1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 23 * Copyright 2018 Nexenta Systems, Inc. All rights reserved. 24 */ 25 26 #include <sys/sid.h> 27 #include <sys/nbmlock.h> 28 #include <smbsrv/smb_fsops.h> 29 #include <smbsrv/smb_kproto.h> 30 #include <acl/acl_common.h> 31 #include <sys/fcntl.h> 32 #include <sys/filio.h> 33 #include <sys/flock.h> 34 #include <fs/fs_subr.h> 35 36 extern caller_context_t smb_ct; 37 38 static int smb_fsop_create_stream(smb_request_t *, cred_t *, smb_node_t *, 39 char *, char *, int, smb_attr_t *, smb_node_t **); 40 41 static int smb_fsop_create_file(smb_request_t *, cred_t *, smb_node_t *, 42 char *, int, smb_attr_t *, smb_node_t **); 43 44 #ifdef _KERNEL 45 static int smb_fsop_create_with_sd(smb_request_t *, cred_t *, smb_node_t *, 46 char *, smb_attr_t *, smb_node_t **, smb_fssd_t *); 47 static int smb_fsop_sdinherit(smb_request_t *, smb_node_t *, smb_fssd_t *); 48 #endif /* _KERNEL */ 49 50 /* 51 * The smb_fsop_* functions have knowledge of CIFS semantics. 52 * 53 * The smb_vop_* functions have minimal knowledge of CIFS semantics and 54 * serve as an interface to the VFS layer. 55 * 56 * Hence, smb_request_t and smb_node_t structures should not be passed 57 * from the smb_fsop_* layer to the smb_vop_* layer. 58 * 59 * In general, CIFS service code should only ever call smb_fsop_* 60 * functions directly, and never smb_vop_* functions directly. 61 * 62 * smb_fsop_* functions should call smb_vop_* functions where possible, instead 63 * of their smb_fsop_* counterparts. However, there are times when 64 * this cannot be avoided. 65 */ 66 67 /* 68 * Note: Stream names cannot be mangled. 69 */ 70 71 /* 72 * smb_fsop_amask_to_omode 73 * 74 * Convert the access mask to the open mode (for use 75 * with the VOP_OPEN call). 76 * 77 * Note that opening a file for attribute only access 78 * will also translate into an FREAD or FWRITE open mode 79 * (i.e., it's not just for data). 80 * 81 * This is needed so that opens are tracked appropriately 82 * for oplock processing. 83 */ 84 85 int 86 smb_fsop_amask_to_omode(uint32_t access) 87 { 88 int mode = 0; 89 90 if (access & (FILE_READ_DATA | FILE_EXECUTE | 91 FILE_READ_ATTRIBUTES | FILE_READ_EA)) 92 mode |= FREAD; 93 94 if (access & (FILE_WRITE_DATA | FILE_APPEND_DATA | 95 FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA)) 96 mode |= FWRITE; 97 98 if (access & FILE_APPEND_DATA) 99 mode |= FAPPEND; 100 101 return (mode); 102 } 103 104 int 105 smb_fsop_open(smb_node_t *node, int mode, cred_t *cred) 106 { 107 /* 108 * Assuming that the same vnode is returned as we had before. 109 * (I.e., with certain types of files or file systems, a 110 * different vnode might be returned by VOP_OPEN) 111 */ 112 return (smb_vop_open(&node->vp, mode, cred)); 113 } 114 115 void 116 smb_fsop_close(smb_node_t *node, int mode, cred_t *cred) 117 { 118 smb_vop_close(node->vp, mode, cred); 119 } 120 121 #ifdef _KERNEL 122 static int 123 smb_fsop_create_with_sd(smb_request_t *sr, cred_t *cr, 124 smb_node_t *dnode, char *name, 125 smb_attr_t *attr, smb_node_t **ret_snode, smb_fssd_t *fs_sd) 126 { 127 vsecattr_t *vsap; 128 vsecattr_t vsecattr; 129 smb_attr_t set_attr; 130 acl_t *acl, *dacl, *sacl; 131 vnode_t *vp; 132 cred_t *kcr = zone_kcred(); 133 int aclbsize = 0; /* size of acl list in bytes */ 134 int flags = 0; 135 int rc; 136 boolean_t is_dir; 137 138 ASSERT(fs_sd); 139 140 if (SMB_TREE_IS_CASEINSENSITIVE(sr)) 141 flags = SMB_IGNORE_CASE; 142 if (SMB_TREE_SUPPORTS_CATIA(sr)) 143 flags |= SMB_CATIA; 144 145 ASSERT(cr); 146 147 is_dir = ((fs_sd->sd_flags & SMB_FSSD_FLAGS_DIR) != 0); 148 149 if (smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACLONCREATE)) { 150 if (fs_sd->sd_secinfo & SMB_ACL_SECINFO) { 151 dacl = fs_sd->sd_zdacl; 152 sacl = fs_sd->sd_zsacl; 153 ASSERT(dacl || sacl); 154 if (dacl && sacl) { 155 acl = smb_fsacl_merge(dacl, sacl); 156 } else if (dacl) { 157 acl = dacl; 158 } else { 159 acl = sacl; 160 } 161 162 rc = smb_fsacl_to_vsa(acl, &vsecattr, &aclbsize); 163 164 if (dacl && sacl) 165 acl_free(acl); 166 167 if (rc != 0) 168 return (rc); 169 170 vsap = &vsecattr; 171 } else { 172 vsap = NULL; 173 } 174 175 /* The tree ACEs may prevent a create */ 176 rc = EACCES; 177 if (is_dir) { 178 if (SMB_TREE_HAS_ACCESS(sr, ACE_ADD_SUBDIRECTORY) != 0) 179 rc = smb_vop_mkdir(dnode->vp, name, attr, 180 &vp, flags, cr, vsap); 181 } else { 182 if (SMB_TREE_HAS_ACCESS(sr, ACE_ADD_FILE) != 0) 183 rc = smb_vop_create(dnode->vp, name, attr, 184 &vp, flags, cr, vsap); 185 } 186 187 if (vsap != NULL) 188 kmem_free(vsap->vsa_aclentp, aclbsize); 189 190 if (rc != 0) 191 return (rc); 192 193 set_attr.sa_mask = 0; 194 195 /* 196 * Ideally we should be able to specify the owner and owning 197 * group at create time along with the ACL. Since we cannot 198 * do that right now, kcred is passed to smb_vop_setattr so it 199 * doesn't fail due to lack of permission. 200 */ 201 if (fs_sd->sd_secinfo & SMB_OWNER_SECINFO) { 202 set_attr.sa_vattr.va_uid = fs_sd->sd_uid; 203 set_attr.sa_mask |= SMB_AT_UID; 204 } 205 206 if (fs_sd->sd_secinfo & SMB_GROUP_SECINFO) { 207 set_attr.sa_vattr.va_gid = fs_sd->sd_gid; 208 set_attr.sa_mask |= SMB_AT_GID; 209 } 210 211 if (set_attr.sa_mask) 212 rc = smb_vop_setattr(vp, NULL, &set_attr, 0, kcr); 213 214 if (rc == 0) { 215 *ret_snode = smb_node_lookup(sr, &sr->arg.open, cr, vp, 216 name, dnode, NULL); 217 218 if (*ret_snode == NULL) 219 rc = ENOMEM; 220 221 VN_RELE(vp); 222 } 223 } else { 224 /* 225 * For filesystems that don't support ACL-on-create, try 226 * to set the specified SD after create, which could actually 227 * fail because of conflicts between inherited security 228 * attributes upon creation and the specified SD. 229 * 230 * Passing kcred to smb_fsop_sdwrite() to overcome this issue. 231 */ 232 233 if (is_dir) { 234 rc = smb_vop_mkdir(dnode->vp, name, attr, &vp, 235 flags, cr, NULL); 236 } else { 237 rc = smb_vop_create(dnode->vp, name, attr, &vp, 238 flags, cr, NULL); 239 } 240 241 if (rc != 0) 242 return (rc); 243 244 *ret_snode = smb_node_lookup(sr, &sr->arg.open, cr, vp, 245 name, dnode, NULL); 246 247 if (*ret_snode != NULL) { 248 if (!smb_tree_has_feature(sr->tid_tree, 249 SMB_TREE_NFS_MOUNTED)) 250 rc = smb_fsop_sdwrite(sr, kcr, *ret_snode, 251 fs_sd, 1); 252 } else { 253 rc = ENOMEM; 254 } 255 256 VN_RELE(vp); 257 } 258 259 if (rc != 0) { 260 if (is_dir) 261 (void) smb_vop_rmdir(dnode->vp, name, flags, cr); 262 else 263 (void) smb_vop_remove(dnode->vp, name, flags, cr); 264 } 265 266 return (rc); 267 } 268 #endif /* _KERNEL */ 269 270 /* 271 * smb_fsop_create 272 * 273 * All SMB functions should use this wrapper to ensure that 274 * all the smb_vop_creates are performed with the appropriate credentials. 275 * Please document any direct calls to explain the reason for avoiding 276 * this wrapper. 277 * 278 * *ret_snode is returned with a reference upon success. No reference is 279 * taken if an error is returned. 280 */ 281 int 282 smb_fsop_create(smb_request_t *sr, cred_t *cr, smb_node_t *dnode, 283 char *name, smb_attr_t *attr, smb_node_t **ret_snode) 284 { 285 int rc = 0; 286 int flags = 0; 287 char *fname, *sname; 288 char *longname = NULL; 289 290 ASSERT(cr); 291 ASSERT(dnode); 292 ASSERT(dnode->n_magic == SMB_NODE_MAGIC); 293 ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING); 294 295 ASSERT(ret_snode); 296 *ret_snode = 0; 297 298 ASSERT(name); 299 if (*name == 0) 300 return (EINVAL); 301 302 ASSERT(sr); 303 ASSERT(sr->tid_tree); 304 305 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0) 306 return (EACCES); 307 308 if (SMB_TREE_IS_READONLY(sr)) 309 return (EROFS); 310 311 if (SMB_TREE_IS_CASEINSENSITIVE(sr)) 312 flags = SMB_IGNORE_CASE; 313 if (SMB_TREE_SUPPORTS_CATIA(sr)) 314 flags |= SMB_CATIA; 315 if (SMB_TREE_SUPPORTS_ABE(sr)) 316 flags |= SMB_ABE; 317 318 if (smb_is_stream_name(name)) { 319 fname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 320 sname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 321 smb_stream_parse_name(name, fname, sname); 322 323 rc = smb_fsop_create_stream(sr, cr, dnode, 324 fname, sname, flags, attr, ret_snode); 325 326 kmem_free(fname, MAXNAMELEN); 327 kmem_free(sname, MAXNAMELEN); 328 return (rc); 329 } 330 331 /* Not a named stream */ 332 333 if (SMB_TREE_SUPPORTS_SHORTNAMES(sr) && smb_maybe_mangled(name)) { 334 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 335 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags); 336 kmem_free(longname, MAXNAMELEN); 337 338 if (rc == 0) 339 rc = EEXIST; 340 if (rc != ENOENT) 341 return (rc); 342 } 343 344 rc = smb_fsop_create_file(sr, cr, dnode, name, flags, 345 attr, ret_snode); 346 return (rc); 347 348 } 349 350 351 /* 352 * smb_fsop_create_stream 353 * 354 * Create NTFS named stream file (sname) on unnamed stream 355 * file (fname), creating the unnamed stream file if it 356 * doesn't exist. 357 * If we created the unnamed stream file and then creation 358 * of the named stream file fails, we delete the unnamed stream. 359 * Since we use the real file name for the smb_vop_remove we 360 * clear the SMB_IGNORE_CASE flag to ensure a case sensitive 361 * match. 362 * 363 * The second parameter of smb_vop_setattr() is set to 364 * NULL, even though an unnamed stream exists. This is 365 * because we want to set the UID and GID on the named 366 * stream in this case for consistency with the (unnamed 367 * stream) file (see comments for smb_vop_setattr()). 