1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2019 Nexenta by DDN, Inc. All rights reserved.
24 */
25
26 /*
27 * Structures and type definitions for the SMB module.
28 */
29
30 #ifndef _SMBSRV_SMB_KTYPES_H
31 #define _SMBSRV_SMB_KTYPES_H
32
33 #ifdef __cplusplus
34 extern "C" {
35 #endif
36
37 #include <sys/note.h>
38 #include <sys/systm.h>
39 #include <sys/param.h>
40 #include <sys/types.h>
41 #include <sys/synch.h>
42 #include <sys/taskq.h>
43 #include <sys/socket.h>
44 #include <sys/acl.h>
45 #include <sys/sdt.h>
46 #include <sys/stat.h>
47 #include <sys/vnode.h>
48 #include <sys/cred.h>
49 #include <netinet/in.h>
50 #include <sys/ksocket.h>
51 #include <sys/fem.h>
52 #include <smbsrv/smb.h>
53 #include <smbsrv/smb2.h>
54 #include <smbsrv/smbinfo.h>
55 #include <smbsrv/mbuf.h>
56 #include <smbsrv/smb_sid.h>
57 #include <smbsrv/smb_xdr.h>
58 #include <smbsrv/netbios.h>
59 #include <smbsrv/smb_vops.h>
60 #include <smbsrv/smb_kstat.h>
61
62 struct __door_handle; /* <sys/door.h> */
63 struct edirent; /* <sys/extdirent.h> */
64 struct nvlist;
65
66 struct smb_disp_entry;
67 struct smb_request;
68 struct smb_server;
69 struct smb_event;
70 struct smb_export;
71
72 /*
73 * Accumulated time and queue length statistics.
74 *
75 * Accumulated time statistics are kept as a running sum of "active" time.
76 * Queue length statistics are kept as a running sum of the product of queue
77 * length and elapsed time at that length -- i.e., a Riemann sum for queue
78 * length integrated against time. (You can also think of the active time as a
79 * Riemann sum, for the boolean function (queue_length > 0) integrated against
80 * time, or you can think of it as the Lebesgue measure of the set on which
81 * queue_length > 0.)
82 *
83 * ^
84 * | _________
85 * 8 | i4 |
86 * | | |
87 * Queue 6 | |
88 * Length | _________ | |
89 * 4 | i2 |_______| |
90 * | | i3 |
91 * 2_______| |
92 * | i1 |
93 * |_______________________________|
94 * Time-> t1 t2 t3 t4
95 *
96 * At each change of state (entry or exit from the queue), we add the elapsed
97 * time (since the previous state change) to the active time if the queue length
98 * was non-zero during that interval; and we add the product of the elapsed time
99 * times the queue length to the running length*time sum.
100 *
101 * This method is generalizable to measuring residency in any defined system:
102 * instead of queue lengths, think of "outstanding RPC calls to server X".
103 *
104 * A large number of I/O subsystems have at least two basic "lists" of
105 * transactions they manage: one for transactions that have been accepted for
106 * processing but for which processing has yet to begin, and one for
107 * transactions which are actively being processed (but not done). For this
108 * reason, two cumulative time statistics are defined here: wait (pre-service)
109 * time, and run (service) time.
110 *
111 * All times are 64-bit nanoseconds (hrtime_t), as returned by gethrtime().
112 *
113 * The units of cumulative busy time are accumulated nanoseconds. The units of
114 * cumulative length*time products are elapsed time times queue length.
115 *
116 * Updates to the fields below are performed implicitly by calls to
117 * these functions:
118 *
119 * smb_srqueue_init()
120 * smb_srqueue_destroy()
121 * smb_srqueue_waitq_enter()
122 * smb_srqueue_runq_exit()
123 * smb_srqueue_waitq_to_runq()
124 * smb_srqueue_update()
125 *
126 * These fields should never be updated by any other means.
127 */
128 typedef struct smb_srqueue {
129 kmutex_t srq_mutex;
130 hrtime_t srq_wlastupdate;
131 hrtime_t srq_wtime;
132 hrtime_t srq_wlentime;
133 hrtime_t srq_rlastupdate;
134 hrtime_t srq_rtime;
135 hrtime_t srq_rlentime;
136 uint32_t srq_wcnt;
137 uint32_t srq_rcnt;
138 } smb_srqueue_t;
139
140 /*
141 * The fields with the prefix 'ly_a' contain the statistics collected since the
142 * server was last started ('a' for 'aggregated'). The fields with the prefix
143 * 'ly_d' contain the statistics collected since the last snapshot ('d' for
144 * 'delta').
145 */
146 typedef struct smb_latency {
147 kmutex_t ly_mutex;
148 uint64_t ly_a_nreq;
149 hrtime_t ly_a_sum;
150 hrtime_t ly_a_mean;
151 hrtime_t ly_a_stddev;
152 uint64_t ly_d_nreq;
153 hrtime_t ly_d_sum;
154 hrtime_t ly_d_mean;
155 hrtime_t ly_d_stddev;
156 } smb_latency_t;
157
158 typedef struct smb_disp_stats {
159 volatile uint64_t sdt_txb;
160 volatile uint64_t sdt_rxb;
161 smb_latency_t sdt_lat;
162 } smb_disp_stats_t;
163
164 int smb_noop(void *, size_t, int);
165
166 #define SMB_AUDIT_STACK_DEPTH 16
167 #define SMB_AUDIT_BUF_MAX_REC 16
168 #define SMB_AUDIT_NODE 0x00000001
169
170 /*
171 * Maximum number of records returned in SMBsearch, SMBfind
172 * and SMBfindunique response. Value set to 10 for compatibility
173 * with Windows.
174 */
175 #define SMB_MAX_SEARCH 10
176
177 #define SMB_SEARCH_ATTRIBUTES \
178 (FILE_ATTRIBUTE_HIDDEN | \
179 FILE_ATTRIBUTE_SYSTEM | \
180 FILE_ATTRIBUTE_DIRECTORY)
181
182 #define SMB_SEARCH_HIDDEN(sattr) ((sattr) & FILE_ATTRIBUTE_HIDDEN)
183 #define SMB_SEARCH_SYSTEM(sattr) ((sattr) & FILE_ATTRIBUTE_SYSTEM)
184 #define SMB_SEARCH_DIRECTORY(sattr) ((sattr) & FILE_ATTRIBUTE_DIRECTORY)
185 #define SMB_SEARCH_ALL(sattr) ((sattr) & SMB_SEARCH_ATTRIBUTES)
186
187 typedef struct {
188 uint32_t anr_refcnt;
189 int anr_depth;
190 pc_t anr_stack[SMB_AUDIT_STACK_DEPTH];
191 } smb_audit_record_node_t;
192
193 typedef struct {
194 int anb_index;
195 int anb_max_index;
196 smb_audit_record_node_t anb_records[SMB_AUDIT_BUF_MAX_REC];
197 } smb_audit_buf_node_t;
198
199 /*
200 * Thread State Machine
201 * --------------------
202 *
203 * T5 T0
204 * smb_thread_destroy() <-------+ +------- smb_thread_init()
205 * | |
206 * | v
207 * +-----------------------------+
208 * | SMB_THREAD_STATE_EXITED |<---+
209 * +-----------------------------+ |
210 * | T1 |
211 * v |
212 * +-----------------------------+ |
213 * | SMB_THREAD_STATE_STARTING | |
214 * +-----------------------------+ |
215 * | T2 | T4
216 * v |
217 * +-----------------------------+ |
218 * | SMB_THREAD_STATE_RUNNING | |
219 * +-----------------------------+ |
220 * | T3 |
221 * v |
222 * +-----------------------------+ |
223 * | SMB_THREAD_STATE_EXITING |----+
224 * +-----------------------------+
225 *
226 * Transition T0
227 *
228 * This transition is executed in smb_thread_init().
229 *
230 * Transition T1
231 *
232 * This transition is executed in smb_thread_start().
233 *
234 * Transition T2
235 *
236 * This transition is executed by the thread itself when it starts running.
237 *
238 * Transition T3
239 *
240 * This transition is executed by the thread itself in
241 * smb_thread_entry_point() just before calling thread_exit().
242 *
243 *
244 * Transition T4
245 *
246 * This transition is executed in smb_thread_stop().
247 *
248 * Transition T5
249 *
250 * This transition is executed in smb_thread_destroy().
251 */
252 typedef enum smb_thread_state {
253 SMB_THREAD_STATE_STARTING = 0,
254 SMB_THREAD_STATE_RUNNING,
255 SMB_THREAD_STATE_EXITING,
256 SMB_THREAD_STATE_EXITED,
257 SMB_THREAD_STATE_FAILED
258 } smb_thread_state_t;
259
260 struct _smb_thread;
261
262 typedef void (*smb_thread_ep_t)(struct _smb_thread *, void *ep_arg);
263
264 #define SMB_THREAD_MAGIC 0x534D4254 /* SMBT */
265
266 typedef struct _smb_thread {
267 uint32_t sth_magic;
268 char sth_name[32];
269 smb_thread_state_t sth_state;
270 kthread_t *sth_th;
271 kt_did_t sth_did;
272 smb_thread_ep_t sth_ep;
273 void *sth_ep_arg;
274 pri_t sth_pri;
275 boolean_t sth_kill;
276 kmutex_t sth_mtx;
277 kcondvar_t sth_cv;
278 } smb_thread_t;
279
280 /*
281 * Pool of IDs
282 * -----------
283 *
284 * A pool of IDs is a pool of 16 bit numbers. It is implemented as a bitmap.
285 * A bit set to '1' indicates that that particular value has been allocated.
286 * The allocation process is done shifting a bit through the whole bitmap.
287 * The current position of that index bit is kept in the smb_idpool_t
288 * structure and represented by a byte index (0 to buffer size minus 1) and
289 * a bit index (0 to 7).
290 *
291 * The pools start with a size of 8 bytes or 64 IDs. Each time the pool runs
292 * out of IDs its current size is doubled until it reaches its maximum size
293 * (8192 bytes or 65536 IDs). The IDs 0 and 65535 are never given out which
294 * means that a pool can have a maximum number of 65534 IDs available.
295 */
296 #define SMB_IDPOOL_MAGIC 0x4944504C /* IDPL */
297 #define SMB_IDPOOL_MIN_SIZE 64 /* Number of IDs to begin with */
298 #define SMB_IDPOOL_MAX_SIZE 64 * 1024
299
300 typedef struct smb_idpool {
301 uint32_t id_magic;
302 kmutex_t id_mutex;
303 uint8_t *id_pool;
304 uint32_t id_size;
305 uint32_t id_maxsize;
306 uint8_t id_bit;
307 uint8_t id_bit_idx;
308 uint32_t id_idx;
309 uint32_t id_idx_msk;
310 uint32_t id_free_counter;
311 uint32_t id_max_free_counter;
312 } smb_idpool_t;
313
314 /*
315 * Maximum size of a Transport Data Unit when CAP_LARGE_READX and
316 * CAP_LARGE_WRITEX are not set. CAP_LARGE_READX/CAP_LARGE_WRITEX
317 * allow the payload to exceed the negotiated buffer size.
318 * 4 --> NBT/TCP Transport Header.
