1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2019 Nexenta by DDN, Inc. All rights reserved.
24 * Copyright 2020 RackTop Systems, Inc.
25 */
26
27 /*
28 * Structures and type definitions for the SMB module.
29 */
30
31 #ifndef _SMBSRV_SMB_KTYPES_H
32 #define _SMBSRV_SMB_KTYPES_H
33
34 #ifdef __cplusplus
35 extern "C" {
36 #endif
37
38 #include <sys/note.h>
39 #include <sys/systm.h>
40 #include <sys/param.h>
41 #include <sys/types.h>
42 #include <sys/synch.h>
43 #include <sys/taskq.h>
44 #include <sys/socket.h>
45 #include <sys/acl.h>
46 #include <sys/sdt.h>
47 #include <sys/stat.h>
48 #include <sys/vnode.h>
49 #include <sys/cred.h>
50 #include <netinet/in.h>
51 #include <sys/ksocket.h>
52 #include <sys/fem.h>
53 #include <smbsrv/smb.h>
54 #include <smbsrv/smb2.h>
55 #include <smbsrv/smbinfo.h>
56 #include <smbsrv/mbuf.h>
57 #include <smbsrv/smb_sid.h>
58 #include <smbsrv/smb_xdr.h>
59 #include <smbsrv/netbios.h>
60 #include <smbsrv/smb_vops.h>
61 #include <smbsrv/smb_kstat.h>
62
63 struct __door_handle; /* <sys/door.h> */
64 struct edirent; /* <sys/extdirent.h> */
65 struct nvlist;
66
67 struct smb_disp_entry;
68 struct smb_request;
69 struct smb_server;
70 struct smb_event;
71 struct smb_export;
72
73 /*
74 * Accumulated time and queue length statistics.
75 *
76 * Accumulated time statistics are kept as a running sum of "active" time.
77 * Queue length statistics are kept as a running sum of the product of queue
78 * length and elapsed time at that length -- i.e., a Riemann sum for queue
79 * length integrated against time. (You can also think of the active time as a
80 * Riemann sum, for the boolean function (queue_length > 0) integrated against
81 * time, or you can think of it as the Lebesgue measure of the set on which
82 * queue_length > 0.)
83 *
84 * ^
85 * | _________
86 * 8 | i4 |
87 * | | |
88 * Queue 6 | |
89 * Length | _________ | |
90 * 4 | i2 |_______| |
91 * | | i3 |
92 * 2_______| |
93 * | i1 |
94 * |_______________________________|
95 * Time-> t1 t2 t3 t4
96 *
97 * At each change of state (entry or exit from the queue), we add the elapsed
98 * time (since the previous state change) to the active time if the queue length
99 * was non-zero during that interval; and we add the product of the elapsed time
100 * times the queue length to the running length*time sum.
101 *
102 * This method is generalizable to measuring residency in any defined system:
103 * instead of queue lengths, think of "outstanding RPC calls to server X".
104 *
105 * A large number of I/O subsystems have at least two basic "lists" of
106 * transactions they manage: one for transactions that have been accepted for
107 * processing but for which processing has yet to begin, and one for
108 * transactions which are actively being processed (but not done). For this
109 * reason, two cumulative time statistics are defined here: wait (pre-service)
110 * time, and run (service) time.
111 *
112 * All times are 64-bit nanoseconds (hrtime_t), as returned by gethrtime().
113 *
114 * The units of cumulative busy time are accumulated nanoseconds. The units of
115 * cumulative length*time products are elapsed time times queue length.
116 *
117 * Updates to the fields below are performed implicitly by calls to
118 * these functions:
119 *
120 * smb_srqueue_init()
121 * smb_srqueue_destroy()
122 * smb_srqueue_waitq_enter()
123 * smb_srqueue_runq_exit()
124 * smb_srqueue_waitq_to_runq()
125 * smb_srqueue_update()
126 *
127 * These fields should never be updated by any other means.
128 */
129 typedef struct smb_srqueue {
130 kmutex_t srq_mutex;
131 hrtime_t srq_wlastupdate;
132 hrtime_t srq_wtime;
133 hrtime_t srq_wlentime;
134 hrtime_t srq_rlastupdate;
135 hrtime_t srq_rtime;
136 hrtime_t srq_rlentime;
137 uint32_t srq_wcnt;
138 uint32_t srq_rcnt;
139 } smb_srqueue_t;
140
141 /*
142 * The fields with the prefix 'ly_a' contain the statistics collected since the
143 * server was last started ('a' for 'aggregated'). The fields with the prefix
144 * 'ly_d' contain the statistics collected since the last snapshot ('d' for
145 * 'delta').
146 */
147 typedef struct smb_latency {
148 kmutex_t ly_mutex;
149 uint64_t ly_a_nreq;
150 hrtime_t ly_a_sum;
151 hrtime_t ly_a_mean;
152 hrtime_t ly_a_stddev;
153 uint64_t ly_d_nreq;
154 hrtime_t ly_d_sum;
155 hrtime_t ly_d_mean;
156 hrtime_t ly_d_stddev;
157 } smb_latency_t;
158
159 typedef struct smb_disp_stats {
160 volatile uint64_t sdt_txb;
161 volatile uint64_t sdt_rxb;
162 smb_latency_t sdt_lat;
163 } smb_disp_stats_t;
164
165 int smb_noop(void *, size_t, int);
166
167 #define SMB_AUDIT_STACK_DEPTH 16
168 #define SMB_AUDIT_BUF_MAX_REC 16
169 #define SMB_AUDIT_NODE 0x00000001
170
171 /*
172 * Maximum number of records returned in SMBsearch, SMBfind
173 * and SMBfindunique response. Value set to 10 for compatibility
174 * with Windows.
175 */
176 #define SMB_MAX_SEARCH 10
177
178 #define SMB_SEARCH_ATTRIBUTES \
179 (FILE_ATTRIBUTE_HIDDEN | \
180 FILE_ATTRIBUTE_SYSTEM | \
181 FILE_ATTRIBUTE_DIRECTORY)
182
183 #define SMB_SEARCH_HIDDEN(sattr) ((sattr) & FILE_ATTRIBUTE_HIDDEN)
184 #define SMB_SEARCH_SYSTEM(sattr) ((sattr) & FILE_ATTRIBUTE_SYSTEM)
185 #define SMB_SEARCH_DIRECTORY(sattr) ((sattr) & FILE_ATTRIBUTE_DIRECTORY)
186 #define SMB_SEARCH_ALL(sattr) ((sattr) & SMB_SEARCH_ATTRIBUTES)
187
188 typedef struct {
189 uint32_t anr_refcnt;
190 int anr_depth;
191 pc_t anr_stack[SMB_AUDIT_STACK_DEPTH];
192 } smb_audit_record_node_t;
193
194 typedef struct {
195 int anb_index;
196 int anb_max_index;
197 smb_audit_record_node_t anb_records[SMB_AUDIT_BUF_MAX_REC];
198 } smb_audit_buf_node_t;
199
200 /*
201 * Thread State Machine
202 * --------------------
203 *
204 * T5 T0
205 * smb_thread_destroy() <-------+ +------- smb_thread_init()
206 * | |
207 * | v
208 * +-----------------------------+
209 * | SMB_THREAD_STATE_EXITED |<---+
210 * +-----------------------------+ |
211 * | T1 |
212 * v |
213 * +-----------------------------+ |
214 * | SMB_THREAD_STATE_STARTING | |
215 * +-----------------------------+ |
216 * | T2 | T4
217 * v |
218 * +-----------------------------+ |
219 * | SMB_THREAD_STATE_RUNNING | |
220 * +-----------------------------+ |
221 * | T3 |
222 * v |
223 * +-----------------------------+ |
224 * | SMB_THREAD_STATE_EXITING |----+
225 * +-----------------------------+
226 *
227 * Transition T0
228 *
229 * This transition is executed in smb_thread_init().
230 *
231 * Transition T1
232 *
233 * This transition is executed in smb_thread_start().
234 *
235 * Transition T2
236 *
237 * This transition is executed by the thread itself when it starts running.
238 *
239 * Transition T3
240 *
241 * This transition is executed by the thread itself in
242 * smb_thread_entry_point() just before calling thread_exit().
243 *
244 *
245 * Transition T4
246 *
247 * This transition is executed in smb_thread_stop().
248 *
249 * Transition T5
250 *
251 * This transition is executed in smb_thread_destroy().
252 */
253 typedef enum smb_thread_state {
254 SMB_THREAD_STATE_STARTING = 0,
255 SMB_THREAD_STATE_RUNNING,
256 SMB_THREAD_STATE_EXITING,
257 SMB_THREAD_STATE_EXITED,
258 SMB_THREAD_STATE_FAILED
259 } smb_thread_state_t;
260
261 struct _smb_thread;
262
263 typedef void (*smb_thread_ep_t)(struct _smb_thread *, void *ep_arg);
264
265 #define SMB_THREAD_MAGIC 0x534D4254 /* SMBT */
266
267 typedef struct _smb_thread {
268 uint32_t sth_magic;
269 char sth_name[32];
270 smb_thread_state_t sth_state;
271 kthread_t *sth_th;
272 kt_did_t sth_did;
273 smb_thread_ep_t sth_ep;
274 void *sth_ep_arg;
275 pri_t sth_pri;
276 boolean_t sth_kill;
277 kmutex_t sth_mtx;
278 kcondvar_t sth_cv;
279 } smb_thread_t;
280
281 /*
282 * Pool of IDs
283 * -----------
284 *
285 * A pool of IDs is a pool of 16 bit numbers. It is implemented as a bitmap.
286 * A bit set to '1' indicates that that particular value has been allocated.
287 * The allocation process is done shifting a bit through the whole bitmap.
288 * The current position of that index bit is kept in the smb_idpool_t
289 * structure and represented by a byte index (0 to buffer size minus 1) and
290 * a bit index (0 to 7).
291 *
292 * The pools start with a size of 8 bytes or 64 IDs. Each time the pool runs
293 * out of IDs its current size is doubled until it reaches its maximum size
294 * (8192 bytes or 65536 IDs). The IDs 0 and 65535 are never given out which
295 * means that a pool can have a maximum number of 65534 IDs available.
296 */
297 #define SMB_IDPOOL_MAGIC 0x4944504C /* IDPL */
298 #define SMB_IDPOOL_MIN_SIZE 64 /* Number of IDs to begin with */
299 #define SMB_IDPOOL_MAX_SIZE 64 * 1024
300
301 typedef struct smb_idpool {
302 uint32_t id_magic;
303 kmutex_t id_mutex;
304 uint8_t *id_pool;
305 uint32_t id_size;
306 uint32_t id_maxsize;
307 uint8_t id_bit;
308 uint8_t id_bit_idx;
309 uint32_t id_idx;
310 uint32_t id_idx_msk;
311 uint32_t id_free_counter;
312 uint32_t id_max_free_counter;
313 } smb_idpool_t;
314
315 /*
316 * Maximum size of a Transport Data Unit when CAP_LARGE_READX and
317 * CAP_LARGE_WRITEX are not set. CAP_LARGE_READX/CAP_LARGE_WRITEX
318 * allow the payload to exceed the negotiated buffer size.
319 * 4 --> NBT/TCP Transport Header.
