ksmbd_netlink.h - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt
ksmbd_netlink.h (11773B)
      1/* SPDX-License-Identifier: GPL-2.0-or-later */
      2/*
      3 *   Copyright (C) 2018 Samsung Electronics Co., Ltd.
      4 *
      5 *   linux-ksmbd-devel@lists.sourceforge.net
      6 */
      7
      8#ifndef _LINUX_KSMBD_SERVER_H
      9#define _LINUX_KSMBD_SERVER_H
     10
     11#include <linux/types.h>
     12
     13/*
     14 * This is a userspace ABI to communicate data between ksmbd and user IPC
     15 * daemon using netlink. This is added to track and cache user account DB
     16 * and share configuration info from userspace.
     17 *
     18 *  - KSMBD_EVENT_HEARTBEAT_REQUEST(ksmbd_heartbeat)
     19 *    This event is to check whether user IPC daemon is alive. If user IPC
     20 *    daemon is dead, ksmbd keep existing connection till disconnecting and
     21 *    new connection will be denied.
     22 *
     23 *  - KSMBD_EVENT_STARTING_UP(ksmbd_startup_request)
     24 *    This event is to receive the information that initializes the ksmbd
     25 *    server from the user IPC daemon and to start the server. The global
     26 *    section parameters are given from smb.conf as initialization
     27 *    information.
     28 *
     29 *  - KSMBD_EVENT_SHUTTING_DOWN(ksmbd_shutdown_request)
     30 *    This event is to shutdown ksmbd server.
     31 *
     32 *  - KSMBD_EVENT_LOGIN_REQUEST/RESPONSE(ksmbd_login_request/response)
     33 *    This event is to get user account info to user IPC daemon.
     34 *
     35 *  - KSMBD_EVENT_SHARE_CONFIG_REQUEST/RESPONSE(ksmbd_share_config_request/response)
     36 *    This event is to get net share configuration info.
     37 *
     38 *  - KSMBD_EVENT_TREE_CONNECT_REQUEST/RESPONSE(ksmbd_tree_connect_request/response)
     39 *    This event is to get session and tree connect info.
     40 *
     41 *  - KSMBD_EVENT_TREE_DISCONNECT_REQUEST(ksmbd_tree_disconnect_request)
     42 *    This event is to send tree disconnect info to user IPC daemon.
     43 *
     44 *  - KSMBD_EVENT_LOGOUT_REQUEST(ksmbd_logout_request)
     45 *    This event is to send logout request to user IPC daemon.
     46 *
     47 *  - KSMBD_EVENT_RPC_REQUEST/RESPONSE(ksmbd_rpc_command)
     48 *    This event is to make DCE/RPC request like srvsvc, wkssvc, lsarpc,
     49 *    samr to be processed in userspace.
     50 *
     51 *  - KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST/RESPONSE(ksmbd_spnego_authen_request/response)
     52 *    This event is to make kerberos authentication to be processed in
     53 *    userspace.
     54 */
     55
     56#define KSMBD_GENL_NAME		"SMBD_GENL"
     57#define KSMBD_GENL_VERSION		0x01
     58
     59#define KSMBD_REQ_MAX_ACCOUNT_NAME_SZ	48
     60#define KSMBD_REQ_MAX_HASH_SZ		18
     61#define KSMBD_REQ_MAX_SHARE_NAME	64
     62
     63/*
     64 * IPC heartbeat frame to check whether user IPC daemon is alive.
     65 */
     66struct ksmbd_heartbeat {
     67	__u32	handle;
     68};
     69
     70/*
     71 * Global config flags.
     72 */
     73#define KSMBD_GLOBAL_FLAG_INVALID		(0)
     74#define KSMBD_GLOBAL_FLAG_SMB2_LEASES		BIT(0)
     75#define KSMBD_GLOBAL_FLAG_SMB2_ENCRYPTION	BIT(1)
     76#define KSMBD_GLOBAL_FLAG_SMB3_MULTICHANNEL	BIT(2)
     77
     78/*
     79 * IPC request for ksmbd server startup
     80 */
     81struct ksmbd_startup_request {
     82	__u32	flags;			/* Flags for global config */
     83	__s32	signing;		/* Signing enabled */
     84	__s8	min_prot[16];		/* The minimum SMB protocol version */
     85	__s8	max_prot[16];		/* The maximum SMB protocol version */
     86	__s8	netbios_name[16];
     87	__s8	work_group[64];		/* Workgroup */
     88	__s8	server_string[64];	/* Server string */
     89	__u16	tcp_port;		/* tcp port */
     90	__u16	ipc_timeout;		/*
     91					 * specifies the number of seconds
     92					 * server will wait for the userspace to
     93					 * reply to heartbeat frames.
