fs/smbsrv/smb2_qinfo_sec.c

	smb2_qinfo_sec.c revision a90cf9f29973990687fa61de9f1f6ea22e924e40
/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License (the "License").
 * You may not use this file except in compliance with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */

/*
 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
 * Copyright 2014 Nexenta Systems, Inc.  All rights reserved.
 */

/*
 * Dispatch function for SMB2_QUERY_INFO
 * Similar to smb_nt_transact_security.c
 */

#include <smbsrv/smb2_kproto.h>
#include <smbsrv/smb_fsops.h>
#include <smbsrv/ntifs.h>

uint32_t
smb2_qinfo_sec(smb_request_t *sr, smb_queryinfo_t *qi)
{
    smb_sd_t sd;
    uint32_t secinfo = qi->qi_AddlInfo;
    uint32_t sdlen;
    uint32_t status;

    /*
     * secinfo & ...
     * OWNER_SECURITY_INFORMATION,
     * GROUP_SECURITY_INFORMATION,
     * DACL_SECURITY_INFORMATION, ...
     */

    if ((sr->fid_ofile->f_node == NULL) ||
        (sr->fid_ofile->f_ftype != SMB_FTYPE_DISK))
        return (NT_STATUS_INVALID_PARAMETER);

    if (sr->tid_tree->t_acltype != ACE_T) {
        /*
         * If target filesystem doesn't support ACE_T acls then
         * don't process SACL
         */
        secinfo &= ~SMB_SACL_SECINFO;
    }

    status = smb_sd_read(sr, &sd, secinfo);
    if (status != NT_STATUS_SUCCESS)
        return (status);

    sdlen = smb_sd_len(&sd, secinfo);
    if (sdlen == 0) {
        status = NT_STATUS_INVALID_SECURITY_DESCR;
        goto out;
    }

    if (sdlen > sr->raw_data.max_bytes) {
        /*
         * The maximum data return count specified by the
         * client is not big enough to hold the security
         * descriptor.  Return the special error that
         * tells the client how much room they need.
         * Error data is the required size.
         */
        MBC_FLUSH(&sr->raw_data);
        sr->raw_data.max_bytes = 4;
        (void) smb_mbc_encodef(&sr->raw_data, "l", sdlen);
        status = NT_STATUS_BUFFER_TOO_SMALL;
        goto out;
    }

    smb_encode_sd(&sr->raw_data, &sd, secinfo);
    status = 0;

out:
    smb_sd_term(&sd);
    return (status);
}