xref: /titanic_52/usr/src/uts/common/fs/smbsrv/smb_fsops.c (revision 726fad2a65f16c200a03969c29cb5c86c2d427db)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23  */
24 
25 #include <sys/sid.h>
26 #include <sys/nbmlock.h>
27 #include <smbsrv/smb_fsops.h>
28 #include <smbsrv/smb_kproto.h>
29 #include <acl/acl_common.h>
30 #include <sys/fcntl.h>
31 #include <sys/flock.h>
32 #include <fs/fs_subr.h>
33 
34 extern caller_context_t smb_ct;
35 
36 extern int smb_fem_oplock_install(smb_node_t *);
37 extern void smb_fem_oplock_uninstall(smb_node_t *);
38 
39 extern int smb_vop_other_opens(vnode_t *, int);
40 
41 static int smb_fsop_create_stream(smb_request_t *, cred_t *, smb_node_t *,
42     char *, char *, int, smb_attr_t *, smb_node_t **);
43 
44 static int smb_fsop_create_file(smb_request_t *, cred_t *, smb_node_t *,
45     char *, int, smb_attr_t *, smb_node_t **);
46 
47 static int smb_fsop_create_with_sd(smb_request_t *, cred_t *, smb_node_t *,
48     char *, smb_attr_t *, smb_node_t **, smb_fssd_t *);
49 
50 static int smb_fsop_sdinherit(smb_request_t *, smb_node_t *, smb_fssd_t *);
51 
52 /*
53  * The smb_fsop_* functions have knowledge of CIFS semantics.
54  *
55  * The smb_vop_* functions have minimal knowledge of CIFS semantics and
56  * serve as an interface to the VFS layer.
57  *
58  * Hence, smb_request_t and smb_node_t structures should not be passed
59  * from the smb_fsop_* layer to the smb_vop_* layer.
60  *
61  * In general, CIFS service code should only ever call smb_fsop_*
62  * functions directly, and never smb_vop_* functions directly.
63  *
64  * smb_fsop_* functions should call smb_vop_* functions where possible, instead
65  * of their smb_fsop_* counterparts.  However, there are times when
66  * this cannot be avoided.
67  */
68 
69 /*
70  * Note: Stream names cannot be mangled.
71  */
72 
73 /*
74  * smb_fsop_amask_to_omode
75  *
76  * Convert the access mask to the open mode (for use
77  * with the VOP_OPEN call).
78  *
79  * Note that opening a file for attribute only access
80  * will also translate into an FREAD or FWRITE open mode
81  * (i.e., it's not just for data).
82  *
83  * This is needed so that opens are tracked appropriately
84  * for oplock processing.
85  */
86 
87 int
88 smb_fsop_amask_to_omode(uint32_t access)
89 {
90 	int mode = 0;
91 
92 	if (access & (FILE_READ_DATA | FILE_EXECUTE |
93 	    FILE_READ_ATTRIBUTES | FILE_READ_EA))
94 		mode |= FREAD;
95 
96 	if (access & (FILE_WRITE_DATA | FILE_APPEND_DATA |
97 	    FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA))
98 		mode |= FWRITE;
99 
100 	if (access & FILE_APPEND_DATA)
101 		mode |= FAPPEND;
102 
103 	return (mode);
104 }
105 
106 int
107 smb_fsop_open(smb_node_t *node, int mode, cred_t *cred)
108 {
109 	/*
110 	 * Assuming that the same vnode is returned as we had before.
111 	 * (I.e., with certain types of files or file systems, a
112 	 * different vnode might be returned by VOP_OPEN)
113 	 */
114 	return (smb_vop_open(&node->vp, mode, cred));
115 }
116 
117 void
118 smb_fsop_close(smb_node_t *node, int mode, cred_t *cred)
119 {
120 	smb_vop_close(node->vp, mode, cred);
121 }
122 
123 int
124 smb_fsop_oplock_install(smb_node_t *node, int mode)
125 {
126 	int rc;
127 
128 	if (smb_vop_other_opens(node->vp, mode))
129 		return (EMFILE);
130 
131 	if ((rc = smb_fem_oplock_install(node)))
132 		return (rc);
133 
134 	if (smb_vop_other_opens(node->vp, mode)) {
135 		(void) smb_fem_oplock_uninstall(node);
136 		return (EMFILE);
137 	}
138 
139 	return (0);
140 }
141 
142 void
143 smb_fsop_oplock_uninstall(smb_node_t *node)
144 {
145 	smb_fem_oplock_uninstall(node);
146 }
147 
148 static int
149 smb_fsop_create_with_sd(smb_request_t *sr, cred_t *cr,
150     smb_node_t *dnode, char *name,
151     smb_attr_t *attr, smb_node_t **ret_snode, smb_fssd_t *fs_sd)
152 {
153 	vsecattr_t *vsap;
154 	vsecattr_t vsecattr;
155 	acl_t *acl, *dacl, *sacl;
156 	smb_attr_t set_attr;
157 	vnode_t *vp;
158 	int aclbsize = 0;	/* size of acl list in bytes */
159 	int flags = 0;
160 	int rc;
161 	boolean_t is_dir;
162 
163 	ASSERT(fs_sd);
164 
165 	if (SMB_TREE_IS_CASEINSENSITIVE(sr))
166 		flags = SMB_IGNORE_CASE;
167 	if (SMB_TREE_SUPPORTS_CATIA(sr))
168 		flags |= SMB_CATIA;
169 
170 	ASSERT(cr);
171 
172 	is_dir = ((fs_sd->sd_flags & SMB_FSSD_FLAGS_DIR) != 0);
173 
174 	if (smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACLONCREATE)) {
175 		if (fs_sd->sd_secinfo & SMB_ACL_SECINFO) {
176 			dacl = fs_sd->sd_zdacl;
177 			sacl = fs_sd->sd_zsacl;
178 			ASSERT(dacl || sacl);
179 			if (dacl && sacl) {
180 				acl = smb_fsacl_merge(dacl, sacl);
181 			} else if (dacl) {
182 				acl = dacl;
183 			} else {
184 				acl = sacl;
185 			}
186 
187 			rc = smb_fsacl_to_vsa(acl, &vsecattr, &aclbsize);
188 
189 			if (dacl && sacl)
190 				acl_free(acl);
191 
192 			if (rc != 0)
193 				return (rc);
194 
195 			vsap = &vsecattr;
196 		} else {
197 			vsap = NULL;
198 		}
199 
200 		/* The tree ACEs may prevent a create */
201 		rc = EACCES;
202 		if (is_dir) {
203 			if (SMB_TREE_HAS_ACCESS(sr, ACE_ADD_SUBDIRECTORY) != 0)
204 				rc = smb_vop_mkdir(dnode->vp, name, attr,
205 				    &vp, flags, cr, vsap);
206 		} else {
207 			if (SMB_TREE_HAS_ACCESS(sr, ACE_ADD_FILE) != 0)
208 				rc = smb_vop_create(dnode->vp, name, attr,
209 				    &vp, flags, cr, vsap);
210 		}
211 
212 		if (vsap != NULL)
213 			kmem_free(vsap->vsa_aclentp, aclbsize);
214 
215 		if (rc != 0)
216 			return (rc);
217 
218 		set_attr.sa_mask = 0;
219 
220 		/*
221 		 * Ideally we should be able to specify the owner and owning
222 		 * group at create time along with the ACL. Since we cannot
223 		 * do that right now, kcred is passed to smb_vop_setattr so it
224 		 * doesn't fail due to lack of permission.
225 		 */
226 		if (fs_sd->sd_secinfo & SMB_OWNER_SECINFO) {
227 			set_attr.sa_vattr.va_uid = fs_sd->sd_uid;
228 			set_attr.sa_mask |= SMB_AT_UID;
229 		}
230 
231 		if (fs_sd->sd_secinfo & SMB_GROUP_SECINFO) {
232 			set_attr.sa_vattr.va_gid = fs_sd->sd_gid;
233 			set_attr.sa_mask |= SMB_AT_GID;
234 		}
235 
236 		if (set_attr.sa_mask)
237 			rc = smb_vop_setattr(vp, NULL, &set_attr, 0, kcred);
238 
239 		if (rc == 0) {
240 			*ret_snode = smb_node_lookup(sr, &sr->arg.open, cr, vp,
241 			    name, dnode, NULL);
242 
243 			if (*ret_snode == NULL)
244 				rc = ENOMEM;
245 
246 			VN_RELE(vp);
247 		}
248 	} else {
249 		/*
250 		 * For filesystems that don't support ACL-on-create, try
251 		 * to set the specified SD after create, which could actually
252 		 * fail because of conflicts between inherited security
253 		 * attributes upon creation and the specified SD.
254 		 *
255 		 * Passing kcred to smb_fsop_sdwrite() to overcome this issue.
256 		 */
257 
258 		if (is_dir) {
259 			rc = smb_vop_mkdir(dnode->vp, name, attr, &vp,
260 			    flags, cr, NULL);
261 		} else {
262 			rc = smb_vop_create(dnode->vp, name, attr, &vp,
263 			    flags, cr, NULL);
264 		}
265 
266 		if (rc != 0)
267 			return (rc);
268 
269 		*ret_snode = smb_node_lookup(sr, &sr->arg.open, cr, vp,
270 		    name, dnode, NULL);
271 
272 		if (*ret_snode != NULL) {
273 			if (!smb_tree_has_feature(sr->tid_tree,
274 			    SMB_TREE_NFS_MOUNTED))
275 				rc = smb_fsop_sdwrite(sr, kcred, *ret_snode,
276 				    fs_sd, 1);
277 		} else {
278 			rc = ENOMEM;
279 		}
280 
281 		VN_RELE(vp);
282 	}
283 
284 	if (rc != 0) {
285 		if (is_dir)
286 			(void) smb_vop_rmdir(dnode->vp, name, flags, cr);
287 		else
288 			(void) smb_vop_remove(dnode->vp, name, flags, cr);
289 	}
290 
291 	return (rc);
292 }
293 
294 /*
295  * smb_fsop_create
296  *
297  * All SMB functions should use this wrapper to ensure that
298  * all the smb_vop_creates are performed with the appropriate credentials.
299  * Please document any direct calls to explain the reason for avoiding
300  * this wrapper.
301  *
302  * *ret_snode is returned with a reference upon success.  No reference is
303  * taken if an error is returned.
304  */
305 int
306 smb_fsop_create(smb_request_t *sr, cred_t *cr, smb_node_t *dnode,
307     char *name, smb_attr_t *attr, smb_node_t **ret_snode)
308 {
309 	int	rc = 0;
310 	int	flags = 0;
311 	char	*fname, *sname;
312 	char	*longname = NULL;
313 
314 	ASSERT(cr);
315 	ASSERT(dnode);
316 	ASSERT(dnode->n_magic == SMB_NODE_MAGIC);
317 	ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING);
318 
319 	ASSERT(ret_snode);
320 	*ret_snode = 0;
321 
322 	ASSERT(name);
323 	if (*name == 0)
324 		return (EINVAL);
325 
326 	ASSERT(sr);
327 	ASSERT(sr->tid_tree);
328 
329 	if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0)
330 		return (EACCES);
331 
332 	if (SMB_TREE_IS_READONLY(sr))
333 		return (EROFS);
334 
335 	if (SMB_TREE_IS_CASEINSENSITIVE(sr))
336 		flags = SMB_IGNORE_CASE;
337 	if (SMB_TREE_SUPPORTS_CATIA(sr))
338 		flags |= SMB_CATIA;
339 	if (SMB_TREE_SUPPORTS_ABE(sr))
340 		flags |= SMB_ABE;
341 
342 	if (smb_is_stream_name(name)) {
343 		fname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
344 		sname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
345 		smb_stream_parse_name(name, fname, sname);
346 
347 		rc = smb_fsop_create_stream(sr, cr, dnode,
348 		    fname, sname, flags, attr, ret_snode);
349 
350 		kmem_free(fname, MAXNAMELEN);
351 		kmem_free(sname, MAXNAMELEN);
352 		return (rc);
353 	}
354 
355 	/* Not a named stream */
356 
357 	if (smb_maybe_mangled(name)) {
358 		longname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
359 		rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags);
360 		kmem_free(longname, MAXNAMELEN);
361 
362 		if (rc == 0)
363 			rc = EEXIST;
364 		if (rc != ENOENT)
365 			return (rc);
366 	}
367 
368 	rc = smb_fsop_create_file(sr, cr, dnode, name, flags,
369 	    attr, ret_snode);
370 	return (rc);
371 
372 }
373 
374 
375 /*
376  * smb_fsop_create_stream
377  *
378  * Create NTFS named stream file (sname) on unnamed stream
379  * file (fname), creating the unnamed stream file if it
380  * doesn't exist.
