2 Unix SMB/CIFS implementation.
5 Copyright (C) Stefan Metzmacher 2009
6 Copyright (C) Jeremy Allison 2010
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "smbd/smbd.h"
24 #include "smbd/globals.h"
25 #include "../libcli/smb/smb_common.h"
26 #include "../lib/util/tevent_ntstatus.h"
29 struct smbd_smb2_lock_element {
35 struct smbd_smb2_lock_state {
36 struct smbd_smb2_request *smb2req;
37 struct smb_request *smb1req;
38 struct blocking_lock_record *blr;
40 struct smbd_lock_element *locks;
43 static void remove_pending_lock(struct smbd_smb2_lock_state *state,
44 struct blocking_lock_record *blr);
46 static struct tevent_req *smbd_smb2_lock_send(TALLOC_CTX *mem_ctx,
47 struct tevent_context *ev,
48 struct smbd_smb2_request *smb2req,
49 struct files_struct *in_fsp,
50 uint16_t in_lock_count,
51 struct smbd_smb2_lock_element *in_locks);
52 static NTSTATUS smbd_smb2_lock_recv(struct tevent_req *req);
54 static void smbd_smb2_request_lock_done(struct tevent_req *subreq);
55 NTSTATUS smbd_smb2_request_process_lock(struct smbd_smb2_request *req)
57 const uint8_t *inbody;
58 uint16_t in_lock_count;
59 uint64_t in_file_id_persistent;
60 uint64_t in_file_id_volatile;
61 struct files_struct *in_fsp;
62 struct smbd_smb2_lock_element *in_locks;
63 struct tevent_req *subreq;
64 const uint8_t *lock_buffer;
68 status = smbd_smb2_request_verify_sizes(req, 0x30);
69 if (!NT_STATUS_IS_OK(status)) {
70 return smbd_smb2_request_error(req, status);
72 inbody = SMBD_SMB2_IN_BODY_PTR(req);
74 in_lock_count = CVAL(inbody, 0x02);
75 /* 0x04 - 4 bytes reserved */
76 in_file_id_persistent = BVAL(inbody, 0x08);
77 in_file_id_volatile = BVAL(inbody, 0x10);
79 if (in_lock_count < 1) {
80 return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
83 if (((in_lock_count - 1) * 0x18) > SMBD_SMB2_IN_DYN_LEN(req)) {
84 return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
87 in_locks = talloc_array(req, struct smbd_smb2_lock_element,
89 if (in_locks == NULL) {
90 return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
94 lock_buffer = inbody + 0x18;
96 in_locks[l].offset = BVAL(lock_buffer, 0x00);
97 in_locks[l].length = BVAL(lock_buffer, 0x08);
98 in_locks[l].flags = IVAL(lock_buffer, 0x10);
99 /* 0x14 - 4 reserved bytes */
101 lock_buffer = SMBD_SMB2_IN_DYN_PTR(req);
103 for (l=1; l < in_lock_count; l++) {
104 in_locks[l].offset = BVAL(lock_buffer, 0x00);
105 in_locks[l].length = BVAL(lock_buffer, 0x08);
106 in_locks[l].flags = IVAL(lock_buffer, 0x10);
107 /* 0x14 - 4 reserved bytes */
112 in_fsp = file_fsp_smb2(req, in_file_id_persistent, in_file_id_volatile);
113 if (in_fsp == NULL) {
114 return smbd_smb2_request_error(req, NT_STATUS_FILE_CLOSED);
117 subreq = smbd_smb2_lock_send(req, req->sconn->ev_ctx,
121 if (subreq == NULL) {
122 return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
124 tevent_req_set_callback(subreq, smbd_smb2_request_lock_done, req);
126 return smbd_smb2_request_pending_queue(req, subreq, 500);
129 static void smbd_smb2_request_lock_done(struct tevent_req *subreq)
