1 | // SPDX-License-Identifier: GPL-2.0-or-later |
2 | /* |
3 | * Copyright (C) 2016 Namjae Jeon <linkinjeon@kernel.org> |
4 | * Copyright (C) 2018 Samsung Electronics Co., Ltd. |
5 | */ |
6 | |
7 | #include "glob.h" |
8 | #include "oplock.h" |
9 | #include "misc.h" |
10 | #include <linux/sched/signal.h> |
11 | #include <linux/workqueue.h> |
12 | #include <linux/sysfs.h> |
13 | #include <linux/module.h> |
14 | #include <linux/moduleparam.h> |
15 | |
16 | #include "server.h" |
17 | #include "smb_common.h" |
18 | #include "smbstatus.h" |
19 | #include "connection.h" |
20 | #include "transport_ipc.h" |
21 | #include "mgmt/user_session.h" |
22 | #include "crypto_ctx.h" |
23 | #include "auth.h" |
24 | |
25 | int ksmbd_debug_types; |
26 | |
27 | struct ksmbd_server_config server_conf; |
28 | |
29 | enum SERVER_CTRL_TYPE { |
30 | SERVER_CTRL_TYPE_INIT, |
31 | SERVER_CTRL_TYPE_RESET, |
32 | }; |
33 | |
34 | struct server_ctrl_struct { |
35 | int type; |
36 | struct work_struct ctrl_work; |
37 | }; |
38 | |
39 | static DEFINE_MUTEX(ctrl_lock); |
40 | |
41 | static int ___server_conf_set(int idx, char *val) |
42 | { |
43 | if (idx >= ARRAY_SIZE(server_conf.conf)) |
44 | return -EINVAL; |
45 | |
46 | if (!val || val[0] == 0x00) |
47 | return -EINVAL; |
48 | |
49 | kfree(objp: server_conf.conf[idx]); |
50 | server_conf.conf[idx] = kstrdup(s: val, GFP_KERNEL); |
51 | if (!server_conf.conf[idx]) |
52 | return -ENOMEM; |
53 | return 0; |
54 | } |
55 | |
56 | int ksmbd_set_netbios_name(char *v) |
57 | { |
58 | return ___server_conf_set(idx: SERVER_CONF_NETBIOS_NAME, val: v); |
59 | } |
60 | |
61 | int ksmbd_set_server_string(char *v) |
62 | { |
63 | return ___server_conf_set(idx: SERVER_CONF_SERVER_STRING, val: v); |
64 | } |
65 | |
66 | int ksmbd_set_work_group(char *v) |
67 | { |
68 | return ___server_conf_set(idx: SERVER_CONF_WORK_GROUP, val: v); |
69 | } |
70 | |
71 | char *ksmbd_netbios_name(void) |
72 | { |
73 | return server_conf.conf[SERVER_CONF_NETBIOS_NAME]; |
74 | } |
75 | |
76 | char *ksmbd_server_string(void) |
77 | { |
78 | return server_conf.conf[SERVER_CONF_SERVER_STRING]; |
79 | } |
80 | |
81 | char *ksmbd_work_group(void) |
82 | { |
83 | return server_conf.conf[SERVER_CONF_WORK_GROUP]; |
84 | } |
85 | |
86 | /** |
87 | * check_conn_state() - check state of server thread connection |
88 | * @work: smb work containing server thread information |
89 | * |
90 | * Return: 0 on valid connection, otherwise 1 to reconnect |
91 | */ |
92 | static inline int check_conn_state(struct ksmbd_work *work) |
93 | { |
94 | struct smb_hdr *rsp_hdr; |
95 | |
96 | if (ksmbd_conn_exiting(conn: work->conn) || |
97 | ksmbd_conn_need_reconnect(conn: work->conn)) { |
98 | rsp_hdr = work->response_buf; |
99 | rsp_hdr->Status.CifsError = STATUS_CONNECTION_DISCONNECTED; |
100 | return 1; |
101 | } |
102 | return 0; |
103 | } |
104 | |
105 | #define SERVER_HANDLER_CONTINUE 0 |
106 | #define SERVER_HANDLER_ABORT 1 |
107 | |
108 | static int __process_request(struct ksmbd_work *work, struct ksmbd_conn *conn, |
109 | u16 *cmd) |
110 | { |
111 | struct smb_version_cmds *cmds; |
112 | u16 command; |
113 | int ret; |
114 | |
115 | if (check_conn_state(work)) |
