Commit | Line | Data |
---|---|---|
2dc7e1c0 PS |
1 | /* |
2 | * fs/cifs/smb2transport.c | |
3 | * | |
4 | * Copyright (C) International Business Machines Corp., 2002, 2011 | |
5 | * Etersoft, 2012 | |
6 | * Author(s): Steve French (sfrench@us.ibm.com) | |
7 | * Jeremy Allison (jra@samba.org) 2006 | |
8 | * Pavel Shilovsky (pshilovsky@samba.org) 2012 | |
9 | * | |
10 | * This library is free software; you can redistribute it and/or modify | |
11 | * it under the terms of the GNU Lesser General Public License as published | |
12 | * by the Free Software Foundation; either version 2.1 of the License, or | |
13 | * (at your option) any later version. | |
14 | * | |
15 | * This library is distributed in the hope that it will be useful, | |
16 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
17 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See | |
18 | * the GNU Lesser General Public License for more details. | |
19 | * | |
20 | * You should have received a copy of the GNU Lesser General Public License | |
21 | * along with this library; if not, write to the Free Software | |
22 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
23 | */ | |
24 | ||
25 | #include <linux/fs.h> | |
26 | #include <linux/list.h> | |
27 | #include <linux/wait.h> | |
28 | #include <linux/net.h> | |
29 | #include <linux/delay.h> | |
30 | #include <linux/uaccess.h> | |
31 | #include <asm/processor.h> | |
32 | #include <linux/mempool.h> | |
fb308a6f | 33 | #include <linux/highmem.h> |
2dc7e1c0 PS |
34 | #include "smb2pdu.h" |
35 | #include "cifsglob.h" | |
36 | #include "cifsproto.h" | |
37 | #include "smb2proto.h" | |
38 | #include "cifs_debug.h" | |
39 | #include "smb2status.h" | |
3c1bf7e4 PS |
40 | #include "smb2glob.h" |
41 | ||
95dc8dd1 SF |
42 | static int |
43 | smb2_crypto_shash_allocate(struct TCP_Server_Info *server) | |
44 | { | |
45 | unsigned int size; | |
46 | ||
47 | if (server->secmech.sdeschmacsha256 != NULL) | |
48 | return 0; /* already allocated */ | |
49 | ||
50 | server->secmech.hmacsha256 = crypto_alloc_shash("hmac(sha256)", 0, 0); | |
51 | if (IS_ERR(server->secmech.hmacsha256)) { | |
52 | cifs_dbg(VFS, "could not allocate crypto hmacsha256\n"); | |
53 | return PTR_ERR(server->secmech.hmacsha256); | |
54 | } | |
55 | ||
56 | size = sizeof(struct shash_desc) + | |
57 | crypto_shash_descsize(server->secmech.hmacsha256); | |
58 | server->secmech.sdeschmacsha256 = kmalloc(size, GFP_KERNEL); | |
59 | if (!server->secmech.sdeschmacsha256) { | |
60 | crypto_free_shash(server->secmech.hmacsha256); | |
61 | server->secmech.hmacsha256 = NULL; | |
62 | return -ENOMEM; | |
63 | } | |
64 | server->secmech.sdeschmacsha256->shash.tfm = server->secmech.hmacsha256; | |
65 | server->secmech.sdeschmacsha256->shash.flags = 0x0; | |
66 | ||
67 | return 0; | |
68 | } | |
69 | ||
70 | static int | |
71 | smb3_crypto_shash_allocate(struct TCP_Server_Info *server) | |
72 | { | |
73 | unsigned int size; | |
