smb_node.c revision bbf6f00c25b6a2bed23c35eac6d62998ecdb338c
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/*
* SMB Node State Machine
* ----------------------
*
*
* +----------- Creation/Allocation
* |
* | T0
* |
* v
* +----------------------------+ T1
* | SMB_NODE_STATE_AVAILABLE |--------------------+
* +----------------------------+ |
* | ^ |
* | | v
* | | T2 +-------------------------------+
* | |<---------| SMB_NODE_STATE_OPLOCK_GRANTED |
* | | +-------------------------------+
* | T5 | |
* | | | T3
* | | v
* | | T4 +--------------------------------+
* | +----------| SMB_NODE_STATE_OPLOCK_BREAKING |
* | +--------------------------------+
* |
* v
* +-----------------------------+
* | SMB_NODE_STATE_DESTROYING |
* +-----------------------------+
* |
* |
* | T6
* |
*
* Transition T0
*
* This transition occurs in smb_node_lookup(). If the node looked for is
* not found in the has table a new node is created. The reference count is
* initialized to 1 and the state initialized to SMB_NODE_STATE_AVAILABLE.
*
* Transition T1
*
* This transition occurs smb_oplock_acquire() during an OPEN.
*
* Transition T2
*
* This transition occurs in smb_oplock_release(). The events triggering
* it are:
*
* - LockingAndX sent by the client that was granted the oplock.
* - Closing of the file.
*
* Transition T3
*
* This transition occurs in smb_oplock_break(). The events triggering
* it are:
*
* - Another client wants to open the file.
* - A client is trying to delete the file.
* - A client is trying to rename the file.
*
* Transition T4
*
* This transition occurs in smb_oplock_release or smb_oplock_break(). The
* events triggering it are:
*
* - The client that was granting the oplock releases it (close or
* LockingAndx).
* - The time alloted to release the oplock expired.
*
* Transition T5
*
* This transition occurs in smb_node_release(). If the reference count
* drops to zero the state is moved to SMB_NODE_STATE_DESTROYING and no more
* reference count will be given out for that node.
*
* Transition T6
*
* This transition occurs in smb_node_release(). The structure is deleted.
*
* Comments
* --------
*
* The reason the smb node has 2 states is the following synchronization
* rule:
*
* There's a mutex embedded in the node used to protect its fields and
* there's a lock embedded in the bucket of the hash table the node belongs
* to. To increment or to decrement the reference count the mutex must be
* entered. To insert the node into the bucket and to remove it from the
* bucket the lock must be entered in RW_WRITER mode. When both (mutex and
* lock) have to be entered, the lock has always to be entered first then
* the mutex. This prevents a deadlock between smb_node_lookup() and
* smb_node_release() from occurring. However, in smb_node_release() when the
* reference count drops to zero and triggers the deletion of the node, the
* mutex has to be released before entering the lock of the bucket (to
* remove the node). This creates a window during which the node that is
* about to be freed could be given out by smb_node_lookup(). To close that
* window the node is moved to the state SMB_NODE_STATE_DESTROYING before
* releasing the mutex. That way, even if smb_node_lookup() finds it, the
* state will indicate that the node should be treated as non existent (of
* protection of the mutex).
*/
#include <smbsrv/smb_kproto.h>
#include <smbsrv/smb_fsops.h>
#include <smbsrv/smb_kstat.h>
#include <sys/pathname.h>
uint32_t smb_is_executable(char *);
static void smb_node_delete_on_close(smb_node_t *);
static void smb_node_create_audit_buf(smb_node_t *, int);
static void smb_node_destroy_audit_buf(smb_node_t *);
static void smb_node_audit(smb_node_t *);
static void smb_node_free(smb_node_t *);
static int smb_node_constructor(void *, void *, int);
static void smb_node_destructor(void *, void *);
static void smb_node_init_cached_data(smb_node_t *);
static void smb_node_clear_cached_data(smb_node_t *);
static void smb_node_clear_cached_timestamps(smb_node_t *);
static void smb_node_clear_cached_allocsz(smb_node_t *);
/* round sz to DEV_BSIZE block */
/*
* smb_node_init
*
* Initialization of the SMB node layer.
*
* This function is not multi-thread safe. The caller must make sure only one
* thread makes the call.
*/
int
smb_node_init(void)
{
int i;
if (smb_node_initialized)
return (0);
for (i = 0; i <= SMBND_HASH_MASK; i++) {
}
return (0);
}
/*
* smb_node_fini
*
* This function is not multi-thread safe. The caller must make sure only one
* thread makes the call.
