1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 23 * Copyright 2018 Nexenta Systems, Inc. All rights reserved. 24 */ 25 26 #include <sys/sid.h> 27 #include <sys/nbmlock.h> 28 #include <smbsrv/smb_fsops.h> 29 #include <smbsrv/smb_kproto.h> 30 #include <acl/acl_common.h> 31 #include <sys/fcntl.h> 32 #include <sys/flock.h> 33 #include <fs/fs_subr.h> 34 35 extern caller_context_t smb_ct; 36 37 static int smb_fsop_create_stream(smb_request_t *, cred_t *, smb_node_t *, 38 char *, char *, int, smb_attr_t *, smb_node_t **); 39 40 static int smb_fsop_create_file(smb_request_t *, cred_t *, smb_node_t *, 41 char *, int, smb_attr_t *, smb_node_t **); 42 43 #ifdef _KERNEL 44 static int smb_fsop_create_with_sd(smb_request_t *, cred_t *, smb_node_t *, 45 char *, smb_attr_t *, smb_node_t **, smb_fssd_t *); 46 static int smb_fsop_sdinherit(smb_request_t *, smb_node_t *, smb_fssd_t *); 47 #endif /* _KERNEL */ 48 49 /* 50 * The smb_fsop_* functions have knowledge of CIFS semantics. 51 * 52 * The smb_vop_* functions have minimal knowledge of CIFS semantics and 53 * serve as an interface to the VFS layer. 54 * 55 * Hence, smb_request_t and smb_node_t structures should not be passed 56 * from the smb_fsop_* layer to the smb_vop_* layer. 57 * 58 * In general, CIFS service code should only ever call smb_fsop_* 59 * functions directly, and never smb_vop_* functions directly. 60 * 61 * smb_fsop_* functions should call smb_vop_* functions where possible, instead 62 * of their smb_fsop_* counterparts. However, there are times when 63 * this cannot be avoided. 64 */ 65 66 /* 67 * Note: Stream names cannot be mangled. 68 */ 69 70 /* 71 * smb_fsop_amask_to_omode 72 * 73 * Convert the access mask to the open mode (for use 74 * with the VOP_OPEN call). 75 * 76 * Note that opening a file for attribute only access 77 * will also translate into an FREAD or FWRITE open mode 78 * (i.e., it's not just for data). 79 * 80 * This is needed so that opens are tracked appropriately 81 * for oplock processing. 82 */ 83 84 int 85 smb_fsop_amask_to_omode(uint32_t access) 86 { 87 int mode = 0; 88 89 if (access & (FILE_READ_DATA | FILE_EXECUTE | 90 FILE_READ_ATTRIBUTES | FILE_READ_EA)) 91 mode |= FREAD; 92 93 if (access & (FILE_WRITE_DATA | FILE_APPEND_DATA | 94 FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA)) 95 mode |= FWRITE; 96 97 if (access & FILE_APPEND_DATA) 98 mode |= FAPPEND; 99 100 return (mode); 101 } 102 103 int 104 smb_fsop_open(smb_node_t *node, int mode, cred_t *cred) 105 { 106 /* 107 * Assuming that the same vnode is returned as we had before. 108 * (I.e., with certain types of files or file systems, a 109 * different vnode might be returned by VOP_OPEN) 110 */ 111 return (smb_vop_open(&node->vp, mode, cred)); 112 } 113 114 void 115 smb_fsop_close(smb_node_t *node, int mode, cred_t *cred) 116 { 117 smb_vop_close(node->vp, mode, cred); 118 } 119 120 #ifdef _KERNEL 121 static int 122 smb_fsop_create_with_sd(smb_request_t *sr, cred_t *cr, 123 smb_node_t *dnode, char *name, 124 smb_attr_t *attr, smb_node_t **ret_snode, smb_fssd_t *fs_sd) 125 { 126 vsecattr_t *vsap; 127 vsecattr_t vsecattr; 128 smb_attr_t set_attr; 129 acl_t *acl, *dacl, *sacl; 130 vnode_t *vp; 131 cred_t *kcr = zone_kcred(); 132 int aclbsize = 0; /* size of acl list in bytes */ 133 int flags = 0; 134 int rc; 135 boolean_t is_dir; 136 137 ASSERT(fs_sd); 138 139 if (SMB_TREE_IS_CASEINSENSITIVE(sr)) 140 flags = SMB_IGNORE_CASE; 141 if (SMB_TREE_SUPPORTS_CATIA(sr)) 142 flags |= SMB_CATIA; 143 144 ASSERT(cr); 145 146 is_dir = ((fs_sd->sd_flags & SMB_FSSD_FLAGS_DIR) != 0); 147 148 if (smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACLONCREATE)) { 149 if (fs_sd->sd_secinfo & SMB_ACL_SECINFO) { 150 dacl = fs_sd->sd_zdacl; 151 sacl = fs_sd->sd_zsacl; 152 ASSERT(dacl || sacl); 153 if (dacl && sacl) { 154 acl = smb_fsacl_merge(dacl, sacl); 155 } else if (dacl) { 156 acl = dacl; 157 } else { 158 acl = sacl; 159 } 160 161 rc = smb_fsacl_to_vsa(acl, &vsecattr, &aclbsize); 162 163 if (dacl && sacl) 164 acl_free(acl); 165 166 if (rc != 0) 167 return (rc); 168 169 vsap = &vsecattr; 170 } else { 171 vsap = NULL; 172 } 173 174 /* The tree ACEs may prevent a create */ 175 rc = EACCES; 176 if (is_dir) { 177 if (SMB_TREE_HAS_ACCESS(sr, ACE_ADD_SUBDIRECTORY) != 0) 178 rc = smb_vop_mkdir(dnode->vp, name, attr, 179 &vp, flags, cr, vsap); 180 } else { 181 if (SMB_TREE_HAS_ACCESS(sr, ACE_ADD_FILE) != 0) 182 rc = smb_vop_create(dnode->vp, name, attr, 183 &vp, flags, cr, vsap); 184 } 185 186 if (vsap != NULL) 187 kmem_free(vsap->vsa_aclentp, aclbsize); 188 189 if (rc != 0) 190 return (rc); 191 192 set_attr.sa_mask = 0; 193 194 /* 195 * Ideally we should be able to specify the owner and owning 196 * group at create time along with the ACL. Since we cannot 197 * do that right now, kcred is passed to smb_vop_setattr so it 198 * doesn't fail due to lack of permission. 199 */ 200 if (fs_sd->sd_secinfo & SMB_OWNER_SECINFO) { 201 set_attr.sa_vattr.va_uid = fs_sd->sd_uid; 202 set_attr.sa_mask |= SMB_AT_UID; 203 } 204 205 if (fs_sd->sd_secinfo & SMB_GROUP_SECINFO) { 206 set_attr.sa_vattr.va_gid = fs_sd->sd_gid; 207 set_attr.sa_mask |= SMB_AT_GID; 208 } 209 210 if (set_attr.sa_mask) 211 rc = smb_vop_setattr(vp, NULL, &set_attr, 0, kcr); 212 213 if (rc == 0) { 214 *ret_snode = smb_node_lookup(sr, &sr->arg.open, cr, vp, 215 name, dnode, NULL); 216 217 if (*ret_snode == NULL) 218 rc = ENOMEM; 219 220 VN_RELE(vp); 221 } 222 } else { 223 /* 224 * For filesystems that don't support ACL-on-create, try 225 * to set the specified SD after create, which could actually 226 * fail because of conflicts between inherited security 227 * attributes upon creation and the specified SD. 228 * 229 * Passing kcred to smb_fsop_sdwrite() to overcome this issue. 230 */ 231 232 if (is_dir) { 233 rc = smb_vop_mkdir(dnode->vp, name, attr, &vp, 234 flags, cr, NULL); 235 } else { 236 rc = smb_vop_create(dnode->vp, name, attr, &vp, 237 flags, cr, NULL); 238 } 239 240 if (rc != 0) 241 return (rc); 242 243 *ret_snode = smb_node_lookup(sr, &sr->arg.open, cr, vp, 244 name, dnode, NULL); 245 246 if (*ret_snode != NULL) { 247 if (!smb_tree_has_feature(sr->tid_tree, 248 SMB_TREE_NFS_MOUNTED)) 249 rc = smb_fsop_sdwrite(sr, kcr, *ret_snode, 250 fs_sd, 1); 251 } else { 252 rc = ENOMEM; 253 } 254 255 VN_RELE(vp); 256 } 257 258 if (rc != 0) { 259 if (is_dir) 260 (void) smb_vop_rmdir(dnode->vp, name, flags, cr); 261 else 262 (void) smb_vop_remove(dnode->vp, name, flags, cr); 263 } 264 265 return (rc); 266 } 267 #endif /* _KERNEL */ 268 269 /* 270 * smb_fsop_create 271 * 272 * All SMB functions should use this wrapper to ensure that 273 * all the smb_vop_creates are performed with the appropriate credentials. 274 * Please document any direct calls to explain the reason for avoiding 275 * this wrapper. 276 * 277 * *ret_snode is returned with a reference upon success. No reference is 278 * taken if an error is returned. 279 */ 280 int 281 smb_fsop_create(smb_request_t *sr, cred_t *cr, smb_node_t *dnode, 282 char *name, smb_attr_t *attr, smb_node_t **ret_snode) 283 { 284 int rc = 0; 285 int flags = 0; 286 char *fname, *sname; 287 char *longname = NULL; 288 289 ASSERT(cr); 290 ASSERT(dnode); 291 ASSERT(dnode->n_magic == SMB_NODE_MAGIC); 292 ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING); 293 294 ASSERT(ret_snode); 295 *ret_snode = 0; 296 297 ASSERT(name); 298 if (*name == 0) 299 return (EINVAL); 300 301 ASSERT(sr); 302 ASSERT(sr->tid_tree); 303 304 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0) 305 return (EACCES); 306 307 if (SMB_TREE_IS_READONLY(sr)) 308 return (EROFS); 309 310 if (SMB_TREE_IS_CASEINSENSITIVE(sr)) 311 flags = SMB_IGNORE_CASE; 312 if (SMB_TREE_SUPPORTS_CATIA(sr)) 313 flags |= SMB_CATIA; 314 if (SMB_TREE_SUPPORTS_ABE(sr)) 315 flags |= SMB_ABE; 316 317 if (smb_is_stream_name(name)) { 318 fname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 319 sname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 320 smb_stream_parse_name(name, fname, sname); 321 322 rc = smb_fsop_create_stream(sr, cr, dnode, 323 fname, sname, flags, attr, ret_snode); 324 325 kmem_free(fname, MAXNAMELEN); 326 kmem_free(sname, MAXNAMELEN); 327 return (rc); 328 } 329 330 /* Not a named stream */ 331 332 if (SMB_TREE_SUPPORTS_SHORTNAMES(sr) && smb_maybe_mangled(name)) { 333 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 334 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags); 335 kmem_free(longname, MAXNAMELEN); 336 337 if (rc == 0) 338 rc = EEXIST; 339 if (rc != ENOENT) 340 return (rc); 341 } 342 343 rc = smb_fsop_create_file(sr, cr, dnode, name, flags, 344 attr, ret_snode); 345 return (rc); 346 347 } 348 349 350 /* 351 * smb_fsop_create_stream 352 * 353 * Create NTFS named stream file (sname) on unnamed stream 354 * file (fname), creating the unnamed stream file if it 355 * doesn't exist. 356 * If we created the unnamed stream file and then creation 357 * of the named stream file fails, we delete the unnamed stream. 358 * Since we use the real file name for the smb_vop_remove we 359 * clear the SMB_IGNORE_CASE flag to ensure a case sensitive 360 * match. 361 * 362 * The second parameter of smb_vop_setattr() is set to 363 * NULL, even though an unnamed stream exists. This is 364 * because we want to set the UID and GID on the named 365 * stream in this case for consistency with the (unnamed 366 * stream) file (see comments for smb_vop_setattr()). 