GNU Linux-libre 6.1.86-gnu
[releases.git] / fs / smb / server / ksmbd_netlink.h
1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2 /*
3  *   Copyright (C) 2018 Samsung Electronics Co., Ltd.
4  *
5  *   linux-ksmbd-devel@lists.sourceforge.net
6  */
7
8 #ifndef _LINUX_KSMBD_SERVER_H
9 #define _LINUX_KSMBD_SERVER_H
10
11 #include <linux/types.h>
12
13 /*
14  * This is a userspace ABI to communicate data between ksmbd and user IPC
15  * daemon using netlink. This is added to track and cache user account DB
16  * and share configuration info from userspace.
17  *
18  *  - KSMBD_EVENT_HEARTBEAT_REQUEST(ksmbd_heartbeat)
19  *    This event is to check whether user IPC daemon is alive. If user IPC
20  *    daemon is dead, ksmbd keep existing connection till disconnecting and
21  *    new connection will be denied.
22  *
23  *  - KSMBD_EVENT_STARTING_UP(ksmbd_startup_request)
24  *    This event is to receive the information that initializes the ksmbd
25  *    server from the user IPC daemon and to start the server. The global
26  *    section parameters are given from smb.conf as initialization
27  *    information.
28  *
29  *  - KSMBD_EVENT_SHUTTING_DOWN(ksmbd_shutdown_request)
30  *    This event is to shutdown ksmbd server.
31  *
32  *  - KSMBD_EVENT_LOGIN_REQUEST/RESPONSE(ksmbd_login_request/response)
33  *    This event is to get user account info to user IPC daemon.
34  *
35  *  - KSMBD_EVENT_SHARE_CONFIG_REQUEST/RESPONSE(ksmbd_share_config_request/response)
36  *    This event is to get net share configuration info.
37  *
38  *  - KSMBD_EVENT_TREE_CONNECT_REQUEST/RESPONSE(ksmbd_tree_connect_request/response)
39  *    This event is to get session and tree connect info.
40  *
41  *  - KSMBD_EVENT_TREE_DISCONNECT_REQUEST(ksmbd_tree_disconnect_request)
42  *    This event is to send tree disconnect info to user IPC daemon.
43  *
44  *  - KSMBD_EVENT_LOGOUT_REQUEST(ksmbd_logout_request)
45  *    This event is to send logout request to user IPC daemon.
46  *
47  *  - KSMBD_EVENT_RPC_REQUEST/RESPONSE(ksmbd_rpc_command)
48  *    This event is to make DCE/RPC request like srvsvc, wkssvc, lsarpc,
49  *    samr to be processed in userspace.
50  *
51  *  - KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST/RESPONSE(ksmbd_spnego_authen_request/response)
52  *    This event is to make kerberos authentication to be processed in
53  *    userspace.
54  */
55
56 #define KSMBD_GENL_NAME         "SMBD_GENL"
57 #define KSMBD_GENL_VERSION              0x01
58
59 #define KSMBD_REQ_MAX_ACCOUNT_NAME_SZ   48
60 #define KSMBD_REQ_MAX_HASH_SZ           18
61 #define KSMBD_REQ_MAX_SHARE_NAME        64
62
63 /*
64  * IPC heartbeat frame to check whether user IPC daemon is alive.
65  */
66 struct ksmbd_heartbeat {
67         __u32   handle;
68 };
69
70 /*
71  * Global config flags.
72  */
73 #define KSMBD_GLOBAL_FLAG_INVALID               (0)
74 #define KSMBD_GLOBAL_FLAG_SMB2_LEASES           BIT(0)
75 #define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION       BIT(1)
76 #define KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL     BIT(2)
77 #define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION_OFF   BIT(3)
78
79 /*
80  * IPC request for ksmbd server startup
81  */
82 struct ksmbd_startup_request {
83         __u32   flags;                  /* Flags for global config */
84         __s32   signing;                /* Signing enabled */
85         __s8    min_prot[16];           /* The minimum SMB protocol version */
86         __s8    max_prot[16];           /* The maximum SMB protocol version */
87         __s8    netbios_name[16];
88         __s8    work_group[64];         /* Workgroup */
89         __s8    server_string[64];      /* Server string */
90         __u16   tcp_port;               /* tcp port */
91         __u16   ipc_timeout;            /*
92                                          * specifies the number of seconds
93                                          * server will wait for the userspace to
94                                          * reply to heartbeat frames.
