1 /* SPDX-License-Identifier: GPL-2.0-or-later */ 2 /* 3 * Copyright (C) 2018 Samsung Electronics Co., Ltd. 4 * 5 * linux-ksmbd-devel@lists.sourceforge.net 6 */ 7 8 #ifndef _LINUX_KSMBD_SERVER_H 9 #define _LINUX_KSMBD_SERVER_H 10 11 #include <linux/types.h> 12 13 /* 14 * This is a userspace ABI to communicate data between ksmbd and user IPC 15 * daemon using netlink. This is added to track and cache user account DB 16 * and share configuration info from userspace. 17 * 18 * - KSMBD_EVENT_HEARTBEAT_REQUEST(ksmbd_heartbeat) 19 * This event is to check whether user IPC daemon is alive. If user IPC 20 * daemon is dead, ksmbd keep existing connection till disconnecting and 21 * new connection will be denied. 22 * 23 * - KSMBD_EVENT_STARTING_UP(ksmbd_startup_request) 24 * This event is to receive the information that initializes the ksmbd 25 * server from the user IPC daemon and to start the server. The global 26 * section parameters are given from smb.conf as initialization 27 * information. 28 * 29 * - KSMBD_EVENT_SHUTTING_DOWN(ksmbd_shutdown_request) 30 * This event is to shutdown ksmbd server. 31 * 32 * - KSMBD_EVENT_LOGIN_REQUEST/RESPONSE(ksmbd_login_request/response) 33 * This event is to get user account info to user IPC daemon. 34 * 35 * - KSMBD_EVENT_SHARE_CONFIG_REQUEST/RESPONSE(ksmbd_share_config_request/response) 36 * This event is to get net share configuration info. 37 * 38 * - KSMBD_EVENT_TREE_CONNECT_REQUEST/RESPONSE(ksmbd_tree_connect_request/response) 39 * This event is to get session and tree connect info. 40 * 41 * - KSMBD_EVENT_TREE_DISCONNECT_REQUEST(ksmbd_tree_disconnect_request) 42 * This event is to send tree disconnect info to user IPC daemon. 43 * 44 * - KSMBD_EVENT_LOGOUT_REQUEST(ksmbd_logout_request) 45 * This event is to send logout request to user IPC daemon. 46 * 47 * - KSMBD_EVENT_RPC_REQUEST/RESPONSE(ksmbd_rpc_command) 48 * This event is to make DCE/RPC request like srvsvc, wkssvc, lsarpc, 49 * samr to be processed in userspace. 50 * 51 * - KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST/RESPONSE(ksmbd_spnego_authen_request/response) 52 * This event is to make kerberos authentication to be processed in 53 * userspace. 54 */ 55 56 #define KSMBD_GENL_NAME "SMBD_GENL" 57 #define KSMBD_GENL_VERSION 0x01 58 59 #define KSMBD_REQ_MAX_ACCOUNT_NAME_SZ 48 60 #define KSMBD_REQ_MAX_HASH_SZ 18 61 #define KSMBD_REQ_MAX_SHARE_NAME 64 62 63 /* 64 * IPC heartbeat frame to check whether user IPC daemon is alive. 65 */ 66 struct ksmbd_heartbeat { 67 __u32 handle; 68 }; 69 70 /* 71 * Global config flags. 72 */ 73 #define KSMBD_GLOBAL_FLAG_INVALID (0) 74 #define KSMBD_GLOBAL_FLAG_SMB2_LEASES BIT(0) 75 #define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION BIT(1) 76 #define KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL BIT(2) 77 #define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION_OFF BIT(3) 78 #define KSMBD_GLOBAL_FLAG_DURABLE_HANDLE BIT(4) 79 80 /* 81 * IPC request for ksmbd server startup 82 */ 83 struct ksmbd_startup_request { 84 __u32 flags; /* Flags for global config */ 85 __s32 signing; /* Signing enabled */ 86 __s8 min_prot[16]; /* The minimum SMB protocol version */ 87 __s8 max_prot[16]; /* The maximum SMB protocol version */ 88 __s8 netbios_name[16]; 89 __s8 work_group[64]; /* Workgroup */ 90 __s8 server_string[64]; /* Server string */ 91 __u16 tcp_port; /* tcp port */ 92 __u16 ipc_timeout; /* 93 * specifies the number of seconds 94 * server will wait for the userspace to 95 * reply to heartbeat frames. 