Print this page
NEX-19471 A handle to a newly created Named Stream may not cause sharing violations
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-19152 MacOS HighSierra Finder crashes...
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-17431 (HyperV) Windows VM goes panic after failover
NEX-18639 Panic in smb_ofile_release with expired ofile
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Matt Barden <matt.barden@nexenta.com>
NEX-13644 File access audit logging
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
Reviewed by: Saso Kiselkov <saso.kiselkov@nexenta.com>
Reviewed by: Rick McNeal <rick.mcneal@nexenta.com>
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
NEX-17779 Creating named streams on existing files is not quite right
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
NEX-9808 SMB3 persistent handles
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-15578 SMB2 durable handle redesign
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-5665 SMB2 oplock leases
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
NEX-15555 SMB2 async redesign
NEX-15061 smtorture smb2.lock.cancel.cancel is failed
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
Also follow-up change to:
NEX-1643 dtrace provider for smbsrv (remove "done2" probes,
which don't make sense with the new async design)
NEX-15579 SMB should not create in directories marked delete-on-close
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-9808 SMB3 persistent handles
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-15578 SMB2 durable handle redesign
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-5665 SMB2 oplock leases
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
NEX-15555 SMB2 async redesign
NEX-15061 smtorture smb2.lock.cancel.cancel is failed
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
Also follow-up change to:
NEX-1643 dtrace provider for smbsrv (remove "done2" probes,
which don't make sense with the new async design)
NEX-15579 SMB should not create in directories marked delete-on-close
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-14832 smb fails to delete read-only file after NEX-9604
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
NEX-13653 Obsolete SMB server work-around for ZFS read-only
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-9604 SMB: smb2 does not delete a read-only file, where smb1 does
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-9864 Some SMB cancel races remain after NEX-5845
Revert (part of) "NEX-5845 rework SMB immediate cancel"
reverts (part of) commit 7a5da69f6d42b17ebcc95ca3d02925d07a01343e.
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
NEX-9098 Hitting file handler count limit of 16k
Reviewed by: Alek Pinchuk <alek.pinchuk@nexenta.com>
Reviewed by: Matt Barden <matt.barden@nexenta.com>
NEX-6258 SMB grants WRITE_ATTRIBUTES when it should not
Reviewed by: Kevin Crowe <kevin.crowe@nexenta.com>
Reviewed by: Rick McNeal <rick.mcneal@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Matt Barden <matt.barden@nexenta.com>
NEX-5844 want SMB2 ioctl FSCTL_SRV_COPYCHUNK
NEX-6124 smb_fsop_read/write should allow file != sr->fid_ofile
NEX-6125 smbtorture invalid response with smb2.ioctl
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Matt Barden <matt.barden@nexenta.com>
NEX-4538 SMB1 create file should support extended_response format (2)
NEX-6116 Failures in smbtorture raw.open
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Kevin Crowe <kevin.crowe@nexenta.com>
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Include this commit if upstreaming/backporting any of:
NEX-4540 SMB server declines EA support incorrectly
NEX-4239 smbtorture create failures re. allocation size
(illumos) 6398 SMB should support path names longer than 1024
NEX-3553 SMB2/3 durable handles
Reviewed by: Gordon Ross <gwr@nexenta.com>
Reviewed by: Kevin Crowe <kevin.crowe@nexenta.com>
NEX-5312 delete_on_close should be acted on earlier
Reviewed by: Gordon Ross <gwr@nexenta.com>
NEX-3733 Want SMB2 Apple extensions
Reviewed by: Kevin Crowe <kevin.crowe@nexenta.com>
Reviewed by: Matt Barden <Matt.Barden@nexenta.com>
NEX-4239 smbtorture create failures re. allocation size
Reviewed by: Matt Barden <Matt.Barden@nexenta.com>
Reviewed by: Kevin Crowe <kevin.crowe@nexenta.com>
NEX-3432 CLONE - NEX-3232 Symantec Backup Exec fails opening files over SMB
Reviewed by: Alek Pinchuk <alek@nexenta.com>
Reviewed by: Bayard Bell <bayard.bell@nexenta.com>
Reviewed by: Daniel Borek <daniel.borek@nexenta.com>
OS-266 sync v8 mdb module to illumos-joyent f1ab5c2
NEX-1633 smb_open_attr_only() does not return true if READ_CONTROL is set
SMB-115 Support SMB path names with length > 1024
SMB-100 Internal error if filename is too long
Approved by: Gordon Ross <gwr@nexenta.com>
SMB-103 SMB2_create with access MAXIMUM_ALLOWED fails
SMB-92 Panic with smbtorture raw.samba3oplocklogoff
SMB-11 SMB2 message parse & dispatch
SMB-12 SMB2 Negotiate Protocol
SMB-13 SMB2 Session Setup
SMB-14 SMB2 Logoff
SMB-15 SMB2 Tree Connect
SMB-16 SMB2 Tree Disconnect
SMB-17 SMB2 Create
SMB-18 SMB2 Close
SMB-19 SMB2 Flush
SMB-20 SMB2 Read
SMB-21 SMB2 Write
SMB-22 SMB2 Lock/Unlock
SMB-23 SMB2 Ioctl
SMB-24 SMB2 Cancel
SMB-25 SMB2 Echo
SMB-26 SMB2 Query Dir
SMB-27 SMB2 Change Notify
SMB-28 SMB2 Query Info
SMB-29 SMB2 Set Info
SMB-30 SMB2 Oplocks
SMB-53 SMB2 Create Context options
(SMB2 code review cleanup 1, 2, 3)
SMB-39 Use AF_UNIX pipes for RPC
SMB-50 User-mode SMB server
Includes work by these authors:
Thomas Keiser <thomas.keiser@nexenta.com>
Albert Lee <trisk@nexenta.com>
SMB-65 SMB server in non-global zones (use zone_kcred())
SUP-694 panic on bad mutex in smb_event_wait()
SMB-63 taskq_create_proc ... TQ_DYNAMIC puts tasks in p0
re #11974 CIFS Share - Tree connect fails from Windows 7 Clients
SUS-172 Excel 2003 warning dialog when re-saving a file
SUS-173 Open fails if the client does not ask for read_attribute permission
re #14152 Race between ipmi_submit_driver_request() and kcs_loop() (sync with illumos fix 3902)
SMB-46 File handle leaks exposed by mtime fixes (rm 7815)
re #7815 SMB server delivers old modification time...
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/fs/smbsrv/smb_common_open.c
+++ new/usr/src/uts/common/fs/smbsrv/smb_common_open.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
|
↓ open down ↓ |
13 lines elided |
↑ open up ↑ |
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
24 - * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
24 + * Copyright 2019 Nexenta Systems, Inc. All rights reserved.
25 25 */
26 26
27 27 /*
28 28 * This module provides the common open functionality to the various
29 29 * open and create SMB interface functions.
30 30 */
31 31
32 32 #include <sys/types.h>
33 33 #include <sys/cmn_err.h>
34 34 #include <sys/fcntl.h>
35 35 #include <sys/nbmlock.h>
36 36 #include <smbsrv/string.h>
37 37 #include <smbsrv/smb_kproto.h>
38 38 #include <smbsrv/smb_fsops.h>
39 39 #include <smbsrv/smbinfo.h>
40 +#include <smbsrv/smb2_kproto.h>
40 41
41 -static volatile uint32_t smb_fids = 0;
42 -#define SMB_UNIQ_FID() atomic_inc_32_nv(&smb_fids)
42 +int smb_session_ofile_max = 32768;
43 43
44 -static uint32_t smb_open_subr(smb_request_t *);
45 44 extern uint32_t smb_is_executable(char *);
46 45 static void smb_delete_new_object(smb_request_t *);
47 46 static int smb_set_open_attributes(smb_request_t *, smb_ofile_t *);
48 -static void smb_open_oplock_break(smb_request_t *, smb_node_t *);
49 -static boolean_t smb_open_attr_only(smb_arg_open_t *);
50 -static boolean_t smb_open_overwrite(smb_arg_open_t *);
51 47
52 48 /*
53 49 * smb_access_generic_to_file
54 50 *
55 51 * Search MSDN for IoCreateFile to see following mapping.
56 52 *
57 53 * GENERIC_READ STANDARD_RIGHTS_READ, FILE_READ_DATA,
58 54 * FILE_READ_ATTRIBUTES and FILE_READ_EA
59 55 *
60 56 * GENERIC_WRITE STANDARD_RIGHTS_WRITE, FILE_WRITE_DATA,
61 57 * FILE_WRITE_ATTRIBUTES, FILE_WRITE_EA, and FILE_APPEND_DATA
62 58 *
63 59 * GENERIC_EXECUTE STANDARD_RIGHTS_EXECUTE, SYNCHRONIZE, and FILE_EXECUTE.
64 60 */
65 61 static uint32_t
66 62 smb_access_generic_to_file(uint32_t desired_access)
67 63 {
68 64 uint32_t access = 0;
69 65
70 66 if (desired_access & GENERIC_ALL)
71 67 return (FILE_ALL_ACCESS & ~SYNCHRONIZE);
72 68
73 69 if (desired_access & GENERIC_EXECUTE) {
74 70 desired_access &= ~GENERIC_EXECUTE;
75 71 access |= (STANDARD_RIGHTS_EXECUTE |
76 72 SYNCHRONIZE | FILE_EXECUTE);
77 73 }
78 74
79 75 if (desired_access & GENERIC_WRITE) {
80 76 desired_access &= ~GENERIC_WRITE;
81 77 access |= (FILE_GENERIC_WRITE & ~SYNCHRONIZE);
82 78 }
83 79
84 80 if (desired_access & GENERIC_READ) {
85 81 desired_access &= ~GENERIC_READ;
86 82 access |= FILE_GENERIC_READ;
87 83 }
88 84
89 85 return (access | desired_access);
90 86 }
91 87
92 88 /*
93 89 * smb_omode_to_amask
94 90 *
95 91 * This function converts open modes used by Open and Open AndX
96 92 * commands to desired access bits used by NT Create AndX command.
