Print this page
12513 SMB 3.1.1 support for server
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/fs/smbsrv/smb2_dispatch.c
+++ new/usr/src/uts/common/fs/smbsrv/smb2_dispatch.c
1 1 /*
2 2 * This file and its contents are supplied under the terms of the
3 3 * Common Development and Distribution License ("CDDL"), version 1.0.
|
↓ open down ↓ |
3 lines elided |
↑ open up ↑ |
4 4 * You may only use this file in accordance with the terms of version
5 5 * 1.0 of the CDDL.
6 6 *
7 7 * A full copy of the text of the CDDL should have accompanied this
8 8 * source. A copy of the CDDL is also available via the Internet at
9 9 * http://www.illumos.org/license/CDDL.
10 10 */
11 11
12 12 /*
13 13 * Copyright 2019 Nexenta Systems, Inc. All rights reserved.
14 - * Copyright 2019 RackTop Systems.
14 + * Copyright 2020 RackTop Systems, Inc.
15 15 */
16 16
17 17
18 18 #include <smbsrv/smb2_kproto.h>
19 19 #include <smbsrv/smb_kstat.h>
20 20 #include <smbsrv/smb2.h>
21 21
22 22 #define SMB2_ASYNCID(sr) (sr->smb2_messageid ^ (1ULL << 62))
23 23
24 24 smb_sdrc_t smb2_invalid_cmd(smb_request_t *);
25 25 static void smb2_tq_work(void *);
26 26 static void smb2sr_run_postwork(smb_request_t *);
27 27 static int smb3_decrypt_msg(smb_request_t *);
28 28
29 29 static const smb_disp_entry_t
30 30 smb2_disp_table[SMB2__NCMDS] = {
31 31
32 32 /* text-name, pre, func, post, cmd-code, dialect, flags */
33 33
34 34 { "smb2_negotiate", NULL,
35 35 smb2_negotiate, NULL, 0, 0,
36 36 SDDF_SUPPRESS_TID | SDDF_SUPPRESS_UID },
37 37
38 38 { "smb2_session_setup", NULL,
39 39 smb2_session_setup, NULL, 0, 0,
40 40 SDDF_SUPPRESS_TID | SDDF_SUPPRESS_UID },
41 41
42 42 { "smb2_logoff", NULL,
43 43 smb2_logoff, NULL, 0, 0,
44 44 SDDF_SUPPRESS_TID },
45 45
46 46 { "smb2_tree_connect", NULL,
47 47 smb2_tree_connect, NULL, 0, 0,
48 48 SDDF_SUPPRESS_TID },
49 49
50 50 { "smb2_tree_disconn", NULL,
51 51 smb2_tree_disconn, NULL, 0, 0 },
52 52
53 53 { "smb2_create", NULL,
54 54 smb2_create, NULL, 0, 0 },
55 55
56 56 { "smb2_close", NULL,
57 57 smb2_close, NULL, 0, 0 },
58 58
59 59 { "smb2_flush", NULL,
60 60 smb2_flush, NULL, 0, 0 },
61 61
62 62 { "smb2_read", NULL,
63 63 smb2_read, NULL, 0, 0 },
64 64
65 65 { "smb2_write", NULL,
66 66 smb2_write, NULL, 0, 0 },
67 67
68 68 { "smb2_lock", NULL,
69 69 smb2_lock, NULL, 0, 0 },
70 70
71 71 { "smb2_ioctl", NULL,
72 72 smb2_ioctl, NULL, 0, 0 },
73 73
74 74 { "smb2_cancel", NULL,
75 75 smb2_cancel, NULL, 0, 0,
76 76 SDDF_SUPPRESS_UID | SDDF_SUPPRESS_TID },
77 77
78 78 { "smb2_echo", NULL,
79 79 smb2_echo, NULL, 0, 0,
80 80 SDDF_SUPPRESS_UID | SDDF_SUPPRESS_TID },
81 81
82 82 { "smb2_query_dir", NULL,
83 83 smb2_query_dir, NULL, 0, 0 },
84 84
85 85 { "smb2_change_notify", NULL,
86 86 smb2_change_notify, NULL, 0, 0 },
87 87
88 88 { "smb2_query_info", NULL,
89 89 smb2_query_info, NULL, 0, 0 },
90 90
91 91 { "smb2_set_info", NULL,
92 92 smb2_set_info, NULL, 0, 0 },
93 93
94 94 { "smb2_oplock_break_ack", NULL,
95 95 smb2_oplock_break_ack, NULL, 0, 0 },
96 96
97 97 { "smb2_invalid_cmd", NULL,
98 98 smb2_invalid_cmd, NULL, 0, 0,
99 99 SDDF_SUPPRESS_UID | SDDF_SUPPRESS_TID },
100 100 };
101 101
102 102 smb_sdrc_t
103 103 smb2_invalid_cmd(smb_request_t *sr)
104 104 {
105 105 #ifdef DEBUG
106 106 cmn_err(CE_NOTE, "clnt %s bad SMB2 cmd code",
107 107 sr->session->ip_addr_str);
108 108 #endif
109 109 sr->smb2_status = NT_STATUS_INVALID_PARAMETER;
110 110 return (SDRC_DROP_VC);
111 111 }
112 112
113 113 /*
114 114 * This is the SMB2 handler for new smb requests, called from
115 115 * smb_session_reader after SMB negotiate is done. For most SMB2
116 116 * requests, we just enqueue them for the smb_session_worker to
117 117 * execute via the task queue, so they can block for resources
118 118 * without stopping the reader thread. A few protocol messages
119 119 * are special cases and are handled directly here in the reader
120 120 * thread so they don't wait for taskq scheduling.
121 121 *
122 122 * This function must either enqueue the new request for
123 123 * execution via the task queue, or execute it directly
124 124 * and then free it. If this returns non-zero, the caller
125 125 * will drop the session.
126 126 */
127 127 int
128 128 smb2sr_newrq(smb_request_t *sr)
129 129 {
130 130 struct mbuf_chain *mbc = &sr->command;
131 131 uint32_t magic;
132 132 int rc, skip;
133 133
134 134 if (smb_mbc_peek(mbc, 0, "l", &magic) != 0)
135 135 goto drop;
136 136
137 137 /* 0xFD S M B */
138 138 if (magic == SMB3_ENCRYPTED_MAGIC) {
139 139 if (smb3_decrypt_msg(sr) != 0)
140 140 goto drop;
141 141 /*
142 142 * Should now be looking at an un-encrypted
143 143 * SMB2 message header.
144 144 */
145 145 if (smb_mbc_peek(mbc, 0, "l", &magic) != 0)
146 146 goto drop;
147 147 }
148 148
149 149 if (magic != SMB2_PROTOCOL_MAGIC)
150 150 goto drop;
151 151
152 152 /*
153 153 * Walk the SMB2 commands in this compound message and
154 154 * keep track of the range of message IDs it uses.
155 155 */
156 156 for (;;) {
157 157 if (smb2_decode_header(sr) != 0)
158 158 goto drop;
159 159
160 160 /*
161 161 * Cancel requests are special: They refer to
162 162 * an earlier message ID (or an async. ID),
163 163 * never a new ID, and are never compounded.
164 164 * This is intentionally not "goto drop"
165 165 * because rc may be zero (success).
166 166 */
167 167 if (sr->smb2_cmd_code == SMB2_CANCEL) {
168 168 rc = smb2_newrq_cancel(sr);
169 169 smb_request_free(sr);
170 170 return (rc);
171 171 }
172 172
173 173 /*
174 174 * Keep track of the total credits in this compound
175 175 * and the first (real) message ID (not: 0, -1)
176 176 * While we're looking, verify that all (real) IDs
177 177 * are (first <= ID < (first + msg_credits))
178 178 */
179 179 if (sr->smb2_credit_charge == 0)
180 180 sr->smb2_credit_charge = 1;
181 181 sr->smb2_total_credits += sr->smb2_credit_charge;
182 182
183 183 if (sr->smb2_messageid != 0 &&
184 184 sr->smb2_messageid != UINT64_MAX) {
185 185
186 186 if (sr->smb2_first_msgid == 0)
187 187 sr->smb2_first_msgid = sr->smb2_messageid;
188 188
189 189 if (sr->smb2_messageid < sr->smb2_first_msgid ||
190 190 sr->smb2_messageid >= (sr->smb2_first_msgid +
191 191 sr->smb2_total_credits)) {
192 192 long long id = (long long) sr->smb2_messageid;
193 193 cmn_err(CE_WARN, "clnt %s msg ID 0x%llx "
194 194 "out of sequence in compound",
195 195 sr->session->ip_addr_str, id);
196 196 }
197 197 }
198 198
199 199 /* Normal loop exit on next == zero */
200 200 if (sr->smb2_next_command == 0)
201 201 break;
202 202
203 203 /* Abundance of caution... */
204 204 if (sr->smb2_next_command < SMB2_HDR_SIZE)
205 205 goto drop;
206 206
207 207 /* Advance to the next header. */
208 208 skip = sr->smb2_next_command - SMB2_HDR_SIZE;
209 209 if (MBC_ROOM_FOR(mbc, skip) == 0)
210 210 goto drop;
211 211 mbc->chain_offset += skip;
212 212 }
213 213 /* Rewind back to the top. */
214 214 mbc->chain_offset = 0;
215 215
216 216 /*
217 217 * Submit the request to the task queue, which calls
218 218 * smb2_tq_work when the workload permits.
