smb_ktypes.h revision 8845:91af0d9c0790
1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26/* 27 * Structures and type definitions for the SMB module. 28 */ 29 30#ifndef _SMBSRV_SMB_KTYPES_H 31#define _SMBSRV_SMB_KTYPES_H 32 33#ifdef __cplusplus 34extern "C" { 35#endif 36 37#include <sys/note.h> 38#include <sys/systm.h> 39#include <sys/param.h> 40#include <sys/types.h> 41#include <sys/synch.h> 42#include <sys/taskq.h> 43#include <sys/socket.h> 44#include <sys/acl.h> 45#include <sys/sdt.h> 46#include <sys/stat.h> 47#include <sys/vnode.h> 48#include <sys/cred.h> 49#include <netinet/in.h> 50#include <sys/ksocket.h> 51#include <sys/fem.h> 52#include <sys/door.h> 53#include <sys/extdirent.h> 54#include <smbsrv/smb.h> 55#include <smbsrv/smbinfo.h> 56#include <smbsrv/mbuf.h> 57#include <smbsrv/smb_sid.h> 58#include <smbsrv/smb_xdr.h> 59#include <smbsrv/netbios.h> 60#include <smbsrv/smb_vops.h> 61 62struct smb_request; 63struct smb_server; 64struct smb_sd; 65 66int smb_noop(void *, size_t, int); 67 68#define SMB_AUDIT_STACK_DEPTH 16 69#define SMB_AUDIT_BUF_MAX_REC 16 70#define SMB_AUDIT_NODE 0x00000001 71 72/* 73 * Maximum number of records returned in SMBsearch, SMBfind 74 * and SMBfindunique response. Value set to 10 for compatibility 75 * with Windows. 76 */ 77#define SMB_MAX_SEARCH 10 78 79#define SMB_SEARCH_ATTRIBUTES \ 80 (FILE_ATTRIBUTE_HIDDEN | \ 81 FILE_ATTRIBUTE_SYSTEM | \ 82 FILE_ATTRIBUTE_DIRECTORY) 83 84#define SMB_SEARCH_HIDDEN(sattr) ((sattr) & FILE_ATTRIBUTE_HIDDEN) 85#define SMB_SEARCH_SYSTEM(sattr) ((sattr) & FILE_ATTRIBUTE_SYSTEM) 86#define SMB_SEARCH_DIRECTORY(sattr) ((sattr) & FILE_ATTRIBUTE_DIRECTORY) 87#define SMB_SEARCH_ALL(sattr) ((sattr) & SMB_SEARCH_ATTRIBUTES) 88 89 90extern uint32_t smb_audit_flags; 91 92typedef struct { 93 uint32_t anr_refcnt; 94 int anr_depth; 95 pc_t anr_stack[SMB_AUDIT_STACK_DEPTH]; 96} smb_audit_record_node_t; 97 98typedef struct { 99 int anb_index; 100 int anb_max_index; 101 smb_audit_record_node_t anb_records[SMB_AUDIT_BUF_MAX_REC]; 102} smb_audit_buf_node_t; 103 104#define SMB_WORKER_PRIORITY 99 105/* 106 * Thread State Machine 107 * -------------------- 108 * 109 * T5 T0 110 * smb_thread_destroy() <-------+ +------- smb_thread_init() 111 * | | 112 * | v 113 * +-----------------------------+ 114 * | SMB_THREAD_STATE_EXITED |<---+ 115 * +-----------------------------+ | 116 * | T1 | 117 * v | 118 * +-----------------------------+ | 119 * | SMB_THREAD_STATE_STARTING | | 120 * +-----------------------------+ | 121 * | T2 | T4 122 * v | 123 * +-----------------------------+ | 124 * | SMB_THREAD_STATE_RUNNING | | 125 * +-----------------------------+ | 126 * | T3 | 127 * v | 128 * +-----------------------------+ | 129 * | SMB_THREAD_STATE_EXITING |----+ 130 * +-----------------------------+ 131 * 132 * Transition T0 133 * 134 * This transition is executed in smb_thread_init(). 135 * 136 * Transition T1 137 * 138 * This transition is executed in smb_thread_start(). 139 * 140 * Transition T2 141 * 142 * This transition is executed by the thread itself when it starts running. 143 * 144 * Transition T3 145 * 146 * This transition is executed by the thread itself in 147 * smb_thread_entry_point() just before calling thread_exit(). 148 * 149 * 150 * Transition T4 151 * 152 * This transition is executed in smb_thread_stop(). 153 * 154 * Transition T5 155 * 156 * This transition is executed in smb_thread_destroy(). 157 * 158 * Comments 159 * -------- 160 * 161 * The field smb_thread_aw_t contains a function pointer that knows how to 162 * awake the thread. It is a temporary solution to work around the fact that 163 * kernel threads (not part of a userspace process) cannot be signaled. 164 */ 165typedef enum smb_thread_state { 166 SMB_THREAD_STATE_STARTING = 0, 167 SMB_THREAD_STATE_RUNNING, 168 SMB_THREAD_STATE_EXITING, 169 SMB_THREAD_STATE_EXITED 170} smb_thread_state_t; 171 172struct _smb_thread; 173 174typedef void (*smb_thread_ep_t)(struct _smb_thread *, void *ep_arg); 175typedef void (*smb_thread_aw_t)(struct _smb_thread *, void *aw_arg); 176 177#define SMB_THREAD_MAGIC 0x534D4254 /* SMBT */ 178 179typedef struct _smb_thread { 180 uint32_t sth_magic; 181 char sth_name[16]; 182 smb_thread_state_t sth_state; 183 kthread_t *sth_th; 184 kt_did_t sth_did; 185 smb_thread_ep_t sth_ep; 186 void *sth_ep_arg; 187 smb_thread_aw_t sth_aw; 188 void *sth_aw_arg; 189 boolean_t sth_kill; 190 kmutex_t sth_mtx; 191 kcondvar_t sth_cv; 192} smb_thread_t; 193 194/* 195 * Pool of IDs 196 * ----------- 197 * 198 * A pool of IDs is a pool of 16 bit numbers. It is implemented as a bitmap. 199 * A bit set to '1' indicates that that particular value has been allocated. 200 * The allocation process is done shifting a bit through the whole bitmap. 201 * The current position of that index bit is kept in the smb_idpool_t 202 * structure and represented by a byte index (0 to buffer size minus 1) and 203 * a bit index (0 to 7). 204 * 205 * The pools start with a size of 8 bytes or 64 IDs. Each time the pool runs 206 * out of IDs its current size is doubled until it reaches its maximum size 207 * (8192 bytes or 65536 IDs). The IDs 0 and 65535 are never given out which 208 * means that a pool can have a maximum number of 65534 IDs available. 209 */ 210#define SMB_IDPOOL_MAGIC 0x4944504C /* IDPL */ 211#define SMB_IDPOOL_MIN_SIZE 64 /* Number of IDs to begin with */ 212#define SMB_IDPOOL_MAX_SIZE 64 * 1024 213 214typedef struct smb_idpool { 215 uint32_t id_magic; 216 kmutex_t id_mutex; 217 uint8_t *id_pool; 218 uint32_t id_size; 219 uint8_t id_bit; 220 uint8_t id_bit_idx; 221 uint32_t id_idx; 222 uint32_t id_idx_msk; 223 uint32_t id_free_counter; 224 uint32_t id_max_free_counter; 225} smb_idpool_t; 226 227/* 228 * Maximum size of a Transport Data Unit 229 * 4 --> NBT/TCP Transport Header. 230 * 32 --> SMB Header 231 * 1 --> Word Count byte 232 * 510 --> Maximum Number of bytes of the Word Table (2 * 255) 233 * 2 --> Byte count of the data 234 * 65535 --> Maximum size of the data 235 * ----- 236 * 66084 237 */ 238#define SMB_REQ_MAX_SIZE 66080 239#define SMB_XPRT_MAX_SIZE (SMB_REQ_MAX_SIZE + NETBIOS_HDR_SZ) 240 241#define SMB_TXREQ_MAGIC 0X54524251 /* 'TREQ' */ 242typedef struct { 243 uint32_t tr_magic; 244 list_node_t tr_lnd; 245 int tr_len; 246 uint8_t tr_buf[SMB_XPRT_MAX_SIZE]; 247} smb_txreq_t; 248 249#define SMB_TXLST_MAGIC 0X544C5354 /* 'TLST' */ 250typedef struct { 251 uint32_t tl_magic; 252 kmutex_t tl_mutex; 253 boolean_t tl_active; 254 list_t tl_list; 255} smb_txlst_t; 256 257/* 258 * Maximum buffer size for NT is 37KB. If all clients are Windows 2000, this 259 * can be changed to 64KB. 37KB must be used with a mix of NT/Windows 2000 260 * clients because NT loses directory entries when values greater than 37KB are 261 * used. 262 * 263 * Note: NBT_MAXBUF will be subtracted from the specified max buffer size to 264 * account for the NBT header. 