1 // SPDX-License-Identifier: LGPL-2.1 2 /* 3 * 4 * Copyright (C) International Business Machines Corp., 2002, 2011 5 * Etersoft, 2012 6 * Author(s): Steve French (sfrench@us.ibm.com) 7 * Jeremy Allison (jra@samba.org) 2006 8 * Pavel Shilovsky (pshilovsky@samba.org) 2012 9 * 10 */ 11 12 #include <linux/fs.h> 13 #include <linux/list.h> 14 #include <linux/wait.h> 15 #include <linux/net.h> 16 #include <linux/delay.h> 17 #include <linux/uaccess.h> 18 #include <asm/processor.h> 19 #include <linux/mempool.h> 20 #include <linux/highmem.h> 21 #include <crypto/aead.h> 22 #include "cifsglob.h" 23 #include "cifsproto.h" 24 #include "smb2proto.h" 25 #include "cifs_debug.h" 26 #include "../common/smb2status.h" 27 #include "smb2glob.h" 28 29 static int 30 smb3_crypto_shash_allocate(struct TCP_Server_Info *server) 31 { 32 struct cifs_secmech *p = &server->secmech; 33 int rc; 34 35 rc = cifs_alloc_hash("hmac(sha256)", &p->hmacsha256); 36 if (rc) 37 goto err; 38 39 rc = cifs_alloc_hash("cmac(aes)", &p->aes_cmac); 40 if (rc) 41 goto err; 42 43 return 0; 44 err: 45 cifs_free_hash(&p->hmacsha256); 46 return rc; 47 } 48 49 int 50 smb311_crypto_shash_allocate(struct TCP_Server_Info *server) 51 { 52 struct cifs_secmech *p = &server->secmech; 53 int rc = 0; 54 55 rc = cifs_alloc_hash("hmac(sha256)", &p->hmacsha256); 56 if (rc) 57 return rc; 58 59 rc = cifs_alloc_hash("cmac(aes)", &p->aes_cmac); 60 if (rc) 61 goto err; 62 63 rc = cifs_alloc_hash("sha512", &p->sha512); 64 if (rc) 65 goto err; 66 67 return 0; 68 69 err: 70 cifs_free_hash(&p->aes_cmac); 71 cifs_free_hash(&p->hmacsha256); 72 return rc; 73 } 74 75 76 static 77 int smb3_get_sign_key(__u64 ses_id, struct TCP_Server_Info *server, u8 *key) 78 { 79 struct cifs_chan *chan; 80 struct TCP_Server_Info *pserver; 81 struct cifs_ses *ses = NULL; 82 int i; 83 int rc = 0; 84 bool is_binding = false; 85 86 spin_lock(&cifs_tcp_ses_lock); 87 88 /* If server is a channel, select the primary channel */ 89 pserver = SERVER_IS_CHAN(server) ? server->primary_server : server; 90 91 list_for_each_entry(ses, &pserver->smb_ses_list, smb_ses_list) { 92 if (ses->Suid == ses_id) 93 goto found; 94 } 95 trace_smb3_ses_not_found(ses_id); 96 cifs_server_dbg(FYI, "%s: Could not find session 0x%llx\n", 97 __func__, ses_id); 98 rc = -ENOENT; 99 goto out; 100 101 found: 102 spin_lock(&ses->ses_lock); 103 spin_lock(&ses->chan_lock); 104 105 is_binding = (cifs_chan_needs_reconnect(ses, server) && 106 ses->ses_status == SES_GOOD); 107 if (is_binding) { 108 /* 109 * If we are in the process of binding a new channel 110 * to an existing session, use the master connection 111 * session key 112 */ 113 memcpy(key, ses->smb3signingkey, SMB3_SIGN_KEY_SIZE); 114 spin_unlock(&ses->chan_lock); 115 spin_unlock(&ses->ses_lock); 116 goto out; 117 } 118 119 /* 120 * Otherwise, use the channel key. 121 */ 122 123 for (i = 0; i < ses->chan_count; i++) { 124 chan = ses->chans + i; 125 if (chan->server == server) { 126 memcpy(key, chan->signkey, SMB3_SIGN_KEY_SIZE); 127 spin_unlock(&ses->chan_lock); 128 spin_unlock(&ses->ses_lock); 129 goto out; 130 } 131 } 132 spin_unlock(&ses->chan_lock); 133 spin_unlock(&ses->ses_lock); 134 135 cifs_dbg(VFS, 136 "%s: Could not find channel signing key for session 0x%llx\n", 137 __func__, ses_id); 138 rc = -ENOENT; 139 140 out: 141 