search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix bug in SMB_FIND_INFO_STANDARD parsing found by Volker.
[Samba/gebeck_regimport.git] / source3 / smbd / smb2_lock.c
blob19e1ef07b313c731805c2ea4253e79b4efd72b3d
1 /*
2 Unix SMB/CIFS implementation.
3 Core SMB2 server
4
5 Copyright (C) Stefan Metzmacher 2009
6 Copyright (C) Jeremy Allison 2010
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "smbd/smbd.h"
24 #include "smbd/globals.h"
25 #include "../libcli/smb/smb_common.h"
26 #include "../lib/util/tevent_ntstatus.h"
27 #include "messages.h"
28
29 struct smbd_smb2_lock_element {
30 uint64_t offset;
31 uint64_t length;
32 uint32_t flags;
33 };
34
35 struct smbd_smb2_lock_state {
36 struct smbd_smb2_request *smb2req;
37 struct smb_request *smb1req;
38 struct blocking_lock_record *blr;
39 uint16_t lock_count;
40 struct smbd_lock_element *locks;
41 };
42
43 static void remove_pending_lock(struct smbd_smb2_lock_state *state,
44 struct blocking_lock_record *blr);
45
46 static struct tevent_req *smbd_smb2_lock_send(TALLOC_CTX *mem_ctx,
47 struct tevent_context *ev,
48 struct smbd_smb2_request *smb2req,
49 struct files_struct *in_fsp,
50 uint16_t in_lock_count,
51 struct smbd_smb2_lock_element *in_locks);
52 static NTSTATUS smbd_smb2_lock_recv(struct tevent_req *req);
53
54 static void smbd_smb2_request_lock_done(struct tevent_req *subreq);
55 NTSTATUS smbd_smb2_request_process_lock(struct smbd_smb2_request *req)
56 {
57 const uint8_t *inbody;
58 uint16_t in_lock_count;
59 uint64_t in_file_id_persistent;
60 uint64_t in_file_id_volatile;
61 struct files_struct *in_fsp;
62 struct smbd_smb2_lock_element *in_locks;
63 struct tevent_req *subreq;
64 const uint8_t *lock_buffer;
65 uint16_t l;
66 NTSTATUS status;
67
68 status = smbd_smb2_request_verify_sizes(req, 0x30);
69 if (!NT_STATUS_IS_OK(status)) {
70 return smbd_smb2_request_error(req, status);
71 }
72 inbody = SMBD_SMB2_IN_BODY_PTR(req);
73
74 in_lock_count = CVAL(inbody, 0x02);
75 /* 0x04 - 4 bytes reserved */
76 in_file_id_persistent = BVAL(inbody, 0x08);
77 in_file_id_volatile = BVAL(inbody, 0x10);
78
79 if (in_lock_count < 1) {
80 return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
81 }
82
83 if (((in_lock_count - 1) * 0x18) > SMBD_SMB2_IN_DYN_LEN(req)) {
84 return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
85 }
86
87 in_locks = talloc_array(req, struct smbd_smb2_lock_element,
88 in_lock_count);
89 if (in_locks == NULL) {
90 return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
91 }
92
93 l = 0;
94 lock_buffer = inbody + 0x18;
95
96 in_locks[l].offset = BVAL(lock_buffer, 0x00);
97 in_locks[l].length = BVAL(lock_buffer, 0x08);
98 in_locks[l].flags = IVAL(lock_buffer, 0x10);
99 /* 0x14 - 4 reserved bytes */
100
101 lock_buffer = SMBD_SMB2_IN_DYN_PTR(req);
102
103 for (l=1; l < in_lock_count; l++) {
104 in_locks[l].offset = BVAL(lock_buffer, 0x00);
105 in_locks[l].length = BVAL(lock_buffer, 0x08);
106 in_locks[l].flags = IVAL(lock_buffer, 0x10);
107 /* 0x14 - 4 reserved bytes */
108
109 lock_buffer += 0x18;
110 }
111
112 in_fsp = file_fsp_smb2(req, in_file_id_persistent, in_file_id_volatile);
113 if (in_fsp == NULL) {
114 return smbd_smb2_request_error(req, NT_STATUS_FILE_CLOSED);
115 }
116
117 subreq = smbd_smb2_lock_send(req, req->sconn->ev_ctx,
118 req, in_fsp,
119 in_lock_count,
120 in_locks);
121 if (subreq == NULL) {
122 return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
123 }
