2 * Store streams in a separate subdirectory
4 * Copyright (C) Volker Lendecke, 2007
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
21 #include "smbd/smbd.h"
22 #include "system/filesys.h"
25 #define DBGC_CLASS DBGC_VFS
28 * Excerpt from a mail from tridge:
30 * Volker, what I'm thinking of is this:
31 * /mount-point/.streams/XX/YY/aaaa.bbbb/namedstream1
32 * /mount-point/.streams/XX/YY/aaaa.bbbb/namedstream2
34 * where XX/YY is a 2 level hash based on the fsid/inode. "aaaa.bbbb"
35 * is the fsid/inode. "namedstreamX" is a file named after the stream
39 static uint32_t hash_fn(DATA_BLOB key)
41 uint32_t value; /* Used to compute the hash value. */
42 uint32_t i; /* Used to cycle through random values. */
44 /* Set the initial value from the key size. */
45 for (value = 0x238F13AF * key.length, i=0; i < key.length; i++)
46 value = (value + (key.data[i] << (i*5 % 24)));
48 return (1103515243 * value + 12345);
52 * With the hashing scheme based on the inode we need to protect against
53 * streams showing up on files with re-used inodes. This can happen if we
54 * create a stream directory from within Samba, and a local process or NFS
55 * client deletes the file without deleting the streams directory. When the
56 * inode is re-used and the stream directory is still around, the streams in
57 * there would be show up as belonging to the new file.
59 * There are several workarounds for this, probably the easiest one is on
60 * systems which have a true birthtime stat element: When the file has a later
61 * birthtime than the streams directory, then we have to recreate the
64 * The other workaround is to somehow mark the file as generated by Samba with
65 * something that a NFS client would not do. The closest one is a special
66 * xattr value being set. On systems which do not support xattrs, it might be
67 * an option to put in a special ACL entry for a non-existing group.
70 static bool file_is_valid(vfs_handle_struct *handle, const char *path)
74 DEBUG(10, ("file_is_valid (%s) called\n", path));
76 if (SMB_VFS_GETXATTR(handle->conn, path, SAMBA_XATTR_MARKER,
77 &buf, sizeof(buf)) != sizeof(buf)) {
78 DEBUG(10, ("GETXATTR failed: %s\n", strerror(errno)));
83 DEBUG(10, ("got wrong buffer content: '%c'\n", buf));
90 static bool mark_file_valid(vfs_handle_struct *handle, const char *path)
95 DEBUG(10, ("marking file %s as valid\n", path));
97 ret = SMB_VFS_SETXATTR(handle->conn, path, SAMBA_XATTR_MARKER,
98 &buf, sizeof(buf), 0);
101 DEBUG(10, ("SETXATTR failed: %s\n", strerror(errno)));
109 * Given an smb_filename, determine the stream directory using the file's
112 static char *stream_dir(vfs_handle_struct *handle,
113 const struct smb_filename *smb_fname,
114 const SMB_STRUCT_STAT *base_sbuf, bool create_it)
117 struct smb_filename *smb_fname_hash = NULL;
119 SMB_STRUCT_STAT base_sbuf_tmp;
120 uint8_t first, second;
128 check_valid = lp_parm_bool(SNUM(handle->conn),
129 "streams_depot", "check_valid", true);
131 tmp = talloc_asprintf(talloc_tos(), "%s/.streams", handle->conn->cwd);
138 rootdir = lp_parm_const_string(
139 SNUM(handle->conn), "streams_depot", "directory",
142 /* Stat the base file if it hasn't already been done. */
