xref: /titanic_51/usr/src/uts/common/smbsrv/smb2.h (revision 7f11fd00fc23e2af7ae21cc8837a2b86380dcfa7)
1 /*
2  * This file and its contents are supplied under the terms of the
3  * Common Development and Distribution License ("CDDL"), version 1.0.
4  * You may only use this file in accordance with the terms of version
5  * 1.0 of the CDDL.
6  *
7  * A full copy of the text of the CDDL should have accompanied this
8  * source.  A copy of the CDDL is also available via the Internet at
9  * http://www.illumos.org/license/CDDL.
10  */
11 
12 /*
13  * Copyright 2015 Nexenta Systems, Inc.  All rights reserved.
14  */
15 
16 #ifndef _SMB_SMB2_H
17 #define	_SMB_SMB2_H
18 
19 #ifdef __cplusplus
20 extern "C" {
21 #endif
22 
23 #define	SMB2_PROTOCOL_ID	{ 0xFE, 'S', 'M', 'B' }
24 #define	SMB2_HDR_SIZE	64
25 
26 /*
27  * SMB2 header command codes.
28  * These are uint16_t on the wire.
29  */
30 typedef enum {
31 	SMB2_NEGOTIATE = 0,
32 	SMB2_SESSION_SETUP,
33 	SMB2_LOGOFF,
34 	SMB2_TREE_CONNECT,
35 	SMB2_TREE_DISCONNECT,
36 	SMB2_CREATE,
37 	SMB2_CLOSE,
38 	SMB2_FLUSH,
39 	SMB2_READ,
40 	SMB2_WRITE,
41 	SMB2_LOCK,
42 	SMB2_IOCTL,
43 	SMB2_CANCEL,
44 	SMB2_ECHO,
45 	SMB2_QUERY_DIRECTORY,
46 	SMB2_CHANGE_NOTIFY,
47 	SMB2_QUERY_INFO,
48 	SMB2_SET_INFO,
49 	SMB2_OPLOCK_BREAK,
50 	/*
51 	 * The above (oplock break) is the last real SMB2 op-code.
52 	 * We use one more slot to represent invalid commands, and
53 	 * the final enum value is used for array sizes. Keep last!
54 	 */
55 	SMB2_INVALID_CMD,
56 	SMB2__NCMDS
57 } SMB2_cmd_code;
58 
59 /*
60  * SMB2 header flags.
61  */
62 
63 /*
64  * SERVER_TO_REDIR
65  * When set, indicates the message is a response rather than
66  * a request. This MUST be set on responses sent from the
67  * server to the client, and MUST NOT be set on requests
68  * sent from the client to the server.
69  */
70 #define	SMB2_FLAGS_SERVER_TO_REDIR	0x00000001
71 
72 /*
73  * ASYNC_COMMAND
74  * When set, indicates that this is an ASYNC SMB2 header.
75  * Always set for headers of the form described in this
76  * section.
77  */
78 #define	SMB2_FLAGS_ASYNC_COMMAND	0x00000002
79 
80 /*
81  * RELATED_OPERATIONS
82  * When set in an SMB2 request, indicates that this request
83  * is a related operation in a compounded request chain.
84  * [MS-SMB2 sec. 3.2.4.1.4]
85  *
86  * When set in an SMB2 compound response, indicates that
87  * the request corresponding to this response was part of a
88  * related operation in a compounded request chain.
89  * [MS-SMB2 sec. 3.3.5.2.7.2]
90  */
91 #define	SMB2_FLAGS_RELATED_OPERATIONS	0x00000004
92 
93 /*
94  * SIGNED
95  * When set, indicates that this packet has been signed.
96  * [MS-SMB2 3.1.5.1]
97  */
98 #define	SMB2_FLAGS_SIGNED	0x00000008
99 
100 /*
101  * [MS-SMB2] 3.2.5.3.1 The SessionKey MUST be set to the
102  * first 16 bytes of the cryptographic key from GSSAPI.
