2 Unix SMB/CIFS implementation.
3 Files[] structure handling
4 Copyright (C) Andrew Tridgell 1998
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "smbd/smbd.h"
22 #include "smbd/globals.h"
23 #include "smbd/smbXsrv_open.h"
24 #include "libcli/security/security.h"
26 #include "lib/util/bitmap.h"
27 #include "lib/util/strv.h"
28 #include "lib/util/memcache.h"
29 #include "libcli/smb/reparse.h"
31 #define FILE_HANDLE_OFFSET 0x1000
33 static NTSTATUS fsp_attach_smb_fname(struct files_struct *fsp,
34 struct smb_filename **_smb_fname);
37 * create new fsp to be used for file_new or a durable handle reconnect
39 NTSTATUS fsp_new(struct connection_struct *conn, TALLOC_CTX *mem_ctx,
40 files_struct **result)
42 NTSTATUS status = NT_STATUS_NO_MEMORY;
43 files_struct *fsp = NULL;
44 struct smbd_server_connection *sconn = conn->sconn;
46 fsp = talloc_zero(mem_ctx, struct files_struct);
52 * This can't be a child of fsp because the file_handle can be ref'd
53 * when doing a dos/fcb open, which will then share the file_handle
54 * across multiple fsps.
56 fsp->fh = fd_handle_create(mem_ctx);
57 if (fsp->fh == NULL) {
61 fsp->fsp_flags.use_ofd_locks = !lp_smbd_force_process_locks(SNUM(conn));
62 #ifndef HAVE_OFD_LOCKS
63 fsp->fsp_flags.use_ofd_locks = false;
66 fh_set_refcount(fsp->fh, 1);
69 fsp->fnum = FNUM_FIELD_INVALID;
71 fsp->close_write_time = make_omit_timespec();
73 DLIST_ADD(sconn->files, fsp);
74 sconn->num_files += 1;
76 conn->num_files_open++;
78 DBG_INFO("allocated files structure (%u used)\n",
79 (unsigned int)sconn->num_files);
93 void fsp_set_gen_id(files_struct *fsp)
95 static uint64_t gen_id = 1;
98 * A billion of 64-bit increments per second gives us
99 * more than 500 years of runtime without wrap.
102 fh_set_gen_id(fsp->fh, gen_id);
105 /****************************************************************************
106 Find first available file slot.
107 ****************************************************************************/
109 NTSTATUS fsp_bind_smb(struct files_struct *fsp, struct smb_request *req)
111 struct smbXsrv_open *op = NULL;
116 DBG_DEBUG("INTERNAL_OPEN_ONLY, skipping smbXsrv_open\n");
120 now = timeval_to_nttime(&fsp->open_time);
122 status = smbXsrv_open_create(req->xconn,
123 fsp->conn->session_info,
126 if (!NT_STATUS_IS_OK(status)) {
131 fsp->fnum = op->local_id;
134 req->chain_fsp = fsp;
136 DBG_DEBUG("fsp [%s] mid [%" PRIu64"]\n",
137 fsp_str_dbg(fsp), fsp->mid);
142 NTSTATUS file_new(struct smb_request *req, connection_struct *conn,
143 files_struct **result)
145 struct smbd_server_connection *sconn = conn->sconn;
149 status = fsp_new(conn, conn, &fsp);
150 if (!NT_STATUS_IS_OK(status)) {
154 GetTimeOfDay(&fsp->open_time);
156 status = fsp_bind_smb(fsp, req);
157 if (!NT_STATUS_IS_OK(status)) {
158 file_free(NULL, fsp);
165 * Create an smb_filename with "" for the base_name. There are very
166 * few NULL checks, so make sure it's initialized with something. to
167 * be safe until an audit can be done.
169 fsp->fsp_name = synthetic_smb_fname(fsp,
175 if (fsp->fsp_name == NULL) {
176 file_free(NULL, fsp);
177 return NT_STATUS_NO_MEMORY;
180 DBG_INFO("new file %s\n", fsp_fnum_dbg(fsp));
182 /* A new fsp invalidates the positive and
183 negative fsp_fi_cache as the new fsp is pushed
184 at the start of the list and we search from
185 a cache hit to the *end* of the list. */
187 ZERO_STRUCT(sconn->fsp_fi_cache);
193 NTSTATUS create_internal_fsp(connection_struct *conn,
194 const struct smb_filename *smb_fname,
195 struct files_struct **_fsp)
197 struct files_struct *fsp = NULL;
200 status = file_new(NULL, conn, &fsp);
201 if (!NT_STATUS_IS_OK(status)) {
205 status = fsp_set_smb_fname(fsp, smb_fname);
206 if (!NT_STATUS_IS_OK(status)) {
207 file_free(NULL, fsp);
216 * Create an internal fsp for an *existing* directory.
218 * This should only be used by callers in the VFS that need to control the
219 * opening of the directory. Otherwise use open_internal_dirfsp().
221 NTSTATUS create_internal_dirfsp(connection_struct *conn,
222 const struct smb_filename *smb_dname,
223 struct files_struct **_fsp)
225 struct files_struct *fsp = NULL;
228 status = create_internal_fsp(conn, smb_dname, &fsp);
229 if (!NT_STATUS_IS_OK(status)) {
233 fsp->access_mask = FILE_LIST_DIRECTORY;
234 fsp->fsp_flags.is_directory = true;
235 fsp->fsp_flags.is_dirfsp = true;
242 * Open an internal fsp for an *existing* directory.
244 NTSTATUS open_internal_dirfsp(connection_struct *conn,
245 const struct smb_filename *smb_dname,
247 struct files_struct **_fsp)
249 struct vfs_open_how how = { .flags = _open_flags, };
250 struct files_struct *fsp = NULL;
253 status = create_internal_dirfsp(conn, smb_dname, &fsp);
254 if (!NT_STATUS_IS_OK(status)) {
259 how.flags |= O_DIRECTORY;
261 status = fd_openat(conn->cwd_fsp, fsp->fsp_name, fsp, &how);
262 if (!NT_STATUS_IS_OK(status)) {
263 DBG_INFO("Could not open fd for %s (%s)\n",
264 smb_fname_str_dbg(smb_dname),
266 file_free(NULL, fsp);
270 status = vfs_stat_fsp(fsp);
271 if (!NT_STATUS_IS_OK(status)) {
272 file_free(NULL, fsp);
276 if (!S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
277 DBG_ERR("%s is not a directory!\n",
278 smb_fname_str_dbg(smb_dname));
279 file_free(NULL, fsp);
280 return NT_STATUS_NOT_A_DIRECTORY;
283 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
290 * Convert a pathref dirfsp into a real fsp. No need to do any cwd
291 * tricks, we just open ".".
293 NTSTATUS openat_internal_dir_from_pathref(
294 struct files_struct *dirfsp,
296 struct files_struct **_fsp)
298 struct connection_struct *conn = dirfsp->conn;
299 struct smb_filename *smb_dname = dirfsp->fsp_name;
300 struct files_struct *fsp = NULL;
302 struct smb_filename smb_dot = {
304 .flags = smb_dname->flags,
305 .twrp = smb_dname->twrp,
307 struct vfs_open_how how = { .flags = _open_flags, };
310 status = create_internal_dirfsp(conn, smb_dname, &fsp);
311 if (!NT_STATUS_IS_OK(status)) {
316 * Pointless for opening ".", but you never know...
318 how.flags |= O_NOFOLLOW;
320 status = fd_openat(dirfsp, &smb_dot, fsp, &how);
321 if (!NT_STATUS_IS_OK(status)) {
322 DBG_INFO("fd_openat(\"%s\", \".\") failed: %s\n",
325 file_free(NULL, fsp);
329 fsp->fsp_name->st = smb_dname->st;
330 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
336 * The "link" in the name doesn't imply link in the filesystem
337 * sense. It's a object that "links" together an fsp and an smb_fname
338 * and the link allocated as talloc child of an fsp.
