xref: /titanic_51/usr/src/uts/common/fs/smbsrv/smb_tree.c (revision 37d6e2456ee4a15f47fa97a2a2eae60a9b22bd87)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 /*
27  * General Structures Layout
28  * -------------------------
29  *
30  * This is a simplified diagram showing the relationship between most of the
31  * main structures.
32  *
33  * +-------------------+
34  * |     SMB_INFO      |
35  * +-------------------+
36  *          |
37  *          |
38  *          v
39  * +-------------------+       +-------------------+      +-------------------+
40  * |     SESSION       |<----->|     SESSION       |......|      SESSION      |
41  * +-------------------+       +-------------------+      +-------------------+
42  *          |
43  *          |
44  *          v
45  * +-------------------+       +-------------------+      +-------------------+
46  * |       USER        |<----->|       USER        |......|       USER        |
47  * +-------------------+       +-------------------+      +-------------------+
48  *          |
49  *          |
50  *          v
51  * +-------------------+       +-------------------+      +-------------------+
52  * |       TREE        |<----->|       TREE        |......|       TREE        |
53  * +-------------------+       +-------------------+      +-------------------+
54  *      |         |
55  *      |         |
56  *      |         v
57  *      |     +-------+       +-------+      +-------+
58  *      |     | OFILE |<----->| OFILE |......| OFILE |
59  *      |     +-------+       +-------+      +-------+
60  *      |
61  *      |
62  *      v
63  *  +-------+       +------+      +------+
64  *  | ODIR  |<----->| ODIR |......| ODIR |
65  *  +-------+       +------+      +------+
66  *
67  *
68  * Tree State Machine
69  * ------------------
70  *
71  *    +-----------------------------+	 T0
72  *    |  SMB_TREE_STATE_CONNECTED   |<----------- Creation/Allocation
73  *    +-----------------------------+
74  *		    |
75  *		    | T1
76  *		    |
77  *		    v
78  *    +------------------------------+
79  *    | SMB_TREE_STATE_DISCONNECTING |
80  *    +------------------------------+
81  *		    |
82  *		    | T2
83  *		    |
84  *		    v
85  *    +-----------------------------+    T3
86  *    | SMB_TREE_STATE_DISCONNECTED |----------> Deletion/Free
87  *    +-----------------------------+
88  *
89  * SMB_TREE_STATE_CONNECTED
90  *
91  *    While in this state:
92  *      - The tree is queued in the list of trees of its user.
93  *      - References will be given out if the tree is looked up.
94  *      - Files under that tree can be accessed.
95  *
96  * SMB_TREE_STATE_DISCONNECTING
97  *
98  *    While in this state:
99  *      - The tree is queued in the list of trees of its user.
100  *      - References will not be given out if the tree is looked up.
101  *      - The files and directories open under the tree are being closed.
102  *      - The resources associated with the tree remain.
103  *
104  * SMB_TREE_STATE_DISCONNECTED
105  *
106  *    While in this state:
107  *      - The tree is queued in the list of trees of its user.
108  *      - References will not be given out if the tree is looked up.
109  *      - The tree has no more files and directories opened.
110  *      - The resources associated with the tree remain.
111  *
112  * Transition T0
113  *
114  *    This transition occurs in smb_tree_connect(). A new tree is created and
115  *    added to the list of trees of a user.
116  *
117  * Transition T1
118  *
119  *    This transition occurs in smb_tree_disconnect().
120  *
121  * Transition T2
122  *
123  *    This transition occurs in smb_tree_release(). The resources associated
124  *    with the tree are freed as well as the tree structure. For the transition
125  *    to occur, the tree must be in the SMB_TREE_STATE_DISCONNECTED state and
126  *    the reference count be zero.
127  *
128  * Comments
129  * --------
130  *
131  *    The state machine of the tree structures is controlled by 3 elements:
132  *      - The list of trees of the user it belongs to.
133  *      - The mutex embedded in the structure itself.
134  *      - The reference count.
135  *
136  *    There's a mutex embedded in the tree structure used to protect its fields
137  *    and there's a lock embedded in the list of trees of a user. To
138  *    increment or to decrement the reference count the mutex must be entered.
139  *    To insert the tree into the list of trees of the user and to remove
140  *    the tree from it, the lock must be entered in RW_WRITER mode.
141  *
142  *    Rules of access to a tree structure:
143  *
144  *    1) In order to avoid deadlocks, when both (mutex and lock of the user
145  *       list) have to be entered, the lock must be entered first.
146  *
147  *    2) All actions applied to a tree require a reference count.
148  *
149  *    3) There are 2 ways of getting a reference count: when a tree is
150  *       connected and when a tree is looked up.
151  *
152  *    It should be noted that the reference count of a tree registers the
153  *    number of references to the tree in other structures (such as an smb
154  *    request). The reference count is not incremented in these 2 instances:
155  *
156  *    1) The tree is connected. An tree is anchored by his state. If there's
157  *       no activity involving a tree currently connected, the reference
158  *       count of that tree is zero.
159  *
160  *    2) The tree is queued in the list of trees of the user. The fact of
161  *       being queued in that list is NOT registered by incrementing the
162  *       reference count.
