1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2 /*
3 * Copyright (C) 2018 Samsung Electronics Co., Ltd.
4 *
5 * linux-ksmbd-devel@lists.sourceforge.net
6 */
7
8 #ifndef _LINUX_KSMBD_SERVER_H
9 #define _LINUX_KSMBD_SERVER_H
10
11 #include <linux/types.h>
12
13 /*
14 * This is a userspace ABI to communicate data between ksmbd and user IPC
15 * daemon using netlink. This is added to track and cache user account DB
16 * and share configuration info from userspace.
17 *
18 * - KSMBD_EVENT_HEARTBEAT_REQUEST(ksmbd_heartbeat)
19 * This event is to check whether user IPC daemon is alive. If user IPC
20 * daemon is dead, ksmbd keep existing connection till disconnecting and
21 * new connection will be denied.
22 *
23 * - KSMBD_EVENT_STARTING_UP(ksmbd_startup_request)
24 * This event is to receive the information that initializes the ksmbd
25 * server from the user IPC daemon and to start the server. The global
26 * section parameters are given from smb.conf as initialization
27 * information.
28 *
29 * - KSMBD_EVENT_SHUTTING_DOWN(ksmbd_shutdown_request)
30 * This event is to shutdown ksmbd server.
31 *
32 * - KSMBD_EVENT_LOGIN_REQUEST/RESPONSE(ksmbd_login_request/response)
33 * This event is to get user account info to user IPC daemon.
34 *
35 * - KSMBD_EVENT_SHARE_CONFIG_REQUEST/RESPONSE(ksmbd_share_config_request/response)
36 * This event is to get net share configuration info.
37 *
38 * - KSMBD_EVENT_TREE_CONNECT_REQUEST/RESPONSE(ksmbd_tree_connect_request/response)
39 * This event is to get session and tree connect info.
40 *
41 * - KSMBD_EVENT_TREE_DISCONNECT_REQUEST(ksmbd_tree_disconnect_request)
42 * This event is to send tree disconnect info to user IPC daemon.
43 *
44 * - KSMBD_EVENT_LOGOUT_REQUEST(ksmbd_logout_request)
45 * This event is to send logout request to user IPC daemon.
46 *
47 * - KSMBD_EVENT_RPC_REQUEST/RESPONSE(ksmbd_rpc_command)
48 * This event is to make DCE/RPC request like srvsvc, wkssvc, lsarpc,
49 * samr to be processed in userspace.
50 *
51 * - KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST/RESPONSE(ksmbd_spnego_authen_request/response)
52 * This event is to make kerberos authentication to be processed in
53 * userspace.
54 */
55
56 #define KSMBD_GENL_NAME "SMBD_GENL"
57 #define KSMBD_GENL_VERSION 0x01
58
59 #define KSMBD_REQ_MAX_ACCOUNT_NAME_SZ 48
60 #define KSMBD_REQ_MAX_HASH_SZ 18
61 #define KSMBD_REQ_MAX_SHARE_NAME 64
62
63 /*
64 * IPC heartbeat frame to check whether user IPC daemon is alive.
65 */
66 struct ksmbd_heartbeat {
67 __u32 handle;
68 };
69
70 /*
71 * Global config flags.
72 */
73 #define KSMBD_GLOBAL_FLAG_INVALID (0)
74 #define KSMBD_GLOBAL_FLAG_SMB2_LEASES BIT(0)
75 #define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION BIT(1)
76 #define KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL BIT(2)
77
78 /*
79 * IPC request for ksmbd server startup
80 */
81 struct ksmbd_startup_request {
82 __u32 flags; /* Flags for global config */
83 __s32 signing; /* Signing enabled */
84 __s8 min_prot[16]; /* The minimum SMB protocol version */
85 __s8 max_prot[16]; /* The maximum SMB protocol version */
86 __s8 netbios_name[16];
87 __s8 work_group[64]; /* Workgroup */
88 __s8 server_string[64]; /* Server string */
89 __u16 tcp_port; /* tcp port */
90 __u16 ipc_timeout; /*
91 * specifies the number of seconds
92 * server will wait for the userspace to
93 * reply to heartbeat frames.
