// SPDX-License-Identifier: GPL-2.0-or-later /* * Copyright (C) 2016 Namjae Jeon <[email protected]> * Copyright (C) 2018 Samsung Electronics Co., Ltd. */ #include <linux/kernel.h> #include <linux/fs.h> #include <linux/uaccess.h> #include <linux/backing-dev.h> #include <linux/writeback.h> #include <linux/uio.h> #include <linux/xattr.h> #include <crypto/hash.h> #include <crypto/aead.h> #include <linux/random.h> #include <linux/scatterlist.h> #include "auth.h" #include "glob.h" #include <linux/fips.h> #include <crypto/des.h> #include "server.h" #include "smb_common.h" #include "connection.h" #include "mgmt/user_session.h" #include "mgmt/user_config.h" #include "crypto_ctx.h" #include "transport_ipc.h" #include "../common/arc4.h" /* * Fixed format data defining GSS header and fixed string * "not_defined_in_RFC4178@please_ignore". * So sec blob data in neg phase could be generated statically. */ static char NEGOTIATE_GSS_HEADER[AUTH_GSS_LENGTH] = …; void ksmbd_copy_gss_neg_header(void *buf) { … } /** * ksmbd_gen_sess_key() - function to generate session key * @sess: session of connection * @hash: source hash value to be used for find session key * @hmac: source hmac value to be used for finding session key * */ static int ksmbd_gen_sess_key(struct ksmbd_session *sess, char *hash, char *hmac) { … } static int calc_ntlmv2_hash(struct ksmbd_conn *conn, struct ksmbd_session *sess, char *ntlmv2_hash, char *dname) { … } /** * ksmbd_auth_ntlmv2() - NTLMv2 authentication handler * @conn: connection * @sess: session of connection * @ntlmv2: NTLMv2 challenge response * @blen: NTLMv2 blob length * @domain_name: domain name * @cryptkey: session crypto key * * Return: 0 on success, error number on error */ int ksmbd_auth_ntlmv2(struct ksmbd_conn *conn, struct ksmbd_session *sess, struct ntlmv2_resp *ntlmv2, int blen, char *domain_name, char *cryptkey) { … } /** * ksmbd_decode_ntlmssp_auth_blob() - helper function to construct * authenticate blob * @authblob: authenticate blob source pointer * @blob_len: length of the @authblob message * @conn: connection * @sess: session of connection * * Return: 0 on success, error number on error */ int ksmbd_decode_ntlmssp_auth_blob(struct authenticate_message *authblob, int blob_len, struct ksmbd_conn *conn, struct ksmbd_session *sess) { … } /** * ksmbd_decode_ntlmssp_neg_blob() - helper function to construct * negotiate blob * @negblob: negotiate blob source pointer * @blob_len: length of the @authblob message * @conn: connection * */ int ksmbd_decode_ntlmssp_neg_blob(struct negotiate_message *negblob, int blob_len, struct ksmbd_conn *conn) { … } /** * ksmbd_build_ntlmssp_challenge_blob() - helper function to construct * challenge blob * @chgblob: challenge blob source pointer to initialize * @conn: connection * */ unsigned int ksmbd_build_ntlmssp_challenge_blob(struct challenge_message *chgblob, struct ksmbd_conn *conn) { … } #ifdef CONFIG_SMB_SERVER_KERBEROS5 int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob, int in_len, char *out_blob, int *out_len) { … } #else int ksmbd_krb5_authenticate(struct ksmbd_session *sess, char *in_blob, int in_len, char *out_blob, int *out_len) { return -EOPNOTSUPP; } #endif /** * ksmbd_sign_smb2_pdu() - function to generate packet signing * @conn: connection * @key: signing key * @iov: buffer iov array * @n_vec: number of iovecs * @sig: signature value generated for client request packet * */ int ksmbd_sign_smb2_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov, int n_vec, char *sig) { … } /** * ksmbd_sign_smb3_pdu() - function to generate packet signing * @conn: connection * @key: signing key * @iov: buffer iov array * @n_vec: number of iovecs * @sig: signature value generated for client request packet * */ int ksmbd_sign_smb3_pdu(struct ksmbd_conn *conn, char *key, struct kvec *iov, int n_vec, char *sig) { … } struct derivation { … }; static int generate_key(struct ksmbd_conn *conn, struct ksmbd_session *sess, struct kvec label, struct kvec context, __u8 *key, unsigned int key_size) { … } static int generate_smb3signingkey(struct ksmbd_session *sess, struct ksmbd_conn *conn, const struct derivation *signing) { … } int ksmbd_gen_smb30_signingkey(struct ksmbd_session *sess, struct ksmbd_conn *conn) { … } int ksmbd_gen_smb311_signingkey(struct ksmbd_session *sess, struct ksmbd_conn *conn) { … } struct derivation_twin { … }; static int generate_smb3encryptionkey(struct ksmbd_conn *conn, struct ksmbd_session *sess, const struct derivation_twin *ptwin) { … } int ksmbd_gen_smb30_encryptionkey(struct ksmbd_conn *conn, struct ksmbd_session *sess) { … } int ksmbd_gen_smb311_encryptionkey(struct ksmbd_conn *conn, struct ksmbd_session *sess) { … } int ksmbd_gen_preauth_integrity_hash(struct ksmbd_conn *conn, char *buf, __u8 *pi_hash) { … } int ksmbd_gen_sd_hash(struct ksmbd_conn *conn, char *sd_buf, int len, __u8 *pi_hash) { … } static int ksmbd_get_encryption_key(struct ksmbd_work *work, __u64 ses_id, int enc, u8 *key) { … } static inline void smb2_sg_set_buf(struct scatterlist *sg, const void *buf, unsigned int buflen) { … } static struct scatterlist *ksmbd_init_sg(struct kvec *iov, unsigned int nvec, u8 *sign) { … } int ksmbd_crypt_message(struct ksmbd_work *work, struct kvec *iov, unsigned int nvec, int enc) { … }
Codebase Browser
linux