ksmbd_netlink.h source code [linux/fs/smb/server/ksmbd_netlink.h]

1	/ SPDX-License-Identifier: GPL-2.0-or-later /
2	/*
3	* Copyright (C) 2018 Samsung Electronics Co., Ltd.
4	*
5	* linux-ksmbd-devel@lists.sourceforge.net
6	*/
7
8	#ifndef _LINUX_KSMBD_SERVER_H
9	#define _LINUX_KSMBD_SERVER_H
10
11	#include <linux/types.h>
12
13	/*
14	* This is a userspace ABI to communicate data between ksmbd and user IPC
15	* daemon using netlink. This is added to track and cache user account DB
16	* and share configuration info from userspace.
17	*
18	* - KSMBD_EVENT_HEARTBEAT_REQUEST(ksmbd_heartbeat)
19	* This event is to check whether user IPC daemon is alive. If user IPC
20	* daemon is dead, ksmbd keep existing connection till disconnecting and
21	* new connection will be denied.
22	*
23	* - KSMBD_EVENT_STARTING_UP(ksmbd_startup_request)
24	* This event is to receive the information that initializes the ksmbd
25	* server from the user IPC daemon and to start the server. The global
26	* section parameters are given from smb.conf as initialization
27	* information.
28	*
29	* - KSMBD_EVENT_SHUTTING_DOWN(ksmbd_shutdown_request)
30	* This event is to shutdown ksmbd server.
31	*
32	* - KSMBD_EVENT_LOGIN_REQUEST/RESPONSE(ksmbd_login_request/response)
33	* This event is to get user account info to user IPC daemon.
34	*
35	* - KSMBD_EVENT_SHARE_CONFIG_REQUEST/RESPONSE(ksmbd_share_config_request/response)
36	* This event is to get net share configuration info.
37	*
38	* - KSMBD_EVENT_TREE_CONNECT_REQUEST/RESPONSE(ksmbd_tree_connect_request/response)
39	* This event is to get session and tree connect info.
40	*
41	* - KSMBD_EVENT_TREE_DISCONNECT_REQUEST(ksmbd_tree_disconnect_request)
42	* This event is to send tree disconnect info to user IPC daemon.
43	*
44	* - KSMBD_EVENT_LOGOUT_REQUEST(ksmbd_logout_request)
45	* This event is to send logout request to user IPC daemon.
46	*
47	* - KSMBD_EVENT_RPC_REQUEST/RESPONSE(ksmbd_rpc_command)
48	* This event is to make DCE/RPC request like srvsvc, wkssvc, lsarpc,
49	* samr to be processed in userspace.
50	*
51	* - KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST/RESPONSE(ksmbd_spnego_authen_request/response)
52	* This event is to make kerberos authentication to be processed in
53	* userspace.
54	*/
55
56	#define KSMBD_GENL_NAME "SMBD_GENL"
57	#define KSMBD_GENL_VERSION 0x01
58
59	#define KSMBD_REQ_MAX_ACCOUNT_NAME_SZ 48
60	#define KSMBD_REQ_MAX_HASH_SZ 18
61	#define KSMBD_REQ_MAX_SHARE_NAME 64
62
63	/*
64	* IPC heartbeat frame to check whether user IPC daemon is alive.
65	*/
66	struct ksmbd_heartbeat {
67	__u32 handle;
68	};
69
70	/*
71	* Global config flags.
72	*/
73	#define KSMBD_GLOBAL_FLAG_INVALID (0)
74	#define KSMBD_GLOBAL_FLAG_SMB2_LEASES BIT(0)
75	#define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION BIT(1)
76	#define KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL BIT(2)
77	#define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION_OFF BIT(3)
78	#define KSMBD_GLOBAL_FLAG_DURABLE_HANDLE BIT(4)
79
80	/*
81	* IPC request for ksmbd server startup
82	*/
83	struct ksmbd_startup_request {
84	__u32 flags; / Flags for global config /
85	__s32 signing; / Signing enabled /
86	__s8 min_prot[`16`]; / The minimum SMB protocol version /
87	__s8 max_prot[`16`]; / The maximum SMB protocol version /
88	__s8 netbios_name[`16`];
89	__s8 work_group[`64`]; / Workgroup /
90	__s8 server_string[`64`]; / Server string /
91	__u16 tcp_port; / tcp port /
92	__u16 ipc_timeout; /*
93	* specifies the number of seconds
94	* server will wait for the userspace to
95	* reply to heartbeat frames.
96	*/
97	__u32 deadtime; / Number of minutes of inactivity /
98	__u32 file_max; / Limits the maximum number of open files /
99	__u32 smb2_max_write; / MAX write size /
100	__u32 smb2_max_read; / MAX read size /
101	__u32 smb2_max_trans; / MAX trans size /
102	__u32 share_fake_fscaps; /*
103	* Support some special application that
104	* makes QFSINFO calls to check whether
105	* we set the SPARSE_FILES bit (0x40).
