search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
smbd: reject FILE_ATTRIBUTE_TEMPORARY on directories
[Samba.git] / source3 / modules / vfs_gpfs.c
blob779627f8115e8117f99af593c81dcbb19c36e528
1 /*
2 * Unix SMB/CIFS implementation.
3 * Samba VFS module for GPFS filesystem
4 * Copyright (C) Christian Ambach <cambach1@de.ibm.com> 2006
5 * Copyright (C) Christof Schmitt 2015
6 * Major code contributions by Chetan Shringarpure <chetan.sh@in.ibm.com>
7 * and Gomati Mohanan <gomati.mohanan@in.ibm.com>
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 3 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24 #include "smbd/smbd.h"
25 #include "include/smbprofile.h"
26 #include "modules/non_posix_acls.h"
27 #include "libcli/security/security.h"
28 #include "nfs4_acls.h"
29 #include "system/filesys.h"
30 #include "auth.h"
31 #include "lib/util/tevent_unix.h"
32 #include "lib/util/gpfswrap.h"
33
34 #include <gnutls/gnutls.h>
35 #include <gnutls/crypto.h>
36 #include "lib/crypto/gnutls_helpers.h"
37
38 #undef DBGC_CLASS
39 #define DBGC_CLASS DBGC_VFS
40
41 #ifndef GPFS_GETACL_NATIVE
42 #define GPFS_GETACL_NATIVE 0x00000004
43 #endif
44
45 struct gpfs_config_data {
46 struct smbacl4_vfs_params nfs4_params;
47 bool sharemodes;
48 bool leases;
49 bool hsm;
50 bool syncio;
51 bool winattr;
52 bool ftruncate;
53 bool getrealfilename;
54 bool dfreequota;
55 bool acl;
56 bool settimes;
57 bool recalls;
58 struct {
59 bool gpfs_fstat_x;
60 } pathref_ok;
61 };
62
63 struct gpfs_fsp_extension {
64 bool offline;
65 };
66
67 static inline unsigned int gpfs_acl_flags(gpfs_acl_t *gacl)
68 {
69 if (gacl->acl_level == GPFS_ACL_LEVEL_V4FLAGS) {
70 return gacl->v4Level1.acl_flags;
71 }
72 return 0;
73 }
74
75 static inline gpfs_ace_v4_t *gpfs_ace_ptr(gpfs_acl_t *gacl, unsigned int i)
76 {
77 if (gacl->acl_level == GPFS_ACL_LEVEL_V4FLAGS) {
78 return &gacl->v4Level1.ace_v4[i];
79 }
80 return &gacl->ace_v4[i];
81 }
82
83 static unsigned int vfs_gpfs_access_mask_to_allow(uint32_t access_mask)
84 {
85 unsigned int allow = GPFS_SHARE_NONE;
86
87 if (access_mask & (FILE_WRITE_DATA|FILE_APPEND_DATA)) {
88 allow |= GPFS_SHARE_WRITE;
89 }
90 if (access_mask & (FILE_READ_DATA|FILE_EXECUTE)) {
91 allow |= GPFS_SHARE_READ;
92 }
93
94 return allow;
95 }
96
97 static unsigned int vfs_gpfs_share_access_to_deny(uint32_t share_access)
98 {
99 unsigned int deny = GPFS_DENY_NONE;
100
101 if (!(share_access & FILE_SHARE_WRITE)) {
102 deny |= GPFS_DENY_WRITE;
103 }
104 if (!(share_access & FILE_SHARE_READ)) {
105 deny |= GPFS_DENY_READ;
106 }
107
108 /*
109 * GPFS_DENY_DELETE can only be set together with either
110 * GPFS_DENY_WRITE or GPFS_DENY_READ.
111 */
112 if ((deny & (GPFS_DENY_WRITE|GPFS_DENY_READ)) &&
113 !(share_access & FILE_SHARE_DELETE)) {
114 deny |= GPFS_DENY_DELETE;
115 }
116
117 return deny;
118 }
119
120 static int set_gpfs_sharemode(files_struct *fsp, uint32_t access_mask,
121 uint32_t share_access)
122 {
123 unsigned int allow = GPFS_SHARE_NONE;
124 unsigned int deny = GPFS_DENY_NONE;
125 int result;
126
127 if (access_mask == 0) {
128 DBG_DEBUG("Clearing file system share mode.\n");
129 } else {
130 allow = vfs_gpfs_access_mask_to_allow(access_mask);
131 deny = vfs_gpfs_share_access_to_deny(share_access);
132 }
133 DBG_DEBUG("access_mask=0x%x, allow=0x%x, share_access=0x%x, "
134 "deny=0x%x\n", access_mask, allow, share_access, deny);
135
136 result = gpfswrap_set_share(fsp_get_io_fd(fsp), allow, deny);
137 if (result == 0) {
138 return 0;
139 }
140
141 if (errno == EACCES) {
142 DBG_NOTICE("GPFS share mode denied for %s/%s.\n",
143 fsp->conn->connectpath,
144 fsp->fsp_name->base_name);
145 } else if (errno == EPERM) {
146 DBG_ERR("Samba requested GPFS sharemode for %s/%s, but the "
147 "GPFS file system is not configured accordingly. "
148 "Configure file system with mmchfs -D nfs4 or "
149 "set gpfs:sharemodes=no in Samba.\n",
150 fsp->conn->connectpath,
151 fsp->fsp_name->base_name);
152 } else {
153 DBG_ERR("gpfs_set_share failed: %s\n", strerror(errno));
154 }
155
156 return result;
157 }
158
159 static int vfs_gpfs_filesystem_sharemode(vfs_handle_struct *handle,
160 files_struct *fsp,
161 uint32_t share_access,
162 uint32_t access_mask)
163 {
164
165 struct gpfs_config_data *config;
166 int ret = 0;
167
168 SMB_VFS_HANDLE_GET_DATA(handle, config,
169 struct gpfs_config_data,
170 return -1);
171
172 if(!config->sharemodes) {
173 return 0;
174 }
175
176 /*
177 * A named stream fsp will have the basefile open in the fsp
178 * fd, so lacking a distinct fd for the stream we have to skip
179 * set_gpfs_sharemode for stream.
180 */
181 if (fsp_is_alternate_stream(fsp)) {
182 DBG_NOTICE("Not requesting GPFS sharemode on stream: %s/%s\n",
183 fsp->conn->connectpath,
184 fsp_str_dbg(fsp));
185 return 0;
186 }
187
188 ret = set_gpfs_sharemode(fsp, access_mask, share_access);
189
190 return ret;
191 }
192
193 static int vfs_gpfs_close(vfs_handle_struct *handle, files_struct *fsp)
194 {
195
196 struct gpfs_config_data *config;
197
198 SMB_VFS_HANDLE_GET_DATA(handle, config,
199 struct gpfs_config_data,
200 return -1);
201
202 if (config->sharemodes &&
203 (fsp->fsp_flags.kernel_share_modes_taken))
204 {
205 /*
206 * Always clear GPFS sharemode in case the actual
207 * close gets deferred due to outstanding POSIX locks
208 * (see fd_close_posix)
209 */
210 int ret = gpfswrap_set_share(fsp_get_io_fd(fsp), 0, 0);
211 if (ret != 0) {
212 DBG_ERR("Clearing GPFS sharemode on close failed for "
213 " %s/%s: %s\n",
214 fsp->conn->connectpath,
215 fsp->fsp_name->base_name,
216 strerror(errno));
217 }
218 }
219
220 return SMB_VFS_NEXT_CLOSE(handle, fsp);
221 }
222
223 #ifdef HAVE_KERNEL_OPLOCKS_LINUX
224 static int lease_type_to_gpfs(int leasetype)
225 {
226 if (leasetype == F_RDLCK) {
227 return GPFS_LEASE_READ;
228 }
229
230 if (leasetype == F_WRLCK) {
231 return GPFS_LEASE_WRITE;
232 }
233
234 return GPFS_LEASE_NONE;
235 }
236
237 static int vfs_gpfs_setlease(vfs_handle_struct *handle,
238 files_struct *fsp,
239 int leasetype)
240 {
241 struct gpfs_config_data *config;
242 int ret=0;
243
244 START_PROFILE(syscall_linux_setlease);
245
246 SMB_VFS_HANDLE_GET_DATA(handle, config,
247 struct gpfs_config_data,
248 return -1);
249
250 ret = linux_set_lease_sighandler(fsp_get_io_fd(fsp));
251 if (ret == -1) {
252 goto failure;
253 }
254
255 if (config->leases) {
256 int gpfs_lease_type = lease_type_to_gpfs(leasetype);
257 int saved_errno = 0;
258
259 /*
260 * Ensure the lease owner is root to allow
261 * correct delivery of lease-break signals.
262 */
263 become_root();
264 ret = gpfswrap_set_lease(fsp_get_io_fd(fsp), gpfs_lease_type);
265 if (ret < 0) {
266 saved_errno = errno;
267 }
268 unbecome_root();
269
270 if (saved_errno != 0) {
271 errno = saved_errno;
272 }
273 }
274
275 failure:
276 END_PROFILE(syscall_linux_setlease);
277
278 return ret;
279 }
280
281 #else /* HAVE_KERNEL_OPLOCKS_LINUX */
282
283 static int vfs_gpfs_setlease(vfs_handle_struct *handle,
284 files_struct *fsp,
285 int leasetype)
286 {
287 return ENOSYS;
288 }
289 #endif /* HAVE_KERNEL_OPLOCKS_LINUX */
290
291 static NTSTATUS vfs_gpfs_get_real_filename_at(struct vfs_handle_struct *handle,
292 struct files_struct *dirfsp,
293 const char *name,
294 TALLOC_CTX *mem_ctx,
295 char **found_name)
296 {
297 int result;
298 char *full_path = NULL;
299 char *to_free = NULL;
300 char real_pathname[PATH_MAX+1], tmpbuf[PATH_MAX];
301 size_t full_path_len;
302 int buflen;
303 bool mangled;
304 struct gpfs_config_data *config;
305
306 SMB_VFS_HANDLE_GET_DATA(handle, config,
307 struct gpfs_config_data,
308 return NT_STATUS_INTERNAL_ERROR);
309
310 if (!config->getrealfilename) {
311 return SMB_VFS_NEXT_GET_REAL_FILENAME_AT(
312 handle, dirfsp, name, mem_ctx, found_name);
313 }
314
315 mangled = mangle_is_mangled(name, handle->conn->params);
316 if (mangled) {
317 return SMB_VFS_NEXT_GET_REAL_FILENAME_AT(
318 handle, dirfsp, name, mem_ctx, found_name);
319 }
320
321 full_path_len = full_path_tos(dirfsp->fsp_name->base_name, name,
322 tmpbuf, sizeof(tmpbuf),
323 &full_path, &to_free);
324 if (full_path_len == -1) {
325 return NT_STATUS_NO_MEMORY;
326 }
327
328 buflen = sizeof(real_pathname) - 1;
329
330 result = gpfswrap_get_realfilename_path(full_path, real_pathname,
331 &buflen);
332
333 TALLOC_FREE(to_free);
334
335 if ((result == -1) && (errno == ENOSYS)) {
336 return SMB_VFS_NEXT_GET_REAL_FILENAME_AT(
337 handle, dirfsp, name, mem_ctx, found_name);
338 }
339
340 if (result == -1) {
341 DEBUG(10, ("smbd_gpfs_get_realfilename_path returned %s\n",
342 strerror(errno)));
343 return map_nt_error_from_unix(errno);
344 }
345
346 /*
347 * GPFS does not necessarily null-terminate the returned path
348 * but instead returns the buffer length in buflen.
