aa22ebc382
Previously we were only able to dump CCM or GCM-128 keys (see "smbinfo keys" e.g.) to allow network debugging (e.g. wireshark) of mounts to SMB3.1.1 encrypted shares. But with the addition of GCM-256 support, we have to be able to dump 32 byte instead of 16 byte keys which requires adding an additional ioctl for that. Reviewed-by: Shyam Prasad N <sprasad@microsoft.com> Signed-off-by: Steve French <stfrench@microsoft.com>
116 lines
3.6 KiB
C
116 lines
3.6 KiB
C
/*
|
|
* fs/cifs/cifs_ioctl.h
|
|
*
|
|
* Structure definitions for io control for cifs/smb3
|
|
*
|
|
* Copyright (c) 2015 Steve French <steve.french@primarydata.com>
|
|
*
|
|
* This library is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU Lesser General Public License as published
|
|
* by the Free Software Foundation; either version 2.1 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
|
|
* the GNU Lesser General Public License for more details.
|
|
*
|
|
*/
|
|
|
|
struct smb_mnt_fs_info {
|
|
__u32 version; /* 0001 */
|
|
__u16 protocol_id;
|
|
__u16 tcon_flags;
|
|
__u32 vol_serial_number;
|
|
__u32 vol_create_time;
|
|
__u32 share_caps;
|
|
__u32 share_flags;
|
|
__u32 sector_flags;
|
|
__u32 optimal_sector_size;
|
|
__u32 max_bytes_chunk;
|
|
__u32 fs_attributes;
|
|
__u32 max_path_component;
|
|
__u32 device_type;
|
|
__u32 device_characteristics;
|
|
__u32 maximal_access;
|
|
__u64 cifs_posix_caps;
|
|
} __packed;
|
|
|
|
struct smb_snapshot_array {
|
|
__u32 number_of_snapshots;
|
|
__u32 number_of_snapshots_returned;
|
|
__u32 snapshot_array_size;
|
|
/* snapshots[]; */
|
|
} __packed;
|
|
|
|
/* query_info flags */
|
|
#define PASSTHRU_QUERY_INFO 0x00000000
|
|
#define PASSTHRU_FSCTL 0x00000001
|
|
#define PASSTHRU_SET_INFO 0x00000002
|
|
struct smb_query_info {
|
|
__u32 info_type;
|
|
__u32 file_info_class;
|
|
__u32 additional_information;
|
|
__u32 flags;
|
|
__u32 input_buffer_length;
|
|
__u32 output_buffer_length;
|
|
/* char buffer[]; */
|
|
} __packed;
|
|
|
|
/*
|
|
* Dumping the commonly used 16 byte (e.g. CCM and GCM128) keys still supported
|
|
* for backlevel compatibility, but is not sufficient for dumping the less
|
|
* frequently used GCM256 (32 byte) keys (see the newer "CIFS_DUMP_FULL_KEY"
|
|
* ioctl for dumping decryption info for GCM256 mounts)
|
|
*/
|
|
struct smb3_key_debug_info {
|
|
__u64 Suid;
|
|
__u16 cipher_type;
|
|
__u8 auth_key[16]; /* SMB2_NTLMV2_SESSKEY_SIZE */
|
|
__u8 smb3encryptionkey[SMB3_SIGN_KEY_SIZE];
|
|
__u8 smb3decryptionkey[SMB3_SIGN_KEY_SIZE];
|
|
} __packed;
|
|
|
|
/*
|
|
* Dump full key (32 byte encrypt/decrypt keys instead of 16 bytes)
|
|
* is needed if GCM256 (stronger encryption) negotiated
|
|
*/
|
|
struct smb3_full_key_debug_info {
|
|
__u64 Suid;
|
|
__u16 cipher_type;
|
|
__u8 auth_key[16]; /* SMB2_NTLMV2_SESSKEY_SIZE */
|
|
__u8 smb3encryptionkey[32]; /* SMB3_ENC_DEC_KEY_SIZE */
|
|
__u8 smb3decryptionkey[32]; /* SMB3_ENC_DEC_KEY_SIZE */
|
|
} __packed;
|
|
|
|
struct smb3_notify {
|
|
__u32 completion_filter;
|
|
bool watch_tree;
|
|
} __packed;
|
|
|
|
#define CIFS_IOCTL_MAGIC 0xCF
|
|
#define CIFS_IOC_COPYCHUNK_FILE _IOW(CIFS_IOCTL_MAGIC, 3, int)
|
|
#define CIFS_IOC_SET_INTEGRITY _IO(CIFS_IOCTL_MAGIC, 4)
|
|
#define CIFS_IOC_GET_MNT_INFO _IOR(CIFS_IOCTL_MAGIC, 5, struct smb_mnt_fs_info)
|
|
#define CIFS_ENUMERATE_SNAPSHOTS _IOR(CIFS_IOCTL_MAGIC, 6, struct smb_snapshot_array)
|
|
#define CIFS_QUERY_INFO _IOWR(CIFS_IOCTL_MAGIC, 7, struct smb_query_info)
|
|
#define CIFS_DUMP_KEY _IOWR(CIFS_IOCTL_MAGIC, 8, struct smb3_key_debug_info)
|
|
#define CIFS_IOC_NOTIFY _IOW(CIFS_IOCTL_MAGIC, 9, struct smb3_notify)
|
|
#define CIFS_DUMP_FULL_KEY _IOWR(CIFS_IOCTL_MAGIC, 10, struct smb3_full_key_debug_info)
|
|
#define CIFS_IOC_SHUTDOWN _IOR ('X', 125, __u32)
|
|
|
|
/*
|
|
* Flags for going down operation
|
|
*/
|
|
#define CIFS_GOING_FLAGS_DEFAULT 0x0 /* going down */
|
|
#define CIFS_GOING_FLAGS_LOGFLUSH 0x1 /* flush log but not data */
|
|
#define CIFS_GOING_FLAGS_NOLOGFLUSH 0x2 /* don't flush log nor data */
|
|
|
|
static inline bool cifs_forced_shutdown(struct cifs_sb_info *sbi)
|
|
{
|
|
if (CIFS_MOUNT_SHUTDOWN & sbi->mnt_cifs_flags)
|
|
return true;
|
|
else
|
|
return false;
|
|
}
|