2 Unix SMB/CIFS implementation.
4 Copyright (C) Andrew Tridgell 2004
5 Copyright (C) Stefan Metzmacher 2008
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 this is the open files database, tdb backend. It implements shared
23 storage of what files are open between server instances, and
24 implements the rules of shared access to files.
26 The caller needs to provide a file_key, which specifies what file
27 they are talking about. This needs to be a unique key across all
28 filesystems, and is usually implemented in terms of a device/inode
31 Before any operations can be performed the caller needs to establish
32 a lock on the record associated with file_key. That is done by
33 calling odb_lock(). The caller releases this lock by calling
34 talloc_free() on the returned handle.
36 All other operations on a record are done by passing the odb_lock()
37 handle back to this module. The handle contains internal
38 information about what file_key is being operated on.
42 #include "system/filesys.h"
43 #include "lib/tdb/include/tdb.h"
44 #include "messaging/messaging.h"
46 #include "lib/messaging/irpc.h"
47 #include "librpc/gen_ndr/ndr_opendb.h"
48 #include "ntvfs/ntvfs.h"
49 #include "ntvfs/common/ntvfs_common.h"
50 #include "cluster/cluster.h"
51 #include "param/param.h"
55 struct ntvfs_context *ntvfs_ctx;
60 an odb lock handle. You must obtain one of these using odb_lock() before doing
64 struct odb_context *odb;
69 Open up the openfiles.tdb database. Close it down using
70 talloc_free(). We need the messaging_ctx to allow for pending open
73 static struct odb_context *odb_tdb_init(TALLOC_CTX *mem_ctx,
74 struct ntvfs_context *ntvfs_ctx)
76 struct odb_context *odb;
78 odb = talloc(mem_ctx, struct odb_context);
83 odb->w = cluster_tdb_tmp_open(odb, ntvfs_ctx->lp_ctx, "openfiles.tdb", TDB_DEFAULT);
89 odb->ntvfs_ctx = ntvfs_ctx;
91 /* leave oplocks disabled by default until the code is working */
92 odb->oplocks = lp_parm_bool(ntvfs_ctx->lp_ctx, NULL, "opendb", "oplocks", false);
98 destroy a lock on the database
100 static int odb_lock_destructor(struct odb_lock *lck)
102 tdb_chainunlock(lck->odb->w->tdb, lck->key);
107 get a lock on a entry in the odb. This call returns a lock handle,
108 which the caller should unlock using talloc_free().
110 static struct odb_lock *odb_tdb_lock(TALLOC_CTX *mem_ctx,
111 struct odb_context *odb, DATA_BLOB *file_key)
113 struct odb_lock *lck;
115 lck = talloc(mem_ctx, struct odb_lock);
120 lck->odb = talloc_reference(lck, odb);
121 lck->key.dptr = talloc_memdup(lck, file_key->data, file_key->length);
122 lck->key.dsize = file_key->length;
123 if (lck->key.dptr == NULL) {
128 if (tdb_chainlock(odb->w->tdb, lck->key) != 0) {
133 talloc_set_destructor(lck, odb_lock_destructor);
138 static DATA_BLOB odb_tdb_get_key(TALLOC_CTX *mem_ctx, struct odb_lock *lck)
140 return data_blob_talloc(mem_ctx, lck->key.dptr, lck->key.dsize);
145 determine if two odb_entry structures conflict
147 return NT_STATUS_OK on no conflict
149 static NTSTATUS share_conflict(struct opendb_entry *e1,
151 uint32_t share_access,
152 uint32_t access_mask)
154 /* if either open involves no read.write or delete access then
156 if (!(e1->access_mask & (SEC_FILE_WRITE_DATA |
157 SEC_FILE_APPEND_DATA |
163 if (!(access_mask & (SEC_FILE_WRITE_DATA |
164 SEC_FILE_APPEND_DATA |
171 /* data IO access masks. This is skipped if the two open handles
172 are on different streams (as in that case the masks don't
174 if (e1->stream_id != stream_id) {
178 #define CHECK_MASK(am, right, sa, share) \
179 if (((am) & (right)) && !((sa) & (share))) return NT_STATUS_SHARING_VIOLATION
181 CHECK_MASK(e1->access_mask, SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA,