131 struct smbd_smb2_request *smb2req = tevent_req_callback_data(subreq,
132 struct smbd_smb2_request);
135 NTSTATUS error; /* transport error */
137 status = smbd_smb2_lock_recv(subreq);
139 if (!NT_STATUS_IS_OK(status)) {
140 error = smbd_smb2_request_error(smb2req, status);
141 if (!NT_STATUS_IS_OK(error)) {
142 smbd_server_connection_terminate(smb2req->sconn,
149 outbody = data_blob_talloc(smb2req->out.vector, NULL, 0x04);
150 if (outbody.data == NULL) {
151 error = smbd_smb2_request_error(smb2req, NT_STATUS_NO_MEMORY);
152 if (!NT_STATUS_IS_OK(error)) {
153 smbd_server_connection_terminate(smb2req->sconn,
160 SSVAL(outbody.data, 0x00, 0x04); /* struct size */
161 SSVAL(outbody.data, 0x02, 0); /* reserved */
163 error = smbd_smb2_request_done(smb2req, outbody, NULL);
164 if (!NT_STATUS_IS_OK(error)) {
165 smbd_server_connection_terminate(smb2req->sconn,
171 static struct tevent_req *smbd_smb2_lock_send(TALLOC_CTX *mem_ctx,
172 struct tevent_context *ev,
173 struct smbd_smb2_request *smb2req,
174 struct files_struct *fsp,
175 uint16_t in_lock_count,
176 struct smbd_smb2_lock_element *in_locks)
178 struct tevent_req *req;
179 struct smbd_smb2_lock_state *state;
180 struct smb_request *smb1req;
181 int32_t timeout = -1;
182 bool isunlock = false;
184 struct smbd_lock_element *locks;
188 req = tevent_req_create(mem_ctx, &state,
189 struct smbd_smb2_lock_state);
193 state->smb2req = smb2req;
194 smb2req->subreq = req; /* So we can find this when going async. */
196 smb1req = smbd_smb2_fake_smb_request(smb2req);
197 if (tevent_req_nomem(smb1req, req)) {
198 return tevent_req_post(req, ev);
200 state->smb1req = smb1req;
202 DEBUG(10,("smbd_smb2_lock_send: %s - %s\n",
203 fsp_str_dbg(fsp), fsp_fnum_dbg(fsp)));
205 locks = talloc_array(state, struct smbd_lock_element, in_lock_count);
207 tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
208 return tevent_req_post(req, ev);
211 switch (in_locks[0].flags) {
212 case SMB2_LOCK_FLAG_SHARED:
213 case SMB2_LOCK_FLAG_EXCLUSIVE:
214 if (in_lock_count > 1) {
215 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
216 return tevent_req_post(req, ev);
221 case SMB2_LOCK_FLAG_SHARED|SMB2_LOCK_FLAG_FAIL_IMMEDIATELY:
222 case SMB2_LOCK_FLAG_EXCLUSIVE|SMB2_LOCK_FLAG_FAIL_IMMEDIATELY:
226 case SMB2_LOCK_FLAG_UNLOCK:
227 /* only the first lock gives the UNLOCK bit - see
234 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
235 return tevent_req_post(req, ev);
238 for (i=0; i<in_lock_count; i++) {
239 bool invalid = false;
241 switch (in_locks[i].flags) {
242 case SMB2_LOCK_FLAG_SHARED:
243 case SMB2_LOCK_FLAG_EXCLUSIVE:
249 tevent_req_nterror(req,
250 NT_STATUS_INVALID_PARAMETER);
251 return tevent_req_post(req, ev);
255 case SMB2_LOCK_FLAG_SHARED|SMB2_LOCK_FLAG_FAIL_IMMEDIATELY:
256 case SMB2_LOCK_FLAG_EXCLUSIVE|SMB2_LOCK_FLAG_FAIL_IMMEDIATELY:
262 case SMB2_LOCK_FLAG_UNLOCK:
264 tevent_req_nterror(req,
265 NT_STATUS_INVALID_PARAMETER);
266 return tevent_req_post(req, ev);
