1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * Copyright (C) 2016 Namjae Jeon <linkinjeon@kernel.org>
4 * Copyright (C) 2018 Samsung Electronics Co., Ltd.
7 #include <linux/inetdevice.h>
8 #include <net/addrconf.h>
9 #include <linux/syscalls.h>
10 #include <linux/namei.h>
11 #include <linux/statfs.h>
12 #include <linux/ethtool.h>
13 #include <linux/falloc.h>
23 #include "connection.h"
24 #include "transport_ipc.h"
25 #include "transport_rdma.h"
27 #include "vfs_cache.h"
31 #include "smb_common.h"
32 #include "smbstatus.h"
33 #include "ksmbd_work.h"
34 #include "mgmt/user_config.h"
35 #include "mgmt/share_config.h"
36 #include "mgmt/tree_connect.h"
37 #include "mgmt/user_session.h"
38 #include "mgmt/ksmbd_ida.h"
41 static void __wbuf(struct ksmbd_work
*work
, void **req
, void **rsp
)
43 if (work
->next_smb2_rcv_hdr_off
) {
44 *req
= ksmbd_req_buf_next(work
);
45 *rsp
= ksmbd_resp_buf_next(work
);
47 *req
= work
->request_buf
;
48 *rsp
= work
->response_buf
;
52 #define WORK_BUFFERS(w, rq, rs) __wbuf((w), (void **)&(rq), (void **)&(rs))
55 * check_session_id() - check for valid session id in smb header
56 * @conn: connection instance
57 * @id: session id from smb header
59 * Return: 1 if valid session id, otherwise 0
61 static inline bool check_session_id(struct ksmbd_conn
*conn
, u64 id
)
63 struct ksmbd_session
*sess
;
65 if (id
== 0 || id
== -1)
68 sess
= ksmbd_session_lookup_all(conn
, id
);
71 pr_err("Invalid user session id: %llu\n", id
);
75 struct channel
*lookup_chann_list(struct ksmbd_session
*sess
, struct ksmbd_conn
*conn
)
77 struct channel
*chann
;
79 list_for_each_entry(chann
, &sess
->ksmbd_chann_list
, chann_list
) {
80 if (chann
->conn
== conn
)
88 * smb2_get_ksmbd_tcon() - get tree connection information using a tree id.
91 * Return: 0 if there is a tree connection matched or these are
92 * skipable commands, otherwise error
94 int smb2_get_ksmbd_tcon(struct ksmbd_work
*work
)
96 struct smb2_hdr
*req_hdr
= work
->request_buf
;
100 if (work
->conn
->ops
->get_cmd_val(work
) == SMB2_TREE_CONNECT_HE
||
101 work
->conn
->ops
->get_cmd_val(work
) == SMB2_CANCEL_HE
||
102 work
->conn
->ops
->get_cmd_val(work
) == SMB2_LOGOFF_HE
) {
103 ksmbd_debug(SMB
, "skip to check tree connect request\n");
107 if (xa_empty(&work
->sess
->tree_conns
)) {
108 ksmbd_debug(SMB
, "NO tree connected\n");
112 tree_id
= le32_to_cpu(req_hdr
->Id
.SyncId
.TreeId
);
113 work
->tcon
= ksmbd_tree_conn_lookup(work
->sess
, tree_id
);
115 pr_err("Invalid tid %d\n", tree_id
);
123 * smb2_set_err_rsp() - set error response code on smb response
124 * @work: smb work containing response buffer
126 void smb2_set_err_rsp(struct ksmbd_work
*work
)
128 struct smb2_err_rsp
*err_rsp
;
130 if (work
->next_smb2_rcv_hdr_off
)
131 err_rsp
= ksmbd_resp_buf_next(work
);
133 err_rsp
= work
->response_buf
;
135 if (err_rsp
->hdr
.Status
!= STATUS_STOPPED_ON_SYMLINK
) {
136 err_rsp
->StructureSize
= SMB2_ERROR_STRUCTURE_SIZE2_LE
;
137 err_rsp
->ErrorContextCount
= 0;
138 err_rsp
->Reserved
= 0;
139 err_rsp
->ByteCount
= 0;
140 err_rsp
->ErrorData
[0] = 0;
141 inc_rfc1001_len(work
->response_buf
, SMB2_ERROR_STRUCTURE_SIZE2
);
146 * is_smb2_neg_cmd() - is it smb2 negotiation command
147 * @work: smb work containing smb header
149 * Return: true if smb2 negotiation command, otherwise false
151 bool is_smb2_neg_cmd(struct ksmbd_work
*work
)
153 struct smb2_hdr
*hdr
= work
->request_buf
;
155 /* is it SMB2 header ? */
156 if (hdr
->ProtocolId
!= SMB2_PROTO_NUMBER
)
159 /* make sure it is request not response message */
160 if (hdr
->Flags
& SMB2_FLAGS_SERVER_TO_REDIR
)
163 if (hdr
->Command
!= SMB2_NEGOTIATE
)
170 * is_smb2_rsp() - is it smb2 response
171 * @work: smb work containing smb response buffer
173 * Return: true if smb2 response, otherwise false
175 bool is_smb2_rsp(struct ksmbd_work
*work
)
177 struct smb2_hdr
*hdr
= work
->response_buf
;
179 /* is it SMB2 header ? */
180 if (hdr
->ProtocolId
!= SMB2_PROTO_NUMBER
)
183 /* make sure it is response not request message */
184 if (!(hdr
->Flags
& SMB2_FLAGS_SERVER_TO_REDIR
))
191 * get_smb2_cmd_val() - get smb command code from smb header
192 * @work: smb work containing smb request buffer
194 * Return: smb2 request command value
196 u16
get_smb2_cmd_val(struct ksmbd_work
*work
)
198 struct smb2_hdr
*rcv_hdr
;
200 if (work
->next_smb2_rcv_hdr_off
)
201 rcv_hdr
= ksmbd_req_buf_next(work
);
203 rcv_hdr
= work
->request_buf
;
204 return le16_to_cpu(rcv_hdr
->Command
);
208 * set_smb2_rsp_status() - set error response code on smb2 header
209 * @work: smb work containing response buffer
210 * @err: error response code
212 void set_smb2_rsp_status(struct ksmbd_work
*work
, __le32 err
)
214 struct smb2_hdr
*rsp_hdr
;
216 if (work
->next_smb2_rcv_hdr_off
)
217 rsp_hdr
= ksmbd_resp_buf_next(work
);
219 rsp_hdr
= work
->response_buf
;
220 rsp_hdr
->Status
= err
;
221 smb2_set_err_rsp(work
);
225 * init_smb2_neg_rsp() - initialize smb2 response for negotiate command
226 * @work: smb work containing smb request buffer
228 * smb2 negotiate response is sent in reply of smb1 negotiate command for
229 * dialect auto-negotiation.
231 int init_smb2_neg_rsp(struct ksmbd_work
*work
)
233 struct smb2_hdr
*rsp_hdr
;
234 struct smb2_negotiate_rsp
*rsp
;
235 struct ksmbd_conn
*conn
= work
->conn
;
237 if (conn
->need_neg
== false)
240 rsp_hdr
= work
->response_buf
;
242 memset(rsp_hdr
, 0, sizeof(struct smb2_hdr
) + 2);
244 rsp_hdr
->smb2_buf_length
=
245 cpu_to_be32(smb2_hdr_size_no_buflen(conn
->vals
));
247 rsp_hdr
->ProtocolId
= SMB2_PROTO_NUMBER
;
248 rsp_hdr
->StructureSize
= SMB2_HEADER_STRUCTURE_SIZE
;
249 rsp_hdr
->CreditRequest
= cpu_to_le16(2);
250 rsp_hdr
->Command
= SMB2_NEGOTIATE
;
251 rsp_hdr
->Flags
= (SMB2_FLAGS_SERVER_TO_REDIR
);
252 rsp_hdr
->NextCommand
= 0;
253 rsp_hdr
->MessageId
= 0;
254 rsp_hdr
->Id
.SyncId
.ProcessId
= 0;
255 rsp_hdr
->Id
.SyncId
.TreeId
= 0;
256 rsp_hdr
->SessionId
= 0;
257 memset(rsp_hdr
->Signature
, 0, 16);
259 rsp
= work
->response_buf
;
261 WARN_ON(ksmbd_conn_good(work
));
263 rsp
->StructureSize
= cpu_to_le16(65);
264 ksmbd_debug(SMB
, "conn->dialect 0x%x\n", conn
->dialect
);
265 rsp
->DialectRevision
= cpu_to_le16(conn
->dialect
);
266 /* Not setting conn guid rsp->ServerGUID, as it
267 * not used by client for identifying connection
269 rsp
->Capabilities
= cpu_to_le32(conn
->vals
->capabilities
);
270 /* Default Max Message Size till SMB2.0, 64K*/
271 rsp
->MaxTransactSize
= cpu_to_le32(conn
->vals
->max_trans_size
);
272 rsp
->MaxReadSize
= cpu_to_le32(conn
->vals
->max_read_size
);
273 rsp
->MaxWriteSize
= cpu_to_le32(conn
->vals
->max_write_size
);
275 rsp
->SystemTime
= cpu_to_le64(ksmbd_systime());
276 rsp
->ServerStartTime
= 0;
278 rsp
->SecurityBufferOffset
= cpu_to_le16(128);
279 rsp
->SecurityBufferLength
= cpu_to_le16(AUTH_GSS_LENGTH
);
280 ksmbd_copy_gss_neg_header(((char *)(&rsp
->hdr
) +
281 sizeof(rsp
->hdr
.smb2_buf_length
)) +
282 le16_to_cpu(rsp
->SecurityBufferOffset
));
283 inc_rfc1001_len(rsp
, sizeof(struct smb2_negotiate_rsp
) -
284 sizeof(struct smb2_hdr
) - sizeof(rsp
->Buffer
) +
286 rsp
->SecurityMode
= SMB2_NEGOTIATE_SIGNING_ENABLED_LE
;
287 if (server_conf
.signing
== KSMBD_CONFIG_OPT_MANDATORY
)
288 rsp
->SecurityMode
|= SMB2_NEGOTIATE_SIGNING_REQUIRED_LE
;
289 conn
->use_spnego
= true;
291 ksmbd_conn_set_need_negotiate(work
);
296 * smb2_set_rsp_credits() - set number of credits in response buffer
297 * @work: smb work containing smb response buffer
299 int smb2_set_rsp_credits(struct ksmbd_work
*work
)
301 struct smb2_hdr
*req_hdr
= ksmbd_req_buf_next(work
);
302 struct smb2_hdr
*hdr
= ksmbd_resp_buf_next(work
);
303 struct ksmbd_conn
*conn
= work
->conn
;
304 unsigned short credits_requested
;
305 unsigned short credit_charge
, credits_granted
= 0;
306 unsigned short aux_max
, aux_credits
;
308 if (work
->send_no_response
)
311 hdr
->CreditCharge
= req_hdr
->CreditCharge
;
313 if (conn
->total_credits
> conn
->max_credits
) {
314 hdr
->CreditRequest
= 0;
315 pr_err("Total credits overflow: %d\n", conn
->total_credits
);
319 credit_charge
= max_t(unsigned short,
320 le16_to_cpu(req_hdr
->CreditCharge
), 1);
321 credits_requested
= max_t(unsigned short,
322 le16_to_cpu(req_hdr
->CreditRequest
), 1);
324 /* according to smb2.credits smbtorture, Windows server
325 * 2016 or later grant up to 8192 credits at once.
327 * TODO: Need to adjuct CreditRequest value according to
330 aux_credits
= credits_requested
- 1;
331 if (hdr
->Command
== SMB2_NEGOTIATE
)
334 aux_max
= conn
->max_credits
- credit_charge
;
335 aux_credits
= min_t(unsigned short, aux_credits
, aux_max
);
336 credits_granted
= credit_charge
+ aux_credits
;
338 if (conn
->max_credits
- conn
->total_credits
< credits_granted
)
339 credits_granted
= conn
->max_credits
-
342 conn
->total_credits
+= credits_granted
;
343 work
->credits_granted
+= credits_granted
;
345 if (!req_hdr
->NextCommand
) {
346 /* Update CreditRequest in last request */
347 hdr
->CreditRequest
= cpu_to_le16(work
->credits_granted
);
350 "credits: requested[%d] granted[%d] total_granted[%d]\n",
351 credits_requested
, credits_granted
,
352 conn
->total_credits
);
357 * init_chained_smb2_rsp() - initialize smb2 chained response
358 * @work: smb work containing smb response buffer
360 static void init_chained_smb2_rsp(struct ksmbd_work
*work
)
362 struct smb2_hdr
*req
= ksmbd_req_buf_next(work
);
363 struct smb2_hdr
*rsp
= ksmbd_resp_buf_next(work
);
364 struct smb2_hdr
*rsp_hdr
;
365 struct smb2_hdr
*rcv_hdr
;
366 int next_hdr_offset
= 0;
369 /* Len of this response = updated RFC len - offset of previous cmd
370 * in the compound rsp
373 /* Storing the current local FID which may be needed by subsequent
374 * command in the compound request
376 if (req
->Command
== SMB2_CREATE
&& rsp
->Status
== STATUS_SUCCESS
) {
378 le64_to_cpu(((struct smb2_create_rsp
*)rsp
)->
380 work
->compound_pfid
=
381 le64_to_cpu(((struct smb2_create_rsp
*)rsp
)->
383 work
->compound_sid
= le64_to_cpu(rsp
->SessionId
);
386 len
= get_rfc1002_len(work
->response_buf
) - work
->next_smb2_rsp_hdr_off
;
387 next_hdr_offset
= le32_to_cpu(req
->NextCommand
);
389 new_len
= ALIGN(len
, 8);
390 inc_rfc1001_len(work
->response_buf
, ((sizeof(struct smb2_hdr
) - 4)
392 rsp
->NextCommand
= cpu_to_le32(new_len
);
394 work
->next_smb2_rcv_hdr_off
+= next_hdr_offset
;
395 work
->next_smb2_rsp_hdr_off
+= new_len
;
397 "Compound req new_len = %d rcv off = %d rsp off = %d\n",
398 new_len
, work
->next_smb2_rcv_hdr_off
,
399 work
->next_smb2_rsp_hdr_off
);
401 rsp_hdr
= ksmbd_resp_buf_next(work
);
402 rcv_hdr
= ksmbd_req_buf_next(work
);
404 if (!(rcv_hdr
->Flags
& SMB2_FLAGS_RELATED_OPERATIONS
)) {
405 ksmbd_debug(SMB
, "related flag should be set\n");
406 work
->compound_fid
= KSMBD_NO_FID
;
407 work
->compound_pfid
= KSMBD_NO_FID
;
409 memset((char *)rsp_hdr
+ 4, 0, sizeof(struct smb2_hdr
) + 2);
410 rsp_hdr
->ProtocolId
= SMB2_PROTO_NUMBER
;
411 rsp_hdr
->StructureSize
= SMB2_HEADER_STRUCTURE_SIZE
;
412 rsp_hdr
->Command
= rcv_hdr
->Command
;
415 * Message is response. We don't grant oplock yet.
417 rsp_hdr
->Flags
= (SMB2_FLAGS_SERVER_TO_REDIR
|
418 SMB2_FLAGS_RELATED_OPERATIONS
);
419 rsp_hdr
->NextCommand
= 0;
420 rsp_hdr
->MessageId
= rcv_hdr
->MessageId
;
421 rsp_hdr
->Id
.SyncId
.ProcessId
= rcv_hdr
->Id
.SyncId
.ProcessId
;
422 rsp_hdr
->Id
.SyncId
.TreeId
= rcv_hdr
->Id
.SyncId
.TreeId
;
423 rsp_hdr
->SessionId
= rcv_hdr
->SessionId
;
424 memcpy(rsp_hdr
->Signature
, rcv_hdr
->Signature
, 16);
428 * is_chained_smb2_message() - check for chained command
429 * @work: smb work containing smb request buffer
431 * Return: true if chained request, otherwise false
433 bool is_chained_smb2_message(struct ksmbd_work
*work
)
435 struct smb2_hdr
*hdr
= work
->request_buf
;
436 unsigned int len
, next_cmd
;
438 if (hdr
->ProtocolId
!= SMB2_PROTO_NUMBER
)
441 hdr
= ksmbd_req_buf_next(work
);
442 next_cmd
= le32_to_cpu(hdr
->NextCommand
);
444 if ((u64
)work
->next_smb2_rcv_hdr_off
+ next_cmd
+
445 __SMB2_HEADER_STRUCTURE_SIZE
>
446 get_rfc1002_len(work
->request_buf
)) {
447 pr_err("next command(%u) offset exceeds smb msg size\n",
452 if ((u64
)get_rfc1002_len(work
->response_buf
) + MAX_CIFS_SMALL_BUFFER_SIZE
>
454 pr_err("next response offset exceeds response buffer size\n");
458 ksmbd_debug(SMB
, "got SMB2 chained command\n");
459 init_chained_smb2_rsp(work
);
461 } else if (work
->next_smb2_rcv_hdr_off
) {
463 * This is last request in chained command,
464 * align response to 8 byte
466 len
= ALIGN(get_rfc1002_len(work
->response_buf
), 8);
467 len
= len
- get_rfc1002_len(work
->response_buf
);
469 ksmbd_debug(SMB
, "padding len %u\n", len
);
470 inc_rfc1001_len(work
->response_buf
, len
);
471 if (work
->aux_payload_sz
)
472 work
->aux_payload_sz
+= len
;
479 * init_smb2_rsp_hdr() - initialize smb2 response
480 * @work: smb work containing smb request buffer
484 int init_smb2_rsp_hdr(struct ksmbd_work
*work
)
486 struct smb2_hdr
*rsp_hdr
= work
->response_buf
;
487 struct smb2_hdr
*rcv_hdr
= work
->request_buf
;
488 struct ksmbd_conn
*conn
= work
->conn
;
490 memset(rsp_hdr
, 0, sizeof(struct smb2_hdr
) + 2);
491 rsp_hdr
->smb2_buf_length
=
492 cpu_to_be32(smb2_hdr_size_no_buflen(conn
->vals
));
493 rsp_hdr
->ProtocolId
= rcv_hdr
->ProtocolId
;
494 rsp_hdr
->StructureSize
= SMB2_HEADER_STRUCTURE_SIZE
;
495 rsp_hdr
->Command
= rcv_hdr
->Command
;
498 * Message is response. We don't grant oplock yet.
500 rsp_hdr
->Flags
= (SMB2_FLAGS_SERVER_TO_REDIR
);
501 rsp_hdr
->NextCommand
= 0;
502 rsp_hdr
->MessageId
= rcv_hdr
->MessageId
;
503 rsp_hdr
->Id
.SyncId
.ProcessId
= rcv_hdr
->Id
.SyncId
.ProcessId
;
504 rsp_hdr
->Id
.SyncId
.TreeId
= rcv_hdr
->Id
.SyncId
.TreeId
;
505 rsp_hdr
->SessionId
= rcv_hdr
->SessionId
;
506 memcpy(rsp_hdr
->Signature
, rcv_hdr
->Signature
, 16);
508 work
->syncronous
= true;
509 if (work
->async_id
) {
510 ksmbd_release_id(&conn
->async_ida
, work
->async_id
);
518 * smb2_allocate_rsp_buf() - allocate smb2 response buffer
519 * @work: smb work containing smb request buffer
521 * Return: 0 on success, otherwise -ENOMEM
523 int smb2_allocate_rsp_buf(struct ksmbd_work
*work
)
525 struct smb2_hdr
*hdr
= work
->request_buf
;
526 size_t small_sz
= MAX_CIFS_SMALL_BUFFER_SIZE
;
527 size_t large_sz
= small_sz
+ work
->conn
->vals
->max_trans_size
;
528 size_t sz
= small_sz
;
529 int cmd
= le16_to_cpu(hdr
->Command
);
531 if (cmd
== SMB2_IOCTL_HE
|| cmd
== SMB2_QUERY_DIRECTORY_HE
)
534 if (cmd
== SMB2_QUERY_INFO_HE
) {
535 struct smb2_query_info_req
*req
;
537 req
= work
->request_buf
;
538 if (req
->InfoType
== SMB2_O_INFO_FILE
&&
539 (req
->FileInfoClass
== FILE_FULL_EA_INFORMATION
||
540 req
->FileInfoClass
== FILE_ALL_INFORMATION
))
544 /* allocate large response buf for chained commands */
545 if (le32_to_cpu(hdr
->NextCommand
) > 0)
548 work
->response_buf
= kvmalloc(sz
, GFP_KERNEL
| __GFP_ZERO
);
549 if (!work
->response_buf
)
552 work
->response_sz
= sz
;
557 * smb2_check_user_session() - check for valid session for a user
558 * @work: smb work containing smb request buffer
560 * Return: 0 on success, otherwise error
562 int smb2_check_user_session(struct ksmbd_work
*work
)
564 struct smb2_hdr
*req_hdr
= work
->request_buf
;
565 struct ksmbd_conn
*conn
= work
->conn
;
566 unsigned int cmd
= conn
->ops
->get_cmd_val(work
);
567 unsigned long long sess_id
;
571 * SMB2_ECHO, SMB2_NEGOTIATE, SMB2_SESSION_SETUP command do not
572 * require a session id, so no need to validate user session's for
575 if (cmd
== SMB2_ECHO_HE
|| cmd
== SMB2_NEGOTIATE_HE
||
576 cmd
== SMB2_SESSION_SETUP_HE
)
579 if (!ksmbd_conn_good(work
))
582 sess_id
= le64_to_cpu(req_hdr
->SessionId
);
583 /* Check for validity of user session */
584 work
->sess
= ksmbd_session_lookup_all(conn
, sess_id
);
587 ksmbd_debug(SMB
, "Invalid user session, Uid %llu\n", sess_id
);
591 static void destroy_previous_session(struct ksmbd_user
*user
, u64 id
)
593 struct ksmbd_session
*prev_sess
= ksmbd_session_lookup_slowpath(id
);
594 struct ksmbd_user
*prev_user
;
599 prev_user
= prev_sess
->user
;
602 strcmp(user
->name
, prev_user
->name
) ||
603 user
->passkey_sz
!= prev_user
->passkey_sz
||
604 memcmp(user
->passkey
, prev_user
->passkey
, user
->passkey_sz
)) {
605 put_session(prev_sess
);
609 put_session(prev_sess
);
610 ksmbd_session_destroy(prev_sess
);
614 * smb2_get_name() - get filename string from on the wire smb format
615 * @share: ksmbd_share_config pointer
616 * @src: source buffer
617 * @maxlen: maxlen of source string
618 * @nls_table: nls_table pointer
620 * Return: matching converted filename on success, otherwise error ptr
623 smb2_get_name(struct ksmbd_share_config
*share
, const char *src
,
624 const int maxlen
, struct nls_table
*local_nls
)
628 name
= smb_strndup_from_utf16(src
, maxlen
, 1, local_nls
);
630 pr_err("failed to get name %ld\n", PTR_ERR(name
));
634 ksmbd_conv_path_to_unix(name
);
635 ksmbd_strip_last_slash(name
);
639 int setup_async_work(struct ksmbd_work
*work
, void (*fn
)(void **), void **arg
)
641 struct smb2_hdr
*rsp_hdr
;
642 struct ksmbd_conn
*conn
= work
->conn
;
645 rsp_hdr
= work
->response_buf
;
646 rsp_hdr
->Flags
|= SMB2_FLAGS_ASYNC_COMMAND
;
648 id
= ksmbd_acquire_async_msg_id(&conn
->async_ida
);
650 pr_err("Failed to alloc async message id\n");
653 work
->syncronous
= false;
655 rsp_hdr
->Id
.AsyncId
= cpu_to_le64(id
);
658 "Send interim Response to inform async request id : %d\n",
661 work
->cancel_fn
= fn
;
662 work
->cancel_argv
= arg
;
664 if (list_empty(&work
->async_request_entry
)) {
665 spin_lock(&conn
->request_lock
);
666 list_add_tail(&work
->async_request_entry
, &conn
->async_requests
);
667 spin_unlock(&conn
->request_lock
);
673 void smb2_send_interim_resp(struct ksmbd_work
*work
, __le32 status
)
675 struct smb2_hdr
*rsp_hdr
;
677 rsp_hdr
= work
->response_buf
;
678 smb2_set_err_rsp(work
);
679 rsp_hdr
->Status
= status
;
682 ksmbd_conn_write(work
);
687 static __le32
smb2_get_reparse_tag_special_file(umode_t mode
)
689 if (S_ISDIR(mode
) || S_ISREG(mode
))
693 return IO_REPARSE_TAG_LX_SYMLINK_LE
;
694 else if (S_ISFIFO(mode
))
695 return IO_REPARSE_TAG_LX_FIFO_LE
;
696 else if (S_ISSOCK(mode
))
697 return IO_REPARSE_TAG_AF_UNIX_LE
;
698 else if (S_ISCHR(mode
))
699 return IO_REPARSE_TAG_LX_CHR_LE
;
700 else if (S_ISBLK(mode
))
701 return IO_REPARSE_TAG_LX_BLK_LE
;
707 * smb2_get_dos_mode() - get file mode in dos format from unix mode
708 * @stat: kstat containing file mode
709 * @attribute: attribute flags
711 * Return: converted dos mode
713 static int smb2_get_dos_mode(struct kstat
*stat
, int attribute
)
717 if (S_ISDIR(stat
->mode
)) {
718 attr
= ATTR_DIRECTORY
|
719 (attribute
& (ATTR_HIDDEN
| ATTR_SYSTEM
));
721 attr
= (attribute
& 0x00005137) | ATTR_ARCHIVE
;
722 attr
&= ~(ATTR_DIRECTORY
);
723 if (S_ISREG(stat
->mode
) && (server_conf
.share_fake_fscaps
&
724 FILE_SUPPORTS_SPARSE_FILES
))
727 if (smb2_get_reparse_tag_special_file(stat
->mode
))
728 attr
|= ATTR_REPARSE
;
734 static void build_preauth_ctxt(struct smb2_preauth_neg_context
*pneg_ctxt
,
737 pneg_ctxt
->ContextType
= SMB2_PREAUTH_INTEGRITY_CAPABILITIES
;
738 pneg_ctxt
->DataLength
= cpu_to_le16(38);
739 pneg_ctxt
->HashAlgorithmCount
= cpu_to_le16(1);
740 pneg_ctxt
->Reserved
= cpu_to_le32(0);
741 pneg_ctxt
->SaltLength
= cpu_to_le16(SMB311_SALT_SIZE
);
742 get_random_bytes(pneg_ctxt
->Salt
, SMB311_SALT_SIZE
);
743 pneg_ctxt
->HashAlgorithms
= hash_id
;
746 static void build_encrypt_ctxt(struct smb2_encryption_neg_context
*pneg_ctxt
,
749 pneg_ctxt
->ContextType
= SMB2_ENCRYPTION_CAPABILITIES
;
750 pneg_ctxt
->DataLength
= cpu_to_le16(4);
751 pneg_ctxt
->Reserved
= cpu_to_le32(0);
752 pneg_ctxt
->CipherCount
= cpu_to_le16(1);
753 pneg_ctxt
->Ciphers
[0] = cipher_type
;
756 static void build_compression_ctxt(struct smb2_compression_ctx
*pneg_ctxt
,
759 pneg_ctxt
->ContextType
= SMB2_COMPRESSION_CAPABILITIES
;
760 pneg_ctxt
->DataLength
=
761 cpu_to_le16(sizeof(struct smb2_compression_ctx
)
762 - sizeof(struct smb2_neg_context
));
763 pneg_ctxt
->Reserved
= cpu_to_le32(0);
764 pneg_ctxt
->CompressionAlgorithmCount
= cpu_to_le16(1);
765 pneg_ctxt
->Reserved1
= cpu_to_le32(0);
766 pneg_ctxt
->CompressionAlgorithms
[0] = comp_algo
;
769 static void build_sign_cap_ctxt(struct smb2_signing_capabilities
*pneg_ctxt
,
772 pneg_ctxt
->ContextType
= SMB2_SIGNING_CAPABILITIES
;
773 pneg_ctxt
->DataLength
=
774 cpu_to_le16((sizeof(struct smb2_signing_capabilities
) + 2)
775 - sizeof(struct smb2_neg_context
));
776 pneg_ctxt
->Reserved
= cpu_to_le32(0);
777 pneg_ctxt
->SigningAlgorithmCount
= cpu_to_le16(1);
778 pneg_ctxt
->SigningAlgorithms
[0] = sign_algo
;
781 static void build_posix_ctxt(struct smb2_posix_neg_context
*pneg_ctxt
)
783 pneg_ctxt
->ContextType
= SMB2_POSIX_EXTENSIONS_AVAILABLE
;
784 pneg_ctxt
->DataLength
= cpu_to_le16(POSIX_CTXT_DATA_LEN
);
785 /* SMB2_CREATE_TAG_POSIX is "0x93AD25509CB411E7B42383DE968BCD7C" */
786 pneg_ctxt
->Name
[0] = 0x93;
787 pneg_ctxt
->Name
[1] = 0xAD;
788 pneg_ctxt
->Name
[2] = 0x25;
789 pneg_ctxt
->Name
[3] = 0x50;
790 pneg_ctxt
->Name
[4] = 0x9C;
791 pneg_ctxt
->Name
[5] = 0xB4;
792 pneg_ctxt
->Name
[6] = 0x11;
793 pneg_ctxt
->Name
[7] = 0xE7;
794 pneg_ctxt
->Name
[8] = 0xB4;
795 pneg_ctxt
->Name
[9] = 0x23;
796 pneg_ctxt
->Name
[10] = 0x83;
797 pneg_ctxt
->Name
[11] = 0xDE;
798 pneg_ctxt
->Name
[12] = 0x96;
799 pneg_ctxt
->Name
[13] = 0x8B;
800 pneg_ctxt
->Name
[14] = 0xCD;
801 pneg_ctxt
->Name
[15] = 0x7C;
804 static void assemble_neg_contexts(struct ksmbd_conn
*conn
,
805 struct smb2_negotiate_rsp
*rsp
)
807 /* +4 is to account for the RFC1001 len field */
808 char *pneg_ctxt
= (char *)rsp
+
809 le32_to_cpu(rsp
->NegotiateContextOffset
) + 4;
810 int neg_ctxt_cnt
= 1;
814 "assemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context\n");
815 build_preauth_ctxt((struct smb2_preauth_neg_context
*)pneg_ctxt
,
816 conn
->preauth_info
->Preauth_HashId
);
817 rsp
->NegotiateContextCount
= cpu_to_le16(neg_ctxt_cnt
);
818 inc_rfc1001_len(rsp
, AUTH_GSS_PADDING
);
819 ctxt_size
= sizeof(struct smb2_preauth_neg_context
);
820 /* Round to 8 byte boundary */
821 pneg_ctxt
+= round_up(sizeof(struct smb2_preauth_neg_context
), 8);
823 if (conn
->cipher_type
) {
824 ctxt_size
= round_up(ctxt_size
, 8);
826 "assemble SMB2_ENCRYPTION_CAPABILITIES context\n");
827 build_encrypt_ctxt((struct smb2_encryption_neg_context
*)pneg_ctxt
,
829 rsp
->NegotiateContextCount
= cpu_to_le16(++neg_ctxt_cnt
);
830 ctxt_size
+= sizeof(struct smb2_encryption_neg_context
) + 2;
831 /* Round to 8 byte boundary */
833 round_up(sizeof(struct smb2_encryption_neg_context
) + 2,
837 if (conn
->compress_algorithm
) {
838 ctxt_size
= round_up(ctxt_size
, 8);
840 "assemble SMB2_COMPRESSION_CAPABILITIES context\n");
841 /* Temporarily set to SMB3_COMPRESS_NONE */
842 build_compression_ctxt((struct smb2_compression_ctx
*)pneg_ctxt
,
843 conn
->compress_algorithm
);
844 rsp
->NegotiateContextCount
= cpu_to_le16(++neg_ctxt_cnt
);
845 ctxt_size
+= sizeof(struct smb2_compression_ctx
) + 2;
846 /* Round to 8 byte boundary */
847 pneg_ctxt
+= round_up(sizeof(struct smb2_compression_ctx
) + 2,
851 if (conn
->posix_ext_supported
) {
852 ctxt_size
= round_up(ctxt_size
, 8);
854 "assemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n");
855 build_posix_ctxt((struct smb2_posix_neg_context
*)pneg_ctxt
);
856 rsp
->NegotiateContextCount
= cpu_to_le16(++neg_ctxt_cnt
);
857 ctxt_size
+= sizeof(struct smb2_posix_neg_context
);
858 /* Round to 8 byte boundary */
859 pneg_ctxt
+= round_up(sizeof(struct smb2_posix_neg_context
), 8);
862 if (conn
->signing_negotiated
) {
863 ctxt_size
= round_up(ctxt_size
, 8);
865 "assemble SMB2_SIGNING_CAPABILITIES context\n");
866 build_sign_cap_ctxt((struct smb2_signing_capabilities
*)pneg_ctxt
,
867 conn
->signing_algorithm
);
868 rsp
->NegotiateContextCount
= cpu_to_le16(++neg_ctxt_cnt
);
869 ctxt_size
+= sizeof(struct smb2_signing_capabilities
) + 2;
872 inc_rfc1001_len(rsp
, ctxt_size
);
875 static __le32
decode_preauth_ctxt(struct ksmbd_conn
*conn
,
876 struct smb2_preauth_neg_context
*pneg_ctxt
)
878 __le32 err
= STATUS_NO_PREAUTH_INTEGRITY_HASH_OVERLAP
;
880 if (pneg_ctxt
->HashAlgorithms
== SMB2_PREAUTH_INTEGRITY_SHA512
) {
881 conn
->preauth_info
->Preauth_HashId
=
882 SMB2_PREAUTH_INTEGRITY_SHA512
;
883 err
= STATUS_SUCCESS
;
889 static void decode_encrypt_ctxt(struct ksmbd_conn
*conn
,
890 struct smb2_encryption_neg_context
*pneg_ctxt
,
893 int cph_cnt
= le16_to_cpu(pneg_ctxt
->CipherCount
);
894 int i
, cphs_size
= cph_cnt
* sizeof(__le16
);
896 conn
->cipher_type
= 0;
898 if (sizeof(struct smb2_encryption_neg_context
) + cphs_size
>
900 pr_err("Invalid cipher count(%d)\n", cph_cnt
);
904 if (!(server_conf
.flags
& KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION
))
907 for (i
= 0; i
< cph_cnt
; i
++) {
908 if (pneg_ctxt
->Ciphers
[i
] == SMB2_ENCRYPTION_AES128_GCM
||
909 pneg_ctxt
->Ciphers
[i
] == SMB2_ENCRYPTION_AES128_CCM
||
910 pneg_ctxt
->Ciphers
[i
] == SMB2_ENCRYPTION_AES256_CCM
||
911 pneg_ctxt
->Ciphers
[i
] == SMB2_ENCRYPTION_AES256_GCM
) {
912 ksmbd_debug(SMB
, "Cipher ID = 0x%x\n",
913 pneg_ctxt
->Ciphers
[i
]);
914 conn
->cipher_type
= pneg_ctxt
->Ciphers
[i
];
920 static void decode_compress_ctxt(struct ksmbd_conn
*conn
,
921 struct smb2_compression_ctx
*pneg_ctxt
)
923 conn
->compress_algorithm
= SMB3_COMPRESS_NONE
;
926 static void decode_sign_cap_ctxt(struct ksmbd_conn
*conn
,
927 struct smb2_signing_capabilities
*pneg_ctxt
,
930 int sign_algo_cnt
= le16_to_cpu(pneg_ctxt
->SigningAlgorithmCount
);
931 int i
, sign_alos_size
= sign_algo_cnt
* sizeof(__le16
);
933 conn
->signing_negotiated
= false;
935 if (sizeof(struct smb2_signing_capabilities
) + sign_alos_size
>
937 pr_err("Invalid signing algorithm count(%d)\n", sign_algo_cnt
);
941 for (i
= 0; i
< sign_algo_cnt
; i
++) {
942 if (pneg_ctxt
->SigningAlgorithms
[i
] == SIGNING_ALG_HMAC_SHA256
||
943 pneg_ctxt
->SigningAlgorithms
[i
] == SIGNING_ALG_AES_CMAC
) {
944 ksmbd_debug(SMB
, "Signing Algorithm ID = 0x%x\n",
945 pneg_ctxt
->SigningAlgorithms
[i
]);
946 conn
->signing_negotiated
= true;
947 conn
->signing_algorithm
=
948 pneg_ctxt
->SigningAlgorithms
[i
];
954 static __le32
deassemble_neg_contexts(struct ksmbd_conn
*conn
,
955 struct smb2_negotiate_req
*req
)
957 /* +4 is to account for the RFC1001 len field */
958 struct smb2_neg_context
*pctx
= (struct smb2_neg_context
*)((char *)req
+ 4);
959 int i
= 0, len_of_ctxts
;
960 int offset
= le32_to_cpu(req
->NegotiateContextOffset
);
961 int neg_ctxt_cnt
= le16_to_cpu(req
->NegotiateContextCount
);
962 int len_of_smb
= be32_to_cpu(req
->hdr
.smb2_buf_length
);
963 __le32 status
= STATUS_INVALID_PARAMETER
;
965 ksmbd_debug(SMB
, "decoding %d negotiate contexts\n", neg_ctxt_cnt
);
966 if (len_of_smb
<= offset
) {
967 ksmbd_debug(SMB
, "Invalid response: negotiate context offset\n");
971 len_of_ctxts
= len_of_smb
- offset
;
973 while (i
++ < neg_ctxt_cnt
) {
976 /* check that offset is not beyond end of SMB */
977 if (len_of_ctxts
== 0)
980 if (len_of_ctxts
< sizeof(struct smb2_neg_context
))
983 pctx
= (struct smb2_neg_context
*)((char *)pctx
+ offset
);
984 clen
= le16_to_cpu(pctx
->DataLength
);
985 if (clen
+ sizeof(struct smb2_neg_context
) > len_of_ctxts
)
988 if (pctx
->ContextType
== SMB2_PREAUTH_INTEGRITY_CAPABILITIES
) {
990 "deassemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context\n");
991 if (conn
->preauth_info
->Preauth_HashId
)
994 status
= decode_preauth_ctxt(conn
,
995 (struct smb2_preauth_neg_context
*)pctx
);
996 if (status
!= STATUS_SUCCESS
)
998 } else if (pctx
->ContextType
== SMB2_ENCRYPTION_CAPABILITIES
) {
1000 "deassemble SMB2_ENCRYPTION_CAPABILITIES context\n");
1001 if (conn
->cipher_type
)
1004 decode_encrypt_ctxt(conn
,
1005 (struct smb2_encryption_neg_context
*)pctx
,
1007 } else if (pctx
->ContextType
== SMB2_COMPRESSION_CAPABILITIES
) {
1009 "deassemble SMB2_COMPRESSION_CAPABILITIES context\n");
1010 if (conn
->compress_algorithm
)
1013 decode_compress_ctxt(conn
,
1014 (struct smb2_compression_ctx
*)pctx
);
1015 } else if (pctx
->ContextType
== SMB2_NETNAME_NEGOTIATE_CONTEXT_ID
) {
1017 "deassemble SMB2_NETNAME_NEGOTIATE_CONTEXT_ID context\n");
1018 } else if (pctx
->ContextType
== SMB2_POSIX_EXTENSIONS_AVAILABLE
) {