319 * 32 --> SMB Header
320 * 1 --> Word Count byte
321 * 510 --> Maximum Number of bytes of the Word Table (2 * 255)
322 * 2 --> Byte count of the data
323 * 65535 --> Maximum size of the data
324 * -----
325 * 66084
326 */
327 #define SMB_REQ_MAX_SIZE 66560 /* 65KB */
328 #define SMB_XPRT_MAX_SIZE (SMB_REQ_MAX_SIZE + NETBIOS_HDR_SZ)
329
330 #define SMB_TXREQ_MAGIC 0X54524251 /* 'TREQ' */
331 typedef struct {
332 list_node_t tr_lnd;
333 uint32_t tr_magic;
334 int tr_len;
335 uint8_t tr_buf[SMB_XPRT_MAX_SIZE];
336 } smb_txreq_t;
337
338 #define SMB_TXLST_MAGIC 0X544C5354 /* 'TLST' */
339 typedef struct {
340 uint32_t tl_magic;
341 kmutex_t tl_mutex;
342 kcondvar_t tl_wait_cv;
343 boolean_t tl_active;
344 } smb_txlst_t;
345
346 /*
347 * Maximum buffer size for NT is 37KB. If all clients are Windows 2000, this
348 * can be changed to 64KB. 37KB must be used with a mix of NT/Windows 2000
349 * clients because NT loses directory entries when values greater than 37KB are
350 * used.
351 *
352 * Note: NBT_MAXBUF will be subtracted from the specified max buffer size to
353 * account for the NBT header.
354 */
355 #define NBT_MAXBUF 8
356 #define SMB_NT_MAXBUF (37 * 1024)
357
358 #define OUTBUFSIZE (65 * 1024)
359 #define SMBHEADERSIZE 32
360 #define SMBND_HASH_MASK (0xFF)
361 #define MAX_IOVEC 512
362 #define MAX_READREF (8 * 1024)
363
364 #define SMB_WORKER_MIN 4
365 #define SMB_WORKER_DEFAULT 64
366 #define SMB_WORKER_MAX 1024
367
368 /*
369 * Destructor object used in the locked-list delete queue.
370 */
371 #define SMB_DTOR_MAGIC 0x44544F52 /* DTOR */
372 #define SMB_DTOR_VALID(d) \
373 ASSERT(((d) != NULL) && ((d)->dt_magic == SMB_DTOR_MAGIC))
374
375 typedef void (*smb_dtorproc_t)(void *);
376
377 typedef struct smb_dtor {
378 list_node_t dt_lnd;
379 uint32_t dt_magic;
380 void *dt_object;
381 smb_dtorproc_t dt_proc;
382 } smb_dtor_t;
383
384 typedef struct smb_llist {
385 krwlock_t ll_lock;
386 list_t ll_list;
387 uint32_t ll_count;
388 uint64_t ll_wrop;
389 kmutex_t ll_mutex;
390 list_t ll_deleteq;
391 uint32_t ll_deleteq_count;
392 boolean_t ll_flushing;
393 } smb_llist_t;
394
395 typedef struct smb_bucket {
396 smb_llist_t b_list;
397 uint32_t b_max_seen;
398 } smb_bucket_t;
399
400 typedef struct smb_hash {
401 uint32_t rshift;
402 uint32_t num_buckets;
403 smb_bucket_t *buckets;
404 } smb_hash_t;
405
406 typedef struct smb_slist {
407 kmutex_t sl_mutex;
408 kcondvar_t sl_cv;
409 list_t sl_list;
410 uint32_t sl_count;
411 boolean_t sl_waiting;
412 } smb_slist_t;
413
414 /*
415 * smb_avl_t State Machine
416 * --------------------
417 *
418 * +-----------------------------+
419 * | SMB_AVL_STATE_START |
420 * +-----------------------------+
421 * | T0
422 * v
423 * +-----------------------------+
424 * | SMB_AVL_STATE_READY |
425 * +-----------------------------+
426 * | T1
427 * v
428 * +-----------------------------+
429 * | SMB_AVL_STATE_DESTROYING |
430 * +-----------------------------+
431 *
432 * Transition T0
433 *
434 * This transition is executed in smb_avl_create().
435 *
436 * Transition T1
437 *
438 * This transition is executed in smb_avl_destroy().
439 *
440 */
441 typedef enum {
442 SMB_AVL_STATE_START = 0,
443 SMB_AVL_STATE_READY,
444 SMB_AVL_STATE_DESTROYING
445 } smb_avl_state_t;
446
447 typedef struct smb_avl_nops {
448 int (*avln_cmp) (const void *, const void *);
449 void (*avln_hold)(const void *);
450 boolean_t (*avln_rele)(const void *);
451 void (*avln_destroy)(void *);
452 } smb_avl_nops_t;
453
454 typedef struct smb_avl_cursor {
455 void *avlc_next;
456 uint32_t avlc_sequence;
457 } smb_avl_cursor_t;
458
459 typedef struct smb_avl {
460 krwlock_t avl_lock;
461 avl_tree_t avl_tree;
462 kmutex_t avl_mutex;
463 kcondvar_t avl_cv;
464 smb_avl_state_t avl_state;
465 uint32_t avl_refcnt;
466 uint32_t avl_sequence;
467 const smb_avl_nops_t *avl_nops;
468 } smb_avl_t;
469
470 typedef struct {
471 kcondvar_t rwx_cv;
472 kmutex_t rwx_mutex;
473 krwlock_t rwx_lock;
474 boolean_t rwx_waiting;
475 } smb_rwx_t;
476
477 typedef struct smb_export {
478 kmutex_t e_mutex;
479 boolean_t e_ready;
480 smb_avl_t e_share_avl;
481 smb_slist_t e_unexport_list;
482 smb_thread_t e_unexport_thread;
483 } smb_export_t;
484
485 /*
486 * NOTIFY CHANGE, a.k.a. File Change Notification (FCN)
487 */
488
489 /*
490 * These FCN filter mask values are not from MS-FSCC, but
491 * must not overlap with any FILE_NOTIFY_VALID_MASK values.
492 */
493 #define FILE_NOTIFY_CHANGE_EV_SUBDIR 0x00010000
494 #define FILE_NOTIFY_CHANGE_EV_DELETE 0x00020000
495 #define FILE_NOTIFY_CHANGE_EV_CLOSED 0x00040000
496 #define FILE_NOTIFY_CHANGE_EV_OVERFLOW 0x00080000
497
498 /*
499 * Note: These FCN action values are not from MS-FSCC, but must
500 * follow in sequence from FILE_ACTION_MODIFIED_STREAM.
501 *
502 * FILE_ACTION_SUBDIR_CHANGED is used internally for
503 * "watch tree" support, posted to all parents of a
504 * directory that had one of the changes above.
505 *
506 * FILE_ACTION_DELETE_PENDING is used internally to tell
507 * notify change requests when the "delete-on-close" flag
508 * has been set on the directory being watched.
509 *
510 * FILE_ACTION_HANDLE_CLOSED is used to wakeup notify change
511 * requests when the watched directory handle is closed.
512 */
513 #define FILE_ACTION_SUBDIR_CHANGED 0x00000009
514 #define FILE_ACTION_DELETE_PENDING 0x0000000a
515 #define FILE_ACTION_HANDLE_CLOSED 0x0000000b
516
517 /*
518 * Sub-struct within smb_ofile_t
519 */
520 typedef struct smb_notify {
521 list_t nc_waiters; /* Waiting SRs */
522 mbuf_chain_t nc_buffer;
523 uint32_t nc_filter;
524 uint32_t nc_events;
525 int nc_last_off;
526 boolean_t nc_subscribed;
527 } smb_notify_t;
528
529 /*
530 * SMB operates over a NetBIOS-over-TCP transport (NBT) or directly
531 * over TCP, which is also known as direct hosted NetBIOS-less SMB
532 * or SMB-over-TCP.
533 *
534 * NBT messages have a 4-byte header that defines the message type
535 * (8-bits), a 7-bit flags field and a 17-bit length.
536 *
537 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
538 * | TYPE | FLAGS |E| LENGTH |
539 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
540 *
541 * 8-bit type Defined in RFC 1002
542 * 7-bit flags Bits 0-6 reserved (must be 0)
543 * Bit 7: Length extension bit (E)
544 * 17-bit length Includes bit 7 of the flags byte
545 *
546 *
547 * SMB-over-TCP is defined to use a modified version of the NBT header
548 * containing an 8-bit message type and 24-bit message length.
549 *
550 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
551 * | TYPE | LENGTH |
552 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
553 *
554 * 8-bit type Must be 0
555 * 24-bit length
556 *
557 * The following structure is used to represent a generic, in-memory
558 * SMB transport header; it is not intended to map directly to either
559 * of the over-the-wire formats.
560 */
561 typedef struct {
562 uint8_t xh_type;
563 uint32_t xh_length;
564 } smb_xprt_t;
565
566 int MBC_LENGTH(struct mbuf_chain *);
567 int MBC_MAXBYTES(struct mbuf_chain *);
568 void MBC_SETUP(struct mbuf_chain *, uint32_t);
569 void MBC_INIT(struct mbuf_chain *, uint32_t);
570 void MBC_FLUSH(struct mbuf_chain *);
571 void MBC_ATTACH_MBUF(struct mbuf_chain *, struct mbuf *);
572 void MBC_APPEND_MBUF(struct mbuf_chain *, struct mbuf *);
573 void MBC_ATTACH_BUF(struct mbuf_chain *MBC, unsigned char *BUF, int LEN);
574 int MBC_SHADOW_CHAIN(struct mbuf_chain *SUBMBC, struct mbuf_chain *MBC,
575 int OFF, int LEN);
576
577 #define MBC_ROOM_FOR(b, n) (((b)->chain_offset + (n)) <= (b)->max_bytes)
578
579 /*
580 * Per smb_node oplock state
581 */
582 typedef struct smb_oplock {
583 kmutex_t ol_mutex;
584 boolean_t ol_fem; /* fem monitor installed? */
585 struct smb_ofile *excl_open;
586 uint32_t ol_state;
587 int32_t cnt_II;
588 int32_t cnt_R;
589 int32_t cnt_RH;
590 int32_t cnt_RHBQ;
591 int32_t waiters;
592 kcondvar_t WaitingOpenCV;
593 } smb_oplock_t;
594
595 /*
596 * Per smb_ofile oplock state
597 */
598 typedef struct smb_oplock_grant {
599 /* smb protocol-level state */
600 uint32_t og_state; /* latest sent to client */
601 uint32_t og_breaking; /* BREAK_TO... flags */
602 uint16_t og_dialect; /* how to send breaks */
603 /* File-system level state */
604 uint8_t onlist_II;
605 uint8_t onlist_R;
606 uint8_t onlist_RH;
607 uint8_t onlist_RHBQ;
608 uint8_t BreakingToRead;
609 } smb_oplock_grant_t;
610
611 #define SMB_LEASE_KEY_SZ 16
612
613 typedef struct smb_lease {
614 list_node_t ls_lnd; /* sv_lease_ht */
615 kmutex_t ls_mutex;
616 smb_llist_t *ls_bucket;
617 struct smb_node *ls_node;
618 /*
619 * With a lease, just one ofile has the oplock.
620 * This (used only for comparison) identifies which.
621 */
622 void *ls_oplock_ofile;
623 uint32_t ls_refcnt;
624 uint32_t ls_state;
625 uint32_t ls_breaking; /* BREAK_TO... flags */
626 uint16_t ls_epoch;
627 uint16_t ls_version;
628 uint8_t ls_key[SMB_LEASE_KEY_SZ];
629 uint8_t ls_clnt[SMB_LEASE_KEY_SZ];
630 } smb_lease_t;
631
632 #define SMB_NODE_MAGIC 0x4E4F4445 /* 'NODE' */
633 #define SMB_NODE_VALID(p) ASSERT((p)->n_magic == SMB_NODE_MAGIC)
634
635 typedef enum {
636 SMB_NODE_STATE_AVAILABLE = 0,
637 SMB_NODE_STATE_DESTROYING
638 } smb_node_state_t;
639
640 /*
641 * waiting_event # of clients requesting FCN
642 * n_timestamps cached timestamps
643 * n_allocsz cached file allocation size
644 * n_dnode directory node
645 * n_unode unnamed stream node
646 * delete_on_close_cred credentials for delayed delete
647 */
648 typedef struct smb_node {
649 list_node_t n_lnd;
650 uint32_t n_magic;
651 krwlock_t n_lock;
652 kmutex_t n_mutex;
653 smb_node_state_t n_state;
654 uint32_t n_refcnt;
655 uint32_t n_hashkey;
656 smb_llist_t *n_hash_bucket;
657 uint32_t n_open_count;
658 uint32_t n_opening_count;
659 smb_llist_t n_ofile_list;
660 /* If entering both, go in order n_lock_list, n_wlock_list */
661 smb_llist_t n_lock_list; /* active locks */
662 smb_llist_t n_wlock_list; /* waiting locks */
663 volatile int flags;
664 u_offset_t n_allocsz;
665 uint32_t n_fcn_count;
666 smb_oplock_t n_oplock;
667 struct smb_node *n_dnode;
668 struct smb_node *n_unode;
669 cred_t *delete_on_close_cred;
670 uint32_t n_delete_on_close_flags;
671 char od_name[MAXNAMELEN];
672 vnode_t *vp;
673 smb_audit_buf_node_t *n_audit_buf;
674 } smb_node_t;
675
676 #define NODE_FLAGS_REPARSE 0x00001000
677 #define NODE_FLAGS_DFSLINK 0x00002000
678 #define NODE_FLAGS_VFSROOT 0x00004000
679 #define NODE_FLAGS_SYSTEM 0x00008000
680 #define NODE_FLAGS_WRITE_THROUGH 0x00100000
681 #define NODE_XATTR_DIR 0x01000000
682 #define NODE_FLAGS_DELETE_COMMITTED 0x20000000
683 #define NODE_FLAGS_DELETE_ON_CLOSE 0x40000000
684 #define NODE_FLAGS_EXECUTABLE 0x80000000
685
686 #define SMB_NODE_VFS(node) ((node)->vp->v_vfsp)
687 #define SMB_NODE_FSID(node) ((node)->vp->v_vfsp->vfs_fsid)
688
689 /* Maximum buffer size for encryption key */
690 #define SMB_ENCRYPT_KEY_MAXLEN 32
691
692 #define SMB_SHARE_MAGIC 0x4B534852 /* KSHR */
693
694 typedef struct smb_kshare {
695 uint32_t shr_magic;
696 avl_node_t shr_link;
697 kmutex_t shr_mutex;
698 kcondvar_t shr_cv;
699 char *shr_name;
700 char *shr_path;
701 char *shr_cmnt;
702 char *shr_container;
703 char *shr_oemname;
704 uint32_t shr_flags;
705 uint32_t shr_type;
706 uint32_t shr_refcnt;
707 uint32_t shr_autocnt;
708 uid_t shr_uid;
709 gid_t shr_gid;
710 char *shr_access_none;
711 char *shr_access_ro;
712 char *shr_access_rw;
713 smb_node_t *shr_root_node;
714 smb_node_t *shr_ca_dir;
715 void *shr_import_busy;
716 smb_cfg_val_t shr_encrypt; /* Share.EncryptData */
717 } smb_kshare_t;
718
719
720 typedef struct smb_arg_negotiate {
721 char *ni_name;
722 int ni_dialect;
723 int ni_index;
724 uint32_t ni_capabilities;
725 uint16_t ni_maxmpxcount;
726 int16_t ni_tzcorrection;
727 uint8_t ni_keylen;
728 uint8_t ni_key[SMB_ENCRYPT_KEY_MAXLEN];
729 timestruc_t ni_servertime;
730 } smb_arg_negotiate_t;
731
732 typedef enum {
733 SMB_SSNSETUP_PRE_NTLM012 = 1,
734 SMB_SSNSETUP_NTLM012_NOEXT,
735 SMB_SSNSETUP_NTLM012_EXTSEC
736 } smb_ssnsetup_type_t;
737
738 typedef struct smb_arg_sessionsetup {
739 smb_ssnsetup_type_t ssi_type;
740 char *ssi_user;
741 char *ssi_domain;
742 /* LM password hash, f.k.a. case-insensitive p/w */
743 uint16_t ssi_lmpwlen;
744 uint8_t *ssi_lmpwd;
745 /* NT password hash, f.k.a. case-sensitive p/w */
746 uint16_t ssi_ntpwlen;
747 uint8_t *ssi_ntpwd;
748 /* Incoming security blob */
749 uint16_t ssi_iseclen;
750 uint8_t *ssi_isecblob;
751 /* Incoming security blob */
752 uint16_t ssi_oseclen;
753 uint8_t *ssi_osecblob;
754 /* parameters */
755 uint16_t ssi_maxbufsize;
756 uint16_t ssi_maxmpxcount;
757 uint32_t ssi_capabilities;
758 int ssi_native_os;
759 int ssi_native_lm;
760 } smb_arg_sessionsetup_t;
761
762 typedef struct tcon {
763 char *name;
764 char *path;
765 char *service;
766 int pwdlen;
767 char *password;
768 uint16_t flags;
769 uint16_t optional_support;
770 smb_kshare_t *si;
771 } smb_arg_tcon_t;
772
773 /*
774 * Based on section 2.6.1.2 (Connection Management) of the June 13,
775 * 1996 CIFS spec, a server may terminate the transport connection
776 * due to inactivity. The client software is expected to be able to
777 * automatically reconnect to the server if this happens. Like much
778 * of the useful background information, this section appears to
779 * have been dropped from later revisions of the document.
780 *
781 * Each session has an activity timestamp that's updated whenever a
782 * request is dispatched. If the session is idle, i.e. receives no
783 * requests, for SMB_SESSION_INACTIVITY_TIMEOUT minutes it will be
784 * closed.
785 *
786 * Each session has an I/O semaphore to serialize communication with
787 * the client. For example, after receiving a raw-read request, the
788 * server is not allowed to send an oplock break to the client until
789 * after it has sent the raw-read data.
790 */
791 #define SMB_SESSION_INACTIVITY_TIMEOUT (15 * 60)
792
793 /* SMB1 signing */
794 struct smb_sign {
795 unsigned int flags;
796 uint32_t seqnum;
797 uint_t mackey_len;
798 uint8_t *mackey;
799 };
800
801 /*
802 * SMB2 signing
803 */
804 struct smb_key {
805 uint_t len;
806 uint8_t key[SMB2_SESSION_KEY_LEN];
807 };
808
809 #define SMB_SIGNING_ENABLED 1
810 #define SMB_SIGNING_CHECK 2
811
812 /*
813 * Locking notes:
814 * If you hold the mutex/lock on an object, don't flush the deleteq
815 * of the objects directly below it in the logical hierarchy
816 * (i.e. via smb_llist_exit()). I.e. don't drop s_tree_list when
817 * you hold u_mutex, because deleted trees need u_mutex to
818 * lower the refcnt.
819 *
820 * Note that this also applies to u_mutex and t_ofile_list.
821 */
822
823 /*
824 * The "session" object.
825 *
826 * Note that the smb_session_t object here corresponds to what MS-SMB2
827 * calls a "connection". Adding to the confusion, what MS calls a
828 * "session" corresponds to our smb_user_t (below).
829 */
830
831 /*
832 * Session State Machine
833 * ---------------------
834 *
835 *
836 * +-----------------------------+ +----------------------------+
837 * | SMB_SESSION_STATE_CONNECTED | | SMB_SESSION_STATE_SHUTDOWN |
838 * +-----------------------------+ +----------------------------+
839 * | ^
840 * | |T6
841 * | +------------------------------+
842 * | | SMB_SESSION_STATE_TERMINATED |
843 * T0| +------------------------------+
844 * +--------------------+ ^
845 * v |T4 |T5
846 * +-------------------------------+ | +--------------------------------+
847 * | SMB_SESSION_STATE_ESTABLISHED |---+--->| SMB_SESSION_STATE_DISCONNECTED |
848 * +-------------------------------+ +--------------------------------+
849 * T1| ^
850 * +----------+ |T3
851 * v |
852 * +------------------------------+
853 * | SMB_SESSION_STATE_NEGOTIATED |
854 * +------------------------------+
855 *
856 *
857 * Transition T0
858 *
859 *
860 *
861 * Transition T1
862 *
863 *
864 *
865 * Transition T2
866 *
867 *
868 *
869 * Transition T3
870 *
871 *
872 *
873 * Transition T4
874 *
875 *
876 *
877 * Transition T5
878 *
879 *
880 *
881 * Transition T6
882 *
883 *
884 *
885 */
886 #define SMB_SESSION_MAGIC 0x53455353 /* 'SESS' */
887 #define SMB_SESSION_VALID(p) \
888 ASSERT(((p) != NULL) && ((p)->s_magic == SMB_SESSION_MAGIC))
889
890 #define SMB_CHALLENGE_SZ 8
891
892 typedef enum {
893 SMB_SESSION_STATE_INITIALIZED = 0,
894 SMB_SESSION_STATE_DISCONNECTED,
895 SMB_SESSION_STATE_CONNECTED,
896 SMB_SESSION_STATE_ESTABLISHED,
897 SMB_SESSION_STATE_NEGOTIATED,
898 SMB_SESSION_STATE_TERMINATED,
899 SMB_SESSION_STATE_SHUTDOWN,
900 SMB_SESSION_STATE_SENTINEL
901 } smb_session_state_t;
902
903 /* Bits in s_flags below */
904 #define SMB_SSN_AAPL_CCEXT 1 /* Saw "AAPL" create ctx. ext. */
905 #define SMB_SSN_AAPL_READDIR 2 /* Wants MacOS ext. readdir */
906
907 typedef struct smb_session {
908 list_node_t s_lnd;
909 uint32_t s_magic;
910 smb_rwx_t s_lock;
911 uint64_t s_kid;
912 smb_session_state_t s_state;
913 uint32_t s_flags;
914 taskqid_t s_receiver_tqid;
915 kthread_t *s_thread;
916 kt_did_t s_ktdid;
917 int (*newrq_func)(struct smb_request *);
918 struct smb_server *s_server;
919 smb_kmod_cfg_t s_cfg;
920 int32_t s_gmtoff;
921 uint32_t keep_alive;
922 uint64_t opentime;
923 uint16_t s_local_port;
924 uint16_t s_remote_port;
925 smb_inaddr_t ipaddr;
926 smb_inaddr_t local_ipaddr;
927 int dialect;
928 int native_os;
929 int native_lm;
930
931 kmutex_t s_credits_mutex;
932 uint16_t s_cur_credits;
933 uint16_t s_max_credits;
934
935 uint32_t capabilities;
936 uint32_t srv_cap;
937
938 struct smb_sign signing; /* SMB1 */
939 void *sign_mech; /* mechanism info */
940 void *enc_mech;
941
942 /* SMB2/SMB3 signing support */
943 int (*sign_calc)(struct smb_request *,
944 struct mbuf_chain *, uint8_t *);
945 void (*sign_fini)(struct smb_session *);
946
947 ksocket_t sock;
948
949 smb_slist_t s_req_list;
950 smb_llist_t s_xa_list;
951 smb_llist_t s_user_list;
952 smb_llist_t s_tree_list;
953 smb_idpool_t s_uid_pool;
954 smb_idpool_t s_tid_pool;
955 smb_txlst_t s_txlst;
956
957 volatile uint32_t s_tree_cnt;
958 volatile uint32_t s_file_cnt;
959 volatile uint32_t s_dir_cnt;
960
961 uint16_t cli_secmode;
962 uint16_t srv_secmode;
963 uint32_t sesskey;
964 uint32_t challenge_len;
965 unsigned char challenge_key[SMB_CHALLENGE_SZ];
966 int64_t activity_timestamp;
967 timeout_id_t s_auth_tmo;
968
969 /*
970 * Maximum negotiated buffer sizes between SMB client and server
971 * in SMB_SESSION_SETUP_ANDX
972 */
973 int cmd_max_bytes;
974 int reply_max_bytes;
975 uint16_t smb_msg_size;
976 uint16_t smb_max_mpx;
977 smb_srqueue_t *s_srqueue;
978 uint64_t start_time;
979 unsigned char MAC_key[44];
980 char ip_addr_str[INET6_ADDRSTRLEN];
981 uint8_t clnt_uuid[16];
982 char workstation[SMB_PI_MAX_HOST];
983 } smb_session_t;
984
985 /*
986 * The "user" object.
987 *
988 * Note that smb_user_t object here corresponds to what MS-SMB2 calls
989 * a "session". (Our smb_session_t is something else -- see above).
990 */
991
992 #define SMB_USER_MAGIC 0x55534552 /* 'USER' */
993 #define SMB_USER_VALID(u) \
994 ASSERT(((u) != NULL) && ((u)->u_magic == SMB_USER_MAGIC))
995
996 /* These flags are all <= 0x00000010 */
997 #define SMB_USER_FLAG_GUEST SMB_ATF_GUEST
998 #define SMB_USER_FLAG_ANON SMB_ATF_ANON
999 #define SMB_USER_FLAG_ADMIN SMB_ATF_ADMIN
1000 #define SMB_USER_FLAG_POWER_USER SMB_ATF_POWERUSER
1001 #define SMB_USER_FLAG_BACKUP_OPERATOR SMB_ATF_BACKUPOP
1002
1003 #define SMB_USER_IS_ADMIN(U) (((U)->u_flags & SMB_USER_FLAG_ADMIN) != 0)
1004 #define SMB_USER_IS_GUEST(U) (((U)->u_flags & SMB_USER_FLAG_GUEST) != 0)
1005
1006 /*
1007 * Internal privilege flags derived from smb_privilege.h numbers
1008 * Would rather not include that in this file.
1009 */
1010 #define SMB_USER_PRIV_SECURITY (1<<8) /* SE_SECURITY_LUID */
1011 #define SMB_USER_PRIV_TAKE_OWNERSHIP (1<<9) /* SE_TAKE_OWNERSHIP_LUID */
1012 #define SMB_USER_PRIV_BACKUP (1<<17) /* SE_BACKUP_LUID */
1013 #define SMB_USER_PRIV_RESTORE (1<<18) /* SE_RESTORE_LUID */
1014 #define SMB_USER_PRIV_CHANGE_NOTIFY (1<<23) /* SE_CHANGE_NOTIFY_LUID */
1015 #define SMB_USER_PRIV_READ_FILE (1<<25) /* SE_READ_FILE_LUID */
1016 #define SMB_USER_PRIV_WRITE_FILE (1<<26) /* SE_WRITE_FILE_LUID */
1017
1018 /*
1019 * See the long "User State Machine" comment in smb_user.c
1020 */
1021 typedef enum {
1022 SMB_USER_STATE_LOGGING_ON = 0,
1023 SMB_USER_STATE_LOGGED_ON,
1024 SMB_USER_STATE_LOGGING_OFF,
1025 SMB_USER_STATE_LOGGED_OFF,
1026 SMB_USER_STATE_SENTINEL
1027 } smb_user_state_t;
1028
1029 typedef enum {
1030 SMB2_DH_PRESERVE_NONE = 0,
1031 SMB2_DH_PRESERVE_SOME,
1032 SMB2_DH_PRESERVE_ALL
1033 } smb_preserve_type_t;
1034
1035 typedef struct smb_user {
1036 list_node_t u_lnd;
1037 uint32_t u_magic;
1038 kmutex_t u_mutex;
1039 smb_user_state_t u_state;
1040
1041 struct smb_server *u_server;
1042 smb_session_t *u_session;
1043 ksocket_t u_authsock;
1044 timeout_id_t u_auth_tmo;
1045 uint16_t u_name_len;
1046 char *u_name;
1047 uint16_t u_domain_len;
1048 char *u_domain;
1049 time_t u_logon_time;
1050 cred_t *u_cred;
1051 cred_t *u_privcred;
1052
1053 uint64_t u_ssnid; /* unique server-wide */
1054 uint32_t u_refcnt;
1055 uint32_t u_flags;
1056 smb_preserve_type_t preserve_opens;
1057 uint32_t u_privileges;
1058 uint16_t u_uid; /* unique per-session */
1059 uint32_t u_audit_sid;
1060
1061 uint32_t u_sign_flags;
1062 struct smb_key u_sign_key; /* SMB2 signing */
1063
1064 struct smb_key u_enc_key;
1065 struct smb_key u_dec_key;
1066 volatile uint64_t u_nonce_cnt;
1067 uint8_t u_nonce_fixed[4];
1068 uint64_t u_salt;
1069 smb_cfg_val_t u_encrypt;
1070 } smb_user_t;
1071
1072 #define SMB_TREE_MAGIC 0x54524545 /* 'TREE' */
1073 #define SMB_TREE_VALID(p) \
1074 ASSERT((p != NULL) && ((p)->t_magic == SMB_TREE_MAGIC))
1075
1076 #define SMB_TYPENAMELEN _ST_FSTYPSZ
1077 #define SMB_VOLNAMELEN 32
1078
1079 #define SMB_TREE_READONLY 0x00000001
1080 #define SMB_TREE_SUPPORTS_ACLS 0x00000002
1081 #define SMB_TREE_STREAMS 0x00000004
1082 #define SMB_TREE_CASEINSENSITIVE 0x00000008
1083 #define SMB_TREE_NO_CASESENSITIVE 0x00000010
1084 #define SMB_TREE_NO_EXPORT 0x00000020
1085 #define SMB_TREE_OPLOCKS 0x00000040
1086 #define SMB_TREE_SHORTNAMES 0x00000080
1087 #define SMB_TREE_XVATTR 0x00000100
1088 #define SMB_TREE_DIRENTFLAGS 0x00000200
1089 #define SMB_TREE_ACLONCREATE 0x00000400
1090 #define SMB_TREE_ACEMASKONACCESS 0x00000800
1091 #define SMB_TREE_NFS_MOUNTED 0x00001000
1092 #define SMB_TREE_UNICODE_ON_DISK 0x00002000
1093 #define SMB_TREE_CATIA 0x00004000
1094 #define SMB_TREE_ABE 0x00008000
1095 #define SMB_TREE_QUOTA 0x00010000
1096 #define SMB_TREE_DFSROOT 0x00020000
1097 #define SMB_TREE_SPARSE 0x00040000
1098 #define SMB_TREE_TRAVERSE_MOUNTS 0x00080000
1099 #define SMB_TREE_FORCE_L2_OPLOCK 0x00100000
1100 #define SMB_TREE_CA 0x00200000
1101 /* Note: SMB_TREE_... in the mdb module too. */
1102
1103 /*
1104 * See the long "Tree State Machine" comment in smb_tree.c
1105 */
1106 typedef enum {
1107 SMB_TREE_STATE_CONNECTED = 0,
1108 SMB_TREE_STATE_DISCONNECTING,
1109 SMB_TREE_STATE_DISCONNECTED,
1110 SMB_TREE_STATE_SENTINEL
1111 } smb_tree_state_t;
1112
1113 typedef struct smb_tree {
1114 list_node_t t_lnd;
1115 uint32_t t_magic;
1116 kmutex_t t_mutex;
1117 smb_tree_state_t t_state;
1118
1119 struct smb_server *t_server;
1120 smb_session_t *t_session;
1121 /*
1122 * user whose uid was in the tree connect message
1123 * ("owner" in MS-CIFS parlance, see section 2.2.1.6 definition of FID)
1124 */
1125 smb_user_t *t_owner;
1126 smb_node_t *t_snode;
1127
1128 smb_llist_t t_ofile_list;
1129 smb_idpool_t t_fid_pool;
1130
1131 smb_llist_t t_odir_list;
1132 smb_idpool_t t_odid_pool;
1133
1134 uint32_t t_refcnt;
1135 uint32_t t_flags;
1136 int32_t t_res_type;
1137 uint16_t t_tid;
1138 uint16_t t_umask;
1139 char t_sharename[MAXNAMELEN];
1140 char t_resource[MAXPATHLEN];
1141 char t_typename[SMB_TYPENAMELEN];
1142 char t_volume[SMB_VOLNAMELEN];
1143 acl_type_t t_acltype;
1144 uint32_t t_access;
1145 uint32_t t_execflags;
1146 time_t t_connect_time;
1147 volatile uint32_t t_open_files;
1148 smb_cfg_val_t t_encrypt; /* Share.EncryptData */
1149 } smb_tree_t;
1150
1151 #define SMB_TREE_VFS(tree) ((tree)->t_snode->vp->v_vfsp)
1152 #define SMB_TREE_FSID(tree) ((tree)->t_snode->vp->v_vfsp->vfs_fsid)
1153
1154 #define SMB_TREE_IS_READONLY(sr) \
1155 ((sr) != NULL && (sr)->tid_tree != NULL && \
1156 !((sr)->tid_tree->t_access & ACE_ALL_WRITE_PERMS))
1157
1158 #define SMB_TREE_IS_CASEINSENSITIVE(sr) \
1159 (((sr) && (sr)->tid_tree) ? \
1160 smb_tree_has_feature((sr)->tid_tree, SMB_TREE_CASEINSENSITIVE) : 0)
1161
1162 #define SMB_TREE_HAS_ACCESS(sr, acemask) \
1163 ((sr) == NULL ? ACE_ALL_PERMS : ( \
1164 (((sr) && (sr)->tid_tree) ? \
1165 (((sr)->tid_tree->t_access) & (acemask)) : 0)))
1166
1167 #define SMB_TREE_SUPPORTS_CATIA(sr) \
1168 (((sr) && (sr)->tid_tree) ? \
1169 smb_tree_has_feature((sr)->tid_tree, SMB_TREE_CATIA) : 0)
1170
1171 #define SMB_TREE_SUPPORTS_ABE(sr) \
1172 (((sr) && (sr)->tid_tree) ? \
1173 smb_tree_has_feature((sr)->tid_tree, SMB_TREE_ABE) : 0)
1174
1175 #define SMB_TREE_IS_DFSROOT(sr) \
1176 (((sr) && (sr)->tid_tree) ? \
1177 smb_tree_has_feature((sr)->tid_tree, SMB_TREE_DFSROOT) : 0)
1178
1179 #define SMB_TREE_SUPPORTS_SHORTNAMES(sr) \
1180 (((sr) && (sr)->tid_tree) ? \
1181 smb_tree_has_feature((sr)->tid_tree, SMB_TREE_SHORTNAMES) : 0)
1182
1183 /*
1184 * SMB_TREE_CONTAINS_NODE is used to check if a node is on the same
1185 * file system as the tree's root filesystem, or if mount point traversal
1186 * should be allowed. Note that this is also called in some cases with
1187 * sr=NULL, where it is expected to evaluate to TRUE.
