1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * Copyright (C) 2016 Namjae Jeon <linkinjeon@kernel.org>
4 * Copyright (C) 2018 Samsung Electronics Co., Ltd.
7 #include <linux/inetdevice.h>
8 #include <net/addrconf.h>
9 #include <linux/syscalls.h>
10 #include <linux/namei.h>
11 #include <linux/statfs.h>
12 #include <linux/ethtool.h>
13 #include <linux/falloc.h>
23 #include "connection.h"
24 #include "transport_ipc.h"
25 #include "transport_rdma.h"
27 #include "vfs_cache.h"
31 #include "smb_common.h"
32 #include "smbstatus.h"
33 #include "ksmbd_work.h"
34 #include "mgmt/user_config.h"
35 #include "mgmt/share_config.h"
36 #include "mgmt/tree_connect.h"
37 #include "mgmt/user_session.h"
38 #include "mgmt/ksmbd_ida.h"
41 static void __wbuf(struct ksmbd_work
*work
, void **req
, void **rsp
)
43 if (work
->next_smb2_rcv_hdr_off
) {
44 *req
= ksmbd_req_buf_next(work
);
45 *rsp
= ksmbd_resp_buf_next(work
);
47 *req
= work
->request_buf
;
48 *rsp
= work
->response_buf
;
52 #define WORK_BUFFERS(w, rq, rs) __wbuf((w), (void **)&(rq), (void **)&(rs))
55 * check_session_id() - check for valid session id in smb header
56 * @conn: connection instance
57 * @id: session id from smb header
59 * Return: 1 if valid session id, otherwise 0
61 static inline bool check_session_id(struct ksmbd_conn
*conn
, u64 id
)
63 struct ksmbd_session
*sess
;
65 if (id
== 0 || id
== -1)
68 sess
= ksmbd_session_lookup_all(conn
, id
);
71 pr_err("Invalid user session id: %llu\n", id
);
75 struct channel
*lookup_chann_list(struct ksmbd_session
*sess
, struct ksmbd_conn
*conn
)
77 struct channel
*chann
;
79 list_for_each_entry(chann
, &sess
->ksmbd_chann_list
, chann_list
) {
80 if (chann
->conn
== conn
)
88 * smb2_get_ksmbd_tcon() - get tree connection information using a tree id.
91 * Return: 0 if there is a tree connection matched or these are
92 * skipable commands, otherwise error
94 int smb2_get_ksmbd_tcon(struct ksmbd_work
*work
)
96 struct smb2_hdr
*req_hdr
= work
->request_buf
;
100 if (work
->conn
->ops
->get_cmd_val(work
) == SMB2_TREE_CONNECT_HE
||
101 work
->conn
->ops
->get_cmd_val(work
) == SMB2_CANCEL_HE
||
102 work
->conn
->ops
->get_cmd_val(work
) == SMB2_LOGOFF_HE
) {
103 ksmbd_debug(SMB
, "skip to check tree connect request\n");
107 if (xa_empty(&work
->sess
->tree_conns
)) {
108 ksmbd_debug(SMB
, "NO tree connected\n");
112 tree_id
= le32_to_cpu(req_hdr
->Id
.SyncId
.TreeId
);
113 work
->tcon
= ksmbd_tree_conn_lookup(work
->sess
, tree_id
);
115 pr_err("Invalid tid %d\n", tree_id
);
123 * smb2_set_err_rsp() - set error response code on smb response
124 * @work: smb work containing response buffer
126 void smb2_set_err_rsp(struct ksmbd_work
*work
)
128 struct smb2_err_rsp
*err_rsp
;
130 if (work
->next_smb2_rcv_hdr_off
)
131 err_rsp
= ksmbd_resp_buf_next(work
);
133 err_rsp
= work
->response_buf
;
135 if (err_rsp
->hdr
.Status
!= STATUS_STOPPED_ON_SYMLINK
) {
136 err_rsp
->StructureSize
= SMB2_ERROR_STRUCTURE_SIZE2_LE
;
137 err_rsp
->ErrorContextCount
= 0;
138 err_rsp
->Reserved
= 0;
139 err_rsp
->ByteCount
= 0;
140 err_rsp
->ErrorData
[0] = 0;
141 inc_rfc1001_len(work
->response_buf
, SMB2_ERROR_STRUCTURE_SIZE2
);
146 * is_smb2_neg_cmd() - is it smb2 negotiation command
147 * @work: smb work containing smb header
149 * Return: true if smb2 negotiation command, otherwise false
151 bool is_smb2_neg_cmd(struct ksmbd_work
*work
)
153 struct smb2_hdr
*hdr
= work
->request_buf
;
155 /* is it SMB2 header ? */
156 if (hdr
->ProtocolId
!= SMB2_PROTO_NUMBER
)
159 /* make sure it is request not response message */
160 if (hdr
->Flags
& SMB2_FLAGS_SERVER_TO_REDIR
)
163 if (hdr
->Command
!= SMB2_NEGOTIATE
)
170 * is_smb2_rsp() - is it smb2 response
171 * @work: smb work containing smb response buffer
173 * Return: true if smb2 response, otherwise false
175 bool is_smb2_rsp(struct ksmbd_work
*work
)
177 struct smb2_hdr
*hdr
= work
->response_buf
;
179 /* is it SMB2 header ? */
180 if (hdr
->ProtocolId
!= SMB2_PROTO_NUMBER
)
183 /* make sure it is response not request message */
184 if (!(hdr
->Flags
& SMB2_FLAGS_SERVER_TO_REDIR
))
191 * get_smb2_cmd_val() - get smb command code from smb header
192 * @work: smb work containing smb request buffer
194 * Return: smb2 request command value
196 u16
get_smb2_cmd_val(struct ksmbd_work
*work
)
198 struct smb2_hdr
*rcv_hdr
;
200 if (work
->next_smb2_rcv_hdr_off
)
201 rcv_hdr
= ksmbd_req_buf_next(work
);
203 rcv_hdr
= work
->request_buf
;
204 return le16_to_cpu(rcv_hdr
->Command
);
208 * set_smb2_rsp_status() - set error response code on smb2 header
209 * @work: smb work containing response buffer
210 * @err: error response code
212 void set_smb2_rsp_status(struct ksmbd_work
*work
, __le32 err
)
214 struct smb2_hdr
*rsp_hdr
;
216 if (work
->next_smb2_rcv_hdr_off
)
217 rsp_hdr
= ksmbd_resp_buf_next(work
);
219 rsp_hdr
= work
->response_buf
;
220 rsp_hdr
->Status
= err
;
221 smb2_set_err_rsp(work
);
225 * init_smb2_neg_rsp() - initialize smb2 response for negotiate command
226 * @work: smb work containing smb request buffer
228 * smb2 negotiate response is sent in reply of smb1 negotiate command for
229 * dialect auto-negotiation.
231 int init_smb2_neg_rsp(struct ksmbd_work
*work
)
233 struct smb2_hdr
*rsp_hdr
;
234 struct smb2_negotiate_rsp
*rsp
;
235 struct ksmbd_conn
*conn
= work
->conn
;
237 if (conn
->need_neg
== false)
240 rsp_hdr
= work
->response_buf
;
242 memset(rsp_hdr
, 0, sizeof(struct smb2_hdr
) + 2);
244 rsp_hdr
->smb2_buf_length
=
245 cpu_to_be32(smb2_hdr_size_no_buflen(conn
->vals
));
247 rsp_hdr
->ProtocolId
= SMB2_PROTO_NUMBER
;
248 rsp_hdr
->StructureSize
= SMB2_HEADER_STRUCTURE_SIZE
;
249 rsp_hdr
->CreditRequest
= cpu_to_le16(2);
250 rsp_hdr
->Command
= SMB2_NEGOTIATE
;
251 rsp_hdr
->Flags
= (SMB2_FLAGS_SERVER_TO_REDIR
);
252 rsp_hdr
->NextCommand
= 0;
253 rsp_hdr
->MessageId
= 0;
254 rsp_hdr
->Id
.SyncId
.ProcessId
= 0;
255 rsp_hdr
->Id
.SyncId
.TreeId
= 0;
256 rsp_hdr
->SessionId
= 0;
257 memset(rsp_hdr
->Signature
, 0, 16);
259 rsp
= work
->response_buf
;
261 WARN_ON(ksmbd_conn_good(work
));
263 rsp
->StructureSize
= cpu_to_le16(65);
264 ksmbd_debug(SMB
, "conn->dialect 0x%x\n", conn
->dialect
);
265 rsp
->DialectRevision
= cpu_to_le16(conn
->dialect
);
266 /* Not setting conn guid rsp->ServerGUID, as it
267 * not used by client for identifying connection
269 rsp
->Capabilities
= cpu_to_le32(conn
->vals
->capabilities
);
270 /* Default Max Message Size till SMB2.0, 64K*/
271 rsp
->MaxTransactSize
= cpu_to_le32(conn
->vals
->max_trans_size
);
272 rsp
->MaxReadSize
= cpu_to_le32(conn
->vals
->max_read_size
);
273 rsp
->MaxWriteSize
= cpu_to_le32(conn
->vals
->max_write_size
);
275 rsp
->SystemTime
= cpu_to_le64(ksmbd_systime());
276 rsp
->ServerStartTime
= 0;
278 rsp
->SecurityBufferOffset
= cpu_to_le16(128);
279 rsp
->SecurityBufferLength
= cpu_to_le16(AUTH_GSS_LENGTH
);
280 ksmbd_copy_gss_neg_header(((char *)(&rsp
->hdr
) +
281 sizeof(rsp
->hdr
.smb2_buf_length
)) +
282 le16_to_cpu(rsp
->SecurityBufferOffset
));
283 inc_rfc1001_len(rsp
, sizeof(struct smb2_negotiate_rsp
) -
284 sizeof(struct smb2_hdr
) - sizeof(rsp
->Buffer
) +
286 rsp
->SecurityMode
= SMB2_NEGOTIATE_SIGNING_ENABLED_LE
;
287 if (server_conf
.signing
== KSMBD_CONFIG_OPT_MANDATORY
)
288 rsp
->SecurityMode
|= SMB2_NEGOTIATE_SIGNING_REQUIRED_LE
;
289 conn
->use_spnego
= true;
291 ksmbd_conn_set_need_negotiate(work
);
296 * smb2_set_rsp_credits() - set number of credits in response buffer
297 * @work: smb work containing smb response buffer
299 int smb2_set_rsp_credits(struct ksmbd_work
*work
)
301 struct smb2_hdr
*req_hdr
= ksmbd_req_buf_next(work
);
302 struct smb2_hdr
*hdr
= ksmbd_resp_buf_next(work
);
303 struct ksmbd_conn
*conn
= work
->conn
;
304 unsigned short credits_requested
;
305 unsigned short credit_charge
, credits_granted
= 0;
306 unsigned short aux_max
, aux_credits
;
308 if (work
->send_no_response
)
311 hdr
->CreditCharge
= req_hdr
->CreditCharge
;
313 if (conn
->total_credits
> conn
->vals
->max_credits
) {
314 hdr
->CreditRequest
= 0;
315 pr_err("Total credits overflow: %d\n", conn
->total_credits
);
319 credit_charge
= max_t(unsigned short,
320 le16_to_cpu(req_hdr
->CreditCharge
), 1);
321 credits_requested
= max_t(unsigned short,
322 le16_to_cpu(req_hdr
->CreditRequest
), 1);
324 /* according to smb2.credits smbtorture, Windows server
325 * 2016 or later grant up to 8192 credits at once.
327 * TODO: Need to adjuct CreditRequest value according to
330 aux_credits
= credits_requested
- 1;
331 if (hdr
->Command
== SMB2_NEGOTIATE
)
334 aux_max
= conn
->vals
->max_credits
- credit_charge
;
335 aux_credits
= min_t(unsigned short, aux_credits
, aux_max
);
336 credits_granted
= credit_charge
+ aux_credits
;
338 if (conn
->vals
->max_credits
- conn
->total_credits
< credits_granted
)
339 credits_granted
= conn
->vals
->max_credits
-
342 conn
->total_credits
+= credits_granted
;
343 work
->credits_granted
+= credits_granted
;
345 if (!req_hdr
->NextCommand
) {
346 /* Update CreditRequest in last request */
347 hdr
->CreditRequest
= cpu_to_le16(work
->credits_granted
);
350 "credits: requested[%d] granted[%d] total_granted[%d]\n",
351 credits_requested
, credits_granted
,
352 conn
->total_credits
);
357 * init_chained_smb2_rsp() - initialize smb2 chained response
358 * @work: smb work containing smb response buffer
360 static void init_chained_smb2_rsp(struct ksmbd_work
*work
)
362 struct smb2_hdr
*req
= ksmbd_req_buf_next(work
);
363 struct smb2_hdr
*rsp
= ksmbd_resp_buf_next(work
);
364 struct smb2_hdr
*rsp_hdr
;
365 struct smb2_hdr
*rcv_hdr
;
366 int next_hdr_offset
= 0;
369 /* Len of this response = updated RFC len - offset of previous cmd
370 * in the compound rsp
373 /* Storing the current local FID which may be needed by subsequent
374 * command in the compound request
376 if (req
->Command
== SMB2_CREATE
&& rsp
->Status
== STATUS_SUCCESS
) {
378 le64_to_cpu(((struct smb2_create_rsp
*)rsp
)->
380 work
->compound_pfid
=
381 le64_to_cpu(((struct smb2_create_rsp
*)rsp
)->
383 work
->compound_sid
= le64_to_cpu(rsp
->SessionId
);
386 len
= get_rfc1002_len(work
->response_buf
) - work
->next_smb2_rsp_hdr_off
;
387 next_hdr_offset
= le32_to_cpu(req
->NextCommand
);
389 new_len
= ALIGN(len
, 8);
390 inc_rfc1001_len(work
->response_buf
, ((sizeof(struct smb2_hdr
) - 4)
392 rsp
->NextCommand
= cpu_to_le32(new_len
);
394 work
->next_smb2_rcv_hdr_off
+= next_hdr_offset
;
395 work
->next_smb2_rsp_hdr_off
+= new_len
;
397 "Compound req new_len = %d rcv off = %d rsp off = %d\n",
398 new_len
, work
->next_smb2_rcv_hdr_off
,
399 work
->next_smb2_rsp_hdr_off
);
401 rsp_hdr
= ksmbd_resp_buf_next(work
);
402 rcv_hdr
= ksmbd_req_buf_next(work
);
404 if (!(rcv_hdr
->Flags
& SMB2_FLAGS_RELATED_OPERATIONS
)) {
405 ksmbd_debug(SMB
, "related flag should be set\n");
406 work
->compound_fid
= KSMBD_NO_FID
;
407 work
->compound_pfid
= KSMBD_NO_FID
;
409 memset((char *)rsp_hdr
+ 4, 0, sizeof(struct smb2_hdr
) + 2);
410 rsp_hdr
->ProtocolId
= SMB2_PROTO_NUMBER
;
411 rsp_hdr
->StructureSize
= SMB2_HEADER_STRUCTURE_SIZE
;
412 rsp_hdr
->Command
= rcv_hdr
->Command
;
415 * Message is response. We don't grant oplock yet.
417 rsp_hdr
->Flags
= (SMB2_FLAGS_SERVER_TO_REDIR
|
418 SMB2_FLAGS_RELATED_OPERATIONS
);
419 rsp_hdr
->NextCommand
= 0;
420 rsp_hdr
->MessageId
= rcv_hdr
->MessageId
;
421 rsp_hdr
->Id
.SyncId
.ProcessId
= rcv_hdr
->Id
.SyncId
.ProcessId
;
422 rsp_hdr
->Id
.SyncId
.TreeId
= rcv_hdr
->Id
.SyncId
.TreeId
;
423 rsp_hdr
->SessionId
= rcv_hdr
->SessionId
;
424 memcpy(rsp_hdr
->Signature
, rcv_hdr
->Signature
, 16);
428 * is_chained_smb2_message() - check for chained command
429 * @work: smb work containing smb request buffer
431 * Return: true if chained request, otherwise false
433 bool is_chained_smb2_message(struct ksmbd_work
*work
)
435 struct smb2_hdr
*hdr
= work
->request_buf
;
436 unsigned int len
, next_cmd
;
438 if (hdr
->ProtocolId
!= SMB2_PROTO_NUMBER
)
441 hdr
= ksmbd_req_buf_next(work
);
442 next_cmd
= le32_to_cpu(hdr
->NextCommand
);
444 if ((u64
)work
->next_smb2_rcv_hdr_off
+ next_cmd
+
445 __SMB2_HEADER_STRUCTURE_SIZE
>
446 get_rfc1002_len(work
->request_buf
)) {
447 pr_err("next command(%u) offset exceeds smb msg size\n",
452 if ((u64
)get_rfc1002_len(work
->response_buf
) + MAX_CIFS_SMALL_BUFFER_SIZE
>
454 pr_err("next response offset exceeds response buffer size\n");
458 ksmbd_debug(SMB
, "got SMB2 chained command\n");
459 init_chained_smb2_rsp(work
);
461 } else if (work
->next_smb2_rcv_hdr_off
) {
463 * This is last request in chained command,
464 * align response to 8 byte
466 len
= ALIGN(get_rfc1002_len(work
->response_buf
), 8);
467 len
= len
- get_rfc1002_len(work
->response_buf
);
469 ksmbd_debug(SMB
, "padding len %u\n", len
);
470 inc_rfc1001_len(work
->response_buf
, len
);
471 if (work
->aux_payload_sz
)
472 work
->aux_payload_sz
+= len
;
479 * init_smb2_rsp_hdr() - initialize smb2 response
480 * @work: smb work containing smb request buffer
484 int init_smb2_rsp_hdr(struct ksmbd_work
*work
)
486 struct smb2_hdr
*rsp_hdr
= work
->response_buf
;
487 struct smb2_hdr
*rcv_hdr
= work
->request_buf
;
488 struct ksmbd_conn
*conn
= work
->conn
;
490 memset(rsp_hdr
, 0, sizeof(struct smb2_hdr
) + 2);
491 rsp_hdr
->smb2_buf_length
=
492 cpu_to_be32(smb2_hdr_size_no_buflen(conn
->vals
));
493 rsp_hdr
->ProtocolId
= rcv_hdr
->ProtocolId
;
494 rsp_hdr
->StructureSize
= SMB2_HEADER_STRUCTURE_SIZE
;
495 rsp_hdr
->Command
= rcv_hdr
->Command
;
498 * Message is response. We don't grant oplock yet.
500 rsp_hdr
->Flags
= (SMB2_FLAGS_SERVER_TO_REDIR
);
501 rsp_hdr
->NextCommand
= 0;
502 rsp_hdr
->MessageId
= rcv_hdr
->MessageId
;
503 rsp_hdr
->Id
.SyncId
.ProcessId
= rcv_hdr
->Id
.SyncId
.ProcessId
;
504 rsp_hdr
->Id
.SyncId
.TreeId
= rcv_hdr
->Id
.SyncId
.TreeId
;
505 rsp_hdr
->SessionId
= rcv_hdr
->SessionId
;
506 memcpy(rsp_hdr
->Signature
, rcv_hdr
->Signature
, 16);
508 work
->syncronous
= true;
509 if (work
->async_id
) {
510 ksmbd_release_id(&conn
->async_ida
, work
->async_id
);
518 * smb2_allocate_rsp_buf() - allocate smb2 response buffer
519 * @work: smb work containing smb request buffer
521 * Return: 0 on success, otherwise -ENOMEM
523 int smb2_allocate_rsp_buf(struct ksmbd_work
*work
)
525 struct smb2_hdr
*hdr
= work
->request_buf
;
526 size_t small_sz
= MAX_CIFS_SMALL_BUFFER_SIZE
;
527 size_t large_sz
= small_sz
+ work
->conn
->vals
->max_trans_size
;
528 size_t sz
= small_sz
;
529 int cmd
= le16_to_cpu(hdr
->Command
);
531 if (cmd
== SMB2_IOCTL_HE
|| cmd
== SMB2_QUERY_DIRECTORY_HE
)
534 if (cmd
== SMB2_QUERY_INFO_HE
) {
535 struct smb2_query_info_req
*req
;
537 req
= work
->request_buf
;
538 if (req
->InfoType
== SMB2_O_INFO_FILE
&&
539 (req
->FileInfoClass
== FILE_FULL_EA_INFORMATION
||
540 req
->FileInfoClass
== FILE_ALL_INFORMATION
))
544 /* allocate large response buf for chained commands */
545 if (le32_to_cpu(hdr
->NextCommand
) > 0)
548 work
->response_buf
= kvmalloc(sz
, GFP_KERNEL
| __GFP_ZERO
);
549 if (!work
->response_buf
)
552 work
->response_sz
= sz
;
557 * smb2_check_user_session() - check for valid session for a user
558 * @work: smb work containing smb request buffer
560 * Return: 0 on success, otherwise error
562 int smb2_check_user_session(struct ksmbd_work
*work
)
564 struct smb2_hdr
*req_hdr
= work
->request_buf
;
565 struct ksmbd_conn
*conn
= work
->conn
;
566 unsigned int cmd
= conn
->ops
->get_cmd_val(work
);
567 unsigned long long sess_id
;
571 * SMB2_ECHO, SMB2_NEGOTIATE, SMB2_SESSION_SETUP command do not
572 * require a session id, so no need to validate user session's for
575 if (cmd
== SMB2_ECHO_HE
|| cmd
== SMB2_NEGOTIATE_HE
||
576 cmd
== SMB2_SESSION_SETUP_HE
)
579 if (!ksmbd_conn_good(work
))
582 sess_id
= le64_to_cpu(req_hdr
->SessionId
);
583 /* Check for validity of user session */
584 work
->sess
= ksmbd_session_lookup_all(conn
, sess_id
);
587 ksmbd_debug(SMB
, "Invalid user session, Uid %llu\n", sess_id
);
591 static void destroy_previous_session(struct ksmbd_user
*user
, u64 id
)
593 struct ksmbd_session
*prev_sess
= ksmbd_session_lookup_slowpath(id
);
594 struct ksmbd_user
*prev_user
;
599 prev_user
= prev_sess
->user
;
602 strcmp(user
->name
, prev_user
->name
) ||
603 user
->passkey_sz
!= prev_user
->passkey_sz
||
604 memcmp(user
->passkey
, prev_user
->passkey
, user
->passkey_sz
)) {
605 put_session(prev_sess
);
609 put_session(prev_sess
);
610 ksmbd_session_destroy(prev_sess
);
614 * smb2_get_name() - get filename string from on the wire smb format
615 * @share: ksmbd_share_config pointer
616 * @src: source buffer
617 * @maxlen: maxlen of source string
618 * @nls_table: nls_table pointer
620 * Return: matching converted filename on success, otherwise error ptr
623 smb2_get_name(struct ksmbd_share_config
*share
, const char *src
,
624 const int maxlen
, struct nls_table
*local_nls
)
628 name
= smb_strndup_from_utf16(src
, maxlen
, 1, local_nls
);
630 pr_err("failed to get name %ld\n", PTR_ERR(name
));
634 ksmbd_conv_path_to_unix(name
);
635 ksmbd_strip_last_slash(name
);
639 int setup_async_work(struct ksmbd_work
*work
, void (*fn
)(void **), void **arg
)
641 struct smb2_hdr
*rsp_hdr
;
642 struct ksmbd_conn
*conn
= work
->conn
;
645 rsp_hdr
= work
->response_buf
;
646 rsp_hdr
->Flags
|= SMB2_FLAGS_ASYNC_COMMAND
;
648 id
= ksmbd_acquire_async_msg_id(&conn
->async_ida
);
650 pr_err("Failed to alloc async message id\n");
653 work
->syncronous
= false;
655 rsp_hdr
->Id
.AsyncId
= cpu_to_le64(id
);
658 "Send interim Response to inform async request id : %d\n",
661 work
->cancel_fn
= fn
;
662 work
->cancel_argv
= arg
;
664 if (list_empty(&work
->async_request_entry
)) {
665 spin_lock(&conn
->request_lock
);
666 list_add_tail(&work
->async_request_entry
, &conn
->async_requests
);
667 spin_unlock(&conn
->request_lock
);
673 void smb2_send_interim_resp(struct ksmbd_work
*work
, __le32 status
)
675 struct smb2_hdr
*rsp_hdr
;
677 rsp_hdr
= work
->response_buf
;
678 smb2_set_err_rsp(work
);
679 rsp_hdr
->Status
= status
;
682 ksmbd_conn_write(work
);
687 static __le32
smb2_get_reparse_tag_special_file(umode_t mode
)
689 if (S_ISDIR(mode
) || S_ISREG(mode
))
693 return IO_REPARSE_TAG_LX_SYMLINK_LE
;
694 else if (S_ISFIFO(mode
))
695 return IO_REPARSE_TAG_LX_FIFO_LE
;
696 else if (S_ISSOCK(mode
))
697 return IO_REPARSE_TAG_AF_UNIX_LE
;
698 else if (S_ISCHR(mode
))
699 return IO_REPARSE_TAG_LX_CHR_LE
;
700 else if (S_ISBLK(mode
))
701 return IO_REPARSE_TAG_LX_BLK_LE
;
707 * smb2_get_dos_mode() - get file mode in dos format from unix mode
708 * @stat: kstat containing file mode
709 * @attribute: attribute flags
711 * Return: converted dos mode
713 static int smb2_get_dos_mode(struct kstat
*stat
, int attribute
)
717 if (S_ISDIR(stat
->mode
)) {
718 attr
= ATTR_DIRECTORY
|
719 (attribute
& (ATTR_HIDDEN
| ATTR_SYSTEM
));
721 attr
= (attribute
& 0x00005137) | ATTR_ARCHIVE
;
722 attr
&= ~(ATTR_DIRECTORY
);
723 if (S_ISREG(stat
->mode
) && (server_conf
.share_fake_fscaps
&
724 FILE_SUPPORTS_SPARSE_FILES
))
727 if (smb2_get_reparse_tag_special_file(stat
->mode
))
728 attr
|= ATTR_REPARSE
;
734 static void build_preauth_ctxt(struct smb2_preauth_neg_context
*pneg_ctxt
,
737 pneg_ctxt
->ContextType
= SMB2_PREAUTH_INTEGRITY_CAPABILITIES
;
738 pneg_ctxt
->DataLength
= cpu_to_le16(38);
739 pneg_ctxt
->HashAlgorithmCount
= cpu_to_le16(1);
740 pneg_ctxt
->Reserved
= cpu_to_le32(0);
741 pneg_ctxt
->SaltLength
= cpu_to_le16(SMB311_SALT_SIZE
);
742 get_random_bytes(pneg_ctxt
->Salt
, SMB311_SALT_SIZE
);
743 pneg_ctxt
->HashAlgorithms
= hash_id
;
746 static void build_encrypt_ctxt(struct smb2_encryption_neg_context
*pneg_ctxt
,
749 pneg_ctxt
->ContextType
= SMB2_ENCRYPTION_CAPABILITIES
;
750 pneg_ctxt
->DataLength
= cpu_to_le16(4);
751 pneg_ctxt
->Reserved
= cpu_to_le32(0);
752 pneg_ctxt
->CipherCount
= cpu_to_le16(1);
753 pneg_ctxt
->Ciphers
[0] = cipher_type
;
756 static void build_compression_ctxt(struct smb2_compression_ctx
*pneg_ctxt
,
759 pneg_ctxt
->ContextType
= SMB2_COMPRESSION_CAPABILITIES
;
760 pneg_ctxt
->DataLength
=
761 cpu_to_le16(sizeof(struct smb2_compression_ctx
)
762 - sizeof(struct smb2_neg_context
));
763 pneg_ctxt
->Reserved
= cpu_to_le32(0);
764 pneg_ctxt
->CompressionAlgorithmCount
= cpu_to_le16(1);
765 pneg_ctxt
->Reserved1
= cpu_to_le32(0);
766 pneg_ctxt
->CompressionAlgorithms
[0] = comp_algo
;
769 static void build_sign_cap_ctxt(struct smb2_signing_capabilities
*pneg_ctxt
,
772 pneg_ctxt
->ContextType
= SMB2_SIGNING_CAPABILITIES
;
773 pneg_ctxt
->DataLength
=
774 cpu_to_le16((sizeof(struct smb2_signing_capabilities
) + 2)
775 - sizeof(struct smb2_neg_context
));
776 pneg_ctxt
->Reserved
= cpu_to_le32(0);
777 pneg_ctxt
->SigningAlgorithmCount
= cpu_to_le16(1);
778 pneg_ctxt
->SigningAlgorithms
[0] = sign_algo
;
781 static void build_posix_ctxt(struct smb2_posix_neg_context
*pneg_ctxt
)
783 pneg_ctxt
->ContextType
= SMB2_POSIX_EXTENSIONS_AVAILABLE
;
784 pneg_ctxt
->DataLength
= cpu_to_le16(POSIX_CTXT_DATA_LEN
);
785 /* SMB2_CREATE_TAG_POSIX is "0x93AD25509CB411E7B42383DE968BCD7C" */
786 pneg_ctxt
->Name
[0] = 0x93;
787 pneg_ctxt
->Name
[1] = 0xAD;
788 pneg_ctxt
->Name
[2] = 0x25;
789 pneg_ctxt
->Name
[3] = 0x50;
790 pneg_ctxt
->Name
[4] = 0x9C;
791 pneg_ctxt
->Name
[5] = 0xB4;
792 pneg_ctxt
->Name
[6] = 0x11;
793 pneg_ctxt
->Name
[7] = 0xE7;
794 pneg_ctxt
->Name
[8] = 0xB4;
795 pneg_ctxt
->Name
[9] = 0x23;
796 pneg_ctxt
->Name
[10] = 0x83;
797 pneg_ctxt
->Name
[11] = 0xDE;
798 pneg_ctxt
->Name
[12] = 0x96;
799 pneg_ctxt
->Name
[13] = 0x8B;
800 pneg_ctxt
->Name
[14] = 0xCD;
801 pneg_ctxt
->Name
[15] = 0x7C;
804 static void assemble_neg_contexts(struct ksmbd_conn
*conn
,
805 struct smb2_negotiate_rsp
*rsp
)
807 /* +4 is to account for the RFC1001 len field */
808 char *pneg_ctxt
= (char *)rsp
+
809 le32_to_cpu(rsp
->NegotiateContextOffset
) + 4;
810 int neg_ctxt_cnt
= 1;
814 "assemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context\n");
815 build_preauth_ctxt((struct smb2_preauth_neg_context
*)pneg_ctxt
,
816 conn
->preauth_info
->Preauth_HashId
);
817 rsp
->NegotiateContextCount
= cpu_to_le16(neg_ctxt_cnt
);
818 inc_rfc1001_len(rsp
, AUTH_GSS_PADDING
);
819 ctxt_size
= sizeof(struct smb2_preauth_neg_context
);
820 /* Round to 8 byte boundary */
821 pneg_ctxt
+= round_up(sizeof(struct smb2_preauth_neg_context
), 8);
823 if (conn
->cipher_type
) {
824 ctxt_size
= round_up(ctxt_size
, 8);
826 "assemble SMB2_ENCRYPTION_CAPABILITIES context\n");
827 build_encrypt_ctxt((struct smb2_encryption_neg_context
*)pneg_ctxt
,
829 rsp
->NegotiateContextCount
= cpu_to_le16(++neg_ctxt_cnt
);
830 ctxt_size
+= sizeof(struct smb2_encryption_neg_context
) + 2;
831 /* Round to 8 byte boundary */
833 round_up(sizeof(struct smb2_encryption_neg_context
) + 2,
837 if (conn
->compress_algorithm
) {
838 ctxt_size
= round_up(ctxt_size
, 8);
840 "assemble SMB2_COMPRESSION_CAPABILITIES context\n");
841 /* Temporarily set to SMB3_COMPRESS_NONE */
842 build_compression_ctxt((struct smb2_compression_ctx
*)pneg_ctxt
,
843 conn
->compress_algorithm
);
844 rsp
->NegotiateContextCount
= cpu_to_le16(++neg_ctxt_cnt
);
845 ctxt_size
+= sizeof(struct smb2_compression_ctx
) + 2;
846 /* Round to 8 byte boundary */
847 pneg_ctxt
+= round_up(sizeof(struct smb2_compression_ctx
) + 2,
851 if (conn
->posix_ext_supported
) {
852 ctxt_size
= round_up(ctxt_size
, 8);
854 "assemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n");
855 build_posix_ctxt((struct smb2_posix_neg_context
*)pneg_ctxt
);
856 rsp
->NegotiateContextCount
= cpu_to_le16(++neg_ctxt_cnt
);
857 ctxt_size
+= sizeof(struct smb2_posix_neg_context
);
858 /* Round to 8 byte boundary */
859 pneg_ctxt
+= round_up(sizeof(struct smb2_posix_neg_context
), 8);
862 if (conn
->signing_negotiated
) {
863 ctxt_size
= round_up(ctxt_size
, 8);
865 "assemble SMB2_SIGNING_CAPABILITIES context\n");
866 build_sign_cap_ctxt((struct smb2_signing_capabilities
*)pneg_ctxt
,
867 conn
->signing_algorithm
);
868 rsp
->NegotiateContextCount
= cpu_to_le16(++neg_ctxt_cnt
);
869 ctxt_size
+= sizeof(struct smb2_signing_capabilities
) + 2;
872 inc_rfc1001_len(rsp
, ctxt_size
);
875 static __le32
decode_preauth_ctxt(struct ksmbd_conn
*conn
,
876 struct smb2_preauth_neg_context
*pneg_ctxt
)
878 __le32 err
= STATUS_NO_PREAUTH_INTEGRITY_HASH_OVERLAP
;
880 if (pneg_ctxt
->HashAlgorithms
== SMB2_PREAUTH_INTEGRITY_SHA512
) {
881 conn
->preauth_info
->Preauth_HashId
=
882 SMB2_PREAUTH_INTEGRITY_SHA512
;
883 err
= STATUS_SUCCESS
;
889 static void decode_encrypt_ctxt(struct ksmbd_conn
*conn
,
890 struct smb2_encryption_neg_context
*pneg_ctxt
,
893 int cph_cnt
= le16_to_cpu(pneg_ctxt
->CipherCount
);
894 int i
, cphs_size
= cph_cnt
* sizeof(__le16
);
896 conn
->cipher_type
= 0;
898 if (sizeof(struct smb2_encryption_neg_context
) + cphs_size
>
900 pr_err("Invalid cipher count(%d)\n", cph_cnt
);
904 if (!(server_conf
.flags
& KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION
))
907 for (i
= 0; i
< cph_cnt
; i
++) {
908 if (pneg_ctxt
->Ciphers
[i
] == SMB2_ENCRYPTION_AES128_GCM
||
909 pneg_ctxt
->Ciphers
[i
] == SMB2_ENCRYPTION_AES128_CCM
||
910 pneg_ctxt
->Ciphers
[i
] == SMB2_ENCRYPTION_AES256_CCM
||
911 pneg_ctxt
->Ciphers
[i
] == SMB2_ENCRYPTION_AES256_GCM
) {
912 ksmbd_debug(SMB
, "Cipher ID = 0x%x\n",
913 pneg_ctxt
->Ciphers
[i
]);
914 conn
->cipher_type
= pneg_ctxt
->Ciphers
[i
];
921 * smb3_encryption_negotiated() - checks if server and client agreed on enabling encryption
922 * @conn: smb connection
924 * Return: true if connection should be encrypted, else false
926 static bool smb3_encryption_negotiated(struct ksmbd_conn
*conn
)
928 if (!conn
->ops
->generate_encryptionkey
)
932 * SMB 3.0 and 3.0.2 dialects use the SMB2_GLOBAL_CAP_ENCRYPTION flag.
933 * SMB 3.1.1 uses the cipher_type field.