1020 "deassemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n");
1021 conn
->posix_ext_supported
= true;
1022 } else if (pctx
->ContextType
== SMB2_SIGNING_CAPABILITIES
) {
1024 "deassemble SMB2_SIGNING_CAPABILITIES context\n");
1025 decode_sign_cap_ctxt(conn
,
1026 (struct smb2_signing_capabilities
*)pctx
,
1030 /* offsets must be 8 byte aligned */
1031 clen
= (clen
+ 7) & ~0x7;
1032 offset
= clen
+ sizeof(struct smb2_neg_context
);
1033 len_of_ctxts
-= clen
+ sizeof(struct smb2_neg_context
);
1039 * smb2_handle_negotiate() - handler for smb2 negotiate command
1040 * @work: smb work containing smb request buffer
1044 int smb2_handle_negotiate(struct ksmbd_work
*work
)
1046 struct ksmbd_conn
*conn
= work
->conn
;
1047 struct smb2_negotiate_req
*req
= work
->request_buf
;
1048 struct smb2_negotiate_rsp
*rsp
= work
->response_buf
;
1050 unsigned int smb2_buf_len
, smb2_neg_size
;
1053 ksmbd_debug(SMB
, "Received negotiate request\n");
1054 conn
->need_neg
= false;
1055 if (ksmbd_conn_good(work
)) {
1056 pr_err("conn->tcp_status is already in CifsGood State\n");
1057 work
->send_no_response
= 1;
1061 if (req
->DialectCount
== 0) {
1062 pr_err("malformed packet\n");
1063 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1068 smb2_buf_len
= get_rfc1002_len(work
->request_buf
);
1069 smb2_neg_size
= offsetof(struct smb2_negotiate_req
, Dialects
) - 4;
1070 if (smb2_neg_size
> smb2_buf_len
) {
1071 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1076 if (conn
->dialect
== SMB311_PROT_ID
) {
1077 unsigned int nego_ctxt_off
= le32_to_cpu(req
->NegotiateContextOffset
);
1079 if (smb2_buf_len
< nego_ctxt_off
) {
1080 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1085 if (smb2_neg_size
> nego_ctxt_off
) {
1086 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1091 if (smb2_neg_size
+ le16_to_cpu(req
->DialectCount
) * sizeof(__le16
) >
1093 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1098 if (smb2_neg_size
+ le16_to_cpu(req
->DialectCount
) * sizeof(__le16
) >
1100 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1106 conn
->cli_cap
= le32_to_cpu(req
->Capabilities
);
1107 switch (conn
->dialect
) {
1108 case SMB311_PROT_ID
:
1109 conn
->preauth_info
=
1110 kzalloc(sizeof(struct preauth_integrity_info
),
1112 if (!conn
->preauth_info
) {
1114 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1118 status
= deassemble_neg_contexts(conn
, req
);
1119 if (status
!= STATUS_SUCCESS
) {
1120 pr_err("deassemble_neg_contexts error(0x%x)\n",
1122 rsp
->hdr
.Status
= status
;
1127 rc
= init_smb3_11_server(conn
);
1129 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1133 ksmbd_gen_preauth_integrity_hash(conn
,
1135 conn
->preauth_info
->Preauth_HashValue
);
1136 rsp
->NegotiateContextOffset
=
1137 cpu_to_le32(OFFSET_OF_NEG_CONTEXT
);
1138 assemble_neg_contexts(conn
, rsp
);
1140 case SMB302_PROT_ID
:
1141 init_smb3_02_server(conn
);
1144 init_smb3_0_server(conn
);
1147 init_smb2_1_server(conn
);
1152 ksmbd_debug(SMB
, "Server dialect :0x%x not supported\n",
1154 rsp
->hdr
.Status
= STATUS_NOT_SUPPORTED
;
1158 rsp
->Capabilities
= cpu_to_le32(conn
->vals
->capabilities
);
1161 conn
->connection_type
= conn
->dialect
;
1163 rsp
->MaxTransactSize
= cpu_to_le32(conn
->vals
->max_trans_size
);
1164 rsp
->MaxReadSize
= cpu_to_le32(conn
->vals
->max_read_size
);
1165 rsp
->MaxWriteSize
= cpu_to_le32(conn
->vals
->max_write_size
);
1167 memcpy(conn
->ClientGUID
, req
->ClientGUID
,
1168 SMB2_CLIENT_GUID_SIZE
);
1169 conn
->cli_sec_mode
= le16_to_cpu(req
->SecurityMode
);
1171 rsp
->StructureSize
= cpu_to_le16(65);
1172 rsp
->DialectRevision
= cpu_to_le16(conn
->dialect
);
1173 /* Not setting conn guid rsp->ServerGUID, as it
1174 * not used by client for identifying server
1176 memset(rsp
->ServerGUID
, 0, SMB2_CLIENT_GUID_SIZE
);
1178 rsp
->SystemTime
= cpu_to_le64(ksmbd_systime());
1179 rsp
->ServerStartTime
= 0;
1180 ksmbd_debug(SMB
, "negotiate context offset %d, count %d\n",
1181 le32_to_cpu(rsp
->NegotiateContextOffset
),
1182 le16_to_cpu(rsp
->NegotiateContextCount
));
1184 rsp
->SecurityBufferOffset
= cpu_to_le16(128);
1185 rsp
->SecurityBufferLength
= cpu_to_le16(AUTH_GSS_LENGTH
);
1186 ksmbd_copy_gss_neg_header(((char *)(&rsp
->hdr
) +
1187 sizeof(rsp
->hdr
.smb2_buf_length
)) +
1188 le16_to_cpu(rsp
->SecurityBufferOffset
));
1189 inc_rfc1001_len(rsp
, sizeof(struct smb2_negotiate_rsp
) -
1190 sizeof(struct smb2_hdr
) - sizeof(rsp
->Buffer
) +
1192 rsp
->SecurityMode
= SMB2_NEGOTIATE_SIGNING_ENABLED_LE
;
1193 conn
->use_spnego
= true;
1195 if ((server_conf
.signing
== KSMBD_CONFIG_OPT_AUTO
||
1196 server_conf
.signing
== KSMBD_CONFIG_OPT_DISABLED
) &&
1197 req
->SecurityMode
& SMB2_NEGOTIATE_SIGNING_REQUIRED_LE
)
1199 else if (server_conf
.signing
== KSMBD_CONFIG_OPT_MANDATORY
) {
1200 server_conf
.enforced_signing
= true;
1201 rsp
->SecurityMode
|= SMB2_NEGOTIATE_SIGNING_REQUIRED_LE
;
1205 conn
->srv_sec_mode
= le16_to_cpu(rsp
->SecurityMode
);
1206 ksmbd_conn_set_need_negotiate(work
);
1210 smb2_set_err_rsp(work
);
1215 static int alloc_preauth_hash(struct ksmbd_session
*sess
,
1216 struct ksmbd_conn
*conn
)
1218 if (sess
->Preauth_HashValue
)
1221 sess
->Preauth_HashValue
= kmemdup(conn
->preauth_info
->Preauth_HashValue
,
1222 PREAUTH_HASHVALUE_SIZE
, GFP_KERNEL
);
1223 if (!sess
->Preauth_HashValue
)
1229 static int generate_preauth_hash(struct ksmbd_work
*work
)
1231 struct ksmbd_conn
*conn
= work
->conn
;
1232 struct ksmbd_session
*sess
= work
->sess
;
1235 if (conn
->dialect
!= SMB311_PROT_ID
)
1238 if (conn
->binding
) {
1239 struct preauth_session
*preauth_sess
;
1241 preauth_sess
= ksmbd_preauth_session_lookup(conn
, sess
->id
);
1242 if (!preauth_sess
) {
1243 preauth_sess
= ksmbd_preauth_session_alloc(conn
, sess
->id
);
1248 preauth_hash
= preauth_sess
->Preauth_HashValue
;
1250 if (!sess
->Preauth_HashValue
)
1251 if (alloc_preauth_hash(sess
, conn
))
1253 preauth_hash
= sess
->Preauth_HashValue
;
1256 ksmbd_gen_preauth_integrity_hash(conn
, work
->request_buf
, preauth_hash
);
1260 static int decode_negotiation_token(struct ksmbd_conn
*conn
,
1261 struct negotiate_message
*negblob
,
1264 if (!conn
->use_spnego
)
1267 if (ksmbd_decode_negTokenInit((char *)negblob
, sz
, conn
)) {
1268 if (ksmbd_decode_negTokenTarg((char *)negblob
, sz
, conn
)) {
1269 conn
->auth_mechs
|= KSMBD_AUTH_NTLMSSP
;
1270 conn
->preferred_auth_mech
= KSMBD_AUTH_NTLMSSP
;
1271 conn
->use_spnego
= false;
1277 static int ntlm_negotiate(struct ksmbd_work
*work
,
1278 struct negotiate_message
*negblob
,
1281 struct smb2_sess_setup_rsp
*rsp
= work
->response_buf
;
1282 struct challenge_message
*chgblob
;
1283 unsigned char *spnego_blob
= NULL
;
1284 u16 spnego_blob_len
;
1288 ksmbd_debug(SMB
, "negotiate phase\n");
1289 rc
= ksmbd_decode_ntlmssp_neg_blob(negblob
, negblob_len
, work
->sess
);
1293 sz
= le16_to_cpu(rsp
->SecurityBufferOffset
);
1295 (struct challenge_message
*)((char *)&rsp
->hdr
.ProtocolId
+ sz
);
1296 memset(chgblob
, 0, sizeof(struct challenge_message
));
1298 if (!work
->conn
->use_spnego
) {
1299 sz
= ksmbd_build_ntlmssp_challenge_blob(chgblob
, work
->sess
);
1303 rsp
->SecurityBufferLength
= cpu_to_le16(sz
);
1307 sz
= sizeof(struct challenge_message
);
1308 sz
+= (strlen(ksmbd_netbios_name()) * 2 + 1 + 4) * 6;
1310 neg_blob
= kzalloc(sz
, GFP_KERNEL
);
1314 chgblob
= (struct challenge_message
*)neg_blob
;
1315 sz
= ksmbd_build_ntlmssp_challenge_blob(chgblob
, work
->sess
);
1321 rc
= build_spnego_ntlmssp_neg_blob(&spnego_blob
, &spnego_blob_len
,
1328 sz
= le16_to_cpu(rsp
->SecurityBufferOffset
);
1329 memcpy((char *)&rsp
->hdr
.ProtocolId
+ sz
, spnego_blob
, spnego_blob_len
);
1330 rsp
->SecurityBufferLength
= cpu_to_le16(spnego_blob_len
);
1338 static struct authenticate_message
*user_authblob(struct ksmbd_conn
*conn
,
1339 struct smb2_sess_setup_req
*req
)
1343 if (conn
->use_spnego
&& conn
->mechToken
)
1344 return (struct authenticate_message
*)conn
->mechToken
;
1346 sz
= le16_to_cpu(req
->SecurityBufferOffset
);
1347 return (struct authenticate_message
*)((char *)&req
->hdr
.ProtocolId
1351 static struct ksmbd_user
*session_user(struct ksmbd_conn
*conn
,
1352 struct smb2_sess_setup_req
*req
)
1354 struct authenticate_message
*authblob
;
1355 struct ksmbd_user
*user
;
1357 unsigned int auth_msg_len
, name_off
, name_len
, secbuf_len
;
1359 secbuf_len
= le16_to_cpu(req
->SecurityBufferLength
);
1360 if (secbuf_len
< sizeof(struct authenticate_message
)) {
1361 ksmbd_debug(SMB
, "blob len %d too small\n", secbuf_len
);
1364 authblob
= user_authblob(conn
, req
);
1365 name_off
= le32_to_cpu(authblob
->UserName
.BufferOffset
);
1366 name_len
= le16_to_cpu(authblob
->UserName
.Length
);
1367 auth_msg_len
= le16_to_cpu(req
->SecurityBufferOffset
) + secbuf_len
;
1369 if (auth_msg_len
< (u64
)name_off
+ name_len
)
1372 name
= smb_strndup_from_utf16((const char *)authblob
+ name_off
,
1377 pr_err("cannot allocate memory\n");
1381 ksmbd_debug(SMB
, "session setup request for user %s\n", name
);
1382 user
= ksmbd_login_user(name
);
1387 static int ntlm_authenticate(struct ksmbd_work
*work
)
1389 struct smb2_sess_setup_req
*req
= work
->request_buf
;
1390 struct smb2_sess_setup_rsp
*rsp
= work
->response_buf
;
1391 struct ksmbd_conn
*conn
= work
->conn
;
1392 struct ksmbd_session
*sess
= work
->sess
;
1393 struct channel
*chann
= NULL
;
1394 struct ksmbd_user
*user
;
1398 ksmbd_debug(SMB
, "authenticate phase\n");
1399 if (conn
->use_spnego
) {
1400 unsigned char *spnego_blob
;
1401 u16 spnego_blob_len
;
1403 rc
= build_spnego_ntlmssp_auth_blob(&spnego_blob
,
1409 sz
= le16_to_cpu(rsp
->SecurityBufferOffset
);
1410 memcpy((char *)&rsp
->hdr
.ProtocolId
+ sz
, spnego_blob
, spnego_blob_len
);
1411 rsp
->SecurityBufferLength
= cpu_to_le16(spnego_blob_len
);
1413 inc_rfc1001_len(rsp
, spnego_blob_len
- 1);
1416 user
= session_user(conn
, req
);
1418 ksmbd_debug(SMB
, "Unknown user name or an error\n");
1422 /* Check for previous session */
1423 prev_id
= le64_to_cpu(req
->PreviousSessionId
);
1424 if (prev_id
&& prev_id
!= sess
->id
)
1425 destroy_previous_session(user
, prev_id
);
1427 if (sess
->state
== SMB2_SESSION_VALID
) {
1429 * Reuse session if anonymous try to connect
1430 * on reauthetication.
1432 if (ksmbd_anonymous_user(user
)) {
1433 ksmbd_free_user(user
);
1436 ksmbd_free_user(sess
->user
);
1440 if (user_guest(sess
->user
)) {
1442 ksmbd_debug(SMB
, "Guest login not allowed when signing enabled\n");
1446 rsp
->SessionFlags
= SMB2_SESSION_FLAG_IS_GUEST_LE
;
1448 struct authenticate_message
*authblob
;
1450 authblob
= user_authblob(conn
, req
);
1451 sz
= le16_to_cpu(req
->SecurityBufferLength
);
1452 rc
= ksmbd_decode_ntlmssp_auth_blob(authblob
, sz
, sess
);
1454 set_user_flag(sess
->user
, KSMBD_USER_FLAG_BAD_PASSWORD
);
1455 ksmbd_debug(SMB
, "authentication failed\n");
1460 * If session state is SMB2_SESSION_VALID, We can assume
1461 * that it is reauthentication. And the user/password
1462 * has been verified, so return it here.
1464 if (sess
->state
== SMB2_SESSION_VALID
) {
1466 goto binding_session
;
1470 if ((conn
->sign
|| server_conf
.enforced_signing
) ||
1471 (req
->SecurityMode
& SMB2_NEGOTIATE_SIGNING_REQUIRED
))
1474 if (conn
->vals
->capabilities
& SMB2_GLOBAL_CAP_ENCRYPTION
&&
1475 conn
->ops
->generate_encryptionkey
&&
1476 !(req
->Flags
& SMB2_SESSION_REQ_FLAG_BINDING
)) {
1477 rc
= conn
->ops
->generate_encryptionkey(sess
);
1480 "SMB3 encryption key generation failed\n");
1484 rsp
->SessionFlags
= SMB2_SESSION_FLAG_ENCRYPT_DATA_LE
;
1486 * signing is disable if encryption is enable
1494 if (conn
->dialect
>= SMB30_PROT_ID
) {
1495 chann
= lookup_chann_list(sess
, conn
);
1497 chann
= kmalloc(sizeof(struct channel
), GFP_KERNEL
);
1502 INIT_LIST_HEAD(&chann
->chann_list
);
1503 list_add(&chann
->chann_list
, &sess
->ksmbd_chann_list
);
1507 if (conn
->ops
->generate_signingkey
) {
1508 rc
= conn
->ops
->generate_signingkey(sess
, conn
);
1510 ksmbd_debug(SMB
, "SMB3 signing key generation failed\n");
1515 if (!ksmbd_conn_lookup_dialect(conn
)) {
1516 pr_err("fail to verify the dialect\n");
1522 #ifdef CONFIG_SMB_SERVER_KERBEROS5
1523 static int krb5_authenticate(struct ksmbd_work
*work
)
1525 struct smb2_sess_setup_req
*req
= work
->request_buf
;
1526 struct smb2_sess_setup_rsp
*rsp
= work
->response_buf
;
1527 struct ksmbd_conn
*conn
= work
->conn
;
1528 struct ksmbd_session
*sess
= work
->sess
;
1529 char *in_blob
, *out_blob
;
1530 struct channel
*chann
= NULL
;
1532 int in_len
, out_len
;
1535 in_blob
= (char *)&req
->hdr
.ProtocolId
+
1536 le16_to_cpu(req
->SecurityBufferOffset
);
1537 in_len
= le16_to_cpu(req
->SecurityBufferLength
);
1538 out_blob
= (char *)&rsp
->hdr
.ProtocolId
+
1539 le16_to_cpu(rsp
->SecurityBufferOffset
);
1540 out_len
= work
->response_sz
-
1541 offsetof(struct smb2_hdr
, smb2_buf_length
) -
1542 le16_to_cpu(rsp
->SecurityBufferOffset
);
1544 /* Check previous session */
1545 prev_sess_id
= le64_to_cpu(req
->PreviousSessionId
);
1546 if (prev_sess_id
&& prev_sess_id
!= sess
->id
)
1547 destroy_previous_session(sess
->user
, prev_sess_id
);
1549 if (sess
->state
== SMB2_SESSION_VALID
)
1550 ksmbd_free_user(sess
->user
);
1552 retval
= ksmbd_krb5_authenticate(sess
, in_blob
, in_len
,
1553 out_blob
, &out_len
);
1555 ksmbd_debug(SMB
, "krb5 authentication failed\n");
1558 rsp
->SecurityBufferLength
= cpu_to_le16(out_len
);
1559 inc_rfc1001_len(rsp
, out_len
- 1);
1561 if ((conn
->sign
|| server_conf
.enforced_signing
) ||
1562 (req
->SecurityMode
& SMB2_NEGOTIATE_SIGNING_REQUIRED
))
1565 if ((conn
->vals
->capabilities
& SMB2_GLOBAL_CAP_ENCRYPTION
) &&
1566 conn
->ops
->generate_encryptionkey
) {
1567 retval
= conn
->ops
->generate_encryptionkey(sess
);
1570 "SMB3 encryption key generation failed\n");
1574 rsp
->SessionFlags
= SMB2_SESSION_FLAG_ENCRYPT_DATA_LE
;
1578 if (conn
->dialect
>= SMB30_PROT_ID
) {
1579 chann
= lookup_chann_list(sess
, conn
);
1581 chann
= kmalloc(sizeof(struct channel
), GFP_KERNEL
);
1586 INIT_LIST_HEAD(&chann
->chann_list
);
1587 list_add(&chann
->chann_list
, &sess
->ksmbd_chann_list
);
1591 if (conn
->ops
->generate_signingkey
) {
1592 retval
= conn
->ops
->generate_signingkey(sess
, conn
);
1594 ksmbd_debug(SMB
, "SMB3 signing key generation failed\n");
1599 if (!ksmbd_conn_lookup_dialect(conn
)) {
1600 pr_err("fail to verify the dialect\n");
1606 static int krb5_authenticate(struct ksmbd_work
*work
)
1612 int smb2_sess_setup(struct ksmbd_work
*work
)
1614 struct ksmbd_conn
*conn
= work
->conn
;
1615 struct smb2_sess_setup_req
*req
= work
->request_buf
;
1616 struct smb2_sess_setup_rsp
*rsp
= work
->response_buf
;
1617 struct ksmbd_session
*sess
;
1618 struct negotiate_message
*negblob
;
1619 unsigned int negblob_len
, negblob_off
;
1622 ksmbd_debug(SMB
, "Received request for session setup\n");
1624 rsp
->StructureSize
= cpu_to_le16(9);
1625 rsp
->SessionFlags
= 0;
1626 rsp
->SecurityBufferOffset
= cpu_to_le16(72);
1627 rsp
->SecurityBufferLength
= 0;
1628 inc_rfc1001_len(rsp
, 9);
1630 if (!req
->hdr
.SessionId
) {
1631 sess
= ksmbd_smb2_session_create();
1636 rsp
->hdr
.SessionId
= cpu_to_le64(sess
->id
);
1637 ksmbd_session_register(conn
, sess
);
1638 } else if (conn
->dialect
>= SMB30_PROT_ID
&&
1639 (server_conf
.flags
& KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL
) &&
1640 req
->Flags
& SMB2_SESSION_REQ_FLAG_BINDING
) {
1641 u64 sess_id
= le64_to_cpu(req
->hdr
.SessionId
);
1643 sess
= ksmbd_session_lookup_slowpath(sess_id
);
1649 if (conn
->dialect
!= sess
->conn
->dialect
) {
1654 if (!(req
->hdr
.Flags
& SMB2_FLAGS_SIGNED
)) {
1659 if (strncmp(conn
->ClientGUID
, sess
->conn
->ClientGUID
,
1660 SMB2_CLIENT_GUID_SIZE
)) {
1665 if (sess
->state
== SMB2_SESSION_IN_PROGRESS
) {
1670 if (sess
->state
== SMB2_SESSION_EXPIRED
) {
1675 if (ksmbd_session_lookup(conn
, sess_id
)) {
1680 conn
->binding
= true;
1681 } else if ((conn
->dialect
< SMB30_PROT_ID
||
1682 server_conf
.flags
& KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL
) &&
1683 (req
->Flags
& SMB2_SESSION_REQ_FLAG_BINDING
)) {
1688 sess
= ksmbd_session_lookup(conn
,
1689 le64_to_cpu(req
->hdr
.SessionId
));
1697 if (sess
->state
== SMB2_SESSION_EXPIRED
)
1698 sess
->state
= SMB2_SESSION_IN_PROGRESS
;
1700 negblob_off
= le16_to_cpu(req
->SecurityBufferOffset
);
1701 negblob_len
= le16_to_cpu(req
->SecurityBufferLength
);
1702 if (negblob_off
< (offsetof(struct smb2_sess_setup_req
, Buffer
) - 4) ||
1703 negblob_len
< offsetof(struct negotiate_message
, NegotiateFlags
))
1706 negblob
= (struct negotiate_message
*)((char *)&req
->hdr
.ProtocolId
+
1709 if (decode_negotiation_token(conn
, negblob
, negblob_len
) == 0) {
1710 if (conn
->mechToken
)
1711 negblob
= (struct negotiate_message
*)conn
->mechToken
;
1714 if (server_conf
.auth_mechs
& conn
->auth_mechs
) {
1715 rc
= generate_preauth_hash(work
);
1719 if (conn
->preferred_auth_mech
&
1720 (KSMBD_AUTH_KRB5
| KSMBD_AUTH_MSKRB5
)) {
1721 rc
= krb5_authenticate(work
);
1727 ksmbd_conn_set_good(work
);
1728 sess
->state
= SMB2_SESSION_VALID
;
1729 kfree(sess
->Preauth_HashValue
);
1730 sess
->Preauth_HashValue
= NULL
;
1731 } else if (conn
->preferred_auth_mech
== KSMBD_AUTH_NTLMSSP
) {
1732 if (negblob
->MessageType
== NtLmNegotiate
) {
1733 rc
= ntlm_negotiate(work
, negblob
, negblob_len
);
1737 STATUS_MORE_PROCESSING_REQUIRED
;
1739 * Note: here total size -1 is done as an
1740 * adjustment for 0 size blob
1742 inc_rfc1001_len(rsp
, le16_to_cpu(rsp
->SecurityBufferLength
) - 1);
1744 } else if (negblob
->MessageType
== NtLmAuthenticate
) {
1745 rc
= ntlm_authenticate(work
);
1749 ksmbd_conn_set_good(work
);
1750 sess
->state
= SMB2_SESSION_VALID
;
1751 if (conn
->binding
) {
1752 struct preauth_session
*preauth_sess
;
1755 ksmbd_preauth_session_lookup(conn
, sess
->id
);
1757 list_del(&preauth_sess
->preauth_entry
);
1758 kfree(preauth_sess
);
1761 kfree(sess
->Preauth_HashValue
);
1762 sess
->Preauth_HashValue
= NULL
;
1765 /* TODO: need one more negotiation */
1766 pr_err("Not support the preferred authentication\n");
1770 pr_err("Not support authentication\n");
1776 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1777 else if (rc
== -ENOENT
)
1778 rsp
->hdr
.Status
= STATUS_USER_SESSION_DELETED
;
1779 else if (rc
== -EACCES
)
1780 rsp
->hdr
.Status
= STATUS_REQUEST_NOT_ACCEPTED
;
1781 else if (rc
== -EFAULT
)
1782 rsp
->hdr
.Status
= STATUS_NETWORK_SESSION_EXPIRED
;
1783 else if (rc
== -ENOMEM
)
1784 rsp
->hdr
.Status
= STATUS_INSUFFICIENT_RESOURCES
;
1786 rsp
->hdr
.Status
= STATUS_LOGON_FAILURE
;
1788 if (conn
->use_spnego
&& conn
->mechToken
) {
1789 kfree(conn
->mechToken
);
1790 conn
->mechToken
= NULL
;
1795 * SecurityBufferOffset should be set to zero
1796 * in session setup error response.
1798 rsp
->SecurityBufferOffset
= 0;
1801 bool try_delay
= false;
1804 * To avoid dictionary attacks (repeated session setups rapidly sent) to
1805 * connect to server, ksmbd make a delay of a 5 seconds on session setup
1806 * failure to make it harder to send enough random connection requests
1807 * to break into a server.
1809 if (sess
->user
&& sess
->user
->flags
& KSMBD_USER_FLAG_DELAY_SESSION
)
1812 ksmbd_session_destroy(sess
);
1823 * smb2_tree_connect() - handler for smb2 tree connect command
1824 * @work: smb work containing smb request buffer
1826 * Return: 0 on success, otherwise error
1828 int smb2_tree_connect(struct ksmbd_work
*work
)
1830 struct ksmbd_conn
*conn
= work
->conn
;
1831 struct smb2_tree_connect_req
*req
= work
->request_buf
;
1832 struct smb2_tree_connect_rsp
*rsp
= work
->response_buf
;
1833 struct ksmbd_session
*sess
= work
->sess
;
1834 char *treename
= NULL
, *name
= NULL
;
1835 struct ksmbd_tree_conn_status status
;
1836 struct ksmbd_share_config
*share
;
1839 treename
= smb_strndup_from_utf16(req
->Buffer
,
1840 le16_to_cpu(req
->PathLength
), true,
1842 if (IS_ERR(treename
)) {
1843 pr_err("treename is NULL\n");
1844 status
.ret
= KSMBD_TREE_CONN_STATUS_ERROR
;
1848 name
= ksmbd_extract_sharename(treename
);
1850 status
.ret
= KSMBD_TREE_CONN_STATUS_ERROR
;
1854 ksmbd_debug(SMB
, "tree connect request for tree %s treename %s\n",
1857 status
= ksmbd_tree_conn_connect(sess
, name
);
1858 if (status
.ret
== KSMBD_TREE_CONN_STATUS_OK
)
1859 rsp
->hdr
.Id
.SyncId
.TreeId
= cpu_to_le32(status
.tree_conn
->id
);
1863 share
= status
.tree_conn
->share_conf
;
1864 if (test_share_config_flag(share
, KSMBD_SHARE_FLAG_PIPE
)) {
1865 ksmbd_debug(SMB
, "IPC share path request\n");
1866 rsp
->ShareType
= SMB2_SHARE_TYPE_PIPE
;
1867 rsp
->MaximalAccess
= FILE_READ_DATA_LE
| FILE_READ_EA_LE
|
1868 FILE_EXECUTE_LE
| FILE_READ_ATTRIBUTES_LE
|
1869 FILE_DELETE_LE
| FILE_READ_CONTROL_LE
|
1870 FILE_WRITE_DAC_LE
| FILE_WRITE_OWNER_LE
|
1871 FILE_SYNCHRONIZE_LE
;
1873 rsp
->ShareType
= SMB2_SHARE_TYPE_DISK
;
1874 rsp
->MaximalAccess
= FILE_READ_DATA_LE
| FILE_READ_EA_LE
|
1875 FILE_EXECUTE_LE
| FILE_READ_ATTRIBUTES_LE
;
1876 if (test_tree_conn_flag(status
.tree_conn
,
1877 KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
1878 rsp
->MaximalAccess
|= FILE_WRITE_DATA_LE
|
1879 FILE_APPEND_DATA_LE
| FILE_WRITE_EA_LE
|
1880 FILE_DELETE_LE
| FILE_WRITE_ATTRIBUTES_LE
|
1881 FILE_DELETE_CHILD_LE
| FILE_READ_CONTROL_LE
|
1882 FILE_WRITE_DAC_LE
| FILE_WRITE_OWNER_LE
|
1883 FILE_SYNCHRONIZE_LE
;
1887 status
.tree_conn
->maximal_access
= le32_to_cpu(rsp
->MaximalAccess
);
1888 if (conn
->posix_ext_supported
)
1889 status
.tree_conn
->posix_extensions
= true;
1892 rsp
->StructureSize
= cpu_to_le16(16);
1893 rsp
->Capabilities
= 0;
1895 /* default manual caching */
1896 rsp
->ShareFlags
= SMB2_SHAREFLAG_MANUAL_CACHING
;
1897 inc_rfc1001_len(rsp
, 16);
1899 if (!IS_ERR(treename
))
1904 switch (status
.ret
) {
1905 case KSMBD_TREE_CONN_STATUS_OK
:
1906 rsp
->hdr
.Status
= STATUS_SUCCESS
;
1909 case KSMBD_TREE_CONN_STATUS_NO_SHARE
:
1910 rsp
->hdr
.Status
= STATUS_BAD_NETWORK_PATH
;
1913 case KSMBD_TREE_CONN_STATUS_NOMEM
:
1914 rsp
->hdr
.Status
= STATUS_NO_MEMORY
;
1916 case KSMBD_TREE_CONN_STATUS_ERROR
:
1917 case KSMBD_TREE_CONN_STATUS_TOO_MANY_CONNS
:
1918 case KSMBD_TREE_CONN_STATUS_TOO_MANY_SESSIONS
:
1919 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
1922 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1925 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
1932 * smb2_create_open_flags() - convert smb open flags to unix open flags
1933 * @file_present: is file already present
1934 * @access: file access flags
1935 * @disposition: file disposition flags
1936 * @may_flags: set with MAY_ flags
1938 * Return: file open flags
1940 static int smb2_create_open_flags(bool file_present
, __le32 access
,
1944 int oflags
= O_NONBLOCK
| O_LARGEFILE
;
1946 if (access
& FILE_READ_DESIRED_ACCESS_LE
&&
1947 access
& FILE_WRITE_DESIRE_ACCESS_LE
) {
1949 *may_flags
= MAY_OPEN
| MAY_READ
| MAY_WRITE
;
1950 } else if (access
& FILE_WRITE_DESIRE_ACCESS_LE
) {
1952 *may_flags
= MAY_OPEN
| MAY_WRITE
;
1955 *may_flags
= MAY_OPEN
| MAY_READ
;
1958 if (access
== FILE_READ_ATTRIBUTES_LE
)
1962 switch (disposition
& FILE_CREATE_MASK_LE
) {
1964 case FILE_CREATE_LE
:
1966 case FILE_SUPERSEDE_LE
:
1967 case FILE_OVERWRITE_LE
:
1968 case FILE_OVERWRITE_IF_LE
:
1975 switch (disposition
& FILE_CREATE_MASK_LE
) {
1976 case FILE_SUPERSEDE_LE
:
1977 case FILE_CREATE_LE
:
1978 case FILE_OPEN_IF_LE
:
1979 case FILE_OVERWRITE_IF_LE
:
1983 case FILE_OVERWRITE_LE
:
1995 * smb2_tree_disconnect() - handler for smb tree connect request
1996 * @work: smb work containing request buffer
2000 int smb2_tree_disconnect(struct ksmbd_work
*work
)
2002 struct smb2_tree_disconnect_rsp
*rsp
= work
->response_buf
;
2003 struct ksmbd_session
*sess
= work
->sess
;
2004 struct ksmbd_tree_connect
*tcon
= work
->tcon
;
2006 rsp
->StructureSize
= cpu_to_le16(4);
2007 inc_rfc1001_len(rsp
, 4);
2009 ksmbd_debug(SMB
, "request\n");
2012 struct smb2_tree_disconnect_req
*req
= work
->request_buf
;
2014 ksmbd_debug(SMB
, "Invalid tid %d\n", req
->hdr
.Id
.SyncId
.TreeId
);
2015 rsp
->hdr
.Status
= STATUS_NETWORK_NAME_DELETED
;
2016 smb2_set_err_rsp(work
);
2020 ksmbd_close_tree_conn_fds(work
);
2021 ksmbd_tree_conn_disconnect(sess
, tcon
);
2026 * smb2_session_logoff() - handler for session log off request
2027 * @work: smb work containing request buffer
2031 int smb2_session_logoff(struct ksmbd_work
*work
)
2033 struct ksmbd_conn
*conn
= work
->conn
;
2034 struct smb2_logoff_rsp
*rsp
= work
->response_buf
;
2035 struct ksmbd_session
*sess
= work
->sess
;
2037 rsp
->StructureSize
= cpu_to_le16(4);
2038 inc_rfc1001_len(rsp
, 4);
2040 ksmbd_debug(SMB
, "request\n");
2042 /* Got a valid session, set connection state */
2043 WARN_ON(sess
->conn
!= conn
);
2045 /* setting CifsExiting here may race with start_tcp_sess */
2046 ksmbd_conn_set_need_reconnect(work
);
2047 ksmbd_close_session_fds(work
);
2048 ksmbd_conn_wait_idle(conn
);
2050 if (ksmbd_tree_conn_session_logoff(sess
)) {
2051 struct smb2_logoff_req
*req
= work
->request_buf
;
2053 ksmbd_debug(SMB
, "Invalid tid %d\n", req
->hdr
.Id
.SyncId
.TreeId
);
2054 rsp
->hdr
.Status
= STATUS_NETWORK_NAME_DELETED
;
2055 smb2_set_err_rsp(work
);
2059 ksmbd_destroy_file_table(&sess
->file_table
);
2060 sess
->state
= SMB2_SESSION_EXPIRED
;
2062 ksmbd_free_user(sess
->user
);
2065 /* let start_tcp_sess free connection info now */
2066 ksmbd_conn_set_need_negotiate(work
);
2071 * create_smb2_pipe() - create IPC pipe
2072 * @work: smb work containing request buffer
2074 * Return: 0 on success, otherwise error
2076 static noinline
int create_smb2_pipe(struct ksmbd_work
*work
)
2078 struct smb2_create_rsp
*rsp
= work
->response_buf
;
2079 struct smb2_create_req
*req
= work
->request_buf
;
2084 name
= smb_strndup_from_utf16(req
->Buffer
, le16_to_cpu(req
->NameLength
),
2085 1, work
->conn
->local_nls
);
2087 rsp
->hdr
.Status
= STATUS_NO_MEMORY
;
2088 err
= PTR_ERR(name
);
2092 id
= ksmbd_session_rpc_open(work
->sess
, name
);
2094 pr_err("Unable to open RPC pipe: %d\n", id
);
2099 rsp
->hdr
.Status
= STATUS_SUCCESS
;
2100 rsp
->StructureSize
= cpu_to_le16(89);
2101 rsp
->OplockLevel
= SMB2_OPLOCK_LEVEL_NONE
;
2103 rsp
->CreateAction
= cpu_to_le32(FILE_OPENED
);
2105 rsp
->CreationTime
= cpu_to_le64(0);
2106 rsp
->LastAccessTime
= cpu_to_le64(0);
2107 rsp
->ChangeTime
= cpu_to_le64(0);
2108 rsp
->AllocationSize
= cpu_to_le64(0);
2109 rsp
->EndofFile
= cpu_to_le64(0);
2110 rsp
->FileAttributes
= ATTR_NORMAL_LE
;
2112 rsp
->VolatileFileId
= cpu_to_le64(id
);
2113 rsp
->PersistentFileId
= 0;
2114 rsp
->CreateContextsOffset
= 0;
2115 rsp
->CreateContextsLength
= 0;
2117 inc_rfc1001_len(rsp
, 88); /* StructureSize - 1*/
2124 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
2128 rsp
->hdr
.Status
= STATUS_NO_MEMORY
;
2135 smb2_set_err_rsp(work
);
2140 * smb2_set_ea() - handler for setting extended attributes using set
2142 * @eabuf: set info command buffer
2143 * @buf_len: set info command buffer length
2144 * @path: dentry path for get ea
2146 * Return: 0 on success, otherwise error
2148 static int smb2_set_ea(struct smb2_ea_info
*eabuf
, unsigned int buf_len
,
2151 struct user_namespace
*user_ns
= mnt_user_ns(path
->mnt
);
2152 char *attr_name
= NULL
, *value
;
2154 unsigned int next
= 0;
2156 if (buf_len
< sizeof(struct smb2_ea_info
) + eabuf
->EaNameLength
+
2157 le16_to_cpu(eabuf
->EaValueLength
))
2160 attr_name
= kmalloc(XATTR_NAME_MAX
+ 1, GFP_KERNEL
);
2165 if (!eabuf
->EaNameLength
)
2169 "name : <%s>, name_len : %u, value_len : %u, next : %u\n",
2170 eabuf
->name
, eabuf
->EaNameLength
,
2171 le16_to_cpu(eabuf
->EaValueLength
),
2172 le32_to_cpu(eabuf
->NextEntryOffset
));
2174 if (eabuf
->EaNameLength
>
2175 (XATTR_NAME_MAX
- XATTR_USER_PREFIX_LEN
)) {
2180 memcpy(attr_name
, XATTR_USER_PREFIX
, XATTR_USER_PREFIX_LEN
);
2181 memcpy(&attr_name
[XATTR_USER_PREFIX_LEN
], eabuf
->name
,
2182 eabuf
->EaNameLength
);
2183 attr_name
[XATTR_USER_PREFIX_LEN
+ eabuf
->EaNameLength
] = '\0';
2184 value
= (char *)&eabuf
->name
+ eabuf
->EaNameLength
+ 1;
2186 if (!eabuf
->EaValueLength
) {
2187 rc
= ksmbd_vfs_casexattr_len(user_ns
,
2190 XATTR_USER_PREFIX_LEN
+
2191 eabuf
->EaNameLength
);
2193 /* delete the EA only when it exits */
2195 rc
= ksmbd_vfs_remove_xattr(user_ns
,
2201 "remove xattr failed(%d)\n",
2207 /* if the EA doesn't exist, just do nothing. */
