1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31#include <linux/fs.h>
32#include <linux/kernel.h>
33#include <linux/vfs.h>
34#include <linux/task_io_accounting_ops.h>
35#include <linux/uaccess.h>
36#include <linux/pagemap.h>
37#include <linux/xattr.h>
38#include "smb2pdu.h"
39#include "cifsglob.h"
40#include "cifsacl.h"
41#include "cifsproto.h"
42#include "smb2proto.h"
43#include "cifs_unicode.h"
44#include "cifs_debug.h"
45#include "ntlmssp.h"
46#include "smb2status.h"
47#include "smb2glob.h"
48#include "cifspdu.h"
49#include "cifs_spnego.h"
50
51
52
53
54
55
56
57
58static const int smb2_req_struct_sizes[NUMBER_OF_SMB2_COMMANDS] = {
59 36,
60 25,
61 4,
62 9,
63 4,
64 57,
65 24,
66 24,
67 49,
68 49,
69 48,
70 57,
71 4,
72 4,
73 33,
74 32,
75 41,
76 33,
77 24
78};
79
80
81static void
82smb2_hdr_assemble(struct smb2_hdr *hdr, __le16 smb2_cmd ,
83 const struct cifs_tcon *tcon)
84{
85 struct smb2_pdu *pdu = (struct smb2_pdu *)hdr;
86 char *temp = (char *)hdr;
87
88 __u16 parmsize = smb2_req_struct_sizes[le16_to_cpu(smb2_cmd)];
89
90
91
92
93
94 memset(temp, 0, 256);
95
96
97 hdr->smb2_buf_length = cpu_to_be32(parmsize + sizeof(struct smb2_hdr)
98 - 4 );
99
100 hdr->ProtocolId = SMB2_PROTO_NUMBER;
101 hdr->StructureSize = cpu_to_le16(64);
102 hdr->Command = smb2_cmd;
103 hdr->CreditRequest = cpu_to_le16(2);
104 hdr->ProcessId = cpu_to_le32((__u16)current->tgid);
105
106 if (!tcon)
107 goto out;
108
109
110
111 if ((tcon->ses) && (tcon->ses->server) &&
112 (tcon->ses->server->capabilities & SMB2_GLOBAL_CAP_LARGE_MTU))
113 hdr->CreditCharge = cpu_to_le16(1);
114
115
116 hdr->TreeId = tcon->tid;
117
118 if (tcon->ses)
119 hdr->SessionId = tcon->ses->Suid;
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134 if (tcon->ses && tcon->ses->server && tcon->ses->server->sign)
135 hdr->Flags |= SMB2_FLAGS_SIGNED;
136out:
137 pdu->StructureSize2 = cpu_to_le16(parmsize);
138 return;
139}
140
141static int
142smb2_reconnect(__le16 smb2_command, struct cifs_tcon *tcon)
143{
144 int rc = 0;
145 struct nls_table *nls_codepage;
146 struct cifs_ses *ses;
147 struct TCP_Server_Info *server;
148
149
150
151
152
153
154 if (tcon == NULL)
155 return rc;
156
157 if (smb2_command == SMB2_TREE_CONNECT)
158 return rc;
159
160 if (tcon->tidStatus == CifsExiting) {
161
162
163
164
165
166 if ((smb2_command != SMB2_WRITE) &&
167 (smb2_command != SMB2_CREATE) &&
168 (smb2_command != SMB2_TREE_DISCONNECT)) {
169 cifs_dbg(FYI, "can not send cmd %d while umounting\n",
170 smb2_command);
171 return -ENODEV;
172 }
173 }
174 if ((!tcon->ses) || (tcon->ses->status == CifsExiting) ||
175 (!tcon->ses->server))
176 return -EIO;
177
178 ses = tcon->ses;
179 server = ses->server;
180
181
182
183
184
185 while (server->tcpStatus == CifsNeedReconnect) {
186
187
188
189
190 switch (smb2_command) {
191
192
193
194 case SMB2_TREE_DISCONNECT:
195 case SMB2_CANCEL:
196 case SMB2_CLOSE:
197 case SMB2_OPLOCK_BREAK:
198 return -EAGAIN;
199 }
200
201 wait_event_interruptible_timeout(server->response_q,
202 (server->tcpStatus != CifsNeedReconnect), 10 * HZ);
203
204
205 if (server->tcpStatus != CifsNeedReconnect)
206 break;
207
208
209
210
211
212
213 if (!tcon->retry) {
214 cifs_dbg(FYI, "gave up waiting on reconnect in smb_init\n");
215 return -EHOSTDOWN;
216 }
217 }
218
219 if (!tcon->ses->need_reconnect && !tcon->need_reconnect)
220 return rc;
221
222 nls_codepage = load_nls_default();
223
224
225
226
227
228 mutex_lock(&tcon->ses->session_mutex);
229 rc = cifs_negotiate_protocol(0, tcon->ses);
230 if (!rc && tcon->ses->need_reconnect)
231 rc = cifs_setup_session(0, tcon->ses, nls_codepage);
232
233 if (rc || !tcon->need_reconnect) {
234 mutex_unlock(&tcon->ses->session_mutex);
235 goto out;
236 }
237
238 cifs_mark_open_files_invalid(tcon);
239 rc = SMB2_tcon(0, tcon->ses, tcon->treeName, tcon, nls_codepage);
240 mutex_unlock(&tcon->ses->session_mutex);
241 cifs_dbg(FYI, "reconnect tcon rc = %d\n", rc);
242 if (rc)
243 goto out;
244 atomic_inc(&tconInfoReconnectCount);
245out:
246
247
248
249
250
251
252
253
254 switch (smb2_command) {
255 case SMB2_FLUSH:
256 case SMB2_READ:
257 case SMB2_WRITE:
258 case SMB2_LOCK:
259 case SMB2_IOCTL:
260 case SMB2_QUERY_DIRECTORY:
261 case SMB2_CHANGE_NOTIFY:
262 case SMB2_QUERY_INFO:
263 case SMB2_SET_INFO:
264 return -EAGAIN;
265 }
266 unload_nls(nls_codepage);
267 return rc;
268}
269
270
271
272
273
274
275static int
276small_smb2_init(__le16 smb2_command, struct cifs_tcon *tcon,
277 void **request_buf)
278{
279 int rc = 0;
280
281 rc = smb2_reconnect(smb2_command, tcon);
282 if (rc)
283 return rc;
284
285
286 *request_buf = cifs_small_buf_get();
287 if (*request_buf == NULL) {
288
289 return -ENOMEM;
290 }
291
292 smb2_hdr_assemble((struct smb2_hdr *) *request_buf, smb2_command, tcon);
293
294 if (tcon != NULL) {
295#ifdef CONFIG_CIFS_STATS2
296 uint16_t com_code = le16_to_cpu(smb2_command);
297 cifs_stats_inc(&tcon->stats.smb2_stats.smb2_com_sent[com_code]);
298#endif
299 cifs_stats_inc(&tcon->num_smbs_sent);
300 }
301
302 return rc;
303}
304
305#ifdef CONFIG_CIFS_SMB311
306
307#define OFFSET_OF_NEG_CONTEXT 0x68
308
309
310#define SMB2_PREAUTH_INTEGRITY_CAPABILITIES cpu_to_le16(1)
311#define SMB2_ENCRYPTION_CAPABILITIES cpu_to_le16(2)
312
313static void
314build_preauth_ctxt(struct smb2_preauth_neg_context *pneg_ctxt)
315{
316 pneg_ctxt->ContextType = SMB2_PREAUTH_INTEGRITY_CAPABILITIES;
317 pneg_ctxt->DataLength = cpu_to_le16(38);
318 pneg_ctxt->HashAlgorithmCount = cpu_to_le16(1);
319 pneg_ctxt->SaltLength = cpu_to_le16(SMB311_SALT_SIZE);
320 get_random_bytes(pneg_ctxt->Salt, SMB311_SALT_SIZE);
321 pneg_ctxt->HashAlgorithms = SMB2_PREAUTH_INTEGRITY_SHA512;
322}
323
324static void
325build_encrypt_ctxt(struct smb2_encryption_neg_context *pneg_ctxt)
326{
327 pneg_ctxt->ContextType = SMB2_ENCRYPTION_CAPABILITIES;
328 pneg_ctxt->DataLength = cpu_to_le16(6);
329 pneg_ctxt->CipherCount = cpu_to_le16(2);
330 pneg_ctxt->Ciphers[0] = SMB2_ENCRYPTION_AES128_GCM;
331 pneg_ctxt->Ciphers[1] = SMB2_ENCRYPTION_AES128_CCM;
332}
333
334static void
335assemble_neg_contexts(struct smb2_negotiate_req *req)
336{
337
338
339 char *pneg_ctxt = (char *)req + OFFSET_OF_NEG_CONTEXT + 4;
340
341 build_preauth_ctxt((struct smb2_preauth_neg_context *)pneg_ctxt);
342
343 pneg_ctxt += 2 + sizeof(struct smb2_preauth_neg_context);
344 build_encrypt_ctxt((struct smb2_encryption_neg_context *)pneg_ctxt);
345 req->NegotiateContextOffset = cpu_to_le32(OFFSET_OF_NEG_CONTEXT);
346 req->NegotiateContextCount = cpu_to_le16(2);
347 inc_rfc1001_len(req, 4 + sizeof(struct smb2_preauth_neg_context) + 2
348 + sizeof(struct smb2_encryption_neg_context));
349}
350#else
351static void assemble_neg_contexts(struct smb2_negotiate_req *req)
352{
353 return;
354}
355#endif
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373int
374SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses)
375{
376 struct smb2_negotiate_req *req;
377 struct smb2_negotiate_rsp *rsp;
378 struct kvec iov[1];
379 int rc = 0;
380 int resp_buftype;
381 struct TCP_Server_Info *server = ses->server;
382 int blob_offset, blob_length;
383 char *security_blob;
384 int flags = CIFS_NEG_OP;
385
386 cifs_dbg(FYI, "Negotiate protocol\n");
387
388 if (!server) {
389 WARN(1, "%s: server is NULL!\n", __func__);
390 return -EIO;
391 }
392
393 rc = small_smb2_init(SMB2_NEGOTIATE, NULL, (void **) &req);
394 if (rc)
395 return rc;
396
397 req->hdr.SessionId = 0;
398
399 req->Dialects[0] = cpu_to_le16(ses->server->vals->protocol_id);
400
401 req->DialectCount = cpu_to_le16(1);
402 inc_rfc1001_len(req, 2);
403
404
405 if (ses->sign)
406 req->SecurityMode = cpu_to_le16(SMB2_NEGOTIATE_SIGNING_REQUIRED);
407 else if (global_secflags & CIFSSEC_MAY_SIGN)
408 req->SecurityMode = cpu_to_le16(SMB2_NEGOTIATE_SIGNING_ENABLED);
409 else
410 req->SecurityMode = 0;
411
412 req->Capabilities = cpu_to_le32(ses->server->vals->req_capabilities);
413
414
415 if (ses->server->vals->protocol_id == SMB20_PROT_ID)
416 memset(req->ClientGUID, 0, SMB2_CLIENT_GUID_SIZE);
417 else {
418 memcpy(req->ClientGUID, server->client_guid,
419 SMB2_CLIENT_GUID_SIZE);
420 if (ses->server->vals->protocol_id == SMB311_PROT_ID)
421 assemble_neg_contexts(req);
422 }
423 iov[0].iov_base = (char *)req;
424
425 iov[0].iov_len = get_rfc1002_length(req) + 4;
426
427 rc = SendReceive2(xid, ses, iov, 1, &resp_buftype, flags);
428
429 rsp = (struct smb2_negotiate_rsp *)iov[0].iov_base;
430
431
432
433
434 if (rc != 0)
435 goto neg_exit;
436
437 cifs_dbg(FYI, "mode 0x%x\n", rsp->SecurityMode);
438
439
440
441 if (rsp->DialectRevision == cpu_to_le16(SMB20_PROT_ID))
442 cifs_dbg(FYI, "negotiated smb2.0 dialect\n");
443 else if (rsp->DialectRevision == cpu_to_le16(SMB21_PROT_ID))
444 cifs_dbg(FYI, "negotiated smb2.1 dialect\n");
445 else if (rsp->DialectRevision == cpu_to_le16(SMB30_PROT_ID))
446 cifs_dbg(FYI, "negotiated smb3.0 dialect\n");
447 else if (rsp->DialectRevision == cpu_to_le16(SMB302_PROT_ID))
448 cifs_dbg(FYI, "negotiated smb3.02 dialect\n");
449#ifdef CONFIG_CIFS_SMB311
450 else if (rsp->DialectRevision == cpu_to_le16(SMB311_PROT_ID))
451 cifs_dbg(FYI, "negotiated smb3.1.1 dialect\n");
452#endif
453 else {
454 cifs_dbg(VFS, "Illegal dialect returned by server 0x%x\n",
455 le16_to_cpu(rsp->DialectRevision));
456 rc = -EIO;
457 goto neg_exit;
458 }
459 server->dialect = le16_to_cpu(rsp->DialectRevision);
460
461
462 server->negflavor = CIFS_NEGFLAVOR_EXTENDED;
463
464 server->maxBuf = min_t(unsigned int, le32_to_cpu(rsp->MaxTransactSize),
465 SMB2_MAX_BUFFER_SIZE);
466 server->max_read = le32_to_cpu(rsp->MaxReadSize);