381  * If we created the unnamed stream file and then creation
382  * of the named stream file fails, we delete the unnamed stream.
383  * Since we use the real file name for the smb_vop_remove we
384  * clear the SMB_IGNORE_CASE flag to ensure a case sensitive
385  * match.
386  *
387  * The second parameter of smb_vop_setattr() is set to
388  * NULL, even though an unnamed stream exists.  This is
389  * because we want to set the UID and GID on the named
390  * stream in this case for consistency with the (unnamed
391  * stream) file (see comments for smb_vop_setattr()).
392  */
393 static int
394 smb_fsop_create_stream(smb_request_t *sr, cred_t *cr,
395     smb_node_t *dnode, char *fname, char *sname, int flags,
396     smb_attr_t *attr, smb_node_t **ret_snode)
397 {
398 	smb_node_t	*fnode;
399 	smb_attr_t	fattr;
400 	vnode_t		*xattrdvp;
401 	vnode_t		*vp;
402 	int		rc = 0;
403 	boolean_t	fcreate = B_FALSE;
404 
405 	/* Look up / create the unnamed stream, fname */
406 	rc = smb_fsop_lookup(sr, cr, flags | SMB_FOLLOW_LINKS,
407 	    sr->tid_tree->t_snode, dnode, fname, &fnode);
408 	if (rc == ENOENT) {
409 		fcreate = B_TRUE;
410 		rc = smb_fsop_create_file(sr, cr, dnode, fname, flags,
411 		    attr, &fnode);
412 	}
413 	if (rc != 0)
414 		return (rc);
415 
416 	fattr.sa_mask = SMB_AT_UID | SMB_AT_GID;
417 	rc = smb_vop_getattr(fnode->vp, NULL, &fattr, 0, kcred);
418 
419 	if (rc == 0) {
420 		/* create the named stream, sname */
421 		rc = smb_vop_stream_create(fnode->vp, sname, attr,
422 		    &vp, &xattrdvp, flags, cr);
423 	}
424 	if (rc != 0) {
425 		if (fcreate) {
426 			flags &= ~SMB_IGNORE_CASE;
427 			(void) smb_vop_remove(dnode->vp,
428 			    fnode->od_name, flags, cr);
429 		}
430 		smb_node_release(fnode);
431 		return (rc);
432 	}
433 
434 	attr->sa_vattr.va_uid = fattr.sa_vattr.va_uid;
435 	attr->sa_vattr.va_gid = fattr.sa_vattr.va_gid;
436 	attr->sa_mask = SMB_AT_UID | SMB_AT_GID;
437 
438 	rc = smb_vop_setattr(vp, NULL, attr, 0, kcred);
439 	if (rc != 0) {
440 		smb_node_release(fnode);
441 		return (rc);
442 	}
443 
444 	*ret_snode = smb_stream_node_lookup(sr, cr, fnode, xattrdvp,
445 	    vp, sname);
446 
447 	smb_node_release(fnode);
448 	VN_RELE(xattrdvp);
449 	VN_RELE(vp);
450 
451 	if (*ret_snode == NULL)
452 		rc = ENOMEM;
453 
454 	/* notify change to the unnamed stream */
455 	if (rc == 0)
456 		smb_node_notify_change(dnode);
457 
458 	return (rc);
459 }
460 
461 /*
462  * smb_fsop_create_file
463  */
464 static int
465 smb_fsop_create_file(smb_request_t *sr, cred_t *cr,
466     smb_node_t *dnode, char *name, int flags,
467     smb_attr_t *attr, smb_node_t **ret_snode)
468 {
469 	smb_arg_open_t	*op = &sr->sr_open;
470 	vnode_t		*vp;
471 	smb_fssd_t	fs_sd;
472 	uint32_t	secinfo;
473 	uint32_t	status;
474 	int		rc = 0;
475 
476 	if (op->sd) {
477 		/*
478 		 * SD sent by client in Windows format. Needs to be
479 		 * converted to FS format. No inheritance.
480 		 */
481 		secinfo = smb_sd_get_secinfo(op->sd);
482 		smb_fssd_init(&fs_sd, secinfo, 0);
483 
484 		status = smb_sd_tofs(op->sd, &fs_sd);
485 		if (status == NT_STATUS_SUCCESS) {
486 			rc = smb_fsop_create_with_sd(sr, cr, dnode,
487 			    name, attr, ret_snode, &fs_sd);
488 		} else {
489 			rc = EINVAL;
490 		}
491 		smb_fssd_term(&fs_sd);
492 	} else if (sr->tid_tree->t_acltype == ACE_T) {
493 		/*
494 		 * No incoming SD and filesystem is ZFS
495 		 * Server applies Windows inheritance rules,
496 		 * see smb_fsop_sdinherit() comments as to why.
497 		 */
498 		smb_fssd_init(&fs_sd, SMB_ACL_SECINFO, 0);
499 		rc = smb_fsop_sdinherit(sr, dnode, &fs_sd);
500 		if (rc == 0) {
501 			rc = smb_fsop_create_with_sd(sr, cr, dnode,
502 			    name, attr, ret_snode, &fs_sd);
503 		}
504 
505 		smb_fssd_term(&fs_sd);
506 	} else {
507 		/*
508 		 * No incoming SD and filesystem is not ZFS
509 		 * let the filesystem handles the inheritance.
510 		 */
511 		rc = smb_vop_create(dnode->vp, name, attr, &vp,
512 		    flags, cr, NULL);
513 
514 		if (rc == 0) {
515 			*ret_snode = smb_node_lookup(sr, op, cr, vp,
516 			    name, dnode, NULL);
517 
518 			if (*ret_snode == NULL)
519 				rc = ENOMEM;
520 
521 			VN_RELE(vp);
522 		}
523 
524 	}
525 
526 	if (rc == 0)
527 		smb_node_notify_parents(dnode);
528 
529 	return (rc);
530 }
531 
532 /*
533  * smb_fsop_mkdir
534  *
535  * All SMB functions should use this wrapper to ensure that
536  * the the calls are performed with the appropriate credentials.
537  * Please document any direct call to explain the reason
538  * for avoiding this wrapper.
539  *
540  * It is assumed that a reference exists on snode coming into this routine.
541  *
542  * *ret_snode is returned with a reference upon success.  No reference is
543  * taken if an error is returned.
544  */
545 int
546 smb_fsop_mkdir(
547     smb_request_t *sr,
548     cred_t *cr,
549     smb_node_t *dnode,
550     char *name,
551     smb_attr_t *attr,
552     smb_node_t **ret_snode)
553 {
554 	struct open_param *op = &sr->arg.open;
555 	char *longname;
556 	vnode_t *vp;
557 	int flags = 0;
558 	smb_fssd_t fs_sd;
559 	uint32_t secinfo;
560 	uint32_t status;
561 	int rc;
562 	ASSERT(cr);
563 	ASSERT(dnode);
564 	ASSERT(dnode->n_magic == SMB_NODE_MAGIC);
565 	ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING);
566 
567 	ASSERT(ret_snode);
568 	*ret_snode = 0;
569 
570 	ASSERT(name);
571 	if (*name == 0)
572 		return (EINVAL);
573 
574 	ASSERT(sr);
575 	ASSERT(sr->tid_tree);
576 
577 	if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0)
578 		return (EACCES);
579 
580 	if (SMB_TREE_IS_READONLY(sr))
581 		return (EROFS);
582 	if (SMB_TREE_SUPPORTS_CATIA(sr))
583 		flags |= SMB_CATIA;
584 	if (SMB_TREE_SUPPORTS_ABE(sr))
585 		flags |= SMB_ABE;
586 
587 	if (smb_maybe_mangled(name)) {
588 		longname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
589 		rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags);
590 		kmem_free(longname, MAXNAMELEN);
591 
592 		/*
593 		 * If the name passed in by the client has an unmangled
594 		 * equivalent that is found in the specified directory,
595 		 * then the mkdir cannot succeed.  Return EEXIST.
596 		 *
597 		 * Only if ENOENT is returned will a mkdir be attempted.
598 		 */
599 
600 		if (rc == 0)
601 			rc = EEXIST;
602 
603 		if (rc != ENOENT)
604 			return (rc);
605 	}
606 
607 	if (SMB_TREE_IS_CASEINSENSITIVE(sr))
608 		flags = SMB_IGNORE_CASE;
609 
610 	if (op->sd) {
611 		/*
612 		 * SD sent by client in Windows format. Needs to be
613 		 * converted to FS format. No inheritance.
614 		 */
615 		secinfo = smb_sd_get_secinfo(op->sd);
616 		smb_fssd_init(&fs_sd, secinfo, SMB_FSSD_FLAGS_DIR);
617 
618 		status = smb_sd_tofs(op->sd, &fs_sd);
619 		if (status == NT_STATUS_SUCCESS) {
620 			rc = smb_fsop_create_with_sd(sr, cr, dnode,
621 			    name, attr, ret_snode, &fs_sd);
622 		}
623 		else
624 			rc = EINVAL;
625 		smb_fssd_term(&fs_sd);
626 	} else if (sr->tid_tree->t_acltype == ACE_T) {
627 		/*
628 		 * No incoming SD and filesystem is ZFS
629 		 * Server applies Windows inheritance rules,
630 		 * see smb_fsop_sdinherit() comments as to why.
631 		 */
632 		smb_fssd_init(&fs_sd, SMB_ACL_SECINFO, SMB_FSSD_FLAGS_DIR);
633 		rc = smb_fsop_sdinherit(sr, dnode, &fs_sd);
634 		if (rc == 0) {
635 			rc = smb_fsop_create_with_sd(sr, cr, dnode,
636 			    name, attr, ret_snode, &fs_sd);
637 		}
638 
639 		smb_fssd_term(&fs_sd);
640 
641 	} else {
642 		rc = smb_vop_mkdir(dnode->vp, name, attr, &vp, flags, cr,
643 		    NULL);
644 
645 		if (rc == 0) {
646 			*ret_snode = smb_node_lookup(sr, op, cr, vp, name,
647 			    dnode, NULL);
648 
649 			if (*ret_snode == NULL)
650 				rc = ENOMEM;
651 
652 			VN_RELE(vp);
653 		}
654 	}
655 
656 	if (rc == 0)
657 		smb_node_notify_parents(dnode);
658 
659 	return (rc);
660 }
661 
662 /*
663  * smb_fsop_remove
664  *
665  * All SMB functions should use this wrapper to ensure that
666  * the the calls are performed with the appropriate credentials.
667  * Please document any direct call to explain the reason
668  * for avoiding this wrapper.
669  *
670  * It is assumed that a reference exists on snode coming into this routine.
671  *
672  * A null smb_request might be passed to this function.
673  */
674 int
675 smb_fsop_remove(
676     smb_request_t	*sr,
677     cred_t		*cr,
678     smb_node_t		*dnode,
679     char		*name,
680     uint32_t		flags)
681 {
682 	smb_node_t	*fnode;
683 	char		*longname;
684 	char		*fname;
685 	char		*sname;
686 	int		rc;
687 
688 	ASSERT(cr);
689 	/*
690 	 * The state of the node could be SMB_NODE_STATE_DESTROYING if this
691 	 * function is called during the deletion of the node (because of
692 	 * DELETE_ON_CLOSE).
