search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3:blocking: maintain state->deny_status
[Samba.git] / source3 / smbd / blocking.c
bloba87d62d910aaa60e6fec9acabe5be32f86be241f
1 /*
2 Unix SMB/CIFS implementation.
3 Blocking Locking functions
4 Copyright (C) Jeremy Allison 1998-2003
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "smbd/smbd.h"
22 #include "smbd/globals.h"
23 #include "messages.h"
24 #include "lib/util/tevent_ntstatus.h"
25 #include "lib/dbwrap/dbwrap_watch.h"
26 #include "librpc/gen_ndr/ndr_open_files.h"
27
28 #undef DBGC_CLASS
29 #define DBGC_CLASS DBGC_LOCKING
30
31 NTSTATUS smbd_do_locks_try(
32 struct files_struct *fsp,
33 enum brl_flavour lock_flav,
34 uint16_t num_locks,
35 struct smbd_lock_element *locks,
36 uint16_t *blocker_idx,
37 struct server_id *blocking_pid,
38 uint64_t *blocking_smblctx)
39 {
40 NTSTATUS status = NT_STATUS_OK;
41 uint16_t i;
42
43 for (i=0; i<num_locks; i++) {
44 struct smbd_lock_element *e = &locks[i];
45
46 status = do_lock(
47 fsp,
48 e->smblctx,
49 e->count,
50 e->offset,
51 e->brltype,
52 lock_flav,
53 blocking_pid,
54 blocking_smblctx);
55 if (!NT_STATUS_IS_OK(status)) {
56 break;
57 }
58 }
59
60 if (NT_STATUS_IS_OK(status)) {
61 return NT_STATUS_OK;
62 }
63
64 *blocker_idx = i;
65
66 /*
67 * Undo the locks we successfully got
68 */
69 for (i = i-1; i != UINT16_MAX; i--) {
70 struct smbd_lock_element *e = &locks[i];
71 do_unlock(fsp,
72 e->smblctx,
73 e->count,
74 e->offset,
75 lock_flav);
76 }
77
78 return status;
79 }
80
81 static bool smbd_smb1_fsp_add_blocked_lock_req(
82 struct files_struct *fsp, struct tevent_req *req)
83 {
84 size_t num_reqs = talloc_array_length(fsp->blocked_smb1_lock_reqs);
85 struct tevent_req **tmp = NULL;
86
87 tmp = talloc_realloc(
88 fsp,
89 fsp->blocked_smb1_lock_reqs,
90 struct tevent_req *,
91 num_reqs+1);
92 if (tmp == NULL) {
93 return false;
94 }
95 fsp->blocked_smb1_lock_reqs = tmp;
96 fsp->blocked_smb1_lock_reqs[num_reqs] = req;
97 return true;
98 }
99
100 struct smbd_smb1_do_locks_state {
101 struct tevent_context *ev;
102 struct smb_request *smbreq;
103 struct files_struct *fsp;
104 uint32_t timeout;
105 uint32_t polling_msecs;
106 struct timeval endtime;
107 bool large_offset; /* required for correct cancel */
108 enum brl_flavour lock_flav;
109 uint16_t num_locks;
110 struct smbd_lock_element *locks;
111 uint16_t blocker;
112 NTSTATUS deny_status;
113 };
114
115 static void smbd_smb1_do_locks_try(struct tevent_req *req);
116 static void smbd_smb1_do_locks_retry(struct tevent_req *subreq);
117 static void smbd_smb1_blocked_locks_cleanup(
118 struct tevent_req *req, enum tevent_req_state req_state);
119
120 static void smbd_smb1_do_locks_update_polling_msecs(
121 struct smbd_smb1_do_locks_state *state)
122 {
123 /*
124 * The default lp_lock_spin_time() is 200ms.