368 */ 369 static int 370 smb_fsop_create_stream(smb_request_t *sr, cred_t *cr, 371 smb_node_t *dnode, char *fname, char *sname, int flags, 372 smb_attr_t *attr, smb_node_t **ret_snode) 373 { 374 smb_attr_t fattr; 375 smb_node_t *fnode; 376 vnode_t *xattrdvp; 377 vnode_t *vp; 378 cred_t *kcr = zone_kcred(); 379 int rc = 0; 380 boolean_t fcreate = B_FALSE; 381 382 /* Look up / create the unnamed stream, fname */ 383 rc = smb_fsop_lookup(sr, cr, flags | SMB_FOLLOW_LINKS, 384 sr->tid_tree->t_snode, dnode, fname, &fnode); 385 if (rc == 0) { 386 if (smb_fsop_access(sr, sr->user_cr, fnode, 387 sr->sr_open.desired_access) != 0) 388 rc = EACCES; 389 } else if (rc == ENOENT) { 390 fcreate = B_TRUE; 391 rc = smb_fsop_create_file(sr, cr, dnode, fname, flags, 392 attr, &fnode); 393 } 394 if (rc != 0) 395 return (rc); 396 397 fattr.sa_mask = SMB_AT_UID | SMB_AT_GID; 398 rc = smb_vop_getattr(fnode->vp, NULL, &fattr, 0, kcr); 399 400 if (rc == 0) { 401 /* create the named stream, sname */ 402 rc = smb_vop_stream_create(fnode->vp, sname, attr, 403 &vp, &xattrdvp, flags, cr); 404 } 405 if (rc != 0) { 406 if (fcreate) { 407 flags &= ~SMB_IGNORE_CASE; 408 (void) smb_vop_remove(dnode->vp, 409 fnode->od_name, flags, cr); 410 } 411 smb_node_release(fnode); 412 return (rc); 413 } 414 415 attr->sa_vattr.va_uid = fattr.sa_vattr.va_uid; 416 attr->sa_vattr.va_gid = fattr.sa_vattr.va_gid; 417 attr->sa_mask = SMB_AT_UID | SMB_AT_GID; 418 419 rc = smb_vop_setattr(vp, NULL, attr, 0, kcr); 420 if (rc != 0) { 421 smb_node_release(fnode); 422 return (rc); 423 } 424 425 *ret_snode = smb_stream_node_lookup(sr, cr, fnode, xattrdvp, 426 vp, sname); 427 428 smb_node_release(fnode); 429 VN_RELE(xattrdvp); 430 VN_RELE(vp); 431 432 if (*ret_snode == NULL) 433 rc = ENOMEM; 434 435 /* notify change to the unnamed stream */ 436 if (rc == 0) 437 smb_node_notify_change(dnode, 438 FILE_ACTION_ADDED_STREAM, fname); 439 440 return (rc); 441 } 442 443 /* 444 * smb_fsop_create_file 445 */ 446 static int 447 smb_fsop_create_file(smb_request_t *sr, cred_t *cr, 448 smb_node_t *dnode, char *name, int flags, 449 smb_attr_t *attr, smb_node_t **ret_snode) 450 { 451 smb_arg_open_t *op = &sr->sr_open; 452 vnode_t *vp; 453 int rc; 454 455 #ifdef _KERNEL 456 smb_fssd_t fs_sd; 457 uint32_t secinfo; 458 uint32_t status; 459 460 if (op->sd) { 461 /* 462 * SD sent by client in Windows format. Needs to be 463 * converted to FS format. No inheritance. 464 */ 465 secinfo = smb_sd_get_secinfo(op->sd); 466 smb_fssd_init(&fs_sd, secinfo, 0); 467 468 status = smb_sd_tofs(op->sd, &fs_sd); 469 if (status == NT_STATUS_SUCCESS) { 470 rc = smb_fsop_create_with_sd(sr, cr, dnode, 471 name, attr, ret_snode, &fs_sd); 472 } else { 473 rc = EINVAL; 474 } 475 smb_fssd_term(&fs_sd); 476 } else if (sr->tid_tree->t_acltype == ACE_T) { 477 /* 478 * No incoming SD and filesystem is ZFS 479 * Server applies Windows inheritance rules, 480 * see smb_fsop_sdinherit() comments as to why. 481 */ 482 smb_fssd_init(&fs_sd, SMB_ACL_SECINFO, 0); 483 rc = smb_fsop_sdinherit(sr, dnode, &fs_sd); 484 if (rc == 0) { 485 rc = smb_fsop_create_with_sd(sr, cr, dnode, 486 name, attr, ret_snode, &fs_sd); 487 } 488 489 smb_fssd_term(&fs_sd); 490 } else 491 #endif /* _KERNEL */ 492 { 493 /* 494 * No incoming SD and filesystem is not ZFS 495 * let the filesystem handles the inheritance. 496 */ 497 rc = smb_vop_create(dnode->vp, name, attr, &vp, 498 flags, cr, NULL); 499 500 if (rc == 0) { 501 *ret_snode = smb_node_lookup(sr, op, cr, vp, 502 name, dnode, NULL); 503 504 if (*ret_snode == NULL) 505 rc = ENOMEM; 506 507 VN_RELE(vp); 508 } 509 510 } 511 512 if (rc == 0) 513 smb_node_notify_change(dnode, FILE_ACTION_ADDED, name); 514 515 return (rc); 516 } 517 518 /* 519 * smb_fsop_mkdir 520 * 521 * All SMB functions should use this wrapper to ensure that 522 * the the calls are performed with the appropriate credentials. 523 * Please document any direct call to explain the reason 524 * for avoiding this wrapper. 525 * 526 * It is assumed that a reference exists on snode coming into this routine. 527 * 528 * *ret_snode is returned with a reference upon success. No reference is 529 * taken if an error is returned. 530 */ 531 int 532 smb_fsop_mkdir( 533 smb_request_t *sr, 534 cred_t *cr, 535 smb_node_t *dnode, 536 char *name, 537 smb_attr_t *attr, 538 smb_node_t **ret_snode) 539 { 540 struct open_param *op = &sr->arg.open; 541 char *longname; 542 vnode_t *vp; 543 int flags = 0; 544 int rc; 545 546 #ifdef _KERNEL 547 smb_fssd_t fs_sd; 548 uint32_t secinfo; 549 uint32_t status; 550 #endif /* _KERNEL */ 551 552 ASSERT(cr); 553 ASSERT(dnode); 554 ASSERT(dnode->n_magic == SMB_NODE_MAGIC); 555 ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING); 556 557 ASSERT(ret_snode); 558 *ret_snode = 0; 559 560 ASSERT(name); 561 if (*name == 0) 562 return (EINVAL); 563 564 ASSERT(sr); 565 ASSERT(sr->tid_tree); 566 567 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0) 568 return (EACCES); 569 570 if (SMB_TREE_IS_READONLY(sr)) 571 return (EROFS); 572 if (SMB_TREE_SUPPORTS_CATIA(sr)) 573 flags |= SMB_CATIA; 574 if (SMB_TREE_SUPPORTS_ABE(sr)) 575 flags |= SMB_ABE; 576 577 if (SMB_TREE_SUPPORTS_SHORTNAMES(sr) && smb_maybe_mangled(name)) { 578 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 579 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags); 580 kmem_free(longname, MAXNAMELEN); 581 582 /* 583 * If the name passed in by the client has an unmangled 584 * equivalent that is found in the specified directory, 585 * then the mkdir cannot succeed. Return EEXIST. 586 * 587 * Only if ENOENT is returned will a mkdir be attempted. 588 */ 589 590 if (rc == 0) 591 rc = EEXIST; 592 593 if (rc != ENOENT) 594 return (rc); 595 } 596 597 if (SMB_TREE_IS_CASEINSENSITIVE(sr)) 598 flags = SMB_IGNORE_CASE; 599 600 #ifdef _KERNEL 601 if (op->sd) { 602 /* 603 * SD sent by client in Windows format. Needs to be 604 * converted to FS format. No inheritance. 605 */ 606 secinfo = smb_sd_get_secinfo(op->sd); 607 smb_fssd_init(&fs_sd, secinfo, SMB_FSSD_FLAGS_DIR); 608 609 status = smb_sd_tofs(op->sd, &fs_sd); 610 if (status == NT_STATUS_SUCCESS) { 611 rc = smb_fsop_create_with_sd(sr, cr, dnode, 612 name, attr, ret_snode, &fs_sd); 613 } 614 else 615 rc = EINVAL; 616 smb_fssd_term(&fs_sd); 617 } else if (sr->tid_tree->t_acltype == ACE_T) { 618 /* 619 * No incoming SD and filesystem is ZFS 620 * Server applies Windows inheritance rules, 621 * see smb_fsop_sdinherit() comments as to why. 622 */ 623 smb_fssd_init(&fs_sd, SMB_ACL_SECINFO, SMB_FSSD_FLAGS_DIR); 624 rc = smb_fsop_sdinherit(sr, dnode, &fs_sd); 625 if (rc == 0) { 626 rc = smb_fsop_create_with_sd(sr, cr, dnode, 627 name, attr, ret_snode, &fs_sd); 628 } 629 630 smb_fssd_term(&fs_sd); 631 632 } else 633 #endif /* _KERNEL */ 634 { 635 rc = smb_vop_mkdir(dnode->vp, name, attr, &vp, flags, cr, 636 NULL); 637 638 if (rc == 0) { 639 *ret_snode = smb_node_lookup(sr, op, cr, vp, name, 640 dnode, NULL); 641 642 if (*ret_snode == NULL) 643 rc = ENOMEM; 644 645 VN_RELE(vp); 646 } 647 } 648 649 if (rc == 0) 650 smb_node_notify_change(dnode, FILE_ACTION_ADDED, name); 651 652 return (rc); 653 } 654 655 /* 656 * smb_fsop_remove 657 * 658 * All SMB functions should use this wrapper to ensure that 659 * the the calls are performed with the appropriate credentials. 660 * Please document any direct call to explain the reason 661 * for avoiding this wrapper. 662 * 663 * It is assumed that a reference exists on snode coming into this routine. 664 * 665 * A null smb_request might be passed to this function. 666 */ 667 int 668 smb_fsop_remove( 669 smb_request_t *sr, 670 cred_t *cr, 671 smb_node_t *dnode, 672 char *name, 673 uint32_t flags) 674 { 675 smb_node_t *fnode; 676 char *longname; 677 char *fname; 678 char *sname; 679 int rc; 680 681 ASSERT(cr); 682 /* 683 * The state of the node could be SMB_NODE_STATE_DESTROYING if this 684 * function is called during the deletion of the node (because of 685 * DELETE_ON_CLOSE). 686 */ 687 ASSERT(dnode); 688 ASSERT(dnode->n_magic == SMB_NODE_MAGIC); 689 690 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0 || 691 SMB_TREE_HAS_ACCESS(sr, ACE_DELETE) == 0) 692 return (EACCES); 693 694 if (SMB_TREE_IS_READONLY(sr)) 695 return (EROFS); 696 697 fname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 698 sname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 699 700 if (dnode->flags & NODE_XATTR_DIR) { 701 fnode = dnode->n_dnode; 702 rc = smb_vop_stream_remove(fnode->vp, name, flags, cr); 703 704 /* notify change to the unnamed stream */ 705 if ((rc == 0) && fnode->n_dnode) { 706 smb_node_notify_change(fnode->n_dnode, 707 FILE_ACTION_REMOVED_STREAM, fnode->od_name); 708 } 709 } else if (smb_is_stream_name(name)) { 710 smb_stream_parse_name(name, fname, sname); 711 712 /* 713 * Look up the unnamed stream (i.e. fname). 714 * Unmangle processing will be done on fname 715 * as well as any link target. 716 */ 717 718 rc = smb_fsop_lookup(sr, cr, flags | SMB_FOLLOW_LINKS, 719 sr->tid_tree->t_snode, dnode, fname, &fnode); 720 721 if (rc != 0) { 722 kmem_free(fname, MAXNAMELEN); 723 kmem_free(sname, MAXNAMELEN); 724 return (rc); 725 } 726 727 /* 728 * XXX 729 * Need to find out what permission is required by NTFS 730 * to remove a stream. 