1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

1120 Commits

Author SHA1 Message Date
Ralph Boehme
a272ca549f smbd: catch O_PATH opens of symlinks in in non_widelink_open()
Calling openat() with O_PATH|O_NOFOLLOW will open a handle on the symlink
itself. That would be a nice feature if it would be supported on more platforms,
but being a Linux only thing, we have to preserve the behaviour of failing to
open a handle on symlinks.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:30 +00:00
Ralph Boehme
abb7ab2c10 smbd: already set fsp fd in non_widelink_open()
A subsequent commit will add a consumer of the fd to non_widelink_open() (by
calling SMB_VFS_FSTAT()), so we need to set the fd already here. And it makes
more sense anyway. :)

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:30 +00:00
Ralph Boehme
dd8fe0cfc2 smbd: remove redundant initialisation of the fsp fd
This is already set to -1 by fd_handle_create().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:30 +00:00
Ralph Boehme
fdb9163118 smbd: use fh_[get|set]_refcount()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:30 +00:00
Ralph Boehme
da786ccd1d smbd: use fh_[get|set]_private_options()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:30 +00:00
Ralph Boehme
0208ca6946 smbd: use fsp_get_pathref_fd() when close()ing fds
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:30 +00:00
Ralph Boehme
9db3ff2573 smbd: use fsp_get_io_fd() when accessing a file or it's associated metadata
In all places where we access or modify a file or it's associated metadata, we
use fsp_get_io_fd() to fetch the low-level fd from the fsp. This ensures we
don't accidentally use a pathref fsp where the fd would be opened as root on
systems lacking O_PATH.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:30 +00:00
Ralph Boehme
50ce980902 smbd: use fsp_set_fd()
No change in behaviour.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:30 +00:00
Ralph Boehme
c6c65d1fc1 vfs: add "is_fsa" flag to struct files_struct
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-16 09:08:30 +00:00
Volker Lendecke
b712bd8173 smbd: Simplify open_mode_check()
The call to share_mode_have_entries() was put in before
fresh_share_mode_lock() initialized d->flags to be completely
permissive. With that correct initialization the call to
share_conflict() a few lines down will also make open_mode_check()
pass for any share_access/access_mask.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-12-04 21:08:38 +00:00
Jeremy Allison
53c39a2619 s3: smbd: Fix misleading comment I added for commit 382a5c4e7e
smbd: Fix failure to check dstdir for delete on close

We're preventing ourselves from holding two locks here,
not protecting from waiting for a lock someone else
holds.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun Nov 22 01:22:36 UTC 2020 on sn-devel-184
2020-11-22 01:22:36 +00:00
Volker Lendecke
382a5c4e7e smbd: Fix failure to check dstdir for delete on close
In smb2_setinfo.c the call to smbd_do_setfilepathinfo() to perform the
rename takes place while holding a share mode lock. The function
check_parent_access() called below tries to query the destination
directory's locking.tdb entry to check whether the delete on close
flag is set on the destination directory. This fails because the
file to be renamed already has the share mode entry locked, we can't
lock two share mode entries simultaneously.

Convert the check to use fetch_share_mode_unlocked(). This might
introduce races, but this whole check is racy anyway. It does not
really matter whether we do the check for delete_on_close under a lock
or not, fetch_share_mode_unlocked() retrieves a consistent status of
the locking.tdb entry at some point in time as well.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov 20 00:20:06 UTC 2020 on sn-devel-184
2020-11-20 00:20:06 +00:00
Volker Lendecke
df2ffaaa20 locking: move share_mode_flags_[gs]et to share_mode_lock.c
These routines parse and marshall the uint16 summary flag in
share_mode_data. open_file_ntcreate() and open_directory() are the
only real users of this. The user in oplock.c is just the lazy reset
of the "read lease exists somewhere" after asynchronously breaking
read oplocks after a write request.

