2 Unix SMB/CIFS implementation.
3 Wrap gpfs calls in vfs functions.
5 Copyright (C) Christian Ambach <cambach1@de.ibm.com> 2006
7 Major code contributions by Chetan Shringarpure <chetan.sh@in.ibm.com>
8 and Gomati Mohanan <gomati.mohanan@in.ibm.com>
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "smbd/smbd.h"
26 #include "librpc/gen_ndr/ndr_xattr.h"
27 #include "include/smbprofile.h"
28 #include "modules/non_posix_acls.h"
31 #define DBGC_CLASS DBGC_VFS
33 #include <gpfs_fcntl.h>
34 #include "nfs4_acls.h"
36 #include "system/filesys.h"
38 #include "lib/util/tevent_unix.h"
40 struct gpfs_config_data {
55 static inline unsigned int gpfs_acl_flags(gpfs_acl_t *gacl)
57 if (gacl->acl_level == 1) { /* GPFS_ACL_LEVEL_V4FLAGS */
58 /* gacl->v4Level1.acl_flags requires gpfs 3.5 */
59 return *(unsigned int *)&gacl->ace_v4;
64 static inline gpfs_ace_v4_t *gpfs_ace_ptr(gpfs_acl_t *gacl, unsigned int i)
66 if (gacl->acl_level == 1) { /* GPFS_ACL_LEVEL_V4FLAGS */
67 /* &gacl->v4Level1.ace_v4[i] requires gpfs 3.5 */
68 char *ptr = (char *)&gacl->ace_v4[i] + sizeof(unsigned int);
69 return (gpfs_ace_v4_t *)ptr;
71 return &gacl->ace_v4[i];
74 static int vfs_gpfs_kernel_flock(vfs_handle_struct *handle, files_struct *fsp,
75 uint32 share_mode, uint32 access_mask)
78 struct gpfs_config_data *config;
81 START_PROFILE(syscall_kernel_flock);
83 SMB_VFS_HANDLE_GET_DATA(handle, config,
84 struct gpfs_config_data,
87 if(!config->sharemodes) {
91 kernel_flock(fsp->fh->fd, share_mode, access_mask);
93 if (!set_gpfs_sharemode(fsp, access_mask, fsp->share_access)) {
97 END_PROFILE(syscall_kernel_flock);
102 static int vfs_gpfs_close(vfs_handle_struct *handle, files_struct *fsp)
105 struct gpfs_config_data *config;
107 SMB_VFS_HANDLE_GET_DATA(handle, config,
108 struct gpfs_config_data,
111 if (config->sharemodes && (fsp->fh != NULL) && (fsp->fh->fd != -1)) {
112 set_gpfs_sharemode(fsp, 0, 0);
115 return SMB_VFS_NEXT_CLOSE(handle, fsp);
118 static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp,
121 struct gpfs_config_data *config;
124 START_PROFILE(syscall_linux_setlease);
126 SMB_VFS_HANDLE_GET_DATA(handle, config,
127 struct gpfs_config_data,
130 if (linux_set_lease_sighandler(fsp->fh->fd) == -1)
133 if (config->leases) {
135 * Ensure the lease owner is root to allow
136 * correct delivery of lease-break signals.
139 ret = set_gpfs_lease(fsp->fh->fd,leasetype);
143 END_PROFILE(syscall_linux_setlease);
148 static int vfs_gpfs_get_real_filename(struct vfs_handle_struct *handle,
156 char real_pathname[PATH_MAX+1];
159 struct gpfs_config_data *config;
161 SMB_VFS_HANDLE_GET_DATA(handle, config,
162 struct gpfs_config_data,
165 if (!config->getrealfilename) {
166 return SMB_VFS_NEXT_GET_REAL_FILENAME(handle, path, name,
167 mem_ctx, found_name);
170 mangled = mangle_is_mangled(name, handle->conn->params);
172 return SMB_VFS_NEXT_GET_REAL_FILENAME(handle, path, name,
173 mem_ctx, found_name);
176 full_path = talloc_asprintf(talloc_tos(), "%s/%s", path, name);
177 if (full_path == NULL) {
182 buflen = sizeof(real_pathname) - 1;
184 result = gpfswrap_get_realfilename_path(full_path, real_pathname,
187 TALLOC_FREE(full_path);
189 if ((result == -1) && (errno == ENOSYS)) {
190 return SMB_VFS_NEXT_GET_REAL_FILENAME(
191 handle, path, name, mem_ctx, found_name);
195 DEBUG(10, ("smbd_gpfs_get_realfilename_path returned %s\n",
201 * GPFS does not necessarily null-terminate the returned path
202 * but instead returns the buffer length in buflen.
205 if (buflen < sizeof(real_pathname)) {
206 real_pathname[buflen] = '\0';
208 real_pathname[sizeof(real_pathname)-1] = '\0';
211 DEBUG(10, ("smbd_gpfs_get_realfilename_path: %s/%s -> %s\n",
212 path, name, real_pathname));
214 name = strrchr_m(real_pathname, '/');
220 *found_name = talloc_strdup(mem_ctx, name+1);
221 if (*found_name == NULL) {
229 static void sd2gpfs_control(uint16_t control, struct gpfs_acl *gacl)
231 unsigned int gpfs_aclflags = 0;
232 control &= SEC_DESC_DACL_PROTECTED | SEC_DESC_SACL_PROTECTED |
233 SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_SACL_AUTO_INHERITED |
234 SEC_DESC_DACL_DEFAULTED | SEC_DESC_SACL_DEFAULTED |
235 SEC_DESC_DACL_PRESENT | SEC_DESC_SACL_PRESENT;
236 gpfs_aclflags = control << 8;
237 if (!(control & SEC_DESC_DACL_PRESENT))
238 gpfs_aclflags |= 0x00800000; /* ACL4_FLAG_NULL_DACL; */
239 if (!(control & SEC_DESC_SACL_PRESENT))
240 gpfs_aclflags |= 0x01000000; /* ACL4_FLAG_NULL_SACL; */
241 gacl->acl_level = 1; /* GPFS_ACL_LEVEL_V4FLAGS*/
242 /* gacl->v4Level1.acl_flags requires gpfs 3.5 */
243 *(unsigned int *)&gacl->ace_v4 = gpfs_aclflags;
246 static uint16_t gpfs2sd_control(unsigned int gpfs_aclflags)
248 uint16_t control = gpfs_aclflags >> 8;
249 control &= SEC_DESC_DACL_PROTECTED | SEC_DESC_SACL_PROTECTED |
250 SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_SACL_AUTO_INHERITED |
251 SEC_DESC_DACL_DEFAULTED | SEC_DESC_SACL_DEFAULTED |
252 SEC_DESC_DACL_PRESENT | SEC_DESC_SACL_PRESENT;
253 control |= SEC_DESC_SELF_RELATIVE;
257 static void gpfs_dumpacl(int level, struct gpfs_acl *gacl)
262 DEBUG(0, ("gpfs acl is NULL\n"));
266 DEBUG(level, ("len: %d, level: %d, version: %d, nace: %d, "
268 gacl->acl_len, gacl->acl_level, gacl->acl_version,
269 gacl->acl_nace, gpfs_acl_flags(gacl)));
271 for(i=0; i<gacl->acl_nace; i++)
273 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, i);
274 DEBUG(level, ("\tace[%d]: type:%d, flags:0x%x, mask:0x%x, "
275 "iflags:0x%x, who:%u\n",
276 i, gace->aceType, gace->aceFlags, gace->aceMask,
277 gace->aceIFlags, gace->aceWho));
282 * get the ACL from GPFS, allocated on the specified mem_ctx
283 * internally retries when initial buffer was too small
285 * caller needs to cast result to either
286 * raw = yes: struct gpfs_opaque_acl
287 * raw = no: struct gpfs_acl
290 static void *vfs_gpfs_getacl(TALLOC_CTX *mem_ctx,
293 const gpfs_aclType_t type)
304 aclbuf = talloc_zero_size(mem_ctx, size);
305 if (aclbuf == NULL) {
311 struct gpfs_opaque_acl *buf = (struct gpfs_opaque_acl *) aclbuf;
312 buf->acl_type = type;
313 flags = GPFS_GETACL_NATIVE;
314 len = (unsigned int *) &(buf->acl_buffer_len);
315 struct_size = sizeof(struct gpfs_opaque_acl);
317 struct gpfs_acl *buf = (struct gpfs_acl *) aclbuf;
318 buf->acl_type = type;
319 buf->acl_level = 1; /* GPFS_ACL_LEVEL_V4FLAGS */
320 flags = GPFS_GETACL_STRUCT;
321 len = &(buf->acl_len);
322 /* reserve space for control flags in gpfs 3.5 and beyond */
323 struct_size = sizeof(struct gpfs_acl) + sizeof(unsigned int);
326 /* set the length of the buffer as input value */
330 ret = gpfswrap_getacl(discard_const_p(char, fname), flags, aclbuf);
331 if ((ret != 0) && (errno == ENOSPC)) {
333 * get the size needed to accommodate the complete buffer
335 * the value returned only applies to the ACL blob in the
336 * struct so make sure to also have headroom for the first
337 * struct members by adding room for the complete struct
338 * (might be a few bytes too much then)
340 size = *len + struct_size;
342 DEBUG(10, ("Increasing ACL buffer size to %zu\n", size));
347 DEBUG(5, ("smbd_gpfs_getacl failed with %s\n",
356 /* Tries to get nfs4 acls and returns SMB ACL allocated.