731 */ 732 rc = smb_vop_stream_remove(fnode->vp, sname, flags, cr); 733 734 smb_node_release(fnode); 735 736 /* notify change to the unnamed stream */ 737 if (rc == 0) { 738 smb_node_notify_change(dnode, 739 FILE_ACTION_REMOVED_STREAM, fname); 740 } 741 } else { 742 rc = smb_vop_remove(dnode->vp, name, flags, cr); 743 744 if (rc == ENOENT) { 745 if (!SMB_TREE_SUPPORTS_SHORTNAMES(sr) || 746 !smb_maybe_mangled(name)) { 747 kmem_free(fname, MAXNAMELEN); 748 kmem_free(sname, MAXNAMELEN); 749 return (rc); 750 } 751 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 752 753 if (SMB_TREE_SUPPORTS_ABE(sr)) 754 flags |= SMB_ABE; 755 756 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, 757 flags); 758 759 if (rc == 0) { 760 /* 761 * longname is the real (case-sensitive) 762 * on-disk name. 763 * We make sure we do a remove on this exact 764 * name, as the name was mangled and denotes 765 * a unique file. 766 */ 767 flags &= ~SMB_IGNORE_CASE; 768 rc = smb_vop_remove(dnode->vp, longname, 769 flags, cr); 770 } 771 kmem_free(longname, MAXNAMELEN); 772 } 773 if (rc == 0) { 774 smb_node_notify_change(dnode, 775 FILE_ACTION_REMOVED, name); 776 } 777 } 778 779 kmem_free(fname, MAXNAMELEN); 780 kmem_free(sname, MAXNAMELEN); 781 782 return (rc); 783 } 784 785 /* 786 * smb_fsop_remove_streams 787 * 788 * This function removes a file's streams without removing the 789 * file itself. 790 * 791 * It is assumed that fnode is not a link. 792 */ 793 uint32_t 794 smb_fsop_remove_streams(smb_request_t *sr, cred_t *cr, smb_node_t *fnode) 795 { 796 int rc, flags = 0; 797 smb_odir_t *od; 798 smb_odirent_t *odirent; 799 uint32_t status; 800 boolean_t eos; 801 802 ASSERT(sr); 803 ASSERT(cr); 804 ASSERT(fnode); 805 ASSERT(fnode->n_magic == SMB_NODE_MAGIC); 806 ASSERT(fnode->n_state != SMB_NODE_STATE_DESTROYING); 807 808 if (SMB_TREE_CONTAINS_NODE(sr, fnode) == 0) 809 return (NT_STATUS_ACCESS_DENIED); 810 811 if (SMB_TREE_IS_READONLY(sr)) 812 return (NT_STATUS_ACCESS_DENIED); 813 814 if (SMB_TREE_IS_CASEINSENSITIVE(sr)) 815 flags = SMB_IGNORE_CASE; 816 817 if (SMB_TREE_SUPPORTS_CATIA(sr)) 818 flags |= SMB_CATIA; 819 820 status = smb_odir_openat(sr, fnode, &od); 821 switch (status) { 822 case 0: 823 break; 824 case NT_STATUS_OBJECT_NAME_NOT_FOUND: 825 case NT_STATUS_NO_SUCH_FILE: 826 case NT_STATUS_NOT_SUPPORTED: 827 /* No streams to remove. */ 828 return (0); 829 default: 830 return (status); 831 } 832 833 odirent = kmem_alloc(sizeof (smb_odirent_t), KM_SLEEP); 834 for (;;) { 835 rc = smb_odir_read(sr, od, odirent, &eos); 836 if ((rc != 0) || (eos)) 837 break; 838 (void) smb_vop_remove(od->d_dnode->vp, odirent->od_name, 839 flags, cr); 840 } 841 kmem_free(odirent, sizeof (smb_odirent_t)); 842 if (eos && rc == ENOENT) 843 rc = 0; 844 845 smb_odir_close(od); 846 smb_odir_release(od); 847 if (rc) 848 status = smb_errno2status(rc); 849 return (status); 850 } 851 852 /* 853 * smb_fsop_rmdir 854 * 855 * All SMB functions should use this wrapper to ensure that 856 * the the calls are performed with the appropriate credentials. 857 * Please document any direct call to explain the reason 858 * for avoiding this wrapper. 859 * 860 * It is assumed that a reference exists on snode coming into this routine. 861 */ 862 int 863 smb_fsop_rmdir( 864 smb_request_t *sr, 865 cred_t *cr, 866 smb_node_t *dnode, 867 char *name, 868 uint32_t flags) 869 { 870 int rc; 871 char *longname; 872 873 ASSERT(cr); 874 /* 875 * The state of the node could be SMB_NODE_STATE_DESTROYING if this 876 * function is called during the deletion of the node (because of 877 * DELETE_ON_CLOSE). 878 */ 879 ASSERT(dnode); 880 ASSERT(dnode->n_magic == SMB_NODE_MAGIC); 881 882 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0 || 883 SMB_TREE_HAS_ACCESS(sr, ACE_DELETE_CHILD) == 0) 884 return (EACCES); 885 886 if (SMB_TREE_IS_READONLY(sr)) 887 return (EROFS); 888 889 rc = smb_vop_rmdir(dnode->vp, name, flags, cr); 890 891 if (rc == ENOENT) { 892 if (!SMB_TREE_SUPPORTS_SHORTNAMES(sr) || 893 !smb_maybe_mangled(name)) { 894 return (rc); 895 } 896 897 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 898 899 if (SMB_TREE_SUPPORTS_ABE(sr)) 900 flags |= SMB_ABE; 901 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags); 902 903 if (rc == 0) { 904 /* 905 * longname is the real (case-sensitive) 906 * on-disk name. 907 * We make sure we do a rmdir on this exact 908 * name, as the name was mangled and denotes 909 * a unique directory. 910 */ 911 flags &= ~SMB_IGNORE_CASE; 912 rc = smb_vop_rmdir(dnode->vp, longname, flags, cr); 913 } 914 915 kmem_free(longname, MAXNAMELEN); 916 } 917 918 if (rc == 0) 919 smb_node_notify_change(dnode, FILE_ACTION_REMOVED, name); 920 921 return (rc); 922 } 923 924 /* 925 * smb_fsop_getattr 926 * 927 * All SMB functions should use this wrapper to ensure that 928 * the the calls are performed with the appropriate credentials. 929 * Please document any direct call to explain the reason 930 * for avoiding this wrapper. 931 * 932 * It is assumed that a reference exists on snode coming into this routine. 933 */ 934 int 935 smb_fsop_getattr(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 936 smb_attr_t *attr) 937 { 938 smb_node_t *unnamed_node; 939 vnode_t *unnamed_vp = NULL; 940 uint32_t status; 941 uint32_t access = 0; 942 int flags = 0; 943 int rc; 944 945 ASSERT(cr); 946 ASSERT(snode); 947 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 948 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 949 950 if (SMB_TREE_CONTAINS_NODE(sr, snode) == 0 || 951 SMB_TREE_HAS_ACCESS(sr, ACE_READ_ATTRIBUTES) == 0) 952 return (EACCES); 953 954 /* sr could be NULL in some cases */ 955 if (sr && sr->fid_ofile) { 956 /* if uid and/or gid is requested */ 957 if (attr->sa_mask & (SMB_AT_UID|SMB_AT_GID)) 958 access |= READ_CONTROL; 959 960 /* if anything else is also requested */ 961 if (attr->sa_mask & ~(SMB_AT_UID|SMB_AT_GID)) 962 access |= FILE_READ_ATTRIBUTES; 963 964 status = smb_ofile_access(sr->fid_ofile, cr, access); 965 if (status != NT_STATUS_SUCCESS) 966 return (EACCES); 967 968 if (smb_tree_has_feature(sr->tid_tree, 969 SMB_TREE_ACEMASKONACCESS)) 970 flags = ATTR_NOACLCHECK; 971 } 972 973 unnamed_node = SMB_IS_STREAM(snode); 974 975 if (unnamed_node) { 976 ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC); 977 ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING); 978 unnamed_vp = unnamed_node->vp; 979 } 980 981 rc = smb_vop_getattr(snode->vp, unnamed_vp, attr, flags, cr); 982 983 if ((rc == 0) && smb_node_is_dfslink(snode)) { 984 /* a DFS link should be treated as a directory */ 985 attr->sa_dosattr |= FILE_ATTRIBUTE_DIRECTORY; 986 } 987 988 return (rc); 989 } 990 991 /* 992 * smb_fsop_link 993 * 994 * All SMB functions should use this smb_vop_link wrapper to ensure that 995 * the smb_vop_link is performed with the appropriate credentials. 996 * Please document any direct call to smb_vop_link to explain the reason 997 * for avoiding this wrapper. 998 * 999 * It is assumed that references exist on from_dnode and to_dnode coming 1000 * into this routine. 1001 */ 1002 int 1003 smb_fsop_link(smb_request_t *sr, cred_t *cr, smb_node_t *from_fnode, 1004 smb_node_t *to_dnode, char *to_name) 1005 { 1006 char *longname = NULL; 1007 int flags = 0; 1008 int rc; 1009 1010 ASSERT(sr); 1011 ASSERT(sr->tid_tree); 1012 ASSERT(cr); 1013 ASSERT(to_dnode); 1014 ASSERT(to_dnode->n_magic == SMB_NODE_MAGIC); 1015 ASSERT(to_dnode->n_state != SMB_NODE_STATE_DESTROYING); 1016 ASSERT(from_fnode); 1017 ASSERT(from_fnode->n_magic == SMB_NODE_MAGIC); 1018 ASSERT(from_fnode->n_state != SMB_NODE_STATE_DESTROYING); 1019 1020 if (SMB_TREE_CONTAINS_NODE(sr, from_fnode) == 0) 1021 return (EACCES); 1022 1023 if (SMB_TREE_CONTAINS_NODE(sr, to_dnode) == 0) 1024 return (EACCES); 1025 1026 if (SMB_TREE_IS_READONLY(sr)) 1027 return (EROFS); 1028 1029 if (SMB_TREE_IS_CASEINSENSITIVE(sr)) 1030 flags = SMB_IGNORE_CASE; 1031 if (SMB_TREE_SUPPORTS_CATIA(sr)) 1032 flags |= SMB_CATIA; 1033 if (SMB_TREE_SUPPORTS_ABE(sr)) 1034 flags |= SMB_ABE; 1035 1036 if (SMB_TREE_SUPPORTS_SHORTNAMES(sr) && smb_maybe_mangled(to_name)) { 1037 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 1038 rc = smb_unmangle(to_dnode, to_name, longname, 1039 MAXNAMELEN, flags); 1040 kmem_free(longname, MAXNAMELEN); 1041 1042 if (rc == 0) 1043 rc = EEXIST; 1044 if (rc != ENOENT) 1045 return (rc); 1046 } 1047 1048 rc = smb_vop_link(to_dnode->vp, from_fnode->vp, to_name, flags, cr); 1049 1050 if (rc == 0) 1051 smb_node_notify_change(to_dnode, FILE_ACTION_ADDED, to_name); 1052 1053 return (rc); 1054 } 1055 1056 /* 1057 * smb_fsop_rename 1058 * 1059 * All SMB functions should use this smb_vop_rename wrapper to ensure that 1060 * the smb_vop_rename is performed with the appropriate credentials. 1061 * Please document any direct call to smb_vop_rename to explain the reason 1062 * for avoiding this wrapper. 1063 * 1064 * It is assumed that references exist on from_dnode and to_dnode coming 1065 * into this routine. 