467 server->max_write = le32_to_cpu(rsp->MaxWriteSize);
468
469 server->sec_mode = le16_to_cpu(rsp->SecurityMode);
470 server->capabilities = le32_to_cpu(rsp->Capabilities);
471
472 server->capabilities |= SMB2_NT_FIND | SMB2_LARGE_FILES;
473
474 security_blob = smb2_get_data_area_len(&blob_offset, &blob_length,
475 &rsp->hdr);
476
477
478
479
480
481
482
483 if (blob_length == 0)
484 cifs_dbg(FYI, "missing security blob on negprot\n");
485
486 rc = cifs_enable_signing(server, ses->sign);
487 if (rc)
488 goto neg_exit;
489 if (blob_length) {
490 rc = decode_negTokenInit(security_blob, blob_length, server);
491 if (rc == 1)
492 rc = 0;
493 else if (rc == 0)
494 rc = -EIO;
495 }
496neg_exit:
497 free_rsp_buf(resp_buftype, rsp);
498 return rc;
499}
500
501int smb3_validate_negotiate(const unsigned int xid, struct cifs_tcon *tcon)
502{
503 int rc = 0;
504 struct validate_negotiate_info_req vneg_inbuf;
505 struct validate_negotiate_info_rsp *pneg_rsp;
506 u32 rsplen;
507
508 cifs_dbg(FYI, "validate negotiate\n");
509
510
511
512
513
514
515
516
517
518 if (tcon->ses->server->sign == false)
519 return 0;
520
521 vneg_inbuf.Capabilities =
522 cpu_to_le32(tcon->ses->server->vals->req_capabilities);
523 memcpy(vneg_inbuf.Guid, tcon->ses->server->client_guid,
524 SMB2_CLIENT_GUID_SIZE);
525
526 if (tcon->ses->sign)
527 vneg_inbuf.SecurityMode =
528 cpu_to_le16(SMB2_NEGOTIATE_SIGNING_REQUIRED);
529 else if (global_secflags & CIFSSEC_MAY_SIGN)
530 vneg_inbuf.SecurityMode =
531 cpu_to_le16(SMB2_NEGOTIATE_SIGNING_ENABLED);
532 else
533 vneg_inbuf.SecurityMode = 0;
534
535 vneg_inbuf.DialectCount = cpu_to_le16(1);
536 vneg_inbuf.Dialects[0] =
537 cpu_to_le16(tcon->ses->server->vals->protocol_id);
538
539 rc = SMB2_ioctl(xid, tcon, NO_FILE_ID, NO_FILE_ID,
540 FSCTL_VALIDATE_NEGOTIATE_INFO, true ,
541 (char *)&vneg_inbuf, sizeof(struct validate_negotiate_info_req),
542 (char **)&pneg_rsp, &rsplen);
543
544 if (rc != 0) {
545 cifs_dbg(VFS, "validate protocol negotiate failed: %d\n", rc);
546 return -EIO;
547 }
548
549 if (rsplen != sizeof(struct validate_negotiate_info_rsp)) {
550 cifs_dbg(VFS, "invalid size of protocol negotiate response\n");
551 return -EIO;
552 }
553
554
555 if (pneg_rsp->Dialect !=
556 cpu_to_le16(tcon->ses->server->vals->protocol_id))
557 goto vneg_out;
558
559 if (pneg_rsp->SecurityMode != cpu_to_le16(tcon->ses->server->sec_mode))
560 goto vneg_out;
561
562
563
564 if ((le32_to_cpu(pneg_rsp->Capabilities) | SMB2_NT_FIND |
565 SMB2_LARGE_FILES) != tcon->ses->server->capabilities)
566 goto vneg_out;
567
568
569 cifs_dbg(FYI, "validate negotiate info successful\n");
570 return 0;
571
572vneg_out:
573 cifs_dbg(VFS, "protocol revalidation - security settings mismatch\n");
574 return -EIO;
575}
576
577int
578SMB2_sess_setup(const unsigned int xid, struct cifs_ses *ses,
579 const struct nls_table *nls_cp)
580{
581 struct smb2_sess_setup_req *req;
582 struct smb2_sess_setup_rsp *rsp = NULL;
583 struct kvec iov[2];
584 int rc = 0;
585 int resp_buftype = CIFS_NO_BUFFER;
586 __le32 phase = NtLmNegotiate;
587 struct TCP_Server_Info *server = ses->server;
588 u16 blob_length = 0;
589 struct key *spnego_key = NULL;
590 char *security_blob = NULL;
591 char *ntlmssp_blob = NULL;
592 bool use_spnego = false;
593
594 cifs_dbg(FYI, "Session Setup\n");
595
596 if (!server) {
597 WARN(1, "%s: server is NULL!\n", __func__);
598 return -EIO;
599 }
600
601
602
603
604
605 kfree(ses->auth_key.response);
606 ses->auth_key.response = NULL;
607
608
609
610
611
612 ses->ntlmssp = kmalloc(sizeof(struct ntlmssp_auth), GFP_KERNEL);
613 if (!ses->ntlmssp)
614 return -ENOMEM;
615 ses->ntlmssp->sesskey_per_smbsess = true;
616
617
618 if (ses->sectype != Kerberos && ses->sectype != RawNTLMSSP)
619 ses->sectype = RawNTLMSSP;
620
621ssetup_ntlmssp_authenticate:
622 if (phase == NtLmChallenge)
623 phase = NtLmAuthenticate;
624
625 rc = small_smb2_init(SMB2_SESSION_SETUP, NULL, (void **) &req);
626 if (rc)
627 return rc;
628
629 req->hdr.SessionId = 0;
630 req->Flags = 0;
631
632 req->hdr.CreditRequest = cpu_to_le16(3);
633
634
635 if (server->sign)
636 req->SecurityMode = SMB2_NEGOTIATE_SIGNING_REQUIRED;
637 else if (global_secflags & CIFSSEC_MAY_SIGN)
638 req->SecurityMode = SMB2_NEGOTIATE_SIGNING_ENABLED;
639 else
640 req->SecurityMode = 0;
641
642 req->Capabilities = 0;
643 req->Channel = 0;
644
645 iov[0].iov_base = (char *)req;
646
647 iov[0].iov_len = get_rfc1002_length(req) + 4 - 1;
648
649 if (ses->sectype == Kerberos) {
650#ifdef CONFIG_CIFS_UPCALL
651 struct cifs_spnego_msg *msg;
652
653 spnego_key = cifs_get_spnego_key(ses);
654 if (IS_ERR(spnego_key)) {
655 rc = PTR_ERR(spnego_key);
656 spnego_key = NULL;
657 goto ssetup_exit;
658 }
659
660 msg = spnego_key->payload.data[0];
661
662
663
664
665 if (msg->version != CIFS_SPNEGO_UPCALL_VERSION) {
666 cifs_dbg(VFS,
667 "bad cifs.upcall version. Expected %d got %d",
668 CIFS_SPNEGO_UPCALL_VERSION, msg->version);
669 rc = -EKEYREJECTED;
670 goto ssetup_exit;
671 }
672 ses->auth_key.response = kmemdup(msg->data, msg->sesskey_len,
673 GFP_KERNEL);
674 if (!ses->auth_key.response) {
675 cifs_dbg(VFS,
676 "Kerberos can't allocate (%u bytes) memory",
677 msg->sesskey_len);
678 rc = -ENOMEM;
679 goto ssetup_exit;
680 }
681 ses->auth_key.len = msg->sesskey_len;
682 blob_length = msg->secblob_len;
683 iov[1].iov_base = msg->data + msg->sesskey_len;
684 iov[1].iov_len = blob_length;
685#else
686 rc = -EOPNOTSUPP;
687 goto ssetup_exit;
688#endif
689 } else if (phase == NtLmNegotiate) {
690 ntlmssp_blob = kmalloc(sizeof(struct _NEGOTIATE_MESSAGE),
691 GFP_KERNEL);
692 if (ntlmssp_blob == NULL) {
693 rc = -ENOMEM;
694 goto ssetup_exit;
695 }
696 build_ntlmssp_negotiate_blob(ntlmssp_blob, ses);
697 if (use_spnego) {
698
699
700
701
702
703 cifs_dbg(VFS, "spnego not supported for SMB2 yet\n");
704 rc = -EOPNOTSUPP;
705 kfree(ntlmssp_blob);
706 goto ssetup_exit;
707 } else {
708 blob_length = sizeof(struct _NEGOTIATE_MESSAGE);
709
710 security_blob = ntlmssp_blob;
711 }
712 iov[1].iov_base = security_blob;
713 iov[1].iov_len = blob_length;
714 } else if (phase == NtLmAuthenticate) {
715 req->hdr.SessionId = ses->Suid;
716 ntlmssp_blob = kzalloc(sizeof(struct _NEGOTIATE_MESSAGE) + 500,
717 GFP_KERNEL);
718 if (ntlmssp_blob == NULL) {
719 rc = -ENOMEM;
720 goto ssetup_exit;
721 }
722 rc = build_ntlmssp_auth_blob(ntlmssp_blob, &blob_length, ses,
723 nls_cp);
724 if (rc) {
725 cifs_dbg(FYI, "build_ntlmssp_auth_blob failed %d\n",
726 rc);
727 goto ssetup_exit;
728 }
729 if (use_spnego) {
730
731
732
733
734 cifs_dbg(VFS, "spnego not supported for SMB2 yet\n");
735 rc = -EOPNOTSUPP;
736 kfree(ntlmssp_blob);
737 goto ssetup_exit;
738 } else {
739 security_blob = ntlmssp_blob;
740 }
741 iov[1].iov_base = security_blob;
742 iov[1].iov_len = blob_length;
743 } else {
744 cifs_dbg(VFS, "illegal ntlmssp phase\n");
745 rc = -EIO;
746 goto ssetup_exit;
747 }
748
749
750 req->SecurityBufferOffset =
751 cpu_to_le16(sizeof(struct smb2_sess_setup_req) -
752 1 - 4 );
753 req->SecurityBufferLength = cpu_to_le16(blob_length);
754
755 inc_rfc1001_len(req, blob_length - 1 );
756
757
758
759 rc = SendReceive2(xid, ses, iov, 2, &resp_buftype,
760 CIFS_LOG_ERROR | CIFS_NEG_OP);
761
762 kfree(security_blob);
763 rsp = (struct smb2_sess_setup_rsp *)iov[0].iov_base;
764 ses->Suid = rsp->hdr.SessionId;
765 if (resp_buftype != CIFS_NO_BUFFER &&
766 rsp->hdr.Status == STATUS_MORE_PROCESSING_REQUIRED) {
767 if (phase != NtLmNegotiate) {
768 cifs_dbg(VFS, "Unexpected more processing error\n");
769 goto ssetup_exit;
770 }
771 if (offsetof(struct smb2_sess_setup_rsp, Buffer) - 4 !=
772 le16_to_cpu(rsp->SecurityBufferOffset)) {
773 cifs_dbg(VFS, "Invalid security buffer offset %d\n",
774 le16_to_cpu(rsp->SecurityBufferOffset));
775 rc = -EIO;
776 goto ssetup_exit;
777 }
778
779
780 phase = NtLmChallenge;
781 rc = 0;
782 rc = decode_ntlmssp_challenge(rsp->Buffer,
783 le16_to_cpu(rsp->SecurityBufferLength), ses);
784 }
785
786
787
788
789
790
791
792
793
794 if (rc != 0)
795 goto ssetup_exit;
796
797 ses->session_flags = le16_to_cpu(rsp->SessionFlags);
798 if (ses->session_flags & SMB2_SESSION_FLAG_ENCRYPT_DATA)
799 cifs_dbg(VFS, "SMB3 encryption not supported yet\n");
800ssetup_exit:
801 free_rsp_buf(resp_buftype, rsp);
802
803
804 if ((phase == NtLmChallenge) && (rc == 0))
805 goto ssetup_ntlmssp_authenticate;
806
807 if (!rc) {
808 mutex_lock(&server->srv_mutex);
809 if (server->sign && server->ops->generate_signingkey) {
810 rc = server->ops->generate_signingkey(ses);
811 kfree(ses->auth_key.response);
812 ses->auth_key.response = NULL;
813 if (rc) {
814 cifs_dbg(FYI,
815 "SMB3 session key generation failed\n");
816 mutex_unlock(&server->srv_mutex);
817 goto keygen_exit;
818 }
819 }
820 if (!server->session_estab) {
821 server->sequence_number = 0x2;
822 server->session_estab = true;
823 }
824 mutex_unlock(&server->srv_mutex);
825
826 cifs_dbg(FYI, "SMB2/3 session established successfully\n");
827 spin_lock(&GlobalMid_Lock);
828 ses->status = CifsGood;
829 ses->need_reconnect = false;
830 spin_unlock(&GlobalMid_Lock);
831 }
832
833keygen_exit:
834 if (!server->sign) {
835 kfree(ses->auth_key.response);
836 ses->auth_key.response = NULL;
837 }
838 if (spnego_key) {
839 key_invalidate(spnego_key);
840 key_put(spnego_key);
841 }
842 kfree(ses->ntlmssp);
843
844 return rc;
845}
846
847int
848SMB2_logoff(const unsigned int xid, struct cifs_ses *ses)
849{
850 struct smb2_logoff_req *req;
851 int rc = 0;
852 struct TCP_Server_Info *server;
853
854 cifs_dbg(FYI, "disconnect session %p\n", ses);
