Skip to content

Commit 7ba3d1c

Browse files
smfrenchsmfrench
committed
smb3.1.1: allow dumping keys for multiuser mounts
When mounted multiuser it is hard to dump keys for the other sessions which makes it hard to debug using network traces (e.g. using wireshark). Suggested-by: Shyam Prasad N <sprasad@microsoft.com> Reviewed-by: Shyam Prasad N <sprasad@microsoft.com> Signed-off-by: Steve French <stfrench@microsoft.com>
1 parent aa22ebc commit 7ba3d1c

1 file changed

Lines changed: 46 additions & 20 deletions

File tree

fs/cifs/ioctl.c

Lines changed: 46 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -214,11 +214,54 @@ static int cifs_shutdown(struct super_block *sb, unsigned long arg)
214214
return 0;
215215
}
216216

217+
static int cifs_dump_full_key(struct cifs_tcon *tcon, unsigned long arg)
218+
{
219+
struct smb3_full_key_debug_info pfull_key_inf;
220+
__u64 suid;
221+
struct list_head *tmp;
222+
struct cifs_ses *ses;
223+
bool found = false;
224+
225+
if (!smb3_encryption_required(tcon))
226+
return -EOPNOTSUPP;
227+
228+
ses = tcon->ses; /* default to user id for current user */
229+
if (get_user(suid, (__u64 __user *)arg))
230+
suid = 0;
231+
if (suid) {
232+
/* search to see if there is a session with a matching SMB UID */
233+
spin_lock(&cifs_tcp_ses_lock);
234+
list_for_each(tmp, &tcon->ses->server->smb_ses_list) {
235+
ses = list_entry(tmp, struct cifs_ses, smb_ses_list);
236+
if (ses->Suid == suid) {
237+
found = true;
238+
break;
239+
}
240+
}
241+
spin_unlock(&cifs_tcp_ses_lock);
242+
if (found == false)
243+
return -EINVAL;
244+
} /* else uses default user's SMB UID (ie current user) */
245+
246+
pfull_key_inf.cipher_type = le16_to_cpu(ses->server->cipher_type);
247+
pfull_key_inf.Suid = ses->Suid;
248+
memcpy(pfull_key_inf.auth_key, ses->auth_key.response,
249+
16 /* SMB2_NTLMV2_SESSKEY_SIZE */);
250+
memcpy(pfull_key_inf.smb3decryptionkey, ses->smb3decryptionkey,
251+
32 /* SMB3_ENC_DEC_KEY_SIZE */);
252+
memcpy(pfull_key_inf.smb3encryptionkey,
253+
ses->smb3encryptionkey, 32 /* SMB3_ENC_DEC_KEY_SIZE */);
254+
if (copy_to_user((void __user *)arg, &pfull_key_inf,
255+
sizeof(struct smb3_full_key_debug_info)))
256+
return -EFAULT;
257+
258+
return 0;
259+
}
260+
217261
long cifs_ioctl(struct file *filep, unsigned int command, unsigned long arg)
218262
{
219263
struct inode *inode = file_inode(filep);
220264
struct smb3_key_debug_info pkey_inf;
221-
struct smb3_full_key_debug_info pfull_key_inf;
222265
int rc = -ENOTTY; /* strange error - but the precedent */
223266
unsigned int xid;
224267
struct cifsFileInfo *pSMBFile = filep->private_data;
@@ -366,26 +409,9 @@ long cifs_ioctl(struct file *filep, unsigned int command, unsigned long arg)
366409
rc = -EACCES;
367410
break;
368411
}
369-
370412
tcon = tlink_tcon(pSMBFile->tlink);
371-
if (!smb3_encryption_required(tcon)) {
372-
rc = -EOPNOTSUPP;
373-
break;
374-
}
375-
pfull_key_inf.cipher_type =
376-
le16_to_cpu(tcon->ses->server->cipher_type);
377-
pfull_key_inf.Suid = tcon->ses->Suid;
378-
memcpy(pfull_key_inf.auth_key, tcon->ses->auth_key.response,
379-
16 /* SMB2_NTLMV2_SESSKEY_SIZE */);
380-
memcpy(pfull_key_inf.smb3decryptionkey,
381-
tcon->ses->smb3decryptionkey, 32 /* SMB3_ENC_DEC_KEY_SIZE */);
382-
memcpy(pfull_key_inf.smb3encryptionkey,
383-
tcon->ses->smb3encryptionkey, 32 /* SMB3_ENC_DEC_KEY_SIZE */);
384-
if (copy_to_user((void __user *)arg, &pfull_key_inf,
385-
sizeof(struct smb3_full_key_debug_info)))
386-
rc = -EFAULT;
387-
else
388-
rc = 0;
413+
rc = cifs_dump_full_key(tcon, arg);
414+
389415
break;
390416
case CIFS_IOC_NOTIFY:
391417
if (!S_ISDIR(inode->i_mode)) {

0 commit comments

Comments
 (0)