357 * On failure returns 1 if it got non-NFSv4 ACL to prompt
358 * retry with POSIX ACL checks.
359 * On failure returns -1 if there is system (GPFS) error, check errno.
360 * Returns 0 on success
362 static int gpfs_get_nfs4_acl(TALLOC_CTX *mem_ctx, const char *fname, SMB4ACL_T **ppacl)
365 struct gpfs_acl *gacl = NULL;
366 DEBUG(10, ("gpfs_get_nfs4_acl invoked for %s\n", fname));
369 gacl = (struct gpfs_acl*) vfs_gpfs_getacl(talloc_tos(), fname,
372 DEBUG(9, ("gpfs_getacl failed for %s with %s\n",
373 fname, strerror(errno)));
377 if (gacl->acl_type != GPFS_ACL_TYPE_NFS4) {
378 DEBUG(10, ("Got non-nfsv4 acl\n"));
379 /* Retry with POSIX ACLs check */
384 *ppacl = smb_create_smb4acl(mem_ctx);
386 if (gacl->acl_level == 1) { /* GPFS_ACL_LEVEL_V4FLAGS */
387 uint16_t control = gpfs2sd_control(gpfs_acl_flags(gacl));
388 smbacl4_set_controlflags(*ppacl, control);
391 DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d, control: %x\n",
392 gacl->acl_len, gacl->acl_level, gacl->acl_version,
393 gacl->acl_nace, gpfs_acl_flags(gacl)));
395 for (i=0; i<gacl->acl_nace; i++) {
396 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, i);
397 SMB_ACE4PROP_T smbace;
398 DEBUG(10, ("type: %d, iflags: %x, flags: %x, mask: %x, "
399 "who: %d\n", gace->aceType, gace->aceIFlags,
400 gace->aceFlags, gace->aceMask, gace->aceWho));
403 if (gace->aceIFlags & ACE4_IFLAG_SPECIAL_ID) {
404 smbace.flags |= SMB_ACE4_ID_SPECIAL;
405 switch (gace->aceWho) {
406 case ACE4_SPECIAL_OWNER:
407 smbace.who.special_id = SMB_ACE4_WHO_OWNER;
409 case ACE4_SPECIAL_GROUP:
410 smbace.who.special_id = SMB_ACE4_WHO_GROUP;
412 case ACE4_SPECIAL_EVERYONE:
413 smbace.who.special_id = SMB_ACE4_WHO_EVERYONE;
416 DEBUG(8, ("invalid special gpfs id %d "
417 "ignored\n", gace->aceWho));
418 continue; /* don't add it */
421 if (gace->aceFlags & ACE4_FLAG_GROUP_ID)
422 smbace.who.gid = gace->aceWho;
424 smbace.who.uid = gace->aceWho;
427 /* remove redundant deny entries */
428 if (i > 0 && gace->aceType == SMB_ACE4_ACCESS_DENIED_ACE_TYPE) {
429 struct gpfs_ace_v4 *prev = gpfs_ace_ptr(gacl, i - 1);
430 if (prev->aceType == SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE &&
431 prev->aceFlags == gace->aceFlags &&
432 prev->aceIFlags == gace->aceIFlags &&
433 (gace->aceMask & prev->aceMask) == 0 &&
434 gace->aceWho == prev->aceWho) {
435 /* it's redundant - skip it */
440 smbace.aceType = gace->aceType;
441 smbace.aceFlags = gace->aceFlags;
442 smbace.aceMask = gace->aceMask;
443 smb_add_ace4(*ppacl, &smbace);
451 static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle,
452 files_struct *fsp, uint32 security_info,
454 struct security_descriptor **ppdesc)
456 SMB4ACL_T *pacl = NULL;
458 struct gpfs_config_data *config;
459 TALLOC_CTX *frame = talloc_stackframe();
464 SMB_VFS_HANDLE_GET_DATA(handle, config,
465 struct gpfs_config_data,
466 return NT_STATUS_INTERNAL_ERROR);
469 status = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info,
475 result = gpfs_get_nfs4_acl(frame, fsp->fsp_name->base_name, &pacl);
478 status = smb_fget_nt_acl_nfs4(fsp, security_info, mem_ctx,
485 DEBUG(10, ("retrying with posix acl...\n"));
486 status = posix_fget_nt_acl(fsp, security_info,
494 /* GPFS ACL was not read, something wrong happened, error code is set in errno */
495 return map_nt_error_from_unix(errno);
498 static NTSTATUS gpfsacl_get_nt_acl(vfs_handle_struct *handle,
500 uint32 security_info,
501 TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc)
503 SMB4ACL_T *pacl = NULL;
505 struct gpfs_config_data *config;
506 TALLOC_CTX *frame = talloc_stackframe();
511 SMB_VFS_HANDLE_GET_DATA(handle, config,
512 struct gpfs_config_data,
513 return NT_STATUS_INTERNAL_ERROR);
516 status = SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info,
522 result = gpfs_get_nfs4_acl(frame, name, &pacl);
525 status = smb_get_nt_acl_nfs4(handle->conn, name, security_info,
526 mem_ctx, ppdesc, pacl);
532 DEBUG(10, ("retrying with posix acl...\n"));
533 status = posix_get_nt_acl(handle->conn, name, security_info,
539 /* GPFS ACL was not read, something wrong happened, error code is set in errno */
541 return map_nt_error_from_unix(errno);
544 static struct gpfs_acl *vfs_gpfs_smbacl2gpfsacl(TALLOC_CTX *mem_ctx,
549 struct gpfs_acl *gacl;
550 gpfs_aclLen_t gacl_len;
553 gacl_len = offsetof(gpfs_acl_t, ace_v4) + sizeof(unsigned int)
554 + smb_get_naces(smbacl) * sizeof(gpfs_ace_v4_t);
556 gacl = (struct gpfs_acl *)TALLOC_SIZE(mem_ctx, gacl_len);
558 DEBUG(0, ("talloc failed\n"));
563 gacl->acl_level = 0; /* GPFS_ACL_LEVEL_BASE */
564 gacl->acl_version = GPFS_ACL_VERSION_NFS4;
565 gacl->acl_type = GPFS_ACL_TYPE_NFS4;
566 gacl->acl_nace = 0; /* change later... */
569 gacl->acl_level = 1; /* GPFS_ACL_LEVEL_V4FLAGS */
570 sd2gpfs_control(smbacl4_get_controlflags(smbacl), gacl);
573 for (smbace=smb_first_ace4(smbacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) {
574 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, gacl->acl_nace);
575 SMB_ACE4PROP_T *aceprop = smb_get_ace4(smbace);
577 gace->aceType = aceprop->aceType;
578 gace->aceFlags = aceprop->aceFlags;
579 gace->aceMask = aceprop->aceMask;
582 * GPFS can't distinguish between WRITE and APPEND on
583 * files, so one being set without the other is an
584 * error. Sorry for the many ()'s :-)
587 if (!fsp->is_directory
589 ((((gace->aceMask & ACE4_MASK_WRITE) == 0)
590 && ((gace->aceMask & ACE4_MASK_APPEND) != 0))
592 (((gace->aceMask & ACE4_MASK_WRITE) != 0)
593 && ((gace->aceMask & ACE4_MASK_APPEND) == 0)))
595 lp_parm_bool(fsp->conn->params->service, "gpfs",
596 "merge_writeappend", True)) {
597 DEBUG(2, ("vfs_gpfs.c: file [%s]: ACE contains "
598 "WRITE^APPEND, setting WRITE|APPEND\n",
600 gace->aceMask |= ACE4_MASK_WRITE|ACE4_MASK_APPEND;
603 gace->aceIFlags = (aceprop->flags&SMB_ACE4_ID_SPECIAL) ? ACE4_IFLAG_SPECIAL_ID : 0;
605 if (aceprop->flags&SMB_ACE4_ID_SPECIAL)
607 switch(aceprop->who.special_id)
609 case SMB_ACE4_WHO_EVERYONE:
610 gace->aceWho = ACE4_SPECIAL_EVERYONE;
612 case SMB_ACE4_WHO_OWNER:
613 gace->aceWho = ACE4_SPECIAL_OWNER;
615 case SMB_ACE4_WHO_GROUP:
616 gace->aceWho = ACE4_SPECIAL_GROUP;
619 DEBUG(8, ("unsupported special_id %d\n", aceprop->who.special_id));
620 continue; /* don't add it !!! */
623 /* just only for the type safety... */
624 if (aceprop->aceFlags&SMB_ACE4_IDENTIFIER_GROUP)
625 gace->aceWho = aceprop->who.gid;
627 gace->aceWho = aceprop->who.uid;
632 gacl->acl_len = (char *)gpfs_ace_ptr(gacl, gacl->acl_nace)
637 static bool gpfsacl_process_smbacl(vfs_handle_struct *handle,
642 struct gpfs_acl *gacl;
643 TALLOC_CTX *mem_ctx = talloc_tos();
645 gacl = vfs_gpfs_smbacl2gpfsacl(mem_ctx, fsp, smbacl, true);
646 if (gacl == NULL) { /* out of memory */
649 ret = gpfswrap_putacl(fsp->fsp_name->base_name,
650 GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA, gacl);
652 if ((ret != 0) && (errno == EINVAL)) {
653 DEBUG(10, ("Retry without nfs41 control flags\n"));
655 gacl = vfs_gpfs_smbacl2gpfsacl(mem_ctx, fsp, smbacl, false);
