search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3:smbd/files: fsp->fnum is uint64_t not int!
[Samba/wip.git] / source3 / smbd / files.c
blobb5be0834b308c3d9d5ce5d00aabcf3e79f25b681
1 /*
2 Unix SMB/CIFS implementation.
3 Files[] structure handling
4 Copyright (C) Andrew Tridgell 1998
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "smbd/smbd.h"
22 #include "smbd/globals.h"
23 #include "libcli/security/security.h"
24 #include "util_tdb.h"
25 #include <ccan/hash/hash.h>
26 #include "lib/util/bitmap.h"
27
28 #define FILE_HANDLE_OFFSET 0x1000
29
30 /****************************************************************************
31 Return a unique number identifying this fsp over the life of this pid,
32 and try to make it as globally unique as possible.
33 See bug #8995 for the details.
34 ****************************************************************************/
35
36 static unsigned long get_gen_count(struct smbd_server_connection *sconn)
37 {
38 /*
39 * While fsp->fh->gen_id is 'unsigned long' currently
40 * (which might by 8 bytes),
41 * there's some oplock code which truncates it to
42 * uint32_t(using IVAL()).
43 */
44 if (sconn->file_gen_counter == 0) {
45 sconn->file_gen_counter = generate_random();
46 }
47 sconn->file_gen_counter += 1;
48 if (sconn->file_gen_counter >= UINT32_MAX) {
49 sconn->file_gen_counter = 0;
50 }
51 if (sconn->file_gen_counter == 0) {
52 sconn->file_gen_counter += 1;
53 }
54 return sconn->file_gen_counter;
55 }
56
57 /**
58 * create new fsp to be used for file_new or a durable handle reconnect
59 */
60 NTSTATUS fsp_new(struct connection_struct *conn, TALLOC_CTX *mem_ctx,
61 files_struct **result)
62 {
63 NTSTATUS status = NT_STATUS_NO_MEMORY;
64 files_struct *fsp = NULL;
65 struct smbd_server_connection *sconn = conn->sconn;
66
67 fsp = talloc_zero(mem_ctx, struct files_struct);
68 if (fsp == NULL) {
69 goto fail;
70 }
71
72 /*
73 * This can't be a child of fsp because the file_handle can be ref'd
74 * when doing a dos/fcb open, which will then share the file_handle
75 * across multiple fsps.
76 */
77 fsp->fh = talloc_zero(mem_ctx, struct fd_handle);
78 if (fsp->fh == NULL) {
79 goto fail;
80 }
81
82 fsp->fh->ref_count = 1;
83 fsp->fh->fd = -1;
84
85 fsp->fnum = FNUM_FIELD_INVALID;
86 fsp->conn = conn;
87
88 DLIST_ADD(sconn->files, fsp);
89 sconn->num_files += 1;
90
91 conn->num_files_open++;
92
93 *result = fsp;
94 return NT_STATUS_OK;
95
96 fail:
97 if (fsp != NULL) {
98 TALLOC_FREE(fsp->fh);
99 }
100 TALLOC_FREE(fsp);
101
102 return status;
103 }
104
105 /****************************************************************************