693 	 */
694 	ASSERT(dnode);
695 	ASSERT(dnode->n_magic == SMB_NODE_MAGIC);
696 
697 	if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0 ||
698 	    SMB_TREE_HAS_ACCESS(sr, ACE_DELETE) == 0)
699 		return (EACCES);
700 
701 	if (SMB_TREE_IS_READONLY(sr))
702 		return (EROFS);
703 
704 	fname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
705 	sname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
706 
707 	if (dnode->flags & NODE_XATTR_DIR) {
708 		fnode = dnode->n_dnode;
709 		rc = smb_vop_stream_remove(fnode->vp, name, flags, cr);
710 
711 		/* notify change to the unnamed stream */
712 		if ((rc == 0) && fnode->n_dnode)
713 			smb_node_notify_change(fnode->n_dnode);
714 
715 	} else if (smb_is_stream_name(name)) {
716 		smb_stream_parse_name(name, fname, sname);
717 
718 		/*
719 		 * Look up the unnamed stream (i.e. fname).
720 		 * Unmangle processing will be done on fname
721 		 * as well as any link target.
722 		 */
723 
724 		rc = smb_fsop_lookup(sr, cr, flags | SMB_FOLLOW_LINKS,
725 		    sr->tid_tree->t_snode, dnode, fname, &fnode);
726 
727 		if (rc != 0) {
728 			kmem_free(fname, MAXNAMELEN);
729 			kmem_free(sname, MAXNAMELEN);
730 			return (rc);
731 		}
732 
733 		/*
734 		 * XXX
735 		 * Need to find out what permission is required by NTFS
736 		 * to remove a stream.
737 		 */
738 		rc = smb_vop_stream_remove(fnode->vp, sname, flags, cr);
739 
740 		smb_node_release(fnode);
741 
742 		/* notify change to the unnamed stream */
743 		if (rc == 0)
744 			smb_node_notify_change(dnode);
745 	} else {
746 		rc = smb_vop_remove(dnode->vp, name, flags, cr);
747 
748 		if (rc == ENOENT) {
749 			if (!smb_maybe_mangled(name)) {
750 				kmem_free(fname, MAXNAMELEN);
751 				kmem_free(sname, MAXNAMELEN);
752 				return (rc);
753 			}
754 			longname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
755 
756 			if (SMB_TREE_SUPPORTS_ABE(sr))
757 				flags |= SMB_ABE;
758 
759 			rc = smb_unmangle(dnode, name, longname, MAXNAMELEN,
760 			    flags);
761 
762 			if (rc == 0) {
763 				/*
764 				 * longname is the real (case-sensitive)
765 				 * on-disk name.
766 				 * We make sure we do a remove on this exact
767 				 * name, as the name was mangled and denotes
768 				 * a unique file.
769 				 */
770 				flags &= ~SMB_IGNORE_CASE;
771 				rc = smb_vop_remove(dnode->vp, longname,
772 				    flags, cr);
773 			}
774 
775 			if (rc == 0)
776 				smb_node_notify_parents(dnode);
777 
778 			kmem_free(longname, MAXNAMELEN);
779 		}
780 	}
781 
782 	kmem_free(fname, MAXNAMELEN);
783 	kmem_free(sname, MAXNAMELEN);
784 
785 	return (rc);
786 }
787 
788 /*
789  * smb_fsop_remove_streams
790  *
791  * This function removes a file's streams without removing the
792  * file itself.
793  *
794  * It is assumed that fnode is not a link.
795  */
796 int
797 smb_fsop_remove_streams(smb_request_t *sr, cred_t *cr, smb_node_t *fnode)
798 {
799 	int rc, flags = 0;
800 	uint16_t odid;
801 	smb_odir_t *od;
802 	smb_odirent_t *odirent;
803 	boolean_t eos;
804 
805 	ASSERT(sr);
806 	ASSERT(cr);
807 	ASSERT(fnode);
808 	ASSERT(fnode->n_magic == SMB_NODE_MAGIC);
809 	ASSERT(fnode->n_state != SMB_NODE_STATE_DESTROYING);
810 
811 	if (SMB_TREE_CONTAINS_NODE(sr, fnode) == 0) {
812 		smbsr_errno(sr, EACCES);
813 		return (-1);
814 	}
815 
816 	if (SMB_TREE_IS_READONLY(sr)) {
817 		smbsr_errno(sr, EROFS);
818 		return (-1);
819 	}
820 
821 	if (SMB_TREE_IS_CASEINSENSITIVE(sr))
822 		flags = SMB_IGNORE_CASE;
823 
824 	if (SMB_TREE_SUPPORTS_CATIA(sr))
825 		flags |= SMB_CATIA;
826 
827 	if ((odid = smb_odir_openat(sr, fnode)) == 0) {
828 		smbsr_errno(sr, ENOENT);
829 		return (-1);
830 	}
831 
832 	if ((od = smb_tree_lookup_odir(sr->tid_tree, odid)) == NULL) {
833 		smbsr_errno(sr, ENOENT);
834 		return (-1);
835 	}
836 
837 	odirent = kmem_alloc(sizeof (smb_odirent_t), KM_SLEEP);
838 	for (;;) {
839 		rc = smb_odir_read(sr, od, odirent, &eos);
840 		if ((rc != 0) || (eos))
841 			break;
842 		(void) smb_vop_remove(od->d_dnode->vp, odirent->od_name,
843 		    flags, cr);
844 	}
845 	kmem_free(odirent, sizeof (smb_odirent_t));
846 
847 	smb_odir_close(od);
848 	smb_odir_release(od);
849 	return (rc);
850 }
851 
852 /*
853  * smb_fsop_rmdir
854  *
855  * All SMB functions should use this wrapper to ensure that
856  * the the calls are performed with the appropriate credentials.
857  * Please document any direct call to explain the reason
858  * for avoiding this wrapper.
859  *
860  * It is assumed that a reference exists on snode coming into this routine.
861  */
862 int
863 smb_fsop_rmdir(
864     smb_request_t	*sr,
865     cred_t		*cr,
866     smb_node_t		*dnode,
867     char		*name,
868     uint32_t		flags)
869 {
870 	int		rc;
871 	char		*longname;
872 
873 	ASSERT(cr);
874 	/*
875 	 * The state of the node could be SMB_NODE_STATE_DESTROYING if this
876 	 * function is called during the deletion of the node (because of
877 	 * DELETE_ON_CLOSE).
878 	 */
879 	ASSERT(dnode);
880 	ASSERT(dnode->n_magic == SMB_NODE_MAGIC);
881 
882 	if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0 ||
883 	    SMB_TREE_HAS_ACCESS(sr, ACE_DELETE_CHILD) == 0)
884 		return (EACCES);
885 
886 	if (SMB_TREE_IS_READONLY(sr))
887 		return (EROFS);
888 
889 	rc = smb_vop_rmdir(dnode->vp, name, flags, cr);
890 
891 	if (rc == ENOENT) {
892 		if (!smb_maybe_mangled(name))
893 			return (rc);
894 
895 		longname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
896 
897 		if (SMB_TREE_SUPPORTS_ABE(sr))
898 			flags |= SMB_ABE;
899 		rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags);
900 
901 		if (rc == 0) {
902 			/*
903 			 * longname is the real (case-sensitive)
904 			 * on-disk name.
905 			 * We make sure we do a rmdir on this exact
906 			 * name, as the name was mangled and denotes
907 			 * a unique directory.
908 			 */
909 			flags &= ~SMB_IGNORE_CASE;
910 			rc = smb_vop_rmdir(dnode->vp, longname, flags, cr);
911 		}
912 
913 		kmem_free(longname, MAXNAMELEN);
914 	}
915 
916 	if (rc == 0)
917 		smb_node_notify_parents(dnode);
918 
919 	return (rc);
920 }
921 
922 /*
923  * smb_fsop_getattr
924  *
925  * All SMB functions should use this wrapper to ensure that
926  * the the calls are performed with the appropriate credentials.
927  * Please document any direct call to explain the reason
928  * for avoiding this wrapper.
929  *
930  * It is assumed that a reference exists on snode coming into this routine.
931  */
932 int
933 smb_fsop_getattr(smb_request_t *sr, cred_t *cr, smb_node_t *snode,
934     smb_attr_t *attr)
935 {
936 	smb_node_t *unnamed_node;
937 	vnode_t *unnamed_vp = NULL;
938 	uint32_t status;
939 	uint32_t access = 0;
940 	int flags = 0;
941 	int rc;
942 
943 	ASSERT(cr);
944 	ASSERT(snode);
945 	ASSERT(snode->n_magic == SMB_NODE_MAGIC);
946 	ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
947 
948 	if (SMB_TREE_CONTAINS_NODE(sr, snode) == 0 ||
949 	    SMB_TREE_HAS_ACCESS(sr, ACE_READ_ATTRIBUTES) == 0)
950 		return (EACCES);
951 
952 	/* sr could be NULL in some cases */
953 	if (sr && sr->fid_ofile) {
954 		/* if uid and/or gid is requested */
955 		if (attr->sa_mask & (SMB_AT_UID|SMB_AT_GID))
956 			access |= READ_CONTROL;
957 
958 		/* if anything else is also requested */
959 		if (attr->sa_mask & ~(SMB_AT_UID|SMB_AT_GID))
960 			access |= FILE_READ_ATTRIBUTES;
961 
962 		status = smb_ofile_access(sr->fid_ofile, cr, access);
963 		if (status != NT_STATUS_SUCCESS)
964 			return (EACCES);
965 
966 		if (smb_tree_has_feature(sr->tid_tree,
967 		    SMB_TREE_ACEMASKONACCESS))
968 			flags = ATTR_NOACLCHECK;
969 	}
970 
971 	unnamed_node = SMB_IS_STREAM(snode);
972 
973 	if (unnamed_node) {
974 		ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC);
975 		ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING);
976 		unnamed_vp = unnamed_node->vp;
977 	}
978 
979 	rc = smb_vop_getattr(snode->vp, unnamed_vp, attr, flags, cr);
980 
981 	if ((rc == 0) && smb_node_is_dfslink(snode)) {
982 		/* a DFS link should be treated as a directory */
983 		attr->sa_dosattr |= FILE_ATTRIBUTE_DIRECTORY;
984 	}
985 
986 	return (rc);
987 }
988 
989 /*
990  * smb_fsop_link
991  *
992  * All SMB functions should use this smb_vop_link wrapper to ensure that
993  * the smb_vop_link is performed with the appropriate credentials.
994  * Please document any direct call to smb_vop_link to explain the reason
995  * for avoiding this wrapper.
996  *
997  * It is assumed that references exist on from_dnode and to_dnode coming
998  * into this routine.
999  */
1000 int
1001 smb_fsop_link(smb_request_t *sr, cred_t *cr, smb_node_t *from_fnode,
1002     smb_node_t *to_dnode, char *to_name)
1003 {
1004 	char	*longname = NULL;
1005 	int	flags = 0;
1006 	int	rc;
1007 
1008 	ASSERT(sr);
1009 	ASSERT(sr->tid_tree);
1010 	ASSERT(cr);
1011 	ASSERT(to_dnode);
1012 	ASSERT(to_dnode->n_magic == SMB_NODE_MAGIC);
1013 	ASSERT(to_dnode->n_state != SMB_NODE_STATE_DESTROYING);
1014 	ASSERT(from_fnode);
1015 	ASSERT(from_fnode->n_magic == SMB_NODE_MAGIC);
1016 	ASSERT(from_fnode->n_state != SMB_NODE_STATE_DESTROYING);
1017 
1018 	if (SMB_TREE_CONTAINS_NODE(sr, from_fnode) == 0)
1019 		return (EACCES);
1020 
1021 	if (SMB_TREE_CONTAINS_NODE(sr, to_dnode) == 0)
1022 		return (EACCES);
1023 
1024 	if (SMB_TREE_IS_READONLY(sr))
1025 		return (EROFS);
1026 
1027 	if (SMB_TREE_IS_CASEINSENSITIVE(sr))
1028 		flags = SMB_IGNORE_CASE;
1029 	if (SMB_TREE_SUPPORTS_CATIA(sr))
1030 		flags |= SMB_CATIA;
1031 	if (SMB_TREE_SUPPORTS_ABE(sr))
1032 		flags |= SMB_ABE;
1033 
1034 	if (smb_maybe_mangled(to_name)) {
1035 		longname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1036 		rc = smb_unmangle(to_dnode, to_name, longname,
1037 		    MAXNAMELEN, flags);
1038 		kmem_free(longname, MAXNAMELEN);
1039 
1040 		if (rc == 0)
1041 			rc = EEXIST;
1042 		if (rc != ENOENT)
1043 			return (rc);
1044 	}
1045 
1046 	rc = smb_vop_link(to_dnode->vp, from_fnode->vp, to_name, flags, cr);
1047 
1048 	if ((rc == 0) && from_fnode->n_dnode)
1049 		smb_node_notify_parents(from_fnode->n_dnode);
1050 
1051 	return (rc);
1052 }
1053 
1054 /*
1055  * smb_fsop_rename
1056  *
1057  * All SMB functions should use this smb_vop_rename wrapper to ensure that
1058  * the smb_vop_rename is performed with the appropriate credentials.