349 */
350
351 if (buflen < sizeof(real_pathname)) {
352 real_pathname[buflen] = '\0';
353 } else {
354 real_pathname[sizeof(real_pathname)-1] = '\0';
355 }
356
357 DBG_DEBUG("%s/%s -> %s\n",
358 fsp_str_dbg(dirfsp),
359 name,
360 real_pathname);
361
362 name = strrchr_m(real_pathname, '/');
363 if (name == NULL) {
364 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
365 }
366
367 *found_name = talloc_strdup(mem_ctx, name+1);
368 if (*found_name == NULL) {
369 return NT_STATUS_NO_MEMORY;
370 }
371
372 return NT_STATUS_OK;
373 }
374
375 static void sd2gpfs_control(uint16_t control, struct gpfs_acl *gacl)
376 {
377 unsigned int gpfs_aclflags = 0;
378 control &= SEC_DESC_DACL_PROTECTED | SEC_DESC_SACL_PROTECTED |
379 SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_SACL_AUTO_INHERITED |
380 SEC_DESC_DACL_DEFAULTED | SEC_DESC_SACL_DEFAULTED |
381 SEC_DESC_DACL_PRESENT | SEC_DESC_SACL_PRESENT;
382 gpfs_aclflags = control << 8;
383 if (!(control & SEC_DESC_DACL_PRESENT))
384 gpfs_aclflags |= ACL4_FLAG_NULL_DACL;
385 if (!(control & SEC_DESC_SACL_PRESENT))
386 gpfs_aclflags |= ACL4_FLAG_NULL_SACL;
387 gacl->acl_level = GPFS_ACL_LEVEL_V4FLAGS;
388 gacl->v4Level1.acl_flags = gpfs_aclflags;
389 }
390
391 static uint16_t gpfs2sd_control(unsigned int gpfs_aclflags)
392 {
393 uint16_t control = gpfs_aclflags >> 8;
394 control &= SEC_DESC_DACL_PROTECTED | SEC_DESC_SACL_PROTECTED |
395 SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_SACL_AUTO_INHERITED |
396 SEC_DESC_DACL_DEFAULTED | SEC_DESC_SACL_DEFAULTED |
397 SEC_DESC_DACL_PRESENT | SEC_DESC_SACL_PRESENT;
398 control |= SEC_DESC_SELF_RELATIVE;
399 return control;
400 }
401
402 static void gpfs_dumpacl(int level, struct gpfs_acl *gacl)
403 {
404 gpfs_aclCount_t i;
405 if (gacl==NULL)
406 {
407 DEBUG(0, ("gpfs acl is NULL\n"));
408 return;
409 }
410
411 DEBUG(level, ("len: %d, level: %d, version: %d, nace: %d, "
412 "control: %x\n",
413 gacl->acl_len, gacl->acl_level, gacl->acl_version,
414 gacl->acl_nace, gpfs_acl_flags(gacl)));
415
416 for(i=0; i<gacl->acl_nace; i++)
417 {
418 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, i);
419 DEBUG(level, ("\tace[%d]: type:%d, flags:0x%x, mask:0x%x, "
420 "iflags:0x%x, who:%u\n",
421 i, gace->aceType, gace->aceFlags, gace->aceMask,
422 gace->aceIFlags, gace->aceWho));
423 }
424 }
425
426 static int gpfs_getacl_with_capability(struct files_struct *fsp,
427 int flags,
428 void *buf)
429 {
430 int ret, saved_errno;
431
432 set_effective_capability(DAC_OVERRIDE_CAPABILITY);
433
434 ret = gpfswrap_fgetacl(fsp_get_pathref_fd(fsp), flags, buf);
435 saved_errno = errno;
436
437 drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
438
439 errno = saved_errno;
440 return ret;
441 }
442
443 /*
444 * get the ACL from GPFS, allocated on the specified mem_ctx
445 * internally retries when initial buffer was too small
446 *
447 * caller needs to cast result to either
448 * raw = yes: struct gpfs_opaque_acl
449 * raw = no: struct gpfs_acl
450 *
451 */
452 static void *vfs_gpfs_getacl(TALLOC_CTX *mem_ctx,
453 struct files_struct *fsp,
454 const bool raw,
455 const gpfs_aclType_t type)
456 {
457 const char *fname = fsp->fsp_name->base_name;
458 void *aclbuf;
459 size_t size = 512;
460 int ret, flags;
461 unsigned int *len;
462 size_t struct_size;
463 bool use_capability = false;
464
465 again:
466
467 aclbuf = talloc_zero_size(mem_ctx, size);
468 if (aclbuf == NULL) {
469 errno = ENOMEM;
470 return NULL;
471 }
472
473 if (raw) {
474 struct gpfs_opaque_acl *buf = (struct gpfs_opaque_acl *) aclbuf;
475 buf->acl_type = type;
476 flags = GPFS_GETACL_NATIVE;
477 len = (unsigned int *) &(buf->acl_buffer_len);
478 struct_size = sizeof(struct gpfs_opaque_acl);
479 } else {
480 struct gpfs_acl *buf = (struct gpfs_acl *) aclbuf;
481 buf->acl_type = type;
482 buf->acl_level = GPFS_ACL_LEVEL_V4FLAGS;
483 flags = GPFS_GETACL_STRUCT;
484 len = &(buf->acl_len);
485 /* reserve space for control flags in gpfs 3.5 and beyond */
486 struct_size = sizeof(struct gpfs_acl) + sizeof(unsigned int);
487 }
488
489 /* set the length of the buffer as input value */
490 *len = size;
491
492 if (use_capability) {
493 ret = gpfs_getacl_with_capability(fsp, flags, aclbuf);
494 } else {
495 ret = gpfswrap_fgetacl(fsp_get_pathref_fd(fsp), flags, aclbuf);
496 if ((ret != 0) && (errno == EACCES)) {
497 DBG_DEBUG("Retry with DAC capability for %s\n", fname);
498 use_capability = true;
499 ret = gpfs_getacl_with_capability(fsp, flags, aclbuf);
500 }
501 }
502
503 if ((ret != 0) && (errno == ENOSPC)) {
504 /*
505 * get the size needed to accommodate the complete buffer
506 *
507 * the value returned only applies to the ACL blob in the
508 * struct so make sure to also have headroom for the first
509 * struct members by adding room for the complete struct
510 * (might be a few bytes too much then)
511 */
512 size = *len + struct_size;
513 talloc_free(aclbuf);
514 DEBUG(10, ("Increasing ACL buffer size to %zu\n", size));
515 goto again;
516 }
517
518 if (ret != 0) {
519 DEBUG(5, ("smbd_gpfs_getacl failed with %s\n",
520 strerror(errno)));
521 talloc_free(aclbuf);
522 return NULL;
523 }
524
525 return aclbuf;
526 }
527
528 /* Tries to get nfs4 acls and returns SMB ACL allocated.
529 * On failure returns 1 if it got non-NFSv4 ACL to prompt
530 * retry with POSIX ACL checks.
531 * On failure returns -1 if there is system (GPFS) error, check errno.
532 * Returns 0 on success
533 */
534 static int gpfs_get_nfs4_acl(TALLOC_CTX *mem_ctx,
535 struct files_struct *fsp,
536 struct SMB4ACL_T **ppacl)
537 {
538 const char *fname = fsp->fsp_name->base_name;
539 gpfs_aclCount_t i;
540 struct gpfs_acl *gacl = NULL;
541 DEBUG(10, ("gpfs_get_nfs4_acl invoked for %s\n", fname));
542
543 /* Get the ACL */
544 gacl = (struct gpfs_acl*) vfs_gpfs_getacl(talloc_tos(), fsp,
545 false, 0);
546 if (gacl == NULL) {
547 DEBUG(9, ("gpfs_getacl failed for %s with %s\n",
548 fname, strerror(errno)));
549 if (errno == ENODATA) {
550 /*
551 * GPFS returns ENODATA for snapshot
552 * directories. Retry with POSIX ACLs check.
553 */
554 return 1;
555 }
556
557 return -1;
558 }
559
560 if (gacl->acl_type != GPFS_ACL_TYPE_NFS4) {
561 DEBUG(10, ("Got non-nfsv4 acl\n"));
562 /* Retry with POSIX ACLs check */
563 talloc_free(gacl);
564 return 1;
565 }
566
567 *ppacl = smb_create_smb4acl(mem_ctx);
568
569 if (gacl->acl_level == GPFS_ACL_LEVEL_V4FLAGS) {
570 uint16_t control = gpfs2sd_control(gpfs_acl_flags(gacl));
571 smbacl4_set_controlflags(*ppacl, control);
572 }
573
574 DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d, control: %x\n",
575 gacl->acl_len, gacl->acl_level, gacl->acl_version,
576 gacl->acl_nace, gpfs_acl_flags(gacl)));
577
578 for (i=0; i<gacl->acl_nace; i++) {
579 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, i);
580 SMB_ACE4PROP_T smbace = { 0 };
581 DEBUG(10, ("type: %d, iflags: %x, flags: %x, mask: %x, "
582 "who: %d\n", gace->aceType, gace->aceIFlags,
583 gace->aceFlags, gace->aceMask, gace->aceWho));
584
585 if (gace->aceIFlags & ACE4_IFLAG_SPECIAL_ID) {
586 smbace.flags |= SMB_ACE4_ID_SPECIAL;
587 switch (gace->aceWho) {
588 case ACE4_SPECIAL_OWNER:
589 smbace.who.special_id = SMB_ACE4_WHO_OWNER;
590 break;
591 case ACE4_SPECIAL_GROUP:
592 smbace.who.special_id = SMB_ACE4_WHO_GROUP;
593 break;
594 case ACE4_SPECIAL_EVERYONE:
595 smbace.who.special_id = SMB_ACE4_WHO_EVERYONE;
596 break;
597 default:
598 DEBUG(8, ("invalid special gpfs id %d "
599 "ignored\n", gace->aceWho));
600 continue; /* don't add it */
601 }
602 } else {
603 if (gace->aceFlags & ACE4_FLAG_GROUP_ID)
604 smbace.who.gid = gace->aceWho;
605 else
606 smbace.who.uid = gace->aceWho;
607 }
608
609 /* remove redundant deny entries */
610 if (i > 0 && gace->aceType == SMB_ACE4_ACCESS_DENIED_ACE_TYPE) {
611 struct gpfs_ace_v4 *prev = gpfs_ace_ptr(gacl, i - 1);
612 if (prev->aceType == SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE &&
613 prev->aceFlags == gace->aceFlags &&
614 prev->aceIFlags == gace->aceIFlags &&
615 (gace->aceMask & prev->aceMask) == 0 &&
616 gace->aceWho == prev->aceWho) {
617 /* it's redundant - skip it */
618 continue;
619 }
620 }
621
622 smbace.aceType = gace->aceType;
623 smbace.aceFlags = gace->aceFlags;
624 smbace.aceMask = gace->aceMask;
625 smb_add_ace4(*ppacl, &smbace);
626 }
627
628 talloc_free(gacl);
629
630 return 0;
631 }
632
633 static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle,
634 files_struct *fsp, uint32_t security_info,
635 TALLOC_CTX *mem_ctx,
636 struct security_descriptor **ppdesc)
637 {
638 struct SMB4ACL_T *pacl = NULL;
639 int result;
640 struct gpfs_config_data *config;
641 TALLOC_CTX *frame = talloc_stackframe();
642 NTSTATUS status;
643
644 *ppdesc = NULL;
645
646 SMB_VFS_HANDLE_GET_DATA(handle, config,
647 struct gpfs_config_data,
648 return NT_STATUS_INTERNAL_ERROR);
649
650 if (!config->acl) {
651 status = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info,
652 mem_ctx, ppdesc);
653 TALLOC_FREE(frame);
654 return status;
655 }
656
657 result = gpfs_get_nfs4_acl(frame, fsp, &pacl);
658
659 if (result == 0) {
660 status = smb_fget_nt_acl_nfs4(fsp, &config->nfs4_params,
661 security_info,
662 mem_ctx, ppdesc, pacl);
663 TALLOC_FREE(frame);
664 return status;
665 }
666
667 if (result > 0) {
668 DEBUG(10, ("retrying with posix acl...\n"));
669 status = posix_fget_nt_acl(fsp, security_info,
670 mem_ctx, ppdesc);
671 TALLOC_FREE(frame);
672 return status;
673 }
674
675 TALLOC_FREE(frame);
676
677 /* GPFS ACL was not read, something wrong happened, error code is set in errno */
678 return map_nt_error_from_unix(errno);
679 }
680
681 static bool vfs_gpfs_nfs4_ace_to_gpfs_ace(SMB_ACE4PROP_T *nfs4_ace,
682 struct gpfs_ace_v4 *gace,
683 uid_t owner_uid)
684 {
685 gace->aceType = nfs4_ace->aceType;
686 gace->aceFlags = nfs4_ace->aceFlags;
687 gace->aceMask = nfs4_ace->aceMask;
688
689 if (nfs4_ace->flags & SMB_ACE4_ID_SPECIAL) {
690 switch(nfs4_ace->who.special_id) {
691 case SMB_ACE4_WHO_EVERYONE:
692 gace->aceIFlags = ACE4_IFLAG_SPECIAL_ID;
693 gace->aceWho = ACE4_SPECIAL_EVERYONE;
694 break;
695 case SMB_ACE4_WHO_OWNER:
696 /*
697 * With GPFS it is not possible to deny ACL or
698 * attribute access to the owner. Setting an
699 * ACL with such an entry is not possible.