     94					 */
     95	__u32	deadtime;		/* Number of minutes of inactivity */
     96	__u32	file_max;		/* Limits the maximum number of open files */
     97	__u32	smb2_max_write;		/* MAX write size */
     98	__u32	smb2_max_read;		/* MAX read size */
     99	__u32	smb2_max_trans;		/* MAX trans size */
    100	__u32	share_fake_fscaps;	/*
    101					 * Support some special application that
    102					 * makes QFSINFO calls to check whether
    103					 * we set the SPARSE_FILES bit (0x40).
    104					 */
    105	__u32	sub_auth[3];		/* Subauth value for Security ID */
    106	__u32	smb2_max_credits;	/* MAX credits */
    107	__u32	smbd_max_io_size;	/* smbd read write size */
    108	__u32	reserved[127];		/* Reserved room */
    109	__u32	ifc_list_sz;		/* interfaces list size */
    110	__s8	____payload[];
    111};
    112
    113#define KSMBD_STARTUP_CONFIG_INTERFACES(s)	((s)->____payload)
    114
    115/*
    116 * IPC request to shutdown ksmbd server.
    117 */
    118struct ksmbd_shutdown_request {
    119	__s32	reserved[16];
    120};
    121
    122/*
    123 * IPC user login request.
    124 */
    125struct ksmbd_login_request {
    126	__u32	handle;
    127	__s8	account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
    128	__u32	reserved[16];				/* Reserved room */
    129};
    130
    131/*
    132 * IPC user login response.
    133 */
    134struct ksmbd_login_response {
    135	__u32	handle;
    136	__u32	gid;					/* group id */
    137	__u32	uid;					/* user id */
    138	__s8	account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
    139	__u16	status;
    140	__u16	hash_sz;			/* hash size */
    141	__s8	hash[KSMBD_REQ_MAX_HASH_SZ];	/* password hash */
    142	__u32	reserved[16];			/* Reserved room */
    143};
    144
    145/*
    146 * IPC request to fetch net share config.
    147 */
    148struct ksmbd_share_config_request {
    149	__u32	handle;
    150	__s8	share_name[KSMBD_REQ_MAX_SHARE_NAME]; /* share name */
    151	__u32	reserved[16];		/* Reserved room */
    152};
    153
    154/*
    155 * IPC response to the net share config request.
    156 */
    157struct ksmbd_share_config_response {
    158	__u32	handle;
    159	__u32	flags;
    160	__u16	create_mask;
    161	__u16	directory_mask;
    162	__u16	force_create_mode;
    163	__u16	force_directory_mode;
    164	__u16	force_uid;
    165	__u16	force_gid;
    166	__u32	reserved[128];		/* Reserved room */
    167	__u32	veto_list_sz;
    168	__s8	____payload[];
    169};
    170
    171#define KSMBD_SHARE_CONFIG_VETO_LIST(s)	((s)->____payload)
    172
    173static inline char *
    174ksmbd_share_config_path(struct ksmbd_share_config_response *sc)
    175{
    176	char *p = sc->____payload;
    177
    178	if (sc->veto_list_sz)
    179		p += sc->veto_list_sz + 1;
    180
    181	return p;
    182}
    183
    184/*
    185 * IPC request for tree connection. This request include session and tree
    186 * connect info from client.
    187 */
    188struct ksmbd_tree_connect_request {
    189	__u32	handle;
    190	__u16	account_flags;
    191	__u16	flags;
    192	__u64	session_id;
    193	__u64	connect_id;
    194	__s8	account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ];
    195	__s8	share[KSMBD_REQ_MAX_SHARE_NAME];
    196	__s8	peer_addr[64];
    197	__u32	reserved[16];		/* Reserved room */
    198};
    199
    200/*
    201 * IPC Response structure for tree connection.
    202 */
    203struct ksmbd_tree_connect_response {
    204	__u32	handle;
    205	__u16	status;
    206	__u16	connection_flags;
    207	__u32	reserved[16];		/* Reserved room */
    208};
    209
    210/*
    211 * IPC Request struture to disconnect tree connection.
    212 */
    213struct ksmbd_tree_disconnect_request {
    214	__u64	session_id;	/* session id */
    215	__u64	connect_id;	/* tree connection id */
    216	__u32	reserved[16];	/* Reserved room */
    217};
    218
    219/*
    220 * IPC Response structure to logout user account.
    221 */
    222struct ksmbd_logout_request {
    223	__s8	account[KSMBD_REQ_MAX_ACCOUNT_NAME_SZ]; /* user account name */
    224	__u32	account_flags;
    225	__u32	reserved[16];				/* Reserved room */
    226};
    227
    228/*
    229 * RPC command structure to send rpc request like srvsvc or wkssvc to
    230 * IPC user daemon.