125 *
126 * v_min is in the range of 0.002 to 20 secs
127 * (0.2 secs by default)
128 *
129 * v_max is in the range of 0.02 to 200 secs
130 * (2.0 secs by default)
131 *
132 * The typical steps are:
133 * 0.2, 0.4, 0.6, 0.8, ... 2.0
134 */
135 uint32_t v_min = MAX(2, MIN(20000, lp_lock_spin_time()));
136 uint32_t v_max = 10 * v_min;
137
138 if (state->polling_msecs >= v_max) {
139 state->polling_msecs = v_max;
140 return;
141 }
142
143 state->polling_msecs += v_min;
144 }
145
146 struct tevent_req *smbd_smb1_do_locks_send(
147 TALLOC_CTX *mem_ctx,
148 struct tevent_context *ev,
149 struct smb_request **smbreq, /* talloc_move()d into our state */
150 struct files_struct *fsp,
151 uint32_t lock_timeout,
152 bool large_offset,
153 enum brl_flavour lock_flav,
154 uint16_t num_locks,
155 struct smbd_lock_element *locks)
156 {
157 struct tevent_req *req = NULL, *subreq = NULL;
158 struct smbd_smb1_do_locks_state *state = NULL;
159 struct share_mode_lock *lck = NULL;
160 struct server_id blocking_pid = { 0 };
161 uint64_t blocking_smblctx = 0;
162 struct timeval endtime;
163 NTSTATUS status = NT_STATUS_OK;
164 bool ok;
165
166 req = tevent_req_create(
167 mem_ctx, &state, struct smbd_smb1_do_locks_state);
168 if (req == NULL) {
169 return NULL;
170 }
171 state->ev = ev;
172 state->smbreq = talloc_move(state, smbreq);
173 state->fsp = fsp;
174 state->timeout = lock_timeout;
175 state->large_offset = large_offset;
176 state->lock_flav = lock_flav;
177 state->num_locks = num_locks;
178 state->locks = locks;
179
180 if (lock_flav == POSIX_LOCK) {
181 /*
182 * SMB1 posix locks always use
183 * NT_STATUS_FILE_LOCK_CONFLICT.
184 */
185 state->deny_status = NT_STATUS_FILE_LOCK_CONFLICT;
186 } else {
187 state->deny_status = NT_STATUS_LOCK_NOT_GRANTED;
188 }
189
190 DBG_DEBUG("state=%p, state->smbreq=%p\n", state, state->smbreq);
191
192 if (num_locks == 0) {
193 DBG_DEBUG("no locks\n");
194 tevent_req_done(req);
195 return tevent_req_post(req, ev);
196 }
197
198 if ((state->timeout != 0) && (state->timeout != UINT32_MAX)) {
199 /*
200 * Windows internal resolution for blocking locks
201 * seems to be about 200ms... Don't wait for less than
202 * that. JRA.
203 */
204 state->timeout = MAX(state->timeout, lp_lock_spin_time());
205 }
206
207 lck = get_existing_share_mode_lock(state, state->fsp->file_id);
208 if (tevent_req_nomem(lck, req)) {
209 DBG_DEBUG("Could not get share mode lock\n");
210 return tevent_req_post(req, ev);
211 }
212
213 status = smbd_do_locks_try(
214 state->fsp,
215 state->lock_flav,
216 state->num_locks,
217 state->locks,
218 &state->blocker,
219 &blocking_pid,
220 &blocking_smblctx);
221 if (NT_STATUS_IS_OK(status)) {
222 tevent_req_done(req);
223 goto done;
224 }
225 if (!ERROR_WAS_LOCK_DENIED(status)) {
226 tevent_req_nterror(req, status);
227 goto done;
228 }
229
230 if (state->timeout == 0) {
231 struct smbd_lock_element *blocker = &locks[state->blocker];
232
233 if ((blocker->offset >= 0xEF000000) &&
234 ((blocker->offset >> 63) == 0)) {
235 /*
236 * This must be an optimization of an ancient
237 * application bug...
238 */
239 state->timeout = lp_lock_spin_time();
240 }
241
242 if ((fsp->lock_failure_seen) &&
243 (blocker->offset == fsp->lock_failure_offset)) {
244 /*
245 * Delay repeated lock attempts on the same
246 * lock. Maybe a more advanced version of the
247 * above check?
248 */
249 DBG_DEBUG("Delaying lock request due to previous "
250 "failure\n");
251 state->timeout = lp_lock_spin_time();
252 }
253 }
254
255 DBG_DEBUG("timeout=%"PRIu32", blocking_smblctx=%"PRIu64"\n",
256 state->timeout,
257 blocking_smblctx);
258
259 /*
260 * If the endtime is not elapsed yet,
261 * it means we'll retry after a timeout.
