Line data Source code
1 : /*
2 : * Unix SMB/CIFS implementation.
3 : * Samba VFS module for GPFS filesystem
4 : * Copyright (C) Christian Ambach <cambach1@de.ibm.com> 2006
5 : * Copyright (C) Christof Schmitt 2015
6 : * Major code contributions by Chetan Shringarpure <chetan.sh@in.ibm.com>
7 : * and Gomati Mohanan <gomati.mohanan@in.ibm.com>
8 : *
9 : * This program is free software; you can redistribute it and/or modify
10 : * it under the terms of the GNU General Public License as published by
11 : * the Free Software Foundation; either version 3 of the License, or
12 : * (at your option) any later version.
13 : *
14 : * This program is distributed in the hope that it will be useful,
15 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 : * GNU General Public License for more details.
18 : *
19 : * You should have received a copy of the GNU General Public License
20 : * along with this program; if not, see <http://www.gnu.org/licenses/>.
21 : */
22 :
23 : #include "includes.h"
24 : #include "smbd/smbd.h"
25 : #include "include/smbprofile.h"
26 : #include "modules/non_posix_acls.h"
27 : #include "libcli/security/security.h"
28 : #include "nfs4_acls.h"
29 : #include "system/filesys.h"
30 : #include "auth.h"
31 : #include "lib/util/tevent_unix.h"
32 : #include "lib/util/gpfswrap.h"
33 :
34 : #include <gnutls/gnutls.h>
35 : #include <gnutls/crypto.h>
36 : #include "lib/crypto/gnutls_helpers.h"
37 :
38 : #undef DBGC_CLASS
39 : #define DBGC_CLASS DBGC_VFS
40 :
41 : #ifndef GPFS_GETACL_NATIVE
42 : #define GPFS_GETACL_NATIVE 0x00000004
43 : #endif
44 :
45 : struct gpfs_config_data {
46 : struct smbacl4_vfs_params nfs4_params;
47 : bool sharemodes;
48 : bool leases;
49 : bool hsm;
50 : bool syncio;
51 : bool winattr;
52 : bool ftruncate;
53 : bool getrealfilename;
54 : bool dfreequota;
55 : bool acl;
56 : bool settimes;
57 : bool recalls;
58 : struct {
59 : bool gpfs_fstat_x;
60 : } pathref_ok;
61 : };
62 :
63 : struct gpfs_fsp_extension {
64 : bool offline;
65 : };
66 :
67 0 : static inline unsigned int gpfs_acl_flags(gpfs_acl_t *gacl)
68 : {
69 0 : if (gacl->acl_level == GPFS_ACL_LEVEL_V4FLAGS) {
70 0 : return gacl->v4Level1.acl_flags;
71 : }
72 0 : return 0;
73 : }
74 :
75 0 : static inline gpfs_ace_v4_t *gpfs_ace_ptr(gpfs_acl_t *gacl, unsigned int i)
76 : {
77 0 : if (gacl->acl_level == GPFS_ACL_LEVEL_V4FLAGS) {
78 0 : return &gacl->v4Level1.ace_v4[i];
79 : }
80 0 : return &gacl->ace_v4[i];
81 : }
82 :
83 0 : static unsigned int vfs_gpfs_access_mask_to_allow(uint32_t access_mask)
84 : {
85 0 : unsigned int allow = GPFS_SHARE_NONE;
86 :
87 0 : if (access_mask & (FILE_WRITE_DATA|FILE_APPEND_DATA)) {
88 0 : allow |= GPFS_SHARE_WRITE;
89 : }
90 0 : if (access_mask & (FILE_READ_DATA|FILE_EXECUTE)) {
91 0 : allow |= GPFS_SHARE_READ;
92 : }
93 :
94 0 : return allow;
95 : }
96 :
97 0 : static unsigned int vfs_gpfs_share_access_to_deny(uint32_t share_access)
98 : {
99 0 : unsigned int deny = GPFS_DENY_NONE;
100 :
101 0 : if (!(share_access & FILE_SHARE_WRITE)) {
102 0 : deny |= GPFS_DENY_WRITE;
103 : }
104 0 : if (!(share_access & FILE_SHARE_READ)) {
105 0 : deny |= GPFS_DENY_READ;
106 : }
107 :
108 : /*
109 : * GPFS_DENY_DELETE can only be set together with either
110 : * GPFS_DENY_WRITE or GPFS_DENY_READ.
111 : */
112 0 : if ((deny & (GPFS_DENY_WRITE|GPFS_DENY_READ)) &&
113 0 : !(share_access & FILE_SHARE_DELETE)) {
114 0 : deny |= GPFS_DENY_DELETE;
115 : }
116 :
117 0 : return deny;
118 : }
119 :
120 0 : static int set_gpfs_sharemode(files_struct *fsp, uint32_t access_mask,
121 : uint32_t share_access)
122 : {
123 0 : unsigned int allow = GPFS_SHARE_NONE;
124 0 : unsigned int deny = GPFS_DENY_NONE;
125 : int result;
126 :
127 0 : if (access_mask == 0) {
128 0 : DBG_DEBUG("Clearing file system share mode.\n");
129 : } else {
130 0 : allow = vfs_gpfs_access_mask_to_allow(access_mask);
131 0 : deny = vfs_gpfs_share_access_to_deny(share_access);
132 : }
133 0 : DBG_DEBUG("access_mask=0x%x, allow=0x%x, share_access=0x%x, "
134 : "deny=0x%x\n", access_mask, allow, share_access, deny);
135 :
136 0 : result = gpfswrap_set_share(fsp_get_io_fd(fsp), allow, deny);
137 0 : if (result == 0) {
138 0 : return 0;
139 : }
140 :
141 0 : if (errno == EACCES) {
142 0 : DBG_NOTICE("GPFS share mode denied for %s/%s.\n",
143 : fsp->conn->connectpath,
144 : fsp->fsp_name->base_name);
145 0 : } else if (errno == EPERM) {
146 0 : DBG_ERR("Samba requested GPFS sharemode for %s/%s, but the "
147 : "GPFS file system is not configured accordingly. "
148 : "Configure file system with mmchfs -D nfs4 or "
149 : "set gpfs:sharemodes=no in Samba.\n",
150 : fsp->conn->connectpath,
151 : fsp->fsp_name->base_name);
152 : } else {
153 0 : DBG_ERR("gpfs_set_share failed: %s\n", strerror(errno));
154 : }
155 :
156 0 : return result;
157 : }
158 :
159 0 : static int vfs_gpfs_filesystem_sharemode(vfs_handle_struct *handle,
160 : files_struct *fsp,
161 : uint32_t share_access,
162 : uint32_t access_mask)
163 : {
164 :
165 : struct gpfs_config_data *config;
166 0 : int ret = 0;
167 :
168 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
169 : struct gpfs_config_data,
170 : return -1);
171 :
172 0 : if(!config->sharemodes) {
173 0 : return 0;
174 : }
175 :
176 : /*
177 : * A named stream fsp will have the basefile open in the fsp
178 : * fd, so lacking a distinct fd for the stream we have to skip
179 : * set_gpfs_sharemode for stream.
180 : */
181 0 : if (fsp_is_alternate_stream(fsp)) {
182 0 : DBG_NOTICE("Not requesting GPFS sharemode on stream: %s/%s\n",
183 : fsp->conn->connectpath,
184 : fsp_str_dbg(fsp));
185 0 : return 0;
186 : }
187 :
188 0 : ret = set_gpfs_sharemode(fsp, access_mask, share_access);
189 :
190 0 : return ret;
191 : }
192 :
193 0 : static int vfs_gpfs_close(vfs_handle_struct *handle, files_struct *fsp)
194 : {
195 :
196 : struct gpfs_config_data *config;
197 :
198 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
199 : struct gpfs_config_data,
200 : return -1);
201 :
202 0 : if (config->sharemodes &&
203 : (fsp->fsp_flags.kernel_share_modes_taken))
204 : {
205 : /*
206 : * Always clear GPFS sharemode in case the actual
207 : * close gets deferred due to outstanding POSIX locks
208 : * (see fd_close_posix)
209 : */
210 0 : int ret = gpfswrap_set_share(fsp_get_io_fd(fsp), 0, 0);
211 0 : if (ret != 0) {
212 0 : DBG_ERR("Clearing GPFS sharemode on close failed for "
213 : " %s/%s: %s\n",
214 : fsp->conn->connectpath,
215 : fsp->fsp_name->base_name,
216 : strerror(errno));
217 : }
218 : }
219 :
220 0 : return SMB_VFS_NEXT_CLOSE(handle, fsp);
221 : }
222 :
223 : #ifdef HAVE_KERNEL_OPLOCKS_LINUX
224 0 : static int lease_type_to_gpfs(int leasetype)
225 : {
226 0 : if (leasetype == F_RDLCK) {
227 0 : return GPFS_LEASE_READ;
228 : }
229 :
230 0 : if (leasetype == F_WRLCK) {
231 0 : return GPFS_LEASE_WRITE;
232 : }
233 :
234 0 : return GPFS_LEASE_NONE;
235 : }
236 :
237 0 : static int vfs_gpfs_setlease(vfs_handle_struct *handle,
238 : files_struct *fsp,
239 : int leasetype)
240 : {
241 : struct gpfs_config_data *config;
242 0 : int ret=0;
243 :
244 0 : START_PROFILE(syscall_linux_setlease);
245 :
246 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
247 : struct gpfs_config_data,
248 : return -1);
249 :
250 0 : ret = linux_set_lease_sighandler(fsp_get_io_fd(fsp));
251 0 : if (ret == -1) {
252 0 : goto failure;
253 : }
254 :
255 0 : if (config->leases) {
256 0 : int gpfs_lease_type = lease_type_to_gpfs(leasetype);
257 0 : int saved_errno = 0;
258 :
259 : /*
260 : * Ensure the lease owner is root to allow
261 : * correct delivery of lease-break signals.
262 : */
263 0 : become_root();
264 0 : ret = gpfswrap_set_lease(fsp_get_io_fd(fsp), gpfs_lease_type);
265 0 : if (ret < 0) {
266 0 : saved_errno = errno;
267 : }
268 0 : unbecome_root();
269 :
270 0 : if (saved_errno != 0) {
271 0 : errno = saved_errno;
272 : }
273 : }
274 :
275 0 : failure:
276 0 : END_PROFILE(syscall_linux_setlease);
277 :
278 0 : return ret;
279 : }
280 :
281 : #else /* HAVE_KERNEL_OPLOCKS_LINUX */
282 :
283 : static int vfs_gpfs_setlease(vfs_handle_struct *handle,
284 : files_struct *fsp,
285 : int leasetype)
286 : {
287 : return ENOSYS;
288 : }
289 : #endif /* HAVE_KERNEL_OPLOCKS_LINUX */
290 :
291 0 : static NTSTATUS vfs_gpfs_get_real_filename_at(struct vfs_handle_struct *handle,
292 : struct files_struct *dirfsp,
293 : const char *name,
294 : TALLOC_CTX *mem_ctx,
295 : char **found_name)
296 : {
297 : int result;
298 0 : char *full_path = NULL;
299 0 : char *to_free = NULL;
300 : char real_pathname[PATH_MAX+1], tmpbuf[PATH_MAX];
301 : size_t full_path_len;
302 : int buflen;
303 : bool mangled;
304 : struct gpfs_config_data *config;
305 :
306 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
307 : struct gpfs_config_data,
308 : return NT_STATUS_INTERNAL_ERROR);
309 :
310 0 : if (!config->getrealfilename) {
311 0 : return SMB_VFS_NEXT_GET_REAL_FILENAME_AT(
312 : handle, dirfsp, name, mem_ctx, found_name);
313 : }
314 :
315 0 : mangled = mangle_is_mangled(name, handle->conn->params);
316 0 : if (mangled) {
317 0 : return SMB_VFS_NEXT_GET_REAL_FILENAME_AT(
318 : handle, dirfsp, name, mem_ctx, found_name);
319 : }
320 :
321 0 : full_path_len = full_path_tos(dirfsp->fsp_name->base_name, name,
322 : tmpbuf, sizeof(tmpbuf),
323 : &full_path, &to_free);
324 0 : if (full_path_len == -1) {
325 0 : return NT_STATUS_NO_MEMORY;
326 : }
327 :
328 0 : buflen = sizeof(real_pathname) - 1;
329 :
330 0 : result = gpfswrap_get_realfilename_path(full_path, real_pathname,
331 : &buflen);
332 :
333 0 : TALLOC_FREE(to_free);
334 :
335 0 : if ((result == -1) && (errno == ENOSYS)) {
336 0 : return SMB_VFS_NEXT_GET_REAL_FILENAME_AT(
337 : handle, dirfsp, name, mem_ctx, found_name);
338 : }
339 :
340 0 : if (result == -1) {
341 0 : DEBUG(10, ("smbd_gpfs_get_realfilename_path returned %s\n",
342 : strerror(errno)));
343 0 : return map_nt_error_from_unix(errno);
344 : }
345 :
346 : /*
347 : * GPFS does not necessarily null-terminate the returned path
348 : * but instead returns the buffer length in buflen.