103  * (Padded with zeros if the GSSAPI key is shorter.)
104  */
105 #define	SMB2_SESSION_KEY_LEN	16
106 
107 /*
108  * DFS_OPERATIONS
109  * When set, indicates that this command is a Distributed
110  * File System (DFS) operation.  [MS-SMB2 3.3.5.9]
111  */
112 #define	SMB2_FLAGS_DFS_OPERATIONS	0x10000000
113 
114 /*
115  * REPLAY_OPERATION
116  * This flag is only valid for the SMB 3.0 dialect. When set,
117  * it indicates that this command is a replay operation.
118  * The client MUST ignore this bit on receipt.
119  */
120 #define	SMB2_FLAGS_REPLAY_OPERATION	0x20000000
121 
122 /*
123  * SMB2 Netgotiate [MS-SMB2 2.2.3]
124  */
125 
126 #define	SMB2_NEGOTIATE_SIGNING_ENABLED   0x01
127 #define	SMB2_NEGOTIATE_SIGNING_REQUIRED  0x02
128 
129 #define	SMB2_CAP_DFS			0x00000001
130 
131 /* Added with SMB2.1 */
132 #define	SMB2_CAP_DFS			0x00000001
133 #define	SMB2_CAP_LEASING		0x00000002
134 /*
135  * LARGE_MTU:
136  * When set, indicates that the client supports multi-credit operations.
137  */
138 #define	SMB2_CAP_LARGE_MTU		0x00000004
139 
140 /* Added with SMB3.0 */
141 #define	SMB2_CAP_MULTI_CHANNEL		0x00000008
142 #define	SMB2_CAP_PERSISTENT_HANDLES	0x00000010
143 #define	SMB2_CAP_DIRECTORY_LEASING	0x00000020
144 #define	SMB2_CAP_ENCRYPTION		0x00000040
145 
146 /* SMB2 session flags */
147 #define	SMB2_SESSION_FLAG_IS_GUEST	0x0001
148 #define	SMB2_SESSION_FLAG_IS_NULL	0x0002
149 #define	SMB2_SESSION_FLAG_ENCRYPT_DATA	0x0004
150 
151 /*
152  * SMB2 Tree connect, disconnect
153  */
154 
155 /* SMB2 sharetype flags */
156 #define	SMB2_SHARE_TYPE_DISK		0x1
157 #define	SMB2_SHARE_TYPE_PIPE		0x2
158 #define	SMB2_SHARE_TYPE_PRINT		0x3
159 
160 /* SMB2 share flags */
161 #define	SMB2_SHAREFLAG_MANUAL_CACHING			0x00000000
162 #define	SMB2_SHAREFLAG_AUTO_CACHING			0x00000010
163 #define	SMB2_SHAREFLAG_VDO_CACHING			0x00000020
164 #define	SMB2_SHAREFLAG_NO_CACHING			0x00000030
165 #define	SMB2_SHAREFLAG_DFS				0x00000001
166 #define	SMB2_SHAREFLAG_DFS_ROOT				0x00000002
167 #define	SMB2_SHAREFLAG_RESTRICT_EXCLUSIVE_OPENS		0x00000100
168 #define	SMB2_SHAREFLAG_FORCE_SHARED_DELETE		0x00000200
169 #define	SMB2_SHAREFLAG_ALLOW_NAMESPACE_CACHING		0x00000400
170 #define	SMB2_SHAREFLAG_ACCESS_BASED_DIRECTORY_ENUM	0x00000800
171 #define	SMB2_SHAREFLAG_FORCE_LEVELII_OPLOCK		0x00001000
172 /* SMB 3.0 */
173 #define	SMB2_SHAREFLAG_ENABLE_HASH_V1			0x00002000
174 #define	SMB2_SHAREFLAG_ENABLE_HASH_V2			0x00004000
175 #define	SMB2_SHAREFLAG_ENCRYPT_DATA			0x00008000
176 
177 /* SMB2 share capabilities */
178 #define	SMB2_SHARE_CAP_DFS				0x00000008
179 /* SMB 3.0 */
180 #define	SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY		0x00000010
181 #define	SMB2_SHARE_CAP_SCALEOUT				0x00000020