143 if (base_sbuf == NULL) {
144 struct smb_filename *smb_fname_base;
146 smb_fname_base = synthetic_smb_fname(
147 talloc_tos(), smb_fname->base_name, NULL, NULL);
148 if (smb_fname_base == NULL) {
152 if (SMB_VFS_NEXT_STAT(handle, smb_fname_base) == -1) {
153 TALLOC_FREE(smb_fname_base);
156 base_sbuf_tmp = smb_fname_base->st;
157 TALLOC_FREE(smb_fname_base);
159 base_sbuf_tmp = *base_sbuf;
162 id = SMB_VFS_FILE_ID_CREATE(handle->conn, &base_sbuf_tmp);
164 push_file_id_16((char *)id_buf, &id);
166 hash = hash_fn(data_blob_const(id_buf, sizeof(id_buf)));
169 second = (hash >> 8) & 0xff;
171 id_hex = hex_encode_talloc(talloc_tos(), id_buf, sizeof(id_buf));
173 if (id_hex == NULL) {
178 result = talloc_asprintf(talloc_tos(), "%s/%2.2X/%2.2X/%s", rootdir,
179 first, second, id_hex);
183 if (result == NULL) {
188 smb_fname_hash = synthetic_smb_fname(talloc_tos(), result, NULL, NULL);
189 if (smb_fname_hash == NULL) {
194 if (SMB_VFS_NEXT_STAT(handle, smb_fname_hash) == 0) {
195 struct smb_filename *smb_fname_new = NULL;
199 if (!S_ISDIR(smb_fname_hash->st.st_ex_mode)) {
205 file_is_valid(handle, smb_fname->base_name)) {
210 * Someone has recreated a file under an existing inode
211 * without deleting the streams directory.
212 * Move it away or remove if streams_depot:delete_lost is set.
216 delete_lost = lp_parm_bool(SNUM(handle->conn), "streams_depot",
217 "delete_lost", false);
220 DEBUG(3, ("Someone has recreated a file under an "
221 "existing inode. Removing: %s\n",
222 smb_fname_hash->base_name));
223 recursive_rmdir(talloc_tos(), handle->conn,
225 SMB_VFS_NEXT_RMDIR(handle, smb_fname_hash->base_name);
227 newname = talloc_asprintf(talloc_tos(), "lost-%lu",
229 DEBUG(3, ("Someone has recreated a file under an "
230 "existing inode. Renaming: %s to: %s\n",
231 smb_fname_hash->base_name,
233 if (newname == NULL) {
238 smb_fname_new = synthetic_smb_fname(
239 talloc_tos(), newname, NULL, NULL);
240 TALLOC_FREE(newname);
241 if (smb_fname_new == NULL) {
246 if (SMB_VFS_NEXT_RENAME(handle, smb_fname_hash,
247 smb_fname_new) == -1) {
248 TALLOC_FREE(smb_fname_new);
249 if ((errno == EEXIST) || (errno == ENOTEMPTY)) {
255 TALLOC_FREE(smb_fname_new);
264 if ((SMB_VFS_NEXT_MKDIR(handle, rootdir, 0755) != 0)
265 && (errno != EEXIST)) {
269 tmp = talloc_asprintf(result, "%s/%2.2X", rootdir, first);
275 if ((SMB_VFS_NEXT_MKDIR(handle, tmp, 0755) != 0)
276 && (errno != EEXIST)) {
282 tmp = talloc_asprintf(result, "%s/%2.2X/%2.2X", rootdir, first,
289 if ((SMB_VFS_NEXT_MKDIR(handle, tmp, 0755) != 0)
290 && (errno != EEXIST)) {
296 if ((SMB_VFS_NEXT_MKDIR(handle, result, 0755) != 0)
297 && (errno != EEXIST)) {
301 if (check_valid && !mark_file_valid(handle, smb_fname->base_name)) {
305 TALLOC_FREE(smb_fname_hash);
309 TALLOC_FREE(smb_fname_hash);
314 * Given a stream name, populate smb_fname_out with the actual location of the
317 static NTSTATUS stream_smb_fname(vfs_handle_struct *handle,
318 const struct smb_filename *smb_fname,
319 struct smb_filename **smb_fname_out,
322 char *dirname, *stream_fname;
326 *smb_fname_out = NULL;
328 stype = strchr_m(smb_fname->stream_name + 1, ':');
331 if (strcasecmp_m(stype, ":$DATA") != 0) {
332 return NT_STATUS_INVALID_PARAMETER;
