2 Unix SMB/CIFS implementation.
3 Wrap VxFS calls in vfs functions.
4 This module is for ACL and XATTR handling.
6 Copyright (C) Symantec Corporation <www.symantec.com> 2014
7 Copyright (C) Veritas Technologies LLC <www.veritas.com> 2016
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "smbd/smbd.h"
25 #include "librpc/gen_ndr/ndr_xattr.h"
26 #include "../libcli/security/security.h"
27 #include "../librpc/gen_ndr/ndr_security.h"
28 #include "system/filesys.h"
32 #define DBGC_CLASS DBGC_VFS
34 #define MODULE_NAME "vxfs"
37 * WARNING !! WARNING !!
39 * DO NOT CHANGE THIS FROM "system." space to
40 * "user." space unless you are shipping a product
41 * that RESTRICTS access to extended attributes
42 * to smbd-only. "system." space is restricted
43 * to root access only, "user." space is available
46 * If this is changed to "user." and access
47 * to extended attributes is available via
48 * local processes or other remote file system
49 * (e.g. NFS) then the security of the system
50 * WILL BE COMPROMISED. i.e. non-root users
51 * WILL be able to overwrite Samba ACLs on
54 * If you need to modify this define, do
55 * so using CFLAGS on your build command
57 * e.g. CFLAGS=-DXATTR_USER_NTACL="user.NTACL"
59 * Added by: <jra@samba.org> 17 Sept. 2014.
63 #ifndef XATTR_USER_NTACL
64 #define XATTR_USER_NTACL "system.NTACL"
68 #define VXFS_ACL_UNDEFINED_TYPE 0
69 #define VXFS_ACL_USER_OBJ 1
70 #define VXFS_ACL_GROUP_OBJ 2
71 #define VXFS_ACL_USER 3
72 #define VXFS_ACL_GROUP 4
73 #define VXFS_ACL_OTHER 5
74 #define VXFS_ACL_MASK 6
79 * This will compare two ace entries for sorting
80 * each entry contains: type, perms and id
81 * Sort by type first, if type is same sort by id.
83 static int vxfs_ace_cmp(const void *ace1
, const void *ace2
)
86 uint16_t type_a1
, type_a2
;
87 uint32_t id_a1
, id_a2
;
89 /* Type must be compared first */
90 type_a1
= SVAL(ace1
, 0);
91 type_a2
= SVAL(ace2
, 0);
93 ret
= (type_a1
- type_a2
);
95 /* Compare ID under type */
96 /* skip perm thus take offset as 4*/
97 id_a1
= IVAL(ace1
, 4);
98 id_a2
= IVAL(ace2
, 4);
105 static void vxfs_print_ace_buf(char *buf
, int count
) {
111 DEBUG(10, ("vfs_vxfs: Printing aces:\n"));
112 for (i
= 0; i
< count
; i
++) {
113 type
= SVAL(buf
, offset
);
115 perm
= SVAL(buf
, offset
);
117 id
= IVAL(buf
, offset
);
120 DEBUG(10, ("vfs_vxfs: type = %u, perm = %u, id = %u\n",
121 (unsigned int)type
, (unsigned int)perm
,
127 * Sort aces so that comparing 2 ACLs will be straight forward.
128 * This function will fill buffer as follows:
130 * 1. ace->a_type will be filled as first 2 bytes in buf.
131 * 2. ace->a_perm will be filled as next 2 bytes.
132 * 3. ace->xid will be filled as next 4 bytes.
133 * Thus each ace entry in buf is equal to 8 bytes.