106 Find first available file slot.
107 ****************************************************************************/
108
109 NTSTATUS file_new(struct smb_request *req, connection_struct *conn,
110 files_struct **result)
111 {
112 struct smbd_server_connection *sconn = conn->sconn;
113 int i = -1;
114 files_struct *fsp;
115 NTSTATUS status;
116
117 status = fsp_new(conn, conn, &fsp);
118 if (!NT_STATUS_IS_OK(status)) {
119 return status;
120 }
121
122 GetTimeOfDay(&fsp->open_time);
123
124 if (sconn->file_bmap != NULL) {
125
126 /*
127 * we want to give out file handles differently on each new
128 * connection because of a common bug in MS clients where they
129 * try to reuse a file descriptor from an earlier smb
130 * connection. This code increases the chance that the errant
131 * client will get an error rather than causing corruption
132 */
133 if (sconn->first_file == 0) {
134 sconn->first_file = (getpid() ^ (int)time(NULL));
135 sconn->first_file %= sconn->real_max_open_files;
136 }
137
138 /* TODO: Port the id-tree implementation from Samba4 */
139
140 i = bitmap_find(sconn->file_bmap, sconn->first_file);
141 if (i == -1) {
142 DEBUG(0,("ERROR! Out of file structures\n"));
143 /*
144 * TODO: We have to unconditionally return a DOS error
145 * here, W2k3 even returns ERRDOS/ERRnofids for
146 * ntcreate&x with NTSTATUS negotiated
147 */
148 return NT_STATUS_TOO_MANY_OPENED_FILES;
149 }
150
151 sconn->first_file = (i+1) % (sconn->real_max_open_files);
152
153 bitmap_set(sconn->file_bmap, i);
154
155 fsp->fnum = i + FILE_HANDLE_OFFSET;
156 SMB_ASSERT(fsp->fnum < 65536);
157
158 fsp->fh->gen_id = get_gen_count(sconn);
159 }
160
161 /*
162 * Create an smb_filename with "" for the base_name. There are very
163 * few NULL checks, so make sure it's initialized with something. to
164 * be safe until an audit can be done.
165 */
166 status = create_synthetic_smb_fname(fsp, "", NULL, NULL,
167 &fsp->fsp_name);
168 if (!NT_STATUS_IS_OK(status)) {
169 file_free(NULL, fsp);
170 return status;
171 }
172
173 DEBUG(5,("allocated file structure %d, %s (%u used)\n",
174 i, fsp_fnum_dbg(fsp), (unsigned int)sconn->num_files));
175
176 if (req != NULL) {
177 req->chain_fsp = fsp;
178 }
179
180 /* A new fsp invalidates the positive and
181 negative fsp_fi_cache as the new fsp is pushed
182 at the start of the list and we search from
183 a cache hit to the *end* of the list. */
184
185 ZERO_STRUCT(sconn->fsp_fi_cache);
186
187 *result = fsp;
188 return NT_STATUS_OK;
189 }
190
191 /****************************************************************************
192 Close all open files for a connection.
193 ****************************************************************************/
194
195 void file_close_conn(connection_struct *conn)
196 {
197 files_struct *fsp, *next;
198
199 for (fsp=conn->sconn->files; fsp; fsp=next) {
200 next = fsp->next;
201 if (fsp->conn == conn) {
202 close_file(NULL, fsp, SHUTDOWN_CLOSE);
203 }
204 }
205 }
206
207 /****************************************************************************
208 Close all open files for a pid and a vuid.
209 ****************************************************************************/
210
211 void file_close_pid(struct smbd_server_connection *sconn, uint16 smbpid,
212 uint64_t vuid)
213 {
214 files_struct *fsp, *next;
215
216 for (fsp=sconn->files;fsp;fsp=next) {
217 next = fsp->next;
218 if ((fsp->file_pid == smbpid) && (fsp->vuid == vuid)) {
219 close_file(NULL, fsp, SHUTDOWN_CLOSE);
220 }
221 }
222 }
223
224 /****************************************************************************
225 Initialise file structures.
226 ****************************************************************************/
227
228 static int files_max_open_fds;
229
230 bool file_init_global(void)
231 {
232 int request_max = lp_max_open_files();
233 int real_lim;
234 int real_max;
235
236 if (files_max_open_fds != 0) {
237 return true;
238 }
239
240 /*
241 * Set the max_open files to be the requested
242 * max plus a fudgefactor to allow for the extra
243 * fd's we need such as log files etc...
244 */
245 real_lim = set_maxfiles(request_max + MAX_OPEN_FUDGEFACTOR);
246
247 real_max = real_lim - MAX_OPEN_FUDGEFACTOR;
248
249 if (real_max + FILE_HANDLE_OFFSET + MAX_OPEN_PIPES > 65536) {
250 real_max = 65536 - FILE_HANDLE_OFFSET - MAX_OPEN_PIPES;
251 }
252
253 if (real_max != request_max) {
254 DEBUG(1, ("file_init_global: Information only: requested %d "
255 "open files, %d are available.\n",
256 request_max, real_max));
257 }
258
259 SMB_ASSERT(real_max > 100);
260
261 files_max_open_fds = real_max;
262 return true;
263 }
264
265 bool file_init(struct smbd_server_connection *sconn)
266 {
267 bool ok;
268
269 ok = file_init_global();
270 if (!ok) {
271 return false;
272 }
273
274 sconn->real_max_open_files = files_max_open_fds;
275
276 sconn->file_bmap = bitmap_talloc(sconn, sconn->real_max_open_files);
277 if (!sconn->file_bmap) {
278 return false;
279 }
280
281 return true;
282 }
283
284 /****************************************************************************
285 Close files open by a specified vuid.
286 ****************************************************************************/
287
288 void file_close_user(struct smbd_server_connection *sconn, uint64_t vuid)
289 {
290 files_struct *fsp, *next;
291
292 for (fsp=sconn->files; fsp; fsp=next) {
293 next=fsp->next;
294 if (fsp->vuid == vuid) {
295 close_file(NULL, fsp, SHUTDOWN_CLOSE);
296 }
297 }
298 }
299
300 /*
301 * Walk the files table until "fn" returns non-NULL
302 */
303
304 struct files_struct *files_forall(
305 struct smbd_server_connection *sconn,
306 struct files_struct *(*fn)(struct files_struct *fsp,
307 void *private_data),
308 void *private_data)
309 {
310 struct files_struct *fsp, *next;
311
312 for (fsp = sconn->files; fsp; fsp = next) {
313 struct files_struct *ret;
314 next = fsp->next;
315 ret = fn(fsp, private_data);
316 if (ret != NULL) {
317 return ret;
318 }
319 }
320 return NULL;
321 }
322
323 /****************************************************************************
324 Find a fsp given a file descriptor.
325 ****************************************************************************/
326
327 files_struct *file_find_fd(struct smbd_server_connection *sconn, int fd)
328 {
329 int count=0;
330 files_struct *fsp;
331
332 for (fsp=sconn->files; fsp; fsp=fsp->next,count++) {
333 if (fsp->fh->fd == fd) {
334 if (count > 10) {
335 DLIST_PROMOTE(sconn->files, fsp);
336 }
337 return fsp;
338 }
339 }
340
341 return NULL;
342 }
343
344 /****************************************************************************
345 Find a fsp given a device, inode and file_id.
346 ****************************************************************************/
347
348 files_struct *file_find_dif(struct smbd_server_connection *sconn,
349 struct file_id id, unsigned long gen_id)
350 {
351 int count=0;
352 files_struct *fsp;
353
354 if (gen_id == 0) {
355 return NULL;
356 }
357
358 for (fsp=sconn->files; fsp; fsp=fsp->next,count++) {
359 /* We can have a fsp->fh->fd == -1 here as it could be a stat open. */
360 if (file_id_equal(&fsp->file_id, &id) &&
361 fsp->fh->gen_id == gen_id ) {
362 if (count > 10) {
363 DLIST_PROMOTE(sconn->files, fsp);
364 }
365 /* Paranoia check. */
366 if ((fsp->fh->fd == -1) &&
367 (fsp->oplock_type != NO_OPLOCK) &&
368 (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
369 DEBUG(0,("file_find_dif: file %s file_id = "
370 "%s, gen = %u oplock_type = %u is a "
371 "stat open with oplock type !\n",
372 fsp_str_dbg(fsp),
373 file_id_string_tos(&fsp->file_id),
374 (unsigned int)fsp->fh->gen_id,
375 (unsigned int)fsp->oplock_type ));
376 smb_panic("file_find_dif");
377 }
378 return fsp;
379 }
380 }
381
382 return NULL;
383 }
384
385 /****************************************************************************
386 Find the first fsp given a device and inode.
387 We use a singleton cache here to speed up searching from getfilepathinfo
388 calls.
389 ****************************************************************************/
390
391 files_struct *file_find_di_first(struct smbd_server_connection *sconn,
392 struct file_id id)
393 {
394 files_struct *fsp;
395
396 if (file_id_equal(&sconn->fsp_fi_cache.id, &id)) {
397 /* Positive or negative cache hit. */
398 return sconn->fsp_fi_cache.fsp;
399 }
400
401 sconn->fsp_fi_cache.id = id;
402
403 for (fsp=sconn->files;fsp;fsp=fsp->next) {
404 if (file_id_equal(&fsp->file_id, &id)) {
405 /* Setup positive cache. */
406 sconn->fsp_fi_cache.fsp = fsp;
407 return fsp;
408 }
409 }
410
411 /* Setup negative cache. */
412 sconn->fsp_fi_cache.fsp = NULL;
413 return NULL;
414 }
415
416 /****************************************************************************
417 Find the next fsp having the same device and inode.
418 ****************************************************************************/
419
420 files_struct *file_find_di_next(files_struct *start_fsp)
421 {
422 files_struct *fsp;
423
424 for (fsp = start_fsp->next;fsp;fsp=fsp->next) {
425 if (file_id_equal(&fsp->file_id, &start_fsp->file_id)) {
426 return fsp;
427 }
428 }
429
430 return NULL;
431 }
432
433 /****************************************************************************
434 Find any fsp open with a pathname below that of an already open path.
435 ****************************************************************************/
436
437 bool file_find_subpath(files_struct *dir_fsp)
438 {
439 files_struct *fsp;
440 size_t dlen;
441 char *d_fullname = NULL;
442
443 d_fullname = talloc_asprintf(talloc_tos(), "%s/%s",
444 dir_fsp->conn->connectpath,
445 dir_fsp->fsp_name->base_name);
446
447 if (!d_fullname) {
448 return false;
449 }
450
451 dlen = strlen(d_fullname);
452
453 for (fsp=dir_fsp->conn->sconn->files; fsp; fsp=fsp->next) {
454 char *d1_fullname;
455
456 if (fsp == dir_fsp) {
457 continue;
458 }
459
460 d1_fullname = talloc_asprintf(talloc_tos(),
461 "%s/%s",
462 fsp->conn->connectpath,
463 fsp->fsp_name->base_name);
464
465 /*
466 * If the open file has a path that is a longer
467 * component, then it's a subpath.
468 */
469 if (strnequal(d_fullname, d1_fullname, dlen) &&
470 (d1_fullname[dlen] == '/')) {
471 TALLOC_FREE(d1_fullname);
472 TALLOC_FREE(d_fullname);
473 return true;
474 }
475 TALLOC_FREE(d1_fullname);
476 }
477
478 TALLOC_FREE(d_fullname);
479 return false;
480 }
481
482 /****************************************************************************
483 Sync open files on a connection.
484 ****************************************************************************/
485
486 void file_sync_all(connection_struct *conn)
487 {
488 files_struct *fsp, *next;
489
490 for (fsp=conn->sconn->files; fsp; fsp=next) {
491 next=fsp->next;
492 if ((conn == fsp->conn) && (fsp->fh->fd != -1)) {
493 sync_file(conn, fsp, True /* write through */);
494 }
495 }
496 }
497
498 /****************************************************************************
499 Free up a fsp.
500 ****************************************************************************/
501
502 void fsp_free(files_struct *fsp)
503 {
504 struct smbd_server_connection *sconn = fsp->conn->sconn;
505
506 DLIST_REMOVE(sconn->files, fsp);
507 SMB_ASSERT(sconn->num_files > 0);
508 sconn->num_files--;
509
510 TALLOC_FREE(fsp->fake_file_handle);
511
512 if (fsp->fh->ref_count == 1) {
513 TALLOC_FREE(fsp->fh);
514 } else {
515 fsp->fh->ref_count--;
516 }
517
518 fsp->conn->num_files_open--;
519
520 /* this is paranoia, just in case someone tries to reuse the
521 information */
522 ZERO_STRUCTP(fsp);
523
524 /* fsp->fsp_name is a talloc child and is free'd automatically. */
525 TALLOC_FREE(fsp);
526 }
527
528 void file_free(struct smb_request *req, files_struct *fsp)
529 {
530 struct smbd_server_connection *sconn = fsp->conn->sconn;
531 uint64_t fnum = fsp->fnum;
532
533 if (fsp->notify) {
534 struct notify_context *notify_ctx =
535 fsp->conn->sconn->notify_ctx;
536 notify_remove(notify_ctx, fsp);
537 TALLOC_FREE(fsp->notify);
538 }
539
540 /* Ensure this event will never fire. */
541 TALLOC_FREE(fsp->update_write_time_event);
542
543 if (sconn->file_bmap != NULL) {
544 bitmap_clear(sconn->file_bmap, fsp->fnum - FILE_HANDLE_OFFSET);
545 }
546
547 if ((req != NULL) && (fsp == req->chain_fsp)) {
548 req->chain_fsp = NULL;
549 }
550
551 /*
552 * Clear all possible chained fsp
553 * pointers in the SMB2 request queue.