340 * The link is created for fsps that openat_pathref_fsp() returns in
341 * smb_fname->fsp. When this fsp is freed by file_free() by some caller
342 * somewhere, the destructor fsp_smb_fname_link_destructor() on the link object
343 * will use the link to reset the reference in smb_fname->fsp that is about to
346 * This prevents smb_fname_internal_fsp_destructor() from seeing dangling fsp
350 struct fsp_smb_fname_link {
351 struct fsp_smb_fname_link **smb_fname_link;
352 struct files_struct **smb_fname_fsp;
355 static int fsp_smb_fname_link_destructor(struct fsp_smb_fname_link *link)
357 if (link->smb_fname_link == NULL) {
361 *link->smb_fname_link = NULL;
362 *link->smb_fname_fsp = NULL;
366 static NTSTATUS fsp_smb_fname_link(struct files_struct *fsp,
367 struct fsp_smb_fname_link **smb_fname_link,
368 struct files_struct **smb_fname_fsp)
370 struct fsp_smb_fname_link *link = NULL;
372 SMB_ASSERT(*smb_fname_link == NULL);
373 SMB_ASSERT(*smb_fname_fsp == NULL);
375 link = talloc_zero(fsp, struct fsp_smb_fname_link);
377 return NT_STATUS_NO_MEMORY;
380 link->smb_fname_link = smb_fname_link;
381 link->smb_fname_fsp = smb_fname_fsp;
382 *smb_fname_link = link;
383 *smb_fname_fsp = fsp;
385 talloc_set_destructor(link, fsp_smb_fname_link_destructor);
390 * Free a link, carefully avoiding to trigger the link destructor
392 static void destroy_fsp_smb_fname_link(struct fsp_smb_fname_link **_link)
394 struct fsp_smb_fname_link *link = *_link;
399 talloc_set_destructor(link, NULL);
405 * Talloc destructor set on an smb_fname set by openat_pathref_fsp() used to
406 * close the embedded smb_fname->fsp.
408 static int smb_fname_fsp_destructor(struct smb_filename *smb_fname)
410 struct files_struct *fsp = smb_fname->fsp;
411 struct files_struct *base_fsp = NULL;
413 int saved_errno = errno;
415 destroy_fsp_smb_fname_link(&smb_fname->fsp_link);
422 if (fsp_is_alternate_stream(fsp)) {
423 base_fsp = fsp->base_fsp;
426 status = fd_close(fsp);
427 if (!NT_STATUS_IS_OK(status)) {
428 DBG_ERR("Closing fd for fsp [%s] failed: %s. "
429 "Please check your filesystem!!!\n",
430 fsp_str_dbg(fsp), nt_errstr(status));
432 file_free(NULL, fsp);
433 smb_fname->fsp = NULL;
435 if (base_fsp != NULL) {
436 base_fsp->stream_fsp = NULL;
437 status = fd_close(base_fsp);
438 if (!NT_STATUS_IS_OK(status)) {
439 DBG_ERR("Closing fd for base_fsp [%s] failed: %s. "
440 "Please check your filesystem!!!\n",
441 fsp_str_dbg(base_fsp), nt_errstr(status));
443 file_free(NULL, base_fsp);
450 static NTSTATUS openat_pathref_fullname(
451 struct connection_struct *conn,
452 const struct files_struct *dirfsp,
453 struct files_struct *basefsp,
454 struct smb_filename **full_fname,
455 struct smb_filename *smb_fname,
456 const struct vfs_open_how *how)
458 struct files_struct *fsp = NULL;
459 bool have_dirfsp = (dirfsp != NULL);
460 bool have_basefsp = (basefsp != NULL);
463 DBG_DEBUG("smb_fname [%s]\n", smb_fname_str_dbg(smb_fname));
465 SMB_ASSERT(smb_fname->fsp == NULL);
466 SMB_ASSERT(have_dirfsp != have_basefsp);
468 status = fsp_new(conn, conn, &fsp);
469 if (!NT_STATUS_IS_OK(status)) {
473 GetTimeOfDay(&fsp->open_time);
475 ZERO_STRUCT(conn->sconn->fsp_fi_cache);
477 fsp->fsp_flags.is_pathref = true;
479 status = fsp_attach_smb_fname(fsp, full_fname);
480 if (!NT_STATUS_IS_OK(status)) {
483 fsp_set_base_fsp(fsp, basefsp);
485 status = fd_openat(dirfsp, smb_fname, fsp, how);
486 if (!NT_STATUS_IS_OK(status)) {
488 smb_fname->st = fsp->fsp_name->st;
490 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND) ||
491 NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_PATH_NOT_FOUND) ||
492 NT_STATUS_EQUAL(status, NT_STATUS_STOPPED_ON_SYMLINK))
495 * streams_xattr return NT_STATUS_NOT_FOUND for
496 * opens of not yet existing streams.
498 * ELOOP maps to NT_STATUS_OBJECT_PATH_NOT_FOUND
499 * and this will result from a open request from
500 * a POSIX client on a symlink.
502 * NT_STATUS_OBJECT_NAME_NOT_FOUND is the simple
505 * NT_STATUS_STOPPED_ON_SYMLINK is returned when trying
506 * to open a symlink, our callers are not interested in
509 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
515 * fd_openat() has done an FSTAT on the handle
516 * so update the smb_fname stat info with "truth".
519 smb_fname->st = fsp->fsp_name->st;
521 fsp->fsp_flags.is_directory = S_ISDIR(fsp->fsp_name->st.st_ex_mode);
523 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
525 status = fsp_smb_fname_link(fsp,
526 &smb_fname->fsp_link,
528 if (!NT_STATUS_IS_OK(status)) {
532 DBG_DEBUG("fsp [%s]: OK\n", fsp_str_dbg(fsp));
534 talloc_set_destructor(smb_fname, smb_fname_fsp_destructor);
538 DBG_DEBUG("Opening pathref for [%s] failed: %s\n",
539 smb_fname_str_dbg(smb_fname),
542 fsp_set_base_fsp(fsp, NULL);
544 file_free(NULL, fsp);
549 * Open an internal O_PATH based fsp for smb_fname. If O_PATH is not
550 * available, open O_RDONLY as root. Both is done in fd_open() ->
551 * non_widelink_open(), triggered by setting fsp->fsp_flags.is_pathref to
554 NTSTATUS openat_pathref_fsp(const struct files_struct *dirfsp,
555 struct smb_filename *smb_fname)
557 connection_struct *conn = dirfsp->conn;
558 struct smb_filename *full_fname = NULL;
559 struct smb_filename *base_fname = NULL;
560 struct vfs_open_how how = { .flags = O_RDONLY|O_NONBLOCK, };
563 DBG_DEBUG("smb_fname [%s]\n", smb_fname_str_dbg(smb_fname));
565 if (smb_fname->fsp != NULL) {
566 /* We already have one for this name. */
567 DBG_DEBUG("smb_fname [%s] already has a pathref fsp.\n",
568 smb_fname_str_dbg(smb_fname));
572 if (is_named_stream(smb_fname) &&
573 ((conn->fs_capabilities & FILE_NAMED_STREAMS) == 0)) {
574 DBG_DEBUG("stream open [%s] on non-stream share\n",
575 smb_fname_str_dbg(smb_fname));
576 return NT_STATUS_OBJECT_NAME_INVALID;
579 if (!is_named_stream(smb_fname)) {
581 * openat_pathref_fullname() will make "full_fname" a
582 * talloc child of the smb_fname->fsp. Don't use
583 * talloc_tos() to allocate it to avoid making the
584 * talloc stackframe pool long-lived.
586 full_fname = full_path_from_dirfsp_atname(
590 if (full_fname == NULL) {
591 status = NT_STATUS_NO_MEMORY;
594 status = openat_pathref_fullname(
595 conn, dirfsp, NULL, &full_fname, smb_fname, &how);
596 TALLOC_FREE(full_fname);
603 base_fname = cp_smb_filename_nostream(conn, smb_fname);
604 if (base_fname == NULL) {
605 return NT_STATUS_NO_MEMORY;
608 full_fname = full_path_from_dirfsp_atname(
609 conn, /* no talloc_tos(), see comment above */
612 if (full_fname == NULL) {
613 status = NT_STATUS_NO_MEMORY;
617 status = openat_pathref_fullname(
618 conn, dirfsp, NULL, &full_fname, base_fname, &how);
619 TALLOC_FREE(full_fname);
620 if (!NT_STATUS_IS_OK(status)) {
621 DBG_DEBUG("openat_pathref_fullname() failed: %s\n",
626 status = open_stream_pathref_fsp(&base_fname->fsp, smb_fname);
627 if (!NT_STATUS_IS_OK(status)) {
628 DBG_DEBUG("open_stream_pathref_fsp failed: %s\n",
633 smb_fname_fsp_unlink(base_fname);
635 TALLOC_FREE(base_fname);
640 * Open a stream given an already opened base_fsp. Avoid
641 * non_widelink_open: This is only valid for the case where we have a
642 * valid non-cwd_fsp dirfsp that we can pass to SMB_VFS_OPENAT()
644 NTSTATUS open_stream_pathref_fsp(
645 struct files_struct **_base_fsp,
646 struct smb_filename *smb_fname)
648 struct files_struct *base_fsp = *_base_fsp;
649 connection_struct *conn = base_fsp->conn;
650 struct smb_filename *base_fname = base_fsp->fsp_name;
651 struct smb_filename *full_fname = NULL;
652 struct vfs_open_how how = { .flags = O_RDONLY|O_NONBLOCK, };
655 SMB_ASSERT(smb_fname->fsp == NULL);
656 SMB_ASSERT(is_named_stream(smb_fname));
658 full_fname = synthetic_smb_fname(
659 conn, /* no talloc_tos(), this will be long-lived */
660 base_fname->base_name,
661 smb_fname->stream_name,
665 if (full_fname == NULL) {
666 return NT_STATUS_NO_MEMORY;
669 status = openat_pathref_fullname(
670 conn, NULL, base_fsp, &full_fname, smb_fname, &how);
671 TALLOC_FREE(full_fname);
675 static char *path_to_strv(TALLOC_CTX *mem_ctx, const char *path)
677 char *result = talloc_strdup(mem_ctx, path);
679 if (result == NULL) {
682 string_replace(result, '/', '\0');
686 NTSTATUS readlink_talloc(
688 struct files_struct *dirfsp,
689 struct smb_filename *smb_relname,
692 struct smb_filename null_fname = {
693 .base_name = discard_const_p(char, ""),
700 if (smb_relname == NULL) {
702 * We have a Linux O_PATH handle in dirfsp and want to
703 * read its value, essentially a freadlink
705 smb_relname = &null_fname;
708 ret = SMB_VFS_READLINKAT(
709 dirfsp->conn, dirfsp, smb_relname, buf, sizeof(buf));
711 status = map_nt_error_from_unix(errno);
712 DBG_DEBUG("SMB_VFS_READLINKAT() failed: %s\n",
717 if ((size_t)ret == sizeof(buf)) {
719 * Do we need symlink targets longer than PATH_MAX?
721 DBG_DEBUG("Got full %zu bytes from readlink, too long\n",
723 return NT_STATUS_BUFFER_OVERFLOW;
726 substitute = talloc_strndup(mem_ctx, buf, ret);
727 if (substitute == NULL) {
728 DBG_DEBUG("talloc_strndup() failed\n");
729 return NT_STATUS_NO_MEMORY;
732 *_substitute = substitute;
736 NTSTATUS read_symlink_reparse(TALLOC_CTX *mem_ctx,
737 struct files_struct *dirfsp,
738 struct smb_filename *smb_relname,
739 struct reparse_data_buffer **_reparse)
741 struct reparse_data_buffer *reparse = NULL;
742 struct symlink_reparse_struct *lnk = NULL;
745 reparse = talloc_zero(mem_ctx, struct reparse_data_buffer);
746 if (reparse == NULL) {
749 *reparse = (struct reparse_data_buffer){
750 .tag = IO_REPARSE_TAG_SYMLINK,
752 lnk = &reparse->parsed.lnk;
754 status = readlink_talloc(reparse,
757 &lnk->substitute_name);
758 if (!NT_STATUS_IS_OK(status)) {
759 DBG_DEBUG("readlink_talloc failed: %s\n", nt_errstr(status));
763 if (lnk->substitute_name[0] == '/') {
764 char *subdir_path = NULL;
765 char *abs_target_canon = NULL;
766 const char *relative = NULL;
769 subdir_path = talloc_asprintf(talloc_tos(),
771 dirfsp->conn->connectpath,
772 dirfsp->fsp_name->base_name);
773 if (subdir_path == NULL) {
777 abs_target_canon = canonicalize_absolute_path(
778 talloc_tos(), lnk->substitute_name);
779 if (abs_target_canon == NULL) {
783 in_share = subdir_of(subdir_path,
788 TALLOC_FREE(lnk->substitute_name);
789 lnk->substitute_name = talloc_strdup(reparse,
791 if (lnk->substitute_name == NULL) {
797 if (!IS_DIRECTORY_SEP(lnk->substitute_name[0])) {
798 lnk->flags |= SYMLINK_FLAG_RELATIVE;
804 status = NT_STATUS_NO_MEMORY;
806 TALLOC_FREE(reparse);
810 static bool full_path_extend(char **dir, const char *atname)
812 talloc_asprintf_addbuf(dir,
814 (*dir)[0] == '\0' ? "" : "/",
816 return (*dir) != NULL;
820 * Create the memcache-key for GETREALFILENAME_CACHE: This supplements
821 * the stat cache for the last component to be looked up. Cache
822 * contents is the correctly capitalized translation of the parameter
823 * "name" as it exists on disk. This is indexed by inode of the dirfsp
824 * and name, and contrary to stat_cahce_lookup() it does not
825 * vfs_stat() the last component. This will be taken care of by an
826 * attempt to do a openat_pathref_fsp().
828 static bool get_real_filename_cache_key(TALLOC_CTX *mem_ctx,
829 struct files_struct *dirfsp,
833 struct file_id fid = vfs_file_id_from_sbuf(dirfsp->conn,
834 &dirfsp->fsp_name->st);
837 size_t namelen, keylen;
839 upper = talloc_strdup_upper(mem_ctx, name);
843 namelen = talloc_get_size(upper);
845 keylen = namelen + sizeof(fid);
846 if (keylen < sizeof(fid)) {
851 key = talloc_size(mem_ctx, keylen);
857 memcpy(key, &fid, sizeof(fid));
858 memcpy(key + sizeof(fid), upper, namelen);
868 static int smb_vfs_openat_ci(TALLOC_CTX *mem_ctx,
870 struct connection_struct *conn,
871 struct files_struct *dirfsp,
872 struct smb_filename *smb_fname_rel,
874 const struct vfs_open_how *how)
876 char *orig_base_name = smb_fname_rel->base_name;
877 DATA_BLOB cache_key = {
880 DATA_BLOB cache_value = {
887 fd = SMB_VFS_OPENAT(conn, dirfsp, smb_fname_rel, fsp, how);
888 if ((fd >= 0) || case_sensitive) {
891 if (errno != ENOENT) {
895 if (!lp_stat_cache()) {
899 ok = get_real_filename_cache_key(mem_ctx,
905 * probably ENOMEM, just bail
911 DO_PROFILE_INC(statcache_lookups);
913 ok = memcache_lookup(NULL,
914 GETREALFILENAME_CACHE,
918 DO_PROFILE_INC(statcache_misses);
921 DO_PROFILE_INC(statcache_hits);
923 smb_fname_rel->base_name = talloc_strndup(mem_ctx,
924 (char *)cache_value.data,
926 if (smb_fname_rel->base_name == NULL) {
927 TALLOC_FREE(cache_key.data);
928 smb_fname_rel->base_name = orig_base_name;
933 if (IS_VETO_PATH(dirfsp->conn, smb_fname_rel->base_name)) {
934 DBG_DEBUG("veto files rejecting last component %s\n",
935 smb_fname_str_dbg(smb_fname_rel));
936 TALLOC_FREE(cache_key.data);
937 smb_fname_rel->base_name = orig_base_name;
942 fd = SMB_VFS_OPENAT(conn, dirfsp, smb_fname_rel, fsp, how);
944 TALLOC_FREE(cache_key.data);
948 memcache_delete(NULL, GETREALFILENAME_CACHE, cache_key);
951 * For the "new filename" case we need to preserve the
952 * capitalization the client sent us, see
953 * https://bugzilla.samba.org/show_bug.cgi?id=15481
955 TALLOC_FREE(smb_fname_rel->base_name);
956 smb_fname_rel->base_name = orig_base_name;
960 status = get_real_filename_at(dirfsp,
963 &smb_fname_rel->base_name);
964 if (!NT_STATUS_IS_OK(status)) {
965 DBG_DEBUG("get_real_filename_at() failed: %s\n",
971 if (IS_VETO_PATH(conn, smb_fname_rel->base_name)) {
972 DBG_DEBUG("found veto files path component "
975 smb_fname_rel->base_name);
976 TALLOC_FREE(smb_fname_rel->base_name);
977 smb_fname_rel->base_name = orig_base_name;
982 fd = SMB_VFS_OPENAT(conn, dirfsp, smb_fname_rel, fsp, how);
984 if ((fd >= 0) && (cache_key.data != NULL)) {
986 .data = (uint8_t *)smb_fname_rel->base_name,
987 .length = strlen(smb_fname_rel->base_name) + 1,
990 memcache_add(NULL, GETREALFILENAME_CACHE, cache_key, value);
991 TALLOC_FREE(cache_key.data);
997 NTSTATUS openat_pathref_fsp_nosymlink(
999 struct connection_struct *conn,
1000 struct files_struct *in_dirfsp,
1001 const char *path_in,
1004 struct smb_filename **_smb_fname,
1005 struct reparse_data_buffer **_symlink_err)
1007 struct files_struct *dirfsp = in_dirfsp;
1008 struct smb_filename full_fname = {
1011 .flags = posix ? SMB_FILENAME_POSIX_PATH : 0,
1013 struct smb_filename rel_fname = {
1016 .flags = full_fname.flags,
1018 struct smb_filename *result = NULL;
1019 struct reparse_data_buffer *symlink_err = NULL;
1020 struct files_struct *fsp = NULL;
1021 char *path = NULL, *next = NULL;
1022 bool ok, is_toplevel;
1025 struct vfs_open_how how = {
1026 .flags = O_NOFOLLOW | O_NONBLOCK,
1030 DBG_DEBUG("path_in=%s\n", path_in);
1032 status = fsp_new(conn, conn, &fsp);
1033 if (!NT_STATUS_IS_OK(status)) {
1034 DBG_DEBUG("fsp_new() failed: %s\n", nt_errstr(status));
1038 GetTimeOfDay(&fsp->open_time);
1039 fsp_set_gen_id(fsp);
1040 ZERO_STRUCT(conn->sconn->fsp_fi_cache);
1042 fsp->fsp_name = &full_fname;
1046 * Add O_PATH manually, doing this by setting
1047 * fsp->fsp_flags.is_pathref will make us become_root() in the
1048 * non-O_PATH case, which would cause a security problem.