spin_unlock(&cifs_tcp_ses_lock); 142 return rc; 143 } 144 145 static struct cifs_ses * 146 smb2_find_smb_ses_unlocked(struct TCP_Server_Info *server, __u64 ses_id) 147 { 148 struct TCP_Server_Info *pserver; 149 struct cifs_ses *ses; 150 151 /* If server is a channel, select the primary channel */ 152 pserver = SERVER_IS_CHAN(server) ? server->primary_server : server; 153 154 list_for_each_entry(ses, &pserver->smb_ses_list, smb_ses_list) { 155 if (ses->Suid != ses_id) 156 continue; 157 158 spin_lock(&ses->ses_lock); 159 if (ses->ses_status == SES_EXITING) { 160 spin_unlock(&ses->ses_lock); 161 continue; 162 } 163 cifs_smb_ses_inc_refcount(ses); 164 spin_unlock(&ses->ses_lock); 165 return ses; 166 } 167 168 return NULL; 169 } 170 171 static int smb2_get_sign_key(struct TCP_Server_Info *server, 172 __u64 ses_id, u8 *key) 173 { 174 struct cifs_ses *ses; 175 int rc = -ENOENT; 176 177 if (SERVER_IS_CHAN(server)) 178 server = server->primary_server; 179 180 spin_lock(&cifs_tcp_ses_lock); 181 list_for_each_entry(ses, &server->smb_ses_list, smb_ses_list) { 182 if (ses->Suid != ses_id) 183 continue; 184 185 rc = 0; 186 spin_lock(&ses->ses_lock); 187 switch (ses->ses_status) { 188 case SES_EXITING: /* SMB2_LOGOFF */ 189 case SES_GOOD: 190 if (likely(ses->auth_key.response)) { 191 memcpy(key, ses->auth_key.response, 192 SMB2_NTLMV2_SESSKEY_SIZE); 193 } else { 194 rc = -EIO; 195 } 196 break; 197 default: 198 rc = -EAGAIN; 199 break; 200 } 201 spin_unlock(&ses->ses_lock); 202 break; 203 } 204 spin_unlock(&cifs_tcp_ses_lock); 205 return rc; 206 } 207 208 static struct cifs_tcon * 209 smb2_find_smb_sess_tcon_unlocked(struct cifs_ses *ses, __u32 tid) 210 { 211 struct cifs_tcon *tcon; 212 213 list_for_each_entry(tcon, &ses->tcon_list, tcon_list) { 214 if (tcon->tid != tid) 215 continue; 216 ++tcon->tc_count; 217 trace_smb3_tcon_ref(tcon->debug_id, tcon->tc_count, 218 netfs_trace_tcon_ref_get_find_sess_tcon); 219 return tcon; 220 } 221 222 return NULL; 223 } 224 225 /* 226 * Obtain tcon corresponding to the tid in the given 227 * cifs_ses 228 */ 229 230 struct cifs_tcon * 231 smb2_find_smb_tcon(struct TCP_Server_Info *server, __u64 ses_id, __u32 tid) 232 { 233 struct cifs_ses *ses; 234 struct cifs_tcon *tcon; 235 236 spin_lock(&cifs_tcp_ses_lock); 237 ses = smb2_find_smb_ses_unlocked(server, ses_id); 238 if (!ses) { 239 spin_unlock(&cifs_tcp_ses_lock); 240 return NULL; 241 } 242 tcon = smb2_find_smb_sess_tcon_unlocked(ses, tid); 243 if (!tcon) { 244 spin_unlock(&cifs_tcp_ses_lock); 245 cifs_put_smb_ses(ses); 246 return NULL; 247 } 248 spin_unlock(&cifs_tcp_ses_lock); 249 /* tcon already has a ref to ses, so we don't need ses anymore */ 250 cifs_put_smb_ses(ses); 251 252 return tcon; 253 } 254 255 int 256 smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server, 257 bool allocate_crypto) 258 { 259 int rc; 260 unsigned char smb2_signature[SMB2_HMACSHA256_SIZE]; 261 unsigned char *sigptr = smb2_signature; 262 struct kvec *iov = rqst->rq_iov; 263 struct smb2_hdr *shdr = (struct smb2_hdr *)iov[0].iov_base; 264 struct shash_desc *shash = NULL; 265 struct smb_rqst drqst; 266 __u64 sid = le64_to_cpu(shdr->SessionId); 267 u8 key[SMB2_NTLMV2_SESSKEY_SIZE]; 268 269 rc = smb2_get_sign_key(server, sid, key); 270 if (unlikely(rc)) { 271 cifs_server_dbg(FYI, "%s: [sesid=0x%llx] couldn't find signing