935 return (conn
->vals
->capabilities
& SMB2_GLOBAL_CAP_ENCRYPTION
) ||
939 static void decode_compress_ctxt(struct ksmbd_conn
*conn
,
940 struct smb2_compression_ctx
*pneg_ctxt
)
942 conn
->compress_algorithm
= SMB3_COMPRESS_NONE
;
945 static void decode_sign_cap_ctxt(struct ksmbd_conn
*conn
,
946 struct smb2_signing_capabilities
*pneg_ctxt
,
949 int sign_algo_cnt
= le16_to_cpu(pneg_ctxt
->SigningAlgorithmCount
);
950 int i
, sign_alos_size
= sign_algo_cnt
* sizeof(__le16
);
952 conn
->signing_negotiated
= false;
954 if (sizeof(struct smb2_signing_capabilities
) + sign_alos_size
>
956 pr_err("Invalid signing algorithm count(%d)\n", sign_algo_cnt
);
960 for (i
= 0; i
< sign_algo_cnt
; i
++) {
961 if (pneg_ctxt
->SigningAlgorithms
[i
] == SIGNING_ALG_HMAC_SHA256
||
962 pneg_ctxt
->SigningAlgorithms
[i
] == SIGNING_ALG_AES_CMAC
) {
963 ksmbd_debug(SMB
, "Signing Algorithm ID = 0x%x\n",
964 pneg_ctxt
->SigningAlgorithms
[i
]);
965 conn
->signing_negotiated
= true;
966 conn
->signing_algorithm
=
967 pneg_ctxt
->SigningAlgorithms
[i
];
973 static __le32
deassemble_neg_contexts(struct ksmbd_conn
*conn
,
974 struct smb2_negotiate_req
*req
)
976 /* +4 is to account for the RFC1001 len field */
977 struct smb2_neg_context
*pctx
= (struct smb2_neg_context
*)((char *)req
+ 4);
978 int i
= 0, len_of_ctxts
;
979 int offset
= le32_to_cpu(req
->NegotiateContextOffset
);
980 int neg_ctxt_cnt
= le16_to_cpu(req
->NegotiateContextCount
);
981 int len_of_smb
= be32_to_cpu(req
->hdr
.smb2_buf_length
);
982 __le32 status
= STATUS_INVALID_PARAMETER
;
984 ksmbd_debug(SMB
, "decoding %d negotiate contexts\n", neg_ctxt_cnt
);
985 if (len_of_smb
<= offset
) {
986 ksmbd_debug(SMB
, "Invalid response: negotiate context offset\n");
990 len_of_ctxts
= len_of_smb
- offset
;
992 while (i
++ < neg_ctxt_cnt
) {
995 /* check that offset is not beyond end of SMB */
996 if (len_of_ctxts
== 0)
999 if (len_of_ctxts
< sizeof(struct smb2_neg_context
))
1002 pctx
= (struct smb2_neg_context
*)((char *)pctx
+ offset
);
1003 clen
= le16_to_cpu(pctx
->DataLength
);
1004 if (clen
+ sizeof(struct smb2_neg_context
) > len_of_ctxts
)
1007 if (pctx
->ContextType
== SMB2_PREAUTH_INTEGRITY_CAPABILITIES
) {
1009 "deassemble SMB2_PREAUTH_INTEGRITY_CAPABILITIES context\n");
1010 if (conn
->preauth_info
->Preauth_HashId
)
1013 status
= decode_preauth_ctxt(conn
,
1014 (struct smb2_preauth_neg_context
*)pctx
);
1015 if (status
!= STATUS_SUCCESS
)
1017 } else if (pctx
->ContextType
== SMB2_ENCRYPTION_CAPABILITIES
) {
1019 "deassemble SMB2_ENCRYPTION_CAPABILITIES context\n");
1020 if (conn
->cipher_type
)
1023 decode_encrypt_ctxt(conn
,
1024 (struct smb2_encryption_neg_context
*)pctx
,
1026 } else if (pctx
->ContextType
== SMB2_COMPRESSION_CAPABILITIES
) {
1028 "deassemble SMB2_COMPRESSION_CAPABILITIES context\n");
1029 if (conn
->compress_algorithm
)
1032 decode_compress_ctxt(conn
,
1033 (struct smb2_compression_ctx
*)pctx
);
1034 } else if (pctx
->ContextType
== SMB2_NETNAME_NEGOTIATE_CONTEXT_ID
) {
1036 "deassemble SMB2_NETNAME_NEGOTIATE_CONTEXT_ID context\n");
1037 } else if (pctx
->ContextType
== SMB2_POSIX_EXTENSIONS_AVAILABLE
) {
1039 "deassemble SMB2_POSIX_EXTENSIONS_AVAILABLE context\n");
1040 conn
->posix_ext_supported
= true;
1041 } else if (pctx
->ContextType
== SMB2_SIGNING_CAPABILITIES
) {
1043 "deassemble SMB2_SIGNING_CAPABILITIES context\n");
1044 decode_sign_cap_ctxt(conn
,
1045 (struct smb2_signing_capabilities
*)pctx
,
1049 /* offsets must be 8 byte aligned */
1050 clen
= (clen
+ 7) & ~0x7;
1051 offset
= clen
+ sizeof(struct smb2_neg_context
);
1052 len_of_ctxts
-= clen
+ sizeof(struct smb2_neg_context
);
1058 * smb2_handle_negotiate() - handler for smb2 negotiate command
1059 * @work: smb work containing smb request buffer
1063 int smb2_handle_negotiate(struct ksmbd_work
*work
)
1065 struct ksmbd_conn
*conn
= work
->conn
;
1066 struct smb2_negotiate_req
*req
= work
->request_buf
;
1067 struct smb2_negotiate_rsp
*rsp
= work
->response_buf
;
1069 unsigned int smb2_buf_len
, smb2_neg_size
;
1072 ksmbd_debug(SMB
, "Received negotiate request\n");
1073 conn
->need_neg
= false;
1074 if (ksmbd_conn_good(work
)) {
1075 pr_err("conn->tcp_status is already in CifsGood State\n");
1076 work
->send_no_response
= 1;
1080 if (req
->DialectCount
== 0) {
1081 pr_err("malformed packet\n");
1082 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1087 smb2_buf_len
= get_rfc1002_len(work
->request_buf
);
1088 smb2_neg_size
= offsetof(struct smb2_negotiate_req
, Dialects
) - 4;
1089 if (smb2_neg_size
> smb2_buf_len
) {
1090 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1095 if (conn
->dialect
== SMB311_PROT_ID
) {
1096 unsigned int nego_ctxt_off
= le32_to_cpu(req
->NegotiateContextOffset
);
1098 if (smb2_buf_len
< nego_ctxt_off
) {
1099 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1104 if (smb2_neg_size
> nego_ctxt_off
) {
1105 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1110 if (smb2_neg_size
+ le16_to_cpu(req
->DialectCount
) * sizeof(__le16
) >
1112 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1117 if (smb2_neg_size
+ le16_to_cpu(req
->DialectCount
) * sizeof(__le16
) >
1119 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1125 conn
->cli_cap
= le32_to_cpu(req
->Capabilities
);
1126 switch (conn
->dialect
) {
1127 case SMB311_PROT_ID
:
1128 conn
->preauth_info
=
1129 kzalloc(sizeof(struct preauth_integrity_info
),
1131 if (!conn
->preauth_info
) {
1133 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1137 status
= deassemble_neg_contexts(conn
, req
);
1138 if (status
!= STATUS_SUCCESS
) {
1139 pr_err("deassemble_neg_contexts error(0x%x)\n",
1141 rsp
->hdr
.Status
= status
;
1146 rc
= init_smb3_11_server(conn
);
1148 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1152 ksmbd_gen_preauth_integrity_hash(conn
,
1154 conn
->preauth_info
->Preauth_HashValue
);
1155 rsp
->NegotiateContextOffset
=
1156 cpu_to_le32(OFFSET_OF_NEG_CONTEXT
);
1157 assemble_neg_contexts(conn
, rsp
);
1159 case SMB302_PROT_ID
:
1160 init_smb3_02_server(conn
);
1163 init_smb3_0_server(conn
);
1166 init_smb2_1_server(conn
);
1171 ksmbd_debug(SMB
, "Server dialect :0x%x not supported\n",
1173 rsp
->hdr
.Status
= STATUS_NOT_SUPPORTED
;
1177 rsp
->Capabilities
= cpu_to_le32(conn
->vals
->capabilities
);
1180 conn
->connection_type
= conn
->dialect
;
1182 rsp
->MaxTransactSize
= cpu_to_le32(conn
->vals
->max_trans_size
);
1183 rsp
->MaxReadSize
= cpu_to_le32(conn
->vals
->max_read_size
);
1184 rsp
->MaxWriteSize
= cpu_to_le32(conn
->vals
->max_write_size
);
1186 memcpy(conn
->ClientGUID
, req
->ClientGUID
,
1187 SMB2_CLIENT_GUID_SIZE
);
1188 conn
->cli_sec_mode
= le16_to_cpu(req
->SecurityMode
);
1190 rsp
->StructureSize
= cpu_to_le16(65);
1191 rsp
->DialectRevision
= cpu_to_le16(conn
->dialect
);
1192 /* Not setting conn guid rsp->ServerGUID, as it
1193 * not used by client for identifying server
1195 memset(rsp
->ServerGUID
, 0, SMB2_CLIENT_GUID_SIZE
);
1197 rsp
->SystemTime
= cpu_to_le64(ksmbd_systime());
1198 rsp
->ServerStartTime
= 0;
1199 ksmbd_debug(SMB
, "negotiate context offset %d, count %d\n",
1200 le32_to_cpu(rsp
->NegotiateContextOffset
),
1201 le16_to_cpu(rsp
->NegotiateContextCount
));
1203 rsp
->SecurityBufferOffset
= cpu_to_le16(128);
1204 rsp
->SecurityBufferLength
= cpu_to_le16(AUTH_GSS_LENGTH
);
1205 ksmbd_copy_gss_neg_header(((char *)(&rsp
->hdr
) +
1206 sizeof(rsp
->hdr
.smb2_buf_length
)) +
1207 le16_to_cpu(rsp
->SecurityBufferOffset
));
1208 inc_rfc1001_len(rsp
, sizeof(struct smb2_negotiate_rsp
) -
1209 sizeof(struct smb2_hdr
) - sizeof(rsp
->Buffer
) +
1211 rsp
->SecurityMode
= SMB2_NEGOTIATE_SIGNING_ENABLED_LE
;
1212 conn
->use_spnego
= true;
1214 if ((server_conf
.signing
== KSMBD_CONFIG_OPT_AUTO
||
1215 server_conf
.signing
== KSMBD_CONFIG_OPT_DISABLED
) &&
1216 req
->SecurityMode
& SMB2_NEGOTIATE_SIGNING_REQUIRED_LE
)
1218 else if (server_conf
.signing
== KSMBD_CONFIG_OPT_MANDATORY
) {
1219 server_conf
.enforced_signing
= true;
1220 rsp
->SecurityMode
|= SMB2_NEGOTIATE_SIGNING_REQUIRED_LE
;
1224 conn
->srv_sec_mode
= le16_to_cpu(rsp
->SecurityMode
);
1225 ksmbd_conn_set_need_negotiate(work
);
1229 smb2_set_err_rsp(work
);
1234 static int alloc_preauth_hash(struct ksmbd_session
*sess
,
1235 struct ksmbd_conn
*conn
)
1237 if (sess
->Preauth_HashValue
)
1240 sess
->Preauth_HashValue
= kmemdup(conn
->preauth_info
->Preauth_HashValue
,
1241 PREAUTH_HASHVALUE_SIZE
, GFP_KERNEL
);
1242 if (!sess
->Preauth_HashValue
)
1248 static int generate_preauth_hash(struct ksmbd_work
*work
)
1250 struct ksmbd_conn
*conn
= work
->conn
;
1251 struct ksmbd_session
*sess
= work
->sess
;
1254 if (conn
->dialect
!= SMB311_PROT_ID
)
1257 if (conn
->binding
) {
1258 struct preauth_session
*preauth_sess
;
1260 preauth_sess
= ksmbd_preauth_session_lookup(conn
, sess
->id
);
1261 if (!preauth_sess
) {
1262 preauth_sess
= ksmbd_preauth_session_alloc(conn
, sess
->id
);
1267 preauth_hash
= preauth_sess
->Preauth_HashValue
;
1269 if (!sess
->Preauth_HashValue
)
1270 if (alloc_preauth_hash(sess
, conn
))
1272 preauth_hash
= sess
->Preauth_HashValue
;
1275 ksmbd_gen_preauth_integrity_hash(conn
, work
->request_buf
, preauth_hash
);
1279 static int decode_negotiation_token(struct ksmbd_conn
*conn
,
1280 struct negotiate_message
*negblob
,
1283 if (!conn
->use_spnego
)
1286 if (ksmbd_decode_negTokenInit((char *)negblob
, sz
, conn
)) {
1287 if (ksmbd_decode_negTokenTarg((char *)negblob
, sz
, conn
)) {
1288 conn
->auth_mechs
|= KSMBD_AUTH_NTLMSSP
;
1289 conn
->preferred_auth_mech
= KSMBD_AUTH_NTLMSSP
;
1290 conn
->use_spnego
= false;
1296 static int ntlm_negotiate(struct ksmbd_work
*work
,
1297 struct negotiate_message
*negblob
,
1300 struct smb2_sess_setup_rsp
*rsp
= work
->response_buf
;
1301 struct challenge_message
*chgblob
;
1302 unsigned char *spnego_blob
= NULL
;
1303 u16 spnego_blob_len
;
1307 ksmbd_debug(SMB
, "negotiate phase\n");
1308 rc
= ksmbd_decode_ntlmssp_neg_blob(negblob
, negblob_len
, work
->sess
);
1312 sz
= le16_to_cpu(rsp
->SecurityBufferOffset
);
1314 (struct challenge_message
*)((char *)&rsp
->hdr
.ProtocolId
+ sz
);
1315 memset(chgblob
, 0, sizeof(struct challenge_message
));
1317 if (!work
->conn
->use_spnego
) {
1318 sz
= ksmbd_build_ntlmssp_challenge_blob(chgblob
, work
->sess
);
1322 rsp
->SecurityBufferLength
= cpu_to_le16(sz
);
1326 sz
= sizeof(struct challenge_message
);
1327 sz
+= (strlen(ksmbd_netbios_name()) * 2 + 1 + 4) * 6;
1329 neg_blob
= kzalloc(sz
, GFP_KERNEL
);
1333 chgblob
= (struct challenge_message
*)neg_blob
;
1334 sz
= ksmbd_build_ntlmssp_challenge_blob(chgblob
, work
->sess
);
1340 rc
= build_spnego_ntlmssp_neg_blob(&spnego_blob
, &spnego_blob_len
,
1347 sz
= le16_to_cpu(rsp
->SecurityBufferOffset
);
1348 memcpy((char *)&rsp
->hdr
.ProtocolId
+ sz
, spnego_blob
, spnego_blob_len
);
1349 rsp
->SecurityBufferLength
= cpu_to_le16(spnego_blob_len
);
1357 static struct authenticate_message
*user_authblob(struct ksmbd_conn
*conn
,
1358 struct smb2_sess_setup_req
*req
)
1362 if (conn
->use_spnego
&& conn
->mechToken
)
1363 return (struct authenticate_message
*)conn
->mechToken
;
1365 sz
= le16_to_cpu(req
->SecurityBufferOffset
);
1366 return (struct authenticate_message
*)((char *)&req
->hdr
.ProtocolId
1370 static struct ksmbd_user
*session_user(struct ksmbd_conn
*conn
,
1371 struct smb2_sess_setup_req
*req
)
1373 struct authenticate_message
*authblob
;
1374 struct ksmbd_user
*user
;
1376 unsigned int auth_msg_len
, name_off
, name_len
, secbuf_len
;
1378 secbuf_len
= le16_to_cpu(req
->SecurityBufferLength
);
1379 if (secbuf_len
< sizeof(struct authenticate_message
)) {
1380 ksmbd_debug(SMB
, "blob len %d too small\n", secbuf_len
);
1383 authblob
= user_authblob(conn
, req
);
1384 name_off
= le32_to_cpu(authblob
->UserName
.BufferOffset
);
1385 name_len
= le16_to_cpu(authblob
->UserName
.Length
);
1386 auth_msg_len
= le16_to_cpu(req
->SecurityBufferOffset
) + secbuf_len
;
1388 if (auth_msg_len
< (u64
)name_off
+ name_len
)
1391 name
= smb_strndup_from_utf16((const char *)authblob
+ name_off
,
1396 pr_err("cannot allocate memory\n");
1400 ksmbd_debug(SMB
, "session setup request for user %s\n", name
);
1401 user
= ksmbd_login_user(name
);
1406 static int ntlm_authenticate(struct ksmbd_work
*work
)
1408 struct smb2_sess_setup_req
*req
= work
->request_buf
;
1409 struct smb2_sess_setup_rsp
*rsp
= work
->response_buf
;
1410 struct ksmbd_conn
*conn
= work
->conn
;
1411 struct ksmbd_session
*sess
= work
->sess
;
1412 struct channel
*chann
= NULL
;
1413 struct ksmbd_user
*user
;
1417 ksmbd_debug(SMB
, "authenticate phase\n");
1418 if (conn
->use_spnego
) {
1419 unsigned char *spnego_blob
;
1420 u16 spnego_blob_len
;
1422 rc
= build_spnego_ntlmssp_auth_blob(&spnego_blob
,
1428 sz
= le16_to_cpu(rsp
->SecurityBufferOffset
);
1429 memcpy((char *)&rsp
->hdr
.ProtocolId
+ sz
, spnego_blob
, spnego_blob_len
);
1430 rsp
->SecurityBufferLength
= cpu_to_le16(spnego_blob_len
);
1432 inc_rfc1001_len(rsp
, spnego_blob_len
- 1);
1435 user
= session_user(conn
, req
);
1437 ksmbd_debug(SMB
, "Unknown user name or an error\n");
1441 /* Check for previous session */
1442 prev_id
= le64_to_cpu(req
->PreviousSessionId
);
1443 if (prev_id
&& prev_id
!= sess
->id
)
1444 destroy_previous_session(user
, prev_id
);
1446 if (sess
->state
== SMB2_SESSION_VALID
) {
1448 * Reuse session if anonymous try to connect
1449 * on reauthetication.
1451 if (ksmbd_anonymous_user(user
)) {
1452 ksmbd_free_user(user
);
1455 ksmbd_free_user(sess
->user
);
1459 if (user_guest(sess
->user
)) {
1460 rsp
->SessionFlags
= SMB2_SESSION_FLAG_IS_GUEST_LE
;
1462 struct authenticate_message
*authblob
;
1464 authblob
= user_authblob(conn
, req
);
1465 sz
= le16_to_cpu(req
->SecurityBufferLength
);
1466 rc
= ksmbd_decode_ntlmssp_auth_blob(authblob
, sz
, sess
);
1468 set_user_flag(sess
->user
, KSMBD_USER_FLAG_BAD_PASSWORD
);
1469 ksmbd_debug(SMB
, "authentication failed\n");
1475 * If session state is SMB2_SESSION_VALID, We can assume
1476 * that it is reauthentication. And the user/password
1477 * has been verified, so return it here.
1479 if (sess
->state
== SMB2_SESSION_VALID
) {
1481 goto binding_session
;
1485 if ((rsp
->SessionFlags
!= SMB2_SESSION_FLAG_IS_GUEST_LE
&&
1486 (conn
->sign
|| server_conf
.enforced_signing
)) ||
1487 (req
->SecurityMode
& SMB2_NEGOTIATE_SIGNING_REQUIRED
))
1490 if (smb3_encryption_negotiated(conn
) &&
1491 !(req
->Flags
& SMB2_SESSION_REQ_FLAG_BINDING
)) {
1492 rc
= conn
->ops
->generate_encryptionkey(sess
);
1495 "SMB3 encryption key generation failed\n");
1499 rsp
->SessionFlags
= SMB2_SESSION_FLAG_ENCRYPT_DATA_LE
;
1501 * signing is disable if encryption is enable
1508 if (conn
->dialect
>= SMB30_PROT_ID
) {
1509 chann
= lookup_chann_list(sess
, conn
);
1511 chann
= kmalloc(sizeof(struct channel
), GFP_KERNEL
);
1516 INIT_LIST_HEAD(&chann
->chann_list
);
1517 list_add(&chann
->chann_list
, &sess
->ksmbd_chann_list
);
1521 if (conn
->ops
->generate_signingkey
) {
1522 rc
= conn
->ops
->generate_signingkey(sess
, conn
);
1524 ksmbd_debug(SMB
, "SMB3 signing key generation failed\n");
1529 if (!ksmbd_conn_lookup_dialect(conn
)) {
1530 pr_err("fail to verify the dialect\n");
1536 #ifdef CONFIG_SMB_SERVER_KERBEROS5
1537 static int krb5_authenticate(struct ksmbd_work
*work
)
1539 struct smb2_sess_setup_req
*req
= work
->request_buf
;
1540 struct smb2_sess_setup_rsp
*rsp
= work
->response_buf
;
1541 struct ksmbd_conn
*conn
= work
->conn
;
1542 struct ksmbd_session
*sess
= work
->sess
;
1543 char *in_blob
, *out_blob
;
1544 struct channel
*chann
= NULL
;
1546 int in_len
, out_len
;
1549 in_blob
= (char *)&req
->hdr
.ProtocolId
+
1550 le16_to_cpu(req
->SecurityBufferOffset
);
1551 in_len
= le16_to_cpu(req
->SecurityBufferLength
);
1552 out_blob
= (char *)&rsp
->hdr
.ProtocolId
+
1553 le16_to_cpu(rsp
->SecurityBufferOffset
);
1554 out_len
= work
->response_sz
-
1555 offsetof(struct smb2_hdr
, smb2_buf_length
) -
1556 le16_to_cpu(rsp
->SecurityBufferOffset
);
1558 /* Check previous session */
1559 prev_sess_id
= le64_to_cpu(req
->PreviousSessionId
);
1560 if (prev_sess_id
&& prev_sess_id
!= sess
->id
)
1561 destroy_previous_session(sess
->user
, prev_sess_id
);
1563 if (sess
->state
== SMB2_SESSION_VALID
)
1564 ksmbd_free_user(sess
->user
);
1566 retval
= ksmbd_krb5_authenticate(sess
, in_blob
, in_len
,
1567 out_blob
, &out_len
);
1569 ksmbd_debug(SMB
, "krb5 authentication failed\n");
1572 rsp
->SecurityBufferLength
= cpu_to_le16(out_len
);
1573 inc_rfc1001_len(rsp
, out_len
- 1);
1575 if ((conn
->sign
|| server_conf
.enforced_signing
) ||
1576 (req
->SecurityMode
& SMB2_NEGOTIATE_SIGNING_REQUIRED
))
1579 if (smb3_encryption_negotiated(conn
)) {
1580 retval
= conn
->ops
->generate_encryptionkey(sess
);
1583 "SMB3 encryption key generation failed\n");
1587 rsp
->SessionFlags
= SMB2_SESSION_FLAG_ENCRYPT_DATA_LE
;
1591 if (conn
->dialect
>= SMB30_PROT_ID
) {
1592 chann
= lookup_chann_list(sess
, conn
);
1594 chann
= kmalloc(sizeof(struct channel
), GFP_KERNEL
);
1599 INIT_LIST_HEAD(&chann
->chann_list
);
1600 list_add(&chann
->chann_list
, &sess
->ksmbd_chann_list
);
1604 if (conn
->ops
->generate_signingkey
) {
1605 retval
= conn
->ops
->generate_signingkey(sess
, conn
);
1607 ksmbd_debug(SMB
, "SMB3 signing key generation failed\n");
1612 if (!ksmbd_conn_lookup_dialect(conn
)) {
1613 pr_err("fail to verify the dialect\n");
1619 static int krb5_authenticate(struct ksmbd_work
*work
)
1625 int smb2_sess_setup(struct ksmbd_work
*work
)
1627 struct ksmbd_conn
*conn
= work
->conn
;
1628 struct smb2_sess_setup_req
*req
= work
->request_buf
;
1629 struct smb2_sess_setup_rsp
*rsp
= work
->response_buf
;
1630 struct ksmbd_session
*sess
;
1631 struct negotiate_message
*negblob
;
1632 unsigned int negblob_len
, negblob_off
;
1635 ksmbd_debug(SMB
, "Received request for session setup\n");
1637 rsp
->StructureSize
= cpu_to_le16(9);
1638 rsp
->SessionFlags
= 0;
1639 rsp
->SecurityBufferOffset
= cpu_to_le16(72);
1640 rsp
->SecurityBufferLength
= 0;
1641 inc_rfc1001_len(rsp
, 9);
1643 if (!req
->hdr
.SessionId
) {
1644 sess
= ksmbd_smb2_session_create();
1649 rsp
->hdr
.SessionId
= cpu_to_le64(sess
->id
);
1650 ksmbd_session_register(conn
, sess
);
1651 } else if (conn
->dialect
>= SMB30_PROT_ID
&&
1652 (server_conf
.flags
& KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL
) &&
1653 req
->Flags
& SMB2_SESSION_REQ_FLAG_BINDING
) {
1654 u64 sess_id
= le64_to_cpu(req
->hdr
.SessionId
);
1656 sess
= ksmbd_session_lookup_slowpath(sess_id
);
1662 if (conn
->dialect
!= sess
->conn
->dialect
) {
1667 if (!(req
->hdr
.Flags
& SMB2_FLAGS_SIGNED
)) {
1672 if (strncmp(conn
->ClientGUID
, sess
->conn
->ClientGUID
,
1673 SMB2_CLIENT_GUID_SIZE
)) {
1678 if (sess
->state
== SMB2_SESSION_IN_PROGRESS
) {
1683 if (sess
->state
== SMB2_SESSION_EXPIRED
) {
1688 if (ksmbd_session_lookup(conn
, sess_id
)) {
1693 conn
->binding
= true;
1694 } else if ((conn
->dialect
< SMB30_PROT_ID
||
1695 server_conf
.flags
& KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL
) &&
1696 (req
->Flags
& SMB2_SESSION_REQ_FLAG_BINDING
)) {
1701 sess
= ksmbd_session_lookup(conn
,
1702 le64_to_cpu(req
->hdr
.SessionId
));
1710 if (sess
->state
== SMB2_SESSION_EXPIRED
)
1711 sess
->state
= SMB2_SESSION_IN_PROGRESS
;
1713 negblob_off
= le16_to_cpu(req
->SecurityBufferOffset
);
1714 negblob_len
= le16_to_cpu(req
->SecurityBufferLength
);
1715 if (negblob_off
< (offsetof(struct smb2_sess_setup_req
, Buffer
) - 4) ||
1716 negblob_len
< offsetof(struct negotiate_message
, NegotiateFlags
)) {
1721 negblob
= (struct negotiate_message
*)((char *)&req
->hdr
.ProtocolId
+
1724 if (decode_negotiation_token(conn
, negblob
, negblob_len
) == 0) {
1725 if (conn
->mechToken
)
1726 negblob
= (struct negotiate_message
*)conn
->mechToken
;
1729 if (server_conf
.auth_mechs
& conn
->auth_mechs
) {
1730 rc
= generate_preauth_hash(work
);
1734 if (conn
->preferred_auth_mech
&
1735 (KSMBD_AUTH_KRB5
| KSMBD_AUTH_MSKRB5
)) {
1736 rc
= krb5_authenticate(work
);
1742 ksmbd_conn_set_good(work
);
1743 sess
->state
= SMB2_SESSION_VALID
;
1744 kfree(sess
->Preauth_HashValue
);
1745 sess
->Preauth_HashValue
= NULL
;
1746 } else if (conn
->preferred_auth_mech
== KSMBD_AUTH_NTLMSSP
) {
1747 if (negblob
->MessageType
== NtLmNegotiate
) {
1748 rc
= ntlm_negotiate(work
, negblob
, negblob_len
);
1752 STATUS_MORE_PROCESSING_REQUIRED
;
1754 * Note: here total size -1 is done as an
1755 * adjustment for 0 size blob
1757 inc_rfc1001_len(rsp
, le16_to_cpu(rsp
->SecurityBufferLength
) - 1);
1759 } else if (negblob
->MessageType
== NtLmAuthenticate
) {
1760 rc
= ntlm_authenticate(work
);
1764 ksmbd_conn_set_good(work
);
1765 sess
->state
= SMB2_SESSION_VALID
;
1766 if (conn
->binding
) {
1767 struct preauth_session
*preauth_sess
;
1770 ksmbd_preauth_session_lookup(conn
, sess
->id
);
1772 list_del(&preauth_sess
->preauth_entry
);
1773 kfree(preauth_sess
);
1776 kfree(sess
->Preauth_HashValue
);
1777 sess
->Preauth_HashValue
= NULL
;
1780 /* TODO: need one more negotiation */
1781 pr_err("Not support the preferred authentication\n");
1785 pr_err("Not support authentication\n");
1791 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1792 else if (rc
== -ENOENT
)
1793 rsp
->hdr
.Status
= STATUS_USER_SESSION_DELETED
;
1794 else if (rc
== -EACCES
)
1795 rsp
->hdr
.Status
= STATUS_REQUEST_NOT_ACCEPTED
;
1796 else if (rc
== -EFAULT
)
1797 rsp
->hdr
.Status
= STATUS_NETWORK_SESSION_EXPIRED
;
1798 else if (rc
== -ENOMEM
)
1799 rsp
->hdr
.Status
= STATUS_INSUFFICIENT_RESOURCES
;
1801 rsp
->hdr
.Status
= STATUS_LOGON_FAILURE
;
1803 if (conn
->use_spnego
&& conn
->mechToken
) {
1804 kfree(conn
->mechToken
);
1805 conn
->mechToken
= NULL
;
1810 * SecurityBufferOffset should be set to zero
1811 * in session setup error response.
1813 rsp
->SecurityBufferOffset
= 0;
1816 bool try_delay
= false;
1819 * To avoid dictionary attacks (repeated session setups rapidly sent) to
1820 * connect to server, ksmbd make a delay of a 5 seconds on session setup
1821 * failure to make it harder to send enough random connection requests
1822 * to break into a server.
1824 if (sess
->user
&& sess
->user
->flags
& KSMBD_USER_FLAG_DELAY_SESSION
)
1827 ksmbd_session_destroy(sess
);
1838 * smb2_tree_connect() - handler for smb2 tree connect command
1839 * @work: smb work containing smb request buffer
1841 * Return: 0 on success, otherwise error
1843 int smb2_tree_connect(struct ksmbd_work
*work
)
1845 struct ksmbd_conn
*conn
= work
->conn
;
1846 struct smb2_tree_connect_req
*req
= work
->request_buf
;
1847 struct smb2_tree_connect_rsp
*rsp
= work
->response_buf
;
1848 struct ksmbd_session
*sess
= work
->sess
;
1849 char *treename
= NULL
, *name
= NULL
;
1850 struct ksmbd_tree_conn_status status
;
1851 struct ksmbd_share_config
*share
;
1854 treename
= smb_strndup_from_utf16(req
->Buffer
,
1855 le16_to_cpu(req
->PathLength
), true,
1857 if (IS_ERR(treename
)) {
1858 pr_err("treename is NULL\n");
1859 status
.ret
= KSMBD_TREE_CONN_STATUS_ERROR
;
1863 name
= ksmbd_extract_sharename(treename
);
1865 status
.ret
= KSMBD_TREE_CONN_STATUS_ERROR
;
1869 ksmbd_debug(SMB
, "tree connect request for tree %s treename %s\n",
1872 status
= ksmbd_tree_conn_connect(sess
, name
);
1873 if (status
.ret
== KSMBD_TREE_CONN_STATUS_OK
)
1874 rsp
->hdr
.Id
.SyncId
.TreeId
= cpu_to_le32(status
.tree_conn
->id
);
1878 share
= status
.tree_conn
->share_conf
;
1879 if (test_share_config_flag(share
, KSMBD_SHARE_FLAG_PIPE
)) {
1880 ksmbd_debug(SMB
, "IPC share path request\n");
1881 rsp
->ShareType
= SMB2_SHARE_TYPE_PIPE
;
1882 rsp
->MaximalAccess
= FILE_READ_DATA_LE
| FILE_READ_EA_LE
|
1883 FILE_EXECUTE_LE
| FILE_READ_ATTRIBUTES_LE
|
1884 FILE_DELETE_LE
| FILE_READ_CONTROL_LE
|
1885 FILE_WRITE_DAC_LE
| FILE_WRITE_OWNER_LE
|
1886 FILE_SYNCHRONIZE_LE
;
1888 rsp
->ShareType
= SMB2_SHARE_TYPE_DISK
;
1889 rsp
->MaximalAccess
= FILE_READ_DATA_LE
| FILE_READ_EA_LE
|
1890 FILE_EXECUTE_LE
| FILE_READ_ATTRIBUTES_LE
;
1891 if (test_tree_conn_flag(status
.tree_conn
,
1892 KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
1893 rsp
->MaximalAccess
|= FILE_WRITE_DATA_LE
|
1894 FILE_APPEND_DATA_LE
| FILE_WRITE_EA_LE
|
1895 FILE_DELETE_LE
| FILE_WRITE_ATTRIBUTES_LE
|
1896 FILE_DELETE_CHILD_LE
| FILE_READ_CONTROL_LE
|
1897 FILE_WRITE_DAC_LE
| FILE_WRITE_OWNER_LE
|
1898 FILE_SYNCHRONIZE_LE
;
1902 status
.tree_conn
->maximal_access
= le32_to_cpu(rsp
->MaximalAccess
);
1903 if (conn
->posix_ext_supported
)
1904 status
.tree_conn
->posix_extensions
= true;
1907 rsp
->StructureSize
= cpu_to_le16(16);
1908 rsp
->Capabilities
= 0;
1910 /* default manual caching */
1911 rsp
->ShareFlags
= SMB2_SHAREFLAG_MANUAL_CACHING
;
1912 inc_rfc1001_len(rsp
, 16);
1914 if (!IS_ERR(treename
))
1919 switch (status
.ret
) {
1920 case KSMBD_TREE_CONN_STATUS_OK
:
1921 rsp
->hdr
.Status
= STATUS_SUCCESS
;
1924 case KSMBD_TREE_CONN_STATUS_NO_SHARE
:
1925 rsp
->hdr
.Status
= STATUS_BAD_NETWORK_PATH
;
1928 case KSMBD_TREE_CONN_STATUS_NOMEM
:
1929 rsp
->hdr
.Status
= STATUS_NO_MEMORY
;
1931 case KSMBD_TREE_CONN_STATUS_ERROR
:
1932 case KSMBD_TREE_CONN_STATUS_TOO_MANY_CONNS
:
1933 case KSMBD_TREE_CONN_STATUS_TOO_MANY_SESSIONS
:
1934 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
1937 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
1940 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
1947 * smb2_create_open_flags() - convert smb open flags to unix open flags
1948 * @file_present: is file already present
1949 * @access: file access flags
1950 * @disposition: file disposition flags
1951 * @may_flags: set with MAY_ flags
1953 * Return: file open flags
1955 static int smb2_create_open_flags(bool file_present
, __le32 access
,
1959 int oflags
= O_NONBLOCK
| O_LARGEFILE
;
1961 if (access
& FILE_READ_DESIRED_ACCESS_LE
&&
1962 access
& FILE_WRITE_DESIRE_ACCESS_LE
) {
1964 *may_flags
= MAY_OPEN
| MAY_READ
| MAY_WRITE
;
1965 } else if (access
& FILE_WRITE_DESIRE_ACCESS_LE
) {
1967 *may_flags
= MAY_OPEN
| MAY_WRITE
;
1970 *may_flags
= MAY_OPEN
| MAY_READ
;
1973 if (access
== FILE_READ_ATTRIBUTES_LE
)
1977 switch (disposition
& FILE_CREATE_MASK_LE
) {
1979 case FILE_CREATE_LE
:
1981 case FILE_SUPERSEDE_LE
:
1982 case FILE_OVERWRITE_LE
:
1983 case FILE_OVERWRITE_IF_LE
:
1990 switch (disposition
& FILE_CREATE_MASK_LE
) {
1991 case FILE_SUPERSEDE_LE
:
1992 case FILE_CREATE_LE
:
1993 case FILE_OPEN_IF_LE
:
1994 case FILE_OVERWRITE_IF_LE
:
1998 case FILE_OVERWRITE_LE
:
2010 * smb2_tree_disconnect() - handler for smb tree connect request
2011 * @work: smb work containing request buffer
2015 int smb2_tree_disconnect(struct ksmbd_work
*work
)
2017 struct smb2_tree_disconnect_rsp
*rsp
= work
->response_buf
;
2018 struct ksmbd_session
*sess
= work
->sess
;
2019 struct ksmbd_tree_connect
*tcon
= work
->tcon
;
2021 rsp
->StructureSize
= cpu_to_le16(4);
2022 inc_rfc1001_len(rsp
, 4);
2024 ksmbd_debug(SMB
, "request\n");
2027 struct smb2_tree_disconnect_req
*req
= work
->request_buf
;
2029 ksmbd_debug(SMB
, "Invalid tid %d\n", req
->hdr
.Id
.SyncId
.TreeId
);
2030 rsp
->hdr
.Status
= STATUS_NETWORK_NAME_DELETED
;
2031 smb2_set_err_rsp(work
);
2035 ksmbd_close_tree_conn_fds(work
);
2036 ksmbd_tree_conn_disconnect(sess
, tcon
);
2041 * smb2_session_logoff() - handler for session log off request
2042 * @work: smb work containing request buffer
2046 int smb2_session_logoff(struct ksmbd_work
*work
)
2048 struct ksmbd_conn
*conn
= work
->conn
;
2049 struct smb2_logoff_rsp
*rsp
= work
->response_buf
;
2050 struct ksmbd_session
*sess
= work
->sess
;
2052 rsp
->StructureSize
= cpu_to_le16(4);
2053 inc_rfc1001_len(rsp
, 4);
2055 ksmbd_debug(SMB
, "request\n");
2057 /* Got a valid session, set connection state */
2058 WARN_ON(sess
->conn
!= conn
);
2060 /* setting CifsExiting here may race with start_tcp_sess */
2061 ksmbd_conn_set_need_reconnect(work
);
2062 ksmbd_close_session_fds(work
);
2063 ksmbd_conn_wait_idle(conn
);
2065 if (ksmbd_tree_conn_session_logoff(sess
)) {
2066 struct smb2_logoff_req
*req
= work
->request_buf
;
2068 ksmbd_debug(SMB
, "Invalid tid %d\n", req
->hdr
.Id
.SyncId
.TreeId
);
2069 rsp
->hdr
.Status
= STATUS_NETWORK_NAME_DELETED
;
2070 smb2_set_err_rsp(work
);
2074 ksmbd_destroy_file_table(&sess
->file_table
);
2075 sess
->state
= SMB2_SESSION_EXPIRED
;
2077 ksmbd_free_user(sess
->user
);
2080 /* let start_tcp_sess free connection info now */
2081 ksmbd_conn_set_need_negotiate(work
);
2086 * create_smb2_pipe() - create IPC pipe
2087 * @work: smb work containing request buffer
2089 * Return: 0 on success, otherwise error
2091 static noinline
int create_smb2_pipe(struct ksmbd_work
*work
)
2093 struct smb2_create_rsp
*rsp
= work
->response_buf
;
2094 struct smb2_create_req
*req
= work
->request_buf
;
2099 name
= smb_strndup_from_utf16(req
->Buffer
, le16_to_cpu(req
->NameLength
),
2100 1, work
->conn
->local_nls
);
2102 rsp
->hdr
.Status
= STATUS_NO_MEMORY
;
2103 err
= PTR_ERR(name
);
2107 id
= ksmbd_session_rpc_open(work
->sess
, name
);
2109 pr_err("Unable to open RPC pipe: %d\n", id
);
2114 rsp
->hdr
.Status
= STATUS_SUCCESS
;
2115 rsp
->StructureSize
= cpu_to_le16(89);
2116 rsp
->OplockLevel
= SMB2_OPLOCK_LEVEL_NONE
;
2118 rsp
->CreateAction
= cpu_to_le32(FILE_OPENED
);
2120 rsp
->CreationTime
= cpu_to_le64(0);
2121 rsp
->LastAccessTime
= cpu_to_le64(0);
2122 rsp
->ChangeTime
= cpu_to_le64(0);
2123 rsp
->AllocationSize
= cpu_to_le64(0);
2124 rsp
->EndofFile
= cpu_to_le64(0);
2125 rsp
->FileAttributes
= ATTR_NORMAL_LE
;
2127 rsp
->VolatileFileId
= cpu_to_le64(id
);
2128 rsp
->PersistentFileId
= 0;
2129 rsp
->CreateContextsOffset
= 0;
2130 rsp
->CreateContextsLength
= 0;
2132 inc_rfc1001_len(rsp
, 88); /* StructureSize - 1*/
2139 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
2143 rsp
->hdr
.Status
= STATUS_NO_MEMORY
;
2150 smb2_set_err_rsp(work
);
2155 * smb2_set_ea() - handler for setting extended attributes using set
