Merge branch 'for-next' of git://git.samba.org/sfrench/cifs-2.6

	select CRYPTO_ARC4

	select CRYPTO_ECB

	select CRYPTO_DES

	select CRYPTO_SHA256

	select CRYPTO_CMAC

	help

	  This is the client VFS module for the Common Internet File System

	  (CIFS) protocol which is the successor to the Server Message Block

config CIFS_SMB2

	bool "SMB2 and SMB3 network file system support"

	depends on CIFS && INET

	select NLS

	depends on CIFS

	select KEYS

	select FSCACHE

	select DNS_RESOLVER

	select CRYPTO_AES

	select CRYPTO_SHA256

	select CRYPTO_CMAC

	select CRYPTO_AEAD2

	select CRYPTO_CCM

	help

	  This enables support for the Server Message Block version 2

config CIFS_SMB311

	bool "SMB3.1.1 network file system support (Experimental)"

	depends on CIFS_SMB2 && INET

	depends on CIFS_SMB2

	help

	  This enables experimental support for the newest, SMB3.1.1, dialect.

#include <linux/random.h>

#include <linux/highmem.h>

#include <crypto/skcipher.h>

#include <crypto/aead.h>

static int

cifs_crypto_shash_md5_allocate(struct TCP_Server_Info *server)

	struct kvec *iov = rqst->rq_iov;

	int n_vec = rqst->rq_nvec;

	for (i = 0; i < n_vec; i++) {

	if (n_vec < 2 || iov[0].iov_len != 4)

		return -EIO;

	for (i = 1; i < n_vec; i++) {

		if (iov[i].iov_len == 0)

			continue;

		if (iov[i].iov_base == NULL) {

			cifs_dbg(VFS, "null iovec entry\n");

			return -EIO;

		}

		/* The first entry includes a length field (which does not get

		   signed that occupies the first 4 bytes before the header */

		if (i == 0) {

			if (iov[0].iov_len <= 8) /* cmd field at offset 9 */

		if (i == 1 && iov[1].iov_len <= 4)

			break; /* nothing to sign or corrupt header */

			rc = crypto_shash_update(shash,

				iov[i].iov_base + 4, iov[i].iov_len - 4);

		} else {

		rc = crypto_shash_update(shash,

					 iov[i].iov_base, iov[i].iov_len);

		}

		if (rc) {

			cifs_dbg(VFS, "%s: Could not update with payload\n",

				 __func__);

	char smb_signature[20];

	struct smb_hdr *cifs_pdu = (struct smb_hdr *)rqst->rq_iov[0].iov_base;

	if (rqst->rq_iov[0].iov_len != 4 ||

	    rqst->rq_iov[0].iov_base + 4 != rqst->rq_iov[1].iov_base)

		return -EIO;

	if ((cifs_pdu == NULL) || (server == NULL))

		return -EINVAL;

int cifs_sign_smb(struct smb_hdr *cifs_pdu, struct TCP_Server_Info *server,

		  __u32 *pexpected_response_sequence_number)

{

	struct kvec iov;

	struct kvec iov[2];

	iov.iov_base = cifs_pdu;

	iov.iov_len = be32_to_cpu(cifs_pdu->smb_buf_length) + 4;

	iov[0].iov_base = cifs_pdu;

	iov[0].iov_len = 4;

	iov[1].iov_base = (char *)cifs_pdu + 4;

	iov[1].iov_len = be32_to_cpu(cifs_pdu->smb_buf_length);

	return cifs_sign_smbv(&iov, 1, server,

	return cifs_sign_smbv(iov, 2, server,

			      pexpected_response_sequence_number);

}

	char what_we_think_sig_should_be[20];

	struct smb_hdr *cifs_pdu = (struct smb_hdr *)rqst->rq_iov[0].iov_base;

	if (rqst->rq_iov[0].iov_len != 4 ||

	    rqst->rq_iov[0].iov_base + 4 != rqst->rq_iov[1].iov_base)

		return -EIO;

	if (cifs_pdu == NULL || server == NULL)

		return -EINVAL;

}

void

cifs_crypto_shash_release(struct TCP_Server_Info *server)

cifs_crypto_secmech_release(struct TCP_Server_Info *server)

{

	if (server->secmech.cmacaes) {

		crypto_free_shash(server->secmech.cmacaes);

		server->secmech.hmacmd5 = NULL;

	}

	if (server->secmech.ccmaesencrypt) {

		crypto_free_aead(server->secmech.ccmaesencrypt);

		server->secmech.ccmaesencrypt = NULL;

	}

	if (server->secmech.ccmaesdecrypt) {

		crypto_free_aead(server->secmech.ccmaesdecrypt);

		server->secmech.ccmaesdecrypt = NULL;

	}

	kfree(server->secmech.sdesccmacaes);

	server->secmech.sdesccmacaes = NULL;

	kfree(server->secmech.sdeschmacsha256);

    ("VFS to access servers complying with the SNIA CIFS Specification "

     "e.g. Samba and Windows");

MODULE_VERSION(CIFS_VERSION);

MODULE_SOFTDEP("pre: arc4");

MODULE_SOFTDEP("pre: des");

MODULE_SOFTDEP("pre: ecb");

MODULE_SOFTDEP("pre: hmac");

MODULE_SOFTDEP("pre: md4");

MODULE_SOFTDEP("pre: md5");

MODULE_SOFTDEP("pre: nls");

#ifdef CONFIG_CIFS_SMB2

MODULE_SOFTDEP("pre: aes");

MODULE_SOFTDEP("pre: cmac");

MODULE_SOFTDEP("pre: sha256");

MODULE_SOFTDEP("pre: aead2");

MODULE_SOFTDEP("pre: ccm");

#endif /* CONFIG_CIFS_SMB2 */

module_init(init_cifs)

module_exit(exit_cifs)

	struct sdesc *sdescmd5; /* ctxt to generate cifs/smb signature */

	struct sdesc *sdeschmacsha256;  /* ctxt to generate smb2 signature */

	struct sdesc *sdesccmacaes;  /* ctxt to generate smb3 signature */

	struct crypto_aead *ccmaesencrypt; /* smb3 encryption aead */

	struct crypto_aead *ccmaesdecrypt; /* smb3 decryption aead */

};

/* per smb session structure/fields */

struct cifs_open_parms;

struct smb_version_operations {

	int (*send_cancel)(struct TCP_Server_Info *, void *,

	int (*send_cancel)(struct TCP_Server_Info *, struct smb_rqst *,

			   struct mid_q_entry *);

	bool (*compare_fids)(struct cifsFileInfo *, struct cifsFileInfo *);

	/* setup request: allocate mid, sign message */

	bool (*dir_needs_close)(struct cifsFileInfo *);

	long (*fallocate)(struct file *, struct cifs_tcon *, int, loff_t,

			  loff_t);

	/* init transform request - used for encryption for now */

	int (*init_transform_rq)(struct TCP_Server_Info *, struct smb_rqst *,

				 struct smb_rqst *);

	/* free transform request */

	void (*free_transform_rq)(struct smb_rqst *);

	int (*is_transform_hdr)(void *buf);

	int (*receive_transform)(struct TCP_Server_Info *,

				 struct mid_q_entry **);

};

struct smb_version_values {

	int (*read_into_pages)(struct TCP_Server_Info *server,

				struct cifs_readdata *rdata,

				unsigned int len);

	struct kvec			iov;

	int (*copy_into_pages)(struct TCP_Server_Info *server,

				struct cifs_readdata *rdata,

				struct iov_iter *iter);

	struct kvec			iov[2];

	unsigned int			pagesz;

	unsigned int			tailsz;

	unsigned int			credits;

 */

typedef void (mid_callback_t)(struct mid_q_entry *mid);

/*

 * This is the protopyte for mid handle function. This is called once the mid

 * has been recognized after decryption of the message.

 */

typedef int (mid_handle_t)(struct TCP_Server_Info *server,

			    struct mid_q_entry *mid);

/* one of these for every pending CIFS request to the server */

struct mid_q_entry {

	struct list_head qhead;	/* mids waiting on reply from this server */

#endif

	mid_receive_t *receive; /* call receive callback */

	mid_callback_t *callback; /* call completion callback */

	mid_handle_t *handle; /* call handle mid callback */

	void *callback_data;	  /* general purpose pointer for callback */

	void *resp_buf;		/* pointer to received SMB header */

	int mid_state;	/* wish this were enum but can not pass to wait_event */

	bool large_buf:1;	/* if valid response, is pointer to large buf */

	bool multiRsp:1;	/* multiple trans2 responses for one request  */

	bool multiEnd:1;	/* both received */

	bool decrypted:1;	/* decrypted entry */

};

/*	Make code in transport.c a little cleaner by moving

#define   CIFS_OBREAK_OP   0x0100    /* oplock break request */

#define   CIFS_NEG_OP      0x0200    /* negotiate request */

#define   CIFS_OP_MASK     0x0380    /* mask request type */

#define   CIFS_HAS_CREDITS 0x0400    /* already has credits */

#define   CIFS_TRANSFORM_REQ 0x0800    /* transform request before sending */

/* Security Flags: indicate type of session setup needed */

#define   CIFSSEC_MAY_SIGN	0x00001

extern void DeleteMidQEntry(struct mid_q_entry *midEntry);

extern void cifs_delete_mid(struct mid_q_entry *mid);

extern void cifs_wake_up_task(struct mid_q_entry *mid);

extern int cifs_handle_standard(struct TCP_Server_Info *server,

				struct mid_q_entry *mid);

extern int cifs_discard_remaining_data(struct TCP_Server_Info *server);

extern int cifs_call_async(struct TCP_Server_Info *server,

			struct smb_rqst *rqst,

			mid_receive_t *receive, mid_callback_t *callback,

			void *cbdata, const int flags);

			mid_handle_t *handle, void *cbdata, const int flags);

extern int cifs_send_recv(const unsigned int xid, struct cifs_ses *ses,

			  struct smb_rqst *rqst, int *resp_buf_type,

			  const int flags, struct kvec *resp_iov);

extern int SendReceive(const unsigned int /* xid */ , struct cifs_ses *,

			struct smb_hdr * /* input */ ,

			struct smb_hdr * /* out */ ,

				 unsigned int *credits);

extern int SendReceive2(const unsigned int /* xid */ , struct cifs_ses *,

			struct kvec *, int /* nvec to send */,

			int * /* type of buf returned */ , const int flags);

			int * /* type of buf returned */, const int flags,

			struct kvec * /* resp vec */);

extern int SendReceiveBlockingLock(const unsigned int xid,

			struct cifs_tcon *ptcon,

			struct smb_hdr *in_buf ,

			const struct nls_table *);

extern int setup_ntlm_response(struct cifs_ses *, const struct nls_table *);

extern int setup_ntlmv2_rsp(struct cifs_ses *, const struct nls_table *);

extern void cifs_crypto_shash_release(struct TCP_Server_Info *);

extern void cifs_crypto_secmech_release(struct TCP_Server_Info *server);

extern int calc_seckey(struct cifs_ses *);

extern int generate_smb30signingkey(struct cifs_ses *);

extern int generate_smb311signingkey(struct cifs_ses *);