This moves handling the flags into locking/ to consolidate data
structure handling of "share_mode_data" there.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-11-10 19:49:35 +00:00
Volker Lendecke
4b6f4ee43e smbd: Avoid references to share_mode_data->id
When calling open_mode_check() we know the file id. We can pass it to
the lower levels without dereferencing struct share_mode_lock.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-11-10 19:49:35 +00:00
Volker Lendecke
d220bae5a9 smbd: Remove a variable used just once
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-11-10 19:49:35 +00:00
Volker Lendecke
271a369fb9 smbd: Don't set share_mode_lock modified in grant_new_fsp_lease()
A new lease never triggers a retry. Setting d->modified to true just
triggered the watchers needlessly.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-11-10 19:49:35 +00:00
Volker Lendecke
84dba041a3 locking: Make share_mode_watch_send() take "share_mode_lock"
This makes clear that this can only be done under a lock

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-11-10 19:49:34 +00:00
Volker Lendecke
15e9e2945c smbd: Give locking/share_mode_lock.c its own header file
To me this is then easier to figure out what is defined there, and
where it's exactly used.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-11-10 19:49:34 +00:00
Ralph Boehme
45017205c3 smb: rename NTCREATEX_OPTIONS_PRIVATE_STREAM_BASEOPEN to NTCREATEX_FLAG_STREAM_BASEOPEN
Just a shorter name, no change in behaviour.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-23 17:44:34 +00:00
Ralph Boehme
6da16727e1 smb: rename NTCREATEX_OPTIONS_PRIVATE_DENY_DOS to NTCREATEX_FLAG_DENY_DOS
Just a shorter name, no change in behaviour.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-23 17:44:33 +00:00
Ralph Boehme
322574834f vfs: remove dirfsp arg from SMB_VFS_CREATE_FILE()
This was supposed to be a shortcut to avoid passing dirfsp around as an explicit
function argument throughout the whole codebase when the new VFS design idea was
based on using *AT functions throughout the VFS.

Now that we've opted for basing the VFS on handles and *AT functions will only
be used in a much more limitted extent, it makes sense to remove this internal
dirfsp reference, otherwise the combination of internal fsp->dirfsp and
smb_fname->fsp is going to be a tough to wrap your head around.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Oct  2 21:00:05 UTC 2020 on sn-devel-184
2020-10-02 21:00:05 +00:00
Ralph Boehme
1c444f9c37 smbd: remove fsp->dirfsp
This was supposed to be a shortcut to avoid passing dirfsp around as an explicit
function argument throughout the whole codebase when the new VFS design idea was
based on using *AT functions throughout the VFS.

Now that we've opted for basing the VFS on handles and *AT functions will only
be used in a much more limitted extent, it makes sense to remove this internal
dirfsp reference, otherwise the combination of internal fsp->dirfsp and
smb_fname->fsp is going to be a tough to wrap your head around.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-02 19:39:44 +00:00
Ralph Boehme
b133b81d8d smbd: avoid using dirfsp arg in create_file_default()
This is not used anymore in the callees.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-02 19:39:44 +00:00
Ralph Boehme
9d84a2356b smbd: remove dirfsp arg from create_file_unixpath()
Prepares for removing the dirfsp arg from SMB_VFS_CREATE_FILE() again. In the
future dirfsp has to opened as needed within create_file_unixpath() and below.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-02 19:39:44 +00:00
Ralph Boehme
a754466181 smbd: remove dirsp arg from open_directory()
Prepares for removing the dirfsp arg from SMB_VFS_CREATE_FILE() again. In the
future open_directory() will open the dirfsp itself.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-02 19:39:43 +00:00
Ralph Boehme
7ccaff4857 smbd: remove dirfsp arg from mkdir_internal()
Prepares for removing the dirfsp arg from SMB_VFS_CREATE_FILE() again. In the
future mkdir_internal() will open the dirfsp itself as needed.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-02 19:39:43 +00:00
Ralph Boehme
187353d91c smbd: switch caller of fd_openat() to fd_open()
fd_openat() was added to be used with real dirfsp, but after adding pathref fd
support we will never use this.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-10-02 19:39:43 +00:00
Ralph Boehme
f31108cd7d smbd: consolidate fsp allocation for open_directory() and open_file_ntcreate()
...at one place in the caller create_file_unixpath().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-07-18 05:58:41 +00:00
Ralph Boehme
8c2c749157 smbd: use helper variable for fd in fd_open()
No change in behaviour. Fwiw, no need to set fsp->fh->fd to -1 in the error case,
as that is initialized to -1 in fsp_new().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-07-18 05:58:41 +00:00
Ralph Boehme
92d8b5f5ed smbd: remove errno saving from fd_open()
This is not needed anymore since 97d061237b.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-07-18 05:58:41 +00:00
Ralph Boehme
1508d661cb smbd: remove a nested block in non_widelink_open()
No change in behaviour.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-07-18 05:58:41 +00:00
Ralph Boehme
b6e40dbf9b smbd: use (global) POSIX pathname state in non_widelink_open()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-07-18 05:58:41 +00:00
Ralph Boehme
afdeba8819 smbd: check for conn->cwd_fsp in fd_close()
This avoids doing the check in all callers.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-07-18 05:58:41 +00:00
Ralph Boehme
6ab75d2c62 smbd: use a helper variable in open_file()
No change in behaviour, this just prepares for changes to come.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-07-18 05:58:40 +00:00
Ralph Boehme
916ebade76 smbd: remove unused NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE
The previous commit removed the only consumer of the flags.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-07-18 05:58:40 +00:00
Ralph Boehme
4523a0b47d smbd: ensure we do a base open for internal stream deletes
Otherwise we're not opening the basefile so fsp->base_fsp remains NULL for fsp
handles on streams. As there are some places that use the check (fsp->base_fsp
!= NULL) to check for stream handles, eg streams_xattr_fstat(), we must ensure
it is set otherwise we open a pretty big window for undefined behaviour.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-07-18 05:58:40 +00:00
Stefan Metzmacher
36812aadbd s3:smbd: avoid dereferencing client->connections
There're typically better ways to get the same information.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2020-07-08 15:54:40 +00:00
Stefan Metzmacher
58adf349ed s3:smbd: check for stale pid in delay_for_oplock_fn() when leases_db_get() fails
If leases_db_get() failed the leases_db record might have been cleaned up for
stale processes. Check if the share-mode-entry owner is stale in this case and
return ignore the entry. In any other case, log a debug messages and panic.

Commit 05d4466a6d
"smbd: check for stale pid in get_lease_type()" fixed only one half of
this.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul  7 02:47:46 UTC 2020 on sn-devel-184
2020-07-07 02:47:46 +00:00
Andreas Schneider
ccf1c2227e s3:smbd: Fix a possibile null pointer dereference
Found by clang.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Isaac Boukris <iboukris@samba.org>
2020-06-16 09:08:34 +00:00
Ralph Boehme
75d6943ed8 smbd: use fd_openat()
This leaves basically two callers of fd_open():

* open_internal_dirfsp_at()
* smbd_smb2_query_directory_send()

Those will be the only codepaths that use full paths relative to the share root
and so require and use the symlink race protection provided by
non_widelink_open().

Of course, until we actuall start passing real dirfsps to fd_openat(),
fd_openat() internally calls fd_open().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-21 20:38:35 +00:00
Ralph Boehme
eaf1c6a338 smbd: add fd_openat()
Until we actually start passing real dirfsps to fd_openat(), fd_openat()
internally calls fd_open().

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-21 20:38:35 +00:00
Ralph Boehme
c57d76ec1a smbd: use SMB_VFS_OPENAT() in non_widelink_open()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-21 20:38:34 +00:00
Ralph Boehme
d708d002d7 smbd: remove redundant conn arg from non_widelink_open()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu May 21 06:43:04 UTC 2020 on sn-devel-184
2020-05-21 06:43:04 +00:00
Ralph Boehme
f22bf66f75 smbd: realign non_widelink_open() args
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-21 05:23:32 +00:00
Ralph Boehme
f4b3719191 smbd: remove redundant conn arg from fd_open()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-21 05:23:32 +00:00
Ralph Boehme
c0551b22fd smbd: remove redundant conn arg from fd_open_atomic()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-21 05:23:32 +00:00
Ralph Boehme
02f744a59b smbd: realign fd_open_atomic() args
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-21 05:23:32 +00:00
Ralph Boehme
134114aa16 smbd: realign args to fd_open_atomic() in open_file()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-21 05:23:32 +00:00
Ralph Boehme
5c67a3e8ce smbd: realign args to open_file() in open_file_ntcreate()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-21 05:23:32 +00:00
Ralph Boehme
a77f28dcca smbd: remove redundant conn arg from open_file()
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-05-21 05:23:32 +00:00