367 */ 368 static int 369 smb_fsop_create_stream(smb_request_t *sr, cred_t *cr, 370 smb_node_t *dnode, char *fname, char *sname, int flags, 371 smb_attr_t *attr, smb_node_t **ret_snode) 372 { 373 smb_attr_t fattr; 374 smb_node_t *fnode; 375 vnode_t *xattrdvp; 376 vnode_t *vp; 377 cred_t *kcr = zone_kcred(); 378 int rc = 0; 379 boolean_t fcreate = B_FALSE; 380 381 /* Look up / create the unnamed stream, fname */ 382 rc = smb_fsop_lookup(sr, cr, flags | SMB_FOLLOW_LINKS, 383 sr->tid_tree->t_snode, dnode, fname, &fnode); 384 if (rc == 0) { 385 if (smb_fsop_access(sr, sr->user_cr, fnode, 386 sr->sr_open.desired_access) != 0) 387 rc = EACCES; 388 } else if (rc == ENOENT) { 389 fcreate = B_TRUE; 390 rc = smb_fsop_create_file(sr, cr, dnode, fname, flags, 391 attr, &fnode); 392 } 393 if (rc != 0) 394 return (rc); 395 396 fattr.sa_mask = SMB_AT_UID | SMB_AT_GID; 397 rc = smb_vop_getattr(fnode->vp, NULL, &fattr, 0, kcr); 398 399 if (rc == 0) { 400 /* create the named stream, sname */ 401 rc = smb_vop_stream_create(fnode->vp, sname, attr, 402 &vp, &xattrdvp, flags, cr); 403 } 404 if (rc != 0) { 405 if (fcreate) { 406 flags &= ~SMB_IGNORE_CASE; 407 (void) smb_vop_remove(dnode->vp, 408 fnode->od_name, flags, cr); 409 } 410 smb_node_release(fnode); 411 return (rc); 412 } 413 414 attr->sa_vattr.va_uid = fattr.sa_vattr.va_uid; 415 attr->sa_vattr.va_gid = fattr.sa_vattr.va_gid; 416 attr->sa_mask = SMB_AT_UID | SMB_AT_GID; 417 418 rc = smb_vop_setattr(vp, NULL, attr, 0, kcr); 419 if (rc != 0) { 420 smb_node_release(fnode); 421 return (rc); 422 } 423 424 *ret_snode = smb_stream_node_lookup(sr, cr, fnode, xattrdvp, 425 vp, sname); 426 427 smb_node_release(fnode); 428 VN_RELE(xattrdvp); 429 VN_RELE(vp); 430 431 if (*ret_snode == NULL) 432 rc = ENOMEM; 433 434 /* notify change to the unnamed stream */ 435 if (rc == 0) 436 smb_node_notify_change(dnode, 437 FILE_ACTION_ADDED_STREAM, fname); 438 439 return (rc); 440 } 441 442 /* 443 * smb_fsop_create_file 444 */ 445 static int 446 smb_fsop_create_file(smb_request_t *sr, cred_t *cr, 447 smb_node_t *dnode, char *name, int flags, 448 smb_attr_t *attr, smb_node_t **ret_snode) 449 { 450 smb_arg_open_t *op = &sr->sr_open; 451 vnode_t *vp; 452 int rc; 453 454 #ifdef _KERNEL 455 smb_fssd_t fs_sd; 456 uint32_t secinfo; 457 uint32_t status; 458 459 if (op->sd) { 460 /* 461 * SD sent by client in Windows format. Needs to be 462 * converted to FS format. No inheritance. 463 */ 464 secinfo = smb_sd_get_secinfo(op->sd); 465 smb_fssd_init(&fs_sd, secinfo, 0); 466 467 status = smb_sd_tofs(op->sd, &fs_sd); 468 if (status == NT_STATUS_SUCCESS) { 469 rc = smb_fsop_create_with_sd(sr, cr, dnode, 470 name, attr, ret_snode, &fs_sd); 471 } else { 472 rc = EINVAL; 473 } 474 smb_fssd_term(&fs_sd); 475 } else if (sr->tid_tree->t_acltype == ACE_T) { 476 /* 477 * No incoming SD and filesystem is ZFS 478 * Server applies Windows inheritance rules, 479 * see smb_fsop_sdinherit() comments as to why. 480 */ 481 smb_fssd_init(&fs_sd, SMB_ACL_SECINFO, 0); 482 rc = smb_fsop_sdinherit(sr, dnode, &fs_sd); 483 if (rc == 0) { 484 rc = smb_fsop_create_with_sd(sr, cr, dnode, 485 name, attr, ret_snode, &fs_sd); 486 } 487 488 smb_fssd_term(&fs_sd); 489 } else 490 #endif /* _KERNEL */ 491 { 492 /* 493 * No incoming SD and filesystem is not ZFS 494 * let the filesystem handles the inheritance. 495 */ 496 rc = smb_vop_create(dnode->vp, name, attr, &vp, 497 flags, cr, NULL); 498 499 if (rc == 0) { 500 *ret_snode = smb_node_lookup(sr, op, cr, vp, 501 name, dnode, NULL); 502 503 if (*ret_snode == NULL) 504 rc = ENOMEM; 505 506 VN_RELE(vp); 507 } 508 509 } 510 511 if (rc == 0) 512 smb_node_notify_change(dnode, FILE_ACTION_ADDED, name); 513 514 return (rc); 515 } 516 517 /* 518 * smb_fsop_mkdir 519 * 520 * All SMB functions should use this wrapper to ensure that 521 * the the calls are performed with the appropriate credentials. 522 * Please document any direct call to explain the reason 523 * for avoiding this wrapper. 524 * 525 * It is assumed that a reference exists on snode coming into this routine. 526 * 527 * *ret_snode is returned with a reference upon success. No reference is 528 * taken if an error is returned. 529 */ 530 int 531 smb_fsop_mkdir( 532 smb_request_t *sr, 533 cred_t *cr, 534 smb_node_t *dnode, 535 char *name, 536 smb_attr_t *attr, 537 smb_node_t **ret_snode) 538 { 539 struct open_param *op = &sr->arg.open; 540 char *longname; 541 vnode_t *vp; 542 int flags = 0; 543 int rc; 544 545 #ifdef _KERNEL 546 smb_fssd_t fs_sd; 547 uint32_t secinfo; 548 uint32_t status; 549 #endif /* _KERNEL */ 550 551 ASSERT(cr); 552 ASSERT(dnode); 553 ASSERT(dnode->n_magic == SMB_NODE_MAGIC); 554 ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING); 555 556 ASSERT(ret_snode); 557 *ret_snode = 0; 558 559 ASSERT(name); 560 if (*name == 0) 561 return (EINVAL); 562 563 ASSERT(sr); 564 ASSERT(sr->tid_tree); 565 566 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0) 567 return (EACCES); 568 569 if (SMB_TREE_IS_READONLY(sr)) 570 return (EROFS); 571 if (SMB_TREE_SUPPORTS_CATIA(sr)) 572 flags |= SMB_CATIA; 573 if (SMB_TREE_SUPPORTS_ABE(sr)) 574 flags |= SMB_ABE; 575 576 if (SMB_TREE_SUPPORTS_SHORTNAMES(sr) && smb_maybe_mangled(name)) { 577 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 578 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags); 579 kmem_free(longname, MAXNAMELEN); 580 581 /* 582 * If the name passed in by the client has an unmangled 583 * equivalent that is found in the specified directory, 584 * then the mkdir cannot succeed. Return EEXIST. 585 * 586 * Only if ENOENT is returned will a mkdir be attempted. 587 */ 588 589 if (rc == 0) 590 rc = EEXIST; 591 592 if (rc != ENOENT) 593 return (rc); 594 } 595 596 if (SMB_TREE_IS_CASEINSENSITIVE(sr)) 597 flags = SMB_IGNORE_CASE; 598 599 #ifdef _KERNEL 600 if (op->sd) { 601 /* 602 * SD sent by client in Windows format. Needs to be 603 * converted to FS format. No inheritance. 604 */ 605 secinfo = smb_sd_get_secinfo(op->sd); 606 smb_fssd_init(&fs_sd, secinfo, SMB_FSSD_FLAGS_DIR); 607 608 status = smb_sd_tofs(op->sd, &fs_sd); 609 if (status == NT_STATUS_SUCCESS) { 610 rc = smb_fsop_create_with_sd(sr, cr, dnode, 611 name, attr, ret_snode, &fs_sd); 612 } 613 else 614 rc = EINVAL; 615 smb_fssd_term(&fs_sd); 616 } else if (sr->tid_tree->t_acltype == ACE_T) { 617 /* 618 * No incoming SD and filesystem is ZFS 619 * Server applies Windows inheritance rules, 620 * see smb_fsop_sdinherit() comments as to why. 621 */ 622 smb_fssd_init(&fs_sd, SMB_ACL_SECINFO, SMB_FSSD_FLAGS_DIR); 623 rc = smb_fsop_sdinherit(sr, dnode, &fs_sd); 624 if (rc == 0) { 625 rc = smb_fsop_create_with_sd(sr, cr, dnode, 626 name, attr, ret_snode, &fs_sd); 627 } 628 629 smb_fssd_term(&fs_sd); 630 631 } else 632 #endif /* _KERNEL */ 633 { 634 rc = smb_vop_mkdir(dnode->vp, name, attr, &vp, flags, cr, 635 NULL); 636 637 if (rc == 0) { 638 *ret_snode = smb_node_lookup(sr, op, cr, vp, name, 639 dnode, NULL); 640 641 if (*ret_snode == NULL) 642 rc = ENOMEM; 643 644 VN_RELE(vp); 645 } 646 } 647 648 if (rc == 0) 649 smb_node_notify_change(dnode, FILE_ACTION_ADDED, name); 650 651 return (rc); 652 } 653 654 /* 655 * smb_fsop_remove 656 * 657 * All SMB functions should use this wrapper to ensure that 658 * the the calls are performed with the appropriate credentials. 659 * Please document any direct call to explain the reason 660 * for avoiding this wrapper. 661 * 662 * It is assumed that a reference exists on snode coming into this routine. 663 * 664 * A null smb_request might be passed to this function. 665 */ 666 int 667 smb_fsop_remove( 668 smb_request_t *sr, 669 cred_t *cr, 670 smb_node_t *dnode, 671 char *name, 672 uint32_t flags) 673 { 674 smb_node_t *fnode; 675 char *longname; 676 char *fname; 677 char *sname; 678 int rc; 679 680 ASSERT(cr); 681 /* 682 * The state of the node could be SMB_NODE_STATE_DESTROYING if this 683 * function is called during the deletion of the node (because of 684 * DELETE_ON_CLOSE). 685 */ 686 ASSERT(dnode); 687 ASSERT(dnode->n_magic == SMB_NODE_MAGIC); 688 689 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0 || 690 SMB_TREE_HAS_ACCESS(sr, ACE_DELETE) == 0) 691 return (EACCES); 692 693 if (SMB_TREE_IS_READONLY(sr)) 694 return (EROFS); 695 696 fname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 697 sname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 698 699 if (dnode->flags & NODE_XATTR_DIR) { 700 fnode = dnode->n_dnode; 701 rc = smb_vop_stream_remove(fnode->vp, name, flags, cr); 702 703 /* notify change to the unnamed stream */ 704 if ((rc == 0) && fnode->n_dnode) { 705 smb_node_notify_change(fnode->n_dnode, 706 FILE_ACTION_REMOVED_STREAM, fnode->od_name); 707 } 708 } else if (smb_is_stream_name(name)) { 709 smb_stream_parse_name(name, fname, sname); 710 711 /* 712 * Look up the unnamed stream (i.e. fname). 713 * Unmangle processing will be done on fname 714 * as well as any link target. 715 */ 716 717 rc = smb_fsop_lookup(sr, cr, flags | SMB_FOLLOW_LINKS, 718 sr->tid_tree->t_snode, dnode, fname, &fnode); 719 720 if (rc != 0) { 721 kmem_free(fname, MAXNAMELEN); 722 kmem_free(sname, MAXNAMELEN); 723 return (rc); 724 } 725 726 /* 727 * XXX 728 * Need to find out what permission is required by NTFS 729 * to remove a stream. 