134 * Also a_type is mapped to VXFS_ACL_* so that ordering aces
137 static char * vxfs_sort_acl(SMB_ACL_T theacl
, TALLOC_CTX
*mem_ctx
,
141 struct smb_acl_entry
*smb_ace
;
148 count
= theacl
->count
;
150 buf
= talloc_zero_size(mem_ctx
, count
* 8);
155 smb_ace
= theacl
->acl
;
157 for (i
= 0; i
< count
; i
++) {
159 /* Map type to SMB_ACL_* to VXFS_ACL_* */
160 switch(smb_ace
->a_type
) {
162 type
= VXFS_ACL_USER
;
164 case SMB_ACL_USER_OBJ
:
165 type
= VXFS_ACL_USER_OBJ
;
168 type
= VXFS_ACL_GROUP
;
170 case SMB_ACL_GROUP_OBJ
:
171 type
= VXFS_ACL_GROUP_OBJ
;
174 type
= VXFS_ACL_OTHER
;
177 type
= VXFS_ACL_MASK
;
188 * We get owner uid and owner group gid in o_uid and o_gid
189 * Put these ids instead of -1
191 switch(smb_ace
->a_type
) {
193 id
= smb_ace
->info
.user
.uid
;
196 id
= smb_ace
->info
.group
.gid
;
198 case SMB_ACL_USER_OBJ
:
201 case SMB_ACL_GROUP_OBJ
:
215 perm
= smb_ace
->a_perm
& 0xff;
217 /* TYPE is the first 2 bytes of an entry */
218 SSVAL(buf
, offset
, type
);
221 /* PERM is the next 2 bytes of an entry */
222 SSVAL(buf
, offset
, perm
);
225 /* ID is the last 4 bytes of an entry */
226 SIVAL(buf
, offset
, id
);
232 qsort(buf
, count
, 8, vxfs_ace_cmp
);
234 DEBUG(10, ("vfs_vxfs: Print sorted aces:\n"));
235 vxfs_print_ace_buf(buf
, count
);
240 /* This function gets e_buf as an arg which is sorted and created out of
241 * existing ACL. This function will compact this e_buf to c_buf where USER
242 * and GROUP aces matching with USER_OBJ and GROUP_OBJ will be merged
244 * This is similar to what posix_acls.c does. This will make sure existing
245 * acls are converted much similar to what posix_acls calculates.
248 static char * vxfs_compact_buf(char *e_buf
, int *new_count
, int count
,
251 int i
, e_offset
= 0, c_offset
= 0;
252 uint16_t type
, perm
, o_perm
;
253 uint32_t id
, owner_id
, group_id
;
261 c_buf
= talloc_zero_size(mem_ctx
, count
* 8);
266 /*Copy first two enries from e_buf to c_buf
267 *These are USER_OBJ and GROUP_OBJ
270 memcpy(c_buf
, e_buf
, 16);
274 owner_id
= IVAL(e_buf
, 4);
275 group_id
= IVAL(e_buf
, 12);
277 c_offset
= e_offset
= 16;
279 /* Start comparing other entries */
280 for (i
= 2; i
< count
; i
++) {
282 type
= SVAL(e_buf
, e_offset
);
284 perm
= SVAL(e_buf
, e_offset
);
286 id
= IVAL(e_buf
, e_offset
);
291 if (id
== owner_id
) {
292 o_perm
= SVAL(c_buf
, 2);
294 SSVAL(c_buf
, 2, o_perm
);
295 DEBUG(10, ("vfs_vxfs: merging with owner"
298 "e_id = %u\n", (unsigned int)type
,
305 if (id
== group_id
) {
306 o_perm
= SVAL(c_buf
, 10);
308 SSVAL(c_buf
, 10, o_perm
);
309 DEBUG(10, ("vfs_vxfs: merging with owner group"
312 "e_id = %u\n", (unsigned int)type
,
320 SSVAL(c_buf
, c_offset
, type
);
323 SSVAL(c_buf
, c_offset
, perm
);
326 SIVAL(c_buf
, c_offset
, id
);
331 DEBUG(10, ("vfs_vxfs: new_count is %d\n", *new_count
));
335 /* Actually compare New ACL and existing ACL buf */
336 static bool vxfs_compare_acls(char *e_buf
, char *n_buf
, int n_count
,
339 uint16_t e_type
, n_type
, e_perm
, n_perm
;
343 if (!e_buf
&& !n_buf
) {
344 DEBUG(10, ("vfs_vxfs: Empty buffers!\n"));
348 if ((e_count
< 2) || (n_count
< 2)) {
351 /*Get type from last entry from both buffers.