1059  * Please document any direct call to smb_vop_rename to explain the reason
1060  * for avoiding this wrapper.
1061  *
1062  * It is assumed that references exist on from_dnode and to_dnode coming
1063  * into this routine.
1064  */
1065 int
1066 smb_fsop_rename(
1067     smb_request_t *sr,
1068     cred_t *cr,
1069     smb_node_t *from_dnode,
1070     char *from_name,
1071     smb_node_t *to_dnode,
1072     char *to_name)
1073 {
1074 	smb_node_t *from_snode;
1075 	smb_attr_t from_attr;
1076 	vnode_t *from_vp;
1077 	int flags = 0, ret_flags;
1078 	int rc;
1079 	boolean_t isdir;
1080 
1081 	ASSERT(cr);
1082 	ASSERT(from_dnode);
1083 	ASSERT(from_dnode->n_magic == SMB_NODE_MAGIC);
1084 	ASSERT(from_dnode->n_state != SMB_NODE_STATE_DESTROYING);
1085 
1086 	ASSERT(to_dnode);
1087 	ASSERT(to_dnode->n_magic == SMB_NODE_MAGIC);
1088 	ASSERT(to_dnode->n_state != SMB_NODE_STATE_DESTROYING);
1089 
1090 	if (SMB_TREE_CONTAINS_NODE(sr, from_dnode) == 0)
1091 		return (EACCES);
1092 
1093 	if (SMB_TREE_CONTAINS_NODE(sr, to_dnode) == 0)
1094 		return (EACCES);
1095 
1096 	ASSERT(sr);
1097 	ASSERT(sr->tid_tree);
1098 	if (SMB_TREE_IS_READONLY(sr))
1099 		return (EROFS);
1100 
1101 	/*
1102 	 * Note: There is no need to check SMB_TREE_IS_CASEINSENSITIVE
1103 	 * here.
1104 	 *
1105 	 * A case-sensitive rename is always done in this routine
1106 	 * because we are using the on-disk name from an earlier lookup.
1107 	 * If a mangled name was passed in by the caller (denoting a
1108 	 * deterministic lookup), then the exact file must be renamed
1109 	 * (i.e. SMB_IGNORE_CASE must not be passed to VOP_RENAME, or
1110 	 * else the underlying file system might return a "first-match"
1111 	 * on this on-disk name, possibly resulting in the wrong file).
1112 	 */
1113 
1114 	if (SMB_TREE_SUPPORTS_CATIA(sr))
1115 		flags |= SMB_CATIA;
1116 
1117 	/*
1118 	 * XXX: Lock required through smb_node_release() below?
1119 	 */
1120 
1121 	rc = smb_vop_lookup(from_dnode->vp, from_name, &from_vp, NULL,
1122 	    flags, &ret_flags, NULL, &from_attr, cr);
1123 
1124 	if (rc != 0)
1125 		return (rc);
1126 
1127 	if (from_attr.sa_dosattr & FILE_ATTRIBUTE_REPARSE_POINT) {
1128 		VN_RELE(from_vp);
1129 		return (EACCES);
1130 	}
1131 
1132 	isdir = ((from_attr.sa_dosattr & FILE_ATTRIBUTE_DIRECTORY) != 0);
1133 
1134 	if ((isdir && SMB_TREE_HAS_ACCESS(sr,
1135 	    ACE_DELETE_CHILD | ACE_ADD_SUBDIRECTORY) !=
1136 	    (ACE_DELETE_CHILD | ACE_ADD_SUBDIRECTORY)) ||
1137 	    (!isdir && SMB_TREE_HAS_ACCESS(sr, ACE_DELETE | ACE_ADD_FILE) !=
1138 	    (ACE_DELETE | ACE_ADD_FILE))) {
1139 		VN_RELE(from_vp);
1140 		return (EACCES);
1141 	}
1142 
1143 	/*
1144 	 * SMB checks access on open and retains an access granted
1145 	 * mask for use while the file is open.  ACL changes should
1146 	 * not affect access to an open file.
1147 	 *
1148 	 * If the rename is being performed on an ofile:
1149 	 * - Check the ofile's access granted mask to see if the
1150 	 *   rename is permitted - requires DELETE access.
1151 	 * - If the file system does access checking, set the
1152 	 *   ATTR_NOACLCHECK flag to ensure that the file system
1153 	 *   does not check permissions on subsequent calls.
1154 	 */
1155 	if (sr && sr->fid_ofile) {
1156 		rc = smb_ofile_access(sr->fid_ofile, cr, DELETE);
1157 		if (rc != NT_STATUS_SUCCESS) {
1158 			VN_RELE(from_vp);
1159 			return (EACCES);
1160 		}
1161 
1162 		if (smb_tree_has_feature(sr->tid_tree,
1163 		    SMB_TREE_ACEMASKONACCESS))
1164 			flags = ATTR_NOACLCHECK;
1165 	}
1166 
1167 	rc = smb_vop_rename(from_dnode->vp, from_name, to_dnode->vp,
1168 	    to_name, flags, cr);
1169 
1170 	if (rc == 0) {
1171 		from_snode = smb_node_lookup(sr, NULL, cr, from_vp, from_name,
1172 		    from_dnode, NULL);
1173 
1174 		if (from_snode == NULL) {
1175 			rc = ENOMEM;
1176 		} else {
1177 			smb_node_rename(from_dnode, from_snode,
1178 			    to_dnode, to_name);
1179 			smb_node_release(from_snode);
1180 		}
1181 	}
1182 	VN_RELE(from_vp);
1183 
1184 	if (rc == 0)
1185 		smb_node_notify_parents(from_dnode);
1186 
1187 	/* XXX: unlock */
1188 
1189 	return (rc);
1190 }
1191 
1192 /*
1193  * smb_fsop_setattr
1194  *
1195  * All SMB functions should use this wrapper to ensure that
1196  * the the calls are performed with the appropriate credentials.
1197  * Please document any direct call to explain the reason
1198  * for avoiding this wrapper.
1199  *
1200  * It is assumed that a reference exists on snode coming into
1201  * this function.
1202  * A null smb_request might be passed to this function.
1203  */
1204 int
1205 smb_fsop_setattr(
1206     smb_request_t	*sr,
1207     cred_t		*cr,
1208     smb_node_t		*snode,
1209     smb_attr_t		*set_attr)
1210 {
1211 	smb_node_t *unnamed_node;
1212 	vnode_t *unnamed_vp = NULL;
1213 	uint32_t status;
1214 	uint32_t access;
1215 	int rc = 0;
1216 	int flags = 0;
1217 	uint_t sa_mask;
1218 
1219 	ASSERT(cr);
1220 	ASSERT(snode);
1221 	ASSERT(snode->n_magic == SMB_NODE_MAGIC);
1222 	ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
1223 
1224 	if (SMB_TREE_CONTAINS_NODE(sr, snode) == 0)
1225 		return (EACCES);
1226 
1227 	if (SMB_TREE_IS_READONLY(sr))
1228 		return (EROFS);
1229 
1230 	if (SMB_TREE_HAS_ACCESS(sr,
1231 	    ACE_WRITE_ATTRIBUTES | ACE_WRITE_NAMED_ATTRS) == 0)
1232 		return (EACCES);
1233 
1234 	/*
1235 	 * The file system cannot detect pending READDONLY
1236 	 * (i.e. if the file has been opened readonly but
1237 	 * not yet closed) so we need to test READONLY here.
1238 	 */
1239 	if (sr && (set_attr->sa_mask & SMB_AT_SIZE)) {
1240 		if (sr->fid_ofile) {
1241 			if (SMB_OFILE_IS_READONLY(sr->fid_ofile))
1242 				return (EACCES);
1243 		} else {
1244 			if (SMB_PATHFILE_IS_READONLY(sr, snode))
1245 				return (EACCES);
1246 		}
1247 	}
1248 
1249 	/*
1250 	 * SMB checks access on open and retains an access granted
1251 	 * mask for use while the file is open.  ACL changes should
1252 	 * not affect access to an open file.
1253 	 *
1254 	 * If the setattr is being performed on an ofile:
1255 	 * - Check the ofile's access granted mask to see if the
1256 	 *   setattr is permitted.
1257 	 *   UID, GID - require WRITE_OWNER
1258 	 *   SIZE, ALLOCSZ - require FILE_WRITE_DATA
1259 	 *   all other attributes require FILE_WRITE_ATTRIBUTES
1260 	 *
1261 	 * - If the file system does access checking, set the
1262 	 *   ATTR_NOACLCHECK flag to ensure that the file system
1263 	 *   does not check permissions on subsequent calls.
1264 	 */
1265 	if (sr && sr->fid_ofile) {
1266 		sa_mask = set_attr->sa_mask;
1267 		access = 0;
1268 
1269 		if (sa_mask & (SMB_AT_SIZE | SMB_AT_ALLOCSZ)) {
1270 			access |= FILE_WRITE_DATA;
1271 			sa_mask &= ~(SMB_AT_SIZE | SMB_AT_ALLOCSZ);
1272 		}
1273 
1274 		if (sa_mask & (SMB_AT_UID|SMB_AT_GID)) {
1275 			access |= WRITE_OWNER;
1276 			sa_mask &= ~(SMB_AT_UID|SMB_AT_GID);
1277 		}
1278 
1279 		if (sa_mask)
1280 			access |= FILE_WRITE_ATTRIBUTES;
1281 
1282 		status = smb_ofile_access(sr->fid_ofile, cr, access);
1283 		if (status != NT_STATUS_SUCCESS)
1284 			return (EACCES);
1285 
1286 		if (smb_tree_has_feature(sr->tid_tree,
1287 		    SMB_TREE_ACEMASKONACCESS))
1288 			flags = ATTR_NOACLCHECK;
1289 	}
1290 
1291 	unnamed_node = SMB_IS_STREAM(snode);
1292 
1293 	if (unnamed_node) {
1294 		ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC);
1295 		ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING);
1296 		unnamed_vp = unnamed_node->vp;
1297 	}
1298 
1299 	rc = smb_vop_setattr(snode->vp, unnamed_vp, set_attr, flags, cr);
1300 	return (rc);
1301 }
1302 
1303 /*
1304  * smb_fsop_read
1305  *
1306  * All SMB functions should use this wrapper to ensure that
1307  * the the calls are performed with the appropriate credentials.
1308  * Please document any direct call to explain the reason
1309  * for avoiding this wrapper.
1310  *
1311  * It is assumed that a reference exists on snode coming into this routine.
1312  */
1313 int
1314 smb_fsop_read(smb_request_t *sr, cred_t *cr, smb_node_t *snode, uio_t *uio)
1315 {
1316 	caller_context_t ct;
1317 	int svmand;
1318 	int rc;
1319 
1320 	ASSERT(cr);
1321 	ASSERT(snode);
1322 	ASSERT(snode->n_magic == SMB_NODE_MAGIC);
1323 	ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
1324 
1325 	ASSERT(sr);
1326 	ASSERT(sr->fid_ofile);
1327 
1328 	if (SMB_TREE_HAS_ACCESS(sr, ACE_READ_DATA) == 0)
1329 		return (EACCES);
1330 
1331 	rc = smb_ofile_access(sr->fid_ofile, cr, FILE_READ_DATA);
1332 	if ((rc != NT_STATUS_SUCCESS) &&
1333 	    (sr->smb_flg2 & SMB_FLAGS2_READ_IF_EXECUTE))
1334 		rc = smb_ofile_access(sr->fid_ofile, cr, FILE_EXECUTE);
1335 
1336 	if (rc != NT_STATUS_SUCCESS)
1337 		return (EACCES);
1338 
1339 	/*
1340 	 * Streams permission are checked against the unnamed stream,
1341 	 * but in FS level they have their own permissions. To avoid
1342 	 * rejection by FS due to lack of permission on the actual
1343 	 * extended attr kcred is passed for streams.
1344 	 */
1345 	if (SMB_IS_STREAM(snode))
1346 		cr = kcred;
1347 
1348 	smb_node_start_crit(snode, RW_READER);
1349 	rc = nbl_svmand(snode->vp, kcred, &svmand);
1350 	if (rc) {
1351 		smb_node_end_crit(snode);
1352 		return (rc);
1353 	}
1354 
1355 	ct = smb_ct;
1356 	ct.cc_pid = sr->fid_ofile->f_uniqid;
1357 	rc = nbl_lock_conflict(snode->vp, NBL_READ, uio->uio_loffset,
1358 	    uio->uio_iov->iov_len, svmand, &ct);
1359 
1360 	if (rc) {
1361 		smb_node_end_crit(snode);
1362 		return (ERANGE);
1363 	}
1364 
1365 	rc = smb_vop_read(snode->vp, uio, cr);
1366 	smb_node_end_crit(snode);
1367 
1368 	return (rc);
1369 }
1370 
1371 /*
1372  * smb_fsop_write
1373  *
1374  * This is a wrapper function used for smb_write and smb_write_raw operations.
1375  *
1376  * It is assumed that a reference exists on snode coming into this routine.
1377  */
1378 int
1379 smb_fsop_write(
1380     smb_request_t *sr,
1381     cred_t *cr,
1382     smb_node_t *snode,
1383     uio_t *uio,
1384     uint32_t *lcount,
1385     int ioflag)
1386 {
1387 	caller_context_t ct;
1388 	int svmand;
1389 	int rc;
1390 
1391 	ASSERT(cr);
1392 	ASSERT(snode);
1393 	ASSERT(snode->n_magic == SMB_NODE_MAGIC);
1394 	ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
1395 
1396 	ASSERT(sr);
1397 	ASSERT(sr->tid_tree);
1398 	ASSERT(sr->fid_ofile);
1399 
1400 	if (SMB_TREE_IS_READONLY(sr))
1401 		return (EROFS);
1402 
1403 	if (SMB_OFILE_IS_READONLY(sr->fid_ofile) ||
1404 	    SMB_TREE_HAS_ACCESS(sr, ACE_WRITE_DATA | ACE_APPEND_DATA) == 0)
1405 		return (EACCES);
1406 
1407 	rc = smb_ofile_access(sr->fid_ofile, cr, FILE_WRITE_DATA);
1408 	if (rc != NT_STATUS_SUCCESS) {
1409 		rc = smb_ofile_access(sr->fid_ofile, cr, FILE_APPEND_DATA);
1410 		if (rc != NT_STATUS_SUCCESS)
1411 			return (EACCES);
1412 	}
1413 
1414 	/*
1415 	 * Streams permission are checked against the unnamed stream,
1416 	 * but in FS level they have their own permissions. To avoid
1417 	 * rejection by FS due to lack of permission on the actual
1418 	 * extended attr kcred is passed for streams.
1419 	 */
1420 	if (SMB_IS_STREAM(snode))
1421 		cr = kcred;
1422 
1423 	smb_node_start_crit(snode, RW_READER);
1424 	rc = nbl_svmand(snode->vp, kcred, &svmand);
1425 	if (rc) {
1426 		smb_node_end_crit(snode);
1427 		return (rc);
1428 	}
1429 
1430 	ct = smb_ct;
1431 	ct.cc_pid = sr->fid_ofile->f_uniqid;
1432 	rc = nbl_lock_conflict(snode->vp, NBL_WRITE, uio->uio_loffset,
1433 	    uio->uio_iov->iov_len, svmand, &ct);
1434 
1435 	if (rc) {
1436 		smb_node_end_crit(snode);
1437 		return (ERANGE);
1438 	}
1439 
1440 	rc = smb_vop_write(snode->vp, uio, ioflag, lcount, cr);
1441 	smb_node_end_crit(snode);
1442 
1443 	return (rc);
1444 }
1445 
1446 /*
1447  * smb_fsop_statfs
1448  *
1449  * This is a wrapper function used for stat operations.
1450  */
1451 int
1452 smb_fsop_statfs(
1453     cred_t *cr,
1454     smb_node_t *snode,
1455     struct statvfs64 *statp)
1456 {
1457 	ASSERT(cr);
1458 	ASSERT(snode);
1459 	ASSERT(snode->n_magic == SMB_NODE_MAGIC);
1460 	ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
1461 
1462 	return (smb_vop_statfs(snode->vp, statp, cr));
1463 }
1464 
1465 /*
1466  * smb_fsop_access
1467  *
1468  * Named streams do not have separate permissions from the associated
1469  * unnamed stream.  Thus, if node is a named stream, the permissions
1470  * check will be performed on the associated unnamed stream.
1471  *
1472  * However, our named streams do have their own quarantine attribute,
1473  * separate from that on the unnamed stream. If READ or EXECUTE
1474  * access has been requested on a named stream, an additional access
1475  * check is performed on the named stream in case it has been
1476  * quarantined.  kcred is used to avoid issues with the permissions
1477  * set on the extended attribute file representing the named stream.
1478  */
1479 int
1480 smb_fsop_access(smb_request_t *sr, cred_t *cr, smb_node_t *snode,
1481     uint32_t faccess)
1482 {
1483 	int access = 0;
1484 	int error;
1485 	vnode_t *dir_vp;
1486 	boolean_t acl_check = B_TRUE;
1487 	smb_node_t *unnamed_node;
1488 
1489 	ASSERT(sr);
1490 	ASSERT(cr);
1491 	ASSERT(snode);
1492 	ASSERT(snode->n_magic == SMB_NODE_MAGIC);
1493 	ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
1494 
1495 	if (faccess == 0)
1496 		return (NT_STATUS_SUCCESS);
1497 
1498 	if (SMB_TREE_IS_READONLY(sr)) {
1499 		if (faccess & (FILE_WRITE_DATA|FILE_APPEND_DATA|
1500 		    FILE_WRITE_EA|FILE_DELETE_CHILD|FILE_WRITE_ATTRIBUTES|
1501 		    DELETE|WRITE_DAC|WRITE_OWNER)) {
1502 			return (NT_STATUS_ACCESS_DENIED);
1503 		}
1504 	}
1505 
1506 	if (smb_node_is_reparse(snode) && (faccess & DELETE))
1507 		return (NT_STATUS_ACCESS_DENIED);
1508 
1509 	unnamed_node = SMB_IS_STREAM(snode);
1510 	if (unnamed_node) {
1511 		ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC);
1512 		ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING);
1513 
1514 		/*
1515 		 * Perform VREAD access check on the named stream in case it
1516 		 * is quarantined. kcred is passed to smb_vop_access so it
1517 		 * doesn't fail due to lack of permission.
1518 		 */
1519 		if (faccess & (FILE_READ_DATA | FILE_EXECUTE)) {
1520 			error = smb_vop_access(snode->vp, VREAD,
1521 			    0, NULL, kcred);
1522 			if (error)
1523 				return (NT_STATUS_ACCESS_DENIED);
1524 		}
1525 
1526 		/*
1527 		 * Streams authorization should be performed against the
1528 		 * unnamed stream.
1529 		 */
1530 		snode = unnamed_node;
1531 	}
1532 
1533 	if (faccess & ACCESS_SYSTEM_SECURITY) {
1534 		/*
1535 		 * This permission is required for reading/writing SACL and
1536 		 * it's not part of DACL. It's only granted via proper
1537 		 * privileges.
1538 		 */
1539 		if ((sr->uid_user->u_privileges &
1540 		    (SMB_USER_PRIV_BACKUP |
1541 		    SMB_USER_PRIV_RESTORE |
1542 		    SMB_USER_PRIV_SECURITY)) == 0)
1543 			return (NT_STATUS_PRIVILEGE_NOT_HELD);
1544 
1545 		faccess &= ~ACCESS_SYSTEM_SECURITY;
1546 	}
1547 
1548 	/* Links don't have ACL */
1549 	if ((!smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACEMASKONACCESS)) ||
1550 	    smb_node_is_symlink(snode))
1551 		acl_check = B_FALSE;
1552 
1553 	/*
1554 	 * Use the most restrictive parts of both faccess and the
1555 	 * share access.  An AND of the two value masks gives us that
1556 	 * since we've already converted to a mask of what we "can"
1557 	 * do.
1558 	 */
1559 	faccess &= sr->tid_tree->t_access;
1560 
1561 	if (acl_check) {
1562 		dir_vp = (snode->n_dnode) ? snode->n_dnode->vp : NULL;
1563 		error = smb_vop_access(snode->vp, faccess, V_ACE_MASK, dir_vp,
1564 		    cr);
1565 	} else {
1566 		/*
1567 		 * FS doesn't understand 32-bit mask, need to map
1568 		 */
1569 		if (faccess & (FILE_WRITE_DATA | FILE_APPEND_DATA))
1570 			access |= VWRITE;
1571 
1572 		if (faccess & FILE_READ_DATA)
1573 			access |= VREAD;
1574 
1575 		if (faccess & FILE_EXECUTE)
1576 			access |= VEXEC;
1577 
1578 		error = smb_vop_access(snode->vp, access, 0, NULL, cr);
1579 	}
1580 
1581 	return ((error) ? NT_STATUS_ACCESS_DENIED : NT_STATUS_SUCCESS);
1582 }
1583 
1584 /*
1585  * smb_fsop_lookup_name()
1586  *
1587  * If name indicates that the file is a stream file, perform
1588  * stream specific lookup, otherwise call smb_fsop_lookup.
1589  *
1590  * Return an error if the looked-up file is in outside the tree.
1591  * (Required when invoked from open path.)
1592  *
1593  * Case sensitivity flags (SMB_IGNORE_CASE, SMB_CASE_SENSITIVE):
1594  * if SMB_CASE_SENSITIVE is set, the SMB_IGNORE_CASE flag will NOT be set
1595  * based on the tree's case sensitivity. However, if the SMB_IGNORE_CASE
1596  * flag is set in the flags value passed as a parameter, a case insensitive
1597  * lookup WILL be done (regardless of whether SMB_CASE_SENSITIVE is set
1598  * or not).
1599  */
1600 
1601 int
1602 smb_fsop_lookup_name(
1603     smb_request_t *sr,
1604     cred_t	*cr,
1605     int		flags,
1606     smb_node_t	*root_node,
1607     smb_node_t	*dnode,
1608     char	*name,
1609     smb_node_t	**ret_snode)
1610 {
1611 	smb_node_t	*fnode;
1612 	vnode_t		*xattrdirvp;
1613 	vnode_t		*vp;
1614 	char		*od_name;
1615 	char		*fname;
1616 	char		*sname;
1617 	int		rc;
1618 
1619 	ASSERT(cr);
1620 	ASSERT(dnode);
1621 	ASSERT(dnode->n_magic == SMB_NODE_MAGIC);
1622 	ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING);
1623 
1624 	/*
1625 	 * The following check is required for streams processing, below
1626 	 */
1627 
1628 	if (!(flags & SMB_CASE_SENSITIVE)) {
1629 		if (SMB_TREE_IS_CASEINSENSITIVE(sr))
1630 			flags |= SMB_IGNORE_CASE;
1631 	}
1632 
1633 	fname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1634 	sname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1635 
1636 	if (smb_is_stream_name(name)) {
1637 		smb_stream_parse_name(name, fname, sname);
1638 
1639 		/*
1640 		 * Look up the unnamed stream (i.e. fname).
1641 		 * Unmangle processing will be done on fname
1642 		 * as well as any link target.
1643 		 */
1644 		rc = smb_fsop_lookup(sr, cr, flags, root_node, dnode,
1645 		    fname, &fnode);
1646 
1647 		if (rc != 0) {
1648 			kmem_free(fname, MAXNAMELEN);
1649 			kmem_free(sname, MAXNAMELEN);
1650 			return (rc);
1651 		}
1652 
1653 		od_name = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1654 
1655 		/*
1656 		 * od_name is the on-disk name of the stream, except
1657 		 * without the prepended stream prefix (SMB_STREAM_PREFIX)
1658 		 */
1659 
1660 		/*
1661 		 * XXX
1662 		 * What permissions NTFS requires for stream lookup if any?
1663 		 */
1664 		rc = smb_vop_stream_lookup(fnode->vp, sname, &vp, od_name,
1665 		    &xattrdirvp, flags, root_node->vp, cr);
1666 
1667 		if (rc != 0) {
1668 			smb_node_release(fnode);
1669 			kmem_free(fname, MAXNAMELEN);
1670 			kmem_free(sname, MAXNAMELEN);
1671 			kmem_free(od_name, MAXNAMELEN);
1672 			return (rc);
1673 		}
1674 
1675 		*ret_snode = smb_stream_node_lookup(sr, cr, fnode, xattrdirvp,
1676 		    vp, od_name);
1677 
1678 		kmem_free(od_name, MAXNAMELEN);
1679 		smb_node_release(fnode);
1680 		VN_RELE(xattrdirvp);
1681 		VN_RELE(vp);
1682 
1683 		if (*ret_snode == NULL) {
1684 			kmem_free(fname, MAXNAMELEN);
1685 			kmem_free(sname, MAXNAMELEN);
1686 			return (ENOMEM);
1687 		}
1688 	} else {
1689 		rc = smb_fsop_lookup(sr, cr, flags, root_node, dnode, name,
1690 		    ret_snode);
1691 	}
1692 
1693 	if (rc == 0) {
1694 		ASSERT(ret_snode);
1695 		if (SMB_TREE_CONTAINS_NODE(sr, *ret_snode) == 0) {
1696 			smb_node_release(*ret_snode);
1697 			*ret_snode = NULL;
1698 			rc = EACCES;
1699 		}
1700 	}
1701 
1702 	kmem_free(fname, MAXNAMELEN);
1703 	kmem_free(sname, MAXNAMELEN);
1704 
1705 	return (rc);
1706 }
1707 
1708 /*
1709  * smb_fsop_lookup
1710  *
1711  * All SMB functions should use this smb_vop_lookup wrapper to ensure that
1712  * the smb_vop_lookup is performed with the appropriate credentials and using
1713  * case insensitive compares. Please document any direct call to smb_vop_lookup
1714  * to explain the reason for avoiding this wrapper.
1715  *
1716  * It is assumed that a reference exists on dnode coming into this routine
1717  * (and that it is safe from deallocation).
1718  *
1719  * Same with the root_node.
1720  *
1721  * *ret_snode is returned with a reference upon success.  No reference is
1722  * taken if an error is returned.
1723  *
1724  * Note: The returned ret_snode may be in a child mount.  This is ok for
1725  * readdir.
1726  *
1727  * Other smb_fsop_* routines will call SMB_TREE_CONTAINS_NODE() to prevent
1728  * operations on files not in the parent mount.
1729  *
1730  * Case sensitivity flags (SMB_IGNORE_CASE, SMB_CASE_SENSITIVE):
1731  * if SMB_CASE_SENSITIVE is set, the SMB_IGNORE_CASE flag will NOT be set
1732  * based on the tree's case sensitivity. However, if the SMB_IGNORE_CASE
1733  * flag is set in the flags value passed as a parameter, a case insensitive
1734  * lookup WILL be done (regardless of whether SMB_CASE_SENSITIVE is set
1735  * or not).
1736  */
1737 int
1738 smb_fsop_lookup(
1739     smb_request_t *sr,
1740     cred_t	*cr,
1741     int		flags,
1742     smb_node_t	*root_node,
1743     smb_node_t	*dnode,
1744     char	*name,
1745     smb_node_t	**ret_snode)
1746 {
1747 	smb_node_t *lnk_target_node;
1748 	smb_node_t *lnk_dnode;
1749 	char *longname;
1750 	char *od_name;
1751 	vnode_t *vp;
1752 	int rc;
1753 	int ret_flags;
1754 	smb_attr_t attr;
1755 
1756 	ASSERT(cr);
1757 	ASSERT(dnode);
1758 	ASSERT(dnode->n_magic == SMB_NODE_MAGIC);
1759 	ASSERT(dnode->n_state != SMB_NODE_STATE_DESTROYING);
1760 
1761 	if (name == NULL)
1762 		return (EINVAL);
1763 
1764 	if (SMB_TREE_CONTAINS_NODE(sr, dnode) == 0)
1765 		return (EACCES);
1766 
1767 	if (!(flags & SMB_CASE_SENSITIVE)) {
1768 		if (SMB_TREE_IS_CASEINSENSITIVE(sr))
1769 			flags |= SMB_IGNORE_CASE;
1770 	}
1771 	if (SMB_TREE_SUPPORTS_CATIA(sr))
1772 		flags |= SMB_CATIA;
1773 	if (SMB_TREE_SUPPORTS_ABE(sr))
1774 		flags |= SMB_ABE;
1775 
1776 	od_name = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1777 
1778 	rc = smb_vop_lookup(dnode->vp, name, &vp, od_name, flags,
1779 	    &ret_flags, root_node ? root_node->vp : NULL, &attr, cr);
1780 
1781 	if (rc != 0) {
1782 		if (!smb_maybe_mangled(name)) {
1783 			kmem_free(od_name, MAXNAMELEN);
1784 			return (rc);
1785 		}
1786 
1787 		longname = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1788 		rc = smb_unmangle(dnode, name, longname, MAXNAMELEN, flags);
1789 		if (rc != 0) {
1790 			kmem_free(od_name, MAXNAMELEN);
1791 			kmem_free(longname, MAXNAMELEN);
1792 			return (rc);
1793 		}
1794 
1795 		/*
1796 		 * longname is the real (case-sensitive)
1797 		 * on-disk name.
1798 		 * We make sure we do a lookup on this exact
1799 		 * name, as the name was mangled and denotes
1800 		 * a unique file.
1801 		 */
1802 
1803 		if (flags & SMB_IGNORE_CASE)
1804 			flags &= ~SMB_IGNORE_CASE;
1805 
1806 		rc = smb_vop_lookup(dnode->vp, longname, &vp, od_name,
1807 		    flags, &ret_flags, root_node ? root_node->vp : NULL, &attr,
1808 		    cr);
1809 
1810 		kmem_free(longname, MAXNAMELEN);
1811 
1812 		if (rc != 0) {
1813 			kmem_free(od_name, MAXNAMELEN);
1814 			return (rc);
1815 		}
1816 	}
1817 
1818 	if ((flags & SMB_FOLLOW_LINKS) && (vp->v_type == VLNK) &&
1819 	    ((attr.sa_dosattr & FILE_ATTRIBUTE_REPARSE_POINT) == 0)) {
1820 		rc = smb_pathname(sr, od_name, FOLLOW, root_node, dnode,
1821 		    &lnk_dnode, &lnk_target_node, cr);
1822 
1823 		if (rc != 0) {
1824 			/*
1825 			 * The link is assumed to be for the last component
1826 			 * of a path.  Hence any ENOTDIR error will be returned
1827 			 * as ENOENT.
1828 			 */
1829 			if (rc == ENOTDIR)
1830 				rc = ENOENT;
1831 
1832 			VN_RELE(vp);
1833 			kmem_free(od_name, MAXNAMELEN);
1834 			return (rc);
1835 		}
1836 
1837 		/*
1838 		 * Release the original VLNK vnode
1839 		 */
1840 
1841 		VN_RELE(vp);
1842 		vp = lnk_target_node->vp;
1843 
1844 		rc = smb_vop_traverse_check(&vp);
1845 
1846 		if (rc != 0) {
1847 			smb_node_release(lnk_dnode);
1848 			smb_node_release(lnk_target_node);
1849 			kmem_free(od_name, MAXNAMELEN);
1850 			return (rc);
1851 		}
1852 
1853 		/*
1854 		 * smb_vop_traverse_check() may have returned a different vnode
1855 		 */
1856 
1857 		if (lnk_target_node->vp == vp) {
1858 			*ret_snode = lnk_target_node;
1859 		} else {
1860 			*ret_snode = smb_node_lookup(sr, NULL, cr, vp,
1861 			    lnk_target_node->od_name, lnk_dnode, NULL);
1862 			VN_RELE(vp);
1863 
1864 			if (*ret_snode == NULL)
1865 				rc = ENOMEM;
1866 			smb_node_release(lnk_target_node);
1867 		}
1868 
1869 		smb_node_release(lnk_dnode);
1870 
1871 	} else {
1872 
1873 		rc = smb_vop_traverse_check(&vp);
1874 		if (rc) {
1875 			VN_RELE(vp);
1876 			kmem_free(od_name, MAXNAMELEN);
1877 			return (rc);
1878 		}
1879 
1880 		*ret_snode = smb_node_lookup(sr, NULL, cr, vp, od_name,
1881 		    dnode, NULL);
1882 		VN_RELE(vp);
1883 
1884 		if (*ret_snode == NULL)
1885 			rc = ENOMEM;
1886 	}
1887 
1888 	kmem_free(od_name, MAXNAMELEN);
1889 	return (rc);
1890 }
1891 
1892 int /*ARGSUSED*/
1893 smb_fsop_commit(smb_request_t *sr, cred_t *cr, smb_node_t *snode)
1894 {
1895 	ASSERT(cr);
1896 	ASSERT(snode);
1897 	ASSERT(snode->n_magic == SMB_NODE_MAGIC);
1898 	ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
1899 
1900 	ASSERT(sr);
1901 	ASSERT(sr->tid_tree);
1902 	if (SMB_TREE_IS_READONLY(sr))
1903 		return (EROFS);
1904 
1905 	return (smb_vop_commit(snode->vp, cr));
1906 }
1907 
1908 /*
1909  * smb_fsop_aclread
1910  *
1911  * Retrieve filesystem ACL. Depends on requested ACLs in
1912  * fs_sd->sd_secinfo, it'll set DACL and SACL pointers in
1913  * fs_sd. Note that requesting a DACL/SACL doesn't mean that
1914  * the corresponding field in fs_sd should be non-NULL upon
1915  * return, since the target ACL might not contain that type of
1916  * entries.
1917  *
1918  * Returned ACL is always in ACE_T (aka ZFS) format.
1919  * If successful the allocated memory for the ACL should be freed
1920  * using smb_fsacl_free() or smb_fssd_term()
1921  */
1922 int
1923 smb_fsop_aclread(smb_request_t *sr, cred_t *cr, smb_node_t *snode,
1924     smb_fssd_t *fs_sd)
1925 {
1926 	int error = 0;
1927 	int flags = 0;
1928 	int access = 0;
1929 	acl_t *acl;
1930 	smb_node_t *unnamed_node;
1931 
1932 	ASSERT(cr);
1933 
1934 	if (SMB_TREE_HAS_ACCESS(sr, ACE_READ_ACL) == 0)
1935 		return (EACCES);
1936 
1937 	if (sr->fid_ofile) {
1938 		if (fs_sd->sd_secinfo & SMB_DACL_SECINFO)
1939 			access = READ_CONTROL;
1940 
1941 		if (fs_sd->sd_secinfo & SMB_SACL_SECINFO)
1942 			access |= ACCESS_SYSTEM_SECURITY;
1943 
1944 		error = smb_ofile_access(sr->fid_ofile, cr, access);
1945 		if (error != NT_STATUS_SUCCESS) {
1946 			return (EACCES);
1947 		}
1948 	}
1949 
1950 	unnamed_node = SMB_IS_STREAM(snode);
1951 	if (unnamed_node) {
1952 		ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC);
1953 		ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING);
1954 		/*
1955 		 * Streams don't have ACL, any read ACL attempt on a stream
1956 		 * should be performed on the unnamed stream.
1957 		 */
1958 		snode = unnamed_node;
1959 	}
1960 
1961 	if (smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACEMASKONACCESS))
1962 		flags = ATTR_NOACLCHECK;
1963 
1964 	error = smb_vop_acl_read(snode->vp, &acl, flags,
1965 	    sr->tid_tree->t_acltype, cr);
1966 	if (error != 0) {
1967 		return (error);
1968 	}
1969 
1970 	error = acl_translate(acl, _ACL_ACE_ENABLED,
1971 	    smb_node_is_dir(snode), fs_sd->sd_uid, fs_sd->sd_gid);
1972 
1973 	if (error == 0) {
1974 		smb_fsacl_split(acl, &fs_sd->sd_zdacl, &fs_sd->sd_zsacl,
1975 		    fs_sd->sd_secinfo);
1976 	}
1977 
1978 	acl_free(acl);
1979 	return (error);
1980 }
1981 
1982 /*
1983  * smb_fsop_aclwrite
1984  *
1985  * Stores the filesystem ACL provided in fs_sd->sd_acl.
1986  */
1987 int
1988 smb_fsop_aclwrite(smb_request_t *sr, cred_t *cr, smb_node_t *snode,
1989     smb_fssd_t *fs_sd)
1990 {
1991 	int target_flavor;
1992 	int error = 0;
1993 	int flags = 0;
1994 	int access = 0;
1995 	acl_t *acl, *dacl, *sacl;
1996 	smb_node_t *unnamed_node;
1997 
1998 	ASSERT(cr);
1999 
2000 	ASSERT(sr);
2001 	ASSERT(sr->tid_tree);
2002 	if (SMB_TREE_IS_READONLY(sr))
2003 		return (EROFS);
2004 
2005 	if (SMB_TREE_HAS_ACCESS(sr, ACE_WRITE_ACL) == 0)
2006 		return (EACCES);
2007 
2008 	if (sr->fid_ofile) {
2009 		if (fs_sd->sd_secinfo & SMB_DACL_SECINFO)
2010 			access = WRITE_DAC;
2011 
2012 		if (fs_sd->sd_secinfo & SMB_SACL_SECINFO)
2013 			access |= ACCESS_SYSTEM_SECURITY;
2014 
2015 		error = smb_ofile_access(sr->fid_ofile, cr, access);
2016 		if (error != NT_STATUS_SUCCESS)
2017 			return (EACCES);
2018 	}
2019 
2020 	switch (sr->tid_tree->t_acltype) {
2021 	case ACLENT_T:
2022 		target_flavor = _ACL_ACLENT_ENABLED;
2023 		break;
2024 
2025 	case ACE_T:
2026 		target_flavor = _ACL_ACE_ENABLED;
2027 		break;
2028 	default:
2029 		return (EINVAL);
2030 	}
2031 
2032 	unnamed_node = SMB_IS_STREAM(snode);
2033 	if (unnamed_node) {
2034 		ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC);
2035 		ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING);
2036 		/*
2037 		 * Streams don't have ACL, any write ACL attempt on a stream
2038 		 * should be performed on the unnamed stream.
2039 		 */
2040 		snode = unnamed_node;
2041 	}
2042 
2043 	dacl = fs_sd->sd_zdacl;
2044 	sacl = fs_sd->sd_zsacl;
2045 
2046 	ASSERT(dacl || sacl);
2047 	if ((dacl == NULL) && (sacl == NULL))
2048 		return (EINVAL);
2049 
2050 	if (dacl && sacl)
2051 		acl = smb_fsacl_merge(dacl, sacl);
2052 	else if (dacl)
2053 		acl = dacl;
2054 	else
2055 		acl = sacl;
2056 
2057 	error = acl_translate(acl, target_flavor, smb_node_is_dir(snode),
2058 	    fs_sd->sd_uid, fs_sd->sd_gid);
2059 	if (error == 0) {
2060 		if (smb_tree_has_feature(sr->tid_tree,
2061 		    SMB_TREE_ACEMASKONACCESS))
2062 			flags = ATTR_NOACLCHECK;
2063 
2064 		error = smb_vop_acl_write(snode->vp, acl, flags, cr);
2065 	}
2066 
2067 	if (dacl && sacl)
2068 		acl_free(acl);
2069 
2070 	return (error);
2071 }
2072 
2073 acl_type_t
2074 smb_fsop_acltype(smb_node_t *snode)
2075 {
2076 	return (smb_vop_acl_type(snode->vp));
2077 }
2078 
2079 /*
2080  * smb_fsop_sdread
2081  *
2082  * Read the requested security descriptor items from filesystem.
2083  * The items are specified in fs_sd->sd_secinfo.
2084  */
2085 int
2086 smb_fsop_sdread(smb_request_t *sr, cred_t *cr, smb_node_t *snode,
2087     smb_fssd_t *fs_sd)
2088 {
2089 	int error = 0;
2090 	int getowner = 0;
2091 	cred_t *ga_cred;
2092 	smb_attr_t attr;
2093 
2094 	ASSERT(cr);
2095 	ASSERT(fs_sd);
2096 
2097 	/*
2098 	 * File's uid/gid is fetched in two cases:
2099 	 *
2100 	 * 1. it's explicitly requested
2101 	 *
2102 	 * 2. target ACL is ACE_T (ZFS ACL). They're needed for
2103 	 *    owner@/group@ entries. In this case kcred should be used
2104 	 *    because uid/gid are fetched on behalf of smb server.
2105 	 */
2106 	if (fs_sd->sd_secinfo & (SMB_OWNER_SECINFO | SMB_GROUP_SECINFO)) {
2107 		getowner = 1;
2108 		ga_cred = cr;
2109 	} else if (sr->tid_tree->t_acltype == ACE_T) {
2110 		getowner = 1;
2111 		ga_cred = kcred;
2112 	}
2113 
2114 	if (getowner) {
2115 		/*
2116 		 * Windows require READ_CONTROL to read owner/group SID since
2117 		 * they're part of Security Descriptor.
2118 		 * ZFS only requires read_attribute. Need to have a explicit
2119 		 * access check here.
2120 		 */
2121 		if (sr->fid_ofile == NULL) {
2122 			error = smb_fsop_access(sr, ga_cred, snode,
2123 			    READ_CONTROL);
2124 			if (error)
2125 				return (EACCES);
2126 		}
2127 
2128 		attr.sa_mask = SMB_AT_UID | SMB_AT_GID;
2129 		error = smb_fsop_getattr(sr, ga_cred, snode, &attr);
2130 		if (error == 0) {
2131 			fs_sd->sd_uid = attr.sa_vattr.va_uid;
2132 			fs_sd->sd_gid = attr.sa_vattr.va_gid;
2133 		} else {
2134 			return (error);
2135 		}
2136 	}
2137 
2138 	if (fs_sd->sd_secinfo & SMB_ACL_SECINFO) {
2139 		error = smb_fsop_aclread(sr, cr, snode, fs_sd);
2140 	}
2141 
2142 	return (error);
2143 }
2144 
2145 /*
2146  * smb_fsop_sdmerge
2147  *
2148  * From SMB point of view DACL and SACL are two separate list
2149  * which can be manipulated independently without one affecting
2150  * the other, but entries for both DACL and SACL will end up
2151  * in the same ACL if target filesystem supports ACE_T ACLs.
2152  *
2153  * So, if either DACL or SACL is present in the client set request
2154  * the entries corresponding to the non-present ACL shouldn't
2155  * be touched in the FS ACL.
2156  *
2157  * fs_sd parameter contains DACL and SACL specified by SMB
2158  * client to be set on a file/directory. The client could
2159  * specify both or one of these ACLs (if none is specified
2160  * we don't get this far). When both DACL and SACL are given
2161  * by client the existing ACL should be overwritten. If only
2162  * one of them is specified the entries corresponding to the other
2163  * ACL should not be touched. For example, if only DACL
2164  * is specified in input fs_sd, the function reads audit entries
2165  * of the existing ACL of the file and point fs_sd->sd_zsdacl
2166  * pointer to the fetched SACL, this way when smb_fsop_sdwrite()
2167  * function is called the passed fs_sd would point to the specified
2168  * DACL by client and fetched SACL from filesystem, so the file
2169  * will end up with correct ACL.
2170  */
2171 static int
2172 smb_fsop_sdmerge(smb_request_t *sr, smb_node_t *snode, smb_fssd_t *fs_sd)
2173 {
2174 	smb_fssd_t cur_sd;
2175 	int error = 0;
2176 
2177 	if (sr->tid_tree->t_acltype != ACE_T)
2178 		/* Don't bother if target FS doesn't support ACE_T */
2179 		return (0);
2180 
2181 	if ((fs_sd->sd_secinfo & SMB_ACL_SECINFO) != SMB_ACL_SECINFO) {
2182 		if (fs_sd->sd_secinfo & SMB_DACL_SECINFO) {
2183 			/*
2184 			 * Don't overwrite existing audit entries
2185 			 */
2186 			smb_fssd_init(&cur_sd, SMB_SACL_SECINFO,
2187 			    fs_sd->sd_flags);
2188 
2189 			error = smb_fsop_sdread(sr, kcred, snode, &cur_sd);
2190 			if (error == 0) {
2191 				ASSERT(fs_sd->sd_zsacl == NULL);
2192 				fs_sd->sd_zsacl = cur_sd.sd_zsacl;
2193 				if (fs_sd->sd_zsacl && fs_sd->sd_zdacl)
2194 					fs_sd->sd_zsacl->acl_flags =
2195 					    fs_sd->sd_zdacl->acl_flags;
2196 			}
2197 		} else {
2198 			/*
2199 			 * Don't overwrite existing access entries
2200 			 */
2201 			smb_fssd_init(&cur_sd, SMB_DACL_SECINFO,
2202 			    fs_sd->sd_flags);
2203 
2204 			error = smb_fsop_sdread(sr, kcred, snode, &cur_sd);
2205 			if (error == 0) {
2206 				ASSERT(fs_sd->sd_zdacl == NULL);
2207 				fs_sd->sd_zdacl = cur_sd.sd_zdacl;
2208 				if (fs_sd->sd_zdacl && fs_sd->sd_zsacl)
2209 					fs_sd->sd_zdacl->acl_flags =
2210 					    fs_sd->sd_zsacl->acl_flags;
2211 			}
2212 		}
2213 
2214 		if (error)
2215 			smb_fssd_term(&cur_sd);
2216 	}
2217 
2218 	return (error);
2219 }
2220 
2221 /*
2222  * smb_fsop_sdwrite
2223  *
2224  * Stores the given uid, gid and acl in filesystem.
2225  * Provided items in fs_sd are specified by fs_sd->sd_secinfo.
2226  *
2227  * A SMB security descriptor could contain owner, primary group,
2228  * DACL and SACL. Setting an SD should be atomic but here it has to
2229  * be done via two separate FS operations: VOP_SETATTR and
2230  * VOP_SETSECATTR. Therefore, this function has to simulate the
2231  * atomicity as well as it can.
2232  *
2233  * Get the current uid, gid before setting the new uid/gid
2234  * so if smb_fsop_aclwrite fails they can be restored. root cred is
2235  * used to get currend uid/gid since this operation is performed on
2236  * behalf of the server not the user.
2237  *
2238  * If setting uid/gid fails with EPERM it means that and invalid
2239  * owner has been specified. Callers should translate this to
2240  * STATUS_INVALID_OWNER which is not the normal mapping for EPERM
2241  * in upper layers, so EPERM is mapped to EBADE.