219 219 */
220 220 sr->sr_time_submitted = gethrtime();
221 221 sr->sr_state = SMB_REQ_STATE_SUBMITTED;
222 222 smb_srqueue_waitq_enter(sr->session->s_srqueue);
223 223 (void) taskq_dispatch(sr->sr_server->sv_worker_pool,
224 224 smb2_tq_work, sr, TQ_SLEEP);
225 225 return (0);
226 226
227 227 drop:
228 228 smb_request_free(sr);
229 229 return (-1);
230 230 }
231 231
232 232 static void
233 233 smb2_tq_work(void *arg)
234 234 {
235 235 smb_request_t *sr;
236 236 smb_srqueue_t *srq;
237 237
238 238 sr = (smb_request_t *)arg;
239 239 SMB_REQ_VALID(sr);
240 240
241 241 srq = sr->session->s_srqueue;
242 242 smb_srqueue_waitq_to_runq(srq);
243 243 sr->sr_worker = curthread;
244 244 sr->sr_time_active = gethrtime();
245 245
246 246 /*
247 247 * Always dispatch to the work function, because cancelled
248 248 * requests need an error reply (NT_STATUS_CANCELLED).
249 249 */
250 250 mutex_enter(&sr->sr_mutex);
251 251 if (sr->sr_state == SMB_REQ_STATE_SUBMITTED)
252 252 sr->sr_state = SMB_REQ_STATE_ACTIVE;
253 253 mutex_exit(&sr->sr_mutex);
254 254
255 255 smb2sr_work(sr);
256 256
257 257 smb_srqueue_runq_exit(srq);
258 258 }
259 259
260 260 static int
261 261 smb3_decrypt_msg(smb_request_t *sr)
262 262 {
263 263 int save_offset;
264 264
265 265 if (sr->session->dialect < SMB_VERS_3_0) {
266 266 cmn_err(CE_WARN, "encrypted message in SMB 2.x");
267 267 return (-1);
268 268 }
269 269
270 270 sr->encrypted = B_TRUE;
271 271 save_offset = sr->command.chain_offset;
272 272 if (smb3_decode_tform_header(sr) != 0) {
273 273 cmn_err(CE_WARN, "bad transform header");
274 274 return (-1);
275 275 }
276 276 sr->command.chain_offset = save_offset;
277 277
278 278 sr->tform_ssn = smb_session_lookup_ssnid(sr->session,
279 279 sr->smb3_tform_ssnid);
280 280 if (sr->tform_ssn == NULL) {
281 281 cmn_err(CE_WARN, "transform header: session not found");
282 282 return (-1);
283 283 }
284 284
285 285 if (smb3_decrypt_sr(sr) != 0) {
286 286 cmn_err(CE_WARN, "smb3 decryption failed");
287 287 return (-1);
288 288 }
289 289
290 290 return (0);
291 291 }
292 292
293 293 /*
294 294 * SMB2 credits determine how many simultaneous commands the
295 295 * client may issue, and bounds the range of message IDs those
296 296 * commands may use. With multi-credit support, commands may
297 297 * use ranges of message IDs, where the credits used by each
298 298 * command are proportional to their data transfer size.
299 299 *
300 300 * Every command may request an increase or decrease of
301 301 * the currently granted credits, based on the difference
302 302 * between the credit request and the credit charge.
303 303 * [MS-SMB2] 3.3.1.2 Algorithm for the Granting of Credits
304 304 *
305 305 * Most commands have credit_request=1, credit_charge=1,
306 306 * which keeps the credit grant unchanged.
307 307 *
308 308 * All we're really doing here (for now) is reducing the
309 309 * credit_response if the client requests a credit increase
310 310 * that would take their credit over the maximum, and
311 311 * limiting the decrease so they don't run out of credits.
312 312 *
313 313 * Later, this could do something dynamic based on load.
314 314 *
315 315 * One other non-obvious bit about credits: We keep the
316 316 * session s_max_credits low until the 1st authentication,
317 317 * at which point we'll set the normal maximum_credits.
318 318 * Some clients ask for more credits with session setup,
319 319 * and we need to handle that requested increase _after_
320 320 * the command-specific handler returns so it won't be
321 321 * restricted to the lower (pre-auth) limit.
322 322 */
323 323 static inline void
324 324 smb2_credit_decrease(smb_request_t *sr)
325 325 {
326 326 smb_session_t *session = sr->session;
327 327 uint16_t cur, d;
328 328
329 329 mutex_enter(&session->s_credits_mutex);
330 330 cur = session->s_cur_credits;
331 331
332 332 /* Handle credit decrease. */
333 333 d = sr->smb2_credit_charge - sr->smb2_credit_request;
334 334 cur -= d;
335 335 if (cur & 0x8000) {
336 336 /*
337 337 * underflow (bad credit charge or request)
338 338 * leave credits unchanged (response=charge)
339 339 */
340 340 cur = session->s_cur_credits;
341 341 sr->smb2_credit_response = sr->smb2_credit_charge;
342 342 DTRACE_PROBE1(smb2__credit__neg, smb_request_t *, sr);
343 343 }
344 344
345 345 /*
346 346 * The server MUST ensure that the number of credits
347 347 * held by the client is never reduced to zero.
348 348 * [MS-SMB2] 3.3.1.2
349 349 */
350 350 if (cur == 0) {
351 351 cur = 1;
352 352 sr->smb2_credit_response += 1;
353 353 DTRACE_PROBE1(smb2__credit__min, smb_request_t *, sr);
354 354 }
355 355
356 356 DTRACE_PROBE3(smb2__credit__decrease,
357 357 smb_request_t *, sr, int, (int)cur,
358 358 int, (int)session->s_cur_credits);
359 359
360 360 session->s_cur_credits = cur;
361 361 mutex_exit(&session->s_credits_mutex);
362 362 }
363 363
364 364 /*
365 365 * Second half of SMB2 credit handling (increases)
366 366 */
367 367 static inline void
368 368 smb2_credit_increase(smb_request_t *sr)
369 369 {
370 370 smb_session_t *session = sr->session;
371 371 uint16_t cur, d;
372 372
373 373 mutex_enter(&session->s_credits_mutex);
374 374 cur = session->s_cur_credits;
375 375
376 376 /* Handle credit increase. */
377 377 d = sr->smb2_credit_request - sr->smb2_credit_charge;
378 378 cur += d;
379 379
380 380 /*
381 381 * If new credits would be above max,
382 382 * reduce the credit grant.
383 383 */
384 384 if (cur > session->s_max_credits) {
385 385 d = cur - session->s_max_credits;
386 386 cur = session->s_max_credits;
387 387 sr->smb2_credit_response -= d;
388 388 DTRACE_PROBE1(smb2__credit__max, smb_request_t, sr);
389 389 }
390 390
391 391 DTRACE_PROBE3(smb2__credit__increase,
392 392 smb_request_t *, sr, int, (int)cur,
393 393 int, (int)session->s_cur_credits);
394 394
395 395 session->s_cur_credits = cur;
396 396 mutex_exit(&session->s_credits_mutex);
397 397 }
398 398
399 399 /*
400 400 * Record some statistics: latency, rx bytes, tx bytes
401 401 * per: server, session & kshare.
402 402 */
403 403 static inline void
404 404 smb2_record_stats(smb_request_t *sr, smb_disp_stats_t *sds, boolean_t tx_only)
405 405 {
406 406 hrtime_t dt;
407 407 int64_t rxb;
408 408 int64_t txb;
409 409
410 410 dt = gethrtime() - sr->sr_time_start;
411 411 rxb = (int64_t)(sr->command.chain_offset - sr->smb2_cmd_hdr);
412 412 txb = (int64_t)(sr->reply.chain_offset - sr->smb2_reply_hdr);
413 413
414 414 if (!tx_only) {
415 415 smb_server_inc_req(sr->sr_server);
416 416 smb_latency_add_sample(&sds->sdt_lat, dt);
417 417 atomic_add_64(&sds->sdt_rxb, rxb);
418 418 }
419 419 atomic_add_64(&sds->sdt_txb, txb);
420 420 }
421 421
422 422 /*
423 423 * smb2sr_work
424 424 *
425 425 * This function processes each SMB command in the current request
426 426 * (which may be a compound request) building a reply containing
427 427 * SMB reply messages, one-to-one with the SMB commands. Some SMB
428 428 * commands (change notify, blocking locks) may require both an
429 429 * "interim response" and a later "async response" at completion.
430 430 * In such cases, we'll encode the interim response in the reply
431 431 * compound we're building, and put the (now async) command on a
432 432 * list of commands that need further processing. After we've
433 433 * finished processing the commands in this compound and building
434 434 * the compound reply, we'll send the compound reply, and finally
435 435 * process the list of async commands.
436 436 *
437 437 * As we work our way through the compound request and reply,
438 438 * we need to keep track of the bounds of the current request
439 439 * and reply. For the request, this uses an MBC_SHADOW_CHAIN
440 440 * that begins at smb2_cmd_hdr. The reply is appended to the
441 441 * sr->reply chain starting at smb2_reply_hdr.
442 442 *
443 443 * This function must always free the smb request, or arrange
444 444 * for it to be completed and free'd later (if SDRC_SR_KEPT).
445 445 */
446 446 void
447 447 smb2sr_work(struct smb_request *sr)
448 448 {
449 449 const smb_disp_entry_t *sdd;
450 450 smb_disp_stats_t *sds;
451 451 smb_session_t *session;
452 452 uint32_t msg_len;
453 453 uint16_t cmd_idx;
454 454 int rc = 0;
455 455 boolean_t disconnect = B_FALSE;
456 456 boolean_t related;
457 457
458 458 session = sr->session;
459 459
460 460 ASSERT(sr->smb2_async == B_FALSE);
461 461 ASSERT(sr->tid_tree == 0);
462 462 ASSERT(sr->uid_user == 0);
463 463 ASSERT(sr->fid_ofile == 0);
464 464 sr->smb_fid = (uint16_t)-1;
465 465 sr->smb2_status = 0;
466 466
467 467 /* temporary until we identify a user */
468 468 sr->user_cr = zone_kcred();
469 469
470 470 cmd_start:
471 471 /*
472 472 * Note that we don't check sr_state here and abort the
473 473 * compound if cancelled (etc.) because some SMB2 command
474 474 * handlers need to do work even when cancelled.
