2 Unix SMB/CIFS implementation.
3 Wrap gpfs calls in vfs functions.
5 Copyright (C) Christian Ambach <cambach1@de.ibm.com> 2006
7 Major code contributions by Chetan Shringarpure <chetan.sh@in.ibm.com>
8 and Gomati Mohanan <gomati.mohanan@in.ibm.com>
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "smbd/smbd.h"
26 #include "librpc/gen_ndr/ndr_xattr.h"
27 #include "include/smbprofile.h"
28 #include "modules/non_posix_acls.h"
29 #include "libcli/security/security.h"
32 #define DBGC_CLASS DBGC_VFS
34 #include <gpfs_fcntl.h>
35 #include "nfs4_acls.h"
37 #include "system/filesys.h"
39 #include "lib/util/tevent_unix.h"
41 struct gpfs_config_data {
56 static inline unsigned int gpfs_acl_flags(gpfs_acl_t *gacl)
58 if (gacl->acl_level == 1) { /* GPFS_ACL_LEVEL_V4FLAGS */
59 /* gacl->v4Level1.acl_flags requires gpfs 3.5 */
60 return *(unsigned int *)&gacl->ace_v4;
65 static inline gpfs_ace_v4_t *gpfs_ace_ptr(gpfs_acl_t *gacl, unsigned int i)
67 if (gacl->acl_level == 1) { /* GPFS_ACL_LEVEL_V4FLAGS */
68 /* &gacl->v4Level1.ace_v4[i] requires gpfs 3.5 */
69 char *ptr = (char *)&gacl->ace_v4[i] + sizeof(unsigned int);
70 return (gpfs_ace_v4_t *)ptr;
72 return &gacl->ace_v4[i];
75 static bool set_gpfs_sharemode(files_struct *fsp, uint32 access_mask,
78 unsigned int allow = GPFS_SHARE_NONE;
79 unsigned int deny = GPFS_DENY_NONE;
82 if ((fsp == NULL) || (fsp->fh == NULL) || (fsp->fh->fd < 0)) {
83 /* No real file, don't disturb */
87 allow |= (access_mask & (FILE_WRITE_DATA|FILE_APPEND_DATA|
88 DELETE_ACCESS)) ? GPFS_SHARE_WRITE : 0;
89 allow |= (access_mask & (FILE_READ_DATA|FILE_EXECUTE)) ?
92 if (allow == GPFS_SHARE_NONE) {
93 DEBUG(10, ("special case am=no_access:%x\n",access_mask));
96 deny |= (share_access & FILE_SHARE_WRITE) ?
98 deny |= (share_access & (FILE_SHARE_READ)) ?
101 DEBUG(10, ("am=%x, allow=%d, sa=%x, deny=%d\n",
102 access_mask, allow, share_access, deny));
104 result = gpfswrap_set_share(fsp->fh->fd, allow, deny);
106 if (errno == ENOSYS) {
107 DEBUG(5, ("VFS module vfs_gpfs loaded, but gpfs "
108 "set_share function support not available. "
109 "Allowing access\n"));
112 DEBUG(10, ("gpfs_set_share failed: %s\n",
117 return (result == 0);
120 static int vfs_gpfs_kernel_flock(vfs_handle_struct *handle, files_struct *fsp,
121 uint32 share_mode, uint32 access_mask)
124 struct gpfs_config_data *config;
127 START_PROFILE(syscall_kernel_flock);
129 SMB_VFS_HANDLE_GET_DATA(handle, config,
130 struct gpfs_config_data,
133 if(!config->sharemodes) {
137 kernel_flock(fsp->fh->fd, share_mode, access_mask);
139 if (!set_gpfs_sharemode(fsp, access_mask, fsp->share_access)) {
143 END_PROFILE(syscall_kernel_flock);
148 static int vfs_gpfs_close(vfs_handle_struct *handle, files_struct *fsp)
151 struct gpfs_config_data *config;
153 SMB_VFS_HANDLE_GET_DATA(handle, config,
154 struct gpfs_config_data,
157 if (config->sharemodes && (fsp->fh != NULL) && (fsp->fh->fd != -1)) {
158 set_gpfs_sharemode(fsp, 0, 0);
161 return SMB_VFS_NEXT_CLOSE(handle, fsp);
164 static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp,
167 struct gpfs_config_data *config;
170 START_PROFILE(syscall_linux_setlease);
172 SMB_VFS_HANDLE_GET_DATA(handle, config,
173 struct gpfs_config_data,
176 if (linux_set_lease_sighandler(fsp->fh->fd) == -1)
179 if (config->leases) {
181 * Ensure the lease owner is root to allow
182 * correct delivery of lease-break signals.
185 ret = set_gpfs_lease(fsp->fh->fd,leasetype);
189 END_PROFILE(syscall_linux_setlease);
194 static int vfs_gpfs_get_real_filename(struct vfs_handle_struct *handle,
202 char real_pathname[PATH_MAX+1];
205 struct gpfs_config_data *config;
207 SMB_VFS_HANDLE_GET_DATA(handle, config,
208 struct gpfs_config_data,
211 if (!config->getrealfilename) {
212 return SMB_VFS_NEXT_GET_REAL_FILENAME(handle, path, name,
213 mem_ctx, found_name);
216 mangled = mangle_is_mangled(name, handle->conn->params);
218 return SMB_VFS_NEXT_GET_REAL_FILENAME(handle, path, name,
219 mem_ctx, found_name);
222 full_path = talloc_asprintf(talloc_tos(), "%s/%s", path, name);
223 if (full_path == NULL) {
228 buflen = sizeof(real_pathname) - 1;
230 result = gpfswrap_get_realfilename_path(full_path, real_pathname,
233 TALLOC_FREE(full_path);
235 if ((result == -1) && (errno == ENOSYS)) {
236 return SMB_VFS_NEXT_GET_REAL_FILENAME(
237 handle, path, name, mem_ctx, found_name);
241 DEBUG(10, ("smbd_gpfs_get_realfilename_path returned %s\n",
247 * GPFS does not necessarily null-terminate the returned path
248 * but instead returns the buffer length in buflen.