1188 */
1189
1190 #define SMB_TREE_CONTAINS_NODE(sr, node) \
1191 ((sr) == NULL || (sr)->tid_tree == NULL || \
1192 SMB_TREE_VFS((sr)->tid_tree) == SMB_NODE_VFS(node) || \
1193 smb_tree_has_feature((sr)->tid_tree, SMB_TREE_TRAVERSE_MOUNTS))
1194
1195 /*
1196 * SMB_PATHFILE_IS_READONLY indicates whether or not a file is
1197 * readonly when the caller has a path rather than an ofile.
1198 */
1199 #define SMB_PATHFILE_IS_READONLY(sr, node) \
1200 (SMB_TREE_IS_READONLY((sr)) || \
1201 smb_node_file_is_readonly((node)))
1202
1203 #define SMB_ODIR_MAGIC 0x4F444952 /* 'ODIR' */
1204 #define SMB_ODIR_VALID(p) \
1205 ASSERT((p != NULL) && ((p)->d_magic == SMB_ODIR_MAGIC))
1206
1207 #define SMB_ODIR_BUFSIZE (8 * 1024)
1208
1209 #define SMB_ODIR_FLAG_WILDCARDS 0x0001
1210 #define SMB_ODIR_FLAG_IGNORE_CASE 0x0002
1211 #define SMB_ODIR_FLAG_XATTR 0x0004
1212 #define SMB_ODIR_FLAG_EDIRENT 0x0008
1213 #define SMB_ODIR_FLAG_CATIA 0x0010
1214 #define SMB_ODIR_FLAG_ABE 0x0020
1215 #define SMB_ODIR_FLAG_SHORTNAMES 0x0040
1216
1217 typedef enum {
1218 SMB_ODIR_STATE_OPEN = 0,
1219 SMB_ODIR_STATE_IN_USE,
1220 SMB_ODIR_STATE_CLOSING,
1221 SMB_ODIR_STATE_CLOSED,
1222 SMB_ODIR_STATE_SENTINEL
1223 } smb_odir_state_t;
1224
1225 typedef enum {
1226 SMB_ODIR_RESUME_CONT,
1227 SMB_ODIR_RESUME_IDX,
1228 SMB_ODIR_RESUME_COOKIE,
1229 SMB_ODIR_RESUME_FNAME
1230 } smb_odir_resume_type_t;
1231
1232 typedef struct smb_odir_resume {
1233 smb_odir_resume_type_t or_type;
1234 int or_idx;
1235 uint32_t or_cookie;
1236 char *or_fname;
1237 } smb_odir_resume_t;
1238
1239 /*
1240 * Flags used when opening an odir
1241 */
1242 #define SMB_ODIR_OPENF_BACKUP_INTENT 0x01
1243
1244 typedef struct smb_odir {
1245 list_node_t d_lnd;
1246 uint32_t d_magic;
1247 kmutex_t d_mutex;
1248 smb_odir_state_t d_state;
1249 smb_session_t *d_session;
1250 smb_user_t *d_user;
1251 smb_tree_t *d_tree;
1252 smb_node_t *d_dnode;
1253 cred_t *d_cred;
1254 uint32_t d_opened_by_pid;
1255 uint16_t d_odid;
1256 uint16_t d_sattr;
1257 uint32_t d_refcnt;
1258 uint32_t d_flags;
1259 boolean_t d_eof;
1260 int d_bufsize;
1261 uint64_t d_offset;
1262 union {
1263 char *u_bufptr;
1264 struct edirent *u_edp;
1265 struct dirent64 *u_dp;
1266 } d_u;
1267 uint32_t d_last_cookie;
1268 uint32_t d_cookies[SMB_MAX_SEARCH];
1269 char d_pattern[MAXNAMELEN];
1270 char d_buf[SMB_ODIR_BUFSIZE];
1271 char d_last_name[MAXNAMELEN];
1272 } smb_odir_t;
1273 #define d_bufptr d_u.u_bufptr
1274 #define d_edp d_u.u_edp
1275 #define d_dp d_u.u_dp
1276
1277 typedef struct smb_odirent {
1278 char od_name[MAXNAMELEN]; /* on disk name */
1279 ino64_t od_ino;
1280 uint32_t od_eflags;
1281 } smb_odirent_t;
1282
1283 #define SMB_OPIPE_MAGIC 0x50495045 /* 'PIPE' */
1284 #define SMB_OPIPE_VALID(p) \
1285 ASSERT(((p) != NULL) && (p)->p_magic == SMB_OPIPE_MAGIC)
1286 #define SMB_OPIPE_MAXNAME 32
1287
1288 /*
1289 * Data structure for SMB_FTYPE_MESG_PIPE ofiles, which is used
1290 * at the interface between SMB and NDR RPC.
1291 */
1292 typedef struct smb_opipe {
1293 uint32_t p_magic;
1294 kmutex_t p_mutex;
1295 kcondvar_t p_cv;
1296 struct smb_ofile *p_ofile;
1297 struct smb_server *p_server;
1298 uint32_t p_refcnt;
1299 ksocket_t p_socket;
1300 /* This is the "flat" name, without path prefix */
1301 char p_name[SMB_OPIPE_MAXNAME];
1302 } smb_opipe_t;
1303
1304 /*
1305 * The of_ftype of an open file should contain the SMB_FTYPE value
1306 * returned when the file/pipe was opened. The following
1307 * assumptions are currently made:
1308 *
1309 * File Type Node PipeInfo
1310 * --------- -------- --------
1311 * SMB_FTYPE_DISK Valid Null
1312 * SMB_FTYPE_BYTE_PIPE Undefined Undefined
1313 * SMB_FTYPE_MESG_PIPE Null Valid
1314 * SMB_FTYPE_PRINTER Undefined Undefined
1315 * SMB_FTYPE_UNKNOWN Undefined Undefined
1316 */
1317
1318 /*
1319 * Some flags for ofile structure
1320 *
1321 * SMB_OFLAGS_SET_DELETE_ON_CLOSE
1322 * Set this flag when the corresponding open operation whose
1323 * DELETE_ON_CLOSE bit of the CreateOptions is set. If any
1324 * open file instance has this bit set, the NODE_FLAGS_DELETE_ON_CLOSE
1325 * will be set for the file node upon close.
1326 */
1327
1328 /* SMB_OFLAGS_READONLY 0x0001 (obsolete) */
1329 #define SMB_OFLAGS_EXECONLY 0x0002
1330 #define SMB_OFLAGS_SET_DELETE_ON_CLOSE 0x0004
1331 #define SMB_OFLAGS_LLF_POS_VALID 0x0008
1332
1333 #define SMB_OFILE_MAGIC 0x4F464C45 /* 'OFLE' */
1334 #define SMB_OFILE_VALID(p) \
1335 ASSERT((p != NULL) && ((p)->f_magic == SMB_OFILE_MAGIC))
1336
1337 /*
1338 * This is the size of the per-handle "Lock Sequence" array.
1339 * See LockSequenceIndex in [MS-SMB2] 2.2.26, and smb2_lock.c
1340 */
1341 #define SMB_OFILE_LSEQ_MAX 64
1342
1343 /* {arg_open,ofile}->dh_vers values */
1344 typedef enum {
1345 SMB2_NOT_DURABLE = 0,
1346 SMB2_DURABLE_V1,
1347 SMB2_DURABLE_V2,
1348 SMB2_RESILIENT,
1349 } smb_dh_vers_t;
1350
1351 /*
1352 * See the long "Ofile State Machine" comment in smb_ofile.c
1353 */
1354 typedef enum {
1355 SMB_OFILE_STATE_ALLOC = 0,
1356 SMB_OFILE_STATE_OPEN,
1357 SMB_OFILE_STATE_SAVE_DH,
1358 SMB_OFILE_STATE_SAVING,
1359 SMB_OFILE_STATE_CLOSING,
1360 SMB_OFILE_STATE_CLOSED,
1361 SMB_OFILE_STATE_ORPHANED,
1362 SMB_OFILE_STATE_RECONNECT,
1363 SMB_OFILE_STATE_EXPIRED,
1364 SMB_OFILE_STATE_SENTINEL
1365 } smb_ofile_state_t;
1366
1367 typedef struct smb_ofile {
1368 list_node_t f_tree_lnd; /* t_ofile_list */
1369 list_node_t f_node_lnd; /* n_ofile_list */
1370 list_node_t f_dh_lnd; /* sv_persistid_ht */
1371 uint32_t f_magic;
1372 kmutex_t f_mutex;
1373 smb_ofile_state_t f_state;
1374
1375 struct smb_server *f_server;
1376 smb_session_t *f_session;
1377 smb_user_t *f_user;
1378 smb_tree_t *f_tree;
1379 smb_node_t *f_node;
1380 smb_odir_t *f_odir;
1381 smb_opipe_t *f_pipe;
1382
1383 kcondvar_t f_cv;
1384 /*
1385 * Note: f_persistid == 0 means this ofile has no persistid
1386 * (same interpretation at the protocol level). IFF non-zero,
1387 * this ofile is linked in the sv_persistid_ht hash table.