855
856 if (ses && (ses->server))
857 server = ses->server;
858 else
859 return -EIO;
860
861
862 if (ses->need_reconnect)
863 goto smb2_session_already_dead;
864
865 rc = small_smb2_init(SMB2_LOGOFF, NULL, (void **) &req);
866 if (rc)
867 return rc;
868
869
870 req->hdr.SessionId = ses->Suid;
871 if (server->sign)
872 req->hdr.Flags |= SMB2_FLAGS_SIGNED;
873
874 rc = SendReceiveNoRsp(xid, ses, (char *) &req->hdr, 0);
875
876
877
878
879
880smb2_session_already_dead:
881 return rc;
882}
883
884static inline void cifs_stats_fail_inc(struct cifs_tcon *tcon, uint16_t code)
885{
886 cifs_stats_inc(&tcon->stats.smb2_stats.smb2_com_failed[code]);
887}
888
889#define MAX_SHARENAME_LENGTH (255 + 80 + 1 )
890
891
892static inline void init_copy_chunk_defaults(struct cifs_tcon *tcon)
893{
894 tcon->max_chunks = 256;
895 tcon->max_bytes_chunk = 1048576;
896 tcon->max_bytes_copy = 16777216;
897}
898
899int
900SMB2_tcon(const unsigned int xid, struct cifs_ses *ses, const char *tree,
901 struct cifs_tcon *tcon, const struct nls_table *cp)
902{
903 struct smb2_tree_connect_req *req;
904 struct smb2_tree_connect_rsp *rsp = NULL;
905 struct kvec iov[2];
906 int rc = 0;
907 int resp_buftype;
908 int unc_path_len;
909 struct TCP_Server_Info *server;
910 __le16 *unc_path = NULL;
911
912 cifs_dbg(FYI, "TCON\n");
913
914 if ((ses->server) && tree)
915 server = ses->server;
916 else
917 return -EIO;
918
919 if (tcon && tcon->bad_network_name)
920 return -ENOENT;
921
922 if ((tcon && tcon->seal) &&
923 ((ses->server->capabilities & SMB2_GLOBAL_CAP_ENCRYPTION) == 0)) {
924 cifs_dbg(VFS, "encryption requested but no server support");
925 return -EOPNOTSUPP;
926 }
927
928 unc_path = kmalloc(MAX_SHARENAME_LENGTH * 2, GFP_KERNEL);
929 if (unc_path == NULL)
930 return -ENOMEM;
931
932 unc_path_len = cifs_strtoUTF16(unc_path, tree, strlen(tree), cp) + 1;
933 unc_path_len *= 2;
934 if (unc_path_len < 2) {
935 kfree(unc_path);
936 return -EINVAL;
937 }
938
939 rc = small_smb2_init(SMB2_TREE_CONNECT, tcon, (void **) &req);
940 if (rc) {
941 kfree(unc_path);
942 return rc;
943 }
944
945 if (tcon == NULL) {
946
947 req->hdr.SessionId = ses->Suid;
948
949
950 }
951
952 iov[0].iov_base = (char *)req;
953
954 iov[0].iov_len = get_rfc1002_length(req) + 4 - 1;
955
956
957 req->PathOffset = cpu_to_le16(sizeof(struct smb2_tree_connect_req)
958 - 1 - 4 );
959 req->PathLength = cpu_to_le16(unc_path_len - 2);
960 iov[1].iov_base = unc_path;
961 iov[1].iov_len = unc_path_len;
962
963 inc_rfc1001_len(req, unc_path_len - 1 );
964
965 rc = SendReceive2(xid, ses, iov, 2, &resp_buftype, 0);
966 rsp = (struct smb2_tree_connect_rsp *)iov[0].iov_base;
967
968 if (rc != 0) {
969 if (tcon) {
970 cifs_stats_fail_inc(tcon, SMB2_TREE_CONNECT_HE);
971 tcon->need_reconnect = true;
972 }
973 goto tcon_error_exit;
974 }
975
976 if (tcon == NULL) {
977 ses->ipc_tid = rsp->hdr.TreeId;
978 goto tcon_exit;
979 }
980
981 if (rsp->ShareType & SMB2_SHARE_TYPE_DISK)
982 cifs_dbg(FYI, "connection to disk share\n");
983 else if (rsp->ShareType & SMB2_SHARE_TYPE_PIPE) {
984 tcon->ipc = true;
985 cifs_dbg(FYI, "connection to pipe share\n");
986 } else if (rsp->ShareType & SMB2_SHARE_TYPE_PRINT) {
987 tcon->print = true;
988 cifs_dbg(FYI, "connection to printer\n");
989 } else {
990 cifs_dbg(VFS, "unknown share type %d\n", rsp->ShareType);
991 rc = -EOPNOTSUPP;
992 goto tcon_error_exit;
993 }
994
995 tcon->share_flags = le32_to_cpu(rsp->ShareFlags);
996 tcon->capabilities = rsp->Capabilities;
997 tcon->maximal_access = le32_to_cpu(rsp->MaximalAccess);
998 tcon->tidStatus = CifsGood;
999 tcon->need_reconnect = false;
1000 tcon->tid = rsp->hdr.TreeId;
1001 strlcpy(tcon->treeName, tree, sizeof(tcon->treeName));
1002
1003 if ((rsp->Capabilities & SMB2_SHARE_CAP_DFS) &&
1004 ((tcon->share_flags & SHI1005_FLAGS_DFS) == 0))
1005 cifs_dbg(VFS, "DFS capability contradicts DFS flag\n");
1006 init_copy_chunk_defaults(tcon);
1007 if (tcon->share_flags & SHI1005_FLAGS_ENCRYPT_DATA)
1008 cifs_dbg(VFS, "Encrypted shares not supported");
1009 if (tcon->ses->server->ops->validate_negotiate)
1010 rc = tcon->ses->server->ops->validate_negotiate(xid, tcon);
1011tcon_exit:
1012 free_rsp_buf(resp_buftype, rsp);
1013 kfree(unc_path);
1014 return rc;
1015
1016tcon_error_exit:
1017 if (rsp->hdr.Status == STATUS_BAD_NETWORK_NAME) {
1018 cifs_dbg(VFS, "BAD_NETWORK_NAME: %s\n", tree);
1019 if (tcon)
1020 tcon->bad_network_name = true;
1021 }
1022 goto tcon_exit;
1023}
1024
1025int
1026SMB2_tdis(const unsigned int xid, struct cifs_tcon *tcon)
1027{
1028 struct smb2_tree_disconnect_req *req;
1029 int rc = 0;
1030 struct TCP_Server_Info *server;
1031 struct cifs_ses *ses = tcon->ses;
1032
1033 cifs_dbg(FYI, "Tree Disconnect\n");
1034
1035 if (ses && (ses->server))
1036 server = ses->server;
1037 else
1038 return -EIO;
1039
1040 if ((tcon->need_reconnect) || (tcon->ses->need_reconnect))
1041 return 0;
1042
1043 rc = small_smb2_init(SMB2_TREE_DISCONNECT, tcon, (void **) &req);
1044 if (rc)
1045 return rc;
1046
1047 rc = SendReceiveNoRsp(xid, ses, (char *)&req->hdr, 0);
1048 if (rc)
1049 cifs_stats_fail_inc(tcon, SMB2_TREE_DISCONNECT_HE);
1050
1051 return rc;
1052}
1053
1054
1055static struct create_durable *
1056create_durable_buf(void)
1057{
1058 struct create_durable *buf;
1059
1060 buf = kzalloc(sizeof(struct create_durable), GFP_KERNEL);
1061 if (!buf)
1062 return NULL;
1063
1064 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1065 (struct create_durable, Data));
1066 buf->ccontext.DataLength = cpu_to_le32(16);
1067 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1068 (struct create_durable, Name));
1069 buf->ccontext.NameLength = cpu_to_le16(4);
1070
1071 buf->Name[0] = 'D';
1072 buf->Name[1] = 'H';
1073 buf->Name[2] = 'n';
1074 buf->Name[3] = 'Q';
1075 return buf;
1076}
1077
1078static struct create_durable *
1079create_reconnect_durable_buf(struct cifs_fid *fid)
1080{
1081 struct create_durable *buf;
1082
1083 buf = kzalloc(sizeof(struct create_durable), GFP_KERNEL);
1084 if (!buf)
1085 return NULL;
1086
1087 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1088 (struct create_durable, Data));
1089 buf->ccontext.DataLength = cpu_to_le32(16);
1090 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1091 (struct create_durable, Name));
1092 buf->ccontext.NameLength = cpu_to_le16(4);
1093 buf->Data.Fid.PersistentFileId = fid->persistent_fid;
1094 buf->Data.Fid.VolatileFileId = fid->volatile_fid;
1095
1096 buf->Name[0] = 'D';
1097 buf->Name[1] = 'H';
1098 buf->Name[2] = 'n';
1099 buf->Name[3] = 'C';
1100 return buf;
1101}
1102
1103static __u8
1104parse_lease_state(struct TCP_Server_Info *server, struct smb2_create_rsp *rsp,
1105 unsigned int *epoch)
1106{
1107 char *data_offset;
1108 struct create_context *cc;
1109 unsigned int next;
1110 unsigned int remaining;
1111 char *name;
1112
1113 data_offset = (char *)rsp + 4 + le32_to_cpu(rsp->CreateContextsOffset);
1114 remaining = le32_to_cpu(rsp->CreateContextsLength);
1115 cc = (struct create_context *)data_offset;
1116 while (remaining >= sizeof(struct create_context)) {
1117 name = le16_to_cpu(cc->NameOffset) + (char *)cc;
1118 if (le16_to_cpu(cc->NameLength) == 4 &&
1119 strncmp(name, "RqLs", 4) == 0)
1120 return server->ops->parse_lease_buf(cc, epoch);
1121
1122 next = le32_to_cpu(cc->Next);
1123 if (!next)
1124 break;
1125 remaining -= next;
1126 cc = (struct create_context *)((char *)cc + next);
1127 }
1128
1129 return 0;
1130}
1131
1132static int
1133add_lease_context(struct TCP_Server_Info *server, struct kvec *iov,
1134 unsigned int *num_iovec, __u8 *oplock)
1135{
1136 struct smb2_create_req *req = iov[0].iov_base;
1137 unsigned int num = *num_iovec;
1138
1139 iov[num].iov_base = server->ops->create_lease_buf(oplock+1, *oplock);
1140 if (iov[num].iov_base == NULL)
1141 return -ENOMEM;
1142 iov[num].iov_len = server->vals->create_lease_size;
1143 req->RequestedOplockLevel = SMB2_OPLOCK_LEVEL_LEASE;
1144 if (!req->CreateContextsOffset)
1145 req->CreateContextsOffset = cpu_to_le32(
1146 sizeof(struct smb2_create_req) - 4 +
1147 iov[num - 1].iov_len);
1148 le32_add_cpu(&req->CreateContextsLength,
1149 server->vals->create_lease_size);
1150 inc_rfc1001_len(&req->hdr, server->vals->create_lease_size);
1151 *num_iovec = num + 1;
1152 return 0;
1153}
1154
1155static struct create_durable_v2 *
1156create_durable_v2_buf(struct cifs_fid *pfid)
1157{
1158 struct create_durable_v2 *buf;
1159
1160 buf = kzalloc(sizeof(struct create_durable_v2), GFP_KERNEL);
1161 if (!buf)
1162 return NULL;
1163
1164 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1165 (struct create_durable_v2, dcontext));
1166 buf->ccontext.DataLength = cpu_to_le32(sizeof(struct durable_context_v2));
1167 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1168 (struct create_durable_v2, Name));
1169 buf->ccontext.NameLength = cpu_to_le16(4);
1170
1171 buf->dcontext.Timeout = 0;
1172 buf->dcontext.Flags = cpu_to_le32(SMB2_DHANDLE_FLAG_PERSISTENT);
1173 get_random_bytes(buf->dcontext.CreateGuid, 16);
1174 memcpy(pfid->create_guid, buf->dcontext.CreateGuid, 16);
1175
1176
1177 buf->Name[0] = 'D';
1178 buf->Name[1] = 'H';
1179 buf->Name[2] = '2';
1180 buf->Name[3] = 'Q';
1181 return buf;
1182}
1183
1184static struct create_durable_handle_reconnect_v2 *
1185create_reconnect_durable_v2_buf(struct cifs_fid *fid)
1186{
1187 struct create_durable_handle_reconnect_v2 *buf;
1188
1189 buf = kzalloc(sizeof(struct create_durable_handle_reconnect_v2),
1190 GFP_KERNEL);
1191 if (!buf)
1192 return NULL;
1193
1194 buf->ccontext.DataOffset =