352 * It may or may not be ACL_MASK
354 n_type
= SVAL(n_buf
, offset
+ (8 * (n_count
-1)));
355 e_type
= SVAL(e_buf
, offset
+ (8 * (e_count
-1)));
357 /* Check for ACL_MASK entry properly. Handle all 4 cases*/
359 /* If ACL_MASK entry is present in any of the buffers,
360 * it will be always the last one. Calculate count to compare
361 * based on if ACL_MASK is present on new and existing ACL
363 if ((n_type
!= VXFS_ACL_MASK
) && (e_type
== VXFS_ACL_MASK
)){
364 DEBUG(10, ("vfs_vxfs: New ACL does not have mask entry,"
365 "reduce count by 1 and compare\n"));
366 e_count
= e_count
-1;
368 if ((n_type
== VXFS_ACL_MASK
) && (e_type
!= VXFS_ACL_MASK
)){
369 DEBUG(10, ("vfs_vxfs: new ACL to be set contains mask"
370 "existing ACL does not have mask entry\n"
371 "Need to set New ACL\n"));
375 if (memcmp(e_buf
, n_buf
, (e_count
* 8)) != 0) {
376 DEBUG(10, ("vfs_vxfs: Compare with memcmp,"
377 "buffers not same!\n"));
384 /* In VxFS, POSIX ACLs are pointed by separate inode for each file/dir.
385 * However, files/dir share same POSIX ACL inode if ACLs are inherited
387 * To retain this behaviour, below function avoids ACL set call if
388 * underlying ACLs are already same and thus saves creating extra inode.
390 * This function will execute following steps:
391 * 1. Get existing ACL
392 * 2. Sort New ACL and existing ACL into buffers
393 * 3. Compact existing ACL buf
394 * 4. Finally compare New ACL buf and Compact buf
395 * 5. If same, return true
396 * 6. Else need to set New ACL
399 static bool vxfs_compare(connection_struct
*conn
, char *name
, SMB_ACL_T the_acl
,
400 SMB_ACL_TYPE_T the_acl_type
)
402 SMB_ACL_T existing_acl
= NULL
;
405 TALLOC_CTX
*mem_ctx
= talloc_tos();
406 char *existing_buf
= NULL
, *new_buf
= NULL
, *compact_buf
= NULL
;
407 struct smb_filename
*smb_fname
= NULL
;
410 DEBUG(10, ("vfs_vxfs: Getting existing ACL for %s\n", name
));
411 existing_acl
= SMB_VFS_SYS_ACL_GET_FILE(conn
, name
, the_acl_type
,
413 if (existing_acl
== NULL
) {
414 DEBUG(10, ("vfs_vxfs: Failed to get ACL\n"));
418 DEBUG(10, ("vfs_vxfs: Existing ACL count=%d\n", existing_acl
->count
));
419 DEBUG(10, ("vfs_vxfs: New ACL count=%d\n", the_acl
->count
));
421 if (existing_acl
->count
== 0) {
422 DEBUG(10, ("vfs_vxfs: ACL count is 0, Need to set\n"));
426 smb_fname
= synthetic_smb_fname(mem_ctx
, name
, NULL
, NULL
, 0);
427 if (smb_fname
== NULL
) {
428 DEBUG(10, ("vfs_vxfs: Failed to create smb_fname\n"));
432 status
= SMB_VFS_STAT(conn
, smb_fname
);
434 DEBUG(10, ("vfs_vxfs: stat failed!\n"));
438 DEBUG(10, ("vfs_vxfs: Sorting existing ACL\n"));
439 existing_buf
= vxfs_sort_acl(existing_acl
, mem_ctx
,
440 smb_fname
->st
.st_ex_uid
,
441 smb_fname
->st
.st_ex_gid
);
445 DEBUG(10, ("vfs_vxfs: Sorting new ACL\n"));
446 new_buf
= vxfs_sort_acl(the_acl
, mem_ctx
, smb_fname
->st
.st_ex_uid
,
447 smb_fname
->st
.st_ex_gid
);
452 DEBUG(10, ("vfs_vxfs: Compact existing buf\n"));
453 compact_buf
= vxfs_compact_buf(existing_buf
, &count
,
460 vxfs_print_ace_buf(compact_buf
, count
);
462 /* COmpare ACLs only if count is same or mismatch by 1 */
463 if ((count
== the_acl
->count
) ||
464 (count
== the_acl
->count
+ 1) ||
465 (count
+1 == the_acl
->count
)) {
467 if (vxfs_compare_acls(compact_buf
, new_buf
, the_acl
->count
,
469 DEBUG(10, ("vfs_vxfs: ACLs matched. Not setting.\n"));
473 DEBUG(10, ("vfs_vxfs: ACLs NOT matched. Setting\n"));
475 DEBUG(10, ("vfs_vxfs: ACLs count does not match. Setting\n"));
480 TALLOC_FREE(existing_acl
);
481 TALLOC_FREE(smb_fname
);
482 TALLOC_FREE(existing_buf
);
483 TALLOC_FREE(compact_buf
);
484 TALLOC_FREE(new_buf
);
489 static int vxfs_sys_acl_set_fd(vfs_handle_struct
*handle
, files_struct
*fsp
,
493 if (vxfs_compare(fsp
->conn
, fsp
->fsp_name
->base_name
, theacl
,
494 SMB_ACL_TYPE_ACCESS
)) {
498 return SMB_VFS_NEXT_SYS_ACL_SET_FD(handle
, fsp
, theacl
);
501 static int vxfs_sys_acl_set_file(vfs_handle_struct
*handle
, const char *name
,
502 SMB_ACL_TYPE_T acltype
, SMB_ACL_T theacl
)
504 if (vxfs_compare(handle
->conn
, (char *)name
, theacl
, acltype
)) {
508 return SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle
, name
, acltype
, theacl
);
511 static int vxfs_set_xattr(struct vfs_handle_struct
*handle
, const char *path
,
512 const char *name
, const void *value
, size_t size
,
514 struct smb_filename
*smb_fname
;
518 DEBUG(10, ("In vxfs_set_xattr\n"));
520 smb_fname
= synthetic_smb_fname(talloc_tos(), path
, NULL
, NULL
, 0);
521 if (smb_fname
== NULL
) {
526 if (SMB_VFS_NEXT_STAT(handle
, smb_fname
) != 0) {
527 TALLOC_FREE(smb_fname
);
531 is_dir
= S_ISDIR(smb_fname
->st
.st_ex_mode
);
532 TALLOC_FREE(smb_fname
);
534 ret
= vxfs_setxattr_path(path
, name
, value
, size
, flags
,
537 ((ret
== -1) && (errno
!= ENOTSUP
) && (errno
!= ENOSYS
))) {
539 * Now remve old style xattr if it exists
541 SMB_VFS_NEXT_REMOVEXATTR(handle
, path
, name
);
543 * Do not bother about return value
549 DEBUG(10, ("Fallback to xattr\n"));
550 if (strcmp(name
, XATTR_NTACL_NAME
) == 0) {
551 return SMB_VFS_NEXT_SETXATTR(handle
, path
, XATTR_USER_NTACL
,
555 /* Clients can't set XATTR_USER_NTACL directly. */
556 if (strcasecmp(name
, XATTR_USER_NTACL
) == 0) {
561 return SMB_VFS_NEXT_SETXATTR(handle
, path
, name
, value
, size
, flags
);
564 static int vxfs_fset_xattr(struct vfs_handle_struct
*handle
,
565 struct files_struct
*fsp
, const char *name
,
566 const void *value
, size_t size
, int flags
){
569 DEBUG(10, ("In vxfs_fset_xattr\n"));
571 ret
= vxfs_setxattr_fd(fsp
->fh
->fd
