From patchwork Sun Jun 28 23:36:10 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Steve French <smfrench@gmail.com>
X-Patchwork-Id: 6686871
Return-Path: <linux-fsdevel-owner@kernel.org>
X-Original-To: patchwork-linux-fsdevel@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork2.web.kernel.org (Postfix) with ESMTP id 1EDE2C05AC
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Sun, 28 Jun 2015 23:36:47 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 1832620544
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Sun, 28 Jun 2015 23:36:46 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 0E1BC20524
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Sun, 28 Jun 2015 23:36:45 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752192AbbF1Xgn (ORCPT
	<rfc822;patchwork-linux-fsdevel@patchwork.kernel.org>);
	Sun, 28 Jun 2015 19:36:43 -0400
Received: from mail-yk0-f171.google.com ([209.85.160.171]:35991 "EHLO
	mail-yk0-f171.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752547AbbF1Xgf (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Sun, 28 Jun 2015 19:36:35 -0400
Received: by ykdr198 with SMTP id r198so101164771ykd.3;
	Sun, 28 Jun 2015 16:36:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20120113;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=X6M22BTBVpwyo8lqoLSpj7RFzI2g2pJf3KZRvDojTmE=;
	b=0WyrVBfhxtcIhs5iQCufaWhe4K0AUSo/BcWYb1A9ZHGOzX8p5iJ4pmyYyORs2ADPfw
	9FfadOb+b7WIbuwpec0L+Uvd60dWhsm9mTO9MXEK2YRrrmRwsAoC/eMlSBsTroEWLfcF
	n5yHhmY3DvH3yTWnjoV3TXUkspL+yxQKWPJQJCq3Q4gGEkRV2qehlZ0EGFgLy7tR9jBX
	ny7ocv5sCxqRHcKP8id3rTLvBIh3Jqo8Zd6XR3MYkrmHXrJxPODViCZoX4rPP2Vxljkf
	C7aUc9kBqcNcnt4xAHzINOY9vviwXx/H3aY7qcXw0+oXjnOObCkRU7A96jZcAK0YYkbJ
	lL4A==
X-Received: by 10.170.71.65 with SMTP id n62mr14248546ykn.45.1435534594449;
	Sun, 28 Jun 2015 16:36:34 -0700 (PDT)
Received: from ubuntu.localdomain (cpe-68-203-16-26.austin.res.rr.com.
	[68.203.16.26]) by mx.google.com with ESMTPSA id
	q67sm35224189ywe.54.2015.06.28.16.36.32
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Sun, 28 Jun 2015 16:36:33 -0700 (PDT)
From: Steve French <smfrench@gmail.com>
X-Google-Original-From: Steve French <steve.french@primarydata.com>
To: linux-cifs@vger.kernel.org
Cc: linux-fsdevel@vger.kernel.org, Steve French <smfrench@gmail.com>,
	Steve French <steve.french@primarydata.com>
Subject: [PATCH 5/5] Update negotiate protocol for SMB3.11 dialect
Date: Sun, 28 Jun 2015 18:36:10 -0500
Message-Id: <1435534570-10864-5-git-send-email-steve.french@primarydata.com>
X-Mailer: git-send-email 2.1.4
In-Reply-To: <1435534570-10864-1-git-send-email-steve.french@primarydata.com>
References: <1435534570-10864-1-git-send-email-steve.french@primarydata.com>
Sender: linux-fsdevel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-fsdevel.vger.kernel.org>
X-Mailing-List: linux-fsdevel@vger.kernel.org
X-Spam-Status: No, score=-7.4 required=5.0 tests=BAYES_00,
	DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD,
	T_DKIM_INVALID, UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

From: Steve French <smfrench@gmail.com>

Send negotiate contexts when SMB3.11 dialect is negotiated
(ie the preauth and the encryption contexts) and
Initialize SMB3.11 preauth negotiate context salt to random bytes

Followon patch will update session setup and tree connect

Signed-off-by: Steve French <steve.french@primarydata.com>
---
 fs/cifs/smb2pdu.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++--
 fs/cifs/smb2pdu.h |  6 +++---
 2 files changed, 60 insertions(+), 5 deletions(-)

diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index 0479e3c..b8b4f08 100644
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -304,6 +304,59 @@ small_smb2_init(__le16 smb2_command, struct cifs_tcon *tcon,
 	return rc;
 }
 
+#ifdef CONFIG_CIFS_SMB311
+/* offset is sizeof smb2_negotiate_req - 4 but rounded up to 8 bytes */
+#define OFFSET_OF_NEG_CONTEXT 0x68  /* sizeof(struct smb2_negotiate_req) - 4 */
+
+
+#define SMB2_PREAUTH_INTEGRITY_CAPABILITIES	cpu_to_le16(1)
+#define SMB2_ENCRYPTION_CAPABILITIES		cpu_to_le16(2)
+
+static void
+build_preauth_ctxt(struct smb2_preauth_neg_context *pneg_ctxt)
+{
+	pneg_ctxt->ContextType = SMB2_PREAUTH_INTEGRITY_CAPABILITIES;
+	pneg_ctxt->DataLength = cpu_to_le16(38);
+	pneg_ctxt->HashAlgorithmCount = cpu_to_le16(1);
+	pneg_ctxt->SaltLength = cpu_to_le16(SMB311_SALT_SIZE);
+	get_random_bytes(pneg_ctxt->Salt, SMB311_SALT_SIZE);
+	pneg_ctxt->HashAlgorithms = SMB2_PREAUTH_INTEGRITY_SHA512;
+}
+
+static void
+build_encrypt_ctxt(struct smb2_encryption_neg_context *pneg_ctxt)
+{
+	pneg_ctxt->ContextType = SMB2_ENCRYPTION_CAPABILITIES;
+	pneg_ctxt->DataLength = cpu_to_le16(6);
+	pneg_ctxt->CipherCount = cpu_to_le16(2);
+	pneg_ctxt->Ciphers[0] = SMB2_ENCRYPTION_AES128_GCM;
+	pneg_ctxt->Ciphers[1] = SMB2_ENCRYPTION_AES128_CCM;
+}
+
+static void
+assemble_neg_contexts(struct smb2_negotiate_req *req)
+{
+
+	/* +4 is to account for the RFC1001 len field */
+	char *pneg_ctxt = (char *)req + OFFSET_OF_NEG_CONTEXT + 4;
+
+	build_preauth_ctxt((struct smb2_preauth_neg_context *)pneg_ctxt);
+	/* Add 2 to size to round to 8 byte boundary */
+	pneg_ctxt += 2 + sizeof(struct smb2_preauth_neg_context);
+	build_encrypt_ctxt((struct smb2_encryption_neg_context *)pneg_ctxt);
+	req->NegotiateContextOffset = cpu_to_le32(OFFSET_OF_NEG_CONTEXT);
+	req->NegotiateContextCount = cpu_to_le16(2);
+	inc_rfc1001_len(req, 4 + sizeof(struct smb2_preauth_neg_context) + 2
+			+ sizeof(struct smb2_encryption_neg_context)); /* calculate hash */
+}
+#else
+static void assemble_neg_contexts(struct smb2_negotiate_req *req)
+{
+	return;
+}
+#endif /* SMB311 */
+
+
 /*
  *
  *	SMB2 Worker functions follow:
@@ -363,10 +416,12 @@ SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses)
 	/* ClientGUID must be zero for SMB2.02 dialect */
 	if (ses->server->vals->protocol_id == SMB20_PROT_ID)
 		memset(req->ClientGUID, 0, SMB2_CLIENT_GUID_SIZE);
-	else
+	else {
 		memcpy(req->ClientGUID, server->client_guid,
 			SMB2_CLIENT_GUID_SIZE);
-
+		if (ses->server->vals->protocol_id == SMB311_PROT_ID)
+			assemble_neg_contexts(req);
+	}
 	iov[0].iov_base = (char *)req;
 	/* 4 for rfc1002 length field */
 	iov[0].iov_len = get_rfc1002_length(req) + 4;
diff --git a/fs/cifs/smb2pdu.h b/fs/cifs/smb2pdu.h
index 2d91c2a..4511082 100644
--- a/fs/cifs/smb2pdu.h
+++ b/fs/cifs/smb2pdu.h
@@ -220,7 +220,7 @@ struct smb2_negotiate_req {
 
 #define SMB311_SALT_SIZE			32
 /* Hash Algorithm Types */
-#define SMB2_PREAUTH_INTEGRITY_SHA512	0x0001
+#define SMB2_PREAUTH_INTEGRITY_SHA512	cpu_to_le16(0x0001)
 
 struct smb2_preauth_neg_context {
 	__le16	ContextType; /* 1 */
@@ -240,8 +240,8 @@ struct smb2_encryption_neg_context {
 	__le16	ContextType; /* 2 */
 	__le16	DataLength;
 	__le32	Reserved;
-	__le16	CipherCount; /* 1 for time being, only AES-128-CCM */
-	__le16	Ciphers; /* Ciphers[0] since only one used now */
+	__le16	CipherCount; /* AES-128-GCM and AES-128-CCM */
+	__le16	Ciphers[2]; /* Ciphers[0] since only one used now */
 } __packed;
 
 struct smb2_negotiate_rsp {