2210 rc
= ksmbd_vfs_setxattr(user_ns
,
2211 path
->dentry
, attr_name
, value
,
2212 le16_to_cpu(eabuf
->EaValueLength
), 0);
2215 "ksmbd_vfs_setxattr is failed(%d)\n",
2222 next
= le32_to_cpu(eabuf
->NextEntryOffset
);
2223 if (next
== 0 || buf_len
< next
)
2226 eabuf
= (struct smb2_ea_info
*)((char *)eabuf
+ next
);
2227 if (next
< (u32
)eabuf
->EaNameLength
+ le16_to_cpu(eabuf
->EaValueLength
))
2230 } while (next
!= 0);
2236 static noinline
int smb2_set_stream_name_xattr(struct path
*path
,
2237 struct ksmbd_file
*fp
,
2238 char *stream_name
, int s_type
)
2240 struct user_namespace
*user_ns
= mnt_user_ns(path
->mnt
);
2241 size_t xattr_stream_size
;
2242 char *xattr_stream_name
;
2245 rc
= ksmbd_vfs_xattr_stream_name(stream_name
,
2252 fp
->stream
.name
= xattr_stream_name
;
2253 fp
->stream
.size
= xattr_stream_size
;
2255 /* Check if there is stream prefix in xattr space */
2256 rc
= ksmbd_vfs_casexattr_len(user_ns
,
2263 if (fp
->cdoption
== FILE_OPEN_LE
) {
2264 ksmbd_debug(SMB
, "XATTR stream name lookup failed: %d\n", rc
);
2268 rc
= ksmbd_vfs_setxattr(user_ns
, path
->dentry
,
2269 xattr_stream_name
, NULL
, 0, 0);
2271 pr_err("Failed to store XATTR stream name :%d\n", rc
);
2275 static int smb2_remove_smb_xattrs(struct path
*path
)
2277 struct user_namespace
*user_ns
= mnt_user_ns(path
->mnt
);
2278 char *name
, *xattr_list
= NULL
;
2279 ssize_t xattr_list_len
;
2282 xattr_list_len
= ksmbd_vfs_listxattr(path
->dentry
, &xattr_list
);
2283 if (xattr_list_len
< 0) {
2285 } else if (!xattr_list_len
) {
2286 ksmbd_debug(SMB
, "empty xattr in the file\n");
2290 for (name
= xattr_list
; name
- xattr_list
< xattr_list_len
;
2291 name
+= strlen(name
) + 1) {
2292 ksmbd_debug(SMB
, "%s, len %zd\n", name
, strlen(name
));
2294 if (strncmp(name
, XATTR_USER_PREFIX
, XATTR_USER_PREFIX_LEN
) &&
2295 strncmp(&name
[XATTR_USER_PREFIX_LEN
], DOS_ATTRIBUTE_PREFIX
,
2296 DOS_ATTRIBUTE_PREFIX_LEN
) &&
2297 strncmp(&name
[XATTR_USER_PREFIX_LEN
], STREAM_PREFIX
, STREAM_PREFIX_LEN
))
2300 err
= ksmbd_vfs_remove_xattr(user_ns
, path
->dentry
, name
);
2302 ksmbd_debug(SMB
, "remove xattr failed : %s\n", name
);
2309 static int smb2_create_truncate(struct path
*path
)
2311 int rc
= vfs_truncate(path
, 0);
2314 pr_err("vfs_truncate failed, rc %d\n", rc
);
2318 rc
= smb2_remove_smb_xattrs(path
);
2319 if (rc
== -EOPNOTSUPP
)
2323 "ksmbd_truncate_stream_name_xattr failed, rc %d\n",
2328 static void smb2_new_xattrs(struct ksmbd_tree_connect
*tcon
, struct path
*path
,
2329 struct ksmbd_file
*fp
)
2331 struct xattr_dos_attrib da
= {0};
2334 if (!test_share_config_flag(tcon
->share_conf
,
2335 KSMBD_SHARE_FLAG_STORE_DOS_ATTRS
))
2339 da
.attr
= le32_to_cpu(fp
->f_ci
->m_fattr
);
2340 da
.itime
= da
.create_time
= fp
->create_time
;
2341 da
.flags
= XATTR_DOSINFO_ATTRIB
| XATTR_DOSINFO_CREATE_TIME
|
2342 XATTR_DOSINFO_ITIME
;
2344 rc
= ksmbd_vfs_set_dos_attrib_xattr(mnt_user_ns(path
->mnt
),
2347 ksmbd_debug(SMB
, "failed to store file attribute into xattr\n");
2350 static void smb2_update_xattrs(struct ksmbd_tree_connect
*tcon
,
2351 struct path
*path
, struct ksmbd_file
*fp
)
2353 struct xattr_dos_attrib da
;
2356 fp
->f_ci
->m_fattr
&= ~(ATTR_HIDDEN_LE
| ATTR_SYSTEM_LE
);
2358 /* get FileAttributes from XATTR_NAME_DOS_ATTRIBUTE */
2359 if (!test_share_config_flag(tcon
->share_conf
,
2360 KSMBD_SHARE_FLAG_STORE_DOS_ATTRS
))
2363 rc
= ksmbd_vfs_get_dos_attrib_xattr(mnt_user_ns(path
->mnt
),
2366 fp
->f_ci
->m_fattr
= cpu_to_le32(da
.attr
);
2367 fp
->create_time
= da
.create_time
;
2368 fp
->itime
= da
.itime
;
2372 static int smb2_creat(struct ksmbd_work
*work
, struct path
*path
, char *name
,
2373 int open_flags
, umode_t posix_mode
, bool is_dir
)
2375 struct ksmbd_tree_connect
*tcon
= work
->tcon
;
2376 struct ksmbd_share_config
*share
= tcon
->share_conf
;
2380 if (!(open_flags
& O_CREAT
))
2383 ksmbd_debug(SMB
, "file does not exist, so creating\n");
2384 if (is_dir
== true) {
2385 ksmbd_debug(SMB
, "creating directory\n");
2387 mode
= share_config_directory_mode(share
, posix_mode
);
2388 rc
= ksmbd_vfs_mkdir(work
, name
, mode
);
2392 ksmbd_debug(SMB
, "creating regular file\n");
2394 mode
= share_config_create_mode(share
, posix_mode
);
2395 rc
= ksmbd_vfs_create(work
, name
, mode
);
2400 rc
= ksmbd_vfs_kern_path(work
, name
, 0, path
, 0);
2402 pr_err("cannot get linux path (%s), err = %d\n",
2409 static int smb2_create_sd_buffer(struct ksmbd_work
*work
,
2410 struct smb2_create_req
*req
,
2413 struct create_context
*context
;
2414 struct create_sd_buf_req
*sd_buf
;
2416 if (!req
->CreateContextsOffset
)
2419 /* Parse SD BUFFER create contexts */
2420 context
= smb2_find_context_vals(req
, SMB2_CREATE_SD_BUFFER
);
2423 else if (IS_ERR(context
))
2424 return PTR_ERR(context
);
2427 "Set ACLs using SMB2_CREATE_SD_BUFFER context\n");
2428 sd_buf
= (struct create_sd_buf_req
*)context
;
2429 if (le16_to_cpu(context
->DataOffset
) +
2430 le32_to_cpu(context
->DataLength
) <
2431 sizeof(struct create_sd_buf_req
))
2433 return set_info_sec(work
->conn
, work
->tcon
, path
, &sd_buf
->ntsd
,
2434 le32_to_cpu(sd_buf
->ccontext
.DataLength
), true);
2437 static void ksmbd_acls_fattr(struct smb_fattr
*fattr
,
2438 struct user_namespace
*mnt_userns
,
2439 struct inode
*inode
)
2441 fattr
->cf_uid
= i_uid_into_mnt(mnt_userns
, inode
);
2442 fattr
->cf_gid
= i_gid_into_mnt(mnt_userns
, inode
);
2443 fattr
->cf_mode
= inode
->i_mode
;
2444 fattr
->cf_acls
= NULL
;
2445 fattr
->cf_dacls
= NULL
;
2447 if (IS_ENABLED(CONFIG_FS_POSIX_ACL
)) {
2448 fattr
->cf_acls
= get_acl(inode
, ACL_TYPE_ACCESS
);
2449 if (S_ISDIR(inode
->i_mode
))
2450 fattr
->cf_dacls
= get_acl(inode
, ACL_TYPE_DEFAULT
);
2455 * smb2_open() - handler for smb file open request
2456 * @work: smb work containing request buffer
2458 * Return: 0 on success, otherwise error
2460 int smb2_open(struct ksmbd_work
*work
)
2462 struct ksmbd_conn
*conn
= work
->conn
;
2463 struct ksmbd_session
*sess
= work
->sess
;
2464 struct ksmbd_tree_connect
*tcon
= work
->tcon
;
2465 struct smb2_create_req
*req
;
2466 struct smb2_create_rsp
*rsp
, *rsp_org
;
2468 struct ksmbd_share_config
*share
= tcon
->share_conf
;
2469 struct ksmbd_file
*fp
= NULL
;
2470 struct file
*filp
= NULL
;
2471 struct user_namespace
*user_ns
= NULL
;
2473 struct create_context
*context
;
2474 struct lease_ctx_info
*lc
= NULL
;
2475 struct create_ea_buf_req
*ea_buf
= NULL
;
2476 struct oplock_info
*opinfo
;
2477 __le32
*next_ptr
= NULL
;
2478 int req_op_level
= 0, open_flags
= 0, may_flags
= 0, file_info
= 0;
2480 int contxt_cnt
= 0, query_disk_id
= 0;
2481 int maximal_access_ctxt
= 0, posix_ctxt
= 0;
2485 char *stream_name
= NULL
;
2486 bool file_present
= false, created
= false, already_permitted
= false;
2487 int share_ret
, need_truncate
= 0;
2489 umode_t posix_mode
= 0;
2490 __le32 daccess
, maximal_access
= 0;
2492 rsp_org
= work
->response_buf
;
2493 WORK_BUFFERS(work
, req
, rsp
);
2495 if (req
->hdr
.NextCommand
&& !work
->next_smb2_rcv_hdr_off
&&
2496 (req
->hdr
.Flags
& SMB2_FLAGS_RELATED_OPERATIONS
)) {
2497 ksmbd_debug(SMB
, "invalid flag in chained command\n");
2498 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
2499 smb2_set_err_rsp(work
);
2503 if (test_share_config_flag(share
, KSMBD_SHARE_FLAG_PIPE
)) {
2504 ksmbd_debug(SMB
, "IPC pipe create request\n");
2505 return create_smb2_pipe(work
);
2508 if (req
->NameLength
) {
2509 if ((req
->CreateOptions
& FILE_DIRECTORY_FILE_LE
) &&
2510 *(char *)req
->Buffer
== '\\') {
2511 pr_err("not allow directory name included leading slash\n");
2516 name
= smb2_get_name(share
,
2518 le16_to_cpu(req
->NameLength
),
2519 work
->conn
->local_nls
);
2528 ksmbd_debug(SMB
, "converted name = %s\n", name
);
2529 if (strchr(name
, ':')) {
2530 if (!test_share_config_flag(work
->tcon
->share_conf
,
2531 KSMBD_SHARE_FLAG_STREAMS
)) {
2535 rc
= parse_stream_name(name
, &stream_name
, &s_type
);
2540 rc
= ksmbd_validate_filename(name
);
2544 if (ksmbd_share_veto_filename(share
, name
)) {
2546 ksmbd_debug(SMB
, "Reject open(), vetoed file: %s\n",
2551 name
= kstrdup("", GFP_KERNEL
);
2558 req_op_level
= req
->RequestedOplockLevel
;
2559 if (req_op_level
== SMB2_OPLOCK_LEVEL_LEASE
)
2560 lc
= parse_lease_state(req
);
2562 if (le32_to_cpu(req
->ImpersonationLevel
) > le32_to_cpu(IL_DELEGATE_LE
)) {
2563 pr_err("Invalid impersonationlevel : 0x%x\n",
2564 le32_to_cpu(req
->ImpersonationLevel
));
2566 rsp
->hdr
.Status
= STATUS_BAD_IMPERSONATION_LEVEL
;
2570 if (req
->CreateOptions
&& !(req
->CreateOptions
& CREATE_OPTIONS_MASK
)) {
2571 pr_err("Invalid create options : 0x%x\n",
2572 le32_to_cpu(req
->CreateOptions
));
2576 if (req
->CreateOptions
& FILE_SEQUENTIAL_ONLY_LE
&&
2577 req
->CreateOptions
& FILE_RANDOM_ACCESS_LE
)
2578 req
->CreateOptions
= ~(FILE_SEQUENTIAL_ONLY_LE
);
2580 if (req
->CreateOptions
&
2581 (FILE_OPEN_BY_FILE_ID_LE
| CREATE_TREE_CONNECTION
|
2582 FILE_RESERVE_OPFILTER_LE
)) {
2587 if (req
->CreateOptions
& FILE_DIRECTORY_FILE_LE
) {
2588 if (req
->CreateOptions
& FILE_NON_DIRECTORY_FILE_LE
) {
2591 } else if (req
->CreateOptions
& FILE_NO_COMPRESSION_LE
) {
2592 req
->CreateOptions
= ~(FILE_NO_COMPRESSION_LE
);
2597 if (le32_to_cpu(req
->CreateDisposition
) >
2598 le32_to_cpu(FILE_OVERWRITE_IF_LE
)) {
2599 pr_err("Invalid create disposition : 0x%x\n",
2600 le32_to_cpu(req
->CreateDisposition
));
2605 if (!(req
->DesiredAccess
& DESIRED_ACCESS_MASK
)) {
2606 pr_err("Invalid desired access : 0x%x\n",
2607 le32_to_cpu(req
->DesiredAccess
));
2612 if (req
->FileAttributes
&& !(req
->FileAttributes
& ATTR_MASK_LE
)) {
2613 pr_err("Invalid file attribute : 0x%x\n",
2614 le32_to_cpu(req
->FileAttributes
));
2619 if (req
->CreateContextsOffset
) {
2620 /* Parse non-durable handle create contexts */
2621 context
= smb2_find_context_vals(req
, SMB2_CREATE_EA_BUFFER
);
2622 if (IS_ERR(context
)) {
2623 rc
= PTR_ERR(context
);
2625 } else if (context
) {
2626 ea_buf
= (struct create_ea_buf_req
*)context
;
2627 if (le16_to_cpu(context
->DataOffset
) +
2628 le32_to_cpu(context
->DataLength
) <
2629 sizeof(struct create_ea_buf_req
)) {
2633 if (req
->CreateOptions
& FILE_NO_EA_KNOWLEDGE_LE
) {
2634 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
2640 context
= smb2_find_context_vals(req
,
2641 SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST
);
2642 if (IS_ERR(context
)) {
2643 rc
= PTR_ERR(context
);
2645 } else if (context
) {
2647 "get query maximal access context\n");
2648 maximal_access_ctxt
= 1;
2651 context
= smb2_find_context_vals(req
,
2652 SMB2_CREATE_TIMEWARP_REQUEST
);
2653 if (IS_ERR(context
)) {
2654 rc
= PTR_ERR(context
);
2656 } else if (context
) {
2657 ksmbd_debug(SMB
, "get timewarp context\n");
2662 if (tcon
->posix_extensions
) {
2663 context
= smb2_find_context_vals(req
,
2664 SMB2_CREATE_TAG_POSIX
);
2665 if (IS_ERR(context
)) {
2666 rc
= PTR_ERR(context
);
2668 } else if (context
) {
2669 struct create_posix
*posix
=
2670 (struct create_posix
*)context
;
2671 if (le16_to_cpu(context
->DataOffset
) +
2672 le32_to_cpu(context
->DataLength
) <
2673 sizeof(struct create_posix
)) {
2677 ksmbd_debug(SMB
, "get posix context\n");
2679 posix_mode
= le32_to_cpu(posix
->Mode
);
2685 if (ksmbd_override_fsids(work
)) {
2690 rc
= ksmbd_vfs_kern_path(work
, name
, LOOKUP_NO_SYMLINKS
, &path
, 1);
2692 if (req
->CreateOptions
& FILE_DELETE_ON_CLOSE_LE
) {
2694 * If file exists with under flags, return access
2697 if (req
->CreateDisposition
== FILE_OVERWRITE_IF_LE
||
2698 req
->CreateDisposition
== FILE_OPEN_IF_LE
) {
2704 if (!test_tree_conn_flag(tcon
, KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
2706 "User does not have write permission\n");
2711 } else if (d_is_symlink(path
.dentry
)) {
2721 ksmbd_debug(SMB
, "can not get linux path for %s, rc = %d\n",
2725 file_present
= true;
2726 user_ns
= mnt_user_ns(path
.mnt
);
2727 generic_fillattr(user_ns
, d_inode(path
.dentry
), &stat
);
2730 if (req
->CreateOptions
& FILE_DIRECTORY_FILE_LE
) {
2731 if (s_type
== DATA_STREAM
) {
2733 rsp
->hdr
.Status
= STATUS_NOT_A_DIRECTORY
;
2736 if (S_ISDIR(stat
.mode
) && s_type
== DATA_STREAM
) {
2738 rsp
->hdr
.Status
= STATUS_FILE_IS_A_DIRECTORY
;
2742 if (req
->CreateOptions
& FILE_DIRECTORY_FILE_LE
&&
2743 req
->FileAttributes
& ATTR_NORMAL_LE
) {
2744 rsp
->hdr
.Status
= STATUS_NOT_A_DIRECTORY
;
2752 if (file_present
&& req
->CreateOptions
& FILE_NON_DIRECTORY_FILE_LE
&&
2753 S_ISDIR(stat
.mode
) && !(req
->CreateOptions
& FILE_DELETE_ON_CLOSE_LE
)) {
2754 ksmbd_debug(SMB
, "open() argument is a directory: %s, %x\n",
2755 name
, req
->CreateOptions
);
2756 rsp
->hdr
.Status
= STATUS_FILE_IS_A_DIRECTORY
;
2761 if (file_present
&& (req
->CreateOptions
& FILE_DIRECTORY_FILE_LE
) &&
2762 !(req
->CreateDisposition
== FILE_CREATE_LE
) &&
2763 !S_ISDIR(stat
.mode
)) {
2764 rsp
->hdr
.Status
= STATUS_NOT_A_DIRECTORY
;
2769 if (!stream_name
&& file_present
&&
2770 req
->CreateDisposition
== FILE_CREATE_LE
) {
2775 daccess
= smb_map_generic_desired_access(req
->DesiredAccess
);
2777 if (file_present
&& !(req
->CreateOptions
& FILE_DELETE_ON_CLOSE_LE
)) {
2778 rc
= smb_check_perm_dacl(conn
, &path
, &daccess
,
2784 if (daccess
& FILE_MAXIMAL_ACCESS_LE
) {
2785 if (!file_present
) {
2786 daccess
= cpu_to_le32(GENERIC_ALL_FLAGS
);
2788 rc
= ksmbd_vfs_query_maximal_access(user_ns
,
2793 already_permitted
= true;
2795 maximal_access
= daccess
;
2798 open_flags
= smb2_create_open_flags(file_present
, daccess
,
2799 req
->CreateDisposition
,
2802 if (!test_tree_conn_flag(tcon
, KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
2803 if (open_flags
& O_CREAT
) {
2805 "User does not have write permission\n");
2811 /*create file if not present */
2812 if (!file_present
) {
2813 rc
= smb2_creat(work
, &path
, name
, open_flags
, posix_mode
,
2814 req
->CreateOptions
& FILE_DIRECTORY_FILE_LE
);
2816 if (rc
== -ENOENT
) {
2818 rsp
->hdr
.Status
= STATUS_OBJECT_PATH_NOT_FOUND
;
2824 user_ns
= mnt_user_ns(path
.mnt
);
2826 if (le32_to_cpu(ea_buf
->ccontext
.DataLength
) <
2827 sizeof(struct smb2_ea_info
)) {
2832 rc
= smb2_set_ea(&ea_buf
->ea
,
2833 le32_to_cpu(ea_buf
->ccontext
.DataLength
),
2835 if (rc
== -EOPNOTSUPP
)
2840 } else if (!already_permitted
) {
2841 /* FILE_READ_ATTRIBUTE is allowed without inode_permission,
2842 * because execute(search) permission on a parent directory,
2843 * is already granted.
2845 if (daccess
& ~(FILE_READ_ATTRIBUTES_LE
| FILE_READ_CONTROL_LE
)) {
2846 rc
= inode_permission(user_ns
,
2847 d_inode(path
.dentry
),
2852 if ((daccess
& FILE_DELETE_LE
) ||
2853 (req
->CreateOptions
& FILE_DELETE_ON_CLOSE_LE
)) {
2854 rc
= ksmbd_vfs_may_delete(user_ns
,
2862 rc
= ksmbd_query_inode_status(d_inode(path
.dentry
->d_parent
));
2863 if (rc
== KSMBD_INODE_STATUS_PENDING_DELETE
) {
2869 filp
= dentry_open(&path
, open_flags
, current_cred());
2872 pr_err("dentry open for dir failed, rc %d\n", rc
);
2877 if (!(open_flags
& O_TRUNC
))
2878 file_info
= FILE_OPENED
;
2880 file_info
= FILE_OVERWRITTEN
;
2882 if ((req
->CreateDisposition
& FILE_CREATE_MASK_LE
) ==
2884 file_info
= FILE_SUPERSEDED
;
2885 } else if (open_flags
& O_CREAT
) {
2886 file_info
= FILE_CREATED
;
2889 ksmbd_vfs_set_fadvise(filp
, req
->CreateOptions
);
2891 /* Obtain Volatile-ID */
2892 fp
= ksmbd_open_fd(work
, filp
);
2900 /* Get Persistent-ID */
2901 ksmbd_open_durable_fd(fp
);
2902 if (!has_file_id(fp
->persistent_id
)) {
2907 fp
->filename
= name
;
2908 fp
->cdoption
= req
->CreateDisposition
;
2909 fp
->daccess
= daccess
;
2910 fp
->saccess
= req
->ShareAccess
;
2911 fp
->coption
= req
->CreateOptions
;
2913 /* Set default windows and posix acls if creating new file */
2916 struct inode
*inode
= d_inode(path
.dentry
);
2918 posix_acl_rc
= ksmbd_vfs_inherit_posix_acl(user_ns
,
2920 d_inode(path
.dentry
->d_parent
));
2922 ksmbd_debug(SMB
, "inherit posix acl failed : %d\n", posix_acl_rc
);
2924 if (test_share_config_flag(work
->tcon
->share_conf
,
2925 KSMBD_SHARE_FLAG_ACL_XATTR
)) {
2926 rc
= smb_inherit_dacl(conn
, &path
, sess
->user
->uid
,
2931 rc
= smb2_create_sd_buffer(work
, req
, &path
);
2934 ksmbd_vfs_set_init_posix_acl(user_ns
,
2937 if (test_share_config_flag(work
->tcon
->share_conf
,
2938 KSMBD_SHARE_FLAG_ACL_XATTR
)) {
2939 struct smb_fattr fattr
;
2940 struct smb_ntsd
*pntsd
;
2941 int pntsd_size
, ace_num
= 0;
2943 ksmbd_acls_fattr(&fattr
, user_ns
, inode
);
2945 ace_num
= fattr
.cf_acls
->a_count
;
2947 ace_num
+= fattr
.cf_dacls
->a_count
;
2949 pntsd
= kmalloc(sizeof(struct smb_ntsd
) +
2950 sizeof(struct smb_sid
) * 3 +
2951 sizeof(struct smb_acl
) +
2952 sizeof(struct smb_ace
) * ace_num
* 2,
2957 rc
= build_sec_desc(user_ns
,
2962 &pntsd_size
, &fattr
);
2963 posix_acl_release(fattr
.cf_acls
);
2964 posix_acl_release(fattr
.cf_dacls
);
2966 rc
= ksmbd_vfs_set_sd_xattr(conn
,
2973 pr_err("failed to store ntacl in xattr : %d\n",
2982 rc
= smb2_set_stream_name_xattr(&path
,
2988 file_info
= FILE_CREATED
;
2991 fp
->attrib_only
= !(req
->DesiredAccess
& ~(FILE_READ_ATTRIBUTES_LE
|
2992 FILE_WRITE_ATTRIBUTES_LE
| FILE_SYNCHRONIZE_LE
));
2993 if (!S_ISDIR(file_inode(filp
)->i_mode
) && open_flags
& O_TRUNC
&&
2994 !fp
->attrib_only
&& !stream_name
) {
2995 smb_break_all_oplock(work
, fp
);
2999 /* fp should be searchable through ksmbd_inode.m_fp_list
3000 * after daccess, saccess, attrib_only, and stream are
3003 write_lock(&fp
->f_ci
->m_lock
);
3004 list_add(&fp
->node
, &fp
->f_ci
->m_fp_list
);
3005 write_unlock(&fp
->f_ci
->m_lock
);
3007 rc
= ksmbd_vfs_getattr(&path
, &stat
);
3009 generic_fillattr(user_ns
, d_inode(path
.dentry
), &stat
);
3013 /* Check delete pending among previous fp before oplock break */
3014 if (ksmbd_inode_pending_delete(fp
)) {
3019 share_ret
= ksmbd_smb_check_shared_mode(fp
->filp
, fp
);
3020 if (!test_share_config_flag(work
->tcon
->share_conf
, KSMBD_SHARE_FLAG_OPLOCKS
) ||
3021 (req_op_level
== SMB2_OPLOCK_LEVEL_LEASE
&&
3022 !(conn
->vals
->capabilities
& SMB2_GLOBAL_CAP_LEASING
))) {
3023 if (share_ret
< 0 && !S_ISDIR(file_inode(fp
->filp
)->i_mode
)) {
3028 if (req_op_level
== SMB2_OPLOCK_LEVEL_LEASE
) {
3029 req_op_level
= smb2_map_lease_to_oplock(lc
->req_state
);
3031 "lease req for(%s) req oplock state 0x%x, lease state 0x%x\n",
3032 name
, req_op_level
, lc
->req_state
);
3033 rc
= find_same_lease_key(sess
, fp
->f_ci
, lc
);
3036 } else if (open_flags
== O_RDONLY
&&
3037 (req_op_level
== SMB2_OPLOCK_LEVEL_BATCH
||
3038 req_op_level
== SMB2_OPLOCK_LEVEL_EXCLUSIVE
))
3039 req_op_level
= SMB2_OPLOCK_LEVEL_II
;
3041 rc
= smb_grant_oplock(work
, req_op_level
,
3042 fp
->persistent_id
, fp
,
3043 le32_to_cpu(req
->hdr
.Id
.SyncId
.TreeId
),
3049 if (req
->CreateOptions
& FILE_DELETE_ON_CLOSE_LE
)
3050 ksmbd_fd_set_delete_on_close(fp
, file_info
);
3052 if (need_truncate
) {
3053 rc
= smb2_create_truncate(&path
);
3058 if (req
->CreateContextsOffset
) {
3059 struct create_alloc_size_req
*az_req
;
3061 az_req
= (struct create_alloc_size_req
*)smb2_find_context_vals(req
,
3062 SMB2_CREATE_ALLOCATION_SIZE
);
3063 if (IS_ERR(az_req
)) {
3064 rc
= PTR_ERR(az_req
);
3066 } else if (az_req
) {
3070 if (le16_to_cpu(az_req
->ccontext
.DataOffset
) +
3071 le32_to_cpu(az_req
->ccontext
.DataLength
) <
3072 sizeof(struct create_alloc_size_req
)) {
3076 alloc_size
= le64_to_cpu(az_req
->AllocationSize
);
3078 "request smb2 create allocate size : %llu\n",
3080 smb_break_all_levII_oplock(work
, fp
, 1);
3081 err
= vfs_fallocate(fp
->filp
, FALLOC_FL_KEEP_SIZE
, 0,
3085 "vfs_fallocate is failed : %d\n",
3089 context
= smb2_find_context_vals(req
, SMB2_CREATE_QUERY_ON_DISK_ID
);
3090 if (IS_ERR(context
)) {
3091 rc
= PTR_ERR(context
);
3093 } else if (context
) {
3094 ksmbd_debug(SMB
, "get query on disk id context\n");
3099 if (stat
.result_mask
& STATX_BTIME
)
3100 fp
->create_time
= ksmbd_UnixTimeToNT(stat
.btime
);
3102 fp
->create_time
= ksmbd_UnixTimeToNT(stat
.ctime
);
3103 if (req
->FileAttributes
|| fp
->f_ci
->m_fattr
== 0)
3105 cpu_to_le32(smb2_get_dos_mode(&stat
, le32_to_cpu(req
->FileAttributes
)));
3108 smb2_update_xattrs(tcon
, &path
, fp
);
3110 smb2_new_xattrs(tcon
, &path
, fp
);
3112 memcpy(fp
->client_guid
, conn
->ClientGUID
, SMB2_CLIENT_GUID_SIZE
);
3114 generic_fillattr(user_ns
, file_inode(fp
->filp
),
3117 rsp
->StructureSize
= cpu_to_le16(89);
3119 opinfo
= rcu_dereference(fp
->f_opinfo
);
3120 rsp
->OplockLevel
= opinfo
!= NULL
? opinfo
->level
: 0;
3123 rsp
->CreateAction
= cpu_to_le32(file_info
);
3124 rsp
->CreationTime
= cpu_to_le64(fp
->create_time
);
3125 time
= ksmbd_UnixTimeToNT(stat
.atime
);
3126 rsp
->LastAccessTime
= cpu_to_le64(time
);
3127 time
= ksmbd_UnixTimeToNT(stat
.mtime
);
3128 rsp
->LastWriteTime
= cpu_to_le64(time
);
3129 time
= ksmbd_UnixTimeToNT(stat
.ctime
);
3130 rsp
->ChangeTime
= cpu_to_le64(time
);
3131 rsp
->AllocationSize
= S_ISDIR(stat
.mode
) ? 0 :
3132 cpu_to_le64(stat
.blocks
<< 9);
3133 rsp
->EndofFile
= S_ISDIR(stat
.mode
) ? 0 : cpu_to_le64(stat
.size
);
3134 rsp
->FileAttributes
= fp
->f_ci
->m_fattr
;
3138 rsp
->PersistentFileId
= cpu_to_le64(fp
->persistent_id
);
3139 rsp
->VolatileFileId
= cpu_to_le64(fp
->volatile_id
);
3141 rsp
->CreateContextsOffset
= 0;
3142 rsp
->CreateContextsLength
= 0;
3143 inc_rfc1001_len(rsp_org
, 88); /* StructureSize - 1*/
3145 /* If lease is request send lease context response */
3146 if (opinfo
&& opinfo
->is_lease
) {
3147 struct create_context
*lease_ccontext
;
3149 ksmbd_debug(SMB
, "lease granted on(%s) lease state 0x%x\n",
3150 name
, opinfo
->o_lease
->state
);
3151 rsp
->OplockLevel
= SMB2_OPLOCK_LEVEL_LEASE
;
3153 lease_ccontext
= (struct create_context
*)rsp
->Buffer
;
3155 create_lease_buf(rsp
->Buffer
, opinfo
->o_lease
);
3156 le32_add_cpu(&rsp
->CreateContextsLength
,
3157 conn
->vals
->create_lease_size
);
3158 inc_rfc1001_len(rsp_org
, conn
->vals
->create_lease_size
);
3159 next_ptr
= &lease_ccontext
->Next
;
3160 next_off
= conn
->vals
->create_lease_size
;
3163 if (maximal_access_ctxt
) {
3164 struct create_context
*mxac_ccontext
;
3166 if (maximal_access
== 0)
3167 ksmbd_vfs_query_maximal_access(user_ns
,
3170 mxac_ccontext
= (struct create_context
*)(rsp
->Buffer
+
3171 le32_to_cpu(rsp
->CreateContextsLength
));
3173 create_mxac_rsp_buf(rsp
->Buffer
+
3174 le32_to_cpu(rsp
->CreateContextsLength
),
3175 le32_to_cpu(maximal_access
));
3176 le32_add_cpu(&rsp
->CreateContextsLength
,
3177 conn
->vals
->create_mxac_size
);
3178 inc_rfc1001_len(rsp_org
, conn
->vals
->create_mxac_size
);
3180 *next_ptr
= cpu_to_le32(next_off
);
3181 next_ptr
= &mxac_ccontext
->Next
;
3182 next_off
= conn
->vals
->create_mxac_size
;
3185 if (query_disk_id
) {
3186 struct create_context
*disk_id_ccontext
;
3188 disk_id_ccontext
= (struct create_context
*)(rsp
->Buffer
+
3189 le32_to_cpu(rsp
->CreateContextsLength
));
3191 create_disk_id_rsp_buf(rsp
->Buffer
+
3192 le32_to_cpu(rsp
->CreateContextsLength
),
3193 stat
.ino
, tcon
->id
);
3194 le32_add_cpu(&rsp
->CreateContextsLength
,
3195 conn
->vals
->create_disk_id_size
);
3196 inc_rfc1001_len(rsp_org
, conn
->vals
->create_disk_id_size
);
3198 *next_ptr
= cpu_to_le32(next_off
);
3199 next_ptr
= &disk_id_ccontext
->Next
;
3200 next_off
= conn
->vals
->create_disk_id_size
;
3205 create_posix_rsp_buf(rsp
->Buffer
+
3206 le32_to_cpu(rsp
->CreateContextsLength
),
3208 le32_add_cpu(&rsp
->CreateContextsLength
,
3209 conn
->vals
->create_posix_size
);
3210 inc_rfc1001_len(rsp_org
, conn
->vals
->create_posix_size
);
3212 *next_ptr
= cpu_to_le32(next_off
);
3215 if (contxt_cnt
> 0) {
3216 rsp
->CreateContextsOffset
=
3217 cpu_to_le32(offsetof(struct smb2_create_rsp
, Buffer
)
3222 if (file_present
|| created
)
3224 ksmbd_revert_fsids(work
);
3228 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
3229 else if (rc
== -EOPNOTSUPP
)
3230 rsp
->hdr
.Status
= STATUS_NOT_SUPPORTED
;
3231 else if (rc
== -EACCES
|| rc
== -ESTALE
|| rc
== -EXDEV
)
3232 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
3233 else if (rc
== -ENOENT
)
3234 rsp
->hdr
.Status
= STATUS_OBJECT_NAME_INVALID
;
3235 else if (rc
== -EPERM
)
3236 rsp
->hdr
.Status
= STATUS_SHARING_VIOLATION
;
3237 else if (rc
== -EBUSY
)
3238 rsp
->hdr
.Status
= STATUS_DELETE_PENDING
;
3239 else if (rc
== -EBADF
)
3240 rsp
->hdr
.Status
= STATUS_OBJECT_NAME_NOT_FOUND
;
3241 else if (rc
== -ENOEXEC
)
3242 rsp
->hdr
.Status
= STATUS_DUPLICATE_OBJECTID
;
3243 else if (rc
== -ENXIO
)
3244 rsp
->hdr
.Status
= STATUS_NO_SUCH_DEVICE
;
3245 else if (rc
== -EEXIST
)
3246 rsp
->hdr
.Status
= STATUS_OBJECT_NAME_COLLISION
;
3247 else if (rc
== -EMFILE
)
3248 rsp
->hdr
.Status
= STATUS_INSUFFICIENT_RESOURCES
;
3249 if (!rsp
->hdr
.Status
)
3250 rsp
->hdr
.Status
= STATUS_UNEXPECTED_IO_ERROR
;
3252 if (!fp
|| !fp
->filename
)
3255 ksmbd_fd_put(work
, fp
);
3256 smb2_set_err_rsp(work
);
3257 ksmbd_debug(SMB
, "Error response: %x\n", rsp
->hdr
.Status
);
3265 static int readdir_info_level_struct_sz(int info_level
)
3267 switch (info_level
) {
3268 case FILE_FULL_DIRECTORY_INFORMATION
:
3269 return sizeof(struct file_full_directory_info
);
3270 case FILE_BOTH_DIRECTORY_INFORMATION
:
3271 return sizeof(struct file_both_directory_info
);
3272 case FILE_DIRECTORY_INFORMATION
:
3273 return sizeof(struct file_directory_info
);
3274 case FILE_NAMES_INFORMATION
:
3275 return sizeof(struct file_names_info
);
3276 case FILEID_FULL_DIRECTORY_INFORMATION
:
3277 return sizeof(struct file_id_full_dir_info
);
3278 case FILEID_BOTH_DIRECTORY_INFORMATION
:
3279 return sizeof(struct file_id_both_directory_info
);
3280 case SMB_FIND_FILE_POSIX_INFO
:
3281 return sizeof(struct smb2_posix_info
);
3287 static int dentry_name(struct ksmbd_dir_info
*d_info
, int info_level
)
3289 switch (info_level
) {
3290 case FILE_FULL_DIRECTORY_INFORMATION
:
3292 struct file_full_directory_info
*ffdinfo
;
3294 ffdinfo
= (struct file_full_directory_info
*)d_info
->rptr
;
3295 d_info
->rptr
+= le32_to_cpu(ffdinfo
->NextEntryOffset
);
3296 d_info
->name
= ffdinfo
->FileName
;
3297 d_info
->name_len
= le32_to_cpu(ffdinfo
->FileNameLength
);
3300 case FILE_BOTH_DIRECTORY_INFORMATION
:
3302 struct file_both_directory_info
*fbdinfo
;
3304 fbdinfo
= (struct file_both_directory_info
*)d_info
->rptr
;
3305 d_info
->rptr
+= le32_to_cpu(fbdinfo
->NextEntryOffset
);
3306 d_info
->name
= fbdinfo
->FileName
;
3307 d_info
->name_len
= le32_to_cpu(fbdinfo
->FileNameLength
);
3310 case FILE_DIRECTORY_INFORMATION
:
3312 struct file_directory_info
*fdinfo
;
3314 fdinfo
= (struct file_directory_info
*)d_info
->rptr
;
3315 d_info
->rptr
+= le32_to_cpu(fdinfo
->NextEntryOffset
);
3316 d_info
->name
= fdinfo
->FileName
;
3317 d_info
->name_len
= le32_to_cpu(fdinfo
->FileNameLength
);
3320 case FILE_NAMES_INFORMATION
:
3322 struct file_names_info
*fninfo
;
3324 fninfo
= (struct file_names_info
*)d_info
->rptr
;
3325 d_info
->rptr
+= le32_to_cpu(fninfo
->NextEntryOffset
);
3326 d_info
->name
= fninfo
->FileName
;
3327 d_info
->name_len
= le32_to_cpu(fninfo
->FileNameLength
);
3330 case FILEID_FULL_DIRECTORY_INFORMATION
:
3332 struct file_id_full_dir_info
*dinfo
;
3334 dinfo
= (struct file_id_full_dir_info
*)d_info
->rptr
;
3335 d_info
->rptr
+= le32_to_cpu(dinfo
->NextEntryOffset
);
3336 d_info
->name
= dinfo
->FileName
;
3337 d_info
->name_len
= le32_to_cpu(dinfo
->FileNameLength
);
3340 case FILEID_BOTH_DIRECTORY_INFORMATION
:
3342 struct file_id_both_directory_info
*fibdinfo
;
3344 fibdinfo
= (struct file_id_both_directory_info
*)d_info
->rptr
;
3345 d_info
->rptr
+= le32_to_cpu(fibdinfo
->NextEntryOffset
);
3346 d_info
->name
= fibdinfo
->FileName
;
3347 d_info
->name_len
= le32_to_cpu(fibdinfo
->FileNameLength
);
3350 case SMB_FIND_FILE_POSIX_INFO
:
3352 struct smb2_posix_info
*posix_info
;
3354 posix_info
= (struct smb2_posix_info
*)d_info
->rptr
;
3355 d_info
->rptr
+= le32_to_cpu(posix_info
->NextEntryOffset
);
3356 d_info
->name
= posix_info
->name
;
3357 d_info
->name_len
= le32_to_cpu(posix_info
->name_len
);
3366 * smb2_populate_readdir_entry() - encode directory entry in smb2 response
3368 * @conn: connection instance
3369 * @info_level: smb information level
3370 * @d_info: structure included variables for query dir
3371 * @user_ns: user namespace
3372 * @ksmbd_kstat: ksmbd wrapper of dirent stat information
3374 * if directory has many entries, find first can't read it fully.