key: %d\n", 272 __func__, sid, rc); 273 return rc; 274 } 275 276 memset(smb2_signature, 0x0, SMB2_HMACSHA256_SIZE); 277 memset(shdr->Signature, 0x0, SMB2_SIGNATURE_SIZE); 278 279 if (allocate_crypto) { 280 rc = cifs_alloc_hash("hmac(sha256)", &shash); 281 if (rc) { 282 cifs_server_dbg(VFS, 283 "%s: sha256 alloc failed\n", __func__); 284 goto out; 285 } 286 } else { 287 shash = server->secmech.hmacsha256; 288 } 289 290 rc = crypto_shash_setkey(shash->tfm, key, sizeof(key)); 291 if (rc) { 292 cifs_server_dbg(VFS, 293 "%s: Could not update with response\n", 294 __func__); 295 goto out; 296 } 297 298 rc = crypto_shash_init(shash); 299 if (rc) { 300 cifs_server_dbg(VFS, "%s: Could not init sha256", __func__); 301 goto out; 302 } 303 304 /* 305 * For SMB2+, __cifs_calc_signature() expects to sign only the actual 306 * data, that is, iov[0] should not contain a rfc1002 length. 307 * 308 * Sign the rfc1002 length prior to passing the data (iov[1-N]) down to 309 * __cifs_calc_signature(). 310 */ 311 drqst = *rqst; 312 if (drqst.rq_nvec >= 2 && iov[0].iov_len == 4) { 313 rc = crypto_shash_update(shash, iov[0].iov_base, 314 iov[0].iov_len); 315 if (rc) { 316 cifs_server_dbg(VFS, 317 "%s: Could not update with payload\n", 318 __func__); 319 goto out; 320 } 321 drqst.rq_iov++; 322 drqst.rq_nvec--; 323 } 324 325 rc = __cifs_calc_signature(&drqst, server, sigptr, shash); 326 if (!rc) 327 memcpy(shdr->Signature, sigptr, SMB2_SIGNATURE_SIZE); 328 329 out: 330 if (allocate_crypto) 331 cifs_free_hash(&shash); 332 return rc; 333 } 334 335 static int generate_key(struct cifs_ses *ses, struct kvec label, 336 struct kvec context, __u8 *key, unsigned int key_size) 337 { 338 unsigned char zero = 0x0; 339 __u8 i[4] = {0, 0, 0, 1}; 340 __u8 L128[4] = {0, 0, 0, 128}; 341 __u8 L256[4] = {0, 0, 1, 0}; 342 int rc = 0; 343 unsigned char prfhash[SMB2_HMACSHA256_SIZE]; 344 unsigned char *hashptr = prfhash; 345 struct TCP_Server_Info *server = ses->server; 346 347 memset(prfhash, 0x0, SMB2_HMACSHA256_SIZE); 348 memset(key, 0x0, key_size); 349 350 rc = smb3_crypto_shash_allocate(server); 351 if (rc) { 352 cifs_server_dbg(VFS, "%s: crypto alloc failed\n", __func__); 353 goto smb3signkey_ret; 354 } 355 356 rc = crypto_shash_setkey(server->secmech.hmacsha256->tfm, 357 ses->auth_key.response, SMB2_NTLMV2_SESSKEY_SIZE); 358 if (rc) { 359 cifs_server_dbg(VFS, "%s: Could not set with session key\n", __func__); 360 goto smb3signkey_ret; 361 } 362 363 rc = crypto_shash_init(server->secmech.hmacsha256); 364 if (rc) { 365 cifs_server_dbg(VFS, "%s: Could not init sign hmac\n", __func__); 366 goto smb3signkey_ret; 367 } 368 369 rc = crypto_shash_update(server->secmech.hmacsha256, i, 4); 370 if (rc) { 371 cifs_server_dbg(VFS, "%s: Could not update with n\n", __func__); 372 goto smb3signkey_ret; 373 } 374 375 rc = crypto_shash_update(server->secmech.hmacsha256, label.iov_base, label.iov_len); 376 if (rc) { 377 cifs_server_dbg(VFS, "%s: Could not update with label\n", __func__); 378 goto smb3signkey_ret; 379 } 380 381 rc = crypto_shash_update(server->secmech.hmacsha256, &zero, 1); 382 if (rc) { 383 cifs_server_dbg(VFS, "%s: Could not update with zero\n", __func__); 384 goto smb3signkey_ret; 385 } 386 387 rc = crypto_shash_update(server->secmech.hmacsha256, context.iov_base, context.iov_len); 388 if (rc) { 