730 */ 731 rc = smb_vop_stream_remove(fnode->vp, sname, flags, cr); 732 733 smb_node_release(fnode); 734 735 /* notify change to the unnamed stream */ 736 if (rc == 0) { 737 smb_node_notify_change(dnode, 738 FILE_ACTION_REMOVED_STREAM, fname); 739 } 740 } else { 741 rc = smb_vop_remove(dnode->vp, name, flags, cr); 742 743 if (rc == ENOENT) { 744 if (!SMB_TREE_SUPPORTS_SHORTNAMES(sr) || 745 !smb_maybe_mangled(name)) { 746 kmem_free(fname, MAXNAMELEN); 747 kmem_free(sname, MAXNAMELEN); 748 return (rc); 749 } 750 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 751 752 if (SMB_TREE_SUPPORTS_ABE(sr)) 753 flags |= SMB_ABE; 754 755 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, 756 flags); 757 758 if (rc == 0) { 759 /* 760 * longname is the real (case-sensitive) 761 * on-disk name. 762 * We make sure we do a remove on this exact 763 * name, as the name was mangled and denotes 764 * a unique file. 765 */ 766 flags &= ~SMB_IGNORE_CASE; 767 rc = smb_vop_remove(dnode->vp, longname, 768 flags, cr); 769 } 770 kmem_free(longname, MAXNAMELEN); 771 } 772 if (rc == 0) { 773 smb_node_notify_change(dnode, 774 FILE_ACTION_REMOVED, name); 775 } 776 } 777 778 kmem_free(fname, MAXNAMELEN); 779 kmem_free(sname, MAXNAMELEN); 780 781 return (rc); 782 } 783 784 /* 785 * smb_fsop_remove_streams 786 * 787 * This function removes a file's streams without removing the 788 * file itself. 789 * 790 * It is assumed that fnode is not a link. 791 */ 792 uint32_t 793 smb_fsop_remove_streams(smb_request_t *sr, cred_t *cr, smb_node_t *fnode) 794 { 795 int rc, flags = 0; 796 smb_odir_t *od; 797 smb_odirent_t *odirent; 798 uint32_t status; 799 boolean_t eos; 800 801 ASSERT(sr); 802 ASSERT(cr); 803 ASSERT(fnode); 804 ASSERT(fnode->n_magic == SMB_NODE_MAGIC); 805 ASSERT(fnode->n_state != SMB_NODE_STATE_DESTROYING); 806 807 if (SMB_TREE_CONTAINS_NODE(sr, fnode) == 0) 808 return (NT_STATUS_ACCESS_DENIED); 809 810 if (SMB_TREE_IS_READONLY(sr)) 811 return (NT_STATUS_ACCESS_DENIED); 812 813 if (SMB_TREE_IS_CASEINSENSITIVE(sr)) 814 flags = SMB_IGNORE_CASE; 815 816 if (SMB_TREE_SUPPORTS_CATIA(sr)) 817 flags |= SMB_CATIA; 818 819 status = smb_odir_openat(sr, fnode, &od); 820 switch (status) { 821 case 0: 822 break; 823 case NT_STATUS_NO_SUCH_FILE: 824 case NT_STATUS_NOT_SUPPORTED: 825 /* No streams to remove. */ 826 return (0); 827 default: 828 return (status); 829 } 830 831 odirent = kmem_alloc(sizeof (smb_odirent_t), KM_SLEEP); 832 for (;;) { 833 rc = smb_odir_read(sr, od, odirent, &eos); 834 if ((rc != 0) || (eos)) 835 break; 836 (void) smb_vop_remove(od->d_dnode->vp, odirent->od_name, 837 flags, cr); 838 } 839 kmem_free(odirent, sizeof (smb_odirent_t)); 840 if (eos && rc == ENOENT) 841 rc = 0; 842 843 smb_odir_close(od); 844 smb_odir_release(od); 845 if (rc) 846 status = smb_errno2status(rc); 847 return (status); 848 } 849 850 /* 851 * smb_fsop_rmdir 852 * 853 * All SMB functions should use this wrapper to ensure that 854 * the the calls are performed with the appropriate credentials. 855 * Please document any direct call to explain the reason 856 * for avoiding this wrapper. 857 * 858 * It is assumed that a reference exists on snode coming into this routine. 859 */ 860 int 861 smb_fsop_rmdir( 862 smb_request_t *sr, 863 cred_t *cr, 864 smb_node_t *dnode, 865 char *name, 866 uint32_t flags) 867 { 868 int rc; 869 char *longname; 870 871 ASSERT(cr); 872 /* 873 * The state of the node could be SMB_NODE_STATE_DESTROYING if this 874 * function is called during the deletion of the node (because of 875 * DELETE_ON_CLOSE). 876 */ 877 ASSERT(dnode); 878 ASSERT(dnode->n_magic == SMB_NODE_MAGIC); 879 880 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0 || 881 SMB_TREE_HAS_ACCESS(sr, ACE_DELETE_CHILD) == 0) 882 return (EACCES); 883 884 if (SMB_TREE_IS_READONLY(sr)) 885 return (EROFS); 886 887 rc = smb_vop_rmdir(dnode->vp, name, flags, cr); 888 889 if (rc == ENOENT) { 890 if (!SMB_TREE_SUPPORTS_SHORTNAMES(sr) || 891 !smb_maybe_mangled(name)) { 892 return (rc); 893 } 894 895 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 896 897 if (SMB_TREE_SUPPORTS_ABE(sr)) 898 flags |= SMB_ABE; 899 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags); 900 901 if (rc == 0) { 902 /* 903 * longname is the real (case-sensitive) 904 * on-disk name. 905 * We make sure we do a rmdir on this exact 906 * name, as the name was mangled and denotes 907 * a unique directory. 908 */ 909 flags &= ~SMB_IGNORE_CASE; 910 rc = smb_vop_rmdir(dnode->vp, longname, flags, cr); 911 } 912 913 kmem_free(longname, MAXNAMELEN); 914 } 915 916 if (rc == 0) 917 smb_node_notify_change(dnode, FILE_ACTION_REMOVED, name); 918 919 return (rc); 920 } 921 922 /* 923 * smb_fsop_getattr 924 * 925 * All SMB functions should use this wrapper to ensure that 926 * the the calls are performed with the appropriate credentials. 927 * Please document any direct call to explain the reason 928 * for avoiding this wrapper. 929 * 930 * It is assumed that a reference exists on snode coming into this routine. 931 */ 932 int 933 smb_fsop_getattr(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 934 smb_attr_t *attr) 935 { 936 smb_node_t *unnamed_node; 937 vnode_t *unnamed_vp = NULL; 938 uint32_t status; 939 uint32_t access = 0; 940 int flags = 0; 941 int rc; 942 943 ASSERT(cr); 944 ASSERT(snode); 945 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 946 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 947 948 if (SMB_TREE_CONTAINS_NODE(sr, snode) == 0 || 949 SMB_TREE_HAS_ACCESS(sr, ACE_READ_ATTRIBUTES) == 0) 950 return (EACCES); 951 952 /* sr could be NULL in some cases */ 953 if (sr && sr->fid_ofile) { 954 /* if uid and/or gid is requested */ 955 if (attr->sa_mask & (SMB_AT_UID|SMB_AT_GID)) 956 access |= READ_CONTROL; 957 958 /* if anything else is also requested */ 959 if (attr->sa_mask & ~(SMB_AT_UID|SMB_AT_GID)) 960 access |= FILE_READ_ATTRIBUTES; 961 962 status = smb_ofile_access(sr->fid_ofile, cr, access); 963 if (status != NT_STATUS_SUCCESS) 964 return (EACCES); 965 966 if (smb_tree_has_feature(sr->tid_tree, 967 SMB_TREE_ACEMASKONACCESS)) 968 flags = ATTR_NOACLCHECK; 969 } 970 971 unnamed_node = SMB_IS_STREAM(snode); 972 973 if (unnamed_node) { 974 ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC); 975 ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING); 976 unnamed_vp = unnamed_node->vp; 977 } 978 979 rc = smb_vop_getattr(snode->vp, unnamed_vp, attr, flags, cr); 980 981 if ((rc == 0) && smb_node_is_dfslink(snode)) { 982 /* a DFS link should be treated as a directory */ 983 attr->sa_dosattr |= FILE_ATTRIBUTE_DIRECTORY; 984 } 985 986 return (rc); 987 } 988 989 /* 990 * smb_fsop_link 991 * 992 * All SMB functions should use this smb_vop_link wrapper to ensure that 993 * the smb_vop_link is performed with the appropriate credentials. 994 * Please document any direct call to smb_vop_link to explain the reason 995 * for avoiding this wrapper. 996 * 997 * It is assumed that references exist on from_dnode and to_dnode coming 998 * into this routine. 999 */ 1000 int 1001 smb_fsop_link(smb_request_t *sr, cred_t *cr, smb_node_t *from_fnode, 1002 smb_node_t *to_dnode, char *to_name) 1003 { 1004 char *longname = NULL; 1005 int flags = 0; 1006 int rc; 1007 1008 ASSERT(sr); 1009 ASSERT(sr->tid_tree); 1010 ASSERT(cr); 1011 ASSERT(to_dnode); 1012 ASSERT(to_dnode->n_magic == SMB_NODE_MAGIC); 1013 ASSERT(to_dnode->n_state != SMB_NODE_STATE_DESTROYING); 1014 ASSERT(from_fnode); 1015 ASSERT(from_fnode->n_magic == SMB_NODE_MAGIC); 1016 ASSERT(from_fnode->n_state != SMB_NODE_STATE_DESTROYING); 1017 1018 if (SMB_TREE_CONTAINS_NODE(sr, from_fnode) == 0) 1019 return (EACCES); 1020 1021 if (SMB_TREE_CONTAINS_NODE(sr, to_dnode) == 0) 1022 return (EACCES); 1023 1024 if (SMB_TREE_IS_READONLY(sr)) 1025 return (EROFS); 1026 1027 if (SMB_TREE_IS_CASEINSENSITIVE(sr)) 1028 flags = SMB_IGNORE_CASE; 1029 if (SMB_TREE_SUPPORTS_CATIA(sr)) 1030 flags |= SMB_CATIA; 1031 if (SMB_TREE_SUPPORTS_ABE(sr)) 1032 flags |= SMB_ABE; 1033 1034 if (SMB_TREE_SUPPORTS_SHORTNAMES(sr) && smb_maybe_mangled(to_name)) { 1035 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 1036 rc = smb_unmangle(to_dnode, to_name, longname, 1037 MAXNAMELEN, flags); 1038 kmem_free(longname, MAXNAMELEN); 1039 1040 if (rc == 0) 1041 rc = EEXIST; 1042 if (rc != ENOENT) 1043 return (rc); 1044 } 1045 1046 rc = smb_vop_link(to_dnode->vp, from_fnode->vp, to_name, flags, cr); 1047 1048 if (rc == 0) 1049 smb_node_notify_change(to_dnode, FILE_ACTION_ADDED, to_name); 1050 1051 return (rc); 1052 } 1053 1054 /* 1055 * smb_fsop_rename 1056 * 1057 * All SMB functions should use this smb_vop_rename wrapper to ensure that 1058 * the smb_vop_rename is performed with the appropriate credentials. 1059 * Please document any direct call to smb_vop_rename to explain the reason 1060 * for avoiding this wrapper. 1061 * 1062 * It is assumed that references exist on from_dnode and to_dnode coming 1063 * into this routine. 