    231 */
    232struct ksmbd_rpc_command {
    233	__u32	handle;
    234	__u32	flags;
    235	__u32	payload_sz;
    236	__u8	payload[];
    237};
    238
    239/*
    240 * IPC Request Kerberos authentication
    241 */
    242struct ksmbd_spnego_authen_request {
    243	__u32	handle;
    244	__u16	spnego_blob_len;	/* the length of spnego_blob */
    245	__u8	spnego_blob[];		/*
    246					 * the GSS token from SecurityBuffer of
    247					 * SMB2 SESSION SETUP request
    248					 */
    249};
    250
    251/*
    252 * Response data which includes the GSS token and the session key generated by
    253 * user daemon.
    254 */
    255struct ksmbd_spnego_authen_response {
    256	__u32	handle;
    257	struct ksmbd_login_response login_response; /*
    258						     * the login response with
    259						     * a user identified by the
    260						     * GSS token from a client
    261						     */
    262	__u16	session_key_len; /* the length of the session key */
    263	__u16	spnego_blob_len; /*
    264				  * the length of  the GSS token which will be
    265				  * stored in SecurityBuffer of SMB2 SESSION
    266				  * SETUP response
    267				  */
    268	__u8	payload[]; /* session key + AP_REP */
    269};
    270
    271/*
    272 * This also used as NETLINK attribute type value.
    273 *
    274 * NOTE:
    275 * Response message type value should be equal to
    276 * request message type value + 1.
    277 */
    278enum ksmbd_event {
    279	KSMBD_EVENT_UNSPEC			= 0,
    280	KSMBD_EVENT_HEARTBEAT_REQUEST,
    281
    282	KSMBD_EVENT_STARTING_UP,
    283	KSMBD_EVENT_SHUTTING_DOWN,
    284
    285	KSMBD_EVENT_LOGIN_REQUEST,
    286	KSMBD_EVENT_LOGIN_RESPONSE		= 5,
    287
    288	KSMBD_EVENT_SHARE_CONFIG_REQUEST,
    289	KSMBD_EVENT_SHARE_CONFIG_RESPONSE,
    290
    291	KSMBD_EVENT_TREE_CONNECT_REQUEST,
    292	KSMBD_EVENT_TREE_CONNECT_RESPONSE,
    293
    294	KSMBD_EVENT_TREE_DISCONNECT_REQUEST	= 10,
    295
    296	KSMBD_EVENT_LOGOUT_REQUEST,
    297
    298	KSMBD_EVENT_RPC_REQUEST,
    299	KSMBD_EVENT_RPC_RESPONSE,
    300
    301	KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST,
    302	KSMBD_EVENT_SPNEGO_AUTHEN_RESPONSE	= 15,
    303
    304	KSMBD_EVENT_MAX
    305};
    306
    307/*
    308 * Enumeration for IPC tree connect status.
    309 */
    310enum KSMBD_TREE_CONN_STATUS {
    311	KSMBD_TREE_CONN_STATUS_OK		= 0,
    312	KSMBD_TREE_CONN_STATUS_NOMEM,
    313	KSMBD_TREE_CONN_STATUS_NO_SHARE,
    314	KSMBD_TREE_CONN_STATUS_NO_USER,
    315	KSMBD_TREE_CONN_STATUS_INVALID_USER,
    316	KSMBD_TREE_CONN_STATUS_HOST_DENIED	= 5,
    317	KSMBD_TREE_CONN_STATUS_CONN_EXIST,
    318	KSMBD_TREE_CONN_STATUS_TOO_MANY_CONNS,
    319	KSMBD_TREE_CONN_STATUS_TOO_MANY_SESSIONS,
    320	KSMBD_TREE_CONN_STATUS_ERROR,
    321};
    322
    323/*
    324 * User config flags.
    325 */
    326#define KSMBD_USER_FLAG_INVALID		(0)
    327#define KSMBD_USER_FLAG_OK		BIT(0)
    328#define KSMBD_USER_FLAG_BAD_PASSWORD	BIT(1)
    329#define KSMBD_USER_FLAG_BAD_UID		BIT(2)
    330#define KSMBD_USER_FLAG_BAD_USER	BIT(3)
    331#define KSMBD_USER_FLAG_GUEST_ACCOUNT	BIT(4)
    332#define KSMBD_USER_FLAG_DELAY_SESSION	BIT(5)
    333
    334/*
    335 * Share config flags.
    336 */
    337#define KSMBD_SHARE_FLAG_INVALID		(0)
    338#define KSMBD_SHARE_FLAG_AVAILABLE		BIT(0)
    339#define KSMBD_SHARE_FLAG_BROWSEABLE		BIT(1)
    340#define KSMBD_SHARE_FLAG_WRITEABLE		BIT(2)
    341#define KSMBD_SHARE_FLAG_READONLY		BIT(3)
    342#define KSMBD_SHARE_FLAG_GUEST_OK		BIT(4)
    343#define KSMBD_SHARE_FLAG_GUEST_ONLY		BIT(5)
    344#define KSMBD_SHARE_FLAG_STORE_DOS_ATTRS	BIT(6)
    345#define KSMBD_SHARE_FLAG_OPLOCKS		BIT(7)
    346#define KSMBD_SHARE_FLAG_PIPE			BIT(8)
    347#define KSMBD_SHARE_FLAG_HIDE_DOT_FILES		BIT(9)
    348#define KSMBD_SHARE_FLAG_INHERIT_OWNER		BIT(10)
    349#define KSMBD_SHARE_FLAG_STREAMS		BIT(11)
    350#define KSMBD_SHARE_FLAG_FOLLOW_SYMLINKS	BIT(12)
    351#define KSMBD_SHARE_FLAG_ACL_XATTR		BIT(13)
    352
    353/*
    354 * Tree connect request flags.
    355 */
    356#define KSMBD_TREE_CONN_FLAG_REQUEST_SMB1	(0)
    357#define KSMBD_TREE_CONN_FLAG_REQUEST_IPV6	BIT(0)
    358#define KSMBD_TREE_CONN_FLAG_REQUEST_SMB2	BIT(1)
    359
    360/*
    361 * Tree connect flags.
    362 */
    363#define KSMBD_TREE_CONN_FLAG_GUEST_ACCOUNT	BIT(0)
    364#define KSMBD_TREE_CONN_FLAG_READ_ONLY		BIT(1)
    365#define KSMBD_TREE_CONN_FLAG_WRITABLE		BIT(2)
    366#define KSMBD_TREE_CONN_FLAG_ADMIN_ACCOUNT	BIT(3)
    367
    368/*
    369 * RPC over IPC.
    370 */
    371#define KSMBD_RPC_METHOD_RETURN		BIT(0)
    372#define KSMBD_RPC_SRVSVC_METHOD_INVOKE	BIT(1)
    373#define KSMBD_RPC_SRVSVC_METHOD_RETURN	(KSMBD_RPC_SRVSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
    374#define KSMBD_RPC_WKSSVC_METHOD_INVOKE	BIT(2)
    375#define KSMBD_RPC_WKSSVC_METHOD_RETURN	(KSMBD_RPC_WKSSVC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
    376#define KSMBD_RPC_IOCTL_METHOD		(BIT(3) | KSMBD_RPC_METHOD_RETURN)
    377#define KSMBD_RPC_OPEN_METHOD		BIT(4)
    378#define KSMBD_RPC_WRITE_METHOD		BIT(5)
    379#define KSMBD_RPC_READ_METHOD		(BIT(6) | KSMBD_RPC_METHOD_RETURN)
    380#define KSMBD_RPC_CLOSE_METHOD		BIT(7)
    381#define KSMBD_RPC_RAP_METHOD		(BIT(8) | KSMBD_RPC_METHOD_RETURN)
    382#define KSMBD_RPC_RESTRICTED_CONTEXT	BIT(9)
    383#define KSMBD_RPC_SAMR_METHOD_INVOKE	BIT(10)
    384#define KSMBD_RPC_SAMR_METHOD_RETURN	(KSMBD_RPC_SAMR_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
    385#define KSMBD_RPC_LSARPC_METHOD_INVOKE	BIT(11)
    386#define KSMBD_RPC_LSARPC_METHOD_RETURN	(KSMBD_RPC_LSARPC_METHOD_INVOKE | KSMBD_RPC_METHOD_RETURN)
    387
    388/*
    389 * RPC status definitions.
    390 */
    391#define KSMBD_RPC_OK			0
    392#define KSMBD_RPC_EBAD_FUNC		0x00000001
    393#define KSMBD_RPC_EACCESS_DENIED	0x00000005
    394#define KSMBD_RPC_EBAD_FID		0x00000006
    395#define KSMBD_RPC_ENOMEM		0x00000008
    396#define KSMBD_RPC_EBAD_DATA		0x0000000D
    397#define KSMBD_RPC_ENOTIMPLEMENTED	0x00000040
    398#define KSMBD_RPC_EINVALID_PARAMETER	0x00000057
    399#define KSMBD_RPC_EMORE_DATA		0x000000EA
    400#define KSMBD_RPC_EINVALID_LEVEL	0x0000007C
    401#define KSMBD_RPC_SOME_NOT_MAPPED	0x00000107
    402
    403#define KSMBD_CONFIG_OPT_DISABLED	0
    404#define KSMBD_CONFIG_OPT_ENABLED	1
    405#define KSMBD_CONFIG_OPT_AUTO		2
    406#define KSMBD_CONFIG_OPT_MANDATORY	3
    407
    408#endif /* _LINUX_KSMBD_SERVER_H */