Lines Matching +full:permit +full:-
1 // SPDX-License-Identifier: GPL-2.0-or-later
21 static const char basechars[43] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_-!@#$%";
22 #define MANGLE_BASE (sizeof(basechars) / sizeof(char) - 1)
83 return (2U << 30) - 1; in ksmbd_server_side_copy_max_chunk_size()
88 return (2U << 30) - 1; in ksmbd_server_side_copy_max_total_size()
103 int offt = ARRAY_SIZE(smb1_protos) - 1; in ksmbd_lookup_protocol_idx()
112 offt--; in ksmbd_lookup_protocol_idx()
115 offt = ARRAY_SIZE(smb2_protos) - 1; in ksmbd_lookup_protocol_idx()
122 offt--; in ksmbd_lookup_protocol_idx()
124 return -1; in ksmbd_lookup_protocol_idx()
128 * ksmbd_verify_smb_message() - check for valid smb2 request header
133 * Return: 0 on success, otherwise -EINVAL
140 if (smb2_hdr->ProtocolId == SMB2_PROTO_NUMBER) in ksmbd_verify_smb_message()
143 hdr = work->request_buf; in ksmbd_verify_smb_message()
144 if (*(__le32 *)hdr->Protocol == SMB1_PROTO_NUMBER && in ksmbd_verify_smb_message()
145 hdr->Command == SMB_COM_NEGOTIATE) { in ksmbd_verify_smb_message()
146 work->conn->outstanding_credits++; in ksmbd_verify_smb_message()
150 return -EINVAL; in ksmbd_verify_smb_message()
154 * ksmbd_smb_request() - check for valid smb request type
163 if (conn->request_buf[0] != 0) in ksmbd_smb_request()
166 proto = (__le32 *)smb2_get_msg(conn->request_buf); in ksmbd_smb_request()
205 for (i = ARRAY_SIZE(smb1_protos) - 1; i >= 0; i--) { in ksmbd_lookup_dialect_by_name()
227 bcount -= (++next); in ksmbd_lookup_dialect_by_name()
239 for (i = ARRAY_SIZE(smb2_protos) - 1; i >= 0; i--) { in ksmbd_lookup_dialect_by_id()
241 while (--count >= 0) { in ksmbd_lookup_dialect_by_id()
262 __le32 proto = ((struct smb2_hdr *)smb2_get_msg(buf))->ProtocolId; in ksmbd_negotiate_smb_dialect()
273 if (struct_size(req, Dialects, le16_to_cpu(req->DialectCount)) > in ksmbd_negotiate_smb_dialect()
277 return ksmbd_lookup_dialect_by_id(req->Dialects, in ksmbd_negotiate_smb_dialect()
278 req->DialectCount); in ksmbd_negotiate_smb_dialect()
281 proto = *(__le32 *)((struct smb_hdr *)buf)->Protocol; in ksmbd_negotiate_smb_dialect()
286 if (le16_to_cpu(req->ByteCount) < 2) in ksmbd_negotiate_smb_dialect()
289 if (offsetof(struct smb_negotiate_req, DialectsArray) - 4 + in ksmbd_negotiate_smb_dialect()
290 le16_to_cpu(req->ByteCount) > smb_buf_length) { in ksmbd_negotiate_smb_dialect()
294 return ksmbd_lookup_dialect_by_name(req->DialectsArray, in ksmbd_negotiate_smb_dialect()
295 req->ByteCount); in ksmbd_negotiate_smb_dialect()
305 * get_smb1_cmd_val() - get smb command value from smb header
316 * init_smb1_rsp_hdr() - initialize smb negotiate response header
319 * Return: 0 on success, otherwise -EINVAL
323 struct smb_hdr *rsp_hdr = (struct smb_hdr *)work->response_buf; in init_smb1_rsp_hdr()
324 struct smb_hdr *rcv_hdr = (struct smb_hdr *)work->request_buf; in init_smb1_rsp_hdr()
326 rsp_hdr->Command = SMB_COM_NEGOTIATE; in init_smb1_rsp_hdr()
327 *(__le32 *)rsp_hdr->Protocol = SMB1_PROTO_NUMBER; in init_smb1_rsp_hdr()
328 rsp_hdr->Flags = SMBFLG_RESPONSE; in init_smb1_rsp_hdr()
329 rsp_hdr->Flags2 = SMBFLG2_UNICODE | SMBFLG2_ERR_STATUS | in init_smb1_rsp_hdr()
331 rsp_hdr->Pid = rcv_hdr->Pid; in init_smb1_rsp_hdr()
332 rsp_hdr->Mid = rcv_hdr->Mid; in init_smb1_rsp_hdr()
337 * smb1_check_user_session() - check for valid session for a user
344 unsigned int cmd = work->conn->ops->get_cmd_val(work); in smb1_check_user_session()
349 return -EINVAL; in smb1_check_user_session()
353 * smb1_allocate_rsp_buf() - allocate response buffer for a command
