2 Unix SMB/CIFS implementation.
3 Files[] structure handling
4 Copyright (C) Andrew Tridgell 1998
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "smbd/smbd.h"
22 #include "smbd/globals.h"
23 #include "smbd/smbXsrv_open.h"
24 #include "libcli/security/security.h"
26 #include "lib/util/bitmap.h"
27 #include "lib/util/strv.h"
28 #include "lib/util/memcache.h"
29 #include "libcli/smb/reparse.h"
31 #define FILE_HANDLE_OFFSET 0x1000
33 static NTSTATUS
fsp_attach_smb_fname(struct files_struct
*fsp
,
34 struct smb_filename
**_smb_fname
);
37 * create new fsp to be used for file_new or a durable handle reconnect
39 NTSTATUS
fsp_new(struct connection_struct
*conn
, TALLOC_CTX
*mem_ctx
,
40 files_struct
**result
)
42 NTSTATUS status
= NT_STATUS_NO_MEMORY
;
43 files_struct
*fsp
= NULL
;
44 struct smbd_server_connection
*sconn
= conn
->sconn
;
46 fsp
= talloc_zero(mem_ctx
, struct files_struct
);
52 * This can't be a child of fsp because the file_handle can be ref'd
53 * when doing a dos/fcb open, which will then share the file_handle
54 * across multiple fsps.
56 fsp
->fh
= fd_handle_create(mem_ctx
);
57 if (fsp
->fh
== NULL
) {
61 fsp
->fsp_flags
.use_ofd_locks
= !lp_smbd_force_process_locks(SNUM(conn
));
62 #ifndef HAVE_OFD_LOCKS
63 fsp
->fsp_flags
.use_ofd_locks
= false;
66 fh_set_refcount(fsp
->fh
, 1);
69 fsp
->fnum
= FNUM_FIELD_INVALID
;
71 fsp
->close_write_time
= make_omit_timespec();
73 DLIST_ADD(sconn
->files
, fsp
);
74 sconn
->num_files
+= 1;
76 conn
->num_files_open
++;
78 DBG_INFO("allocated files structure (%u used)\n",
79 (unsigned int)sconn
->num_files
);
93 void fsp_set_gen_id(files_struct
*fsp
)
95 static uint64_t gen_id
= 1;
98 * A billion of 64-bit increments per second gives us
99 * more than 500 years of runtime without wrap.
102 fh_set_gen_id(fsp
->fh
, gen_id
);
105 /****************************************************************************
106 Find first available file slot.
107 ****************************************************************************/
109 NTSTATUS
fsp_bind_smb(struct files_struct
*fsp
, struct smb_request
*req
)
111 struct smbXsrv_open
*op
= NULL
;
116 DBG_DEBUG("INTERNAL_OPEN_ONLY, skipping smbXsrv_open\n");
120 now
= timeval_to_nttime(&fsp
->open_time
);
122 status
= smbXsrv_open_create(req
->xconn
,
123 fsp
->conn
->session_info
,
126 if (!NT_STATUS_IS_OK(status
)) {
131 fsp
->fnum
= op
->local_id
;
134 req
->chain_fsp
= fsp
;
136 DBG_DEBUG("fsp [%s] mid [%" PRIu64
"]\n",
137 fsp_str_dbg(fsp
), fsp
->mid
);
142 NTSTATUS
file_new(struct smb_request
*req
, connection_struct
*conn
,
143 files_struct
**result
)
145 struct smbd_server_connection
*sconn
= conn
->sconn
;
149 status
= fsp_new(conn
, conn
, &fsp
);
150 if (!NT_STATUS_IS_OK(status
)) {
154 GetTimeOfDay(&fsp
->open_time
);
156 status
= fsp_bind_smb(fsp
, req
);
157 if (!NT_STATUS_IS_OK(status
)) {
158 file_free(NULL
, fsp
);
165 * Create an smb_filename with "" for the base_name. There are very
166 * few NULL checks, so make sure it's initialized with something. to
167 * be safe until an audit can be done.
169 fsp
->fsp_name
= synthetic_smb_fname(fsp
,
175 if (fsp
->fsp_name
== NULL
) {
176 file_free(NULL
, fsp
);
177 return NT_STATUS_NO_MEMORY
;
180 DBG_INFO("new file %s\n", fsp_fnum_dbg(fsp
));
182 /* A new fsp invalidates the positive and
183 negative fsp_fi_cache as the new fsp is pushed
184 at the start of the list and we search from
185 a cache hit to the *end* of the list. */
187 ZERO_STRUCT(sconn
->fsp_fi_cache
);
193 NTSTATUS
create_internal_fsp(connection_struct
*conn
,
194 const struct smb_filename
*smb_fname
,
195 struct files_struct
**_fsp
)
197 struct files_struct
*fsp
= NULL
;
200 status
= file_new(NULL
, conn
, &fsp
);
201 if (!NT_STATUS_IS_OK(status
)) {
205 status
= fsp_set_smb_fname(fsp
, smb_fname
);
206 if (!NT_STATUS_IS_OK(status
)) {
207 file_free(NULL
, fsp
);
216 * Create an internal fsp for an *existing* directory.
218 * This should only be used by callers in the VFS that need to control the
219 * opening of the directory. Otherwise use open_internal_dirfsp_at().
221 NTSTATUS
create_internal_dirfsp(connection_struct
*conn
,
222 const struct smb_filename
*smb_dname
,
223 struct files_struct
**_fsp
)
225 struct files_struct
*fsp
= NULL
;
228 status
= create_internal_fsp(conn
, smb_dname
, &fsp
);
229 if (!NT_STATUS_IS_OK(status
)) {
233 fsp
->access_mask
= FILE_LIST_DIRECTORY
;
234 fsp
->fsp_flags
.is_directory
= true;
235 fsp
->fsp_flags
.is_dirfsp
= true;
242 * Open an internal fsp for an *existing* directory.
244 NTSTATUS
open_internal_dirfsp(connection_struct
*conn
,
245 const struct smb_filename
*smb_dname
,
247 struct files_struct
**_fsp
)
249 struct vfs_open_how how
= { .flags
= _open_flags
, };
250 struct files_struct
*fsp
= NULL
;
253 status
= create_internal_dirfsp(conn
, smb_dname
, &fsp
);
254 if (!NT_STATUS_IS_OK(status
)) {
259 how
.flags
|= O_DIRECTORY
;
261 status
= fd_openat(conn
->cwd_fsp
, fsp
->fsp_name
, fsp
, &how
);
262 if (!NT_STATUS_IS_OK(status
)) {
263 DBG_INFO("Could not open fd for %s (%s)\n",
264 smb_fname_str_dbg(smb_dname
),
266 file_free(NULL
, fsp
);
270 status
= vfs_stat_fsp(fsp
);
271 if (!NT_STATUS_IS_OK(status
)) {
272 file_free(NULL
, fsp
);
276 if (!S_ISDIR(fsp
->fsp_name
->st
.st_ex_mode
)) {
277 DBG_ERR("%s is not a directory!\n",
278 smb_fname_str_dbg(smb_dname
));
279 file_free(NULL
, fsp
);
280 return NT_STATUS_NOT_A_DIRECTORY
;
283 fsp
->file_id
= vfs_file_id_from_sbuf(conn
, &fsp
->fsp_name
->st
);
290 * Convert a pathref dirfsp into a real fsp. No need to do any cwd
291 * tricks, we just open ".".
293 NTSTATUS
openat_internal_dir_from_pathref(
294 struct files_struct
*dirfsp
,
296 struct files_struct
**_fsp
)
298 struct connection_struct
*conn
= dirfsp
->conn
;
299 struct smb_filename
*smb_dname
= dirfsp
->fsp_name
;
300 struct files_struct
*fsp
= NULL
;
302 struct smb_filename smb_dot
= {
304 .flags
= smb_dname
->flags
,
305 .twrp
= smb_dname
->twrp
,
307 struct vfs_open_how how
= { .flags
= _open_flags
, };
310 status
= create_internal_dirfsp(conn
, smb_dname
, &fsp
);
311 if (!NT_STATUS_IS_OK(status
)) {
316 * Pointless for opening ".", but you never know...
318 how
.flags
|= O_NOFOLLOW
;
320 status
= fd_openat(dirfsp
, &smb_dot
, fsp
, &how
);
321 if (!NT_STATUS_IS_OK(status
)) {
322 DBG_INFO("fd_openat(\"%s\", \".\") failed: %s\n",
325 file_free(NULL
, fsp
);
329 fsp
->fsp_name
->st
= smb_dname
->st
;
330 fsp
->file_id
= vfs_file_id_from_sbuf(conn
, &fsp
->fsp_name
->st
);
336 * The "link" in the name doesn't imply link in the filesystem
337 * sense. It's a object that "links" together an fsp and an smb_fname
338 * and the link allocated as talloc child of an fsp.