320 * 32 --> SMB Header
321 * 1 --> Word Count byte
322 * 510 --> Maximum Number of bytes of the Word Table (2 * 255)
323 * 2 --> Byte count of the data
324 * 65535 --> Maximum size of the data
325 * -----
326 * 66084
327 */
328 #define SMB_REQ_MAX_SIZE 66560 /* 65KB */
329 #define SMB_XPRT_MAX_SIZE (SMB_REQ_MAX_SIZE + NETBIOS_HDR_SZ)
330
331 #define SMB_TXREQ_MAGIC 0X54524251 /* 'TREQ' */
332 typedef struct {
333 list_node_t tr_lnd;
334 uint32_t tr_magic;
335 int tr_len;
336 uint8_t tr_buf[SMB_XPRT_MAX_SIZE];
337 } smb_txreq_t;
338
339 #define SMB_TXLST_MAGIC 0X544C5354 /* 'TLST' */
340 typedef struct {
341 uint32_t tl_magic;
342 kmutex_t tl_mutex;
343 kcondvar_t tl_wait_cv;
344 boolean_t tl_active;
345 } smb_txlst_t;
346
347 /*
348 * Maximum buffer size for NT is 37KB. If all clients are Windows 2000, this
349 * can be changed to 64KB. 37KB must be used with a mix of NT/Windows 2000
350 * clients because NT loses directory entries when values greater than 37KB are
351 * used.
352 *
353 * Note: NBT_MAXBUF will be subtracted from the specified max buffer size to
354 * account for the NBT header.
355 */
356 #define NBT_MAXBUF 8
357 #define SMB_NT_MAXBUF (37 * 1024)
358
359 #define OUTBUFSIZE (65 * 1024)
360 #define SMBHEADERSIZE 32
361 #define SMBND_HASH_MASK (0xFF)
362 #define MAX_IOVEC 512
363 #define MAX_READREF (8 * 1024)
364
365 #define SMB_WORKER_MIN 4
366 #define SMB_WORKER_DEFAULT 64
367 #define SMB_WORKER_MAX 1024
368
369 /*
370 * Destructor object used in the locked-list delete queue.
371 */
372 #define SMB_DTOR_MAGIC 0x44544F52 /* DTOR */
373 #define SMB_DTOR_VALID(d) \
374 ASSERT(((d) != NULL) && ((d)->dt_magic == SMB_DTOR_MAGIC))
375
376 typedef void (*smb_dtorproc_t)(void *);
377
378 typedef struct smb_dtor {
379 list_node_t dt_lnd;
380 uint32_t dt_magic;
381 void *dt_object;
382 smb_dtorproc_t dt_proc;
383 } smb_dtor_t;
384
385 typedef struct smb_llist {
386 krwlock_t ll_lock;
387 list_t ll_list;
388 uint32_t ll_count;
389 uint64_t ll_wrop;
390 kmutex_t ll_mutex;
391 list_t ll_deleteq;
392 uint32_t ll_deleteq_count;
393 boolean_t ll_flushing;
394 } smb_llist_t;
395
396 typedef struct smb_bucket {
397 smb_llist_t b_list;
398 uint32_t b_max_seen;
399 } smb_bucket_t;
400
401 typedef struct smb_hash {
402 uint32_t rshift;
403 uint32_t num_buckets;
404 smb_bucket_t *buckets;
405 } smb_hash_t;
406
407 typedef struct smb_slist {
408 kmutex_t sl_mutex;
409 kcondvar_t sl_cv;
410 list_t sl_list;
411 uint32_t sl_count;
412 boolean_t sl_waiting;
413 } smb_slist_t;
414
415 /*
416 * smb_avl_t State Machine
417 * --------------------
418 *
419 * +-----------------------------+
420 * | SMB_AVL_STATE_START |
421 * +-----------------------------+
422 * | T0
423 * v
424 * +-----------------------------+
425 * | SMB_AVL_STATE_READY |
426 * +-----------------------------+
427 * | T1
428 * v
429 * +-----------------------------+
430 * | SMB_AVL_STATE_DESTROYING |
431 * +-----------------------------+
432 *
433 * Transition T0
434 *
435 * This transition is executed in smb_avl_create().
436 *
437 * Transition T1
438 *
439 * This transition is executed in smb_avl_destroy().
440 *
441 */
442 typedef enum {
443 SMB_AVL_STATE_START = 0,
444 SMB_AVL_STATE_READY,
445 SMB_AVL_STATE_DESTROYING
446 } smb_avl_state_t;
447
448 typedef struct smb_avl_nops {
449 int (*avln_cmp) (const void *, const void *);
450 void (*avln_hold)(const void *);
451 boolean_t (*avln_rele)(const void *);
452 void (*avln_destroy)(void *);
453 } smb_avl_nops_t;
454
455 typedef struct smb_avl_cursor {
456 void *avlc_next;
457 uint32_t avlc_sequence;
458 } smb_avl_cursor_t;
459
460 typedef struct smb_avl {
461 krwlock_t avl_lock;
462 avl_tree_t avl_tree;
463 kmutex_t avl_mutex;
464 kcondvar_t avl_cv;
465 smb_avl_state_t avl_state;
466 uint32_t avl_refcnt;
467 uint32_t avl_sequence;
468 const smb_avl_nops_t *avl_nops;
469 } smb_avl_t;
470
471 typedef struct {
472 kcondvar_t rwx_cv;
473 kmutex_t rwx_mutex;
474 krwlock_t rwx_lock;
475 boolean_t rwx_waiting;
476 } smb_rwx_t;
477
478 typedef struct smb_export {
479 kmutex_t e_mutex;
480 boolean_t e_ready;
481 smb_avl_t e_share_avl;
482 smb_slist_t e_unexport_list;
483 smb_thread_t e_unexport_thread;
484 } smb_export_t;
485
486 /*
487 * NOTIFY CHANGE, a.k.a. File Change Notification (FCN)
488 */
489
490 /*
491 * These FCN filter mask values are not from MS-FSCC, but
492 * must not overlap with any FILE_NOTIFY_VALID_MASK values.
493 */
494 #define FILE_NOTIFY_CHANGE_EV_SUBDIR 0x00010000
495 #define FILE_NOTIFY_CHANGE_EV_DELETE 0x00020000
496 #define FILE_NOTIFY_CHANGE_EV_CLOSED 0x00040000
497 #define FILE_NOTIFY_CHANGE_EV_OVERFLOW 0x00080000
498
499 /*
500 * Note: These FCN action values are not from MS-FSCC, but must
501 * follow in sequence from FILE_ACTION_MODIFIED_STREAM.
502 *
503 * FILE_ACTION_SUBDIR_CHANGED is used internally for
504 * "watch tree" support, posted to all parents of a
505 * directory that had one of the changes above.
506 *
507 * FILE_ACTION_DELETE_PENDING is used internally to tell
508 * notify change requests when the "delete-on-close" flag
509 * has been set on the directory being watched.
510 *
511 * FILE_ACTION_HANDLE_CLOSED is used to wakeup notify change
512 * requests when the watched directory handle is closed.
513 */
514 #define FILE_ACTION_SUBDIR_CHANGED 0x00000009
515 #define FILE_ACTION_DELETE_PENDING 0x0000000a
516 #define FILE_ACTION_HANDLE_CLOSED 0x0000000b
517
518 /*
519 * Sub-struct within smb_ofile_t
520 */
521 typedef struct smb_notify {
522 list_t nc_waiters; /* Waiting SRs */
523 mbuf_chain_t nc_buffer;
524 uint32_t nc_filter;
525 uint32_t nc_events;
526 int nc_last_off;
527 boolean_t nc_subscribed;
528 } smb_notify_t;
529
530 /*
531 * SMB operates over a NetBIOS-over-TCP transport (NBT) or directly
532 * over TCP, which is also known as direct hosted NetBIOS-less SMB
533 * or SMB-over-TCP.
534 *
535 * NBT messages have a 4-byte header that defines the message type
536 * (8-bits), a 7-bit flags field and a 17-bit length.
537 *
538 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
539 * | TYPE | FLAGS |E| LENGTH |
540 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
541 *
542 * 8-bit type Defined in RFC 1002
543 * 7-bit flags Bits 0-6 reserved (must be 0)
544 * Bit 7: Length extension bit (E)
545 * 17-bit length Includes bit 7 of the flags byte
546 *
547 *
548 * SMB-over-TCP is defined to use a modified version of the NBT header
549 * containing an 8-bit message type and 24-bit message length.
550 *
551 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
552 * | TYPE | LENGTH |
553 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
554 *
555 * 8-bit type Must be 0
556 * 24-bit length
557 *
558 * The following structure is used to represent a generic, in-memory
559 * SMB transport header; it is not intended to map directly to either
560 * of the over-the-wire formats.
561 */
562 typedef struct {
563 uint8_t xh_type;
564 uint32_t xh_length;
565 } smb_xprt_t;
566
567 int MBC_LENGTH(struct mbuf_chain *);
568 int MBC_MAXBYTES(struct mbuf_chain *);
569 void MBC_SETUP(struct mbuf_chain *, uint32_t);
570 void MBC_INIT(struct mbuf_chain *, uint32_t);
571 void MBC_FLUSH(struct mbuf_chain *);
572 void MBC_ATTACH_MBUF(struct mbuf_chain *, struct mbuf *);
573 void MBC_APPEND_MBUF(struct mbuf_chain *, struct mbuf *);
574 void MBC_ATTACH_BUF(struct mbuf_chain *MBC, unsigned char *BUF, int LEN);
575 int MBC_SHADOW_CHAIN(struct mbuf_chain *SUBMBC, struct mbuf_chain *MBC,
576 int OFF, int LEN);
577
578 #define MBC_ROOM_FOR(b, n) (((b)->chain_offset + (n)) <= (b)->max_bytes)
579
580 /*
581 * Per smb_node oplock state
582 */
583 typedef struct smb_oplock {
584 kmutex_t ol_mutex;
585 boolean_t ol_fem; /* fem monitor installed? */
586 struct smb_ofile *excl_open;
587 uint32_t ol_state;
588 int32_t cnt_II;
589 int32_t cnt_R;
590 int32_t cnt_RH;
591 int32_t cnt_RHBQ;
592 int32_t waiters;
593 kcondvar_t WaitingOpenCV;
594 } smb_oplock_t;
595
596 /*
597 * Per smb_ofile oplock state
598 */
599 typedef struct smb_oplock_grant {
600 /* smb protocol-level state */
601 uint32_t og_state; /* latest sent to client */
602 uint32_t og_breaking; /* BREAK_TO... flags */
603 uint16_t og_dialect; /* how to send breaks */
604 /* File-system level state */
605 uint8_t onlist_II;
606 uint8_t onlist_R;
607 uint8_t onlist_RH;
608 uint8_t onlist_RHBQ;
609 uint8_t BreakingToRead;
610 } smb_oplock_grant_t;
611
612 #define SMB_LEASE_KEY_SZ 16
613
614 typedef struct smb_lease {
615 list_node_t ls_lnd; /* sv_lease_ht */
616 kmutex_t ls_mutex;
617 smb_llist_t *ls_bucket;
618 struct smb_node *ls_node;
619 /*
620 * With a lease, just one ofile has the oplock.