182 share_access, NTCREATEX_SHARE_ACCESS_WRITE);
183 CHECK_MASK(access_mask, SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA,
184 e1->share_access, NTCREATEX_SHARE_ACCESS_WRITE);
186 CHECK_MASK(e1->access_mask, SEC_FILE_READ_DATA | SEC_FILE_EXECUTE,
187 share_access, NTCREATEX_SHARE_ACCESS_READ);
188 CHECK_MASK(access_mask, SEC_FILE_READ_DATA | SEC_FILE_EXECUTE,
189 e1->share_access, NTCREATEX_SHARE_ACCESS_READ);
191 CHECK_MASK(e1->access_mask, SEC_STD_DELETE,
192 share_access, NTCREATEX_SHARE_ACCESS_DELETE);
193 CHECK_MASK(access_mask, SEC_STD_DELETE,
194 e1->share_access, NTCREATEX_SHARE_ACCESS_DELETE);
200 pull a record, translating from the db format to the opendb_file structure defined
203 static NTSTATUS odb_pull_record(struct odb_lock *lck, struct opendb_file *file)
205 struct odb_context *odb = lck->odb;
208 enum ndr_err_code ndr_err;
210 dbuf = tdb_fetch(odb->w->tdb, lck->key);
211 if (dbuf.dptr == NULL) {
212 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
215 blob.data = dbuf.dptr;
216 blob.length = dbuf.dsize;
218 ndr_err = ndr_pull_struct_blob(&blob, lck, lp_iconv_convenience(lck->odb->ntvfs_ctx->lp_ctx), file, (ndr_pull_flags_fn_t)ndr_pull_opendb_file);
220 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
221 return ndr_map_error2ntstatus(ndr_err);
228 push a record, translating from the opendb_file structure defined in opendb.idl
230 static NTSTATUS odb_push_record(struct odb_lock *lck, struct opendb_file *file)
232 struct odb_context *odb = lck->odb;
235 enum ndr_err_code ndr_err;
238 if (file->num_entries == 0) {
239 ret = tdb_delete(odb->w->tdb, lck->key);
241 return NT_STATUS_INTERNAL_DB_CORRUPTION;
246 ndr_err = ndr_push_struct_blob(&blob, lck, lp_iconv_convenience(lck->odb->ntvfs_ctx->lp_ctx), file, (ndr_push_flags_fn_t)ndr_push_opendb_file);
247 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
248 return ndr_map_error2ntstatus(ndr_err);
251 dbuf.dptr = blob.data;
252 dbuf.dsize = blob.length;
254 ret = tdb_store(odb->w->tdb, lck->key, dbuf, TDB_REPLACE);
255 data_blob_free(&blob);
257 return NT_STATUS_INTERNAL_DB_CORRUPTION;
264 send an oplock break to a client
266 static NTSTATUS odb_oplock_break_send(struct odb_context *odb,
267 struct opendb_entry *e,
271 struct opendb_oplock_break op_break;
274 ZERO_STRUCT(op_break);
276 /* tell the server handling this open file about the need to send the client
278 op_break.file_handle = e->file_handle;
279 op_break.level = level;
281 blob = data_blob_const(&op_break, sizeof(op_break));
283 status = messaging_send(odb->ntvfs_ctx->msg_ctx, e->server,
284 MSG_NTVFS_OPLOCK_BREAK, &blob);
285 NT_STATUS_NOT_OK_RETURN(status);
290 static bool access_attributes_only(uint32_t access_mask,
291 uint32_t open_disposition)
293 switch (open_disposition) {
294 case NTCREATEX_DISP_SUPERSEDE:
295 case NTCREATEX_DISP_OVERWRITE_IF:
296 case NTCREATEX_DISP_OVERWRITE:
301 #define CHECK_MASK(m,g) ((m) && (((m) & ~(g))==0) && (((m) & (g)) != 0))
302 return CHECK_MASK(access_mask,
303 SEC_STD_SYNCHRONIZE |
304 SEC_FILE_READ_ATTRIBUTE |
305 SEC_FILE_WRITE_ATTRIBUTE);
309 static NTSTATUS odb_tdb_open_can_internal(struct odb_context *odb,
310 const struct opendb_file *file,
311 uint32_t stream_id, uint32_t share_access,
312 uint32_t access_mask, bool delete_on_close,
313 uint32_t open_disposition, bool break_to_none,
318 bool attrs_only = false;
320 /* see if anyone has an oplock, which we need to break */
321 for (i=0;i<file->num_entries;i++) {
322 if (file->entries[i].oplock_level == OPLOCK_BATCH) {
323 bool oplock_return = OPLOCK_BREAK_TO_LEVEL_II;
324 /* if this is an attribute only access
325 * it doesn't conflict with a BACTCH oplock
326 * but we'll not grant the oplock below