700 * Denying ACL or attribute access for the
701 * owner through a named ACL entry can be
702 * stored in an ACL, it is just not effective.
703 *
704 * Map this case to a named entry to allow at
705 * least setting this ACL, which will be
706 * enforced by the smbd permission check. Do
707 * not do this for an inheriting OWNER entry,
708 * as this represents a CREATOR OWNER ACE. The
709 * remaining limitation is that CREATOR OWNER
710 * cannot deny ACL or attribute access.
711 */
712 if (!nfs_ace_is_inherit(nfs4_ace) &&
713 nfs4_ace->aceType ==
714 SMB_ACE4_ACCESS_DENIED_ACE_TYPE &&
715 nfs4_ace->aceMask & (SMB_ACE4_READ_ATTRIBUTES|
716 SMB_ACE4_WRITE_ATTRIBUTES|
717 SMB_ACE4_READ_ACL|
718 SMB_ACE4_WRITE_ACL)) {
719 gace->aceIFlags = 0;
720 gace->aceWho = owner_uid;
721 } else {
722 gace->aceIFlags = ACE4_IFLAG_SPECIAL_ID;
723 gace->aceWho = ACE4_SPECIAL_OWNER;
724 }
725 break;
726 case SMB_ACE4_WHO_GROUP:
727 gace->aceIFlags = ACE4_IFLAG_SPECIAL_ID;
728 gace->aceWho = ACE4_SPECIAL_GROUP;
729 break;
730 default:
731 DBG_WARNING("Unsupported special_id %d\n",
732 nfs4_ace->who.special_id);
733 return false;
734 }
735
736 return true;
737 }
738
739 gace->aceIFlags = 0;
740 gace->aceWho = (nfs4_ace->aceFlags & SMB_ACE4_IDENTIFIER_GROUP) ?
741 nfs4_ace->who.gid : nfs4_ace->who.uid;
742
743 return true;
744 }
745
746 static struct gpfs_acl *vfs_gpfs_smbacl2gpfsacl(TALLOC_CTX *mem_ctx,
747 files_struct *fsp,
748 struct SMB4ACL_T *smbacl,
749 bool controlflags)
750 {
751 struct gpfs_acl *gacl;
752 gpfs_aclLen_t gacl_len;
753 struct SMB4ACE_T *smbace;
754
755 gacl_len = offsetof(gpfs_acl_t, ace_v4) + sizeof(unsigned int)
756 + smb_get_naces(smbacl) * sizeof(gpfs_ace_v4_t);
757
758 gacl = (struct gpfs_acl *)TALLOC_SIZE(mem_ctx, gacl_len);
759 if (gacl == NULL) {
760 DEBUG(0, ("talloc failed\n"));
761 errno = ENOMEM;
762 return NULL;
763 }
764
765 gacl->acl_level = GPFS_ACL_LEVEL_BASE;
766 gacl->acl_version = GPFS_ACL_VERSION_NFS4;
767 gacl->acl_type = GPFS_ACL_TYPE_NFS4;
768 gacl->acl_nace = 0; /* change later... */
769
770 if (controlflags) {
771 gacl->acl_level = GPFS_ACL_LEVEL_V4FLAGS;
772 sd2gpfs_control(smbacl4_get_controlflags(smbacl), gacl);
773 }
774
775 for (smbace=smb_first_ace4(smbacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) {
776 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, gacl->acl_nace);
777 SMB_ACE4PROP_T *aceprop = smb_get_ace4(smbace);
778 bool add_ace;
779
780 add_ace = vfs_gpfs_nfs4_ace_to_gpfs_ace(aceprop, gace,
781 fsp->fsp_name->st.st_ex_uid);
782 if (!add_ace) {
783 continue;
784 }
785
786 gacl->acl_nace++;
787 }
788 gacl->acl_len = (char *)gpfs_ace_ptr(gacl, gacl->acl_nace)
789 - (char *)gacl;
790 return gacl;
791 }
792
793 static bool gpfsacl_process_smbacl(vfs_handle_struct *handle,
794 files_struct *fsp,
795 struct SMB4ACL_T *smbacl)
796 {
797 int ret;
798 struct gpfs_acl *gacl;
799 TALLOC_CTX *mem_ctx = talloc_tos();
800
801 gacl = vfs_gpfs_smbacl2gpfsacl(mem_ctx, fsp, smbacl, true);
802 if (gacl == NULL) { /* out of memory */
803 return False;
804 }
805 ret = gpfswrap_putacl(fsp->fsp_name->base_name,
806 GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA, gacl);
807
808 if ((ret != 0) && (errno == EINVAL)) {
809 DEBUG(10, ("Retry without nfs41 control flags\n"));
810 talloc_free(gacl);
811 gacl = vfs_gpfs_smbacl2gpfsacl(mem_ctx, fsp, smbacl, false);
812 if (gacl == NULL) { /* out of memory */
813 return False;
814 }
815 ret = gpfswrap_putacl(fsp->fsp_name->base_name,
816 GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA,
817 gacl);
818 }
819
820 if (ret != 0) {
821 DEBUG(8, ("gpfs_putacl failed with %s\n", strerror(errno)));
822 gpfs_dumpacl(8, gacl);
823 return False;
824 }
825
826 DEBUG(10, ("gpfs_putacl succeeded\n"));
827 return True;
828 }
829
830 static NTSTATUS gpfsacl_set_nt_acl_internal(vfs_handle_struct *handle, files_struct *fsp, uint32_t security_info_sent, const struct security_descriptor *psd)
831 {
832 struct gpfs_acl *acl;
833 NTSTATUS result = NT_STATUS_ACCESS_DENIED;
834
835 acl = (struct gpfs_acl*) vfs_gpfs_getacl(talloc_tos(),
836 fsp,
837 false, 0);
838 if (acl == NULL) {
839 return map_nt_error_from_unix(errno);
840 }
841
842 if (acl->acl_version == GPFS_ACL_VERSION_NFS4) {
843 struct gpfs_config_data *config;
844
845 if (lp_parm_bool(fsp->conn->params->service, "gpfs",
846 "refuse_dacl_protected", false)
847 && (psd->type&SEC_DESC_DACL_PROTECTED)) {
848 DEBUG(2, ("Rejecting unsupported ACL with DACL_PROTECTED bit set\n"));
849 talloc_free(acl);
850 return NT_STATUS_NOT_SUPPORTED;
851 }
852
853 SMB_VFS_HANDLE_GET_DATA(handle, config,
854 struct gpfs_config_data,
855 return NT_STATUS_INTERNAL_ERROR);
856
857 result = smb_set_nt_acl_nfs4(handle,
858 fsp, &config->nfs4_params, security_info_sent, psd,
859 gpfsacl_process_smbacl);
860 } else { /* assume POSIX ACL - by default... */
861 result = set_nt_acl(fsp, security_info_sent, psd);
862 }
863
864 talloc_free(acl);
865 return result;
866 }
867
868 static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32_t security_info_sent, const struct security_descriptor *psd)
869 {
870 struct gpfs_config_data *config;
871
872 SMB_VFS_HANDLE_GET_DATA(handle, config,
873 struct gpfs_config_data,
874 return NT_STATUS_INTERNAL_ERROR);
875
876 if (!config->acl) {
877 return SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
878 }
879
880 return gpfsacl_set_nt_acl_internal(handle, fsp, security_info_sent, psd);
881 }
882
883 static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl, TALLOC_CTX *mem_ctx)
884 {
885 SMB_ACL_T result;
886 gpfs_aclCount_t i;
887
888 result = sys_acl_init(mem_ctx);
889 if (result == NULL) {
890 errno = ENOMEM;
891 return NULL;
892 }
893
894 result->count = pacl->acl_nace;
895 result->acl = talloc_realloc(result, result->acl, struct smb_acl_entry,
896 result->count);
897 if (result->acl == NULL) {
898 TALLOC_FREE(result);
899 errno = ENOMEM;
900 return NULL;
901 }
902
903 for (i=0; i<pacl->acl_nace; i++) {
904 struct smb_acl_entry *ace = &result->acl[i];
905 const struct gpfs_ace_v1 *g_ace = &pacl->ace_v1[i];
906
907 DEBUG(10, ("Converting type %d id %lu perm %x\n",
908 (int)g_ace->ace_type, (unsigned long)g_ace->ace_who,
909 (int)g_ace->ace_perm));
910
911 switch (g_ace->ace_type) {
912 case GPFS_ACL_USER:
913 ace->a_type = SMB_ACL_USER;
914 ace->info.user.uid = (uid_t)g_ace->ace_who;
915 break;
916 case GPFS_ACL_USER_OBJ:
917 ace->a_type = SMB_ACL_USER_OBJ;
918 break;
919 case GPFS_ACL_GROUP:
920 ace->a_type = SMB_ACL_GROUP;
921 ace->info.group.gid = (gid_t)g_ace->ace_who;
922 break;
923 case GPFS_ACL_GROUP_OBJ:
924 ace->a_type = SMB_ACL_GROUP_OBJ;
925 break;
926 case GPFS_ACL_OTHER:
927 ace->a_type = SMB_ACL_OTHER;
928 break;
929 case GPFS_ACL_MASK:
930 ace->a_type = SMB_ACL_MASK;
931 break;
932 default:
933 DEBUG(10, ("Got invalid ace_type: %d\n",
934 g_ace->ace_type));
935 TALLOC_FREE(result);
936 errno = EINVAL;
937 return NULL;
938 }
939
940 ace->a_perm = 0;
941 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_READ) ?
942 SMB_ACL_READ : 0;
943 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_WRITE) ?
944 SMB_ACL_WRITE : 0;
945 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_EXECUTE) ?
946 SMB_ACL_EXECUTE : 0;
947
948 DEBUGADD(10, ("Converted to %d perm %x\n",
949 ace->a_type, ace->a_perm));
950 }
951
952 return result;
953 }
954
955 static SMB_ACL_T gpfsacl_get_posix_acl(struct files_struct *fsp,
956 gpfs_aclType_t type,
957 TALLOC_CTX *mem_ctx)
958 {
959 struct gpfs_acl *pacl;
960 SMB_ACL_T result = NULL;
961
962 pacl = vfs_gpfs_getacl(talloc_tos(), fsp, false, type);
963
964 if (pacl == NULL) {
965 DBG_DEBUG("vfs_gpfs_getacl failed for %s with %s\n",
966 fsp_str_dbg(fsp), strerror(errno));
967 if (errno == 0) {
968 errno = EINVAL;
969 }
970 goto done;
971 }
972
973 if (pacl->acl_version != GPFS_ACL_VERSION_POSIX) {
974 DEBUG(10, ("Got acl version %d, expected %d\n",
975 pacl->acl_version, GPFS_ACL_VERSION_POSIX));
976 errno = EINVAL;
977 goto done;
978 }
979
980 DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d\n",
981 pacl->acl_len, pacl->acl_level, pacl->acl_version,
982 pacl->acl_nace));
983
984 result = gpfs2smb_acl(pacl, mem_ctx);
985 if (result != NULL) {
986 errno = 0;
987 }
988
989 done:
990
991 if (pacl != NULL) {
992 talloc_free(pacl);
993 }
994 if (errno != 0) {
995 TALLOC_FREE(result);
996 }
997 return result;
998 }
999
1000 static SMB_ACL_T gpfsacl_sys_acl_get_fd(vfs_handle_struct *handle,
1001 files_struct *fsp,
1002 SMB_ACL_TYPE_T type,
1003 TALLOC_CTX *mem_ctx)
1004 {
1005 gpfs_aclType_t gpfs_type;
1006 struct gpfs_config_data *config;
1007
1008 SMB_VFS_HANDLE_GET_DATA(handle, config,
1009 struct gpfs_config_data,
1010 return NULL);
1011
1012 if (!config->acl) {
1013 return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, type, mem_ctx);
1014 }
1015
1016 switch(type) {
1017 case SMB_ACL_TYPE_ACCESS:
1018 gpfs_type = GPFS_ACL_TYPE_ACCESS;
1019 break;
1020 case SMB_ACL_TYPE_DEFAULT:
1021 gpfs_type = GPFS_ACL_TYPE_DEFAULT;
1022 break;
1023 default:
1024 DEBUG(0, ("Got invalid type: %d\n", type));
1025 smb_panic("exiting");
1026 }
1027 return gpfsacl_get_posix_acl(fsp, gpfs_type, mem_ctx);
1028 }
1029
1030 static int gpfsacl_sys_acl_blob_get_fd(vfs_handle_struct *handle,
1031 files_struct *fsp,
1032 TALLOC_CTX *mem_ctx,
1033 char **blob_description,
1034 DATA_BLOB *blob)
1035 {
1036 struct gpfs_config_data *config;
1037 struct gpfs_opaque_acl *acl = NULL;
1038 DATA_BLOB aclblob;
1039 int result;
1040
1041 SMB_VFS_HANDLE_GET_DATA(handle, config,
1042 struct gpfs_config_data,
1043 return -1);
1044
1045 if (!config->acl) {
1046 return SMB_VFS_NEXT_SYS_ACL_BLOB_GET_FD(handle, fsp, mem_ctx,
1047 blob_description, blob);
1048 }
1049
1050 errno = 0;
1051 acl = (struct gpfs_opaque_acl *) vfs_gpfs_getacl(mem_ctx,
1052 fsp,
1053 true,
1054 GPFS_ACL_TYPE_NFS4);
1055
1056 if (errno) {
1057 DEBUG(5, ("vfs_gpfs_getacl finished with errno %d: %s\n",
1058 errno, strerror(errno)));
1059
1060 /* EINVAL means POSIX ACL, bail out on other cases */
1061 if (errno != EINVAL) {
1062 return -1;
1063 }
1064 }
1065
1066 if (acl != NULL) {
1067 /*
1068 * file has NFSv4 ACL
1069 *
1070 * we only need the actual ACL blob here
1071 * acl_version will always be NFS4 because we asked
1072 * for NFS4
1073 * acl_type is only used for POSIX ACLs
1074 */
1075 aclblob.data = (uint8_t*) acl->acl_var_data;
1076 aclblob.length = acl->acl_buffer_len;
1077
1078 *blob_description = talloc_strdup(mem_ctx, "gpfs_nfs4_acl");
1079 if (!*blob_description) {
1080 talloc_free(acl);
1081 errno = ENOMEM;
1082 return -1;
1083 }
1084
1085 result = non_posix_sys_acl_blob_get_fd_helper(handle, fsp,
1086 aclblob, mem_ctx,
1087 blob);
1088
1089 talloc_free(acl);
1090 return result;
1091 }
1092
1093 /* fall back to POSIX ACL */
1094 return posix_sys_acl_blob_get_fd(handle, fsp, mem_ctx,
1095 blob_description, blob);
1096 }
1097
1098 static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl,
1099 SMB_ACL_TYPE_T type)
1100 {
1101 gpfs_aclLen_t len;
1102 struct gpfs_acl *result;
1103 int i;
1104
1105 DEBUG(10, ("smb2gpfs_acl: Got ACL with %d entries\n", pacl->count));
1106
1107 len = offsetof(gpfs_acl_t, ace_v1) + (pacl->count) *
1108 sizeof(gpfs_ace_v1_t);
1109
1110 result = (struct gpfs_acl *)SMB_MALLOC(len);
1111 if (result == NULL) {
1112 errno = ENOMEM;
1113 return result;
1114 }
1115
1116 result->acl_len = len;
1117 result->acl_level = 0;
1118 result->acl_version = GPFS_ACL_VERSION_POSIX;
1119 result->acl_type = (type == SMB_ACL_TYPE_DEFAULT) ?
1120 GPFS_ACL_TYPE_DEFAULT : GPFS_ACL_TYPE_ACCESS;
1121 result->acl_nace = pacl->count;
1122
1123 for (i=0; i<pacl->count; i++) {
1124 const struct smb_acl_entry *ace = &pacl->acl[i];
1125 struct gpfs_ace_v1 *g_ace = &result->ace_v1[i];
1126
1127 DEBUG(10, ("Converting type %d perm %x\n",
1128 (int)ace->a_type, (int)ace->a_perm));
1129
1130 g_ace->ace_perm = 0;
1131
1132 switch(ace->a_type) {
1133 case SMB_ACL_USER:
1134 g_ace->ace_type = GPFS_ACL_USER;
1135 g_ace->ace_who = (gpfs_uid_t)ace->info.user.uid;
1136 break;
1137 case SMB_ACL_USER_OBJ:
1138 g_ace->ace_type = GPFS_ACL_USER_OBJ;
1139 g_ace->ace_perm |= ACL_PERM_CONTROL;
1140 g_ace->ace_who = 0;
1141 break;
1142 case SMB_ACL_GROUP:
1143 g_ace->ace_type = GPFS_ACL_GROUP;
1144 g_ace->ace_who = (gpfs_uid_t)ace->info.group.gid;
1145 break;
1146 case SMB_ACL_GROUP_OBJ:
1147 g_ace->ace_type = GPFS_ACL_GROUP_OBJ;
1148 g_ace->ace_who = 0;
1149 break;
1150 case SMB_ACL_MASK:
1151 g_ace->ace_type = GPFS_ACL_MASK;
1152 g_ace->ace_perm = 0x8f;
1153 g_ace->ace_who = 0;
1154 break;
1155 case SMB_ACL_OTHER:
1156 g_ace->ace_type = GPFS_ACL_OTHER;
1157 g_ace->ace_who = 0;
1158 break;
1159 default:
1160 DEBUG(10, ("Got invalid ace_type: %d\n", ace->a_type));
1161 errno = EINVAL;
1162 SAFE_FREE(result);
1163 return NULL;
1164 }
1165
1166 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_READ) ?
1167 ACL_PERM_READ : 0;
1168 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_WRITE) ?
1169 ACL_PERM_WRITE : 0;
1170 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_EXECUTE) ?
1171 ACL_PERM_EXECUTE : 0;
1172
1173 DEBUGADD(10, ("Converted to %d id %d perm %x\n",
1174 g_ace->ace_type, g_ace->ace_who, g_ace->ace_perm));
1175 }
1176
1177 return result;
1178 }
1179
1180 static int gpfsacl_sys_acl_set_fd(vfs_handle_struct *handle,
1181 files_struct *fsp,
1182 SMB_ACL_TYPE_T type,
1183 SMB_ACL_T theacl)
1184 {
1185 struct gpfs_config_data *config;
1186 struct gpfs_acl *gpfs_acl = NULL;
1187 int result;
1188
1189 SMB_VFS_HANDLE_GET_DATA(handle, config,
1190 struct gpfs_config_data,
1191 return -1);
1192
1193 if (!config->acl) {
1194 return SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, type, theacl);
1195 }
1196
1197 gpfs_acl = smb2gpfs_acl(theacl, type);
1198 if (gpfs_acl == NULL) {
1199 return -1;
1200 }
1201
1202 /*
1203 * This is no longer a handle based call.
1204 */
1205 result = gpfswrap_putacl(fsp->fsp_name->base_name,
1206 GPFS_PUTACL_STRUCT|GPFS_ACL_SAMBA,
1207 gpfs_acl);
1208 SAFE_FREE(gpfs_acl);
1209 return result;
1210 }
1211
1212 static int gpfsacl_sys_acl_delete_def_fd(vfs_handle_struct *handle,
1213 files_struct *fsp)
1214 {
1215 struct gpfs_config_data *config;
1216
1217 SMB_VFS_HANDLE_GET_DATA(handle, config,
1218 struct gpfs_config_data,
1219 return -1);
1220
1221 if (!config->acl) {
1222 return SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FD(handle, fsp);
1223 }
1224
1225 errno = ENOTSUP;
1226 return -1;
1227 }
1228
1229
1230 /*
1231 * Assumed: mode bits are shiftable and standard
1232 * Output: the new aceMask field for an smb nfs4 ace
1233 */
1234 static uint32_t gpfsacl_mask_filter(uint32_t aceType, uint32_t aceMask, uint32_t rwx)
1235 {
1236 const uint32_t posix_nfs4map[3] = {
1237 SMB_ACE4_EXECUTE, /* execute */
1238 SMB_ACE4_WRITE_DATA | SMB_ACE4_APPEND_DATA, /* write; GPFS specific */
1239 SMB_ACE4_READ_DATA /* read */
1240 };
1241 int i;
1242 uint32_t posix_mask = 0x01;
1243 uint32_t posix_bit;
1244 uint32_t nfs4_bits;
1245
1246 for(i=0; i<3; i++) {
1247 nfs4_bits = posix_nfs4map[i];
1248 posix_bit = rwx & posix_mask;
1249
1250 if (aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) {
1251 if (posix_bit)
1252 aceMask |= nfs4_bits;
1253 else
1254 aceMask &= ~nfs4_bits;
1255 } else {
1256 /* add deny bits when suitable */
1257 if (!posix_bit)
1258 aceMask |= nfs4_bits;
1259 else
1260 aceMask &= ~nfs4_bits;
1261 } /* other ace types are unexpected */
1262
1263 posix_mask <<= 1;
1264 }
1265
1266 return aceMask;
1267 }
1268
1269 static int gpfsacl_emu_chmod(vfs_handle_struct *handle,
1270 struct files_struct *fsp,
1271 mode_t mode)
1272 {
1273 struct smb_filename *fname = fsp->fsp_name;
1274 char *path = fsp->fsp_name->base_name;
1275 struct SMB4ACL_T *pacl = NULL;
1276 int result;
1277 bool haveAllowEntry[SMB_ACE4_WHO_EVERYONE + 1] = {False, False, False, False};
1278 int i;
1279 files_struct fake_fsp = { 0 }; /* TODO: rationalize parametrization */