124 tevent_req_set_callback(subreq, smbd_smb2_request_lock_done, req);
125
126 return smbd_smb2_request_pending_queue(req, subreq, 500);
127 }
128
129 static void smbd_smb2_request_lock_done(struct tevent_req *subreq)
130 {
131 struct smbd_smb2_request *smb2req = tevent_req_callback_data(subreq,
132 struct smbd_smb2_request);
133 DATA_BLOB outbody;
134 NTSTATUS status;
135 NTSTATUS error; /* transport error */
136
137 if (smb2req->cancelled) {
138 const uint8_t *inhdr = SMBD_SMB2_IN_HDR_PTR(smb2req);
139 uint64_t mid = BVAL(inhdr, SMB2_HDR_MESSAGE_ID);
140 struct smbd_smb2_lock_state *state;
141
142 DEBUG(10,("smbd_smb2_request_lock_done: cancelled mid %llu\n",
143 (unsigned long long)mid ));
144
145 state = tevent_req_data(smb2req->subreq,
146 struct smbd_smb2_lock_state);
147
148 SMB_ASSERT(state);
149 SMB_ASSERT(state->blr);
150
151 remove_pending_lock(state, state->blr);
152
153 error = smbd_smb2_request_error(smb2req, NT_STATUS_CANCELLED);
154 if (!NT_STATUS_IS_OK(error)) {
155 smbd_server_connection_terminate(smb2req->sconn,
156 nt_errstr(error));
157 return;
158 }
159 return;
160 }
161
162 status = smbd_smb2_lock_recv(subreq);
163 TALLOC_FREE(subreq);
164 if (!NT_STATUS_IS_OK(status)) {
165 error = smbd_smb2_request_error(smb2req, status);
166 if (!NT_STATUS_IS_OK(error)) {
167 smbd_server_connection_terminate(smb2req->sconn,
168 nt_errstr(error));
169 return;
170 }
171 return;
172 }
173
174 outbody = data_blob_talloc(smb2req->out.vector, NULL, 0x04);
175 if (outbody.data == NULL) {
176 error = smbd_smb2_request_error(smb2req, NT_STATUS_NO_MEMORY);
177 if (!NT_STATUS_IS_OK(error)) {
178 smbd_server_connection_terminate(smb2req->sconn,
179 nt_errstr(error));
180 return;
181 }
182 return;
183 }
184
185 SSVAL(outbody.data, 0x00, 0x04); /* struct size */
186 SSVAL(outbody.data, 0x02, 0); /* reserved */
187
188 error = smbd_smb2_request_done(smb2req, outbody, NULL);
189 if (!NT_STATUS_IS_OK(error)) {
190 smbd_server_connection_terminate(smb2req->sconn,
191 nt_errstr(error));
192 return;
193 }
194 }
195
196 static struct tevent_req *smbd_smb2_lock_send(TALLOC_CTX *mem_ctx,
197 struct tevent_context *ev,
198 struct smbd_smb2_request *smb2req,
199 struct files_struct *fsp,
200 uint16_t in_lock_count,
201 struct smbd_smb2_lock_element *in_locks)
202 {
203 struct tevent_req *req;
204 struct smbd_smb2_lock_state *state;
205 struct smb_request *smb1req;
206 int32_t timeout = -1;
207 bool isunlock = false;
208 uint16_t i;
209 struct smbd_lock_element *locks;
210 NTSTATUS status;
211 bool async = false;
212
213 req = tevent_req_create(mem_ctx, &state,
214 struct smbd_smb2_lock_state);
215 if (req == NULL) {
216 return NULL;
217 }
218 state->smb2req = smb2req;
219 smb2req->subreq = req; /* So we can find this when going async. */
220
221 smb1req = smbd_smb2_fake_smb_request(smb2req);
222 if (tevent_req_nomem(smb1req, req)) {
223 return tevent_req_post(req, ev);
224 }
225 state->smb1req = smb1req;
226
227 DEBUG(10,("smbd_smb2_lock_send: %s - %s\n",
228 fsp_str_dbg(fsp), fsp_fnum_dbg(fsp)));
229
230 locks = talloc_array(state, struct smbd_lock_element, in_lock_count);
231 if (locks == NULL) {
232 tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
233 return tevent_req_post(req, ev);
234 }
235
236 switch (in_locks[0].flags) {
237 case SMB2_LOCK_FLAG_SHARED:
238 case SMB2_LOCK_FLAG_EXCLUSIVE:
239 if (in_lock_count > 1) {
240 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
