source3/smbd/notify.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    change notify handling
   4    Copyright (C) Andrew Tridgell 2000
   5    Copyright (C) Jeremy Allison 1994-1998
   6
   7    This program is free software; you can redistribute it and/or modify
   8    it under the terms of the GNU General Public License as published by
   9    the Free Software Foundation; either version 2 of the License, or
  10    (at your option) any later version.
  11
  12    This program is distributed in the hope that it will be useful,
  13    but WITHOUT ANY WARRANTY; without even the implied warranty of
  14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15    GNU General Public License for more details.
  16
  17    You should have received a copy of the GNU General Public License
  18    along with this program; if not, write to the Free Software
  19    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  20 */
  21
  22 #include "includes.h"
  23
  24 static struct cnotify_fns *cnotify;
  25 static struct notify_mid_map *notify_changes_by_mid;
  26
  27 /****************************************************************************
  28  This is the structure to queue to implement NT change
  29  notify. It consists of smb_size bytes stored from the
  30  transact command (to keep the mid, tid etc around).
  31  Plus the fid to examine and notify private data.
  32 *****************************************************************************/
  33
  34 struct change_notify {
  35         struct change_notify *next, *prev;
  36         files_struct *fsp;
  37         uint32 flags;
  38         uint32 max_param_count;
  39         char request_buf[smb_size];
  40         void *change_data;
  41 };
  42
  43 static struct change_notify *change_notify_list;
  44
  45 static BOOL notify_marshall_changes(unsigned num_changes,
  46                                     struct notify_change *changes,
  47                                     prs_struct *ps)
  48 {
  49         int i;
  50         UNISTR uni_name;
  51
  52         for (i=0; i<num_changes; i++) {
  53                 struct notify_change *c = &changes[i];
  54                 size_t namelen;
  55                 uint32 u32_tmp; /* Temp arg to prs_uint32 to avoid
  56                                  * signed/unsigned issues */
  57
  58                 namelen = convert_string_allocate(
  59                         NULL, CH_UNIX, CH_UTF16LE, c->name, strlen(c->name)+1,
  60                         &uni_name.buffer, True);
  61                 if ((namelen == -1) || (uni_name.buffer == NULL)) {
  62                         goto fail;
  63                 }
  64
  65                 namelen -= 2;   /* Dump NULL termination */
  66
  67                 /*
  68                  * Offset to next entry, only if there is one
  69                  */
  70
  71                 u32_tmp = (i == num_changes-1) ? 0 : namelen + 12;
  72                 if (!prs_uint32("offset", ps, 1, &u32_tmp)) goto fail;
  73
  74                 u32_tmp = c->action;
  75                 if (!prs_uint32("action", ps, 1, &u32_tmp)) goto fail;
  76
  77                 u32_tmp = namelen;
  78                 if (!prs_uint32("namelen", ps, 1, &u32_tmp)) goto fail;
  79
  80                 if (!prs_unistr("name", ps, 1, &uni_name)) goto fail;
  81
  82                 /*
  83                  * Not NULL terminated, decrease by the 2 UCS2 \0 chars
  84                  */
  85                 prs_set_offset(ps, prs_offset(ps)-2);
  86
  87                 SAFE_FREE(uni_name.buffer);
  88         }
  89
  90         return True;
  91
  92  fail:
  93         SAFE_FREE(uni_name.buffer);
  94         return False;
  95 }
  96
  97 /****************************************************************************
  98  Setup the common parts of the return packet and send it.
  99 *****************************************************************************/
 100
 101 void change_notify_reply_packet(const char *request_buf, NTSTATUS error_code)
 102 {
 103         char outbuf[smb_size+38];
 104
 105         memset(outbuf, '\0', sizeof(outbuf));
 106         construct_reply_common(request_buf, outbuf);
 107
 108         ERROR_NT(error_code);
 109
 110         /*
 111          * Seems NT needs a transact command with an error code
 112          * in it. This is a longer packet than a simple error.
 113          */
 114         set_message(outbuf,18,0,False);
 115
 116         show_msg(outbuf);
 117         if (!send_smb(smbd_server_fd(),outbuf))
 118                 exit_server_cleanly("change_notify_reply_packet: send_smb failed.");
 119 }
 120
 121 void change_notify_reply(const char *request_buf, uint32 max_param_count,
 122                          unsigned num_changes, struct notify_change *changes)
 123 {
 124         char *outbuf = NULL;
 125         prs_struct ps;
 126         size_t buflen = smb_size+38+max_param_count;
 127
 128         if (!prs_init(&ps, 0, NULL, False)
 129             || !notify_marshall_changes(num_changes, changes, &ps)) {
 130                 change_notify_reply_packet(request_buf, NT_STATUS_NO_MEMORY);
 131                 goto done;
 132         }
 133
 134         if (prs_offset(&ps) > max_param_count) {
 135                 /*
 136                  * We exceed what the client is willing to accept. Send
 137                  * nothing.