97 93 */
98 94 uint32_t
99 95 smb_omode_to_amask(uint32_t desired_access)
100 96 {
101 97 switch (desired_access & SMB_DA_ACCESS_MASK) {
|
↓ open down ↓ |
41 lines elided |
↑ open up ↑ |
102 98 case SMB_DA_ACCESS_READ:
103 99 return (FILE_GENERIC_READ);
104 100
105 101 case SMB_DA_ACCESS_WRITE:
106 102 return (FILE_GENERIC_WRITE);
107 103
108 104 case SMB_DA_ACCESS_READ_WRITE:
109 105 return (FILE_GENERIC_READ | FILE_GENERIC_WRITE);
110 106
111 107 case SMB_DA_ACCESS_EXECUTE:
112 - return (FILE_GENERIC_EXECUTE);
108 + return (FILE_GENERIC_READ | FILE_GENERIC_EXECUTE);
113 109
114 110 default:
115 111 return (FILE_GENERIC_ALL);
116 112 }
117 113 }
118 114
119 115 /*
120 116 * smb_denymode_to_sharemode
121 117 *
122 118 * This function converts deny modes used by Open and Open AndX
123 119 * commands to share access bits used by NT Create AndX command.
124 120 */
125 121 uint32_t
126 122 smb_denymode_to_sharemode(uint32_t desired_access, char *fname)
127 123 {
128 124 switch (desired_access & SMB_DA_SHARE_MASK) {
129 125 case SMB_DA_SHARE_COMPATIBILITY:
130 126 if (smb_is_executable(fname))
131 127 return (FILE_SHARE_READ | FILE_SHARE_WRITE);
132 128
133 129 return (FILE_SHARE_ALL);
134 130
135 131 case SMB_DA_SHARE_EXCLUSIVE:
136 132 return (FILE_SHARE_NONE);
137 133
138 134 case SMB_DA_SHARE_DENY_WRITE:
139 135 return (FILE_SHARE_READ);
140 136
141 137 case SMB_DA_SHARE_DENY_READ:
142 138 return (FILE_SHARE_WRITE);
143 139
144 140 case SMB_DA_SHARE_DENY_NONE:
145 141 default:
146 142 return (FILE_SHARE_READ | FILE_SHARE_WRITE);
147 143 }
148 144 }
149 145
150 146 /*
151 147 * smb_ofun_to_crdisposition
152 148 *
153 149 * This function converts open function values used by Open and Open AndX
154 150 * commands to create disposition values used by NT Create AndX command.
155 151 */
156 152 uint32_t
157 153 smb_ofun_to_crdisposition(uint16_t ofun)
158 154 {
159 155 static int ofun_cr_map[3][2] =
160 156 {
161 157 { -1, FILE_CREATE },
162 158 { FILE_OPEN, FILE_OPEN_IF },
163 159 { FILE_OVERWRITE, FILE_OVERWRITE_IF }
164 160 };
165 161
|
↓ open down ↓ |
43 lines elided |
↑ open up ↑ |
166 162 int row = ofun & SMB_OFUN_OPEN_MASK;
167 163 int col = (ofun & SMB_OFUN_CREATE_MASK) >> 4;
168 164
169 165 if (row == 3)
170 166 return (FILE_MAXIMUM_DISPOSITION + 1);
171 167
172 168 return (ofun_cr_map[row][col]);
173 169 }
174 170
175 171 /*
176 - * Retry opens to avoid spurious sharing violations, due to timing
177 - * issues between closes and opens. The client that already has the
178 - * file open may be in the process of closing it.
179 - */
180 -uint32_t
181 -smb_common_open(smb_request_t *sr)
182 -{
183 - smb_arg_open_t *parg;
184 - uint32_t status = NT_STATUS_SUCCESS;
185 - int count;
186 -
187 - parg = kmem_alloc(sizeof (*parg), KM_SLEEP);
188 - bcopy(&sr->arg.open, parg, sizeof (*parg));
189 -
190 - for (count = 0; count <= 4; count++) {
191 - if (count != 0)
192 - delay(MSEC_TO_TICK(400));
193 -
194 - status = smb_open_subr(sr);
195 - if (status != NT_STATUS_SHARING_VIOLATION)
196 - break;
197 -
198 - bcopy(parg, &sr->arg.open, sizeof (*parg));
199 - }
200 -
201 - if (status == NT_STATUS_NO_SUCH_FILE)
202 - status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
203 -
204 - kmem_free(parg, sizeof (*parg));
205 - return (status);
206 -}
207 -
208 -/*
209 - * smb_open_subr
172 + * smb_common_open
210 173 *
211 174 * Notes on write-through behaviour. It looks like pre-LM0.12 versions
212 175 * of the protocol specify the write-through mode when a file is opened,
213 176 * (SmbOpen, SmbOpenAndX) so the write calls (SmbWrite, SmbWriteAndClose,
214 177 * SmbWriteAndUnlock) don't need to contain a write-through flag.
215 178 *
216 179 * With LM0.12, the open calls (SmbCreateAndX, SmbNtTransactCreate)
217 180 * don't indicate which write-through mode to use. Instead the write
218 181 * calls (SmbWriteAndX, SmbWriteRaw) specify the mode on a per call
219 182 * basis.
220 183 *
221 184 * We don't care which open call was used to get us here, we just need
222 185 * to ensure that the write-through mode flag is copied from the open
223 186 * parameters to the node. We test the omode write-through flag in all
224 187 * write functions.
225 188 *
226 189 * This function returns NT status codes.
227 190 *
228 191 * The following rules apply when processing a file open request:
229 192 *
230 193 * - Oplocks must be broken prior to share checking as the break may
231 194 * cause other clients to close the file, which would affect sharing
232 195 * checks.
233 196 *
234 197 * - Share checks must take place prior to access checks for correct
|
↓ open down ↓ |
15 lines elided |
↑ open up ↑ |
235 198 * Windows semantics and to prevent unnecessary NFS delegation recalls.
236 199 *
237 200 * - Oplocks must be acquired after open to ensure the correct
238 201 * synchronization with NFS delegation and FEM installation.
239 202 *
240 203 * DOS readonly bit rules
241 204 *
242 205 * 1. The creator of a readonly file can write to/modify the size of the file
243 206 * using the original create fid, even though the file will appear as readonly
244 207 * to all other fids and via a CIFS getattr call.
245 - * The readonly bit therefore cannot be set in the filesystem until the file
246 - * is closed (smb_ofile_close). It is accounted for via ofile and node flags.
247 208 *
248 209 * 2. A setinfo operation (using either an open fid or a path) to set/unset
249 210 * readonly will be successful regardless of whether a creator of a readonly
250 - * file has an open fid (and has the special privilege mentioned in #1,
251 - * above). I.e., the creator of a readonly fid holding that fid will no longer
252 - * have a special privilege.
211 + * file has an open fid.
253 212 *
254 213 * 3. The DOS readonly bit affects only data and some metadata.
255 214 * The following metadata can be changed regardless of the readonly bit:
256 - * - security descriptors
215 + * - security descriptors
257 216 * - DOS attributes
258 217 * - timestamps
259 218 *
260 219 * In the current implementation, the file size cannot be changed (except for
261 220 * the exceptions in #1 and #2, above).
262 221 *
263 222 *
264 223 * DOS attribute rules
265 224 *
266 225 * These rules are specific to creating / opening files and directories.
267 226 * How the attribute value (specifically ZERO or FILE_ATTRIBUTE_NORMAL)
268 227 * should be interpreted may differ in other requests.
269 228 *
270 229 * - An attribute value equal to ZERO or FILE_ATTRIBUTE_NORMAL means that the
271 230 * file's attributes should be cleared.
272 231 * - If FILE_ATTRIBUTE_NORMAL is specified with any other attributes,
273 232 * FILE_ATTRIBUTE_NORMAL is ignored.
274 233 *
275 234 * 1. Creating a new file
276 235 * - The request attributes + FILE_ATTRIBUTE_ARCHIVE are applied to the file.
277 236 *
278 237 * 2. Creating a new directory
279 238 * - The request attributes + FILE_ATTRIBUTE_DIRECTORY are applied to the file.
|
↓ open down ↓ |
13 lines elided |
↑ open up ↑ |
280 239 * - FILE_ATTRIBUTE_ARCHIVE does not get set.
281 240 *
282 241 * 3. Overwriting an existing file
283 242 * - the request attributes are used as search attributes. If the existing
284 243 * file does not meet the search criteria access is denied.
285 244 * - otherwise, applies attributes + FILE_ATTRIBUTE_ARCHIVE.
286 245 *
287 246 * 4. Opening an existing file or directory
288 247 * The request attributes are ignored.