265 */ 266#define NBT_MAXBUF 8 267#define SMB_NT_MAXBUF (37 * 1024) 268 269#define OUTBUFSIZE (65 * 1024) 270#define SMBHEADERSIZE 32 271#define SMBND_HASH_MASK (0xFF) 272#define MAX_IOVEC 512 273#define MAX_READREF (8 * 1024) 274 275#define SMB_WORKER_MIN 4 276#define SMB_WORKER_DEFAULT 64 277#define SMB_WORKER_MAX 1024 278 279/* 280 * Fix align a pointer or offset appropriately so that fields will not 281 * cross word boundaries. 282 */ 283#define PTRALIGN(x) \ 284 (((uintptr_t)(x) + (uintptr_t)(_POINTER_ALIGNMENT) - 1l) & \ 285 ~((uintptr_t)(_POINTER_ALIGNMENT) - 1l)) 286 287/* 288 * native os types are defined in win32/smbinfo.h 289 */ 290 291/* 292 * All 4 different time / date formats that will bee seen in SMB 293 */ 294typedef struct { 295 uint16_t Day : 5; 296 uint16_t Month : 4; 297 uint16_t Year : 7; 298} SMB_DATE; 299 300typedef struct { 301 uint16_t TwoSeconds : 5; 302 uint16_t Minutes : 6; 303 uint16_t Hours : 5; 304} SMB_TIME; 305 306 307typedef uint32_t UTIME; /* seconds since Jan 1 1970 */ 308 309typedef struct smb_malloc_list { 310 struct smb_malloc_list *forw; 311 struct smb_malloc_list *back; 312} smb_malloc_list; 313 314typedef struct smb_llist { 315 krwlock_t ll_lock; 316 list_t ll_list; 317 uint32_t ll_count; 318 uint64_t ll_wrop; 319} smb_llist_t; 320 321typedef struct smb_slist { 322 kmutex_t sl_mutex; 323 kcondvar_t sl_cv; 324 list_t sl_list; 325 uint32_t sl_count; 326 boolean_t sl_waiting; 327} smb_slist_t; 328 329typedef struct smb_session_list { 330 krwlock_t se_lock; 331 uint64_t se_wrop; 332 struct { 333 list_t lst; 334 uint32_t count; 335 } se_rdy; 336 struct { 337 list_t lst; 338 uint32_t count; 339 } se_act; 340} smb_session_list_t; 341 342typedef struct { 343 kcondvar_t rwx_cv; 344 kmutex_t rwx_mutex; 345 krwlock_t rwx_lock; 346 boolean_t rwx_waiting; 347} smb_rwx_t; 348 349/* NOTIFY CHANGE */ 350 351typedef struct smb_notify_change_req { 352 list_node_t nc_lnd; 353 struct smb_node *nc_node; 354 uint32_t nc_reply_type; 355 uint32_t nc_flags; 356} smb_notify_change_req_t; 357 358/* 359 * SMB operates over a NetBIOS-over-TCP transport (NBT) or directly 360 * over TCP, which is also known as direct hosted NetBIOS-less SMB 361 * or SMB-over-TCP. 362 * 363 * NBT messages have a 4-byte header that defines the message type 364 * (8-bits), a 7-bit flags field and a 17-bit length. 365 * 366 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 367 * | TYPE | FLAGS |E| LENGTH | 368 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 369 * 370 * 8-bit type Defined in RFC 1002 371 * 7-bit flags Bits 0-6 reserved (must be 0) 372 * Bit 7: Length extension bit (E) 373 * 17-bit length Includes bit 7 of the flags byte 374 * 375 * 376 * SMB-over-TCP is defined to use a modified version of the NBT header 377 * containing an 8-bit message type and 24-bit message length. 378 * 379 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 380 * | TYPE | LENGTH | 381 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 382 * 383 * 8-bit type Must be 0 384 * 24-bit length 385 * 386 * The following structure is used to represent a generic, in-memory 387 * SMB transport header; it is not intended to map directly to either 388 * of the over-the-wire formats. 389 */ 390typedef struct { 391 uint8_t xh_type; 392 uint32_t xh_length; 393} smb_xprt_t; 394 395int MBC_LENGTH(struct mbuf_chain *); 396int MBC_MAXBYTES(struct mbuf_chain *); 397void MBC_SETUP(struct mbuf_chain *, uint32_t); 398void MBC_INIT(struct mbuf_chain *, uint32_t); 399void MBC_FLUSH(struct mbuf_chain *); 400void MBC_ATTACH_MBUF(struct mbuf_chain *, struct mbuf *); 401void MBC_APPEND_MBUF(struct mbuf_chain *, struct mbuf *); 402void MBC_ATTACH_BUF(struct mbuf_chain *MBC, unsigned char *BUF, int LEN); 403int MBC_SHADOW_CHAIN(struct mbuf_chain *SUBMBC, struct mbuf_chain *MBC, 404 int OFF, int LEN); 405 406#define MBC_ROOM_FOR(b, n) (((b)->chain_offset + (n)) <= (b)->max_bytes) 407 408typedef struct smb_oplock { 409 struct smb_ofile *op_ofile; 410 uint32_t op_flags; 411 smb_inaddr_t op_ipaddr; 412 uint64_t op_kid; 413} smb_oplock_t; 414 415#define OPLOCK_FLAG_BREAKING 1 416 417#define OPLOCK_RELEASE_LOCK_RELEASED 0 418#define OPLOCK_RELEASE_FILE_CLOSED 1 419 420#define DOS_ATTR_VALID 0x80000000 421 422#define SMB_VFS_MAGIC 0x534D4256 /* 'SMBV' */ 423 424typedef struct smb_vfs { 425 uint32_t sv_magic; 426 list_node_t sv_lnd; 427 uint32_t sv_refcnt; 428 vfs_t *sv_vfsp; 429 vnode_t *sv_rootvp; 430} smb_vfs_t; 431 432typedef struct smb_unexport { 433 list_node_t ux_lnd; 434 char ux_sharename[MAXNAMELEN]; 435} smb_unexport_t; 436 437#define SMB_NODE_MAGIC 0x4E4F4445 /* 'NODE' */ 438 439typedef enum { 440 SMB_NODE_STATE_AVAILABLE = 0, 441 SMB_NODE_STATE_DESTROYING 442} smb_node_state_t; 443 444typedef struct smb_node { 445 uint32_t n_magic; 446 smb_rwx_t n_lock; 447 krwlock_t n_share_lock; 448 list_node_t n_lnd; 449 smb_node_state_t n_state; 450 uint32_t n_refcnt; 451 uint32_t n_hashkey; 452 struct smb_request *n_sr; 453 kmem_cache_t *n_cache; 454 smb_llist_t *n_hash_bucket; 455 uint64_t n_orig_session_id; 456 uint32_t n_orig_uid; 457 smb_llist_t n_ofile_list; 458 smb_llist_t n_lock_list; 459 struct smb_ofile *readonly_creator; 460 volatile int flags; /* FILE_NOTIFY_CHANGE_* */ 461 volatile int waiting_event; /* # of clients requesting FCN */ 462 smb_attr_t attr; 463 unsigned int what; 464 u_offset_t n_size; 465 smb_oplock_t n_oplock; 466 struct smb_node *dir_snode; /* Directory of node */ 467 struct smb_node *unnamed_stream_node; /* set in stream nodes */ 468 /* Credentials for delayed delete */ 469 cred_t *delete_on_close_cred; 470 char od_name[MAXNAMELEN]; 471 vnode_t *vp; 472 smb_audit_buf_node_t *n_audit_buf; 473} smb_node_t; 474 475#define NODE_FLAGS_NOTIFY_CHANGE 0x10000fff 476#define NODE_OPLOCKS_IN_FORCE 0x0000f000 477#define NODE_OPLOCK_NONE 0x00000000 478#define NODE_EXCLUSIVE_OPLOCK 0x00001000 479#define NODE_BATCH_OPLOCK 0x00002000 480#define NODE_LEVEL_II_OPLOCK 0x00003000 481#define NODE_CAP_LEVEL_II 0x00010000 482#define NODE_PROTOCOL_LOCK 0x00020000 483#define NODE_FLAGS_WRITE_THROUGH 0x00100000 484#define NODE_FLAGS_SYNCATIME 0x00200000 485#define NODE_FLAGS_LOCKED 0x00400000 486#define NODE_FLAGS_ATTR_VALID 0x00800000 487#define NODE_XATTR_DIR 0x01000000 488#define NODE_FLAGS_CREATED 0x04000000 489#define NODE_FLAGS_CHANGED 0x08000000 490#define NODE_FLAGS_WATCH_TREE 0x10000000 491#define NODE_FLAGS_SET_SIZE 0x20000000 492#define NODE_FLAGS_DELETE_ON_CLOSE 0x40000000 493#define NODE_FLAGS_EXECUTABLE 0x80000000 494 495#define OPLOCK_TYPE(n) ((n)->flags & NODE_OPLOCKS_IN_FORCE) 496#define OPLOCKS_IN_FORCE(n) (OPLOCK_TYPE(n) != NODE_OPLOCK_NONE) 497#define EXCLUSIVE_OPLOCK_IN_FORCE(n) \ 498 (OPLOCK_TYPE(n) == NODE_EXCLUSIVE_OPLOCK) 499#define BATCH_OPLOCK_IN_FORCE(n) (OPLOCK_TYPE(n) == NODE_BATCH_OPLOCK) 500#define LEVEL_II_OPLOCK_IN_FORCE(n) (OPLOCK_TYPE(n) == NODE_LEVEL_II_OPLOCK) 501 502#define SMB_NODE_VFS(node) ((node)->vp->v_vfsp) 503#define SMB_NODE_FSID(node) ((node)->vp->v_vfsp->vfs_fsid) 504 505/* 506 * Based on section 2.6.1.2 (Connection Management) of the June 13, 507 * 1996 CIFS spec, a server may terminate the transport connection 508 * due to inactivity. The client software is expected to be able to 509 * automatically reconnect to the server if this happens. Like much 510 * of the useful background information, this section appears to 511 * have been dropped from later revisions of the document. 