1280 struct SMB4ACE_T *smbace;
1281 TALLOC_CTX *frame = talloc_stackframe();
1282
1283 DEBUG(10, ("gpfsacl_emu_chmod invoked for %s mode %o\n", path, mode));
1284
1285 result = gpfs_get_nfs4_acl(frame, fsp, &pacl);
1286 if (result) {
1287 TALLOC_FREE(frame);
1288 return result;
1289 }
1290
1291 if (mode & ~(S_IRWXU | S_IRWXG | S_IRWXO)) {
1292 DEBUG(2, ("WARNING: cutting extra mode bits %o on %s\n", mode, path));
1293 }
1294
1295 for (smbace=smb_first_ace4(pacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) {
1296 SMB_ACE4PROP_T *ace = smb_get_ace4(smbace);
1297 uint32_t specid = ace->who.special_id;
1298
1299 if (ace->flags&SMB_ACE4_ID_SPECIAL &&
1300 ace->aceType<=SMB_ACE4_ACCESS_DENIED_ACE_TYPE &&
1301 specid <= SMB_ACE4_WHO_EVERYONE) {
1302
1303 uint32_t newMask;
1304
1305 if (ace->aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE)
1306 haveAllowEntry[specid] = True;
1307
1308 /* mode >> 6 for @owner, mode >> 3 for @group,
1309 * mode >> 0 for @everyone */
1310 newMask = gpfsacl_mask_filter(ace->aceType, ace->aceMask,
1311 mode >> ((SMB_ACE4_WHO_EVERYONE - specid) * 3));
1312 if (ace->aceMask!=newMask) {
1313 DEBUG(10, ("ace changed for %s (%o -> %o) id=%d\n",
1314 path, ace->aceMask, newMask, specid));
1315 }
1316 ace->aceMask = newMask;
1317 }
1318 }
1319
1320 /* make sure we have at least ALLOW entries
1321 * for all the 3 special ids (@EVERYONE, @OWNER, @GROUP)
1322 * - if necessary
1323 */
1324 for(i = SMB_ACE4_WHO_OWNER; i<=SMB_ACE4_WHO_EVERYONE; i++) {
1325 SMB_ACE4PROP_T ace = { 0 };
1326
1327 if (haveAllowEntry[i]==True)
1328 continue;
1329
1330 ace.aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE;
1331 ace.flags |= SMB_ACE4_ID_SPECIAL;
1332 ace.who.special_id = i;
1333
1334 if (i==SMB_ACE4_WHO_GROUP) /* not sure it's necessary... */
1335 ace.aceFlags |= SMB_ACE4_IDENTIFIER_GROUP;
1336
1337 ace.aceMask = gpfsacl_mask_filter(ace.aceType, ace.aceMask,
1338 mode >> ((SMB_ACE4_WHO_EVERYONE - i) * 3));
1339
1340 /* don't add unnecessary aces */
1341 if (!ace.aceMask)
1342 continue;
1343
1344 /* we add it to the END - as windows expects allow aces */
1345 smb_add_ace4(pacl, &ace);
1346 DEBUG(10, ("Added ALLOW ace for %s, mode=%o, id=%d, aceMask=%x\n",
1347 path, mode, i, ace.aceMask));
1348 }
1349
1350 /* don't add complementary DENY ACEs here */
1351 fake_fsp.fsp_name = synthetic_smb_fname(frame,
1352 path,
1353 NULL,
1354 NULL,
1355 fname->twrp,
1356 0);
1357 if (fake_fsp.fsp_name == NULL) {
1358 errno = ENOMEM;
1359 TALLOC_FREE(frame);
1360 return -1;
1361 }
1362 /* put the acl */
1363 if (gpfsacl_process_smbacl(handle, &fake_fsp, pacl) == False) {
1364 TALLOC_FREE(frame);
1365 return -1;
1366 }
1367
1368 TALLOC_FREE(frame);
1369 return 0; /* ok for [f]chmod */
1370 }
1371
1372 static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t mode)
1373 {
1374 SMB_STRUCT_STAT st;
1375 int rc;
1376
1377 rc = SMB_VFS_NEXT_FSTAT(handle, fsp, &st);
1378 if (rc != 0) {
1379 return -1;
1380 }
1381
1382 /* avoid chmod() if possible, to preserve acls */
1383 if ((st.st_ex_mode & ~S_IFMT) == mode) {
1384 return 0;
1385 }
1386
1387 rc = gpfsacl_emu_chmod(handle, fsp, mode);
1388 if (rc == 1) {
1389 return SMB_VFS_NEXT_FCHMOD(handle, fsp, mode);
1390 }
1391 return rc;
1392 }
1393
1394 static uint32_t vfs_gpfs_winattrs_to_dosmode(unsigned int winattrs)
1395 {
1396 uint32_t dosmode = 0;
1397
1398 if (winattrs & GPFS_WINATTR_ARCHIVE){
1399 dosmode |= FILE_ATTRIBUTE_ARCHIVE;
1400 }
1401 if (winattrs & GPFS_WINATTR_HIDDEN){
1402 dosmode |= FILE_ATTRIBUTE_HIDDEN;
1403 }
1404 if (winattrs & GPFS_WINATTR_SYSTEM){
1405 dosmode |= FILE_ATTRIBUTE_SYSTEM;
1406 }
1407 if (winattrs & GPFS_WINATTR_READONLY){
1408 dosmode |= FILE_ATTRIBUTE_READONLY;
1409 }
1410 if (winattrs & GPFS_WINATTR_SPARSE_FILE) {
1411 dosmode |= FILE_ATTRIBUTE_SPARSE;
1412 }
1413 if (winattrs & GPFS_WINATTR_OFFLINE) {
1414 dosmode |= FILE_ATTRIBUTE_OFFLINE;
1415 }
1416
1417 return dosmode;
1418 }
1419
1420 static unsigned int vfs_gpfs_dosmode_to_winattrs(uint32_t dosmode)
1421 {
1422 unsigned int winattrs = 0;
1423
1424 if (dosmode & FILE_ATTRIBUTE_ARCHIVE){
1425 winattrs |= GPFS_WINATTR_ARCHIVE;
1426 }
1427 if (dosmode & FILE_ATTRIBUTE_HIDDEN){
1428 winattrs |= GPFS_WINATTR_HIDDEN;
1429 }
1430 if (dosmode & FILE_ATTRIBUTE_SYSTEM){
1431 winattrs |= GPFS_WINATTR_SYSTEM;
1432 }
1433 if (dosmode & FILE_ATTRIBUTE_READONLY){
1434 winattrs |= GPFS_WINATTR_READONLY;
1435 }
1436 if (dosmode & FILE_ATTRIBUTE_SPARSE) {
1437 winattrs |= GPFS_WINATTR_SPARSE_FILE;
1438 }
1439 if (dosmode & FILE_ATTRIBUTE_OFFLINE) {
1440 winattrs |= GPFS_WINATTR_OFFLINE;
1441 }
1442
1443 return winattrs;
1444 }
1445
1446 static struct timespec gpfs_timestruc64_to_timespec(struct gpfs_timestruc64 g)
1447 {
1448 return (struct timespec) { .tv_sec = g.tv_sec, .tv_nsec = g.tv_nsec };
1449 }
1450
1451 static NTSTATUS vfs_gpfs_fget_dos_attributes(struct vfs_handle_struct *handle,
1452 struct files_struct *fsp,
1453 uint32_t *dosmode)
1454 {
1455 struct gpfs_config_data *config;
1456 int fd = fsp_get_pathref_fd(fsp);
1457 char buf[PATH_MAX];
1458 const char *p = NULL;
1459 struct gpfs_iattr64 iattr = { };
1460 unsigned int litemask = 0;
1461 struct timespec ts;
1462 int ret;
1463
1464 SMB_VFS_HANDLE_GET_DATA(handle, config,
1465 struct gpfs_config_data,
1466 return NT_STATUS_INTERNAL_ERROR);
1467
1468 if (!config->winattr) {
1469 return SMB_VFS_NEXT_FGET_DOS_ATTRIBUTES(handle, fsp, dosmode);
1470 }
1471
1472 if (fsp->fsp_flags.is_pathref && !config->pathref_ok.gpfs_fstat_x) {
1473 if (fsp->fsp_flags.have_proc_fds) {
1474 p = sys_proc_fd_path(fd, buf, sizeof(buf));
1475 if (p == NULL) {
1476 return NT_STATUS_NO_MEMORY;
1477 }
1478 } else {
1479 p = fsp->fsp_name->base_name;
1480 }
1481 }
1482
1483 if (p != NULL) {
1484 ret = gpfswrap_stat_x(p, &litemask, &iattr, sizeof(iattr));
1485 } else {
1486 ret = gpfswrap_fstat_x(fd, &litemask, &iattr, sizeof(iattr));
1487 }
1488 if (ret == -1 && errno == ENOSYS) {
1489 return SMB_VFS_NEXT_FGET_DOS_ATTRIBUTES(handle, fsp, dosmode);
1490 }
1491
1492 if (ret == -1 && errno == EACCES) {
1493 int saved_errno = 0;
1494
1495 /*
1496 * According to MS-FSA 2.1.5.1.2.1 "Algorithm to Check Access to
1497 * an Existing File" FILE_LIST_DIRECTORY on a directory implies
1498 * FILE_READ_ATTRIBUTES for directory entries. Being able to
1499 * open a file implies FILE_LIST_DIRECTORY.
1500 */
1501
1502 set_effective_capability(DAC_OVERRIDE_CAPABILITY);
1503
1504 if (p != NULL) {
1505 ret = gpfswrap_stat_x(p,
1506 &litemask,
1507 &iattr,
1508 sizeof(iattr));
1509 } else {
1510 ret = gpfswrap_fstat_x(fd,
1511 &litemask,
1512 &iattr,
1513 sizeof(iattr));
1514 }
1515 if (ret == -1) {
1516 saved_errno = errno;
1517 }
1518
1519 drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
1520
1521 if (saved_errno != 0) {
1522 errno = saved_errno;
1523 }
1524 }
1525
1526 if (ret == -1) {
1527 DBG_WARNING("Getting winattrs failed for %s: %s\n",
1528 fsp->fsp_name->base_name, strerror(errno));
1529 return map_nt_error_from_unix(errno);
1530 }
1531
1532 ts = gpfs_timestruc64_to_timespec(iattr.ia_createtime);
1533
1534 *dosmode |= vfs_gpfs_winattrs_to_dosmode(iattr.ia_winflags);
1535 update_stat_ex_create_time(&fsp->fsp_name->st, ts);
1536
1537 return NT_STATUS_OK;
1538 }
1539
1540 static NTSTATUS vfs_gpfs_fset_dos_attributes(struct vfs_handle_struct *handle,
1541 struct files_struct *fsp,
1542 uint32_t dosmode)
1543 {
1544 struct gpfs_config_data *config;
1545 struct gpfs_winattr attrs = { };
1546 int ret;
1547
1548 SMB_VFS_HANDLE_GET_DATA(handle, config,
1549 struct gpfs_config_data,
1550 return NT_STATUS_INTERNAL_ERROR);
1551
1552 if (!config->winattr) {
1553 return SMB_VFS_NEXT_FSET_DOS_ATTRIBUTES(handle, fsp, dosmode);
1554 }
1555
1556 attrs.winAttrs = vfs_gpfs_dosmode_to_winattrs(dosmode);
1557
1558 if (!fsp->fsp_flags.is_pathref) {
1559 ret = gpfswrap_set_winattrs(fsp_get_io_fd(fsp),
1560 GPFS_WINATTR_SET_ATTRS, &attrs);
1561 if (ret == -1) {
1562 DBG_WARNING("Setting winattrs failed for %s: %s\n",
1563 fsp_str_dbg(fsp), strerror(errno));
1564 return map_nt_error_from_unix(errno);
1565 }
1566 return NT_STATUS_OK;
1567 }
1568
1569 if (fsp->fsp_flags.have_proc_fds) {
1570 int fd = fsp_get_pathref_fd(fsp);
1571 const char *p = NULL;
1572 char buf[PATH_MAX];
1573
1574 p = sys_proc_fd_path(fd, buf, sizeof(buf));
1575 if (p == NULL) {
1576 return NT_STATUS_NO_MEMORY;
1577 }
1578
1579 ret = gpfswrap_set_winattrs_path(p,
1580 GPFS_WINATTR_SET_ATTRS,
1581 &attrs);
1582 if (ret == -1) {
1583 DBG_WARNING("Setting winattrs failed for [%s][%s]: %s\n",
1584 p, fsp_str_dbg(fsp), strerror(errno));
1585 return map_nt_error_from_unix(errno);
1586 }
1587 return NT_STATUS_OK;
1588 }
1589
1590 /*
1591 * This is no longer a handle based call.
1592 */
1593 ret = gpfswrap_set_winattrs_path(fsp->fsp_name->base_name,
1594 GPFS_WINATTR_SET_ATTRS,
1595 &attrs);
1596 if (ret == -1) {
1597 DBG_WARNING("Setting winattrs failed for [%s]: %s\n",
1598 fsp_str_dbg(fsp), strerror(errno));
1599 return map_nt_error_from_unix(errno);
1600 }
1601
1602 return NT_STATUS_OK;
1603 }
1604
1605 static int stat_with_capability(struct vfs_handle_struct *handle,
1606 struct smb_filename *smb_fname, int flag)
1607 {
1608 bool fake_dctime = lp_fake_directory_create_times(SNUM(handle->conn));
1609 int fd = -1;
1610 NTSTATUS status;
1611 struct smb_filename *dir_name = NULL;
1612 struct smb_filename *rel_name = NULL;
1613 int ret = -1;
1614
1615 status = SMB_VFS_PARENT_PATHNAME(handle->conn,
1616 talloc_tos(),
1617 smb_fname,
1618 &dir_name,
1619 &rel_name);
1620 if (!NT_STATUS_IS_OK(status)) {
1621 errno = map_errno_from_nt_status(status);
1622 return -1;
1623 }
1624
1625 fd = open(dir_name->base_name, O_RDONLY, 0);
1626 if (fd == -1) {
1627 TALLOC_FREE(dir_name);
1628 return -1;
1629 }
1630
1631 set_effective_capability(DAC_OVERRIDE_CAPABILITY);
1632 ret = sys_fstatat(fd,
1633 rel_name->base_name,
1634 &smb_fname->st,
1635 flag,
1636 fake_dctime);
1637
1638 drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
1639
1640 TALLOC_FREE(dir_name);
1641 close(fd);
1642
1643 return ret;
1644 }
1645
1646 static int vfs_gpfs_stat(struct vfs_handle_struct *handle,
1647 struct smb_filename *smb_fname)
1648 {
1649 int ret;
1650
1651 ret = SMB_VFS_NEXT_STAT(handle, smb_fname);
1652 if (ret == -1 && errno == EACCES) {
1653 DEBUG(10, ("Trying stat with capability for %s\n",
1654 smb_fname->base_name));
1655 ret = stat_with_capability(handle, smb_fname, 0);
1656 }
1657 return ret;
1658 }
1659
1660 static int vfs_gpfs_lstat(struct vfs_handle_struct *handle,
1661 struct smb_filename *smb_fname)
1662 {
1663 int ret;
1664
1665 ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
1666 if (ret == -1 && errno == EACCES) {
1667 DEBUG(10, ("Trying lstat with capability for %s\n",
1668 smb_fname->base_name));
1669 ret = stat_with_capability(handle, smb_fname,
1670 AT_SYMLINK_NOFOLLOW);
1671 }
1672 return ret;
1673 }
1674
1675 static int timespec_to_gpfs_time(
1676 struct timespec ts, gpfs_timestruc_t *gt, int idx, int *flags)
1677 {
1678 if (is_omit_timespec(&ts)) {
1679 return 0;
1680 }
1681
1682 if (ts.tv_sec < 0 || ts.tv_sec > UINT32_MAX) {
1683 DBG_NOTICE("GPFS uses 32-bit unsigned timestamps "
1684 "and cannot handle %jd.\n",
1685 (intmax_t)ts.tv_sec);
1686 errno = ERANGE;
1687 return -1;
1688 }
1689
1690 *flags |= 1 << idx;
1691 gt[idx].tv_sec = ts.tv_sec;
1692 gt[idx].tv_nsec = ts.tv_nsec;
1693 DBG_DEBUG("Setting GPFS time %d, flags 0x%x\n", idx, *flags);
1694
1695 return 0;
1696 }
1697
1698 static int smbd_gpfs_set_times(struct files_struct *fsp,
1699 struct smb_file_time *ft)
1700 {
1701 gpfs_timestruc_t gpfs_times[4];
1702 int flags = 0;
1703 int rc;
1704
1705 ZERO_ARRAY(gpfs_times);
1706 rc = timespec_to_gpfs_time(ft->atime, gpfs_times, 0, &flags);
1707 if (rc != 0) {
1708 return rc;
1709 }
1710
1711 rc = timespec_to_gpfs_time(ft->mtime, gpfs_times, 1, &flags);
1712 if (rc != 0) {
1713 return rc;
1714 }
1715
1716 /* No good mapping from LastChangeTime to ctime, not storing */
1717 rc = timespec_to_gpfs_time(ft->create_time, gpfs_times, 3, &flags);
1718 if (rc != 0) {
1719 return rc;
1720 }
1721
1722 if (!flags) {
1723 DBG_DEBUG("nothing to do, return to avoid EINVAL\n");
1724 return 0;
1725 }
1726
1727 if (!fsp->fsp_flags.is_pathref) {
1728 rc = gpfswrap_set_times(fsp_get_io_fd(fsp), flags, gpfs_times);
1729 if (rc != 0) {
1730 DBG_WARNING("gpfs_set_times(%s) failed: %s\n",
1731 fsp_str_dbg(fsp), strerror(errno));
1732 }
1733 return rc;
1734 }
1735
1736
1737 if (fsp->fsp_flags.have_proc_fds) {
1738 int fd = fsp_get_pathref_fd(fsp);
1739 const char *p = NULL;
1740 char buf[PATH_MAX];
1741
1742 p = sys_proc_fd_path(fd, buf, sizeof(buf));
1743 if (p == NULL) {
1744 return -1;
1745 }
1746
1747 rc = gpfswrap_set_times_path(buf, flags, gpfs_times);
1748 if (rc != 0) {
1749 DBG_WARNING("gpfs_set_times_path(%s,%s) failed: %s\n",
1750 fsp_str_dbg(fsp), p, strerror(errno));
1751 }
1752 return rc;
1753 }
1754
1755 /*
1756 * This is no longer a handle based call.
1757 */
1758
1759 rc = gpfswrap_set_times_path(fsp->fsp_name->base_name,
1760 flags,
1761 gpfs_times);
1762 if (rc != 0) {
1763 DBG_WARNING("gpfs_set_times_path(%s) failed: %s\n",
1764 fsp_str_dbg(fsp), strerror(errno));
1765 }
1766 return rc;
1767 }
1768
1769 static int vfs_gpfs_fntimes(struct vfs_handle_struct *handle,
1770 files_struct *fsp,
1771 struct smb_file_time *ft)
1772 {
1773
1774 struct gpfs_winattr attrs;
1775 int ret;
1776 struct gpfs_config_data *config;
1777
1778 SMB_VFS_HANDLE_GET_DATA(handle,
1779 config,
1780 struct gpfs_config_data,
1781 return -1);
1782
1783 /* Try to use gpfs_set_times if it is enabled and available */
1784 if (config->settimes) {
1785 return smbd_gpfs_set_times(fsp, ft);
1786 }
1787
1788 DBG_DEBUG("gpfs_set_times() not available or disabled, "
1789 "use ntimes and winattr\n");
1790
1791 ret = SMB_VFS_NEXT_FNTIMES(handle, fsp, ft);
1792 if (ret == -1) {
1793 /* don't complain if access was denied */
1794 if (errno != EPERM && errno != EACCES) {
1795 DBG_WARNING("SMB_VFS_NEXT_FNTIMES failed: %s",
1796 strerror(errno));
1797 }
1798 return -1;
1799 }
1800
1801 if (is_omit_timespec(&ft->create_time)) {
1802 DBG_DEBUG("Create Time is NULL\n");
1803 return 0;
1804 }
1805
1806 if (!config->winattr) {
1807 return 0;
1808 }
1809
1810 attrs.winAttrs = 0;
1811 attrs.creationTime.tv_sec = ft->create_time.tv_sec;
1812 attrs.creationTime.tv_nsec = ft->create_time.tv_nsec;
1813
1814 if (!fsp->fsp_flags.is_pathref) {
1815 ret = gpfswrap_set_winattrs(fsp_get_io_fd(fsp),
1816 GPFS_WINATTR_SET_CREATION_TIME,
1817 &attrs);
1818 if (ret == -1 && errno != ENOSYS) {
1819 DBG_WARNING("Set GPFS ntimes failed %d\n", ret);
1820 return -1;
1821 }
1822 return ret;
1823 }
1824
1825 if (fsp->fsp_flags.have_proc_fds) {
1826 int fd = fsp_get_pathref_fd(fsp);
1827 const char *p = NULL;
1828 char buf[PATH_MAX];
1829
1830 p = sys_proc_fd_path(fd, buf, sizeof(buf));
1831 if (p == NULL) {
1832 return -1;
1833 }
1834
1835 ret = gpfswrap_set_winattrs_path(p,
1836 GPFS_WINATTR_SET_CREATION_TIME,
1837 &attrs);
1838 if (ret == -1 && errno != ENOSYS) {
1839 DBG_WARNING("Set GPFS ntimes failed %d\n", ret);
1840 return -1;
1841 }
1842 return ret;
1843 }
1844
1845 /*
1846 * This is no longer a handle based call.
1847 */
1848 ret = gpfswrap_set_winattrs_path(fsp->fsp_name->base_name,
1849 GPFS_WINATTR_SET_CREATION_TIME,
1850 &attrs);
1851 if (ret == -1 && errno != ENOSYS) {
1852 DBG_WARNING("Set GPFS ntimes failed %d\n", ret);
1853 return -1;
1854 }
1855
1856 return 0;
1857 }
1858
1859 static int vfs_gpfs_fallocate(struct vfs_handle_struct *handle,
1860 struct files_struct *fsp, uint32_t mode,
1861 off_t offset, off_t len)
1862 {
1863 if (mode == (VFS_FALLOCATE_FL_PUNCH_HOLE|VFS_FALLOCATE_FL_KEEP_SIZE) &&
1864 !fsp->fsp_flags.is_sparse &&
1865 lp_strict_allocate(SNUM(fsp->conn))) {
1866 /*
1867 * This is from a ZERO_DATA request on a non-sparse
1868 * file. GPFS does not support FL_KEEP_SIZE and thus
1869 * cannot fill the whole again in the subsequent
1870 * fallocate(FL_KEEP_SIZE). Deny this FL_PUNCH_HOLE
1871 * call to not end up with a hole in a non-sparse
1872 * file.
1873 */
1874 errno = ENOTSUP;
1875 return -1;
1876 }
1877
1878 return SMB_VFS_NEXT_FALLOCATE(handle, fsp, mode, offset, len);
1879 }
1880
1881 static int vfs_gpfs_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
1882 off_t len)
1883 {
1884 int result;
1885 struct gpfs_config_data *config;
1886
1887 SMB_VFS_HANDLE_GET_DATA(handle, config,
1888 struct gpfs_config_data,
1889 return -1);
1890
1891 if (!config->ftruncate) {
1892 return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1893 }
1894
1895 result = gpfswrap_ftruncate(fsp_get_io_fd(fsp), len);
1896 if ((result == -1) && (errno == ENOSYS)) {
1897 return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1898 }
1899 return result;
1900 }
1901
1902 static bool vfs_gpfs_is_offline(struct vfs_handle_struct *handle,
1903 struct files_struct *fsp,
1904 SMB_STRUCT_STAT *sbuf)
1905 {
1906 struct gpfs_winattr attrs;
1907 struct gpfs_config_data *config;
1908 int ret;
1909
1910 SMB_VFS_HANDLE_GET_DATA(handle, config,
1911 struct gpfs_config_data,
1912 return false);
1913
1914 if (!config->winattr) {
1915 return false;
1916 }
1917
1918 ret = gpfswrap_get_winattrs(fsp_get_pathref_fd(fsp), &attrs);
1919 if (ret == -1) {
1920 return false;
1921 }
1922
1923 if ((attrs.winAttrs & GPFS_WINATTR_OFFLINE) != 0) {
1924 DBG_DEBUG("%s is offline\n", fsp_str_dbg(fsp));
1925 return true;
1926 }
1927
1928 DBG_DEBUG("%s is online\n", fsp_str_dbg(fsp));
1929 return false;
1930 }
1931
1932 static bool vfs_gpfs_fsp_is_offline(struct vfs_handle_struct *handle,
1933 struct files_struct *fsp)
1934 {
1935 struct gpfs_fsp_extension *ext;
1936
1937 ext = VFS_FETCH_FSP_EXTENSION(handle, fsp);
1938 if (ext == NULL) {
1939 /*
1940 * Something bad happened, always ask.
1941 */
1942 return vfs_gpfs_is_offline(handle, fsp,
1943 &fsp->fsp_name->st);
1944 }
1945
1946 if (ext->offline) {
1947 /*
1948 * As long as it's offline, ask.
1949 */
1950 ext->offline = vfs_gpfs_is_offline(handle, fsp,
1951 &fsp->fsp_name->st);
1952 }
1953
1954 return ext->offline;
1955 }
1956
1957 static bool vfs_gpfs_aio_force(struct vfs_handle_struct *handle,
1958 struct files_struct *fsp)
1959 {
1960 return vfs_gpfs_fsp_is_offline(handle, fsp);
1961 }
1962
1963 static ssize_t vfs_gpfs_sendfile(vfs_handle_struct *handle, int tofd,
1964 files_struct *fsp, const DATA_BLOB *hdr,
1965 off_t offset, size_t n)
1966 {
1967 if (vfs_gpfs_fsp_is_offline(handle, fsp)) {
1968 errno = ENOSYS;
1969 return -1;
1970 }
1971 return SMB_VFS_NEXT_SENDFILE(handle, tofd, fsp, hdr, offset, n);
1972 }
1973
1974 #ifdef O_PATH
1975 static int vfs_gpfs_check_pathref_fstat_x(struct gpfs_config_data *config,
1976 struct connection_struct *conn)
1977 {
1978 struct gpfs_iattr64 iattr = {0};
1979 unsigned int litemask = 0;
1980 int saved_errno;
1981 int fd;
1982 int ret;
1983
1984 fd = open(conn->connectpath, O_PATH);
1985 if (fd == -1) {
1986 DBG_ERR("openat() of share with O_PATH failed: %s\n",
1987 strerror(errno));
1988 return -1;
1989 }
1990
1991 ret = gpfswrap_fstat_x(fd, &litemask, &iattr, sizeof(iattr));
1992 if (ret == 0) {
1993 close(fd);
1994 config->pathref_ok.gpfs_fstat_x = true;
1995 return 0;
1996 }
1997
1998 saved_errno = errno;
1999 ret = close(fd);
2000 if (ret != 0) {
2001 DBG_ERR("close failed: %s\n", strerror(errno));
2002 return -1;
2003 }
2004
2005 if (saved_errno != EBADF) {
2006 DBG_ERR("gpfswrap_fstat_x() of O_PATH handle failed: %s\n",
2007 strerror(saved_errno));
2008 return -1;
2009 }
2010
2011 return 0;
2012 }
2013 #endif
2014
2015 static int vfs_gpfs_check_pathref(struct gpfs_config_data *config,
2016 struct connection_struct *conn)
2017 {
2018 #ifndef O_PATH
2019 /*
2020 * This code path leaves all struct gpfs_config_data.pathref_ok members
2021 * initialized to false.
