Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / kernel / shift / mainline / faaf946a7d5b79194358437150f34ab4c66bfe21 / . / fs / cifs / smb2pdu.c
blob: 1bf037ec5a9d5e31541455271a48ff9ab1a5b7c4 [file] [log] [blame]
Pavel Shilovskyec2e4522011-12-27 16:12:43 +0400[diff] [blame]1/*
2 * fs/cifs/smb2pdu.c
3 *
4 * Copyright (C) International Business Machines Corp., 2009, 2011
5 * Etersoft, 2012
6 * Author(s): Steve French (sfrench@us.ibm.com)
7 * Pavel Shilovsky (pshilovsky@samba.org) 2012
8 *
9 * Contains the routines for constructing the SMB2 PDUs themselves
10 *
11 * This library is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU Lesser General Public License as published
13 * by the Free Software Foundation; either version 2.1 of the License, or
14 * (at your option) any later version.
15 *
16 * This library is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
19 * the GNU Lesser General Public License for more details.
20 *
21 * You should have received a copy of the GNU Lesser General Public License
22 * along with this library; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 */
25
26 /* SMB2 PDU handling routines here - except for leftovers (eg session setup) */
27 /* Note that there are handle based routines which must be */
28 /* treated slightly differently for reconnection purposes since we never */
29 /* want to reuse a stale file handle and only the caller knows the file info */
30
31#include <linux/fs.h>
32#include <linux/kernel.h>
33#include <linux/vfs.h>
34#include <linux/uaccess.h>
35#include <linux/xattr.h>
36#include "smb2pdu.h"
37#include "cifsglob.h"
38#include "cifsacl.h"
39#include "cifsproto.h"
40#include "smb2proto.h"
41#include "cifs_unicode.h"
42#include "cifs_debug.h"
43#include "ntlmssp.h"
44#include "smb2status.h"
45
46/*
47 * The following table defines the expected "StructureSize" of SMB2 requests
48 * in order by SMB2 command. This is similar to "wct" in SMB/CIFS requests.
49 *
50 * Note that commands are defined in smb2pdu.h in le16 but the array below is
51 * indexed by command in host byte order.
52 */
53static const int smb2_req_struct_sizes[NUMBER_OF_SMB2_COMMANDS] = {
54 /* SMB2_NEGOTIATE */ 36,
55 /* SMB2_SESSION_SETUP */ 25,
56 /* SMB2_LOGOFF */ 4,
57 /* SMB2_TREE_CONNECT */ 9,
58 /* SMB2_TREE_DISCONNECT */ 4,
59 /* SMB2_CREATE */ 57,
60 /* SMB2_CLOSE */ 24,
61 /* SMB2_FLUSH */ 24,
62 /* SMB2_READ */ 49,
63 /* SMB2_WRITE */ 49,
64 /* SMB2_LOCK */ 48,
65 /* SMB2_IOCTL */ 57,
66 /* SMB2_CANCEL */ 4,
67 /* SMB2_ECHO */ 4,
68 /* SMB2_QUERY_DIRECTORY */ 33,
69 /* SMB2_CHANGE_NOTIFY */ 32,
70 /* SMB2_QUERY_INFO */ 41,
71 /* SMB2_SET_INFO */ 33,
72 /* SMB2_OPLOCK_BREAK */ 24 /* BB this is 36 for LEASE_BREAK variant */
73};
74
75
76static void
77smb2_hdr_assemble(struct smb2_hdr *hdr, __le16 smb2_cmd /* command */ ,
78 const struct cifs_tcon *tcon)
79{
80 struct smb2_pdu *pdu = (struct smb2_pdu *)hdr;
81 char *temp = (char *)hdr;
82 /* lookup word count ie StructureSize from table */
83 __u16 parmsize = smb2_req_struct_sizes[le16_to_cpu(smb2_cmd)];
84
85 /*
86 * smaller than SMALL_BUFFER_SIZE but bigger than fixed area of
87 * largest operations (Create)
88 */
89 memset(temp, 0, 256);