*/
void
smb_node_fini(void)
{
int i;
if (!smb_node_initialized)
return;
#ifdef DEBUG
for (i = 0; i <= SMBND_HASH_MASK; i++) {
/*
* The following sequence is just intended for sanity check.
* This will have to be modified when the code goes into
* production.
*
* The SMB node hash table should be emtpy at this point. If the
* hash table is not empty a panic will be triggered.
*
* The reason why SMB nodes are still remaining in the hash
* table is problably due to a mismatch between calls to
* smb_node_lookup() and smb_node_release(). You must track that
* down.
*/
}
#endif
for (i = 0; i <= SMBND_HASH_MASK; i++) {
}
}
/*
* smb_node_lookup()
*
* NOTE: This routine should only be called by the file system interface layer,
* and not by SMB.
*
* smb_node_lookup() is called upon successful lookup, mkdir, and create
* (for both non-streams and streams). In each of these cases, a held vnode is
* passed into this routine. If a new smb_node is created it will take its
* own hold on the vnode. The caller's hold therefore still belongs to, and
* should be released by, the caller.
*
* A reference is taken on the smb_node whether found in the hash table
* or newly created.
*
* If an smb_node needs to be created, a reference is also taken on the
* dnode (if passed in).
*
* See smb_node_release() for details on the release of these references.
*/
/*ARGSUSED*/
struct smb_request *sr,
struct open_param *op,
char *od_name,
{
int error;
/*
* smb_vop_getattr() is called here instead of smb_fsop_getattr(),
* because the node may not yet exist. We also do not want to call
* it with the list lock held.
*/
if (unode)
/*
* This getattr is performed on behalf of the server
* that's why kcred is used not the user's cred
*/
if (error)
return (NULL);
/*
* The fsid for a file is that of the tree, even
* if the file resides in a different mountpoint
* under the share.
*/
} else {
/*
* This should be getting executed only for the
* tree root smb_node.
*/
}
for (;;) {
while (node) {
smb_node_t *, node);
case SMB_NODE_STATE_AVAILABLE:
/* The node was found. */
}
return (node);
/*
* Although the node exists it is about
* to be destroyed. We act as it hasn't
* been found.
*/
break;
default:
/*
* Although the node exists it is in an
* unknown state. We act as it hasn't
* been found.
*/
ASSERT(0);
break;
}
}
}
continue;
}
break;
}
if (op)
if (dnode) {
}
if (unode) {
}
return (node);
}
/*
* smb_stream_node_lookup()
*
* Note: stream_name (the name that will be stored in the "od_name" field
* of a stream's smb_node) is the same as the on-disk name for the stream
* except that it does not have SMB_STREAM_PREFIX prepended.
*/
{
if (xattrdir_node == NULL)
return (NULL);
fnode);
(void) smb_node_release(xattrdir_node);
return (snode);
}
/*
* This function should be called whenever a reference is needed on an
* smb_node pointer. The copy of an smb_node pointer from one non-local
* data structure to another requires a reference to be taken on the smb_node
* (unless the usage is localized). Each data structure deallocation routine
* will call smb_node_release() on its smb_node pointers.
*
* In general, an smb_node pointer residing in a structure should never be
* stale. A node pointer may be NULL, however, and care should be taken
* prior to calling smb_node_ref(), which ASSERTs that the pointer is valid.
* Care also needs to be taken with respect to racing deallocations of a
* structure.
*/
void
{
case SMB_NODE_STATE_AVAILABLE:
break;
default:
SMB_PANIC();
}
}
/*
* smb_node_lookup() takes a hold on an smb_node, whether found in the
* hash table or newly created. This hold is expected to be released
* in the following manner.
*
* smb_node_lookup() takes an address of an smb_node pointer. This should
* be getting passed down via a lookup (whether path name or component), mkdir,
* create. If the original smb_node pointer resides in a data structure, then
* the deallocation routine for the data structure is responsible for calling
* smb_node_release() on the smb_node pointer. Alternatively,
* smb_node_release() can be called as soon as the smb_node pointer is no longer
* needed. In this case, callers are responsible for setting an embedded
* pointer to NULL if it is known that the last reference is being released.
*
* If the passed-in address of the smb_node pointer belongs to a local variable,
* then the caller with the local variable should call smb_node_release()
* directly.
*
* smb_node_release() itself will call smb_node_release() on a node's n_dnode,
* as smb_node_lookup() takes a hold on dnode.
*/
void
{
case SMB_NODE_STATE_AVAILABLE:
/*
* Check if the file was deleted
*/
}
}
return;
default:
SMB_PANIC();
}
}
}
static void
{
int rc = 0;
else
}
if (rc != 0)
}
/*
* smb_node_rename()
*
*/
void
char *to_name)
{
case SMB_NODE_STATE_AVAILABLE:
/*
* XXX Need to update attributes?