289 248 */
290 -static uint32_t
291 -smb_open_subr(smb_request_t *sr)
249 +uint32_t
250 +smb_common_open(smb_request_t *sr)
292 251 {
293 - boolean_t created = B_FALSE;
294 - boolean_t last_comp_found = B_FALSE;
295 - smb_node_t *node = NULL;
252 + smb_server_t *sv = sr->sr_server;
253 + smb_tree_t *tree = sr->tid_tree;
254 + smb_node_t *fnode = NULL;
296 255 smb_node_t *dnode = NULL;
297 256 smb_node_t *cur_node = NULL;
257 + smb_node_t *tmp_node = NULL;
298 258 smb_arg_open_t *op = &sr->sr_open;
299 - int rc;
300 - smb_ofile_t *of;
259 + smb_pathname_t *pn = &op->fqi.fq_path;
260 + smb_ofile_t *of = NULL;
301 261 smb_attr_t new_attr;
262 + hrtime_t shrlock_t0;
302 263 int max_requested = 0;
303 264 uint32_t max_allowed;
304 265 uint32_t status = NT_STATUS_SUCCESS;
305 266 int is_dir;
306 - smb_error_t err;
267 + int rc;
307 268 boolean_t is_stream = B_FALSE;
308 269 int lookup_flags = SMB_FOLLOW_LINKS;
309 - uint32_t uniq_fid;
310 - smb_pathname_t *pn = &op->fqi.fq_path;
311 - smb_server_t *sv = sr->sr_server;
270 + uint32_t uniq_fid = 0;
271 + uint16_t tree_fid = 0;
272 + boolean_t created = B_FALSE;
273 + boolean_t last_comp_found = B_FALSE;
274 + boolean_t stream_found = B_FALSE;
275 + boolean_t opening_incr = B_FALSE;
276 + boolean_t dnode_held = B_FALSE;
277 + boolean_t dnode_wlock = B_FALSE;
278 + boolean_t fnode_held = B_FALSE;
279 + boolean_t fnode_wlock = B_FALSE;
280 + boolean_t fnode_shrlk = B_FALSE;
281 + boolean_t did_open = B_FALSE;
282 + boolean_t did_break_handle = B_FALSE;
283 + boolean_t did_cleanup_orphans = B_FALSE;
284 + char *sname = NULL;
285 + boolean_t do_audit = B_FALSE;
312 286
287 + /* Get out now if we've been cancelled. */
288 + mutex_enter(&sr->sr_mutex);
289 + if (sr->sr_state != SMB_REQ_STATE_ACTIVE) {
290 + mutex_exit(&sr->sr_mutex);
291 + return (NT_STATUS_CANCELLED);
292 + }
293 + mutex_exit(&sr->sr_mutex);
294 +
313 295 is_dir = (op->create_options & FILE_DIRECTORY_FILE) ? 1 : 0;
314 296
315 297 /*
316 298 * If the object being created or opened is a directory
317 299 * the Disposition parameter must be one of FILE_CREATE,
318 300 * FILE_OPEN, or FILE_OPEN_IF
319 301 */
320 302 if (is_dir) {
321 303 if ((op->create_disposition != FILE_CREATE) &&
322 304 (op->create_disposition != FILE_OPEN_IF) &&
323 305 (op->create_disposition != FILE_OPEN)) {
|
↓ open down ↓ |
1 lines elided |
↑ open up ↑ |
324 306 return (NT_STATUS_INVALID_PARAMETER);
325 307 }
326 308 }
327 309
328 310 if (op->desired_access & MAXIMUM_ALLOWED) {
329 311 max_requested = 1;
330 312 op->desired_access &= ~MAXIMUM_ALLOWED;
331 313 }
332 314 op->desired_access = smb_access_generic_to_file(op->desired_access);
333 315
334 - if (sr->session->s_file_cnt >= SMB_SESSION_OFILE_MAX) {
316 + if (sr->session->s_file_cnt >= smb_session_ofile_max) {
335 317 ASSERT(sr->uid_user);
336 318 cmn_err(CE_NOTE, "smbsrv[%s\\%s]: TOO_MANY_OPENED_FILES",
337 319 sr->uid_user->u_domain, sr->uid_user->u_name);
338 320 return (NT_STATUS_TOO_MANY_OPENED_FILES);
339 321 }
340 322
323 + if (smb_idpool_alloc(&tree->t_fid_pool, &tree_fid))
324 + return (NT_STATUS_TOO_MANY_OPENED_FILES);
325 +
341 326 /* This must be NULL at this point */
342 327 sr->fid_ofile = NULL;
343 328
344 329 op->devstate = 0;
345 330
346 331 switch (sr->tid_tree->t_res_type & STYPE_MASK) {
347 332 case STYPE_DISKTREE:
348 333 case STYPE_PRINTQ:
349 334 break;
350 335
351 336 case STYPE_IPC:
352 337 /*
353 338 * Security descriptors for pipes are not implemented,
354 339 * so just setup a reasonable access mask.
|
↓ open down ↓ |
4 lines elided |
↑ open up ↑ |
355 340 */
356 341 op->desired_access = (READ_CONTROL | SYNCHRONIZE |
357 342 FILE_READ_DATA | FILE_READ_ATTRIBUTES |
358 343 FILE_WRITE_DATA | FILE_APPEND_DATA);
359 344
360 345 /*
361 346 * Limit the number of open pipe instances.
362 347 */
363 348 if ((rc = smb_threshold_enter(&sv->sv_opipe_ct)) != 0) {
364 349 status = RPC_NT_SERVER_TOO_BUSY;
365 - return (status);
350 + goto errout;
366 351 }
367 352
368 353 /*
369 - * No further processing for IPC, we need to either
370 - * raise an exception or return success here.
354 + * Most of IPC open is handled in smb_opipe_open()
371 355 */
372 - uniq_fid = SMB_UNIQ_FID();
373 - status = smb_opipe_open(sr, uniq_fid);
356 + op->create_options = 0;
357 + of = smb_ofile_alloc(sr, op, NULL, SMB_FTYPE_MESG_PIPE,
358 + tree_fid);
359 + tree_fid = 0; // given to the ofile
360 + status = smb_opipe_open(sr, of);
374 361 smb_threshold_exit(&sv->sv_opipe_ct);
375 - return (status);
362 + if (status != NT_STATUS_SUCCESS)
363 + goto errout;
364 + return (NT_STATUS_SUCCESS);
376 365
377 366 default:
378 - return (NT_STATUS_BAD_DEVICE_TYPE);
367 + status = NT_STATUS_BAD_DEVICE_TYPE;
368 + goto errout;
379 369 }
380 370
381 371 smb_pathname_init(sr, pn, pn->pn_path);
382 - if (!smb_pathname_validate(sr, pn))
383 - return (sr->smb_error.status);
372 + if (!smb_pathname_validate(sr, pn)) {
373 + status = sr->smb_error.status;
374 + goto errout;
375 + }
384 376
385 377 if (strlen(pn->pn_path) >= SMB_MAXPATHLEN) {
386 - return (NT_STATUS_OBJECT_PATH_INVALID);
378 + status = NT_STATUS_OBJECT_PATH_INVALID;
379 + goto errout;
387 380 }
388 381
389 382 if (is_dir) {
390 - if (!smb_validate_dirname(sr, pn))
391 - return (sr->smb_error.status);
383 + if (!smb_validate_dirname(sr, pn)) {
384 + status = sr->smb_error.status;
385 + goto errout;
386 + }
392 387 } else {
393 - if (!smb_validate_object_name(sr, pn))
394 - return (sr->smb_error.status);
388 + if (!smb_validate_object_name(sr, pn)) {
389 + status = sr->smb_error.status;
390 + goto errout;
391 + }
395 392 }
396 393
397 394 cur_node = op->fqi.fq_dnode ?
398 395 op->fqi.fq_dnode : sr->tid_tree->t_snode;
399 396
397 + rc = smb_pathname_reduce(sr, sr->user_cr, pn->pn_path,
398 + sr->tid_tree->t_snode, cur_node, &op->fqi.fq_dnode,
399 + op->fqi.fq_last_comp);
400 + if (rc != 0) {
401 + status = smb_errno2status(rc);
402 + goto errout;
403 + }
404 + dnode = op->fqi.fq_dnode;
405 + dnode_held = B_TRUE;
406 +
400 407 /*
401 - * if no path or filename are specified the stream should be
402 - * created on cur_node
408 + * Lock the parent dir node in case another create
409 + * request to the same parent directory comes in.
410 + * Drop this once either lookup succeeds, or we've
411 + * created the object in this directory.
403 412 */
404 - if (!is_dir && !pn->pn_pname && !pn->pn_fname && pn->pn_sname) {
405 - /*
406 - * Can't currently handle a stream on the tree root.
407 - * If a stream is being opened return "not found", otherwise
408 - * return "access denied".
409 - */
410 - if (cur_node == sr->tid_tree->t_snode) {
411 - if (op->create_disposition == FILE_OPEN) {
412 - return (NT_STATUS_OBJECT_NAME_NOT_FOUND);
413 - }
414 - return (NT_STATUS_ACCESS_DENIED);
415 - }
413 + smb_node_wrlock(dnode);
414 + dnode_wlock = B_TRUE;
416 415
417 - (void) snprintf(op->fqi.fq_last_comp,
418 - sizeof (op->fqi.fq_last_comp),
419 - "%s%s", cur_node->od_name, pn->pn_sname);
420 -
421 - op->fqi.fq_dnode = cur_node->n_dnode;
422 - smb_node_ref(op->fqi.fq_dnode);
423 - } else {
424 - rc = smb_pathname_reduce(sr, sr->user_cr, pn->pn_path,
425 - sr->tid_tree->t_snode, cur_node, &op->fqi.fq_dnode,
426 - op->fqi.fq_last_comp);
427 - if (rc != 0) {
428 - return (smb_errno2status(rc));
429 - }
430 - }
431 -
432 416 /*
433 417 * If the access mask has only DELETE set (ignore
434 418 * FILE_READ_ATTRIBUTES), then assume that this
435 419 * is a request to delete the link (if a link)
436 420 * and do not follow links. Otherwise, follow
437 421 * the link to the target.
438 422 */
439 423 if ((op->desired_access & ~FILE_READ_ATTRIBUTES) == DELETE)
440 424 lookup_flags &= ~SMB_FOLLOW_LINKS;
441 425
442 - rc = smb_fsop_lookup_name(sr, zone_kcred(), lookup_flags,
426 + /*
427 + * Lookup *just* the file portion of the name.
428 + * Returns stream name in sname, which this allocates
429 + */
430 + rc = smb_fsop_lookup_file(sr, zone_kcred(), lookup_flags,
443 431 sr->tid_tree->t_snode, op->fqi.fq_dnode, op->fqi.fq_last_comp,
444 - &op->fqi.fq_fnode);
432 + &sname, &op->fqi.fq_fnode);
445 433
446 434 if (rc == 0) {
447 435 last_comp_found = B_TRUE;
436 + fnode_held = B_TRUE;
437 +
448 438 /*
449 439 * Need the DOS attributes below, where we
450 440 * check the search attributes (sattr).
441 + * Also UID, for owner check below.
451 442 */
452 - op->fqi.fq_fattr.sa_mask = SMB_AT_DOSATTR;
443 + op->fqi.fq_fattr.sa_mask = SMB_AT_DOSATTR | SMB_AT_UID;
453 444 rc = smb_node_getattr(sr, op->fqi.fq_fnode, zone_kcred(),
454 445 NULL, &op->fqi.fq_fattr);
455 446 if (rc != 0) {
456 - smb_node_release(op->fqi.fq_fnode);
457 - smb_node_release(op->fqi.fq_dnode);
458 - return (NT_STATUS_INTERNAL_ERROR);
447 + status = NT_STATUS_INTERNAL_ERROR;
448 + goto errout;
459 449 }
460 450 } else if (rc == ENOENT) {
461 451 last_comp_found = B_FALSE;
462 452 op->fqi.fq_fnode = NULL;
463 453 rc = 0;
464 454 } else {
465 - smb_node_release(op->fqi.fq_dnode);
466 - return (smb_errno2status(rc));
455 + status = smb_errno2status(rc);
456 + goto errout;
467 457 }
468 458
469 -
470 - /*
471 - * The uniq_fid is a CIFS-server-wide unique identifier for an ofile
472 - * which is used to uniquely identify open instances for the
473 - * VFS share reservation and POSIX locks.
474 - */
475 -
476 - uniq_fid = SMB_UNIQ_FID();
477 -
478 459 if (last_comp_found) {
479 460
480 - node = op->fqi.fq_fnode;
461 + fnode = op->fqi.fq_fnode;
481 462 dnode = op->fqi.fq_dnode;
482 463
483 - if (!smb_node_is_file(node) && !smb_node_is_dir(node) &&
484 - !smb_node_is_symlink(node)) {
485 - smb_node_release(node);
486 - smb_node_release(dnode);
487 - return (NT_STATUS_ACCESS_DENIED);
464 + if (!smb_node_is_file(fnode) &&
465 + !smb_node_is_dir(fnode) &&
466 + !smb_node_is_symlink(fnode)) {
467 + status = NT_STATUS_ACCESS_DENIED;
468 + goto errout;
488 469 }
489 470
490 471 /*
491 472 * Reject this request if either:
492 473 * - the target IS a directory and the client requires that
493 474 * it must NOT be (required by Lotus Notes)
494 475 * - the target is NOT a directory and client requires that
495 476 * it MUST be.
477 + * Streams are never directories.
496 478 */
497 - if (smb_node_is_dir(node)) {
479 + if (smb_node_is_dir(fnode) && sname == NULL) {
498 480 if (op->create_options & FILE_NON_DIRECTORY_FILE) {
499 - smb_node_release(node);
500 - smb_node_release(dnode);
501 - return (NT_STATUS_FILE_IS_A_DIRECTORY);
481 + status = NT_STATUS_FILE_IS_A_DIRECTORY;
482 + goto errout;
502 483 }
503 484 } else {
504 485 if ((op->create_options & FILE_DIRECTORY_FILE) ||
505 486 (op->nt_flags & NT_CREATE_FLAG_OPEN_TARGET_DIR)) {
506 - smb_node_release(node);
507 - smb_node_release(dnode);
508 - return (NT_STATUS_NOT_A_DIRECTORY);
487 + status = NT_STATUS_NOT_A_DIRECTORY;
488 + goto errout;
509 489 }
510 490 }
511 491
512 - /*
513 - * No more open should be accepted when "Delete on close"
514 - * flag is set.
515 - */
516 - if (node->flags & NODE_FLAGS_DELETE_ON_CLOSE) {
517 - smb_node_release(node);
518 - smb_node_release(dnode);
519 - return (NT_STATUS_DELETE_PENDING);
492 + /* If we're given a stream name, look it up now */
493 + if (sname != NULL) {
494 + tmp_node = fnode;
495 + rc = smb_fsop_lookup_stream(sr, zone_kcred(),
496 + lookup_flags, sr->tid_tree->t_snode, fnode, sname,
497 + &fnode);
498 + } else {
499 + rc = 0;
520 500 }
521 501
522 - /*
523 - * Specified file already exists so the operation should fail.
524 - */
525 - if (op->create_disposition == FILE_CREATE) {
526 - smb_node_release(node);
527 - smb_node_release(dnode);
528 - return (NT_STATUS_OBJECT_NAME_COLLISION);
502 + if (rc == 0) { /* Stream Exists (including unnamed stream) */
503 + stream_found = B_TRUE;
504 + smb_node_unlock(dnode);
505 + dnode_wlock = B_FALSE;
506 +
507 + if (tmp_node != NULL)
508 + smb_node_release(tmp_node);
509 +
510 + /*
511 + * No more open should be accepted when
512 + * "Delete on close" flag is set.
513 + */
514 + if (fnode->flags & NODE_FLAGS_DELETE_ON_CLOSE) {
515 + status = NT_STATUS_DELETE_PENDING;
516 + goto errout;
517 + }
518 +
519 + /*
520 + * Specified file already exists
521 + * so the operation should fail.
522 + */
523 + if (op->create_disposition == FILE_CREATE) {
524 + status = NT_STATUS_OBJECT_NAME_COLLISION;
525 + goto errout;
526 + }
527 +
528 + if ((op->create_disposition == FILE_SUPERSEDE) ||
529 + (op->create_disposition == FILE_OVERWRITE_IF) ||
530 + (op->create_disposition == FILE_OVERWRITE)) {
531 +
532 + if (sname == NULL) {
533 + if (!smb_sattr_check(
534 + op->fqi.fq_fattr.sa_dosattr,
535 + op->dattr)) {
536 + status =
537 + NT_STATUS_ACCESS_DENIED;
538 + goto errout;
539 + }
540 + op->desired_access |=
541 + FILE_WRITE_ATTRIBUTES;
542 + }
543 +
544 + if (smb_node_is_dir(fnode)) {
545 + status = NT_STATUS_ACCESS_DENIED;
546 + goto errout;
547 + }
548 + }
549 +
550 + /* MS-FSA 2.1.5.1.2 */
551 + if (op->create_disposition == FILE_SUPERSEDE)
552 + op->desired_access |= DELETE;
553 + if ((op->create_disposition == FILE_OVERWRITE_IF) ||
554 + (op->create_disposition == FILE_OVERWRITE))
555 + op->desired_access |= FILE_WRITE_DATA;
556 + } else if (rc == ENOENT) { /* File Exists, but Stream doesn't */
557 + if (op->create_disposition == FILE_OPEN ||
558 + op->create_disposition == FILE_OVERWRITE) {
559 + status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
560 + goto errout;
561 + }
562 +
563 + op->desired_access |= FILE_WRITE_DATA;
564 + } else { /* Error looking up stream */
565 + status = smb_errno2status(rc);
566 + fnode = tmp_node;
567 + goto errout;
529 568 }
530 569
531 570 /*
532 571 * Windows seems to check read-only access before file
533 572 * sharing check.
534 573 *
535 - * Check to see if the file is currently readonly (irrespective
574 + * Check to see if the file is currently readonly (regardless
536 575 * of whether this open will make it readonly).
576 + * Readonly is ignored on directories.
537 577 */
538 - if (SMB_PATHFILE_IS_READONLY(sr, node)) {
539 - /* Files data only */
540 - if (!smb_node_is_dir(node)) {
541 - if (op->desired_access & (FILE_WRITE_DATA |
542 - FILE_APPEND_DATA)) {
543 - smb_node_release(node);
544 - smb_node_release(dnode);
545 - return (NT_STATUS_ACCESS_DENIED);
546 - }
578 + if (SMB_PATHFILE_IS_READONLY(sr, fnode) &&
579 + !smb_node_is_dir(fnode)) {
580 + if (op->desired_access &
581 + (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
582 + status = NT_STATUS_ACCESS_DENIED;
583 + goto errout;
547 584 }
548 - }
549 -
550 - if ((op->create_disposition == FILE_SUPERSEDE) ||
551 - (op->create_disposition == FILE_OVERWRITE_IF) ||
552 - (op->create_disposition == FILE_OVERWRITE)) {
553 -
554 - if (!smb_sattr_check(op->fqi.fq_fattr.sa_dosattr,
555 - op->dattr)) {
556 - smb_node_release(node);
557 - smb_node_release(dnode);
558 - return (NT_STATUS_ACCESS_DENIED);
585 + if (op->create_options & FILE_DELETE_ON_CLOSE) {
586 + status = NT_STATUS_CANNOT_DELETE;
587 + goto errout;
559 588 }
560 -
561 - if (smb_node_is_dir(node)) {
562 - smb_node_release(node);
563 - smb_node_release(dnode);
564 - return (NT_STATUS_ACCESS_DENIED);
565 - }
566 589 }
567 590
568 - /* MS-FSA 2.1.5.1.2 */
569 - if (op->create_disposition == FILE_SUPERSEDE)
570 - op->desired_access |= DELETE;
571 - if ((op->create_disposition == FILE_OVERWRITE_IF) ||
572 - (op->create_disposition == FILE_OVERWRITE))
573 - op->desired_access |= FILE_WRITE_DATA;
574 -
575 - status = smb_fsop_access(sr, sr->user_cr, node,
591 + do_audit = smb_audit_init(sr);
592 + status = smb_fsop_access(sr, sr->user_cr, fnode,
576 593 op->desired_access);
577 - if (status != NT_STATUS_SUCCESS) {
578 - smb_node_release(node);
579 - smb_node_release(dnode);
580 594
581 - /* SMB1 specific? NT_STATUS_PRIVILEGE_NOT_HELD */
582 - if (status == NT_STATUS_PRIVILEGE_NOT_HELD) {
583 - return (status);
584 - } else {
585 - return (NT_STATUS_ACCESS_DENIED);
586 - }
587 - }
588 -
589 595 if (max_requested) {
590 - smb_fsop_eaccess(sr, sr->user_cr, node, &max_allowed);
596 + smb_fsop_eaccess(sr, sr->user_cr, fnode, &max_allowed);
591 597 op->desired_access |= max_allowed;
592 598 }
599 +
600 + if (do_audit) {
601 + smb_audit_fini(sr, op->desired_access, fnode,
602 + status == NT_STATUS_SUCCESS);
603 + }
604 +
605 + if (status != NT_STATUS_SUCCESS)
606 + goto errout;
607 +
593 608 /*
609 + * File owner should always get read control + read attr.