475 475 *
476 476 * We treat some status codes as if "sticky", meaning
477 477 * once they're set after some command handler returns,
478 478 * all remaining commands get this status without even
479 479 * calling the command-specific handler.
480 480 */
481 481 if (sr->smb2_status != NT_STATUS_CANCELLED &&
482 482 sr->smb2_status != NT_STATUS_INSUFFICIENT_RESOURCES)
483 483 sr->smb2_status = 0;
484 484
485 485 /*
486 486 * Decode the request header
487 487 *
488 488 * Most problems with decoding will result in the error
489 489 * STATUS_INVALID_PARAMETER. If the decoding problem
490 490 * prevents continuing, we'll close the connection.
491 491 * [MS-SMB2] 3.3.5.2.6 Handling Incorrectly Formatted...
492 492 */
493 493 sr->smb2_cmd_hdr = sr->command.chain_offset;
494 494 if ((rc = smb2_decode_header(sr)) != 0) {
495 495 cmn_err(CE_WARN, "clnt %s bad SMB2 header",
496 496 session->ip_addr_str);
497 497 disconnect = B_TRUE;
498 498 goto cleanup;
499 499 }
500 500
501 501 /*
502 502 * The SMB2_FLAGS_SERVER_TO_REDIR should only appear
503 503 * in messages from the server back to the client.
504 504 */
505 505 if ((sr->smb2_hdr_flags & SMB2_FLAGS_SERVER_TO_REDIR) != 0) {
506 506 cmn_err(CE_WARN, "clnt %s bad SMB2 flags",
507 507 session->ip_addr_str);
508 508 disconnect = B_TRUE;
509 509 goto cleanup;
510 510 }
511 511 related = (sr->smb2_hdr_flags & SMB2_FLAGS_RELATED_OPERATIONS);
512 512 sr->smb2_hdr_flags |= SMB2_FLAGS_SERVER_TO_REDIR;
513 513 if (sr->smb2_hdr_flags & SMB2_FLAGS_ASYNC_COMMAND) {
514 514 /* Probably an async cancel. */
515 515 DTRACE_PROBE1(smb2__dispatch__async, smb_request_t *, sr);
516 516 } else if (sr->smb2_async) {
517 517 /* Previous command in compound went async. */
518 518 sr->smb2_hdr_flags |= SMB2_FLAGS_ASYNC_COMMAND;
519 519 sr->smb2_async_id = SMB2_ASYNCID(sr);
520 520 }
521 521
522 522 /*
523 523 * In case we bail out with an error before we get to the
524 524 * section that computes the credit grant, initialize the
525 525 * response header fields so that credits won't change.
526 526 * Note: SMB 2.02 clients may send credit charge zero.
527 527 */
528 528 if (sr->smb2_credit_charge == 0)
529 529 sr->smb2_credit_charge = 1;
530 530 sr->smb2_credit_response = sr->smb2_credit_charge;
531 531
532 532 /*
533 533 * Write a tentative reply header.
534 534 *
535 535 * We could just leave this blank, but if we're using the
536 536 * mdb module feature that extracts packets, it's useful
537 537 * to have the header mostly correct here.
538 538 *
539 539 * If we have already exhausted the output space, then the
540 540 * client is trying something funny. Log it and kill 'em.
541 541 */
542 542 sr->smb2_next_reply = 0;
543 543 ASSERT((sr->reply.chain_offset & 7) == 0);
544 544 sr->smb2_reply_hdr = sr->reply.chain_offset;
545 545 if ((rc = smb2_encode_header(sr, B_FALSE)) != 0) {
546 546 cmn_err(CE_WARN, "clnt %s excessive reply",
547 547 session->ip_addr_str);
548 548 disconnect = B_TRUE;
549 549 goto cleanup;
550 550 }
551 551
552 552 /*
553 553 * Figure out the length of data following the SMB2 header.
554 554 * It ends at either the next SMB2 header if there is one
555 555 * (smb2_next_command != 0) or at the end of the message.
556 556 */
557 557 if (sr->smb2_next_command != 0) {
558 558 /* [MS-SMB2] says this is 8-byte aligned */
559 559 msg_len = sr->smb2_next_command;
560 560 if ((msg_len & 7) != 0 || (msg_len < SMB2_HDR_SIZE) ||
561 561 ((sr->smb2_cmd_hdr + msg_len) > sr->command.max_bytes)) {
562 562 cmn_err(CE_WARN, "clnt %s bad SMB2 next cmd",
563 563 session->ip_addr_str);
564 564 disconnect = B_TRUE;
565 565 goto cleanup;
566 566 }
567 567 } else {
568 568 msg_len = sr->command.max_bytes - sr->smb2_cmd_hdr;
569 569 }
570 570
571 571 /*
572 572 * Setup a shadow chain for this SMB2 command, starting
573 573 * with the header and ending at either the next command
574 574 * or the end of the message. The signing check below
575 575 * needs the entire SMB2 command. After that's done, we
576 576 * advance chain_offset to the end of the header where
577 577 * the command specific handlers continue decoding.
578 578 */
579 579 (void) MBC_SHADOW_CHAIN(&sr->smb_data, &sr->command,
580 580 sr->smb2_cmd_hdr, msg_len);
581 581
582 582 /*
583 583 * We will consume the data for this request from smb_data.
584 584 * That effectively consumes msg_len bytes from sr->command
585 585 * but doesn't update its chain_offset, so we need to update
586 586 * that here to make later received bytes accounting work.
587 587 */
588 588 sr->command.chain_offset = sr->smb2_cmd_hdr + msg_len;
589 589 ASSERT(sr->command.chain_offset <= sr->command.max_bytes);
590 590
591 591 /*
592 592 * Validate the commmand code, get dispatch table entries.
593 593 * [MS-SMB2] 3.3.5.2.6 Handling Incorrectly Formatted...
594 594 *
595 595 * The last slot in the dispatch table is used to handle
596 596 * invalid commands. Same for statistics.
597 597 */
598 598 if (sr->smb2_cmd_code < SMB2_INVALID_CMD)
599 599 cmd_idx = sr->smb2_cmd_code;
600 600 else
601 601 cmd_idx = SMB2_INVALID_CMD;
602 602 sdd = &smb2_disp_table[cmd_idx];
603 603 sds = &session->s_server->sv_disp_stats2[cmd_idx];
604 604
605 605 /*
606 606 * If this command is NOT "related" to the previous,
607 607 * clear out the UID, TID, FID state that might be
608 608 * left over from the previous command.
609 609 *
610 610 * If the command IS related, any new IDs are ignored,
611 611 * and we simply continue with the previous user, tree,
612 612 * and open file.
613 613 */
614 614 if (!related) {
615 615 /*
616 616 * Drop user, tree, file; carefully ordered to
617 617 * avoid dangling references: file, tree, user
618 618 */
619 619 if (sr->fid_ofile != NULL) {
620 620 smb_ofile_release(sr->fid_ofile);
621 621 sr->fid_ofile = NULL;
622 622 }
623 623 if (sr->tid_tree != NULL) {
624 624 smb_tree_release(sr->tid_tree);
625 625 sr->tid_tree = NULL;
626 626 }
627 627 if (sr->uid_user != NULL) {
628 628 smb_user_release(sr->uid_user);
629 629 sr->uid_user = NULL;
630 630 sr->user_cr = zone_kcred();
631 631 }
632 632 }
633 633
634 634 /*
635 635 * Make sure we have a user and tree as needed
636 636 * according to the flags for the this command.
637 637 * Note that we may have inherited these.
638 638 */
639 639 if ((sdd->sdt_flags & SDDF_SUPPRESS_UID) == 0) {
640 640 /*
641 641 * This command requires a user session.
642 642 */
643 643 if (related) {
644 644 /*
645 645 * Previous command should have given us a user.
646 646 * [MS-SMB2] 3.3.5.2 Handling Related Requests
647 647 */
648 648 if (sr->uid_user == NULL) {
649 649 smb2sr_put_error(sr,
650 650 NT_STATUS_INVALID_PARAMETER);
651 651 goto cmd_done;
652 652 }
653 653 sr->smb2_ssnid = sr->uid_user->u_ssnid;
654 654 } else {
655 655 /*
656 656 * Lookup the UID
657 657 * [MS-SMB2] 3.3.5.2 Verifying the Session
658 658 */
659 659 ASSERT(sr->uid_user == NULL);
660 660 /*
661 661 * [MS-SMB2] 3.3.5.2.7 Handling Compounded Requests
662 662 *
663 663 * If this is an encrypted compound request,
664 664 * ensure that the ssnid in the request
665 665 * is the same as the tform ssnid if this
666 666 * message is not related.
667 667 *
668 668 * The reasons this is done seem to apply equally
669 669 * to uncompounded requests, so we apply it to all.
670 670 */
671 671
672 672 if (sr->encrypted &&
673 673 sr->smb2_ssnid != sr->smb3_tform_ssnid) {
674 674 disconnect = B_TRUE;
675 675 goto cleanup; /* just do this for now */
676 676 }
677 677
678 678 sr->uid_user = smb_session_lookup_ssnid(session,
679 679 sr->smb2_ssnid);
680 680 if (sr->uid_user == NULL) {
681 681 smb2sr_put_error(sr,
682 682 NT_STATUS_USER_SESSION_DELETED);
683 683 goto cmd_done;
684 684 }
685 685
686 686 /*
687 687 * [MS-SMB2] 3.3.5.2.9 Verifying the Session
688 688 *
689 689 * If we're talking 3.x,
690 690 * RejectUnencryptedAccess is TRUE,
691 691 * Session.EncryptData is TRUE,
692 692 * and the message wasn't encrypted,
693 693 * return ACCESS_DENIED.
694 694 *
695 695 * Note that Session.EncryptData can only be TRUE when
696 696 * we're talking 3.x.
