1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright (c) 2017 by Delphix. All rights reserved.
24 * Copyright 2019 Nexenta by DDN, Inc. All rights reserved.
25 * Copyright 2021-2023 RackTop Systems, Inc.
26 */
27
28 /*
29 * General Structures Layout
30 * -------------------------
31 *
32 * This is a simplified diagram showing the relationship between most of the
33 * main structures.
34 *
35 * +-------------------+
36 * | SMB_SERVER |
37 * +-------------------+
38 * |
39 * |
40 * v
41 * +-------------------+ +-------------------+ +-------------------+
42 * | SESSION |<----->| SESSION |......| SESSION |
43 * +-------------------+ +-------------------+ +-------------------+
44 * |
45 * |
46 * v
47 * +-------------------+ +-------------------+ +-------------------+
48 * | USER |<----->| USER |......| USER |
49 * +-------------------+ +-------------------+ +-------------------+
50 * |
51 * |
52 * v
53 * +-------------------+ +-------------------+ +-------------------+
54 * | TREE |<----->| TREE |......| TREE |
55 * +-------------------+ +-------------------+ +-------------------+
56 * | |
57 * | |
58 * | v
59 * | +-------+ +-------+ +-------+
60 * | | OFILE |<----->| OFILE |......| OFILE |
61 * | +-------+ +-------+ +-------+
62 * |
63 * |
64 * v
65 * +-------+ +------+ +------+
66 * | ODIR |<----->| ODIR |......| ODIR |
67 * +-------+ +------+ +------+
68 *
69 *
70 * Module Interface Overview
71 * -------------------------
72 *
73 *
74 * +===================================+
75 * | smbd daemon |
76 * +===================================+
77 * | | ^
78 * | | |
79 * User | | |
80 * -----------|--------------|----------------|--------------------------------
81 * Kernel | | |
82 * | | |
83 * | | |
84 * +=========|==============|================|=================+
85 * | v v | |
86 * | +-----------+ +--------------------+ +------------------+ |
87 * | | IO | | Kernel Door Server | | User Door Servers| |
88 * | | Interface | | Interface | | Interface | |
89 * | +-----------+ +--------------------+ +------------------+ |
90 * | | | ^ ^ |
91 * | v v | | | +=========+
92 * | +-----------------------------------+ | | | |
93 * | + SMB Server Management (this file) |<------------------| ZFS |
94 * | +-----------------------------------+ | | | |
95 * | | | | Module |
96 * | +-----------------------------------+ | | | |
97 * | + SMB Server Internal Layers |------+ | +=========+
98 * | +-----------------------------------+ |
99 * | |
100 * | |
101 * +===========================================================+
102 *
103 *
104 * Server State Machine
105 * --------------------
106 * |
107 * | T0
108 * |
109 * v
110 * +-----------------------------+
111 * | SMB_SERVER_STATE_CREATED |
112 * +-----------------------------+
113 * |
114 * | T1
115 * |
116 * v
117 * +-----------------------------+
118 * | SMB_SERVER_STATE_CONFIGURED |
119 * +-----------------------------+
120 * |
121 * | T2
122 * |
123 * v
124 * +-----------------------------+
125 * | SMB_SERVER_STATE_RUNNING / |
126 * | SMB_SERVER_STATE_STOPPING |
127 * +-----------------------------+
128 * |
129 * | T3
130 * |
131 * v
132 * +-----------------------------+
133 * | SMB_SERVER_STATE_DELETING |
134 * +-----------------------------+
135 * |
136 * |
137 * |
138 * v
139 *
140 * States
141 * ------
142 *
143 * SMB_SERVER_STATE_CREATED
144 *
145 * This is the state of the server just after creation.
146 *
147 * SMB_SERVER_STATE_CONFIGURED
148 *
149 * The server has been configured.
150 *
151 * SMB_SERVER_STATE_RUNNING
152 *
153 * The server has been started. While in this state the threads listening on
154 * the sockets are started.
155 *
156 * When a client establishes a connection the thread listening dispatches
157 * a task with the new session as an argument. If the dispatch fails the new
158 * session context is destroyed.
159 *
160 * SMB_SERVER_STATE_STOPPING
161 *
162 * The threads listening on the NBT and TCP sockets are being terminated.
163 *
164 *
165 * Transitions
166 * -----------
167 *
168 * Transition T0
169 *
170 * The daemon smbd triggers its creation by opening the smbsrv device. If
171 * the zone where the daemon lives doesn't have an smb server yet it is
172 * created.
173 *
174 * smb_drv_open() --> smb_server_create()
175 *
176 * Transition T1
177 *
178 * This transition occurs in smb_server_configure(). It is triggered by the
179 * daemon through an Ioctl.
180 *
181 * smb_drv_ioctl(SMB_IOC_CONFIG) --> smb_server_configure()
182 *
183 * Transition T2
184 *
185 * This transition occurs in smb_server_start(). It is triggered by the
186 * daemon through an Ioctl.
187 *
188 * smb_drv_ioctl(SMB_IOC_START) --> smb_server_start()
189 *
190 * Transition T3
191 *
192 * This transition occurs in smb_server_delete(). It is triggered by the
193 * daemon when closing the smbsrv device
194 *
195 * smb_drv_close() --> smb_server_delete()
196 *
197 * Comments
198 * --------
199 *
200 * This files assumes that there will one SMB server per zone. For now the
201 * smb server works only in global zone. There's nothing in this file preventing
202 * an smb server from being created in a non global zone. That limitation is
203 * enforced in user space.
204 */
205
206 #include <sys/cmn_err.h>
207 #include <sys/priv.h>
208 #include <sys/zone.h>
209 #include <sys/sysmacros.h>
210 #include <sys/callb.h>
211 #include <sys/class.h>
212 #include <sys/disp.h>
213 #include <netinet/in.h>
214 #include <netinet/in_systm.h>
215 #include <netinet/ip.h>
216 #include <netinet/ip_icmp.h>
217 #include <netinet/ip_var.h>
218 #include <netinet/tcp.h>
219 #include <smbsrv/smb2_kproto.h>
220 #include <smbsrv/string.h>
221 #include <smbsrv/netbios.h>
222 #include <smbsrv/smb_fsops.h>
223 #include <smbsrv/smb_share.h>
224 #include <smbsrv/smb_door.h>
225 #include <smbsrv/smb_kstat.h>
226
227 static void smb_server_kstat_init(smb_server_t *);
228 static void smb_server_kstat_fini(smb_server_t *);
229 static void smb_server_timers(smb_thread_t *, void *);
230 static void smb_server_store_cfg(smb_server_t *, smb_ioc_cfg_t *);
231 static void smb_server_shutdown(smb_server_t *);
232 static int smb_server_fsop_start(smb_server_t *);
233 static void smb_server_fsop_stop(smb_server_t *);
234 static void smb_event_cancel(smb_server_t *, uint32_t);
235 static uint32_t smb_event_alloc_txid(void);
236
237 static void smb_server_disconnect_share(smb_server_t *, const char *);
238 static void smb_server_enum_users(smb_server_t *, smb_svcenum_t *);
239 static void smb_server_enum_trees(smb_server_t *, smb_svcenum_t *);
240 static int smb_server_session_disconnect(smb_server_t *, const char *,
241 const char *);
242 static int smb_server_fclose(smb_server_t *, uint32_t);
243 static int smb_server_kstat_update(kstat_t *, int);
244 static int smb_server_legacy_kstat_update(kstat_t *, int);
245 static void smb_server_listener_init(smb_server_t *, smb_listener_daemon_t *,
246 char *, in_port_t, int);
247 static void smb_server_listener_destroy(smb_listener_daemon_t *);
248 static int smb_server_listener_start(smb_listener_daemon_t *);
249 static void smb_server_listener_stop(smb_listener_daemon_t *);
250 static void smb_server_listener(smb_thread_t *, void *);
251 static void smb_server_receiver(void *);
252 static void smb_server_create_session(smb_listener_daemon_t *, ksocket_t);
253 static void smb_server_destroy_session(smb_session_t *);
254 static uint16_t smb_spool_get_fid(smb_server_t *);
255 static boolean_t smb_spool_lookup_doc_byfid(smb_server_t *, uint16_t,
256 smb_kspooldoc_t *);
257
258 #ifdef _KERNEL
259 int smb_create_process = 1;
260 static void smb_server_delproc(smb_server_t *);
261 static int smb_server_newproc(smb_server_t *);
262 static void smb_server_proc_main(void *);
263 #endif
264
265 /*
266 * How many "buckets" should our hash tables use? On a "real" server,
267 * make them much larger than the number of CPUs we're likely to have.
268 * On "fksmbd" make it smaller so dtrace logs are shorter.
269 * These must be powers of two.
270 */
271 #ifdef _KERNEL
272 #define DEFAULT_HASH_NBUCKETS 256 /* real server */
273 #else
274 #define DEFAULT_HASH_NBUCKETS 16 /* for "fksmbd" */
275 #endif
276 uint32_t SMB_OFILE_HASH_NBUCKETS = DEFAULT_HASH_NBUCKETS;
277 uint32_t SMB_LEASE_HASH_NBUCKETS = DEFAULT_HASH_NBUCKETS;
278
279 int smb_event_debug = 0;
280
281 static smb_llist_t smb_servers;
282
283 /* for smb_server_destroy_session() */
284 static smb_llist_t smb_server_session_zombies;
285
286 kmem_cache_t *smb_cache_request;
287 kmem_cache_t *smb_cache_session;
288 kmem_cache_t *smb_cache_user;
289 kmem_cache_t *smb_cache_tree;
290 kmem_cache_t *smb_cache_ofile;
291 kmem_cache_t *smb_cache_odir;
292 kmem_cache_t *smb_cache_opipe;
293 kmem_cache_t *smb_cache_event;
294 kmem_cache_t *smb_cache_lock;
295
296 /*
297 * *****************************************************************************
298 * **************** Functions called from the device interface *****************
299 * *****************************************************************************
300 *
301 * These functions typically have to determine the relevant smb server
302 * to which the call applies.
303 */
304
305 /*
306 * How many zones have an SMB server active?
307 */
308 int
smb_server_get_count(void)309 smb_server_get_count(void)
310 {
311 return (smb_llist_get_count(&smb_servers));
312 }
313
314 /*
315 * smb_server_g_init
316 *
317 * This function must be called from smb_drv_attach().
318 */
319 int
smb_server_g_init(void)320 smb_server_g_init(void)
321 {
322 int rc;
323
324 if ((rc = smb_vop_init()) != 0)
325 goto errout;
326 if ((rc = smb_fem_init()) != 0)
327 goto errout;
328
329 smb_kshare_g_init();
330 smb_codepage_init();
331 smb_mbc_init(); /* smb_mbc_cache */
332 smb_node_init(); /* smb_node_cache, lists */
333 smb2_lease_init();
334
335 smb_cache_request = kmem_cache_create("smb_request_cache",
336 sizeof (smb_request_t), 8, NULL, NULL, NULL, NULL, NULL, 0);
337 smb_cache_session = kmem_cache_create("smb_session_cache",
338 sizeof (smb_session_t), 8, NULL, NULL, NULL, NULL, NULL, 0);
339 smb_cache_user = kmem_cache_create("smb_user_cache",
340 sizeof (smb_user_t), 8, NULL, NULL, NULL, NULL, NULL, 0);
341 smb_cache_tree = kmem_cache_create("smb_tree_cache",
342 sizeof (smb_tree_t), 8, NULL, NULL, NULL, NULL, NULL, 0);
343 smb_cache_ofile = kmem_cache_create("smb_ofile_cache",
344 sizeof (smb_ofile_t), 8, NULL, NULL, NULL, NULL, NULL, 0);
345 smb_cache_odir = kmem_cache_create("smb_odir_cache",
346 sizeof (smb_odir_t), 8, NULL, NULL, NULL, NULL, NULL, 0);
347 smb_cache_opipe = kmem_cache_create("smb_opipe_cache",
348 sizeof (smb_opipe_t), 8, NULL, NULL, NULL, NULL, NULL, 0);
349 smb_cache_event = kmem_cache_create("smb_event_cache",
350 sizeof (smb_event_t), 8, NULL, NULL, NULL, NULL, NULL, 0);
351 smb_cache_lock = kmem_cache_create("smb_lock_cache",
352 sizeof (smb_lock_t), 8, NULL, NULL, NULL, NULL, NULL, 0);
353
354 smb_llist_init();
355 smb_llist_constructor(&smb_servers, sizeof (smb_server_t),
356 offsetof(smb_server_t, sv_lnd));
357
358 smb_llist_constructor(&smb_server_session_zombies,
359 sizeof (smb_session_t), offsetof(smb_session_t, s_lnd));
360
361 return (0);
362
363 errout:
364 smb_fem_fini();
365 smb_vop_fini();
366 return (rc);
367 }
368
369 /*
370 * smb_server_g_fini
371 *
372 * This function must called from smb_drv_detach(). It will fail if servers
373 * still exist.
