search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix bug #6154 - zfs does not honor admin users.
[Samba.git] / source / smbd / dosmode.c
blob69100bf25ffe10cd4f330b94965733bc68cf8b42
1 /*
2 Unix SMB/CIFS implementation.
3 dos mode handling functions
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) James Peach 2006
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22
23 static int set_sparse_flag(const SMB_STRUCT_STAT * const sbuf)
24 {
25 #if defined (HAVE_STAT_ST_BLOCKS) && defined(STAT_ST_BLOCKSIZE)
26 if (sbuf->st_size > sbuf->st_blocks * (SMB_OFF_T)STAT_ST_BLOCKSIZE) {
27 return FILE_ATTRIBUTE_SPARSE;
28 }
29 #endif
30 return 0;
31 }
32
33 /****************************************************************************
34 Change a dos mode to a unix mode.
35 Base permission for files:
36 if creating file and inheriting (i.e. parent_dir != NULL)
37 apply read/write bits from parent directory.
38 else
39 everybody gets read bit set
40 dos readonly is represented in unix by removing everyone's write bit
41 dos archive is represented in unix by the user's execute bit
42 dos system is represented in unix by the group's execute bit
43 dos hidden is represented in unix by the other's execute bit
44 if !inheriting {
45 Then apply create mask,
46 then add force bits.
47 }
48 Base permission for directories:
49 dos directory is represented in unix by unix's dir bit and the exec bit
50 if !inheriting {
51 Then apply create mask,
52 then add force bits.
53 }
54 ****************************************************************************/
55
56 mode_t unix_mode(connection_struct *conn, int dosmode, const char *fname,
57 const char *inherit_from_dir)
58 {
59 mode_t result = (S_IRUSR | S_IRGRP | S_IROTH | S_IWUSR | S_IWGRP | S_IWOTH);
60 mode_t dir_mode = 0; /* Mode of the inherit_from directory if
61 * inheriting. */
62
63 if (!lp_store_dos_attributes(SNUM(conn)) && IS_DOS_READONLY(dosmode)) {
64 result &= ~(S_IWUSR | S_IWGRP | S_IWOTH);
65 }
66
67 if (fname && (inherit_from_dir != NULL)
68 && lp_inherit_perms(SNUM(conn))) {
69 SMB_STRUCT_STAT sbuf;
70
71 DEBUG(2, ("unix_mode(%s) inheriting from %s\n", fname,
72 inherit_from_dir));
73 if (SMB_VFS_STAT(conn, inherit_from_dir, &sbuf) != 0) {
74 DEBUG(4,("unix_mode(%s) failed, [dir %s]: %s\n", fname,
75 inherit_from_dir, strerror(errno)));
76 return(0); /* *** shouldn't happen! *** */
77 }
78
79 /* Save for later - but explicitly remove setuid bit for safety. */
80 dir_mode = sbuf.st_mode & ~S_ISUID;
81 DEBUG(2,("unix_mode(%s) inherit mode %o\n",fname,(int)dir_mode));
82 /* Clear "result" */
83 result = 0;
84 }
85
86 if (IS_DOS_DIR(dosmode)) {
87 /* We never make directories read only for the owner as under DOS a user
88 can always create a file in a read-only directory. */
89 result |= (S_IFDIR | S_IWUSR);
90
91 if (dir_mode) {
92 /* Inherit mode of parent directory. */
93 result |= dir_mode;
94 } else {
95 /* Provisionally add all 'x' bits */
96 result |= (S_IXUSR | S_IXGRP | S_IXOTH);
97
98 /* Apply directory mask */
99 result &= lp_dir_mask(SNUM(conn));
100 /* Add in force bits */
101 result |= lp_force_dir_mode(SNUM(conn));
102 }
103 } else {
104 if (lp_map_archive(SNUM(conn)) && IS_DOS_ARCHIVE(dosmode))
105 result |= S_IXUSR;
106
107 if (lp_map_system(SNUM(conn)) && IS_DOS_SYSTEM(dosmode))
108 result |= S_IXGRP;
109
110 if (lp_map_hidden(SNUM(conn)) && IS_DOS_HIDDEN(dosmode))
111 result |= S_IXOTH;
112
113 if (dir_mode) {
114 /* Inherit 666 component of parent directory mode */
115 result |= dir_mode & (S_IRUSR | S_IRGRP | S_IROTH | S_IWUSR | S_IWGRP | S_IWOTH);
116 } else {
117 /* Apply mode mask */
118 result &= lp_create_mask(SNUM(conn));
119 /* Add in force bits */
120 result |= lp_force_create_mode(SNUM(conn));
121 }
122 }
123
124 DEBUG(3,("unix_mode(%s) returning 0%o\n",fname,(int)result ));
125 return(result);
126 }
127
128 /****************************************************************************
129 Change a unix mode to a dos mode.
130 ****************************************************************************/
131
132 static uint32 dos_mode_from_sbuf(connection_struct *conn, const char *path, SMB_STRUCT_STAT *sbuf)
133 {
134 int result = 0;
135 enum mapreadonly_options ro_opts = (enum mapreadonly_options)lp_map_readonly(SNUM(conn));
136
137 if (ro_opts == MAP_READONLY_YES) {
138 /* Original Samba method - map inverse of user "w" bit. */
139 if ((sbuf->st_mode & S_IWUSR) == 0) {
140 result |= aRONLY;
141 }
142 } else if (ro_opts == MAP_READONLY_PERMISSIONS) {
143 /* Check actual permissions for read-only. */
144 if (!can_write_to_file(conn, path, sbuf)) {
145 result |= aRONLY;
146 }
147 } /* Else never set the readonly bit. */
148
149 if (MAP_ARCHIVE(conn) && ((sbuf->st_mode & S_IXUSR) != 0))
150 result |= aARCH;
151
152 if (MAP_SYSTEM(conn) && ((sbuf->st_mode & S_IXGRP) != 0))
153 result |= aSYSTEM;
154
155 if (MAP_HIDDEN(conn) && ((sbuf->st_mode & S_IXOTH) != 0))
156 result |= aHIDDEN;
157
158 if (S_ISDIR(sbuf->st_mode))
159 result = aDIR | (result & aRONLY);
160
161 result |= set_sparse_flag(sbuf);
162
163 #ifdef S_ISLNK
164 #if LINKS_READ_ONLY
165 if (S_ISLNK(sbuf->st_mode) && S_ISDIR(sbuf->st_mode))
166 result |= aRONLY;
167 #endif
168 #endif
169
170 DEBUG(8,("dos_mode_from_sbuf returning "));
171
172 if (result & aHIDDEN) DEBUG(8, ("h"));
173 if (result & aRONLY ) DEBUG(8, ("r"));
174 if (result & aSYSTEM) DEBUG(8, ("s"));
175 if (result & aDIR ) DEBUG(8, ("d"));
176 if (result & aARCH ) DEBUG(8, ("a"));
177
178 DEBUG(8,("\n"));
179 return result;
180 }
181
182 /****************************************************************************