74 | int rc; | |
75 | ||
76 | if (server->secmech.sdesccmacaes != NULL) | |
77 | return 0; /* already allocated */ | |
78 | ||
79 | rc = smb2_crypto_shash_allocate(server); | |
80 | if (rc) | |
81 | return rc; | |
82 | ||
83 | server->secmech.cmacaes = crypto_alloc_shash("cmac(aes)", 0, 0); | |
84 | if (IS_ERR(server->secmech.cmacaes)) { | |
85 | cifs_dbg(VFS, "could not allocate crypto cmac-aes"); | |
86 | kfree(server->secmech.sdeschmacsha256); | |
87 | server->secmech.sdeschmacsha256 = NULL; | |
88 | crypto_free_shash(server->secmech.hmacsha256); | |
89 | server->secmech.hmacsha256 = NULL; | |
90 | return PTR_ERR(server->secmech.cmacaes); | |
91 | } | |
92 | ||
93 | size = sizeof(struct shash_desc) + | |
94 | crypto_shash_descsize(server->secmech.cmacaes); | |
95 | server->secmech.sdesccmacaes = kmalloc(size, GFP_KERNEL); | |
96 | if (!server->secmech.sdesccmacaes) { | |
97 | cifs_dbg(VFS, "%s: Can't alloc cmacaes\n", __func__); | |
98 | kfree(server->secmech.sdeschmacsha256); | |
99 | server->secmech.sdeschmacsha256 = NULL; | |
100 | crypto_free_shash(server->secmech.hmacsha256); | |
101 | crypto_free_shash(server->secmech.cmacaes); | |
102 | server->secmech.hmacsha256 = NULL; | |
103 | server->secmech.cmacaes = NULL; | |
104 | return -ENOMEM; | |
105 | } | |
106 | server->secmech.sdesccmacaes->shash.tfm = server->secmech.cmacaes; | |
107 | server->secmech.sdesccmacaes->shash.flags = 0x0; | |
108 | ||
109 | return 0; | |
110 | } | |
111 | ||
112 | ||
38107d45 | 113 | int |
0b688cfc | 114 | smb2_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server) |
3c1bf7e4 PS |
115 | { |
116 | int i, rc; | |
117 | unsigned char smb2_signature[SMB2_HMACSHA256_SIZE]; | |
118 | unsigned char *sigptr = smb2_signature; | |
0b688cfc JL |
119 | struct kvec *iov = rqst->rq_iov; |
120 | int n_vec = rqst->rq_nvec; | |
3c1bf7e4 PS |
121 | struct smb2_hdr *smb2_pdu = (struct smb2_hdr *)iov[0].iov_base; |
122 | ||
123 | memset(smb2_signature, 0x0, SMB2_HMACSHA256_SIZE); | |
124 | memset(smb2_pdu->Signature, 0x0, SMB2_SIGNATURE_SIZE); | |
125 | ||
95dc8dd1 SF |
126 | rc = smb2_crypto_shash_allocate(server); |
127 | if (rc) { | |
128 | cifs_dbg(VFS, "%s: shah256 alloc failed\n", __func__); | |
129 | return rc; | |
130 | } | |
131 | ||
3c1bf7e4 PS |
132 | rc = crypto_shash_setkey(server->secmech.hmacsha256, |
133 | server->session_key.response, SMB2_NTLMV2_SESSKEY_SIZE); | |
134 | if (rc) { | |
f96637be | 135 | cifs_dbg(VFS, "%s: Could not update with response\n", __func__); |
3c1bf7e4 PS |
136 | return rc; |
137 | } | |
138 | ||
139 | rc = crypto_shash_init(&server->secmech.sdeschmacsha256->shash); | |
140 | if (rc) { | |
95dc8dd1 | 141 | cifs_dbg(VFS, "%s: Could not init sha256", __func__); |
3c1bf7e4 PS |
142 | return rc; |
143 | } | |
144 | ||
145 | for (i = 0; i < n_vec; i++) { | |
146 | if (iov[i].iov_len == 0) | |
147 | continue; | |
148 | if (iov[i].iov_base == NULL) { | |
f96637be | 149 | cifs_dbg(VFS, "null iovec entry\n"); |