3375 * find next might be called multiple times to read remaining dir entries
3377 * Return: 0 on success, otherwise error
3379 static int smb2_populate_readdir_entry(struct ksmbd_conn
*conn
, int info_level
,
3380 struct ksmbd_dir_info
*d_info
,
3381 struct ksmbd_kstat
*ksmbd_kstat
)
3383 int next_entry_offset
= 0;
3387 int struct_sz
, rc
= 0;
3389 conv_name
= ksmbd_convert_dir_info_name(d_info
,
3395 /* Somehow the name has only terminating NULL bytes */
3398 goto free_conv_name
;
3401 struct_sz
= readdir_info_level_struct_sz(info_level
);
3402 next_entry_offset
= ALIGN(struct_sz
- 1 + conv_len
,
3403 KSMBD_DIR_INFO_ALIGNMENT
);
3405 if (next_entry_offset
> d_info
->out_buf_len
) {
3406 d_info
->out_buf_len
= 0;
3408 goto free_conv_name
;
3411 kstat
= d_info
->wptr
;
3412 if (info_level
!= FILE_NAMES_INFORMATION
)
3413 kstat
= ksmbd_vfs_init_kstat(&d_info
->wptr
, ksmbd_kstat
);
3415 switch (info_level
) {
3416 case FILE_FULL_DIRECTORY_INFORMATION
:
3418 struct file_full_directory_info
*ffdinfo
;
3420 ffdinfo
= (struct file_full_directory_info
*)kstat
;
3421 ffdinfo
->FileNameLength
= cpu_to_le32(conv_len
);
3423 smb2_get_reparse_tag_special_file(ksmbd_kstat
->kstat
->mode
);
3424 if (ffdinfo
->EaSize
)
3425 ffdinfo
->ExtFileAttributes
= ATTR_REPARSE_POINT_LE
;
3426 if (d_info
->hide_dot_file
&& d_info
->name
[0] == '.')
3427 ffdinfo
->ExtFileAttributes
|= ATTR_HIDDEN_LE
;
3428 memcpy(ffdinfo
->FileName
, conv_name
, conv_len
);
3429 ffdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3432 case FILE_BOTH_DIRECTORY_INFORMATION
:
3434 struct file_both_directory_info
*fbdinfo
;
3436 fbdinfo
= (struct file_both_directory_info
*)kstat
;
3437 fbdinfo
->FileNameLength
= cpu_to_le32(conv_len
);
3439 smb2_get_reparse_tag_special_file(ksmbd_kstat
->kstat
->mode
);
3440 if (fbdinfo
->EaSize
)
3441 fbdinfo
->ExtFileAttributes
= ATTR_REPARSE_POINT_LE
;
3442 fbdinfo
->ShortNameLength
= 0;
3443 fbdinfo
->Reserved
= 0;
3444 if (d_info
->hide_dot_file
&& d_info
->name
[0] == '.')
3445 fbdinfo
->ExtFileAttributes
|= ATTR_HIDDEN_LE
;
3446 memcpy(fbdinfo
->FileName
, conv_name
, conv_len
);
3447 fbdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3450 case FILE_DIRECTORY_INFORMATION
:
3452 struct file_directory_info
*fdinfo
;
3454 fdinfo
= (struct file_directory_info
*)kstat
;
3455 fdinfo
->FileNameLength
= cpu_to_le32(conv_len
);
3456 if (d_info
->hide_dot_file
&& d_info
->name
[0] == '.')
3457 fdinfo
->ExtFileAttributes
|= ATTR_HIDDEN_LE
;
3458 memcpy(fdinfo
->FileName
, conv_name
, conv_len
);
3459 fdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3462 case FILE_NAMES_INFORMATION
:
3464 struct file_names_info
*fninfo
;
3466 fninfo
= (struct file_names_info
*)kstat
;
3467 fninfo
->FileNameLength
= cpu_to_le32(conv_len
);
3468 memcpy(fninfo
->FileName
, conv_name
, conv_len
);
3469 fninfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3472 case FILEID_FULL_DIRECTORY_INFORMATION
:
3474 struct file_id_full_dir_info
*dinfo
;
3476 dinfo
= (struct file_id_full_dir_info
*)kstat
;
3477 dinfo
->FileNameLength
= cpu_to_le32(conv_len
);
3479 smb2_get_reparse_tag_special_file(ksmbd_kstat
->kstat
->mode
);
3481 dinfo
->ExtFileAttributes
= ATTR_REPARSE_POINT_LE
;
3482 dinfo
->Reserved
= 0;
3483 dinfo
->UniqueId
= cpu_to_le64(ksmbd_kstat
->kstat
->ino
);
3484 if (d_info
->hide_dot_file
&& d_info
->name
[0] == '.')
3485 dinfo
->ExtFileAttributes
|= ATTR_HIDDEN_LE
;
3486 memcpy(dinfo
->FileName
, conv_name
, conv_len
);
3487 dinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3490 case FILEID_BOTH_DIRECTORY_INFORMATION
:
3492 struct file_id_both_directory_info
*fibdinfo
;
3494 fibdinfo
= (struct file_id_both_directory_info
*)kstat
;
3495 fibdinfo
->FileNameLength
= cpu_to_le32(conv_len
);
3497 smb2_get_reparse_tag_special_file(ksmbd_kstat
->kstat
->mode
);
3498 if (fibdinfo
->EaSize
)
3499 fibdinfo
->ExtFileAttributes
= ATTR_REPARSE_POINT_LE
;
3500 fibdinfo
->UniqueId
= cpu_to_le64(ksmbd_kstat
->kstat
->ino
);
3501 fibdinfo
->ShortNameLength
= 0;
3502 fibdinfo
->Reserved
= 0;
3503 fibdinfo
->Reserved2
= cpu_to_le16(0);
3504 if (d_info
->hide_dot_file
&& d_info
->name
[0] == '.')
3505 fibdinfo
->ExtFileAttributes
|= ATTR_HIDDEN_LE
;
3506 memcpy(fibdinfo
->FileName
, conv_name
, conv_len
);
3507 fibdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3510 case SMB_FIND_FILE_POSIX_INFO
:
3512 struct smb2_posix_info
*posix_info
;
3515 posix_info
= (struct smb2_posix_info
*)kstat
;
3516 posix_info
->Ignored
= 0;
3517 posix_info
->CreationTime
= cpu_to_le64(ksmbd_kstat
->create_time
);
3518 time
= ksmbd_UnixTimeToNT(ksmbd_kstat
->kstat
->ctime
);
3519 posix_info
->ChangeTime
= cpu_to_le64(time
);
3520 time
= ksmbd_UnixTimeToNT(ksmbd_kstat
->kstat
->atime
);
3521 posix_info
->LastAccessTime
= cpu_to_le64(time
);
3522 time
= ksmbd_UnixTimeToNT(ksmbd_kstat
->kstat
->mtime
);
3523 posix_info
->LastWriteTime
= cpu_to_le64(time
);
3524 posix_info
->EndOfFile
= cpu_to_le64(ksmbd_kstat
->kstat
->size
);
3525 posix_info
->AllocationSize
= cpu_to_le64(ksmbd_kstat
->kstat
->blocks
<< 9);
3526 posix_info
->DeviceId
= cpu_to_le32(ksmbd_kstat
->kstat
->rdev
);
3527 posix_info
->HardLinks
= cpu_to_le32(ksmbd_kstat
->kstat
->nlink
);
3528 posix_info
->Mode
= cpu_to_le32(ksmbd_kstat
->kstat
->mode
);
3529 posix_info
->Inode
= cpu_to_le64(ksmbd_kstat
->kstat
->ino
);
3530 posix_info
->DosAttributes
=
3531 S_ISDIR(ksmbd_kstat
->kstat
->mode
) ? ATTR_DIRECTORY_LE
: ATTR_ARCHIVE_LE
;
3532 if (d_info
->hide_dot_file
&& d_info
->name
[0] == '.')
3533 posix_info
->DosAttributes
|= ATTR_HIDDEN_LE
;
3534 id_to_sid(from_kuid_munged(&init_user_ns
, ksmbd_kstat
->kstat
->uid
),
3535 SIDNFS_USER
, (struct smb_sid
*)&posix_info
->SidBuffer
[0]);
3536 id_to_sid(from_kgid_munged(&init_user_ns
, ksmbd_kstat
->kstat
->gid
),
3537 SIDNFS_GROUP
, (struct smb_sid
*)&posix_info
->SidBuffer
[20]);
3538 memcpy(posix_info
->name
, conv_name
, conv_len
);
3539 posix_info
->name_len
= cpu_to_le32(conv_len
);
3540 posix_info
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3544 } /* switch (info_level) */
3546 d_info
->last_entry_offset
= d_info
->data_count
;
3547 d_info
->data_count
+= next_entry_offset
;
3548 d_info
->out_buf_len
-= next_entry_offset
;
3549 d_info
->wptr
+= next_entry_offset
;
3552 "info_level : %d, buf_len :%d, next_offset : %d, data_count : %d\n",
3553 info_level
, d_info
->out_buf_len
,
3554 next_entry_offset
, d_info
->data_count
);
3561 struct smb2_query_dir_private
{
3562 struct ksmbd_work
*work
;
3563 char *search_pattern
;
3564 struct ksmbd_file
*dir_fp
;
3566 struct ksmbd_dir_info
*d_info
;
3570 static void lock_dir(struct ksmbd_file
*dir_fp
)
3572 struct dentry
*dir
= dir_fp
->filp
->f_path
.dentry
;
3574 inode_lock_nested(d_inode(dir
), I_MUTEX_PARENT
);
3577 static void unlock_dir(struct ksmbd_file
*dir_fp
)
3579 struct dentry
*dir
= dir_fp
->filp
->f_path
.dentry
;
3581 inode_unlock(d_inode(dir
));
3584 static int process_query_dir_entries(struct smb2_query_dir_private
*priv
)
3586 struct user_namespace
*user_ns
= file_mnt_user_ns(priv
->dir_fp
->filp
);
3588 struct ksmbd_kstat ksmbd_kstat
;
3592 for (i
= 0; i
< priv
->d_info
->num_entry
; i
++) {
3593 struct dentry
*dent
;
3595 if (dentry_name(priv
->d_info
, priv
->info_level
))
3598 lock_dir(priv
->dir_fp
);
3599 dent
= lookup_one(user_ns
, priv
->d_info
->name
,
3600 priv
->dir_fp
->filp
->f_path
.dentry
,
3601 priv
->d_info
->name_len
);
3602 unlock_dir(priv
->dir_fp
);
3605 ksmbd_debug(SMB
, "Cannot lookup `%s' [%ld]\n",
3610 if (unlikely(d_is_negative(dent
))) {
3612 ksmbd_debug(SMB
, "Negative dentry `%s'\n",
3613 priv
->d_info
->name
);
3617 ksmbd_kstat
.kstat
= &kstat
;
3618 if (priv
->info_level
!= FILE_NAMES_INFORMATION
)
3619 ksmbd_vfs_fill_dentry_attrs(priv
->work
,
3624 rc
= smb2_populate_readdir_entry(priv
->work
->conn
,
3635 static int reserve_populate_dentry(struct ksmbd_dir_info
*d_info
,
3640 int next_entry_offset
;
3642 struct_sz
= readdir_info_level_struct_sz(info_level
);
3643 if (struct_sz
== -EOPNOTSUPP
)
3646 conv_len
= (d_info
->name_len
+ 1) * 2;
3647 next_entry_offset
= ALIGN(struct_sz
- 1 + conv_len
,
3648 KSMBD_DIR_INFO_ALIGNMENT
);
3650 if (next_entry_offset
> d_info
->out_buf_len
) {
3651 d_info
->out_buf_len
= 0;
3655 switch (info_level
) {
3656 case FILE_FULL_DIRECTORY_INFORMATION
:
3658 struct file_full_directory_info
*ffdinfo
;
3660 ffdinfo
= (struct file_full_directory_info
*)d_info
->wptr
;
3661 memcpy(ffdinfo
->FileName
, d_info
->name
, d_info
->name_len
);
3662 ffdinfo
->FileName
[d_info
->name_len
] = 0x00;
3663 ffdinfo
->FileNameLength
= cpu_to_le32(d_info
->name_len
);
3664 ffdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3667 case FILE_BOTH_DIRECTORY_INFORMATION
:
3669 struct file_both_directory_info
*fbdinfo
;
3671 fbdinfo
= (struct file_both_directory_info
*)d_info
->wptr
;
3672 memcpy(fbdinfo
->FileName
, d_info
->name
, d_info
->name_len
);
3673 fbdinfo
->FileName
[d_info
->name_len
] = 0x00;
3674 fbdinfo
->FileNameLength
= cpu_to_le32(d_info
->name_len
);
3675 fbdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3678 case FILE_DIRECTORY_INFORMATION
:
3680 struct file_directory_info
*fdinfo
;
3682 fdinfo
= (struct file_directory_info
*)d_info
->wptr
;
3683 memcpy(fdinfo
->FileName
, d_info
->name
, d_info
->name_len
);
3684 fdinfo
->FileName
[d_info
->name_len
] = 0x00;
3685 fdinfo
->FileNameLength
= cpu_to_le32(d_info
->name_len
);
3686 fdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3689 case FILE_NAMES_INFORMATION
:
3691 struct file_names_info
*fninfo
;
3693 fninfo
= (struct file_names_info
*)d_info
->wptr
;
3694 memcpy(fninfo
->FileName
, d_info
->name
, d_info
->name_len
);
3695 fninfo
->FileName
[d_info
->name_len
] = 0x00;
3696 fninfo
->FileNameLength
= cpu_to_le32(d_info
->name_len
);
3697 fninfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3700 case FILEID_FULL_DIRECTORY_INFORMATION
:
3702 struct file_id_full_dir_info
*dinfo
;
3704 dinfo
= (struct file_id_full_dir_info
*)d_info
->wptr
;
3705 memcpy(dinfo
->FileName
, d_info
->name
, d_info
->name_len
);
3706 dinfo
->FileName
[d_info
->name_len
] = 0x00;
3707 dinfo
->FileNameLength
= cpu_to_le32(d_info
->name_len
);
3708 dinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3711 case FILEID_BOTH_DIRECTORY_INFORMATION
:
3713 struct file_id_both_directory_info
*fibdinfo
;
3715 fibdinfo
= (struct file_id_both_directory_info
*)d_info
->wptr
;
3716 memcpy(fibdinfo
->FileName
, d_info
->name
, d_info
->name_len
);
3717 fibdinfo
->FileName
[d_info
->name_len
] = 0x00;
3718 fibdinfo
->FileNameLength
= cpu_to_le32(d_info
->name_len
);
3719 fibdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3722 case SMB_FIND_FILE_POSIX_INFO
:
3724 struct smb2_posix_info
*posix_info
;
3726 posix_info
= (struct smb2_posix_info
*)d_info
->wptr
;
3727 memcpy(posix_info
->name
, d_info
->name
, d_info
->name_len
);
3728 posix_info
->name
[d_info
->name_len
] = 0x00;
3729 posix_info
->name_len
= cpu_to_le32(d_info
->name_len
);
3730 posix_info
->NextEntryOffset
=
3731 cpu_to_le32(next_entry_offset
);
3734 } /* switch (info_level) */
3736 d_info
->num_entry
++;
3737 d_info
->out_buf_len
-= next_entry_offset
;
3738 d_info
->wptr
+= next_entry_offset
;
3742 static int __query_dir(struct dir_context
*ctx
, const char *name
, int namlen
,
3743 loff_t offset
, u64 ino
, unsigned int d_type
)
3745 struct ksmbd_readdir_data
*buf
;
3746 struct smb2_query_dir_private
*priv
;
3747 struct ksmbd_dir_info
*d_info
;
3750 buf
= container_of(ctx
, struct ksmbd_readdir_data
, ctx
);
3751 priv
= buf
->private;
3752 d_info
= priv
->d_info
;
3754 /* dot and dotdot entries are already reserved */
3755 if (!strcmp(".", name
) || !strcmp("..", name
))
3757 if (ksmbd_share_veto_filename(priv
->work
->tcon
->share_conf
, name
))
3759 if (!match_pattern(name
, namlen
, priv
->search_pattern
))
3762 d_info
->name
= name
;
3763 d_info
->name_len
= namlen
;
3764 rc
= reserve_populate_dentry(d_info
, priv
->info_level
);
3767 if (d_info
->flags
& SMB2_RETURN_SINGLE_ENTRY
) {
3768 d_info
->out_buf_len
= 0;
3774 static void restart_ctx(struct dir_context
*ctx
)
3779 static int verify_info_level(int info_level
)
3781 switch (info_level
) {
3782 case FILE_FULL_DIRECTORY_INFORMATION
:
3783 case FILE_BOTH_DIRECTORY_INFORMATION
:
3784 case FILE_DIRECTORY_INFORMATION
:
3785 case FILE_NAMES_INFORMATION
:
3786 case FILEID_FULL_DIRECTORY_INFORMATION
:
3787 case FILEID_BOTH_DIRECTORY_INFORMATION
:
3788 case SMB_FIND_FILE_POSIX_INFO
:
3797 static int smb2_calc_max_out_buf_len(struct ksmbd_work
*work
,
3798 unsigned short hdr2_len
,
3799 unsigned int out_buf_len
)
3803 if (out_buf_len
> work
->conn
->vals
->max_trans_size
)
3806 free_len
= (int)(work
->response_sz
-
3807 (get_rfc1002_len(work
->response_buf
) + 4)) -
3812 return min_t(int, out_buf_len
, free_len
);
3815 int smb2_query_dir(struct ksmbd_work
*work
)
3817 struct ksmbd_conn
*conn
= work
->conn
;
3818 struct smb2_query_directory_req
*req
;
3819 struct smb2_query_directory_rsp
*rsp
, *rsp_org
;
3820 struct ksmbd_share_config
*share
= work
->tcon
->share_conf
;
3821 struct ksmbd_file
*dir_fp
= NULL
;
3822 struct ksmbd_dir_info d_info
;
3824 char *srch_ptr
= NULL
;
3825 unsigned char srch_flag
;
3827 struct smb2_query_dir_private query_dir_private
= {NULL
, };
3829 rsp_org
= work
->response_buf
;
3830 WORK_BUFFERS(work
, req
, rsp
);
3832 if (ksmbd_override_fsids(work
)) {
3833 rsp
->hdr
.Status
= STATUS_NO_MEMORY
;
3834 smb2_set_err_rsp(work
);
3838 rc
= verify_info_level(req
->FileInformationClass
);
3844 dir_fp
= ksmbd_lookup_fd_slow(work
,
3845 le64_to_cpu(req
->VolatileFileId
),
3846 le64_to_cpu(req
->PersistentFileId
));
3852 if (!(dir_fp
->daccess
& FILE_LIST_DIRECTORY_LE
) ||
3853 inode_permission(file_mnt_user_ns(dir_fp
->filp
),
3854 file_inode(dir_fp
->filp
),
3855 MAY_READ
| MAY_EXEC
)) {
3856 pr_err("no right to enumerate directory (%pd)\n",
3857 dir_fp
->filp
->f_path
.dentry
);
3862 if (!S_ISDIR(file_inode(dir_fp
->filp
)->i_mode
)) {
3863 pr_err("can't do query dir for a file\n");
3868 srch_flag
= req
->Flags
;
3869 srch_ptr
= smb_strndup_from_utf16(req
->Buffer
,
3870 le16_to_cpu(req
->FileNameLength
), 1,
3872 if (IS_ERR(srch_ptr
)) {
3873 ksmbd_debug(SMB
, "Search Pattern not found\n");
3877 ksmbd_debug(SMB
, "Search pattern is %s\n", srch_ptr
);
3880 ksmbd_debug(SMB
, "Directory name is %s\n", dir_fp
->filename
);
3882 if (srch_flag
& SMB2_REOPEN
|| srch_flag
& SMB2_RESTART_SCANS
) {
3883 ksmbd_debug(SMB
, "Restart directory scan\n");
3884 generic_file_llseek(dir_fp
->filp
, 0, SEEK_SET
);
3885 restart_ctx(&dir_fp
->readdir_data
.ctx
);
3888 memset(&d_info
, 0, sizeof(struct ksmbd_dir_info
));
3889 d_info
.wptr
= (char *)rsp
->Buffer
;
3890 d_info
.rptr
= (char *)rsp
->Buffer
;
3891 d_info
.out_buf_len
=
3892 smb2_calc_max_out_buf_len(work
, 8,
3893 le32_to_cpu(req
->OutputBufferLength
));
3894 if (d_info
.out_buf_len
< 0) {
3898 d_info
.flags
= srch_flag
;
3901 * reserve dot and dotdot entries in head of buffer
3904 rc
= ksmbd_populate_dot_dotdot_entries(work
, req
->FileInformationClass
,
3905 dir_fp
, &d_info
, srch_ptr
,
3906 smb2_populate_readdir_entry
);
3912 if (test_share_config_flag(share
, KSMBD_SHARE_FLAG_HIDE_DOT_FILES
))
3913 d_info
.hide_dot_file
= true;
3915 buffer_sz
= d_info
.out_buf_len
;
3916 d_info
.rptr
= d_info
.wptr
;
3917 query_dir_private
.work
= work
;
3918 query_dir_private
.search_pattern
= srch_ptr
;
3919 query_dir_private
.dir_fp
= dir_fp
;
3920 query_dir_private
.d_info
= &d_info
;
3921 query_dir_private
.info_level
= req
->FileInformationClass
;
3922 dir_fp
->readdir_data
.private = &query_dir_private
;
3923 set_ctx_actor(&dir_fp
->readdir_data
.ctx
, __query_dir
);
3925 rc
= iterate_dir(dir_fp
->filp
, &dir_fp
->readdir_data
.ctx
);
3927 restart_ctx(&dir_fp
->readdir_data
.ctx
);
3933 d_info
.wptr
= d_info
.rptr
;
3934 d_info
.out_buf_len
= buffer_sz
;
3935 rc
= process_query_dir_entries(&query_dir_private
);
3939 if (!d_info
.data_count
&& d_info
.out_buf_len
>= 0) {
3940 if (srch_flag
& SMB2_RETURN_SINGLE_ENTRY
&& !is_asterisk(srch_ptr
)) {
3941 rsp
->hdr
.Status
= STATUS_NO_SUCH_FILE
;
3943 dir_fp
->dot_dotdot
[0] = dir_fp
->dot_dotdot
[1] = 0;
3944 rsp
->hdr
.Status
= STATUS_NO_MORE_FILES
;
3946 rsp
->StructureSize
= cpu_to_le16(9);
3947 rsp
->OutputBufferOffset
= cpu_to_le16(0);
3948 rsp
->OutputBufferLength
= cpu_to_le32(0);
3950 inc_rfc1001_len(rsp_org
, 9);
3952 ((struct file_directory_info
*)
3953 ((char *)rsp
->Buffer
+ d_info
.last_entry_offset
))
3954 ->NextEntryOffset
= 0;
3956 rsp
->StructureSize
= cpu_to_le16(9);
3957 rsp
->OutputBufferOffset
= cpu_to_le16(72);
3958 rsp
->OutputBufferLength
= cpu_to_le32(d_info
.data_count
);
3959 inc_rfc1001_len(rsp_org
, 8 + d_info
.data_count
);
3963 ksmbd_fd_put(work
, dir_fp
);
3964 ksmbd_revert_fsids(work
);
3968 pr_err("error while processing smb2 query dir rc = %d\n", rc
);
3973 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
3974 else if (rc
== -EACCES
)
3975 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
3976 else if (rc
== -ENOENT
)
3977 rsp
->hdr
.Status
= STATUS_NO_SUCH_FILE
;
3978 else if (rc
== -EBADF
)
3979 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
3980 else if (rc
== -ENOMEM
)
3981 rsp
->hdr
.Status
= STATUS_NO_MEMORY
;
3982 else if (rc
== -EFAULT
)
3983 rsp
->hdr
.Status
= STATUS_INVALID_INFO_CLASS
;
3984 if (!rsp
->hdr
.Status
)
3985 rsp
->hdr
.Status
= STATUS_UNEXPECTED_IO_ERROR
;
3987 smb2_set_err_rsp(work
);
3988 ksmbd_fd_put(work
, dir_fp
);
3989 ksmbd_revert_fsids(work
);
3994 * buffer_check_err() - helper function to check buffer errors
3995 * @reqOutputBufferLength: max buffer length expected in command response
3996 * @rsp: query info response buffer contains output buffer length
3997 * @infoclass_size: query info class response buffer size
3999 * Return: 0 on success, otherwise error
4001 static int buffer_check_err(int reqOutputBufferLength
,
4002 struct smb2_query_info_rsp
*rsp
, int infoclass_size
)
4004 if (reqOutputBufferLength
< le32_to_cpu(rsp
->OutputBufferLength
)) {
4005 if (reqOutputBufferLength
< infoclass_size
) {
4006 pr_err("Invalid Buffer Size Requested\n");
4007 rsp
->hdr
.Status
= STATUS_INFO_LENGTH_MISMATCH
;
4008 rsp
->hdr
.smb2_buf_length
= cpu_to_be32(sizeof(struct smb2_hdr
) - 4);
4012 ksmbd_debug(SMB
, "Buffer Overflow\n");
4013 rsp
->hdr
.Status
= STATUS_BUFFER_OVERFLOW
;
4014 rsp
->hdr
.smb2_buf_length
= cpu_to_be32(sizeof(struct smb2_hdr
) - 4 +
4015 reqOutputBufferLength
);
4016 rsp
->OutputBufferLength
= cpu_to_le32(reqOutputBufferLength
);
4021 static void get_standard_info_pipe(struct smb2_query_info_rsp
*rsp
)
4023 struct smb2_file_standard_info
*sinfo
;
4025 sinfo
= (struct smb2_file_standard_info
*)rsp
->Buffer
;
4027 sinfo
->AllocationSize
= cpu_to_le64(4096);
4028 sinfo
->EndOfFile
= cpu_to_le64(0);
4029 sinfo
->NumberOfLinks
= cpu_to_le32(1);
4030 sinfo
->DeletePending
= 1;
4031 sinfo
->Directory
= 0;
4032 rsp
->OutputBufferLength
=
4033 cpu_to_le32(sizeof(struct smb2_file_standard_info
));
4034 inc_rfc1001_len(rsp
, sizeof(struct smb2_file_standard_info
));
4037 static void get_internal_info_pipe(struct smb2_query_info_rsp
*rsp
, u64 num
)
4039 struct smb2_file_internal_info
*file_info
;
4041 file_info
= (struct smb2_file_internal_info
*)rsp
->Buffer
;
4043 /* any unique number */
4044 file_info
->IndexNumber
= cpu_to_le64(num
| (1ULL << 63));
4045 rsp
->OutputBufferLength
=
4046 cpu_to_le32(sizeof(struct smb2_file_internal_info
));
4047 inc_rfc1001_len(rsp
, sizeof(struct smb2_file_internal_info
));
4050 static int smb2_get_info_file_pipe(struct ksmbd_session
*sess
,
4051 struct smb2_query_info_req
*req
,
4052 struct smb2_query_info_rsp
*rsp
)
4058 * Windows can sometime send query file info request on
4059 * pipe without opening it, checking error condition here
4061 id
= le64_to_cpu(req
->VolatileFileId
);
4062 if (!ksmbd_session_rpc_method(sess
, id
))
4065 ksmbd_debug(SMB
, "FileInfoClass %u, FileId 0x%llx\n",
4066 req
->FileInfoClass
, le64_to_cpu(req
->VolatileFileId
));
4068 switch (req
->FileInfoClass
) {
4069 case FILE_STANDARD_INFORMATION
:
4070 get_standard_info_pipe(rsp
);
4071 rc
= buffer_check_err(le32_to_cpu(req
->OutputBufferLength
),
4072 rsp
, FILE_STANDARD_INFORMATION_SIZE
);
4074 case FILE_INTERNAL_INFORMATION
:
4075 get_internal_info_pipe(rsp
, id
);
4076 rc
= buffer_check_err(le32_to_cpu(req
->OutputBufferLength
),
4077 rsp
, FILE_INTERNAL_INFORMATION_SIZE
);
4080 ksmbd_debug(SMB
, "smb2_info_file_pipe for %u not supported\n",
4081 req
->FileInfoClass
);
4088 * smb2_get_ea() - handler for smb2 get extended attribute command
4089 * @work: smb work containing query info command buffer
4090 * @fp: ksmbd_file pointer
4091 * @req: get extended attribute request
4092 * @rsp: response buffer pointer
4093 * @rsp_org: base response buffer pointer in case of chained response
4095 * Return: 0 on success, otherwise error
4097 static int smb2_get_ea(struct ksmbd_work
*work
, struct ksmbd_file
*fp
,
4098 struct smb2_query_info_req
*req
,
4099 struct smb2_query_info_rsp
*rsp
, void *rsp_org
)
4101 struct smb2_ea_info
*eainfo
, *prev_eainfo
;
4102 char *name
, *ptr
, *xattr_list
= NULL
, *buf
;
4103 int rc
, name_len
, value_len
, xattr_list_len
, idx
;
4104 ssize_t buf_free_len
, alignment_bytes
, next_offset
, rsp_data_cnt
= 0;
4105 struct smb2_ea_info_req
*ea_req
= NULL
;
4107 struct user_namespace
*user_ns
= file_mnt_user_ns(fp
->filp
);
4109 if (!(fp
->daccess
& FILE_READ_EA_LE
)) {
4110 pr_err("Not permitted to read ext attr : 0x%x\n",
4115 path
= &fp
->filp
->f_path
;
4116 /* single EA entry is requested with given user.* name */
4117 if (req
->InputBufferLength
) {
4118 if (le32_to_cpu(req
->InputBufferLength
) <
4119 sizeof(struct smb2_ea_info_req
))
4122 ea_req
= (struct smb2_ea_info_req
*)req
->Buffer
;
4124 /* need to send all EAs, if no specific EA is requested*/
4125 if (le32_to_cpu(req
->Flags
) & SL_RETURN_SINGLE_ENTRY
)
4127 "All EAs are requested but need to send single EA entry in rsp flags 0x%x\n",
4128 le32_to_cpu(req
->Flags
));
4132 smb2_calc_max_out_buf_len(work
, 8,
4133 le32_to_cpu(req
->OutputBufferLength
));
4134 if (buf_free_len
< 0)
4137 rc
= ksmbd_vfs_listxattr(path
->dentry
, &xattr_list
);
4139 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
4141 } else if (!rc
) { /* there is no EA in the file */
4142 ksmbd_debug(SMB
, "no ea data in the file\n");
4145 xattr_list_len
= rc
;
4147 ptr
= (char *)rsp
->Buffer
;
4148 eainfo
= (struct smb2_ea_info
*)ptr
;
4149 prev_eainfo
= eainfo
;
4152 while (idx
< xattr_list_len
) {
4153 name
= xattr_list
+ idx
;
4154 name_len
= strlen(name
);
4156 ksmbd_debug(SMB
, "%s, len %d\n", name
, name_len
);
4157 idx
+= name_len
+ 1;
4160 * CIFS does not support EA other than user.* namespace,
4161 * still keep the framework generic, to list other attrs
4164 if (strncmp(name
, XATTR_USER_PREFIX
, XATTR_USER_PREFIX_LEN
))
4167 if (!strncmp(&name
[XATTR_USER_PREFIX_LEN
], STREAM_PREFIX
,
4171 if (req
->InputBufferLength
&&
4172 strncmp(&name
[XATTR_USER_PREFIX_LEN
], ea_req
->name
,
4173 ea_req
->EaNameLength
))
4176 if (!strncmp(&name
[XATTR_USER_PREFIX_LEN
],
4177 DOS_ATTRIBUTE_PREFIX
, DOS_ATTRIBUTE_PREFIX_LEN
))
4180 if (!strncmp(name
, XATTR_USER_PREFIX
, XATTR_USER_PREFIX_LEN
))
4181 name_len
-= XATTR_USER_PREFIX_LEN
;
4183 ptr
= (char *)(&eainfo
->name
+ name_len
+ 1);
4184 buf_free_len
-= (offsetof(struct smb2_ea_info
, name
) +
4186 /* bailout if xattr can't fit in buf_free_len */
4187 value_len
= ksmbd_vfs_getxattr(user_ns
, path
->dentry
,
4189 if (value_len
<= 0) {
4191 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
4195 buf_free_len
-= value_len
;
4196 if (buf_free_len
< 0) {
4201 memcpy(ptr
, buf
, value_len
);
4206 eainfo
->EaNameLength
= name_len
;
4208 if (!strncmp(name
, XATTR_USER_PREFIX
, XATTR_USER_PREFIX_LEN
))
4209 memcpy(eainfo
->name
, &name
[XATTR_USER_PREFIX_LEN
],
4212 memcpy(eainfo
->name
, name
, name_len
);
4214 eainfo
->name
[name_len
] = '\0';
4215 eainfo
->EaValueLength
= cpu_to_le16(value_len
);
4216 next_offset
= offsetof(struct smb2_ea_info
, name
) +
4217 name_len
+ 1 + value_len
;
4219 /* align next xattr entry at 4 byte bundary */
4220 alignment_bytes
= ((next_offset
+ 3) & ~3) - next_offset
;
4221 if (alignment_bytes
) {
4222 memset(ptr
, '\0', alignment_bytes
);
4223 ptr
+= alignment_bytes
;
4224 next_offset
+= alignment_bytes
;
4225 buf_free_len
-= alignment_bytes
;
4227 eainfo
->NextEntryOffset
= cpu_to_le32(next_offset
);
4228 prev_eainfo
= eainfo
;
4229 eainfo
= (struct smb2_ea_info
*)ptr
;
4230 rsp_data_cnt
+= next_offset
;
4232 if (req
->InputBufferLength
) {
4233 ksmbd_debug(SMB
, "single entry requested\n");
4238 /* no more ea entries */
4239 prev_eainfo
->NextEntryOffset
= 0;
4242 if (rsp_data_cnt
== 0)
4243 rsp
->hdr
.Status
= STATUS_NO_EAS_ON_FILE
;
4244 rsp
->OutputBufferLength
= cpu_to_le32(rsp_data_cnt
);
4245 inc_rfc1001_len(rsp_org
, rsp_data_cnt
);
4251 static void get_file_access_info(struct smb2_query_info_rsp
*rsp
,
4252 struct ksmbd_file
*fp
, void *rsp_org
)
4254 struct smb2_file_access_info
*file_info
;
4256 file_info
= (struct smb2_file_access_info
*)rsp
->Buffer
;
4257 file_info
->AccessFlags
= fp
->daccess
;
4258 rsp
->OutputBufferLength
=
4259 cpu_to_le32(sizeof(struct smb2_file_access_info
));
4260 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_access_info
));
4263 static int get_file_basic_info(struct smb2_query_info_rsp
*rsp
,
4264 struct ksmbd_file
*fp
, void *rsp_org
)
4266 struct smb2_file_basic_info
*basic_info
;
4270 if (!(fp
->daccess
& FILE_READ_ATTRIBUTES_LE
)) {
4271 pr_err("no right to read the attributes : 0x%x\n",
4276 basic_info
= (struct smb2_file_basic_info
*)rsp
->Buffer
;
4277 generic_fillattr(file_mnt_user_ns(fp
->filp
), file_inode(fp
->filp
),
4279 basic_info
->CreationTime
= cpu_to_le64(fp
->create_time
);
4280 time
= ksmbd_UnixTimeToNT(stat
.atime
);
4281 basic_info
->LastAccessTime
= cpu_to_le64(time
);
4282 time
= ksmbd_UnixTimeToNT(stat
.mtime
);
4283 basic_info
->LastWriteTime
= cpu_to_le64(time
);
4284 time
= ksmbd_UnixTimeToNT(stat
.ctime
);
4285 basic_info
->ChangeTime
= cpu_to_le64(time
);
4286 basic_info
->Attributes
= fp
->f_ci
->m_fattr
;
4287 basic_info
->Pad1
= 0;
4288 rsp
->OutputBufferLength
=
4289 cpu_to_le32(sizeof(struct smb2_file_basic_info
));
4290 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_basic_info
));
4294 static unsigned long long get_allocation_size(struct inode
*inode
,
4297 unsigned long long alloc_size
= 0;
4299 if (!S_ISDIR(stat
->mode
)) {
4300 if ((inode
->i_blocks
<< 9) <= stat
->size
)
4301 alloc_size
= stat
->size
;
4303 alloc_size
= inode
->i_blocks