251 if (buflen < sizeof(real_pathname)) {
252 real_pathname[buflen] = '\0';
254 real_pathname[sizeof(real_pathname)-1] = '\0';
257 DEBUG(10, ("smbd_gpfs_get_realfilename_path: %s/%s -> %s\n",
258 path, name, real_pathname));
260 name = strrchr_m(real_pathname, '/');
266 *found_name = talloc_strdup(mem_ctx, name+1);
267 if (*found_name == NULL) {
275 static void sd2gpfs_control(uint16_t control, struct gpfs_acl *gacl)
277 unsigned int gpfs_aclflags = 0;
278 control &= SEC_DESC_DACL_PROTECTED | SEC_DESC_SACL_PROTECTED |
279 SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_SACL_AUTO_INHERITED |
280 SEC_DESC_DACL_DEFAULTED | SEC_DESC_SACL_DEFAULTED |
281 SEC_DESC_DACL_PRESENT | SEC_DESC_SACL_PRESENT;
282 gpfs_aclflags = control << 8;
283 if (!(control & SEC_DESC_DACL_PRESENT))
284 gpfs_aclflags |= 0x00800000; /* ACL4_FLAG_NULL_DACL; */
285 if (!(control & SEC_DESC_SACL_PRESENT))
286 gpfs_aclflags |= 0x01000000; /* ACL4_FLAG_NULL_SACL; */
287 gacl->acl_level = 1; /* GPFS_ACL_LEVEL_V4FLAGS*/
288 /* gacl->v4Level1.acl_flags requires gpfs 3.5 */
289 *(unsigned int *)&gacl->ace_v4 = gpfs_aclflags;
292 static uint16_t gpfs2sd_control(unsigned int gpfs_aclflags)
294 uint16_t control = gpfs_aclflags >> 8;
295 control &= SEC_DESC_DACL_PROTECTED | SEC_DESC_SACL_PROTECTED |
296 SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_SACL_AUTO_INHERITED |
297 SEC_DESC_DACL_DEFAULTED | SEC_DESC_SACL_DEFAULTED |
298 SEC_DESC_DACL_PRESENT | SEC_DESC_SACL_PRESENT;
299 control |= SEC_DESC_SELF_RELATIVE;
303 static void gpfs_dumpacl(int level, struct gpfs_acl *gacl)
308 DEBUG(0, ("gpfs acl is NULL\n"));
312 DEBUG(level, ("len: %d, level: %d, version: %d, nace: %d, "
314 gacl->acl_len, gacl->acl_level, gacl->acl_version,
315 gacl->acl_nace, gpfs_acl_flags(gacl)));
317 for(i=0; i<gacl->acl_nace; i++)
319 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, i);
320 DEBUG(level, ("\tace[%d]: type:%d, flags:0x%x, mask:0x%x, "
321 "iflags:0x%x, who:%u\n",
322 i, gace->aceType, gace->aceFlags, gace->aceMask,
323 gace->aceIFlags, gace->aceWho));
328 * get the ACL from GPFS, allocated on the specified mem_ctx
329 * internally retries when initial buffer was too small
331 * caller needs to cast result to either
332 * raw = yes: struct gpfs_opaque_acl
333 * raw = no: struct gpfs_acl
336 static void *vfs_gpfs_getacl(TALLOC_CTX *mem_ctx,
339 const gpfs_aclType_t type)
350 aclbuf = talloc_zero_size(mem_ctx, size);
351 if (aclbuf == NULL) {
357 struct gpfs_opaque_acl *buf = (struct gpfs_opaque_acl *) aclbuf;
358 buf->acl_type = type;
359 flags = GPFS_GETACL_NATIVE;
360 len = (unsigned int *) &(buf->acl_buffer_len);
361 struct_size = sizeof(struct gpfs_opaque_acl);
363 struct gpfs_acl *buf = (struct gpfs_acl *) aclbuf;
364 buf->acl_type = type;
365 buf->acl_level = 1; /* GPFS_ACL_LEVEL_V4FLAGS */
366 flags = GPFS_GETACL_STRUCT;
367 len = &(buf->acl_len);
368 /* reserve space for control flags in gpfs 3.5 and beyond */
369 struct_size = sizeof(struct gpfs_acl) + sizeof(unsigned int);
372 /* set the length of the buffer as input value */
376 ret = gpfswrap_getacl(discard_const_p(char, fname), flags, aclbuf);
377 if ((ret != 0) && (errno == ENOSPC)) {
379 * get the size needed to accommodate the complete buffer
381 * the value returned only applies to the ACL blob in the
382 * struct so make sure to also have headroom for the first
383 * struct members by adding room for the complete struct
384 * (might be a few bytes too much then)
386 size = *len + struct_size;
388 DEBUG(10, ("Increasing ACL buffer size to %zu\n", size));
393 DEBUG(5, ("smbd_gpfs_getacl failed with %s\n",
402 /* Tries to get nfs4 acls and returns SMB ACL allocated.
403 * On failure returns 1 if it got non-NFSv4 ACL to prompt
404 * retry with POSIX ACL checks.
405 * On failure returns -1 if there is system (GPFS) error, check errno.