2157 * @eabuf: set info command buffer
2158 * @buf_len: set info command buffer length
2159 * @path: dentry path for get ea
2161 * Return: 0 on success, otherwise error
2163 static int smb2_set_ea(struct smb2_ea_info
*eabuf
, unsigned int buf_len
,
2166 struct user_namespace
*user_ns
= mnt_user_ns(path
->mnt
);
2167 char *attr_name
= NULL
, *value
;
2169 unsigned int next
= 0;
2171 if (buf_len
< sizeof(struct smb2_ea_info
) + eabuf
->EaNameLength
+
2172 le16_to_cpu(eabuf
->EaValueLength
))
2175 attr_name
= kmalloc(XATTR_NAME_MAX
+ 1, GFP_KERNEL
);
2180 if (!eabuf
->EaNameLength
)
2184 "name : <%s>, name_len : %u, value_len : %u, next : %u\n",
2185 eabuf
->name
, eabuf
->EaNameLength
,
2186 le16_to_cpu(eabuf
->EaValueLength
),
2187 le32_to_cpu(eabuf
->NextEntryOffset
));
2189 if (eabuf
->EaNameLength
>
2190 (XATTR_NAME_MAX
- XATTR_USER_PREFIX_LEN
)) {
2195 memcpy(attr_name
, XATTR_USER_PREFIX
, XATTR_USER_PREFIX_LEN
);
2196 memcpy(&attr_name
[XATTR_USER_PREFIX_LEN
], eabuf
->name
,
2197 eabuf
->EaNameLength
);
2198 attr_name
[XATTR_USER_PREFIX_LEN
+ eabuf
->EaNameLength
] = '\0';
2199 value
= (char *)&eabuf
->name
+ eabuf
->EaNameLength
+ 1;
2201 if (!eabuf
->EaValueLength
) {
2202 rc
= ksmbd_vfs_casexattr_len(user_ns
,
2205 XATTR_USER_PREFIX_LEN
+
2206 eabuf
->EaNameLength
);
2208 /* delete the EA only when it exits */
2210 rc
= ksmbd_vfs_remove_xattr(user_ns
,
2216 "remove xattr failed(%d)\n",
2222 /* if the EA doesn't exist, just do nothing. */
2225 rc
= ksmbd_vfs_setxattr(user_ns
,
2226 path
->dentry
, attr_name
, value
,
2227 le16_to_cpu(eabuf
->EaValueLength
), 0);
2230 "ksmbd_vfs_setxattr is failed(%d)\n",
2237 next
= le32_to_cpu(eabuf
->NextEntryOffset
);
2238 if (next
== 0 || buf_len
< next
)
2241 eabuf
= (struct smb2_ea_info
*)((char *)eabuf
+ next
);
2242 if (next
< (u32
)eabuf
->EaNameLength
+ le16_to_cpu(eabuf
->EaValueLength
))
2245 } while (next
!= 0);
2251 static noinline
int smb2_set_stream_name_xattr(struct path
*path
,
2252 struct ksmbd_file
*fp
,
2253 char *stream_name
, int s_type
)
2255 struct user_namespace
*user_ns
= mnt_user_ns(path
->mnt
);
2256 size_t xattr_stream_size
;
2257 char *xattr_stream_name
;
2260 rc
= ksmbd_vfs_xattr_stream_name(stream_name
,
2267 fp
->stream
.name
= xattr_stream_name
;
2268 fp
->stream
.size
= xattr_stream_size
;
2270 /* Check if there is stream prefix in xattr space */
2271 rc
= ksmbd_vfs_casexattr_len(user_ns
,
2278 if (fp
->cdoption
== FILE_OPEN_LE
) {
2279 ksmbd_debug(SMB
, "XATTR stream name lookup failed: %d\n", rc
);
2283 rc
= ksmbd_vfs_setxattr(user_ns
, path
->dentry
,
2284 xattr_stream_name
, NULL
, 0, 0);
2286 pr_err("Failed to store XATTR stream name :%d\n", rc
);
2290 static int smb2_remove_smb_xattrs(struct path
*path
)
2292 struct user_namespace
*user_ns
= mnt_user_ns(path
->mnt
);
2293 char *name
, *xattr_list
= NULL
;
2294 ssize_t xattr_list_len
;
2297 xattr_list_len
= ksmbd_vfs_listxattr(path
->dentry
, &xattr_list
);
2298 if (xattr_list_len
< 0) {
2300 } else if (!xattr_list_len
) {
2301 ksmbd_debug(SMB
, "empty xattr in the file\n");
2305 for (name
= xattr_list
; name
- xattr_list
< xattr_list_len
;
2306 name
+= strlen(name
) + 1) {
2307 ksmbd_debug(SMB
, "%s, len %zd\n", name
, strlen(name
));
2309 if (strncmp(name
, XATTR_USER_PREFIX
, XATTR_USER_PREFIX_LEN
) &&
2310 strncmp(&name
[XATTR_USER_PREFIX_LEN
], DOS_ATTRIBUTE_PREFIX
,
2311 DOS_ATTRIBUTE_PREFIX_LEN
) &&
2312 strncmp(&name
[XATTR_USER_PREFIX_LEN
], STREAM_PREFIX
, STREAM_PREFIX_LEN
))
2315 err
= ksmbd_vfs_remove_xattr(user_ns
, path
->dentry
, name
);
2317 ksmbd_debug(SMB
, "remove xattr failed : %s\n", name
);
2324 static int smb2_create_truncate(struct path
*path
)
2326 int rc
= vfs_truncate(path
, 0);
2329 pr_err("vfs_truncate failed, rc %d\n", rc
);
2333 rc
= smb2_remove_smb_xattrs(path
);
2334 if (rc
== -EOPNOTSUPP
)
2338 "ksmbd_truncate_stream_name_xattr failed, rc %d\n",
2343 static void smb2_new_xattrs(struct ksmbd_tree_connect
*tcon
, struct path
*path
,
2344 struct ksmbd_file
*fp
)
2346 struct xattr_dos_attrib da
= {0};
2349 if (!test_share_config_flag(tcon
->share_conf
,
2350 KSMBD_SHARE_FLAG_STORE_DOS_ATTRS
))
2354 da
.attr
= le32_to_cpu(fp
->f_ci
->m_fattr
);
2355 da
.itime
= da
.create_time
= fp
->create_time
;
2356 da
.flags
= XATTR_DOSINFO_ATTRIB
| XATTR_DOSINFO_CREATE_TIME
|
2357 XATTR_DOSINFO_ITIME
;
2359 rc
= ksmbd_vfs_set_dos_attrib_xattr(mnt_user_ns(path
->mnt
),
2362 ksmbd_debug(SMB
, "failed to store file attribute into xattr\n");
2365 static void smb2_update_xattrs(struct ksmbd_tree_connect
*tcon
,
2366 struct path
*path
, struct ksmbd_file
*fp
)
2368 struct xattr_dos_attrib da
;
2371 fp
->f_ci
->m_fattr
&= ~(ATTR_HIDDEN_LE
| ATTR_SYSTEM_LE
);
2373 /* get FileAttributes from XATTR_NAME_DOS_ATTRIBUTE */
2374 if (!test_share_config_flag(tcon
->share_conf
,
2375 KSMBD_SHARE_FLAG_STORE_DOS_ATTRS
))
2378 rc
= ksmbd_vfs_get_dos_attrib_xattr(mnt_user_ns(path
->mnt
),
2381 fp
->f_ci
->m_fattr
= cpu_to_le32(da
.attr
);
2382 fp
->create_time
= da
.create_time
;
2383 fp
->itime
= da
.itime
;
2387 static int smb2_creat(struct ksmbd_work
*work
, struct path
*path
, char *name
,
2388 int open_flags
, umode_t posix_mode
, bool is_dir
)
2390 struct ksmbd_tree_connect
*tcon
= work
->tcon
;
2391 struct ksmbd_share_config
*share
= tcon
->share_conf
;
2395 if (!(open_flags
& O_CREAT
))
2398 ksmbd_debug(SMB
, "file does not exist, so creating\n");
2399 if (is_dir
== true) {
2400 ksmbd_debug(SMB
, "creating directory\n");
2402 mode
= share_config_directory_mode(share
, posix_mode
);
2403 rc
= ksmbd_vfs_mkdir(work
, name
, mode
);
2407 ksmbd_debug(SMB
, "creating regular file\n");
2409 mode
= share_config_create_mode(share
, posix_mode
);
2410 rc
= ksmbd_vfs_create(work
, name
, mode
);
2415 rc
= ksmbd_vfs_kern_path(work
, name
, 0, path
, 0);
2417 pr_err("cannot get linux path (%s), err = %d\n",
2424 static int smb2_create_sd_buffer(struct ksmbd_work
*work
,
2425 struct smb2_create_req
*req
,
2428 struct create_context
*context
;
2429 struct create_sd_buf_req
*sd_buf
;
2431 if (!req
->CreateContextsOffset
)
2434 /* Parse SD BUFFER create contexts */
2435 context
= smb2_find_context_vals(req
, SMB2_CREATE_SD_BUFFER
);
2438 else if (IS_ERR(context
))
2439 return PTR_ERR(context
);
2442 "Set ACLs using SMB2_CREATE_SD_BUFFER context\n");
2443 sd_buf
= (struct create_sd_buf_req
*)context
;
2444 if (le16_to_cpu(context
->DataOffset
) +
2445 le32_to_cpu(context
->DataLength
) <
2446 sizeof(struct create_sd_buf_req
))
2448 return set_info_sec(work
->conn
, work
->tcon
, path
, &sd_buf
->ntsd
,
2449 le32_to_cpu(sd_buf
->ccontext
.DataLength
), true);
2452 static void ksmbd_acls_fattr(struct smb_fattr
*fattr
,
2453 struct user_namespace
*mnt_userns
,
2454 struct inode
*inode
)
2456 fattr
->cf_uid
= i_uid_into_mnt(mnt_userns
, inode
);
2457 fattr
->cf_gid
= i_gid_into_mnt(mnt_userns
, inode
);
2458 fattr
->cf_mode
= inode
->i_mode
;
2459 fattr
->cf_acls
= NULL
;
2460 fattr
->cf_dacls
= NULL
;
2462 if (IS_ENABLED(CONFIG_FS_POSIX_ACL
)) {
2463 fattr
->cf_acls
= get_acl(inode
, ACL_TYPE_ACCESS
);
2464 if (S_ISDIR(inode
->i_mode
))
2465 fattr
->cf_dacls
= get_acl(inode
, ACL_TYPE_DEFAULT
);
2470 * smb2_open() - handler for smb file open request
2471 * @work: smb work containing request buffer
2473 * Return: 0 on success, otherwise error
2475 int smb2_open(struct ksmbd_work
*work
)
2477 struct ksmbd_conn
*conn
= work
->conn
;
2478 struct ksmbd_session
*sess
= work
->sess
;
2479 struct ksmbd_tree_connect
*tcon
= work
->tcon
;
2480 struct smb2_create_req
*req
;
2481 struct smb2_create_rsp
*rsp
, *rsp_org
;
2483 struct ksmbd_share_config
*share
= tcon
->share_conf
;
2484 struct ksmbd_file
*fp
= NULL
;
2485 struct file
*filp
= NULL
;
2486 struct user_namespace
*user_ns
= NULL
;
2488 struct create_context
*context
;
2489 struct lease_ctx_info
*lc
= NULL
;
2490 struct create_ea_buf_req
*ea_buf
= NULL
;
2491 struct oplock_info
*opinfo
;
2492 __le32
*next_ptr
= NULL
;
2493 int req_op_level
= 0, open_flags
= 0, may_flags
= 0, file_info
= 0;
2495 int contxt_cnt
= 0, query_disk_id
= 0;
2496 int maximal_access_ctxt
= 0, posix_ctxt
= 0;
2500 char *stream_name
= NULL
;
2501 bool file_present
= false, created
= false, already_permitted
= false;
2502 int share_ret
, need_truncate
= 0;
2504 umode_t posix_mode
= 0;
2505 __le32 daccess
, maximal_access
= 0;
2507 rsp_org
= work
->response_buf
;
2508 WORK_BUFFERS(work
, req
, rsp
);
2510 if (req
->hdr
.NextCommand
&& !work
->next_smb2_rcv_hdr_off
&&
2511 (req
->hdr
.Flags
& SMB2_FLAGS_RELATED_OPERATIONS
)) {
2512 ksmbd_debug(SMB
, "invalid flag in chained command\n");
2513 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
2514 smb2_set_err_rsp(work
);
2518 if (test_share_config_flag(share
, KSMBD_SHARE_FLAG_PIPE
)) {
2519 ksmbd_debug(SMB
, "IPC pipe create request\n");
2520 return create_smb2_pipe(work
);
2523 if (req
->NameLength
) {
2524 if ((req
->CreateOptions
& FILE_DIRECTORY_FILE_LE
) &&
2525 *(char *)req
->Buffer
== '\\') {
2526 pr_err("not allow directory name included leading slash\n");
2531 name
= smb2_get_name(share
,
2533 le16_to_cpu(req
->NameLength
),
2534 work
->conn
->local_nls
);
2543 ksmbd_debug(SMB
, "converted name = %s\n", name
);
2544 if (strchr(name
, ':')) {
2545 if (!test_share_config_flag(work
->tcon
->share_conf
,
2546 KSMBD_SHARE_FLAG_STREAMS
)) {
2550 rc
= parse_stream_name(name
, &stream_name
, &s_type
);
2555 rc
= ksmbd_validate_filename(name
);
2559 if (ksmbd_share_veto_filename(share
, name
)) {
2561 ksmbd_debug(SMB
, "Reject open(), vetoed file: %s\n",
2566 name
= kstrdup("", GFP_KERNEL
);
2573 req_op_level
= req
->RequestedOplockLevel
;
2574 if (req_op_level
== SMB2_OPLOCK_LEVEL_LEASE
)
2575 lc
= parse_lease_state(req
);
2577 if (le32_to_cpu(req
->ImpersonationLevel
) > le32_to_cpu(IL_DELEGATE_LE
)) {
2578 pr_err("Invalid impersonationlevel : 0x%x\n",
2579 le32_to_cpu(req
->ImpersonationLevel
));
2581 rsp
->hdr
.Status
= STATUS_BAD_IMPERSONATION_LEVEL
;
2585 if (req
->CreateOptions
&& !(req
->CreateOptions
& CREATE_OPTIONS_MASK
)) {
2586 pr_err("Invalid create options : 0x%x\n",
2587 le32_to_cpu(req
->CreateOptions
));
2591 if (req
->CreateOptions
& FILE_SEQUENTIAL_ONLY_LE
&&
2592 req
->CreateOptions
& FILE_RANDOM_ACCESS_LE
)
2593 req
->CreateOptions
= ~(FILE_SEQUENTIAL_ONLY_LE
);
2595 if (req
->CreateOptions
&
2596 (FILE_OPEN_BY_FILE_ID_LE
| CREATE_TREE_CONNECTION
|
2597 FILE_RESERVE_OPFILTER_LE
)) {
2602 if (req
->CreateOptions
& FILE_DIRECTORY_FILE_LE
) {
2603 if (req
->CreateOptions
& FILE_NON_DIRECTORY_FILE_LE
) {
2606 } else if (req
->CreateOptions
& FILE_NO_COMPRESSION_LE
) {
2607 req
->CreateOptions
= ~(FILE_NO_COMPRESSION_LE
);
2612 if (le32_to_cpu(req
->CreateDisposition
) >
2613 le32_to_cpu(FILE_OVERWRITE_IF_LE
)) {
2614 pr_err("Invalid create disposition : 0x%x\n",
2615 le32_to_cpu(req
->CreateDisposition
));
2620 if (!(req
->DesiredAccess
& DESIRED_ACCESS_MASK
)) {
2621 pr_err("Invalid desired access : 0x%x\n",
2622 le32_to_cpu(req
->DesiredAccess
));
2627 if (req
->FileAttributes
&& !(req
->FileAttributes
& ATTR_MASK_LE
)) {
2628 pr_err("Invalid file attribute : 0x%x\n",
2629 le32_to_cpu(req
->FileAttributes
));
2634 if (req
->CreateContextsOffset
) {
2635 /* Parse non-durable handle create contexts */
2636 context
= smb2_find_context_vals(req
, SMB2_CREATE_EA_BUFFER
);
2637 if (IS_ERR(context
)) {
2638 rc
= PTR_ERR(context
);
2640 } else if (context
) {
2641 ea_buf
= (struct create_ea_buf_req
*)context
;
2642 if (le16_to_cpu(context
->DataOffset
) +
2643 le32_to_cpu(context
->DataLength
) <
2644 sizeof(struct create_ea_buf_req
)) {
2648 if (req
->CreateOptions
& FILE_NO_EA_KNOWLEDGE_LE
) {
2649 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
2655 context
= smb2_find_context_vals(req
,
2656 SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST
);
2657 if (IS_ERR(context
)) {
2658 rc
= PTR_ERR(context
);
2660 } else if (context
) {
2662 "get query maximal access context\n");
2663 maximal_access_ctxt
= 1;
2666 context
= smb2_find_context_vals(req
,
2667 SMB2_CREATE_TIMEWARP_REQUEST
);
2668 if (IS_ERR(context
)) {
2669 rc
= PTR_ERR(context
);
2671 } else if (context
) {
2672 ksmbd_debug(SMB
, "get timewarp context\n");
2677 if (tcon
->posix_extensions
) {
2678 context
= smb2_find_context_vals(req
,
2679 SMB2_CREATE_TAG_POSIX
);
2680 if (IS_ERR(context
)) {
2681 rc
= PTR_ERR(context
);
2683 } else if (context
) {
2684 struct create_posix
*posix
=
2685 (struct create_posix
*)context
;
2686 if (le16_to_cpu(context
->DataOffset
) +
2687 le32_to_cpu(context
->DataLength
) <
2688 sizeof(struct create_posix
)) {
2692 ksmbd_debug(SMB
, "get posix context\n");
2694 posix_mode
= le32_to_cpu(posix
->Mode
);
2700 if (ksmbd_override_fsids(work
)) {
2705 rc
= ksmbd_vfs_kern_path(work
, name
, LOOKUP_NO_SYMLINKS
, &path
, 1);
2707 if (req
->CreateOptions
& FILE_DELETE_ON_CLOSE_LE
) {
2709 * If file exists with under flags, return access
2712 if (req
->CreateDisposition
== FILE_OVERWRITE_IF_LE
||
2713 req
->CreateDisposition
== FILE_OPEN_IF_LE
) {
2719 if (!test_tree_conn_flag(tcon
, KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
2721 "User does not have write permission\n");
2726 } else if (d_is_symlink(path
.dentry
)) {
2736 ksmbd_debug(SMB
, "can not get linux path for %s, rc = %d\n",
2740 file_present
= true;
2741 user_ns
= mnt_user_ns(path
.mnt
);
2742 generic_fillattr(user_ns
, d_inode(path
.dentry
), &stat
);
2745 if (req
->CreateOptions
& FILE_DIRECTORY_FILE_LE
) {
2746 if (s_type
== DATA_STREAM
) {
2748 rsp
->hdr
.Status
= STATUS_NOT_A_DIRECTORY
;
2751 if (S_ISDIR(stat
.mode
) && s_type
== DATA_STREAM
) {
2753 rsp
->hdr
.Status
= STATUS_FILE_IS_A_DIRECTORY
;
2757 if (req
->CreateOptions
& FILE_DIRECTORY_FILE_LE
&&
2758 req
->FileAttributes
& ATTR_NORMAL_LE
) {
2759 rsp
->hdr
.Status
= STATUS_NOT_A_DIRECTORY
;
2767 if (file_present
&& req
->CreateOptions
& FILE_NON_DIRECTORY_FILE_LE
&&
2768 S_ISDIR(stat
.mode
) && !(req
->CreateOptions
& FILE_DELETE_ON_CLOSE_LE
)) {
2769 ksmbd_debug(SMB
, "open() argument is a directory: %s, %x\n",
2770 name
, req
->CreateOptions
);
2771 rsp
->hdr
.Status
= STATUS_FILE_IS_A_DIRECTORY
;
2776 if (file_present
&& (req
->CreateOptions
& FILE_DIRECTORY_FILE_LE
) &&
2777 !(req
->CreateDisposition
== FILE_CREATE_LE
) &&
2778 !S_ISDIR(stat
.mode
)) {
2779 rsp
->hdr
.Status
= STATUS_NOT_A_DIRECTORY
;
2784 if (!stream_name
&& file_present
&&
2785 req
->CreateDisposition
== FILE_CREATE_LE
) {
2790 daccess
= smb_map_generic_desired_access(req
->DesiredAccess
);
2792 if (file_present
&& !(req
->CreateOptions
& FILE_DELETE_ON_CLOSE_LE
)) {
2793 rc
= smb_check_perm_dacl(conn
, &path
, &daccess
,
2799 if (daccess
& FILE_MAXIMAL_ACCESS_LE
) {
2800 if (!file_present
) {
2801 daccess
= cpu_to_le32(GENERIC_ALL_FLAGS
);
2803 rc
= ksmbd_vfs_query_maximal_access(user_ns
,
2808 already_permitted
= true;
2810 maximal_access
= daccess
;
2813 open_flags
= smb2_create_open_flags(file_present
, daccess
,
2814 req
->CreateDisposition
,
2817 if (!test_tree_conn_flag(tcon
, KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
2818 if (open_flags
& O_CREAT
) {
2820 "User does not have write permission\n");
2826 /*create file if not present */
2827 if (!file_present
) {
2828 rc
= smb2_creat(work
, &path
, name
, open_flags
, posix_mode
,
2829 req
->CreateOptions
& FILE_DIRECTORY_FILE_LE
);
2831 if (rc
== -ENOENT
) {
2833 rsp
->hdr
.Status
= STATUS_OBJECT_PATH_NOT_FOUND
;
2839 user_ns
= mnt_user_ns(path
.mnt
);
2841 if (le32_to_cpu(ea_buf
->ccontext
.DataLength
) <
2842 sizeof(struct smb2_ea_info
)) {
2847 rc
= smb2_set_ea(&ea_buf
->ea
,
2848 le32_to_cpu(ea_buf
->ccontext
.DataLength
),
2850 if (rc
== -EOPNOTSUPP
)
2855 } else if (!already_permitted
) {
2856 /* FILE_READ_ATTRIBUTE is allowed without inode_permission,
2857 * because execute(search) permission on a parent directory,
2858 * is already granted.
2860 if (daccess
& ~(FILE_READ_ATTRIBUTES_LE
| FILE_READ_CONTROL_LE
)) {
2861 rc
= inode_permission(user_ns
,
2862 d_inode(path
.dentry
),
2867 if ((daccess
& FILE_DELETE_LE
) ||
2868 (req
->CreateOptions
& FILE_DELETE_ON_CLOSE_LE
)) {
2869 rc
= ksmbd_vfs_may_delete(user_ns
,
2877 rc
= ksmbd_query_inode_status(d_inode(path
.dentry
->d_parent
));
2878 if (rc
== KSMBD_INODE_STATUS_PENDING_DELETE
) {
2884 filp
= dentry_open(&path
, open_flags
, current_cred());
2887 pr_err("dentry open for dir failed, rc %d\n", rc
);
2892 if (!(open_flags
& O_TRUNC
))
2893 file_info
= FILE_OPENED
;
2895 file_info
= FILE_OVERWRITTEN
;
2897 if ((req
->CreateDisposition
& FILE_CREATE_MASK_LE
) ==
2899 file_info
= FILE_SUPERSEDED
;
2900 } else if (open_flags
& O_CREAT
) {
2901 file_info
= FILE_CREATED
;
2904 ksmbd_vfs_set_fadvise(filp
, req
->CreateOptions
);
2906 /* Obtain Volatile-ID */
2907 fp
= ksmbd_open_fd(work
, filp
);
2915 /* Get Persistent-ID */
2916 ksmbd_open_durable_fd(fp
);
2917 if (!has_file_id(fp
->persistent_id
)) {
2922 fp
->filename
= name
;
2923 fp
->cdoption
= req
->CreateDisposition
;
2924 fp
->daccess
= daccess
;
2925 fp
->saccess
= req
->ShareAccess
;
2926 fp
->coption
= req
->CreateOptions
;
2928 /* Set default windows and posix acls if creating new file */
2931 struct inode
*inode
= d_inode(path
.dentry
);
2933 posix_acl_rc
= ksmbd_vfs_inherit_posix_acl(user_ns
,
2935 d_inode(path
.dentry
->d_parent
));
2937 ksmbd_debug(SMB
, "inherit posix acl failed : %d\n", posix_acl_rc
);
2939 if (test_share_config_flag(work
->tcon
->share_conf
,
2940 KSMBD_SHARE_FLAG_ACL_XATTR
)) {
2941 rc
= smb_inherit_dacl(conn
, &path
, sess
->user
->uid
,
2946 rc
= smb2_create_sd_buffer(work
, req
, &path
);
2949 ksmbd_vfs_set_init_posix_acl(user_ns
,
2952 if (test_share_config_flag(work
->tcon
->share_conf
,
2953 KSMBD_SHARE_FLAG_ACL_XATTR
)) {
2954 struct smb_fattr fattr
;
2955 struct smb_ntsd
*pntsd
;
2956 int pntsd_size
, ace_num
= 0;
2958 ksmbd_acls_fattr(&fattr
, user_ns
, inode
);
2960 ace_num
= fattr
.cf_acls
->a_count
;
2962 ace_num
+= fattr
.cf_dacls
->a_count
;
2964 pntsd
= kmalloc(sizeof(struct smb_ntsd
) +
2965 sizeof(struct smb_sid
) * 3 +
2966 sizeof(struct smb_acl
) +
2967 sizeof(struct smb_ace
) * ace_num
* 2,
2972 rc
= build_sec_desc(user_ns
,
2977 &pntsd_size
, &fattr
);
2978 posix_acl_release(fattr
.cf_acls
);
2979 posix_acl_release(fattr
.cf_dacls
);
2985 rc
= ksmbd_vfs_set_sd_xattr(conn
,
2992 pr_err("failed to store ntacl in xattr : %d\n",
3001 rc
= smb2_set_stream_name_xattr(&path
,
3007 file_info
= FILE_CREATED
;
3010 fp
->attrib_only
= !(req
->DesiredAccess
& ~(FILE_READ_ATTRIBUTES_LE
|
3011 FILE_WRITE_ATTRIBUTES_LE
| FILE_SYNCHRONIZE_LE
));
3012 if (!S_ISDIR(file_inode(filp
)->i_mode
) && open_flags
& O_TRUNC
&&
3013 !fp
->attrib_only
&& !stream_name
) {
3014 smb_break_all_oplock(work
, fp
);
3018 /* fp should be searchable through ksmbd_inode.m_fp_list
3019 * after daccess, saccess, attrib_only, and stream are
3022 write_lock(&fp
->f_ci
->m_lock
);
3023 list_add(&fp
->node
, &fp
->f_ci
->m_fp_list
);
3024 write_unlock(&fp
->f_ci
->m_lock
);
3026 rc
= ksmbd_vfs_getattr(&path
, &stat
);
3028 generic_fillattr(user_ns
, d_inode(path
.dentry
), &stat
);
3032 /* Check delete pending among previous fp before oplock break */
3033 if (ksmbd_inode_pending_delete(fp
)) {
3038 share_ret
= ksmbd_smb_check_shared_mode(fp
->filp
, fp
);
3039 if (!test_share_config_flag(work
->tcon
->share_conf
, KSMBD_SHARE_FLAG_OPLOCKS
) ||
3040 (req_op_level
== SMB2_OPLOCK_LEVEL_LEASE
&&
3041 !(conn
->vals
->capabilities
& SMB2_GLOBAL_CAP_LEASING
))) {
3042 if (share_ret
< 0 && !S_ISDIR(file_inode(fp
->filp
)->i_mode
)) {
3047 if (req_op_level
== SMB2_OPLOCK_LEVEL_LEASE
) {
3048 req_op_level
= smb2_map_lease_to_oplock(lc
->req_state
);
3050 "lease req for(%s) req oplock state 0x%x, lease state 0x%x\n",
3051 name
, req_op_level
, lc
->req_state
);
3052 rc
= find_same_lease_key(sess
, fp
->f_ci
, lc
);
3055 } else if (open_flags
== O_RDONLY
&&
3056 (req_op_level
== SMB2_OPLOCK_LEVEL_BATCH
||
3057 req_op_level
== SMB2_OPLOCK_LEVEL_EXCLUSIVE
))
3058 req_op_level
= SMB2_OPLOCK_LEVEL_II
;
3060 rc
= smb_grant_oplock(work
, req_op_level
,
3061 fp
->persistent_id
, fp
,
3062 le32_to_cpu(req
->hdr
.Id
.SyncId
.TreeId
),
3068 if (req
->CreateOptions
& FILE_DELETE_ON_CLOSE_LE
)
3069 ksmbd_fd_set_delete_on_close(fp
, file_info
);
3071 if (need_truncate
) {
3072 rc
= smb2_create_truncate(&path
);
3077 if (req
->CreateContextsOffset
) {
3078 struct create_alloc_size_req
*az_req
;
3080 az_req
= (struct create_alloc_size_req
*)smb2_find_context_vals(req
,
3081 SMB2_CREATE_ALLOCATION_SIZE
);
3082 if (IS_ERR(az_req
)) {
3083 rc
= PTR_ERR(az_req
);
3085 } else if (az_req
) {
3089 if (le16_to_cpu(az_req
->ccontext
.DataOffset
) +
3090 le32_to_cpu(az_req
->ccontext
.DataLength
) <
3091 sizeof(struct create_alloc_size_req
)) {
3095 alloc_size
= le64_to_cpu(az_req
->AllocationSize
);
3097 "request smb2 create allocate size : %llu\n",
3099 smb_break_all_levII_oplock(work
, fp
, 1);
3100 err
= vfs_fallocate(fp
->filp
, FALLOC_FL_KEEP_SIZE
, 0,
3104 "vfs_fallocate is failed : %d\n",
3108 context
= smb2_find_context_vals(req
, SMB2_CREATE_QUERY_ON_DISK_ID
);
3109 if (IS_ERR(context
)) {
3110 rc
= PTR_ERR(context
);
3112 } else if (context
) {
3113 ksmbd_debug(SMB
, "get query on disk id context\n");
3118 if (stat
.result_mask
& STATX_BTIME
)
3119 fp
->create_time
= ksmbd_UnixTimeToNT(stat
.btime
);
3121 fp
->create_time
= ksmbd_UnixTimeToNT(stat
.ctime
);
3122 if (req
->FileAttributes
|| fp
->f_ci
->m_fattr
== 0)
3124 cpu_to_le32(smb2_get_dos_mode(&stat
, le32_to_cpu(req
->FileAttributes
)));
3127 smb2_update_xattrs(tcon
, &path
, fp
);
3129 smb2_new_xattrs(tcon
, &path
, fp
);
3131 memcpy(fp
->client_guid
, conn
->ClientGUID
, SMB2_CLIENT_GUID_SIZE
);
3133 generic_fillattr(user_ns
, file_inode(fp
->filp
),
3136 rsp
->StructureSize
= cpu_to_le16(89);
3138 opinfo
= rcu_dereference(fp
->f_opinfo
);
3139 rsp
->OplockLevel
= opinfo
!= NULL
? opinfo
->level
: 0;
3142 rsp
->CreateAction
= cpu_to_le32(file_info
);
3143 rsp
->CreationTime
= cpu_to_le64(fp
->create_time
);
3144 time
= ksmbd_UnixTimeToNT(stat
.atime
);
3145 rsp
->LastAccessTime
= cpu_to_le64(time
);
3146 time
= ksmbd_UnixTimeToNT(stat
.mtime
);
3147 rsp
->LastWriteTime
= cpu_to_le64(time
);
3148 time
= ksmbd_UnixTimeToNT(stat
.ctime
);
3149 rsp
->ChangeTime
= cpu_to_le64(time
);
3150 rsp
->AllocationSize
= S_ISDIR(stat
.mode
) ? 0 :
3151 cpu_to_le64(stat
.blocks
<< 9);
3152 rsp
->EndofFile
= S_ISDIR(stat
.mode
) ? 0 : cpu_to_le64(stat
.size
);
3153 rsp
->FileAttributes
= fp
->f_ci
->m_fattr
;
3157 rsp
->PersistentFileId
= cpu_to_le64(fp
->persistent_id
);
3158 rsp
->VolatileFileId
= cpu_to_le64(fp
->volatile_id
);
3160 rsp
->CreateContextsOffset
= 0;
3161 rsp
->CreateContextsLength
= 0;
3162 inc_rfc1001_len(rsp_org
, 88); /* StructureSize - 1*/
3164 /* If lease is request send lease context response */
3165 if (opinfo
&& opinfo
->is_lease
) {
3166 struct create_context
*lease_ccontext
;
3168 ksmbd_debug(SMB
, "lease granted on(%s) lease state 0x%x\n",
3169 name
, opinfo
->o_lease
->state
);
3170 rsp
->OplockLevel
= SMB2_OPLOCK_LEVEL_LEASE
;
3172 lease_ccontext
= (struct create_context
*)rsp
->Buffer
;
3174 create_lease_buf(rsp
->Buffer
, opinfo
->o_lease
);
3175 le32_add_cpu(&rsp
->CreateContextsLength
,
3176 conn
->vals
->create_lease_size
);
3177 inc_rfc1001_len(rsp_org
, conn
->vals
->create_lease_size
);
3178 next_ptr
= &lease_ccontext
->Next
;
3179 next_off
= conn
->vals
->create_lease_size
;
3182 if (maximal_access_ctxt
) {
3183 struct create_context
*mxac_ccontext
;
3185 if (maximal_access
== 0)
3186 ksmbd_vfs_query_maximal_access(user_ns
,
3189 mxac_ccontext
= (struct create_context
*)(rsp
->Buffer
+
3190 le32_to_cpu(rsp
->CreateContextsLength
));
3192 create_mxac_rsp_buf(rsp
->Buffer
+
3193 le32_to_cpu(rsp
->CreateContextsLength
),
3194 le32_to_cpu(maximal_access
));
3195 le32_add_cpu(&rsp
->CreateContextsLength
,
3196 conn
->vals
->create_mxac_size
);
3197 inc_rfc1001_len(rsp_org
, conn
->vals
->create_mxac_size
);
3199 *next_ptr
= cpu_to_le32(next_off
);
3200 next_ptr
= &mxac_ccontext
->Next
;
3201 next_off
= conn
->vals
->create_mxac_size
;
3204 if (query_disk_id
) {
3205 struct create_context
*disk_id_ccontext
;
3207 disk_id_ccontext
= (struct create_context
*)(rsp
->Buffer
+
3208 le32_to_cpu(rsp
->CreateContextsLength
));
3210 create_disk_id_rsp_buf(rsp
->Buffer
+
3211 le32_to_cpu(rsp
->CreateContextsLength
),
3212 stat
.ino
, tcon
->id
);
3213 le32_add_cpu(&rsp
->CreateContextsLength
,
3214 conn
->vals
->create_disk_id_size
);
3215 inc_rfc1001_len(rsp_org
, conn
->vals
->create_disk_id_size
);
3217 *next_ptr
= cpu_to_le32(next_off
);
3218 next_ptr
= &disk_id_ccontext
->Next
;
3219 next_off
= conn
->vals
->create_disk_id_size
;
3224 create_posix_rsp_buf(rsp
->Buffer
+
3225 le32_to_cpu(rsp
->CreateContextsLength
),
3227 le32_add_cpu(&rsp
->CreateContextsLength
,
3228 conn
->vals
->create_posix_size
);
3229 inc_rfc1001_len(rsp_org
, conn
->vals
->create_posix_size
);
3231 *next_ptr
= cpu_to_le32(next_off
);
3234 if (contxt_cnt
> 0) {
3235 rsp
->CreateContextsOffset
=
3236 cpu_to_le32(offsetof(struct smb2_create_rsp
, Buffer
)
3241 if (file_present
|| created
)
3243 ksmbd_revert_fsids(work
);
3247 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
3248 else if (rc
== -EOPNOTSUPP
)
3249 rsp
->hdr
.Status
= STATUS_NOT_SUPPORTED
;
3250 else if (rc
== -EACCES
|| rc
== -ESTALE
|| rc
== -EXDEV
)
3251 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
3252 else if (rc
== -ENOENT
)
3253 rsp
->hdr
.Status
= STATUS_OBJECT_NAME_INVALID
;
3254 else if (rc
== -EPERM
)
3255 rsp
->hdr
.Status
= STATUS_SHARING_VIOLATION
;
3256 else if (rc
== -EBUSY
)
3257 rsp
->hdr
.Status
= STATUS_DELETE_PENDING
;
3258 else if (rc
== -EBADF
)
3259 rsp
->hdr
.Status
= STATUS_OBJECT_NAME_NOT_FOUND
;
3260 else if (rc
== -ENOEXEC
)
3261 rsp
->hdr
.Status
= STATUS_DUPLICATE_OBJECTID
;
3262 else if (rc
== -ENXIO
)
3263 rsp
->hdr
.Status
= STATUS_NO_SUCH_DEVICE
;
3264 else if (rc
== -EEXIST
)
3265 rsp
->hdr
.Status
= STATUS_OBJECT_NAME_COLLISION
;
3266 else if (rc
== -EMFILE
)
3267 rsp
->hdr
.Status
= STATUS_INSUFFICIENT_RESOURCES
;
3268 if (!rsp
->hdr
.Status
)
3269 rsp
->hdr
.Status
= STATUS_UNEXPECTED_IO_ERROR
;
3271 if (!fp
|| !fp
->filename
)
3274 ksmbd_fd_put(work
, fp
);
3275 smb2_set_err_rsp(work
);
3276 ksmbd_debug(SMB
, "Error response: %x\n", rsp
->hdr
.Status
);
3284 static int readdir_info_level_struct_sz(int info_level
)
3286 switch (info_level
) {
3287 case FILE_FULL_DIRECTORY_INFORMATION
:
3288 return sizeof(struct file_full_directory_info
);
3289 case FILE_BOTH_DIRECTORY_INFORMATION
:
3290 return sizeof(struct file_both_directory_info
);
3291 case FILE_DIRECTORY_INFORMATION
:
3292 return sizeof(struct file_directory_info
);
3293 case FILE_NAMES_INFORMATION
:
3294 return sizeof(struct file_names_info
);
3295 case FILEID_FULL_DIRECTORY_INFORMATION
:
3296 return sizeof(struct file_id_full_dir_info
);
3297 case FILEID_BOTH_DIRECTORY_INFORMATION
:
3298 return sizeof(struct file_id_both_directory_info
);
3299 case SMB_FIND_FILE_POSIX_INFO
:
3300 return sizeof(struct smb2_posix_info
);
3306 static int dentry_name(struct ksmbd_dir_info
*d_info
, int info_level
)
3308 switch (info_level
) {
3309 case FILE_FULL_DIRECTORY_INFORMATION
:
3311 struct file_full_directory_info
*ffdinfo
;
3313 ffdinfo
= (struct file_full_directory_info
*)d_info
->rptr
;
3314 d_info
->rptr
+= le32_to_cpu(ffdinfo
->NextEntryOffset
);
3315 d_info
->name
= ffdinfo
->FileName
;
3316 d_info
->name_len
= le32_to_cpu(ffdinfo
->FileNameLength
);
3319 case FILE_BOTH_DIRECTORY_INFORMATION
:
3321 struct file_both_directory_info
*fbdinfo
;
3323 fbdinfo
= (struct file_both_directory_info
*)d_info
->rptr
;
3324 d_info
->rptr
+= le32_to_cpu(fbdinfo
->NextEntryOffset
);
3325 d_info
->name
= fbdinfo
->FileName
;
3326 d_info
->name_len
= le32_to_cpu(fbdinfo
->FileNameLength
);
3329 case FILE_DIRECTORY_INFORMATION
:
3331 struct file_directory_info
*fdinfo
;
3333 fdinfo
= (struct file_directory_info
*)d_info
->rptr
;
3334 d_info
->rptr
+= le32_to_cpu(fdinfo
->NextEntryOffset
);
3335 d_info
->name
= fdinfo
->FileName
;
3336 d_info
->name_len
= le32_to_cpu(fdinfo
->FileNameLength
);
3339 case FILE_NAMES_INFORMATION
:
3341 struct file_names_info
*fninfo
;
3343 fninfo
= (struct file_names_info
*)d_info
->rptr
;
3344 d_info
->rptr
+= le32_to_cpu(fninfo
->NextEntryOffset
);
3345 d_info
->name
= fninfo
->FileName
;
3346 d_info
->name_len
= le32_to_cpu(fninfo
->FileNameLength
);
3349 case FILEID_FULL_DIRECTORY_INFORMATION
:
3351 struct file_id_full_dir_info
*dinfo
;
3353 dinfo
= (struct file_id_full_dir_info
*)d_info
->rptr
;
3354 d_info
->rptr
+= le32_to_cpu(dinfo
->NextEntryOffset
);
3355 d_info
->name
= dinfo
->FileName
;
3356 d_info
->name_len
= le32_to_cpu(dinfo
->FileNameLength
);
3359 case FILEID_BOTH_DIRECTORY_INFORMATION
:
3361 struct file_id_both_directory_info
*fibdinfo
;
3363 fibdinfo
= (struct file_id_both_directory_info
*)d_info
->rptr
;
3364 d_info
->rptr
+= le32_to_cpu(fibdinfo
->NextEntryOffset
);
3365 d_info
->name
= fibdinfo
->FileName
;
3366 d_info
->name_len
= le32_to_cpu(fibdinfo
->FileNameLength
);
3369 case SMB_FIND_FILE_POSIX_INFO
:
3371 struct smb2_posix_info
*posix_info
;
3373 posix_info
= (struct smb2_posix_info
*)d_info
->rptr
;
3374 d_info
->rptr
+= le32_to_cpu(posix_info
->NextEntryOffset
);
3375 d_info
->name
= posix_info
->name
;
3376 d_info
->name_len
= le32_to_cpu(posix_info
->name_len
);
3385 * smb2_populate_readdir_entry() - encode directory entry in smb2 response
3387 * @conn: connection instance
3388 * @info_level: smb information level
3389 * @d_info: structure included variables for query dir
3390 * @user_ns: user namespace
3391 * @ksmbd_kstat: ksmbd wrapper of dirent stat information
3393 * if directory has many entries, find first can't read it fully.