512 * 513 * Each session has an activity timestamp that's updated whenever a 514 * request is dispatched. If the session is idle, i.e. receives no 515 * requests, for SMB_SESSION_INACTIVITY_TIMEOUT minutes it will be 516 * closed. 517 * 518 * Each session has an I/O semaphore to serialize communication with 519 * the client. For example, after receiving a raw-read request, the 520 * server is not allowed to send an oplock break to the client until 521 * after it has sent the raw-read data. 522 */ 523#define SMB_SESSION_INACTIVITY_TIMEOUT (15 * 60) 524 525#define SMB_SESSION_OFILE_MAX (16 * 1024) 526 527/* 528 * When a connection is set up we need to remember both the client 529 * (peer) IP address and the local IP address used to establish the 530 * connection. When a client connects with a vc number of zero, we 531 * are supposed to abort any existing connections with that client 532 * (see notes in smb_negotiate.c and smb_session_setup_andx.c). For 533 * servers with multiple network interfaces or IP aliases, however, 534 * each interface has to be managed independently since the client 535 * is not aware of the server configuration. We have to allow the 536 * client to establish a connection on each interface with a vc 537 * number of zero without aborting the other connections. 538 * 539 * ipaddr: the client (peer) IP address for the session. 540 * local_ipaddr: the local IP address used to connect to the server. 541 */ 542 543#define SMB_MAC_KEYSZ 512 544 545struct smb_sign { 546 unsigned int seqnum; 547 unsigned int mackey_len; 548 unsigned int flags; 549 unsigned char mackey[SMB_MAC_KEYSZ]; 550}; 551 552#define SMB_SIGNING_ENABLED 1 553#define SMB_SIGNING_CHECK 2 554 555/* 556 * Session State Machine 557 * --------------------- 558 * 559 * +-----------------------------+ +------------------------------+ 560 * | SMB_SESSION_STATE_CONNECTED | | SMB_SESSION_STATE_TERMINATED | 561 * +-----------------------------+ +------------------------------+ 562 * T0| ^ 563 * +--------------------+ |T13 564 * v |T14 | 565 * +-------------------------------+ | +--------------------------------+ 566 * | SMB_SESSION_STATE_ESTABLISHED |---+--->| SMB_SESSION_STATE_DISCONNECTED | 567 * +-------------------------------+ +--------------------------------+ 568 * T1| ^ ^ ^ ^ 569 * +----------+ |T9 | | | 570 * v | | | | 571 * +------------------------------+ | | | 572 * | SMB_SESSION_STATE_NEGOTIATED | | | | 573 * +------------------------------+ | | | 574 * ^| ^| | ^ | | | 575 * +----------------+| || | | | | | 576 * |+----------------+ || T7| |T8 | | | 577 * || || | | | | | 578 * || +----------------+| | | | | | 579 * || |+----------------+ | | | | | 580 * || || v | | | | 581 * || || +-----------------------------------+ T10| | | 582 * || || | SMB_SESSION_STATE_OPLOCK_BREAKING |----+ | | 583 * || || +-----------------------------------+ | | 584 * || ||T5 | | 585 * || |+-->+-----------------------------------+ T11| | 586 * || |T6 | SMB_SESSION_STATE_READ_RAW_ACTIVE |------+ | 587 * || +----+-----------------------------------+ | 588 * ||T3 | 589 * |+------->+------------------------------------+ T12| 590 * |T4 | SMB_SESSION_STATE_WRITE_RAW_ACTIVE |-------+ 591 * +---------+------------------------------------+ 592 * 593 * Transition T0 594 * 595 * 596 * 597 * Transition T1 598 * 599 * 600 * 601 * Transition T2 602 * 603 * 604 * 605 * Transition T3 606 * 607 * 608 * 609 * Transition T4 610 * 611 * 612 * 613 * Transition T5 614 * 615 * 616 * 617 * Transition T6 618 * 619 * 620 * 621 * Transition T7 622 * 623 * 624 * 625 * Transition T8 626 * 627 * 628 * 629 * Transition T9 630 * 631 * 632 * 633 * Transition T10 634 * 635 * 636 * 637 * Transition T11 638 * 639 * 640 * 641 * Transition T12 642 * 643 * 644 * 645 * Transition T13 646 * 647 * 648 * 649 * Transition T14 650 * 651 * 652 * 653 */ 654#define SMB_SESSION_MAGIC 0x53455353 /* 'SESS' */ 655 656typedef enum { 657 SMB_SESSION_STATE_INITIALIZED = 0, 658 SMB_SESSION_STATE_DISCONNECTED, 659 SMB_SESSION_STATE_CONNECTED, 660 SMB_SESSION_STATE_ESTABLISHED, 661 SMB_SESSION_STATE_NEGOTIATED, 662 SMB_SESSION_STATE_OPLOCK_BREAKING, 663 SMB_SESSION_STATE_WRITE_RAW_ACTIVE, 664 SMB_SESSION_STATE_TERMINATED, 665 SMB_SESSION_STATE_SENTINEL 666} smb_session_state_t; 667 668typedef struct smb_session { 669 uint32_t s_magic; 670 smb_rwx_t s_lock; 671 list_node_t s_lnd; 672 uint64_t s_kid; 673 smb_session_state_t s_state; 674 uint32_t s_flags; 675 int s_write_raw_status; 676 kthread_t *s_thread; 677 kt_did_t s_ktdid; 678 smb_kmod_cfg_t s_cfg; 679 kmem_cache_t *s_cache; 680 kmem_cache_t *s_cache_request; 681 struct smb_server *s_server; 682 int32_t s_gmtoff; 683 uint32_t keep_alive; 684 uint64_t opentime; 685 uint16_t vcnumber; 686 uint16_t s_local_port; 687 smb_inaddr_t ipaddr; 688 smb_inaddr_t local_ipaddr; 689 char workstation[SMB_PI_MAX_HOST]; 690 int dialect; 691 int native_os; 692 uint32_t capabilities; 693 struct smb_sign signing; 694 695 ksocket_t sock; 696 697 smb_slist_t s_req_list; 698 smb_llist_t s_xa_list; 699 smb_llist_t s_user_list; 700 smb_idpool_t s_uid_pool; 701 smb_txlst_t s_txlst; 702 703 volatile uint32_t s_tree_cnt; 704 volatile uint32_t s_file_cnt; 705 volatile uint32_t s_dir_cnt; 706 707 uint16_t secmode; 708 uint32_t sesskey; 709 uint32_t challenge_len; 710 unsigned char challenge_key[8]; 711 unsigned char MAC_key[44]; 712 int64_t activity_timestamp; 713 /* 714 * Maximum negotiated buffer size between SMB client and server 715 * in SMB_SESSION_SETUP_ANDX 716 */ 717 uint16_t smb_msg_size; 718 uchar_t *outpipe_data; 719 int outpipe_datalen; 720 int outpipe_cookie; 721} smb_session_t; 722 723#define SMB_USER_MAGIC 0x55534552 /* 'USER' */ 724 725#define SMB_USER_FLAG_GUEST SMB_ATF_GUEST 726#define SMB_USER_FLAG_IPC SMB_ATF_ANON 727#define SMB_USER_FLAG_ADMIN SMB_ATF_ADMIN 728#define SMB_USER_FLAG_POWER_USER SMB_ATF_POWERUSER 729#define SMB_USER_FLAG_BACKUP_OPERATOR SMB_ATF_BACKUPOP 730 731#define SMB_USER_PRIV_TAKE_OWNERSHIP 0x00000001 732#define SMB_USER_PRIV_BACKUP 0x00000002 733#define SMB_USER_PRIV_RESTORE 0x00000004 734#define SMB_USER_PRIV_SECURITY 0x00000008 735 736 737typedef enum { 738 SMB_USER_STATE_LOGGED_IN = 0, 739 SMB_USER_STATE_LOGGING_OFF, 740 SMB_USER_STATE_LOGGED_OFF, 741 SMB_USER_STATE_SENTINEL 742} smb_user_state_t; 743 744typedef struct smb_user { 745 uint32_t u_magic; 746 list_node_t u_lnd; 747 kmutex_t u_mutex; 748 smb_user_state_t u_state; 749 750 struct smb_server *u_server; 751 smb_session_t *u_session; 752 uint16_t u_name_len; 753 char *u_name; 754 uint16_t u_domain_len; 755 char *u_domain; 756 time_t u_logon_time; 757 cred_t *u_cred; 758 cred_t *u_privcred; 759 760 smb_llist_t u_tree_list; 761 smb_idpool_t u_tid_pool; 762 763 uint32_t u_refcnt; 764 uint32_t u_flags; 765 uint32_t u_privileges; 766 uint16_t u_uid; 767 uint32_t u_audit_sid; 768} smb_user_t; 769 770#define SMB_TREE_MAGIC 0x54524545 /* 'TREE' */ 771 