94 */
95 __u32 deadtime; /* Number of minutes of inactivity */
96 __u32 file_max; /* Limits the maximum number of open files */
97 __u32 smb2_max_write; /* MAX write size */
98 __u32 smb2_max_read; /* MAX read size */
99 __u32 smb2_max_trans; /* MAX trans size */
100 __u32 share_fake_fscaps; /*
101 * Support some special application that
102 * makes QFSINFO calls to check whether
103 * we set the SPARSE_FILES bit (0x40).
104 */
105 __u32 sub_auth[3]; /* Subauth value for Security ID */
106 __u32 ifc_list_sz; /* interfaces list size */
107 __s8 ____payload[];
108 };
109
110 #define KSMBD_STARTUP_CONFIG_INTERFACES(s) ((s)->____payload)
111
112 /*
113 * IPC request to shutdown ksmbd server.
114 */
115 struct ksmbd_shutdown_request {
116 __s32 reserved;
117 };
118
119 /*
120 * IPC user login request.
121 */
122 struct ksmbd_login_request {
123 __u32 handle;
124 __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
125 };
126
127 /*
128 * IPC user login response.
129 */
130 struct ksmbd_login_response {
131 __u32 handle;
132 __u32 gid; /* group id */
133 __u32 uid; /* user id */
134 __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
135 __u16 status;
136 __u16 hash_sz; /* hash size */
137 __s8 hash[KSMBD_REQ_MAX_HASH_SZ]; /* password hash */
138 };
139
140 /*
141 * IPC request to fetch net share config.
142 */
143 struct ksmbd_share_config_request {
144 __u32 handle;
145 __s8 share_name[KSMBD_REQ_MAX_SHARE_NAME]; /* share name */
146 };
147
148 /*
149 * IPC response to the net share config request.
150 */
151 struct ksmbd_share_config_response {
152 __u32 handle;
153 __u32 flags;
154 __u16 create_mask;
155 __u16 directory_mask;
156 __u16 force_create_mode;
157 __u16 force_directory_mode;
158 __u16 force_uid;
159 __u16 force_gid;
160 __u32 veto_list_sz;
161 __s8 ____payload[];
162 };
163
164 #define KSMBD_SHARE_CONFIG_VETO_LIST(s) ((s)->____payload)
165
166 static inline char *
ksmbd_share_config_path(struct ksmbd_share_config_response * sc)167 ksmbd_share_config_path(struct ksmbd_share_config_response *sc)
168 {
169 char *p = sc->____payload;
170
171 if (sc->veto_list_sz)
172 p += sc->veto_list_sz + 1;
173
174 return p;
175 }
176
177 /*
178 * IPC request for tree connection. This request include session and tree
179 * connect info from client.
180 */
181 struct ksmbd_tree_connect_request {
182 __u32 handle;
183 __u16 account_flags;
184 __u16 flags;
185 __u64 session_id;
186 __u64 connect_id;
187 __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
188 __s8 share[KSMBD_REQ_MAX_SHARE_NAME];
189 __s8 peer_addr[64];
190 };
191
192 /*
193 * IPC Response structure for tree connection.
194 */
195 struct ksmbd_tree_connect_response {
196 __u32 handle;
197 __u16 status;
198 __u16 connection_flags;
199 };
200
201 /*
202 * IPC Request struture to disconnect tree connection.
203 */
204 struct ksmbd_tree_disconnect_request {
205 __u64 session_id; /* session id */
206 __u64 connect_id; /* tree connection id */
207 };
208
209 /*
210 * IPC Response structure to logout user account.
211 */
212 struct ksmbd_logout_request {
213 __s8 account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
214 __u32 account_flags;
215 };
216
217 /*
218 * RPC command structure to send rpc request like srvsvc or wkssvc to
219 * IPC user daemon.
220 */
221 struct ksmbd_rpc_command {
222 __u32 handle;
223 __u32 flags;
224 __u32 payload_sz;
225 __u8 payload[];
226 };
227
228 /*
229 * IPC Request Kerberos authentication
230 */
231 struct ksmbd_spnego_authen_request {
232 __u32 handle;
233 __u16 spnego_blob_len; /* the length of spnego_blob */
234 __u8 spnego_blob[0]; /*
235 * the GSS token from SecurityBuffer of
236 * SMB2 SESSION SETUP request
237 */
238 };
239
240 /*
241 * Response data which includes the GSS token and the session key generated by
242 * user daemon.