389 cifs_server_dbg(VFS, "%s: Could not update with context\n", __func__); 390 goto smb3signkey_ret; 391 } 392 393 if ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) || 394 (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) { 395 rc = crypto_shash_update(server->secmech.hmacsha256, L256, 4); 396 } else { 397 rc = crypto_shash_update(server->secmech.hmacsha256, L128, 4); 398 } 399 if (rc) { 400 cifs_server_dbg(VFS, "%s: Could not update with L\n", __func__); 401 goto smb3signkey_ret; 402 } 403 404 rc = crypto_shash_final(server->secmech.hmacsha256, hashptr); 405 if (rc) { 406 cifs_server_dbg(VFS, "%s: Could not generate sha256 hash\n", __func__); 407 goto smb3signkey_ret; 408 } 409 410 memcpy(key, hashptr, key_size); 411 412 smb3signkey_ret: 413 return rc; 414 } 415 416 struct derivation { 417 struct kvec label; 418 struct kvec context; 419 }; 420 421 struct derivation_triplet { 422 struct derivation signing; 423 struct derivation encryption; 424 struct derivation decryption; 425 }; 426 427 static int 428 generate_smb3signingkey(struct cifs_ses *ses, 429 struct TCP_Server_Info *server, 430 const struct derivation_triplet *ptriplet) 431 { 432 int rc; 433 bool is_binding = false; 434 int chan_index = 0; 435 436 spin_lock(&ses->ses_lock); 437 spin_lock(&ses->chan_lock); 438 is_binding = (cifs_chan_needs_reconnect(ses, server) && 439 ses->ses_status == SES_GOOD); 440 441 chan_index = cifs_ses_get_chan_index(ses, server); 442 if (chan_index == CIFS_INVAL_CHAN_INDEX) { 443 spin_unlock(&ses->chan_lock); 444 spin_unlock(&ses->ses_lock); 445 446 return -EINVAL; 447 } 448 449 spin_unlock(&ses->chan_lock); 450 spin_unlock(&ses->ses_lock); 451 452 /* 453 * All channels use the same encryption/decryption keys but 454 * they have their own signing key. 455 * 456 * When we generate the keys, check if it is for a new channel 457 * (binding) in which case we only need to generate a signing 458 * key and store it in the channel as to not overwrite the 459 * master connection signing key stored in the session 460 */ 461 462 if (is_binding) { 463 rc = generate_key(ses, ptriplet->signing.label, 464 ptriplet->signing.context, 465 ses->chans[chan_index].signkey, 466 SMB3_SIGN_KEY_SIZE); 467 if (rc) 468 return rc; 469 } else { 470 rc = generate_key(ses, ptriplet->signing.label, 471 ptriplet->signing.context, 472 ses->smb3signingkey, 473 SMB3_SIGN_KEY_SIZE); 474 if (rc) 475 return rc; 476 477 /* safe to access primary channel, since it will never go away */ 478 spin_lock(&ses->chan_lock); 479 memcpy(ses->chans[chan_index].signkey, ses->smb3signingkey, 480 SMB3_SIGN_KEY_SIZE); 481 spin_unlock(&ses->chan_lock); 482 483 rc = generate_key(ses, ptriplet->encryption.label, 484 ptriplet->encryption.context, 485 ses->smb3encryptionkey, 486 SMB3_ENC_DEC_KEY_SIZE); 487 if (rc) 488 return rc; 489 rc = generate_key(ses, ptriplet->decryption.label, 490 ptriplet->decryption.context, 491 ses->smb3decryptionkey, 492 SMB3_ENC_DEC_KEY_SIZE); 493 if (rc) 494 return rc; 495 } 496 497 #ifdef CONFIG_CIFS_DEBUG_DUMP_KEYS 498 cifs_dbg(VFS, "%s: dumping generated AES session keys\n", __func__); 499 /* 500 * The session id is opaque in terms of endianness, so we can't 501 * print it as a long long. we dump it as we got it on the wire 502 */ 503 cifs_dbg(VFS, "Session Id %*ph\n", (int)sizeof(ses->Suid), 