From patchwork Fri Apr 30 22:19:35 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve French X-Patchwork-Id: 12234489 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id F398CC433ED for ; Fri, 30 Apr 2021 22:19:50 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D0BAE613C8 for ; Fri, 30 Apr 2021 22:19:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231716AbhD3WUi (ORCPT ); Fri, 30 Apr 2021 18:20:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38324 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230508AbhD3WUi (ORCPT ); Fri, 30 Apr 2021 18:20:38 -0400 Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2A13AC06138C for ; Fri, 30 Apr 2021 15:19:48 -0700 (PDT) Received: by mail-lf1-x129.google.com with SMTP id n138so112489811lfa.3 for ; Fri, 30 Apr 2021 15:19:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=677GcbHbokuUz3ONbfkNbzflb201QxYqU7+ghCNqpbc=; b=BHUrv5NP4Fd2YMxGip1UqfRuZLCwDV2X4wvdf8qzgorWRqoetejtOY1+SW1UeyuhQW eBe1oBoc+zKbkHU73I/ivmlv5MjBnm7Fx34StdxBucLD1VAggLvRpgIZwiiYHF7H2FDv TrkDpXJBytM+1nuofF4mFOLPqX7DRMXwdKUPEcOlSXJAWLtO6cR11jTXLaTWucooELNi uq5muAGrHlWRUBLYAHYuLJDKKBvAa4IuK2X5/zXav+clky57t4UZydlFn+k88xBQBcwS GOaZ+5TuJIS6w4EElf0tz78yBsOhEDZDAou6vSzcnf8BFnjFw9KJVPZBg9p8/IdLCehC qQkQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=677GcbHbokuUz3ONbfkNbzflb201QxYqU7+ghCNqpbc=; b=sfzXLz7O+x71hmfVFCke+VGvG13ZaNnFw5T+8soYhy5vQi6s1hcri/acTPudivtKhg 4qM4fPl1HvDuC+2IODF4KPRSu/fElOW23LslCXO1NjkfIkusFtA14jYHqENlPdbAlBs5 mUyHldq/XW2/JJKHVWY5S6Oy+ZZ39/Nsw68TuZxLNXJTO0KfkS3xav9AQ3NHk6PezL5e E5pOpxEUfNKAjSYiKIi8Nud22Ntv8uAZRUf/oSW1oYBawBfe3k72jWGUi/hv627XhrRP I17jB31kGO/3iAYH8X1BGeiucy1JEk4SuyT7VPv2aeZObMr91KfMxzg2rOH5pmg2rvky JAbw== X-Gm-Message-State: AOAM5339jwryHZEA8zhhD8XDS+v6fENGrGEajiRO8UiXp2vCReuWX4hu ghw6DdN8XwIjvMNte+2voVAc3S6WMNJIZEoc/x/OIHbKlg8= X-Google-Smtp-Source: ABdhPJy3UDscRBKYNvUxMRAICDfGRNZbJj9nqMWhFL0yUvA0ciNLJlNDwe9ooE4ySoGkqorZSNbNtuohpD+x+kq4vTo= X-Received: by 2002:a19:e21d:: with SMTP id z29mr267504lfg.175.1619821186383; Fri, 30 Apr 2021 15:19:46 -0700 (PDT) MIME-Version: 1.0 From: Steve French Date: Fri, 30 Apr 2021 17:19:35 -0500 Message-ID: Subject: [PATCH] smb3.1.1: allow dumping GCM256 keys to improve debugging of encrypted shares To: CIFS Cc: samba-technical , linux-cifsd-devel@lists.sourceforge.net Precedence: bulk List-ID: X-Mailing-List: linux-cifs@vger.kernel.org Previously we were only able to dump CCM or GCM-128 keys (see "smbinfo keys" e.g.) to allow network debugging (e.g. wireshark) of mounts to SMB3.1.1 encrypted shares. But with the addition of GCM-256 support, we have to be able to dump 32 byte instead of 16 byte keys which requires adding an additional ioctl for that. Signed-off-by: Steve French --- fs/cifs/cifs_ioctl.h | 19 +++++++++++++++++++ fs/cifs/ioctl.c | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+) struct cifsFileInfo *pSMBFile = filep->private_data; @@ -354,6 +355,38 @@ long cifs_ioctl(struct file *filep, unsigned int command, unsigned long arg) else rc = 0; break; + /* + * Dump full key (32 bytes instead of 16 bytes) is + * needed if GCM256 (stronger encryption) negotiated + */ + case CIFS_DUMP_FULL_KEY: + if (pSMBFile == NULL) + break; + if (!capable(CAP_SYS_ADMIN)) { + rc = -EACCES; + break; + } + + tcon = tlink_tcon(pSMBFile->tlink); + if (!smb3_encryption_required(tcon)) { + rc = -EOPNOTSUPP; + break; + } + pfull_key_inf.cipher_type = + le16_to_cpu(tcon->ses->server->cipher_type); + pfull_key_inf.Suid = tcon->ses->Suid; + memcpy(pfull_key_inf.auth_key, tcon->ses->auth_key.response, + 16 /* SMB2_NTLMV2_SESSKEY_SIZE */); + memcpy(pfull_key_inf.smb3decryptionkey, + tcon->ses->smb3decryptionkey, SMB3_ENC_DEC_KEY_SIZE); + memcpy(pfull_key_inf.smb3encryptionkey, + tcon->ses->smb3encryptionkey, SMB3_ENC_DEC_KEY_SIZE); + if (copy_to_user((void __user *)arg, &pfull_key_inf, + sizeof(struct smb3_full_key_debug_info))) + rc = -EFAULT; + else + rc = 0; + break; case