1050 how.flags |= O_PATH;
1054 * O_SEARCH just checks for the "x" bit. We are traversing
1055 * directories, so we don't need the implicit O_RDONLY ("r"
1056 * permissions) but only the "x"-permissions requested by
1057 * O_SEARCH. We need either O_PATH or O_SEARCH to correctly
1058 * function, without either we will incorrectly require also
1059 * the "r" bit when traversing the directory hierarchy.
1061 how.flags |= O_SEARCH;
1065 is_toplevel = (dirfsp == dirfsp->conn->cwd_fsp);
1066 is_toplevel |= ISDOT(dirfsp->fsp_name->base_name);
1068 full_fname.base_name =
1069 talloc_strdup(talloc_tos(),
1070 is_toplevel ? "" : dirfsp->fsp_name->base_name);
1071 if (full_fname.base_name == NULL) {
1072 DBG_DEBUG("talloc_strdup() failed\n");
1077 * First split the path into individual components.
1079 path = path_to_strv(talloc_tos(), path_in);
1081 DBG_DEBUG("path_to_strv() failed\n");
1086 * First we loop over all components
1087 * in order to verify, there's no '.' or '..'
1089 rel_fname.base_name = path;
1090 while (rel_fname.base_name != NULL) {
1092 next = strv_next(path, rel_fname.base_name);
1095 * Path sanitizing further up has cleaned or rejected
1096 * empty path components. Assert this here.
1098 SMB_ASSERT(rel_fname.base_name[0] != '\0');
1100 if (ISDOT(rel_fname.base_name) ||
1101 ISDOTDOT(rel_fname.base_name)) {
1102 DBG_DEBUG("%s contains a dot\n", path_in);
1103 status = NT_STATUS_OBJECT_NAME_INVALID;
1107 /* Check veto files. */
1108 if (IS_VETO_PATH(conn, rel_fname.base_name)) {
1109 DBG_DEBUG("%s contains veto files path component %s\n",
1110 path_in, rel_fname.base_name);
1111 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
1115 rel_fname.base_name = next;
1118 if (conn->open_how_resolve & VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS) {
1121 * Try a direct openat2 with RESOLVE_NO_SYMLINKS to
1122 * avoid the openat/close loop further down.
1125 rel_fname.base_name = discard_const_p(char, path_in);
1126 how.resolve = VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS;
1128 fd = SMB_VFS_OPENAT(conn, dirfsp, &rel_fname, fsp, &how);
1130 fsp_set_fd(fsp, fd);
1131 ok = full_path_extend(&full_fname.base_name,
1132 rel_fname.base_name);
1139 status = map_nt_error_from_unix(errno);
1140 DBG_DEBUG("SMB_VFS_OPENAT(%s, %s, RESOLVE_NO_SYMLINKS) "
1141 "returned %d %s => %s\n",
1142 smb_fname_str_dbg(dirfsp->fsp_name), path_in,
1143 errno, strerror(errno), nt_errstr(status));
1144 SMB_ASSERT(fd == -1);
1148 * We got ENOSYS, so fallback to the old code
1149 * if the kernel doesn't support openat2() yet.
1156 * For ELOOP we also fallback in order to
1157 * return the correct information with
1158 * NT_STATUS_STOPPED_ON_SYMLINK.
1160 * O_NOFOLLOW|O_DIRECTORY results in
1161 * ENOTDIR instead of ELOOP for the final
1168 * If we got ENOENT, the filesystem could
1169 * be case sensitive. For now we only do
1170 * the get_real_filename_at() dance in
1171 * the fallback loop below.
1180 * Just fallback to the openat loop
1186 * Now we loop over all components
1187 * opening each one and using it
1188 * as dirfd for the next one.
1190 * It means we can detect symlinks
1193 rel_fname.base_name = path;
1195 next = strv_next(path, rel_fname.base_name);
1197 fd = smb_vfs_openat_ci(talloc_tos(),
1198 posix || conn->case_sensitive,
1206 if ((fd == -1) && (errno == ELOOP)) {
1210 * openat() hit a symlink. With O_PATH we open the
1211 * symlink and get ENOTDIR in the next round, see
1215 status = read_symlink_reparse(mem_ctx,
1219 if (!NT_STATUS_IS_OK(status)) {
1220 DBG_DEBUG("read_symlink_reparse failed: %s\n",
1226 size_t parsed = next - path;
1227 size_t len = talloc_get_size(path);
1228 size_t unparsed = len - parsed;
1230 if (unparsed > UINT16_MAX) {
1231 status = NT_STATUS_BUFFER_OVERFLOW;
1234 symlink_err->parsed.lnk
1235 .unparsed_path_length = unparsed;
1239 * We know rel_fname is a symlink, now fill in the
1240 * rest of the metadata for our callers.
1243 ret = SMB_VFS_FSTATAT(conn,
1247 AT_SYMLINK_NOFOLLOW);
1249 status = map_nt_error_from_unix(errno);
1250 DBG_DEBUG("SMB_VFS_FSTATAT(%s/%s) failed: %s\n",
1251 fsp_str_dbg(dirfsp),
1252 rel_fname.base_name,
1254 TALLOC_FREE(symlink_err);
1258 if (!S_ISLNK(full_fname.st.st_ex_mode)) {
1260 * Hit a race: readlink_talloc() worked before
1261 * the fstatat(), but rel_fname changed to
1262 * something that's not a symlink.
1264 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
1265 TALLOC_FREE(symlink_err);
1269 status = NT_STATUS_STOPPED_ON_SYMLINK;
1274 if ((fd == -1) && (errno == ENOTDIR)) {
1275 size_t parsed, len, unparsed;
1278 * dirfsp does not point at a directory, try a
1282 status = read_symlink_reparse(mem_ctx,
1287 if (!NT_STATUS_IS_OK(status)) {
1288 DBG_DEBUG("read_symlink_reparse failed: %s\n",
1290 status = NT_STATUS_NOT_A_DIRECTORY;
1294 parsed = rel_fname.base_name - path;
1295 len = talloc_get_size(path);
1296 unparsed = len - parsed;
1298 if (unparsed > UINT16_MAX) {
1299 status = NT_STATUS_BUFFER_OVERFLOW;
1303 symlink_err->parsed.lnk.unparsed_path_length = unparsed;
1305 status = NT_STATUS_STOPPED_ON_SYMLINK;
1310 status = map_nt_error_from_unix(errno);
1311 DBG_DEBUG("SMB_VFS_OPENAT() failed: %s\n",
1315 fsp_set_fd(fsp, fd);
1317 ok = full_path_extend(&full_fname.base_name, rel_fname.base_name);
1323 struct files_struct *tmp = NULL;
1325 if (dirfsp != in_dirfsp) {
1332 if (tmp == in_dirfsp) {
1333 status = fsp_new(conn, conn, &fsp);
1334 if (!NT_STATUS_IS_OK(status)) {
1335 DBG_DEBUG("fsp_new() failed: %s\n",
1339 fsp->fsp_name = &full_fname;
1344 rel_fname.base_name = next;
1349 if (dirfsp != in_dirfsp) {
1350 SMB_ASSERT(fsp_get_pathref_fd(dirfsp) != -1);
1352 dirfsp->fsp_name = NULL;
1353 file_free(NULL, dirfsp);
1358 fsp->fsp_flags.is_pathref = true;
1359 fsp->fsp_name = NULL;
1361 status = fsp_set_smb_fname(fsp, &full_fname);
1362 if (!NT_STATUS_IS_OK(status)) {
1363 DBG_DEBUG("fsp_set_smb_fname() failed: %s\n",
1368 status = vfs_stat_fsp(fsp);
1369 if (!NT_STATUS_IS_OK(status)) {
1370 DBG_DEBUG("vfs_stat_fsp(%s) failed: %s\n",
1376 if (S_ISLNK(fsp->fsp_name->st.st_ex_mode)) {
1378 * Last component was a symlink we opened with O_PATH, fail it
1381 status = read_symlink_reparse(mem_ctx,
1385 if (!NT_STATUS_IS_OK(status)) {
1389 status = NT_STATUS_STOPPED_ON_SYMLINK;
1394 * We must correctly set fsp->file_id as code inside
1395 * open.c will use this to check if delete_on_close
1396 * has been set on the dirfsp.