90
91 /* Note this is only network field converted to big endian */
92 hdr->smb2_buf_length = cpu_to_be32(parmsize + sizeof(struct smb2_hdr)
93 - 4 /* RFC 1001 length field itself not counted */);
94
95 hdr->ProtocolId[0] = 0xFE;
96 hdr->ProtocolId[1] = 'S';
97 hdr->ProtocolId[2] = 'M';
98 hdr->ProtocolId[3] = 'B';
99 hdr->StructureSize = cpu_to_le16(64);
100 hdr->Command = smb2_cmd;
101 hdr->CreditRequest = cpu_to_le16(2); /* BB make this dynamic */
102 hdr->ProcessId = cpu_to_le32((__u16)current->tgid);
103
104 if (!tcon)
105 goto out;
106
107 hdr->TreeId = tcon->tid;
108 /* Uid is not converted */
109 if (tcon->ses)
110 hdr->SessionId = tcon->ses->Suid;
111 /* BB check following DFS flags BB */
112 /* BB do we have to add check for SHI1005_FLAGS_DFS_ROOT too? */
Pavel Shilovskyfaaf9462011-12-27 16:04:00 +0400[diff] [blame^]113 if (tcon->share_flags & SHI1005_FLAGS_DFS)
114 hdr->Flags |= SMB2_FLAGS_DFS_OPERATIONS;
Pavel Shilovskyec2e4522011-12-27 16:12:43 +0400[diff] [blame]115 /* BB how does SMB2 do case sensitive? */
116 /* if (tcon->nocase)
117 hdr->Flags |= SMBFLG_CASELESS; */
118 /* if (tcon->ses && tcon->ses->server &&
119 (tcon->ses->server->sec_mode & SECMODE_SIGN_REQUIRED))
120 hdr->Flags |= SMB2_FLAGS_SIGNED; */
121out:
122 pdu->StructureSize2 = cpu_to_le16(parmsize);
123 return;
124}
125
126static int
127smb2_reconnect(__le16 smb2_command, struct cifs_tcon *tcon)
128{
129 int rc = 0;
130 /* BB add missing code here */
131 return rc;
132}
133
134/*
135 * Allocate and return pointer to an SMB request hdr, and set basic
136 * SMB information in the SMB header. If the return code is zero, this
137 * function must have filled in request_buf pointer.
138 */
139static int
140small_smb2_init(__le16 smb2_command, struct cifs_tcon *tcon,
141 void **request_buf)
142{
143 int rc = 0;
144
145 rc = smb2_reconnect(smb2_command, tcon);
146 if (rc)
147 return rc;
148
149 /* BB eventually switch this to SMB2 specific small buf size */
150 *request_buf = cifs_small_buf_get();
151 if (*request_buf == NULL) {
152 /* BB should we add a retry in here if not a writepage? */
153 return -ENOMEM;
154 }
155
156 smb2_hdr_assemble((struct smb2_hdr *) *request_buf, smb2_command, tcon);
157
158 if (tcon != NULL) {
159#ifdef CONFIG_CIFS_STATS2
160 /*
161 uint16_t com_code = le16_to_cpu(smb2_command);
162 cifs_stats_inc(&tcon->stats.smb2_stats.smb2_com_sent[com_code]);
163 */
164#endif
165 cifs_stats_inc(&tcon->num_smbs_sent);
166 }
167
168 return rc;
169}
170
171static void
172free_rsp_buf(int resp_buftype, void *rsp)
173{
174 if (resp_buftype == CIFS_SMALL_BUFFER)
175 cifs_small_buf_release(rsp);
176 else if (resp_buftype == CIFS_LARGE_BUFFER)
177 cifs_buf_release(rsp);
178}
179
180#define SMB2_NUM_PROT 1
181
182#define SMB2_PROT 0
183#define SMB21_PROT 1
184#define BAD_PROT 0xFFFF
185
186#define SMB2_PROT_ID 0x0202
187#define SMB21_PROT_ID 0x0210
188#define BAD_PROT_ID 0xFFFF
189
190static struct {
191 int index;
192 __le16 name;
193} smb2protocols[] = {
194 {SMB2_PROT, cpu_to_le16(SMB2_PROT_ID)},
195 {SMB21_PROT, cpu_to_le16(SMB21_PROT_ID)},
196 {BAD_PROT, cpu_to_le16(BAD_PROT_ID)}
197};
198
199/*
200 *
201 * SMB2 Worker functions follow:
202 *
203 * The general structure of the worker functions is:
204 * 1) Call smb2_init (assembles SMB2 header)
205 * 2) Initialize SMB2 command specific fields in fixed length area of SMB
206 * 3) Call smb_sendrcv2 (sends request on socket and waits for response)
207 * 4) Decode SMB2 command specific fields in the fixed length area
208 * 5) Decode variable length data area (if any for this SMB2 command type)
209 * 6) Call free smb buffer
210 * 7) return
211 *
212 */
213
214int
215SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses)
216{
217 struct smb2_negotiate_req *req;
218 struct smb2_negotiate_rsp *rsp;
219 struct kvec iov[1];
220 int rc = 0;
221 int resp_buftype;
222 struct TCP_Server_Info *server;
223 unsigned int sec_flags;
224 u16 i;
225 u16 temp = 0;
226 int blob_offset, blob_length;
227 char *security_blob;
228 int flags = CIFS_NEG_OP;
229
230 cFYI(1, "Negotiate protocol");
231
232 if (ses->server)
233 server = ses->server;
234 else {
235 rc = -EIO;
236 return rc;
237 }
238
239 rc = small_smb2_init(SMB2_NEGOTIATE, NULL, (void **) &req);
240 if (rc)
241 return rc;
242
243 /* if any of auth flags (ie not sign or seal) are overriden use them */
244 if (ses->overrideSecFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
245 sec_flags = ses->overrideSecFlg; /* BB FIXME fix sign flags?*/
246 else /* if override flags set only sign/seal OR them with global auth */
247 sec_flags = global_secflags | ses->overrideSecFlg;
248
249 cFYI(1, "sec_flags 0x%x", sec_flags);
250
251 req->hdr.SessionId = 0;
252
253 for (i = 0; i < SMB2_NUM_PROT; i++)
254 req->Dialects[i] = smb2protocols[i].name;
255
256 req->DialectCount = cpu_to_le16(i);
257 inc_rfc1001_len(req, i * 2);
258
259 /* only one of SMB2 signing flags may be set in SMB2 request */
260 if ((sec_flags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN)
261 temp = SMB2_NEGOTIATE_SIGNING_REQUIRED;
262 else if (sec_flags & CIFSSEC_MAY_SIGN) /* MAY_SIGN is a single flag */
263 temp = SMB2_NEGOTIATE_SIGNING_ENABLED;
264
265 req->SecurityMode = cpu_to_le16(temp);
266
267 req->Capabilities = cpu_to_le32(SMB2_GLOBAL_CAP_DFS);
268
269 iov[0].iov_base = (char *)req;
270 /* 4 for rfc1002 length field */
271 iov[0].iov_len = get_rfc1002_length(req) + 4;
272
273 rc = SendReceive2(xid, ses, iov, 1, &resp_buftype, flags);
274
275 rsp = (struct smb2_negotiate_rsp *)iov[0].iov_base;
276 /*
277 * No tcon so can't do
278 * cifs_stats_inc(&tcon->stats.smb2_stats.smb2_com_fail[SMB2...]);
279 */
280 if (rc != 0)
281 goto neg_exit;
282
283 if (rsp == NULL) {
284 rc = -EIO;
285 goto neg_exit;
286 }
287
288 cFYI(1, "mode 0x%x", rsp->SecurityMode);
289
290 if (rsp->DialectRevision == smb2protocols[SMB21_PROT].name)
291 cFYI(1, "negotiated smb2.1 dialect");
292 else if (rsp->DialectRevision == smb2protocols[SMB2_PROT].name)
293 cFYI(1, "negotiated smb2 dialect");
294 else {
295 cERROR(1, "Illegal dialect returned by server %d",
296 le16_to_cpu(rsp->DialectRevision));
297 rc = -EIO;
298 goto neg_exit;
299 }
300 server->dialect = le16_to_cpu(rsp->DialectRevision);
301
302 server->maxBuf = le32_to_cpu(rsp->MaxTransactSize);
303 server->max_read = le32_to_cpu(rsp->MaxReadSize);
304 server->max_write = le32_to_cpu(rsp->MaxWriteSize);
305 /* BB Do we need to validate the SecurityMode? */
306 server->sec_mode = le16_to_cpu(rsp->SecurityMode);
307 server->capabilities = le32_to_cpu(rsp->Capabilities);
308
309 security_blob = smb2_get_data_area_len(&blob_offset, &blob_length,
310 &rsp->hdr);
311 if (blob_length == 0) {
312 cERROR(1, "missing security blob on negprot");
313 rc = -EIO;
314 goto neg_exit;
315 }
316#ifdef CONFIG_SMB2_ASN1 /* BB REMOVEME when updated asn1.c ready */
317 rc = decode_neg_token_init(security_blob, blob_length,
318 &server->sec_type);
319 if (rc == 1)
320 rc = 0;
321 else if (rc == 0) {
322 rc = -EIO;
323 goto neg_exit;
324 }
325#endif
326
327neg_exit:
328 free_rsp_buf(resp_buftype, rsp);
329 return rc;
330}
Pavel Shilovsky5478f9b2011-12-27 16:22:00 +0400[diff] [blame]331
332int
333SMB2_sess_setup(const unsigned int xid, struct cifs_ses *ses,
334 const struct nls_table *nls_cp)
335{
336 struct smb2_sess_setup_req *req;
337 struct smb2_sess_setup_rsp *rsp = NULL;
338 struct kvec iov[2];
339 int rc = 0;
340 int resp_buftype;
341 __le32 phase = NtLmNegotiate; /* NTLMSSP, if needed, is multistage */
342 struct TCP_Server_Info *server;
343 unsigned int sec_flags;
344 u8 temp = 0;
345 u16 blob_length = 0;
346 char *security_blob;
347 char *ntlmssp_blob = NULL;
348 bool use_spnego = false; /* else use raw ntlmssp */
349
350 cFYI(1, "Session Setup");
351
352 if (ses->server)
353 server = ses->server;
354 else {
355 rc = -EIO;
356 return rc;
357 }
358
359 /*
360 * If memory allocation is successful, caller of this function
361 * frees it.
362 */
363 ses->ntlmssp = kmalloc(sizeof(struct ntlmssp_auth), GFP_KERNEL);
364 if (!ses->ntlmssp)
365 return -ENOMEM;
366
367 ses->server->secType = RawNTLMSSP;
368
369ssetup_ntlmssp_authenticate:
370 if (phase == NtLmChallenge)
371 phase = NtLmAuthenticate; /* if ntlmssp, now final phase */
372
373 rc = small_smb2_init(SMB2_SESSION_SETUP, NULL, (void **) &req);
374 if (rc)
375 return rc;
376
377 /* if any of auth flags (ie not sign or seal) are overriden use them */
378 if (ses->overrideSecFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
379 sec_flags = ses->overrideSecFlg; /* BB FIXME fix sign flags?*/
380 else /* if override flags set only sign/seal OR them with global auth */
381 sec_flags = global_secflags | ses->overrideSecFlg;
382
383 cFYI(1, "sec_flags 0x%x", sec_flags);
384
385 req->hdr.SessionId = 0; /* First session, not a reauthenticate */
386 req->VcNumber = 0; /* MBZ */
387 /* to enable echos and oplocks */
388 req->hdr.CreditRequest = cpu_to_le16(3);
389
390 /* only one of SMB2 signing flags may be set in SMB2 request */
391 if ((sec_flags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN)
392 temp = SMB2_NEGOTIATE_SIGNING_REQUIRED;
393 else if (ses->server->sec_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED)
394 temp = SMB2_NEGOTIATE_SIGNING_REQUIRED;
395 else if (sec_flags & CIFSSEC_MAY_SIGN) /* MAY_SIGN is a single flag */
396 temp = SMB2_NEGOTIATE_SIGNING_ENABLED;
397
398 req->SecurityMode = temp;
399 req->Capabilities = 0;
400 req->Channel = 0; /* MBZ */
401
402 iov[0].iov_base = (char *)req;
403 /* 4 for rfc1002 length field and 1 for pad */
404 iov[0].iov_len = get_rfc1002_length(req) + 4 - 1;
405 if (phase == NtLmNegotiate) {
406 ntlmssp_blob = kmalloc(sizeof(struct _NEGOTIATE_MESSAGE),
407 GFP_KERNEL);
408 if (ntlmssp_blob == NULL) {
409 rc = -ENOMEM;
410 goto ssetup_exit;
411 }
412 build_ntlmssp_negotiate_blob(ntlmssp_blob, ses);
413 if (use_spnego) {
414 /* blob_length = build_spnego_ntlmssp_blob(
415 &security_blob,
416 sizeof(struct _NEGOTIATE_MESSAGE),
417 ntlmssp_blob); */
418 /* BB eventually need to add this */
419 cERROR(1, "spnego not supported for SMB2 yet");
420 rc = -EOPNOTSUPP;
421 kfree(ntlmssp_blob);
422 goto ssetup_exit;
423 } else {
424 blob_length = sizeof(struct _NEGOTIATE_MESSAGE);
425 /* with raw NTLMSSP we don't encapsulate in SPNEGO */
426 security_blob = ntlmssp_blob;
427 }
428 } else if (phase == NtLmAuthenticate) {
429 req->hdr.SessionId = ses->Suid;
430 ntlmssp_blob = kzalloc(sizeof(struct _NEGOTIATE_MESSAGE) + 500,
431 GFP_KERNEL);
432 if (ntlmssp_blob == NULL) {
433 cERROR(1, "failed to malloc ntlmssp blob");
434 rc = -ENOMEM;
435 goto ssetup_exit;
436 }
437 rc = build_ntlmssp_auth_blob(ntlmssp_blob, &blob_length, ses,
438 nls_cp);
439 if (rc) {
440 cFYI(1, "build_ntlmssp_auth_blob failed %d", rc);
441 goto ssetup_exit; /* BB double check error handling */
442 }
443 if (use_spnego) {
444 /* blob_length = build_spnego_ntlmssp_blob(
445 &security_blob,
446 blob_length,
447 ntlmssp_blob); */
448 cERROR(1, "spnego not supported for SMB2 yet");
449 rc = -EOPNOTSUPP;
450 kfree(ntlmssp_blob);
451 goto ssetup_exit;
452 } else {
453 security_blob = ntlmssp_blob;
454 }
455 } else {
456 cERROR(1, "illegal ntlmssp phase");
457 rc = -EIO;
458 goto ssetup_exit;
459 }
460
461 /* Testing shows that buffer offset must be at location of Buffer[0] */
462 req->SecurityBufferOffset =
463 cpu_to_le16(sizeof(struct smb2_sess_setup_req) -
464 1 /* pad */ - 4 /* rfc1001 len */);
465 req->SecurityBufferLength = cpu_to_le16(blob_length);
466 iov[1].iov_base = security_blob;
467 iov[1].iov_len = blob_length;
468
469 inc_rfc1001_len(req, blob_length - 1 /* pad */);
470
471 /* BB add code to build os and lm fields */
472
473 rc = SendReceive2(xid, ses, iov, 2, &resp_buftype, CIFS_LOG_ERROR);
474
475 kfree(security_blob);
476 rsp = (struct smb2_sess_setup_rsp *)iov[0].iov_base;
477 if (rsp->hdr.Status == STATUS_MORE_PROCESSING_REQUIRED) {
478 if (phase != NtLmNegotiate) {
479 cERROR(1, "Unexpected more processing error");
480 goto ssetup_exit;
481 }
482 if (offsetof(struct smb2_sess_setup_rsp, Buffer) - 4 !=
483 le16_to_cpu(rsp->SecurityBufferOffset)) {
484 cERROR(1, "Invalid security buffer offset %d",
485 le16_to_cpu(rsp->SecurityBufferOffset));
486 rc = -EIO;
487 goto ssetup_exit;
488 }
489
490 /* NTLMSSP Negotiate sent now processing challenge (response) */
491 phase = NtLmChallenge; /* process ntlmssp challenge */
492 rc = 0; /* MORE_PROCESSING is not an error here but expected */
493 ses->Suid = rsp->hdr.SessionId;
494 rc = decode_ntlmssp_challenge(rsp->Buffer,
495 le16_to_cpu(rsp->SecurityBufferLength), ses);
496 }
497
498 /*
499 * BB eventually add code for SPNEGO decoding of NtlmChallenge blob,
500 * but at least the raw NTLMSSP case works.
501 */
502 /*
503 * No tcon so can't do
504 * cifs_stats_inc(&tcon->stats.smb2_stats.smb2_com_fail[SMB2...]);
505 */
506 if (rc != 0)
507 goto ssetup_exit;
508
509 if (rsp == NULL) {
510 rc = -EIO;
511 goto ssetup_exit;
512 }
513
514 ses->session_flags = le16_to_cpu(rsp->SessionFlags);
515ssetup_exit:
516 free_rsp_buf(resp_buftype, rsp);
517
518 /* if ntlmssp, and negotiate succeeded, proceed to authenticate phase */
519 if ((phase == NtLmChallenge) && (rc == 0))
520 goto ssetup_ntlmssp_authenticate;
521 return rc;
522}
523
524int
525SMB2_logoff(const unsigned int xid, struct cifs_ses *ses)
526{
527 struct smb2_logoff_req *req; /* response is also trivial struct */
528 int rc = 0;
529 struct TCP_Server_Info *server;
530
531 cFYI(1, "disconnect session %p", ses);
532
533 if (ses && (ses->server))
534 server = ses->server;
535 else
536 return -EIO;
537
538 rc = small_smb2_init(SMB2_LOGOFF, NULL, (void **) &req);
539 if (rc)
540 return rc;
541
542 /* since no tcon, smb2_init can not do this, so do here */
543 req->hdr.SessionId = ses->Suid;
544
545 rc = SendReceiveNoRsp(xid, ses, (char *) &req->hdr, 0);
546 /*
547 * No tcon so can't do
548 * cifs_stats_inc(&tcon->stats.smb2_stats.smb2_com_fail[SMB2...]);
549 */
550 return rc;
551}
Pavel Shilovskyfaaf9462011-12-27 16:04:00 +0400[diff] [blame^]552
553static inline void cifs_stats_fail_inc(struct cifs_tcon *tcon, uint16_t code)
554{
555 /* cifs_stats_inc(&tcon->stats.smb2_stats.smb2_com_fail[code]); */
556}
557
558#define MAX_SHARENAME_LENGTH (255 /* server */ + 80 /* share */ + 1 /* NULL */)
559
560int
561SMB2_tcon(const unsigned int xid, struct cifs_ses *ses, const char *tree,
562 struct cifs_tcon *tcon, const struct nls_table *cp)
563{
564 struct smb2_tree_connect_req *req;
565 struct smb2_tree_connect_rsp *rsp = NULL;
566 struct kvec iov[2];
567 int rc = 0;
568 int resp_buftype;
569 int unc_path_len;
570 struct TCP_Server_Info *server;
571 __le16 *unc_path = NULL;
572
573 cFYI(1, "TCON");
574
575 if ((ses->server) && tree)
576 server = ses->server;
577 else
578 return -EIO;
579
580 if (tcon && tcon->bad_network_name)
581 return -ENOENT;
582
583 unc_path = kmalloc(MAX_SHARENAME_LENGTH * 2, GFP_KERNEL);
584 if (unc_path == NULL)
585 return -ENOMEM;
586
587 unc_path_len = cifs_strtoUTF16(unc_path, tree, strlen(tree), cp) + 1;
588 unc_path_len *= 2;
589 if (unc_path_len < 2) {
590 kfree(unc_path);
591 return -EINVAL;
592 }
593
594 rc = small_smb2_init(SMB2_TREE_CONNECT, tcon, (void **) &req);
595 if (rc) {
596 kfree(unc_path);
597 return rc;
598 }
599
600 if (tcon == NULL) {
601 /* since no tcon, smb2_init can not do this, so do here */
602 req->hdr.SessionId = ses->Suid;
603 /* if (ses->server->sec_mode & SECMODE_SIGN_REQUIRED)
604 req->hdr.Flags |= SMB2_FLAGS_SIGNED; */
605 }
606
607 iov[0].iov_base = (char *)req;