356 * Return: 0 on success, otherwise -ENOMEM
360 work->response_buf = kzalloc(MAX_CIFS_SMALL_BUFFER_SIZE, in smb1_allocate_rsp_buf()
362 work->response_sz = MAX_CIFS_SMALL_BUFFER_SIZE; in smb1_allocate_rsp_buf()
364 if (!work->response_buf) { in smb1_allocate_rsp_buf()
367 return -ENOMEM; in smb1_allocate_rsp_buf()
374 * set_smb1_rsp_status() - set error type in smb response header
380 work->send_no_response = 1; in set_smb1_rsp_status()
406 conn->vals = &smb1_server_values; in init_smb1_server()
407 conn->ops = &smb1_server_ops; in init_smb1_server()
408 conn->cmds = smb1_server_cmds; in init_smb1_server()
409 conn->max_cmds = ARRAY_SIZE(smb1_server_cmds); in init_smb1_server()
417 proto = *(__le32 *)((struct smb_hdr *)conn->request_buf)->Protocol; in ksmbd_init_smb_server()
418 if (conn->need_neg == false) { in ksmbd_init_smb_server()
420 return -EINVAL; in ksmbd_init_smb_server()
438 struct ksmbd_conn *conn = work->conn; in ksmbd_populate_dot_dotdot_entries()
439 struct mnt_idmap *idmap = file_mnt_idmap(dir->filp); in ksmbd_populate_dot_dotdot_entries()
446 if (!dir->dot_dotdot[i]) { /* fill dot entry info */ in ksmbd_populate_dot_dotdot_entries()
448 d_info->name = "."; in ksmbd_populate_dot_dotdot_entries()
449 d_info->name_len = 1; in ksmbd_populate_dot_dotdot_entries()
450 dentry = dir->filp->f_path.dentry; in ksmbd_populate_dot_dotdot_entries()
452 d_info->name = ".."; in ksmbd_populate_dot_dotdot_entries()
453 d_info->name_len = 2; in ksmbd_populate_dot_dotdot_entries()
454 dentry = dir->filp->f_path.dentry->d_parent; in ksmbd_populate_dot_dotdot_entries()
457 if (!match_pattern(d_info->name, d_info->name_len, in ksmbd_populate_dot_dotdot_entries()
459 dir->dot_dotdot[i] = 1; in ksmbd_populate_dot_dotdot_entries()
474 if (d_info->out_buf_len <= 0) in ksmbd_populate_dot_dotdot_entries()
477 dir->dot_dotdot[i] = 1; in ksmbd_populate_dot_dotdot_entries()
478 if (d_info->flags & SMB2_RETURN_SINGLE_ENTRY) { in ksmbd_populate_dot_dotdot_entries()
479 d_info->out_buf_len = 0; in ksmbd_populate_dot_dotdot_entries()
489 * ksmbd_extract_shortname() - get shortname from long filename
549 for (; len > 0; len--, ptr++) in ksmbd_extract_shortname()
562 conn->local_nls, 0); in ksmbd_extract_shortname()
569 return (conn->dialect >= SMB20_PROT_ID && in __smb2_negotiate()
570 conn->dialect <= SMB311_PROT_ID); in __smb2_negotiate()
575 struct smb_negotiate_rsp *neg_rsp = work->response_buf; in smb_handle_negotiate()
580 sizeof(struct smb_negotiate_rsp) - 4)) in smb_handle_negotiate()
581 return -ENOMEM; in smb_handle_negotiate()
583 neg_rsp->hdr.Status.CifsError = STATUS_SUCCESS; in smb_handle_negotiate()
584 neg_rsp->hdr.WordCount = 1; in smb_handle_negotiate()
585 neg_rsp->DialectIndex = cpu_to_le16(work->conn->dialect); in smb_handle_negotiate()
586 neg_rsp->ByteCount = 0; in smb_handle_negotiate()
592 struct ksmbd_conn *conn = work->conn; in ksmbd_smb_negotiate_common()
595 conn->dialect = in ksmbd_smb_negotiate_common()
596 ksmbd_negotiate_smb_dialect(work->request_buf); in ksmbd_smb_negotiate_common()
597 ksmbd_debug(SMB, "conn->dialect 0x%x\n", conn->dialect); in ksmbd_smb_negotiate_common()
615 return -EINVAL; in ksmbd_smb_negotiate_common()
628 "Current access mode does not permit SHARE_DELETE",
629 "Current access mode does not permit SHARE_READ",
630 "Current access mode does not permit SHARE_WRITE",
631 "Desired access mode does not permit FILE_READ",
632 "Desired access mode does not permit FILE_WRITE",
633 "Desired access mode does not permit FILE_DELETE",
641 prev_fp->saccess, curr_fp->daccess); in smb_shared_mode_error()