2022 */
2023 return 0;
2024 #else
2025 int ret;
2026
2027 ret = vfs_gpfs_check_pathref_fstat_x(config, conn);
2028 if (ret != 0) {
2029 return -1;
2030 }
2031
2032 return 0;
2033 #endif
2034 }
2035
2036 static int vfs_gpfs_connect(struct vfs_handle_struct *handle,
2037 const char *service, const char *user)
2038 {
2039 struct gpfs_config_data *config;
2040 int ret;
2041 bool check_fstype;
2042
2043 ret = SMB_VFS_NEXT_CONNECT(handle, service, user);
2044 if (ret < 0) {
2045 return ret;
2046 }
2047
2048 if (IS_IPC(handle->conn)) {
2049 return 0;
2050 }
2051
2052 gpfswrap_lib_init(0);
2053
2054 config = talloc_zero(handle->conn, struct gpfs_config_data);
2055 if (!config) {
2056 DEBUG(0, ("talloc_zero() failed\n"));
2057 errno = ENOMEM;
2058 return -1;
2059 }
2060
2061 check_fstype = lp_parm_bool(SNUM(handle->conn), "gpfs",
2062 "check_fstype", true);
2063
2064 if (check_fstype) {
2065 const char *connectpath = handle->conn->connectpath;
2066 struct statfs buf = { 0 };
2067
2068 ret = statfs(connectpath, &buf);
2069 if (ret != 0) {
2070 DBG_ERR("statfs failed for share %s at path %s: %s\n",
2071 service, connectpath, strerror(errno));
2072 TALLOC_FREE(config);
2073 return ret;
2074 }
2075
2076 if (buf.f_type != GPFS_SUPER_MAGIC) {
2077 DBG_ERR("SMB share %s, path %s not in GPFS file system."
2078 " statfs magic: 0x%jx\n",
2079 service,
2080 connectpath,
2081 (uintmax_t)buf.f_type);
2082 errno = EINVAL;
2083 TALLOC_FREE(config);
2084 return -1;
2085 }
2086 }
2087
2088 ret = smbacl4_get_vfs_params(handle->conn, &config->nfs4_params);
2089 if (ret < 0) {
2090 TALLOC_FREE(config);
2091 return ret;
2092 }
2093
2094 config->sharemodes = lp_parm_bool(SNUM(handle->conn), "gpfs",
2095 "sharemodes", true);
2096
2097 config->leases = lp_parm_bool(SNUM(handle->conn), "gpfs",
2098 "leases", true);
2099
2100 config->hsm = lp_parm_bool(SNUM(handle->conn), "gpfs",
2101 "hsm", false);
2102
2103 config->syncio = lp_parm_bool(SNUM(handle->conn), "gpfs",
2104 "syncio", false);
2105
2106 config->winattr = lp_parm_bool(SNUM(handle->conn), "gpfs",
2107 "winattr", false);
2108
2109 config->ftruncate = lp_parm_bool(SNUM(handle->conn), "gpfs",
2110 "ftruncate", true);
2111
2112 config->getrealfilename = lp_parm_bool(SNUM(handle->conn), "gpfs",
2113 "getrealfilename", true);
2114
2115 config->dfreequota = lp_parm_bool(SNUM(handle->conn), "gpfs",
2116 "dfreequota", false);
2117
2118 config->acl = lp_parm_bool(SNUM(handle->conn), "gpfs", "acl", true);
2119
2120 config->settimes = lp_parm_bool(SNUM(handle->conn), "gpfs",
2121 "settimes", true);
2122 config->recalls = lp_parm_bool(SNUM(handle->conn), "gpfs",
2123 "recalls", true);
2124
2125 ret = vfs_gpfs_check_pathref(config, handle->conn);
2126 if (ret != 0) {
2127 DBG_ERR("vfs_gpfs_check_pathref() on [%s] failed\n",
2128 handle->conn->connectpath);
2129 TALLOC_FREE(config);
2130 return -1;
2131 }
2132
2133 SMB_VFS_HANDLE_SET_DATA(handle, config,
2134 NULL, struct gpfs_config_data,
2135 return -1);
2136
2137 if (config->leases) {
2138 /*
2139 * GPFS lease code is based on kernel oplock code
2140 * so make sure it is turned on
2141 */
2142 if (!lp_kernel_oplocks(SNUM(handle->conn))) {
2143 DEBUG(5, ("Enabling kernel oplocks for "
2144 "gpfs:leases to work\n"));
2145 lp_do_parameter(SNUM(handle->conn), "kernel oplocks",
2146 "true");
2147 }
2148
2149 /*
2150 * as the kernel does not properly support Level II oplocks
2151 * and GPFS leases code is based on kernel infrastructure, we
2152 * need to turn off Level II oplocks if gpfs:leases is enabled
2153 */
2154 if (lp_level2_oplocks(SNUM(handle->conn))) {
2155 DEBUG(5, ("gpfs:leases are enabled, disabling "
2156 "Level II oplocks\n"));
2157 lp_do_parameter(SNUM(handle->conn), "level2 oplocks",
2158 "false");
2159 }
2160 }
2161
2162 /*
2163 * Unless we have an async implementation of get_dos_attributes turn
2164 * this off.
2165 */
2166 lp_do_parameter(SNUM(handle->conn), "smbd async dosmode", "false");
2167
2168 return 0;
2169 }
2170
2171 static int get_gpfs_quota(const char *pathname, int type, int id,
2172 struct gpfs_quotaInfo *qi)
2173 {
2174 int ret;
2175
2176 ret = gpfswrap_quotactl(pathname, GPFS_QCMD(Q_GETQUOTA, type), id, qi);
2177
2178 if (ret) {
2179 if (errno == GPFS_E_NO_QUOTA_INST) {
2180 DEBUG(10, ("Quotas disabled on GPFS filesystem.\n"));
2181 } else if (errno != ENOSYS) {
2182 DEBUG(0, ("Get quota failed, type %d, id, %d, "
2183 "errno %d.\n", type, id, errno));
2184 }
2185
2186 return ret;
2187 }
2188
2189 DEBUG(10, ("quota type %d, id %d, blk u:%lld h:%lld s:%lld gt:%u\n",
2190 type, id, qi->blockUsage, qi->blockHardLimit,
2191 qi->blockSoftLimit, qi->blockGraceTime));
2192
2193 return ret;
2194 }
2195
2196 static void vfs_gpfs_disk_free_quota(struct gpfs_quotaInfo qi, time_t cur_time,
2197 uint64_t *dfree, uint64_t *dsize)
2198 {
2199 uint64_t usage, limit;
2200
2201 /*
2202 * The quota reporting is done in units of 1024 byte blocks, but
2203 * sys_fsusage uses units of 512 byte blocks, adjust the block number
2204 * accordingly. Also filter possibly negative usage counts from gpfs.
2205 */
2206 usage = qi.blockUsage < 0 ? 0 : (uint64_t)qi.blockUsage * 2;
2207 limit = (uint64_t)qi.blockHardLimit * 2;
2208
2209 /*
2210 * When the grace time for the exceeded soft block quota has been
2211 * exceeded, the soft block quota becomes an additional hard limit.
2212 */
2213 if (qi.blockSoftLimit &&
2214 qi.blockGraceTime && cur_time > qi.blockGraceTime) {
2215 /* report disk as full */
2216 *dfree = 0;
2217 *dsize = MIN(*dsize, usage);
2218 }
2219
2220 if (!qi.blockHardLimit)
2221 return;
2222
2223 if (usage >= limit) {
2224 /* report disk as full */
2225 *dfree = 0;
2226 *dsize = MIN(*dsize, usage);
2227
2228 } else {
2229 /* limit has not been reached, determine "free space" */
2230 *dfree = MIN(*dfree, limit - usage);
2231 *dsize = MIN(*dsize, limit);
2232 }
2233 }
2234
2235 static uint64_t vfs_gpfs_disk_free(vfs_handle_struct *handle,
2236 const struct smb_filename *smb_fname,
2237 uint64_t *bsize,
2238 uint64_t *dfree,
2239 uint64_t *dsize)
2240 {
2241 struct security_unix_token *utok;
2242 struct gpfs_quotaInfo qi_user = { 0 }, qi_group = { 0 };
2243 struct gpfs_config_data *config;
2244 int err;
2245 time_t cur_time;
2246
2247 SMB_VFS_HANDLE_GET_DATA(handle, config, struct gpfs_config_data,
2248 return (uint64_t)-1);
2249 if (!config->dfreequota) {
2250 return SMB_VFS_NEXT_DISK_FREE(handle, smb_fname,
2251 bsize, dfree, dsize);
2252 }
2253
2254 err = sys_fsusage(smb_fname->base_name, dfree, dsize);
2255 if (err) {
2256 DEBUG (0, ("Could not get fs usage, errno %d\n", errno));
2257 return SMB_VFS_NEXT_DISK_FREE(handle, smb_fname,
2258 bsize, dfree, dsize);
2259 }
2260
2261 /* sys_fsusage returns units of 512 bytes */
2262 *bsize = 512;
2263
2264 DEBUG(10, ("fs dfree %llu, dsize %llu\n",
2265 (unsigned long long)*dfree, (unsigned long long)*dsize));
2266
2267 utok = handle->conn->session_info->unix_token;
2268
2269 err = get_gpfs_quota(smb_fname->base_name,
2270 GPFS_USRQUOTA, utok->uid, &qi_user);
2271 if (err) {
2272 return SMB_VFS_NEXT_DISK_FREE(handle, smb_fname,
2273 bsize, dfree, dsize);
2274 }
2275
2276 /*
2277 * If new files created under this folder get this folder's
2278 * GID, then available space is governed by the quota of the
2279 * folder's GID, not the primary group of the creating user.
2280 */
2281 if (VALID_STAT(smb_fname->st) &&
2282 S_ISDIR(smb_fname->st.st_ex_mode) &&
2283 smb_fname->st.st_ex_mode & S_ISGID) {
2284 become_root();
2285 err = get_gpfs_quota(smb_fname->base_name, GPFS_GRPQUOTA,
2286 smb_fname->st.st_ex_gid, &qi_group);
2287 unbecome_root();
2288
2289 } else {
2290 err = get_gpfs_quota(smb_fname->base_name, GPFS_GRPQUOTA,
2291 utok->gid, &qi_group);
2292 }
2293
2294 if (err) {
2295 return SMB_VFS_NEXT_DISK_FREE(handle, smb_fname,
2296 bsize, dfree, dsize);
2297 }
2298
2299 cur_time = time(NULL);
2300
2301 /* Adjust free space and size according to quota limits. */
2302 vfs_gpfs_disk_free_quota(qi_user, cur_time, dfree, dsize);
2303 vfs_gpfs_disk_free_quota(qi_group, cur_time, dfree, dsize);
2304
2305 return *dfree / 2;
2306 }
2307
2308 static int vfs_gpfs_get_quota(vfs_handle_struct *handle,
2309 const struct smb_filename *smb_fname,
2310 enum SMB_QUOTA_TYPE qtype,
2311 unid_t id,
2312 SMB_DISK_QUOTA *dq)
2313 {
2314 switch(qtype) {
2315 /*
2316 * User/group quota are being used for disk-free
2317 * determination, which in this module is done directly
2318 * by the disk-free function. It's important that this
2319 * module does not return wrong quota values by mistake,
2320 * which would modify the correct values set by disk-free.
2321 * User/group quota are also being used for processing
2322 * NT_TRANSACT_GET_USER_QUOTA in smb1 protocol, which is
2323 * currently not supported by this module.