608 /* 4 for rfc1002 length field and 1 for pad */
609 iov[0].iov_len = get_rfc1002_length(req) + 4 - 1;
610
611 /* Testing shows that buffer offset must be at location of Buffer[0] */
612 req->PathOffset = cpu_to_le16(sizeof(struct smb2_tree_connect_req)
613 - 1 /* pad */ - 4 /* do not count rfc1001 len field */);
614 req->PathLength = cpu_to_le16(unc_path_len - 2);
615 iov[1].iov_base = unc_path;
616 iov[1].iov_len = unc_path_len;
617
618 inc_rfc1001_len(req, unc_path_len - 1 /* pad */);
619
620 rc = SendReceive2(xid, ses, iov, 2, &resp_buftype, 0);
621 rsp = (struct smb2_tree_connect_rsp *)iov[0].iov_base;
622
623 if (rc != 0) {
624 if (tcon) {
625 cifs_stats_fail_inc(tcon, SMB2_TREE_CONNECT_HE);
626 tcon->need_reconnect = true;
627 }
628 goto tcon_error_exit;
629 }
630
631 if (rsp == NULL) {
632 rc = -EIO;
633 goto tcon_exit;
634 }
635
636 if (tcon == NULL) {
637 ses->ipc_tid = rsp->hdr.TreeId;
638 goto tcon_exit;
639 }
640
641 if (rsp->ShareType & SMB2_SHARE_TYPE_DISK)
642 cFYI(1, "connection to disk share");
643 else if (rsp->ShareType & SMB2_SHARE_TYPE_PIPE) {
644 tcon->ipc = true;
645 cFYI(1, "connection to pipe share");
646 } else if (rsp->ShareType & SMB2_SHARE_TYPE_PRINT) {
647 tcon->print = true;
648 cFYI(1, "connection to printer");
649 } else {
650 cERROR(1, "unknown share type %d", rsp->ShareType);
651 rc = -EOPNOTSUPP;
652 goto tcon_error_exit;
653 }
654
655 tcon->share_flags = le32_to_cpu(rsp->ShareFlags);
656 tcon->maximal_access = le32_to_cpu(rsp->MaximalAccess);
657 tcon->tidStatus = CifsGood;
658 tcon->need_reconnect = false;
659 tcon->tid = rsp->hdr.TreeId;
660 strncpy(tcon->treeName, tree, MAX_TREE_SIZE);
661
662 if ((rsp->Capabilities & SMB2_SHARE_CAP_DFS) &&
663 ((tcon->share_flags & SHI1005_FLAGS_DFS) == 0))
664 cERROR(1, "DFS capability contradicts DFS flag");
665
666tcon_exit:
667 free_rsp_buf(resp_buftype, rsp);
668 kfree(unc_path);
669 return rc;
670
671tcon_error_exit:
672 if (rsp->hdr.Status == STATUS_BAD_NETWORK_NAME) {
673 cERROR(1, "BAD_NETWORK_NAME: %s", tree);
674 tcon->bad_network_name = true;
675 }
676 goto tcon_exit;
677}
678
679int
680SMB2_tdis(const unsigned int xid, struct cifs_tcon *tcon)
681{
682 struct smb2_tree_disconnect_req *req; /* response is trivial */
683 int rc = 0;
684 struct TCP_Server_Info *server;
685 struct cifs_ses *ses = tcon->ses;
686
687 cFYI(1, "Tree Disconnect");
688
689 if (ses && (ses->server))
690 server = ses->server;
691 else
692 return -EIO;
693
694 if ((tcon->need_reconnect) || (tcon->ses->need_reconnect))
695 return 0;
696
697 rc = small_smb2_init(SMB2_TREE_DISCONNECT, tcon, (void **) &req);
698 if (rc)
699 return rc;
700
701 rc = SendReceiveNoRsp(xid, ses, (char *)&req->hdr, 0);
702 if (rc)
703 cifs_stats_fail_inc(tcon, SMB2_TREE_DISCONNECT_HE);
704
705 return rc;
706}