Line data Source code
1 : /*
2 : * Unix SMB/CIFS implementation.
3 : * Samba VFS module for GPFS filesystem
4 : * Copyright (C) Christian Ambach <cambach1@de.ibm.com> 2006
5 : * Copyright (C) Christof Schmitt 2015
6 : * Major code contributions by Chetan Shringarpure <chetan.sh@in.ibm.com>
7 : * and Gomati Mohanan <gomati.mohanan@in.ibm.com>
8 : *
9 : * This program is free software; you can redistribute it and/or modify
10 : * it under the terms of the GNU General Public License as published by
11 : * the Free Software Foundation; either version 3 of the License, or
12 : * (at your option) any later version.
13 : *
14 : * This program is distributed in the hope that it will be useful,
15 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 : * GNU General Public License for more details.
18 : *
19 : * You should have received a copy of the GNU General Public License
20 : * along with this program; if not, see <http://www.gnu.org/licenses/>.
21 : */
22 :
23 : #include "includes.h"
24 : #include "smbd/smbd.h"
25 : #include "include/smbprofile.h"
26 : #include "modules/non_posix_acls.h"
27 : #include "libcli/security/security.h"
28 : #include "nfs4_acls.h"
29 : #include "system/filesys.h"
30 : #include "auth.h"
31 : #include "lib/util/tevent_unix.h"
32 : #include "lib/util/gpfswrap.h"
33 :
34 : #include <gnutls/gnutls.h>
35 : #include <gnutls/crypto.h>
36 : #include "lib/crypto/gnutls_helpers.h"
37 :
38 : #undef DBGC_CLASS
39 : #define DBGC_CLASS DBGC_VFS
40 :
41 : #ifndef GPFS_GETACL_NATIVE
42 : #define GPFS_GETACL_NATIVE 0x00000004
43 : #endif
44 :
45 : struct gpfs_config_data {
46 : struct smbacl4_vfs_params nfs4_params;
47 : bool sharemodes;
48 : bool leases;
49 : bool hsm;
50 : bool syncio;
51 : bool winattr;
52 : bool ftruncate;
53 : bool getrealfilename;
54 : bool dfreequota;
55 : bool acl;
56 : bool settimes;
57 : bool recalls;
58 : struct {
59 : bool gpfs_fstat_x;
60 : } pathref_ok;
61 : };
62 :
63 : struct gpfs_fsp_extension {
64 : bool offline;
65 : };
66 :
67 0 : static inline unsigned int gpfs_acl_flags(gpfs_acl_t *gacl)
68 : {
69 0 : if (gacl->acl_level == GPFS_ACL_LEVEL_V4FLAGS) {
70 0 : return gacl->v4Level1.acl_flags;
71 : }
72 0 : return 0;
73 : }
74 :
75 0 : static inline gpfs_ace_v4_t *gpfs_ace_ptr(gpfs_acl_t *gacl, unsigned int i)
76 : {
77 0 : if (gacl->acl_level == GPFS_ACL_LEVEL_V4FLAGS) {
78 0 : return &gacl->v4Level1.ace_v4[i];
79 : }
80 0 : return &gacl->ace_v4[i];
81 : }
82 :
83 0 : static unsigned int vfs_gpfs_access_mask_to_allow(uint32_t access_mask)
84 : {
85 0 : unsigned int allow = GPFS_SHARE_NONE;
86 :
87 0 : if (access_mask & (FILE_WRITE_DATA|FILE_APPEND_DATA)) {
88 0 : allow |= GPFS_SHARE_WRITE;
89 : }
90 0 : if (access_mask & (FILE_READ_DATA|FILE_EXECUTE)) {
91 0 : allow |= GPFS_SHARE_READ;
92 : }
93 :
94 0 : return allow;
95 : }
96 :
97 0 : static unsigned int vfs_gpfs_share_access_to_deny(uint32_t share_access)
98 : {
99 1 : unsigned int deny = GPFS_DENY_NONE;
100 :
101 0 : if (!(share_access & FILE_SHARE_WRITE)) {
102 0 : deny |= GPFS_DENY_WRITE;
103 : }
104 0 : if (!(share_access & FILE_SHARE_READ)) {
105 0 : deny |= GPFS_DENY_READ;
106 : }
107 :
108 : /*
109 : * GPFS_DENY_DELETE can only be set together with either
110 : * GPFS_DENY_WRITE or GPFS_DENY_READ.
111 : */
112 0 : if ((deny & (GPFS_DENY_WRITE|GPFS_DENY_READ)) &&
113 0 : !(share_access & FILE_SHARE_DELETE)) {
114 0 : deny |= GPFS_DENY_DELETE;
115 : }
116 :
117 0 : return deny;
118 : }
119 :
120 0 : static int set_gpfs_sharemode(files_struct *fsp, uint32_t access_mask,
121 : uint32_t share_access)
122 : {
123 0 : unsigned int allow = GPFS_SHARE_NONE;
124 0 : unsigned int deny = GPFS_DENY_NONE;
125 0 : int result;
126 :
127 0 : if (access_mask == 0) {
128 0 : DBG_DEBUG("Clearing file system share mode.\n");
129 : } else {
130 0 : allow = vfs_gpfs_access_mask_to_allow(access_mask);
131 0 : deny = vfs_gpfs_share_access_to_deny(share_access);
132 : }
133 0 : DBG_DEBUG("access_mask=0x%x, allow=0x%x, share_access=0x%x, "
134 : "deny=0x%x\n", access_mask, allow, share_access, deny);
135 :
136 0 : result = gpfswrap_set_share(fsp_get_io_fd(fsp), allow, deny);
137 0 : if (result == 0) {
138 0 : return 0;
139 : }
140 :
141 0 : if (errno == EACCES) {
142 0 : DBG_NOTICE("GPFS share mode denied for %s/%s.\n",
143 : fsp->conn->connectpath,
144 : fsp->fsp_name->base_name);
145 0 : } else if (errno == EPERM) {
146 0 : DBG_ERR("Samba requested GPFS sharemode for %s/%s, but the "
147 : "GPFS file system is not configured accordingly. "
148 : "Configure file system with mmchfs -D nfs4 or "
149 : "set gpfs:sharemodes=no in Samba.\n",
150 : fsp->conn->connectpath,
151 : fsp->fsp_name->base_name);
152 : } else {
153 0 : DBG_ERR("gpfs_set_share failed: %s\n", strerror(errno));
154 : }
155 :
156 0 : return result;
157 : }
158 :
159 0 : static int vfs_gpfs_filesystem_sharemode(vfs_handle_struct *handle,
160 : files_struct *fsp,
161 : uint32_t share_access,
162 : uint32_t access_mask)
163 : {
164 :
165 0 : struct gpfs_config_data *config;
166 0 : int ret = 0;
167 :
168 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
169 : struct gpfs_config_data,
170 0 : return -1);
171 :
172 0 : if(!config->sharemodes) {
173 0 : return 0;
174 : }
175 :
176 : /*
177 : * A named stream fsp will have the basefile open in the fsp
178 : * fd, so lacking a distinct fd for the stream we have to skip
179 : * set_gpfs_sharemode for stream.
180 : */
181 0 : if (fsp_is_alternate_stream(fsp)) {
182 0 : DBG_NOTICE("Not requesting GPFS sharemode on stream: %s/%s\n",
183 : fsp->conn->connectpath,
184 : fsp_str_dbg(fsp));
185 0 : return 0;
186 : }
187 :
188 0 : ret = set_gpfs_sharemode(fsp, access_mask, share_access);
189 :
190 0 : return ret;
191 : }
192 :
193 0 : static int vfs_gpfs_close(vfs_handle_struct *handle, files_struct *fsp)
194 : {
195 :
196 0 : struct gpfs_config_data *config;
197 :
198 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
199 : struct gpfs_config_data,
200 0 : return -1);
201 :
202 0 : if (config->sharemodes &&
203 : (fsp->fsp_flags.kernel_share_modes_taken))
204 : {
205 : /*
206 : * Always clear GPFS sharemode in case the actual
207 : * close gets deferred due to outstanding POSIX locks
208 : * (see fd_close_posix)
209 : */
210 0 : int ret = gpfswrap_set_share(fsp_get_io_fd(fsp), 0, 0);
211 0 : if (ret != 0) {
212 0 : DBG_ERR("Clearing GPFS sharemode on close failed for "
213 : " %s/%s: %s\n",
214 : fsp->conn->connectpath,
215 : fsp->fsp_name->base_name,
216 : strerror(errno));
217 : }
218 : }
219 :
220 0 : return SMB_VFS_NEXT_CLOSE(handle, fsp);
221 : }
222 :
223 : #ifdef HAVE_KERNEL_OPLOCKS_LINUX
224 0 : static int lease_type_to_gpfs(int leasetype)
225 : {
226 0 : if (leasetype == F_RDLCK) {
227 0 : return GPFS_LEASE_READ;
228 : }
229 :
230 0 : if (leasetype == F_WRLCK) {
231 0 : return GPFS_LEASE_WRITE;
232 : }
233 :
234 0 : return GPFS_LEASE_NONE;
235 : }
236 :
237 0 : static int vfs_gpfs_setlease(vfs_handle_struct *handle,
238 : files_struct *fsp,
239 : int leasetype)
240 : {
241 0 : struct gpfs_config_data *config;
242 0 : int ret=0;
243 :
244 0 : START_PROFILE(syscall_linux_setlease);
245 :
246 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
247 : struct gpfs_config_data,
248 0 : return -1);
249 :
250 0 : ret = linux_set_lease_sighandler(fsp_get_io_fd(fsp));
251 0 : if (ret == -1) {
252 0 : goto failure;
253 : }
254 :
255 0 : if (config->leases) {
256 0 : int gpfs_lease_type = lease_type_to_gpfs(leasetype);
257 0 : int saved_errno = 0;
258 :
259 : /*
260 : * Ensure the lease owner is root to allow
261 : * correct delivery of lease-break signals.
262 : */
263 0 : become_root();
264 0 : ret = gpfswrap_set_lease(fsp_get_io_fd(fsp), gpfs_lease_type);
265 0 : if (ret < 0) {
266 0 : saved_errno = errno;
267 : }
268 0 : unbecome_root();
269 :
270 0 : if (saved_errno != 0) {
271 0 : errno = saved_errno;
272 : }
273 : }
274 :
275 0 : failure:
276 0 : END_PROFILE(syscall_linux_setlease);
277 :
278 0 : return ret;
279 : }
280 :
281 : #else /* HAVE_KERNEL_OPLOCKS_LINUX */
282 :
283 : static int vfs_gpfs_setlease(vfs_handle_struct *handle,
284 : files_struct *fsp,
285 : int leasetype)
286 : {
287 : return ENOSYS;
288 : }
289 : #endif /* HAVE_KERNEL_OPLOCKS_LINUX */
290 :
291 0 : static NTSTATUS vfs_gpfs_get_real_filename_at(struct vfs_handle_struct *handle,
292 : struct files_struct *dirfsp,
293 : const char *name,
294 : TALLOC_CTX *mem_ctx,
295 : char **found_name)
296 : {
297 0 : int result;
298 0 : char *full_path = NULL;
299 0 : char *to_free = NULL;
300 0 : char real_pathname[PATH_MAX+1], tmpbuf[PATH_MAX];
301 0 : size_t full_path_len;
302 0 : int buflen;
303 0 : bool mangled;
304 0 : struct gpfs_config_data *config;
305 :
306 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
307 : struct gpfs_config_data,
308 0 : return NT_STATUS_INTERNAL_ERROR);
309 :
310 0 : if (!config->getrealfilename) {
311 0 : return SMB_VFS_NEXT_GET_REAL_FILENAME_AT(
312 : handle, dirfsp, name, mem_ctx, found_name);
313 : }
314 :
315 0 : mangled = mangle_is_mangled(name, handle->conn->params);
316 0 : if (mangled) {
317 0 : return SMB_VFS_NEXT_GET_REAL_FILENAME_AT(
318 : handle, dirfsp, name, mem_ctx, found_name);
319 : }
320 :
321 0 : full_path_len = full_path_tos(dirfsp->fsp_name->base_name, name,
322 : tmpbuf, sizeof(tmpbuf),
323 : &full_path, &to_free);
324 0 : if (full_path_len == -1) {
325 0 : return NT_STATUS_NO_MEMORY;
326 : }
327 :
328 0 : buflen = sizeof(real_pathname) - 1;
329 :
330 0 : result = gpfswrap_get_realfilename_path(full_path, real_pathname,
331 : &buflen);
332 :
333 0 : TALLOC_FREE(to_free);
334 :
335 0 : if ((result == -1) && (errno == ENOSYS)) {
336 0 : return SMB_VFS_NEXT_GET_REAL_FILENAME_AT(
337 : handle, dirfsp, name, mem_ctx, found_name);
338 : }
339 :
340 0 : if (result == -1) {
341 0 : DEBUG(10, ("smbd_gpfs_get_realfilename_path returned %s\n",
342 : strerror(errno)));
343 0 : return map_nt_error_from_unix(errno);
344 : }
345 :
346 : /*
347 : * GPFS does not necessarily null-terminate the returned path
348 : * but instead returns the buffer length in buflen.
