xref: /illumos-gate/usr/src/uts/common/fs/smbsrv/smb_odir.c (revision b92be93cdb5c3e9e673cdcb4daffe01fe1419f9e)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23  * Copyright 2022 Tintri by DDN, Inc. All rights reserved.
24  */
25 
26 /*
27  * General Structures Layout
28  * -------------------------
29  *
30  * This is a simplified diagram showing the relationship between most of the
31  * main structures.
32  *
33  * +-------------------+
34  * |     SMB_INFO      |
35  * +-------------------+
36  *          |
37  *          |
38  *          v
39  * +-------------------+       +-------------------+      +-------------------+
40  * |     SESSION       |<----->|     SESSION       |......|      SESSION      |
41  * +-------------------+       +-------------------+      +-------------------+
42  *   |          |
43  *   |          |
44  *   |          v
45  *   |  +-------------------+     +-------------------+   +-------------------+
46  *   |  |       USER        |<--->|       USER        |...|       USER        |
47  *   |  +-------------------+     +-------------------+   +-------------------+
48  *   |
49  *   |
50  *   v
51  * +-------------------+       +-------------------+      +-------------------+
52  * |       TREE        |<----->|       TREE        |......|       TREE        |
53  * +-------------------+       +-------------------+      +-------------------+
54  *      |         |
55  *      |         |
56  *      |         v
57  *      |     +-------+       +-------+      +-------+
58  *      |     | OFILE |<----->| OFILE |......| OFILE |
59  *      |     +-------+       +-------+      +-------+
60  *      |
61  *      |
62  *      v
63  *  +-------+       +------+      +------+
64  *  | ODIR  |<----->| ODIR |......| ODIR |
65  *  +-------+       +------+      +------+
66  *
67  *
68  * Odir State Machine
69  * ------------------
70  *
71  *    +-------------------------+
72  *    |  SMB_ODIR_STATE_OPEN    |<----------- open / creation
73  *    +-------------------------+
74  *	    |            ^
75  *	    | (first)    | (last)
76  *	    | lookup     | release
77  *	    v            |
78  *    +-------------------------+
79  *    | SMB_ODIR_STATE_IN_USE   |----
80  *    +-------------------------+   | lookup / release / read
81  *	    |                ^-------
82  *	    | close
83  *	    |
84  *	    v
85  *    +-------------------------+
86  *    | SMB_ODIR_STATE_CLOSING  |----
87  *    +-------------------------+   | close / release / read
88  *	    |                ^-------
89  *	    | (last) release
90  *	    |
91  *	    v
92  *    +-------------------------+
93  *    | SMB_ODIR_STATE_CLOSED   |----------> deletion
94  *    +-------------------------+
95  *
96  *
97  * SMB_ODIR_STATE_OPEN
98  * - the odir exists in the list of odirs of its tree
99  * - lookup is valid in this state. It will place a hold on the odir
100  *   by incrementing the reference count and the odir will transition
101  *   to SMB_ODIR_STATE_IN_USE
102  * - read/close/release not valid in this state
103  *
104  * SMB_ODIR_STATE_IN_USE
105  * - the odir exists in the list of odirs of its tree.
106  * - lookup is valid in this state. It will place a hold on the odir
107  *   by incrementing the reference count.
108  * - if the last hold is released the odir will transition
109  *   back to SMB_ODIR_STATE_OPEN
110  * - if a close is received the odir will transition to
111  *   SMB_ODIR_STATE_CLOSING.
112  *
113  * SMB_ODIR_STATE_CLOSING
114  * - the odir exists in the list of odirs of its tree.
115  * - lookup will fail in this state.
116  * - when the last hold is released the odir will transition
117  *   to SMB_ODIR_STATE_CLOSED.
118  *
119  * SMB_ODIR_STATE_CLOSED
120  * - the odir exists in the list of odirs of its tree.
121  * - there are no users of the odir (refcnt == 0)
122  * - the odir is being removed from the tree's list and deleted.
123  * - lookup will fail in this state.
124  * - read/close/release not valid in this state
125  *
126  * Comments
127  * --------
128  *    The state machine of the odir structures is controlled by 3 elements:
129  *      - The list of odirs of the tree it belongs to.
130  *      - The mutex embedded in the structure itself.
131  *      - The reference count.
132  *
133  *    There's a mutex embedded in the odir structure used to protect its fields
134  *    and there's a lock embedded in the list of odirs of a tree. To
135  *    increment or to decrement the reference count the mutex must be entered.
136  *    To insert the odir into the list of odirs of the tree and to remove
137  *    the odir from it, the lock must be entered in RW_WRITER mode.
138  *
139  *    In order to avoid deadlocks, when both (mutex and lock of the odir
140  *    list) have to be entered, the lock must be entered first.
141  *
142  *
143  * Odir Interface
144  * ---------------
145  * smb_odir_open(char *pathname)
146  *	Create an odir representing the directory specified in pathname and
147  *	add it into the tree's list of odirs.
148  *	Returns NT status.
149  *
150  * smb_odir_openfh(smb_ofile_t *of)
151  *	Create an odir representing the directory specified by the
152  *	existing open handle (from a prior open of the directory).
153  *	Returns NT status.
154  *
155  * smb_odir_openat(smb_node_t *unode)
156  *	Create an odir representing the extended attribute directory
157  *	associated with the file (or directory) represented by unode
158  *	and add it into the tree's list of odirs.
159  *	Returns NT status.
160  *
161  * smb_odir_t *odir = smb_tree_lookup_odir(..., odid)
162  *	Find the odir corresponding to the specified odid in the tree's
163  *	list of odirs. Place a hold on the odir.
164  *
165  * smb_odir_read(..., smb_odirent_t *odirent)
166  *	Find the next directory entry in the odir and return it in odirent.
167  *
168  * smb_odir_read_fileinfo(..., smb_fileinfo_t *)
169  *	Find the next directory entry in the odir. Return the details of
170  *	the directory entry in smb_fileinfo_t. (See odir internals below)
171  *
172  * smb_odir_read_streaminfo(..., smb_streaminfo_t *)
173  *	Find the next named stream entry in the odir. Return the details of
174  *	the named stream in smb_streaminfo_t.
175  *
176  * smb_odir_close(smb_odir_t *odir)
177  *  Close the odir.
178  *  The caller of close must have a hold on the odir being closed.
179  *  The hold should be released after closing.
180  *
181  * smb_odir_release(smb_odir_t *odir)
182  *	Release the hold on the odir, obtained by lookup.
183  *
184  *
185  * Odir Internals
186  * --------------
187  * The odir object represent an open directory search. Each read operation
188  * provides the caller with a structure containing information  pertaining
189  * to the next directory entry that matches the search criteria, namely
190  * the filename or match pattern and, in the case of smb_odir_read_fileinfo(),
191  * the search attributes.
192  *
193  * The odir maintains a buffer (d_buf) of directory entries read from
194  * the filesystem via a vop_readdir. The buffer is populated when a read
195  * request (smb_odir_next_odirent) finds that the buffer is empty or that
196  * the end of the buffer has been reached, and also when a new client request
197  * (find next) begins.
198  *
199  * The data in d_buf (that which is returned from the file system) can
200  * be in one of two formats. If the file system supports extended directory
201  * entries we request that the data be returned as edirent_t structures. If
202  * it does not the data will be returned as dirent64_t structures. For
203  * convenience, when the next directory entry is read from d_buf by
204  * smb_odir_next_odirent it is translated into an smb_odirent_t.