328 attrs_only = access_attributes_only(access_mask,
333 /* a batch oplock caches close calls, which
334 means the client application might have
335 already closed the file. We have to allow
336 this close to propogate by sending a oplock
337 break request and suspending this call
338 until the break is acknowledged or the file
341 oplock_return = OPLOCK_BREAK_TO_NONE;
343 odb_oplock_break_send(odb, &file->entries[i],
345 return NT_STATUS_OPLOCK_NOT_GRANTED;
349 if (file->delete_on_close) {
350 /* while delete on close is set, no new opens are allowed */
351 return NT_STATUS_DELETE_PENDING;
354 if (file->num_entries != 0 && delete_on_close) {
355 return NT_STATUS_SHARING_VIOLATION;
358 /* check for sharing violations */
359 for (i=0;i<file->num_entries;i++) {
360 status = share_conflict(&file->entries[i], stream_id,
361 share_access, access_mask);
362 NT_STATUS_NOT_OK_RETURN(status);
365 /* we now know the open could succeed, but we need to check
366 for any exclusive oplocks. We can't grant a second open
367 till these are broken. Note that we check for batch oplocks
368 before checking for sharing violations, and check for
369 exclusive oplocks afterwards. */
370 for (i=0;i<file->num_entries;i++) {
371 if (file->entries[i].oplock_level == OPLOCK_EXCLUSIVE) {
372 odb_oplock_break_send(odb, &file->entries[i],
373 OPLOCK_BREAK_TO_NONE);
374 return NT_STATUS_OPLOCK_NOT_GRANTED;
379 *_attrs_only = attrs_only;
385 register an open file in the open files database. This implements the share_access
388 Note that the path is only used by the delete on close logic, not
389 for comparing with other filenames
391 static NTSTATUS odb_tdb_open_file(struct odb_lock *lck, void *file_handle,
392 uint32_t stream_id, uint32_t share_access,
393 uint32_t access_mask, bool delete_on_close,
395 uint32_t oplock_level, uint32_t *oplock_granted)
397 struct odb_context *odb = lck->odb;
398 struct opendb_entry e;
399 struct opendb_file file;
401 uint32_t open_disposition = 0;
402 bool break_to_none = false;
403 bool attrs_only = false;
405 if (odb->oplocks == false) {
406 oplock_level = OPLOCK_NONE;
409 status = odb_pull_record(lck, &file);
410 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
411 /* initialise a blank structure */
415 NT_STATUS_NOT_OK_RETURN(status);
418 /* see if it conflicts */
419 status = odb_tdb_open_can_internal(odb, &file, stream_id,
420 share_access, access_mask,
421 delete_on_close, open_disposition,
422 break_to_none, &attrs_only);
423 NT_STATUS_NOT_OK_RETURN(status);
425 /* see if it conflicts */
426 e.server = odb->ntvfs_ctx->server_id;
427 e.file_handle = file_handle;
428 e.stream_id = stream_id;
429 e.share_access = share_access;
430 e.access_mask = access_mask;
431 e.delete_on_close = delete_on_close;
432 e.oplock_level = OPLOCK_NONE;
435 possibly grant an exclusive, batch or level2 oplock
437 if (oplock_granted) {
439 e.oplock_level = OPLOCK_NONE;
440 *oplock_granted = NO_OPLOCK_RETURN;
441 } else if (oplock_level == OPLOCK_EXCLUSIVE) {
442 if (file.num_entries == 0) {
443 e.oplock_level = OPLOCK_EXCLUSIVE;
444 *oplock_granted = EXCLUSIVE_OPLOCK_RETURN;
446 e.oplock_level = OPLOCK_NONE;
447 *oplock_granted = NO_OPLOCK_RETURN;
449 } else if (oplock_level == OPLOCK_BATCH) {
450 if (file.num_entries == 0) {
451 e.oplock_level = OPLOCK_BATCH;
452 *oplock_granted = BATCH_OPLOCK_RETURN;
454 e.oplock_level = OPLOCK_LEVEL_II;
455 *oplock_granted = LEVEL_II_OPLOCK_RETURN;
457 } else if (oplock_level == OPLOCK_LEVEL_II) {
458 e.oplock_level = OPLOCK_LEVEL_II;
459 *oplock_granted = LEVEL_II_OPLOCK_RETURN;
461 e.oplock_level = OPLOCK_NONE;
462 *oplock_granted = NO_OPLOCK_RETURN;
466 /* it doesn't conflict, so add it to the end */