3c1bf7e4 PS |
150 | return -EIO; |
151 | } | |
152 | /* | |
153 | * The first entry includes a length field (which does not get | |
154 | * signed that occupies the first 4 bytes before the header). | |
155 | */ | |
156 | if (i == 0) { | |
157 | if (iov[0].iov_len <= 8) /* cmd field at offset 9 */ | |
158 | break; /* nothing to sign or corrupt header */ | |
159 | rc = | |
160 | crypto_shash_update( | |
161 | &server->secmech.sdeschmacsha256->shash, | |
162 | iov[i].iov_base + 4, iov[i].iov_len - 4); | |
163 | } else { | |
164 | rc = | |
165 | crypto_shash_update( | |
166 | &server->secmech.sdeschmacsha256->shash, | |
167 | iov[i].iov_base, iov[i].iov_len); | |
168 | } | |
169 | if (rc) { | |
f96637be JP |
170 | cifs_dbg(VFS, "%s: Could not update with payload\n", |
171 | __func__); | |
3c1bf7e4 PS |
172 | return rc; |
173 | } | |
174 | } | |
175 | ||
fb308a6f JL |
176 | /* now hash over the rq_pages array */ |
177 | for (i = 0; i < rqst->rq_npages; i++) { | |
178 | struct kvec p_iov; | |
179 | ||
180 | cifs_rqst_page_to_kvec(rqst, i, &p_iov); | |
181 | crypto_shash_update(&server->secmech.sdeschmacsha256->shash, | |
182 | p_iov.iov_base, p_iov.iov_len); | |
183 | kunmap(rqst->rq_pages[i]); | |
184 | } | |
185 | ||
3c1bf7e4 PS |
186 | rc = crypto_shash_final(&server->secmech.sdeschmacsha256->shash, |
187 | sigptr); | |
188 | if (rc) | |
f96637be | 189 | cifs_dbg(VFS, "%s: Could not generate sha256 hash\n", __func__); |
3c1bf7e4 PS |
190 | |
191 | memcpy(smb2_pdu->Signature, sigptr, SMB2_SIGNATURE_SIZE); | |
192 | ||
193 | return rc; | |
194 | } | |
195 | ||
e65a5cb4 | 196 | void |
429b46f4 SF |
197 | generate_smb3signingkey(struct TCP_Server_Info *server) |
198 | { | |
199 | unsigned char zero = 0x0; | |
200 | __u8 i[4] = {0, 0, 0, 1}; | |
201 | __u8 L[4] = {0, 0, 0, 128}; | |
202 | int rc = 0; | |
203 | unsigned char prfhash[SMB2_HMACSHA256_SIZE]; | |
204 | unsigned char *hashptr = prfhash; | |
205 | ||
206 | memset(prfhash, 0x0, SMB2_HMACSHA256_SIZE); | |
207 | memset(server->smb3signingkey, 0x0, SMB3_SIGNKEY_SIZE); | |
208 | ||
95dc8dd1 SF |
209 | rc = smb3_crypto_shash_allocate(server); |
210 | if (rc) { | |
211 | cifs_dbg(VFS, "%s: crypto alloc failed\n", __func__); | |
212 | goto smb3signkey_ret; | |
213 | } | |
214 | ||
429b46f4 SF |
215 | rc = crypto_shash_setkey(server->secmech.hmacsha256, |
216 | server->session_key.response, SMB2_NTLMV2_SESSKEY_SIZE); | |
217 | if (rc) { | |
218 | cifs_dbg(VFS, "%s: Could not set with session key\n", __func__); | |
219 | goto smb3signkey_ret; | |
220 | } | |
221 | ||
222 | rc = crypto_shash_init(&server->secmech.sdeschmacsha256->shash); | |
223 | if (rc) { | |
224 | cifs_dbg(VFS, "%s: Could not init sign hmac\n", __func__); | |
225 | goto smb3signkey_ret; | |
226 | } | |
227 | ||
228 | rc = crypto_shash_update(&server->secmech.sdeschmacsha256->shash, | |
229 | i, 4); | |
230 | if (rc) { | |
231 | cifs_dbg(VFS, "%s: Could not update with n\n", __func__); | |
