Lines Matching +full:tcon +full:- +full:channel
1 // SPDX-License-Identifier: LGPL-2.1
33 struct cifs_secmech *p = &server->secmech; in smb3_crypto_shash_allocate()
35 return cifs_alloc_hash("cmac(aes)", &p->aes_cmac); in smb3_crypto_shash_allocate()
50 /* If server is a channel, select the primary channel */ in smb3_get_sign_key()
51 pserver = SERVER_IS_CHAN(server) ? server->primary_server : server; in smb3_get_sign_key()
53 list_for_each_entry(ses, &pserver->smb_ses_list, smb_ses_list) { in smb3_get_sign_key()
54 if (ses->Suid == ses_id) in smb3_get_sign_key()
60 rc = -ENOENT; in smb3_get_sign_key()
64 spin_lock(&ses->ses_lock); in smb3_get_sign_key()
65 spin_lock(&ses->chan_lock); in smb3_get_sign_key()
68 ses->ses_status == SES_GOOD); in smb3_get_sign_key()
71 * If we are in the process of binding a new channel in smb3_get_sign_key()
75 memcpy(key, ses->smb3signingkey, SMB3_SIGN_KEY_SIZE); in smb3_get_sign_key()
76 spin_unlock(&ses->chan_lock); in smb3_get_sign_key()
77 spin_unlock(&ses->ses_lock); in smb3_get_sign_key()
82 * Otherwise, use the channel key. in smb3_get_sign_key()
85 for (i = 0; i < ses->chan_count; i++) { in smb3_get_sign_key()
86 chan = ses->chans + i; in smb3_get_sign_key()
87 if (chan->server == server) { in smb3_get_sign_key()
88 memcpy(key, chan->signkey, SMB3_SIGN_KEY_SIZE); in smb3_get_sign_key()
89 spin_unlock(&ses->chan_lock); in smb3_get_sign_key()
90 spin_unlock(&ses->ses_lock); in smb3_get_sign_key()
94 spin_unlock(&ses->chan_lock); in smb3_get_sign_key()
95 spin_unlock(&ses->ses_lock); in smb3_get_sign_key()
98 "%s: Could not find channel signing key for session 0x%llx\n", in smb3_get_sign_key()
100 rc = -ENOENT; in smb3_get_sign_key()
113 /* If server is a channel, select the primary channel */ in smb2_find_smb_ses_unlocked()
114 pserver = SERVER_IS_CHAN(server) ? server->primary_server : server; in smb2_find_smb_ses_unlocked()
116 list_for_each_entry(ses, &pserver->smb_ses_list, smb_ses_list) { in smb2_find_smb_ses_unlocked()
117 if (ses->Suid != ses_id) in smb2_find_smb_ses_unlocked()
120 spin_lock(&ses->ses_lock); in smb2_find_smb_ses_unlocked()
121 if (ses->ses_status == SES_EXITING) { in smb2_find_smb_ses_unlocked()
122 spin_unlock(&ses->ses_lock); in smb2_find_smb_ses_unlocked()
126 spin_unlock(&ses->ses_lock); in smb2_find_smb_ses_unlocked()
137 int rc = -ENOENT; in smb2_get_sign_key()
140 server = server->primary_server; in smb2_get_sign_key()
143 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) { in smb2_get_sign_key()
144 if (ses->Suid != ses_id) in smb2_get_sign_key()
148 spin_lock(&ses->ses_lock); in smb2_get_sign_key()
149 switch (ses->ses_status) { in smb2_get_sign_key()
152 if (likely(ses->auth_key.response)) { in smb2_get_sign_key()
153 memcpy(key, ses->auth_key.response, in smb2_get_sign_key()
156 rc = -EIO; in smb2_get_sign_key()
160 rc = -EAGAIN; in smb2_get_sign_key()
163 spin_unlock(&ses->ses_lock); in smb2_get_sign_key()
173 struct cifs_tcon *tcon; in smb2_find_smb_sess_tcon_unlocked() local
175 list_for_each_entry(tcon, &ses->tcon_list, tcon_list) { in smb2_find_smb_sess_tcon_unlocked()
176 if (tcon->tid != tid) in smb2_find_smb_sess_tcon_unlocked()