1388 */
1389 uint64_t f_persistid;
1390 uint32_t f_uniqid;
1391 uint32_t f_refcnt;
1392 uint64_t f_seek_pos;
1393 uint32_t f_flags;
1394 uint32_t f_granted_access;
1395 uint32_t f_share_access;
1396 uint32_t f_create_options;
1397 uint32_t f_opened_by_pid;
1398 uint16_t f_fid;
1399 uint16_t f_ftype;
1400 uint64_t f_llf_pos;
1401 int f_mode;
1402 cred_t *f_cr;
1403 pid_t f_pid;
1404 smb_attr_t f_pending_attr;
1405 boolean_t f_written;
1406 smb_oplock_grant_t f_oplock;
1407 uint8_t TargetOplockKey[SMB_LEASE_KEY_SZ];
1408 uint8_t ParentOplockKey[SMB_LEASE_KEY_SZ];
1409 struct smb_lease *f_lease;
1410
1411 smb_notify_t f_notify;
1412
1413 smb_dh_vers_t dh_vers;
1414 hrtime_t dh_timeout_offset; /* time offset for timeout */
1415 hrtime_t dh_expire_time; /* time the handle expires */
1416 boolean_t dh_persist;
1417 kmutex_t dh_nvlock;
1418 struct nvlist *dh_nvlist;
1419 smb_node_t *dh_nvfile;
1420
1421 uint8_t dh_create_guid[16];
1422 char f_quota_resume[SMB_SID_STRSZ];
1423 uint8_t f_lock_seq[SMB_OFILE_LSEQ_MAX];
1424 } smb_ofile_t;
1425
1426 typedef struct smb_fileinfo {
1427 char fi_name[MAXNAMELEN];
1428 char fi_shortname[SMB_SHORTNAMELEN];
1429 uint32_t fi_cookie; /* Dir offset (of next entry) */
1430 uint32_t fi_dosattr; /* DOS attributes */
1431 uint64_t fi_nodeid; /* file system node id */
1432 uint64_t fi_size; /* file size in bytes */
1433 uint64_t fi_alloc_size; /* allocation size in bytes */
1434 timestruc_t fi_atime; /* last access */
1435 timestruc_t fi_mtime; /* last modification */
1436 timestruc_t fi_ctime; /* last status change */
1437 timestruc_t fi_crtime; /* file creation */
1438 } smb_fileinfo_t;
1439
1440 typedef struct smb_streaminfo {
1441 uint64_t si_size;
1442 uint64_t si_alloc_size;
1443 char si_name[MAXPATHLEN];
1444 } smb_streaminfo_t;
1445
1446 #define SMB_LOCK_MAGIC 0x4C4F434B /* 'LOCK' */
1447
1448 typedef struct smb_lock {
1449 list_node_t l_lnd;
1450 uint32_t l_magic;
1451 kmutex_t l_mutex;
1452 kcondvar_t l_cv;
1453
1454 smb_ofile_t *l_file;
1455
1456 struct smb_lock *l_blocked_by; /* Debug info only */
1457
1458 uint32_t l_conflicts;
1459 uint32_t l_flags;
1460 uint32_t l_pid;
1461 uint32_t l_type;
1462 uint64_t l_start;
1463 uint64_t l_length;
1464 clock_t l_end_time;
1465 } smb_lock_t;
1466
1467 #define SMB_LOCK_FLAG_INDEFINITE 0x0004
1468 #define SMB_LOCK_FLAG_CLOSED 0x0008
1469 #define SMB_LOCK_FLAG_CANCELLED 0x0010
1470
1471 #define SMB_LOCK_TYPE_READWRITE 101
1472 #define SMB_LOCK_TYPE_READONLY 102
1473
1474 typedef struct vardata_block {
1475 uint8_t vdb_tag;
1476 uint32_t vdb_len;
1477 struct uio vdb_uio;
1478 struct iovec vdb_iovec[MAX_IOVEC];
1479 } smb_vdb_t;
1480
1481 #define SMB_WRMODE_WRITE_THRU 0x0001
1482 #define SMB_WRMODE_IS_STABLE(M) ((M) & SMB_WRMODE_WRITE_THRU)
1483
1484 #define SMB_RW_MAGIC 0x52445257 /* 'RDRW' */
1485
1486 typedef struct smb_rw_param {
1487 uint32_t rw_magic;
1488 smb_vdb_t rw_vdb;
1489 uint64_t rw_offset;
1490 uint32_t rw_last_write;
1491 uint16_t rw_mode;
1492 uint32_t rw_count; /* bytes in this request */
1493 uint16_t rw_mincnt;
1494 uint32_t rw_total; /* total bytes (write-raw) */
1495 uint16_t rw_dsoff; /* SMB data offset */
1496 uint8_t rw_andx; /* SMB secondary andx command */
1497 } smb_rw_param_t;
1498
1499 typedef struct smb_pathname {
1500 char *pn_path;
1501 char *pn_pname;
1502 char *pn_fname;
1503 char *pn_sname;
1504 char *pn_stype;
1505 } smb_pathname_t;
1506
1507 /*
1508 * fs_query_info
1509 */
1510 typedef struct smb_fqi {
1511 smb_pathname_t fq_path;
1512 uint16_t fq_sattr;
1513 smb_node_t *fq_dnode;
1514 smb_node_t *fq_fnode;
1515 smb_attr_t fq_fattr;
1516 char fq_last_comp[MAXNAMELEN];
1517 } smb_fqi_t;
1518
1519 typedef struct dirop {
1520 smb_fqi_t fqi;
1521 smb_fqi_t dst_fqi;
1522 uint16_t info_level;
1523 uint16_t flags;
1524 } smb_arg_dirop_t;
1525
1526 typedef struct smb_queryinfo {
1527 smb_node_t *qi_node; /* NULL for pipes */
1528 uint8_t qi_InfoType;
1529 uint8_t qi_InfoClass;
1530 uint8_t qi_delete_on_close;
1531 uint8_t qi_isdir;
1532 uint32_t qi_AddlInfo;
1533 uint32_t qi_Flags;
1534 mbuf_chain_t in_data;
1535 smb_attr_t qi_attr;
1536 uint32_t qi_namelen;
1537 char qi_shortname[SMB_SHORTNAMELEN];
1538 char qi_name[MAXPATHLEN];
1539 } smb_queryinfo_t;
1540
1541 typedef struct smb_setinfo {
1542 smb_node_t *si_node;
1543 mbuf_chain_t si_data;
1544 smb_attr_t si_attr;
1545 } smb_setinfo_t;
1546
1547 /*
1548 * smb_fssize_t
1549 * volume_units and volume avail are the total allocated and
1550 * available units on the volume.
1551 * caller_units and caller_avail are the allocated and available
1552 * units on the volume for the user associated with the calling
1553 * thread.
1554 */
1555 typedef struct smb_fssize {
1556 uint64_t fs_volume_units;
1557 uint64_t fs_volume_avail;
1558 uint64_t fs_caller_units;
1559 uint64_t fs_caller_avail;
1560 uint32_t fs_sectors_per_unit;
1561 uint32_t fs_bytes_per_sector;
1562 } smb_fssize_t;
1563
1564 /*
1565 * SMB FsCtl operations (SMB2 Ioctl, and some SMB1 trans calls)
1566 */
1567 typedef struct {
1568 uint32_t CtlCode;
1569 uint32_t InputCount;
1570 uint32_t OutputCount;
1571 uint32_t MaxOutputResp;
1572 mbuf_chain_t *in_mbc;
1573 mbuf_chain_t *out_mbc;
1574 } smb_fsctl_t;
1575
1576 typedef struct {
1577 uint64_t persistent;
1578 uint64_t temporal;
1579 } smb2fid_t;
1580
1581 typedef struct {
1582 uint32_t status;
1583 uint16_t errcls;
1584 uint16_t errcode;
1585 } smb_error_t;
1586
1587 typedef struct open_param {
1588 smb_fqi_t fqi;
1589 uint16_t omode;
1590 uint16_t ofun;
1591 uint32_t nt_flags;
1592 uint32_t timeo;
1593 uint32_t dattr;
1594 timestruc_t crtime;
1595 timestruc_t mtime;
1596 timestruc_t timewarp;
1597 /*
1598 * Careful: dsize is the desired (allocation) size before the
1599 * common open function, and the actual size afterwards.
1600 */
1601 uint64_t dsize; /* alloc size, actual size */
1602 uint32_t desired_access;
1603 uint32_t maximum_access;
1604 uint32_t share_access;
1605 uint32_t create_options;
1606 uint32_t create_disposition;
1607 boolean_t create_timewarp;
1608 boolean_t created_readonly;
1609 uint32_t ftype;
1610 uint32_t devstate;
1611 uint32_t action_taken;
1612 uint64_t fileid;
1613 uint32_t rootdirfid;
1614 fsid_t op_fsid;
1615 smb_ofile_t *dir;
1616 smb_opipe_t *pipe; /* for smb_opipe_open */
1617 struct smb_sd *sd; /* for NTTransactCreate */
1618 void *create_ctx;
1619
1620 uint8_t op_oplock_level; /* requested/granted level */
1621 uint32_t op_oplock_state; /* internal type+level */
1622 uint32_t lease_state; /* SMB2_LEASE_... */
1623 uint32_t lease_flags;
1624 uint16_t lease_epoch;
1625 uint16_t lease_version; /* 1 or 2 */
1626 uint8_t lease_key[SMB_LEASE_KEY_SZ]; /* from client */
1627 uint8_t parent_lease_key[SMB_LEASE_KEY_SZ]; /* for V2 */
1628
1629 smb_dh_vers_t dh_vers;
1630 smb2fid_t dh_fileid; /* for durable reconnect */
1631 uint8_t create_guid[16];
1632 uint32_t dh_v2_flags;
1633 uint32_t dh_timeout;
1634 } smb_arg_open_t;
1635
1636 typedef struct smb_arg_lock {
1637 void *lvec;
1638 uint32_t lcnt;
1639 uint32_t lseq;
1640 } smb_arg_lock_t;
1641
1642 typedef struct smb_arg_olbrk {
1643 uint32_t NewLevel;
1644 boolean_t AckRequired;
1645 } smb_arg_olbrk_t;
1646
1647 /*
1648 * SMB Request State Machine
1649 * -------------------------
1650 *
1651 * T4 +------+ T0
1652 * +--------------------------->| FREE |---------------------------+
1653 * | +------+ |
1654 * +-----------+ |
1655 * | COMPLETED | |
1656 * +-----------+
1657 * ^ |
1658 * | T15 +-----------+ v
1659 * +------------+ T6 | | +--------------+
1660 * | CLEANED_UP |<-----------------| CANCELLED | | INITIALIZING |
1661 * +------------+ | | +--------------+
1662 * | ^ +-----------+ |
1663 * | | ^ ^ ^ ^ |
1664 * | | +-------------+ | | | |
1665 * | | T3 | | | | T13 | T1
1666 * | +-------------------------+ | | +----------------------+ |
1667 * +----------------------------+ | | | | |
1668 * T16 | | | | +-----------+ | |
1669 * | \/ | | T5 | | v
1670 * +-----------------+ | T12 +--------+ | T2 +-----------+
1671 * | EVENT_OCCURRED |------------->| ACTIVE |<--------------------| SUBMITTED |
1672 * +-----------------+ | +--------+ | +-----------+
1673 * ^ | | ^ | |
1674 * | | T8 | | | T7 |
1675 * | T10 T9 | +----------+ | +-------+ | T11
1676 * | | | +-------+ | |
1677 * | | | T14 | | |
1678 * | | v | v |
1679 * +----------------------+ +--------------+
1680 * | WAITING_EVENT | | WAITING_LOCK |
1681 * +----------------------+ +--------------+
1682 *
1683 *
1684 *
1685 *
1686 *
1687 * Transition T0
1688 *
1689 * This transition occurs when the request is allocated and is still under the
1690 * control of the session thread.