3394 * find next might be called multiple times to read remaining dir entries
3396 * Return: 0 on success, otherwise error
3398 static int smb2_populate_readdir_entry(struct ksmbd_conn
*conn
, int info_level
,
3399 struct ksmbd_dir_info
*d_info
,
3400 struct ksmbd_kstat
*ksmbd_kstat
)
3402 int next_entry_offset
= 0;
3406 int struct_sz
, rc
= 0;
3408 conv_name
= ksmbd_convert_dir_info_name(d_info
,
3414 /* Somehow the name has only terminating NULL bytes */
3417 goto free_conv_name
;
3420 struct_sz
= readdir_info_level_struct_sz(info_level
);
3421 next_entry_offset
= ALIGN(struct_sz
- 1 + conv_len
,
3422 KSMBD_DIR_INFO_ALIGNMENT
);
3424 if (next_entry_offset
> d_info
->out_buf_len
) {
3425 d_info
->out_buf_len
= 0;
3427 goto free_conv_name
;
3430 kstat
= d_info
->wptr
;
3431 if (info_level
!= FILE_NAMES_INFORMATION
)
3432 kstat
= ksmbd_vfs_init_kstat(&d_info
->wptr
, ksmbd_kstat
);
3434 switch (info_level
) {
3435 case FILE_FULL_DIRECTORY_INFORMATION
:
3437 struct file_full_directory_info
*ffdinfo
;
3439 ffdinfo
= (struct file_full_directory_info
*)kstat
;
3440 ffdinfo
->FileNameLength
= cpu_to_le32(conv_len
);
3442 smb2_get_reparse_tag_special_file(ksmbd_kstat
->kstat
->mode
);
3443 if (ffdinfo
->EaSize
)
3444 ffdinfo
->ExtFileAttributes
= ATTR_REPARSE_POINT_LE
;
3445 if (d_info
->hide_dot_file
&& d_info
->name
[0] == '.')
3446 ffdinfo
->ExtFileAttributes
|= ATTR_HIDDEN_LE
;
3447 memcpy(ffdinfo
->FileName
, conv_name
, conv_len
);
3448 ffdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3451 case FILE_BOTH_DIRECTORY_INFORMATION
:
3453 struct file_both_directory_info
*fbdinfo
;
3455 fbdinfo
= (struct file_both_directory_info
*)kstat
;
3456 fbdinfo
->FileNameLength
= cpu_to_le32(conv_len
);
3458 smb2_get_reparse_tag_special_file(ksmbd_kstat
->kstat
->mode
);
3459 if (fbdinfo
->EaSize
)
3460 fbdinfo
->ExtFileAttributes
= ATTR_REPARSE_POINT_LE
;
3461 fbdinfo
->ShortNameLength
= 0;
3462 fbdinfo
->Reserved
= 0;
3463 if (d_info
->hide_dot_file
&& d_info
->name
[0] == '.')
3464 fbdinfo
->ExtFileAttributes
|= ATTR_HIDDEN_LE
;
3465 memcpy(fbdinfo
->FileName
, conv_name
, conv_len
);
3466 fbdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3469 case FILE_DIRECTORY_INFORMATION
:
3471 struct file_directory_info
*fdinfo
;
3473 fdinfo
= (struct file_directory_info
*)kstat
;
3474 fdinfo
->FileNameLength
= cpu_to_le32(conv_len
);
3475 if (d_info
->hide_dot_file
&& d_info
->name
[0] == '.')
3476 fdinfo
->ExtFileAttributes
|= ATTR_HIDDEN_LE
;
3477 memcpy(fdinfo
->FileName
, conv_name
, conv_len
);
3478 fdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3481 case FILE_NAMES_INFORMATION
:
3483 struct file_names_info
*fninfo
;
3485 fninfo
= (struct file_names_info
*)kstat
;
3486 fninfo
->FileNameLength
= cpu_to_le32(conv_len
);
3487 memcpy(fninfo
->FileName
, conv_name
, conv_len
);
3488 fninfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3491 case FILEID_FULL_DIRECTORY_INFORMATION
:
3493 struct file_id_full_dir_info
*dinfo
;
3495 dinfo
= (struct file_id_full_dir_info
*)kstat
;
3496 dinfo
->FileNameLength
= cpu_to_le32(conv_len
);
3498 smb2_get_reparse_tag_special_file(ksmbd_kstat
->kstat
->mode
);
3500 dinfo
->ExtFileAttributes
= ATTR_REPARSE_POINT_LE
;
3501 dinfo
->Reserved
= 0;
3502 dinfo
->UniqueId
= cpu_to_le64(ksmbd_kstat
->kstat
->ino
);
3503 if (d_info
->hide_dot_file
&& d_info
->name
[0] == '.')
3504 dinfo
->ExtFileAttributes
|= ATTR_HIDDEN_LE
;
3505 memcpy(dinfo
->FileName
, conv_name
, conv_len
);
3506 dinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3509 case FILEID_BOTH_DIRECTORY_INFORMATION
:
3511 struct file_id_both_directory_info
*fibdinfo
;
3513 fibdinfo
= (struct file_id_both_directory_info
*)kstat
;
3514 fibdinfo
->FileNameLength
= cpu_to_le32(conv_len
);
3516 smb2_get_reparse_tag_special_file(ksmbd_kstat
->kstat
->mode
);
3517 if (fibdinfo
->EaSize
)
3518 fibdinfo
->ExtFileAttributes
= ATTR_REPARSE_POINT_LE
;
3519 fibdinfo
->UniqueId
= cpu_to_le64(ksmbd_kstat
->kstat
->ino
);
3520 fibdinfo
->ShortNameLength
= 0;
3521 fibdinfo
->Reserved
= 0;
3522 fibdinfo
->Reserved2
= cpu_to_le16(0);
3523 if (d_info
->hide_dot_file
&& d_info
->name
[0] == '.')
3524 fibdinfo
->ExtFileAttributes
|= ATTR_HIDDEN_LE
;
3525 memcpy(fibdinfo
->FileName
, conv_name
, conv_len
);
3526 fibdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3529 case SMB_FIND_FILE_POSIX_INFO
:
3531 struct smb2_posix_info
*posix_info
;
3534 posix_info
= (struct smb2_posix_info
*)kstat
;
3535 posix_info
->Ignored
= 0;
3536 posix_info
->CreationTime
= cpu_to_le64(ksmbd_kstat
->create_time
);
3537 time
= ksmbd_UnixTimeToNT(ksmbd_kstat
->kstat
->ctime
);
3538 posix_info
->ChangeTime
= cpu_to_le64(time
);
3539 time
= ksmbd_UnixTimeToNT(ksmbd_kstat
->kstat
->atime
);
3540 posix_info
->LastAccessTime
= cpu_to_le64(time
);
3541 time
= ksmbd_UnixTimeToNT(ksmbd_kstat
->kstat
->mtime
);
3542 posix_info
->LastWriteTime
= cpu_to_le64(time
);
3543 posix_info
->EndOfFile
= cpu_to_le64(ksmbd_kstat
->kstat
->size
);
3544 posix_info
->AllocationSize
= cpu_to_le64(ksmbd_kstat
->kstat
->blocks
<< 9);
3545 posix_info
->DeviceId
= cpu_to_le32(ksmbd_kstat
->kstat
->rdev
);
3546 posix_info
->HardLinks
= cpu_to_le32(ksmbd_kstat
->kstat
->nlink
);
3547 posix_info
->Mode
= cpu_to_le32(ksmbd_kstat
->kstat
->mode
);
3548 posix_info
->Inode
= cpu_to_le64(ksmbd_kstat
->kstat
->ino
);
3549 posix_info
->DosAttributes
=
3550 S_ISDIR(ksmbd_kstat
->kstat
->mode
) ? ATTR_DIRECTORY_LE
: ATTR_ARCHIVE_LE
;
3551 if (d_info
->hide_dot_file
&& d_info
->name
[0] == '.')
3552 posix_info
->DosAttributes
|= ATTR_HIDDEN_LE
;
3553 id_to_sid(from_kuid_munged(&init_user_ns
, ksmbd_kstat
->kstat
->uid
),
3554 SIDNFS_USER
, (struct smb_sid
*)&posix_info
->SidBuffer
[0]);
3555 id_to_sid(from_kgid_munged(&init_user_ns
, ksmbd_kstat
->kstat
->gid
),
3556 SIDNFS_GROUP
, (struct smb_sid
*)&posix_info
->SidBuffer
[20]);
3557 memcpy(posix_info
->name
, conv_name
, conv_len
);
3558 posix_info
->name_len
= cpu_to_le32(conv_len
);
3559 posix_info
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3563 } /* switch (info_level) */
3565 d_info
->last_entry_offset
= d_info
->data_count
;
3566 d_info
->data_count
+= next_entry_offset
;
3567 d_info
->out_buf_len
-= next_entry_offset
;
3568 d_info
->wptr
+= next_entry_offset
;
3571 "info_level : %d, buf_len :%d, next_offset : %d, data_count : %d\n",
3572 info_level
, d_info
->out_buf_len
,
3573 next_entry_offset
, d_info
->data_count
);
3580 struct smb2_query_dir_private
{
3581 struct ksmbd_work
*work
;
3582 char *search_pattern
;
3583 struct ksmbd_file
*dir_fp
;
3585 struct ksmbd_dir_info
*d_info
;
3589 static void lock_dir(struct ksmbd_file
*dir_fp
)
3591 struct dentry
*dir
= dir_fp
->filp
->f_path
.dentry
;
3593 inode_lock_nested(d_inode(dir
), I_MUTEX_PARENT
);
3596 static void unlock_dir(struct ksmbd_file
*dir_fp
)
3598 struct dentry
*dir
= dir_fp
->filp
->f_path
.dentry
;
3600 inode_unlock(d_inode(dir
));
3603 static int process_query_dir_entries(struct smb2_query_dir_private
*priv
)
3605 struct user_namespace
*user_ns
= file_mnt_user_ns(priv
->dir_fp
->filp
);
3607 struct ksmbd_kstat ksmbd_kstat
;
3611 for (i
= 0; i
< priv
->d_info
->num_entry
; i
++) {
3612 struct dentry
*dent
;
3614 if (dentry_name(priv
->d_info
, priv
->info_level
))
3617 lock_dir(priv
->dir_fp
);
3618 dent
= lookup_one(user_ns
, priv
->d_info
->name
,
3619 priv
->dir_fp
->filp
->f_path
.dentry
,
3620 priv
->d_info
->name_len
);
3621 unlock_dir(priv
->dir_fp
);
3624 ksmbd_debug(SMB
, "Cannot lookup `%s' [%ld]\n",
3629 if (unlikely(d_is_negative(dent
))) {
3631 ksmbd_debug(SMB
, "Negative dentry `%s'\n",
3632 priv
->d_info
->name
);
3636 ksmbd_kstat
.kstat
= &kstat
;
3637 if (priv
->info_level
!= FILE_NAMES_INFORMATION
)
3638 ksmbd_vfs_fill_dentry_attrs(priv
->work
,
3643 rc
= smb2_populate_readdir_entry(priv
->work
->conn
,
3654 static int reserve_populate_dentry(struct ksmbd_dir_info
*d_info
,
3659 int next_entry_offset
;
3661 struct_sz
= readdir_info_level_struct_sz(info_level
);
3662 if (struct_sz
== -EOPNOTSUPP
)
3665 conv_len
= (d_info
->name_len
+ 1) * 2;
3666 next_entry_offset
= ALIGN(struct_sz
- 1 + conv_len
,
3667 KSMBD_DIR_INFO_ALIGNMENT
);
3669 if (next_entry_offset
> d_info
->out_buf_len
) {
3670 d_info
->out_buf_len
= 0;
3674 switch (info_level
) {
3675 case FILE_FULL_DIRECTORY_INFORMATION
:
3677 struct file_full_directory_info
*ffdinfo
;
3679 ffdinfo
= (struct file_full_directory_info
*)d_info
->wptr
;
3680 memcpy(ffdinfo
->FileName
, d_info
->name
, d_info
->name_len
);
3681 ffdinfo
->FileName
[d_info
->name_len
] = 0x00;
3682 ffdinfo
->FileNameLength
= cpu_to_le32(d_info
->name_len
);
3683 ffdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3686 case FILE_BOTH_DIRECTORY_INFORMATION
:
3688 struct file_both_directory_info
*fbdinfo
;
3690 fbdinfo
= (struct file_both_directory_info
*)d_info
->wptr
;
3691 memcpy(fbdinfo
->FileName
, d_info
->name
, d_info
->name_len
);
3692 fbdinfo
->FileName
[d_info
->name_len
] = 0x00;
3693 fbdinfo
->FileNameLength
= cpu_to_le32(d_info
->name_len
);
3694 fbdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3697 case FILE_DIRECTORY_INFORMATION
:
3699 struct file_directory_info
*fdinfo
;
3701 fdinfo
= (struct file_directory_info
*)d_info
->wptr
;
3702 memcpy(fdinfo
->FileName
, d_info
->name
, d_info
->name_len
);
3703 fdinfo
->FileName
[d_info
->name_len
] = 0x00;
3704 fdinfo
->FileNameLength
= cpu_to_le32(d_info
->name_len
);
3705 fdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3708 case FILE_NAMES_INFORMATION
:
3710 struct file_names_info
*fninfo
;
3712 fninfo
= (struct file_names_info
*)d_info
->wptr
;
3713 memcpy(fninfo
->FileName
, d_info
->name
, d_info
->name_len
);
3714 fninfo
->FileName
[d_info
->name_len
] = 0x00;
3715 fninfo
->FileNameLength
= cpu_to_le32(d_info
->name_len
);
3716 fninfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3719 case FILEID_FULL_DIRECTORY_INFORMATION
:
3721 struct file_id_full_dir_info
*dinfo
;
3723 dinfo
= (struct file_id_full_dir_info
*)d_info
->wptr
;
3724 memcpy(dinfo
->FileName
, d_info
->name
, d_info
->name_len
);
3725 dinfo
->FileName
[d_info
->name_len
] = 0x00;
3726 dinfo
->FileNameLength
= cpu_to_le32(d_info
->name_len
);
3727 dinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3730 case FILEID_BOTH_DIRECTORY_INFORMATION
:
3732 struct file_id_both_directory_info
*fibdinfo
;
3734 fibdinfo
= (struct file_id_both_directory_info
*)d_info
->wptr
;
3735 memcpy(fibdinfo
->FileName
, d_info
->name
, d_info
->name_len
);
3736 fibdinfo
->FileName
[d_info
->name_len
] = 0x00;
3737 fibdinfo
->FileNameLength
= cpu_to_le32(d_info
->name_len
);
3738 fibdinfo
->NextEntryOffset
= cpu_to_le32(next_entry_offset
);
3741 case SMB_FIND_FILE_POSIX_INFO
:
3743 struct smb2_posix_info
*posix_info
;
3745 posix_info
= (struct smb2_posix_info
*)d_info
->wptr
;
3746 memcpy(posix_info
->name
, d_info
->name
, d_info
->name_len
);
3747 posix_info
->name
[d_info
->name_len
] = 0x00;
3748 posix_info
->name_len
= cpu_to_le32(d_info
->name_len
);
3749 posix_info
->NextEntryOffset
=
3750 cpu_to_le32(next_entry_offset
);
3753 } /* switch (info_level) */
3755 d_info
->num_entry
++;
3756 d_info
->out_buf_len
-= next_entry_offset
;
3757 d_info
->wptr
+= next_entry_offset
;
3761 static int __query_dir(struct dir_context
*ctx
, const char *name
, int namlen
,
3762 loff_t offset
, u64 ino
, unsigned int d_type
)
3764 struct ksmbd_readdir_data
*buf
;
3765 struct smb2_query_dir_private
*priv
;
3766 struct ksmbd_dir_info
*d_info
;
3769 buf
= container_of(ctx
, struct ksmbd_readdir_data
, ctx
);
3770 priv
= buf
->private;
3771 d_info
= priv
->d_info
;
3773 /* dot and dotdot entries are already reserved */
3774 if (!strcmp(".", name
) || !strcmp("..", name
))
3776 if (ksmbd_share_veto_filename(priv
->work
->tcon
->share_conf
, name
))
3778 if (!match_pattern(name
, namlen
, priv
->search_pattern
))
3781 d_info
->name
= name
;
3782 d_info
->name_len
= namlen
;
3783 rc
= reserve_populate_dentry(d_info
, priv
->info_level
);
3786 if (d_info
->flags
& SMB2_RETURN_SINGLE_ENTRY
) {
3787 d_info
->out_buf_len
= 0;
3793 static void restart_ctx(struct dir_context
*ctx
)
3798 static int verify_info_level(int info_level
)
3800 switch (info_level
) {
3801 case FILE_FULL_DIRECTORY_INFORMATION
:
3802 case FILE_BOTH_DIRECTORY_INFORMATION
:
3803 case FILE_DIRECTORY_INFORMATION
:
3804 case FILE_NAMES_INFORMATION
:
3805 case FILEID_FULL_DIRECTORY_INFORMATION
:
3806 case FILEID_BOTH_DIRECTORY_INFORMATION
:
3807 case SMB_FIND_FILE_POSIX_INFO
:
3816 static int smb2_calc_max_out_buf_len(struct ksmbd_work
*work
,
3817 unsigned short hdr2_len
,
3818 unsigned int out_buf_len
)
3822 if (out_buf_len
> work
->conn
->vals
->max_trans_size
)
3825 free_len
= (int)(work
->response_sz
-
3826 (get_rfc1002_len(work
->response_buf
) + 4)) -
3831 return min_t(int, out_buf_len
, free_len
);
3834 int smb2_query_dir(struct ksmbd_work
*work
)
3836 struct ksmbd_conn
*conn
= work
->conn
;
3837 struct smb2_query_directory_req
*req
;
3838 struct smb2_query_directory_rsp
*rsp
, *rsp_org
;
3839 struct ksmbd_share_config
*share
= work
->tcon
->share_conf
;
3840 struct ksmbd_file
*dir_fp
= NULL
;
3841 struct ksmbd_dir_info d_info
;
3843 char *srch_ptr
= NULL
;
3844 unsigned char srch_flag
;
3846 struct smb2_query_dir_private query_dir_private
= {NULL
, };
3848 rsp_org
= work
->response_buf
;
3849 WORK_BUFFERS(work
, req
, rsp
);
3851 if (ksmbd_override_fsids(work
)) {
3852 rsp
->hdr
.Status
= STATUS_NO_MEMORY
;
3853 smb2_set_err_rsp(work
);
3857 rc
= verify_info_level(req
->FileInformationClass
);
3863 dir_fp
= ksmbd_lookup_fd_slow(work
,
3864 le64_to_cpu(req
->VolatileFileId
),
3865 le64_to_cpu(req
->PersistentFileId
));
3871 if (!(dir_fp
->daccess
& FILE_LIST_DIRECTORY_LE
) ||
3872 inode_permission(file_mnt_user_ns(dir_fp
->filp
),
3873 file_inode(dir_fp
->filp
),
3874 MAY_READ
| MAY_EXEC
)) {
3875 pr_err("no right to enumerate directory (%pd)\n",
3876 dir_fp
->filp
->f_path
.dentry
);
3881 if (!S_ISDIR(file_inode(dir_fp
->filp
)->i_mode
)) {
3882 pr_err("can't do query dir for a file\n");
3887 srch_flag
= req
->Flags
;
3888 srch_ptr
= smb_strndup_from_utf16(req
->Buffer
,
3889 le16_to_cpu(req
->FileNameLength
), 1,
3891 if (IS_ERR(srch_ptr
)) {
3892 ksmbd_debug(SMB
, "Search Pattern not found\n");
3896 ksmbd_debug(SMB
, "Search pattern is %s\n", srch_ptr
);
3899 ksmbd_debug(SMB
, "Directory name is %s\n", dir_fp
->filename
);
3901 if (srch_flag
& SMB2_REOPEN
|| srch_flag
& SMB2_RESTART_SCANS
) {
3902 ksmbd_debug(SMB
, "Restart directory scan\n");
3903 generic_file_llseek(dir_fp
->filp
, 0, SEEK_SET
);
3904 restart_ctx(&dir_fp
->readdir_data
.ctx
);
3907 memset(&d_info
, 0, sizeof(struct ksmbd_dir_info
));
3908 d_info
.wptr
= (char *)rsp
->Buffer
;
3909 d_info
.rptr
= (char *)rsp
->Buffer
;
3910 d_info
.out_buf_len
=
3911 smb2_calc_max_out_buf_len(work
, 8,
3912 le32_to_cpu(req
->OutputBufferLength
));
3913 if (d_info
.out_buf_len
< 0) {
3917 d_info
.flags
= srch_flag
;
3920 * reserve dot and dotdot entries in head of buffer
3923 rc
= ksmbd_populate_dot_dotdot_entries(work
, req
->FileInformationClass
,
3924 dir_fp
, &d_info
, srch_ptr
,
3925 smb2_populate_readdir_entry
);
3931 if (test_share_config_flag(share
, KSMBD_SHARE_FLAG_HIDE_DOT_FILES
))
3932 d_info
.hide_dot_file
= true;
3934 buffer_sz
= d_info
.out_buf_len
;
3935 d_info
.rptr
= d_info
.wptr
;
3936 query_dir_private
.work
= work
;
3937 query_dir_private
.search_pattern
= srch_ptr
;
3938 query_dir_private
.dir_fp
= dir_fp
;
3939 query_dir_private
.d_info
= &d_info
;
3940 query_dir_private
.info_level
= req
->FileInformationClass
;
3941 dir_fp
->readdir_data
.private = &query_dir_private
;
3942 set_ctx_actor(&dir_fp
->readdir_data
.ctx
, __query_dir
);
3944 rc
= iterate_dir(dir_fp
->filp
, &dir_fp
->readdir_data
.ctx
);
3946 restart_ctx(&dir_fp
->readdir_data
.ctx
);
3952 d_info
.wptr
= d_info
.rptr
;
3953 d_info
.out_buf_len
= buffer_sz
;
3954 rc
= process_query_dir_entries(&query_dir_private
);
3958 if (!d_info
.data_count
&& d_info
.out_buf_len
>= 0) {
3959 if (srch_flag
& SMB2_RETURN_SINGLE_ENTRY
&& !is_asterisk(srch_ptr
)) {
3960 rsp
->hdr
.Status
= STATUS_NO_SUCH_FILE
;
3962 dir_fp
->dot_dotdot
[0] = dir_fp
->dot_dotdot
[1] = 0;
3963 rsp
->hdr
.Status
= STATUS_NO_MORE_FILES
;
3965 rsp
->StructureSize
= cpu_to_le16(9);
3966 rsp
->OutputBufferOffset
= cpu_to_le16(0);
3967 rsp
->OutputBufferLength
= cpu_to_le32(0);
3969 inc_rfc1001_len(rsp_org
, 9);
3971 ((struct file_directory_info
*)
3972 ((char *)rsp
->Buffer
+ d_info
.last_entry_offset
))
3973 ->NextEntryOffset
= 0;
3975 rsp
->StructureSize
= cpu_to_le16(9);
3976 rsp
->OutputBufferOffset
= cpu_to_le16(72);
3977 rsp
->OutputBufferLength
= cpu_to_le32(d_info
.data_count
);
3978 inc_rfc1001_len(rsp_org
, 8 + d_info
.data_count
);
3982 ksmbd_fd_put(work
, dir_fp
);
3983 ksmbd_revert_fsids(work
);
3987 pr_err("error while processing smb2 query dir rc = %d\n", rc
);
3992 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
3993 else if (rc
== -EACCES
)
3994 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
3995 else if (rc
== -ENOENT
)
3996 rsp
->hdr
.Status
= STATUS_NO_SUCH_FILE
;
3997 else if (rc
== -EBADF
)
3998 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
3999 else if (rc
== -ENOMEM
)
4000 rsp
->hdr
.Status
= STATUS_NO_MEMORY
;
4001 else if (rc
== -EFAULT
)
4002 rsp
->hdr
.Status
= STATUS_INVALID_INFO_CLASS
;
4003 if (!rsp
->hdr
.Status
)
4004 rsp
->hdr
.Status
= STATUS_UNEXPECTED_IO_ERROR
;
4006 smb2_set_err_rsp(work
);
4007 ksmbd_fd_put(work
, dir_fp
);
4008 ksmbd_revert_fsids(work
);
4013 * buffer_check_err() - helper function to check buffer errors
4014 * @reqOutputBufferLength: max buffer length expected in command response
4015 * @rsp: query info response buffer contains output buffer length
4016 * @infoclass_size: query info class response buffer size
4018 * Return: 0 on success, otherwise error
4020 static int buffer_check_err(int reqOutputBufferLength
,
4021 struct smb2_query_info_rsp
*rsp
, int infoclass_size
)
4023 if (reqOutputBufferLength
< le32_to_cpu(rsp
->OutputBufferLength
)) {
4024 if (reqOutputBufferLength
< infoclass_size
) {
4025 pr_err("Invalid Buffer Size Requested\n");
4026 rsp
->hdr
.Status
= STATUS_INFO_LENGTH_MISMATCH
;
4027 rsp
->hdr
.smb2_buf_length
= cpu_to_be32(sizeof(struct smb2_hdr
) - 4);
4031 ksmbd_debug(SMB
, "Buffer Overflow\n");
4032 rsp
->hdr
.Status
= STATUS_BUFFER_OVERFLOW
;
4033 rsp
->hdr
.smb2_buf_length
= cpu_to_be32(sizeof(struct smb2_hdr
) - 4 +
4034 reqOutputBufferLength
);
4035 rsp
->OutputBufferLength
= cpu_to_le32(reqOutputBufferLength
);
4040 static void get_standard_info_pipe(struct smb2_query_info_rsp
*rsp
)
4042 struct smb2_file_standard_info
*sinfo
;
4044 sinfo
= (struct smb2_file_standard_info
*)rsp
->Buffer
;
4046 sinfo
->AllocationSize
= cpu_to_le64(4096);
4047 sinfo
->EndOfFile
= cpu_to_le64(0);
4048 sinfo
->NumberOfLinks
= cpu_to_le32(1);
4049 sinfo
->DeletePending
= 1;
4050 sinfo
->Directory
= 0;
4051 rsp
->OutputBufferLength
=
4052 cpu_to_le32(sizeof(struct smb2_file_standard_info
));
4053 inc_rfc1001_len(rsp
, sizeof(struct smb2_file_standard_info
));
4056 static void get_internal_info_pipe(struct smb2_query_info_rsp
*rsp
, u64 num
)
4058 struct smb2_file_internal_info
*file_info
;
4060 file_info
= (struct smb2_file_internal_info
*)rsp
->Buffer
;
4062 /* any unique number */
4063 file_info
->IndexNumber
= cpu_to_le64(num
| (1ULL << 63));
4064 rsp
->OutputBufferLength
=
4065 cpu_to_le32(sizeof(struct smb2_file_internal_info
));
4066 inc_rfc1001_len(rsp
, sizeof(struct smb2_file_internal_info
));
4069 static int smb2_get_info_file_pipe(struct ksmbd_session
*sess
,
4070 struct smb2_query_info_req
*req
,
4071 struct smb2_query_info_rsp
*rsp
)
4077 * Windows can sometime send query file info request on
4078 * pipe without opening it, checking error condition here
4080 id
= le64_to_cpu(req
->VolatileFileId
);
4081 if (!ksmbd_session_rpc_method(sess
, id
))
4084 ksmbd_debug(SMB
, "FileInfoClass %u, FileId 0x%llx\n",
4085 req
->FileInfoClass
, le64_to_cpu(req
->VolatileFileId
));
4087 switch (req
->FileInfoClass
) {
4088 case FILE_STANDARD_INFORMATION
:
4089 get_standard_info_pipe(rsp
);
4090 rc
= buffer_check_err(le32_to_cpu(req
->OutputBufferLength
),
4091 rsp
, FILE_STANDARD_INFORMATION_SIZE
);
4093 case FILE_INTERNAL_INFORMATION
:
4094 get_internal_info_pipe(rsp
, id
);
4095 rc
= buffer_check_err(le32_to_cpu(req
->OutputBufferLength
),
4096 rsp
, FILE_INTERNAL_INFORMATION_SIZE
);
4099 ksmbd_debug(SMB
, "smb2_info_file_pipe for %u not supported\n",
4100 req
->FileInfoClass
);
4107 * smb2_get_ea() - handler for smb2 get extended attribute command
4108 * @work: smb work containing query info command buffer
4109 * @fp: ksmbd_file pointer
4110 * @req: get extended attribute request
4111 * @rsp: response buffer pointer
4112 * @rsp_org: base response buffer pointer in case of chained response
4114 * Return: 0 on success, otherwise error
4116 static int smb2_get_ea(struct ksmbd_work
*work
, struct ksmbd_file
*fp
,
4117 struct smb2_query_info_req
*req
,
4118 struct smb2_query_info_rsp
*rsp
, void *rsp_org
)
4120 struct smb2_ea_info
*eainfo
, *prev_eainfo
;
4121 char *name
, *ptr
, *xattr_list
= NULL
, *buf
;
4122 int rc
, name_len
, value_len
, xattr_list_len
, idx
;
4123 ssize_t buf_free_len
, alignment_bytes
, next_offset
, rsp_data_cnt
= 0;
4124 struct smb2_ea_info_req
*ea_req
= NULL
;
4126 struct user_namespace
*user_ns
= file_mnt_user_ns(fp
->filp
);
4128 if (!(fp
->daccess
& FILE_READ_EA_LE
)) {
4129 pr_err("Not permitted to read ext attr : 0x%x\n",
4134 path
= &fp
->filp
->f_path
;
4135 /* single EA entry is requested with given user.* name */
4136 if (req
->InputBufferLength
) {
4137 if (le32_to_cpu(req
->InputBufferLength
) <
4138 sizeof(struct smb2_ea_info_req
))
4141 ea_req
= (struct smb2_ea_info_req
*)req
->Buffer
;
4143 /* need to send all EAs, if no specific EA is requested*/
4144 if (le32_to_cpu(req
->Flags
) & SL_RETURN_SINGLE_ENTRY
)
4146 "All EAs are requested but need to send single EA entry in rsp flags 0x%x\n",
4147 le32_to_cpu(req
->Flags
));
4151 smb2_calc_max_out_buf_len(work
, 8,
4152 le32_to_cpu(req
->OutputBufferLength
));
4153 if (buf_free_len
< 0)
4156 rc
= ksmbd_vfs_listxattr(path
->dentry
, &xattr_list
);
4158 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
4160 } else if (!rc
) { /* there is no EA in the file */
4161 ksmbd_debug(SMB
, "no ea data in the file\n");
4164 xattr_list_len
= rc
;
4166 ptr
= (char *)rsp
->Buffer
;
4167 eainfo
= (struct smb2_ea_info
*)ptr
;
4168 prev_eainfo
= eainfo
;
4171 while (idx
< xattr_list_len
) {
4172 name
= xattr_list
+ idx
;
4173 name_len
= strlen(name
);
4175 ksmbd_debug(SMB
, "%s, len %d\n", name
, name_len
);
4176 idx
+= name_len
+ 1;
4179 * CIFS does not support EA other than user.* namespace,
4180 * still keep the framework generic, to list other attrs
4183 if (strncmp(name
, XATTR_USER_PREFIX
, XATTR_USER_PREFIX_LEN
))
4186 if (!strncmp(&name
[XATTR_USER_PREFIX_LEN
], STREAM_PREFIX
,
4190 if (req
->InputBufferLength
&&
4191 strncmp(&name
[XATTR_USER_PREFIX_LEN
], ea_req
->name
,
4192 ea_req
->EaNameLength
))
4195 if (!strncmp(&name
[XATTR_USER_PREFIX_LEN
],
4196 DOS_ATTRIBUTE_PREFIX
, DOS_ATTRIBUTE_PREFIX_LEN
))
4199 if (!strncmp(name
, XATTR_USER_PREFIX
, XATTR_USER_PREFIX_LEN
))
4200 name_len
-= XATTR_USER_PREFIX_LEN
;
4202 ptr
= (char *)(&eainfo
->name
+ name_len
+ 1);
4203 buf_free_len
-= (offsetof(struct smb2_ea_info
, name
) +
4205 /* bailout if xattr can't fit in buf_free_len */
4206 value_len
= ksmbd_vfs_getxattr(user_ns
, path
->dentry
,
4208 if (value_len
<= 0) {
4210 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
4214 buf_free_len
-= value_len
;
4215 if (buf_free_len
< 0) {
4220 memcpy(ptr
, buf
, value_len
);
4225 eainfo
->EaNameLength
= name_len
;
4227 if (!strncmp(name
, XATTR_USER_PREFIX
, XATTR_USER_PREFIX_LEN
))
4228 memcpy(eainfo
->name
, &name
[XATTR_USER_PREFIX_LEN
],
4231 memcpy(eainfo
->name
, name
, name_len
);
4233 eainfo
->name
[name_len
] = '\0';
4234 eainfo
->EaValueLength
= cpu_to_le16(value_len
);
4235 next_offset
= offsetof(struct smb2_ea_info
, name
) +
4236 name_len
+ 1 + value_len
;
4238 /* align next xattr entry at 4 byte bundary */
4239 alignment_bytes
= ((next_offset
+ 3) & ~3) - next_offset
;
4240 if (alignment_bytes
) {
4241 memset(ptr
, '\0', alignment_bytes
);
4242 ptr
+= alignment_bytes
;
4243 next_offset
+= alignment_bytes
;
4244 buf_free_len
-= alignment_bytes
;
4246 eainfo
->NextEntryOffset
= cpu_to_le32(next_offset
);
4247 prev_eainfo
= eainfo
;
4248 eainfo
= (struct smb2_ea_info
*)ptr
;
4249 rsp_data_cnt
+= next_offset
;
4251 if (req
->InputBufferLength
) {
4252 ksmbd_debug(SMB
, "single entry requested\n");
4257 /* no more ea entries */
4258 prev_eainfo
->NextEntryOffset
= 0;
4261 if (rsp_data_cnt
== 0)
4262 rsp
->hdr
.Status
= STATUS_NO_EAS_ON_FILE
;
4263 rsp
->OutputBufferLength
= cpu_to_le32(rsp_data_cnt
);
4264 inc_rfc1001_len(rsp_org
, rsp_data_cnt
);
4270 static void get_file_access_info(struct smb2_query_info_rsp
*rsp
,
4271 struct ksmbd_file
*fp
, void *rsp_org
)
4273 struct smb2_file_access_info
*file_info
;
4275 file_info
= (struct smb2_file_access_info
*)rsp
->Buffer
;
4276 file_info
->AccessFlags
= fp
->daccess
;
4277 rsp
->OutputBufferLength
=
4278 cpu_to_le32(sizeof(struct smb2_file_access_info
));
4279 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_access_info
));
4282 static int get_file_basic_info(struct smb2_query_info_rsp
*rsp
,
4283 struct ksmbd_file
*fp
, void *rsp_org
)
4285 struct smb2_file_basic_info
*basic_info
;
4289 if (!(fp
->daccess
& FILE_READ_ATTRIBUTES_LE
)) {
4290 pr_err("no right to read the attributes : 0x%x\n",
4295 basic_info
= (struct smb2_file_basic_info
*)rsp
->Buffer
;
4296 generic_fillattr(file_mnt_user_ns(fp
->filp
), file_inode(fp
->filp
),
4298 basic_info
->CreationTime
= cpu_to_le64(fp
->create_time
);
4299 time
= ksmbd_UnixTimeToNT(stat
.atime
);
4300 basic_info
->LastAccessTime
= cpu_to_le64(time
);
4301 time
= ksmbd_UnixTimeToNT(stat
.mtime
);
4302 basic_info
->LastWriteTime
= cpu_to_le64(time
);
4303 time
= ksmbd_UnixTimeToNT(stat
.ctime
);
4304 basic_info
->ChangeTime
= cpu_to_le64(time
);
4305 basic_info
->Attributes
= fp
->f_ci
->m_fattr
;
4306 basic_info
->Pad1
= 0;
4307 rsp
->OutputBufferLength
=
4308 cpu_to_le32(sizeof(struct smb2_file_basic_info
));
4309 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_basic_info
));
4313 static unsigned long long get_allocation_size(struct inode
*inode
,
4316 unsigned long long alloc_size
= 0;
4318 if (!S_ISDIR(stat
->mode
)) {
4319 if ((inode
->i_blocks
<< 9) <= stat
->size
)
4320 alloc_size
= stat
->size
;
4322 alloc_size
= inode
->i_blocks
<< 9;
4328 static void get_file_standard_info(struct smb2_query_info_rsp
*rsp
,
4329 struct ksmbd_file
*fp
, void *rsp_org
)
4331 struct smb2_file_standard_info
*sinfo
;
4332 unsigned int delete_pending
;
4333 struct inode
*inode
;
4336 inode
= file_inode(fp
->filp
);
4337 generic_fillattr(file_mnt_user_ns(fp
->filp
), inode
, &stat
);
4339 sinfo
= (struct smb2_file_standard_info
*)rsp
->Buffer
;
4340 delete_pending
= ksmbd_inode_pending_delete(fp
);
4342 sinfo
->AllocationSize
= cpu_to_le64(get_allocation_size(inode
, &stat
));
4343 sinfo
->EndOfFile
= S_ISDIR(stat
.mode
) ? 0 : cpu_to_le64(stat
.size
);
4344 sinfo
->NumberOfLinks
= cpu_to_le32(get_nlink(&stat
) - delete_pending
);
4345 sinfo
->DeletePending
= delete_pending
;
4346 sinfo
->Directory
= S_ISDIR(stat
.mode
) ? 1 : 0;
4347 rsp
->OutputBufferLength
=
4348 cpu_to_le32(sizeof(struct smb2_file_standard_info
));
4349 inc_rfc1001_len(rsp_org
,
4350 sizeof(struct smb2_file_standard_info
));
4353 static void get_file_alignment_info(struct smb2_query_info_rsp
*rsp
,
4356 struct smb2_file_alignment_info
*file_info
;
4358 file_info
= (struct smb2_file_alignment_info
*)rsp
->Buffer
;
4359 file_info
->AlignmentRequirement
= 0;
4360 rsp
->OutputBufferLength
=
4361 cpu_to_le32(sizeof(struct smb2_file_alignment_info
));
4362 inc_rfc1001_len(rsp_org
,
4363 sizeof(struct smb2_file_alignment_info
));
4366 static int get_file_all_info(struct ksmbd_work
*work
,
4367 struct smb2_query_info_rsp
*rsp
,
4368 struct ksmbd_file
*fp
,
4371 struct ksmbd_conn
*conn
= work
->conn
;
4372 struct smb2_file_all_info
*file_info
;
4373 unsigned int delete_pending
;
4374 struct inode
*inode
;
4380 if (!(fp
->daccess
& FILE_READ_ATTRIBUTES_LE
)) {
4381 ksmbd_debug(SMB
, "no right to read the attributes : 0x%x\n",
4386 filename
= convert_to_nt_pathname(fp
->filename
);
4390 inode
= file_inode(fp
->filp
);
4391 generic_fillattr(file_mnt_user_ns(fp
->filp
), inode
, &stat
);
4393 ksmbd_debug(SMB
, "filename = %s\n", filename
);
4394 delete_pending
= ksmbd_inode_pending_delete(fp
);
4395 file_info
= (struct smb2_file_all_info
*)rsp
->Buffer
;
4397 file_info
->CreationTime
= cpu_to_le64(fp
->create_time
);
4398 time
= ksmbd_UnixTimeToNT(stat
.atime
);
4399 file_info
->LastAccessTime
= cpu_to_le64(time
);
4400 time
= ksmbd_UnixTimeToNT(stat
.mtime
);
4401 file_info
->LastWriteTime
= cpu_to_le64(time
);
4402 time
= ksmbd_UnixTimeToNT(stat
.ctime
);
4403 file_info
->ChangeTime
= cpu_to_le64(time
);
4404 file_info
->Attributes
= fp
->f_ci
->m_fattr
;
4405 file_info
->Pad1
= 0;
4406 file_info
->AllocationSize
=
4407 cpu_to_le64(get_allocation_size(inode
, &stat
));
4408 file_info
->EndOfFile
= S_ISDIR(stat
.mode
) ? 0 : cpu_to_le64(stat
.size
);
4409 file_info
->NumberOfLinks
=
4410 cpu_to_le32(get_nlink(&stat
) - delete_pending
);
4411 file_info
->DeletePending
= delete_pending
;
4412 file_info
->Directory
= S_ISDIR(stat
.mode
) ? 1 : 0;
4413 file_info
->Pad2
= 0;
4414 file_info
->IndexNumber
= cpu_to_le64(stat
.ino
);
4415 file_info
->EASize
= 0;
4416 file_info
->AccessFlags
= fp
->daccess
;
4417 file_info
->CurrentByteOffset
= cpu_to_le64(fp
->filp
->f_pos
);
4418 file_info
->Mode
= fp
->coption
;
4419 file_info
->AlignmentRequirement
= 0;
4420 conv_len
= smbConvertToUTF16((__le16
*)file_info
->FileName
, filename
,
4421 PATH_MAX
, conn
->local_nls
, 0);
4423 file_info
->FileNameLength
= cpu_to_le32(conv_len
);
4424 rsp
->OutputBufferLength
=
4425 cpu_to_le32(sizeof(struct smb2_file_all_info
) + conv_len
- 1);
4427 inc_rfc1001_len(rsp_org
, le32_to_cpu(rsp
->OutputBufferLength
));
4431 static void get_file_alternate_info(struct ksmbd_work
*work
,
4432 struct smb2_query_info_rsp
*rsp
,
4433 struct ksmbd_file
*fp
,
4436 struct ksmbd_conn
*conn
= work
->conn
;
4437 struct smb2_file_alt_name_info
*file_info
;
4438 struct dentry
*dentry
= fp
->filp
->f_path
.dentry
;
4441 spin_lock(&dentry
->d_lock
);
4442 file_info
= (struct smb2_file_alt_name_info
*)rsp
->Buffer
;
4443 conv_len
= ksmbd_extract_shortname(conn
,
4444 dentry
->d_name
.name
,
4445 file_info
->FileName
);
4446 spin_unlock(&dentry
->d_lock
);
4447 file_info
->FileNameLength
= cpu_to_le32(conv_len
);
4448 rsp
->OutputBufferLength
=
4449 cpu_to_le32(sizeof(struct smb2_file_alt_name_info
) + conv_len
);
4450 inc_rfc1001_len(rsp_org
, le32_to_cpu(rsp
->OutputBufferLength
));
4453 static void get_file_stream_info(struct ksmbd_work
*work
,
4454 struct smb2_query_info_rsp
*rsp
,
4455 struct ksmbd_file
*fp
,
4458 struct ksmbd_conn
*conn
= work
->conn
;
4459 struct smb2_file_stream_info
*file_info
;
4460 char *stream_name
, *xattr_list
= NULL
, *stream_buf
;
4462 struct path
*path
= &fp
->filp
->f_path
;
4463 ssize_t xattr_list_len
;
4464 int nbytes
= 0, streamlen
, stream_name_len
, next
, idx
= 0;
4466 struct smb2_query_info_req
*req
= ksmbd_req_buf_next(work
);
4468 generic_fillattr(file_mnt_user_ns(fp
->filp
), file_inode(fp
->filp
),
4470 file_info
= (struct smb2_file_stream_info
*)rsp
->Buffer
;
4473 smb2_calc_max_out_buf_len(work
, 8,
4474 le32_to_cpu(req
->OutputBufferLength
));
4475 if (buf_free_len
< 0)
4478 xattr_list_len
= ksmbd_vfs_listxattr(path
->dentry
, &xattr_list
);
4479 if (xattr_list_len
< 0) {
4481 } else if (!xattr_list_len
) {
4482 ksmbd_debug(SMB
, "empty xattr in the file\n");
4486 while (idx
< xattr_list_len
) {
4487 stream_name
= xattr_list
+ idx
;
4488 streamlen
= strlen(stream_name
);
4489 idx
+= streamlen
+ 1;
4491 ksmbd_debug(SMB
, "%s, len %d\n", stream_name
, streamlen
);
4493 if (strncmp(&stream_name
[XATTR_USER_PREFIX_LEN
],
4494 STREAM_PREFIX
, STREAM_PREFIX_LEN
))
4497 stream_name_len
= streamlen
- (XATTR_USER_PREFIX_LEN
+
4499 streamlen
= stream_name_len
;
4503 stream_buf
= kmalloc(streamlen
+ 1, GFP_KERNEL
);
4507 streamlen
= snprintf(stream_buf
, streamlen
+ 1,
4508 ":%s", &stream_name
[XATTR_NAME_STREAM_LEN
]);
4510 next
= sizeof(struct smb2_file_stream_info
) + streamlen
* 2;
4511 if (next
> buf_free_len
) {
4516 file_info
= (struct smb2_file_stream_info
*)&rsp
->Buffer
[nbytes
];
4517 streamlen
= smbConvertToUTF16((__le16
*)file_info
->StreamName
,
4518 stream_buf
, streamlen
,
4519 conn
->local_nls
, 0);
4522 file_info
->StreamNameLength
= cpu_to_le32(streamlen
);
4523 file_info
->StreamSize
= cpu_to_le64(stream_name_len
);
4524 file_info
->StreamAllocationSize
= cpu_to_le64(stream_name_len
);
4527 buf_free_len
-= next
;
4528 file_info
->NextEntryOffset
= cpu_to_le32(next
);
4532 if (!S_ISDIR(stat
.mode
) &&
4533 buf_free_len
>= sizeof(struct smb2_file_stream_info
) + 7 * 2) {
4534 file_info
= (struct smb2_file_stream_info
*)
4535 &rsp
->Buffer
[nbytes
];
4536 streamlen
= smbConvertToUTF16((__le16
*)file_info
->StreamName
,
4537 "::$DATA", 7, conn
->local_nls
, 0);
4539 file_info
->StreamNameLength
= cpu_to_le32(streamlen
);
4540 file_info
->StreamSize
= cpu_to_le64(stat
.size
);
4541 file_info
->StreamAllocationSize
= cpu_to_le64(stat
.blocks
<< 9);
4542 nbytes
+= sizeof(struct smb2_file_stream_info
) + streamlen
;
4545 /* last entry offset should be 0 */
4546 file_info
->NextEntryOffset
= 0;
4549 rsp
->OutputBufferLength
= cpu_to_le32(nbytes
);
4550 inc_rfc1001_len(rsp_org
, nbytes
);
4553 static void get_file_internal_info(struct smb2_query_info_rsp
*rsp
,
4554 struct ksmbd_file
*fp
, void *rsp_org
)
4556 struct smb2_file_internal_info
*file_info
;
4559 generic_fillattr(file_mnt_user_ns(fp
->filp
), file_inode(fp
->filp
),
4561 file_info
= (struct smb2_file_internal_info
*)rsp
->Buffer
;
4562 file_info
->IndexNumber
= cpu_to_le64(stat
.ino
);
4563 rsp
->OutputBufferLength
=
4564 cpu_to_le32(sizeof(struct smb2_file_internal_info
));
4565 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_internal_info
));
4568 static int get_file_network_open_info(struct smb2_query_info_rsp
*rsp
,
4569 struct ksmbd_file
*fp
, void *rsp_org
)
4571 struct smb2_file_ntwrk_info
*file_info
;
4572 struct inode
*inode
;
4576 if (!(fp
->daccess
& FILE_READ_ATTRIBUTES_LE
)) {
4577 pr_err("no right to read the attributes : 0x%x\n",
4582 file_info
= (struct smb2_file_ntwrk_info
*)rsp
->Buffer
;
4584 inode
= file_inode(fp
->filp
);
4585 generic_fillattr(file_mnt_user_ns(fp
->filp
), inode
, &stat
);
4587 file_info
->CreationTime
= cpu_to_le64(fp
->create_time
);
4588 time
= ksmbd_UnixTimeToNT(stat
.atime
);
4589 file_info
->LastAccessTime
= cpu_to_le64(time
);
4590 time
= ksmbd_UnixTimeToNT(stat
.mtime
);
4591 file_info
->LastWriteTime
= cpu_to_le64(time
);
4592 time
= ksmbd_UnixTimeToNT(stat
.ctime
);
4593 file_info
->ChangeTime
= cpu_to_le64(time
);
4594 file_info
->Attributes
= fp
->f_ci
->m_fattr
;
4595 file_info
->AllocationSize
=
4596 cpu_to_le64(get_allocation_size(inode
, &stat
));
4597 file_info
->EndOfFile
= S_ISDIR(stat
.mode
) ? 0 : cpu_to_le64(stat
.size
);
4598 file_info
->Reserved
= cpu_to_le32(0);
4599 rsp
->OutputBufferLength
=
4600 cpu_to_le32(sizeof(struct smb2_file_ntwrk_info
));
4601 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_ntwrk_info
));
4605 static void get_file_ea_info(struct smb2_query_info_rsp
*rsp
, void *rsp_org
)
4607 struct smb2_file_ea_info
*file_info
;
4609 file_info
= (struct smb2_file_ea_info
*)rsp
->Buffer
;
4610 file_info
->EASize
= 0;
4611 rsp
->OutputBufferLength
=
4612 cpu_to_le32(sizeof(struct smb2_file_ea_info
));
4613 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_ea_info
));
4616 static void get_file_position_info(struct smb2_query_info_rsp
*rsp
,
4617 struct ksmbd_file
*fp
, void *rsp_org
)
4619 struct smb2_file_pos_info
*file_info
;
4621 file_info
= (struct smb2_file_pos_info
*)rsp
->Buffer
;
4622 file_info
->CurrentByteOffset
= cpu_to_le64(fp
->filp
->f_pos
);
4623 rsp
->OutputBufferLength
=
4624 cpu_to_le32(sizeof(struct smb2_file_pos_info
));
4625 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_pos_info
));
4628 static void get_file_mode_info(struct smb2_query_info_rsp
*rsp
,
4629 struct ksmbd_file
*fp
, void *rsp_org
)
4631 struct smb2_file_mode_info
*file_info
;
4633 file_info
= (struct smb2_file_mode_info
*)rsp
->Buffer
;
4634 file_info
->Mode
= fp
->coption
& FILE_MODE_INFO_MASK
;
4635 rsp
->OutputBufferLength
=
4636 cpu_to_le32(sizeof(struct smb2_file_mode_info
));
4637 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_mode_info
));
4640 static void get_file_compression_info(struct smb2_query_info_rsp
*rsp
,
4641 struct ksmbd_file
*fp
, void *rsp_org
)
4643 struct smb2_file_comp_info
*file_info
;
4646 generic_fillattr(file_mnt_user_ns(fp
->filp
), file_inode(fp
->filp
),
4649 file_info
= (struct smb2_file_comp_info
*)rsp
->Buffer
;
4650 file_info
->CompressedFileSize
= cpu_to_le64(stat
.blocks
<< 9);
4651 file_info
->CompressionFormat
= COMPRESSION_FORMAT_NONE
;
4652 file_info
->CompressionUnitShift
= 0;
4653 file_info
->ChunkShift
= 0;
4654 file_info
->ClusterShift
= 0;
4655 memset(&file_info
->Reserved
[0], 0, 3);
4657 rsp
->OutputBufferLength
=
4658 cpu_to_le32(sizeof(struct smb2_file_comp_info
));
4659 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_comp_info
));
4662 static int get_file_attribute_tag_info(struct smb2_query_info_rsp
*rsp
,
4663 struct ksmbd_file
*fp
, void *rsp_org
)
4665 struct smb2_file_attr_tag_info
*file_info
;
4667 if (!(fp
->daccess
& FILE_READ_ATTRIBUTES_LE
)) {
4668 pr_err("no right to read the attributes : 0x%x\n",
4673 file_info
= (struct smb2_file_attr_tag_info
*)rsp
->Buffer
;
4674 file_info
->FileAttributes
= fp
->f_ci
->m_fattr
;
4675 file_info
->ReparseTag
= 0;
4676 rsp
->OutputBufferLength
=
4677 cpu_to_le32(sizeof(struct smb2_file_attr_tag_info
));
4678 inc_rfc1001_len(rsp_org
, sizeof(struct smb2_file_attr_tag_info
));
4682 static int find_file_posix_info(struct smb2_query_info_rsp
*rsp
,
4683 struct ksmbd_file
*fp
, void *rsp_org
)
4685 struct smb311_posix_qinfo
*file_info
;
4686 struct inode
*inode
= file_inode(fp
->filp
);
4689 file_info
= (struct smb311_posix_qinfo
*)rsp
->Buffer
;
4690 file_info
->CreationTime
= cpu_to_le64(fp
->create_time
);
4691 time
= ksmbd_UnixTimeToNT(inode
->i_atime
);
4692 file_info
->LastAccessTime
= cpu_to_le64(time
);
4693 time
= ksmbd_UnixTimeToNT(inode
->i_mtime
);
4694 file_info
->LastWriteTime
= cpu_to_le64(time
);
4695 time
= ksmbd_UnixTimeToNT(inode
->i_ctime
);
4696 file_info
->ChangeTime
= cpu_to_le64(time
);
4697 file_info
->DosAttributes
= fp
->f_ci
->m_fattr
;
4698 file_info
->Inode
= cpu_to_le64(inode
->i_ino
);
4699 file_info
->EndOfFile
= cpu_to_le64(inode
->i_size
);
4700 file_info
->AllocationSize
= cpu_to_le64(inode
->i_blocks
<< 9);
4701 file_info
->HardLinks
= cpu_to_le32(inode
->i_nlink
);
4702 file_info
->Mode
= cpu_to_le32(inode
->i_mode
);
4703 file_info
->DeviceId
= cpu_to_le32(inode
->i_rdev
);
4704 rsp
->OutputBufferLength
=
4705 cpu_to_le32(sizeof(struct smb311_posix_qinfo
));
4706 inc_rfc1001_len(rsp_org
, sizeof(struct smb311_posix_qinfo
));
4710 static int smb2_get_info_file(struct ksmbd_work
*work
,
4711 struct smb2_query_info_req
*req
,
4712 struct smb2_query_info_rsp
*rsp
, void *rsp_org
)
4714 struct ksmbd_file
*fp
;
4715 int fileinfoclass
= 0;
4717 int file_infoclass_size
;
4718 unsigned int id
= KSMBD_NO_FID
, pid
= KSMBD_NO_FID
;
4720 if (test_share_config_flag(work
->tcon
->share_conf
,
4721 KSMBD_SHARE_FLAG_PIPE
)) {
4722 /* smb2 info file called for pipe */
4723 return smb2_get_info_file_pipe(work
->sess
, req
, rsp
);
4726 if (work
->next_smb2_rcv_hdr_off
) {
4727 if (!has_file_id(le64_to_cpu(req
->VolatileFileId
))) {
4728 ksmbd_debug(SMB
, "Compound request set FID = %llu\n",
4729 work
->compound_fid
);
4730 id
= work
->compound_fid
;
4731 pid
= work
->compound_pfid
;
4735 if (!has_file_id(id
)) {
4736 id
= le64_to_cpu(req
->VolatileFileId
);
4737 pid
= le64_to_cpu(req
->PersistentFileId
);
4740 fp
= ksmbd_lookup_fd_slow(work
, id
, pid
);
4744 fileinfoclass
= req
->FileInfoClass
;
4746 switch (fileinfoclass
) {
4747 case FILE_ACCESS_INFORMATION
:
4748 get_file_access_info(rsp
, fp
, rsp_org
);
4749 file_infoclass_size
= FILE_ACCESS_INFORMATION_SIZE
;
4752 case FILE_BASIC_INFORMATION
:
4753 rc
= get_file_basic_info(rsp
, fp
, rsp_org
);
4754 file_infoclass_size
= FILE_BASIC_INFORMATION_SIZE
;
4757 case FILE_STANDARD_INFORMATION
:
4758 get_file_standard_info(rsp
, fp
, rsp_org
);
4759 file_infoclass_size
= FILE_STANDARD_INFORMATION_SIZE
;
4762 case FILE_ALIGNMENT_INFORMATION
:
4763 get_file_alignment_info(rsp
, rsp_org
);
4764 file_infoclass_size
= FILE_ALIGNMENT_INFORMATION_SIZE
;
4767 case FILE_ALL_INFORMATION
:
4768 rc
= get_file_all_info(work
, rsp
, fp
, rsp_org
);
4769 file_infoclass_size
= FILE_ALL_INFORMATION_SIZE
;
4772 case FILE_ALTERNATE_NAME_INFORMATION
:
4773 get_file_alternate_info(work
, rsp
, fp
, rsp_org
);
4774 file_infoclass_size
= FILE_ALTERNATE_NAME_INFORMATION_SIZE
;
4777 case FILE_STREAM_INFORMATION
:
4778 get_file_stream_info(work
, rsp
, fp
, rsp_org
);
4779 file_infoclass_size
= FILE_STREAM_INFORMATION_SIZE
;
4782 case FILE_INTERNAL_INFORMATION
:
4783 get_file_internal_info(rsp
, fp
, rsp_org
);
4784 file_infoclass_size
= FILE_INTERNAL_INFORMATION_SIZE
;
4787 case FILE_NETWORK_OPEN_INFORMATION
:
4788 rc
= get_file_network_open_info(rsp
, fp
, rsp_org
);
4789 file_infoclass_size
= FILE_NETWORK_OPEN_INFORMATION_SIZE
;
4792 case FILE_EA_INFORMATION
:
4793 get_file_ea_info(rsp
, rsp_org
);
4794 file_infoclass_size
= FILE_EA_INFORMATION_SIZE
;
4797 case FILE_FULL_EA_INFORMATION
:
4798 rc
= smb2_get_ea(work
, fp
, req
, rsp
, rsp_org
);
4799 file_infoclass_size
= FILE_FULL_EA_INFORMATION_SIZE
;
4802 case FILE_POSITION_INFORMATION
:
4803 get_file_position_info(rsp
, fp
, rsp_org
);
4804 file_infoclass_size
= FILE_POSITION_INFORMATION_SIZE
;
4807 case FILE_MODE_INFORMATION
:
4808 get_file_mode_info(rsp
, fp
, rsp_org
);
4809 file_infoclass_size
= FILE_MODE_INFORMATION_SIZE
;
4812 case FILE_COMPRESSION_INFORMATION
:
4813 get_file_compression_info(rsp
, fp
, rsp_org
);
4814 file_infoclass_size
= FILE_COMPRESSION_INFORMATION_SIZE
;
4817 case FILE_ATTRIBUTE_TAG_INFORMATION
:
4818 rc
= get_file_attribute_tag_info(rsp
, fp
, rsp_org
);
4819 file_infoclass_size
= FILE_ATTRIBUTE_TAG_INFORMATION_SIZE
;
4821 case SMB_FIND_FILE_POSIX_INFO
:
4822 if (!work
->tcon
->posix_extensions
) {
4823 pr_err("client doesn't negotiate with SMB3.1.1 POSIX Extensions\n");
4826 rc
= find_file_posix_info(rsp
, fp
, rsp_org
);
4827 file_infoclass_size
= sizeof(struct smb311_posix_qinfo
);
4831 ksmbd_debug(SMB
, "fileinfoclass %d not supported yet\n",
4836 rc
= buffer_check_err(le32_to_cpu(req
->OutputBufferLength
),
4838 file_infoclass_size
);
4839 ksmbd_fd_put(work
, fp
);
4843 static int smb2_get_info_filesystem(struct ksmbd_work
*work
,
4844 struct smb2_query_info_req
*req
,
4845 struct smb2_query_info_rsp
*rsp
, void *rsp_org
)
4847 struct ksmbd_session
*sess
= work
->sess
;
4848 struct ksmbd_conn
*conn
= sess
->conn
;
4849 struct ksmbd_share_config
*share
= work
->tcon
->share_conf
;
4850 int fsinfoclass
= 0;
4851 struct kstatfs stfs
;
4854 int fs_infoclass_size
= 0;
4856 rc
= kern_path(share
->path
, LOOKUP_NO_SYMLINKS
, &path
);
4858 pr_err("cannot create vfs path\n");
4862 rc
= vfs_statfs(&path
, &stfs
);
4864 pr_err("cannot do stat of path %s\n", share
->path
);
4869 fsinfoclass
= req
->FileInfoClass
;
4871 switch (fsinfoclass
) {
4872 case FS_DEVICE_INFORMATION
:
4874 struct filesystem_device_info
*info
;
4876 info
= (struct filesystem_device_info
*)rsp
->Buffer
;
4878 info
->DeviceType
= cpu_to_le32(stfs
.f_type
);
4879 info
->DeviceCharacteristics
= cpu_to_le32(0x00000020);
4880 rsp
->OutputBufferLength
= cpu_to_le32(8);
4881 inc_rfc1001_len(rsp_org
, 8);
4882 fs_infoclass_size
= FS_DEVICE_INFORMATION_SIZE
;
4885 case FS_ATTRIBUTE_INFORMATION
:
4887 struct filesystem_attribute_info
*info
;
4890 info
= (struct filesystem_attribute_info
*)rsp
->Buffer
;
4891 info
->Attributes
= cpu_to_le32(FILE_SUPPORTS_OBJECT_IDS
|
4892 FILE_PERSISTENT_ACLS
|
4893 FILE_UNICODE_ON_DISK
|
4894 FILE_CASE_PRESERVED_NAMES
|
4895 FILE_CASE_SENSITIVE_SEARCH
|
4896 FILE_SUPPORTS_BLOCK_REFCOUNTING
);
4898 info
->Attributes
|= cpu_to_le32(server_conf
.share_fake_fscaps
);
4900 info
->MaxPathNameComponentLength
= cpu_to_le32(stfs
.f_namelen
);
4901 len
= smbConvertToUTF16((__le16
*)info
->FileSystemName
,
4902 "NTFS", PATH_MAX
, conn
->local_nls
, 0);
4904 info
->FileSystemNameLen
= cpu_to_le32(len
);
4905 sz
= sizeof(struct filesystem_attribute_info
) - 2 + len
;
4906 rsp
->OutputBufferLength
= cpu_to_le32(sz
);
4907 inc_rfc1001_len(rsp_org
, sz
);
4908 fs_infoclass_size
= FS_ATTRIBUTE_INFORMATION_SIZE
;
4911 case FS_VOLUME_INFORMATION
:
4913 struct filesystem_vol_info
*info
;
4915 unsigned int serial_crc
= 0;
4917 info
= (struct filesystem_vol_info
*)(rsp
->Buffer
);
4918 info
->VolumeCreationTime
= 0;
4919 serial_crc
= crc32_le(serial_crc
, share
->name
,
4920 strlen(share
->name
));
4921 serial_crc
= crc32_le(serial_crc
, share
->path
,
4922 strlen(share
->path
));
4923 serial_crc
= crc32_le(serial_crc
, ksmbd_netbios_name(),
4924 strlen(ksmbd_netbios_name()));
4925 /* Taking dummy value of serial number*/
4926 info
->SerialNumber
= cpu_to_le32(serial_crc
);
4927 len
= smbConvertToUTF16((__le16
*)info
->VolumeLabel
,
4928 share
->name
, PATH_MAX
,
4929 conn
->local_nls
, 0);
4931 info
->VolumeLabelSize
= cpu_to_le32(len
);
4933 sz
= sizeof(struct filesystem_vol_info
) - 2 + len
;
4934 rsp
->OutputBufferLength
= cpu_to_le32(sz
);
4935 inc_rfc1001_len(rsp_org
, sz
);
4936 fs_infoclass_size
= FS_VOLUME_INFORMATION_SIZE
;
4939 case FS_SIZE_INFORMATION
:
4941 struct filesystem_info
*info
;
4943 info
= (struct filesystem_info
*)(rsp
->Buffer
);
4944 info
->TotalAllocationUnits
= cpu_to_le64(stfs
.f_blocks
);
4945 info
->FreeAllocationUnits
= cpu_to_le64(stfs
.f_bfree
);
4946 info
->SectorsPerAllocationUnit
= cpu_to_le32(1);
4947 info
->BytesPerSector
= cpu_to_le32(stfs
.f_bsize
);
4948 rsp
->OutputBufferLength
= cpu_to_le32(24);
4949 inc_rfc1001_len(rsp_org
, 24);
4950 fs_infoclass_size
= FS_SIZE_INFORMATION_SIZE
;
4953 case FS_FULL_SIZE_INFORMATION
:
4955 struct smb2_fs_full_size_info
*info
;
4957 info
= (struct smb2_fs_full_size_info
*)(rsp
->Buffer
);
4958 info
->TotalAllocationUnits
= cpu_to_le64(stfs
.f_blocks
);
4959 info
->CallerAvailableAllocationUnits
=
4960 cpu_to_le64(stfs
.f_bavail
);
4961 info
->ActualAvailableAllocationUnits
=
4962 cpu_to_le64(stfs
.f_bfree
);
4963 info
->SectorsPerAllocationUnit
= cpu_to_le32(1);
4964 info
->BytesPerSector
= cpu_to_le32(stfs
.f_bsize
);
4965 rsp
->OutputBufferLength
= cpu_to_le32(32);
4966 inc_rfc1001_len(rsp_org
, 32);
4967 fs_infoclass_size
= FS_FULL_SIZE_INFORMATION_SIZE
;
4970 case FS_OBJECT_ID_INFORMATION
:
4972 struct object_id_info
*info
;
4974 info
= (struct object_id_info
*)(rsp
->Buffer
);
4976 if (!user_guest(sess
->user
))
4977 memcpy(info
->objid
, user_passkey(sess
->user
), 16);
4979 memset(info
->objid
, 0, 16);
4981 info
->extended_info
.magic
= cpu_to_le32(EXTENDED_INFO_MAGIC
);
4982 info
->extended_info
.version
= cpu_to_le32(1);
4983 info
->extended_info
.release
= cpu_to_le32(1);
4984 info
->extended_info
.rel_date
= 0;
4985 memcpy(info
->extended_info
.version_string
, "1.1.0", strlen("1.1.0"));
4986 rsp
->OutputBufferLength
= cpu_to_le32(64);
4987 inc_rfc1001_len(rsp_org
, 64);
4988 fs_infoclass_size
= FS_OBJECT_ID_INFORMATION_SIZE
;
4991 case FS_SECTOR_SIZE_INFORMATION
:
4993 struct smb3_fs_ss_info
*info
;
4995 info
= (struct smb3_fs_ss_info
*)(rsp
->Buffer
);
4997 info
->LogicalBytesPerSector
= cpu_to_le32(stfs
.f_bsize
);
4998 info
->PhysicalBytesPerSectorForAtomicity
=
4999 cpu_to_le32(stfs
.f_bsize
);
5000 info
->PhysicalBytesPerSectorForPerf
= cpu_to_le32(stfs
.f_bsize
);
5001 info
->FSEffPhysicalBytesPerSectorForAtomicity
=
5002 cpu_to_le32(stfs
.f_bsize
);
5003 info
->Flags
= cpu_to_le32(SSINFO_FLAGS_ALIGNED_DEVICE
|
5004 SSINFO_FLAGS_PARTITION_ALIGNED_ON_DEVICE
);
5005 info
->ByteOffsetForSectorAlignment
= 0;
5006 info
->ByteOffsetForPartitionAlignment
= 0;
5007 rsp
->OutputBufferLength
= cpu_to_le32(28);
5008 inc_rfc1001_len(rsp_org
, 28);
5009 fs_infoclass_size
= FS_SECTOR_SIZE_INFORMATION_SIZE
;
5012 case FS_CONTROL_INFORMATION
:
5015 * TODO : The current implementation is based on
5016 * test result with win7(NTFS) server. It's need to
5017 * modify this to get valid Quota values
5020 struct smb2_fs_control_info
*info
;
5022 info
= (struct smb2_fs_control_info
*)(rsp
->Buffer
);
5023 info
->FreeSpaceStartFiltering
= 0;
5024 info
->FreeSpaceThreshold
= 0;
5025 info
->FreeSpaceStopFiltering
= 0;
5026 info
->DefaultQuotaThreshold
= cpu_to_le64(SMB2_NO_FID
);
5027 info
->DefaultQuotaLimit
= cpu_to_le64(SMB2_NO_FID
);
5029 rsp
->OutputBufferLength
= cpu_to_le32(48);
5030 inc_rfc1001_len(rsp_org
, 48);
5031 fs_infoclass_size
= FS_CONTROL_INFORMATION_SIZE
;
5034 case FS_POSIX_INFORMATION
:
5036 struct filesystem_posix_info
*info
;
5038 if (!work
->tcon
->posix_extensions
) {
5039 pr_err("client doesn't negotiate with SMB3.1.1 POSIX Extensions\n");
5042 info
= (struct filesystem_posix_info
*)(rsp
->Buffer
);
5043 info
->OptimalTransferSize
= cpu_to_le32(stfs
.f_bsize
);
5044 info
->BlockSize
= cpu_to_le32(stfs
.f_bsize
);
5045 info
->TotalBlocks
= cpu_to_le64(stfs
.f_blocks
);
5046 info
->BlocksAvail
= cpu_to_le64(stfs
.f_bfree
);
5047 info
->UserBlocksAvail
= cpu_to_le64(stfs
.f_bavail
);
5048 info
->TotalFileNodes
= cpu_to_le64(stfs
.f_files
);
5049 info
->FreeFileNodes
= cpu_to_le64(stfs
.f_ffree
);
5050 rsp
->OutputBufferLength
= cpu_to_le32(56);
5051 inc_rfc1001_len(rsp_org
, 56);
5052 fs_infoclass_size
= FS_POSIX_INFORMATION_SIZE
;
5060 rc
= buffer_check_err(le32_to_cpu(req
->OutputBufferLength
),
5067 static int smb2_get_info_sec(struct ksmbd_work
*work
,
5068 struct smb2_query_info_req
*req
,
5069 struct smb2_query_info_rsp
*rsp
, void *rsp_org
)
5071 struct ksmbd_file
*fp
;
5072 struct user_namespace
*user_ns
;
5073 struct smb_ntsd
*pntsd
= (struct smb_ntsd
*)rsp
->Buffer
, *ppntsd
= NULL
;
5074 struct smb_fattr fattr
= {{0}};
5075 struct inode
*inode
;
5077 unsigned int id
= KSMBD_NO_FID
, pid
= KSMBD_NO_FID
;
5078 int addition_info
= le32_to_cpu(req
->AdditionalInformation
);
5081 if (addition_info
& ~(OWNER_SECINFO
| GROUP_SECINFO
| DACL_SECINFO
|
5082 PROTECTED_DACL_SECINFO
|
5083 UNPROTECTED_DACL_SECINFO
)) {
5084 ksmbd_debug(SMB
, "Unsupported addition info: 0x%x)\n",
5087 pntsd
->revision
= cpu_to_le16(1);
5088 pntsd
->type
= cpu_to_le16(SELF_RELATIVE
| DACL_PROTECTED
);
5089 pntsd
->osidoffset
= 0;
5090 pntsd
->gsidoffset
= 0;
5091 pntsd
->sacloffset
= 0;
5092 pntsd
->dacloffset
= 0;
5094 secdesclen
= sizeof(struct smb_ntsd
);
5095 rsp
->OutputBufferLength
= cpu_to_le32(secdesclen
);
5096 inc_rfc1001_len(rsp_org
, secdesclen
);
5101 if (work
->next_smb2_rcv_hdr_off
) {
5102 if (!has_file_id(le64_to_cpu(req
->VolatileFileId
))) {
5103 ksmbd_debug(SMB
, "Compound request set FID = %llu\n",
5104 work
->compound_fid
);
5105 id
= work
->compound_fid
;
5106 pid
= work
->compound_pfid
;
5110 if (!has_file_id(id
)) {
5111 id
= le64_to_cpu(req
->VolatileFileId
);
5112 pid
= le64_to_cpu(req
->PersistentFileId
);
5115 fp
= ksmbd_lookup_fd_slow(work
, id
, pid
);
5119 user_ns
= file_mnt_user_ns(fp
->filp
);
5120 inode
= file_inode(fp
->filp
);
5121 ksmbd_acls_fattr(&fattr
, user_ns
, inode
);
5123 if (test_share_config_flag(work
->tcon
->share_conf
,
5124 KSMBD_SHARE_FLAG_ACL_XATTR
))
5125 ksmbd_vfs_get_sd_xattr(work
->conn
, user_ns
,
5126 fp
->filp
->f_path
.dentry
, &ppntsd
);
5128 rc
= build_sec_desc(user_ns
, pntsd
, ppntsd
, addition_info
,
5129 &secdesclen
, &fattr
);
5130 posix_acl_release(fattr
.cf_acls
);
5131 posix_acl_release(fattr
.cf_dacls
);
5133 ksmbd_fd_put(work
, fp
);
5137 rsp
->OutputBufferLength
= cpu_to_le32(secdesclen
);
5138 inc_rfc1001_len(rsp_org
, secdesclen
);
5143 * smb2_query_info() - handler for smb2 query info command
5144 * @work: smb work containing query info request buffer
5146 * Return: 0 on success, otherwise error
5148 int smb2_query_info(struct ksmbd_work
*work
)
5150 struct smb2_query_info_req
*req
;
5151 struct smb2_query_info_rsp
*rsp
, *rsp_org
;
5154 rsp_org
= work
->response_buf
;
5155 WORK_BUFFERS(work
, req
, rsp
);
5157 ksmbd_debug(SMB
, "GOT query info request\n");
5159 switch (req
->InfoType
) {
5160 case SMB2_O_INFO_FILE
:
5161 ksmbd_debug(SMB
, "GOT SMB2_O_INFO_FILE\n");
5162 rc
= smb2_get_info_file(work
, req
, rsp
, (void *)rsp_org
);
5164 case SMB2_O_INFO_FILESYSTEM
:
5165 ksmbd_debug(SMB
, "GOT SMB2_O_INFO_FILESYSTEM\n");
5166 rc
= smb2_get_info_filesystem(work
, req
, rsp
, (void *)rsp_org
);
5168 case SMB2_O_INFO_SECURITY
:
5169 ksmbd_debug(SMB
, "GOT SMB2_O_INFO_SECURITY\n");
5170 rc
= smb2_get_info_sec(work
, req
, rsp
, (void *)rsp_org
);
5173 ksmbd_debug(SMB
, "InfoType %d not supported yet\n",