178 ++tcon->tc_count; in smb2_find_smb_sess_tcon_unlocked()
179 trace_smb3_tcon_ref(tcon->debug_id, tcon->tc_count, in smb2_find_smb_sess_tcon_unlocked()
181 return tcon; in smb2_find_smb_sess_tcon_unlocked()
188 * Obtain tcon corresponding to the tid in the given
196 struct cifs_tcon *tcon; in smb2_find_smb_tcon() local
204 tcon = smb2_find_smb_sess_tcon_unlocked(ses, tid); in smb2_find_smb_tcon()
206 /* tcon already has a ref to ses, so we don't need ses anymore */ in smb2_find_smb_tcon()
209 return tcon; in smb2_find_smb_tcon()
218 struct kvec *iov = rqst->rq_iov; in smb2_calc_signature()
222 __u64 sid = le64_to_cpu(shdr->SessionId); in smb2_calc_signature()
233 memset(shdr->Signature, 0x0, SMB2_SIGNATURE_SIZE); in smb2_calc_signature()
241 * Sign the rfc1002 length prior to passing the data (iov[1-N]) down to in smb2_calc_signature()
248 drqst.rq_nvec--; in smb2_calc_signature()
255 memcpy(shdr->Signature, smb2_signature, SMB2_SIGNATURE_SIZE); in smb2_calc_signature()
269 struct TCP_Server_Info *server = ses->server; in generate_key()
281 hmac_sha256_init_usingrawkey(&hmac_ctx, ses->auth_key.response, in generate_key()
288 if ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) || in generate_key()
289 (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) { in generate_key()
320 spin_lock(&ses->ses_lock); in generate_smb3signingkey()
321 spin_lock(&ses->chan_lock); in generate_smb3signingkey()
323 ses->ses_status == SES_GOOD); in generate_smb3signingkey()
327 spin_unlock(&ses->chan_lock); in generate_smb3signingkey()
328 spin_unlock(&ses->ses_lock); in generate_smb3signingkey()
330 return -EINVAL; in generate_smb3signingkey()
333 spin_unlock(&ses->chan_lock); in generate_smb3signingkey()
334 spin_unlock(&ses->ses_lock); in generate_smb3signingkey()
340 * When we generate the keys, check if it is for a new channel in generate_smb3signingkey()
342 * key and store it in the channel as to not overwrite the in generate_smb3signingkey()
347 rc = generate_key(ses, ptriplet->signing.label, in generate_smb3signingkey()
348 ptriplet->signing.context, in generate_smb3signingkey()
349 ses->chans[chan_index].signkey, in generate_smb3signingkey()
354 rc = generate_key(ses, ptriplet->signing.label, in generate_smb3signingkey()
355 ptriplet->signing.context, in generate_smb3signingkey()
356 ses->smb3signingkey, in generate_smb3signingkey()
361 /* safe to access primary channel, since it will never go away */ in generate_smb3signingkey()
362 spin_lock(&ses->chan_lock); in generate_smb3signingkey()
363 memcpy(ses->chans[chan_index].signkey, ses->smb3signingkey, in generate_smb3signingkey()
365 spin_unlock(&ses->chan_lock); in generate_smb3signingkey()
367 rc = generate_key(ses, ptriplet->encryption.label, in generate_smb3signingkey()
368 ptriplet->encryption.context, in generate_smb3signingkey()
369 ses->smb3encryptionkey, in generate_smb3signingkey()
373 rc = generate_key(ses, ptriplet->decryption.label, in generate_smb3signingkey()
374 ptriplet->decryption.context, in generate_smb3signingkey()
375 ses->smb3decryptionkey, in generate_smb3signingkey()
387 cifs_dbg(VFS, "Session Id %*ph\n", (int)sizeof(ses->Suid), in generate_smb3signingkey()
