fs/ksmbd/ksmbd_netlink.h

0001 /* SPDX-License-Identifier: GPL-2.0-or-later */
0002 /*
0003  *   Copyright (C) 2018 Samsung Electronics Co., Ltd.
0004  *
0005  *   linux-ksmbd-devel@lists.sourceforge.net
0006  */
0007
0008 #ifndef _LINUX_KSMBD_SERVER_H
0009 #define _LINUX_KSMBD_SERVER_H
0010
0011 #include <linux/types.h>
0012
0013 /*
0014  * This is a userspace ABI to communicate data between ksmbd and user IPC
0015  * daemon using netlink. This is added to track and cache user account DB
0016  * and share configuration info from userspace.
0017  *
0018  *  - KSMBD_EVENT_HEARTBEAT_REQUEST(ksmbd_heartbeat)
0019  *    This event is to check whether user IPC daemon is alive. If user IPC
0020  *    daemon is dead, ksmbd keep existing connection till disconnecting and
0021  *    new connection will be denied.
0022  *
0023  *  - KSMBD_EVENT_STARTING_UP(ksmbd_startup_request)
0024  *    This event is to receive the information that initializes the ksmbd
0025  *    server from the user IPC daemon and to start the server. The global
0026  *    section parameters are given from smb.conf as initialization
0027  *    information.
0028  *
0029  *  - KSMBD_EVENT_SHUTTING_DOWN(ksmbd_shutdown_request)
0030  *    This event is to shutdown ksmbd server.
0031  *
0032  *  - KSMBD_EVENT_LOGIN_REQUEST/RESPONSE(ksmbd_login_request/response)
0033  *    This event is to get user account info to user IPC daemon.
0034  *
0035  *  - KSMBD_EVENT_SHARE_CONFIG_REQUEST/RESPONSE(ksmbd_share_config_request/response)
0036  *    This event is to get net share configuration info.
0037  *
0038  *  - KSMBD_EVENT_TREE_CONNECT_REQUEST/RESPONSE(ksmbd_tree_connect_request/response)
0039  *    This event is to get session and tree connect info.
0040  *
0041  *  - KSMBD_EVENT_TREE_DISCONNECT_REQUEST(ksmbd_tree_disconnect_request)
0042  *    This event is to send tree disconnect info to user IPC daemon.
0043  *
0044  *  - KSMBD_EVENT_LOGOUT_REQUEST(ksmbd_logout_request)
0045  *    This event is to send logout request to user IPC daemon.
0046  *
0047  *  - KSMBD_EVENT_RPC_REQUEST/RESPONSE(ksmbd_rpc_command)
0048  *    This event is to make DCE/RPC request like srvsvc, wkssvc, lsarpc,
0049  *    samr to be processed in userspace.
0050  *
0051  *  - KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST/RESPONSE(ksmbd_spnego_authen_request/response)
0052  *    This event is to make kerberos authentication to be processed in
0053  *    userspace.
0054  */
0055
0056 #define KSMBD_GENL_NAME     "SMBD_GENL"
0057 #define KSMBD_GENL_VERSION      0x01
0058
0059 #define KSMBD_REQ_MAX_ACCOUNT_NAME_SZ   48
0060 #define KSMBD_REQ_MAX_HASH_SZ       18
0061 #define KSMBD_REQ_MAX_SHARE_NAME    64
0062
0063 /*
0064  * IPC heartbeat frame to check whether user IPC daemon is alive.
0065  */
0066 struct ksmbd_heartbeat {
0067     __u32   handle;
0068 };
0069
0070 /*
0071  * Global config flags.
0072  */
0073 #define KSMBD_GLOBAL_FLAG_INVALID       (0)
0074 #define KSMBD_GLOBAL_FLAG_SMB2_LEASES       BIT(0)
0075 #define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION   BIT(1)
0076 #define KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL BIT(2)
0077
0078 /*
0079  * IPC request for ksmbd server startup
0080  */
0081 struct ksmbd_startup_request {
0082     __u32   flags;          /* Flags for global config */
0083     __s32   signing;        /* Signing enabled */
0084     __s8    min_prot[16];       /* The minimum SMB protocol version */
0085     __s8    max_prot[16];       /* The maximum SMB protocol version */
0086     __s8    netbios_name[16];
0087     __s8    work_group[64];     /* Workgroup */
0088     __s8    server_string[64];  /* Server string */
0089     __u16   tcp_port;       /* tcp port */
0090     __u16   ipc_timeout;        /*
0091                      * specifies the number of seconds
0092                      * server will wait for the userspace to
0093                      * reply to heartbeat frames.
0094                      */
0095     __u32   deadtime;       /* Number of minutes of inactivity */
0096     __u32   file_max;       /* Limits the maximum number of open files */
0097     __u32   smb2_max_write;     /* MAX write size */
0098     __u32   smb2_max_read;      /* MAX read size */
0099     __u32   smb2_max_trans;     /* MAX trans size */
0100     __u32   share_fake_fscaps;  /*
0101                      * Support some special application that
0102                      * makes QFSINFO calls to check whether
0103                      * we set the SPARSE_FILES bit (0x40).
0104                      */
0105     __u32   sub_auth[3];        /* Subauth value for Security ID */
0106     __u32   smb2_max_credits;   /* MAX credits */
0107     __u32   smbd_max_io_size;   /* smbd read write size */
0108     __u32   reserved[127];      /* Reserved room */
0109     __u32   ifc_list_sz;        /* interfaces list size */
0110     __s8    ____payload[];
0111 };
0112
0113 #define KSMBD_STARTUP_CONFIG_INTERFACES(s)  ((s)->____payload)
0114
0115 /*
0116  * IPC request to shutdown ksmbd server.
0117  */
0118 struct ksmbd_shutdown_request {
0119     __s32   reserved[16];
0120 };
0121
0122 /*
0123  * IPC user login request.
0124  */
0125 struct ksmbd_login_request {
0126     __u32   handle;
0127     __s8    account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
0128     __u32   reserved[16];               /* Reserved room */
0129 };
0130
0131 /*
0132  * IPC user login response.
0133  */
0134 struct ksmbd_login_response {
0135     __u32   handle;
0136     __u32   gid;                    /* group id */
0137     __u32   uid;                    /* user id */
0138     __s8    account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
0139     __u16   status;
0140     __u16   hash_sz;            /* hash size */
0141     __s8    hash[KSMBD_REQ_MAX_HASH_SZ];    /* password hash */
0142     __u32   reserved[16];           /* Reserved room */
0143 };
0144
0145 /*
0146  * IPC request to fetch net share config.
0147  */
0148 struct ksmbd_share_config_request {
0149     __u32   handle;
0150     __s8    share_name[KSMBD_REQ_MAX_SHARE_NAME]; /* share name */
0151     __u32   reserved[16];       /* Reserved room */
0152 };
0153
0154 /*
0155  * IPC response to the net share config request.
0156  */
0157 struct ksmbd_share_config_response {
0158     __u32   handle;
0159     __u32   flags;
0160     __u16   create_mask;
0161     __u16   directory_mask;
0162     __u16   force_create_mode;
0163     __u16   force_directory_mode;
0164     __u16   force_uid;
0165     __u16   force_gid;
0166     __u32   reserved[128];      /* Reserved room */
0167     __u32   veto_list_sz;
0168     __s8    ____payload[];
0169 };
0170
0171 #define KSMBD_SHARE_CONFIG_VETO_LIST(s) ((s)->____payload)
0172
0173 static inline char *
0174 ksmbd_share_config_path(struct ksmbd_share_config_response *sc)
0175 {
0176     char *p = sc->____payload;
0177
0178     if (sc->veto_list_sz)
0179         p += sc->veto_list_sz + 1;
0180
0181     return p;
0182 }
0183
0184 /*
0185  * IPC request for tree connection. This request include session and tree
0186  * connect info from client.
0187  */
0188 struct ksmbd_tree_connect_request {
0189     __u32   handle;
0190     __u16   account_flags;
0191     __u16   flags;
0192     __u64   session_id;
0193     __u64   connect_id;
0194     __s8    account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
0195     __s8    share[KSMBD_REQ_MAX_SHARE_NAME];
0196     __s8    peer_addr[64];
0197     __u32   reserved[16];       /* Reserved room */
0198 };
0199
0200 /*
0201  * IPC Response structure for tree connection.
0202  */
0203 struct ksmbd_tree_connect_response {
0204     __u32   handle;
0205     __u16   status;
0206     __u16   connection_flags;
0207     __u32   reserved[16];       /* Reserved room */
0208 };
0209
0210 /*
0211  * IPC Request struture to disconnect tree connection.
0212  */
0213 struct ksmbd_tree_disconnect_request {
0214     __u64   session_id; /* session id */
0215     __u64   connect_id; /* tree connection id */
0216     __u32   reserved[16];   /* Reserved room */
0217 };
0218
0219 /*
0220  * IPC Response structure to logout user account.
0221  */
0222 struct ksmbd_logout_request {
0223     __s8    account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
0224     __u32   account_flags;
0225     __u32   reserved[16];               /* Reserved room */
0226 };
0227
0228 /*
0229  * RPC command structure to send rpc request like srvsvc or wkssvc to
0230  * IPC user daemon.
0231  */
0232 struct ksmbd_rpc_command {
0233     __u32   handle;
0234     __u32   flags;
0235     __u32   payload_sz;
0236     __u8    payload[];
0237 };
0238
0239 /*
0240  * IPC Request Kerberos authentication
0241  */
0242 struct ksmbd_spnego_authen_request {
0243     __u32   handle;
0244     __u16   spnego_blob_len;    /* the length of spnego_blob */
0245     __u8    spnego_blob[];      /*
0246                      * the GSS token from SecurityBuffer of
0247                      * SMB2 SESSION SETUP request
0248                      */
0249 };
0250
0251 /*
0252  * Response data which includes the GSS token and the session key generated by
0253  * user daemon.
0254  */
0255 struct ksmbd_spnego_authen_response {
0256     __u32   handle;
0257     struct ksmbd_login_response login_response; /*
0258                              * the login response with
0259                              * a user identified by the
0260                              * GSS token from a client
0261                              */
0262     __u16   session_key_len; /* the length of the session key */
0263     __u16   spnego_blob_len; /*
0264                   * the length of  the GSS token which will be
0265                   * stored in SecurityBuffer of SMB2 SESSION
0266                   * SETUP response
0267                   */
0268     __u8    payload[]; /* session key + AP_REP */
0269 };
0270
0271 /*
0272  * This also used as NETLINK attribute type value.
0273  *
0274  * NOTE:
0275  * Response message type value should be equal to
0276  * request message type value + 1.
0277  */
0278 enum ksmbd_event {
0279     KSMBD_EVENT_UNSPEC          = 0,
0280     KSMBD_EVENT_HEARTBEAT_REQUEST,
0281
0282     KSMBD_EVENT_STARTING_UP,
0283     KSMBD_EVENT_SHUTTING_DOWN,
0284
0285     KSMBD_EVENT_LOGIN_REQUEST,
0286     KSMBD_EVENT_LOGIN_RESPONSE      = 5,
0287
0288     KSMBD_EVENT_SHARE_CONFIG_REQUEST,
0289     KSMBD_EVENT_SHARE_CONFIG_RESPONSE,
0290
0291     KSMBD_EVENT_TREE_CONNECT_REQUEST,
0292     KSMBD_EVENT_TREE_CONNECT_RESPONSE,
0293
0294     KSMBD_EVENT_TREE_DISCONNECT_REQUEST = 10,
0295
0296     KSMBD_EVENT_LOGOUT_REQUEST,
0297
0298     KSMBD_EVENT_RPC_REQUEST,
0299     KSMBD_EVENT_RPC_RESPONSE,
0300
0301     KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST,
0302     KSMBD_EVENT_SPNEGO_AUTHEN_RESPONSE  = 15,
0303
0304     KSMBD_EVENT_MAX
0305 };
0306
0307 /*
0308  * Enumeration for IPC tree connect status.
0309  */
0310 enum KSMBD_TREE_CONN_STATUS {
0311     KSMBD_TREE_CONN_STATUS_OK       = 0,
0312     KSMBD_TREE_CONN_STATUS_NOMEM,
0313     KSMBD_TREE_CONN_STATUS_NO_SHARE,
0314     KSMBD_TREE_CONN_STATUS_NO_USER,
0315     KSMBD_TREE_CONN_STATUS_INVALID_USER,
0316     KSMBD_TREE_CONN_STATUS_HOST_DENIED  = 5,
0317     KSMBD_TREE_CONN_STATUS_CONN_EXIST,
0318     KSMBD_TREE_CONN_STATUS_TOO_MANY_CONNS,
0319     KSMBD_TREE_CONN_STATUS_TOO_MANY_SESSIONS,
0320     KSMBD_TREE_CONN_STATUS_ERROR,
0321 };
0322
0323 /*
0324  * User config flags.
0325  */
0326 #define KSMBD_USER_FLAG_INVALID     (0)
0327 #define KSMBD_USER_FLAG_OK      BIT(0)
0328 #define KSMBD_USER_FLAG_BAD_PASSWORD    BIT(1)
0329 #define KSMBD_USER_FLAG_BAD_UID     BIT(2)
0330 #define KSMBD_USER_FLAG_BAD_USER    BIT(3)
0331 #define KSMBD_USER_FLAG_GUEST_ACCOUNT   BIT(4)
0332 #define KSMBD_USER_FLAG_DELAY_SESSION   BIT(5)
0333
0334 /*
0335  * Share config flags.
0336  */
0337 #define KSMBD_SHARE_FLAG_INVALID        (0)
0338 #define KSMBD_SHARE_FLAG_AVAILABLE      BIT(0)
0339 #define KSMBD_SHARE_FLAG_BROWSEABLE     BIT(1)
0340 #define KSMBD_SHARE_FLAG_WRITEABLE      BIT(2)
0341 #define KSMBD_SHARE_FLAG_READONLY       BIT(3)
0342 #define KSMBD_SHARE_FLAG_GUEST_OK       BIT(4)
0343 #define KSMBD_SHARE_FLAG_GUEST_ONLY     BIT(5)
0344 #define KSMBD_SHARE_FLAG_STORE_DOS_ATTRS    BIT(6)
0345 #define KSMBD_SHARE_FLAG_OPLOCKS        BIT(7)
0346 #define KSMBD_SHARE_FLAG_PIPE           BIT(8)
0347 #define KSMBD_SHARE_FLAG_HIDE_DOT_FILES     BIT(9)
0348 #define KSMBD_SHARE_FLAG_INHERIT_OWNER      BIT(10)
0349 #define KSMBD_SHARE_FLAG_STREAMS        BIT(11)
0350 #define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS    BIT(12)
0351 #define KSMBD_SHARE_FLAG_ACL_XATTR      BIT(13)
0352 #define KSMBD_SHARE_FLAG_UPDATE     BIT(14)
0353
0354 /*
0355  * Tree connect request flags.
0356  */
0357 #define KSMBD_TREE_CONN_FLAG_REQUEST_SMB1   (0)
0358 #define KSMBD_TREE_CONN_FLAG_REQUEST_IPV6   BIT(0)
0359 #define KSMBD_TREE_CONN_FLAG_REQUEST_SMB2   BIT(1)
0360
0361 /*
0362  * Tree connect flags.
0363  */
0364 #define KSMBD_TREE_CONN_FLAG_GUEST_ACCOUNT  BIT(0)
0365 #define KSMBD_TREE_CONN_FLAG_READ_ONLY      BIT(1)
0366 #define KSMBD_TREE_CONN_FLAG_WRITABLE       BIT(2)
0367 #define KSMBD_TREE_CONN_FLAG_ADMIN_ACCOUNT  BIT(3)
0368 #define KSMBD_TREE_CONN_FLAG_UPDATE     BIT(4)
0369
0370 /*
0371  * RPC over IPC.
0372  */
0373 #define KSMBD_RPC_METHOD_RETURN     BIT(0)
0374 #define KSMBD_RPC_SRVSVC_METHOD_INVOKE  BIT(1)
0375 #define KSMBD_RPC_SRVSVC_METHOD_RETURN  (KSMBD_RPC_SRVSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
0376 #define KSMBD_RPC_WKSSVC_METHOD_INVOKE  BIT(2)
0377 #define KSMBD_RPC_WKSSVC_METHOD_RETURN  (KSMBD_RPC_WKSSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
0378 #define KSMBD_RPC_IOCTL_METHOD      (BIT(3) | KSMBD_RPC_METHOD_RETURN)
0379 #define KSMBD_RPC_OPEN_METHOD       BIT(4)
0380 #define KSMBD_RPC_WRITE_METHOD      BIT(5)
0381 #define KSMBD_RPC_READ_METHOD       (BIT(6) | KSMBD_RPC_METHOD_RETURN)
0382 #define KSMBD_RPC_CLOSE_METHOD      BIT(7)
0383 #define KSMBD_RPC_RAP_METHOD        (BIT(8) | KSMBD_RPC_METHOD_RETURN)
0384 #define KSMBD_RPC_RESTRICTED_CONTEXT    BIT(9)
0385 #define KSMBD_RPC_SAMR_METHOD_INVOKE    BIT(10)
0386 #define KSMBD_RPC_SAMR_METHOD_RETURN    (KSMBD_RPC_SAMR_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
0387 #define KSMBD_RPC_LSARPC_METHOD_INVOKE  BIT(11)
0388 #define KSMBD_RPC_LSARPC_METHOD_RETURN  (KSMBD_RPC_LSARPC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
0389
0390 /*
0391  * RPC status definitions.
0392  */
0393 #define KSMBD_RPC_OK            0
0394 #define KSMBD_RPC_EBAD_FUNC     0x00000001
0395 #define KSMBD_RPC_EACCESS_DENIED    0x00000005
0396 #define KSMBD_RPC_EBAD_FID      0x00000006
0397 #define KSMBD_RPC_ENOMEM        0x00000008
0398 #define KSMBD_RPC_EBAD_DATA     0x0000000D
0399 #define KSMBD_RPC_ENOTIMPLEMENTED   0x00000040
0400 #define KSMBD_RPC_EINVALID_PARAMETER    0x00000057
0401 #define KSMBD_RPC_EMORE_DATA        0x000000EA
0402 #define KSMBD_RPC_EINVALID_LEVEL    0x0000007C
0403 #define KSMBD_RPC_SOME_NOT_MAPPED   0x00000107
0404
0405 #define KSMBD_CONFIG_OPT_DISABLED   0
0406 #define KSMBD_CONFIG_OPT_ENABLED    1
0407 #define KSMBD_CONFIG_OPT_AUTO       2
0408 #define KSMBD_CONFIG_OPT_MANDATORY  3
0409
0410 #endif /* _LINUX_KSMBD_SERVER_H */