241 return tevent_req_post(req, ev);
242 }
243 timeout = -1;
244 break;
245
246 case SMB2_LOCK_FLAG_SHARED|SMB2_LOCK_FLAG_FAIL_IMMEDIATELY:
247 case SMB2_LOCK_FLAG_EXCLUSIVE|SMB2_LOCK_FLAG_FAIL_IMMEDIATELY:
248 timeout = 0;
249 break;
250
251 case SMB2_LOCK_FLAG_UNLOCK:
252 /* only the first lock gives the UNLOCK bit - see
253 MS-SMB2 3.3.5.14 */
254 isunlock = true;
255 timeout = 0;
256 break;
257
258 default:
259 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
260 return tevent_req_post(req, ev);
261 }
262
263 for (i=0; i<in_lock_count; i++) {
264 bool invalid = false;
265
266 switch (in_locks[i].flags) {
267 case SMB2_LOCK_FLAG_SHARED:
268 case SMB2_LOCK_FLAG_EXCLUSIVE:
269 if (isunlock) {
270 invalid = true;
271 break;
272 }
273 if (i > 0) {
274 tevent_req_nterror(req,
275 NT_STATUS_INVALID_PARAMETER);
276 return tevent_req_post(req, ev);
277 }
278 break;
279
280 case SMB2_LOCK_FLAG_SHARED|SMB2_LOCK_FLAG_FAIL_IMMEDIATELY:
281 case SMB2_LOCK_FLAG_EXCLUSIVE|SMB2_LOCK_FLAG_FAIL_IMMEDIATELY:
282 if (isunlock) {
283 invalid = true;
284 }
285 break;
286
287 case SMB2_LOCK_FLAG_UNLOCK:
288 if (!isunlock) {
289 tevent_req_nterror(req,
290 NT_STATUS_INVALID_PARAMETER);
291 return tevent_req_post(req, ev);
292 }
293 break;
294
295 default:
296 if (isunlock) {
297 /*
298 * is the first element was a UNLOCK
299 * we need to deferr the error response
300 * to the backend, because we need to process
301 * all unlock elements before
302 */
303 invalid = true;
304 break;
305 }
306 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
307 return tevent_req_post(req, ev);
308 }
309
310 locks[i].smblctx = fsp->op->global->open_persistent_id;
311 locks[i].offset = in_locks[i].offset;
312 locks[i].count = in_locks[i].length;
313
314 if (in_locks[i].flags & SMB2_LOCK_FLAG_EXCLUSIVE) {
315 locks[i].brltype = WRITE_LOCK;
316 } else if (in_locks[i].flags & SMB2_LOCK_FLAG_SHARED) {
317 locks[i].brltype = READ_LOCK;
318 } else if (invalid) {
319 /*
320 * this is an invalid UNLOCK element
321 * and the backend needs to test for
322 * brltype != UNLOCK_LOCK and return
323 * NT_STATUS_INVALID_PARAMER
324 */
325 locks[i].brltype = READ_LOCK;
326 } else {
327 locks[i].brltype = UNLOCK_LOCK;
328 }
329
330 DEBUG(10,("smbd_smb2_lock_send: index %d offset=%llu, count=%llu, "
331 "smblctx = %llu type %d\n",
332 i,
333 (unsigned long long)locks[i].offset,
334 (unsigned long long)locks[i].count,
335 (unsigned long long)locks[i].smblctx,
336 (int)locks[i].brltype ));
337 }
338
339 state->locks = locks;
340 state->lock_count = in_lock_count;
341
342 if (isunlock) {
343 status = smbd_do_locking(smb1req, fsp,
344 0,
345 timeout,
346 in_lock_count,
347 locks,
348 0,
349 NULL,
350 &async);
351 } else {
352 status = smbd_do_locking(smb1req, fsp,
353 0,
354 timeout,
355 0,
356 NULL,
357 in_lock_count,
358 locks,
359 &async);
360 }
361 if (!NT_STATUS_IS_OK(status)) {
362 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_LOCK_CONFLICT)) {
363 status = NT_STATUS_LOCK_NOT_GRANTED;
364 }
365 tevent_req_nterror(req, status);
366 return tevent_req_post(req, ev);
367 }
368
369 if (async) {
370 return req;
371 }
372
373 tevent_req_done(req);
374 return tevent_req_post(req, ev);
375 }
376
377 static NTSTATUS smbd_smb2_lock_recv(struct tevent_req *req)
378 {
379 NTSTATUS status;
380
381 if (tevent_req_is_nterror(req, &status)) {
382 tevent_req_received(req);
383 return status;
384 }
385
386 tevent_req_received(req);
387 return NT_STATUS_OK;