273 * is the first element was a UNLOCK
274 * we need to deferr the error response
275 * to the backend, because we need to process
276 * all unlock elements before
281 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
282 return tevent_req_post(req, ev);
285 locks[i].smblctx = fsp->op->global->open_persistent_id;
286 locks[i].offset = in_locks[i].offset;
287 locks[i].count = in_locks[i].length;
289 if (in_locks[i].flags & SMB2_LOCK_FLAG_EXCLUSIVE) {
290 locks[i].brltype = WRITE_LOCK;
291 } else if (in_locks[i].flags & SMB2_LOCK_FLAG_SHARED) {
292 locks[i].brltype = READ_LOCK;
293 } else if (invalid) {
295 * this is an invalid UNLOCK element
296 * and the backend needs to test for
297 * brltype != UNLOCK_LOCK and return
298 * NT_STATUS_INVALID_PARAMER
300 locks[i].brltype = READ_LOCK;
302 locks[i].brltype = UNLOCK_LOCK;
305 DEBUG(10,("smbd_smb2_lock_send: index %d offset=%llu, count=%llu, "
306 "smblctx = %llu type %d\n",
308 (unsigned long long)locks[i].offset,
309 (unsigned long long)locks[i].count,
310 (unsigned long long)locks[i].smblctx,
311 (int)locks[i].brltype ));
314 state->locks = locks;
315 state->lock_count = in_lock_count;
318 status = smbd_do_locking(smb1req, fsp,
327 status = smbd_do_locking(smb1req, fsp,
336 if (!NT_STATUS_IS_OK(status)) {
337 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_LOCK_CONFLICT)) {
338 status = NT_STATUS_LOCK_NOT_GRANTED;
340 tevent_req_nterror(req, status);
341 return tevent_req_post(req, ev);
348 tevent_req_done(req);
349 return tevent_req_post(req, ev);
352 static NTSTATUS smbd_smb2_lock_recv(struct tevent_req *req)
356 if (tevent_req_is_nterror(req, &status)) {
357 tevent_req_received(req);
361 tevent_req_received(req);
365 /****************************************************************
366 Cancel an outstanding blocking lock request.
367 *****************************************************************/
369 static bool smbd_smb2_lock_cancel(struct tevent_req *req)
371 struct smbd_smb2_request *smb2req = NULL;
372 struct smbd_smb2_lock_state *state = tevent_req_data(req,
373 struct smbd_smb2_lock_state);
378 if (!state->smb2req) {
382 smb2req = state->smb2req;
384 remove_pending_lock(state, state->blr);
385 tevent_req_defer_callback(req, smb2req->sconn->ev_ctx);
388 * If the request is canceled because of logoff, tdis or close
389 * the status is NT_STATUS_RANGE_NOT_LOCKED instead of
390 * NT_STATUS_CANCELLED.
392 * Note that the close case is handled in
393 * cancel_pending_lock_requests_by_fid_smb2(SHUTDOWN_CLOSE)
396 if (!NT_STATUS_IS_OK(smb2req->session->status)) {
397 tevent_req_nterror(req, NT_STATUS_RANGE_NOT_LOCKED);
401 if (!NT_STATUS_IS_OK(smb2req->tcon->status)) {
402 tevent_req_nterror(req, NT_STATUS_RANGE_NOT_LOCKED);
406 tevent_req_nterror(req, NT_STATUS_CANCELLED);
410 /****************************************************************
411 Got a message saying someone unlocked a file. Re-schedule all
412 blocking lock requests as we don't know if anything overlapped.