336 dirname = stream_dir(handle, smb_fname, NULL, create_dir);
338 if (dirname == NULL) {
339 status = map_nt_error_from_unix(errno);
343 stream_fname = talloc_asprintf(talloc_tos(), "%s/%s", dirname,
344 smb_fname->stream_name);
346 if (stream_fname == NULL) {
347 status = NT_STATUS_NO_MEMORY;
352 /* Append an explicit stream type if one wasn't specified. */
353 stream_fname = talloc_asprintf(talloc_tos(), "%s:$DATA",
355 if (stream_fname == NULL) {
356 status = NT_STATUS_NO_MEMORY;
360 /* Normalize the stream type to upercase. */
361 if (!strupper_m(strrchr_m(stream_fname, ':') + 1)) {
362 status = NT_STATUS_INVALID_PARAMETER;
367 DEBUG(10, ("stream filename = %s\n", stream_fname));
369 /* Create an smb_filename with stream_name == NULL. */
370 *smb_fname_out = synthetic_smb_fname(
371 talloc_tos(), stream_fname, NULL, NULL);
372 if (*smb_fname_out == NULL) {
373 return NT_STATUS_NO_MEMORY;
379 DEBUG(5, ("stream_name failed: %s\n", strerror(errno)));
380 TALLOC_FREE(*smb_fname_out);
384 static NTSTATUS walk_streams(vfs_handle_struct *handle,
385 struct smb_filename *smb_fname_base,
387 bool (*fn)(const char *dirname,
393 DIR *dirhandle = NULL;
394 const char *dirent = NULL;
395 char *talloced = NULL;
397 dirname = stream_dir(handle, smb_fname_base, &smb_fname_base->st,
400 if (dirname == NULL) {
401 if (errno == ENOENT) {
407 return map_nt_error_from_unix(errno);
410 DEBUG(10, ("walk_streams: dirname=%s\n", dirname));
412 dirhandle = SMB_VFS_NEXT_OPENDIR(handle, dirname, NULL, 0);
414 if (dirhandle == NULL) {
415 TALLOC_FREE(dirname);
416 return map_nt_error_from_unix(errno);
419 while ((dirent = vfs_readdirname(handle->conn, dirhandle, NULL,
420 &talloced)) != NULL) {
422 if (ISDOT(dirent) || ISDOTDOT(dirent)) {
423 TALLOC_FREE(talloced);
427 DEBUG(10, ("walk_streams: dirent=%s\n", dirent));
429 if (!fn(dirname, dirent, private_data)) {
430 TALLOC_FREE(talloced);
433 TALLOC_FREE(talloced);
436 SMB_VFS_NEXT_CLOSEDIR(handle, dirhandle);
438 if (pdirname != NULL) {
442 TALLOC_FREE(dirname);
449 * Helper to stat/lstat the base file of an smb_fname. This will actually
450 * fills in the stat struct in smb_filename.
452 static int streams_depot_stat_base(vfs_handle_struct *handle,
453 struct smb_filename *smb_fname,
456 char *tmp_stream_name;
459 tmp_stream_name = smb_fname->stream_name;
460 smb_fname->stream_name = NULL;
462 result = SMB_VFS_NEXT_STAT(handle, smb_fname);
464 result = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
466 smb_fname->stream_name = tmp_stream_name;
470 static int streams_depot_stat(vfs_handle_struct *handle,
471 struct smb_filename *smb_fname)
473 struct smb_filename *smb_fname_stream = NULL;
477 DEBUG(10, ("streams_depot_stat called for [%s]\n",
478 smb_fname_str_dbg(smb_fname)));
480 if (!is_ntfs_stream_smb_fname(smb_fname)) {
481 return SMB_VFS_NEXT_STAT(handle, smb_fname);
484 /* If the default stream is requested, just stat the base file. */
485 if (is_ntfs_default_stream_smb_fname(smb_fname)) {
486 return streams_depot_stat_base(handle, smb_fname, true);
489 /* Stat the actual stream now. */
490 status = stream_smb_fname(handle, smb_fname, &smb_fname_stream,
492 if (!NT_STATUS_IS_OK(status)) {