<< 9;
4309 static void get_file_standard_info(struct smb2_query_info_rsp
*rsp
,
4310 struct ksmbd_file
*fp
, void *rsp_org
)
4312 struct smb2_file_standard_info
*sinfo
;
4313 unsigned int delete_pending
;
4314 struct inode
*inode
;
4317 inode
= file_inode(fp
->filp
);
4318 generic_fillattr(file_mnt_user_ns(fp
->filp
), inode
, &stat
);
4320 sinfo
= (struct smb2_file_standard_info
*)rsp
->Buffer
;
4321 delete_pending
= ksmbd_inode_pending_delete(fp
);
4323 sinfo
->AllocationSize
= cpu_to_le64(get_allocation_size(inode
, &stat
));
4324 sinfo
->EndOfFile
= S_ISDIR(stat
.mode
) ? 0 : cpu_to_le64(stat
.size
);
4325 sinfo
->NumberOfLinks
= cpu_to_le32(get_nlink(&stat
) - delete_pending
);
4326 sinfo
->DeletePending
= delete_pending
;
4327 sinfo
->Directory
= S_ISDIR(stat
.mode
) ? 1 : 0;
4328 rsp
->OutputBufferLength
=
4329 cpu_to_le32(sizeof(struct smb2_file_standard_info
));
4330 inc_rfc1001_len(rsp_org
,
4331 sizeof(struct smb2_file_standard_info
));
4334 static void get_file_alignment_info(struct smb2_query_info_rsp
*rsp
,
4337 struct smb2_file_alignment_info
*file_info
;
4339 file_info
= (struct smb2_file_alignment_info
*)rsp
->Buffer
;
4340 file_info
->AlignmentRequirement
= 0;
4341 rsp
->OutputBufferLength
=
4342 cpu_to_le32(sizeof(struct smb2_file_alignment_info
));
4343 inc_rfc1001_len(rsp_org
,
4344 sizeof(struct smb2_file_alignment_info
));
4347 static int get_file_all_info(struct ksmbd_work
*work
,
4348 struct smb2_query_info_rsp
*rsp
,
4349 struct ksmbd_file
*fp
,
4352 struct ksmbd_conn
*conn
= work
->conn
;
4353 struct smb2_file_all_info
*file_info
;
4354 unsigned int delete_pending
;
4355 struct inode
*inode
;
4361 if (!(fp
->daccess
& FILE_READ_ATTRIBUTES_LE
)) {
4362 ksmbd_debug(SMB
, "no right to read the attributes : 0x%x\n",
4367 filename
= convert_to_nt_pathname(fp
->filename
);
4371 inode
= file_inode(fp
->filp
);
4372 generic_fillattr(file_mnt_user_ns(fp
->filp
), inode
, &stat
);
4374 ksmbd_debug(SMB
, "filename = %s\n", filename
);
4375 delete_pending
= ksmbd_inode_pending_delete(fp
);
4376 file_info
= (struct smb2_file_all_info
*)rsp
->Buffer
;
4378 file_info
->CreationTime
= cpu_to_le64(fp
->create_time
);
4379 time
= ksmbd_UnixTimeToNT(stat
.atime
);
4380 file_info
->LastAccessTime
= cpu_to_le64(time
);
4381 time
= ksmbd_UnixTimeToNT(stat
.mtime
);
4382 file_info
->LastWriteTime
= cpu_to_le64(time
);
4383 time
= ksmbd_UnixTimeToNT(stat
.ctime
);
4384 file_info
->ChangeTime
= cpu_to_le64(time
);
4385 file_info
->Attributes
= fp
->f_ci
->m_fattr
;
4386 file_info
->Pad1
= 0;
4387 file_info
->AllocationSize
=
4388 cpu_to_le64(get_allocation_size(inode
, &stat
));
4389 file_info
->EndOfFile
= S_ISDIR(stat
.mode
) ? 0 : cpu_to_le64(stat
.size
);
4390 file_info
->NumberOfLinks
=
4391 cpu_to_le32(get_nlink(&stat
) - delete_pending
);
4392 file_info
->DeletePending
= delete_pending
;
4393 file_info
->Directory
= S_ISDIR(stat
.mode
) ? 1 : 0;
4394 file_info
->Pad2
= 0;
4395 file_info
->IndexNumber
= cpu_to_le64(stat
.ino
);
4396 file_info
->EASize
= 0;
4397 file_info
->AccessFlags
= fp
->daccess
;
4398 file_info
->CurrentByteOffset
= cpu_to_le64(fp
->filp
->f_pos
);
4399 file_info
->Mode
= fp
->coption
;
4400 file_info
->AlignmentRequirement
= 0;
4401 conv_len
= smbConvertToUTF16((__le16
*)file_info
->FileName
, filename
,
4402 PATH_MAX
, conn
->local_nls
, 0);
4404 file_info
->FileNameLength
= cpu_to_le32(conv_len
);
4405 rsp
->OutputBufferLength
=
4406 cpu_to_le32(sizeof(struct smb2_file_all_info
) + conv_len
- 1);
4408 inc_rfc1001_len(rsp_org
, le32_to_cpu(rsp
->OutputBufferLength
));
4412 static void get_file_alternate_info(struct ksmbd_work
*work
,
4413 struct smb2_query_info_rsp
*rsp
,
4414 struct ksmbd_file
*fp
,
4417 struct ksmbd_conn
*conn
= work
->conn
;
4418 struct smb2_file_alt_name_info
*file_info
;
4419 struct dentry
*dentry
= fp
->filp
->f_path
.dentry
;
4422 spin_lock(&dentry
->d_lock
);
4423 file_info
= (struct smb2_file_alt_name_info
*)rsp
->Buffer
;
4424 conv_len
= ksmbd_extract_shortname(conn
,
4425 dentry
->d_name
.name
,
4426 file_info
->FileName
);
4427 spin_unlock(&dentry
->d_lock
);
4428 file_info
->FileNameLength
= cpu_to_le32(conv_len
);
4429 rsp
->OutputBufferLength
=
4430 cpu_to_le32(sizeof(struct smb2_file_alt_name_info
) + conv_len
);
4431 inc_rfc1001_len(rsp_org
, le32_to_cpu(rsp
->OutputBufferLength
));
4434 static void get_file_stream_info(struct ksmbd_work
*work
,
4435 struct smb2_query_info_rsp
*rsp
,
4436 struct ksmbd_file
*fp
,
4439 struct ksmbd_conn
*conn
= work
->conn
;
4440 struct smb2_file_stream_info
*file_info
;
4441 char *stream_name
, *xattr_list
= NULL
, *stream_buf
;
4443 struct path
*path
= &fp
->filp
->f_path
;
4444 ssize_t xattr_list_len
;
4445 int nbytes
= 0, streamlen
, stream_name_len
, next
, idx
= 0;
4447 struct smb2_query_info_req
*req
= ksmbd_req_buf_next(work
);
4449 generic_fillattr(file_mnt_user_ns(fp
->filp
), file_inode(fp
->filp
),
4451 file_info
= (struct smb2_file_stream_info
*)rsp
->Buffer
;
4453 xattr_list_len
= ksmbd_vfs_listxattr(path
->dentry
, &xattr_list
);
4454 if (xattr_list_len
< 0) {
4456 } else if (!xattr_list_len
) {
4457 ksmbd_debug(SMB
, "empty xattr in the file\n");
4462 smb2_calc_max_out_buf_len(work
, 8,
4463 le32_to_cpu(req
->OutputBufferLength
));
4464 if (buf_free_len
< 0)
4467 while (idx
< xattr_list_len
) {
4468 stream_name
= xattr_list
+ idx
;
4469 streamlen
= strlen(stream_name
);
4470 idx
+= streamlen
+ 1;
4472 ksmbd_debug(SMB
, "%s, len %d\n", stream_name
, streamlen
);
4474 if (strncmp(&stream_name
[XATTR_USER_PREFIX_LEN
],
4475 STREAM_PREFIX
, STREAM_PREFIX_LEN
))
4478 stream_name_len
= streamlen
- (XATTR_USER_PREFIX_LEN
+
4480 streamlen
= stream_name_len
;
4484 stream_buf
= kmalloc(streamlen
+ 1, GFP_KERNEL
);
4488 streamlen
= snprintf(stream_buf
, streamlen
+ 1,
4489 ":%s", &stream_name
[XATTR_NAME_STREAM_LEN
]);
4491 next
= sizeof(struct smb2_file_stream_info
) + streamlen
* 2;
4492 if (next
> buf_free_len
)
4495 file_info
= (struct smb2_file_stream_info
*)&rsp
->Buffer
[nbytes
];
4496 streamlen
= smbConvertToUTF16((__le16
*)file_info
->StreamName
,
4497 stream_buf
, streamlen
,
4498 conn
->local_nls
, 0);
4501 file_info
->StreamNameLength
= cpu_to_le32(streamlen
);
4502 file_info
->StreamSize
= cpu_to_le64(stream_name_len
);
4503 file_info
->StreamAllocationSize
= cpu_to_le64(stream_name_len
);
4506 buf_free_len
-= next
;
4507 file_info
->NextEntryOffset
= cpu_to_le32(next
);
4510 if (!S_ISDIR(stat
.mode
) &&
4511 buf_free_len
>= sizeof(struct smb2_file_stream_info
) + 7 * 2) {
4512 file_info
= (struct smb2_file_stream_info
*)
4513 &rsp
->Buffer
[nbytes
];
4514 streamlen
= smbConvertToUTF16((__le16
*)file_info
->StreamName
,
4515 "::$DATA", 7, conn
->local_nls
, 0);
4517 file_info
->StreamNameLength
= cpu_to_le32(streamlen
);
4518 file_info
->StreamSize
= 0;
4519 file_info
->StreamAllocationSize
= 0;
4520 nbytes
+= sizeof(struct smb2_file_stream_info
) + streamlen
;
4523 /* last entry offset should be 0 */
4524 file_info
->NextEntryOffset
= 0;
4528 rsp
->OutputBufferLength
= cpu_to_le32(nbytes
);
4529 inc_rfc1001_len(rsp_org
, nbytes
);
4532 static void get_file_internal_info(struct smb2_query_info_rsp
*rsp
,
4533 struct ksmbd_file
*fp
, void *rsp_org
)
4535 struct smb2_file_internal_info
*file_info
;
4538 generic_fillattr(file_mnt_user_ns(fp
->filp
), file_inode(fp
->filp
),
4540 file_info
= (struct smb2_file_internal_info
*)rsp
->Buffer
;
4541 file_info
->IndexNumber
= cpu_to_le64(stat
.ino
);
4542 rsp
->OutputBufferLength
=
4543 cpu_to_le32(sizeof(struct smb2_file_internal_info
));
4544 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_internal_info
));
4547 static int get_file_network_open_info(struct smb2_query_info_rsp
*rsp
,
4548 struct ksmbd_file
*fp
, void *rsp_org
)
4550 struct smb2_file_ntwrk_info
*file_info
;
4551 struct inode
*inode
;
4555 if (!(fp
->daccess
& FILE_READ_ATTRIBUTES_LE
)) {
4556 pr_err("no right to read the attributes : 0x%x\n",
4561 file_info
= (struct smb2_file_ntwrk_info
*)rsp
->Buffer
;
4563 inode
= file_inode(fp
->filp
);
4564 generic_fillattr(file_mnt_user_ns(fp
->filp
), inode
, &stat
);
4566 file_info
->CreationTime
= cpu_to_le64(fp
->create_time
);
4567 time
= ksmbd_UnixTimeToNT(stat
.atime
);
4568 file_info
->LastAccessTime
= cpu_to_le64(time
);
4569 time
= ksmbd_UnixTimeToNT(stat
.mtime
);
4570 file_info
->LastWriteTime
= cpu_to_le64(time
);
4571 time
= ksmbd_UnixTimeToNT(stat
.ctime
);
4572 file_info
->ChangeTime
= cpu_to_le64(time
);
4573 file_info
->Attributes
= fp
->f_ci
->m_fattr
;
4574 file_info
->AllocationSize
=
4575 cpu_to_le64(get_allocation_size(inode
, &stat
));
4576 file_info
->EndOfFile
= S_ISDIR(stat
.mode
) ? 0 : cpu_to_le64(stat
.size
);
4577 file_info
->Reserved
= cpu_to_le32(0);
4578 rsp
->OutputBufferLength
=
4579 cpu_to_le32(sizeof(struct smb2_file_ntwrk_info
));
4580 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_ntwrk_info
));
4584 static void get_file_ea_info(struct smb2_query_info_rsp
*rsp
, void *rsp_org
)
4586 struct smb2_file_ea_info
*file_info
;
4588 file_info
= (struct smb2_file_ea_info
*)rsp
->Buffer
;
4589 file_info
->EASize
= 0;
4590 rsp
->OutputBufferLength
=
4591 cpu_to_le32(sizeof(struct smb2_file_ea_info
));
4592 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_ea_info
));
4595 static void get_file_position_info(struct smb2_query_info_rsp
*rsp
,
4596 struct ksmbd_file
*fp
, void *rsp_org
)
4598 struct smb2_file_pos_info
*file_info
;
4600 file_info
= (struct smb2_file_pos_info
*)rsp
->Buffer
;
4601 file_info
->CurrentByteOffset
= cpu_to_le64(fp
->filp
->f_pos
);
4602 rsp
->OutputBufferLength
=
4603 cpu_to_le32(sizeof(struct smb2_file_pos_info
));
4604 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_pos_info
));
4607 static void get_file_mode_info(struct smb2_query_info_rsp
*rsp
,
4608 struct ksmbd_file
*fp
, void *rsp_org
)
4610 struct smb2_file_mode_info
*file_info
;
4612 file_info
= (struct smb2_file_mode_info
*)rsp
->Buffer
;
4613 file_info
->Mode
= fp
->coption
& FILE_MODE_INFO_MASK
;
4614 rsp
->OutputBufferLength
=
4615 cpu_to_le32(sizeof(struct smb2_file_mode_info
));
4616 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_mode_info
));
4619 static void get_file_compression_info(struct smb2_query_info_rsp
*rsp
,
4620 struct ksmbd_file
*fp
, void *rsp_org
)
4622 struct smb2_file_comp_info
*file_info
;
4625 generic_fillattr(file_mnt_user_ns(fp
->filp
), file_inode(fp
->filp
),
4628 file_info
= (struct smb2_file_comp_info
*)rsp
->Buffer
;
4629 file_info
->CompressedFileSize
= cpu_to_le64(stat
.blocks
<< 9);
4630 file_info
->CompressionFormat
= COMPRESSION_FORMAT_NONE
;
4631 file_info
->CompressionUnitShift
= 0;
4632 file_info
->ChunkShift
= 0;
4633 file_info
->ClusterShift
= 0;
4634 memset(&file_info
->Reserved
[0], 0, 3);
4636 rsp
->OutputBufferLength
=
4637 cpu_to_le32(sizeof(struct smb2_file_comp_info
));
4638 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_comp_info
));
4641 static int get_file_attribute_tag_info(struct smb2_query_info_rsp
*rsp
,
4642 struct ksmbd_file
*fp
, void *rsp_org
)
4644 struct smb2_file_attr_tag_info
*file_info
;
4646 if (!(fp
->daccess
& FILE_READ_ATTRIBUTES_LE
)) {
4647 pr_err("no right to read the attributes : 0x%x\n",
4652 file_info
= (struct smb2_file_attr_tag_info
*)rsp
->Buffer
;
4653 file_info
->FileAttributes
= fp
->f_ci
->m_fattr
;
4654 file_info
->ReparseTag
= 0;
4655 rsp
->OutputBufferLength
=
4656 cpu_to_le32(sizeof(struct smb2_file_attr_tag_info
));
4657 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_attr_tag_info
));
4661 static int find_file_posix_info(struct smb2_query_info_rsp
*rsp
,
4662 struct ksmbd_file
*fp
, void *rsp_org
)
4664 struct smb311_posix_qinfo
*file_info
;
4665 struct inode
*inode
= file_inode(fp
->filp
);
4668 file_info
= (struct smb311_posix_qinfo
*)rsp
->Buffer
;
4669 file_info
->CreationTime
= cpu_to_le64(fp
->create_time
);
4670 time
= ksmbd_UnixTimeToNT(inode
->i_atime
);
4671 file_info
->LastAccessTime
= cpu_to_le64(time
);
4672 time
= ksmbd_UnixTimeToNT(inode
->i_mtime
);
4673 file_info
->LastWriteTime
= cpu_to_le64(time
);
4674 time
= ksmbd_UnixTimeToNT(inode
->i_ctime
);
4675 file_info
->ChangeTime
= cpu_to_le64(time
);
4676 file_info
->DosAttributes
= fp
->f_ci
->m_fattr
;
4677 file_info
->Inode
= cpu_to_le64(inode
->i_ino
);
4678 file_info
->EndOfFile
= cpu_to_le64(inode
->i_size
);
4679 file_info
->AllocationSize
= cpu_to_le64(inode
->i_blocks
<< 9);
4680 file_info
->HardLinks
= cpu_to_le32(inode
->i_nlink
);
4681 file_info
->Mode
= cpu_to_le32(inode
->i_mode
);
4682 file_info
->DeviceId
= cpu_to_le32(inode
->i_rdev
);
4683 rsp
->OutputBufferLength
=
4684 cpu_to_le32(sizeof(struct smb311_posix_qinfo
));
4685 inc_rfc1001_len(rsp_org
, sizeof(struct smb311_posix_qinfo
));
4689 static int smb2_get_info_file(struct ksmbd_work
*work
,
4690 struct smb2_query_info_req
*req
,
4691 struct smb2_query_info_rsp
*rsp
, void *rsp_org
)
4693 struct ksmbd_file
*fp
;
4694 int fileinfoclass
= 0;
4696 int file_infoclass_size
;
4697 unsigned int id
= KSMBD_NO_FID
, pid
= KSMBD_NO_FID
;
4699 if (test_share_config_flag(work
->tcon
->share_conf
,
4700 KSMBD_SHARE_FLAG_PIPE
)) {
4701 /* smb2 info file called for pipe */
4702 return smb2_get_info_file_pipe(work
->sess
, req
, rsp
);
4705 if (work
->next_smb2_rcv_hdr_off
) {
4706 if (!has_file_id(le64_to_cpu(req
->VolatileFileId
))) {
4707 ksmbd_debug(SMB
, "Compound request set FID = %llu\n",
4708 work
->compound_fid
);
4709 id
= work
->compound_fid
;
4710 pid
= work
->compound_pfid
;
4714 if (!has_file_id(id
)) {
4715 id
= le64_to_cpu(req
->VolatileFileId
);
4716 pid
= le64_to_cpu(req
->PersistentFileId
);
4719 fp
= ksmbd_lookup_fd_slow(work
, id
, pid
);
4723 fileinfoclass
= req
->FileInfoClass
;
4725 switch (fileinfoclass
) {
4726 case FILE_ACCESS_INFORMATION
:
4727 get_file_access_info(rsp
, fp
, rsp_org
);
4728 file_infoclass_size
= FILE_ACCESS_INFORMATION_SIZE
;
4731 case FILE_BASIC_INFORMATION
:
4732 rc
= get_file_basic_info(rsp
, fp
, rsp_org
);
4733 file_infoclass_size
= FILE_BASIC_INFORMATION_SIZE
;
4736 case FILE_STANDARD_INFORMATION
:
4737 get_file_standard_info(rsp
, fp
, rsp_org
);
4738 file_infoclass_size
= FILE_STANDARD_INFORMATION_SIZE
;
4741 case FILE_ALIGNMENT_INFORMATION
:
4742 get_file_alignment_info(rsp
, rsp_org
);
4743 file_infoclass_size
= FILE_ALIGNMENT_INFORMATION_SIZE
;
4746 case FILE_ALL_INFORMATION
:
4747 rc
= get_file_all_info(work
, rsp
, fp
, rsp_org
);
4748 file_infoclass_size
= FILE_ALL_INFORMATION_SIZE
;
4751 case FILE_ALTERNATE_NAME_INFORMATION
:
4752 get_file_alternate_info(work
, rsp
, fp
, rsp_org
);
4753 file_infoclass_size
= FILE_ALTERNATE_NAME_INFORMATION_SIZE
;
4756 case FILE_STREAM_INFORMATION
:
4757 get_file_stream_info(work
, rsp
, fp
, rsp_org
);
4758 file_infoclass_size
= FILE_STREAM_INFORMATION_SIZE
;
4761 case FILE_INTERNAL_INFORMATION
:
4762 get_file_internal_info(rsp
, fp
, rsp_org
);
4763 file_infoclass_size
= FILE_INTERNAL_INFORMATION_SIZE
;
4766 case FILE_NETWORK_OPEN_INFORMATION
:
4767 rc
= get_file_network_open_info(rsp
, fp
, rsp_org
);
4768 file_infoclass_size
= FILE_NETWORK_OPEN_INFORMATION_SIZE
;
4771 case FILE_EA_INFORMATION
:
4772 get_file_ea_info(rsp
, rsp_org
);
4773 file_infoclass_size
= FILE_EA_INFORMATION_SIZE
;
4776 case FILE_FULL_EA_INFORMATION
:
4777 rc
= smb2_get_ea(work
, fp
, req
, rsp
, rsp_org
);
4778 file_infoclass_size
= FILE_FULL_EA_INFORMATION_SIZE
;
4781 case FILE_POSITION_INFORMATION
:
4782 get_file_position_info(rsp
, fp
, rsp_org
);
4783 file_infoclass_size
= FILE_POSITION_INFORMATION_SIZE
;
4786 case FILE_MODE_INFORMATION
:
4787 get_file_mode_info(rsp
, fp
, rsp_org
);
4788 file_infoclass_size
= FILE_MODE_INFORMATION_SIZE
;
4791 case FILE_COMPRESSION_INFORMATION
:
4792 get_file_compression_info(rsp
, fp
, rsp_org
);
4793 file_infoclass_size
= FILE_COMPRESSION_INFORMATION_SIZE
;
4796 case FILE_ATTRIBUTE_TAG_INFORMATION
:
4797 rc
= get_file_attribute_tag_info(rsp
, fp
, rsp_org
);
4798 file_infoclass_size
= FILE_ATTRIBUTE_TAG_INFORMATION_SIZE
;
4800 case SMB_FIND_FILE_POSIX_INFO
:
4801 if (!work
->tcon
->posix_extensions
) {
4802 pr_err("client doesn't negotiate with SMB3.1.1 POSIX Extensions\n");
4805 rc
= find_file_posix_info(rsp
, fp
, rsp_org
);
4806 file_infoclass_size
= sizeof(struct smb311_posix_qinfo
);
4810 ksmbd_debug(SMB
, "fileinfoclass %d not supported yet\n",
4815 rc
= buffer_check_err(le32_to_cpu(req
->OutputBufferLength
),
4817 file_infoclass_size
);
4818 ksmbd_fd_put(work
, fp
);
4822 static int smb2_get_info_filesystem(struct ksmbd_work
*work
,
4823 struct smb2_query_info_req
*req
,
4824 struct smb2_query_info_rsp
*rsp
, void *rsp_org
)
4826 struct ksmbd_session
*sess
= work
->sess
;
4827 struct ksmbd_conn
*conn
= sess
->conn
;
4828 struct ksmbd_share_config
*share
= work
->tcon
->share_conf
;
4829 int fsinfoclass
= 0;
4830 struct kstatfs stfs
;
4833 int fs_infoclass_size
= 0;
4835 rc
= kern_path(share
->path
, LOOKUP_NO_SYMLINKS
, &path
);
4837 pr_err("cannot create vfs path\n");
4841 rc
= vfs_statfs(&path
, &stfs
);
4843 pr_err("cannot do stat of path %s\n", share
->path
);
4848 fsinfoclass
= req
->FileInfoClass
;
4850 switch (fsinfoclass
) {
4851 case FS_DEVICE_INFORMATION
:
4853 struct filesystem_device_info
*info
;
4855 info
= (struct filesystem_device_info
*)rsp
->Buffer
;
4857 info
->DeviceType
= cpu_to_le32(stfs
.f_type
);
4858 info
->DeviceCharacteristics
= cpu_to_le32(0x00000020);
4859 rsp
->OutputBufferLength
= cpu_to_le32(8);
4860 inc_rfc1001_len(rsp_org
, 8);
4861 fs_infoclass_size
= FS_DEVICE_INFORMATION_SIZE
;
4864 case FS_ATTRIBUTE_INFORMATION
:
4866 struct filesystem_attribute_info
*info
;
4869 info
= (struct filesystem_attribute_info
*)rsp
->Buffer
;
4870 info
->Attributes
= cpu_to_le32(FILE_SUPPORTS_OBJECT_IDS
|
4871 FILE_PERSISTENT_ACLS
|
4872 FILE_UNICODE_ON_DISK
|
4873 FILE_CASE_PRESERVED_NAMES
|
4874 FILE_CASE_SENSITIVE_SEARCH
|
4875 FILE_SUPPORTS_BLOCK_REFCOUNTING
);
4877 info
->Attributes
|= cpu_to_le32(server_conf
.share_fake_fscaps
);
4879 info
->MaxPathNameComponentLength
= cpu_to_le32(stfs
.f_namelen
);
4880 len
= smbConvertToUTF16((__le16
*)info
->FileSystemName
,
4881 "NTFS", PATH_MAX
, conn
->local_nls
, 0);
4883 info
->FileSystemNameLen
= cpu_to_le32(len
);
4884 sz
= sizeof(struct filesystem_attribute_info
) - 2 + len
;
4885 rsp
->OutputBufferLength
= cpu_to_le32(sz
);
4886 inc_rfc1001_len(rsp_org
, sz
);
4887 fs_infoclass_size
= FS_ATTRIBUTE_INFORMATION_SIZE
;
4890 case FS_VOLUME_INFORMATION
:
4892 struct filesystem_vol_info
*info
;
4894 unsigned int serial_crc
= 0;
4896 info
= (struct filesystem_vol_info
*)(rsp
->Buffer
);
4897 info
->VolumeCreationTime
= 0;
4898 serial_crc
= crc32_le(serial_crc
, share
->name
,
4899 strlen(share
->name
));
4900 serial_crc
= crc32_le(serial_crc
, share
->path
,
4901 strlen(share
->path
));
4902 serial_crc
= crc32_le(serial_crc
, ksmbd_netbios_name(),
4903 strlen(ksmbd_netbios_name()));
4904 /* Taking dummy value of serial number*/
4905 info
->SerialNumber
= cpu_to_le32(serial_crc
);
4906 len
= smbConvertToUTF16((__le16
*)info
->VolumeLabel
,
4907 share
->name
, PATH_MAX
,
4908 conn
->local_nls
, 0);
4910 info
->VolumeLabelSize
= cpu_to_le32(len
);
4912 sz
= sizeof(struct filesystem_vol_info
) - 2 + len
;
4913 rsp
->OutputBufferLength
= cpu_to_le32(sz
);
4914 inc_rfc1001_len(rsp_org
, sz
);
4915 fs_infoclass_size
= FS_VOLUME_INFORMATION_SIZE
;
4918 case FS_SIZE_INFORMATION
:
4920 struct filesystem_info
*info
;
4922 info
= (struct filesystem_info
*)(rsp
->Buffer
);
4923 info
->TotalAllocationUnits
= cpu_to_le64(stfs
.f_blocks
);
4924 info
->FreeAllocationUnits
= cpu_to_le64(stfs
.f_bfree
);
4925 info
->SectorsPerAllocationUnit
= cpu_to_le32(1);
4926 info
->BytesPerSector
= cpu_to_le32(stfs
.f_bsize
);
4927 rsp
->OutputBufferLength
= cpu_to_le32(24);
4928 inc_rfc1001_len(rsp_org
, 24);
4929 fs_infoclass_size
= FS_SIZE_INFORMATION_SIZE
;
4932 case FS_FULL_SIZE_INFORMATION
:
4934 struct smb2_fs_full_size_info
*info
;
4936 info
= (struct smb2_fs_full_size_info
*)(rsp
->Buffer
);
4937 info
->TotalAllocationUnits
= cpu_to_le64(stfs
.f_blocks
);
4938 info
->CallerAvailableAllocationUnits
=
4939 cpu_to_le64(stfs
.f_bavail
);
4940 info
->ActualAvailableAllocationUnits
=
4941 cpu_to_le64(stfs
.f_bfree
);
4942 info
->SectorsPerAllocationUnit
= cpu_to_le32(1);
4943 info
->BytesPerSector
= cpu_to_le32(stfs
.f_bsize
);
4944 rsp
->OutputBufferLength
= cpu_to_le32(32);
4945 inc_rfc1001_len(rsp_org
, 32);
4946 fs_infoclass_size
= FS_FULL_SIZE_INFORMATION_SIZE
;
4949 case FS_OBJECT_ID_INFORMATION
:
4951 struct object_id_info
*info
;
4953 info
= (struct object_id_info
*)(rsp
->Buffer
);
4955 if (!user_guest(sess
->user
))
4956 memcpy(info
->objid
, user_passkey(sess
->user
), 16);
4958 memset(info
->objid
, 0, 16);
4960 info
->extended_info
.magic
= cpu_to_le32(EXTENDED_INFO_MAGIC
);
4961 info
->extended_info
.version
= cpu_to_le32(1);
4962 info
->extended_info
.release
= cpu_to_le32(1);
4963 info
->extended_info
.rel_date
= 0;
4964 memcpy(info
->extended_info
.version_string
, "1.1.0", strlen("1.1.0"));
4965 rsp
->OutputBufferLength
= cpu_to_le32(64);
4966 inc_rfc1001_len(rsp_org
, 64);
4967 fs_infoclass_size
= FS_OBJECT_ID_INFORMATION_SIZE
;
4970 case FS_SECTOR_SIZE_INFORMATION
:
4972 struct smb3_fs_ss_info
*info
;
4974 info
= (struct smb3_fs_ss_info
*)(rsp
->Buffer
);
4976 info
->LogicalBytesPerSector
= cpu_to_le32(stfs
.f_bsize
);
4977 info
->PhysicalBytesPerSectorForAtomicity
=
4978 cpu_to_le32(stfs
.f_bsize
);
4979 info
->PhysicalBytesPerSectorForPerf
= cpu_to_le32(stfs
.f_bsize
);
4980 info
->FSEffPhysicalBytesPerSectorForAtomicity
=
4981 cpu_to_le32(stfs
.f_bsize
);
4982 info
->Flags
= cpu_to_le32(SSINFO_FLAGS_ALIGNED_DEVICE
|
4983 SSINFO_FLAGS_PARTITION_ALIGNED_ON_DEVICE
);
4984 info
->ByteOffsetForSectorAlignment
= 0;
4985 info
->ByteOffsetForPartitionAlignment
= 0;
4986 rsp
->OutputBufferLength
= cpu_to_le32(28);
4987 inc_rfc1001_len(rsp_org
, 28);
4988 fs_infoclass_size
= FS_SECTOR_SIZE_INFORMATION_SIZE
;
4991 case FS_CONTROL_INFORMATION
:
4994 * TODO : The current implementation is based on
4995 * test result with win7(NTFS) server. It's need to
4996 * modify this to get valid Quota values
4999 struct smb2_fs_control_info
*info
;
5001 info
= (struct smb2_fs_control_info
*)(rsp
->Buffer
);
5002 info
->FreeSpaceStartFiltering
= 0;
5003 info
->FreeSpaceThreshold
= 0;
5004 info
->FreeSpaceStopFiltering
= 0;
5005 info
->DefaultQuotaThreshold
= cpu_to_le64(SMB2_NO_FID
);
5006 info
->DefaultQuotaLimit
= cpu_to_le64(SMB2_NO_FID
);
5008 rsp
->OutputBufferLength
= cpu_to_le32(48);
5009 inc_rfc1001_len(rsp_org
, 48);
5010 fs_infoclass_size
= FS_CONTROL_INFORMATION_SIZE
;
5013 case FS_POSIX_INFORMATION
:
5015 struct filesystem_posix_info
*info
;
5017 if (!work
->tcon
->posix_extensions
) {
5018 pr_err("client doesn't negotiate with SMB3.1.1 POSIX Extensions\n");
5021 info
= (struct filesystem_posix_info
*)(rsp
->Buffer
);
5022 info
->OptimalTransferSize
= cpu_to_le32(stfs
.f_bsize
);
5023 info
->BlockSize
= cpu_to_le32(stfs
.f_bsize
);
5024 info
->TotalBlocks
= cpu_to_le64(stfs
.f_blocks
);
5025 info
->BlocksAvail
= cpu_to_le64(stfs
.f_bfree
);
5026 info
->UserBlocksAvail
= cpu_to_le64(stfs
.f_bavail
);
5027 info
->TotalFileNodes
= cpu_to_le64(stfs
.f_files
);
5028 info
->FreeFileNodes
= cpu_to_le64(stfs
.f_ffree
);
5029 rsp
->OutputBufferLength
= cpu_to_le32(56);
5030 inc_rfc1001_len(rsp_org
, 56);
5031 fs_infoclass_size
= FS_POSIX_INFORMATION_SIZE
;
5039 rc
= buffer_check_err(le32_to_cpu(req
->OutputBufferLength
),
5046 static int smb2_get_info_sec(struct ksmbd_work
*work
,
5047 struct smb2_query_info_req
*req
,
5048 struct smb2_query_info_rsp
*rsp
, void *rsp_org
)
5050 struct ksmbd_file
*fp
;
5051 struct user_namespace
*user_ns
;
5052 struct smb_ntsd
*pntsd
= (struct smb_ntsd
*)rsp
->Buffer
, *ppntsd
= NULL
;
5053 struct smb_fattr fattr
= {{0}};
5054 struct inode
*inode
;
5056 unsigned int id
= KSMBD_NO_FID
, pid
= KSMBD_NO_FID
;
5057 int addition_info
= le32_to_cpu(req
->AdditionalInformation
);
5060 if (addition_info
& ~(OWNER_SECINFO
| GROUP_SECINFO
| DACL_SECINFO
|
5061 PROTECTED_DACL_SECINFO
|
5062 UNPROTECTED_DACL_SECINFO
)) {
5063 pr_err("Unsupported addition info: 0x%x)\n",
5066 pntsd
->revision
= cpu_to_le16(1);
5067 pntsd
->type
= cpu_to_le16(SELF_RELATIVE
| DACL_PROTECTED
);
5068 pntsd
->osidoffset
= 0;
5069 pntsd
->gsidoffset
= 0;
5070 pntsd
->sacloffset
= 0;
5071 pntsd
->dacloffset
= 0;
5073 secdesclen
= sizeof(struct smb_ntsd
);
5074 rsp
->OutputBufferLength
= cpu_to_le32(secdesclen
);
5075 inc_rfc1001_len(rsp_org
, secdesclen
);
5080 if (work
->next_smb2_rcv_hdr_off
) {
5081 if (!has_file_id(le64_to_cpu(req
->VolatileFileId
))) {
5082 ksmbd_debug(SMB
, "Compound request set FID = %llu\n",
5083 work
->compound_fid
);
5084 id
= work
->compound_fid
;
5085 pid
= work
->compound_pfid
;
5089 if (!has_file_id(id
)) {
5090 id
= le64_to_cpu(req
->VolatileFileId
);
5091 pid
= le64_to_cpu(req
->PersistentFileId
);
5094 fp
= ksmbd_lookup_fd_slow(work
, id
, pid
);
5098 user_ns
= file_mnt_user_ns(fp
->filp
);
5099 inode
= file_inode(fp
->filp
);
5100 ksmbd_acls_fattr(&fattr
, user_ns
, inode
);
5102 if (test_share_config_flag(work
->tcon
->share_conf
,
5103 KSMBD_SHARE_FLAG_ACL_XATTR
))
5104 ksmbd_vfs_get_sd_xattr(work
->conn
, user_ns
,
5105 fp
->filp
->f_path
.dentry
, &ppntsd
);
5107 rc
= build_sec_desc(user_ns
, pntsd
, ppntsd
, addition_info
,
5108 &secdesclen
, &fattr
);
5109 posix_acl_release(fattr
.cf_acls
);
5110 posix_acl_release(fattr
.cf_dacls
);
5112 ksmbd_fd_put(work
, fp
);
5116 rsp
->OutputBufferLength
= cpu_to_le32(secdesclen
);
5117 inc_rfc1001_len(rsp_org
, secdesclen
);
5122 * smb2_query_info() - handler for smb2 query info command
5123 * @work: smb work containing query info request buffer
5125 * Return: 0 on success, otherwise error
5127 int smb2_query_info(struct ksmbd_work
*work
)
5129 struct smb2_query_info_req
*req
;
5130 struct smb2_query_info_rsp
*rsp
, *rsp_org
;
5133 rsp_org
= work
->response_buf
;
5134 WORK_BUFFERS(work
, req
, rsp
);
5136 ksmbd_debug(SMB
, "GOT query info request\n");
5138 switch (req
->InfoType
) {
5139 case SMB2_O_INFO_FILE
:
5140 ksmbd_debug(SMB
, "GOT SMB2_O_INFO_FILE\n");
5141 rc
= smb2_get_info_file(work
, req
, rsp
, (void *)rsp_org
);
5143 case SMB2_O_INFO_FILESYSTEM
:
5144 ksmbd_debug(SMB
, "GOT SMB2_O_INFO_FILESYSTEM\n");
5145 rc
= smb2_get_info_filesystem(work
, req
, rsp
, (void *)rsp_org
);
5147 case SMB2_O_INFO_SECURITY
:
5148 ksmbd_debug(SMB
, "GOT SMB2_O_INFO_SECURITY\n");
5149 rc
= smb2_get_info_sec(work
, req
, rsp
, (void *)rsp_org
);
5152 ksmbd_debug(SMB
, "InfoType %d not supported yet\n",
5159 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