1398 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
1400 result = cp_smb_filename(mem_ctx, fsp->fsp_name);
1401 if (result == NULL) {
1402 DBG_DEBUG("cp_smb_filename() failed\n");
1406 status = fsp_smb_fname_link(fsp,
1409 if (!NT_STATUS_IS_OK(status)) {
1412 talloc_set_destructor(result, smb_fname_fsp_destructor);
1414 *_smb_fname = result;
1416 DBG_DEBUG("returning %s\n", smb_fname_str_dbg(result));
1418 return NT_STATUS_OK;
1421 status = NT_STATUS_NO_MEMORY;
1424 if (fsp_get_pathref_fd(fsp) != -1) {
1427 file_free(NULL, fsp);
1431 if ((dirfsp != NULL) && (dirfsp != in_dirfsp)) {
1432 SMB_ASSERT(fsp_get_pathref_fd(dirfsp) != -1);
1434 dirfsp->fsp_name = NULL;
1435 file_free(NULL, dirfsp);
1439 if (NT_STATUS_EQUAL(status, NT_STATUS_STOPPED_ON_SYMLINK)) {
1440 *_symlink_err = symlink_err;
1448 * Open smb_fname_rel->fsp as a pathref fsp with a case insensitive
1449 * fallback using GETREALFILENAME_CACHE and get_real_filename_at() if
1450 * the first attempt based on the filename sent by the client gives
1453 NTSTATUS openat_pathref_fsp_lcomp(struct files_struct *dirfsp,
1454 struct smb_filename *smb_fname_rel,
1457 struct connection_struct *conn = dirfsp->conn;
1458 const char *orig_rel_base_name = smb_fname_rel->base_name;
1459 struct files_struct *fsp = NULL;
1460 struct smb_filename *full_fname = NULL;
1461 struct vfs_open_how how = {
1462 .flags = O_RDONLY | O_NONBLOCK | O_NOFOLLOW,
1468 * Make sure we don't need of the all the magic in
1469 * openat_pathref_fsp() with regards non_widelink_open etc.
1472 SMB_ASSERT((smb_fname_rel->fsp == NULL) &&
1473 (dirfsp != dirfsp->conn->cwd_fsp) &&
1474 (strchr_m(smb_fname_rel->base_name, '/') == NULL) &&
1475 !is_named_stream(smb_fname_rel));
1477 SET_STAT_INVALID(smb_fname_rel->st);
1479 /* Check veto files - only looks at last component. */
1480 if (IS_VETO_PATH(dirfsp->conn, smb_fname_rel->base_name)) {
1481 DBG_DEBUG("veto files rejecting last component %s\n",
1482 smb_fname_str_dbg(smb_fname_rel));
1483 return NT_STATUS_NETWORK_OPEN_RESTRICTION;
1486 status = fsp_new(conn, conn, &fsp);
1487 if (!NT_STATUS_IS_OK(status)) {
1488 DBG_DEBUG("fsp_new() failed: %s\n", nt_errstr(status));
1492 GetTimeOfDay(&fsp->open_time);
1493 fsp_set_gen_id(fsp);
1494 ZERO_STRUCT(conn->sconn->fsp_fi_cache);
1496 fsp->fsp_flags.is_pathref = true;
1498 full_fname = full_path_from_dirfsp_atname(conn, dirfsp, smb_fname_rel);
1499 if (full_fname == NULL) {
1500 DBG_DEBUG("full_path_from_dirfsp_atname(%s/%s) failed\n",
1501 dirfsp->fsp_name->base_name,
1502 smb_fname_rel->base_name);
1503 file_free(NULL, fsp);
1504 return NT_STATUS_NO_MEMORY;
1507 status = fsp_attach_smb_fname(fsp, &full_fname);
1508 if (!NT_STATUS_IS_OK(status)) {
1509 DBG_DEBUG("fsp_attach_smb_fname(fsp, %s) failed: %s\n",
1510 smb_fname_str_dbg(full_fname),
1512 file_free(NULL, fsp);
1516 fd = smb_vfs_openat_ci(smb_fname_rel,
1517 (ucf_flags & UCF_POSIX_PATHNAMES) ||
1518 conn->case_sensitive,
1525 if ((fd == -1) && (errno == ENOENT)) {
1526 status = map_nt_error_from_unix(errno);
1527 DBG_DEBUG("smb_vfs_openat(%s/%s) failed: %s\n",
1528 dirfsp->fsp_name->base_name,
1529 smb_fname_rel->base_name,
1531 file_free(NULL, fsp);
1535 if (smb_fname_rel->base_name != orig_rel_base_name) {
1536 struct smb_filename new_fullname = *smb_fname_rel;
1538 DBG_DEBUG("rel->base_name changed from %s to %s\n",
1540 smb_fname_rel->base_name);
1542 new_fullname.base_name = full_path_from_dirfsp_at_basename(
1543 talloc_tos(), dirfsp, new_fullname.base_name);
1544 if (new_fullname.base_name == NULL) {
1546 file_free(NULL, fsp);
1547 return NT_STATUS_NO_MEMORY;
1550 status = fsp_set_smb_fname(fsp, &new_fullname);
1551 if (!NT_STATUS_IS_OK(status)) {
1553 file_free(NULL, fsp);
1558 fsp_set_fd(fsp, fd);
1561 ret = SMB_VFS_FSTAT(fsp, &fsp->fsp_name->st);
1563 ret = SMB_VFS_FSTATAT(fsp->conn,
1567 AT_SYMLINK_NOFOLLOW);
1570 status = map_nt_error_from_unix(errno);
1571 DBG_DEBUG("SMB_VFS_%sSTAT(%s/%s) failed: %s\n",
1572 (fd >= 0) ? "F" : "",
1573 dirfsp->fsp_name->base_name,
1574 smb_fname_rel->base_name,
1577 file_free(NULL, fsp);
1581 fsp->fsp_flags.is_directory = S_ISDIR(fsp->fsp_name->st.st_ex_mode);
1582 fsp->file_id = vfs_file_id_from_sbuf(conn, &fsp->fsp_name->st);
1584 smb_fname_rel->st = fsp->fsp_name->st;
1586 status = fsp_smb_fname_link(fsp,
1587 &smb_fname_rel->fsp_link,
1588 &smb_fname_rel->fsp);
1589 if (!NT_STATUS_IS_OK(status)) {
1590 DBG_DEBUG("fsp_smb_fname_link() failed: %s\n",
1593 file_free(NULL, fsp);
1597 DBG_DEBUG("fsp [%s]: OK, fd=%d\n", fsp_str_dbg(fsp), fd);
1599 talloc_set_destructor(smb_fname_rel, smb_fname_fsp_destructor);
1600 return NT_STATUS_OK;
1603 void smb_fname_fsp_unlink(struct smb_filename *smb_fname)
1605 talloc_set_destructor(smb_fname, NULL);
1606 smb_fname->fsp = NULL;
1607 destroy_fsp_smb_fname_link(&smb_fname->fsp_link);
1611 * Move any existing embedded fsp refs from the src name to the
1612 * destination. It's safe to call this on src smb_fname's that have no embedded
1615 NTSTATUS move_smb_fname_fsp_link(struct smb_filename *smb_fname_dst,
1616 struct smb_filename *smb_fname_src)
1621 * The target should always not be linked yet!
