if (level
== FS_ATTRIBUTE_INFORMATION
)
3210 memcpy(&tcon
->fsAttrInfo
, 4 /* RFC1001 len */ + offset
3211 + (char *)&rsp
->hdr
, min_t(unsigned int,
3213 else if (level
== FS_DEVICE_INFORMATION
)
3214 memcpy(&tcon
->fsDevInfo
, 4 /* RFC1001 len */ + offset
3215 + (char *)&rsp
->hdr
, sizeof(FILE_SYSTEM_DEVICE_INFO
));
3216 else if (level
== FS_SECTOR_SIZE_INFORMATION
) {
3217 struct smb3_fs_ss_info
*ss_info
= (struct smb3_fs_ss_info
*)
3218 (4 /* RFC1001 len */ + offset
+ (char *)&rsp
->hdr
);
3219 tcon
->ss_flags
= le32_to_cpu(ss_info
->Flags
);
3220 tcon
->perf_sector_size
=
3221 le32_to_cpu(ss_info
->PhysicalBytesPerSectorForPerf
);
3225 free_rsp_buf(resp_buftype
, rsp_iov
.iov_base
);
3230 smb2_lockv(const unsigned int xid
, struct cifs_tcon
*tcon
,
3231 const __u64 persist_fid
, const __u64 volatile_fid
, const __u32 pid
,
3232 const __u32 num_lock
, struct smb2_lock_element
*buf
)
3235 struct smb2_lock_req
*req
= NULL
;
3237 struct kvec rsp_iov
;
3240 int flags
= CIFS_NO_RESP
;
3242 cifs_dbg(FYI
, "smb2_lockv num lock %d\n", num_lock
);
3244 rc
= small_smb2_init(SMB2_LOCK
, tcon
, (void **) &req
);
3248 if (encryption_required(tcon
))
3249 flags
|= CIFS_TRANSFORM_REQ
;
3251 req
->hdr
.sync_hdr
.ProcessId
= cpu_to_le32(pid
);
3252 req
->LockCount
= cpu_to_le16(num_lock
);
3254 req
->PersistentFileId
= persist_fid
;
3255 req
->VolatileFileId
= volatile_fid
;
3257 count
= num_lock
* sizeof(struct smb2_lock_element
);
3258 inc_rfc1001_len(req
, count
- sizeof(struct smb2_lock_element
));
3260 iov
[0].iov_base
= (char *)req
;
3261 /* 4 for rfc1002 length field and count for all locks */
3262 iov
[0].iov_len
= get_rfc1002_length(req
) + 4 - count
;
3263 iov
[1].iov_base
= (char *)buf
;
3264 iov
[1].iov_len
= count
;
3266 cifs_stats_inc(&tcon
->stats
.cifs_stats
.num_locks
);
3267 rc
= SendReceive2(xid
, tcon
->ses
, iov
, 2, &resp_buf_type
, flags
,
3269 cifs_small_buf_release(req
);
3271 cifs_dbg(FYI
, "Send error in smb2_lockv = %d\n", rc
);
3272 cifs_stats_fail_inc(tcon
, SMB2_LOCK_HE
);
3279 SMB2_lock(const unsigned int xid
, struct cifs_tcon
*tcon
,
3280 const __u64 persist_fid
, const __u64 volatile_fid
, const __u32 pid
,
3281 const __u64 length
, const __u64 offset
, const __u32 lock_flags
,
3284 struct smb2_lock_element lock
;
3286 lock
.Offset
= cpu_to_le64(offset
);
3287 lock
.Length
= cpu_to_le64(length
);
3288 lock
.Flags
= cpu_to_le32(lock_flags
);
3289 if (!wait
&& lock_flags
!= SMB2_LOCKFLAG_UNLOCK
)
3290 lock
.Flags
|= cpu_to_le32(SMB2_LOCKFLAG_FAIL_IMMEDIATELY
);
3292 return smb2_lockv(xid
, tcon
, persist_fid
, volatile_fid
, pid
, 1, &lock
);
3296 SMB2_lease_break(const unsigned int xid
, struct cifs_tcon
*tcon
,
3297 __u8
*lease_key
, const __le32 lease_state
)
3300 struct smb2_lease_ack
*req
= NULL
;
3301 int flags
= CIFS_OBREAK_OP
;
3303 cifs_dbg(FYI
, "SMB2_lease_break\n");
3304 rc
= small_smb2_init(SMB2_OPLOCK_BREAK
, tcon
, (void **) &req
);
3308 if (encryption_required(tcon
))
3309 flags
|= CIFS_TRANSFORM_REQ
;
3311 req
->hdr
.sync_hdr
.CreditRequest
= cpu_to_le16(1);
3312 req
->StructureSize
= cpu_to_le16(36);
3313 inc_rfc1001_len(req
, 12);
3315 memcpy(req
->LeaseKey
, lease_key
, 16);
3316 req
->LeaseState
= lease_state
;
3318 rc
= SendReceiveNoRsp(xid
, tcon
->ses
, (char *) req
, flags
);
3319 cifs_small_buf_release(req
);
3322 cifs_stats_fail_inc(tcon
, SMB2_OPLOCK_BREAK_HE
);
3323 cifs_dbg(FYI
, "Send error in Lease Break = %d\n", rc
);