5160 else if (rc
== -ENOENT
)
5161 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
5162 else if (rc
== -EIO
)
5163 rsp
->hdr
.Status
= STATUS_UNEXPECTED_IO_ERROR
;
5164 else if (rc
== -EOPNOTSUPP
|| rsp
->hdr
.Status
== 0)
5165 rsp
->hdr
.Status
= STATUS_INVALID_INFO_CLASS
;
5166 smb2_set_err_rsp(work
);
5168 ksmbd_debug(SMB
, "error while processing smb2 query rc = %d\n",
5172 rsp
->StructureSize
= cpu_to_le16(9);
5173 rsp
->OutputBufferOffset
= cpu_to_le16(72);
5174 inc_rfc1001_len(rsp_org
, 8);
5179 * smb2_close_pipe() - handler for closing IPC pipe
5180 * @work: smb work containing close request buffer
5184 static noinline
int smb2_close_pipe(struct ksmbd_work
*work
)
5187 struct smb2_close_req
*req
= work
->request_buf
;
5188 struct smb2_close_rsp
*rsp
= work
->response_buf
;
5190 id
= le64_to_cpu(req
->VolatileFileId
);
5191 ksmbd_session_rpc_close(work
->sess
, id
);
5193 rsp
->StructureSize
= cpu_to_le16(60);
5196 rsp
->CreationTime
= 0;
5197 rsp
->LastAccessTime
= 0;
5198 rsp
->LastWriteTime
= 0;
5199 rsp
->ChangeTime
= 0;
5200 rsp
->AllocationSize
= 0;
5202 rsp
->Attributes
= 0;
5203 inc_rfc1001_len(rsp
, 60);
5208 * smb2_close() - handler for smb2 close file command
5209 * @work: smb work containing close request buffer
5213 int smb2_close(struct ksmbd_work
*work
)
5215 u64 volatile_id
= KSMBD_NO_FID
;
5217 struct smb2_close_req
*req
;
5218 struct smb2_close_rsp
*rsp
;
5219 struct smb2_close_rsp
*rsp_org
;
5220 struct ksmbd_conn
*conn
= work
->conn
;
5221 struct ksmbd_file
*fp
;
5222 struct inode
*inode
;
5226 rsp_org
= work
->response_buf
;
5227 WORK_BUFFERS(work
, req
, rsp
);
5229 if (test_share_config_flag(work
->tcon
->share_conf
,
5230 KSMBD_SHARE_FLAG_PIPE
)) {
5231 ksmbd_debug(SMB
, "IPC pipe close request\n");
5232 return smb2_close_pipe(work
);
5235 sess_id
= le64_to_cpu(req
->hdr
.SessionId
);
5236 if (req
->hdr
.Flags
& SMB2_FLAGS_RELATED_OPERATIONS
)
5237 sess_id
= work
->compound_sid
;
5239 work
->compound_sid
= 0;
5240 if (check_session_id(conn
, sess_id
)) {
5241 work
->compound_sid
= sess_id
;
5243 rsp
->hdr
.Status
= STATUS_USER_SESSION_DELETED
;
5244 if (req
->hdr
.Flags
& SMB2_FLAGS_RELATED_OPERATIONS
)
5245 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
5250 if (work
->next_smb2_rcv_hdr_off
&&
5251 !has_file_id(le64_to_cpu(req
->VolatileFileId
))) {
5252 if (!has_file_id(work
->compound_fid
)) {
5253 /* file already closed, return FILE_CLOSED */
5254 ksmbd_debug(SMB
, "file already closed\n");
5255 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
5260 "Compound request set FID = %llu:%llu\n",
5262 work
->compound_pfid
);
5263 volatile_id
= work
->compound_fid
;
5265 /* file closed, stored id is not valid anymore */
5266 work
->compound_fid
= KSMBD_NO_FID
;
5267 work
->compound_pfid
= KSMBD_NO_FID
;
5270 volatile_id
= le64_to_cpu(req
->VolatileFileId
);
5272 ksmbd_debug(SMB
, "volatile_id = %llu\n", volatile_id
);
5274 rsp
->StructureSize
= cpu_to_le16(60);
5277 if (req
->Flags
== SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB
) {
5278 fp
= ksmbd_lookup_fd_fast(work
, volatile_id
);
5284 inode
= file_inode(fp
->filp
);
5285 rsp
->Flags
= SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB
;
5286 rsp
->AllocationSize
= S_ISDIR(inode
->i_mode
) ? 0 :
5287 cpu_to_le64(inode
->i_blocks
<< 9);
5288 rsp
->EndOfFile
= cpu_to_le64(inode
->i_size
);
5289 rsp
->Attributes
= fp
->f_ci
->m_fattr
;
5290 rsp
->CreationTime
= cpu_to_le64(fp
->create_time
);
5291 time
= ksmbd_UnixTimeToNT(inode
->i_atime
);
5292 rsp
->LastAccessTime
= cpu_to_le64(time
);
5293 time
= ksmbd_UnixTimeToNT(inode
->i_mtime
);
5294 rsp
->LastWriteTime
= cpu_to_le64(time
);
5295 time
= ksmbd_UnixTimeToNT(inode
->i_ctime
);
5296 rsp
->ChangeTime
= cpu_to_le64(time
);
5297 ksmbd_fd_put(work
, fp
);
5300 rsp
->AllocationSize
= 0;
5302 rsp
->Attributes
= 0;
5303 rsp
->CreationTime
= 0;
5304 rsp
->LastAccessTime
= 0;
5305 rsp
->LastWriteTime
= 0;
5306 rsp
->ChangeTime
= 0;
5309 err
= ksmbd_close_fd(work
, volatile_id
);
5312 if (rsp
->hdr
.Status
== 0)
5313 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
5314 smb2_set_err_rsp(work
);
5316 inc_rfc1001_len(rsp_org
, 60);
5323 * smb2_echo() - handler for smb2 echo(ping) command
5324 * @work: smb work containing echo request buffer
5328 int smb2_echo(struct ksmbd_work
*work
)
5330 struct smb2_echo_rsp
*rsp
= work
->response_buf
;
5332 rsp
->StructureSize
= cpu_to_le16(4);
5334 inc_rfc1001_len(rsp
, 4);
5338 static int smb2_rename(struct ksmbd_work
*work
,
5339 struct ksmbd_file
*fp
,
5340 struct user_namespace
*user_ns
,
5341 struct smb2_file_rename_info
*file_info
,
5342 struct nls_table
*local_nls
)
5344 struct ksmbd_share_config
*share
= fp
->tcon
->share_conf
;
5345 char *new_name
= NULL
, *abs_oldname
= NULL
, *old_name
= NULL
;
5346 char *pathname
= NULL
;
5348 bool file_present
= true;
5351 ksmbd_debug(SMB
, "setting FILE_RENAME_INFO\n");
5352 pathname
= kmalloc(PATH_MAX
, GFP_KERNEL
);
5356 abs_oldname
= d_path(&fp
->filp
->f_path
, pathname
, PATH_MAX
);
5357 if (IS_ERR(abs_oldname
)) {
5361 old_name
= strrchr(abs_oldname
, '/');
5362 if (old_name
&& old_name
[1] != '\0') {
5365 ksmbd_debug(SMB
, "can't get last component in path %s\n",
5371 new_name
= smb2_get_name(share
,
5372 file_info
->FileName
,
5373 le32_to_cpu(file_info
->FileNameLength
),
5375 if (IS_ERR(new_name
)) {
5376 rc
= PTR_ERR(new_name
);
5380 if (strchr(new_name
, ':')) {
5382 char *xattr_stream_name
, *stream_name
= NULL
;
5383 size_t xattr_stream_size
;
5386 rc
= parse_stream_name(new_name
, &stream_name
, &s_type
);
5390 len
= strlen(new_name
);
5391 if (len
> 0 && new_name
[len
- 1] != '/') {
5392 pr_err("not allow base filename in rename\n");
5397 rc
= ksmbd_vfs_xattr_stream_name(stream_name
,
5404 rc
= ksmbd_vfs_setxattr(user_ns
,
5405 fp
->filp
->f_path
.dentry
,
5409 pr_err("failed to store stream name in xattr: %d\n",
5418 ksmbd_debug(SMB
, "new name %s\n", new_name
);
5419 rc
= ksmbd_vfs_kern_path(work
, new_name
, LOOKUP_NO_SYMLINKS
, &path
, 1);
5423 file_present
= false;
5428 if (ksmbd_share_veto_filename(share
, new_name
)) {
5430 ksmbd_debug(SMB
, "Can't rename vetoed file: %s\n", new_name
);
5434 if (file_info
->ReplaceIfExists
) {
5436 rc
= ksmbd_vfs_remove_file(work
, new_name
);
5438 if (rc
!= -ENOTEMPTY
)
5440 ksmbd_debug(SMB
, "cannot delete %s, rc %d\n",
5447 strncmp(old_name
, path
.dentry
->d_name
.name
, strlen(old_name
))) {
5450 "cannot rename already existing file\n");
5455 rc
= ksmbd_vfs_fp_rename(work
, fp
, new_name
);
5458 if (!IS_ERR(new_name
))
5463 static int smb2_create_link(struct ksmbd_work
*work
,
5464 struct ksmbd_share_config
*share
,
5465 struct smb2_file_link_info
*file_info
,
5466 unsigned int buf_len
, struct file
*filp
,
5467 struct nls_table
*local_nls
)
5469 char *link_name
= NULL
, *target_name
= NULL
, *pathname
= NULL
;
5471 bool file_present
= true;
5474 if (buf_len
< (u64
)sizeof(struct smb2_file_link_info
) +
5475 le32_to_cpu(file_info
->FileNameLength
))
5478 ksmbd_debug(SMB
, "setting FILE_LINK_INFORMATION\n");
5479 pathname
= kmalloc(PATH_MAX
, GFP_KERNEL
);
5483 link_name
= smb2_get_name(share
,
5484 file_info
->FileName
,
5485 le32_to_cpu(file_info
->FileNameLength
),
5487 if (IS_ERR(link_name
) || S_ISDIR(file_inode(filp
)->i_mode
)) {
5492 ksmbd_debug(SMB
, "link name is %s\n", link_name
);
5493 target_name
= d_path(&filp
->f_path
, pathname
, PATH_MAX
);
5494 if (IS_ERR(target_name
)) {
5499 ksmbd_debug(SMB
, "target name is %s\n", target_name
);
5500 rc
= ksmbd_vfs_kern_path(work
, link_name
, LOOKUP_NO_SYMLINKS
, &path
, 0);
5504 file_present
= false;
5509 if (file_info
->ReplaceIfExists
) {
5511 rc
= ksmbd_vfs_remove_file(work
, link_name
);
5514 ksmbd_debug(SMB
, "cannot delete %s\n",
5522 ksmbd_debug(SMB
, "link already exists\n");
5527 rc
= ksmbd_vfs_link(work
, target_name
, link_name
);
5531 if (!IS_ERR(link_name
))
5537 static int set_file_basic_info(struct ksmbd_file
*fp
,
5538 struct smb2_file_basic_info
*file_info
,
5539 struct ksmbd_share_config
*share
)
5543 struct inode
*inode
;
5544 struct user_namespace
*user_ns
;
5547 if (!(fp
->daccess
& FILE_WRITE_ATTRIBUTES_LE
))
5552 inode
= file_inode(filp
);
5553 user_ns
= file_mnt_user_ns(filp
);
5555 if (file_info
->CreationTime
)
5556 fp
->create_time
= le64_to_cpu(file_info
->CreationTime
);
5558 if (file_info
->LastAccessTime
) {
5559 attrs
.ia_atime
= ksmbd_NTtimeToUnix(file_info
->LastAccessTime
);
5560 attrs
.ia_valid
|= (ATTR_ATIME
| ATTR_ATIME_SET
);
5563 attrs
.ia_valid
|= ATTR_CTIME
;
5564 if (file_info
->ChangeTime
)
5565 attrs
.ia_ctime
= ksmbd_NTtimeToUnix(file_info
->ChangeTime
);
5567 attrs
.ia_ctime
= inode
->i_ctime
;
5569 if (file_info
->LastWriteTime
) {
5570 attrs
.ia_mtime
= ksmbd_NTtimeToUnix(file_info
->LastWriteTime
);
5571 attrs
.ia_valid
|= (ATTR_MTIME
| ATTR_MTIME_SET
);
5574 if (file_info
->Attributes
) {
5575 if (!S_ISDIR(inode
->i_mode
) &&
5576 file_info
->Attributes
& ATTR_DIRECTORY_LE
) {
5577 pr_err("can't change a file to a directory\n");
5581 if (!(S_ISDIR(inode
->i_mode
) && file_info
->Attributes
== ATTR_NORMAL_LE
))
5582 fp
->f_ci
->m_fattr
= file_info
->Attributes
|
5583 (fp
->f_ci
->m_fattr
& ATTR_DIRECTORY_LE
);
5586 if (test_share_config_flag(share
, KSMBD_SHARE_FLAG_STORE_DOS_ATTRS
) &&
5587 (file_info
->CreationTime
|| file_info
->Attributes
)) {
5588 struct xattr_dos_attrib da
= {0};
5591 da
.itime
= fp
->itime
;
5592 da
.create_time
= fp
->create_time
;
5593 da
.attr
= le32_to_cpu(fp
->f_ci
->m_fattr
);
5594 da
.flags
= XATTR_DOSINFO_ATTRIB
| XATTR_DOSINFO_CREATE_TIME
|
5595 XATTR_DOSINFO_ITIME
;
5597 rc
= ksmbd_vfs_set_dos_attrib_xattr(user_ns
,
5598 filp
->f_path
.dentry
, &da
);
5601 "failed to restore file attribute in EA\n");
5605 if (attrs
.ia_valid
) {
5606 struct dentry
*dentry
= filp
->f_path
.dentry
;
5607 struct inode
*inode
= d_inode(dentry
);
5609 if (IS_IMMUTABLE(inode
) || IS_APPEND(inode
))
5613 inode
->i_ctime
= attrs
.ia_ctime
;
5614 attrs
.ia_valid
&= ~ATTR_CTIME
;
5615 rc
= notify_change(user_ns
, dentry
, &attrs
, NULL
);
5616 inode_unlock(inode
);
5621 static int set_file_allocation_info(struct ksmbd_work
*work
,
5622 struct ksmbd_file
*fp
,
5623 struct smb2_file_alloc_info
*file_alloc_info
)
5626 * TODO : It's working fine only when store dos attributes
5627 * is not yes. need to implement a logic which works
5628 * properly with any smb.conf option
5632 struct inode
*inode
;
5635 if (!(fp
->daccess
& FILE_WRITE_DATA_LE
))
5638 alloc_blks
= (le64_to_cpu(file_alloc_info
->AllocationSize
) + 511) >> 9;
5639 inode
= file_inode(fp
->filp
);
5641 if (alloc_blks
> inode
->i_blocks
) {
5642 smb_break_all_levII_oplock(work
, fp
, 1);
5643 rc
= vfs_fallocate(fp
->filp
, FALLOC_FL_KEEP_SIZE
, 0,
5645 if (rc
&& rc
!= -EOPNOTSUPP
) {
5646 pr_err("vfs_fallocate is failed : %d\n", rc
);
5649 } else if (alloc_blks
< inode
->i_blocks
) {
5653 * Allocation size could be smaller than original one
5654 * which means allocated blocks in file should be
5655 * deallocated. use truncate to cut out it, but inode
5656 * size is also updated with truncate offset.
5657 * inode size is retained by backup inode size.
5659 size
= i_size_read(inode
);
5660 rc
= ksmbd_vfs_truncate(work
, fp
, alloc_blks
* 512);
5662 pr_err("truncate failed! filename : %s, err %d\n",
5666 if (size
< alloc_blks
* 512)
5667 i_size_write(inode
, size
);
5672 static int set_end_of_file_info(struct ksmbd_work
*work
, struct ksmbd_file
*fp
,
5673 struct smb2_file_eof_info
*file_eof_info
)
5676 struct inode
*inode
;
5679 if (!(fp
->daccess
& FILE_WRITE_DATA_LE
))
5682 newsize
= le64_to_cpu(file_eof_info
->EndOfFile
);
5683 inode
= file_inode(fp
->filp
);
5686 * If FILE_END_OF_FILE_INFORMATION of set_info_file is called
5687 * on FAT32 shared device, truncate execution time is too long
5688 * and network error could cause from windows client. because
5689 * truncate of some filesystem like FAT32 fill zero data in
5692 if (inode
->i_sb
->s_magic
!= MSDOS_SUPER_MAGIC
) {
5693 ksmbd_debug(SMB
, "filename : %s truncated to newsize %lld\n",
5694 fp
->filename
, newsize
);
5695 rc
= ksmbd_vfs_truncate(work
, fp
, newsize
);
5697 ksmbd_debug(SMB
, "truncate failed! filename : %s err %d\n",
5707 static int set_rename_info(struct ksmbd_work
*work
, struct ksmbd_file
*fp
,
5708 struct smb2_file_rename_info
*rename_info
,
5709 unsigned int buf_len
)
5711 struct user_namespace
*user_ns
;
5712 struct ksmbd_file
*parent_fp
;
5713 struct dentry
*parent
;
5714 struct dentry
*dentry
= fp
->filp
->f_path
.dentry
;
5717 if (!(fp
->daccess
& FILE_DELETE_LE
)) {
5718 pr_err("no right to delete : 0x%x\n", fp
->daccess
);
5722 if (buf_len
< (u64
)sizeof(struct smb2_file_rename_info
) +
5723 le32_to_cpu(rename_info
->FileNameLength
))
5726 user_ns
= file_mnt_user_ns(fp
->filp
);
5727 if (ksmbd_stream_fd(fp
))
5730 parent
= dget_parent(dentry
);
5731 ret
= ksmbd_vfs_lock_parent(user_ns
, parent
, dentry
);
5737 parent_fp
= ksmbd_lookup_fd_inode(d_inode(parent
));
5738 inode_unlock(d_inode(parent
));
5742 if (parent_fp
->daccess
& FILE_DELETE_LE
) {
5743 pr_err("parent dir is opened with delete access\n");
5748 return smb2_rename(work
, fp
, user_ns
, rename_info
,
5749 work
->sess
->conn
->local_nls
);
5752 static int set_file_disposition_info(struct ksmbd_file
*fp
,
5753 struct smb2_file_disposition_info
*file_info
)
5755 struct inode
*inode
;
5757 if (!(fp
->daccess
& FILE_DELETE_LE
)) {
5758 pr_err("no right to delete : 0x%x\n", fp
->daccess
);
5762 inode
= file_inode(fp
->filp
);
5763 if (file_info
->DeletePending
) {
5764 if (S_ISDIR(inode
->i_mode
) &&
5765 ksmbd_vfs_empty_dir(fp
) == -ENOTEMPTY
)
5767 ksmbd_set_inode_pending_delete(fp
);
5769 ksmbd_clear_inode_pending_delete(fp
);
5774 static int set_file_position_info(struct ksmbd_file
*fp
,
5775 struct smb2_file_pos_info
*file_info
)
5777 loff_t current_byte_offset
;
5778 unsigned long sector_size
;
5779 struct inode
*inode
;
5781 inode
= file_inode(fp
->filp
);
5782 current_byte_offset
= le64_to_cpu(file_info
->CurrentByteOffset
);
5783 sector_size
= inode
->i_sb
->s_blocksize
;
5785 if (current_byte_offset
< 0 ||
5786 (fp
->coption
== FILE_NO_INTERMEDIATE_BUFFERING_LE
&&
5787 current_byte_offset
& (sector_size
- 1))) {
5788 pr_err("CurrentByteOffset is not valid : %llu\n",
5789 current_byte_offset
);
5793 fp
->filp
->f_pos
= current_byte_offset
;
5797 static int set_file_mode_info(struct ksmbd_file
*fp
,
5798 struct smb2_file_mode_info
*file_info
)
5802 mode
= file_info
->Mode
;
5804 if ((mode
& ~FILE_MODE_INFO_MASK
) ||
5805 (mode
& FILE_SYNCHRONOUS_IO_ALERT_LE
&&
5806 mode
& FILE_SYNCHRONOUS_IO_NONALERT_LE
)) {
5807 pr_err("Mode is not valid : 0x%x\n", le32_to_cpu(mode
));
5812 * TODO : need to implement consideration for
5813 * FILE_SYNCHRONOUS_IO_ALERT and FILE_SYNCHRONOUS_IO_NONALERT
5815 ksmbd_vfs_set_fadvise(fp
->filp
, mode
);
5821 * smb2_set_info_file() - handler for smb2 set info command
5822 * @work: smb work containing set info command buffer
5823 * @fp: ksmbd_file pointer
5824 * @info_class: smb2 set info class
5825 * @share: ksmbd_share_config pointer
5827 * Return: 0 on success, otherwise error
5828 * TODO: need to implement an error handling for STATUS_INFO_LENGTH_MISMATCH
5830 static int smb2_set_info_file(struct ksmbd_work
*work
, struct ksmbd_file
*fp
,
5831 struct smb2_set_info_req
*req
,
5832 struct ksmbd_share_config
*share
)
5834 unsigned int buf_len
= le32_to_cpu(req
->BufferLength
);
5836 switch (req
->FileInfoClass
) {
5837 case FILE_BASIC_INFORMATION
:
5839 if (buf_len
< sizeof(struct smb2_file_basic_info
))
5842 return set_file_basic_info(fp
, (struct smb2_file_basic_info
*)req
->Buffer
, share
);
5844 case FILE_ALLOCATION_INFORMATION
:
5846 if (buf_len
< sizeof(struct smb2_file_alloc_info
))
5849 return set_file_allocation_info(work
, fp
,
5850 (struct smb2_file_alloc_info
*)req
->Buffer
);
5852 case FILE_END_OF_FILE_INFORMATION
:
5854 if (buf_len
< sizeof(struct smb2_file_eof_info
))
5857 return set_end_of_file_info(work
, fp
,
5858 (struct smb2_file_eof_info
*)req
->Buffer
);
5860 case FILE_RENAME_INFORMATION
:
5862 if (!test_tree_conn_flag(work
->tcon
, KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
5864 "User does not have write permission\n");
5868 if (buf_len
< sizeof(struct smb2_file_rename_info
))
5871 return set_rename_info(work
, fp
,
5872 (struct smb2_file_rename_info
*)req
->Buffer
,
5875 case FILE_LINK_INFORMATION
:
5877 if (buf_len
< sizeof(struct smb2_file_link_info
))
5880 return smb2_create_link(work
, work
->tcon
->share_conf
,
5881 (struct smb2_file_link_info
*)req
->Buffer
,
5883 work
->sess
->conn
->local_nls
);
5885 case FILE_DISPOSITION_INFORMATION
:
5887 if (!test_tree_conn_flag(work
->tcon
, KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
5889 "User does not have write permission\n");
5893 if (buf_len
< sizeof(struct smb2_file_disposition_info
))
5896 return set_file_disposition_info(fp
,
5897 (struct smb2_file_disposition_info
*)req
->Buffer
);
5899 case FILE_FULL_EA_INFORMATION
:
5901 if (!(fp
->daccess
& FILE_WRITE_EA_LE
)) {
5902 pr_err("Not permitted to write ext attr: 0x%x\n",
5907 if (buf_len
< sizeof(struct smb2_ea_info
))
5910 return smb2_set_ea((struct smb2_ea_info
*)req
->Buffer
,
5911 buf_len
, &fp
->filp
->f_path
);
5913 case FILE_POSITION_INFORMATION
:
5915 if (buf_len
< sizeof(struct smb2_file_pos_info
))
5918 return set_file_position_info(fp
, (struct smb2_file_pos_info
*)req
->Buffer
);
5920 case FILE_MODE_INFORMATION
:
5922 if (buf_len
< sizeof(struct smb2_file_mode_info
))
5925 return set_file_mode_info(fp
, (struct smb2_file_mode_info
*)req
->Buffer
);
5929 pr_err("Unimplemented Fileinfoclass :%d\n", req
->FileInfoClass
);
5933 static int smb2_set_info_sec(struct ksmbd_file
*fp
, int addition_info
,
5934 char *buffer
, int buf_len
)
5936 struct smb_ntsd
*pntsd
= (struct smb_ntsd
*)buffer
;
5938 fp
->saccess
|= FILE_SHARE_DELETE_LE
;
5940 return set_info_sec(fp
->conn
, fp
->tcon
, &fp
->filp
->f_path
, pntsd
,
5945 * smb2_set_info() - handler for smb2 set info command handler
5946 * @work: smb work containing set info request buffer
5948 * Return: 0 on success, otherwise error
5950 int smb2_set_info(struct ksmbd_work
*work
)
5952 struct smb2_set_info_req
*req
;
5953 struct smb2_set_info_rsp
*rsp
, *rsp_org
;
5954 struct ksmbd_file
*fp
;
5956 unsigned int id
= KSMBD_NO_FID
, pid
= KSMBD_NO_FID
;
5958 ksmbd_debug(SMB
, "Received set info request\n");
5960 rsp_org
= work
->response_buf
;
5961 if (work
->next_smb2_rcv_hdr_off
) {
5962 req
= ksmbd_req_buf_next(work
);
5963 rsp
= ksmbd_resp_buf_next(work
);
5964 if (!has_file_id(le64_to_cpu(req
->VolatileFileId
))) {
5965 ksmbd_debug(SMB
, "Compound request set FID = %llu\n",
5966 work
->compound_fid
);
5967 id
= work
->compound_fid
;
5968 pid
= work
->compound_pfid
;
5971 req
= work
->request_buf
;
5972 rsp
= work
->response_buf
;
5975 if (!has_file_id(id
)) {
5976 id
= le64_to_cpu(req
->VolatileFileId
);
5977 pid
= le64_to_cpu(req
->PersistentFileId
);
5980 fp
= ksmbd_lookup_fd_slow(work
, id
, pid
);
5982 ksmbd_debug(SMB
, "Invalid id for close: %u\n", id
);
5987 switch (req
->InfoType
) {
5988 case SMB2_O_INFO_FILE
:
5989 ksmbd_debug(SMB
, "GOT SMB2_O_INFO_FILE\n");
5990 rc
= smb2_set_info_file(work
, fp
, req
, work
->tcon
->share_conf
);
5992 case SMB2_O_INFO_SECURITY
:
5993 ksmbd_debug(SMB
, "GOT SMB2_O_INFO_SECURITY\n");
5994 if (ksmbd_override_fsids(work
)) {
5998 rc
= smb2_set_info_sec(fp
,
5999 le32_to_cpu(req
->AdditionalInformation
),
6001 le32_to_cpu(req
->BufferLength
));
6002 ksmbd_revert_fsids(work
);
6011 rsp
->StructureSize
= cpu_to_le16(2);
6012 inc_rfc1001_len(rsp_org
, 2);
6013 ksmbd_fd_put(work
, fp
);
6017 if (rc
== -EACCES
|| rc
== -EPERM
|| rc
== -EXDEV
)
6018 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
6019 else if (rc
== -EINVAL
)
6020 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
6021 else if (rc
== -ESHARE
)
6022 rsp
->hdr
.Status
= STATUS_SHARING_VIOLATION
;
6023 else if (rc
== -ENOENT
)
6024 rsp
->hdr
.Status
= STATUS_OBJECT_NAME_INVALID
;
6025 else if (rc
== -EBUSY
|| rc
== -ENOTEMPTY
)
6026 rsp
->hdr
.Status
= STATUS_DIRECTORY_NOT_EMPTY
;
6027 else if (rc
== -EAGAIN
)
6028 rsp
->hdr
.Status
= STATUS_FILE_LOCK_CONFLICT
;
6029 else if (rc
== -EBADF
|| rc
== -ESTALE
)
6030 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
6031 else if (rc
== -EEXIST
)
6032 rsp
->hdr
.Status
= STATUS_OBJECT_NAME_COLLISION
;
6033 else if (rsp
->hdr
.Status
== 0 || rc
== -EOPNOTSUPP
)
6034 rsp
->hdr
.Status
= STATUS_INVALID_INFO_CLASS
;
6035 smb2_set_err_rsp(work
);
6036 ksmbd_fd_put(work
, fp
);
6037 ksmbd_debug(SMB
, "error while processing smb2 query rc = %d\n", rc
);
6042 * smb2_read_pipe() - handler for smb2 read from IPC pipe
6043 * @work: smb work containing read IPC pipe command buffer
6045 * Return: 0 on success, otherwise error
6047 static noinline
int smb2_read_pipe(struct ksmbd_work
*work
)
6049 int nbytes
= 0, err
;
6051 struct ksmbd_rpc_command
*rpc_resp
;
6052 struct smb2_read_req
*req
= work
->request_buf
;
6053 struct smb2_read_rsp
*rsp
= work
->response_buf
;
6055 id
= le64_to_cpu(req
->VolatileFileId
);
6057 inc_rfc1001_len(rsp
, 16);
6058 rpc_resp
= ksmbd_rpc_read(work
->sess
, id
);
6060 if (rpc_resp
->flags
!= KSMBD_RPC_OK
) {
6065 work
->aux_payload_buf
=
6066 kvmalloc(rpc_resp
->payload_sz
, GFP_KERNEL
| __GFP_ZERO
);
6067 if (!work
->aux_payload_buf
) {
6072 memcpy(work
->aux_payload_buf
, rpc_resp
->payload
,
6073 rpc_resp
->payload_sz
);
6075 nbytes
= rpc_resp
->payload_sz
;
6076 work
->resp_hdr_sz
= get_rfc1002_len(rsp
) + 4;
6077 work
->aux_payload_sz
= nbytes
;
6081 rsp
->StructureSize
= cpu_to_le16(17);
6082 rsp
->DataOffset
= 80;
6084 rsp
->DataLength
= cpu_to_le32(nbytes
);
6085 rsp
->DataRemaining
= 0;
6087 inc_rfc1001_len(rsp
, nbytes
);
6091 rsp
->hdr
.Status
= STATUS_UNEXPECTED_IO_ERROR
;
6092 smb2_set_err_rsp(work
);
6097 static ssize_t
smb2_read_rdma_channel(struct ksmbd_work
*work
,
6098 struct smb2_read_req
*req
, void *data_buf
,
6101 struct smb2_buffer_desc_v1
*desc
=
6102 (struct smb2_buffer_desc_v1
*)&req
->Buffer
[0];
6105 if (work
->conn
->dialect
== SMB30_PROT_ID
&&
6106 req
->Channel
!= SMB2_CHANNEL_RDMA_V1
)
6109 if (req
->ReadChannelInfoOffset
== 0 ||
6110 le16_to_cpu(req
->ReadChannelInfoLength
) < sizeof(*desc
))
6113 work
->need_invalidate_rkey
=
6114 (req
->Channel
== SMB2_CHANNEL_RDMA_V1_INVALIDATE
);
6115 work
->remote_key
= le32_to_cpu(desc
->token
);
6117 err
= ksmbd_conn_rdma_write(work
->conn
, data_buf
, length
,
6118 le32_to_cpu(desc
->token
),
6119 le64_to_cpu(desc
->offset
),
6120 le32_to_cpu(desc
->length
));
6128 * smb2_read() - handler for smb2 read from file
6129 * @work: smb work containing read command buffer
6131 * Return: 0 on success, otherwise error
6133 int smb2_read(struct ksmbd_work
*work
)
6135 struct ksmbd_conn
*conn
= work
->conn
;
6136 struct smb2_read_req
*req
;
6137 struct smb2_read_rsp
*rsp
, *rsp_org
;
6138 struct ksmbd_file
*fp
;
6140 size_t length
, mincount
;
6141 ssize_t nbytes
= 0, remain_bytes
= 0;
6144 rsp_org
= work
->response_buf
;
6145 WORK_BUFFERS(work
, req
, rsp
);
6147 if (test_share_config_flag(work
->tcon
->share_conf
,
6148 KSMBD_SHARE_FLAG_PIPE
)) {
6149 ksmbd_debug(SMB
, "IPC pipe read request\n");
6150 return smb2_read_pipe(work
);
6153 fp
= ksmbd_lookup_fd_slow(work
, le64_to_cpu(req
->VolatileFileId
),
6154 le64_to_cpu(req
->PersistentFileId
));
6160 if (!(fp
->daccess
& (FILE_READ_DATA_LE
| FILE_READ_ATTRIBUTES_LE
))) {
6161 pr_err("Not permitted to read : 0x%x\n", fp
->daccess
);
6166 offset
= le64_to_cpu(req
->Offset
);
6167 length
= le32_to_cpu(req
->Length
);
6168 mincount
= le32_to_cpu(req
->MinimumCount
);
6170 if (length
> conn
->vals
->max_read_size
) {
6171 ksmbd_debug(SMB
, "limiting read size to max size(%u)\n",
6172 conn
->vals
->max_read_size
);
6177 ksmbd_debug(SMB
, "filename %pd, offset %lld, len %zu\n",
6178 fp
->filp
->f_path
.dentry
, offset
, length
);
6180 work
->aux_payload_buf
= kvmalloc(length
, GFP_KERNEL
| __GFP_ZERO
);
6181 if (!work
->aux_payload_buf
) {
6186 nbytes
= ksmbd_vfs_read(work
, fp
, length
, &offset
);
6192 if ((nbytes
== 0 && length
!= 0) || nbytes
< mincount
) {
6193 kvfree(work
->aux_payload_buf
);
6194 work
->aux_payload_buf
= NULL
;
6195 rsp
->hdr
.Status
= STATUS_END_OF_FILE
;
6196 smb2_set_err_rsp(work
);
6197 ksmbd_fd_put(work
, fp
);
6201 ksmbd_debug(SMB
, "nbytes %zu, offset %lld mincount %zu\n",
6202 nbytes
, offset
, mincount
);
6204 if (req
->Channel
== SMB2_CHANNEL_RDMA_V1_INVALIDATE
||
6205 req
->Channel
== SMB2_CHANNEL_RDMA_V1
) {
6206 /* write data to the client using rdma channel */
6207 remain_bytes
= smb2_read_rdma_channel(work
, req
,
6208 work
->aux_payload_buf
,
6210 kvfree(work
->aux_payload_buf
);
6211 work
->aux_payload_buf
= NULL
;
6214 if (remain_bytes
< 0) {
6215 err
= (int)remain_bytes
;
6220 rsp
->StructureSize
= cpu_to_le16(17);
6221 rsp
->DataOffset
= 80;
6223 rsp
->DataLength
= cpu_to_le32(nbytes
);
6224 rsp
->DataRemaining
= cpu_to_le32(remain_bytes
);
6226 inc_rfc1001_len(rsp_org
, 16);
6227 work
->resp_hdr_sz
= get_rfc1002_len(rsp_org
) + 4;
6228 work
->aux_payload_sz
= nbytes
;
6229 inc_rfc1001_len(rsp_org
, nbytes
);
6230 ksmbd_fd_put(work
, fp
);
6236 rsp
->hdr
.Status
= STATUS_INVALID_DEVICE_REQUEST
;
6237 else if (err
== -EAGAIN
)
6238 rsp
->hdr
.Status
= STATUS_FILE_LOCK_CONFLICT
;
6239 else if (err
== -ENOENT
)
6240 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
6241 else if (err
== -EACCES
)
6242 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
6243 else if (err
== -ESHARE
)
6244 rsp
->hdr
.Status
= STATUS_SHARING_VIOLATION
;
6245 else if (err
== -EINVAL
)
6246 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
6248 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
6250 smb2_set_err_rsp(work
);
6252 ksmbd_fd_put(work
, fp
);
6257 * smb2_write_pipe() - handler for smb2 write on IPC pipe
6258 * @work: smb work containing write IPC pipe command buffer
6260 * Return: 0 on success, otherwise error
6262 static noinline
int smb2_write_pipe(struct ksmbd_work
*work
)
6264 struct smb2_write_req
*req
= work
->request_buf
;
6265 struct smb2_write_rsp
*rsp
= work
->response_buf
;
6266 struct ksmbd_rpc_command
*rpc_resp
;
6268 int err
= 0, ret
= 0;
6272 length
= le32_to_cpu(req
->Length
);
6273 id
= le64_to_cpu(req
->VolatileFileId
);
6275 if (le16_to_cpu(req
->DataOffset
) ==
6276 (offsetof(struct smb2_write_req
, Buffer
) - 4)) {
6277 data_buf
= (char *)&req
->Buffer
[0];
6279 if ((u64
)le16_to_cpu(req
->DataOffset
) + length
> get_rfc1002_len(req
)) {
6280 pr_err("invalid write data offset %u, smb_len %u\n",
6281 le16_to_cpu(req