494 errno = map_errno_from_nt_status(status);
498 ret = SMB_VFS_NEXT_STAT(handle, smb_fname_stream);
500 /* Update the original smb_fname with the stat info. */
501 smb_fname->st = smb_fname_stream->st;
503 TALLOC_FREE(smb_fname_stream);
509 static int streams_depot_lstat(vfs_handle_struct *handle,
510 struct smb_filename *smb_fname)
512 struct smb_filename *smb_fname_stream = NULL;
516 DEBUG(10, ("streams_depot_lstat called for [%s]\n",
517 smb_fname_str_dbg(smb_fname)));
519 if (!is_ntfs_stream_smb_fname(smb_fname)) {
520 return SMB_VFS_NEXT_LSTAT(handle, smb_fname);
523 /* If the default stream is requested, just stat the base file. */
524 if (is_ntfs_default_stream_smb_fname(smb_fname)) {
525 return streams_depot_stat_base(handle, smb_fname, false);
528 /* Stat the actual stream now. */
529 status = stream_smb_fname(handle, smb_fname, &smb_fname_stream,
531 if (!NT_STATUS_IS_OK(status)) {
533 errno = map_errno_from_nt_status(status);
537 ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname_stream);
540 TALLOC_FREE(smb_fname_stream);
544 static int streams_depot_open(vfs_handle_struct *handle,
545 struct smb_filename *smb_fname,
546 files_struct *fsp, int flags, mode_t mode)
548 struct smb_filename *smb_fname_stream = NULL;
549 struct smb_filename *smb_fname_base = NULL;
553 if (!is_ntfs_stream_smb_fname(smb_fname)) {
554 return SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
557 /* If the default stream is requested, just open the base file. */
558 if (is_ntfs_default_stream_smb_fname(smb_fname)) {
559 char *tmp_stream_name;
561 tmp_stream_name = smb_fname->stream_name;
562 smb_fname->stream_name = NULL;
563 ret = SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
564 smb_fname->stream_name = tmp_stream_name;
569 /* Ensure the base file still exists. */
570 smb_fname_base = synthetic_smb_fname(
571 talloc_tos(), smb_fname->base_name, NULL, NULL);
572 if (smb_fname_base == NULL) {
578 ret = SMB_VFS_NEXT_STAT(handle, smb_fname_base);
583 /* Determine the stream name, and then open it. */
584 status = stream_smb_fname(handle, smb_fname, &smb_fname_stream, true);
585 if (!NT_STATUS_IS_OK(status)) {
587 errno = map_errno_from_nt_status(status);
591 ret = SMB_VFS_NEXT_OPEN(handle, smb_fname_stream, fsp, flags, mode);
594 TALLOC_FREE(smb_fname_stream);
595 TALLOC_FREE(smb_fname_base);
599 static int streams_depot_unlink(vfs_handle_struct *handle,
600 const struct smb_filename *smb_fname)
602 struct smb_filename *smb_fname_base = NULL;
605 DEBUG(10, ("streams_depot_unlink called for %s\n",
606 smb_fname_str_dbg(smb_fname)));
608 /* If there is a valid stream, just unlink the stream and return. */
609 if (is_ntfs_stream_smb_fname(smb_fname) &&
610 !is_ntfs_default_stream_smb_fname(smb_fname)) {
611 struct smb_filename *smb_fname_stream = NULL;
614 status = stream_smb_fname(handle, smb_fname, &smb_fname_stream,
616 if (!NT_STATUS_IS_OK(status)) {
617 errno = map_errno_from_nt_status(status);
621 ret = SMB_VFS_NEXT_UNLINK(handle, smb_fname_stream);
623 TALLOC_FREE(smb_fname_stream);
628 * We potentially need to delete the per-inode streams directory
631 smb_fname_base = synthetic_smb_fname(
632 talloc_tos(), smb_fname->base_name, NULL, NULL);