1691 *
1692 * Transition T1
1693 *
1694 * This transition occurs when the session thread dispatches a task to treat the
1695 * request.
1696 *
1697 * Transition T2
1698 *
1699 *
1700 *
1701 * Transition T3
1702 *
1703 * A request completes and smbsr_cleanup is called to release resources
1704 * associated with the request (but not the smb_request_t itself). This
1705 * includes references on smb_ofile_t, smb_node_t, and other structures.
1706 * CLEANED_UP state exists to detect if we attempt to cleanup a request
1707 * multiple times and to allow us to detect that we are accessing a
1708 * request that has already been cleaned up.
1709 *
1710 * Transition T4
1711 *
1712 *
1713 *
1714 * Transition T5
1715 *
1716 *
1717 *
1718 * Transition T6
1719 *
1720 *
1721 *
1722 * Transition T7
1723 *
1724 *
1725 *
1726 * Transition T8
1727 *
1728 *
1729 *
1730 * Transition T9
1731 *
1732 *
1733 *
1734 * Transition T10
1735 *
1736 *
1737 *
1738 * Transition T11
1739 *
1740 *
1741 *
1742 * Transition T12
1743 *
1744 *
1745 *
1746 * Transition T13
1747 *
1748 *
1749 *
1750 * Transition T14
1751 *
1752 *
1753 *
1754 * Transition T15
1755 *
1756 * Request processing is completed (control returns from smb_dispatch)
1757 *
1758 * Transition T16
1759 *
1760 * Multipart (andx) request was cleaned up with smbsr_cleanup but more "andx"
1761 * sections remain to be processed.
1762 *
1763 */
1764
1765 #define SMB_REQ_MAGIC 0x534D4252 /* 'SMBR' */
1766 #define SMB_REQ_VALID(p) ASSERT((p)->sr_magic == SMB_REQ_MAGIC)
1767
1768 typedef enum smb_req_state {
1769 SMB_REQ_STATE_FREE = 0,
1770 SMB_REQ_STATE_INITIALIZING,
1771 SMB_REQ_STATE_SUBMITTED,
1772 SMB_REQ_STATE_ACTIVE,
1773 SMB_REQ_STATE_WAITING_AUTH,
1774 SMB_REQ_STATE_WAITING_FCN1,
1775 SMB_REQ_STATE_WAITING_FCN2,
1776 SMB_REQ_STATE_WAITING_LOCK,
1777 SMB_REQ_STATE_WAITING_PIPE,
1778 SMB_REQ_STATE_COMPLETED,
1779 SMB_REQ_STATE_CANCEL_PENDING,
1780 SMB_REQ_STATE_CANCELLED,
1781 SMB_REQ_STATE_CLEANED_UP,
1782 SMB_REQ_STATE_SENTINEL
1783 } smb_req_state_t;
1784
1785 typedef struct smb_request {
1786 list_node_t sr_session_lnd;
1787 uint32_t sr_magic;
1788 kmutex_t sr_mutex;
1789 smb_req_state_t sr_state;
1790 struct smb_server *sr_server;
1791 pid_t *sr_pid;
1792 int32_t sr_gmtoff;
1793 smb_session_t *session;
1794 smb_kmod_cfg_t *sr_cfg;
1795 void (*cancel_method)(struct smb_request *);
1796 void *cancel_arg2;
1797
1798 /* Queue used by smb_request_append_postwork. */
1799 struct smb_request *sr_postwork;
1800
1801 list_node_t sr_waiters; /* smb_notify.c */
1802
1803 /* Info from session service header */
1804 uint32_t sr_req_length; /* Excluding NBT header */
1805
1806 /* Request buffer excluding NBT header */
1807 void *sr_request_buf;
1808
1809 struct mbuf_chain command;
1810 struct mbuf_chain reply;
1811 struct mbuf_chain raw_data;
1812 list_t sr_storage;
1813 struct smb_xa *r_xa;
1814 int andx_prev_wct;
1815 int cur_reply_offset;
1816 int orig_request_hdr;
1817 unsigned int reply_seqnum; /* reply sequence number */
1818 unsigned char first_smb_com; /* command code */
1819 unsigned char smb_com; /* command code */
1820
1821 uint8_t smb_rcls; /* error code class */
1822 uint8_t smb_reh; /* rsvd (AH DOS INT-24 ERR) */
1823 uint16_t smb_err; /* error code */
1824 smb_error_t smb_error;
1825
1826 uint8_t smb_flg; /* flags */
1827 uint16_t smb_flg2; /* flags */
1828 unsigned char smb_sig[8]; /* signiture */
1829 uint16_t smb_tid; /* tree id # */
1830 uint32_t smb_pid; /* caller's process id # */
1831 uint16_t smb_uid; /* local (smb1) user id # */
1832 uint16_t smb_mid; /* mutiplex id # */
1833 unsigned char smb_wct; /* count of parameter words */
1834 uint16_t smb_bcc; /* data byte count */
1835
1836 /*
1837 * Beginning offsets (in the mbuf chain) for the
1838 * command and reply headers, and the next reply.
1839 */
1840 uint32_t smb2_cmd_hdr;
1841 uint32_t smb2_reply_hdr;
1842 uint32_t smb2_next_reply;
1843
1844 /*
1845 * SMB2 header fields. [MS-SMB2 2.2.1.2]
1846 * XXX: Later do a union w smb1 members
1847 */
1848 uint16_t smb2_credit_charge;
1849 uint16_t smb2_chan_seq; /* cmd only */
1850 uint32_t smb2_status;
1851 uint16_t smb2_cmd_code;
1852 uint16_t smb2_credit_request;
1853 uint16_t smb2_credit_response;
1854 uint16_t smb2_total_credits; /* in compound */
1855 uint32_t smb2_hdr_flags;
1856 uint32_t smb2_next_command;
1857 uint64_t smb2_messageid;
1858 uint64_t smb2_first_msgid;
1859 /* uint32_t smb2_pid; use smb_pid */
1860 /* uint32_t smb2_tid; use smb_tid */
1861 uint64_t smb2_ssnid; /* See u_ssnid */
1862 uint8_t smb2_sig[16]; /* signature */
1863
1864 /*
1865 * SMB3 transform header fields. [MS-SMB2 2.2.41]
1866 */
1867 uint64_t smb3_tform_ssnid;
1868 smb_user_t *tform_ssn;
1869 uint32_t msgsize;
1870 uint8_t nonce[16];
1871
1872 boolean_t encrypted;
1873 boolean_t dh_nvl_dirty;
1874
1875 boolean_t smb2_async;
1876 uint64_t smb2_async_id;
1877 /* Parameters */
1878 struct mbuf_chain smb_vwv; /* variable width value */
1879
1880 /* Data */
1881 struct mbuf_chain smb_data;
1882
1883 uint16_t smb_fid; /* not in hdr, but common */
1884
1885 unsigned char andx_com;
1886 uint16_t andx_off;
1887
1888 struct smb_tree *tid_tree;
1889 struct smb_ofile *fid_ofile;
1890 smb_user_t *uid_user;
1891
1892 cred_t *user_cr;
1893 kthread_t *sr_worker;
1894 hrtime_t sr_time_submitted;
1895 hrtime_t sr_time_active;
1896 hrtime_t sr_time_start;
1897 int32_t sr_txb;
1898 uint32_t sr_seqnum;
1899
1900 union {
1901 smb_arg_negotiate_t *negprot;
1902 smb_arg_sessionsetup_t *ssetup;
1903 smb_arg_tcon_t tcon;
1904 smb_arg_dirop_t dirop;
1905 smb_arg_open_t open;
1906 smb_arg_lock_t lock;
1907 smb_arg_olbrk_t olbrk; /* for async oplock break */
1908 smb_rw_param_t *rw;
1909 int32_t timestamp;
1910 void *other;
1911 } arg;
1912 } smb_request_t;
1913
1914 #define sr_ssetup arg.ssetup
1915 #define sr_negprot arg.negprot
1916 #define sr_tcon arg.tcon
1917 #define sr_dirop arg.dirop
1918 #define sr_open arg.open
1919 #define sr_rw arg.rw
1920 #define sr_timestamp arg.timestamp
1921
1922 #define SMB_READ_PROTOCOL(hdr) \
1923 LE_IN32(((smb_hdr_t *)(hdr))->protocol)
1924
1925 #define SMB_PROTOCOL_MAGIC_INVALID(rd_sr) \
1926 (SMB_READ_PROTOCOL((rd_sr)->sr_request_buf) != SMB_PROTOCOL_MAGIC)
1927
1928 #define SMB_READ_COMMAND(hdr) \
1929 (((smb_hdr_t *)(hdr))->command)
1930
1931 #define SMB_IS_NT_CANCEL(rd_sr) \
1932 (SMB_READ_COMMAND((rd_sr)->sr_request_buf) == SMB_COM_NT_CANCEL)
1933
1934 #define SMB_IS_SESSION_SETUP_ANDX(rd_sr) \
1935 (SMB_READ_COMMAND((rd_sr)->sr_request_buf) == \
1936 SMB_COM_SESSION_SETUP_ANDX)
1937
1938 #define SMB_IS_NT_NEGOTIATE(rd_sr) \
1939 (SMB_READ_COMMAND((rd_sr)->sr_request_buf) == SMB_COM_NEGOTIATE)
1940
1941 #define SMB_IS_TREE_CONNECT_ANDX(rd_sr) \
1942 (SMB_READ_COMMAND((rd_sr)->sr_request_buf) == SMB_COM_TREE_CONNECT_ANDX)
1943
1944 #define SMB_XA_FLAG_OPEN 0x0001
1945 #define SMB_XA_FLAG_CLOSE 0x0002
1946 #define SMB_XA_FLAG_COMPLETE 0x0004
1947 #define SMB_XA_CLOSED(xa) (!((xa)->xa_flags & SMB_XA_FLAG_OPEN))
1948
1949 #define SMB_XA_MAGIC 0x534D4258 /* 'SMBX' */
1950
1951 typedef struct smb_xa {
1952 list_node_t xa_lnd;
1953 uint32_t xa_magic;
1954 kmutex_t xa_mutex;
1955
1956 uint32_t xa_refcnt;
1957 uint32_t xa_flags;
1958
1959 struct smb_session *xa_session;
1960
1961 unsigned char smb_com; /* which TRANS type */
1962 unsigned char smb_flg; /* flags */
1963 uint16_t smb_flg2; /* flags */
1964 uint16_t smb_tid; /* tree id number */
1965 uint32_t smb_pid; /* caller's process id */
1966 uint16_t smb_uid; /* user id number */
1967 uint32_t smb_func; /* NT_TRANS function */
1968
1969 uint16_t xa_smb_mid; /* mutiplex id number */
1970 uint16_t xa_smb_fid; /* TRANS2 secondary */
1971
1972 unsigned int reply_seqnum; /* reply sequence number */
1973
1974 uint32_t smb_tpscnt; /* total parameter bytes being sent */
1975 uint32_t smb_tdscnt; /* total data bytes being sent */
1976 uint32_t smb_mprcnt; /* max parameter bytes to return */
1977 uint32_t smb_mdrcnt; /* max data bytes to return */
1978 uint32_t smb_msrcnt; /* max setup words to return */
1979 uint32_t smb_flags; /* additional information: */
1980 /* bit 0 - if set, disconnect TID in smb_tid */
1981 /* bit 1 - if set, transaction is one way */
1982 /* (no final response) */
1983 int32_t smb_timeout; /* number of milliseconds to await completion */
1984 uint32_t smb_suwcnt; /* set up word count */
1985
1986 char *xa_pipe_name;
1987
1988 /*
1989 * These are the param and data count received so far,
1990 * used to decide if the whole trans is here yet.