388 }
389
390 /****************************************************************
391 Cancel an outstanding blocking lock request.
392 *****************************************************************/
393
394 static bool smbd_smb2_lock_cancel(struct tevent_req *req)
395 {
396 struct smbd_smb2_request *smb2req = NULL;
397 struct smbd_smb2_lock_state *state = tevent_req_data(req,
398 struct smbd_smb2_lock_state);
399 if (!state) {
400 return false;
401 }
402
403 if (!state->smb2req) {
404 return false;
405 }
406
407 smb2req = state->smb2req;
408 smb2req->cancelled = true;
409
410 tevent_req_done(req);
411 return true;
412 }
413
414 /****************************************************************
415 Got a message saying someone unlocked a file. Re-schedule all
416 blocking lock requests as we don't know if anything overlapped.
417 *****************************************************************/
418
419 static void received_unlock_msg(struct messaging_context *msg,
420 void *private_data,
421 uint32_t msg_type,
422 struct server_id server_id,
423 DATA_BLOB *data)
424 {
425 struct smbd_server_connection *sconn =
426 talloc_get_type_abort(private_data,
427 struct smbd_server_connection);
428
429 DEBUG(10,("received_unlock_msg (SMB2)\n"));
430
431 process_blocking_lock_queue_smb2(sconn, timeval_current());
432 }
433
434 /****************************************************************
435 Function to get the blr on a pending record.
436 *****************************************************************/
437
438 struct blocking_lock_record *get_pending_smb2req_blr(struct smbd_smb2_request *smb2req)
439 {
440 struct smbd_smb2_lock_state *state = NULL;
441 const uint8_t *inhdr;
442
443 if (!smb2req) {
444 return NULL;
445 }
446 if (smb2req->subreq == NULL) {
447 return NULL;
448 }
449 if (!tevent_req_is_in_progress(smb2req->subreq)) {
450 return NULL;
451 }
452 inhdr = SMBD_SMB2_IN_HDR_PTR(smb2req);
453 if (SVAL(inhdr, SMB2_HDR_OPCODE) != SMB2_OP_LOCK) {
454 return NULL;
455 }
456 state = tevent_req_data(smb2req->subreq,
457 struct smbd_smb2_lock_state);
458 if (!state) {
459 return NULL;
460 }
461 return state->blr;
462 }
463 /****************************************************************
464 Set up the next brl timeout.
465 *****************************************************************/
466
467 static bool recalc_smb2_brl_timeout(struct smbd_server_connection *sconn)
468 {
469 struct smbd_smb2_request *smb2req;
470 struct timeval next_timeout = timeval_zero();
471 int max_brl_timeout = lp_parm_int(-1, "brl", "recalctime", 5);
472
473 TALLOC_FREE(sconn->smb2.locks.brl_timeout);
474
475 for (smb2req = sconn->smb2.requests; smb2req; smb2req = smb2req->next) {
476 struct blocking_lock_record *blr =
477 get_pending_smb2req_blr(smb2req);
478 if (!blr) {
479 continue;
480 }
481 if (timeval_is_zero(&blr->expire_time)) {
482 /*
483 * If we're blocked on pid 0xFFFFFFFFFFFFFFFFLL this is
484 * a POSIX lock, so calculate a timeout of
485 * 10 seconds into the future.
486 */
487 if (blr->blocking_smblctx == 0xFFFFFFFFFFFFFFFFLL) {
488 struct timeval psx_to = timeval_current_ofs(10, 0);
489 next_timeout = timeval_brl_min(&next_timeout, &psx_to);
490 }
491
492 continue;
493 }
494
495 next_timeout = timeval_brl_min(&next_timeout, &blr->expire_time);
496 }
497
498 if (timeval_is_zero(&next_timeout)) {
499 DEBUG(10, ("recalc_smb2_brl_timeout:Next "
500 "timeout = Infinite.\n"));
501 return true;
502 }
503
504 /*
505 * To account for unclean shutdowns by clients we need a
506 * maximum timeout that we use for checking pending locks. If
507 * we have any pending locks at all, then check if the pending
508 * lock can continue at least every brl:recalctime seconds
509 * (default 5 seconds).
510 *
511 * This saves us needing to do a message_send_all() in the
512 * SIGCHLD handler in the parent daemon. That
513 * message_send_all() caused O(n^2) work to be done when IP
514 * failovers happened in clustered Samba, which could make the
515 * entire system unusable for many minutes.
516 */
517
518 if (max_brl_timeout > 0) {
519 struct timeval min_to = timeval_current_ofs(max_brl_timeout, 0);
520 next_timeout = timeval_brl_min(&next_timeout, &min_to);
521 }
522
523 if (DEBUGLVL(10)) {
524 struct timeval cur, from_now;
525
526 cur = timeval_current();
527 from_now = timeval_until(&cur, &next_timeout);
528 DEBUG(10, ("recalc_smb2_brl_timeout: Next "
529 "timeout = %d.%d seconds from now.\n",
530 (int)from_now.tv_sec, (int)from_now.tv_usec));
531 }
532
533 sconn->smb2.locks.brl_timeout = tevent_add_timer(
534 sconn->ev_ctx,
535 NULL,
536 next_timeout,
537 brl_timeout_fn,
538 NULL);
539 if (!sconn->smb2.locks.brl_timeout) {
540 return false;
541 }
542 return true;
543 }
544
545 /****************************************************************
546 Get an SMB2 lock reqeust to go async. lock_timeout should
547 always be -1 here.
548 *****************************************************************/
549
550 bool push_blocking_lock_request_smb2( struct byte_range_lock *br_lck,
551 struct smb_request *smb1req,
552 files_struct *fsp,
553 int lock_timeout,
554 int lock_num,
555 uint64_t smblctx,
556 enum brl_type lock_type,
557 enum brl_flavour lock_flav,
558 uint64_t offset,
559 uint64_t count,
560 uint64_t blocking_smblctx)
561 {
562 struct smbd_server_connection *sconn = smb1req->sconn;
563 struct smbd_smb2_request *smb2req = smb1req->smb2req;
564 struct tevent_req *req = NULL;
565 struct smbd_smb2_lock_state *state = NULL;
566 struct blocking_lock_record *blr = NULL;
567 NTSTATUS status = NT_STATUS_OK;
568
569 if (!smb2req) {
570 return false;
571 }
572 req = smb2req->subreq;
573 if (!req) {
574 return false;
575 }
576 if (!tevent_req_is_in_progress(smb2req->subreq)) {
577 return false;
578 }
579 state = tevent_req_data(req, struct smbd_smb2_lock_state);
580 if (!state) {
581 return false;
582 }
583
584 blr = talloc_zero(state, struct blocking_lock_record);
585 if (!blr) {
586 return false;
587 }
588 blr->fsp = fsp;
589
590 if (lock_timeout == -1) {
591 blr->expire_time.tv_sec = 0;
592 blr->expire_time.tv_usec = 0; /* Never expire. */
593 } else {
594 blr->expire_time = timeval_current_ofs_msec(lock_timeout);
595 }
596
597 blr->lock_num = lock_num;
598 blr->smblctx = smblctx;
599 blr->blocking_smblctx = blocking_smblctx;
600 blr->lock_flav = lock_flav;
601 blr->lock_type = lock_type;
602 blr->offset = offset;
603 blr->count = count;
604
605 /* Specific brl_lock() implementations can fill this in. */
606 blr->blr_private = NULL;
607
608 /* Add a pending lock record for this. */
609 status = brl_lock(sconn->msg_ctx,
610 br_lck,
611 smblctx,
612 messaging_server_id(sconn->msg_ctx),
613 offset,
614 count,
615 lock_type == READ_LOCK ? PENDING_READ_LOCK : PENDING_WRITE_LOCK,
616 blr->lock_flav,
617 true,
618 NULL,
619 blr);
620
621 if (!NT_STATUS_IS_OK(status)) {
622 DEBUG(0,("push_blocking_lock_request_smb2: "
623 "failed to add PENDING_LOCK record.\n"));
624 TALLOC_FREE(blr);
625 return false;
626 }
627 state->blr = blr;
628
629 DEBUG(10,("push_blocking_lock_request_smb2: file %s timeout %d\n",
630 fsp_str_dbg(fsp),
631 lock_timeout ));
632
633 recalc_smb2_brl_timeout(sconn);
634
635 /* Ensure we'll receive messages when this is unlocked. */
636 if (!sconn->smb2.locks.blocking_lock_unlock_state) {
637 messaging_register(sconn->msg_ctx, sconn,
638 MSG_SMB_UNLOCK, received_unlock_msg);
639 sconn->smb2.locks.blocking_lock_unlock_state = true;
640 }
641
642 /* allow this request to be canceled */
643 tevent_req_set_cancel_fn(req, smbd_smb2_lock_cancel);
644
645 return true;
646 }
647
648 /****************************************************************
649 Remove a pending lock record under lock.
650 *****************************************************************/
651
652 static void remove_pending_lock(struct smbd_smb2_lock_state *state,
653 struct blocking_lock_record *blr)
654 {
655 int i;
656 struct byte_range_lock *br_lck = brl_get_locks(
657 state, blr->fsp);
658
659 DEBUG(10, ("remove_pending_lock: BLR = %p\n", blr));
660
661 if (br_lck) {
662 brl_lock_cancel(br_lck,
663 blr->smblctx,
664 messaging_server_id(blr->fsp->conn->sconn->msg_ctx),
665 blr->offset,
666 blr->count,
667 blr->lock_flav,
668 blr);
669 TALLOC_FREE(br_lck);
670 }
671
672 /* Remove the locks we already got. */
673
674 for(i = blr->lock_num - 1; i >= 0; i--) {
675 struct smbd_lock_element *e = &state->locks[i];
676
677 do_unlock(blr->fsp->conn->sconn->msg_ctx,
678 blr->fsp,
679 e->smblctx,
680 e->count,
681 e->offset,
682 WINDOWS_LOCK);
683 }
684 }
685
686 /****************************************************************
687 Re-proccess a blocking lock request.
688 This is equivalent to process_lockingX() inside smbd/blocking.c
689 *****************************************************************/
690
691 static void reprocess_blocked_smb2_lock(struct smbd_smb2_request *smb2req,
692 struct timeval tv_curr)
693 {
694 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
695 struct blocking_lock_record *blr = NULL;
696 struct smbd_smb2_lock_state *state = NULL;
697 files_struct *fsp = NULL;
698
699 if (!smb2req->subreq) {
700 return;
701 }
702 state = tevent_req_data(smb2req->subreq, struct smbd_smb2_lock_state);
703 if (!state) {
704 return;
705 }
706
707 blr = state->blr;
708 fsp = blr->fsp;
709
710 /* Try and finish off getting all the outstanding locks. */
711
712 for (; blr->lock_num < state->lock_count; blr->lock_num++) {
713 struct byte_range_lock *br_lck = NULL;
714 struct smbd_lock_element *e = &state->locks[blr->lock_num];
715
716 br_lck = do_lock(fsp->conn->sconn->msg_ctx,
717 fsp,
718 e->smblctx,
719 e->count,
720 e->offset,
721 e->brltype,
722 WINDOWS_LOCK,
723 true,
724 &status,
725 &blr->blocking_smblctx,
726 blr);
727
728 TALLOC_FREE(br_lck);
729
730 if (NT_STATUS_IS_ERR(status)) {
731 break;
732 }
733 }
734
735 if(blr->lock_num == state->lock_count) {
736 /*
737 * Success - we got all the locks.
738 */
739
740 DEBUG(3,("reprocess_blocked_smb2_lock SUCCESS file = %s, "
741 "%s, num_locks=%d\n",
742 fsp_str_dbg(fsp),
743 fsp_fnum_dbg(fsp),
744 (int)state->lock_count));
745
746 tevent_req_done(smb2req->subreq);
747 return;
748 }
749
750 if (!NT_STATUS_EQUAL(status,NT_STATUS_LOCK_NOT_GRANTED) &&
751 !NT_STATUS_EQUAL(status,NT_STATUS_FILE_LOCK_CONFLICT)) {
752 /*
753 * We have other than a "can't get lock"
754 * error. Return an error.
755 */
756 remove_pending_lock(state, blr);
757 tevent_req_nterror(smb2req->subreq, status);
758 return;
759 }
760
761 /*
762 * We couldn't get the locks for this record on the list.