243 */
244 struct ksmbd_spnego_authen_response {
245 __u32 handle;
246 struct ksmbd_login_response login_response; /*
247 * the login response with
248 * a user identified by the
249 * GSS token from a client
250 */
251 __u16 session_key_len; /* the length of the session key */
252 __u16 spnego_blob_len; /*
253 * the length of the GSS token which will be
254 * stored in SecurityBuffer of SMB2 SESSION
255 * SETUP response
256 */
257 __u8 payload[]; /* session key + AP_REP */
258 };
259
260 /*
261 * This also used as NETLINK attribute type value.
262 *
263 * NOTE:
264 * Response message type value should be equal to
265 * request message type value + 1.
266 */
267 enum ksmbd_event {
268 KSMBD_EVENT_UNSPEC = 0,
269 KSMBD_EVENT_HEARTBEAT_REQUEST,
270
271 KSMBD_EVENT_STARTING_UP,
272 KSMBD_EVENT_SHUTTING_DOWN,
273
274 KSMBD_EVENT_LOGIN_REQUEST,
275 KSMBD_EVENT_LOGIN_RESPONSE = 5,
276
277 KSMBD_EVENT_SHARE_CONFIG_REQUEST,
278 KSMBD_EVENT_SHARE_CONFIG_RESPONSE,
279
280 KSMBD_EVENT_TREE_CONNECT_REQUEST,
281 KSMBD_EVENT_TREE_CONNECT_RESPONSE,
282
283 KSMBD_EVENT_TREE_DISCONNECT_REQUEST = 10,
284
285 KSMBD_EVENT_LOGOUT_REQUEST,
286
287 KSMBD_EVENT_RPC_REQUEST,
288 KSMBD_EVENT_RPC_RESPONSE,
289
290 KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST,
291 KSMBD_EVENT_SPNEGO_AUTHEN_RESPONSE = 15,
292
293 KSMBD_EVENT_MAX
294 };
295
296 /*
297 * Enumeration for IPC tree connect status.
298 */
299 enum KSMBD_TREE_CONN_STATUS {
300 KSMBD_TREE_CONN_STATUS_OK = 0,
301 KSMBD_TREE_CONN_STATUS_NOMEM,
302 KSMBD_TREE_CONN_STATUS_NO_SHARE,
303 KSMBD_TREE_CONN_STATUS_NO_USER,
304 KSMBD_TREE_CONN_STATUS_INVALID_USER,
305 KSMBD_TREE_CONN_STATUS_HOST_DENIED = 5,
306 KSMBD_TREE_CONN_STATUS_CONN_EXIST,
307 KSMBD_TREE_CONN_STATUS_TOO_MANY_CONNS,
308 KSMBD_TREE_CONN_STATUS_TOO_MANY_SESSIONS,
309 KSMBD_TREE_CONN_STATUS_ERROR,
310 };
311
312 /*
313 * User config flags.
314 */
315 #define KSMBD_USER_FLAG_INVALID (0)
316 #define KSMBD_USER_FLAG_OK BIT(0)
317 #define KSMBD_USER_FLAG_BAD_PASSWORD BIT(1)
318 #define KSMBD_USER_FLAG_BAD_UID BIT(2)
319 #define KSMBD_USER_FLAG_BAD_USER BIT(3)
320 #define KSMBD_USER_FLAG_GUEST_ACCOUNT BIT(4)
321 #define KSMBD_USER_FLAG_DELAY_SESSION BIT(5)
322
323 /*
324 * Share config flags.
325 */
326 #define KSMBD_SHARE_FLAG_INVALID (0)
327 #define KSMBD_SHARE_FLAG_AVAILABLE BIT(0)
328 #define KSMBD_SHARE_FLAG_BROWSEABLE BIT(1)
329 #define KSMBD_SHARE_FLAG_WRITEABLE BIT(2)
330 #define KSMBD_SHARE_FLAG_READONLY BIT(3)
331 #define KSMBD_SHARE_FLAG_GUEST_OK BIT(4)
332 #define KSMBD_SHARE_FLAG_GUEST_ONLY BIT(5)
333 #define KSMBD_SHARE_FLAG_STORE_DOS_ATTRS BIT(6)
334 #define KSMBD_SHARE_FLAG_OPLOCKS BIT(7)
335 #define KSMBD_SHARE_FLAG_PIPE BIT(8)
336 #define KSMBD_SHARE_FLAG_HIDE_DOT_FILES BIT(9)
337 #define KSMBD_SHARE_FLAG_INHERIT_OWNER BIT(10)
338 #define KSMBD_SHARE_FLAG_STREAMS BIT(11)
339 #define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS BIT(12)
340 #define KSMBD_SHARE_FLAG_ACL_XATTR BIT(13)
341
342 /*
343 * Tree connect request flags.