205  *
206  * smb_odir_read_fileinfo
207  * The processing required to obtain the information to populate the caller's
208  * smb_fileinfo_t differs depending upon whether the directory search is for a
209  * single specified filename or for multiple files matching a search pattern.
210  * Thus smb_odir_read_fileinfo uses two static functions:
211  * smb_odir_single_fileinfo - obtains the smb_fileinfo_t info for the single
212  * filename as specified in smb_odir_open request.
213  * smb_odir_wildcard_fileinfo - obtains the smb_fileinfo_t info for the filename
214  * returned from the smb_odir_next_odirent. This is called in a loop until
215  * an entry matching the search criteria is found or no more entries exist.
216  *
217  * If a directory entry is a VLNK, the name returned in the smb_fileinfo_t
218  * is the name of the directory entry but the attributes are the attribites
219  * of the file that is the target of the link. If the link target cannot
220  * be found the attributes returned are the attributes of the link itself.
221  *
222  * smb_odir_read_streaminfo
223  * In order for an odir to provide information about stream files it
224  * must be opened with smb_odir_openat(). smb_odir_read_streaminfo() can
225  * then be used to obtain the name and size of named stream files.
226  *
227  * Resuming a Search
228  * -----------------
229  * A directory search often consists of multiple client requests: an initial
230  * find_first request followed by zero or more find_next requests and a
231  * find_close request.
232  * The find_first request will open and lookup the odir, read its desired
233  * number of entries from the odir, then release the odir and return.
234  * A find_next request will lookup the odir and read its desired number of
235  * entries from the odir, then release the odir and return.
236  * At the end of the search the find_close request will close the odir.
237  *
238  * In order to be able to resume a directory search (find_next) the odir
239  * provides the capability for the caller to save one or more resume points
240  * (cookies) at the end of a request, and to specify which resume point
241  * (cookie) to restart from at the beginning of the next search.
242  *	smb_odir_save_cookie(..., cookie)
243  *	smb_odir_resume_at(smb_odir_resume_t *resume)
244  * A search can be resumed at a specified resume point (cookie), the resume
245  * point (cookie) stored at a specified index in the d_cookies array, or
246  * a specified filename. The latter (specified filename) is not yet supported.
247  *
248  * See smb_search, smb_find, smb_find_unique, and smb_trans2_find for details
249  */
250 
251 #include <smbsrv/smb_kproto.h>
252 #include <smbsrv/smb_fsops.h>
253 #include <smbsrv/smb_share.h>
254 #include <sys/extdirent.h>
255 
256 /* static functions */
257 static smb_odir_t *smb_odir_create(smb_request_t *, smb_node_t *,
258     const char *, uint16_t, uint16_t, cred_t *);
259 static int smb_odir_single_fileinfo(smb_request_t *, smb_odir_t *,
260     smb_fileinfo_t *);
261 static int smb_odir_wildcard_fileinfo(smb_request_t *, smb_odir_t *,
262     smb_odirent_t *, smb_fileinfo_t *);
263 static int smb_odir_next_odirent(smb_odir_t *, smb_odirent_t *);
264 static boolean_t smb_odir_lookup_link(smb_request_t *, smb_odir_t *,
265     char *, smb_node_t **);
266 static boolean_t smb_odir_match_name(smb_odir_t *, smb_odirent_t *);
267 static void smb_odir_delete(void *);
268 
269 
270 /*
271  * smb_odir_openpath
272  *
273  * Create an odir representing the directory specified in pathname.
274  *
275  * Returns:
276  *    NT Status
277  */
278 uint32_t
279 smb_odir_openpath(smb_request_t *sr, char *path, uint16_t sattr,
280     uint32_t flags, smb_odir_t **odp)
281 {
282 	int		rc;
283 	smb_tree_t	*tree;
284 	smb_node_t	*dnode;
285 	char		pattern[MAXNAMELEN];
286 	uint16_t	odid;
287 	cred_t		*cr;
288 
289 	ASSERT(sr);
290 	ASSERT(sr->sr_magic == SMB_REQ_MAGIC);
291 	ASSERT(sr->tid_tree);
292 	ASSERT(sr->tid_tree->t_magic == SMB_TREE_MAGIC);
293 	*odp = NULL;
294 
295 	tree = sr->tid_tree;
296 
297 	if (sr->session->dialect < NT_LM_0_12)
298 		smb_convert_wildcards(path);
299 
300 	rc = smb_pathname_reduce(sr, sr->user_cr, path,
301 	    tree->t_snode, tree->t_snode, &dnode, pattern);
302 	if (rc != 0)
303 		return (smb_errno2status(rc));
304 
305 	if (!smb_node_is_dir(dnode)) {
306 		smb_node_release(dnode);
307 		return (NT_STATUS_OBJECT_PATH_NOT_FOUND);
308 	}
309 
310 	if (smb_fsop_access(sr, sr->user_cr, dnode, FILE_LIST_DIRECTORY) != 0) {
311 		smb_node_release(dnode);
312 		return (NT_STATUS_ACCESS_DENIED);
313 	}
314 
315 	if (smb_idpool_alloc(&tree->t_odid_pool, &odid)) {
316 		smb_node_release(dnode);
317 		return (NT_STATUS_TOO_MANY_OPENED_FILES);
318 	}
319 
320 	if (flags & SMB_ODIR_OPENF_BACKUP_INTENT)
321 		cr = smb_user_getprivcred(sr->uid_user);
322 	else
323 		cr = sr->uid_user->u_cred;
324 
325 	*odp = smb_odir_create(sr, dnode, pattern, sattr, odid, cr);
326 	smb_node_release(dnode);
327 
328 	return (0);
329 }
330 
331 /*
332  * smb_odir_openfh
333  *
334  * Create an odir representing the directory already opened on "of".
335  *
336  * Returns:
337  *    NT status
338  */
339 uint32_t
340 smb_odir_openfh(smb_request_t *sr, const char *pattern, uint16_t sattr,
341     smb_odir_t **odp)
342 {
343 	smb_ofile_t	*of = sr->fid_ofile;
344 
345 	*odp = NULL;
346 
347 	if (of->f_node == NULL || !smb_node_is_dir(of->f_node))
348 		return (NT_STATUS_INVALID_PARAMETER);
349 
350 	if ((of->f_granted_access & FILE_LIST_DIRECTORY) == 0)
351 		return (NT_STATUS_ACCESS_DENIED);
352 
353 	*odp = smb_odir_create(sr, of->f_node, pattern, sattr, 0, of->f_cr);
354 
355 	return (0);
356 }
357 
358 /*
359  * smb_odir_openat
360  *
361  * Create an odir representing the extended attribute directory
362  * associated with the file (or directory) represented by unode.