232 | goto smb3signkey_ret; | |
233 | } | |
234 | ||
235 | rc = crypto_shash_update(&server->secmech.sdeschmacsha256->shash, | |
236 | "SMB2AESCMAC", 12); | |
237 | if (rc) { | |
238 | cifs_dbg(VFS, "%s: Could not update with label\n", __func__); | |
239 | goto smb3signkey_ret; | |
240 | } | |
241 | ||
242 | rc = crypto_shash_update(&server->secmech.sdeschmacsha256->shash, | |
243 | &zero, 1); | |
244 | if (rc) { | |
245 | cifs_dbg(VFS, "%s: Could not update with zero\n", __func__); | |
246 | goto smb3signkey_ret; | |
247 | } | |
248 | ||
249 | rc = crypto_shash_update(&server->secmech.sdeschmacsha256->shash, | |
250 | "SmbSign", 8); | |
251 | if (rc) { | |
252 | cifs_dbg(VFS, "%s: Could not update with context\n", __func__); | |
253 | goto smb3signkey_ret; | |
254 | } | |
255 | ||
256 | rc = crypto_shash_update(&server->secmech.sdeschmacsha256->shash, | |
257 | L, 4); | |
258 | if (rc) { | |
259 | cifs_dbg(VFS, "%s: Could not update with L\n", __func__); | |
260 | goto smb3signkey_ret; | |
261 | } | |
262 | ||
263 | rc = crypto_shash_final(&server->secmech.sdeschmacsha256->shash, | |
264 | hashptr); | |
265 | if (rc) { | |
266 | cifs_dbg(VFS, "%s: Could not generate sha256 hash\n", __func__); | |
267 | goto smb3signkey_ret; | |
268 | } | |
269 | ||
270 | memcpy(server->smb3signingkey, hashptr, SMB3_SIGNKEY_SIZE); | |
271 | ||
272 | smb3signkey_ret: | |
e65a5cb4 | 273 | return; |
429b46f4 SF |
274 | } |
275 | ||
38107d45 SF |
276 | int |
277 | smb3_calc_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server) | |
278 | { | |
429b46f4 SF |
279 | int i, rc; |
280 | unsigned char smb3_signature[SMB2_CMACAES_SIZE]; | |
281 | unsigned char *sigptr = smb3_signature; | |
282 | struct kvec *iov = rqst->rq_iov; | |
283 | int n_vec = rqst->rq_nvec; | |
284 | struct smb2_hdr *smb2_pdu = (struct smb2_hdr *)iov[0].iov_base; | |
285 | ||
286 | memset(smb3_signature, 0x0, SMB2_CMACAES_SIZE); | |
287 | memset(smb2_pdu->Signature, 0x0, SMB2_SIGNATURE_SIZE); | |
288 | ||
289 | rc = crypto_shash_setkey(server->secmech.cmacaes, | |
290 | server->smb3signingkey, SMB2_CMACAES_SIZE); | |
291 | if (rc) { | |
292 | cifs_dbg(VFS, "%s: Could not set key for cmac aes\n", __func__); | |
293 | return rc; | |
294 | } | |
295 | ||
95dc8dd1 SF |
296 | /* |
297 | * we already allocate sdesccmacaes when we init smb3 signing key, | |
298 | * so unlike smb2 case we do not have to check here if secmech are | |
299 | * initialized | |
300 | */ | |
429b46f4 SF |
301 | rc = crypto_shash_init(&server->secmech.sdesccmacaes->shash); |
302 | if (rc) { | |
303 | cifs_dbg(VFS, "%s: Could not init cmac aes\n", __func__); | |
304 | return rc; | |
305 | } | |
306 | ||
307 | for (i = 0; i < n_vec; i++) { | |
308 | if (iov[i].iov_len == 0) | |
309 | continue; | |
310 | if (iov[i].iov_base == NULL) { | |
311 | cifs_dbg(VFS, "null iovec entry"); | |
312 | return -EIO; | |
313 | } | |
314 | /* | |
