search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
vfs_gpfs: Remove vfs_gpfs_get_quotas
[Samba.git] / source3 / modules / vfs_gpfs.c
blobaa0706016d1363c277a1948da05e5cebe6a2c27d
1 /*
2 * Unix SMB/CIFS implementation.
3 * Samba VFS module for GPFS filesystem
4 * Copyright (C) Christian Ambach <cambach1@de.ibm.com> 2006
5 * Copyright (C) Christof Schmitt 2015
6 * Major code contributions by Chetan Shringarpure <chetan.sh@in.ibm.com>
7 * and Gomati Mohanan <gomati.mohanan@in.ibm.com>
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 3 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24 #include "smbd/smbd.h"
25 #include "librpc/gen_ndr/ndr_xattr.h"
26 #include "include/smbprofile.h"
27 #include "modules/non_posix_acls.h"
28 #include "libcli/security/security.h"
29 #include "nfs4_acls.h"
30 #include "system/filesys.h"
31 #include "auth.h"
32 #include "lib/util/tevent_unix.h"
33 #include "lib/util/gpfswrap.h"
34
35 #undef DBGC_CLASS
36 #define DBGC_CLASS DBGC_VFS
37
38 #ifndef GPFS_GETACL_NATIVE
39 #define GPFS_GETACL_NATIVE 0x00000004
40 #endif
41
42 struct gpfs_config_data {
43 bool sharemodes;
44 bool leases;
45 bool hsm;
46 bool syncio;
47 bool winattr;
48 bool ftruncate;
49 bool getrealfilename;
50 bool dfreequota;
51 bool prealloc;
52 bool acl;
53 bool settimes;
54 bool recalls;
55 };
56
57 static inline unsigned int gpfs_acl_flags(gpfs_acl_t *gacl)
58 {
59 if (gacl->acl_level == 1) { /* GPFS_ACL_LEVEL_V4FLAGS */
60 /* gacl->v4Level1.acl_flags requires gpfs 3.5 */
61 return *(unsigned int *)&gacl->ace_v4;
62 }
63 return 0;
64 }
65
66 static inline gpfs_ace_v4_t *gpfs_ace_ptr(gpfs_acl_t *gacl, unsigned int i)
67 {
68 if (gacl->acl_level == 1) { /* GPFS_ACL_LEVEL_V4FLAGS */
69 /* &gacl->v4Level1.ace_v4[i] requires gpfs 3.5 */
70 char *ptr = (char *)&gacl->ace_v4[i] + sizeof(unsigned int);
71 return (gpfs_ace_v4_t *)ptr;
72 }
73 return &gacl->ace_v4[i];
74 }
75
76 static bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask,
77 uint32 share_access)
78 {
79 unsigned int allow = GPFS_SHARE_NONE;
80 unsigned int deny = GPFS_DENY_NONE;
81 int result;
82
83 if ((fsp == NULL) || (fsp->fh == NULL) || (fsp->fh->fd < 0)) {
84 /* No real file, don't disturb */
85 return True;
86 }
87
88 allow |= (access_mask & (FILE_WRITE_DATA|FILE_APPEND_DATA|
89 DELETE_ACCESS)) ? GPFS_SHARE_WRITE : 0;
90 allow |= (access_mask & (FILE_READ_DATA|FILE_EXECUTE)) ?
91 GPFS_SHARE_READ : 0;
92
93 if (allow == GPFS_SHARE_NONE) {
94 DEBUG(10, ("special case am=no_access:%x\n",access_mask));
95 }
96 else {
97 deny |= (share_access & FILE_SHARE_WRITE) ?
98 0 : GPFS_DENY_WRITE;
99 deny |= (share_access & (FILE_SHARE_READ)) ?
100 0 : GPFS_DENY_READ;
101 }
102 DEBUG(10, ("am=%x, allow=%d, sa=%x, deny=%d\n",
103 access_mask, allow, share_access, deny));
104
105 result = gpfswrap_set_share(fsp->fh->fd, allow, deny);
106 if (result != 0) {
107 if (errno == ENOSYS) {
108 DEBUG(5, ("VFS module vfs_gpfs loaded, but gpfs "
109 "set_share function support not available. "
110 "Allowing access\n"));
111 return True;
112 } else {
113 DEBUG(10, ("gpfs_set_share failed: %s\n",
114 strerror(errno)));
115 }
116 }
117
118 return (result == 0);
119 }
120
121 static int vfs_gpfs_kernel_flock(vfs_handle_struct *handle, files_struct *fsp,
122 uint32 share_mode, uint32 access_mask)
123 {
124
125 struct gpfs_config_data *config;
126 int ret = 0;
127
128 START_PROFILE(syscall_kernel_flock);
129
130 SMB_VFS_HANDLE_GET_DATA(handle, config,
131 struct gpfs_config_data,
132 return -1);
133
134 if(!config->sharemodes) {
135 return 0;
136 }
137
138 kernel_flock(fsp->fh->fd, share_mode, access_mask);
139
140 if (!set_gpfs_sharemode(fsp, access_mask, fsp->share_access)) {
141 ret = -1;
142 }
143
144 END_PROFILE(syscall_kernel_flock);
145
146 return ret;
147 }
148
149 static int vfs_gpfs_close(vfs_handle_struct *handle, files_struct *fsp)
150 {
151
152 struct gpfs_config_data *config;
153
154 SMB_VFS_HANDLE_GET_DATA(handle, config,
155 struct gpfs_config_data,
156 return -1);
157
158 if (config->sharemodes && (fsp->fh != NULL) && (fsp->fh->fd != -1)) {
159 set_gpfs_sharemode(fsp, 0, 0);
160 }
161
162 return SMB_VFS_NEXT_CLOSE(handle, fsp);
163 }
164
165 static int set_gpfs_lease(int fd, int leasetype)
166 {
167 int gpfs_type = GPFS_LEASE_NONE;
168
169 if (leasetype == F_RDLCK) {
170 gpfs_type = GPFS_LEASE_READ;
171 }
172 if (leasetype == F_WRLCK) {
173 gpfs_type = GPFS_LEASE_WRITE;
174 }
175
176 /* we unconditionally set CAP_LEASE, rather than looking for
177 -1/EACCES as there is a bug in some versions of
178 libgpfs_gpl.so which results in a leaked fd on /dev/ss0
179 each time we try this with the wrong capabilities set
180 */
181 linux_set_lease_capability();
182 return gpfswrap_set_lease(fd, gpfs_type);
183 }
184
185 static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp,
186 int leasetype)
187 {
188 struct gpfs_config_data *config;
189 int ret=0;
190
191 START_PROFILE(syscall_linux_setlease);
192
193 SMB_VFS_HANDLE_GET_DATA(handle, config,
194 struct gpfs_config_data,
195 return -1);
196
197 if (linux_set_lease_sighandler(fsp->fh->fd) == -1)
198 return -1;
199
200 if (config->leases) {
201 /*
202 * Ensure the lease owner is root to allow
203 * correct delivery of lease-break signals.
204 */
205 become_root();
206 ret = set_gpfs_lease(fsp->fh->fd,leasetype);
207 unbecome_root();
208 }
209
210 END_PROFILE(syscall_linux_setlease);
211
212 return ret;
213 }
214
215 static int vfs_gpfs_get_real_filename(struct vfs_handle_struct *handle,
216 const char *path,
217 const char *name,
218 TALLOC_CTX *mem_ctx,
219 char **found_name)
220 {
221 int result;
222 char *full_path;
223 char real_pathname[PATH_MAX+1];
224 int buflen;
225 bool mangled;
226 struct gpfs_config_data *config;
227
228 SMB_VFS_HANDLE_GET_DATA(handle, config,
229 struct gpfs_config_data,
230 return -1);
231
232 if (!config->getrealfilename) {
233 return SMB_VFS_NEXT_GET_REAL_FILENAME(handle, path, name,
234 mem_ctx, found_name);
235 }
236
237 mangled = mangle_is_mangled(name, handle->conn->params);
238 if (mangled) {
239 return SMB_VFS_NEXT_GET_REAL_FILENAME(handle, path, name,
240 mem_ctx, found_name);
241 }
242
243 full_path = talloc_asprintf(talloc_tos(), "%s/%s", path, name);
244 if (full_path == NULL) {
245 errno = ENOMEM;
246 return -1;
247 }
248
249 buflen = sizeof(real_pathname) - 1;
250
251 result = gpfswrap_get_realfilename_path(full_path, real_pathname,
252 &buflen);
253
254 TALLOC_FREE(full_path);
255
256 if ((result == -1) && (errno == ENOSYS)) {
257 return SMB_VFS_NEXT_GET_REAL_FILENAME(
258 handle, path, name, mem_ctx, found_name);
259 }
260
261 if (result == -1) {
262 DEBUG(10, ("smbd_gpfs_get_realfilename_path returned %s\n",
263 strerror(errno)));
264 return -1;
265 }
266
267 /*
268 * GPFS does not necessarily null-terminate the returned path
269 * but instead returns the buffer length in buflen.