, name
, value
, size
, flags
);
573 ((ret
== -1) && (errno
!= ENOTSUP
) && (errno
!= ENOSYS
))) {
574 SMB_VFS_NEXT_FREMOVEXATTR(handle
, fsp
, name
);
578 DEBUG(10, ("Fallback to xattr"));
579 if (strcmp(name
, XATTR_NTACL_NAME
) == 0) {
580 return SMB_VFS_NEXT_FSETXATTR(handle
, fsp
, XATTR_USER_NTACL
,
584 /* Clients can't set XATTR_USER_NTACL directly. */
585 if (strcasecmp(name
, XATTR_USER_NTACL
) == 0) {
590 return SMB_VFS_NEXT_FSETXATTR(handle
, fsp
, name
, value
, size
, flags
);
593 static ssize_t
vxfs_get_xattr(struct vfs_handle_struct
*handle
,
594 const char *path
, const char *name
,
595 void *value
, size_t size
){
598 DEBUG(10, ("In vxfs_get_xattr\n"));
599 ret
= vxfs_getxattr_path(path
, name
, value
, size
);
600 if ((ret
!= -1) || ((errno
!= ENOTSUP
) &&
601 (errno
!= ENOSYS
) && (errno
!= ENODATA
))) {
605 DEBUG(10, ("Fallback to xattr\n"));
606 if (strcmp(name
, XATTR_NTACL_NAME
) == 0) {
607 return SMB_VFS_NEXT_GETXATTR(handle
, path
, XATTR_USER_NTACL
,
611 /* Clients can't see XATTR_USER_NTACL directly. */
612 if (strcasecmp(name
, XATTR_USER_NTACL
) == 0) {
617 return SMB_VFS_NEXT_GETXATTR(handle
, path
, name
, value
, size
);
620 static ssize_t
vxfs_fget_xattr(struct vfs_handle_struct
*handle
,
621 struct files_struct
*fsp
, const char *name
,
622 void *value
, size_t size
){
625 DEBUG(10, ("In vxfs_fget_xattr\n"));
627 ret
= vxfs_getxattr_fd(fsp
->fh
->fd
, name
, value
, size
);
628 if ((ret
!= -1) || ((errno
!= ENOTSUP
) &&
629 (errno
!= ENOSYS
) && (errno
!= ENODATA
))) {
633 DEBUG(10, ("Fallback to xattr\n"));
634 if (strcmp(name
, XATTR_NTACL_NAME
) == 0) {
635 return SMB_VFS_NEXT_FGETXATTR(handle
, fsp
, XATTR_USER_NTACL
,
639 /* Clients can't see XATTR_USER_NTACL directly. */
640 if (strcasecmp(name
, XATTR_USER_NTACL
) == 0) {
645 return SMB_VFS_NEXT_FGETXATTR(handle
, fsp
, name
, value
, size
);
648 static int vxfs_remove_xattr(struct vfs_handle_struct
*handle
,
649 const char *path
, const char *name
){
650 struct smb_filename
*smb_fname
;
652 int ret
= 0, ret_new
= 0, old_errno
;
654 DEBUG(10, ("In vxfs_remove_xattr\n"));
656 /* Remove with old way */
657 if (strcmp(name
, XATTR_NTACL_NAME
) == 0) {
658 ret
= SMB_VFS_NEXT_REMOVEXATTR(handle
, path
,
661 if (strcasecmp(name
, XATTR_USER_NTACL
) != 0) {
662 ret
= SMB_VFS_NEXT_REMOVEXATTR(handle
, path
,
668 /* Remove with new way */
669 smb_fname
= synthetic_smb_fname(talloc_tos(), path
, NULL
, NULL
, 0);
670 if (smb_fname
== NULL
) {
675 if (SMB_VFS_NEXT_STAT(handle
, smb_fname
) != 0) {
676 TALLOC_FREE(smb_fname
);
680 is_dir
= S_ISDIR(smb_fname
->st
.st_ex_mode
);
681 TALLOC_FREE(smb_fname
);
683 * If both fail, return failuer else return whichever succeeded
685 ret_new
= vxfs_removexattr_path(path
, name