467 file.entries = talloc_realloc(lck, file.entries, struct opendb_entry,
469 NT_STATUS_HAVE_NO_MEMORY(file.entries);
471 file.entries[file.num_entries] = e;
474 return odb_push_record(lck, &file);
479 register a pending open file in the open files database
481 static NTSTATUS odb_tdb_open_file_pending(struct odb_lock *lck, void *private)
483 struct odb_context *odb = lck->odb;
484 struct opendb_file file;
487 status = odb_pull_record(lck, &file);
488 NT_STATUS_NOT_OK_RETURN(status);
490 file.pending = talloc_realloc(lck, file.pending, struct opendb_pending,
492 NT_STATUS_HAVE_NO_MEMORY(file.pending);
494 file.pending[file.num_pending].server = odb->ntvfs_ctx->server_id;
495 file.pending[file.num_pending].notify_ptr = private;
499 return odb_push_record(lck, &file);
504 remove a opendb entry
506 static NTSTATUS odb_tdb_close_file(struct odb_lock *lck, void *file_handle)
508 struct odb_context *odb = lck->odb;
509 struct opendb_file file;
513 status = odb_pull_record(lck, &file);
514 NT_STATUS_NOT_OK_RETURN(status);
516 /* find the entry, and delete it */
517 for (i=0;i<file.num_entries;i++) {
518 if (file_handle == file.entries[i].file_handle &&
519 cluster_id_equal(&odb->ntvfs_ctx->server_id, &file.entries[i].server)) {
520 if (file.entries[i].delete_on_close) {
521 file.delete_on_close = true;
523 if (i < file.num_entries-1) {
524 memmove(file.entries+i, file.entries+i+1,
525 (file.num_entries - (i+1)) *
526 sizeof(struct opendb_entry));
532 if (i == file.num_entries) {
533 return NT_STATUS_UNSUCCESSFUL;
536 /* send any pending notifications, removing them once sent */
537 for (i=0;i<file.num_pending;i++) {
538 messaging_send_ptr(odb->ntvfs_ctx->msg_ctx, file.pending[i].server,
540 file.pending[i].notify_ptr);
542 file.num_pending = 0;
546 return odb_push_record(lck, &file);
550 update the oplock level of the client
552 static NTSTATUS odb_tdb_update_oplock(struct odb_lock *lck, void *file_handle,
553 uint32_t oplock_level)
555 struct odb_context *odb = lck->odb;
556 struct opendb_file file;
560 status = odb_pull_record(lck, &file);
561 NT_STATUS_NOT_OK_RETURN(status);
563 /* find the entry, and update it */
564 for (i=0;i<file.num_entries;i++) {
565 if (file_handle == file.entries[i].file_handle &&
566 cluster_id_equal(&odb->ntvfs_ctx->server_id, &file.entries[i].server)) {
567 file.entries[i].oplock_level = oplock_level;
572 if (i == file.num_entries) {
573 return NT_STATUS_UNSUCCESSFUL;
576 /* send any pending notifications, removing them once sent */
577 for (i=0;i<file.num_pending;i++) {
578 messaging_send_ptr(odb->ntvfs_ctx->msg_ctx,
579 file.pending[i].server,
581 file.pending[i].notify_ptr);
583 file.num_pending = 0;
585 return odb_push_record(lck, &file);
589 send oplocks breaks to none to all level2 holders
591 static NTSTATUS odb_tdb_break_oplocks(struct odb_lock *lck)
593 struct odb_context *odb = lck->odb;
595 struct opendb_file file;
597 bool modified = true;
599 status = odb_pull_record(lck, &file);
600 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
603 NT_STATUS_NOT_OK_RETURN(status);
605 /* see if anyone has an oplock, which we need to break */
606 for (i=0;i<file.num_entries;i++) {
607 if (file.entries[i].oplock_level == OPLOCK_LEVEL_II) {
609 * there could be multiple level2 oplocks
610 * and we just send a break to none to all of them
611 * without waiting for a release
613 odb_oplock_break_send(odb, &file.entries[i],
614 OPLOCK_BREAK_TO_NONE);
615 file.entries[i].oplock_level = OPLOCK_NONE;
621 return odb_push_record(lck, &file);
627 remove a pending opendb entry
629 static NTSTATUS odb_tdb_remove_pending(struct odb_lock *lck, void *private)
631 struct odb_context *odb = lck->odb;
634 struct opendb_file file;