363  *
364  * Returns:
365  *    NT status
366  */
367 uint32_t
368 smb_odir_openat(smb_request_t *sr, smb_node_t *unode, smb_odir_t **odp,
369     boolean_t restricted)
370 {
371 	char		pattern[SMB_STREAM_PREFIX_LEN + 2];
372 	vnode_t		*xattr_dvp;
373 	cred_t		*cr;
374 	smb_node_t	*xattr_dnode;
375 	int		rc;
376 
377 	ASSERT(sr);
378 	ASSERT(sr->sr_magic == SMB_REQ_MAGIC);
379 	ASSERT(unode);
380 	ASSERT(unode->n_magic == SMB_NODE_MAGIC);
381 	*odp = NULL;
382 
383 	if (SMB_TREE_CONTAINS_NODE(sr, unode) == 0 ||
384 	    SMB_TREE_HAS_ACCESS(sr, ACE_LIST_DIRECTORY) == 0)
385 		return (NT_STATUS_ACCESS_DENIED);
386 
387 	cr = zone_kcred();
388 
389 	/* find the xattrdir vnode */
390 	rc = smb_vop_lookup_xattrdir(unode->vp, &xattr_dvp, LOOKUP_XATTR, cr);
391 	if (rc != 0)
392 		return (smb_errno2status(rc));
393 
394 	/* lookup the xattrdir's smb_node */
395 	xattr_dnode = smb_node_lookup(sr, NULL, cr, xattr_dvp, XATTR_DIR,
396 	    unode, NULL);
397 	VN_RELE(xattr_dvp);
398 	if (xattr_dnode == NULL)
399 		return (NT_STATUS_NO_MEMORY);
400 
401 	(void) snprintf(pattern, sizeof (pattern), "%s*", SMB_STREAM_PREFIX);
402 	*odp = smb_odir_create(sr, xattr_dnode, pattern,
403 	    SMB_SEARCH_ATTRIBUTES, 0, cr);
404 
405 	/* Causes restricted stream names to be hidden from the caller */
406 	if (restricted)
407 		(*odp)->d_flags |= SMB_ODIR_FLAG_RESTRICTED;
408 
409 	smb_node_release(xattr_dnode);
410 	return (0);
411 }
412 
413 /*
414  * smb_odir_hold
415  *
416  * A hold will only be granted if the odir is open or in_use.
417  */
418 boolean_t
419 smb_odir_hold(smb_odir_t *od)
420 {
421 	ASSERT(od);
422 	ASSERT(od->d_magic == SMB_ODIR_MAGIC);
423 
424 	mutex_enter(&od->d_mutex);
425 
426 	switch (od->d_state) {
427 	case SMB_ODIR_STATE_OPEN:
428 		od->d_refcnt++;
429 		od->d_state = SMB_ODIR_STATE_IN_USE;
430 		break;
431 	case SMB_ODIR_STATE_IN_USE:
432 		od->d_refcnt++;
433 		break;
434 	case SMB_ODIR_STATE_CLOSING:
435 	case SMB_ODIR_STATE_CLOSED:
436 	default:
437 		mutex_exit(&od->d_mutex);
438 		return (B_FALSE);
439 	}
440 
441 	mutex_exit(&od->d_mutex);
442 	return (B_TRUE);
443 }
444 
445 /*
446  * If the odir is in SMB_ODIR_STATE_CLOSING and this release results in
447  * a refcnt of 0, change the state to SMB_ODIR_STATE_CLOSED and post the
448  * object for deletion.  Object deletion is deferred to avoid modifying
449  * a list while an iteration may be in progress.
450  */
451 void
452 smb_odir_release(smb_odir_t *od)
453 {
454 	smb_tree_t *tree = od->d_tree;
455 
456 	SMB_ODIR_VALID(od);
457 
458 	mutex_enter(&od->d_mutex);
459 	ASSERT(od->d_refcnt > 0);
460 
461 	switch (od->d_state) {
462 	case SMB_ODIR_STATE_OPEN:
463 		break;
464 	case SMB_ODIR_STATE_IN_USE:
465 		od->d_refcnt--;
466 		if (od->d_refcnt == 0)
467 			od->d_state = SMB_ODIR_STATE_OPEN;
468 		break;
469 	case SMB_ODIR_STATE_CLOSING:
470 		od->d_refcnt--;
471 		if (od->d_refcnt == 0) {
472 			od->d_state = SMB_ODIR_STATE_CLOSED;
473 			smb_llist_post(&tree->t_odir_list, od,
474 			    smb_odir_delete);
475 		}
476 		break;
477 	case SMB_ODIR_STATE_CLOSED:
478 	default:
479 		break;
480 	}
481 
482 	mutex_exit(&od->d_mutex);
483 }
484 
485 /*
486  * smb_odir_close
487  */
488 void
489 smb_odir_close(smb_odir_t *od)
490 {
491 	ASSERT(od);
492 	ASSERT(od->d_magic == SMB_ODIR_MAGIC);
493 
494 	mutex_enter(&od->d_mutex);
495 	ASSERT(od->d_refcnt > 0);
496 	switch (od->d_state) {
497 	case SMB_ODIR_STATE_OPEN:
498 		break;
499 	case SMB_ODIR_STATE_IN_USE:
500 		od->d_state = SMB_ODIR_STATE_CLOSING;
501 		break;
502 	case SMB_ODIR_STATE_CLOSING:
503 	case SMB_ODIR_STATE_CLOSED:
504 	default:
505 		break;
506 	}
507 	mutex_exit(&od->d_mutex);
508 }
509 
510 /*
511  * smb_odir_read
512  *
513  * Find the next directory entry matching the search pattern.
514  * No search attribute matching is performed.
515  *
516  * Returns:
517  *  0 - success.
518  *      - If a matching entry was found eof will be B_FALSE and
519  *        odirent will be populated.
520  * ENOENT
521  *      - If we've scanned to the end, eof will be B_TRUE.
522  * errno - other errors
523  */
524 int
525 smb_odir_read(smb_request_t *sr, smb_odir_t *od,
526     smb_odirent_t *odirent, boolean_t *eof)
527 {
528 	int		rc;
529 
530 	ASSERT(sr);
531 	ASSERT(sr->sr_magic == SMB_REQ_MAGIC);
532 	ASSERT(od);
533 	ASSERT(od->d_magic == SMB_ODIR_MAGIC);
534 	ASSERT(odirent);
535 
536 	mutex_enter(&od->d_mutex);
537 	ASSERT(od->d_refcnt > 0);
538 
539 	switch (od->d_state) {
540 	case SMB_ODIR_STATE_IN_USE:
541 	case SMB_ODIR_STATE_CLOSING:
542 		break;
543 	case SMB_ODIR_STATE_OPEN:
544 	case SMB_ODIR_STATE_CLOSED:
545 	default:
546 		mutex_exit(&od->d_mutex);
547 		return (EBADF);
548 	}
549 
550 	for (;;) {
551 		if ((rc = smb_odir_next_odirent(od, odirent)) != 0)
552 			break;
553 		if (smb_odir_match_name(od, odirent))
554 			break;
555 	}
556 
557 	mutex_exit(&od->d_mutex);
558 
559 	switch (rc) {
560 	case 0:
561 		*eof = B_FALSE;
562 		return (0);
563 	case ENOENT:
564 		*eof = B_TRUE;
565 		/* FALLTHROUGH */
566 	default:
567 		return (rc);
568 	}
569 }
570 
571 /*
572  * smb_odir_read_fileinfo
573  *
574  * Find the next directory entry matching the search pattern
575  * and attributes: od->d_pattern and od->d_sattr.
576  *
577  * If the search pattern specifies a single filename call
578  * smb_odir_single_fileinfo to get the file attributes and
579  * populate the caller's smb_fileinfo_t.
580  *
581  * If the search pattern contains wildcards call smb_odir_next_odirent
582  * to get the next directory entry then. Repeat until a matching
583  * filename is found. Call smb_odir_wildcard_fileinfo to get the
584  * file attributes and populate the caller's smb_fileinfo_t.
585  * This is repeated until a file matching the search criteria is found.
586  *
587  * Returns:
588  *  0 - success.
589  *      - If a matching entry was found eof will be B_FALSE and
590  *        fileinfo will be populated.
591  * ENOENT
592  *      - If at end of dir, eof will be B_TRUE.
593  * errno - other error
594  */
595 int
596 smb_odir_read_fileinfo(smb_request_t *sr, smb_odir_t *od,
597     smb_fileinfo_t *fileinfo, uint16_t *eof)
598 {
599 	int		rc, errnum;
600 	smb_odirent_t	*odirent;
601 
602 	ASSERT(sr);
603 	ASSERT(sr->sr_magic == SMB_REQ_MAGIC);
604 	ASSERT(od);
605 	ASSERT(od->d_magic == SMB_ODIR_MAGIC);
606 	ASSERT(fileinfo);
607 
608 	mutex_enter(&od->d_mutex);
609 	ASSERT(od->d_refcnt > 0);
610 
611 	switch (od->d_state) {
612 	case SMB_ODIR_STATE_IN_USE:
613 	case SMB_ODIR_STATE_CLOSING:
614 		break;
615 	case SMB_ODIR_STATE_OPEN:
616 	case SMB_ODIR_STATE_CLOSED:
617 	default:
618 		mutex_exit(&od->d_mutex);
619 		return (EBADF);
620 	}
621 
622 	if ((od->d_flags & SMB_ODIR_FLAG_WILDCARDS) == 0) {
623 		if (od->d_eof)
624 			rc = ENOENT;
625 		else
626 			rc = smb_odir_single_fileinfo(sr, od, fileinfo);
627 		od->d_eof = B_TRUE;
628 	} else {
629 		odirent = kmem_alloc(sizeof (smb_odirent_t), KM_SLEEP);
630 		for (;;) {
631 			bzero(fileinfo, sizeof (smb_fileinfo_t));
632 			if ((rc = smb_odir_next_odirent(od, odirent)) != 0)
633 				break;
634 
635 			/* skip non utf8 filename */
636 			if (u8_validate(odirent->od_name,
637 			    strlen(odirent->od_name), NULL,
638 			    U8_VALIDATE_ENTIRE, &errnum) < 0)
639 				continue;
640 
641 			if (!smb_odir_match_name(od, odirent))
642 				continue;
643 
644 			rc = smb_odir_wildcard_fileinfo(sr, od, odirent,
645 			    fileinfo);
646 			if (rc == 0)
647 				break;
648 		}
649 		kmem_free(odirent, sizeof (smb_odirent_t));
650 	}
651 	mutex_exit(&od->d_mutex);
652 
653 	switch (rc) {
654 	case 0:
655 		*eof = 0;
656 		return (0);
657 	case ENOENT:
658 		*eof = 1;	/* per. FindFirst, FindNext spec. */
659 		/* FALLTHROUGH */
660 	default:
661 		return (rc);
662 	}
663 }
664 
665 /*
666  * smb_odir_read_streaminfo
667  *
668  * Find the next directory entry whose name begins with SMB_STREAM_PREFIX,
669  * and thus represents an NTFS named stream.
670  * No search attribute matching is performed.
671  * No case conflict name mangling is required for NTFS named stream names.
672  *
673  * Returns:
674  *  0 - success.
675  *      - If a matching entry was found eof will be B_FALSE and
676  *        sinfo will be populated.
677  *      - If there are no matching entries eof will be B_TRUE.
678  * errno - error
679  */
680 int
681 smb_odir_read_streaminfo(smb_request_t *sr, smb_odir_t *od,
682     smb_streaminfo_t *sinfo, boolean_t *eof)
683 {
684 	int		rc;
685 	cred_t		*kcr;
686 	smb_odirent_t	*odirent;
687 	smb_node_t	*fnode;
688 	smb_attr_t	attr;
689 
690 	ASSERT(sr);
691 	ASSERT(sr->sr_magic == SMB_REQ_MAGIC);
692 	ASSERT(od);
693 	ASSERT(od->d_magic == SMB_ODIR_MAGIC);
694 	ASSERT(sinfo);
695 
696 	kcr = zone_kcred();
697 
698 	mutex_enter(&od->d_mutex);
699 	ASSERT(od->d_refcnt > 0);
700 
701 	switch (od->d_state) {
702 	case SMB_ODIR_STATE_IN_USE:
703 	case SMB_ODIR_STATE_CLOSING:
704 		break;
705 	case SMB_ODIR_STATE_OPEN:
706 	case SMB_ODIR_STATE_CLOSED:
707 	default:
708 		mutex_exit(&od->d_mutex);
709 		return (EBADF);
710 	}
711 
712 	/* Check that odir represents an xattr directory */
713 	if (!(od->d_flags & SMB_ODIR_FLAG_XATTR)) {
714 		*eof = B_TRUE;
715 		mutex_exit(&od->d_mutex);
716 		return (0);
717 	}
718 
719 	odirent = kmem_alloc(sizeof (smb_odirent_t), KM_SLEEP);
720 	bzero(&attr, sizeof (attr));
721 
722 	for (;;) {
723 		bzero(sinfo, sizeof (smb_streaminfo_t));
724 		if ((rc = smb_odir_next_odirent(od, odirent)) != 0)
725 			break;
726 
727 		if (strncmp(odirent->od_name, SMB_STREAM_PREFIX,
728 		    SMB_STREAM_PREFIX_LEN)) {
729 			continue;
730 		}
731 
732 		/*
733 		 * Hide streams that would be restricted if the caller
734 		 * is also restricted.
735 		 */
736 		if ((od->d_flags & SMB_ODIR_FLAG_RESTRICTED) != 0 &&
737 		    smb_strname_restricted(odirent->od_name))
738 			continue;
739 
740 		rc = smb_fsop_lookup(sr, od->d_cred, 0, od->d_tree->t_snode,
741 		    od->d_dnode, odirent->od_name, &fnode);
742 		if (rc == 0) {
743 			/*
744 			 * We just need the file sizes, and don't want
745 			 * EACCES failures here, so use kcred and pass
746 			 * NULL as the sr to skip sr->fid-ofile checks.
747 			 */
748 			attr.sa_mask = SMB_AT_SIZE | SMB_AT_ALLOCSZ;
749 			rc = smb_node_getattr(NULL, fnode, kcr, NULL, &attr);
750 			smb_node_release(fnode);
751 		}
752 
753 		if (rc == 0) {
754 			(void) strlcpy(sinfo->si_name,
755 			    odirent->od_name + SMB_STREAM_PREFIX_LEN,
756 			    sizeof (sinfo->si_name));
757 			sinfo->si_size = attr.sa_vattr.va_size;
758 			sinfo->si_alloc_size = attr.sa_allocsz;
759 			break;
760 		}
761 	}
762 	mutex_exit(&od->d_mutex);
763 
764 	kmem_free(odirent, sizeof (smb_odirent_t));
765 
766 	switch (rc) {
767 	case 0:
768 		*eof = B_FALSE;
769 		return (0);
770 	case ENOENT:
771 		*eof = B_TRUE;
772 		return (0);
773 	default:
774 		return (rc);
775 	}
776 }
777 
778 /*
779  * smb_odir_save_cookie
780  *
781  * Callers can save up to SMB_MAX_SEARCH cookies in the odir
782  * to be used as resume points for a 'find next' request.