413 *****************************************************************/
415 static void received_unlock_msg(struct messaging_context *msg,
418 struct server_id server_id,
421 struct smbd_server_connection *sconn =
422 talloc_get_type_abort(private_data,
423 struct smbd_server_connection);
425 DEBUG(10,("received_unlock_msg (SMB2)\n"));
427 process_blocking_lock_queue_smb2(sconn, timeval_current());
430 /****************************************************************
431 Function to get the blr on a pending record.
432 *****************************************************************/
434 struct blocking_lock_record *get_pending_smb2req_blr(struct smbd_smb2_request *smb2req)
436 struct smbd_smb2_lock_state *state = NULL;
437 const uint8_t *inhdr;
442 if (smb2req->subreq == NULL) {
445 if (!tevent_req_is_in_progress(smb2req->subreq)) {
448 inhdr = SMBD_SMB2_IN_HDR_PTR(smb2req);
449 if (SVAL(inhdr, SMB2_HDR_OPCODE) != SMB2_OP_LOCK) {
452 state = tevent_req_data(smb2req->subreq,
453 struct smbd_smb2_lock_state);
459 /****************************************************************
460 Set up the next brl timeout.
461 *****************************************************************/
463 static bool recalc_smb2_brl_timeout(struct smbd_server_connection *sconn)
465 struct smbd_smb2_request *smb2req;
466 struct timeval next_timeout = timeval_zero();
467 int max_brl_timeout = lp_parm_int(-1, "brl", "recalctime", 5);
469 TALLOC_FREE(sconn->smb2.locks.brl_timeout);
471 for (smb2req = sconn->smb2.requests; smb2req; smb2req = smb2req->next) {
472 struct blocking_lock_record *blr =
473 get_pending_smb2req_blr(smb2req);
477 if (timeval_is_zero(&blr->expire_time)) {
479 * If we're blocked on pid 0xFFFFFFFFFFFFFFFFLL this is
480 * a POSIX lock, so calculate a timeout of
481 * 10 seconds into the future.
483 if (blr->blocking_smblctx == 0xFFFFFFFFFFFFFFFFLL) {
484 struct timeval psx_to = timeval_current_ofs(10, 0);
485 next_timeout = timeval_brl_min(&next_timeout, &psx_to);
491 next_timeout = timeval_brl_min(&next_timeout, &blr->expire_time);
494 if (timeval_is_zero(&next_timeout)) {
495 DEBUG(10, ("recalc_smb2_brl_timeout:Next "
496 "timeout = Infinite.\n"));
501 * To account for unclean shutdowns by clients we need a
502 * maximum timeout that we use for checking pending locks. If
503 * we have any pending locks at all, then check if the pending
504 * lock can continue at least every brl:recalctime seconds
505 * (default 5 seconds).
507 * This saves us needing to do a message_send_all() in the
508 * SIGCHLD handler in the parent daemon. That
509 * message_send_all() caused O(n^2) work to be done when IP
510 * failovers happened in clustered Samba, which could make the
511 * entire system unusable for many minutes.
514 if (max_brl_timeout > 0) {
515 struct timeval min_to = timeval_current_ofs(max_brl_timeout, 0);
516 next_timeout = timeval_brl_min(&next_timeout, &min_to);
520 struct timeval cur, from_now;
522 cur = timeval_current();
523 from_now = timeval_until(&cur, &next_timeout);
524 DEBUG(10, ("recalc_smb2_brl_timeout: Next "
525 "timeout = %d.%d seconds from now.\n",
526 (int)from_now.tv_sec, (int)from_now.tv_usec));
529 sconn->smb2.locks.brl_timeout = tevent_add_timer(
535 if (!sconn->smb2.locks.brl_timeout) {
541 /****************************************************************
542 Get an SMB2 lock reqeust to go async. lock_timeout should
544 *****************************************************************/
