1 | /* SPDX-License-Identifier: GPL-2.0-or-later */ |
2 | /* |
3 | * Copyright (C) 2018 Samsung Electronics Co., Ltd. |
4 | * |
5 | * linux-ksmbd-devel@lists.sourceforge.net |
6 | */ |
7 | |
8 | #ifndef _LINUX_KSMBD_SERVER_H |
9 | #define _LINUX_KSMBD_SERVER_H |
10 | |
11 | #include <linux/types.h> |
12 | |
13 | /* |
14 | * This is a userspace ABI to communicate data between ksmbd and user IPC |
15 | * daemon using netlink. This is added to track and cache user account DB |
16 | * and share configuration info from userspace. |
17 | * |
18 | * - KSMBD_EVENT_HEARTBEAT_REQUEST(ksmbd_heartbeat) |
19 | * This event is to check whether user IPC daemon is alive. If user IPC |
20 | * daemon is dead, ksmbd keep existing connection till disconnecting and |
21 | * new connection will be denied. |
22 | * |
23 | * - KSMBD_EVENT_STARTING_UP(ksmbd_startup_request) |
24 | * This event is to receive the information that initializes the ksmbd |
25 | * server from the user IPC daemon and to start the server. The global |
26 | * section parameters are given from smb.conf as initialization |
27 | * information. |
28 | * |
29 | * - KSMBD_EVENT_SHUTTING_DOWN(ksmbd_shutdown_request) |
30 | * This event is to shutdown ksmbd server. |
31 | * |
32 | * - KSMBD_EVENT_LOGIN_REQUEST/RESPONSE(ksmbd_login_request/response) |
33 | * This event is to get user account info to user IPC daemon. |
34 | * |
35 | * - KSMBD_EVENT_SHARE_CONFIG_REQUEST/RESPONSE(ksmbd_share_config_request/response) |
36 | * This event is to get net share configuration info. |
37 | * |
38 | * - KSMBD_EVENT_TREE_CONNECT_REQUEST/RESPONSE(ksmbd_tree_connect_request/response) |
39 | * This event is to get session and tree connect info. |
40 | * |
41 | * - KSMBD_EVENT_TREE_DISCONNECT_REQUEST(ksmbd_tree_disconnect_request) |
42 | * This event is to send tree disconnect info to user IPC daemon. |
43 | * |
44 | * - KSMBD_EVENT_LOGOUT_REQUEST(ksmbd_logout_request) |
45 | * This event is to send logout request to user IPC daemon. |
46 | * |
47 | * - KSMBD_EVENT_RPC_REQUEST/RESPONSE(ksmbd_rpc_command) |
48 | * This event is to make DCE/RPC request like srvsvc, wkssvc, lsarpc, |
49 | * samr to be processed in userspace. |
50 | * |
51 | * - KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST/RESPONSE(ksmbd_spnego_authen_request/response) |
52 | * This event is to make kerberos authentication to be processed in |
53 | * userspace. |
54 | */ |
55 | |
56 | #define KSMBD_GENL_NAME "SMBD_GENL" |
57 | #define KSMBD_GENL_VERSION 0x01 |
58 | |
59 | #define KSMBD_REQ_MAX_ACCOUNT_NAME_SZ 48 |
60 | #define KSMBD_REQ_MAX_HASH_SZ 18 |
61 | #define KSMBD_REQ_MAX_SHARE_NAME 64 |
62 | |
63 | /* |
64 | * IPC heartbeat frame to check whether user IPC daemon is alive. |
65 | */ |
66 | struct ksmbd_heartbeat { |
67 | __u32 handle; |
68 | }; |
69 | |
70 | /* |
71 | * Global config flags. |
72 | */ |
73 | #define KSMBD_GLOBAL_FLAG_INVALID (0) |
74 | #define KSMBD_GLOBAL_FLAG_SMB2_LEASES BIT(0) |
75 | #define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION BIT(1) |