388 &ses->Suid); in generate_smb3signingkey()
389 cifs_dbg(VFS, "Cipher type %d\n", server->cipher_type); in generate_smb3signingkey()
391 SMB2_NTLMV2_SESSKEY_SIZE, ses->auth_key.response); in generate_smb3signingkey()
393 SMB3_SIGN_KEY_SIZE, ses->smb3signingkey); in generate_smb3signingkey()
394 if ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) || in generate_smb3signingkey()
395 (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) { in generate_smb3signingkey()
397 SMB3_GCM256_CRYPTKEY_SIZE, ses->smb3encryptionkey); in generate_smb3signingkey()
399 SMB3_GCM256_CRYPTKEY_SIZE, ses->smb3decryptionkey); in generate_smb3signingkey()
402 SMB3_GCM128_CRYPTKEY_SIZE, ses->smb3encryptionkey); in generate_smb3signingkey()
404 SMB3_GCM128_CRYPTKEY_SIZE, ses->smb3decryptionkey); in generate_smb3signingkey()
419 d->label.iov_base = "SMB2AESCMAC"; in generate_smb30signingkey()
420 d->label.iov_len = 12; in generate_smb30signingkey()
421 d->context.iov_base = "SmbSign"; in generate_smb30signingkey()
422 d->context.iov_len = 8; in generate_smb30signingkey()
425 d->label.iov_base = "SMB2AESCCM"; in generate_smb30signingkey()
426 d->label.iov_len = 11; in generate_smb30signingkey()
427 d->context.iov_base = "ServerIn "; in generate_smb30signingkey()
428 d->context.iov_len = 10; in generate_smb30signingkey()
431 d->label.iov_base = "SMB2AESCCM"; in generate_smb30signingkey()
432 d->label.iov_len = 11; in generate_smb30signingkey()
433 d->context.iov_base = "ServerOut"; in generate_smb30signingkey()
434 d->context.iov_len = 10; in generate_smb30signingkey()
448 d->label.iov_base = "SMBSigningKey"; in generate_smb311signingkey()
449 d->label.iov_len = 14; in generate_smb311signingkey()
450 d->context.iov_base = ses->preauth_sha_hash; in generate_smb311signingkey()
451 d->context.iov_len = 64; in generate_smb311signingkey()
454 d->label.iov_base = "SMBC2SCipherKey"; in generate_smb311signingkey()
455 d->label.iov_len = 16; in generate_smb311signingkey()
456 d->context.iov_base = ses->preauth_sha_hash; in generate_smb311signingkey()
457 d->context.iov_len = 64; in generate_smb311signingkey()
460 d->label.iov_base = "SMBS2CCipherKey"; in generate_smb311signingkey()
461 d->label.iov_len = 16; in generate_smb311signingkey()
462 d->context.iov_base = ses->preauth_sha_hash; in generate_smb311signingkey()
463 d->context.iov_len = 64; in generate_smb311signingkey()
474 struct kvec *iov = rqst->rq_iov; in smb3_calc_signature()
480 if (server->vals->protocol_id <= SMB21_PROT_ID) in smb3_calc_signature()
483 rc = smb3_get_sign_key(le64_to_cpu(shdr->SessionId), server, key); in smb3_calc_signature()
494 shash = server->secmech.aes_cmac; in smb3_calc_signature()
498 memset(shdr->Signature, 0x0, SMB2_SIGNATURE_SIZE); in smb3_calc_signature()
500 rc = crypto_shash_setkey(shash->tfm, key, SMB2_CMACAES_SIZE); in smb3_calc_signature()
521 * Sign the rfc1002 length prior to passing the data (iov[1-N]) down to in smb3_calc_signature()
534 drqst.rq_nvec--; in smb3_calc_signature()
541 memcpy(shdr->Signature, smb3_signature, SMB2_SIGNATURE_SIZE); in smb3_calc_signature()
549 /* must be called with server->srv_mutex held */
558 shdr = (struct smb2_hdr *)rqst->rq_iov[0].iov_base; in smb2_sign_rqst()