1064 */ 1065 int 1066 smb_fsop_rename( 1067 smb_request_t *sr, 1068 cred_t *cr, 1069 smb_node_t *from_dnode, 1070 char *from_name, 1071 smb_node_t *to_dnode, 1072 char *to_name) 1073 { 1074 smb_node_t *from_snode; 1075 smb_attr_t from_attr; 1076 vnode_t *from_vp; 1077 int flags = 0, ret_flags; 1078 int rc; 1079 boolean_t isdir; 1080 1081 ASSERT(cr); 1082 ASSERT(from_dnode); 1083 ASSERT(from_dnode->n_magic == SMB_NODE_MAGIC); 1084 ASSERT(from_dnode->n_state != SMB_NODE_STATE_DESTROYING); 1085 1086 ASSERT(to_dnode); 1087 ASSERT(to_dnode->n_magic == SMB_NODE_MAGIC); 1088 ASSERT(to_dnode->n_state != SMB_NODE_STATE_DESTROYING); 1089 1090 if (SMB_TREE_CONTAINS_NODE(sr, from_dnode) == 0) 1091 return (EACCES); 1092 1093 if (SMB_TREE_CONTAINS_NODE(sr, to_dnode) == 0) 1094 return (EACCES); 1095 1096 ASSERT(sr); 1097 ASSERT(sr->tid_tree); 1098 if (SMB_TREE_IS_READONLY(sr)) 1099 return (EROFS); 1100 1101 /* 1102 * Note: There is no need to check SMB_TREE_IS_CASEINSENSITIVE 1103 * here. 1104 * 1105 * A case-sensitive rename is always done in this routine 1106 * because we are using the on-disk name from an earlier lookup. 1107 * If a mangled name was passed in by the caller (denoting a 1108 * deterministic lookup), then the exact file must be renamed 1109 * (i.e. SMB_IGNORE_CASE must not be passed to VOP_RENAME, or 1110 * else the underlying file system might return a "first-match" 1111 * on this on-disk name, possibly resulting in the wrong file). 1112 */ 1113 1114 if (SMB_TREE_SUPPORTS_CATIA(sr)) 1115 flags |= SMB_CATIA; 1116 1117 /* 1118 * XXX: Lock required through smb_node_release() below? 1119 */ 1120 1121 rc = smb_vop_lookup(from_dnode->vp, from_name, &from_vp, NULL, 1122 flags, &ret_flags, NULL, &from_attr, cr); 1123 1124 if (rc != 0) 1125 return (rc); 1126 1127 if (from_attr.sa_dosattr & FILE_ATTRIBUTE_REPARSE_POINT) { 1128 VN_RELE(from_vp); 1129 return (EACCES); 1130 } 1131 1132 isdir = ((from_attr.sa_dosattr & FILE_ATTRIBUTE_DIRECTORY) != 0); 1133 1134 if ((isdir && SMB_TREE_HAS_ACCESS(sr, 1135 ACE_DELETE_CHILD | ACE_ADD_SUBDIRECTORY) != 1136 (ACE_DELETE_CHILD | ACE_ADD_SUBDIRECTORY)) || 1137 (!isdir && SMB_TREE_HAS_ACCESS(sr, ACE_DELETE | ACE_ADD_FILE) != 1138 (ACE_DELETE | ACE_ADD_FILE))) { 1139 VN_RELE(from_vp); 1140 return (EACCES); 1141 } 1142 1143 /* 1144 * SMB checks access on open and retains an access granted 1145 * mask for use while the file is open. ACL changes should 1146 * not affect access to an open file. 1147 * 1148 * If the rename is being performed on an ofile: 1149 * - Check the ofile's access granted mask to see if the 1150 * rename is permitted - requires DELETE access. 1151 * - If the file system does access checking, set the 1152 * ATTR_NOACLCHECK flag to ensure that the file system 1153 * does not check permissions on subsequent calls. 1154 */ 1155 if (sr && sr->fid_ofile) { 1156 rc = smb_ofile_access(sr->fid_ofile, cr, DELETE); 1157 if (rc != NT_STATUS_SUCCESS) { 1158 VN_RELE(from_vp); 1159 return (EACCES); 1160 } 1161 1162 if (smb_tree_has_feature(sr->tid_tree, 1163 SMB_TREE_ACEMASKONACCESS)) 1164 flags = ATTR_NOACLCHECK; 1165 } 1166 1167 rc = smb_vop_rename(from_dnode->vp, from_name, to_dnode->vp, 1168 to_name, flags, cr); 1169 1170 if (rc == 0) { 1171 from_snode = smb_node_lookup(sr, NULL, cr, from_vp, from_name, 1172 from_dnode, NULL); 1173 1174 if (from_snode == NULL) { 1175 rc = ENOMEM; 1176 } else { 1177 smb_node_rename(from_dnode, from_snode, 1178 to_dnode, to_name); 1179 smb_node_release(from_snode); 1180 } 1181 } 1182 VN_RELE(from_vp); 1183 1184 if (rc == 0) { 1185 if (from_dnode == to_dnode) { 1186 smb_node_notify_change(from_dnode, 1187 FILE_ACTION_RENAMED_OLD_NAME, from_name); 1188 smb_node_notify_change(to_dnode, 1189 FILE_ACTION_RENAMED_NEW_NAME, to_name); 1190 } else { 1191 smb_node_notify_change(from_dnode, 1192 FILE_ACTION_REMOVED, from_name); 1193 smb_node_notify_change(to_dnode, 1194 FILE_ACTION_ADDED, to_name); 1195 } 1196 } 1197 1198 /* XXX: unlock */ 1199 1200 return (rc); 1201 } 1202 1203 /* 1204 * smb_fsop_setattr 1205 * 1206 * All SMB functions should use this wrapper to ensure that 1207 * the the calls are performed with the appropriate credentials. 1208 * Please document any direct call to explain the reason 1209 * for avoiding this wrapper. 1210 * 1211 * It is assumed that a reference exists on snode coming into 1212 * this function. 1213 * A null smb_request might be passed to this function. 1214 */ 1215 int 1216 smb_fsop_setattr( 1217 smb_request_t *sr, 1218 cred_t *cr, 1219 smb_node_t *snode, 1220 smb_attr_t *set_attr) 1221 { 1222 smb_node_t *unnamed_node; 1223 vnode_t *unnamed_vp = NULL; 1224 uint32_t status; 1225 uint32_t access; 1226 int rc = 0; 1227 int flags = 0; 1228 uint_t sa_mask; 1229 1230 ASSERT(cr); 1231 ASSERT(snode); 1232 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 1233 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 1234 1235 if (SMB_TREE_CONTAINS_NODE(sr, snode) == 0) 1236 return (EACCES); 1237 1238 if (SMB_TREE_IS_READONLY(sr)) 1239 return (EROFS); 1240 1241 if (SMB_TREE_HAS_ACCESS(sr, 1242 ACE_WRITE_ATTRIBUTES | ACE_WRITE_NAMED_ATTRS) == 0) 1243 return (EACCES); 1244 1245 /* 1246 * The file system cannot detect pending READDONLY 1247 * (i.e. if the file has been opened readonly but 1248 * not yet closed) so we need to test READONLY here. 1249 * 1250 * Note that file handle that were opened before the 1251 * READONLY flag was set in the node (or the FS) are 1252 * immune to that change, and remain writable. 1253 */ 1254 if (sr && (set_attr->sa_mask & SMB_AT_SIZE)) { 1255 if (sr->fid_ofile) { 1256 if (SMB_OFILE_IS_READONLY(sr->fid_ofile)) 1257 return (EACCES); 1258 } else { 1259 if (SMB_PATHFILE_IS_READONLY(sr, snode)) 1260 return (EACCES); 1261 } 1262 } 1263 1264 /* 1265 * SMB checks access on open and retains an access granted 1266 * mask for use while the file is open. ACL changes should 1267 * not affect access to an open file. 1268 * 1269 * If the setattr is being performed on an ofile: 1270 * - Check the ofile's access granted mask to see if the 1271 * setattr is permitted. 1272 * UID, GID - require WRITE_OWNER 1273 * SIZE, ALLOCSZ - require FILE_WRITE_DATA 1274 * all other attributes require FILE_WRITE_ATTRIBUTES 1275 * 1276 * - If the file system does access checking, set the 1277 * ATTR_NOACLCHECK flag to ensure that the file system 1278 * does not check permissions on subsequent calls. 1279 */ 1280 if (sr && sr->fid_ofile) { 1281 sa_mask = set_attr->sa_mask; 1282 access = 0; 1283 1284 if (sa_mask & (SMB_AT_SIZE | SMB_AT_ALLOCSZ)) { 1285 access |= FILE_WRITE_DATA; 1286 sa_mask &= ~(SMB_AT_SIZE | SMB_AT_ALLOCSZ); 1287 } 1288 1289 if (sa_mask & (SMB_AT_UID|SMB_AT_GID)) { 1290 access |= WRITE_OWNER; 1291 sa_mask &= ~(SMB_AT_UID|SMB_AT_GID); 1292 } 1293 1294 if (sa_mask) 1295 access |= FILE_WRITE_ATTRIBUTES; 1296 1297 status = smb_ofile_access(sr->fid_ofile, cr, access); 1298 if (status != NT_STATUS_SUCCESS) 1299 return (EACCES); 1300 1301 if (smb_tree_has_feature(sr->tid_tree, 1302 SMB_TREE_ACEMASKONACCESS)) 1303 flags = ATTR_NOACLCHECK; 1304 } 1305 1306 unnamed_node = SMB_IS_STREAM(snode); 1307 1308 if (unnamed_node) { 1309 ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC); 1310 ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING); 1311 unnamed_vp = unnamed_node->vp; 1312 } 1313 1314 rc = smb_vop_setattr(snode->vp, unnamed_vp, set_attr, flags, cr); 1315 return (rc); 1316 } 1317 1318 /* 1319 * Support for SMB2 setinfo FileValidDataLengthInformation. 1320 * Free data from the specified offset to EoF. 1321 * 1322 * This can effectively truncate data. It truncates the data 1323 * leaving the file size as it was, leaving zeros after the 1324 * offset specified here. That is effectively modifying the 1325 * file content, so for access control this is a write. 1326 */ 1327 int 1328 smb_fsop_set_data_length( 1329 smb_request_t *sr, 1330 cred_t *cr, 1331 smb_node_t *node, 1332 offset_t end_of_data) 1333 { 1334 flock64_t flk; 1335 uint32_t status; 1336 uint32_t access = FILE_WRITE_DATA; 1337 int rc; 1338 1339 ASSERT(cr); 1340 ASSERT(node); 1341 ASSERT(node->n_magic == SMB_NODE_MAGIC); 1342 ASSERT(node->n_state != SMB_NODE_STATE_DESTROYING); 1343 1344 if (SMB_TREE_CONTAINS_NODE(sr, node) == 0) 1345 return (EACCES); 1346 1347 if (SMB_TREE_IS_READONLY(sr)) 1348 return (EROFS); 1349 1350 if (SMB_TREE_HAS_ACCESS(sr, access) == 0) 1351 return (EACCES); 1352 1353 /* 1354 * The file system cannot detect pending READDONLY 1355 * (i.e. if the file has been opened readonly but 1356 * not yet closed) so we need to test READONLY here. 1357 * 1358 * Note that file handle that were opened before the 1359 * READONLY flag was set in the node (or the FS) are 1360 * immune to that change, and remain writable. 1361 */ 1362 if (sr->fid_ofile) { 1363 if (SMB_OFILE_IS_READONLY(sr->fid_ofile)) 1364 return (EACCES); 1365 } else { 1366 /* This requires an open file. */ 1367 return (EACCES); 1368 } 1369 1370 /* 1371 * SMB checks access on open and retains an access granted 1372 * mask for use while the file is open. ACL changes should 1373 * not affect access to an open file. 1374 * 1375 * If the setattr is being performed on an ofile: 1376 * - Check the ofile's access granted mask to see if this 1377 * modification should be permitted (FILE_WRITE_DATA) 1378 */ 1379 status = smb_ofile_access(sr->fid_ofile, cr, access); 1380 if (status != NT_STATUS_SUCCESS) 1381 return (EACCES); 1382 1383 bzero(&flk, sizeof (flk)); 1384 flk.l_start = end_of_data; 1385 1386 rc = smb_vop_space(node->vp, F_FREESP, &flk, FWRITE, 0LL, cr); 1387 return (rc); 1388 } 1389 1390 /* 1391 * smb_fsop_read 1392 * 1393 * All SMB functions should use this wrapper to ensure that 1394 * the the calls are performed with the appropriate credentials. 1395 * Please document any direct call to explain the reason 1396 * for avoiding this wrapper. 1397 * 1398 * It is assumed that a reference exists on snode coming into this routine. 