95                                          */
96         __u32   deadtime;               /* Number of minutes of inactivity */
97         __u32   file_max;               /* Limits the maximum number of open files */
98         __u32   smb2_max_write;         /* MAX write size */
99         __u32   smb2_max_read;          /* MAX read size */
100         __u32   smb2_max_trans;         /* MAX trans size */
101         __u32   share_fake_fscaps;      /*
102                                          * Support some special application that
103                                          * makes QFSINFO calls to check whether
104                                          * we set the SPARSE_FILES bit (0x40).
105                                          */
106         __u32   sub_auth[3];            /* Subauth value for Security ID */
107         __u32   smb2_max_credits;       /* MAX credits */
108         __u32   smbd_max_io_size;       /* smbd read write size */
109         __u32   max_connections;        /* Number of maximum simultaneous connections */
110         __u32   reserved[126];          /* Reserved room */
111         __u32   ifc_list_sz;            /* interfaces list size */
112         __s8    ____payload[];
113 };
114
115 #define KSMBD_STARTUP_CONFIG_INTERFACES(s)      ((s)->____payload)
116
117 /*
118  * IPC request to shutdown ksmbd server.
119  */
120 struct ksmbd_shutdown_request {
121         __s32   reserved[16];
122 };
123
124 /*
125  * IPC user login request.
126  */
127 struct ksmbd_login_request {
128         __u32   handle;
129         __s8    account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
130         __u32   reserved[16];                           /* Reserved room */
131 };
132
133 /*
134  * IPC user login response.
135  */
136 struct ksmbd_login_response {
137         __u32   handle;
138         __u32   gid;                                    /* group id */
139         __u32   uid;                                    /* user id */
140         __s8    account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
141         __u16   status;
142         __u16   hash_sz;                        /* hash size */
143         __s8    hash[KSMBD_REQ_MAX_HASH_SZ];    /* password hash */
144         __u32   reserved[16];                   /* Reserved room */
145 };
146
147 /*
148  * IPC request to fetch net share config.
149  */
150 struct ksmbd_share_config_request {
151         __u32   handle;
152         __s8    share_name[KSMBD_REQ_MAX_SHARE_NAME]; /* share name */
153         __u32   reserved[16];           /* Reserved room */
154 };
155
156 /*
157  * IPC response to the net share config request.
158  */
159 struct ksmbd_share_config_response {
160         __u32   handle;
161         __u32   flags;
162         __u16   create_mask;
163         __u16   directory_mask;
164         __u16   force_create_mode;
165         __u16   force_directory_mode;
166         __u16   force_uid;
167         __u16   force_gid;
168         __s8    share_name[KSMBD_REQ_MAX_SHARE_NAME];
169         __u32   reserved[111];          /* Reserved room */
170         __u32   payload_sz;
171         __u32   veto_list_sz;
172         __s8    ____payload[];
173 };
174
175 #define KSMBD_SHARE_CONFIG_VETO_LIST(s) ((s)->____payload)
176
177 static inline char *
178 ksmbd_share_config_path(struct ksmbd_share_config_response *sc)
179 {
180         char *p = sc->____payload;
181
182         if (sc->veto_list_sz)
183                 p += sc->veto_list_sz + 1;
184
185         return p;
186 }
187
188 /*
189  * IPC request for tree connection. This request include session and tree
190  * connect info from client.
191  */
192 struct ksmbd_tree_connect_request {
193         __u32   handle;
194         __u16   account_flags;
195         __u16   flags;
196         __u64   session_id;
197         __u64   connect_id;
198         __s8    account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
199         __s8    share[KSMBD_REQ_MAX_SHARE_NAME];
200         __s8    peer_addr[64];
201         __u32   reserved[16];           /* Reserved room */
202 };
203
204 /*
205  * IPC Response structure for tree connection.
206  */
207 struct ksmbd_tree_connect_response {
208         __u32   handle;
209         __u16   status;
210         __u16   connection_flags;
211         __u32   reserved[16];           /* Reserved room */
212 };
213
214 /*
215  * IPC Request struture to disconnect tree connection.
216  */
217 struct ksmbd_tree_disconnect_request {
218         __u64   session_id;     /* session id */
219         __u64   connect_id;     /* tree connection id */
220         __u32   reserved[16];   /* Reserved room */
221 };
222
223 /*
224  * IPC Response structure to logout user account.
225  */
226 struct ksmbd_logout_request {
227         __s8    account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
228         __u32   account_flags;
229         __u32   reserved[16];                           /* Reserved room */
230 };
231
232 /*
233  * RPC command structure to send rpc request like srvsvc or wkssvc to
234  * IPC user daemon.