315 | * The first entry includes a length field (which does not get | |
316 | * signed that occupies the first 4 bytes before the header). | |
317 | */ | |
318 | if (i == 0) { | |
319 | if (iov[0].iov_len <= 8) /* cmd field at offset 9 */ | |
320 | break; /* nothing to sign or corrupt header */ | |
321 | rc = | |
322 | crypto_shash_update( | |
323 | &server->secmech.sdesccmacaes->shash, | |
324 | iov[i].iov_base + 4, iov[i].iov_len - 4); | |
325 | } else { | |
326 | rc = | |
327 | crypto_shash_update( | |
328 | &server->secmech.sdesccmacaes->shash, | |
329 | iov[i].iov_base, iov[i].iov_len); | |
330 | } | |
331 | if (rc) { | |
332 | cifs_dbg(VFS, "%s: Couldn't update cmac aes with payload\n", | |
333 | __func__); | |
334 | return rc; | |
335 | } | |
336 | } | |
337 | ||
338 | /* now hash over the rq_pages array */ | |
339 | for (i = 0; i < rqst->rq_npages; i++) { | |
340 | struct kvec p_iov; | |
341 | ||
342 | cifs_rqst_page_to_kvec(rqst, i, &p_iov); | |
343 | crypto_shash_update(&server->secmech.sdesccmacaes->shash, | |
344 | p_iov.iov_base, p_iov.iov_len); | |
345 | kunmap(rqst->rq_pages[i]); | |
346 | } | |
347 | ||
348 | rc = crypto_shash_final(&server->secmech.sdesccmacaes->shash, | |
349 | sigptr); | |
350 | if (rc) | |
351 | cifs_dbg(VFS, "%s: Could not generate cmac aes\n", __func__); | |
352 | ||
353 | memcpy(smb2_pdu->Signature, sigptr, SMB2_SIGNATURE_SIZE); | |
354 | ||
355 | return rc; | |
38107d45 SF |
356 | } |
357 | ||
3c1bf7e4 PS |
358 | /* must be called with server->srv_mutex held */ |
359 | static int | |
0b688cfc | 360 | smb2_sign_rqst(struct smb_rqst *rqst, struct TCP_Server_Info *server) |
3c1bf7e4 PS |
361 | { |
362 | int rc = 0; | |
0b688cfc | 363 | struct smb2_hdr *smb2_pdu = rqst->rq_iov[0].iov_base; |
3c1bf7e4 PS |
364 | |
365 | if (!(smb2_pdu->Flags & SMB2_FLAGS_SIGNED) || | |
366 | server->tcpStatus == CifsNeedNegotiate) | |
367 | return rc; | |
368 | ||
369 | if (!server->session_estab) { | |
370 | strncpy(smb2_pdu->Signature, "BSRSPYL", 8); | |
371 | return rc; | |
372 | } | |
373 | ||
38107d45 | 374 | rc = server->ops->calc_signature(rqst, server); |
3c1bf7e4 PS |
375 | |
376 | return rc; | |
377 | } | |
378 | ||
379 | int | |
0b688cfc | 380 | smb2_verify_signature(struct smb_rqst *rqst, struct TCP_Server_Info *server) |
3c1bf7e4 PS |
381 | { |
382 | unsigned int rc; | |
383 | char server_response_sig[16]; | |
0b688cfc | 384 | struct smb2_hdr *smb2_pdu = (struct smb2_hdr *)rqst->rq_iov[0].iov_base; |
3c1bf7e4 PS |
385 | |
386 | if ((smb2_pdu->Command == SMB2_NEGOTIATE) || | |
387 | (smb2_pdu->Command == SMB2_OPLOCK_BREAK) || | |
388 | (!server->session_estab)) | |
389 | return 0; | |
390 | ||
391 | /* | |
392 | * BB what if signatures are supposed to be on for session but | |
393 | * server does not send one? BB | |
394 | */ | |
395 | ||
396 | /* Do not need to verify session setups with signature "BSRSPYL " */ | |
397 | if (memcmp(smb2_pdu->Signature, "BSRSPYL ", 8) == 0) | |