1399 */ 1400 int 1401 smb_fsop_read(smb_request_t *sr, cred_t *cr, smb_node_t *snode, uio_t *uio) 1402 { 1403 caller_context_t ct; 1404 cred_t *kcr = zone_kcred(); 1405 int svmand; 1406 int rc; 1407 1408 ASSERT(cr); 1409 ASSERT(snode); 1410 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 1411 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 1412 1413 ASSERT(sr); 1414 ASSERT(sr->fid_ofile); 1415 1416 if (SMB_TREE_HAS_ACCESS(sr, ACE_READ_DATA) == 0) 1417 return (EACCES); 1418 1419 rc = smb_ofile_access(sr->fid_ofile, cr, FILE_READ_DATA); 1420 if ((rc != NT_STATUS_SUCCESS) && 1421 (sr->smb_flg2 & SMB_FLAGS2_READ_IF_EXECUTE)) 1422 rc = smb_ofile_access(sr->fid_ofile, cr, FILE_EXECUTE); 1423 1424 if (rc != NT_STATUS_SUCCESS) 1425 return (EACCES); 1426 1427 /* 1428 * Streams permission are checked against the unnamed stream, 1429 * but in FS level they have their own permissions. To avoid 1430 * rejection by FS due to lack of permission on the actual 1431 * extended attr kcred is passed for streams. 1432 */ 1433 if (SMB_IS_STREAM(snode)) 1434 cr = kcr; 1435 1436 smb_node_start_crit(snode, RW_READER); 1437 rc = nbl_svmand(snode->vp, kcr, &svmand); 1438 if (rc) { 1439 smb_node_end_crit(snode); 1440 return (rc); 1441 } 1442 1443 /* 1444 * Note: SMB allows a zero-byte read, which should not 1445 * conflict with any locks. However nbl_lock_conflict 1446 * takes a zero-byte length as lock to EOF, so we must 1447 * special case that here. 1448 */ 1449 if (uio->uio_resid > 0) { 1450 ct = smb_ct; 1451 ct.cc_pid = sr->fid_ofile->f_uniqid; 1452 rc = nbl_lock_conflict(snode->vp, NBL_READ, uio->uio_loffset, 1453 uio->uio_resid, svmand, &ct); 1454 if (rc != 0) { 1455 smb_node_end_crit(snode); 1456 return (ERANGE); 1457 } 1458 } 1459 1460 rc = smb_vop_read(snode->vp, uio, cr); 1461 smb_node_end_crit(snode); 1462 1463 return (rc); 1464 } 1465 1466 /* 1467 * smb_fsop_write 1468 * 1469 * This is a wrapper function used for smb_write and smb_write_raw operations. 1470 * 1471 * It is assumed that a reference exists on snode coming into this routine. 1472 */ 1473 int 1474 smb_fsop_write( 1475 smb_request_t *sr, 1476 cred_t *cr, 1477 smb_node_t *snode, 1478 uio_t *uio, 1479 uint32_t *lcount, 1480 int ioflag) 1481 { 1482 caller_context_t ct; 1483 smb_attr_t attr; 1484 smb_node_t *u_node; 1485 vnode_t *u_vp = NULL; 1486 smb_ofile_t *of; 1487 vnode_t *vp; 1488 cred_t *kcr = zone_kcred(); 1489 int svmand; 1490 int rc; 1491 1492 ASSERT(cr); 1493 ASSERT(snode); 1494 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 1495 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 1496 1497 ASSERT(sr); 1498 ASSERT(sr->tid_tree); 1499 of = sr->fid_ofile; 1500 vp = snode->vp; 1501 1502 if (SMB_TREE_IS_READONLY(sr)) 1503 return (EROFS); 1504 1505 if (SMB_OFILE_IS_READONLY(of) || 1506 SMB_TREE_HAS_ACCESS(sr, ACE_WRITE_DATA | ACE_APPEND_DATA) == 0) 1507 return (EACCES); 1508 1509 rc = smb_ofile_access(of, cr, FILE_WRITE_DATA); 1510 if (rc != NT_STATUS_SUCCESS) { 1511 rc = smb_ofile_access(of, cr, FILE_APPEND_DATA); 1512 if (rc != NT_STATUS_SUCCESS) 1513 return (EACCES); 1514 } 1515 1516 /* 1517 * Streams permission are checked against the unnamed stream, 1518 * but in FS level they have their own permissions. To avoid 1519 * rejection by FS due to lack of permission on the actual 1520 * extended attr kcred is passed for streams. 1521 */ 1522 u_node = SMB_IS_STREAM(snode); 1523 if (u_node != NULL) { 1524 ASSERT(u_node->n_magic == SMB_NODE_MAGIC); 1525 ASSERT(u_node->n_state != SMB_NODE_STATE_DESTROYING); 1526 u_vp = u_node->vp; 1527 cr = kcr; 1528 } 1529 1530 smb_node_start_crit(snode, RW_WRITER); 1531 rc = nbl_svmand(vp, kcr, &svmand); 1532 if (rc) { 1533 smb_node_end_crit(snode); 1534 return (rc); 1535 } 1536 1537 /* 1538 * Note: SMB allows a zero-byte write, which should not 1539 * conflict with any locks. However nbl_lock_conflict 1540 * takes a zero-byte length as lock to EOF, so we must 1541 * special case that here. 1542 */ 1543 if (uio->uio_resid > 0) { 1544 ct = smb_ct; 1545 ct.cc_pid = of->f_uniqid; 1546 rc = nbl_lock_conflict(vp, NBL_WRITE, uio->uio_loffset, 1547 uio->uio_resid, svmand, &ct); 1548 if (rc != 0) { 1549 smb_node_end_crit(snode); 1550 return (ERANGE); 1551 } 1552 } 1553 1554 rc = smb_vop_write(vp, uio, ioflag, lcount, cr); 1555 1556 /* 1557 * Once the mtime has been set via this ofile, the 1558 * automatic mtime changes from writes via this ofile 1559 * should cease, preserving the mtime that was set. 1560 * See: [MS-FSA] 2.1.5.14 and smb_node_setattr. 1561 * 1562 * The VFS interface does not offer a way to ask it to 1563 * skip the mtime updates, so we simulate the desired 1564 * behavior by re-setting the mtime after writes on a 1565 * handle where the mtime has been set. 1566 */ 1567 if (of->f_pending_attr.sa_mask & SMB_AT_MTIME) { 1568 bcopy(&of->f_pending_attr, &attr, sizeof (attr)); 1569 attr.sa_mask = SMB_AT_MTIME; 1570 (void) smb_vop_setattr(vp, u_vp, &attr, 0, kcr); 1571 } 1572 1573 smb_node_end_crit(snode); 1574 1575 return (rc); 1576 } 1577 1578 /* 1579 * smb_fsop_statfs 1580 * 1581 * This is a wrapper function used for stat operations. 1582 */ 1583 int 1584 smb_fsop_statfs( 1585 cred_t *cr, 1586 smb_node_t *snode, 1587 struct statvfs64 *statp) 1588 { 1589 ASSERT(cr); 1590 ASSERT(snode); 1591 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 1592 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 1593 1594 return (smb_vop_statfs(snode->vp, statp, cr)); 1595 } 1596 1597 /* 1598 * smb_fsop_access 1599 * 1600 * Named streams do not have separate permissions from the associated 1601 * unnamed stream. Thus, if node is a named stream, the permissions 1602 * check will be performed on the associated unnamed stream. 1603 * 1604 * However, our named streams do have their own quarantine attribute, 1605 * separate from that on the unnamed stream. If READ or EXECUTE 1606 * access has been requested on a named stream, an additional access 1607 * check is performed on the named stream in case it has been 1608 * quarantined. kcred is used to avoid issues with the permissions 1609 * set on the extended attribute file representing the named stream. 1610 */ 1611 int 1612 smb_fsop_access(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 1613 uint32_t faccess) 1614 { 1615 int access = 0; 1616 int error; 1617 vnode_t *dir_vp; 1618 boolean_t acl_check = B_TRUE; 1619 smb_node_t *unnamed_node; 1620 1621 ASSERT(sr); 1622 ASSERT(cr); 1623 ASSERT(snode); 1624 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 1625 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 1626 1627 if (SMB_TREE_IS_READONLY(sr)) { 1628 if (faccess & (FILE_WRITE_DATA|FILE_APPEND_DATA| 1629 FILE_WRITE_EA|FILE_DELETE_CHILD|FILE_WRITE_ATTRIBUTES| 1630 DELETE|WRITE_DAC|WRITE_OWNER)) { 1631 return (NT_STATUS_ACCESS_DENIED); 1632 } 1633 } 1634 1635 if (smb_node_is_reparse(snode) && (faccess & DELETE)) 1636 return (NT_STATUS_ACCESS_DENIED); 1637 1638 unnamed_node = SMB_IS_STREAM(snode); 1639 if (unnamed_node) { 1640 ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC); 1641 ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING); 1642 1643 /* 1644 * Perform VREAD access check on the named stream in case it 1645 * is quarantined. kcred is passed to smb_vop_access so it 1646 * doesn't fail due to lack of permission. 1647 */ 1648 if (faccess & (FILE_READ_DATA | FILE_EXECUTE)) { 1649 error = smb_vop_access(snode->vp, VREAD, 1650 0, NULL, zone_kcred()); 1651 if (error) 1652 return (NT_STATUS_ACCESS_DENIED); 1653 } 1654 1655 /* 1656 * Streams authorization should be performed against the 1657 * unnamed stream. 1658 */ 1659 snode = unnamed_node; 1660 } 1661 1662 if (faccess & ACCESS_SYSTEM_SECURITY) { 1663 /* 1664 * This permission is required for reading/writing SACL and 1665 * it's not part of DACL. It's only granted via proper 1666 * privileges. 1667 */ 1668 if ((sr->uid_user->u_privileges & 1669 (SMB_USER_PRIV_BACKUP | 1670 SMB_USER_PRIV_RESTORE | 1671 SMB_USER_PRIV_SECURITY)) == 0) 1672 return (NT_STATUS_PRIVILEGE_NOT_HELD); 1673 1674 faccess &= ~ACCESS_SYSTEM_SECURITY; 1675 } 1676 1677 /* Links don't have ACL */ 1678 if ((!smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACEMASKONACCESS)) || 1679 smb_node_is_symlink(snode)) 1680 acl_check = B_FALSE; 1681 1682 /* Deny access based on the share access mask */ 1683 1684 if ((faccess & ~sr->tid_tree->t_access) != 0) 1685 return (NT_STATUS_ACCESS_DENIED); 1686 1687 if (acl_check) { 1688 dir_vp = (snode->n_dnode) ? snode->n_dnode->vp : NULL; 1689 error = smb_vop_access(snode->vp, faccess, V_ACE_MASK, dir_vp, 1690 cr); 1691 } else { 1692 /* 1693 * FS doesn't understand 32-bit mask, need to map 1694 */ 1695 if (faccess & (FILE_WRITE_DATA | FILE_APPEND_DATA)) 1696 access |= VWRITE; 1697 1698 if (faccess & FILE_READ_DATA) 1699 access |= VREAD; 1700 1701 if (faccess & FILE_EXECUTE) 1702 access |= VEXEC; 1703 1704 error = smb_vop_access(snode->vp, access, 0, NULL, cr); 1705 } 1706 1707 return ((error) ? NT_STATUS_ACCESS_DENIED : NT_STATUS_SUCCESS); 1708 } 1709 1710 /* 1711 * smb_fsop_lookup_name() 1712 * 1713 * If name indicates that the file is a stream file, perform 1714 * stream specific lookup, otherwise call smb_fsop_lookup. 