1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
Commit Graph

137036 Commits

Author SHA1 Message Date
Stefan Metzmacher
6ea02f3765 s4:torture/smb2: add smb2.durable-open.lock-noW-lease
This demonstrates that a W lease is required for a
durable handle to be durable when it has byte range locks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15649
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15651

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 1cc1586d84)
2024-10-14 09:28:21 +00:00
Stefan Metzmacher
989d0c486e s4:torture/smb2: improve error handling in durable_v2_open.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15649
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15651

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 9b2417c2f0)
2024-10-14 09:28:21 +00:00
Stefan Metzmacher
e14520172b s4:torture/smb2: improve error handling in durable_open.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15649
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15651

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit e65e1326a0)
2024-10-14 09:28:21 +00:00
Andréas Leroux
44378caeb4 netcmd:domain:policy: Fix missing conversion from tgt_lifetime minutes to 10^(-7) seconds
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15692
Signed-off-by: Andréas Leroux <aleroux@tranquil.it>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>

Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Fri Oct  4 04:01:22 UTC 2024 on atb-devel-224

(backported from commit 3766b6a126
 requiring manual merge in the test file imports)

Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Mon Oct  7 09:45:40 UTC 2024 on atb-devel-224
2024-10-07 09:45:40 +00:00
Douglas Bagnall
0a99463b3e ldb:kv_index: help static analysers to not worry (CID 1615192)
The point of this realloc is that we are not using this array, but
keeping it around to remain a node the talloc tree. We'd prefer to
reduce it to nothing.

Coverity rightly spotted that it was reallocing an array of `struct
ldb_val` to an array of `struct ldb_val *`, which has a different size
and all. But it doesn't matter in this case, because we will never use
it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15590

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <josutton@catalyst.net.nz>
(cherry picked from commit e2a74963fb)
2024-10-07 08:33:18 +00:00
Douglas Bagnall
76e1024f4c ldb:kv_index: realloc away old dn list
We can't just free it, because has the GUID index list as a child, and
these are shared by the new dn list (from the subtransaction we are
committing). But if the dn list is long and the main transaction is
long-lived, we can save a lot of memory by turning this dn list into
an almost empty node in the talloc tree. This returns us to roughly
the situation we had prior to the last commit.

For example, with the repro.sh script on bug 15590 in indexes mode
with 10000 rules, The last 3 commits use this much memory at the end
of an unusually large transaction:

full talloc report on 'struct ldb_context' (total 4012222 bytes in 90058 blocks)
full talloc report on 'struct ldb_context' (total 2405482219 bytes in 90058 blocks)
full talloc report on 'struct ldb_context' (total 4282195 bytes in 90058 blocks)

That is, the last commit increased usage 500 fold, and this commit
brings it back to normal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15590

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 1bf9ede94f)
2024-10-07 08:33:18 +00:00
Douglas Bagnall
226b0a20bd ldb_kv_index: dn_list load sub transaction can re-use keys
We don't want to modify the original list, but we can reuse the keys
if we treat them as immutable and don't free them. That makes it a lot
quicker if there are many keys (i.e. where an index is useful) and may
sub-transactions. In particular, it avoids O(n²) talloc_memdups.

A removed comment that says "We have to free the top level index
memory otherwise we would leak", and this will be addressed in the
next commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15590

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 5f0198d698)
2024-10-07 08:33:18 +00:00
Jones Syue
676ac1793a s3: SIGHUP handlers use consistent log level 3
When turn-on 'log level = 3', sending SIGHUP to samba processes, for
example: smbd parent/children, smbd-notifyd, and smbd-cleanupd. Then
monitor log.smbd in order to parse sighup logs, it looks like the log level
is inconsistent among these processes: smbd parent/children use level 1,
and smbd-notifyd/smbd-cleanupd use level 3.

This patch raises sighup handler's log level from level 1 to level 3, which
is more consistent with smbd-notifyd by Commit 6e5bff80a0 ("s3:notifyd:
Handle sigup in notifyd to reparse smb.conf"), and smbd-cleanupd by Commit
57c1e115ec ("smbd: reopen logs on SIGHUP for notifyd and cleanupd").

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15706

Signed-off-by: Jones Syue <jonessyue@qnap.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Sep 25 01:38:02 UTC 2024 on atb-devel-224

(cherry picked from commit 4f3dfb2029)

Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Fri Oct  4 12:55:29 UTC 2024 on atb-devel-224
2024-10-04 12:55:29 +00:00
Christof Schmitt
165149da92 shadow_copy2: Ignore VFS_OPEN_HOW_WITH_BACKUP_INTENT
d1846452e9 vfs: Add VFS_OPEN_HOW_WITH_BACKUP_INTENT introduced
VFS_OPEN_HOW_WITH_BACKUP_INTENT for files opened with
FILE_OPEN_FOR_BACKUP_INTENT. shadow_copy2 refuses the open on a file if
any flage in how.resolve is set. Change the check in shadow_copy2 to
allow opening of files with VFS_OPEN_HOW_WITH_BACKUP_INTENT.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15730

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Oct  2 08:06:38 UTC 2024 on atb-devel-224

(cherry picked from commit 30b0fa892a)
2024-10-04 11:48:11 +00:00
Stefan Metzmacher
fa2041cef6 s4:lib/messaging: fix interaction between imessaging_reinit and irpc_destructor
This was missing in commit 0d09693119.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15280

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Sep 18 19:45:56 UTC 2024 on atb-devel-224

(cherry picked from commit a14320461e)

Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Wed Oct  2 15:56:24 UTC 2024 on atb-devel-224
2024-10-02 15:56:24 +00:00
Ralph Boehme
630c870eef smbd: remove just created sharemode entry in the error codepaths
Without this we leave stale sharemode entries around that can lead to all sorts
of havoc.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Sep 19 19:36:19 UTC 2024 on atb-devel-224

(cherry picked from commit 2ff3b9bc0d)
2024-10-02 14:35:10 +00:00
Ralph Boehme
e620d1a871 smbd: consolidate DH reconnect failure code
No change in behaviour, except that we now
also call fd_close() if vfs_default_durable_cookie()
failed.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit a91457f97c)
2024-10-02 14:35:10 +00:00
Stefan Metzmacher
4e419975cc s3:tests: let test_durable_handle_reconnect.sh run smb2.durable-v2-regressions.durable_v2_reconnect_bug15624
This demonstrates the dead lock after a durable reconnect failed
because the stat info changed, the file can't be accessed anymore
as we leak the incomplete share mode entry in a still running
process.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 14875448ca)
2024-10-02 14:35:10 +00:00
Stefan Metzmacher
dc0f69fd13 s4:torture/smb2: add smb2.durable-v2-regressions.durable_v2_reconnect_bug15624
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit ef4ef04e7f)
2024-10-02 14:35:10 +00:00
Stefan Metzmacher
b492185982 vfs_error_inject: add 'error_inject:durable_reconnect = st_ex_nlink'
This allows to simulate durable reconnect failures because the stat
information of the file changed.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 692ed832df)
2024-10-02 14:35:10 +00:00
Ralph Boehme
46ac92e15e smbd: add option "smbd:debug events" for tevent handling duration threshold warnings
Can be used to enable printing an error message if tevent event handlers ran
longer then three seconds. Also logs a message with a loglevel of 3 if there
were no events at hall.