->DataOffset
),
6282 get_rfc1002_len(req
));
6287 data_buf
= (char *)(((char *)&req
->hdr
.ProtocolId
) +
6288 le16_to_cpu(req
->DataOffset
));
6291 rpc_resp
= ksmbd_rpc_write(work
->sess
, id
, data_buf
, length
);
6293 if (rpc_resp
->flags
== KSMBD_RPC_ENOTIMPLEMENTED
) {
6294 rsp
->hdr
.Status
= STATUS_NOT_SUPPORTED
;
6296 smb2_set_err_rsp(work
);
6299 if (rpc_resp
->flags
!= KSMBD_RPC_OK
) {
6300 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
6301 smb2_set_err_rsp(work
);
6308 rsp
->StructureSize
= cpu_to_le16(17);
6309 rsp
->DataOffset
= 0;
6311 rsp
->DataLength
= cpu_to_le32(length
);
6312 rsp
->DataRemaining
= 0;
6314 inc_rfc1001_len(rsp
, 16);
6318 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
6319 smb2_set_err_rsp(work
);
6325 static ssize_t
smb2_write_rdma_channel(struct ksmbd_work
*work
,
6326 struct smb2_write_req
*req
,
6327 struct ksmbd_file
*fp
,
6328 loff_t offset
, size_t length
, bool sync
)
6330 struct smb2_buffer_desc_v1
*desc
;
6335 desc
= (struct smb2_buffer_desc_v1
*)&req
->Buffer
[0];
6337 if (work
->conn
->dialect
== SMB30_PROT_ID
&&
6338 req
->Channel
!= SMB2_CHANNEL_RDMA_V1
)
6341 if (req
->Length
!= 0 || req
->DataOffset
!= 0)
6344 if (req
->WriteChannelInfoOffset
== 0 ||
6345 le16_to_cpu(req
->WriteChannelInfoLength
) < sizeof(*desc
))
6348 work
->need_invalidate_rkey
=
6349 (req
->Channel
== SMB2_CHANNEL_RDMA_V1_INVALIDATE
);
6350 work
->remote_key
= le32_to_cpu(desc
->token
);
6352 data_buf
= kvmalloc(length
, GFP_KERNEL
| __GFP_ZERO
);
6356 ret
= ksmbd_conn_rdma_read(work
->conn
, data_buf
, length
,
6357 le32_to_cpu(desc
->token
),
6358 le64_to_cpu(desc
->offset
),
6359 le32_to_cpu(desc
->length
));
6365 ret
= ksmbd_vfs_write(work
, fp
, data_buf
, length
, &offset
, sync
, &nbytes
);
6374 * smb2_write() - handler for smb2 write from file
6375 * @work: smb work containing write command buffer
6377 * Return: 0 on success, otherwise error
6379 int smb2_write(struct ksmbd_work
*work
)
6381 struct smb2_write_req
*req
;
6382 struct smb2_write_rsp
*rsp
, *rsp_org
;
6383 struct ksmbd_file
*fp
= NULL
;
6388 bool writethrough
= false;
6391 rsp_org
= work
->response_buf
;
6392 WORK_BUFFERS(work
, req
, rsp
);
6394 if (test_share_config_flag(work
->tcon
->share_conf
, KSMBD_SHARE_FLAG_PIPE
)) {
6395 ksmbd_debug(SMB
, "IPC pipe write request\n");
6396 return smb2_write_pipe(work
);
6399 if (!test_tree_conn_flag(work
->tcon
, KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
6400 ksmbd_debug(SMB
, "User does not have write permission\n");
6405 fp
= ksmbd_lookup_fd_slow(work
, le64_to_cpu(req
->VolatileFileId
),
6406 le64_to_cpu(req
->PersistentFileId
));
6412 if (!(fp
->daccess
& (FILE_WRITE_DATA_LE
| FILE_READ_ATTRIBUTES_LE
))) {
6413 pr_err("Not permitted to write : 0x%x\n", fp
->daccess
);
6418 offset
= le64_to_cpu(req
->Offset
);
6419 length
= le32_to_cpu(req
->Length
);
6421 if (length
> work
->conn
->vals
->max_write_size
) {
6422 ksmbd_debug(SMB
, "limiting write size to max size(%u)\n",
6423 work
->conn
->vals
->max_write_size
);
6428 if (le32_to_cpu(req
->Flags
) & SMB2_WRITEFLAG_WRITE_THROUGH
)
6429 writethrough
= true;
6431 if (req
->Channel
!= SMB2_CHANNEL_RDMA_V1
&&
6432 req
->Channel
!= SMB2_CHANNEL_RDMA_V1_INVALIDATE
) {
6433 if (le16_to_cpu(req
->DataOffset
) ==
6434 (offsetof(struct smb2_write_req
, Buffer
) - 4)) {
6435 data_buf
= (char *)&req
->Buffer
[0];
6437 if ((u64
)le16_to_cpu(req
->DataOffset
) + length
> get_rfc1002_len(req
)) {
6438 pr_err("invalid write data offset %u, smb_len %u\n",
6439 le16_to_cpu(req
->DataOffset
),
6440 get_rfc1002_len(req
));
6445 data_buf
= (char *)(((char *)&req
->hdr
.ProtocolId
) +
6446 le16_to_cpu(req
->DataOffset
));
6449 ksmbd_debug(SMB
, "flags %u\n", le32_to_cpu(req
->Flags
));
6450 if (le32_to_cpu(req
->Flags
) & SMB2_WRITEFLAG_WRITE_THROUGH
)
6451 writethrough
= true;
6453 ksmbd_debug(SMB
, "filename %pd, offset %lld, len %zu\n",
6454 fp
->filp
->f_path
.dentry
, offset
, length
);
6455 err
= ksmbd_vfs_write(work
, fp
, data_buf
, length
, &offset
,
6456 writethrough
, &nbytes
);
6460 /* read data from the client using rdma channel, and
6463 nbytes
= smb2_write_rdma_channel(work
, req
, fp
, offset
,
6464 le32_to_cpu(req
->RemainingBytes
),
6472 rsp
->StructureSize
= cpu_to_le16(17);
6473 rsp
->DataOffset
= 0;
6475 rsp
->DataLength
= cpu_to_le32(nbytes
);
6476 rsp
->DataRemaining
= 0;
6478 inc_rfc1001_len(rsp_org
, 16);
6479 ksmbd_fd_put(work
, fp
);
6484 rsp
->hdr
.Status
= STATUS_FILE_LOCK_CONFLICT
;
6485 else if (err
== -ENOSPC
|| err
== -EFBIG
)
6486 rsp
->hdr
.Status
= STATUS_DISK_FULL
;
6487 else if (err
== -ENOENT
)
6488 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
6489 else if (err
== -EACCES
)
6490 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
6491 else if (err
== -ESHARE
)
6492 rsp
->hdr
.Status
= STATUS_SHARING_VIOLATION
;
6493 else if (err
== -EINVAL
)
6494 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
6496 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
6498 smb2_set_err_rsp(work
);
6499 ksmbd_fd_put(work
, fp
);
6504 * smb2_flush() - handler for smb2 flush file - fsync
6505 * @work: smb work containing flush command buffer
6507 * Return: 0 on success, otherwise error
6509 int smb2_flush(struct ksmbd_work
*work
)
6511 struct smb2_flush_req
*req
;
6512 struct smb2_flush_rsp
*rsp
, *rsp_org
;
6515 rsp_org
= work
->response_buf
;
6516 WORK_BUFFERS(work
, req
, rsp
);
6518 ksmbd_debug(SMB
, "SMB2_FLUSH called for fid %llu\n",
6519 le64_to_cpu(req
->VolatileFileId
));
6521 err
= ksmbd_vfs_fsync(work
,
6522 le64_to_cpu(req
->VolatileFileId
),
6523 le64_to_cpu(req
->PersistentFileId
));
6527 rsp
->StructureSize
= cpu_to_le16(4);
6529 inc_rfc1001_len(rsp_org
, 4);
6534 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
6535 smb2_set_err_rsp(work
);
6542 * smb2_cancel() - handler for smb2 cancel command
6543 * @work: smb work containing cancel command buffer
6545 * Return: 0 on success, otherwise error
6547 int smb2_cancel(struct ksmbd_work
*work
)
6549 struct ksmbd_conn
*conn
= work
->conn
;
6550 struct smb2_hdr
*hdr
= work
->request_buf
;
6551 struct smb2_hdr
*chdr
;
6552 struct ksmbd_work
*cancel_work
= NULL
;
6554 struct list_head
*command_list
;
6556 ksmbd_debug(SMB
, "smb2 cancel called on mid %llu, async flags 0x%x\n",
6557 hdr
->MessageId
, hdr
->Flags
);
6559 if (hdr
->Flags
& SMB2_FLAGS_ASYNC_COMMAND
) {
6560 command_list
= &conn
->async_requests
;
6562 spin_lock(&conn
->request_lock
);
6563 list_for_each_entry(cancel_work
, command_list
,
6564 async_request_entry
) {
6565 chdr
= cancel_work
->request_buf
;
6567 if (cancel_work
->async_id
!=
6568 le64_to_cpu(hdr
->Id
.AsyncId
))
6572 "smb2 with AsyncId %llu cancelled command = 0x%x\n",
6573 le64_to_cpu(hdr
->Id
.AsyncId
),
6574 le16_to_cpu(chdr
->Command
));
6578 spin_unlock(&conn
->request_lock
);
6580 command_list
= &conn
->requests
;
6582 spin_lock(&conn
->request_lock
);
6583 list_for_each_entry(cancel_work
, command_list
, request_entry
) {
6584 chdr
= cancel_work
->request_buf
;
6586 if (chdr
->MessageId
!= hdr
->MessageId
||
6587 cancel_work
== work
)
6591 "smb2 with mid %llu cancelled command = 0x%x\n",
6592 le64_to_cpu(hdr
->MessageId
),
6593 le16_to_cpu(chdr
->Command
));
6597 spin_unlock(&conn
->request_lock
);
6601 cancel_work
->state
= KSMBD_WORK_CANCELLED
;
6602 if (cancel_work
->cancel_fn
)
6603 cancel_work
->cancel_fn(cancel_work
->cancel_argv
);
6606 /* For SMB2_CANCEL command itself send no response*/
6607 work
->send_no_response
= 1;
6611 struct file_lock
*smb_flock_init(struct file
*f
)
6613 struct file_lock
*fl
;
6615 fl
= locks_alloc_lock();
6619 locks_init_lock(fl
);
6622 fl
->fl_pid
= current
->tgid
;
6624 fl
->fl_flags
= FL_POSIX
;
6626 fl
->fl_lmops
= NULL
;
6632 static int smb2_set_flock_flags(struct file_lock
*flock
, int flags
)
6636 /* Checking for wrong flag combination during lock request*/
6638 case SMB2_LOCKFLAG_SHARED
:
6639 ksmbd_debug(SMB
, "received shared request\n");
6641 flock
->fl_type
= F_RDLCK
;
6642 flock
->fl_flags
|= FL_SLEEP
;
6644 case SMB2_LOCKFLAG_EXCLUSIVE
:
6645 ksmbd_debug(SMB
, "received exclusive request\n");
6647 flock
->fl_type
= F_WRLCK
;
6648 flock
->fl_flags
|= FL_SLEEP
;
6650 case SMB2_LOCKFLAG_SHARED
| SMB2_LOCKFLAG_FAIL_IMMEDIATELY
:
6652 "received shared & fail immediately request\n");
6654 flock
->fl_type
= F_RDLCK
;
6656 case SMB2_LOCKFLAG_EXCLUSIVE
| SMB2_LOCKFLAG_FAIL_IMMEDIATELY
:
6658 "received exclusive & fail immediately request\n");
6660 flock
->fl_type
= F_WRLCK
;
6662 case SMB2_LOCKFLAG_UNLOCK
:
6663 ksmbd_debug(SMB
, "received unlock request\n");
6664 flock
->fl_type
= F_UNLCK
;
6672 static struct ksmbd_lock
*smb2_lock_init(struct file_lock
*flock
,
6673 unsigned int cmd
, int flags
,
6674 struct list_head
*lock_list
)
6676 struct ksmbd_lock
*lock
;
6678 lock
= kzalloc(sizeof(struct ksmbd_lock
), GFP_KERNEL
);
6684 lock
->start
= flock
->fl_start
;
6685 lock
->end
= flock
->fl_end
;
6686 lock
->flags
= flags
;
6687 if (lock
->start
== lock
->end
)
6689 INIT_LIST_HEAD(&lock
->clist
);
6690 INIT_LIST_HEAD(&lock
->flist
);
6691 INIT_LIST_HEAD(&lock
->llist
);
6692 list_add_tail(&lock
->llist
, lock_list
);
6697 static void smb2_remove_blocked_lock(void **argv
)
6699 struct file_lock
*flock
= (struct file_lock
*)argv
[0];
6701 ksmbd_vfs_posix_lock_unblock(flock
);
6702 wake_up(&flock
->fl_wait
);
6705 static inline bool lock_defer_pending(struct file_lock
*fl
)
6707 /* check pending lock waiters */
6708 return waitqueue_active(&fl
->fl_wait
);
6712 * smb2_lock() - handler for smb2 file lock command
6713 * @work: smb work containing lock command buffer
6715 * Return: 0 on success, otherwise error
6717 int smb2_lock(struct ksmbd_work
*work
)
6719 struct smb2_lock_req
*req
= work
->request_buf
;
6720 struct smb2_lock_rsp
*rsp
= work
->response_buf
;
6721 struct smb2_lock_element
*lock_ele
;
6722 struct ksmbd_file
*fp
= NULL
;
6723 struct file_lock
*flock
= NULL
;
6724 struct file
*filp
= NULL
;
6728 int err
= -EIO
, i
, rc
= 0;
6729 u64 lock_start
, lock_length
;
6730 struct ksmbd_lock
*smb_lock
= NULL
, *cmp_lock
, *tmp
, *tmp2
;
6731 struct ksmbd_conn
*conn
;
6733 LIST_HEAD(lock_list
);
6734 LIST_HEAD(rollback_list
);
6737 ksmbd_debug(SMB
, "Received lock request\n");
6738 fp
= ksmbd_lookup_fd_slow(work
,
6739 le64_to_cpu(req
->VolatileFileId
),
6740 le64_to_cpu(req
->PersistentFileId
));
6742 ksmbd_debug(SMB
, "Invalid file id for lock : %llu\n",
6743 le64_to_cpu(req
->VolatileFileId
));
6749 lock_count
= le16_to_cpu(req
->LockCount
);
6750 lock_ele
= req
->locks
;
6752 ksmbd_debug(SMB
, "lock count is %d\n", lock_count
);
6758 for (i
= 0; i
< lock_count
; i
++) {
6759 flags
= le32_to_cpu(lock_ele
[i
].Flags
);
6761 flock
= smb_flock_init(filp
);
6765 cmd
= smb2_set_flock_flags(flock
, flags
);
6767 lock_start
= le64_to_cpu(lock_ele
[i
].Offset
);
6768 lock_length
= le64_to_cpu(lock_ele
[i
].Length
);
6769 if (lock_start
> U64_MAX
- lock_length
) {
6770 pr_err("Invalid lock range requested\n");
6771 rsp
->hdr
.Status
= STATUS_INVALID_LOCK_RANGE
;
6775 if (lock_start
> OFFSET_MAX
)
6776 flock
->fl_start
= OFFSET_MAX
;
6778 flock
->fl_start
= lock_start
;
6780 lock_length
= le64_to_cpu(lock_ele
[i
].Length
);
6781 if (lock_length
> OFFSET_MAX
- flock
->fl_start
)
6782 lock_length
= OFFSET_MAX
- flock
->fl_start
;
6784 flock
->fl_end
= flock
->fl_start
+ lock_length
;
6786 if (flock
->fl_end
< flock
->fl_start
) {
6788 "the end offset(%llx) is smaller than the start offset(%llx)\n",
6789 flock
->fl_end
, flock
->fl_start
);
6790 rsp
->hdr
.Status
= STATUS_INVALID_LOCK_RANGE
;
6794 /* Check conflict locks in one request */
6795 list_for_each_entry(cmp_lock
, &lock_list
, llist
) {
6796 if (cmp_lock
->fl
->fl_start
<= flock
->fl_start
&&
6797 cmp_lock
->fl
->fl_end
>= flock
->fl_end
) {
6798 if (cmp_lock
->fl
->fl_type
!= F_UNLCK
&&
6799 flock
->fl_type
!= F_UNLCK
) {
6800 pr_err("conflict two locks in one request\n");
6807 smb_lock
= smb2_lock_init(flock
, cmd
, flags
, &lock_list
);
6814 list_for_each_entry_safe(smb_lock
, tmp
, &lock_list
, llist
) {
6815 if (smb_lock
->cmd
< 0) {
6820 if (!(smb_lock
->flags
& SMB2_LOCKFLAG_MASK
)) {
6825 if ((prior_lock
& (SMB2_LOCKFLAG_EXCLUSIVE
| SMB2_LOCKFLAG_SHARED
) &&
6826 smb_lock
->flags
& SMB2_LOCKFLAG_UNLOCK
) ||
6827 (prior_lock
== SMB2_LOCKFLAG_UNLOCK
&&
6828 !(smb_lock
->flags
& SMB2_LOCKFLAG_UNLOCK
))) {
6833 prior_lock
= smb_lock
->flags
;
6835 if (!(smb_lock
->flags
& SMB2_LOCKFLAG_UNLOCK
) &&
6836 !(smb_lock
->flags
& SMB2_LOCKFLAG_FAIL_IMMEDIATELY
))
6840 /* check locks in connection list */
6841 read_lock(&conn_list_lock
);
6842 list_for_each_entry(conn
, &conn_list
, conns_list
) {
6843 spin_lock(&conn
->llist_lock
);
6844 list_for_each_entry_safe(cmp_lock
, tmp2
, &conn
->lock_list
, clist
) {
6845 if (file_inode(cmp_lock
->fl
->fl_file
) !=
6846 file_inode(smb_lock
->fl
->fl_file
))
6849 if (smb_lock
->fl
->fl_type
== F_UNLCK
) {
6850 if (cmp_lock
->fl
->fl_file
== smb_lock
->fl
->fl_file
&&
6851 cmp_lock
->start
== smb_lock
->start
&&
6852 cmp_lock
->end
== smb_lock
->end
&&
6853 !lock_defer_pending(cmp_lock
->fl
)) {
6855 list_del(&cmp_lock
->flist
);
6856 list_del(&cmp_lock
->clist
);
6857 spin_unlock(&conn
->llist_lock
);
6858 read_unlock(&conn_list_lock
);
6860 locks_free_lock(cmp_lock
->fl
);
6867 if (cmp_lock
->fl
->fl_file
== smb_lock
->fl
->fl_file
) {
6868 if (smb_lock
->flags
& SMB2_LOCKFLAG_SHARED
)
6871 if (cmp_lock
->flags
& SMB2_LOCKFLAG_SHARED
)
6875 /* check zero byte lock range */
6876 if (cmp_lock
->zero_len
&& !smb_lock
->zero_len
&&
6877 cmp_lock
->start
> smb_lock
->start
&&
6878 cmp_lock
->start
< smb_lock
->end
) {
6879 spin_unlock(&conn
->llist_lock
);
6880 read_unlock(&conn_list_lock
);
6881 pr_err("previous lock conflict with zero byte lock range\n");
6885 if (smb_lock
->zero_len
&& !cmp_lock
->zero_len
&&
6886 smb_lock
->start
> cmp_lock
->start
&&
6887 smb_lock
->start
< cmp_lock
->end
) {
6888 spin_unlock(&conn
->llist_lock
);
6889 read_unlock(&conn_list_lock
);
6890 pr_err("current lock conflict with zero byte lock range\n");
6894 if (((cmp_lock
->start
<= smb_lock
->start
&&
6895 cmp_lock
->end
> smb_lock
->start
) ||
6896 (cmp_lock
->start
< smb_lock
->end
&&
6897 cmp_lock
->end
>= smb_lock
->end
)) &&
6898 !cmp_lock
->zero_len
&& !smb_lock
->zero_len
) {
6899 spin_unlock(&conn
->llist_lock
);
6900 read_unlock(&conn_list_lock
);
6901 pr_err("Not allow lock operation on exclusive lock range\n");
6905 spin_unlock(&conn
->llist_lock
);
6907 read_unlock(&conn_list_lock
);
6909 if (smb_lock
->fl
->fl_type
== F_UNLCK
&& nolock
) {
6910 pr_err("Try to unlock nolocked range\n");
6911 rsp
->hdr
.Status
= STATUS_RANGE_NOT_LOCKED
;
6916 if (smb_lock
->zero_len
) {
6921 flock
= smb_lock
->fl
;
6922 list_del(&smb_lock
->llist
);
6924 rc
= vfs_lock_file(filp
, smb_lock
->cmd
, flock
, NULL
);
6926 if (flags
& SMB2_LOCKFLAG_UNLOCK
) {
6928 ksmbd_debug(SMB
, "File unlocked\n");
6929 } else if (rc
== -ENOENT
) {
6930 rsp
->hdr
.Status
= STATUS_NOT_LOCKED
;
6933 locks_free_lock(flock
);
6936 if (rc
== FILE_LOCK_DEFERRED
) {
6940 "would have to wait for getting lock\n");
6941 spin_lock(&work
->conn
->llist_lock
);
6942 list_add_tail(&smb_lock
->clist
,
6943 &work
->conn
->lock_list
);
6944 spin_unlock(&work
->conn
->llist_lock
);
6945 list_add(&smb_lock
->llist
, &rollback_list
);
6947 argv
= kmalloc(sizeof(void *), GFP_KERNEL
);
6954 rc
= setup_async_work(work
,
6955 smb2_remove_blocked_lock
,
6961 spin_lock(&fp
->f_lock
);
6962 list_add(&work
->fp_entry
, &fp
->blocked_works
);
6963 spin_unlock(&fp
->f_lock
);
6965 smb2_send_interim_resp(work
, STATUS_PENDING
);
6967 ksmbd_vfs_posix_lock_wait(flock
);
6969 if (work
->state
!= KSMBD_WORK_ACTIVE
) {
6970 list_del(&smb_lock
->llist
);
6971 spin_lock(&work
->conn
->llist_lock
);
6972 list_del(&smb_lock
->clist
);
6973 spin_unlock(&work
->conn
->llist_lock
);
6974 locks_free_lock(flock
);
6976 if (work
->state
== KSMBD_WORK_CANCELLED
) {
6977 spin_lock(&fp
->f_lock
);
6978 list_del(&work
->fp_entry
);
6979 spin_unlock(&fp
->f_lock
);
6983 smb2_send_interim_resp(work
,
6985 work
->send_no_response
= 1;
6988 init_smb2_rsp_hdr(work
);
6989 smb2_set_err_rsp(work
);
6991 STATUS_RANGE_NOT_LOCKED
;
6996 list_del(&smb_lock
->llist
);
6997 spin_lock(&work
->conn
->llist_lock
);
6998 list_del(&smb_lock
->clist
);
6999 spin_unlock(&work
->conn
->llist_lock
);
7001 spin_lock(&fp
->f_lock
);
7002 list_del(&work
->fp_entry
);
7003 spin_unlock(&fp
->f_lock
);
7006 spin_lock(&work
->conn
->llist_lock
);
7007 list_add_tail(&smb_lock
->clist
,
7008 &work
->conn
->lock_list
);
7009 list_add_tail(&smb_lock
->flist
,
7011 spin_unlock(&work
->conn
->llist_lock
);
7012 list_add(&smb_lock
->llist
, &rollback_list
);
7013 ksmbd_debug(SMB
, "successful in taking lock\n");
7020 if (atomic_read(&fp
->f_ci
->op_count
) > 1)
7021 smb_break_all_oplock(work
, fp
);
7023 rsp
->StructureSize
= cpu_to_le16(4);
7024 ksmbd_debug(SMB
, "successful in taking lock\n");
7025 rsp
->hdr
.Status
= STATUS_SUCCESS
;
7027 inc_rfc1001_len(rsp
, 4);
7028 ksmbd_fd_put(work
, fp
);
7032 list_for_each_entry_safe(smb_lock
, tmp
, &lock_list
, llist
) {
7033 locks_free_lock(smb_lock
->fl
);
7034 list_del(&smb_lock
->llist
);
7038 list_for_each_entry_safe(smb_lock
, tmp
, &rollback_list
, llist
) {
7039 struct file_lock
*rlock
= NULL
;
7041 rlock
= smb_flock_init(filp
);
7042 rlock
->fl_type
= F_UNLCK
;
7043 rlock
->fl_start
= smb_lock
->start
;
7044 rlock
->fl_end
= smb_lock
->end
;
7046 rc
= vfs_lock_file(filp
, 0, rlock
, NULL
);
7048 pr_err("rollback unlock fail : %d\n", rc
);
7050 list_del(&smb_lock
->llist
);
7051 spin_lock(&work
->conn
->llist_lock
);
7052 if (!list_empty(&smb_lock
->flist
))
7053 list_del(&smb_lock
->flist
);
7054 list_del(&smb_lock
->clist
);
7055 spin_unlock(&work
->conn
->llist_lock
);
7057 locks_free_lock(smb_lock
->fl
);
7058 locks_free_lock(rlock
);
7062 ksmbd_debug(SMB
, "failed in taking lock(flags : %x), err : %d\n", flags
, err
);
7064 if (!rsp
->hdr
.Status
) {
7066 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
7067 else if (err
== -ENOMEM
)
7068 rsp
->hdr
.Status
= STATUS_INSUFFICIENT_RESOURCES
;
7069 else if (err
== -ENOENT
)
7070 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
7072 rsp
->hdr
.Status
= STATUS_LOCK_NOT_GRANTED
;
7075 smb2_set_err_rsp(work
);
7076 ksmbd_fd_put(work
, fp
);
7080 static int fsctl_copychunk(struct ksmbd_work
*work
,
7081 struct copychunk_ioctl_req
*ci_req
,
7082 unsigned int cnt_code
,
7083 unsigned int input_count
,
7084 unsigned long long volatile_id
,
7085 unsigned long long persistent_id
,
7086 struct smb2_ioctl_rsp
*rsp
)
7088 struct copychunk_ioctl_rsp
*ci_rsp
;
7089 struct ksmbd_file
*src_fp
= NULL
, *dst_fp
= NULL
;
7090 struct srv_copychunk
*chunks
;
7091 unsigned int i
, chunk_count
, chunk_count_written
= 0;
7092 unsigned int chunk_size_written
= 0;
7093 loff_t total_size_written
= 0;
7096 ci_rsp
= (struct copychunk_ioctl_rsp
*)&rsp
->Buffer
[0];
7098 rsp
->VolatileFileId
= cpu_to_le64(volatile_id
);
7099 rsp
->PersistentFileId
= cpu_to_le64(persistent_id
);
7100 ci_rsp
->ChunksWritten
=
7101 cpu_to_le32(ksmbd_server_side_copy_max_chunk_count());
7102 ci_rsp
->ChunkBytesWritten
=
7103 cpu_to_le32(ksmbd_server_side_copy_max_chunk_size());
7104 ci_rsp
->TotalBytesWritten
=
7105 cpu_to_le32(ksmbd_server_side_copy_max_total_size());
7107 chunks
= (struct srv_copychunk
*)&ci_req
->Chunks
[0];
7108 chunk_count
= le32_to_cpu(ci_req
->ChunkCount
);
7109 if (chunk_count
== 0)
7111 total_size_written
= 0;
7113 /* verify the SRV_COPYCHUNK_COPY packet */
7114 if (chunk_count
> ksmbd_server_side_copy_max_chunk_count() ||
7115 input_count
< offsetof(struct copychunk_ioctl_req
, Chunks
) +
7116 chunk_count
* sizeof(struct srv_copychunk
)) {
7117 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
7121 for (i
= 0; i
< chunk_count
; i
++) {
7122 if (le32_to_cpu(chunks
[i
].Length
) == 0 ||
7123 le32_to_cpu(chunks
[i
].Length
) > ksmbd_server_side_copy_max_chunk_size())
7125 total_size_written
+= le32_to_cpu(chunks
[i
].Length
);
7128 if (i
< chunk_count
||
7129 total_size_written
> ksmbd_server_side_copy_max_total_size()) {
7130 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
7134 src_fp
= ksmbd_lookup_foreign_fd(work
,
7135 le64_to_cpu(ci_req
->ResumeKey
[0]));
7136 dst_fp
= ksmbd_lookup_fd_slow(work
, volatile_id
, persistent_id
);
7139 src_fp
->persistent_id
!= le64_to_cpu(ci_req
->ResumeKey
[1])) {
7140 rsp
->hdr
.Status
= STATUS_OBJECT_NAME_NOT_FOUND
;
7145 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
7150 * FILE_READ_DATA should only be included in
7151 * the FSCTL_COPYCHUNK case
7153 if (cnt_code
== FSCTL_COPYCHUNK
&&
7154 !(dst_fp
->daccess
& (FILE_READ_DATA_LE
| FILE_GENERIC_READ_LE
))) {
7155 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
7159 ret
= ksmbd_vfs_copy_file_ranges(work
, src_fp
, dst_fp
,
7160 chunks
, chunk_count
,
7161 &chunk_count_written
,
7162 &chunk_size_written
,
7163 &total_size_written
);
7166 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
7168 rsp
->hdr
.Status
= STATUS_FILE_LOCK_CONFLICT
;
7169 else if (ret
== -EBADF
)
7170 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
7171 else if (ret
== -EFBIG
|| ret
== -ENOSPC
)
7172 rsp
->hdr
.Status
= STATUS_DISK_FULL
;
7173 else if (ret
== -EINVAL
)
7174 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
7175 else if (ret
== -EISDIR
)
7176 rsp
->hdr
.Status
= STATUS_FILE_IS_A_DIRECTORY
;
7177 else if (ret
== -E2BIG
)
7178 rsp
->hdr
.Status
= STATUS_INVALID_VIEW_SIZE
;
7180 rsp
->hdr
.Status
= STATUS_UNEXPECTED_IO_ERROR
;
7183 ci_rsp
->ChunksWritten
= cpu_to_le32(chunk_count_written
);
7184 ci_rsp
->ChunkBytesWritten
= cpu_to_le32(chunk_size_written
);
7185 ci_rsp
->TotalBytesWritten
= cpu_to_le32(total_size_written
);
7187 ksmbd_fd_put(work
, src_fp
);
7188 ksmbd_fd_put(work
, dst_fp
);
7192 static __be32
idev_ipv4_address(struct in_device
*idev
)
7196 struct in_ifaddr
*ifa
;
7199 in_dev_for_each_ifa_rcu(ifa
, idev
) {
7200 if (ifa
->ifa_flags
& IFA_F_SECONDARY
)
7203 addr
= ifa
->ifa_address
;
7210 static int fsctl_query_iface_info_ioctl(struct ksmbd_conn
*conn
,
7211 struct smb2_ioctl_rsp
*rsp
,
7212 unsigned int out_buf_len
)
7214 struct network_interface_info_ioctl_rsp
*nii_rsp
= NULL
;
7216 struct net_device
*netdev
;
7217 struct sockaddr_storage_rsp
*sockaddr_storage
;
7219 unsigned long long speed
;
7220 struct sockaddr_in6
*csin6
= (struct sockaddr_in6
*)&conn
->peer_addr
;
7223 for_each_netdev(&init_net
, netdev
) {
7225 nbytes
+ sizeof(struct network_interface_info_ioctl_rsp
)) {
7230 if (netdev
->type
== ARPHRD_LOOPBACK
)
7233 flags
= dev_get_flags(netdev
);
7234 if (!(flags
& IFF_RUNNING
))
7237 nii_rsp
= (struct network_interface_info_ioctl_rsp
*)
7238 &rsp
->Buffer
[nbytes
];
7239 nii_rsp
->IfIndex
= cpu_to_le32(netdev
->ifindex
);
7241 nii_rsp
->Capability
= 0;
7242 if (ksmbd_rdma_capable_netdev(netdev
))
7243 nii_rsp
->Capability
|= cpu_to_le32(RDMA_CAPABLE
);
7245 nii_rsp
->Next
= cpu_to_le32(152);
7246 nii_rsp
->Reserved
= 0;
7248 if (netdev
->ethtool_ops
->get_link_ksettings
) {
7249 struct ethtool_link_ksettings cmd
;
7251 netdev
->ethtool_ops
->get_link_ksettings(netdev
, &cmd
);
7252 speed
= cmd
.base
.speed
;
7254 ksmbd_debug(SMB
, "%s %s\n", netdev
->name
,
7255 "speed is unknown, defaulting to 1Gb/sec");
7260 nii_rsp
->LinkSpeed
= cpu_to_le64(speed
);
7262 sockaddr_storage
= (struct sockaddr_storage_rsp
*)
7263 nii_rsp
->SockAddr_Storage
;
7264 memset(sockaddr_storage
, 0, 128);
7266 if (conn
->peer_addr
.ss_family
== PF_INET
||
7267 ipv6_addr_v4mapped(&csin6
->sin6_addr
)) {
7268 struct in_device
*idev
;
7270 sockaddr_storage
->Family
= cpu_to_le16(INTERNETWORK
);
7271 sockaddr_storage
->addr4
.Port
= 0;
7273 idev
= __in_dev_get_rtnl(netdev
);
7276 sockaddr_storage
->addr4
.IPv4address
=
7277 idev_ipv4_address(idev
);
7279 struct inet6_dev
*idev6
;
7280 struct inet6_ifaddr
*ifa
;
7281 __u8
*ipv6_addr
= sockaddr_storage
->addr6
.IPv6address
;
7283 sockaddr_storage
->Family
= cpu_to_le16(INTERNETWORKV6
);
7284 sockaddr_storage
->addr6
.Port
= 0;
7285 sockaddr_storage
->addr6
.FlowInfo
= 0;
7287 idev6
= __in6_dev_get(netdev
);
7291 list_for_each_entry(ifa
, &idev6
->addr_list
, if_list
) {
7292 if (ifa
->flags
& (IFA_F_TENTATIVE
|
7295 memcpy(ipv6_addr
, ifa
->addr
.s6_addr
, 16);
7298 sockaddr_storage
->addr6
.ScopeId
= 0;
7301 nbytes
+= sizeof(struct network_interface_info_ioctl_rsp
);
7305 /* zero if this is last one */
7309 rsp
->PersistentFileId
= cpu_to_le64(SMB2_NO_FID
);
7310 rsp
->VolatileFileId
= cpu_to_le64(SMB2_NO_FID
);
7314 static int fsctl_validate_negotiate_info(struct ksmbd_conn
*conn
,
7315 struct validate_negotiate_info_req
*neg_req
,
7316 struct validate_negotiate_info_rsp
*neg_rsp
,
7317 unsigned int in_buf_len
)
7322 if (in_buf_len
< offsetof(struct validate_negotiate_info_req
, Dialects
) +
7323 le16_to_cpu(neg_req
->DialectCount
) * sizeof(__le16
))
7326 dialect
= ksmbd_lookup_dialect_by_id(neg_req
->Dialects
,
7327 neg_req
->DialectCount
);
7328 if (dialect
== BAD_PROT_ID
|| dialect
!= conn
->dialect
) {
7333 if (strncmp(neg_req
->Guid
, conn
->ClientGUID
, SMB2_CLIENT_GUID_SIZE
)) {
7338 if (le16_to_cpu(neg_req
->SecurityMode
) != conn
->cli_sec_mode
) {
7343 if (le32_to_cpu(neg_req
->Capabilities
) != conn
->cli_cap
) {
7348 neg_rsp
->Capabilities
= cpu_to_le32(conn
->vals
->capabilities
);
7349 memset(neg_rsp
->Guid
, 0, SMB2_CLIENT_GUID_SIZE
);
7350 neg_rsp
->SecurityMode
= cpu_to_le16(conn
->srv_sec_mode
);
7351 neg_rsp
->Dialect
= cpu_to_le16(conn
->dialect
);
7356 static int fsctl_query_allocated_ranges(struct ksmbd_work
*work
, u64 id
,
7357 struct file_allocated_range_buffer
*qar_req
,
7358 struct file_allocated_range_buffer
*qar_rsp
,
7359 unsigned int in_count
, unsigned int *out_count
)
7361 struct ksmbd_file
*fp
;
7362 loff_t start
, length
;
7369 fp
= ksmbd_lookup_fd_fast(work
, id
);
7373 start
= le64_to_cpu(qar_req
->file_offset
);
7374 length
= le64_to_cpu(qar_req
->length
);
7376 ret
= ksmbd_vfs_fqar_lseek(fp
, start
, length
,
7377 qar_rsp
, in_count
, out_count
);
7378 if (ret
&& ret
!= -E2BIG
)
7381 ksmbd_fd_put(work
, fp
);
7385 static int fsctl_pipe_transceive(struct ksmbd_work
*work
, u64 id
,
7386 unsigned int out_buf_len
,
7387 struct smb2_ioctl_req
*req
,
7388 struct smb2_ioctl_rsp
*rsp
)
7390 struct ksmbd_rpc_command
*rpc_resp
;
7391 char *data_buf
= (char *)&req
->Buffer
[0];
7394 rpc_resp
= ksmbd_rpc_ioctl(work
->sess
, id
, data_buf
,
7395 le32_to_cpu(req
->InputCount
));
7397 if (rpc_resp
->flags
== KSMBD_RPC_SOME_NOT_MAPPED
) {
7399 * set STATUS_SOME_NOT_MAPPED response
7400 * for unknown domain sid.