1715 * 1716 * Return an error if the looked-up file is in outside the tree. 1717 * (Required when invoked from open path.) 1718 * 1719 * Case sensitivity flags (SMB_IGNORE_CASE, SMB_CASE_SENSITIVE): 1720 * if SMB_CASE_SENSITIVE is set, the SMB_IGNORE_CASE flag will NOT be set 1721 * based on the tree's case sensitivity. However, if the SMB_IGNORE_CASE 1722 * flag is set in the flags value passed as a parameter, a case insensitive 1723 * lookup WILL be done (regardless of whether SMB_CASE_SENSITIVE is set 1724 * or not). 1725 */ 1726 1727 int 1728 smb_fsop_lookup_name( 1729 smb_request_t *sr, 1730 cred_t *cr, 1731 int flags, 1732 smb_node_t *root_node, 1733 smb_node_t *dnode, 1734 char *name, 1735 smb_node_t **ret_snode) 1736 { 1737 smb_node_t *fnode; 1738 vnode_t *xattrdirvp; 1739 vnode_t *vp; 1740 char *od_name; 1741 char *fname; 1742 char *sname; 1743 int rc; 1744 1745 ASSERT(cr); 1746 ASSERT(dnode); 1747 ASSERT(dnode->n_magic == SMB_NODE_MAGIC); 1748 ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING); 1749 1750 /* 1751 * The following check is required for streams processing, below 1752 */ 1753 1754 if (!(flags & SMB_CASE_SENSITIVE)) { 1755 if (SMB_TREE_IS_CASEINSENSITIVE(sr)) 1756 flags |= SMB_IGNORE_CASE; 1757 } 1758 1759 fname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 1760 sname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 1761 1762 if (smb_is_stream_name(name)) { 1763 smb_stream_parse_name(name, fname, sname); 1764 1765 /* 1766 * Look up the unnamed stream (i.e. fname). 1767 * Unmangle processing will be done on fname 1768 * as well as any link target. 1769 */ 1770 rc = smb_fsop_lookup(sr, cr, flags, root_node, dnode, 1771 fname, &fnode); 1772 1773 if (rc != 0) { 1774 kmem_free(fname, MAXNAMELEN); 1775 kmem_free(sname, MAXNAMELEN); 1776 return (rc); 1777 } 1778 1779 od_name = kmem_alloc(MAXNAMELEN, KM_SLEEP); 1780 1781 /* 1782 * od_name is the on-disk name of the stream, except 1783 * without the prepended stream prefix (SMB_STREAM_PREFIX) 1784 */ 1785 1786 /* 1787 * XXX 1788 * What permissions NTFS requires for stream lookup if any? 1789 */ 1790 rc = smb_vop_stream_lookup(fnode->vp, sname, &vp, od_name, 1791 &xattrdirvp, flags, root_node->vp, cr); 1792 1793 if (rc != 0) { 1794 smb_node_release(fnode); 1795 kmem_free(fname, MAXNAMELEN); 1796 kmem_free(sname, MAXNAMELEN); 1797 kmem_free(od_name, MAXNAMELEN); 1798 return (rc); 1799 } 1800 1801 *ret_snode = smb_stream_node_lookup(sr, cr, fnode, xattrdirvp, 1802 vp, od_name); 1803 1804 kmem_free(od_name, MAXNAMELEN); 1805 smb_node_release(fnode); 1806 VN_RELE(xattrdirvp); 1807 VN_RELE(vp); 1808 1809 if (*ret_snode == NULL) { 1810 kmem_free(fname, MAXNAMELEN); 1811 kmem_free(sname, MAXNAMELEN); 1812 return (ENOMEM); 1813 } 1814 } else { 1815 rc = smb_fsop_lookup(sr, cr, flags, root_node, dnode, name, 1816 ret_snode); 1817 } 1818 1819 if (rc == 0) { 1820 ASSERT(ret_snode); 1821 if (SMB_TREE_CONTAINS_NODE(sr, *ret_snode) == 0) { 1822 smb_node_release(*ret_snode); 1823 *ret_snode = NULL; 1824 rc = EACCES; 1825 } 1826 } 1827 1828 kmem_free(fname, MAXNAMELEN); 1829 kmem_free(sname, MAXNAMELEN); 1830 1831 return (rc); 1832 } 1833 1834 /* 1835 * smb_fsop_lookup 1836 * 1837 * All SMB functions should use this smb_vop_lookup wrapper to ensure that 1838 * the smb_vop_lookup is performed with the appropriate credentials and using 1839 * case insensitive compares. Please document any direct call to smb_vop_lookup 1840 * to explain the reason for avoiding this wrapper. 1841 * 1842 * It is assumed that a reference exists on dnode coming into this routine 1843 * (and that it is safe from deallocation). 1844 * 1845 * Same with the root_node. 1846 * 1847 * *ret_snode is returned with a reference upon success. No reference is 1848 * taken if an error is returned. 1849 * 1850 * Note: The returned ret_snode may be in a child mount. This is ok for 1851 * readdir. 1852 * 1853 * Other smb_fsop_* routines will call SMB_TREE_CONTAINS_NODE() to prevent 1854 * operations on files not in the parent mount. 1855 * 1856 * Case sensitivity flags (SMB_IGNORE_CASE, SMB_CASE_SENSITIVE): 1857 * if SMB_CASE_SENSITIVE is set, the SMB_IGNORE_CASE flag will NOT be set 1858 * based on the tree's case sensitivity. However, if the SMB_IGNORE_CASE 1859 * flag is set in the flags value passed as a parameter, a case insensitive 1860 * lookup WILL be done (regardless of whether SMB_CASE_SENSITIVE is set 1861 * or not). 1862 */ 1863 int 1864 smb_fsop_lookup( 1865 smb_request_t *sr, 1866 cred_t *cr, 1867 int flags, 1868 smb_node_t *root_node, 1869 smb_node_t *dnode, 1870 char *name, 1871 smb_node_t **ret_snode) 1872 { 1873 smb_node_t *lnk_target_node; 1874 smb_node_t *lnk_dnode; 1875 char *longname; 1876 char *od_name; 1877 vnode_t *vp; 1878 int rc; 1879 int ret_flags; 1880 smb_attr_t attr; 1881 1882 ASSERT(cr); 1883 ASSERT(dnode); 1884 ASSERT(dnode->n_magic == SMB_NODE_MAGIC); 1885 ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING); 1886 1887 if (name == NULL) 1888 return (EINVAL); 1889 1890 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0) 1891 return (EACCES); 1892 1893 if (!(flags & SMB_CASE_SENSITIVE)) { 1894 if (SMB_TREE_IS_CASEINSENSITIVE(sr)) 1895 flags |= SMB_IGNORE_CASE; 1896 } 1897 if (SMB_TREE_SUPPORTS_CATIA(sr)) 1898 flags |= SMB_CATIA; 1899 if (SMB_TREE_SUPPORTS_ABE(sr)) 1900 flags |= SMB_ABE; 1901 1902 /* 1903 * Can have "" or "." when opening named streams on a directory. 1904 */ 1905 if (name[0] == '\0' || (name[0] == '.' && name[1] == '\0')) { 1906 smb_node_ref(dnode); 1907 *ret_snode = dnode; 1908 return (0); 1909 } 1910 1911 od_name = kmem_alloc(MAXNAMELEN, KM_SLEEP); 1912 1913 rc = smb_vop_lookup(dnode->vp, name, &vp, od_name, flags, 1914 &ret_flags, root_node ? root_node->vp : NULL, &attr, cr); 1915 1916 if (rc != 0) { 1917 if (!SMB_TREE_SUPPORTS_SHORTNAMES(sr) || 1918 !smb_maybe_mangled(name)) { 1919 kmem_free(od_name, MAXNAMELEN); 1920 return (rc); 1921 } 1922 1923 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 1924 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags); 1925 if (rc != 0) { 1926 kmem_free(od_name, MAXNAMELEN); 1927 kmem_free(longname, MAXNAMELEN); 1928 return (rc); 1929 } 1930 1931 /* 1932 * longname is the real (case-sensitive) 1933 * on-disk name. 1934 * We make sure we do a lookup on this exact 1935 * name, as the name was mangled and denotes 1936 * a unique file. 1937 */ 1938 1939 if (flags & SMB_IGNORE_CASE) 1940 flags &= ~SMB_IGNORE_CASE; 1941 1942 rc = smb_vop_lookup(dnode->vp, longname, &vp, od_name, 1943 flags, &ret_flags, root_node ? root_node->vp : NULL, &attr, 1944 cr); 1945 1946 kmem_free(longname, MAXNAMELEN); 1947 1948 if (rc != 0) { 1949 kmem_free(od_name, MAXNAMELEN); 1950 return (rc); 1951 } 1952 } 1953 1954 if ((flags & SMB_FOLLOW_LINKS) && (vp->v_type == VLNK) && 1955 ((attr.sa_dosattr & FILE_ATTRIBUTE_REPARSE_POINT) == 0)) { 1956 rc = smb_pathname(sr, od_name, FOLLOW, root_node, dnode, 1957 &lnk_dnode, &lnk_target_node, cr); 1958 1959 if (rc != 0) { 1960 /* 1961 * The link is assumed to be for the last component 1962 * of a path. Hence any ENOTDIR error will be returned 1963 * as ENOENT. 1964 */ 1965 if (rc == ENOTDIR) 1966 rc = ENOENT; 1967 1968 VN_RELE(vp); 1969 kmem_free(od_name, MAXNAMELEN); 1970 return (rc); 1971 } 1972 1973 /* 1974 * Release the original VLNK vnode 1975 */ 1976 1977 VN_RELE(vp); 1978 vp = lnk_target_node->vp; 1979 1980 rc = smb_vop_traverse_check(&vp); 1981 1982 if (rc != 0) { 1983 smb_node_release(lnk_dnode); 1984 smb_node_release(lnk_target_node); 1985 kmem_free(od_name, MAXNAMELEN); 1986 return (rc); 1987 } 1988 1989 /* 1990 * smb_vop_traverse_check() may have returned a different vnode 1991 */ 1992 1993 if (lnk_target_node->vp == vp) { 1994 *ret_snode = lnk_target_node; 1995 } else { 1996 *ret_snode = smb_node_lookup(sr, NULL, cr, vp, 1997 lnk_target_node->od_name, lnk_dnode, NULL); 1998 VN_RELE(vp); 1999 2000 if (*ret_snode == NULL) 2001 rc = ENOMEM; 2002 smb_node_release(lnk_target_node); 2003 } 2004 2005 smb_node_release(lnk_dnode); 2006 2007 } else { 2008 2009 rc = smb_vop_traverse_check(&vp); 2010 if (rc) { 2011 VN_RELE(vp); 2012 kmem_free(od_name, MAXNAMELEN); 2013 return (rc); 2014 } 2015 2016 *ret_snode = smb_node_lookup(sr, NULL, cr, vp, od_name, 2017 dnode, NULL); 2018 VN_RELE(vp); 2019 2020 if (*ret_snode == NULL) 2021 rc = ENOMEM; 2022 } 2023 2024 kmem_free(od_name, MAXNAMELEN); 2025 return (rc); 2026 } 2027 2028 int /*ARGSUSED*/ 2029 smb_fsop_commit(smb_request_t *sr, cred_t *cr, smb_node_t *snode) 2030 { 2031 ASSERT(cr); 2032 ASSERT(snode); 2033 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 2034 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 2035 2036 ASSERT(sr); 2037 ASSERT(sr->tid_tree); 2038 if (SMB_TREE_IS_READONLY(sr)) 2039 return (EROFS); 2040 2041 return (smb_vop_commit(snode->vp, cr)); 2042 } 2043 2044 /* 2045 * smb_fsop_aclread 2046 * 2047 * Retrieve filesystem ACL. Depends on requested ACLs in 2048 * fs_sd->sd_secinfo, it'll set DACL and SACL pointers in 2049 * fs_sd. Note that requesting a DACL/SACL doesn't mean that 2050 * the corresponding field in fs_sd should be non-NULL upon 2051 * return, since the target ACL might not contain that type of 2052 * entries. 2053 * 2054 * Returned ACL is always in ACE_T (aka ZFS) format. 