182 #define	SMB2_SHARE_CAP_CLUSTER				0x00000040
183 
184 /*
185  * SMB2 Create (open)
186  */
187 
188 /* SMB2 requested oplock levels */
189 #define	SMB2_OPLOCK_LEVEL_NONE				0x00
190 #define	SMB2_OPLOCK_LEVEL_II				0x01
191 #define	SMB2_OPLOCK_LEVEL_EXCLUSIVE			0x08
192 #define	SMB2_OPLOCK_LEVEL_BATCH				0x09
193 #define	SMB2_OPLOCK_LEVEL_LEASE				0xFF
194 
195 /* SMB2 impersonation levels */
196 #define	SMB2_IMPERSONATION_ANONYMOUS			0x00
197 #define	SMB2_IMPERSONATION_IDENTIFICATION		0x01
198 #define	SMB2_IMPERSONATION_IMPERSONATION		0x02
199 #define	SMB2_IMPERSONATION_DELEGATE			0x03
200 
201 /*
202  * Note: ShareAccess, CreateDispositon, CreateOptions,
203  * all use the same definitions as SMB1 (from MS-FSA).
204  * Ditto FileAccess flags (as with ACLs)
205  */
206 
207 /* SMB2 Create Context tags */
208 
209 #define	SMB2_CREATE_EA_BUFFER			0x45787441 /* ("ExtA") */
210 /*
211  * The data contains the extended attributes
212  * that MUST be stored on the created file.
213  * This value MUST NOT be set for named
214  * pipes and print files.
215  */
216 
217 #define	SMB2_CREATE_SD_BUFFER			0x53656344 /* ("SecD") */
218 /*
219  * The data contains a security descriptor that
220  * MUST be stored on the created file.
221  * This value MUST NOT be set for named
222  * pipes and print files.
223  */
224 
225 #define	SMB2_CREATE_DURABLE_HANDLE_REQUEST	0x44486e51 /* ("DHnQ") */
226 /* The client is requesting the open to be durable */
227 
228 #define	SMB2_CREATE_DURABLE_HANDLE_RECONNECT	0x44486e43 /* ("DHnC") */
229 /*
230  * The client is requesting to reconnect to a
231  * durable open after being disconnected
232  */
233 
234 #define	SMB2_CREATE_ALLOCATION_SIZE		0x416c5369 /* ("AISi") */
235 /*
236  * The data contains the required allocation
237  * size of the newly created file.
238  */
239 
240 #define	SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQ	0x4d784163 /* ("MxAc") */
241 /*
242  * The client is requesting that the server
243  * return maximal access information.
244  */
245 
246 #define	SMB2_CREATE_TIMEWARP_TOKEN		0x54577270 /* ("TWrp") */
247 /*
248  * The client is requesting that the server
249  * open an earlier version of the file identified
250  * by the provided time stamp.
251  */
252 
253 #define	SMB2_CREATE_QUERY_ON_DISK_ID		0x51466964 /* ("QFid") */
254 /*
255  * The client is requesting that the server return a 32-byte
256  * opaque BLOB that uniquely identifies the file being opened
257  * on disk. No data is passed to the server by the client.
258  */
259 
260 #define	SMB2_CREATE_REQUEST_LEASE		0x52714c73 /* ("RqLs") */
261 /*
262  * The client is requesting that the server return a lease.
263  * This value is only supported for the SMB 2.1 and 3.0 dialects.
264  */
265 
266 /* SMB2 create request lease */
267 #define	SMB2_LEASE_NONE				0x00
268 #define	SMB2_LEASE_READ_CACHING			0x01
269 #define	SMB2_LEASE_HANDLE_CACHING		0x02
270 #define	SMB2_LEASE_WRITE_CACHING		0x04
271 
272 /* SMB2 lease break notification flags */
273 #define	SMB2_NOTIFY_BREAK_LEASE_FLAG_ACK_REQUIRED  0x01
274 
275 /*
276  * SMB2 Close
277  */
278 #define	SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB 	0x0001
279 
280 /*
281  * SMB2 Write
282  */
283 #define	SMB2_WRITEFLAG_WRITE_THROUGH		0x00000001
284 
285 /*
286  * SMB2 Lock Request
287  */
288 
289 /* SMB2 lock flags */
290 
291 /*
292  * SMB2_LOCKFLAG_SHARED_LOCK
293  * The range MUST be locked shared, allowing other opens
294  * to read from or take a shared lock on the range. All opens
295  * MUST NOT be allowed to write within the range. Other
296  * locks can be requested and taken on this range.
297  */
298 #define	SMB2_LOCKFLAG_SHARED_LOCK	0x00000001
299 
300 /*
301  * SMB2_LOCKFLAG_EXCLUSIVE_LOCK
302  * The range MUST be locked exclusive, not allowing other
303  * opens to read, write, or lock within the range.
304  */
305 #define	SMB2_LOCKFLAG_EXCLUSIVE_LOCK	0x00000002
306 
307 /*
308  * SMB2_LOCKFLAG_UNLOCK
309  * The range MUST be unlocked from a previous lock taken
310  * on this range. The unlock range MUST be identical to the
311  * lock range. Sub-ranges cannot be unlocked.
312  */
313 #define	SMB2_LOCKFLAG_UNLOCK		0x00000004
314 
315 /*
316  * SMB2_LOCKFLAG_FAIL_IMMEDIATELY
317  * The lock operation MUST fail immediately if it conflicts
318  * with an existing lock, instead of waiting for the range to
319  * become available.  This can be OR'ed with either of
320  * shared_lock, exclusive_lock (nothing else).
321  */
322 #define	SMB2_LOCKFLAG_FAIL_IMMEDIATELY	0x00000010
323 
324 /*
325  * SMB2 Ioctl Request
326  */
327 #define	SMB2_0_IOCTL_IS_FSCTL 		0x00000001
328 
329 
330 /*
331  * SMB2 Query Directory
332  */
333 
334 /*
335  * SMB2 query directory info levels
336  * Same as SMB1 (see ntifs.h)
337  */
338 
339 /*
340  * SMB2 Query Directory Flags
341  * (our own names for these - spec. used poor names)
342  */
343 #define	SMB2_QDIR_FLAG_RESTART		0x01 /* SMB2_RESTART_SCANS */
344 #define	SMB2_QDIR_FLAG_SINGLE		0x02 /* SMB2_RETURN_SINGLE_ENTRY */
345 #define	SMB2_QDIR_FLAG_INDEX		0x04 /* SMB2_INDEX_SPECIFIED */
346 #define	SMB2_QDIR_FLAG_REOPEN		0x10 /* SMB2_REOPEN */
347 
348 /*
349  * SMB2 Query Info Request
350  */
351 
352 /* info type */
353 #define	SMB2_0_INFO_FILE		0x01
354 /* The file information is requested. */
355 #define	SMB2_0_INFO_FILESYSTEM		0x02
356 /* The underlying object store information is requested. */
357 #define	SMB2_0_INFO_SECURITY		0x03
358 /* The security information is requested. */
359 #define	SMB2_0_INFO_QUOTA		0x04
360 /* The underlying object store quota information is requested. */
361 
362 /*
363  * SMB2 Change Nofity Request
364  */
365 #define	SMB2_WATCH_TREE			0x00000001
366 
367 #ifdef __cplusplus
368 }
369 #endif
370 
371 #endif /* _SMB_SMB2_H */
372