633 if (smb_fname_base == NULL) {
638 if (lp_posix_pathnames()) {
639 ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname_base);
641 ret = SMB_VFS_NEXT_STAT(handle, smb_fname_base);
645 TALLOC_FREE(smb_fname_base);
649 ret = SMB_VFS_NEXT_UNLINK(handle, smb_fname);
651 char *dirname = stream_dir(handle, smb_fname_base,
652 &smb_fname_base->st, false);
654 if (dirname != NULL) {
655 SMB_VFS_NEXT_RMDIR(handle, dirname);
657 TALLOC_FREE(dirname);
660 TALLOC_FREE(smb_fname_base);
664 static int streams_depot_rmdir(vfs_handle_struct *handle, const char *path)
666 struct smb_filename *smb_fname_base = NULL;
669 DEBUG(10, ("streams_depot_rmdir called for %s\n", path));
672 * We potentially need to delete the per-inode streams directory
675 smb_fname_base = synthetic_smb_fname(talloc_tos(), path, NULL, NULL);
676 if (smb_fname_base == NULL) {
681 if (lp_posix_pathnames()) {
682 ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname_base);
684 ret = SMB_VFS_NEXT_STAT(handle, smb_fname_base);
688 TALLOC_FREE(smb_fname_base);
692 ret = SMB_VFS_NEXT_RMDIR(handle, path);
694 char *dirname = stream_dir(handle, smb_fname_base,
695 &smb_fname_base->st, false);
697 if (dirname != NULL) {
698 SMB_VFS_NEXT_RMDIR(handle, dirname);
700 TALLOC_FREE(dirname);
703 TALLOC_FREE(smb_fname_base);
707 static int streams_depot_rename(vfs_handle_struct *handle,
708 const struct smb_filename *smb_fname_src,
709 const struct smb_filename *smb_fname_dst)
711 struct smb_filename *smb_fname_src_stream = NULL;
712 struct smb_filename *smb_fname_dst_stream = NULL;
713 bool src_is_stream, dst_is_stream;
717 DEBUG(10, ("streams_depot_rename called for %s => %s\n",
718 smb_fname_str_dbg(smb_fname_src),
719 smb_fname_str_dbg(smb_fname_dst)));
721 src_is_stream = is_ntfs_stream_smb_fname(smb_fname_src);
722 dst_is_stream = is_ntfs_stream_smb_fname(smb_fname_dst);
724 if (!src_is_stream && !dst_is_stream) {
725 return SMB_VFS_NEXT_RENAME(handle, smb_fname_src,
729 /* for now don't allow renames from or to the default stream */
730 if (is_ntfs_default_stream_smb_fname(smb_fname_src) ||
731 is_ntfs_default_stream_smb_fname(smb_fname_dst)) {
736 status = stream_smb_fname(handle, smb_fname_src, &smb_fname_src_stream,
738 if (!NT_STATUS_IS_OK(status)) {
739 errno = map_errno_from_nt_status(status);
743 status = stream_smb_fname(handle, smb_fname_dst,
744 &smb_fname_dst_stream, false);
745 if (!NT_STATUS_IS_OK(status)) {
746 errno = map_errno_from_nt_status(status);
750 ret = SMB_VFS_NEXT_RENAME(handle, smb_fname_src_stream,
751 smb_fname_dst_stream);
754 TALLOC_FREE(smb_fname_src_stream);
755 TALLOC_FREE(smb_fname_dst_stream);
759 static bool add_one_stream(TALLOC_CTX *mem_ctx, unsigned int *num_streams,
760 struct stream_struct **streams,
761 const char *name, off_t size,
764 struct stream_struct *tmp;
766 tmp = talloc_realloc(mem_ctx, *streams, struct stream_struct,
772 tmp[*num_streams].name = talloc_strdup(tmp, name);
773 if (tmp[*num_streams].name == NULL) {
777 tmp[*num_streams].size = size;
778 tmp[*num_streams].alloc_size = alloc_size;
785 struct streaminfo_state {
787 vfs_handle_struct *handle;
788 unsigned int num_streams;
789 struct stream_struct *streams;