561 is_binding = shdr->Command == SMB2_SESSION_SETUP && in smb2_sign_rqst()
562 (ssr->Flags & SMB2_SESSION_REQ_FLAG_BINDING); in smb2_sign_rqst()
563 is_signed = shdr->Flags & SMB2_FLAGS_SIGNED; in smb2_sign_rqst()
567 spin_lock(&server->srv_lock); in smb2_sign_rqst()
568 if (server->ops->need_neg && in smb2_sign_rqst()
569 server->ops->need_neg(server)) { in smb2_sign_rqst()
570 spin_unlock(&server->srv_lock); in smb2_sign_rqst()
573 spin_unlock(&server->srv_lock); in smb2_sign_rqst()
574 if (!is_binding && !server->session_estab) { in smb2_sign_rqst()
575 strscpy(shdr->Signature, "BSRSPYL"); in smb2_sign_rqst()
588 (struct smb2_hdr *)rqst->rq_iov[0].iov_base; in smb2_verify_signature()
590 if ((shdr->Command == SMB2_NEGOTIATE) || in smb2_verify_signature()
591 (shdr->Command == SMB2_SESSION_SETUP) || in smb2_verify_signature()
592 (shdr->Command == SMB2_OPLOCK_BREAK) || in smb2_verify_signature()
593 server->ignore_signature || in smb2_verify_signature()
594 (!server->session_estab)) in smb2_verify_signature()
603 if (memcmp(shdr->Signature, "BSRSPYL ", 8) == 0) in smb2_verify_signature()
605 shdr->Command); in smb2_verify_signature()
611 memcpy(server_response_sig, shdr->Signature, SMB2_SIGNATURE_SIZE); in smb2_verify_signature()
613 memset(shdr->Signature, 0, SMB2_SIGNATURE_SIZE); in smb2_verify_signature()
620 if (memcmp(server_response_sig, shdr->Signature, SMB2_SIGNATURE_SIZE)) { in smb2_verify_signature()
622 shdr->Command, shdr->MessageId); in smb2_verify_signature()
623 return -EACCES; in smb2_verify_signature()
636 unsigned int i, num = le16_to_cpu(shdr->CreditCharge); in smb2_seq_num_into_buf()
638 shdr->MessageId = get_next_mid64(server); in smb2_seq_num_into_buf()
649 unsigned int credits = le16_to_cpu(shdr->CreditCharge); in smb2_mid_entry_alloc()
658 kref_init(&temp->refcount); in smb2_mid_entry_alloc()
659 spin_lock_init(&temp->mid_lock); in smb2_mid_entry_alloc()
660 temp->mid = le64_to_cpu(shdr->MessageId); in smb2_mid_entry_alloc()
661 temp->credits = credits > 0 ? credits : 1; in smb2_mid_entry_alloc()
662 temp->pid = current->pid; in smb2_mid_entry_alloc()
663 temp->command = shdr->Command; /* Always LE */ in smb2_mid_entry_alloc()
664 temp->when_alloc = jiffies; in smb2_mid_entry_alloc()
665 temp->server = server; in smb2_mid_entry_alloc()
672 temp->creator = current; in smb2_mid_entry_alloc()
673 temp->callback = cifs_wake_up_task; in smb2_mid_entry_alloc()
674 temp->callback_data = current; in smb2_mid_entry_alloc()
677 temp->mid_state = MID_REQUEST_ALLOCATED; in smb2_mid_entry_alloc()
678 trace_smb3_cmd_enter(le32_to_cpu(shdr->Id.SyncId.TreeId), in smb2_mid_entry_alloc()
679 le64_to_cpu(shdr->SessionId), in smb2_mid_entry_alloc()
680 le16_to_cpu(shdr->Command), temp->mid); in smb2_mid_entry_alloc()
688 spin_lock(&server->srv_lock); in smb2_get_mid_entry()
689 if (server->tcpStatus == CifsExiting) { in smb2_get_mid_entry()
690 spin_unlock(&server->srv_lock); in smb2_get_mid_entry()
691 return -ENOENT; in smb2_get_mid_entry()
694 if (server->tcpStatus == CifsNeedReconnect) { in smb2_get_mid_entry()
695 spin_unlock(&server->srv_lock); in smb2_get_mid_entry()