772#define SMB_TYPENAMELEN _ST_FSTYPSZ 773#define SMB_VOLNAMELEN 32 774 775#define SMB_TREE_READONLY 0x00000001 776#define SMB_TREE_SUPPORTS_ACLS 0x00000002 777#define SMB_TREE_STREAMS 0x00000004 778#define SMB_TREE_CASEINSENSITIVE 0x00000008 779#define SMB_TREE_NO_CASESENSITIVE 0x00000010 780#define SMB_TREE_NO_EXPORT 0x00000020 781#define SMB_TREE_NO_OPLOCKS 0x00000040 782#define SMB_TREE_NO_ATIME 0x00000080 783#define SMB_TREE_XVATTR 0x00000100 784#define SMB_TREE_DIRENTFLAGS 0x00000200 785#define SMB_TREE_ACLONCREATE 0x00000400 786#define SMB_TREE_ACEMASKONACCESS 0x00000800 787#define SMB_TREE_NFS_MOUNTED 0x00001000 788 789typedef enum { 790 SMB_TREE_STATE_CONNECTED = 0, 791 SMB_TREE_STATE_DISCONNECTING, 792 SMB_TREE_STATE_DISCONNECTED, 793 SMB_TREE_STATE_SENTINEL 794} smb_tree_state_t; 795 796typedef struct smb_tree { 797 uint32_t t_magic; 798 kmutex_t t_mutex; 799 list_node_t t_lnd; 800 smb_tree_state_t t_state; 801 802 struct smb_server *t_server; 803 smb_session_t *t_session; 804 smb_user_t *t_user; 805 smb_node_t *t_snode; 806 807 smb_llist_t t_ofile_list; 808 smb_idpool_t t_fid_pool; 809 810 smb_llist_t t_odir_list; 811 smb_idpool_t t_odid_pool; 812 813 uint32_t t_refcnt; 814 uint32_t t_flags; 815 int32_t t_res_type; 816 uint16_t t_tid; 817 uint16_t t_umask; 818 char t_sharename[MAXNAMELEN]; 819 char t_resource[MAXPATHLEN]; 820 char t_typename[SMB_TYPENAMELEN]; 821 char t_volume[SMB_VOLNAMELEN]; 822 acl_type_t t_acltype; 823 uint32_t t_access; 824} smb_tree_t; 825 826#define SMB_TREE_VFS(tree) ((tree)->t_snode->vp->v_vfsp) 827#define SMB_TREE_FSID(tree) ((tree)->t_snode->vp->v_vfsp->vfs_fsid) 828 829#define SMB_TREE_IS_READONLY(sr) \ 830 ((sr) != NULL && (sr)->tid_tree != NULL && \ 831 !((sr)->tid_tree->t_access & ACE_ALL_WRITE_PERMS)) 832 833#define SMB_TREE_IS_CASEINSENSITIVE(sr) \ 834 (((sr) && (sr)->tid_tree) ? \ 835 smb_tree_has_feature((sr)->tid_tree, SMB_TREE_CASEINSENSITIVE) : 0) 836 837#define SMB_TREE_HAS_ACCESS(sr, acemask) \ 838 ((sr) == NULL ? ACE_ALL_PERMS : ( \ 839 (((sr) && (sr)->tid_tree) ? \ 840 (((sr)->tid_tree->t_access) & (acemask)) : 0))) 841 842/* 843 * SMB_TREE_CONTAINS_NODE is used to check that a node is in the same 844 * file system as the tree. 845 */ 846#define SMB_TREE_CONTAINS_NODE(sr, node) \ 847 (((sr) && (sr)->tid_tree) ? \ 848 (SMB_TREE_VFS((sr)->tid_tree) == SMB_NODE_VFS(node)) : 1) 849 850/* 851 * SMB_NODE_IS_READONLY(node) 852 * 853 * This macro indicates whether the DOS readonly bit is set in the node's 854 * attribute cache. The cache reflects what is on-disk. 855 */ 856 857#define SMB_NODE_IS_READONLY(node) \ 858 ((node) && (node)->attr.sa_dosattr & FILE_ATTRIBUTE_READONLY) 859 860/* 861 * SMB_OFILE_IS_READONLY reflects whether an ofile is readonly or not. 862 * The macro takes into account 863 * - the tree readonly state 864 * - the node readonly state 865 * - whether the specified ofile is the readonly creator 866 * The readonly creator has write permission until the ofile is closed. 867 */ 868 869#define SMB_OFILE_IS_READONLY(of) \ 870 (((of)->f_flags & SMB_OFLAGS_READONLY) || \ 871 SMB_NODE_IS_READONLY((of)->f_node) || \ 872 (((of)->f_node->readonly_creator) && \ 873 ((of)->f_node->readonly_creator != (of)))) 874 875/* 876 * SMB_PATHFILE_IS_READONLY indicates whether or not a file is 877 * readonly when the caller has a path rather than an ofile. Unlike 878 * SMB_OFILE_IS_READONLY, the caller cannot be the readonly creator, 879 * since that requires an ofile. 880 */ 881 882#define SMB_PATHFILE_IS_READONLY(sr, node) \ 883 (SMB_TREE_IS_READONLY((sr)) || \ 884 SMB_NODE_IS_READONLY((node)) || \ 885 ((node)->readonly_creator)) 886 887#define PIPE_STATE_AUTH_VERIFY 0x00000001 888 889/* 890 * Data structure for SMB_FTYPE_MESG_PIPE ofiles, which is used 891 * at the interface between SMB and NDR RPC. 892 */ 893typedef struct smb_opipe { 894 kmutex_t p_mutex; 895 kcondvar_t p_cv; 896 char *p_name; 897 uint32_t p_busy; 898 smb_opipe_hdr_t p_hdr; 899 smb_opipe_context_t p_context; 900 uint8_t *p_doorbuf; 901 uint8_t *p_data; 902} smb_opipe_t; 903 904/* 905 * The of_ftype of an open file should contain the SMB_FTYPE value 906 * (cifs.h) returned when the file/pipe was opened. The following 907 * assumptions are currently made: 908 * 909 * File Type Node PipeInfo 910 * --------- -------- -------- 911 * SMB_FTYPE_DISK Valid Null 912 * SMB_FTYPE_BYTE_PIPE Undefined Undefined 913 * SMB_FTYPE_MESG_PIPE Null Valid 914 * SMB_FTYPE_PRINTER Undefined Undefined 915 * SMB_FTYPE_UNKNOWN Undefined Undefined 916 */ 917 918/* 919 * Some flags for ofile structure 920 * 921 * SMB_OFLAGS_SET_DELETE_ON_CLOSE 922 * Set this flag when the corresponding open operation whose 923 * DELETE_ON_CLOSE bit of the CreateOptions is set. If any 924 * open file instance has this bit set, the NODE_FLAGS_DELETE_ON_CLOSE 925 * will be set for the file node upon close. 926 */ 927 928#define SMB_OFLAGS_READONLY 0x0001 929#define SMB_OFLAGS_SET_DELETE_ON_CLOSE 0x0004 930#define SMB_OFLAGS_LLF_POS_VALID 0x0008 931 932#define SMB_OFILE_MAGIC 0x4F464C45 /* 'OFLE' */ 933 934typedef enum { 935 SMB_OFILE_STATE_OPEN = 0, 936 SMB_OFILE_STATE_CLOSING, 937 SMB_OFILE_STATE_CLOSED, 938 SMB_OFILE_STATE_SENTINEL 939} smb_ofile_state_t; 940 941typedef struct smb_ofile { 942 uint32_t f_magic; 943 kmutex_t f_mutex; 944 list_node_t f_lnd; 945 list_node_t f_nnd; 946 smb_ofile_state_t f_state; 947 948 struct smb_server *f_server; 949 smb_session_t *f_session; 950 smb_user_t *f_user; 951 smb_tree_t *f_tree; 952 smb_node_t *f_node; 953 smb_opipe_t *f_pipe; 954 955 uint32_t f_uniqid; 956 uint32_t f_refcnt; 957 uint64_t f_seek_pos; 958 uint32_t f_flags; 959 uint32_t f_granted_access; 960 uint32_t f_share_access; 961 uint32_t f_create_options; 962 uint16_t f_fid; 963 uint16_t f_opened_by_pid; 964 uint16_t f_ftype; 965 uint64_t f_llf_pos; 966 int f_mode; 967 cred_t *f_cr; 968 pid_t f_pid; 969} smb_ofile_t; 970 971#define SMB_ODIR_MAGIC 0x4F444952 /* 'ODIR' */ 972#define SMB_ODIR_BUFSIZE (8 * 1024) 973 974typedef enum { 975 SMB_ODIR_STATE_OPEN = 0, 976 SMB_ODIR_STATE_CLOSING, 977 SMB_ODIR_STATE_CLOSED, 978 SMB_ODIR_STATE_SENTINEL 979} smb_odir_state_t; 980 981typedef enum { 982 SMB_ODIR_RESUME_IDX, 983 SMB_ODIR_RESUME_COOKIE, 984 SMB_ODIR_RESUME_FNAME 985} smb_odir_resume_type_t; 986 987typedef struct smb_odir_resume { 988 smb_odir_resume_type_t or_type; 989 int or_idx; 990 uint32_t or_cookie; 991 char *or_fname; 992} smb_odir_resume_t; 993 994typedef struct smb_odir { 995 uint32_t d_magic; 996 kmutex_t d_mutex; 997 list_node_t d_lnd; 998 smb_odir_state_t d_state; 999 smb_session_t *d_session; 1000 smb_user_t *d_user; 1001 smb_tree_t *d_tree; 1002 smb_node_t *d_dnode; 1003 uint16_t d_odid; 1004 uint16_t d_opened_by_pid; 1005 uint16_t d_sattr; 1006 uint32_t d_refcnt; 1007 1008 boolean_t d_wildcards; 1009 boolean_t d_ignore_case; 1010 boolean_t d_xat; 1011 boolean_t d_eof; 1012 boolean_t d_is_edp; 1013 int d_bufsize; 1014 uint64_t d_offset; 1015 union { 1016 char *u_bufptr; 1017 edirent_t *u_edp; 1018 dirent64_t *u_dp; 1019 } d_u; 1020 uint32_t d_cookies[SMB_MAX_SEARCH]; 