621 * This (used only for comparison) identifies which.
622 */
623 void *ls_oplock_ofile;
624 uint32_t ls_refcnt;
625 uint32_t ls_state;
626 uint32_t ls_breaking; /* BREAK_TO... flags */
627 uint16_t ls_epoch;
628 uint16_t ls_version;
629 uint8_t ls_key[SMB_LEASE_KEY_SZ];
630 uint8_t ls_clnt[SMB_LEASE_KEY_SZ];
631 } smb_lease_t;
632
633 #define SMB_NODE_MAGIC 0x4E4F4445 /* 'NODE' */
634 #define SMB_NODE_VALID(p) ASSERT((p)->n_magic == SMB_NODE_MAGIC)
635
636 typedef enum {
637 SMB_NODE_STATE_AVAILABLE = 0,
638 SMB_NODE_STATE_DESTROYING
639 } smb_node_state_t;
640
641 /*
642 * waiting_event # of clients requesting FCN
643 * n_timestamps cached timestamps
644 * n_allocsz cached file allocation size
645 * n_dnode directory node
646 * n_unode unnamed stream node
647 * delete_on_close_cred credentials for delayed delete
648 */
649 typedef struct smb_node {
650 list_node_t n_lnd;
651 uint32_t n_magic;
652 krwlock_t n_lock;
653 kmutex_t n_mutex;
654 smb_node_state_t n_state;
655 uint32_t n_refcnt;
656 uint32_t n_hashkey;
657 smb_llist_t *n_hash_bucket;
658 uint32_t n_open_count;
659 uint32_t n_opening_count;
660 smb_llist_t n_ofile_list;
661 /* If entering both, go in order n_lock_list, n_wlock_list */
662 smb_llist_t n_lock_list; /* active locks */
663 smb_llist_t n_wlock_list; /* waiting locks */
664 volatile int flags;
665 u_offset_t n_allocsz;
666 uint32_t n_fcn_count;
667 smb_oplock_t n_oplock;
668 struct smb_node *n_dnode;
669 struct smb_node *n_unode;
670 cred_t *delete_on_close_cred;
671 uint32_t n_delete_on_close_flags;
672 char od_name[MAXNAMELEN];
673 vnode_t *vp;
674 smb_audit_buf_node_t *n_audit_buf;
675 } smb_node_t;
676
677 #define NODE_FLAGS_REPARSE 0x00001000
678 #define NODE_FLAGS_DFSLINK 0x00002000
679 #define NODE_FLAGS_VFSROOT 0x00004000
680 #define NODE_FLAGS_SYSTEM 0x00008000
681 #define NODE_FLAGS_WRITE_THROUGH 0x00100000
682 #define NODE_XATTR_DIR 0x01000000
683 #define NODE_FLAGS_DELETE_COMMITTED 0x20000000
684 #define NODE_FLAGS_DELETE_ON_CLOSE 0x40000000
685 #define NODE_FLAGS_EXECUTABLE 0x80000000
686
687 #define SMB_NODE_VFS(node) ((node)->vp->v_vfsp)
688 #define SMB_NODE_FSID(node) ((node)->vp->v_vfsp->vfs_fsid)
689
690 /* Maximum buffer size for encryption key */
691 #define SMB_ENCRYPT_KEY_MAXLEN 32
692
693 #define SMB_SHARE_MAGIC 0x4B534852 /* KSHR */
694
695 typedef struct smb_kshare {
696 uint32_t shr_magic;
697 avl_node_t shr_link;
698 kmutex_t shr_mutex;
699 kcondvar_t shr_cv;
700 char *shr_name;
701 char *shr_path;
702 char *shr_cmnt;
703 char *shr_container;
704 char *shr_oemname;
705 uint32_t shr_flags;
706 uint32_t shr_type;
707 uint32_t shr_refcnt;
708 uint32_t shr_autocnt;
709 uid_t shr_uid;
710 gid_t shr_gid;
711 char *shr_access_none;
712 char *shr_access_ro;
713 char *shr_access_rw;
714 smb_node_t *shr_root_node;
715 smb_node_t *shr_ca_dir;
716 void *shr_import_busy;
717 smb_cfg_val_t shr_encrypt; /* Share.EncryptData */
718 } smb_kshare_t;
719
720
721 typedef struct smb_arg_negotiate {
722 char *ni_name;
723 int ni_dialect;
724 int ni_index;
725 uint32_t ni_capabilities;
726 uint16_t ni_maxmpxcount;
727 int16_t ni_tzcorrection;
728 uint8_t ni_keylen;
729 uint8_t ni_key[SMB_ENCRYPT_KEY_MAXLEN];
730 timestruc_t ni_servertime;
731 } smb_arg_negotiate_t;
732
733 typedef enum {
734 SMB_SSNSETUP_PRE_NTLM012 = 1,
735 SMB_SSNSETUP_NTLM012_NOEXT,
736 SMB_SSNSETUP_NTLM012_EXTSEC
737 } smb_ssnsetup_type_t;
738
739 typedef struct smb_arg_sessionsetup {
740 smb_ssnsetup_type_t ssi_type;
741 char *ssi_user;
742 char *ssi_domain;
743 /* LM password hash, f.k.a. case-insensitive p/w */
744 uint16_t ssi_lmpwlen;
745 uint8_t *ssi_lmpwd;
746 /* NT password hash, f.k.a. case-sensitive p/w */
747 uint16_t ssi_ntpwlen;
748 uint8_t *ssi_ntpwd;
749 /* Incoming security blob */
750 uint16_t ssi_iseclen;
751 uint8_t *ssi_isecblob;
752 /* Incoming security blob */
753 uint16_t ssi_oseclen;
754 uint8_t *ssi_osecblob;
755 /* parameters */
756 uint16_t ssi_maxbufsize;
757 uint16_t ssi_maxmpxcount;
758 uint32_t ssi_capabilities;
759 int ssi_native_os;
760 int ssi_native_lm;
761 } smb_arg_sessionsetup_t;
762
763 typedef struct tcon {
764 char *name;
765 char *path;
766 char *service;
767 int pwdlen;
768 char *password;
769 uint16_t flags;
770 uint16_t optional_support;
771 smb_kshare_t *si;
772 } smb_arg_tcon_t;
773
774 /*
775 * Based on section 2.6.1.2 (Connection Management) of the June 13,
776 * 1996 CIFS spec, a server may terminate the transport connection
777 * due to inactivity. The client software is expected to be able to
778 * automatically reconnect to the server if this happens. Like much
779 * of the useful background information, this section appears to
780 * have been dropped from later revisions of the document.
781 *
782 * Each session has an activity timestamp that's updated whenever a
783 * request is dispatched. If the session is idle, i.e. receives no
784 * requests, for SMB_SESSION_INACTIVITY_TIMEOUT minutes it will be
785 * closed.
786 *
787 * Each session has an I/O semaphore to serialize communication with
788 * the client. For example, after receiving a raw-read request, the
789 * server is not allowed to send an oplock break to the client until
790 * after it has sent the raw-read data.
791 */
792 #define SMB_SESSION_INACTIVITY_TIMEOUT (15 * 60)
793
794 /* SMB1 signing */
795 struct smb_sign {
796 unsigned int flags;
797 uint32_t seqnum;
798 uint_t mackey_len;
799 uint8_t *mackey;
800 };
801
802 /*
803 * SMB2 signing
804 */
805 struct smb_key {
806 uint_t len;
807 uint8_t key[SMB2_SESSION_KEY_LEN];
808 };
809
810 #define SMB_SIGNING_ENABLED 1
811 #define SMB_SIGNING_CHECK 2
812
813 /*
814 * Locking notes:
815 * If you hold the mutex/lock on an object, don't flush the deleteq
816 * of the objects directly below it in the logical hierarchy
817 * (i.e. via smb_llist_exit()). I.e. don't drop s_tree_list when
818 * you hold u_mutex, because deleted trees need u_mutex to
819 * lower the refcnt.
820 *
821 * Note that this also applies to u_mutex and t_ofile_list.
822 */
823
824 /*
825 * The "session" object.
826 *
827 * Note that the smb_session_t object here corresponds to what MS-SMB2
828 * calls a "connection". Adding to the confusion, what MS calls a
829 * "session" corresponds to our smb_user_t (below).
830 */
831
832 /*
833 * Session State Machine
834 * ---------------------
835 *
836 *
837 * +-----------------------------+ +----------------------------+
838 * | SMB_SESSION_STATE_CONNECTED | | SMB_SESSION_STATE_SHUTDOWN |
839 * +-----------------------------+ +----------------------------+
840 * | ^
841 * | |T6
842 * | +------------------------------+
843 * | | SMB_SESSION_STATE_TERMINATED |
844 * T0| +------------------------------+
845 * +--------------------+ ^
846 * v |T4 |T5
847 * +-------------------------------+ | +--------------------------------+
848 * | SMB_SESSION_STATE_ESTABLISHED |---+--->| SMB_SESSION_STATE_DISCONNECTED |
849 * +-------------------------------+ +--------------------------------+
850 * T1| ^
851 * +----------+ |T3
852 * v |
853 * +------------------------------+
854 * | SMB_SESSION_STATE_NEGOTIATED |
855 * +------------------------------+
856 *
857 *
858 * Transition T0
859 *
860 *
861 *
862 * Transition T1
863 *
864 *
865 *
866 * Transition T2
867 *
868 *
869 *
870 * Transition T3
871 *
872 *
873 *
874 * Transition T4
875 *
876 *
877 *
878 * Transition T5
879 *
880 *
881 *
882 * Transition T6
883 *
884 *
885 *
886 */
887 #define SMB_SESSION_MAGIC 0x53455353 /* 'SESS' */
888 #define SMB_SESSION_VALID(p) \
889 ASSERT(((p) != NULL) && ((p)->s_magic == SMB_SESSION_MAGIC))
890
891 #define SMB_CHALLENGE_SZ 8
892 #define SMB3_PREAUTH_HASHVAL_SZ 64
893
894 typedef enum {
895 SMB_SESSION_STATE_INITIALIZED = 0,
896 SMB_SESSION_STATE_DISCONNECTED,
897 SMB_SESSION_STATE_CONNECTED,
898 SMB_SESSION_STATE_ESTABLISHED,
899 SMB_SESSION_STATE_NEGOTIATED,
900 SMB_SESSION_STATE_TERMINATED,
901 SMB_SESSION_STATE_SHUTDOWN,
902 SMB_SESSION_STATE_SENTINEL
903 } smb_session_state_t;
904
905 /* Bits in s_flags below */
906 #define SMB_SSN_AAPL_CCEXT 1 /* Saw "AAPL" create ctx. ext. */
907 #define SMB_SSN_AAPL_READDIR 2 /* Wants MacOS ext. readdir */
908
909 typedef struct smb_session {
910 list_node_t s_lnd;
911 uint32_t s_magic;
912 smb_rwx_t s_lock;
913 uint64_t s_kid;
914 smb_session_state_t s_state;
915 uint32_t s_flags;
916 taskqid_t s_receiver_tqid;
917 kthread_t *s_thread;
918 kt_did_t s_ktdid;
919 int (*newrq_func)(struct smb_request *);
920 struct smb_server *s_server;
921 smb_kmod_cfg_t s_cfg;
922 int32_t s_gmtoff;
923 uint32_t keep_alive;
924 uint64_t opentime;
925 uint16_t s_local_port;
926 uint16_t s_remote_port;
927 smb_inaddr_t ipaddr;
928 smb_inaddr_t local_ipaddr;
929 int dialect;
930 int native_os;
931 int native_lm;
932
933 kmutex_t s_credits_mutex;
934 uint16_t s_cur_credits;
935 uint16_t s_max_credits;
936
937 uint32_t capabilities;
938 uint32_t srv_cap;
939
940 struct smb_sign signing; /* SMB1 */
941 void *sign_mech; /* mechanism info */
942 void *enc_mech;
943 void *preauth_mech;
944
945 /* SMB2/SMB3 signing support */
946 int (*sign_calc)(struct smb_request *,
947 struct mbuf_chain *, uint8_t *);
948 void (*sign_fini)(struct smb_session *);
949
950 ksocket_t sock;
951
952 smb_slist_t s_req_list;
953 smb_llist_t s_xa_list;
954 smb_llist_t s_user_list;
955 smb_llist_t s_tree_list;
956 smb_idpool_t s_uid_pool;
957 smb_idpool_t s_tid_pool;
958 smb_txlst_t s_txlst;
959
960 volatile uint32_t s_tree_cnt;
961 volatile uint32_t s_file_cnt;
962 volatile uint32_t s_dir_cnt;
963
964 uint16_t cli_secmode;
965 uint16_t srv_secmode;
966 uint32_t sesskey;
967 uint32_t challenge_len;
968 unsigned char challenge_key[SMB_CHALLENGE_SZ];
969 int64_t activity_timestamp;
970 timeout_id_t s_auth_tmo;
971
972 /*
973 * Maximum negotiated buffer sizes between SMB client and server
974 * in SMB_SESSION_SETUP_ANDX
975 */
976 int cmd_max_bytes;
977 int reply_max_bytes;
978 uint16_t smb_msg_size;
979 uint16_t smb_max_mpx;
980 smb_srqueue_t *s_srqueue;
981 uint64_t start_time;
982
983 uint16_t smb31_enc_cipherid;
984 uint16_t smb31_preauth_hashid;
985 uint8_t smb31_preauth_hashval[SMB3_PREAUTH_HASHVAL_SZ];
986 uint8_t smb31_preauth_salt[32];
987
988 unsigned char MAC_key[44];
989 char ip_addr_str[INET6_ADDRSTRLEN];
990 uint8_t clnt_uuid[16];
991 char workstation[SMB_PI_MAX_HOST];
992 } smb_session_t;
993
994 /*
995 * The "user" object.