374 */
375 void
smb_server_g_fini(void)376 smb_server_g_fini(void)
377 {
378
379 ASSERT(smb_llist_get_count(&smb_servers) == 0);
380
381 smb_llist_fini();
382
383 kmem_cache_destroy(smb_cache_request);
384 kmem_cache_destroy(smb_cache_session);
385 kmem_cache_destroy(smb_cache_user);
386 kmem_cache_destroy(smb_cache_tree);
387 kmem_cache_destroy(smb_cache_ofile);
388 kmem_cache_destroy(smb_cache_odir);
389 kmem_cache_destroy(smb_cache_opipe);
390 kmem_cache_destroy(smb_cache_event);
391 kmem_cache_destroy(smb_cache_lock);
392
393 smb2_lease_fini();
394 smb_node_fini();
395 smb_mbc_fini();
396 smb_codepage_fini();
397 smb_kshare_g_fini();
398
399 smb_fem_fini();
400 smb_vop_fini();
401
402 smb_llist_destructor(&smb_servers);
403 }
404
405 /*
406 * smb_server_create
407 *
408 * Called by driver open
409 *
410 * This function will fail if there's already a server associated with the
411 * caller's zone.
412 *
413 * This object is one-to-one with zones, so we could instead
414 * create/destroy this via zone_key_create callbacks.
415 * See smb_server_delete() for destruction.
416 */
417 int
smb_server_create(dev_t dev)418 smb_server_create(dev_t dev)
419 {
420 zoneid_t zid;
421 smb_server_t *sv;
422
423 zid = getzoneid();
424
425 smb_llist_enter(&smb_servers, RW_WRITER);
426 sv = smb_llist_head(&smb_servers);
427 while (sv != NULL) {
428 SMB_SERVER_VALID(sv);
429 if (sv->sv_zid == zid) {
430 smb_llist_exit(&smb_servers);
431 return (SET_ERROR(EBUSY));
432 }
433 sv = smb_llist_next(&smb_servers, sv);
434 }
435
436 sv = kmem_zalloc(sizeof (smb_server_t), KM_SLEEP);
437
438 sv->sv_magic = SMB_SERVER_MAGIC;
439 sv->sv_state = SMB_SERVER_STATE_CREATED;
440 sv->sv_zid = zid;
441 sv->sv_pid = ddi_get_pid();
442 sv->sv_dev = dev;
443 sv->sv_proc_state = SMB_THREAD_STATE_EXITED;
444
445 mutex_init(&sv->sv_mutex, NULL, MUTEX_DEFAULT, NULL);
446 cv_init(&sv->sv_cv, NULL, CV_DEFAULT, NULL);
447 cv_init(&sv->sp_info.sp_cv, NULL, CV_DEFAULT, NULL);
448
449 sv->sv_persistid_ht = smb_hash_create(sizeof (smb_ofile_t),
450 offsetof(smb_ofile_t, f_dh_lnd), SMB_OFILE_HASH_NBUCKETS);
451
452 sv->sv_lease_ht = smb_hash_create(sizeof (smb_lease_t),
453 offsetof(smb_lease_t, ls_lnd), SMB_LEASE_HASH_NBUCKETS);
454
455 smb_llist_constructor(&sv->sv_session_list, sizeof (smb_session_t),
456 offsetof(smb_session_t, s_lnd));
457
458 smb_llist_constructor(&sv->sv_event_list, sizeof (smb_event_t),
459 offsetof(smb_event_t, se_lnd));
460
461 smb_llist_constructor(&sv->sp_info.sp_list, sizeof (smb_kspooldoc_t),
462 offsetof(smb_kspooldoc_t, sd_lnd));
463
464 smb_llist_constructor(&sv->sp_info.sp_fidlist,
465 sizeof (smb_spoolfid_t), offsetof(smb_spoolfid_t, sf_lnd));
466
467 sv->sv_disp_stats1 = kmem_zalloc(SMB_COM_NUM *
468 sizeof (smb_disp_stats_t), KM_SLEEP);
469
470 sv->sv_disp_stats2 = kmem_zalloc(SMB2__NCMDS *
471 sizeof (smb_disp_stats_t), KM_SLEEP);
472
473 smb_thread_init(&sv->si_thread_timers, "smb_timers",
474 smb_server_timers, sv, smbsrv_timer_pri, sv);
475
476 smb_srqueue_init(&sv->sv_srqueue);
477
478 smb_kdoor_init(sv);
479 smb_kshare_init(sv);
480 smb_server_kstat_init(sv);
481
482 smb_threshold_init(&sv->sv_ssetup_ct, SMB_SSETUP_CMD,
483 smb_ssetup_threshold, smb_ssetup_timeout);
484 smb_threshold_init(&sv->sv_tcon_ct, SMB_TCON_CMD,
485 smb_tcon_threshold, smb_tcon_timeout);
486 smb_threshold_init(&sv->sv_opipe_ct, SMB_OPIPE_CMD,
487 smb_opipe_threshold, smb_opipe_timeout);
488 smb_threshold_init(&sv->sv_logoff_ct, SMB_LOGOFF_CMD,
489 smb_logoff_threshold, smb_logoff_timeout);
490
491 smb_llist_insert_tail(&smb_servers, sv);
492 smb_llist_exit(&smb_servers);
493
494 return (0);
495 }
496
497 /*
498 * smb_server_delete
499 *
500 * Called by driver close
501 *
502 * This function will delete the server passed in. It will make sure that all
503 * activity associated that server has ceased before destroying it.
504 */
505 int
smb_server_delete(smb_server_t * sv)506 smb_server_delete(smb_server_t *sv)
507 {
508
509 mutex_enter(&sv->sv_mutex);
510 switch (sv->sv_state) {
511 case SMB_SERVER_STATE_RUNNING:
512 sv->sv_state = SMB_SERVER_STATE_STOPPING;
513 mutex_exit(&sv->sv_mutex);
514 smb_server_shutdown(sv);
515 mutex_enter(&sv->sv_mutex);
516 cv_broadcast(&sv->sp_info.sp_cv);
517 sv->sv_state = SMB_SERVER_STATE_DELETING;
518 break;
519 case SMB_SERVER_STATE_STOPPING:
520 sv->sv_state = SMB_SERVER_STATE_DELETING;
521 break;
522 case SMB_SERVER_STATE_CONFIGURED:
523 case SMB_SERVER_STATE_CREATED:
524 sv->sv_state = SMB_SERVER_STATE_DELETING;
525 break;
526 default:
527 SMB_SERVER_STATE_VALID(sv->sv_state);
528 mutex_exit(&sv->sv_mutex);
529 smb_server_release(sv);
530 return (ENOTTY);
531 }
532
533 ASSERT(sv->sv_state == SMB_SERVER_STATE_DELETING);
534
535 sv->sv_refcnt--;
536 while (sv->sv_refcnt)
537 cv_wait(&sv->sv_cv, &sv->sv_mutex);
538
539 mutex_exit(&sv->sv_mutex);
540
541 smb_llist_enter(&smb_servers, RW_WRITER);
542 smb_llist_remove(&smb_servers, sv);
543 smb_llist_exit(&smb_servers);
544
545 smb_threshold_fini(&sv->sv_ssetup_ct);
546 smb_threshold_fini(&sv->sv_tcon_ct);
547 smb_threshold_fini(&sv->sv_opipe_ct);
548 smb_threshold_fini(&sv->sv_logoff_ct);
549
550 smb_server_listener_destroy(&sv->sv_nbt_daemon);
551 smb_server_listener_destroy(&sv->sv_tcp_daemon);
552 rw_destroy(&sv->sv_cfg_lock);
553 smb_server_kstat_fini(sv);
554 smb_kshare_fini(sv);
555 smb_kdoor_fini(sv);
556 smb_llist_destructor(&sv->sv_event_list);
557 smb_llist_destructor(&sv->sv_session_list);
558
559 kmem_free(sv->sv_disp_stats1,
560 SMB_COM_NUM * sizeof (smb_disp_stats_t));
561
562 kmem_free(sv->sv_disp_stats2,
563 SMB2__NCMDS * sizeof (smb_disp_stats_t));
564
565 smb_srqueue_destroy(&sv->sv_srqueue);
566 smb_thread_destroy(&sv->si_thread_timers);
567
568 mutex_destroy(&sv->sv_mutex);
569 smb_hash_destroy(sv->sv_lease_ht);
570 smb_hash_destroy(sv->sv_persistid_ht);
571 cv_destroy(&sv->sv_cv);
572 sv->sv_magic = 0;
573 kmem_free(sv, sizeof (smb_server_t));
574
575 return (0);
576 }
577
578 /*
579 * smb_server_configure
580 *
581 * Called via SMB_IOC_CONFIG, for smbd startup or refresh.
582 */
583 int
smb_server_configure(smb_server_t * sv,smb_ioc_cfg_t * ioc)584 smb_server_configure(smb_server_t *sv, smb_ioc_cfg_t *ioc)
585 {
586 int rc = 0;
587
588 /*
589 * Reality check negotiation token length vs. #define'd maximum.
590 */
591 if (ioc->negtok_len > SMB_PI_MAX_NEGTOK)
592 return (EINVAL);
593
594 mutex_enter(&sv->sv_mutex);
595 switch (sv->sv_state) {
596 case SMB_SERVER_STATE_CREATED:
597 smb_server_store_cfg(sv, ioc);
598 sv->sv_state = SMB_SERVER_STATE_CONFIGURED;
599 break;
600
601 case SMB_SERVER_STATE_CONFIGURED:
602 smb_server_store_cfg(sv, ioc);
603 break;
604
605 case SMB_SERVER_STATE_RUNNING:
606 case SMB_SERVER_STATE_STOPPING:
607 rw_enter(&sv->sv_cfg_lock, RW_WRITER);
608 smb_server_store_cfg(sv, ioc);
609 rw_exit(&sv->sv_cfg_lock);
610 break;
611
612 default:
613 SMB_SERVER_STATE_VALID(sv->sv_state);
614 rc = EFAULT;
615 break;
616 }
617 mutex_exit(&sv->sv_mutex);
618
619 return (rc);
620 }
621
622 /*
623 * smb_server_start
624 *
625 * Called via SMB_IOC_START during smbd startup.
626 * Bring up the activities requried for SMB service.
627 */
628 int
smb_server_start(smb_server_t * sv,smb_ioc_start_t * ioc)629 smb_server_start(smb_server_t *sv, smb_ioc_start_t *ioc)
630 {
631 int rc = 0;
632 int family;
633 cred_t *ucr;
634 struct proc *tqproc;
635
636 mutex_enter(&sv->sv_mutex);
637 switch (sv->sv_state) {
638 case SMB_SERVER_STATE_CONFIGURED:
639
640 #ifdef _KERNEL
641 if (smb_create_process) {
642 rc = smb_server_newproc(sv);
643 if (rc != 0)
644 break;
645 }
646 #endif /* _KERNEL */
647
648 if ((rc = smb_server_fsop_start(sv)) != 0)
649 break;
650
651 /*
652 * Note: smb_kshare_start needs sv_session.
653 */
654 sv->sv_session = smb_session_create(NULL, 0, sv, 0);
655 if (sv->sv_session == NULL) {
656 rc = ENOMEM;
657 break;
658 }
659
660 /*
661 * Create a logon on the server session,
662 * used when importing CA shares.
663 */
664 sv->sv_rootuser = smb_user_new(sv->sv_session);
665 ucr = smb_kcred_create();
666 rc = smb_user_logon(sv->sv_rootuser, ucr, "", "root",
667 SMB_USER_FLAG_ADMIN, 0, 0);
668 crfree(ucr);
669 ucr = NULL;
670 if (rc != 0) {
671 cmn_err(CE_NOTE, "smb_server_start: "
672 "failed to create root user");
673 break;
674 }
675
676 if ((rc = smb_kshare_start(sv)) != 0)
677 break;
678
679 /*
680 * Create our taskq's (thread pools)
681 *
682 * NB: the proc passed here has to be a "system" one.
683 * Normally that's p0, or the NGZ eqivalent.
684 *
685 * The notify pool is sized at a quarter the number of
686 * worker threads (instead of another config item).
687 */
688 tqproc = (sv->sv_proc_p != NULL) ?