1021 char d_pattern[MAXNAMELEN]; 1022 char d_buf[SMB_ODIR_BUFSIZE]; 1023} smb_odir_t; 1024#define d_bufptr d_u.u_bufptr 1025#define d_edp d_u.u_edp 1026#define d_dp d_u.u_dp 1027 1028typedef struct smb_odirent { 1029 char od_name[MAXNAMELEN]; /* on disk name */ 1030 ino64_t od_ino; 1031 uint32_t od_eflags; 1032} smb_odirent_t; 1033 1034typedef struct smb_fileinfo { 1035 char fi_name[MAXNAMELEN]; 1036 char fi_name83[SMB_SHORTNAMELEN]; 1037 char fi_shortname[SMB_SHORTNAMELEN]; 1038 uint32_t fi_cookie; 1039 uint32_t fi_dosattr; /* DOS attributes */ 1040 uint64_t fi_nodeid; /* file system node id */ 1041 uint64_t fi_size; /* file size in bytes */ 1042 uint64_t fi_alloc_size; /* allocation size in bytes */ 1043 timestruc_t fi_atime; /* last access */ 1044 timestruc_t fi_mtime; /* last modification */ 1045 timestruc_t fi_ctime; /* last status change */ 1046 timestruc_t fi_crtime; /* file creation */ 1047} smb_fileinfo_t; 1048 1049typedef struct smb_streaminfo { 1050 uint64_t si_size; 1051 char si_name[MAXPATHLEN]; 1052} smb_streaminfo_t; 1053 1054#define SMB_LOCK_MAGIC 0x4C4F434B /* 'LOCK' */ 1055 1056typedef struct smb_lock { 1057 uint32_t l_magic; 1058 kmutex_t l_mutex; 1059 list_node_t l_lnd; 1060 kcondvar_t l_cv; 1061 1062 list_node_t l_conflict_lnd; 1063 smb_slist_t l_conflict_list; 1064 1065 smb_session_t *l_session; 1066 smb_ofile_t *l_file; 1067 struct smb_request *l_sr; 1068 1069 uint32_t l_flags; 1070 uint64_t l_session_kid; 1071 struct smb_lock *l_blocked_by; /* Debug info only */ 1072 1073 uint16_t l_pid; 1074 uint16_t l_uid; 1075 uint32_t l_type; 1076 uint64_t l_start; 1077 uint64_t l_length; 1078 clock_t l_end_time; 1079} smb_lock_t; 1080 1081#define SMB_LOCK_FLAG_INDEFINITE 0x0004 1082#define SMB_LOCK_INDEFINITE_WAIT(lock) \ 1083 ((lock)->l_flags & SMB_LOCK_FLAG_INDEFINITE) 1084 1085#define SMB_LOCK_TYPE_READWRITE 101 1086#define SMB_LOCK_TYPE_READONLY 102 1087 1088typedef struct vardata_block { 1089 uint8_t tag; 1090 uint16_t len; 1091 struct uio uio; 1092 struct iovec iovec[MAX_IOVEC]; 1093} smb_vdb_t; 1094 1095#define SMB_RW_MAGIC 0x52445257 /* 'RDRW' */ 1096 1097typedef struct smb_rw_param { 1098 uint32_t rw_magic; 1099 smb_vdb_t rw_vdb; 1100 uint64_t rw_offset; 1101 uint32_t rw_last_write; 1102 uint16_t rw_mode; 1103 uint16_t rw_count; 1104 uint16_t rw_mincnt; 1105 uint16_t rw_dsoff; /* SMB data offset */ 1106 uint8_t rw_andx; /* SMB secondary andx command */ 1107} smb_rw_param_t; 1108 1109/* 1110 * fs_query_info 1111 */ 1112typedef struct smb_fqi { 1113 char *path; 1114 uint16_t srch_attr; 1115 smb_node_t *dir_snode; 1116 smb_attr_t dir_attr; 1117 char last_comp[MAXNAMELEN]; 1118 int last_comp_was_found; 1119 char last_comp_od[MAXNAMELEN]; 1120 smb_node_t *last_snode; 1121 smb_attr_t last_attr; 1122} smb_fqi_t; 1123 1124#define SMB_NULL_FQI_NODES(fqi) \ 1125 (fqi).last_snode = NULL; \ 1126 (fqi).dir_snode = NULL; 1127 1128#define FQM_DIR_MUST_EXIST 1 1129#define FQM_PATH_MUST_EXIST 2 1130#define FQM_PATH_MUST_NOT_EXIST 3 1131 1132#define MYF_OPLOCK_MASK 0x000000F0 1133#define MYF_OPLOCK_NONE 0x00000000 1134#define MYF_EXCLUSIVE_OPLOCK 0x00000010 1135#define MYF_BATCH_OPLOCK 0x00000020 1136#define MYF_LEVEL_II_OPLOCK 0x00000030 1137#define MYF_MUST_BE_DIRECTORY 0x00000100 1138 1139#define MYF_OPLOCK_TYPE(o) ((o) & MYF_OPLOCK_MASK) 1140#define MYF_OPLOCKS_REQUEST(o) (MYF_OPLOCK_TYPE(o) != MYF_OPLOCK_NONE) 1141#define MYF_IS_EXCLUSIVE_OPLOCK(o) (MYF_OPLOCK_TYPE(o) == MYF_EXCLUSIVE_OPLOCK) 1142#define MYF_IS_BATCH_OPLOCK(o) (MYF_OPLOCK_TYPE(o) == MYF_BATCH_OPLOCK) 1143#define MYF_IS_LEVEL_II_OPLOCK(o) (MYF_OPLOCK_TYPE(o) == MYF_LEVEL_II_OPLOCK) 1144 1145#define OPLOCK_MIN_TIMEOUT (5 * 1000) 1146#define OPLOCK_STD_TIMEOUT (15 * 1000) 1147#define OPLOCK_RETRIES 2 1148 1149typedef struct { 1150 uint32_t severity; 1151 uint32_t status; 1152 uint16_t errcls; 1153 uint16_t errcode; 1154} smb_error_t; 1155 1156/* 1157 * SMB Request State Machine 1158 * ------------------------- 1159 * 1160 * T4 +------+ T0 1161 * +--------------------------->| FREE |---------------------------+ 1162 * | +------+ | 1163 * +-----------+ | 1164 * | COMPLETED | | 1165 * +-----------+ 1166 * ^ | 1167 * | T15 +----------+ v 1168 * +------------+ T6 | | +--------------+ 1169 * | CLEANED_UP |<-----------------| CANCELED | | INITIALIZING | 1170 * +------------+ | | +--------------+ 1171 * | ^ +----------+ | 1172 * | | ^ ^ ^ ^ | 1173 * | | +-------------+ | | | | 1174 * | | T3 | | | | T13 | T1 1175 * | +-------------------------+ | | +----------------------+ | 1176 * +----------------------------+ | | | | | 1177 * T16 | | | | +-----------+ | | 1178 * | \/ | | T5 | | v 1179 * +-----------------+ | T12 +--------+ | T2 +-----------+ 1180 * | EVENT_OCCURRED |------------->| ACTIVE |<--------------------| SUBMITTED | 1181 * +-----------------+ | +--------+ | +-----------+ 1182 * ^ | | ^ | | 1183 * | | T8 | | | T7 | 1184 * | T10 T9 | +----------+ | +-------+ | T11 1185 * | | | +-------+ | | 1186 * | | | T14 | | | 1187 * | | v | v | 1188 * +----------------------+ +--------------+ 1189 * | WAITING_EVENT | | WAITING_LOCK | 1190 * +----------------------+ +--------------+ 1191 * 1192 * 1193 * 1194 * 1195 * 1196 * Transition T0 1197 * 1198 * This transition occurs when the request is allocated and is still under the 1199 * control of the session thread. 1200 * 1201 * Transition T1 1202 * 1203 * This transition occurs when the session thread dispatches a task to treat the 1204 * request. 1205 * 1206 * Transition T2 1207 * 1208 * 1209 * 1210 * Transition T3 1211 * 1212 * A request completes and smbsr_cleanup is called to release resources 1213 * associated with the request (but not the smb_request_t itself). This 1214 * includes references on smb_ofile_t, smb_node_t, and other structures. 1215 * CLEANED_UP state exists to detect if we attempt to cleanup a request 1216 * multiple times and to allow us to detect that we are accessing a 1217 * request that has already been cleaned up. 1218 * 1219 * Transition T4 1220 * 1221 * 1222 * 1223 * Transition T5 1224 * 1225 * 1226 * 1227 * Transition T6 1228 * 1229 * 1230 * 1231 * Transition T7 1232 * 1233 * 1234 * 1235 * Transition T8 1236 * 1237 * 1238 * 1239 * Transition T9 1240 * 1241 * 1242 * 1243 * Transition T10 1244 * 1245 * 1246 * 1247 * Transition T11 1248 * 1249 * 1250 * 1251 * Transition T12 1252 * 1253 * 1254 * 1255 * Transition T13 1256 * 1257 * 1258 * 1259 * Transition T14 1260 * 1261 * 1262 * 1263 * Transition T15 1264 * 1265 * Request processing is completed (control returns from smb_dispatch) 1266 * 1267 * Transition T16 1268 * 1269 * Multipart (andx) request was cleaned up with smbsr_cleanup but more "andx" 1270 * sections remain to be processed. 