996 *
997 * Note that smb_user_t object here corresponds to what MS-SMB2 calls
998 * a "session". (Our smb_session_t is something else -- see above).
999 */
1000
1001 #define SMB_USER_MAGIC 0x55534552 /* 'USER' */
1002 #define SMB_USER_VALID(u) \
1003 ASSERT(((u) != NULL) && ((u)->u_magic == SMB_USER_MAGIC))
1004
1005 /* These flags are all <= 0x00000010 */
1006 #define SMB_USER_FLAG_GUEST SMB_ATF_GUEST
1007 #define SMB_USER_FLAG_ANON SMB_ATF_ANON
1008 #define SMB_USER_FLAG_ADMIN SMB_ATF_ADMIN
1009 #define SMB_USER_FLAG_POWER_USER SMB_ATF_POWERUSER
1010 #define SMB_USER_FLAG_BACKUP_OPERATOR SMB_ATF_BACKUPOP
1011
1012 #define SMB_USER_IS_ADMIN(U) (((U)->u_flags & SMB_USER_FLAG_ADMIN) != 0)
1013 #define SMB_USER_IS_GUEST(U) (((U)->u_flags & SMB_USER_FLAG_GUEST) != 0)
1014
1015 /*
1016 * Internal privilege flags derived from smb_privilege.h numbers
1017 * Would rather not include that in this file.
1018 */
1019 #define SMB_USER_PRIV_SECURITY (1<<8) /* SE_SECURITY_LUID */
1020 #define SMB_USER_PRIV_TAKE_OWNERSHIP (1<<9) /* SE_TAKE_OWNERSHIP_LUID */
1021 #define SMB_USER_PRIV_BACKUP (1<<17) /* SE_BACKUP_LUID */
1022 #define SMB_USER_PRIV_RESTORE (1<<18) /* SE_RESTORE_LUID */
1023 #define SMB_USER_PRIV_CHANGE_NOTIFY (1<<23) /* SE_CHANGE_NOTIFY_LUID */
1024 #define SMB_USER_PRIV_READ_FILE (1<<25) /* SE_READ_FILE_LUID */
1025 #define SMB_USER_PRIV_WRITE_FILE (1<<26) /* SE_WRITE_FILE_LUID */
1026
1027 /*
1028 * See the long "User State Machine" comment in smb_user.c
1029 */
1030 typedef enum {
1031 SMB_USER_STATE_LOGGING_ON = 0,
1032 SMB_USER_STATE_LOGGED_ON,
1033 SMB_USER_STATE_LOGGING_OFF,
1034 SMB_USER_STATE_LOGGED_OFF,
1035 SMB_USER_STATE_SENTINEL
1036 } smb_user_state_t;
1037
1038 typedef enum {
1039 SMB2_DH_PRESERVE_NONE = 0,
1040 SMB2_DH_PRESERVE_SOME,
1041 SMB2_DH_PRESERVE_ALL
1042 } smb_preserve_type_t;
1043
1044 typedef struct smb_user {
1045 list_node_t u_lnd;
1046 uint32_t u_magic;
1047 kmutex_t u_mutex;
1048 smb_user_state_t u_state;
1049
1050 struct smb_server *u_server;
1051 smb_session_t *u_session;
1052 ksocket_t u_authsock;
1053 timeout_id_t u_auth_tmo;
1054 uint16_t u_name_len;
1055 char *u_name;
1056 uint16_t u_domain_len;
1057 char *u_domain;
1058 time_t u_logon_time;
1059 cred_t *u_cred;
1060 cred_t *u_privcred;
1061
1062 uint64_t u_ssnid; /* unique server-wide */
1063 uint32_t u_refcnt;
1064 uint32_t u_flags;
1065 smb_preserve_type_t preserve_opens;
1066 uint32_t u_privileges;
1067 uint16_t u_uid; /* unique per-session */
1068 uint32_t u_audit_sid;
1069
1070 uint32_t u_sign_flags;
1071 struct smb_key u_sign_key; /* SMB2 signing */
1072
1073 struct smb_key u_enc_key;
1074 struct smb_key u_dec_key;
1075 volatile uint64_t u_nonce_cnt;
1076 uint8_t u_nonce_fixed[4];
1077 uint64_t u_salt;
1078 smb_cfg_val_t u_encrypt;
1079 } smb_user_t;
1080
1081 #define SMB_TREE_MAGIC 0x54524545 /* 'TREE' */
1082 #define SMB_TREE_VALID(p) \
1083 ASSERT((p != NULL) && ((p)->t_magic == SMB_TREE_MAGIC))
1084
1085 #define SMB_TYPENAMELEN _ST_FSTYPSZ
1086 #define SMB_VOLNAMELEN 32
1087
1088 #define SMB_TREE_READONLY 0x00000001
1089 #define SMB_TREE_SUPPORTS_ACLS 0x00000002
1090 #define SMB_TREE_STREAMS 0x00000004
1091 #define SMB_TREE_CASEINSENSITIVE 0x00000008
1092 #define SMB_TREE_NO_CASESENSITIVE 0x00000010
1093 #define SMB_TREE_NO_EXPORT 0x00000020
1094 #define SMB_TREE_OPLOCKS 0x00000040
1095 #define SMB_TREE_SHORTNAMES 0x00000080
1096 #define SMB_TREE_XVATTR 0x00000100
1097 #define SMB_TREE_DIRENTFLAGS 0x00000200
1098 #define SMB_TREE_ACLONCREATE 0x00000400
1099 #define SMB_TREE_ACEMASKONACCESS 0x00000800
1100 #define SMB_TREE_NFS_MOUNTED 0x00001000
1101 #define SMB_TREE_UNICODE_ON_DISK 0x00002000
1102 #define SMB_TREE_CATIA 0x00004000
1103 #define SMB_TREE_ABE 0x00008000
1104 #define SMB_TREE_QUOTA 0x00010000
1105 #define SMB_TREE_DFSROOT 0x00020000
1106 #define SMB_TREE_SPARSE 0x00040000
1107 #define SMB_TREE_TRAVERSE_MOUNTS 0x00080000
1108 #define SMB_TREE_FORCE_L2_OPLOCK 0x00100000
1109 #define SMB_TREE_CA 0x00200000
1110 /* Note: SMB_TREE_... in the mdb module too. */
1111
1112 /*
1113 * See the long "Tree State Machine" comment in smb_tree.c
1114 */
1115 typedef enum {
1116 SMB_TREE_STATE_CONNECTED = 0,
1117 SMB_TREE_STATE_DISCONNECTING,
1118 SMB_TREE_STATE_DISCONNECTED,
1119 SMB_TREE_STATE_SENTINEL
1120 } smb_tree_state_t;
1121
1122 typedef struct smb_tree {
1123 list_node_t t_lnd;
1124 uint32_t t_magic;
1125 kmutex_t t_mutex;
1126 smb_tree_state_t t_state;
1127
1128 struct smb_server *t_server;
1129 smb_session_t *t_session;
1130 /*
1131 * user whose uid was in the tree connect message
1132 * ("owner" in MS-CIFS parlance, see section 2.2.1.6 definition of FID)
1133 */
1134 smb_user_t *t_owner;
1135 smb_node_t *t_snode;
1136
1137 smb_llist_t t_ofile_list;
1138 smb_idpool_t t_fid_pool;
1139
1140 smb_llist_t t_odir_list;
1141 smb_idpool_t t_odid_pool;
1142
1143 uint32_t t_refcnt;
1144 uint32_t t_flags;
1145 int32_t t_res_type;
1146 uint16_t t_tid;
1147 uint16_t t_umask;
1148 char t_sharename[MAXNAMELEN];
1149 char t_resource[MAXPATHLEN];
1150 char t_typename[SMB_TYPENAMELEN];
1151 char t_volume[SMB_VOLNAMELEN];
1152 acl_type_t t_acltype;
1153 uint32_t t_access;
1154 uint32_t t_execflags;
1155 time_t t_connect_time;
1156 volatile uint32_t t_open_files;
1157 smb_cfg_val_t t_encrypt; /* Share.EncryptData */
1158 } smb_tree_t;
1159
1160 #define SMB_TREE_VFS(tree) ((tree)->t_snode->vp->v_vfsp)
1161 #define SMB_TREE_FSID(tree) ((tree)->t_snode->vp->v_vfsp->vfs_fsid)
1162
1163 #define SMB_TREE_IS_READONLY(sr) \
1164 ((sr) != NULL && (sr)->tid_tree != NULL && \
1165 !((sr)->tid_tree->t_access & ACE_ALL_WRITE_PERMS))
1166
1167 #define SMB_TREE_IS_CASEINSENSITIVE(sr) \
1168 (((sr) && (sr)->tid_tree) ? \
1169 smb_tree_has_feature((sr)->tid_tree, SMB_TREE_CASEINSENSITIVE) : 0)
1170
1171 #define SMB_TREE_HAS_ACCESS(sr, acemask) \
1172 ((sr) == NULL ? ACE_ALL_PERMS : ( \
1173 (((sr) && (sr)->tid_tree) ? \
1174 (((sr)->tid_tree->t_access) & (acemask)) : 0)))
1175
1176 #define SMB_TREE_SUPPORTS_CATIA(sr) \
1177 (((sr) && (sr)->tid_tree) ? \
1178 smb_tree_has_feature((sr)->tid_tree, SMB_TREE_CATIA) : 0)
1179
1180 #define SMB_TREE_SUPPORTS_ABE(sr) \
1181 (((sr) && (sr)->tid_tree) ? \
1182 smb_tree_has_feature((sr)->tid_tree, SMB_TREE_ABE) : 0)
1183
1184 #define SMB_TREE_IS_DFSROOT(sr) \
1185 (((sr) && (sr)->tid_tree) ? \
1186 smb_tree_has_feature((sr)->tid_tree, SMB_TREE_DFSROOT) : 0)
1187
1188 #define SMB_TREE_SUPPORTS_SHORTNAMES(sr) \
1189 (((sr) && (sr)->tid_tree) ? \
1190 smb_tree_has_feature((sr)->tid_tree, SMB_TREE_SHORTNAMES) : 0)
1191
1192 /*
1193 * SMB_TREE_CONTAINS_NODE is used to check if a node is on the same
1194 * file system as the tree's root filesystem, or if mount point traversal
1195 * should be allowed. Note that this is also called in some cases with
1196 * sr=NULL, where it is expected to evaluate to TRUE.