1066 */ 1067 int 1068 smb_fsop_rename( 1069 smb_request_t *sr, 1070 cred_t *cr, 1071 smb_node_t *from_dnode, 1072 char *from_name, 1073 smb_node_t *to_dnode, 1074 char *to_name) 1075 { 1076 smb_node_t *from_snode; 1077 smb_attr_t from_attr; 1078 vnode_t *from_vp; 1079 int flags = 0, ret_flags; 1080 int rc; 1081 boolean_t isdir; 1082 1083 ASSERT(cr); 1084 ASSERT(from_dnode); 1085 ASSERT(from_dnode->n_magic == SMB_NODE_MAGIC); 1086 ASSERT(from_dnode->n_state != SMB_NODE_STATE_DESTROYING); 1087 1088 ASSERT(to_dnode); 1089 ASSERT(to_dnode->n_magic == SMB_NODE_MAGIC); 1090 ASSERT(to_dnode->n_state != SMB_NODE_STATE_DESTROYING); 1091 1092 if (SMB_TREE_CONTAINS_NODE(sr, from_dnode) == 0) 1093 return (EACCES); 1094 1095 if (SMB_TREE_CONTAINS_NODE(sr, to_dnode) == 0) 1096 return (EACCES); 1097 1098 ASSERT(sr); 1099 ASSERT(sr->tid_tree); 1100 if (SMB_TREE_IS_READONLY(sr)) 1101 return (EROFS); 1102 1103 /* 1104 * Note: There is no need to check SMB_TREE_IS_CASEINSENSITIVE 1105 * here. 1106 * 1107 * A case-sensitive rename is always done in this routine 1108 * because we are using the on-disk name from an earlier lookup. 1109 * If a mangled name was passed in by the caller (denoting a 1110 * deterministic lookup), then the exact file must be renamed 1111 * (i.e. SMB_IGNORE_CASE must not be passed to VOP_RENAME, or 1112 * else the underlying file system might return a "first-match" 1113 * on this on-disk name, possibly resulting in the wrong file). 1114 */ 1115 1116 if (SMB_TREE_SUPPORTS_CATIA(sr)) 1117 flags |= SMB_CATIA; 1118 1119 /* 1120 * XXX: Lock required through smb_node_release() below? 1121 */ 1122 1123 rc = smb_vop_lookup(from_dnode->vp, from_name, &from_vp, NULL, 1124 flags, &ret_flags, NULL, &from_attr, cr); 1125 1126 if (rc != 0) 1127 return (rc); 1128 1129 if (from_attr.sa_dosattr & FILE_ATTRIBUTE_REPARSE_POINT) { 1130 VN_RELE(from_vp); 1131 return (EACCES); 1132 } 1133 1134 isdir = ((from_attr.sa_dosattr & FILE_ATTRIBUTE_DIRECTORY) != 0); 1135 1136 if ((isdir && SMB_TREE_HAS_ACCESS(sr, 1137 ACE_DELETE_CHILD | ACE_ADD_SUBDIRECTORY) != 1138 (ACE_DELETE_CHILD | ACE_ADD_SUBDIRECTORY)) || 1139 (!isdir && SMB_TREE_HAS_ACCESS(sr, ACE_DELETE | ACE_ADD_FILE) != 1140 (ACE_DELETE | ACE_ADD_FILE))) { 1141 VN_RELE(from_vp); 1142 return (EACCES); 1143 } 1144 1145 /* 1146 * SMB checks access on open and retains an access granted 1147 * mask for use while the file is open. ACL changes should 1148 * not affect access to an open file. 1149 * 1150 * If the rename is being performed on an ofile: 1151 * - Check the ofile's access granted mask to see if the 1152 * rename is permitted - requires DELETE access. 1153 * - If the file system does access checking, set the 1154 * ATTR_NOACLCHECK flag to ensure that the file system 1155 * does not check permissions on subsequent calls. 1156 */ 1157 if (sr && sr->fid_ofile) { 1158 rc = smb_ofile_access(sr->fid_ofile, cr, DELETE); 1159 if (rc != NT_STATUS_SUCCESS) { 1160 VN_RELE(from_vp); 1161 return (EACCES); 1162 } 1163 1164 if (smb_tree_has_feature(sr->tid_tree, 1165 SMB_TREE_ACEMASKONACCESS)) 1166 flags = ATTR_NOACLCHECK; 1167 } 1168 1169 rc = smb_vop_rename(from_dnode->vp, from_name, to_dnode->vp, 1170 to_name, flags, cr); 1171 1172 if (rc == 0) { 1173 from_snode = smb_node_lookup(sr, NULL, cr, from_vp, from_name, 1174 from_dnode, NULL); 1175 1176 if (from_snode == NULL) { 1177 rc = ENOMEM; 1178 } else { 1179 smb_node_rename(from_dnode, from_snode, 1180 to_dnode, to_name); 1181 smb_node_release(from_snode); 1182 } 1183 } 1184 VN_RELE(from_vp); 1185 1186 if (rc == 0) { 1187 if (from_dnode == to_dnode) { 1188 smb_node_notify_change(from_dnode, 1189 FILE_ACTION_RENAMED_OLD_NAME, from_name); 1190 smb_node_notify_change(to_dnode, 1191 FILE_ACTION_RENAMED_NEW_NAME, to_name); 1192 } else { 1193 smb_node_notify_change(from_dnode, 1194 FILE_ACTION_REMOVED, from_name); 1195 smb_node_notify_change(to_dnode, 1196 FILE_ACTION_ADDED, to_name); 1197 } 1198 } 1199 1200 /* XXX: unlock */ 1201 1202 return (rc); 1203 } 1204 1205 /* 1206 * smb_fsop_setattr 1207 * 1208 * All SMB functions should use this wrapper to ensure that 1209 * the the calls are performed with the appropriate credentials. 1210 * Please document any direct call to explain the reason 1211 * for avoiding this wrapper. 1212 * 1213 * It is assumed that a reference exists on snode coming into 1214 * this function. 1215 * A null smb_request might be passed to this function. 1216 */ 1217 int 1218 smb_fsop_setattr( 1219 smb_request_t *sr, 1220 cred_t *cr, 1221 smb_node_t *snode, 1222 smb_attr_t *set_attr) 1223 { 1224 smb_node_t *unnamed_node; 1225 vnode_t *unnamed_vp = NULL; 1226 uint32_t status; 1227 uint32_t access; 1228 int rc = 0; 1229 int flags = 0; 1230 uint_t sa_mask; 1231 1232 ASSERT(cr); 1233 ASSERT(snode); 1234 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 1235 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 1236 1237 if (SMB_TREE_CONTAINS_NODE(sr, snode) == 0) 1238 return (EACCES); 1239 1240 if (SMB_TREE_IS_READONLY(sr)) 1241 return (EROFS); 1242 1243 if (SMB_TREE_HAS_ACCESS(sr, 1244 ACE_WRITE_ATTRIBUTES | ACE_WRITE_NAMED_ATTRS) == 0) 1245 return (EACCES); 1246 1247 /* 1248 * SMB checks access on open and retains an access granted 1249 * mask for use while the file is open. ACL changes should 1250 * not affect access to an open file. 1251 * 1252 * If the setattr is being performed on an ofile: 1253 * - Check the ofile's access granted mask to see if the 1254 * setattr is permitted. 1255 * UID, GID - require WRITE_OWNER 1256 * SIZE, ALLOCSZ - require FILE_WRITE_DATA 1257 * all other attributes require FILE_WRITE_ATTRIBUTES 1258 * 1259 * - If the file system does access checking, set the 1260 * ATTR_NOACLCHECK flag to ensure that the file system 1261 * does not check permissions on subsequent calls. 1262 */ 1263 if (sr && sr->fid_ofile) { 1264 sa_mask = set_attr->sa_mask; 1265 access = 0; 1266 1267 if (sa_mask & (SMB_AT_SIZE | SMB_AT_ALLOCSZ)) { 1268 access |= FILE_WRITE_DATA; 1269 sa_mask &= ~(SMB_AT_SIZE | SMB_AT_ALLOCSZ); 1270 } 1271 1272 if (sa_mask & (SMB_AT_UID|SMB_AT_GID)) { 1273 access |= WRITE_OWNER; 1274 sa_mask &= ~(SMB_AT_UID|SMB_AT_GID); 1275 } 1276 1277 if (sa_mask) 1278 access |= FILE_WRITE_ATTRIBUTES; 1279 1280 status = smb_ofile_access(sr->fid_ofile, cr, access); 1281 if (status != NT_STATUS_SUCCESS) 1282 return (EACCES); 1283 1284 if (smb_tree_has_feature(sr->tid_tree, 1285 SMB_TREE_ACEMASKONACCESS)) 1286 flags = ATTR_NOACLCHECK; 1287 } 1288 1289 unnamed_node = SMB_IS_STREAM(snode); 1290 1291 if (unnamed_node) { 1292 ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC); 1293 ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING); 1294 unnamed_vp = unnamed_node->vp; 1295 } 1296 1297 rc = smb_vop_setattr(snode->vp, unnamed_vp, set_attr, flags, cr); 1298 return (rc); 1299 } 1300 1301 /* 1302 * Support for SMB2 setinfo FileValidDataLengthInformation. 1303 * Free (zero out) data in the range off, off+len 1304 */ 1305 int 1306 smb_fsop_freesp( 1307 smb_request_t *sr, 1308 cred_t *cr, 1309 smb_ofile_t *ofile, 1310 off64_t off, 1311 off64_t len) 1312 { 1313 flock64_t flk; 1314 smb_node_t *node = ofile->f_node; 1315 uint32_t status; 1316 uint32_t access = FILE_WRITE_DATA; 1317 int rc; 1318 1319 ASSERT(cr); 1320 ASSERT(node); 1321 ASSERT(node->n_magic == SMB_NODE_MAGIC); 1322 ASSERT(node->n_state != SMB_NODE_STATE_DESTROYING); 1323 1324 if (SMB_TREE_CONTAINS_NODE(sr, node) == 0) 1325 return (EACCES); 1326 1327 if (SMB_TREE_IS_READONLY(sr)) 1328 return (EROFS); 1329 1330 if (SMB_TREE_HAS_ACCESS(sr, access) == 0) 1331 return (EACCES); 1332 1333 /* 1334 * SMB checks access on open and retains an access granted 1335 * mask for use while the file is open. ACL changes should 1336 * not affect access to an open file. 1337 * 1338 * If the setattr is being performed on an ofile: 1339 * - Check the ofile's access granted mask to see if this 1340 * modification should be permitted (FILE_WRITE_DATA) 1341 */ 1342 status = smb_ofile_access(sr->fid_ofile, cr, access); 1343 if (status != NT_STATUS_SUCCESS) 1344 return (EACCES); 1345 1346 bzero(&flk, sizeof (flk)); 1347 flk.l_start = off; 1348 flk.l_len = len; 1349 1350 rc = smb_vop_space(node->vp, F_FREESP, &flk, FWRITE, 0LL, cr); 1351 return (rc); 1352 } 1353 1354 /* 1355 * smb_fsop_read 1356 * 1357 * All SMB functions should use this wrapper to ensure that 1358 * the the calls are performed with the appropriate credentials. 1359 * Please document any direct call to explain the reason 1360 * for avoiding this wrapper. 1361 * 1362 * It is assumed that a reference exists on snode coming into this routine. 1363 * Note that ofile may be different from sr->fid_ofile, or may be NULL. 1364 */ 1365 int 1366 smb_fsop_read(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 1367 smb_ofile_t *ofile, uio_t *uio) 1368 { 1369 caller_context_t ct; 1370 cred_t *kcr = zone_kcred(); 1371 uint32_t amask; 1372 int svmand; 1373 int rc; 1374 1375 ASSERT(cr); 1376 ASSERT(snode); 1377 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 1378 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 1379 1380 ASSERT(sr); 1381 1382 if (ofile != NULL) { 1383 /* 1384 * Check tree access. Not SMB_TREE_HAS_ACCESS 1385 * because we need to use ofile->f_tree 1386 */ 1387 if ((ofile->f_tree->t_access & ACE_READ_DATA) == 0) 1388 return (EACCES); 1389 1390 /* 1391 * Check ofile access. Use in-line smb_ofile_access 1392 * so we can check both amask bits at the same time. 1393 * If any bit in amask is granted, allow this read. 1394 */ 1395 amask = FILE_READ_DATA; 1396 if (sr->smb_flg2 & SMB_FLAGS2_READ_IF_EXECUTE) 1397 amask |= FILE_EXECUTE; 1398 if (cr != kcr && (ofile->f_granted_access & amask) == 0) 1399 return (EACCES); 1400 } 1401 1402 /* 1403 * Streams permission are checked against the unnamed stream, 1404 * but in FS level they have their own permissions. To avoid 1405 * rejection by FS due to lack of permission on the actual 1406 * extended attr kcred is passed for streams. 1407 */ 1408 if (SMB_IS_STREAM(snode)) 1409 cr = kcr; 1410 1411 smb_node_start_crit(snode, RW_READER); 1412 rc = nbl_svmand(snode->vp, kcr, &svmand); 1413 if (rc) { 1414 smb_node_end_crit(snode); 1415 return (rc); 1416 } 1417 1418 /* 1419 * Note: SMB allows a zero-byte read, which should not 1420 * conflict with any locks. However nbl_lock_conflict 1421 * takes a zero-byte length as lock to EOF, so we must 1422 * special case that here. 1423 */ 1424 if (uio->uio_resid > 0) { 1425 ct = smb_ct; 1426 if (ofile != NULL) 1427 ct.cc_pid = ofile->f_uniqid; 1428 rc = nbl_lock_conflict(snode->vp, NBL_READ, uio->uio_loffset, 1429 uio->uio_resid, svmand, &ct); 1430 if (rc != 0) { 1431 smb_node_end_crit(snode); 1432 return (ERANGE); 1433 } 1434 } 1435 1436 rc = smb_vop_read(snode->vp, uio, cr); 1437 smb_node_end_crit(snode); 1438 1439 return (rc); 1440 } 1441 1442 /* 1443 * smb_fsop_write 1444 * 1445 * It is assumed that a reference exists on snode coming into this routine. 1446 * Note that ofile may be different from sr->fid_ofile, or may be NULL. 1447 */ 1448 int 1449 smb_fsop_write( 1450 smb_request_t *sr, 1451 cred_t *cr, 1452 smb_node_t *snode, 1453 smb_ofile_t *ofile, 1454 uio_t *uio, 1455 uint32_t *lcount, 1456 int ioflag) 1457 { 1458 caller_context_t ct; 1459 smb_attr_t attr; 1460 cred_t *kcr = zone_kcred(); 1461 smb_node_t *u_node; 1462 vnode_t *u_vp = NULL; 1463 vnode_t *vp; 1464 uint32_t amask; 1465 int svmand; 1466 int rc; 1467 1468 ASSERT(cr); 1469 ASSERT(snode); 1470 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 1471 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 1472 1473 ASSERT(sr); 1474 vp = snode->vp; 1475 1476 if (ofile != NULL) { 1477 amask = FILE_WRITE_DATA | FILE_APPEND_DATA; 1478 1479 /* Check tree access. */ 1480 if ((ofile->f_tree->t_access & amask) == 0) 1481 return (EROFS); 1482 1483 /* 1484 * Check ofile access. Use in-line smb_ofile_access 1485 * so we can check both amask bits at the same time. 1486 * If any bit in amask is granted, allow this write. 1487 */ 1488 if (cr != kcr && (ofile->f_granted_access & amask) == 0) 1489 return (EACCES); 1490 } 1491 1492 /* 1493 * Streams permission are checked against the unnamed stream, 1494 * but in FS level they have their own permissions. To avoid 1495 * rejection by FS due to lack of permission on the actual 1496 * extended attr kcred is passed for streams. 1497 */ 1498 u_node = SMB_IS_STREAM(snode); 1499 if (u_node != NULL) { 1500 ASSERT(u_node->n_magic == SMB_NODE_MAGIC); 1501 ASSERT(u_node->n_state != SMB_NODE_STATE_DESTROYING); 1502 u_vp = u_node->vp; 1503 cr = kcr; 1504 } 1505 1506 smb_node_start_crit(snode, RW_WRITER); 1507 rc = nbl_svmand(vp, kcr, &svmand); 1508 if (rc) { 1509 smb_node_end_crit(snode); 1510 return (rc); 1511 } 1512 1513 /* 1514 * Note: SMB allows a zero-byte write, which should not 1515 * conflict with any locks. However nbl_lock_conflict 1516 * takes a zero-byte length as lock to EOF, so we must 1517 * special case that here. 1518 */ 1519 if (uio->uio_resid > 0) { 1520 ct = smb_ct; 1521 if (ofile != NULL) 1522 ct.cc_pid = ofile->f_uniqid; 1523 rc = nbl_lock_conflict(vp, NBL_WRITE, uio->uio_loffset, 1524 uio->uio_resid, svmand, &ct); 1525 if (rc != 0) { 1526 smb_node_end_crit(snode); 1527 return (ERANGE); 1528 } 1529 } 1530 1531 rc = smb_vop_write(vp, uio, ioflag, lcount, cr); 1532 1533 /* 1534 * Once the mtime has been set via this ofile, the 1535 * automatic mtime changes from writes via this ofile 1536 * should cease, preserving the mtime that was set. 1537 * See: [MS-FSA] 2.1.5.14 and smb_node_setattr. 1538 * 1539 * The VFS interface does not offer a way to ask it to 1540 * skip the mtime updates, so we simulate the desired 1541 * behavior by re-setting the mtime after writes on a 1542 * handle where the mtime has been set. 1543 */ 1544 if (ofile != NULL && 1545 (ofile->f_pending_attr.sa_mask & SMB_AT_MTIME) != 0) { 1546 bcopy(&ofile->f_pending_attr, &attr, sizeof (attr)); 1547 attr.sa_mask = SMB_AT_MTIME; 1548 (void) smb_vop_setattr(vp, u_vp, &attr, 0, kcr); 1549 } 1550 1551 smb_node_end_crit(snode); 1552 1553 return (rc); 1554 } 1555 1556 /* 1557 * Find the next allocated range starting at or after 1558 * the offset (*datap), returning the start/end of 1559 * that range in (*datap, *holep) 1560 */ 1561 int 1562 smb_fsop_next_alloc_range( 1563 cred_t *cr, 1564 smb_node_t *node, 1565 off64_t *datap, 1566 off64_t *holep) 1567 { 1568 int err; 1569 1570 err = smb_vop_ioctl(node->vp, _FIO_SEEK_DATA, datap, cr); 1571 if (err != 0) 1572 return (err); 1573 1574 *holep = *datap; 1575 err = smb_vop_ioctl(node->vp, _FIO_SEEK_HOLE, holep, cr); 1576 1577 return (err); 1578 } 1579 1580 /* 1581 * smb_fsop_statfs 1582 * 1583 * This is a wrapper function used for stat operations. 1584 */ 1585 int 1586 smb_fsop_statfs( 1587 cred_t *cr, 1588 smb_node_t *snode, 1589 struct statvfs64 *statp) 1590 { 1591 ASSERT(cr); 1592 ASSERT(snode); 1593 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 1594 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 1595 1596 return (smb_vop_statfs(snode->vp, statp, cr)); 1597 } 1598 1599 /* 1600 * smb_fsop_access 1601 * 1602 * Named streams do not have separate permissions from the associated 1603 * unnamed stream. Thus, if node is a named stream, the permissions 1604 * check will be performed on the associated unnamed stream. 1605 * 1606 * However, our named streams do have their own quarantine attribute, 1607 * separate from that on the unnamed stream. If READ or EXECUTE 1608 * access has been requested on a named stream, an additional access 1609 * check is performed on the named stream in case it has been 1610 * quarantined. kcred is used to avoid issues with the permissions 1611 * set on the extended attribute file representing the named stream. 1612 */ 1613 int 1614 smb_fsop_access(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 1615 uint32_t faccess) 1616 { 1617 int access = 0; 1618 int error; 1619 vnode_t *dir_vp; 1620 boolean_t acl_check = B_TRUE; 1621 smb_node_t *unnamed_node; 1622 1623 ASSERT(sr); 1624 ASSERT(cr); 1625 ASSERT(snode); 1626 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 1627 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 1628 1629 if (SMB_TREE_IS_READONLY(sr)) { 1630 if (faccess & (FILE_WRITE_DATA|FILE_APPEND_DATA| 1631 FILE_WRITE_EA|FILE_DELETE_CHILD|FILE_WRITE_ATTRIBUTES| 1632 DELETE|WRITE_DAC|WRITE_OWNER)) { 1633 return (NT_STATUS_ACCESS_DENIED); 1634 } 1635 } 1636 1637 if (smb_node_is_reparse(snode) && (faccess & DELETE)) 1638 return (NT_STATUS_ACCESS_DENIED); 1639 1640 unnamed_node = SMB_IS_STREAM(snode); 1641 if (unnamed_node) { 1642 ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC); 1643 ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING); 1644 1645 /* 1646 * Perform VREAD access check on the named stream in case it 1647 * is quarantined. kcred is passed to smb_vop_access so it 1648 * doesn't fail due to lack of permission. 1649 */ 1650 if (faccess & (FILE_READ_DATA | FILE_EXECUTE)) { 1651 error = smb_vop_access(snode->vp, VREAD, 1652 0, NULL, zone_kcred()); 1653 if (error) 1654 return (NT_STATUS_ACCESS_DENIED); 1655 } 1656 1657 /* 1658 * Streams authorization should be performed against the 1659 * unnamed stream. 1660 */ 1661 snode = unnamed_node; 1662 } 1663 1664 if (faccess & ACCESS_SYSTEM_SECURITY) { 1665 /* 1666 * This permission is required for reading/writing SACL and 1667 * it's not part of DACL. It's only granted via proper 1668 * privileges. 1669 */ 1670 if ((sr->uid_user->u_privileges & 1671 (SMB_USER_PRIV_BACKUP | 1672 SMB_USER_PRIV_RESTORE | 1673 SMB_USER_PRIV_SECURITY)) == 0) 1674 return (NT_STATUS_PRIVILEGE_NOT_HELD); 1675 1676 faccess &= ~ACCESS_SYSTEM_SECURITY; 1677 } 1678 1679 /* Links don't have ACL */ 1680 if ((!smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACEMASKONACCESS)) || 1681 smb_node_is_symlink(snode)) 1682 acl_check = B_FALSE; 1683 1684 /* Deny access based on the share access mask */ 1685 1686 if ((faccess & ~sr->tid_tree->t_access) != 0) 1687 return (NT_STATUS_ACCESS_DENIED); 1688 1689 if (acl_check) { 1690 dir_vp = (snode->n_dnode) ? snode->n_dnode->vp : NULL; 1691 error = smb_vop_access(snode->vp, faccess, V_ACE_MASK, dir_vp, 1692 cr); 1693 } else { 1694 /* 1695 * FS doesn't understand 32-bit mask, need to map 1696 */ 1697 if (faccess & (FILE_WRITE_DATA | FILE_APPEND_DATA)) 1698 access |= VWRITE; 1699 1700 if (faccess & FILE_READ_DATA) 1701 access |= VREAD; 1702 1703 if (faccess & FILE_EXECUTE) 1704 access |= VEXEC; 1705 1706 error = smb_vop_access(snode->vp, access, 0, NULL, cr); 1707 } 1708 1709 return ((error) ? NT_STATUS_ACCESS_DENIED : NT_STATUS_SUCCESS); 1710 } 1711 1712 /* 1713 * smb_fsop_lookup_name() 1714 * 1715 * If name indicates that the file is a stream file, perform 1716 * stream specific lookup, otherwise call smb_fsop_lookup. 1717 * 1718 * Return an error if the looked-up file is in outside the tree. 1719 * (Required when invoked from open path.) 1720 * 1721 * Case sensitivity flags (SMB_IGNORE_CASE, SMB_CASE_SENSITIVE): 1722 * if SMB_CASE_SENSITIVE is set, the SMB_IGNORE_CASE flag will NOT be set 1723 * based on the tree's case sensitivity. However, if the SMB_IGNORE_CASE 1724 * flag is set in the flags value passed as a parameter, a case insensitive 1725 * lookup WILL be done (regardless of whether SMB_CASE_SENSITIVE is set 1726 * or not). 1727 */ 1728 1729 int 1730 smb_fsop_lookup_name( 1731 smb_request_t *sr, 1732 cred_t *cr, 1733 int flags, 1734 smb_node_t *root_node, 1735 smb_node_t *dnode, 1736 char *name, 1737 smb_node_t **ret_snode) 1738 { 1739 smb_node_t *fnode; 1740 vnode_t *xattrdirvp; 1741 vnode_t *vp; 1742 char *od_name; 1743 char *fname; 1744 char *sname; 1745 int rc; 1746 1747 ASSERT(cr); 1748 ASSERT(dnode); 1749 ASSERT(dnode->n_magic == SMB_NODE_MAGIC); 1750 ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING); 1751 1752 /* 1753 * The following check is required for streams processing, below 1754 */ 1755 1756 if (!(flags & SMB_CASE_SENSITIVE)) { 1757 if (SMB_TREE_IS_CASEINSENSITIVE(sr)) 1758 flags |= SMB_IGNORE_CASE; 1759 } 1760 1761 fname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 1762 sname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 1763 1764 if (smb_is_stream_name(name)) { 1765 smb_stream_parse_name(name, fname, sname); 1766 1767 /* 1768 * Look up the unnamed stream (i.e. fname). 1769 * Unmangle processing will be done on fname 1770 * as well as any link target. 1771 */ 1772 rc = smb_fsop_lookup(sr, cr, flags, root_node, dnode, 1773 fname, &fnode); 1774 1775 if (rc != 0) { 1776 kmem_free(fname, MAXNAMELEN); 1777 kmem_free(sname, MAXNAMELEN); 1778 return (rc); 1779 } 1780 1781 od_name = kmem_alloc(MAXNAMELEN, KM_SLEEP); 1782 1783 /* 1784 * od_name is the on-disk name of the stream, except 1785 * without the prepended stream prefix (SMB_STREAM_PREFIX) 1786 */ 1787 1788 /* 1789 * XXX 1790 * What permissions NTFS requires for stream lookup if any? 1791 */ 1792 rc = smb_vop_stream_lookup(fnode->vp, sname, &vp, od_name, 1793 &xattrdirvp, flags, root_node->vp, cr); 1794 1795 if (rc != 0) { 1796 smb_node_release(fnode); 1797 kmem_free(fname, MAXNAMELEN); 1798 kmem_free(sname, MAXNAMELEN); 1799 kmem_free(od_name, MAXNAMELEN); 1800 return (rc); 1801 } 1802 1803 *ret_snode = smb_stream_node_lookup(sr, cr, fnode, xattrdirvp, 1804 vp, od_name); 1805 1806 kmem_free(od_name, MAXNAMELEN); 1807 smb_node_release(fnode); 1808 VN_RELE(xattrdirvp); 1809 VN_RELE(vp); 1810 1811 if (*ret_snode == NULL) { 1812 kmem_free(fname, MAXNAMELEN); 1813 kmem_free(sname, MAXNAMELEN); 1814 return (ENOMEM); 1815 } 1816 } else { 1817 rc = smb_fsop_lookup(sr, cr, flags, root_node, dnode, name, 1818 ret_snode); 1819 } 1820 1821 if (rc == 0) { 1822 ASSERT(ret_snode); 1823 if (SMB_TREE_CONTAINS_NODE(sr, *ret_snode) == 0) { 1824 smb_node_release(*ret_snode); 1825 *ret_snode = NULL; 1826 rc = EACCES; 1827 } 1828 } 1829 1830 kmem_free(fname, MAXNAMELEN); 1831 kmem_free(sname, MAXNAMELEN); 1832 1833 return (rc); 1834 } 1835 1836 /* 1837 * smb_fsop_lookup 1838 * 1839 * All SMB functions should use this smb_vop_lookup wrapper to ensure that 1840 * the smb_vop_lookup is performed with the appropriate credentials and using 1841 * case insensitive compares. Please document any direct call to smb_vop_lookup 1842 * to explain the reason for avoiding this wrapper. 1843 * 1844 * It is assumed that a reference exists on dnode coming into this routine 1845 * (and that it is safe from deallocation). 1846 * 1847 * Same with the root_node. 1848 * 1849 * *ret_snode is returned with a reference upon success. No reference is 1850 * taken if an error is returned. 1851 * 1852 * Note: The returned ret_snode may be in a child mount. This is ok for 1853 * readdir. 1854 * 1855 * Other smb_fsop_* routines will call SMB_TREE_CONTAINS_NODE() to prevent 1856 * operations on files not in the parent mount. 1857 * 1858 * Case sensitivity flags (SMB_IGNORE_CASE, SMB_CASE_SENSITIVE): 1859 * if SMB_CASE_SENSITIVE is set, the SMB_IGNORE_CASE flag will NOT be set 1860 * based on the tree's case sensitivity. However, if the SMB_IGNORE_CASE 1861 * flag is set in the flags value passed as a parameter, a case insensitive 1862 * lookup WILL be done (regardless of whether SMB_CASE_SENSITIVE is set 1863 * or not). 1864 */ 1865 int 1866 smb_fsop_lookup( 1867 smb_request_t *sr, 1868 cred_t *cr, 1869 int flags, 1870 smb_node_t *root_node, 1871 smb_node_t *dnode, 1872 char *name, 1873 smb_node_t **ret_snode) 1874 { 1875 smb_node_t *lnk_target_node; 1876 smb_node_t *lnk_dnode; 1877 char *longname; 1878 char *od_name; 1879 vnode_t *vp; 1880 int rc; 1881 int ret_flags; 1882 smb_attr_t attr; 1883 1884 ASSERT(cr); 1885 ASSERT(dnode); 1886 ASSERT(dnode->n_magic == SMB_NODE_MAGIC); 1887 ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING); 1888 1889 if (name == NULL) 1890 return (EINVAL); 1891 1892 if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0) 1893 return (EACCES); 1894 1895 if (!(flags & SMB_CASE_SENSITIVE)) { 1896 if (SMB_TREE_IS_CASEINSENSITIVE(sr)) 1897 flags |= SMB_IGNORE_CASE; 1898 } 1899 if (SMB_TREE_SUPPORTS_CATIA(sr)) 1900 flags |= SMB_CATIA; 1901 if (SMB_TREE_SUPPORTS_ABE(sr)) 1902 flags |= SMB_ABE; 1903 1904 /* 1905 * Can have "" or "." when opening named streams on a directory. 1906 */ 1907 if (name[0] == '\0' || (name[0] == '.' && name[1] == '\0')) { 1908 smb_node_ref(dnode); 1909 *ret_snode = dnode; 1910 return (0); 1911 } 1912 1913 od_name = kmem_alloc(MAXNAMELEN, KM_SLEEP); 1914 1915 rc = smb_vop_lookup(dnode->vp, name, &vp, od_name, flags, 1916 &ret_flags, root_node ? root_node->vp : NULL, &attr, cr); 1917 1918 if (rc != 0) { 1919 if (!SMB_TREE_SUPPORTS_SHORTNAMES(sr) || 1920 !smb_maybe_mangled(name)) { 1921 kmem_free(od_name, MAXNAMELEN); 1922 return (rc); 1923 } 1924 1925 longname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 1926 rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags); 1927 if (rc != 0) { 1928 kmem_free(od_name, MAXNAMELEN); 1929 kmem_free(longname, MAXNAMELEN); 1930 return (rc); 1931 } 1932 1933 /* 1934 * longname is the real (case-sensitive) 1935 * on-disk name. 1936 * We make sure we do a lookup on this exact 1937 * name, as the name was mangled and denotes 1938 * a unique file. 1939 */ 1940 1941 if (flags & SMB_IGNORE_CASE) 1942 flags &= ~SMB_IGNORE_CASE; 1943 1944 rc = smb_vop_lookup(dnode->vp, longname, &vp, od_name, 1945 flags, &ret_flags, root_node ? root_node->vp : NULL, &attr, 1946 cr); 1947 1948 kmem_free(longname, MAXNAMELEN); 1949 1950 if (rc != 0) { 1951 kmem_free(od_name, MAXNAMELEN); 1952 return (rc); 1953 } 1954 } 1955 1956 if ((flags & SMB_FOLLOW_LINKS) && (vp->v_type == VLNK) && 1957 ((attr.sa_dosattr & FILE_ATTRIBUTE_REPARSE_POINT) == 0)) { 1958 rc = smb_pathname(sr, od_name, FOLLOW, root_node, dnode, 1959 &lnk_dnode, &lnk_target_node, cr); 1960 1961 if (rc != 0) { 1962 /* 1963 * The link is assumed to be for the last component 1964 * of a path. Hence any ENOTDIR error will be returned 1965 * as ENOENT. 1966 */ 1967 if (rc == ENOTDIR) 1968 rc = ENOENT; 1969 1970 VN_RELE(vp); 1971 kmem_free(od_name, MAXNAMELEN); 1972 return (rc); 1973 } 1974 1975 /* 1976 * Release the original VLNK vnode 1977 */ 1978 1979 VN_RELE(vp); 1980 vp = lnk_target_node->vp; 1981 1982 rc = smb_vop_traverse_check(&vp); 1983 1984 if (rc != 0) { 1985 smb_node_release(lnk_dnode); 1986 smb_node_release(lnk_target_node); 1987 kmem_free(od_name, MAXNAMELEN); 1988 return (rc); 1989 } 1990 1991 /* 1992 * smb_vop_traverse_check() may have returned a different vnode 1993 */ 1994 1995 if (lnk_target_node->vp == vp) { 1996 *ret_snode = lnk_target_node; 1997 } else { 1998 *ret_snode = smb_node_lookup(sr, NULL, cr, vp, 1999 lnk_target_node->od_name, lnk_dnode, NULL); 2000 VN_RELE(vp); 2001 2002 if (*ret_snode == NULL) 2003 rc = ENOMEM; 2004 smb_node_release(lnk_target_node); 2005 } 2006 2007 smb_node_release(lnk_dnode); 2008 2009 } else { 2010 2011 rc = smb_vop_traverse_check(&vp); 2012 if (rc) { 2013 VN_RELE(vp); 2014 kmem_free(od_name, MAXNAMELEN); 2015 return (rc); 2016 } 2017 2018 *ret_snode = smb_node_lookup(sr, NULL, cr, vp, od_name, 2019 dnode, NULL); 2020 VN_RELE(vp); 2021 2022 if (*ret_snode == NULL) 2023 rc = ENOMEM; 2024 } 2025 2026 kmem_free(od_name, MAXNAMELEN); 2027 return (rc); 2028 } 2029 2030 int /*ARGSUSED*/ 2031 smb_fsop_commit(smb_request_t *sr, cred_t *cr, smb_node_t *snode) 2032 { 2033 ASSERT(cr); 2034 ASSERT(snode); 2035 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 2036 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 2037 2038 ASSERT(sr); 2039 ASSERT(sr->tid_tree); 2040 if (SMB_TREE_IS_READONLY(sr)) 2041 return (EROFS); 2042 2043 return (smb_vop_commit(snode->vp, cr)); 2044 } 2045 2046 /* 2047 * smb_fsop_aclread 2048 * 2049 * Retrieve filesystem ACL. Depends on requested ACLs in 2050 * fs_sd->sd_secinfo, it'll set DACL and SACL pointers in 2051 * fs_sd. Note that requesting a DACL/SACL doesn't mean that 2052 * the corresponding field in fs_sd should be non-NULL upon 2053 * return, since the target ACL might not contain that type of 2054 * entries. 2055 * 2056 * Returned ACL is always in ACE_T (aka ZFS) format. 