2055 * If successful the allocated memory for the ACL should be freed 2056 * using smb_fsacl_free() or smb_fssd_term() 2057 */ 2058 int 2059 smb_fsop_aclread(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 2060 smb_fssd_t *fs_sd) 2061 { 2062 int error = 0; 2063 int flags = 0; 2064 int access = 0; 2065 acl_t *acl; 2066 2067 ASSERT(cr); 2068 2069 /* Can't query security on named streams */ 2070 if (SMB_IS_STREAM(snode) != NULL) 2071 return (EINVAL); 2072 2073 if (SMB_TREE_HAS_ACCESS(sr, ACE_READ_ACL) == 0) 2074 return (EACCES); 2075 2076 if (sr->fid_ofile) { 2077 if (fs_sd->sd_secinfo & SMB_DACL_SECINFO) 2078 access = READ_CONTROL; 2079 2080 if (fs_sd->sd_secinfo & SMB_SACL_SECINFO) 2081 access |= ACCESS_SYSTEM_SECURITY; 2082 2083 error = smb_ofile_access(sr->fid_ofile, cr, access); 2084 if (error != NT_STATUS_SUCCESS) { 2085 return (EACCES); 2086 } 2087 } 2088 2089 2090 if (smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACEMASKONACCESS)) 2091 flags = ATTR_NOACLCHECK; 2092 2093 error = smb_vop_acl_read(snode->vp, &acl, flags, 2094 sr->tid_tree->t_acltype, cr); 2095 if (error != 0) { 2096 return (error); 2097 } 2098 2099 error = acl_translate(acl, _ACL_ACE_ENABLED, 2100 smb_node_is_dir(snode), fs_sd->sd_uid, fs_sd->sd_gid); 2101 2102 if (error == 0) { 2103 smb_fsacl_split(acl, &fs_sd->sd_zdacl, &fs_sd->sd_zsacl, 2104 fs_sd->sd_secinfo); 2105 } 2106 2107 acl_free(acl); 2108 return (error); 2109 } 2110 2111 /* 2112 * smb_fsop_aclwrite 2113 * 2114 * Stores the filesystem ACL provided in fs_sd->sd_acl. 2115 */ 2116 int 2117 smb_fsop_aclwrite(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 2118 smb_fssd_t *fs_sd) 2119 { 2120 int target_flavor; 2121 int error = 0; 2122 int flags = 0; 2123 int access = 0; 2124 acl_t *acl, *dacl, *sacl; 2125 2126 ASSERT(cr); 2127 2128 ASSERT(sr); 2129 ASSERT(sr->tid_tree); 2130 if (SMB_TREE_IS_READONLY(sr)) 2131 return (EROFS); 2132 2133 /* Can't set security on named streams */ 2134 if (SMB_IS_STREAM(snode) != NULL) 2135 return (EINVAL); 2136 2137 if (SMB_TREE_HAS_ACCESS(sr, ACE_WRITE_ACL) == 0) 2138 return (EACCES); 2139 2140 if (sr->fid_ofile) { 2141 if (fs_sd->sd_secinfo & SMB_DACL_SECINFO) 2142 access = WRITE_DAC; 2143 2144 if (fs_sd->sd_secinfo & SMB_SACL_SECINFO) 2145 access |= ACCESS_SYSTEM_SECURITY; 2146 2147 error = smb_ofile_access(sr->fid_ofile, cr, access); 2148 if (error != NT_STATUS_SUCCESS) 2149 return (EACCES); 2150 } 2151 2152 switch (sr->tid_tree->t_acltype) { 2153 case ACLENT_T: 2154 target_flavor = _ACL_ACLENT_ENABLED; 2155 break; 2156 2157 case ACE_T: 2158 target_flavor = _ACL_ACE_ENABLED; 2159 break; 2160 default: 2161 return (EINVAL); 2162 } 2163 2164 dacl = fs_sd->sd_zdacl; 2165 sacl = fs_sd->sd_zsacl; 2166 2167 ASSERT(dacl || sacl); 2168 if ((dacl == NULL) && (sacl == NULL)) 2169 return (EINVAL); 2170 2171 if (dacl && sacl) 2172 acl = smb_fsacl_merge(dacl, sacl); 2173 else if (dacl) 2174 acl = dacl; 2175 else 2176 acl = sacl; 2177 2178 error = acl_translate(acl, target_flavor, smb_node_is_dir(snode), 2179 fs_sd->sd_uid, fs_sd->sd_gid); 2180 if (error == 0) { 2181 if (smb_tree_has_feature(sr->tid_tree, 2182 SMB_TREE_ACEMASKONACCESS)) 2183 flags = ATTR_NOACLCHECK; 2184 2185 error = smb_vop_acl_write(snode->vp, acl, flags, cr); 2186 } 2187 2188 if (dacl && sacl) 2189 acl_free(acl); 2190 2191 return (error); 2192 } 2193 2194 acl_type_t 2195 smb_fsop_acltype(smb_node_t *snode) 2196 { 2197 return (smb_vop_acl_type(snode->vp)); 2198 } 2199 2200 /* 2201 * smb_fsop_sdread 2202 * 2203 * Read the requested security descriptor items from filesystem. 2204 * The items are specified in fs_sd->sd_secinfo. 2205 */ 2206 int 2207 smb_fsop_sdread(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 2208 smb_fssd_t *fs_sd) 2209 { 2210 int error = 0; 2211 int getowner = 0; 2212 cred_t *ga_cred; 2213 smb_attr_t attr; 2214 2215 ASSERT(cr); 2216 ASSERT(fs_sd); 2217 2218 /* Can't query security on named streams */ 2219 if (SMB_IS_STREAM(snode) != NULL) 2220 return (EINVAL); 2221 2222 /* 2223 * File's uid/gid is fetched in two cases: 2224 * 2225 * 1. it's explicitly requested 2226 * 2227 * 2. target ACL is ACE_T (ZFS ACL). They're needed for 2228 * owner@/group@ entries. In this case kcred should be used 2229 * because uid/gid are fetched on behalf of smb server. 2230 */ 2231 if (fs_sd->sd_secinfo & (SMB_OWNER_SECINFO | SMB_GROUP_SECINFO)) { 2232 getowner = 1; 2233 ga_cred = cr; 2234 } else if (sr->tid_tree->t_acltype == ACE_T) { 2235 getowner = 1; 2236 ga_cred = zone_kcred(); 2237 } 2238 2239 if (getowner) { 2240 /* 2241 * Windows require READ_CONTROL to read owner/group SID since 2242 * they're part of Security Descriptor. 2243 * ZFS only requires read_attribute. Need to have a explicit 2244 * access check here. 2245 */ 2246 if (sr->fid_ofile == NULL) { 2247 error = smb_fsop_access(sr, ga_cred, snode, 2248 READ_CONTROL); 2249 if (error) 2250 return (EACCES); 2251 } 2252 2253 attr.sa_mask = SMB_AT_UID | SMB_AT_GID; 2254 error = smb_fsop_getattr(sr, ga_cred, snode, &attr); 2255 if (error == 0) { 2256 fs_sd->sd_uid = attr.sa_vattr.va_uid; 2257 fs_sd->sd_gid = attr.sa_vattr.va_gid; 2258 } else { 2259 return (error); 2260 } 2261 } 2262 2263 if (fs_sd->sd_secinfo & SMB_ACL_SECINFO) { 2264 error = smb_fsop_aclread(sr, cr, snode, fs_sd); 2265 } 2266 2267 return (error); 2268 } 2269 2270 /* 2271 * smb_fsop_sdmerge 2272 * 2273 * From SMB point of view DACL and SACL are two separate list 2274 * which can be manipulated independently without one affecting 2275 * the other, but entries for both DACL and SACL will end up 2276 * in the same ACL if target filesystem supports ACE_T ACLs. 2277 * 2278 * So, if either DACL or SACL is present in the client set request 2279 * the entries corresponding to the non-present ACL shouldn't 2280 * be touched in the FS ACL. 2281 * 2282 * fs_sd parameter contains DACL and SACL specified by SMB 2283 * client to be set on a file/directory. The client could 2284 * specify both or one of these ACLs (if none is specified 2285 * we don't get this far). When both DACL and SACL are given 2286 * by client the existing ACL should be overwritten. If only 2287 * one of them is specified the entries corresponding to the other 2288 * ACL should not be touched. For example, if only DACL 2289 * is specified in input fs_sd, the function reads audit entries 2290 * of the existing ACL of the file and point fs_sd->sd_zsdacl 2291 * pointer to the fetched SACL, this way when smb_fsop_sdwrite() 2292 * function is called the passed fs_sd would point to the specified 2293 * DACL by client and fetched SACL from filesystem, so the file 2294 * will end up with correct ACL. 2295 */ 2296 static int 2297 smb_fsop_sdmerge(smb_request_t *sr, smb_node_t *snode, smb_fssd_t *fs_sd) 2298 { 2299 smb_fssd_t cur_sd; 2300 cred_t *kcr = zone_kcred(); 2301 int error = 0; 2302 2303 if (sr->tid_tree->t_acltype != ACE_T) 2304 /* Don't bother if target FS doesn't support ACE_T */ 2305 return (0); 2306 2307 if ((fs_sd->sd_secinfo & SMB_ACL_SECINFO) != SMB_ACL_SECINFO) { 2308 if (fs_sd->sd_secinfo & SMB_DACL_SECINFO) { 2309 /* 2310 * Don't overwrite existing audit entries 2311 */ 2312 smb_fssd_init(&cur_sd, SMB_SACL_SECINFO, 2313 fs_sd->sd_flags); 2314 2315 error = smb_fsop_sdread(sr, kcr, snode, &cur_sd); 2316 if (error == 0) { 2317 ASSERT(fs_sd->sd_zsacl == NULL); 2318 fs_sd->sd_zsacl = cur_sd.sd_zsacl; 2319 if (fs_sd->sd_zsacl && fs_sd->sd_zdacl) 2320 fs_sd->sd_zsacl->acl_flags = 2321 fs_sd->sd_zdacl->acl_flags; 2322 } 2323 } else { 2324 /* 2325 * Don't overwrite existing access entries 2326 */ 2327 smb_fssd_init(&cur_sd, SMB_DACL_SECINFO, 2328 fs_sd->sd_flags); 2329 2330 error = smb_fsop_sdread(sr, kcr, snode, &cur_sd); 2331 if (error == 0) { 2332 ASSERT(fs_sd->sd_zdacl == NULL); 2333 fs_sd->sd_zdacl = cur_sd.sd_zdacl; 2334 if (fs_sd->sd_zdacl && fs_sd->sd_zsacl) 2335 fs_sd->sd_zdacl->acl_flags = 2336 fs_sd->sd_zsacl->acl_flags; 2337 } 2338 } 2339 2340 if (error) 2341 smb_fssd_term(&cur_sd); 2342 } 2343 2344 return (error); 2345 } 2346 2347 /* 2348 * smb_fsop_sdwrite 2349 * 2350 * Stores the given uid, gid and acl in filesystem. 2351 * Provided items in fs_sd are specified by fs_sd->sd_secinfo. 2352 * 2353 * A SMB security descriptor could contain owner, primary group, 2354 * DACL and SACL. Setting an SD should be atomic but here it has to 2355 * be done via two separate FS operations: VOP_SETATTR and 2356 * VOP_SETSECATTR. Therefore, this function has to simulate the 2357 * atomicity as well as it can. 2358 * 2359 * Get the current uid, gid before setting the new uid/gid 2360 * so if smb_fsop_aclwrite fails they can be restored. root cred is 2361 * used to get currend uid/gid since this operation is performed on 2362 * behalf of the server not the user. 2363 * 2364 * If setting uid/gid fails with EPERM it means that and invalid 2365 * owner has been specified. Callers should translate this to 2366 * STATUS_INVALID_OWNER which is not the normal mapping for EPERM 2367 * in upper layers, so EPERM is mapped to EBADE. 