96 */ 97 __u32 deadtime; /* Number of minutes of inactivity */ 98 __u32 file_max; /* Limits the maximum number of open files */ 99 __u32 smb2_max_write; /* MAX write size */ 100 __u32 smb2_max_read; /* MAX read size */ 101 __u32 smb2_max_trans; /* MAX trans size */ 102 __u32 share_fake_fscaps; /* 103 * Support some special application that 104 * makes QFSINFO calls to check whether 105 * we set the SPARSE_FILES bit (0x40). 106 */ 107 __u32 sub_auth[3]; /* Subauth value for Security ID */ 108 __u32 smb2_max_credits; /* MAX credits */ 109 __u32 smbd_max_io_size; /* smbd read write size */ 110 __u32 max_connections; /* Number of maximum simultaneous connections */ 111 __u32 reserved[126]; /* Reserved room */ 112 __u32 ifc_list_sz; /* interfaces list size */ 113 __s8 ____payload[]; 114 }; 115 116 #define KSMBD_STARTUP_CONFIG_INTERFACES(s) ((s)->____payload) 117 118 /* 119 * IPC request to shutdown ksmbd server. 120 */ 121 struct ksmbd_shutdown_request { 122 __s32 reserved[16]; 123 }; 124 125 /* 126 * IPC user login request. 127 */ 128 struct ksmbd_login_request { 129 __u32 handle; 130 __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */ 131 __u32 reserved[16]; /* Reserved room */ 132 }; 133 134 /* 135 * IPC user login response. 136 */ 137 struct ksmbd_login_response { 138 __u32 handle; 139 __u32 gid; /* group id */ 140 __u32 uid; /* user id */ 141 __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */ 142 __u16 status; 143 __u16 hash_sz; /* hash size */ 144 __s8 hash[KSMBD_REQ_MAX_HASH_SZ]; /* password hash */ 145 __u32 reserved[16]; /* Reserved room */ 146 }; 147 148 /* 149 * IPC request to fetch net share config. 150 */ 151 struct ksmbd_share_config_request { 152 __u32 handle; 153 __s8 share_name[KSMBD_REQ_MAX_SHARE_NAME]; /* share name */ 154 __u32 reserved[16]; /* Reserved room */ 155 }; 156 157 /* 158 * IPC response to the net share config request. 159 */ 160 struct ksmbd_share_config_response { 161 __u32 handle; 162 __u32 flags; 163 __u16 create_mask; 164 __u16 directory_mask; 165 __u16 force_create_mode; 166 __u16 force_directory_mode; 167 __u16 force_uid; 168 __u16 force_gid; 169 __s8 share_name[KSMBD_REQ_MAX_SHARE_NAME]; 170 __u32 reserved[111]; /* Reserved room */ 171 __u32 payload_sz; 172 __u32 veto_list_sz; 173 __s8 ____payload[]; 174 }; 175 176 #define KSMBD_SHARE_CONFIG_VETO_LIST(s) ((s)->____payload) 177 178 static inline char * 179 ksmbd_share_config_path(struct ksmbd_share_config_response *sc) 180 { 181 char *p = sc->____payload; 182 183 if (sc->veto_list_sz) 184 p += sc->veto_list_sz + 1; 185 186 return p; 187 } 188 189 /* 190 * IPC request for tree connection. This request include session and tree 191 * connect info from client. 192 */ 193 struct ksmbd_tree_connect_request { 194 __u32 handle; 195 __u16 account_flags; 196 __u16 flags; 197 __u64 session_id; 198 __u64 connect_id; 199 __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; 200 __s8 share[KSMBD_REQ_MAX_SHARE_NAME]; 201 __s8 peer_addr[64]; 202 __u32 reserved[16]; /* Reserved room */ 203 }; 204 205 /* 206 * IPC Response structure for tree connection. 207 */ 208 struct ksmbd_tree_connect_response { 209 __u32 handle; 210 __u16 status; 211 __u16 connection_flags; 212 __u32 reserved[16]; /* Reserved room */ 213 }; 214 215 /* 216 * IPC Request struture to disconnect tree connection. 