1271 * 1272 */ 1273 1274#define SMB_REQ_MAGIC 0x534D4252 /* 'SMBR' */ 1275 1276typedef enum smb_req_state { 1277 SMB_REQ_STATE_FREE = 0, 1278 SMB_REQ_STATE_INITIALIZING, 1279 SMB_REQ_STATE_SUBMITTED, 1280 SMB_REQ_STATE_ACTIVE, 1281 SMB_REQ_STATE_WAITING_EVENT, 1282 SMB_REQ_STATE_EVENT_OCCURRED, 1283 SMB_REQ_STATE_WAITING_LOCK, 1284 SMB_REQ_STATE_COMPLETED, 1285 SMB_REQ_STATE_CANCELED, 1286 SMB_REQ_STATE_CLEANED_UP, 1287 SMB_REQ_STATE_SENTINEL 1288} smb_req_state_t; 1289 1290typedef struct smb_request { 1291 uint32_t sr_magic; 1292 kmutex_t sr_mutex; 1293 list_node_t sr_session_lnd; 1294 smb_req_state_t sr_state; 1295 boolean_t sr_keep; 1296 kmem_cache_t *sr_cache; 1297 struct smb_server *sr_server; 1298 pid_t *sr_pid; 1299 int32_t sr_gmtoff; 1300 smb_session_t *session; 1301 smb_kmod_cfg_t *sr_cfg; 1302 smb_notify_change_req_t sr_ncr; 1303 1304 /* Info from session service header */ 1305 uint32_t sr_req_length; /* Excluding NBT header */ 1306 1307 /* Request buffer excluding NBT header */ 1308 void *sr_request_buf; 1309 1310 /* Fields for raw writes */ 1311 uint32_t sr_raw_data_length; 1312 void *sr_raw_data_buf; 1313 1314 smb_lock_t *sr_awaiting; 1315 struct mbuf_chain command; 1316 struct mbuf_chain reply; 1317 struct mbuf_chain raw_data; 1318 smb_malloc_list request_storage; 1319 struct smb_xa *r_xa; 1320 int andx_prev_wct; 1321 int cur_reply_offset; 1322 int orig_request_hdr; 1323 unsigned int reply_seqnum; /* reply sequence number */ 1324 unsigned char first_smb_com; /* command code */ 1325 unsigned char smb_com; /* command code */ 1326 1327 uint8_t smb_rcls; /* error code class */ 1328 uint8_t smb_reh; /* rsvd (AH DOS INT-24 ERR) */ 1329 uint16_t smb_err; /* error code */ 1330 smb_error_t smb_error; 1331 1332 uint8_t smb_flg; /* flags */ 1333 uint16_t smb_flg2; /* flags */ 1334 uint16_t smb_pid_high; /* high part of pid */ 1335 unsigned char smb_sig[8]; /* signiture */ 1336 uint16_t smb_tid; /* tree id # */ 1337 uint16_t smb_pid; /* caller's process id # */ 1338 uint16_t smb_uid; /* user id # */ 1339 uint16_t smb_mid; /* mutiplex id # */ 1340 unsigned char smb_wct; /* count of parameter words */ 1341 uint16_t smb_bcc; /* data byte count */ 1342 1343 /* Parameters */ 1344 struct mbuf_chain smb_vwv; /* variable width value */ 1345 1346 /* Data */ 1347 struct mbuf_chain smb_data; 1348 1349 uint16_t smb_fid; /* not in hdr, but common */ 1350 1351 unsigned char andx_com; 1352 uint16_t andx_off; 1353 1354 struct smb_tree *tid_tree; 1355 struct smb_ofile *fid_ofile; 1356 smb_user_t *uid_user; 1357 1358 union { 1359 struct tcon { 1360 char *path; 1361 char *service; 1362 int pwdlen; 1363 char *password; 1364 uint16_t flags; 1365 uint16_t optional_support; 1366 } tcon; 1367 1368 struct open_param { 1369 smb_fqi_t fqi; 1370 uint16_t omode; 1371 uint16_t oflags; 1372 uint16_t ofun; 1373 uint32_t my_flags; 1374 uint32_t timeo; 1375 uint32_t dattr; 1376 timestruc_t crtime; 1377 timestruc_t mtime; 1378 uint64_t dsize; 1379 uint32_t desired_access; 1380 uint32_t share_access; 1381 uint32_t create_options; 1382 uint32_t create_disposition; 1383 boolean_t created_readonly; 1384 uint32_t ftype, devstate; 1385 uint32_t action_taken; 1386 uint64_t fileid; 1387 uint32_t rootdirfid; 1388 /* This is only set by NTTransactCreate */ 1389 struct smb_sd *sd; 1390 } open; 1391 1392 struct dirop { 1393 smb_fqi_t fqi; 1394 smb_fqi_t dst_fqi; 1395 } dirop; 1396 1397 smb_rw_param_t *rw; 1398 uint32_t timestamp; 1399 } arg; 1400 1401 cred_t *user_cr; 1402} smb_request_t; 1403 1404#define SMB_READ_PROTOCOL(smb_nh_ptr) \ 1405 LE_IN32(((smb_nethdr_t *)(smb_nh_ptr))->sh_protocol) 1406 1407#define SMB_PROTOCOL_MAGIC_INVALID(rd_sr) \ 1408 (SMB_READ_PROTOCOL((rd_sr)->sr_request_buf) != SMB_PROTOCOL_MAGIC) 1409 1410#define SMB_READ_COMMAND(smb_nh_ptr) \ 1411 (((smb_nethdr_t *)(smb_nh_ptr))->sh_command) 1412 1413#define SMB_IS_WRITERAW(rd_sr) \ 1414 (SMB_READ_COMMAND((rd_sr)->sr_request_buf) == SMB_COM_WRITE_RAW) 1415 1416 1417#define SR_FLG_OFFSET 9 1418 1419#define MAX_TRANS_NAME 64 1420 1421#define SMB_XA_FLAG_OPEN 0x0001 1422#define SMB_XA_FLAG_CLOSE 0x0002 1423#define SMB_XA_FLAG_COMPLETE 0x0004 1424#define SMB_XA_CLOSED(xa) (!((xa)->xa_flags & SMB_XA_FLAG_OPEN)) 1425 1426#define SMB_XA_MAGIC 0x534D4258 /* 'SMBX' */ 1427 1428typedef struct smb_xa { 1429 uint32_t xa_magic; 1430 kmutex_t xa_mutex; 1431 list_node_t xa_lnd; 1432 1433 uint32_t xa_refcnt; 1434 uint32_t xa_flags; 1435 1436 struct smb_session *xa_session; 1437 1438 unsigned char smb_com; /* which TRANS type */ 1439 unsigned char smb_flg; /* flags */ 1440 uint16_t smb_flg2; /* flags */ 1441 uint16_t smb_tid; /* tree id number */ 1442 uint16_t smb_pid; /* caller's process id number */ 1443 uint16_t smb_uid; /* user id number */ 1444 uint32_t smb_func; /* NT_TRANS function */ 1445 1446 uint16_t xa_smb_mid; /* mutiplex id number */ 1447 uint16_t xa_smb_fid; /* TRANS2 secondary */ 1448 1449 unsigned int reply_seqnum; /* reply sequence number */ 1450 1451 uint32_t smb_tpscnt; /* total parameter bytes being sent */ 1452 uint32_t smb_tdscnt; /* total data bytes being sent */ 1453 uint32_t smb_mprcnt; /* max parameter bytes to return */ 1454 uint32_t smb_mdrcnt; /* max data bytes to return */ 1455 uint32_t smb_msrcnt; /* max setup words to return */ 1456 uint32_t smb_flags; /* additional information: */ 1457 /* bit 0 - if set, disconnect TID in smb_tid */ 1458 /* bit 1 - if set, transaction is one way */ 1459 /* (no final response) */ 1460 int32_t smb_timeout; /* number of milliseconds to await completion */ 1461 uint32_t smb_suwcnt; /* set up word count */ 1462 1463 1464 char *xa_smb_trans_name; 1465 1466 int req_disp_param; 1467 int req_disp_data; 1468 1469 struct mbuf_chain req_setup_mb; 1470 struct mbuf_chain req_param_mb; 1471 struct mbuf_chain req_data_mb; 1472 1473 struct mbuf_chain rep_setup_mb; 1474 struct mbuf_chain rep_param_mb; 1475 struct mbuf_chain rep_data_mb; 1476} smb_xa_t; 1477 1478 1479#define SDDF_NO_FLAGS 0 1480#define SDDF_SUPPRESS_TID 0x0001 1481#define SDDF_SUPPRESS_UID 0x0002 1482 1483/* 1484 * SMB dispatch return codes. 1485 */ 1486typedef enum { 1487 SDRC_SUCCESS = 0, 1488 SDRC_ERROR, 1489 SDRC_DROP_VC, 1490 SDRC_NO_REPLY, 1491 SDRC_SR_KEPT, 1492 SDRC_NOT_IMPLEMENTED 1493} smb_sdrc_t; 1494 1495#define VAR_BCC ((short)-1) 1496 1497#define SMB_SERVER_MAGIC 0x53534552 /* 'SSER' */ 1498 1499typedef struct { 1500 kstat_named_t open_files; 1501 kstat_named_t open_trees; 1502 kstat_named_t open_users; 1503} smb_server_stats_t; 1504 1505typedef struct { 1506 kthread_t *ld_kth; 1507 kt_did_t ld_ktdid; 1508 ksocket_t ld_so; 1509 struct sockaddr_in ld_sin; 1510 struct sockaddr_in6 ld_sin6; 1511 smb_session_list_t ld_session_list; 1512} smb_listener_daemon_t; 1513 1514typedef enum smb_server_state { 1515 SMB_SERVER_STATE_CREATED = 0, 1516 SMB_SERVER_STATE_CONFIGURED, 1517 SMB_SERVER_STATE_RUNNING, 1518 SMB_SERVER_STATE_DELETING, 1519 SMB_SERVER_STATE_SENTINEL 1520} smb_server_state_t; 1521 1522typedef struct smb_server { 1523 uint32_t sv_magic; 1524 kcondvar_t sv_cv; 1525 kmutex_t sv_mutex; 1526 list_node_t sv_lnd; 1527 smb_server_state_t sv_state; 1528 uint32_t sv_refcnt; 1529 pid_t sv_pid; 1530 zoneid_t sv_zid; 1531 smb_listener_daemon_t sv_nbt_daemon; 1532 smb_listener_daemon_t sv_tcp_daemon; 1533 krwlock_t sv_cfg_lock; 1534 smb_kmod_cfg_t sv_cfg; 1535 smb_session_t *sv_session; 1536 1537 kstat_t *sv_ksp; 1538 kmutex_t sv_ksp_mutex; 1539 char sv_ksp_name[KSTAT_STRLEN]; 1540 