2324 */
2325 case SMB_USER_QUOTA_TYPE:
2326 case SMB_GROUP_QUOTA_TYPE:
2327 errno = ENOSYS;
2328 return -1;
2329 default:
2330 return SMB_VFS_NEXT_GET_QUOTA(handle, smb_fname,
2331 qtype, id, dq);
2332 }
2333 }
2334
2335 static uint32_t vfs_gpfs_capabilities(struct vfs_handle_struct *handle,
2336 enum timestamp_set_resolution *p_ts_res)
2337 {
2338 struct gpfs_config_data *config;
2339 uint32_t next;
2340
2341 next = SMB_VFS_NEXT_FS_CAPABILITIES(handle, p_ts_res);
2342
2343 SMB_VFS_HANDLE_GET_DATA(handle, config,
2344 struct gpfs_config_data,
2345 return next);
2346
2347 if (config->hsm) {
2348 next |= FILE_SUPPORTS_REMOTE_STORAGE;
2349 }
2350 return next;
2351 }
2352
2353 static int vfs_gpfs_openat(struct vfs_handle_struct *handle,
2354 const struct files_struct *dirfsp,
2355 const struct smb_filename *smb_fname,
2356 files_struct *fsp,
2357 const struct vfs_open_how *_how)
2358 {
2359 struct vfs_open_how how = *_how;
2360 struct gpfs_config_data *config = NULL;
2361 struct gpfs_fsp_extension *ext = NULL;
2362 int ret;
2363
2364 SMB_VFS_HANDLE_GET_DATA(handle, config,
2365 struct gpfs_config_data,
2366 return -1);
2367
2368 if (config->hsm && !config->recalls &&
2369 !fsp->fsp_flags.is_pathref &&
2370 vfs_gpfs_fsp_is_offline(handle, fsp))
2371 {
2372 DBG_DEBUG("Refusing access to offline file %s\n",
2373 fsp_str_dbg(fsp));
2374 errno = EACCES;
2375 return -1;
2376 }
2377
2378 if (config->syncio) {
2379 how.flags |= O_SYNC;
2380 }
2381
2382 ext = VFS_ADD_FSP_EXTENSION(handle, fsp, struct gpfs_fsp_extension,
2383 NULL);
2384 if (ext == NULL) {
2385 errno = ENOMEM;
2386 return -1;
2387 }
2388
2389 /*
2390 * Assume the file is offline until gpfs tells us it's online.
2391 */
2392 *ext = (struct gpfs_fsp_extension) { .offline = true };
2393
2394 ret = SMB_VFS_NEXT_OPENAT(handle, dirfsp, smb_fname, fsp, &how);
2395 if (ret == -1) {
2396 VFS_REMOVE_FSP_EXTENSION(handle, fsp);
2397 }
2398 return ret;
2399 }
2400
2401 static ssize_t vfs_gpfs_pread(vfs_handle_struct *handle, files_struct *fsp,
2402 void *data, size_t n, off_t offset)
2403 {
2404 ssize_t ret;
2405 bool was_offline;
2406
2407 was_offline = vfs_gpfs_fsp_is_offline(handle, fsp);
2408
2409 ret = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset);
2410
2411 if ((ret != -1) && was_offline) {
2412 notify_fname(handle->conn, NOTIFY_ACTION_MODIFIED,
2413 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2414 fsp->fsp_name->base_name);
2415 }
2416
2417 return ret;
2418 }
2419
2420 struct vfs_gpfs_pread_state {
2421 struct files_struct *fsp;
2422 ssize_t ret;
2423 bool was_offline;
2424 struct vfs_aio_state vfs_aio_state;
2425 };
2426
2427 static void vfs_gpfs_pread_done(struct tevent_req *subreq);
2428
2429 static struct tevent_req *vfs_gpfs_pread_send(struct vfs_handle_struct *handle,
2430 TALLOC_CTX *mem_ctx,
2431 struct tevent_context *ev,
2432 struct files_struct *fsp,
2433 void *data, size_t n,
2434 off_t offset)
2435 {
2436 struct tevent_req *req, *subreq;
2437 struct vfs_gpfs_pread_state *state;
2438
2439 req = tevent_req_create(mem_ctx, &state, struct vfs_gpfs_pread_state);
2440 if (req == NULL) {
2441 return NULL;
2442 }
2443 state->was_offline = vfs_gpfs_fsp_is_offline(handle, fsp);
2444 state->fsp = fsp;
2445 subreq = SMB_VFS_NEXT_PREAD_SEND(state, ev, handle, fsp, data,
2446 n, offset);
2447 if (tevent_req_nomem(subreq, req)) {
2448 return tevent_req_post(req, ev);
2449 }
2450 tevent_req_set_callback(subreq, vfs_gpfs_pread_done, req);
2451 return req;
2452 }
2453
2454 static void vfs_gpfs_pread_done(struct tevent_req *subreq)
2455 {
2456 struct tevent_req *req = tevent_req_callback_data(
2457 subreq, struct tevent_req);
2458 struct vfs_gpfs_pread_state *state = tevent_req_data(
2459 req, struct vfs_gpfs_pread_state);
2460
2461 state->ret = SMB_VFS_PREAD_RECV(subreq, &state->vfs_aio_state);
2462 TALLOC_FREE(subreq);
2463 tevent_req_done(req);
2464 }
2465
2466 static ssize_t vfs_gpfs_pread_recv(struct tevent_req *req,
2467 struct vfs_aio_state *vfs_aio_state)
2468 {
2469 struct vfs_gpfs_pread_state *state = tevent_req_data(
2470 req, struct vfs_gpfs_pread_state);
2471 struct files_struct *fsp = state->fsp;
2472
2473 if (tevent_req_is_unix_error(req, &vfs_aio_state->error)) {
2474 return -1;
2475 }
2476 *vfs_aio_state = state->vfs_aio_state;
2477
2478 if ((state->ret != -1) && state->was_offline) {
2479 DEBUG(10, ("sending notify\n"));
2480 notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
2481 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2482 fsp->fsp_name->base_name);
2483 }
2484
2485 return state->ret;
2486 }
2487
2488 static ssize_t vfs_gpfs_pwrite(vfs_handle_struct *handle, files_struct *fsp,
2489 const void *data, size_t n, off_t offset)
2490 {
2491 ssize_t ret;
2492 bool was_offline;
2493
2494 was_offline = vfs_gpfs_fsp_is_offline(handle, fsp);
2495
2496 ret = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
2497
2498 if ((ret != -1) && was_offline) {
2499 notify_fname(handle->conn, NOTIFY_ACTION_MODIFIED,
2500 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2501 fsp->fsp_name->base_name);
2502 }
2503
2504 return ret;
2505 }
2506
2507 struct vfs_gpfs_pwrite_state {
2508 struct files_struct *fsp;
2509 ssize_t ret;
2510 bool was_offline;
2511 struct vfs_aio_state vfs_aio_state;
2512 };
2513
2514 static void vfs_gpfs_pwrite_done(struct tevent_req *subreq);
2515
2516 static struct tevent_req *vfs_gpfs_pwrite_send(
2517 struct vfs_handle_struct *handle,
2518 TALLOC_CTX *mem_ctx,
2519 struct tevent_context *ev,
2520 struct files_struct *fsp,
2521 const void *data, size_t n,
2522 off_t offset)
2523 {
2524 struct tevent_req *req, *subreq;
2525 struct vfs_gpfs_pwrite_state *state;
2526
2527 req = tevent_req_create(mem_ctx, &state, struct vfs_gpfs_pwrite_state);
2528 if (req == NULL) {
2529 return NULL;
2530 }
2531 state->was_offline = vfs_gpfs_fsp_is_offline(handle, fsp);
2532 state->fsp = fsp;
2533 subreq = SMB_VFS_NEXT_PWRITE_SEND(state, ev, handle, fsp, data,
2534 n, offset);
2535 if (tevent_req_nomem(subreq, req)) {
2536 return tevent_req_post(req, ev);
2537 }
2538 tevent_req_set_callback(subreq, vfs_gpfs_pwrite_done, req);
2539 return req;
2540 }
2541
2542 static void vfs_gpfs_pwrite_done(struct tevent_req *subreq)
2543 {
2544 struct tevent_req *req = tevent_req_callback_data(
2545 subreq, struct tevent_req);
2546 struct vfs_gpfs_pwrite_state *state = tevent_req_data(
2547 req, struct vfs_gpfs_pwrite_state);
2548
2549 state->ret = SMB_VFS_PWRITE_RECV(subreq, &state->vfs_aio_state);
2550 TALLOC_FREE(subreq);
2551 tevent_req_done(req);
2552 }
2553
2554 static ssize_t vfs_gpfs_pwrite_recv(struct tevent_req *req,
2555 struct vfs_aio_state *vfs_aio_state)
2556 {
2557 struct vfs_gpfs_pwrite_state *state = tevent_req_data(
2558 req, struct vfs_gpfs_pwrite_state);
2559 struct files_struct *fsp = state->fsp;
2560
2561 if (tevent_req_is_unix_error(req, &vfs_aio_state->error)) {
2562 return -1;
2563 }
2564 *vfs_aio_state = state->vfs_aio_state;
2565
2566 if ((state->ret != -1) && state->was_offline) {
2567 DEBUG(10, ("sending notify\n"));
2568 notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
2569 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2570 fsp->fsp_name->base_name);
2571 }
2572
2573 return state->ret;
2574 }
2575
2576
2577 static struct vfs_fn_pointers vfs_gpfs_fns = {
2578 .connect_fn = vfs_gpfs_connect,
2579 .disk_free_fn = vfs_gpfs_disk_free,
2580 .get_quota_fn = vfs_gpfs_get_quota,
2581 .fs_capabilities_fn = vfs_gpfs_capabilities,
2582 .filesystem_sharemode_fn = vfs_gpfs_filesystem_sharemode,
2583 .linux_setlease_fn = vfs_gpfs_setlease,
2584 .get_real_filename_at_fn = vfs_gpfs_get_real_filename_at,
2585 .get_dos_attributes_send_fn = vfs_not_implemented_get_dos_attributes_send,
2586 .get_dos_attributes_recv_fn = vfs_not_implemented_get_dos_attributes_recv,
2587 .fget_dos_attributes_fn = vfs_gpfs_fget_dos_attributes,
2588 .fset_dos_attributes_fn = vfs_gpfs_fset_dos_attributes,
2589 .fget_nt_acl_fn = gpfsacl_fget_nt_acl,
2590 .fset_nt_acl_fn = gpfsacl_fset_nt_acl,
2591 .sys_acl_get_fd_fn = gpfsacl_sys_acl_get_fd,
2592 .sys_acl_blob_get_fd_fn = gpfsacl_sys_acl_blob_get_fd,
2593 .sys_acl_set_fd_fn = gpfsacl_sys_acl_set_fd,
2594 .sys_acl_delete_def_fd_fn = gpfsacl_sys_acl_delete_def_fd,
2595 .fchmod_fn = vfs_gpfs_fchmod,
2596 .close_fn = vfs_gpfs_close,
2597 .stat_fn = vfs_gpfs_stat,
2598 .lstat_fn = vfs_gpfs_lstat,
2599 .fntimes_fn = vfs_gpfs_fntimes,
2600 .aio_force_fn = vfs_gpfs_aio_force,
2601 .sendfile_fn = vfs_gpfs_sendfile,
2602 .fallocate_fn = vfs_gpfs_fallocate,
2603 .openat_fn = vfs_gpfs_openat,
2604 .pread_fn = vfs_gpfs_pread,
2605 .pread_send_fn = vfs_gpfs_pread_send,
2606 .pread_recv_fn = vfs_gpfs_pread_recv,
2607 .pwrite_fn = vfs_gpfs_pwrite,
2608 .pwrite_send_fn = vfs_gpfs_pwrite_send,
2609 .pwrite_recv_fn = vfs_gpfs_pwrite_recv,
2610 .ftruncate_fn = vfs_gpfs_ftruncate
2611 };
2612
2613 static_decl_vfs;
2614 NTSTATUS vfs_gpfs_init(TALLOC_CTX *ctx)
2615 {
2616 int ret;
2617
2618 ret = gpfswrap_init();
2619 if (ret != 0) {
2620 DEBUG(1, ("Could not initialize GPFS library wrapper\n"));
2621 }
2622
2623 return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "gpfs",
2624 &vfs_gpfs_fns);
2625 }
Samba GIT mirror