270 */
271
272 if (buflen < sizeof(real_pathname)) {
273 real_pathname[buflen] = '\0';
274 } else {
275 real_pathname[sizeof(real_pathname)-1] = '\0';
276 }
277
278 DEBUG(10, ("smbd_gpfs_get_realfilename_path: %s/%s -> %s\n",
279 path, name, real_pathname));
280
281 name = strrchr_m(real_pathname, '/');
282 if (name == NULL) {
283 errno = ENOENT;
284 return -1;
285 }
286
287 *found_name = talloc_strdup(mem_ctx, name+1);
288 if (*found_name == NULL) {
289 errno = ENOMEM;
290 return -1;
291 }
292
293 return 0;
294 }
295
296 static void sd2gpfs_control(uint16_t control, struct gpfs_acl *gacl)
297 {
298 unsigned int gpfs_aclflags = 0;
299 control &= SEC_DESC_DACL_PROTECTED | SEC_DESC_SACL_PROTECTED |
300 SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_SACL_AUTO_INHERITED |
301 SEC_DESC_DACL_DEFAULTED | SEC_DESC_SACL_DEFAULTED |
302 SEC_DESC_DACL_PRESENT | SEC_DESC_SACL_PRESENT;
303 gpfs_aclflags = control << 8;
304 if (!(control & SEC_DESC_DACL_PRESENT))
305 gpfs_aclflags |= 0x00800000; /* ACL4_FLAG_NULL_DACL; */
306 if (!(control & SEC_DESC_SACL_PRESENT))
307 gpfs_aclflags |= 0x01000000; /* ACL4_FLAG_NULL_SACL; */
308 gacl->acl_level = 1; /* GPFS_ACL_LEVEL_V4FLAGS*/
309 /* gacl->v4Level1.acl_flags requires gpfs 3.5 */
310 *(unsigned int *)&gacl->ace_v4 = gpfs_aclflags;
311 }
312
313 static uint16_t gpfs2sd_control(unsigned int gpfs_aclflags)
314 {
315 uint16_t control = gpfs_aclflags >> 8;
316 control &= SEC_DESC_DACL_PROTECTED | SEC_DESC_SACL_PROTECTED |
317 SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_SACL_AUTO_INHERITED |
318 SEC_DESC_DACL_DEFAULTED | SEC_DESC_SACL_DEFAULTED |
319 SEC_DESC_DACL_PRESENT | SEC_DESC_SACL_PRESENT;
320 control |= SEC_DESC_SELF_RELATIVE;
321 return control;
322 }
323
324 static void gpfs_dumpacl(int level, struct gpfs_acl *gacl)
325 {
326 gpfs_aclCount_t i;
327 if (gacl==NULL)
328 {
329 DEBUG(0, ("gpfs acl is NULL\n"));
330 return;
331 }
332
333 DEBUG(level, ("len: %d, level: %d, version: %d, nace: %d, "
334 "control: %x\n",
335 gacl->acl_len, gacl->acl_level, gacl->acl_version,
336 gacl->acl_nace, gpfs_acl_flags(gacl)));
337
338 for(i=0; i<gacl->acl_nace; i++)
339 {
340 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, i);
341 DEBUG(level, ("\tace[%d]: type:%d, flags:0x%x, mask:0x%x, "
342 "iflags:0x%x, who:%u\n",
343 i, gace->aceType, gace->aceFlags, gace->aceMask,
344 gace->aceIFlags, gace->aceWho));
345 }
346 }
347
348 /*
349 * get the ACL from GPFS, allocated on the specified mem_ctx
350 * internally retries when initial buffer was too small
351 *
352 * caller needs to cast result to either
353 * raw = yes: struct gpfs_opaque_acl
354 * raw = no: struct gpfs_acl
355 *
356 */
357 static void *vfs_gpfs_getacl(TALLOC_CTX *mem_ctx,
358 const char *fname,
359 const bool raw,
360 const gpfs_aclType_t type)
361 {
362
363 void *aclbuf;
364 size_t size = 512;
365 int ret, flags;
366 unsigned int *len;
367 size_t struct_size;
368
369 again:
370
371 aclbuf = talloc_zero_size(mem_ctx, size);
372 if (aclbuf == NULL) {
373 errno = ENOMEM;
374 return NULL;
375 }
376
377 if (raw) {
378 struct gpfs_opaque_acl *buf = (struct gpfs_opaque_acl *) aclbuf;
379 buf->acl_type = type;
380 flags = GPFS_GETACL_NATIVE;
381 len = (unsigned int *) &(buf->acl_buffer_len);
382 struct_size = sizeof(struct gpfs_opaque_acl);
383 } else {
384 struct gpfs_acl *buf = (struct gpfs_acl *) aclbuf;
385 buf->acl_type = type;
386 buf->acl_level = 1; /* GPFS_ACL_LEVEL_V4FLAGS */
387 flags = GPFS_GETACL_STRUCT;
388 len = &(buf->acl_len);
389 /* reserve space for control flags in gpfs 3.5 and beyond */
390 struct_size = sizeof(struct gpfs_acl) + sizeof(unsigned int);
391 }
392
393 /* set the length of the buffer as input value */
394 *len = size;
395
396 errno = 0;
397 ret = gpfswrap_getacl(discard_const_p(char, fname), flags, aclbuf);
398 if ((ret != 0) && (errno == ENOSPC)) {
399 /*
400 * get the size needed to accommodate the complete buffer
401 *
402 * the value returned only applies to the ACL blob in the
403 * struct so make sure to also have headroom for the first
404 * struct members by adding room for the complete struct
405 * (might be a few bytes too much then)
406 */
407 size = *len + struct_size;
408 talloc_free(aclbuf);
409 DEBUG(10, ("Increasing ACL buffer size to %zu\n", size));
410 goto again;
411 }
412
413 if (ret != 0) {
414 DEBUG(5, ("smbd_gpfs_getacl failed with %s\n",
415 strerror(errno)));
416 talloc_free(aclbuf);
417 return NULL;
418 }
419
420 return aclbuf;
421 }
422
423 /* Tries to get nfs4 acls and returns SMB ACL allocated.
424 * On failure returns 1 if it got non-NFSv4 ACL to prompt
425 * retry with POSIX ACL checks.
426 * On failure returns -1 if there is system (GPFS) error, check errno.
427 * Returns 0 on success
428 */
429 static int gpfs_get_nfs4_acl(TALLOC_CTX *mem_ctx, const char *fname, SMB4ACL_T **ppacl)
430 {
431 gpfs_aclCount_t i;
432 struct gpfs_acl *gacl = NULL;
433 DEBUG(10, ("gpfs_get_nfs4_acl invoked for %s\n", fname));
434
435 /* Get the ACL */
436 gacl = (struct gpfs_acl*) vfs_gpfs_getacl(talloc_tos(), fname,
437 false, 0);
438 if (gacl == NULL) {
439 DEBUG(9, ("gpfs_getacl failed for %s with %s\n",
440 fname, strerror(errno)));
441 return -1;
442 }
443
444 if (gacl->acl_type != GPFS_ACL_TYPE_NFS4) {
445 DEBUG(10, ("Got non-nfsv4 acl\n"));
446 /* Retry with POSIX ACLs check */
447 talloc_free(gacl);
448 return 1;
449 }
450
451 *ppacl = smb_create_smb4acl(mem_ctx);
452
453 if (gacl->acl_level == 1) { /* GPFS_ACL_LEVEL_V4FLAGS */
454 uint16_t control = gpfs2sd_control(gpfs_acl_flags(gacl));
455 smbacl4_set_controlflags(*ppacl, control);
456 }
457
458 DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d, control: %x\n",
459 gacl->acl_len, gacl->acl_level, gacl->acl_version,
460 gacl->acl_nace, gpfs_acl_flags(gacl)));
461
462 for (i=0; i<gacl->acl_nace; i++) {
463 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, i);
464 SMB_ACE4PROP_T smbace;
465 DEBUG(10, ("type: %d, iflags: %x, flags: %x, mask: %x, "
466 "who: %d\n", gace->aceType, gace->aceIFlags,
467 gace->aceFlags, gace->aceMask, gace->aceWho));
468
469 ZERO_STRUCT(smbace);
470 if (gace->aceIFlags & ACE4_IFLAG_SPECIAL_ID) {
471 smbace.flags |= SMB_ACE4_ID_SPECIAL;
472 switch (gace->aceWho) {
473 case ACE4_SPECIAL_OWNER:
474 smbace.who.special_id = SMB_ACE4_WHO_OWNER;
475 break;
476 case ACE4_SPECIAL_GROUP:
477 smbace.who.special_id = SMB_ACE4_WHO_GROUP;
478 break;
479 case ACE4_SPECIAL_EVERYONE:
480 smbace.who.special_id = SMB_ACE4_WHO_EVERYONE;
481 break;
482 default:
483 DEBUG(8, ("invalid special gpfs id %d "
484 "ignored\n", gace->aceWho));
485 continue; /* don't add it */
486 }
487 } else {
488 if (gace->aceFlags & ACE4_FLAG_GROUP_ID)
489 smbace.who.gid = gace->aceWho;
490 else
491 smbace.who.uid = gace->aceWho;
492 }
493
494 /* remove redundant deny entries */
495 if (i > 0 && gace->aceType == SMB_ACE4_ACCESS_DENIED_ACE_TYPE) {
496 struct gpfs_ace_v4 *prev = gpfs_ace_ptr(gacl, i - 1);
497 if (prev->aceType == SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE &&
498 prev->aceFlags == gace->aceFlags &&
499 prev->aceIFlags == gace->aceIFlags &&
500 (gace->aceMask & prev->aceMask) == 0 &&
501 gace->aceWho == prev->aceWho) {
502 /* it's redundant - skip it */
503 continue;
504 }
505 }
506
507 smbace.aceType = gace->aceType;
508 smbace.aceFlags = gace->aceFlags;
509 smbace.aceMask = gace->aceMask;
510 smb_add_ace4(*ppacl, &smbace);
511 }
512
513 talloc_free(gacl);
514
515 return 0;
516 }
517
518 static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle,
519 files_struct *fsp, uint32 security_info,
520 TALLOC_CTX *mem_ctx,
521 struct security_descriptor **ppdesc)
522 {
523 SMB4ACL_T *pacl = NULL;
524 int result;
525 struct gpfs_config_data *config;
526 TALLOC_CTX *frame = talloc_stackframe();
527 NTSTATUS status;
528
529 *ppdesc = NULL;
530
531 SMB_VFS_HANDLE_GET_DATA(handle, config,
532 struct gpfs_config_data,
533 return NT_STATUS_INTERNAL_ERROR);
534
535 if (!config->acl) {
536 status = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info,
537 mem_ctx, ppdesc);
538 TALLOC_FREE(frame);
539 return status;
540 }
541
542 result = gpfs_get_nfs4_acl(frame, fsp->fsp_name->base_name, &pacl);
543
544 if (result == 0) {
545 status = smb_fget_nt_acl_nfs4(fsp, security_info, mem_ctx,
546 ppdesc, pacl);
547 TALLOC_FREE(frame);
548 return status;
549 }
550
551 if (result > 0) {
552 DEBUG(10, ("retrying with posix acl...\n"));
553 status = posix_fget_nt_acl(fsp, security_info,
554 mem_ctx, ppdesc);
555 TALLOC_FREE(frame);
556 return status;
557 }
558
559 TALLOC_FREE(frame);
560
561 /* GPFS ACL was not read, something wrong happened, error code is set in errno */
562 return map_nt_error_from_unix(errno);
563 }
564
565 static NTSTATUS gpfsacl_get_nt_acl(vfs_handle_struct *handle,
566 const char *name,
567 uint32 security_info,
568 TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc)
569 {
570 SMB4ACL_T *pacl = NULL;
571 int result;
572 struct gpfs_config_data *config;
573 TALLOC_CTX *frame = talloc_stackframe();
574 NTSTATUS status;
575
576 *ppdesc = NULL;
577
578 SMB_VFS_HANDLE_GET_DATA(handle, config,
579 struct gpfs_config_data,
580 return NT_STATUS_INTERNAL_ERROR);
581
582 if (!config->acl) {
583 status = SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info,
584 mem_ctx, ppdesc);
585 TALLOC_FREE(frame);
586 return status;
587 }
588
589 result = gpfs_get_nfs4_acl(frame, name, &pacl);
590
591 if (result == 0) {
592 status = smb_get_nt_acl_nfs4(handle->conn, name, security_info,
593 mem_ctx, ppdesc, pacl);
594 TALLOC_FREE(frame);
595 return status;
596 }
597
598 if (result > 0) {
599 DEBUG(10, ("retrying with posix acl...\n"));
600 status = posix_get_nt_acl(handle->conn, name, security_info,
601 mem_ctx, ppdesc);
602 TALLOC_FREE(frame);
603 return status;
604 }
605
606 /* GPFS ACL was not read, something wrong happened, error code is set in errno */
607 TALLOC_FREE(frame);
608 return map_nt_error_from_unix(errno);
609 }
610
611 static struct gpfs_acl *vfs_gpfs_smbacl2gpfsacl(TALLOC_CTX *mem_ctx,
612 files_struct *fsp,
613 SMB4ACL_T *smbacl,
614 bool controlflags)
615 {
616 struct gpfs_acl *gacl;
617 gpfs_aclLen_t gacl_len;
618 SMB4ACE_T *smbace;
619
620 gacl_len = offsetof(gpfs_acl_t, ace_v4) + sizeof(unsigned int)
621 + smb_get_naces(smbacl) * sizeof(gpfs_ace_v4_t);
622
623 gacl = (struct gpfs_acl *)TALLOC_SIZE(mem_ctx, gacl_len);
624 if (gacl == NULL) {
625 DEBUG(0, ("talloc failed\n"));
626 errno = ENOMEM;
627 return NULL;
628 }
629
630 gacl->acl_level = 0; /* GPFS_ACL_LEVEL_BASE */
631 gacl->acl_version = GPFS_ACL_VERSION_NFS4;
632 gacl->acl_type = GPFS_ACL_TYPE_NFS4;
633 gacl->acl_nace = 0; /* change later... */
634
635 if (controlflags) {
636 gacl->acl_level = 1; /* GPFS_ACL_LEVEL_V4FLAGS */
637 sd2gpfs_control(smbacl4_get_controlflags(smbacl), gacl);
638 }
639
640 for (smbace=smb_first_ace4(smbacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) {
641 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, gacl->acl_nace);
642 SMB_ACE4PROP_T *aceprop = smb_get_ace4(smbace);
643
644 gace->aceType = aceprop->aceType;
645 gace->aceFlags = aceprop->aceFlags;
646 gace->aceMask = aceprop->aceMask;
647
648 /*
649 * GPFS can't distinguish between WRITE and APPEND on
650 * files, so one being set without the other is an
651 * error. Sorry for the many ()'s :-)
652 */
653
654 if (!fsp->is_directory
655 &&
656 ((((gace->aceMask & ACE4_MASK_WRITE) == 0)
657 && ((gace->aceMask & ACE4_MASK_APPEND) != 0))
658 ||
659 (((gace->aceMask & ACE4_MASK_WRITE) != 0)
660 && ((gace->aceMask & ACE4_MASK_APPEND) == 0)))
661 &&
662 lp_parm_bool(fsp->conn->params->service, "gpfs",
663 "merge_writeappend", True)) {
664 DEBUG(2, ("vfs_gpfs.c: file [%s]: ACE contains "
665 "WRITE^APPEND, setting WRITE|APPEND\n",
666 fsp_str_dbg(fsp)));
667 gace->aceMask |= ACE4_MASK_WRITE|ACE4_MASK_APPEND;
668 }
669
670 gace->aceIFlags = (aceprop->flags&SMB_ACE4_ID_SPECIAL) ? ACE4_IFLAG_SPECIAL_ID : 0;
671
672 if (aceprop->flags&SMB_ACE4_ID_SPECIAL)
673 {
674 switch(aceprop->who.special_id)
675 {
676 case SMB_ACE4_WHO_EVERYONE:
677 gace->aceWho = ACE4_SPECIAL_EVERYONE;
678 break;
679 case SMB_ACE4_WHO_OWNER:
680 gace->aceWho = ACE4_SPECIAL_OWNER;
681 break;
682 case SMB_ACE4_WHO_GROUP:
683 gace->aceWho = ACE4_SPECIAL_GROUP;
684 break;
685 default:
686 DEBUG(8, ("unsupported special_id %d\n", aceprop->who.special_id));
687 continue; /* don't add it !!! */
688 }
689 } else {
690 /* just only for the type safety... */
691 if (aceprop->aceFlags&SMB_ACE4_IDENTIFIER_GROUP)
692 gace->aceWho = aceprop->who.gid;
693 else
694 gace->aceWho = aceprop->who.uid;
695 }
696
697 gacl->acl_nace++;
698 }
699 gacl->acl_len = (char *)gpfs_ace_ptr(gacl, gacl->acl_nace)
700 - (char *)gacl;
701 return gacl;
702 }
703
704 static bool gpfsacl_process_smbacl(vfs_handle_struct *handle,
705 files_struct *fsp,
706 SMB4ACL_T *smbacl)
707 {
708 int ret;
709 struct gpfs_acl *gacl;
710 TALLOC_CTX *mem_ctx = talloc_tos();
711
712 gacl = vfs_gpfs_smbacl2gpfsacl(mem_ctx, fsp, smbacl, true);
713 if (gacl == NULL) { /* out of memory */
714 return False;
715 }
716 ret = gpfswrap_putacl(fsp->fsp_name->base_name,
717 GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA, gacl);
718
719 if ((ret != 0) && (errno == EINVAL)) {
720 DEBUG(10, ("Retry without nfs41 control flags\n"));
721 talloc_free(gacl);
722 gacl = vfs_gpfs_smbacl2gpfsacl(mem_ctx, fsp, smbacl, false);
723 if (gacl == NULL) { /* out of memory */
724 return False;
725 }
726 ret = gpfswrap_putacl(fsp->fsp_name->base_name,
727 GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA,
728 gacl);
729 }
730
731 if (ret != 0) {
732 DEBUG(8, ("gpfs_putacl failed with %s\n", strerror(errno)));
733 gpfs_dumpacl(8, gacl);
734 return False;
735 }
736
737 DEBUG(10, ("gpfs_putacl succeeded\n"));
738 return True;
739 }
740
741 static NTSTATUS gpfsacl_set_nt_acl_internal(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
742 {
743 struct gpfs_acl *acl;
744 NTSTATUS result = NT_STATUS_ACCESS_DENIED;
745
746 acl = (struct gpfs_acl*) vfs_gpfs_getacl(talloc_tos(),
747 fsp->fsp_name->base_name,
748 false, 0);
749 if (acl == NULL) {
750 return map_nt_error_from_unix(errno);
751 }
752
753 if (acl->acl_version == GPFS_ACL_VERSION_NFS4) {
754 if (lp_parm_bool(fsp->conn->params->service, "gpfs",
755 "refuse_dacl_protected", false)
756 && (psd->type&SEC_DESC_DACL_PROTECTED)) {
757 DEBUG(2, ("Rejecting unsupported ACL with DACL_PROTECTED bit set\n"));
758 talloc_free(acl);
759 return NT_STATUS_NOT_SUPPORTED;
760 }
761
762 result = smb_set_nt_acl_nfs4(handle,
763 fsp, security_info_sent, psd,
764 gpfsacl_process_smbacl);
765 } else { /* assume POSIX ACL - by default... */
766 result = set_nt_acl(fsp, security_info_sent, psd);
767 }
768
769 talloc_free(acl);
770 return result;
771 }
772
773 static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
774 {
775 struct gpfs_config_data *config;
776
777 SMB_VFS_HANDLE_GET_DATA(handle, config,
778 struct gpfs_config_data,
779 return NT_STATUS_INTERNAL_ERROR);
780
781 if (!config->acl) {
782 return SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
783 }
784
785 return gpfsacl_set_nt_acl_internal(handle, fsp, security_info_sent, psd);
786 }
787
788 static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl, TALLOC_CTX *mem_ctx)
789 {
790 SMB_ACL_T result;
791 gpfs_aclCount_t i;
792
793 result = sys_acl_init(mem_ctx);
794 if (result == NULL) {
795 errno = ENOMEM;
796 return NULL;
797 }
798
799 result->count = pacl->acl_nace;
800 result->acl = talloc_realloc(result, result->acl, struct smb_acl_entry,
801 result->count);
802 if (result->acl == NULL) {
803 TALLOC_FREE(result);
804 errno = ENOMEM;
805 return NULL;
806 }
807
808 for (i=0; i<pacl->acl_nace; i++) {
809 struct smb_acl_entry *ace = &result->acl[i];
810 const struct gpfs_ace_v1 *g_ace = &pacl->ace_v1[i];
811
812 DEBUG(10, ("Converting type %d id %lu perm %x\n",
813 (int)g_ace->ace_type, (unsigned long)g_ace->ace_who,
814 (int)g_ace->ace_perm));
815
816 switch (g_ace->ace_type) {
817 case GPFS_ACL_USER:
818 ace->a_type = SMB_ACL_USER;
819 ace->info.user.uid = (uid_t)g_ace->ace_who;
820 break;
821 case GPFS_ACL_USER_OBJ:
822 ace->a_type = SMB_ACL_USER_OBJ;
823 break;
824 case GPFS_ACL_GROUP:
825 ace->a_type = SMB_ACL_GROUP;
826 ace->info.group.gid = (gid_t)g_ace->ace_who;
827 break;
828 case GPFS_ACL_GROUP_OBJ:
829 ace->a_type = SMB_ACL_GROUP_OBJ;
830 break;
831 case GPFS_ACL_OTHER:
832 ace->a_type = SMB_ACL_OTHER;
833 break;
834 case GPFS_ACL_MASK:
835 ace->a_type = SMB_ACL_MASK;
836 break;
837 default:
838 DEBUG(10, ("Got invalid ace_type: %d\n",
839 g_ace->ace_type));
840 TALLOC_FREE(result);
841 errno = EINVAL;
842 return NULL;
843 }
844
845 ace->a_perm = 0;
846 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_READ) ?
847 SMB_ACL_READ : 0;
848 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_WRITE) ?
849 SMB_ACL_WRITE : 0;
850 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_EXECUTE) ?