349 : */
350 :
351 0 : if (buflen < sizeof(real_pathname)) {
352 0 : real_pathname[buflen] = '\0';
353 : } else {
354 0 : real_pathname[sizeof(real_pathname)-1] = '\0';
355 : }
356 :
357 0 : DBG_DEBUG("%s/%s -> %s\n",
358 : fsp_str_dbg(dirfsp),
359 : name,
360 : real_pathname);
361 :
362 0 : name = strrchr_m(real_pathname, '/');
363 0 : if (name == NULL) {
364 0 : return NT_STATUS_OBJECT_NAME_NOT_FOUND;
365 : }
366 :
367 0 : *found_name = talloc_strdup(mem_ctx, name+1);
368 0 : if (*found_name == NULL) {
369 0 : return NT_STATUS_NO_MEMORY;
370 : }
371 :
372 0 : return NT_STATUS_OK;
373 : }
374 :
375 0 : static void sd2gpfs_control(uint16_t control, struct gpfs_acl *gacl)
376 : {
377 0 : unsigned int gpfs_aclflags = 0;
378 0 : control &= SEC_DESC_DACL_PROTECTED | SEC_DESC_SACL_PROTECTED |
379 : SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_SACL_AUTO_INHERITED |
380 : SEC_DESC_DACL_DEFAULTED | SEC_DESC_SACL_DEFAULTED |
381 : SEC_DESC_DACL_PRESENT | SEC_DESC_SACL_PRESENT;
382 0 : gpfs_aclflags = control << 8;
383 0 : if (!(control & SEC_DESC_DACL_PRESENT))
384 0 : gpfs_aclflags |= ACL4_FLAG_NULL_DACL;
385 0 : if (!(control & SEC_DESC_SACL_PRESENT))
386 0 : gpfs_aclflags |= ACL4_FLAG_NULL_SACL;
387 0 : gacl->acl_level = GPFS_ACL_LEVEL_V4FLAGS;
388 0 : gacl->v4Level1.acl_flags = gpfs_aclflags;
389 0 : }
390 :
391 0 : static uint16_t gpfs2sd_control(unsigned int gpfs_aclflags)
392 : {
393 0 : uint16_t control = gpfs_aclflags >> 8;
394 0 : control &= SEC_DESC_DACL_PROTECTED | SEC_DESC_SACL_PROTECTED |
395 : SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_SACL_AUTO_INHERITED |
396 : SEC_DESC_DACL_DEFAULTED | SEC_DESC_SACL_DEFAULTED |
397 : SEC_DESC_DACL_PRESENT | SEC_DESC_SACL_PRESENT;
398 0 : control |= SEC_DESC_SELF_RELATIVE;
399 0 : return control;
400 : }
401 :
402 0 : static void gpfs_dumpacl(int level, struct gpfs_acl *gacl)
403 : {
404 0 : gpfs_aclCount_t i;
405 0 : if (gacl==NULL)
406 : {
407 0 : DEBUG(0, ("gpfs acl is NULL\n"));
408 0 : return;
409 : }
410 :
411 0 : DEBUG(level, ("len: %d, level: %d, version: %d, nace: %d, "
412 : "control: %x\n",
413 : gacl->acl_len, gacl->acl_level, gacl->acl_version,
414 : gacl->acl_nace, gpfs_acl_flags(gacl)));
415 :
416 0 : for(i=0; i<gacl->acl_nace; i++)
417 : {
418 0 : struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, i);
419 0 : DEBUG(level, ("\tace[%d]: type:%d, flags:0x%x, mask:0x%x, "
420 : "iflags:0x%x, who:%u\n",
421 : i, gace->aceType, gace->aceFlags, gace->aceMask,
422 : gace->aceIFlags, gace->aceWho));
423 : }
424 : }
425 :
426 0 : static int gpfs_getacl_with_capability(struct files_struct *fsp,
427 : int flags,
428 : void *buf)
429 : {
430 0 : int ret, saved_errno;
431 :
432 0 : set_effective_capability(DAC_OVERRIDE_CAPABILITY);
433 :
434 0 : ret = gpfswrap_fgetacl(fsp_get_pathref_fd(fsp), flags, buf);
435 0 : saved_errno = errno;
436 :
437 0 : drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
438 :
439 0 : errno = saved_errno;
440 0 : return ret;
441 : }
442 :
443 : /*
444 : * get the ACL from GPFS, allocated on the specified mem_ctx
445 : * internally retries when initial buffer was too small
446 : *
447 : * caller needs to cast result to either
448 : * raw = yes: struct gpfs_opaque_acl
449 : * raw = no: struct gpfs_acl
450 : *
451 : */
452 0 : static void *vfs_gpfs_getacl(TALLOC_CTX *mem_ctx,
453 : struct files_struct *fsp,
454 : const bool raw,
455 : const gpfs_aclType_t type)
456 : {
457 0 : const char *fname = fsp->fsp_name->base_name;
458 0 : void *aclbuf;
459 0 : size_t size = 512;
460 0 : int ret, flags;
461 0 : unsigned int *len;
462 0 : size_t struct_size;
463 0 : bool use_capability = false;
464 :
465 0 : again:
466 :
467 0 : aclbuf = talloc_zero_size(mem_ctx, size);
468 0 : if (aclbuf == NULL) {
469 0 : errno = ENOMEM;
470 0 : return NULL;
471 : }
472 :
473 0 : if (raw) {
474 0 : struct gpfs_opaque_acl *buf = (struct gpfs_opaque_acl *) aclbuf;
475 0 : buf->acl_type = type;
476 0 : flags = GPFS_GETACL_NATIVE;
477 0 : len = (unsigned int *) &(buf->acl_buffer_len);
478 0 : struct_size = sizeof(struct gpfs_opaque_acl);
479 : } else {
480 0 : struct gpfs_acl *buf = (struct gpfs_acl *) aclbuf;
481 0 : buf->acl_type = type;
482 0 : buf->acl_level = GPFS_ACL_LEVEL_V4FLAGS;
483 0 : flags = GPFS_GETACL_STRUCT;
484 0 : len = &(buf->acl_len);
485 : /* reserve space for control flags in gpfs 3.5 and beyond */
486 0 : struct_size = sizeof(struct gpfs_acl) + sizeof(unsigned int);
487 : }
488 :
489 : /* set the length of the buffer as input value */
490 0 : *len = size;
491 :
492 0 : if (use_capability) {
493 0 : ret = gpfs_getacl_with_capability(fsp, flags, aclbuf);
494 : } else {
495 0 : ret = gpfswrap_fgetacl(fsp_get_pathref_fd(fsp), flags, aclbuf);
496 0 : if ((ret != 0) && (errno == EACCES)) {
497 0 : DBG_DEBUG("Retry with DAC capability for %s\n", fname);
498 0 : use_capability = true;
499 0 : ret = gpfs_getacl_with_capability(fsp, flags, aclbuf);
500 : }
501 : }
502 :
503 0 : if ((ret != 0) && (errno == ENOSPC)) {
504 : /*
505 : * get the size needed to accommodate the complete buffer
506 : *
507 : * the value returned only applies to the ACL blob in the
508 : * struct so make sure to also have headroom for the first
509 : * struct members by adding room for the complete struct
510 : * (might be a few bytes too much then)
511 : */
512 0 : size = *len + struct_size;
513 0 : talloc_free(aclbuf);
514 0 : DEBUG(10, ("Increasing ACL buffer size to %zu\n", size));
515 0 : goto again;
516 : }
517 :
518 0 : if (ret != 0) {
519 0 : DEBUG(5, ("smbd_gpfs_getacl failed with %s\n",
520 : strerror(errno)));
521 0 : talloc_free(aclbuf);
522 0 : return NULL;
523 : }
524 :
525 0 : return aclbuf;
526 : }
527 :
528 : /* Tries to get nfs4 acls and returns SMB ACL allocated.
529 : * On failure returns 1 if it got non-NFSv4 ACL to prompt
530 : * retry with POSIX ACL checks.
531 : * On failure returns -1 if there is system (GPFS) error, check errno.
532 : * Returns 0 on success
533 : */
534 0 : static int gpfs_get_nfs4_acl(TALLOC_CTX *mem_ctx,
535 : struct files_struct *fsp,
536 : struct SMB4ACL_T **ppacl)
537 : {
538 0 : const char *fname = fsp->fsp_name->base_name;
539 0 : gpfs_aclCount_t i;
540 0 : struct gpfs_acl *gacl = NULL;
541 0 : DEBUG(10, ("gpfs_get_nfs4_acl invoked for %s\n", fname));
542 :
543 : /* Get the ACL */
544 0 : gacl = (struct gpfs_acl*) vfs_gpfs_getacl(talloc_tos(), fsp,
545 : false, 0);
546 0 : if (gacl == NULL) {
547 0 : DEBUG(9, ("gpfs_getacl failed for %s with %s\n",
548 : fname, strerror(errno)));
549 0 : if (errno == ENODATA) {
550 : /*
551 : * GPFS returns ENODATA for snapshot
552 : * directories. Retry with POSIX ACLs check.
553 : */
554 0 : return 1;
555 : }
556 :
557 0 : return -1;
558 : }
559 :
560 0 : if (gacl->acl_type != GPFS_ACL_TYPE_NFS4) {
561 0 : DEBUG(10, ("Got non-nfsv4 acl\n"));
562 : /* Retry with POSIX ACLs check */
563 0 : talloc_free(gacl);
564 0 : return 1;
565 : }
566 :
567 0 : *ppacl = smb_create_smb4acl(mem_ctx);
568 :
569 0 : if (gacl->acl_level == GPFS_ACL_LEVEL_V4FLAGS) {
570 0 : uint16_t control = gpfs2sd_control(gpfs_acl_flags(gacl));
571 0 : smbacl4_set_controlflags(*ppacl, control);
572 : }
573 :
574 0 : DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d, control: %x\n",
575 : gacl->acl_len, gacl->acl_level, gacl->acl_version,
576 : gacl->acl_nace, gpfs_acl_flags(gacl)));
577 :
578 0 : for (i=0; i<gacl->acl_nace; i++) {
579 0 : struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, i);
580 0 : SMB_ACE4PROP_T smbace = { 0 };
581 0 : DEBUG(10, ("type: %d, iflags: %x, flags: %x, mask: %x, "
582 : "who: %d\n", gace->aceType, gace->aceIFlags,
583 : gace->aceFlags, gace->aceMask, gace->aceWho));
584 :
585 0 : if (gace->aceIFlags & ACE4_IFLAG_SPECIAL_ID) {
586 0 : smbace.flags |= SMB_ACE4_ID_SPECIAL;
587 0 : switch (gace->aceWho) {
588 0 : case ACE4_SPECIAL_OWNER:
589 0 : smbace.who.special_id = SMB_ACE4_WHO_OWNER;
590 0 : break;
591 0 : case ACE4_SPECIAL_GROUP:
592 0 : smbace.who.special_id = SMB_ACE4_WHO_GROUP;
593 0 : break;
594 0 : case ACE4_SPECIAL_EVERYONE:
595 0 : smbace.who.special_id = SMB_ACE4_WHO_EVERYONE;
596 0 : break;
597 0 : default:
598 0 : DEBUG(8, ("invalid special gpfs id %d "
599 : "ignored\n", gace->aceWho));
600 0 : continue; /* don't add it */
601 : }
602 : } else {
603 0 : if (gace->aceFlags & ACE4_FLAG_GROUP_ID)
604 0 : smbace.who.gid = gace->aceWho;
605 : else
606 0 : smbace.who.uid = gace->aceWho;
607 : }
608 :
609 : /* remove redundant deny entries */
610 0 : if (i > 0 && gace->aceType == SMB_ACE4_ACCESS_DENIED_ACE_TYPE) {
611 0 : struct gpfs_ace_v4 *prev = gpfs_ace_ptr(gacl, i - 1);
612 0 : if (prev->aceType == SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE &&
613 0 : prev->aceFlags == gace->aceFlags &&
614 0 : prev->aceIFlags == gace->aceIFlags &&
615 0 : (gace->aceMask & prev->aceMask) == 0 &&
616 0 : gace->aceWho == prev->aceWho) {
617 : /* it's redundant - skip it */
618 0 : continue;
619 : }
620 : }
621 :
622 0 : smbace.aceType = gace->aceType;
623 0 : smbace.aceFlags = gace->aceFlags;
624 0 : smbace.aceMask = gace->aceMask;
625 0 : smb_add_ace4(*ppacl, &smbace);
626 : }
627 :
628 0 : talloc_free(gacl);
629 :
630 0 : return 0;
631 : }
632 :
633 0 : static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle,
634 : files_struct *fsp, uint32_t security_info,
635 : TALLOC_CTX *mem_ctx,
636 : struct security_descriptor **ppdesc)
637 : {
638 0 : struct SMB4ACL_T *pacl = NULL;
639 0 : int result;
640 0 : struct gpfs_config_data *config;
641 0 : TALLOC_CTX *frame = talloc_stackframe();
642 0 : NTSTATUS status;
643 :
644 0 : *ppdesc = NULL;
645 :
646 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
647 : struct gpfs_config_data,
648 0 : return NT_STATUS_INTERNAL_ERROR);
649 :
650 0 : if (!config->acl) {
651 0 : status = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info,
652 : mem_ctx, ppdesc);
653 0 : TALLOC_FREE(frame);
654 0 : return status;
655 : }
656 :
657 0 : result = gpfs_get_nfs4_acl(frame, fsp, &pacl);
658 :
659 0 : if (result == 0) {
660 0 : status = smb_fget_nt_acl_nfs4(fsp, &config->nfs4_params,
661 : security_info,
662 : mem_ctx, ppdesc, pacl);
663 0 : TALLOC_FREE(frame);
664 0 : return status;
665 : }
666 :
667 0 : if (result > 0) {
668 0 : DEBUG(10, ("retrying with posix acl...\n"));
669 0 : status = posix_fget_nt_acl(fsp, security_info,
670 : mem_ctx, ppdesc);
671 0 : TALLOC_FREE(frame);
672 0 : return status;
673 : }
674 :
675 0 : TALLOC_FREE(frame);
676 :
677 : /* GPFS ACL was not read, something wrong happened, error code is set in errno */
678 0 : return map_nt_error_from_unix(errno);
679 : }
680 :
681 0 : static bool vfs_gpfs_nfs4_ace_to_gpfs_ace(SMB_ACE4PROP_T *nfs4_ace,
682 : struct gpfs_ace_v4 *gace,
683 : uid_t owner_uid)
684 : {
685 0 : gace->aceType = nfs4_ace->aceType;
686 0 : gace->aceFlags = nfs4_ace->aceFlags;
687 0 : gace->aceMask = nfs4_ace->aceMask;
688 :
689 0 : if (nfs4_ace->flags & SMB_ACE4_ID_SPECIAL) {
690 0 : switch(nfs4_ace->who.special_id) {
691 0 : case SMB_ACE4_WHO_EVERYONE:
692 0 : gace->aceIFlags = ACE4_IFLAG_SPECIAL_ID;
693 0 : gace->aceWho = ACE4_SPECIAL_EVERYONE;
694 0 : break;
695 0 : case SMB_ACE4_WHO_OWNER:
696 : /*
697 : * With GPFS it is not possible to deny ACL or
698 : * attribute access to the owner. Setting an
699 : * ACL with such an entry is not possible.
