smb_common_open.c revision 8d7e41661dc4633488e93b13363137523ce59977
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/*
* This module provides the common open functionality to the various
* open and create SMB interface functions.
*/
#include <smbsrv/smb_incl.h>
#include <smbsrv/smb_fsops.h>
#include <smbsrv/ntstatus.h>
extern uint32_t smb_is_executable(char *);
/*
* This macro is used to delete a newly created object
* if any error happens after creation of object.
*/
#define SMB_DEL_NEWOBJ(obj) \
if (created) { \
if (is_dir) \
else \
}
/*
* smb_access_generic_to_file
*
* Search MSDN for IoCreateFile to see following mapping.
*
* GENERIC_READ STANDARD_RIGHTS_READ, FILE_READ_DATA,
* FILE_READ_ATTRIBUTES and FILE_READ_EA
*
* GENERIC_WRITE STANDARD_RIGHTS_WRITE, FILE_WRITE_DATA,
* FILE_WRITE_ATTRIBUTES, FILE_WRITE_EA, and FILE_APPEND_DATA
*
* GENERIC_EXECUTE STANDARD_RIGHTS_EXECUTE, SYNCHRONIZE, and FILE_EXECUTE.
*/
{
if (desired_access & GENERIC_ALL)
return (FILE_ALL_ACCESS & ~SYNCHRONIZE);
if (desired_access & GENERIC_EXECUTE) {
}
if (desired_access & GENERIC_WRITE) {
}
if (desired_access & GENERIC_READ) {
}
return (access | desired_access);
}
/*
* smb_omode_to_amask
*
* This function converts open modes used by Open and Open AndX
* commands to desired access bits used by NT Create AndX command.
*/
{
switch (desired_access & SMB_DA_ACCESS_MASK) {
case SMB_DA_ACCESS_READ:
return (FILE_GENERIC_READ);
case SMB_DA_ACCESS_WRITE:
return (FILE_GENERIC_WRITE);
case SMB_DA_ACCESS_READ_WRITE:
return (FILE_GENERIC_READ | FILE_GENERIC_WRITE);
case SMB_DA_ACCESS_EXECUTE:
return (FILE_GENERIC_EXECUTE);
}
/* invalid open mode */
return ((uint32_t)SMB_INVALID_AMASK);
}
/*
* smb_denymode_to_sharemode
*
* This function converts deny modes used by Open and Open AndX
* commands to share access bits used by NT Create AndX command.
*/
{
switch (desired_access & SMB_DA_SHARE_MASK) {
if (smb_is_executable(fname))
return (FILE_SHARE_READ | FILE_SHARE_WRITE);
return (FILE_SHARE_ALL);
case SMB_DA_SHARE_EXCLUSIVE:
return (FILE_SHARE_NONE);
case SMB_DA_SHARE_DENY_WRITE:
return (FILE_SHARE_READ);
case SMB_DA_SHARE_DENY_READ:
return (FILE_SHARE_WRITE);
case SMB_DA_SHARE_DENY_NONE:
return (FILE_SHARE_READ | FILE_SHARE_WRITE);
}
/* invalid deny mode */
return ((uint32_t)SMB_INVALID_SHAREMODE);
}
/*
* smb_ofun_to_crdisposition
*
* This function converts open function values used by Open and Open AndX
* commands to create disposition values used by NT Create AndX command.
*/
{
{
{ -1, FILE_CREATE },
{ FILE_OPEN, FILE_OPEN_IF },
};
if (row == 3)
return ((uint32_t)SMB_INVALID_CRDISPOSITION);
}
/*
* Retry opens to avoid spurious sharing violations, due to timing
* issues between closes and opens. The client that already has the
* file open may be in the process of closing it.
*/
{
int count;
if (count)
if (status != NT_STATUS_SHARING_VIOLATION)
break;
}
if (status == NT_STATUS_SHARING_VIOLATION) {
}
return (status);
}
/*
* smb_open_subr
*
* Notes on write-through behaviour. It looks like pre-LM0.12 versions
* of the protocol specify the write-through mode when a file is opened,
* (SmbOpen, SmbOpenAndX) so the write calls (SmbWrite, SmbWriteAndClose,
* SmbWriteAndUnlock) don't need to contain a write-through flag.
*
* With LM0.12, the open calls (SmbCreateAndX, SmbNtTransactCreate)
* don't indicate which write-through mode to use. Instead the write
* calls (SmbWriteAndX, SmbWriteRaw) specify the mode on a per call
* basis.
*
* We don't care which open call was used to get us here, we just need
* to ensure that the write-through mode flag is copied from the open
* parameters to the node. We test the omode write-through flag in all
* write functions.
*
* This function will return NT status codes but it also raises errors,
* in which case it won't return to the caller. Be careful how you
* handle things in here.
*
* The following rules apply when processing a file open request:
*
* - Oplocks must be broken prior to share checking to prevent open
* starvation due to batch oplocks. Checking share reservations first
* could potentially result in unnecessary open failures due to
*
* - Share checks must take place prior to access checks for correct
* Windows semantics and to prevent unnecessary NFS delegation recalls.
*
* - Oplocks must be acquired after open to ensure the correct
* synchronization with NFS delegation and FEM installation.
*
*
* DOS readonly bit rules
*
* using the original create fid, even though the file will appear as readonly
* to all other fids and via a CIFS getattr call.
*
* readonly will be successful regardless of whether a creator of a readonly
* file has an open fid (and has the special privilege mentioned in #1,
* above). I.e., the creator of a readonly fid holding that fid will no longer
* have a special privilege.
*
* 3. The DOS readonly bit affects only data and some metadata.
* The following metadata can be changed regardless of the readonly bit:
* - security descriptors
* - DOS attributes
* - timestamps
*
* In the current implementation, the file size cannot be changed (except for
* the exceptions in #1 and #2, above).
*
*
* DOS attribute rules
*
* These rules are specific to creating / opening files and directories.
* How the attribute value (specifically ZERO or FILE_ATTRIBUTE_NORMAL)
* should be interpreted may differ in other requests.
*
* - An attribute value equal to ZERO or FILE_ATTRIBUTE_NORMAL means that the
* file's attributes should be cleared.
* - If FILE_ATTRIBUTE_NORMAL is specified with any other attributes,
* FILE_ATTRIBUTE_NORMAL is ignored.
*
* 1. Creating a new file
* - The request attributes + FILE_ATTRIBUTE_ARCHIVE are applied to the file.
*
* 2. Creating a new directory
* - The request attributes + FILE_ATTRIBUTE_DIRECTORY are applied to the file.
* - FILE_ATTRIBUTE_ARCHIVE does not get set.
*
* 3. Overwriting an existing file
* - the request attributes are used as search attributes. If the existing
* file does not meet the search criteria access is denied.
* - otherwise, applies attributes + FILE_ATTRIBUTE_ARCHIVE.
*
* 4. Opening an existing file or directory
* The request attributes are ignored.
*/
static uint32_t
{
int created = 0;
int rc;
int pathlen;
int max_requested = 0;
int is_dir;
int is_stream = 0;
int lookup_flags = SMB_FOLLOW_LINKS;
if (is_dir) {
/*
* The object being created or opened is a directory,
* and the Disposition parameter must be one of
* FILE_CREATE, FILE_OPEN, or FILE_OPEN_IF
*/
return (NT_STATUS_INVALID_PARAMETER);
}
}
max_requested = 1;
}
return (NT_STATUS_TOO_MANY_OPENED_FILES);
}
/* This must be NULL at this point */
case STYPE_DISKTREE:
break;
case STYPE_IPC:
/*
* No further processing for IPC, we need to either
* raise an exception or return success here.
*/
return (status);
default:
return (NT_STATUS_BAD_DEVICE_TYPE);
}
return (NT_STATUS_NAME_TOO_LONG);
}
/*
* Some clients pass null file names; NT interprets this as "\".
*/
if (pathlen == 0) {
pathlen = 1;
}
return (status);
}
}
/*
* If the access mask has only DELETE set (ignore
* FILE_READ_ATTRIBUTES), then assume that this
* is a request to delete the link (if a link)
* and do not follow links. Otherwise, follow
* the link to the target.
*/
if (rc == 0) {
rc = 0;
} else {
}
/*
* The uniq_fid is a CIFS-server-wide unique identifier for an ofile
* which is used to uniquely identify open instances for the
* VFS share reservation and POSIX locks.
*/
uniq_fid = SMB_UNIQ_FID();
return (NT_STATUS_ACCESS_DENIED);
}
/*
* Reject this request if either:
* - the target IS a directory and the client requires that
* it must NOT be (required by Lotus Notes)
* - the target is NOT a directory and client requires that
* it MUST be.
*/
return (NT_STATUS_FILE_IS_A_DIRECTORY);
}
} else {
return (NT_STATUS_NOT_A_DIRECTORY);
}
}
/*
* No more open should be accepted when "Delete on close"
* flag is set.
*/
return (NT_STATUS_DELETE_PENDING);
}
/*
* Specified file already exists so the operation should fail.
*/
return (NT_STATUS_OBJECT_NAME_COLLISION);
}
/*
* Windows seems to check read-only access before file
* sharing check.
*
* Check to see if the file is currently readonly (irrespective
* of whether this open will make it readonly).
*/
/* Files data only */
FILE_APPEND_DATA)) {
return (NT_STATUS_ACCESS_DENIED);
}
}
}
if ((!(op->desired_access &
FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA))) ||
return (NT_STATUS_ACCESS_DENIED);
}
}
if (status == NT_STATUS_SHARING_VIOLATION) {
return (status);
}
op->desired_access);
if (status != NT_STATUS_SUCCESS) {
if (status == NT_STATUS_PRIVILEGE_NOT_HELD) {
return (status);
} else {
return (NT_STATUS_ACCESS_DENIED);
}
}
switch (op->create_disposition) {
case FILE_SUPERSEDE:
case FILE_OVERWRITE_IF:
case FILE_OVERWRITE:
return (NT_STATUS_ACCESS_DENIED);
}
if (rc) {
uniq_fid);
}
}
}
/*
* If file is being replaced,
* we should remove existing streams
*/
if (SMB_IS_STREAM(node) == 0)
node);
break;
default:
/*
* FILE_OPEN or FILE_OPEN_IF.
*/
break;
}
} else {
/* Last component was not found. */
if (is_dir == 0)
return (NT_STATUS_OBJECT_NAME_NOT_FOUND);
}
/*
* lock the parent dir node in case another create
* request to the same parent directory comes in.
*/
/*
* A file created with the readonly bit should not
* stop the creator writing to the file until it is
* closed. Although the readonly bit will not be set
* on the file until it is closed, it will be accounted
* for on other fids and on queries based on the node
* state.
*/
}
if (is_dir == 0) {
}
if (rc != 0) {
}
if (status == NT_STATUS_SHARING_VIOLATION) {
return (status);
}
} else {
if (rc != 0) {
}
}
created = 1;
}
}
if (max_requested) {
}
/*
* if last_write time was in request and is not 0 or -1,
* use it as file's mtime
*/
}
/*
* smb_ofile_open() will copy node to of->node. Hence
* the hold on node (i.e. op->fqi.last_snode) will be "transferred"
* to the "of" structure.
*/
if (created)
}
if (status != NT_STATUS_SUCCESS) {
/*
* smb_fsop_unshrlock() and smb_fsop_close()
* are called from smb_ofile_close()
*/
smb_ofile_close(of, 0);
if (created)
return (status);
}
} else { /* VDIR or VLNK */
}
/*
* Propagate the write-through mode from the open params
* to the node: see the notes in the function header.
*/
/*
* Set up the file type in open_param for the response
*/
if (created)
return (NT_STATUS_SUCCESS);
}
/*
* smb_validate_object_name
*
* Very basic file name validation.
* Directory validation is handed off to smb_validate_dirname.
* For filenames, we check for names of the form "AAAn:". Names that
* contain three characters, a single digit and a colon (:) are reserved
* as DOS device names, i.e. "COM1:".
* Stream name validation is handed off to smb_validate_stream_name
*
* Returns NT status codes.
*/
{
char *filename;
if (path == 0)
return (0);
if (ftype)
return (smb_validate_dirname(path));
/*
* Basename with backslashes.
*/
++filename;
else
return (NT_STATUS_OBJECT_NAME_INVALID);
}
if (smb_is_stream_name(path))
return (smb_validate_stream_name(path));
return (0);
}
/*
* smb_preset_delete_on_close
*
* Set the DeleteOnClose flag on the smb file. When the file is closed,
* the flag will be transferred to the smb node, which will commit the
* delete operation and inhibit subsequent open requests.
*
* When DeleteOnClose is set on an smb_node, the common open code will
* reject subsequent open requests for the file. Observation of Windows
* 2000 indicates that subsequent opens should be allowed (assuming
* there would be no sharing violation) until the file is closed using
* the fid on which the DeleteOnClose was requested.
*/
void
{
}