2368 */ 2369 int 2370 smb_fsop_sdwrite(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 2371 smb_fssd_t *fs_sd, int overwrite) 2372 { 2373 smb_attr_t set_attr; 2374 smb_attr_t orig_attr; 2375 cred_t *kcr = zone_kcred(); 2376 int error = 0; 2377 int access = 0; 2378 2379 ASSERT(cr); 2380 ASSERT(fs_sd); 2381 2382 ASSERT(sr); 2383 ASSERT(sr->tid_tree); 2384 if (SMB_TREE_IS_READONLY(sr)) 2385 return (EROFS); 2386 2387 /* Can't set security on named streams */ 2388 if (SMB_IS_STREAM(snode) != NULL) 2389 return (EINVAL); 2390 2391 bzero(&set_attr, sizeof (smb_attr_t)); 2392 2393 if (fs_sd->sd_secinfo & SMB_OWNER_SECINFO) { 2394 set_attr.sa_vattr.va_uid = fs_sd->sd_uid; 2395 set_attr.sa_mask |= SMB_AT_UID; 2396 access |= WRITE_OWNER; 2397 } 2398 2399 if (fs_sd->sd_secinfo & SMB_GROUP_SECINFO) { 2400 set_attr.sa_vattr.va_gid = fs_sd->sd_gid; 2401 set_attr.sa_mask |= SMB_AT_GID; 2402 access |= WRITE_OWNER; 2403 } 2404 2405 if (fs_sd->sd_secinfo & SMB_DACL_SECINFO) 2406 access |= WRITE_DAC; 2407 2408 if (fs_sd->sd_secinfo & SMB_SACL_SECINFO) 2409 access |= ACCESS_SYSTEM_SECURITY; 2410 2411 if (sr->fid_ofile) 2412 error = smb_ofile_access(sr->fid_ofile, cr, access); 2413 else 2414 error = smb_fsop_access(sr, cr, snode, access); 2415 2416 if (error) 2417 return (EACCES); 2418 2419 if (set_attr.sa_mask) { 2420 orig_attr.sa_mask = SMB_AT_UID | SMB_AT_GID; 2421 error = smb_fsop_getattr(sr, kcr, snode, &orig_attr); 2422 if (error == 0) { 2423 error = smb_fsop_setattr(sr, cr, snode, &set_attr); 2424 if (error == EPERM) 2425 error = EBADE; 2426 } 2427 2428 if (error) 2429 return (error); 2430 } 2431 2432 if (fs_sd->sd_secinfo & SMB_ACL_SECINFO) { 2433 if (overwrite == 0) { 2434 error = smb_fsop_sdmerge(sr, snode, fs_sd); 2435 if (error) 2436 return (error); 2437 } 2438 2439 error = smb_fsop_aclwrite(sr, cr, snode, fs_sd); 2440 if (error) { 2441 /* 2442 * Revert uid/gid changes if required. 2443 */ 2444 if (set_attr.sa_mask) { 2445 orig_attr.sa_mask = set_attr.sa_mask; 2446 (void) smb_fsop_setattr(sr, kcr, snode, 2447 &orig_attr); 2448 } 2449 } 2450 } 2451 2452 return (error); 2453 } 2454 2455 #ifdef _KERNEL 2456 /* 2457 * smb_fsop_sdinherit 2458 * 2459 * Inherit the security descriptor from the parent container. 2460 * This function is called after FS has created the file/folder 2461 * so if this doesn't do anything it means FS inheritance is 2462 * in place. 2463 * 2464 * Do inheritance for ZFS internally. 2465 * 2466 * If we want to let ZFS does the inheritance the 2467 * following setting should be true: 2468 * 2469 * - aclinherit = passthrough 2470 * - aclmode = passthrough 2471 * - smbd umask = 0777 2472 * 2473 * This will result in right effective permissions but 2474 * ZFS will always add 6 ACEs for owner, owning group 2475 * and others to be POSIX compliant. This is not what 2476 * Windows clients/users expect, so we decided that CIFS 2477 * implements Windows rules and overwrite whatever ZFS 2478 * comes up with. This way we also don't have to care 2479 * about ZFS aclinherit and aclmode settings. 2480 */ 2481 static int 2482 smb_fsop_sdinherit(smb_request_t *sr, smb_node_t *dnode, smb_fssd_t *fs_sd) 2483 { 2484 acl_t *dacl = NULL; 2485 acl_t *sacl = NULL; 2486 int is_dir; 2487 int error; 2488 2489 ASSERT(fs_sd); 2490 2491 if (sr->tid_tree->t_acltype != ACE_T) { 2492 /* 2493 * No forced inheritance for non-ZFS filesystems. 2494 */ 2495 fs_sd->sd_secinfo = 0; 2496 return (0); 2497 } 2498 2499 2500 /* Fetch parent directory's ACL */ 2501 error = smb_fsop_sdread(sr, zone_kcred(), dnode, fs_sd); 2502 if (error) { 2503 return (error); 2504 } 2505 2506 is_dir = (fs_sd->sd_flags & SMB_FSSD_FLAGS_DIR); 2507 dacl = smb_fsacl_inherit(fs_sd->sd_zdacl, is_dir, SMB_DACL_SECINFO, 2508 sr->user_cr); 2509 sacl = smb_fsacl_inherit(fs_sd->sd_zsacl, is_dir, SMB_SACL_SECINFO, 2510 sr->user_cr); 2511 2512 if (sacl == NULL) 2513 fs_sd->sd_secinfo &= ~SMB_SACL_SECINFO; 2514 2515 smb_fsacl_free(fs_sd->sd_zdacl); 2516 smb_fsacl_free(fs_sd->sd_zsacl); 2517 2518 fs_sd->sd_zdacl = dacl; 2519 fs_sd->sd_zsacl = sacl; 2520 2521 return (0); 2522 } 2523 #endif /* _KERNEL */ 2524 2525 /* 2526 * smb_fsop_eaccess 2527 * 2528 * Returns the effective permission of the given credential for the 2529 * specified object. 2530 * 2531 * This is just a workaround. We need VFS/FS support for this. 2532 */ 2533 void 2534 smb_fsop_eaccess(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 2535 uint32_t *eaccess) 2536 { 2537 int access = 0; 2538 vnode_t *dir_vp; 2539 smb_node_t *unnamed_node; 2540 2541 ASSERT(cr); 2542 ASSERT(snode); 2543 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 2544 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 2545 2546 unnamed_node = SMB_IS_STREAM(snode); 2547 if (unnamed_node) { 2548 ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC); 2549 ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING); 2550 /* 2551 * Streams authorization should be performed against the 2552 * unnamed stream. 2553 */ 2554 snode = unnamed_node; 2555 } 2556 2557 if (smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACEMASKONACCESS)) { 2558 dir_vp = (snode->n_dnode) ? snode->n_dnode->vp : NULL; 2559 smb_vop_eaccess(snode->vp, (int *)eaccess, V_ACE_MASK, dir_vp, 2560 cr); 2561 return; 2562 } 2563 2564 /* 2565 * FS doesn't understand 32-bit mask 2566 */ 2567 smb_vop_eaccess(snode->vp, &access, 0, NULL, cr); 2568 access &= sr->tid_tree->t_access; 2569 2570 *eaccess = READ_CONTROL | FILE_READ_EA | FILE_READ_ATTRIBUTES; 2571 2572 if (access & VREAD) 2573 *eaccess |= FILE_READ_DATA; 2574 2575 if (access & VEXEC) 2576 *eaccess |= FILE_EXECUTE; 2577 2578 if (access & VWRITE) 2579 *eaccess |= FILE_WRITE_DATA | FILE_WRITE_ATTRIBUTES | 2580 FILE_WRITE_EA | FILE_APPEND_DATA | FILE_DELETE_CHILD; 2581 } 2582 2583 /* 2584 * smb_fsop_shrlock 2585 * 2586 * For the current open request, check file sharing rules 2587 * against existing opens. 2588 * 2589 * Returns NT_STATUS_SHARING_VIOLATION if there is any 2590 * sharing conflict. Returns NT_STATUS_SUCCESS otherwise. 2591 * 2592 * Full system-wide share reservation synchronization is available 2593 * when the nbmand (non-blocking mandatory) mount option is set 2594 * (i.e. nbl_need_crit() is true) and nbmand critical regions are used. 2595 * This provides synchronization with NFS and local processes. The 2596 * critical regions are entered in VOP_SHRLOCK()/fs_shrlock() (called 2597 * from smb_open_subr()/smb_fsop_shrlock()/smb_vop_shrlock()) as well 2598 * as the CIFS rename and delete paths. 2599 * 2600 * The CIFS server will also enter the nbl critical region in the open, 2601 * rename, and delete paths when nbmand is not set. There is limited 2602 * coordination with local and VFS share reservations in this case. 2603 * Note that when the nbmand mount option is not set, the VFS layer 2604 * only processes advisory reservations and the delete mode is not checked. 2605 * 2606 * Whether or not the nbmand mount option is set, intra-CIFS share 2607 * checking is done in the open, delete, and rename paths using a CIFS 2608 * critical region (node->n_share_lock). 2609 */ 2610 uint32_t 2611 smb_fsop_shrlock(cred_t *cr, smb_node_t *node, uint32_t uniq_fid, 2612 uint32_t desired_access, uint32_t share_access) 2613 { 2614 int rc; 2615 2616 /* Allow access if the request is just for meta data */ 2617 if ((desired_access & FILE_DATA_ALL) == 0) 2618 return (NT_STATUS_SUCCESS); 2619 2620 rc = smb_node_open_check(node, desired_access, share_access); 2621 if (rc) 2622 return (NT_STATUS_SHARING_VIOLATION); 2623 2624 rc = smb_vop_shrlock(node->vp, uniq_fid, desired_access, share_access, 2625 cr); 2626 if (rc) 2627 return (NT_STATUS_SHARING_VIOLATION); 2628 2629 return (NT_STATUS_SUCCESS); 2630 } 2631 2632 void 2633 smb_fsop_unshrlock(cred_t *cr, smb_node_t *node, uint32_t uniq_fid) 2634 { 2635 (void) smb_vop_unshrlock(node->vp, uniq_fid, cr); 2636 } 2637 2638 int 2639 smb_fsop_frlock(smb_node_t *node, smb_lock_t *lock, boolean_t unlock, 2640 cred_t *cr) 2641 { 2642 flock64_t bf; 2643 int flag = F_REMOTELOCK; 2644 2645 /* 2646 * VOP_FRLOCK() will not be called if: 2647 * 2648 * 1) The lock has a range of zero bytes. The semantics of Windows and 2649 * POSIX are different. In the case of POSIX it asks for the locking 2650 * of all the bytes from the offset provided until the end of the 2651 * file. In the case of Windows a range of zero locks nothing and 2652 * doesn't conflict with any other lock. 2653 * 2654 * 2) The lock rolls over (start + lenght < start). Solaris will assert 2655 * if such a request is submitted. This will not create 2656 * incompatibilities between POSIX and Windows. In the Windows world, 2657 * if a client submits such a lock, the server will not lock any 2658 * bytes. Interestingly if the same lock (same offset and length) is 2659 * resubmitted Windows will consider that there is an overlap and 2660 * the granting rules will then apply. 2661 * 2662 * 3) The SMB-level process IDs (smb_pid) are not passed down to the 2663 * POSIX level in l_pid because (a) the rules about lock PIDs are 2664 * different in SMB, and (b) we're putting our ofile f_uniqid in 2665 * the POSIX l_pid field to segregate locks per SMB ofile. 2666 * (We're also using a "remote" system ID in l_sysid.) 2667 * All SMB locking PIDs are handled at the SMB level and 2668 * not exposed in POSIX locking. 2669 */ 2670 if ((lock->l_length == 0) || 2671 ((lock->l_start + lock->l_length - 1) < lock->l_start)) 2672 return (0); 2673 2674 bzero(&bf, sizeof (bf)); 2675 2676 if (unlock) { 2677 bf.l_type = F_UNLCK; 2678 } else if (lock->l_type == SMB_LOCK_TYPE_READONLY) { 2679 bf.l_type = F_RDLCK; 2680 flag |= FREAD; 2681 } else if (lock->l_type == SMB_LOCK_TYPE_READWRITE) { 2682 bf.l_type = F_WRLCK; 2683 flag |= FWRITE; 2684 } 2685 2686 bf.l_start = lock->l_start; 2687 bf.l_len = lock->l_length; 2688 bf.l_pid = lock->l_file->f_uniqid; 2689 bf.l_sysid = smb_ct.cc_sysid; 2690 2691 return (smb_vop_frlock(node->vp, cr, flag, &bf)); 2692 } 2693