700 : * Denying ACL or attribute access for the
701 : * owner through a named ACL entry can be
702 : * stored in an ACL, it is just not effective.
703 : *
704 : * Map this case to a named entry to allow at
705 : * least setting this ACL, which will be
706 : * enforced by the smbd permission check. Do
707 : * not do this for an inheriting OWNER entry,
708 : * as this represents a CREATOR OWNER ACE. The
709 : * remaining limitation is that CREATOR OWNER
710 : * cannot deny ACL or attribute access.
711 : */
712 0 : if (!nfs_ace_is_inherit(nfs4_ace) &&
713 0 : nfs4_ace->aceType ==
714 0 : SMB_ACE4_ACCESS_DENIED_ACE_TYPE &&
715 0 : nfs4_ace->aceMask & (SMB_ACE4_READ_ATTRIBUTES|
716 : SMB_ACE4_WRITE_ATTRIBUTES|
717 : SMB_ACE4_READ_ACL|
718 : SMB_ACE4_WRITE_ACL)) {
719 0 : gace->aceIFlags = 0;
720 0 : gace->aceWho = owner_uid;
721 : } else {
722 0 : gace->aceIFlags = ACE4_IFLAG_SPECIAL_ID;
723 0 : gace->aceWho = ACE4_SPECIAL_OWNER;
724 : }
725 0 : break;
726 0 : case SMB_ACE4_WHO_GROUP:
727 0 : gace->aceIFlags = ACE4_IFLAG_SPECIAL_ID;
728 0 : gace->aceWho = ACE4_SPECIAL_GROUP;
729 0 : break;
730 0 : default:
731 0 : DBG_WARNING("Unsupported special_id %d\n",
732 : nfs4_ace->who.special_id);
733 0 : return false;
734 : }
735 :
736 0 : return true;
737 : }
738 :
739 0 : gace->aceIFlags = 0;
740 0 : gace->aceWho = (nfs4_ace->aceFlags & SMB_ACE4_IDENTIFIER_GROUP) ?
741 0 : nfs4_ace->who.gid : nfs4_ace->who.uid;
742 :
743 0 : return true;
744 : }
745 :
746 0 : static struct gpfs_acl *vfs_gpfs_smbacl2gpfsacl(TALLOC_CTX *mem_ctx,
747 : files_struct *fsp,
748 : struct SMB4ACL_T *smbacl,
749 : bool controlflags)
750 : {
751 0 : struct gpfs_acl *gacl;
752 0 : gpfs_aclLen_t gacl_len;
753 0 : struct SMB4ACE_T *smbace;
754 :
755 0 : gacl_len = offsetof(gpfs_acl_t, ace_v4) + sizeof(unsigned int)
756 0 : + smb_get_naces(smbacl) * sizeof(gpfs_ace_v4_t);
757 :
758 0 : gacl = (struct gpfs_acl *)TALLOC_SIZE(mem_ctx, gacl_len);
759 0 : if (gacl == NULL) {
760 0 : DEBUG(0, ("talloc failed\n"));
761 0 : errno = ENOMEM;
762 0 : return NULL;
763 : }
764 :
765 0 : gacl->acl_level = GPFS_ACL_LEVEL_BASE;
766 0 : gacl->acl_version = GPFS_ACL_VERSION_NFS4;
767 0 : gacl->acl_type = GPFS_ACL_TYPE_NFS4;
768 0 : gacl->acl_nace = 0; /* change later... */
769 :
770 0 : if (controlflags) {
771 0 : gacl->acl_level = GPFS_ACL_LEVEL_V4FLAGS;
772 0 : sd2gpfs_control(smbacl4_get_controlflags(smbacl), gacl);
773 : }
774 :
775 0 : for (smbace=smb_first_ace4(smbacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) {
776 0 : struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, gacl->acl_nace);
777 0 : SMB_ACE4PROP_T *aceprop = smb_get_ace4(smbace);
778 0 : bool add_ace;
779 :
780 0 : add_ace = vfs_gpfs_nfs4_ace_to_gpfs_ace(aceprop, gace,
781 0 : fsp->fsp_name->st.st_ex_uid);
782 0 : if (!add_ace) {
783 0 : continue;
784 : }
785 :
786 0 : gacl->acl_nace++;
787 : }
788 0 : gacl->acl_len = (char *)gpfs_ace_ptr(gacl, gacl->acl_nace)
789 0 : - (char *)gacl;
790 0 : return gacl;
791 : }
792 :
793 0 : static bool gpfsacl_process_smbacl(vfs_handle_struct *handle,
794 : files_struct *fsp,
795 : struct SMB4ACL_T *smbacl)
796 : {
797 0 : int ret;
798 0 : struct gpfs_acl *gacl;
799 0 : TALLOC_CTX *mem_ctx = talloc_tos();
800 :
801 0 : gacl = vfs_gpfs_smbacl2gpfsacl(mem_ctx, fsp, smbacl, true);
802 0 : if (gacl == NULL) { /* out of memory */
803 0 : return False;
804 : }
805 0 : ret = gpfswrap_putacl(fsp->fsp_name->base_name,
806 : GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA, gacl);
807 :
808 0 : if ((ret != 0) && (errno == EINVAL)) {
809 0 : DEBUG(10, ("Retry without nfs41 control flags\n"));
810 0 : talloc_free(gacl);
811 0 : gacl = vfs_gpfs_smbacl2gpfsacl(mem_ctx, fsp, smbacl, false);
812 0 : if (gacl == NULL) { /* out of memory */
813 0 : return False;
814 : }
815 0 : ret = gpfswrap_putacl(fsp->fsp_name->base_name,
816 : GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA,
817 : gacl);
818 : }
819 :
820 0 : if (ret != 0) {
821 0 : DEBUG(8, ("gpfs_putacl failed with %s\n", strerror(errno)));
822 0 : gpfs_dumpacl(8, gacl);
823 0 : return False;
824 : }
825 :
826 0 : DEBUG(10, ("gpfs_putacl succeeded\n"));
827 0 : return True;
828 : }
829 :
830 0 : static NTSTATUS gpfsacl_set_nt_acl_internal(vfs_handle_struct *handle, files_struct *fsp, uint32_t security_info_sent, const struct security_descriptor *psd)
831 : {
832 0 : struct gpfs_acl *acl;
833 0 : NTSTATUS result = NT_STATUS_ACCESS_DENIED;
834 :
835 0 : acl = (struct gpfs_acl*) vfs_gpfs_getacl(talloc_tos(),
836 : fsp,
837 : false, 0);
838 0 : if (acl == NULL) {
839 0 : return map_nt_error_from_unix(errno);
840 : }
841 :
842 0 : if (acl->acl_version == GPFS_ACL_VERSION_NFS4) {
843 0 : struct gpfs_config_data *config;
844 :
845 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
846 : struct gpfs_config_data,
847 0 : return NT_STATUS_INTERNAL_ERROR);
848 :
849 0 : result = smb_set_nt_acl_nfs4(handle,
850 0 : fsp, &config->nfs4_params, security_info_sent, psd,
851 : gpfsacl_process_smbacl);
852 : } else { /* assume POSIX ACL - by default... */
853 0 : result = set_nt_acl(fsp, security_info_sent, psd);
854 : }
855 :
856 0 : talloc_free(acl);
857 0 : return result;
858 : }
859 :
860 0 : static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32_t security_info_sent, const struct security_descriptor *psd)
861 : {
862 0 : struct gpfs_config_data *config;
863 :
864 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
865 : struct gpfs_config_data,
866 0 : return NT_STATUS_INTERNAL_ERROR);
867 :
868 0 : if (!config->acl) {
869 0 : return SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
870 : }
871 :
872 0 : return gpfsacl_set_nt_acl_internal(handle, fsp, security_info_sent, psd);
873 : }
874 :
875 0 : static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl, TALLOC_CTX *mem_ctx)
876 : {
877 0 : SMB_ACL_T result;
878 0 : gpfs_aclCount_t i;
879 :
880 0 : result = sys_acl_init(mem_ctx);
881 0 : if (result == NULL) {
882 0 : errno = ENOMEM;
883 0 : return NULL;
884 : }
885 :
886 0 : result->count = pacl->acl_nace;
887 0 : result->acl = talloc_realloc(result, result->acl, struct smb_acl_entry,
888 : result->count);
889 0 : if (result->acl == NULL) {
890 0 : TALLOC_FREE(result);
891 0 : errno = ENOMEM;
892 0 : return NULL;
893 : }
894 :
895 0 : for (i=0; i<pacl->acl_nace; i++) {
896 0 : struct smb_acl_entry *ace = &result->acl[i];
897 0 : const struct gpfs_ace_v1 *g_ace = &pacl->ace_v1[i];
898 :
899 0 : DEBUG(10, ("Converting type %d id %lu perm %x\n",
900 : (int)g_ace->ace_type, (unsigned long)g_ace->ace_who,
901 : (int)g_ace->ace_perm));
902 :
903 0 : switch (g_ace->ace_type) {
904 0 : case GPFS_ACL_USER:
905 0 : ace->a_type = SMB_ACL_USER;
906 0 : ace->info.user.uid = (uid_t)g_ace->ace_who;
907 0 : break;
908 0 : case GPFS_ACL_USER_OBJ:
909 0 : ace->a_type = SMB_ACL_USER_OBJ;
910 0 : break;
911 0 : case GPFS_ACL_GROUP:
912 0 : ace->a_type = SMB_ACL_GROUP;
913 0 : ace->info.group.gid = (gid_t)g_ace->ace_who;
914 0 : break;
915 0 : case GPFS_ACL_GROUP_OBJ:
916 0 : ace->a_type = SMB_ACL_GROUP_OBJ;
917 0 : break;
918 0 : case GPFS_ACL_OTHER:
919 0 : ace->a_type = SMB_ACL_OTHER;
920 0 : break;
921 0 : case GPFS_ACL_MASK:
922 0 : ace->a_type = SMB_ACL_MASK;
923 0 : break;
924 0 : default:
925 0 : DEBUG(10, ("Got invalid ace_type: %d\n",
926 : g_ace->ace_type));
927 0 : TALLOC_FREE(result);
928 0 : errno = EINVAL;
929 0 : return NULL;
930 : }
931 :
932 0 : ace->a_perm = 0;
933 0 : ace->a_perm |= (g_ace->ace_perm & ACL_PERM_READ) ?
934 0 : SMB_ACL_READ : 0;
935 0 : ace->a_perm |= (g_ace->ace_perm & ACL_PERM_WRITE) ?
936 0 : SMB_ACL_WRITE : 0;
937 0 : ace->a_perm |= (g_ace->ace_perm & ACL_PERM_EXECUTE) ?