2242  */
2243 int
2244 smb_fsop_sdwrite(smb_request_t *sr, cred_t *cr, smb_node_t *snode,
2245     smb_fssd_t *fs_sd, int overwrite)
2246 {
2247 	int error = 0;
2248 	int access = 0;
2249 	smb_attr_t set_attr;
2250 	smb_attr_t orig_attr;
2251 
2252 	ASSERT(cr);
2253 	ASSERT(fs_sd);
2254 
2255 	ASSERT(sr);
2256 	ASSERT(sr->tid_tree);
2257 	if (SMB_TREE_IS_READONLY(sr))
2258 		return (EROFS);
2259 
2260 	bzero(&set_attr, sizeof (smb_attr_t));
2261 
2262 	if (fs_sd->sd_secinfo & SMB_OWNER_SECINFO) {
2263 		set_attr.sa_vattr.va_uid = fs_sd->sd_uid;
2264 		set_attr.sa_mask |= SMB_AT_UID;
2265 		access |= WRITE_OWNER;
2266 	}
2267 
2268 	if (fs_sd->sd_secinfo & SMB_GROUP_SECINFO) {
2269 		set_attr.sa_vattr.va_gid = fs_sd->sd_gid;
2270 		set_attr.sa_mask |= SMB_AT_GID;
2271 		access |= WRITE_OWNER;
2272 	}
2273 
2274 	if (fs_sd->sd_secinfo & SMB_DACL_SECINFO)
2275 		access |= WRITE_DAC;
2276 
2277 	if (fs_sd->sd_secinfo & SMB_SACL_SECINFO)
2278 		access |= ACCESS_SYSTEM_SECURITY;
2279 
2280 	if (sr->fid_ofile)
2281 		error = smb_ofile_access(sr->fid_ofile, cr, access);
2282 	else
2283 		error = smb_fsop_access(sr, cr, snode, access);
2284 
2285 	if (error)
2286 		return (EACCES);
2287 
2288 	if (set_attr.sa_mask) {
2289 		orig_attr.sa_mask = SMB_AT_UID | SMB_AT_GID;
2290 		error = smb_fsop_getattr(sr, kcred, snode, &orig_attr);
2291 		if (error == 0) {
2292 			error = smb_fsop_setattr(sr, cr, snode, &set_attr);
2293 			if (error == EPERM)
2294 				error = EBADE;
2295 		}
2296 
2297 		if (error)
2298 			return (error);
2299 	}
2300 
2301 	if (fs_sd->sd_secinfo & SMB_ACL_SECINFO) {
2302 		if (overwrite == 0) {
2303 			error = smb_fsop_sdmerge(sr, snode, fs_sd);
2304 			if (error)
2305 				return (error);
2306 		}
2307 
2308 		error = smb_fsop_aclwrite(sr, cr, snode, fs_sd);
2309 		if (error) {
2310 			/*
2311 			 * Revert uid/gid changes if required.
2312 			 */
2313 			if (set_attr.sa_mask) {
2314 				orig_attr.sa_mask = set_attr.sa_mask;
2315 				(void) smb_fsop_setattr(sr, kcred, snode,
2316 				    &orig_attr);
2317 			}
2318 		}
2319 	}
2320 
2321 	return (error);
2322 }
2323 
2324 /*
2325  * smb_fsop_sdinherit
2326  *
2327  * Inherit the security descriptor from the parent container.
2328  * This function is called after FS has created the file/folder
2329  * so if this doesn't do anything it means FS inheritance is
2330  * in place.
2331  *
2332  * Do inheritance for ZFS internally.
2333  *
2334  * If we want to let ZFS does the inheritance the
2335  * following setting should be true:
2336  *
2337  *  - aclinherit = passthrough
2338  *  - aclmode = passthrough
2339  *  - smbd umask = 0777
2340  *
2341  * This will result in right effective permissions but
2342  * ZFS will always add 6 ACEs for owner, owning group
2343  * and others to be POSIX compliant. This is not what
2344  * Windows clients/users expect, so we decided that CIFS
2345  * implements Windows rules and overwrite whatever ZFS
2346  * comes up with. This way we also don't have to care
2347  * about ZFS aclinherit and aclmode settings.
2348  */
2349 static int
2350 smb_fsop_sdinherit(smb_request_t *sr, smb_node_t *dnode, smb_fssd_t *fs_sd)
2351 {
2352 	acl_t *dacl = NULL;
2353 	acl_t *sacl = NULL;
2354 	int is_dir;
2355 	int error;
2356 
2357 	ASSERT(fs_sd);
2358 
2359 	if (sr->tid_tree->t_acltype != ACE_T) {
2360 		/*
2361 		 * No forced inheritance for non-ZFS filesystems.
2362 		 */
2363 		fs_sd->sd_secinfo = 0;
2364 		return (0);
2365 	}
2366 
2367 
2368 	/* Fetch parent directory's ACL */
2369 	error = smb_fsop_sdread(sr, kcred, dnode, fs_sd);
2370 	if (error) {
2371 		return (error);
2372 	}
2373 
2374 	is_dir = (fs_sd->sd_flags & SMB_FSSD_FLAGS_DIR);
2375 	dacl = smb_fsacl_inherit(fs_sd->sd_zdacl, is_dir, SMB_DACL_SECINFO,
2376 	    sr->user_cr);
2377 	sacl = smb_fsacl_inherit(fs_sd->sd_zsacl, is_dir, SMB_SACL_SECINFO,
2378 	    sr->user_cr);
2379 
2380 	if (sacl == NULL)
2381 		fs_sd->sd_secinfo &= ~SMB_SACL_SECINFO;
2382 
2383 	smb_fsacl_free(fs_sd->sd_zdacl);
2384 	smb_fsacl_free(fs_sd->sd_zsacl);
2385 
2386 	fs_sd->sd_zdacl = dacl;
2387 	fs_sd->sd_zsacl = sacl;
2388 
2389 	return (0);
2390 }
2391 
2392 /*
2393  * smb_fsop_eaccess
2394  *
2395  * Returns the effective permission of the given credential for the
2396  * specified object.
2397  *
2398  * This is just a workaround. We need VFS/FS support for this.
2399  */
2400 void
2401 smb_fsop_eaccess(smb_request_t *sr, cred_t *cr, smb_node_t *snode,
2402     uint32_t *eaccess)
2403 {
2404 	int access = 0;
2405 	vnode_t *dir_vp;
2406 	smb_node_t *unnamed_node;
2407 
2408 	ASSERT(cr);
2409 	ASSERT(snode);
2410 	ASSERT(snode->n_magic == SMB_NODE_MAGIC);
2411 	ASSERT(snode->n_state != SMB_NODE_STATE_DESTROYING);
2412 
2413 	unnamed_node = SMB_IS_STREAM(snode);
2414 	if (unnamed_node) {
2415 		ASSERT(unnamed_node->n_magic == SMB_NODE_MAGIC);
2416 		ASSERT(unnamed_node->n_state != SMB_NODE_STATE_DESTROYING);
2417 		/*
2418 		 * Streams authorization should be performed against the
2419 		 * unnamed stream.
2420 		 */
2421 		snode = unnamed_node;
2422 	}
2423 
2424 	if (smb_tree_has_feature(sr->tid_tree, SMB_TREE_ACEMASKONACCESS)) {
2425 		dir_vp = (snode->n_dnode) ? snode->n_dnode->vp : NULL;
2426 		smb_vop_eaccess(snode->vp, (int *)eaccess, V_ACE_MASK, dir_vp,
2427 		    cr);
2428 		return;
2429 	}
2430 
2431 	/*
2432 	 * FS doesn't understand 32-bit mask
2433 	 */
2434 	smb_vop_eaccess(snode->vp, &access, 0, NULL, cr);
2435 	access &= sr->tid_tree->t_access;
2436 
2437 	*eaccess = READ_CONTROL | FILE_READ_EA | FILE_READ_ATTRIBUTES;
2438 
2439 	if (access & VREAD)
2440 		*eaccess |= FILE_READ_DATA;
2441 
2442 	if (access & VEXEC)
2443 		*eaccess |= FILE_EXECUTE;
2444 
2445 	if (access & VWRITE)
2446 		*eaccess |= FILE_WRITE_DATA | FILE_WRITE_ATTRIBUTES |
2447 		    FILE_WRITE_EA | FILE_APPEND_DATA | FILE_DELETE_CHILD;
2448 }
2449 
2450 /*
2451  * smb_fsop_shrlock
2452  *
2453  * For the current open request, check file sharing rules
2454  * against existing opens.
2455  *
2456  * Returns NT_STATUS_SHARING_VIOLATION if there is any
2457  * sharing conflict.  Returns NT_STATUS_SUCCESS otherwise.
2458  *
2459  * Full system-wide share reservation synchronization is available
2460  * when the nbmand (non-blocking mandatory) mount option is set
2461  * (i.e. nbl_need_crit() is true) and nbmand critical regions are used.
2462  * This provides synchronization with NFS and local processes.  The
2463  * critical regions are entered in VOP_SHRLOCK()/fs_shrlock() (called
2464  * from smb_open_subr()/smb_fsop_shrlock()/smb_vop_shrlock()) as well
2465  * as the CIFS rename and delete paths.
2466  *
2467  * The CIFS server will also enter the nbl critical region in the open,
2468  * rename, and delete paths when nbmand is not set.  There is limited
2469  * coordination with local and VFS share reservations in this case.
2470  * Note that when the nbmand mount option is not set, the VFS layer
2471  * only processes advisory reservations and the delete mode is not checked.
2472  *
2473  * Whether or not the nbmand mount option is set, intra-CIFS share
2474  * checking is done in the open, delete, and rename paths using a CIFS
2475  * critical region (node->n_share_lock).
2476  */
2477 uint32_t
2478 smb_fsop_shrlock(cred_t *cr, smb_node_t *node, uint32_t uniq_fid,
2479     uint32_t desired_access, uint32_t share_access)
2480 {
2481 	int rc;
2482 
2483 	/* Allow access if the request is just for meta data */
2484 	if ((desired_access & FILE_DATA_ALL) == 0)
2485 		return (NT_STATUS_SUCCESS);
2486 
2487 	rc = smb_node_open_check(node, desired_access, share_access);
2488 	if (rc)
2489 		return (NT_STATUS_SHARING_VIOLATION);
2490 
2491 	rc = smb_vop_shrlock(node->vp, uniq_fid, desired_access, share_access,
2492 	    cr);
2493 	if (rc)
2494 		return (NT_STATUS_SHARING_VIOLATION);
2495 
2496 	return (NT_STATUS_SUCCESS);
2497 }
2498 
2499 void
2500 smb_fsop_unshrlock(cred_t *cr, smb_node_t *node, uint32_t uniq_fid)
2501 {
2502 	(void) smb_vop_unshrlock(node->vp, uniq_fid, cr);
2503 }
2504 
2505 int
2506 smb_fsop_frlock(smb_node_t *node, smb_lock_t *lock, boolean_t unlock,
2507     cred_t *cr)
2508 {
2509 	flock64_t bf;
2510 	int flag = F_REMOTELOCK;
2511 
2512 	/*
2513 	 * VOP_FRLOCK() will not be called if:
2514 	 *
2515 	 * 1) The lock has a range of zero bytes. The semantics of Windows and
2516 	 *    POSIX are different. In the case of POSIX it asks for the locking
2517 	 *    of all the bytes from the offset provided until the end of the
2518 	 *    file. In the case of Windows a range of zero locks nothing and
2519 	 *    doesn't conflict with any other lock.
2520 	 *
2521 	 * 2) The lock rolls over (start + lenght < start). Solaris will assert
2522 	 *    if such a request is submitted. This will not create
2523 	 *    incompatibilities between POSIX and Windows. In the Windows world,
2524 	 *    if a client submits such a lock, the server will not lock any
2525 	 *    bytes. Interestingly if the same lock (same offset and length) is
2526 	 *    resubmitted Windows will consider that there is an overlap and
2527 	 *    the granting rules will then apply.
2528 	 */
2529 	if ((lock->l_length == 0) ||
2530 	    ((lock->l_start + lock->l_length - 1) < lock->l_start))
2531 		return (0);
2532 
2533 	bzero(&bf, sizeof (bf));
2534 
2535 	if (unlock) {
2536 		bf.l_type = F_UNLCK;
2537 	} else if (lock->l_type == SMB_LOCK_TYPE_READONLY) {
2538 		bf.l_type = F_RDLCK;
2539 		flag |= FREAD;
2540 	} else if (lock->l_type == SMB_LOCK_TYPE_READWRITE) {
2541 		bf.l_type = F_WRLCK;
2542 		flag |= FWRITE;
2543 	}
2544 
2545 	bf.l_start = lock->l_start;
2546 	bf.l_len = lock->l_length;
2547 	bf.l_pid = lock->l_file->f_uniqid;
2548 	bf.l_sysid = smb_ct.cc_sysid;
2549 
2550 	return (smb_vop_frlock(node->vp, cr, flag, &bf));
2551 }
2552