504 &ses->Suid); 505 cifs_dbg(VFS, "Cipher type %d\n", server->cipher_type); 506 cifs_dbg(VFS, "Session Key %*ph\n", 507 SMB2_NTLMV2_SESSKEY_SIZE, ses->auth_key.response); 508 cifs_dbg(VFS, "Signing Key %*ph\n", 509 SMB3_SIGN_KEY_SIZE, ses->smb3signingkey); 510 if ((server->cipher_type == SMB2_ENCRYPTION_AES256_CCM) || 511 (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) { 512 cifs_dbg(VFS, "ServerIn Key %*ph\n", 513 SMB3_GCM256_CRYPTKEY_SIZE, ses->smb3encryptionkey); 514 cifs_dbg(VFS, "ServerOut Key %*ph\n", 515 SMB3_GCM256_CRYPTKEY_SIZE, ses->smb3decryptionkey); 516 } else { 517 cifs_dbg(VFS, "ServerIn Key %*ph\n", 518 SMB3_GCM128_CRYPTKEY_SIZE, ses->smb3encryptionkey); 519 cifs_dbg(VFS, "ServerOut Key %*ph\n", 520 SMB3_GCM128_CRYPTKEY_SIZE, ses->smb3decryptionkey); 521 } 522 #endif 523 return rc; 524 } 525 526 int 527 generate_smb30signingkey(struct cifs_ses *ses, 528 struct TCP_Server_Info *server) 529 530 { 531 struct derivation_triplet triplet; 532 struct derivation *d; 533 534 d = &triplet.signing; 535 d->label.iov_base = "SMB2AESCMAC"; 536 d->label.iov_len = 12; 537 d->context.iov_base = "SmbSign"; 538 d->context.iov_len = 8; 539 540 d = &triplet.encryption; 541 d->label.iov_base = "SMB2AESCCM"; 542 d->label.iov_len = 11; 543 d->context.iov_base = "ServerIn "; 544 d->context.iov_len = 10; 545 546 d = &triplet.decryption; 547 d->label.iov_base = "SMB2AESCCM"; 548 d->label.iov_len = 11; 549 d->context.iov_base = "ServerOut"; 550 d->context.iov_len = 10; 551 552 return generate_smb3signingkey(ses, server, &triplet); 553 } 554 555 int 556 generate_smb311signingkey(struct cifs_ses *ses, 557 struct TCP_Server_Info *server) 558 559 { 560 struct derivation_triplet triplet; 561 struct derivation *d; 562 563 d = &triplet.signing; 564 d->label.iov_base = "SMBSigningKey"; 565 d->label.iov_len = 14; 566 d->context.iov_base = ses->preauth_sha_hash; 567 d->context.iov_len = 64; 568 569 d = &triplet.encryption; 570 d->label.iov_base = "SMBC2SCipherKey"; 571 d->label.iov_len = 16; 572 d->context.iov_base = ses->preauth_sha_hash; 573 d->context.iov_len = 64; 574 575 d = &triplet.decryption; 576 d->label.iov_base = "SMBS2CCipherKey"; 577 d->label.iov_len = 16; 578 d->context.iov_base = ses->preauth_sha_hash; 579 d->context.iov_len = 64; 580 581 return generate_smb3signingkey(ses, server, &triplet); 582 } 583 584 int 585 smb3_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server, 586 bool allocate_crypto) 587 { 588 int rc; 589 unsigned char smb3_signature[SMB2_CMACAES_SIZE]; 590 unsigned char *sigptr = smb3_signature; 591 struct kvec *iov = rqst->rq_iov; 592 struct smb2_hdr *shdr = (struct smb2_hdr *)iov[0].iov_base; 593 struct shash_desc *shash = NULL; 594 struct smb_rqst drqst; 595 u8 key[SMB3_SIGN_KEY_SIZE]; 596 597 rc = smb3_get_sign_key(le64_to_cpu(shdr->SessionId), server, key); 598 if (unlikely(rc)) { 599 cifs_server_dbg(FYI, "%s: Could not get signing key\n", __func__); 600 return rc; 601 } 602 603 if (allocate_crypto) { 604 rc = cifs_alloc_hash("cmac(aes)", &shash); 605 if (rc) 606 return rc; 607 } else { 608 shash = server->secmech.aes_cmac; 609 } 610 611 memset(smb3_signature, 0x0, SMB2_CMACAES_SIZE); 612 memset(shdr->Signature, 0x0, SMB2_SIGNATURE_SIZE); 613 614 rc = crypto_shash_setkey(shash->tfm, key, SMB2_CMACAES_SIZE); 615 if (rc) { 616 