406 * Returns 0 on success
408 static int gpfs_get_nfs4_acl(TALLOC_CTX *mem_ctx, const char *fname, SMB4ACL_T **ppacl)
411 struct gpfs_acl *gacl = NULL;
412 DEBUG(10, ("gpfs_get_nfs4_acl invoked for %s\n", fname));
415 gacl = (struct gpfs_acl*) vfs_gpfs_getacl(talloc_tos(), fname,
418 DEBUG(9, ("gpfs_getacl failed for %s with %s\n",
419 fname, strerror(errno)));
423 if (gacl->acl_type != GPFS_ACL_TYPE_NFS4) {
424 DEBUG(10, ("Got non-nfsv4 acl\n"));
425 /* Retry with POSIX ACLs check */
430 *ppacl = smb_create_smb4acl(mem_ctx);
432 if (gacl->acl_level == 1) { /* GPFS_ACL_LEVEL_V4FLAGS */
433 uint16_t control = gpfs2sd_control(gpfs_acl_flags(gacl));
434 smbacl4_set_controlflags(*ppacl, control);
437 DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d, control: %x\n",
438 gacl->acl_len, gacl->acl_level, gacl->acl_version,
439 gacl->acl_nace, gpfs_acl_flags(gacl)));
441 for (i=0; i<gacl->acl_nace; i++) {
442 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, i);
443 SMB_ACE4PROP_T smbace;
444 DEBUG(10, ("type: %d, iflags: %x, flags: %x, mask: %x, "
445 "who: %d\n", gace->aceType, gace->aceIFlags,
446 gace->aceFlags, gace->aceMask, gace->aceWho));
449 if (gace->aceIFlags & ACE4_IFLAG_SPECIAL_ID) {
450 smbace.flags |= SMB_ACE4_ID_SPECIAL;
451 switch (gace->aceWho) {
452 case ACE4_SPECIAL_OWNER:
453 smbace.who.special_id = SMB_ACE4_WHO_OWNER;
455 case ACE4_SPECIAL_GROUP:
456 smbace.who.special_id = SMB_ACE4_WHO_GROUP;
458 case ACE4_SPECIAL_EVERYONE:
459 smbace.who.special_id = SMB_ACE4_WHO_EVERYONE;
462 DEBUG(8, ("invalid special gpfs id %d "
463 "ignored\n", gace->aceWho));
464 continue; /* don't add it */
467 if (gace->aceFlags & ACE4_FLAG_GROUP_ID)
468 smbace.who.gid = gace->aceWho;
470 smbace.who.uid = gace->aceWho;
473 /* remove redundant deny entries */
474 if (i > 0 && gace->aceType == SMB_ACE4_ACCESS_DENIED_ACE_TYPE) {
475 struct gpfs_ace_v4 *prev = gpfs_ace_ptr(gacl, i - 1);
476 if (prev->aceType == SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE &&
477 prev->aceFlags == gace->aceFlags &&
478 prev->aceIFlags == gace->aceIFlags &&
479 (gace->aceMask & prev->aceMask) == 0 &&
480 gace->aceWho == prev->aceWho) {
481 /* it's redundant - skip it */
486 smbace.aceType = gace->aceType;
487 smbace.aceFlags = gace->aceFlags;
488 smbace.aceMask = gace->aceMask;
489 smb_add_ace4(*ppacl, &smbace);
497 static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle,
498 files_struct *fsp, uint32 security_info,
500 struct security_descriptor **ppdesc)
502 SMB4ACL_T *pacl = NULL;
504 struct gpfs_config_data *config;
505 TALLOC_CTX *frame = talloc_stackframe();
510 SMB_VFS_HANDLE_GET_DATA(handle, config,
511 struct gpfs_config_data,
512 return NT_STATUS_INTERNAL_ERROR);
515 status = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info,
521 result = gpfs_get_nfs4_acl(frame, fsp->fsp_name->base_name, &pacl);
524 status = smb_fget_nt_acl_nfs4(fsp, security_info, mem_ctx,
531 DEBUG(10, ("retrying with posix acl...\n"));
532 status = posix_fget_nt_acl(fsp, security_info,
540 /* GPFS ACL was not read, something wrong happened, error code is set in errno */
541 return map_nt_error_from_unix(errno);
544 static NTSTATUS gpfsacl_get_nt_acl(vfs_handle_struct *handle,
546 uint32 security_info,
547 TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc)
549 SMB4ACL_T *pacl = NULL;
551 struct gpfs_config_data *config;
552 TALLOC_CTX *frame = talloc_stackframe();
557 SMB_VFS_HANDLE_GET_DATA(handle, config,
558 struct gpfs_config_data,
559 return NT_STATUS_INTERNAL_ERROR);
562 status = SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info,
568 result = gpfs_get_nfs4_acl(frame, name, &pacl);
571 status = smb_get_nt_acl_nfs4(handle->conn, name, security_info,
572 mem_ctx, ppdesc, pacl);
578 DEBUG(10, ("retrying with posix acl...\n"));
579 status = posix_get_nt_acl(handle->conn, name, security_info,
585 /* GPFS ACL was not read, something wrong happened, error code is set in errno */
587 return map_nt_error_from_unix(errno);
590 static struct gpfs_acl *vfs_gpfs_smbacl2gpfsacl(TALLOC_CTX *mem_ctx,
595 struct gpfs_acl *gacl;
596 gpfs_aclLen_t gacl_len;
599 gacl_len = offsetof(gpfs_acl_t, ace_v4) + sizeof(unsigned int)
600 + smb_get_naces(smbacl) * sizeof(gpfs_ace_v4_t);
602 gacl = (struct gpfs_acl *)TALLOC_SIZE(mem_ctx, gacl_len);
604 DEBUG(0, ("talloc failed\n"));
609 gacl->acl_level = 0; /* GPFS_ACL_LEVEL_BASE */
610 gacl->acl_version = GPFS_ACL_VERSION_NFS4;
611 gacl->acl_type = GPFS_ACL_TYPE_NFS4;
612 gacl->acl_nace = 0; /* change later... */
615 gacl->acl_level = 1; /* GPFS_ACL_LEVEL_V4FLAGS */
616 sd2gpfs_control(smbacl4_get_controlflags(smbacl), gacl);
619 for (smbace=smb_first_ace4(smbacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) {