106	*/
107	__u32 sub_auth[`3`]; / Subauth value for Security ID /
108	__u32 smb2_max_credits; / MAX credits /
109	__u32 smbd_max_io_size; / smbd read write size /
110	__u32 max_connections; / Number of maximum simultaneous connections /
111	__u32 reserved[`126`]; / Reserved room /
112	__u32 ifc_list_sz; / interfaces list size /
113	__s8 ____payload[];
114	};
115
116	#define KSMBD_STARTUP_CONFIG_INTERFACES(s) ((s)->____payload)
117
118	/*
119	* IPC request to shutdown ksmbd server.
120	*/
121	struct ksmbd_shutdown_request {
122	__s32 reserved[`16`];
123	};
124
125	/*
126	* IPC user login request.
127	*/
128	struct ksmbd_login_request {
129	__u32 handle;
130	__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; / user account name /
131	__u32 reserved[`16`]; / Reserved room /
132	};
133
134	/*
135	* IPC user login response.
136	*/
137	struct ksmbd_login_response {
138	__u32 handle;
139	__u32 gid; / group id /
140	__u32 uid; / user id /
141	__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; / user account name /
142	__u16 status;
143	__u16 hash_sz; / hash size /
144	__s8 hash[KSMBD_REQ_MAX_HASH_SZ]; / password hash /
145	__u32 reserved[`16`]; / Reserved room /
146	};
147
148	/*
149	* IPC request to fetch net share config.
150	*/
151	struct ksmbd_share_config_request {
152	__u32 handle;
153	__s8 share_name[KSMBD_REQ_MAX_SHARE_NAME]; / share name /
154	__u32 reserved[`16`]; / Reserved room /
155	};
156
157	/*
158	* IPC response to the net share config request.
159	*/
160	struct ksmbd_share_config_response {
161	__u32 handle;
162	__u32 flags;
163	__u16 create_mask;
164	__u16 directory_mask;
165	__u16 force_create_mode;
166	__u16 force_directory_mode;
167	__u16 force_uid;
168	__u16 force_gid;
169	__s8 share_name[KSMBD_REQ_MAX_SHARE_NAME];
170	__u32 reserved[`111`]; / Reserved room /
171	__u32 payload_sz;
172	__u32 veto_list_sz;
173	__s8 ____payload[];
174	};
175
176	#define KSMBD_SHARE_CONFIG_VETO_LIST(s) ((s)->____payload)
177
178	static inline char *
179	ksmbd_share_config_path(struct ksmbd_share_config_response *sc)
180	{
181	char *p = sc->____payload;
182
183	if (sc->veto_list_sz)
184	p += sc->veto_list_sz + `1`;
185
186	return p;
187	}
188
189	/*
190	* IPC request for tree connection. This request include session and tree
191	* connect info from client.
192	*/
193	struct ksmbd_tree_connect_request {
194	__u32 handle;
195	__u16 account_flags;
196	__u16 flags;
197	__u64 session_id;
198	__u64 connect_id;
199	__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
200	__s8 share[KSMBD_REQ_MAX_SHARE_NAME];
201	__s8 peer_addr[`64`];
202	__u32 reserved[`16`]; / Reserved room /
203	};
204
205	/*
206	* IPC Response structure for tree connection.
207	*/
208	struct ksmbd_tree_connect_response {
209	__u32 handle;
210	__u16 status;
211	__u16 connection_flags;
212	__u32 reserved[`16`]; / Reserved room /
213	};
214
215	/*
216	* IPC Request struture to disconnect tree connection.
217	*/
218	struct ksmbd_tree_disconnect_request {
219	__u64 session_id; / session id /
220	__u64 connect_id; / tree connection id /
221	__u32 reserved[`16`]; / Reserved room /
222	};
223
224	/*
225	* IPC Response structure to logout user account.
226	*/
227	struct ksmbd_logout_request {
228	__s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; / user account name /
229	__u32 account_flags;
230	__u32 reserved[`16`]; / Reserved room /
231	};
232
233	/*
234	* RPC command structure to send rpc request like srvsvc or wkssvc to
235	* IPC user daemon.
236	*/
237	struct ksmbd_rpc_command {
238	__u32 handle;
239	__u32 flags;
240	__u32 payload_sz;
241	__u8 payload[];
242	};
243
244	/*
245	* IPC Request Kerberos authentication
246	*/
247	struct ksmbd_spnego_authen_request {
248	__u32 handle;
249	__u16 spnego_blob_len; / the length of spnego_blob /
250	__u8 spnego_blob[]; /*
251	* the GSS token from SecurityBuffer of
252	* SMB2 SESSION SETUP request
253	*/
254	};
255
256	/*
257	* Response data which includes the GSS token and the session key generated by
258	* user daemon.