76 | #define KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL BIT(2) |
77 | #define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION_OFF BIT(3) |
78 | #define KSMBD_GLOBAL_FLAG_DURABLE_HANDLE BIT(4) |
79 | |
80 | /* |
81 | * IPC request for ksmbd server startup |
82 | */ |
83 | struct ksmbd_startup_request { |
84 | __u32 flags; /* Flags for global config */ |
85 | __s32 signing; /* Signing enabled */ |
86 | __s8 min_prot[16]; /* The minimum SMB protocol version */ |
87 | __s8 max_prot[16]; /* The maximum SMB protocol version */ |
88 | __s8 netbios_name[16]; |
89 | __s8 work_group[64]; /* Workgroup */ |
90 | __s8 server_string[64]; /* Server string */ |
91 | __u16 tcp_port; /* tcp port */ |
92 | __u16 ipc_timeout; /* |
93 | * specifies the number of seconds |
94 | * server will wait for the userspace to |
95 | * reply to heartbeat frames. |
96 | */ |
97 | __u32 deadtime; /* Number of minutes of inactivity */ |
98 | __u32 file_max; /* Limits the maximum number of open files */ |
99 | __u32 smb2_max_write; /* MAX write size */ |
100 | __u32 smb2_max_read; /* MAX read size */ |
101 | __u32 smb2_max_trans; /* MAX trans size */ |
102 | __u32 share_fake_fscaps; /* |
103 | * Support some special application that |
104 | * makes QFSINFO calls to check whether |
105 | * we set the SPARSE_FILES bit (0x40). |
106 | */ |
107 | __u32 sub_auth[3]; /* Subauth value for Security ID */ |
108 | __u32 smb2_max_credits; /* MAX credits */ |
109 | __u32 smbd_max_io_size; /* smbd read write size */ |
110 | __u32 max_connections; /* Number of maximum simultaneous connections */ |
111 | __u32 reserved[126]; /* Reserved room */ |
112 | __u32 ifc_list_sz; /* interfaces list size */ |
113 | __s8 ____payload[]; |
114 | }; |
115 | |
116 | #define KSMBD_STARTUP_CONFIG_INTERFACES(s) ((s)->____payload) |
117 | |
118 | /* |
119 | * IPC request to shutdown ksmbd server. |
120 | */ |
121 | struct ksmbd_shutdown_request { |
122 | __s32 reserved[16]; |
123 | }; |
124 | |
125 | /* |
126 | * IPC user login request. |
127 | */ |
128 | struct ksmbd_login_request { |
129 | __u32 handle; |
130 | __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */ |
131 | __u32 reserved[16]; /* Reserved room */ |
132 | }; |
133 | |
134 | /* |
135 | * IPC user login response. |
136 | */ |
137 | struct ksmbd_login_response { |
138 | __u32 handle; |
139 | __u32 gid; /* group id */ |
140 | __u32 uid; /* user id */ |
141 | __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */ |
142 | __u16 status; |
143 | __u16 hash_sz; /* hash size */ |
144 | __s8 hash[KSMBD_REQ_MAX_HASH_SZ]; /* password hash */ |
145 | __u32 reserved[16]; /* Reserved room */ |
146 | }; |
147 | |
148 | /* |
149 | * IPC request to fetch net share config. |
150 | */ |
151 | struct ksmbd_share_config_request { |
152 | __u32 handle; |
153 | __s8 share_name[KSMBD_REQ_MAX_SHARE_NAME]; /* share name */ |
154 | __u32 reserved[16]; /* Reserved room */ |
155 | }; |
156 | |
157 | /* |
158 | * IPC response to the net share config request. |