620 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, gacl->acl_nace);
621 SMB_ACE4PROP_T *aceprop = smb_get_ace4(smbace);
623 gace->aceType = aceprop->aceType;
624 gace->aceFlags = aceprop->aceFlags;
625 gace->aceMask = aceprop->aceMask;
628 * GPFS can't distinguish between WRITE and APPEND on
629 * files, so one being set without the other is an
630 * error. Sorry for the many ()'s :-)
633 if (!fsp->is_directory
635 ((((gace->aceMask & ACE4_MASK_WRITE) == 0)
636 && ((gace->aceMask & ACE4_MASK_APPEND) != 0))
638 (((gace->aceMask & ACE4_MASK_WRITE) != 0)
639 && ((gace->aceMask & ACE4_MASK_APPEND) == 0)))
641 lp_parm_bool(fsp->conn->params->service, "gpfs",
642 "merge_writeappend", True)) {
643 DEBUG(2, ("vfs_gpfs.c: file [%s]: ACE contains "
644 "WRITE^APPEND, setting WRITE|APPEND\n",
646 gace->aceMask |= ACE4_MASK_WRITE|ACE4_MASK_APPEND;
649 gace->aceIFlags = (aceprop->flags&SMB_ACE4_ID_SPECIAL) ? ACE4_IFLAG_SPECIAL_ID : 0;
651 if (aceprop->flags&SMB_ACE4_ID_SPECIAL)
653 switch(aceprop->who.special_id)
655 case SMB_ACE4_WHO_EVERYONE:
656 gace->aceWho = ACE4_SPECIAL_EVERYONE;
658 case SMB_ACE4_WHO_OWNER:
659 gace->aceWho = ACE4_SPECIAL_OWNER;
661 case SMB_ACE4_WHO_GROUP:
662 gace->aceWho = ACE4_SPECIAL_GROUP;
665 DEBUG(8, ("unsupported special_id %d\n", aceprop->who.special_id));
666 continue; /* don't add it !!! */
669 /* just only for the type safety... */
670 if (aceprop->aceFlags&SMB_ACE4_IDENTIFIER_GROUP)
671 gace->aceWho = aceprop->who.gid;
673 gace->aceWho = aceprop->who.uid;
678 gacl->acl_len = (char *)gpfs_ace_ptr(gacl, gacl->acl_nace)
683 static bool gpfsacl_process_smbacl(vfs_handle_struct *handle,
688 struct gpfs_acl *gacl;
689 TALLOC_CTX *mem_ctx = talloc_tos();
691 gacl = vfs_gpfs_smbacl2gpfsacl(mem_ctx, fsp, smbacl, true);
692 if (gacl == NULL) { /* out of memory */
695 ret = gpfswrap_putacl(fsp->fsp_name->base_name,
696 GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA, gacl);
698 if ((ret != 0) && (errno == EINVAL)) {
699 DEBUG(10, ("Retry without nfs41 control flags\n"));
701 gacl = vfs_gpfs_smbacl2gpfsacl(mem_ctx, fsp, smbacl, false);
702 if (gacl == NULL) { /* out of memory */
705 ret = gpfswrap_putacl(fsp->fsp_name->base_name,
706 GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA,
711 DEBUG(8, ("gpfs_putacl failed with %s\n", strerror(errno)));
712 gpfs_dumpacl(8, gacl);
716 DEBUG(10, ("gpfs_putacl succeeded\n"));
720 static NTSTATUS gpfsacl_set_nt_acl_internal(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
722 struct gpfs_acl *acl;
723 NTSTATUS result = NT_STATUS_ACCESS_DENIED;
725 acl = (struct gpfs_acl*) vfs_gpfs_getacl(talloc_tos(),
726 fsp->fsp_name->base_name,
729 return map_nt_error_from_unix(errno);
732 if (acl->acl_version == GPFS_ACL_VERSION_NFS4) {
733 if (lp_parm_bool(fsp->conn->params->service, "gpfs",
734 "refuse_dacl_protected", false)
735 && (psd->type&SEC_DESC_DACL_PROTECTED)) {
736 DEBUG(2, ("Rejecting unsupported ACL with DACL_PROTECTED bit set\n"));
738 return NT_STATUS_NOT_SUPPORTED;
741 result = smb_set_nt_acl_nfs4(handle,
742 fsp, security_info_sent, psd,
743 gpfsacl_process_smbacl);
744 } else { /* assume POSIX ACL - by default... */
745 result = set_nt_acl(fsp, security_info_sent, psd);
752 static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
754 struct gpfs_config_data *config;
756 SMB_VFS_HANDLE_GET_DATA(handle, config,
757 struct gpfs_config_data,
758 return NT_STATUS_INTERNAL_ERROR);
761 return SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
764 return gpfsacl_set_nt_acl_internal(handle, fsp, security_info_sent, psd);
767 static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl, TALLOC_CTX *mem_ctx)
772 result = sys_acl_init(mem_ctx);
773 if (result == NULL) {
778 result->count = pacl->acl_nace;
779 result->acl = talloc_realloc(result, result->acl, struct smb_acl_entry,
781 if (result->acl == NULL) {
787 for (i=0; i<pacl->acl_nace; i++) {
788 struct smb_acl_entry *ace = &result->acl[i];
789 const struct gpfs_ace_v1 *g_ace = &pacl->ace_v1[i];
791 DEBUG(10, ("Converting type %d id %lu perm %x\n",
792 (int)g_ace->ace_type, (unsigned long)g_ace->ace_who,
793 (int)g_ace->ace_perm));
795 switch (g_ace->ace_type) {
797 ace->a_type = SMB_ACL_USER;
798 ace->info.user.uid = (uid_t)g_ace->ace_who;
800 case GPFS_ACL_USER_OBJ:
801 ace->a_type = SMB_ACL_USER_OBJ;
804 ace->a_type = SMB_ACL_GROUP;
805 ace->info.group.gid = (gid_t)g_ace->ace_who;
807 case GPFS_ACL_GROUP_OBJ:
808 ace->a_type = SMB_ACL_GROUP_OBJ;
811 ace->a_type = SMB_ACL_OTHER;
814 ace->a_type = SMB_ACL_MASK;
817 DEBUG(10, ("Got invalid ace_type: %d\n",
825 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_READ) ?