f96637be JP |
398 | cifs_dbg(FYI, "dummy signature received for smb command 0x%x\n", |
399 | smb2_pdu->Command); | |
3c1bf7e4 PS |
400 | |
401 | /* | |
402 | * Save off the origiginal signature so we can modify the smb and check | |
403 | * our calculated signature against what the server sent. | |
404 | */ | |
405 | memcpy(server_response_sig, smb2_pdu->Signature, SMB2_SIGNATURE_SIZE); | |
406 | ||
407 | memset(smb2_pdu->Signature, 0, SMB2_SIGNATURE_SIZE); | |
408 | ||
409 | mutex_lock(&server->srv_mutex); | |
38107d45 | 410 | rc = server->ops->calc_signature(rqst, server); |
3c1bf7e4 PS |
411 | mutex_unlock(&server->srv_mutex); |
412 | ||
413 | if (rc) | |
414 | return rc; | |
415 | ||
416 | if (memcmp(server_response_sig, smb2_pdu->Signature, | |
417 | SMB2_SIGNATURE_SIZE)) | |
418 | return -EACCES; | |
419 | else | |
420 | return 0; | |
421 | } | |
422 | ||
2dc7e1c0 PS |
423 | /* |
424 | * Set message id for the request. Should be called after wait_for_free_request | |
425 | * and when srv_mutex is held. | |
426 | */ | |
427 | static inline void | |
428 | smb2_seq_num_into_buf(struct TCP_Server_Info *server, struct smb2_hdr *hdr) | |
429 | { | |
430 | hdr->MessageId = get_next_mid(server); | |
431 | } | |
432 | ||
433 | static struct mid_q_entry * | |
434 | smb2_mid_entry_alloc(const struct smb2_hdr *smb_buffer, | |
435 | struct TCP_Server_Info *server) | |
436 | { | |
437 | struct mid_q_entry *temp; | |
438 | ||
439 | if (server == NULL) { | |
f96637be | 440 | cifs_dbg(VFS, "Null TCP session in smb2_mid_entry_alloc\n"); |
2dc7e1c0 PS |
441 | return NULL; |
442 | } | |
443 | ||
444 | temp = mempool_alloc(cifs_mid_poolp, GFP_NOFS); | |
445 | if (temp == NULL) | |
446 | return temp; | |
447 | else { | |
448 | memset(temp, 0, sizeof(struct mid_q_entry)); | |
449 | temp->mid = smb_buffer->MessageId; /* always LE */ | |
450 | temp->pid = current->pid; | |
451 | temp->command = smb_buffer->Command; /* Always LE */ | |
452 | temp->when_alloc = jiffies; | |
453 | temp->server = server; | |
454 | ||
455 | /* | |
456 | * The default is for the mid to be synchronous, so the | |
457 | * default callback just wakes up the current task. | |
458 | */ | |
459 | temp->callback = cifs_wake_up_task; | |
460 | temp->callback_data = current; | |
461 | } | |
462 | ||
463 | atomic_inc(&midCount); | |
464 | temp->mid_state = MID_REQUEST_ALLOCATED; | |
465 | return temp; | |
466 | } | |
467 | ||
468 | static int | |
469 | smb2_get_mid_entry(struct cifs_ses *ses, struct smb2_hdr *buf, | |
470 | struct mid_q_entry **mid) | |
471 | { | |
472 | if (ses->server->tcpStatus == CifsExiting) | |
473 | return -ENOENT; | |
474 | ||
475 | if (ses->server->tcpStatus == CifsNeedReconnect) { | |
f96637be | 476 | cifs_dbg(FYI, "tcp session dead - return to caller to retry\n"); |
2dc7e1c0 PS |
477 | return -EAGAIN; |
478 | } | |
479 | ||
480 | if (ses->status != CifsGood) { | |
481 | /* check if SMB2 session is bad because we are setting it up */ | |