689 sv->sv_proc_p : curzone->zone_zsched;
690
691 sv->sv_notify_pool = taskq_create_proc("smb_notify",
692 sv->sv_cfg.skc_maxworkers / 4, smbsrv_notify_pri,
693 sv->sv_cfg.skc_maxworkers / 4, INT_MAX,
694 tqproc, TASKQ_DYNAMIC|TASKQ_THREADS_LWP);
695
696 sv->sv_worker_pool = taskq_create_proc("smb_workers",
697 sv->sv_cfg.skc_maxworkers, smbsrv_worker_pri,
698 sv->sv_cfg.skc_maxworkers, INT_MAX,
699 tqproc, TASKQ_DYNAMIC|TASKQ_THREADS_LWP);
700
701 sv->sv_receiver_pool = taskq_create_proc("smb_receivers",
702 sv->sv_cfg.skc_maxconnections, smbsrv_receive_pri,
703 sv->sv_cfg.skc_maxconnections, INT_MAX,
704 tqproc, TASKQ_DYNAMIC|TASKQ_THREADS_LWP);
705
706 if (sv->sv_notify_pool == NULL ||
707 sv->sv_worker_pool == NULL ||
708 sv->sv_receiver_pool == NULL) {
709 rc = ENOMEM;
710 break;
711 }
712
713 #ifdef _KERNEL
714 ASSERT(sv->sv_lmshrd == NULL);
715 sv->sv_lmshrd = smb_kshare_door_init(ioc->lmshrd);
716 if (sv->sv_lmshrd == NULL)
717 break;
718 if ((rc = smb_kdoor_open(sv, ioc->udoor)) != 0) {
719 cmn_err(CE_WARN, "Cannot open smbd door");
720 break;
721 }
722 #else /* _KERNEL */
723 /* Fake kernel does not use the kshare_door */
724 fksmb_kdoor_open(sv, ioc->udoor_func);
725 #endif /* _KERNEL */
726
727 if ((rc = smb_thread_start(&sv->si_thread_timers)) != 0)
728 break;
729
730 family = AF_INET;
731 smb_server_listener_init(sv, &sv->sv_nbt_daemon,
732 "smb_nbt_listener", IPPORT_NETBIOS_SSN, family);
733 if (sv->sv_cfg.skc_ipv6_enable)
734 family = AF_INET6;
735 smb_server_listener_init(sv, &sv->sv_tcp_daemon,
736 "smb_tcp_listener", IPPORT_SMB, family);
737 rc = smb_server_listener_start(&sv->sv_tcp_daemon);
738 if (rc != 0)
739 break;
740 if (sv->sv_cfg.skc_netbios_enable)
741 (void) smb_server_listener_start(&sv->sv_nbt_daemon);
742
743 sv->sv_state = SMB_SERVER_STATE_RUNNING;
744 sv->sv_start_time = gethrtime();
745 mutex_exit(&sv->sv_mutex);
746 smb_export_start(sv);
747 return (0);
748 default:
749 SMB_SERVER_STATE_VALID(sv->sv_state);
750 mutex_exit(&sv->sv_mutex);
751 return (ENOTTY);
752 }
753
754 mutex_exit(&sv->sv_mutex);
755 smb_server_shutdown(sv);
756 return (rc);
757 }
758
759 /*
760 * An smbd is shutting down.
761 */
762 int
smb_server_stop(smb_server_t * sv)763 smb_server_stop(smb_server_t *sv)
764 {
765
766 mutex_enter(&sv->sv_mutex);
767 switch (sv->sv_state) {
768 case SMB_SERVER_STATE_RUNNING:
769 sv->sv_state = SMB_SERVER_STATE_STOPPING;
770 mutex_exit(&sv->sv_mutex);
771 smb_server_shutdown(sv);
772 mutex_enter(&sv->sv_mutex);
773 cv_broadcast(&sv->sp_info.sp_cv);
774 break;
775 default:
776 SMB_SERVER_STATE_VALID(sv->sv_state);
777 break;
778 }
779 mutex_exit(&sv->sv_mutex);
780
781 return (0);
782 }
783
784 boolean_t
smb_server_is_stopping(smb_server_t * sv)785 smb_server_is_stopping(smb_server_t *sv)
786 {
787 boolean_t status;
788
789 SMB_SERVER_VALID(sv);
790
791 mutex_enter(&sv->sv_mutex);
792
793 switch (sv->sv_state) {
794 case SMB_SERVER_STATE_STOPPING:
795 case SMB_SERVER_STATE_DELETING:
796 status = B_TRUE;
797 break;
798 default:
799 status = B_FALSE;
800 break;
801 }
802
803 mutex_exit(&sv->sv_mutex);
804 return (status);
805 }
806
807 void
smb_server_cancel_event(smb_server_t * sv,uint32_t txid)808 smb_server_cancel_event(smb_server_t *sv, uint32_t txid)
809 {
810 smb_event_cancel(sv, txid);
811 }
812
813 int
smb_server_notify_event(smb_server_t * sv,smb_ioc_event_t * ioc)814 smb_server_notify_event(smb_server_t *sv, smb_ioc_event_t *ioc)
815 {
816
817 smb_event_notify(sv, ioc->txid);
818
819 return (0);
820 }
821
822 /*
823 * smb_server_spooldoc
824 *
825 * Waits for print file close broadcast.
826 * Gets the head of the fid list,
827 * then searches the spooldoc list and returns
828 * this info via the ioctl to user land.
829 *
830 * rc - 0 success
831 */
832 int
smb_server_spooldoc(smb_server_t * sv,smb_ioc_spooldoc_t * ioc)833 smb_server_spooldoc(smb_server_t *sv, smb_ioc_spooldoc_t *ioc)
834 {
835 int rc = 0;
836 smb_kspooldoc_t *spdoc;
837 uint16_t fid;
838
839 if (sv->sv_cfg.skc_print_enable == 0) {
840 rc = ENOTTY;
841 goto out;
842 }
843
844 mutex_enter(&sv->sv_mutex);
845 for (;;) {
846 if (sv->sv_state != SMB_SERVER_STATE_RUNNING) {
847 rc = ECANCELED;
848 break;
849 }
850 if ((fid = smb_spool_get_fid(sv)) != 0) {
851 rc = 0;
852 break;
853 }
854 if (cv_wait_sig(&sv->sp_info.sp_cv, &sv->sv_mutex) == 0) {
855 rc = EINTR;
856 break;
857 }
858 }
859 mutex_exit(&sv->sv_mutex);
860 if (rc != 0)
861 goto out;
862
863 spdoc = kmem_zalloc(sizeof (*spdoc), KM_SLEEP);
864 if (smb_spool_lookup_doc_byfid(sv, fid, spdoc)) {
865 ioc->spool_num = spdoc->sd_spool_num;
866 ioc->ipaddr = spdoc->sd_ipaddr;
867 (void) strlcpy(ioc->path, spdoc->sd_path,
868 MAXPATHLEN);
869 (void) strlcpy(ioc->username,
870 spdoc->sd_username, MAXNAMELEN);
871 } else {
872 /* Did not find that print job. */
873 rc = EAGAIN;
874 }
875 kmem_free(spdoc, sizeof (*spdoc));
876
877 out:
878 return (rc);
879 }
880
881 int
smb_server_set_gmtoff(smb_server_t * sv,smb_ioc_gmt_t * ioc)882 smb_server_set_gmtoff(smb_server_t *sv, smb_ioc_gmt_t *ioc)
883 {
884
885 sv->si_gmtoff = ioc->offset;
886
887 return (0);
888 }
889
890 int
smb_server_numopen(smb_server_t * sv,smb_ioc_opennum_t * ioc)891 smb_server_numopen(smb_server_t *sv, smb_ioc_opennum_t *ioc)
892 {
893
894 ioc->open_users = sv->sv_users;
895 ioc->open_trees = sv->sv_trees;
896 ioc->open_files = sv->sv_files + sv->sv_pipes;
897
898 return (0);
899 }
900
901 /*
902 * Enumerate objects within the server. The svcenum provides the
903 * enumeration context, i.e. what the caller want to get back.
904 */
905 int
smb_server_enum(smb_server_t * sv,smb_ioc_svcenum_t * ioc)906 smb_server_enum(smb_server_t *sv, smb_ioc_svcenum_t *ioc)
907 {
908 smb_svcenum_t *svcenum = &ioc->svcenum;
909 int rc = 0;
910
911 /*
912 * Reality check that the buffer-length insize the enum doesn't
913 * overrun the ioctl's total length.
914 */
915 if (svcenum->se_buflen + sizeof (*ioc) > ioc->hdr.len)
916 return (EINVAL);
917
918 svcenum->se_bavail = svcenum->se_buflen;
919 svcenum->se_bused = 0;
920 svcenum->se_nitems = 0;
921
922 switch (svcenum->se_type) {
923 case SMB_SVCENUM_TYPE_USER:
924 smb_server_enum_users(sv, svcenum);
925 break;
926 case SMB_SVCENUM_TYPE_TREE:
927 case SMB_SVCENUM_TYPE_FILE:
928 smb_server_enum_trees(sv, svcenum);
929 break;
930 default:
931 rc = EINVAL;
932 }
933
934 return (rc);
935 }
936
937 /*
938 * Look for sessions to disconnect by client and user name.
939 */
940 int
smb_server_session_close(smb_server_t * sv,smb_ioc_session_t * ioc)941 smb_server_session_close(smb_server_t *sv, smb_ioc_session_t *ioc)
942 {
943 int cnt;
944
945 cnt = smb_server_session_disconnect(sv, ioc->client, ioc->username);
946
947 if (cnt == 0)
948 return (ENOENT);
949 return (0);
950 }
951
952 /*
953 * Close a file by uniqid.
954 */
955 int
smb_server_file_close(smb_server_t * sv,smb_ioc_fileid_t * ioc)956 smb_server_file_close(smb_server_t *sv, smb_ioc_fileid_t *ioc)
957 {
958 uint32_t uniqid = ioc->uniqid;
959 int rc;
960
961 rc = smb_server_fclose(sv, uniqid);
962 return (rc);
963 }
964
965 /*
966 * These functions determine the relevant smb server to which the call apply.
967 */
968
969 uint32_t
smb_server_get_session_count(smb_server_t * sv)970 smb_server_get_session_count(smb_server_t *sv)
971 {
972 uint32_t counter = 0;
973
974 counter = smb_llist_get_count(&sv->sv_session_list);
975
976 return (counter);
977 }
978
979 /*
980 * Gets the smb_node of the specified share path.
981 * Node is returned held (caller must rele.)
982 */
983 int
smb_server_share_lookup(smb_server_t * sv,const char * shr_path,smb_node_t ** nodepp)984 smb_server_share_lookup(smb_server_t *sv, const char *shr_path,
985 smb_node_t **nodepp)
986 {
987 smb_request_t *sr;
988 smb_node_t *fnode = NULL;
989 smb_node_t *dnode = NULL;
990 char last_comp[MAXNAMELEN];
991 int rc = 0;
992
993 ASSERT(shr_path);
994
995 mutex_enter(&sv->sv_mutex);
996 switch (sv->sv_state) {
997 case SMB_SERVER_STATE_RUNNING:
998 break;
999 default:
1000 mutex_exit(&sv->sv_mutex);
1001 return (ENOTACTIVE);
1002 }
1003 mutex_exit(&sv->sv_mutex);
1004
1005 if ((sr = smb_request_alloc(sv->sv_session, 0)) == NULL) {
1006 return (ENOTCONN);
1007 }
1008 sr->user_cr = zone_kcred();
1009
1010 rc = smb_pathname_reduce(sr, sr->user_cr, shr_path,
1011 NULL, NULL, &dnode, last_comp);
1012
1013 if (rc == 0) {
1014 rc = smb_fsop_lookup(sr, sr->user_cr, SMB_FOLLOW_LINKS,
1015 sv->si_root_smb_node, dnode, last_comp, &fnode);
1016 smb_node_release(dnode);
1017 }
1018
1019 smb_request_free(sr);
1020
1021 if (rc != 0)
1022 return (rc);
1023
1024 ASSERT(fnode->vp && fnode->vp->v_vfsp);
1025
1026 *nodepp = fnode;
1027
1028 return (0);
1029 }
1030
1031 #ifdef _KERNEL
1032 /*
1033 * This is a special interface that will be utilized by ZFS to cause a share to
1034 * be added/removed.
1035 *
1036 * arg is either a lmshare_info_t or share_name from userspace.
1037 * It will need to be copied into the kernel. It is lmshare_info_t
1038 * for add operations and share_name for delete operations.
1039 */
1040 int
smb_server_share(void * arg,boolean_t add_share)1041 smb_server_share(void *arg, boolean_t add_share)
1042 {
1043 smb_server_t *sv;
1044 int rc;
1045
1046 if ((rc = smb_server_lookup(&sv)) == 0) {
1047 mutex_enter(&sv->sv_mutex);
1048 switch (sv->sv_state) {
1049 case SMB_SERVER_STATE_RUNNING:
1050 mutex_exit(&sv->sv_mutex);
1051 (void) smb_kshare_upcall(sv->sv_lmshrd, arg, add_share);
1052 break;
1053 default:
1054 mutex_exit(&sv->sv_mutex);
1055 break;
1056 }
1057 smb_server_release(sv);
1058 }
1059
1060 return (rc);
1061 }
1062 #endif /* _KERNEL */
1063
1064 int
smb_server_unshare(const char * sharename)1065 smb_server_unshare(const char *sharename)
1066 {
1067 smb_server_t *sv;
1068 int rc;
1069
1070 if ((rc = smb_server_lookup(&sv)))
1071 return (rc);
1072
1073 mutex_enter(&sv->sv_mutex);
1074 switch (sv->sv_state) {
1075 case SMB_SERVER_STATE_RUNNING:
1076 case SMB_SERVER_STATE_STOPPING:
1077 break;
1078 default:
1079 mutex_exit(&sv->sv_mutex);
1080 smb_server_release(sv);
1081 return (ENOTACTIVE);
1082 }
1083 mutex_exit(&sv->sv_mutex);
1084
1085 smb_server_disconnect_share(sv, sharename);
1086
1087 smb_server_release(sv);
1088 return (0);
1089 }
1090
1091 /*
1092 * Disconnect the specified share.
1093 * Typically called when a share has been removed.
1094 */
1095 static void
smb_server_disconnect_share(smb_server_t * sv,const char * sharename)1096 smb_server_disconnect_share(smb_server_t *sv, const char *sharename)
1097 {
1098 smb_llist_t *ll;
1099 smb_session_t *session;
1100
1101 ll = &sv->sv_session_list;
1102 smb_llist_enter(ll, RW_READER);
1103
1104 session = smb_llist_head(ll);
1105 while (session) {
1106 SMB_SESSION_VALID(session);
1107 smb_rwx_rwenter(&session->s_lock, RW_READER);
1108 switch (session->s_state) {
1109 case SMB_SESSION_STATE_NEGOTIATED:
1110 smb_rwx_rwexit(&session->s_lock);
1111 smb_session_disconnect_share(session, sharename);
1112 break;
1113 default:
1114 smb_rwx_rwexit(&session->s_lock);
1115 break;
1116 }
1117 session = smb_llist_next(ll, session);
1118 }
1119
1120 smb_llist_exit(ll);
1121 }
1122
1123 #ifdef _KERNEL
1124
1125 /*
1126 * Create a process to own SMB server threads (like zfs spa.c)
1127 * so we can see the CPU usage etc. with "prstat -L".
1128 * The new process MUST be in the same zone as the caller.
1129 */
1130 static int
smb_server_newproc(smb_server_t * sv)1131 smb_server_newproc(smb_server_t *sv)
1132 {
1133 int rc;
1134
1135 /*
1136 * Todo: Fix newproc() for zones.
1137 * At present, it always creates in p0.
1138 * For now, only do this for the global zone.
1139 */
1140 if (getzoneid() != GLOBAL_ZONEID)
1141 return (0);
1142
1143 mutex_enter(&sv->sv_proc_lock);
1144 if (sv->sv_proc_p != NULL) {
1145 /* restart? re-use proc */
1146 rc = 0;
1147 goto out;
1148 }
1149
1150 sv->sv_proc_state = SMB_THREAD_STATE_STARTING;
1151 rc = newproc(smb_server_proc_main, (caddr_t)sv,
1152 syscid, smbsrv_base_pri, NULL, 0);
1153 if (rc != 0) {
1154 cmn_err(CE_WARN, "newproc failed, rc=%d", rc);
1155 goto out;
1156 }
1157
1158 /* Rendez-vous with new proc thread. */
1159 while (sv->sv_proc_state == SMB_THREAD_STATE_STARTING) {
1160 cv_wait(&sv->sv_proc_cv, &sv->sv_proc_lock);
1161
1162 }
1163 if (sv->sv_proc_state != SMB_THREAD_STATE_RUNNING) {
1164 rc = ESRCH;
1165 goto out;
1166 }
1167 ASSERT(sv->sv_proc_p != NULL);
1168
1169 out:
1170 mutex_exit(&sv->sv_proc_lock);
1171 return (rc);
1172 }
1173
1174 /*
1175 * Main thread for the process we create to own SMB server threads.
1176 */
1177 static void
smb_server_proc_main(void * arg)1178 smb_server_proc_main(void *arg)
1179 {
1180 callb_cpr_t cprinfo;
1181 smb_server_t *sv = arg;
1182 user_t *pu = PTOU(curproc);
1183 zoneid_t zid = getzoneid();
1184
1185 ASSERT(curproc != &p0);
1186 ASSERT(zid == sv->sv_zid);
1187
1188 (void) strlcpy(pu->u_comm, "smbsrv", sizeof (pu->u_comm));
1189 (void) snprintf(pu->u_psargs, sizeof (pu->u_psargs),
1190 "smbsrv %d", (int)zid);
1191
1192 CALLB_CPR_INIT(&cprinfo, &sv->sv_proc_lock, callb_generic_cpr,
1193 pu->u_psargs);
1194
1195 mutex_enter(&sv->sv_proc_lock);
1196 ASSERT(sv->sv_proc_state == SMB_THREAD_STATE_STARTING);
1197
1198 sv->sv_proc_p = curproc;
1199 sv->sv_proc_did = curthread->t_did;
1200
1201 sv->sv_proc_state = SMB_THREAD_STATE_RUNNING;
1202 cv_broadcast(&sv->sv_proc_cv);
1203
1204 CALLB_CPR_SAFE_BEGIN(&cprinfo);
1205 while (sv->sv_proc_state == SMB_THREAD_STATE_RUNNING)
1206 cv_wait(&sv->sv_proc_cv, &sv->sv_proc_lock);
1207 CALLB_CPR_SAFE_END(&cprinfo, &sv->sv_proc_lock);
1208
1209 ASSERT(sv->sv_proc_state == SMB_THREAD_STATE_EXITING);
1210 sv->sv_proc_state = SMB_THREAD_STATE_EXITED;
1211 sv->sv_proc_p = NULL;
1212 cv_broadcast(&sv->sv_proc_cv);
1213 CALLB_CPR_EXIT(&cprinfo); /* mutex_exit sv_proc_lock */
1214
1215 /* Note: lwp_exit() expects p_lock entered. */
1216 mutex_enter(&curproc->p_lock);
1217 lwp_exit();
1218 }
1219
1220 /*
1221 * Delete the server proc (if any)
1222 */
1223 static void
smb_server_delproc(smb_server_t * sv)1224 smb_server_delproc(smb_server_t *sv)
1225 {
1226
1227 mutex_enter(&sv->sv_proc_lock);
1228
1229 if (sv->sv_proc_state != SMB_THREAD_STATE_RUNNING)
1230 goto out;
1231 ASSERT(sv->sv_proc_p != NULL);
1232
1233 sv->sv_proc_state = SMB_THREAD_STATE_EXITING;
1234 cv_broadcast(&sv->sv_proc_cv);
1235
1236 /* Rendez-vous with proc thread. */
1237 while (sv->sv_proc_state == SMB_THREAD_STATE_EXITING) {
1238 cv_wait(&sv->sv_proc_cv, &sv->sv_proc_lock);
1239
1240 }
1241 if (sv->sv_proc_state != SMB_THREAD_STATE_EXITED) {
1242 cmn_err(CE_WARN, "smb_server_delproc, state=%d",
1243 sv->sv_proc_state);
1244 goto out;
1245 }
1246 if (sv->sv_proc_did != 0) {
1247 thread_join(sv->sv_proc_did);
1248 sv->sv_proc_did = 0;
1249 }
1250
1251 out:
1252 mutex_exit(&sv->sv_proc_lock);
1253 }
1254
1255 #endif /* _KERNEL */
1256
1257 /*
1258 * *****************************************************************************
1259 * **************** Functions called from the internal layers ******************
1260 * *****************************************************************************
1261 *
1262 * These functions are provided the relevant smb server by the caller.
1263 */
1264
1265 void
smb_server_get_cfg(smb_server_t * sv,smb_kmod_cfg_t * cfg)1266 smb_server_get_cfg(smb_server_t *sv, smb_kmod_cfg_t *cfg)
1267 {
1268 rw_enter(&sv->sv_cfg_lock, RW_READER);
1269 bcopy(&sv->sv_cfg, cfg, sizeof (*cfg));
1270 rw_exit(&sv->sv_cfg_lock);
1271 }
1272
1273 /*
1274 *
1275 */
1276 void
smb_server_inc_nbt_sess(smb_server_t * sv)1277 smb_server_inc_nbt_sess(smb_server_t *sv)
1278 {
1279 SMB_SERVER_VALID(sv);
1280 atomic_inc_32(&sv->sv_nbt_sess);
1281 }
1282
1283 void
smb_server_dec_nbt_sess(smb_server_t * sv)1284 smb_server_dec_nbt_sess(smb_server_t *sv)
1285 {
1286 SMB_SERVER_VALID(sv);
1287 atomic_dec_32(&sv->sv_nbt_sess);
1288 }
1289
1290 void
smb_server_inc_tcp_sess(smb_server_t * sv)1291 smb_server_inc_tcp_sess(smb_server_t *sv)
1292 {
1293 SMB_SERVER_VALID(sv);
1294 atomic_inc_32(&sv->sv_tcp_sess);
1295 }
1296
1297 void
smb_server_dec_tcp_sess(smb_server_t * sv)1298 smb_server_dec_tcp_sess(smb_server_t *sv)
1299 {
1300 SMB_SERVER_VALID(sv);
1301 atomic_dec_32(&sv->sv_tcp_sess);
1302 }
1303
1304 void
smb_server_inc_users(smb_server_t * sv)1305 smb_server_inc_users(smb_server_t *sv)
1306 {
1307 SMB_SERVER_VALID(sv);
1308 atomic_inc_32(&sv->sv_users);
1309 }
1310
1311 void
smb_server_dec_users(smb_server_t * sv)1312 smb_server_dec_users(smb_server_t *sv)
1313 {
1314 SMB_SERVER_VALID(sv);
1315 atomic_dec_32(&sv->sv_users);
1316 }
1317
1318 void
smb_server_inc_trees(smb_server_t * sv)1319 smb_server_inc_trees(smb_server_t *sv)
1320 {
1321 SMB_SERVER_VALID(sv);
1322 atomic_inc_32(&sv->sv_trees);
1323 }
1324
1325 void
smb_server_dec_trees(smb_server_t * sv)1326 smb_server_dec_trees(smb_server_t *sv)
1327 {
1328 SMB_SERVER_VALID(sv);
1329 atomic_dec_32(&sv->sv_trees);
1330 }
1331
1332 void
smb_server_inc_files(smb_server_t * sv)1333 smb_server_inc_files(smb_server_t *sv)
1334 {
1335 SMB_SERVER_VALID(sv);
1336 atomic_inc_32(&sv->sv_files);
1337 }
1338
1339 void
smb_server_dec_files(smb_server_t * sv)1340 smb_server_dec_files(smb_server_t *sv)
1341 {
1342 SMB_SERVER_VALID(sv);
1343 atomic_dec_32(&sv->sv_files);
1344 }
1345
1346 void
smb_server_inc_pipes(smb_server_t * sv)1347 smb_server_inc_pipes(smb_server_t *sv)
1348 {
1349 SMB_SERVER_VALID(sv);
1350 atomic_inc_32(&sv->sv_pipes);
1351 }
1352
1353 void
smb_server_dec_pipes(smb_server_t * sv)1354 smb_server_dec_pipes(smb_server_t *sv)
1355 {
1356 SMB_SERVER_VALID(sv);
1357 atomic_dec_32(&sv->sv_pipes);
1358 }
1359
1360 void
smb_server_add_rxb(smb_server_t * sv,int64_t value)1361 smb_server_add_rxb(smb_server_t *sv, int64_t value)
1362 {
1363 SMB_SERVER_VALID(sv);
1364 atomic_add_64(&sv->sv_rxb, value);
1365 }
1366
1367 void
smb_server_add_txb(smb_server_t * sv,int64_t value)1368 smb_server_add_txb(smb_server_t *sv, int64_t value)
1369 {
1370 SMB_SERVER_VALID(sv);
1371 atomic_add_64(&sv->sv_txb, value);
1372 }
1373
1374 void
smb_server_inc_req(smb_server_t * sv)1375 smb_server_inc_req(smb_server_t *sv)
1376 {
1377 SMB_SERVER_VALID(sv);
1378 atomic_inc_64(&sv->sv_nreq);
1379 }
1380
1381 /*
1382 * *****************************************************************************
1383 * *************************** Static Functions ********************************
1384 * *****************************************************************************
1385 */
1386
1387 static void
smb_server_timers(smb_thread_t * thread,void * arg)1388 smb_server_timers(smb_thread_t *thread, void *arg)
1389 {
1390 smb_server_t *sv = (smb_server_t *)arg;
1391
1392 ASSERT(sv != NULL);
1393
1394 /*
1395 * This kills old inactive sessions and expired durable
1396 * handles. The session code expects one call per minute.