217 */ 218 struct ksmbd_tree_disconnect_request { 219 __u64 session_id; /* session id */ 220 __u64 connect_id; /* tree connection id */ 221 __u32 reserved[16]; /* Reserved room */ 222 }; 223 224 /* 225 * IPC Response structure to logout user account. 226 */ 227 struct ksmbd_logout_request { 228 __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */ 229 __u32 account_flags; 230 __u32 reserved[16]; /* Reserved room */ 231 }; 232 233 /* 234 * RPC command structure to send rpc request like srvsvc or wkssvc to 235 * IPC user daemon. 236 */ 237 struct ksmbd_rpc_command { 238 __u32 handle; 239 __u32 flags; 240 __u32 payload_sz; 241 __u8 payload[]; 242 }; 243 244 /* 245 * IPC Request Kerberos authentication 246 */ 247 struct ksmbd_spnego_authen_request { 248 __u32 handle; 249 __u16 spnego_blob_len; /* the length of spnego_blob */ 250 __u8 spnego_blob[]; /* 251 * the GSS token from SecurityBuffer of 252 * SMB2 SESSION SETUP request 253 */ 254 }; 255 256 /* 257 * Response data which includes the GSS token and the session key generated by 258 * user daemon. 259 */ 260 struct ksmbd_spnego_authen_response { 261 __u32 handle; 262 struct ksmbd_login_response login_response; /* 263 * the login response with 264 * a user identified by the 265 * GSS token from a client 266 */ 267 __u16 session_key_len; /* the length of the session key */ 268 __u16 spnego_blob_len; /* 269 * the length of the GSS token which will be 270 * stored in SecurityBuffer of SMB2 SESSION 271 * SETUP response 272 */ 273 __u8 payload[]; /* session key + AP_REP */ 274 }; 275 276 /* 277 * This also used as NETLINK attribute type value. 278 * 279 * NOTE: 280 * Response message type value should be equal to 281 * request message type value + 1. 282 */ 283 enum ksmbd_event { 284 KSMBD_EVENT_UNSPEC = 0, 285 KSMBD_EVENT_HEARTBEAT_REQUEST, 286 287 KSMBD_EVENT_STARTING_UP, 288 KSMBD_EVENT_SHUTTING_DOWN, 289 290 KSMBD_EVENT_LOGIN_REQUEST, 291 KSMBD_EVENT_LOGIN_RESPONSE = 5, 292 293 KSMBD_EVENT_SHARE_CONFIG_REQUEST, 294 KSMBD_EVENT_SHARE_CONFIG_RESPONSE, 295 296 KSMBD_EVENT_TREE_CONNECT_REQUEST, 297 KSMBD_EVENT_TREE_CONNECT_RESPONSE, 298 299 KSMBD_EVENT_TREE_DISCONNECT_REQUEST = 10, 300 301 KSMBD_EVENT_LOGOUT_REQUEST, 302 303 KSMBD_EVENT_RPC_REQUEST, 304 KSMBD_EVENT_RPC_RESPONSE, 305 306 KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST, 307 KSMBD_EVENT_SPNEGO_AUTHEN_RESPONSE = 15, 308 309 __KSMBD_EVENT_MAX, 310 KSMBD_EVENT_MAX = __KSMBD_EVENT_MAX - 1 311 }; 312 313 /* 314 * Enumeration for IPC tree connect status. 315 */ 316 enum KSMBD_TREE_CONN_STATUS { 317 KSMBD_TREE_CONN_STATUS_OK = 0, 318 KSMBD_TREE_CONN_STATUS_NOMEM, 319 KSMBD_TREE_CONN_STATUS_NO_SHARE, 320 KSMBD_TREE_CONN_STATUS_NO_USER, 321 KSMBD_TREE_CONN_STATUS_INVALID_USER, 322 KSMBD_TREE_CONN_STATUS_HOST_DENIED = 5, 323 KSMBD_TREE_CONN_STATUS_CONN_EXIST, 324 KSMBD_TREE_CONN_STATUS_TOO_MANY_CONNS, 325 KSMBD_TREE_CONN_STATUS_TOO_MANY_SESSIONS, 326 KSMBD_TREE_CONN_STATUS_ERROR, 327 }; 328 329 /* 330 * User config flags. 331 */ 332 #define KSMBD_USER_FLAG_INVALID (0) 333 #define KSMBD_USER_FLAG_OK BIT(0) 334 #define KSMBD_USER_FLAG_BAD_PASSWORD BIT(1) 335 #define KSMBD_USER_FLAG_BAD_UID BIT(2) 336 #define KSMBD_USER_FLAG_BAD_USER BIT(3) 337 #define KSMBD_USER_FLAG_GUEST_ACCOUNT BIT(4) 338 #define KSMBD_USER_FLAG_DELAY_SESSION BIT(5) 339 340 /* 341 * Share config flags. 