Enabled by default with 'log level = 10' or
'smbd profiling level = on'...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 90d776cb18)
2024-10-02 14:35:10 +00:00
Ralph Boehme
e261202e7d smbd: move trace_state variable behind tv variable
Next commit adds timestamp variables to trace_state that want to be initialized
with the current time, so moving behind tv we can then just reuse tv for that.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 679e12aee2)
2024-10-02 14:35:10 +00:00
Ralph Boehme
34e00dfc5f smbd: add option "smbd lease break:debug hung procs"
By enabling this a process sending a lease break message to another process
holding a lease will start watching that process and if that process didn't
process the lease break within 10 seconds (cf server_id_watch_waited()), we log
a kernel stack backtrace of that process.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit d8613d7ee2)
2024-10-02 14:35:10 +00:00
Ralph Boehme
57b194484c smbd: log share_mode_watch_recv() errors as errors
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit b45e78871a)
2024-10-02 14:35:09 +00:00
Ralph Boehme
b7fd8bdf0b s3/lib: add option "serverid watch:debug script"
This takes just PID and NODE:PID on a cluster.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 7add7dbf1a)
2024-10-02 14:35:09 +00:00
Ralph Boehme
78b677b437 s3/lib: add option "serverid watch:debug = yes" to print kernel stack of hanging process
We only do if sys_have_proc_fds() returns true, so it's most likely
linux...

Enabled by default with log level 10...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit 5c57e84052)
2024-10-02 14:35:09 +00:00
Ralph Boehme
a9cb9d32ae s3/lib: add next helper variable in server_id_watch_*
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15624

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit d76edcd484)
2024-10-02 14:35:09 +00:00
Jule Anger
bf81b8e4b1 VERSION: Bump version up to Samba 4.20.6...
and re-enable GIT_SNAPSHOT.

Signed-off-by: Jule Anger <janger@samba.org>
2024-09-17 13:35:31 +02:00
Jule Anger
6ddb7d9a2c VERSION: Disable GIT_SNAPSHOT for the 4.20.5 release.
Signed-off-by: Jule Anger <janger@samba.org>
2024-09-17 13:35:08 +02:00
Jule Anger
9d6ed32d3f WHATSNEW: Add release notes for Samba 4.20.5.
Signed-off-by: Jule Anger <janger@samba.org>
2024-09-17 13:34:37 +02:00
Ralph Boehme
9559c00d06 smbd: use metadata_fsp(fsp) in copy_access_posix_acl() for SMB_VFS_SYS_ACL_SET_FD
When inherting permissions on the created stream, we call into the VFS to fetch
the streams security descriptor via inherit_access_posix_acl() ->
copy_access_posix_acl() -> SMB_VFS_SYS_ACL_SET_FD() passing the stream fsp which
triggers the assert SMB_ASSERT(!fsp_is_alternate_stream(fsp)) in
vfswrap_sys_acl_set_fd() in vfs_default.

Just passing the base fsp to the VFS fixes this.

vfs_streams_depot which *does use* distinct backend filesystem files for the
streams, currently does not apply permissions to the stream files at all, so the
incomplete behaviour of vfs_streams_depot is not affected by this change.

If in the future someone want to fix this defficiency in vfs_streams_depot, the
module code can use fsp->stream_fsp to base decisions in VFS ops whether the
module should carry out some action.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Sep  2 08:55:28 UTC 2024 on atb-devel-224

(cherry picked from commit ecb8a99a2c)

Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Fri Sep  6 15:26:57 UTC 2024 on atb-devel-224
2024-09-06 15:26:57 +00:00
Ralph Boehme
a60419838b smbtorture: test creating stream doesn't crash when using "inherit permissions = yes"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 0983560830)
2024-09-06 14:04:09 +00:00
Shachar Sharon
60052ea77a vfs_ceph_new: handle case of readlinkat with empty name string
Commit 53c9269b (vfs_ceph_new: use low-level APIs for symlink/readlink)
introduced readlinkat using libcephfs low-level APIs. However, it does
not handle properly the case where readlinkat operates on empty name
string (see man readlinkat(2)), such as:

  fd = openat(dirfd, symname, O_PATH | O_NOFOLLOW, 0);
  readlinkat(fd, "", buf, bufsiz);

Handle this special case of readlinkat with empty name string by using
a reference to the symlink inode itself.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Fri Aug 30 10:42:27 UTC 2024 on atb-devel-224