656 if (gacl == NULL) { /* out of memory */
659 ret = gpfswrap_putacl(fsp->fsp_name->base_name,
660 GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA,
665 DEBUG(8, ("gpfs_putacl failed with %s\n", strerror(errno)));
666 gpfs_dumpacl(8, gacl);
670 DEBUG(10, ("gpfs_putacl succeeded\n"));
674 static NTSTATUS gpfsacl_set_nt_acl_internal(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
676 struct gpfs_acl *acl;
677 NTSTATUS result = NT_STATUS_ACCESS_DENIED;
679 acl = (struct gpfs_acl*) vfs_gpfs_getacl(talloc_tos(),
680 fsp->fsp_name->base_name,
683 return map_nt_error_from_unix(errno);
686 if (acl->acl_version == GPFS_ACL_VERSION_NFS4) {
687 if (lp_parm_bool(fsp->conn->params->service, "gpfs",
688 "refuse_dacl_protected", false)
689 && (psd->type&SEC_DESC_DACL_PROTECTED)) {
690 DEBUG(2, ("Rejecting unsupported ACL with DACL_PROTECTED bit set\n"));
692 return NT_STATUS_NOT_SUPPORTED;
695 result = smb_set_nt_acl_nfs4(handle,
696 fsp, security_info_sent, psd,
697 gpfsacl_process_smbacl);
698 } else { /* assume POSIX ACL - by default... */
699 result = set_nt_acl(fsp, security_info_sent, psd);
706 static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
708 struct gpfs_config_data *config;
710 SMB_VFS_HANDLE_GET_DATA(handle, config,
711 struct gpfs_config_data,
712 return NT_STATUS_INTERNAL_ERROR);
715 return SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
718 return gpfsacl_set_nt_acl_internal(handle, fsp, security_info_sent, psd);
721 static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl, TALLOC_CTX *mem_ctx)
726 result = sys_acl_init(mem_ctx);
727 if (result == NULL) {
732 result->count = pacl->acl_nace;
733 result->acl = talloc_realloc(result, result->acl, struct smb_acl_entry,
735 if (result->acl == NULL) {
741 for (i=0; i<pacl->acl_nace; i++) {
742 struct smb_acl_entry *ace = &result->acl[i];
743 const struct gpfs_ace_v1 *g_ace = &pacl->ace_v1[i];
745 DEBUG(10, ("Converting type %d id %lu perm %x\n",
746 (int)g_ace->ace_type, (unsigned long)g_ace->ace_who,
747 (int)g_ace->ace_perm));
749 switch (g_ace->ace_type) {
751 ace->a_type = SMB_ACL_USER;
752 ace->info.user.uid = (uid_t)g_ace->ace_who;
754 case GPFS_ACL_USER_OBJ:
755 ace->a_type = SMB_ACL_USER_OBJ;
758 ace->a_type = SMB_ACL_GROUP;
759 ace->info.group.gid = (gid_t)g_ace->ace_who;
761 case GPFS_ACL_GROUP_OBJ:
762 ace->a_type = SMB_ACL_GROUP_OBJ;
765 ace->a_type = SMB_ACL_OTHER;
768 ace->a_type = SMB_ACL_MASK;
771 DEBUG(10, ("Got invalid ace_type: %d\n",
779 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_READ) ?
781 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_WRITE) ?
783 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_EXECUTE) ?
786 DEBUGADD(10, ("Converted to %d perm %x\n",
787 ace->a_type, ace->a_perm));
793 static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type,
796 struct gpfs_acl *pacl;
797 SMB_ACL_T result = NULL;
799 pacl = vfs_gpfs_getacl(talloc_tos(), path, false, type);
802 DEBUG(10, ("vfs_gpfs_getacl failed for %s with %s\n",
803 path, strerror(errno)));
810 if (pacl->acl_version != GPFS_ACL_VERSION_POSIX) {
811 DEBUG(10, ("Got acl version %d, expected %d\n",
812 pacl->acl_version, GPFS_ACL_VERSION_POSIX));
817 DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d\n",
818 pacl->acl_len, pacl->acl_level, pacl->acl_version,
821 result = gpfs2smb_acl(pacl, mem_ctx);
822 if (result != NULL) {
837 static SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle,
842 gpfs_aclType_t gpfs_type;
843 struct gpfs_config_data *config;
845 SMB_VFS_HANDLE_GET_DATA(handle, config,
846 struct gpfs_config_data,
850 return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p,
855 case SMB_ACL_TYPE_ACCESS:
856 gpfs_type = GPFS_ACL_TYPE_ACCESS;
858 case SMB_ACL_TYPE_DEFAULT:
859 gpfs_type = GPFS_ACL_TYPE_DEFAULT;
862 DEBUG(0, ("Got invalid type: %d\n", type));
863 smb_panic("exiting");
866 return gpfsacl_get_posix_acl(path_p, gpfs_type, mem_ctx);
869 static SMB_ACL_T gpfsacl_sys_acl_get_fd(vfs_handle_struct *handle,
873 struct gpfs_config_data *config;
875 SMB_VFS_HANDLE_GET_DATA(handle, config,
876 struct gpfs_config_data,
880 return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx);
883 return gpfsacl_get_posix_acl(fsp->fsp_name->base_name,
884 GPFS_ACL_TYPE_ACCESS, mem_ctx);
887 static int gpfsacl_sys_acl_blob_get_file(vfs_handle_struct *handle,
890 char **blob_description,
893 struct gpfs_config_data *config;
894 struct gpfs_opaque_acl *acl = NULL;
898 SMB_VFS_HANDLE_GET_DATA(handle, config,
899 struct gpfs_config_data,
903 return SMB_VFS_NEXT_SYS_ACL_BLOB_GET_FILE(handle, path_p,
910 acl = (struct gpfs_opaque_acl *)
911 vfs_gpfs_getacl(mem_ctx,
917 DEBUG(5, ("vfs_gpfs_getacl finished with errno %d: %s\n",
918 errno, strerror(errno)));
920 /* EINVAL means POSIX ACL, bail out on other cases */
921 if (errno != EINVAL) {
930 * we only need the actual ACL blob here
931 * acl_version will always be NFS4 because we asked
933 * acl_type is only used for POSIX ACLs
935 aclblob.data = (uint8_t*) acl->acl_var_data;
936 aclblob.length = acl->acl_buffer_len;
938 *blob_description = talloc_strdup(mem_ctx, "gpfs_nfs4_acl");
939 if (!*blob_description) {
945 result = non_posix_sys_acl_blob_get_file_helper(handle, path_p,
953 /* fall back to POSIX ACL */
954 return posix_sys_acl_blob_get_file(handle, path_p, mem_ctx,
955 blob_description, blob);
958 static int gpfsacl_sys_acl_blob_get_fd(vfs_handle_struct *handle,
961 char **blob_description,
964 struct gpfs_config_data *config;
965 struct gpfs_opaque_acl *acl = NULL;
969 SMB_VFS_HANDLE_GET_DATA(handle, config,
970 struct gpfs_config_data,
974 return SMB_VFS_NEXT_SYS_ACL_BLOB_GET_FD(handle, fsp, mem_ctx,
975 blob_description, blob);
979 acl = (struct gpfs_opaque_acl *) vfs_gpfs_getacl(mem_ctx,
980 fsp->fsp_name->base_name,
985 DEBUG(5, ("vfs_gpfs_getacl finished with errno %d: %s\n",
986 errno, strerror(errno)));
988 /* EINVAL means POSIX ACL, bail out on other cases */
989 if (errno != EINVAL) {
998 * we only need the actual ACL blob here
999 * acl_version will always be NFS4 because we asked
1001 * acl_type is only used for POSIX ACLs
1003 aclblob.data = (uint8_t*) acl->acl_var_data;
1004 aclblob.length = acl->acl_buffer_len;
1006 *blob_description = talloc_strdup(mem_ctx, "gpfs_nfs4_acl");
1007 if (!*blob_description) {
1013 result = non_posix_sys_acl_blob_get_fd_helper(handle, fsp,
1021 /* fall back to POSIX ACL */
1022 return posix_sys_acl_blob_get_fd(handle, fsp, mem_ctx,
1023 blob_description, blob);
1026 static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl,
1027 SMB_ACL_TYPE_T type)
1030 struct gpfs_acl *result;
1033 DEBUG(10, ("smb2gpfs_acl: Got ACL with %d entries\n", pacl->count));
1035 len = offsetof(gpfs_acl_t, ace_v1) + (pacl->count) *
1036 sizeof(gpfs_ace_v1_t);
1038 result = (struct gpfs_acl *)SMB_MALLOC(len);
1039 if (result == NULL) {
1044 result->acl_len = len;
1045 result->acl_level = 0;
1046 result->acl_version = GPFS_ACL_VERSION_POSIX;
1047 result->acl_type = (type == SMB_ACL_TYPE_DEFAULT) ?