1197 */
1198
1199 #define SMB_TREE_CONTAINS_NODE(sr, node) \
1200 ((sr) == NULL || (sr)->tid_tree == NULL || \
1201 SMB_TREE_VFS((sr)->tid_tree) == SMB_NODE_VFS(node) || \
1202 smb_tree_has_feature((sr)->tid_tree, SMB_TREE_TRAVERSE_MOUNTS))
1203
1204 /*
1205 * SMB_PATHFILE_IS_READONLY indicates whether or not a file is
1206 * readonly when the caller has a path rather than an ofile.
1207 */
1208 #define SMB_PATHFILE_IS_READONLY(sr, node) \
1209 (SMB_TREE_IS_READONLY((sr)) || \
1210 smb_node_file_is_readonly((node)))
1211
1212 #define SMB_ODIR_MAGIC 0x4F444952 /* 'ODIR' */
1213 #define SMB_ODIR_VALID(p) \
1214 ASSERT((p != NULL) && ((p)->d_magic == SMB_ODIR_MAGIC))
1215
1216 #define SMB_ODIR_BUFSIZE (8 * 1024)
1217
1218 #define SMB_ODIR_FLAG_WILDCARDS 0x0001
1219 #define SMB_ODIR_FLAG_IGNORE_CASE 0x0002
1220 #define SMB_ODIR_FLAG_XATTR 0x0004
1221 #define SMB_ODIR_FLAG_EDIRENT 0x0008
1222 #define SMB_ODIR_FLAG_CATIA 0x0010
1223 #define SMB_ODIR_FLAG_ABE 0x0020
1224 #define SMB_ODIR_FLAG_SHORTNAMES 0x0040
1225
1226 typedef enum {
1227 SMB_ODIR_STATE_OPEN = 0,
1228 SMB_ODIR_STATE_IN_USE,
1229 SMB_ODIR_STATE_CLOSING,
1230 SMB_ODIR_STATE_CLOSED,
1231 SMB_ODIR_STATE_SENTINEL
1232 } smb_odir_state_t;
1233
1234 typedef enum {
1235 SMB_ODIR_RESUME_CONT,
1236 SMB_ODIR_RESUME_IDX,
1237 SMB_ODIR_RESUME_COOKIE,
1238 SMB_ODIR_RESUME_FNAME
1239 } smb_odir_resume_type_t;
1240
1241 typedef struct smb_odir_resume {
1242 smb_odir_resume_type_t or_type;
1243 int or_idx;
1244 uint32_t or_cookie;
1245 char *or_fname;
1246 } smb_odir_resume_t;
1247
1248 /*
1249 * Flags used when opening an odir
1250 */
1251 #define SMB_ODIR_OPENF_BACKUP_INTENT 0x01
1252
1253 typedef struct smb_odir {
1254 list_node_t d_lnd;
1255 uint32_t d_magic;
1256 kmutex_t d_mutex;
1257 smb_odir_state_t d_state;
1258 smb_session_t *d_session;
1259 smb_user_t *d_user;
1260 smb_tree_t *d_tree;
1261 smb_node_t *d_dnode;
1262 cred_t *d_cred;
1263 uint32_t d_opened_by_pid;
1264 uint16_t d_odid;
1265 uint16_t d_sattr;
1266 uint32_t d_refcnt;
1267 uint32_t d_flags;
1268 boolean_t d_eof;
1269 int d_bufsize;
1270 uint64_t d_offset;
1271 union {
1272 char *u_bufptr;
1273 struct edirent *u_edp;
1274 struct dirent64 *u_dp;
1275 } d_u;
1276 uint32_t d_last_cookie;
1277 uint32_t d_cookies[SMB_MAX_SEARCH];
1278 char d_pattern[MAXNAMELEN];
1279 char d_buf[SMB_ODIR_BUFSIZE];
1280 char d_last_name[MAXNAMELEN];
1281 } smb_odir_t;
1282 #define d_bufptr d_u.u_bufptr
1283 #define d_edp d_u.u_edp
1284 #define d_dp d_u.u_dp
1285
1286 typedef struct smb_odirent {
1287 char od_name[MAXNAMELEN]; /* on disk name */
1288 ino64_t od_ino;
1289 uint32_t od_eflags;
1290 } smb_odirent_t;
1291
1292 #define SMB_OPIPE_MAGIC 0x50495045 /* 'PIPE' */
1293 #define SMB_OPIPE_VALID(p) \
1294 ASSERT(((p) != NULL) && (p)->p_magic == SMB_OPIPE_MAGIC)
1295 #define SMB_OPIPE_MAXNAME 32
1296
1297 /*
1298 * Data structure for SMB_FTYPE_MESG_PIPE ofiles, which is used
1299 * at the interface between SMB and NDR RPC.
1300 */
1301 typedef struct smb_opipe {
1302 uint32_t p_magic;
1303 kmutex_t p_mutex;
1304 kcondvar_t p_cv;
1305 struct smb_ofile *p_ofile;
1306 struct smb_server *p_server;
1307 uint32_t p_refcnt;
1308 ksocket_t p_socket;
1309 /* This is the "flat" name, without path prefix */
1310 char p_name[SMB_OPIPE_MAXNAME];
1311 } smb_opipe_t;
1312
1313 /*
1314 * The of_ftype of an open file should contain the SMB_FTYPE value
1315 * returned when the file/pipe was opened. The following
1316 * assumptions are currently made:
1317 *
1318 * File Type Node PipeInfo
1319 * --------- -------- --------
1320 * SMB_FTYPE_DISK Valid Null
1321 * SMB_FTYPE_BYTE_PIPE Undefined Undefined
1322 * SMB_FTYPE_MESG_PIPE Null Valid
1323 * SMB_FTYPE_PRINTER Undefined Undefined
1324 * SMB_FTYPE_UNKNOWN Undefined Undefined
1325 */
1326
1327 /*
1328 * Some flags for ofile structure
1329 *
1330 * SMB_OFLAGS_SET_DELETE_ON_CLOSE
1331 * Set this flag when the corresponding open operation whose
1332 * DELETE_ON_CLOSE bit of the CreateOptions is set. If any
1333 * open file instance has this bit set, the NODE_FLAGS_DELETE_ON_CLOSE
1334 * will be set for the file node upon close.
1335 */
1336
1337 /* SMB_OFLAGS_READONLY 0x0001 (obsolete) */
1338 #define SMB_OFLAGS_EXECONLY 0x0002
1339 #define SMB_OFLAGS_SET_DELETE_ON_CLOSE 0x0004
1340 #define SMB_OFLAGS_LLF_POS_VALID 0x0008
1341
1342 #define SMB_OFILE_MAGIC 0x4F464C45 /* 'OFLE' */
1343 #define SMB_OFILE_VALID(p) \
1344 ASSERT((p != NULL) && ((p)->f_magic == SMB_OFILE_MAGIC))
1345
1346 /*
1347 * This is the size of the per-handle "Lock Sequence" array.
1348 * See LockSequenceIndex in [MS-SMB2] 2.2.26, and smb2_lock.c
1349 */
1350 #define SMB_OFILE_LSEQ_MAX 64
1351
1352 /* {arg_open,ofile}->dh_vers values */
1353 typedef enum {
1354 SMB2_NOT_DURABLE = 0,
1355 SMB2_DURABLE_V1,
1356 SMB2_DURABLE_V2,
1357 SMB2_RESILIENT,
1358 } smb_dh_vers_t;
1359
1360 /*
1361 * See the long "Ofile State Machine" comment in smb_ofile.c
1362 */
1363 typedef enum {
1364 SMB_OFILE_STATE_ALLOC = 0,
1365 SMB_OFILE_STATE_OPEN,
1366 SMB_OFILE_STATE_SAVE_DH,
1367 SMB_OFILE_STATE_SAVING,
1368 SMB_OFILE_STATE_CLOSING,
1369 SMB_OFILE_STATE_CLOSED,
1370 SMB_OFILE_STATE_ORPHANED,
1371 SMB_OFILE_STATE_RECONNECT,
1372 SMB_OFILE_STATE_EXPIRED,
1373 SMB_OFILE_STATE_SENTINEL
1374 } smb_ofile_state_t;
1375
1376 typedef struct smb_ofile {
1377 list_node_t f_tree_lnd; /* t_ofile_list */
1378 list_node_t f_node_lnd; /* n_ofile_list */
1379 list_node_t f_dh_lnd; /* sv_persistid_ht */
1380 uint32_t f_magic;
1381 kmutex_t f_mutex;
1382 smb_ofile_state_t f_state;
1383
1384 struct smb_server *f_server;
1385 smb_session_t *f_session;
1386 smb_user_t *f_user;
1387 smb_tree_t *f_tree;
1388 smb_node_t *f_node;
1389 smb_odir_t *f_odir;
1390 smb_opipe_t *f_pipe;
1391
1392 kcondvar_t f_cv;
1393 /*
1394 * Note: f_persistid == 0 means this ofile has no persistid
1395 * (same interpretation at the protocol level). IFF non-zero,
1396 * this ofile is linked in the sv_persistid_ht hash table.