, is_dir
);
686 if (errno
== ENOTSUP
|| errno
== ENOSYS
) {
689 if ((ret_new
!= -1) && (ret
== -1)) {
697 static int vxfs_fremove_xattr(struct vfs_handle_struct
*handle
,
698 struct files_struct
*fsp
, const char *name
){
699 int ret
= 0, ret_new
= 0, old_errno
;
701 DEBUG(10, ("In vxfs_fremove_xattr\n"));
703 /* Remove with old way */
704 if (strcmp(name
, XATTR_NTACL_NAME
) == 0) {
705 ret
= SMB_VFS_NEXT_FREMOVEXATTR(handle
, fsp
,
708 /* Clients can't remove XATTR_USER_NTACL directly. */
709 if (strcasecmp(name
, XATTR_USER_NTACL
) != 0) {
710 ret
= SMB_VFS_NEXT_FREMOVEXATTR(handle
, fsp
,
716 /* Remove with new way */
717 ret_new
= vxfs_removexattr_fd(fsp
->fh
->fd
, name
);
719 * If both fail, return failuer else return whichever succeeded
721 if (errno
== ENOTSUP
|| errno
== ENOSYS
) {
724 if ((ret_new
!= -1) && (ret
== -1)) {
732 static size_t vxfs_filter_list(char *list
, size_t size
)
736 while (str
- list
< size
) {
737 size_t element_len
= strlen(str
) + 1;
738 if (strcasecmp(str
, XATTR_USER_NTACL
) == 0) {
741 size
- (str
- list
) - element_len
);
750 static ssize_t
vxfs_listxattr(vfs_handle_struct
*handle
, const char *path
,
751 char *list
, size_t size
)
755 result
= vxfs_listxattr_path(path
, list
, size
);
756 if (result
>= 0 || ((errno
!= ENOTSUP
) && (errno
!= ENOSYS
))) {
760 result
= SMB_VFS_NEXT_LISTXATTR(handle
, path
, list
, size
);
766 /* Remove any XATTR_USER_NTACL elements from the returned list. */
767 result
= vxfs_filter_list(list
, result
);
772 static ssize_t
vxfs_flistxattr(struct vfs_handle_struct
*handle
,
773 struct files_struct
*fsp
, char *list
,
778 result
= vxfs_listxattr_fd(fsp
->fh
->fd
, list
, size
);
779 if (result
>= 0 || ((errno
!= ENOTSUP
) && (errno
!= ENOSYS
))) {
783 result
= SMB_VFS_NEXT_FLISTXATTR(handle
, fsp
, list
, size
);
789 /* Remove any XATTR_USER_NTACL elements from the returned list. */
790 result
= vxfs_filter_list(list
, result
);
795 static int vfs_vxfs_connect(struct vfs_handle_struct
*handle
,
796 const char *service
, const char *user
)
801 ret
= SMB_VFS_NEXT_CONNECT(handle
, service
, user
);
811 static struct vfs_fn_pointers vfs_vxfs_fns
= {
812 .connect_fn
= vfs_vxfs_connect
,
814 #ifdef VXFS_ACL_SHARE
815 .sys_acl_set_file_fn
= vxfs_sys_acl_set_file
,
816 .sys_acl_set_fd_fn
= vxfs_sys_acl_set_fd
,
819 .getxattr_fn
= vxfs_get_xattr
,
820 .fgetxattr_fn
= vxfs_fget_xattr
,
821 .listxattr_fn
= vxfs_listxattr
,
822 .flistxattr_fn
= vxfs_flistxattr
,
823 .removexattr_fn
= vxfs_remove_xattr
,
824 .fremovexattr_fn
= vxfs_fremove_xattr
,
825 .setxattr_fn
= vxfs_set_xattr
,
826 .fsetxattr_fn
= vxfs_fset_xattr
,
829 NTSTATUS
vfs_vxfs_init(void);
830 NTSTATUS
vfs_vxfs_init(void)
832 return smb_register_vfs(SMB_VFS_INTERFACE_VERSION
, "vxfs",