783  */
784 void
785 smb_odir_save_cookie(smb_odir_t *od, int idx, uint32_t cookie)
786 {
787 	ASSERT(od);
788 	ASSERT(od->d_magic == SMB_ODIR_MAGIC);
789 	ASSERT(idx >= 0 && idx < SMB_MAX_SEARCH);
790 
791 	mutex_enter(&od->d_mutex);
792 	od->d_cookies[idx] = cookie;
793 	mutex_exit(&od->d_mutex);
794 }
795 
796 /*
797  * smb_odir_save_fname
798  *
799  * Save a filename / offset pair, which are basically a
800  * one entry cache.  See smb_com_trans2_find_next2.
801  */
802 void
803 smb_odir_save_fname(smb_odir_t *od, uint32_t cookie, const char *fname)
804 {
805 	ASSERT(od);
806 	ASSERT(od->d_magic == SMB_ODIR_MAGIC);
807 
808 	mutex_enter(&od->d_mutex);
809 
810 	od->d_last_cookie = cookie;
811 	bzero(od->d_last_name, MAXNAMELEN);
812 	if (fname != NULL)
813 		(void) strlcpy(od->d_last_name, fname, MAXNAMELEN);
814 
815 	mutex_exit(&od->d_mutex);
816 }
817 
818 /*
819  * smb_odir_resume_at
820  *
821  * If SMB_ODIR_FLAG_WILDCARDS is not set, and we're rewinding,
822  * assume we're no longer at EOF.
823  *
824  * Wildcard searching can be resumed from:
825  * - the cookie saved at a specified index (SMBsearch, SMBfind).
826  * - a specified cookie (SMB_trans2_find)
827  * - a specified filename (SMB_trans2_find) - NOT SUPPORTED.
828  *   Defaults to continuing from where the last search ended.
829  *
830  * Continuation from where the last search ended (SMB_trans2_find)
831  * is implemented by saving the last cookie at a specific index (0)
832  * smb_odir_resume_at indicates a new request, so reset od->d_bufptr
833  * and d_eof to force a vop_readdir.
834  */
835 void
836 smb_odir_resume_at(smb_odir_t *od, smb_odir_resume_t *resume)
837 {
838 	uint64_t save_offset;
839 
840 	ASSERT(od);
841 	ASSERT(od->d_magic == SMB_ODIR_MAGIC);
842 	ASSERT(resume);
843 
844 	if ((od->d_flags & SMB_ODIR_FLAG_WILDCARDS) == 0) {
845 		if (resume->or_type == SMB_ODIR_RESUME_COOKIE)
846 			od->d_eof = B_FALSE;
847 		return;
848 	}
849 	mutex_enter(&od->d_mutex);
850 
851 	save_offset = od->d_offset;
852 	switch (resume->or_type) {
853 
854 	default:
855 	case SMB_ODIR_RESUME_CONT:
856 		/* Continue where we left off. */
857 		break;
858 
859 	case SMB_ODIR_RESUME_IDX:
860 		/*
861 		 * This is used only by the (ancient) SMB_SEARCH.
862 		 * Modern clients use trans2 FindFirst, FindNext.
863 		 */
864 		ASSERT(resume->or_idx >= 0);
865 		ASSERT(resume->or_idx < SMB_MAX_SEARCH);
866 
867 		if ((resume->or_idx < 0) ||
868 		    (resume->or_idx >= SMB_MAX_SEARCH)) {
869 			resume->or_idx = 0;
870 		}
871 		od->d_offset = od->d_cookies[resume->or_idx];
872 		break;
873 
874 	case SMB_ODIR_RESUME_COOKIE:
875 		od->d_offset = resume->or_cookie;
876 		break;
877 
878 	case SMB_ODIR_RESUME_FNAME:
879 		/*
880 		 * If the name matches the last one saved,
881 		 * use the offset that was saved with it in
882 		 * the odir.  Otherwise use the cookie value
883 		 * in the resume data from the client.
884 		 */
885 		if (strcmp(resume->or_fname, od->d_last_name) &&
886 		    od->d_last_cookie != 0) {
887 			od->d_offset = od->d_last_cookie;
888 		} else if (resume->or_cookie != 0) {
889 			od->d_offset = resume->or_cookie;
890 		} /* else continue where we left off */
891 		break;
892 	}
893 
894 	if (od->d_offset != save_offset) {
895 		/* Force a vop_readdir to refresh d_buf */
896 		od->d_bufptr = NULL;
897 		od->d_eof = B_FALSE;
898 	}
899 
900 	mutex_exit(&od->d_mutex);
901 }
902 
903 
904 /* *** static functions *** */
905 
906 /*
907  * smb_odir_create
908  * Allocate and populate an odir obect and add it to the tree's list.
909  */
910 static smb_odir_t *
911 smb_odir_create(smb_request_t *sr, smb_node_t *dnode,
912     const char *pattern, uint16_t sattr, uint16_t odid, cred_t *cr)
913 {
914 	smb_odir_t	*od;
915 	smb_tree_t	*tree;
916 
917 	ASSERT(sr);
918 	ASSERT(sr->sr_magic == SMB_REQ_MAGIC);
919 	ASSERT(sr->tid_tree);
920 	ASSERT(sr->tid_tree->t_magic == SMB_TREE_MAGIC);
921 	ASSERT(dnode);
922 	ASSERT(dnode->n_magic == SMB_NODE_MAGIC);
923 
924 	tree = sr->tid_tree;
925 
926 	od = kmem_cache_alloc(smb_cache_odir, KM_SLEEP);
927 	bzero(od, sizeof (smb_odir_t));
928 
929 	mutex_init(&od->d_mutex, NULL, MUTEX_DEFAULT, NULL);
930 
931 	/*
932 	 * Return this to the caller as if they had done
933 	 * smb_tree_lookup_odir() to obtain the odir.
934 	 */
935 	od->d_refcnt = 1;
936 	od->d_state = SMB_ODIR_STATE_IN_USE;
937 	od->d_magic = SMB_ODIR_MAGIC;
938 	od->d_opened_by_pid = sr->smb_pid;
939 	od->d_session = tree->t_session;
940 	od->d_cred = cr;
941 	/*
942 	 * grab a ref for od->d_user
943 	 * released in  smb_odir_delete()
944 	 */
945 	smb_user_hold_internal(sr->uid_user);
946 	od->d_user = sr->uid_user;
947 	od->d_tree = tree;
948 	od->d_dnode = dnode;
949 	smb_node_ref(dnode);
950 	od->d_odid = odid;
951 	od->d_sattr = sattr;
952 	(void) strlcpy(od->d_pattern, pattern, sizeof (od->d_pattern));
953 	od->d_flags = 0;
954 	if (smb_contains_wildcards(od->d_pattern))
955 		od->d_flags |= SMB_ODIR_FLAG_WILDCARDS;
956 	if (vfs_has_feature(dnode->vp->v_vfsp, VFSFT_DIRENTFLAGS))
957 		od->d_flags |= SMB_ODIR_FLAG_EDIRENT;
958 	if (smb_tree_has_feature(tree, SMB_TREE_CASEINSENSITIVE))
959 		od->d_flags |= SMB_ODIR_FLAG_IGNORE_CASE;
960 	if (smb_tree_has_feature(tree, SMB_TREE_SHORTNAMES))
961 		od->d_flags |= SMB_ODIR_FLAG_SHORTNAMES;
962 	if (SMB_TREE_SUPPORTS_CATIA(sr))
963 		od->d_flags |= SMB_ODIR_FLAG_CATIA;
964 	if (SMB_TREE_SUPPORTS_ABE(sr))
965 		od->d_flags |= SMB_ODIR_FLAG_ABE;
966 	if (dnode->flags & NODE_XATTR_DIR)
967 		od->d_flags |= SMB_ODIR_FLAG_XATTR;
968 	od->d_eof = B_FALSE;
969 
970 	smb_llist_enter(&tree->t_odir_list, RW_WRITER);
971 	smb_llist_insert_tail(&tree->t_odir_list, od);
972 	smb_llist_exit(&tree->t_odir_list);
973 
974 	atomic_inc_32(&tree->t_session->s_dir_cnt);
975 	return (od);
976 }
977 
978 /*
979  * Set a new pattern, attributes, and rewind.