1048 GPFS_ACL_TYPE_DEFAULT : GPFS_ACL_TYPE_ACCESS;
1049 result->acl_nace = pacl->count;
1051 for (i=0; i<pacl->count; i++) {
1052 const struct smb_acl_entry *ace = &pacl->acl[i];
1053 struct gpfs_ace_v1 *g_ace = &result->ace_v1[i];
1055 DEBUG(10, ("Converting type %d perm %x\n",
1056 (int)ace->a_type, (int)ace->a_perm));
1058 g_ace->ace_perm = 0;
1060 switch(ace->a_type) {
1062 g_ace->ace_type = GPFS_ACL_USER;
1063 g_ace->ace_who = (gpfs_uid_t)ace->info.user.uid;
1065 case SMB_ACL_USER_OBJ:
1066 g_ace->ace_type = GPFS_ACL_USER_OBJ;
1067 g_ace->ace_perm |= ACL_PERM_CONTROL;
1071 g_ace->ace_type = GPFS_ACL_GROUP;
1072 g_ace->ace_who = (gpfs_uid_t)ace->info.group.gid;
1074 case SMB_ACL_GROUP_OBJ:
1075 g_ace->ace_type = GPFS_ACL_GROUP_OBJ;
1079 g_ace->ace_type = GPFS_ACL_MASK;
1080 g_ace->ace_perm = 0x8f;
1084 g_ace->ace_type = GPFS_ACL_OTHER;
1088 DEBUG(10, ("Got invalid ace_type: %d\n", ace->a_type));
1094 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_READ) ?
1096 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_WRITE) ?
1098 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_EXECUTE) ?
1099 ACL_PERM_EXECUTE : 0;
1101 DEBUGADD(10, ("Converted to %d id %d perm %x\n",
1102 g_ace->ace_type, g_ace->ace_who, g_ace->ace_perm));
1108 static int gpfsacl_sys_acl_set_file(vfs_handle_struct *handle,
1110 SMB_ACL_TYPE_T type,
1113 struct gpfs_acl *gpfs_acl;
1115 struct gpfs_config_data *config;
1117 SMB_VFS_HANDLE_GET_DATA(handle, config,
1118 struct gpfs_config_data,
1122 return SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle, name, type, theacl);
1125 gpfs_acl = smb2gpfs_acl(theacl, type);
1126 if (gpfs_acl == NULL) {
1130 result = gpfswrap_putacl(discard_const_p(char, name),
1131 GPFS_PUTACL_STRUCT|GPFS_ACL_SAMBA, gpfs_acl);
1133 SAFE_FREE(gpfs_acl);
1137 static int gpfsacl_sys_acl_set_fd(vfs_handle_struct *handle,
1141 struct gpfs_config_data *config;
1143 SMB_VFS_HANDLE_GET_DATA(handle, config,
1144 struct gpfs_config_data,
1148 return SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, theacl);
1151 return gpfsacl_sys_acl_set_file(handle, fsp->fsp_name->base_name,
1152 SMB_ACL_TYPE_ACCESS, theacl);
1155 static int gpfsacl_sys_acl_delete_def_file(vfs_handle_struct *handle,
1158 struct gpfs_config_data *config;
1160 SMB_VFS_HANDLE_GET_DATA(handle, config,
1161 struct gpfs_config_data,
1165 return SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE(handle, path);
1173 * Assumed: mode bits are shiftable and standard
1174 * Output: the new aceMask field for an smb nfs4 ace
1176 static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx)
1178 const uint32 posix_nfs4map[3] = {
1179 SMB_ACE4_EXECUTE, /* execute */
1180 SMB_ACE4_WRITE_DATA | SMB_ACE4_APPEND_DATA, /* write; GPFS specific */
1181 SMB_ACE4_READ_DATA /* read */
1184 uint32_t posix_mask = 0x01;
1188 for(i=0; i<3; i++) {
1189 nfs4_bits = posix_nfs4map[i];
1190 posix_bit = rwx & posix_mask;
1192 if (aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) {
1194 aceMask |= nfs4_bits;
1196 aceMask &= ~nfs4_bits;
1198 /* add deny bits when suitable */
1200 aceMask |= nfs4_bits;
1202 aceMask &= ~nfs4_bits;
1203 } /* other ace types are unexpected */
1211 static int gpfsacl_emu_chmod(vfs_handle_struct *handle,
1212 const char *path, mode_t mode)
1214 SMB4ACL_T *pacl = NULL;
1216 bool haveAllowEntry[SMB_ACE4_WHO_EVERYONE + 1] = {False, False, False, False};
1218 files_struct fake_fsp; /* TODO: rationalize parametrization */
1220 TALLOC_CTX *frame = talloc_stackframe();
1222 DEBUG(10, ("gpfsacl_emu_chmod invoked for %s mode %o\n", path, mode));
1224 result = gpfs_get_nfs4_acl(frame, path, &pacl);
1230 if (mode & ~(S_IRWXU | S_IRWXG | S_IRWXO)) {
1231 DEBUG(2, ("WARNING: cutting extra mode bits %o on %s\n", mode, path));
1234 for (smbace=smb_first_ace4(pacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) {
1235 SMB_ACE4PROP_T *ace = smb_get_ace4(smbace);
1236 uint32_t specid = ace->who.special_id;
1238 if (ace->flags&SMB_ACE4_ID_SPECIAL &&
1239 ace->aceType<=SMB_ACE4_ACCESS_DENIED_ACE_TYPE &&
1240 specid <= SMB_ACE4_WHO_EVERYONE) {
1244 if (ace->aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE)
1245 haveAllowEntry[specid] = True;
1247 /* mode >> 6 for @owner, mode >> 3 for @group,
1248 * mode >> 0 for @everyone */
1249 newMask = gpfsacl_mask_filter(ace->aceType, ace->aceMask,
1250 mode >> ((SMB_ACE4_WHO_EVERYONE - specid) * 3));
1251 if (ace->aceMask!=newMask) {
1252 DEBUG(10, ("ace changed for %s (%o -> %o) id=%d\n",
1253 path, ace->aceMask, newMask, specid));
1255 ace->aceMask = newMask;
1259 /* make sure we have at least ALLOW entries
1260 * for all the 3 special ids (@EVERYONE, @OWNER, @GROUP)
1263 for(i = SMB_ACE4_WHO_OWNER; i<=SMB_ACE4_WHO_EVERYONE; i++) {
1266 if (haveAllowEntry[i]==True)
1270 ace.aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE;
1271 ace.flags |= SMB_ACE4_ID_SPECIAL;
1272 ace.who.special_id = i;
1274 if (i==SMB_ACE4_WHO_GROUP) /* not sure it's necessary... */
1275 ace.aceFlags |= SMB_ACE4_IDENTIFIER_GROUP;
1277 ace.aceMask = gpfsacl_mask_filter(ace.aceType, ace.aceMask,
1278 mode >> ((SMB_ACE4_WHO_EVERYONE - i) * 3));
1280 /* don't add unnecessary aces */
1284 /* we add it to the END - as windows expects allow aces */
1285 smb_add_ace4(pacl, &ace);
1286 DEBUG(10, ("Added ALLOW ace for %s, mode=%o, id=%d, aceMask=%x\n",
1287 path, mode, i, ace.aceMask));
1290 /* don't add complementary DENY ACEs here */
1291 ZERO_STRUCT(fake_fsp);
1292 fake_fsp.fsp_name = synthetic_smb_fname(
1293 frame, path, NULL, NULL);
1294 if (fake_fsp.fsp_name == NULL) {
1300 if (gpfsacl_process_smbacl(handle, &fake_fsp, pacl) == False) {
1306 return 0; /* ok for [f]chmod */
1309 static int vfs_gpfs_chmod(vfs_handle_struct *handle, const char *path, mode_t mode)
1311 struct smb_filename *smb_fname_cpath;
1314 smb_fname_cpath = synthetic_smb_fname(talloc_tos(), path, NULL, NULL);
1315 if (smb_fname_cpath == NULL) {
1320 if (SMB_VFS_NEXT_STAT(handle, smb_fname_cpath) != 0) {
1324 /* avoid chmod() if possible, to preserve acls */
1325 if ((smb_fname_cpath->st.st_ex_mode & ~S_IFMT) == mode) {