235  */
236 struct ksmbd_rpc_command {
237         __u32   handle;
238         __u32   flags;
239         __u32   payload_sz;
240         __u8    payload[];
241 };
242
243 /*
244  * IPC Request Kerberos authentication
245  */
246 struct ksmbd_spnego_authen_request {
247         __u32   handle;
248         __u16   spnego_blob_len;        /* the length of spnego_blob */
249         __u8    spnego_blob[];          /*
250                                          * the GSS token from SecurityBuffer of
251                                          * SMB2 SESSION SETUP request
252                                          */
253 };
254
255 /*
256  * Response data which includes the GSS token and the session key generated by
257  * user daemon.
258  */
259 struct ksmbd_spnego_authen_response {
260         __u32   handle;
261         struct ksmbd_login_response login_response; /*
262                                                      * the login response with
263                                                      * a user identified by the
264                                                      * GSS token from a client
265                                                      */
266         __u16   session_key_len; /* the length of the session key */
267         __u16   spnego_blob_len; /*
268                                   * the length of  the GSS token which will be
269                                   * stored in SecurityBuffer of SMB2 SESSION
270                                   * SETUP response
271                                   */
272         __u8    payload[]; /* session key + AP_REP */
273 };
274
275 /*
276  * This also used as NETLINK attribute type value.
277  *
278  * NOTE:
279  * Response message type value should be equal to
280  * request message type value + 1.
281  */
282 enum ksmbd_event {
283         KSMBD_EVENT_UNSPEC                      = 0,
284         KSMBD_EVENT_HEARTBEAT_REQUEST,
285
286         KSMBD_EVENT_STARTING_UP,
287         KSMBD_EVENT_SHUTTING_DOWN,
288
289         KSMBD_EVENT_LOGIN_REQUEST,
290         KSMBD_EVENT_LOGIN_RESPONSE              = 5,
291
292         KSMBD_EVENT_SHARE_CONFIG_REQUEST,
293         KSMBD_EVENT_SHARE_CONFIG_RESPONSE,
294
295         KSMBD_EVENT_TREE_CONNECT_REQUEST,
296         KSMBD_EVENT_TREE_CONNECT_RESPONSE,
297
298         KSMBD_EVENT_TREE_DISCONNECT_REQUEST     = 10,
299
300         KSMBD_EVENT_LOGOUT_REQUEST,
301
302         KSMBD_EVENT_RPC_REQUEST,
303         KSMBD_EVENT_RPC_RESPONSE,
304
305         KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST,
306         KSMBD_EVENT_SPNEGO_AUTHEN_RESPONSE      = 15,
307
308         __KSMBD_EVENT_MAX,
309         KSMBD_EVENT_MAX = __KSMBD_EVENT_MAX - 1
310 };
311
312 /*
313  * Enumeration for IPC tree connect status.
314  */
315 enum KSMBD_TREE_CONN_STATUS {
316         KSMBD_TREE_CONN_STATUS_OK               = 0,
317         KSMBD_TREE_CONN_STATUS_NOMEM,
318         KSMBD_TREE_CONN_STATUS_NO_SHARE,
319         KSMBD_TREE_CONN_STATUS_NO_USER,
320         KSMBD_TREE_CONN_STATUS_INVALID_USER,
321         KSMBD_TREE_CONN_STATUS_HOST_DENIED      = 5,
322         KSMBD_TREE_CONN_STATUS_CONN_EXIST,
323         KSMBD_TREE_CONN_STATUS_TOO_MANY_CONNS,
324         KSMBD_TREE_CONN_STATUS_TOO_MANY_SESSIONS,
325         KSMBD_TREE_CONN_STATUS_ERROR,
326 };
327
328 /*
329  * User config flags.
330  */
331 #define KSMBD_USER_FLAG_INVALID         (0)
332 #define KSMBD_USER_FLAG_OK              BIT(0)
333 #define KSMBD_USER_FLAG_BAD_PASSWORD    BIT(1)
334 #define KSMBD_USER_FLAG_BAD_UID         BIT(2)
335 #define KSMBD_USER_FLAG_BAD_USER        BIT(3)
336 #define KSMBD_USER_FLAG_GUEST_ACCOUNT   BIT(4)
337 #define KSMBD_USER_FLAG_DELAY_SESSION   BIT(5)
338
339 /*
340  * Share config flags.