342 */ 343 #define KSMBD_SHARE_FLAG_INVALID (0) 344 #define KSMBD_SHARE_FLAG_AVAILABLE BIT(0) 345 #define KSMBD_SHARE_FLAG_BROWSEABLE BIT(1) 346 #define KSMBD_SHARE_FLAG_WRITEABLE BIT(2) 347 #define KSMBD_SHARE_FLAG_READONLY BIT(3) 348 #define KSMBD_SHARE_FLAG_GUEST_OK BIT(4) 349 #define KSMBD_SHARE_FLAG_GUEST_ONLY BIT(5) 350 #define KSMBD_SHARE_FLAG_STORE_DOS_ATTRS BIT(6) 351 #define KSMBD_SHARE_FLAG_OPLOCKS BIT(7) 352 #define KSMBD_SHARE_FLAG_PIPE BIT(8) 353 #define KSMBD_SHARE_FLAG_HIDE_DOT_FILES BIT(9) 354 #define KSMBD_SHARE_FLAG_INHERIT_OWNER BIT(10) 355 #define KSMBD_SHARE_FLAG_STREAMS BIT(11) 356 #define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS BIT(12) 357 #define KSMBD_SHARE_FLAG_ACL_XATTR BIT(13) 358 #define KSMBD_SHARE_FLAG_UPDATE BIT(14) 359 #define KSMBD_SHARE_FLAG_CROSSMNT BIT(15) 360 #define KSMBD_SHARE_FLAG_CONTINUOUS_AVAILABILITY BIT(16) 361 362 /* 363 * Tree connect request flags. 364 */ 365 #define KSMBD_TREE_CONN_FLAG_REQUEST_SMB1 (0) 366 #define KSMBD_TREE_CONN_FLAG_REQUEST_IPV6 BIT(0) 367 #define KSMBD_TREE_CONN_FLAG_REQUEST_SMB2 BIT(1) 368 369 /* 370 * Tree connect flags. 371 */ 372 #define KSMBD_TREE_CONN_FLAG_GUEST_ACCOUNT BIT(0) 373 #define KSMBD_TREE_CONN_FLAG_READ_ONLY BIT(1) 374 #define KSMBD_TREE_CONN_FLAG_WRITABLE BIT(2) 375 #define KSMBD_TREE_CONN_FLAG_ADMIN_ACCOUNT BIT(3) 376 #define KSMBD_TREE_CONN_FLAG_UPDATE BIT(4) 377 378 /* 379 * RPC over IPC. 380 */ 381 #define KSMBD_RPC_METHOD_RETURN BIT(0) 382 #define KSMBD_RPC_SRVSVC_METHOD_INVOKE BIT(1) 383 #define KSMBD_RPC_SRVSVC_METHOD_RETURN (KSMBD_RPC_SRVSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN) 384 #define KSMBD_RPC_WKSSVC_METHOD_INVOKE BIT(2) 385 #define KSMBD_RPC_WKSSVC_METHOD_RETURN (KSMBD_RPC_WKSSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN) 386 #define KSMBD_RPC_IOCTL_METHOD (BIT(3) | KSMBD_RPC_METHOD_RETURN) 387 #define KSMBD_RPC_OPEN_METHOD BIT(4) 388 #define KSMBD_RPC_WRITE_METHOD BIT(5) 389 #define KSMBD_RPC_READ_METHOD (BIT(6) | KSMBD_RPC_METHOD_RETURN) 390 #define KSMBD_RPC_CLOSE_METHOD BIT(7) 391 #define KSMBD_RPC_RAP_METHOD (BIT(8) | KSMBD_RPC_METHOD_RETURN) 392 #define KSMBD_RPC_RESTRICTED_CONTEXT BIT(9) 393 #define KSMBD_RPC_SAMR_METHOD_INVOKE BIT(10) 394 #define KSMBD_RPC_SAMR_METHOD_RETURN (KSMBD_RPC_SAMR_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN) 395 #define KSMBD_RPC_LSARPC_METHOD_INVOKE BIT(11) 396 #define KSMBD_RPC_LSARPC_METHOD_RETURN (KSMBD_RPC_LSARPC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN) 397 398 /* 399 * RPC status definitions. 400 */ 401 #define KSMBD_RPC_OK 0 402 #define KSMBD_RPC_EBAD_FUNC 0x00000001 403 #define KSMBD_RPC_EACCESS_DENIED 0x00000005 404 #define KSMBD_RPC_EBAD_FID 0x00000006 405 #define KSMBD_RPC_ENOMEM 0x00000008 406 #define KSMBD_RPC_EBAD_DATA 0x0000000D 407 #define KSMBD_RPC_ENOTIMPLEMENTED 0x00000040 408 #define KSMBD_RPC_EINVALID_PARAMETER 0x00000057 409 #define KSMBD_RPC_EMORE_DATA 0x000000EA 410 #define KSMBD_RPC_EINVALID_LEVEL 0x0000007C 411 #define KSMBD_RPC_SOME_NOT_MAPPED 0x00000107 412 413 #define KSMBD_CONFIG_OPT_DISABLED 0 414 #define KSMBD_CONFIG_OPT_ENABLED 1 415 #define KSMBD_CONFIG_OPT_AUTO 2 416 #define KSMBD_CONFIG_OPT_MANDATORY 3 417 418 #endif /* _LINUX_KSMBD_SERVER_H */ 419
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.