636 status = odb_pull_record(lck, &file);
637 NT_STATUS_NOT_OK_RETURN(status);
639 /* find the entry, and delete it */
640 for (i=0;i<file.num_pending;i++) {
641 if (private == file.pending[i].notify_ptr &&
642 cluster_id_equal(&odb->ntvfs_ctx->server_id, &file.pending[i].server)) {
643 if (i < file.num_pending-1) {
644 memmove(file.pending+i, file.pending+i+1,
645 (file.num_pending - (i+1)) *
646 sizeof(struct opendb_pending));
652 if (i == file.num_pending) {
653 return NT_STATUS_UNSUCCESSFUL;
658 return odb_push_record(lck, &file);
663 rename the path in a open file
665 static NTSTATUS odb_tdb_rename(struct odb_lock *lck, const char *path)
667 struct opendb_file file;
670 status = odb_pull_record(lck, &file);
671 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_NOT_FOUND, status)) {
672 /* not having the record at all is OK */
675 NT_STATUS_NOT_OK_RETURN(status);
678 return odb_push_record(lck, &file);
682 update delete on close flag on an open file
684 static NTSTATUS odb_tdb_set_delete_on_close(struct odb_lock *lck, bool del_on_close)
687 struct opendb_file file;
689 status = odb_pull_record(lck, &file);
690 NT_STATUS_NOT_OK_RETURN(status);
692 file.delete_on_close = del_on_close;
694 return odb_push_record(lck, &file);
698 return the current value of the delete_on_close bit, and how many
699 people still have the file open
701 static NTSTATUS odb_tdb_get_delete_on_close(struct odb_context *odb,
702 DATA_BLOB *key, bool *del_on_close,
703 int *open_count, char **path)
706 struct opendb_file file;
707 struct odb_lock *lck;
709 lck = odb_lock(odb, odb, key);
710 NT_STATUS_HAVE_NO_MEMORY(lck);
712 status = odb_pull_record(lck, &file);
713 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_NOT_FOUND, status)) {
715 (*del_on_close) = false;
718 if (!NT_STATUS_IS_OK(status)) {
723 (*del_on_close) = file.delete_on_close;
724 if (open_count != NULL) {
725 (*open_count) = file.num_entries;
728 *path = talloc_strdup(odb, file.path);
729 NT_STATUS_HAVE_NO_MEMORY(*path);
730 if (file.num_entries == 1 && file.entries[0].delete_on_close) {
731 (*del_on_close) = true;
742 determine if a file can be opened with the given share_access,
743 create_options and access_mask
745 static NTSTATUS odb_tdb_can_open(struct odb_lock *lck,
746 uint32_t share_access, uint32_t create_options,
747 uint32_t access_mask)
749 struct odb_context *odb = lck->odb;
751 struct opendb_file file;
752 uint32_t stream_id = 0;
753 uint32_t open_disposition = 0;
754 bool delete_on_close = false;
755 bool break_to_none = false;
756 bool attrs_only = false;
758 status = odb_pull_record(lck, &file);
759 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
762 NT_STATUS_NOT_OK_RETURN(status);
764 if (create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE) {
765 delete_on_close = true;
768 status = odb_tdb_open_can_internal(odb, &file, stream_id,
769 share_access, access_mask,
770 delete_on_close, open_disposition,
771 break_to_none, &attrs_only);
772 NT_STATUS_NOT_OK_RETURN(status);
778 static const struct opendb_ops opendb_tdb_ops = {
779 .odb_init = odb_tdb_init,
780 .odb_lock = odb_tdb_lock,
781 .odb_get_key = odb_tdb_get_key,
782 .odb_open_file = odb_tdb_open_file,
783 .odb_open_file_pending = odb_tdb_open_file_pending,
784 .odb_close_file = odb_tdb_close_file,
785 .odb_remove_pending = odb_tdb_remove_pending,
786 .odb_rename = odb_tdb_rename,
787 .odb_set_delete_on_close = odb_tdb_set_delete_on_close,
788 .odb_get_delete_on_close = odb_tdb_get_delete_on_close,
789 .odb_can_open = odb_tdb_can_open,
790 .odb_update_oplock = odb_tdb_update_oplock,
791 .odb_break_oplocks = odb_tdb_break_oplocks
795 void odb_tdb_init_ops(void)
797 odb_set_ops(&opendb_tdb_ops);