938 0 : SMB_ACL_EXECUTE : 0;
939 :
940 0 : DEBUGADD(10, ("Converted to %d perm %x\n",
941 : ace->a_type, ace->a_perm));
942 : }
943 :
944 0 : return result;
945 : }
946 :
947 0 : static SMB_ACL_T gpfsacl_get_posix_acl(struct files_struct *fsp,
948 : gpfs_aclType_t type,
949 : TALLOC_CTX *mem_ctx)
950 : {
951 0 : struct gpfs_acl *pacl;
952 0 : SMB_ACL_T result = NULL;
953 :
954 0 : pacl = vfs_gpfs_getacl(talloc_tos(), fsp, false, type);
955 :
956 0 : if (pacl == NULL) {
957 0 : DBG_DEBUG("vfs_gpfs_getacl failed for %s with %s\n",
958 : fsp_str_dbg(fsp), strerror(errno));
959 0 : if (errno == 0) {
960 0 : errno = EINVAL;
961 : }
962 0 : goto done;
963 : }
964 :
965 0 : if (pacl->acl_version != GPFS_ACL_VERSION_POSIX) {
966 0 : DEBUG(10, ("Got acl version %d, expected %d\n",
967 : pacl->acl_version, GPFS_ACL_VERSION_POSIX));
968 0 : errno = EINVAL;
969 0 : goto done;
970 : }
971 :
972 0 : DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d\n",
973 : pacl->acl_len, pacl->acl_level, pacl->acl_version,
974 : pacl->acl_nace));
975 :
976 0 : result = gpfs2smb_acl(pacl, mem_ctx);
977 0 : if (result != NULL) {
978 0 : errno = 0;
979 : }
980 :
981 0 : done:
982 :
983 0 : if (pacl != NULL) {
984 0 : talloc_free(pacl);
985 : }
986 0 : if (errno != 0) {
987 0 : TALLOC_FREE(result);
988 : }
989 0 : return result;
990 : }
991 :
992 0 : static SMB_ACL_T gpfsacl_sys_acl_get_fd(vfs_handle_struct *handle,
993 : files_struct *fsp,
994 : SMB_ACL_TYPE_T type,
995 : TALLOC_CTX *mem_ctx)
996 : {
997 0 : gpfs_aclType_t gpfs_type;
998 0 : struct gpfs_config_data *config;
999 :
1000 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1001 : struct gpfs_config_data,
1002 0 : return NULL);
1003 :
1004 0 : if (!config->acl) {
1005 0 : return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, type, mem_ctx);
1006 : }
1007 :
1008 0 : switch(type) {
1009 0 : case SMB_ACL_TYPE_ACCESS:
1010 0 : gpfs_type = GPFS_ACL_TYPE_ACCESS;
1011 0 : break;
1012 0 : case SMB_ACL_TYPE_DEFAULT:
1013 0 : gpfs_type = GPFS_ACL_TYPE_DEFAULT;
1014 0 : break;
1015 0 : default:
1016 0 : DEBUG(0, ("Got invalid type: %d\n", type));
1017 0 : smb_panic("exiting");
1018 : }
1019 0 : return gpfsacl_get_posix_acl(fsp, gpfs_type, mem_ctx);
1020 : }
1021 :
1022 0 : static int gpfsacl_sys_acl_blob_get_fd(vfs_handle_struct *handle,
1023 : files_struct *fsp,
1024 : TALLOC_CTX *mem_ctx,
1025 : char **blob_description,
1026 : DATA_BLOB *blob)
1027 : {
1028 0 : struct gpfs_config_data *config;
1029 0 : struct gpfs_opaque_acl *acl = NULL;
1030 0 : DATA_BLOB aclblob;
1031 0 : int result;
1032 :
1033 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1034 : struct gpfs_config_data,
1035 0 : return -1);
1036 :
1037 0 : if (!config->acl) {
1038 0 : return SMB_VFS_NEXT_SYS_ACL_BLOB_GET_FD(handle, fsp, mem_ctx,
1039 : blob_description, blob);
1040 : }
1041 :
1042 0 : errno = 0;
1043 0 : acl = (struct gpfs_opaque_acl *) vfs_gpfs_getacl(mem_ctx,
1044 : fsp,
1045 : true,
1046 : GPFS_ACL_TYPE_NFS4);
1047 :
1048 0 : if (errno) {
1049 0 : DEBUG(5, ("vfs_gpfs_getacl finished with errno %d: %s\n",
1050 : errno, strerror(errno)));
1051 :
1052 : /* EINVAL means POSIX ACL, bail out on other cases */
1053 0 : if (errno != EINVAL) {
1054 0 : return -1;
1055 : }
1056 : }
1057 :
1058 0 : if (acl != NULL) {
1059 : /*
1060 : * file has NFSv4 ACL
1061 : *
1062 : * we only need the actual ACL blob here
1063 : * acl_version will always be NFS4 because we asked
1064 : * for NFS4
1065 : * acl_type is only used for POSIX ACLs
1066 : */
1067 0 : aclblob.data = (uint8_t*) acl->acl_var_data;
1068 0 : aclblob.length = acl->acl_buffer_len;
1069 :
1070 0 : *blob_description = talloc_strdup(mem_ctx, "gpfs_nfs4_acl");
1071 0 : if (!*blob_description) {
1072 0 : talloc_free(acl);
1073 0 : errno = ENOMEM;
1074 0 : return -1;
1075 : }
1076 :
1077 0 : result = non_posix_sys_acl_blob_get_fd_helper(handle, fsp,
1078 : aclblob, mem_ctx,
1079 : blob);
1080 :
1081 0 : talloc_free(acl);
1082 0 : return result;
1083 : }
1084 :
1085 : /* fall back to POSIX ACL */
1086 0 : return posix_sys_acl_blob_get_fd(handle, fsp, mem_ctx,
1087 : blob_description, blob);
1088 : }
1089 :
1090 0 : static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl,
1091 : SMB_ACL_TYPE_T type)
1092 : {
1093 0 : gpfs_aclLen_t len;
1094 0 : struct gpfs_acl *result;
1095 0 : int i;
1096 :
1097 0 : DEBUG(10, ("smb2gpfs_acl: Got ACL with %d entries\n", pacl->count));
1098 :
1099 0 : len = offsetof(gpfs_acl_t, ace_v1) + (pacl->count) *
1100 : sizeof(gpfs_ace_v1_t);
1101 :
1102 0 : result = (struct gpfs_acl *)SMB_MALLOC(len);
1103 0 : if (result == NULL) {
1104 0 : errno = ENOMEM;
1105 0 : return result;
1106 : }
1107 :
1108 0 : result->acl_len = len;
1109 0 : result->acl_level = 0;
1110 0 : result->acl_version = GPFS_ACL_VERSION_POSIX;
1111 0 : result->acl_type = (type == SMB_ACL_TYPE_DEFAULT) ?
1112 0 : GPFS_ACL_TYPE_DEFAULT : GPFS_ACL_TYPE_ACCESS;
1113 0 : result->acl_nace = pacl->count;
1114 :
1115 0 : for (i=0; i<pacl->count; i++) {
1116 0 : const struct smb_acl_entry *ace = &pacl->acl[i];
1117 0 : struct gpfs_ace_v1 *g_ace = &result->ace_v1[i];
1118 :
1119 0 : DEBUG(10, ("Converting type %d perm %x\n",
1120 : (int)ace->a_type, (int)ace->a_perm));
1121 :
1122 0 : g_ace->ace_perm = 0;
1123 :
1124 0 : switch(ace->a_type) {
1125 0 : case SMB_ACL_USER:
1126 0 : g_ace->ace_type = GPFS_ACL_USER;
1127 0 : g_ace->ace_who = (gpfs_uid_t)ace->info.user.uid;
1128 0 : break;
1129 0 : case SMB_ACL_USER_OBJ:
1130 0 : g_ace->ace_type = GPFS_ACL_USER_OBJ;
1131 0 : g_ace->ace_perm |= ACL_PERM_CONTROL;
1132 0 : g_ace->ace_who = 0;
1133 0 : break;
1134 0 : case SMB_ACL_GROUP:
1135 0 : g_ace->ace_type = GPFS_ACL_GROUP;
1136 0 : g_ace->ace_who = (gpfs_uid_t)ace->info.group.gid;
1137 0 : break;
1138 0 : case SMB_ACL_GROUP_OBJ:
1139 0 : g_ace->ace_type = GPFS_ACL_GROUP_OBJ;
1140 0 : g_ace->ace_who = 0;
1141 0 : break;
1142 0 : case SMB_ACL_MASK:
1143 0 : g_ace->ace_type = GPFS_ACL_MASK;
1144 0 : g_ace->ace_perm = 0x8f;
1145 0 : g_ace->ace_who = 0;
1146 0 : break;
1147 0 : case SMB_ACL_OTHER:
1148 0 : g_ace->ace_type = GPFS_ACL_OTHER;
1149 0 : g_ace->ace_who = 0;
1150 0 : break;
1151 0 : default:
1152 0 : DEBUG(10, ("Got invalid ace_type: %d\n", ace->a_type));
1153 0 : errno = EINVAL;
1154 0 : SAFE_FREE(result);
1155 0 : return NULL;
1156 : }
1157 :
1158 0 : g_ace->ace_perm |= (ace->a_perm & SMB_ACL_READ) ?
1159 0 : ACL_PERM_READ : 0;
1160 0 : g_ace->ace_perm |= (ace->a_perm & SMB_ACL_WRITE) ?
1161 0 : ACL_PERM_WRITE : 0;
1162 0 : g_ace->ace_perm |= (ace->a_perm & SMB_ACL_EXECUTE) ?
1163 0 : ACL_PERM_EXECUTE : 0;
1164 :
1165 0 : DEBUGADD(10, ("Converted to %d id %d perm %x\n",
1166 : g_ace->ace_type, g_ace->ace_who, g_ace->ace_perm));
1167 : }
1168 :
1169 0 : return result;
1170 : }
1171 :
1172 0 : static int gpfsacl_sys_acl_set_fd(vfs_handle_struct *handle,
1173 : files_struct *fsp,
1174 : SMB_ACL_TYPE_T type,
1175 : SMB_ACL_T theacl)
1176 : {
1177 0 : struct gpfs_config_data *config;
1178 0 : struct gpfs_acl *gpfs_acl = NULL;
1179 0 : int result;
1180 :
1181 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1182 : struct gpfs_config_data,
1183 0 : return -1);
1184 :
1185 0 : if (!config->acl) {
1186 0 : return SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, type, theacl);
1187 : }
1188 :
1189 0 : gpfs_acl = smb2gpfs_acl(theacl, type);
1190 0 : if (gpfs_acl == NULL) {
1191 0 : return -1;
1192 : }
1193 :
1194 : /*
1195 : * This is no longer a handle based call.
1196 : */
1197 0 : result = gpfswrap_putacl(fsp->fsp_name->base_name,
1198 : GPFS_PUTACL_STRUCT|GPFS_ACL_SAMBA,
1199 : gpfs_acl);
1200 0 : SAFE_FREE(gpfs_acl);
1201 0 : return result;
1202 : }
1203 :
1204 0 : static int gpfsacl_sys_acl_delete_def_fd(vfs_handle_struct *handle,
1205 : files_struct *fsp)
1206 : {
1207 0 : struct gpfs_config_data *config;
1208 :
1209 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1210 : struct gpfs_config_data,
1211 0 : return -1);
1212 :
1213 0 : if (!config->acl) {
1214 0 : return SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FD(handle, fsp);
1215 : }
1216 :
1217 0 : errno = ENOTSUP;
1218 0 : return -1;
1219 : }
1220 :
1221 :
1222 : /*
1223 : * Assumed: mode bits are shiftable and standard
1224 : * Output: the new aceMask field for an smb nfs4 ace
1225 : */
1226 0 : static uint32_t gpfsacl_mask_filter(uint32_t aceType, uint32_t aceMask, uint32_t rwx)
1227 : {
1228 0 : const uint32_t posix_nfs4map[3] = {
1229 : SMB_ACE4_EXECUTE, /* execute */
1230 : SMB_ACE4_WRITE_DATA | SMB_ACE4_APPEND_DATA, /* write; GPFS specific */
1231 : SMB_ACE4_READ_DATA /* read */
1232 : };
1233 0 : int i;
1234 0 : uint32_t posix_mask = 0x01;
1235 0 : uint32_t posix_bit;
1236 0 : uint32_t nfs4_bits;
1237 :
1238 0 : for(i=0; i<3; i++) {
1239 0 : nfs4_bits = posix_nfs4map[i];
1240 0 : posix_bit = rwx & posix_mask;
1241 :
1242 0 : if (aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) {
1243 0 : if (posix_bit)
1244 0 : aceMask |= nfs4_bits;
1245 : else
1246 0 : aceMask &= ~nfs4_bits;
1247 : } else {
1248 : /* add deny bits when suitable */
1249 0 : if (!posix_bit)
1250 0 : aceMask |= nfs4_bits;
1251 : else
1252 0 : aceMask &= ~nfs4_bits;
1253 : } /* other ace types are unexpected */
1254 :
1255 0 : posix_mask <<= 1;
1256 : }
1257 :
1258 0 : return aceMask;
1259 : }
1260 :
1261 0 : static int gpfsacl_emu_chmod(vfs_handle_struct *handle,
1262 : struct files_struct *fsp,
1263 : mode_t mode)
1264 : {
1265 0 : struct smb_filename *fname = fsp->fsp_name;
1266 0 : char *path = fsp->fsp_name->base_name;
1267 0 : struct SMB4ACL_T *pacl = NULL;
1268 0 : int result;
1269 0 : bool haveAllowEntry[SMB_ACE4_WHO_EVERYONE + 1] = {False, False, False, False};
1270 0 : int i;
1271 0 : files_struct fake_fsp = { 0 }; /* TODO: rationalize parametrization */
1272 0 : struct SMB4ACE_T *smbace;
1273 0 : TALLOC_CTX *frame = talloc_stackframe();
1274 :
1275 0 : DEBUG(10, ("gpfsacl_emu_chmod invoked for %s mode %o\n", path, mode));
1276 :
1277 0 : result = gpfs_get_nfs4_acl(frame, fsp, &pacl);
1278 0 : if (result) {
1279 0 : TALLOC_FREE(frame);
1280 0 : return result;
1281 : }
1282 :
1283 0 : if (mode & ~(S_IRWXU | S_IRWXG | S_IRWXO)) {
1284 0 : DEBUG(2, ("WARNING: cutting extra mode bits %o on %s\n", mode, path));
1285 : }
1286 :
1287 0 : for (smbace=smb_first_ace4(pacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) {
1288 0 : SMB_ACE4PROP_T *ace = smb_get_ace4(smbace);
1289 0 : uint32_t specid = ace->who.special_id;
1290 :
1291 0 : if (ace->flags&SMB_ACE4_ID_SPECIAL &&
1292 0 : ace->aceType<=SMB_ACE4_ACCESS_DENIED_ACE_TYPE &&
1293 : specid <= SMB_ACE4_WHO_EVERYONE) {
1294 :
1295 0 : uint32_t newMask;
1296 :
1297 0 : if (ace->aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE)
1298 0 : haveAllowEntry[specid] = True;
1299 :
1300 : /* mode >> 6 for @owner, mode >> 3 for @group,
1301 : * mode >> 0 for @everyone */
1302 0 : newMask = gpfsacl_mask_filter(ace->aceType, ace->aceMask,
1303 0 : mode >> ((SMB_ACE4_WHO_EVERYONE - specid) * 3));
1304 0 : if (ace->aceMask!=newMask) {
1305 0 : DEBUG(10, ("ace changed for %s (%o -> %o) id=%d\n",
1306 : path, ace->aceMask, newMask, specid));
1307 : }
1308 0 : ace->aceMask = newMask;
1309 : }
1310 : }
1311 :
1312 : /* make sure we have at least ALLOW entries
1313 : * for all the 3 special ids (@EVERYONE, @OWNER, @GROUP)
1314 : * - if necessary
1315 : */
1316 0 : for(i = SMB_ACE4_WHO_OWNER; i<=SMB_ACE4_WHO_EVERYONE; i++) {
1317 0 : SMB_ACE4PROP_T ace = { 0 };
1318 :
1319 0 : if (haveAllowEntry[i]==True)
1320 0 : continue;
1321 :
1322 0 : ace.aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE;
1323 0 : ace.flags |= SMB_ACE4_ID_SPECIAL;
1324 0 : ace.who.special_id = i;
1325 :
1326 0 : if (i==SMB_ACE4_WHO_GROUP) /* not sure it's necessary... */
1327 0 : ace.aceFlags |= SMB_ACE4_IDENTIFIER_GROUP;
1328 :
1329 0 : ace.aceMask = gpfsacl_mask_filter(ace.aceType, ace.aceMask,
1330 0 : mode >> ((SMB_ACE4_WHO_EVERYONE - i) * 3));
1331 :
1332 : /* don't add unnecessary aces */
1333 0 : if (!ace.aceMask)
1334 0 : continue;
1335 :
1336 : /* we add it to the END - as windows expects allow aces */
1337 0 : smb_add_ace4(pacl, &ace);
1338 0 : DEBUG(10, ("Added ALLOW ace for %s, mode=%o, id=%d, aceMask=%x\n",
1339 : path, mode, i, ace.aceMask));
1340 : }
1341 :
1342 : /* don't add complementary DENY ACEs here */
1343 0 : fake_fsp.fsp_name = synthetic_smb_fname(frame,
1344 : path,
1345 : NULL,
1346 : NULL,
1347 : fname->twrp,
1348 : 0);
1349 0 : if (fake_fsp.fsp_name == NULL) {
1350 0 : errno = ENOMEM;
1351 0 : TALLOC_FREE(frame);
1352 0 : return -1;
1353 : }
1354 : /* put the acl */
1355 0 : if (gpfsacl_process_smbacl(handle, &fake_fsp, pacl) == False) {
1356 0 : TALLOC_FREE(frame);
1357 0 : return -1;
1358 : }
1359 :
1360 0 : TALLOC_FREE(frame);
1361 0 : return 0; /* ok for [f]chmod */
1362 : }
1363 :
1364 0 : static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t mode)
1365 : {
1366 0 : SMB_STRUCT_STAT st;
1367 0 : int rc;
1368 :
1369 0 : rc = SMB_VFS_NEXT_FSTAT(handle, fsp, &st);
1370 0 : if (rc != 0) {
1371 0 : return -1;
1372 : }
1373 :
1374 : /* avoid chmod() if possible, to preserve acls */
1375 0 : if ((st.st_ex_mode & ~S_IFMT) == mode) {
1376 0 : return 0;
1377 : }
1378 :
1379 0 : rc = gpfsacl_emu_chmod(handle, fsp, mode);
1380 0 : if (rc == 1) {
1381 0 : return SMB_VFS_NEXT_FCHMOD(handle, fsp, mode);
1382 : }
1383 0 : return rc;
1384 : }
1385 :
1386 0 : static uint32_t vfs_gpfs_winattrs_to_dosmode(unsigned int winattrs)
1387 : {
1388 1 : uint32_t dosmode = 0;
1389 :
1390 0 : if (winattrs & GPFS_WINATTR_ARCHIVE){
1391 0 : dosmode |= FILE_ATTRIBUTE_ARCHIVE;
1392 : }
1393 0 : if (winattrs & GPFS_WINATTR_HIDDEN){
1394 0 : dosmode |= FILE_ATTRIBUTE_HIDDEN;
1395 : }
1396 0 : if (winattrs & GPFS_WINATTR_SYSTEM){
1397 0 : dosmode |= FILE_ATTRIBUTE_SYSTEM;
1398 : }
1399 0 : if (winattrs & GPFS_WINATTR_READONLY){
1400 0 : dosmode |= FILE_ATTRIBUTE_READONLY;
1401 : }
1402 0 : if (winattrs & GPFS_WINATTR_SPARSE_FILE) {
1403 0 : dosmode |= FILE_ATTRIBUTE_SPARSE;
1404 : }
1405 0 : if (winattrs & GPFS_WINATTR_OFFLINE) {
1406 0 : dosmode |= FILE_ATTRIBUTE_OFFLINE;
1407 : }
1408 :
1409 0 : return dosmode;
1410 : }
1411 :
1412 0 : static unsigned int vfs_gpfs_dosmode_to_winattrs(uint32_t dosmode)
1413 : {
1414 1 : unsigned int winattrs = 0;
1415 :
1416 0 : if (dosmode & FILE_ATTRIBUTE_ARCHIVE){
1417 0 : winattrs |= GPFS_WINATTR_ARCHIVE;
1418 : }
1419 0 : if (dosmode & FILE_ATTRIBUTE_HIDDEN){
1420 0 : winattrs |= GPFS_WINATTR_HIDDEN;
1421 : }
1422 0 : if (dosmode & FILE_ATTRIBUTE_SYSTEM){
1423 0 : winattrs |= GPFS_WINATTR_SYSTEM;
1424 : }
1425 0 : if (dosmode & FILE_ATTRIBUTE_READONLY){
1426 0 : winattrs |= GPFS_WINATTR_READONLY;
1427 : }
1428 0 : if (dosmode & FILE_ATTRIBUTE_SPARSE) {
1429 0 : winattrs |= GPFS_WINATTR_SPARSE_FILE;
1430 : }
1431 0 : if (dosmode & FILE_ATTRIBUTE_OFFLINE) {
1432 0 : winattrs |= GPFS_WINATTR_OFFLINE;
1433 : }
1434 :
1435 0 : return winattrs;
1436 : }
1437 :
1438 0 : static struct timespec gpfs_timestruc64_to_timespec(struct gpfs_timestruc64 g)
1439 : {
1440 0 : return (struct timespec) { .tv_sec = g.tv_sec, .tv_nsec = g.tv_nsec };
1441 : }
1442 :
1443 0 : static NTSTATUS vfs_gpfs_fget_dos_attributes(struct vfs_handle_struct *handle,
1444 : struct files_struct *fsp,
1445 : uint32_t *dosmode)
1446 : {
1447 0 : struct gpfs_config_data *config;
1448 0 : int fd = fsp_get_pathref_fd(fsp);
1449 0 : struct sys_proc_fd_path_buf buf;
1450 0 : const char *p = NULL;
1451 0 : struct gpfs_iattr64 iattr = { };
1452 0 : unsigned int litemask = 0;
1453 0 : struct timespec ts;
1454 0 : int ret;
1455 :
1456 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1457 : struct gpfs_config_data,
1458 0 : return NT_STATUS_INTERNAL_ERROR);
1459 :
1460 0 : if (!config->winattr) {
1461 0 : return SMB_VFS_NEXT_FGET_DOS_ATTRIBUTES(handle, fsp, dosmode);
1462 : }
1463 :
1464 0 : if (fsp->fsp_flags.is_pathref && !config->pathref_ok.gpfs_fstat_x) {
1465 0 : if (fsp->fsp_flags.have_proc_fds) {
1466 0 : p = sys_proc_fd_path(fd, &buf);
1467 : } else {
1468 0 : p = fsp->fsp_name->base_name;
1469 : }
1470 : }
1471 :
1472 0 : if (p != NULL) {
1473 0 : ret = gpfswrap_stat_x(p, &litemask, &iattr, sizeof(iattr));
1474 : } else {
1475 0 : ret = gpfswrap_fstat_x(fd, &litemask, &iattr, sizeof(iattr));
1476 : }
1477 0 : if (ret == -1 && errno == ENOSYS) {
1478 0 : return SMB_VFS_NEXT_FGET_DOS_ATTRIBUTES(handle, fsp, dosmode);
1479 : }
1480 :
1481 0 : if (ret == -1 && errno == EACCES) {
1482 0 : int saved_errno = 0;
1483 :
1484 : /*
1485 : * According to MS-FSA 2.1.5.1.2.1 "Algorithm to Check Access to
1486 : * an Existing File" FILE_LIST_DIRECTORY on a directory implies
1487 : * FILE_READ_ATTRIBUTES for directory entries. Being able to
1488 : * open a file implies FILE_LIST_DIRECTORY.
1489 : */
1490 :
1491 0 : set_effective_capability(DAC_OVERRIDE_CAPABILITY);
1492 :
1493 0 : if (p != NULL) {
1494 0 : ret = gpfswrap_stat_x(p,
1495 : &litemask,
1496 : &iattr,
1497 : sizeof(iattr));
1498 : } else {
1499 0 : ret = gpfswrap_fstat_x(fd,
1500 : &litemask,
1501 : &iattr,
1502 : sizeof(iattr));
1503 : }
1504 0 : if (ret == -1) {
1505 0 : saved_errno = errno;
1506 : }
1507 :
1508 0 : drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
1509 :
1510 0 : if (saved_errno != 0) {
1511 0 : errno = saved_errno;
1512 : }
1513 : }
1514 :
1515 0 : if (ret == -1) {
1516 0 : DBG_WARNING("Getting winattrs failed for %s: %s\n",
1517 : fsp->fsp_name->base_name, strerror(errno));
1518 0 : return map_nt_error_from_unix(errno);
1519 : }
1520 :
1521 0 : ts = gpfs_timestruc64_to_timespec(iattr.ia_createtime);
1522 :
1523 0 : *dosmode |= vfs_gpfs_winattrs_to_dosmode(iattr.ia_winflags);
1524 0 : update_stat_ex_create_time(&fsp->fsp_name->st, ts);
1525 :
1526 0 : return NT_STATUS_OK;
1527 : }
1528 :
1529 0 : static NTSTATUS vfs_gpfs_fset_dos_attributes(struct vfs_handle_struct *handle,
1530 : struct files_struct *fsp,
1531 : uint32_t dosmode)
1532 : {
1533 0 : struct gpfs_config_data *config;
1534 0 : struct gpfs_winattr attrs = { };
1535 0 : int ret;
1536 :
1537 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1538 : struct gpfs_config_data,
1539 0 : return NT_STATUS_INTERNAL_ERROR);
1540 :
1541 0 : if (!config->winattr) {
1542 0 : return SMB_VFS_NEXT_FSET_DOS_ATTRIBUTES(handle, fsp, dosmode);
1543 : }
1544 :
1545 0 : attrs.winAttrs = vfs_gpfs_dosmode_to_winattrs(dosmode);
1546 :
1547 0 : if (!fsp->fsp_flags.is_pathref) {
1548 0 : ret = gpfswrap_set_winattrs(fsp_get_io_fd(fsp),
1549 : GPFS_WINATTR_SET_ATTRS, &attrs);
1550 0 : if (ret == -1) {
1551 0 : DBG_WARNING("Setting winattrs failed for %s: %s\n",
1552 : fsp_str_dbg(fsp), strerror(errno));
1553 0 : return map_nt_error_from_unix(errno);
1554 : }
1555 0 : return NT_STATUS_OK;
1556 : }
1557 :
1558 0 : if (fsp->fsp_flags.have_proc_fds) {
1559 0 : int fd = fsp_get_pathref_fd(fsp);
1560 0 : struct sys_proc_fd_path_buf buf;
1561 :
1562 0 : ret = gpfswrap_set_winattrs_path(sys_proc_fd_path(fd, &buf),
1563 : GPFS_WINATTR_SET_ATTRS,
1564 : &attrs);
1565 0 : if (ret == -1) {
1566 0 : DBG_WARNING("Setting winattrs failed for "
1567 : "[%s][%s]: %s\n",
1568 : buf.buf,
1569 : fsp_str_dbg(fsp),
1570 : strerror(errno));
1571 0 : return map_nt_error_from_unix(errno);
1572 : }
1573 0 : return NT_STATUS_OK;
1574 : }
1575 :
1576 : /*
1577 : * This is no longer a handle based call.