482 | if ((buf->Command != SMB2_SESSION_SETUP) && | |
483 | (buf->Command != SMB2_NEGOTIATE)) | |
484 | return -EAGAIN; | |
485 | /* else ok - we are setting up session */ | |
486 | } | |
487 | *mid = smb2_mid_entry_alloc(buf, ses->server); | |
488 | if (*mid == NULL) | |
489 | return -ENOMEM; | |
490 | spin_lock(&GlobalMid_Lock); | |
491 | list_add_tail(&(*mid)->qhead, &ses->server->pending_mid_q); | |
492 | spin_unlock(&GlobalMid_Lock); | |
493 | return 0; | |
494 | } | |
495 | ||
496 | int | |
497 | smb2_check_receive(struct mid_q_entry *mid, struct TCP_Server_Info *server, | |
498 | bool log_error) | |
499 | { | |
500 | unsigned int len = get_rfc1002_length(mid->resp_buf); | |
0b688cfc JL |
501 | struct kvec iov; |
502 | struct smb_rqst rqst = { .rq_iov = &iov, | |
503 | .rq_nvec = 1 }; | |
504 | ||
505 | iov.iov_base = (char *)mid->resp_buf; | |
506 | iov.iov_len = get_rfc1002_length(mid->resp_buf) + 4; | |
2dc7e1c0 PS |
507 | |
508 | dump_smb(mid->resp_buf, min_t(u32, 80, len)); | |
509 | /* convert the length into a more usable form */ | |
38d77c50 | 510 | if (len > 24 && server->sign) { |
3c1bf7e4 PS |
511 | int rc; |
512 | ||
0b688cfc | 513 | rc = smb2_verify_signature(&rqst, server); |
3c1bf7e4 | 514 | if (rc) |
f96637be JP |
515 | cifs_dbg(VFS, "SMB signature verification returned error = %d\n", |
516 | rc); | |
3c1bf7e4 | 517 | } |
2dc7e1c0 PS |
518 | |
519 | return map_smb2_to_linux_error(mid->resp_buf, log_error); | |
520 | } | |
521 | ||
fec344e3 JL |
522 | struct mid_q_entry * |
523 | smb2_setup_request(struct cifs_ses *ses, struct smb_rqst *rqst) | |
2dc7e1c0 PS |
524 | { |
525 | int rc; | |
fec344e3 | 526 | struct smb2_hdr *hdr = (struct smb2_hdr *)rqst->rq_iov[0].iov_base; |
2dc7e1c0 PS |
527 | struct mid_q_entry *mid; |
528 | ||
529 | smb2_seq_num_into_buf(ses->server, hdr); | |
530 | ||
531 | rc = smb2_get_mid_entry(ses, hdr, &mid); | |
532 | if (rc) | |
fec344e3 JL |
533 | return ERR_PTR(rc); |
534 | rc = smb2_sign_rqst(rqst, ses->server); | |
535 | if (rc) { | |
3c1bf7e4 | 536 | cifs_delete_mid(mid); |
fec344e3 JL |
537 | return ERR_PTR(rc); |
538 | } | |
539 | return mid; | |
2dc7e1c0 PS |
540 | } |
541 | ||
fec344e3 JL |
542 | struct mid_q_entry * |
543 | smb2_setup_async_request(struct TCP_Server_Info *server, struct smb_rqst *rqst) | |
c95b8eed | 544 | { |
fec344e3 JL |
545 | int rc; |
546 | struct smb2_hdr *hdr = (struct smb2_hdr *)rqst->rq_iov[0].iov_base; | |
c95b8eed PS |
547 | struct mid_q_entry *mid; |
548 | ||
549 | smb2_seq_num_into_buf(server, hdr); | |
550 | ||
551 | mid = smb2_mid_entry_alloc(hdr, server); | |
552 | if (mid == NULL) | |
fec344e3 | 553 | return ERR_PTR(-ENOMEM); |
c95b8eed | 554 | |
fec344e3 | 555 | rc = smb2_sign_rqst(rqst, server); |
c95b8eed PS |
556 | if (rc) { |
557 | DeleteMidQEntry(mid); | |
fec344e3 | 558 | return ERR_PTR(rc); |
3c1bf7e4 PS |
559 | } |
560 | ||
fec344e3 | 561 | return mid; |
c95b8eed | 562 | } |