116 | return SERVER_HANDLER_CONTINUE; |
117 | |
118 | if (ksmbd_verify_smb_message(work)) { |
119 | conn->ops->set_rsp_status(work, STATUS_INVALID_PARAMETER); |
120 | return SERVER_HANDLER_ABORT; |
121 | } |
122 | |
123 | command = conn->ops->get_cmd_val(work); |
124 | *cmd = command; |
125 | |
126 | andx_again: |
127 | if (command >= conn->max_cmds) { |
128 | conn->ops->set_rsp_status(work, STATUS_INVALID_PARAMETER); |
129 | return SERVER_HANDLER_CONTINUE; |
130 | } |
131 | |
132 | cmds = &conn->cmds[command]; |
133 | if (!cmds->proc) { |
134 | ksmbd_debug(SMB, "*** not implemented yet cmd = %x\n" , command); |
135 | conn->ops->set_rsp_status(work, STATUS_NOT_IMPLEMENTED); |
136 | return SERVER_HANDLER_CONTINUE; |
137 | } |
138 | |
139 | if (work->sess && conn->ops->is_sign_req(work, command)) { |
140 | ret = conn->ops->check_sign_req(work); |
141 | if (!ret) { |
142 | conn->ops->set_rsp_status(work, STATUS_ACCESS_DENIED); |
143 | return SERVER_HANDLER_CONTINUE; |
144 | } |
145 | } |
146 | |
147 | ret = cmds->proc(work); |
148 | |
149 | if (ret < 0) |
150 | ksmbd_debug(CONN, "Failed to process %u [%d]\n" , command, ret); |
151 | /* AndX commands - chained request can return positive values */ |
152 | else if (ret > 0) { |
153 | command = ret; |
154 | *cmd = command; |
155 | goto andx_again; |
156 | } |
157 | |
158 | if (work->send_no_response) |
159 | return SERVER_HANDLER_ABORT; |
160 | return SERVER_HANDLER_CONTINUE; |
161 | } |
162 | |
163 | static void __handle_ksmbd_work(struct ksmbd_work *work, |
164 | struct ksmbd_conn *conn) |
165 | { |
166 | u16 command = 0; |
167 | int rc; |
168 | bool is_chained = false; |
169 | |
170 | if (conn->ops->is_transform_hdr && |
171 | conn->ops->is_transform_hdr(work->request_buf)) { |
172 | rc = conn->ops->decrypt_req(work); |
173 | if (rc < 0) |
174 | return; |
175 | work->encrypted = true; |
176 | } |
177 | |
178 | if (conn->ops->allocate_rsp_buf(work)) |
179 | return; |
180 | |
181 | rc = conn->ops->init_rsp_hdr(work); |
182 | if (rc) { |
183 | /* either uid or tid is not correct */ |
184 | conn->ops->set_rsp_status(work, STATUS_INVALID_HANDLE); |
185 | goto send; |
186 | } |
187 | |
188 | do { |
189 | if (conn->ops->check_user_session) { |
190 | rc = conn->ops->check_user_session(work); |
191 | if (rc < 0) { |
192 | if (rc == -EINVAL) |
193 | conn->ops->set_rsp_status(work, |
194 | STATUS_INVALID_PARAMETER); |
195 | else |
196 | conn->ops->set_rsp_status(work, |
197 | STATUS_USER_SESSION_DELETED); |
198 | goto send; |
199 | } else if (rc > 0) { |
200 | rc = conn->ops->get_ksmbd_tcon(work); |
201 | if (rc < 0) { |
202 | if (rc == -EINVAL) |
203 | conn->ops->set_rsp_status(work, |
204 | STATUS_INVALID_PARAMETER); |
205 | else |
206 | conn->ops->set_rsp_status(work, |
207 | STATUS_NETWORK_NAME_DELETED); |
208 | goto send; |
209 | } |
210 | } |
211 | } |
212 | |
213 | rc = __process_request(work, conn, cmd: &command); |
214 | if (rc == SERVER_HANDLER_ABORT) |
215 | break; |
216 | |
217 | /* |
218 | * Call smb2_set_rsp_credits() function to set number of credits |
219 | * granted in hdr of smb2 response. |
220 | */ |
221 | if (conn->ops->set_rsp_credits) { |