610 + */
611 + if (crgetuid(sr->user_cr) == op->fqi.fq_fattr.sa_vattr.va_uid)
612 + op->desired_access |=
613 + (READ_CONTROL | FILE_READ_ATTRIBUTES);
614 +
615 + /*
594 616 * According to MS "dochelp" mail in Mar 2015, any handle
595 617 * on which read or write access is granted implicitly
596 618 * gets "read attributes", even if it was not requested.
597 - * This avoids unexpected access failures later that
598 - * would happen if these were not granted.
599 619 */
600 - if ((op->desired_access & FILE_DATA_ALL) != 0) {
601 - op->desired_access |= (READ_CONTROL |
602 - FILE_READ_ATTRIBUTES);
620 + if ((op->desired_access & FILE_DATA_ALL) != 0)
621 + op->desired_access |= FILE_READ_ATTRIBUTES;
622 +
623 + /* If the stream didn't exist, create it now */
624 + if (!stream_found) {
625 + smb_node_t *tmp_node = fnode;
626 +
627 + bzero(&new_attr, sizeof (new_attr));
628 + new_attr.sa_vattr.va_type = VREG;
629 + new_attr.sa_vattr.va_mode = S_IRUSR;
630 + new_attr.sa_mask |= SMB_AT_TYPE | SMB_AT_MODE;
631 +
632 + rc = smb_fsop_create_stream(sr, sr->user_cr, dnode,
633 + fnode, sname, lookup_flags, &new_attr, &fnode);
634 + smb_node_release(tmp_node);
635 +
636 + if (rc != 0) {
637 + status = smb_errno2status(rc);
638 + fnode_held = B_FALSE;
639 + goto errout;
640 + }
641 + op->action_taken = SMB_OACT_CREATED;
642 + created = B_TRUE;
643 +
644 + smb_node_unlock(dnode);
645 + dnode_wlock = B_FALSE;
603 646 }
604 647
605 648 /*
606 649 * Oplock break is done prior to sharing checks as the break
607 650 * may cause other clients to close the file which would
608 - * affect the sharing checks. This may block, so set the
609 - * file opening count before oplock stuff.
651 + * affect the sharing checks, and may delete the file due to
652 + * DELETE_ON_CLOSE. This may block, so set the file opening
653 + * count before oplock stuff.
654 + *
655 + * Need the "proposed" ofile (and it's TargetOplockKey) for
656 + * correct oplock break semantics.
610 657 */
611 - smb_node_inc_opening_count(node);
612 - smb_open_oplock_break(sr, node);
658 + of = smb_ofile_alloc(sr, op, fnode, SMB_FTYPE_DISK,
659 + tree_fid);
660 + tree_fid = 0; // given to the ofile
661 + uniq_fid = of->f_uniqid;
613 662
614 - smb_node_wrlock(node);
663 + smb_node_inc_opening_count(fnode);
664 + opening_incr = B_TRUE;
615 665
666 + if (!stream_found) {
667 + /*
668 + * Stake our Share Access claim.
669 + */
670 + smb_node_wrlock(fnode);
671 + fnode_wlock = B_TRUE;
672 +
673 + status = smb_fsop_shrlock(sr->user_cr, fnode, uniq_fid,
674 + op->desired_access, op->share_access);
675 + if (status != 0)
676 + goto errout;
677 +
678 + fnode_shrlk = B_TRUE;
679 + smb_node_unlock(fnode);
680 + fnode_wlock = B_FALSE;
681 + goto stream_created;
682 + }
683 +
616 684 /*
617 - * Check for sharing violations
685 + * XXX Supposed to do share access checks next.
686 + * [MS-FSA] describes that as part of access check:
687 + * 2.1.5.1.2.1 Alg... Check Access to an Existing File
688 + *
689 + * If CreateDisposition is FILE_OPEN or FILE_OPEN_IF:
690 + * If Open.Stream.Oplock is not empty and
691 + * Open.Stream.Oplock.State contains BATCH_OPLOCK,
692 + * the object store MUST check for an oplock
693 + * break according to the algorithm in section 2.1.4.12,
694 + * with input values as follows:
695 + * Open equal to this operation's Open
696 + * Oplock equal to Open.Stream.Oplock
697 + * Operation equal to "OPEN"
698 + * OpParams containing two members:
699 + * DesiredAccess, CreateDisposition
700 + *
701 + * It's not clear how Windows would ask the FS layer if
702 + * the file has a BATCH oplock. We'll use a call to the
703 + * common oplock code, which calls smb_oplock_break_OPEN
704 + * only if the oplock state contains BATCH_OPLOCK.
705 + * See: smb_oplock_break_BATCH()
706 + *
707 + * Also note: There's a nearly identical section in the
708 + * spec. at the start of the "else" part of the above
709 + * "if (disposition is overwrite, overwrite_if)" so this
710 + * section (oplock break, the share mode check, and the
711 + * next oplock_break_HANDLE) are all factored out to be
712 + * in all cases above that if/else from the spec.
618 713 */
619 - status = smb_fsop_shrlock(sr->user_cr, node, uniq_fid,
714 + status = smb_oplock_break_BATCH(fnode, of,
715 + op->desired_access, op->create_disposition);
716 + if (status == NT_STATUS_OPLOCK_BREAK_IN_PROGRESS) {
717 + if (sr->session->dialect >= SMB_VERS_2_BASE)
718 + (void) smb2sr_go_async(sr);
719 + (void) smb_oplock_wait_break(fnode, 0);
720 + status = 0;
721 + }
722 + if (status != NT_STATUS_SUCCESS)
723 + goto errout;
724 +
725 + /*
726 + * Check for sharing violations, and if any,
727 + * do oplock break of handle caching.
728 + *
729 + * Need node_wrlock during shrlock checks,
730 + * and not locked during oplock breaks etc.
731 + */
732 + shrlock_t0 = gethrtime();
733 + shrlock_again:
734 + smb_node_wrlock(fnode);
735 + fnode_wlock = B_TRUE;
736 + status = smb_fsop_shrlock(sr->user_cr, fnode, uniq_fid,
620 737 op->desired_access, op->share_access);
621 - if (status == NT_STATUS_SHARING_VIOLATION) {
622 - smb_node_unlock(node);
623 - smb_node_dec_opening_count(node);
624 - smb_node_release(node);
625 - smb_node_release(dnode);
626 - return (status);
738 + smb_node_unlock(fnode);
739 + fnode_wlock = B_FALSE;
740 +
741 + /*
742 + * [MS-FSA] "OPEN_BREAK_H"
743 + * If the (proposed) new open would violate sharing rules,
744 + * indicate an oplock break with OPEN_BREAK_H (to break
745 + * handle level caching rights) then try again.
746 + */
747 + if (status == NT_STATUS_SHARING_VIOLATION &&
748 + did_break_handle == B_FALSE) {
749 + did_break_handle = B_TRUE;
750 +
751 + status = smb_oplock_break_HANDLE(fnode, of);
752 + if (status == NT_STATUS_OPLOCK_BREAK_IN_PROGRESS) {
753 + if (sr->session->dialect >= SMB_VERS_2_BASE)
754 + (void) smb2sr_go_async(sr);
755 + (void) smb_oplock_wait_break(fnode, 0);
756 + status = 0;
757 + } else {
758 + /*
759 + * Even when the oplock layer does NOT
760 + * give us the special status indicating
761 + * we should wait, it may have scheduled
762 + * taskq jobs that may close handles.
763 + * Give those a chance to run before we
764 + * check again for sharing violations.
765 + */
766 + delay(MSEC_TO_TICK(10));
767 + }
768 + if (status != NT_STATUS_SUCCESS)
769 + goto errout;
770 +
771 + goto shrlock_again;
627 772 }
628 773
629 774 /*
775 + * If we still have orphaned durable handles on this file,
776 + * let's assume the client has lost interest in those and
777 + * close them so they don't cause sharing violations.
778 + * See longer comment at smb2_dh_close_my_orphans().
779 + */
780 + if (status == NT_STATUS_SHARING_VIOLATION &&
781 + sr->session->dialect >= SMB_VERS_2_BASE &&
782 + did_cleanup_orphans == B_FALSE) {
783 +
784 + did_cleanup_orphans = B_TRUE;
785 + smb2_dh_close_my_orphans(sr, of);
786 +
787 + goto shrlock_again;
788 + }
789 +
790 + /*
791 + * SMB1 expects a 1 sec. delay before returning a
792 + * sharing violation error. If breaking oplocks
793 + * above took less than a sec, wait some more.