1195 cpu_to_le16(offsetof(struct create_durable_handle_reconnect_v2,
1196 dcontext));
1197 buf->ccontext.DataLength =
1198 cpu_to_le32(sizeof(struct durable_reconnect_context_v2));
1199 buf->ccontext.NameOffset =
1200 cpu_to_le16(offsetof(struct create_durable_handle_reconnect_v2,
1201 Name));
1202 buf->ccontext.NameLength = cpu_to_le16(4);
1203
1204 buf->dcontext.Fid.PersistentFileId = fid->persistent_fid;
1205 buf->dcontext.Fid.VolatileFileId = fid->volatile_fid;
1206 buf->dcontext.Flags = cpu_to_le32(SMB2_DHANDLE_FLAG_PERSISTENT);
1207 memcpy(buf->dcontext.CreateGuid, fid->create_guid, 16);
1208
1209
1210 buf->Name[0] = 'D';
1211 buf->Name[1] = 'H';
1212 buf->Name[2] = '2';
1213 buf->Name[3] = 'C';
1214 return buf;
1215}
1216
1217static int
1218add_durable_v2_context(struct kvec *iov, unsigned int *num_iovec,
1219 struct cifs_open_parms *oparms)
1220{
1221 struct smb2_create_req *req = iov[0].iov_base;
1222 unsigned int num = *num_iovec;
1223
1224 iov[num].iov_base = create_durable_v2_buf(oparms->fid);
1225 if (iov[num].iov_base == NULL)
1226 return -ENOMEM;
1227 iov[num].iov_len = sizeof(struct create_durable_v2);
1228 if (!req->CreateContextsOffset)
1229 req->CreateContextsOffset =
1230 cpu_to_le32(sizeof(struct smb2_create_req) - 4 +
1231 iov[1].iov_len);
1232 le32_add_cpu(&req->CreateContextsLength, sizeof(struct create_durable_v2));
1233 inc_rfc1001_len(&req->hdr, sizeof(struct create_durable_v2));
1234 *num_iovec = num + 1;
1235 return 0;
1236}
1237
1238static int
1239add_durable_reconnect_v2_context(struct kvec *iov, unsigned int *num_iovec,
1240 struct cifs_open_parms *oparms)
1241{
1242 struct smb2_create_req *req = iov[0].iov_base;
1243 unsigned int num = *num_iovec;
1244
1245
1246 oparms->reconnect = false;
1247
1248 iov[num].iov_base = create_reconnect_durable_v2_buf(oparms->fid);
1249 if (iov[num].iov_base == NULL)
1250 return -ENOMEM;
1251 iov[num].iov_len = sizeof(struct create_durable_handle_reconnect_v2);
1252 if (!req->CreateContextsOffset)
1253 req->CreateContextsOffset =
1254 cpu_to_le32(sizeof(struct smb2_create_req) - 4 +
1255 iov[1].iov_len);
1256 le32_add_cpu(&req->CreateContextsLength,
1257 sizeof(struct create_durable_handle_reconnect_v2));
1258 inc_rfc1001_len(&req->hdr,
1259 sizeof(struct create_durable_handle_reconnect_v2));
1260 *num_iovec = num + 1;
1261 return 0;
1262}
1263
1264static int
1265add_durable_context(struct kvec *iov, unsigned int *num_iovec,
1266 struct cifs_open_parms *oparms, bool use_persistent)
1267{
1268 struct smb2_create_req *req = iov[0].iov_base;
1269 unsigned int num = *num_iovec;
1270
1271 if (use_persistent) {
1272 if (oparms->reconnect)
1273 return add_durable_reconnect_v2_context(iov, num_iovec,
1274 oparms);
1275 else
1276 return add_durable_v2_context(iov, num_iovec, oparms);
1277 }
1278
1279 if (oparms->reconnect) {
1280 iov[num].iov_base = create_reconnect_durable_buf(oparms->fid);
1281
1282 oparms->reconnect = false;
1283 } else
1284 iov[num].iov_base = create_durable_buf();
1285 if (iov[num].iov_base == NULL)
1286 return -ENOMEM;
1287 iov[num].iov_len = sizeof(struct create_durable);
1288 if (!req->CreateContextsOffset)
1289 req->CreateContextsOffset =
1290 cpu_to_le32(sizeof(struct smb2_create_req) - 4 +
1291 iov[1].iov_len);
1292 le32_add_cpu(&req->CreateContextsLength, sizeof(struct create_durable));
1293 inc_rfc1001_len(&req->hdr, sizeof(struct create_durable));
1294 *num_iovec = num + 1;
1295 return 0;
1296}
1297
1298int
1299SMB2_open(const unsigned int xid, struct cifs_open_parms *oparms, __le16 *path,
1300 __u8 *oplock, struct smb2_file_all_info *buf,
1301 struct smb2_err_rsp **err_buf)
1302{
1303 struct smb2_create_req *req;
1304 struct smb2_create_rsp *rsp;
1305 struct TCP_Server_Info *server;
1306 struct cifs_tcon *tcon = oparms->tcon;
1307 struct cifs_ses *ses = tcon->ses;
1308 struct kvec iov[4];
1309 int resp_buftype;
1310 int uni_path_len;
1311 __le16 *copy_path = NULL;
1312 int copy_size;
1313 int rc = 0;
1314 unsigned int num_iovecs = 2;
1315 __u32 file_attributes = 0;
1316 char *dhc_buf = NULL, *lc_buf = NULL;
1317
1318 cifs_dbg(FYI, "create/open\n");
1319
1320 if (ses && (ses->server))
1321 server = ses->server;
1322 else
1323 return -EIO;
1324
1325 rc = small_smb2_init(SMB2_CREATE, tcon, (void **) &req);
1326 if (rc)
1327 return rc;
1328
1329 if (oparms->create_options & CREATE_OPTION_READONLY)
1330 file_attributes |= ATTR_READONLY;
1331 if (oparms->create_options & CREATE_OPTION_SPECIAL)
1332 file_attributes |= ATTR_SYSTEM;
1333
1334 req->ImpersonationLevel = IL_IMPERSONATION;
1335 req->DesiredAccess = cpu_to_le32(oparms->desired_access);
1336
1337 req->FileAttributes = cpu_to_le32(file_attributes);
1338 req->ShareAccess = FILE_SHARE_ALL_LE;
1339 req->CreateDisposition = cpu_to_le32(oparms->disposition);
1340 req->CreateOptions = cpu_to_le32(oparms->create_options & CREATE_OPTIONS_MASK);
1341 uni_path_len = (2 * UniStrnlen((wchar_t *)path, PATH_MAX)) + 2;
1342
1343 req->NameOffset = cpu_to_le16(sizeof(struct smb2_create_req) - 4);
1344
1345 iov[0].iov_base = (char *)req;
1346
1347 iov[0].iov_len = get_rfc1002_length(req) + 4;
1348
1349
1350 req->NameLength = cpu_to_le16(uni_path_len - 2);
1351
1352 iov[0].iov_len--;
1353 if (uni_path_len % 8 != 0) {
1354 copy_size = uni_path_len / 8 * 8;
1355 if (copy_size < uni_path_len)
1356 copy_size += 8;
1357
1358 copy_path = kzalloc(copy_size, GFP_KERNEL);
1359 if (!copy_path)
1360 return -ENOMEM;
1361 memcpy((char *)copy_path, (const char *)path,
1362 uni_path_len);
1363 uni_path_len = copy_size;
1364 path = copy_path;
1365 }
1366
1367 iov[1].iov_len = uni_path_len;
1368 iov[1].iov_base = path;
1369
1370 inc_rfc1001_len(req, uni_path_len - 1);
1371
1372 if (!server->oplocks)
1373 *oplock = SMB2_OPLOCK_LEVEL_NONE;
1374
1375 if (!(server->capabilities & SMB2_GLOBAL_CAP_LEASING) ||
1376 *oplock == SMB2_OPLOCK_LEVEL_NONE)
1377 req->RequestedOplockLevel = *oplock;
1378 else {
1379 rc = add_lease_context(server, iov, &num_iovecs, oplock);
1380 if (rc) {
1381 cifs_small_buf_release(req);
1382 kfree(copy_path);
1383 return rc;
1384 }
1385 lc_buf = iov[num_iovecs-1].iov_base;
1386 }
1387
1388 if (*oplock == SMB2_OPLOCK_LEVEL_BATCH) {
1389
1390 if (server->capabilities & SMB2_GLOBAL_CAP_LEASING) {
1391 struct create_context *ccontext =
1392 (struct create_context *)iov[num_iovecs-1].iov_base;
1393 ccontext->Next =
1394 cpu_to_le32(server->vals->create_lease_size);
1395 }
1396
1397 rc = add_durable_context(iov, &num_iovecs, oparms,
1398 tcon->use_persistent);
1399 if (rc) {
1400 cifs_small_buf_release(req);
1401 kfree(copy_path);
1402 kfree(lc_buf);
1403 return rc;
1404 }
1405 dhc_buf = iov[num_iovecs-1].iov_base;
1406 }
1407
1408 rc = SendReceive2(xid, ses, iov, num_iovecs, &resp_buftype, 0);
1409 rsp = (struct smb2_create_rsp *)iov[0].iov_base;
1410
1411 if (rc != 0) {
1412 cifs_stats_fail_inc(tcon, SMB2_CREATE_HE);
1413 if (err_buf)
1414 *err_buf = kmemdup(rsp, get_rfc1002_length(rsp) + 4,
1415 GFP_KERNEL);
1416 goto creat_exit;
1417 }
1418
1419 oparms->fid->persistent_fid = rsp->PersistentFileId;
1420 oparms->fid->volatile_fid = rsp->VolatileFileId;
1421
1422 if (buf) {
1423 memcpy(buf, &rsp->CreationTime, 32);
1424 buf->AllocationSize = rsp->AllocationSize;
1425 buf->EndOfFile = rsp->EndofFile;
1426 buf->Attributes = rsp->FileAttributes;
1427 buf->NumberOfLinks = cpu_to_le32(1);
1428 buf->DeletePending = 0;
1429 }
1430
1431 if (rsp->OplockLevel == SMB2_OPLOCK_LEVEL_LEASE)
1432 *oplock = parse_lease_state(server, rsp, &oparms->fid->epoch);
1433 else
1434 *oplock = rsp->OplockLevel;
1435creat_exit:
1436 kfree(copy_path);
1437 kfree(lc_buf);
1438 kfree(dhc_buf);
1439 free_rsp_buf(resp_buftype, rsp);
1440 return rc;
1441}
1442
1443
1444
1445
1446int
1447SMB2_ioctl(const unsigned int xid, struct cifs_tcon *tcon, u64 persistent_fid,
1448 u64 volatile_fid, u32 opcode, bool is_fsctl, char *in_data,
1449 u32 indatalen, char **out_data, u32 *plen )
1450{
1451 struct smb2_ioctl_req *req;
1452 struct smb2_ioctl_rsp *rsp;
1453 struct TCP_Server_Info *server;
1454 struct cifs_ses *ses;
1455 struct kvec iov[2];
1456 int resp_buftype;
1457 int num_iovecs;
1458 int rc = 0;
1459
1460 cifs_dbg(FYI, "SMB2 IOCTL\n");
1461
1462 if (out_data != NULL)
1463 *out_data = NULL;
1464
1465
1466 if (plen)
1467 *plen = 0;
1468
1469 if (tcon)
1470 ses = tcon->ses;
1471 else
1472 return -EIO;
1473
1474 if (ses && (ses->server))
1475 server = ses->server;
1476 else
1477 return -EIO;
1478
1479 rc = small_smb2_init(SMB2_IOCTL, tcon, (void **) &req);
1480 if (rc)
1481 return rc;
1482
1483 req->CtlCode = cpu_to_le32(opcode);
1484 req->PersistentFileId = persistent_fid;
1485 req->VolatileFileId = volatile_fid;
1486
1487 if (indatalen) {
1488 req->InputCount = cpu_to_le32(indatalen);
1489
1490 req->InputOffset =
1491 cpu_to_le32(offsetof(struct smb2_ioctl_req, Buffer) - 4);
1492 iov[1].iov_base = in_data;
1493 iov[1].iov_len = indatalen;
1494 num_iovecs = 2;
1495 } else
1496 num_iovecs = 1;
1497
1498 req->OutputOffset = 0;
1499 req->OutputCount = 0;
1500
1501
1502
1503
1504
1505
1506
1507 req->MaxOutputResponse = cpu_to_le32(0xFF00);
1508
1509 if (is_fsctl)
1510 req->Flags = cpu_to_le32(SMB2_0_IOCTL_IS_FSCTL);
1511 else
1512 req->Flags = 0;
1513
1514 iov[0].iov_base = (char *)req;
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526 if (indatalen) {
1527 iov[0].iov_len = get_rfc1002_length(req) + 4 - 1;
1528 inc_rfc1001_len(req, indatalen - 1);
1529 } else
1530 iov[0].iov_len = get_rfc1002_length(req) + 4;
1531
1532
1533 rc = SendReceive2(xid, ses, iov, num_iovecs, &resp_buftype, 0);
1534 rsp = (struct smb2_ioctl_rsp *)iov[0].iov_base;
1535
1536 if ((rc != 0) && (rc != -EINVAL)) {
1537 cifs_stats_fail_inc(tcon, SMB2_IOCTL_HE);
1538 goto ioctl_exit;
1539 } else if (rc == -EINVAL) {
1540 if ((opcode != FSCTL_SRV_COPYCHUNK_WRITE) &&
1541 (opcode != FSCTL_SRV_COPYCHUNK)) {
1542 cifs_stats_fail_inc(tcon, SMB2_IOCTL_HE);
1543 goto ioctl_exit;
1544 }
1545 }
1546
1547
1548 if ((plen == NULL) || (out_data == NULL))
1549 goto ioctl_exit;
1550
1551 *plen = le32_to_cpu(rsp->OutputCount);
1552
1553
1554 if (*plen == 0)
1555 goto ioctl_exit;
1556 else if (*plen > 0xFF00) {
1557 cifs_dbg(VFS, "srv returned invalid ioctl length: %d\n", *plen);
1558 *plen = 0;
1559 rc = -EIO;
1560 goto ioctl_exit;
1561 }
1562
1563 if (get_rfc1002_length(rsp) < le32_to_cpu(rsp->OutputOffset) + *plen) {
1564 cifs_dbg(VFS, "Malformed ioctl resp: len %d offset %d\n", *plen,
1565 le32_to_cpu(rsp->OutputOffset));
1566 *plen = 0;
1567 rc = -EIO;
1568 goto ioctl_exit;
1569 }
1570
1571 *out_data = kmalloc(*plen, GFP_KERNEL);
1572 if (*out_data == NULL) {
1573 rc = -ENOMEM;
1574 goto ioctl_exit;
1575 }
1576
1577 memcpy(*out_data,
1578 (char *)&rsp->hdr.ProtocolId + le32_to_cpu(rsp->OutputOffset),
1579 *plen);
1580ioctl_exit:
1581 free_rsp_buf(resp_buftype, rsp);
1582 return rc;
1583}
1584
1585
1586
1587
1588
1589int
1590SMB2_set_compression(const unsigned int xid, struct cifs_tcon *tcon,
1591 u64 persistent_fid, u64 volatile_fid)
1592{
1593 int rc;
1594 struct compress_ioctl fsctl_input;
1595 char *ret_data = NULL;
1596
1597 fsctl_input.CompressionState =
1598 cpu_to_le16(COMPRESSION_FORMAT_DEFAULT);
1599
1600 rc = SMB2_ioctl(xid, tcon, persistent_fid, volatile_fid,
1601 FSCTL_SET_COMPRESSION, true ,
1602 (char *)&fsctl_input ,
1603 2 , &ret_data , NULL);
1604
1605 cifs_dbg(FYI, "set compression rc %d\n", rc);
1606
1607 return rc;
1608}
1609
1610int
1611SMB2_close(const unsigned int xid, struct cifs_tcon *tcon,
1612 u64 persistent_fid, u64 volatile_fid)
1613{
1614 struct smb2_close_req *req;
1615 struct smb2_close_rsp *rsp;
1616 struct TCP_Server_Info *server;
1617 struct cifs_ses *ses = tcon->ses;
1618 struct kvec iov[1];
1619 int resp_buftype;
1620 int rc = 0;
1621
1622 cifs_dbg(FYI, "Close\n");
1623
1624 if (ses && (ses->server))
1625 server = ses->server;
1626 else
1627 return -EIO;
1628
1629 rc = small_smb2_init(SMB2_CLOSE, tcon, (void **) &req);
1630 if (rc)
1631 return rc;
1632
1633 req->PersistentFileId = persistent_fid;
1634 req->VolatileFileId = volatile_fid;
1635
1636 iov[0].iov_base = (char *)req;
1637
1638 iov[0].iov_len = get_rfc1002_length(req) + 4;
1639
1640 rc = SendReceive2(xid, ses, iov, 1, &resp_buftype, 0);
1641 rsp = (struct smb2_close_rsp *)iov[0].iov_base;
1642
1643 if (rc != 0) {
1644 cifs_stats_fail_inc(tcon, SMB2_CLOSE_HE);
1645 goto close_exit;
1646 }
1647
1648
1649
1650close_exit:
1651 free_rsp_buf(resp_buftype, rsp);
1652 return rc;
1653}
1654
1655static int
1656validate_buf(unsigned int offset, unsigned int buffer_length,
1657 struct smb2_hdr *hdr, unsigned int min_buf_size)
1658
1659{
1660 unsigned int smb_len = be32_to_cpu(hdr->smb2_buf_length);
1661 char *end_of_smb = smb_len + 4 + (char *)hdr;
1662 char *begin_of_buf = 4 + offset + (char *)hdr;
1663 char *end_of_buf = begin_of_buf + buffer_length;
1664
1665
1666 if (buffer_length < min_buf_size) {
1667 cifs_dbg(VFS, "buffer length %d smaller than minimum size %d\n",
1668 buffer_length, min_buf_size);
1669 return -EINVAL;
1670 }
1671
1672
1673 if ((smb_len > 0x7FFFFF) || (buffer_length > 0x7FFFFF)) {
1674 cifs_dbg(VFS, "buffer length %d or smb length %d too large\n",
1675 buffer_length, smb_len);
1676 return -EINVAL;
1677 }
1678
1679 if ((begin_of_buf > end_of_smb) || (end_of_buf > end_of_smb)) {
1680 cifs_dbg(VFS, "illegal server response, bad offset to data\n");
1681 return -EINVAL;
1682 }
1683
1684 return 0;
1685}
1686
1687
1688
1689
1690
1691static int
1692validate_and_copy_buf(unsigned int offset, unsigned int buffer_length,
1693 struct smb2_hdr *hdr, unsigned int minbufsize,
1694 char *data)
1695
1696{
1697 char *begin_of_buf = 4 + offset + (char *)hdr;
1698 int rc;
1699
1700 if (!data)
1701 return -EINVAL;
1702
1703 rc = validate_buf(offset, buffer_length, hdr, minbufsize);
1704 if (rc)
1705 return rc;
1706
1707 memcpy(data, begin_of_buf, buffer_length);
1708
1709 return 0;
1710}
1711
1712static int
1713query_info(const unsigned int xid, struct cifs_tcon *tcon,
1714 u64 persistent_fid, u64 volatile_fid, u8 info_class,
1715 size_t output_len, size_t min_len, void *data)
1716{
1717 struct smb2_query_info_req *req;
1718 struct smb2_query_info_rsp *rsp = NULL;
1719 struct kvec iov[2];
1720 int rc = 0;
1721 int resp_buftype;
1722 struct TCP_Server_Info *server;
1723 struct cifs_ses *ses = tcon->ses;
1724
1725 cifs_dbg(FYI, "Query Info\n");
1726
1727 if (ses && (ses->server))
1728 server = ses->server;
1729 else
1730 return -EIO;
1731
1732 rc = small_smb2_init(SMB2_QUERY_INFO, tcon, (void **) &req);
1733 if (rc)
1734 return rc;
1735
1736 req->InfoType = SMB2_O_INFO_FILE;
1737 req->FileInfoClass = info_class;
1738 req->PersistentFileId = persistent_fid;
1739 req->VolatileFileId = volatile_fid;
1740
1741 req->InputBufferOffset =
1742 cpu_to_le16(sizeof(struct smb2_query_info_req) - 1 - 4);
1743 req->OutputBufferLength = cpu_to_le32(output_len);
1744
1745 iov[0].iov_base = (char *)req;
1746
1747 iov[0].iov_len = get_rfc1002_length(req) + 4;
1748
1749 rc = SendReceive2(xid, ses, iov, 1, &resp_buftype, 0);
1750 rsp = (struct smb2_query_info_rsp *)iov[0].iov_base;
1751
1752 if (rc) {
1753 cifs_stats_fail_inc(tcon, SMB2_QUERY_INFO_HE);
1754 goto qinf_exit;
1755 }
1756
1757 rc = validate_and_copy_buf(le16_to_cpu(rsp->OutputBufferOffset),
1758 le32_to_cpu(rsp->OutputBufferLength),
1759 &rsp->hdr, min_len, data);
1760
1761qinf_exit:
1762 free_rsp_buf(resp_buftype, rsp);
1763 return rc;
1764}
1765
1766int
1767SMB2_query_info(const unsigned int xid, struct cifs_tcon *tcon,
1768 u64 persistent_fid, u64 volatile_fid,
1769 struct smb2_file_all_info *data)
1770{
1771 return query_info(xid, tcon, persistent_fid, volatile_fid,
1772 FILE_ALL_INFORMATION,
1773 sizeof(struct smb2_file_all_info) + PATH_MAX * 2,
1774 sizeof(struct smb2_file_all_info), data);
1775}
1776
1777int
1778SMB2_get_srv_num(const unsigned int xid, struct cifs_tcon *tcon,
1779 u64 persistent_fid, u64 volatile_fid, __le64 *uniqueid)
1780{
1781 return query_info(xid, tcon, persistent_fid, volatile_fid,
1782 FILE_INTERNAL_INFORMATION,
1783 sizeof(struct smb2_file_internal_info),
1784 sizeof(struct smb2_file_internal_info), uniqueid);
1785}
1786
1787
1788
1789
1790
1791
1792
1793
1794static void
1795smb2_echo_callback(struct mid_q_entry *mid)
1796{
1797 struct TCP_Server_Info *server = mid->callback_data;
1798 struct smb2_echo_rsp *smb2 = (struct smb2_echo_rsp *)mid->resp_buf;
1799 unsigned int credits_received = 1;
1800
1801 if (mid->mid_state == MID_RESPONSE_RECEIVED)
1802 credits_received = le16_to_cpu(smb2->hdr.CreditRequest);
1803
1804 mutex_lock(&server->srv_mutex);
1805 DeleteMidQEntry(mid);
1806 mutex_unlock(&server->srv_mutex);
1807 add_credits(server, credits_received, CIFS_ECHO_OP);
1808}
1809
1810int
1811SMB2_echo(struct TCP_Server_Info *server)
1812{
1813 struct smb2_echo_req *req;
1814 int rc = 0;
1815 struct kvec iov;
1816 struct smb_rqst rqst = { .rq_iov = &iov,
1817 .rq_nvec = 1 };
1818
1819 cifs_dbg(FYI, "In echo request\n");
1820
1821 rc = small_smb2_init(SMB2_ECHO, NULL, (void **)&req);
1822 if (rc)
1823 return rc;
1824
1825 req->hdr.CreditRequest = cpu_to_le16(1);
1826
1827 iov.iov_base = (char *)req;
1828
1829 iov.iov_len = get_rfc1002_length(req) + 4;
1830
1831 rc = cifs_call_async(server, &rqst, NULL, smb2_echo_callback, server,
1832 CIFS_ECHO_OP);
1833 if (rc)
1834 cifs_dbg(FYI, "Echo request failed: %d\n", rc);
1835
1836 cifs_small_buf_release(req);
1837 return rc;
1838}
1839
1840int
1841SMB2_flush(const unsigned int xid, struct cifs_tcon *tcon, u64 persistent_fid,
1842 u64 volatile_fid)
1843{
1844 struct smb2_flush_req *req;
1845 struct TCP_Server_Info *server;
1846 struct cifs_ses *ses = tcon->ses;
1847 struct kvec iov[1];
1848 int resp_buftype;
1849 int rc = 0;
1850
1851 cifs_dbg(FYI, "Flush\n");
1852
1853 if (ses && (ses->server))
1854 server = ses->server;
1855 else
1856 return -EIO;
1857
1858 rc = small_smb2_init(SMB2_FLUSH, tcon, (void **) &req);
1859 if (rc)
1860 return rc;
1861
1862 req->PersistentFileId = persistent_fid;
1863 req->VolatileFileId = volatile_fid;
1864
1865 iov[0].iov_base = (char *)req;
1866
1867 iov[0].iov_len = get_rfc1002_length(req) + 4;
1868
1869 rc = SendReceive2(xid, ses, iov, 1, &resp_buftype, 0);
1870
1871 if (rc != 0)
1872 cifs_stats_fail_inc(tcon, SMB2_FLUSH_HE);
1873
1874 free_rsp_buf(resp_buftype, iov[0].iov_base);
1875 return rc;
1876}
1877
1878
1879
1880
1881
1882static int
1883smb2_new_read_req(struct kvec *iov, struct cifs_io_parms *io_parms,
1884 unsigned int remaining_bytes, int request_type)
1885{
1886 int rc = -EACCES;
1887 struct smb2_read_req *req = NULL;
1888
1889 rc = small_smb2_init(SMB2_READ, io_parms->tcon, (void **) &req);
1890 if (rc)
1891 return rc;
1892 if (io_parms->tcon->ses->server == NULL)
1893 return -ECONNABORTED;
1894
1895 req->hdr.ProcessId = cpu_to_le32(io_parms->pid);
1896
1897 req->PersistentFileId = io_parms->persistent_fid;
1898 req->VolatileFileId = io_parms->volatile_fid;
1899 req->ReadChannelInfoOffset = 0;
1900 req->ReadChannelInfoLength = 0;
1901 req->Channel = 0;
1902 req->MinimumCount = 0;
1903 req->Length = cpu_to_le32(io_parms->length);
1904 req->Offset = cpu_to_le64(io_parms->offset);
1905
1906 if (request_type & CHAINED_REQUEST) {
1907 if (!(request_type & END_OF_CHAIN)) {
1908
1909 req->hdr.NextCommand =
1910 cpu_to_le32(get_rfc1002_length(req) + 4);
1911 } else
1912 req->hdr.NextCommand = 0;
1913 if (request_type & RELATED_REQUEST) {
1914 req->hdr.Flags |= SMB2_FLAGS_RELATED_OPERATIONS;
1915
1916
1917
1918
1919 req->hdr.SessionId = 0xFFFFFFFF;
1920 req->hdr.TreeId = 0xFFFFFFFF;
1921 req->PersistentFileId = 0xFFFFFFFF;
1922 req->VolatileFileId = 0xFFFFFFFF;
1923 }
1924 }
1925 if (remaining_bytes > io_parms->length)
1926 req->RemainingBytes = cpu_to_le32(remaining_bytes);
1927 else
1928 req->RemainingBytes = 0;
1929
1930 iov[0].iov_base = (char *)req;
1931
1932 iov[0].iov_len = get_rfc1002_length(req) + 4;
1933 return rc;
1934}
1935
1936static void
1937smb2_readv_callback(struct mid_q_entry *mid)
1938{
1939 struct cifs_readdata *rdata = mid->callback_data;
1940 struct cifs_tcon *tcon = tlink_tcon(rdata->cfile->tlink);
1941 struct TCP_Server_Info *server = tcon->ses->server;
1942 struct smb2_hdr *buf = (struct smb2_hdr *)rdata->iov.iov_base;
1943 unsigned int credits_received = 1;
1944 struct smb_rqst rqst = { .rq_iov = &rdata->iov,
1945 .rq_nvec = 1,
1946 .rq_pages = rdata->pages,
1947 .rq_npages = rdata->nr_pages,
1948 .rq_pagesz = rdata->pagesz,
1949 .rq_tailsz = rdata->tailsz };
1950
1951 cifs_dbg(FYI, "%s: mid=%llu state=%d result=%d bytes=%u\n",
1952 __func__, mid->mid, mid->mid_state, rdata->result,
1953 rdata->bytes);
1954
1955 switch (mid->mid_state) {
1956 case MID_RESPONSE_RECEIVED:
1957 credits_received = le16_to_cpu(buf->CreditRequest);
1958
1959 if (server->sign) {
1960 int rc;
1961
1962 rc = smb2_verify_signature(&rqst, server);
1963 if (rc)
1964 cifs_dbg(VFS, "SMB signature verification returned error = %d\n",
1965 rc);
1966 }
1967
1968 task_io_account_read(rdata->got_bytes);
1969 cifs_stats_bytes_read(tcon, rdata->got_bytes);
1970 break;
1971 case MID_REQUEST_SUBMITTED:
1972 case MID_RETRY_NEEDED:
1973 rdata->result = -EAGAIN;
1974 if (server->sign && rdata->got_bytes)
1975
1976 rdata->got_bytes = 0;
1977
1978 task_io_account_read(rdata->got_bytes);
1979 cifs_stats_bytes_read(tcon, rdata->got_bytes);
1980 break;
1981 default:
1982 if (rdata->result != -ENODATA)
1983 rdata->result = -EIO;
1984 }
1985
1986 if (rdata->result)
1987 cifs_stats_fail_inc(tcon, SMB2_READ_HE);
1988
1989 queue_work(cifsiod_wq, &rdata->work);
1990 mutex_lock(&server->srv_mutex);
1991 DeleteMidQEntry(mid);
1992 mutex_unlock(&server->srv_mutex);
1993 add_credits(server, credits_received, 0);
1994}
1995
1996
1997int
1998smb2_async_readv(struct cifs_readdata *rdata)
1999{
2000 int rc, flags = 0;
2001 struct smb2_hdr *buf;
2002 struct cifs_io_parms io_parms;
2003 struct smb_rqst rqst = { .rq_iov = &rdata->iov,
2004 .rq_nvec = 1 };
2005 struct TCP_Server_Info *server;
2006
2007 cifs_dbg(FYI, "%s: offset=%llu bytes=%u\n",
2008 __func__, rdata->offset, rdata->bytes);
2009
2010 io_parms.tcon = tlink_tcon(rdata->cfile->tlink);
2011 io_parms.offset = rdata->offset;
2012 io_parms.length = rdata->bytes;
2013 io_parms.persistent_fid = rdata->cfile->fid.persistent_fid;
2014 io_parms.volatile_fid = rdata->cfile->fid.volatile_fid;
2015 io_parms.pid = rdata->pid;
2016
2017 server = io_parms.tcon->ses->server;
2018
2019 rc = smb2_new_read_req(&rdata->iov, &io_parms, 0, 0);
2020 if (rc) {
2021 if (rc == -EAGAIN && rdata->credits) {
2022
2023 rdata->credits = 0;
2024
2025 spin_lock(&server->req_lock);
2026 server->in_flight--;
2027 spin_unlock(&server->req_lock);
2028 }
2029 return rc;
2030 }
2031
2032 buf = (struct smb2_hdr *)rdata->iov.iov_base;
2033
2034 rdata->iov.iov_len = get_rfc1002_length(rdata->iov.iov_base) + 4;
2035
2036 if (rdata->credits) {
2037 buf->CreditCharge = cpu_to_le16(DIV_ROUND_UP(rdata->bytes,
2038 SMB2_MAX_BUFFER_SIZE));
2039 spin_lock(&server->req_lock);
2040 server->credits += rdata->credits -
2041 le16_to_cpu(buf->CreditCharge);
2042 spin_unlock(&server->req_lock);
2043 wake_up(&server->request_q);
2044 flags = CIFS_HAS_CREDITS;
2045 }
2046
2047 kref_get(&rdata->refcount);
2048 rc = cifs_call_async(io_parms.tcon->ses->server, &rqst,
2049 cifs_readv_receive, smb2_readv_callback,
2050 rdata, flags);
2051 if (rc) {
2052 kref_put(&rdata->refcount, cifs_readdata_release);
2053 cifs_stats_fail_inc(io_parms.tcon, SMB2_READ_HE);
2054 }
2055
2056 cifs_small_buf_release(buf);
2057 return rc;
2058}
2059
2060int
2061SMB2_read(const unsigned int xid, struct cifs_io_parms *io_parms,
2062 unsigned int *nbytes, char **buf, int *buf_type)
2063{
2064 int resp_buftype, rc = -EACCES;
2065 struct smb2_read_rsp *rsp = NULL;
2066 struct kvec iov[1];
2067
2068 *nbytes = 0;
2069 rc = smb2_new_read_req(iov, io_parms, 0, 0);
2070 if (rc)
2071 return rc;
2072
2073 rc = SendReceive2(xid, io_parms->tcon->ses, iov, 1,
2074 &resp_buftype, CIFS_LOG_ERROR);
2075
2076 rsp = (struct smb2_read_rsp *)iov[0].iov_base;
2077
2078 if (rsp->hdr.Status == STATUS_END_OF_FILE) {
2079 free_rsp_buf(resp_buftype, iov[0].iov_base);
2080 return 0;
2081 }
2082
2083 if (rc) {
2084 cifs_stats_fail_inc(io_parms->tcon, SMB2_READ_HE);
2085 cifs_dbg(VFS, "Send error in read = %d\n", rc);
2086 } else {
2087 *nbytes = le32_to_cpu(rsp->DataLength);
2088 if ((*nbytes > CIFS_MAX_MSGSIZE) ||
2089 (*nbytes > io_parms->length)) {
2090 cifs_dbg(FYI, "bad length %d for count %d\n",
2091 *nbytes, io_parms->length);
2092 rc = -EIO;
2093 *nbytes = 0;
2094 }
2095 }
2096
2097 if (*buf) {
2098 memcpy(*buf, (char *)&rsp->hdr.ProtocolId + rsp->DataOffset,
2099 *nbytes);
2100 free_rsp_buf(resp_buftype, iov[0].iov_base);
2101 } else if (resp_buftype != CIFS_NO_BUFFER) {
2102 *buf = iov[0].iov_base;
2103 if (resp_buftype == CIFS_SMALL_BUFFER)
2104 *buf_type = CIFS_SMALL_BUFFER;
2105 else if (resp_buftype == CIFS_LARGE_BUFFER)
2106 *buf_type = CIFS_LARGE_BUFFER;
2107 }
2108 return rc;
2109}
2110
2111
2112
2113
2114
2115static void
2116smb2_writev_callback(struct mid_q_entry *mid)
2117{
2118 struct cifs_writedata *wdata = mid->callback_data;
2119 struct cifs_tcon *tcon = tlink_tcon(wdata->cfile->tlink);
2120 struct TCP_Server_Info *server = tcon->ses->server;
2121 unsigned int written;
2122 struct smb2_write_rsp *rsp = (struct smb2_write_rsp *)mid->resp_buf;
2123 unsigned int credits_received = 1;
2124
2125 switch (mid->mid_state) {
2126 case MID_RESPONSE_RECEIVED:
2127 credits_received = le16_to_cpu(rsp->hdr.CreditRequest);
2128 wdata->result = smb2_check_receive(mid, tcon->ses->server, 0);
2129 if (wdata->result != 0)
2130 break;
2131
2132 written = le32_to_cpu(rsp->DataLength);
2133
2134
2135
2136
2137
2138
2139 if (written > wdata->bytes)
2140 written &= 0xFFFF;
2141
2142 if (written < wdata->bytes)
2143 wdata->result = -ENOSPC;
2144 else
2145 wdata->bytes = written;
2146 break;
2147 case MID_REQUEST_SUBMITTED:
2148 case MID_RETRY_NEEDED:
2149 wdata->result = -EAGAIN;
2150 break;
2151 default:
2152 wdata->result = -EIO;
2153 break;
2154 }
2155
2156 if (wdata->result)
2157 cifs_stats_fail_inc(tcon, SMB2_WRITE_HE);
2158
2159 queue_work(cifsiod_wq, &wdata->work);
2160 mutex_lock(&server->srv_mutex);
2161 DeleteMidQEntry(mid);
2162 mutex_unlock(&server->srv_mutex);
2163 add_credits(tcon->ses->server, credits_received, 0);
2164}
2165
2166
2167int
2168smb2_async_writev(struct cifs_writedata *wdata,
2169 void (*release)(struct kref *kref))
2170{
2171 int rc = -EACCES, flags = 0;
2172 struct smb2_write_req *req = NULL;
2173 struct cifs_tcon *tcon = tlink_tcon(wdata->cfile->tlink);
2174 struct TCP_Server_Info *server = tcon->ses->server;
2175 struct kvec iov;
2176 struct smb_rqst rqst;
2177
2178 rc = small_smb2_init(SMB2_WRITE, tcon, (void **) &req);
2179 if (rc) {
2180 if (rc == -EAGAIN && wdata->credits) {
2181
2182 wdata->credits = 0;
2183
2184 spin_lock(&server->req_lock);
2185 server->in_flight--;
2186 spin_unlock(&server->req_lock);
2187 }
2188 goto async_writev_out;
2189 }
2190
2191 req->hdr.ProcessId = cpu_to_le32(wdata->cfile->pid);
2192
2193 req->PersistentFileId = wdata->cfile->fid.persistent_fid;
2194 req->VolatileFileId = wdata->cfile->fid.volatile_fid;
2195 req->WriteChannelInfoOffset = 0;
2196 req->WriteChannelInfoLength = 0;
2197 req->Channel = 0;
2198 req->Offset = cpu_to_le64(wdata->offset);
2199
2200 req->DataOffset = cpu_to_le16(
2201 offsetof(struct smb2_write_req, Buffer) - 4);
2202 req->RemainingBytes = 0;
2203
2204
2205 iov.iov_len = get_rfc1002_length(req) + 4 - 1;
2206 iov.iov_base = req;
2207
2208 rqst.rq_iov = &iov;
2209 rqst.rq_nvec = 1;
2210 rqst.rq_pages = wdata->pages;
2211 rqst.rq_npages = wdata->nr_pages;
2212 rqst.rq_pagesz = wdata->pagesz;
2213 rqst.rq_tailsz = wdata->tailsz;
2214
2215 cifs_dbg(FYI, "async write at %llu %u bytes\n",
2216 wdata->offset, wdata->bytes);
2217
2218 req->Length = cpu_to_le32(wdata->bytes);
2219
2220 inc_rfc1001_len(&req->hdr, wdata->bytes - 1 );
2221
2222 if (wdata->credits) {
2223 req->hdr.CreditCharge = cpu_to_le16(DIV_ROUND_UP(wdata->bytes,
2224 SMB2_MAX_BUFFER_SIZE));
2225 spin_lock(&server->req_lock);
2226 server->credits += wdata->credits -
2227 le16_to_cpu(req->hdr.CreditCharge);
2228 spin_unlock(&server->req_lock);
2229 wake_up(&server->request_q);
2230 flags = CIFS_HAS_CREDITS;
2231 }
2232
2233 kref_get(&wdata->refcount);
2234 rc = cifs_call_async(server, &rqst, NULL, smb2_writev_callback, wdata,
2235 flags);
2236
2237 if (rc) {
2238 kref_put(&wdata->refcount, release);
2239 cifs_stats_fail_inc(tcon, SMB2_WRITE_HE);
2240 }
2241
2242async_writev_out:
2243 cifs_small_buf_release(req);
2244 return rc;
2245}
2246
2247
2248
2249
2250
2251
2252
2253int
2254SMB2_write(const unsigned int xid, struct cifs_io_parms *io_parms,
2255 unsigned int *nbytes, struct kvec *iov, int n_vec)
2256{
2257 int rc = 0;
2258 struct smb2_write_req *req = NULL;
2259 struct smb2_write_rsp *rsp = NULL;
2260 int resp_buftype;
2261 *nbytes = 0;
2262
2263 if (n_vec < 1)
2264 return rc;
2265
2266 rc = small_smb2_init(SMB2_WRITE, io_parms->tcon, (void **) &req);
2267 if (rc)
2268 return rc;
2269
2270 if (io_parms->tcon->ses->server == NULL)
2271 return -ECONNABORTED;
2272
2273 req->hdr.ProcessId = cpu_to_le32(io_parms->pid);
2274
2275 req->PersistentFileId = io_parms->persistent_fid;
2276 req->VolatileFileId = io_parms->volatile_fid;
2277 req->WriteChannelInfoOffset = 0;
2278 req->WriteChannelInfoLength = 0;
2279 req->Channel = 0;
2280 req->Length = cpu_to_le32(io_parms->length);
2281 req->Offset = cpu_to_le64(io_parms->offset);
2282
2283 req->DataOffset = cpu_to_le16(
2284 offsetof(struct smb2_write_req, Buffer) - 4);
2285 req->RemainingBytes = 0;
2286
2287 iov[0].iov_base = (char *)req;
2288
2289 iov[0].iov_len = get_rfc1002_length(req) + 4 - 1;
2290
2291
2292 inc_rfc1001_len(req, io_parms->length - 1 );
2293
2294 rc = SendReceive2(xid, io_parms->tcon->ses, iov, n_vec + 1,
2295 &resp_buftype, 0);
2296 rsp = (struct smb2_write_rsp *)iov[0].iov_base;
2297
2298 if (rc) {
2299 cifs_stats_fail_inc(io_parms->tcon, SMB2_WRITE_HE);
2300 cifs_dbg(VFS, "Send error in write = %d\n", rc);
2301 } else
2302 *nbytes = le32_to_cpu(rsp->DataLength);
2303
2304 free_rsp_buf(resp_buftype, rsp);
2305 return rc;
2306}
2307
2308static unsigned int
2309num_entries(char *bufstart, char *end_of_buf, char **lastentry, size_t size)
2310{
2311 int len;
2312 unsigned int entrycount = 0;
2313 unsigned int next_offset = 0;
2314 FILE_DIRECTORY_INFO *entryptr;
2315
2316 if (bufstart == NULL)
2317 return 0;
2318
2319 entryptr = (FILE_DIRECTORY_INFO *)bufstart;
2320
2321 while (1) {
2322 entryptr = (FILE_DIRECTORY_INFO *)
2323 ((char *)entryptr + next_offset);
2324
2325 if ((char *)entryptr + size > end_of_buf) {
2326 cifs_dbg(VFS, "malformed search entry would overflow\n");
2327 break;
2328 }
2329
2330 len = le32_to_cpu(entryptr->FileNameLength);
2331 if ((char *)entryptr + len + size > end_of_buf) {
2332 cifs_dbg(VFS, "directory entry name would overflow frame end of buf %p\n",
2333 end_of_buf);
2334 break;
2335 }
2336
2337 *lastentry = (char *)entryptr;
2338 entrycount++;
2339
2340 next_offset = le32_to_cpu(entryptr->NextEntryOffset);
2341 if (!next_offset)
2342 break;
2343 }
2344
2345 return entrycount;
2346}
2347
2348
2349
2350
2351int
2352SMB2_query_directory(const unsigned int xid, struct cifs_tcon *tcon,
2353 u64 persistent_fid, u64 volatile_fid, int index,
2354 struct cifs_search_info *srch_inf)
2355{
2356 struct smb2_query_directory_req *req;
2357 struct smb2_query_directory_rsp *rsp = NULL;
2358 struct kvec iov[2];
2359 int rc = 0;
2360 int len;
2361 int resp_buftype = CIFS_NO_BUFFER;
2362 unsigned char *bufptr;
2363 struct TCP_Server_Info *server;
2364 struct cifs_ses *ses = tcon->ses;
2365 __le16 asteriks = cpu_to_le16('*');
2366 char *end_of_smb;
2367 unsigned int output_size = CIFSMaxBufSize;
2368 size_t info_buf_size;
2369
2370 if (ses && (ses->server))
2371 server = ses->server;
2372 else
2373 return -EIO;
2374
2375 rc = small_smb2_init(SMB2_QUERY_DIRECTORY, tcon, (void **) &req);
2376 if (rc)
2377 return rc;
2378
2379 switch (srch_inf->info_level) {
2380 case SMB_FIND_FILE_DIRECTORY_INFO:
2381 req->FileInformationClass = FILE_DIRECTORY_INFORMATION;
2382 info_buf_size = sizeof(FILE_DIRECTORY_INFO) - 1;
2383 break;
2384 case SMB_FIND_FILE_ID_FULL_DIR_INFO:
2385 req->FileInformationClass = FILEID_FULL_DIRECTORY_INFORMATION;
2386 info_buf_size = sizeof(SEARCH_ID_FULL_DIR_INFO) - 1;
2387 break;
2388 default:
2389 cifs_dbg(VFS, "info level %u isn't supported\n",
2390 srch_inf->info_level);
2391 rc = -EINVAL;
2392 goto qdir_exit;
2393 }
2394
2395 req->FileIndex = cpu_to_le32(index);
2396 req->PersistentFileId = persistent_fid;
2397 req->VolatileFileId = volatile_fid;
2398
2399 len = 0x2;
2400 bufptr = req->Buffer;
2401 memcpy(bufptr, &asteriks, len);
2402
2403 req->FileNameOffset =
2404 cpu_to_le16(sizeof(struct smb2_query_directory_req) - 1 - 4);
2405 req->FileNameLength = cpu_to_le16(len);
2406
2407
2408
2409
2410 output_size = min_t(unsigned int, output_size, server->maxBuf);
2411 output_size = min_t(unsigned int, output_size, 2 << 15);
2412 req->OutputBufferLength = cpu_to_le32(output_size);
2413
2414 iov[0].iov_base = (char *)req;
2415
2416 iov[0].iov_len = get_rfc1002_length(req) + 4 - 1;
2417
2418 iov[1].iov_base = (char *)(req->Buffer);
2419 iov[1].iov_len = len;
2420
2421 inc_rfc1001_len(req, len - 1 );
2422
2423 rc = SendReceive2(xid, ses, iov, 2, &resp_buftype, 0);
2424 rsp = (struct smb2_query_directory_rsp *)iov[0].iov_base;
2425
2426 if (rc) {
2427 if (rc == -ENODATA && rsp->hdr.Status == STATUS_NO_MORE_FILES) {
2428 srch_inf->endOfSearch = true;
2429 rc = 0;
2430 }
2431 cifs_stats_fail_inc(tcon, SMB2_QUERY_DIRECTORY_HE);
2432 goto qdir_exit;
2433 }
2434
2435 rc = validate_buf(le16_to_cpu(rsp->OutputBufferOffset),
2436 le32_to_cpu(rsp->OutputBufferLength), &rsp->hdr,
2437 info_buf_size);
2438 if (rc)
2439 goto qdir_exit;
2440
2441 srch_inf->unicode = true;
2442
2443 if (srch_inf->ntwrk_buf_start) {
2444 if (srch_inf->smallBuf)
2445 cifs_small_buf_release(srch_inf->ntwrk_buf_start);
2446 else
2447 cifs_buf_release(srch_inf->ntwrk_buf_start);
2448 }
2449 srch_inf->ntwrk_buf_start = (char *)rsp;
2450 srch_inf->srch_entries_start = srch_inf->last_entry = 4 +
2451 (char *)&rsp->hdr + le16_to_cpu(rsp->OutputBufferOffset);
2452
2453 end_of_smb = get_rfc1002_length(rsp) + 4 + (char *)&rsp->hdr;
2454 srch_inf->entries_in_buffer =
2455 num_entries(srch_inf->srch_entries_start, end_of_smb,
2456 &srch_inf->last_entry, info_buf_size);
2457 srch_inf->index_of_last_entry += srch_inf->entries_in_buffer;
2458 cifs_dbg(FYI, "num entries %d last_index %lld srch start %p srch end %p\n",
2459 srch_inf->entries_in_buffer, srch_inf->index_of_last_entry,
2460 srch_inf->srch_entries_start, srch_inf->last_entry);
2461 if (resp_buftype == CIFS_LARGE_BUFFER)
2462 srch_inf->smallBuf = false;
2463 else if (resp_buftype == CIFS_SMALL_BUFFER)
2464 srch_inf->smallBuf = true;
2465 else
2466 cifs_dbg(VFS, "illegal search buffer type\n");
2467
2468 return rc;
2469
2470qdir_exit:
2471 free_rsp_buf(resp_buftype, rsp);
2472 return rc;
2473}
2474
2475static int
2476send_set_info(const unsigned int xid, struct cifs_tcon *tcon,
2477 u64 persistent_fid, u64 volatile_fid, u32 pid, int info_class,
2478 unsigned int num, void **data, unsigned int *size)
2479{
2480 struct smb2_set_info_req *req;
2481 struct smb2_set_info_rsp *rsp = NULL;
2482 struct kvec *iov;
2483 int rc = 0;
2484 int resp_buftype;
2485 unsigned int i;
2486 struct TCP_Server_Info *server;
2487 struct cifs_ses *ses = tcon->ses;
2488
2489 if (ses && (ses->server))
2490 server = ses->server;
2491 else
2492 return -EIO;
2493
2494 if (!num)
2495 return -EINVAL;
2496
2497 iov = kmalloc(sizeof(struct kvec) * num, GFP_KERNEL);
2498 if (!iov)
2499 return -ENOMEM;
2500
2501 rc = small_smb2_init(SMB2_SET_INFO, tcon, (void **) &req);
2502 if (rc) {
2503 kfree(iov);
2504 return rc;
2505 }
2506
2507 req->hdr.ProcessId = cpu_to_le32(pid);
2508
2509 req->InfoType = SMB2_O_INFO_FILE;
2510 req->FileInfoClass = info_class;
2511 req->PersistentFileId = persistent_fid;
2512 req->VolatileFileId = volatile_fid;
2513
2514
2515 req->BufferOffset =
2516 cpu_to_le16(sizeof(struct smb2_set_info_req) - 1 - 4);
2517 req->BufferLength = cpu_to_le32(*size);
2518
2519 inc_rfc1001_len(req, *size - 1 );
2520
2521 memcpy(req->Buffer, *data, *size);
2522
2523 iov[0].iov_base = (char *)req;
2524
2525 iov[0].iov_len = get_rfc1002_length(req) + 4;
2526
2527 for (i = 1; i < num; i++) {
2528 inc_rfc1001_len(req, size[i]);
2529 le32_add_cpu(&req->BufferLength, size[i]);
2530 iov[i].iov_base = (char *)data[i];
2531 iov[i].iov_len = size[i];
2532 }
2533
2534 rc = SendReceive2(xid, ses, iov, num, &resp_buftype, 0);
2535 rsp = (struct smb2_set_info_rsp *)iov[0].iov_base;
2536
2537 if (rc != 0)
2538 cifs_stats_fail_inc(tcon, SMB2_SET_INFO_HE);
2539
2540 free_rsp_buf(resp_buftype, rsp);
2541 kfree(iov);
2542 return rc;
2543}
2544
2545int
2546SMB2_rename(const unsigned int xid, struct cifs_tcon *tcon,
2547 u64 persistent_fid, u64 volatile_fid, __le16 *target_file)
2548{
2549 struct smb2_file_rename_info info;
2550 void **data;
2551 unsigned int size[2];
2552 int rc;
2553 int len = (2 * UniStrnlen((wchar_t *)target_file, PATH_MAX));
2554
2555 data = kmalloc(sizeof(void *) * 2, GFP_KERNEL);
2556 if (!data)
2557 return -ENOMEM;
2558
2559 info.ReplaceIfExists = 1;
2560
2561 info.RootDirectory = 0;
2562 info.FileNameLength = cpu_to_le32(len);
2563
2564 data[0] = &info;
2565 size[0] = sizeof(struct smb2_file_rename_info);
2566
2567 data[1] = target_file;
2568 size[1] = len + 2 ;
2569
2570 rc = send_set_info(xid, tcon, persistent_fid, volatile_fid,
2571 current->tgid, FILE_RENAME_INFORMATION, 2, data,
2572 size);
2573 kfree(data);
2574 return rc;
2575}
2576
2577int
2578SMB2_set_hardlink(const unsigned int xid, struct cifs_tcon *tcon,
2579 u64 persistent_fid, u64 volatile_fid, __le16 *target_file)
2580{
2581 struct smb2_file_link_info info;
2582 void **data;
2583 unsigned int size[2];
2584 int rc;
2585 int len = (2 * UniStrnlen((wchar_t *)target_file, PATH_MAX));
2586
2587 data = kmalloc(sizeof(void *) * 2, GFP_KERNEL);
2588 if (!data)
2589 return -ENOMEM;
2590
2591 info.ReplaceIfExists = 0;
2592
2593 info.RootDirectory = 0;
2594 info.FileNameLength = cpu_to_le32(len);
2595
2596 data[0] = &info;
2597 size[0] = sizeof(struct smb2_file_link_info);
2598
2599 data[1] = target_file;
2600 size[1] = len + 2 ;
2601
2602 rc = send_set_info(xid, tcon, persistent_fid, volatile_fid,
2603 current->tgid, FILE_LINK_INFORMATION, 2, data, size);
2604 kfree(data);
2605 return rc;
2606}
2607
2608int
2609SMB2_set_eof(const unsigned int xid, struct cifs_tcon *tcon, u64 persistent_fid,
2610 u64 volatile_fid, u32 pid, __le64 *eof, bool is_falloc)
2611{
2612 struct smb2_file_eof_info info;
2613 void *data;
2614 unsigned int size;
2615
2616 info.EndOfFile = *eof;
2617
2618 data = &info;
2619 size = sizeof(struct smb2_file_eof_info);
2620
2621 if (is_falloc)
2622 return send_set_info(xid, tcon, persistent_fid, volatile_fid,
2623 pid, FILE_ALLOCATION_INFORMATION, 1, &data, &size);
2624 else
2625 return send_set_info(xid, tcon, persistent_fid, volatile_fid,
2626 pid, FILE_END_OF_FILE_INFORMATION, 1, &data, &size);
2627}
2628
2629int
2630SMB2_set_info(const unsigned int xid, struct cifs_tcon *tcon,
2631 u64 persistent_fid, u64 volatile_fid, FILE_BASIC_INFO *buf)
2632{
2633 unsigned int size;
2634 size = sizeof(FILE_BASIC_INFO);
2635 return send_set_info(xid, tcon, persistent_fid, volatile_fid,
2636 current->tgid, FILE_BASIC_INFORMATION, 1,
2637 (void **)&buf, &size);
2638}
2639
2640int
2641SMB2_oplock_break(const unsigned int xid, struct cifs_tcon *tcon,
2642 const u64 persistent_fid, const u64 volatile_fid,
2643 __u8 oplock_level)
2644{
2645 int rc;
2646 struct smb2_oplock_break *req = NULL;
2647
2648 cifs_dbg(FYI, "SMB2_oplock_break\n");
2649 rc = small_smb2_init(SMB2_OPLOCK_BREAK, tcon, (void **) &req);
2650
2651 if (rc)
2652 return rc;
2653
2654 req->VolatileFid = volatile_fid;
2655 req->PersistentFid = persistent_fid;
2656 req->OplockLevel = oplock_level;
2657 req->hdr.CreditRequest = cpu_to_le16(1);
2658
2659 rc = SendReceiveNoRsp(xid, tcon->ses, (char *) req, CIFS_OBREAK_OP);
2660
2661
2662 if (rc) {
2663 cifs_stats_fail_inc(tcon, SMB2_OPLOCK_BREAK_HE);
2664 cifs_dbg(FYI, "Send error in Oplock Break = %d\n", rc);
2665 }
2666
2667 return rc;
2668}
2669
2670static void
2671copy_fs_info_to_kstatfs(struct smb2_fs_full_size_info *pfs_inf,
2672 struct kstatfs *kst)
2673{
2674 kst->f_bsize = le32_to_cpu(pfs_inf->BytesPerSector) *
2675 le32_to_cpu(pfs_inf->SectorsPerAllocationUnit);
2676 kst->f_blocks = le64_to_cpu(pfs_inf->TotalAllocationUnits);
2677 kst->f_bfree = le64_to_cpu(pfs_inf->ActualAvailableAllocationUnits);
2678 kst->f_bavail = le64_to_cpu(pfs_inf->CallerAvailableAllocationUnits);
2679 return;
2680}
2681
2682static int
2683build_qfs_info_req(struct kvec *iov, struct cifs_tcon *tcon, int level,
2684 int outbuf_len, u64 persistent_fid, u64 volatile_fid)
2685{
2686 int rc;
2687 struct smb2_query_info_req *req;
2688
2689 cifs_dbg(FYI, "Query FSInfo level %d\n", level);
2690
2691 if ((tcon->ses == NULL) || (tcon->ses->server == NULL))
2692 return -EIO;
2693
2694 rc = small_smb2_init(SMB2_QUERY_INFO, tcon, (void **) &req);
2695 if (rc)
2696 return rc;
2697
2698 req->InfoType = SMB2_O_INFO_FILESYSTEM;
2699 req->FileInfoClass = level;
2700 req->PersistentFileId = persistent_fid;
2701 req->VolatileFileId = volatile_fid;
2702
2703 req->InputBufferOffset =
2704 cpu_to_le16(sizeof(struct smb2_query_info_req) - 1 - 4);
2705 req->OutputBufferLength = cpu_to_le32(
2706 outbuf_len + sizeof(struct smb2_query_info_rsp) - 1 - 4);
2707
2708 iov->iov_base = (char *)req;
2709
2710 iov->iov_len = get_rfc1002_length(req) + 4;
2711 return 0;
2712}
2713
2714int
2715SMB2_QFS_info(const unsigned int xid, struct cifs_tcon *tcon,
2716 u64 persistent_fid, u64 volatile_fid, struct kstatfs *fsdata)
2717{
2718 struct smb2_query_info_rsp *rsp = NULL;
2719 struct kvec iov;
2720 int rc = 0;
2721 int resp_buftype;
2722 struct cifs_ses *ses = tcon->ses;
2723 struct smb2_fs_full_size_info *info = NULL;
2724
2725 rc = build_qfs_info_req(&iov, tcon, FS_FULL_SIZE_INFORMATION,
2726 sizeof(struct smb2_fs_full_size_info),
2727 persistent_fid, volatile_fid);
2728 if (rc)
2729 return rc;
2730
2731 rc = SendReceive2(xid, ses, &iov, 1, &resp_buftype, 0);
2732 if (rc) {
2733 cifs_stats_fail_inc(tcon, SMB2_QUERY_INFO_HE);
2734 goto qfsinf_exit;
2735 }
2736 rsp = (struct smb2_query_info_rsp *)iov.iov_base;
2737
2738 info = (struct smb2_fs_full_size_info *)(4 +
2739 le16_to_cpu(rsp->OutputBufferOffset) + (char *)&rsp->hdr);
2740 rc = validate_buf(le16_to_cpu(rsp->OutputBufferOffset),
2741 le32_to_cpu(rsp->OutputBufferLength), &rsp->hdr,
2742 sizeof(struct smb2_fs_full_size_info));
2743 if (!rc)
2744 copy_fs_info_to_kstatfs(info, fsdata);
2745
2746qfsinf_exit:
2747 free_rsp_buf(resp_buftype, iov.iov_base);
2748 return rc;
2749}
2750
2751int
2752SMB2_QFS_attr(const unsigned int xid, struct cifs_tcon *tcon,
2753 u64 persistent_fid, u64 volatile_fid, int level)
2754{
2755 struct smb2_query_info_rsp *rsp = NULL;
2756 struct kvec iov;
2757 int rc = 0;
2758 int resp_buftype, max_len, min_len;
2759 struct cifs_ses *ses = tcon->ses;
2760 unsigned int rsp_len, offset;
2761
2762 if (level == FS_DEVICE_INFORMATION) {
2763 max_len = sizeof(FILE_SYSTEM_DEVICE_INFO);
2764 min_len = sizeof(FILE_SYSTEM_DEVICE_INFO);
2765 } else if (level == FS_ATTRIBUTE_INFORMATION) {
2766 max_len = sizeof(FILE_SYSTEM_ATTRIBUTE_INFO);
2767 min_len = MIN_FS_ATTR_INFO_SIZE;
2768 } else if (level == FS_SECTOR_SIZE_INFORMATION) {
2769 max_len = sizeof(struct smb3_fs_ss_info);
2770 min_len = sizeof(struct smb3_fs_ss_info);
2771 } else {
2772 cifs_dbg(FYI, "Invalid qfsinfo level %d\n", level);
2773 return -EINVAL;
2774 }
2775
2776 rc = build_qfs_info_req(&iov, tcon, level, max_len,
2777 persistent_fid, volatile_fid);
2778 if (rc)
2779 return rc;
2780
2781 rc = SendReceive2(xid, ses, &iov, 1, &resp_buftype, 0);
2782 if (rc) {
2783 cifs_stats_fail_inc(tcon, SMB2_QUERY_INFO_HE);
2784 goto qfsattr_exit;
2785 }
2786 rsp = (struct smb2_query_info_rsp *)iov.iov_base;
2787
2788 rsp_len = le32_to_cpu(rsp->OutputBufferLength);
2789 offset = le16_to_cpu(rsp->OutputBufferOffset);
2790 rc = validate_buf(offset, rsp_len, &rsp->hdr, min_len);
2791 if (rc)
2792 goto qfsattr_exit;
2793
2794 if (level == FS_ATTRIBUTE_INFORMATION)
2795 memcpy(&tcon->fsAttrInfo, 4 + offset
2796 + (char *)&rsp->hdr, min_t(unsigned int,
2797 rsp_len, max_len));
2798 else if (level == FS_DEVICE_INFORMATION)
2799 memcpy(&tcon->fsDevInfo, 4 + offset
2800 + (char *)&rsp->hdr, sizeof(FILE_SYSTEM_DEVICE_INFO));
2801 else if (level == FS_SECTOR_SIZE_INFORMATION) {
2802 struct smb3_fs_ss_info *ss_info = (struct smb3_fs_ss_info *)
2803 (4 + offset + (char *)&rsp->hdr);
2804 tcon->ss_flags = le32_to_cpu(ss_info->Flags);
2805 tcon->perf_sector_size =
2806 le32_to_cpu(ss_info->PhysicalBytesPerSectorForPerf);
2807 }
2808
2809qfsattr_exit:
2810 free_rsp_buf(resp_buftype, iov.iov_base);
2811 return rc;
2812}
2813
2814int
2815smb2_lockv(const unsigned int xid, struct cifs_tcon *tcon,
2816 const __u64 persist_fid, const __u64 volatile_fid, const __u32 pid,
2817 const __u32 num_lock, struct smb2_lock_element *buf)
2818{
2819 int rc = 0;
2820 struct smb2_lock_req *req = NULL;
2821 struct kvec iov[2];
2822 int resp_buf_type;
2823 unsigned int count;
2824
2825 cifs_dbg(FYI, "smb2_lockv num lock %d\n", num_lock);
2826
2827 rc = small_smb2_init(SMB2_LOCK, tcon, (void **) &req);
2828 if (rc)
2829 return rc;
2830
2831 req->hdr.ProcessId = cpu_to_le32(pid);
2832 req->LockCount = cpu_to_le16(num_lock);
2833
2834 req->PersistentFileId = persist_fid;
2835 req->VolatileFileId = volatile_fid;
2836
2837 count = num_lock * sizeof(struct smb2_lock_element);
2838 inc_rfc1001_len(req, count - sizeof(struct smb2_lock_element));
2839
2840 iov[0].iov_base = (char *)req;
2841
2842 iov[0].iov_len = get_rfc1002_length(req) + 4 - count;
2843 iov[1].iov_base = (char *)buf;
2844 iov[1].iov_len = count;
2845
2846 cifs_stats_inc(&tcon->stats.cifs_stats.num_locks);
2847 rc = SendReceive2(xid, tcon->ses, iov, 2, &resp_buf_type, CIFS_NO_RESP);
2848 if (rc) {
2849 cifs_dbg(FYI, "Send error in smb2_lockv = %d\n", rc);
2850 cifs_stats_fail_inc(tcon, SMB2_LOCK_HE);
2851 }
2852
2853 return rc;
2854}
2855
2856int
2857SMB2_lock(const unsigned int xid, struct cifs_tcon *tcon,
2858 const __u64 persist_fid, const __u64 volatile_fid, const __u32 pid,
2859 const __u64 length, const __u64 offset, const __u32 lock_flags,
2860 const bool wait)
2861{
2862 struct smb2_lock_element lock;
2863
2864 lock.Offset = cpu_to_le64(offset);
2865 lock.Length = cpu_to_le64(length);
2866 lock.Flags = cpu_to_le32(lock_flags);
2867 if (!wait && lock_flags != SMB2_LOCKFLAG_UNLOCK)
2868 lock.Flags |= cpu_to_le32(SMB2_LOCKFLAG_FAIL_IMMEDIATELY);
2869
2870 return smb2_lockv(xid, tcon, persist_fid, volatile_fid, pid, 1, &lock);
2871}
2872
2873int
2874SMB2_lease_break(const unsigned int xid, struct cifs_tcon *tcon,
2875 __u8 *lease_key, const __le32 lease_state)
2876{
2877 int rc;
2878 struct smb2_lease_ack *req = NULL;
2879
2880 cifs_dbg(FYI, "SMB2_lease_break\n");
2881 rc = small_smb2_init(SMB2_OPLOCK_BREAK, tcon, (void **) &req);
2882
2883 if (rc)
2884 return rc;
2885
2886 req->hdr.CreditRequest = cpu_to_le16(1);
2887 req->StructureSize = cpu_to_le16(36);
2888 inc_rfc1001_len(req, 12);
2889
2890 memcpy(req->LeaseKey, lease_key, 16);
2891 req->LeaseState = lease_state;
2892
2893 rc = SendReceiveNoRsp(xid, tcon->ses, (char *) req, CIFS_OBREAK_OP);
2894
2895
2896 if (rc) {
2897 cifs_stats_fail_inc(tcon, SMB2_OPLOCK_BREAK_HE);
2898 cifs_dbg(FYI, "Send error in Lease Break = %d\n", rc);
2899 }
2900
2901 return rc;
2902}
2903