1578 : */
1579 0 : ret = gpfswrap_set_winattrs_path(fsp->fsp_name->base_name,
1580 : GPFS_WINATTR_SET_ATTRS,
1581 : &attrs);
1582 0 : if (ret == -1) {
1583 0 : DBG_WARNING("Setting winattrs failed for [%s]: %s\n",
1584 : fsp_str_dbg(fsp), strerror(errno));
1585 0 : return map_nt_error_from_unix(errno);
1586 : }
1587 :
1588 0 : return NT_STATUS_OK;
1589 : }
1590 :
1591 0 : static int timespec_to_gpfs_time(
1592 : struct timespec ts, gpfs_timestruc_t *gt, int idx, int *flags)
1593 : {
1594 0 : if (is_omit_timespec(&ts)) {
1595 0 : return 0;
1596 : }
1597 :
1598 0 : if (ts.tv_sec < 0 || ts.tv_sec > UINT32_MAX) {
1599 0 : DBG_NOTICE("GPFS uses 32-bit unsigned timestamps "
1600 : "and cannot handle %jd.\n",
1601 : (intmax_t)ts.tv_sec);
1602 0 : errno = ERANGE;
1603 0 : return -1;
1604 : }
1605 :
1606 0 : *flags |= 1 << idx;
1607 0 : gt[idx].tv_sec = ts.tv_sec;
1608 0 : gt[idx].tv_nsec = ts.tv_nsec;
1609 0 : DBG_DEBUG("Setting GPFS time %d, flags 0x%x\n", idx, *flags);
1610 :
1611 0 : return 0;
1612 : }
1613 :
1614 0 : static int smbd_gpfs_set_times(struct files_struct *fsp,
1615 : struct smb_file_time *ft)
1616 : {
1617 0 : gpfs_timestruc_t gpfs_times[4];
1618 0 : int flags = 0;
1619 0 : int rc;
1620 :
1621 0 : ZERO_ARRAY(gpfs_times);
1622 0 : rc = timespec_to_gpfs_time(ft->atime, gpfs_times, 0, &flags);
1623 0 : if (rc != 0) {
1624 0 : return rc;
1625 : }
1626 :
1627 0 : rc = timespec_to_gpfs_time(ft->mtime, gpfs_times, 1, &flags);
1628 0 : if (rc != 0) {
1629 0 : return rc;
1630 : }
1631 :
1632 : /* No good mapping from LastChangeTime to ctime, not storing */
1633 0 : rc = timespec_to_gpfs_time(ft->create_time, gpfs_times, 3, &flags);
1634 0 : if (rc != 0) {
1635 0 : return rc;
1636 : }
1637 :
1638 0 : if (!flags) {
1639 0 : DBG_DEBUG("nothing to do, return to avoid EINVAL\n");
1640 0 : return 0;
1641 : }
1642 :
1643 0 : if (!fsp->fsp_flags.is_pathref) {
1644 0 : rc = gpfswrap_set_times(fsp_get_io_fd(fsp), flags, gpfs_times);
1645 0 : if (rc != 0) {
1646 0 : DBG_WARNING("gpfs_set_times(%s) failed: %s\n",
1647 : fsp_str_dbg(fsp), strerror(errno));
1648 : }
1649 0 : return rc;
1650 : }
1651 :
1652 :
1653 0 : if (fsp->fsp_flags.have_proc_fds) {
1654 0 : int fd = fsp_get_pathref_fd(fsp);
1655 0 : struct sys_proc_fd_path_buf buf;
1656 :
1657 0 : rc = gpfswrap_set_times_path(sys_proc_fd_path(fd, &buf),
1658 : flags,
1659 : gpfs_times);
1660 0 : if (rc != 0) {
1661 0 : DBG_WARNING("gpfs_set_times_path(%s,%s) failed: %s\n",
1662 : fsp_str_dbg(fsp),
1663 : buf.buf,
1664 : strerror(errno));
1665 : }
1666 0 : return rc;
1667 : }
1668 :
1669 : /*
1670 : * This is no longer a handle based call.
1671 : */
1672 :
1673 0 : rc = gpfswrap_set_times_path(fsp->fsp_name->base_name,
1674 : flags,
1675 : gpfs_times);
1676 0 : if (rc != 0) {
1677 0 : DBG_WARNING("gpfs_set_times_path(%s) failed: %s\n",
1678 : fsp_str_dbg(fsp), strerror(errno));
1679 : }
1680 0 : return rc;
1681 : }
1682 :
1683 0 : static int vfs_gpfs_fntimes(struct vfs_handle_struct *handle,
1684 : files_struct *fsp,
1685 : struct smb_file_time *ft)
1686 : {
1687 :
1688 0 : struct gpfs_winattr attrs;
1689 0 : int ret;
1690 0 : struct gpfs_config_data *config;
1691 :
1692 0 : SMB_VFS_HANDLE_GET_DATA(handle,
1693 : config,
1694 : struct gpfs_config_data,
1695 0 : return -1);
1696 :
1697 : /* Try to use gpfs_set_times if it is enabled and available */
1698 0 : if (config->settimes) {
1699 0 : return smbd_gpfs_set_times(fsp, ft);
1700 : }
1701 :
1702 0 : DBG_DEBUG("gpfs_set_times() not available or disabled, "
1703 : "use ntimes and winattr\n");
1704 :
1705 0 : ret = SMB_VFS_NEXT_FNTIMES(handle, fsp, ft);
1706 0 : if (ret == -1) {
1707 : /* don't complain if access was denied */
1708 0 : if (errno != EPERM && errno != EACCES) {
1709 0 : DBG_WARNING("SMB_VFS_NEXT_FNTIMES failed: %s\n",
1710 : strerror(errno));
1711 : }
1712 0 : return -1;
1713 : }
1714 :
1715 0 : if (is_omit_timespec(&ft->create_time)) {
1716 0 : DBG_DEBUG("Create Time is NULL\n");
1717 0 : return 0;
1718 : }
1719 :
1720 0 : if (!config->winattr) {
1721 0 : return 0;
1722 : }
1723 :
1724 0 : attrs.winAttrs = 0;
1725 0 : attrs.creationTime.tv_sec = ft->create_time.tv_sec;
1726 0 : attrs.creationTime.tv_nsec = ft->create_time.tv_nsec;
1727 :
1728 0 : if (!fsp->fsp_flags.is_pathref) {
1729 0 : ret = gpfswrap_set_winattrs(fsp_get_io_fd(fsp),
1730 : GPFS_WINATTR_SET_CREATION_TIME,
1731 : &attrs);
1732 0 : if (ret == -1 && errno != ENOSYS) {
1733 0 : DBG_WARNING("Set GPFS ntimes failed %d\n", ret);
1734 0 : return -1;
1735 : }
1736 0 : return ret;
1737 : }
1738 :
1739 0 : if (fsp->fsp_flags.have_proc_fds) {
1740 0 : int fd = fsp_get_pathref_fd(fsp);
1741 0 : struct sys_proc_fd_path_buf buf;
1742 :
1743 0 : ret = gpfswrap_set_winattrs_path(
1744 0 : sys_proc_fd_path(fd, &buf),
1745 : GPFS_WINATTR_SET_CREATION_TIME,
1746 : &attrs);
1747 0 : if (ret == -1 && errno != ENOSYS) {
1748 0 : DBG_WARNING("Set GPFS ntimes failed %d\n", ret);
1749 0 : return -1;
1750 : }
1751 0 : return ret;
1752 : }
1753 :
1754 : /*
1755 : * This is no longer a handle based call.
1756 : */
1757 0 : ret = gpfswrap_set_winattrs_path(fsp->fsp_name->base_name,
1758 : GPFS_WINATTR_SET_CREATION_TIME,
1759 : &attrs);
1760 0 : if (ret == -1 && errno != ENOSYS) {
1761 0 : DBG_WARNING("Set GPFS ntimes failed %d\n", ret);
1762 0 : return -1;
1763 : }
1764 :
1765 0 : return 0;
1766 : }
1767 :
1768 0 : static int vfs_gpfs_fallocate(struct vfs_handle_struct *handle,
1769 : struct files_struct *fsp, uint32_t mode,
1770 : off_t offset, off_t len)
1771 : {
1772 0 : if (mode == (VFS_FALLOCATE_FL_PUNCH_HOLE|VFS_FALLOCATE_FL_KEEP_SIZE) &&
1773 0 : !fsp->fsp_flags.is_sparse &&
1774 0 : lp_strict_allocate(SNUM(fsp->conn))) {
1775 : /*
1776 : * This is from a ZERO_DATA request on a non-sparse
1777 : * file. GPFS does not support FL_KEEP_SIZE and thus
1778 : * cannot fill the whole again in the subsequent
1779 : * fallocate(FL_KEEP_SIZE). Deny this FL_PUNCH_HOLE
1780 : * call to not end up with a hole in a non-sparse
1781 : * file.
1782 : */
1783 0 : errno = ENOTSUP;
1784 0 : return -1;
1785 : }
1786 :
1787 0 : return SMB_VFS_NEXT_FALLOCATE(handle, fsp, mode, offset, len);
1788 : }
1789 :
1790 0 : static int vfs_gpfs_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
1791 : off_t len)
1792 : {
1793 0 : int result;
1794 0 : struct gpfs_config_data *config;
1795 :
1796 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1797 : struct gpfs_config_data,
1798 0 : return -1);
1799 :
1800 0 : if (!config->ftruncate) {
1801 0 : return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1802 : }
1803 :
1804 0 : result = gpfswrap_ftruncate(fsp_get_io_fd(fsp), len);
1805 0 : if ((result == -1) && (errno == ENOSYS)) {
1806 0 : return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1807 : }
1808 0 : return result;
1809 : }
1810 :
1811 0 : static bool vfs_gpfs_is_offline(struct vfs_handle_struct *handle,
1812 : struct files_struct *fsp,
1813 : SMB_STRUCT_STAT *sbuf)
1814 : {
1815 0 : struct gpfs_winattr attrs;
1816 0 : struct gpfs_config_data *config;
1817 0 : int ret;
1818 :
1819 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1820 : struct gpfs_config_data,
1821 0 : return false);
1822 :
1823 0 : if (!config->winattr) {
1824 0 : return false;
1825 : }
1826 :
1827 0 : ret = gpfswrap_get_winattrs(fsp_get_pathref_fd(fsp), &attrs);
1828 0 : if (ret == -1) {
1829 0 : return false;
1830 : }
1831 :
1832 0 : if ((attrs.winAttrs & GPFS_WINATTR_OFFLINE) != 0) {
1833 0 : DBG_DEBUG("%s is offline\n", fsp_str_dbg(fsp));
1834 0 : return true;
1835 : }
1836 :
1837 0 : DBG_DEBUG("%s is online\n", fsp_str_dbg(fsp));
1838 0 : return false;
1839 : }
1840 :
1841 0 : static bool vfs_gpfs_fsp_is_offline(struct vfs_handle_struct *handle,
1842 : struct files_struct *fsp)
1843 : {
1844 0 : struct gpfs_fsp_extension *ext;
1845 :
1846 0 : ext = VFS_FETCH_FSP_EXTENSION(handle, fsp);
1847 0 : if (ext == NULL) {
1848 : /*
1849 : * Something bad happened, always ask.
1850 : */
1851 0 : return vfs_gpfs_is_offline(handle, fsp,
1852 0 : &fsp->fsp_name->st);
1853 : }
1854 :
1855 0 : if (ext->offline) {
1856 : /*
1857 : * As long as it's offline, ask.
1858 : */
1859 0 : ext->offline = vfs_gpfs_is_offline(handle, fsp,
1860 0 : &fsp->fsp_name->st);
1861 : }
1862 :
1863 0 : return ext->offline;
1864 : }
1865 :
1866 0 : static bool vfs_gpfs_aio_force(struct vfs_handle_struct *handle,
1867 : struct files_struct *fsp)
1868 : {
1869 0 : return vfs_gpfs_fsp_is_offline(handle, fsp);
1870 : }
1871 :
1872 0 : static ssize_t vfs_gpfs_sendfile(vfs_handle_struct *handle, int tofd,
1873 : files_struct *fsp, const DATA_BLOB *hdr,
1874 : off_t offset, size_t n)
1875 : {
1876 0 : if (vfs_gpfs_fsp_is_offline(handle, fsp)) {
1877 0 : errno = ENOSYS;
1878 0 : return -1;
1879 : }
1880 0 : return SMB_VFS_NEXT_SENDFILE(handle, tofd, fsp, hdr, offset, n);
1881 : }
1882 :
1883 : #ifdef O_PATH
1884 0 : static int vfs_gpfs_check_pathref_fstat_x(struct gpfs_config_data *config,
1885 : struct connection_struct *conn)
1886 : {
1887 0 : struct gpfs_iattr64 iattr = {0};
1888 0 : unsigned int litemask = 0;
1889 0 : int saved_errno;
1890 0 : int fd;
1891 0 : int ret;
1892 :
1893 0 : fd = open(conn->connectpath, O_PATH);
1894 0 : if (fd == -1) {
1895 0 : DBG_ERR("openat() of share with O_PATH failed: %s\n",
1896 : strerror(errno));
1897 0 : return -1;
1898 : }
1899 :
1900 0 : ret = gpfswrap_fstat_x(fd, &litemask, &iattr, sizeof(iattr));
1901 0 : if (ret == 0) {
1902 0 : close(fd);
1903 0 : config->pathref_ok.gpfs_fstat_x = true;
1904 0 : return 0;
1905 : }
1906 :
1907 0 : saved_errno = errno;
1908 0 : ret = close(fd);
1909 0 : if (ret != 0) {
1910 0 : DBG_ERR("close failed: %s\n", strerror(errno));
1911 0 : return -1;
1912 : }
1913 :
1914 0 : if (saved_errno != EBADF) {
1915 0 : DBG_ERR("gpfswrap_fstat_x() of O_PATH handle failed: %s\n",
1916 : strerror(saved_errno));
1917 0 : return -1;
1918 : }
1919 :
1920 0 : return 0;
1921 : }
1922 : #endif
1923 :
1924 0 : static int vfs_gpfs_check_pathref(struct gpfs_config_data *config,
1925 : struct connection_struct *conn)
1926 : {
1927 : #ifndef O_PATH
1928 : /*
1929 : * This code path leaves all struct gpfs_config_data.pathref_ok members
1930 : * initialized to false.