341  */
342 #define KSMBD_SHARE_FLAG_INVALID                (0)
343 #define KSMBD_SHARE_FLAG_AVAILABLE              BIT(0)
344 #define KSMBD_SHARE_FLAG_BROWSEABLE             BIT(1)
345 #define KSMBD_SHARE_FLAG_WRITEABLE              BIT(2)
346 #define KSMBD_SHARE_FLAG_READONLY               BIT(3)
347 #define KSMBD_SHARE_FLAG_GUEST_OK               BIT(4)
348 #define KSMBD_SHARE_FLAG_GUEST_ONLY             BIT(5)
349 #define KSMBD_SHARE_FLAG_STORE_DOS_ATTRS        BIT(6)
350 #define KSMBD_SHARE_FLAG_OPLOCKS                BIT(7)
351 #define KSMBD_SHARE_FLAG_PIPE                   BIT(8)
352 #define KSMBD_SHARE_FLAG_HIDE_DOT_FILES         BIT(9)
353 #define KSMBD_SHARE_FLAG_INHERIT_OWNER          BIT(10)
354 #define KSMBD_SHARE_FLAG_STREAMS                BIT(11)
355 #define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS        BIT(12)
356 #define KSMBD_SHARE_FLAG_ACL_XATTR              BIT(13)
357 #define KSMBD_SHARE_FLAG_UPDATE                 BIT(14)
358 #define KSMBD_SHARE_FLAG_CROSSMNT               BIT(15)
359
360 /*
361  * Tree connect request flags.
362  */
363 #define KSMBD_TREE_CONN_FLAG_REQUEST_SMB1       (0)
364 #define KSMBD_TREE_CONN_FLAG_REQUEST_IPV6       BIT(0)
365 #define KSMBD_TREE_CONN_FLAG_REQUEST_SMB2       BIT(1)
366
367 /*
368  * Tree connect flags.
369  */
370 #define KSMBD_TREE_CONN_FLAG_GUEST_ACCOUNT      BIT(0)
371 #define KSMBD_TREE_CONN_FLAG_READ_ONLY          BIT(1)
372 #define KSMBD_TREE_CONN_FLAG_WRITABLE           BIT(2)
373 #define KSMBD_TREE_CONN_FLAG_ADMIN_ACCOUNT      BIT(3)
374 #define KSMBD_TREE_CONN_FLAG_UPDATE             BIT(4)
375
376 /*
377  * RPC over IPC.
378  */
379 #define KSMBD_RPC_METHOD_RETURN         BIT(0)
380 #define KSMBD_RPC_SRVSVC_METHOD_INVOKE  BIT(1)
381 #define KSMBD_RPC_SRVSVC_METHOD_RETURN  (KSMBD_RPC_SRVSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
382 #define KSMBD_RPC_WKSSVC_METHOD_INVOKE  BIT(2)
383 #define KSMBD_RPC_WKSSVC_METHOD_RETURN  (KSMBD_RPC_WKSSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
384 #define KSMBD_RPC_IOCTL_METHOD          (BIT(3) | KSMBD_RPC_METHOD_RETURN)
385 #define KSMBD_RPC_OPEN_METHOD           BIT(4)
386 #define KSMBD_RPC_WRITE_METHOD          BIT(5)
387 #define KSMBD_RPC_READ_METHOD           (BIT(6) | KSMBD_RPC_METHOD_RETURN)
388 #define KSMBD_RPC_CLOSE_METHOD          BIT(7)
389 #define KSMBD_RPC_RAP_METHOD            (BIT(8) | KSMBD_RPC_METHOD_RETURN)
390 #define KSMBD_RPC_RESTRICTED_CONTEXT    BIT(9)
391 #define KSMBD_RPC_SAMR_METHOD_INVOKE    BIT(10)
392 #define KSMBD_RPC_SAMR_METHOD_RETURN    (KSMBD_RPC_SAMR_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
393 #define KSMBD_RPC_LSARPC_METHOD_INVOKE  BIT(11)
394 #define KSMBD_RPC_LSARPC_METHOD_RETURN  (KSMBD_RPC_LSARPC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
395
396 /*
397  * RPC status definitions.
398  */
399 #define KSMBD_RPC_OK                    0
400 #define KSMBD_RPC_EBAD_FUNC             0x00000001
401 #define KSMBD_RPC_EACCESS_DENIED        0x00000005
402 #define KSMBD_RPC_EBAD_FID              0x00000006
403 #define KSMBD_RPC_ENOMEM                0x00000008
404 #define KSMBD_RPC_EBAD_DATA             0x0000000D
405 #define KSMBD_RPC_ENOTIMPLEMENTED       0x00000040
406 #define KSMBD_RPC_EINVALID_PARAMETER    0x00000057
407 #define KSMBD_RPC_EMORE_DATA            0x000000EA
408 #define KSMBD_RPC_EINVALID_LEVEL        0x0000007C
409 #define KSMBD_RPC_SOME_NOT_MAPPED       0x00000107
410
411 #define KSMBD_CONFIG_OPT_DISABLED       0
412 #define KSMBD_CONFIG_OPT_ENABLED        1
413 #define KSMBD_CONFIG_OPT_AUTO           2
414 #define KSMBD_CONFIG_OPT_MANDATORY      3
415
416 #endif /* _LINUX_KSMBD_SERVER_H */