xref: /illumos-gate/usr/src/uts/common/fs/smbsrv/smb2_qinfo_sec.c (revision 45ede40b2394db7967e59f19288fae9b62efd4aa)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
24  * Copyright 2014 Nexenta Systems, Inc.  All rights reserved.
25  */
26 
27 /*
28  * Dispatch function for SMB2_QUERY_INFO
29  * Similar to smb_nt_transact_security.c
30  */
31 
32 #include <smbsrv/smb2_kproto.h>
33 #include <smbsrv/smb_fsops.h>
34 #include <smbsrv/ntifs.h>
35 
36 uint32_t
37 smb2_qinfo_sec(smb_request_t *sr, smb_queryinfo_t *qi)
38 {
39 	smb_sd_t sd;
40 	uint32_t secinfo = qi->qi_AddlInfo;
41 	uint32_t sdlen;
42 	uint32_t status;
43 
44 	/*
45 	 * secinfo & ...
46 	 * OWNER_SECURITY_INFORMATION,
47 	 * GROUP_SECURITY_INFORMATION,
48 	 * DACL_SECURITY_INFORMATION, ...
49 	 */
50 
51 	if ((sr->fid_ofile->f_node == NULL) ||
52 	    (sr->fid_ofile->f_ftype != SMB_FTYPE_DISK))
53 		return (NT_STATUS_INVALID_PARAMETER);
54 
55 	if (sr->tid_tree->t_acltype != ACE_T) {
56 		/*
57 		 * If target filesystem doesn't support ACE_T acls then
58 		 * don't process SACL
59 		 */
60 		secinfo &= ~SMB_SACL_SECINFO;
61 	}
62 
63 	status = smb_sd_read(sr, &sd, secinfo);
64 	if (status != NT_STATUS_SUCCESS)
65 		return (status);
66 
67 	sdlen = smb_sd_len(&sd, secinfo);
68 	if (sdlen == 0) {
69 		status = NT_STATUS_INVALID_SECURITY_DESCR;
70 		goto out;
71 	}
72 
73 	if (sdlen > sr->raw_data.max_bytes) {
74 		/*
75 		 * The maximum data return count specified by the
76 		 * client is not big enough to hold the security
77 		 * descriptor.  Return the special error that
78 		 * tells the client how much room they need.
79 		 * Error data is the required size.
80 		 */
81 		MBC_FLUSH(&sr->raw_data);
82 		sr->raw_data.max_bytes = 4;
83 		(void) smb_mbc_encodef(&sr->raw_data, "l", sdlen);
84 		status = NT_STATUS_BUFFER_TOO_SMALL;
85 		goto out;
86 	}
87 
88 	smb_encode_sd(&sr->raw_data, &sd, secinfo);
89 	status = 0;
90 
91 out:
92 	smb_sd_term(&sd);
93 	return (status);
94 }
95