1931 : */
1932 : return 0;
1933 : #else
1934 0 : int ret;
1935 :
1936 0 : ret = vfs_gpfs_check_pathref_fstat_x(config, conn);
1937 0 : if (ret != 0) {
1938 0 : return -1;
1939 : }
1940 :
1941 0 : return 0;
1942 : #endif
1943 : }
1944 :
1945 0 : static int vfs_gpfs_connect(struct vfs_handle_struct *handle,
1946 : const char *service, const char *user)
1947 : {
1948 0 : struct gpfs_config_data *config;
1949 0 : int ret;
1950 0 : bool check_fstype;
1951 :
1952 0 : ret = SMB_VFS_NEXT_CONNECT(handle, service, user);
1953 0 : if (ret < 0) {
1954 0 : return ret;
1955 : }
1956 :
1957 0 : if (IS_IPC(handle->conn)) {
1958 0 : return 0;
1959 : }
1960 :
1961 0 : ret = gpfswrap_init();
1962 0 : if (ret < 0) {
1963 0 : DBG_ERR("Could not load GPFS library.\n");
1964 0 : return ret;
1965 : }
1966 :
1967 0 : ret = gpfswrap_lib_init(0);
1968 0 : if (ret < 0) {
1969 0 : DBG_ERR("Could not open GPFS device file: %s\n",
1970 : strerror(errno));
1971 0 : return ret;
1972 : }
1973 :
1974 0 : ret = gpfswrap_register_cifs_export();
1975 0 : if (ret < 0) {
1976 0 : DBG_ERR("Failed to register with GPFS: %s\n", strerror(errno));
1977 0 : return ret;
1978 : }
1979 :
1980 0 : config = talloc_zero(handle->conn, struct gpfs_config_data);
1981 0 : if (!config) {
1982 0 : DEBUG(0, ("talloc_zero() failed\n"));
1983 0 : errno = ENOMEM;
1984 0 : return -1;
1985 : }
1986 :
1987 0 : check_fstype = lp_parm_bool(SNUM(handle->conn), "gpfs",
1988 : "check_fstype", true);
1989 :
1990 0 : if (check_fstype) {
1991 0 : const char *connectpath = handle->conn->connectpath;
1992 0 : struct statfs buf = { 0 };
1993 :
1994 0 : ret = statfs(connectpath, &buf);
1995 0 : if (ret != 0) {
1996 0 : DBG_ERR("statfs failed for share %s at path %s: %s\n",
1997 : service, connectpath, strerror(errno));
1998 0 : TALLOC_FREE(config);
1999 0 : return ret;
2000 : }
2001 :
2002 0 : if (buf.f_type != GPFS_SUPER_MAGIC) {
2003 0 : DBG_ERR("SMB share %s, path %s not in GPFS file system."
2004 : " statfs magic: 0x%jx\n",
2005 : service,
2006 : connectpath,
2007 : (uintmax_t)buf.f_type);
2008 0 : errno = EINVAL;
2009 0 : TALLOC_FREE(config);
2010 0 : return -1;
2011 : }
2012 : }
2013 :
2014 0 : ret = smbacl4_get_vfs_params(handle->conn, &config->nfs4_params);
2015 0 : if (ret < 0) {
2016 0 : TALLOC_FREE(config);
2017 0 : return ret;
2018 : }
2019 :
2020 0 : config->sharemodes = lp_parm_bool(SNUM(handle->conn), "gpfs",
2021 : "sharemodes", true);
2022 :
2023 0 : config->leases = lp_parm_bool(SNUM(handle->conn), "gpfs",
2024 : "leases", true);
2025 :
2026 0 : config->hsm = lp_parm_bool(SNUM(handle->conn), "gpfs",
2027 : "hsm", false);
2028 :
2029 0 : config->syncio = lp_parm_bool(SNUM(handle->conn), "gpfs",
2030 : "syncio", false);
2031 :
2032 0 : config->winattr = lp_parm_bool(SNUM(handle->conn), "gpfs",
2033 : "winattr", false);
2034 :
2035 0 : config->ftruncate = lp_parm_bool(SNUM(handle->conn), "gpfs",
2036 : "ftruncate", true);
2037 :
2038 0 : config->getrealfilename = lp_parm_bool(SNUM(handle->conn), "gpfs",
2039 : "getrealfilename", true);
2040 :
2041 0 : config->dfreequota = lp_parm_bool(SNUM(handle->conn), "gpfs",
2042 : "dfreequota", false);
2043 :
2044 0 : config->acl = lp_parm_bool(SNUM(handle->conn), "gpfs", "acl", true);
2045 :
2046 0 : config->settimes = lp_parm_bool(SNUM(handle->conn), "gpfs",
2047 : "settimes", true);
2048 0 : config->recalls = lp_parm_bool(SNUM(handle->conn), "gpfs",
2049 : "recalls", true);
2050 :
2051 0 : ret = vfs_gpfs_check_pathref(config, handle->conn);
2052 0 : if (ret != 0) {
2053 0 : DBG_ERR("vfs_gpfs_check_pathref() on [%s] failed\n",
2054 : handle->conn->connectpath);
2055 0 : TALLOC_FREE(config);
2056 0 : return -1;
2057 : }
2058 :
2059 0 : SMB_VFS_HANDLE_SET_DATA(handle, config,
2060 : NULL, struct gpfs_config_data,
2061 0 : return -1);
2062 :
2063 0 : if (config->leases) {
2064 : /*
2065 : * GPFS lease code is based on kernel oplock code
2066 : * so make sure it is turned on
2067 : */
2068 0 : if (!lp_kernel_oplocks(SNUM(handle->conn))) {
2069 0 : DEBUG(5, ("Enabling kernel oplocks for "
2070 : "gpfs:leases to work\n"));
2071 0 : lp_do_parameter(SNUM(handle->conn), "kernel oplocks",
2072 : "true");
2073 : }
2074 :
2075 : /*
2076 : * as the kernel does not properly support Level II oplocks
2077 : * and GPFS leases code is based on kernel infrastructure, we
2078 : * need to turn off Level II oplocks if gpfs:leases is enabled
2079 : */
2080 0 : if (lp_level2_oplocks(SNUM(handle->conn))) {
2081 0 : DEBUG(5, ("gpfs:leases are enabled, disabling "
2082 : "Level II oplocks\n"));
2083 0 : lp_do_parameter(SNUM(handle->conn), "level2 oplocks",
2084 : "false");
2085 : }
2086 : }
2087 :
2088 : /*
2089 : * Unless we have an async implementation of get_dos_attributes turn
2090 : * this off.
2091 : */
2092 0 : lp_do_parameter(SNUM(handle->conn), "smbd async dosmode", "false");
2093 :
2094 0 : return 0;
2095 : }
2096 :
2097 0 : static int get_gpfs_quota(const char *pathname, int type, int id,
2098 : struct gpfs_quotaInfo *qi)
2099 : {
2100 0 : int ret;
2101 :
2102 0 : ret = gpfswrap_quotactl(pathname, GPFS_QCMD(Q_GETQUOTA, type), id, qi);
2103 :
2104 0 : if (ret) {
2105 0 : if (errno == GPFS_E_NO_QUOTA_INST) {
2106 0 : DEBUG(10, ("Quotas disabled on GPFS filesystem.\n"));
2107 0 : } else if (errno != ENOSYS) {
2108 0 : DEBUG(0, ("Get quota failed, type %d, id, %d, "
2109 : "errno %d.\n", type, id, errno));
2110 : }
2111 :
2112 0 : return ret;
2113 : }
2114 :
2115 0 : DEBUG(10, ("quota type %d, id %d, blk u:%lld h:%lld s:%lld gt:%u\n",
2116 : type, id, qi->blockUsage, qi->blockHardLimit,
2117 : qi->blockSoftLimit, qi->blockGraceTime));
2118 :
2119 0 : return ret;
2120 : }
2121 :
2122 0 : static void vfs_gpfs_disk_free_quota(struct gpfs_quotaInfo qi, time_t cur_time,
2123 : uint64_t *dfree, uint64_t *dsize)
2124 : {
2125 0 : uint64_t usage, limit;
2126 :
2127 : /*
2128 : * The quota reporting is done in units of 1024 byte blocks, but
2129 : * sys_fsusage uses units of 512 byte blocks, adjust the block number
2130 : * accordingly. Also filter possibly negative usage counts from gpfs.
2131 : */
2132 0 : usage = qi.blockUsage < 0 ? 0 : (uint64_t)qi.blockUsage * 2;
2133 0 : limit = (uint64_t)qi.blockHardLimit * 2;
2134 :
2135 : /*
2136 : * When the grace time for the exceeded soft block quota has been
2137 : * exceeded, the soft block quota becomes an additional hard limit.
2138 : */
2139 0 : if (qi.blockSoftLimit &&
2140 0 : qi.blockGraceTime && cur_time > qi.blockGraceTime) {
2141 : /* report disk as full */
2142 0 : *dfree = 0;
2143 0 : *dsize = MIN(*dsize, usage);
2144 : }
2145 :
2146 0 : if (!qi.blockHardLimit)
2147 0 : return;
2148 :
2149 0 : if (usage >= limit) {
2150 : /* report disk as full */
2151 0 : *dfree = 0;
2152 0 : *dsize = MIN(*dsize, usage);
2153 :
2154 : } else {
2155 : /* limit has not been reached, determine "free space" */
2156 0 : *dfree = MIN(*dfree, limit - usage);
2157 0 : *dsize = MIN(*dsize, limit);
2158 : }
2159 : }
2160 :
2161 0 : static uint64_t vfs_gpfs_disk_free(vfs_handle_struct *handle,
2162 : const struct smb_filename *smb_fname,
2163 : uint64_t *bsize,
2164 : uint64_t *dfree,
2165 : uint64_t *dsize)
2166 : {
2167 0 : struct security_unix_token *utok;
2168 0 : struct gpfs_quotaInfo qi_user = { 0 }, qi_group = { 0 };
2169 0 : struct gpfs_config_data *config;
2170 0 : int err;
2171 0 : time_t cur_time;
2172 :
2173 0 : SMB_VFS_HANDLE_GET_DATA(handle, config, struct gpfs_config_data,
2174 0 : return (uint64_t)-1);
2175 0 : if (!config->dfreequota) {
2176 0 : return SMB_VFS_NEXT_DISK_FREE(handle, smb_fname,
2177 : bsize, dfree, dsize);
2178 : }
2179 :
2180 0 : err = sys_fsusage(smb_fname->base_name, dfree, dsize);
2181 0 : if (err) {
2182 0 : DEBUG (0, ("Could not get fs usage, errno %d\n", errno));
2183 0 : return SMB_VFS_NEXT_DISK_FREE(handle, smb_fname,
2184 : bsize, dfree, dsize);
2185 : }
2186 :
2187 : /* sys_fsusage returns units of 512 bytes */
2188 0 : *bsize = 512;
2189 :
2190 0 : DEBUG(10, ("fs dfree %llu, dsize %llu\n",
2191 : (unsigned long long)*dfree, (unsigned long long)*dsize));
2192 :
2193 0 : utok = handle->conn->session_info->unix_token;
2194 :
2195 0 : err = get_gpfs_quota(smb_fname->base_name,
2196 0 : GPFS_USRQUOTA, utok->uid, &qi_user);
2197 0 : if (err) {
2198 0 : return SMB_VFS_NEXT_DISK_FREE(handle, smb_fname,
2199 : bsize, dfree, dsize);
2200 : }
2201 :
2202 : /*
2203 : * If new files created under this folder get this folder's
2204 : * GID, then available space is governed by the quota of the
2205 : * folder's GID, not the primary group of the creating user.
2206 : */
2207 0 : if (VALID_STAT(smb_fname->st) &&
2208 0 : S_ISDIR(smb_fname->st.st_ex_mode) &&
2209 0 : smb_fname->st.st_ex_mode & S_ISGID) {
2210 0 : become_root();
2211 0 : err = get_gpfs_quota(smb_fname->base_name, GPFS_GRPQUOTA,
2212 0 : smb_fname->st.st_ex_gid, &qi_group);
2213 0 : unbecome_root();
2214 :
2215 : } else {
2216 0 : err = get_gpfs_quota(smb_fname->base_name, GPFS_GRPQUOTA,
2217 0 : utok->gid, &qi_group);
2218 : }
2219 :
2220 0 : if (err) {
2221 0 : return SMB_VFS_NEXT_DISK_FREE(handle, smb_fname,
2222 : bsize, dfree, dsize);
2223 : }
2224 :
2225 0 : cur_time = time(NULL);
2226 :
2227 : /* Adjust free space and size according to quota limits. */
2228 0 : vfs_gpfs_disk_free_quota(qi_user, cur_time, dfree, dsize);
2229 0 : vfs_gpfs_disk_free_quota(qi_group, cur_time, dfree, dsize);
2230 :
2231 0 : return *dfree / 2;
2232 : }
2233 :
2234 0 : static int vfs_gpfs_get_quota(vfs_handle_struct *handle,
2235 : const struct smb_filename *smb_fname,
2236 : enum SMB_QUOTA_TYPE qtype,
2237 : unid_t id,
2238 : SMB_DISK_QUOTA *dq)
2239 : {
2240 0 : switch(qtype) {
2241 : /*
2242 : * User/group quota are being used for disk-free
2243 : * determination, which in this module is done directly
2244 : * by the disk-free function. It's important that this
2245 : * module does not return wrong quota values by mistake,
2246 : * which would modify the correct values set by disk-free.
2247 : * User/group quota are also being used for processing
2248 : * NT_TRANSACT_GET_USER_QUOTA in smb1 protocol, which is
2249 : * currently not supported by this module.
2250 : */
2251 0 : case SMB_USER_QUOTA_TYPE:
2252 : case SMB_GROUP_QUOTA_TYPE:
2253 0 : errno = ENOSYS;
2254 0 : return -1;
2255 0 : default:
2256 0 : return SMB_VFS_NEXT_GET_QUOTA(handle, smb_fname,
2257 : qtype, id, dq);
2258 : }
2259 : }
2260 :
2261 0 : static uint32_t vfs_gpfs_capabilities(struct vfs_handle_struct *handle,
2262 : enum timestamp_set_resolution *p_ts_res)
2263 : {
2264 0 : struct gpfs_config_data *config;
2265 0 : uint32_t next;
2266 :
2267 0 : next = SMB_VFS_NEXT_FS_CAPABILITIES(handle, p_ts_res);
2268 :
2269 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
2270 : struct gpfs_config_data,
2271 0 : return next);
2272 :
2273 0 : if (config->hsm) {
2274 0 : next |= FILE_SUPPORTS_REMOTE_STORAGE;
2275 : }
2276 0 : return next;
2277 : }
2278 :
2279 0 : static int vfs_gpfs_openat(struct vfs_handle_struct *handle,
2280 : const struct files_struct *dirfsp,
2281 : const struct smb_filename *smb_fname,
2282 : files_struct *fsp,
2283 : const struct vfs_open_how *_how)
2284 : {
2285 0 : struct vfs_open_how how = *_how;
2286 0 : struct gpfs_config_data *config = NULL;
2287 0 : struct gpfs_fsp_extension *ext = NULL;
2288 0 : int ret;
2289 :
2290 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
2291 : struct gpfs_config_data,
2292 0 : return -1);
2293 :
2294 0 : if (config->hsm && !config->recalls &&
2295 0 : !fsp->fsp_flags.is_pathref &&
2296 0 : vfs_gpfs_fsp_is_offline(handle, fsp))
2297 : {
2298 0 : DBG_DEBUG("Refusing access to offline file %s\n",
2299 : fsp_str_dbg(fsp));
2300 0 : errno = EACCES;
2301 0 : return -1;
2302 : }
2303 :
2304 0 : if (config->syncio) {
2305 0 : how.flags |= O_SYNC;
2306 : }
2307 :
2308 0 : ext = VFS_ADD_FSP_EXTENSION(handle, fsp, struct gpfs_fsp_extension,
2309 : NULL);
2310 0 : if (ext == NULL) {
2311 0 : errno = ENOMEM;
2312 0 : return -1;
2313 : }
2314 :
2315 : /*
2316 : * Assume the file is offline until gpfs tells us it's online.
2317 : */
2318 0 : *ext = (struct gpfs_fsp_extension) { .offline = true };
2319 :
2320 0 : ret = SMB_VFS_NEXT_OPENAT(handle, dirfsp, smb_fname, fsp, &how);
2321 0 : if (ret == -1) {
2322 0 : VFS_REMOVE_FSP_EXTENSION(handle, fsp);
2323 : }
2324 0 : return ret;
2325 : }
2326 :
2327 0 : static ssize_t vfs_gpfs_pread(vfs_handle_struct *handle, files_struct *fsp,
2328 : void *data, size_t n, off_t offset)
2329 : {
2330 0 : ssize_t ret;
2331 0 : bool was_offline;
2332 :
2333 0 : was_offline = vfs_gpfs_fsp_is_offline(handle, fsp);
2334 :
2335 0 : ret = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset);
2336 :
2337 0 : if ((ret != -1) && was_offline) {
2338 0 : notify_fname(handle->conn, NOTIFY_ACTION_MODIFIED,
2339 : FILE_NOTIFY_CHANGE_ATTRIBUTES,
2340 0 : fsp->fsp_name->base_name);
2341 : }
2342 :
2343 0 : return ret;
2344 : }
2345 :
2346 : struct vfs_gpfs_pread_state {
2347 : struct files_struct *fsp;
2348 : ssize_t ret;
2349 : bool was_offline;
2350 : struct vfs_aio_state vfs_aio_state;
2351 : };
2352 :
2353 : static void vfs_gpfs_pread_done(struct tevent_req *subreq);
2354 :
2355 0 : static struct tevent_req *vfs_gpfs_pread_send(struct vfs_handle_struct *handle,
2356 : TALLOC_CTX *mem_ctx,
2357 : struct tevent_context *ev,
2358 : struct files_struct *fsp,
2359 : void *data, size_t n,
2360 : off_t offset)
2361 : {
2362 0 : struct tevent_req *req, *subreq;
2363 0 : struct vfs_gpfs_pread_state *state;
2364 :
2365 0 : req = tevent_req_create(mem_ctx, &state, struct vfs_gpfs_pread_state);
2366 0 : if (req == NULL) {
2367 0 : return NULL;
2368 : }
2369 0 : state->was_offline = vfs_gpfs_fsp_is_offline(handle, fsp);
2370 0 : state->fsp = fsp;
2371 0 : subreq = SMB_VFS_NEXT_PREAD_SEND(state, ev, handle, fsp, data,
2372 : n, offset);
2373 0 : if (tevent_req_nomem(subreq, req)) {
2374 0 : return tevent_req_post(req, ev);
2375 : }
2376 0 : tevent_req_set_callback(subreq, vfs_gpfs_pread_done, req);
2377 0 : return req;
2378 : }
2379 :
2380 0 : static void vfs_gpfs_pread_done(struct tevent_req *subreq)
2381 : {
2382 0 : struct tevent_req *req = tevent_req_callback_data(
2383 : subreq, struct tevent_req);
2384 0 : struct vfs_gpfs_pread_state *state = tevent_req_data(
2385 : req, struct vfs_gpfs_pread_state);
2386 :
2387 0 : state->ret = SMB_VFS_PREAD_RECV(subreq, &state->vfs_aio_state);
2388 0 : TALLOC_FREE(subreq);
2389 0 : tevent_req_done(req);
2390 0 : }
2391 :
2392 0 : static ssize_t vfs_gpfs_pread_recv(struct tevent_req *req,
2393 : struct vfs_aio_state *vfs_aio_state)
2394 : {
2395 0 : struct vfs_gpfs_pread_state *state = tevent_req_data(
2396 : req, struct vfs_gpfs_pread_state);
2397 0 : struct files_struct *fsp = state->fsp;
2398 :
2399 0 : if (tevent_req_is_unix_error(req, &vfs_aio_state->error)) {
2400 0 : return -1;
2401 : }
2402 0 : *vfs_aio_state = state->vfs_aio_state;
2403 :
2404 0 : if ((state->ret != -1) && state->was_offline) {
2405 0 : DEBUG(10, ("sending notify\n"));
2406 0 : notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
2407 : FILE_NOTIFY_CHANGE_ATTRIBUTES,
2408 0 : fsp->fsp_name->base_name);
2409 : }
2410 :
2411 0 : return state->ret;
2412 : }
2413 :
2414 0 : static ssize_t vfs_gpfs_pwrite(vfs_handle_struct *handle, files_struct *fsp,
2415 : const void *data, size_t n, off_t offset)
2416 : {
2417 0 : ssize_t ret;
2418 0 : bool was_offline;
2419 :
2420 0 : was_offline = vfs_gpfs_fsp_is_offline(handle, fsp);
2421 :
2422 0 : ret = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
2423 :
2424 0 : if ((ret != -1) && was_offline) {
2425 0 : notify_fname(handle->conn, NOTIFY_ACTION_MODIFIED,
2426 : FILE_NOTIFY_CHANGE_ATTRIBUTES,
2427 0 : fsp->fsp_name->base_name);
2428 : }
2429 :
2430 0 : return ret;
2431 : }
2432 :
2433 : struct vfs_gpfs_pwrite_state {
2434 : struct files_struct *fsp;
2435 : ssize_t ret;
2436 : bool was_offline;
2437 : struct vfs_aio_state vfs_aio_state;
2438 : };
2439 :
2440 : static void vfs_gpfs_pwrite_done(struct tevent_req *subreq);
2441 :
2442 0 : static struct tevent_req *vfs_gpfs_pwrite_send(
2443 : struct vfs_handle_struct *handle,
2444 : TALLOC_CTX *mem_ctx,
2445 : struct tevent_context *ev,
2446 : struct files_struct *fsp,
2447 : const void *data, size_t n,
2448 : off_t offset)
2449 : {
2450 0 : struct tevent_req *req, *subreq;
2451 0 : struct vfs_gpfs_pwrite_state *state;
2452 :
2453 0 : req = tevent_req_create(mem_ctx, &state, struct vfs_gpfs_pwrite_state);
2454 0 : if (req == NULL) {
2455 0 : return NULL;
2456 : }
2457 0 : state->was_offline = vfs_gpfs_fsp_is_offline(handle, fsp);
2458 0 : state->fsp = fsp;
2459 0 : subreq = SMB_VFS_NEXT_PWRITE_SEND(state, ev, handle, fsp, data,
2460 : n, offset);
2461 0 : if (tevent_req_nomem(subreq, req)) {
2462 0 : return tevent_req_post(req, ev);
2463 : }
2464 0 : tevent_req_set_callback(subreq, vfs_gpfs_pwrite_done, req);
2465 0 : return req;
2466 : }
2467 :
2468 0 : static void vfs_gpfs_pwrite_done(struct tevent_req *subreq)
2469 : {
2470 0 : struct tevent_req *req = tevent_req_callback_data(
2471 : subreq, struct tevent_req);
2472 0 : struct vfs_gpfs_pwrite_state *state = tevent_req_data(
2473 : req, struct vfs_gpfs_pwrite_state);
2474 :
2475 0 : state->ret = SMB_VFS_PWRITE_RECV(subreq, &state->vfs_aio_state);
2476 0 : TALLOC_FREE(subreq);
2477 0 : tevent_req_done(req);
2478 0 : }
2479 :
2480 0 : static ssize_t vfs_gpfs_pwrite_recv(struct tevent_req *req,
2481 : struct vfs_aio_state *vfs_aio_state)
2482 : {
2483 0 : struct vfs_gpfs_pwrite_state *state = tevent_req_data(
2484 : req, struct vfs_gpfs_pwrite_state);
2485 0 : struct files_struct *fsp = state->fsp;
2486 :
2487 0 : if (tevent_req_is_unix_error(req, &vfs_aio_state->error)) {
2488 0 : return -1;
2489 : }
2490 0 : *vfs_aio_state = state->vfs_aio_state;
2491 :
2492 0 : if ((state->ret != -1) && state->was_offline) {
2493 0 : DEBUG(10, ("sending notify\n"));
2494 0 : notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
2495 : FILE_NOTIFY_CHANGE_ATTRIBUTES,
2496 0 : fsp->fsp_name->base_name);
2497 : }
2498 :
2499 0 : return state->ret;
2500 : }
2501 :
2502 :
2503 : static struct vfs_fn_pointers vfs_gpfs_fns = {
2504 : .connect_fn = vfs_gpfs_connect,
2505 : .disk_free_fn = vfs_gpfs_disk_free,
2506 : .get_quota_fn = vfs_gpfs_get_quota,
2507 : .fs_capabilities_fn = vfs_gpfs_capabilities,
2508 : .filesystem_sharemode_fn = vfs_gpfs_filesystem_sharemode,
2509 : .linux_setlease_fn = vfs_gpfs_setlease,
2510 : .get_real_filename_at_fn = vfs_gpfs_get_real_filename_at,
2511 : .get_dos_attributes_send_fn = vfs_not_implemented_get_dos_attributes_send,
2512 : .get_dos_attributes_recv_fn = vfs_not_implemented_get_dos_attributes_recv,
2513 : .fget_dos_attributes_fn = vfs_gpfs_fget_dos_attributes,
2514 : .fset_dos_attributes_fn = vfs_gpfs_fset_dos_attributes,
2515 : .fget_nt_acl_fn = gpfsacl_fget_nt_acl,
2516 : .fset_nt_acl_fn = gpfsacl_fset_nt_acl,
2517 : .sys_acl_get_fd_fn = gpfsacl_sys_acl_get_fd,
2518 : .sys_acl_blob_get_fd_fn = gpfsacl_sys_acl_blob_get_fd,
2519 : .sys_acl_set_fd_fn = gpfsacl_sys_acl_set_fd,
2520 : .sys_acl_delete_def_fd_fn = gpfsacl_sys_acl_delete_def_fd,
2521 : .fchmod_fn = vfs_gpfs_fchmod,
2522 : .close_fn = vfs_gpfs_close,
2523 : .stat_fn = nfs4_acl_stat,
2524 : .fstat_fn = nfs4_acl_fstat,
2525 : .lstat_fn = nfs4_acl_lstat,
2526 : .fstatat_fn = nfs4_acl_fstatat,
2527 : .fntimes_fn = vfs_gpfs_fntimes,
2528 : .aio_force_fn = vfs_gpfs_aio_force,
2529 : .sendfile_fn = vfs_gpfs_sendfile,
2530 : .fallocate_fn = vfs_gpfs_fallocate,
2531 : .openat_fn = vfs_gpfs_openat,
2532 : .pread_fn = vfs_gpfs_pread,
2533 : .pread_send_fn = vfs_gpfs_pread_send,
2534 : .pread_recv_fn = vfs_gpfs_pread_recv,
2535 : .pwrite_fn = vfs_gpfs_pwrite,
2536 : .pwrite_send_fn = vfs_gpfs_pwrite_send,
2537 : .pwrite_recv_fn = vfs_gpfs_pwrite_recv,
2538 : .ftruncate_fn = vfs_gpfs_ftruncate
2539 : };
2540 :
2541 : static_decl_vfs;
2542 27 : NTSTATUS vfs_gpfs_init(TALLOC_CTX *ctx)
2543 : {
2544 27 : return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "gpfs",
2545 : &vfs_gpfs_fns);
2546 : }
|