cifs_server_dbg(VFS, "%s: Could not set key for cmac aes\n", __func__); 617 goto out; 618 } 619 620 /* 621 * we already allocate aes_cmac when we init smb3 signing key, 622 * so unlike smb2 case we do not have to check here if secmech are 623 * initialized 624 */ 625 rc = crypto_shash_init(shash); 626 if (rc) { 627 cifs_server_dbg(VFS, "%s: Could not init cmac aes\n", __func__); 628 goto out; 629 } 630 631 /* 632 * For SMB2+, __cifs_calc_signature() expects to sign only the actual 633 * data, that is, iov[0] should not contain a rfc1002 length. 634 * 635 * Sign the rfc1002 length prior to passing the data (iov[1-N]) down to 636 * __cifs_calc_signature(). 637 */ 638 drqst = *rqst; 639 if (drqst.rq_nvec >= 2 && iov[0].iov_len == 4) { 640 rc = crypto_shash_update(shash, iov[0].iov_base, 641 iov[0].iov_len); 642 if (rc) { 643 cifs_server_dbg(VFS, "%s: Could not update with payload\n", 644 __func__); 645 goto out; 646 } 647 drqst.rq_iov++; 648 drqst.rq_nvec--; 649 } 650 651 rc = __cifs_calc_signature(&drqst, server, sigptr, shash); 652 if (!rc) 653 memcpy(shdr->Signature, sigptr, SMB2_SIGNATURE_SIZE); 654 655 out: 656 if (allocate_crypto) 657 cifs_free_hash(&shash); 658 return rc; 659 } 660 661 /* must be called with server->srv_mutex held */ 662 static int 663 smb2_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server) 664 { 665 int rc = 0; 666 struct smb2_hdr *shdr; 667 struct smb2_sess_setup_req *ssr; 668 bool is_binding; 669 bool is_signed; 670 671 shdr = (struct smb2_hdr *)rqst->rq_iov[0].iov_base; 672 ssr = (struct smb2_sess_setup_req *)shdr; 673 674 is_binding = shdr->Command == SMB2_SESSION_SETUP && 675 (ssr->Flags & SMB2_SESSION_REQ_FLAG_BINDING); 676 is_signed = shdr->Flags & SMB2_FLAGS_SIGNED; 677 678 if (!is_signed) 679 return 0; 680 spin_lock(&server->srv_lock); 681 if (server->ops->need_neg && 682 server->ops->need_neg(server)) { 683 spin_unlock(&server->srv_lock); 684 return 0; 685 } 686 spin_unlock(&server->srv_lock); 687 if (!is_binding && !server->session_estab) { 688 strscpy(shdr->Signature, "BSRSPYL"); 689 return 0; 690 } 691 692 rc = server->ops->calc_signature(rqst, server, false); 693 694 return rc; 695 } 696 697 int 698 smb2_verify_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server) 699 { 700 unsigned int rc; 701 char server_response_sig[SMB2_SIGNATURE_SIZE]; 702 struct smb2_hdr *shdr = 703 (struct smb2_hdr *)rqst->rq_iov[0].iov_base; 704 705 if ((shdr->Command == SMB2_NEGOTIATE) || 706 (shdr->Command == SMB2_SESSION_SETUP) || 707 (shdr->Command == SMB2_OPLOCK_BREAK) || 708 server->ignore_signature || 709 (!server->session_estab)) 710 return 0; 711 712 /* 713 * BB what if signatures are supposed to be on for session but 714 * server does not send one? BB 715 */ 716 717 /* Do not need to verify session setups with signature "BSRSPYL " */ 718 if (memcmp(shdr->Signature, "BSRSPYL ", 8) == 0) 719 cifs_dbg(FYI, "dummy signature received for smb command 0x%x\n", 720 shdr->Command); 721 722 /* 723 * Save off the original signature so we can modify the smb and check 724 * our calculated signature against what the server sent. 725 */ 726 memcpy(server_response_sig, shdr->Signature, SMB2_SIGNATURE_SIZE); 727 728 memset(shdr->Signature, 0, SMB2_SIGNATURE_SIZE); 729 730 rc = server->ops->calc_signature(rqst, server, true); 731 732 if (rc) 