763 * If the time has expired, return a lock error.
764 */
765
766 if (!timeval_is_zero(&blr->expire_time) &&
767 timeval_compare(&blr->expire_time, &tv_curr) <= 0) {
768 remove_pending_lock(state, blr);
769 tevent_req_nterror(smb2req->subreq, NT_STATUS_LOCK_NOT_GRANTED);
770 return;
771 }
772
773 /*
774 * Still can't get all the locks - keep waiting.
775 */
776
777 DEBUG(10,("reprocess_blocked_smb2_lock: only got %d locks of %d needed "
778 "for file %s, %s. Still waiting....\n",
779 (int)blr->lock_num,
780 (int)state->lock_count,
781 fsp_str_dbg(fsp),
782 fsp_fnum_dbg(fsp)));
783
784 return;
785
786 }
787
788 /****************************************************************
789 Attempt to proccess all outstanding blocking locks pending on
790 the request queue.
791 *****************************************************************/
792
793 void process_blocking_lock_queue_smb2(
794 struct smbd_server_connection *sconn, struct timeval tv_curr)
795 {
796 struct smbd_smb2_request *smb2req, *nextreq;
797
798 for (smb2req = sconn->smb2.requests; smb2req; smb2req = nextreq) {
799 const uint8_t *inhdr;
800
801 nextreq = smb2req->next;
802
803 if (smb2req->subreq == NULL) {
804 /* This message has been processed. */
805 continue;
806 }
807 if (!tevent_req_is_in_progress(smb2req->subreq)) {
808 /* This message has been processed. */
809 continue;
810 }
811
812 inhdr = SMBD_SMB2_IN_HDR_PTR(smb2req);
813 if (SVAL(inhdr, SMB2_HDR_OPCODE) == SMB2_OP_LOCK) {
814 reprocess_blocked_smb2_lock(smb2req, tv_curr);
815 }
816 }
817
818 recalc_smb2_brl_timeout(sconn);
819 }
820
821 /****************************************************************************
822 Remove any locks on this fd. Called from file_close().
823 ****************************************************************************/
824
825 void cancel_pending_lock_requests_by_fid_smb2(files_struct *fsp,
826 struct byte_range_lock *br_lck,
827 enum file_close_type close_type)
828 {
829 struct smbd_server_connection *sconn = fsp->conn->sconn;
830 struct smbd_smb2_request *smb2req, *nextreq;
831
832 for (smb2req = sconn->smb2.requests; smb2req; smb2req = nextreq) {
833 struct smbd_smb2_lock_state *state = NULL;
834 files_struct *fsp_curr = NULL;
835 struct blocking_lock_record *blr = NULL;
836 const uint8_t *inhdr;
837
838 nextreq = smb2req->next;
839
840 if (smb2req->subreq == NULL) {
841 /* This message has been processed. */
842 continue;
843 }
844 if (!tevent_req_is_in_progress(smb2req->subreq)) {
845 /* This message has been processed. */
846 continue;
847 }
848
849 inhdr = SMBD_SMB2_IN_HDR_PTR(smb2req);
850 if (SVAL(inhdr, SMB2_HDR_OPCODE) != SMB2_OP_LOCK) {
851 /* Not a lock call. */
852 continue;
853 }
854
855 state = tevent_req_data(smb2req->subreq,
856 struct smbd_smb2_lock_state);
857 if (!state) {
858 /* Strange - is this even possible ? */
859 continue;
860 }
861
862 fsp_curr = smb2req->compat_chain_fsp;
863 if (fsp_curr == NULL) {
864 /* Strange - is this even possible ? */
865 continue;
866 }
867
868 if (fsp_curr != fsp) {
869 /* It's not our fid */
870 continue;
871 }
872
873 blr = state->blr;
874
875 /* Remove the entries from the lock db. */
876 brl_lock_cancel(br_lck,
877 blr->smblctx,
878 messaging_server_id(sconn->msg_ctx),
879 blr->offset,
880 blr->count,
881 blr->lock_flav,
882 blr);
883
884 /* Finally end the request. */
885 if (close_type == SHUTDOWN_CLOSE) {
886 tevent_req_done(smb2req->subreq);
887 } else {
888 tevent_req_nterror(smb2req->subreq,
889 NT_STATUS_RANGE_NOT_LOCKED);
890 }
891 }
892 }
reg import