1329 rc = gpfsacl_emu_chmod(handle, path, mode);
1331 return SMB_VFS_NEXT_CHMOD(handle, path, mode);
1335 static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t mode)
1340 if (SMB_VFS_NEXT_FSTAT(handle, fsp, &st) != 0) {
1344 /* avoid chmod() if possible, to preserve acls */
1345 if ((st.st_ex_mode & ~S_IFMT) == mode) {
1349 rc = gpfsacl_emu_chmod(handle, fsp->fsp_name->base_name,
1352 return SMB_VFS_NEXT_FCHMOD(handle, fsp, mode);
1356 static int gpfs_set_xattr(struct vfs_handle_struct *handle, const char *path,
1357 const char *name, const void *value, size_t size, int flags){
1358 struct xattr_DOSATTRIB dosattrib;
1359 enum ndr_err_code ndr_err;
1361 unsigned int dosmode=0;
1362 struct gpfs_winattr attrs;
1364 struct gpfs_config_data *config;
1366 SMB_VFS_HANDLE_GET_DATA(handle, config,
1367 struct gpfs_config_data,
1370 if (!config->winattr) {
1371 DEBUG(10, ("gpfs_set_xattr:name is %s -> next\n",name));
1372 return SMB_VFS_NEXT_SETXATTR(handle,path,name,value,size,flags);
1375 DEBUG(10, ("gpfs_set_xattr: %s \n",path));
1377 /* Only handle DOS Attributes */
1378 if (strcmp(name,SAMBA_XATTR_DOS_ATTRIB) != 0){
1379 DEBUG(5, ("gpfs_set_xattr:name is %s\n",name));
1380 return SMB_VFS_NEXT_SETXATTR(handle,path,name,value,size,flags);
1383 blob.data = discard_const_p(uint8_t, value);
1386 ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), &dosattrib,
1387 (ndr_pull_flags_fn_t)ndr_pull_xattr_DOSATTRIB);
1389 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1390 DEBUG(1, ("gpfs_set_xattr: bad ndr decode "
1391 "from EA on file %s: Error = %s\n",
1392 path, ndr_errstr(ndr_err)));
1396 if (dosattrib.version != 3) {
1397 DEBUG(1, ("gpfs_set_xattr: expected dosattrib version 3, got "
1398 "%d\n", (int)dosattrib.version));
1401 if (!(dosattrib.info.info3.valid_flags & XATTR_DOSINFO_ATTRIB)) {
1402 DEBUG(10, ("gpfs_set_xattr: XATTR_DOSINFO_ATTRIB not "
1403 "valid, ignoring\n"));
1407 dosmode = dosattrib.info.info3.attrib;
1410 /*Just map RD_ONLY, ARCHIVE, SYSTEM HIDDEN and SPARSE. Ignore the others*/
1411 if (dosmode & FILE_ATTRIBUTE_ARCHIVE){
1412 attrs.winAttrs |= GPFS_WINATTR_ARCHIVE;
1414 if (dosmode & FILE_ATTRIBUTE_HIDDEN){
1415 attrs.winAttrs |= GPFS_WINATTR_HIDDEN;
1417 if (dosmode & FILE_ATTRIBUTE_SYSTEM){
1418 attrs.winAttrs |= GPFS_WINATTR_SYSTEM;
1420 if (dosmode & FILE_ATTRIBUTE_READONLY){
1421 attrs.winAttrs |= GPFS_WINATTR_READONLY;
1423 if (dosmode & FILE_ATTRIBUTE_SPARSE) {
1424 attrs.winAttrs |= GPFS_WINATTR_SPARSE_FILE;
1428 ret = set_gpfs_winattrs(discard_const_p(char, path),
1429 GPFS_WINATTR_SET_ATTRS, &attrs);
1431 if (errno == ENOSYS) {
1432 return SMB_VFS_NEXT_SETXATTR(handle, path, name, value,
1436 DEBUG(1, ("gpfs_set_xattr:Set GPFS attributes failed %d\n",ret));
1440 DEBUG(10, ("gpfs_set_xattr:Set attributes: 0x%x\n",attrs.winAttrs));
1444 static ssize_t gpfs_get_xattr(struct vfs_handle_struct *handle, const char *path,
1445 const char *name, void *value, size_t size){
1446 char *attrstr = value;
1447 unsigned int dosmode = 0;
1448 struct gpfs_winattr attrs;
1450 struct gpfs_config_data *config;
1452 SMB_VFS_HANDLE_GET_DATA(handle, config,
1453 struct gpfs_config_data,
1456 if (!config->winattr) {
1457 DEBUG(10, ("gpfs_get_xattr:name is %s -> next\n",name));
1458 return SMB_VFS_NEXT_GETXATTR(handle,path,name,value,size);
1461 DEBUG(10, ("gpfs_get_xattr: %s \n",path));
1463 /* Only handle DOS Attributes */
1464 if (strcmp(name,SAMBA_XATTR_DOS_ATTRIB) != 0){
1465 DEBUG(5, ("gpfs_get_xattr:name is %s\n",name));
1466 return SMB_VFS_NEXT_GETXATTR(handle,path,name,value,size);
1469 ret = get_gpfs_winattrs(discard_const_p(char, path), &attrs);
1473 if (errno == ENOSYS) {
1474 return SMB_VFS_NEXT_GETXATTR(handle, path, name, value,
1478 if (errno != EPERM && errno != EACCES) {
1483 DEBUG(dbg_lvl, ("gpfs_get_xattr: Get GPFS attributes failed: "
1484 "%d (%s)\n", ret, strerror(errno)));
1488 DEBUG(10, ("gpfs_get_xattr:Got attributes: 0x%x\n",attrs.winAttrs));
1490 /*Just map RD_ONLY, ARCHIVE, SYSTEM, HIDDEN and SPARSE. Ignore the others*/
1491 if (attrs.winAttrs & GPFS_WINATTR_ARCHIVE){
1492 dosmode |= FILE_ATTRIBUTE_ARCHIVE;
1494 if (attrs.winAttrs & GPFS_WINATTR_HIDDEN){
1495 dosmode |= FILE_ATTRIBUTE_HIDDEN;
1497 if (attrs.winAttrs & GPFS_WINATTR_SYSTEM){
1498 dosmode |= FILE_ATTRIBUTE_SYSTEM;
1500 if (attrs.winAttrs & GPFS_WINATTR_READONLY){
1501 dosmode |= FILE_ATTRIBUTE_READONLY;
1503 if (attrs.winAttrs & GPFS_WINATTR_SPARSE_FILE) {
1504 dosmode |= FILE_ATTRIBUTE_SPARSE;
1507 snprintf(attrstr, size, "0x%2.2x",
1508 (unsigned int)(dosmode & SAMBA_ATTRIBUTES_MASK));
1509 DEBUG(10, ("gpfs_get_xattr: returning %s\n",attrstr));
1513 #if defined(HAVE_FSTATAT)
1514 static int stat_with_capability(struct vfs_handle_struct *handle,
1515 struct smb_filename *smb_fname, int flag)
1520 const char *rel_name = NULL;
1524 b = parent_dirname(talloc_tos(), smb_fname->base_name,
1525 &dir_name, &rel_name);
1531 fd = open(dir_name, O_RDONLY, 0);
1532 TALLOC_FREE(dir_name);
1537 set_effective_capability(DAC_OVERRIDE_CAPABILITY);
1538 ret = fstatat(fd, rel_name, &st, flag);
1539 drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
1544 init_stat_ex_from_stat(
1545 &smb_fname->st, &st,
1546 lp_fake_directory_create_times(SNUM(handle->conn)));
1553 static int vfs_gpfs_stat(struct vfs_handle_struct *handle,
1554 struct smb_filename *smb_fname)
1556 struct gpfs_winattr attrs;
1560 struct gpfs_config_data *config;
1562 SMB_VFS_HANDLE_GET_DATA(handle, config,
1563 struct gpfs_config_data,
1566 ret = SMB_VFS_NEXT_STAT(handle, smb_fname);
1567 #if defined(HAVE_FSTATAT)
1568 if (ret == -1 && errno == EACCES) {
1569 DEBUG(10, ("Trying stat with capability for %s\n",
1570 smb_fname->base_name));
1571 ret = stat_with_capability(handle, smb_fname, 0);
1578 if (!config->winattr) {
1582 status = get_full_smb_filename(talloc_tos(), smb_fname, &fname);
1583 if (!NT_STATUS_IS_OK(status)) {
1584 errno = map_errno_from_nt_status(status);
1587 ret = get_gpfs_winattrs(discard_const_p(char, fname), &attrs);
1590 smb_fname->st.st_ex_calculated_birthtime = false;
1591 smb_fname->st.st_ex_btime.tv_sec = attrs.creationTime.tv_sec;
