0001
0002
0003
0004
0005
0006 #include <linux/list.h>
0007 #include <linux/slab.h>
0008 #include <linux/rwsem.h>
0009 #include <linux/xarray.h>
0010
0011 #include "ksmbd_ida.h"
0012 #include "user_session.h"
0013 #include "user_config.h"
0014 #include "tree_connect.h"
0015 #include "../transport_ipc.h"
0016 #include "../connection.h"
0017 #include "../vfs_cache.h"
0018
0019 static DEFINE_IDA(session_ida);
0020
0021 #define SESSION_HASH_BITS 3
0022 static DEFINE_HASHTABLE(sessions_table, SESSION_HASH_BITS);
0023 static DECLARE_RWSEM(sessions_table_lock);
0024
0025 struct ksmbd_session_rpc {
0026 int id;
0027 unsigned int method;
0028 struct list_head list;
0029 };
0030
0031 static void free_channel_list(struct ksmbd_session *sess)
0032 {
0033 struct channel *chann, *tmp;
0034
0035 write_lock(&sess->chann_lock);
0036 list_for_each_entry_safe(chann, tmp, &sess->ksmbd_chann_list,
0037 chann_list) {
0038 list_del(&chann->chann_list);
0039 kfree(chann);
0040 }
0041 write_unlock(&sess->chann_lock);
0042 }
0043
0044 static void __session_rpc_close(struct ksmbd_session *sess,
0045 struct ksmbd_session_rpc *entry)
0046 {
0047 struct ksmbd_rpc_command *resp;
0048
0049 resp = ksmbd_rpc_close(sess, entry->id);
0050 if (!resp)
0051 pr_err("Unable to close RPC pipe %d\n", entry->id);
0052
0053 kvfree(resp);
0054 ksmbd_rpc_id_free(entry->id);
0055 kfree(entry);
0056 }
0057
0058 static void ksmbd_session_rpc_clear_list(struct ksmbd_session *sess)
0059 {
0060 struct ksmbd_session_rpc *entry;
0061
0062 while (!list_empty(&sess->rpc_handle_list)) {
0063 entry = list_entry(sess->rpc_handle_list.next,
0064 struct ksmbd_session_rpc,
0065 list);
0066
0067 list_del(&entry->list);
0068 __session_rpc_close(sess, entry);
0069 }
0070 }
0071
0072 static int __rpc_method(char *rpc_name)
0073 {
0074 if (!strcmp(rpc_name, "\\srvsvc") || !strcmp(rpc_name, "srvsvc"))
0075 return KSMBD_RPC_SRVSVC_METHOD_INVOKE;
0076
0077 if (!strcmp(rpc_name, "\\wkssvc") || !strcmp(rpc_name, "wkssvc"))
0078 return KSMBD_RPC_WKSSVC_METHOD_INVOKE;
0079
0080 if (!strcmp(rpc_name, "LANMAN") || !strcmp(rpc_name, "lanman"))
0081 return KSMBD_RPC_RAP_METHOD;
0082
0083 if (!strcmp(rpc_name, "\\samr") || !strcmp(rpc_name, "samr"))
0084 return KSMBD_RPC_SAMR_METHOD_INVOKE;
0085
0086 if (!strcmp(rpc_name, "\\lsarpc") || !strcmp(rpc_name, "lsarpc"))
0087 return KSMBD_RPC_LSARPC_METHOD_INVOKE;
0088
0089 pr_err("Unsupported RPC: %s\n", rpc_name);
0090 return 0;
0091 }
0092
0093 int ksmbd_session_rpc_open(struct ksmbd_session *sess, char *rpc_name)
0094 {
0095 struct ksmbd_session_rpc *entry;
0096 struct ksmbd_rpc_command *resp;
0097 int method;
0098
0099 method = __rpc_method(rpc_name);
0100 if (!method)
0101 return -EINVAL;
0102
0103 entry = kzalloc(sizeof(struct ksmbd_session_rpc), GFP_KERNEL);
0104 if (!entry)
0105 return -EINVAL;
0106
0107 list_add(&entry->list, &sess->rpc_handle_list);
0108 entry->method = method;
0109 entry->id = ksmbd_ipc_id_alloc();
0110 if (entry->id < 0)
0111 goto error;
0112
0113 resp = ksmbd_rpc_open(sess, entry->id);
0114 if (!resp)
0115 goto error;
0116
0117 kvfree(resp);
0118 return entry->id;
0119 error:
0120 list_del(&entry->list);
0121 kfree(entry);
0122 return -EINVAL;
0123 }
0124
0125 void ksmbd_session_rpc_close(struct ksmbd_session *sess, int id)
0126 {
0127 struct ksmbd_session_rpc *entry;
0128
0129 list_for_each_entry(entry, &sess->rpc_handle_list, list) {
0130 if (entry->id == id) {
0131 list_del(&entry->list);
0132 __session_rpc_close(sess, entry);
0133 break;
0134 }
0135 }
0136 }
0137
0138 int ksmbd_session_rpc_method(struct ksmbd_session *sess, int id)
0139 {
0140 struct ksmbd_session_rpc *entry;
0141
0142 list_for_each_entry(entry, &sess->rpc_handle_list, list) {
0143 if (entry->id == id)
0144 return entry->method;
0145 }
0146 return 0;
0147 }
0148
0149 void ksmbd_session_destroy(struct ksmbd_session *sess)
0150 {
0151 if (!sess)
0152 return;
0153
0154 down_write(&sessions_table_lock);
0155 hash_del(&sess->hlist);
0156 up_write(&sessions_table_lock);
0157
0158 if (sess->user)
0159 ksmbd_free_user(sess->user);
0160
0161 ksmbd_tree_conn_session_logoff(sess);
0162 ksmbd_destroy_file_table(&sess->file_table);
0163 ksmbd_session_rpc_clear_list(sess);
0164 free_channel_list(sess);
0165 kfree(sess->Preauth_HashValue);
0166 ksmbd_release_id(&session_ida, sess->id);
0167 kfree(sess);
0168 }
0169
0170 static struct ksmbd_session *__session_lookup(unsigned long long id)
0171 {
0172 struct ksmbd_session *sess;
0173
0174 hash_for_each_possible(sessions_table, sess, hlist, id) {
0175 if (id == sess->id)
0176 return sess;
0177 }
0178 return NULL;
0179 }
0180
0181 int ksmbd_session_register(struct ksmbd_conn *conn,
0182 struct ksmbd_session *sess)
0183 {
0184 sess->dialect = conn->dialect;
0185 memcpy(sess->ClientGUID, conn->ClientGUID, SMB2_CLIENT_GUID_SIZE);
0186 return xa_err(xa_store(&conn->sessions, sess->id, sess, GFP_KERNEL));
0187 }
0188
0189 static int ksmbd_chann_del(struct ksmbd_conn *conn, struct ksmbd_session *sess)
0190 {
0191 struct channel *chann, *tmp;
0192
0193 write_lock(&sess->chann_lock);
0194 list_for_each_entry_safe(chann, tmp, &sess->ksmbd_chann_list,
0195 chann_list) {
0196 if (chann->conn == conn) {
0197 list_del(&chann->chann_list);
0198 kfree(chann);
0199 write_unlock(&sess->chann_lock);
0200 return 0;
0201 }
0202 }
0203 write_unlock(&sess->chann_lock);
0204
0205 return -ENOENT;
0206 }
0207
0208 void ksmbd_sessions_deregister(struct ksmbd_conn *conn)
0209 {
0210 struct ksmbd_session *sess;
0211
0212 if (conn->binding) {
0213 int bkt;
0214
0215 down_write(&sessions_table_lock);
0216 hash_for_each(sessions_table, bkt, sess, hlist) {
0217 if (!ksmbd_chann_del(conn, sess)) {
0218 up_write(&sessions_table_lock);
0219 goto sess_destroy;
0220 }
0221 }
0222 up_write(&sessions_table_lock);
0223 } else {
0224 unsigned long id;
0225
0226 xa_for_each(&conn->sessions, id, sess) {
0227 if (!ksmbd_chann_del(conn, sess))
0228 goto sess_destroy;
0229 }
0230 }
0231
0232 return;
0233
0234 sess_destroy:
0235 if (list_empty(&sess->ksmbd_chann_list)) {
0236 xa_erase(&conn->sessions, sess->id);
0237 ksmbd_session_destroy(sess);
0238 }
0239 }
0240
0241 struct ksmbd_session *ksmbd_session_lookup(struct ksmbd_conn *conn,
0242 unsigned long long id)
0243 {
0244 return xa_load(&conn->sessions, id);
0245 }
0246
0247 struct ksmbd_session *ksmbd_session_lookup_slowpath(unsigned long long id)
0248 {
0249 struct ksmbd_session *sess;
0250
0251 down_read(&sessions_table_lock);
0252 sess = __session_lookup(id);
0253 up_read(&sessions_table_lock);
0254
0255 return sess;
0256 }
0257
0258 struct ksmbd_session *ksmbd_session_lookup_all(struct ksmbd_conn *conn,
0259 unsigned long long id)
0260 {
0261 struct ksmbd_session *sess;
0262
0263 sess = ksmbd_session_lookup(conn, id);
0264 if (!sess && conn->binding)
0265 sess = ksmbd_session_lookup_slowpath(id);
0266 if (sess && sess->state != SMB2_SESSION_VALID)
0267 sess = NULL;
0268 return sess;
0269 }
0270
0271 struct preauth_session *ksmbd_preauth_session_alloc(struct ksmbd_conn *conn,
0272 u64 sess_id)
0273 {
0274 struct preauth_session *sess;
0275
0276 sess = kmalloc(sizeof(struct preauth_session), GFP_KERNEL);
0277 if (!sess)
0278 return NULL;
0279
0280 sess->id = sess_id;
0281 memcpy(sess->Preauth_HashValue, conn->preauth_info->Preauth_HashValue,
0282 PREAUTH_HASHVALUE_SIZE);
0283 list_add(&sess->preauth_entry, &conn->preauth_sess_table);
0284
0285 return sess;
0286 }
0287
0288 static bool ksmbd_preauth_session_id_match(struct preauth_session *sess,
0289 unsigned long long id)
0290 {
0291 return sess->id == id;
0292 }
0293
0294 struct preauth_session *ksmbd_preauth_session_lookup(struct ksmbd_conn *conn,
0295 unsigned long long id)
0296 {
0297 struct preauth_session *sess = NULL;
0298
0299 list_for_each_entry(sess, &conn->preauth_sess_table, preauth_entry) {
0300 if (ksmbd_preauth_session_id_match(sess, id))
0301 return sess;
0302 }
0303 return NULL;
0304 }
0305
0306 static int __init_smb2_session(struct ksmbd_session *sess)
0307 {
0308 int id = ksmbd_acquire_smb2_uid(&session_ida);
0309
0310 if (id < 0)
0311 return -EINVAL;
0312 sess->id = id;
0313 return 0;
0314 }
0315
0316 static struct ksmbd_session *__session_create(int protocol)
0317 {
0318 struct ksmbd_session *sess;
0319 int ret;
0320
0321 sess = kzalloc(sizeof(struct ksmbd_session), GFP_KERNEL);
0322 if (!sess)
0323 return NULL;
0324
0325 if (ksmbd_init_file_table(&sess->file_table))
0326 goto error;
0327
0328 set_session_flag(sess, protocol);
0329 xa_init(&sess->tree_conns);
0330 INIT_LIST_HEAD(&sess->ksmbd_chann_list);
0331 INIT_LIST_HEAD(&sess->rpc_handle_list);
0332 sess->sequence_number = 1;
0333 rwlock_init(&sess->chann_lock);
0334
0335 switch (protocol) {
0336 case CIFDS_SESSION_FLAG_SMB2:
0337 ret = __init_smb2_session(sess);
0338 break;
0339 default:
0340 ret = -EINVAL;
0341 break;
0342 }
0343
0344 if (ret)
0345 goto error;
0346
0347 ida_init(&sess->tree_conn_ida);
0348
0349 if (protocol == CIFDS_SESSION_FLAG_SMB2) {
0350 down_write(&sessions_table_lock);
0351 hash_add(sessions_table, &sess->hlist, sess->id);
0352 up_write(&sessions_table_lock);
0353 }
0354 return sess;
0355
0356 error:
0357 ksmbd_session_destroy(sess);
0358 return NULL;
0359 }
0360
0361 struct ksmbd_session *ksmbd_smb2_session_create(void)
0362 {
0363 return __session_create(CIFDS_SESSION_FLAG_SMB2);
0364 }
0365
0366 int ksmbd_acquire_tree_conn_id(struct ksmbd_session *sess)
0367 {
0368 int id = -EINVAL;
0369
0370 if (test_session_flag(sess, CIFDS_SESSION_FLAG_SMB2))
0371 id = ksmbd_acquire_smb2_tid(&sess->tree_conn_ida);
0372
0373 return id;
0374 }
0375
0376 void ksmbd_release_tree_conn_id(struct ksmbd_session *sess, int id)
0377 {
0378 if (id >= 0)
0379 ksmbd_release_id(&sess->tree_conn_ida, id);
0380 }