546 bool push_blocking_lock_request_smb2( struct byte_range_lock *br_lck,
547 struct smb_request *smb1req,
552 enum brl_type lock_type,
553 enum brl_flavour lock_flav,
556 uint64_t blocking_smblctx)
558 struct smbd_server_connection *sconn = smb1req->sconn;
559 struct smbd_smb2_request *smb2req = smb1req->smb2req;
560 struct tevent_req *req = NULL;
561 struct smbd_smb2_lock_state *state = NULL;
562 struct blocking_lock_record *blr = NULL;
563 NTSTATUS status = NT_STATUS_OK;
568 req = smb2req->subreq;
572 if (!tevent_req_is_in_progress(smb2req->subreq)) {
575 state = tevent_req_data(req, struct smbd_smb2_lock_state);
580 blr = talloc_zero(state, struct blocking_lock_record);
586 if (lock_timeout == -1) {
587 blr->expire_time.tv_sec = 0;
588 blr->expire_time.tv_usec = 0; /* Never expire. */
590 blr->expire_time = timeval_current_ofs_msec(lock_timeout);
593 blr->lock_num = lock_num;
594 blr->smblctx = smblctx;
595 blr->blocking_smblctx = blocking_smblctx;
596 blr->lock_flav = lock_flav;
597 blr->lock_type = lock_type;
598 blr->offset = offset;
601 /* Specific brl_lock() implementations can fill this in. */
602 blr->blr_private = NULL;
604 /* Add a pending lock record for this. */
605 status = brl_lock(sconn->msg_ctx,
608 messaging_server_id(sconn->msg_ctx),
611 lock_type == READ_LOCK ? PENDING_READ_LOCK : PENDING_WRITE_LOCK,
617 if (!NT_STATUS_IS_OK(status)) {
618 DEBUG(0,("push_blocking_lock_request_smb2: "
619 "failed to add PENDING_LOCK record.\n"));
625 DEBUG(10,("push_blocking_lock_request_smb2: file %s timeout %d\n",
629 recalc_smb2_brl_timeout(sconn);
631 /* Ensure we'll receive messages when this is unlocked. */
632 if (!sconn->smb2.locks.blocking_lock_unlock_state) {
633 messaging_register(sconn->msg_ctx, sconn,
634 MSG_SMB_UNLOCK, received_unlock_msg);
635 sconn->smb2.locks.blocking_lock_unlock_state = true;
638 /* allow this request to be canceled */
639 tevent_req_set_cancel_fn(req, smbd_smb2_lock_cancel);
644 /****************************************************************
645 Remove a pending lock record under lock.
646 *****************************************************************/
648 static void remove_pending_lock(struct smbd_smb2_lock_state *state,
649 struct blocking_lock_record *blr)
652 struct byte_range_lock *br_lck = brl_get_locks(
655 DEBUG(10, ("remove_pending_lock: BLR = %p\n", blr));
658 brl_lock_cancel(br_lck,
660 messaging_server_id(blr->fsp->conn->sconn->msg_ctx),
669 /****************************************************************
670 Re-proccess a blocking lock request.
671 This is equivalent to process_lockingX() inside smbd/blocking.c
672 *****************************************************************/
674 static void reprocess_blocked_smb2_lock(struct smbd_smb2_request *smb2req,
675 struct timeval tv_curr)
677 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
678 struct blocking_lock_record *blr = NULL;
679 struct smbd_smb2_lock_state *state = NULL;
680 struct byte_range_lock *br_lck = NULL;
681 struct smbd_lock_element *e = NULL;
682 files_struct *fsp = NULL;
684 if (!smb2req->subreq) {
687 state = tevent_req_data(smb2req->subreq, struct smbd_smb2_lock_state);
695 /* We can only have one blocked lock in SMB2. */
696 SMB_ASSERT(state->lock_count == 1);
697 SMB_ASSERT(blr->lock_num == 0);
699 /* Try and get the outstanding lock. */
700 e = &state->locks[blr->lock_num];
702 br_lck = do_lock(fsp->conn->sconn->msg_ctx,
711 &blr->blocking_smblctx,
716 if (NT_STATUS_IS_OK(status)) {
718 * Success - we got the lock.