222 | spin_lock(lock: &conn->credits_lock); |
223 | rc = conn->ops->set_rsp_credits(work); |
224 | spin_unlock(lock: &conn->credits_lock); |
225 | if (rc < 0) { |
226 | conn->ops->set_rsp_status(work, |
227 | STATUS_INVALID_PARAMETER); |
228 | goto send; |
229 | } |
230 | } |
231 | |
232 | is_chained = is_chained_smb2_message(work); |
233 | |
234 | if (work->sess && |
235 | (work->sess->sign || smb3_11_final_sess_setup_resp(work) || |
236 | conn->ops->is_sign_req(work, command))) |
237 | conn->ops->set_sign_rsp(work); |
238 | } while (is_chained == true); |
239 | |
240 | send: |
241 | if (work->tcon) |
242 | ksmbd_tree_connect_put(tcon: work->tcon); |
243 | smb3_preauth_hash_rsp(work); |
244 | if (work->sess && work->sess->enc && work->encrypted && |
245 | conn->ops->encrypt_resp) { |
246 | rc = conn->ops->encrypt_resp(work); |
247 | if (rc < 0) |
248 | conn->ops->set_rsp_status(work, STATUS_DATA_ERROR); |
249 | } |
250 | |
251 | ksmbd_conn_write(work); |
252 | } |
253 | |
254 | /** |
255 | * handle_ksmbd_work() - process pending smb work requests |
256 | * @wk: smb work containing request command buffer |
257 | * |
258 | * called by kworker threads to processing remaining smb work requests |
259 | */ |
260 | static void handle_ksmbd_work(struct work_struct *wk) |
261 | { |
262 | struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work); |
263 | struct ksmbd_conn *conn = work->conn; |
264 | |
265 | atomic64_inc(v: &conn->stats.request_served); |
266 | |
267 | __handle_ksmbd_work(work, conn); |
268 | |
269 | ksmbd_conn_try_dequeue_request(work); |
270 | ksmbd_free_work_struct(work); |
271 | /* |
272 | * Checking waitqueue to dropping pending requests on |
273 | * disconnection. waitqueue_active is safe because it |
274 | * uses atomic operation for condition. |
275 | */ |
276 | if (!atomic_dec_return(v: &conn->r_count) && waitqueue_active(wq_head: &conn->r_count_q)) |
277 | wake_up(&conn->r_count_q); |
278 | } |
279 | |
280 | /** |
281 | * queue_ksmbd_work() - queue a smb request to worker thread queue |
282 | * for proccessing smb command and sending response |
283 | * @conn: connection instance |
284 | * |
285 | * read remaining data from socket create and submit work. |
286 | */ |
287 | static int queue_ksmbd_work(struct ksmbd_conn *conn) |
288 | { |
289 | struct ksmbd_work *work; |
290 | int err; |
291 | |
292 | work = ksmbd_alloc_work_struct(); |
293 | if (!work) { |
294 | pr_err("allocation for work failed\n" ); |
295 | return -ENOMEM; |
296 | } |
297 | |
298 | work->conn = conn; |
299 | work->request_buf = conn->request_buf; |
300 | conn->request_buf = NULL; |
301 | |
302 | err = ksmbd_init_smb_server(work); |
303 | if (err) { |
304 | ksmbd_free_work_struct(work); |
305 | return 0; |
306 | } |
307 | |
308 | ksmbd_conn_enqueue_request(work); |
309 | atomic_inc(v: &conn->r_count); |
310 | /* update activity on connection */ |
311 | conn->last_active = jiffies; |
312 | INIT_WORK(&work->work, handle_ksmbd_work); |
313 | ksmbd_queue_work(work); |
314 | return 0; |
315 | } |
316 | |
317 | static int ksmbd_server_process_request(struct ksmbd_conn *conn) |
318 | { |
319 | return queue_ksmbd_work(conn); |
320 | } |
321 | |
