SMB2: better RSVD flow

Fixed FSCTL_QUERY_SHARED_VIRTUAL_DISK_SUPPORT dissector
to show fields of response properly - see
https://msdn.microsoft.com/en-us/library/dn409282.aspx

Mapped few SMB2 IOCTL codes related to RSVD to names
(like FSCTL_STORAGE_QOS_CONTROL that is defined by MS-SQOS
as a helper for RSVD protocol)

Added RSVD-specific SMB2 status codes
(used in SMB2 transport when RSVD is in use or inited)
See https://msdn.microsoft.com/en-us/library/dn392518.aspx

Change-Id: I04d80df234505e8b32773ac95cf0b73f07cc5581
Reviewed-on: https://code.wireshark.org/review/19693
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>

2 files changed, 45 insertions, 2 deletions

diff --git a/epan/dissectors/packet-smb2.c b/epan/dissectors/packet-smb2.c
index 4cb122471f..75bb2498e3 100644
--- a/epan/dissectors/packet-smb2.c
+++ b/epan/dissectors/packet-smb2.c
@@ -237,6 +237,8 @@ static int hf_smb2_fsctl_range_length = -1;
 static int hf_smb2_ioctl_function_method = -1;
 static int hf_smb2_ioctl_resiliency_timeout = -1;
 static int hf_smb2_ioctl_resiliency_reserved = -1;
+static int hf_smb2_ioctl_shared_virtual_disk_support = -1;
+static int hf_smb2_ioctl_shared_virtual_disk_handle_state = -1;
 static int hf_windows_sockaddr_family = -1;
 static int hf_windows_sockaddr_port = -1;
 static int hf_windows_sockaddr_in_addr = -1;
@@ -1559,8 +1561,10 @@ static const value_string smb2_ioctl_vals[] = {
 	{0x000900DF, "FSCTL_WRITE_RAW_ENCRYPTED"},
 	{0x000900E3, "FSCTL_READ_RAW_ENCRYPTED"},
 	{0x000900F0, "FSCTL_EXTEND_VOLUME"},
+	{0x00090244, "FSCTL_CSV_TUNNEL_REQUEST"},
 	{0x0009027C, "FSCTL_GET_INTEGRITY_INFORMATION"},
-	{0x00090284, "FSCTL_QUERY_FILE_REGIONS"},
+	{0x00090284, "FSCTL_QUERY_FILE_REGIONS"},                     /* dissector implemented */
+	{0x000902c8, "FSCTL_CSV_SYNC_TUNNEL_REQUEST"},
 	{0x00090300, "FSCTL_QUERY_SHARED_VIRTUAL_DISK_SUPPORT"},      /* dissector implemented */
 	{0x00090304, "FSCTL_SVHDX_SYNC_TUNNEL_REQUEST"},              /* dissector implemented */
 	{0x00090308, "FSCTL_SVHDX_SET_INITIATOR_INFORMATION"},
@@ -1569,6 +1573,7 @@ static const value_string smb2_ioctl_vals[] = {
 	{0x00090314, "FSCTL_DELETE_EXTERNAL_BACKING"},
 	{0x00090318, "FSCTL_ENUM_EXTERNAL_BACKING"},
 	{0x0009031F, "FSCTL_ENUM_OVERLAY"},
+	{0x00090350, "FSCTL_STORAGE_QOS_CONTROL"},
 	{0x00090364, "FSCTL_SVHDX_ASYNC_TUNNEL_REQUEST"},             /* dissector implemented */
 	{0x000940B3, "FSCTL_ENUM_USN_DATA"},
 	{0x000940B7, "FSCTL_SECURITY_ID_CHECK"},
@@ -1683,6 +1688,19 @@ static const value_string smb2_ioctl_method_vals[] = {
 	{ 0, NULL }
 };
 
+static const value_string smb2_ioctl_shared_virtual_disk_vals[] = {
+	{ 0x01, "SharedVirtualDisksSupported" },
+	{ 0x07, "SharedVirtualDiskCDPSnapshotsSupported" },
+	{ 0, NULL }
+};
+
+static const value_string smb2_ioctl_shared_virtual_disk_hstate_vals[] = {
+	{ 0x00, "HandleStateNone" },
+	{ 0x01, "HandleStateFileShared" },
+	{ 0x02, "HandleStateShared" },
+	{ 0, NULL }
+};
+
 /* this is called from both smb and smb2. */
 int
 dissect_smb2_ioctl_function(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, int offset, guint32 *ioctlfunc)
@@ -5542,7 +5560,10 @@ dissect_smb2_FSCTL_QUERY_SHARED_VIRTUAL_DISK_SUPPORT(tvbuff_t *tvb _U_, packet_i
 		return;
 	}
 
-	/* There is nothing to do here ... */
+	proto_tree_add_item(tree, hf_smb2_ioctl_shared_virtual_disk_support, tvb, offset, 4, ENC_LITTLE_ENDIAN);
+	offset += 4;
+
+	proto_tree_add_item(tree, hf_smb2_ioctl_shared_virtual_disk_handle_state, tvb, offset, 4, ENC_LITTLE_ENDIAN);
 }
 
 static void
@@ -9887,6 +9908,16 @@ proto_register_smb2(void)
 			NULL, 0, "Resiliency reserved", HFILL }
 		},
 
+		{ &hf_smb2_ioctl_shared_virtual_disk_support,
+			{ "SharedVirtualDiskSupport", "smb2.ioctl.function.shared_virtual_disk_support", FT_UINT32, BASE_HEX,
+			VALS(smb2_ioctl_shared_virtual_disk_vals), 0, "Supported shared capabilities", HFILL }
+		},
+
+		{ &hf_smb2_ioctl_shared_virtual_disk_handle_state,
+			{ "SharedVirtualDiskHandleState", "smb2.ioctl.function.shared_virtual_disk_handle_state", FT_UINT32, BASE_HEX,
+			VALS(smb2_ioctl_shared_virtual_disk_hstate_vals), 0, "State of shared disk handle", HFILL }
+		},
+
 		{ &hf_windows_sockaddr_family,
 			{ "Socket Family", "smb2.windows.sockaddr.family", FT_UINT16, BASE_DEC,
 			NULL, 0, "The socket address family (on windows)", HFILL }
diff --git a/epan/dissectors/packet-windows-common.c b/epan/dissectors/packet-windows-common.c
index 1209d76c4d..4974ec9fa9 100644
--- a/epan/dissectors/packet-windows-common.c
+++ b/epan/dissectors/packet-windows-common.c
@@ -987,6 +987,18 @@ const value_string NT_errors[] = {
 	{ 0xC003005C, "RPC_NT_INVALID_PIPE_OBJECT" },
 	{ 0xC003005D, "RPC_NT_INVALID_PIPE_OPERATION" },
 	{ 0xC003005E, "RPC_NT_WRONG_PIPE_VERSION" },
+	{ 0xC05C0000, "STATUS_SVHDX_ERROR_STORED" },
+	{ 0xC05CFF00, "STATUS_SVHDX_ERROR_NOT_AVAILABLE" },
+	{ 0xC05CFF01, "STATUS_SVHDX_UNIT_ATTENTION_AVAILABLE" },
+	{ 0xC05CFF02, "STATUS_SVHDX_UNIT_ATTENTION_CAPACITY_DATA_CHANGED" },
+	{ 0xC05CFF03, "STATUS_SVHDX_UNIT_ATTENTION_RESERVATIONS_PREEMPTED" },
+	{ 0xC05CFF04, "STATUS_SVHDX_UNIT_ATTENTION_RESERVATIONS_RELEASED" },
+	{ 0xC05CFF05, "STATUS_SVHDX_UNIT_ATTENTION_REGISTRATIONS_PREEMPTED" },
+	{ 0xC05CFF06, "STATUS_SVHDX_UNIT_ATTENTION_OPERATING_DEFINITION_CHANGED" },
+	{ 0xC05CFF07, "STATUS_SVHDX_RESERVATION_CONFLICT" },
+	{ 0xC05CFF08, "STATUS_SVHDX_WRONG_FILE_TYPE" },
+	{ 0xC05CFF09, "STATUS_SVHDX_VERSION_MISMATCH" },
+	{ 0xC05CFF0A, "STATUS_VHD_SHARED" },
 	{ 0,          NULL }
 };
 value_string_ext NT_errors_ext = VALUE_STRING_EXT_INIT(NT_errors);