794 + * See: smbtorture base.defer_open
795 + */
796 + if (status == NT_STATUS_SHARING_VIOLATION &&
797 + sr->session->dialect < SMB_VERS_2_BASE) {
798 + hrtime_t t1 = shrlock_t0 + NANOSEC;
799 + hrtime_t now = gethrtime();
800 + if (now < t1) {
801 + delay(NSEC_TO_TICK_ROUNDUP(t1 - now));
802 + }
803 + }
804 +
805 + if (status != NT_STATUS_SUCCESS)
806 + goto errout;
807 + fnode_shrlk = B_TRUE;
808 +
809 + /*
810 + * The [MS-FSA] spec. describes this oplock break as
811 + * part of the sharing access checks. See:
812 + * 2.1.5.1.2.2 Algorithm to Check Sharing Access...
813 + * At the end of the share mode tests described there,
814 + * if it has not returned "sharing violation", it
815 + * specifies a call to the alg. in sec. 2.1.4.12,
816 + * that boils down to: smb_oplock_break_OPEN()
817 + */
818 + status = smb_oplock_break_OPEN(fnode, of,
819 + op->desired_access,
820 + op->create_disposition);
821 + if (status == NT_STATUS_OPLOCK_BREAK_IN_PROGRESS) {
822 + if (sr->session->dialect >= SMB_VERS_2_BASE)
823 + (void) smb2sr_go_async(sr);
824 + (void) smb_oplock_wait_break(fnode, 0);
825 + status = 0;
826 + }
827 + if (status != NT_STATUS_SUCCESS)
828 + goto errout;
829 +
830 + if ((fnode->flags & NODE_FLAGS_DELETE_COMMITTED) != 0) {
831 + /*
832 + * Breaking the oplock caused the file to be deleted,
833 + * so let's bail and pretend the file wasn't found.
834 + * Have to duplicate much of the logic found a the
835 + * "errout" label here.
836 + *
837 + * This code path is exercised by smbtorture
838 + * smb2.durable-open.delete_on_close1
839 + */
840 + DTRACE_PROBE1(node_deleted, smb_node_t, fnode);
841 + smb_ofile_free(of);
842 + of = NULL;
843 + last_comp_found = B_FALSE;
844 +
845 + /*
846 + * Get all the holds and locks into the state
847 + * they would have if lookup had failed.
848 + */
849 + fnode_shrlk = B_FALSE;
850 + smb_fsop_unshrlock(sr->user_cr, fnode, uniq_fid);
851 +
852 + opening_incr = B_FALSE;
853 + smb_node_dec_opening_count(fnode);
854 +
855 + fnode_held = B_FALSE;
856 + smb_node_release(fnode);
857 +
858 + dnode_wlock = B_TRUE;
859 + smb_node_wrlock(dnode);
860 +
861 + goto create;
862 + }
863 +
864 + /*
630 865 * Go ahead with modifications as necessary.
631 866 */
632 867 switch (op->create_disposition) {
633 868 case FILE_SUPERSEDE:
634 869 case FILE_OVERWRITE_IF:
635 870 case FILE_OVERWRITE:
636 - op->dattr |= FILE_ATTRIBUTE_ARCHIVE;
637 - /* Don't apply readonly bit until smb_ofile_close */
638 - if (op->dattr & FILE_ATTRIBUTE_READONLY) {
639 - op->created_readonly = B_TRUE;
640 - op->dattr &= ~FILE_ATTRIBUTE_READONLY;
871 + bzero(&new_attr, sizeof (new_attr));
872 + if (sname == NULL) {
873 + op->dattr |= FILE_ATTRIBUTE_ARCHIVE;
874 + /*
875 + * Don't apply readonly until
876 + * smb_set_open_attributes
877 + */
878 + if (op->dattr & FILE_ATTRIBUTE_READONLY) {
879 + op->dattr &= ~FILE_ATTRIBUTE_READONLY;
880 + op->created_readonly = B_TRUE;
881 + }
882 + new_attr.sa_dosattr = op->dattr;
883 + } else {
884 + new_attr.sa_dosattr = FILE_ATTRIBUTE_ARCHIVE;
641 885 }
642 886
643 887 /*
644 888 * Truncate the file data here.
645 889 * We set alloc_size = op->dsize later,
646 890 * after we have an ofile. See:
647 891 * smb_set_open_attributes
648 892 */
649 - bzero(&new_attr, sizeof (new_attr));
650 - new_attr.sa_dosattr = op->dattr;
651 893 new_attr.sa_vattr.va_size = 0;
652 894 new_attr.sa_mask = SMB_AT_DOSATTR | SMB_AT_SIZE;
653 - rc = smb_fsop_setattr(sr, sr->user_cr, node, &new_attr);
895 + rc = smb_fsop_setattr(sr, sr->user_cr, fnode,
896 + &new_attr);
654 897 if (rc != 0) {
655 - smb_fsop_unshrlock(sr->user_cr, node, uniq_fid);
656 - smb_node_unlock(node);
657 - smb_node_dec_opening_count(node);
658 - smb_node_release(node);
659 - smb_node_release(dnode);
660 - return (smb_errno2status(rc));
898 + status = smb_errno2status(rc);
899 + goto errout;
661 900 }
662 901
663 902 /*
664 903 * If file is being replaced, remove existing streams
665 904 */
666 - if (SMB_IS_STREAM(node) == 0) {
905 + if (SMB_IS_STREAM(fnode) == 0) {
667 906 status = smb_fsop_remove_streams(sr,
668 - sr->user_cr, node);
669 - if (status != 0) {
670 - smb_fsop_unshrlock(sr->user_cr, node,
671 - uniq_fid);
672 - smb_node_unlock(node);
673 - smb_node_dec_opening_count(node);
674 - smb_node_release(node);
675 - smb_node_release(dnode);
676 - return (status);
677 - }
907 + sr->user_cr, fnode);
908 + if (status != 0)
909 + goto errout;
678 910 }
679 911
680 912 op->action_taken = SMB_OACT_TRUNCATED;
681 913 break;
682 914
683 915 default:
684 916 /*
685 917 * FILE_OPEN or FILE_OPEN_IF.
686 918 */
687 919 /*
688 920 * Ignore any user-specified alloc_size for
689 921 * existing files, to avoid truncation in
690 922 * smb_set_open_attributes
691 923 */
692 924 op->dsize = 0L;
693 925 op->action_taken = SMB_OACT_OPENED;
694 926 break;
695 927 }
696 928 } else {
929 +create:
697 930 /* Last component was not found. */
698 931 dnode = op->fqi.fq_dnode;
699 932
700 933 if (is_dir == 0)
701 934 is_stream = smb_is_stream_name(pn->pn_path);
702 935
703 936 if ((op->create_disposition == FILE_OPEN) ||
704 937 (op->create_disposition == FILE_OVERWRITE)) {
705 - smb_node_release(dnode);
706 - return (NT_STATUS_OBJECT_NAME_NOT_FOUND);
938 + status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
939 + goto errout;
707 940 }
708 941
709 942 if (pn->pn_fname && smb_is_invalid_filename(pn->pn_fname)) {
710 - smb_node_release(dnode);
711 - return (NT_STATUS_OBJECT_NAME_INVALID);
943 + status = NT_STATUS_OBJECT_NAME_INVALID;
944 + goto errout;
712 945 }
713 946
714 947 /*
715 - * lock the parent dir node in case another create
716 - * request to the same parent directory comes in.
948 + * Don't create in directories marked "Delete on close".
717 949 */
718 - smb_node_wrlock(dnode);
950 + if (dnode->flags & NODE_FLAGS_DELETE_ON_CLOSE) {
951 + status = NT_STATUS_DELETE_PENDING;
952 + goto errout;
953 + }
719 954
720 - /* Don't apply readonly bit until smb_ofile_close */
955 + /*
956 + * Create always sets the DOS attributes, type, and mode
957 + * in the if/else below (different for file vs directory).
958 + * Don't set the readonly bit until smb_set_open_attributes
959 + * or that would prevent this open. Note that op->dattr
960 + * needs to be what smb_set_open_attributes will use,
961 + * except for the readonly bit.
962 + */
963 + bzero(&new_attr, sizeof (new_attr));
964 + new_attr.sa_mask = SMB_AT_DOSATTR | SMB_AT_TYPE | SMB_AT_MODE;
721 965 if (op->dattr & FILE_ATTRIBUTE_READONLY) {
722 966 op->dattr &= ~FILE_ATTRIBUTE_READONLY;
723 967 op->created_readonly = B_TRUE;
724 968 }
725 969
726 - bzero(&new_attr, sizeof (new_attr));
970 + /*
971 + * SMB create can specify the create time.
972 + */
727 973 if ((op->crtime.tv_sec != 0) &&
728 974 (op->crtime.tv_sec != UINT_MAX)) {
729 -
730 975 new_attr.sa_mask |= SMB_AT_CRTIME;
731 976 new_attr.sa_crtime = op->crtime;
732 977 }
733 978
734 979 if (is_dir == 0) {
735 980 op->dattr |= FILE_ATTRIBUTE_ARCHIVE;
736 981 new_attr.sa_dosattr = op->dattr;
737 982 new_attr.sa_vattr.va_type = VREG;
738 - new_attr.sa_vattr.va_mode = is_stream ? S_IRUSR :
739 - S_IRUSR | S_IRGRP | S_IROTH |
740 - S_IWUSR | S_IWGRP | S_IWOTH;
741 - new_attr.sa_mask |=
742 - SMB_AT_DOSATTR | SMB_AT_TYPE | SMB_AT_MODE;
983 + if (is_stream)
984 + new_attr.sa_vattr.va_mode = S_IRUSR | S_IWUSR;
985 + else
986 + new_attr.sa_vattr.va_mode =
987 + S_IRUSR | S_IRGRP | S_IROTH |
988 + S_IWUSR | S_IWGRP | S_IWOTH;
743 989
744 990 /*
745 991 * We set alloc_size = op->dsize later,
746 - * after we have an ofile. See:
747 - * smb_set_open_attributes
992 + * (in smb_set_open_attributes) after we
993 + * have an ofile on which to save that.