 138                  */
 139                 change_notify_reply_packet(request_buf, NT_STATUS_OK);
 140                 goto done;
 141         }
 142
 143         if (!(outbuf = SMB_MALLOC_ARRAY(char, buflen))) {
 144                 change_notify_reply_packet(request_buf, NT_STATUS_NO_MEMORY);
 145                 goto done;
 146         }
 147
 148         construct_reply_common(request_buf, outbuf);
 149
 150         if (send_nt_replies(outbuf, buflen, NT_STATUS_OK, prs_data_p(&ps),
 151                             prs_offset(&ps), NULL, 0) == -1) {
 152                 exit_server("change_notify_reply_packet: send_smb failed.");
 153         }
 154
 155  done:
 156         SAFE_FREE(outbuf);
 157         prs_mem_free(&ps);
 158 }
 159
 160 /****************************************************************************
 161  Remove an entry from the list and free it, also closing any
 162  directory handle if necessary.
 163 *****************************************************************************/
 164
 165 static void change_notify_remove(struct change_notify *cnbp)
 166 {
 167         cnotify->remove_notify(cnbp->change_data);
 168         DLIST_REMOVE(change_notify_list, cnbp);
 169         ZERO_STRUCTP(cnbp);
 170         SAFE_FREE(cnbp);
 171 }
 172
 173 NTSTATUS change_notify_add_request(const char *inbuf, uint32 max_param_count,
 174                                    struct files_struct *fsp)
 175 {
 176         struct notify_change_request *request = NULL;
 177         struct notify_mid_map *map = NULL;
 178
 179         if (!(request = SMB_MALLOC_P(struct notify_change_request))
 180             || !(map = SMB_MALLOC_P(struct notify_mid_map))) {
 181                 SAFE_FREE(request);
 182                 return NT_STATUS_NO_MEMORY;
 183         }
 184
 185         request->mid_map = map;
 186         map->req = request;
 187
 188         memcpy(request->request_buf, inbuf, sizeof(request->request_buf));
 189         request->max_param_count = max_param_count;
 190         request->fsp = fsp;
 191         DLIST_ADD_END(fsp->notify->requests, request,
 192                       struct notify_change_request *);
 193
 194         map->mid = SVAL(inbuf, smb_mid);
 195         DLIST_ADD(notify_changes_by_mid, map);
 196
 197         /* Push the MID of this packet on the signing queue. */
 198         srv_defer_sign_response(SVAL(inbuf,smb_mid));
 199
 200         return NT_STATUS_OK;
 201 }
 202
 203 static void change_notify_remove_request(struct notify_change_request *remove_req)
 204 {
 205         files_struct *fsp;
 206         struct notify_change_request *req;
 207
 208         /*
 209          * Paranoia checks, the fsp referenced must must have the request in
 210          * its list of pending requests
 211          */
 212
 213         fsp = remove_req->fsp;
 214         SMB_ASSERT(fsp->notify != NULL);
 215
 216         for (req = fsp->notify->requests; req; req = req->next) {
 217                 if (req == remove_req) {
 218                         break;
 219                 }
 220         }
 221         SMB_ASSERT(req != NULL);
 222
 223         DLIST_REMOVE(fsp->notify->requests, req);
 224         DLIST_REMOVE(notify_changes_by_mid, req->mid_map);
 225         SAFE_FREE(req->mid_map);
 226         SAFE_FREE(req);
 227 }
 228
 229 /****************************************************************************
 230  Delete entries by mid from the change notify pending queue. Always send reply.
 231 *****************************************************************************/
 232
 233 void remove_pending_change_notify_requests_by_mid(uint16 mid)
 234 {
 235         struct notify_mid_map *map;
 236
 237         for (map = notify_changes_by_mid; map; map = map->next) {
 238                 if (map->mid == mid) {
 239                         break;
 240                 }
 241         }
 242
 243         if (map == NULL) {
 244                 return;
 245         }
 246
 247         change_notify_reply_packet(map->req->request_buf, NT_STATUS_CANCELLED);
 248         change_notify_remove_request(map->req);
 249 }
 250
 251 /****************************************************************************
 252  Delete entries by fnum from the change notify pending queue.
 253 *****************************************************************************/
 254
 255 void remove_pending_change_notify_requests_by_fid(files_struct *fsp,
 256                                                   NTSTATUS status)
 257 {
 258         if (fsp->notify == NULL) {
 259                 return;
 260         }
 261
 262         while (fsp->notify->requests != NULL) {
 263                 change_notify_reply_packet(
 264                         fsp->notify->requests->request_buf, status);
 265                 change_notify_remove_request(fsp->notify->requests);
 266         }
 267 }
 268
 269 /****************************************************************************
 270  Delete entries by filename and cnum from the change notify pending queue.
 271  Always send reply.
 272 *****************************************************************************/
 273
 274 void remove_pending_change_notify_requests_by_filename(files_struct *fsp, NTSTATUS status)
 275 {
 276         struct change_notify *cnbp, *next;
 277
 278         for (cnbp=change_notify_list; cnbp; cnbp=next) {
 279                 next=cnbp->next;
 280                 /*
 281                  * We know it refers to the same directory if the connection number and
 282                  * the filename are identical.
 283                  */
 284                 if((cnbp->fsp->conn == fsp->conn) && strequal(cnbp->fsp->fsp_name,fsp->fsp_name)) {
 285                         change_notify_reply_packet(cnbp->request_buf, status);
 286                         change_notify_remove(cnbp);
 287                 }
 288         }
 289 }
 290
 291 /****************************************************************************
 292  Set the current change notify timeout to the lowest value across all service
 293  values.
 294 ****************************************************************************/
 295
 296 void set_change_notify_timeout(int val)
 297 {
 298         if (val > 0) {
 299                 cnotify->select_time = MIN(cnotify->select_time, val);
 300         }
 301 }
 302
 303 /****************************************************************************
 304  Longest time to sleep for before doing a change notify scan.
 305 ****************************************************************************/
 306
 307 int change_notify_timeout(void)
 308 {
 309         return cnotify->select_time;
 310 }
 311
 312 /****************************************************************************
 313  Process the change notify queue. Note that this is only called as root.
 314  Returns True if there are still outstanding change notify requests on the
 315  queue.
 316 *****************************************************************************/
 317
 318 BOOL process_pending_change_notify_queue(time_t t)
 319 {
 320         struct change_notify *cnbp, *next;
 321         uint16 vuid;
 322
 323         for (cnbp=change_notify_list; cnbp; cnbp=next) {
 324                 next=cnbp->next;
 325
 326                 vuid = (lp_security() == SEC_SHARE) ? UID_FIELD_INVALID : SVAL(cnbp->request_buf,smb_uid);
 327
 328                 if (cnbp->fsp->notify->num_changes != 0) {
 329                         DEBUG(10,("process_pending_change_notify_queue: %s "
 330                                   "has %d changes!\n", cnbp->fsp->fsp_name,
 331                                   cnbp->fsp->notify->num_changes));
 332                         change_notify_reply(cnbp->request_buf,
 333                                             cnbp->max_param_count,
 334                                             cnbp->fsp->notify->num_changes,
 335                                             cnbp->fsp->notify->changes);
 336                         change_notify_remove(cnbp);
 337                         continue;
 338                 }
 339
 340                 if (cnotify->check_notify(cnbp->fsp->conn, vuid,
 341                                           cnbp->fsp->fsp_name, cnbp->flags,
 342                                           cnbp->change_data, t)) {
 343                         DEBUG(10,("process_pending_change_notify_queue: dir "
 344                                   "%s changed !\n", cnbp->fsp->fsp_name ));
 345                         change_notify_reply(cnbp->request_buf,
 346                                             cnbp->max_param_count,
 347                                             cnbp->fsp->notify->num_changes,
 348                                             cnbp->fsp->notify->changes);
 349                         change_notify_remove(cnbp);
 350                 }
 351         }
 352
 353         return (change_notify_list != NULL);
 354 }
 355
 356 /****************************************************************************
 357  Now queue an entry on the notify change list.
 358  We only need to save smb_size bytes from this incoming packet
 359  as we will always by returning a 'read the directory yourself'
 360  error.
 361 ****************************************************************************/
 362
 363 BOOL change_notify_set(char *inbuf, files_struct *fsp, connection_struct *conn,
 364                        uint32 flags, uint32 max_param_count)
 365 {
 366         struct change_notify *cnbp;
 367
 368         if((cnbp = SMB_MALLOC_P(struct change_notify)) == NULL) {
 369                 DEBUG(0,("change_notify_set: malloc fail !\n" ));
 370                 return False;
 371         }
 372
 373         ZERO_STRUCTP(cnbp);
 374
 375         memcpy(cnbp->request_buf, inbuf, smb_size);
 376         cnbp->fsp = fsp;
 377         cnbp->flags = flags;
 378         cnbp->max_param_count = max_param_count;
 379         cnbp->change_data = cnotify->register_notify(conn, fsp->fsp_name,
 380                                                      flags);
 381
 382         if (!cnbp->change_data) {
 383                 SAFE_FREE(cnbp);
 384                 return False;
 385         }
 386
 387         DLIST_ADD(change_notify_list, cnbp);
 388
 389         /* Push the MID of this packet on the signing queue. */
 390         srv_defer_sign_response(SVAL(inbuf,smb_mid));
 391
 392         return True;
 393 }
 394
 395 int change_notify_fd(void)
 396 {
 397         if (cnotify) {
 398                 return cnotify->notification_fd;
 399         }
 400
 401         return -1;
 402 }
 403
 404 /* notify message definition
 405
 406 Offset  Data                    length.
 407 0       SMB_DEV_T dev           8
 408 8       SMB_INO_T inode         8
 409 16      uint32 action           4
 410 20..    name
 411 */
 412
 413 #define MSG_NOTIFY_MESSAGE_SIZE 21 /* Includes at least the '\0' terminator */
 414
 415 struct notify_message {
 416         SMB_DEV_T dev;
 417         SMB_INO_T inode;
 418         uint32_t action;
 419         char *name;
 420 };
 421
 422 static DATA_BLOB notify_message_to_buf(const struct notify_message *msg)
 423 {
 424         DATA_BLOB result;
 425         size_t len;
 426
 427         len = strlen(msg->name);
 428
 429         result = data_blob(NULL, MSG_NOTIFY_MESSAGE_SIZE + len);
 430         if (!result.data) {
 431                 return result;
 432         }
 433
 434         SDEV_T_VAL(result.data, 0, msg->dev);
 435         SINO_T_VAL(result.data, 8, msg->inode);
 436         SIVAL(result.data, 16, msg->action);
 437         memcpy(result.data+20, msg->name, len+1);
 438
 439         return result;
 440 }
 441
 442 static BOOL buf_to_notify_message(void *buf, size_t len,
 443                                   struct notify_message *msg)
 444 {
 445         if (len < MSG_NOTIFY_MESSAGE_SIZE) {
 446                 DEBUG(0, ("Got invalid notify message of len %d\n", len));
 447                 return False;
 448         }
 449
 450         msg->dev     = DEV_T_VAL(buf, 0);
 451         msg->inode   = INO_T_VAL(buf, 8);
 452         msg->action  = IVAL(buf, 16);
 453         msg->name    = ((char *)buf)+20;
 454         return True;
 455 }
 456
 457 void notify_action(connection_struct *conn, const char *parent,
 458                    const char *name, uint32_t action)
 459 {
 460         struct share_mode_lock *lck;
 461         SMB_STRUCT_STAT sbuf;
 462         int i;
 463         struct notify_message msg;
 464         DATA_BLOB blob;
 465
 466         struct process_id *pids;
 467         int num_pids;
 468
 469         DEBUG(10, ("notify_action: parent=%s, name=%s, action=%u\n",
 470                    parent, name, (unsigned)action));
 471
 472         if (SMB_VFS_STAT(conn, parent, &sbuf) != 0) {
 473                 /*
 474                  * Not 100% critical, ignore failure
 475                  */
 476                 return;
 477         }
 478
 479         if (!(lck = get_share_mode_lock(NULL, sbuf.st_dev, sbuf.st_ino,
 480                                         NULL, NULL))) {
 481                 return;
 482         }
 483
 484         msg.dev = sbuf.st_dev;
 485         msg.inode = sbuf.st_ino;
 486         msg.action = action;
 487         msg.name = CONST_DISCARD(char *, name);
 488
 489         blob = notify_message_to_buf(&msg);
 490         if (blob.data == NULL) {
 491                 DEBUG(0, ("notify_message_to_buf failed\n"));
 492                 return;
 493         }
 494
 495         pids = NULL;
 496         num_pids = 0;
 497
 498         become_root_uid_only();
 499
 500         for (i=0; i<lck->num_share_modes; i++) {
 501                 struct share_mode_entry *e = &lck->share_modes[i];
 502                 int j;
 503                 struct process_id *tmp;
 504
 505                 for (j=0; j<num_pids; j++) {
 506                         if (procid_equal(&e->pid, &pids[j])) {
 507                                 break;
 508                         }
 509                 }
 510
 511                 if (j < num_pids) {
 512                         /*
 513                          * Already sent to that process, skip it
 514                          */
 515                         continue;
 516                 }
 517
 518                 message_send_pid(lck->share_modes[i].pid, MSG_SMB_NOTIFY,
 519                                  blob.data, blob.length, True);
 520
 521                 if (!(tmp = TALLOC_REALLOC_ARRAY(lck, pids, struct process_id,
 522                                                  num_pids+1))) {
 523                         DEBUG(0, ("realloc failed\n"));
 524                         break;
 525                 }
 526                 pids = tmp;
 527                 pids[num_pids] = e->pid;
 528                 num_pids += 1;
 529         }
 530
 531         unbecome_root_uid_only();
 532
 533         data_blob_free(&blob);
 534         TALLOC_FREE(lck);
 535 }
 536
 537 static void notify_fsp(files_struct *fsp, struct notify_message *msg)
 538 {
 539         struct notify_change *change, *changes;
 540
 541         if (fsp->notify == NULL) {
 542                 /*
 543                  * Nobody is waiting, don't queue
 544                  */
 545                 return;
 546         }
 547
 548         if (fsp->notify->requests != NULL) {
 549                 /*
 550                  * Someone is waiting for the change, trigger the reply
 551                  * immediately
 552                  */
 553
 554                 struct notify_change_request *req = fsp->notify->requests;
 555                 struct notify_change onechange;
 556
 557                 onechange.action = msg->action;
 558                 onechange.name = msg->name;
 559
 560                 change_notify_reply(req->request_buf, req->max_param_count,
 561                                     1, &onechange);
 562
 563                 DLIST_REMOVE(fsp->notify->requests, req);
 564                 SAFE_FREE(req);
 565                 return;
 566         }
 567
 568         /*
 569          * Someone has triggered a notify previously, queue the change for
 570          * later. TODO: Limit the number of changes queued.
 571          */
 572
 573         if (!(changes = TALLOC_REALLOC_ARRAY(
 574                       fsp->notify, fsp->notify->changes,
 575                       struct notify_change, fsp->notify->num_changes+1))) {
 576                 DEBUG(0, ("talloc_realloc failed\n"));
 577                 return;
 578         }
 579
 580         fsp->notify->changes = changes;
 581
 582         change = &(fsp->notify->changes[fsp->notify->num_changes]);
 583
 584         if (!(change->name = talloc_strdup(changes, msg->name))) {
 585                 DEBUG(0, ("talloc_strdup failed\n"));
 586                 return;
 587         }
 588         change->action = msg->action;
 589         fsp->notify->num_changes += 1;
 590
 591         return;
 592 }
 593
 594 static void notify_message_callback(int msgtype, struct process_id pid,
 595                                     void *buf, size_t len)
 596 {
 597         struct notify_message msg;
 598         files_struct *fsp;
 599
 600         if (!buf_to_notify_message(buf, len, &msg)) {
 601                 return;
 602         }
 603
 604         DEBUG(10, ("Received notify_message for 0x%x/%.0f: %d\n",
 605                    (unsigned)msg.dev, (double)msg.inode, msg.action));
 606
 607         for(fsp = fsp_find_di_first(msg.dev, msg.inode); fsp;
 608             fsp = fsp_find_di_next(fsp)) {
 609                 notify_fsp(fsp, &msg);
 610         }
 611 }
 612
 613 /****************************************************************************
 614  Initialise the change notify subsystem.
 615 ****************************************************************************/
 616
 617 BOOL init_change_notify(void)
 618 {
 619         cnotify = NULL;
 620
 621 #if HAVE_KERNEL_CHANGE_NOTIFY
 622         if (cnotify == NULL && lp_kernel_change_notify())
 623                 cnotify = kernel_notify_init();
 624 #endif
 625 #if HAVE_FAM_CHANGE_NOTIFY
 626         if (cnotify == NULL && lp_fam_change_notify())
 627                 cnotify = fam_notify_init();
 628 #endif
 629         if (!cnotify) cnotify = hash_notify_init();
 630
 631         if (!cnotify) {
 632                 DEBUG(0,("Failed to init change notify system\n"));
 633                 return False;
 634         }
 635
 636         message_register(MSG_SMB_NOTIFY, notify_message_callback);
 637
 638         return True;
 639 }