733 return rc; 734 735 if (memcmp(server_response_sig, shdr->Signature, SMB2_SIGNATURE_SIZE)) { 736 cifs_dbg(VFS, "sign fail cmd 0x%x message id 0x%llx\n", 737 shdr->Command, shdr->MessageId); 738 return -EACCES; 739 } else 740 return 0; 741 } 742 743 /* 744 * Set message id for the request. Should be called after wait_for_free_request 745 * and when srv_mutex is held. 746 */ 747 static inline void 748 smb2_seq_num_into_buf(struct TCP_Server_Info *server, 749 struct smb2_hdr *shdr) 750 { 751 unsigned int i, num = le16_to_cpu(shdr->CreditCharge); 752 753 shdr->MessageId = get_next_mid64(server); 754 /* skip message numbers according to CreditCharge field */ 755 for (i = 1; i < num; i++) 756 get_next_mid(server); 757 } 758 759 static struct mid_q_entry * 760 smb2_mid_entry_alloc(const struct smb2_hdr *shdr, 761 struct TCP_Server_Info *server) 762 { 763 struct mid_q_entry *temp; 764 unsigned int credits = le16_to_cpu(shdr->CreditCharge); 765 766 if (server == NULL) { 767 cifs_dbg(VFS, "Null TCP session in smb2_mid_entry_alloc\n"); 768 return NULL; 769 } 770 771 temp = mempool_alloc(cifs_mid_poolp, GFP_NOFS); 772 memset(temp, 0, sizeof(struct mid_q_entry)); 773 kref_init(&temp->refcount); 774 temp->mid = le64_to_cpu(shdr->MessageId); 775 temp->credits = credits > 0 ? credits : 1; 776 temp->pid = current->pid; 777 temp->command = shdr->Command; /* Always LE */ 778 temp->when_alloc = jiffies; 779 temp->server = server; 780 781 /* 782 * The default is for the mid to be synchronous, so the 783 * default callback just wakes up the current task. 784 */ 785 get_task_struct(current); 786 temp->creator = current; 787 temp->callback = cifs_wake_up_task; 788 temp->callback_data = current; 789 790 atomic_inc(&mid_count); 791 temp->mid_state = MID_REQUEST_ALLOCATED; 792 trace_smb3_cmd_enter(le32_to_cpu(shdr->Id.SyncId.TreeId), 793 le64_to_cpu(shdr->SessionId), 794 le16_to_cpu(shdr->Command), temp->mid); 795 return temp; 796 } 797 798 static int 799 smb2_get_mid_entry(struct cifs_ses *ses, struct TCP_Server_Info *server, 800 struct smb2_hdr *shdr, struct mid_q_entry **mid) 801 { 802 spin_lock(&server->srv_lock); 803 if (server->tcpStatus == CifsExiting) { 804 spin_unlock(&server->srv_lock); 805 return -ENOENT; 806 } 807 808 if (server->tcpStatus == CifsNeedReconnect) { 809 spin_unlock(&server->srv_lock); 810 cifs_dbg(FYI, "tcp session dead - return to caller to retry\n"); 811 return -EAGAIN; 812 } 813 814 if (server->tcpStatus == CifsNeedNegotiate && 815 shdr->Command != SMB2_NEGOTIATE) { 816 spin_unlock(&server->srv_lock); 817 return -EAGAIN; 818 } 819 spin_unlock(&server->srv_lock); 820 821 spin_lock(&ses->ses_lock); 822 if (ses->ses_status == SES_NEW) { 823 if ((shdr->Command != SMB2_SESSION_SETUP) && 824 (shdr->Command != SMB2_NEGOTIATE)) { 825 spin_unlock(&ses->ses_lock); 826 return -EAGAIN; 827 } 828 /* else ok - we are setting up session */ 829 } 830 831 if (ses->ses_status == SES_EXITING) { 832 if (shdr->Command != SMB2_LOGOFF) { 833 spin_unlock(&ses->ses_lock); 834 return -EAGAIN; 835 } 836 /* else ok - we are shutting down the session */ 837 } 838 spin_unlock(&ses->ses_lock); 839 840 *mid = smb2_mid_entry_alloc(shdr, server); 841 if (*mid == NULL) 842 return -ENOMEM; 843 spin_lock(&server->mid_lock); 844 list_add_tail(&(*mid)->qhead, &server->pending_mid_q); 845 