1623 SMB_ASSERT(smb_fname_dst->fsp == NULL);
1624 SMB_ASSERT(smb_fname_dst->fsp_link == NULL);
1626 if (smb_fname_src->fsp == NULL) {
1627 return NT_STATUS_OK;
1630 status = fsp_smb_fname_link(smb_fname_src->fsp,
1631 &smb_fname_dst->fsp_link,
1632 &smb_fname_dst->fsp);
1633 if (!NT_STATUS_IS_OK(status)) {
1637 talloc_set_destructor(smb_fname_dst, smb_fname_fsp_destructor);
1639 smb_fname_fsp_unlink(smb_fname_src);
1641 return NT_STATUS_OK;
1644 static int fsp_ref_no_close_destructor(struct smb_filename *smb_fname)
1646 destroy_fsp_smb_fname_link(&smb_fname->fsp_link);
1650 NTSTATUS reference_smb_fname_fsp_link(struct smb_filename *smb_fname_dst,
1651 const struct smb_filename *smb_fname_src)
1656 * The target should always not be linked yet!
1658 SMB_ASSERT(smb_fname_dst->fsp == NULL);
1659 SMB_ASSERT(smb_fname_dst->fsp_link == NULL);
1661 if (smb_fname_src->fsp == NULL) {
1662 return NT_STATUS_OK;
1665 status = fsp_smb_fname_link(smb_fname_src->fsp,
1666 &smb_fname_dst->fsp_link,
1667 &smb_fname_dst->fsp);
1668 if (!NT_STATUS_IS_OK(status)) {
1672 talloc_set_destructor(smb_fname_dst, fsp_ref_no_close_destructor);
1674 return NT_STATUS_OK;
1678 * Create an smb_fname and open smb_fname->fsp pathref
1680 NTSTATUS synthetic_pathref(TALLOC_CTX *mem_ctx,
1681 struct files_struct *dirfsp,
1682 const char *base_name,
1683 const char *stream_name,
1684 const SMB_STRUCT_STAT *psbuf,
1687 struct smb_filename **_smb_fname)
1689 struct smb_filename *smb_fname = NULL;
1692 smb_fname = synthetic_smb_fname(mem_ctx,
1698 if (smb_fname == NULL) {
1699 return NT_STATUS_NO_MEMORY;
1702 status = openat_pathref_fsp(dirfsp, smb_fname);
1703 if (!NT_STATUS_IS_OK(status)) {
1704 DBG_NOTICE("opening [%s] failed\n",
1705 smb_fname_str_dbg(smb_fname));
1706 TALLOC_FREE(smb_fname);
1710 *_smb_fname = smb_fname;
1711 return NT_STATUS_OK;
1715 * Turn a path into a parent pathref and atname
1717 * This returns the parent pathref in _parent and the name relative to it. If
1718 * smb_fname was a pathref (ie smb_fname->fsp != NULL), then _atname will be a
1719 * pathref as well, ie _atname->fsp will point at the same fsp as
1722 NTSTATUS parent_pathref(TALLOC_CTX *mem_ctx,
1723 struct files_struct *dirfsp,
1724 const struct smb_filename *smb_fname,
1725 struct smb_filename **_parent,
1726 struct smb_filename **_atname)
1728 struct smb_filename *parent = NULL;
1729 struct smb_filename *atname = NULL;
1732 status = SMB_VFS_PARENT_PATHNAME(dirfsp->conn,
1737 if (!NT_STATUS_IS_OK(status)) {
1742 * We know that the parent name must
1743 * exist, and the name has been canonicalized
1744 * even if this was a POSIX pathname.
1745 * Ensure that we follow symlinks for
1746 * the parent. See the torture test
1747 * POSIX-SYMLINK-PARENT for details.
1749 parent->flags &= ~SMB_FILENAME_POSIX_PATH;
1751 status = openat_pathref_fsp(dirfsp, parent);
1752 if (!NT_STATUS_IS_OK(status)) {
1753 TALLOC_FREE(parent);
1757 status = reference_smb_fname_fsp_link(atname, smb_fname);
1758 if (!NT_STATUS_IS_OK(status)) {
1759 TALLOC_FREE(parent);
1765 return NT_STATUS_OK;
1768 static bool close_file_in_loop(struct files_struct *fsp,
1769 enum file_close_type close_type)
1771 if (fsp_is_alternate_stream(fsp)) {
1773 * This is a stream, it can't be a base
1775 SMB_ASSERT(fsp->stream_fsp == NULL);
1776 SMB_ASSERT(fsp->base_fsp->stream_fsp == fsp);
1779 * Remove the base<->stream link so that
1780 * close_file_free() does not close fsp->base_fsp as
1781 * well. This would destroy walking the linked list of
1784 fsp->base_fsp->stream_fsp = NULL;
1785 fsp->base_fsp = NULL;
1787 close_file_free(NULL, &fsp, close_type);
1791 if (fsp->stream_fsp != NULL) {
1793 * This is the base of a stream.
1795 SMB_ASSERT(fsp->stream_fsp->base_fsp == fsp);
1798 * Remove the base<->stream link. This will make fsp
1799 * look like a normal fsp for the next round.
1801 fsp->stream_fsp->base_fsp = NULL;
1802 fsp->stream_fsp = NULL;
1805 * Have us called back a second time. In the second
1806 * round, "fsp" now looks like a normal fsp.
1811 close_file_free(NULL, &fsp, close_type);
1815 /****************************************************************************
1816 Close all open files for a connection.
1817 ****************************************************************************/
1819 struct file_close_conn_state {
1820 struct connection_struct *conn;
1821 enum file_close_type close_type;
1822 bool fsp_left_behind;
1825 static struct files_struct *file_close_conn_fn(
1826 struct files_struct *fsp,
1829 struct file_close_conn_state *state = private_data;
1832 if (fsp->conn != state->conn) {
1836 if (fsp->op != NULL && fsp->op->global->durable) {
1838 * A tree disconnect closes a durable handle
1840 fsp->op->global->durable = false;
1843 did_close = close_file_in_loop(fsp, state->close_type);
1845 state->fsp_left_behind = true;
1851 void file_close_conn(connection_struct *conn, enum file_close_type close_type)
1853 struct file_close_conn_state state = { .conn = conn,
1854 .close_type = close_type };
1856 files_forall(conn->sconn, file_close_conn_fn, &state);
1858 if (state.fsp_left_behind) {
1859 state.fsp_left_behind = false;
1860 files_forall(conn->sconn, file_close_conn_fn, &state);
1861 SMB_ASSERT(!state.fsp_left_behind);
1865 /****************************************************************************
1866 Initialise file structures.
1867 ****************************************************************************/
1869 static int files_max_open_fds;
1871 bool file_init_global(void)
1873 int request_max = lp_max_open_files();
1877 if (files_max_open_fds != 0) {
1882 * Set the max_open files to be the requested
1883 * max plus a fudgefactor to allow for the extra
1884 * fd's we need such as log files etc...
1886 real_lim = set_maxfiles(request_max + MAX_OPEN_FUDGEFACTOR);
1888 real_max = real_lim - MAX_OPEN_FUDGEFACTOR;
1890 if (real_max + FILE_HANDLE_OFFSET + MAX_OPEN_PIPES > 65536) {
1891 real_max = 65536 - FILE_HANDLE_OFFSET - MAX_OPEN_PIPES;
1894 if (real_max != request_max) {
1895 DEBUG(1, ("file_init_global: Information only: requested %d "
1896 "open files, %d are available.\n",
1897 request_max, real_max));
1900 SMB_ASSERT(real_max > 100);
1902 files_max_open_fds = real_max;
1906 bool file_init(struct smbd_server_connection *sconn)
1910 ok = file_init_global();
1915 sconn->real_max_open_files = files_max_open_fds;
1920 /****************************************************************************
1921 Close files open by a specified vuid.
1922 ****************************************************************************/
1924 struct file_close_user_state {
1926 bool fsp_left_behind;
1929 static struct files_struct *file_close_user_fn(
1930 struct files_struct *fsp,
1933 struct file_close_user_state *state = private_data;
1936 if (fsp->vuid != state->vuid) {
1940 did_close = close_file_in_loop(fsp, SHUTDOWN_CLOSE);
1942 state->fsp_left_behind = true;
1948 void file_close_user(struct smbd_server_connection *sconn, uint64_t vuid)
1950 struct file_close_user_state state = { .vuid = vuid };
1952 files_forall(sconn, file_close_user_fn, &state);
1954 if (state.fsp_left_behind) {
1955 state.fsp_left_behind = false;
1956 files_forall(sconn, file_close_user_fn, &state);
1957 SMB_ASSERT(!state.fsp_left_behind);
1962 * Walk the files table until "fn" returns non-NULL
1965 struct files_struct *files_forall(
1966 struct smbd_server_connection *sconn,
1967 struct files_struct *(*fn)(struct files_struct *fsp,
1968 void *private_data),
1971 struct files_struct *fsp, *next;
1973 for (fsp = sconn->files; fsp; fsp = next) {
1974 struct files_struct *ret;
1976 ret = fn(fsp, private_data);
1984 /****************************************************************************
1985 Find a fsp given a file descriptor.
1986 ****************************************************************************/
1988 files_struct *file_find_fd(struct smbd_server_connection *sconn, int fd)
1993 for (fsp=sconn->files; fsp; fsp=fsp->next,count++) {
1994 if (fsp_get_pathref_fd(fsp) == fd) {
1996 DLIST_PROMOTE(sconn->files, fsp);
2005 /****************************************************************************
2006 Find a fsp given a device, inode and file_id.
2007 ****************************************************************************/
2009 files_struct *file_find_dif(struct smbd_server_connection *sconn,
2010 struct file_id id, unsigned long gen_id)
2019 for (fsp = sconn->files; fsp; fsp = fsp->next,count++) {
2021 * We can have a fsp->fh->fd == -1 here as it could be a stat
2024 if (!file_id_equal(&fsp->file_id, &id)) {
2027 if (!fsp->fsp_flags.is_fsa) {
2030 if (fh_get_gen_id(fsp->fh) != gen_id) {
2034 DLIST_PROMOTE(sconn->files, fsp);
2042 /****************************************************************************
2043 Find the first fsp given a device and inode.
2044 We use a singleton cache here to speed up searching from getfilepathinfo
2046 ****************************************************************************/
2048 files_struct *file_find_di_first(struct smbd_server_connection *sconn,
2054 if (file_id_equal(&sconn->fsp_fi_cache.id, &id)) {
2055 /* Positive or negative cache hit. */
2056 return sconn->fsp_fi_cache.fsp;
2059 sconn->fsp_fi_cache.id = id;
2061 for (fsp=sconn->files;fsp;fsp=fsp->next) {
2062 if (need_fsa && !fsp->fsp_flags.is_fsa) {
2065 if (file_id_equal(&fsp->file_id, &id)) {
2066 /* Setup positive cache. */
2067 sconn->fsp_fi_cache.fsp = fsp;
2072 /* Setup negative cache. */
2073 sconn->fsp_fi_cache.fsp = NULL;
2077 /****************************************************************************
2078 Find the next fsp having the same device and inode.
2079 ****************************************************************************/
2081 files_struct *file_find_di_next(files_struct *start_fsp,
2086 for (fsp = start_fsp->next;fsp;fsp=fsp->next) {
2087 if (need_fsa && !fsp->fsp_flags.is_fsa) {
2090 if (file_id_equal(&fsp->file_id, &start_fsp->file_id)) {
2098 struct files_struct *file_find_one_fsp_from_lease_key(
2099 struct smbd_server_connection *sconn,
2100 const struct smb2_lease_key *lease_key)
2102 struct files_struct *fsp;
2104 for (fsp = sconn->files; fsp; fsp=fsp->next) {
2105 if ((fsp->lease != NULL) &&
2106 (fsp->lease->lease.lease_key.data[0] ==
2107 lease_key->data[0]) &&
2108 (fsp->lease->lease.lease_key.data[1] ==
2109 lease_key->data[1])) {
2116 /****************************************************************************
2117 Find any fsp open with a pathname below that of an already open path.
2118 ****************************************************************************/
2120 bool file_find_subpath(files_struct *dir_fsp)
2124 char *d_fullname = NULL;
2126 d_fullname = talloc_asprintf(talloc_tos(), "%s/%s",
2127 dir_fsp->conn->connectpath,
2128 dir_fsp->fsp_name->base_name);
2134 dlen = strlen(d_fullname);
2136 for (fsp=dir_fsp->conn->sconn->files; fsp; fsp=fsp->next) {
2139 if (fsp == dir_fsp) {
2143 d1_fullname = talloc_asprintf(talloc_tos(),
2145 fsp->conn->connectpath,
2146 fsp->fsp_name->base_name);
2149 * If the open file has a path that is a longer
2150 * component, then it's a subpath.
2152 if (strnequal(d_fullname, d1_fullname, dlen) &&
2153 (d1_fullname[dlen] == '/')) {
2154 TALLOC_FREE(d1_fullname);
2155 TALLOC_FREE(d_fullname);
2158 TALLOC_FREE(d1_fullname);
2161 TALLOC_FREE(d_fullname);
2165 /****************************************************************************
2167 ****************************************************************************/
2169 static void fsp_free(files_struct *fsp)
2171 struct smbd_server_connection *sconn = fsp->conn->sconn;
2173 if (fsp == sconn->fsp_fi_cache.fsp) {
2174 ZERO_STRUCT(sconn->fsp_fi_cache);
2177 DLIST_REMOVE(sconn->files, fsp);
2178 SMB_ASSERT(sconn->num_files > 0);
2181 TALLOC_FREE(fsp->fake_file_handle);
2183 if (fh_get_refcount(fsp->fh) == 1) {
2184 TALLOC_FREE(fsp->fh);
2186 size_t new_refcount = fh_get_refcount(fsp->fh) - 1;
2187 fh_set_refcount(fsp->fh, new_refcount);
2190 if (fsp->lease != NULL) {
2191 if (fsp->lease->ref_count == 1) {
2192 TALLOC_FREE(fsp->lease);
2194 fsp->lease->ref_count--;
2198 fsp->conn->num_files_open--;
2200 if (fsp->fsp_name != NULL &&
2201 fsp->fsp_name->fsp_link != NULL)
2204 * Free fsp_link of fsp->fsp_name. To do this in the correct
2205 * talloc destructor order we have to do it here. The
2206 * talloc_free() of the link should set the fsp pointer to NULL.
2208 TALLOC_FREE(fsp->fsp_name->fsp_link);
2209 SMB_ASSERT(fsp->fsp_name->fsp == NULL);
2212 /* this is paranoia, just in case someone tries to reuse the
2216 /* fsp->fsp_name is a talloc child and is free'd automatically. */
2221 * Rundown of all smb-related sub-structures of an fsp
2223 void fsp_unbind_smb(struct smb_request *req, files_struct *fsp)
2225 if (fsp == fsp->conn->cwd_fsp) {
2230 size_t len = fsp_fullbasepath(fsp, NULL, 0);
2231 char fullpath[len+1];
2233 fsp_fullbasepath(fsp, fullpath, sizeof(fullpath));
2235 notify_remove(fsp->conn->sconn->notify_ctx, fsp, fullpath);
2236 TALLOC_FREE(fsp->notify);
2239 /* Ensure this event will never fire. */
2240 TALLOC_FREE(fsp->update_write_time_event);
2242 if (fsp->op != NULL) {
2243 fsp->op->compat = NULL;
2245 TALLOC_FREE(fsp->op);
2247 if ((req != NULL) && (fsp == req->chain_fsp)) {
2248 req->chain_fsp = NULL;
2252 * Clear all possible chained fsp
2253 * pointers in the SMB2 request queue.
2255 remove_smb2_chained_fsp(fsp);
2258 void file_free(struct smb_request *req, files_struct *fsp)
2260 struct smbd_server_connection *sconn = fsp->conn->sconn;
2261 uint64_t fnum = fsp->fnum;
2263 fsp_unbind_smb(req, fsp);
2265 /* Drop all remaining extensions. */
2266 vfs_remove_all_fsp_extensions(fsp);
2270 DBG_INFO("freed files structure %"PRIu64" (%zu used)\n",
2275 /****************************************************************************
2276 Get an fsp from a packet given a 16 bit fnum.
2277 ****************************************************************************/
2279 files_struct *file_fsp(struct smb_request *req, uint16_t fid)
2281 struct smbXsrv_open *op;
2288 * We should never get here. req==NULL could in theory
2289 * only happen from internal opens with a non-zero
2290 * root_dir_fid. Internal opens just don't do that, at
2291 * least they are not supposed to do so. And if they
2292 * start to do so, they better fake up a smb_request
2293 * from which we get the right smbd_server_conn. While
2294 * this should never happen, let's return NULL here.