696 cifs_dbg(FYI, "tcp session dead - return to caller to retry\n"); in smb2_get_mid_entry()
697 return -EAGAIN; in smb2_get_mid_entry()
700 if (server->tcpStatus == CifsNeedNegotiate && in smb2_get_mid_entry()
701 shdr->Command != SMB2_NEGOTIATE) { in smb2_get_mid_entry()
702 spin_unlock(&server->srv_lock); in smb2_get_mid_entry()
703 return -EAGAIN; in smb2_get_mid_entry()
705 spin_unlock(&server->srv_lock); in smb2_get_mid_entry()
707 spin_lock(&ses->ses_lock); in smb2_get_mid_entry()
708 if (ses->ses_status == SES_NEW) { in smb2_get_mid_entry()
709 if ((shdr->Command != SMB2_SESSION_SETUP) && in smb2_get_mid_entry()
710 (shdr->Command != SMB2_NEGOTIATE)) { in smb2_get_mid_entry()
711 spin_unlock(&ses->ses_lock); in smb2_get_mid_entry()
712 return -EAGAIN; in smb2_get_mid_entry()
714 /* else ok - we are setting up session */ in smb2_get_mid_entry()
717 if (ses->ses_status == SES_EXITING) { in smb2_get_mid_entry()
718 if (shdr->Command != SMB2_LOGOFF) { in smb2_get_mid_entry()
719 spin_unlock(&ses->ses_lock); in smb2_get_mid_entry()
720 return -EAGAIN; in smb2_get_mid_entry()
722 /* else ok - we are shutting down the session */ in smb2_get_mid_entry()
724 spin_unlock(&ses->ses_lock); in smb2_get_mid_entry()
728 return -ENOMEM; in smb2_get_mid_entry()
729 spin_lock(&server->mid_queue_lock); in smb2_get_mid_entry()
730 list_add_tail(&(*mid)->qhead, &server->pending_mid_q); in smb2_get_mid_entry()
731 spin_unlock(&server->mid_queue_lock); in smb2_get_mid_entry()
740 unsigned int len = mid->resp_buf_size; in smb2_check_receive()
745 iov[0].iov_base = (char *)mid->resp_buf; in smb2_check_receive()
748 dump_smb(mid->resp_buf, min_t(u32, 80, len)); in smb2_check_receive()
750 if (len > 24 && server->sign && !mid->decrypted) { in smb2_check_receive()
759 return map_smb2_to_linux_error(mid->resp_buf, log_error); in smb2_check_receive()
768 (struct smb2_hdr *)rqst->rq_iov[0].iov_base; in smb2_setup_request()
794 (struct smb2_hdr *)rqst->rq_iov[0].iov_base; in smb2_setup_async_request()
797 spin_lock(&server->srv_lock); in smb2_setup_async_request()
798 if (server->tcpStatus == CifsNeedNegotiate && in smb2_setup_async_request()
799 shdr->Command != SMB2_NEGOTIATE) { in smb2_setup_async_request()
800 spin_unlock(&server->srv_lock); in smb2_setup_async_request()
801 return ERR_PTR(-EAGAIN); in smb2_setup_async_request()
803 spin_unlock(&server->srv_lock); in smb2_setup_async_request()
810 return ERR_PTR(-ENOMEM); in smb2_setup_async_request()
828 if (!server->secmech.enc) { in smb3_crypto_aead_allocate()
829 if ((server->cipher_type == SMB2_ENCRYPTION_AES128_GCM) || in smb3_crypto_aead_allocate()
830 (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) in smb3_crypto_aead_allocate()
839 server->secmech.enc = tfm; in smb3_crypto_aead_allocate()
842 if (!server->secmech.dec) { in smb3_crypto_aead_allocate()
843 if ((server->cipher_type == SMB2_ENCRYPTION_AES128_GCM) || in smb3_crypto_aead_allocate()
844 (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) in smb3_crypto_aead_allocate()
849 crypto_free_aead(server->secmech.enc); in smb3_crypto_aead_allocate()
850 server->secmech.enc = NULL; in smb3_crypto_aead_allocate()
855 server->secmech.dec = tfm; in smb3_crypto_aead_allocate()