827 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_WRITE) ?
829 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_EXECUTE) ?
832 DEBUGADD(10, ("Converted to %d perm %x\n",
833 ace->a_type, ace->a_perm));
839 static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type,
842 struct gpfs_acl *pacl;
843 SMB_ACL_T result = NULL;
845 pacl = vfs_gpfs_getacl(talloc_tos(), path, false, type);
848 DEBUG(10, ("vfs_gpfs_getacl failed for %s with %s\n",
849 path, strerror(errno)));
856 if (pacl->acl_version != GPFS_ACL_VERSION_POSIX) {
857 DEBUG(10, ("Got acl version %d, expected %d\n",
858 pacl->acl_version, GPFS_ACL_VERSION_POSIX));
863 DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d\n",
864 pacl->acl_len, pacl->acl_level, pacl->acl_version,
867 result = gpfs2smb_acl(pacl, mem_ctx);
868 if (result != NULL) {
883 static SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle,
888 gpfs_aclType_t gpfs_type;
889 struct gpfs_config_data *config;
891 SMB_VFS_HANDLE_GET_DATA(handle, config,
892 struct gpfs_config_data,
896 return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p,
901 case SMB_ACL_TYPE_ACCESS:
902 gpfs_type = GPFS_ACL_TYPE_ACCESS;
904 case SMB_ACL_TYPE_DEFAULT:
905 gpfs_type = GPFS_ACL_TYPE_DEFAULT;
908 DEBUG(0, ("Got invalid type: %d\n", type));
909 smb_panic("exiting");
912 return gpfsacl_get_posix_acl(path_p, gpfs_type, mem_ctx);
915 static SMB_ACL_T gpfsacl_sys_acl_get_fd(vfs_handle_struct *handle,
919 struct gpfs_config_data *config;
921 SMB_VFS_HANDLE_GET_DATA(handle, config,
922 struct gpfs_config_data,
926 return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx);
929 return gpfsacl_get_posix_acl(fsp->fsp_name->base_name,
930 GPFS_ACL_TYPE_ACCESS, mem_ctx);
933 static int gpfsacl_sys_acl_blob_get_file(vfs_handle_struct *handle,
936 char **blob_description,
939 struct gpfs_config_data *config;
940 struct gpfs_opaque_acl *acl = NULL;
944 SMB_VFS_HANDLE_GET_DATA(handle, config,
945 struct gpfs_config_data,
949 return SMB_VFS_NEXT_SYS_ACL_BLOB_GET_FILE(handle, path_p,
956 acl = (struct gpfs_opaque_acl *)
957 vfs_gpfs_getacl(mem_ctx,
963 DEBUG(5, ("vfs_gpfs_getacl finished with errno %d: %s\n",
964 errno, strerror(errno)));
966 /* EINVAL means POSIX ACL, bail out on other cases */
967 if (errno != EINVAL) {
976 * we only need the actual ACL blob here
977 * acl_version will always be NFS4 because we asked
979 * acl_type is only used for POSIX ACLs
981 aclblob.data = (uint8_t*) acl->acl_var_data;
982 aclblob.length = acl->acl_buffer_len;
984 *blob_description = talloc_strdup(mem_ctx, "gpfs_nfs4_acl");
985 if (!*blob_description) {
991 result = non_posix_sys_acl_blob_get_file_helper(handle, path_p,
999 /* fall back to POSIX ACL */
1000 return posix_sys_acl_blob_get_file(handle, path_p, mem_ctx,
1001 blob_description, blob);
1004 static int gpfsacl_sys_acl_blob_get_fd(vfs_handle_struct *handle,
1006 TALLOC_CTX *mem_ctx,
1007 char **blob_description,
1010 struct gpfs_config_data *config;
1011 struct gpfs_opaque_acl *acl = NULL;
1015 SMB_VFS_HANDLE_GET_DATA(handle, config,
1016 struct gpfs_config_data,
1020 return SMB_VFS_NEXT_SYS_ACL_BLOB_GET_FD(handle, fsp, mem_ctx,
1021 blob_description, blob);
1025 acl = (struct gpfs_opaque_acl *) vfs_gpfs_getacl(mem_ctx,
1026 fsp->fsp_name->base_name,
1028 GPFS_ACL_TYPE_NFS4);
1031 DEBUG(5, ("vfs_gpfs_getacl finished with errno %d: %s\n",
1032 errno, strerror(errno)));
1034 /* EINVAL means POSIX ACL, bail out on other cases */
1035 if (errno != EINVAL) {
1042 * file has NFSv4 ACL
1044 * we only need the actual ACL blob here
1045 * acl_version will always be NFS4 because we asked
1047 * acl_type is only used for POSIX ACLs
1049 aclblob.data = (uint8_t*) acl->acl_var_data;
1050 aclblob.length = acl->acl_buffer_len;
1052 *blob_description = talloc_strdup(mem_ctx, "gpfs_nfs4_acl");
1053 if (!*blob_description) {
1059 result = non_posix_sys_acl_blob_get_fd_helper(handle, fsp,
1067 /* fall back to POSIX ACL */
1068 return posix_sys_acl_blob_get_fd(handle, fsp, mem_ctx,
1069 blob_description, blob);
1072 static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl,
1073 SMB_ACL_TYPE_T type)
1076 struct gpfs_acl *result;
1079 DEBUG(10, ("smb2gpfs_acl: Got ACL with %d entries\n", pacl->count));
1081 len = offsetof(gpfs_acl_t, ace_v1) + (pacl->count) *
1082 sizeof(gpfs_ace_v1_t);
1084 result = (struct gpfs_acl *)SMB_MALLOC(len);
1085 if (result == NULL) {
1090 result->acl_len = len;
1091 result->acl_level = 0;
1092 result->acl_version = GPFS_ACL_VERSION_POSIX;
1093 result->acl_type = (type == SMB_ACL_TYPE_DEFAULT) ?
