s3: oplock: Fix race condition when closing an oplocked file.

We must send the 'oplock released' message whilst the lock
is held in the close path. Otherwise the messaged smbd can
race with the share mode delete.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12139

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

diff --git a/source3/smbd/close.c b/source3/smbd/close.c
index 3c4b9b1f5b08801e5aa6e06513ad0c8f9930baf6..22bd361768baf19b826a29e9c4a810bcfc88509d 100644 (file)
--- a/source3/smbd/close.c
+++ b/source3/smbd/close.c
@@ -273,6 +273,11 @@ static NTSTATUS close_remove_share_mode(files_struct *fsp,
                return NT_STATUS_INVALID_PARAMETER;
        }
 
+       /* Remove the oplock before potentially deleting the file. */
+       if(fsp->oplock_type) {
+               remove_oplock_under_lock(fsp, lck);
+       }
+
        if (fsp->write_time_forced) {
                DEBUG(10,("close_remove_share_mode: write time forced "
                        "for file %s\n",
@@ -741,11 +746,6 @@ static NTSTATUS close_normal_file(struct smb_request *req, files_struct *fsp,
                return NT_STATUS_OK;
        }
 
-       /* Remove the oplock before potentially deleting the file. */
-       if(fsp->oplock_type) {
-               remove_oplock(fsp);
-       }
-
        /* If this is an old DOS or FCB open and we have multiple opens on
           the same handle we only have one share mode. Ensure we only remove
           the share mode on the last close. */