183 Get DOS attributes from an EA.
184 ****************************************************************************/
185
186 static bool get_ea_dos_attribute(connection_struct *conn, const char *path,SMB_STRUCT_STAT *sbuf, uint32 *pattr)
187 {
188 ssize_t sizeret;
189 fstring attrstr;
190 unsigned int dosattr;
191
192 if (!lp_store_dos_attributes(SNUM(conn))) {
193 return False;
194 }
195
196 /* Don't reset pattr to zero as we may already have filename-based attributes we
197 need to preserve. */
198
199 sizeret = SMB_VFS_GETXATTR(conn, path, SAMBA_XATTR_DOS_ATTRIB, attrstr, sizeof(attrstr));
200 if (sizeret == -1) {
201 if (errno == ENOSYS
202 #if defined(ENOTSUP)
203 || errno == ENOTSUP) {
204 #else
205 ) {
206 #endif
207 DEBUG(1,("get_ea_dos_attributes: Cannot get attribute from EA on file %s: Error = %s\n",
208 path, strerror(errno) ));
209 set_store_dos_attributes(SNUM(conn), False);
210 }
211 return False;
212 }
213 /* Null terminate string. */
214 attrstr[sizeret] = 0;
215 DEBUG(10,("get_ea_dos_attribute: %s attrstr = %s\n", path, attrstr));
216
217 if (sizeret < 2 || attrstr[0] != '0' || attrstr[1] != 'x' ||
218 sscanf(attrstr, "%x", &dosattr) != 1) {
219 DEBUG(1,("get_ea_dos_attributes: Badly formed DOSATTRIB on file %s - %s\n", path, attrstr));
220 return False;
221 }
222
223 if (S_ISDIR(sbuf->st_mode)) {
224 dosattr |= aDIR;
225 }
226 *pattr = (uint32)(dosattr & SAMBA_ATTRIBUTES_MASK);
227
228 DEBUG(8,("get_ea_dos_attribute returning (0x%x)", dosattr));
229
230 if (dosattr & aHIDDEN) DEBUG(8, ("h"));
231 if (dosattr & aRONLY ) DEBUG(8, ("r"));
232 if (dosattr & aSYSTEM) DEBUG(8, ("s"));
233 if (dosattr & aDIR ) DEBUG(8, ("d"));
234 if (dosattr & aARCH ) DEBUG(8, ("a"));
235
236 DEBUG(8,("\n"));
237
238 return True;
239 }
240
241 /****************************************************************************
242 Set DOS attributes in an EA.
243 ****************************************************************************/
244
245 static bool set_ea_dos_attribute(connection_struct *conn, const char *path, SMB_STRUCT_STAT *sbuf, uint32 dosmode)
246 {
247 fstring attrstr;
248 files_struct *fsp = NULL;
249 bool ret = False;
250
251 if (!lp_store_dos_attributes(SNUM(conn))) {
252 return False;
253 }
254
255 snprintf(attrstr, sizeof(attrstr)-1, "0x%x", dosmode & SAMBA_ATTRIBUTES_MASK);
256 if (SMB_VFS_SETXATTR(conn, path, SAMBA_XATTR_DOS_ATTRIB, attrstr, strlen(attrstr), 0) == -1) {
257 if((errno != EPERM) && (errno != EACCES)) {
258 if (errno == ENOSYS
259 #if defined(ENOTSUP)
260 || errno == ENOTSUP) {
261 #else
262 ) {
263 #endif
264 DEBUG(1,("set_ea_dos_attributes: Cannot set attribute EA on file %s: Error = %s\n",
265 path, strerror(errno) ));
266 set_store_dos_attributes(SNUM(conn), False);
267 }
268 return False;
269 }
270
271 /* We want DOS semantics, ie allow non owner with write permission to change the
272 bits on a file. Just like file_ntimes below.
273 */
274
275 /* Check if we have write access. */
276 if(!CAN_WRITE(conn) || !lp_dos_filemode(SNUM(conn)))
277 return False;
278
279 /*
280 * We need to open the file with write access whilst
281 * still in our current user context. This ensures we
282 * are not violating security in doing the setxattr.
283 */
284
285 if (!NT_STATUS_IS_OK(open_file_fchmod(conn,path,sbuf,&fsp)))
286 return ret;
287 become_root();
288 if (SMB_VFS_SETXATTR(conn, path, SAMBA_XATTR_DOS_ATTRIB, attrstr, strlen(attrstr), 0) == 0) {
289 ret = True;
290 }
291 unbecome_root();
292 close_file_fchmod(fsp);
293 return ret;
294 }
295 DEBUG(10,("set_ea_dos_attribute: set EA %s on file %s\n", attrstr, path));
296 return True;
297 }
298
299 /****************************************************************************
300 Change a unix mode to a dos mode for an ms dfs link.
301 ****************************************************************************/
302
303 uint32 dos_mode_msdfs(connection_struct *conn, const char *path,SMB_STRUCT_STAT *sbuf)
304 {
305 uint32 result = 0;
306
307 DEBUG(8,("dos_mode_msdfs: %s\n", path));
308
309 if (!VALID_STAT(*sbuf)) {
310 return 0;
311 }
312
313 /* First do any modifications that depend on the path name. */
314 /* hide files with a name starting with a . */
315 if (lp_hide_dot_files(SNUM(conn))) {
316 const char *p = strrchr_m(path,'/');
317 if (p) {
318 p++;
319 } else {
320 p = path;
321 }
322
323 if (p[0] == '.' && p[1] != '.' && p[1] != 0) {
324 result |= aHIDDEN;
325 }
326 }
327
328 result |= dos_mode_from_sbuf(conn, path, sbuf);
329
330 /* Optimization : Only call is_hidden_path if it's not already
331 hidden. */
332 if (!(result & aHIDDEN) && IS_HIDDEN_PATH(conn,path)) {
333 result |= aHIDDEN;
334 }
335
336 DEBUG(8,("dos_mode_msdfs returning "));
337
338 if (result & aHIDDEN) DEBUG(8, ("h"));
339 if (result & aRONLY ) DEBUG(8, ("r"));
340 if (result & aSYSTEM) DEBUG(8, ("s"));
341 if (result & aDIR ) DEBUG(8, ("d"));
342 if (result & aARCH ) DEBUG(8, ("a"));
343 if (result & FILE_ATTRIBUTE_SPARSE ) DEBUG(8, ("[sparse]"));
344
345 DEBUG(8,("\n"));
346
347 return(result);
348 }
349
350 /****************************************************************************
351 Change a unix mode to a dos mode.
352 ****************************************************************************/
353
354 uint32 dos_mode(connection_struct *conn, const char *path,SMB_STRUCT_STAT *sbuf)
355 {
356 uint32 result = 0;
357 bool offline;
358
359 DEBUG(8,("dos_mode: %s\n", path));
360
361 if (!VALID_STAT(*sbuf)) {
362 return 0;
363 }
364
365 /* First do any modifications that depend on the path name. */
366 /* hide files with a name starting with a . */
367 if (lp_hide_dot_files(SNUM(conn))) {
368 const char *p = strrchr_m(path,'/');
369 if (p) {
370 p++;
371 } else {
372 p = path;
373 }
374
375 if (p[0] == '.' && p[1] != '.' && p[1] != 0) {
376 result |= aHIDDEN;
377 }
378 }
379
380 /* Get the DOS attributes from an EA by preference. */
381 if (get_ea_dos_attribute(conn, path, sbuf, &result)) {
382 result |= set_sparse_flag(sbuf);
383 } else {
384 result |= dos_mode_from_sbuf(conn, path, sbuf);
385 }
386
387
388 offline = SMB_VFS_IS_OFFLINE(conn, path, sbuf);
389 if (S_ISREG(sbuf->st_mode) && offline) {
390 result |= FILE_ATTRIBUTE_OFFLINE;
391 }
392
393 /* Optimization : Only call is_hidden_path if it's not already
394 hidden. */
395 if (!(result & aHIDDEN) && IS_HIDDEN_PATH(conn,path)) {
396 result |= aHIDDEN;
397 }
398
399 DEBUG(8,("dos_mode returning "));
400
401 if (result & aHIDDEN) DEBUG(8, ("h"));
402 if (result & aRONLY ) DEBUG(8, ("r"));
403 if (result & aSYSTEM) DEBUG(8, ("s"));
404 if (result & aDIR ) DEBUG(8, ("d"));
405 if (result & aARCH ) DEBUG(8, ("a"));
406 if (result & FILE_ATTRIBUTE_SPARSE ) DEBUG(8, ("[sparse]"));
407
408 DEBUG(8,("\n"));
409
410 return(result);
411 }
412
413 /*******************************************************************
414 chmod a file - but preserve some bits.
415 ********************************************************************/
416
417 int file_set_dosmode(connection_struct *conn, const char *fname,
418 uint32 dosmode, SMB_STRUCT_STAT *st,
419 const char *parent_dir,
420 bool newfile)
421 {
422 SMB_STRUCT_STAT st1;
423 int mask=0;
424 mode_t tmp;
425 mode_t unixmode;
426 int ret = -1, lret = -1;
427 uint32_t old_mode;
428
429 /* We only allow READONLY|HIDDEN|SYSTEM|DIRECTORY|ARCHIVE here. */
430 dosmode &= (SAMBA_ATTRIBUTES_MASK | FILE_ATTRIBUTE_OFFLINE);
431
432 DEBUG(10,("file_set_dosmode: setting dos mode 0x%x on file %s\n", dosmode, fname));
433
434 if (st == NULL) {
435 SET_STAT_INVALID(st1);
436 st = &st1;
437 }
438
439 if (!VALID_STAT(*st)) {
440 if (SMB_VFS_STAT(conn,fname,st))
441 return(-1);
442 }
443
444 unixmode = st->st_mode;
445
446 get_acl_group_bits(conn, fname, &st->st_mode);
447
448 if (S_ISDIR(st->st_mode))
449 dosmode |= aDIR;
450 else
451 dosmode &= ~aDIR;
452
453 old_mode = dos_mode(conn,fname,st);
454
455 if (dosmode & FILE_ATTRIBUTE_OFFLINE) {
456 if (!(old_mode & FILE_ATTRIBUTE_OFFLINE)) {
457 lret = SMB_VFS_SET_OFFLINE(conn, fname);
458 if (lret == -1) {
459 DEBUG(0, ("set_dos_mode: client has asked to set "
460 "FILE_ATTRIBUTE_OFFLINE to %s/%s but there was "
461 "an error while setting it or it is not supported.\n",
462 parent_dir, fname));
463 }
464 }
465 }
466
467 dosmode &= ~FILE_ATTRIBUTE_OFFLINE;
468 old_mode &= ~FILE_ATTRIBUTE_OFFLINE;
469
470 if (old_mode == dosmode) {
471 st->st_mode = unixmode;
472 return(0);
473 }
474
475 /* Store the DOS attributes in an EA by preference. */
476 if (set_ea_dos_attribute(conn, fname, st, dosmode)) {
477 if (!newfile) {
478 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
479 FILE_NOTIFY_CHANGE_ATTRIBUTES, fname);
480 }
481 st->st_mode = unixmode;
482 return 0;
483 }
484
485 unixmode = unix_mode(conn,dosmode,fname, parent_dir);
486
487 /* preserve the s bits */
488 mask |= (S_ISUID | S_ISGID);
489
490 /* preserve the t bit */
491 #ifdef S_ISVTX
492 mask |= S_ISVTX;
493 #endif
494
495 /* possibly preserve the x bits */
496 if (!MAP_ARCHIVE(conn))
497 mask |= S_IXUSR;
498 if (!MAP_SYSTEM(conn))
499 mask |= S_IXGRP;
500 if (!MAP_HIDDEN(conn))
501 mask |= S_IXOTH;
502
503 unixmode |= (st->st_mode & mask);
504
505 /* if we previously had any r bits set then leave them alone */
506 if ((tmp = st->st_mode & (S_IRUSR|S_IRGRP|S_IROTH))) {
507 unixmode &= ~(S_IRUSR|S_IRGRP|S_IROTH);
508 unixmode |= tmp;
509 }
510
511 /* if we previously had any w bits set then leave them alone
512 whilst adding in the new w bits, if the new mode is not rdonly */
513 if (!IS_DOS_READONLY(dosmode)) {
514 unixmode |= (st->st_mode & (S_IWUSR|S_IWGRP|S_IWOTH));
515 }
516
517 ret = SMB_VFS_CHMOD(conn, fname, unixmode);
518 if (ret == 0) {
519 if(!newfile || (lret != -1)) {
520 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
521 FILE_NOTIFY_CHANGE_ATTRIBUTES, fname);
522 }
523 st->st_mode = unixmode;
524 return 0;
525 }
526
527 if((errno != EPERM) && (errno != EACCES))
528 return -1;
529
530 if(!lp_dos_filemode(SNUM(conn)))
531 return -1;
532
533 /* We want DOS semantics, ie allow non owner with write permission to change the
534 bits on a file. Just like file_ntimes below.
535 */
536
537 /* Check if we have write access. */
538 if (CAN_WRITE(conn)) {
539 /*
540 * We need to open the file with write access whilst
541 * still in our current user context. This ensures we
542 * are not violating security in doing the fchmod.
543 * This file open does *not* break any oplocks we are
544 * holding. We need to review this.... may need to
545 * break batch oplocks open by others. JRA.
546 */
547 files_struct *fsp;
548 if (!NT_STATUS_IS_OK(open_file_fchmod(conn,fname,st,&fsp)))
549 return -1;
550 become_root();
551 ret = SMB_VFS_FCHMOD(fsp, unixmode);
552 unbecome_root();
553 close_file_fchmod(fsp);
554 if (!newfile) {
555 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
556 FILE_NOTIFY_CHANGE_ATTRIBUTES, fname);
557 }
558 if (ret == 0) {
559 st->st_mode = unixmode;
560 }
561 }
562
563 return( ret );
564 }
565
566 /*******************************************************************
567 Wrapper around the VFS ntimes that possibly allows DOS semantics rather
568 than POSIX.
569 *******************************************************************/
570
571 int file_ntimes(connection_struct *conn, const char *fname, const struct timespec ts[2])
572 {
573 SMB_STRUCT_STAT sbuf;
574 int ret = -1;
575
576 errno = 0;
577 ZERO_STRUCT(sbuf);
578
579 DEBUG(6, ("file_ntime: actime: %s",
580 time_to_asc(convert_timespec_to_time_t(ts[0]))));
581 DEBUG(6, ("file_ntime: modtime: %s",
582 time_to_asc(convert_timespec_to_time_t(ts[1]))));
583
584 /* Don't update the time on read-only shares */
585 /* We need this as set_filetime (which can be called on
586 close and other paths) can end up calling this function
587 without the NEED_WRITE protection. Found by :
588 Leo Weppelman <leo@wau.mis.ah.nl>
589 */
590
591 if (!CAN_WRITE(conn)) {
592 return 0;
593 }
594
595 if(SMB_VFS_NTIMES(conn, fname, ts) == 0) {
596 return 0;
597 }
598
599 if((errno != EPERM) && (errno != EACCES)) {
600 return -1;
601 }
602
603 if(!lp_dos_filetimes(SNUM(conn))) {
604 return -1;
605 }
606
607 /* We have permission (given by the Samba admin) to
608 break POSIX semantics and allow a user to change
609 the time on a file they don't own but can write to
610 (as DOS does).
611 */
612
613 /* Check if we have write access. */
614 if (can_write_to_file(conn, fname, &sbuf)) {
615 /* We are allowed to become root and change the filetime. */
616 become_root();
617 ret = SMB_VFS_NTIMES(conn, fname, ts);
618 unbecome_root();
619 }
620
621 return ret;
622 }
623
624 /******************************************************************
625 Force a "sticky" write time on a pathname. This will always be
626 returned on all future write time queries and set on close.
627 ******************************************************************/
628
629 bool set_sticky_write_time_path(connection_struct *conn, const char *fname,
630 struct file_id fileid, const struct timespec mtime)
631 {
632 if (null_timespec(mtime)) {
633 return true;
634 }
635
636 if (!set_sticky_write_time(fileid, mtime)) {
637 return false;
638 }
639
640 return true;
641 }
642
643 /******************************************************************
644 Force a "sticky" write time on an fsp. This will always be
645 returned on all future write time queries and set on close.
646 ******************************************************************/
647
648 bool set_sticky_write_time_fsp(struct files_struct *fsp, const struct timespec mtime)
649 {
650 fsp->write_time_forced = true;
651 TALLOC_FREE(fsp->update_write_time_event);
652
653 return set_sticky_write_time_path(fsp->conn, fsp->fsp_name,
654 fsp->file_id, mtime);
655 }
656
657 /******************************************************************
658 Update a write time immediately, without the 2 second delay.
659 ******************************************************************/
660
661 bool update_write_time(struct files_struct *fsp)
662 {
663 if (!set_write_time(fsp->file_id, timespec_current())) {
664 return false;
665 }
666
667 notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
668 FILE_NOTIFY_CHANGE_LAST_WRITE, fsp->fsp_name);
669
670 return true;
671 }
Samba GIT mirror