793 static bool collect_one_stream(const char *dirname,
797 struct streaminfo_state *state =
798 (struct streaminfo_state *)private_data;
799 struct smb_filename *smb_fname = NULL;
803 sname = talloc_asprintf(talloc_tos(), "%s/%s", dirname, dirent);
805 state->status = NT_STATUS_NO_MEMORY;
810 smb_fname = synthetic_smb_fname(talloc_tos(), sname, NULL, NULL);
811 if (smb_fname == NULL) {
812 state->status = NT_STATUS_NO_MEMORY;
817 if (SMB_VFS_NEXT_STAT(state->handle, smb_fname) == -1) {
818 DEBUG(10, ("Could not stat %s: %s\n", sname,
824 if (!add_one_stream(state->mem_ctx,
825 &state->num_streams, &state->streams,
826 dirent, smb_fname->st.st_ex_size,
827 SMB_VFS_GET_ALLOC_SIZE(state->handle->conn, NULL,
829 state->status = NT_STATUS_NO_MEMORY;
837 TALLOC_FREE(smb_fname);
841 static NTSTATUS streams_depot_streaminfo(vfs_handle_struct *handle,
842 struct files_struct *fsp,
845 unsigned int *pnum_streams,
846 struct stream_struct **pstreams)
848 struct smb_filename *smb_fname_base;
851 struct streaminfo_state state;
853 smb_fname_base = synthetic_smb_fname(talloc_tos(), fname, NULL, NULL);
854 if (smb_fname_base == NULL) {
855 return NT_STATUS_NO_MEMORY;
858 if ((fsp != NULL) && (fsp->fh->fd != -1)) {
859 ret = SMB_VFS_NEXT_FSTAT(handle, fsp, &smb_fname_base->st);
862 if (lp_posix_pathnames()) {
863 ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname_base);
865 ret = SMB_VFS_NEXT_STAT(handle, smb_fname_base);
870 status = map_nt_error_from_unix(errno);
874 state.streams = *pstreams;
875 state.num_streams = *pnum_streams;
876 state.mem_ctx = mem_ctx;
877 state.handle = handle;
878 state.status = NT_STATUS_OK;
880 if (S_ISLNK(smb_fname_base->st.st_ex_mode)) {
882 * Currently we do't have SMB_VFS_LLISTXATTR
883 * inside the VFS which means there's no way
884 * to cope with a symlink when lp_posix_pathnames().
885 * returns true. For now ignore links.
886 * FIXME - by adding SMB_VFS_LLISTXATTR. JRA.
888 status = NT_STATUS_OK;
890 status = walk_streams(handle, smb_fname_base, NULL, collect_one_stream,
894 if (!NT_STATUS_IS_OK(status)) {
895 TALLOC_FREE(state.streams);
899 if (!NT_STATUS_IS_OK(state.status)) {
900 TALLOC_FREE(state.streams);
901 status = state.status;
905 *pnum_streams = state.num_streams;
906 *pstreams = state.streams;
907 status = SMB_VFS_NEXT_STREAMINFO(handle, fsp, fname, mem_ctx, pnum_streams, pstreams);
910 TALLOC_FREE(smb_fname_base);
914 static uint32_t streams_depot_fs_capabilities(struct vfs_handle_struct *handle,
915 enum timestamp_set_resolution *p_ts_res)
917 return SMB_VFS_NEXT_FS_CAPABILITIES(handle, p_ts_res) | FILE_NAMED_STREAMS;
920 static struct vfs_fn_pointers vfs_streams_depot_fns = {
921 .fs_capabilities_fn = streams_depot_fs_capabilities,
922 .open_fn = streams_depot_open,
923 .stat_fn = streams_depot_stat,
924 .lstat_fn = streams_depot_lstat,
925 .unlink_fn = streams_depot_unlink,
926 .rmdir_fn = streams_depot_rmdir,
927 .rename_fn = streams_depot_rename,
928 .streaminfo_fn = streams_depot_streaminfo,
931 NTSTATUS vfs_streams_depot_init(void);
932 NTSTATUS vfs_streams_depot_init(void)
934 return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "streams_depot",
935 &vfs_streams_depot_fns);