1397 */
1398 while (smb_thread_continue_timedwait(thread, 60 /* Seconds */)) {
1399 if (sv->sv_cfg.skc_keepalive != 0)
1400 smb_session_timers(sv);
1401 smb2_durable_timers(sv);
1402 }
1403 }
1404
1405 /*
1406 * smb_server_kstat_init
1407 */
1408 static void
smb_server_kstat_init(smb_server_t * sv)1409 smb_server_kstat_init(smb_server_t *sv)
1410 {
1411
1412 sv->sv_ksp = kstat_create_zone(SMBSRV_KSTAT_MODULE, 0,
1413 SMBSRV_KSTAT_STATISTICS, SMBSRV_KSTAT_CLASS, KSTAT_TYPE_RAW,
1414 sizeof (smbsrv_kstats_t), 0, sv->sv_zid);
1415
1416 if (sv->sv_ksp != NULL) {
1417 sv->sv_ksp->ks_update = smb_server_kstat_update;
1418 sv->sv_ksp->ks_private = sv;
1419 ((smbsrv_kstats_t *)sv->sv_ksp->ks_data)->ks_start_time =
1420 sv->sv_start_time;
1421 smb_dispatch_stats_init(sv);
1422 smb2_dispatch_stats_init(sv);
1423 kstat_install(sv->sv_ksp);
1424 } else {
1425 cmn_err(CE_WARN, "SMB Server: Statistics unavailable");
1426 }
1427
1428 sv->sv_legacy_ksp = kstat_create_zone(SMBSRV_KSTAT_MODULE, 0,
1429 SMBSRV_KSTAT_NAME, SMBSRV_KSTAT_CLASS, KSTAT_TYPE_NAMED,
1430 sizeof (smb_server_legacy_kstat_t) / sizeof (kstat_named_t),
1431 0, sv->sv_zid);
1432
1433 if (sv->sv_legacy_ksp != NULL) {
1434 smb_server_legacy_kstat_t *ksd;
1435
1436 ksd = sv->sv_legacy_ksp->ks_data;
1437
1438 (void) strlcpy(ksd->ls_files.name, "open_files",
1439 sizeof (ksd->ls_files.name));
1440 ksd->ls_files.data_type = KSTAT_DATA_UINT32;
1441
1442 (void) strlcpy(ksd->ls_trees.name, "connections",
1443 sizeof (ksd->ls_trees.name));
1444 ksd->ls_trees.data_type = KSTAT_DATA_UINT32;
1445
1446 (void) strlcpy(ksd->ls_users.name, "connections",
1447 sizeof (ksd->ls_users.name));
1448 ksd->ls_users.data_type = KSTAT_DATA_UINT32;
1449
1450 mutex_init(&sv->sv_legacy_ksmtx, NULL, MUTEX_DEFAULT, NULL);
1451 sv->sv_legacy_ksp->ks_lock = &sv->sv_legacy_ksmtx;
1452 sv->sv_legacy_ksp->ks_update = smb_server_legacy_kstat_update;
1453 kstat_install(sv->sv_legacy_ksp);
1454 }
1455 }
1456
1457 /*
1458 * smb_server_kstat_fini
1459 */
1460 static void
smb_server_kstat_fini(smb_server_t * sv)1461 smb_server_kstat_fini(smb_server_t *sv)
1462 {
1463 if (sv->sv_legacy_ksp != NULL) {
1464 kstat_delete(sv->sv_legacy_ksp);
1465 mutex_destroy(&sv->sv_legacy_ksmtx);
1466 sv->sv_legacy_ksp = NULL;
1467 }
1468
1469 if (sv->sv_ksp != NULL) {
1470 kstat_delete(sv->sv_ksp);
1471 sv->sv_ksp = NULL;
1472 smb_dispatch_stats_fini(sv);
1473 smb2_dispatch_stats_fini(sv);
1474 }
1475 }
1476
1477 /*
1478 * Verify the defines in smb_kstat.h used by ks_reqs1 ks_reqs2
1479 */
1480 CTASSERT(SMBSRV_KS_NREQS1 == SMB_COM_NUM);
1481 CTASSERT(SMBSRV_KS_NREQS2 == SMB2__NCMDS);
1482
1483 /*
1484 * smb_server_kstat_update
1485 */
1486 static int
smb_server_kstat_update(kstat_t * ksp,int rw)1487 smb_server_kstat_update(kstat_t *ksp, int rw)
1488 {
1489 smb_server_t *sv;
1490 smbsrv_kstats_t *ksd;
1491
1492 if (rw == KSTAT_READ) {
1493 sv = ksp->ks_private;
1494 SMB_SERVER_VALID(sv);
1495 ksd = (smbsrv_kstats_t *)ksp->ks_data;
1496 /*
1497 * Counters
1498 */
1499 ksd->ks_nbt_sess = sv->sv_nbt_sess;
1500 ksd->ks_tcp_sess = sv->sv_tcp_sess;
1501 ksd->ks_users = sv->sv_users;
1502 ksd->ks_trees = sv->sv_trees;
1503 ksd->ks_files = sv->sv_files;
1504 ksd->ks_pipes = sv->sv_pipes;
1505 /*
1506 * Throughput
1507 */
1508 ksd->ks_txb = sv->sv_txb;
1509 ksd->ks_rxb = sv->sv_rxb;
1510 ksd->ks_nreq = sv->sv_nreq;
1511 /*
1512 * Busyness
1513 */
1514 ksd->ks_maxreqs = sv->sv_cfg.skc_maxworkers;
1515 smb_srqueue_update(&sv->sv_srqueue,
1516 &ksd->ks_utilization);
1517 /*
1518 * Latency & Throughput of the requests
1519 */
1520 smb_dispatch_stats_update(sv, ksd->ks_reqs1, 0, SMB_COM_NUM);
1521 smb2_dispatch_stats_update(sv, ksd->ks_reqs2, 0, SMB2__NCMDS);
1522 return (0);
1523 }
1524 if (rw == KSTAT_WRITE)
1525 return (EACCES);
1526
1527 return (EIO);
1528 }
1529
1530 static int
smb_server_legacy_kstat_update(kstat_t * ksp,int rw)1531 smb_server_legacy_kstat_update(kstat_t *ksp, int rw)
1532 {
1533 smb_server_t *sv;
1534 smb_server_legacy_kstat_t *ksd;
1535 int rc;
1536
1537 switch (rw) {
1538 case KSTAT_WRITE:
1539 rc = EACCES;
1540 break;
1541 case KSTAT_READ:
1542 if (!smb_server_lookup(&sv)) {
1543 ASSERT(MUTEX_HELD(ksp->ks_lock));
1544 ASSERT(sv->sv_legacy_ksp == ksp);
1545 ksd = (smb_server_legacy_kstat_t *)ksp->ks_data;
1546 ksd->ls_files.value.ui32 = sv->sv_files + sv->sv_pipes;
1547 ksd->ls_trees.value.ui32 = sv->sv_trees;
1548 ksd->ls_users.value.ui32 = sv->sv_users;
1549 smb_server_release(sv);
1550 rc = 0;
1551 break;
1552 }
1553 /* FALLTHROUGH */
1554 default:
1555 rc = EIO;
1556 break;
1557 }
1558 return (rc);
1559
1560 }
1561
1562 int smb_server_shutdown_wait1 = 15; /* seconds */
1563
1564 /*
1565 * smb_server_shutdown
1566 */
1567 static void
smb_server_shutdown(smb_server_t * sv)1568 smb_server_shutdown(smb_server_t *sv)
1569 {
1570 smb_llist_t *sl = &sv->sv_session_list;
1571 smb_session_t *session;
1572 clock_t time0, time1, time2;
1573
1574 SMB_SERVER_VALID(sv);
1575
1576 /*
1577 * Stop the listeners first, so we can't get any more
1578 * new sessions while we're trying to shut down.
1579 */
1580 smb_server_listener_stop(&sv->sv_nbt_daemon);
1581 smb_server_listener_stop(&sv->sv_tcp_daemon);
1582
1583 /*
1584 * Disconnect all of the sessions. This causes all the
1585 * smb_server_receiver threads to see a disconnect and
1586 * begin tear-down (in parallel) in smb_session_cancel.
1587 */
1588 smb_llist_enter(sl, RW_READER);
1589 session = smb_llist_head(sl);
1590 while (session != NULL) {
1591 smb_session_disconnect(session);
1592 session = smb_llist_next(sl, session);
1593 }
1594 smb_llist_exit(sl);
1595
1596 /*
1597 * Wake up any threads we might have blocked.
1598 * Must precede kdoor_close etc. because those will
1599 * wait for such threads to get out.
1600 */
1601 smb_event_cancel(sv, 0);
1602 smb_threshold_wake_all(&sv->sv_ssetup_ct);
1603 smb_threshold_wake_all(&sv->sv_tcon_ct);
1604 smb_threshold_wake_all(&sv->sv_opipe_ct);
1605 smb_threshold_wake_all(&sv->sv_logoff_ct);
1606
1607 /*
1608 * Wait for the session list to empty.
1609 * (cv_signal in smb_server_destroy_session)
1610 *
1611 * We must wait for all the SMB session readers to finish, or
1612 * we could proceed here while there might be worker threads
1613 * running in any of those sessions. See smb_session_logoff
1614 * for timeouts applied to session tear-down. If this takes
1615 * longer than expected, make some noise, and fire a dtrace
1616 * probe one might use to investigate.
1617 */
1618 time0 = ddi_get_lbolt();
1619 time1 = SEC_TO_TICK(smb_server_shutdown_wait1) + time0;
1620 mutex_enter(&sv->sv_mutex);
1621 while (sv->sv_session_list.ll_count != 0) {
1622 if (cv_timedwait(&sv->sv_cv, &sv->sv_mutex, time1) < 0) {
1623 cmn_err(CE_NOTE, "!shutdown waited %d seconds"
1624 " with %d sessions still remaining",
1625 smb_server_shutdown_wait1,
1626 sv->sv_session_list.ll_count);
1627 DTRACE_PROBE1(max__wait, smb_server_t *, sv);
1628 break;
1629 }
1630 }
1631 while (sv->sv_session_list.ll_count != 0) {
1632 cv_wait(&sv->sv_cv, &sv->sv_mutex);
1633 }
1634 mutex_exit(&sv->sv_mutex);
1635
1636 time2 = ddi_get_lbolt();
1637 if (time2 > time1) {
1638 cmn_err(CE_NOTE, "!shutdown waited %d seconds"
1639 " for all sessions to finish",
1640 (int)TICK_TO_SEC(time2 - time0));
1641 }
1642
1643 smb_kdoor_close(sv);
1644 #ifdef _KERNEL
1645 smb_kshare_door_fini(sv->sv_lmshrd);
1646 #endif /* _KERNEL */
1647 sv->sv_lmshrd = NULL;
1648
1649 smb_export_stop(sv);
1650 smb_kshare_stop(sv);
1651 smb_thread_stop(&sv->si_thread_timers);
1652
1653 /*
1654 * Both kshare and the oplock break sub-systems may have
1655 * taskq jobs on the spcial "server" session, until we've
1656 * closed all ofiles and stopped the kshare exporter.
1657 * Now it's safe to destroy the server session, but first
1658 * wait for any requests on it to finish. Note that for
1659 * normal sessions, this happens in smb_session_cancel,
1660 * but that's not called for the server session.
1661 */
1662 if (sv->sv_rootuser != NULL) {
1663 smb_user_logoff(sv->sv_rootuser);
1664 smb_user_release(sv->sv_rootuser);
1665 sv->sv_rootuser = NULL;
1666 }
1667 if (sv->sv_session != NULL) {
1668 smb_session_cancel_requests(sv->sv_session, NULL, NULL);
1669 smb_slist_wait_for_empty(&sv->sv_session->s_req_list);
1670
1671 /* Just in case import left users and trees */
1672 smb_session_logoff(sv->sv_session);
1673
1674 smb_session_delete(sv->sv_session);
1675 sv->sv_session = NULL;
1676 }
1677
1678 if (sv->sv_receiver_pool != NULL) {
1679 taskq_destroy(sv->sv_receiver_pool);
1680 sv->sv_receiver_pool = NULL;
1681 }
1682
1683 if (sv->sv_worker_pool != NULL) {
1684 taskq_destroy(sv->sv_worker_pool);
1685 sv->sv_worker_pool = NULL;
1686 }
1687
1688 if (sv->sv_notify_pool != NULL) {
1689 taskq_destroy(sv->sv_notify_pool);
1690 sv->sv_notify_pool = NULL;
1691 }
1692
1693 /*
1694 * Clean out any durable handles. After this we should
1695 * have no ofiles remaining (and no more oplock breaks).
1696 */
1697 smb2_dh_shutdown(sv);
1698
1699 smb_server_fsop_stop(sv);
1700
1701 #ifdef _KERNEL
1702 if (sv->sv_proc_p != NULL) {
1703 smb_server_delproc(sv);
1704 }
1705 #endif
1706 }
1707
1708 /*
1709 * smb_server_listener_init
1710 *
1711 * Initializes listener contexts.
1712 */
1713 static void
smb_server_listener_init(smb_server_t * sv,smb_listener_daemon_t * ld,char * name,in_port_t port,int family)1714 smb_server_listener_init(
1715 smb_server_t *sv,
1716 smb_listener_daemon_t *ld,
1717 char *name,
1718 in_port_t port,
1719 int family)
1720 {
1721 ASSERT(ld->ld_magic != SMB_LISTENER_MAGIC);
1722
1723 bzero(ld, sizeof (*ld));
1724
1725 ld->ld_sv = sv;
1726 ld->ld_family = family;
1727 ld->ld_port = port;
1728
1729 if (family == AF_INET) {
1730 ld->ld_sin.sin_family = (uint32_t)family;
1731 ld->ld_sin.sin_port = htons(port);
1732 ld->ld_sin.sin_addr.s_addr = htonl(INADDR_ANY);
1733 } else {
1734 ld->ld_sin6.sin6_family = (uint32_t)family;
1735 ld->ld_sin6.sin6_port = htons(port);
1736 (void) memset(&ld->ld_sin6.sin6_addr.s6_addr, 0,
1737 sizeof (ld->ld_sin6.sin6_addr.s6_addr));
1738 }
1739
1740 smb_thread_init(&ld->ld_thread, name, smb_server_listener, ld,
1741 smbsrv_listen_pri, sv);
1742 ld->ld_magic = SMB_LISTENER_MAGIC;
1743 }
1744
1745 /*
1746 * smb_server_listener_destroy
1747 *
1748 * Destroyes listener contexts.
1749 */
1750 static void
smb_server_listener_destroy(smb_listener_daemon_t * ld)1751 smb_server_listener_destroy(smb_listener_daemon_t *ld)
1752 {
1753 /*
1754 * Note that if startup fails early, we can legitimately
1755 * get here with an all-zeros object.
1756 */
1757 if (ld->ld_magic == 0)
1758 return;
1759
1760 SMB_LISTENER_VALID(ld);
1761 ASSERT(ld->ld_so == NULL);
1762 smb_thread_destroy(&ld->ld_thread);
1763 ld->ld_magic = 0;
1764 }
1765
1766 /*
1767 * smb_server_listener_start
1768 *
1769 * Starts the listener associated with the context passed in.
1770 *
1771 * Return: 0 Success
1772 * not 0 Failure
1773 */
1774 static int
smb_server_listener_start(smb_listener_daemon_t * ld)1775 smb_server_listener_start(smb_listener_daemon_t *ld)
1776 {
1777 int rc;
1778 uint32_t on;
1779 uint32_t off;
1780
1781 SMB_LISTENER_VALID(ld);
1782
1783 if (ld->ld_so != NULL)
1784 return (EINVAL);
1785
1786 ld->ld_so = smb_socreate(ld->ld_family, SOCK_STREAM, 0);
1787 if (ld->ld_so == NULL) {
1788 cmn_err(CE_WARN, "port %d: socket create failed", ld->ld_port);
1789 return (ENOMEM);
1790 }
1791
1792 off = 0;
1793 (void) ksocket_setsockopt(ld->ld_so, SOL_SOCKET,
1794 SO_MAC_EXEMPT, &off, sizeof (off), CRED());
1795
1796 on = 1;
1797 (void) ksocket_setsockopt(ld->ld_so, SOL_SOCKET,
1798 SO_REUSEADDR, &on, sizeof (on), CRED());
1799
1800 if (ld->ld_family == AF_INET) {
1801 rc = ksocket_bind(ld->ld_so,
1802 (struct sockaddr *)&ld->ld_sin,
1803 sizeof (ld->ld_sin), CRED());
1804 } else {
1805 rc = ksocket_bind(ld->ld_so,
1806 (struct sockaddr *)&ld->ld_sin6,
1807 sizeof (ld->ld_sin6), CRED());
1808 }
1809
1810 if (rc != 0) {
1811 cmn_err(CE_WARN, "port %d: bind failed", ld->ld_port);
1812 return (rc);
1813 }
1814
1815 rc = ksocket_listen(ld->ld_so, 20, CRED());
1816 if (rc < 0) {
1817 cmn_err(CE_WARN, "port %d: listen failed", ld->ld_port);
1818 return (rc);
1819 }
1820
1821 ksocket_hold(ld->ld_so);
1822 rc = smb_thread_start(&ld->ld_thread);
1823 if (rc != 0) {
1824 ksocket_rele(ld->ld_so);
1825 cmn_err(CE_WARN, "port %d: listener failed to start",
1826 ld->ld_port);
1827 return (rc);
1828 }
1829 return (0);
1830 }
1831
1832 /*
1833 * smb_server_listener_stop
1834 *
1835 * Stops the listener associated with the context passed in.
1836 */
1837 static void
smb_server_listener_stop(smb_listener_daemon_t * ld)1838 smb_server_listener_stop(smb_listener_daemon_t *ld)
1839 {
1840 SMB_LISTENER_VALID(ld);
1841
1842 if (ld->ld_so != NULL) {
1843 smb_soshutdown(ld->ld_so);
1844 smb_sodestroy(ld->ld_so);
1845 smb_thread_stop(&ld->ld_thread);
1846 ld->ld_so = NULL;
1847 }
1848 }
1849
1850 /*
1851 * smb_server_listener
1852 *
1853 * Entry point of the listeners.
1854 */
1855 static void
smb_server_listener(smb_thread_t * thread,void * arg)1856 smb_server_listener(smb_thread_t *thread, void *arg)
1857 {
1858 _NOTE(ARGUNUSED(thread))
1859 smb_listener_daemon_t *ld;
1860 ksocket_t s_so;
1861 int on;
1862 int txbuf_size;
1863
1864 ld = (smb_listener_daemon_t *)arg;
1865
1866 SMB_LISTENER_VALID(ld);
1867
1868 DTRACE_PROBE1(so__wait__accept, struct sonode *, ld->ld_so);
1869
1870 while (smb_thread_continue_nowait(&ld->ld_thread) &&
1871 ld->ld_sv->sv_state != SMB_SERVER_STATE_STOPPING) {
1872 int ret = ksocket_accept(ld->ld_so, NULL, NULL, &s_so, CRED());
1873
1874 switch (ret) {
1875 case 0:
1876 break;
1877 case ECONNABORTED:
1878 continue;
1879
1880 case EINTR:
1881 case EBADF:
1882 case ENOTSOCK:
1883 /* These are normal during shutdown. Silence. */
1884 if (ld->ld_sv->sv_state == SMB_SERVER_STATE_STOPPING)
1885 goto out;
1886 /* FALLTHROUGH */
1887 default:
1888 cmn_err(CE_WARN,
1889 "smb_server_listener: ksocket_accept failed (%d)",
1890 ret);
1891 /* avoid a tight CPU-burn loop here */
1892 delay(MSEC_TO_TICK(10));
1893 continue;
1894 }
1895
1896 DTRACE_PROBE1(so__accept, struct sonode *, s_so);
1897
1898 on = 1;
1899 (void) ksocket_setsockopt(s_so, IPPROTO_TCP, TCP_NODELAY,
1900 &on, sizeof (on), CRED());
1901
1902 on = 1;
1903 (void) ksocket_setsockopt(s_so, SOL_SOCKET, SO_KEEPALIVE,
1904 &on, sizeof (on), CRED());
1905
1906 txbuf_size = 128*1024;
1907 (void) ksocket_setsockopt(s_so, SOL_SOCKET, SO_SNDBUF,
1908 (const void *)&txbuf_size, sizeof (txbuf_size), CRED());
1909
1910 /*
1911 * Create a session for this connection.
1912 */
1913 smb_server_create_session(ld, s_so);
1914 }
1915 out:
1916 ksocket_rele(ld->ld_so);
1917 }
1918
1919 /*
1920 * smb_server_receiver
1921 *
1922 * Entry point of the receiver threads.
1923 * Also does cleanup when socket disconnected.
1924 */
1925 static void
smb_server_receiver(void * arg)1926 smb_server_receiver(void *arg)
1927 {
1928 smb_session_t *session;
1929
1930 session = (smb_session_t *)arg;
1931
1932 /* We stay in here until socket disconnect. */
1933 smb_session_receiver(session);
1934
1935 smb_server_destroy_session(session);
1936 }
1937
1938 /*
1939 * smb_server_lookup
1940 *
1941 * This function finds the server associated with the zone of the
1942 * caller. Note: requires a fix in the dynamic taskq code:
1943 * 1501 taskq_create_proc ... TQ_DYNAMIC puts tasks in p0
1944 */
1945 int
smb_server_lookup(smb_server_t ** psv)1946 smb_server_lookup(smb_server_t **psv)
1947 {
1948 zoneid_t zid;
1949 smb_server_t *sv;
1950
1951 zid = getzoneid();
1952
1953 smb_llist_enter(&smb_servers, RW_READER);
1954 sv = smb_llist_head(&smb_servers);
1955 while (sv) {
1956 SMB_SERVER_VALID(sv);
1957 if (sv->sv_zid == zid) {
1958 mutex_enter(&sv->sv_mutex);
1959 if (sv->sv_state != SMB_SERVER_STATE_DELETING) {
1960 sv->sv_refcnt++;
1961 mutex_exit(&sv->sv_mutex);
1962 smb_llist_exit(&smb_servers);
1963 *psv = sv;
1964 return (0);
1965 }
1966 mutex_exit(&sv->sv_mutex);
1967 break;
1968 }
1969 sv = smb_llist_next(&smb_servers, sv);
1970 }
1971 smb_llist_exit(&smb_servers);
1972 return (ENXIO);
1973 }
1974
1975 /*
1976 * smb_server_release
1977 *
1978 * This function decrements the reference count of the server and signals its
1979 * condition variable if the state of the server is SMB_SERVER_STATE_DELETING.
1980 */
1981 void
smb_server_release(smb_server_t * sv)1982 smb_server_release(smb_server_t *sv)
1983 {
1984 SMB_SERVER_VALID(sv);
1985
1986 mutex_enter(&sv->sv_mutex);
1987 ASSERT(sv->sv_refcnt);
1988 sv->sv_refcnt--;
1989 if ((sv->sv_refcnt == 0) && (sv->sv_state == SMB_SERVER_STATE_DELETING))
1990 cv_signal(&sv->sv_cv);
1991 mutex_exit(&sv->sv_mutex);
1992 }
1993
1994 /*
1995 * smb_server_lookup_user
1996 *
1997 * Find an smb_user by its user_id
1998 * Optional ssn_id (if non-zero) restricts search to a specific session.
1999 *
2000 * Returns smb_user_t * held. Caller must smb_user_rele(user)
2001 * Returns NULL if not found.
2002 */
2003 smb_user_t *
smb_server_lookup_user(smb_server_t * sv,uint64_t ssn_id,uint64_t user_id)2004 smb_server_lookup_user(smb_server_t *sv, uint64_t ssn_id, uint64_t user_id)
2005 {
2006 smb_llist_t *slist = &sv->sv_session_list;
2007 smb_session_t *sn;
2008 smb_user_t *user = NULL;
2009
2010 smb_llist_enter(slist, RW_READER);
2011
2012 for (sn = smb_llist_head(slist);
2013 sn != NULL && user == NULL;
2014 sn = smb_llist_next(slist, sn)) {
2015 SMB_SESSION_VALID(sn);
2016
2017 if (ssn_id != 0 && ssn_id != sn->s_kid)
2018 continue;
2019 if (sn->s_state != SMB_SESSION_STATE_NEGOTIATED)
2020 continue;
2021
2022 user = smb_session_lookup_ssnid(sn, user_id);
2023 }
2024 smb_llist_exit(slist);
2025
2026 return (user);
2027 }
2028
2029 /*
2030 * Enumerate the users associated with a session list.
2031 */
2032 static void
smb_server_enum_users(smb_server_t * sv,smb_svcenum_t * svcenum)2033 smb_server_enum_users(smb_server_t *sv, smb_svcenum_t *svcenum)
2034 {
2035 smb_llist_t *ll = &sv->sv_session_list;
2036 smb_session_t *sn;
2037 smb_llist_t *ulist;
2038 smb_user_t *user;
2039 int rc = 0;
2040
2041 smb_llist_enter(ll, RW_READER);
2042 sn = smb_llist_head(ll);
2043
2044 while (sn != NULL) {
2045 SMB_SESSION_VALID(sn);
2046 ulist = &sn->s_user_list;
2047 smb_llist_enter(ulist, RW_READER);
2048 user = smb_llist_head(ulist);
2049
2050 while (user != NULL) {
2051 if (smb_user_hold(user)) {
2052 rc = smb_user_enum(user, svcenum);
2053 smb_user_release(user);
2054 if (rc != 0)
2055 break;
2056 }
2057
2058 user = smb_llist_next(ulist, user);
2059 }
2060
2061 smb_llist_exit(ulist);
2062
2063 if (rc != 0)
2064 break;
2065
2066 sn = smb_llist_next(ll, sn);
2067 }
2068
2069 smb_llist_exit(ll);
2070 }
2071
2072 /*
2073 * Enumerate the trees/files associated with a session list.
2074 */
2075 static void
smb_server_enum_trees(smb_server_t * sv,smb_svcenum_t * svcenum)2076 smb_server_enum_trees(smb_server_t *sv, smb_svcenum_t *svcenum)
2077 {
2078 smb_llist_t *ll = &sv->sv_session_list;
2079 smb_session_t *sn;
2080 smb_llist_t *tlist;
2081 smb_tree_t *tree;
2082 int rc = 0;
2083
2084 smb_llist_enter(ll, RW_READER);
2085 sn = smb_llist_head(ll);
2086
2087 while (sn != NULL) {
2088 SMB_SESSION_VALID(sn);
2089 tlist = &sn->s_tree_list;
2090 smb_llist_enter(tlist, RW_READER);
2091 tree = smb_llist_head(tlist);
2092
2093 while (tree != NULL) {
2094 if (smb_tree_hold(tree)) {
2095 rc = smb_tree_enum(tree, svcenum);
2096 smb_tree_release(tree);
2097 if (rc != 0)
2098 break;
2099 }
2100
2101 tree = smb_llist_next(tlist, tree);
2102 }
2103
2104 smb_llist_exit(tlist);
2105
2106 if (rc != 0)
2107 break;
2108
2109 sn = smb_llist_next(ll, sn);
2110 }
2111
2112 smb_llist_exit(ll);
2113 }
2114
2115 /*
2116 * Disconnect sessions associated with the specified client and username.
2117 * Empty strings are treated as wildcards.
2118 */
2119 static int
smb_server_session_disconnect(smb_server_t * sv,const char * client,const char * name)2120 smb_server_session_disconnect(smb_server_t *sv,
2121 const char *client, const char *name)
2122 {
2123 smb_llist_t *ll = &sv->sv_session_list;
2124 smb_session_t *sn;
2125 smb_llist_t *ulist;
2126 smb_user_t *user;
2127 int count = 0;
2128
2129 smb_llist_enter(ll, RW_READER);
2130
2131 for (sn = smb_llist_head(ll);
2132 sn != NULL;
2133 sn = smb_llist_next(ll, sn)) {
2134 SMB_SESSION_VALID(sn);
2135
2136 if (*client != '\0' && !smb_session_isclient(sn, client))
2137 continue;
2138
2139 ulist = &sn->s_user_list;
2140 smb_llist_enter(ulist, RW_READER);
2141
2142 for (user = smb_llist_head(ulist);
2143 user != NULL;
2144 user = smb_llist_next(ulist, user)) {
2145
2146 if (smb_user_hold(user)) {
2147
2148 if (*name == '\0' ||
2149 smb_user_namecmp(user, name)) {
2150 smb_user_logoff(user);
2151 count++;
2152 }
2153
2154 smb_user_release(user);
2155 }
2156 }
2157
2158 smb_llist_exit(ulist);
2159 }
2160
2161 smb_llist_exit(ll);
2162 return (count);
2163 }
2164
2165 /*
2166 * Close a file by its unique id.
2167 */
2168 static int
smb_server_fclose(smb_server_t * sv,uint32_t uniqid)2169 smb_server_fclose(smb_server_t *sv, uint32_t uniqid)
2170 {
2171 smb_llist_t *ll;
2172 smb_session_t *sn;
2173 smb_llist_t *tlist;
2174 smb_tree_t *tree;
2175 int rc = ENOENT;
2176
2177 ll = &sv->sv_session_list;
2178 smb_llist_enter(ll, RW_READER);
2179 sn = smb_llist_head(ll);
2180
2181 while ((sn != NULL) && (rc == ENOENT)) {
2182 SMB_SESSION_VALID(sn);
2183 tlist = &sn->s_tree_list;
2184 smb_llist_enter(tlist, RW_READER);
2185 tree = smb_llist_head(tlist);
2186
2187 while ((tree != NULL) && (rc == ENOENT)) {
2188 if (smb_tree_hold(tree)) {
2189 rc = smb_tree_fclose(tree, uniqid);
2190 smb_tree_release(tree);
2191 }
2192
2193 tree = smb_llist_next(tlist, tree);
2194 }
2195
2196 smb_llist_exit(tlist);
2197 sn = smb_llist_next(ll, sn);
2198 }
2199
2200 smb_llist_exit(ll);
2201 return (rc);
2202 }
2203
2204 /*
2205 * This is used by SMB2 session setup to logoff a previous session,
2206 * so it can force a logoff that we haven't noticed yet.
2207 * This is not called frequently, so we just walk the list of
2208 * connections searching for the user.
2209 *
2210 * Note that this must wait for any durable handles (ofiles)
2211 * owned by this user to become "orphaned", so that a reconnect
2212 * that may immediately follow can find and use such ofiles.
2213 */
2214 void
smb_server_logoff_ssnid(smb_request_t * sr,uint64_t ssnid)2215 smb_server_logoff_ssnid(smb_request_t *sr, uint64_t ssnid)
2216 {
2217 smb_server_t *sv = sr->sr_server;
2218 smb_llist_t *sess_list;
2219 smb_session_t *sess;
2220 smb_user_t *user = NULL;
2221 boolean_t do_logoff = B_FALSE;
2222
2223 SMB_SERVER_VALID(sv);
2224
2225 if (sv->sv_state != SMB_SERVER_STATE_RUNNING)
2226 return;
2227
2228 sess_list = &sv->sv_session_list;
2229 smb_llist_enter(sess_list, RW_READER);
2230
2231 for (sess = smb_llist_head(sess_list);
2232 sess != NULL;
2233 sess = smb_llist_next(sess_list, sess)) {
2234
2235 SMB_SESSION_VALID(sess);
2236
2237 if (sess->dialect < SMB_VERS_2_BASE)
2238 continue;
2239
2240 switch (sess->s_state) {
2241 case SMB_SESSION_STATE_NEGOTIATED:
2242 case SMB_SESSION_STATE_TERMINATED:
2243 case SMB_SESSION_STATE_DISCONNECTED:
2244 break;
2245 default:
2246 continue;
2247 }
2248
2249 /*
2250 * Normal situation is to find a LOGGED_ON user.
2251 */
2252 user = smb_session_lookup_uid_st(sess, ssnid, 0,
2253 SMB_USER_STATE_LOGGED_ON);
2254 if (user != NULL) {
2255 if (smb_is_same_user(user->u_cred, sr->user_cr)) {
2256 do_logoff = B_TRUE;
2257 break;
2258 }
2259 smb_user_release(user);
2260 user = NULL;
2261 }
2262
2263 /*
2264 * If we raced with disconnect, may find LOGGING_OFF,
2265 * in which case we want to just wait for it.
2266 */
2267 user = smb_session_lookup_uid_st(sess, ssnid, 0,
2268 SMB_USER_STATE_LOGGING_OFF);
2269 if (user != NULL) {
2270 if (smb_is_same_user(user->u_cred, sr->user_cr))
2271 break;
2272 smb_user_release(user);
2273 user = NULL;
2274 }
2275 }
2276
2277 smb_llist_exit(sess_list);
2278
2279 /*
2280 * Note that smb_user_logoff() can block for a while if
2281 * smb_session_disconnect_owned_trees, smb_ofile_close_all
2282 * ends up blocked on locks held by running requests.
2283 * Do that while not holding the session list rwlock.
2284 */
2285 if (user != NULL) {
2286 if (do_logoff) {
2287 /* Treat this as if we lost the connection */
2288 user->preserve_opens = SMB2_DH_PRESERVE_SOME;
2289 smb_user_logoff(user);
2290 }
2291
2292 /*
2293 * Wait for durable handles to be orphaned.
2294 * Note: not holding the sess list rwlock.
2295 */
2296 smb_user_wait_trees(user);
2297
2298 /*
2299 * Could be doing the last release on a user below,
2300 * which can leave work on the delete queues for
2301 * s_user_list or s_tree_list so flush those.
2302 * Must hold the session list after the user release
2303 * so that the session can't go away while we flush.
2304 */
2305 smb_llist_enter(sess_list, RW_READER);
2306
2307 sess = user->u_session;
2308 smb_user_release(user);
2309
2310 smb_llist_flush(&sess->s_tree_list);
2311 smb_llist_flush(&sess->s_user_list);
2312
2313 smb_llist_exit(sess_list);
2314 }
2315 }
2316
2317 /* See also: libsmb smb_kmod_setcfg */
2318 static void
smb_server_store_cfg(smb_server_t * sv,smb_ioc_cfg_t * ioc)2319 smb_server_store_cfg(smb_server_t *sv, smb_ioc_cfg_t *ioc)
2320 {
2321 if (ioc->maxconnections == 0)
2322 ioc->maxconnections = 0xFFFFFFFF;
2323
2324 if (ioc->encrypt == SMB_CONFIG_REQUIRED &&
2325 ioc->max_protocol < SMB_VERS_3_0) {
2326 cmn_err(CE_WARN, "Server set to require encryption; "
2327 "forcing max_protocol to 3.0");
2328 ioc->max_protocol = SMB_VERS_3_0;
2329 }
2330 sv->sv_cfg.skc_maxworkers = ioc->maxworkers;
2331 sv->sv_cfg.skc_maxconnections = ioc->maxconnections;
2332 sv->sv_cfg.skc_keepalive = ioc->keepalive;
2333 sv->sv_cfg.skc_restrict_anon = ioc->restrict_anon;
2334 sv->sv_cfg.skc_signing_enable = ioc->signing_enable;
2335 sv->sv_cfg.skc_signing_required = ioc->signing_required;
2336 sv->sv_cfg.skc_oplock_enable = ioc->oplock_enable;
2337 sv->sv_cfg.skc_sync_enable = ioc->sync_enable;
2338 sv->sv_cfg.skc_secmode = ioc->secmode;
2339 sv->sv_cfg.skc_netbios_enable = ioc->netbios_enable;
2340 sv->sv_cfg.skc_ipv6_enable = ioc->ipv6_enable;
2341 sv->sv_cfg.skc_print_enable = ioc->print_enable;
2342 sv->sv_cfg.skc_traverse_mounts = ioc->traverse_mounts;
2343 sv->sv_cfg.skc_short_names = ioc->short_names;
2344 sv->sv_cfg.skc_max_protocol = ioc->max_protocol;
2345 sv->sv_cfg.skc_min_protocol = ioc->min_protocol;
2346 sv->sv_cfg.skc_encrypt = ioc->encrypt;
2347 sv->sv_cfg.skc_encrypt_ciphers = ioc->encrypt_ciphers;
2348 sv->sv_cfg.skc_execflags = ioc->exec_flags;
2349 sv->sv_cfg.skc_negtok_len = ioc->negtok_len;
2350 sv->sv_cfg.skc_max_opens = ioc->max_opens;
2351 sv->sv_cfg.skc_version = ioc->version;
2352 sv->sv_cfg.skc_initial_credits = ioc->initial_credits;
2353 sv->sv_cfg.skc_maximum_credits = ioc->maximum_credits;
2354
2355 (void) memcpy(sv->sv_cfg.skc_machine_uuid, ioc->machine_uuid,
2356 sizeof (uuid_t));
2357 (void) memcpy(sv->sv_cfg.skc_negtok, ioc->negtok,
2358 sizeof (sv->sv_cfg.skc_negtok));
2359 (void) memcpy(sv->sv_cfg.skc_native_os, ioc->native_os,
2360 sizeof (sv->sv_cfg.skc_native_os));
2361 (void) memcpy(sv->sv_cfg.skc_native_lm, ioc->native_lm,
2362 sizeof (sv->sv_cfg.skc_native_lm));
2363
2364 (void) strlcpy(sv->sv_cfg.skc_nbdomain, ioc->nbdomain,
2365 sizeof (sv->sv_cfg.skc_nbdomain));
2366 (void) strlcpy(sv->sv_cfg.skc_fqdn, ioc->fqdn,
2367 sizeof (sv->sv_cfg.skc_fqdn));
2368 (void) strlcpy(sv->sv_cfg.skc_hostname, ioc->hostname,
2369 sizeof (sv->sv_cfg.skc_hostname));
2370 (void) strlcpy(sv->sv_cfg.skc_system_comment, ioc->system_comment,
2371 sizeof (sv->sv_cfg.skc_system_comment));
2372 }
2373
2374 static int
smb_server_fsop_start(smb_server_t * sv)2375 smb_server_fsop_start(smb_server_t *sv)
2376 {
2377 int error;
2378
2379 error = smb_node_root_init(sv, &sv->si_root_smb_node);
2380 if (error != 0)
2381 sv->si_root_smb_node = NULL;
2382
2383 return (error);
2384 }
2385
2386 static void
smb_server_fsop_stop(smb_server_t * sv)2387 smb_server_fsop_stop(smb_server_t *sv)
2388 {
2389 if (sv->si_root_smb_node != NULL) {
2390 smb_node_release(sv->si_root_smb_node);
2391 sv->si_root_smb_node = NULL;
2392 }
2393 }
2394
2395 smb_event_t *
smb_event_create(smb_server_t * sv,int timeout)2396 smb_event_create(smb_server_t *sv, int timeout)
2397 {
2398 smb_event_t *event;
2399
2400 if (smb_server_is_stopping(sv))
2401 return (NULL);
2402
2403 event = kmem_cache_alloc(smb_cache_event, KM_SLEEP);
2404
2405 bzero(event, sizeof (smb_event_t));
2406 mutex_init(&event->se_mutex, NULL, MUTEX_DEFAULT, NULL);
2407 cv_init(&event->se_cv, NULL, CV_DEFAULT, NULL);
2408 event->se_magic = SMB_EVENT_MAGIC;
2409 event->se_txid = smb_event_alloc_txid();
2410 event->se_server = sv;
2411 event->se_timeout = timeout;
2412
2413 smb_llist_enter(&sv->sv_event_list, RW_WRITER);
2414 smb_llist_insert_tail(&sv->sv_event_list, event);
2415 smb_llist_exit(&sv->sv_event_list);
2416
2417 return (event);
2418 }
2419
2420 void
smb_event_destroy(smb_event_t * event)2421 smb_event_destroy(smb_event_t *event)
2422 {
2423 smb_server_t *sv;
2424
2425 if (event == NULL)
2426 return;
2427
2428 SMB_EVENT_VALID(event);
2429 ASSERT(event->se_waittime == 0);
2430 sv = event->se_server;
2431 SMB_SERVER_VALID(sv);
2432
2433 smb_llist_enter(&sv->sv_event_list, RW_WRITER);
2434 smb_llist_remove(&sv->sv_event_list, event);
2435 smb_llist_exit(&sv->sv_event_list);
2436
2437 event->se_magic = (uint32_t)~SMB_EVENT_MAGIC;
2438 cv_destroy(&event->se_cv);
2439 mutex_destroy(&event->se_mutex);
2440
2441 kmem_cache_free(smb_cache_event, event);
2442 }
2443
2444 /*
2445 * Get the txid for the specified event.
2446 */
2447 uint32_t
smb_event_txid(smb_event_t * event)2448 smb_event_txid(smb_event_t *event)
2449 {
2450 if (event != NULL) {
2451 SMB_EVENT_VALID(event);
2452 return (event->se_txid);
2453 }
2454
2455 cmn_err(CE_NOTE, "smb_event_txid failed");
2456 return ((uint32_t)-1);
2457 }
2458
2459 /*
2460 * Wait for event notification.
2461 */
2462 int
smb_event_wait(smb_event_t * event)2463 smb_event_wait(smb_event_t *event)
2464 {
2465 int seconds = 1;
2466 int ticks;
2467 int err;
2468
2469 if (event == NULL)
2470 return (EINVAL);
2471
2472 SMB_EVENT_VALID(event);
2473
2474 mutex_enter(&event->se_mutex);
2475 event->se_waittime = 1;
2476 event->se_errno = 0;
2477
2478 while (!(event->se_notified)) {
2479 if (smb_event_debug && ((event->se_waittime % 30) == 0))
2480 cmn_err(CE_NOTE, "smb_event_wait[%d] (%d sec)",
2481 event->se_txid, event->se_waittime);
2482
2483 if (event->se_errno != 0)
2484 break;
2485
2486 if (event->se_waittime > event->se_timeout) {
2487 event->se_errno = ETIME;
2488 break;
2489 }
2490
2491 ticks = SEC_TO_TICK(seconds);
2492 (void) cv_reltimedwait(&event->se_cv,
2493 &event->se_mutex, (clock_t)ticks, TR_CLOCK_TICK);
2494 ++event->se_waittime;
2495 }
2496
2497 err = event->se_errno;
2498 event->se_waittime = 0;
2499 event->se_notified = B_FALSE;
2500 cv_signal(&event->se_cv);
2501 mutex_exit(&event->se_mutex);
2502 return (err);
2503 }
2504
2505 /*
2506 * If txid is non-zero, cancel the specified event.
2507 * Otherwise, cancel all events.
2508 */
2509 static void
smb_event_cancel(smb_server_t * sv,uint32_t txid)2510 smb_event_cancel(smb_server_t *sv, uint32_t txid)
2511 {
2512 smb_event_t *event;
2513 smb_llist_t *event_list;
2514
2515 SMB_SERVER_VALID(sv);
2516
2517 event_list = &sv->sv_event_list;
2518 smb_llist_enter(event_list, RW_WRITER);
2519
2520 event = smb_llist_head(event_list);
2521 while (event) {
2522 SMB_EVENT_VALID(event);
2523
2524 if (txid == 0 || event->se_txid == txid) {
2525 mutex_enter(&event->se_mutex);
2526 event->se_errno = ECANCELED;
2527 event->se_notified = B_TRUE;
2528 cv_signal(&event->se_cv);
2529 mutex_exit(&event->se_mutex);
2530
2531 if (txid != 0)
2532 break;
2533 }
2534
2535 event = smb_llist_next(event_list, event);
2536 }
2537
2538 smb_llist_exit(event_list);
2539 }
2540
2541 /*
2542 * If txid is non-zero, notify the specified event.
2543 * Otherwise, notify all events.
2544 */
2545 void
smb_event_notify(smb_server_t * sv,uint32_t txid)2546 smb_event_notify(smb_server_t *sv, uint32_t txid)
2547 {
2548 smb_event_t *event;
2549 smb_llist_t *event_list;
2550
2551 SMB_SERVER_VALID(sv);
2552
2553 event_list = &sv->sv_event_list;
2554 smb_llist_enter(event_list, RW_READER);
2555
2556 event = smb_llist_head(event_list);
2557 while (event) {
2558 SMB_EVENT_VALID(event);
2559
2560 if (txid == 0 || event->se_txid == txid) {
2561 mutex_enter(&event->se_mutex);
2562 event->se_notified = B_TRUE;
2563 cv_signal(&event->se_cv);
2564 mutex_exit(&event->se_mutex);
2565
2566 if (txid != 0)
2567 break;
2568 }
2569
2570 event = smb_llist_next(event_list, event);
2571 }
2572
2573 smb_llist_exit(event_list);
2574 }
2575
2576 /*
2577 * Allocate a new transaction id (txid).
2578 *
2579 * 0 or -1 are not assigned because they are used to detect invalid
2580 * conditions or to indicate all open id's.
2581 */
2582 static uint32_t
smb_event_alloc_txid(void)2583 smb_event_alloc_txid(void)
2584 {
2585 static kmutex_t txmutex;
2586 static uint32_t txid;
2587 uint32_t txid_ret;
2588
2589 mutex_enter(&txmutex);
2590
2591 if (txid == 0)
2592 txid = ddi_get_lbolt() << 11;
2593
2594 do {
2595 ++txid;
2596 } while (txid == 0 || txid == (uint32_t)-1);
2597
2598 txid_ret = txid;
2599 mutex_exit(&txmutex);
2600
2601 return (txid_ret);
2602 }
2603
2604 /*
2605 * Called by the ioctl to find the corresponding
2606 * spooldoc node. removes node on success
2607 *
2608 * Return values
2609 * rc
2610 * B_FALSE - not found
2611 * B_TRUE - found
2612 *
2613 */
2614
2615 static boolean_t
smb_spool_lookup_doc_byfid(smb_server_t * sv,uint16_t fid,smb_kspooldoc_t * spdoc)2616 smb_spool_lookup_doc_byfid(smb_server_t *sv, uint16_t fid,
2617 smb_kspooldoc_t *spdoc)
2618 {
2619 smb_kspooldoc_t *sp;
2620 smb_llist_t *splist;
2621
2622 splist = &sv->sp_info.sp_list;
2623 smb_llist_enter(splist, RW_WRITER);
2624 sp = smb_llist_head(splist);
2625 while (sp != NULL) {
2626 /*
2627 * check for a matching fid
2628 */
2629 if (sp->sd_fid == fid) {
2630 *spdoc = *sp;
2631 smb_llist_remove(splist, sp);
2632 smb_llist_exit(splist);
2633 kmem_free(sp, sizeof (smb_kspooldoc_t));
2634 return (B_TRUE);
2635 }
2636 sp = smb_llist_next(splist, sp);
2637 }
2638 cmn_err(CE_WARN, "smb_spool_lookup_user_byfid: no fid:%d", fid);
2639 smb_llist_exit(splist);
2640 return (B_FALSE);
2641 }
2642
2643 /*
2644 * Adds the spool fid to a linked list to be used
2645 * as a search key in the spooldoc queue
2646 *
2647 * Return values
2648 * rc non-zero error
2649 * rc zero success
2650 *
2651 */
2652
2653 void
smb_spool_add_fid(smb_server_t * sv,uint16_t fid)2654 smb_spool_add_fid(smb_server_t *sv, uint16_t fid)
2655 {
2656 smb_llist_t *fidlist;
2657 smb_spoolfid_t *sf;
2658
2659 if (sv->sv_cfg.skc_print_enable == 0)
2660 return;
2661
2662 sf = kmem_zalloc(sizeof (smb_spoolfid_t), KM_SLEEP);
2663 fidlist = &sv->sp_info.sp_fidlist;
2664 smb_llist_enter(fidlist, RW_WRITER);
2665 sf->sf_fid = fid;
2666 smb_llist_insert_tail(fidlist, sf);
2667 smb_llist_exit(fidlist);
2668 cv_broadcast(&sv->sp_info.sp_cv);
2669 }
2670
2671 /*
2672 * Called by the ioctl to get and remove the head of the fid list
2673 *
2674 * Return values
2675 * int fd
2676 * greater than 0 success
2677 * 0 - error
2678 *
2679 */
2680
2681 static uint16_t
smb_spool_get_fid(smb_server_t * sv)2682 smb_spool_get_fid(smb_server_t *sv)
2683 {
2684 smb_spoolfid_t *spfid;
2685 smb_llist_t *splist;
2686 uint16_t fid;
2687
2688 splist = &sv->sp_info.sp_fidlist;
2689 smb_llist_enter(splist, RW_WRITER);
2690 spfid = smb_llist_head(splist);
2691 if (spfid != NULL) {
2692 fid = spfid->sf_fid;
2693 smb_llist_remove(&sv->sp_info.sp_fidlist, spfid);
2694 kmem_free(spfid, sizeof (smb_spoolfid_t));
2695 } else {
2696 fid = 0;
2697 }
2698 smb_llist_exit(splist);
2699 return (fid);
2700 }
2701
2702 /*
2703 * Adds the spooldoc to the tail of the spooldoc list
2704 *
2705 * Return values
2706 * rc non-zero error
2707 * rc zero success
2708 */
2709 int
smb_spool_add_doc(smb_tree_t * tree,smb_kspooldoc_t * sp)2710 smb_spool_add_doc(smb_tree_t *tree, smb_kspooldoc_t *sp)
2711 {
2712 smb_llist_t *splist;
2713 smb_server_t *sv = tree->t_server;
2714 int rc = 0;
2715
2716 splist = &sv->sp_info.sp_list;
2717 smb_llist_enter(splist, RW_WRITER);
2718 sp->sd_spool_num = atomic_inc_32_nv(&sv->sp_info.sp_cnt);
2719 smb_llist_insert_tail(splist, sp);
2720 smb_llist_exit(splist);
2721
2722 return (rc);
2723 }
2724
2725 /*
2726 * smb_server_create_session
2727 */
2728 static void
smb_server_create_session(smb_listener_daemon_t * ld,ksocket_t s_so)2729 smb_server_create_session(smb_listener_daemon_t *ld, ksocket_t s_so)
2730 {
2731 smb_server_t *sv = ld->ld_sv;
2732 smb_session_t *session;
2733 smb_llist_t *sl;
2734 taskqid_t tqid;
2735 clock_t now;
2736
2737 session = smb_session_create(s_so, ld->ld_port, sv,
2738 ld->ld_family);
2739
2740 if (session == NULL) {
2741 /* This should be rare (create sleeps) */
2742 smb_soshutdown(s_so);
2743 smb_sodestroy(s_so);
2744 cmn_err(CE_WARN, "SMB Session: alloc failed");
2745 return;
2746 }
2747
2748 sl = &sv->sv_session_list;
2749 smb_llist_enter(sl, RW_WRITER);
2750 if (smb_llist_get_count(sl) >= sv->sv_cfg.skc_maxconnections) {
2751 /*
2752 * New session not in sv_session_list, so we can just
2753 * delete it directly.
2754 */
2755 smb_llist_exit(sl);
2756 DTRACE_PROBE1(maxconn, smb_session_t *, session);
2757 smb_soshutdown(session->sock);
2758 smb_session_delete(session);
2759 goto logmaxconn;
2760 }
2761 smb_llist_insert_tail(sl, session);
2762 smb_llist_exit(sl);
2763
2764 /*
2765 * These taskq entries must run independently of one another,
2766 * so TQ_NOQUEUE. TQ_SLEEP (==0) just for clarity.
2767 */
2768 tqid = taskq_dispatch(sv->sv_receiver_pool,
2769 smb_server_receiver, session, TQ_NOQUEUE | TQ_SLEEP);
2770 if (tqid != TASKQID_INVALID) {
2771 /* Success */
2772 return;
2773 }
2774
2775 /*
2776 * Have: tqid == TASKQID_INVALID
2777 * We never entered smb_server_receiver()
2778 * so need to do its return cleanup
2779 */
2780 DTRACE_PROBE1(maxconn, smb_session_t *, session);
2781 smb_session_disconnect(session);
2782 smb_session_logoff(session);
2783 smb_server_destroy_session(session);
2784
2785 logmaxconn:
2786 /*
2787 * If we hit max_connections, log something so an admin
2788 * can find out why new connections are failing, but
2789 * log this no more than once a minute.
2790 */
2791 now = ddi_get_lbolt();
2792 if (now > ld->ld_quiet) {
2793 ld->ld_quiet = now + SEC_TO_TICK(60);
2794 cmn_err(CE_WARN, "SMB can't create session: "
2795 "Would exceed max_connections.");
2796 }
2797 }
2798
2799 static void
smb_server_destroy_session(smb_session_t * session)2800 smb_server_destroy_session(smb_session_t *session)
2801 {
2802 smb_server_t *sv;
2803 smb_llist_t *ll;
2804 uint32_t count;
2805
2806 ASSERT(session->s_server != NULL);
2807 sv = session->s_server;
2808 ll = &sv->sv_session_list;
2809
2810 smb_llist_flush(&session->s_tree_list);
2811 smb_llist_flush(&session->s_user_list);
2812
2813 smb_llist_enter(ll, RW_WRITER);
2814 smb_llist_remove(ll, session);
2815 count = ll->ll_count;
2816 smb_llist_exit(ll);
2817
2818 /*
2819 * Normally, the session should have state SHUTDOWN here.
2820 * If the session has any ofiles remaining, eg. due to
2821 * forgotten ofile references or something, the state
2822 * will be _DISCONNECTED or _TERMINATED. Keep such
2823 * sessions in the list of zombies (for debugging).
2824 */
2825 if (session->s_state == SMB_SESSION_STATE_SHUTDOWN) {
2826 smb_session_delete(session);
2827 } else {
2828 cmn_err(CE_NOTE, "!Leaked session: 0x%p", (void *)session);
2829 DTRACE_PROBE1(new__zombie, smb_session_t *, session);
2830 smb_llist_enter(&smb_server_session_zombies, RW_WRITER);
2831 smb_llist_insert_head(&smb_server_session_zombies, session);
2832 smb_llist_exit(&smb_server_session_zombies);
2833 }
2834
2835 if (count == 0) {
2836 /* See smb_server_shutdown */
2837 cv_signal(&sv->sv_cv);
2838 }
2839 }
2840