554 */
555 if (req != NULL && req->smb2req) {
556 remove_smb2_chained_fsp(fsp);
557 }
558
559 /* Closing a file can invalidate the positive cache. */
560 if (fsp == sconn->fsp_fi_cache.fsp) {
561 ZERO_STRUCT(sconn->fsp_fi_cache);
562 }
563
564 /* Drop all remaining extensions. */
565 vfs_remove_all_fsp_extensions(fsp);
566
567 fsp_free(fsp);
568
569 DEBUG(5,("freed files structure %llu (%u used)\n",
570 (unsigned long long)fnum, (unsigned int)sconn->num_files));
571 }
572
573 /****************************************************************************
574 Get an fsp from a 16 bit fnum.
575 ****************************************************************************/
576
577 static struct files_struct *file_fnum(struct smbd_server_connection *sconn,
578 uint16 fnum)
579 {
580 files_struct *fsp;
581 int count=0;
582
583 for (fsp=sconn->files; fsp; fsp=fsp->next, count++) {
584 if (fsp->fnum == FNUM_FIELD_INVALID) {
585 continue;
586 }
587
588 if (fsp->fnum == fnum) {
589 if (count > 10) {
590 DLIST_PROMOTE(sconn->files, fsp);
591 }
592 return fsp;
593 }
594 }
595 return NULL;
596 }
597
598 /****************************************************************************
599 Get an fsp from a packet given a 16 bit fnum.
600 ****************************************************************************/
601
602 files_struct *file_fsp(struct smb_request *req, uint16 fid)
603 {
604 files_struct *fsp;
605
606 if (req == NULL) {
607 /*
608 * We should never get here. req==NULL could in theory
609 * only happen from internal opens with a non-zero
610 * root_dir_fid. Internal opens just don't do that, at
611 * least they are not supposed to do so. And if they
612 * start to do so, they better fake up a smb_request
613 * from which we get the right smbd_server_conn. While
614 * this should never happen, let's return NULL here.
615 */
616 return NULL;
617 }
618
619 if (req->chain_fsp != NULL) {
620 return req->chain_fsp;
621 }
622
623 fsp = file_fnum(req->sconn, fid);
624 if (fsp != NULL) {
625 req->chain_fsp = fsp;
626 }
627 return fsp;
628 }
629
630 uint64_t fsp_persistent_id(const struct files_struct *fsp)
631 {
632 uint64_t persistent_id;
633
634 /*
635 * This calculates a number that is most likely
636 * globally unique. In future we will have a database
637 * to make it completely unique.
638 *
639 * 32-bit random gen_id
640 * 16-bit truncated open_time
641 * 16-bit fnum (valatile_id)
642 */
643 persistent_id = fsp->fh->gen_id & UINT32_MAX;
644 persistent_id <<= 16;
645 persistent_id &= 0x0000FFFFFFFF0000LLU;
646 persistent_id |= fsp->open_time.tv_usec & UINT16_MAX;
647 persistent_id <<= 16;
648 persistent_id &= 0xFFFFFFFFFFFF0000LLU;
649 persistent_id |= fsp->fnum & UINT16_MAX;
650
651 return persistent_id;
652 }
653
654 struct files_struct *file_fsp_smb2(struct smbd_smb2_request *smb2req,
655 uint64_t persistent_id,
656 uint64_t volatile_id)
657 {
658 struct files_struct *fsp;
659 uint64_t fsp_persistent;
660
661 if (smb2req->compat_chain_fsp != NULL) {
662 return smb2req->compat_chain_fsp;
663 }
664
665 if (volatile_id > UINT16_MAX) {
666 return NULL;
667 }
668
669 fsp = file_fnum(smb2req->sconn, (uint16_t)volatile_id);
670 if (fsp == NULL) {
671 return NULL;
672 }
673 fsp_persistent = fsp_persistent_id(fsp);
674
675 if (persistent_id != fsp_persistent) {
676 return NULL;
677 }
678
679 if (smb2req->tcon == NULL) {
680 return NULL;
681 }
682
683 if (smb2req->tcon->compat != fsp->conn) {
684 return NULL;
685 }
686
687 if (smb2req->session == NULL) {
688 return NULL;
689 }
690
691 if (smb2req->session->compat == NULL) {
692 return NULL;
693 }
694
695 if (smb2req->session->compat->vuid != fsp->vuid) {
696 return NULL;
697 }
698
699 smb2req->compat_chain_fsp = fsp;
700 return fsp;
701 }
702
703 /****************************************************************************
704 Duplicate the file handle part for a DOS or FCB open.
705 ****************************************************************************/
706
707 NTSTATUS dup_file_fsp(struct smb_request *req, files_struct *from,
708 uint32 access_mask, uint32 share_access,
709 uint32 create_options, files_struct *to)
710 {
711 /* this can never happen for print files */
712 SMB_ASSERT(from->print_file == NULL);
713
714 TALLOC_FREE(to->fh);
715
716 to->fh = from->fh;
717 to->fh->ref_count++;
718
719 to->file_id = from->file_id;
720 to->initial_allocation_size = from->initial_allocation_size;
721 to->file_pid = from->file_pid;
722 to->vuid = from->vuid;
723 to->open_time = from->open_time;
724 to->access_mask = access_mask;
725 to->share_access = share_access;
726 to->oplock_type = from->oplock_type;
727 to->can_lock = from->can_lock;
728 to->can_read = ((access_mask & FILE_READ_DATA) != 0);
729 to->can_write =
730 CAN_WRITE(from->conn) &&
731 ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) != 0);
732 to->modified = from->modified;
733 to->is_directory = from->is_directory;
734 to->aio_write_behind = from->aio_write_behind;
735
736 return fsp_set_smb_fname(to, from->fsp_name);
737 }
738
739 /**
740 * Return a jenkins hash of a pathname on a connection.
741 */
742
743 NTSTATUS file_name_hash(connection_struct *conn,
744 const char *name, uint32_t *p_name_hash)
745 {
746 char *fullpath = NULL;
747
748 /* Set the hash of the full pathname. */
749 fullpath = talloc_asprintf(talloc_tos(),
750 "%s/%s",
751 conn->connectpath,
752 name);
753 if (!fullpath) {
754 return NT_STATUS_NO_MEMORY;
755 }
756 *p_name_hash = hash(fullpath, talloc_get_size(fullpath), 0);
757
758 DEBUG(10,("file_name_hash: %s hash 0x%x\n",
759 fullpath,
760 (unsigned int)*p_name_hash ));
761
762 TALLOC_FREE(fullpath);
763 return NT_STATUS_OK;
764 }
765
766 /**
767 * The only way that the fsp->fsp_name field should ever be set.
768 */
769 NTSTATUS fsp_set_smb_fname(struct files_struct *fsp,
770 const struct smb_filename *smb_fname_in)
771 {
772 NTSTATUS status;
773 struct smb_filename *smb_fname_new;
774
775 status = copy_smb_filename(fsp, smb_fname_in, &smb_fname_new);
776 if (!NT_STATUS_IS_OK(status)) {
777 return status;
778 }
779
780 TALLOC_FREE(fsp->fsp_name);
781 fsp->fsp_name = smb_fname_new;
782
783 return file_name_hash(fsp->conn,
784 smb_fname_str_dbg(fsp->fsp_name),
785 &fsp->name_hash);
786 }
Anubhav's Work In Progress branches