349 : */
350 :
351 0 : if (buflen < sizeof(real_pathname)) {
352 0 : real_pathname[buflen] = '\0';
353 : } else {
354 0 : real_pathname[sizeof(real_pathname)-1] = '\0';
355 : }
356 :
357 0 : DBG_DEBUG("%s/%s -> %s\n",
358 : fsp_str_dbg(dirfsp),
359 : name,
360 : real_pathname);
361 :
362 0 : name = strrchr_m(real_pathname, '/');
363 0 : if (name == NULL) {
364 0 : return NT_STATUS_OBJECT_NAME_NOT_FOUND;
365 : }
366 :
367 0 : *found_name = talloc_strdup(mem_ctx, name+1);
368 0 : if (*found_name == NULL) {
369 0 : return NT_STATUS_NO_MEMORY;
370 : }
371 :
372 0 : return NT_STATUS_OK;
373 : }
374 :
375 0 : static void sd2gpfs_control(uint16_t control, struct gpfs_acl *gacl)
376 : {
377 0 : unsigned int gpfs_aclflags = 0;
378 0 : control &= SEC_DESC_DACL_PROTECTED | SEC_DESC_SACL_PROTECTED |
379 : SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_SACL_AUTO_INHERITED |
380 : SEC_DESC_DACL_DEFAULTED | SEC_DESC_SACL_DEFAULTED |
381 : SEC_DESC_DACL_PRESENT | SEC_DESC_SACL_PRESENT;
382 0 : gpfs_aclflags = control << 8;
383 0 : if (!(control & SEC_DESC_DACL_PRESENT))
384 0 : gpfs_aclflags |= ACL4_FLAG_NULL_DACL;
385 0 : if (!(control & SEC_DESC_SACL_PRESENT))
386 0 : gpfs_aclflags |= ACL4_FLAG_NULL_SACL;
387 0 : gacl->acl_level = GPFS_ACL_LEVEL_V4FLAGS;
388 0 : gacl->v4Level1.acl_flags = gpfs_aclflags;
389 0 : }
390 :
391 0 : static uint16_t gpfs2sd_control(unsigned int gpfs_aclflags)
392 : {
393 0 : uint16_t control = gpfs_aclflags >> 8;
394 0 : control &= SEC_DESC_DACL_PROTECTED | SEC_DESC_SACL_PROTECTED |
395 : SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_SACL_AUTO_INHERITED |
396 : SEC_DESC_DACL_DEFAULTED | SEC_DESC_SACL_DEFAULTED |
397 : SEC_DESC_DACL_PRESENT | SEC_DESC_SACL_PRESENT;
398 0 : control |= SEC_DESC_SELF_RELATIVE;
399 0 : return control;
400 : }
401 :
402 0 : static void gpfs_dumpacl(int level, struct gpfs_acl *gacl)
403 : {
404 : gpfs_aclCount_t i;
405 0 : if (gacl==NULL)
406 : {
407 0 : DEBUG(0, ("gpfs acl is NULL\n"));
408 0 : return;
409 : }
410 :
411 0 : DEBUG(level, ("len: %d, level: %d, version: %d, nace: %d, "
412 : "control: %x\n",
413 : gacl->acl_len, gacl->acl_level, gacl->acl_version,
414 : gacl->acl_nace, gpfs_acl_flags(gacl)));
415 :
416 0 : for(i=0; i<gacl->acl_nace; i++)
417 : {
418 0 : struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, i);
419 0 : DEBUG(level, ("\tace[%d]: type:%d, flags:0x%x, mask:0x%x, "
420 : "iflags:0x%x, who:%u\n",
421 : i, gace->aceType, gace->aceFlags, gace->aceMask,
422 : gace->aceIFlags, gace->aceWho));
423 : }
424 : }
425 :
426 0 : static int gpfs_getacl_with_capability(struct files_struct *fsp,
427 : int flags,
428 : void *buf)
429 : {
430 : int ret, saved_errno;
431 :
432 0 : set_effective_capability(DAC_OVERRIDE_CAPABILITY);
433 :
434 0 : ret = gpfswrap_fgetacl(fsp_get_pathref_fd(fsp), flags, buf);
435 0 : saved_errno = errno;
436 :
437 0 : drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
438 :
439 0 : errno = saved_errno;
440 0 : return ret;
441 : }
442 :
443 : /*
444 : * get the ACL from GPFS, allocated on the specified mem_ctx
445 : * internally retries when initial buffer was too small
446 : *
447 : * caller needs to cast result to either
448 : * raw = yes: struct gpfs_opaque_acl
449 : * raw = no: struct gpfs_acl
450 : *
451 : */
452 0 : static void *vfs_gpfs_getacl(TALLOC_CTX *mem_ctx,
453 : struct files_struct *fsp,
454 : const bool raw,
455 : const gpfs_aclType_t type)
456 : {
457 0 : const char *fname = fsp->fsp_name->base_name;
458 : void *aclbuf;
459 0 : size_t size = 512;
460 : int ret, flags;
461 : unsigned int *len;
462 : size_t struct_size;
463 0 : bool use_capability = false;
464 :
465 0 : again:
466 :
467 0 : aclbuf = talloc_zero_size(mem_ctx, size);
468 0 : if (aclbuf == NULL) {
469 0 : errno = ENOMEM;
470 0 : return NULL;
471 : }
472 :
473 0 : if (raw) {
474 0 : struct gpfs_opaque_acl *buf = (struct gpfs_opaque_acl *) aclbuf;
475 0 : buf->acl_type = type;
476 0 : flags = GPFS_GETACL_NATIVE;
477 0 : len = (unsigned int *) &(buf->acl_buffer_len);
478 0 : struct_size = sizeof(struct gpfs_opaque_acl);
479 : } else {
480 0 : struct gpfs_acl *buf = (struct gpfs_acl *) aclbuf;
481 0 : buf->acl_type = type;
482 0 : buf->acl_level = GPFS_ACL_LEVEL_V4FLAGS;
483 0 : flags = GPFS_GETACL_STRUCT;
484 0 : len = &(buf->acl_len);
485 : /* reserve space for control flags in gpfs 3.5 and beyond */
486 0 : struct_size = sizeof(struct gpfs_acl) + sizeof(unsigned int);
487 : }
488 :
489 : /* set the length of the buffer as input value */
490 0 : *len = size;
491 :
492 0 : if (use_capability) {
493 0 : ret = gpfs_getacl_with_capability(fsp, flags, aclbuf);
494 : } else {
495 0 : ret = gpfswrap_fgetacl(fsp_get_pathref_fd(fsp), flags, aclbuf);
496 0 : if ((ret != 0) && (errno == EACCES)) {
497 0 : DBG_DEBUG("Retry with DAC capability for %s\n", fname);
498 0 : use_capability = true;
499 0 : ret = gpfs_getacl_with_capability(fsp, flags, aclbuf);
500 : }
501 : }
502 :
503 0 : if ((ret != 0) && (errno == ENOSPC)) {
504 : /*
505 : * get the size needed to accommodate the complete buffer
506 : *
507 : * the value returned only applies to the ACL blob in the
508 : * struct so make sure to also have headroom for the first
509 : * struct members by adding room for the complete struct
510 : * (might be a few bytes too much then)
511 : */
512 0 : size = *len + struct_size;
513 0 : talloc_free(aclbuf);
514 0 : DEBUG(10, ("Increasing ACL buffer size to %zu\n", size));
515 0 : goto again;
516 : }
517 :
518 0 : if (ret != 0) {
519 0 : DEBUG(5, ("smbd_gpfs_getacl failed with %s\n",
520 : strerror(errno)));
521 0 : talloc_free(aclbuf);
522 0 : return NULL;
523 : }
524 :
525 0 : return aclbuf;
526 : }
527 :
528 : /* Tries to get nfs4 acls and returns SMB ACL allocated.
529 : * On failure returns 1 if it got non-NFSv4 ACL to prompt
530 : * retry with POSIX ACL checks.
531 : * On failure returns -1 if there is system (GPFS) error, check errno.
532 : * Returns 0 on success
533 : */
534 0 : static int gpfs_get_nfs4_acl(TALLOC_CTX *mem_ctx,
535 : struct files_struct *fsp,
536 : struct SMB4ACL_T **ppacl)
537 : {
538 0 : const char *fname = fsp->fsp_name->base_name;
539 : gpfs_aclCount_t i;
540 0 : struct gpfs_acl *gacl = NULL;
541 0 : DEBUG(10, ("gpfs_get_nfs4_acl invoked for %s\n", fname));
542 :
543 : /* Get the ACL */
544 0 : gacl = (struct gpfs_acl*) vfs_gpfs_getacl(talloc_tos(), fsp,
545 : false, 0);
546 0 : if (gacl == NULL) {
547 0 : DEBUG(9, ("gpfs_getacl failed for %s with %s\n",
548 : fname, strerror(errno)));
549 0 : if (errno == ENODATA) {
550 : /*
551 : * GPFS returns ENODATA for snapshot
552 : * directories. Retry with POSIX ACLs check.
553 : */
554 0 : return 1;
555 : }
556 :
557 0 : return -1;
558 : }
559 :
560 0 : if (gacl->acl_type != GPFS_ACL_TYPE_NFS4) {
561 0 : DEBUG(10, ("Got non-nfsv4 acl\n"));
562 : /* Retry with POSIX ACLs check */
563 0 : talloc_free(gacl);
564 0 : return 1;
565 : }
566 :
567 0 : *ppacl = smb_create_smb4acl(mem_ctx);
568 :
569 0 : if (gacl->acl_level == GPFS_ACL_LEVEL_V4FLAGS) {
570 0 : uint16_t control = gpfs2sd_control(gpfs_acl_flags(gacl));
571 0 : smbacl4_set_controlflags(*ppacl, control);
572 : }
573 :
574 0 : DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d, control: %x\n",
575 : gacl->acl_len, gacl->acl_level, gacl->acl_version,
576 : gacl->acl_nace, gpfs_acl_flags(gacl)));
577 :
578 0 : for (i=0; i<gacl->acl_nace; i++) {
579 0 : struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, i);
580 0 : SMB_ACE4PROP_T smbace = { 0 };
581 0 : DEBUG(10, ("type: %d, iflags: %x, flags: %x, mask: %x, "
582 : "who: %d\n", gace->aceType, gace->aceIFlags,
583 : gace->aceFlags, gace->aceMask, gace->aceWho));
584 :
585 0 : if (gace->aceIFlags & ACE4_IFLAG_SPECIAL_ID) {
586 0 : smbace.flags |= SMB_ACE4_ID_SPECIAL;
587 0 : switch (gace->aceWho) {
588 0 : case ACE4_SPECIAL_OWNER:
589 0 : smbace.who.special_id = SMB_ACE4_WHO_OWNER;
590 0 : break;
591 0 : case ACE4_SPECIAL_GROUP:
592 0 : smbace.who.special_id = SMB_ACE4_WHO_GROUP;
593 0 : break;
594 0 : case ACE4_SPECIAL_EVERYONE:
595 0 : smbace.who.special_id = SMB_ACE4_WHO_EVERYONE;
596 0 : break;
597 0 : default:
598 0 : DEBUG(8, ("invalid special gpfs id %d "
599 : "ignored\n", gace->aceWho));
600 0 : continue; /* don't add it */
601 : }
602 : } else {
603 0 : if (gace->aceFlags & ACE4_FLAG_GROUP_ID)
604 0 : smbace.who.gid = gace->aceWho;
605 : else
606 0 : smbace.who.uid = gace->aceWho;
607 : }
608 :
609 : /* remove redundant deny entries */
610 0 : if (i > 0 && gace->aceType == SMB_ACE4_ACCESS_DENIED_ACE_TYPE) {
611 0 : struct gpfs_ace_v4 *prev = gpfs_ace_ptr(gacl, i - 1);
612 0 : if (prev->aceType == SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE &&
613 0 : prev->aceFlags == gace->aceFlags &&
614 0 : prev->aceIFlags == gace->aceIFlags &&
615 0 : (gace->aceMask & prev->aceMask) == 0 &&
616 0 : gace->aceWho == prev->aceWho) {
617 : /* it's redundant - skip it */
618 0 : continue;
619 : }
620 : }
621 :
622 0 : smbace.aceType = gace->aceType;
623 0 : smbace.aceFlags = gace->aceFlags;
624 0 : smbace.aceMask = gace->aceMask;
625 0 : smb_add_ace4(*ppacl, &smbace);
626 : }
627 :
628 0 : talloc_free(gacl);
629 :
630 0 : return 0;
631 : }
632 :
633 0 : static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle,
634 : files_struct *fsp, uint32_t security_info,
635 : TALLOC_CTX *mem_ctx,
636 : struct security_descriptor **ppdesc)
637 : {
638 0 : struct SMB4ACL_T *pacl = NULL;
639 : int result;
640 : struct gpfs_config_data *config;
641 0 : TALLOC_CTX *frame = talloc_stackframe();
642 : NTSTATUS status;
643 :
644 0 : *ppdesc = NULL;
645 :
646 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
647 : struct gpfs_config_data,
648 : return NT_STATUS_INTERNAL_ERROR);
649 :
650 0 : if (!config->acl) {
651 0 : status = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info,
652 : mem_ctx, ppdesc);
653 0 : TALLOC_FREE(frame);
654 0 : return status;
655 : }
656 :
657 0 : result = gpfs_get_nfs4_acl(frame, fsp, &pacl);
658 :
659 0 : if (result == 0) {
660 0 : status = smb_fget_nt_acl_nfs4(fsp, &config->nfs4_params,
661 : security_info,
662 : mem_ctx, ppdesc, pacl);
663 0 : TALLOC_FREE(frame);
664 0 : return status;
665 : }
666 :
667 0 : if (result > 0) {
668 0 : DEBUG(10, ("retrying with posix acl...\n"));
669 0 : status = posix_fget_nt_acl(fsp, security_info,
670 : mem_ctx, ppdesc);
671 0 : TALLOC_FREE(frame);
672 0 : return status;
673 : }
674 :
675 0 : TALLOC_FREE(frame);
676 :
677 : /* GPFS ACL was not read, something wrong happened, error code is set in errno */
678 0 : return map_nt_error_from_unix(errno);
679 : }
680 :
681 0 : static bool vfs_gpfs_nfs4_ace_to_gpfs_ace(SMB_ACE4PROP_T *nfs4_ace,
682 : struct gpfs_ace_v4 *gace,
683 : uid_t owner_uid)
684 : {
685 0 : gace->aceType = nfs4_ace->aceType;
686 0 : gace->aceFlags = nfs4_ace->aceFlags;
687 0 : gace->aceMask = nfs4_ace->aceMask;
688 :
689 0 : if (nfs4_ace->flags & SMB_ACE4_ID_SPECIAL) {
690 0 : switch(nfs4_ace->who.special_id) {
691 0 : case SMB_ACE4_WHO_EVERYONE:
692 0 : gace->aceIFlags = ACE4_IFLAG_SPECIAL_ID;
693 0 : gace->aceWho = ACE4_SPECIAL_EVERYONE;
694 0 : break;
695 0 : case SMB_ACE4_WHO_OWNER:
696 : /*
697 : * With GPFS it is not possible to deny ACL or
698 : * attribute access to the owner. Setting an
699 : * ACL with such an entry is not possible.
700 : * Denying ACL or attribute access for the
701 : * owner through a named ACL entry can be
702 : * stored in an ACL, it is just not effective.
703 : *
704 : * Map this case to a named entry to allow at
705 : * least setting this ACL, which will be
706 : * enforced by the smbd permission check. Do
707 : * not do this for an inheriting OWNER entry,
708 : * as this represents a CREATOR OWNER ACE. The
709 : * remaining limitation is that CREATOR OWNER
710 : * cannot deny ACL or attribute access.
711 : */
712 0 : if (!nfs_ace_is_inherit(nfs4_ace) &&
713 0 : nfs4_ace->aceType ==
714 0 : SMB_ACE4_ACCESS_DENIED_ACE_TYPE &&
715 0 : nfs4_ace->aceMask & (SMB_ACE4_READ_ATTRIBUTES|
716 : SMB_ACE4_WRITE_ATTRIBUTES|
717 : SMB_ACE4_READ_ACL|
718 : SMB_ACE4_WRITE_ACL)) {
719 0 : gace->aceIFlags = 0;
720 0 : gace->aceWho = owner_uid;
721 : } else {
722 0 : gace->aceIFlags = ACE4_IFLAG_SPECIAL_ID;
723 0 : gace->aceWho = ACE4_SPECIAL_OWNER;
724 : }
725 0 : break;
726 0 : case SMB_ACE4_WHO_GROUP:
727 0 : gace->aceIFlags = ACE4_IFLAG_SPECIAL_ID;
728 0 : gace->aceWho = ACE4_SPECIAL_GROUP;
729 0 : break;
730 0 : default:
731 0 : DBG_WARNING("Unsupported special_id %d\n",
732 : nfs4_ace->who.special_id);
733 0 : return false;
734 : }
735 :
736 0 : return true;
737 : }
738 :
739 0 : gace->aceIFlags = 0;
740 0 : gace->aceWho = (nfs4_ace->aceFlags & SMB_ACE4_IDENTIFIER_GROUP) ?
741 0 : nfs4_ace->who.gid : nfs4_ace->who.uid;
742 :
743 0 : return true;
744 : }
745 :
746 0 : static struct gpfs_acl *vfs_gpfs_smbacl2gpfsacl(TALLOC_CTX *mem_ctx,
747 : files_struct *fsp,
748 : struct SMB4ACL_T *smbacl,
749 : bool controlflags)
750 : {
751 : struct gpfs_acl *gacl;
752 : gpfs_aclLen_t gacl_len;
753 : struct SMB4ACE_T *smbace;
754 :
755 0 : gacl_len = offsetof(gpfs_acl_t, ace_v4) + sizeof(unsigned int)
756 0 : + smb_get_naces(smbacl) * sizeof(gpfs_ace_v4_t);
757 :
758 0 : gacl = (struct gpfs_acl *)TALLOC_SIZE(mem_ctx, gacl_len);
759 0 : if (gacl == NULL) {
760 0 : DEBUG(0, ("talloc failed\n"));
761 0 : errno = ENOMEM;
762 0 : return NULL;
763 : }
764 :
765 0 : gacl->acl_level = GPFS_ACL_LEVEL_BASE;
766 0 : gacl->acl_version = GPFS_ACL_VERSION_NFS4;
767 0 : gacl->acl_type = GPFS_ACL_TYPE_NFS4;
768 0 : gacl->acl_nace = 0; /* change later... */
769 :
770 0 : if (controlflags) {
771 0 : gacl->acl_level = GPFS_ACL_LEVEL_V4FLAGS;
772 0 : sd2gpfs_control(smbacl4_get_controlflags(smbacl), gacl);
773 : }
774 :
775 0 : for (smbace=smb_first_ace4(smbacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) {
776 0 : struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, gacl->acl_nace);
777 0 : SMB_ACE4PROP_T *aceprop = smb_get_ace4(smbace);
778 : bool add_ace;
779 :
780 0 : add_ace = vfs_gpfs_nfs4_ace_to_gpfs_ace(aceprop, gace,
781 0 : fsp->fsp_name->st.st_ex_uid);
782 0 : if (!add_ace) {
783 0 : continue;
784 : }
785 :
786 0 : gacl->acl_nace++;
787 : }
788 0 : gacl->acl_len = (char *)gpfs_ace_ptr(gacl, gacl->acl_nace)
789 0 : - (char *)gacl;
790 0 : return gacl;
791 : }
792 :
793 0 : static bool gpfsacl_process_smbacl(vfs_handle_struct *handle,
794 : files_struct *fsp,
795 : struct SMB4ACL_T *smbacl)
796 : {
797 : int ret;
798 : struct gpfs_acl *gacl;
799 0 : TALLOC_CTX *mem_ctx = talloc_tos();
800 :
801 0 : gacl = vfs_gpfs_smbacl2gpfsacl(mem_ctx, fsp, smbacl, true);
802 0 : if (gacl == NULL) { /* out of memory */
803 0 : return False;
804 : }
805 0 : ret = gpfswrap_putacl(fsp->fsp_name->base_name,
806 : GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA, gacl);
807 :
808 0 : if ((ret != 0) && (errno == EINVAL)) {
809 0 : DEBUG(10, ("Retry without nfs41 control flags\n"));
810 0 : talloc_free(gacl);
811 0 : gacl = vfs_gpfs_smbacl2gpfsacl(mem_ctx, fsp, smbacl, false);
812 0 : if (gacl == NULL) { /* out of memory */
813 0 : return False;
814 : }
815 0 : ret = gpfswrap_putacl(fsp->fsp_name->base_name,
816 : GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA,
817 : gacl);
818 : }
819 :
820 0 : if (ret != 0) {
821 0 : DEBUG(8, ("gpfs_putacl failed with %s\n", strerror(errno)));
822 0 : gpfs_dumpacl(8, gacl);
823 0 : return False;
824 : }
825 :
826 0 : DEBUG(10, ("gpfs_putacl succeeded\n"));
827 0 : return True;
828 : }
829 :
830 0 : static NTSTATUS gpfsacl_set_nt_acl_internal(vfs_handle_struct *handle, files_struct *fsp, uint32_t security_info_sent, const struct security_descriptor *psd)
831 : {
832 : struct gpfs_acl *acl;
833 0 : NTSTATUS result = NT_STATUS_ACCESS_DENIED;
834 :
835 0 : acl = (struct gpfs_acl*) vfs_gpfs_getacl(talloc_tos(),
836 : fsp,
837 : false, 0);
838 0 : if (acl == NULL) {
839 0 : return map_nt_error_from_unix(errno);
840 : }
841 :
842 0 : if (acl->acl_version == GPFS_ACL_VERSION_NFS4) {
843 : struct gpfs_config_data *config;
844 :
845 0 : if (lp_parm_bool(fsp->conn->params->service, "gpfs",
846 : "refuse_dacl_protected", false)
847 0 : && (psd->type&SEC_DESC_DACL_PROTECTED)) {
848 0 : DEBUG(2, ("Rejecting unsupported ACL with DACL_PROTECTED bit set\n"));
849 0 : talloc_free(acl);
850 0 : return NT_STATUS_NOT_SUPPORTED;
851 : }
852 :
853 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
854 : struct gpfs_config_data,
855 : return NT_STATUS_INTERNAL_ERROR);
856 :
857 0 : result = smb_set_nt_acl_nfs4(handle,
858 0 : fsp, &config->nfs4_params, security_info_sent, psd,
859 : gpfsacl_process_smbacl);
860 : } else { /* assume POSIX ACL - by default... */
861 0 : result = set_nt_acl(fsp, security_info_sent, psd);
862 : }
863 :
864 0 : talloc_free(acl);
865 0 : return result;
866 : }
867 :
868 0 : static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32_t security_info_sent, const struct security_descriptor *psd)
869 : {
870 : struct gpfs_config_data *config;
871 :
872 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
873 : struct gpfs_config_data,
874 : return NT_STATUS_INTERNAL_ERROR);
875 :
876 0 : if (!config->acl) {
877 0 : return SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
878 : }
879 :
880 0 : return gpfsacl_set_nt_acl_internal(handle, fsp, security_info_sent, psd);
881 : }
882 :
883 0 : static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl, TALLOC_CTX *mem_ctx)
884 : {
885 : SMB_ACL_T result;
886 : gpfs_aclCount_t i;
887 :
888 0 : result = sys_acl_init(mem_ctx);
889 0 : if (result == NULL) {
890 0 : errno = ENOMEM;
891 0 : return NULL;
892 : }
893 :
894 0 : result->count = pacl->acl_nace;
895 0 : result->acl = talloc_realloc(result, result->acl, struct smb_acl_entry,
896 : result->count);
897 0 : if (result->acl == NULL) {
898 0 : TALLOC_FREE(result);
899 0 : errno = ENOMEM;
900 0 : return NULL;
901 : }
902 :
903 0 : for (i=0; i<pacl->acl_nace; i++) {
904 0 : struct smb_acl_entry *ace = &result->acl[i];
905 0 : const struct gpfs_ace_v1 *g_ace = &pacl->ace_v1[i];
906 :
907 0 : DEBUG(10, ("Converting type %d id %lu perm %x\n",
908 : (int)g_ace->ace_type, (unsigned long)g_ace->ace_who,
909 : (int)g_ace->ace_perm));
910 :
911 0 : switch (g_ace->ace_type) {
912 0 : case GPFS_ACL_USER:
913 0 : ace->a_type = SMB_ACL_USER;
914 0 : ace->info.user.uid = (uid_t)g_ace->ace_who;
915 0 : break;
916 0 : case GPFS_ACL_USER_OBJ:
917 0 : ace->a_type = SMB_ACL_USER_OBJ;
918 0 : break;
919 0 : case GPFS_ACL_GROUP:
920 0 : ace->a_type = SMB_ACL_GROUP;
921 0 : ace->info.group.gid = (gid_t)g_ace->ace_who;
922 0 : break;
923 0 : case GPFS_ACL_GROUP_OBJ:
924 0 : ace->a_type = SMB_ACL_GROUP_OBJ;
925 0 : break;
926 0 : case GPFS_ACL_OTHER:
927 0 : ace->a_type = SMB_ACL_OTHER;
928 0 : break;
929 0 : case GPFS_ACL_MASK:
930 0 : ace->a_type = SMB_ACL_MASK;
931 0 : break;
932 0 : default:
933 0 : DEBUG(10, ("Got invalid ace_type: %d\n",
934 : g_ace->ace_type));
935 0 : TALLOC_FREE(result);
936 0 : errno = EINVAL;
937 0 : return NULL;
938 : }
939 :
940 0 : ace->a_perm = 0;
941 0 : ace->a_perm |= (g_ace->ace_perm & ACL_PERM_READ) ?
942 0 : SMB_ACL_READ : 0;
943 0 : ace->a_perm |= (g_ace->ace_perm & ACL_PERM_WRITE) ?
944 0 : SMB_ACL_WRITE : 0;
945 0 : ace->a_perm |= (g_ace->ace_perm & ACL_PERM_EXECUTE) ?
946 0 : SMB_ACL_EXECUTE : 0;
947 :
948 0 : DEBUGADD(10, ("Converted to %d perm %x\n",
949 : ace->a_type, ace->a_perm));
950 : }
951 :
952 0 : return result;
953 : }
954 :
955 0 : static SMB_ACL_T gpfsacl_get_posix_acl(struct files_struct *fsp,
956 : gpfs_aclType_t type,
957 : TALLOC_CTX *mem_ctx)
958 : {
959 : struct gpfs_acl *pacl;
960 0 : SMB_ACL_T result = NULL;
961 :
962 0 : pacl = vfs_gpfs_getacl(talloc_tos(), fsp, false, type);
963 :
964 0 : if (pacl == NULL) {
965 0 : DBG_DEBUG("vfs_gpfs_getacl failed for %s with %s\n",
966 : fsp_str_dbg(fsp), strerror(errno));
967 0 : if (errno == 0) {
968 0 : errno = EINVAL;
969 : }
970 0 : goto done;
971 : }
972 :
973 0 : if (pacl->acl_version != GPFS_ACL_VERSION_POSIX) {
974 0 : DEBUG(10, ("Got acl version %d, expected %d\n",
975 : pacl->acl_version, GPFS_ACL_VERSION_POSIX));
976 0 : errno = EINVAL;
977 0 : goto done;
978 : }
979 :
980 0 : DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d\n",
981 : pacl->acl_len, pacl->acl_level, pacl->acl_version,
982 : pacl->acl_nace));
983 :
984 0 : result = gpfs2smb_acl(pacl, mem_ctx);
985 0 : if (result != NULL) {
986 0 : errno = 0;
987 : }
988 :
989 0 : done:
990 :
991 0 : if (pacl != NULL) {
992 0 : talloc_free(pacl);
993 : }
994 0 : if (errno != 0) {
995 0 : TALLOC_FREE(result);
996 : }
997 0 : return result;
998 : }
999 :
1000 0 : static SMB_ACL_T gpfsacl_sys_acl_get_fd(vfs_handle_struct *handle,
1001 : files_struct *fsp,
1002 : SMB_ACL_TYPE_T type,
1003 : TALLOC_CTX *mem_ctx)
1004 : {
1005 : gpfs_aclType_t gpfs_type;
1006 : struct gpfs_config_data *config;
1007 :
1008 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1009 : struct gpfs_config_data,
1010 : return NULL);
1011 :
1012 0 : if (!config->acl) {
1013 0 : return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, type, mem_ctx);
1014 : }
1015 :
1016 0 : switch(type) {
1017 0 : case SMB_ACL_TYPE_ACCESS:
1018 0 : gpfs_type = GPFS_ACL_TYPE_ACCESS;
1019 0 : break;
1020 0 : case SMB_ACL_TYPE_DEFAULT:
1021 0 : gpfs_type = GPFS_ACL_TYPE_DEFAULT;
1022 0 : break;
1023 0 : default:
1024 0 : DEBUG(0, ("Got invalid type: %d\n", type));
1025 0 : smb_panic("exiting");
1026 : }
1027 0 : return gpfsacl_get_posix_acl(fsp, gpfs_type, mem_ctx);
1028 : }
1029 :
1030 0 : static int gpfsacl_sys_acl_blob_get_fd(vfs_handle_struct *handle,
1031 : files_struct *fsp,
1032 : TALLOC_CTX *mem_ctx,
1033 : char **blob_description,
1034 : DATA_BLOB *blob)
1035 : {
1036 : struct gpfs_config_data *config;
1037 0 : struct gpfs_opaque_acl *acl = NULL;
1038 : DATA_BLOB aclblob;
1039 : int result;
1040 :
1041 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1042 : struct gpfs_config_data,
1043 : return -1);
1044 :
1045 0 : if (!config->acl) {
1046 0 : return SMB_VFS_NEXT_SYS_ACL_BLOB_GET_FD(handle, fsp, mem_ctx,
1047 : blob_description, blob);
1048 : }
1049 :
1050 0 : errno = 0;
1051 0 : acl = (struct gpfs_opaque_acl *) vfs_gpfs_getacl(mem_ctx,
1052 : fsp,
1053 : true,
1054 : GPFS_ACL_TYPE_NFS4);
1055 :
1056 0 : if (errno) {
1057 0 : DEBUG(5, ("vfs_gpfs_getacl finished with errno %d: %s\n",
1058 : errno, strerror(errno)));
1059 :
1060 : /* EINVAL means POSIX ACL, bail out on other cases */
1061 0 : if (errno != EINVAL) {
1062 0 : return -1;
1063 : }
1064 : }
1065 :
1066 0 : if (acl != NULL) {
1067 : /*
1068 : * file has NFSv4 ACL
1069 : *
1070 : * we only need the actual ACL blob here
1071 : * acl_version will always be NFS4 because we asked
1072 : * for NFS4
1073 : * acl_type is only used for POSIX ACLs
1074 : */
1075 0 : aclblob.data = (uint8_t*) acl->acl_var_data;
1076 0 : aclblob.length = acl->acl_buffer_len;
1077 :
1078 0 : *blob_description = talloc_strdup(mem_ctx, "gpfs_nfs4_acl");
1079 0 : if (!*blob_description) {
1080 0 : talloc_free(acl);
1081 0 : errno = ENOMEM;
1082 0 : return -1;
1083 : }
1084 :
1085 0 : result = non_posix_sys_acl_blob_get_fd_helper(handle, fsp,
1086 : aclblob, mem_ctx,
1087 : blob);
1088 :
1089 0 : talloc_free(acl);
1090 0 : return result;
1091 : }
1092 :
1093 : /* fall back to POSIX ACL */
1094 0 : return posix_sys_acl_blob_get_fd(handle, fsp, mem_ctx,
1095 : blob_description, blob);
1096 : }
1097 :
1098 0 : static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl,
1099 : SMB_ACL_TYPE_T type)
1100 : {
1101 : gpfs_aclLen_t len;
1102 : struct gpfs_acl *result;
1103 : int i;
1104 :
1105 0 : DEBUG(10, ("smb2gpfs_acl: Got ACL with %d entries\n", pacl->count));
1106 :
1107 0 : len = offsetof(gpfs_acl_t, ace_v1) + (pacl->count) *
1108 : sizeof(gpfs_ace_v1_t);
1109 :
1110 0 : result = (struct gpfs_acl *)SMB_MALLOC(len);
1111 0 : if (result == NULL) {
1112 0 : errno = ENOMEM;
1113 0 : return result;
1114 : }
1115 :
1116 0 : result->acl_len = len;
1117 0 : result->acl_level = 0;
1118 0 : result->acl_version = GPFS_ACL_VERSION_POSIX;
1119 0 : result->acl_type = (type == SMB_ACL_TYPE_DEFAULT) ?
1120 0 : GPFS_ACL_TYPE_DEFAULT : GPFS_ACL_TYPE_ACCESS;
1121 0 : result->acl_nace = pacl->count;
1122 :
1123 0 : for (i=0; i<pacl->count; i++) {
1124 0 : const struct smb_acl_entry *ace = &pacl->acl[i];
1125 0 : struct gpfs_ace_v1 *g_ace = &result->ace_v1[i];
1126 :
1127 0 : DEBUG(10, ("Converting type %d perm %x\n",
1128 : (int)ace->a_type, (int)ace->a_perm));
1129 :
1130 0 : g_ace->ace_perm = 0;
1131 :
1132 0 : switch(ace->a_type) {
1133 0 : case SMB_ACL_USER:
1134 0 : g_ace->ace_type = GPFS_ACL_USER;
1135 0 : g_ace->ace_who = (gpfs_uid_t)ace->info.user.uid;
1136 0 : break;
1137 0 : case SMB_ACL_USER_OBJ:
1138 0 : g_ace->ace_type = GPFS_ACL_USER_OBJ;
1139 0 : g_ace->ace_perm |= ACL_PERM_CONTROL;
1140 0 : g_ace->ace_who = 0;
1141 0 : break;
1142 0 : case SMB_ACL_GROUP:
1143 0 : g_ace->ace_type = GPFS_ACL_GROUP;
1144 0 : g_ace->ace_who = (gpfs_uid_t)ace->info.group.gid;
1145 0 : break;
1146 0 : case SMB_ACL_GROUP_OBJ:
1147 0 : g_ace->ace_type = GPFS_ACL_GROUP_OBJ;
1148 0 : g_ace->ace_who = 0;
1149 0 : break;
1150 0 : case SMB_ACL_MASK:
1151 0 : g_ace->ace_type = GPFS_ACL_MASK;
1152 0 : g_ace->ace_perm = 0x8f;
1153 0 : g_ace->ace_who = 0;
1154 0 : break;
1155 0 : case SMB_ACL_OTHER:
1156 0 : g_ace->ace_type = GPFS_ACL_OTHER;
1157 0 : g_ace->ace_who = 0;
1158 0 : break;
1159 0 : default:
1160 0 : DEBUG(10, ("Got invalid ace_type: %d\n", ace->a_type));
1161 0 : errno = EINVAL;
1162 0 : SAFE_FREE(result);
1163 0 : return NULL;
1164 : }
1165 :
1166 0 : g_ace->ace_perm |= (ace->a_perm & SMB_ACL_READ) ?
1167 0 : ACL_PERM_READ : 0;
1168 0 : g_ace->ace_perm |= (ace->a_perm & SMB_ACL_WRITE) ?
1169 0 : ACL_PERM_WRITE : 0;
1170 0 : g_ace->ace_perm |= (ace->a_perm & SMB_ACL_EXECUTE) ?
1171 0 : ACL_PERM_EXECUTE : 0;
1172 :
1173 0 : DEBUGADD(10, ("Converted to %d id %d perm %x\n",
1174 : g_ace->ace_type, g_ace->ace_who, g_ace->ace_perm));
1175 : }
1176 :
1177 0 : return result;
1178 : }
1179 :
1180 0 : static int gpfsacl_sys_acl_set_fd(vfs_handle_struct *handle,
1181 : files_struct *fsp,
1182 : SMB_ACL_TYPE_T type,
1183 : SMB_ACL_T theacl)
1184 : {
1185 : struct gpfs_config_data *config;
1186 0 : struct gpfs_acl *gpfs_acl = NULL;
1187 : int result;
1188 :
1189 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1190 : struct gpfs_config_data,
1191 : return -1);
1192 :
1193 0 : if (!config->acl) {
1194 0 : return SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, type, theacl);
1195 : }
1196 :
1197 0 : gpfs_acl = smb2gpfs_acl(theacl, type);
1198 0 : if (gpfs_acl == NULL) {
1199 0 : return -1;
1200 : }
1201 :
1202 : /*
1203 : * This is no longer a handle based call.
1204 : */
1205 0 : result = gpfswrap_putacl(fsp->fsp_name->base_name,
1206 : GPFS_PUTACL_STRUCT|GPFS_ACL_SAMBA,
1207 : gpfs_acl);
1208 0 : SAFE_FREE(gpfs_acl);
1209 0 : return result;
1210 : }
1211 :
1212 0 : static int gpfsacl_sys_acl_delete_def_fd(vfs_handle_struct *handle,
1213 : files_struct *fsp)
1214 : {
1215 : struct gpfs_config_data *config;
1216 :
1217 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1218 : struct gpfs_config_data,
1219 : return -1);
1220 :
1221 0 : if (!config->acl) {
1222 0 : return SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FD(handle, fsp);
1223 : }
1224 :
1225 0 : errno = ENOTSUP;
1226 0 : return -1;
1227 : }
1228 :
1229 :
1230 : /*
1231 : * Assumed: mode bits are shiftable and standard
1232 : * Output: the new aceMask field for an smb nfs4 ace
1233 : */
1234 0 : static uint32_t gpfsacl_mask_filter(uint32_t aceType, uint32_t aceMask, uint32_t rwx)
1235 : {
1236 0 : const uint32_t posix_nfs4map[3] = {
1237 : SMB_ACE4_EXECUTE, /* execute */
1238 : SMB_ACE4_WRITE_DATA | SMB_ACE4_APPEND_DATA, /* write; GPFS specific */
1239 : SMB_ACE4_READ_DATA /* read */
1240 : };
1241 : int i;
1242 0 : uint32_t posix_mask = 0x01;
1243 : uint32_t posix_bit;
1244 : uint32_t nfs4_bits;
1245 :
1246 0 : for(i=0; i<3; i++) {
1247 0 : nfs4_bits = posix_nfs4map[i];
1248 0 : posix_bit = rwx & posix_mask;
1249 :
1250 0 : if (aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) {
1251 0 : if (posix_bit)
1252 0 : aceMask |= nfs4_bits;
1253 : else
1254 0 : aceMask &= ~nfs4_bits;
1255 : } else {
1256 : /* add deny bits when suitable */
1257 0 : if (!posix_bit)
1258 0 : aceMask |= nfs4_bits;
1259 : else
1260 0 : aceMask &= ~nfs4_bits;
1261 : } /* other ace types are unexpected */
1262 :
1263 0 : posix_mask <<= 1;
1264 : }
1265 :
1266 0 : return aceMask;
1267 : }
1268 :
1269 0 : static int gpfsacl_emu_chmod(vfs_handle_struct *handle,
1270 : struct files_struct *fsp,
1271 : mode_t mode)
1272 : {
1273 0 : struct smb_filename *fname = fsp->fsp_name;
1274 0 : char *path = fsp->fsp_name->base_name;
1275 0 : struct SMB4ACL_T *pacl = NULL;
1276 : int result;
1277 0 : bool haveAllowEntry[SMB_ACE4_WHO_EVERYONE + 1] = {False, False, False, False};
1278 : int i;
1279 0 : files_struct fake_fsp = { 0 }; /* TODO: rationalize parametrization */
1280 : struct SMB4ACE_T *smbace;
1281 0 : TALLOC_CTX *frame = talloc_stackframe();
1282 :
1283 0 : DEBUG(10, ("gpfsacl_emu_chmod invoked for %s mode %o\n", path, mode));
1284 :
1285 0 : result = gpfs_get_nfs4_acl(frame, fsp, &pacl);
1286 0 : if (result) {
1287 0 : TALLOC_FREE(frame);
1288 0 : return result;
1289 : }
1290 :
1291 0 : if (mode & ~(S_IRWXU | S_IRWXG | S_IRWXO)) {
1292 0 : DEBUG(2, ("WARNING: cutting extra mode bits %o on %s\n", mode, path));
1293 : }
1294 :
1295 0 : for (smbace=smb_first_ace4(pacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) {
1296 0 : SMB_ACE4PROP_T *ace = smb_get_ace4(smbace);
1297 0 : uint32_t specid = ace->who.special_id;
1298 :
1299 0 : if (ace->flags&SMB_ACE4_ID_SPECIAL &&
1300 0 : ace->aceType<=SMB_ACE4_ACCESS_DENIED_ACE_TYPE &&
1301 : specid <= SMB_ACE4_WHO_EVERYONE) {
1302 :
1303 : uint32_t newMask;
1304 :
1305 0 : if (ace->aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE)
1306 0 : haveAllowEntry[specid] = True;
1307 :
1308 : /* mode >> 6 for @owner, mode >> 3 for @group,
1309 : * mode >> 0 for @everyone */
1310 0 : newMask = gpfsacl_mask_filter(ace->aceType, ace->aceMask,
1311 0 : mode >> ((SMB_ACE4_WHO_EVERYONE - specid) * 3));
1312 0 : if (ace->aceMask!=newMask) {
1313 0 : DEBUG(10, ("ace changed for %s (%o -> %o) id=%d\n",
1314 : path, ace->aceMask, newMask, specid));
1315 : }
1316 0 : ace->aceMask = newMask;
1317 : }
1318 : }
1319 :
1320 : /* make sure we have at least ALLOW entries
1321 : * for all the 3 special ids (@EVERYONE, @OWNER, @GROUP)
1322 : * - if necessary
1323 : */
1324 0 : for(i = SMB_ACE4_WHO_OWNER; i<=SMB_ACE4_WHO_EVERYONE; i++) {
1325 0 : SMB_ACE4PROP_T ace = { 0 };
1326 :
1327 0 : if (haveAllowEntry[i]==True)
1328 0 : continue;
1329 :
1330 0 : ace.aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE;
1331 0 : ace.flags |= SMB_ACE4_ID_SPECIAL;
1332 0 : ace.who.special_id = i;
1333 :
1334 0 : if (i==SMB_ACE4_WHO_GROUP) /* not sure it's necessary... */
1335 0 : ace.aceFlags |= SMB_ACE4_IDENTIFIER_GROUP;
1336 :
1337 0 : ace.aceMask = gpfsacl_mask_filter(ace.aceType, ace.aceMask,
1338 0 : mode >> ((SMB_ACE4_WHO_EVERYONE - i) * 3));
1339 :
1340 : /* don't add unnecessary aces */
1341 0 : if (!ace.aceMask)
1342 0 : continue;
1343 :
1344 : /* we add it to the END - as windows expects allow aces */
1345 0 : smb_add_ace4(pacl, &ace);
1346 0 : DEBUG(10, ("Added ALLOW ace for %s, mode=%o, id=%d, aceMask=%x\n",
1347 : path, mode, i, ace.aceMask));
1348 : }
1349 :
1350 : /* don't add complementary DENY ACEs here */
1351 0 : fake_fsp.fsp_name = synthetic_smb_fname(frame,
1352 : path,
1353 : NULL,
1354 : NULL,
1355 : fname->twrp,
1356 : 0);
1357 0 : if (fake_fsp.fsp_name == NULL) {
1358 0 : errno = ENOMEM;
1359 0 : TALLOC_FREE(frame);
1360 0 : return -1;
1361 : }
1362 : /* put the acl */
1363 0 : if (gpfsacl_process_smbacl(handle, &fake_fsp, pacl) == False) {
1364 0 : TALLOC_FREE(frame);
1365 0 : return -1;
1366 : }
1367 :
1368 0 : TALLOC_FREE(frame);
1369 0 : return 0; /* ok for [f]chmod */
1370 : }
1371 :
1372 0 : static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t mode)
1373 : {
1374 : SMB_STRUCT_STAT st;
1375 : int rc;
1376 :
1377 0 : rc = SMB_VFS_NEXT_FSTAT(handle, fsp, &st);
1378 0 : if (rc != 0) {
1379 0 : return -1;
1380 : }
1381 :
1382 : /* avoid chmod() if possible, to preserve acls */
1383 0 : if ((st.st_ex_mode & ~S_IFMT) == mode) {
1384 0 : return 0;
1385 : }
1386 :
1387 0 : rc = gpfsacl_emu_chmod(handle, fsp, mode);
1388 0 : if (rc == 1) {
1389 0 : return SMB_VFS_NEXT_FCHMOD(handle, fsp, mode);
1390 : }
1391 0 : return rc;
1392 : }
1393 :
1394 0 : static uint32_t vfs_gpfs_winattrs_to_dosmode(unsigned int winattrs)
1395 : {
1396 0 : uint32_t dosmode = 0;
1397 :
1398 0 : if (winattrs & GPFS_WINATTR_ARCHIVE){
1399 0 : dosmode |= FILE_ATTRIBUTE_ARCHIVE;
1400 : }
1401 0 : if (winattrs & GPFS_WINATTR_HIDDEN){
1402 0 : dosmode |= FILE_ATTRIBUTE_HIDDEN;
1403 : }
1404 0 : if (winattrs & GPFS_WINATTR_SYSTEM){
1405 0 : dosmode |= FILE_ATTRIBUTE_SYSTEM;
1406 : }
1407 0 : if (winattrs & GPFS_WINATTR_READONLY){
1408 0 : dosmode |= FILE_ATTRIBUTE_READONLY;
1409 : }
1410 0 : if (winattrs & GPFS_WINATTR_SPARSE_FILE) {
1411 0 : dosmode |= FILE_ATTRIBUTE_SPARSE;
1412 : }
1413 0 : if (winattrs & GPFS_WINATTR_OFFLINE) {
1414 0 : dosmode |= FILE_ATTRIBUTE_OFFLINE;
1415 : }
1416 :
1417 0 : return dosmode;
1418 : }
1419 :
1420 0 : static unsigned int vfs_gpfs_dosmode_to_winattrs(uint32_t dosmode)
1421 : {
1422 0 : unsigned int winattrs = 0;
1423 :
1424 0 : if (dosmode & FILE_ATTRIBUTE_ARCHIVE){
1425 0 : winattrs |= GPFS_WINATTR_ARCHIVE;
1426 : }
1427 0 : if (dosmode & FILE_ATTRIBUTE_HIDDEN){
1428 0 : winattrs |= GPFS_WINATTR_HIDDEN;
1429 : }
1430 0 : if (dosmode & FILE_ATTRIBUTE_SYSTEM){
1431 0 : winattrs |= GPFS_WINATTR_SYSTEM;
1432 : }
1433 0 : if (dosmode & FILE_ATTRIBUTE_READONLY){
1434 0 : winattrs |= GPFS_WINATTR_READONLY;
1435 : }
1436 0 : if (dosmode & FILE_ATTRIBUTE_SPARSE) {
1437 0 : winattrs |= GPFS_WINATTR_SPARSE_FILE;
1438 : }
1439 0 : if (dosmode & FILE_ATTRIBUTE_OFFLINE) {
1440 0 : winattrs |= GPFS_WINATTR_OFFLINE;
1441 : }
1442 :
1443 0 : return winattrs;
1444 : }
1445 :
1446 0 : static struct timespec gpfs_timestruc64_to_timespec(struct gpfs_timestruc64 g)
1447 : {
1448 0 : return (struct timespec) { .tv_sec = g.tv_sec, .tv_nsec = g.tv_nsec };
1449 : }
1450 :
1451 0 : static NTSTATUS vfs_gpfs_fget_dos_attributes(struct vfs_handle_struct *handle,
1452 : struct files_struct *fsp,
1453 : uint32_t *dosmode)
1454 : {
1455 : struct gpfs_config_data *config;
1456 0 : int fd = fsp_get_pathref_fd(fsp);
1457 : char buf[PATH_MAX];
1458 0 : const char *p = NULL;
1459 0 : struct gpfs_iattr64 iattr = { };
1460 0 : unsigned int litemask = 0;
1461 : struct timespec ts;
1462 : int ret;
1463 :
1464 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1465 : struct gpfs_config_data,
1466 : return NT_STATUS_INTERNAL_ERROR);
1467 :
1468 0 : if (!config->winattr) {
1469 0 : return SMB_VFS_NEXT_FGET_DOS_ATTRIBUTES(handle, fsp, dosmode);
1470 : }
1471 :
1472 0 : if (fsp->fsp_flags.is_pathref && !config->pathref_ok.gpfs_fstat_x) {
1473 0 : if (fsp->fsp_flags.have_proc_fds) {
1474 0 : p = sys_proc_fd_path(fd, buf, sizeof(buf));
1475 0 : if (p == NULL) {
1476 0 : return NT_STATUS_NO_MEMORY;
1477 : }
1478 : } else {
1479 0 : p = fsp->fsp_name->base_name;
1480 : }
1481 : }
1482 :
1483 0 : if (p != NULL) {
1484 0 : ret = gpfswrap_stat_x(p, &litemask, &iattr, sizeof(iattr));
1485 : } else {
1486 0 : ret = gpfswrap_fstat_x(fd, &litemask, &iattr, sizeof(iattr));
1487 : }
1488 0 : if (ret == -1 && errno == ENOSYS) {
1489 0 : return SMB_VFS_NEXT_FGET_DOS_ATTRIBUTES(handle, fsp, dosmode);
1490 : }
1491 :
1492 0 : if (ret == -1 && errno == EACCES) {
1493 0 : int saved_errno = 0;
1494 :
1495 : /*
1496 : * According to MS-FSA 2.1.5.1.2.1 "Algorithm to Check Access to
1497 : * an Existing File" FILE_LIST_DIRECTORY on a directory implies
1498 : * FILE_READ_ATTRIBUTES for directory entries. Being able to
1499 : * open a file implies FILE_LIST_DIRECTORY.
1500 : */
1501 :
1502 0 : set_effective_capability(DAC_OVERRIDE_CAPABILITY);
1503 :
1504 0 : if (p != NULL) {
1505 0 : ret = gpfswrap_stat_x(p,
1506 : &litemask,
1507 : &iattr,
1508 : sizeof(iattr));
1509 : } else {
1510 0 : ret = gpfswrap_fstat_x(fd,
1511 : &litemask,
1512 : &iattr,
1513 : sizeof(iattr));
1514 : }
1515 0 : if (ret == -1) {
1516 0 : saved_errno = errno;
1517 : }
1518 :
1519 0 : drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
1520 :
1521 0 : if (saved_errno != 0) {
1522 0 : errno = saved_errno;
1523 : }
1524 : }
1525 :
1526 0 : if (ret == -1) {
1527 0 : DBG_WARNING("Getting winattrs failed for %s: %s\n",
1528 : fsp->fsp_name->base_name, strerror(errno));
1529 0 : return map_nt_error_from_unix(errno);
1530 : }
1531 :
1532 0 : ts = gpfs_timestruc64_to_timespec(iattr.ia_createtime);
1533 :
1534 0 : *dosmode |= vfs_gpfs_winattrs_to_dosmode(iattr.ia_winflags);
1535 0 : update_stat_ex_create_time(&fsp->fsp_name->st, ts);
1536 :
1537 0 : return NT_STATUS_OK;
1538 : }
1539 :
1540 0 : static NTSTATUS vfs_gpfs_fset_dos_attributes(struct vfs_handle_struct *handle,
1541 : struct files_struct *fsp,
1542 : uint32_t dosmode)
1543 : {
1544 : struct gpfs_config_data *config;
1545 0 : struct gpfs_winattr attrs = { };
1546 : int ret;
1547 :
1548 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1549 : struct gpfs_config_data,
1550 : return NT_STATUS_INTERNAL_ERROR);
1551 :
1552 0 : if (!config->winattr) {
1553 0 : return SMB_VFS_NEXT_FSET_DOS_ATTRIBUTES(handle, fsp, dosmode);
1554 : }
1555 :
1556 0 : attrs.winAttrs = vfs_gpfs_dosmode_to_winattrs(dosmode);
1557 :
1558 0 : if (!fsp->fsp_flags.is_pathref) {
1559 0 : ret = gpfswrap_set_winattrs(fsp_get_io_fd(fsp),
1560 : GPFS_WINATTR_SET_ATTRS, &attrs);
1561 0 : if (ret == -1) {
1562 0 : DBG_WARNING("Setting winattrs failed for %s: %s\n",
1563 : fsp_str_dbg(fsp), strerror(errno));
1564 0 : return map_nt_error_from_unix(errno);
1565 : }
1566 0 : return NT_STATUS_OK;
1567 : }
1568 :
1569 0 : if (fsp->fsp_flags.have_proc_fds) {
1570 0 : int fd = fsp_get_pathref_fd(fsp);
1571 0 : const char *p = NULL;
1572 : char buf[PATH_MAX];
1573 :
1574 0 : p = sys_proc_fd_path(fd, buf, sizeof(buf));
1575 0 : if (p == NULL) {
1576 0 : return NT_STATUS_NO_MEMORY;
1577 : }
1578 :
1579 0 : ret = gpfswrap_set_winattrs_path(p,
1580 : GPFS_WINATTR_SET_ATTRS,
1581 : &attrs);
1582 0 : if (ret == -1) {
1583 0 : DBG_WARNING("Setting winattrs failed for [%s][%s]: %s\n",
1584 : p, fsp_str_dbg(fsp), strerror(errno));
1585 0 : return map_nt_error_from_unix(errno);
1586 : }
1587 0 : return NT_STATUS_OK;
1588 : }
1589 :
1590 : /*
1591 : * This is no longer a handle based call.
1592 : */
1593 0 : ret = gpfswrap_set_winattrs_path(fsp->fsp_name->base_name,
1594 : GPFS_WINATTR_SET_ATTRS,
1595 : &attrs);
1596 0 : if (ret == -1) {
1597 0 : DBG_WARNING("Setting winattrs failed for [%s]: %s\n",
1598 : fsp_str_dbg(fsp), strerror(errno));
1599 0 : return map_nt_error_from_unix(errno);
1600 : }
1601 :
1602 0 : return NT_STATUS_OK;
1603 : }
1604 :
1605 0 : static int stat_with_capability(struct vfs_handle_struct *handle,
1606 : struct smb_filename *smb_fname, int flag)
1607 : {
1608 0 : bool fake_dctime = lp_fake_directory_create_times(SNUM(handle->conn));
1609 0 : int fd = -1;
1610 : NTSTATUS status;
1611 0 : struct smb_filename *dir_name = NULL;
1612 0 : struct smb_filename *rel_name = NULL;
1613 0 : int ret = -1;
1614 :
1615 0 : status = SMB_VFS_PARENT_PATHNAME(handle->conn,
1616 : talloc_tos(),
1617 : smb_fname,
1618 : &dir_name,
1619 : &rel_name);
1620 0 : if (!NT_STATUS_IS_OK(status)) {
1621 0 : errno = map_errno_from_nt_status(status);
1622 0 : return -1;
1623 : }
1624 :
1625 0 : fd = open(dir_name->base_name, O_RDONLY, 0);
1626 0 : if (fd == -1) {
1627 0 : TALLOC_FREE(dir_name);
1628 0 : return -1;
1629 : }
1630 :
1631 0 : set_effective_capability(DAC_OVERRIDE_CAPABILITY);
1632 0 : ret = sys_fstatat(fd,
1633 0 : rel_name->base_name,
1634 : &smb_fname->st,
1635 : flag,
1636 : fake_dctime);
1637 :
1638 0 : drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
1639 :
1640 0 : TALLOC_FREE(dir_name);
1641 0 : close(fd);
1642 :
1643 0 : return ret;
1644 : }
1645 :
1646 0 : static int vfs_gpfs_stat(struct vfs_handle_struct *handle,
1647 : struct smb_filename *smb_fname)
1648 : {
1649 : int ret;
1650 :
1651 0 : ret = SMB_VFS_NEXT_STAT(handle, smb_fname);
1652 0 : if (ret == -1 && errno == EACCES) {
1653 0 : DEBUG(10, ("Trying stat with capability for %s\n",
1654 : smb_fname->base_name));
1655 0 : ret = stat_with_capability(handle, smb_fname, 0);
1656 : }
1657 0 : return ret;
1658 : }
1659 :
1660 0 : static int vfs_gpfs_lstat(struct vfs_handle_struct *handle,
1661 : struct smb_filename *smb_fname)
1662 : {
1663 : int ret;
1664 :
1665 0 : ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
1666 0 : if (ret == -1 && errno == EACCES) {
1667 0 : DEBUG(10, ("Trying lstat with capability for %s\n",
1668 : smb_fname->base_name));
1669 0 : ret = stat_with_capability(handle, smb_fname,
1670 : AT_SYMLINK_NOFOLLOW);
1671 : }
1672 0 : return ret;
1673 : }
1674 :
1675 0 : static int timespec_to_gpfs_time(
1676 : struct timespec ts, gpfs_timestruc_t *gt, int idx, int *flags)
1677 : {
1678 0 : if (is_omit_timespec(&ts)) {
1679 0 : return 0;
1680 : }
1681 :
1682 0 : if (ts.tv_sec < 0 || ts.tv_sec > UINT32_MAX) {
1683 0 : DBG_NOTICE("GPFS uses 32-bit unsigned timestamps "
1684 : "and cannot handle %jd.\n",
1685 : (intmax_t)ts.tv_sec);
1686 0 : errno = ERANGE;
1687 0 : return -1;
1688 : }
1689 :
1690 0 : *flags |= 1 << idx;
1691 0 : gt[idx].tv_sec = ts.tv_sec;
1692 0 : gt[idx].tv_nsec = ts.tv_nsec;
1693 0 : DBG_DEBUG("Setting GPFS time %d, flags 0x%x\n", idx, *flags);
1694 :
1695 0 : return 0;
1696 : }
1697 :
1698 0 : static int smbd_gpfs_set_times(struct files_struct *fsp,
1699 : struct smb_file_time *ft)
1700 : {
1701 : gpfs_timestruc_t gpfs_times[4];
1702 0 : int flags = 0;
1703 : int rc;
1704 :
1705 0 : ZERO_ARRAY(gpfs_times);
1706 0 : rc = timespec_to_gpfs_time(ft->atime, gpfs_times, 0, &flags);
1707 0 : if (rc != 0) {
1708 0 : return rc;
1709 : }
1710 :
1711 0 : rc = timespec_to_gpfs_time(ft->mtime, gpfs_times, 1, &flags);
1712 0 : if (rc != 0) {
1713 0 : return rc;
1714 : }
1715 :
1716 : /* No good mapping from LastChangeTime to ctime, not storing */
1717 0 : rc = timespec_to_gpfs_time(ft->create_time, gpfs_times, 3, &flags);
1718 0 : if (rc != 0) {
1719 0 : return rc;
1720 : }
1721 :
1722 0 : if (!flags) {
1723 0 : DBG_DEBUG("nothing to do, return to avoid EINVAL\n");
1724 0 : return 0;
1725 : }
1726 :
1727 0 : if (!fsp->fsp_flags.is_pathref) {
1728 0 : rc = gpfswrap_set_times(fsp_get_io_fd(fsp), flags, gpfs_times);
1729 0 : if (rc != 0) {
1730 0 : DBG_WARNING("gpfs_set_times(%s) failed: %s\n",
1731 : fsp_str_dbg(fsp), strerror(errno));
1732 : }
1733 0 : return rc;
1734 : }
1735 :
1736 :
1737 0 : if (fsp->fsp_flags.have_proc_fds) {
1738 0 : int fd = fsp_get_pathref_fd(fsp);
1739 0 : const char *p = NULL;
1740 : char buf[PATH_MAX];
1741 :
1742 0 : p = sys_proc_fd_path(fd, buf, sizeof(buf));
1743 0 : if (p == NULL) {
1744 0 : return -1;
1745 : }
1746 :
1747 0 : rc = gpfswrap_set_times_path(buf, flags, gpfs_times);
1748 0 : if (rc != 0) {
1749 0 : DBG_WARNING("gpfs_set_times_path(%s,%s) failed: %s\n",
1750 : fsp_str_dbg(fsp), p, strerror(errno));
1751 : }
1752 0 : return rc;
1753 : }
1754 :
1755 : /*
1756 : * This is no longer a handle based call.
1757 : */
1758 :
1759 0 : rc = gpfswrap_set_times_path(fsp->fsp_name->base_name,
1760 : flags,
1761 : gpfs_times);
1762 0 : if (rc != 0) {
1763 0 : DBG_WARNING("gpfs_set_times_path(%s) failed: %s\n",
1764 : fsp_str_dbg(fsp), strerror(errno));
1765 : }
1766 0 : return rc;
1767 : }
1768 :
1769 0 : static int vfs_gpfs_fntimes(struct vfs_handle_struct *handle,
1770 : files_struct *fsp,
1771 : struct smb_file_time *ft)
1772 : {
1773 :
1774 : struct gpfs_winattr attrs;
1775 : int ret;
1776 : struct gpfs_config_data *config;
1777 :
1778 0 : SMB_VFS_HANDLE_GET_DATA(handle,
1779 : config,
1780 : struct gpfs_config_data,
1781 : return -1);
1782 :
1783 : /* Try to use gpfs_set_times if it is enabled and available */
1784 0 : if (config->settimes) {
1785 0 : return smbd_gpfs_set_times(fsp, ft);
1786 : }
1787 :
1788 0 : DBG_DEBUG("gpfs_set_times() not available or disabled, "
1789 : "use ntimes and winattr\n");
1790 :
1791 0 : ret = SMB_VFS_NEXT_FNTIMES(handle, fsp, ft);
1792 0 : if (ret == -1) {
1793 : /* don't complain if access was denied */
1794 0 : if (errno != EPERM && errno != EACCES) {
1795 0 : DBG_WARNING("SMB_VFS_NEXT_FNTIMES failed: %s",
1796 : strerror(errno));
1797 : }
1798 0 : return -1;
1799 : }
1800 :
1801 0 : if (is_omit_timespec(&ft->create_time)) {
1802 0 : DBG_DEBUG("Create Time is NULL\n");
1803 0 : return 0;
1804 : }
1805 :
1806 0 : if (!config->winattr) {
1807 0 : return 0;
1808 : }
1809 :
1810 0 : attrs.winAttrs = 0;
1811 0 : attrs.creationTime.tv_sec = ft->create_time.tv_sec;
1812 0 : attrs.creationTime.tv_nsec = ft->create_time.tv_nsec;
1813 :
1814 0 : if (!fsp->fsp_flags.is_pathref) {
1815 0 : ret = gpfswrap_set_winattrs(fsp_get_io_fd(fsp),
1816 : GPFS_WINATTR_SET_CREATION_TIME,
1817 : &attrs);
1818 0 : if (ret == -1 && errno != ENOSYS) {
1819 0 : DBG_WARNING("Set GPFS ntimes failed %d\n", ret);
1820 0 : return -1;
1821 : }
1822 0 : return ret;
1823 : }
1824 :
1825 0 : if (fsp->fsp_flags.have_proc_fds) {
1826 0 : int fd = fsp_get_pathref_fd(fsp);
1827 0 : const char *p = NULL;
1828 : char buf[PATH_MAX];
1829 :
1830 0 : p = sys_proc_fd_path(fd, buf, sizeof(buf));
1831 0 : if (p == NULL) {
1832 0 : return -1;
1833 : }
1834 :
1835 0 : ret = gpfswrap_set_winattrs_path(p,
1836 : GPFS_WINATTR_SET_CREATION_TIME,
1837 : &attrs);
1838 0 : if (ret == -1 && errno != ENOSYS) {
1839 0 : DBG_WARNING("Set GPFS ntimes failed %d\n", ret);
1840 0 : return -1;
1841 : }
1842 0 : return ret;
1843 : }
1844 :
1845 : /*
1846 : * This is no longer a handle based call.
1847 : */
1848 0 : ret = gpfswrap_set_winattrs_path(fsp->fsp_name->base_name,
1849 : GPFS_WINATTR_SET_CREATION_TIME,
1850 : &attrs);
1851 0 : if (ret == -1 && errno != ENOSYS) {
1852 0 : DBG_WARNING("Set GPFS ntimes failed %d\n", ret);
1853 0 : return -1;
1854 : }
1855 :
1856 0 : return 0;
1857 : }
1858 :
1859 0 : static int vfs_gpfs_fallocate(struct vfs_handle_struct *handle,
1860 : struct files_struct *fsp, uint32_t mode,
1861 : off_t offset, off_t len)
1862 : {
1863 0 : if (mode == (VFS_FALLOCATE_FL_PUNCH_HOLE|VFS_FALLOCATE_FL_KEEP_SIZE) &&
1864 0 : !fsp->fsp_flags.is_sparse &&
1865 0 : lp_strict_allocate(SNUM(fsp->conn))) {
1866 : /*
1867 : * This is from a ZERO_DATA request on a non-sparse
1868 : * file. GPFS does not support FL_KEEP_SIZE and thus
1869 : * cannot fill the whole again in the subsequent
1870 : * fallocate(FL_KEEP_SIZE). Deny this FL_PUNCH_HOLE
1871 : * call to not end up with a hole in a non-sparse
1872 : * file.
1873 : */
1874 0 : errno = ENOTSUP;
1875 0 : return -1;
1876 : }
1877 :
1878 0 : return SMB_VFS_NEXT_FALLOCATE(handle, fsp, mode, offset, len);
1879 : }
1880 :
1881 0 : static int vfs_gpfs_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
1882 : off_t len)
1883 : {
1884 : int result;
1885 : struct gpfs_config_data *config;
1886 :
1887 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1888 : struct gpfs_config_data,
1889 : return -1);
1890 :
1891 0 : if (!config->ftruncate) {
1892 0 : return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1893 : }
1894 :
1895 0 : result = gpfswrap_ftruncate(fsp_get_io_fd(fsp), len);
1896 0 : if ((result == -1) && (errno == ENOSYS)) {
1897 0 : return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1898 : }
1899 0 : return result;
1900 : }
1901 :
1902 0 : static bool vfs_gpfs_is_offline(struct vfs_handle_struct *handle,
1903 : struct files_struct *fsp,
1904 : SMB_STRUCT_STAT *sbuf)
1905 : {
1906 : struct gpfs_winattr attrs;
1907 : struct gpfs_config_data *config;
1908 : int ret;
1909 :
1910 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
1911 : struct gpfs_config_data,
1912 : return false);
1913 :
1914 0 : if (!config->winattr) {
1915 0 : return false;
1916 : }
1917 :
1918 0 : ret = gpfswrap_get_winattrs(fsp_get_pathref_fd(fsp), &attrs);
1919 0 : if (ret == -1) {
1920 0 : return false;
1921 : }
1922 :
1923 0 : if ((attrs.winAttrs & GPFS_WINATTR_OFFLINE) != 0) {
1924 0 : DBG_DEBUG("%s is offline\n", fsp_str_dbg(fsp));
1925 0 : return true;
1926 : }
1927 :
1928 0 : DBG_DEBUG("%s is online\n", fsp_str_dbg(fsp));
1929 0 : return false;
1930 : }
1931 :
1932 0 : static bool vfs_gpfs_fsp_is_offline(struct vfs_handle_struct *handle,
1933 : struct files_struct *fsp)
1934 : {
1935 : struct gpfs_fsp_extension *ext;
1936 :
1937 0 : ext = VFS_FETCH_FSP_EXTENSION(handle, fsp);
1938 0 : if (ext == NULL) {
1939 : /*
1940 : * Something bad happened, always ask.
1941 : */
1942 0 : return vfs_gpfs_is_offline(handle, fsp,
1943 0 : &fsp->fsp_name->st);
1944 : }
1945 :
1946 0 : if (ext->offline) {
1947 : /*
1948 : * As long as it's offline, ask.
1949 : */
1950 0 : ext->offline = vfs_gpfs_is_offline(handle, fsp,
1951 0 : &fsp->fsp_name->st);
1952 : }
1953 :
1954 0 : return ext->offline;
1955 : }
1956 :
1957 0 : static bool vfs_gpfs_aio_force(struct vfs_handle_struct *handle,
1958 : struct files_struct *fsp)
1959 : {
1960 0 : return vfs_gpfs_fsp_is_offline(handle, fsp);
1961 : }
1962 :
1963 0 : static ssize_t vfs_gpfs_sendfile(vfs_handle_struct *handle, int tofd,
1964 : files_struct *fsp, const DATA_BLOB *hdr,
1965 : off_t offset, size_t n)
1966 : {
1967 0 : if (vfs_gpfs_fsp_is_offline(handle, fsp)) {
1968 0 : errno = ENOSYS;
1969 0 : return -1;
1970 : }
1971 0 : return SMB_VFS_NEXT_SENDFILE(handle, tofd, fsp, hdr, offset, n);
1972 : }
1973 :
1974 : #ifdef O_PATH
1975 0 : static int vfs_gpfs_check_pathref_fstat_x(struct gpfs_config_data *config,
1976 : struct connection_struct *conn)
1977 : {
1978 0 : struct gpfs_iattr64 iattr = {0};
1979 0 : unsigned int litemask = 0;
1980 : int saved_errno;
1981 : int fd;
1982 : int ret;
1983 :
1984 0 : fd = open(conn->connectpath, O_PATH);
1985 0 : if (fd == -1) {
1986 0 : DBG_ERR("openat() of share with O_PATH failed: %s\n",
1987 : strerror(errno));
1988 0 : return -1;
1989 : }
1990 :
1991 0 : ret = gpfswrap_fstat_x(fd, &litemask, &iattr, sizeof(iattr));
1992 0 : if (ret == 0) {
1993 0 : close(fd);
1994 0 : config->pathref_ok.gpfs_fstat_x = true;
1995 0 : return 0;
1996 : }
1997 :
1998 0 : saved_errno = errno;
1999 0 : ret = close(fd);
2000 0 : if (ret != 0) {
2001 0 : DBG_ERR("close failed: %s\n", strerror(errno));
2002 0 : return -1;
2003 : }
2004 :
2005 0 : if (saved_errno != EBADF) {
2006 0 : DBG_ERR("gpfswrap_fstat_x() of O_PATH handle failed: %s\n",
2007 : strerror(saved_errno));
2008 0 : return -1;
2009 : }
2010 :
2011 0 : return 0;
2012 : }
2013 : #endif
2014 :
2015 0 : static int vfs_gpfs_check_pathref(struct gpfs_config_data *config,
2016 : struct connection_struct *conn)
2017 : {
2018 : #ifndef O_PATH
2019 : /*
2020 : * This code path leaves all struct gpfs_config_data.pathref_ok members
2021 : * initialized to false.
2022 : */
2023 : return 0;
2024 : #else
2025 : int ret;
2026 :
2027 0 : ret = vfs_gpfs_check_pathref_fstat_x(config, conn);
2028 0 : if (ret != 0) {
2029 0 : return -1;
2030 : }
2031 :
2032 0 : return 0;
2033 : #endif
2034 : }
2035 :
2036 0 : static int vfs_gpfs_connect(struct vfs_handle_struct *handle,
2037 : const char *service, const char *user)
2038 : {
2039 : struct gpfs_config_data *config;
2040 : int ret;
2041 : bool check_fstype;
2042 :
2043 0 : ret = SMB_VFS_NEXT_CONNECT(handle, service, user);
2044 0 : if (ret < 0) {
2045 0 : return ret;
2046 : }
2047 :
2048 0 : if (IS_IPC(handle->conn)) {
2049 0 : return 0;
2050 : }
2051 :
2052 0 : gpfswrap_lib_init(0);
2053 :
2054 0 : config = talloc_zero(handle->conn, struct gpfs_config_data);
2055 0 : if (!config) {
2056 0 : DEBUG(0, ("talloc_zero() failed\n"));
2057 0 : errno = ENOMEM;
2058 0 : return -1;
2059 : }
2060 :
2061 0 : check_fstype = lp_parm_bool(SNUM(handle->conn), "gpfs",
2062 : "check_fstype", true);
2063 :
2064 0 : if (check_fstype) {
2065 0 : const char *connectpath = handle->conn->connectpath;
2066 0 : struct statfs buf = { 0 };
2067 :
2068 0 : ret = statfs(connectpath, &buf);
2069 0 : if (ret != 0) {
2070 0 : DBG_ERR("statfs failed for share %s at path %s: %s\n",
2071 : service, connectpath, strerror(errno));
2072 0 : TALLOC_FREE(config);
2073 0 : return ret;
2074 : }
2075 :
2076 0 : if (buf.f_type != GPFS_SUPER_MAGIC) {
2077 0 : DBG_ERR("SMB share %s, path %s not in GPFS file system."
2078 : " statfs magic: 0x%jx\n",
2079 : service,
2080 : connectpath,
2081 : (uintmax_t)buf.f_type);
2082 0 : errno = EINVAL;
2083 0 : TALLOC_FREE(config);
2084 0 : return -1;
2085 : }
2086 : }
2087 :
2088 0 : ret = smbacl4_get_vfs_params(handle->conn, &config->nfs4_params);
2089 0 : if (ret < 0) {
2090 0 : TALLOC_FREE(config);
2091 0 : return ret;
2092 : }
2093 :
2094 0 : config->sharemodes = lp_parm_bool(SNUM(handle->conn), "gpfs",
2095 : "sharemodes", true);
2096 :
2097 0 : config->leases = lp_parm_bool(SNUM(handle->conn), "gpfs",
2098 : "leases", true);
2099 :
2100 0 : config->hsm = lp_parm_bool(SNUM(handle->conn), "gpfs",
2101 : "hsm", false);
2102 :
2103 0 : config->syncio = lp_parm_bool(SNUM(handle->conn), "gpfs",
2104 : "syncio", false);
2105 :
2106 0 : config->winattr = lp_parm_bool(SNUM(handle->conn), "gpfs",
2107 : "winattr", false);
2108 :
2109 0 : config->ftruncate = lp_parm_bool(SNUM(handle->conn), "gpfs",
2110 : "ftruncate", true);
2111 :
2112 0 : config->getrealfilename = lp_parm_bool(SNUM(handle->conn), "gpfs",
2113 : "getrealfilename", true);
2114 :
2115 0 : config->dfreequota = lp_parm_bool(SNUM(handle->conn), "gpfs",
2116 : "dfreequota", false);
2117 :
2118 0 : config->acl = lp_parm_bool(SNUM(handle->conn), "gpfs", "acl", true);
2119 :
2120 0 : config->settimes = lp_parm_bool(SNUM(handle->conn), "gpfs",
2121 : "settimes", true);
2122 0 : config->recalls = lp_parm_bool(SNUM(handle->conn), "gpfs",
2123 : "recalls", true);
2124 :
2125 0 : ret = vfs_gpfs_check_pathref(config, handle->conn);
2126 0 : if (ret != 0) {
2127 0 : DBG_ERR("vfs_gpfs_check_pathref() on [%s] failed\n",
2128 : handle->conn->connectpath);
2129 0 : TALLOC_FREE(config);
2130 0 : return -1;
2131 : }
2132 :
2133 0 : SMB_VFS_HANDLE_SET_DATA(handle, config,
2134 : NULL, struct gpfs_config_data,
2135 : return -1);
2136 :
2137 0 : if (config->leases) {
2138 : /*
2139 : * GPFS lease code is based on kernel oplock code
2140 : * so make sure it is turned on
2141 : */
2142 0 : if (!lp_kernel_oplocks(SNUM(handle->conn))) {
2143 0 : DEBUG(5, ("Enabling kernel oplocks for "
2144 : "gpfs:leases to work\n"));
2145 0 : lp_do_parameter(SNUM(handle->conn), "kernel oplocks",
2146 : "true");
2147 : }
2148 :
2149 : /*
2150 : * as the kernel does not properly support Level II oplocks
2151 : * and GPFS leases code is based on kernel infrastructure, we
2152 : * need to turn off Level II oplocks if gpfs:leases is enabled
2153 : */
2154 0 : if (lp_level2_oplocks(SNUM(handle->conn))) {
2155 0 : DEBUG(5, ("gpfs:leases are enabled, disabling "
2156 : "Level II oplocks\n"));
2157 0 : lp_do_parameter(SNUM(handle->conn), "level2 oplocks",
2158 : "false");
2159 : }
2160 : }
2161 :
2162 : /*
2163 : * Unless we have an async implementation of get_dos_attributes turn
2164 : * this off.
2165 : */
2166 0 : lp_do_parameter(SNUM(handle->conn), "smbd async dosmode", "false");
2167 :
2168 0 : return 0;
2169 : }
2170 :
2171 0 : static int get_gpfs_quota(const char *pathname, int type, int id,
2172 : struct gpfs_quotaInfo *qi)
2173 : {
2174 : int ret;
2175 :
2176 0 : ret = gpfswrap_quotactl(pathname, GPFS_QCMD(Q_GETQUOTA, type), id, qi);
2177 :
2178 0 : if (ret) {
2179 0 : if (errno == GPFS_E_NO_QUOTA_INST) {
2180 0 : DEBUG(10, ("Quotas disabled on GPFS filesystem.\n"));
2181 0 : } else if (errno != ENOSYS) {
2182 0 : DEBUG(0, ("Get quota failed, type %d, id, %d, "
2183 : "errno %d.\n", type, id, errno));
2184 : }
2185 :
2186 0 : return ret;
2187 : }
2188 :
2189 0 : DEBUG(10, ("quota type %d, id %d, blk u:%lld h:%lld s:%lld gt:%u\n",
2190 : type, id, qi->blockUsage, qi->blockHardLimit,
2191 : qi->blockSoftLimit, qi->blockGraceTime));
2192 :
2193 0 : return ret;
2194 : }
2195 :
2196 0 : static void vfs_gpfs_disk_free_quota(struct gpfs_quotaInfo qi, time_t cur_time,
2197 : uint64_t *dfree, uint64_t *dsize)
2198 : {
2199 : uint64_t usage, limit;
2200 :
2201 : /*
2202 : * The quota reporting is done in units of 1024 byte blocks, but
2203 : * sys_fsusage uses units of 512 byte blocks, adjust the block number
2204 : * accordingly. Also filter possibly negative usage counts from gpfs.
2205 : */
2206 0 : usage = qi.blockUsage < 0 ? 0 : (uint64_t)qi.blockUsage * 2;
2207 0 : limit = (uint64_t)qi.blockHardLimit * 2;
2208 :
2209 : /*
2210 : * When the grace time for the exceeded soft block quota has been
2211 : * exceeded, the soft block quota becomes an additional hard limit.
2212 : */
2213 0 : if (qi.blockSoftLimit &&
2214 0 : qi.blockGraceTime && cur_time > qi.blockGraceTime) {
2215 : /* report disk as full */
2216 0 : *dfree = 0;
2217 0 : *dsize = MIN(*dsize, usage);
2218 : }
2219 :
2220 0 : if (!qi.blockHardLimit)
2221 0 : return;
2222 :
2223 0 : if (usage >= limit) {
2224 : /* report disk as full */
2225 0 : *dfree = 0;
2226 0 : *dsize = MIN(*dsize, usage);
2227 :
2228 : } else {
2229 : /* limit has not been reached, determine "free space" */
2230 0 : *dfree = MIN(*dfree, limit - usage);
2231 0 : *dsize = MIN(*dsize, limit);
2232 : }
2233 : }
2234 :
2235 0 : static uint64_t vfs_gpfs_disk_free(vfs_handle_struct *handle,
2236 : const struct smb_filename *smb_fname,
2237 : uint64_t *bsize,
2238 : uint64_t *dfree,
2239 : uint64_t *dsize)
2240 : {
2241 : struct security_unix_token *utok;
2242 0 : struct gpfs_quotaInfo qi_user = { 0 }, qi_group = { 0 };
2243 : struct gpfs_config_data *config;
2244 : int err;
2245 : time_t cur_time;
2246 :
2247 0 : SMB_VFS_HANDLE_GET_DATA(handle, config, struct gpfs_config_data,
2248 : return (uint64_t)-1);
2249 0 : if (!config->dfreequota) {
2250 0 : return SMB_VFS_NEXT_DISK_FREE(handle, smb_fname,
2251 : bsize, dfree, dsize);
2252 : }
2253 :
2254 0 : err = sys_fsusage(smb_fname->base_name, dfree, dsize);
2255 0 : if (err) {
2256 0 : DEBUG (0, ("Could not get fs usage, errno %d\n", errno));
2257 0 : return SMB_VFS_NEXT_DISK_FREE(handle, smb_fname,
2258 : bsize, dfree, dsize);
2259 : }
2260 :
2261 : /* sys_fsusage returns units of 512 bytes */
2262 0 : *bsize = 512;
2263 :
2264 0 : DEBUG(10, ("fs dfree %llu, dsize %llu\n",
2265 : (unsigned long long)*dfree, (unsigned long long)*dsize));
2266 :
2267 0 : utok = handle->conn->session_info->unix_token;
2268 :
2269 0 : err = get_gpfs_quota(smb_fname->base_name,
2270 0 : GPFS_USRQUOTA, utok->uid, &qi_user);
2271 0 : if (err) {
2272 0 : return SMB_VFS_NEXT_DISK_FREE(handle, smb_fname,
2273 : bsize, dfree, dsize);
2274 : }
2275 :
2276 : /*
2277 : * If new files created under this folder get this folder's
2278 : * GID, then available space is governed by the quota of the
2279 : * folder's GID, not the primary group of the creating user.
2280 : */
2281 0 : if (VALID_STAT(smb_fname->st) &&
2282 0 : S_ISDIR(smb_fname->st.st_ex_mode) &&
2283 0 : smb_fname->st.st_ex_mode & S_ISGID) {
2284 0 : become_root();
2285 0 : err = get_gpfs_quota(smb_fname->base_name, GPFS_GRPQUOTA,
2286 0 : smb_fname->st.st_ex_gid, &qi_group);
2287 0 : unbecome_root();
2288 :
2289 : } else {
2290 0 : err = get_gpfs_quota(smb_fname->base_name, GPFS_GRPQUOTA,
2291 0 : utok->gid, &qi_group);
2292 : }
2293 :
2294 0 : if (err) {
2295 0 : return SMB_VFS_NEXT_DISK_FREE(handle, smb_fname,
2296 : bsize, dfree, dsize);
2297 : }
2298 :
2299 0 : cur_time = time(NULL);
2300 :
2301 : /* Adjust free space and size according to quota limits. */
2302 0 : vfs_gpfs_disk_free_quota(qi_user, cur_time, dfree, dsize);
2303 0 : vfs_gpfs_disk_free_quota(qi_group, cur_time, dfree, dsize);
2304 :
2305 0 : return *dfree / 2;
2306 : }
2307 :
2308 0 : static int vfs_gpfs_get_quota(vfs_handle_struct *handle,
2309 : const struct smb_filename *smb_fname,
2310 : enum SMB_QUOTA_TYPE qtype,
2311 : unid_t id,
2312 : SMB_DISK_QUOTA *dq)
2313 : {
2314 0 : switch(qtype) {
2315 : /*
2316 : * User/group quota are being used for disk-free
2317 : * determination, which in this module is done directly
2318 : * by the disk-free function. It's important that this
2319 : * module does not return wrong quota values by mistake,
2320 : * which would modify the correct values set by disk-free.
2321 : * User/group quota are also being used for processing
2322 : * NT_TRANSACT_GET_USER_QUOTA in smb1 protocol, which is
2323 : * currently not supported by this module.
2324 : */
2325 0 : case SMB_USER_QUOTA_TYPE:
2326 : case SMB_GROUP_QUOTA_TYPE:
2327 0 : errno = ENOSYS;
2328 0 : return -1;
2329 0 : default:
2330 0 : return SMB_VFS_NEXT_GET_QUOTA(handle, smb_fname,
2331 : qtype, id, dq);
2332 : }
2333 : }
2334 :
2335 0 : static uint32_t vfs_gpfs_capabilities(struct vfs_handle_struct *handle,
2336 : enum timestamp_set_resolution *p_ts_res)
2337 : {
2338 : struct gpfs_config_data *config;
2339 : uint32_t next;
2340 :
2341 0 : next = SMB_VFS_NEXT_FS_CAPABILITIES(handle, p_ts_res);
2342 :
2343 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
2344 : struct gpfs_config_data,
2345 : return next);
2346 :
2347 0 : if (config->hsm) {
2348 0 : next |= FILE_SUPPORTS_REMOTE_STORAGE;
2349 : }
2350 0 : return next;
2351 : }
2352 :
2353 0 : static int vfs_gpfs_openat(struct vfs_handle_struct *handle,
2354 : const struct files_struct *dirfsp,
2355 : const struct smb_filename *smb_fname,
2356 : files_struct *fsp,
2357 : const struct vfs_open_how *_how)
2358 : {
2359 0 : struct vfs_open_how how = *_how;
2360 0 : struct gpfs_config_data *config = NULL;
2361 0 : struct gpfs_fsp_extension *ext = NULL;
2362 : int ret;
2363 :
2364 0 : SMB_VFS_HANDLE_GET_DATA(handle, config,
2365 : struct gpfs_config_data,
2366 : return -1);
2367 :
2368 0 : if (config->hsm && !config->recalls &&
2369 0 : !fsp->fsp_flags.is_pathref &&
2370 0 : vfs_gpfs_fsp_is_offline(handle, fsp))
2371 : {
2372 0 : DBG_DEBUG("Refusing access to offline file %s\n",
2373 : fsp_str_dbg(fsp));
2374 0 : errno = EACCES;
2375 0 : return -1;
2376 : }
2377 :
2378 0 : if (config->syncio) {
2379 0 : how.flags |= O_SYNC;
2380 : }
2381 :
2382 0 : ext = VFS_ADD_FSP_EXTENSION(handle, fsp, struct gpfs_fsp_extension,
2383 : NULL);
2384 0 : if (ext == NULL) {
2385 0 : errno = ENOMEM;
2386 0 : return -1;
2387 : }
2388 :
2389 : /*
2390 : * Assume the file is offline until gpfs tells us it's online.
2391 : */
2392 0 : *ext = (struct gpfs_fsp_extension) { .offline = true };
2393 :
2394 0 : ret = SMB_VFS_NEXT_OPENAT(handle, dirfsp, smb_fname, fsp, &how);
2395 0 : if (ret == -1) {
2396 0 : VFS_REMOVE_FSP_EXTENSION(handle, fsp);
2397 : }
2398 0 : return ret;
2399 : }
2400 :
2401 0 : static ssize_t vfs_gpfs_pread(vfs_handle_struct *handle, files_struct *fsp,
2402 : void *data, size_t n, off_t offset)
2403 : {
2404 : ssize_t ret;
2405 : bool was_offline;
2406 :
2407 0 : was_offline = vfs_gpfs_fsp_is_offline(handle, fsp);
2408 :
2409 0 : ret = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset);
2410 :
2411 0 : if ((ret != -1) && was_offline) {
2412 0 : notify_fname(handle->conn, NOTIFY_ACTION_MODIFIED,
2413 : FILE_NOTIFY_CHANGE_ATTRIBUTES,
2414 0 : fsp->fsp_name->base_name);
2415 : }
2416 :
2417 0 : return ret;
2418 : }
2419 :
2420 : struct vfs_gpfs_pread_state {
2421 : struct files_struct *fsp;
2422 : ssize_t ret;
2423 : bool was_offline;
2424 : struct vfs_aio_state vfs_aio_state;
2425 : };
2426 :
2427 : static void vfs_gpfs_pread_done(struct tevent_req *subreq);
2428 :
2429 0 : static struct tevent_req *vfs_gpfs_pread_send(struct vfs_handle_struct *handle,
2430 : TALLOC_CTX *mem_ctx,
2431 : struct tevent_context *ev,
2432 : struct files_struct *fsp,
2433 : void *data, size_t n,
2434 : off_t offset)
2435 : {
2436 : struct tevent_req *req, *subreq;
2437 : struct vfs_gpfs_pread_state *state;
2438 :
2439 0 : req = tevent_req_create(mem_ctx, &state, struct vfs_gpfs_pread_state);
2440 0 : if (req == NULL) {
2441 0 : return NULL;
2442 : }
2443 0 : state->was_offline = vfs_gpfs_fsp_is_offline(handle, fsp);
2444 0 : state->fsp = fsp;
2445 0 : subreq = SMB_VFS_NEXT_PREAD_SEND(state, ev, handle, fsp, data,
2446 : n, offset);
2447 0 : if (tevent_req_nomem(subreq, req)) {
2448 0 : return tevent_req_post(req, ev);
2449 : }
2450 0 : tevent_req_set_callback(subreq, vfs_gpfs_pread_done, req);
2451 0 : return req;
2452 : }
2453 :
2454 0 : static void vfs_gpfs_pread_done(struct tevent_req *subreq)
2455 : {
2456 0 : struct tevent_req *req = tevent_req_callback_data(
2457 : subreq, struct tevent_req);
2458 0 : struct vfs_gpfs_pread_state *state = tevent_req_data(
2459 : req, struct vfs_gpfs_pread_state);
2460 :
2461 0 : state->ret = SMB_VFS_PREAD_RECV(subreq, &state->vfs_aio_state);
2462 0 : TALLOC_FREE(subreq);
2463 0 : tevent_req_done(req);
2464 0 : }
2465 :
2466 0 : static ssize_t vfs_gpfs_pread_recv(struct tevent_req *req,
2467 : struct vfs_aio_state *vfs_aio_state)
2468 : {
2469 0 : struct vfs_gpfs_pread_state *state = tevent_req_data(
2470 : req, struct vfs_gpfs_pread_state);
2471 0 : struct files_struct *fsp = state->fsp;
2472 :
2473 0 : if (tevent_req_is_unix_error(req, &vfs_aio_state->error)) {
2474 0 : return -1;
2475 : }
2476 0 : *vfs_aio_state = state->vfs_aio_state;
2477 :
2478 0 : if ((state->ret != -1) && state->was_offline) {
2479 0 : DEBUG(10, ("sending notify\n"));
2480 0 : notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
2481 : FILE_NOTIFY_CHANGE_ATTRIBUTES,
2482 0 : fsp->fsp_name->base_name);
2483 : }
2484 :
2485 0 : return state->ret;
2486 : }
2487 :
2488 0 : static ssize_t vfs_gpfs_pwrite(vfs_handle_struct *handle, files_struct *fsp,
2489 : const void *data, size_t n, off_t offset)
2490 : {
2491 : ssize_t ret;
2492 : bool was_offline;
2493 :
2494 0 : was_offline = vfs_gpfs_fsp_is_offline(handle, fsp);
2495 :
2496 0 : ret = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
2497 :
2498 0 : if ((ret != -1) && was_offline) {
2499 0 : notify_fname(handle->conn, NOTIFY_ACTION_MODIFIED,
2500 : FILE_NOTIFY_CHANGE_ATTRIBUTES,
2501 0 : fsp->fsp_name->base_name);
2502 : }
2503 :
2504 0 : return ret;
2505 : }
2506 :
2507 : struct vfs_gpfs_pwrite_state {
2508 : struct files_struct *fsp;
2509 : ssize_t ret;
2510 : bool was_offline;
2511 : struct vfs_aio_state vfs_aio_state;
2512 : };
2513 :
2514 : static void vfs_gpfs_pwrite_done(struct tevent_req *subreq);
2515 :
2516 0 : static struct tevent_req *vfs_gpfs_pwrite_send(
2517 : struct vfs_handle_struct *handle,
2518 : TALLOC_CTX *mem_ctx,
2519 : struct tevent_context *ev,
2520 : struct files_struct *fsp,
2521 : const void *data, size_t n,
2522 : off_t offset)
2523 : {
2524 : struct tevent_req *req, *subreq;
2525 : struct vfs_gpfs_pwrite_state *state;
2526 :
2527 0 : req = tevent_req_create(mem_ctx, &state, struct vfs_gpfs_pwrite_state);
2528 0 : if (req == NULL) {
2529 0 : return NULL;
2530 : }
2531 0 : state->was_offline = vfs_gpfs_fsp_is_offline(handle, fsp);
2532 0 : state->fsp = fsp;
2533 0 : subreq = SMB_VFS_NEXT_PWRITE_SEND(state, ev, handle, fsp, data,
2534 : n, offset);
2535 0 : if (tevent_req_nomem(subreq, req)) {
2536 0 : return tevent_req_post(req, ev);
2537 : }
2538 0 : tevent_req_set_callback(subreq, vfs_gpfs_pwrite_done, req);
2539 0 : return req;
2540 : }
2541 :
2542 0 : static void vfs_gpfs_pwrite_done(struct tevent_req *subreq)
2543 : {
2544 0 : struct tevent_req *req = tevent_req_callback_data(
2545 : subreq, struct tevent_req);
2546 0 : struct vfs_gpfs_pwrite_state *state = tevent_req_data(
2547 : req, struct vfs_gpfs_pwrite_state);
2548 :
2549 0 : state->ret = SMB_VFS_PWRITE_RECV(subreq, &state->vfs_aio_state);
2550 0 : TALLOC_FREE(subreq);
2551 0 : tevent_req_done(req);
2552 0 : }
2553 :
2554 0 : static ssize_t vfs_gpfs_pwrite_recv(struct tevent_req *req,
2555 : struct vfs_aio_state *vfs_aio_state)
2556 : {
2557 0 : struct vfs_gpfs_pwrite_state *state = tevent_req_data(
2558 : req, struct vfs_gpfs_pwrite_state);
2559 0 : struct files_struct *fsp = state->fsp;
2560 :
2561 0 : if (tevent_req_is_unix_error(req, &vfs_aio_state->error)) {
2562 0 : return -1;
2563 : }
2564 0 : *vfs_aio_state = state->vfs_aio_state;
2565 :
2566 0 : if ((state->ret != -1) && state->was_offline) {
2567 0 : DEBUG(10, ("sending notify\n"));
2568 0 : notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
2569 : FILE_NOTIFY_CHANGE_ATTRIBUTES,
2570 0 : fsp->fsp_name->base_name);
2571 : }
2572 :
2573 0 : return state->ret;
2574 : }
2575 :
2576 :
2577 : static struct vfs_fn_pointers vfs_gpfs_fns = {
2578 : .connect_fn = vfs_gpfs_connect,
2579 : .disk_free_fn = vfs_gpfs_disk_free,
2580 : .get_quota_fn = vfs_gpfs_get_quota,
2581 : .fs_capabilities_fn = vfs_gpfs_capabilities,
2582 : .filesystem_sharemode_fn = vfs_gpfs_filesystem_sharemode,
2583 : .linux_setlease_fn = vfs_gpfs_setlease,
2584 : .get_real_filename_at_fn = vfs_gpfs_get_real_filename_at,
2585 : .get_dos_attributes_send_fn = vfs_not_implemented_get_dos_attributes_send,
2586 : .get_dos_attributes_recv_fn = vfs_not_implemented_get_dos_attributes_recv,
2587 : .fget_dos_attributes_fn = vfs_gpfs_fget_dos_attributes,
2588 : .fset_dos_attributes_fn = vfs_gpfs_fset_dos_attributes,
2589 : .fget_nt_acl_fn = gpfsacl_fget_nt_acl,
2590 : .fset_nt_acl_fn = gpfsacl_fset_nt_acl,
2591 : .sys_acl_get_fd_fn = gpfsacl_sys_acl_get_fd,
2592 : .sys_acl_blob_get_fd_fn = gpfsacl_sys_acl_blob_get_fd,
2593 : .sys_acl_set_fd_fn = gpfsacl_sys_acl_set_fd,
2594 : .sys_acl_delete_def_fd_fn = gpfsacl_sys_acl_delete_def_fd,
2595 : .fchmod_fn = vfs_gpfs_fchmod,
2596 : .close_fn = vfs_gpfs_close,
2597 : .stat_fn = vfs_gpfs_stat,
2598 : .lstat_fn = vfs_gpfs_lstat,
2599 : .fntimes_fn = vfs_gpfs_fntimes,
2600 : .aio_force_fn = vfs_gpfs_aio_force,
2601 : .sendfile_fn = vfs_gpfs_sendfile,
2602 : .fallocate_fn = vfs_gpfs_fallocate,
2603 : .openat_fn = vfs_gpfs_openat,
2604 : .pread_fn = vfs_gpfs_pread,
2605 : .pread_send_fn = vfs_gpfs_pread_send,
2606 : .pread_recv_fn = vfs_gpfs_pread_recv,
2607 : .pwrite_fn = vfs_gpfs_pwrite,
2608 : .pwrite_send_fn = vfs_gpfs_pwrite_send,
2609 : .pwrite_recv_fn = vfs_gpfs_pwrite_recv,
2610 : .ftruncate_fn = vfs_gpfs_ftruncate
2611 : };
2612 :
2613 : static_decl_vfs;
2614 26 : NTSTATUS vfs_gpfs_init(TALLOC_CTX *ctx)
2615 : {
2616 : int ret;
2617 :
2618 26 : ret = gpfswrap_init();
2619 26 : if (ret != 0) {
2620 26 : DEBUG(1, ("Could not initialize GPFS library wrapper\n"));
2621 : }
2622 :
2623 26 : return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "gpfs",
2624 : &vfs_gpfs_fns);
2625 : }
|