163  */
164 #include <sys/types.h>
165 #include <sys/refstr_impl.h>
166 #include <sys/feature_tests.h>
167 #include <sys/sunddi.h>
168 #include <sys/fsid.h>
169 #include <sys/vfs.h>
170 #include <sys/stat.h>
171 #include <sys/varargs.h>
172 #include <sys/cred_impl.h>
173 #include <smbsrv/smb_incl.h>
174 #include <smbsrv/lmerr.h>
175 #include <smbsrv/smb_fsops.h>
176 #include <smbsrv/smb_door_svc.h>
177 #include <smbsrv/smb_share.h>
178 #include <sys/pathname.h>
179 
180 int smb_tcon_mute = 0;
181 
182 static smb_tree_t *smb_tree_connect_disk(smb_request_t *, const char *);
183 static smb_tree_t *smb_tree_connect_ipc(smb_request_t *, const char *);
184 static smb_tree_t *smb_tree_alloc(smb_user_t *, const smb_share_t *,
185     int32_t, smb_node_t *, uint32_t);
186 static void smb_tree_dealloc(smb_tree_t *);
187 static boolean_t smb_tree_is_connected_locked(smb_tree_t *);
188 static boolean_t smb_tree_is_disconnected(smb_tree_t *);
189 static const char *smb_tree_get_sharename(const char *);
190 static int smb_tree_get_stype(const char *, const char *, int32_t *);
191 static int smb_tree_getattr(const smb_share_t *, smb_node_t *, smb_tree_t *);
192 static void smb_tree_get_volname(vfs_t *, smb_tree_t *);
193 static void smb_tree_get_flags(const smb_share_t *, vfs_t *, smb_tree_t *);
194 static void smb_tree_log(smb_request_t *, const char *, const char *, ...);
195 static void smb_tree_close_odirs(smb_tree_t *, uint16_t);
196 static smb_ofile_t *smb_tree_get_ofile(smb_tree_t *, smb_ofile_t *);
197 static smb_odir_t *smb_tree_get_odir(smb_tree_t *, smb_odir_t *);
198 static void smb_tree_set_execsub_info(smb_tree_t *, smb_execsub_info_t *);
199 static int smb_tree_enum_private(smb_tree_t *, smb_svcenum_t *);
200 static int smb_tree_netinfo_encode(smb_tree_t *, uint8_t *, size_t, uint32_t *);
201 static void smb_tree_netinfo_init(smb_tree_t *tree, smb_netconnectinfo_t *);
202 static void smb_tree_netinfo_fini(smb_netconnectinfo_t *);
203 
204 /*
205  * Extract the share name and share type and connect as appropriate.
206  * Share names are case insensitive so we map the share name to
207  * lower-case as a convenience for internal processing.
208  */
209 smb_tree_t *
210 smb_tree_connect(smb_request_t *sr)
211 {
212 	char *unc_path = sr->arg.tcon.path;
213 	char *service = sr->arg.tcon.service;
214 	smb_tree_t *tree = NULL;
215 	const char *name;
216 	int32_t stype;
217 
218 	(void) utf8_strlwr(unc_path);
219 
220 	if ((name = smb_tree_get_sharename(unc_path)) == NULL) {
221 		smbsr_error(sr, 0, ERRSRV, ERRinvnetname);
222 		return (NULL);
223 	}
224 
225 	if (smb_tree_get_stype(name, service, &stype) != 0) {
226 		smbsr_error(sr, NT_STATUS_BAD_DEVICE_TYPE,
227 		    ERRDOS, ERROR_BAD_DEV_TYPE);
228 		return (NULL);
229 	}
230 
231 	switch (stype & STYPE_MASK) {
232 	case STYPE_DISKTREE:
233 		tree = smb_tree_connect_disk(sr, name);
234 		break;
235 
236 	case STYPE_IPC:
237 		tree = smb_tree_connect_ipc(sr, name);
238 		break;
239 
240 	default:
241 		smbsr_error(sr, NT_STATUS_BAD_DEVICE_TYPE,
242 		    ERRDOS, ERROR_BAD_DEV_TYPE);
243 		break;
244 	}
245 
246 	return (tree);
247 }
248 
249 /*
250  * Disconnect a tree.
251  */
252 void
253 smb_tree_disconnect(smb_tree_t *tree, boolean_t do_exec)
254 {
255 	smb_execsub_info_t subs;
256 
257 	ASSERT(tree->t_magic == SMB_TREE_MAGIC);
258 
259 	mutex_enter(&tree->t_mutex);
260 	ASSERT(tree->t_refcnt);
261 
262 	if (smb_tree_is_connected_locked(tree)) {
263 		/*
264 		 * Indicate that the disconnect process has started.
265 		 */
266 		tree->t_state = SMB_TREE_STATE_DISCONNECTING;
267 		mutex_exit(&tree->t_mutex);
268 		atomic_dec_32(&tree->t_server->sv_open_trees);
269 
270 		if (do_exec) {
271 			/*
272 			 * The files opened under this tree are closed.
273 			 */
274 			smb_ofile_close_all(tree);
275 			/*
276 			 * The directories opened under this tree are closed.
277 			 */
278 			smb_tree_close_odirs(tree, 0);
279 		}
280 
281 		mutex_enter(&tree->t_mutex);
282 		tree->t_state = SMB_TREE_STATE_DISCONNECTED;
283 	}
284 
285 	mutex_exit(&tree->t_mutex);
286 
287 	if (do_exec && tree->t_state == SMB_TREE_STATE_DISCONNECTED &&
288 	    tree->t_shr_flags & SMB_SHRF_UNMAP) {
289 
290 		(void) smb_tree_set_execsub_info(tree, &subs);
291 
292 		(void) smb_kshare_exec(tree->t_server->sv_lmshrd,
293 		    (char *)tree->t_sharename, &subs, SMB_SHR_UNMAP);
294 	}
295 }
296 
297 /*
298  * Take a reference on a tree.
299  */
300 boolean_t
301 smb_tree_hold(
302     smb_tree_t		*tree)
303 {
304 	ASSERT(tree);
305 	ASSERT(tree->t_magic == SMB_TREE_MAGIC);
306 
307 	mutex_enter(&tree->t_mutex);
308 
309 	if (smb_tree_is_connected_locked(tree)) {
310 		tree->t_refcnt++;
311 		mutex_exit(&tree->t_mutex);
312 		return (B_TRUE);
313 	}
314 
315 	mutex_exit(&tree->t_mutex);
316 	return (B_FALSE);
317 }
318 
319 /*
320  * Release a reference on a tree.  If the tree is disconnected and the
321  * reference count falls to zero, the tree will be deallocated.
322  */
323 void
324 smb_tree_release(
325     smb_tree_t		*tree)
326 {
327 	ASSERT(tree);
328 	ASSERT(tree->t_magic == SMB_TREE_MAGIC);
329 
330 	mutex_enter(&tree->t_mutex);
331 	ASSERT(tree->t_refcnt);
332 	tree->t_refcnt--;
333 
334 	if (smb_tree_is_disconnected(tree) && (tree->t_refcnt == 0)) {
335 		mutex_exit(&tree->t_mutex);
336 		smb_tree_dealloc(tree);
337 		return;
338 	}
339 
340 	mutex_exit(&tree->t_mutex);
341 }
342 
343 /*
344  * Close ofiles and odirs that match pid.
345  */
346 void
347 smb_tree_close_pid(
348     smb_tree_t		*tree,
349     uint16_t		pid)
350 {
351 	ASSERT(tree);
352 	ASSERT(tree->t_magic == SMB_TREE_MAGIC);
353 
354 	smb_ofile_close_all_by_pid(tree, pid);
355 	smb_tree_close_odirs(tree, pid);
356 }
357 
358 /*
359  * Check whether or not a tree supports the features identified by flags.