*/
break;
default:
SMB_PANIC();
}
}
int
{
int error;
if (error) {
return (error);
}
return (0);
}
/*
* When DeleteOnClose is set on an smb_node, the common open code will
* reject subsequent open requests for the file. Observation of Windows
* 2000 indicates that subsequent opens should be allowed (assuming
* there would be no sharing violation) until the file is closed using
* the fid on which the DeleteOnClose was requested.
*
* If there are multiple opens with delete-on-close create options,
* whichever the first file handle is closed will trigger the node to be
* marked as delete-on-close. The credentials of that ofile will be used
* as the delete-on-close credentials of the node.
*/
int
{
int rc = 0;
if (node->readonly_creator)
return (-1);
return (-1);
}
rc = -1;
} else {
rc = 0;
}
return (rc);
}
void
{
node->n_delete_on_close_flags = 0;
}
}
/*
* smb_node_open_check
*
* check file sharing rules for current open request
* against all existing opens for a file.
*
* Returns NT_STATUS_SHARING_VIOLATION if there is any
* sharing conflict, otherwise returns NT_STATUS_SUCCESS.
*/
{
while (of) {
switch (status) {
case NT_STATUS_INVALID_HANDLE:
case NT_STATUS_SUCCESS:
break;
default:
return (status);
}
}
return (NT_STATUS_SUCCESS);
}
{
/*
* Intra-CIFS check
*/
while (of) {
switch (status) {
case NT_STATUS_INVALID_HANDLE:
case NT_STATUS_SUCCESS:
break;
default:
return (status);
}
}
/*
* system-wide share check
*/
return (NT_STATUS_SHARING_VIOLATION);
else
return (NT_STATUS_SUCCESS);
}
{
return (NT_STATUS_SUCCESS);
/*
* intra-CIFS check
*/
while (of) {
switch (status) {
case NT_STATUS_INVALID_HANDLE:
case NT_STATUS_SUCCESS:
break;
default:
return (status);
}
}
/*
* system-wide share check
*/
return (NT_STATUS_SHARING_VIOLATION);
else
return (NT_STATUS_SUCCESS);
}
void
{
}
}
/*
* smb_node_start_crit()
*
* Enter critical region for share reservations.
* See comments above smb_fsop_shrlock().
*/
void
{
}
/*
* smb_node_end_crit()
*
* Exit critical region for share reservations.
*/
void
{
}
int
{
}
void
{
}
void
{
}
void
{
}
{
return (cntr);
}
void
{
}
void
{
}
/*
* smb_node_inc_open_ofiles
*/
void
{
node->n_open_count++;
}
/*
* smb_node_dec_open_ofiles
*/
void
{
node->n_open_count--;
}
{
return (cnt);
}
/*
* smb_node_alloc
*/
static smb_node_t *
char *od_name,
{
node->n_orig_uid = 0;
node->waiting_event = 0;
node->n_open_count = 0;
node->n_delete_on_close_flags = 0;
return (node);
}
/*
* smb_node_free
*/
static void
{
}
/*
* smb_node_constructor
*/
static int
{
return (0);
}
/*
* smb_node_destructor
*/
static void
{
}
/*
* smb_node_create_audit_buf
*/
static void
{
if (smb_audit_flags & SMB_AUDIT_NODE) {
}
}
/*
* smb_node_destroy_audit_buf
*/
static void
{
}
}
/*
* smb_node_audit
*
* This function saves the calling stack in the audit buffer of the node passed
* in.
*/
static void
{
if (node->n_audit_buf) {
}
}
static smb_llist_t *
{
}
{
}
{
}
/*
* smb_node_file_is_readonly
*
* Checks if the file (which node represents) is marked readonly
* in the filesystem. No account is taken of any pending readonly
* in the node, which must be handled by the callers.
* (See SMB_OFILE_IS_READONLY and SMB_PATHFILE_IS_READONLY)
*/
{
return (B_FALSE);
}
/*
* smb_node_setattr
*
* The sr may be NULL, for example when closing an ofile.
* The ofile may be NULL, for example when a client request
* specifies the file by pathname.
*
* Timestamps
* When attributes are set on an ofile, any pending timestamps
* from a write request on the ofile are implicitly set to "now".
* For compatibility with windows the following timestamps are
* also implicitly set to now:
* - if any attribute is being explicitly set, set ctime to now
* - if file size is being explicitly set, set atime & ctime to now
*
* Any timestamp that is being explicitly set, or has previously
* been explicitly set on the ofile, is excluded from implicit
* (now) setting.
*
* Updates the node's cached timestamp values.
* Updates the ofile's explicit times flag.
*
* File allocation size
* When the file allocation size is set it is first rounded up
* to block size. If the file size is smaller than the allocation
* size the file is truncated by setting the filesize to allocsz.
* If there are open ofiles, the allocsz is cached on the node.
*
* Updates the node's cached allocsz value.
*
* Returns: errno
*/
int
{
int rc;
uint32_t pending_times = 0;
uint32_t explicit_times = 0;
/* set attributes specified in attr */
/* if allocation size is < file size, truncate the file */
}
}
if (rc != 0)
return (rc);
if (of) {
}
}
/*
* Determine which timestamps to implicitly set to "now".
* Don't overwrite timestamps already explicitly set.
*/
gethrestime(&now);
/* pending write timestamps */
if (of) {
if (smb_ofile_write_time_pending(of)) {
}
}
if (pending_times) {
}
/* additional timestamps to update in cache */
return (0);
}
/*
* smb_node_getattr
*
* Get attributes from the file system and apply any smb-specific
* overrides for size, dos attributes and timestamps
*
* node->readonly_creator reflects whether a readonly set is pending
* from a readonly create. The readonly attribute should be visible to
* all clients even though the readonly creator fid is immune to the
* readonly bit until close.
*
* Returns: errno
*/
int
{
int rc;
if (rc != 0)
return (rc);
attr->sa_allocsz = 0;
}
if (node->readonly_creator)
if (attr->sa_dosattr == 0)
return (0);
}
/*
* smb_node_init_cached_data
*/
static void
{
}
/*
* smb_node_clear_cached_data
*/
static void
{
}
/*
* File allocation size (allocsz) caching
*
* When there are open ofiles on the node, the file allocsz is cached.
* The cached value (n_allocsz) is initialized when the first ofile is
* opened and cleared when the last is closed. Allocsz calculated from
* the filesize (rounded up to block size).
* When the allocation size is queried, if the cached allocsz is less
* than the filesize, it is recalculated from the filesize.
*/
/*
* smb_node_init_cached_allocsz
*
* If there are open ofiles, cache the allocsz in the node.
* Calculate the allocsz from the filesizes.
* block size).
*/
static void
{
}
/*
* smb_node_clear_cached_allocsz
*/
static void
{
if (node->n_open_count == 0)
}
/*
* smb_node_get_cached_allocsz
*
* If there is no cached allocsz (no open files), calculate
* allocsz from the filesize.
* If the allocsz is cached but is smaller than the filesize
* recalculate the cached allocsz from the filesize.
*
* Return allocs in attr->sa_allocsz.
*/
static void
{
return;
if (node->n_open_count == 0) {
} else {
}
}
/*
* smb_node_set_cached_allocsz
*
* attr->sa_allocsz has already been rounded to block size by
* the caller.
*/
static void
{
if (node->n_open_count > 0)
}
}
/*
* Timestamp caching
*
* Solaris file systems handle timestamps different from NTFS. For
* example when file data is written NTFS doesn't update the timestamps
* until the file is closed, and then only if they haven't been explicity
* set via a set attribute request. In order to provide a more similar
* view of an open file's timestamps, we cache the timestamps in the
* node and manipulate them in a manner more consistent with windows.
* (See handling of explicit times and pending timestamps from a write
* request in smb_node_getattr and smb_node_setattr above.)
* Timestamps remain cached while there are open ofiles for the node.
* This includes open ofiles for named streams.
* n_open_ofiles cannot be used as this doesn't include ofiles opened
* for the node's named streams. Thus n_timestamps contains a count
* of open ofiles (t_open_ofiles), including named streams' ofiles,
* to be used to control timestamp caching.
*
* If a node represents a named stream the associated unnamed streams
* cached timestamps are used instead.
*/
/*
* smb_node_init_cached_timestamps
*
* Increment count of open ofiles which are using the cached timestamps.
* If this is the first open ofile, init the cached timestamps from the
* file system values.
*/
static void
{
}
}
/*
* smb_node_clear_cached_timestamps
*
* Decrement count of open ofiles using the cached timestamps.
* If the decremented count is zero, clear the cached timestamps.
*/
static void
{
}
/*
* smb_node_get_cached_timestamps
*
* Overwrite timestamps in attr with those cached in node.
*/
static void
{
}
}
/*
* smb_node_set_cached_timestamps
*
* Update the node's cached timestamps with values from attr.
*/
static void
{
}
}