697 697 */
698 698
699 699 if (sr->uid_user->u_encrypt ==
700 700 SMB_CONFIG_REQUIRED &&
701 701 !sr->encrypted) {
702 702 smb2sr_put_error(sr,
703 703 NT_STATUS_ACCESS_DENIED);
704 704 goto cmd_done;
705 705 }
706 706
707 707 sr->user_cr = smb_user_getcred(sr->uid_user);
708 708 }
709 709 ASSERT(sr->uid_user != NULL);
710 710
711 711 /*
712 712 * Encrypt if:
713 713 * - The cmd is not SESSION_SETUP or NEGOTIATE; AND
714 714 * - Session.EncryptData is TRUE
715 715 *
716 716 * Those commands suppress UID, so they can't be the cmd here.
717 717 */
718 718 if (sr->uid_user->u_encrypt != SMB_CONFIG_DISABLED &&
719 719 sr->tform_ssn == NULL) {
720 720 smb_user_hold_internal(sr->uid_user);
721 721 sr->tform_ssn = sr->uid_user;
722 722 sr->smb3_tform_ssnid = sr->smb2_ssnid;
723 723 }
724 724 }
725 725
726 726 if ((sdd->sdt_flags & SDDF_SUPPRESS_TID) == 0) {
727 727 /*
728 728 * This command requires a tree connection.
729 729 */
730 730 if (related) {
731 731 /*
732 732 * Previous command should have given us a tree.
733 733 * [MS-SMB2] 3.3.5.2 Handling Related Requests
734 734 */
735 735 if (sr->tid_tree == NULL) {
736 736 smb2sr_put_error(sr,
737 737 NT_STATUS_INVALID_PARAMETER);
738 738 goto cmd_done;
739 739 }
740 740 sr->smb_tid = sr->tid_tree->t_tid;
741 741 } else {
742 742 /*
743 743 * Lookup the TID
744 744 * [MS-SMB2] 3.3.5.2 Verifying the Tree Connect
745 745 */
746 746 ASSERT(sr->tid_tree == NULL);
747 747 sr->tid_tree = smb_session_lookup_tree(session,
748 748 sr->smb_tid);
749 749 if (sr->tid_tree == NULL) {
750 750 smb2sr_put_error(sr,
751 751 NT_STATUS_NETWORK_NAME_DELETED);
752 752 goto cmd_done;
753 753 }
754 754
755 755 /*
756 756 * [MS-SMB2] 3.3.5.2.11 Verifying the Tree Connect
757 757 *
758 758 * If we support 3.x, RejectUnencryptedAccess is TRUE,
759 759 * if Tcon.EncryptData is TRUE or
760 760 * global EncryptData is TRUE and
761 761 * the message wasn't encrypted, or
762 762 * if Tcon.EncryptData is TRUE or
763 763 * global EncryptData is TRUE or
764 764 * the request was encrypted and
765 765 * the connection doesn't support encryption,
766 766 * return ACCESS_DENIED.
767 767 *
768 768 * If RejectUnencryptedAccess is TRUE, we force
769 769 * max_protocol to at least 3.0. Additionally,
770 770 * if the tree requires encryption, we don't care
771 771 * what we support, we still enforce encryption.
772 772 */
773 773 if (sr->tid_tree->t_encrypt == SMB_CONFIG_REQUIRED &&
774 774 (!sr->encrypted ||
775 775 (session->srv_cap & SMB2_CAP_ENCRYPTION) == 0)) {
776 776 smb2sr_put_error(sr,
777 777 NT_STATUS_ACCESS_DENIED);
778 778 goto cmd_done;
779 779 }
780 780 }
781 781 ASSERT(sr->tid_tree != NULL);
782 782
783 783 /*
784 784 * Encrypt if:
785 785 * - The cmd is not TREE_CONNECT; AND
786 786 * - Tree.EncryptData is TRUE
787 787 *
788 788 * TREE_CONNECT suppresses TID, so that can't be the cmd here.
789 789 * NOTE: assumes we can't have a tree without a user
790 790 */
791 791 if (sr->tid_tree->t_encrypt != SMB_CONFIG_DISABLED &&
792 792 sr->tform_ssn == NULL) {
793 793 smb_user_hold_internal(sr->uid_user);
794 794 sr->tform_ssn = sr->uid_user;
795 795 sr->smb3_tform_ssnid = sr->smb2_ssnid;
796 796 }
797 797 }
798 798
799 799 /*
800 800 * SMB2 signature verification, two parts:
801 801 * (a) Require SMB2_FLAGS_SIGNED (for most request types)
802 802 * (b) If SMB2_FLAGS_SIGNED is set, check the signature.
803 803 * [MS-SMB2] 3.3.5.2.4 Verifying the Signature
804 804 */
805 805
806 806 /*
807 807 * No user session means no signature check. That's OK,
808 808 * i.e. for commands marked SDDF_SUPPRESS_UID above.
809 809 * Note, this also means we won't sign the reply.
810 810 */
811 811 if (sr->uid_user == NULL)
812 812 sr->smb2_hdr_flags &= ~SMB2_FLAGS_SIGNED;
813 813
814 814 /*
815 815 * The SDDF_SUPPRESS_UID dispatch is set for requests that
816 816 * don't need a UID (user). These also don't require a
817 817 * signature check here.
818 818 *
819 819 * [MS-SMB2] 3.3.5.2.4 Verifying the Signature
820 820 *
821 821 * If the packet was successfully decrypted, the message
822 822 * signature has already been verified, so we can skip this.
823 823 */
824 824 if ((sdd->sdt_flags & SDDF_SUPPRESS_UID) == 0 &&
825 825 !sr->encrypted && sr->uid_user != NULL &&
826 826 (sr->uid_user->u_sign_flags & SMB_SIGNING_ENABLED) != 0) {
827 827 /*
828 828 * If the request is signed, check the signature.
829 829 * Otherwise, if signing is required, deny access.
830 830 */
831 831 if ((sr->smb2_hdr_flags & SMB2_FLAGS_SIGNED) != 0) {
832 832 rc = smb2_sign_check_request(sr);
833 833 if (rc != 0) {
834 834 DTRACE_PROBE1(smb2__sign__check,
835 835 smb_request_t *, sr);
836 836 smb2sr_put_error(sr, NT_STATUS_ACCESS_DENIED);
837 837 goto cmd_done;
838 838 }
839 839 } else if (
840 840 (sr->uid_user->u_sign_flags & SMB_SIGNING_CHECK) != 0) {
841 841 smb2sr_put_error(sr, NT_STATUS_ACCESS_DENIED);
842 842 goto cmd_done;
843 843 }
844 844 }
845 845
846 846 /*
847 847 * Now that the signing check is done with smb_data,
848 848 * advance past the SMB2 header we decoded earlier.
849 849 * This leaves sr->smb_data correctly positioned
850 850 * for command-specific decoding in the dispatch
851 851 * function called next.
852 852 */
853 853 sr->smb_data.chain_offset = sr->smb2_cmd_hdr + SMB2_HDR_SIZE;
854 854
855 855 /*
856 856 * Credit adjustments (decrease)
857 857 *
858 858 * If we've gone async, credit adjustments were done
859 859 * when we sent the interim reply.
860 860 */
861 861 if (!sr->smb2_async) {
862 862 sr->smb2_credit_response = sr->smb2_credit_request;
863 863 if (sr->smb2_credit_request < sr->smb2_credit_charge) {
864 864 smb2_credit_decrease(sr);
865 865 }
866 866 }
867 867
868 868 /*
869 869 * The real work: call the SMB2 command handler
870 870 * (except for "sticky" smb2_status - see above)
871 871 */
872 872 sr->sr_time_start = gethrtime();
873 873 rc = SDRC_SUCCESS;
874 874 if (sr->smb2_status == 0) {
875 875 /* NB: not using pre_op */
876 876 rc = (*sdd->sdt_function)(sr);
877 877 /* NB: not using post_op */
878 878 } else {
879 879 smb2sr_put_error(sr, sr->smb2_status);
880 880 }
881 881
882 882 /*
883 883 * When the sdt_function returns SDRC_SR_KEPT, it means
884 884 * this SR may have been passed to another thread so we
885 885 * MUST NOT touch it anymore.
886 886 */
887 887 if (rc == SDRC_SR_KEPT)
888 888 return;
889 889
890 890 MBC_FLUSH(&sr->raw_data);
891 891
892 892 /*
893 893 * Credit adjustments (increase)
894 894 */
895 895 if (!sr->smb2_async) {
896 896 if (sr->smb2_credit_request > sr->smb2_credit_charge) {
897 897 smb2_credit_increase(sr);
898 898 }
899 899 }
900 900
901 901 cmd_done:
902 902 switch (rc) {
903 903 case SDRC_SUCCESS:
904 904 break;
905 905 default:
906 906 /*
907 907 * SMB2 does not use the other dispatch return codes.
908 908 * If we see something else, log an event so we'll
909 909 * know something is returning bogus status codes.
910 910 * If you see these in the log, use dtrace to find
911 911 * the code returning something else.
912 912 */
913 913 #ifdef DEBUG
914 914 cmn_err(CE_NOTE, "handler for %u returned 0x%x",
915 915 sr->smb2_cmd_code, rc);
916 916 #endif
917 917 smb2sr_put_error(sr, NT_STATUS_INTERNAL_ERROR);
918 918 break;
919 919 case SDRC_ERROR:
920 920 /*
921 921 * Many command handlers return SDRC_ERROR for any
922 922 * problems decoding the request, and don't bother
923 923 * setting smb2_status. For those cases, the best
924 924 * status return would be "invalid parameter".
925 925 */
926 926 if (sr->smb2_status == 0)
927 927 sr->smb2_status = NT_STATUS_INVALID_PARAMETER;
928 928 smb2sr_put_error(sr, sr->smb2_status);
929 929 break;
930 930 case SDRC_DROP_VC:
931 931 disconnect = B_TRUE;
932 932 goto cleanup;
933 933
934 934 case SDRC_NO_REPLY:
935 935 /* will free sr */
936 936 goto cleanup;
937 937 }
938 938
939 939 /*
940 940 * Pad the reply to align(8) if there will be another.
941 941 * (We don't compound async replies.)
942 942 */
943 943 if (!sr->smb2_async && sr->smb2_next_command != 0)
944 944 (void) smb_mbc_put_align(&sr->reply, 8);
945 945
946 946 /*
947 947 * Record some statistics. Uses:
948 948 * rxb = command.chain_offset - smb2_cmd_hdr;
949 949 * txb = reply.chain_offset - smb2_reply_hdr;
950 950 * which at this point represent the current cmd/reply.
951 951 *
952 952 * Note: If async, this does txb only, and
953 953 * skips the smb_latency_add_sample() calls.
954 954 */
955 955 smb2_record_stats(sr, sds, sr->smb2_async);
956 956
957 957 /*
958 958 * If there's a next command, figure out where it starts,
959 959 * and fill in the next header offset for the reply.
960 960 * Note: We sanity checked smb2_next_command above.
961 961 */
962 962 if (sr->smb2_next_command != 0) {
963 963 sr->command.chain_offset =
964 964 sr->smb2_cmd_hdr + sr->smb2_next_command;
965 965 sr->smb2_next_reply =
|
↓ open down ↓ |
941 lines elided |
↑ open up ↑ |
966 966 sr->reply.chain_offset - sr->smb2_reply_hdr;
967 967 } else {
968 968 ASSERT(sr->smb2_next_reply == 0);
969 969 }
970 970
971 971 /*
972 972 * Overwrite the (now final) SMB2 header for this response.
973 973 */
974 974 (void) smb2_encode_header(sr, B_TRUE);
975 975
976 + /*
977 + * Cannot move this into smb2_session_setup() - encoded header required.
978 + */
979 + if (session->dialect >= SMB_VERS_3_11 &&
980 + sr->smb2_cmd_code == SMB2_SESSION_SETUP &&
981 + sr->smb2_status == NT_STATUS_MORE_PROCESSING_REQUIRED) {
982 + (void) smb31_preauth_sha512_calc(sr, &sr->reply,
983 + session->smb31_preauth_hashval);
984 + }
985 +
976 986 /* Don't sign if we're going to encrypt */
977 987 if (sr->tform_ssn == NULL &&
978 988 (sr->smb2_hdr_flags & SMB2_FLAGS_SIGNED) != 0)
979 989 smb2_sign_reply(sr);
980 990
981 991 /*
982 992 * Non-async runs the whole compound before send.
983 993 * When we've gone async, send each individually.
984 994 */
985 995 if (!sr->smb2_async && sr->smb2_next_command != 0)
986 996 goto cmd_start;
987 997
988 998 /*
989 999 * If we have a durable handle, and this operation updated
990 1000 * the nvlist, write it out (before smb2_send_reply).
991 1001 */
992 1002 if (sr->dh_nvl_dirty) {
993 1003 sr->dh_nvl_dirty = B_FALSE;
994 1004 smb2_dh_update_nvfile(sr);
995 1005 }
996 1006
997 1007 smb2_send_reply(sr);
998 1008 if (sr->smb2_async && sr->smb2_next_command != 0) {
999 1009 MBC_FLUSH(&sr->reply); /* New reply buffer. */
1000 1010 ASSERT(sr->reply.max_bytes == sr->session->reply_max_bytes);
1001 1011 goto cmd_start;
1002 1012 }
1003 1013
1004 1014 cleanup:
1005 1015 if (disconnect)
1006 1016 smb_session_disconnect(session);
1007 1017
1008 1018 /*
1009 1019 * Do "postwork" for oplock (and maybe other things)
1010 1020 */
1011 1021 if (sr->sr_postwork != NULL)
1012 1022 smb2sr_run_postwork(sr);
1013 1023
1014 1024 mutex_enter(&sr->sr_mutex);
1015 1025 sr->sr_state = SMB_REQ_STATE_COMPLETED;
1016 1026 mutex_exit(&sr->sr_mutex);
1017 1027
1018 1028 smb_request_free(sr);
1019 1029 }
1020 1030
1021 1031 /*
1022 1032 * Build interim responses for the current and all following
1023 1033 * requests in this compound, then send the compound response,
1024 1034 * leaving the SR state so that smb2sr_work() can continue its
1025 1035 * processing of this compound in "async mode".
1026 1036 *
1027 1037 * If we agree to "go async", this should return STATUS_SUCCESS.
1028 1038 * Otherwise return STATUS_INSUFFICIENT_RESOURCES for this and
1029 1039 * all requests following this request. (See the comments re.
1030 1040 * "sticky" smb2_status values in smb2sr_work).
1031 1041 *
1032 1042 * Note: the Async ID we assign here is arbitrary, and need only
1033 1043 * be unique among pending async responses on this connection, so
1034 1044 * this just uses a modified messageID, which is already unique.
1035 1045 *
1036 1046 * Credits: All credit changes should happen via the interim
1037 1047 * responses, so we have to manage credits here. After this
1038 1048 * returns to smb2sr_work, the final replies for all these
1039 1049 * commands will have smb2_credit_response = smb2_credit_charge
1040 1050 * (meaning no further changes to the clients' credits).
1041 1051 */
1042 1052 uint32_t
1043 1053 smb2sr_go_async(smb_request_t *sr)
1044 1054 {
1045 1055 smb_session_t *session;
1046 1056 smb_disp_stats_t *sds;
1047 1057 uint16_t cmd_idx;
1048 1058 int32_t saved_com_offset;
1049 1059 uint32_t saved_cmd_hdr;
1050 1060 uint16_t saved_cred_resp;
1051 1061 uint32_t saved_hdr_flags;
1052 1062 uint32_t saved_reply_hdr;
1053 1063 uint32_t msg_len;
1054 1064 boolean_t disconnect = B_FALSE;
1055 1065
1056 1066 if (sr->smb2_async) {
1057 1067 /* already went async in some previous cmd. */
1058 1068 return (NT_STATUS_SUCCESS);
1059 1069 }
1060 1070 sr->smb2_async = B_TRUE;
1061 1071
1062 1072 /* The "server" session always runs async. */
1063 1073 session = sr->session;
1064 1074 if (session->sock == NULL)
1065 1075 return (NT_STATUS_SUCCESS);
1066 1076
1067 1077 sds = NULL;
1068 1078 saved_com_offset = sr->command.chain_offset;
1069 1079 saved_cmd_hdr = sr->smb2_cmd_hdr;
1070 1080 saved_cred_resp = sr->smb2_credit_response;
1071 1081 saved_hdr_flags = sr->smb2_hdr_flags;
1072 1082 saved_reply_hdr = sr->smb2_reply_hdr;
1073 1083
1074 1084 /*
1075 1085 * The command-specific handler should not yet have put any
1076 1086 * data in the reply except for the (place holder) header.
1077 1087 */
1078 1088 if (sr->reply.chain_offset != sr->smb2_reply_hdr + SMB2_HDR_SIZE) {
1079 1089 ASSERT3U(sr->reply.chain_offset, ==,
1080 1090 sr->smb2_reply_hdr + SMB2_HDR_SIZE);
1081 1091 return (NT_STATUS_INTERNAL_ERROR);
1082 1092 }
1083 1093
1084 1094 /*
1085 1095 * Rewind to the start of the current header in both the
1086 1096 * command and reply bufers, so the loop below can just
1087 1097 * decode/encode just in every pass. This means the
1088 1098 * current command header is decoded again, but that
1089 1099 * avoids having to special-case the first loop pass.
1090 1100 */
1091 1101 sr->command.chain_offset = sr->smb2_cmd_hdr;
1092 1102 sr->reply.chain_offset = sr->smb2_reply_hdr;
1093 1103
1094 1104 /*
1095 1105 * This command processing loop is a simplified version of
1096 1106 * smb2sr_work() that just puts an "interim response" for
1097 1107 * every command in the compound (NT_STATUS_PENDING).
1098 1108 */
1099 1109 cmd_start:
1100 1110 sr->smb2_status = NT_STATUS_PENDING;
1101 1111
|
↓ open down ↓ |
116 lines elided |
↑ open up ↑ |
1102 1112 /*
1103 1113 * Decode the request header
1104 1114 */
1105 1115 sr->smb2_cmd_hdr = sr->command.chain_offset;
1106 1116 if ((smb2_decode_header(sr)) != 0) {
1107 1117 cmn_err(CE_WARN, "clnt %s bad SMB2 header",
1108 1118 session->ip_addr_str);
1109 1119 disconnect = B_TRUE;
1110 1120 goto cleanup;
1111 1121 }
1112 - sr->smb2_hdr_flags |= (SMB2_FLAGS_SERVER_TO_REDIR |
1113 - SMB2_FLAGS_ASYNC_COMMAND);
1122 + sr->smb2_hdr_flags |= (SMB2_FLAGS_SERVER_TO_REDIR |
1123 + SMB2_FLAGS_ASYNC_COMMAND);
1114 1124 sr->smb2_async_id = SMB2_ASYNCID(sr);
1115 1125
1116 1126 /*
1117 1127 * In case we bail out...
1118 1128 */
1119 1129 if (sr->smb2_credit_charge == 0)
1120 1130 sr->smb2_credit_charge = 1;
1121 1131 sr->smb2_credit_response = sr->smb2_credit_charge;
1122 1132
1123 1133 /*
1124 1134 * Write a tentative reply header.
1125 1135 */
1126 1136 sr->smb2_next_reply = 0;
1127 1137 ASSERT((sr->reply.chain_offset & 7) == 0);
1128 1138 sr->smb2_reply_hdr = sr->reply.chain_offset;
1129 1139 if ((smb2_encode_header(sr, B_FALSE)) != 0) {
1130 1140 cmn_err(CE_WARN, "clnt %s excessive reply",
1131 1141 session->ip_addr_str);
1132 1142 disconnect = B_TRUE;
1133 1143 goto cleanup;
1134 1144 }
1135 1145
1136 1146 /*
1137 1147 * Figure out the length of data...
1138 1148 */
1139 1149 if (sr->smb2_next_command != 0) {
1140 1150 /* [MS-SMB2] says this is 8-byte aligned */
1141 1151 msg_len = sr->smb2_next_command;
1142 1152 if ((msg_len & 7) != 0 || (msg_len < SMB2_HDR_SIZE) ||
1143 1153 ((sr->smb2_cmd_hdr + msg_len) > sr->command.max_bytes)) {
1144 1154 cmn_err(CE_WARN, "clnt %s bad SMB2 next cmd",
1145 1155 session->ip_addr_str);
1146 1156 disconnect = B_TRUE;
1147 1157 goto cleanup;
1148 1158 }
1149 1159 } else {
1150 1160 msg_len = sr->command.max_bytes - sr->smb2_cmd_hdr;
1151 1161 }
1152 1162
1153 1163 /*
1154 1164 * We just skip any data, so no shadow chain etc.
1155 1165 */
1156 1166 sr->command.chain_offset = sr->smb2_cmd_hdr + msg_len;
1157 1167 ASSERT(sr->command.chain_offset <= sr->command.max_bytes);
1158 1168
1159 1169 /*
1160 1170 * Validate the commmand code...
1161 1171 */
1162 1172 if (sr->smb2_cmd_code < SMB2_INVALID_CMD)
1163 1173 cmd_idx = sr->smb2_cmd_code;
1164 1174 else
1165 1175 cmd_idx = SMB2_INVALID_CMD;
1166 1176 sds = &session->s_server->sv_disp_stats2[cmd_idx];
1167 1177
1168 1178 /*
1169 1179 * Don't change (user, tree, file) because we want them
1170 1180 * exactly as they were when we entered. That also means
1171 1181 * we may not have the right user in sr->uid_user for
1172 1182 * signature checks, so leave that until smb2sr_work
1173 1183 * runs these commands "for real". Therefore, here
1174 1184 * we behave as if: (sr->uid_user == NULL)
1175 1185 */
1176 1186 sr->smb2_hdr_flags &= ~SMB2_FLAGS_SIGNED;
1177 1187
1178 1188 /*
1179 1189 * Credit adjustments (decrease)
1180 1190 *
1181 1191 * NOTE: interim responses are not signed.
1182 1192 * Any attacker can modify the credit grant
1183 1193 * in the response. Because of this property,
1184 1194 * it is no worse to assume the credit charge and grant
1185 1195 * are sane without verifying the signature,
1186 1196 * and that saves us a whole lot of work.
1187 1197 * If the credits WERE modified, we'll find out
1188 1198 * when we verify the signature later,
1189 1199 * which nullifies any changes caused here.
1190 1200 *
1191 1201 * Skip this on the first command, because the
1192 1202 * credit decrease was done by the caller.
1193 1203 */
1194 1204 if (sr->smb2_cmd_hdr != saved_cmd_hdr) {
1195 1205 sr->smb2_credit_response = sr->smb2_credit_request;
1196 1206 if (sr->smb2_credit_request < sr->smb2_credit_charge) {
1197 1207 smb2_credit_decrease(sr);
1198 1208 }
1199 1209 }
1200 1210
1201 1211 /*
1202 1212 * The real work: ... (would be here)
1203 1213 */
1204 1214 smb2sr_put_error(sr, sr->smb2_status);
1205 1215
1206 1216 /*
1207 1217 * Credit adjustments (increase)
1208 1218 */
1209 1219 if (sr->smb2_credit_request > sr->smb2_credit_charge) {
1210 1220 smb2_credit_increase(sr);
1211 1221 }
1212 1222
1213 1223 /* cmd_done: label */
1214 1224
1215 1225 /*
1216 1226 * Pad the reply to align(8) if there will be another.
1217 1227 * This (interim) reply uses compounding.
1218 1228 */
1219 1229 if (sr->smb2_next_command != 0)
1220 1230 (void) smb_mbc_put_align(&sr->reply, 8);
1221 1231
1222 1232 /*
1223 1233 * Record some statistics. Uses:
1224 1234 * rxb = command.chain_offset - smb2_cmd_hdr;
1225 1235 * txb = reply.chain_offset - smb2_reply_hdr;
1226 1236 * which at this point represent the current cmd/reply.
1227 1237 *
1228 1238 * Note: We're doing smb_latency_add_sample() for all
1229 1239 * remaining commands NOW, which means we won't include
1230 1240 * the async part of their work in latency statistics.
1231 1241 * That's intentional, as the async part of a command
1232 1242 * would otherwise skew our latency statistics.
1233 1243 */
1234 1244 smb2_record_stats(sr, sds, B_FALSE);
1235 1245
1236 1246 /*
1237 1247 * If there's a next command, figure out where it starts,
1238 1248 * and fill in the next header offset for the reply.
1239 1249 * Note: We sanity checked smb2_next_command above.
1240 1250 */
1241 1251 if (sr->smb2_next_command != 0) {
1242 1252 sr->command.chain_offset =
1243 1253 sr->smb2_cmd_hdr + sr->smb2_next_command;
1244 1254 sr->smb2_next_reply =
1245 1255 sr->reply.chain_offset - sr->smb2_reply_hdr;
1246 1256 } else {
1247 1257 ASSERT(sr->smb2_next_reply == 0);
1248 1258 }
1249 1259
1250 1260 /*
1251 1261 * Overwrite the (now final) SMB2 header for this response.
1252 1262 */
1253 1263 (void) smb2_encode_header(sr, B_TRUE);
1254 1264
1255 1265 /*
1256 1266 * Process whole compound before sending.
1257 1267 */
1258 1268 if (sr->smb2_next_command != 0)
1259 1269 goto cmd_start;
1260 1270 smb2_send_reply(sr);
1261 1271
1262 1272 ASSERT(!disconnect);
1263 1273
1264 1274 cleanup:
1265 1275 /*
1266 1276 * Restore caller's command processing state.
1267 1277 */
1268 1278 sr->smb2_cmd_hdr = saved_cmd_hdr;
1269 1279 sr->command.chain_offset = saved_cmd_hdr;
1270 1280 (void) smb2_decode_header(sr);
1271 1281 sr->command.chain_offset = saved_com_offset;
1272 1282
1273 1283 sr->smb2_credit_response = saved_cred_resp;
1274 1284 sr->smb2_hdr_flags = saved_hdr_flags;
1275 1285 sr->smb2_status = NT_STATUS_SUCCESS;
1276 1286
1277 1287 /*
1278 1288 * In here, the "disconnect" flag just means we had an
1279 1289 * error decoding or encoding something. Rather than
1280 1290 * actually disconnect here, let's assume whatever
1281 1291 * problem we encountered will be seen by the caller
1282 1292 * as they continue processing the compound, and just
1283 1293 * restore everything and return an error.
1284 1294 */
1285 1295 if (disconnect) {
1286 1296 sr->smb2_async = B_FALSE;
1287 1297 sr->smb2_reply_hdr = saved_reply_hdr;
1288 1298 sr->reply.chain_offset = sr->smb2_reply_hdr;
1289 1299 (void) smb2_encode_header(sr, B_FALSE);
1290 1300 return (NT_STATUS_INVALID_PARAMETER);
1291 1301 }
1292 1302
1293 1303 /*
1294 1304 * The compound reply buffer we sent is now gone.
1295 1305 * Setup a new reply buffer for the caller.
1296 1306 */
1297 1307 sr->smb2_hdr_flags |= SMB2_FLAGS_ASYNC_COMMAND;
1298 1308 sr->smb2_async_id = SMB2_ASYNCID(sr);
1299 1309 sr->smb2_next_reply = 0;
1300 1310 MBC_FLUSH(&sr->reply);
1301 1311 ASSERT(sr->reply.max_bytes == sr->session->reply_max_bytes);
1302 1312 ASSERT(sr->reply.chain_offset == 0);
1303 1313 sr->smb2_reply_hdr = 0;
1304 1314 (void) smb2_encode_header(sr, B_FALSE);
1305 1315
1306 1316 return (NT_STATUS_SUCCESS);
1307 1317 }
1308 1318
1309 1319 int
1310 1320 smb3_decode_tform_header(smb_request_t *sr)
1311 1321 {
1312 1322 uint16_t flags;
1313 1323 int rc;
1314 1324 uint32_t protocolid;
1315 1325
1316 1326 rc = smb_mbc_decodef(
1317 1327 &sr->command, "l16c16cl..wq",
1318 1328 &protocolid, /* l */
1319 1329 sr->smb2_sig, /* 16c */
1320 1330 sr->nonce, /* 16c */
1321 1331 &sr->msgsize, /* l */
1322 1332 /* reserved .. */
1323 1333 &flags, /* w */
1324 1334 &sr->smb3_tform_ssnid); /* q */
1325 1335 if (rc)
1326 1336 return (rc);
1327 1337
1328 1338 ASSERT3U(protocolid, ==, SMB3_ENCRYPTED_MAGIC);
1329 1339
1330 1340 if (flags != 1) {
1331 1341 #ifdef DEBUG
1332 1342 cmn_err(CE_NOTE, "flags field not 1: %x", flags);
1333 1343 #endif
1334 1344 return (-1);
1335 1345 }
1336 1346
1337 1347 /*
1338 1348 * MsgSize is the amount of data the client tell us to decrypt.
1339 1349 * Make sure this value is not too big and not too small.
1340 1350 */
1341 1351 if (sr->msgsize < SMB2_HDR_SIZE ||
1342 1352 sr->msgsize > sr->session->cmd_max_bytes ||
1343 1353 sr->msgsize > sr->command.max_bytes - SMB3_TFORM_HDR_SIZE)
1344 1354 return (-1);
1345 1355
1346 1356 return (rc);
1347 1357 }
1348 1358
1349 1359 int
1350 1360 smb3_encode_tform_header(smb_request_t *sr, struct mbuf_chain *mbc)
1351 1361 {
1352 1362 int rc;
1353 1363
1354 1364 /* Signature and Nonce are added in smb3_encrypt_sr */
1355 1365 rc = smb_mbc_encodef(
1356 1366 mbc, "l32.lwwq",
1357 1367 SMB3_ENCRYPTED_MAGIC, /* l */
1358 1368 /* signature(16), nonce(16) 32. */
1359 1369 sr->msgsize, /* l */
1360 1370 0, /* reserved w */
1361 1371 1, /* flags w */
1362 1372 sr->smb3_tform_ssnid); /* q */
1363 1373
1364 1374 return (rc);
1365 1375 }
1366 1376
1367 1377 int
1368 1378 smb2_decode_header(smb_request_t *sr)
1369 1379 {
1370 1380 uint32_t pid, tid;
1371 1381 uint16_t hdr_len;
1372 1382 int rc;
1373 1383
1374 1384 rc = smb_mbc_decodef(
1375 1385 &sr->command, "Nwww..wwllqllq16c",
1376 1386 &hdr_len, /* w */
1377 1387 &sr->smb2_credit_charge, /* w */
1378 1388 &sr->smb2_chan_seq, /* w */
1379 1389 /* reserved .. */
1380 1390 &sr->smb2_cmd_code, /* w */
1381 1391 &sr->smb2_credit_request, /* w */
1382 1392 &sr->smb2_hdr_flags, /* l */
1383 1393 &sr->smb2_next_command, /* l */
1384 1394 &sr->smb2_messageid, /* q */
1385 1395 &pid, /* l */
1386 1396 &tid, /* l */
1387 1397 &sr->smb2_ssnid, /* q */
1388 1398 sr->smb2_sig); /* 16c */
1389 1399 if (rc)
1390 1400 return (rc);
1391 1401
1392 1402 if (hdr_len != SMB2_HDR_SIZE)
1393 1403 return (-1);
1394 1404
1395 1405 if (sr->smb2_hdr_flags & SMB2_FLAGS_ASYNC_COMMAND) {
1396 1406 sr->smb2_async_id = pid |
1397 1407 ((uint64_t)tid) << 32;
1398 1408 sr->smb_pid = 0;
1399 1409 sr->smb_tid = 0;
1400 1410 } else {
1401 1411 sr->smb2_async_id = 0;
1402 1412 sr->smb_pid = pid;
1403 1413 sr->smb_tid = (uint16_t)tid; /* XXX wide TIDs */
1404 1414 }
1405 1415
1406 1416 return (rc);
1407 1417 }
1408 1418
1409 1419 int
1410 1420 smb2_encode_header(smb_request_t *sr, boolean_t overwrite)
1411 1421 {
1412 1422 uint64_t pid_tid_aid; /* pid+tid, or async id */
1413 1423 int rc;
1414 1424
1415 1425 if (sr->smb2_hdr_flags & SMB2_FLAGS_ASYNC_COMMAND) {
1416 1426 pid_tid_aid = sr->smb2_async_id;
1417 1427 } else {
1418 1428 pid_tid_aid = sr->smb_pid |
1419 1429 ((uint64_t)sr->smb_tid) << 32;
1420 1430 }
1421 1431
1422 1432 if (overwrite) {
1423 1433 rc = smb_mbc_poke(&sr->reply,
1424 1434 sr->smb2_reply_hdr,
1425 1435 "Nwwlwwllqqq16c",
1426 1436 SMB2_HDR_SIZE, /* w */
1427 1437 sr->smb2_credit_charge, /* w */
1428 1438 sr->smb2_status, /* l */
1429 1439 sr->smb2_cmd_code, /* w */
1430 1440 sr->smb2_credit_response, /* w */
1431 1441 sr->smb2_hdr_flags, /* l */
1432 1442 sr->smb2_next_reply, /* l */
1433 1443 sr->smb2_messageid, /* q */
1434 1444 pid_tid_aid, /* q */
1435 1445 sr->smb2_ssnid, /* q */
1436 1446 sr->smb2_sig); /* 16c */
1437 1447 } else {
1438 1448 rc = smb_mbc_encodef(&sr->reply,
1439 1449 "Nwwlwwllqqq16c",
1440 1450 SMB2_HDR_SIZE, /* w */
1441 1451 sr->smb2_credit_charge, /* w */
1442 1452 sr->smb2_status, /* l */
1443 1453 sr->smb2_cmd_code, /* w */
1444 1454 sr->smb2_credit_response, /* w */
1445 1455 sr->smb2_hdr_flags, /* l */
1446 1456 sr->smb2_next_reply, /* l */
1447 1457 sr->smb2_messageid, /* q */
1448 1458 pid_tid_aid, /* q */
1449 1459 sr->smb2_ssnid, /* q */
1450 1460 sr->smb2_sig); /* 16c */
1451 1461 }
1452 1462
1453 1463 return (rc);
1454 1464 }
1455 1465
1456 1466 void
1457 1467 smb2_send_reply(smb_request_t *sr)
1458 1468 {
1459 1469 struct mbuf_chain enc_reply;
1460 1470 smb_session_t *session = sr->session;
1461 1471 void *tmpbuf;
1462 1472 size_t buflen;
1463 1473 struct mbuf_chain tmp;
1464 1474
1465 1475 /*
1466 1476 * [MS-SMB2] 3.3.4.1.4 Encrypting the Message
1467 1477 *
1468 1478 * When the connection supports encryption and the dialect
1469 1479 * is 3.x, encrypt if:
1470 1480 * - The request was encrypted OR
1471 1481 * - The cmd is not SESSION_SETUP or NEGOTIATE AND
1472 1482 * -- Session.EncryptData is TRUE OR
1473 1483 * -- The cmd is not TREE_CONNECT AND
1474 1484 * --- Tree.EncryptData is TRUE
1475 1485 *
1476 1486 * This boils down to sr->tform_ssn != NULL, and the rest
1477 1487 * is enforced when tform_ssn is set.
1478 1488 */
1479 1489
1480 1490 if ((session->capabilities & SMB2_CAP_ENCRYPTION) == 0 ||
1481 1491 sr->tform_ssn == NULL) {
1482 1492 if (smb_session_send(sr->session, 0, &sr->reply) == 0)
1483 1493 sr->reply.chain = 0;
1484 1494 return;
1485 1495 }
1486 1496
1487 1497 sr->msgsize = sr->reply.chain_offset;
1488 1498 (void) MBC_SHADOW_CHAIN(&tmp, &sr->reply,
1489 1499 0, sr->msgsize);
1490 1500
1491 1501 buflen = SMB3_TFORM_HDR_SIZE + sr->msgsize;
1492 1502
1493 1503 /* taken from smb_request_init_command_mbuf */
1494 1504 tmpbuf = kmem_alloc(buflen, KM_SLEEP);
1495 1505 MBC_ATTACH_BUF(&enc_reply, tmpbuf, buflen);
1496 1506 enc_reply.flags = 0;
1497 1507 enc_reply.shadow_of = NULL;
1498 1508
1499 1509 if (smb3_encode_tform_header(sr, &enc_reply) != 0) {
1500 1510 cmn_err(CE_WARN, "couldn't encode transform header");
1501 1511 goto errout;
1502 1512 }
1503 1513 if (smb3_encrypt_sr(sr, &tmp, &enc_reply) != 0) {
1504 1514 cmn_err(CE_WARN, "smb3 encryption failed");
1505 1515 goto errout;
1506 1516 }
1507 1517
1508 1518 if (smb_session_send(sr->session, 0, &enc_reply) == 0)
1509 1519 enc_reply.chain = 0;
1510 1520 return;
1511 1521
1512 1522 errout:
1513 1523 kmem_free(tmpbuf, buflen);
1514 1524 smb_session_disconnect(sr->session);
1515 1525 }
1516 1526
1517 1527 /*
1518 1528 * This wrapper function exists to help catch calls to smbsr_status()
1519 1529 * (which is SMB1-specific) in common code. See smbsr_status().
1520 1530 * If the log message below is seen, put a dtrace probe on this
1521 1531 * function with a stack() action to see who is calling the SMB1
1522 1532 * "put error" from common code, and fix it.
1523 1533 */
1524 1534 void
1525 1535 smbsr_status_smb2(smb_request_t *sr, DWORD status)
1526 1536 {
1527 1537 const char *name;
1528 1538
1529 1539 if (sr->smb2_cmd_code < SMB2__NCMDS)
1530 1540 name = smb2_disp_table[sr->smb2_cmd_code].sdt_name;
1531 1541 else
1532 1542 name = "<unknown>";
1533 1543 #ifdef DEBUG
1534 1544 cmn_err(CE_NOTE, "smbsr_status called for %s", name);
1535 1545 #endif
1536 1546
1537 1547 smb2sr_put_error_data(sr, status, NULL);
1538 1548 }
1539 1549
1540 1550 void
1541 1551 smb2sr_put_errno(struct smb_request *sr, int errnum)
1542 1552 {
1543 1553 uint32_t status = smb_errno2status(errnum);
1544 1554 smb2sr_put_error_data(sr, status, NULL);
1545 1555 }
1546 1556
1547 1557 void
1548 1558 smb2sr_put_error(smb_request_t *sr, uint32_t status)
1549 1559 {
1550 1560 smb2sr_put_error_data(sr, status, NULL);
1551 1561 }
1552 1562
1553 1563 /*
1554 1564 * Build an SMB2 error response. [MS-SMB2] 2.2.2
1555 1565 */
1556 1566 void
1557 1567 smb2sr_put_error_data(smb_request_t *sr, uint32_t status, mbuf_chain_t *mbc)
1558 1568 {
1559 1569 DWORD len;
1560 1570
1561 1571 /*
1562 1572 * The common dispatch code writes this when it
1563 1573 * updates the SMB2 header before sending.
1564 1574 */
1565 1575 sr->smb2_status = status;
1566 1576
1567 1577 /* Rewind to the end of the SMB header. */
1568 1578 sr->reply.chain_offset = sr->smb2_reply_hdr + SMB2_HDR_SIZE;
1569 1579
1570 1580 /*
1571 1581 * NB: Must provide at least one byte of error data,
1572 1582 * per [MS-SMB2] 2.2.2
1573 1583 */
1574 1584 if (mbc != NULL && (len = MBC_LENGTH(mbc)) != 0) {
1575 1585 (void) smb_mbc_encodef(
1576 1586 &sr->reply,
1577 1587 "wwlC",
1578 1588 9, /* StructSize */ /* w */
1579 1589 0, /* reserved */ /* w */
1580 1590 len, /* l */
1581 1591 mbc); /* C */
1582 1592 } else {
1583 1593 (void) smb_mbc_encodef(
1584 1594 &sr->reply,
1585 1595 "wwl.",
1586 1596 9, /* StructSize */ /* w */
1587 1597 0, /* reserved */ /* w */
1588 1598 0); /* l. */
1589 1599 }
1590 1600 }
1591 1601
1592 1602 /*
1593 1603 * smb2sr_lookup_fid
1594 1604 *
1595 1605 * Setup sr->fid_ofile, either inherited from a related command,
1596 1606 * or obtained via FID lookup. Similar inheritance logic as in
1597 1607 * smb2sr_work.
1598 1608 */
1599 1609 uint32_t
1600 1610 smb2sr_lookup_fid(smb_request_t *sr, smb2fid_t *fid)
1601 1611 {
1602 1612 boolean_t related = sr->smb2_hdr_flags &
1603 1613 SMB2_FLAGS_RELATED_OPERATIONS;
1604 1614
1605 1615 if (related) {
1606 1616 if (sr->fid_ofile == NULL)
1607 1617 return (NT_STATUS_INVALID_PARAMETER);
1608 1618 sr->smb_fid = sr->fid_ofile->f_fid;
1609 1619 return (0);
1610 1620 }
1611 1621
1612 1622 /*
1613 1623 * If we could be sure this is called only once per cmd,
1614 1624 * we could simply ASSERT(sr->fid_ofile == NULL) here.
1615 1625 * However, there are cases where it can be called again
1616 1626 * handling the same command, so let's tolerate that.
1617 1627 */
1618 1628 if (sr->fid_ofile == NULL) {
1619 1629 sr->smb_fid = (uint16_t)fid->temporal;
1620 1630 sr->fid_ofile = smb_ofile_lookup_by_fid(sr, sr->smb_fid);
1621 1631 }
1622 1632 if (sr->fid_ofile == NULL ||
1623 1633 sr->fid_ofile->f_persistid != fid->persistent)
1624 1634 return (NT_STATUS_FILE_CLOSED);
1625 1635
1626 1636 return (0);
1627 1637 }
1628 1638
1629 1639 /*
1630 1640 * smb2_dispatch_stats_init
1631 1641 *
1632 1642 * Initializes dispatch statistics for SMB2.
1633 1643 * See also smb_dispatch_stats_init(), which fills in
1634 1644 * the lower part of the statistics array, from zero
1635 1645 * through SMB_COM_NUM;
1636 1646 */
1637 1647 void
1638 1648 smb2_dispatch_stats_init(smb_server_t *sv)
1639 1649 {
1640 1650 smb_disp_stats_t *sds = sv->sv_disp_stats2;
1641 1651 smb_kstat_req_t *ksr;
1642 1652 int i;
1643 1653
1644 1654 ksr = ((smbsrv_kstats_t *)sv->sv_ksp->ks_data)->ks_reqs2;
1645 1655
1646 1656 for (i = 0; i < SMB2__NCMDS; i++, ksr++) {
1647 1657 smb_latency_init(&sds[i].sdt_lat);
1648 1658 (void) strlcpy(ksr->kr_name, smb2_disp_table[i].sdt_name,
1649 1659 sizeof (ksr->kr_name));
1650 1660 }
1651 1661 }
1652 1662
1653 1663 /*
1654 1664 * smb2_dispatch_stats_fini
1655 1665 *
1656 1666 * Frees and destroyes the resources used for statistics.
1657 1667 */
1658 1668 void
1659 1669 smb2_dispatch_stats_fini(smb_server_t *sv)
1660 1670 {
1661 1671 smb_disp_stats_t *sds = sv->sv_disp_stats2;
1662 1672 int i;
1663 1673
1664 1674 for (i = 0; i < SMB2__NCMDS; i++)
1665 1675 smb_latency_destroy(&sds[i].sdt_lat);
1666 1676 }
1667 1677
1668 1678 void
1669 1679 smb2_dispatch_stats_update(smb_server_t *sv,
1670 1680 smb_kstat_req_t *ksr, int first, int nreq)
1671 1681 {
1672 1682 smb_disp_stats_t *sds = sv->sv_disp_stats2;
1673 1683 int i;
1674 1684 int last;
1675 1685
1676 1686 last = first + nreq - 1;
1677 1687
1678 1688 if ((first < SMB2__NCMDS) && (last < SMB2__NCMDS)) {
1679 1689 for (i = first; i <= last; i++, ksr++) {
1680 1690 ksr->kr_rxb = sds[i].sdt_rxb;
1681 1691 ksr->kr_txb = sds[i].sdt_txb;
1682 1692 mutex_enter(&sds[i].sdt_lat.ly_mutex);
1683 1693 ksr->kr_nreq = sds[i].sdt_lat.ly_a_nreq;
1684 1694 ksr->kr_sum = sds[i].sdt_lat.ly_a_sum;
1685 1695 ksr->kr_a_mean = sds[i].sdt_lat.ly_a_mean;
1686 1696 ksr->kr_a_stddev =
1687 1697 sds[i].sdt_lat.ly_a_stddev;
1688 1698 ksr->kr_d_mean = sds[i].sdt_lat.ly_d_mean;
1689 1699 ksr->kr_d_stddev =
1690 1700 sds[i].sdt_lat.ly_d_stddev;
1691 1701 sds[i].sdt_lat.ly_d_mean = 0;
1692 1702 sds[i].sdt_lat.ly_d_nreq = 0;
1693 1703 sds[i].sdt_lat.ly_d_stddev = 0;
1694 1704 sds[i].sdt_lat.ly_d_sum = 0;
1695 1705 mutex_exit(&sds[i].sdt_lat.ly_mutex);
1696 1706 }
1697 1707 }
1698 1708 }
1699 1709
1700 1710 /*
1701 1711 * Append new_sr to the postwork queue. sr->smb2_cmd_code encodes
1702 1712 * the action that should be run by this sr.
1703 1713 *
1704 1714 * This queue is rarely used (and normally empty) so we're OK
1705 1715 * using a simple "walk to tail and insert" here.
1706 1716 */
1707 1717 void
1708 1718 smb2sr_append_postwork(smb_request_t *top_sr, smb_request_t *new_sr)
1709 1719 {
1710 1720 smb_request_t *last_sr;
1711 1721
1712 1722 ASSERT(top_sr->session->dialect >= SMB_VERS_2_BASE);
1713 1723
1714 1724 last_sr = top_sr;
1715 1725 while (last_sr->sr_postwork != NULL)
1716 1726 last_sr = last_sr->sr_postwork;
1717 1727
1718 1728 last_sr->sr_postwork = new_sr;
1719 1729 }
1720 1730
1721 1731 /*
1722 1732 * Run any "post work" that was appended to the main SR while it
1723 1733 * was running. This is called after the request has been sent
1724 1734 * for the main SR, and used in cases i.e. the oplock code, where
1725 1735 * we need to send something to the client only _after_ the main
1726 1736 * sr request has gone out.
1727 1737 */
1728 1738 static void
1729 1739 smb2sr_run_postwork(smb_request_t *top_sr)
1730 1740 {
1731 1741 smb_request_t *post_sr; /* the one we're running */
1732 1742 smb_request_t *next_sr;
1733 1743
1734 1744 while ((post_sr = top_sr->sr_postwork) != NULL) {
1735 1745 next_sr = post_sr->sr_postwork;
1736 1746 top_sr->sr_postwork = next_sr;
1737 1747 post_sr->sr_postwork = NULL;
1738 1748
1739 1749 post_sr->sr_worker = top_sr->sr_worker;
1740 1750 post_sr->sr_state = SMB_REQ_STATE_ACTIVE;
1741 1751
1742 1752 switch (post_sr->smb2_cmd_code) {
1743 1753 case SMB2_OPLOCK_BREAK:
1744 1754 smb_oplock_send_brk(post_sr);
1745 1755 break;
1746 1756 default:
1747 1757 ASSERT(0);
1748 1758 }
1749 1759
1750 1760 /*
1751 1761 * If we have a durable handle, and this operation
1752 1762 * updated the nvlist, write it out.
1753 1763 */
1754 1764 if (post_sr->dh_nvl_dirty) {
1755 1765 post_sr->dh_nvl_dirty = B_FALSE;
1756 1766 smb2_dh_update_nvfile(post_sr);
1757 1767 }
1758 1768
1759 1769 post_sr->sr_state = SMB_REQ_STATE_COMPLETED;
1760 1770 smb_request_free(post_sr);
1761 1771 }
1762 1772 }
|
↓ open down ↓ |
639 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX