summaryrefslogtreecommitdiff
path: root/fs/smb/server/ksmbd_netlink.h
blob: 8ca8a45c4c621c5dabf56664bec27e5df0db8356 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
/* SPDX-License-Identifier: GPL-2.0-or-later */
/*
 *   Copyright (C) 2018 Samsung Electronics Co., Ltd.
 *
 *   linux-ksmbd-devel@lists.sourceforge.net
 */

#ifndef _LINUX_KSMBD_SERVER_H
#define _LINUX_KSMBD_SERVER_H

#include <linux/types.h>

/*
 * This is a userspace ABI to communicate data between ksmbd and user IPC
 * daemon using netlink. This is added to track and cache user account DB
 * and share configuration info from userspace.
 *
 *  - KSMBD_EVENT_HEARTBEAT_REQUEST(ksmbd_heartbeat)
 *    This event is to check whether user IPC daemon is alive. If user IPC
 *    daemon is dead, ksmbd keep existing connection till disconnecting and
 *    new connection will be denied.
 *
 *  - KSMBD_EVENT_STARTING_UP(ksmbd_startup_request)
 *    This event is to receive the information that initializes the ksmbd
 *    server from the user IPC daemon and to start the server. The global
 *    section parameters are given from smb.conf as initialization
 *    information.
 *
 *  - KSMBD_EVENT_SHUTTING_DOWN(ksmbd_shutdown_request)
 *    This event is to shutdown ksmbd server.
 *
 *  - KSMBD_EVENT_LOGIN_REQUEST/RESPONSE(ksmbd_login_request/response)
 *    This event is to get user account info to user IPC daemon.
 *
 *  - KSMBD_EVENT_SHARE_CONFIG_REQUEST/RESPONSE(ksmbd_share_config_request/response)
 *    This event is to get net share configuration info.
 *
 *  - KSMBD_EVENT_TREE_CONNECT_REQUEST/RESPONSE(ksmbd_tree_connect_request/response)
 *    This event is to get session and tree connect info.
 *
 *  - KSMBD_EVENT_TREE_DISCONNECT_REQUEST(ksmbd_tree_disconnect_request)
 *    This event is to send tree disconnect info to user IPC daemon.
 *
 *  - KSMBD_EVENT_LOGOUT_REQUEST(ksmbd_logout_request)
 *    This event is to send logout request to user IPC daemon.
 *
 *  - KSMBD_EVENT_RPC_REQUEST/RESPONSE(ksmbd_rpc_command)
 *    This event is to make DCE/RPC request like srvsvc, wkssvc, lsarpc,
 *    samr to be processed in userspace.
 *
 *  - KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST/RESPONSE(ksmbd_spnego_authen_request/response)
 *    This event is to make kerberos authentication to be processed in
 *    userspace.
 */

#define KSMBD_GENL_NAME		"SMBD_GENL"
#define KSMBD_GENL_VERSION		0x01

#define KSMBD_REQ_MAX_ACCOUNT_NAME_SZ	48
#define KSMBD_REQ_MAX_HASH_SZ		18
#define KSMBD_REQ_MAX_SHARE_NAME	64

/*
 * IPC heartbeat frame to check whether user IPC daemon is alive.
 */
struct ksmbd_heartbeat {
	__u32	handle;
};

/*
 * Global config flags.
 */
#define KSMBD_GLOBAL_FLAG_INVALID		(0)
#define KSMBD_GLOBAL_FLAG_SMB2_LEASES		BIT(0)
#define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION	BIT(1)
#define KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL	BIT(2)
#define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION_OFF	BIT(3)
#define KSMBD_GLOBAL_FLAG_DURABLE_HANDLE	BIT(4)

/*
 * IPC request for ksmbd server startup
 */
struct ksmbd_startup_request {
	__u32	flags;			/* Flags for global config */
	__s32	signing;		/* Signing enabled */
	__s8	min_prot[16];		/* The minimum SMB protocol version */
	__s8	max_prot[16];		/* The maximum SMB protocol version */
	__s8	netbios_name[16];
	__s8	work_group[64];		/* Workgroup */
	__s8	server_string[64];	/* Server string */
	__u16	tcp_port;		/* tcp port */
	__u16	ipc_timeout;		/*
					 * specifies the number of seconds
					 * server will wait for the userspace to
					 * reply to heartbeat frames.
					 */
	__u32	deadtime;		/* Number of minutes of inactivity */
	__u32	file_max;		/* Limits the maximum number of open files */
	__u32	smb2_max_write;		/* MAX write size */
	__u32	smb2_max_read;		/* MAX read size */
	__u32	smb2_max_trans;		/* MAX trans size */
	__u32	share_fake_fscaps;	/*
					 * Support some special application that
					 * makes QFSINFO calls to check whether
					 * we set the SPARSE_FILES bit (0x40).
					 */
	__u32	sub_auth[3];		/* Subauth value for Security ID */
	__u32	smb2_max_credits;	/* MAX credits */
	__u32	smbd_max_io_size;	/* smbd read write size */
	__u32	max_connections;	/* Number of maximum simultaneous connections */
	__u32	reserved[126];		/* Reserved room */
	__u32	ifc_list_sz;		/* interfaces list size */
	__s8	____payload[];
};

#define KSMBD_STARTUP_CONFIG_INTERFACES(s)	((s)->____payload)

/*
 * IPC request to shutdown ksmbd server.
 */
struct ksmbd_shutdown_request {
	__s32	reserved[16];
};

/*
 * IPC user login request.
 */
struct ksmbd_login_request {
	__u32	handle;
	__s8	account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
	__u32	reserved[16];				/* Reserved room */
};

/*
 * IPC user login response.
 */
struct ksmbd_login_response {
	__u32	handle;
	__u32	gid;					/* group id */
	__u32	uid;					/* user id */
	__s8	account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
	__u16	status;
	__u16	hash_sz;			/* hash size */
	__s8	hash[KSMBD_REQ_MAX_HASH_SZ];	/* password hash */
	__u32	reserved[16];			/* Reserved room */
};

/*
 * IPC request to fetch net share config.
 */
struct ksmbd_share_config_request {
	__u32	handle;
	__s8	share_name[KSMBD_REQ_MAX_SHARE_NAME]; /* share name */
	__u32	reserved[16];		/* Reserved room */
};

/*
 * IPC response to the net share config request.
 */
struct ksmbd_share_config_response {
	__u32	handle;
	__u32	flags;
	__u16	create_mask;
	__u16	directory_mask;
	__u16	force_create_mode;
	__u16	force_directory_mode;
	__u16	force_uid;
	__u16	force_gid;
	__s8	share_name[KSMBD_REQ_MAX_SHARE_NAME];
	__u32	reserved[112];		/* Reserved room */
	__u32	veto_list_sz;
	__s8	____payload[];
};

#define KSMBD_SHARE_CONFIG_VETO_LIST(s)	((s)->____payload)

static inline char *
ksmbd_share_config_path(struct ksmbd_share_config_response *sc)
{
	char *p = sc->____payload;

	if (sc->veto_list_sz)
		p += sc->veto_list_sz + 1;

	return p;
}

/*
 * IPC request for tree connection. This request include session and tree
 * connect info from client.
 */
struct ksmbd_tree_connect_request {
	__u32	handle;
	__u16	account_flags;
	__u16	flags;
	__u64	session_id;
	__u64	connect_id;
	__s8	account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
	__s8	share[KSMBD_REQ_MAX_SHARE_NAME];
	__s8	peer_addr[64];
	__u32	reserved[16];		/* Reserved room */
};

/*
 * IPC Response structure for tree connection.
 */
struct ksmbd_tree_connect_response {
	__u32	handle;
	__u16	status;
	__u16	connection_flags;
	__u32	reserved[16];		/* Reserved room */
};

/*
 * IPC Request struture to disconnect tree connection.
 */
struct ksmbd_tree_disconnect_request {
	__u64	session_id;	/* session id */
	__u64	connect_id;	/* tree connection id */
	__u32	reserved[16];	/* Reserved room */
};

/*
 * IPC Response structure to logout user account.
 */
struct ksmbd_logout_request {
	__s8	account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
	__u32	account_flags;
	__u32	reserved[16];				/* Reserved room */
};

/*
 * RPC command structure to send rpc request like srvsvc or wkssvc to
 * IPC user daemon.
 */
struct ksmbd_rpc_command {
	__u32	handle;
	__u32	flags;
	__u32	payload_sz;
	__u8	payload[];
};

/*
 * IPC Request Kerberos authentication
 */
struct ksmbd_spnego_authen_request {
	__u32	handle;
	__u16	spnego_blob_len;	/* the length of spnego_blob */
	__u8	spnego_blob[];		/*
					 * the GSS token from SecurityBuffer of
					 * SMB2 SESSION SETUP request
					 */
};

/*
 * Response data which includes the GSS token and the session key generated by
 * user daemon.
 */
struct ksmbd_spnego_authen_response {
	__u32	handle;
	struct ksmbd_login_response login_response; /*
						     * the login response with
						     * a user identified by the
						     * GSS token from a client
						     */
	__u16	session_key_len; /* the length of the session key */
	__u16	spnego_blob_len; /*
				  * the length of  the GSS token which will be
				  * stored in SecurityBuffer of SMB2 SESSION
				  * SETUP response
				  */
	__u8	payload[]; /* session key + AP_REP */
};

/*
 * This also used as NETLINK attribute type value.
 *
 * NOTE:
 * Response message type value should be equal to
 * request message type value + 1.
 */
enum ksmbd_event {
	KSMBD_EVENT_UNSPEC			= 0,
	KSMBD_EVENT_HEARTBEAT_REQUEST,

	KSMBD_EVENT_STARTING_UP,
	KSMBD_EVENT_SHUTTING_DOWN,

	KSMBD_EVENT_LOGIN_REQUEST,
	KSMBD_EVENT_LOGIN_RESPONSE		= 5,

	KSMBD_EVENT_SHARE_CONFIG_REQUEST,
	KSMBD_EVENT_SHARE_CONFIG_RESPONSE,

	KSMBD_EVENT_TREE_CONNECT_REQUEST,
	KSMBD_EVENT_TREE_CONNECT_RESPONSE,

	KSMBD_EVENT_TREE_DISCONNECT_REQUEST	= 10,

	KSMBD_EVENT_LOGOUT_REQUEST,

	KSMBD_EVENT_RPC_REQUEST,
	KSMBD_EVENT_RPC_RESPONSE,

	KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST,
	KSMBD_EVENT_SPNEGO_AUTHEN_RESPONSE	= 15,

	__KSMBD_EVENT_MAX,
	KSMBD_EVENT_MAX = __KSMBD_EVENT_MAX - 1
};

/*
 * Enumeration for IPC tree connect status.
 */
enum KSMBD_TREE_CONN_STATUS {
	KSMBD_TREE_CONN_STATUS_OK		= 0,
	KSMBD_TREE_CONN_STATUS_NOMEM,
	KSMBD_TREE_CONN_STATUS_NO_SHARE,
	KSMBD_TREE_CONN_STATUS_NO_USER,
	KSMBD_TREE_CONN_STATUS_INVALID_USER,
	KSMBD_TREE_CONN_STATUS_HOST_DENIED	= 5,
	KSMBD_TREE_CONN_STATUS_CONN_EXIST,
	KSMBD_TREE_CONN_STATUS_TOO_MANY_CONNS,
	KSMBD_TREE_CONN_STATUS_TOO_MANY_SESSIONS,
	KSMBD_TREE_CONN_STATUS_ERROR,
};

/*
 * User config flags.
 */
#define KSMBD_USER_FLAG_INVALID		(0)
#define KSMBD_USER_FLAG_OK		BIT(0)
#define KSMBD_USER_FLAG_BAD_PASSWORD	BIT(1)
#define KSMBD_USER_FLAG_BAD_UID		BIT(2)
#define KSMBD_USER_FLAG_BAD_USER	BIT(3)
#define KSMBD_USER_FLAG_GUEST_ACCOUNT	BIT(4)
#define KSMBD_USER_FLAG_DELAY_SESSION	BIT(5)

/*
 * Share config flags.
 */
#define KSMBD_SHARE_FLAG_INVALID		(0)
#define KSMBD_SHARE_FLAG_AVAILABLE		BIT(0)
#define KSMBD_SHARE_FLAG_BROWSEABLE		BIT(1)
#define KSMBD_SHARE_FLAG_WRITEABLE		BIT(2)
#define KSMBD_SHARE_FLAG_READONLY		BIT(3)
#define KSMBD_SHARE_FLAG_GUEST_OK		BIT(4)
#define KSMBD_SHARE_FLAG_GUEST_ONLY		BIT(5)
#define KSMBD_SHARE_FLAG_STORE_DOS_ATTRS	BIT(6)
#define KSMBD_SHARE_FLAG_OPLOCKS		BIT(7)
#define KSMBD_SHARE_FLAG_PIPE			BIT(8)
#define KSMBD_SHARE_FLAG_HIDE_DOT_FILES		BIT(9)
#define KSMBD_SHARE_FLAG_INHERIT_OWNER		BIT(10)
#define KSMBD_SHARE_FLAG_STREAMS		BIT(11)
#define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS	BIT(12)
#define KSMBD_SHARE_FLAG_ACL_XATTR		BIT(13)
#define KSMBD_SHARE_FLAG_UPDATE			BIT(14)
#define KSMBD_SHARE_FLAG_CROSSMNT		BIT(15)

/*
 * Tree connect request flags.
 */
#define KSMBD_TREE_CONN_FLAG_REQUEST_SMB1	(0)
#define KSMBD_TREE_CONN_FLAG_REQUEST_IPV6	BIT(0)
#define KSMBD_TREE_CONN_FLAG_REQUEST_SMB2	BIT(1)

/*
 * Tree connect flags.
 */
#define KSMBD_TREE_CONN_FLAG_GUEST_ACCOUNT	BIT(0)
#define KSMBD_TREE_CONN_FLAG_READ_ONLY		BIT(1)
#define KSMBD_TREE_CONN_FLAG_WRITABLE		BIT(2)
#define KSMBD_TREE_CONN_FLAG_ADMIN_ACCOUNT	BIT(3)
#define KSMBD_TREE_CONN_FLAG_UPDATE		BIT(4)

/*
 * RPC over IPC.
 */
#define KSMBD_RPC_METHOD_RETURN		BIT(0)
#define KSMBD_RPC_SRVSVC_METHOD_INVOKE	BIT(1)
#define KSMBD_RPC_SRVSVC_METHOD_RETURN	(KSMBD_RPC_SRVSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
#define KSMBD_RPC_WKSSVC_METHOD_INVOKE	BIT(2)
#define KSMBD_RPC_WKSSVC_METHOD_RETURN	(KSMBD_RPC_WKSSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
#define KSMBD_RPC_IOCTL_METHOD		(BIT(3) | KSMBD_RPC_METHOD_RETURN)
#define KSMBD_RPC_OPEN_METHOD		BIT(4)
#define KSMBD_RPC_WRITE_METHOD		BIT(5)
#define KSMBD_RPC_READ_METHOD		(BIT(6) | KSMBD_RPC_METHOD_RETURN)
#define KSMBD_RPC_CLOSE_METHOD		BIT(7)
#define KSMBD_RPC_RAP_METHOD		(BIT(8) | KSMBD_RPC_METHOD_RETURN)
#define KSMBD_RPC_RESTRICTED_CONTEXT	BIT(9)
#define KSMBD_RPC_SAMR_METHOD_INVOKE	BIT(10)
#define KSMBD_RPC_SAMR_METHOD_RETURN	(KSMBD_RPC_SAMR_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
#define KSMBD_RPC_LSARPC_METHOD_INVOKE	BIT(11)
#define KSMBD_RPC_LSARPC_METHOD_RETURN	(KSMBD_RPC_LSARPC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)

/*
 * RPC status definitions.
 */
#define KSMBD_RPC_OK			0
#define KSMBD_RPC_EBAD_FUNC		0x00000001
#define KSMBD_RPC_EACCESS_DENIED	0x00000005
#define KSMBD_RPC_EBAD_FID		0x00000006
#define KSMBD_RPC_ENOMEM		0x00000008
#define KSMBD_RPC_EBAD_DATA		0x0000000D
#define KSMBD_RPC_ENOTIMPLEMENTED	0x00000040
#define KSMBD_RPC_EINVALID_PARAMETER	0x00000057
#define KSMBD_RPC_EMORE_DATA		0x000000EA
#define KSMBD_RPC_EINVALID_LEVEL	0x0000007C
#define KSMBD_RPC_SOME_NOT_MAPPED	0x00000107

#define KSMBD_CONFIG_OPT_DISABLED	0
#define KSMBD_CONFIG_OPT_ENABLED	1
#define KSMBD_CONFIG_OPT_AUTO		2
#define KSMBD_CONFIG_OPT_MANDATORY	3

#endif /* _LINUX_KSMBD_SERVER_H */