262 * In that case we'll have to return
263 * NT_STATUS_FILE_LOCK_CONFLICT
264 * instead of NT_STATUS_LOCK_NOT_GRANTED.
265 */
266 if (state->timeout == 0) {
267 status = state->deny_status;
268 tevent_req_nterror(req, status);
269 goto done;
270 }
271 state->deny_status = NT_STATUS_FILE_LOCK_CONFLICT;
272
273 subreq = dbwrap_watched_watch_send(
274 state, state->ev, lck->data->record, blocking_pid);
275 if (tevent_req_nomem(subreq, req)) {
276 goto done;
277 }
278 TALLOC_FREE(lck);
279 tevent_req_set_callback(subreq, smbd_smb1_do_locks_retry, req);
280
281 state->endtime = timeval_current_ofs_msec(state->timeout);
282 endtime = state->endtime;
283
284 if (blocking_smblctx == UINT64_MAX) {
285 struct timeval tmp;
286
287 smbd_smb1_do_locks_update_polling_msecs(state);
288
289 DBG_DEBUG("Blocked on a posix lock. Retry in %"PRIu32" msecs\n",
290 state->polling_msecs);
291
292 tmp = timeval_current_ofs_msec(state->polling_msecs);
293 endtime = timeval_min(&endtime, &tmp);
294 }
295
296 ok = tevent_req_set_endtime(subreq, state->ev, endtime);
297 if (!ok) {
298 tevent_req_oom(req);
299 goto done;
300 }
301
302 ok = smbd_smb1_fsp_add_blocked_lock_req(fsp, req);
303 if (!ok) {
304 tevent_req_oom(req);
305 goto done;
306 }
307 tevent_req_set_cleanup_fn(req, smbd_smb1_blocked_locks_cleanup);
308 return req;
309 done:
310 TALLOC_FREE(lck);
311 return tevent_req_post(req, ev);
312 }
313
314 static void smbd_smb1_blocked_locks_cleanup(
315 struct tevent_req *req, enum tevent_req_state req_state)
316 {
317 struct smbd_smb1_do_locks_state *state = tevent_req_data(
318 req, struct smbd_smb1_do_locks_state);
319 struct files_struct *fsp = state->fsp;
320 struct tevent_req **blocked = fsp->blocked_smb1_lock_reqs;
321 size_t num_blocked = talloc_array_length(blocked);
322 size_t i, num_after;
323
324 DBG_DEBUG("req=%p, state=%p, req_state=%d\n",
325 req,
326 state,
327 (int)req_state);
328
329 if (req_state == TEVENT_REQ_RECEIVED) {
330 DBG_DEBUG("already received\n");
331 return;
332 }
333
334 for (i=0; i<num_blocked; i++) {
335 if (blocked[i] == req) {
336 break;
337 }
338 }
339 SMB_ASSERT(i<num_blocked);
340
341 num_after = num_blocked - (i+1);
342
343 if (num_after > 0) {
344 /*
345 * The locks need to be kept in order, see
346 * raw.lock.multilock2
347 */
348 memmove(&blocked[i],
349 &blocked[i+1],
350 sizeof(*blocked) * num_after);
351 }
352 fsp->blocked_smb1_lock_reqs = talloc_realloc(
353 fsp, blocked, struct tevent_req *, num_blocked-1);
354 }
355
356 static void smbd_smb1_do_locks_try(struct tevent_req *req)
357 {
358 struct smbd_smb1_do_locks_state *state = tevent_req_data(
359 req, struct smbd_smb1_do_locks_state);
360 struct files_struct *fsp = state->fsp;
361 struct tevent_req **blocked = fsp->blocked_smb1_lock_reqs;
362 struct tevent_req *retry_req = blocked[0];
363 struct smbd_smb1_do_locks_state *retry_state = tevent_req_data(
364 retry_req, struct smbd_smb1_do_locks_state);
365 struct share_mode_lock *lck;
366 struct timeval endtime;
367 struct server_id blocking_pid = { 0 };
368 uint64_t blocking_smblctx = 0;
369 struct tevent_req *subreq = NULL;
370 NTSTATUS status;
371 bool ok;
372 double elapsed;
373
374 lck = get_existing_share_mode_lock(state, fsp->file_id);
375 if (tevent_req_nomem(lck, req)) {
376 DBG_DEBUG("Could not get share mode lock\n");
377 return;
378 }
379
380 status = smbd_do_locks_try(
381 fsp,
382 retry_state->lock_flav,
383 retry_state->num_locks,
384 retry_state->locks,
385 &state->blocker,
386 &blocking_pid,
387 &blocking_smblctx);
388 if (NT_STATUS_IS_OK(status)) {
389 goto done;
390 }
391 if (!ERROR_WAS_LOCK_DENIED(status)) {
392 goto done;
393 }
394
395 /*
396 * The client specified timeout elapsed
397 * avoid further retries.
398 *
399 * Otherwise keep waiting either waiting
400 * for changes in locking.tdb or the polling
401 * mode timers waiting for posix locks.
402 *
403 * If the endtime is not expired yet,
404 * it means we'll retry after a timeout.
405 * In that case we'll have to return
406 * NT_STATUS_FILE_LOCK_CONFLICT
407 * instead of NT_STATUS_LOCK_NOT_GRANTED.
408 */
409 elapsed = timeval_elapsed(&state->endtime);
410 if (elapsed > 0) {
411 status = state->deny_status;
412 goto done;
413 }
414 state->deny_status = NT_STATUS_FILE_LOCK_CONFLICT;
415
416 subreq = dbwrap_watched_watch_send(
417 state, state->ev, lck->data->record, blocking_pid);
418 if (tevent_req_nomem(subreq, req)) {
419 goto done;
420 }
421 TALLOC_FREE(lck);
422 tevent_req_set_callback(subreq, smbd_smb1_do_locks_retry, req);
423
424 endtime = state->endtime;
425
426 if (blocking_smblctx == UINT64_MAX) {
427 struct timeval tmp;
428
429 smbd_smb1_do_locks_update_polling_msecs(state);
430
431 DBG_DEBUG("Blocked on a posix lock. Retry in %"PRIu32" msecs\n",
432 state->polling_msecs);
433
434 tmp = timeval_current_ofs_msec(state->polling_msecs);
435 endtime = timeval_min(&endtime, &tmp);
436 }
437
438 ok = tevent_req_set_endtime(subreq, state->ev, endtime);
439 if (!ok) {
440 status = NT_STATUS_NO_MEMORY;
441 goto done;
442 }
443 return;
444 done:
445 TALLOC_FREE(lck);
446 smbd_smb1_brl_finish_by_req(req, status);
447 }
448
449 static void smbd_smb1_do_locks_retry(struct tevent_req *subreq)
450 {
451 struct tevent_req *req = tevent_req_callback_data(
452 subreq, struct tevent_req);
453 struct smbd_smb1_do_locks_state *state = tevent_req_data(
454 req, struct smbd_smb1_do_locks_state);
455 NTSTATUS status;
456 bool ok;
457
458 /*
459 * Make sure we run as the user again
460 */
461 ok = change_to_user_by_fsp(state->fsp);
462 if (!ok) {
463 tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
464 return;
465 }
466
467 status = dbwrap_watched_watch_recv(subreq, NULL, NULL);
468 TALLOC_FREE(subreq);
469
470 DBG_DEBUG("dbwrap_watched_watch_recv returned %s\n",
471 nt_errstr(status));
472
473 /*
474 * We ignore any errors here, it's most likely
475 * we just get NT_STATUS_OK or NT_STATUS_IO_TIMEOUT.
476 *
477 * In any case we can just give it a retry.
478 */
479
480 smbd_smb1_do_locks_try(req);
481 }
482
483 NTSTATUS smbd_smb1_do_locks_recv(struct tevent_req *req)
484 {
485 struct smbd_smb1_do_locks_state *state = tevent_req_data(
486 req, struct smbd_smb1_do_locks_state);
487 NTSTATUS status = NT_STATUS_OK;
488 bool err;
489
490 err = tevent_req_is_nterror(req, &status);
491
492 DBG_DEBUG("err=%d, status=%s\n", (int)err, nt_errstr(status));
493
494 if (tevent_req_is_nterror(req, &status)) {
495 struct files_struct *fsp = state->fsp;
496 struct smbd_lock_element *blocker =
497 &state->locks[state->blocker];
498
499 DBG_DEBUG("Setting lock_failure_offset=%"PRIu64"\n",
500 blocker->offset);
501
502 fsp->lock_failure_seen = true;
503 fsp->lock_failure_offset = blocker->offset;
504 return status;
505 }
506
507 tevent_req_received(req);
508
509 return NT_STATUS_OK;
510 }
511
512 bool smbd_smb1_do_locks_extract_smbreq(
513 struct tevent_req *req,
514 TALLOC_CTX *mem_ctx,
515 struct smb_request **psmbreq)
516 {
517 struct smbd_smb1_do_locks_state *state = tevent_req_data(
518 req, struct smbd_smb1_do_locks_state);
519
520 DBG_DEBUG("req=%p, state=%p, state->smbreq=%p\n",
521 req,
522 state,
523 state->smbreq);
524
525 if (state->smbreq == NULL) {
526 return false;
527 }
528 *psmbreq = talloc_move(mem_ctx, &state->smbreq);
529 return true;
530 }
531
532 void smbd_smb1_brl_finish_by_req(struct tevent_req *req, NTSTATUS status)
533 {
534 DBG_DEBUG("req=%p, status=%s\n", req, nt_errstr(status));
535
536 if (NT_STATUS_IS_OK(status)) {
537 tevent_req_done(req);
538 } else {
539 tevent_req_nterror(req, status);
540 }
541 }
542
543 bool smbd_smb1_brl_finish_by_lock(
544 struct files_struct *fsp,
545 bool large_offset,
546 enum brl_flavour lock_flav,
547 struct smbd_lock_element lock,
548 NTSTATUS finish_status)
549 {
550 struct tevent_req **blocked = fsp->blocked_smb1_lock_reqs;
551 size_t num_blocked = talloc_array_length(blocked);
552 size_t i;
553
554 DBG_DEBUG("num_blocked=%zu\n", num_blocked);
555
556 for (i=0; i<num_blocked; i++) {
557 struct tevent_req *req = blocked[i];
558 struct smbd_smb1_do_locks_state *state = tevent_req_data(
559 req, struct smbd_smb1_do_locks_state);
560 uint16_t j;
561
562 DBG_DEBUG("i=%zu, req=%p\n", i, req);
563
564 if ((state->large_offset != large_offset) ||
565 (state->lock_flav != lock_flav)) {
566 continue;
567 }
568
569 for (j=0; j<state->num_locks; j++) {
570 struct smbd_lock_element *l = &state->locks[j];
571
572 if ((lock.smblctx == l->smblctx) &&
573 (lock.offset == l->offset) &&
574 (lock.count == l->count)) {
575 smbd_smb1_brl_finish_by_req(
576 req, finish_status);
577 return true;
578 }
579 }
580 }
581 return false;
582 }
583
584 static struct files_struct *smbd_smb1_brl_finish_by_mid_fn(
585 struct files_struct *fsp, void *private_data)
586 {
587 struct tevent_req **blocked = fsp->blocked_smb1_lock_reqs;
588 size_t num_blocked = talloc_array_length(blocked);
589 uint64_t mid = *((uint64_t *)private_data);
590 size_t i;
591
592 DBG_DEBUG("fsp=%p, num_blocked=%zu\n", fsp, num_blocked);
593
594 for (i=0; i<num_blocked; i++) {
595 struct tevent_req *req = blocked[i];
596 struct smbd_smb1_do_locks_state *state = tevent_req_data(
597 req, struct smbd_smb1_do_locks_state);
598 struct smb_request *smbreq = state->smbreq;
599
600 if (smbreq->mid == mid) {
601 tevent_req_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
602 return fsp;
603 }
604 }
605
606 return NULL;
607 }
608
609 /*
610 * This walks the list of fsps, we store the blocked reqs attached to
611 * them. It can be expensive, but this is legacy SMB1 and trying to
612 * remember looking at traces I don't reall many of those calls.
613 */
614
615 bool smbd_smb1_brl_finish_by_mid(
616 struct smbd_server_connection *sconn, uint64_t mid)
617 {
618 struct files_struct *found = files_forall(
619 sconn, smbd_smb1_brl_finish_by_mid_fn, &mid);
620 return (found != NULL);
621 }
Samba GIT mirror