721 DEBUG(3,("reprocess_blocked_smb2_lock SUCCESS file = %s, "
722 "%s, num_locks=%d\n",
725 (int)state->lock_count));
727 remove_pending_lock(state, blr);
728 tevent_req_done(smb2req->subreq);
732 if (!NT_STATUS_EQUAL(status,NT_STATUS_LOCK_NOT_GRANTED) &&
733 !NT_STATUS_EQUAL(status,NT_STATUS_FILE_LOCK_CONFLICT)) {
735 * We have other than a "can't get lock"
736 * error. Return an error.
738 remove_pending_lock(state, blr);
739 tevent_req_nterror(smb2req->subreq, status);
744 * We couldn't get the lock for this record.
745 * If the time has expired, return a lock error.
748 if (!timeval_is_zero(&blr->expire_time) &&
749 timeval_compare(&blr->expire_time, &tv_curr) <= 0) {
750 remove_pending_lock(state, blr);
751 tevent_req_nterror(smb2req->subreq, NT_STATUS_LOCK_NOT_GRANTED);
756 * Still can't get the lock - keep waiting.
759 DEBUG(10,("reprocess_blocked_smb2_lock: failed to get lock "
760 "for file %s, %s. Still waiting....\n",
767 /****************************************************************
768 Attempt to proccess all outstanding blocking locks pending on
770 *****************************************************************/
772 void process_blocking_lock_queue_smb2(
773 struct smbd_server_connection *sconn, struct timeval tv_curr)
775 struct smbd_smb2_request *smb2req, *nextreq;
777 for (smb2req = sconn->smb2.requests; smb2req; smb2req = nextreq) {
778 const uint8_t *inhdr;
780 nextreq = smb2req->next;
782 if (smb2req->subreq == NULL) {
783 /* This message has been processed. */
786 if (!tevent_req_is_in_progress(smb2req->subreq)) {
787 /* This message has been processed. */
791 inhdr = SMBD_SMB2_IN_HDR_PTR(smb2req);
792 if (SVAL(inhdr, SMB2_HDR_OPCODE) == SMB2_OP_LOCK) {
793 reprocess_blocked_smb2_lock(smb2req, tv_curr);
797 recalc_smb2_brl_timeout(sconn);
800 /****************************************************************************
801 Remove any locks on this fd. Called from file_close().
802 ****************************************************************************/
804 void cancel_pending_lock_requests_by_fid_smb2(files_struct *fsp,
805 struct byte_range_lock *br_lck,
806 enum file_close_type close_type)
808 struct smbd_server_connection *sconn = fsp->conn->sconn;
809 struct smbd_smb2_request *smb2req, *nextreq;
811 for (smb2req = sconn->smb2.requests; smb2req; smb2req = nextreq) {
812 struct smbd_smb2_lock_state *state = NULL;
813 files_struct *fsp_curr = NULL;
814 struct blocking_lock_record *blr = NULL;
815 const uint8_t *inhdr;
817 nextreq = smb2req->next;
819 if (smb2req->subreq == NULL) {
820 /* This message has been processed. */
823 if (!tevent_req_is_in_progress(smb2req->subreq)) {
824 /* This message has been processed. */
828 inhdr = SMBD_SMB2_IN_HDR_PTR(smb2req);
829 if (SVAL(inhdr, SMB2_HDR_OPCODE) != SMB2_OP_LOCK) {
830 /* Not a lock call. */
834 state = tevent_req_data(smb2req->subreq,
835 struct smbd_smb2_lock_state);
837 /* Strange - is this even possible ? */
841 fsp_curr = smb2req->compat_chain_fsp;
842 if (fsp_curr == NULL) {
843 /* Strange - is this even possible ? */
847 if (fsp_curr != fsp) {
848 /* It's not our fid */
854 /* Remove the entries from the lock db. */
855 brl_lock_cancel(br_lck,
857 messaging_server_id(sconn->msg_ctx),
863 /* Finally end the request. */
864 if (close_type == SHUTDOWN_CLOSE) {
865 tevent_req_done(smb2req->subreq);
867 tevent_req_nterror(smb2req->subreq,
868 NT_STATUS_RANGE_NOT_LOCKED);
git.samba.org / samba.git / blob