653 down_read(&curr_fp->f_ci->m_lock); in ksmbd_smb_check_shared_mode()
654 list_for_each_entry(prev_fp, &curr_fp->f_ci->m_fp_list, node) { in ksmbd_smb_check_shared_mode()
655 if (file_inode(filp) != file_inode(prev_fp->filp)) in ksmbd_smb_check_shared_mode()
658 if (filp == prev_fp->filp) in ksmbd_smb_check_shared_mode()
662 if (strcmp(prev_fp->stream.name, curr_fp->stream.name)) in ksmbd_smb_check_shared_mode()
665 if (prev_fp->attrib_only != curr_fp->attrib_only) in ksmbd_smb_check_shared_mode()
668 if (!(prev_fp->saccess & FILE_SHARE_DELETE_LE) && in ksmbd_smb_check_shared_mode()
669 curr_fp->daccess & FILE_DELETE_LE) { in ksmbd_smb_check_shared_mode()
673 rc = -EPERM; in ksmbd_smb_check_shared_mode()
684 if (!(prev_fp->saccess & FILE_SHARE_READ_LE) && in ksmbd_smb_check_shared_mode()
685 curr_fp->daccess & (FILE_EXECUTE_LE | FILE_READ_DATA_LE)) { in ksmbd_smb_check_shared_mode()
689 rc = -EPERM; in ksmbd_smb_check_shared_mode()
693 if (!(prev_fp->saccess & FILE_SHARE_WRITE_LE) && in ksmbd_smb_check_shared_mode()
694 curr_fp->daccess & (FILE_WRITE_DATA_LE | FILE_APPEND_DATA_LE)) { in ksmbd_smb_check_shared_mode()
698 rc = -EPERM; in ksmbd_smb_check_shared_mode()
702 if (prev_fp->daccess & (FILE_EXECUTE_LE | FILE_READ_DATA_LE) && in ksmbd_smb_check_shared_mode()
703 !(curr_fp->saccess & FILE_SHARE_READ_LE)) { in ksmbd_smb_check_shared_mode()
707 rc = -EPERM; in ksmbd_smb_check_shared_mode()
711 if (prev_fp->daccess & (FILE_WRITE_DATA_LE | FILE_APPEND_DATA_LE) && in ksmbd_smb_check_shared_mode()
712 !(curr_fp->saccess & FILE_SHARE_WRITE_LE)) { in ksmbd_smb_check_shared_mode()
716 rc = -EPERM; in ksmbd_smb_check_shared_mode()
720 if (prev_fp->daccess & FILE_DELETE_LE && in ksmbd_smb_check_shared_mode()
721 !(curr_fp->saccess & FILE_SHARE_DELETE_LE)) { in ksmbd_smb_check_shared_mode()
725 rc = -EPERM; in ksmbd_smb_check_shared_mode()
729 up_read(&curr_fp->f_ci->m_lock); in ksmbd_smb_check_shared_mode()
742 struct ksmbd_session *sess = work->sess; in __ksmbd_override_fsids()
743 struct ksmbd_user *user = sess->user; in __ksmbd_override_fsids()
752 if (share->force_uid != KSMBD_SHARE_INVALID_UID) in __ksmbd_override_fsids()
753 uid = share->force_uid; in __ksmbd_override_fsids()
754 if (share->force_gid != KSMBD_SHARE_INVALID_GID) in __ksmbd_override_fsids()
755 gid = share->force_gid; in __ksmbd_override_fsids()
759 return -ENOMEM; in __ksmbd_override_fsids()
761 cred->fsuid = make_kuid(&init_user_ns, uid); in __ksmbd_override_fsids()
762 cred->fsgid = make_kgid(&init_user_ns, gid); in __ksmbd_override_fsids()
764 gi = groups_alloc(user->ngroups); in __ksmbd_override_fsids()
767 return -ENOMEM; in __ksmbd_override_fsids()
770 for (i = 0; i < user->ngroups; i++) in __ksmbd_override_fsids()
771 gi->gid[i] = make_kgid(&init_user_ns, user->sgid[i]); in __ksmbd_override_fsids()
773 if (user->ngroups) in __ksmbd_override_fsids()
779 if (!uid_eq(cred->fsuid, GLOBAL_ROOT_UID)) in __ksmbd_override_fsids()
780 cred->cap_effective = cap_drop_fs_set(cred->cap_effective); in __ksmbd_override_fsids()
782 WARN_ON(work->saved_cred); in __ksmbd_override_fsids()
783 work->saved_cred = override_creds(cred); in __ksmbd_override_fsids()
784 if (!work->saved_cred) { in __ksmbd_override_fsids()
786 return -EINVAL; in __ksmbd_override_fsids()
793 return __ksmbd_override_fsids(work, work->tcon->share_conf); in ksmbd_override_fsids()
800 WARN_ON(!work->saved_cred); in ksmbd_revert_fsids()
803 revert_creds(work->saved_cred); in ksmbd_revert_fsids()
805 work->saved_cred = NULL; in ksmbd_revert_fsids()