2299 if (req->chain_fsp != NULL) {
2300 if (req->chain_fsp->fsp_flags.closing) {
2303 return req->chain_fsp;
2306 if (req->xconn == NULL) {
2310 now = timeval_to_nttime(&req->request_time);
2312 status = smb1srv_open_lookup(req->xconn,
2314 if (!NT_STATUS_IS_OK(status)) {
2323 if (fsp->fsp_flags.closing) {
2327 req->chain_fsp = fsp;
2328 fsp->fsp_name->st.cached_dos_attributes = FILE_ATTRIBUTE_INVALID;
2332 struct files_struct *file_fsp_get(struct smbd_smb2_request *smb2req,
2333 uint64_t persistent_id,
2334 uint64_t volatile_id)
2336 struct smbXsrv_open *op;
2339 struct files_struct *fsp;
2341 now = timeval_to_nttime(&smb2req->request_time);
2343 status = smb2srv_open_lookup(smb2req->xconn,
2344 persistent_id, volatile_id,
2346 if (!NT_STATUS_IS_OK(status)) {
2355 if (smb2req->tcon == NULL) {
2359 if (smb2req->tcon->compat != fsp->conn) {
2363 if (smb2req->session == NULL) {
2367 if (smb2req->session->global->session_wire_id != fsp->vuid) {
2371 if (fsp->fsp_flags.closing) {
2375 fsp->fsp_name->st.cached_dos_attributes = FILE_ATTRIBUTE_INVALID;
2380 struct files_struct *file_fsp_smb2(struct smbd_smb2_request *smb2req,
2381 uint64_t persistent_id,
2382 uint64_t volatile_id)
2384 struct files_struct *fsp;
2386 if (smb2req->compat_chain_fsp != NULL) {
2387 if (smb2req->compat_chain_fsp->fsp_flags.closing) {
2390 smb2req->compat_chain_fsp->fsp_name->st.cached_dos_attributes =
2391 FILE_ATTRIBUTE_INVALID;
2392 return smb2req->compat_chain_fsp;
2395 fsp = file_fsp_get(smb2req, persistent_id, volatile_id);
2400 smb2req->compat_chain_fsp = fsp;
2404 /****************************************************************************
2405 Duplicate the file handle part for a DOS or FCB open.
2406 ****************************************************************************/
2408 NTSTATUS dup_file_fsp(
2410 uint32_t access_mask,
2413 size_t new_refcount;
2415 /* this can never happen for print files */
2416 SMB_ASSERT(from->print_file == NULL);
2418 TALLOC_FREE(to->fh);
2421 new_refcount = fh_get_refcount(to->fh) + 1;
2422 fh_set_refcount(to->fh, new_refcount);
2424 to->file_id = from->file_id;
2425 to->initial_allocation_size = from->initial_allocation_size;
2426 to->file_pid = from->file_pid;
2427 to->vuid = from->vuid;
2428 to->open_time = from->open_time;
2429 to->access_mask = access_mask;
2430 to->oplock_type = from->oplock_type;
2431 to->fsp_flags.can_lock = from->fsp_flags.can_lock;
2432 to->fsp_flags.can_read = ((access_mask & FILE_READ_DATA) != 0);
2433 to->fsp_flags.can_write =
2434 CAN_WRITE(from->conn) &&
2435 ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) != 0);
2436 if (from->fsp_name->twrp != 0) {
2437 to->fsp_flags.can_write = false;
2439 to->fsp_flags.modified = from->fsp_flags.modified;
2440 to->fsp_flags.is_directory = from->fsp_flags.is_directory;
2441 to->fsp_flags.aio_write_behind = from->fsp_flags.aio_write_behind;
2442 to->fsp_flags.is_fsa = from->fsp_flags.is_fsa;
2443 to->fsp_flags.is_pathref = from->fsp_flags.is_pathref;
2444 to->fsp_flags.have_proc_fds = from->fsp_flags.have_proc_fds;
2445 to->fsp_flags.is_dirfsp = from->fsp_flags.is_dirfsp;
2447 return fsp_set_smb_fname(to, from->fsp_name);
2451 * Return a jenkins hash of a pathname on a connection.
2454 NTSTATUS file_name_hash(connection_struct *conn,
2455 const char *name, uint32_t *p_name_hash)
2457 char tmpbuf[PATH_MAX];
2458 char *fullpath, *to_free;
2462 /* Set the hash of the full pathname. */
2464 if (name[0] == '/') {
2465 strlcpy(tmpbuf, name, sizeof(tmpbuf));
2467 len = strlen(fullpath);
2470 len = full_path_tos(conn->connectpath,
2478 return NT_STATUS_NO_MEMORY;
2480 key = (TDB_DATA) { .dptr = (uint8_t *)fullpath, .dsize = len+1 };
2481 *p_name_hash = tdb_jenkins_hash(&key);
2483 DEBUG(10,("file_name_hash: %s hash 0x%x\n",
2485 (unsigned int)*p_name_hash ));
2487 TALLOC_FREE(to_free);
2488 return NT_STATUS_OK;
2491 static NTSTATUS fsp_attach_smb_fname(struct files_struct *fsp,
2492 struct smb_filename **_smb_fname)
2494 TALLOC_CTX *frame = talloc_stackframe();
2495 struct smb_filename *smb_fname_new = talloc_move(fsp, _smb_fname);
2496 const char *name_str = NULL;
2497 uint32_t name_hash = 0;
2500 name_str = smb_fname_str_dbg(smb_fname_new);
2501 if (name_str == NULL) {
2503 return NT_STATUS_NO_MEMORY;
2506 status = file_name_hash(fsp->conn,
2511 if (!NT_STATUS_IS_OK(status)) {
2515 status = fsp_smb_fname_link(fsp,
2516 &smb_fname_new->fsp_link,
2517 &smb_fname_new->fsp);
2518 if (!NT_STATUS_IS_OK(status)) {
2522 fsp->name_hash = name_hash;
2523 fsp->fsp_name = smb_fname_new;
2524 fsp->fsp_name->st.cached_dos_attributes = FILE_ATTRIBUTE_INVALID;
2526 return NT_STATUS_OK;
2530 * The only way that the fsp->fsp_name field should ever be set.
2532 NTSTATUS fsp_set_smb_fname(struct files_struct *fsp,
2533 const struct smb_filename *smb_fname_in)
2535 struct smb_filename *smb_fname_old = fsp->fsp_name;
2536 struct smb_filename *smb_fname_new = NULL;
2539 smb_fname_new = cp_smb_filename(fsp, smb_fname_in);
2540 if (smb_fname_new == NULL) {
2541 return NT_STATUS_NO_MEMORY;
2544 status = fsp_attach_smb_fname(fsp, &smb_fname_new);
2545 if (!NT_STATUS_IS_OK(status)) {
2546 TALLOC_FREE(smb_fname_new);
2550 if (smb_fname_old != NULL) {
2551 smb_fname_fsp_unlink(smb_fname_old);
2552 TALLOC_FREE(smb_fname_old);
2555 return NT_STATUS_OK;
2558 size_t fsp_fullbasepath(struct files_struct *fsp, char *buf, size_t buflen)
2564 * susv4 allows buf==NULL if buflen==0 for snprintf.
2566 SMB_ASSERT(buflen == 0);
2569 if (ISDOT(fsp->fsp_name->base_name)) {
2570 len = snprintf(buf, buflen, "%s", fsp->conn->connectpath);
2575 fsp->conn->connectpath,
2576 fsp->fsp_name->base_name);
2578 SMB_ASSERT(len > 0);
2583 void fsp_set_base_fsp(struct files_struct *fsp, struct files_struct *base_fsp)
2585 SMB_ASSERT(fsp->stream_fsp == NULL);
2586 if (base_fsp != NULL) {
2587 SMB_ASSERT(base_fsp->base_fsp == NULL);
2588 SMB_ASSERT(base_fsp->stream_fsp == NULL);
2591 if (fsp->base_fsp != NULL) {
2592 SMB_ASSERT(fsp->base_fsp->stream_fsp == fsp);
2593 fsp->base_fsp->stream_fsp = NULL;
2596 fsp->base_fsp = base_fsp;
2597 if (fsp->base_fsp != NULL) {
2598 fsp->base_fsp->stream_fsp = fsp;
2602 bool fsp_is_alternate_stream(const struct files_struct *fsp)
2604 return (fsp->base_fsp != NULL);
2607 struct files_struct *metadata_fsp(struct files_struct *fsp)
2609 if (fsp_is_alternate_stream(fsp)) {
2610 return fsp->base_fsp;
2615 static bool fsp_generic_ask_sharemode(struct files_struct *fsp)
2621 if (fsp->posix_flags & FSP_POSIX_FLAGS_PATHNAMES) {
2622 /* Always use filesystem for UNIX mtime query. */
2629 bool fsp_search_ask_sharemode(struct files_struct *fsp)
2631 if (!fsp_generic_ask_sharemode(fsp)) {
2635 return lp_smbd_search_ask_sharemode(SNUM(fsp->conn));
2638 bool fsp_getinfo_ask_sharemode(struct files_struct *fsp)
2640 if (!fsp_generic_ask_sharemode(fsp)) {
2644 return lp_smbd_getinfo_ask_sharemode(SNUM(fsp->conn));
git.samba.org / samba.git / blob