spin_unlock(&server->mid_lock); 846 847 return 0; 848 } 849 850 int 851 smb2_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server, 852 bool log_error) 853 { 854 unsigned int len = mid->resp_buf_size; 855 struct kvec iov[1]; 856 struct smb_rqst rqst = { .rq_iov = iov, 857 .rq_nvec = 1 }; 858 859 iov[0].iov_base = (char *)mid->resp_buf; 860 iov[0].iov_len = len; 861 862 dump_smb(mid->resp_buf, min_t(u32, 80, len)); 863 /* convert the length into a more usable form */ 864 if (len > 24 && server->sign && !mid->decrypted) { 865 int rc; 866 867 rc = smb2_verify_signature(&rqst, server); 868 if (rc) 869 cifs_server_dbg(VFS, "SMB signature verification returned error = %d\n", 870 rc); 871 } 872 873 return map_smb2_to_linux_error(mid->resp_buf, log_error); 874 } 875 876 struct mid_q_entry * 877 smb2_setup_request(struct cifs_ses *ses, struct TCP_Server_Info *server, 878 struct smb_rqst *rqst) 879 { 880 int rc; 881 struct smb2_hdr *shdr = 882 (struct smb2_hdr *)rqst->rq_iov[0].iov_base; 883 struct mid_q_entry *mid; 884 885 smb2_seq_num_into_buf(server, shdr); 886 887 rc = smb2_get_mid_entry(ses, server, shdr, &mid); 888 if (rc) { 889 revert_current_mid_from_hdr(server, shdr); 890 return ERR_PTR(rc); 891 } 892 893 rc = smb2_sign_rqst(rqst, server); 894 if (rc) { 895 revert_current_mid_from_hdr(server, shdr); 896 delete_mid(mid); 897 return ERR_PTR(rc); 898 } 899 900 return mid; 901 } 902 903 struct mid_q_entry * 904 smb2_setup_async_request(struct TCP_Server_Info *server, struct smb_rqst *rqst) 905 { 906 int rc; 907 struct smb2_hdr *shdr = 908 (struct smb2_hdr *)rqst->rq_iov[0].iov_base; 909 struct mid_q_entry *mid; 910 911 spin_lock(&server->srv_lock); 912 if (server->tcpStatus == CifsNeedNegotiate && 913 shdr->Command != SMB2_NEGOTIATE) { 914 spin_unlock(&server->srv_lock); 915 return ERR_PTR(-EAGAIN); 916 } 917 spin_unlock(&server->srv_lock); 918 919 smb2_seq_num_into_buf(server, shdr); 920 921 mid = smb2_mid_entry_alloc(shdr, server); 922 if (mid == NULL) { 923 revert_current_mid_from_hdr(server, shdr); 924 return ERR_PTR(-ENOMEM); 925 } 926 927 rc = smb2_sign_rqst(rqst, server); 928 if (rc) { 929 revert_current_mid_from_hdr(server, shdr); 930 release_mid(mid); 931 return ERR_PTR(rc); 932 } 933 934 return mid; 935 } 936 937 int 938 smb3_crypto_aead_allocate(struct TCP_Server_Info *server) 939 { 940 struct crypto_aead *tfm; 941 942 if (!server->secmech.enc) { 943 if ((server->cipher_type == SMB2_ENCRYPTION_AES128_GCM) || 944 (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) 945 tfm = crypto_alloc_aead("gcm(aes)", 0, 0); 946 else 947 tfm = crypto_alloc_aead("ccm(aes)", 0, 0); 948 if (IS_ERR(tfm)) { 949 cifs_server_dbg(VFS, "%s: Failed alloc encrypt aead\n", 950 __func__); 951 return PTR_ERR(tfm); 952 } 953 server->secmech.enc = tfm; 954 } 955 956 if (!server->secmech.dec) { 957 if ((server->cipher_type == SMB2_ENCRYPTION_AES128_GCM) || 958 (server->cipher_type == SMB2_ENCRYPTION_AES256_GCM)) 959 tfm = crypto_alloc_aead("gcm(aes)", 0, 0); 960 else 961 tfm = crypto_alloc_aead("ccm(aes)", 0, 0); 962 if (IS_ERR(tfm)) { 963 crypto_free_aead(server->secmech.enc); 964 server->secmech.enc = NULL; 965 cifs_server_dbg(VFS, "%s: Failed to alloc decrypt aead\n", 966 __func__); 967 return PTR_ERR(tfm); 968 } 969 server->secmech.dec = tfm; 970 } 971 972 return 0; 973 } 974