7402 rsp
->hdr
.Status
= STATUS_SOME_NOT_MAPPED
;
7403 } else if (rpc_resp
->flags
== KSMBD_RPC_ENOTIMPLEMENTED
) {
7404 rsp
->hdr
.Status
= STATUS_NOT_SUPPORTED
;
7406 } else if (rpc_resp
->flags
!= KSMBD_RPC_OK
) {
7407 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
7411 nbytes
= rpc_resp
->payload_sz
;
7412 if (rpc_resp
->payload_sz
> out_buf_len
) {
7413 rsp
->hdr
.Status
= STATUS_BUFFER_OVERFLOW
;
7414 nbytes
= out_buf_len
;
7417 if (!rpc_resp
->payload_sz
) {
7419 STATUS_UNEXPECTED_IO_ERROR
;
7423 memcpy((char *)rsp
->Buffer
, rpc_resp
->payload
, nbytes
);
7430 static inline int fsctl_set_sparse(struct ksmbd_work
*work
, u64 id
,
7431 struct file_sparse
*sparse
)
7433 struct ksmbd_file
*fp
;
7434 struct user_namespace
*user_ns
;
7438 fp
= ksmbd_lookup_fd_fast(work
, id
);
7441 user_ns
= file_mnt_user_ns(fp
->filp
);
7443 old_fattr
= fp
->f_ci
->m_fattr
;
7444 if (sparse
->SetSparse
)
7445 fp
->f_ci
->m_fattr
|= ATTR_SPARSE_FILE_LE
;
7447 fp
->f_ci
->m_fattr
&= ~ATTR_SPARSE_FILE_LE
;
7449 if (fp
->f_ci
->m_fattr
!= old_fattr
&&
7450 test_share_config_flag(work
->tcon
->share_conf
,
7451 KSMBD_SHARE_FLAG_STORE_DOS_ATTRS
)) {
7452 struct xattr_dos_attrib da
;
7454 ret
= ksmbd_vfs_get_dos_attrib_xattr(user_ns
,
7455 fp
->filp
->f_path
.dentry
, &da
);
7459 da
.attr
= le32_to_cpu(fp
->f_ci
->m_fattr
);
7460 ret
= ksmbd_vfs_set_dos_attrib_xattr(user_ns
,
7461 fp
->filp
->f_path
.dentry
, &da
);
7463 fp
->f_ci
->m_fattr
= old_fattr
;
7467 ksmbd_fd_put(work
, fp
);
7471 static int fsctl_request_resume_key(struct ksmbd_work
*work
,
7472 struct smb2_ioctl_req
*req
,
7473 struct resume_key_ioctl_rsp
*key_rsp
)
7475 struct ksmbd_file
*fp
;
7477 fp
= ksmbd_lookup_fd_slow(work
,
7478 le64_to_cpu(req
->VolatileFileId
),
7479 le64_to_cpu(req
->PersistentFileId
));
7483 memset(key_rsp
, 0, sizeof(*key_rsp
));
7484 key_rsp
->ResumeKey
[0] = req
->VolatileFileId
;
7485 key_rsp
->ResumeKey
[1] = req
->PersistentFileId
;
7486 ksmbd_fd_put(work
, fp
);
7492 * smb2_ioctl() - handler for smb2 ioctl command
7493 * @work: smb work containing ioctl command buffer
7495 * Return: 0 on success, otherwise error
7497 int smb2_ioctl(struct ksmbd_work
*work
)
7499 struct smb2_ioctl_req
*req
;
7500 struct smb2_ioctl_rsp
*rsp
, *rsp_org
;
7501 unsigned int cnt_code
, nbytes
= 0, out_buf_len
, in_buf_len
;
7502 u64 id
= KSMBD_NO_FID
;
7503 struct ksmbd_conn
*conn
= work
->conn
;
7506 rsp_org
= work
->response_buf
;
7507 if (work
->next_smb2_rcv_hdr_off
) {
7508 req
= ksmbd_req_buf_next(work
);
7509 rsp
= ksmbd_resp_buf_next(work
);
7510 if (!has_file_id(le64_to_cpu(req
->VolatileFileId
))) {
7511 ksmbd_debug(SMB
, "Compound request set FID = %llu\n",
7512 work
->compound_fid
);
7513 id
= work
->compound_fid
;
7516 req
= work
->request_buf
;
7517 rsp
= work
->response_buf
;
7520 if (!has_file_id(id
))
7521 id
= le64_to_cpu(req
->VolatileFileId
);
7523 if (req
->Flags
!= cpu_to_le32(SMB2_0_IOCTL_IS_FSCTL
)) {
7524 rsp
->hdr
.Status
= STATUS_NOT_SUPPORTED
;
7528 cnt_code
= le32_to_cpu(req
->CntCode
);
7529 ret
= smb2_calc_max_out_buf_len(work
, 48,
7530 le32_to_cpu(req
->MaxOutputResponse
));
7532 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
7535 out_buf_len
= (unsigned int)ret
;
7536 in_buf_len
= le32_to_cpu(req
->InputCount
);
7539 case FSCTL_DFS_GET_REFERRALS
:
7540 case FSCTL_DFS_GET_REFERRALS_EX
:
7541 /* Not support DFS yet */
7542 rsp
->hdr
.Status
= STATUS_FS_DRIVER_REQUIRED
;
7544 case FSCTL_CREATE_OR_GET_OBJECT_ID
:
7546 struct file_object_buf_type1_ioctl_rsp
*obj_buf
;
7548 nbytes
= sizeof(struct file_object_buf_type1_ioctl_rsp
);
7549 obj_buf
= (struct file_object_buf_type1_ioctl_rsp
*)
7553 * TODO: This is dummy implementation to pass smbtorture
7554 * Need to check correct response later
7556 memset(obj_buf
->ObjectId
, 0x0, 16);
7557 memset(obj_buf
->BirthVolumeId
, 0x0, 16);
7558 memset(obj_buf
->BirthObjectId
, 0x0, 16);
7559 memset(obj_buf
->DomainId
, 0x0, 16);
7563 case FSCTL_PIPE_TRANSCEIVE
:
7564 out_buf_len
= min_t(u32
, KSMBD_IPC_MAX_PAYLOAD
, out_buf_len
);
7565 nbytes
= fsctl_pipe_transceive(work
, id
, out_buf_len
, req
, rsp
);
7567 case FSCTL_VALIDATE_NEGOTIATE_INFO
:
7568 if (conn
->dialect
< SMB30_PROT_ID
) {
7573 if (in_buf_len
< sizeof(struct validate_negotiate_info_req
))
7576 if (out_buf_len
< sizeof(struct validate_negotiate_info_rsp
))
7579 ret
= fsctl_validate_negotiate_info(conn
,
7580 (struct validate_negotiate_info_req
*)&req
->Buffer
[0],
7581 (struct validate_negotiate_info_rsp
*)&rsp
->Buffer
[0],
7586 nbytes
= sizeof(struct validate_negotiate_info_rsp
);
7587 rsp
->PersistentFileId
= cpu_to_le64(SMB2_NO_FID
);
7588 rsp
->VolatileFileId
= cpu_to_le64(SMB2_NO_FID
);
7590 case FSCTL_QUERY_NETWORK_INTERFACE_INFO
:
7591 ret
= fsctl_query_iface_info_ioctl(conn
, rsp
, out_buf_len
);
7596 case FSCTL_REQUEST_RESUME_KEY
:
7597 if (out_buf_len
< sizeof(struct resume_key_ioctl_rsp
)) {
7602 ret
= fsctl_request_resume_key(work
, req
,
7603 (struct resume_key_ioctl_rsp
*)&rsp
->Buffer
[0]);
7606 rsp
->PersistentFileId
= req
->PersistentFileId
;
7607 rsp
->VolatileFileId
= req
->VolatileFileId
;
7608 nbytes
= sizeof(struct resume_key_ioctl_rsp
);
7610 case FSCTL_COPYCHUNK
:
7611 case FSCTL_COPYCHUNK_WRITE
:
7612 if (!test_tree_conn_flag(work
->tcon
, KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
7614 "User does not have write permission\n");
7619 if (in_buf_len
< sizeof(struct copychunk_ioctl_req
)) {
7624 if (out_buf_len
< sizeof(struct copychunk_ioctl_rsp
)) {
7629 nbytes
= sizeof(struct copychunk_ioctl_rsp
);
7630 rsp
->VolatileFileId
= req
->VolatileFileId
;
7631 rsp
->PersistentFileId
= req
->PersistentFileId
;
7632 fsctl_copychunk(work
,
7633 (struct copychunk_ioctl_req
*)&req
->Buffer
[0],
7634 le32_to_cpu(req
->CntCode
),
7635 le32_to_cpu(req
->InputCount
),
7636 le64_to_cpu(req
->VolatileFileId
),
7637 le64_to_cpu(req
->PersistentFileId
),
7640 case FSCTL_SET_SPARSE
:
7641 if (in_buf_len
< sizeof(struct file_sparse
)) {
7646 ret
= fsctl_set_sparse(work
, id
,
7647 (struct file_sparse
*)&req
->Buffer
[0]);
7651 case FSCTL_SET_ZERO_DATA
:
7653 struct file_zero_data_information
*zero_data
;
7654 struct ksmbd_file
*fp
;
7657 if (!test_tree_conn_flag(work
->tcon
, KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
7659 "User does not have write permission\n");
7664 if (in_buf_len
< sizeof(struct file_zero_data_information
)) {
7670 (struct file_zero_data_information
*)&req
->Buffer
[0];
7672 fp
= ksmbd_lookup_fd_fast(work
, id
);
7678 off
= le64_to_cpu(zero_data
->FileOffset
);
7679 len
= le64_to_cpu(zero_data
->BeyondFinalZero
) - off
;
7681 ret
= ksmbd_vfs_zero_data(work
, fp
, off
, len
);
7682 ksmbd_fd_put(work
, fp
);
7687 case FSCTL_QUERY_ALLOCATED_RANGES
:
7688 if (in_buf_len
< sizeof(struct file_allocated_range_buffer
)) {
7693 ret
= fsctl_query_allocated_ranges(work
, id
,
7694 (struct file_allocated_range_buffer
*)&req
->Buffer
[0],
7695 (struct file_allocated_range_buffer
*)&rsp
->Buffer
[0],
7697 sizeof(struct file_allocated_range_buffer
), &nbytes
);
7698 if (ret
== -E2BIG
) {
7699 rsp
->hdr
.Status
= STATUS_BUFFER_OVERFLOW
;
7700 } else if (ret
< 0) {
7705 nbytes
*= sizeof(struct file_allocated_range_buffer
);
7707 case FSCTL_GET_REPARSE_POINT
:
7709 struct reparse_data_buffer
*reparse_ptr
;
7710 struct ksmbd_file
*fp
;
7712 reparse_ptr
= (struct reparse_data_buffer
*)&rsp
->Buffer
[0];
7713 fp
= ksmbd_lookup_fd_fast(work
, id
);
7715 pr_err("not found fp!!\n");
7720 reparse_ptr
->ReparseTag
=
7721 smb2_get_reparse_tag_special_file(file_inode(fp
->filp
)->i_mode
);
7722 reparse_ptr
->ReparseDataLength
= 0;
7723 ksmbd_fd_put(work
, fp
);
7724 nbytes
= sizeof(struct reparse_data_buffer
);
7727 case FSCTL_DUPLICATE_EXTENTS_TO_FILE
:
7729 struct ksmbd_file
*fp_in
, *fp_out
= NULL
;
7730 struct duplicate_extents_to_file
*dup_ext
;
7731 loff_t src_off
, dst_off
, length
, cloned
;
7733 if (in_buf_len
< sizeof(struct duplicate_extents_to_file
)) {
7738 dup_ext
= (struct duplicate_extents_to_file
*)&req
->Buffer
[0];
7740 fp_in
= ksmbd_lookup_fd_slow(work
, dup_ext
->VolatileFileHandle
,
7741 dup_ext
->PersistentFileHandle
);
7743 pr_err("not found file handle in duplicate extent to file\n");
7748 fp_out
= ksmbd_lookup_fd_fast(work
, id
);
7750 pr_err("not found fp\n");
7755 src_off
= le64_to_cpu(dup_ext
->SourceFileOffset
);
7756 dst_off
= le64_to_cpu(dup_ext
->TargetFileOffset
);
7757 length
= le64_to_cpu(dup_ext
->ByteCount
);
7758 cloned
= vfs_clone_file_range(fp_in
->filp
, src_off
, fp_out
->filp
,
7759 dst_off
, length
, 0);
7760 if (cloned
== -EXDEV
|| cloned
== -EOPNOTSUPP
) {
7763 } else if (cloned
!= length
) {
7764 cloned
= vfs_copy_file_range(fp_in
->filp
, src_off
,
7765 fp_out
->filp
, dst_off
, length
, 0);
7766 if (cloned
!= length
) {
7775 ksmbd_fd_put(work
, fp_in
);
7776 ksmbd_fd_put(work
, fp_out
);
7782 ksmbd_debug(SMB
, "not implemented yet ioctl command 0x%x\n",
7788 rsp
->CntCode
= cpu_to_le32(cnt_code
);
7789 rsp
->InputCount
= cpu_to_le32(0);
7790 rsp
->InputOffset
= cpu_to_le32(112);
7791 rsp
->OutputOffset
= cpu_to_le32(112);
7792 rsp
->OutputCount
= cpu_to_le32(nbytes
);
7793 rsp
->StructureSize
= cpu_to_le16(49);
7794 rsp
->Reserved
= cpu_to_le16(0);
7795 rsp
->Flags
= cpu_to_le32(0);
7796 rsp
->Reserved2
= cpu_to_le32(0);
7797 inc_rfc1001_len(rsp_org
, 48 + nbytes
);
7803 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
7804 else if (ret
== -ENOENT
)
7805 rsp
->hdr
.Status
= STATUS_OBJECT_NAME_NOT_FOUND
;
7806 else if (ret
== -EOPNOTSUPP
)
7807 rsp
->hdr
.Status
= STATUS_NOT_SUPPORTED
;
7808 else if (ret
== -ENOSPC
)
7809 rsp
->hdr
.Status
= STATUS_BUFFER_TOO_SMALL
;
7810 else if (ret
< 0 || rsp
->hdr
.Status
== 0)
7811 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
7812 smb2_set_err_rsp(work
);
7817 * smb20_oplock_break_ack() - handler for smb2.0 oplock break command
7818 * @work: smb work containing oplock break command buffer
7822 static void smb20_oplock_break_ack(struct ksmbd_work
*work
)
7824 struct smb2_oplock_break
*req
= work
->request_buf
;
7825 struct smb2_oplock_break
*rsp
= work
->response_buf
;
7826 struct ksmbd_file
*fp
;
7827 struct oplock_info
*opinfo
= NULL
;
7830 u64 volatile_id
, persistent_id
;
7831 char req_oplevel
= 0, rsp_oplevel
= 0;
7832 unsigned int oplock_change_type
;
7834 volatile_id
= le64_to_cpu(req
->VolatileFid
);
7835 persistent_id
= le64_to_cpu(req
->PersistentFid
);
7836 req_oplevel
= req
->OplockLevel
;
7837 ksmbd_debug(OPLOCK
, "v_id %llu, p_id %llu request oplock level %d\n",
7838 volatile_id
, persistent_id
, req_oplevel
);
7840 fp
= ksmbd_lookup_fd_slow(work
, volatile_id
, persistent_id
);
7842 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
7843 smb2_set_err_rsp(work
);
7847 opinfo
= opinfo_get(fp
);
7849 pr_err("unexpected null oplock_info\n");
7850 rsp
->hdr
.Status
= STATUS_INVALID_OPLOCK_PROTOCOL
;
7851 smb2_set_err_rsp(work
);
7852 ksmbd_fd_put(work
, fp
);
7856 if (opinfo
->level
== SMB2_OPLOCK_LEVEL_NONE
) {
7857 rsp
->hdr
.Status
= STATUS_INVALID_OPLOCK_PROTOCOL
;
7861 if (opinfo
->op_state
== OPLOCK_STATE_NONE
) {
7862 ksmbd_debug(SMB
, "unexpected oplock state 0x%x\n", opinfo
->op_state
);
7863 rsp
->hdr
.Status
= STATUS_UNSUCCESSFUL
;
7867 if ((opinfo
->level
== SMB2_OPLOCK_LEVEL_EXCLUSIVE
||
7868 opinfo
->level
== SMB2_OPLOCK_LEVEL_BATCH
) &&
7869 (req_oplevel
!= SMB2_OPLOCK_LEVEL_II
&&
7870 req_oplevel
!= SMB2_OPLOCK_LEVEL_NONE
)) {
7871 err
= STATUS_INVALID_OPLOCK_PROTOCOL
;
7872 oplock_change_type
= OPLOCK_WRITE_TO_NONE
;
7873 } else if (opinfo
->level
== SMB2_OPLOCK_LEVEL_II
&&
7874 req_oplevel
!= SMB2_OPLOCK_LEVEL_NONE
) {
7875 err
= STATUS_INVALID_OPLOCK_PROTOCOL
;
7876 oplock_change_type
= OPLOCK_READ_TO_NONE
;
7877 } else if (req_oplevel
== SMB2_OPLOCK_LEVEL_II
||
7878 req_oplevel
== SMB2_OPLOCK_LEVEL_NONE
) {
7879 err
= STATUS_INVALID_DEVICE_STATE
;
7880 if ((opinfo
->level
== SMB2_OPLOCK_LEVEL_EXCLUSIVE
||
7881 opinfo
->level
== SMB2_OPLOCK_LEVEL_BATCH
) &&
7882 req_oplevel
== SMB2_OPLOCK_LEVEL_II
) {
7883 oplock_change_type
= OPLOCK_WRITE_TO_READ
;
7884 } else if ((opinfo
->level
== SMB2_OPLOCK_LEVEL_EXCLUSIVE
||
7885 opinfo
->level
== SMB2_OPLOCK_LEVEL_BATCH
) &&
7886 req_oplevel
== SMB2_OPLOCK_LEVEL_NONE
) {
7887 oplock_change_type
= OPLOCK_WRITE_TO_NONE
;
7888 } else if (opinfo
->level
== SMB2_OPLOCK_LEVEL_II
&&
7889 req_oplevel
== SMB2_OPLOCK_LEVEL_NONE
) {
7890 oplock_change_type
= OPLOCK_READ_TO_NONE
;
7892 oplock_change_type
= 0;
7895 oplock_change_type
= 0;
7898 switch (oplock_change_type
) {
7899 case OPLOCK_WRITE_TO_READ
:
7900 ret
= opinfo_write_to_read(opinfo
);
7901 rsp_oplevel
= SMB2_OPLOCK_LEVEL_II
;
7903 case OPLOCK_WRITE_TO_NONE
:
7904 ret
= opinfo_write_to_none(opinfo
);
7905 rsp_oplevel
= SMB2_OPLOCK_LEVEL_NONE
;
7907 case OPLOCK_READ_TO_NONE
:
7908 ret
= opinfo_read_to_none(opinfo
);
7909 rsp_oplevel
= SMB2_OPLOCK_LEVEL_NONE
;
7912 pr_err("unknown oplock change 0x%x -> 0x%x\n",
7913 opinfo
->level
, rsp_oplevel
);
7917 rsp
->hdr
.Status
= err
;
7922 ksmbd_fd_put(work
, fp
);
7923 opinfo
->op_state
= OPLOCK_STATE_NONE
;
7924 wake_up_interruptible_all(&opinfo
->oplock_q
);
7926 rsp
->StructureSize
= cpu_to_le16(24);
7927 rsp
->OplockLevel
= rsp_oplevel
;
7930 rsp
->VolatileFid
= cpu_to_le64(volatile_id
);
7931 rsp
->PersistentFid
= cpu_to_le64(persistent_id
);
7932 inc_rfc1001_len(rsp
, 24);
7936 opinfo
->op_state
= OPLOCK_STATE_NONE
;
7937 wake_up_interruptible_all(&opinfo
->oplock_q
);
7940 ksmbd_fd_put(work
, fp
);
7941 smb2_set_err_rsp(work
);
7944 static int check_lease_state(struct lease
*lease
, __le32 req_state
)
7946 if ((lease
->new_state
==
7947 (SMB2_LEASE_READ_CACHING_LE
| SMB2_LEASE_HANDLE_CACHING_LE
)) &&
7948 !(req_state
& SMB2_LEASE_WRITE_CACHING_LE
)) {
7949 lease
->new_state
= req_state
;
7953 if (lease
->new_state
== req_state
)
7960 * smb21_lease_break_ack() - handler for smb2.1 lease break command
7961 * @work: smb work containing lease break command buffer
7965 static void smb21_lease_break_ack(struct ksmbd_work
*work
)
7967 struct ksmbd_conn
*conn
= work
->conn
;
7968 struct smb2_lease_ack
*req
= work
->request_buf
;
7969 struct smb2_lease_ack
*rsp
= work
->response_buf
;
7970 struct oplock_info
*opinfo
;
7973 unsigned int lease_change_type
;
7975 struct lease
*lease
;
7977 ksmbd_debug(OPLOCK
, "smb21 lease break, lease state(0x%x)\n",
7978 le32_to_cpu(req
->LeaseState
));
7979 opinfo
= lookup_lease_in_table(conn
, req
->LeaseKey
);
7981 ksmbd_debug(OPLOCK
, "file not opened\n");
7982 smb2_set_err_rsp(work
);
7983 rsp
->hdr
.Status
= STATUS_UNSUCCESSFUL
;
7986 lease
= opinfo
->o_lease
;
7988 if (opinfo
->op_state
== OPLOCK_STATE_NONE
) {
7989 pr_err("unexpected lease break state 0x%x\n",
7991 rsp
->hdr
.Status
= STATUS_UNSUCCESSFUL
;
7995 if (check_lease_state(lease
, req
->LeaseState
)) {
7996 rsp
->hdr
.Status
= STATUS_REQUEST_NOT_ACCEPTED
;
7998 "req lease state: 0x%x, expected state: 0x%x\n",
7999 req
->LeaseState
, lease
->new_state
);
8003 if (!atomic_read(&opinfo
->breaking_cnt
)) {
8004 rsp
->hdr
.Status
= STATUS_UNSUCCESSFUL
;
8008 /* check for bad lease state */
8009 if (req
->LeaseState
&
8010 (~(SMB2_LEASE_READ_CACHING_LE
| SMB2_LEASE_HANDLE_CACHING_LE
))) {
8011 err
= STATUS_INVALID_OPLOCK_PROTOCOL
;
8012 if (lease
->state
& SMB2_LEASE_WRITE_CACHING_LE
)
8013 lease_change_type
= OPLOCK_WRITE_TO_NONE
;
8015 lease_change_type
= OPLOCK_READ_TO_NONE
;
8016 ksmbd_debug(OPLOCK
, "handle bad lease state 0x%x -> 0x%x\n",
8017 le32_to_cpu(lease
->state
),
8018 le32_to_cpu(req
->LeaseState
));
8019 } else if (lease
->state
== SMB2_LEASE_READ_CACHING_LE
&&
8020 req
->LeaseState
!= SMB2_LEASE_NONE_LE
) {
8021 err
= STATUS_INVALID_OPLOCK_PROTOCOL
;
8022 lease_change_type
= OPLOCK_READ_TO_NONE
;
8023 ksmbd_debug(OPLOCK
, "handle bad lease state 0x%x -> 0x%x\n",
8024 le32_to_cpu(lease
->state
),
8025 le32_to_cpu(req
->LeaseState
));
8027 /* valid lease state changes */
8028 err
= STATUS_INVALID_DEVICE_STATE
;
8029 if (req
->LeaseState
== SMB2_LEASE_NONE_LE
) {
8030 if (lease
->state
& SMB2_LEASE_WRITE_CACHING_LE
)
8031 lease_change_type
= OPLOCK_WRITE_TO_NONE
;
8033 lease_change_type
= OPLOCK_READ_TO_NONE
;
8034 } else if (req
->LeaseState
& SMB2_LEASE_READ_CACHING_LE
) {
8035 if (lease
->state
& SMB2_LEASE_WRITE_CACHING_LE
)
8036 lease_change_type
= OPLOCK_WRITE_TO_READ
;
8038 lease_change_type
= OPLOCK_READ_HANDLE_TO_READ
;
8040 lease_change_type
= 0;
8044 switch (lease_change_type
) {
8045 case OPLOCK_WRITE_TO_READ
:
8046 ret
= opinfo_write_to_read(opinfo
);
8048 case OPLOCK_READ_HANDLE_TO_READ
:
8049 ret
= opinfo_read_handle_to_read(opinfo
);
8051 case OPLOCK_WRITE_TO_NONE
:
8052 ret
= opinfo_write_to_none(opinfo
);
8054 case OPLOCK_READ_TO_NONE
:
8055 ret
= opinfo_read_to_none(opinfo
);
8058 ksmbd_debug(OPLOCK
, "unknown lease change 0x%x -> 0x%x\n",
8059 le32_to_cpu(lease
->state
),
8060 le32_to_cpu(req
->LeaseState
));
8063 lease_state
= lease
->state
;
8064 opinfo
->op_state
= OPLOCK_STATE_NONE
;
8065 wake_up_interruptible_all(&opinfo
->oplock_q
);
8066 atomic_dec(&opinfo
->breaking_cnt
);
8067 wake_up_interruptible_all(&opinfo
->oplock_brk
);
8071 rsp
->hdr
.Status
= err
;
8075 rsp
->StructureSize
= cpu_to_le16(36);
8078 memcpy(rsp
->LeaseKey
, req
->LeaseKey
, 16);
8079 rsp
->LeaseState
= lease_state
;
8080 rsp
->LeaseDuration
= 0;
8081 inc_rfc1001_len(rsp
, 36);
8085 opinfo
->op_state
= OPLOCK_STATE_NONE
;
8086 wake_up_interruptible_all(&opinfo
->oplock_q
);
8087 atomic_dec(&opinfo
->breaking_cnt
);
8088 wake_up_interruptible_all(&opinfo
->oplock_brk
);
8091 smb2_set_err_rsp(work
);
8095 * smb2_oplock_break() - dispatcher for smb2.0 and 2.1 oplock/lease break
8096 * @work: smb work containing oplock/lease break command buffer
8100 int smb2_oplock_break(struct ksmbd_work
*work
)
8102 struct smb2_oplock_break
*req
= work
->request_buf
;
8103 struct smb2_oplock_break
*rsp
= work
->response_buf
;
8105 switch (le16_to_cpu(req
->StructureSize
)) {
8106 case OP_BREAK_STRUCT_SIZE_20
:
8107 smb20_oplock_break_ack(work
);
8109 case OP_BREAK_STRUCT_SIZE_21
:
8110 smb21_lease_break_ack(work
);
8113 ksmbd_debug(OPLOCK
, "invalid break cmd %d\n",
8114 le16_to_cpu(req
->StructureSize
));
8115 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
8116 smb2_set_err_rsp(work
);
8123 * smb2_notify() - handler for smb2 notify request
8124 * @work: smb work containing notify command buffer
8128 int smb2_notify(struct ksmbd_work
*work
)
8130 struct smb2_notify_req
*req
;
8131 struct smb2_notify_rsp
*rsp
;
8133 WORK_BUFFERS(work
, req
, rsp
);
8135 if (work
->next_smb2_rcv_hdr_off
&& req
->hdr
.NextCommand
) {
8136 rsp
->hdr
.Status
= STATUS_INTERNAL_ERROR
;
8137 smb2_set_err_rsp(work
);
8141 smb2_set_err_rsp(work
);
8142 rsp
->hdr
.Status
= STATUS_NOT_IMPLEMENTED
;
8147 * smb2_is_sign_req() - handler for checking packet signing status
8148 * @work: smb work containing notify command buffer
8149 * @command: SMB2 command id
8151 * Return: true if packed is signed, false otherwise
8153 bool smb2_is_sign_req(struct ksmbd_work
*work
, unsigned int command
)
8155 struct smb2_hdr
*rcv_hdr2
= work
->request_buf
;
8157 if ((rcv_hdr2
->Flags
& SMB2_FLAGS_SIGNED
) &&
8158 command
!= SMB2_NEGOTIATE_HE
&&
8159 command
!= SMB2_SESSION_SETUP_HE
&&
8160 command
!= SMB2_OPLOCK_BREAK_HE
)
8167 * smb2_check_sign_req() - handler for req packet sign processing
8168 * @work: smb work containing notify command buffer
8170 * Return: 1 on success, 0 otherwise
8172 int smb2_check_sign_req(struct ksmbd_work
*work
)
8174 struct smb2_hdr
*hdr
, *hdr_org
;
8175 char signature_req
[SMB2_SIGNATURE_SIZE
];
8176 char signature
[SMB2_HMACSHA256_SIZE
];
8180 hdr_org
= hdr
= work
->request_buf
;
8181 if (work
->next_smb2_rcv_hdr_off
)
8182 hdr
= ksmbd_req_buf_next(work
);
8184 if (!hdr
->NextCommand
&& !work
->next_smb2_rcv_hdr_off
)
8185 len
= be32_to_cpu(hdr_org
->smb2_buf_length
);
8186 else if (hdr
->NextCommand
)
8187 len
= le32_to_cpu(hdr
->NextCommand
);
8189 len
= be32_to_cpu(hdr_org
->smb2_buf_length
) -
8190 work
->next_smb2_rcv_hdr_off
;
8192 memcpy(signature_req
, hdr
->Signature
, SMB2_SIGNATURE_SIZE
);
8193 memset(hdr
->Signature
, 0, SMB2_SIGNATURE_SIZE
);
8195 iov
[0].iov_base
= (char *)&hdr
->ProtocolId
;
8196 iov
[0].iov_len
= len
;
8198 if (ksmbd_sign_smb2_pdu(work
->conn
, work
->sess
->sess_key
, iov
, 1,
8202 if (memcmp(signature
, signature_req
, SMB2_SIGNATURE_SIZE
)) {
8203 pr_err("bad smb2 signature\n");
8211 * smb2_set_sign_rsp() - handler for rsp packet sign processing
8212 * @work: smb work containing notify command buffer
8215 void smb2_set_sign_rsp(struct ksmbd_work
*work
)
8217 struct smb2_hdr
*hdr
, *hdr_org
;
8218 struct smb2_hdr
*req_hdr
;
8219 char signature
[SMB2_HMACSHA256_SIZE
];
8224 hdr_org
= hdr
= work
->response_buf
;
8225 if (work
->next_smb2_rsp_hdr_off
)
8226 hdr
= ksmbd_resp_buf_next(work
);
8228 req_hdr
= ksmbd_req_buf_next(work
);
8230 if (!work
->next_smb2_rsp_hdr_off
) {
8231 len
= get_rfc1002_len(hdr_org
);
8232 if (req_hdr
->NextCommand
)
8233 len
= ALIGN(len
, 8);
8235 len
= get_rfc1002_len(hdr_org
) - work
->next_smb2_rsp_hdr_off
;
8236 len
= ALIGN(len
, 8);
8239 if (req_hdr
->NextCommand
)
8240 hdr
->NextCommand
= cpu_to_le32(len
);
8242 hdr
->Flags
|= SMB2_FLAGS_SIGNED
;
8243 memset(hdr
->Signature
, 0, SMB2_SIGNATURE_SIZE
);
8245 iov
[0].iov_base
= (char *)&hdr
->ProtocolId
;
8246 iov
[0].iov_len
= len
;
8248 if (work
->aux_payload_sz
) {
8249 iov
[0].iov_len
-= work
->aux_payload_sz
;
8251 iov
[1].iov_base
= work
->aux_payload_buf
;
8252 iov
[1].iov_len
= work
->aux_payload_sz
;
8256 if (!ksmbd_sign_smb2_pdu(work
->conn
, work
->sess
->sess_key
, iov
, n_vec
,
8258 memcpy(hdr
->Signature
, signature
, SMB2_SIGNATURE_SIZE
);
8262 * smb3_check_sign_req() - handler for req packet sign processing
8263 * @work: smb work containing notify command buffer
8265 * Return: 1 on success, 0 otherwise
8267 int smb3_check_sign_req(struct ksmbd_work
*work
)
8269 struct ksmbd_conn
*conn
= work
->conn
;
8271 struct smb2_hdr
*hdr
, *hdr_org
;
8272 struct channel
*chann
;
8273 char signature_req
[SMB2_SIGNATURE_SIZE
];
8274 char signature
[SMB2_CMACAES_SIZE
];
8278 hdr_org
= hdr
= work
->request_buf
;
8279 if (work
->next_smb2_rcv_hdr_off
)
8280 hdr
= ksmbd_req_buf_next(work
);
8282 if (!hdr
->NextCommand
&& !work
->next_smb2_rcv_hdr_off
)
8283 len
= be32_to_cpu(hdr_org
->smb2_buf_length
);
8284 else if (hdr
->NextCommand
)
8285 len
= le32_to_cpu(hdr
->NextCommand
);
8287 len
= be32_to_cpu(hdr_org
->smb2_buf_length
) -
8288 work
->next_smb2_rcv_hdr_off
;
8290 if (le16_to_cpu(hdr
->Command
) == SMB2_SESSION_SETUP_HE
) {
8291 signing_key
= work
->sess
->smb3signingkey
;
8293 chann
= lookup_chann_list(work
->sess
, conn
);
8296 signing_key
= chann
->smb3signingkey
;
8300 pr_err("SMB3 signing key is not generated\n");
8304 memcpy(signature_req
, hdr
->Signature
, SMB2_SIGNATURE_SIZE
);
8305 memset(hdr
->Signature
, 0, SMB2_SIGNATURE_SIZE
);
8306 iov
[0].iov_base
= (char *)&hdr
->ProtocolId
;
8307 iov
[0].iov_len
= len
;
8309 if (ksmbd_sign_smb3_pdu(conn
, signing_key
, iov
, 1, signature
))
8312 if (memcmp(signature
, signature_req
, SMB2_SIGNATURE_SIZE
)) {
8313 pr_err("bad smb2 signature\n");
8321 * smb3_set_sign_rsp() - handler for rsp packet sign processing
8322 * @work: smb work containing notify command buffer
8325 void smb3_set_sign_rsp(struct ksmbd_work
*work
)
8327 struct ksmbd_conn
*conn
= work
->conn
;
8328 struct smb2_hdr
*req_hdr
;
8329 struct smb2_hdr
*hdr
, *hdr_org
;
8330 struct channel
*chann
;
8331 char signature
[SMB2_CMACAES_SIZE
];
8337 hdr_org
= hdr
= work
->response_buf
;
8338 if (work
->next_smb2_rsp_hdr_off
)
8339 hdr
= ksmbd_resp_buf_next(work
);
8341 req_hdr
= ksmbd_req_buf_next(work
);
8343 if (!work
->next_smb2_rsp_hdr_off
) {
8344 len
= get_rfc1002_len(hdr_org
);
8345 if (req_hdr
->NextCommand
)
8346 len
= ALIGN(len
, 8);
8348 len
= get_rfc1002_len(hdr_org
) - work
->next_smb2_rsp_hdr_off
;
8349 len
= ALIGN(len
, 8);
8352 if (conn
->binding
== false &&
8353 le16_to_cpu(hdr
->Command
) == SMB2_SESSION_SETUP_HE
) {
8354 signing_key
= work
->sess
->smb3signingkey
;
8356 chann
= lookup_chann_list(work
->sess
, work
->conn
);
8359 signing_key
= chann
->smb3signingkey
;
8365 if (req_hdr
->NextCommand
)
8366 hdr
->NextCommand
= cpu_to_le32(len
);
8368 hdr
->Flags
|= SMB2_FLAGS_SIGNED
;
8369 memset(hdr
->Signature
, 0, SMB2_SIGNATURE_SIZE
);
8370 iov
[0].iov_base
= (char *)&hdr
->ProtocolId
;
8371 iov
[0].iov_len
= len
;
8372 if (work
->aux_payload_sz
) {
8373 iov
[0].iov_len
-= work
->aux_payload_sz
;
8374 iov
[1].iov_base
= work
->aux_payload_buf
;
8375 iov
[1].iov_len
= work
->aux_payload_sz
;
8379 if (!ksmbd_sign_smb3_pdu(conn
, signing_key
, iov
, n_vec
, signature
))
8380 memcpy(hdr
->Signature
, signature
, SMB2_SIGNATURE_SIZE
);
8384 * smb3_preauth_hash_rsp() - handler for computing preauth hash on response
8385 * @work: smb work containing response buffer
8388 void smb3_preauth_hash_rsp(struct ksmbd_work
*work
)
8390 struct ksmbd_conn
*conn
= work
->conn
;
8391 struct ksmbd_session
*sess
= work
->sess
;
8392 struct smb2_hdr
*req
, *rsp
;
8394 if (conn
->dialect
!= SMB311_PROT_ID
)
8397 WORK_BUFFERS(work
, req
, rsp
);
8399 if (le16_to_cpu(req
->Command
) == SMB2_NEGOTIATE_HE
&&
8401 ksmbd_gen_preauth_integrity_hash(conn
, (char *)rsp
,
8402 conn
->preauth_info
->Preauth_HashValue
);
8404 if (le16_to_cpu(rsp
->Command
) == SMB2_SESSION_SETUP_HE
&& sess
) {
8407 if (conn
->binding
) {
8408 struct preauth_session
*preauth_sess
;
8410 preauth_sess
= ksmbd_preauth_session_lookup(conn
, sess
->id
);
8413 hash_value
= preauth_sess
->Preauth_HashValue
;
8415 hash_value
= sess
->Preauth_HashValue
;
8419 ksmbd_gen_preauth_integrity_hash(conn
, (char *)rsp
,
8424 static void fill_transform_hdr(struct smb2_transform_hdr
*tr_hdr
, char *old_buf
,
8427 struct smb2_hdr
*hdr
= (struct smb2_hdr
*)old_buf
;
8428 unsigned int orig_len
= get_rfc1002_len(old_buf
);
8430 memset(tr_hdr
, 0, sizeof(struct smb2_transform_hdr
));
8431 tr_hdr
->ProtocolId
= SMB2_TRANSFORM_PROTO_NUM
;
8432 tr_hdr
->OriginalMessageSize
= cpu_to_le32(orig_len
);
8433 tr_hdr
->Flags
= cpu_to_le16(0x01);
8434 if (cipher_type
== SMB2_ENCRYPTION_AES128_GCM
||
8435 cipher_type
== SMB2_ENCRYPTION_AES256_GCM
)
8436 get_random_bytes(&tr_hdr
->Nonce
, SMB3_AES_GCM_NONCE
);
8438 get_random_bytes(&tr_hdr
->Nonce
, SMB3_AES_CCM_NONCE
);
8439 memcpy(&tr_hdr
->SessionId
, &hdr
->SessionId
, 8);
8440 inc_rfc1001_len(tr_hdr
, sizeof(struct smb2_transform_hdr
) - 4);
8441 inc_rfc1001_len(tr_hdr
, orig_len
);
8444 int smb3_encrypt_resp(struct ksmbd_work
*work
)
8446 char *buf
= work
->response_buf
;
8447 struct smb2_transform_hdr
*tr_hdr
;
8450 int buf_size
= 0, rq_nvec
= 2 + (work
->aux_payload_sz
? 1 : 0);
8452 if (ARRAY_SIZE(iov
) < rq_nvec
)
8455 tr_hdr
= kzalloc(sizeof(struct smb2_transform_hdr
), GFP_KERNEL
);
8459 /* fill transform header */
8460 fill_transform_hdr(tr_hdr
, buf
, work
->conn
->cipher_type
);
8462 iov
[0].iov_base
= tr_hdr
;
8463 iov
[0].iov_len
= sizeof(struct smb2_transform_hdr
);
8464 buf_size
+= iov
[0].iov_len
- 4;
8466 iov
[1].iov_base
= buf
+ 4;
8467 iov
[1].iov_len
= get_rfc1002_len(buf
);
8468 if (work
->aux_payload_sz
) {
8469 iov
[1].iov_len
= work
->resp_hdr_sz
- 4;
8471 iov
[2].iov_base
= work
->aux_payload_buf
;
8472 iov
[2].iov_len
= work
->aux_payload_sz
;
8473 buf_size
+= iov
[2].iov_len
;
8475 buf_size
+= iov
[1].iov_len
;
8476 work
->resp_hdr_sz
= iov
[1].iov_len
;
8478 rc
= ksmbd_crypt_message(work
->conn
, iov
, rq_nvec
, 1);
8482 memmove(buf
, iov
[1].iov_base
, iov
[1].iov_len
);
8483 tr_hdr
->smb2_buf_length
= cpu_to_be32(buf_size
);
8484 work
->tr_buf
= tr_hdr
;
8489 bool smb3_is_transform_hdr(void *buf
)
8491 struct smb2_transform_hdr
*trhdr
= buf
;
8493 return trhdr
->ProtocolId
== SMB2_TRANSFORM_PROTO_NUM
;
8496 int smb3_decrypt_req(struct ksmbd_work
*work
)
8498 struct ksmbd_conn
*conn
= work
->conn
;
8499 struct ksmbd_session
*sess
;
8500 char *buf
= work
->request_buf
;
8501 struct smb2_hdr
*hdr
;
8502 unsigned int pdu_length
= get_rfc1002_len(buf
);
8504 int buf_data_size
= pdu_length
+ 4 -
8505 sizeof(struct smb2_transform_hdr
);
8506 struct smb2_transform_hdr
*tr_hdr
= (struct smb2_transform_hdr
*)buf
;
8509 if (buf_data_size
< sizeof(struct smb2_hdr
)) {
8510 pr_err("Transform message is too small (%u)\n",
8512 return -ECONNABORTED
;
8515 if (buf_data_size
< le32_to_cpu(tr_hdr
->OriginalMessageSize
)) {
8516 pr_err("Transform message is broken\n");
8517 return -ECONNABORTED
;
8520 sess
= ksmbd_session_lookup_all(conn
, le64_to_cpu(tr_hdr
->SessionId
));
8522 pr_err("invalid session id(%llx) in transform header\n",
8523 le64_to_cpu(tr_hdr
->SessionId
));
8524 return -ECONNABORTED
;
8527 iov
[0].iov_base
= buf
;
8528 iov
[0].iov_len
= sizeof(struct smb2_transform_hdr
);
8529 iov
[1].iov_base
= buf
+ sizeof(struct smb2_transform_hdr
);
8530 iov
[1].iov_len
= buf_data_size
;
8531 rc
= ksmbd_crypt_message(conn
, iov
, 2, 0);
8535 memmove(buf
+ 4, iov
[1].iov_base
, buf_data_size
);
8536 hdr
= (struct smb2_hdr
*)buf
;
8537 hdr
->smb2_buf_length
= cpu_to_be32(buf_data_size
);
8542 bool smb3_11_final_sess_setup_resp(struct ksmbd_work
*work
)
8544 struct ksmbd_conn
*conn
= work
->conn
;
8545 struct smb2_hdr
*rsp
= work
->response_buf
;
8547 if (conn
->dialect
< SMB30_PROT_ID
)
8550 if (work
->next_smb2_rcv_hdr_off
)
8551 rsp
= ksmbd_resp_buf_next(work
);
8553 if (le16_to_cpu(rsp
->Command
) == SMB2_SESSION_SETUP_HE
&&
8554 rsp
->Status
== STATUS_SUCCESS
)