344 */
345 #define KSMBD_TREE_CONN_FLAG_REQUEST_SMB1 (0)
346 #define KSMBD_TREE_CONN_FLAG_REQUEST_IPV6 BIT(0)
347 #define KSMBD_TREE_CONN_FLAG_REQUEST_SMB2 BIT(1)
348
349 /*
350 * Tree connect flags.
351 */
352 #define KSMBD_TREE_CONN_FLAG_GUEST_ACCOUNT BIT(0)
353 #define KSMBD_TREE_CONN_FLAG_READ_ONLY BIT(1)
354 #define KSMBD_TREE_CONN_FLAG_WRITABLE BIT(2)
355 #define KSMBD_TREE_CONN_FLAG_ADMIN_ACCOUNT BIT(3)
356
357 /*
358 * RPC over IPC.
359 */
360 #define KSMBD_RPC_METHOD_RETURN BIT(0)
361 #define KSMBD_RPC_SRVSVC_METHOD_INVOKE BIT(1)
362 #define KSMBD_RPC_SRVSVC_METHOD_RETURN (KSMBD_RPC_SRVSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
363 #define KSMBD_RPC_WKSSVC_METHOD_INVOKE BIT(2)
364 #define KSMBD_RPC_WKSSVC_METHOD_RETURN (KSMBD_RPC_WKSSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
365 #define KSMBD_RPC_IOCTL_METHOD (BIT(3) | KSMBD_RPC_METHOD_RETURN)
366 #define KSMBD_RPC_OPEN_METHOD BIT(4)
367 #define KSMBD_RPC_WRITE_METHOD BIT(5)
368 #define KSMBD_RPC_READ_METHOD (BIT(6) | KSMBD_RPC_METHOD_RETURN)
369 #define KSMBD_RPC_CLOSE_METHOD BIT(7)
370 #define KSMBD_RPC_RAP_METHOD (BIT(8) | KSMBD_RPC_METHOD_RETURN)
371 #define KSMBD_RPC_RESTRICTED_CONTEXT BIT(9)
372 #define KSMBD_RPC_SAMR_METHOD_INVOKE BIT(10)
373 #define KSMBD_RPC_SAMR_METHOD_RETURN (KSMBD_RPC_SAMR_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
374 #define KSMBD_RPC_LSARPC_METHOD_INVOKE BIT(11)
375 #define KSMBD_RPC_LSARPC_METHOD_RETURN (KSMBD_RPC_LSARPC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
376
377 /*
378 * RPC status definitions.
379 */
380 #define KSMBD_RPC_OK 0
381 #define KSMBD_RPC_EBAD_FUNC 0x00000001
382 #define KSMBD_RPC_EACCESS_DENIED 0x00000005
383 #define KSMBD_RPC_EBAD_FID 0x00000006
384 #define KSMBD_RPC_ENOMEM 0x00000008
385 #define KSMBD_RPC_EBAD_DATA 0x0000000D
386 #define KSMBD_RPC_ENOTIMPLEMENTED 0x00000040
387 #define KSMBD_RPC_EINVALID_PARAMETER 0x00000057
388 #define KSMBD_RPC_EMORE_DATA 0x000000EA
389 #define KSMBD_RPC_EINVALID_LEVEL 0x0000007C
390 #define KSMBD_RPC_SOME_NOT_MAPPED 0x00000107
391
392 #define KSMBD_CONFIG_OPT_DISABLED 0
393 #define KSMBD_CONFIG_OPT_ENABLED 1
394 #define KSMBD_CONFIG_OPT_AUTO 2
395 #define KSMBD_CONFIG_OPT_MANDATORY 3
396
397 #endif /* _LINUX_KSMBD_SERVER_H */
398