1592 smb_fname->st.st_ex_btime.tv_nsec = attrs.creationTime.tv_nsec;
1597 static int vfs_gpfs_fstat(struct vfs_handle_struct *handle,
1598 struct files_struct *fsp, SMB_STRUCT_STAT *sbuf)
1600 struct gpfs_winattr attrs;
1602 struct gpfs_config_data *config;
1604 SMB_VFS_HANDLE_GET_DATA(handle, config,
1605 struct gpfs_config_data,
1608 ret = SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf);
1612 if ((fsp->fh == NULL) || (fsp->fh->fd == -1)) {
1615 if (!config->winattr) {
1619 ret = smbd_fget_gpfs_winattrs(fsp->fh->fd, &attrs);
1621 sbuf->st_ex_calculated_birthtime = false;
1622 sbuf->st_ex_btime.tv_sec = attrs.creationTime.tv_sec;
1623 sbuf->st_ex_btime.tv_nsec = attrs.creationTime.tv_nsec;
1628 static int vfs_gpfs_lstat(struct vfs_handle_struct *handle,
1629 struct smb_filename *smb_fname)
1631 struct gpfs_winattr attrs;
1635 struct gpfs_config_data *config;
1637 SMB_VFS_HANDLE_GET_DATA(handle, config,
1638 struct gpfs_config_data,
1641 ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
1642 #if defined(HAVE_FSTATAT)
1643 if (ret == -1 && errno == EACCES) {
1644 DEBUG(10, ("Trying lstat with capability for %s\n",
1645 smb_fname->base_name));
1646 ret = stat_with_capability(handle, smb_fname,
1647 AT_SYMLINK_NOFOLLOW);
1654 if (!config->winattr) {
1658 status = get_full_smb_filename(talloc_tos(), smb_fname, &path);
1659 if (!NT_STATUS_IS_OK(status)) {
1660 errno = map_errno_from_nt_status(status);
1663 ret = get_gpfs_winattrs(discard_const_p(char, path), &attrs);
1666 smb_fname->st.st_ex_calculated_birthtime = false;
1667 smb_fname->st.st_ex_btime.tv_sec = attrs.creationTime.tv_sec;
1668 smb_fname->st.st_ex_btime.tv_nsec = attrs.creationTime.tv_nsec;
1673 static int vfs_gpfs_ntimes(struct vfs_handle_struct *handle,
1674 const struct smb_filename *smb_fname,
1675 struct smb_file_time *ft)
1678 struct gpfs_winattr attrs;
1682 struct gpfs_config_data *config;
1684 SMB_VFS_HANDLE_GET_DATA(handle, config,
1685 struct gpfs_config_data,
1688 status = get_full_smb_filename(talloc_tos(), smb_fname, &path);
1689 if (!NT_STATUS_IS_OK(status)) {
1690 errno = map_errno_from_nt_status(status);
1694 /* Try to use gpfs_set_times if it is enabled and available */
1695 if (config->settimes) {
1696 ret = smbd_gpfs_set_times_path(path, ft);
1698 if (ret == 0 || (ret == -1 && errno != ENOSYS)) {
1703 DEBUG(10,("gpfs_set_times() not available or disabled, "
1704 "use ntimes and winattr\n"));
1706 ret = SMB_VFS_NEXT_NTIMES(handle, smb_fname, ft);
1708 /* don't complain if access was denied */
1709 if (errno != EPERM && errno != EACCES) {
1710 DEBUG(1,("vfs_gpfs_ntimes: SMB_VFS_NEXT_NTIMES failed:"
1711 "%s", strerror(errno)));
1716 if(null_timespec(ft->create_time)){
1717 DEBUG(10,("vfs_gpfs_ntimes:Create Time is NULL\n"));
1721 if (!config->winattr) {
1726 attrs.creationTime.tv_sec = ft->create_time.tv_sec;
1727 attrs.creationTime.tv_nsec = ft->create_time.tv_nsec;
1729 ret = set_gpfs_winattrs(discard_const_p(char, path),
1730 GPFS_WINATTR_SET_CREATION_TIME, &attrs);
1731 if(ret == -1 && errno != ENOSYS){
1732 DEBUG(1,("vfs_gpfs_ntimes: set GPFS ntimes failed %d\n",ret));
1739 static int vfs_gpfs_fallocate(struct vfs_handle_struct *handle,
1740 struct files_struct *fsp, enum vfs_fallocate_mode mode,
1741 off_t offset, off_t len)
1744 struct gpfs_config_data *config;
1746 SMB_VFS_HANDLE_GET_DATA(handle, config,
1747 struct gpfs_config_data,
1750 if (!config->prealloc) {
1751 /* you should better not run fallocate() on GPFS at all */
1756 if (mode == VFS_FALLOCATE_KEEP_SIZE) {
1757 DEBUG(10, ("Unsupported VFS_FALLOCATE_KEEP_SIZE\n"));
1762 ret = smbd_gpfs_prealloc(fsp->fh->fd, offset, len);
1764 if (ret == -1 && errno != ENOSYS) {
1765 DEBUG(0, ("GPFS prealloc failed: %s\n", strerror(errno)));
1766 } else if (ret == -1 && errno == ENOSYS) {
1767 DEBUG(10, ("GPFS prealloc not supported.\n"));
1769 DEBUG(10, ("GPFS prealloc succeeded.\n"));
1775 static int vfs_gpfs_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
1779 struct gpfs_config_data *config;
1781 SMB_VFS_HANDLE_GET_DATA(handle, config,
1782 struct gpfs_config_data,
1785 if (!config->ftruncate) {
1786 return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1789 result = smbd_gpfs_ftruncate(fsp->fh->fd, len);
1790 if ((result == -1) && (errno == ENOSYS)) {
1791 return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1796 static bool vfs_gpfs_is_offline(struct vfs_handle_struct *handle,
1797 const struct smb_filename *fname,
1798 SMB_STRUCT_STAT *sbuf)
1800 struct gpfs_winattr attrs;
1803 struct gpfs_config_data *config;
1806 SMB_VFS_HANDLE_GET_DATA(handle, config,
1807 struct gpfs_config_data,
1810 if (!config->winattr) {
1811 return SMB_VFS_NEXT_IS_OFFLINE(handle, fname, sbuf);
1814 status = get_full_smb_filename(talloc_tos(), fname, &path);
1815 if (!NT_STATUS_IS_OK(status)) {
1816 errno = map_errno_from_nt_status(status);
1820 ret = get_gpfs_winattrs(path, &attrs);
1826 if ((attrs.winAttrs & GPFS_WINATTR_OFFLINE) != 0) {
1827 DEBUG(10, ("%s is offline\n", path));
1831 DEBUG(10, ("%s is online\n", path));
1833 return SMB_VFS_NEXT_IS_OFFLINE(handle, fname, sbuf);
1836 static bool vfs_gpfs_aio_force(struct vfs_handle_struct *handle,
1837 struct files_struct *fsp)
1839 return vfs_gpfs_is_offline(handle, fsp->fsp_name, &fsp->fsp_name->st);
1842 static ssize_t vfs_gpfs_sendfile(vfs_handle_struct *handle, int tofd,
1843 files_struct *fsp, const DATA_BLOB *hdr,
1844 off_t offset, size_t n)
1846 if (SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name, &fsp->fsp_name->st))
1851 return SMB_VFS_NEXT_SENDFILE(handle, tofd, fsp, hdr, offset, n);
1854 static int vfs_gpfs_connect(struct vfs_handle_struct *handle,
1855 const char *service, const char *user)
1857 struct gpfs_config_data *config;
1860 smbd_gpfs_lib_init();
1862 config = talloc_zero(handle->conn, struct gpfs_config_data);
1864 DEBUG(0, ("talloc_zero() failed\n"));
1869 ret = SMB_VFS_NEXT_CONNECT(handle, service, user);
1871 TALLOC_FREE(config);
1875 config->sharemodes = lp_parm_bool(SNUM(handle->conn), "gpfs",
1876 "sharemodes", true);