159 | */ |
160 | struct ksmbd_share_config_response { |
161 | __u32 handle; |
162 | __u32 flags; |
163 | __u16 create_mask; |
164 | __u16 directory_mask; |
165 | __u16 force_create_mode; |
166 | __u16 force_directory_mode; |
167 | __u16 force_uid; |
168 | __u16 force_gid; |
169 | __s8 share_name[KSMBD_REQ_MAX_SHARE_NAME]; |
170 | __u32 reserved[111]; /* Reserved room */ |
171 | __u32 payload_sz; |
172 | __u32 veto_list_sz; |
173 | __s8 ____payload[]; |
174 | }; |
175 | |
176 | #define KSMBD_SHARE_CONFIG_VETO_LIST(s) ((s)->____payload) |
177 | |
178 | static inline char * |
179 | ksmbd_share_config_path(struct ksmbd_share_config_response *sc) |
180 | { |
181 | char *p = sc->____payload; |
182 | |
183 | if (sc->veto_list_sz) |
184 | p += sc->veto_list_sz + 1; |
185 | |
186 | return p; |
187 | } |
188 | |
189 | /* |
190 | * IPC request for tree connection. This request include session and tree |
191 | * connect info from client. |
192 | */ |
193 | struct ksmbd_tree_connect_request { |
194 | __u32 handle; |
195 | __u16 account_flags; |
196 | __u16 flags; |
197 | __u64 session_id; |
198 | __u64 connect_id; |
199 | __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; |
200 | __s8 share[KSMBD_REQ_MAX_SHARE_NAME]; |
201 | __s8 peer_addr[64]; |
202 | __u32 reserved[16]; /* Reserved room */ |
203 | }; |
204 | |
205 | /* |
206 | * IPC Response structure for tree connection. |
207 | */ |
208 | struct ksmbd_tree_connect_response { |
209 | __u32 handle; |
210 | __u16 status; |
211 | __u16 connection_flags; |
212 | __u32 reserved[16]; /* Reserved room */ |
213 | }; |
214 | |
215 | /* |
216 | * IPC Request struture to disconnect tree connection. |
217 | */ |
218 | struct ksmbd_tree_disconnect_request { |
219 | __u64 session_id; /* session id */ |
220 | __u64 connect_id; /* tree connection id */ |
221 | __u32 reserved[16]; /* Reserved room */ |
222 | }; |
223 | |
224 | /* |
225 | * IPC Response structure to logout user account. |
226 | */ |
227 | struct ksmbd_logout_request { |
228 | __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */ |
229 | __u32 account_flags; |
230 | __u32 reserved[16]; /* Reserved room */ |
231 | }; |
232 | |
233 | /* |
234 | * RPC command structure to send rpc request like srvsvc or wkssvc to |
235 | * IPC user daemon. |
236 | */ |
237 | struct ksmbd_rpc_command { |
238 | __u32 handle; |
239 | __u32 flags; |
240 | __u32 payload_sz; |
241 | __u8 payload[]; |
242 | }; |
243 | |
244 | /* |
245 | * IPC Request Kerberos authentication |
246 | */ |
247 | struct ksmbd_spnego_authen_request { |
248 | __u32 handle; |
249 | __u16 spnego_blob_len; /* the length of spnego_blob */ |
250 | __u8 spnego_blob[]; /* |
251 | * the GSS token from SecurityBuffer of |
252 | * SMB2 SESSION SETUP request |
253 | */ |
254 | }; |
255 | |
256 | /* |
257 | * Response data which includes the GSS token and the session key generated by |
258 | * user daemon. |
259 | */ |
260 | struct ksmbd_spnego_authen_response { |
261 | __u32 handle; |
262 | struct ksmbd_login_response login_response; /* |
263 | * the login response with |
264 | * a user identified by the |
265 | * GSS token from a client |
266 | */ |
267 | __u16 session_key_len; /* the length of the session key */ |
268 | __u16 spnego_blob_len; /* |
269 | * the length of the GSS token which will be |
270 | * stored in SecurityBuffer of SMB2 SESSION |
271 | * SETUP response |
272 | */ |
273 | __u8 payload[]; /* session key + AP_REP */ |
274 | }; |
275 | |
276 | /* |
277 | * This also used as NETLINK attribute type value. |
278 | * |
279 | * NOTE: |
280 | * Response message type value should be equal to |
281 | * request message type value + 1. |
282 | */ |
283 | enum ksmbd_event { |
284 | KSMBD_EVENT_UNSPEC = 0, |
285 | KSMBD_EVENT_HEARTBEAT_REQUEST, |
286 | |
287 | KSMBD_EVENT_STARTING_UP, |
288 | KSMBD_EVENT_SHUTTING_DOWN, |
289 | |
290 | KSMBD_EVENT_LOGIN_REQUEST, |
291 | KSMBD_EVENT_LOGIN_RESPONSE = 5, |
292 | |
293 | KSMBD_EVENT_SHARE_CONFIG_REQUEST, |
294 | KSMBD_EVENT_SHARE_CONFIG_RESPONSE, |
295 | |
296 | KSMBD_EVENT_TREE_CONNECT_REQUEST, |
297 | KSMBD_EVENT_TREE_CONNECT_RESPONSE, |
298 | |
299 | KSMBD_EVENT_TREE_DISCONNECT_REQUEST = 10, |
300 | |
301 | KSMBD_EVENT_LOGOUT_REQUEST, |
302 | |
303 | KSMBD_EVENT_RPC_REQUEST, |
304 | KSMBD_EVENT_RPC_RESPONSE, |
305 | |
306 | KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST, |
307 | KSMBD_EVENT_SPNEGO_AUTHEN_RESPONSE = 15, |
308 | |
309 | __KSMBD_EVENT_MAX, |
310 | KSMBD_EVENT_MAX = __KSMBD_EVENT_MAX - 1 |
311 | }; |
312 | |
313 | /* |
314 | * Enumeration for IPC tree connect status. |
315 | */ |
316 | enum KSMBD_TREE_CONN_STATUS { |
317 | KSMBD_TREE_CONN_STATUS_OK = 0, |
318 | KSMBD_TREE_CONN_STATUS_NOMEM, |
319 | KSMBD_TREE_CONN_STATUS_NO_SHARE, |
320 | KSMBD_TREE_CONN_STATUS_NO_USER, |
321 | KSMBD_TREE_CONN_STATUS_INVALID_USER, |
322 | KSMBD_TREE_CONN_STATUS_HOST_DENIED = 5, |
323 | KSMBD_TREE_CONN_STATUS_CONN_EXIST, |
324 | KSMBD_TREE_CONN_STATUS_TOO_MANY_CONNS, |
325 | KSMBD_TREE_CONN_STATUS_TOO_MANY_SESSIONS, |
326 | KSMBD_TREE_CONN_STATUS_ERROR, |
327 | }; |
328 | |
329 | /* |
330 | * User config flags. |
331 | */ |
332 | #define KSMBD_USER_FLAG_INVALID (0) |
333 | #define KSMBD_USER_FLAG_OK BIT(0) |
334 | #define KSMBD_USER_FLAG_BAD_PASSWORD BIT(1) |
335 | #define KSMBD_USER_FLAG_BAD_UID BIT(2) |
336 | #define KSMBD_USER_FLAG_BAD_USER BIT(3) |
337 | #define KSMBD_USER_FLAG_GUEST_ACCOUNT BIT(4) |
338 | #define KSMBD_USER_FLAG_DELAY_SESSION BIT(5) |
339 | |
340 | /* |
341 | * Share config flags. |
342 | */ |
343 | #define KSMBD_SHARE_FLAG_INVALID (0) |
344 | #define KSMBD_SHARE_FLAG_AVAILABLE BIT(0) |
345 | #define KSMBD_SHARE_FLAG_BROWSEABLE BIT(1) |
346 | #define KSMBD_SHARE_FLAG_WRITEABLE BIT(2) |
347 | #define KSMBD_SHARE_FLAG_READONLY BIT(3) |
348 | #define KSMBD_SHARE_FLAG_GUEST_OK BIT(4) |
349 | #define KSMBD_SHARE_FLAG_GUEST_ONLY BIT(5) |
350 | #define KSMBD_SHARE_FLAG_STORE_DOS_ATTRS BIT(6) |
351 | #define KSMBD_SHARE_FLAG_OPLOCKS BIT(7) |
352 | #define KSMBD_SHARE_FLAG_PIPE BIT(8) |
353 | #define KSMBD_SHARE_FLAG_HIDE_DOT_FILES BIT(9) |