851 SMB_ACL_EXECUTE : 0;
852
853 DEBUGADD(10, ("Converted to %d perm %x\n",
854 ace->a_type, ace->a_perm));
855 }
856
857 return result;
858 }
859
860 static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type,
861 TALLOC_CTX *mem_ctx)
862 {
863 struct gpfs_acl *pacl;
864 SMB_ACL_T result = NULL;
865
866 pacl = vfs_gpfs_getacl(talloc_tos(), path, false, type);
867
868 if (pacl == NULL) {
869 DEBUG(10, ("vfs_gpfs_getacl failed for %s with %s\n",
870 path, strerror(errno)));
871 if (errno == 0) {
872 errno = EINVAL;
873 }
874 goto done;
875 }
876
877 if (pacl->acl_version != GPFS_ACL_VERSION_POSIX) {
878 DEBUG(10, ("Got acl version %d, expected %d\n",
879 pacl->acl_version, GPFS_ACL_VERSION_POSIX));
880 errno = EINVAL;
881 goto done;
882 }
883
884 DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d\n",
885 pacl->acl_len, pacl->acl_level, pacl->acl_version,
886 pacl->acl_nace));
887
888 result = gpfs2smb_acl(pacl, mem_ctx);
889 if (result != NULL) {
890 errno = 0;
891 }
892
893 done:
894
895 if (pacl != NULL) {
896 talloc_free(pacl);
897 }
898 if (errno != 0) {
899 TALLOC_FREE(result);
900 }
901 return result;
902 }
903
904 static SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle,
905 const char *path_p,
906 SMB_ACL_TYPE_T type,
907 TALLOC_CTX *mem_ctx)
908 {
909 gpfs_aclType_t gpfs_type;
910 struct gpfs_config_data *config;
911
912 SMB_VFS_HANDLE_GET_DATA(handle, config,
913 struct gpfs_config_data,
914 return NULL);
915
916 if (!config->acl) {
917 return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p,
918 type, mem_ctx);
919 }
920
921 switch(type) {
922 case SMB_ACL_TYPE_ACCESS:
923 gpfs_type = GPFS_ACL_TYPE_ACCESS;
924 break;
925 case SMB_ACL_TYPE_DEFAULT:
926 gpfs_type = GPFS_ACL_TYPE_DEFAULT;
927 break;
928 default:
929 DEBUG(0, ("Got invalid type: %d\n", type));
930 smb_panic("exiting");
931 }
932
933 return gpfsacl_get_posix_acl(path_p, gpfs_type, mem_ctx);
934 }
935
936 static SMB_ACL_T gpfsacl_sys_acl_get_fd(vfs_handle_struct *handle,
937 files_struct *fsp,
938 TALLOC_CTX *mem_ctx)
939 {
940 struct gpfs_config_data *config;
941
942 SMB_VFS_HANDLE_GET_DATA(handle, config,
943 struct gpfs_config_data,
944 return NULL);
945
946 if (!config->acl) {
947 return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx);
948 }
949
950 return gpfsacl_get_posix_acl(fsp->fsp_name->base_name,
951 GPFS_ACL_TYPE_ACCESS, mem_ctx);
952 }
953
954 static int gpfsacl_sys_acl_blob_get_file(vfs_handle_struct *handle,
955 const char *path_p,
956 TALLOC_CTX *mem_ctx,
957 char **blob_description,
958 DATA_BLOB *blob)
959 {
960 struct gpfs_config_data *config;
961 struct gpfs_opaque_acl *acl = NULL;
962 DATA_BLOB aclblob;
963 int result;
964
965 SMB_VFS_HANDLE_GET_DATA(handle, config,
966 struct gpfs_config_data,
967 return -1);
968
969 if (!config->acl) {
970 return SMB_VFS_NEXT_SYS_ACL_BLOB_GET_FILE(handle, path_p,
971 mem_ctx,
972 blob_description,
973 blob);
974 }
975
976 errno = 0;
977 acl = (struct gpfs_opaque_acl *)
978 vfs_gpfs_getacl(mem_ctx,
979 path_p,
980 true,
981 GPFS_ACL_TYPE_NFS4);
982
983 if (errno) {
984 DEBUG(5, ("vfs_gpfs_getacl finished with errno %d: %s\n",
985 errno, strerror(errno)));
986
987 /* EINVAL means POSIX ACL, bail out on other cases */
988 if (errno != EINVAL) {
989 return -1;
990 }
991 }
992
993 if (acl != NULL) {
994 /*
995 * file has NFSv4 ACL
996 *
997 * we only need the actual ACL blob here
998 * acl_version will always be NFS4 because we asked
999 * for NFS4
1000 * acl_type is only used for POSIX ACLs
1001 */
1002 aclblob.data = (uint8_t*) acl->acl_var_data;
1003 aclblob.length = acl->acl_buffer_len;
1004
1005 *blob_description = talloc_strdup(mem_ctx, "gpfs_nfs4_acl");
1006 if (!*blob_description) {
1007 talloc_free(acl);
1008 errno = ENOMEM;
1009 return -1;
1010 }
1011
1012 result = non_posix_sys_acl_blob_get_file_helper(handle, path_p,
1013 aclblob,
1014 mem_ctx, blob);
1015
1016 talloc_free(acl);
1017 return result;
1018 }
1019
1020 /* fall back to POSIX ACL */
1021 return posix_sys_acl_blob_get_file(handle, path_p, mem_ctx,
1022 blob_description, blob);
1023 }
1024
1025 static int gpfsacl_sys_acl_blob_get_fd(vfs_handle_struct *handle,
1026 files_struct *fsp,
1027 TALLOC_CTX *mem_ctx,
1028 char **blob_description,
1029 DATA_BLOB *blob)
1030 {
1031 struct gpfs_config_data *config;
1032 struct gpfs_opaque_acl *acl = NULL;
1033 DATA_BLOB aclblob;
1034 int result;
1035
1036 SMB_VFS_HANDLE_GET_DATA(handle, config,
1037 struct gpfs_config_data,
1038 return -1);
1039
1040 if (!config->acl) {
1041 return SMB_VFS_NEXT_SYS_ACL_BLOB_GET_FD(handle, fsp, mem_ctx,
1042 blob_description, blob);
1043 }
1044
1045 errno = 0;
1046 acl = (struct gpfs_opaque_acl *) vfs_gpfs_getacl(mem_ctx,
1047 fsp->fsp_name->base_name,
1048 true,
1049 GPFS_ACL_TYPE_NFS4);
1050
1051 if (errno) {
1052 DEBUG(5, ("vfs_gpfs_getacl finished with errno %d: %s\n",
1053 errno, strerror(errno)));
1054
1055 /* EINVAL means POSIX ACL, bail out on other cases */
1056 if (errno != EINVAL) {
1057 return -1;
1058 }
1059 }
1060
1061 if (acl != NULL) {
1062 /*
1063 * file has NFSv4 ACL
1064 *
1065 * we only need the actual ACL blob here
1066 * acl_version will always be NFS4 because we asked
1067 * for NFS4
1068 * acl_type is only used for POSIX ACLs
1069 */
1070 aclblob.data = (uint8_t*) acl->acl_var_data;
1071 aclblob.length = acl->acl_buffer_len;
1072
1073 *blob_description = talloc_strdup(mem_ctx, "gpfs_nfs4_acl");
1074 if (!*blob_description) {
1075 talloc_free(acl);
1076 errno = ENOMEM;
1077 return -1;
1078 }
1079
1080 result = non_posix_sys_acl_blob_get_fd_helper(handle, fsp,
1081 aclblob, mem_ctx,
1082 blob);
1083
1084 talloc_free(acl);
1085 return result;
1086 }
1087
1088 /* fall back to POSIX ACL */
1089 return posix_sys_acl_blob_get_fd(handle, fsp, mem_ctx,
1090 blob_description, blob);
1091 }
1092
1093 static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl,
1094 SMB_ACL_TYPE_T type)
1095 {
1096 gpfs_aclLen_t len;
1097 struct gpfs_acl *result;
1098 int i;
1099
1100 DEBUG(10, ("smb2gpfs_acl: Got ACL with %d entries\n", pacl->count));
1101
1102 len = offsetof(gpfs_acl_t, ace_v1) + (pacl->count) *
1103 sizeof(gpfs_ace_v1_t);
1104
1105 result = (struct gpfs_acl *)SMB_MALLOC(len);
1106 if (result == NULL) {
1107 errno = ENOMEM;
1108 return result;
1109 }
1110
1111 result->acl_len = len;
1112 result->acl_level = 0;
1113 result->acl_version = GPFS_ACL_VERSION_POSIX;
1114 result->acl_type = (type == SMB_ACL_TYPE_DEFAULT) ?
1115 GPFS_ACL_TYPE_DEFAULT : GPFS_ACL_TYPE_ACCESS;
1116 result->acl_nace = pacl->count;
1117
1118 for (i=0; i<pacl->count; i++) {
1119 const struct smb_acl_entry *ace = &pacl->acl[i];
1120 struct gpfs_ace_v1 *g_ace = &result->ace_v1[i];
1121
1122 DEBUG(10, ("Converting type %d perm %x\n",
1123 (int)ace->a_type, (int)ace->a_perm));
1124
1125 g_ace->ace_perm = 0;
1126
1127 switch(ace->a_type) {
1128 case SMB_ACL_USER:
1129 g_ace->ace_type = GPFS_ACL_USER;
1130 g_ace->ace_who = (gpfs_uid_t)ace->info.user.uid;
1131 break;
1132 case SMB_ACL_USER_OBJ:
1133 g_ace->ace_type = GPFS_ACL_USER_OBJ;
1134 g_ace->ace_perm |= ACL_PERM_CONTROL;
1135 g_ace->ace_who = 0;
1136 break;
1137 case SMB_ACL_GROUP:
1138 g_ace->ace_type = GPFS_ACL_GROUP;
1139 g_ace->ace_who = (gpfs_uid_t)ace->info.group.gid;
1140 break;
1141 case SMB_ACL_GROUP_OBJ:
1142 g_ace->ace_type = GPFS_ACL_GROUP_OBJ;
1143 g_ace->ace_who = 0;
1144 break;
1145 case SMB_ACL_MASK:
1146 g_ace->ace_type = GPFS_ACL_MASK;
1147 g_ace->ace_perm = 0x8f;
1148 g_ace->ace_who = 0;
1149 break;
1150 case SMB_ACL_OTHER:
1151 g_ace->ace_type = GPFS_ACL_OTHER;
1152 g_ace->ace_who = 0;
1153 break;
1154 default:
1155 DEBUG(10, ("Got invalid ace_type: %d\n", ace->a_type));
1156 errno = EINVAL;
1157 SAFE_FREE(result);
1158 return NULL;
1159 }
1160
1161 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_READ) ?
1162 ACL_PERM_READ : 0;
1163 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_WRITE) ?
1164 ACL_PERM_WRITE : 0;
1165 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_EXECUTE) ?
1166 ACL_PERM_EXECUTE : 0;
1167
1168 DEBUGADD(10, ("Converted to %d id %d perm %x\n",
1169 g_ace->ace_type, g_ace->ace_who, g_ace->ace_perm));
1170 }
1171
1172 return result;
1173 }
1174
1175 static int gpfsacl_sys_acl_set_file(vfs_handle_struct *handle,
1176 const char *name,
1177 SMB_ACL_TYPE_T type,
1178 SMB_ACL_T theacl)
1179 {
1180 struct gpfs_acl *gpfs_acl;
1181 int result;
1182 struct gpfs_config_data *config;
1183
1184 SMB_VFS_HANDLE_GET_DATA(handle, config,
1185 struct gpfs_config_data,
1186 return -1);
1187
1188 if (!config->acl) {
1189 return SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle, name, type, theacl);
1190 }
1191
1192 gpfs_acl = smb2gpfs_acl(theacl, type);
1193 if (gpfs_acl == NULL) {
1194 return -1;
1195 }
1196
1197 result = gpfswrap_putacl(discard_const_p(char, name),
1198 GPFS_PUTACL_STRUCT|GPFS_ACL_SAMBA, gpfs_acl);
1199
1200 SAFE_FREE(gpfs_acl);
1201 return result;
1202 }
1203
1204 static int gpfsacl_sys_acl_set_fd(vfs_handle_struct *handle,
1205 files_struct *fsp,
1206 SMB_ACL_T theacl)
1207 {
1208 struct gpfs_config_data *config;
1209
1210 SMB_VFS_HANDLE_GET_DATA(handle, config,
1211 struct gpfs_config_data,
1212 return -1);
1213
1214 if (!config->acl) {
1215 return SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, theacl);
1216 }
1217
1218 return gpfsacl_sys_acl_set_file(handle, fsp->fsp_name->base_name,
1219 SMB_ACL_TYPE_ACCESS, theacl);
1220 }
1221
1222 static int gpfsacl_sys_acl_delete_def_file(vfs_handle_struct *handle,
1223 const char *path)
1224 {
1225 struct gpfs_config_data *config;
1226
1227 SMB_VFS_HANDLE_GET_DATA(handle, config,
1228 struct gpfs_config_data,
1229 return -1);
1230
1231 if (!config->acl) {
1232 return SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE(handle, path);
1233 }
1234
1235 errno = ENOTSUP;
1236 return -1;
1237 }
1238
1239 /*
1240 * Assumed: mode bits are shiftable and standard
1241 * Output: the new aceMask field for an smb nfs4 ace
1242 */
1243 static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx)
1244 {
1245 const uint32 posix_nfs4map[3] = {
1246 SMB_ACE4_EXECUTE, /* execute */
1247 SMB_ACE4_WRITE_DATA | SMB_ACE4_APPEND_DATA, /* write; GPFS specific */
1248 SMB_ACE4_READ_DATA /* read */
1249 };
1250 int i;
1251 uint32_t posix_mask = 0x01;
1252 uint32_t posix_bit;
1253 uint32_t nfs4_bits;
1254
1255 for(i=0; i<3; i++) {
1256 nfs4_bits = posix_nfs4map[i];
1257 posix_bit = rwx & posix_mask;
1258
1259 if (aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) {
1260 if (posix_bit)
1261 aceMask |= nfs4_bits;
1262 else
1263 aceMask &= ~nfs4_bits;
1264 } else {
1265 /* add deny bits when suitable */
1266 if (!posix_bit)
1267 aceMask |= nfs4_bits;
1268 else
1269 aceMask &= ~nfs4_bits;
1270 } /* other ace types are unexpected */
1271
1272 posix_mask <<= 1;
1273 }
1274
1275 return aceMask;
1276 }
1277
1278 static int gpfsacl_emu_chmod(vfs_handle_struct *handle,
1279 const char *path, mode_t mode)
1280 {
1281 SMB4ACL_T *pacl = NULL;
1282 int result;
1283 bool haveAllowEntry[SMB_ACE4_WHO_EVERYONE + 1] = {False, False, False, False};
1284 int i;
1285 files_struct fake_fsp; /* TODO: rationalize parametrization */
1286 SMB4ACE_T *smbace;
1287 TALLOC_CTX *frame = talloc_stackframe();
1288
1289 DEBUG(10, ("gpfsacl_emu_chmod invoked for %s mode %o\n", path, mode));
1290
1291 result = gpfs_get_nfs4_acl(frame, path, &pacl);
1292 if (result) {
1293 TALLOC_FREE(frame);
1294 return result;
1295 }
1296
1297 if (mode & ~(S_IRWXU | S_IRWXG | S_IRWXO)) {
1298 DEBUG(2, ("WARNING: cutting extra mode bits %o on %s\n", mode, path));
1299 }
1300
1301 for (smbace=smb_first_ace4(pacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) {
1302 SMB_ACE4PROP_T *ace = smb_get_ace4(smbace);
1303 uint32_t specid = ace->who.special_id;
1304
1305 if (ace->flags&SMB_ACE4_ID_SPECIAL &&
1306 ace->aceType<=SMB_ACE4_ACCESS_DENIED_ACE_TYPE &&
1307 specid <= SMB_ACE4_WHO_EVERYONE) {
1308
1309 uint32_t newMask;
1310
1311 if (ace->aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE)
1312 haveAllowEntry[specid] = True;
1313
1314 /* mode >> 6 for @owner, mode >> 3 for @group,
1315 * mode >> 0 for @everyone */
1316 newMask = gpfsacl_mask_filter(ace->aceType, ace->aceMask,
1317 mode >> ((SMB_ACE4_WHO_EVERYONE - specid) * 3));
1318 if (ace->aceMask!=newMask) {
1319 DEBUG(10, ("ace changed for %s (%o -> %o) id=%d\n",
1320 path, ace->aceMask, newMask, specid));
1321 }
1322 ace->aceMask = newMask;
1323 }
1324 }
1325
1326 /* make sure we have at least ALLOW entries
1327 * for all the 3 special ids (@EVERYONE, @OWNER, @GROUP)
1328 * - if necessary
1329 */
1330 for(i = SMB_ACE4_WHO_OWNER; i<=SMB_ACE4_WHO_EVERYONE; i++) {
1331 SMB_ACE4PROP_T ace;
1332
1333 if (haveAllowEntry[i]==True)
1334 continue;
1335
1336 ZERO_STRUCT(ace);
1337 ace.aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE;
1338 ace.flags |= SMB_ACE4_ID_SPECIAL;
1339 ace.who.special_id = i;
1340
1341 if (i==SMB_ACE4_WHO_GROUP) /* not sure it's necessary... */
1342 ace.aceFlags |= SMB_ACE4_IDENTIFIER_GROUP;
1343
1344 ace.aceMask = gpfsacl_mask_filter(ace.aceType, ace.aceMask,
1345 mode >> ((SMB_ACE4_WHO_EVERYONE - i) * 3));
1346
1347 /* don't add unnecessary aces */
1348 if (!ace.aceMask)
1349 continue;
1350
1351 /* we add it to the END - as windows expects allow aces */
1352 smb_add_ace4(pacl, &ace);
1353 DEBUG(10, ("Added ALLOW ace for %s, mode=%o, id=%d, aceMask=%x\n",
1354 path, mode, i, ace.aceMask));
1355 }
1356
1357 /* don't add complementary DENY ACEs here */
1358 ZERO_STRUCT(fake_fsp);
1359 fake_fsp.fsp_name = synthetic_smb_fname(
1360 frame, path, NULL, NULL);
1361 if (fake_fsp.fsp_name == NULL) {
1362 errno = ENOMEM;
1363 TALLOC_FREE(frame);
1364 return -1;
1365 }
1366 /* put the acl */
1367 if (gpfsacl_process_smbacl(handle, &fake_fsp, pacl) == False) {
1368 TALLOC_FREE(frame);
1369 return -1;
1370 }
1371
1372 TALLOC_FREE(frame);
1373 return 0; /* ok for [f]chmod */
1374 }
1375
1376 static int vfs_gpfs_chmod(vfs_handle_struct *handle, const char *path, mode_t mode)
1377 {
1378 struct smb_filename *smb_fname_cpath;
1379 int rc;
1380
1381 smb_fname_cpath = synthetic_smb_fname(talloc_tos(), path, NULL, NULL);
1382 if (smb_fname_cpath == NULL) {
1383 errno = ENOMEM;
1384 return -1;
1385 }
1386
1387 if (SMB_VFS_NEXT_STAT(handle, smb_fname_cpath) != 0) {
1388 return -1;
1389 }
1390
1391 /* avoid chmod() if possible, to preserve acls */
1392 if ((smb_fname_cpath->st.st_ex_mode & ~S_IFMT) == mode) {
1393 return 0;
1394 }
1395
1396 rc = gpfsacl_emu_chmod(handle, path, mode);
1397 if (rc == 1)
1398 return SMB_VFS_NEXT_CHMOD(handle, path, mode);
1399 return rc;
1400 }
1401
1402 static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t mode)
1403 {
1404 SMB_STRUCT_STAT st;
1405 int rc;
1406
1407 if (SMB_VFS_NEXT_FSTAT(handle, fsp, &st) != 0) {
1408 return -1;
1409 }
1410
1411 /* avoid chmod() if possible, to preserve acls */
1412 if ((st.st_ex_mode & ~S_IFMT) == mode) {
1413 return 0;
1414 }
1415
1416 rc = gpfsacl_emu_chmod(handle, fsp->fsp_name->base_name,
1417 mode);
1418 if (rc == 1)
1419 return SMB_VFS_NEXT_FCHMOD(handle, fsp, mode);
1420 return rc;
1421 }
1422
1423 static int gpfs_set_xattr(struct vfs_handle_struct *handle, const char *path,
1424 const char *name, const void *value, size_t size, int flags){
1425 struct xattr_DOSATTRIB dosattrib;
1426 enum ndr_err_code ndr_err;
1427 DATA_BLOB blob;
1428 unsigned int dosmode=0;
1429 struct gpfs_winattr attrs;
1430 int ret = 0;
1431 struct gpfs_config_data *config;
1432
1433 SMB_VFS_HANDLE_GET_DATA(handle, config,
1434 struct gpfs_config_data,
1435 return -1);
1436
1437 if (!config->winattr) {
1438 DEBUG(10, ("gpfs_set_xattr:name is %s -> next\n",name));
1439 return SMB_VFS_NEXT_SETXATTR(handle,path,name,value,size,flags);
1440 }
1441
1442 DEBUG(10, ("gpfs_set_xattr: %s \n",path));
1443
1444 /* Only handle DOS Attributes */
1445 if (strcmp(name,SAMBA_XATTR_DOS_ATTRIB) != 0){
1446 DEBUG(5, ("gpfs_set_xattr:name is %s\n",name));
1447 return SMB_VFS_NEXT_SETXATTR(handle,path,name,value,size,flags);
1448 }
1449
1450 blob.data = discard_const_p(uint8_t, value);
1451 blob.length = size;
1452
1453 ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), &dosattrib,
1454 (ndr_pull_flags_fn_t)ndr_pull_xattr_DOSATTRIB);
1455
1456 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1457 DEBUG(1, ("gpfs_set_xattr: bad ndr decode "
1458 "from EA on file %s: Error = %s\n",
1459 path, ndr_errstr(ndr_err)));
1460 return false;
1461 }
1462
1463 if (dosattrib.version != 3) {
1464 DEBUG(1, ("gpfs_set_xattr: expected dosattrib version 3, got "
1465 "%d\n", (int)dosattrib.version));
1466 return false;
1467 }
1468 if (!(dosattrib.info.info3.valid_flags & XATTR_DOSINFO_ATTRIB)) {
1469 DEBUG(10, ("gpfs_set_xattr: XATTR_DOSINFO_ATTRIB not "
1470 "valid, ignoring\n"));
1471 return true;
1472 }
1473
1474 dosmode = dosattrib.info.info3.attrib;
1475
1476 attrs.winAttrs = 0;
1477 /*Just map RD_ONLY, ARCHIVE, SYSTEM HIDDEN and SPARSE. Ignore the others*/
1478 if (dosmode & FILE_ATTRIBUTE_ARCHIVE){
1479 attrs.winAttrs |= GPFS_WINATTR_ARCHIVE;
1480 }
1481 if (dosmode & FILE_ATTRIBUTE_HIDDEN){
1482 attrs.winAttrs |= GPFS_WINATTR_HIDDEN;
1483 }
1484 if (dosmode & FILE_ATTRIBUTE_SYSTEM){
1485 attrs.winAttrs |= GPFS_WINATTR_SYSTEM;
1486 }
1487 if (dosmode & FILE_ATTRIBUTE_READONLY){
1488 attrs.winAttrs |= GPFS_WINATTR_READONLY;
1489 }
1490 if (dosmode & FILE_ATTRIBUTE_SPARSE) {
1491 attrs.winAttrs |= GPFS_WINATTR_SPARSE_FILE;
1492 }
1493
1494
1495 ret = gpfswrap_set_winattrs_path(discard_const_p(char, path),
1496 GPFS_WINATTR_SET_ATTRS, &attrs);
1497 if ( ret == -1){
1498 if (errno == ENOSYS) {
1499 return SMB_VFS_NEXT_SETXATTR(handle, path, name, value,
1500 size, flags);
1501 }
1502
1503 DEBUG(1, ("gpfs_set_xattr:Set GPFS attributes failed %d\n",ret));
1504 return -1;
1505 }
1506
1507 DEBUG(10, ("gpfs_set_xattr:Set attributes: 0x%x\n",attrs.winAttrs));
1508 return 0;
1509 }
1510
1511 static ssize_t gpfs_get_xattr(struct vfs_handle_struct *handle, const char *path,
1512 const char *name, void *value, size_t size){
1513 char *attrstr = value;
1514 unsigned int dosmode = 0;
1515 struct gpfs_winattr attrs;
1516 int ret = 0;
1517 struct gpfs_config_data *config;
1518
1519 SMB_VFS_HANDLE_GET_DATA(handle, config,
1520 struct gpfs_config_data,
1521 return -1);
1522
1523 if (!config->winattr) {
1524 DEBUG(10, ("gpfs_get_xattr:name is %s -> next\n",name));
1525 return SMB_VFS_NEXT_GETXATTR(handle,path,name,value,size);
1526 }
1527
1528 DEBUG(10, ("gpfs_get_xattr: %s \n",path));
1529
1530 /* Only handle DOS Attributes */
1531 if (strcmp(name,SAMBA_XATTR_DOS_ATTRIB) != 0){
1532 DEBUG(5, ("gpfs_get_xattr:name is %s\n",name));
1533 return SMB_VFS_NEXT_GETXATTR(handle,path,name,value,size);
1534 }
1535
1536 ret = gpfswrap_get_winattrs_path(discard_const_p(char, path), &attrs);
1537 if ( ret == -1){
1538 int dbg_lvl;
1539
1540 if (errno == ENOSYS) {
1541 return SMB_VFS_NEXT_GETXATTR(handle, path, name, value,
1542 size);
1543 }
1544
1545 if (errno != EPERM && errno != EACCES) {
1546 dbg_lvl = 1;
1547 } else {
1548 dbg_lvl = 5;
1549 }
1550 DEBUG(dbg_lvl, ("gpfs_get_xattr: Get GPFS attributes failed: "
1551 "%d (%s)\n", ret, strerror(errno)));
1552 return -1;
1553 }
1554
1555 DEBUG(10, ("gpfs_get_xattr:Got attributes: 0x%x\n",attrs.winAttrs));
1556
1557 /*Just map RD_ONLY, ARCHIVE, SYSTEM, HIDDEN and SPARSE. Ignore the others*/
1558 if (attrs.winAttrs & GPFS_WINATTR_ARCHIVE){
1559 dosmode |= FILE_ATTRIBUTE_ARCHIVE;
1560 }
1561 if (attrs.winAttrs & GPFS_WINATTR_HIDDEN){
1562 dosmode |= FILE_ATTRIBUTE_HIDDEN;
1563 }
1564 if (attrs.winAttrs & GPFS_WINATTR_SYSTEM){
1565 dosmode |= FILE_ATTRIBUTE_SYSTEM;
1566 }
1567 if (attrs.winAttrs & GPFS_WINATTR_READONLY){
1568 dosmode |= FILE_ATTRIBUTE_READONLY;
1569 }
1570 if (attrs.winAttrs & GPFS_WINATTR_SPARSE_FILE) {
1571 dosmode |= FILE_ATTRIBUTE_SPARSE;
1572 }
1573
1574 snprintf(attrstr, size, "0x%2.2x",
1575 (unsigned int)(dosmode & SAMBA_ATTRIBUTES_MASK));
1576 DEBUG(10, ("gpfs_get_xattr: returning %s\n",attrstr));
1577 return 4;
1578 }
1579
1580 #if defined(HAVE_FSTATAT)
1581 static int stat_with_capability(struct vfs_handle_struct *handle,
1582 struct smb_filename *smb_fname, int flag)
1583 {
1584 int fd = -1;
1585 bool b;
1586 char *dir_name;
1587 const char *rel_name = NULL;
1588 struct stat st;
1589 int ret = -1;
1590
1591 b = parent_dirname(talloc_tos(), smb_fname->base_name,
1592 &dir_name, &rel_name);
1593 if (!b) {
1594 errno = ENOMEM;
1595 return -1;
1596 }
1597
1598 fd = open(dir_name, O_RDONLY, 0);
1599 TALLOC_FREE(dir_name);
1600 if (fd == -1) {
1601 return -1;
1602 }
1603
1604 set_effective_capability(DAC_OVERRIDE_CAPABILITY);
1605 ret = fstatat(fd, rel_name, &st, flag);
1606 drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
1607
1608 close(fd);
1609
1610 if (ret == 0) {
1611 init_stat_ex_from_stat(
1612 &smb_fname->st, &st,
1613 lp_fake_directory_create_times(SNUM(handle->conn)));
1614 }
1615
1616 return ret;
1617 }
1618 #endif
1619
1620 static int vfs_gpfs_stat(struct vfs_handle_struct *handle,
1621 struct smb_filename *smb_fname)
1622 {
1623 struct gpfs_winattr attrs;
1624 char *fname = NULL;
1625 NTSTATUS status;
1626 int ret;
1627 struct gpfs_config_data *config;
1628
1629 SMB_VFS_HANDLE_GET_DATA(handle, config,
1630 struct gpfs_config_data,
1631 return -1);
1632
1633 ret = SMB_VFS_NEXT_STAT(handle, smb_fname);
1634 #if defined(HAVE_FSTATAT)
1635 if (ret == -1 && errno == EACCES) {
1636 DEBUG(10, ("Trying stat with capability for %s\n",
1637 smb_fname->base_name));
1638 ret = stat_with_capability(handle, smb_fname, 0);
1639 }
1640 #endif
1641 if (ret == -1) {
1642 return -1;
1643 }
1644
1645 if (!config->winattr) {
1646 return 0;
1647 }
1648
1649 status = get_full_smb_filename(talloc_tos(), smb_fname, &fname);
1650 if (!NT_STATUS_IS_OK(status)) {
1651 errno = map_errno_from_nt_status(status);
1652 return -1;
1653 }
1654 ret = gpfswrap_get_winattrs_path(discard_const_p(char, fname), &attrs);
1655 TALLOC_FREE(fname);
1656 if (ret == 0) {
1657 smb_fname->st.st_ex_calculated_birthtime = false;
1658 smb_fname->st.st_ex_btime.tv_sec = attrs.creationTime.tv_sec;
1659 smb_fname->st.st_ex_btime.tv_nsec = attrs.creationTime.tv_nsec;
1660 }
1661 return 0;
1662 }
1663
1664 static int vfs_gpfs_fstat(struct vfs_handle_struct *handle,
1665 struct files_struct *fsp, SMB_STRUCT_STAT *sbuf)
1666 {
1667 struct gpfs_winattr attrs;
1668 int ret;
1669 struct gpfs_config_data *config;
1670
1671 SMB_VFS_HANDLE_GET_DATA(handle, config,
1672 struct gpfs_config_data,
1673 return -1);
1674
1675 ret = SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf);
1676 if (ret == -1) {
1677 return -1;
1678 }
1679 if ((fsp->fh == NULL) || (fsp->fh->fd == -1)) {
1680 return 0;
1681 }
1682 if (!config->winattr) {
1683 return 0;
1684 }
1685
1686 ret = gpfswrap_get_winattrs(fsp->fh->fd, &attrs);
1687 if (ret == 0) {
1688 sbuf->st_ex_calculated_birthtime = false;
1689 sbuf->st_ex_btime.tv_sec = attrs.creationTime.tv_sec;
1690 sbuf->st_ex_btime.tv_nsec = attrs.creationTime.tv_nsec;
1691 }
1692 return 0;
1693 }
1694
1695 static int vfs_gpfs_lstat(struct vfs_handle_struct *handle,
1696 struct smb_filename *smb_fname)
1697 {
1698 struct gpfs_winattr attrs;
1699 char *path = NULL;
1700 NTSTATUS status;
1701 int ret;
1702 struct gpfs_config_data *config;
1703
1704 SMB_VFS_HANDLE_GET_DATA(handle, config,
1705 struct gpfs_config_data,
1706 return -1);
1707
1708 ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
1709 #if defined(HAVE_FSTATAT)
1710 if (ret == -1 && errno == EACCES) {
1711 DEBUG(10, ("Trying lstat with capability for %s\n",
1712 smb_fname->base_name));
1713 ret = stat_with_capability(handle, smb_fname,
1714 AT_SYMLINK_NOFOLLOW);
1715 }
1716 #endif
1717
1718 if (ret == -1) {
1719 return -1;
1720 }
1721 if (!config->winattr) {
1722 return 0;
1723 }
1724
1725 status = get_full_smb_filename(talloc_tos(), smb_fname, &path);
1726 if (!NT_STATUS_IS_OK(status)) {
1727 errno = map_errno_from_nt_status(status);
1728 return -1;
1729 }
1730 ret = gpfswrap_get_winattrs_path(discard_const_p(char, path), &attrs);
1731 TALLOC_FREE(path);
1732 if (ret == 0) {
1733 smb_fname->st.st_ex_calculated_birthtime = false;
1734 smb_fname->st.st_ex_btime.tv_sec = attrs.creationTime.tv_sec;
1735 smb_fname->st.st_ex_btime.tv_nsec = attrs.creationTime.tv_nsec;
1736 }
1737 return 0;
1738 }
1739
1740 static void timespec_to_gpfs_time(struct timespec ts, gpfs_timestruc_t *gt,
1741 int idx, int *flags)
1742 {
1743 if (!null_timespec(ts)) {
1744 *flags |= 1 << idx;
1745 gt[idx].tv_sec = ts.tv_sec;
1746 gt[idx].tv_nsec = ts.tv_nsec;
1747 DEBUG(10, ("Setting GPFS time %d, flags 0x%x\n", idx, *flags));
1748 }
1749 }
1750
1751 static int smbd_gpfs_set_times_path(char *path, struct smb_file_time *ft)
1752 {
1753 gpfs_timestruc_t gpfs_times[4];
1754 int flags = 0;
1755 int rc;
1756
1757 ZERO_ARRAY(gpfs_times);
1758 timespec_to_gpfs_time(ft->atime, gpfs_times, 0, &flags);
1759 timespec_to_gpfs_time(ft->mtime, gpfs_times, 1, &flags);
1760 /* No good mapping from LastChangeTime to ctime, not storing */
1761 timespec_to_gpfs_time(ft->create_time, gpfs_times, 3, &flags);
1762
1763 if (!flags) {
1764 DEBUG(10, ("nothing to do, return to avoid EINVAL\n"));
1765 return 0;
1766 }
1767
1768 rc = gpfswrap_set_times_path(path, flags, gpfs_times);
1769
1770 if (rc != 0 && errno != ENOSYS) {
1771 DEBUG(1,("gpfs_set_times() returned with error %s\n",
1772 strerror(errno)));
1773 }
1774
1775 return rc;
1776 }
1777
1778 static int vfs_gpfs_ntimes(struct vfs_handle_struct *handle,
1779 const struct smb_filename *smb_fname,
1780 struct smb_file_time *ft)
1781 {
1782
1783 struct gpfs_winattr attrs;
1784 int ret;
1785 char *path = NULL;
1786 NTSTATUS status;
1787 struct gpfs_config_data *config;
1788
1789 SMB_VFS_HANDLE_GET_DATA(handle, config,
1790 struct gpfs_config_data,
1791 return -1);
1792
1793 status = get_full_smb_filename(talloc_tos(), smb_fname, &path);
1794 if (!NT_STATUS_IS_OK(status)) {
1795 errno = map_errno_from_nt_status(status);
1796 return -1;
1797 }
1798
1799 /* Try to use gpfs_set_times if it is enabled and available */
1800 if (config->settimes) {
1801 ret = smbd_gpfs_set_times_path(path, ft);
1802
1803 if (ret == 0 || (ret == -1 && errno != ENOSYS)) {
1804 return ret;
1805 }
1806 }
1807
1808 DEBUG(10,("gpfs_set_times() not available or disabled, "
1809 "use ntimes and winattr\n"));
1810
1811 ret = SMB_VFS_NEXT_NTIMES(handle, smb_fname, ft);
1812 if(ret == -1){
1813 /* don't complain if access was denied */
1814 if (errno != EPERM && errno != EACCES) {
1815 DEBUG(1,("vfs_gpfs_ntimes: SMB_VFS_NEXT_NTIMES failed:"
1816 "%s", strerror(errno)));
1817 }
1818 return -1;
1819 }
1820
1821 if(null_timespec(ft->create_time)){
1822 DEBUG(10,("vfs_gpfs_ntimes:Create Time is NULL\n"));
1823 return 0;
1824 }
1825
1826 if (!config->winattr) {
1827 return 0;
1828 }
1829
1830 attrs.winAttrs = 0;
1831 attrs.creationTime.tv_sec = ft->create_time.tv_sec;
1832 attrs.creationTime.tv_nsec = ft->create_time.tv_nsec;
1833
1834 ret = gpfswrap_set_winattrs_path(discard_const_p(char, path),
1835 GPFS_WINATTR_SET_CREATION_TIME,
1836 &attrs);
1837 if(ret == -1 && errno != ENOSYS){
1838 DEBUG(1,("vfs_gpfs_ntimes: set GPFS ntimes failed %d\n",ret));
1839 return -1;
1840 }
1841 return 0;
1842
1843 }
1844
1845 static int vfs_gpfs_fallocate(struct vfs_handle_struct *handle,
1846 struct files_struct *fsp, uint32_t mode,
1847 off_t offset, off_t len)
1848 {
1849 int ret;
1850 struct gpfs_config_data *config;
1851
1852 SMB_VFS_HANDLE_GET_DATA(handle, config,
1853 struct gpfs_config_data,
1854 return -1);
1855
1856 if (!config->prealloc) {
1857 /* you should better not run fallocate() on GPFS at all */
1858 errno = ENOTSUP;
1859 return -1;
1860 }
1861
1862 if (mode != 0) {
1863 DEBUG(10, ("unmapped fallocate flags: %lx\n",
1864 (unsigned long)mode));
1865 errno = ENOTSUP;
1866 return -1;
1867 }
1868
1869 ret = gpfswrap_prealloc(fsp->fh->fd, offset, len);
1870
1871 if (ret == -1 && errno != ENOSYS) {
1872 DEBUG(0, ("GPFS prealloc failed: %s\n", strerror(errno)));
1873 } else if (ret == -1 && errno == ENOSYS) {
1874 DEBUG(10, ("GPFS prealloc not supported.\n"));
1875 } else {
1876 DEBUG(10, ("GPFS prealloc succeeded.\n"));
1877 }
1878
1879 return ret;
1880 }
1881
1882 static int vfs_gpfs_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
1883 off_t len)
1884 {
1885 int result;
1886 struct gpfs_config_data *config;
1887
1888 SMB_VFS_HANDLE_GET_DATA(handle, config,
1889 struct gpfs_config_data,
1890 return -1);
1891
1892 if (!config->ftruncate) {
1893 return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1894 }
1895
1896 result = gpfswrap_ftruncate(fsp->fh->fd, len);
1897 if ((result == -1) && (errno == ENOSYS)) {
1898 return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1899 }
1900 return result;
1901 }
1902
1903 static bool vfs_gpfs_is_offline(struct vfs_handle_struct *handle,
1904 const struct smb_filename *fname,
1905 SMB_STRUCT_STAT *sbuf)
1906 {
1907 struct gpfs_winattr attrs;
1908 char *path = NULL;
1909 NTSTATUS status;
1910 struct gpfs_config_data *config;
1911 int ret;
1912
1913 SMB_VFS_HANDLE_GET_DATA(handle, config,
1914 struct gpfs_config_data,
1915 return -1);
1916
1917 if (!config->winattr) {
1918 return SMB_VFS_NEXT_IS_OFFLINE(handle, fname, sbuf);
1919 }
1920
1921 status = get_full_smb_filename(talloc_tos(), fname, &path);
1922 if (!NT_STATUS_IS_OK(status)) {
1923 errno = map_errno_from_nt_status(status);
1924 return -1;
1925 }
1926
1927 ret = gpfswrap_get_winattrs_path(path, &attrs);
1928 if (ret == -1) {
1929 TALLOC_FREE(path);
1930 return false;
1931 }
1932
1933 if ((attrs.winAttrs & GPFS_WINATTR_OFFLINE) != 0) {
1934 DEBUG(10, ("%s is offline\n", path));
1935 TALLOC_FREE(path);
1936 return true;
1937 }
1938 DEBUG(10, ("%s is online\n", path));
1939 TALLOC_FREE(path);
1940 return SMB_VFS_NEXT_IS_OFFLINE(handle, fname, sbuf);
1941 }
1942
1943 static bool vfs_gpfs_aio_force(struct vfs_handle_struct *handle,
1944 struct files_struct *fsp)
1945 {
1946 return vfs_gpfs_is_offline(handle, fsp->fsp_name, &fsp->fsp_name->st);
1947 }
1948
1949 static ssize_t vfs_gpfs_sendfile(vfs_handle_struct *handle, int tofd,
1950 files_struct *fsp, const DATA_BLOB *hdr,
1951 off_t offset, size_t n)
1952 {
1953 if (SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name, &fsp->fsp_name->st))
1954 {
1955 errno = ENOSYS;
1956 return -1;
1957 }
1958 return SMB_VFS_NEXT_SENDFILE(handle, tofd, fsp, hdr, offset, n);
1959 }
1960
1961 static int vfs_gpfs_connect(struct vfs_handle_struct *handle,
1962 const char *service, const char *user)
1963 {
1964 struct gpfs_config_data *config;
1965 int ret;
1966
1967 gpfswrap_lib_init(0);
1968
1969 config = talloc_zero(handle->conn, struct gpfs_config_data);
1970 if (!config) {
1971 DEBUG(0, ("talloc_zero() failed\n"));
1972 errno = ENOMEM;
1973 return -1;
1974 }
1975
1976 ret = SMB_VFS_NEXT_CONNECT(handle, service, user);
1977 if (ret < 0) {
1978 TALLOC_FREE(config);
1979 return ret;
1980 }
1981
1982 config->sharemodes = lp_parm_bool(SNUM(handle->conn), "gpfs",
1983 "sharemodes", true);
1984
1985 config->leases = lp_parm_bool(SNUM(handle->conn), "gpfs",
1986 "leases", true);
1987
1988 config->hsm = lp_parm_bool(SNUM(handle->conn), "gpfs",
1989 "hsm", false);
1990
1991 config->syncio = lp_parm_bool(SNUM(handle->conn), "gpfs",
1992 "syncio", false);
1993
1994 config->winattr = lp_parm_bool(SNUM(handle->conn), "gpfs",
1995 "winattr", false);
1996
1997 config->ftruncate = lp_parm_bool(SNUM(handle->conn), "gpfs",
1998 "ftruncate", true);
1999
2000 config->getrealfilename = lp_parm_bool(SNUM(handle->conn), "gpfs",
2001 "getrealfilename", true);
2002
2003 config->dfreequota = lp_parm_bool(SNUM(handle->conn), "gpfs",
2004 "dfreequota", false);
2005
2006 config->prealloc = lp_parm_bool(SNUM(handle->conn), "gpfs",
2007 "prealloc", true);
2008
2009 config->acl = lp_parm_bool(SNUM(handle->conn), "gpfs", "acl", true);
2010
2011 config->settimes = lp_parm_bool(SNUM(handle->conn), "gpfs",
2012 "settimes", true);
2013 config->recalls = lp_parm_bool(SNUM(handle->conn), "gpfs",
2014 "recalls", true);
2015
2016 SMB_VFS_HANDLE_SET_DATA(handle, config,
2017 NULL, struct gpfs_config_data,
2018 return -1);
2019
2020 if (config->leases) {
2021 /*
2022 * GPFS lease code is based on kernel oplock code
2023 * so make sure it is turned on
2024 */
2025 if (!lp_kernel_oplocks(SNUM(handle->conn))) {
2026 DEBUG(5, ("Enabling kernel oplocks for "
2027 "gpfs:leases to work\n"));
2028 lp_do_parameter(SNUM(handle->conn), "kernel oplocks",
2029 "true");
2030 }
2031
2032 /*
2033 * as the kernel does not properly support Level II oplocks
2034 * and GPFS leases code is based on kernel infrastructure, we
2035 * need to turn off Level II oplocks if gpfs:leases is enabled
2036 */
2037 if (lp_level2_oplocks(SNUM(handle->conn))) {
2038 DEBUG(5, ("gpfs:leases are enabled, disabling "
2039 "Level II oplocks\n"));
2040 lp_do_parameter(SNUM(handle->conn), "level2 oplocks",
2041 "false");
2042 }
2043 }
2044
2045 return 0;
2046 }
2047
2048 static int get_gpfs_quota(const char *pathname, int type, int id,
2049 struct gpfs_quotaInfo *qi)
2050 {
2051 int ret;
2052
2053 ZERO_STRUCTP(qi);
2054 ret = gpfswrap_quotactl(discard_const_p(char, pathname),
2055 GPFS_QCMD(Q_GETQUOTA, type), id, qi);
2056
2057 if (ret) {
2058 if (errno == GPFS_E_NO_QUOTA_INST) {
2059 DEBUG(10, ("Quotas disabled on GPFS filesystem.\n"));
2060 } else if (errno != ENOSYS) {
2061 DEBUG(0, ("Get quota failed, type %d, id, %d, "
2062 "errno %d.\n", type, id, errno));
2063 }
2064
2065 return ret;
2066 }
2067
2068 DEBUG(10, ("quota type %d, id %d, blk u:%lld h:%lld s:%lld gt:%u\n",
2069 type, id, qi->blockUsage, qi->blockHardLimit,
2070 qi->blockSoftLimit, qi->blockGraceTime));
2071
2072 return ret;
2073 }
2074
2075 static void vfs_gpfs_disk_free_quota(struct gpfs_quotaInfo qi, time_t cur_time,
2076 uint64_t *dfree, uint64_t *dsize)
2077 {
2078 uint64_t usage, limit;
2079
2080 /*
2081 * The quota reporting is done in units of 1024 byte blocks, but
2082 * sys_fsusage uses units of 512 byte blocks, adjust the block number
2083 * accordingly. Also filter possibly negative usage counts from gpfs.
2084 */
2085 usage = qi.blockUsage < 0 ? 0 : (uint64_t)qi.blockUsage * 2;
2086 limit = (uint64_t)qi.blockHardLimit * 2;
2087
2088 /*
2089 * When the grace time for the exceeded soft block quota has been
2090 * exceeded, the soft block quota becomes an additional hard limit.
2091 */
2092 if (qi.blockSoftLimit &&
2093 qi.blockGraceTime && cur_time > qi.blockGraceTime) {
2094 /* report disk as full */
2095 *dfree = 0;
2096 *dsize = MIN(*dsize, usage);
2097 }
2098
2099 if (!qi.blockHardLimit)
2100 return;
2101
2102 if (usage >= limit) {
2103 /* report disk as full */
2104 *dfree = 0;
2105 *dsize = MIN(*dsize, usage);
2106
2107 } else {
2108 /* limit has not been reached, determine "free space" */
2109 *dfree = MIN(*dfree, limit - usage);
2110 *dsize = MIN(*dsize, limit);
2111 }
2112 }
2113
2114 static uint64_t vfs_gpfs_disk_free(vfs_handle_struct *handle, const char *path,
2115 uint64_t *bsize,
2116 uint64_t *dfree, uint64_t *dsize)
2117 {
2118 struct security_unix_token *utok;
2119 struct gpfs_quotaInfo qi_user, qi_group;
2120 struct gpfs_config_data *config;
2121 int err;
2122 time_t cur_time;
2123
2124 SMB_VFS_HANDLE_GET_DATA(handle, config, struct gpfs_config_data,
2125 return (uint64_t)-1);
2126 if (!config->dfreequota) {
2127 return SMB_VFS_NEXT_DISK_FREE(handle, path,
2128 bsize, dfree, dsize);
2129 }
2130
2131 err = sys_fsusage(path, dfree, dsize);
2132 if (err) {
2133 DEBUG (0, ("Could not get fs usage, errno %d\n", errno));
2134 return SMB_VFS_NEXT_DISK_FREE(handle, path,
2135 bsize, dfree, dsize);
2136 }
2137
2138 /* sys_fsusage returns units of 512 bytes */
2139 *bsize = 512;
2140
2141 DEBUG(10, ("fs dfree %llu, dsize %llu\n",
2142 (unsigned long long)*dfree, (unsigned long long)*dsize));
2143
2144 utok = handle->conn->session_info->unix_token;
2145
2146 err = get_gpfs_quota(path, GPFS_USRQUOTA, utok->uid, &qi_user);
2147 if (err) {
2148 return SMB_VFS_NEXT_DISK_FREE(handle, path,
2149 bsize, dfree, dsize);
2150 }
2151
2152 err = get_gpfs_quota(path, GPFS_GRPQUOTA, utok->gid, &qi_group);
2153 if (err) {
2154 return SMB_VFS_NEXT_DISK_FREE(handle, path,
2155 bsize, dfree, dsize);
2156 }
2157
2158 cur_time = time(NULL);
2159
2160 /* Adjust free space and size according to quota limits. */
2161 vfs_gpfs_disk_free_quota(qi_user, cur_time, dfree, dsize);
2162 vfs_gpfs_disk_free_quota(qi_group, cur_time, dfree, dsize);
2163
2164 disk_norm(bsize, dfree, dsize);
2165 return *dfree;
2166 }
2167
2168 static uint32_t vfs_gpfs_capabilities(struct vfs_handle_struct *handle,
2169 enum timestamp_set_resolution *p_ts_res)
2170 {
2171 struct gpfs_config_data *config;
2172 uint32_t next;
2173
2174 next = SMB_VFS_NEXT_FS_CAPABILITIES(handle, p_ts_res);
2175
2176 SMB_VFS_HANDLE_GET_DATA(handle, config,
2177 struct gpfs_config_data,
2178 return next);
2179
2180 if (config->hsm) {
2181 next |= FILE_SUPPORTS_REMOTE_STORAGE;
2182 }
2183 return next;
2184 }
2185
2186 static int vfs_gpfs_open(struct vfs_handle_struct *handle,
2187 struct smb_filename *smb_fname, files_struct *fsp,
2188 int flags, mode_t mode)
2189 {
2190 struct gpfs_config_data *config;
2191
2192 SMB_VFS_HANDLE_GET_DATA(handle, config,
2193 struct gpfs_config_data,
2194 return -1);
2195
2196 if (config->hsm && !config->recalls) {
2197 if (SMB_VFS_IS_OFFLINE(handle->conn, smb_fname, &smb_fname->st))
2198 {
2199 DEBUG(10, ("Refusing access to offline file %s\n",
2200 fsp_str_dbg(fsp)));
2201 errno = EACCES;
2202 return -1;
2203 }
2204 }
2205
2206 if (config->syncio) {
2207 flags |= O_SYNC;
2208 }
2209 return SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
2210 }
2211
2212 static ssize_t vfs_gpfs_pread(vfs_handle_struct *handle, files_struct *fsp,
2213 void *data, size_t n, off_t offset)
2214 {
2215 ssize_t ret;
2216 bool was_offline;
2217
2218 was_offline = SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name,
2219 &fsp->fsp_name->st);
2220
2221 ret = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset);
2222
2223 if ((ret != -1) && was_offline) {
2224 notify_fname(handle->conn, NOTIFY_ACTION_MODIFIED,
2225 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2226 fsp->fsp_name->base_name);
2227 }
2228
2229 return ret;
2230 }
2231
2232 struct vfs_gpfs_pread_state {
2233 struct files_struct *fsp;
2234 ssize_t ret;
2235 int err;
2236 bool was_offline;
2237 };
2238
2239 static void vfs_gpfs_pread_done(struct tevent_req *subreq);
2240
2241 static struct tevent_req *vfs_gpfs_pread_send(struct vfs_handle_struct *handle,
2242 TALLOC_CTX *mem_ctx,
2243 struct tevent_context *ev,
2244 struct files_struct *fsp,
2245 void *data, size_t n,
2246 off_t offset)
2247 {
2248 struct tevent_req *req, *subreq;
2249 struct vfs_gpfs_pread_state *state;
2250
2251 req = tevent_req_create(mem_ctx, &state, struct vfs_gpfs_pread_state);
2252 if (req == NULL) {
2253 return NULL;
2254 }
2255 state->was_offline = SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name,
2256 &fsp->fsp_name->st);
2257 state->fsp = fsp;
2258 subreq = SMB_VFS_NEXT_PREAD_SEND(state, ev, handle, fsp, data,
2259 n, offset);
2260 if (tevent_req_nomem(subreq, req)) {
2261 return tevent_req_post(req, ev);
2262 }
2263 tevent_req_set_callback(subreq, vfs_gpfs_pread_done, req);
2264 return req;
2265 }
2266
2267 static void vfs_gpfs_pread_done(struct tevent_req *subreq)
2268 {
2269 struct tevent_req *req = tevent_req_callback_data(
2270 subreq, struct tevent_req);
2271 struct vfs_gpfs_pread_state *state = tevent_req_data(
2272 req, struct vfs_gpfs_pread_state);
2273
2274 state->ret = SMB_VFS_PREAD_RECV(subreq, &state->err);
2275 TALLOC_FREE(subreq);
2276 tevent_req_done(req);
2277 }
2278
2279 static ssize_t vfs_gpfs_pread_recv(struct tevent_req *req, int *err)
2280 {
2281 struct vfs_gpfs_pread_state *state = tevent_req_data(
2282 req, struct vfs_gpfs_pread_state);
2283 struct files_struct *fsp = state->fsp;
2284
2285 if (tevent_req_is_unix_error(req, err)) {
2286 return -1;
2287 }
2288 *err = state->err;
2289
2290 if ((state->ret != -1) && state->was_offline) {
2291 DEBUG(10, ("sending notify\n"));
2292 notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
2293 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2294 fsp->fsp_name->base_name);
2295 }
2296
2297 return state->ret;
2298 }
2299
2300 static ssize_t vfs_gpfs_pwrite(vfs_handle_struct *handle, files_struct *fsp,
2301 const void *data, size_t n, off_t offset)
2302 {
2303 ssize_t ret;
2304 bool was_offline;
2305
2306 was_offline = SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name,
2307 &fsp->fsp_name->st);
2308
2309 ret = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
2310
2311 if ((ret != -1) && was_offline) {
2312 notify_fname(handle->conn, NOTIFY_ACTION_MODIFIED,
2313 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2314 fsp->fsp_name->base_name);
2315 }
2316
2317 return ret;
2318 }
2319
2320 struct vfs_gpfs_pwrite_state {
2321 struct files_struct *fsp;
2322 ssize_t ret;
2323 int err;
2324 bool was_offline;
2325 };
2326
2327 static void vfs_gpfs_pwrite_done(struct tevent_req *subreq);
2328
2329 static struct tevent_req *vfs_gpfs_pwrite_send(
2330 struct vfs_handle_struct *handle,
2331 TALLOC_CTX *mem_ctx,
2332 struct tevent_context *ev,
2333 struct files_struct *fsp,
2334 const void *data, size_t n,
2335 off_t offset)
2336 {
2337 struct tevent_req *req, *subreq;
2338 struct vfs_gpfs_pwrite_state *state;
2339
2340 req = tevent_req_create(mem_ctx, &state, struct vfs_gpfs_pwrite_state);
2341 if (req == NULL) {
2342 return NULL;
2343 }
2344 state->was_offline = SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name,
2345 &fsp->fsp_name->st);
2346 state->fsp = fsp;
2347 subreq = SMB_VFS_NEXT_PWRITE_SEND(state, ev, handle, fsp, data,
2348 n, offset);
2349 if (tevent_req_nomem(subreq, req)) {
2350 return tevent_req_post(req, ev);
2351 }
2352 tevent_req_set_callback(subreq, vfs_gpfs_pwrite_done, req);
2353 return req;
2354 }
2355
2356 static void vfs_gpfs_pwrite_done(struct tevent_req *subreq)
2357 {
2358 struct tevent_req *req = tevent_req_callback_data(
2359 subreq, struct tevent_req);
2360 struct vfs_gpfs_pwrite_state *state = tevent_req_data(
2361 req, struct vfs_gpfs_pwrite_state);
2362
2363 state->ret = SMB_VFS_PWRITE_RECV(subreq, &state->err);
2364 TALLOC_FREE(subreq);
2365 tevent_req_done(req);
2366 }
2367
2368 static ssize_t vfs_gpfs_pwrite_recv(struct tevent_req *req, int *err)
2369 {
2370 struct vfs_gpfs_pwrite_state *state = tevent_req_data(
2371 req, struct vfs_gpfs_pwrite_state);
2372 struct files_struct *fsp = state->fsp;
2373
2374 if (tevent_req_is_unix_error(req, err)) {
2375 return -1;
2376 }
2377 *err = state->err;
2378
2379 if ((state->ret != -1) && state->was_offline) {
2380 DEBUG(10, ("sending notify\n"));
2381 notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
2382 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2383 fsp->fsp_name->base_name);
2384 }
2385
2386 return state->ret;
2387 }
2388
2389
2390 static struct vfs_fn_pointers vfs_gpfs_fns = {
2391 .connect_fn = vfs_gpfs_connect,
2392 .disk_free_fn = vfs_gpfs_disk_free,
2393 .fs_capabilities_fn = vfs_gpfs_capabilities,
2394 .kernel_flock_fn = vfs_gpfs_kernel_flock,
2395 .linux_setlease_fn = vfs_gpfs_setlease,
2396 .get_real_filename_fn = vfs_gpfs_get_real_filename,
2397 .fget_nt_acl_fn = gpfsacl_fget_nt_acl,
2398 .get_nt_acl_fn = gpfsacl_get_nt_acl,
2399 .fset_nt_acl_fn = gpfsacl_fset_nt_acl,
2400 .sys_acl_get_file_fn = gpfsacl_sys_acl_get_file,
2401 .sys_acl_get_fd_fn = gpfsacl_sys_acl_get_fd,
2402 .sys_acl_blob_get_file_fn = gpfsacl_sys_acl_blob_get_file,
2403 .sys_acl_blob_get_fd_fn = gpfsacl_sys_acl_blob_get_fd,
2404 .sys_acl_set_file_fn = gpfsacl_sys_acl_set_file,
2405 .sys_acl_set_fd_fn = gpfsacl_sys_acl_set_fd,
2406 .sys_acl_delete_def_file_fn = gpfsacl_sys_acl_delete_def_file,
2407 .chmod_fn = vfs_gpfs_chmod,
2408 .fchmod_fn = vfs_gpfs_fchmod,
2409 .close_fn = vfs_gpfs_close,
2410 .setxattr_fn = gpfs_set_xattr,
2411 .getxattr_fn = gpfs_get_xattr,
2412 .stat_fn = vfs_gpfs_stat,
2413 .fstat_fn = vfs_gpfs_fstat,
2414 .lstat_fn = vfs_gpfs_lstat,
2415 .ntimes_fn = vfs_gpfs_ntimes,
2416 .is_offline_fn = vfs_gpfs_is_offline,
2417 .aio_force_fn = vfs_gpfs_aio_force,
2418 .sendfile_fn = vfs_gpfs_sendfile,
2419 .fallocate_fn = vfs_gpfs_fallocate,
2420 .open_fn = vfs_gpfs_open,
2421 .pread_fn = vfs_gpfs_pread,
2422 .pread_send_fn = vfs_gpfs_pread_send,
2423 .pread_recv_fn = vfs_gpfs_pread_recv,
2424 .pwrite_fn = vfs_gpfs_pwrite,
2425 .pwrite_send_fn = vfs_gpfs_pwrite_send,
2426 .pwrite_recv_fn = vfs_gpfs_pwrite_recv,
2427 .ftruncate_fn = vfs_gpfs_ftruncate
2428 };
2429
2430 NTSTATUS vfs_gpfs_init(void);
2431 NTSTATUS vfs_gpfs_init(void)
2432 {
2433 int ret;
2434
2435 ret = gpfswrap_init();
2436 if (ret != 0) {
2437 DEBUG(1, ("Could not initialize GPFS library wrapper\n"));
2438 }
2439
2440 return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "gpfs",
2441 &vfs_gpfs_fns);
2442 }
Samba GIT mirror