1878 config->leases = lp_parm_bool(SNUM(handle->conn), "gpfs",
1881 config->hsm = lp_parm_bool(SNUM(handle->conn), "gpfs",
1884 config->syncio = lp_parm_bool(SNUM(handle->conn), "gpfs",
1887 config->winattr = lp_parm_bool(SNUM(handle->conn), "gpfs",
1890 config->ftruncate = lp_parm_bool(SNUM(handle->conn), "gpfs",
1893 config->getrealfilename = lp_parm_bool(SNUM(handle->conn), "gpfs",
1894 "getrealfilename", true);
1896 config->dfreequota = lp_parm_bool(SNUM(handle->conn), "gpfs",
1897 "dfreequota", false);
1899 config->prealloc = lp_parm_bool(SNUM(handle->conn), "gpfs",
1902 config->acl = lp_parm_bool(SNUM(handle->conn), "gpfs", "acl", true);
1904 config->settimes = lp_parm_bool(SNUM(handle->conn), "gpfs",
1906 config->recalls = lp_parm_bool(SNUM(handle->conn), "gpfs",
1909 SMB_VFS_HANDLE_SET_DATA(handle, config,
1910 NULL, struct gpfs_config_data,
1913 if (config->leases) {
1915 * GPFS lease code is based on kernel oplock code
1916 * so make sure it is turned on
1918 if (!lp_kernel_oplocks(SNUM(handle->conn))) {
1919 DEBUG(5, ("Enabling kernel oplocks for "
1920 "gpfs:leases to work\n"));
1921 lp_do_parameter(SNUM(handle->conn), "kernel oplocks",
1926 * as the kernel does not properly support Level II oplocks
1927 * and GPFS leases code is based on kernel infrastructure, we
1928 * need to turn off Level II oplocks if gpfs:leases is enabled
1930 if (lp_level2_oplocks(SNUM(handle->conn))) {
1931 DEBUG(5, ("gpfs:leases are enabled, disabling "
1932 "Level II oplocks\n"));
1933 lp_do_parameter(SNUM(handle->conn), "level2 oplocks",
1941 static int vfs_gpfs_get_quotas(const char *path, uid_t uid, gid_t gid,
1943 struct gpfs_quotaInfo *qi_user,
1944 struct gpfs_quotaInfo *qi_group,
1945 struct gpfs_quotaInfo *qi_fset)
1952 * We want to always use the directory to get the fileset id,
1953 * because files might have a share mode. We also do not want
1954 * to get the parent directory when there is already a
1955 * directory to avoid stepping in a different fileset. The
1956 * path passed here is currently either "." or a filename, so
1957 * this is ok. The proper solution would be having a way to
1958 * query the fileset id without opening the file.
1960 b = parent_dirname(talloc_tos(), path, &dir_path, NULL);
1966 DEBUG(10, ("path %s, directory %s\n", path, dir_path));
1968 err = get_gpfs_fset_id(dir_path, fset_id);
1970 DEBUG(0, ("Get fset id failed path %s, dir %s, errno %d.\n",
1971 path, dir_path, errno));
1975 err = get_gpfs_quota(path, GPFS_USRQUOTA, uid, qi_user);
1980 err = get_gpfs_quota(path, GPFS_GRPQUOTA, gid, qi_group);
1985 err = get_gpfs_quota(path, GPFS_FILESETQUOTA, *fset_id, qi_fset);
1993 static void vfs_gpfs_disk_free_quota(struct gpfs_quotaInfo qi, time_t cur_time,
1994 uint64_t *dfree, uint64_t *dsize)
1996 uint64_t usage, limit;
1999 * The quota reporting is done in units of 1024 byte blocks, but
2000 * sys_fsusage uses units of 512 byte blocks, adjust the block number
2001 * accordingly. Also filter possibly negative usage counts from gpfs.
2003 usage = qi.blockUsage < 0 ? 0 : (uint64_t)qi.blockUsage * 2;
2004 limit = (uint64_t)qi.blockHardLimit * 2;
2007 * When the grace time for the exceeded soft block quota has been
2008 * exceeded, the soft block quota becomes an additional hard limit.
2010 if (qi.blockSoftLimit &&
2011 qi.blockGraceTime && cur_time > qi.blockGraceTime) {
2012 /* report disk as full */
2014 *dsize = MIN(*dsize, usage);
2017 if (!qi.blockHardLimit)
2020 if (usage >= limit) {
2021 /* report disk as full */
2023 *dsize = MIN(*dsize, usage);
2026 /* limit has not been reached, determine "free space" */
2027 *dfree = MIN(*dfree, limit - usage);
2028 *dsize = MIN(*dsize, limit);
2032 static uint64_t vfs_gpfs_disk_free(vfs_handle_struct *handle, const char *path,
2034 uint64_t *dfree, uint64_t *dsize)
2036 struct security_unix_token *utok;
2037 struct gpfs_quotaInfo qi_user, qi_group, qi_fset;
2038 struct gpfs_config_data *config;
2042 SMB_VFS_HANDLE_GET_DATA(handle, config, struct gpfs_config_data,
2043 return (uint64_t)-1);
2044 if (!config->dfreequota) {
2045 return SMB_VFS_NEXT_DISK_FREE(handle, path,
2046 bsize, dfree, dsize);
2049 err = sys_fsusage(path, dfree, dsize);
2051 DEBUG (0, ("Could not get fs usage, errno %d\n", errno));
2052 return SMB_VFS_NEXT_DISK_FREE(handle, path,
2053 bsize, dfree, dsize);
2056 /* sys_fsusage returns units of 512 bytes */
2059 DEBUG(10, ("fs dfree %llu, dsize %llu\n",
2060 (unsigned long long)*dfree, (unsigned long long)*dsize));
2062 utok = handle->conn->session_info->unix_token;
2063 err = vfs_gpfs_get_quotas(path, utok->uid, utok->gid, &fset_id,
2064 &qi_user, &qi_group, &qi_fset);
2066 return SMB_VFS_NEXT_DISK_FREE(handle, path,
2067 bsize, dfree, dsize);
2070 cur_time = time(NULL);
2072 /* Adjust free space and size according to quota limits. */
2073 vfs_gpfs_disk_free_quota(qi_user, cur_time, dfree, dsize);
2074 vfs_gpfs_disk_free_quota(qi_group, cur_time, dfree, dsize);
2076 /* Id 0 indicates the default quota, not an actual quota */
2078 vfs_gpfs_disk_free_quota(qi_fset, cur_time, dfree, dsize);
2081 disk_norm(bsize, dfree, dsize);
2085 static uint32_t vfs_gpfs_capabilities(struct vfs_handle_struct *handle,
2086 enum timestamp_set_resolution *p_ts_res)
2088 struct gpfs_config_data *config;
2091 next = SMB_VFS_NEXT_FS_CAPABILITIES(handle, p_ts_res);
2093 SMB_VFS_HANDLE_GET_DATA(handle, config,
2094 struct gpfs_config_data,
2098 next |= FILE_SUPPORTS_REMOTE_STORAGE;
2103 static int vfs_gpfs_open(struct vfs_handle_struct *handle,
2104 struct smb_filename *smb_fname, files_struct *fsp,
2105 int flags, mode_t mode)
2107 struct gpfs_config_data *config;
2109 SMB_VFS_HANDLE_GET_DATA(handle, config,
2110 struct gpfs_config_data,
2113 if (config->hsm && !config->recalls) {
2114 if (SMB_VFS_IS_OFFLINE(handle->conn, smb_fname, &smb_fname->st))
2116 DEBUG(10, ("Refusing access to offline file %s\n",
2123 if (config->syncio) {
2126 return SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
2129 static ssize_t vfs_gpfs_pread(vfs_handle_struct *handle, files_struct *fsp,
2130 void *data, size_t n, off_t offset)