(cherry picked from commit 22182f90e8)

Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Mon Sep  2 13:41:57 UTC 2024 on atb-devel-224
2024-09-02 13:41:57 +00:00
Shachar Sharon
acb3de1cf9 vfs_ceph_new: add missing newline in debug-logging
Commit d00f20f3 ("vfs_ceph_new: debug-log upon libcephfs low-level
calls") introduced debug-logging before each call to libcephfs low-level
APIs. Unfortunately, one of the logging messages missed the terminating
newline ('\n') character.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: John Mulligan <jmulligan@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>

Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Wed Aug 21 14:18:07 UTC 2024 on atb-devel-224

(cherry picked from commit cbba4008a7)
2024-09-02 12:37:12 +00:00
David Disseldorp
9e2c58c7d3 smb2_ioctl: fix truncated FSCTL_QUERY_ALLOCATED_RANGES responses
As per MS-FSA 2.1.5.10.22 FSCTL_QUERY_ALLOCATED_RANGES, if response
range entries exceed in_max_output, then we should respond with
STATUS_BUFFER_OVERFLOW and a truncated output buffer.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15699

Reported-by: David Howells <dhowells@redhat.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Aug 28 08:54:11 UTC 2024 on atb-devel-224

(cherry picked from commit 5e278a5264)
2024-09-02 12:37:12 +00:00
David Disseldorp
7cf02a523a s4:torture/smb2: test FSCTL_QUERY_ALLOCATED_RANGES truncation
FSCTL_QUERY_ALLOCATED_RANGES responses with more than one range should
be truncated to account for a ioctl.smb2.in.max_output_response limit.
Add a test for this.

Flag the new test knownfail; fix in subsequent commit.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
(cherry picked from commit 5cf57f1f53)
2024-09-02 12:37:12 +00:00
Jule Anger
7d68c0adcf Revert "s4:torture/smb2: test FSCTL_QUERY_ALLOCATED_RANGES truncation"
This reverts commit 13470db5f70a194a098339148c247a79776a774c.

Wrong patchset applied. This is the one for 4.21. The correct patchset
will be the subsequent commits.

See: https://bugzilla.samba.org/show_bug.cgi?id=15699

Signed-off-by: Jule Anger <janger@samba.org>
2024-09-02 12:37:12 +00:00
Jule Anger
78ca7d3914 Revert "smb2_ioctl: fix truncated FSCTL_QUERY_ALLOCATED_RANGES responses"
This reverts commit 4bb2b46bac8dad426e1b2f0942ded6908c47f7d5.

Wrong patchset applied. This is the one for 4.21. The correct patchset
will be the subsequent commits.

See: https://bugzilla.samba.org/show_bug.cgi?id=15699

Signed-off-by: Jule Anger <janger@samba.org>
2024-09-02 12:37:12 +00:00
David Disseldorp
72aa92c67d smb2_ioctl: fix truncated FSCTL_QUERY_ALLOCATED_RANGES responses
As per MS-FSA 2.1.5.10.22 FSCTL_QUERY_ALLOCATED_RANGES, if response
range entries exceed in_max_output, then we should respond with
STATUS_BUFFER_OVERFLOW and a truncated output buffer.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15699

Reported-by: David Howells <dhowells@redhat.com>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Aug 28 08:54:11 UTC 2024 on atb-devel-224

(cherry picked from commit 5e278a5264)

Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Fri Aug 30 09:01:54 UTC 2024 on atb-devel-224
2024-08-30 09:01:54 +00:00
David Disseldorp
f22c56b06e s4:torture/smb2: test FSCTL_QUERY_ALLOCATED_RANGES truncation
FSCTL_QUERY_ALLOCATED_RANGES responses with more than one range should
be truncated to account for a ioctl.smb2.in.max_output_response limit.
Add a test for this.