1094 GPFS_ACL_TYPE_DEFAULT : GPFS_ACL_TYPE_ACCESS;
1095 result->acl_nace = pacl->count;
1097 for (i=0; i<pacl->count; i++) {
1098 const struct smb_acl_entry *ace = &pacl->acl[i];
1099 struct gpfs_ace_v1 *g_ace = &result->ace_v1[i];
1101 DEBUG(10, ("Converting type %d perm %x\n",
1102 (int)ace->a_type, (int)ace->a_perm));
1104 g_ace->ace_perm = 0;
1106 switch(ace->a_type) {
1108 g_ace->ace_type = GPFS_ACL_USER;
1109 g_ace->ace_who = (gpfs_uid_t)ace->info.user.uid;
1111 case SMB_ACL_USER_OBJ:
1112 g_ace->ace_type = GPFS_ACL_USER_OBJ;
1113 g_ace->ace_perm |= ACL_PERM_CONTROL;
1117 g_ace->ace_type = GPFS_ACL_GROUP;
1118 g_ace->ace_who = (gpfs_uid_t)ace->info.group.gid;
1120 case SMB_ACL_GROUP_OBJ:
1121 g_ace->ace_type = GPFS_ACL_GROUP_OBJ;
1125 g_ace->ace_type = GPFS_ACL_MASK;
1126 g_ace->ace_perm = 0x8f;
1130 g_ace->ace_type = GPFS_ACL_OTHER;
1134 DEBUG(10, ("Got invalid ace_type: %d\n", ace->a_type));
1140 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_READ) ?
1142 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_WRITE) ?
1144 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_EXECUTE) ?
1145 ACL_PERM_EXECUTE : 0;
1147 DEBUGADD(10, ("Converted to %d id %d perm %x\n",
1148 g_ace->ace_type, g_ace->ace_who, g_ace->ace_perm));
1154 static int gpfsacl_sys_acl_set_file(vfs_handle_struct *handle,
1156 SMB_ACL_TYPE_T type,
1159 struct gpfs_acl *gpfs_acl;
1161 struct gpfs_config_data *config;
1163 SMB_VFS_HANDLE_GET_DATA(handle, config,
1164 struct gpfs_config_data,
1168 return SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle, name, type, theacl);
1171 gpfs_acl = smb2gpfs_acl(theacl, type);
1172 if (gpfs_acl == NULL) {
1176 result = gpfswrap_putacl(discard_const_p(char, name),
1177 GPFS_PUTACL_STRUCT|GPFS_ACL_SAMBA, gpfs_acl);
1179 SAFE_FREE(gpfs_acl);
1183 static int gpfsacl_sys_acl_set_fd(vfs_handle_struct *handle,
1187 struct gpfs_config_data *config;
1189 SMB_VFS_HANDLE_GET_DATA(handle, config,
1190 struct gpfs_config_data,
1194 return SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, theacl);
1197 return gpfsacl_sys_acl_set_file(handle, fsp->fsp_name->base_name,
1198 SMB_ACL_TYPE_ACCESS, theacl);
1201 static int gpfsacl_sys_acl_delete_def_file(vfs_handle_struct *handle,
1204 struct gpfs_config_data *config;
1206 SMB_VFS_HANDLE_GET_DATA(handle, config,
1207 struct gpfs_config_data,
1211 return SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE(handle, path);
1219 * Assumed: mode bits are shiftable and standard
1220 * Output: the new aceMask field for an smb nfs4 ace
1222 static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx)
1224 const uint32 posix_nfs4map[3] = {
1225 SMB_ACE4_EXECUTE, /* execute */
1226 SMB_ACE4_WRITE_DATA | SMB_ACE4_APPEND_DATA, /* write; GPFS specific */
1227 SMB_ACE4_READ_DATA /* read */
1230 uint32_t posix_mask = 0x01;
1234 for(i=0; i<3; i++) {
1235 nfs4_bits = posix_nfs4map[i];
1236 posix_bit = rwx & posix_mask;
1238 if (aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) {
1240 aceMask |= nfs4_bits;
1242 aceMask &= ~nfs4_bits;
1244 /* add deny bits when suitable */
1246 aceMask |= nfs4_bits;
1248 aceMask &= ~nfs4_bits;
1249 } /* other ace types are unexpected */
1257 static int gpfsacl_emu_chmod(vfs_handle_struct *handle,
1258 const char *path, mode_t mode)
1260 SMB4ACL_T *pacl = NULL;
1262 bool haveAllowEntry[SMB_ACE4_WHO_EVERYONE + 1] = {False, False, False, False};
1264 files_struct fake_fsp; /* TODO: rationalize parametrization */
1266 TALLOC_CTX *frame = talloc_stackframe();
1268 DEBUG(10, ("gpfsacl_emu_chmod invoked for %s mode %o\n", path, mode));
1270 result = gpfs_get_nfs4_acl(frame, path, &pacl);
1276 if (mode & ~(S_IRWXU | S_IRWXG | S_IRWXO)) {
1277 DEBUG(2, ("WARNING: cutting extra mode bits %o on %s\n", mode, path));
1280 for (smbace=smb_first_ace4(pacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) {
1281 SMB_ACE4PROP_T *ace = smb_get_ace4(smbace);
1282 uint32_t specid = ace->who.special_id;
1284 if (ace->flags&SMB_ACE4_ID_SPECIAL &&
