1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

1014 Commits

Author SHA1 Message Date
Ralph Boehme
61bf5410f0 smbd: use parent_smb_fname() in check_parent_access()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-29 16:39:39 +00:00
Jeremy Allison
1ebec7056b s3: smbd: Refuse open in create_file_unixpath() with only SEC_FLAG_SYSTEM_SECURITY set.
We now pass smbtorture3 SMB2-SACL like Windows 10 does.
Note this is an SMB2-only behavior. SMB1 allows an open
with only SEC_FLAG_SYSTEM_SECURITY set as tested in
smbtorture3 SMB1-SYSTEM-SECURITY.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 21 20:17:10 UTC 2020 on sn-devel-184
2020-04-21 20:17:10 +00:00
Jeremy Allison
d53c3f2b83 s3: smbd: Reformat code in SEC_FLAG_SYSTEM_SECURITY check in create_file_unixpath().
No logic change but uses modern formatting and will
make it easier to add another clause in the next commit.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-21 18:37:40 +00:00
Jeremy Allison
21b8857919 smbd: Ensure SEC_FLAG_SYSTEM_SECURITY also opens the underlying fd.
smbtorture3 SMB2-SAL test shows this is needed as we store the SACL in the same
data store as the DACL.

Without this, opening a file with SEC_FLAG_SYSTEM_SECURITY | READ_ATTRIBUTES
would do a stat open, meaning when we call SMB_VFS_FGET_NT_ACL()
on the fsp we have no open fd to work on.

Pair-Programmed-With: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
2020-04-21 18:37:39 +00:00
Ralph Boehme
fff86ad49a smbd: use helper variables in open_file()
Simplify an if expression by using helper variables, no change in behaviour.

Signed-off-by: Ralph Boehme <slow@samba.org>
2020-04-21 18:37:39 +00:00
Jeremy Allison
8ec68cdfc4 s3: smbd: Reformatting - fix indentation in fd_open().
Now we removed the lp_widelinks() clause we
left an extra {..} level of indirection. Just
reformat to remove it. No logic changes.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-09 19:40:35 +00:00
Jeremy Allison
d803d66b3c s3: smbd: Remove allowing widelinks in fd_open path.
Widelinks are now always denied, unless the vfs_widelinks
VFS module is loaded.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-09 19:40:35 +00:00
Ralph Boehme
049488f6a5 smbd: move files_struct.is_sparse to a bitfield
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-03 19:05:44 +00:00
Ralph Boehme
b0824cf35f smbd: move files_struct.initial_delete_on_close to a bitfield
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-03 19:05:44 +00:00
Ralph Boehme
1ccd335af5 smbd: move files_struct.aio_write_behind to a bitfield
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-03 19:05:44 +00:00
Ralph Boehme
cb996cd5a3 smbd: move files_struct.is_directory to a bitfield
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-03 19:05:44 +00:00
Ralph Boehme
65a4302474 smbd: move files_struct.modified to a bitfield
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-03 19:05:44 +00:00
Ralph Boehme
b95c62bc90 smbd: move files_struct.can_write to a bitfield
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-03 19:05:44 +00:00
Ralph Boehme
8b48969241 smbd: move files_struct.can_read to a bitfield
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-03 19:05:44 +00:00
Ralph Boehme
d22096961b smbd: move files_struct.can_lock to a bitfield
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-03 19:05:43 +00:00
Ralph Boehme
7c386c08dc smbd: move files_struct.kernel_share_modes_taken to a bitfield
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-04-03 19:05:43 +00:00
Ralph Boehme
d961608ce9 smbd: simplify non_widelink_open()
As fsp->is_directory is already correctly populated by our callers, we can drop
the complicated and possibly broken logic that relies on O_DIRECTORY being
defined.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-03-24 19:48:41 +00:00
Volker Lendecke
aebe427b77 smbd: Separate aio_pthread indicator from normal EINTR
According to Posix and the Linux open(2) manpage, the open-syscall can
return EINTR. If that happens, core smbd saw this as an indication
that aio_pthread's open function was doing its job. With a real EINTR
without aio_pthread this meant we ended up in a server_exit after 20
seconds, because there was nobody to do the retry.