CIFS_IOC_NOTIFY: if (!S_ISDIR(inode->i_mode)) { /* Notify can only be done on directories */ From a51a2ea0f8d72f0c3e691f253bb2b48db69cb035 Mon Sep 17 00:00:00 2001 From: Steve French Date: Fri, 30 Apr 2021 17:14:45 -0500 Subject: [PATCH] smb3.1.1: allow dumping GCM256 keys to improve debugging of encrypted shares Previously we were only able to dump CCM or GCM-128 keys (see "smbinfo keys" e.g.) to allow network debugging (e.g. wireshark) of mounts to SMB3.1.1 encrypted shares. But with the addition of GCM-256 support, we have to be able to dump 32 byte instead of 16 byte keys which requires adding an additional ioctl for that. Signed-off-by: Steve French --- fs/cifs/cifs_ioctl.h | 19 +++++++++++++++++++ fs/cifs/ioctl.c | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+) diff --git a/fs/cifs/cifs_ioctl.h b/fs/cifs/cifs_ioctl.h index f262c64516bc..9f2ed9cccb08 100644 --- a/fs/cifs/cifs_ioctl.h +++ b/fs/cifs/cifs_ioctl.h @@ -57,6 +57,12 @@ struct smb_query_info { /* char buffer[]; */ } __packed; +/* + * Dumping the commonly used 16 byte (e.g. CCM and GCM128) keys still supported + * for backlevel compatibility, but is not sufficient for dumping the less + * frequently used GCM256 (32 byte) keys (see the newer "CIFS_DUMP_FULL_KEY" + * ioctl for dumping decryption info for GCM256 mounts) + */ struct smb3_key_debug_info { __u64 Suid; __u16 cipher_type; @@ -65,6 +71,18 @@ struct smb3_key_debug_info { __u8 smb3decryptionkey[SMB3_SIGN_KEY_SIZE]; } __packed; +/* + * Dump full key (32 byte encrypt/decrypt keys instead of 16 bytes) + * is needed if GCM256 (stronger encryption) negotiated + */ +struct smb3_full_key_debug_info { + __u64 Suid; + __u16 cipher_type; + __u8 auth_key[16]; /* SMB2_NTLMV2_SESSKEY_SIZE */ + __u8 smb3encryptionkey[SMB3_ENC_DEC_KEY_SIZE]; + __u8 smb3decryptionkey[SMB3_ENC_DEC_KEY_SIZE]; +} __packed; + struct smb3_notify { __u32 completion_filter; bool watch_tree; @@ -78,6 +96,7 @@ struct smb3_notify { #define CIFS_QUERY_INFO _IOWR(CIFS_IOCTL_MAGIC, 7, struct smb_query_info) #define CIFS_DUMP_KEY _IOWR(CIFS_IOCTL_MAGIC, 8, struct smb3_key_debug_info) #define CIFS_IOC_NOTIFY _IOW(CIFS_IOCTL_MAGIC, 9, struct smb3_notify) +#define CIFS_DUMP_FULL_KEY _IOWR(CIFS_IOCTL_MAGIC, 10, struct smb3_full_key_debug_info) #define CIFS_IOC_SHUTDOWN _IOR ('X', 125, __u32) /* diff --git a/fs/cifs/ioctl.c b/fs/cifs/ioctl.c index ef41fa878793..e4321e2a27d2 100644 --- a/fs/cifs/ioctl.c +++ b/fs/cifs/ioctl.c @@ -218,6 +218,7 @@ long cifs_ioctl(struct file *filep, unsigned int command, unsigned long arg) { struct inode *inode = file_inode(filep); struct smb3_key_debug_info pkey_inf; + struct smb3_full_key_debug_info pfull_key_inf; int rc = -ENOTTY; /* strange error - but the precedent */ unsigned int xid; struct cifsFileInfo *pSMBFile = filep->private_data; @@ -354,6 +355,38 @@ long cifs_ioctl(struct file *filep, unsigned int command, unsigned long arg) else rc = 0; break; + /* + * Dump full key (32 bytes instead of 16 bytes) is + * needed if GCM256 (stronger encryption) negotiated + */ + case CIFS_DUMP_FULL_KEY: + if (pSMBFile == NULL) + break; + if (!capable(CAP_SYS_ADMIN)) { + rc = -EACCES; + break; + } + + tcon = tlink_tcon(pSMBFile->tlink); + if (!smb3_encryption_required(tcon)) { + rc = -EOPNOTSUPP; + break; + } + pfull_key_inf.cipher_type = + le16_to_cpu(tcon->ses->server->cipher_type); + pfull_key_inf.Suid = tcon->ses->Suid; + memcpy(pfull_key_inf.auth_key, tcon->ses->auth_key.response, + 16 /* SMB2_NTLMV2_SESSKEY_SIZE */); + memcpy(pfull_key_inf.smb3decryptionkey, + tcon->ses->smb3decryptionkey, SMB3_ENC_DEC_KEY_SIZE); + memcpy(pfull_key_inf.smb3encryptionkey, + tcon->ses->smb3encryptionkey, SMB3_ENC_DEC_KEY_SIZE); + if (copy_to_user((void __user *)arg, &pfull_key_inf, + sizeof(struct smb3_full_key_debug_info))) + rc = -EFAULT; + else + rc = 0; + break; case CIFS_IOC_NOTIFY: if (!S_ISDIR(inode->i_mode)) { /* Notify can only be done on directories */ -- 2.27.0