1991 */
1992 int req_disp_param;
1993 int req_disp_data;
1994
1995 struct mbuf_chain req_setup_mb;
1996 struct mbuf_chain req_param_mb;
1997 struct mbuf_chain req_data_mb;
1998
1999 struct mbuf_chain rep_setup_mb;
2000 struct mbuf_chain rep_param_mb;
2001 struct mbuf_chain rep_data_mb;
2002 } smb_xa_t;
2003
2004
2005 #define SDDF_NO_FLAGS 0
2006 #define SDDF_SUPPRESS_TID 0x0001
2007 #define SDDF_SUPPRESS_UID 0x0002
2008
2009 /*
2010 * SMB dispatch return codes.
2011 */
2012 typedef enum {
2013 SDRC_SUCCESS = 0,
2014 SDRC_ERROR,
2015 SDRC_DROP_VC,
2016 SDRC_NO_REPLY,
2017 SDRC_SR_KEPT,
2018 SDRC_NOT_IMPLEMENTED
2019 } smb_sdrc_t;
2020
2021 #define VAR_BCC ((short)-1)
2022
2023 #define SMB_SERVER_MAGIC 0x53534552 /* 'SSER' */
2024 #define SMB_SERVER_VALID(s) \
2025 ASSERT(((s) != NULL) && ((s)->sv_magic == SMB_SERVER_MAGIC))
2026
2027 #define SMB_LISTENER_MAGIC 0x4C53544E /* 'LSTN' */
2028 #define SMB_LISTENER_VALID(ld) \
2029 ASSERT(((ld) != NULL) && ((ld)->ld_magic == SMB_LISTENER_MAGIC))
2030
2031 typedef struct {
2032 uint32_t ld_magic;
2033 struct smb_server *ld_sv;
2034 smb_thread_t ld_thread;
2035 ksocket_t ld_so;
2036 in_port_t ld_port;
2037 int ld_family;
2038 struct sockaddr_in ld_sin;
2039 struct sockaddr_in6 ld_sin6;
2040 } smb_listener_daemon_t;
2041
2042 #define SMB_SSETUP_CMD "authentication"
2043 #define SMB_TCON_CMD "share mapping"
2044 #define SMB_OPIPE_CMD "pipe open"
2045 #define SMB_THRESHOLD_REPORT_THROTTLE 50
2046 typedef struct smb_cmd_threshold {
2047 char *ct_cmd;
2048 kmutex_t ct_mutex;
2049 volatile uint32_t ct_active_cnt;
2050 volatile uint32_t ct_blocked_cnt;
2051 uint32_t ct_threshold;
2052 uint32_t ct_timeout; /* milliseconds */
2053 kcondvar_t ct_cond;
2054 } smb_cmd_threshold_t;
2055
2056 typedef struct {
2057 kstat_named_t ls_files;
2058 kstat_named_t ls_trees;
2059 kstat_named_t ls_users;
2060 } smb_server_legacy_kstat_t;
2061
2062 typedef enum smb_server_state {
2063 SMB_SERVER_STATE_CREATED = 0,
2064 SMB_SERVER_STATE_CONFIGURED,
2065 SMB_SERVER_STATE_RUNNING,
2066 SMB_SERVER_STATE_STOPPING,
2067 SMB_SERVER_STATE_DELETING,
2068 SMB_SERVER_STATE_SENTINEL
2069 } smb_server_state_t;
2070
2071 typedef struct {
2072 /* protected by sv_mutex */
2073 kcondvar_t sp_cv;
2074 uint32_t sp_cnt;
2075 smb_llist_t sp_list;
2076 smb_llist_t sp_fidlist;
2077 } smb_spool_t;
2078
2079 #define SMB_SERVER_STATE_VALID(S) \
2080 ASSERT(((S) == SMB_SERVER_STATE_CREATED) || \
2081 ((S) == SMB_SERVER_STATE_CONFIGURED) || \
2082 ((S) == SMB_SERVER_STATE_RUNNING) || \
2083 ((S) == SMB_SERVER_STATE_STOPPING) || \
2084 ((S) == SMB_SERVER_STATE_DELETING))
2085
2086 typedef struct smb_server {
2087 list_node_t sv_lnd;
2088 uint32_t sv_magic;
2089 kcondvar_t sv_cv;
2090 kmutex_t sv_mutex;
2091 smb_server_state_t sv_state;
2092 uint32_t sv_refcnt;
2093 pid_t sv_pid;
2094 zoneid_t sv_zid;
2095 smb_listener_daemon_t sv_nbt_daemon;
2096 smb_listener_daemon_t sv_tcp_daemon;
2097 krwlock_t sv_cfg_lock;
2098 smb_kmod_cfg_t sv_cfg;
2099 smb_session_t *sv_session;
2100 smb_user_t *sv_rootuser;
2101 smb_llist_t sv_session_list;
2102 smb_hash_t *sv_persistid_ht;
2103 smb_hash_t *sv_lease_ht;
2104
2105 smb_export_t sv_export;
2106 struct __door_handle *sv_lmshrd;
2107
2108 /* Internal door for up-calls to smbd */
2109 struct __door_handle *sv_kdoor_hd;
2110 int sv_kdoor_id; /* init -1 */
2111 uint64_t sv_kdoor_ncall;
2112 kmutex_t sv_kdoor_mutex;
2113 kcondvar_t sv_kdoor_cv;
2114
2115 int32_t si_gmtoff;
2116
2117 smb_thread_t si_thread_timers;
2118
2119 taskq_t *sv_worker_pool;
2120 taskq_t *sv_receiver_pool;
2121
2122 smb_node_t *si_root_smb_node;
2123 smb_llist_t sv_opipe_list;
2124 smb_llist_t sv_event_list;
2125
2126 /* Statistics */
2127 hrtime_t sv_start_time;
2128 kstat_t *sv_ksp;
2129 volatile uint32_t sv_nbt_sess;
2130 volatile uint32_t sv_tcp_sess;
2131 volatile uint32_t sv_users;
2132 volatile uint32_t sv_trees;
2133 volatile uint32_t sv_files;
2134 volatile uint32_t sv_pipes;
2135 volatile uint64_t sv_txb;
2136 volatile uint64_t sv_rxb;
2137 volatile uint64_t sv_nreq;
2138 smb_srqueue_t sv_srqueue;
2139 smb_spool_t sp_info;
2140 smb_cmd_threshold_t sv_ssetup_ct;
2141 smb_cmd_threshold_t sv_tcon_ct;
2142 smb_cmd_threshold_t sv_opipe_ct;
2143 kstat_t *sv_legacy_ksp;
2144 kmutex_t sv_legacy_ksmtx;
2145 smb_disp_stats_t *sv_disp_stats1;
2146 smb_disp_stats_t *sv_disp_stats2;
2147 } smb_server_t;
2148
2149 #define SMB_EVENT_MAGIC 0x45564E54 /* EVNT */
2150 #define SMB_EVENT_TIMEOUT 45 /* seconds */
2151 #define SMB_EVENT_VALID(e) \
2152 ASSERT(((e) != NULL) && ((e)->se_magic == SMB_EVENT_MAGIC))
2153 typedef struct smb_event {
2154 list_node_t se_lnd;
2155 uint32_t se_magic;
2156 kmutex_t se_mutex;
2157 kcondvar_t se_cv;
2158 smb_server_t *se_server;
2159 uint32_t se_txid;
2160 boolean_t se_notified;
2161 int se_waittime;
2162 int se_timeout;
2163 int se_errno;
2164 } smb_event_t;
2165
2166 typedef struct smb_kspooldoc {
2167 list_node_t sd_lnd;
2168 uint32_t sd_magic;
2169 smb_inaddr_t sd_ipaddr;
2170 uint32_t sd_spool_num;
2171 uint16_t sd_fid;
2172 char sd_username[MAXNAMELEN];
2173 char sd_path[MAXPATHLEN];
2174 } smb_kspooldoc_t;
2175
2176 typedef struct smb_spoolfid {
2177 list_node_t sf_lnd;
2178 uint32_t sf_magic;
2179 uint16_t sf_fid;
2180 } smb_spoolfid_t;
2181
2182 #define SMB_INFO_NETBIOS_SESSION_SVC_RUNNING 0x0001
2183 #define SMB_INFO_NETBIOS_SESSION_SVC_FAILED 0x0002
2184 #define SMB_INFO_USER_LEVEL_SECURITY 0x40000000
2185 #define SMB_INFO_ENCRYPT_PASSWORDS 0x80000000
2186
2187 #define SMB_IS_STREAM(node) ((node)->n_unode)
2188
2189 typedef struct smb_tsd {
2190 void (*proc)();
2191 void *arg;
2192 char name[100];
2193 } smb_tsd_t;
2194
2195 typedef struct smb_disp_entry {
2196 char sdt_name[KSTAT_STRLEN];
2197 smb_sdrc_t (*sdt_pre_op)(smb_request_t *);
2198 smb_sdrc_t (*sdt_function)(smb_request_t *);
2199 void (*sdt_post_op)(smb_request_t *);
2200 uint8_t sdt_com;
2201 char sdt_dialect;
2202 uint8_t sdt_flags;
2203 } smb_disp_entry_t;
2204
2205 typedef struct smb_xlate {
2206 int code;
2207 char *str;
2208 } smb_xlate_t;
2209
2210 /*
2211 * This structure is a helper for building RAP NetShareEnum response
2212 *
2213 * es_posix_uid UID of the user requesting the shares list which
2214 * is used to detect if the user has any autohome
2215 * es_bufsize size of the response buffer
2216 * es_buf pointer to the response buffer
2217 * es_ntotal total number of shares exported by server which
2218 * their OEM names is less then 13 chars
2219 * es_nsent number of shares that can fit in the specified buffer
2220 * es_datasize actual data size (share's data) which was encoded
2221 * in the response buffer
2222 */
2223 typedef struct smb_enumshare_info {
2224 uid_t es_posix_uid;
2225 uint16_t es_bufsize;
2226 char *es_buf;
2227 uint16_t es_ntotal;
2228 uint16_t es_nsent;
2229 uint16_t es_datasize;
2230 } smb_enumshare_info_t;
2231
2232 #ifdef __cplusplus
2233 }
2234 #endif
2235
2236 #endif /* _SMBSRV_SMB_KTYPES_H */