5180 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
5181 else if (rc
== -ENOENT
)
5182 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
5183 else if (rc
== -EIO
)
5184 rsp
->hdr
.Status
= STATUS_UNEXPECTED_IO_ERROR
;
5185 else if (rc
== -EOPNOTSUPP
|| rsp
->hdr
.Status
== 0)
5186 rsp
->hdr
.Status
= STATUS_INVALID_INFO_CLASS
;
5187 smb2_set_err_rsp(work
);
5189 ksmbd_debug(SMB
, "error while processing smb2 query rc = %d\n",
5193 rsp
->StructureSize
= cpu_to_le16(9);
5194 rsp
->OutputBufferOffset
= cpu_to_le16(72);
5195 inc_rfc1001_len(rsp_org
, 8);
5200 * smb2_close_pipe() - handler for closing IPC pipe
5201 * @work: smb work containing close request buffer
5205 static noinline
int smb2_close_pipe(struct ksmbd_work
*work
)
5208 struct smb2_close_req
*req
= work
->request_buf
;
5209 struct smb2_close_rsp
*rsp
= work
->response_buf
;
5211 id
= le64_to_cpu(req
->VolatileFileId
);
5212 ksmbd_session_rpc_close(work
->sess
, id
);
5214 rsp
->StructureSize
= cpu_to_le16(60);
5217 rsp
->CreationTime
= 0;
5218 rsp
->LastAccessTime
= 0;
5219 rsp
->LastWriteTime
= 0;
5220 rsp
->ChangeTime
= 0;
5221 rsp
->AllocationSize
= 0;
5223 rsp
->Attributes
= 0;
5224 inc_rfc1001_len(rsp
, 60);
5229 * smb2_close() - handler for smb2 close file command
5230 * @work: smb work containing close request buffer
5234 int smb2_close(struct ksmbd_work
*work
)
5236 u64 volatile_id
= KSMBD_NO_FID
;
5238 struct smb2_close_req
*req
;
5239 struct smb2_close_rsp
*rsp
;
5240 struct smb2_close_rsp
*rsp_org
;
5241 struct ksmbd_conn
*conn
= work
->conn
;
5242 struct ksmbd_file
*fp
;
5243 struct inode
*inode
;
5247 rsp_org
= work
->response_buf
;
5248 WORK_BUFFERS(work
, req
, rsp
);
5250 if (test_share_config_flag(work
->tcon
->share_conf
,
5251 KSMBD_SHARE_FLAG_PIPE
)) {
5252 ksmbd_debug(SMB
, "IPC pipe close request\n");
5253 return smb2_close_pipe(work
);
5256 sess_id
= le64_to_cpu(req
->hdr
.SessionId
);
5257 if (req
->hdr
.Flags
& SMB2_FLAGS_RELATED_OPERATIONS
)
5258 sess_id
= work
->compound_sid
;
5260 work
->compound_sid
= 0;
5261 if (check_session_id(conn
, sess_id
)) {
5262 work
->compound_sid
= sess_id
;
5264 rsp
->hdr
.Status
= STATUS_USER_SESSION_DELETED
;
5265 if (req
->hdr
.Flags
& SMB2_FLAGS_RELATED_OPERATIONS
)
5266 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
5271 if (work
->next_smb2_rcv_hdr_off
&&
5272 !has_file_id(le64_to_cpu(req
->VolatileFileId
))) {
5273 if (!has_file_id(work
->compound_fid
)) {
5274 /* file already closed, return FILE_CLOSED */
5275 ksmbd_debug(SMB
, "file already closed\n");
5276 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
5281 "Compound request set FID = %llu:%llu\n",
5283 work
->compound_pfid
);
5284 volatile_id
= work
->compound_fid
;
5286 /* file closed, stored id is not valid anymore */
5287 work
->compound_fid
= KSMBD_NO_FID
;
5288 work
->compound_pfid
= KSMBD_NO_FID
;
5291 volatile_id
= le64_to_cpu(req
->VolatileFileId
);
5293 ksmbd_debug(SMB
, "volatile_id = %llu\n", volatile_id
);
5295 rsp
->StructureSize
= cpu_to_le16(60);
5298 if (req
->Flags
== SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB
) {
5299 fp
= ksmbd_lookup_fd_fast(work
, volatile_id
);
5305 inode
= file_inode(fp
->filp
);
5306 rsp
->Flags
= SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB
;
5307 rsp
->AllocationSize
= S_ISDIR(inode
->i_mode
) ? 0 :
5308 cpu_to_le64(inode
->i_blocks
<< 9);
5309 rsp
->EndOfFile
= cpu_to_le64(inode
->i_size
);
5310 rsp
->Attributes
= fp
->f_ci
->m_fattr
;
5311 rsp
->CreationTime
= cpu_to_le64(fp
->create_time
);
5312 time
= ksmbd_UnixTimeToNT(inode
->i_atime
);
5313 rsp
->LastAccessTime
= cpu_to_le64(time
);
5314 time
= ksmbd_UnixTimeToNT(inode
->i_mtime
);
5315 rsp
->LastWriteTime
= cpu_to_le64(time
);
5316 time
= ksmbd_UnixTimeToNT(inode
->i_ctime
);
5317 rsp
->ChangeTime
= cpu_to_le64(time
);
5318 ksmbd_fd_put(work
, fp
);
5321 rsp
->AllocationSize
= 0;
5323 rsp
->Attributes
= 0;
5324 rsp
->CreationTime
= 0;
5325 rsp
->LastAccessTime
= 0;
5326 rsp
->LastWriteTime
= 0;
5327 rsp
->ChangeTime
= 0;
5330 err
= ksmbd_close_fd(work
, volatile_id
);
5333 if (rsp
->hdr
.Status
== 0)
5334 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
5335 smb2_set_err_rsp(work
);
5337 inc_rfc1001_len(rsp_org
, 60);
5344 * smb2_echo() - handler for smb2 echo(ping) command
5345 * @work: smb work containing echo request buffer
5349 int smb2_echo(struct ksmbd_work
*work
)
5351 struct smb2_echo_rsp
*rsp
= work
->response_buf
;
5353 rsp
->StructureSize
= cpu_to_le16(4);
5355 inc_rfc1001_len(rsp
, 4);
5359 static int smb2_rename(struct ksmbd_work
*work
,
5360 struct ksmbd_file
*fp
,
5361 struct user_namespace
*user_ns
,
5362 struct smb2_file_rename_info
*file_info
,
5363 struct nls_table
*local_nls
)
5365 struct ksmbd_share_config
*share
= fp
->tcon
->share_conf
;
5366 char *new_name
= NULL
, *abs_oldname
= NULL
, *old_name
= NULL
;
5367 char *pathname
= NULL
;
5369 bool file_present
= true;
5372 ksmbd_debug(SMB
, "setting FILE_RENAME_INFO\n");
5373 pathname
= kmalloc(PATH_MAX
, GFP_KERNEL
);
5377 abs_oldname
= d_path(&fp
->filp
->f_path
, pathname
, PATH_MAX
);
5378 if (IS_ERR(abs_oldname
)) {
5382 old_name
= strrchr(abs_oldname
, '/');
5383 if (old_name
&& old_name
[1] != '\0') {
5386 ksmbd_debug(SMB
, "can't get last component in path %s\n",
5392 new_name
= smb2_get_name(share
,
5393 file_info
->FileName
,
5394 le32_to_cpu(file_info
->FileNameLength
),
5396 if (IS_ERR(new_name
)) {
5397 rc
= PTR_ERR(new_name
);
5401 if (strchr(new_name
, ':')) {
5403 char *xattr_stream_name
, *stream_name
= NULL
;
5404 size_t xattr_stream_size
;
5407 rc
= parse_stream_name(new_name
, &stream_name
, &s_type
);
5411 len
= strlen(new_name
);
5412 if (len
> 0 && new_name
[len
- 1] != '/') {
5413 pr_err("not allow base filename in rename\n");
5418 rc
= ksmbd_vfs_xattr_stream_name(stream_name
,
5425 rc
= ksmbd_vfs_setxattr(user_ns
,
5426 fp
->filp
->f_path
.dentry
,
5430 pr_err("failed to store stream name in xattr: %d\n",
5439 ksmbd_debug(SMB
, "new name %s\n", new_name
);
5440 rc
= ksmbd_vfs_kern_path(work
, new_name
, LOOKUP_NO_SYMLINKS
, &path
, 1);
5444 file_present
= false;
5449 if (ksmbd_share_veto_filename(share
, new_name
)) {
5451 ksmbd_debug(SMB
, "Can't rename vetoed file: %s\n", new_name
);
5455 if (file_info
->ReplaceIfExists
) {
5457 rc
= ksmbd_vfs_remove_file(work
, new_name
);
5459 if (rc
!= -ENOTEMPTY
)
5461 ksmbd_debug(SMB
, "cannot delete %s, rc %d\n",
5468 strncmp(old_name
, path
.dentry
->d_name
.name
, strlen(old_name
))) {
5471 "cannot rename already existing file\n");
5476 rc
= ksmbd_vfs_fp_rename(work
, fp
, new_name
);
5479 if (!IS_ERR(new_name
))
5484 static int smb2_create_link(struct ksmbd_work
*work
,
5485 struct ksmbd_share_config
*share
,
5486 struct smb2_file_link_info
*file_info
,
5487 unsigned int buf_len
, struct file
*filp
,
5488 struct nls_table
*local_nls
)
5490 char *link_name
= NULL
, *target_name
= NULL
, *pathname
= NULL
;
5492 bool file_present
= true;
5495 if (buf_len
< (u64
)sizeof(struct smb2_file_link_info
) +
5496 le32_to_cpu(file_info
->FileNameLength
))
5499 ksmbd_debug(SMB
, "setting FILE_LINK_INFORMATION\n");
5500 pathname
= kmalloc(PATH_MAX
, GFP_KERNEL
);
5504 link_name
= smb2_get_name(share
,
5505 file_info
->FileName
,
5506 le32_to_cpu(file_info
->FileNameLength
),
5508 if (IS_ERR(link_name
) || S_ISDIR(file_inode(filp
)->i_mode
)) {
5513 ksmbd_debug(SMB
, "link name is %s\n", link_name
);
5514 target_name
= d_path(&filp
->f_path
, pathname
, PATH_MAX
);
5515 if (IS_ERR(target_name
)) {
5520 ksmbd_debug(SMB
, "target name is %s\n", target_name
);
5521 rc
= ksmbd_vfs_kern_path(work
, link_name
, LOOKUP_NO_SYMLINKS
, &path
, 0);
5525 file_present
= false;
5530 if (file_info
->ReplaceIfExists
) {
5532 rc
= ksmbd_vfs_remove_file(work
, link_name
);
5535 ksmbd_debug(SMB
, "cannot delete %s\n",
5543 ksmbd_debug(SMB
, "link already exists\n");
5548 rc
= ksmbd_vfs_link(work
, target_name
, link_name
);
5552 if (!IS_ERR(link_name
))
5558 static int set_file_basic_info(struct ksmbd_file
*fp
,
5559 struct smb2_file_basic_info
*file_info
,
5560 struct ksmbd_share_config
*share
)
5564 struct inode
*inode
;
5565 struct user_namespace
*user_ns
;
5568 if (!(fp
->daccess
& FILE_WRITE_ATTRIBUTES_LE
))
5573 inode
= file_inode(filp
);
5574 user_ns
= file_mnt_user_ns(filp
);
5576 if (file_info
->CreationTime
)
5577 fp
->create_time
= le64_to_cpu(file_info
->CreationTime
);
5579 if (file_info
->LastAccessTime
) {
5580 attrs
.ia_atime
= ksmbd_NTtimeToUnix(file_info
->LastAccessTime
);
5581 attrs
.ia_valid
|= (ATTR_ATIME
| ATTR_ATIME_SET
);
5584 attrs
.ia_valid
|= ATTR_CTIME
;
5585 if (file_info
->ChangeTime
)
5586 attrs
.ia_ctime
= ksmbd_NTtimeToUnix(file_info
->ChangeTime
);
5588 attrs
.ia_ctime
= inode
->i_ctime
;
5590 if (file_info
->LastWriteTime
) {
5591 attrs
.ia_mtime
= ksmbd_NTtimeToUnix(file_info
->LastWriteTime
);
5592 attrs
.ia_valid
|= (ATTR_MTIME
| ATTR_MTIME_SET
);
5595 if (file_info
->Attributes
) {
5596 if (!S_ISDIR(inode
->i_mode
) &&
5597 file_info
->Attributes
& ATTR_DIRECTORY_LE
) {
5598 pr_err("can't change a file to a directory\n");
5602 if (!(S_ISDIR(inode
->i_mode
) && file_info
->Attributes
== ATTR_NORMAL_LE
))
5603 fp
->f_ci
->m_fattr
= file_info
->Attributes
|
5604 (fp
->f_ci
->m_fattr
& ATTR_DIRECTORY_LE
);
5607 if (test_share_config_flag(share
, KSMBD_SHARE_FLAG_STORE_DOS_ATTRS
) &&
5608 (file_info
->CreationTime
|| file_info
->Attributes
)) {
5609 struct xattr_dos_attrib da
= {0};
5612 da
.itime
= fp
->itime
;
5613 da
.create_time
= fp
->create_time
;
5614 da
.attr
= le32_to_cpu(fp
->f_ci
->m_fattr
);
5615 da
.flags
= XATTR_DOSINFO_ATTRIB
| XATTR_DOSINFO_CREATE_TIME
|
5616 XATTR_DOSINFO_ITIME
;
5618 rc
= ksmbd_vfs_set_dos_attrib_xattr(user_ns
,
5619 filp
->f_path
.dentry
, &da
);
5622 "failed to restore file attribute in EA\n");
5626 if (attrs
.ia_valid
) {
5627 struct dentry
*dentry
= filp
->f_path
.dentry
;
5628 struct inode
*inode
= d_inode(dentry
);
5630 if (IS_IMMUTABLE(inode
) || IS_APPEND(inode
))
5634 inode
->i_ctime
= attrs
.ia_ctime
;
5635 attrs
.ia_valid
&= ~ATTR_CTIME
;
5636 rc
= notify_change(user_ns
, dentry
, &attrs
, NULL
);
5637 inode_unlock(inode
);
5642 static int set_file_allocation_info(struct ksmbd_work
*work
,
5643 struct ksmbd_file
*fp
,
5644 struct smb2_file_alloc_info
*file_alloc_info
)
5647 * TODO : It's working fine only when store dos attributes
5648 * is not yes. need to implement a logic which works
5649 * properly with any smb.conf option
5653 struct inode
*inode
;
5656 if (!(fp
->daccess
& FILE_WRITE_DATA_LE
))
5659 alloc_blks
= (le64_to_cpu(file_alloc_info
->AllocationSize
) + 511) >> 9;
5660 inode
= file_inode(fp
->filp
);
5662 if (alloc_blks
> inode
->i_blocks
) {
5663 smb_break_all_levII_oplock(work
, fp
, 1);
5664 rc
= vfs_fallocate(fp
->filp
, FALLOC_FL_KEEP_SIZE
, 0,
5666 if (rc
&& rc
!= -EOPNOTSUPP
) {
5667 pr_err("vfs_fallocate is failed : %d\n", rc
);
5670 } else if (alloc_blks
< inode
->i_blocks
) {
5674 * Allocation size could be smaller than original one
5675 * which means allocated blocks in file should be
5676 * deallocated. use truncate to cut out it, but inode
5677 * size is also updated with truncate offset.
5678 * inode size is retained by backup inode size.
5680 size
= i_size_read(inode
);
5681 rc
= ksmbd_vfs_truncate(work
, fp
, alloc_blks
* 512);
5683 pr_err("truncate failed! filename : %s, err %d\n",
5687 if (size
< alloc_blks
* 512)
5688 i_size_write(inode
, size
);
5693 static int set_end_of_file_info(struct ksmbd_work
*work
, struct ksmbd_file
*fp
,
5694 struct smb2_file_eof_info
*file_eof_info
)
5697 struct inode
*inode
;
5700 if (!(fp
->daccess
& FILE_WRITE_DATA_LE
))
5703 newsize
= le64_to_cpu(file_eof_info
->EndOfFile
);
5704 inode
= file_inode(fp
->filp
);
5707 * If FILE_END_OF_FILE_INFORMATION of set_info_file is called
5708 * on FAT32 shared device, truncate execution time is too long
5709 * and network error could cause from windows client. because
5710 * truncate of some filesystem like FAT32 fill zero data in
5713 if (inode
->i_sb
->s_magic
!= MSDOS_SUPER_MAGIC
) {
5714 ksmbd_debug(SMB
, "filename : %s truncated to newsize %lld\n",
5715 fp
->filename
, newsize
);
5716 rc
= ksmbd_vfs_truncate(work
, fp
, newsize
);
5718 ksmbd_debug(SMB
, "truncate failed! filename : %s err %d\n",
5728 static int set_rename_info(struct ksmbd_work
*work
, struct ksmbd_file
*fp
,
5729 struct smb2_file_rename_info
*rename_info
,
5730 unsigned int buf_len
)
5732 struct user_namespace
*user_ns
;
5733 struct ksmbd_file
*parent_fp
;
5734 struct dentry
*parent
;
5735 struct dentry
*dentry
= fp
->filp
->f_path
.dentry
;
5738 if (!(fp
->daccess
& FILE_DELETE_LE
)) {
5739 pr_err("no right to delete : 0x%x\n", fp
->daccess
);
5743 if (buf_len
< (u64
)sizeof(struct smb2_file_rename_info
) +
5744 le32_to_cpu(rename_info
->FileNameLength
))
5747 user_ns
= file_mnt_user_ns(fp
->filp
);
5748 if (ksmbd_stream_fd(fp
))
5751 parent
= dget_parent(dentry
);
5752 ret
= ksmbd_vfs_lock_parent(user_ns
, parent
, dentry
);
5758 parent_fp
= ksmbd_lookup_fd_inode(d_inode(parent
));
5759 inode_unlock(d_inode(parent
));
5763 if (parent_fp
->daccess
& FILE_DELETE_LE
) {
5764 pr_err("parent dir is opened with delete access\n");
5769 return smb2_rename(work
, fp
, user_ns
, rename_info
,
5770 work
->sess
->conn
->local_nls
);
5773 static int set_file_disposition_info(struct ksmbd_file
*fp
,
5774 struct smb2_file_disposition_info
*file_info
)
5776 struct inode
*inode
;
5778 if (!(fp
->daccess
& FILE_DELETE_LE
)) {
5779 pr_err("no right to delete : 0x%x\n", fp
->daccess
);
5783 inode
= file_inode(fp
->filp
);
5784 if (file_info
->DeletePending
) {
5785 if (S_ISDIR(inode
->i_mode
) &&
5786 ksmbd_vfs_empty_dir(fp
) == -ENOTEMPTY
)
5788 ksmbd_set_inode_pending_delete(fp
);
5790 ksmbd_clear_inode_pending_delete(fp
);
5795 static int set_file_position_info(struct ksmbd_file
*fp
,
5796 struct smb2_file_pos_info
*file_info
)
5798 loff_t current_byte_offset
;
5799 unsigned long sector_size
;
5800 struct inode
*inode
;
5802 inode
= file_inode(fp
->filp
);
5803 current_byte_offset
= le64_to_cpu(file_info
->CurrentByteOffset
);
5804 sector_size
= inode
->i_sb
->s_blocksize
;
5806 if (current_byte_offset
< 0 ||
5807 (fp
->coption
== FILE_NO_INTERMEDIATE_BUFFERING_LE
&&
5808 current_byte_offset
& (sector_size
- 1))) {
5809 pr_err("CurrentByteOffset is not valid : %llu\n",
5810 current_byte_offset
);
5814 fp
->filp
->f_pos
= current_byte_offset
;
5818 static int set_file_mode_info(struct ksmbd_file
*fp
,
5819 struct smb2_file_mode_info
*file_info
)
5823 mode
= file_info
->Mode
;
5825 if ((mode
& ~FILE_MODE_INFO_MASK
) ||
5826 (mode
& FILE_SYNCHRONOUS_IO_ALERT_LE
&&
5827 mode
& FILE_SYNCHRONOUS_IO_NONALERT_LE
)) {
5828 pr_err("Mode is not valid : 0x%x\n", le32_to_cpu(mode
));
5833 * TODO : need to implement consideration for
5834 * FILE_SYNCHRONOUS_IO_ALERT and FILE_SYNCHRONOUS_IO_NONALERT
5836 ksmbd_vfs_set_fadvise(fp
->filp
, mode
);
5842 * smb2_set_info_file() - handler for smb2 set info command
5843 * @work: smb work containing set info command buffer
5844 * @fp: ksmbd_file pointer
5845 * @info_class: smb2 set info class
5846 * @share: ksmbd_share_config pointer
5848 * Return: 0 on success, otherwise error
5849 * TODO: need to implement an error handling for STATUS_INFO_LENGTH_MISMATCH
5851 static int smb2_set_info_file(struct ksmbd_work
*work
, struct ksmbd_file
*fp
,
5852 struct smb2_set_info_req
*req
,
5853 struct ksmbd_share_config
*share
)
5855 unsigned int buf_len
= le32_to_cpu(req
->BufferLength
);
5857 switch (req
->FileInfoClass
) {
5858 case FILE_BASIC_INFORMATION
:
5860 if (buf_len
< sizeof(struct smb2_file_basic_info
))
5863 return set_file_basic_info(fp
, (struct smb2_file_basic_info
*)req
->Buffer
, share
);
5865 case FILE_ALLOCATION_INFORMATION
:
5867 if (buf_len
< sizeof(struct smb2_file_alloc_info
))
5870 return set_file_allocation_info(work
, fp
,
5871 (struct smb2_file_alloc_info
*)req
->Buffer
);
5873 case FILE_END_OF_FILE_INFORMATION
:
5875 if (buf_len
< sizeof(struct smb2_file_eof_info
))
5878 return set_end_of_file_info(work
, fp
,
5879 (struct smb2_file_eof_info
*)req
->Buffer
);
5881 case FILE_RENAME_INFORMATION
:
5883 if (!test_tree_conn_flag(work
->tcon
, KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
5885 "User does not have write permission\n");
5889 if (buf_len
< sizeof(struct smb2_file_rename_info
))
5892 return set_rename_info(work
, fp
,
5893 (struct smb2_file_rename_info
*)req
->Buffer
,
5896 case FILE_LINK_INFORMATION
:
5898 if (buf_len
< sizeof(struct smb2_file_link_info
))
5901 return smb2_create_link(work
, work
->tcon
->share_conf
,
5902 (struct smb2_file_link_info
*)req
->Buffer
,
5904 work
->sess
->conn
->local_nls
);
5906 case FILE_DISPOSITION_INFORMATION
:
5908 if (!test_tree_conn_flag(work
->tcon
, KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
5910 "User does not have write permission\n");
5914 if (buf_len
< sizeof(struct smb2_file_disposition_info
))
5917 return set_file_disposition_info(fp
,
5918 (struct smb2_file_disposition_info
*)req
->Buffer
);
5920 case FILE_FULL_EA_INFORMATION
:
5922 if (!(fp
->daccess
& FILE_WRITE_EA_LE
)) {
5923 pr_err("Not permitted to write ext attr: 0x%x\n",
5928 if (buf_len
< sizeof(struct smb2_ea_info
))
5931 return smb2_set_ea((struct smb2_ea_info
*)req
->Buffer
,
5932 buf_len
, &fp
->filp
->f_path
);
5934 case FILE_POSITION_INFORMATION
:
5936 if (buf_len
< sizeof(struct smb2_file_pos_info
))
5939 return set_file_position_info(fp
, (struct smb2_file_pos_info
*)req
->Buffer
);
5941 case FILE_MODE_INFORMATION
:
5943 if (buf_len
< sizeof(struct smb2_file_mode_info
))
5946 return set_file_mode_info(fp
, (struct smb2_file_mode_info
*)req
->Buffer
);
5950 pr_err("Unimplemented Fileinfoclass :%d\n", req
->FileInfoClass
);
5954 static int smb2_set_info_sec(struct ksmbd_file
*fp
, int addition_info
,
5955 char *buffer
, int buf_len
)
5957 struct smb_ntsd
*pntsd
= (struct smb_ntsd
*)buffer
;
5959 fp
->saccess
|= FILE_SHARE_DELETE_LE
;
5961 return set_info_sec(fp
->conn
, fp
->tcon
, &fp
->filp
->f_path
, pntsd
,
5966 * smb2_set_info() - handler for smb2 set info command handler
5967 * @work: smb work containing set info request buffer
5969 * Return: 0 on success, otherwise error
5971 int smb2_set_info(struct ksmbd_work
*work
)
5973 struct smb2_set_info_req
*req
;
5974 struct smb2_set_info_rsp
*rsp
, *rsp_org
;
5975 struct ksmbd_file
*fp
;
5977 unsigned int id
= KSMBD_NO_FID
, pid
= KSMBD_NO_FID
;
5979 ksmbd_debug(SMB
, "Received set info request\n");
5981 rsp_org
= work
->response_buf
;
5982 if (work
->next_smb2_rcv_hdr_off
) {
5983 req
= ksmbd_req_buf_next(work
);
5984 rsp
= ksmbd_resp_buf_next(work
);
5985 if (!has_file_id(le64_to_cpu(req
->VolatileFileId
))) {
5986 ksmbd_debug(SMB
, "Compound request set FID = %llu\n",
5987 work
->compound_fid
);
5988 id
= work
->compound_fid
;
5989 pid
= work
->compound_pfid
;
5992 req
= work
->request_buf
;
5993 rsp
= work
->response_buf
;
5996 if (!has_file_id(id
)) {
5997 id
= le64_to_cpu(req
->VolatileFileId
);
5998 pid
= le64_to_cpu(req
->PersistentFileId
);
6001 fp
= ksmbd_lookup_fd_slow(work
, id
, pid
);
6003 ksmbd_debug(SMB
, "Invalid id for close: %u\n", id
);
6008 switch (req
->InfoType
) {
6009 case SMB2_O_INFO_FILE
:
6010 ksmbd_debug(SMB
, "GOT SMB2_O_INFO_FILE\n");
6011 rc
= smb2_set_info_file(work
, fp
, req
, work
->tcon
->share_conf
);
6013 case SMB2_O_INFO_SECURITY
:
6014 ksmbd_debug(SMB
, "GOT SMB2_O_INFO_SECURITY\n");
6015 if (ksmbd_override_fsids(work
)) {
6019 rc
= smb2_set_info_sec(fp
,
6020 le32_to_cpu(req
->AdditionalInformation
),
6022 le32_to_cpu(req
->BufferLength
));
6023 ksmbd_revert_fsids(work
);
6032 rsp
->StructureSize
= cpu_to_le16(2);
6033 inc_rfc1001_len(rsp_org
, 2);
6034 ksmbd_fd_put(work
, fp
);
6038 if (rc
== -EACCES
|| rc
== -EPERM
|| rc
== -EXDEV
)
6039 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
6040 else if (rc
== -EINVAL
)
6041 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
6042 else if (rc
== -ESHARE
)
6043 rsp
->hdr
.Status
= STATUS_SHARING_VIOLATION
;
6044 else if (rc
== -ENOENT
)
6045 rsp
->hdr
.Status
= STATUS_OBJECT_NAME_INVALID
;
6046 else if (rc
== -EBUSY
|| rc
== -ENOTEMPTY
)
6047 rsp
->hdr
.Status
= STATUS_DIRECTORY_NOT_EMPTY
;
6048 else if (rc
== -EAGAIN
)
6049 rsp
->hdr
.Status
= STATUS_FILE_LOCK_CONFLICT
;
6050 else if (rc
== -EBADF
|| rc
== -ESTALE
)
6051 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
6052 else if (rc
== -EEXIST
)
6053 rsp
->hdr
.Status
= STATUS_OBJECT_NAME_COLLISION
;
6054 else if (rsp
->hdr
.Status
== 0 || rc
== -EOPNOTSUPP
)
6055 rsp
->hdr
.Status
= STATUS_INVALID_INFO_CLASS
;
6056 smb2_set_err_rsp(work
);
6057 ksmbd_fd_put(work
, fp
);
6058 ksmbd_debug(SMB
, "error while processing smb2 query rc = %d\n", rc
);
6063 * smb2_read_pipe() - handler for smb2 read from IPC pipe
6064 * @work: smb work containing read IPC pipe command buffer
6066 * Return: 0 on success, otherwise error
6068 static noinline
int smb2_read_pipe(struct ksmbd_work
*work
)
6070 int nbytes
= 0, err
;
6072 struct ksmbd_rpc_command
*rpc_resp
;
6073 struct smb2_read_req
*req
= work
->request_buf
;
6074 struct smb2_read_rsp
*rsp
= work
->response_buf
;
6076 id
= le64_to_cpu(req
->VolatileFileId
);
6078 inc_rfc1001_len(rsp
, 16);
6079 rpc_resp
= ksmbd_rpc_read(work
->sess
, id
);
6081 if (rpc_resp
->flags
!= KSMBD_RPC_OK
) {
6086 work
->aux_payload_buf
=
6087 kvmalloc(rpc_resp
->payload_sz
, GFP_KERNEL
| __GFP_ZERO
);
6088 if (!work
->aux_payload_buf
) {
6093 memcpy(work
->aux_payload_buf
, rpc_resp
->payload
,
6094 rpc_resp
->payload_sz
);
6096 nbytes
= rpc_resp
->payload_sz
;
6097 work
->resp_hdr_sz
= get_rfc1002_len(rsp
) + 4;
6098 work
->aux_payload_sz
= nbytes
;
6102 rsp
->StructureSize
= cpu_to_le16(17);
6103 rsp
->DataOffset
= 80;
6105 rsp
->DataLength
= cpu_to_le32(nbytes
);
6106 rsp
->DataRemaining
= 0;
6108 inc_rfc1001_len(rsp
, nbytes
);
6112 rsp
->hdr
.Status
= STATUS_UNEXPECTED_IO_ERROR
;
6113 smb2_set_err_rsp(work
);
6118 static ssize_t
smb2_read_rdma_channel(struct ksmbd_work
*work
,
6119 struct smb2_read_req
*req
, void *data_buf
,
6122 struct smb2_buffer_desc_v1
*desc
=
6123 (struct smb2_buffer_desc_v1
*)&req
->Buffer
[0];
6126 if (work
->conn
->dialect
== SMB30_PROT_ID
&&
6127 req
->Channel
!= SMB2_CHANNEL_RDMA_V1
)
6130 if (req
->ReadChannelInfoOffset
== 0 ||
6131 le16_to_cpu(req
->ReadChannelInfoLength
) < sizeof(*desc
))
6134 work
->need_invalidate_rkey
=
6135 (req
->Channel
== SMB2_CHANNEL_RDMA_V1_INVALIDATE
);
6136 work
->remote_key
= le32_to_cpu(desc
->token
);
6138 err
= ksmbd_conn_rdma_write(work
->conn
, data_buf
, length
,
6139 le32_to_cpu(desc
->token
),
6140 le64_to_cpu(desc
->offset
),
6141 le32_to_cpu(desc
->length
));
6149 * smb2_read() - handler for smb2 read from file
6150 * @work: smb work containing read command buffer
6152 * Return: 0 on success, otherwise error
6154 int smb2_read(struct ksmbd_work
*work
)
6156 struct ksmbd_conn
*conn
= work
->conn
;
6157 struct smb2_read_req
*req
;
6158 struct smb2_read_rsp
*rsp
, *rsp_org
;
6159 struct ksmbd_file
*fp
;
6161 size_t length
, mincount
;
6162 ssize_t nbytes
= 0, remain_bytes
= 0;
6165 rsp_org
= work
->response_buf
;
6166 WORK_BUFFERS(work
, req
, rsp
);
6168 if (test_share_config_flag(work
->tcon
->share_conf
,
6169 KSMBD_SHARE_FLAG_PIPE
)) {
6170 ksmbd_debug(SMB
, "IPC pipe read request\n");
6171 return smb2_read_pipe(work
);
6174 fp
= ksmbd_lookup_fd_slow(work
, le64_to_cpu(req
->VolatileFileId
),
6175 le64_to_cpu(req
->PersistentFileId
));
6181 if (!(fp
->daccess
& (FILE_READ_DATA_LE
| FILE_READ_ATTRIBUTES_LE
))) {
6182 pr_err("Not permitted to read : 0x%x\n", fp
->daccess
);
6187 offset
= le64_to_cpu(req
->Offset
);
6188 length
= le32_to_cpu(req
->Length
);
6189 mincount
= le32_to_cpu(req
->MinimumCount
);
6191 if (length
> conn
->vals
->max_read_size
) {
6192 ksmbd_debug(SMB
, "limiting read size to max size(%u)\n",
6193 conn
->vals
->max_read_size
);
6198 ksmbd_debug(SMB
, "filename %pd, offset %lld, len %zu\n",
6199 fp
->filp
->f_path
.dentry
, offset
, length
);
6201 work
->aux_payload_buf
= kvmalloc(length
, GFP_KERNEL
| __GFP_ZERO
);
6202 if (!work
->aux_payload_buf
) {
6207 nbytes
= ksmbd_vfs_read(work
, fp
, length
, &offset
);
6213 if ((nbytes
== 0 && length
!= 0) || nbytes
< mincount
) {
6214 kvfree(work
->aux_payload_buf
);
6215 work
->aux_payload_buf
= NULL
;
6216 rsp
->hdr
.Status
= STATUS_END_OF_FILE
;
6217 smb2_set_err_rsp(work
);
6218 ksmbd_fd_put(work
, fp
);
6222 ksmbd_debug(SMB
, "nbytes %zu, offset %lld mincount %zu\n",
6223 nbytes
, offset
, mincount
);
6225 if (req
->Channel
== SMB2_CHANNEL_RDMA_V1_INVALIDATE
||
6226 req
->Channel
== SMB2_CHANNEL_RDMA_V1
) {
6227 /* write data to the client using rdma channel */
6228 remain_bytes
= smb2_read_rdma_channel(work
, req
,
6229 work
->aux_payload_buf
,
6231 kvfree(work
->aux_payload_buf
);
6232 work
->aux_payload_buf
= NULL
;
6235 if (remain_bytes
< 0) {
6236 err
= (int)remain_bytes
;
6241 rsp
->StructureSize
= cpu_to_le16(17);
6242 rsp
->DataOffset
= 80;
6244 rsp
->DataLength
= cpu_to_le32(nbytes
);
6245 rsp
->DataRemaining
= cpu_to_le32(remain_bytes
);
6247 inc_rfc1001_len(rsp_org
, 16);
6248 work
->resp_hdr_sz
= get_rfc1002_len(rsp_org
) + 4;
6249 work
->aux_payload_sz
= nbytes
;
6250 inc_rfc1001_len(rsp_org
, nbytes
);
6251 ksmbd_fd_put(work
, fp
);
6257 rsp
->hdr
.Status
= STATUS_INVALID_DEVICE_REQUEST
;
6258 else if (err
== -EAGAIN
)
6259 rsp
->hdr
.Status
= STATUS_FILE_LOCK_CONFLICT
;
6260 else if (err
== -ENOENT
)
6261 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
6262 else if (err
== -EACCES
)
6263 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
6264 else if (err
== -ESHARE
)
6265 rsp
->hdr
.Status
= STATUS_SHARING_VIOLATION
;
6266 else if (err
== -EINVAL
)
6267 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
6269 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
6271 smb2_set_err_rsp(work
);
6273 ksmbd_fd_put(work
, fp
);
6278 * smb2_write_pipe() - handler for smb2 write on IPC pipe
6279 * @work: smb work containing write IPC pipe command buffer
6281 * Return: 0 on success, otherwise error
6283 static noinline
int smb2_write_pipe(struct ksmbd_work
*work
)
6285 struct smb2_write_req
*req
= work
->request_buf
;
6286 struct smb2_write_rsp
*rsp
= work
->response_buf
;
6287 struct ksmbd_rpc_command
*rpc_resp
;
6289 int err
= 0, ret
= 0;
6293 length
= le32_to_cpu(req
->Length
);
6294 id
= le64_to_cpu(req
->VolatileFileId
);
6296 if (le16_to_cpu(req
->DataOffset
) ==
6297 (offsetof(struct smb2_write_req
, Buffer
) - 4)) {
6298 data_buf
= (char *)&req
->Buffer
[0];
6300 if ((u64
)le16_to_cpu(req
->DataOffset
) + length
> get_rfc1002_len(req
)) {
6301 pr_err("invalid write data offset %u, smb_len %u\n",
6302 le16_to_cpu(req
->DataOffset
),
6303 get_rfc1002_len(req
));
6308 data_buf
= (char *)(((char *)&req
->hdr
.ProtocolId
) +
6309 le16_to_cpu(req
->DataOffset
));
6312 rpc_resp
= ksmbd_rpc_write(work
->sess
, id
, data_buf
, length
);
6314 if (rpc_resp
->flags
== KSMBD_RPC_ENOTIMPLEMENTED
) {
6315 rsp
->hdr
.Status
= STATUS_NOT_SUPPORTED
;
6317 smb2_set_err_rsp(work
);
6320 if (rpc_resp
->flags
!= KSMBD_RPC_OK
) {
6321 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
6322 smb2_set_err_rsp(work
);
6329 rsp
->StructureSize
= cpu_to_le16(17);
6330 rsp
->DataOffset
= 0;
6332 rsp
->DataLength
= cpu_to_le32(length
);
6333 rsp
->DataRemaining
= 0;
6335 inc_rfc1001_len(rsp
, 16);
6339 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
6340 smb2_set_err_rsp(work
);
6346 static ssize_t
smb2_write_rdma_channel(struct ksmbd_work
*work
,
6347 struct smb2_write_req
*req
,
6348 struct ksmbd_file
*fp
,
6349 loff_t offset
, size_t length
, bool sync
)
6351 struct smb2_buffer_desc_v1
*desc
;
6356 desc
= (struct smb2_buffer_desc_v1
*)&req
->Buffer
[0];
6358 if (work
->conn
->dialect
== SMB30_PROT_ID
&&
6359 req
->Channel
!= SMB2_CHANNEL_RDMA_V1
)
6362 if (req
->Length
!= 0 || req
->DataOffset
!= 0)
6365 if (req
->WriteChannelInfoOffset
== 0 ||
6366 le16_to_cpu(req
->WriteChannelInfoLength
) < sizeof(*desc
))
6369 work
->need_invalidate_rkey
=
6370 (req
->Channel
== SMB2_CHANNEL_RDMA_V1_INVALIDATE
);
6371 work
->remote_key
= le32_to_cpu(desc
->token
);
6373 data_buf
= kvmalloc(length
, GFP_KERNEL
| __GFP_ZERO
);
6377 ret
= ksmbd_conn_rdma_read(work
->conn
, data_buf
, length
,
6378 le32_to_cpu(desc
->token
),
6379 le64_to_cpu(desc
->offset
),
6380 le32_to_cpu(desc
->length
));
6386 ret
= ksmbd_vfs_write(work
, fp
, data_buf
, length
, &offset
, sync
, &nbytes
);
6395 * smb2_write() - handler for smb2 write from file
6396 * @work: smb work containing write command buffer
6398 * Return: 0 on success, otherwise error
6400 int smb2_write(struct ksmbd_work
*work
)
6402 struct smb2_write_req
*req
;
6403 struct smb2_write_rsp
*rsp
, *rsp_org
;
6404 struct ksmbd_file
*fp
= NULL
;
6409 bool writethrough
= false;
6412 rsp_org
= work
->response_buf
;
6413 WORK_BUFFERS(work
, req
, rsp
);
6415 if (test_share_config_flag(work
->tcon
->share_conf
, KSMBD_SHARE_FLAG_PIPE
)) {
6416 ksmbd_debug(SMB
, "IPC pipe write request\n");
6417 return smb2_write_pipe(work
);
6420 if (!test_tree_conn_flag(work
->tcon
, KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
6421 ksmbd_debug(SMB
, "User does not have write permission\n");
6426 fp
= ksmbd_lookup_fd_slow(work
, le64_to_cpu(req
->VolatileFileId
),
6427 le64_to_cpu(req
->PersistentFileId
));
6433 if (!(fp
->daccess
& (FILE_WRITE_DATA_LE
| FILE_READ_ATTRIBUTES_LE
))) {
6434 pr_err("Not permitted to write : 0x%x\n", fp
->daccess
);
6439 offset
= le64_to_cpu(req
->Offset
);
6440 length
= le32_to_cpu(req
->Length
);
6442 if (length
> work
->conn
->vals
->max_write_size
) {
6443 ksmbd_debug(SMB
, "limiting write size to max size(%u)\n",
6444 work
->conn
->vals
->max_write_size
);
6449 if (le32_to_cpu(req
->Flags
) & SMB2_WRITEFLAG_WRITE_THROUGH
)
6450 writethrough
= true;
6452 if (req
->Channel
!= SMB2_CHANNEL_RDMA_V1
&&
6453 req
->Channel
!= SMB2_CHANNEL_RDMA_V1_INVALIDATE
) {
6454 if (le16_to_cpu(req
->DataOffset
) ==
6455 (offsetof(struct smb2_write_req
, Buffer
) - 4)) {
6456 data_buf
= (char *)&req
->Buffer
[0];
6458 if ((u64
)le16_to_cpu(req
->DataOffset
) + length
> get_rfc1002_len(req
)) {
6459 pr_err("invalid write data offset %u, smb_len %u\n",
6460 le16_to_cpu(req
->DataOffset
),
6461 get_rfc1002_len(req
));
6466 data_buf
= (char *)(((char *)&req
->hdr
.ProtocolId
) +
6467 le16_to_cpu(req
->DataOffset
));
6470 ksmbd_debug(SMB
, "flags %u\n", le32_to_cpu(req
->Flags
));
6471 if (le32_to_cpu(req
->Flags
) & SMB2_WRITEFLAG_WRITE_THROUGH
)
6472 writethrough
= true;
6474 ksmbd_debug(SMB
, "filename %pd, offset %lld, len %zu\n",
6475 fp
->filp
->f_path
.dentry
, offset
, length
);
6476 err
= ksmbd_vfs_write(work
, fp
, data_buf
, length
, &offset
,
6477 writethrough
, &nbytes
);
6481 /* read data from the client using rdma channel, and
6484 nbytes
= smb2_write_rdma_channel(work
, req
, fp
, offset
,
6485 le32_to_cpu(req
->RemainingBytes
),
6493 rsp
->StructureSize
= cpu_to_le16(17);
6494 rsp
->DataOffset
= 0;
6496 rsp
->DataLength
= cpu_to_le32(nbytes
);
6497 rsp
->DataRemaining
= 0;
6499 inc_rfc1001_len(rsp_org
, 16);
6500 ksmbd_fd_put(work
, fp
);
6505 rsp
->hdr
.Status
= STATUS_FILE_LOCK_CONFLICT
;
6506 else if (err
== -ENOSPC
|| err
== -EFBIG
)
6507 rsp
->hdr
.Status
= STATUS_DISK_FULL
;
6508 else if (err
== -ENOENT
)
6509 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
6510 else if (err
== -EACCES
)
6511 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
6512 else if (err
== -ESHARE
)
6513 rsp
->hdr
.Status
= STATUS_SHARING_VIOLATION
;
6514 else if (err
== -EINVAL
)
6515 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
6517 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
6519 smb2_set_err_rsp(work
);
6520 ksmbd_fd_put(work
, fp
);
6525 * smb2_flush() - handler for smb2 flush file - fsync
6526 * @work: smb work containing flush command buffer
6528 * Return: 0 on success, otherwise error
6530 int smb2_flush(struct ksmbd_work
*work
)
6532 struct smb2_flush_req
*req
;
6533 struct smb2_flush_rsp
*rsp
, *rsp_org
;
6536 rsp_org
= work
->response_buf
;
6537 WORK_BUFFERS(work
, req
, rsp
);
6539 ksmbd_debug(SMB
, "SMB2_FLUSH called for fid %llu\n",
6540 le64_to_cpu(req
->VolatileFileId
));
6542 err
= ksmbd_vfs_fsync(work
,
6543 le64_to_cpu(req
->VolatileFileId
),
6544 le64_to_cpu(req
->PersistentFileId
));
6548 rsp
->StructureSize
= cpu_to_le16(4);
6550 inc_rfc1001_len(rsp_org
, 4);
6555 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
6556 smb2_set_err_rsp(work
);
6563 * smb2_cancel() - handler for smb2 cancel command
6564 * @work: smb work containing cancel command buffer
6566 * Return: 0 on success, otherwise error
6568 int smb2_cancel(struct ksmbd_work
*work
)
6570 struct ksmbd_conn
*conn
= work
->conn
;
6571 struct smb2_hdr
*hdr
= work
->request_buf
;
6572 struct smb2_hdr
*chdr
;
6573 struct ksmbd_work
*cancel_work
= NULL
;
6575 struct list_head
*command_list
;
6577 ksmbd_debug(SMB
, "smb2 cancel called on mid %llu, async flags 0x%x\n",
6578 hdr
->MessageId
, hdr
->Flags
);
6580 if (hdr
->Flags
& SMB2_FLAGS_ASYNC_COMMAND
) {
6581 command_list
= &conn
->async_requests
;
6583 spin_lock(&conn
->request_lock
);
6584 list_for_each_entry(cancel_work
, command_list
,
6585 async_request_entry
) {
6586 chdr
= cancel_work
->request_buf
;
6588 if (cancel_work
->async_id
!=
6589 le64_to_cpu(hdr
->Id
.AsyncId
))
6593 "smb2 with AsyncId %llu cancelled command = 0x%x\n",
6594 le64_to_cpu(hdr
->Id
.AsyncId
),
6595 le16_to_cpu(chdr
->Command
));
6599 spin_unlock(&conn
->request_lock
);
6601 command_list
= &conn
->requests
;
6603 spin_lock(&conn
->request_lock
);
6604 list_for_each_entry(cancel_work
, command_list
, request_entry
) {
6605 chdr
= cancel_work
->request_buf
;
6607 if (chdr
->MessageId
!= hdr
->MessageId
||
6608 cancel_work
== work
)
6612 "smb2 with mid %llu cancelled command = 0x%x\n",
6613 le64_to_cpu(hdr
->MessageId
),
6614 le16_to_cpu(chdr
->Command
));
6618 spin_unlock(&conn
->request_lock
);
6622 cancel_work
->state
= KSMBD_WORK_CANCELLED
;
6623 if (cancel_work
->cancel_fn
)
6624 cancel_work
->cancel_fn(cancel_work
->cancel_argv
);
6627 /* For SMB2_CANCEL command itself send no response*/
6628 work
->send_no_response
= 1;
6632 struct file_lock
*smb_flock_init(struct file
*f
)
6634 struct file_lock
*fl
;
6636 fl
= locks_alloc_lock();
6640 locks_init_lock(fl
);
6643 fl
->fl_pid
= current
->tgid
;
6645 fl
->fl_flags
= FL_POSIX
;
6647 fl
->fl_lmops
= NULL
;
6653 static int smb2_set_flock_flags(struct file_lock
*flock
, int flags
)
6657 /* Checking for wrong flag combination during lock request*/
6659 case SMB2_LOCKFLAG_SHARED
:
6660 ksmbd_debug(SMB
, "received shared request\n");
6662 flock
->fl_type
= F_RDLCK
;
6663 flock
->fl_flags
|= FL_SLEEP
;
6665 case SMB2_LOCKFLAG_EXCLUSIVE
:
6666 ksmbd_debug(SMB
, "received exclusive request\n");
6668 flock
->fl_type
= F_WRLCK
;
6669 flock
->fl_flags
|= FL_SLEEP
;
6671 case SMB2_LOCKFLAG_SHARED
| SMB2_LOCKFLAG_FAIL_IMMEDIATELY
:
6673 "received shared & fail immediately request\n");
6675 flock
->fl_type
= F_RDLCK
;
6677 case SMB2_LOCKFLAG_EXCLUSIVE
| SMB2_LOCKFLAG_FAIL_IMMEDIATELY
:
6679 "received exclusive & fail immediately request\n");
6681 flock
->fl_type
= F_WRLCK
;
6683 case SMB2_LOCKFLAG_UNLOCK
:
6684 ksmbd_debug(SMB
, "received unlock request\n");
6685 flock
->fl_type
= F_UNLCK
;
6693 static struct ksmbd_lock
*smb2_lock_init(struct file_lock
*flock
,
6694 unsigned int cmd
, int flags
,
6695 struct list_head
*lock_list
)
6697 struct ksmbd_lock
*lock
;
6699 lock
= kzalloc(sizeof(struct ksmbd_lock
), GFP_KERNEL
);
6705 lock
->start
= flock
->fl_start
;
6706 lock
->end
= flock
->fl_end
;
6707 lock
->flags
= flags
;
6708 if (lock
->start
== lock
->end
)
6710 INIT_LIST_HEAD(&lock
->clist
);
6711 INIT_LIST_HEAD(&lock
->flist
);
6712 INIT_LIST_HEAD(&lock
->llist
);
6713 list_add_tail(&lock
->llist
, lock_list
);
6718 static void smb2_remove_blocked_lock(void **argv
)
6720 struct file_lock
*flock
= (struct file_lock
*)argv
[0];
6722 ksmbd_vfs_posix_lock_unblock(flock
);
6723 wake_up(&flock
->fl_wait
);
6726 static inline bool lock_defer_pending(struct file_lock
*fl
)
6728 /* check pending lock waiters */
6729 return waitqueue_active(&fl
->fl_wait
);
6733 * smb2_lock() - handler for smb2 file lock command
6734 * @work: smb work containing lock command buffer
6736 * Return: 0 on success, otherwise error
6738 int smb2_lock(struct ksmbd_work
*work
)
6740 struct smb2_lock_req
*req
= work
->request_buf
;
6741 struct smb2_lock_rsp
*rsp
= work
->response_buf
;
6742 struct smb2_lock_element
*lock_ele
;
6743 struct ksmbd_file
*fp
= NULL
;
6744 struct file_lock
*flock
= NULL
;
6745 struct file
*filp
= NULL
;
6749 int err
= -EIO
, i
, rc
= 0;
6750 u64 lock_start
, lock_length
;
6751 struct ksmbd_lock
*smb_lock
= NULL
, *cmp_lock
, *tmp
, *tmp2
;
6752 struct ksmbd_conn
*conn
;
6754 LIST_HEAD(lock_list
);
6755 LIST_HEAD(rollback_list
);
6758 ksmbd_debug(SMB
, "Received lock request\n");
6759 fp
= ksmbd_lookup_fd_slow(work
,
6760 le64_to_cpu(req
->VolatileFileId
),
6761 le64_to_cpu(req
->PersistentFileId
));
6763 ksmbd_debug(SMB
, "Invalid file id for lock : %llu\n",
6764 le64_to_cpu(req
->VolatileFileId
));
6770 lock_count
= le16_to_cpu(req
->LockCount
);
6771 lock_ele
= req
->locks
;
6773 ksmbd_debug(SMB
, "lock count is %d\n", lock_count
);
6779 for (i
= 0; i
< lock_count
; i
++) {
6780 flags
= le32_to_cpu(lock_ele
[i
].Flags
);
6782 flock
= smb_flock_init(filp
);
6786 cmd
= smb2_set_flock_flags(flock
, flags
);
6788 lock_start
= le64_to_cpu(lock_ele
[i
].Offset
);
6789 lock_length
= le64_to_cpu(lock_ele
[i
].Length
);
6790 if (lock_start
> U64_MAX
- lock_length
) {
6791 pr_err("Invalid lock range requested\n");
6792 rsp
->hdr
.Status
= STATUS_INVALID_LOCK_RANGE
;
6796 if (lock_start
> OFFSET_MAX
)
6797 flock
->fl_start
= OFFSET_MAX
;
6799 flock
->fl_start
= lock_start
;
6801 lock_length
= le64_to_cpu(lock_ele
[i
].Length
);
6802 if (lock_length
> OFFSET_MAX
- flock
->fl_start
)
6803 lock_length
= OFFSET_MAX
- flock
->fl_start
;
6805 flock
->fl_end
= flock
->fl_start
+ lock_length
;
6807 if (flock
->fl_end
< flock
->fl_start
) {
6809 "the end offset(%llx) is smaller than the start offset(%llx)\n",
6810 flock
->fl_end
, flock
->fl_start
);
6811 rsp
->hdr
.Status
= STATUS_INVALID_LOCK_RANGE
;
6815 /* Check conflict locks in one request */
6816 list_for_each_entry(cmp_lock
, &lock_list
, llist
) {
6817 if (cmp_lock
->fl
->fl_start
<= flock
->fl_start
&&
6818 cmp_lock
->fl
->fl_end
>= flock
->fl_end
) {
6819 if (cmp_lock
->fl
->fl_type
!= F_UNLCK
&&
6820 flock
->fl_type
!= F_UNLCK
) {
6821 pr_err("conflict two locks in one request\n");
6828 smb_lock
= smb2_lock_init(flock
, cmd
, flags
, &lock_list
);
6835 list_for_each_entry_safe(smb_lock
, tmp
, &lock_list
, llist
) {
6836 if (smb_lock
->cmd
< 0) {
6841 if (!(smb_lock
->flags
& SMB2_LOCKFLAG_MASK
)) {
6846 if ((prior_lock
& (SMB2_LOCKFLAG_EXCLUSIVE
| SMB2_LOCKFLAG_SHARED
) &&
6847 smb_lock
->flags
& SMB2_LOCKFLAG_UNLOCK
) ||
6848 (prior_lock
== SMB2_LOCKFLAG_UNLOCK
&&
6849 !(smb_lock
->flags
& SMB2_LOCKFLAG_UNLOCK
))) {
6854 prior_lock
= smb_lock
->flags
;
6856 if (!(smb_lock
->flags
& SMB2_LOCKFLAG_UNLOCK
) &&
6857 !(smb_lock
->flags
& SMB2_LOCKFLAG_FAIL_IMMEDIATELY
))
6861 /* check locks in connection list */
6862 read_lock(&conn_list_lock
);
6863 list_for_each_entry(conn
, &conn_list
, conns_list
) {
6864 spin_lock(&conn
->llist_lock
);
6865 list_for_each_entry_safe(cmp_lock
, tmp2
, &conn
->lock_list
, clist
) {
6866 if (file_inode(cmp_lock
->fl
->fl_file
) !=
6867 file_inode(smb_lock
->fl
->fl_file
))
6870 if (smb_lock
->fl
->fl_type
== F_UNLCK
) {
6871 if (cmp_lock
->fl
->fl_file
== smb_lock
->fl
->fl_file
&&
6872 cmp_lock
->start
== smb_lock
->start
&&
6873 cmp_lock
->end
== smb_lock
->end
&&
6874 !lock_defer_pending(cmp_lock
->fl
)) {
6876 list_del(&cmp_lock
->flist
);
6877 list_del(&cmp_lock
->clist
);
6878 spin_unlock(&conn
->llist_lock
);
6879 read_unlock(&conn_list_lock
);
6881 locks_free_lock(cmp_lock
->fl
);
6888 if (cmp_lock
->fl
->fl_file
== smb_lock
->fl
->fl_file
) {
6889 if (smb_lock
->flags
& SMB2_LOCKFLAG_SHARED
)
6892 if (cmp_lock
->flags
& SMB2_LOCKFLAG_SHARED
)
6896 /* check zero byte lock range */
6897 if (cmp_lock
->zero_len
&& !smb_lock
->zero_len
&&
6898 cmp_lock
->start
> smb_lock
->start
&&
6899 cmp_lock
->start
< smb_lock
->end
) {
6900 spin_unlock(&conn
->llist_lock
);
6901 read_unlock(&conn_list_lock
);
6902 pr_err("previous lock conflict with zero byte lock range\n");
6906 if (smb_lock
->zero_len
&& !cmp_lock
->zero_len
&&
6907 smb_lock
->start
> cmp_lock
->start
&&
6908 smb_lock
->start
< cmp_lock
->end
) {
6909 spin_unlock(&conn
->llist_lock
);
6910 read_unlock(&conn_list_lock
);
6911 pr_err("current lock conflict with zero byte lock range\n");
6915 if (((cmp_lock
->start
<= smb_lock
->start
&&
6916 cmp_lock
->end
> smb_lock
->start
) ||
6917 (cmp_lock
->start
< smb_lock
->end
&&
6918 cmp_lock
->end
>= smb_lock
->end
)) &&
6919 !cmp_lock
->zero_len
&& !smb_lock
->zero_len
) {
6920 spin_unlock(&conn
->llist_lock
);
6921 read_unlock(&conn_list_lock
);
6922 pr_err("Not allow lock operation on exclusive lock range\n");
6926 spin_unlock(&conn
->llist_lock
);
6928 read_unlock(&conn_list_lock
);
6930 if (smb_lock
->fl
->fl_type
== F_UNLCK
&& nolock
) {
6931 pr_err("Try to unlock nolocked range\n");
6932 rsp
->hdr
.Status
= STATUS_RANGE_NOT_LOCKED
;
6937 if (smb_lock
->zero_len
) {
6942 flock
= smb_lock
->fl
;
6943 list_del(&smb_lock
->llist
);
6945 rc
= vfs_lock_file(filp
, smb_lock
->cmd
, flock
, NULL
);
6947 if (flags
& SMB2_LOCKFLAG_UNLOCK
) {
6949 ksmbd_debug(SMB
, "File unlocked\n");
6950 } else if (rc
== -ENOENT
) {
6951 rsp
->hdr
.Status
= STATUS_NOT_LOCKED
;
6954 locks_free_lock(flock
);
6957 if (rc
== FILE_LOCK_DEFERRED
) {
6961 "would have to wait for getting lock\n");
6962 spin_lock(&work
->conn
->llist_lock
);
6963 list_add_tail(&smb_lock
->clist
,
6964 &work
->conn
->lock_list
);
6965 spin_unlock(&work
->conn
->llist_lock
);
6966 list_add(&smb_lock
->llist
, &rollback_list
);
6968 argv
= kmalloc(sizeof(void *), GFP_KERNEL
);
6975 rc
= setup_async_work(work
,
6976 smb2_remove_blocked_lock
,
6982 spin_lock(&fp
->f_lock
);
6983 list_add(&work
->fp_entry
, &fp
->blocked_works
);
6984 spin_unlock(&fp
->f_lock
);
6986 smb2_send_interim_resp(work
, STATUS_PENDING
);
6988 ksmbd_vfs_posix_lock_wait(flock
);
6990 if (work
->state
!= KSMBD_WORK_ACTIVE
) {
6991 list_del(&smb_lock
->llist
);
6992 spin_lock(&work
->conn
->llist_lock
);
6993 list_del(&smb_lock
->clist
);
6994 spin_unlock(&work
->conn
->llist_lock
);
6995 locks_free_lock(flock
);
6997 if (work
->state
== KSMBD_WORK_CANCELLED
) {
6998 spin_lock(&fp
->f_lock
);
6999 list_del(&work
->fp_entry
);
7000 spin_unlock(&fp
->f_lock
);
7004 smb2_send_interim_resp(work
,
7006 work
->send_no_response
= 1;
7009 init_smb2_rsp_hdr(work
);
7010 smb2_set_err_rsp(work
);
7012 STATUS_RANGE_NOT_LOCKED
;
7017 list_del(&smb_lock
->llist
);
7018 spin_lock(&work
->conn
->llist_lock
);
7019 list_del(&smb_lock
->clist
);
7020 spin_unlock(&work
->conn
->llist_lock
);
7022 spin_lock(&fp
->f_lock
);
7023 list_del(&work
->fp_entry
);
7024 spin_unlock(&fp
->f_lock
);
7027 spin_lock(&work
->conn
->llist_lock
);
7028 list_add_tail(&smb_lock
->clist
,
7029 &work
->conn
->lock_list
);
7030 list_add_tail(&smb_lock
->flist
,
7032 spin_unlock(&work
->conn
->llist_lock
);
7033 list_add(&smb_lock
->llist
, &rollback_list
);
7034 ksmbd_debug(SMB
, "successful in taking lock\n");
7041 if (atomic_read(&fp
->f_ci
->op_count
) > 1)
7042 smb_break_all_oplock(work
, fp
);
7044 rsp
->StructureSize
= cpu_to_le16(4);
7045 ksmbd_debug(SMB
, "successful in taking lock\n");
7046 rsp
->hdr
.Status
= STATUS_SUCCESS
;
7048 inc_rfc1001_len(rsp
, 4);
7049 ksmbd_fd_put(work
, fp
);
7053 list_for_each_entry_safe(smb_lock
, tmp
, &lock_list
, llist
) {
7054 locks_free_lock(smb_lock
->fl
);
7055 list_del(&smb_lock
->llist
);
7059 list_for_each_entry_safe(smb_lock
, tmp
, &rollback_list
, llist
) {
7060 struct file_lock
*rlock
= NULL
;
7062 rlock
= smb_flock_init(filp
);
7063 rlock
->fl_type
= F_UNLCK
;
7064 rlock
->fl_start
= smb_lock
->start
;
7065 rlock
->fl_end
= smb_lock
->end
;
7067 rc
= vfs_lock_file(filp
, 0, rlock
, NULL
);
7069 pr_err("rollback unlock fail : %d\n", rc
);
7071 list_del(&smb_lock
->llist
);
7072 spin_lock(&work
->conn
->llist_lock
);
7073 if (!list_empty(&smb_lock
->flist
))
7074 list_del(&smb_lock
->flist
);
7075 list_del(&smb_lock
->clist
);
7076 spin_unlock(&work
->conn
->llist_lock
);
7078 locks_free_lock(smb_lock
->fl
);
7079 locks_free_lock(rlock
);
7083 ksmbd_debug(SMB
, "failed in taking lock(flags : %x), err : %d\n", flags
, err
);
7085 if (!rsp
->hdr
.Status
) {
7087 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
7088 else if (err
== -ENOMEM
)
7089 rsp
->hdr
.Status
= STATUS_INSUFFICIENT_RESOURCES
;
7090 else if (err
== -ENOENT
)
7091 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
7093 rsp
->hdr
.Status
= STATUS_LOCK_NOT_GRANTED
;
7096 smb2_set_err_rsp(work
);
7097 ksmbd_fd_put(work
, fp
);
7101 static int fsctl_copychunk(struct ksmbd_work
*work
,
7102 struct copychunk_ioctl_req
*ci_req
,
7103 unsigned int cnt_code
,
7104 unsigned int input_count
,
7105 unsigned long long volatile_id
,
7106 unsigned long long persistent_id
,
7107 struct smb2_ioctl_rsp
*rsp
)
7109 struct copychunk_ioctl_rsp
*ci_rsp
;
7110 struct ksmbd_file
*src_fp
= NULL
, *dst_fp
= NULL
;
7111 struct srv_copychunk
*chunks
;
7112 unsigned int i
, chunk_count
, chunk_count_written
= 0;
7113 unsigned int chunk_size_written
= 0;
7114 loff_t total_size_written
= 0;
7117 ci_rsp
= (struct copychunk_ioctl_rsp
*)&rsp
->Buffer
[0];
7119 rsp
->VolatileFileId
= cpu_to_le64(volatile_id
);
7120 rsp
->PersistentFileId
= cpu_to_le64(persistent_id
);
7121 ci_rsp
->ChunksWritten
=
7122 cpu_to_le32(ksmbd_server_side_copy_max_chunk_count());
7123 ci_rsp
->ChunkBytesWritten
=
7124 cpu_to_le32(ksmbd_server_side_copy_max_chunk_size());
7125 ci_rsp
->TotalBytesWritten
=
7126 cpu_to_le32(ksmbd_server_side_copy_max_total_size());
7128 chunks
= (struct srv_copychunk
*)&ci_req
->Chunks
[0];
7129 chunk_count
= le32_to_cpu(ci_req
->ChunkCount
);
7130 if (chunk_count
== 0)
7132 total_size_written
= 0;
7134 /* verify the SRV_COPYCHUNK_COPY packet */
7135 if (chunk_count
> ksmbd_server_side_copy_max_chunk_count() ||
7136 input_count
< offsetof(struct copychunk_ioctl_req
, Chunks
) +
7137 chunk_count
* sizeof(struct srv_copychunk
)) {
7138 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
7142 for (i
= 0; i
< chunk_count
; i
++) {
7143 if (le32_to_cpu(chunks
[i
].Length
) == 0 ||
7144 le32_to_cpu(chunks
[i
].Length
) > ksmbd_server_side_copy_max_chunk_size())
7146 total_size_written
+= le32_to_cpu(chunks
[i
].Length
);
7149 if (i
< chunk_count
||
7150 total_size_written
> ksmbd_server_side_copy_max_total_size()) {
7151 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
7155 src_fp
= ksmbd_lookup_foreign_fd(work
,
7156 le64_to_cpu(ci_req
->ResumeKey
[0]));
7157 dst_fp
= ksmbd_lookup_fd_slow(work
, volatile_id
, persistent_id
);
7160 src_fp
->persistent_id
!= le64_to_cpu(ci_req
->ResumeKey
[1])) {
7161 rsp
->hdr
.Status
= STATUS_OBJECT_NAME_NOT_FOUND
;
7166 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
7171 * FILE_READ_DATA should only be included in
7172 * the FSCTL_COPYCHUNK case
7174 if (cnt_code
== FSCTL_COPYCHUNK
&&
7175 !(dst_fp
->daccess
& (FILE_READ_DATA_LE
| FILE_GENERIC_READ_LE
))) {
7176 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
7180 ret
= ksmbd_vfs_copy_file_ranges(work
, src_fp
, dst_fp
,
7181 chunks
, chunk_count
,
7182 &chunk_count_written
,
7183 &chunk_size_written
,
7184 &total_size_written
);
7187 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
7189 rsp
->hdr
.Status
= STATUS_FILE_LOCK_CONFLICT
;
7190 else if (ret
== -EBADF
)
7191 rsp
->hdr
.Status
= STATUS_INVALID_HANDLE
;
7192 else if (ret
== -EFBIG
|| ret
== -ENOSPC
)
7193 rsp
->hdr
.Status
= STATUS_DISK_FULL
;
7194 else if (ret
== -EINVAL
)
7195 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
7196 else if (ret
== -EISDIR
)
7197 rsp
->hdr
.Status
= STATUS_FILE_IS_A_DIRECTORY
;
7198 else if (ret
== -E2BIG
)
7199 rsp
->hdr
.Status
= STATUS_INVALID_VIEW_SIZE
;
7201 rsp
->hdr
.Status
= STATUS_UNEXPECTED_IO_ERROR
;
7204 ci_rsp
->ChunksWritten
= cpu_to_le32(chunk_count_written
);
7205 ci_rsp
->ChunkBytesWritten
= cpu_to_le32(chunk_size_written
);
7206 ci_rsp
->TotalBytesWritten
= cpu_to_le32(total_size_written
);
7208 ksmbd_fd_put(work
, src_fp
);
7209 ksmbd_fd_put(work
, dst_fp
);
7213 static __be32
idev_ipv4_address(struct in_device
*idev
)
7217 struct in_ifaddr
*ifa
;
7220 in_dev_for_each_ifa_rcu(ifa
, idev
) {
7221 if (ifa
->ifa_flags
& IFA_F_SECONDARY
)
7224 addr
= ifa
->ifa_address
;
7231 static int fsctl_query_iface_info_ioctl(struct ksmbd_conn
*conn
,
7232 struct smb2_ioctl_rsp
*rsp
,
7233 unsigned int out_buf_len
)
7235 struct network_interface_info_ioctl_rsp
*nii_rsp
= NULL
;
7237 struct net_device
*netdev
;
7238 struct sockaddr_storage_rsp
*sockaddr_storage
;
7240 unsigned long long speed
;
7241 struct sockaddr_in6
*csin6
= (struct sockaddr_in6
*)&conn
->peer_addr
;
7244 for_each_netdev(&init_net
, netdev
) {
7246 nbytes
+ sizeof(struct network_interface_info_ioctl_rsp
)) {
7251 if (netdev
->type
== ARPHRD_LOOPBACK
)
7254 flags
= dev_get_flags(netdev
);
7255 if (!(flags
& IFF_RUNNING
))
7258 nii_rsp
= (struct network_interface_info_ioctl_rsp
*)
7259 &rsp
->Buffer
[nbytes
];
7260 nii_rsp
->IfIndex
= cpu_to_le32(netdev
->ifindex
);
7262 nii_rsp
->Capability
= 0;
7263 if (ksmbd_rdma_capable_netdev(netdev
))
7264 nii_rsp
->Capability
|= cpu_to_le32(RDMA_CAPABLE
);
7266 nii_rsp
->Next
= cpu_to_le32(152);
7267 nii_rsp
->Reserved
= 0;
7269 if (netdev
->ethtool_ops
->get_link_ksettings
) {
7270 struct ethtool_link_ksettings cmd
;
7272 netdev
->ethtool_ops
->get_link_ksettings(netdev
, &cmd
);
7273 speed
= cmd
.base
.speed
;
7275 ksmbd_debug(SMB
, "%s %s\n", netdev
->name
,
7276 "speed is unknown, defaulting to 1Gb/sec");
7281 nii_rsp
->LinkSpeed
= cpu_to_le64(speed
);
7283 sockaddr_storage
= (struct sockaddr_storage_rsp
*)
7284 nii_rsp
->SockAddr_Storage
;
7285 memset(sockaddr_storage
, 0, 128);
7287 if (conn
->peer_addr
.ss_family
== PF_INET
||
7288 ipv6_addr_v4mapped(&csin6
->sin6_addr
)) {
7289 struct in_device
*idev
;
7291 sockaddr_storage
->Family
= cpu_to_le16(INTERNETWORK
);
7292 sockaddr_storage
->addr4
.Port
= 0;
7294 idev
= __in_dev_get_rtnl(netdev
);
7297 sockaddr_storage
->addr4
.IPv4address
=
7298 idev_ipv4_address(idev
);
7300 struct inet6_dev
*idev6
;
7301 struct inet6_ifaddr
*ifa
;
7302 __u8
*ipv6_addr
= sockaddr_storage
->addr6
.IPv6address
;
7304 sockaddr_storage
->Family
= cpu_to_le16(INTERNETWORKV6
);
7305 sockaddr_storage
->addr6
.Port
= 0;
7306 sockaddr_storage
->addr6
.FlowInfo
= 0;
7308 idev6
= __in6_dev_get(netdev
);
7312 list_for_each_entry(ifa
, &idev6
->addr_list
, if_list
) {
7313 if (ifa
->flags
& (IFA_F_TENTATIVE
|
7316 memcpy(ipv6_addr
, ifa
->addr
.s6_addr
, 16);
7319 sockaddr_storage
->addr6
.ScopeId
= 0;
7322 nbytes
+= sizeof(struct network_interface_info_ioctl_rsp
);
7326 /* zero if this is last one */
7330 rsp
->PersistentFileId
= cpu_to_le64(SMB2_NO_FID
);
7331 rsp
->VolatileFileId
= cpu_to_le64(SMB2_NO_FID
);
7335 static int fsctl_validate_negotiate_info(struct ksmbd_conn
*conn
,
7336 struct validate_negotiate_info_req
*neg_req
,
7337 struct validate_negotiate_info_rsp
*neg_rsp
,
7338 unsigned int in_buf_len
)
7343 if (in_buf_len
< offsetof(struct validate_negotiate_info_req
, Dialects
) +
7344 le16_to_cpu(neg_req
->DialectCount
) * sizeof(__le16
))
7347 dialect
= ksmbd_lookup_dialect_by_id(neg_req
->Dialects
,
7348 neg_req
->DialectCount
);
7349 if (dialect
== BAD_PROT_ID
|| dialect
!= conn
->dialect
) {
7354 if (strncmp(neg_req
->Guid
, conn
->ClientGUID
, SMB2_CLIENT_GUID_SIZE
)) {
7359 if (le16_to_cpu(neg_req
->SecurityMode
) != conn
->cli_sec_mode
) {
7364 if (le32_to_cpu(neg_req
->Capabilities
) != conn
->cli_cap
) {
7369 neg_rsp
->Capabilities
= cpu_to_le32(conn
->vals
->capabilities
);
7370 memset(neg_rsp
->Guid
, 0, SMB2_CLIENT_GUID_SIZE
);
7371 neg_rsp
->SecurityMode
= cpu_to_le16(conn
->srv_sec_mode
);
7372 neg_rsp
->Dialect
= cpu_to_le16(conn
->dialect
);
7377 static int fsctl_query_allocated_ranges(struct ksmbd_work
*work
, u64 id
,
7378 struct file_allocated_range_buffer
*qar_req
,
7379 struct file_allocated_range_buffer
*qar_rsp
,
7380 unsigned int in_count
, unsigned int *out_count
)
7382 struct ksmbd_file
*fp
;
7383 loff_t start
, length
;
7390 fp
= ksmbd_lookup_fd_fast(work
, id
);
7394 start
= le64_to_cpu(qar_req
->file_offset
);
7395 length
= le64_to_cpu(qar_req
->length
);
7397 ret
= ksmbd_vfs_fqar_lseek(fp
, start
, length
,
7398 qar_rsp
, in_count
, out_count
);
7399 if (ret
&& ret
!= -E2BIG
)
7402 ksmbd_fd_put(work
, fp
);
7406 static int fsctl_pipe_transceive(struct ksmbd_work
*work
, u64 id
,
7407 unsigned int out_buf_len
,
7408 struct smb2_ioctl_req
*req
,
7409 struct smb2_ioctl_rsp
*rsp
)
7411 struct ksmbd_rpc_command
*rpc_resp
;
7412 char *data_buf
= (char *)&req
->Buffer
[0];
7415 rpc_resp
= ksmbd_rpc_ioctl(work
->sess
, id
, data_buf
,
7416 le32_to_cpu(req
->InputCount
));
7418 if (rpc_resp
->flags
== KSMBD_RPC_SOME_NOT_MAPPED
) {
7420 * set STATUS_SOME_NOT_MAPPED response
7421 * for unknown domain sid.
7423 rsp
->hdr
.Status
= STATUS_SOME_NOT_MAPPED
;
7424 } else if (rpc_resp
->flags
== KSMBD_RPC_ENOTIMPLEMENTED
) {
7425 rsp
->hdr
.Status
= STATUS_NOT_SUPPORTED
;
7427 } else if (rpc_resp
->flags
!= KSMBD_RPC_OK
) {
7428 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
7432 nbytes
= rpc_resp
->payload_sz
;
7433 if (rpc_resp
->payload_sz
> out_buf_len
) {
7434 rsp
->hdr
.Status
= STATUS_BUFFER_OVERFLOW
;
7435 nbytes
= out_buf_len
;
7438 if (!rpc_resp
->payload_sz
) {
7440 STATUS_UNEXPECTED_IO_ERROR
;
7444 memcpy((char *)rsp
->Buffer
, rpc_resp
->payload
, nbytes
);
7451 static inline int fsctl_set_sparse(struct ksmbd_work
*work
, u64 id
,
7452 struct file_sparse
*sparse
)
7454 struct ksmbd_file
*fp
;
7455 struct user_namespace
*user_ns
;
7459 fp
= ksmbd_lookup_fd_fast(work
, id
);
7462 user_ns
= file_mnt_user_ns(fp
->filp
);
7464 old_fattr
= fp
->f_ci
->m_fattr
;
7465 if (sparse
->SetSparse
)
7466 fp
->f_ci
->m_fattr
|= ATTR_SPARSE_FILE_LE
;
7468 fp
->f_ci
->m_fattr
&= ~ATTR_SPARSE_FILE_LE
;
7470 if (fp
->f_ci
->m_fattr
!= old_fattr
&&
7471 test_share_config_flag(work
->tcon
->share_conf
,
7472 KSMBD_SHARE_FLAG_STORE_DOS_ATTRS
)) {
7473 struct xattr_dos_attrib da
;
7475 ret
= ksmbd_vfs_get_dos_attrib_xattr(user_ns
,
7476 fp
->filp
->f_path
.dentry
, &da
);
7480 da
.attr
= le32_to_cpu(fp
->f_ci
->m_fattr
);
7481 ret
= ksmbd_vfs_set_dos_attrib_xattr(user_ns
,
7482 fp
->filp
->f_path
.dentry
, &da
);
7484 fp
->f_ci
->m_fattr
= old_fattr
;
7488 ksmbd_fd_put(work
, fp
);
7492 static int fsctl_request_resume_key(struct ksmbd_work
*work
,
7493 struct smb2_ioctl_req
*req
,
7494 struct resume_key_ioctl_rsp
*key_rsp
)
7496 struct ksmbd_file
*fp
;
7498 fp
= ksmbd_lookup_fd_slow(work
,
7499 le64_to_cpu(req
->VolatileFileId
),
7500 le64_to_cpu(req
->PersistentFileId
));
7504 memset(key_rsp
, 0, sizeof(*key_rsp
));
7505 key_rsp
->ResumeKey
[0] = req
->VolatileFileId
;
7506 key_rsp
->ResumeKey
[1] = req
->PersistentFileId
;
7507 ksmbd_fd_put(work
, fp
);
7513 * smb2_ioctl() - handler for smb2 ioctl command
7514 * @work: smb work containing ioctl command buffer
7516 * Return: 0 on success, otherwise error
7518 int smb2_ioctl(struct ksmbd_work
*work
)
7520 struct smb2_ioctl_req
*req
;
7521 struct smb2_ioctl_rsp
*rsp
, *rsp_org
;
7522 unsigned int cnt_code
, nbytes
= 0, out_buf_len
, in_buf_len
;
7523 u64 id
= KSMBD_NO_FID
;
7524 struct ksmbd_conn
*conn
= work
->conn
;
7527 rsp_org
= work
->response_buf
;
7528 if (work
->next_smb2_rcv_hdr_off
) {
7529 req
= ksmbd_req_buf_next(work
);
7530 rsp
= ksmbd_resp_buf_next(work
);
7531 if (!has_file_id(le64_to_cpu(req
->VolatileFileId
))) {
7532 ksmbd_debug(SMB
, "Compound request set FID = %llu\n",
7533 work
->compound_fid
);
7534 id
= work
->compound_fid
;
7537 req
= work
->request_buf
;
7538 rsp
= work
->response_buf
;
7541 if (!has_file_id(id
))
7542 id
= le64_to_cpu(req
->VolatileFileId
);
7544 if (req
->Flags
!= cpu_to_le32(SMB2_0_IOCTL_IS_FSCTL
)) {
7545 rsp
->hdr
.Status
= STATUS_NOT_SUPPORTED
;
7549 cnt_code
= le32_to_cpu(req
->CntCode
);
7550 ret
= smb2_calc_max_out_buf_len(work
, 48,
7551 le32_to_cpu(req
->MaxOutputResponse
));
7553 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
7556 out_buf_len
= (unsigned int)ret
;
7557 in_buf_len
= le32_to_cpu(req
->InputCount
);
7560 case FSCTL_DFS_GET_REFERRALS
:
7561 case FSCTL_DFS_GET_REFERRALS_EX
:
7562 /* Not support DFS yet */
7563 rsp
->hdr
.Status
= STATUS_FS_DRIVER_REQUIRED
;
7565 case FSCTL_CREATE_OR_GET_OBJECT_ID
:
7567 struct file_object_buf_type1_ioctl_rsp
*obj_buf
;
7569 nbytes
= sizeof(struct file_object_buf_type1_ioctl_rsp
);
7570 obj_buf
= (struct file_object_buf_type1_ioctl_rsp
*)
7574 * TODO: This is dummy implementation to pass smbtorture
7575 * Need to check correct response later
7577 memset(obj_buf
->ObjectId
, 0x0, 16);
7578 memset(obj_buf
->BirthVolumeId
, 0x0, 16);
7579 memset(obj_buf
->BirthObjectId
, 0x0, 16);
7580 memset(obj_buf
->DomainId
, 0x0, 16);
7584 case FSCTL_PIPE_TRANSCEIVE
:
7585 out_buf_len
= min_t(u32
, KSMBD_IPC_MAX_PAYLOAD
, out_buf_len
);
7586 nbytes
= fsctl_pipe_transceive(work
, id
, out_buf_len
, req
, rsp
);
7588 case FSCTL_VALIDATE_NEGOTIATE_INFO
:
7589 if (conn
->dialect
< SMB30_PROT_ID
) {
7594 if (in_buf_len
< sizeof(struct validate_negotiate_info_req
))
7597 if (out_buf_len
< sizeof(struct validate_negotiate_info_rsp
))
7600 ret
= fsctl_validate_negotiate_info(conn
,
7601 (struct validate_negotiate_info_req
*)&req
->Buffer
[0],
7602 (struct validate_negotiate_info_rsp
*)&rsp
->Buffer
[0],
7607 nbytes
= sizeof(struct validate_negotiate_info_rsp
);
7608 rsp
->PersistentFileId
= cpu_to_le64(SMB2_NO_FID
);
7609 rsp
->VolatileFileId
= cpu_to_le64(SMB2_NO_FID
);
7611 case FSCTL_QUERY_NETWORK_INTERFACE_INFO
:
7612 ret
= fsctl_query_iface_info_ioctl(conn
, rsp
, out_buf_len
);
7617 case FSCTL_REQUEST_RESUME_KEY
:
7618 if (out_buf_len
< sizeof(struct resume_key_ioctl_rsp
)) {
7623 ret
= fsctl_request_resume_key(work
, req
,
7624 (struct resume_key_ioctl_rsp
*)&rsp
->Buffer
[0]);
7627 rsp
->PersistentFileId
= req
->PersistentFileId
;
7628 rsp
->VolatileFileId
= req
->VolatileFileId
;
7629 nbytes
= sizeof(struct resume_key_ioctl_rsp
);
7631 case FSCTL_COPYCHUNK
:
7632 case FSCTL_COPYCHUNK_WRITE
:
7633 if (!test_tree_conn_flag(work
->tcon
, KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
7635 "User does not have write permission\n");
7640 if (in_buf_len
< sizeof(struct copychunk_ioctl_req
)) {
7645 if (out_buf_len
< sizeof(struct copychunk_ioctl_rsp
)) {
7650 nbytes
= sizeof(struct copychunk_ioctl_rsp
);
7651 rsp
->VolatileFileId
= req
->VolatileFileId
;
7652 rsp
->PersistentFileId
= req
->PersistentFileId
;
7653 fsctl_copychunk(work
,
7654 (struct copychunk_ioctl_req
*)&req
->Buffer
[0],
7655 le32_to_cpu(req
->CntCode
),
7656 le32_to_cpu(req
->InputCount
),
7657 le64_to_cpu(req
->VolatileFileId
),
7658 le64_to_cpu(req
->PersistentFileId
),
7661 case FSCTL_SET_SPARSE
:
7662 if (in_buf_len
< sizeof(struct file_sparse
)) {
7667 ret
= fsctl_set_sparse(work
, id
,
7668 (struct file_sparse
*)&req
->Buffer
[0]);
7672 case FSCTL_SET_ZERO_DATA
:
7674 struct file_zero_data_information
*zero_data
;
7675 struct ksmbd_file
*fp
;
7678 if (!test_tree_conn_flag(work
->tcon
, KSMBD_TREE_CONN_FLAG_WRITABLE
)) {
7680 "User does not have write permission\n");
7685 if (in_buf_len
< sizeof(struct file_zero_data_information
)) {
7691 (struct file_zero_data_information
*)&req
->Buffer
[0];
7693 fp
= ksmbd_lookup_fd_fast(work
, id
);
7699 off
= le64_to_cpu(zero_data
->FileOffset
);
7700 len
= le64_to_cpu(zero_data
->BeyondFinalZero
) - off
;
7702 ret
= ksmbd_vfs_zero_data(work
, fp
, off
, len
);
7703 ksmbd_fd_put(work
, fp
);
7708 case FSCTL_QUERY_ALLOCATED_RANGES
:
7709 if (in_buf_len
< sizeof(struct file_allocated_range_buffer
)) {
7714 ret
= fsctl_query_allocated_ranges(work
, id
,
7715 (struct file_allocated_range_buffer
*)&req
->Buffer
[0],
7716 (struct file_allocated_range_buffer
*)&rsp
->Buffer
[0],
7718 sizeof(struct file_allocated_range_buffer
), &nbytes
);
7719 if (ret
== -E2BIG
) {
7720 rsp
->hdr
.Status
= STATUS_BUFFER_OVERFLOW
;
7721 } else if (ret
< 0) {
7726 nbytes
*= sizeof(struct file_allocated_range_buffer
);
7728 case FSCTL_GET_REPARSE_POINT
:
7730 struct reparse_data_buffer
*reparse_ptr
;
7731 struct ksmbd_file
*fp
;
7733 reparse_ptr
= (struct reparse_data_buffer
*)&rsp
->Buffer
[0];
7734 fp
= ksmbd_lookup_fd_fast(work
, id
);
7736 pr_err("not found fp!!\n");
7741 reparse_ptr
->ReparseTag
=
7742 smb2_get_reparse_tag_special_file(file_inode(fp
->filp
)->i_mode
);
7743 reparse_ptr
->ReparseDataLength
= 0;
7744 ksmbd_fd_put(work
, fp
);
7745 nbytes
= sizeof(struct reparse_data_buffer
);
7748 case FSCTL_DUPLICATE_EXTENTS_TO_FILE
:
7750 struct ksmbd_file
*fp_in
, *fp_out
= NULL
;
7751 struct duplicate_extents_to_file
*dup_ext
;
7752 loff_t src_off
, dst_off
, length
, cloned
;
7754 if (in_buf_len
< sizeof(struct duplicate_extents_to_file
)) {
7759 dup_ext
= (struct duplicate_extents_to_file
*)&req
->Buffer
[0];
7761 fp_in
= ksmbd_lookup_fd_slow(work
, dup_ext
->VolatileFileHandle
,
7762 dup_ext
->PersistentFileHandle
);
7764 pr_err("not found file handle in duplicate extent to file\n");
7769 fp_out
= ksmbd_lookup_fd_fast(work
, id
);
7771 pr_err("not found fp\n");
7776 src_off
= le64_to_cpu(dup_ext
->SourceFileOffset
);
7777 dst_off
= le64_to_cpu(dup_ext
->TargetFileOffset
);
7778 length
= le64_to_cpu(dup_ext
->ByteCount
);
7779 cloned
= vfs_clone_file_range(fp_in
->filp
, src_off
, fp_out
->filp
,
7780 dst_off
, length
, 0);
7781 if (cloned
== -EXDEV
|| cloned
== -EOPNOTSUPP
) {
7784 } else if (cloned
!= length
) {
7785 cloned
= vfs_copy_file_range(fp_in
->filp
, src_off
,
7786 fp_out
->filp
, dst_off
, length
, 0);
7787 if (cloned
!= length
) {
7796 ksmbd_fd_put(work
, fp_in
);
7797 ksmbd_fd_put(work
, fp_out
);
7803 ksmbd_debug(SMB
, "not implemented yet ioctl command 0x%x\n",
7809 rsp
->CntCode
= cpu_to_le32(cnt_code
);
7810 rsp
->InputCount
= cpu_to_le32(0);
7811 rsp
->InputOffset
= cpu_to_le32(112);
7812 rsp
->OutputOffset
= cpu_to_le32(112);
7813 rsp
->OutputCount
= cpu_to_le32(nbytes
);
7814 rsp
->StructureSize
= cpu_to_le16(49);
7815 rsp
->Reserved
= cpu_to_le16(0);
7816 rsp
->Flags
= cpu_to_le32(0);
7817 rsp
->Reserved2
= cpu_to_le32(0);
7818 inc_rfc1001_len(rsp_org
, 48 + nbytes
);
7824 rsp
->hdr
.Status
= STATUS_ACCESS_DENIED
;
7825 else if (ret
== -ENOENT
)
7826 rsp
->hdr
.Status
= STATUS_OBJECT_NAME_NOT_FOUND
;
7827 else if (ret
== -EOPNOTSUPP
)
7828 rsp
->hdr
.Status
= STATUS_NOT_SUPPORTED
;
7829 else if (ret
== -ENOSPC
)
7830 rsp
->hdr
.Status
= STATUS_BUFFER_TOO_SMALL
;
7831 else if (ret
< 0 || rsp
->hdr
.Status
== 0)
7832 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
7833 smb2_set_err_rsp(work
);
7838 * smb20_oplock_break_ack() - handler for smb2.0 oplock break command
7839 * @work: smb work containing oplock break command buffer
7843 static void smb20_oplock_break_ack(struct ksmbd_work
*work
)
7845 struct smb2_oplock_break
*req
= work
->request_buf
;
7846 struct smb2_oplock_break
*rsp
= work
->response_buf
;
7847 struct ksmbd_file
*fp
;
7848 struct oplock_info
*opinfo
= NULL
;
7851 u64 volatile_id
, persistent_id
;
7852 char req_oplevel
= 0, rsp_oplevel
= 0;
7853 unsigned int oplock_change_type
;
7855 volatile_id
= le64_to_cpu(req
->VolatileFid
);
7856 persistent_id
= le64_to_cpu(req
->PersistentFid
);
7857 req_oplevel
= req
->OplockLevel
;
7858 ksmbd_debug(OPLOCK
, "v_id %llu, p_id %llu request oplock level %d\n",
7859 volatile_id
, persistent_id
, req_oplevel
);
7861 fp
= ksmbd_lookup_fd_slow(work
, volatile_id
, persistent_id
);
7863 rsp
->hdr
.Status
= STATUS_FILE_CLOSED
;
7864 smb2_set_err_rsp(work
);
7868 opinfo
= opinfo_get(fp
);
7870 pr_err("unexpected null oplock_info\n");
7871 rsp
->hdr
.Status
= STATUS_INVALID_OPLOCK_PROTOCOL
;
7872 smb2_set_err_rsp(work
);
7873 ksmbd_fd_put(work
, fp
);
7877 if (opinfo
->level
== SMB2_OPLOCK_LEVEL_NONE
) {
7878 rsp
->hdr
.Status
= STATUS_INVALID_OPLOCK_PROTOCOL
;
7882 if (opinfo
->op_state
== OPLOCK_STATE_NONE
) {
7883 ksmbd_debug(SMB
, "unexpected oplock state 0x%x\n", opinfo
->op_state
);
7884 rsp
->hdr
.Status
= STATUS_UNSUCCESSFUL
;
7888 if ((opinfo
->level
== SMB2_OPLOCK_LEVEL_EXCLUSIVE
||
7889 opinfo
->level
== SMB2_OPLOCK_LEVEL_BATCH
) &&
7890 (req_oplevel
!= SMB2_OPLOCK_LEVEL_II
&&
7891 req_oplevel
!= SMB2_OPLOCK_LEVEL_NONE
)) {
7892 err
= STATUS_INVALID_OPLOCK_PROTOCOL
;
7893 oplock_change_type
= OPLOCK_WRITE_TO_NONE
;
7894 } else if (opinfo
->level
== SMB2_OPLOCK_LEVEL_II
&&
7895 req_oplevel
!= SMB2_OPLOCK_LEVEL_NONE
) {
7896 err
= STATUS_INVALID_OPLOCK_PROTOCOL
;
7897 oplock_change_type
= OPLOCK_READ_TO_NONE
;
7898 } else if (req_oplevel
== SMB2_OPLOCK_LEVEL_II
||
7899 req_oplevel
== SMB2_OPLOCK_LEVEL_NONE
) {
7900 err
= STATUS_INVALID_DEVICE_STATE
;
7901 if ((opinfo
->level
== SMB2_OPLOCK_LEVEL_EXCLUSIVE
||
7902 opinfo
->level
== SMB2_OPLOCK_LEVEL_BATCH
) &&
7903 req_oplevel
== SMB2_OPLOCK_LEVEL_II
) {
7904 oplock_change_type
= OPLOCK_WRITE_TO_READ
;
7905 } else if ((opinfo
->level
== SMB2_OPLOCK_LEVEL_EXCLUSIVE
||
7906 opinfo
->level
== SMB2_OPLOCK_LEVEL_BATCH
) &&
7907 req_oplevel
== SMB2_OPLOCK_LEVEL_NONE
) {
7908 oplock_change_type
= OPLOCK_WRITE_TO_NONE
;
7909 } else if (opinfo
->level
== SMB2_OPLOCK_LEVEL_II
&&
7910 req_oplevel
== SMB2_OPLOCK_LEVEL_NONE
) {
7911 oplock_change_type
= OPLOCK_READ_TO_NONE
;
7913 oplock_change_type
= 0;
7916 oplock_change_type
= 0;
7919 switch (oplock_change_type
) {
7920 case OPLOCK_WRITE_TO_READ
:
7921 ret
= opinfo_write_to_read(opinfo
);
7922 rsp_oplevel
= SMB2_OPLOCK_LEVEL_II
;
7924 case OPLOCK_WRITE_TO_NONE
:
7925 ret
= opinfo_write_to_none(opinfo
);
7926 rsp_oplevel
= SMB2_OPLOCK_LEVEL_NONE
;
7928 case OPLOCK_READ_TO_NONE
:
7929 ret
= opinfo_read_to_none(opinfo
);
7930 rsp_oplevel
= SMB2_OPLOCK_LEVEL_NONE
;
7933 pr_err("unknown oplock change 0x%x -> 0x%x\n",
7934 opinfo
->level
, rsp_oplevel
);
7938 rsp
->hdr
.Status
= err
;
7943 ksmbd_fd_put(work
, fp
);
7944 opinfo
->op_state
= OPLOCK_STATE_NONE
;
7945 wake_up_interruptible_all(&opinfo
->oplock_q
);
7947 rsp
->StructureSize
= cpu_to_le16(24);
7948 rsp
->OplockLevel
= rsp_oplevel
;
7951 rsp
->VolatileFid
= cpu_to_le64(volatile_id
);
7952 rsp
->PersistentFid
= cpu_to_le64(persistent_id
);
7953 inc_rfc1001_len(rsp
, 24);
7957 opinfo
->op_state
= OPLOCK_STATE_NONE
;
7958 wake_up_interruptible_all(&opinfo
->oplock_q
);
7961 ksmbd_fd_put(work
, fp
);
7962 smb2_set_err_rsp(work
);
7965 static int check_lease_state(struct lease
*lease
, __le32 req_state
)
7967 if ((lease
->new_state
==
7968 (SMB2_LEASE_READ_CACHING_LE
| SMB2_LEASE_HANDLE_CACHING_LE
)) &&
7969 !(req_state
& SMB2_LEASE_WRITE_CACHING_LE
)) {
7970 lease
->new_state
= req_state
;
7974 if (lease
->new_state
== req_state
)
7981 * smb21_lease_break_ack() - handler for smb2.1 lease break command
7982 * @work: smb work containing lease break command buffer
7986 static void smb21_lease_break_ack(struct ksmbd_work
*work
)
7988 struct ksmbd_conn
*conn
= work
->conn
;
7989 struct smb2_lease_ack
*req
= work
->request_buf
;
7990 struct smb2_lease_ack
*rsp
= work
->response_buf
;
7991 struct oplock_info
*opinfo
;
7994 unsigned int lease_change_type
;
7996 struct lease
*lease
;
7998 ksmbd_debug(OPLOCK
, "smb21 lease break, lease state(0x%x)\n",
7999 le32_to_cpu(req
->LeaseState
));
8000 opinfo
= lookup_lease_in_table(conn
, req
->LeaseKey
);
8002 ksmbd_debug(OPLOCK
, "file not opened\n");
8003 smb2_set_err_rsp(work
);
8004 rsp
->hdr
.Status
= STATUS_UNSUCCESSFUL
;
8007 lease
= opinfo
->o_lease
;
8009 if (opinfo
->op_state
== OPLOCK_STATE_NONE
) {
8010 pr_err("unexpected lease break state 0x%x\n",
8012 rsp
->hdr
.Status
= STATUS_UNSUCCESSFUL
;
8016 if (check_lease_state(lease
, req
->LeaseState
)) {
8017 rsp
->hdr
.Status
= STATUS_REQUEST_NOT_ACCEPTED
;
8019 "req lease state: 0x%x, expected state: 0x%x\n",
8020 req
->LeaseState
, lease
->new_state
);
8024 if (!atomic_read(&opinfo
->breaking_cnt
)) {
8025 rsp
->hdr
.Status
= STATUS_UNSUCCESSFUL
;
8029 /* check for bad lease state */
8030 if (req
->LeaseState
&
8031 (~(SMB2_LEASE_READ_CACHING_LE
| SMB2_LEASE_HANDLE_CACHING_LE
))) {
8032 err
= STATUS_INVALID_OPLOCK_PROTOCOL
;
8033 if (lease
->state
& SMB2_LEASE_WRITE_CACHING_LE
)
8034 lease_change_type
= OPLOCK_WRITE_TO_NONE
;
8036 lease_change_type
= OPLOCK_READ_TO_NONE
;
8037 ksmbd_debug(OPLOCK
, "handle bad lease state 0x%x -> 0x%x\n",
8038 le32_to_cpu(lease
->state
),
8039 le32_to_cpu(req
->LeaseState
));
8040 } else if (lease
->state
== SMB2_LEASE_READ_CACHING_LE
&&
8041 req
->LeaseState
!= SMB2_LEASE_NONE_LE
) {
8042 err
= STATUS_INVALID_OPLOCK_PROTOCOL
;
8043 lease_change_type
= OPLOCK_READ_TO_NONE
;
8044 ksmbd_debug(OPLOCK
, "handle bad lease state 0x%x -> 0x%x\n",
8045 le32_to_cpu(lease
->state
),
8046 le32_to_cpu(req
->LeaseState
));
8048 /* valid lease state changes */
8049 err
= STATUS_INVALID_DEVICE_STATE
;
8050 if (req
->LeaseState
== SMB2_LEASE_NONE_LE
) {
8051 if (lease
->state
& SMB2_LEASE_WRITE_CACHING_LE
)
8052 lease_change_type
= OPLOCK_WRITE_TO_NONE
;
8054 lease_change_type
= OPLOCK_READ_TO_NONE
;
8055 } else if (req
->LeaseState
& SMB2_LEASE_READ_CACHING_LE
) {
8056 if (lease
->state
& SMB2_LEASE_WRITE_CACHING_LE
)
8057 lease_change_type
= OPLOCK_WRITE_TO_READ
;
8059 lease_change_type
= OPLOCK_READ_HANDLE_TO_READ
;
8061 lease_change_type
= 0;
8065 switch (lease_change_type
) {
8066 case OPLOCK_WRITE_TO_READ
:
8067 ret
= opinfo_write_to_read(opinfo
);
8069 case OPLOCK_READ_HANDLE_TO_READ
:
8070 ret
= opinfo_read_handle_to_read(opinfo
);
8072 case OPLOCK_WRITE_TO_NONE
:
8073 ret
= opinfo_write_to_none(opinfo
);
8075 case OPLOCK_READ_TO_NONE
:
8076 ret
= opinfo_read_to_none(opinfo
);
8079 ksmbd_debug(OPLOCK
, "unknown lease change 0x%x -> 0x%x\n",
8080 le32_to_cpu(lease
->state
),
8081 le32_to_cpu(req
->LeaseState
));
8084 lease_state
= lease
->state
;
8085 opinfo
->op_state
= OPLOCK_STATE_NONE
;
8086 wake_up_interruptible_all(&opinfo
->oplock_q
);
8087 atomic_dec(&opinfo
->breaking_cnt
);
8088 wake_up_interruptible_all(&opinfo
->oplock_brk
);
8092 rsp
->hdr
.Status
= err
;
8096 rsp
->StructureSize
= cpu_to_le16(36);
8099 memcpy(rsp
->LeaseKey
, req
->LeaseKey
, 16);
8100 rsp
->LeaseState
= lease_state
;
8101 rsp
->LeaseDuration
= 0;
8102 inc_rfc1001_len(rsp
, 36);
8106 opinfo
->op_state
= OPLOCK_STATE_NONE
;
8107 wake_up_interruptible_all(&opinfo
->oplock_q
);
8108 atomic_dec(&opinfo
->breaking_cnt
);
8109 wake_up_interruptible_all(&opinfo
->oplock_brk
);
8112 smb2_set_err_rsp(work
);
8116 * smb2_oplock_break() - dispatcher for smb2.0 and 2.1 oplock/lease break
8117 * @work: smb work containing oplock/lease break command buffer
8121 int smb2_oplock_break(struct ksmbd_work
*work
)
8123 struct smb2_oplock_break
*req
= work
->request_buf
;
8124 struct smb2_oplock_break
*rsp
= work
->response_buf
;
8126 switch (le16_to_cpu(req
->StructureSize
)) {
8127 case OP_BREAK_STRUCT_SIZE_20
:
8128 smb20_oplock_break_ack(work
);
8130 case OP_BREAK_STRUCT_SIZE_21
:
8131 smb21_lease_break_ack(work
);
8134 ksmbd_debug(OPLOCK
, "invalid break cmd %d\n",
8135 le16_to_cpu(req
->StructureSize
));
8136 rsp
->hdr
.Status
= STATUS_INVALID_PARAMETER
;
8137 smb2_set_err_rsp(work
);
8144 * smb2_notify() - handler for smb2 notify request
8145 * @work: smb work containing notify command buffer
8149 int smb2_notify(struct ksmbd_work
*work
)
8151 struct smb2_notify_req
*req
;
8152 struct smb2_notify_rsp
*rsp
;
8154 WORK_BUFFERS(work
, req
, rsp
);
8156 if (work
->next_smb2_rcv_hdr_off
&& req
->hdr
.NextCommand
) {
8157 rsp
->hdr
.Status
= STATUS_INTERNAL_ERROR
;
8158 smb2_set_err_rsp(work
);
8162 smb2_set_err_rsp(work
);
8163 rsp
->hdr
.Status
= STATUS_NOT_IMPLEMENTED
;
8168 * smb2_is_sign_req() - handler for checking packet signing status
8169 * @work: smb work containing notify command buffer
8170 * @command: SMB2 command id
8172 * Return: true if packed is signed, false otherwise
8174 bool smb2_is_sign_req(struct ksmbd_work
*work
, unsigned int command
)
8176 struct smb2_hdr
*rcv_hdr2
= work
->request_buf
;
8178 if ((rcv_hdr2
->Flags
& SMB2_FLAGS_SIGNED
) &&
8179 command
!= SMB2_NEGOTIATE_HE
&&
8180 command
!= SMB2_SESSION_SETUP_HE
&&
8181 command
!= SMB2_OPLOCK_BREAK_HE
)
8188 * smb2_check_sign_req() - handler for req packet sign processing
8189 * @work: smb work containing notify command buffer
8191 * Return: 1 on success, 0 otherwise
8193 int smb2_check_sign_req(struct ksmbd_work
*work
)
8195 struct smb2_hdr
*hdr
, *hdr_org
;
8196 char signature_req
[SMB2_SIGNATURE_SIZE
];
8197 char signature
[SMB2_HMACSHA256_SIZE
];
8201 hdr_org
= hdr
= work
->request_buf
;
8202 if (work
->next_smb2_rcv_hdr_off
)
8203 hdr
= ksmbd_req_buf_next(work
);
8205 if (!hdr
->NextCommand
&& !work
->next_smb2_rcv_hdr_off
)
8206 len
= be32_to_cpu(hdr_org
->smb2_buf_length
);
8207 else if (hdr
->NextCommand
)
8208 len
= le32_to_cpu(hdr
->NextCommand
);
8210 len
= be32_to_cpu(hdr_org
->smb2_buf_length
) -
8211 work
->next_smb2_rcv_hdr_off
;
8213 memcpy(signature_req
, hdr
->Signature
, SMB2_SIGNATURE_SIZE
);
8214 memset(hdr
->Signature
, 0, SMB2_SIGNATURE_SIZE
);
8216 iov
[0].iov_base
= (char *)&hdr
->ProtocolId
;
8217 iov
[0].iov_len
= len
;
8219 if (ksmbd_sign_smb2_pdu(work
->conn
, work
->sess
->sess_key
, iov
, 1,
8223 if (memcmp(signature
, signature_req
, SMB2_SIGNATURE_SIZE
)) {
8224 pr_err("bad smb2 signature\n");
8232 * smb2_set_sign_rsp() - handler for rsp packet sign processing
8233 * @work: smb work containing notify command buffer
8236 void smb2_set_sign_rsp(struct ksmbd_work
*work
)
8238 struct smb2_hdr
*hdr
, *hdr_org
;
8239 struct smb2_hdr
*req_hdr
;
8240 char signature
[SMB2_HMACSHA256_SIZE
];
8245 hdr_org
= hdr
= work
->response_buf
;
8246 if (work
->next_smb2_rsp_hdr_off
)
8247 hdr
= ksmbd_resp_buf_next(work
);
8249 req_hdr
= ksmbd_req_buf_next(work
);
8251 if (!work
->next_smb2_rsp_hdr_off
) {
8252 len
= get_rfc1002_len(hdr_org
);
8253 if (req_hdr
->NextCommand
)
8254 len
= ALIGN(len
, 8);
8256 len
= get_rfc1002_len(hdr_org
) - work
->next_smb2_rsp_hdr_off
;
8257 len
= ALIGN(len
, 8);
8260 if (req_hdr
->NextCommand
)
8261 hdr
->NextCommand
= cpu_to_le32(len
);
8263 hdr
->Flags
|= SMB2_FLAGS_SIGNED
;
8264 memset(hdr
->Signature
, 0, SMB2_SIGNATURE_SIZE
);
8266 iov
[0].iov_base
= (char *)&hdr
->ProtocolId
;
8267 iov
[0].iov_len
= len
;
8269 if (work
->aux_payload_sz
) {
8270 iov
[0].iov_len
-= work
->aux_payload_sz
;
8272 iov
[1].iov_base
= work
->aux_payload_buf
;
8273 iov
[1].iov_len
= work
->aux_payload_sz
;
8277 if (!ksmbd_sign_smb2_pdu(work
->conn
, work
->sess
->sess_key
, iov
, n_vec
,
8279 memcpy(hdr
->Signature
, signature
, SMB2_SIGNATURE_SIZE
);
8283 * smb3_check_sign_req() - handler for req packet sign processing
8284 * @work: smb work containing notify command buffer
8286 * Return: 1 on success, 0 otherwise
8288 int smb3_check_sign_req(struct ksmbd_work
*work
)
8290 struct ksmbd_conn
*conn
= work
->conn
;
8292 struct smb2_hdr
*hdr
, *hdr_org
;
8293 struct channel
*chann
;
8294 char signature_req
[SMB2_SIGNATURE_SIZE
];
8295 char signature
[SMB2_CMACAES_SIZE
];
8299 hdr_org
= hdr
= work
->request_buf
;
8300 if (work
->next_smb2_rcv_hdr_off
)
8301 hdr
= ksmbd_req_buf_next(work
);
8303 if (!hdr
->NextCommand
&& !work
->next_smb2_rcv_hdr_off
)
8304 len
= be32_to_cpu(hdr_org
->smb2_buf_length
);
8305 else if (hdr
->NextCommand
)
8306 len
= le32_to_cpu(hdr
->NextCommand
);
8308 len
= be32_to_cpu(hdr_org
->smb2_buf_length
) -
8309 work
->next_smb2_rcv_hdr_off
;
8311 if (le16_to_cpu(hdr
->Command
) == SMB2_SESSION_SETUP_HE
) {
8312 signing_key
= work
->sess
->smb3signingkey
;
8314 chann
= lookup_chann_list(work
->sess
, conn
);
8317 signing_key
= chann
->smb3signingkey
;
8321 pr_err("SMB3 signing key is not generated\n");
8325 memcpy(signature_req
, hdr
->Signature
, SMB2_SIGNATURE_SIZE
);
8326 memset(hdr
->Signature
, 0, SMB2_SIGNATURE_SIZE
);
8327 iov
[0].iov_base
= (char *)&hdr
->ProtocolId
;
8328 iov
[0].iov_len
= len
;
8330 if (ksmbd_sign_smb3_pdu(conn
, signing_key
, iov
, 1, signature
))
8333 if (memcmp(signature
, signature_req
, SMB2_SIGNATURE_SIZE
)) {
8334 pr_err("bad smb2 signature\n");
8342 * smb3_set_sign_rsp() - handler for rsp packet sign processing
8343 * @work: smb work containing notify command buffer
8346 void smb3_set_sign_rsp(struct ksmbd_work
*work
)
8348 struct ksmbd_conn
*conn
= work
->conn
;
8349 struct smb2_hdr
*req_hdr
;
8350 struct smb2_hdr
*hdr
, *hdr_org
;
8351 struct channel
*chann
;
8352 char signature
[SMB2_CMACAES_SIZE
];
8358 hdr_org
= hdr
= work
->response_buf
;
8359 if (work
->next_smb2_rsp_hdr_off
)
8360 hdr
= ksmbd_resp_buf_next(work
);
8362 req_hdr
= ksmbd_req_buf_next(work
);
8364 if (!work
->next_smb2_rsp_hdr_off
) {
8365 len
= get_rfc1002_len(hdr_org
);
8366 if (req_hdr
->NextCommand
)
8367 len
= ALIGN(len
, 8);
8369 len
= get_rfc1002_len(hdr_org
) - work
->next_smb2_rsp_hdr_off
;
8370 len
= ALIGN(len
, 8);
8373 if (conn
->binding
== false &&
8374 le16_to_cpu(hdr
->Command
) == SMB2_SESSION_SETUP_HE
) {
8375 signing_key
= work
->sess
->smb3signingkey
;
8377 chann
= lookup_chann_list(work
->sess
, work
->conn
);
8380 signing_key
= chann
->smb3signingkey
;
8386 if (req_hdr
->NextCommand
)
8387 hdr
->NextCommand
= cpu_to_le32(len
);
8389 hdr
->Flags
|= SMB2_FLAGS_SIGNED
;
8390 memset(hdr
->Signature
, 0, SMB2_SIGNATURE_SIZE
);
8391 iov
[0].iov_base
= (char *)&hdr
->ProtocolId
;
8392 iov
[0].iov_len
= len
;
8393 if (work
->aux_payload_sz
) {
8394 iov
[0].iov_len
-= work
->aux_payload_sz
;
8395 iov
[1].iov_base
= work
->aux_payload_buf
;
8396 iov
[1].iov_len
= work
->aux_payload_sz
;
8400 if (!ksmbd_sign_smb3_pdu(conn
, signing_key
, iov
, n_vec
, signature
))
8401 memcpy(hdr
->Signature
, signature
, SMB2_SIGNATURE_SIZE
);
8405 * smb3_preauth_hash_rsp() - handler for computing preauth hash on response
8406 * @work: smb work containing response buffer
8409 void smb3_preauth_hash_rsp(struct ksmbd_work
*work
)
8411 struct ksmbd_conn
*conn
= work
->conn
;
8412 struct ksmbd_session
*sess
= work
->sess
;
8413 struct smb2_hdr
*req
, *rsp
;
8415 if (conn
->dialect
!= SMB311_PROT_ID
)
8418 WORK_BUFFERS(work
, req
, rsp
);
8420 if (le16_to_cpu(req
->Command
) == SMB2_NEGOTIATE_HE
&&
8422 ksmbd_gen_preauth_integrity_hash(conn
, (char *)rsp
,
8423 conn
->preauth_info
->Preauth_HashValue
);
8425 if (le16_to_cpu(rsp
->Command
) == SMB2_SESSION_SETUP_HE
&& sess
) {
8428 if (conn
->binding
) {
8429 struct preauth_session
*preauth_sess
;
8431 preauth_sess
= ksmbd_preauth_session_lookup(conn
, sess
->id
);
8434 hash_value
= preauth_sess
->Preauth_HashValue
;
8436 hash_value
= sess
->Preauth_HashValue
;
8440 ksmbd_gen_preauth_integrity_hash(conn
, (char *)rsp
,
8445 static void fill_transform_hdr(struct smb2_transform_hdr
*tr_hdr
, char *old_buf
,
8448 struct smb2_hdr
*hdr
= (struct smb2_hdr
*)old_buf
;
8449 unsigned int orig_len
= get_rfc1002_len(old_buf
);
8451 memset(tr_hdr
, 0, sizeof(struct smb2_transform_hdr
));
8452 tr_hdr
->ProtocolId
= SMB2_TRANSFORM_PROTO_NUM
;
8453 tr_hdr
->OriginalMessageSize
= cpu_to_le32(orig_len
);
8454 tr_hdr
->Flags
= cpu_to_le16(0x01);
8455 if (cipher_type
== SMB2_ENCRYPTION_AES128_GCM
||
8456 cipher_type
== SMB2_ENCRYPTION_AES256_GCM
)
8457 get_random_bytes(&tr_hdr
->Nonce
, SMB3_AES_GCM_NONCE
);
8459 get_random_bytes(&tr_hdr
->Nonce
, SMB3_AES_CCM_NONCE
);
8460 memcpy(&tr_hdr
->SessionId
, &hdr
->SessionId
, 8);
8461 inc_rfc1001_len(tr_hdr
, sizeof(struct smb2_transform_hdr
) - 4);
8462 inc_rfc1001_len(tr_hdr
, orig_len
);
8465 int smb3_encrypt_resp(struct ksmbd_work
*work
)
8467 char *buf
= work
->response_buf
;
8468 struct smb2_transform_hdr
*tr_hdr
;
8471 int buf_size
= 0, rq_nvec
= 2 + (work
->aux_payload_sz
? 1 : 0);
8473 if (ARRAY_SIZE(iov
) < rq_nvec
)
8476 tr_hdr
= kzalloc(sizeof(struct smb2_transform_hdr
), GFP_KERNEL
);
8480 /* fill transform header */
8481 fill_transform_hdr(tr_hdr
, buf
, work
->conn
->cipher_type
);
8483 iov
[0].iov_base
= tr_hdr
;
8484 iov
[0].iov_len
= sizeof(struct smb2_transform_hdr
);
8485 buf_size
+= iov
[0].iov_len
- 4;
8487 iov
[1].iov_base
= buf
+ 4;
8488 iov
[1].iov_len
= get_rfc1002_len(buf
);
8489 if (work
->aux_payload_sz
) {
8490 iov
[1].iov_len
= work
->resp_hdr_sz
- 4;
8492 iov
[2].iov_base
= work
->aux_payload_buf
;
8493 iov
[2].iov_len
= work
->aux_payload_sz
;
8494 buf_size
+= iov
[2].iov_len
;
8496 buf_size
+= iov
[1].iov_len
;
8497 work
->resp_hdr_sz
= iov
[1].iov_len
;
8499 rc
= ksmbd_crypt_message(work
->conn
, iov
, rq_nvec
, 1);
8503 memmove(buf
, iov
[1].iov_base
, iov
[1].iov_len
);
8504 tr_hdr
->smb2_buf_length
= cpu_to_be32(buf_size
);
8505 work
->tr_buf
= tr_hdr
;
8510 bool smb3_is_transform_hdr(void *buf
)
8512 struct smb2_transform_hdr
*trhdr
= buf
;
8514 return trhdr
->ProtocolId
== SMB2_TRANSFORM_PROTO_NUM
;
8517 int smb3_decrypt_req(struct ksmbd_work
*work
)
8519 struct ksmbd_conn
*conn
= work
->conn
;
8520 struct ksmbd_session
*sess
;
8521 char *buf
= work
->request_buf
;
8522 struct smb2_hdr
*hdr
;
8523 unsigned int pdu_length
= get_rfc1002_len(buf
);
8525 int buf_data_size
= pdu_length
+ 4 -
8526 sizeof(struct smb2_transform_hdr
);
8527 struct smb2_transform_hdr
*tr_hdr
= (struct smb2_transform_hdr
*)buf
;
8530 if (buf_data_size
< sizeof(struct smb2_hdr
)) {
8531 pr_err("Transform message is too small (%u)\n",
8533 return -ECONNABORTED
;
8536 if (buf_data_size
< le32_to_cpu(tr_hdr
->OriginalMessageSize
)) {
8537 pr_err("Transform message is broken\n");
8538 return -ECONNABORTED
;
8541 sess
= ksmbd_session_lookup_all(conn
, le64_to_cpu(tr_hdr
->SessionId
));
8543 pr_err("invalid session id(%llx) in transform header\n",
8544 le64_to_cpu(tr_hdr
->SessionId
));
8545 return -ECONNABORTED
;
8548 iov
[0].iov_base
= buf
;
8549 iov
[0].iov_len
= sizeof(struct smb2_transform_hdr
);
8550 iov
[1].iov_base
= buf
+ sizeof(struct smb2_transform_hdr
);
8551 iov
[1].iov_len
= buf_data_size
;
8552 rc
= ksmbd_crypt_message(conn
, iov
, 2, 0);
8556 memmove(buf
+ 4, iov
[1].iov_base
, buf_data_size
);
8557 hdr
= (struct smb2_hdr
*)buf
;
8558 hdr
->smb2_buf_length
= cpu_to_be32(buf_data_size
);
8563 bool smb3_11_final_sess_setup_resp(struct ksmbd_work
*work
)
8565 struct ksmbd_conn
*conn
= work
->conn
;
8566 struct smb2_hdr
*rsp
= work
->response_buf
;
8568 if (conn
->dialect
< SMB30_PROT_ID
)
8571 if (work
->next_smb2_rcv_hdr_off
)
8572 rsp
= ksmbd_resp_buf_next(work
);
8574 if (le16_to_cpu(rsp
->Command
) == SMB2_SESSION_SETUP_HE
&&
8575 rsp
->Status
== STATUS_SUCCESS
)