EINTR is mapped to NT_STATUS_RETRY. Handle this by just retrying after
a second.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=14285
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Feb 20 22:14:25 UTC 2020 on sn-devel-184
2020-02-20 22:14:25 +00:00
Volker Lendecke
e0814dc508 smbd: Allow a Posix create context to override the unix mode
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-02-07 21:01:31 +00:00
Ralph Boehme
7606800b79 smbd: avoid calling vfs_file_id_from_sbuf() if statinfo is not valid
When we're about to create a file, the stat info will be all zero, so
vfs_file_id_from_sbuf() would return a bogus file_id. This is normally not a
problem, as open_file() itself also calls vfs_file_id_from_sbuf() after having
created the file.

This is however a problem when using the VFS module fileid, as that is doing
caching of /etc/mtab and failing to find smb_fname->st.st_ex_dev (all zero in
this case when creating a new file) in the mtab cache will trigger a mtab reload
which can be *very* expensive.

Copying many small files to a Samba server in this situation will result in
abysimal performance.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14237

Pair-Programmed-With: Jeremy Allison <jra@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jan 17 22:38:14 UTC 2020 on sn-devel-184
2020-01-17 22:38:14 +00:00
Volker Lendecke
1d0ffcf30e smbd: Remove an unused parameter from defer_open()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Fri Jan  3 01:30:24 UTC 2020 on sn-devel-184
2020-01-03 01:30:24 +00:00
Volker Lendecke
ed3ee45254 smbd: Avoid a "? True : False"
VALID_STAT() already is a boolean expression

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2020-01-03 00:04:43 +00:00
Volker Lendecke
42ce74994e smbd: Avoid a direct access to share_mode_data->num_share_modes
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-12-17 22:40:32 +00:00
Volker Lendecke
6abcc83366 smbd: Explicitly state when modifying share_mode_data
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-12-16 19:02:32 +00:00
Volker Lendecke
810fd90a6f smbd: Fix a typo
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-12-16 19:02:31 +00:00
Volker Lendecke
f42e089a6e smbd: Avoid casts in open_directory()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-12-16 19:02:31 +00:00
Ralph Boehme
69691dd0cd smbd: fix handling of sentinel timestamp values
This implements two core changes:

* use NTTIME instead of struct timespec at the database layer

* use struct timespec { .tv_nsec = SAMBA_UTIME_OMIT } as special sentinel
  value in smbd when processing timestamps

Using NTTIME at the database layer is only done to avoid storing the special
struct timespec sentinel values on disk. Instead, with NTTIME the sentinel value
for an "unset" timestamp is just 0 on-disk.

The NTTIME value of 0 gets translated by nt_time_to_full_timespec() to the
struct timespec sentinel value { .tv_nsec = SAMBA_UTIME_OMIT }.

The function is_omit_timespec() can be used to check this.

Beside nt_time_to_full_timespec(), there are various other new time conversion
functions with *full* in their name that can be used to safely convert between
different types with the changed sentinel value.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7771

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-12-06 00:17:36 +00:00
Ralph Boehme
b5c6964a50 s3:param: make "servicename" a substituted option
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-11-27 10:25:37 +00:00
Volker Lendecke
24f56aefb4 smbd: Use share_mode_watch_send()
This removes some dependencies on share_mode_data->record

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-11-22 23:57:47 +00:00
Volker Lendecke
3fea05e01f smbd: Remove write cache
Since this was written, our write path has changed significantly. In
particular we have gained very flexible support for async I/O, with the
linux io_uring in the pipeline. Caching stuff in main memory and then
doing a blocking pwrite nowadays does not belong into the core smbd
code. If someone wants it back, it should be doable in a VFS module.

Removes: "write cache size" parameter.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Nov 13 00:20:55 UTC 2019 on sn-devel-184
2019-11-13 00:20:55 +00:00
Volker Lendecke
54d673742f lib: Remove #define serverid_equal server_id_equal
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-11-06 20:36:34 +00:00
Anoop C S
0abd1189a6 s3: VFS: Use SMB_VFS_FCNTL to set fd flags in open_file()
Signed-off-by: Anoop C S <anoopcs@redhat.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Oct  8 09:57:19 UTC 2019 on sn-devel-184
2019-10-08 09:57:19 +00:00
Ralph Boehme
c190f3efa9 s3:smbd: add a comment explaining the File-ID semantics when a file is created
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-10-02 08:01:40 +00:00
Ralph Boehme
90a14c90c4 s3:smbd: ensure a created stream picks up the File-ID from the basefile
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-10-02 08:01:40 +00:00
Ralph Boehme
49a754b82d s3:smbd: when storing DOS attribute call dos_mode() beforehand
This is required to ensure File-ID info is populated with the correct on-disk
value, before calling file_set_dosmode() which will update the on-disk value.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14137

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-10-02 08:01:39 +00:00
Volker Lendecke
fd61e550ac smbd: Don't always walk the share mode array in open_mode_check()
share_mode_data->flags contains the "most restrictive" share mode of
the whole array. This is maintained lazily: Whenever set_share_mode()
is called, d->flags is updated if the new share mode got more
restrictive. It is not updated when a file is closed, as this would
mean we would have to walk the whole array, making sure that the
closed handle was indeed the only most restrictive one. Instead, we
walk the share mode array only when a conflict happens: Then we need
to know "the truth" and recalculate it by walking the share mode
array.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Sep 18 00:07:13 UTC 2019 on sn-devel-184
2019-09-18 00:07:13 +00:00
Volker Lendecke
ac85ec5ed8 smbd: Add share mode flags
This will contain a summary of the "most restrictive" share mode and
lease, i.e. intersection of all share_access entries and the union of
all access_mask and leases in the share mode array. This way
open_mode_check in the non-conflicting case will only have to look at
the summary and not walk the share mode array.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-09-17 22:49:39 +00:00
Volker Lendecke
5151b6d58b smbd: Avoid calling remove_stale_share_mode_entries() in open.c
All places that matter explicitly check for staleness. This cleanup
action should only happen before writing the database

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-09-17 22:49:38 +00:00
Volker Lendecke
4d512f40f9 smbd: Pass share_mode_lock to remove_lease_if_stale()
We'll want to use share_mode_forall_entries next

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-09-17 22:49:38 +00:00
Volker Lendecke
8eda954d6d smbd: Use share_mode_forall_leases() in lease_match()
We have to break leases referenced from multiple share modes only
once.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-09-17 22:49:38 +00:00
Volker Lendecke
2a784883a8 smbd: Use share_mode_forall_entries() in delay_for_oplock()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-09-17 22:49:37 +00:00
Volker Lendecke
30e62710c6 smbd: Pass "struct file_id" to get_lease_type()
It does not have to depend on the whole struct share_mode_data.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-09-17 22:49:37 +00:00
Volker Lendecke
aa94589904 smbd: Use share_mode_forall_entries() in validate_oplock_types()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-09-17 22:49:37 +00:00
Volker Lendecke
fb0b107ac2 smbd: Use share_mode_forall_entries() in open_mode_check()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-09-17 22:49:37 +00:00
Volker Lendecke
cb4b20b79f smbd: Use share_mode_forall_entries() for validate_my_share_entries()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-09-17 22:49:37 +00:00
Volker Lendecke
5b1fd018a2 smbd: Use share_mode_forall_entries() in has_delete_on_close()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-09-17 22:49:37 +00:00
Volker Lendecke
dc7dfb1257 smbd: Avoid passing a share mode entry to share_conflict()
Make the real data dependencies clearer, we don't need a full
share_entry, only its access and sharemode masks

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-09-17 22:49:36 +00:00
Volker Lendecke
e69c4faeb7 smbd: Rewrite share_conflict()
It was hard for me to understand share_conflict(), so once I understood
it I thought this version would be easier to follow.  It violates
README.Coding (one argument per line), but grouping the parameters to
mask_conflict makes it clearer to me what belongs together.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-09-17 22:49:36 +00:00
Volker Lendecke
ba1234d877 smbd: Introduce helper variables in open_mode_check()
Less bytes .text, the compiler now does not have to expect other threads to
alter the pointers.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-09-17 22:49:36 +00:00
Jeremy Allison
99e04578e3 s3: smbd: Change mkdir_internal() to call SMB_VFS_MKDIRAT().
Use conn->cwd_fsp as current fsp.

No logic change for now.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-09-11 18:24:30 +00:00