354 | #define KSMBD_SHARE_FLAG_INHERIT_OWNER BIT(10) |
355 | #define KSMBD_SHARE_FLAG_STREAMS BIT(11) |
356 | #define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS BIT(12) |
357 | #define KSMBD_SHARE_FLAG_ACL_XATTR BIT(13) |
358 | #define KSMBD_SHARE_FLAG_UPDATE BIT(14) |
359 | #define KSMBD_SHARE_FLAG_CROSSMNT BIT(15) |
360 | #define KSMBD_SHARE_FLAG_CONTINUOUS_AVAILABILITY BIT(16) |
361 | |
362 | /* |
363 | * Tree connect request flags. |
364 | */ |
365 | #define KSMBD_TREE_CONN_FLAG_REQUEST_SMB1 (0) |
366 | #define KSMBD_TREE_CONN_FLAG_REQUEST_IPV6 BIT(0) |
367 | #define KSMBD_TREE_CONN_FLAG_REQUEST_SMB2 BIT(1) |
368 | |
369 | /* |
370 | * Tree connect flags. |
371 | */ |
372 | #define KSMBD_TREE_CONN_FLAG_GUEST_ACCOUNT BIT(0) |
373 | #define KSMBD_TREE_CONN_FLAG_READ_ONLY BIT(1) |
374 | #define KSMBD_TREE_CONN_FLAG_WRITABLE BIT(2) |
375 | #define KSMBD_TREE_CONN_FLAG_ADMIN_ACCOUNT BIT(3) |
376 | #define KSMBD_TREE_CONN_FLAG_UPDATE BIT(4) |
377 | |
378 | /* |
379 | * RPC over IPC. |
380 | */ |
381 | #define KSMBD_RPC_METHOD_RETURN BIT(0) |
382 | #define KSMBD_RPC_SRVSVC_METHOD_INVOKE BIT(1) |
383 | #define KSMBD_RPC_SRVSVC_METHOD_RETURN (KSMBD_RPC_SRVSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN) |
384 | #define KSMBD_RPC_WKSSVC_METHOD_INVOKE BIT(2) |
385 | #define KSMBD_RPC_WKSSVC_METHOD_RETURN (KSMBD_RPC_WKSSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN) |
386 | #define KSMBD_RPC_IOCTL_METHOD (BIT(3) | KSMBD_RPC_METHOD_RETURN) |
387 | #define KSMBD_RPC_OPEN_METHOD BIT(4) |
388 | #define KSMBD_RPC_WRITE_METHOD BIT(5) |
389 | #define KSMBD_RPC_READ_METHOD (BIT(6) | KSMBD_RPC_METHOD_RETURN) |
390 | #define KSMBD_RPC_CLOSE_METHOD BIT(7) |
391 | #define KSMBD_RPC_RAP_METHOD (BIT(8) | KSMBD_RPC_METHOD_RETURN) |
392 | #define KSMBD_RPC_RESTRICTED_CONTEXT BIT(9) |
393 | #define KSMBD_RPC_SAMR_METHOD_INVOKE BIT(10) |
394 | #define KSMBD_RPC_SAMR_METHOD_RETURN (KSMBD_RPC_SAMR_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN) |
395 | #define KSMBD_RPC_LSARPC_METHOD_INVOKE BIT(11) |
396 | #define KSMBD_RPC_LSARPC_METHOD_RETURN (KSMBD_RPC_LSARPC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN) |
397 | |
398 | /* |
399 | * RPC status definitions. |
400 | */ |
401 | #define KSMBD_RPC_OK 0 |
402 | #define KSMBD_RPC_EBAD_FUNC 0x00000001 |
403 | #define KSMBD_RPC_EACCESS_DENIED 0x00000005 |
404 | #define KSMBD_RPC_EBAD_FID 0x00000006 |
405 | #define KSMBD_RPC_ENOMEM 0x00000008 |
406 | #define KSMBD_RPC_EBAD_DATA 0x0000000D |
407 | #define KSMBD_RPC_ENOTIMPLEMENTED 0x00000040 |
408 | #define KSMBD_RPC_EINVALID_PARAMETER 0x00000057 |
409 | #define KSMBD_RPC_EMORE_DATA 0x000000EA |
410 | #define KSMBD_RPC_EINVALID_LEVEL 0x0000007C |
411 | #define KSMBD_RPC_SOME_NOT_MAPPED 0x00000107 |
412 | |
413 | #define KSMBD_CONFIG_OPT_DISABLED 0 |
414 | #define KSMBD_CONFIG_OPT_ENABLED 1 |
415 | #define KSMBD_CONFIG_OPT_AUTO 2 |
416 | #define KSMBD_CONFIG_OPT_MANDATORY 3 |
417 | |
418 | #endif /* _LINUX_KSMBD_SERVER_H */ |
419 | |