340 * The link is created for fsps that openat_pathref_fsp() returns in
341 * smb_fname->fsp. When this fsp is freed by file_free() by some caller
342 * somewhere, the destructor fsp_smb_fname_link_destructor() on the link object
343 * will use the link to reset the reference in smb_fname->fsp that is about to
346 * This prevents smb_fname_internal_fsp_destructor() from seeing dangling fsp
350 struct fsp_smb_fname_link
{
351 struct fsp_smb_fname_link
**smb_fname_link
;
352 struct files_struct
**smb_fname_fsp
;
355 static int fsp_smb_fname_link_destructor(struct fsp_smb_fname_link
*link
)
357 if (link
->smb_fname_link
== NULL
) {
361 *link
->smb_fname_link
= NULL
;
362 *link
->smb_fname_fsp
= NULL
;
366 static NTSTATUS
fsp_smb_fname_link(struct files_struct
*fsp
,
367 struct fsp_smb_fname_link
**smb_fname_link
,
368 struct files_struct
**smb_fname_fsp
)
370 struct fsp_smb_fname_link
*link
= NULL
;
372 SMB_ASSERT(*smb_fname_link
== NULL
);
373 SMB_ASSERT(*smb_fname_fsp
== NULL
);
375 link
= talloc_zero(fsp
, struct fsp_smb_fname_link
);
377 return NT_STATUS_NO_MEMORY
;
380 link
->smb_fname_link
= smb_fname_link
;
381 link
->smb_fname_fsp
= smb_fname_fsp
;
382 *smb_fname_link
= link
;
383 *smb_fname_fsp
= fsp
;
385 talloc_set_destructor(link
, fsp_smb_fname_link_destructor
);
390 * Free a link, carefully avoiding to trigger the link destructor
392 static void destroy_fsp_smb_fname_link(struct fsp_smb_fname_link
**_link
)
394 struct fsp_smb_fname_link
*link
= *_link
;
399 talloc_set_destructor(link
, NULL
);
405 * Talloc destructor set on an smb_fname set by openat_pathref_fsp() used to
406 * close the embedded smb_fname->fsp.
408 static int smb_fname_fsp_destructor(struct smb_filename
*smb_fname
)
410 struct files_struct
*fsp
= smb_fname
->fsp
;
412 int saved_errno
= errno
;
414 destroy_fsp_smb_fname_link(&smb_fname
->fsp_link
);
421 if (fsp_is_alternate_stream(fsp
)) {
422 struct files_struct
*tmp_base_fsp
= fsp
->base_fsp
;
424 fsp_set_base_fsp(fsp
, NULL
);
426 status
= fd_close(tmp_base_fsp
);
427 if (!NT_STATUS_IS_OK(status
)) {
428 DBG_ERR("Closing fd for fsp [%s] failed: %s. "
429 "Please check your filesystem!!!\n",
430 fsp_str_dbg(fsp
), nt_errstr(status
));
432 file_free(NULL
, tmp_base_fsp
);
435 status
= fd_close(fsp
);
436 if (!NT_STATUS_IS_OK(status
)) {
437 DBG_ERR("Closing fd for fsp [%s] failed: %s. "
438 "Please check your filesystem!!!\n",
439 fsp_str_dbg(fsp
), nt_errstr(status
));
441 file_free(NULL
, fsp
);
442 smb_fname
->fsp
= NULL
;
448 static NTSTATUS
openat_pathref_fullname(
449 struct connection_struct
*conn
,
450 const struct files_struct
*dirfsp
,
451 struct files_struct
*basefsp
,
452 struct smb_filename
**full_fname
,
453 struct smb_filename
*smb_fname
,
454 const struct vfs_open_how
*how
)
456 struct files_struct
*fsp
= NULL
;
457 bool have_dirfsp
= (dirfsp
!= NULL
);
458 bool have_basefsp
= (basefsp
!= NULL
);
461 DBG_DEBUG("smb_fname [%s]\n", smb_fname_str_dbg(smb_fname
));
463 SMB_ASSERT(smb_fname
->fsp
== NULL
);
464 SMB_ASSERT(have_dirfsp
!= have_basefsp
);
466 status
= fsp_new(conn
, conn
, &fsp
);
467 if (!NT_STATUS_IS_OK(status
)) {
471 GetTimeOfDay(&fsp
->open_time
);
473 ZERO_STRUCT(conn
->sconn
->fsp_fi_cache
);
475 fsp
->fsp_flags
.is_pathref
= true;
477 status
= fsp_attach_smb_fname(fsp
, full_fname
);
478 if (!NT_STATUS_IS_OK(status
)) {
481 fsp_set_base_fsp(fsp
, basefsp
);
483 status
= fd_openat(dirfsp
, smb_fname
, fsp
, how
);
484 if (!NT_STATUS_IS_OK(status
)) {
486 smb_fname
->st
= fsp
->fsp_name
->st
;
488 if (NT_STATUS_EQUAL(status
, NT_STATUS_NOT_FOUND
) ||
489 NT_STATUS_EQUAL(status
, NT_STATUS_OBJECT_PATH_NOT_FOUND
) ||
490 NT_STATUS_EQUAL(status
, NT_STATUS_STOPPED_ON_SYMLINK
))
493 * streams_xattr return NT_STATUS_NOT_FOUND for
494 * opens of not yet existing streams.
496 * ELOOP maps to NT_STATUS_OBJECT_PATH_NOT_FOUND
497 * and this will result from a open request from
498 * a POSIX client on a symlink.
500 * NT_STATUS_OBJECT_NAME_NOT_FOUND is the simple
503 * NT_STATUS_STOPPED_ON_SYMLINK is returned when trying
504 * to open a symlink, our callers are not interested in
507 status
= NT_STATUS_OBJECT_NAME_NOT_FOUND
;
513 * fd_openat() has done an FSTAT on the handle
514 * so update the smb_fname stat info with "truth".
517 smb_fname
->st
= fsp
->fsp_name
->st
;
519 fsp
->fsp_flags
.is_directory
= S_ISDIR(fsp
->fsp_name
->st
.st_ex_mode
);
521 fsp
->file_id
= vfs_file_id_from_sbuf(conn
, &fsp
->fsp_name
->st
);
523 status
= fsp_smb_fname_link(fsp
,
524 &smb_fname
->fsp_link
,
526 if (!NT_STATUS_IS_OK(status
)) {
530 DBG_DEBUG("fsp [%s]: OK\n", fsp_str_dbg(fsp
));
532 talloc_set_destructor(smb_fname
, smb_fname_fsp_destructor
);
536 DBG_DEBUG("Opening pathref for [%s] failed: %s\n",
537 smb_fname_str_dbg(smb_fname
),
540 fsp_set_base_fsp(fsp
, NULL
);
542 file_free(NULL
, fsp
);
547 * Open an internal O_PATH based fsp for smb_fname. If O_PATH is not
548 * available, open O_RDONLY as root. Both is done in fd_open() ->
549 * non_widelink_open(), triggered by setting fsp->fsp_flags.is_pathref to
552 NTSTATUS
openat_pathref_fsp(const struct files_struct
*dirfsp
,
553 struct smb_filename
*smb_fname
)
555 connection_struct
*conn
= dirfsp
->conn
;
556 struct smb_filename
*full_fname
= NULL
;
557 struct smb_filename
*base_fname
= NULL
;
558 struct vfs_open_how how
= { .flags
= O_RDONLY
|O_NONBLOCK
, };
561 DBG_DEBUG("smb_fname [%s]\n", smb_fname_str_dbg(smb_fname
));
563 if (smb_fname
->fsp
!= NULL
) {
564 /* We already have one for this name. */
565 DBG_DEBUG("smb_fname [%s] already has a pathref fsp.\n",
566 smb_fname_str_dbg(smb_fname
));
570 if (is_named_stream(smb_fname
) &&
571 ((conn
->fs_capabilities
& FILE_NAMED_STREAMS
) == 0)) {
572 DBG_DEBUG("stream open [%s] on non-stream share\n",
573 smb_fname_str_dbg(smb_fname
));
574 return NT_STATUS_OBJECT_NAME_INVALID
;
577 if (!is_named_stream(smb_fname
)) {
579 * openat_pathref_fullname() will make "full_fname" a
580 * talloc child of the smb_fname->fsp. Don't use
581 * talloc_tos() to allocate it to avoid making the
582 * talloc stackframe pool long-lived.
584 full_fname
= full_path_from_dirfsp_atname(
588 if (full_fname
== NULL
) {
589 status
= NT_STATUS_NO_MEMORY
;
592 status
= openat_pathref_fullname(
593 conn
, dirfsp
, NULL
, &full_fname
, smb_fname
, &how
);
594 TALLOC_FREE(full_fname
);
601 base_fname
= cp_smb_filename_nostream(conn
, smb_fname
);
602 if (base_fname
== NULL
) {
603 return NT_STATUS_NO_MEMORY
;
606 full_fname
= full_path_from_dirfsp_atname(
607 conn
, /* no talloc_tos(), see comment above */
610 if (full_fname
== NULL
) {
611 status
= NT_STATUS_NO_MEMORY
;
615 status
= openat_pathref_fullname(
616 conn
, dirfsp
, NULL
, &full_fname
, base_fname
, &how
);
617 TALLOC_FREE(full_fname
);
618 if (!NT_STATUS_IS_OK(status
)) {
619 DBG_DEBUG("openat_pathref_fullname() failed: %s\n",
624 status
= open_stream_pathref_fsp(&base_fname
->fsp
, smb_fname
);
625 if (!NT_STATUS_IS_OK(status
)) {
626 DBG_DEBUG("open_stream_pathref_fsp failed: %s\n",
631 smb_fname_fsp_unlink(base_fname
);
633 TALLOC_FREE(base_fname
);
638 * Open a stream given an already opened base_fsp. Avoid
639 * non_widelink_open: This is only valid for the case where we have a
640 * valid non-cwd_fsp dirfsp that we can pass to SMB_VFS_OPENAT()
642 NTSTATUS
open_stream_pathref_fsp(
643 struct files_struct
**_base_fsp
,
644 struct smb_filename
*smb_fname
)
646 struct files_struct
*base_fsp
= *_base_fsp
;
647 connection_struct
*conn
= base_fsp
->conn
;
648 struct smb_filename
*base_fname
= base_fsp
->fsp_name
;
649 struct smb_filename
*full_fname
= NULL
;
650 struct vfs_open_how how
= { .flags
= O_RDONLY
|O_NONBLOCK
, };
653 SMB_ASSERT(smb_fname
->fsp
== NULL
);
654 SMB_ASSERT(is_named_stream(smb_fname
));
656 full_fname
= synthetic_smb_fname(
657 conn
, /* no talloc_tos(), this will be long-lived */
658 base_fname
->base_name
,
659 smb_fname
->stream_name
,
663 if (full_fname
== NULL
) {
664 return NT_STATUS_NO_MEMORY
;
667 status
= openat_pathref_fullname(
668 conn
, NULL
, base_fsp
, &full_fname
, smb_fname
, &how
);
669 TALLOC_FREE(full_fname
);
673 static char *path_to_strv(TALLOC_CTX
*mem_ctx
, const char *path
)
675 char *result
= talloc_strdup(mem_ctx
, path
);
677 if (result
== NULL
) {
680 string_replace(result
, '/', '\0');
684 NTSTATUS
readlink_talloc(
686 struct files_struct
*dirfsp
,
687 struct smb_filename
*smb_relname
,
690 struct smb_filename null_fname
= {
691 .base_name
= discard_const_p(char, ""),
698 if (smb_relname
== NULL
) {
700 * We have a Linux O_PATH handle in dirfsp and want to
701 * read its value, essentially a freadlink
703 smb_relname
= &null_fname
;
706 ret
= SMB_VFS_READLINKAT(
707 dirfsp
->conn
, dirfsp
, smb_relname
, buf
, sizeof(buf
));
709 status
= map_nt_error_from_unix(errno
);
710 DBG_DEBUG("SMB_VFS_READLINKAT() failed: %s\n",
715 if ((size_t)ret
== sizeof(buf
)) {
717 * Do we need symlink targets longer than PATH_MAX?
719 DBG_DEBUG("Got full %zu bytes from readlink, too long\n",
721 return NT_STATUS_BUFFER_OVERFLOW
;
724 substitute
= talloc_strndup(mem_ctx
, buf
, ret
);
725 if (substitute
== NULL
) {
726 DBG_DEBUG("talloc_strndup() failed\n");
727 return NT_STATUS_NO_MEMORY
;
730 *_substitute
= substitute
;
734 NTSTATUS
read_symlink_reparse(
736 struct files_struct
*dirfsp
,
737 struct smb_filename
*smb_relname
,
738 struct symlink_reparse_struct
**_symlink
)
740 struct symlink_reparse_struct
*symlink
= NULL
;
743 symlink
= talloc_zero(mem_ctx
, struct symlink_reparse_struct
);
744 if (symlink
== NULL
) {
748 status
= readlink_talloc(
749 symlink
, dirfsp
, smb_relname
, &symlink
->substitute_name
);
750 if (!NT_STATUS_IS_OK(status
)) {
751 DBG_DEBUG("readlink_talloc failed: %s\n", nt_errstr(status
));
755 if (symlink
->substitute_name
[0] == '/') {
756 char *subdir_path
= NULL
;
757 char *abs_target_canon
= NULL
;
758 const char *relative
= NULL
;
761 subdir_path
= talloc_asprintf(talloc_tos(),
763 dirfsp
->conn
->connectpath
,
764 dirfsp
->fsp_name
->base_name
);
765 if (subdir_path
== NULL
) {
770 canonicalize_absolute_path(talloc_tos(),
771 symlink
->substitute_name
);
772 if (abs_target_canon
== NULL
) {
776 in_share
= subdir_of(subdir_path
,
781 TALLOC_FREE(symlink
->substitute_name
);
782 symlink
->substitute_name
=
783 talloc_strdup(symlink
, relative
);
784 if (symlink
->substitute_name
== NULL
) {
790 if (!IS_DIRECTORY_SEP(symlink
->substitute_name
[0])) {
791 symlink
->flags
|= SYMLINK_FLAG_RELATIVE
;
797 status
= NT_STATUS_NO_MEMORY
;
799 TALLOC_FREE(symlink
);
803 static bool full_path_extend(char **dir
, const char *atname
)
805 talloc_asprintf_addbuf(dir
,
807 (*dir
)[0] == '\0' ? "" : "/",
809 return (*dir
) != NULL
;
812 NTSTATUS
create_open_symlink_err(TALLOC_CTX
*mem_ctx
,
813 files_struct
*dirfsp
,
814 struct smb_filename
*smb_relname
,
815 struct open_symlink_err
**_err
)
817 struct open_symlink_err
*err
= NULL
;
820 err
= talloc_zero(mem_ctx
, struct open_symlink_err
);
822 return NT_STATUS_NO_MEMORY
;
825 status
= read_symlink_reparse(err
, dirfsp
, smb_relname
, &err
->reparse
);
826 if (!NT_STATUS_IS_OK(status
)) {
835 static int smb_vfs_openat_ci(TALLOC_CTX
*mem_ctx
,
837 struct connection_struct
*conn
,
838 struct files_struct
*dirfsp
,
839 struct smb_filename
*smb_fname_rel
,
841 const struct vfs_open_how
*how
)
843 char *orig_base_name
= smb_fname_rel
->base_name
;
844 DATA_BLOB cache_key
= {
847 DATA_BLOB cache_value
= {
854 fd
= SMB_VFS_OPENAT(conn
, dirfsp
, smb_fname_rel
, fsp
, how
);
855 if ((fd
>= 0) || case_sensitive
) {
858 if (errno
!= ENOENT
) {
862 if (!lp_stat_cache()) {
866 ok
= get_real_filename_cache_key(mem_ctx
,
872 * probably ENOMEM, just bail
878 DO_PROFILE_INC(statcache_lookups
);
880 ok
= memcache_lookup(NULL
,
881 GETREALFILENAME_CACHE
,
885 DO_PROFILE_INC(statcache_misses
);
888 DO_PROFILE_INC(statcache_hits
);
890 smb_fname_rel
->base_name
= talloc_strndup(mem_ctx
,
891 (char *)cache_value
.data
,
893 if (smb_fname_rel
->base_name
== NULL
) {
894 TALLOC_FREE(cache_key
.data
);
895 smb_fname_rel
->base_name
= orig_base_name
;
900 if (IS_VETO_PATH(dirfsp
->conn
, smb_fname_rel
->base_name
)) {
901 DBG_DEBUG("veto files rejecting last component %s\n",
902 smb_fname_str_dbg(smb_fname_rel
));
903 TALLOC_FREE(cache_key
.data
);
904 smb_fname_rel
->base_name
= orig_base_name
;
909 fd
= SMB_VFS_OPENAT(conn
, dirfsp
, smb_fname_rel
, fsp
, how
);
911 TALLOC_FREE(cache_key
.data
);
915 memcache_delete(NULL
, GETREALFILENAME_CACHE
, cache_key
);
918 * For the "new filename" case we need to preserve the
919 * capitalization the client sent us, see
920 * https://bugzilla.samba.org/show_bug.cgi?id=15481
922 TALLOC_FREE(smb_fname_rel
->base_name
);
923 smb_fname_rel
->base_name
= orig_base_name
;
927 status
= get_real_filename_at(dirfsp
,
930 &smb_fname_rel
->base_name
);
931 if (!NT_STATUS_IS_OK(status
)) {
932 DBG_DEBUG("get_real_filename_at() failed: %s\n",
938 if (IS_VETO_PATH(conn
, smb_fname_rel
->base_name
)) {
939 DBG_DEBUG("found veto files path component "
942 smb_fname_rel
->base_name
);
943 TALLOC_FREE(smb_fname_rel
->base_name
);
944 smb_fname_rel
->base_name
= orig_base_name
;
949 fd
= SMB_VFS_OPENAT(conn
, dirfsp
, smb_fname_rel
, fsp
, how
);
951 if ((fd
>= 0) && (cache_key
.data
!= NULL
)) {
953 .data
= (uint8_t *)smb_fname_rel
->base_name
,
954 .length
= strlen(smb_fname_rel
->base_name
) + 1,
957 memcache_add(NULL
, GETREALFILENAME_CACHE
, cache_key
, value
);
958 TALLOC_FREE(cache_key
.data
);
964 NTSTATUS
openat_pathref_fsp_nosymlink(TALLOC_CTX
*mem_ctx
,
965 struct connection_struct
*conn
,
966 struct files_struct
*in_dirfsp
,
970 struct smb_filename
**_smb_fname
,
971 struct open_symlink_err
**_symlink_err
)
973 struct files_struct
*dirfsp
= in_dirfsp
;
974 struct smb_filename full_fname
= {
977 .flags
= posix
? SMB_FILENAME_POSIX_PATH
: 0,
979 struct smb_filename rel_fname
= {
982 .flags
= full_fname
.flags
,
984 struct smb_filename
*result
= NULL
;
985 struct open_symlink_err
*symlink_err
= NULL
;
986 struct files_struct
*fsp
= NULL
;
987 char *path
= NULL
, *next
= NULL
;
988 bool ok
, is_toplevel
;
991 struct vfs_open_how how
= {
992 .flags
= O_NOFOLLOW
| O_NONBLOCK
,
996 DBG_DEBUG("path_in=%s\n", path_in
);
998 status
= fsp_new(conn
, conn
, &fsp
);
999 if (!NT_STATUS_IS_OK(status
)) {
1000 DBG_DEBUG("fsp_new() failed: %s\n", nt_errstr(status
));
1004 GetTimeOfDay(&fsp
->open_time
);
1005 fsp_set_gen_id(fsp
);
1006 ZERO_STRUCT(conn
->sconn
->fsp_fi_cache
);
1008 fsp
->fsp_name
= &full_fname
;
1012 * Add O_PATH manually, doing this by setting
1013 * fsp->fsp_flags.is_pathref will make us become_root() in the
1014 * non-O_PATH case, which would cause a security problem.
1016 how
.flags
|= O_PATH
;
1020 * O_SEARCH just checks for the "x" bit. We are traversing
1021 * directories, so we don't need the implicit O_RDONLY ("r"
1022 * permissions) but only the "x"-permissions requested by
1023 * O_SEARCH. We need either O_PATH or O_SEARCH to correctly
1024 * function, without either we will incorrectly require also
1025 * the "r" bit when traversing the directory hierarchy.
1027 how
.flags
|= O_SEARCH
;
1031 is_toplevel
= (dirfsp
== dirfsp
->conn
->cwd_fsp
);
1032 is_toplevel
|= ISDOT(dirfsp
->fsp_name
->base_name
);
1034 full_fname
.base_name
=
1035 talloc_strdup(talloc_tos(),
1036 is_toplevel
? "" : dirfsp
->fsp_name
->base_name
);
1037 if (full_fname
.base_name
== NULL
) {
1038 DBG_DEBUG("talloc_strdup() failed\n");
1043 * First split the path into individual components.
1045 path
= path_to_strv(talloc_tos(), path_in
);
1047 DBG_DEBUG("path_to_strv() failed\n");
1052 * First we loop over all components
1053 * in order to verify, there's no '.' or '..'
1055 rel_fname
.base_name
= path
;
1056 while (rel_fname
.base_name
!= NULL
) {
1058 next
= strv_next(path
, rel_fname
.base_name
);
1061 * Path sanitizing further up has cleaned or rejected
1062 * empty path components. Assert this here.
1064 SMB_ASSERT(rel_fname
.base_name
[0] != '\0');
1066 if (ISDOT(rel_fname
.base_name
) ||
1067 ISDOTDOT(rel_fname
.base_name
)) {
1068 DBG_DEBUG("%s contains a dot\n", path_in
);
1069 status
= NT_STATUS_OBJECT_NAME_INVALID
;
1073 /* Check veto files. */
1074 if (IS_VETO_PATH(conn
, rel_fname
.base_name
)) {
1075 DBG_DEBUG("%s contains veto files path component %s\n",
1076 path_in
, rel_fname
.base_name
);
1077 status
= NT_STATUS_OBJECT_PATH_NOT_FOUND
;
1081 rel_fname
.base_name
= next
;
1084 if (conn
->open_how_resolve
& VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS
) {
1087 * Try a direct openat2 with RESOLVE_NO_SYMLINKS to
1088 * avoid the openat/close loop further down.
1091 rel_fname
.base_name
= discard_const_p(char, path_in
);
1092 how
.resolve
= VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS
;
1094 fd
= SMB_VFS_OPENAT(conn
, dirfsp
, &rel_fname
, fsp
, &how
);
1096 fsp_set_fd(fsp
, fd
);
1097 ok
= full_path_extend(&full_fname
.base_name
,
1098 rel_fname
.base_name
);
1105 status
= map_nt_error_from_unix(errno
);
1106 DBG_DEBUG("SMB_VFS_OPENAT(%s, %s, RESOLVE_NO_SYMLINKS) "
1107 "returned %d %s => %s\n",
1108 smb_fname_str_dbg(dirfsp
->fsp_name
), path_in
,
1109 errno
, strerror(errno
), nt_errstr(status
));
1110 SMB_ASSERT(fd
== -1);
1114 * We got ENOSYS, so fallback to the old code
1115 * if the kernel doesn't support openat2() yet.
1122 * For ELOOP we also fallback in order to
1123 * return the correct information with
1124 * NT_STATUS_STOPPED_ON_SYMLINK.
1126 * O_NOFOLLOW|O_DIRECTORY results in
1127 * ENOTDIR instead of ELOOP for the final
1134 * If we got ENOENT, the filesystem could
1135 * be case sensitive. For now we only do
1136 * the get_real_filename_at() dance in
1137 * the fallback loop below.
1146 * Just fallback to the openat loop
1152 * Now we loop over all components
1153 * opening each one and using it
1154 * as dirfd for the next one.
1156 * It means we can detect symlinks
1159 rel_fname
.base_name
= path
;
1161 next
= strv_next(path
, rel_fname
.base_name
);
1163 fd
= smb_vfs_openat_ci(talloc_tos(),
1164 posix
|| conn
->case_sensitive
,
1172 if ((fd
== -1) && (errno
== ELOOP
)) {
1176 * openat() hit a symlink. With O_PATH we open the
1177 * symlink and get ENOTDIR in the next round, see
1181 status
= create_open_symlink_err(mem_ctx
,
1185 if (!NT_STATUS_IS_OK(status
)) {
1186 DBG_DEBUG("create_open_symlink_err failed: %s\n",
1192 size_t parsed
= next
- path
;
1193 size_t len
= talloc_get_size(path
);
1194 symlink_err
->unparsed
= len
- parsed
;
1198 * We know rel_fname is a symlink, now fill in the
1199 * rest of the metadata for our callers.
1202 ret
= SMB_VFS_FSTATAT(conn
,
1206 AT_SYMLINK_NOFOLLOW
);
1208 status
= map_nt_error_from_unix(errno
);
1209 DBG_DEBUG("SMB_VFS_FSTATAT(%s/%s) failed: %s\n",
1210 fsp_str_dbg(dirfsp
),
1211 rel_fname
.base_name
,
1213 TALLOC_FREE(symlink_err
);
1217 if (!S_ISLNK(symlink_err
->st
.st_ex_mode
)) {
1219 * Hit a race: readlink_talloc() worked before
1220 * the fstatat(), but rel_fname changed to
1221 * something that's not a symlink.
1223 status
= NT_STATUS_OBJECT_NAME_NOT_FOUND
;
1224 TALLOC_FREE(symlink_err
);
1228 status
= NT_STATUS_STOPPED_ON_SYMLINK
;
1233 if ((fd
== -1) && (errno
== ENOTDIR
)) {
1237 * dirfsp does not point at a directory, try a
1241 status
= create_open_symlink_err(mem_ctx
,
1246 if (!NT_STATUS_IS_OK(status
)) {
1247 DBG_DEBUG("create_open_symlink_err failed: %s\n",
1249 status
= NT_STATUS_NOT_A_DIRECTORY
;
1253 parsed
= rel_fname
.base_name
- path
;
1254 len
= talloc_get_size(path
);
1255 symlink_err
->unparsed
= len
- parsed
;
1257 symlink_err
->st
= dirfsp
->fsp_name
->st
;
1259 status
= NT_STATUS_STOPPED_ON_SYMLINK
;
1264 status
= map_nt_error_from_unix(errno
);
1265 DBG_DEBUG("SMB_VFS_OPENAT() failed: %s\n",
1269 fsp_set_fd(fsp
, fd
);
1271 ok
= full_path_extend(&full_fname
.base_name
, rel_fname
.base_name
);
1277 struct files_struct
*tmp
= NULL
;
1279 if (dirfsp
!= in_dirfsp
) {
1286 if (tmp
== in_dirfsp
) {
1287 status
= fsp_new(conn
, conn
, &fsp
);
1288 if (!NT_STATUS_IS_OK(status
)) {
1289 DBG_DEBUG("fsp_new() failed: %s\n",
1293 fsp
->fsp_name
= &full_fname
;
1298 rel_fname
.base_name
= next
;
1303 if (dirfsp
!= in_dirfsp
) {
1304 SMB_ASSERT(fsp_get_pathref_fd(dirfsp
) != -1);
1306 dirfsp
->fsp_name
= NULL
;
1307 file_free(NULL
, dirfsp
);
1312 fsp
->fsp_flags
.is_pathref
= true;
1313 fsp
->fsp_name
= NULL
;
1315 status
= fsp_set_smb_fname(fsp
, &full_fname
);
1316 if (!NT_STATUS_IS_OK(status
)) {
1317 DBG_DEBUG("fsp_set_smb_fname() failed: %s\n",
1322 status
= vfs_stat_fsp(fsp
);
1323 if (!NT_STATUS_IS_OK(status
)) {
1324 DBG_DEBUG("vfs_stat_fsp(%s) failed: %s\n",
1330 if (S_ISLNK(fsp
->fsp_name
->st
.st_ex_mode
)) {
1332 * Last component was a symlink we opened with O_PATH, fail it
1335 status
= create_open_symlink_err(mem_ctx
,
1339 if (!NT_STATUS_IS_OK(status
)) {
1342 symlink_err
->st
= fsp
->fsp_name
->st
;
1344 status
= NT_STATUS_STOPPED_ON_SYMLINK
;
1349 * We must correctly set fsp->file_id as code inside
1350 * open.c will use this to check if delete_on_close
1351 * has been set on the dirfsp.
1353 fsp
->file_id
= vfs_file_id_from_sbuf(conn
, &fsp
->fsp_name
->st
);
1355 result
= cp_smb_filename(mem_ctx
, fsp
->fsp_name
);
1356 if (result
== NULL
) {
1357 DBG_DEBUG("cp_smb_filename() failed\n");
1361 status
= fsp_smb_fname_link(fsp
,
1364 if (!NT_STATUS_IS_OK(status
)) {
1367 talloc_set_destructor(result
, smb_fname_fsp_destructor
);
1369 *_smb_fname
= result
;
1371 DBG_DEBUG("returning %s\n", smb_fname_str_dbg(result
));
1373 return NT_STATUS_OK
;
1376 status
= NT_STATUS_NO_MEMORY
;
1379 if (fsp_get_pathref_fd(fsp
) != -1) {
1382 file_free(NULL
, fsp
);
1386 if ((dirfsp
!= NULL
) && (dirfsp
!= in_dirfsp
)) {
1387 SMB_ASSERT(fsp_get_pathref_fd(dirfsp
) != -1);
1389 dirfsp
->fsp_name
= NULL
;
1390 file_free(NULL
, dirfsp
);
1394 if (NT_STATUS_EQUAL(status
, NT_STATUS_STOPPED_ON_SYMLINK
)) {
1395 *_symlink_err
= symlink_err
;
1403 * Open smb_fname_rel->fsp as a pathref fsp with a case insensitive
1404 * fallback using GETREALFILENAME_CACHE and get_real_filename_at() if
1405 * the first attempt based on the filename sent by the client gives
1408 NTSTATUS
openat_pathref_fsp_lcomp(struct files_struct
*dirfsp
,
1409 struct smb_filename
*smb_fname_rel
,
1412 struct connection_struct
*conn
= dirfsp
->conn
;
1413 const char *orig_rel_base_name
= smb_fname_rel
->base_name
;
1414 struct files_struct
*fsp
= NULL
;
1415 struct smb_filename
*full_fname
= NULL
;
1416 struct vfs_open_how how
= {
1417 .flags
= O_RDONLY
| O_NONBLOCK
| O_NOFOLLOW
,
1423 * Make sure we don't need of the all the magic in
1424 * openat_pathref_fsp() with regards non_widelink_open etc.
1427 SMB_ASSERT((smb_fname_rel
->fsp
== NULL
) &&
1428 (dirfsp
!= dirfsp
->conn
->cwd_fsp
) &&
1429 (strchr_m(smb_fname_rel
->base_name
, '/') == NULL
) &&
1430 !is_named_stream(smb_fname_rel
));
1432 SET_STAT_INVALID(smb_fname_rel
->st
);
1434 /* Check veto files - only looks at last component. */
1435 if (IS_VETO_PATH(dirfsp
->conn
, smb_fname_rel
->base_name
)) {
1436 DBG_DEBUG("veto files rejecting last component %s\n",
1437 smb_fname_str_dbg(smb_fname_rel
));
1438 return NT_STATUS_NETWORK_OPEN_RESTRICTION
;
1441 status
= fsp_new(conn
, conn
, &fsp
);
1442 if (!NT_STATUS_IS_OK(status
)) {
1443 DBG_DEBUG("fsp_new() failed: %s\n", nt_errstr(status
));
1447 GetTimeOfDay(&fsp
->open_time
);
1448 fsp_set_gen_id(fsp
);
1449 ZERO_STRUCT(conn
->sconn
->fsp_fi_cache
);
1451 fsp
->fsp_flags
.is_pathref
= true;
1453 full_fname
= full_path_from_dirfsp_atname(conn
, dirfsp
, smb_fname_rel
);
1454 if (full_fname
== NULL
) {
1455 DBG_DEBUG("full_path_from_dirfsp_atname(%s/%s) failed\n",
1456 dirfsp
->fsp_name
->base_name
,
1457 smb_fname_rel
->base_name
);
1458 file_free(NULL
, fsp
);
1459 return NT_STATUS_NO_MEMORY
;
1462 status
= fsp_attach_smb_fname(fsp
, &full_fname
);
1463 if (!NT_STATUS_IS_OK(status
)) {
1464 DBG_DEBUG("fsp_attach_smb_fname(fsp, %s) failed: %s\n",
1465 smb_fname_str_dbg(full_fname
),
1467 file_free(NULL
, fsp
);
1471 fd
= smb_vfs_openat_ci(smb_fname_rel
,
1472 (ucf_flags
& UCF_POSIX_PATHNAMES
) ||
1473 conn
->case_sensitive
,
1480 if ((fd
== -1) && (errno
== ENOENT
)) {
1481 status
= map_nt_error_from_unix(errno
);
1482 DBG_DEBUG("smb_vfs_openat(%s/%s) failed: %s\n",
1483 dirfsp
->fsp_name
->base_name
,
1484 smb_fname_rel
->base_name
,
1486 file_free(NULL
, fsp
);
1490 if (smb_fname_rel
->base_name
!= orig_rel_base_name
) {
1491 struct smb_filename new_fullname
= *smb_fname_rel
;
1493 DBG_DEBUG("rel->base_name changed from %s to %s\n",
1495 smb_fname_rel
->base_name
);
1497 new_fullname
.base_name
= full_path_from_dirfsp_at_basename(
1498 talloc_tos(), dirfsp
, new_fullname
.base_name
);
1499 if (new_fullname
.base_name
== NULL
) {
1501 file_free(NULL
, fsp
);
1502 return NT_STATUS_NO_MEMORY
;
1505 status
= fsp_set_smb_fname(fsp
, &new_fullname
);
1506 if (!NT_STATUS_IS_OK(status
)) {
1508 file_free(NULL
, fsp
);
1513 fsp_set_fd(fsp
, fd
);
1516 ret
= SMB_VFS_FSTAT(fsp
, &fsp
->fsp_name
->st
);
1518 ret
= SMB_VFS_FSTATAT(fsp
->conn
,
1522 AT_SYMLINK_NOFOLLOW
);
1525 status
= map_nt_error_from_unix(errno
);
1526 DBG_DEBUG("SMB_VFS_%sSTAT(%s/%s) failed: %s\n",
1527 (fd
>= 0) ? "F" : "",
1528 dirfsp
->fsp_name
->base_name
,
1529 smb_fname_rel
->base_name
,
1532 file_free(NULL
, fsp
);
1536 fsp
->fsp_flags
.is_directory
= S_ISDIR(fsp
->fsp_name
->st
.st_ex_mode
);
1537 fsp
->file_id
= vfs_file_id_from_sbuf(conn
, &fsp
->fsp_name
->st
);
1539 smb_fname_rel
->st
= fsp
->fsp_name
->st
;
1541 status
= fsp_smb_fname_link(fsp
,
1542 &smb_fname_rel
->fsp_link
,
1543 &smb_fname_rel
->fsp
);
1544 if (!NT_STATUS_IS_OK(status
)) {
1545 DBG_DEBUG("fsp_smb_fname_link() failed: %s\n",
1548 file_free(NULL
, fsp
);
1552 DBG_DEBUG("fsp [%s]: OK, fd=%d\n", fsp_str_dbg(fsp
), fd
);
1554 talloc_set_destructor(smb_fname_rel
, smb_fname_fsp_destructor
);
1555 return NT_STATUS_OK
;
1558 void smb_fname_fsp_unlink(struct smb_filename
*smb_fname
)
1560 talloc_set_destructor(smb_fname
, NULL
);
1561 smb_fname
->fsp
= NULL
;
1562 destroy_fsp_smb_fname_link(&smb_fname
->fsp_link
);
1566 * Move any existing embedded fsp refs from the src name to the
1567 * destination. It's safe to call this on src smb_fname's that have no embedded
1570 NTSTATUS
move_smb_fname_fsp_link(struct smb_filename
*smb_fname_dst
,
1571 struct smb_filename
*smb_fname_src
)
1576 * The target should always not be linked yet!
1578 SMB_ASSERT(smb_fname_dst
->fsp
== NULL
);
1579 SMB_ASSERT(smb_fname_dst
->fsp_link
== NULL
);
1581 if (smb_fname_src
->fsp
== NULL
) {
1582 return NT_STATUS_OK
;
1585 status
= fsp_smb_fname_link(smb_fname_src
->fsp
,
1586 &smb_fname_dst
->fsp_link
,
1587 &smb_fname_dst
->fsp
);
1588 if (!NT_STATUS_IS_OK(status
)) {
1592 talloc_set_destructor(smb_fname_dst
, smb_fname_fsp_destructor
);
1594 smb_fname_fsp_unlink(smb_fname_src
);
1596 return NT_STATUS_OK
;
1599 static int fsp_ref_no_close_destructor(struct smb_filename
*smb_fname
)
1601 destroy_fsp_smb_fname_link(&smb_fname
->fsp_link
);
1605 NTSTATUS
reference_smb_fname_fsp_link(struct smb_filename
*smb_fname_dst
,
1606 const struct smb_filename
*smb_fname_src
)
1611 * The target should always not be linked yet!
1613 SMB_ASSERT(smb_fname_dst
->fsp
== NULL
);
1614 SMB_ASSERT(smb_fname_dst
->fsp_link
== NULL
);
1616 if (smb_fname_src
->fsp
== NULL
) {
1617 return NT_STATUS_OK
;
1620 status
= fsp_smb_fname_link(smb_fname_src
->fsp
,
1621 &smb_fname_dst
->fsp_link
,
1622 &smb_fname_dst
->fsp
);
1623 if (!NT_STATUS_IS_OK(status
)) {
1627 talloc_set_destructor(smb_fname_dst
, fsp_ref_no_close_destructor
);
1629 return NT_STATUS_OK
;
1633 * Create an smb_fname and open smb_fname->fsp pathref
1635 NTSTATUS
synthetic_pathref(TALLOC_CTX
*mem_ctx
,
1636 struct files_struct
*dirfsp
,
1637 const char *base_name
,
1638 const char *stream_name
,
1639 const SMB_STRUCT_STAT
*psbuf
,
1642 struct smb_filename
**_smb_fname
)
1644 struct smb_filename
*smb_fname
= NULL
;
1647 smb_fname
= synthetic_smb_fname(mem_ctx
,
1653 if (smb_fname
== NULL
) {
1654 return NT_STATUS_NO_MEMORY
;
1657 status
= openat_pathref_fsp(dirfsp
, smb_fname
);
1658 if (!NT_STATUS_IS_OK(status
)) {
1659 DBG_NOTICE("opening [%s] failed\n",
1660 smb_fname_str_dbg(smb_fname
));
1661 TALLOC_FREE(smb_fname
);
1665 *_smb_fname
= smb_fname
;
1666 return NT_STATUS_OK
;
1670 * Turn a path into a parent pathref and atname
1672 * This returns the parent pathref in _parent and the name relative to it. If
1673 * smb_fname was a pathref (ie smb_fname->fsp != NULL), then _atname will be a
1674 * pathref as well, ie _atname->fsp will point at the same fsp as
1677 NTSTATUS
parent_pathref(TALLOC_CTX
*mem_ctx
,
1678 struct files_struct
*dirfsp
,
1679 const struct smb_filename
*smb_fname
,
1680 struct smb_filename
**_parent
,
1681 struct smb_filename
**_atname
)
1683 struct smb_filename
*parent
= NULL
;
1684 struct smb_filename
*atname
= NULL
;
1687 status
= SMB_VFS_PARENT_PATHNAME(dirfsp
->conn
,
1692 if (!NT_STATUS_IS_OK(status
)) {
1697 * We know that the parent name must
1698 * exist, and the name has been canonicalized
1699 * even if this was a POSIX pathname.
1700 * Ensure that we follow symlinks for
1701 * the parent. See the torture test
1702 * POSIX-SYMLINK-PARENT for details.
1704 parent
->flags
&= ~SMB_FILENAME_POSIX_PATH
;
1706 status
= openat_pathref_fsp(dirfsp
, parent
);
1707 if (!NT_STATUS_IS_OK(status
)) {
1708 TALLOC_FREE(parent
);
1712 status
= reference_smb_fname_fsp_link(atname
, smb_fname
);
1713 if (!NT_STATUS_IS_OK(status
)) {
1714 TALLOC_FREE(parent
);
1720 return NT_STATUS_OK
;
1723 static bool close_file_in_loop(struct files_struct
*fsp
,
1724 enum file_close_type close_type
)
1726 if (fsp_is_alternate_stream(fsp
)) {
1728 * This is a stream, it can't be a base
1730 SMB_ASSERT(fsp
->stream_fsp
== NULL
);
1731 SMB_ASSERT(fsp
->base_fsp
->stream_fsp
== fsp
);
1734 * Remove the base<->stream link so that
1735 * close_file_free() does not close fsp->base_fsp as
1736 * well. This would destroy walking the linked list of
1739 fsp
->base_fsp
->stream_fsp
= NULL
;
1740 fsp
->base_fsp
= NULL
;
1742 close_file_free(NULL
, &fsp
, close_type
);
1746 if (fsp
->stream_fsp
!= NULL
) {
1748 * This is the base of a stream.
1750 SMB_ASSERT(fsp
->stream_fsp
->base_fsp
== fsp
);
1753 * Remove the base<->stream link. This will make fsp
1754 * look like a normal fsp for the next round.
1756 fsp
->stream_fsp
->base_fsp
= NULL
;
1757 fsp
->stream_fsp
= NULL
;
1760 * Have us called back a second time. In the second
1761 * round, "fsp" now looks like a normal fsp.
1766 close_file_free(NULL
, &fsp
, close_type
);
1770 /****************************************************************************
1771 Close all open files for a connection.
1772 ****************************************************************************/
1774 struct file_close_conn_state
{
1775 struct connection_struct
*conn
;
1776 enum file_close_type close_type
;
1777 bool fsp_left_behind
;
1780 static struct files_struct
*file_close_conn_fn(
1781 struct files_struct
*fsp
,
1784 struct file_close_conn_state
*state
= private_data
;
1787 if (fsp
->conn
!= state
->conn
) {
1791 if (fsp
->op
!= NULL
&& fsp
->op
->global
->durable
) {
1793 * A tree disconnect closes a durable handle
1795 fsp
->op
->global
->durable
= false;
1798 did_close
= close_file_in_loop(fsp
, state
->close_type
);
1800 state
->fsp_left_behind
= true;
1806 void file_close_conn(connection_struct
*conn
, enum file_close_type close_type
)
1808 struct file_close_conn_state state
= { .conn
= conn
,
1809 .close_type
= close_type
};
1811 files_forall(conn
->sconn
, file_close_conn_fn
, &state
);
1813 if (state
.fsp_left_behind
) {
1814 state
.fsp_left_behind
= false;
1815 files_forall(conn
->sconn
, file_close_conn_fn
, &state
);
1816 SMB_ASSERT(!state
.fsp_left_behind
);
1820 /****************************************************************************
1821 Initialise file structures.
1822 ****************************************************************************/
1824 static int files_max_open_fds
;
1826 bool file_init_global(void)
1828 int request_max
= lp_max_open_files();
1832 if (files_max_open_fds
!= 0) {
1837 * Set the max_open files to be the requested
1838 * max plus a fudgefactor to allow for the extra
1839 * fd's we need such as log files etc...
1841 real_lim
= set_maxfiles(request_max
+ MAX_OPEN_FUDGEFACTOR
);
1843 real_max
= real_lim
- MAX_OPEN_FUDGEFACTOR
;
1845 if (real_max
+ FILE_HANDLE_OFFSET
+ MAX_OPEN_PIPES
> 65536) {
1846 real_max
= 65536 - FILE_HANDLE_OFFSET
- MAX_OPEN_PIPES
;
1849 if (real_max
!= request_max
) {
1850 DEBUG(1, ("file_init_global: Information only: requested %d "
1851 "open files, %d are available.\n",
1852 request_max
, real_max
));
1855 SMB_ASSERT(real_max
> 100);
1857 files_max_open_fds
= real_max
;
1861 bool file_init(struct smbd_server_connection
*sconn
)
1865 ok
= file_init_global();
1870 sconn
->real_max_open_files
= files_max_open_fds
;
1875 /****************************************************************************
1876 Close files open by a specified vuid.
1877 ****************************************************************************/
1879 struct file_close_user_state
{
1881 bool fsp_left_behind
;
1884 static struct files_struct
*file_close_user_fn(
1885 struct files_struct
*fsp
,
1888 struct file_close_user_state
*state
= private_data
;
1891 if (fsp
->vuid
!= state
->vuid
) {
1895 did_close
= close_file_in_loop(fsp
, SHUTDOWN_CLOSE
);
1897 state
->fsp_left_behind
= true;
1903 void file_close_user(struct smbd_server_connection
*sconn
, uint64_t vuid
)
1905 struct file_close_user_state state
= { .vuid
= vuid
};
1907 files_forall(sconn
, file_close_user_fn
, &state
);
1909 if (state
.fsp_left_behind
) {
1910 state
.fsp_left_behind
= false;
1911 files_forall(sconn
, file_close_user_fn
, &state
);
1912 SMB_ASSERT(!state
.fsp_left_behind
);
1917 * Walk the files table until "fn" returns non-NULL
1920 struct files_struct
*files_forall(
1921 struct smbd_server_connection
*sconn
,
1922 struct files_struct
*(*fn
)(struct files_struct
*fsp
,
1923 void *private_data
),
1926 struct files_struct
*fsp
, *next
;
1928 for (fsp
= sconn
->files
; fsp
; fsp
= next
) {
1929 struct files_struct
*ret
;
1931 ret
= fn(fsp
, private_data
);
1939 /****************************************************************************
1940 Find a fsp given a file descriptor.
1941 ****************************************************************************/
1943 files_struct
*file_find_fd(struct smbd_server_connection
*sconn
, int fd
)
1948 for (fsp
=sconn
->files
; fsp
; fsp
=fsp
->next
,count
++) {
1949 if (fsp_get_pathref_fd(fsp
) == fd
) {
1951 DLIST_PROMOTE(sconn
->files
, fsp
);
1960 /****************************************************************************
1961 Find a fsp given a device, inode and file_id.
1962 ****************************************************************************/
1964 files_struct
*file_find_dif(struct smbd_server_connection
*sconn
,
1965 struct file_id id
, unsigned long gen_id
)
1974 for (fsp
= sconn
->files
; fsp
; fsp
= fsp
->next
,count
++) {
1976 * We can have a fsp->fh->fd == -1 here as it could be a stat
1979 if (!file_id_equal(&fsp
->file_id
, &id
)) {
1982 if (!fsp
->fsp_flags
.is_fsa
) {
1985 if (fh_get_gen_id(fsp
->fh
) != gen_id
) {
1989 DLIST_PROMOTE(sconn
->files
, fsp
);
1997 /****************************************************************************
1998 Find the first fsp given a device and inode.
1999 We use a singleton cache here to speed up searching from getfilepathinfo
2001 ****************************************************************************/
2003 files_struct
*file_find_di_first(struct smbd_server_connection
*sconn
,
2009 if (file_id_equal(&sconn
->fsp_fi_cache
.id
, &id
)) {
2010 /* Positive or negative cache hit. */
2011 return sconn
->fsp_fi_cache
.fsp
;
2014 sconn
->fsp_fi_cache
.id
= id
;
2016 for (fsp
=sconn
->files
;fsp
;fsp
=fsp
->next
) {
2017 if (need_fsa
&& !fsp
->fsp_flags
.is_fsa
) {
2020 if (file_id_equal(&fsp
->file_id
, &id
)) {
2021 /* Setup positive cache. */
2022 sconn
->fsp_fi_cache
.fsp
= fsp
;
2027 /* Setup negative cache. */
2028 sconn
->fsp_fi_cache
.fsp
= NULL
;
2032 /****************************************************************************
2033 Find the next fsp having the same device and inode.
2034 ****************************************************************************/
2036 files_struct
*file_find_di_next(files_struct
*start_fsp
,
2041 for (fsp
= start_fsp
->next
;fsp
;fsp
=fsp
->next
) {
2042 if (need_fsa
&& !fsp
->fsp_flags
.is_fsa
) {
2045 if (file_id_equal(&fsp
->file_id
, &start_fsp
->file_id
)) {
2053 struct files_struct
*file_find_one_fsp_from_lease_key(
2054 struct smbd_server_connection
*sconn
,
2055 const struct smb2_lease_key
*lease_key
)
2057 struct files_struct
*fsp
;
2059 for (fsp
= sconn
->files
; fsp
; fsp
=fsp
->next
) {
2060 if ((fsp
->lease
!= NULL
) &&
2061 (fsp
->lease
->lease
.lease_key
.data
[0] ==
2062 lease_key
->data
[0]) &&
2063 (fsp
->lease
->lease
.lease_key
.data
[1] ==
2064 lease_key
->data
[1])) {
2071 /****************************************************************************
2072 Find any fsp open with a pathname below that of an already open path.
2073 ****************************************************************************/
2075 bool file_find_subpath(files_struct
*dir_fsp
)
2079 char *d_fullname
= NULL
;
2081 d_fullname
= talloc_asprintf(talloc_tos(), "%s/%s",
2082 dir_fsp
->conn
->connectpath
,
2083 dir_fsp
->fsp_name
->base_name
);
2089 dlen
= strlen(d_fullname
);
2091 for (fsp
=dir_fsp
->conn
->sconn
->files
; fsp
; fsp
=fsp
->next
) {
2094 if (fsp
== dir_fsp
) {
2098 d1_fullname
= talloc_asprintf(talloc_tos(),
2100 fsp
->conn
->connectpath
,
2101 fsp
->fsp_name
->base_name
);
2104 * If the open file has a path that is a longer
2105 * component, then it's a subpath.
2107 if (strnequal(d_fullname
, d1_fullname
, dlen
) &&
2108 (d1_fullname
[dlen
] == '/')) {
2109 TALLOC_FREE(d1_fullname
);
2110 TALLOC_FREE(d_fullname
);
2113 TALLOC_FREE(d1_fullname
);
2116 TALLOC_FREE(d_fullname
);
2120 /****************************************************************************
2122 ****************************************************************************/
2124 static void fsp_free(files_struct
*fsp
)
2126 struct smbd_server_connection
*sconn
= fsp
->conn
->sconn
;
2128 if (fsp
== sconn
->fsp_fi_cache
.fsp
) {
2129 ZERO_STRUCT(sconn
->fsp_fi_cache
);
2132 DLIST_REMOVE(sconn
->files
, fsp
);
2133 SMB_ASSERT(sconn
->num_files
> 0);
2136 TALLOC_FREE(fsp
->fake_file_handle
);
2138 if (fh_get_refcount(fsp
->fh
) == 1) {
2139 TALLOC_FREE(fsp
->fh
);
2141 size_t new_refcount
= fh_get_refcount(fsp
->fh
) - 1;
2142 fh_set_refcount(fsp
->fh
, new_refcount
);
2145 if (fsp
->lease
!= NULL
) {
2146 if (fsp
->lease
->ref_count
== 1) {
2147 TALLOC_FREE(fsp
->lease
);
2149 fsp
->lease
->ref_count
--;
2153 fsp
->conn
->num_files_open
--;
2155 if (fsp
->fsp_name
!= NULL
&&
2156 fsp
->fsp_name
->fsp_link
!= NULL
)
2159 * Free fsp_link of fsp->fsp_name. To do this in the correct
2160 * talloc destructor order we have to do it here. The
2161 * talloc_free() of the link should set the fsp pointer to NULL.
2163 TALLOC_FREE(fsp
->fsp_name
->fsp_link
);
2164 SMB_ASSERT(fsp
->fsp_name
->fsp
== NULL
);
2167 /* this is paranoia, just in case someone tries to reuse the
2171 /* fsp->fsp_name is a talloc child and is free'd automatically. */
2176 * Rundown of all smb-related sub-structures of an fsp
2178 void fsp_unbind_smb(struct smb_request
*req
, files_struct
*fsp
)
2180 if (fsp
== fsp
->conn
->cwd_fsp
) {
2185 size_t len
= fsp_fullbasepath(fsp
, NULL
, 0);
2186 char fullpath
[len
+1];
2188 fsp_fullbasepath(fsp
, fullpath
, sizeof(fullpath
));
2191 * Avoid /. at the end of the path name. notify can't
2194 if (len
> 1 && fullpath
[len
-1] == '.' &&
2195 fullpath
[len
-2] == '/') {
2196 fullpath
[len
-2] = '\0';
2199 notify_remove(fsp
->conn
->sconn
->notify_ctx
, fsp
, fullpath
);
2200 TALLOC_FREE(fsp
->notify
);
2203 /* Ensure this event will never fire. */
2204 TALLOC_FREE(fsp
->update_write_time_event
);
2206 if (fsp
->op
!= NULL
) {
2207 fsp
->op
->compat
= NULL
;
2209 TALLOC_FREE(fsp
->op
);
2211 if ((req
!= NULL
) && (fsp
== req
->chain_fsp
)) {
2212 req
->chain_fsp
= NULL
;
2216 * Clear all possible chained fsp
2217 * pointers in the SMB2 request queue.
2219 remove_smb2_chained_fsp(fsp
);
2222 void file_free(struct smb_request
*req
, files_struct
*fsp
)
2224 struct smbd_server_connection
*sconn
= fsp
->conn
->sconn
;
2225 uint64_t fnum
= fsp
->fnum
;
2227 fsp_unbind_smb(req
, fsp
);
2229 /* Drop all remaining extensions. */
2230 vfs_remove_all_fsp_extensions(fsp
);
2234 DBG_INFO("freed files structure %"PRIu64
" (%zu used)\n",
2239 /****************************************************************************
2240 Get an fsp from a packet given a 16 bit fnum.
2241 ****************************************************************************/
2243 files_struct
*file_fsp(struct smb_request
*req
, uint16_t fid
)
2245 struct smbXsrv_open
*op
;
2252 * We should never get here. req==NULL could in theory
2253 * only happen from internal opens with a non-zero
2254 * root_dir_fid. Internal opens just don't do that, at
2255 * least they are not supposed to do so. And if they
2256 * start to do so, they better fake up a smb_request
2257 * from which we get the right smbd_server_conn. While
2258 * this should never happen, let's return NULL here.
2263 if (req
->chain_fsp
!= NULL
) {
2264 if (req
->chain_fsp
->fsp_flags
.closing
) {
2267 return req
->chain_fsp
;
2270 if (req
->xconn
== NULL
) {
2274 now
= timeval_to_nttime(&req
->request_time
);
2276 status
= smb1srv_open_lookup(req
->xconn
,
2278 if (!NT_STATUS_IS_OK(status
)) {
2287 if (fsp
->fsp_flags
.closing
) {
2291 req
->chain_fsp
= fsp
;
2292 fsp
->fsp_name
->st
.cached_dos_attributes
= FILE_ATTRIBUTE_INVALID
;
2296 struct files_struct
*file_fsp_get(struct smbd_smb2_request
*smb2req
,
2297 uint64_t persistent_id
,
2298 uint64_t volatile_id
)
2300 struct smbXsrv_open
*op
;
2303 struct files_struct
*fsp
;
2305 now
= timeval_to_nttime(&smb2req
->request_time
);
2307 status
= smb2srv_open_lookup(smb2req
->xconn
,
2308 persistent_id
, volatile_id
,
2310 if (!NT_STATUS_IS_OK(status
)) {
2319 if (smb2req
->tcon
== NULL
) {
2323 if (smb2req
->tcon
->compat
!= fsp
->conn
) {
2327 if (smb2req
->session
== NULL
) {
2331 if (smb2req
->session
->global
->session_wire_id
!= fsp
->vuid
) {
2335 if (fsp
->fsp_flags
.closing
) {
2339 fsp
->fsp_name
->st
.cached_dos_attributes
= FILE_ATTRIBUTE_INVALID
;
2344 struct files_struct
*file_fsp_smb2(struct smbd_smb2_request
*smb2req
,
2345 uint64_t persistent_id
,
2346 uint64_t volatile_id
)
2348 struct files_struct
*fsp
;
2350 if (smb2req
->compat_chain_fsp
!= NULL
) {
2351 if (smb2req
->compat_chain_fsp
->fsp_flags
.closing
) {
2354 smb2req
->compat_chain_fsp
->fsp_name
->st
.cached_dos_attributes
=
2355 FILE_ATTRIBUTE_INVALID
;
2356 return smb2req
->compat_chain_fsp
;
2359 fsp
= file_fsp_get(smb2req
, persistent_id
, volatile_id
);
2364 smb2req
->compat_chain_fsp
= fsp
;
2368 /****************************************************************************
2369 Duplicate the file handle part for a DOS or FCB open.
2370 ****************************************************************************/
2372 NTSTATUS
dup_file_fsp(
2374 uint32_t access_mask
,
2377 size_t new_refcount
;
2379 /* this can never happen for print files */
2380 SMB_ASSERT(from
->print_file
== NULL
);
2382 TALLOC_FREE(to
->fh
);
2385 new_refcount
= fh_get_refcount(to
->fh
) + 1;
2386 fh_set_refcount(to
->fh
, new_refcount
);
2388 to
->file_id
= from
->file_id
;
2389 to
->initial_allocation_size
= from
->initial_allocation_size
;
2390 to
->file_pid
= from
->file_pid
;
2391 to
->vuid
= from
->vuid
;
2392 to
->open_time
= from
->open_time
;
2393 to
->access_mask
= access_mask
;
2394 to
->oplock_type
= from
->oplock_type
;
2395 to
->fsp_flags
.can_lock
= from
->fsp_flags
.can_lock
;
2396 to
->fsp_flags
.can_read
= ((access_mask
& FILE_READ_DATA
) != 0);
2397 to
->fsp_flags
.can_write
=
2398 CAN_WRITE(from
->conn
) &&
2399 ((access_mask
& (FILE_WRITE_DATA
| FILE_APPEND_DATA
)) != 0);
2400 to
->fsp_flags
.modified
= from
->fsp_flags
.modified
;
2401 to
->fsp_flags
.is_directory
= from
->fsp_flags
.is_directory
;
2402 to
->fsp_flags
.aio_write_behind
= from
->fsp_flags
.aio_write_behind
;
2403 to
->fsp_flags
.is_fsa
= from
->fsp_flags
.is_fsa
;
2404 to
->fsp_flags
.is_pathref
= from
->fsp_flags
.is_pathref
;
2405 to
->fsp_flags
.have_proc_fds
= from
->fsp_flags
.have_proc_fds
;
2406 to
->fsp_flags
.is_dirfsp
= from
->fsp_flags
.is_dirfsp
;
2408 return fsp_set_smb_fname(to
, from
->fsp_name
);
2412 * Return a jenkins hash of a pathname on a connection.
2415 NTSTATUS
file_name_hash(connection_struct
*conn
,
2416 const char *name
, uint32_t *p_name_hash
)
2418 char tmpbuf
[PATH_MAX
];
2419 char *fullpath
, *to_free
;
2423 /* Set the hash of the full pathname. */
2425 if (name
[0] == '/') {
2426 strlcpy(tmpbuf
, name
, sizeof(tmpbuf
));
2428 len
= strlen(fullpath
);
2431 len
= full_path_tos(conn
->connectpath
,
2439 return NT_STATUS_NO_MEMORY
;
2441 key
= (TDB_DATA
) { .dptr
= (uint8_t *)fullpath
, .dsize
= len
+1 };
2442 *p_name_hash
= tdb_jenkins_hash(&key
);
2444 DEBUG(10,("file_name_hash: %s hash 0x%x\n",
2446 (unsigned int)*p_name_hash
));
2448 TALLOC_FREE(to_free
);
2449 return NT_STATUS_OK
;
2452 static NTSTATUS
fsp_attach_smb_fname(struct files_struct
*fsp
,
2453 struct smb_filename
**_smb_fname
)
2455 TALLOC_CTX
*frame
= talloc_stackframe();
2456 struct smb_filename
*smb_fname_new
= talloc_move(fsp
, _smb_fname
);
2457 const char *name_str
= NULL
;
2458 uint32_t name_hash
= 0;
2461 name_str
= smb_fname_str_dbg(smb_fname_new
);
2462 if (name_str
== NULL
) {
2464 return NT_STATUS_NO_MEMORY
;
2467 status
= file_name_hash(fsp
->conn
,
2472 if (!NT_STATUS_IS_OK(status
)) {
2476 status
= fsp_smb_fname_link(fsp
,
2477 &smb_fname_new
->fsp_link
,
2478 &smb_fname_new
->fsp
);
2479 if (!NT_STATUS_IS_OK(status
)) {
2483 fsp
->name_hash
= name_hash
;
2484 fsp
->fsp_name
= smb_fname_new
;
2485 fsp
->fsp_name
->st
.cached_dos_attributes
= FILE_ATTRIBUTE_INVALID
;
2487 return NT_STATUS_OK
;
2491 * The only way that the fsp->fsp_name field should ever be set.
2493 NTSTATUS
fsp_set_smb_fname(struct files_struct
*fsp
,
2494 const struct smb_filename
*smb_fname_in
)
2496 struct smb_filename
*smb_fname_old
= fsp
->fsp_name
;
2497 struct smb_filename
*smb_fname_new
= NULL
;
2500 smb_fname_new
= cp_smb_filename(fsp
, smb_fname_in
);
2501 if (smb_fname_new
== NULL
) {
2502 return NT_STATUS_NO_MEMORY
;
2505 status
= fsp_attach_smb_fname(fsp
, &smb_fname_new
);
2506 if (!NT_STATUS_IS_OK(status
)) {
2507 TALLOC_FREE(smb_fname_new
);
2511 if (smb_fname_old
!= NULL
) {
2512 smb_fname_fsp_unlink(smb_fname_old
);
2513 TALLOC_FREE(smb_fname_old
);
2516 return NT_STATUS_OK
;
2519 size_t fsp_fullbasepath(struct files_struct
*fsp
, char *buf
, size_t buflen
)
2523 if ((buf
== NULL
) || (buflen
== 0)) {
2524 return strlen(fsp
->conn
->connectpath
) + 1 +
2525 strlen(fsp
->fsp_name
->base_name
);
2528 len
= snprintf(buf
, buflen
, "%s/%s", fsp
->conn
->connectpath
,
2529 fsp
->fsp_name
->base_name
);
2535 void fsp_set_base_fsp(struct files_struct
*fsp
, struct files_struct
*base_fsp
)
2537 SMB_ASSERT(fsp
->stream_fsp
== NULL
);
2538 if (base_fsp
!= NULL
) {
2539 SMB_ASSERT(base_fsp
->base_fsp
== NULL
);
2540 SMB_ASSERT(base_fsp
->stream_fsp
== NULL
);
2543 if (fsp
->base_fsp
!= NULL
) {
2544 SMB_ASSERT(fsp
->base_fsp
->stream_fsp
== fsp
);
2545 fsp
->base_fsp
->stream_fsp
= NULL
;
2548 fsp
->base_fsp
= base_fsp
;
2549 if (fsp
->base_fsp
!= NULL
) {
2550 fsp
->base_fsp
->stream_fsp
= fsp
;
2554 bool fsp_is_alternate_stream(const struct files_struct
*fsp
)
2556 return (fsp
->base_fsp
!= NULL
);
2559 struct files_struct
*metadata_fsp(struct files_struct
*fsp
)
2561 if (fsp_is_alternate_stream(fsp
)) {
2562 return fsp
->base_fsp
;
2567 static bool fsp_generic_ask_sharemode(struct files_struct
*fsp
)
2573 if (fsp
->posix_flags
& FSP_POSIX_FLAGS_PATHNAMES
) {
2574 /* Always use filesystem for UNIX mtime query. */
2581 bool fsp_search_ask_sharemode(struct files_struct
*fsp
)
2583 if (!fsp_generic_ask_sharemode(fsp
)) {
2587 return lp_smbd_search_ask_sharemode(SNUM(fsp
->conn
));
2590 bool fsp_getinfo_ask_sharemode(struct files_struct
*fsp
)
2592 if (!fsp_generic_ask_sharemode(fsp
)) {
2596 return lp_smbd_getinfo_ask_sharemode(SNUM(fsp
->conn
));