2057 * If successful the allocated memory for the ACL should be freed 2058 * using smb_fsacl_free() or smb_fssd_term() 2059 */ 2060 int 2061 smb_fsop_aclread(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 2062 smb_fssd_t *fs_sd) 2063 { 2064 int error = 0; 2065 int flags = 0; 2066 int access = 0; 2067 acl_t *acl; 2068 2069 ASSERT(cr); 2070 2071 /* Can't query security on named streams */ 2072 if (SMB_IS_STREAM(snode) != NULL) 2073 return (EINVAL); 2074 2075 if (SMB_TREE_HAS_ACCESS(sr, ACE_READ_ACL) == 0) 2076 return (EACCES); 2077 2078 if (sr->fid_ofile) { 2079 if (fs_sd->sd_secinfo & SMB_DACL_SECINFO) 2080 access = READ_CONTROL; 2081 2082 if (fs_sd->sd_secinfo & SMB_SACL_SECINFO) 2083 access |= ACCESS_SYSTEM_SECURITY; 2084 2085 error = smb_ofile_access(sr->fid_ofile, cr, access); 2086 if (error != NT_STATUS_SUCCESS) { 2087 return (EACCES); 2088 } 2089 } 2090 2091 2092 if (smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACEMASKONACCESS)) 2093 flags = ATTR_NOACLCHECK; 2094 2095 error = smb_vop_acl_read(snode->vp, &acl, flags, 2096 sr->tid_tree->t_acltype, cr); 2097 if (error != 0) { 2098 return (error); 2099 } 2100 2101 error = acl_translate(acl, _ACL_ACE_ENABLED, 2102 smb_node_is_dir(snode), fs_sd->sd_uid, fs_sd->sd_gid); 2103 2104 if (error == 0) { 2105 smb_fsacl_split(acl, &fs_sd->sd_zdacl, &fs_sd->sd_zsacl, 2106 fs_sd->sd_secinfo); 2107 } 2108 2109 acl_free(acl); 2110 return (error); 2111 } 2112 2113 /* 2114 * smb_fsop_aclwrite 2115 * 2116 * Stores the filesystem ACL provided in fs_sd->sd_acl. 2117 */ 2118 int 2119 smb_fsop_aclwrite(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 2120 smb_fssd_t *fs_sd) 2121 { 2122 int target_flavor; 2123 int error = 0; 2124 int flags = 0; 2125 int access = 0; 2126 acl_t *acl, *dacl, *sacl; 2127 2128 ASSERT(cr); 2129 2130 ASSERT(sr); 2131 ASSERT(sr->tid_tree); 2132 if (SMB_TREE_IS_READONLY(sr)) 2133 return (EROFS); 2134 2135 /* Can't set security on named streams */ 2136 if (SMB_IS_STREAM(snode) != NULL) 2137 return (EINVAL); 2138 2139 if (SMB_TREE_HAS_ACCESS(sr, ACE_WRITE_ACL) == 0) 2140 return (EACCES); 2141 2142 if (sr->fid_ofile) { 2143 if (fs_sd->sd_secinfo & SMB_DACL_SECINFO) 2144 access = WRITE_DAC; 2145 2146 if (fs_sd->sd_secinfo & SMB_SACL_SECINFO) 2147 access |= ACCESS_SYSTEM_SECURITY; 2148 2149 error = smb_ofile_access(sr->fid_ofile, cr, access); 2150 if (error != NT_STATUS_SUCCESS) 2151 return (EACCES); 2152 } 2153 2154 switch (sr->tid_tree->t_acltype) { 2155 case ACLENT_T: 2156 target_flavor = _ACL_ACLENT_ENABLED; 2157 break; 2158 2159 case ACE_T: 2160 target_flavor = _ACL_ACE_ENABLED; 2161 break; 2162 default: 2163 return (EINVAL); 2164 } 2165 2166 dacl = fs_sd->sd_zdacl; 2167 sacl = fs_sd->sd_zsacl; 2168 2169 ASSERT(dacl || sacl); 2170 if ((dacl == NULL) && (sacl == NULL)) 2171 return (EINVAL); 2172 2173 if (dacl && sacl) 2174 acl = smb_fsacl_merge(dacl, sacl); 2175 else if (dacl) 2176 acl = dacl; 2177 else 2178 acl = sacl; 2179 2180 error = acl_translate(acl, target_flavor, smb_node_is_dir(snode), 2181 fs_sd->sd_uid, fs_sd->sd_gid); 2182 if (error == 0) { 2183 if (smb_tree_has_feature(sr->tid_tree, 2184 SMB_TREE_ACEMASKONACCESS)) 2185 flags = ATTR_NOACLCHECK; 2186 2187 error = smb_vop_acl_write(snode->vp, acl, flags, cr); 2188 } 2189 2190 if (dacl && sacl) 2191 acl_free(acl); 2192 2193 return (error); 2194 } 2195 2196 acl_type_t 2197 smb_fsop_acltype(smb_node_t *snode) 2198 { 2199 return (smb_vop_acl_type(snode->vp)); 2200 } 2201 2202 /* 2203 * smb_fsop_sdread 2204 * 2205 * Read the requested security descriptor items from filesystem. 2206 * The items are specified in fs_sd->sd_secinfo. 2207 */ 2208 int 2209 smb_fsop_sdread(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 2210 smb_fssd_t *fs_sd) 2211 { 2212 int error = 0; 2213 int getowner = 0; 2214 cred_t *ga_cred; 2215 smb_attr_t attr; 2216 2217 ASSERT(cr); 2218 ASSERT(fs_sd); 2219 2220 /* Can't query security on named streams */ 2221 if (SMB_IS_STREAM(snode) != NULL) 2222 return (EINVAL); 2223 2224 /* 2225 * File's uid/gid is fetched in two cases: 2226 * 2227 * 1. it's explicitly requested 2228 * 2229 * 2. target ACL is ACE_T (ZFS ACL). They're needed for 2230 * owner@/group@ entries. In this case kcred should be used 2231 * because uid/gid are fetched on behalf of smb server. 2232 */ 2233 if (fs_sd->sd_secinfo & (SMB_OWNER_SECINFO | SMB_GROUP_SECINFO)) { 2234 getowner = 1; 2235 ga_cred = cr; 2236 } else if (sr->tid_tree->t_acltype == ACE_T) { 2237 getowner = 1; 2238 ga_cred = zone_kcred(); 2239 } 2240 2241 if (getowner) { 2242 /* 2243 * Windows require READ_CONTROL to read owner/group SID since 2244 * they're part of Security Descriptor. 2245 * ZFS only requires read_attribute. Need to have a explicit 2246 * access check here. 2247 */ 2248 if (sr->fid_ofile == NULL) { 2249 error = smb_fsop_access(sr, ga_cred, snode, 2250 READ_CONTROL); 2251 if (error) 2252 return (EACCES); 2253 } 2254 2255 attr.sa_mask = SMB_AT_UID | SMB_AT_GID; 2256 error = smb_fsop_getattr(sr, ga_cred, snode, &attr); 2257 if (error == 0) { 2258 fs_sd->sd_uid = attr.sa_vattr.va_uid; 2259 fs_sd->sd_gid = attr.sa_vattr.va_gid; 2260 } else { 2261 return (error); 2262 } 2263 } 2264 2265 if (fs_sd->sd_secinfo & SMB_ACL_SECINFO) { 2266 error = smb_fsop_aclread(sr, cr, snode, fs_sd); 2267 } 2268 2269 return (error); 2270 } 2271 2272 /* 2273 * smb_fsop_sdmerge 2274 * 2275 * From SMB point of view DACL and SACL are two separate list 2276 * which can be manipulated independently without one affecting 2277 * the other, but entries for both DACL and SACL will end up 2278 * in the same ACL if target filesystem supports ACE_T ACLs. 2279 * 2280 * So, if either DACL or SACL is present in the client set request 2281 * the entries corresponding to the non-present ACL shouldn't 2282 * be touched in the FS ACL. 2283 * 2284 * fs_sd parameter contains DACL and SACL specified by SMB 2285 * client to be set on a file/directory. The client could 2286 * specify both or one of these ACLs (if none is specified 2287 * we don't get this far). When both DACL and SACL are given 2288 * by client the existing ACL should be overwritten. If only 2289 * one of them is specified the entries corresponding to the other 2290 * ACL should not be touched. For example, if only DACL 2291 * is specified in input fs_sd, the function reads audit entries 2292 * of the existing ACL of the file and point fs_sd->sd_zsdacl 2293 * pointer to the fetched SACL, this way when smb_fsop_sdwrite() 2294 * function is called the passed fs_sd would point to the specified 2295 * DACL by client and fetched SACL from filesystem, so the file 2296 * will end up with correct ACL. 2297 */ 2298 static int 2299 smb_fsop_sdmerge(smb_request_t *sr, smb_node_t *snode, smb_fssd_t *fs_sd) 2300 { 2301 smb_fssd_t cur_sd; 2302 cred_t *kcr = zone_kcred(); 2303 int error = 0; 2304 2305 if (sr->tid_tree->t_acltype != ACE_T) 2306 /* Don't bother if target FS doesn't support ACE_T */ 2307 return (0); 2308 2309 if ((fs_sd->sd_secinfo & SMB_ACL_SECINFO) != SMB_ACL_SECINFO) { 2310 if (fs_sd->sd_secinfo & SMB_DACL_SECINFO) { 2311 /* 2312 * Don't overwrite existing audit entries 2313 */ 2314 smb_fssd_init(&cur_sd, SMB_SACL_SECINFO, 2315 fs_sd->sd_flags); 2316 2317 error = smb_fsop_sdread(sr, kcr, snode, &cur_sd); 2318 if (error == 0) { 2319 ASSERT(fs_sd->sd_zsacl == NULL); 2320 fs_sd->sd_zsacl = cur_sd.sd_zsacl; 2321 if (fs_sd->sd_zsacl && fs_sd->sd_zdacl) 2322 fs_sd->sd_zsacl->acl_flags = 2323 fs_sd->sd_zdacl->acl_flags; 2324 } 2325 } else { 2326 /* 2327 * Don't overwrite existing access entries 2328 */ 2329 smb_fssd_init(&cur_sd, SMB_DACL_SECINFO, 2330 fs_sd->sd_flags); 2331 2332 error = smb_fsop_sdread(sr, kcr, snode, &cur_sd); 2333 if (error == 0) { 2334 ASSERT(fs_sd->sd_zdacl == NULL); 2335 fs_sd->sd_zdacl = cur_sd.sd_zdacl; 2336 if (fs_sd->sd_zdacl && fs_sd->sd_zsacl) 2337 fs_sd->sd_zdacl->acl_flags = 2338 fs_sd->sd_zsacl->acl_flags; 2339 } 2340 } 2341 2342 if (error) 2343 smb_fssd_term(&cur_sd); 2344 } 2345 2346 return (error); 2347 } 2348 2349 /* 2350 * smb_fsop_sdwrite 2351 * 2352 * Stores the given uid, gid and acl in filesystem. 2353 * Provided items in fs_sd are specified by fs_sd->sd_secinfo. 2354 * 2355 * A SMB security descriptor could contain owner, primary group, 2356 * DACL and SACL. Setting an SD should be atomic but here it has to 2357 * be done via two separate FS operations: VOP_SETATTR and 2358 * VOP_SETSECATTR. Therefore, this function has to simulate the 2359 * atomicity as well as it can. 2360 * 2361 * Get the current uid, gid before setting the new uid/gid 2362 * so if smb_fsop_aclwrite fails they can be restored. root cred is 2363 * used to get currend uid/gid since this operation is performed on 2364 * behalf of the server not the user. 2365 * 2366 * If setting uid/gid fails with EPERM it means that and invalid 2367 * owner has been specified. Callers should translate this to 2368 * STATUS_INVALID_OWNER which is not the normal mapping for EPERM 2369 * in upper layers, so EPERM is mapped to EBADE. 2370 */ 2371 int 2372 smb_fsop_sdwrite(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 2373 smb_fssd_t *fs_sd, int overwrite) 2374 { 2375 smb_attr_t set_attr; 2376 smb_attr_t orig_attr; 2377 cred_t *kcr = zone_kcred(); 2378 int error = 0; 2379 int access = 0; 2380 2381 ASSERT(cr); 2382 ASSERT(fs_sd); 2383 2384 ASSERT(sr); 2385 ASSERT(sr->tid_tree); 2386 if (SMB_TREE_IS_READONLY(sr)) 2387 return (EROFS); 2388 2389 /* Can't set security on named streams */ 2390 if (SMB_IS_STREAM(snode) != NULL) 2391 return (EINVAL); 2392 2393 bzero(&set_attr, sizeof (smb_attr_t)); 2394 2395 if (fs_sd->sd_secinfo & SMB_OWNER_SECINFO) { 2396 set_attr.sa_vattr.va_uid = fs_sd->sd_uid; 2397 set_attr.sa_mask |= SMB_AT_UID; 2398 access |= WRITE_OWNER; 2399 } 2400 2401 if (fs_sd->sd_secinfo & SMB_GROUP_SECINFO) { 2402 set_attr.sa_vattr.va_gid = fs_sd->sd_gid; 2403 set_attr.sa_mask |= SMB_AT_GID; 2404 access |= WRITE_OWNER; 2405 } 2406 2407 if (fs_sd->sd_secinfo & SMB_DACL_SECINFO) 2408 access |= WRITE_DAC; 2409 2410 if (fs_sd->sd_secinfo & SMB_SACL_SECINFO) 2411 access |= ACCESS_SYSTEM_SECURITY; 2412 2413 if (sr->fid_ofile) 2414 error = smb_ofile_access(sr->fid_ofile, cr, access); 2415 else 2416 error = smb_fsop_access(sr, cr, snode, access); 2417 2418 if (error) 2419 return (EACCES); 2420 2421 if (set_attr.sa_mask) { 2422 orig_attr.sa_mask = SMB_AT_UID | SMB_AT_GID; 2423 error = smb_fsop_getattr(sr, kcr, snode, &orig_attr); 2424 if (error == 0) { 2425 error = smb_fsop_setattr(sr, cr, snode, &set_attr); 2426 if (error == EPERM) 2427 error = EBADE; 2428 } 2429 2430 if (error) 2431 return (error); 2432 } 2433 2434 if (fs_sd->sd_secinfo & SMB_ACL_SECINFO) { 2435 if (overwrite == 0) { 2436 error = smb_fsop_sdmerge(sr, snode, fs_sd); 2437 if (error) 2438 return (error); 2439 } 2440 2441 error = smb_fsop_aclwrite(sr, cr, snode, fs_sd); 2442 if (error) { 2443 /* 2444 * Revert uid/gid changes if required. 2445 */ 2446 if (set_attr.sa_mask) { 2447 orig_attr.sa_mask = set_attr.sa_mask; 2448 (void) smb_fsop_setattr(sr, kcr, snode, 2449 &orig_attr); 2450 } 2451 } 2452 } 2453 2454 return (error); 2455 } 2456 2457 #ifdef _KERNEL 2458 /* 2459 * smb_fsop_sdinherit 2460 * 2461 * Inherit the security descriptor from the parent container. 2462 * This function is called after FS has created the file/folder 2463 * so if this doesn't do anything it means FS inheritance is 2464 * in place. 2465 * 2466 * Do inheritance for ZFS internally. 2467 * 2468 * If we want to let ZFS does the inheritance the 2469 * following setting should be true: 2470 * 2471 * - aclinherit = passthrough 2472 * - aclmode = passthrough 2473 * - smbd umask = 0777 2474 * 2475 * This will result in right effective permissions but 2476 * ZFS will always add 6 ACEs for owner, owning group 2477 * and others to be POSIX compliant. This is not what 2478 * Windows clients/users expect, so we decided that CIFS 2479 * implements Windows rules and overwrite whatever ZFS 2480 * comes up with. This way we also don't have to care 2481 * about ZFS aclinherit and aclmode settings. 2482 */ 2483 static int 2484 smb_fsop_sdinherit(smb_request_t *sr, smb_node_t *dnode, smb_fssd_t *fs_sd) 2485 { 2486 acl_t *dacl = NULL; 2487 acl_t *sacl = NULL; 2488 int is_dir; 2489 int error; 2490 2491 ASSERT(fs_sd); 2492 2493 if (sr->tid_tree->t_acltype != ACE_T) { 2494 /* 2495 * No forced inheritance for non-ZFS filesystems. 2496 */ 2497 fs_sd->sd_secinfo = 0; 2498 return (0); 2499 } 2500 2501 2502 /* Fetch parent directory's ACL */ 2503 error = smb_fsop_sdread(sr, zone_kcred(), dnode, fs_sd); 2504 if (error) { 2505 return (error); 2506 } 2507 2508 is_dir = (fs_sd->sd_flags & SMB_FSSD_FLAGS_DIR); 2509 dacl = smb_fsacl_inherit(fs_sd->sd_zdacl, is_dir, SMB_DACL_SECINFO, 2510 sr->user_cr); 2511 sacl = smb_fsacl_inherit(fs_sd->sd_zsacl, is_dir, SMB_SACL_SECINFO, 2512 sr->user_cr); 2513 2514 if (sacl == NULL) 2515 fs_sd->sd_secinfo &= ~SMB_SACL_SECINFO; 2516 2517 smb_fsacl_free(fs_sd->sd_zdacl); 2518 smb_fsacl_free(fs_sd->sd_zsacl); 2519 2520 fs_sd->sd_zdacl = dacl; 2521 fs_sd->sd_zsacl = sacl; 2522 2523 return (0); 2524 } 2525 #endif /* _KERNEL */ 2526 2527 /* 2528 * smb_fsop_eaccess 2529 * 2530 * Returns the effective permission of the given credential for the 2531 * specified object. 2532 * 2533 * This is just a workaround. We need VFS/FS support for this. 2534 */ 2535 void 2536 smb_fsop_eaccess(smb_request_t *sr, cred_t *cr, smb_node_t *snode, 2537 uint32_t *eaccess) 2538 { 2539 int access = 0; 2540 vnode_t *dir_vp; 2541 smb_node_t *unnamed_node; 2542 2543 ASSERT(cr); 2544 ASSERT(snode); 2545 ASSERT(snode->n_magic == SMB_NODE_MAGIC); 2546 ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING); 2547 2548 unnamed_node = SMB_IS_STREAM(snode); 2549 if (unnamed_node) { 2550 ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC); 2551 ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING); 2552 /* 2553 * Streams authorization should be performed against the 2554 * unnamed stream. 2555 */ 2556 snode = unnamed_node; 2557 } 2558 2559 if (smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACEMASKONACCESS)) { 2560 dir_vp = (snode->n_dnode) ? snode->n_dnode->vp : NULL; 2561 smb_vop_eaccess(snode->vp, (int *)eaccess, V_ACE_MASK, dir_vp, 2562 cr); 2563 return; 2564 } 2565 2566 /* 2567 * FS doesn't understand 32-bit mask 2568 */ 2569 smb_vop_eaccess(snode->vp, &access, 0, NULL, cr); 2570 access &= sr->tid_tree->t_access; 2571 2572 *eaccess = READ_CONTROL | FILE_READ_EA | FILE_READ_ATTRIBUTES; 2573 2574 if (access & VREAD) 2575 *eaccess |= FILE_READ_DATA; 2576 2577 if (access & VEXEC) 2578 *eaccess |= FILE_EXECUTE; 2579 2580 if (access & VWRITE) 2581 *eaccess |= FILE_WRITE_DATA | FILE_WRITE_ATTRIBUTES | 2582 FILE_WRITE_EA | FILE_APPEND_DATA | FILE_DELETE_CHILD; 2583 2584 if (access & (VREAD | VWRITE)) 2585 *eaccess |= SYNCHRONIZE; 2586 2587 #ifdef _FAKE_KERNEL 2588 /* Should be: if (we are the owner)... */ 2589 if (access & VWRITE) 2590 *eaccess |= DELETE | WRITE_DAC | WRITE_OWNER; 2591 #endif 2592 } 2593 2594 /* 2595 * smb_fsop_shrlock 2596 * 2597 * For the current open request, check file sharing rules 2598 * against existing opens. 2599 * 2600 * Returns NT_STATUS_SHARING_VIOLATION if there is any 2601 * sharing conflict. Returns NT_STATUS_SUCCESS otherwise. 2602 * 2603 * Full system-wide share reservation synchronization is available 2604 * when the nbmand (non-blocking mandatory) mount option is set 2605 * (i.e. nbl_need_crit() is true) and nbmand critical regions are used. 2606 * This provides synchronization with NFS and local processes. The 2607 * critical regions are entered in VOP_SHRLOCK()/fs_shrlock() (called 2608 * from smb_open_subr()/smb_fsop_shrlock()/smb_vop_shrlock()) as well 2609 * as the CIFS rename and delete paths. 2610 * 2611 * The CIFS server will also enter the nbl critical region in the open, 2612 * rename, and delete paths when nbmand is not set. There is limited 2613 * coordination with local and VFS share reservations in this case. 2614 * Note that when the nbmand mount option is not set, the VFS layer 2615 * only processes advisory reservations and the delete mode is not checked. 2616 * 2617 * Whether or not the nbmand mount option is set, intra-CIFS share 2618 * checking is done in the open, delete, and rename paths using a CIFS 2619 * critical region (node->n_share_lock). 2620 */ 2621 uint32_t 2622 smb_fsop_shrlock(cred_t *cr, smb_node_t *node, uint32_t uniq_fid, 2623 uint32_t desired_access, uint32_t share_access) 2624 { 2625 int rc; 2626 2627 /* Allow access if the request is just for meta data */ 2628 if ((desired_access & FILE_DATA_ALL) == 0) 2629 return (NT_STATUS_SUCCESS); 2630 2631 rc = smb_node_open_check(node, desired_access, share_access); 2632 if (rc) 2633 return (NT_STATUS_SHARING_VIOLATION); 2634 2635 rc = smb_vop_shrlock(node->vp, uniq_fid, desired_access, share_access, 2636 cr); 2637 if (rc) 2638 return (NT_STATUS_SHARING_VIOLATION); 2639 2640 return (NT_STATUS_SUCCESS); 2641 } 2642 2643 void 2644 smb_fsop_unshrlock(cred_t *cr, smb_node_t *node, uint32_t uniq_fid) 2645 { 2646 (void) smb_vop_unshrlock(node->vp, uniq_fid, cr); 2647 } 2648 2649 int 2650 smb_fsop_frlock(smb_node_t *node, smb_lock_t *lock, boolean_t unlock, 2651 cred_t *cr) 2652 { 2653 flock64_t bf; 2654 int flag = F_REMOTELOCK; 2655 2656 /* 2657 * VOP_FRLOCK() will not be called if: 2658 * 2659 * 1) The lock has a range of zero bytes. The semantics of Windows and 2660 * POSIX are different. In the case of POSIX it asks for the locking 2661 * of all the bytes from the offset provided until the end of the 2662 * file. In the case of Windows a range of zero locks nothing and 2663 * doesn't conflict with any other lock. 2664 * 2665 * 2) The lock rolls over (start + lenght < start). Solaris will assert 2666 * if such a request is submitted. This will not create 2667 * incompatibilities between POSIX and Windows. In the Windows world, 2668 * if a client submits such a lock, the server will not lock any 2669 * bytes. Interestingly if the same lock (same offset and length) is 2670 * resubmitted Windows will consider that there is an overlap and 2671 * the granting rules will then apply. 2672 * 2673 * 3) The SMB-level process IDs (smb_pid) are not passed down to the 2674 * POSIX level in l_pid because (a) the rules about lock PIDs are 2675 * different in SMB, and (b) we're putting our ofile f_uniqid in 2676 * the POSIX l_pid field to segregate locks per SMB ofile. 2677 * (We're also using a "remote" system ID in l_sysid.) 2678 * All SMB locking PIDs are handled at the SMB level and 2679 * not exposed in POSIX locking. 2680 */ 2681 if ((lock->l_length == 0) || 2682 ((lock->l_start + lock->l_length - 1) < lock->l_start)) 2683 return (0); 2684 2685 bzero(&bf, sizeof (bf)); 2686 2687 if (unlock) { 2688 bf.l_type = F_UNLCK; 2689 } else if (lock->l_type == SMB_LOCK_TYPE_READONLY) { 2690 bf.l_type = F_RDLCK; 2691 flag |= FREAD; 2692 } else if (lock->l_type == SMB_LOCK_TYPE_READWRITE) { 2693 bf.l_type = F_WRLCK; 2694 flag |= FWRITE; 2695 } 2696 2697 bf.l_start = lock->l_start; 2698 bf.l_len = lock->l_length; 2699 bf.l_pid = lock->l_file->f_uniqid; 2700 bf.l_sysid = smb_ct.cc_sysid; 2701 2702 return (smb_vop_frlock(node->vp, cr, flag, &bf)); 2703 } 2704