Flag the new test knownfail; fix in subsequent commit.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Noel Power <npower@samba.org>
(cherry picked from commit 5cf57f1f53)
2024-08-30 07:58:15 +00:00
Shachar Sharon
f7dc86c173 s3:smbd: fix NULL dereference in case of readlink failure
When VFS readlinkat hook returns with error the following sequence
yields NULL-pointer dereference (SIGSEGV):

  symlink_target_below_conn (source3/smbd/open.c)
    char *target = NULL;
    ...
    readlink_talloc (source3/smbd/files.c)
      SMB_VFS_READLINKAT
        smb_vfs_call_readlinkat (source3/smbd/vfs.c)
          handle->fns->readlinkat_fn --> returns error

  status = safe_symlink_target_path(.., target /* NULL */ ..)
    safe_symlink_target_path (source3/smbd/filename.c)
      if (target[0] == '/') { /* NULL pointer dereference */

A failure in VFS module's readlinkat hook may happen due to run-time
error (e.g., network failure which cases libcephfs to disconnect from
MDS).

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15700
Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: John Mulligan <jmulligan@redhat.com>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Aug 23 09:27:06 UTC 2024 on atb-devel-224

(cherry picked from commit 168966a053)

Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Mon Aug 26 15:45:20 UTC 2024 on atb-devel-224
2024-08-26 15:45:20 +00:00
Shachar Sharon
b9d9bec51c vfs_ceph{_new}: do not set errno upon successful call to libcephfs
There is code in Samba that expects errno from a previous system call
to be preserved through a subsequent system call. Thus, avoid setting
"errno = 0" in status_code() and lstatus_code() upon successful return
from libcephfs API call.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit a7f4e2bd47)

Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Thu Aug 22 10:34:46 UTC 2024 on atb-devel-224
2024-08-22 10:34:46 +00:00
Shachar Sharon
92712fc7e2 vfs_ceph: explicit cast to uint64_t upon failure of ceph_statfs
When a call to 'ceph_statfs' from with 'cephwrap_disk_free' returns
non-zero status do an explicit cast to uint64_t for the negative (-1)
value returned by 'status_code'.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit a7d34ec597)
2024-08-22 09:17:13 +00:00
Shachar Sharon
67c90dec0a vfs_ceph: replace WRAP_RETURN macro with convenience helpers
The WRAP_RETURN is a non-hygienic macro, and as such has the potential
of creating bogus code (e.g. 'return WRAP_RETURN(ret);' which existed
in the code in the past but did not yield any compiler warning). Prefer
simple convenience helper functions instead, which are also type safe.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit 691a397b27)
2024-08-22 09:17:13 +00:00
Shachar Sharon
a9d32a3b96 vfs_ceph: re-map unimplemented hooks
Code cleanup: prefer standard convenience helpers for unimplemented
VFS hooks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit ee72f127c3)
2024-08-22 09:17:13 +00:00
Shachar Sharon
33452ce95f vfs_ceph: align lines-length with coding standard
Coding standard requires following Linux kernel style guide, with an
explicit statement that "Maximum Line Width is 80 Characters". Align
vfs_ceph.c with this convention: split long lines into multiple lines
and use 'git clang-format' to do auto-formatting based on Samba project
'.clang-format' settings.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit b7e3f93ef0)
2024-08-22 09:17:13 +00:00
Pavel Filipenský
cccf0beb9f lib/param: Don't treat a missing include file as an error in handle_include().
Same fix as in commit 09d7690

'samba-tool domain provision -d10' fails if the included file does not
exist:

lpcfg_load: refreshing parameters from /etc/samba/smb.conf
Processing section "[global]"
Can't find include file /etc/samba/usershares.conf
pm_process() returned No
ERROR: Unable to load default file
  File "/usr/lib64/python3.12/site-packages/samba/netcmd/domain/provision.py", line 183, in run
    lp = sambaopts.get_loadparm()
         ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib64/python3.12/site-packages/samba/getopt.py", line 282, in get_loadparm
    self._lp.load_default()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15698

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Aug 21 00:04:19 UTC 2024 on atb-devel-224