1397 */
1398 uint64_t f_persistid;
1399 uint32_t f_uniqid;
1400 uint32_t f_refcnt;
1401 uint64_t f_seek_pos;
1402 uint32_t f_flags;
1403 uint32_t f_granted_access;
1404 uint32_t f_share_access;
1405 uint32_t f_create_options;
1406 uint32_t f_opened_by_pid;
1407 uint16_t f_fid;
1408 uint16_t f_ftype;
1409 uint64_t f_llf_pos;
1410 int f_mode;
1411 cred_t *f_cr;
1412 pid_t f_pid;
1413 smb_attr_t f_pending_attr;
1414 boolean_t f_written;
1415 smb_oplock_grant_t f_oplock;
1416 uint8_t TargetOplockKey[SMB_LEASE_KEY_SZ];
1417 uint8_t ParentOplockKey[SMB_LEASE_KEY_SZ];
1418 struct smb_lease *f_lease;
1419
1420 smb_notify_t f_notify;
1421
1422 smb_dh_vers_t dh_vers;
1423 hrtime_t dh_timeout_offset; /* time offset for timeout */
1424 hrtime_t dh_expire_time; /* time the handle expires */
1425 boolean_t dh_persist;
1426 kmutex_t dh_nvlock;
1427 struct nvlist *dh_nvlist;
1428 smb_node_t *dh_nvfile;
1429
1430 uint8_t dh_create_guid[16];
1431 char f_quota_resume[SMB_SID_STRSZ];
1432 uint8_t f_lock_seq[SMB_OFILE_LSEQ_MAX];
1433 } smb_ofile_t;
1434
1435 typedef struct smb_fileinfo {
1436 char fi_name[MAXNAMELEN];
1437 char fi_shortname[SMB_SHORTNAMELEN];
1438 uint32_t fi_cookie; /* Dir offset (of next entry) */
1439 uint32_t fi_dosattr; /* DOS attributes */
1440 uint64_t fi_nodeid; /* file system node id */
1441 uint64_t fi_size; /* file size in bytes */
1442 uint64_t fi_alloc_size; /* allocation size in bytes */
1443 timestruc_t fi_atime; /* last access */
1444 timestruc_t fi_mtime; /* last modification */
1445 timestruc_t fi_ctime; /* last status change */
1446 timestruc_t fi_crtime; /* file creation */
1447 } smb_fileinfo_t;
1448
1449 typedef struct smb_streaminfo {
1450 uint64_t si_size;
1451 uint64_t si_alloc_size;
1452 char si_name[MAXPATHLEN];
1453 } smb_streaminfo_t;
1454
1455 #define SMB_LOCK_MAGIC 0x4C4F434B /* 'LOCK' */
1456
1457 typedef struct smb_lock {
1458 list_node_t l_lnd;
1459 uint32_t l_magic;
1460 kmutex_t l_mutex;
1461 kcondvar_t l_cv;
1462
1463 smb_ofile_t *l_file;
1464
1465 struct smb_lock *l_blocked_by; /* Debug info only */
1466
1467 uint32_t l_conflicts;
1468 uint32_t l_flags;
1469 uint32_t l_pid;
1470 uint32_t l_type;
1471 uint64_t l_start;
1472 uint64_t l_length;
1473 clock_t l_end_time;
1474 } smb_lock_t;
1475
1476 #define SMB_LOCK_FLAG_INDEFINITE 0x0004
1477 #define SMB_LOCK_FLAG_CLOSED 0x0008
1478 #define SMB_LOCK_FLAG_CANCELLED 0x0010
1479
1480 #define SMB_LOCK_TYPE_READWRITE 101
1481 #define SMB_LOCK_TYPE_READONLY 102
1482
1483 typedef struct vardata_block {
1484 uint8_t vdb_tag;
1485 uint32_t vdb_len;
1486 struct uio vdb_uio;
1487 struct iovec vdb_iovec[MAX_IOVEC];
1488 } smb_vdb_t;
1489
1490 #define SMB_WRMODE_WRITE_THRU 0x0001
1491 #define SMB_WRMODE_IS_STABLE(M) ((M) & SMB_WRMODE_WRITE_THRU)
1492
1493 #define SMB_RW_MAGIC 0x52445257 /* 'RDRW' */
1494
1495 typedef struct smb_rw_param {
1496 uint32_t rw_magic;
1497 smb_vdb_t rw_vdb;
1498 uint64_t rw_offset;
1499 uint32_t rw_last_write;
1500 uint16_t rw_mode;
1501 uint32_t rw_count; /* bytes in this request */
1502 uint16_t rw_mincnt;
1503 uint32_t rw_total; /* total bytes (write-raw) */
1504 uint16_t rw_dsoff; /* SMB data offset */
1505 uint8_t rw_andx; /* SMB secondary andx command */
1506 } smb_rw_param_t;
1507
1508 typedef struct smb_pathname {
1509 char *pn_path;
1510 char *pn_pname;
1511 char *pn_fname;
1512 char *pn_sname;
1513 char *pn_stype;
1514 } smb_pathname_t;
1515
1516 /*
1517 * fs_query_info
1518 */
1519 typedef struct smb_fqi {
1520 smb_pathname_t fq_path;
1521 uint16_t fq_sattr;
1522 smb_node_t *fq_dnode;
1523 smb_node_t *fq_fnode;
1524 smb_attr_t fq_fattr;
1525 char fq_last_comp[MAXNAMELEN];
1526 } smb_fqi_t;
1527
1528 typedef struct dirop {
1529 smb_fqi_t fqi;
1530 smb_fqi_t dst_fqi;
1531 uint16_t info_level;
1532 uint16_t flags;
1533 } smb_arg_dirop_t;
1534
1535 typedef struct smb_queryinfo {
1536 smb_node_t *qi_node; /* NULL for pipes */
1537 uint8_t qi_InfoType;
1538 uint8_t qi_InfoClass;
1539 uint8_t qi_delete_on_close;
1540 uint8_t qi_isdir;
1541 uint32_t qi_AddlInfo;
1542 uint32_t qi_Flags;
1543 mbuf_chain_t in_data;
1544 smb_attr_t qi_attr;
1545 uint32_t qi_namelen;
1546 char qi_shortname[SMB_SHORTNAMELEN];
1547 char qi_name[MAXPATHLEN];
1548 } smb_queryinfo_t;
1549
1550 typedef struct smb_setinfo {
1551 smb_node_t *si_node;
1552 mbuf_chain_t si_data;
1553 smb_attr_t si_attr;
1554 } smb_setinfo_t;
1555
1556 /*
1557 * smb_fssize_t
1558 * volume_units and volume avail are the total allocated and
1559 * available units on the volume.
1560 * caller_units and caller_avail are the allocated and available
1561 * units on the volume for the user associated with the calling
1562 * thread.
1563 */
1564 typedef struct smb_fssize {
1565 uint64_t fs_volume_units;
1566 uint64_t fs_volume_avail;
1567 uint64_t fs_caller_units;
1568 uint64_t fs_caller_avail;
1569 uint32_t fs_sectors_per_unit;
1570 uint32_t fs_bytes_per_sector;
1571 } smb_fssize_t;
1572
1573 /*
1574 * SMB FsCtl operations (SMB2 Ioctl, and some SMB1 trans calls)
1575 */
1576 typedef struct {
1577 uint32_t CtlCode;
1578 uint32_t InputCount;
1579 uint32_t OutputCount;
1580 uint32_t MaxOutputResp;
1581 mbuf_chain_t *in_mbc;
1582 mbuf_chain_t *out_mbc;
1583 } smb_fsctl_t;
1584
1585 typedef struct {
1586 uint64_t persistent;
1587 uint64_t temporal;
1588 } smb2fid_t;
1589
1590 typedef struct {
1591 uint32_t status;
1592 uint16_t errcls;
1593 uint16_t errcode;
1594 } smb_error_t;
1595
1596 typedef struct open_param {
1597 smb_fqi_t fqi;
1598 uint16_t omode;
1599 uint16_t ofun;
1600 uint32_t nt_flags;
1601 uint32_t timeo;
1602 uint32_t dattr;
1603 timestruc_t crtime;
1604 timestruc_t mtime;
1605 timestruc_t timewarp;
1606 /*
1607 * Careful: dsize is the desired (allocation) size before the
1608 * common open function, and the actual size afterwards.
1609 */
1610 uint64_t dsize; /* alloc size, actual size */
1611 uint32_t desired_access;
1612 uint32_t maximum_access;
1613 uint32_t share_access;
1614 uint32_t create_options;
1615 uint32_t create_disposition;
1616 boolean_t create_timewarp;
1617 boolean_t created_readonly;
1618 uint32_t ftype;
1619 uint32_t devstate;
1620 uint32_t action_taken;
1621 uint64_t fileid;
1622 uint32_t rootdirfid;
1623 fsid_t op_fsid;
1624 smb_ofile_t *dir;
1625 smb_opipe_t *pipe; /* for smb_opipe_open */
1626 struct smb_sd *sd; /* for NTTransactCreate */
1627 void *create_ctx;
1628
1629 uint8_t op_oplock_level; /* requested/granted level */
1630 uint32_t op_oplock_state; /* internal type+level */
1631 uint32_t lease_state; /* SMB2_LEASE_... */
1632 uint32_t lease_flags;
1633 uint16_t lease_epoch;
1634 uint16_t lease_version; /* 1 or 2 */
1635 uint8_t lease_key[SMB_LEASE_KEY_SZ]; /* from client */
1636 uint8_t parent_lease_key[SMB_LEASE_KEY_SZ]; /* for V2 */
1637
1638 smb_dh_vers_t dh_vers;
1639 smb2fid_t dh_fileid; /* for durable reconnect */
1640 uint8_t create_guid[16];
1641 uint32_t dh_v2_flags;
1642 uint32_t dh_timeout;
1643 } smb_arg_open_t;
1644
1645 typedef struct smb_arg_lock {
1646 void *lvec;
1647 uint32_t lcnt;
1648 uint32_t lseq;
1649 } smb_arg_lock_t;
1650
1651 typedef struct smb_arg_olbrk {
1652 uint32_t NewLevel;
1653 boolean_t AckRequired;
1654 } smb_arg_olbrk_t;
1655
1656 /*
1657 * SMB Request State Machine
1658 * -------------------------
1659 *
1660 * T4 +------+ T0
1661 * +--------------------------->| FREE |---------------------------+
1662 * | +------+ |
1663 * +-----------+ |
1664 * | COMPLETED | |
1665 * +-----------+
1666 * ^ |
1667 * | T15 +-----------+ v
1668 * +------------+ T6 | | +--------------+
1669 * | CLEANED_UP |<-----------------| CANCELLED | | INITIALIZING |
1670 * +------------+ | | +--------------+
1671 * | ^ +-----------+ |
1672 * | | ^ ^ ^ ^ |
1673 * | | +-------------+ | | | |
1674 * | | T3 | | | | T13 | T1
1675 * | +-------------------------+ | | +----------------------+ |
1676 * +----------------------------+ | | | | |
1677 * T16 | | | | +-----------+ | |
1678 * | \/ | | T5 | | v
1679 * +-----------------+ | T12 +--------+ | T2 +-----------+
1680 * | EVENT_OCCURRED |------------->| ACTIVE |<--------------------| SUBMITTED |
1681 * +-----------------+ | +--------+ | +-----------+
1682 * ^ | | ^ | |
1683 * | | T8 | | | T7 |
1684 * | T10 T9 | +----------+ | +-------+ | T11
1685 * | | | +-------+ | |
1686 * | | | T14 | | |
1687 * | | v | v |
1688 * +----------------------+ +--------------+
1689 * | WAITING_EVENT | | WAITING_LOCK |
1690 * +----------------------+ +--------------+
1691 *
1692 *
1693 *
1694 *
1695 *
1696 * Transition T0
1697 *
1698 * This transition occurs when the request is allocated and is still under the
1699 * control of the session thread.