322 | static int ksmbd_server_terminate_conn(struct ksmbd_conn *conn) |
323 | { |
324 | ksmbd_sessions_deregister(conn); |
325 | destroy_lease_table(conn); |
326 | return 0; |
327 | } |
328 | |
329 | static void ksmbd_server_tcp_callbacks_init(void) |
330 | { |
331 | struct ksmbd_conn_ops ops; |
332 | |
333 | ops.process_fn = ksmbd_server_process_request; |
334 | ops.terminate_fn = ksmbd_server_terminate_conn; |
335 | |
336 | ksmbd_conn_init_server_callbacks(ops: &ops); |
337 | } |
338 | |
339 | static void server_conf_free(void) |
340 | { |
341 | int i; |
342 | |
343 | for (i = 0; i < ARRAY_SIZE(server_conf.conf); i++) { |
344 | kfree(objp: server_conf.conf[i]); |
345 | server_conf.conf[i] = NULL; |
346 | } |
347 | } |
348 | |
349 | static int server_conf_init(void) |
350 | { |
351 | WRITE_ONCE(server_conf.state, SERVER_STATE_STARTING_UP); |
352 | server_conf.enforced_signing = 0; |
353 | server_conf.min_protocol = ksmbd_min_protocol(); |
354 | server_conf.max_protocol = ksmbd_max_protocol(); |
355 | server_conf.auth_mechs = KSMBD_AUTH_NTLMSSP; |
356 | #ifdef CONFIG_SMB_SERVER_KERBEROS5 |
357 | server_conf.auth_mechs |= KSMBD_AUTH_KRB5 | |
358 | KSMBD_AUTH_MSKRB5; |
359 | #endif |
360 | return 0; |
361 | } |
362 | |
363 | static void server_ctrl_handle_init(struct server_ctrl_struct *ctrl) |
364 | { |
365 | int ret; |
366 | |
367 | ret = ksmbd_conn_transport_init(); |
368 | if (ret) { |
369 | server_queue_ctrl_reset_work(); |
370 | return; |
371 | } |
372 | |
373 | WRITE_ONCE(server_conf.state, SERVER_STATE_RUNNING); |
374 | } |
375 | |
376 | static void server_ctrl_handle_reset(struct server_ctrl_struct *ctrl) |
377 | { |
378 | ksmbd_ipc_soft_reset(); |
379 | ksmbd_conn_transport_destroy(); |
380 | server_conf_free(); |
381 | server_conf_init(); |
382 | WRITE_ONCE(server_conf.state, SERVER_STATE_STARTING_UP); |
383 | } |
384 | |
385 | static void server_ctrl_handle_work(struct work_struct *work) |
386 | { |
387 | struct server_ctrl_struct *ctrl; |
388 | |
389 | ctrl = container_of(work, struct server_ctrl_struct, ctrl_work); |
390 | |
391 | mutex_lock(&ctrl_lock); |
392 | switch (ctrl->type) { |
393 | case SERVER_CTRL_TYPE_INIT: |
394 | server_ctrl_handle_init(ctrl); |
395 | break; |
396 | case SERVER_CTRL_TYPE_RESET: |
397 | server_ctrl_handle_reset(ctrl); |
398 | break; |
399 | default: |
400 | pr_err("Unknown server work type: %d\n" , ctrl->type); |
401 | } |
402 | mutex_unlock(lock: &ctrl_lock); |
403 | kfree(objp: ctrl); |
404 | module_put(THIS_MODULE); |
405 | } |
406 | |
407 | static int __queue_ctrl_work(int type) |
408 | { |
409 | struct server_ctrl_struct *ctrl; |
410 | |
411 | ctrl = kmalloc(size: sizeof(struct server_ctrl_struct), GFP_KERNEL); |
412 | if (!ctrl) |
413 | return -ENOMEM; |
414 | |
415 | __module_get(THIS_MODULE); |
416 | ctrl->type = type; |
417 | INIT_WORK(&ctrl->ctrl_work, server_ctrl_handle_work); |
418 | queue_work(wq: system_long_wq, work: &ctrl->ctrl_work); |
419 | return 0; |
420 | } |
421 | |
422 | int server_queue_ctrl_init_work(void) |
423 | { |
424 | return __queue_ctrl_work(type: SERVER_CTRL_TYPE_INIT); |
425 | } |
426 | |
427 | int server_queue_ctrl_reset_work(void) |
428 | { |