1285 ace->aceType<=SMB_ACE4_ACCESS_DENIED_ACE_TYPE &&
1286 specid <= SMB_ACE4_WHO_EVERYONE) {
1290 if (ace->aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE)
1291 haveAllowEntry[specid] = True;
1293 /* mode >> 6 for @owner, mode >> 3 for @group,
1294 * mode >> 0 for @everyone */
1295 newMask = gpfsacl_mask_filter(ace->aceType, ace->aceMask,
1296 mode >> ((SMB_ACE4_WHO_EVERYONE - specid) * 3));
1297 if (ace->aceMask!=newMask) {
1298 DEBUG(10, ("ace changed for %s (%o -> %o) id=%d\n",
1299 path, ace->aceMask, newMask, specid));
1301 ace->aceMask = newMask;
1305 /* make sure we have at least ALLOW entries
1306 * for all the 3 special ids (@EVERYONE, @OWNER, @GROUP)
1309 for(i = SMB_ACE4_WHO_OWNER; i<=SMB_ACE4_WHO_EVERYONE; i++) {
1312 if (haveAllowEntry[i]==True)
1316 ace.aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE;
1317 ace.flags |= SMB_ACE4_ID_SPECIAL;
1318 ace.who.special_id = i;
1320 if (i==SMB_ACE4_WHO_GROUP) /* not sure it's necessary... */
1321 ace.aceFlags |= SMB_ACE4_IDENTIFIER_GROUP;
1323 ace.aceMask = gpfsacl_mask_filter(ace.aceType, ace.aceMask,
1324 mode >> ((SMB_ACE4_WHO_EVERYONE - i) * 3));
1326 /* don't add unnecessary aces */
1330 /* we add it to the END - as windows expects allow aces */
1331 smb_add_ace4(pacl, &ace);
1332 DEBUG(10, ("Added ALLOW ace for %s, mode=%o, id=%d, aceMask=%x\n",
1333 path, mode, i, ace.aceMask));
1336 /* don't add complementary DENY ACEs here */
1337 ZERO_STRUCT(fake_fsp);
1338 fake_fsp.fsp_name = synthetic_smb_fname(
1339 frame, path, NULL, NULL);
1340 if (fake_fsp.fsp_name == NULL) {
1346 if (gpfsacl_process_smbacl(handle, &fake_fsp, pacl) == False) {
1352 return 0; /* ok for [f]chmod */
1355 static int vfs_gpfs_chmod(vfs_handle_struct *handle, const char *path, mode_t mode)
1357 struct smb_filename *smb_fname_cpath;
1360 smb_fname_cpath = synthetic_smb_fname(talloc_tos(), path, NULL, NULL);
1361 if (smb_fname_cpath == NULL) {
1366 if (SMB_VFS_NEXT_STAT(handle, smb_fname_cpath) != 0) {
1370 /* avoid chmod() if possible, to preserve acls */
1371 if ((smb_fname_cpath->st.st_ex_mode & ~S_IFMT) == mode) {
1375 rc = gpfsacl_emu_chmod(handle, path, mode);
1377 return SMB_VFS_NEXT_CHMOD(handle, path, mode);
1381 static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t mode)
1386 if (SMB_VFS_NEXT_FSTAT(handle, fsp, &st) != 0) {
1390 /* avoid chmod() if possible, to preserve acls */
1391 if ((st.st_ex_mode & ~S_IFMT) == mode) {
1395 rc = gpfsacl_emu_chmod(handle, fsp->fsp_name->base_name,
1398 return SMB_VFS_NEXT_FCHMOD(handle, fsp, mode);
1402 static int gpfs_set_xattr(struct vfs_handle_struct *handle, const char *path,
1403 const char *name, const void *value, size_t size, int flags){
1404 struct xattr_DOSATTRIB dosattrib;
1405 enum ndr_err_code ndr_err;
1407 unsigned int dosmode=0;
1408 struct gpfs_winattr attrs;
1410 struct gpfs_config_data *config;
1412 SMB_VFS_HANDLE_GET_DATA(handle, config,
1413 struct gpfs_config_data,
1416 if (!config->winattr) {
1417 DEBUG(10, ("gpfs_set_xattr:name is %s -> next\n",name));
1418 return SMB_VFS_NEXT_SETXATTR(handle,path,name,value,size,flags);
1421 DEBUG(10, ("gpfs_set_xattr: %s \n",path));
1423 /* Only handle DOS Attributes */
1424 if (strcmp(name,SAMBA_XATTR_DOS_ATTRIB) != 0){
1425 DEBUG(5, ("gpfs_set_xattr:name is %s\n",name));
1426 return SMB_VFS_NEXT_SETXATTR(handle,path,name,value,size,flags);
1429 blob.data = discard_const_p(uint8_t, value);
1432 ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), &dosattrib,
1433 (ndr_pull_flags_fn_t)ndr_pull_xattr_DOSATTRIB);
1435 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1436 DEBUG(1, ("gpfs_set_xattr: bad ndr decode "
1437 "from EA on file %s: Error = %s\n",
1438 path, ndr_errstr(ndr_err)));
1442 if (dosattrib.version != 3) {
1443 DEBUG(1, ("gpfs_set_xattr: expected dosattrib version 3, got "
1444 "%d\n", (int)dosattrib.version));
1447 if (!(dosattrib.info.info3.valid_flags & XATTR_DOSINFO_ATTRIB)) {
1448 DEBUG(10, ("gpfs_set_xattr: XATTR_DOSINFO_ATTRIB not "