smb_server_stats_t sv_ks_data; 1541 1542 door_handle_t sv_lmshrd; 1543 1544 int32_t si_gmtoff; 1545 1546 smb_thread_t si_thread_timers; 1547 smb_thread_t si_thread_unexport; 1548 1549 taskq_t *sv_thread_pool; 1550 1551 kmem_cache_t *si_cache_unexport; 1552 kmem_cache_t *si_cache_vfs; 1553 kmem_cache_t *si_cache_request; 1554 kmem_cache_t *si_cache_session; 1555 kmem_cache_t *si_cache_user; 1556 kmem_cache_t *si_cache_tree; 1557 kmem_cache_t *si_cache_ofile; 1558 kmem_cache_t *si_cache_odir; 1559 kmem_cache_t *si_cache_node; 1560 1561 volatile uint32_t sv_open_trees; 1562 volatile uint32_t sv_open_files; 1563 volatile uint32_t sv_open_users; 1564 1565 smb_node_t *si_root_smb_node; 1566 smb_llist_t sv_vfs_list; 1567 smb_slist_t sv_unexport_list; 1568} smb_server_t; 1569 1570#define SMB_INFO_NETBIOS_SESSION_SVC_RUNNING 0x0001 1571#define SMB_INFO_NETBIOS_SESSION_SVC_FAILED 0x0002 1572#define SMB_INFO_USER_LEVEL_SECURITY 0x40000000 1573#define SMB_INFO_ENCRYPT_PASSWORDS 0x80000000 1574 1575#define SMB_NEW_KID() atomic_inc_64_nv(&smb_kids) 1576#define SMB_UNIQ_FID() atomic_inc_32_nv(&smb_fids) 1577 1578/* 1579 * This is to be used by Trans2SetFileInfo 1580 * and Trans2SetPathInfo 1581 */ 1582typedef struct smb_trans2_setinfo { 1583 uint16_t level; 1584 struct smb_xa *ts_xa; 1585 struct smb_node *node; 1586 char *path; 1587 char name[MAXNAMELEN]; 1588} smb_trans2_setinfo_t; 1589 1590#define SMB_IS_STREAM(node) ((node)->unnamed_stream_node) 1591 1592#ifdef DEBUG 1593extern uint_t smb_tsd_key; 1594#endif 1595 1596typedef struct smb_tsd { 1597 void (*proc)(); 1598 void *arg; 1599 char name[100]; 1600} smb_tsd_t; 1601 1602#define SMB_INVALID_AMASK -1 1603#define SMB_INVALID_SHAREMODE -1 1604#define SMB_INVALID_CRDISPOSITION -1 1605 1606typedef struct smb_dispatch_table { 1607 smb_sdrc_t (*sdt_pre_op)(smb_request_t *); 1608 smb_sdrc_t (*sdt_function)(smb_request_t *); 1609 void (*sdt_post_op)(smb_request_t *); 1610 char sdt_dialect; 1611 unsigned char sdt_flags; 1612 krw_t sdt_slock_mode; 1613 kstat_named_t sdt_dispatch_stats; /* invocations */ 1614} smb_dispatch_table_t; 1615 1616/* 1617 * Discretionary Access Control List (DACL) 1618 * 1619 * A Discretionary Access Control List (DACL), often abbreviated to 1620 * ACL, is a list of access controls which either allow or deny access 1621 * for users or groups to a resource. There is a list header followed 1622 * by a list of access control entries (ACE). Each ACE specifies the 1623 * access allowed or denied to a single user or group (identified by 1624 * a SID). 1625 * 1626 * There is another access control list object called a System Access 1627 * Control List (SACL), which is used to control auditing, but no 1628 * support is provideed for SACLs at this time. 1629 * 1630 * ACL header format: 1631 * 1632 * 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1 1633 * 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 1634 * +-------------------------------+---------------+---------------+ 1635 * | AclSize | Sbz1 | AclRevision | 1636 * +-------------------------------+---------------+---------------+ 1637 * | Sbz2 | AceCount | 1638 * +-------------------------------+-------------------------------+ 1639 * 1640 * AclRevision specifies the revision level of the ACL. This value should 1641 * be ACL_REVISION, unless the ACL contains an object-specific ACE, in which 1642 * case this value must be ACL_REVISION_DS. All ACEs in an ACL must be at the 1643 * same revision level. 1644 * 1645 * ACE header format: 1646 * 1647 * 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1 1648 * 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 1649 * +---------------+-------+-------+---------------+---------------+ 1650 * | AceSize | AceFlags | AceType | 1651 * +---------------+-------+-------+---------------+---------------+ 1652 * 1653 * Access mask format: 1654 * 1655 * 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1 1656 * 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 1657 * +---------------+---------------+-------------------------------+ 1658 * |G|G|G|G|Res'd|A| StandardRights| SpecificRights | 1659 * |R|W|E|A| |S| | | 1660 * +-+-------------+---------------+-------------------------------+ 1661 * 1662 * typedef struct ACCESS_MASK { 1663 * WORD SpecificRights; 1664 * BYTE StandardRights; 1665 * BYTE AccessSystemAcl : 1; 1666 * BYTE Reserved : 3; 1667 * BYTE GenericAll : 1; 1668 * BYTE GenericExecute : 1; 1669 * BYTE GenericWrite : 1; 1670 * BYTE GenericRead : 1; 1671 * } ACCESS_MASK; 1672 * 1673 */ 1674 1675#define ACL_REVISION1 1 1676#define ACL_REVISION2 2 1677#define MIN_ACL_REVISION2 ACL_REVISION2 1678#define ACL_REVISION3 3 1679#define ACL_REVISION4 4 1680#define MAX_ACL_REVISION ACL_REVISION4 1681 1682/* 1683 * Current ACE and ACL revision Levels 1684 */ 1685#define ACE_REVISION 1 1686#define ACL_REVISION ACL_REVISION2 1687#define ACL_REVISION_DS ACL_REVISION4 1688 1689 1690#define ACCESS_ALLOWED_ACE_TYPE 0 1691#define ACCESS_DENIED_ACE_TYPE 1 1692#define SYSTEM_AUDIT_ACE_TYPE 2 1693#define SYSTEM_ALARM_ACE_TYPE 3 1694 1695/* 1696 * se_flags 1697 * ---------- 1698 * Specifies a set of ACE type-specific control flags. This member can be a 1699 * combination of the following values. 1700 * 1701 * CONTAINER_INHERIT_ACE: Child objects that are containers, such as 1702 * directories, inherit the ACE as an effective ACE. The inherited 1703 * ACE is inheritable unless the NO_PROPAGATE_INHERIT_ACE bit flag 1704 * is also set. 1705 * 1706 * INHERIT_ONLY_ACE: Indicates an inherit-only ACE which does not control 1707 * access to the object to which it is attached. 1708 * If this flag is not set, 1709 * the ACE is an effective ACE which controls access to the object 1710 * to which it is attached. 1711 * Both effective and inherit-only ACEs can be inherited 1712 * depending on the state of the other inheritance flags. 1713 * 1714 * INHERITED_ACE: Windows 2000/XP: Indicates that the ACE was inherited. 1715 * The system sets this bit when it propagates an 1716 * inherited ACE to a child object. 1717 * 1718 * NO_PROPAGATE_INHERIT_ACE: If the ACE is inherited by a child object, the 1719 * system clears the OBJECT_INHERIT_ACE and CONTAINER_INHERIT_ACE 1720 * flags in the inherited ACE. 1721 * This prevents the ACE from being inherited by 1722 * subsequent generations of objects. 1723 * 1724 * OBJECT_INHERIT_ACE: Noncontainer child objects inherit the ACE as an 1725 * effective ACE. For child objects that are containers, 1726 * the ACE is inherited as an inherit-only ACE unless the 1727 * NO_PROPAGATE_INHERIT_ACE bit flag is also set. 1728 */ 1729#define OBJECT_INHERIT_ACE 0x01 1730#define CONTAINER_INHERIT_ACE 0x02 1731#define NO_PROPOGATE_INHERIT_ACE 0x04 1732#define INHERIT_ONLY_ACE 0x08 1733#define INHERITED_ACE 0x10 1734#define INHERIT_MASK_ACE 0x1F 1735 1736 1737/* 1738 * These flags are only used in system audit or alarm ACEs to 1739 * indicate when an audit message should be generated, i.e. 1740 * on successful access or on unsuccessful access. 1741 */ 1742#define SUCCESSFUL_ACCESS_ACE_FLAG 0x40 1743#define FAILED_ACCESS_ACE_FLAG 0x80 1744 1745/* 1746 * se_bsize is the size, in bytes, of ACE as it appears on the wire. 1747 * se_sln is used to sort the ACL when it's required. 1748 */ 1749typedef struct smb_acehdr { 1750 uint8_t se_type; 1751 uint8_t se_flags; 1752 uint16_t se_bsize; 1753} smb_acehdr_t; 1754 1755typedef struct smb_ace { 1756 smb_acehdr_t se_hdr; 1757 uint32_t se_mask; 1758 list_node_t se_sln; 1759 smb_sid_t *se_sid; 1760} smb_ace_t; 1761 1762/* 1763 * sl_bsize is the size of ACL in bytes as it appears on the wire. 1764 */ 1765typedef struct smb_acl { 1766 uint8_t sl_revision; 1767 uint16_t sl_bsize; 1768 uint16_t sl_acecnt; 1769 smb_ace_t *sl_aces; 1770 list_t sl_sorted; 1771} smb_acl_t; 1772 1773/* 1774 * ACE/ACL header size, in byte, as it appears on the wire 1775 */ 1776#define SMB_ACE_HDRSIZE 4 1777#define SMB_ACL_HDRSIZE 8 1778 1779/* 1780 * Security Descriptor (SD) 1781 * 1782 * Security descriptors provide protection for objects, for example 1783 * files and directories. It identifies the owner and primary group 1784 * (SIDs) and contains an access control list. When a user tries to 1785 * access an object his SID is compared to the permissions in the 1786 * DACL to determine if access should be allowed or denied. Note that 1787 * this is a simplification because there are other factors, such as 1788 * default behavior and privileges to be taken into account (see also 1789 * access tokens). 1790 * 1791 * The boolean flags have the following meanings when set: 1792 * 1793 * SE_OWNER_DEFAULTED indicates that the SID pointed to by the Owner 1794 * field was provided by a defaulting mechanism rather than explicitly 1795 * provided by the original provider of the security descriptor. This 1796 * may affect the treatment of the SID with respect to inheritance of 1797 * an owner. 1798 * 1799 * SE_GROUP_DEFAULTED indicates that the SID in the Group field was 1800 * provided by a defaulting mechanism rather than explicitly provided 1801 * by the original provider of the security descriptor. This may 1802 * affect the treatment of the SID with respect to inheritance of a 1803 * primary group. 1804 * 1805 * SE_DACL_PRESENT indicates that the security descriptor contains a 1806 * discretionary ACL. If this flag is set and the Dacl field of the 1807 * SECURITY_DESCRIPTOR is null, then a null ACL is explicitly being 1808 * specified. 1809 * 1810 * SE_DACL_DEFAULTED indicates that the ACL pointed to by the Dacl 1811 * field was provided by a defaulting mechanism rather than explicitly 1812 * provided by the original provider of the security descriptor. This 1813 * may affect the treatment of the ACL with respect to inheritance of 1814 * an ACL. This flag is ignored if the DaclPresent flag is not set. 1815 * 1816 * SE_SACL_PRESENT indicates that the security descriptor contains a 1817 * system ACL pointed to by the Sacl field. If this flag is set and 1818 * the Sacl field of the SECURITY_DESCRIPTOR is null, then an empty 1819 * (but present) ACL is being specified. 1820 * 1821 * SE_SACL_DEFAULTED indicates that the ACL pointed to by the Sacl 1822 * field was provided by a defaulting mechanism rather than explicitly 1823 * provided by the original provider of the security descriptor. This 1824 * may affect the treatment of the ACL with respect to inheritance of 1825 * an ACL. This flag is ignored if the SaclPresent flag is not set. 1826 * 1827 * SE_DACL_PROTECTED Prevents ACEs set on the DACL of the parent container 1828 * (and any objects above the parent container in the directory hierarchy) 1829 * from being applied to the object's DACL. 1830 * 1831 * SE_SACL_PROTECTED Prevents ACEs set on the SACL of the parent container 1832 * (and any objects above the parent container in the directory hierarchy) 1833 * from being applied to the object's SACL. 1834 * 1835 * Note that the SE_DACL_PRESENT flag needs to be present to set 1836 * SE_DACL_PROTECTED and SE_SACL_PRESENT needs to be present to set 1837 * SE_SACL_PROTECTED. 1838 * 1839 * SE_SELF_RELATIVE indicates that the security descriptor is in self- 1840 * relative form. In this form, all fields of the security descriptor 1841 * are contiguous in memory and all pointer fields are expressed as 1842 * offsets from the beginning of the security descriptor. 1843 * 1844 * 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1 1845 * 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 1846 * +---------------------------------------------------------------+ 1847 * | Control |Reserved1 (SBZ)| Revision | 1848 * +---------------------------------------------------------------+ 1849 * | Owner | 1850 * +---------------------------------------------------------------+ 1851 * | Group | 1852 * +---------------------------------------------------------------+ 1853 * | Sacl | 1854 * +---------------------------------------------------------------+ 1855 * | Dacl | 1856 * +---------------------------------------------------------------+ 1857 * 1858 */ 1859 1860#define SMB_OWNER_SECINFO 0x0001 1861#define SMB_GROUP_SECINFO 0x0002 1862#define SMB_DACL_SECINFO 0x0004 1863#define SMB_SACL_SECINFO 0x0008 1864#define SMB_ALL_SECINFO 0x000F 1865#define SMB_ACL_SECINFO (SMB_DACL_SECINFO | SMB_SACL_SECINFO) 1866 1867#define SECURITY_DESCRIPTOR_REVISION 1 1868 1869 1870#define SE_OWNER_DEFAULTED 0x0001 1871#define SE_GROUP_DEFAULTED 0x0002 1872#define SE_DACL_PRESENT 0x0004 1873#define SE_DACL_DEFAULTED 0x0008 1874#define SE_SACL_PRESENT 0x0010 1875#define SE_SACL_DEFAULTED 0x0020 1876#define SE_DACL_AUTO_INHERIT_REQ 0x0100 1877#define SE_SACL_AUTO_INHERIT_REQ 0x0200 1878#define SE_DACL_AUTO_INHERITED 0x0400 1879#define SE_SACL_AUTO_INHERITED 0x0800 1880#define SE_DACL_PROTECTED 0x1000 1881#define SE_SACL_PROTECTED 0x2000 1882#define SE_SELF_RELATIVE 0x8000 1883 1884#define SE_DACL_INHERITANCE_MASK 0x1500 1885#define SE_SACL_INHERITANCE_MASK 0x2A00 1886 1887/* 1888 * Security descriptor structures: 1889 * 1890 * smb_sd_t SD in SMB pointer form 1891 * smb_fssd_t SD in filesystem form 1892 * 1893 * Filesystems (e.g. ZFS/UFS) don't have something equivalent 1894 * to SD. The items comprising a SMB SD are kept separately in 1895 * filesystem. smb_fssd_t is introduced as a helper to provide 1896 * the required abstraction for CIFS code. 1897 */ 1898 1899typedef struct smb_sd { 1900 uint8_t sd_revision; 1901 uint16_t sd_control; 1902 smb_sid_t *sd_owner; /* SID file owner */ 1903 smb_sid_t *sd_group; /* SID group (for POSIX) */ 1904 smb_acl_t *sd_sacl; /* ACL System (audits) */ 1905 smb_acl_t *sd_dacl; /* ACL Discretionary (perm) */ 1906} smb_sd_t; 1907 1908/* 1909 * SD header size as it appears on the wire 1910 */ 1911#define SMB_SD_HDRSIZE 20 1912 1913/* 1914 * values for smb_fssd.sd_flags 1915 */ 1916#define SMB_FSSD_FLAGS_DIR 0x01 1917 1918typedef struct smb_fssd { 1919 uint32_t sd_secinfo; 1920 uint32_t sd_flags; 1921 uid_t sd_uid; 1922 gid_t sd_gid; 1923 acl_t *sd_zdacl; 1924 acl_t *sd_zsacl; 1925} smb_fssd_t; 1926 1927#ifdef __cplusplus 1928} 1929#endif 1930 1931#endif /* _SMBSRV_SMB_KTYPES_H */ 1932