360  */
361 boolean_t
362 smb_tree_has_feature(smb_tree_t *tree, uint32_t flags)
363 {
364 	ASSERT(tree);
365 	ASSERT(tree->t_magic == SMB_TREE_MAGIC);
366 
367 	return ((tree->t_flags & flags) == flags);
368 }
369 
370 /*
371  * If the enumeration request is for tree data, handle the request
372  * here.  Otherwise, pass it on to the ofiles.
373  *
374  * This function should be called with a hold on the tree.
375  */
376 int
377 smb_tree_enum(smb_tree_t *tree, smb_svcenum_t *svcenum)
378 {
379 	smb_ofile_t	*of;
380 	smb_ofile_t	*next;
381 	int		rc;
382 
383 	ASSERT(tree);
384 	ASSERT(tree->t_magic == SMB_TREE_MAGIC);
385 
386 	if (svcenum->se_type == SMB_SVCENUM_TYPE_TREE)
387 		return (smb_tree_enum_private(tree, svcenum));
388 
389 	of = smb_tree_get_ofile(tree, NULL);
390 	while (of) {
391 		ASSERT(of->f_tree == tree);
392 
393 		rc = smb_ofile_enum(of, svcenum);
394 		if (rc != 0) {
395 			smb_ofile_release(of);
396 			break;
397 		}
398 
399 		next = smb_tree_get_ofile(tree, of);
400 		smb_ofile_release(of);
401 		of = next;
402 	}
403 
404 	return (rc);
405 }
406 
407 /*
408  * Close a file by its unique id.
409  */
410 int
411 smb_tree_fclose(smb_tree_t *tree, uint32_t uniqid)
412 {
413 	smb_ofile_t	*of;
414 
415 	ASSERT(tree);
416 	ASSERT(tree->t_magic == SMB_TREE_MAGIC);
417 
418 	if ((of = smb_ofile_lookup_by_uniqid(tree, uniqid)) == NULL)
419 		return (ENOENT);
420 
421 	if (smb_ofile_disallow_fclose(of)) {
422 		smb_ofile_release(of);
423 		return (EACCES);
424 	}
425 
426 	smb_ofile_close(of, 0);
427 	smb_ofile_release(of);
428 	return (0);
429 }
430 
431 /* *************************** Static Functions ***************************** */
432 
433 #define	SHARES_DIR	".zfs/shares/"
434 static void
435 smb_tree_acl_access(cred_t *cred, const char *sharename, vnode_t *pathvp,
436 		    uint32_t *access)
437 {
438 	int rc;
439 	vfs_t *vfsp;
440 	vnode_t *root = NULL;
441 	vnode_t *sharevp = NULL;
442 	char *sharepath;
443 	struct pathname pnp;
444 	size_t size;
445 
446 	*access = ACE_ALL_PERMS; /* default to full "UNIX" access */
447 
448 	/*
449 	 * Using the vnode of the share path, we then find the root
450 	 * directory of the mounted file system. We will then look to
451 	 * see if there is a .zfs/shares directory and if there is,
452 	 * get the access information from the ACL/ACES values and
453 	 * check against the cred.
454 	 */
455 	vfsp = pathvp->v_vfsp;
456 	if (vfsp != NULL)
457 		rc = VFS_ROOT(vfsp, &root);
458 	else
459 		rc = ENOENT;
460 
461 	if (rc != 0)
462 		return;
463 
464 
465 	/*
466 	 * Find the share object, if there is one. Need to construct
467 	 * the path to the .zfs/shares/<sharename> object and look it
468 	 * up.  root is called held but will be released by
469 	 * lookuppnvp().
470 	 */
471 
472 	size = sizeof (SHARES_DIR) + strlen(sharename) + 1;
473 	sharepath = kmem_alloc(size, KM_SLEEP);
474 	(void) sprintf(sharepath, "%s%s", SHARES_DIR, sharename);
475 
476 	pn_alloc(&pnp);
477 	(void) pn_set(&pnp, sharepath);
478 	rc = lookuppnvp(&pnp, NULL, NO_FOLLOW, NULL,
479 	    &sharevp, rootdir, root, kcred);
480 	pn_free(&pnp);
481 
482 	kmem_free(sharepath, size);
483 
484 	/*
485 	 * Now get the effective access value based on cred and ACL
486 	 * values.
487 	 */
488 
489 	if (rc == 0) {
490 		smb_vop_eaccess(sharevp, (int *)access, V_ACE_MASK, NULL, cred);
491 		VN_RELE(sharevp);
492 	}
493 }
494 
495 /*
496  * Connect a share for use with files and directories.
497  */
498 
499 static smb_tree_t *
500 smb_tree_connect_disk(smb_request_t *sr, const char *sharename)
501 {
502 	smb_user_t		*user = sr->uid_user;
503 	smb_node_t		*dnode = NULL;
504 	smb_node_t		*snode = NULL;
505 	char			last_component[MAXNAMELEN];
506 	smb_tree_t		*tree;
507 	smb_share_t 		*si;
508 	cred_t			*u_cred;
509 	int			rc;
510 	uint32_t		access = 0; /* read/write is assumed */
511 	uint32_t		hostaccess = ACE_ALL_PERMS;
512 	uint32_t		aclaccess;
513 	smb_execsub_info_t	subs;
514 
515 	ASSERT(user);
516 	u_cred = user->u_cred;
517 	ASSERT(u_cred);
518 
519 	if (user->u_flags & SMB_USER_FLAG_IPC) {
520 		smb_tree_log(sr, sharename, "access denied: IPC only");
521 		smbsr_error(sr, NT_STATUS_ACCESS_DENIED, ERRSRV, ERRaccess);
522 		return (NULL);
523 	}
524 
525 	si = kmem_zalloc(sizeof (smb_share_t), KM_SLEEP);
526 
527 	if (smb_kshare_getinfo(sr->sr_server->sv_lmshrd, (char *)sharename, si,
528 	    &sr->session->ipaddr) != NERR_Success) {
529 		smb_tree_log(sr, sharename, "share not found");
530 		smbsr_error(sr, 0, ERRSRV, ERRinvnetname);
531 		kmem_free(si, sizeof (smb_share_t));
532 		return (NULL);
533 	}
534 
535 	if (user->u_flags & SMB_USER_FLAG_GUEST) {
536 		if ((si->shr_flags & SMB_SHRF_GUEST_OK) == 0) {
537 			smb_tree_log(sr, sharename,
538 			    "access denied: guest disabled");
539 			smbsr_error(sr, NT_STATUS_ACCESS_DENIED, ERRSRV,
540 			    ERRaccess);
541 			kmem_free(si, sizeof (smb_share_t));
542 			return (NULL);
543 		}
544 	}
545 
546 	/*
547 	 * Handle the default administration shares: C$, D$ etc.