994 + *
995 + * Legacy Open&X sets size to alloc_size
996 + * when creating a new file.
748 997 */
998 + if (sr->smb_com == SMB_COM_OPEN_ANDX) {
999 + new_attr.sa_vattr.va_size = op->dsize;
1000 + new_attr.sa_mask |= SMB_AT_SIZE;
1001 + }
749 1002
1003 + /* auditing handled by fsop layer */
750 1004 rc = smb_fsop_create(sr, sr->user_cr, dnode,
751 1005 op->fqi.fq_last_comp, &new_attr, &op->fqi.fq_fnode);
752 -
753 - if (rc != 0) {
754 - smb_node_unlock(dnode);
755 - smb_node_release(dnode);
756 - return (smb_errno2status(rc));
757 - }
758 -
759 - node = op->fqi.fq_fnode;
760 - smb_node_inc_opening_count(node);
761 - smb_node_wrlock(node);
762 -
763 - status = smb_fsop_shrlock(sr->user_cr, node, uniq_fid,
764 - op->desired_access, op->share_access);
765 -
766 - if (status == NT_STATUS_SHARING_VIOLATION) {
767 - smb_node_unlock(node);
768 - smb_node_dec_opening_count(node);
769 - smb_delete_new_object(sr);
770 - smb_node_release(node);
771 - smb_node_unlock(dnode);
772 - smb_node_release(dnode);
773 - return (status);
774 - }
775 1006 } else {
776 1007 op->dattr |= FILE_ATTRIBUTE_DIRECTORY;
777 1008 new_attr.sa_dosattr = op->dattr;
778 1009 new_attr.sa_vattr.va_type = VDIR;
779 1010 new_attr.sa_vattr.va_mode = 0777;
780 - new_attr.sa_mask |=
781 - SMB_AT_DOSATTR | SMB_AT_TYPE | SMB_AT_MODE;
782 1011
1012 + /* auditing handled by fsop layer */
783 1013 rc = smb_fsop_mkdir(sr, sr->user_cr, dnode,
784 1014 op->fqi.fq_last_comp, &new_attr, &op->fqi.fq_fnode);
785 - if (rc != 0) {
786 - smb_node_unlock(dnode);
787 - smb_node_release(dnode);
788 - return (smb_errno2status(rc));
789 - }
790 -
791 - node = op->fqi.fq_fnode;
792 - smb_node_inc_opening_count(node);
793 - smb_node_wrlock(node);
794 1015 }
1016 + if (rc != 0) {
1017 + status = smb_errno2status(rc);
1018 + goto errout;
1019 + }
795 1020
1021 + /* Create done. */
1022 + smb_node_unlock(dnode);
1023 + dnode_wlock = B_FALSE;
1024 +
796 1025 created = B_TRUE;
797 1026 op->action_taken = SMB_OACT_CREATED;
798 1027
1028 + /* Note: hold from create */
1029 + fnode = op->fqi.fq_fnode;
1030 + fnode_held = B_TRUE;
1031 +
799 1032 if (max_requested) {
800 - smb_fsop_eaccess(sr, sr->user_cr, node, &max_allowed);
1033 + smb_fsop_eaccess(sr, sr->user_cr, fnode, &max_allowed);
801 1034 op->desired_access |= max_allowed;
802 1035 }
803 1036 /*
804 - * We created created this object (we own it) so
805 - * grant read/write attributes on this handle,
1037 + * We created this object (we own it) so grant
1038 + * read_control + read_attributes on this handle,
806 1039 * even if that was not requested. This avoids
807 - * unexpected access failures later that would
808 - * happen if these were not granted.
1040 + * unexpected access failures later.
809 1041 */
810 - op->desired_access |= (READ_CONTROL |
811 - FILE_READ_ATTRIBUTES | FILE_WRITE_ATTRIBUTES);
812 - }
1042 + op->desired_access |= (READ_CONTROL | FILE_READ_ATTRIBUTES);
813 1043
814 - status = NT_STATUS_SUCCESS;
1044 + /* Allocate the ofile and fill in most of it. */
1045 + of = smb_ofile_alloc(sr, op, fnode, SMB_FTYPE_DISK,
1046 + tree_fid);
1047 + tree_fid = 0; // given to the ofile
1048 + uniq_fid = of->f_uniqid;
815 1049
816 - of = smb_ofile_open(sr, node, op, SMB_FTYPE_DISK, uniq_fid,
817 - &err);
818 - if (of == NULL) {
819 - status = err.status;
1050 + smb_node_inc_opening_count(fnode);
1051 + opening_incr = B_TRUE;
1052 +
1053 + /*
1054 + * Share access checks...
1055 + */
1056 + smb_node_wrlock(fnode);
1057 + fnode_wlock = B_TRUE;
1058 +
1059 + status = smb_fsop_shrlock(sr->user_cr, fnode, uniq_fid,
1060 + op->desired_access, op->share_access);
1061 + if (status != 0)
1062 + goto errout;
1063 + fnode_shrlk = B_TRUE;
1064 +
1065 + /*
1066 + * MS-FSA 2.1.5.1.1
1067 + * If the Oplock member of the DirectoryStream in
1068 + * Link.ParentFile.StreamList (ParentOplock) is
1069 + * not empty ... oplock break on the parent...
1070 + * (dnode is the parent directory)
1071 + *
1072 + * This compares of->ParentOplockKey with each
1073 + * oplock of->TargetOplockKey and breaks...
1074 + * so it's OK that we're passing an OF that's
1075 + * NOT a member of dnode->n_ofile_list
1076 + *
1077 + * The break never blocks, so ignore the return.
1078 + */
1079 + (void) smb_oplock_break_PARENT(dnode, of);
820 1080 }
821 1081
1082 +stream_created:
822 1083 /*
823 - * We might have blocked in smb_ofile_open long enough so a
824 - * tree disconnect might have happened. In that case, we've
825 - * just added an ofile to a tree that's disconnecting, and
826 - * need to undo that to avoid interfering with tear-down of
827 - * the tree connection.
1084 + * We might have blocked in smb_oplock_break_OPEN long enough
1085 + * so a tree disconnect might have happened. In that case,
1086 + * we would be adding an ofile to a tree that's disconnecting,
1087 + * which would interfere with tear-down. If so, error out.
828 1088 */
829 - if (status == NT_STATUS_SUCCESS &&
830 - !smb_tree_is_connected(sr->tid_tree)) {
1089 + if (!smb_tree_is_connected(sr->tid_tree)) {
831 1090 status = NT_STATUS_INVALID_PARAMETER;
1091 + goto errout;
832 1092 }
833 1093
834 1094 /*
835 - * This MUST be done after ofile creation, so that explicitly
836 - * set timestamps can be remembered on the ofile, and the
837 - * readonly flag will be stored "pending" on the node.
1095 + * Moved this up from smb_ofile_open()
838 1096 */
839 - if (status == NT_STATUS_SUCCESS) {
840 - if ((rc = smb_set_open_attributes(sr, of)) != 0) {
841 - status = smb_errno2status(rc);
842 - }
1097 + if ((rc = smb_fsop_open(fnode, of->f_mode, of->f_cr)) != 0) {
1098 + status = smb_errno2status(rc);
1099 + goto errout;
843 1100 }
844 1101
845 - if (status == NT_STATUS_SUCCESS) {
846 - /*
847 - * We've already done access checks above,
848 - * and want this call to succeed even when
849 - * !(desired_access & FILE_READ_ATTRIBUTES),
850 - * so pass kcred here.
851 - */
852 - op->fqi.fq_fattr.sa_mask = SMB_AT_ALL;
853 - rc = smb_node_getattr(sr, node, zone_kcred(), of,
854 - &op->fqi.fq_fattr);
855 - if (rc != 0) {
856 - status = NT_STATUS_INTERNAL_ERROR;
857 - }
858 - }
1102 + /*
1103 + * Complete this open (add to ofile lists)
1104 + */
1105 + smb_ofile_open(sr, op, of);
1106 + did_open = B_TRUE;
859 1107
860 1108 /*
861 - * smb_fsop_unshrlock is a no-op if node is a directory
862 - * smb_fsop_unshrlock is done in smb_ofile_close
1109 + * This MUST be done after ofile creation, so that explicitly
1110 + * set timestamps can be remembered on the ofile, and setting
1111 + * the readonly flag won't affect access via this open.
863 1112 */
864 - if (status != NT_STATUS_SUCCESS) {
865 - if (of == NULL) {
866 - smb_fsop_unshrlock(sr->user_cr, node, uniq_fid);
867 - } else {
868 - smb_ofile_close(of, 0);
869 - smb_ofile_release(of);
870 - }
871 - if (created)
872 - smb_delete_new_object(sr);
873 - smb_node_unlock(node);
874 - smb_node_dec_opening_count(node);
875 - smb_node_release(node);
876 - if (created)
877 - smb_node_unlock(dnode);
878 - smb_node_release(dnode);
879 - return (status);
1113 + if ((rc = smb_set_open_attributes(sr, of)) != 0) {
1114 + status = smb_errno2status(rc);
1115 + goto errout;
880 1116 }
881 1117
882 1118 /*
1119 + * We've already done access checks above,
1120 + * and want this call to succeed even when
1121 + * !(desired_access & FILE_READ_ATTRIBUTES),
1122 + * so pass kcred here.
1123 + */
1124 + op->fqi.fq_fattr.sa_mask = SMB_AT_ALL;
1125 + (void) smb_node_getattr(sr, fnode, zone_kcred(), of,
1126 + &op->fqi.fq_fattr);
1127 +
1128 + /*
883 1129 * Propagate the write-through mode from the open params
884 1130 * to the node: see the notes in the function header.
1131 + * XXX: write_through should be a flag on the ofile.