259	*/
260	struct ksmbd_spnego_authen_response {
261	__u32 handle;
262	struct ksmbd_login_response login_response; /*
263	* the login response with
264	* a user identified by the
265	* GSS token from a client
266	*/
267	__u16 session_key_len; / the length of the session key /
268	__u16 spnego_blob_len; /*
269	* the length of the GSS token which will be
270	* stored in SecurityBuffer of SMB2 SESSION
271	* SETUP response
272	*/
273	__u8 payload[]; / session key + AP_REP /
274	};
275
276	/*
277	* This also used as NETLINK attribute type value.
278	*
279	* NOTE:
280	* Response message type value should be equal to
281	* request message type value + 1.
282	*/
283	enum ksmbd_event {
284	KSMBD_EVENT_UNSPEC = `0`,
285	KSMBD_EVENT_HEARTBEAT_REQUEST,
286
287	KSMBD_EVENT_STARTING_UP,
288	KSMBD_EVENT_SHUTTING_DOWN,
289
290	KSMBD_EVENT_LOGIN_REQUEST,
291	KSMBD_EVENT_LOGIN_RESPONSE = `5`,
292
293	KSMBD_EVENT_SHARE_CONFIG_REQUEST,
294	KSMBD_EVENT_SHARE_CONFIG_RESPONSE,
295
296	KSMBD_EVENT_TREE_CONNECT_REQUEST,
297	KSMBD_EVENT_TREE_CONNECT_RESPONSE,
298
299	KSMBD_EVENT_TREE_DISCONNECT_REQUEST = `10`,
300
301	KSMBD_EVENT_LOGOUT_REQUEST,
302
303	KSMBD_EVENT_RPC_REQUEST,
304	KSMBD_EVENT_RPC_RESPONSE,
305
306	KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST,
307	KSMBD_EVENT_SPNEGO_AUTHEN_RESPONSE = `15`,
308
309	__KSMBD_EVENT_MAX,
310	KSMBD_EVENT_MAX = __KSMBD_EVENT_MAX - `1`
311	};
312
313	/*
314	* Enumeration for IPC tree connect status.
315	*/
316	enum KSMBD_TREE_CONN_STATUS {
317	KSMBD_TREE_CONN_STATUS_OK = `0`,
318	KSMBD_TREE_CONN_STATUS_NOMEM,
319	KSMBD_TREE_CONN_STATUS_NO_SHARE,
320	KSMBD_TREE_CONN_STATUS_NO_USER,
321	KSMBD_TREE_CONN_STATUS_INVALID_USER,
322	KSMBD_TREE_CONN_STATUS_HOST_DENIED = `5`,
323	KSMBD_TREE_CONN_STATUS_CONN_EXIST,
324	KSMBD_TREE_CONN_STATUS_TOO_MANY_CONNS,
325	KSMBD_TREE_CONN_STATUS_TOO_MANY_SESSIONS,
326	KSMBD_TREE_CONN_STATUS_ERROR,
327	};
328
329	/*
330	* User config flags.
331	*/
332	#define KSMBD_USER_FLAG_INVALID (0)
333	#define KSMBD_USER_FLAG_OK BIT(0)
334	#define KSMBD_USER_FLAG_BAD_PASSWORD BIT(1)
335	#define KSMBD_USER_FLAG_BAD_UID BIT(2)
336	#define KSMBD_USER_FLAG_BAD_USER BIT(3)
337	#define KSMBD_USER_FLAG_GUEST_ACCOUNT BIT(4)
338	#define KSMBD_USER_FLAG_DELAY_SESSION BIT(5)
339
340	/*
341	* Share config flags.
342	*/
343	#define KSMBD_SHARE_FLAG_INVALID (0)
344	#define KSMBD_SHARE_FLAG_AVAILABLE BIT(0)
345	#define KSMBD_SHARE_FLAG_BROWSEABLE BIT(1)
346	#define KSMBD_SHARE_FLAG_WRITEABLE BIT(2)
347	#define KSMBD_SHARE_FLAG_READONLY BIT(3)
348	#define KSMBD_SHARE_FLAG_GUEST_OK BIT(4)
349	#define KSMBD_SHARE_FLAG_GUEST_ONLY BIT(5)
350	#define KSMBD_SHARE_FLAG_STORE_DOS_ATTRS BIT(6)
351	#define KSMBD_SHARE_FLAG_OPLOCKS BIT(7)
352	#define KSMBD_SHARE_FLAG_PIPE BIT(8)
353	#define KSMBD_SHARE_FLAG_HIDE_DOT_FILES BIT(9)
354	#define KSMBD_SHARE_FLAG_INHERIT_OWNER BIT(10)
355	#define KSMBD_SHARE_FLAG_STREAMS BIT(11)
356	#define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS BIT(12)
357	#define KSMBD_SHARE_FLAG_ACL_XATTR BIT(13)
358	#define KSMBD_SHARE_FLAG_UPDATE BIT(14)
359	#define KSMBD_SHARE_FLAG_CROSSMNT BIT(15)
360	#define KSMBD_SHARE_FLAG_CONTINUOUS_AVAILABILITY BIT(16)
361
362	/*
363	* Tree connect request flags.
364	*/
365	#define KSMBD_TREE_CONN_FLAG_REQUEST_SMB1 (0)
366	#define KSMBD_TREE_CONN_FLAG_REQUEST_IPV6 BIT(0)
367	#define KSMBD_TREE_CONN_FLAG_REQUEST_SMB2 BIT(1)
368
369	/*
370	* Tree connect flags.
371	*/
372	#define KSMBD_TREE_CONN_FLAG_GUEST_ACCOUNT BIT(0)
373	#define KSMBD_TREE_CONN_FLAG_READ_ONLY BIT(1)
374	#define KSMBD_TREE_CONN_FLAG_WRITABLE BIT(2)
375	#define KSMBD_TREE_CONN_FLAG_ADMIN_ACCOUNT BIT(3)
376	#define KSMBD_TREE_CONN_FLAG_UPDATE BIT(4)
377
378	/*
379	* RPC over IPC.
380	*/
381	#define KSMBD_RPC_METHOD_RETURN BIT(0)
382	#define KSMBD_RPC_SRVSVC_METHOD_INVOKE BIT(1)
383	#define KSMBD_RPC_SRVSVC_METHOD_RETURN (KSMBD_RPC_SRVSVC_METHOD_INVOKE \| KSMBD_RPC_METHOD_RETURN)
384	#define KSMBD_RPC_WKSSVC_METHOD_INVOKE BIT(2)
385	#define KSMBD_RPC_WKSSVC_METHOD_RETURN (KSMBD_RPC_WKSSVC_METHOD_INVOKE \| KSMBD_RPC_METHOD_RETURN)
386	#define KSMBD_RPC_IOCTL_METHOD (BIT(3) \| KSMBD_RPC_METHOD_RETURN)
387	#define KSMBD_RPC_OPEN_METHOD BIT(4)
388	#define KSMBD_RPC_WRITE_METHOD BIT(5)
389	#define KSMBD_RPC_READ_METHOD (BIT(6) \| KSMBD_RPC_METHOD_RETURN)
390	#define KSMBD_RPC_CLOSE_METHOD BIT(7)
391	#define KSMBD_RPC_RAP_METHOD (BIT(8) \| KSMBD_RPC_METHOD_RETURN)
392	#define KSMBD_RPC_RESTRICTED_CONTEXT BIT(9)
393	#define KSMBD_RPC_SAMR_METHOD_INVOKE BIT(10)
394	#define KSMBD_RPC_SAMR_METHOD_RETURN (KSMBD_RPC_SAMR_METHOD_INVOKE \| KSMBD_RPC_METHOD_RETURN)
395	#define KSMBD_RPC_LSARPC_METHOD_INVOKE BIT(11)
396	#define KSMBD_RPC_LSARPC_METHOD_RETURN (KSMBD_RPC_LSARPC_METHOD_INVOKE \| KSMBD_RPC_METHOD_RETURN)
397
398	/*
399	* RPC status definitions.
400	*/
401	#define KSMBD_RPC_OK 0
402	#define KSMBD_RPC_EBAD_FUNC 0x00000001
403	#define KSMBD_RPC_EACCESS_DENIED 0x00000005
404	#define KSMBD_RPC_EBAD_FID 0x00000006
405	#define KSMBD_RPC_ENOMEM 0x00000008
406	#define KSMBD_RPC_EBAD_DATA 0x0000000D
407	#define KSMBD_RPC_ENOTIMPLEMENTED 0x00000040
408	#define KSMBD_RPC_EINVALID_PARAMETER 0x00000057
409	#define KSMBD_RPC_EMORE_DATA 0x000000EA
410	#define KSMBD_RPC_EINVALID_LEVEL 0x0000007C
411	#define KSMBD_RPC_SOME_NOT_MAPPED 0x00000107
412
413	#define KSMBD_CONFIG_OPT_DISABLED 0
414	#define KSMBD_CONFIG_OPT_ENABLED 1
415	#define KSMBD_CONFIG_OPT_AUTO 2
416	#define KSMBD_CONFIG_OPT_MANDATORY 3
417
418	#endif /* _LINUX_KSMBD_SERVER_H */
419

source code of linux/fs/smb/server/ksmbd_netlink.h