1700 *
1701 * Transition T1
1702 *
1703 * This transition occurs when the session thread dispatches a task to treat the
1704 * request.
1705 *
1706 * Transition T2
1707 *
1708 *
1709 *
1710 * Transition T3
1711 *
1712 * A request completes and smbsr_cleanup is called to release resources
1713 * associated with the request (but not the smb_request_t itself). This
1714 * includes references on smb_ofile_t, smb_node_t, and other structures.
1715 * CLEANED_UP state exists to detect if we attempt to cleanup a request
1716 * multiple times and to allow us to detect that we are accessing a
1717 * request that has already been cleaned up.
1718 *
1719 * Transition T4
1720 *
1721 *
1722 *
1723 * Transition T5
1724 *
1725 *
1726 *
1727 * Transition T6
1728 *
1729 *
1730 *
1731 * Transition T7
1732 *
1733 *
1734 *
1735 * Transition T8
1736 *
1737 *
1738 *
1739 * Transition T9
1740 *
1741 *
1742 *
1743 * Transition T10
1744 *
1745 *
1746 *
1747 * Transition T11
1748 *
1749 *
1750 *
1751 * Transition T12
1752 *
1753 *
1754 *
1755 * Transition T13
1756 *
1757 *
1758 *
1759 * Transition T14
1760 *
1761 *
1762 *
1763 * Transition T15
1764 *
1765 * Request processing is completed (control returns from smb_dispatch)
1766 *
1767 * Transition T16
1768 *
1769 * Multipart (andx) request was cleaned up with smbsr_cleanup but more "andx"
1770 * sections remain to be processed.
1771 *
1772 */
1773
1774 #define SMB_REQ_MAGIC 0x534D4252 /* 'SMBR' */
1775 #define SMB_REQ_VALID(p) ASSERT((p)->sr_magic == SMB_REQ_MAGIC)
1776
1777 typedef enum smb_req_state {
1778 SMB_REQ_STATE_FREE = 0,
1779 SMB_REQ_STATE_INITIALIZING,
1780 SMB_REQ_STATE_SUBMITTED,
1781 SMB_REQ_STATE_ACTIVE,
1782 SMB_REQ_STATE_WAITING_AUTH,
1783 SMB_REQ_STATE_WAITING_FCN1,
1784 SMB_REQ_STATE_WAITING_FCN2,
1785 SMB_REQ_STATE_WAITING_LOCK,
1786 SMB_REQ_STATE_WAITING_PIPE,
1787 SMB_REQ_STATE_COMPLETED,
1788 SMB_REQ_STATE_CANCEL_PENDING,
1789 SMB_REQ_STATE_CANCELLED,
1790 SMB_REQ_STATE_CLEANED_UP,
1791 SMB_REQ_STATE_SENTINEL
1792 } smb_req_state_t;
1793
1794 typedef struct smb_request {
1795 list_node_t sr_session_lnd;
1796 uint32_t sr_magic;
1797 kmutex_t sr_mutex;
1798 smb_req_state_t sr_state;
1799 struct smb_server *sr_server;
1800 pid_t *sr_pid;
1801 int32_t sr_gmtoff;
1802 smb_session_t *session;
1803 smb_kmod_cfg_t *sr_cfg;
1804 void (*cancel_method)(struct smb_request *);
1805 void *cancel_arg2;
1806
1807 /* Queue used by smb_request_append_postwork. */
1808 struct smb_request *sr_postwork;
1809
1810 list_node_t sr_waiters; /* smb_notify.c */
1811
1812 /* Info from session service header */
1813 uint32_t sr_req_length; /* Excluding NBT header */
1814
1815 /* Request buffer excluding NBT header */
1816 void *sr_request_buf;
1817
1818 struct mbuf_chain command;
1819 struct mbuf_chain reply;
1820 struct mbuf_chain raw_data;
1821 list_t sr_storage;
1822 struct smb_xa *r_xa;
1823 int andx_prev_wct;
1824 int cur_reply_offset;
1825 int orig_request_hdr;
1826 unsigned int reply_seqnum; /* reply sequence number */
1827 unsigned char first_smb_com; /* command code */
1828 unsigned char smb_com; /* command code */
1829
1830 uint8_t smb_rcls; /* error code class */
1831 uint8_t smb_reh; /* rsvd (AH DOS INT-24 ERR) */
1832 uint16_t smb_err; /* error code */
1833 smb_error_t smb_error;
1834
1835 uint8_t smb_flg; /* flags */
1836 uint16_t smb_flg2; /* flags */
1837 unsigned char smb_sig[8]; /* signiture */
1838 uint16_t smb_tid; /* tree id # */
1839 uint32_t smb_pid; /* caller's process id # */
1840 uint16_t smb_uid; /* local (smb1) user id # */
1841 uint16_t smb_mid; /* mutiplex id # */
1842 unsigned char smb_wct; /* count of parameter words */
1843 uint16_t smb_bcc; /* data byte count */
1844
1845 /*
1846 * Beginning offsets (in the mbuf chain) for the
1847 * command and reply headers, and the next reply.
1848 */
1849 uint32_t smb2_cmd_hdr;
1850 uint32_t smb2_reply_hdr;
1851 uint32_t smb2_next_reply;
1852
1853 /*
1854 * SMB2 header fields. [MS-SMB2 2.2.1.2]
1855 * XXX: Later do a union w smb1 members
1856 */
1857 uint16_t smb2_credit_charge;
1858 uint16_t smb2_chan_seq; /* cmd only */
1859 uint32_t smb2_status;
1860 uint16_t smb2_cmd_code;
1861 uint16_t smb2_credit_request;
1862 uint16_t smb2_credit_response;
1863 uint16_t smb2_total_credits; /* in compound */
1864 uint32_t smb2_hdr_flags;
1865 uint32_t smb2_next_command;
1866 uint64_t smb2_messageid;
1867 uint64_t smb2_first_msgid;
1868 /* uint32_t smb2_pid; use smb_pid */
1869 /* uint32_t smb2_tid; use smb_tid */
1870 uint64_t smb2_ssnid; /* See u_ssnid */
1871 uint8_t smb2_sig[16]; /* signature */
1872
1873 /*
1874 * SMB3 transform header fields. [MS-SMB2 2.2.41]
1875 */
1876 uint64_t smb3_tform_ssnid;
1877 smb_user_t *tform_ssn;
1878 uint32_t msgsize;
1879 uint8_t nonce[16];
1880
1881 boolean_t encrypted;
1882 boolean_t dh_nvl_dirty;
1883
1884 boolean_t smb2_async;
1885 uint64_t smb2_async_id;
1886 /* Parameters */
1887 struct mbuf_chain smb_vwv; /* variable width value */
1888
1889 /* Data */
1890 struct mbuf_chain smb_data;
1891
1892 uint16_t smb_fid; /* not in hdr, but common */
1893
1894 unsigned char andx_com;
1895 uint16_t andx_off;
1896
1897 struct smb_tree *tid_tree;
1898 struct smb_ofile *fid_ofile;
1899 smb_user_t *uid_user;
1900
1901 cred_t *user_cr;
1902 kthread_t *sr_worker;
1903 hrtime_t sr_time_submitted;
1904 hrtime_t sr_time_active;
1905 hrtime_t sr_time_start;
1906 int32_t sr_txb;
1907 uint32_t sr_seqnum;
1908
1909 union {
1910 smb_arg_negotiate_t *negprot;
1911 smb_arg_sessionsetup_t *ssetup;
1912 smb_arg_tcon_t tcon;
1913 smb_arg_dirop_t dirop;
1914 smb_arg_open_t open;
1915 smb_arg_lock_t lock;
1916 smb_arg_olbrk_t olbrk; /* for async oplock break */
1917 smb_rw_param_t *rw;
1918 int32_t timestamp;
1919 void *other;
1920 } arg;
1921 } smb_request_t;
1922
1923 #define sr_ssetup arg.ssetup
1924 #define sr_negprot arg.negprot
1925 #define sr_tcon arg.tcon
1926 #define sr_dirop arg.dirop
1927 #define sr_open arg.open
1928 #define sr_rw arg.rw
1929 #define sr_timestamp arg.timestamp
1930
1931 #define SMB_READ_PROTOCOL(hdr) \
1932 LE_IN32(((smb_hdr_t *)(hdr))->protocol)
1933
1934 #define SMB_PROTOCOL_MAGIC_INVALID(rd_sr) \
1935 (SMB_READ_PROTOCOL((rd_sr)->sr_request_buf) != SMB_PROTOCOL_MAGIC)
1936
1937 #define SMB_READ_COMMAND(hdr) \
1938 (((smb_hdr_t *)(hdr))->command)
1939
1940 #define SMB_IS_NT_CANCEL(rd_sr) \
1941 (SMB_READ_COMMAND((rd_sr)->sr_request_buf) == SMB_COM_NT_CANCEL)
1942
1943 #define SMB_IS_SESSION_SETUP_ANDX(rd_sr) \
1944 (SMB_READ_COMMAND((rd_sr)->sr_request_buf) == \
1945 SMB_COM_SESSION_SETUP_ANDX)
1946
1947 #define SMB_IS_NT_NEGOTIATE(rd_sr) \
1948 (SMB_READ_COMMAND((rd_sr)->sr_request_buf) == SMB_COM_NEGOTIATE)
1949
1950 #define SMB_IS_TREE_CONNECT_ANDX(rd_sr) \
1951 (SMB_READ_COMMAND((rd_sr)->sr_request_buf) == SMB_COM_TREE_CONNECT_ANDX)
1952
1953 #define SMB_XA_FLAG_OPEN 0x0001
1954 #define SMB_XA_FLAG_CLOSE 0x0002
1955 #define SMB_XA_FLAG_COMPLETE 0x0004
1956 #define SMB_XA_CLOSED(xa) (!((xa)->xa_flags & SMB_XA_FLAG_OPEN))
1957
1958 #define SMB_XA_MAGIC 0x534D4258 /* 'SMBX' */
1959
1960 typedef struct smb_xa {
1961 list_node_t xa_lnd;
1962 uint32_t xa_magic;
1963 kmutex_t xa_mutex;
1964
1965 uint32_t xa_refcnt;
1966 uint32_t xa_flags;
1967
1968 struct smb_session *xa_session;
1969
1970 unsigned char smb_com; /* which TRANS type */
1971 unsigned char smb_flg; /* flags */
1972 uint16_t smb_flg2; /* flags */
1973 uint16_t smb_tid; /* tree id number */
1974 uint32_t smb_pid; /* caller's process id */
1975 uint16_t smb_uid; /* user id number */
1976 uint32_t smb_func; /* NT_TRANS function */
1977
1978 uint16_t xa_smb_mid; /* mutiplex id number */
1979 uint16_t xa_smb_fid; /* TRANS2 secondary */
1980
1981 unsigned int reply_seqnum; /* reply sequence number */
1982
1983 uint32_t smb_tpscnt; /* total parameter bytes being sent */
1984 uint32_t smb_tdscnt; /* total data bytes being sent */
1985 uint32_t smb_mprcnt; /* max parameter bytes to return */
1986 uint32_t smb_mdrcnt; /* max data bytes to return */
1987 uint32_t smb_msrcnt; /* max setup words to return */
1988 uint32_t smb_flags; /* additional information: */
1989 /* bit 0 - if set, disconnect TID in smb_tid */
1990 /* bit 1 - if set, transaction is one way */
1991 /* (no final response) */
1992 int32_t smb_timeout; /* number of milliseconds to await completion */
1993 uint32_t smb_suwcnt; /* set up word count */
1994
1995 char *xa_pipe_name;
1996
1997 /*
1998 * These are the param and data count received so far,
1999 * used to decide if the whole trans is here yet.