(cherry picked from commit ffc75c569c)

Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Thu Aug 22 09:01:31 UTC 2024 on atb-devel-224
2024-08-22 09:01:30 +00:00
Stefan Metzmacher
0bd26677e6 s3:smb2_server: return NT_STATUS_NETWORK_SESSION_EXPIRED for compound requests
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15696

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 13 22:29:28 UTC 2024 on atb-devel-224

(cherry picked from commit 4df1bfd070)

Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Tue Aug 20 12:47:54 UTC 2024 on atb-devel-224
2024-08-20 12:47:54 +00:00
Stefan Metzmacher
6a416edfa2 s4:torture/smb2: let smb2.session.expire2* also check compound requests
This shows that all compound related requests should get
NT_STATUS_NETWORK_SESSION_EXPIRED.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15696

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit f6009aa73b)
2024-08-20 11:36:13 +00:00
Shachar Sharon
bb8d642a14 docs-xml/manpages: 'ceph_new' prefix for config-param of vfs_ceph_new
With 'ceph_new' prefix used by vfs_ceph_new for config parameters,
update the relevant man-page accordingly.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Aug  8 13:54:34 UTC 2024 on atb-devel-224

(cherry picked from commit 68f0835c8e)
2024-08-20 11:36:13 +00:00
Shachar Sharon
a8c3db7e21 vfs_ceph_new: use 'ceph_new' for config-param prefix
Use explicit 'ceph_new' prefix to each of the ceph specific config
parameters to avoid confusion with legacy 'vfs_ceph' module. Hence,
users will have in their smb.conf a format similar to:

...
[smbshare]
        vfs objects = ceph_new
        ceph_new: config_file = /etc/ceph/ceph.conf
        ceph_new: user_id = user1
        ceph_new: filesystem = fs1
        ...

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit aca4cf8327)
2024-08-20 11:36:13 +00:00
Shachar Sharon
ce958aeef1 vfs_ceph_new: handle errno properly for 'readdir'
Take special care for readdir errno setting: in case of error, update
errno by libcephfs (and protect from possible over-write by debug
logging); in the case of successful result or end-of-stream restore
errno to its previous value before calling the readdir_fn VFS hook.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Aug  7 14:20:02 UTC 2024 on atb-devel-224

(cherry picked from commit aa043a5808)
2024-08-20 11:36:13 +00:00
Shachar Sharon
07f156d843 vfs_ceph{_new}: do not set errno upon successful call to libcephfs
There is code in Samba that expects errno from a previous system call
to be preserved through a subsequent system call. Thus, avoid setting
"errno = 0" in status_code() and lstatus_code() upon successful return
from libcephfs API call.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit a7f4e2bd47)
2024-08-20 11:36:13 +00:00
Anoop C S
0042d90249 vfs_ceph_new: Unconditionally use ceph_select_filesystem
Currently we don't have an explicit check for the presence of
ceph_select_filesystem() libcephfs API as it is always found to
be present with the minimum ceph version that is supported with
Samba right now. Therefore under this assumption directly call
ceph_select_filesystem() without any #ifdefs. Please note that
this change is already part of vfs_ceph via ef0068cd.

ref: https://gitlab.com/samba-team/samba/-/merge_requests/3715
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686
Signed-off-by: Anoop C S <anoopcs@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Anoop C S <anoopcs@samba.org>
Autobuild-Date(master): Mon Aug  5 16:06:47 UTC 2024 on atb-devel-224

(cherry picked from commit de2f76fa47)
2024-08-20 11:36:13 +00:00
Shachar Sharon
a78c9b0a50 docs-xml/manpages: add entry for vfs_ceph_new
Create man entry for the newly added vfs_ceph_new module: almost
identical to existing vfs_ceph, except to the configuration entry:

  [sharename]
  vfs objects = ceph_new
  ...

Adds a bit of info for the motivation behind this new module.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15686

Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
(cherry picked from commit d8c84a2993)
2024-08-20 11:36:13 +00:00