548 	 * Only a user with admin rights is allowed to map these
549 	 * shares.
550 	 */
551 	if (si->shr_flags & SMB_SHRF_ADMIN) {
552 		if (!smb_user_is_admin(user)) {
553 			smb_tree_log(sr, sharename, "access denied: not admin");
554 			smbsr_error(sr, NT_STATUS_ACCESS_DENIED,
555 			    ERRSRV, ERRaccess);
556 			kmem_free(si, sizeof (smb_share_t));
557 			return (NULL);
558 		}
559 	}
560 
561 	/*
562 	 * Set up the OptionalSupport for this share.
563 	 */
564 	sr->arg.tcon.optional_support = SMB_SUPPORT_SEARCH_BITS;
565 
566 	switch (si->shr_flags & SMB_SHRF_CSC_MASK) {
567 	case SMB_SHRF_CSC_DISABLED:
568 		sr->arg.tcon.optional_support |= SMB_CSC_CACHE_NONE;
569 		break;
570 	case SMB_SHRF_CSC_AUTO:
571 		sr->arg.tcon.optional_support |= SMB_CSC_CACHE_AUTO_REINT;
572 		break;
573 	case SMB_SHRF_CSC_VDO:
574 		sr->arg.tcon.optional_support |= SMB_CSC_CACHE_VDO;
575 		break;
576 	case SMB_SHRF_CSC_MANUAL:
577 	default:
578 		/*
579 		 * Default to SMB_CSC_CACHE_MANUAL_REINT.
580 		 */
581 		break;
582 	}
583 
584 	access = si->shr_access_value & SMB_SHRF_ACC_ALL;
585 
586 	if (access == SMB_SHRF_ACC_RO) {
587 		hostaccess &= ~ACE_ALL_WRITE_PERMS;
588 	} else if (access == SMB_SHRF_ACC_NONE) {
589 		kmem_free(si, sizeof (smb_share_t));
590 		smb_tree_log(sr, sharename, "access denied: host access");
591 		smbsr_error(sr, NT_STATUS_ACCESS_DENIED, ERRSRV, ERRaccess);
592 		return (NULL);
593 	}
594 
595 	/*
596 	 * Check that the shared directory exists.
597 	 */
598 	rc = smb_pathname_reduce(sr, u_cred, si->shr_path, 0, 0, &dnode,
599 	    last_component);
600 
601 	if (rc == 0) {
602 		rc = smb_fsop_lookup(sr, u_cred, SMB_FOLLOW_LINKS,
603 		    sr->sr_server->si_root_smb_node, dnode, last_component,
604 		    &snode);
605 
606 		smb_node_release(dnode);
607 	}
608 
609 	if (rc) {
610 		if (snode)
611 			smb_node_release(snode);
612 
613 		smb_tree_log(sr, sharename, "bad path: %s", si->shr_path);
614 		smbsr_error(sr, 0, ERRSRV, ERRinvnetname);
615 		kmem_free(si, sizeof (smb_share_t));
616 		return (NULL);
617 	}
618 
619 	/*
620 	 * Find share level ACL if it exists in the designated
621 	 * location. Needs to be done after finding a valid path but
622 	 * before the tree is allocated.
623 	 */
624 	smb_tree_acl_access(u_cred, sharename, snode->vp, &aclaccess);
625 	if ((aclaccess & ACE_ALL_PERMS) == 0) {
626 		smb_tree_log(sr, sharename, "access denied: share ACL");
627 		smbsr_error(sr, 0, ERRSRV, ERRaccess);
628 		kmem_free(si, sizeof (smb_share_t));
629 		smb_node_release(snode);
630 		return (NULL);
631 	}
632 
633 	/*
634 	 * Set tree ACL access to the minimum ACL permissions based on
635 	 * hostaccess (those allowed by host based access) and
636 	 * aclaccess (those from the ACL object for the share). This
637 	 * is done during the alloc.
638 	 */
639 
640 	(void) strlcpy(si->shr_name, sharename, MAXNAMELEN);
641 	tree = smb_tree_alloc(user, si, STYPE_DISKTREE, snode,
642 	    hostaccess & aclaccess);
643 
644 	smb_node_release(snode);
645 
646 	if (tree == NULL)
647 		smbsr_error(sr, NT_STATUS_ACCESS_DENIED, ERRSRV, ERRaccess);
648 	else {
649 
650 		tree->t_shr_flags = si->shr_flags;
651 
652 		if (tree->t_shr_flags & SMB_SHRF_MAP) {
653 			(void) smb_tree_set_execsub_info(tree, &subs);
654 
655 			rc = smb_kshare_exec(sr->sr_server->sv_lmshrd,
656 			    (char *)sharename, &subs, SMB_SHR_MAP);
657 
658 			if (rc != 0 && tree->t_shr_flags & SMB_SHRF_DISP_TERM) {
659 				smb_tree_disconnect(tree, B_FALSE);
660 				smb_tree_release(tree);
661 				smbsr_error(sr, NT_STATUS_ACCESS_DENIED, ERRSRV,
662 				    ERRaccess);
663 				kmem_free(si, sizeof (smb_share_t));
664 				return (NULL);
665 			}
666 		}
667 	}
668 
669 	kmem_free(si, sizeof (smb_share_t));
670 
671 	return (tree);
672 }
673 
674 /*
675  * Connect an IPC share for use with named pipes.
676  */
677 static smb_tree_t *
678 smb_tree_connect_ipc(smb_request_t *sr, const char *name)
679 {
680 	smb_user_t	*user = sr->uid_user;
681 	smb_tree_t	*tree;
682 	smb_share_t	*si;
683 
684 	ASSERT(user);
685 
686 	if ((user->u_flags & SMB_USER_FLAG_IPC) &&
687 	    sr->sr_cfg->skc_restrict_anon) {
688 		smb_tree_log(sr, name, "access denied: restrict anonymous");
689 		smbsr_error(sr, NT_STATUS_ACCESS_DENIED, ERRSRV, ERRaccess);
690 		return (NULL);
691 	}
692 
693 	sr->arg.tcon.optional_support = SMB_SUPPORT_SEARCH_BITS;
694 
695 	si = kmem_zalloc(sizeof (smb_share_t), KM_SLEEP);
696 	(void) strlcpy(si->shr_name, name, MAXNAMELEN);
697 	(void) strlcpy(si->shr_path, name, MAXPATHLEN);
698 	si->shr_type = STYPE_IPC | STYPE_SPECIAL;
699 
700 	tree = smb_tree_alloc(user, si, STYPE_IPC, NULL, ACE_ALL_PERMS);
701 	if (tree == NULL) {
702 		smb_tree_log(sr, name, "access denied");
703 		smbsr_error(sr, NT_STATUS_ACCESS_DENIED, ERRSRV, ERRaccess);
704 	}
705 
706 	kmem_free(si, sizeof (smb_share_t));
707 	return (tree);
708 }
709 
710 /*
711  * Allocate a tree.
712  */
713 static smb_tree_t *
714 smb_tree_alloc(
715     smb_user_t		*user,
716     const smb_share_t	*si,
717     int32_t		stype,
718     smb_node_t		*snode,
719     uint32_t access)
720 {
721 	smb_tree_t	*tree;
722 	uint16_t	tid;
723 
724 	if (smb_idpool_alloc(&user->u_tid_pool, &tid))
725 		return (NULL);
726 
727 	tree = kmem_cache_alloc(user->u_server->si_cache_tree, KM_SLEEP);
728 	bzero(tree, sizeof (smb_tree_t));
729 
730 	if (STYPE_ISDSK(stype)) {
731 		if (smb_tree_getattr(si, snode, tree) != 0) {
732 			smb_idpool_free(&user->u_tid_pool, tid);
733 			kmem_cache_free(user->u_server->si_cache_tree, tree);
734 			return (NULL);
735 		}
736 	}
737 
738 	if (smb_idpool_constructor(&tree->t_fid_pool)) {
739 		smb_idpool_free(&user->u_tid_pool, tid);
740 		kmem_cache_free(user->u_server->si_cache_tree, tree);
741 		return (NULL);
742 	}
743 
744 	if (smb_idpool_constructor(&tree->t_odid_pool)) {
745 		smb_idpool_destructor(&tree->t_fid_pool);
746 		smb_idpool_free(&user->u_tid_pool, tid);
747 		kmem_cache_free(user->u_server->si_cache_tree, tree);
748 		return (NULL);
749 	}
750 
751 	smb_llist_constructor(&tree->t_ofile_list, sizeof (smb_ofile_t),
752 	    offsetof(smb_ofile_t, f_lnd));
753 
754 	smb_llist_constructor(&tree->t_odir_list, sizeof (smb_odir_t),
755 	    offsetof(smb_odir_t, d_lnd));
756 
757 	(void) strlcpy(tree->t_sharename, si->shr_name,
758 	    sizeof (tree->t_sharename));
759 	(void) strlcpy(tree->t_resource, si->shr_path,
760 	    sizeof (tree->t_resource));
761 
762 	mutex_init(&tree->t_mutex, NULL, MUTEX_DEFAULT, NULL);
763 
764 	tree->t_user = user;
765 	tree->t_session = user->u_session;
766 	tree->t_server = user->u_server;
767 	tree->t_refcnt = 1;
768 	tree->t_tid = tid;
769 	tree->t_res_type = stype;
770 	tree->t_state = SMB_TREE_STATE_CONNECTED;
771 	tree->t_magic = SMB_TREE_MAGIC;
772 	tree->t_access = access;
773 	tree->t_connect_time = gethrestime_sec();
774 
775 	/* if FS is readonly, enforce that here */
776 	if (tree->t_flags & SMB_TREE_READONLY)
777 		tree->t_access &= ~ACE_ALL_WRITE_PERMS;
778 
779 	if (STYPE_ISDSK(stype)) {
780 		smb_node_ref(snode);
781 		tree->t_snode = snode;
782 		tree->t_acltype = smb_fsop_acltype(snode);
783 	}
784 
785 	smb_llist_enter(&user->u_tree_list, RW_WRITER);
786 	smb_llist_insert_head(&user->u_tree_list, tree);
787 	smb_llist_exit(&user->u_tree_list);
788 	atomic_inc_32(&user->u_session->s_tree_cnt);
789 	atomic_inc_32(&user->u_server->sv_open_trees);
790 
791 	return (tree);
792 }
793 
794 /*
795  * Deallocate a tree: release all resources associated with a tree and
796  * remove the tree from the user's tree list.
797  *
798  * The tree being destroyed must be in the "destroying" state and the
799  * reference count must be zero. This function assumes it's single threaded
800  * i.e. only one thread will attempt to destroy a specific tree, which
801  * should be the case if the tree is in disconnected and has a reference
802  * count of zero.
803  */
804 static void
805 smb_tree_dealloc(smb_tree_t *tree)
806 {
807 	ASSERT(tree);
808 	ASSERT(tree->t_magic == SMB_TREE_MAGIC);
809 	ASSERT(tree->t_state == SMB_TREE_STATE_DISCONNECTED);
810 	ASSERT(tree->t_refcnt == 0);
811 
812 	/*
813 	 * Remove the tree from the user's tree list.  This must be done
814 	 * before any resources associated with the tree are released.
815 	 */
816 	smb_llist_enter(&tree->t_user->u_tree_list, RW_WRITER);
817 	smb_llist_remove(&tree->t_user->u_tree_list, tree);
818 	smb_llist_exit(&tree->t_user->u_tree_list);
819 
820 	tree->t_magic = (uint32_t)~SMB_TREE_MAGIC;
821 	smb_idpool_free(&tree->t_user->u_tid_pool, tree->t_tid);
822 	atomic_dec_32(&tree->t_session->s_tree_cnt);
823 
824 	if (tree->t_snode)
825 		smb_node_release(tree->t_snode);
826 
827 	mutex_destroy(&tree->t_mutex);
828 
829 	/*
830 	 * The list of open files and open directories should be empty.
831 	 */
832 	smb_llist_destructor(&tree->t_ofile_list);
833 	smb_llist_destructor(&tree->t_odir_list);
834 	smb_idpool_destructor(&tree->t_fid_pool);
835 	smb_idpool_destructor(&tree->t_odid_pool);
836 	kmem_cache_free(tree->t_server->si_cache_tree, tree);
837 }
838 
839 /*
840  * Determine whether or not a tree is connected.
841  * This function must be called with the tree mutex held.
842  */
843 static boolean_t
844 smb_tree_is_connected_locked(smb_tree_t *tree)
845 {
846 	switch (tree->t_state) {
847 	case SMB_TREE_STATE_CONNECTED:
848 		return (B_TRUE);
849 
850 	case SMB_TREE_STATE_DISCONNECTING:
851 	case SMB_TREE_STATE_DISCONNECTED:
852 		/*
853 		 * The tree exists but being diconnected or destroyed.
854 		 */
855 		return (B_FALSE);
856 
857 	default:
858 		ASSERT(0);
859 		return (B_FALSE);
860 	}
861 }
862 
863 /*
864  * Determine whether or not a tree is disconnected.
865  * This function must be called with the tree mutex held.
866  */
867 static boolean_t
868 smb_tree_is_disconnected(smb_tree_t *tree)
869 {
870 	switch (tree->t_state) {
871 	case SMB_TREE_STATE_DISCONNECTED:
872 		return (B_TRUE);
873 
874 	case SMB_TREE_STATE_CONNECTED:
875 	case SMB_TREE_STATE_DISCONNECTING:
876 		return (B_FALSE);
877 
878 	default:
879 		ASSERT(0);
880 		return (B_FALSE);
881 	}
882 }
883 
884 /*
885  * Return a pointer to the share name within a share resource path.
886  *
887  * The share path may be a Uniform Naming Convention (UNC) string
888  * (\\server\share) or simply the share name.  We validate the UNC
889  * format but we don't look at the server name.
890  */
891 static const char *
892 smb_tree_get_sharename(const char *unc_path)
893 {
894 	const char *sharename = unc_path;
895 
896 	if (sharename[0] == '\\') {
897 		/*
898 		 * Looks like a UNC path, validate the format.
899 		 */
900 		if (sharename[1] != '\\')
901 			return (NULL);
902 
903 		if ((sharename = strchr(sharename+2, '\\')) == NULL)
904 			return (NULL);
905 
906 		++sharename;
907 	} else if (strchr(sharename, '\\') != NULL) {
908 		/*
909 		 * This should be a share name (no embedded \'s).
910 		 */
911 		return (NULL);
912 	}
913 
914 	return (sharename);
915 }
916 
917 /*
918  * Map the service to a resource type.  Valid values for service are:
919  *
920  *	A:      Disk share
921  *	LPT1:   Printer
922  *	IPC     Named pipe
923  *	COMM    Communications device
924  *	?????   Any type of device (wildcard)
925  *
926  * We support IPC and disk shares; anything else is currently treated
927  * as an error.  IPC$ is reserved as the named pipe share.
928  */
929 static int
930 smb_tree_get_stype(const char *sharename, const char *service,
931     int32_t *stype_ret)
932 {
933 	const char *any = "?????";
934 
935 	if ((strcmp(service, any) == 0) || (strcasecmp(service, "IPC") == 0)) {
936 		if (strcasecmp(sharename, "IPC$") == 0) {
937 			*stype_ret = STYPE_IPC;
938 			return (0);
939 		}
940 	}
941 
942 	if ((strcmp(service, any) == 0) || (strcasecmp(service, "A:") == 0)) {
943 		if (strcasecmp(sharename, "IPC$") == 0)
944 			return (-1);
945 
946 		*stype_ret = STYPE_DISKTREE;
947 		return (0);
948 	}
949 
950 	return (-1);
951 }
952 
953 /*
954  * Obtain the tree attributes: volume name, typename and flags.
955  */
956 static int
957 smb_tree_getattr(const smb_share_t *si, smb_node_t *node, smb_tree_t *tree)
958 {
959 	vfs_t *vfsp = SMB_NODE_VFS(node);
960 
961 	ASSERT(vfsp);
962 
963 	if (getvfs(&vfsp->vfs_fsid) != vfsp)
964 		return (ESTALE);
965 
966 	smb_tree_get_volname(vfsp, tree);
967 	smb_tree_get_flags(si, vfsp, tree);
968 
969 	VFS_RELE(vfsp);
970 	return (0);
971 }
972 
973 /*
974  * Extract the volume name.
975  */
976 static void
977 smb_tree_get_volname(vfs_t *vfsp, smb_tree_t *tree)
978 {
979 	refstr_t *vfs_mntpoint;
980 	const char *s;
981 	char *name;
982 
983 	vfs_mntpoint = vfs_getmntpoint(vfsp);
984 
985 	s = vfs_mntpoint->rs_string;
986 	s += strspn(s, "/");
987 	(void) strlcpy(tree->t_volume, s, SMB_VOLNAMELEN);
988 
989 	refstr_rele(vfs_mntpoint);
990 
991 	name = tree->t_volume;
992 	(void) strsep((char **)&name, "/");
993 }
994 
995 /*
996  * Always set ACL support because the VFS will fake ACLs for file systems
997  * that don't support them.
998  *
999  * Some flags are dependent on the typename, which is also set up here.
1000  * File system types are hardcoded in uts/common/os/vfs_conf.c.
1001  */
1002 static void
1003 smb_tree_get_flags(const smb_share_t *si, vfs_t *vfsp, smb_tree_t *tree)
1004 {
1005 	typedef struct smb_mtype {
1006 		char		*mt_name;
1007 		size_t		mt_namelen;
1008 		uint32_t	mt_flags;
1009 	} smb_mtype_t;
1010 
1011 	static smb_mtype_t smb_mtype[] = {
1012 		{ "zfs",	3,	SMB_TREE_UNICODE_ON_DISK },
1013 		{ "ufs",	3,	SMB_TREE_UNICODE_ON_DISK },
1014 		{ "nfs",	3,	SMB_TREE_NFS_MOUNTED },
1015 		{ "tmpfs",	5,	SMB_TREE_NO_EXPORT }
1016 	};
1017 	smb_mtype_t	*mtype;
1018 	char		*name;
1019 	uint32_t	flags = SMB_TREE_SUPPORTS_ACLS;
1020 	int		i;
1021 
1022 	if (si->shr_flags & SMB_SHRF_CATIA)
1023 		flags |= SMB_TREE_CATIA;
1024 
1025 	if (vfsp->vfs_flag & VFS_RDONLY)
1026 		flags |= SMB_TREE_READONLY;
1027 
1028 	if (vfsp->vfs_flag & VFS_XATTR)
1029 		flags |= SMB_TREE_STREAMS;
1030 
1031 	if (vfs_optionisset(vfsp, MNTOPT_NOATIME, NULL))
1032 		flags |= SMB_TREE_NO_ATIME;
1033 
1034 	name = vfssw[vfsp->vfs_fstype].vsw_name;
1035 
1036 	for (i = 0; i < sizeof (smb_mtype) / sizeof (smb_mtype[0]); ++i) {
1037 		mtype = &smb_mtype[i];
1038 		if (strncasecmp(name, mtype->mt_name, mtype->mt_namelen) == 0)
1039 			flags |= mtype->mt_flags;
1040 	}
1041 
1042 	(void) strlcpy(tree->t_typename, name, SMB_TYPENAMELEN);
1043 	(void) utf8_strupr((char *)tree->t_typename);
1044 
1045 	if (vfs_has_feature(vfsp, VFSFT_XVATTR))
1046 		flags |= SMB_TREE_XVATTR;
1047 
1048 	if (vfs_has_feature(vfsp, VFSFT_CASEINSENSITIVE))
1049 		flags |= SMB_TREE_CASEINSENSITIVE;
1050 
1051 	if (vfs_has_feature(vfsp, VFSFT_NOCASESENSITIVE))
1052 		flags |= SMB_TREE_NO_CASESENSITIVE;
1053 
1054 	if (vfs_has_feature(vfsp, VFSFT_DIRENTFLAGS))
1055 		flags |= SMB_TREE_DIRENTFLAGS;
1056 
1057 	if (vfs_has_feature(vfsp, VFSFT_ACLONCREATE))
1058 		flags |= SMB_TREE_ACLONCREATE;
1059 
1060 	if (vfs_has_feature(vfsp, VFSFT_ACEMASKONACCESS))
1061 		flags |= SMB_TREE_ACEMASKONACCESS;
1062 
1063 	DTRACE_PROBE2(smb__tree__flags, uint32_t, flags, char *, name);
1064 
1065 
1066 	tree->t_flags = flags;
1067 }
1068 
1069 /*
1070  * Report share access result to syslog.
1071  */
1072 static void
1073 smb_tree_log(smb_request_t *sr, const char *sharename, const char *fmt, ...)
1074 {
1075 	va_list ap;
1076 	char buf[128];
1077 	smb_user_t *user = sr->uid_user;
1078 
1079 	ASSERT(user);
1080 
1081 	if (smb_tcon_mute)
1082 		return;
1083 
1084 	if ((user->u_name) && (strcasecmp(sharename, "IPC$") == 0)) {
1085 		/*
1086 		 * Only report normal users, i.e. ignore W2K misuse
1087 		 * of the IPC connection by filtering out internal
1088 		 * names such as nobody and root.
1089 		 */
1090 		if ((strcmp(user->u_name, "root") == 0) ||
1091 		    (strcmp(user->u_name, "nobody") == 0)) {
1092 			return;
1093 		}
1094 	}
1095 
1096 	va_start(ap, fmt);
1097 	(void) vsnprintf(buf, 128, fmt, ap);
1098 	va_end(ap);
1099 
1100 	cmn_err(CE_NOTE, "smbd[%s\\%s]: %s %s",
1101 	    user->u_domain, user->u_name, sharename, buf);
1102 }
1103 
1104 /*
1105  * smb_tree_lookup_odir
1106  *
1107  * Find the specified odir in the tree's list of odirs, and
1108  * attempt to obtain a hold on the odir.
1109  *
1110  * Returns NULL if odir not found or a hold cannot be obtained.
1111  */
1112 smb_odir_t *
1113 smb_tree_lookup_odir(smb_tree_t *tree, uint16_t odid)
1114 {
1115 	smb_odir_t	*od;
1116 	smb_llist_t	*od_list;
1117 
1118 	ASSERT(tree);
1119 	ASSERT(tree->t_magic == SMB_TREE_MAGIC);
1120 
1121 	od_list = &tree->t_odir_list;
1122 	smb_llist_enter(od_list, RW_READER);
1123 
1124 	od = smb_llist_head(od_list);
1125 	while (od) {
1126 		if (od->d_odid == odid) {
1127 			if (!smb_odir_hold(od))
1128 				od = NULL;
1129 			break;
1130 		}
1131 		od = smb_llist_next(od_list, od);
1132 	}
1133 
1134 	smb_llist_exit(od_list);
1135 	return (od);
1136 }
1137 
1138 boolean_t
1139 smb_tree_is_connected(smb_tree_t *tree)
1140 {
1141 	boolean_t	rb;
1142 
1143 	mutex_enter(&tree->t_mutex);
1144 	rb = smb_tree_is_connected_locked(tree);
1145 	mutex_exit(&tree->t_mutex);
1146 	return (rb);
1147 }
1148 
1149 /*
1150  * Get the next open ofile in the list.  A reference is taken on
1151  * the ofile, which can be released later with smb_ofile_release().
1152  *
1153  * If the specified ofile is NULL, search from the beginning of the
1154  * list.  Otherwise, the search starts just after that ofile.
1155  *
1156  * Returns NULL if there are no open files in the list.
1157  */
1158 static smb_ofile_t *
1159 smb_tree_get_ofile(smb_tree_t *tree, smb_ofile_t *of)
1160 {
1161 	smb_llist_t *ofile_list;
1162 
1163 	ASSERT(tree);
1164 	ASSERT(tree->t_magic == SMB_TREE_MAGIC);
1165 
1166 	ofile_list = &tree->t_ofile_list;
1167 	smb_llist_enter(ofile_list, RW_READER);
1168 
1169 	if (of) {
1170 		ASSERT(of->f_magic == SMB_OFILE_MAGIC);
1171 		of = smb_llist_next(ofile_list, of);
1172 	} else {
1173 		of = smb_llist_head(ofile_list);
1174 	}
1175 
1176 	while (of) {
1177 		if (smb_ofile_hold(of))
1178 			break;
1179 
1180 		of = smb_llist_next(ofile_list, of);
1181 	}
1182 
1183 	smb_llist_exit(ofile_list);
1184 	return (of);
1185 }
1186 
1187 /*
1188  * smb_tree_get_odir
1189  *
1190  * Find the next odir in the tree's list of odirs, and obtain a
1191  * hold on it.
1192  * If the specified odir is NULL the search starts at the beginning
1193  * of the tree's odir list, otherwise the search starts after the
1194  * specified odir.
1195  */
1196 static smb_odir_t *
1197 smb_tree_get_odir(smb_tree_t *tree, smb_odir_t *od)
1198 {
1199 	smb_llist_t *od_list;
1200 
1201 	ASSERT(tree);
1202 	ASSERT(tree->t_magic == SMB_TREE_MAGIC);
1203 
1204 	od_list = &tree->t_odir_list;
1205 	smb_llist_enter(od_list, RW_READER);
1206 
1207 	if (od) {
1208 		ASSERT(od->d_magic == SMB_ODIR_MAGIC);
1209 		od = smb_llist_next(od_list, od);
1210 	} else {
1211 		od = smb_llist_head(od_list);
1212 	}
1213 
1214 	while (od) {
1215 		ASSERT(od->d_magic == SMB_ODIR_MAGIC);
1216 
1217 		if (smb_odir_hold(od))
1218 			break;
1219 		od = smb_llist_next(od_list, od);
1220 	}
1221 
1222 	smb_llist_exit(od_list);
1223 	return (od);
1224 }
1225 
1226 /*
1227  * smb_tree_close_odirs
1228  *
1229  * Close all open odirs in the tree's list which were opened by
1230  * the process identified by pid.
1231  * If pid is zero, close all open odirs in the tree's list.
1232  */
1233 static void
1234 smb_tree_close_odirs(smb_tree_t *tree, uint16_t pid)
1235 {
1236 	smb_odir_t *od, *next_od;
1237 
1238 	ASSERT(tree);
1239 	ASSERT(tree->t_magic == SMB_TREE_MAGIC);
1240 
1241 	od = smb_tree_get_odir(tree, NULL);
1242 	while (od) {
1243 		ASSERT(od->d_magic == SMB_ODIR_MAGIC);
1244 		ASSERT(od->d_tree == tree);
1245 
1246 		next_od = smb_tree_get_odir(tree, od);
1247 		if ((pid == 0) || (od->d_opened_by_pid == pid))
1248 				smb_odir_close(od);
1249 		smb_odir_release(od);
1250 
1251 		od = next_od;
1252 	}
1253 }
1254 
1255 static void
1256 smb_tree_set_execsub_info(smb_tree_t *tree, smb_execsub_info_t *subs)
1257 {
1258 		subs->e_winname = tree->t_user->u_name;
1259 		subs->e_userdom = tree->t_user->u_domain;
1260 		subs->e_srv_ipaddr = tree->t_session->local_ipaddr;
1261 		subs->e_cli_ipaddr = tree->t_session->ipaddr;
1262 		subs->e_cli_netbiosname = tree->t_session->workstation;
1263 		subs->e_uid = tree->t_user->u_cred->cr_uid;
1264 }
1265 
1266 /*
1267  * Private function to support smb_tree_enum.
1268  */
1269 static int
1270 smb_tree_enum_private(smb_tree_t *tree, smb_svcenum_t *svcenum)
1271 {
1272 	uint8_t *pb;
1273 	uint_t nbytes;
1274 	int rc;
1275 
1276 	if (svcenum->se_nskip > 0) {
1277 		svcenum->se_nskip--;
1278 		return (0);
1279 	}
1280 
1281 	if (svcenum->se_nitems >= svcenum->se_nlimit) {
1282 		svcenum->se_nitems = svcenum->se_nlimit;
1283 		return (0);
1284 	}
1285 
1286 	pb = &svcenum->se_buf[svcenum->se_bused];
1287 	rc = smb_tree_netinfo_encode(tree, pb, svcenum->se_bavail, &nbytes);
1288 	if (rc == 0) {
1289 		svcenum->se_bavail -= nbytes;
1290 		svcenum->se_bused += nbytes;
1291 		svcenum->se_nitems++;
1292 	}
1293 
1294 	return (rc);
1295 }
1296 
1297 /*
1298  * Encode connection information into a buffer: connection information
1299  * needed in user space to support RPC requests.
1300  */
1301 static int
1302 smb_tree_netinfo_encode(smb_tree_t *tree, uint8_t *buf, size_t buflen,
1303     uint32_t *nbytes)
1304 {
1305 	smb_netconnectinfo_t	info;
1306 	int			rc;
1307 
1308 	smb_tree_netinfo_init(tree, &info);
1309 	rc = smb_netconnectinfo_encode(&info, buf, buflen, nbytes);
1310 	smb_tree_netinfo_fini(&info);
1311 
1312 	return (rc);
1313 }
1314 
1315 /*
1316  * Note: ci_numusers should be the number of users connected to
1317  * the share rather than the number of references on the tree but
1318  * we don't have a mechanism to track users/share in smbsrv yet.
1319  */
1320 static void
1321 smb_tree_netinfo_init(smb_tree_t *tree, smb_netconnectinfo_t *info)
1322 {
1323 	smb_user_t	*user;
1324 
1325 	ASSERT(tree);
1326 
1327 	info->ci_id = tree->t_tid;
1328 	info->ci_type = tree->t_res_type;
1329 	info->ci_numopens = tree->t_open_files;
1330 	info->ci_numusers = tree->t_refcnt;
1331 	info->ci_time = gethrestime_sec() - tree->t_connect_time;
1332 
1333 	info->ci_sharelen = strlen(tree->t_sharename) + 1;
1334 	info->ci_share = smb_kstrdup(tree->t_sharename, info->ci_sharelen);
1335 
1336 	user = tree->t_user;
1337 	ASSERT(user);
1338 
1339 	info->ci_namelen = user->u_domain_len + user->u_name_len + 2;
1340 	info->ci_username = kmem_alloc(info->ci_namelen, KM_SLEEP);
1341 	(void) snprintf(info->ci_username, info->ci_namelen, "%s\\%s",
1342 	    user->u_domain, user->u_name);
1343 }
1344 
1345 static void
1346 smb_tree_netinfo_fini(smb_netconnectinfo_t *info)
1347 {
1348 	if (info == NULL)
1349 		return;
1350 
1351 	if (info->ci_username)
1352 		kmem_free(info->ci_username, info->ci_namelen);
1353 	if (info->ci_share)
1354 		kmem_free(info->ci_share, info->ci_sharelen);
1355 
1356 	bzero(info, sizeof (smb_netconnectinfo_t));
1357 }
1358