885 1132 */
886 1133 if (sr->sr_cfg->skc_sync_enable ||
887 1134 (op->create_options & FILE_WRITE_THROUGH))
888 - node->flags |= NODE_FLAGS_WRITE_THROUGH;
1135 + fnode->flags |= NODE_FLAGS_WRITE_THROUGH;
889 1136
890 1137 /*
891 1138 * Set up the fileid and dosattr in open_param for response
892 1139 */
893 1140 op->fileid = op->fqi.fq_fattr.sa_vattr.va_nodeid;
894 1141 op->dattr = op->fqi.fq_fattr.sa_dosattr;
895 1142
896 1143 /*
897 1144 * Set up the file type in open_param for the response
898 1145 */
899 1146 op->ftype = SMB_FTYPE_DISK;
900 1147 sr->smb_fid = of->f_fid;
901 1148 sr->fid_ofile = of;
902 1149
903 - if (smb_node_is_file(node)) {
904 - smb_oplock_acquire(sr, node, of);
1150 + if (smb_node_is_file(fnode)) {
905 1151 op->dsize = op->fqi.fq_fattr.sa_vattr.va_size;
906 1152 } else {
907 1153 /* directory or symlink */
908 - op->op_oplock_level = SMB_OPLOCK_NONE;
909 1154 op->dsize = 0;
910 1155 }
911 1156
912 - smb_node_dec_opening_count(node);
1157 + /*
1158 + * Note: oplock_acquire happens in callers, because
1159 + * how that happens is protocol-specific.
1160 + */
913 1161
914 - smb_node_unlock(node);
915 - if (created)
1162 + if (sname != NULL)
1163 + kmem_free(sname, MAXNAMELEN);
1164 + if (fnode_wlock)
1165 + smb_node_unlock(fnode);
1166 + if (opening_incr)
1167 + smb_node_dec_opening_count(fnode);
1168 + if (fnode_held)
1169 + smb_node_release(fnode);
1170 + if (dnode_wlock)
916 1171 smb_node_unlock(dnode);
1172 + if (dnode_held)
1173 + smb_node_release(dnode);
917 1174
918 - smb_node_release(node);
919 - smb_node_release(dnode);
920 -
921 1175 return (NT_STATUS_SUCCESS);
922 -}
923 1176
924 -/*
925 - * smb_open_oplock_break
926 - *
927 - * If the node has an ofile opened with share access none,
928 - * (smb_node_share_check = FALSE) only break BATCH oplock.
929 - * Otherwise:
930 - * If overwriting, break to SMB_OPLOCK_NONE, else
931 - * If opening for anything other than attribute access,
932 - * break oplock to LEVEL_II.
933 - */
934 -static void
935 -smb_open_oplock_break(smb_request_t *sr, smb_node_t *node)
936 -{
937 - smb_arg_open_t *op = &sr->sr_open;
938 - uint32_t flags = 0;
1177 +errout:
1178 + if (did_open) {
1179 + smb_ofile_close(of, 0);
1180 + /* rele via sr->fid_ofile */
1181 + } else if (of != NULL) {
1182 + /* No other refs possible */
1183 + smb_ofile_free(of);
1184 + }
939 1185
940 - if (!smb_node_share_check(node))
941 - flags |= SMB_OPLOCK_BREAK_BATCH;
1186 + if (fnode_shrlk)
1187 + smb_fsop_unshrlock(sr->user_cr, fnode, uniq_fid);
942 1188
943 - if (smb_open_overwrite(op)) {
944 - flags |= SMB_OPLOCK_BREAK_TO_NONE;
945 - (void) smb_oplock_break(sr, node, flags);
946 - } else if (!smb_open_attr_only(op)) {
947 - flags |= SMB_OPLOCK_BREAK_TO_LEVEL_II;
948 - (void) smb_oplock_break(sr, node, flags);
1189 + if (created) {
1190 + /* Try to roll-back create. */
1191 + smb_delete_new_object(sr);
949 1192 }
950 -}
951 1193
952 -/*
953 - * smb_open_attr_only
954 - *
955 - * Determine if file is being opened for attribute access only.
956 - * This is used to determine whether it is necessary to break
957 - * existing oplocks on the file.
958 - */
959 -static boolean_t
960 -smb_open_attr_only(smb_arg_open_t *op)
961 -{
962 - if (((op->desired_access & ~(FILE_READ_ATTRIBUTES |
963 - FILE_WRITE_ATTRIBUTES | SYNCHRONIZE | READ_CONTROL)) == 0) &&
964 - (op->create_disposition != FILE_SUPERSEDE) &&
965 - (op->create_disposition != FILE_OVERWRITE)) {
966 - return (B_TRUE);
967 - }
968 - return (B_FALSE);
969 -}
1194 + if (sname != NULL)
1195 + kmem_free(sname, MAXNAMELEN);
1196 + if (fnode_wlock)
1197 + smb_node_unlock(fnode);
1198 + if (opening_incr)
1199 + smb_node_dec_opening_count(fnode);
1200 + if (fnode_held)
1201 + smb_node_release(fnode);
1202 + if (dnode_wlock)
1203 + smb_node_unlock(dnode);
1204 + if (dnode_held)
1205 + smb_node_release(dnode);
970 1206
971 -static boolean_t
972 -smb_open_overwrite(smb_arg_open_t *op)
973 -{
974 - if ((op->create_disposition == FILE_SUPERSEDE) ||
975 - (op->create_disposition == FILE_OVERWRITE_IF) ||
976 - (op->create_disposition == FILE_OVERWRITE)) {
977 - return (B_TRUE);
978 - }
979 - return (B_FALSE);
1207 + if (tree_fid != 0)
1208 + smb_idpool_free(&tree->t_fid_pool, tree_fid);
1209 +
1210 + return (status);
980 1211 }
981 1212
982 1213 /*
983 1214 * smb_set_open_attributes
984 1215 *
985 1216 * Last write time:
986 1217 * - If the last_write time specified in the open params is not 0 or -1,
987 1218 * use it as file's mtime. This will be considered an explicitly set
988 1219 * timestamps, not reset by subsequent writes.
989 1220 *
990 1221 * DOS attributes
991 1222 * - If we created_readonly, we now store the real DOS attributes
992 1223 * (including the readonly bit) so subsequent opens will see it.
993 1224 *
994 - * Both are stored "pending" rather than in the file system.
995 - *
996 1225 * Returns: errno
997 1226 */
998 1227 static int
999 1228 smb_set_open_attributes(smb_request_t *sr, smb_ofile_t *of)
1000 1229 {
1001 1230 smb_attr_t attr;
1002 1231 smb_arg_open_t *op = &sr->sr_open;
1003 1232 smb_node_t *node = of->f_node;
1004 1233 int rc = 0;
1005 1234
1006 1235 bzero(&attr, sizeof (smb_attr_t));
1007 1236
1008 1237 if (op->created_readonly) {
1009 1238 attr.sa_dosattr = op->dattr | FILE_ATTRIBUTE_READONLY;
1010 1239 attr.sa_mask |= SMB_AT_DOSATTR;
1011 1240 }
1012 1241
1013 1242 if (op->dsize != 0) {
1014 1243 attr.sa_allocsz = op->dsize;
1015 1244 attr.sa_mask |= SMB_AT_ALLOCSZ;
1016 1245 }
1017 1246
1018 1247 if ((op->mtime.tv_sec != 0) && (op->mtime.tv_sec != UINT_MAX)) {
1019 1248 attr.sa_vattr.va_mtime = op->mtime;
1020 1249 attr.sa_mask |= SMB_AT_MTIME;
1021 1250 }
1022 1251
1023 1252 /*
|
↓ open down ↓ |
18 lines elided |
↑ open up ↑ |
1024 1253 * Used to have code here to set mtime, ctime, atime
1025 1254 * when the open op->create_disposition is any of:
1026 1255 * FILE_SUPERSEDE, FILE_OVERWRITE_IF, FILE_OVERWRITE.
1027 1256 * We know that in those cases we will have set the
1028 1257 * file size, in which case the file system will
1029 1258 * update those times, so we don't have to.
1030 1259 *
1031 1260 * However, keep track of the fact that we modified
1032 1261 * the file via this handle, so we can do the evil,
1033 1262 * gratuitious mtime update on close that Windows
1034 - * clients appear to expect.
1263 + * clients expect.
1035 1264 */
1036 1265 if (op->action_taken == SMB_OACT_TRUNCATED)
1037 1266 of->f_written = B_TRUE;
1038 1267
1039 1268 if (attr.sa_mask != 0)
1040 1269 rc = smb_node_setattr(sr, node, of->f_cr, of, &attr);
1041 1270
1042 1271 return (rc);
1043 1272 }
1044 1273
1045 1274 /*
1046 1275 * This function is used to delete a newly created object (file or
1047 1276 * directory) if an error occurs after creation of the object.
1048 1277 */
1049 1278 static void
1050 1279 smb_delete_new_object(smb_request_t *sr)
1051 1280 {
1052 1281 smb_arg_open_t *op = &sr->sr_open;
1053 1282 smb_fqi_t *fqi = &(op->fqi);
1054 1283 uint32_t flags = 0;
1055 1284
1056 1285 if (SMB_TREE_IS_CASEINSENSITIVE(sr))
1057 1286 flags |= SMB_IGNORE_CASE;
1058 1287 if (SMB_TREE_SUPPORTS_CATIA(sr))
1059 1288 flags |= SMB_CATIA;
1060 1289
1061 1290 if (op->create_options & FILE_DIRECTORY_FILE)
1062 1291 (void) smb_fsop_rmdir(sr, sr->user_cr, fqi->fq_dnode,
1063 1292 fqi->fq_last_comp, flags);
1064 1293 else
1065 1294 (void) smb_fsop_remove(sr, sr->user_cr, fqi->fq_dnode,
1066 1295 fqi->fq_last_comp, flags);
1067 1296 }
|
↓ open down ↓ |
23 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX