1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2013 Nexenta Systems, Inc. All rights reserved.
24 */
25
26 #include <sys/sid.h>
27 #include <sys/nbmlock.h>
28 #include <smbsrv/smb_fsops.h>
29 #include <smbsrv/smb_kproto.h>
30 #include <acl/acl_common.h>
31 #include <sys/fcntl.h>
32 #include <sys/flock.h>
33 #include <fs/fs_subr.h>
34
35 extern caller_context_t smb_ct;
36
37 static int smb_fsop_create_stream(smb_request_t *, cred_t *, smb_node_t *,
38 char *, char *, int, smb_attr_t *, smb_node_t **);
39
40 static int smb_fsop_create_file(smb_request_t *, cred_t *, smb_node_t *,
41 char *, int, smb_attr_t *, smb_node_t **);
42
43 #ifdef _KERNEL
44 static int smb_fsop_create_with_sd(smb_request_t *, cred_t *, smb_node_t *,
45 char *, smb_attr_t *, smb_node_t **, smb_fssd_t *);
46 static int smb_fsop_sdinherit(smb_request_t *, smb_node_t *, smb_fssd_t *);
47 #endif /* _KERNEL */
48
49 /*
50 * The smb_fsop_* functions have knowledge of CIFS semantics.
51 *
52 * The smb_vop_* functions have minimal knowledge of CIFS semantics and
53 * serve as an interface to the VFS layer.
54 *
55 * Hence, smb_request_t and smb_node_t structures should not be passed
56 * from the smb_fsop_* layer to the smb_vop_* layer.
57 *
58 * In general, CIFS service code should only ever call smb_fsop_*
59 * functions directly, and never smb_vop_* functions directly.
60 *
61 * smb_fsop_* functions should call smb_vop_* functions where possible, instead
62 * of their smb_fsop_* counterparts. However, there are times when
63 * this cannot be avoided.
64 */
65
66 /*
67 * Note: Stream names cannot be mangled.
68 */
69
70 /*
71 * smb_fsop_amask_to_omode
72 *
73 * Convert the access mask to the open mode (for use
74 * with the VOP_OPEN call).
75 *
76 * Note that opening a file for attribute only access
77 * will also translate into an FREAD or FWRITE open mode
78 * (i.e., it's not just for data).
79 *
80 * This is needed so that opens are tracked appropriately
81 * for oplock processing.
82 */
83
84 int
smb_fsop_amask_to_omode(uint32_t access)85 smb_fsop_amask_to_omode(uint32_t access)
86 {
87 int mode = 0;
88
89 if (access & (FILE_READ_DATA | FILE_EXECUTE |
90 FILE_READ_ATTRIBUTES | FILE_READ_EA))
91 mode |= FREAD;
92
93 if (access & (FILE_WRITE_DATA | FILE_APPEND_DATA |
94 FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA))
95 mode |= FWRITE;
96
97 if (access & FILE_APPEND_DATA)
98 mode |= FAPPEND;
99
100 return (mode);
101 }
102
103 int
smb_fsop_open(smb_node_t * node,int mode,cred_t * cred)104 smb_fsop_open(smb_node_t *node, int mode, cred_t *cred)
105 {
106 /*
107 * Assuming that the same vnode is returned as we had before.
108 * (I.e., with certain types of files or file systems, a
109 * different vnode might be returned by VOP_OPEN)
110 */
111 return (smb_vop_open(&node->vp, mode, cred));
112 }
113
114 void
smb_fsop_close(smb_node_t * node,int mode,cred_t * cred)115 smb_fsop_close(smb_node_t *node, int mode, cred_t *cred)
116 {
117 smb_vop_close(node->vp, mode, cred);
118 }
119
120 #ifdef _KERNEL
121 static int
smb_fsop_create_with_sd(smb_request_t * sr,cred_t * cr,smb_node_t * dnode,char * name,smb_attr_t * attr,smb_node_t ** ret_snode,smb_fssd_t * fs_sd)122 smb_fsop_create_with_sd(smb_request_t *sr, cred_t *cr,
123 smb_node_t *dnode, char *name,
124 smb_attr_t *attr, smb_node_t **ret_snode, smb_fssd_t *fs_sd)
125 {
126 vsecattr_t *vsap;
127 vsecattr_t vsecattr;
128 smb_attr_t set_attr;
129 acl_t *acl, *dacl, *sacl;
130 vnode_t *vp;
131 cred_t *kcr = zone_kcred();
132 int aclbsize = 0; /* size of acl list in bytes */
133 int flags = 0;
134 int rc;
135 boolean_t is_dir;
136
137 ASSERT(fs_sd);
138
139 if (SMB_TREE_IS_CASEINSENSITIVE(sr))
140 flags = SMB_IGNORE_CASE;
141 if (SMB_TREE_SUPPORTS_CATIA(sr))
142 flags |= SMB_CATIA;
143
144 ASSERT(cr);
145
146 is_dir = ((fs_sd->sd_flags & SMB_FSSD_FLAGS_DIR) != 0);
147
148 if (smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACLONCREATE)) {
149 if (fs_sd->sd_secinfo & SMB_ACL_SECINFO) {
150 dacl = fs_sd->sd_zdacl;
151 sacl = fs_sd->sd_zsacl;
152 ASSERT(dacl || sacl);
153 if (dacl && sacl) {
154 acl = smb_fsacl_merge(dacl, sacl);
155 } else if (dacl) {
156 acl = dacl;
157 } else {
158 acl = sacl;
159 }
160
161 rc = smb_fsacl_to_vsa(acl, &vsecattr, &aclbsize);
162
163 if (dacl && sacl)
164 acl_free(acl);
165
166 if (rc != 0)
167 return (rc);
168
169 vsap = &vsecattr;
170 } else {
171 vsap = NULL;
172 }
173
174 /* The tree ACEs may prevent a create */
175 rc = EACCES;
176 if (is_dir) {
177 if (SMB_TREE_HAS_ACCESS(sr, ACE_ADD_SUBDIRECTORY) != 0)
178 rc = smb_vop_mkdir(dnode->vp, name, attr,
179 &vp, flags, cr, vsap);
180 } else {
181 if (SMB_TREE_HAS_ACCESS(sr, ACE_ADD_FILE) != 0)
182 rc = smb_vop_create(dnode->vp, name, attr,
183 &vp, flags, cr, vsap);
184 }
185
186 if (vsap != NULL)
187 kmem_free(vsap->vsa_aclentp, aclbsize);
188
189 if (rc != 0)
190 return (rc);
191
192 set_attr.sa_mask = 0;
193
194 /*
195 * Ideally we should be able to specify the owner and owning
196 * group at create time along with the ACL. Since we cannot
197 * do that right now, kcred is passed to smb_vop_setattr so it
198 * doesn't fail due to lack of permission.
199 */
200 if (fs_sd->sd_secinfo & SMB_OWNER_SECINFO) {
201 set_attr.sa_vattr.va_uid = fs_sd->sd_uid;
202 set_attr.sa_mask |= SMB_AT_UID;
203 }
204
205 if (fs_sd->sd_secinfo & SMB_GROUP_SECINFO) {
206 set_attr.sa_vattr.va_gid = fs_sd->sd_gid;
207 set_attr.sa_mask |= SMB_AT_GID;
208 }
209
210 if (set_attr.sa_mask)
211 rc = smb_vop_setattr(vp, NULL, &set_attr, 0, kcr);
212
213 if (rc == 0) {
214 *ret_snode = smb_node_lookup(sr, &sr->arg.open, cr, vp,
215 name, dnode, NULL);
216
217 if (*ret_snode == NULL)
218 rc = ENOMEM;
219
220 VN_RELE(vp);
221 }
222 } else {
223 /*
224 * For filesystems that don't support ACL-on-create, try
225 * to set the specified SD after create, which could actually
226 * fail because of conflicts between inherited security
227 * attributes upon creation and the specified SD.
228 *
229 * Passing kcred to smb_fsop_sdwrite() to overcome this issue.
230 */
231
232 if (is_dir) {
233 rc = smb_vop_mkdir(dnode->vp, name, attr, &vp,
234 flags, cr, NULL);
235 } else {
236 rc = smb_vop_create(dnode->vp, name, attr, &vp,
237 flags, cr, NULL);
238 }
239
240 if (rc != 0)
241 return (rc);
242
243 *ret_snode = smb_node_lookup(sr, &sr->arg.open, cr, vp,
244 name, dnode, NULL);
245
246 if (*ret_snode != NULL) {
247 if (!smb_tree_has_feature(sr->tid_tree,
248 SMB_TREE_NFS_MOUNTED))
249 rc = smb_fsop_sdwrite(sr, kcr, *ret_snode,
250 fs_sd, 1);
251 } else {
252 rc = ENOMEM;
253 }
254
255 VN_RELE(vp);
256 }
257
258 if (rc != 0) {
259 if (is_dir)
260 (void) smb_vop_rmdir(dnode->vp, name, flags, cr);
261 else
262 (void) smb_vop_remove(dnode->vp, name, flags, cr);
263 }
264
265 return (rc);
266 }
267 #endif /* _KERNEL */
268
269 /*
270 * smb_fsop_create
271 *
272 * All SMB functions should use this wrapper to ensure that
273 * all the smb_vop_creates are performed with the appropriate credentials.
274 * Please document any direct calls to explain the reason for avoiding
275 * this wrapper.
276 *
277 * *ret_snode is returned with a reference upon success. No reference is
278 * taken if an error is returned.
279 */
280 int
smb_fsop_create(smb_request_t * sr,cred_t * cr,smb_node_t * dnode,char * name,smb_attr_t * attr,smb_node_t ** ret_snode)281 smb_fsop_create(smb_request_t *sr, cred_t *cr, smb_node_t *dnode,
282 char *name, smb_attr_t *attr, smb_node_t **ret_snode)
283 {
284 int rc = 0;
285 int flags = 0;
286 char *fname, *sname;
287 char *longname = NULL;
288
289 ASSERT(cr);
290 ASSERT(dnode);
291 ASSERT(dnode->n_magic == SMB_NODE_MAGIC);
292 ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING);
293
294 ASSERT(ret_snode);
295 *ret_snode = 0;
296
297 ASSERT(name);
298 if (*name == 0)
299 return (EINVAL);
300
301 ASSERT(sr);
302 ASSERT(sr->tid_tree);
303
304 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0)
305 return (EACCES);
306
307 if (SMB_TREE_IS_READONLY(sr))
308 return (EROFS);
309
310 if (SMB_TREE_IS_CASEINSENSITIVE(sr))
311 flags = SMB_IGNORE_CASE;
312 if (SMB_TREE_SUPPORTS_CATIA(sr))
313 flags |= SMB_CATIA;
314 if (SMB_TREE_SUPPORTS_ABE(sr))
315 flags |= SMB_ABE;
316
317 if (smb_is_stream_name(name)) {
318 fname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
319 sname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
320 smb_stream_parse_name(name, fname, sname);
321
322 rc = smb_fsop_create_stream(sr, cr, dnode,
323 fname, sname, flags, attr, ret_snode);
324
325 kmem_free(fname, MAXNAMELEN);
326 kmem_free(sname, MAXNAMELEN);
327 return (rc);
328 }
329
330 /* Not a named stream */
331
332 if (SMB_TREE_SUPPORTS_SHORTNAMES(sr) && smb_maybe_mangled(name)) {
333 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
334 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags);
335 kmem_free(longname, MAXNAMELEN);
336
337 if (rc == 0)
338 rc = EEXIST;
339 if (rc != ENOENT)
340 return (rc);
341 }
342
343 rc = smb_fsop_create_file(sr, cr, dnode, name, flags,
344 attr, ret_snode);
345 return (rc);
346
347 }
348
349
350 /*
351 * smb_fsop_create_stream
352 *
353 * Create NTFS named stream file (sname) on unnamed stream
354 * file (fname), creating the unnamed stream file if it
355 * doesn't exist.
356 * If we created the unnamed stream file and then creation
357 * of the named stream file fails, we delete the unnamed stream.
358 * Since we use the real file name for the smb_vop_remove we
359 * clear the SMB_IGNORE_CASE flag to ensure a case sensitive
360 * match.
361 *
362 * The second parameter of smb_vop_setattr() is set to
363 * NULL, even though an unnamed stream exists. This is
364 * because we want to set the UID and GID on the named
365 * stream in this case for consistency with the (unnamed
366 * stream) file (see comments for smb_vop_setattr()).
367 */
368 static int
smb_fsop_create_stream(smb_request_t * sr,cred_t * cr,smb_node_t * dnode,char * fname,char * sname,int flags,smb_attr_t * attr,smb_node_t ** ret_snode)369 smb_fsop_create_stream(smb_request_t *sr, cred_t *cr,
370 smb_node_t *dnode, char *fname, char *sname, int flags,
371 smb_attr_t *attr, smb_node_t **ret_snode)
372 {
373 smb_attr_t fattr;
374 smb_node_t *fnode;
375 vnode_t *xattrdvp;
376 vnode_t *vp;
377 cred_t *kcr = zone_kcred();
378 int rc = 0;
379 boolean_t fcreate = B_FALSE;
380
381 /* Look up / create the unnamed stream, fname */
382 rc = smb_fsop_lookup(sr, cr, flags | SMB_FOLLOW_LINKS,
383 sr->tid_tree->t_snode, dnode, fname, &fnode);
384 if (rc == ENOENT) {
385 fcreate = B_TRUE;
386 rc = smb_fsop_create_file(sr, cr, dnode, fname, flags,
387 attr, &fnode);
388 }
389 if (rc != 0)
390 return (rc);
391
392 fattr.sa_mask = SMB_AT_UID | SMB_AT_GID;
393 rc = smb_vop_getattr(fnode->vp, NULL, &fattr, 0, kcr);
394
395 if (rc == 0) {
396 /* create the named stream, sname */
397 rc = smb_vop_stream_create(fnode->vp, sname, attr,
398 &vp, &xattrdvp, flags, cr);
399 }
400 if (rc != 0) {
401 if (fcreate) {
402 flags &= ~SMB_IGNORE_CASE;
403 (void) smb_vop_remove(dnode->vp,
404 fnode->od_name, flags, cr);
405 }
406 smb_node_release(fnode);
407 return (rc);
408 }
409
410 attr->sa_vattr.va_uid = fattr.sa_vattr.va_uid;
411 attr->sa_vattr.va_gid = fattr.sa_vattr.va_gid;
412 attr->sa_mask = SMB_AT_UID | SMB_AT_GID;
413
414 rc = smb_vop_setattr(vp, NULL, attr, 0, kcr);
415 if (rc != 0) {
416 smb_node_release(fnode);
417 return (rc);
418 }
419
420 *ret_snode = smb_stream_node_lookup(sr, cr, fnode, xattrdvp,
421 vp, sname);
422
423 smb_node_release(fnode);
424 VN_RELE(xattrdvp);
425 VN_RELE(vp);
426
427 if (*ret_snode == NULL)
428 rc = ENOMEM;
429
430 /* notify change to the unnamed stream */
431 if (rc == 0)
432 smb_node_notify_change(dnode,
433 FILE_ACTION_ADDED_STREAM, fname);
434
435 return (rc);
436 }
437
438 /*
439 * smb_fsop_create_file
440 */
441 static int
smb_fsop_create_file(smb_request_t * sr,cred_t * cr,smb_node_t * dnode,char * name,int flags,smb_attr_t * attr,smb_node_t ** ret_snode)442 smb_fsop_create_file(smb_request_t *sr, cred_t *cr,
443 smb_node_t *dnode, char *name, int flags,
444 smb_attr_t *attr, smb_node_t **ret_snode)
445 {
446 smb_arg_open_t *op = &sr->sr_open;
447 vnode_t *vp;
448 int rc;
449
450 #ifdef _KERNEL
451 smb_fssd_t fs_sd;
452 uint32_t secinfo;
453 uint32_t status;
454
455 if (op->sd) {
456 /*
457 * SD sent by client in Windows format. Needs to be
458 * converted to FS format. No inheritance.
459 */
460 secinfo = smb_sd_get_secinfo(op->sd);
461 smb_fssd_init(&fs_sd, secinfo, 0);
462
463 status = smb_sd_tofs(op->sd, &fs_sd);
464 if (status == NT_STATUS_SUCCESS) {
465 rc = smb_fsop_create_with_sd(sr, cr, dnode,
466 name, attr, ret_snode, &fs_sd);
467 } else {
468 rc = EINVAL;
469 }
470 smb_fssd_term(&fs_sd);
471 } else if (sr->tid_tree->t_acltype == ACE_T) {
472 /*
473 * No incoming SD and filesystem is ZFS
474 * Server applies Windows inheritance rules,
475 * see smb_fsop_sdinherit() comments as to why.
476 */
477 smb_fssd_init(&fs_sd, SMB_ACL_SECINFO, 0);
478 rc = smb_fsop_sdinherit(sr, dnode, &fs_sd);
479 if (rc == 0) {
480 rc = smb_fsop_create_with_sd(sr, cr, dnode,
481 name, attr, ret_snode, &fs_sd);
482 }
483
484 smb_fssd_term(&fs_sd);
485 } else
486 #endif /* _KERNEL */
487 {
488 /*
489 * No incoming SD and filesystem is not ZFS
490 * let the filesystem handles the inheritance.
491 */
492 rc = smb_vop_create(dnode->vp, name, attr, &vp,
493 flags, cr, NULL);
494
495 if (rc == 0) {
496 *ret_snode = smb_node_lookup(sr, op, cr, vp,
497 name, dnode, NULL);
498
499 if (*ret_snode == NULL)
500 rc = ENOMEM;
501
502 VN_RELE(vp);
503 }
504
505 }
506
507 if (rc == 0)
508 smb_node_notify_change(dnode, FILE_ACTION_ADDED, name);
509
510 return (rc);
511 }
512
513 /*
514 * smb_fsop_mkdir
515 *
516 * All SMB functions should use this wrapper to ensure that
517 * the the calls are performed with the appropriate credentials.
518 * Please document any direct call to explain the reason
519 * for avoiding this wrapper.
520 *
521 * It is assumed that a reference exists on snode coming into this routine.
522 *
523 * *ret_snode is returned with a reference upon success. No reference is
524 * taken if an error is returned.
525 */
526 int
smb_fsop_mkdir(smb_request_t * sr,cred_t * cr,smb_node_t * dnode,char * name,smb_attr_t * attr,smb_node_t ** ret_snode)527 smb_fsop_mkdir(
528 smb_request_t *sr,
529 cred_t *cr,
530 smb_node_t *dnode,
531 char *name,
532 smb_attr_t *attr,
533 smb_node_t **ret_snode)
534 {
535 struct open_param *op = &sr->arg.open;
536 char *longname;
537 vnode_t *vp;
538 int flags = 0;
539 int rc;
540
541 #ifdef _KERNEL
542 smb_fssd_t fs_sd;
543 uint32_t secinfo;
544 uint32_t status;
545 #endif /* _KERNEL */
546
547 ASSERT(cr);
548 ASSERT(dnode);
549 ASSERT(dnode->n_magic == SMB_NODE_MAGIC);
550 ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING);
551
552 ASSERT(ret_snode);
553 *ret_snode = 0;
554
555 ASSERT(name);
556 if (*name == 0)
557 return (EINVAL);
558
559 ASSERT(sr);
560 ASSERT(sr->tid_tree);
561
562 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0)
563 return (EACCES);
564
565 if (SMB_TREE_IS_READONLY(sr))
566 return (EROFS);
567 if (SMB_TREE_SUPPORTS_CATIA(sr))
568 flags |= SMB_CATIA;
569 if (SMB_TREE_SUPPORTS_ABE(sr))
570 flags |= SMB_ABE;
571
572 if (SMB_TREE_SUPPORTS_SHORTNAMES(sr) && smb_maybe_mangled(name)) {
573 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
574 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags);
575 kmem_free(longname, MAXNAMELEN);
576
577 /*
578 * If the name passed in by the client has an unmangled
579 * equivalent that is found in the specified directory,
580 * then the mkdir cannot succeed. Return EEXIST.
581 *
582 * Only if ENOENT is returned will a mkdir be attempted.
583 */
584
585 if (rc == 0)
586 rc = EEXIST;
587
588 if (rc != ENOENT)
589 return (rc);
590 }
591
592 if (SMB_TREE_IS_CASEINSENSITIVE(sr))
593 flags = SMB_IGNORE_CASE;
594
595 #ifdef _KERNEL
596 if (op->sd) {
597 /*
598 * SD sent by client in Windows format. Needs to be
599 * converted to FS format. No inheritance.
600 */
601 secinfo = smb_sd_get_secinfo(op->sd);
602 smb_fssd_init(&fs_sd, secinfo, SMB_FSSD_FLAGS_DIR);
603
604 status = smb_sd_tofs(op->sd, &fs_sd);
605 if (status == NT_STATUS_SUCCESS) {
606 rc = smb_fsop_create_with_sd(sr, cr, dnode,
607 name, attr, ret_snode, &fs_sd);
608 }
609 else
610 rc = EINVAL;
611 smb_fssd_term(&fs_sd);
612 } else if (sr->tid_tree->t_acltype == ACE_T) {
613 /*
614 * No incoming SD and filesystem is ZFS
615 * Server applies Windows inheritance rules,
616 * see smb_fsop_sdinherit() comments as to why.
617 */
618 smb_fssd_init(&fs_sd, SMB_ACL_SECINFO, SMB_FSSD_FLAGS_DIR);
619 rc = smb_fsop_sdinherit(sr, dnode, &fs_sd);
620 if (rc == 0) {
621 rc = smb_fsop_create_with_sd(sr, cr, dnode,
622 name, attr, ret_snode, &fs_sd);
623 }
624
625 smb_fssd_term(&fs_sd);
626
627 } else
628 #endif /* _KERNEL */
629 {
630 rc = smb_vop_mkdir(dnode->vp, name, attr, &vp, flags, cr,
631 NULL);
632
633 if (rc == 0) {
634 *ret_snode = smb_node_lookup(sr, op, cr, vp, name,
635 dnode, NULL);
636
637 if (*ret_snode == NULL)
638 rc = ENOMEM;
639
640 VN_RELE(vp);
641 }
642 }
643
644 if (rc == 0)
645 smb_node_notify_change(dnode, FILE_ACTION_ADDED, name);
646
647 return (rc);
648 }
649
650 /*
651 * smb_fsop_remove
652 *
653 * All SMB functions should use this wrapper to ensure that
654 * the the calls are performed with the appropriate credentials.
655 * Please document any direct call to explain the reason
656 * for avoiding this wrapper.
657 *
658 * It is assumed that a reference exists on snode coming into this routine.
659 *
660 * A null smb_request might be passed to this function.
661 */
662 int
smb_fsop_remove(smb_request_t * sr,cred_t * cr,smb_node_t * dnode,char * name,uint32_t flags)663 smb_fsop_remove(
664 smb_request_t *sr,
665 cred_t *cr,
666 smb_node_t *dnode,
667 char *name,
668 uint32_t flags)
669 {
670 smb_node_t *fnode;
671 char *longname;
672 char *fname;
673 char *sname;
674 int rc;
675
676 ASSERT(cr);
677 /*
678 * The state of the node could be SMB_NODE_STATE_DESTROYING if this
679 * function is called during the deletion of the node (because of
680 * DELETE_ON_CLOSE).
681 */
682 ASSERT(dnode);
683 ASSERT(dnode->n_magic == SMB_NODE_MAGIC);
684
685 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0 ||
686 SMB_TREE_HAS_ACCESS(sr, ACE_DELETE) == 0)
687 return (EACCES);
688
689 if (SMB_TREE_IS_READONLY(sr))
690 return (EROFS);
691
692 fname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
693 sname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
694
695 if (dnode->flags & NODE_XATTR_DIR) {
696 fnode = dnode->n_dnode;
697 rc = smb_vop_stream_remove(fnode->vp, name, flags, cr);
698
699 /* notify change to the unnamed stream */
700 if ((rc == 0) && fnode->n_dnode) {
701 smb_node_notify_change(fnode->n_dnode,
702 FILE_ACTION_REMOVED_STREAM, fnode->od_name);
703 }
704 } else if (smb_is_stream_name(name)) {
705 smb_stream_parse_name(name, fname, sname);
706
707 /*
708 * Look up the unnamed stream (i.e. fname).
709 * Unmangle processing will be done on fname
710 * as well as any link target.
711 */
712
713 rc = smb_fsop_lookup(sr, cr, flags | SMB_FOLLOW_LINKS,
714 sr->tid_tree->t_snode, dnode, fname, &fnode);
715
716 if (rc != 0) {
717 kmem_free(fname, MAXNAMELEN);
718 kmem_free(sname, MAXNAMELEN);
719 return (rc);
720 }
721
722 /*
723 * XXX
724 * Need to find out what permission is required by NTFS
725 * to remove a stream.
726 */
727 rc = smb_vop_stream_remove(fnode->vp, sname, flags, cr);
728
729 smb_node_release(fnode);
730
731 /* notify change to the unnamed stream */
732 if (rc == 0) {
733 smb_node_notify_change(dnode,
734 FILE_ACTION_REMOVED_STREAM, fname);
735 }
736 } else {
737 rc = smb_vop_remove(dnode->vp, name, flags, cr);
738
739 if (rc == ENOENT) {
740 if (!SMB_TREE_SUPPORTS_SHORTNAMES(sr) ||
741 !smb_maybe_mangled(name)) {
742 kmem_free(fname, MAXNAMELEN);
743 kmem_free(sname, MAXNAMELEN);
744 return (rc);
745 }
746 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
747
748 if (SMB_TREE_SUPPORTS_ABE(sr))
749 flags |= SMB_ABE;
750
751 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN,
752 flags);
753
754 if (rc == 0) {
755 /*
756 * longname is the real (case-sensitive)
757 * on-disk name.
758 * We make sure we do a remove on this exact
759 * name, as the name was mangled and denotes
760 * a unique file.
761 */
762 flags &= ~SMB_IGNORE_CASE;
763 rc = smb_vop_remove(dnode->vp, longname,
764 flags, cr);
765 }
766 kmem_free(longname, MAXNAMELEN);
767 }
768 if (rc == 0) {
769 smb_node_notify_change(dnode,
770 FILE_ACTION_REMOVED, name);
771 }
772 }
773
774 kmem_free(fname, MAXNAMELEN);
775 kmem_free(sname, MAXNAMELEN);
776
777 return (rc);
778 }
779
780 /*
781 * smb_fsop_remove_streams
782 *
783 * This function removes a file's streams without removing the
784 * file itself.
785 *
786 * It is assumed that fnode is not a link.
787 */
788 int
smb_fsop_remove_streams(smb_request_t * sr,cred_t * cr,smb_node_t * fnode)789 smb_fsop_remove_streams(smb_request_t *sr, cred_t *cr, smb_node_t *fnode)
790 {
791 int rc, flags = 0;
792 uint16_t odid;
793 smb_odir_t *od;
794 smb_odirent_t *odirent;
795 boolean_t eos;
796
797 ASSERT(sr);
798 ASSERT(cr);
799 ASSERT(fnode);
800 ASSERT(fnode->n_magic == SMB_NODE_MAGIC);
801 ASSERT(fnode->n_state != SMB_NODE_STATE_DESTROYING);
802
803 if (SMB_TREE_CONTAINS_NODE(sr, fnode) == 0) {
804 smbsr_errno(sr, EACCES);
805 return (-1);
806 }
807
808 if (SMB_TREE_IS_READONLY(sr)) {
809 smbsr_errno(sr, EROFS);
810 return (-1);
811 }
812
813 if (SMB_TREE_IS_CASEINSENSITIVE(sr))
814 flags = SMB_IGNORE_CASE;
815
816 if (SMB_TREE_SUPPORTS_CATIA(sr))
817 flags |= SMB_CATIA;
818
819 if ((odid = smb_odir_openat(sr, fnode)) == 0) {
820 smbsr_errno(sr, ENOENT);
821 return (-1);
822 }
823
824 if ((od = smb_tree_lookup_odir(sr, odid)) == NULL) {
825 smbsr_errno(sr, ENOENT);
826 return (-1);
827 }
828
829 odirent = kmem_alloc(sizeof (smb_odirent_t), KM_SLEEP);
830 for (;;) {
831 rc = smb_odir_read(sr, od, odirent, &eos);
832 if ((rc != 0) || (eos))
833 break;
834 (void) smb_vop_remove(od->d_dnode->vp, odirent->od_name,
835 flags, cr);
836 }
837 kmem_free(odirent, sizeof (smb_odirent_t));
838
839 smb_odir_close(od);
840 smb_odir_release(od);
841 return (rc);
842 }
843
844 /*
845 * smb_fsop_rmdir
846 *
847 * All SMB functions should use this wrapper to ensure that
848 * the the calls are performed with the appropriate credentials.
849 * Please document any direct call to explain the reason
850 * for avoiding this wrapper.
851 *
852 * It is assumed that a reference exists on snode coming into this routine.
853 */
854 int
smb_fsop_rmdir(smb_request_t * sr,cred_t * cr,smb_node_t * dnode,char * name,uint32_t flags)855 smb_fsop_rmdir(
856 smb_request_t *sr,
857 cred_t *cr,
858 smb_node_t *dnode,
859 char *name,
860 uint32_t flags)
861 {
862 int rc;
863 char *longname;
864
865 ASSERT(cr);
866 /*
867 * The state of the node could be SMB_NODE_STATE_DESTROYING if this
868 * function is called during the deletion of the node (because of
869 * DELETE_ON_CLOSE).
870 */
871 ASSERT(dnode);
872 ASSERT(dnode->n_magic == SMB_NODE_MAGIC);
873
874 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0 ||
875 SMB_TREE_HAS_ACCESS(sr, ACE_DELETE_CHILD) == 0)
876 return (EACCES);
877
878 if (SMB_TREE_IS_READONLY(sr))
879 return (EROFS);
880
881 rc = smb_vop_rmdir(dnode->vp, name, flags, cr);
882
883 if (rc == ENOENT) {
884 if (!SMB_TREE_SUPPORTS_SHORTNAMES(sr) ||
885 !smb_maybe_mangled(name)) {
886 return (rc);
887 }
888
889 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
890
891 if (SMB_TREE_SUPPORTS_ABE(sr))
892 flags |= SMB_ABE;
893 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags);
894
895 if (rc == 0) {
896 /*
897 * longname is the real (case-sensitive)
898 * on-disk name.
899 * We make sure we do a rmdir on this exact
900 * name, as the name was mangled and denotes
901 * a unique directory.
902 */
903 flags &= ~SMB_IGNORE_CASE;
904 rc = smb_vop_rmdir(dnode->vp, longname, flags, cr);
905 }
906
907 kmem_free(longname, MAXNAMELEN);
908 }
909
910 if (rc == 0)
911 smb_node_notify_change(dnode, FILE_ACTION_REMOVED, name);
912
913 return (rc);
914 }
915
916 /*
917 * smb_fsop_getattr
918 *
919 * All SMB functions should use this wrapper to ensure that
920 * the the calls are performed with the appropriate credentials.
921 * Please document any direct call to explain the reason
922 * for avoiding this wrapper.
923 *
924 * It is assumed that a reference exists on snode coming into this routine.
925 */
926 int
smb_fsop_getattr(smb_request_t * sr,cred_t * cr,smb_node_t * snode,smb_attr_t * attr)927 smb_fsop_getattr(smb_request_t *sr, cred_t *cr, smb_node_t *snode,
928 smb_attr_t *attr)
929 {
930 smb_node_t *unnamed_node;
931 vnode_t *unnamed_vp = NULL;
932 uint32_t status;
933 uint32_t access = 0;
934 int flags = 0;
935 int rc;
936
937 ASSERT(cr);
938 ASSERT(snode);
939 ASSERT(snode->n_magic == SMB_NODE_MAGIC);
940 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
941
942 if (SMB_TREE_CONTAINS_NODE(sr, snode) == 0 ||
943 SMB_TREE_HAS_ACCESS(sr, ACE_READ_ATTRIBUTES) == 0)
944 return (EACCES);
945
946 /* sr could be NULL in some cases */
947 if (sr && sr->fid_ofile) {
948 /* if uid and/or gid is requested */
949 if (attr->sa_mask & (SMB_AT_UID|SMB_AT_GID))
950 access |= READ_CONTROL;
951
952 /* if anything else is also requested */
953 if (attr->sa_mask & ~(SMB_AT_UID|SMB_AT_GID))
954 access |= FILE_READ_ATTRIBUTES;
955
956 status = smb_ofile_access(sr->fid_ofile, cr, access);
957 if (status != NT_STATUS_SUCCESS)
958 return (EACCES);
959
960 if (smb_tree_has_feature(sr->tid_tree,
961 SMB_TREE_ACEMASKONACCESS))
962 flags = ATTR_NOACLCHECK;
963 }
964
965 unnamed_node = SMB_IS_STREAM(snode);
966
967 if (unnamed_node) {
968 ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC);
969 ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING);
970 unnamed_vp = unnamed_node->vp;
971 }
972
973 rc = smb_vop_getattr(snode->vp, unnamed_vp, attr, flags, cr);
974
975 if ((rc == 0) && smb_node_is_dfslink(snode)) {
976 /* a DFS link should be treated as a directory */
977 attr->sa_dosattr |= FILE_ATTRIBUTE_DIRECTORY;
978 }
979
980 return (rc);
981 }
982
983 /*
984 * smb_fsop_link
985 *
986 * All SMB functions should use this smb_vop_link wrapper to ensure that
987 * the smb_vop_link is performed with the appropriate credentials.
988 * Please document any direct call to smb_vop_link to explain the reason
989 * for avoiding this wrapper.
990 *
991 * It is assumed that references exist on from_dnode and to_dnode coming
992 * into this routine.
993 */
994 int
smb_fsop_link(smb_request_t * sr,cred_t * cr,smb_node_t * from_fnode,smb_node_t * to_dnode,char * to_name)995 smb_fsop_link(smb_request_t *sr, cred_t *cr, smb_node_t *from_fnode,
996 smb_node_t *to_dnode, char *to_name)
997 {
998 char *longname = NULL;
999 int flags = 0;
1000 int rc;
1001
1002 ASSERT(sr);
1003 ASSERT(sr->tid_tree);
1004 ASSERT(cr);
1005 ASSERT(to_dnode);
1006 ASSERT(to_dnode->n_magic == SMB_NODE_MAGIC);
1007 ASSERT(to_dnode->n_state != SMB_NODE_STATE_DESTROYING);
1008 ASSERT(from_fnode);
1009 ASSERT(from_fnode->n_magic == SMB_NODE_MAGIC);
1010 ASSERT(from_fnode->n_state != SMB_NODE_STATE_DESTROYING);
1011
1012 if (SMB_TREE_CONTAINS_NODE(sr, from_fnode) == 0)
1013 return (EACCES);
1014
1015 if (SMB_TREE_CONTAINS_NODE(sr, to_dnode) == 0)
1016 return (EACCES);
1017
1018 if (SMB_TREE_IS_READONLY(sr))
1019 return (EROFS);
1020
1021 if (SMB_TREE_IS_CASEINSENSITIVE(sr))
1022 flags = SMB_IGNORE_CASE;
1023 if (SMB_TREE_SUPPORTS_CATIA(sr))
1024 flags |= SMB_CATIA;
1025 if (SMB_TREE_SUPPORTS_ABE(sr))
1026 flags |= SMB_ABE;
1027
1028 if (SMB_TREE_SUPPORTS_SHORTNAMES(sr) && smb_maybe_mangled(to_name)) {
1029 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1030 rc = smb_unmangle(to_dnode, to_name, longname,
1031 MAXNAMELEN, flags);
1032 kmem_free(longname, MAXNAMELEN);
1033
1034 if (rc == 0)
1035 rc = EEXIST;
1036 if (rc != ENOENT)
1037 return (rc);
1038 }
1039
1040 rc = smb_vop_link(to_dnode->vp, from_fnode->vp, to_name, flags, cr);
1041
1042 if (rc == 0)
1043 smb_node_notify_change(to_dnode, FILE_ACTION_ADDED, to_name);
1044
1045 return (rc);
1046 }
1047
1048 /*
1049 * smb_fsop_rename
1050 *
1051 * All SMB functions should use this smb_vop_rename wrapper to ensure that
1052 * the smb_vop_rename is performed with the appropriate credentials.
1053 * Please document any direct call to smb_vop_rename to explain the reason
1054 * for avoiding this wrapper.
1055 *
1056 * It is assumed that references exist on from_dnode and to_dnode coming
1057 * into this routine.
1058 */
1059 int
smb_fsop_rename(smb_request_t * sr,cred_t * cr,smb_node_t * from_dnode,char * from_name,smb_node_t * to_dnode,char * to_name)1060 smb_fsop_rename(
1061 smb_request_t *sr,
1062 cred_t *cr,
1063 smb_node_t *from_dnode,
1064 char *from_name,
1065 smb_node_t *to_dnode,
1066 char *to_name)
1067 {
1068 smb_node_t *from_snode;
1069 smb_attr_t from_attr;
1070 vnode_t *from_vp;
1071 int flags = 0, ret_flags;
1072 int rc;
1073 boolean_t isdir;
1074
1075 ASSERT(cr);
1076 ASSERT(from_dnode);
1077 ASSERT(from_dnode->n_magic == SMB_NODE_MAGIC);
1078 ASSERT(from_dnode->n_state != SMB_NODE_STATE_DESTROYING);
1079
1080 ASSERT(to_dnode);
1081 ASSERT(to_dnode->n_magic == SMB_NODE_MAGIC);
1082 ASSERT(to_dnode->n_state != SMB_NODE_STATE_DESTROYING);
1083
1084 if (SMB_TREE_CONTAINS_NODE(sr, from_dnode) == 0)
1085 return (EACCES);
1086
1087 if (SMB_TREE_CONTAINS_NODE(sr, to_dnode) == 0)
1088 return (EACCES);
1089
1090 ASSERT(sr);
1091 ASSERT(sr->tid_tree);
1092 if (SMB_TREE_IS_READONLY(sr))
1093 return (EROFS);
1094
1095 /*
1096 * Note: There is no need to check SMB_TREE_IS_CASEINSENSITIVE
1097 * here.
1098 *
1099 * A case-sensitive rename is always done in this routine
1100 * because we are using the on-disk name from an earlier lookup.
1101 * If a mangled name was passed in by the caller (denoting a
1102 * deterministic lookup), then the exact file must be renamed
1103 * (i.e. SMB_IGNORE_CASE must not be passed to VOP_RENAME, or
1104 * else the underlying file system might return a "first-match"
1105 * on this on-disk name, possibly resulting in the wrong file).
1106 */
1107
1108 if (SMB_TREE_SUPPORTS_CATIA(sr))
1109 flags |= SMB_CATIA;
1110
1111 /*
1112 * XXX: Lock required through smb_node_release() below?
1113 */
1114
1115 rc = smb_vop_lookup(from_dnode->vp, from_name, &from_vp, NULL,
1116 flags, &ret_flags, NULL, &from_attr, cr);
1117
1118 if (rc != 0)
1119 return (rc);
1120
1121 if (from_attr.sa_dosattr & FILE_ATTRIBUTE_REPARSE_POINT) {
1122 VN_RELE(from_vp);
1123 return (EACCES);
1124 }
1125
1126 isdir = ((from_attr.sa_dosattr & FILE_ATTRIBUTE_DIRECTORY) != 0);
1127
1128 if ((isdir && SMB_TREE_HAS_ACCESS(sr,
1129 ACE_DELETE_CHILD | ACE_ADD_SUBDIRECTORY) !=
1130 (ACE_DELETE_CHILD | ACE_ADD_SUBDIRECTORY)) ||
1131 (!isdir && SMB_TREE_HAS_ACCESS(sr, ACE_DELETE | ACE_ADD_FILE) !=
1132 (ACE_DELETE | ACE_ADD_FILE))) {
1133 VN_RELE(from_vp);
1134 return (EACCES);
1135 }
1136
1137 /*
1138 * SMB checks access on open and retains an access granted
1139 * mask for use while the file is open. ACL changes should
1140 * not affect access to an open file.
1141 *
1142 * If the rename is being performed on an ofile:
1143 * - Check the ofile's access granted mask to see if the
1144 * rename is permitted - requires DELETE access.
1145 * - If the file system does access checking, set the
1146 * ATTR_NOACLCHECK flag to ensure that the file system
1147 * does not check permissions on subsequent calls.
1148 */
1149 if (sr && sr->fid_ofile) {
1150 rc = smb_ofile_access(sr->fid_ofile, cr, DELETE);
1151 if (rc != NT_STATUS_SUCCESS) {
1152 VN_RELE(from_vp);
1153 return (EACCES);
1154 }
1155
1156 if (smb_tree_has_feature(sr->tid_tree,
1157 SMB_TREE_ACEMASKONACCESS))
1158 flags = ATTR_NOACLCHECK;
1159 }
1160
1161 rc = smb_vop_rename(from_dnode->vp, from_name, to_dnode->vp,
1162 to_name, flags, cr);
1163
1164 if (rc == 0) {
1165 from_snode = smb_node_lookup(sr, NULL, cr, from_vp, from_name,
1166 from_dnode, NULL);
1167
1168 if (from_snode == NULL) {
1169 rc = ENOMEM;
1170 } else {
1171 smb_node_rename(from_dnode, from_snode,
1172 to_dnode, to_name);
1173 smb_node_release(from_snode);
1174 }
1175 }
1176 VN_RELE(from_vp);
1177
1178 if (rc == 0) {
1179 if (from_dnode == to_dnode) {
1180 smb_node_notify_change(from_dnode,
1181 FILE_ACTION_RENAMED_OLD_NAME, from_name);
1182 smb_node_notify_change(to_dnode,
1183 FILE_ACTION_RENAMED_NEW_NAME, to_name);
1184 } else {
1185 smb_node_notify_change(from_dnode,
1186 FILE_ACTION_REMOVED, from_name);
1187 smb_node_notify_change(to_dnode,
1188 FILE_ACTION_ADDED, to_name);
1189 }
1190 }
1191
1192 /* XXX: unlock */
1193
1194 return (rc);
1195 }
1196
1197 /*
1198 * smb_fsop_setattr
1199 *
1200 * All SMB functions should use this wrapper to ensure that
1201 * the the calls are performed with the appropriate credentials.
1202 * Please document any direct call to explain the reason
1203 * for avoiding this wrapper.
1204 *
1205 * It is assumed that a reference exists on snode coming into
1206 * this function.
1207 * A null smb_request might be passed to this function.
1208 */
1209 int
smb_fsop_setattr(smb_request_t * sr,cred_t * cr,smb_node_t * snode,smb_attr_t * set_attr)1210 smb_fsop_setattr(
1211 smb_request_t *sr,
1212 cred_t *cr,
1213 smb_node_t *snode,
1214 smb_attr_t *set_attr)
1215 {
1216 smb_node_t *unnamed_node;
1217 vnode_t *unnamed_vp = NULL;
1218 uint32_t status;
1219 uint32_t access;
1220 int rc = 0;
1221 int flags = 0;
1222 uint_t sa_mask;
1223
1224 ASSERT(cr);
1225 ASSERT(snode);
1226 ASSERT(snode->n_magic == SMB_NODE_MAGIC);
1227 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
1228
1229 if (SMB_TREE_CONTAINS_NODE(sr, snode) == 0)
1230 return (EACCES);
1231
1232 if (SMB_TREE_IS_READONLY(sr))
1233 return (EROFS);
1234
1235 if (SMB_TREE_HAS_ACCESS(sr,
1236 ACE_WRITE_ATTRIBUTES | ACE_WRITE_NAMED_ATTRS) == 0)
1237 return (EACCES);
1238
1239 /*
1240 * The file system cannot detect pending READDONLY
1241 * (i.e. if the file has been opened readonly but
1242 * not yet closed) so we need to test READONLY here.
1243 *
1244 * Note that file handle that were opened before the
1245 * READONLY flag was set in the node (or the FS) are
1246 * immune to that change, and remain writable.
1247 */
1248 if (sr && (set_attr->sa_mask & SMB_AT_SIZE)) {
1249 if (sr->fid_ofile) {
1250 if (SMB_OFILE_IS_READONLY(sr->fid_ofile))
1251 return (EACCES);
1252 } else {
1253 if (SMB_PATHFILE_IS_READONLY(sr, snode))
1254 return (EACCES);
1255 }
1256 }
1257
1258 /*
1259 * SMB checks access on open and retains an access granted
1260 * mask for use while the file is open. ACL changes should
1261 * not affect access to an open file.
1262 *
1263 * If the setattr is being performed on an ofile:
1264 * - Check the ofile's access granted mask to see if the
1265 * setattr is permitted.
1266 * UID, GID - require WRITE_OWNER
1267 * SIZE, ALLOCSZ - require FILE_WRITE_DATA
1268 * all other attributes require FILE_WRITE_ATTRIBUTES
1269 *
1270 * - If the file system does access checking, set the
1271 * ATTR_NOACLCHECK flag to ensure that the file system
1272 * does not check permissions on subsequent calls.
1273 */
1274 if (sr && sr->fid_ofile) {
1275 sa_mask = set_attr->sa_mask;
1276 access = 0;
1277
1278 if (sa_mask & (SMB_AT_SIZE | SMB_AT_ALLOCSZ)) {
1279 access |= FILE_WRITE_DATA;
1280 sa_mask &= ~(SMB_AT_SIZE | SMB_AT_ALLOCSZ);
1281 }
1282
1283 if (sa_mask & (SMB_AT_UID|SMB_AT_GID)) {
1284 access |= WRITE_OWNER;
1285 sa_mask &= ~(SMB_AT_UID|SMB_AT_GID);
1286 }
1287
1288 if (sa_mask)
1289 access |= FILE_WRITE_ATTRIBUTES;
1290
1291 status = smb_ofile_access(sr->fid_ofile, cr, access);
1292 if (status != NT_STATUS_SUCCESS)
1293 return (EACCES);
1294
1295 if (smb_tree_has_feature(sr->tid_tree,
1296 SMB_TREE_ACEMASKONACCESS))
1297 flags = ATTR_NOACLCHECK;
1298 }
1299
1300 unnamed_node = SMB_IS_STREAM(snode);
1301
1302 if (unnamed_node) {
1303 ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC);
1304 ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING);
1305 unnamed_vp = unnamed_node->vp;
1306 }
1307
1308 rc = smb_vop_setattr(snode->vp, unnamed_vp, set_attr, flags, cr);
1309 return (rc);
1310 }
1311
1312 /*
1313 * smb_fsop_read
1314 *
1315 * All SMB functions should use this wrapper to ensure that
1316 * the the calls are performed with the appropriate credentials.
1317 * Please document any direct call to explain the reason
1318 * for avoiding this wrapper.
1319 *
1320 * It is assumed that a reference exists on snode coming into this routine.
1321 */
1322 int
smb_fsop_read(smb_request_t * sr,cred_t * cr,smb_node_t * snode,uio_t * uio)1323 smb_fsop_read(smb_request_t *sr, cred_t *cr, smb_node_t *snode, uio_t *uio)
1324 {
1325 caller_context_t ct;
1326 cred_t *kcr = zone_kcred();
1327 int svmand;
1328 int rc;
1329
1330 ASSERT(cr);
1331 ASSERT(snode);
1332 ASSERT(snode->n_magic == SMB_NODE_MAGIC);
1333 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
1334
1335 ASSERT(sr);
1336 ASSERT(sr->fid_ofile);
1337
1338 if (SMB_TREE_HAS_ACCESS(sr, ACE_READ_DATA) == 0)
1339 return (EACCES);
1340
1341 rc = smb_ofile_access(sr->fid_ofile, cr, FILE_READ_DATA);
1342 if ((rc != NT_STATUS_SUCCESS) &&
1343 (sr->smb_flg2 & SMB_FLAGS2_READ_IF_EXECUTE))
1344 rc = smb_ofile_access(sr->fid_ofile, cr, FILE_EXECUTE);
1345
1346 if (rc != NT_STATUS_SUCCESS)
1347 return (EACCES);
1348
1349 /*
1350 * Streams permission are checked against the unnamed stream,
1351 * but in FS level they have their own permissions. To avoid
1352 * rejection by FS due to lack of permission on the actual
1353 * extended attr kcred is passed for streams.
1354 */
1355 if (SMB_IS_STREAM(snode))
1356 cr = kcr;
1357
1358 smb_node_start_crit(snode, RW_READER);
1359 rc = nbl_svmand(snode->vp, kcr, &svmand);
1360 if (rc) {
1361 smb_node_end_crit(snode);
1362 return (rc);
1363 }
1364
1365 ct = smb_ct;
1366 ct.cc_pid = sr->fid_ofile->f_uniqid;
1367 rc = nbl_lock_conflict(snode->vp, NBL_READ, uio->uio_loffset,
1368 uio->uio_iov->iov_len, svmand, &ct);
1369
1370 if (rc) {
1371 smb_node_end_crit(snode);
1372 return (ERANGE);
1373 }
1374
1375 rc = smb_vop_read(snode->vp, uio, cr);
1376 smb_node_end_crit(snode);
1377
1378 return (rc);
1379 }
1380
1381 /*
1382 * smb_fsop_write
1383 *
1384 * This is a wrapper function used for smb_write and smb_write_raw operations.
1385 *
1386 * It is assumed that a reference exists on snode coming into this routine.
1387 */
1388 int
smb_fsop_write(smb_request_t * sr,cred_t * cr,smb_node_t * snode,uio_t * uio,uint32_t * lcount,int ioflag)1389 smb_fsop_write(
1390 smb_request_t *sr,
1391 cred_t *cr,
1392 smb_node_t *snode,
1393 uio_t *uio,
1394 uint32_t *lcount,
1395 int ioflag)
1396 {
1397 caller_context_t ct;
1398 smb_attr_t attr;
1399 smb_node_t *u_node;
1400 vnode_t *u_vp = NULL;
1401 smb_ofile_t *of;
1402 vnode_t *vp;
1403 cred_t *kcr = zone_kcred();
1404 int svmand;
1405 int rc;
1406
1407 ASSERT(cr);
1408 ASSERT(snode);
1409 ASSERT(snode->n_magic == SMB_NODE_MAGIC);
1410 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
1411
1412 ASSERT(sr);
1413 ASSERT(sr->tid_tree);
1414 of = sr->fid_ofile;
1415 vp = snode->vp;
1416
1417 if (SMB_TREE_IS_READONLY(sr))
1418 return (EROFS);
1419
1420 if (SMB_OFILE_IS_READONLY(of) ||
1421 SMB_TREE_HAS_ACCESS(sr, ACE_WRITE_DATA | ACE_APPEND_DATA) == 0)
1422 return (EACCES);
1423
1424 rc = smb_ofile_access(of, cr, FILE_WRITE_DATA);
1425 if (rc != NT_STATUS_SUCCESS) {
1426 rc = smb_ofile_access(of, cr, FILE_APPEND_DATA);
1427 if (rc != NT_STATUS_SUCCESS)
1428 return (EACCES);
1429 }
1430
1431 /*
1432 * Streams permission are checked against the unnamed stream,
1433 * but in FS level they have their own permissions. To avoid
1434 * rejection by FS due to lack of permission on the actual
1435 * extended attr kcred is passed for streams.
1436 */
1437 u_node = SMB_IS_STREAM(snode);
1438 if (u_node != NULL) {
1439 ASSERT(u_node->n_magic == SMB_NODE_MAGIC);
1440 ASSERT(u_node->n_state != SMB_NODE_STATE_DESTROYING);
1441 u_vp = u_node->vp;
1442 cr = kcr;
1443 }
1444
1445 smb_node_start_crit(snode, RW_WRITER);
1446 rc = nbl_svmand(vp, kcr, &svmand);
1447 if (rc) {
1448 smb_node_end_crit(snode);
1449 return (rc);
1450 }
1451
1452 ct = smb_ct;
1453 ct.cc_pid = of->f_uniqid;
1454 rc = nbl_lock_conflict(vp, NBL_WRITE, uio->uio_loffset,
1455 uio->uio_iov->iov_len, svmand, &ct);
1456
1457 if (rc) {
1458 smb_node_end_crit(snode);
1459 return (ERANGE);
1460 }
1461
1462 rc = smb_vop_write(vp, uio, ioflag, lcount, cr);
1463
1464 /*
1465 * Once the mtime has been set via this ofile, the
1466 * automatic mtime changes from writes via this ofile
1467 * should cease, preserving the mtime that was set.
1468 * See: [MS-FSA] 2.1.5.14 and smb_node_setattr.
1469 *
1470 * The VFS interface does not offer a way to ask it to
1471 * skip the mtime updates, so we simulate the desired
1472 * behavior by re-setting the mtime after writes on a
1473 * handle where the mtime has been set.
1474 */
1475 if (of->f_pending_attr.sa_mask & SMB_AT_MTIME) {
1476 bcopy(&of->f_pending_attr, &attr, sizeof (attr));
1477 attr.sa_mask = SMB_AT_MTIME;
1478 (void) smb_vop_setattr(vp, u_vp, &attr, 0, kcr);
1479 }
1480
1481 smb_node_end_crit(snode);
1482
1483 return (rc);
1484 }
1485
1486 /*
1487 * smb_fsop_statfs
1488 *
1489 * This is a wrapper function used for stat operations.
1490 */
1491 int
smb_fsop_statfs(cred_t * cr,smb_node_t * snode,struct statvfs64 * statp)1492 smb_fsop_statfs(
1493 cred_t *cr,
1494 smb_node_t *snode,
1495 struct statvfs64 *statp)
1496 {
1497 ASSERT(cr);
1498 ASSERT(snode);
1499 ASSERT(snode->n_magic == SMB_NODE_MAGIC);
1500 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
1501
1502 return (smb_vop_statfs(snode->vp, statp, cr));
1503 }
1504
1505 /*
1506 * smb_fsop_access
1507 *
1508 * Named streams do not have separate permissions from the associated
1509 * unnamed stream. Thus, if node is a named stream, the permissions
1510 * check will be performed on the associated unnamed stream.
1511 *
1512 * However, our named streams do have their own quarantine attribute,
1513 * separate from that on the unnamed stream. If READ or EXECUTE
1514 * access has been requested on a named stream, an additional access
1515 * check is performed on the named stream in case it has been
1516 * quarantined. kcred is used to avoid issues with the permissions
1517 * set on the extended attribute file representing the named stream.
1518 */
1519 int
smb_fsop_access(smb_request_t * sr,cred_t * cr,smb_node_t * snode,uint32_t faccess)1520 smb_fsop_access(smb_request_t *sr, cred_t *cr, smb_node_t *snode,
1521 uint32_t faccess)
1522 {
1523 int access = 0;
1524 int error;
1525 vnode_t *dir_vp;
1526 boolean_t acl_check = B_TRUE;
1527 smb_node_t *unnamed_node;
1528
1529 ASSERT(sr);
1530 ASSERT(cr);
1531 ASSERT(snode);
1532 ASSERT(snode->n_magic == SMB_NODE_MAGIC);
1533 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
1534
1535 /* Requests for no access should be denied. */
1536 if (faccess == 0)
1537 return (NT_STATUS_ACCESS_DENIED);
1538
1539 if (SMB_TREE_IS_READONLY(sr)) {
1540 if (faccess & (FILE_WRITE_DATA|FILE_APPEND_DATA|
1541 FILE_WRITE_EA|FILE_DELETE_CHILD|FILE_WRITE_ATTRIBUTES|
1542 DELETE|WRITE_DAC|WRITE_OWNER)) {
1543 return (NT_STATUS_ACCESS_DENIED);
1544 }
1545 }
1546
1547 if (smb_node_is_reparse(snode) && (faccess & DELETE))
1548 return (NT_STATUS_ACCESS_DENIED);
1549
1550 unnamed_node = SMB_IS_STREAM(snode);
1551 if (unnamed_node) {
1552 ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC);
1553 ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING);
1554
1555 /*
1556 * Perform VREAD access check on the named stream in case it
1557 * is quarantined. kcred is passed to smb_vop_access so it
1558 * doesn't fail due to lack of permission.
1559 */
1560 if (faccess & (FILE_READ_DATA | FILE_EXECUTE)) {
1561 error = smb_vop_access(snode->vp, VREAD,
1562 0, NULL, zone_kcred());
1563 if (error)
1564 return (NT_STATUS_ACCESS_DENIED);
1565 }
1566
1567 /*
1568 * Streams authorization should be performed against the
1569 * unnamed stream.
1570 */
1571 snode = unnamed_node;
1572 }
1573
1574 if (faccess & ACCESS_SYSTEM_SECURITY) {
1575 /*
1576 * This permission is required for reading/writing SACL and
1577 * it's not part of DACL. It's only granted via proper
1578 * privileges.
1579 */
1580 if ((sr->uid_user->u_privileges &
1581 (SMB_USER_PRIV_BACKUP |
1582 SMB_USER_PRIV_RESTORE |
1583 SMB_USER_PRIV_SECURITY)) == 0)
1584 return (NT_STATUS_PRIVILEGE_NOT_HELD);
1585
1586 faccess &= ~ACCESS_SYSTEM_SECURITY;
1587 }
1588
1589 /* Links don't have ACL */
1590 if ((!smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACEMASKONACCESS)) ||
1591 smb_node_is_symlink(snode))
1592 acl_check = B_FALSE;
1593
1594 /* Deny access based on the share access mask */
1595
1596 if ((faccess & ~sr->tid_tree->t_access) != 0)
1597 return (NT_STATUS_ACCESS_DENIED);
1598
1599 if (acl_check) {
1600 dir_vp = (snode->n_dnode) ? snode->n_dnode->vp : NULL;
1601 error = smb_vop_access(snode->vp, faccess, V_ACE_MASK, dir_vp,
1602 cr);
1603 } else {
1604 /*
1605 * FS doesn't understand 32-bit mask, need to map
1606 */
1607 if (faccess & (FILE_WRITE_DATA | FILE_APPEND_DATA))
1608 access |= VWRITE;
1609
1610 if (faccess & FILE_READ_DATA)
1611 access |= VREAD;
1612
1613 if (faccess & FILE_EXECUTE)
1614 access |= VEXEC;
1615
1616 error = smb_vop_access(snode->vp, access, 0, NULL, cr);
1617 }
1618
1619 return ((error) ? NT_STATUS_ACCESS_DENIED : NT_STATUS_SUCCESS);
1620 }
1621
1622 /*
1623 * smb_fsop_lookup_name()
1624 *
1625 * If name indicates that the file is a stream file, perform
1626 * stream specific lookup, otherwise call smb_fsop_lookup.
1627 *
1628 * Return an error if the looked-up file is in outside the tree.
1629 * (Required when invoked from open path.)
1630 *
1631 * Case sensitivity flags (SMB_IGNORE_CASE, SMB_CASE_SENSITIVE):
1632 * if SMB_CASE_SENSITIVE is set, the SMB_IGNORE_CASE flag will NOT be set
1633 * based on the tree's case sensitivity. However, if the SMB_IGNORE_CASE
1634 * flag is set in the flags value passed as a parameter, a case insensitive
1635 * lookup WILL be done (regardless of whether SMB_CASE_SENSITIVE is set
1636 * or not).
1637 */
1638
1639 int
smb_fsop_lookup_name(smb_request_t * sr,cred_t * cr,int flags,smb_node_t * root_node,smb_node_t * dnode,char * name,smb_node_t ** ret_snode)1640 smb_fsop_lookup_name(
1641 smb_request_t *sr,
1642 cred_t *cr,
1643 int flags,
1644 smb_node_t *root_node,
1645 smb_node_t *dnode,
1646 char *name,
1647 smb_node_t **ret_snode)
1648 {
1649 smb_node_t *fnode;
1650 vnode_t *xattrdirvp;
1651 vnode_t *vp;
1652 char *od_name;
1653 char *fname;
1654 char *sname;
1655 int rc;
1656
1657 ASSERT(cr);
1658 ASSERT(dnode);
1659 ASSERT(dnode->n_magic == SMB_NODE_MAGIC);
1660 ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING);
1661
1662 /*
1663 * The following check is required for streams processing, below
1664 */
1665
1666 if (!(flags & SMB_CASE_SENSITIVE)) {
1667 if (SMB_TREE_IS_CASEINSENSITIVE(sr))
1668 flags |= SMB_IGNORE_CASE;
1669 }
1670
1671 fname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1672 sname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1673
1674 if (smb_is_stream_name(name)) {
1675 smb_stream_parse_name(name, fname, sname);
1676
1677 /*
1678 * Look up the unnamed stream (i.e. fname).
1679 * Unmangle processing will be done on fname
1680 * as well as any link target.
1681 */
1682 rc = smb_fsop_lookup(sr, cr, flags, root_node, dnode,
1683 fname, &fnode);
1684
1685 if (rc != 0) {
1686 kmem_free(fname, MAXNAMELEN);
1687 kmem_free(sname, MAXNAMELEN);
1688 return (rc);
1689 }
1690
1691 od_name = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1692
1693 /*
1694 * od_name is the on-disk name of the stream, except
1695 * without the prepended stream prefix (SMB_STREAM_PREFIX)
1696 */
1697
1698 /*
1699 * XXX
1700 * What permissions NTFS requires for stream lookup if any?
1701 */
1702 rc = smb_vop_stream_lookup(fnode->vp, sname, &vp, od_name,
1703 &xattrdirvp, flags, root_node->vp, cr);
1704
1705 if (rc != 0) {
1706 smb_node_release(fnode);
1707 kmem_free(fname, MAXNAMELEN);
1708 kmem_free(sname, MAXNAMELEN);
1709 kmem_free(od_name, MAXNAMELEN);
1710 return (rc);
1711 }
1712
1713 *ret_snode = smb_stream_node_lookup(sr, cr, fnode, xattrdirvp,
1714 vp, od_name);
1715
1716 kmem_free(od_name, MAXNAMELEN);
1717 smb_node_release(fnode);
1718 VN_RELE(xattrdirvp);
1719 VN_RELE(vp);
1720
1721 if (*ret_snode == NULL) {
1722 kmem_free(fname, MAXNAMELEN);
1723 kmem_free(sname, MAXNAMELEN);
1724 return (ENOMEM);
1725 }
1726 } else {
1727 rc = smb_fsop_lookup(sr, cr, flags, root_node, dnode, name,
1728 ret_snode);
1729 }
1730
1731 if (rc == 0) {
1732 ASSERT(ret_snode);
1733 if (SMB_TREE_CONTAINS_NODE(sr, *ret_snode) == 0) {
1734 smb_node_release(*ret_snode);
1735 *ret_snode = NULL;
1736 rc = EACCES;
1737 }
1738 }
1739
1740 kmem_free(fname, MAXNAMELEN);
1741 kmem_free(sname, MAXNAMELEN);
1742
1743 return (rc);
1744 }
1745
1746 /*
1747 * smb_fsop_lookup
1748 *
1749 * All SMB functions should use this smb_vop_lookup wrapper to ensure that
1750 * the smb_vop_lookup is performed with the appropriate credentials and using
1751 * case insensitive compares. Please document any direct call to smb_vop_lookup
1752 * to explain the reason for avoiding this wrapper.
1753 *
1754 * It is assumed that a reference exists on dnode coming into this routine
1755 * (and that it is safe from deallocation).
1756 *
1757 * Same with the root_node.
1758 *
1759 * *ret_snode is returned with a reference upon success. No reference is
1760 * taken if an error is returned.
1761 *
1762 * Note: The returned ret_snode may be in a child mount. This is ok for
1763 * readdir.
1764 *
1765 * Other smb_fsop_* routines will call SMB_TREE_CONTAINS_NODE() to prevent
1766 * operations on files not in the parent mount.
1767 *
1768 * Case sensitivity flags (SMB_IGNORE_CASE, SMB_CASE_SENSITIVE):
1769 * if SMB_CASE_SENSITIVE is set, the SMB_IGNORE_CASE flag will NOT be set
1770 * based on the tree's case sensitivity. However, if the SMB_IGNORE_CASE
1771 * flag is set in the flags value passed as a parameter, a case insensitive
1772 * lookup WILL be done (regardless of whether SMB_CASE_SENSITIVE is set
1773 * or not).
1774 */
1775 int
smb_fsop_lookup(smb_request_t * sr,cred_t * cr,int flags,smb_node_t * root_node,smb_node_t * dnode,char * name,smb_node_t ** ret_snode)1776 smb_fsop_lookup(
1777 smb_request_t *sr,
1778 cred_t *cr,
1779 int flags,
1780 smb_node_t *root_node,
1781 smb_node_t *dnode,
1782 char *name,
1783 smb_node_t **ret_snode)
1784 {
1785 smb_node_t *lnk_target_node;
1786 smb_node_t *lnk_dnode;
1787 char *longname;
1788 char *od_name;
1789 vnode_t *vp;
1790 int rc;
1791 int ret_flags;
1792 smb_attr_t attr;
1793
1794 ASSERT(cr);
1795 ASSERT(dnode);
1796 ASSERT(dnode->n_magic == SMB_NODE_MAGIC);
1797 ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING);
1798
1799 if (name == NULL)
1800 return (EINVAL);
1801
1802 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0)
1803 return (EACCES);
1804
1805 if (!(flags & SMB_CASE_SENSITIVE)) {
1806 if (SMB_TREE_IS_CASEINSENSITIVE(sr))
1807 flags |= SMB_IGNORE_CASE;
1808 }
1809 if (SMB_TREE_SUPPORTS_CATIA(sr))
1810 flags |= SMB_CATIA;
1811 if (SMB_TREE_SUPPORTS_ABE(sr))
1812 flags |= SMB_ABE;
1813
1814 od_name = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1815
1816 rc = smb_vop_lookup(dnode->vp, name, &vp, od_name, flags,
1817 &ret_flags, root_node ? root_node->vp : NULL, &attr, cr);
1818
1819 if (rc != 0) {
1820 if (!SMB_TREE_SUPPORTS_SHORTNAMES(sr) ||
1821 !smb_maybe_mangled(name)) {
1822 kmem_free(od_name, MAXNAMELEN);
1823 return (rc);
1824 }
1825
1826 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1827 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags);
1828 if (rc != 0) {
1829 kmem_free(od_name, MAXNAMELEN);
1830 kmem_free(longname, MAXNAMELEN);
1831 return (rc);
1832 }
1833
1834 /*
1835 * longname is the real (case-sensitive)
1836 * on-disk name.
1837 * We make sure we do a lookup on this exact
1838 * name, as the name was mangled and denotes
1839 * a unique file.
1840 */
1841
1842 if (flags & SMB_IGNORE_CASE)
1843 flags &= ~SMB_IGNORE_CASE;
1844
1845 rc = smb_vop_lookup(dnode->vp, longname, &vp, od_name,
1846 flags, &ret_flags, root_node ? root_node->vp : NULL, &attr,
1847 cr);
1848
1849 kmem_free(longname, MAXNAMELEN);
1850
1851 if (rc != 0) {
1852 kmem_free(od_name, MAXNAMELEN);
1853 return (rc);
1854 }
1855 }
1856
1857 if ((flags & SMB_FOLLOW_LINKS) && (vp->v_type == VLNK) &&
1858 ((attr.sa_dosattr & FILE_ATTRIBUTE_REPARSE_POINT) == 0)) {
1859 rc = smb_pathname(sr, od_name, FOLLOW, root_node, dnode,
1860 &lnk_dnode, &lnk_target_node, cr);
1861
1862 if (rc != 0) {
1863 /*
1864 * The link is assumed to be for the last component
1865 * of a path. Hence any ENOTDIR error will be returned
1866 * as ENOENT.
1867 */
1868 if (rc == ENOTDIR)
1869 rc = ENOENT;
1870
1871 VN_RELE(vp);
1872 kmem_free(od_name, MAXNAMELEN);
1873 return (rc);
1874 }
1875
1876 /*
1877 * Release the original VLNK vnode
1878 */
1879
1880 VN_RELE(vp);
1881 vp = lnk_target_node->vp;
1882
1883 rc = smb_vop_traverse_check(&vp);
1884
1885 if (rc != 0) {
1886 smb_node_release(lnk_dnode);
1887 smb_node_release(lnk_target_node);
1888 kmem_free(od_name, MAXNAMELEN);
1889 return (rc);
1890 }
1891
1892 /*
1893 * smb_vop_traverse_check() may have returned a different vnode
1894 */
1895
1896 if (lnk_target_node->vp == vp) {
1897 *ret_snode = lnk_target_node;
1898 } else {
1899 *ret_snode = smb_node_lookup(sr, NULL, cr, vp,
1900 lnk_target_node->od_name, lnk_dnode, NULL);
1901 VN_RELE(vp);
1902
1903 if (*ret_snode == NULL)
1904 rc = ENOMEM;
1905 smb_node_release(lnk_target_node);
1906 }
1907
1908 smb_node_release(lnk_dnode);
1909
1910 } else {
1911
1912 rc = smb_vop_traverse_check(&vp);
1913 if (rc) {
1914 VN_RELE(vp);
1915 kmem_free(od_name, MAXNAMELEN);
1916 return (rc);
1917 }
1918
1919 *ret_snode = smb_node_lookup(sr, NULL, cr, vp, od_name,
1920 dnode, NULL);
1921 VN_RELE(vp);
1922
1923 if (*ret_snode == NULL)
1924 rc = ENOMEM;
1925 }
1926
1927 kmem_free(od_name, MAXNAMELEN);
1928 return (rc);
1929 }
1930
1931 int /*ARGSUSED*/
smb_fsop_commit(smb_request_t * sr,cred_t * cr,smb_node_t * snode)1932 smb_fsop_commit(smb_request_t *sr, cred_t *cr, smb_node_t *snode)
1933 {
1934 ASSERT(cr);
1935 ASSERT(snode);
1936 ASSERT(snode->n_magic == SMB_NODE_MAGIC);
1937 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
1938
1939 ASSERT(sr);
1940 ASSERT(sr->tid_tree);
1941 if (SMB_TREE_IS_READONLY(sr))
1942 return (EROFS);
1943
1944 return (smb_vop_commit(snode->vp, cr));
1945 }
1946
1947 /*
1948 * smb_fsop_aclread
1949 *
1950 * Retrieve filesystem ACL. Depends on requested ACLs in
1951 * fs_sd->sd_secinfo, it'll set DACL and SACL pointers in
1952 * fs_sd. Note that requesting a DACL/SACL doesn't mean that
1953 * the corresponding field in fs_sd should be non-NULL upon
1954 * return, since the target ACL might not contain that type of
1955 * entries.
1956 *
1957 * Returned ACL is always in ACE_T (aka ZFS) format.
1958 * If successful the allocated memory for the ACL should be freed
1959 * using smb_fsacl_free() or smb_fssd_term()
1960 */
1961 int
smb_fsop_aclread(smb_request_t * sr,cred_t * cr,smb_node_t * snode,smb_fssd_t * fs_sd)1962 smb_fsop_aclread(smb_request_t *sr, cred_t *cr, smb_node_t *snode,
1963 smb_fssd_t *fs_sd)
1964 {
1965 int error = 0;
1966 int flags = 0;
1967 int access = 0;
1968 acl_t *acl;
1969 smb_node_t *unnamed_node;
1970
1971 ASSERT(cr);
1972
1973 if (SMB_TREE_HAS_ACCESS(sr, ACE_READ_ACL) == 0)
1974 return (EACCES);
1975
1976 if (sr->fid_ofile) {
1977 if (fs_sd->sd_secinfo & SMB_DACL_SECINFO)
1978 access = READ_CONTROL;
1979
1980 if (fs_sd->sd_secinfo & SMB_SACL_SECINFO)
1981 access |= ACCESS_SYSTEM_SECURITY;
1982
1983 error = smb_ofile_access(sr->fid_ofile, cr, access);
1984 if (error != NT_STATUS_SUCCESS) {
1985 return (EACCES);
1986 }
1987 }
1988
1989 unnamed_node = SMB_IS_STREAM(snode);
1990 if (unnamed_node) {
1991 ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC);
1992 ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING);
1993 /*
1994 * Streams don't have ACL, any read ACL attempt on a stream
1995 * should be performed on the unnamed stream.
1996 */
1997 snode = unnamed_node;
1998 }
1999
2000 if (smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACEMASKONACCESS))
2001 flags = ATTR_NOACLCHECK;
2002
2003 error = smb_vop_acl_read(snode->vp, &acl, flags,
2004 sr->tid_tree->t_acltype, cr);
2005 if (error != 0) {
2006 return (error);
2007 }
2008
2009 error = acl_translate(acl, _ACL_ACE_ENABLED,
2010 smb_node_is_dir(snode), fs_sd->sd_uid, fs_sd->sd_gid);
2011
2012 if (error == 0) {
2013 smb_fsacl_split(acl, &fs_sd->sd_zdacl, &fs_sd->sd_zsacl,
2014 fs_sd->sd_secinfo);
2015 }
2016
2017 acl_free(acl);
2018 return (error);
2019 }
2020
2021 /*
2022 * smb_fsop_aclwrite
2023 *
2024 * Stores the filesystem ACL provided in fs_sd->sd_acl.
2025 */
2026 int
smb_fsop_aclwrite(smb_request_t * sr,cred_t * cr,smb_node_t * snode,smb_fssd_t * fs_sd)2027 smb_fsop_aclwrite(smb_request_t *sr, cred_t *cr, smb_node_t *snode,
2028 smb_fssd_t *fs_sd)
2029 {
2030 int target_flavor;
2031 int error = 0;
2032 int flags = 0;
2033 int access = 0;
2034 acl_t *acl, *dacl, *sacl;
2035 smb_node_t *unnamed_node;
2036
2037 ASSERT(cr);
2038
2039 ASSERT(sr);
2040 ASSERT(sr->tid_tree);
2041 if (SMB_TREE_IS_READONLY(sr))
2042 return (EROFS);
2043
2044 if (SMB_TREE_HAS_ACCESS(sr, ACE_WRITE_ACL) == 0)
2045 return (EACCES);
2046
2047 if (sr->fid_ofile) {
2048 if (fs_sd->sd_secinfo & SMB_DACL_SECINFO)
2049 access = WRITE_DAC;
2050
2051 if (fs_sd->sd_secinfo & SMB_SACL_SECINFO)
2052 access |= ACCESS_SYSTEM_SECURITY;
2053
2054 error = smb_ofile_access(sr->fid_ofile, cr, access);
2055 if (error != NT_STATUS_SUCCESS)
2056 return (EACCES);
2057 }
2058
2059 switch (sr->tid_tree->t_acltype) {
2060 case ACLENT_T:
2061 target_flavor = _ACL_ACLENT_ENABLED;
2062 break;
2063
2064 case ACE_T:
2065 target_flavor = _ACL_ACE_ENABLED;
2066 break;
2067 default:
2068 return (EINVAL);
2069 }
2070
2071 unnamed_node = SMB_IS_STREAM(snode);
2072 if (unnamed_node) {
2073 ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC);
2074 ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING);
2075 /*
2076 * Streams don't have ACL, any write ACL attempt on a stream
2077 * should be performed on the unnamed stream.
2078 */
2079 snode = unnamed_node;
2080 }
2081
2082 dacl = fs_sd->sd_zdacl;
2083 sacl = fs_sd->sd_zsacl;
2084
2085 ASSERT(dacl || sacl);
2086 if ((dacl == NULL) && (sacl == NULL))
2087 return (EINVAL);
2088
2089 if (dacl && sacl)
2090 acl = smb_fsacl_merge(dacl, sacl);
2091 else if (dacl)
2092 acl = dacl;
2093 else
2094 acl = sacl;
2095
2096 error = acl_translate(acl, target_flavor, smb_node_is_dir(snode),
2097 fs_sd->sd_uid, fs_sd->sd_gid);
2098 if (error == 0) {
2099 if (smb_tree_has_feature(sr->tid_tree,
2100 SMB_TREE_ACEMASKONACCESS))
2101 flags = ATTR_NOACLCHECK;
2102
2103 error = smb_vop_acl_write(snode->vp, acl, flags, cr);
2104 }
2105
2106 if (dacl && sacl)
2107 acl_free(acl);
2108
2109 return (error);
2110 }
2111
2112 acl_type_t
smb_fsop_acltype(smb_node_t * snode)2113 smb_fsop_acltype(smb_node_t *snode)
2114 {
2115 return (smb_vop_acl_type(snode->vp));
2116 }
2117
2118 /*
2119 * smb_fsop_sdread
2120 *
2121 * Read the requested security descriptor items from filesystem.
2122 * The items are specified in fs_sd->sd_secinfo.
2123 */
2124 int
smb_fsop_sdread(smb_request_t * sr,cred_t * cr,smb_node_t * snode,smb_fssd_t * fs_sd)2125 smb_fsop_sdread(smb_request_t *sr, cred_t *cr, smb_node_t *snode,
2126 smb_fssd_t *fs_sd)
2127 {
2128 int error = 0;
2129 int getowner = 0;
2130 cred_t *ga_cred;
2131 smb_attr_t attr;
2132
2133 ASSERT(cr);
2134 ASSERT(fs_sd);
2135
2136 /*
2137 * File's uid/gid is fetched in two cases:
2138 *
2139 * 1. it's explicitly requested
2140 *
2141 * 2. target ACL is ACE_T (ZFS ACL). They're needed for
2142 * owner@/group@ entries. In this case kcred should be used
2143 * because uid/gid are fetched on behalf of smb server.
2144 */
2145 if (fs_sd->sd_secinfo & (SMB_OWNER_SECINFO | SMB_GROUP_SECINFO)) {
2146 getowner = 1;
2147 ga_cred = cr;
2148 } else if (sr->tid_tree->t_acltype == ACE_T) {
2149 getowner = 1;
2150 ga_cred = zone_kcred();
2151 }
2152
2153 if (getowner) {
2154 /*
2155 * Windows require READ_CONTROL to read owner/group SID since
2156 * they're part of Security Descriptor.
2157 * ZFS only requires read_attribute. Need to have a explicit
2158 * access check here.
2159 */
2160 if (sr->fid_ofile == NULL) {
2161 error = smb_fsop_access(sr, ga_cred, snode,
2162 READ_CONTROL);
2163 if (error)
2164 return (EACCES);
2165 }
2166
2167 attr.sa_mask = SMB_AT_UID | SMB_AT_GID;
2168 error = smb_fsop_getattr(sr, ga_cred, snode, &attr);
2169 if (error == 0) {
2170 fs_sd->sd_uid = attr.sa_vattr.va_uid;
2171 fs_sd->sd_gid = attr.sa_vattr.va_gid;
2172 } else {
2173 return (error);
2174 }
2175 }
2176
2177 if (fs_sd->sd_secinfo & SMB_ACL_SECINFO) {
2178 error = smb_fsop_aclread(sr, cr, snode, fs_sd);
2179 }
2180
2181 return (error);
2182 }
2183
2184 /*
2185 * smb_fsop_sdmerge
2186 *
2187 * From SMB point of view DACL and SACL are two separate list
2188 * which can be manipulated independently without one affecting
2189 * the other, but entries for both DACL and SACL will end up
2190 * in the same ACL if target filesystem supports ACE_T ACLs.
2191 *
2192 * So, if either DACL or SACL is present in the client set request
2193 * the entries corresponding to the non-present ACL shouldn't
2194 * be touched in the FS ACL.
2195 *
2196 * fs_sd parameter contains DACL and SACL specified by SMB
2197 * client to be set on a file/directory. The client could
2198 * specify both or one of these ACLs (if none is specified
2199 * we don't get this far). When both DACL and SACL are given
2200 * by client the existing ACL should be overwritten. If only
2201 * one of them is specified the entries corresponding to the other
2202 * ACL should not be touched. For example, if only DACL
2203 * is specified in input fs_sd, the function reads audit entries
2204 * of the existing ACL of the file and point fs_sd->sd_zsdacl
2205 * pointer to the fetched SACL, this way when smb_fsop_sdwrite()
2206 * function is called the passed fs_sd would point to the specified
2207 * DACL by client and fetched SACL from filesystem, so the file
2208 * will end up with correct ACL.
2209 */
2210 static int
smb_fsop_sdmerge(smb_request_t * sr,smb_node_t * snode,smb_fssd_t * fs_sd)2211 smb_fsop_sdmerge(smb_request_t *sr, smb_node_t *snode, smb_fssd_t *fs_sd)
2212 {
2213 smb_fssd_t cur_sd;
2214 cred_t *kcr = zone_kcred();
2215 int error = 0;
2216
2217 if (sr->tid_tree->t_acltype != ACE_T)
2218 /* Don't bother if target FS doesn't support ACE_T */
2219 return (0);
2220
2221 if ((fs_sd->sd_secinfo & SMB_ACL_SECINFO) != SMB_ACL_SECINFO) {
2222 if (fs_sd->sd_secinfo & SMB_DACL_SECINFO) {
2223 /*
2224 * Don't overwrite existing audit entries
2225 */
2226 smb_fssd_init(&cur_sd, SMB_SACL_SECINFO,
2227 fs_sd->sd_flags);
2228
2229 error = smb_fsop_sdread(sr, kcr, snode, &cur_sd);
2230 if (error == 0) {
2231 ASSERT(fs_sd->sd_zsacl == NULL);
2232 fs_sd->sd_zsacl = cur_sd.sd_zsacl;
2233 if (fs_sd->sd_zsacl && fs_sd->sd_zdacl)
2234 fs_sd->sd_zsacl->acl_flags =
2235 fs_sd->sd_zdacl->acl_flags;
2236 }
2237 } else {
2238 /*
2239 * Don't overwrite existing access entries
2240 */
2241 smb_fssd_init(&cur_sd, SMB_DACL_SECINFO,
2242 fs_sd->sd_flags);
2243
2244 error = smb_fsop_sdread(sr, kcr, snode, &cur_sd);
2245 if (error == 0) {
2246 ASSERT(fs_sd->sd_zdacl == NULL);
2247 fs_sd->sd_zdacl = cur_sd.sd_zdacl;
2248 if (fs_sd->sd_zdacl && fs_sd->sd_zsacl)
2249 fs_sd->sd_zdacl->acl_flags =
2250 fs_sd->sd_zsacl->acl_flags;
2251 }
2252 }
2253
2254 if (error)
2255 smb_fssd_term(&cur_sd);
2256 }
2257
2258 return (error);
2259 }
2260
2261 /*
2262 * smb_fsop_sdwrite
2263 *
2264 * Stores the given uid, gid and acl in filesystem.
2265 * Provided items in fs_sd are specified by fs_sd->sd_secinfo.
2266 *
2267 * A SMB security descriptor could contain owner, primary group,
2268 * DACL and SACL. Setting an SD should be atomic but here it has to
2269 * be done via two separate FS operations: VOP_SETATTR and
2270 * VOP_SETSECATTR. Therefore, this function has to simulate the
2271 * atomicity as well as it can.
2272 *
2273 * Get the current uid, gid before setting the new uid/gid
2274 * so if smb_fsop_aclwrite fails they can be restored. root cred is
2275 * used to get currend uid/gid since this operation is performed on
2276 * behalf of the server not the user.
2277 *
2278 * If setting uid/gid fails with EPERM it means that and invalid
2279 * owner has been specified. Callers should translate this to
2280 * STATUS_INVALID_OWNER which is not the normal mapping for EPERM
2281 * in upper layers, so EPERM is mapped to EBADE.
2282 */
2283 int
smb_fsop_sdwrite(smb_request_t * sr,cred_t * cr,smb_node_t * snode,smb_fssd_t * fs_sd,int overwrite)2284 smb_fsop_sdwrite(smb_request_t *sr, cred_t *cr, smb_node_t *snode,
2285 smb_fssd_t *fs_sd, int overwrite)
2286 {
2287 smb_attr_t set_attr;
2288 smb_attr_t orig_attr;
2289 cred_t *kcr = zone_kcred();
2290 int error = 0;
2291 int access = 0;
2292
2293 ASSERT(cr);
2294 ASSERT(fs_sd);
2295
2296 ASSERT(sr);
2297 ASSERT(sr->tid_tree);
2298 if (SMB_TREE_IS_READONLY(sr))
2299 return (EROFS);
2300
2301 bzero(&set_attr, sizeof (smb_attr_t));
2302
2303 if (fs_sd->sd_secinfo & SMB_OWNER_SECINFO) {
2304 set_attr.sa_vattr.va_uid = fs_sd->sd_uid;
2305 set_attr.sa_mask |= SMB_AT_UID;
2306 access |= WRITE_OWNER;
2307 }
2308
2309 if (fs_sd->sd_secinfo & SMB_GROUP_SECINFO) {
2310 set_attr.sa_vattr.va_gid = fs_sd->sd_gid;
2311 set_attr.sa_mask |= SMB_AT_GID;
2312 access |= WRITE_OWNER;
2313 }
2314
2315 if (fs_sd->sd_secinfo & SMB_DACL_SECINFO)
2316 access |= WRITE_DAC;
2317
2318 if (fs_sd->sd_secinfo & SMB_SACL_SECINFO)
2319 access |= ACCESS_SYSTEM_SECURITY;
2320
2321 if (sr->fid_ofile)
2322 error = smb_ofile_access(sr->fid_ofile, cr, access);
2323 else
2324 error = smb_fsop_access(sr, cr, snode, access);
2325
2326 if (error)
2327 return (EACCES);
2328
2329 if (set_attr.sa_mask) {
2330 orig_attr.sa_mask = SMB_AT_UID | SMB_AT_GID;
2331 error = smb_fsop_getattr(sr, kcr, snode, &orig_attr);
2332 if (error == 0) {
2333 error = smb_fsop_setattr(sr, cr, snode, &set_attr);
2334 if (error == EPERM)
2335 error = EBADE;
2336 }
2337
2338 if (error)
2339 return (error);
2340 }
2341
2342 if (fs_sd->sd_secinfo & SMB_ACL_SECINFO) {
2343 if (overwrite == 0) {
2344 error = smb_fsop_sdmerge(sr, snode, fs_sd);
2345 if (error)
2346 return (error);
2347 }
2348
2349 error = smb_fsop_aclwrite(sr, cr, snode, fs_sd);
2350 if (error) {
2351 /*
2352 * Revert uid/gid changes if required.
2353 */
2354 if (set_attr.sa_mask) {
2355 orig_attr.sa_mask = set_attr.sa_mask;
2356 (void) smb_fsop_setattr(sr, kcr, snode,
2357 &orig_attr);
2358 }
2359 }
2360 }
2361
2362 return (error);
2363 }
2364
2365 #ifdef _KERNEL
2366 /*
2367 * smb_fsop_sdinherit
2368 *
2369 * Inherit the security descriptor from the parent container.
2370 * This function is called after FS has created the file/folder
2371 * so if this doesn't do anything it means FS inheritance is
2372 * in place.
2373 *
2374 * Do inheritance for ZFS internally.
2375 *
2376 * If we want to let ZFS does the inheritance the
2377 * following setting should be true:
2378 *
2379 * - aclinherit = passthrough
2380 * - aclmode = passthrough
2381 * - smbd umask = 0777
2382 *
2383 * This will result in right effective permissions but
2384 * ZFS will always add 6 ACEs for owner, owning group
2385 * and others to be POSIX compliant. This is not what
2386 * Windows clients/users expect, so we decided that CIFS
2387 * implements Windows rules and overwrite whatever ZFS
2388 * comes up with. This way we also don't have to care
2389 * about ZFS aclinherit and aclmode settings.
2390 */
2391 static int
smb_fsop_sdinherit(smb_request_t * sr,smb_node_t * dnode,smb_fssd_t * fs_sd)2392 smb_fsop_sdinherit(smb_request_t *sr, smb_node_t *dnode, smb_fssd_t *fs_sd)
2393 {
2394 acl_t *dacl = NULL;
2395 acl_t *sacl = NULL;
2396 int is_dir;
2397 int error;
2398
2399 ASSERT(fs_sd);
2400
2401 if (sr->tid_tree->t_acltype != ACE_T) {
2402 /*
2403 * No forced inheritance for non-ZFS filesystems.
2404 */
2405 fs_sd->sd_secinfo = 0;
2406 return (0);
2407 }
2408
2409
2410 /* Fetch parent directory's ACL */
2411 error = smb_fsop_sdread(sr, zone_kcred(), dnode, fs_sd);
2412 if (error) {
2413 return (error);
2414 }
2415
2416 is_dir = (fs_sd->sd_flags & SMB_FSSD_FLAGS_DIR);
2417 dacl = smb_fsacl_inherit(fs_sd->sd_zdacl, is_dir, SMB_DACL_SECINFO,
2418 sr->user_cr);
2419 sacl = smb_fsacl_inherit(fs_sd->sd_zsacl, is_dir, SMB_SACL_SECINFO,
2420 sr->user_cr);
2421
2422 if (sacl == NULL)
2423 fs_sd->sd_secinfo &= ~SMB_SACL_SECINFO;
2424
2425 smb_fsacl_free(fs_sd->sd_zdacl);
2426 smb_fsacl_free(fs_sd->sd_zsacl);
2427
2428 fs_sd->sd_zdacl = dacl;
2429 fs_sd->sd_zsacl = sacl;
2430
2431 return (0);
2432 }
2433 #endif /* _KERNEL */
2434
2435 /*
2436 * smb_fsop_eaccess
2437 *
2438 * Returns the effective permission of the given credential for the
2439 * specified object.
2440 *
2441 * This is just a workaround. We need VFS/FS support for this.
2442 */
2443 void
smb_fsop_eaccess(smb_request_t * sr,cred_t * cr,smb_node_t * snode,uint32_t * eaccess)2444 smb_fsop_eaccess(smb_request_t *sr, cred_t *cr, smb_node_t *snode,
2445 uint32_t *eaccess)
2446 {
2447 int access = 0;
2448 vnode_t *dir_vp;
2449 smb_node_t *unnamed_node;
2450
2451 ASSERT(cr);
2452 ASSERT(snode);
2453 ASSERT(snode->n_magic == SMB_NODE_MAGIC);
2454 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
2455
2456 unnamed_node = SMB_IS_STREAM(snode);
2457 if (unnamed_node) {
2458 ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC);
2459 ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING);
2460 /*
2461 * Streams authorization should be performed against the
2462 * unnamed stream.
2463 */
2464 snode = unnamed_node;
2465 }
2466
2467 if (smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACEMASKONACCESS)) {
2468 dir_vp = (snode->n_dnode) ? snode->n_dnode->vp : NULL;
2469 smb_vop_eaccess(snode->vp, (int *)eaccess, V_ACE_MASK, dir_vp,
2470 cr);
2471 return;
2472 }
2473
2474 /*
2475 * FS doesn't understand 32-bit mask
2476 */
2477 smb_vop_eaccess(snode->vp, &access, 0, NULL, cr);
2478 access &= sr->tid_tree->t_access;
2479
2480 *eaccess = READ_CONTROL | FILE_READ_EA | FILE_READ_ATTRIBUTES;
2481
2482 if (access & VREAD)
2483 *eaccess |= FILE_READ_DATA;
2484
2485 if (access & VEXEC)
2486 *eaccess |= FILE_EXECUTE;
2487
2488 if (access & VWRITE)
2489 *eaccess |= FILE_WRITE_DATA | FILE_WRITE_ATTRIBUTES |
2490 FILE_WRITE_EA | FILE_APPEND_DATA | FILE_DELETE_CHILD;
2491 }
2492
2493 /*
2494 * smb_fsop_shrlock
2495 *
2496 * For the current open request, check file sharing rules
2497 * against existing opens.
2498 *
2499 * Returns NT_STATUS_SHARING_VIOLATION if there is any
2500 * sharing conflict. Returns NT_STATUS_SUCCESS otherwise.
2501 *
2502 * Full system-wide share reservation synchronization is available
2503 * when the nbmand (non-blocking mandatory) mount option is set
2504 * (i.e. nbl_need_crit() is true) and nbmand critical regions are used.
2505 * This provides synchronization with NFS and local processes. The
2506 * critical regions are entered in VOP_SHRLOCK()/fs_shrlock() (called
2507 * from smb_open_subr()/smb_fsop_shrlock()/smb_vop_shrlock()) as well
2508 * as the CIFS rename and delete paths.
2509 *
2510 * The CIFS server will also enter the nbl critical region in the open,
2511 * rename, and delete paths when nbmand is not set. There is limited
2512 * coordination with local and VFS share reservations in this case.
2513 * Note that when the nbmand mount option is not set, the VFS layer
2514 * only processes advisory reservations and the delete mode is not checked.
2515 *
2516 * Whether or not the nbmand mount option is set, intra-CIFS share
2517 * checking is done in the open, delete, and rename paths using a CIFS
2518 * critical region (node->n_share_lock).
2519 */
2520 uint32_t
smb_fsop_shrlock(cred_t * cr,smb_node_t * node,uint32_t uniq_fid,uint32_t desired_access,uint32_t share_access)2521 smb_fsop_shrlock(cred_t *cr, smb_node_t *node, uint32_t uniq_fid,
2522 uint32_t desired_access, uint32_t share_access)
2523 {
2524 int rc;
2525
2526 /* Allow access if the request is just for meta data */
2527 if ((desired_access & FILE_DATA_ALL) == 0)
2528 return (NT_STATUS_SUCCESS);
2529
2530 rc = smb_node_open_check(node, desired_access, share_access);
2531 if (rc)
2532 return (NT_STATUS_SHARING_VIOLATION);
2533
2534 rc = smb_vop_shrlock(node->vp, uniq_fid, desired_access, share_access,
2535 cr);
2536 if (rc)
2537 return (NT_STATUS_SHARING_VIOLATION);
2538
2539 return (NT_STATUS_SUCCESS);
2540 }
2541
2542 void
smb_fsop_unshrlock(cred_t * cr,smb_node_t * node,uint32_t uniq_fid)2543 smb_fsop_unshrlock(cred_t *cr, smb_node_t *node, uint32_t uniq_fid)
2544 {
2545 (void) smb_vop_unshrlock(node->vp, uniq_fid, cr);
2546 }
2547
2548 int
smb_fsop_frlock(smb_node_t * node,smb_lock_t * lock,boolean_t unlock,cred_t * cr)2549 smb_fsop_frlock(smb_node_t *node, smb_lock_t *lock, boolean_t unlock,
2550 cred_t *cr)
2551 {
2552 flock64_t bf;
2553 int flag = F_REMOTELOCK;
2554
2555 /*
2556 * VOP_FRLOCK() will not be called if:
2557 *
2558 * 1) The lock has a range of zero bytes. The semantics of Windows and
2559 * POSIX are different. In the case of POSIX it asks for the locking
2560 * of all the bytes from the offset provided until the end of the
2561 * file. In the case of Windows a range of zero locks nothing and
2562 * doesn't conflict with any other lock.
2563 *
2564 * 2) The lock rolls over (start + lenght < start). Solaris will assert
2565 * if such a request is submitted. This will not create
2566 * incompatibilities between POSIX and Windows. In the Windows world,
2567 * if a client submits such a lock, the server will not lock any
2568 * bytes. Interestingly if the same lock (same offset and length) is
2569 * resubmitted Windows will consider that there is an overlap and
2570 * the granting rules will then apply.
2571 */
2572 if ((lock->l_length == 0) ||
2573 ((lock->l_start + lock->l_length - 1) < lock->l_start))
2574 return (0);
2575
2576 bzero(&bf, sizeof (bf));
2577
2578 if (unlock) {
2579 bf.l_type = F_UNLCK;
2580 } else if (lock->l_type == SMB_LOCK_TYPE_READONLY) {
2581 bf.l_type = F_RDLCK;
2582 flag |= FREAD;
2583 } else if (lock->l_type == SMB_LOCK_TYPE_READWRITE) {
2584 bf.l_type = F_WRLCK;
2585 flag |= FWRITE;
2586 }
2587
2588 bf.l_start = lock->l_start;
2589 bf.l_len = lock->l_length;
2590 bf.l_pid = lock->l_file->f_uniqid;
2591 bf.l_sysid = smb_ct.cc_sysid;
2592
2593 return (smb_vop_frlock(node->vp, cr, flag, &bf));
2594 }
2595