980  */
981 void
982 smb_odir_reopen(smb_odir_t *od, const char *pattern, uint16_t sattr)
983 {
984 
985 	SMB_ODIR_VALID(od);
986 
987 	mutex_enter(&od->d_mutex);
988 	od->d_sattr = sattr;
989 	(void) strlcpy(od->d_pattern, pattern, sizeof (od->d_pattern));
990 	if (smb_contains_wildcards(od->d_pattern))
991 		od->d_flags |= SMB_ODIR_FLAG_WILDCARDS;
992 	else
993 		od->d_flags &= ~SMB_ODIR_FLAG_WILDCARDS;
994 
995 	/* Internal smb_odir_resume_at */
996 	od->d_offset = 0;
997 	od->d_bufptr = NULL;
998 	od->d_eof = B_FALSE;
999 
1000 	mutex_exit(&od->d_mutex);
1001 }
1002 
1003 /*
1004  * Delete an odir.
1005  *
1006  * Remove the odir from the tree list before freeing resources
1007  * associated with the odir.
1008  */
1009 static void
1010 smb_odir_delete(void *arg)
1011 {
1012 	smb_tree_t	*tree;
1013 	smb_odir_t	*od = (smb_odir_t *)arg;
1014 
1015 	SMB_ODIR_VALID(od);
1016 	ASSERT(od->d_refcnt == 0);
1017 	ASSERT(od->d_state == SMB_ODIR_STATE_CLOSED);
1018 
1019 	tree = od->d_tree;
1020 	smb_llist_enter(&tree->t_odir_list, RW_WRITER);
1021 	smb_llist_remove(&tree->t_odir_list, od);
1022 	if (od->d_odid != 0)
1023 		smb_idpool_free(&tree->t_odid_pool, od->d_odid);
1024 	atomic_dec_32(&tree->t_session->s_dir_cnt);
1025 	smb_llist_exit(&tree->t_odir_list);
1026 
1027 	/*
1028 	 * This odir is no longer on t_odir_list, however...
1029 	 *
1030 	 * This is called via smb_llist_post, which means it may run
1031 	 * BEFORE smb_odir_release drops d_mutex (if another thread
1032 	 * flushes the delete queue before we do).  Synchronize.
1033 	 */
1034 	mutex_enter(&od->d_mutex);
1035 	mutex_exit(&od->d_mutex);
1036 
1037 	od->d_magic = 0;
1038 	smb_node_release(od->d_dnode);
1039 	smb_user_release(od->d_user);
1040 	mutex_destroy(&od->d_mutex);
1041 	kmem_cache_free(smb_cache_odir, od);
1042 }
1043 
1044 /*
1045  * smb_odir_next_odirent
1046  *
1047  * Find the next directory entry in d_buf. If d_bufptr is NULL (buffer
1048  * is empty or we've reached the end of it), read the next set of
1049  * entries from the file system (vop_readdir).
1050  *
1051  * File systems which support VFSFT_EDIRENT_FLAGS will return the
1052  * directory entries as a buffer of edirent_t structure. Others will
1053  * return a buffer of dirent64_t structures.  For simplicity translate
1054  * the data into an smb_odirent_t structure.
1055  * The ed_name/d_name in d_buf is NULL terminated by the file system.
1056  *
1057  * Some file systems can have directories larger than SMB_MAXDIRSIZE.
1058  * If the odirent offset >= SMB_MAXDIRSIZE return ENOENT and set d_eof
1059  * to true to stop subsequent calls to smb_vop_readdir.
1060  *
1061  * Returns:
1062  *      0 - success. odirent is populated with the next directory entry
1063  * ENOENT - no more directory entries
1064  *  errno - error
1065  */
1066 static int
1067 smb_odir_next_odirent(smb_odir_t *od, smb_odirent_t *odirent)
1068 {
1069 	int		rc;
1070 	int		reclen;
1071 	int		eof;
1072 	dirent64_t	*dp;
1073 	edirent_t	*edp;
1074 	char		*np;
1075 	uint32_t	rddir_flags = 0;
1076 
1077 	ASSERT(MUTEX_HELD(&od->d_mutex));
1078 
1079 	bzero(odirent, sizeof (smb_odirent_t));
1080 
1081 	if (od->d_flags & SMB_ODIR_FLAG_ABE)
1082 		rddir_flags |= SMB_ABE;
1083 	if (od->d_flags & SMB_ODIR_FLAG_EDIRENT)
1084 		rddir_flags |= SMB_EDIRENT;
1085 
1086 	if (od->d_bufptr != NULL) {
1087 		if (od->d_flags & SMB_ODIR_FLAG_EDIRENT)
1088 			reclen = od->d_edp->ed_reclen;
1089 		else
1090 			reclen = od->d_dp->d_reclen;
1091 
1092 		if (reclen == 0) {
1093 			od->d_bufptr = NULL;
1094 		} else {
1095 			od->d_bufptr += reclen;
1096 			if (od->d_bufptr >= od->d_buf + od->d_bufsize)
1097 				od->d_bufptr = NULL;
1098 		}
1099 	}
1100 
1101 	if (od->d_bufptr == NULL) {
1102 		if (od->d_eof)
1103 			return (ENOENT);
1104 
1105 		od->d_bufsize = sizeof (od->d_buf);
1106 
1107 		rc = smb_vop_readdir(od->d_dnode->vp, od->d_offset,
1108 		    od->d_buf, &od->d_bufsize, &eof, rddir_flags, od->d_cred);
1109 
1110 		if ((rc == 0) && (od->d_bufsize == 0))
1111 			rc = ENOENT;
1112 
1113 		if (rc != 0) {
1114 			od->d_bufptr = NULL;
1115 			od->d_bufsize = 0;
1116 			return (rc);
1117 		}
1118 
1119 		od->d_eof = (eof != 0);
1120 		od->d_bufptr = od->d_buf;
1121 	}
1122 
1123 	if (od->d_flags & SMB_ODIR_FLAG_EDIRENT)
1124 		od->d_offset = od->d_edp->ed_off;
1125 	else
1126 		od->d_offset = od->d_dp->d_off;
1127 
1128 	if (od->d_offset >= SMB_MAXDIRSIZE) {
1129 		od->d_bufptr = NULL;
1130 		od->d_bufsize = 0;
1131 		od->d_eof = B_TRUE;
1132 		return (ENOENT);
1133 	}
1134 
1135 	if (od->d_flags & SMB_ODIR_FLAG_EDIRENT) {
1136 		edp = od->d_edp;
1137 		odirent->od_ino = edp->ed_ino;
1138 		odirent->od_eflags = edp->ed_eflags;
1139 		np = edp->ed_name;
1140 	} else {
1141 		dp = od->d_dp;
1142 		odirent->od_ino = dp->d_ino;
1143 		odirent->od_eflags = 0;
1144 		np =  dp->d_name;
1145 	}
1146 
1147 	if ((od->d_flags & SMB_ODIR_FLAG_CATIA) &&
1148 	    ((od->d_flags & SMB_ODIR_FLAG_XATTR) == 0)) {
1149 		smb_vop_catia_v4tov5(np, odirent->od_name,
1150 		    sizeof (odirent->od_name));
1151 	} else {
1152 		(void) strlcpy(odirent->od_name, np,
1153 		    sizeof (odirent->od_name));
1154 	}
1155 
1156 	return (0);
1157 }
1158 
1159 /*
1160  * smb_odir_single_fileinfo
1161  *
1162  * Lookup the file identified by od->d_pattern.
1163  *
1164  * If the looked up file is a link, we attempt to lookup the link target
1165  * to use its attributes in place of those of the files's.
1166  * If we fail to lookup the target of the link we use the original
1167  * file's attributes.
1168  * Check if the attributes match the search attributes.
1169  *
1170  * Returns: 0 - success
1171  *     ENOENT - no match
1172  *      errno - error
1173  */
1174 static int
1175 smb_odir_single_fileinfo(smb_request_t *sr, smb_odir_t *od,
1176     smb_fileinfo_t *fileinfo)
1177 {
1178 	int		rc;
1179 	smb_node_t	*fnode, *tgt_node;
1180 	smb_attr_t	attr;
1181 	ino64_t		fid;
1182 	char		*name;
1183 	boolean_t	case_conflict = B_FALSE;
1184 	int		lookup_flags, flags = 0;
1185 	vnode_t		*vp;
1186 
1187 	ASSERT(sr);
1188 	ASSERT(sr->sr_magic == SMB_REQ_MAGIC);
1189 	ASSERT(od);
1190 	ASSERT(od->d_magic == SMB_ODIR_MAGIC);
1191 
1192 	ASSERT(MUTEX_HELD(&od->d_mutex));
1193 	bzero(fileinfo, sizeof (smb_fileinfo_t));
1194 
1195 	rc = smb_fsop_lookup(sr, od->d_cred, 0, od->d_tree->t_snode,
1196 	    od->d_dnode, od->d_pattern, &fnode);
1197 	if (rc != 0)
1198 		return (rc);
1199 
1200 	/*
1201 	 * If case sensitive, do a case insensitive smb_vop_lookup to
1202 	 * check for case conflict
1203 	 */
1204 	if (od->d_flags & SMB_ODIR_FLAG_IGNORE_CASE) {
1205 		lookup_flags = SMB_IGNORE_CASE;
1206 		if (od->d_flags & SMB_ODIR_FLAG_CATIA)
1207 			lookup_flags |= SMB_CATIA;
1208 
1209 		rc = smb_vop_lookup(od->d_dnode->vp, fnode->od_name, &vp,
1210 		    NULL, lookup_flags, &flags, od->d_tree->t_snode->vp,
1211 		    NULL, od->d_cred);
1212 		if (rc != 0)
1213 			return (rc);
1214 		VN_RELE(vp);
1215 
1216 		if (flags & ED_CASE_CONFLICT)
1217 			case_conflict = B_TRUE;
1218 	}
1219 
1220 	bzero(&attr, sizeof (attr));
1221 	attr.sa_mask = SMB_AT_ALL;
1222 	rc = smb_node_getattr(NULL, fnode, zone_kcred(), NULL, &attr);
1223 	if (rc != 0) {
1224 		smb_node_release(fnode);
1225 		return (rc);
1226 	}
1227 
1228 
1229 	/* follow link to get target node & attr */
1230 	if (smb_node_is_symlink(fnode) &&
1231 	    smb_odir_lookup_link(sr, od, fnode->od_name, &tgt_node)) {
1232 		smb_node_release(fnode);
1233 		fnode = tgt_node;
1234 		attr.sa_mask = SMB_AT_ALL;
1235 		rc = smb_node_getattr(NULL, fnode, zone_kcred(), NULL, &attr);
1236 		if (rc != 0) {
1237 			smb_node_release(fnode);
1238 			return (rc);
1239 		}
1240 	}
1241 
1242 	/* check search attributes */
1243 	if (!smb_sattr_check(attr.sa_dosattr, od->d_sattr)) {
1244 		smb_node_release(fnode);
1245 		return (ENOENT);
1246 	}
1247 
1248 	name = fnode->od_name;
1249 	if (od->d_flags & SMB_ODIR_FLAG_SHORTNAMES) {
1250 		fid = attr.sa_vattr.va_nodeid;
1251 		if (case_conflict || smb_needs_mangled(name)) {
1252 			smb_mangle(name, fid, fileinfo->fi_shortname,
1253 			    SMB_SHORTNAMELEN);
1254 		}
1255 		if (case_conflict)
1256 			name = fileinfo->fi_shortname;
1257 	}
1258 
1259 	(void) strlcpy(fileinfo->fi_name, name, sizeof (fileinfo->fi_name));
1260 
1261 	fileinfo->fi_dosattr = attr.sa_dosattr;
1262 	fileinfo->fi_nodeid = attr.sa_vattr.va_nodeid;
1263 	fileinfo->fi_size = attr.sa_vattr.va_size;
1264 	fileinfo->fi_alloc_size = attr.sa_allocsz;
1265 	fileinfo->fi_atime = attr.sa_vattr.va_atime;
1266 	fileinfo->fi_mtime = attr.sa_vattr.va_mtime;
1267 	fileinfo->fi_ctime = attr.sa_vattr.va_ctime;
1268 	if (attr.sa_crtime.tv_sec)
1269 		fileinfo->fi_crtime = attr.sa_crtime;
1270 	else
1271 		fileinfo->fi_crtime = attr.sa_vattr.va_mtime;
1272 
1273 	smb_node_release(fnode);
1274 	return (0);
1275 }
1276 
1277 /*
1278  * smb_odir_wildcard_fileinfo
1279  *
1280  * odirent contains a directory entry, obtained from a vop_readdir.
1281  * If a case conflict is identified the filename is mangled and the
1282  * shortname is used as 'name', in place of odirent->od_name.
1283  *
1284  * If the looked up file is a link, we attempt to lookup the link target
1285  * to use its attributes in place of those of the files's.
1286  * If we fail to lookup the target of the link we use the original
1287  * file's attributes.
1288  * Check if the attributes match the search attributes.
1289  *
1290  * Although some file systems can have directories larger than
1291  * SMB_MAXDIRSIZE smb_odir_next_odirent ensures that no offset larger
1292  * than SMB_MAXDIRSIZE is returned.  It is therefore safe to use the
1293  * offset as the cookie (uint32_t).
1294  *
1295  * Returns: 0 - success
1296  *     ENOENT - no match, proceed to next entry
1297  *      errno - error
1298  */
1299 static int
1300 smb_odir_wildcard_fileinfo(smb_request_t *sr, smb_odir_t *od,
1301     smb_odirent_t *odirent, smb_fileinfo_t *fileinfo)
1302 {
1303 	int		rc;
1304 	cred_t		*cr;
1305 	smb_node_t	*fnode, *tgt_node;
1306 	smb_attr_t	attr;
1307 	char		*name;
1308 	boolean_t	case_conflict;
1309 
1310 	ASSERT(sr);
1311 	ASSERT(sr->sr_magic == SMB_REQ_MAGIC);
1312 	ASSERT(od);
1313 	ASSERT(od->d_magic == SMB_ODIR_MAGIC);
1314 
1315 	ASSERT(MUTEX_HELD(&od->d_mutex));
1316 	bzero(fileinfo, sizeof (smb_fileinfo_t));
1317 
1318 	rc = smb_fsop_lookup(sr, od->d_cred, SMB_CASE_SENSITIVE,
1319 	    od->d_tree->t_snode, od->d_dnode, odirent->od_name, &fnode);
1320 	if (rc != 0)
1321 		return (rc);
1322 
1323 	/* follow link to get target node & attr */
1324 	if (smb_node_is_symlink(fnode) &&
1325 	    smb_odir_lookup_link(sr, od, odirent->od_name, &tgt_node)) {
1326 		smb_node_release(fnode);
1327 		fnode = tgt_node;
1328 	}
1329 
1330 	/* skip system files */
1331 	if (smb_node_is_system(fnode)) {
1332 		smb_node_release(fnode);
1333 		return (ENOENT);
1334 	}
1335 
1336 	/*
1337 	 * Windows directory listings return not only names, but
1338 	 * also some attributes.  In Unix, you need some access to
1339 	 * get those attributes.  Which credential should we use to
1340 	 * get those?  If we're doing Access Based Enumeration (ABE)
1341 	 * we want this getattr to fail, which will cause the caller
1342 	 * to skip this entry.  If we're NOT doing ABE, we normally
1343 	 * want to show all the directory entries (including their
1344 	 * attributes) so we want this getattr to succeed!
1345 	 */
1346 	if (smb_tree_has_feature(od->d_tree, SMB_TREE_ABE))
1347 		cr = od->d_cred;
1348 	else
1349 		cr = zone_kcred();
1350 
1351 	bzero(&attr, sizeof (attr));
1352 	attr.sa_mask = SMB_AT_ALL;
1353 	rc = smb_node_getattr(NULL, fnode, cr, NULL, &attr);
1354 	if (rc != 0) {
1355 		smb_node_release(fnode);
1356 		return (rc);
1357 	}
1358 
1359 	/* check search attributes */
1360 	if (!smb_sattr_check(attr.sa_dosattr, od->d_sattr)) {
1361 		smb_node_release(fnode);
1362 		return (ENOENT);
1363 	}
1364 
1365 	name = odirent->od_name;
1366 	if (od->d_flags & SMB_ODIR_FLAG_SHORTNAMES) {
1367 		case_conflict = ((od->d_flags & SMB_ODIR_FLAG_IGNORE_CASE) &&
1368 		    (odirent->od_eflags & ED_CASE_CONFLICT));
1369 		if (case_conflict || smb_needs_mangled(name)) {
1370 			smb_mangle(name, odirent->od_ino,
1371 			    fileinfo->fi_shortname, SMB_SHORTNAMELEN);
1372 		}
1373 		if (case_conflict)
1374 			name = fileinfo->fi_shortname;
1375 	}
1376 
1377 	(void) strlcpy(fileinfo->fi_name, name, sizeof (fileinfo->fi_name));
1378 
1379 	fileinfo->fi_cookie = (uint32_t)od->d_offset;
1380 	fileinfo->fi_dosattr = attr.sa_dosattr;
1381 	fileinfo->fi_nodeid = attr.sa_vattr.va_nodeid;
1382 	fileinfo->fi_size = attr.sa_vattr.va_size;
1383 	fileinfo->fi_alloc_size = attr.sa_allocsz;
1384 	fileinfo->fi_atime = attr.sa_vattr.va_atime;
1385 	fileinfo->fi_mtime = attr.sa_vattr.va_mtime;
1386 	fileinfo->fi_ctime = attr.sa_vattr.va_ctime;
1387 	if (attr.sa_crtime.tv_sec)
1388 		fileinfo->fi_crtime = attr.sa_crtime;
1389 	else
1390 		fileinfo->fi_crtime = attr.sa_vattr.va_mtime;
1391 
1392 	smb_node_release(fnode);
1393 	return (0);
1394 }
1395 
1396 /*
1397  * smb_odir_lookup_link
1398  *
1399  * If the file is a symlink we lookup the object to which the
1400  * symlink refers so that we can return its attributes.
1401  * This can cause a problem if a symlink in a sub-directory
1402  * points to a parent directory (some UNIX GUI's create a symlink
1403  * in $HOME/.desktop that points to the user's home directory).
1404  * Some Windows applications (e.g. virus scanning) loop/hang
1405  * trying to follow this recursive path and there is little
1406  * we can do because the path is constructed on the client.
1407  * smb_dirsymlink_enable allows an end-user to disable
1408  * symlinks to directories. Symlinks to other object types
1409  * should be unaffected.
1410  *
1411  * Returns: B_TRUE  - followed link. tgt_node and tgt_attr set
1412  *          B_FALSE - link not followed
1413  */
1414 static boolean_t
1415 smb_odir_lookup_link(smb_request_t *sr, smb_odir_t *od,
1416     char *fname, smb_node_t **tgt_node)
1417 {
1418 	int rc;
1419 	uint32_t flags = SMB_FOLLOW_LINKS | SMB_CASE_SENSITIVE;
1420 
1421 	rc = smb_fsop_lookup(sr, od->d_cred, flags,
1422 	    od->d_tree->t_snode, od->d_dnode, fname, tgt_node);
1423 	if (rc != 0) {
1424 		*tgt_node = NULL;
1425 		return (B_FALSE);
1426 	}
1427 
1428 	if (smb_node_is_dir(*tgt_node) && (!smb_dirsymlink_enable)) {
1429 		smb_node_release(*tgt_node);
1430 		*tgt_node = NULL;
1431 		return (B_FALSE);
1432 	}
1433 
1434 	return (B_TRUE);
1435 }
1436 
1437 /*
1438  * smb_odir_match_name
1439  *
1440  * Check if the directory entry name matches the search pattern:
1441  * - Don't match reserved dos filenames.
1442  * - Check if odirent->od_name matches od->d_pattern.
1443  * - If shortnames are supported, generate the shortname from
1444  *   odirent->od_name and check if it matches od->d_pattern.
1445  */
1446 static boolean_t
1447 smb_odir_match_name(smb_odir_t *od, smb_odirent_t *odirent)
1448 {
1449 	char	*name = odirent->od_name;
1450 	char	shortname[SMB_SHORTNAMELEN];
1451 	ino64_t	ino = odirent->od_ino;
1452 	boolean_t ci = (od->d_flags & SMB_ODIR_FLAG_IGNORE_CASE) != 0;
1453 
1454 	if (smb_is_reserved_dos_name(name))
1455 		return (B_FALSE);
1456 
1457 	if (smb_match(od->d_pattern, name, ci))
1458 		return (B_TRUE);
1459 
1460 	if (od->d_flags & SMB_ODIR_FLAG_SHORTNAMES) {
1461 		smb_mangle(name, ino, shortname, SMB_SHORTNAMELEN);
1462 		if (smb_match(od->d_pattern, shortname, ci))
1463 			return (B_TRUE);
1464 	}
1465 
1466 	return (B_FALSE);
1467 }
1468