429 | return __queue_ctrl_work(type: SERVER_CTRL_TYPE_RESET); |
430 | } |
431 | |
432 | static ssize_t stats_show(const struct class *class, const struct class_attribute *attr, |
433 | char *buf) |
434 | { |
435 | /* |
436 | * Inc this each time you change stats output format, |
437 | * so user space will know what to do. |
438 | */ |
439 | static int stats_version = 2; |
440 | static const char * const state[] = { |
441 | "startup" , |
442 | "running" , |
443 | "reset" , |
444 | "shutdown" |
445 | }; |
446 | return sysfs_emit(buf, fmt: "%d %s %d %lu\n" , stats_version, |
447 | state[server_conf.state], server_conf.tcp_port, |
448 | server_conf.ipc_last_active / HZ); |
449 | } |
450 | |
451 | static ssize_t kill_server_store(const struct class *class, |
452 | const struct class_attribute *attr, const char *buf, |
453 | size_t len) |
454 | { |
455 | if (!sysfs_streq(s1: buf, s2: "hard" )) |
456 | return len; |
457 | |
458 | pr_info("kill command received\n" ); |
459 | mutex_lock(&ctrl_lock); |
460 | WRITE_ONCE(server_conf.state, SERVER_STATE_RESETTING); |
461 | __module_get(THIS_MODULE); |
462 | server_ctrl_handle_reset(NULL); |
463 | module_put(THIS_MODULE); |
464 | mutex_unlock(lock: &ctrl_lock); |
465 | return len; |
466 | } |
467 | |
468 | static const char * const debug_type_strings[] = {"smb" , "auth" , "vfs" , |
469 | "oplock" , "ipc" , "conn" , |
470 | "rdma" }; |
471 | |
472 | static ssize_t debug_show(const struct class *class, const struct class_attribute *attr, |
473 | char *buf) |
474 | { |
475 | ssize_t sz = 0; |
476 | int i, pos = 0; |
477 | |
478 | for (i = 0; i < ARRAY_SIZE(debug_type_strings); i++) { |
479 | if ((ksmbd_debug_types >> i) & 1) { |
480 | pos = sysfs_emit_at(buf, at: sz, fmt: "[%s] " , debug_type_strings[i]); |
481 | } else { |
482 | pos = sysfs_emit_at(buf, at: sz, fmt: "%s " , debug_type_strings[i]); |
483 | } |
484 | sz += pos; |
485 | } |
486 | sz += sysfs_emit_at(buf, at: sz, fmt: "\n" ); |
487 | return sz; |
488 | } |
489 | |
490 | static ssize_t debug_store(const struct class *class, const struct class_attribute *attr, |
491 | const char *buf, size_t len) |
492 | { |
493 | int i; |
494 | |
495 | for (i = 0; i < ARRAY_SIZE(debug_type_strings); i++) { |
496 | if (sysfs_streq(s1: buf, s2: "all" )) { |
497 | if (ksmbd_debug_types == KSMBD_DEBUG_ALL) |
498 | ksmbd_debug_types = 0; |
499 | else |
500 | ksmbd_debug_types = KSMBD_DEBUG_ALL; |
501 | break; |
502 | } |
503 | |
504 | if (sysfs_streq(s1: buf, s2: debug_type_strings[i])) { |
505 | if (ksmbd_debug_types & (1 << i)) |
506 | ksmbd_debug_types &= ~(1 << i); |
507 | else |
508 | ksmbd_debug_types |= (1 << i); |
509 | break; |
510 | } |
511 | } |
512 | |
513 | return len; |
514 | } |
515 | |
516 | static CLASS_ATTR_RO(stats); |
517 | static CLASS_ATTR_WO(kill_server); |
518 | static CLASS_ATTR_RW(debug); |
519 | |
520 | static struct attribute *ksmbd_control_class_attrs[] = { |
521 | &class_attr_stats.attr, |
522 | &class_attr_kill_server.attr, |
523 | &class_attr_debug.attr, |
524 | NULL, |
525 | }; |
526 | ATTRIBUTE_GROUPS(ksmbd_control_class); |
527 | |
528 | static struct class ksmbd_control_class = { |
529 | .name = "ksmbd-control" , |
530 | .class_groups = ksmbd_control_class_groups, |
531 | }; |
532 | |
533 | static int ksmbd_server_shutdown(void) |
534 | { |
535 | WRITE_ONCE(server_conf.state, SERVER_STATE_SHUTTING_DOWN); |
536 | |
537 | class_unregister(class: &ksmbd_control_class); |
538 | ksmbd_workqueue_destroy(); |
539 | ksmbd_ipc_release(); |
540 | ksmbd_conn_transport_destroy(); |
541 | ksmbd_crypto_destroy(); |
542 | ksmbd_free_global_file_table(); |
543 | destroy_lease_table(NULL); |
544 | ksmbd_work_pool_destroy(); |
545 | ksmbd_exit_file_cache(); |
546 | server_conf_free(); |
547 | return 0; |
548 | } |
549 | |
550 | static int __init ksmbd_server_init(void) |
551 | { |
552 | int ret; |
553 | |
554 | ret = class_register(class: &ksmbd_control_class); |
555 | if (ret) { |
556 | pr_err("Unable to register ksmbd-control class\n" ); |
557 | return ret; |
558 | } |
559 | |
560 | ksmbd_server_tcp_callbacks_init(); |
561 | |
562 | ret = server_conf_init(); |
563 | if (ret) |
564 | goto err_unregister; |
565 | |
566 | ret = ksmbd_work_pool_init(); |
567 | if (ret) |
568 | goto err_unregister; |
569 | |
570 | ret = ksmbd_init_file_cache(); |
571 | if (ret) |
572 | goto err_destroy_work_pools; |
573 | |
574 | ret = ksmbd_ipc_init(); |
575 | if (ret) |
576 | goto err_exit_file_cache; |
577 | |
578 | ret = ksmbd_init_global_file_table(); |
579 | if (ret) |
580 | goto err_ipc_release; |
581 | |
582 | ret = ksmbd_inode_hash_init(); |
583 | if (ret) |
584 | goto err_destroy_file_table; |
585 | |
586 | ret = ksmbd_crypto_create(); |
587 | if (ret) |
588 | goto err_release_inode_hash; |
589 | |
590 | ret = ksmbd_workqueue_init(); |
591 | if (ret) |
592 | goto err_crypto_destroy; |
593 | |
594 | return 0; |
595 | |
596 | err_crypto_destroy: |
597 | ksmbd_crypto_destroy(); |
598 | err_release_inode_hash: |
599 | ksmbd_release_inode_hash(); |
600 | err_destroy_file_table: |
601 | ksmbd_free_global_file_table(); |
602 | err_ipc_release: |
603 | ksmbd_ipc_release(); |
604 | err_exit_file_cache: |
605 | ksmbd_exit_file_cache(); |
606 | err_destroy_work_pools: |
607 | ksmbd_work_pool_destroy(); |
608 | err_unregister: |
609 | class_unregister(class: &ksmbd_control_class); |
610 | |
611 | return ret; |
612 | } |
613 | |
614 | /** |
615 | * ksmbd_server_exit() - shutdown forker thread and free memory at module exit |
616 | */ |
617 | static void __exit ksmbd_server_exit(void) |
618 | { |
619 | ksmbd_server_shutdown(); |
620 | rcu_barrier(); |
621 | ksmbd_release_inode_hash(); |
622 | } |
623 | |
624 | MODULE_AUTHOR("Namjae Jeon <linkinjeon@kernel.org>" ); |
625 | MODULE_DESCRIPTION("Linux kernel CIFS/SMB SERVER" ); |
626 | MODULE_LICENSE("GPL" ); |
627 | MODULE_SOFTDEP("pre: ecb" ); |
628 | MODULE_SOFTDEP("pre: hmac" ); |
629 | MODULE_SOFTDEP("pre: md5" ); |
630 | MODULE_SOFTDEP("pre: nls" ); |
631 | MODULE_SOFTDEP("pre: aes" ); |
632 | MODULE_SOFTDEP("pre: cmac" ); |
633 | MODULE_SOFTDEP("pre: sha256" ); |
634 | MODULE_SOFTDEP("pre: sha512" ); |
635 | MODULE_SOFTDEP("pre: aead2" ); |
636 | MODULE_SOFTDEP("pre: ccm" ); |
637 | MODULE_SOFTDEP("pre: gcm" ); |
638 | MODULE_SOFTDEP("pre: crc32" ); |
639 | module_init(ksmbd_server_init) |
640 | module_exit(ksmbd_server_exit) |
641 | |