2135 was_offline = SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name,
2136 &fsp->fsp_name->st);
2138 ret = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset);
2140 if ((ret != -1) && was_offline) {
2141 notify_fname(handle->conn, NOTIFY_ACTION_MODIFIED,
2142 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2143 fsp->fsp_name->base_name);
2149 struct vfs_gpfs_pread_state {
2150 struct files_struct *fsp;
2156 static void vfs_gpfs_pread_done(struct tevent_req *subreq);
2158 static struct tevent_req *vfs_gpfs_pread_send(struct vfs_handle_struct *handle,
2159 TALLOC_CTX *mem_ctx,
2160 struct tevent_context *ev,
2161 struct files_struct *fsp,
2162 void *data, size_t n,
2165 struct tevent_req *req, *subreq;
2166 struct vfs_gpfs_pread_state *state;
2168 req = tevent_req_create(mem_ctx, &state, struct vfs_gpfs_pread_state);
2172 state->was_offline = SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name,
2173 &fsp->fsp_name->st);
2175 subreq = SMB_VFS_NEXT_PREAD_SEND(state, ev, handle, fsp, data,
2177 if (tevent_req_nomem(subreq, req)) {
2178 return tevent_req_post(req, ev);
2180 tevent_req_set_callback(subreq, vfs_gpfs_pread_done, req);
2184 static void vfs_gpfs_pread_done(struct tevent_req *subreq)
2186 struct tevent_req *req = tevent_req_callback_data(
2187 subreq, struct tevent_req);
2188 struct vfs_gpfs_pread_state *state = tevent_req_data(
2189 req, struct vfs_gpfs_pread_state);
2191 state->ret = SMB_VFS_PREAD_RECV(subreq, &state->err);
2192 TALLOC_FREE(subreq);
2193 tevent_req_done(req);
2196 static ssize_t vfs_gpfs_pread_recv(struct tevent_req *req, int *err)
2198 struct vfs_gpfs_pread_state *state = tevent_req_data(
2199 req, struct vfs_gpfs_pread_state);
2200 struct files_struct *fsp = state->fsp;
2202 if (tevent_req_is_unix_error(req, err)) {
2207 if ((state->ret != -1) && state->was_offline) {
2208 DEBUG(10, ("sending notify\n"));
2209 notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
2210 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2211 fsp->fsp_name->base_name);
2217 static ssize_t vfs_gpfs_pwrite(vfs_handle_struct *handle, files_struct *fsp,
2218 const void *data, size_t n, off_t offset)
2223 was_offline = SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name,
2224 &fsp->fsp_name->st);
2226 ret = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
2228 if ((ret != -1) && was_offline) {
2229 notify_fname(handle->conn, NOTIFY_ACTION_MODIFIED,
2230 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2231 fsp->fsp_name->base_name);
2237 struct vfs_gpfs_pwrite_state {
2238 struct files_struct *fsp;
2244 static void vfs_gpfs_pwrite_done(struct tevent_req *subreq);
2246 static struct tevent_req *vfs_gpfs_pwrite_send(
2247 struct vfs_handle_struct *handle,
2248 TALLOC_CTX *mem_ctx,
2249 struct tevent_context *ev,
2250 struct files_struct *fsp,
2251 const void *data, size_t n,
2254 struct tevent_req *req, *subreq;
2255 struct vfs_gpfs_pwrite_state *state;
2257 req = tevent_req_create(mem_ctx, &state, struct vfs_gpfs_pwrite_state);
2261 state->was_offline = SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name,
2262 &fsp->fsp_name->st);
2264 subreq = SMB_VFS_NEXT_PWRITE_SEND(state, ev, handle, fsp, data,
2266 if (tevent_req_nomem(subreq, req)) {
2267 return tevent_req_post(req, ev);
2269 tevent_req_set_callback(subreq, vfs_gpfs_pwrite_done, req);
2273 static void vfs_gpfs_pwrite_done(struct tevent_req *subreq)
2275 struct tevent_req *req = tevent_req_callback_data(
2276 subreq, struct tevent_req);
2277 struct vfs_gpfs_pwrite_state *state = tevent_req_data(
2278 req, struct vfs_gpfs_pwrite_state);
2280 state->ret = SMB_VFS_PWRITE_RECV(subreq, &state->err);
2281 TALLOC_FREE(subreq);
2282 tevent_req_done(req);
2285 static ssize_t vfs_gpfs_pwrite_recv(struct tevent_req *req, int *err)
2287 struct vfs_gpfs_pwrite_state *state = tevent_req_data(
2288 req, struct vfs_gpfs_pwrite_state);
2289 struct files_struct *fsp = state->fsp;
2291 if (tevent_req_is_unix_error(req, err)) {
2296 if ((state->ret != -1) && state->was_offline) {
2297 DEBUG(10, ("sending notify\n"));
2298 notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
2299 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2300 fsp->fsp_name->base_name);
2307 static struct vfs_fn_pointers vfs_gpfs_fns = {
2308 .connect_fn = vfs_gpfs_connect,
2309 .disk_free_fn = vfs_gpfs_disk_free,
2310 .fs_capabilities_fn = vfs_gpfs_capabilities,
2311 .kernel_flock_fn = vfs_gpfs_kernel_flock,
2312 .linux_setlease_fn = vfs_gpfs_setlease,
2313 .get_real_filename_fn = vfs_gpfs_get_real_filename,
2314 .fget_nt_acl_fn = gpfsacl_fget_nt_acl,
2315 .get_nt_acl_fn = gpfsacl_get_nt_acl,
2316 .fset_nt_acl_fn = gpfsacl_fset_nt_acl,
2317 .sys_acl_get_file_fn = gpfsacl_sys_acl_get_file,
2318 .sys_acl_get_fd_fn = gpfsacl_sys_acl_get_fd,
2319 .sys_acl_blob_get_file_fn = gpfsacl_sys_acl_blob_get_file,
2320 .sys_acl_blob_get_fd_fn = gpfsacl_sys_acl_blob_get_fd,
2321 .sys_acl_set_file_fn = gpfsacl_sys_acl_set_file,
2322 .sys_acl_set_fd_fn = gpfsacl_sys_acl_set_fd,
2323 .sys_acl_delete_def_file_fn = gpfsacl_sys_acl_delete_def_file,
2324 .chmod_fn = vfs_gpfs_chmod,
2325 .fchmod_fn = vfs_gpfs_fchmod,
2326 .close_fn = vfs_gpfs_close,
2327 .setxattr_fn = gpfs_set_xattr,
2328 .getxattr_fn = gpfs_get_xattr,
2329 .stat_fn = vfs_gpfs_stat,
2330 .fstat_fn = vfs_gpfs_fstat,
2331 .lstat_fn = vfs_gpfs_lstat,
2332 .ntimes_fn = vfs_gpfs_ntimes,
2333 .is_offline_fn = vfs_gpfs_is_offline,
2334 .aio_force_fn = vfs_gpfs_aio_force,
2335 .sendfile_fn = vfs_gpfs_sendfile,
2336 .fallocate_fn = vfs_gpfs_fallocate,
2337 .open_fn = vfs_gpfs_open,
2338 .pread_fn = vfs_gpfs_pread,
2339 .pread_send_fn = vfs_gpfs_pread_send,
2340 .pread_recv_fn = vfs_gpfs_pread_recv,
2341 .pwrite_fn = vfs_gpfs_pwrite,
2342 .pwrite_send_fn = vfs_gpfs_pwrite_send,
2343 .pwrite_recv_fn = vfs_gpfs_pwrite_recv,
2344 .ftruncate_fn = vfs_gpfs_ftruncate
2347 NTSTATUS vfs_gpfs_init(void);
2348 NTSTATUS vfs_gpfs_init(void)
2352 ret = gpfswrap_init();
2354 DEBUG(1, ("Could not initialize GPFS library wrapper\n"));
2357 return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "gpfs",