2000 */
2001 int req_disp_param;
2002 int req_disp_data;
2003
2004 struct mbuf_chain req_setup_mb;
2005 struct mbuf_chain req_param_mb;
2006 struct mbuf_chain req_data_mb;
2007
2008 struct mbuf_chain rep_setup_mb;
2009 struct mbuf_chain rep_param_mb;
2010 struct mbuf_chain rep_data_mb;
2011 } smb_xa_t;
2012
2013
2014 #define SDDF_NO_FLAGS 0
2015 #define SDDF_SUPPRESS_TID 0x0001
2016 #define SDDF_SUPPRESS_UID 0x0002
2017
2018 /*
2019 * SMB dispatch return codes.
2020 */
2021 typedef enum {
2022 SDRC_SUCCESS = 0,
2023 SDRC_ERROR,
2024 SDRC_DROP_VC,
2025 SDRC_NO_REPLY,
2026 SDRC_SR_KEPT,
2027 SDRC_NOT_IMPLEMENTED
2028 } smb_sdrc_t;
2029
2030 #define VAR_BCC ((short)-1)
2031
2032 #define SMB_SERVER_MAGIC 0x53534552 /* 'SSER' */
2033 #define SMB_SERVER_VALID(s) \
2034 ASSERT(((s) != NULL) && ((s)->sv_magic == SMB_SERVER_MAGIC))
2035
2036 #define SMB_LISTENER_MAGIC 0x4C53544E /* 'LSTN' */
2037 #define SMB_LISTENER_VALID(ld) \
2038 ASSERT(((ld) != NULL) && ((ld)->ld_magic == SMB_LISTENER_MAGIC))
2039
2040 typedef struct {
2041 uint32_t ld_magic;
2042 struct smb_server *ld_sv;
2043 smb_thread_t ld_thread;
2044 ksocket_t ld_so;
2045 in_port_t ld_port;
2046 int ld_family;
2047 struct sockaddr_in ld_sin;
2048 struct sockaddr_in6 ld_sin6;
2049 } smb_listener_daemon_t;
2050
2051 #define SMB_SSETUP_CMD "authentication"
2052 #define SMB_TCON_CMD "share mapping"
2053 #define SMB_OPIPE_CMD "pipe open"
2054 #define SMB_THRESHOLD_REPORT_THROTTLE 50
2055 typedef struct smb_cmd_threshold {
2056 char *ct_cmd;
2057 kmutex_t ct_mutex;
2058 volatile uint32_t ct_active_cnt;
2059 volatile uint32_t ct_blocked_cnt;
2060 uint32_t ct_threshold;
2061 uint32_t ct_timeout; /* milliseconds */
2062 kcondvar_t ct_cond;
2063 } smb_cmd_threshold_t;
2064
2065 typedef struct {
2066 kstat_named_t ls_files;
2067 kstat_named_t ls_trees;
2068 kstat_named_t ls_users;
2069 } smb_server_legacy_kstat_t;
2070
2071 typedef enum smb_server_state {
2072 SMB_SERVER_STATE_CREATED = 0,
2073 SMB_SERVER_STATE_CONFIGURED,
2074 SMB_SERVER_STATE_RUNNING,
2075 SMB_SERVER_STATE_STOPPING,
2076 SMB_SERVER_STATE_DELETING,
2077 SMB_SERVER_STATE_SENTINEL
2078 } smb_server_state_t;
2079
2080 typedef struct {
2081 /* protected by sv_mutex */
2082 kcondvar_t sp_cv;
2083 uint32_t sp_cnt;
2084 smb_llist_t sp_list;
2085 smb_llist_t sp_fidlist;
2086 } smb_spool_t;
2087
2088 #define SMB_SERVER_STATE_VALID(S) \
2089 ASSERT(((S) == SMB_SERVER_STATE_CREATED) || \
2090 ((S) == SMB_SERVER_STATE_CONFIGURED) || \
2091 ((S) == SMB_SERVER_STATE_RUNNING) || \
2092 ((S) == SMB_SERVER_STATE_STOPPING) || \
2093 ((S) == SMB_SERVER_STATE_DELETING))
2094
2095 typedef struct smb_server {
2096 list_node_t sv_lnd;
2097 uint32_t sv_magic;
2098 kcondvar_t sv_cv;
2099 kmutex_t sv_mutex;
2100 smb_server_state_t sv_state;
2101 uint32_t sv_refcnt;
2102 pid_t sv_pid;
2103 zoneid_t sv_zid;
2104 smb_listener_daemon_t sv_nbt_daemon;
2105 smb_listener_daemon_t sv_tcp_daemon;
2106 krwlock_t sv_cfg_lock;
2107 smb_kmod_cfg_t sv_cfg;
2108 smb_session_t *sv_session;
2109 smb_user_t *sv_rootuser;
2110 smb_llist_t sv_session_list;
2111 smb_hash_t *sv_persistid_ht;
2112 smb_hash_t *sv_lease_ht;
2113
2114 smb_export_t sv_export;
2115 struct __door_handle *sv_lmshrd;
2116
2117 /* Internal door for up-calls to smbd */
2118 struct __door_handle *sv_kdoor_hd;
2119 int sv_kdoor_id; /* init -1 */
2120 uint64_t sv_kdoor_ncall;
2121 kmutex_t sv_kdoor_mutex;
2122 kcondvar_t sv_kdoor_cv;
2123
2124 int32_t si_gmtoff;
2125
2126 smb_thread_t si_thread_timers;
2127
2128 taskq_t *sv_worker_pool;
2129 taskq_t *sv_receiver_pool;
2130
2131 smb_node_t *si_root_smb_node;
2132 smb_llist_t sv_opipe_list;
2133 smb_llist_t sv_event_list;
2134
2135 /* Statistics */
2136 hrtime_t sv_start_time;
2137 kstat_t *sv_ksp;
2138 volatile uint32_t sv_nbt_sess;
2139 volatile uint32_t sv_tcp_sess;
2140 volatile uint32_t sv_users;
2141 volatile uint32_t sv_trees;
2142 volatile uint32_t sv_files;
2143 volatile uint32_t sv_pipes;
2144 volatile uint64_t sv_txb;
2145 volatile uint64_t sv_rxb;
2146 volatile uint64_t sv_nreq;
2147 smb_srqueue_t sv_srqueue;
2148 smb_spool_t sp_info;
2149 smb_cmd_threshold_t sv_ssetup_ct;
2150 smb_cmd_threshold_t sv_tcon_ct;
2151 smb_cmd_threshold_t sv_opipe_ct;
2152 kstat_t *sv_legacy_ksp;
2153 kmutex_t sv_legacy_ksmtx;
2154 smb_disp_stats_t *sv_disp_stats1;
2155 smb_disp_stats_t *sv_disp_stats2;
2156 } smb_server_t;
2157
2158 #define SMB_EVENT_MAGIC 0x45564E54 /* EVNT */
2159 #define SMB_EVENT_TIMEOUT 45 /* seconds */
2160 #define SMB_EVENT_VALID(e) \
2161 ASSERT(((e) != NULL) && ((e)->se_magic == SMB_EVENT_MAGIC))
2162 typedef struct smb_event {
2163 list_node_t se_lnd;
2164 uint32_t se_magic;
2165 kmutex_t se_mutex;
2166 kcondvar_t se_cv;
2167 smb_server_t *se_server;
2168 uint32_t se_txid;
2169 boolean_t se_notified;
2170 int se_waittime;
2171 int se_timeout;
2172 int se_errno;
2173 } smb_event_t;
2174
2175 typedef struct smb_kspooldoc {
2176 list_node_t sd_lnd;
2177 uint32_t sd_magic;
2178 smb_inaddr_t sd_ipaddr;
2179 uint32_t sd_spool_num;
2180 uint16_t sd_fid;
2181 char sd_username[MAXNAMELEN];
2182 char sd_path[MAXPATHLEN];
2183 } smb_kspooldoc_t;
2184
2185 typedef struct smb_spoolfid {
2186 list_node_t sf_lnd;
2187 uint32_t sf_magic;
2188 uint16_t sf_fid;
2189 } smb_spoolfid_t;
2190
2191 #define SMB_INFO_NETBIOS_SESSION_SVC_RUNNING 0x0001
2192 #define SMB_INFO_NETBIOS_SESSION_SVC_FAILED 0x0002
2193 #define SMB_INFO_USER_LEVEL_SECURITY 0x40000000
2194 #define SMB_INFO_ENCRYPT_PASSWORDS 0x80000000
2195
2196 #define SMB_IS_STREAM(node) ((node)->n_unode)
2197
2198 typedef struct smb_tsd {
2199 void (*proc)();
2200 void *arg;
2201 char name[100];
2202 } smb_tsd_t;
2203
2204 typedef struct smb_disp_entry {
2205 char sdt_name[KSTAT_STRLEN];
2206 smb_sdrc_t (*sdt_pre_op)(smb_request_t *);
2207 smb_sdrc_t (*sdt_function)(smb_request_t *);
2208 void (*sdt_post_op)(smb_request_t *);
2209 uint8_t sdt_com;
2210 char sdt_dialect;
2211 uint8_t sdt_flags;
2212 } smb_disp_entry_t;
2213
2214 typedef struct smb_xlate {
2215 int code;
2216 char *str;
2217 } smb_xlate_t;
2218
2219 /*
2220 * This structure is a helper for building RAP NetShareEnum response
2221 *
2222 * es_posix_uid UID of the user requesting the shares list which
2223 * is used to detect if the user has any autohome
2224 * es_bufsize size of the response buffer
2225 * es_buf pointer to the response buffer
2226 * es_ntotal total number of shares exported by server which
2227 * their OEM names is less then 13 chars
2228 * es_nsent number of shares that can fit in the specified buffer
2229 * es_datasize actual data size (share's data) which was encoded
2230 * in the response buffer
2231 */
2232 typedef struct smb_enumshare_info {
2233 uid_t es_posix_uid;
2234 uint16_t es_bufsize;
2235 char *es_buf;
2236 uint16_t es_ntotal;
2237 uint16_t es_nsent;
2238 uint16_t es_datasize;
2239 } smb_enumshare_info_t;
2240
2241 #ifdef __cplusplus
2242 }
2243 #endif
2244
2245 #endif /* _SMBSRV_SMB_KTYPES_H */