1449 "valid, ignoring\n"));
1453 dosmode = dosattrib.info.info3.attrib;
1456 /*Just map RD_ONLY, ARCHIVE, SYSTEM HIDDEN and SPARSE. Ignore the others*/
1457 if (dosmode & FILE_ATTRIBUTE_ARCHIVE){
1458 attrs.winAttrs |= GPFS_WINATTR_ARCHIVE;
1460 if (dosmode & FILE_ATTRIBUTE_HIDDEN){
1461 attrs.winAttrs |= GPFS_WINATTR_HIDDEN;
1463 if (dosmode & FILE_ATTRIBUTE_SYSTEM){
1464 attrs.winAttrs |= GPFS_WINATTR_SYSTEM;
1466 if (dosmode & FILE_ATTRIBUTE_READONLY){
1467 attrs.winAttrs |= GPFS_WINATTR_READONLY;
1469 if (dosmode & FILE_ATTRIBUTE_SPARSE) {
1470 attrs.winAttrs |= GPFS_WINATTR_SPARSE_FILE;
1474 ret = gpfswrap_set_winattrs_path(discard_const_p(char, path),
1475 GPFS_WINATTR_SET_ATTRS, &attrs);
1477 if (errno == ENOSYS) {
1478 return SMB_VFS_NEXT_SETXATTR(handle, path, name, value,
1482 DEBUG(1, ("gpfs_set_xattr:Set GPFS attributes failed %d\n",ret));
1486 DEBUG(10, ("gpfs_set_xattr:Set attributes: 0x%x\n",attrs.winAttrs));
1490 static ssize_t gpfs_get_xattr(struct vfs_handle_struct *handle, const char *path,
1491 const char *name, void *value, size_t size){
1492 char *attrstr = value;
1493 unsigned int dosmode = 0;
1494 struct gpfs_winattr attrs;
1496 struct gpfs_config_data *config;
1498 SMB_VFS_HANDLE_GET_DATA(handle, config,
1499 struct gpfs_config_data,
1502 if (!config->winattr) {
1503 DEBUG(10, ("gpfs_get_xattr:name is %s -> next\n",name));
1504 return SMB_VFS_NEXT_GETXATTR(handle,path,name,value,size);
1507 DEBUG(10, ("gpfs_get_xattr: %s \n",path));
1509 /* Only handle DOS Attributes */
1510 if (strcmp(name,SAMBA_XATTR_DOS_ATTRIB) != 0){
1511 DEBUG(5, ("gpfs_get_xattr:name is %s\n",name));
1512 return SMB_VFS_NEXT_GETXATTR(handle,path,name,value,size);
1515 ret = gpfswrap_get_winattrs_path(discard_const_p(char, path), &attrs);
1519 if (errno == ENOSYS) {
1520 return SMB_VFS_NEXT_GETXATTR(handle, path, name, value,
1524 if (errno != EPERM && errno != EACCES) {
1529 DEBUG(dbg_lvl, ("gpfs_get_xattr: Get GPFS attributes failed: "
1530 "%d (%s)\n", ret, strerror(errno)));
1534 DEBUG(10, ("gpfs_get_xattr:Got attributes: 0x%x\n",attrs.winAttrs));
1536 /*Just map RD_ONLY, ARCHIVE, SYSTEM, HIDDEN and SPARSE. Ignore the others*/
1537 if (attrs.winAttrs & GPFS_WINATTR_ARCHIVE){
1538 dosmode |= FILE_ATTRIBUTE_ARCHIVE;
1540 if (attrs.winAttrs & GPFS_WINATTR_HIDDEN){
1541 dosmode |= FILE_ATTRIBUTE_HIDDEN;
1543 if (attrs.winAttrs & GPFS_WINATTR_SYSTEM){
1544 dosmode |= FILE_ATTRIBUTE_SYSTEM;
1546 if (attrs.winAttrs & GPFS_WINATTR_READONLY){
1547 dosmode |= FILE_ATTRIBUTE_READONLY;
1549 if (attrs.winAttrs & GPFS_WINATTR_SPARSE_FILE) {
1550 dosmode |= FILE_ATTRIBUTE_SPARSE;
1553 snprintf(attrstr, size, "0x%2.2x",
1554 (unsigned int)(dosmode & SAMBA_ATTRIBUTES_MASK));
1555 DEBUG(10, ("gpfs_get_xattr: returning %s\n",attrstr));
1559 #if defined(HAVE_FSTATAT)
1560 static int stat_with_capability(struct vfs_handle_struct *handle,
1561 struct smb_filename *smb_fname, int flag)
1566 const char *rel_name = NULL;
1570 b = parent_dirname(talloc_tos(), smb_fname->base_name,
1571 &dir_name, &rel_name);
1577 fd = open(dir_name, O_RDONLY, 0);
1578 TALLOC_FREE(dir_name);
1583 set_effective_capability(DAC_OVERRIDE_CAPABILITY);
1584 ret = fstatat(fd, rel_name, &st, flag);
1585 drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
1590 init_stat_ex_from_stat(
1591 &smb_fname->st, &st,
1592 lp_fake_directory_create_times(SNUM(handle->conn)));
1599 static int vfs_gpfs_stat(struct vfs_handle_struct *handle,
1600 struct smb_filename *smb_fname)
1602 struct gpfs_winattr attrs;
1606 struct gpfs_config_data *config;
1608 SMB_VFS_HANDLE_GET_DATA(handle, config,
1609 struct gpfs_config_data,
1612 ret = SMB_VFS_NEXT_STAT(handle, smb_fname);
1613 #if defined(HAVE_FSTATAT)
1614 if (ret == -1 && errno == EACCES) {
1615 DEBUG(10, ("Trying stat with capability for %s\n",
1616 smb_fname->base_name));
1617 ret = stat_with_capability(handle, smb_fname, 0);
1624 if (!config->winattr) {
1628 status = get_full_smb_filename(talloc_tos(), smb_fname, &fname);
1629 if (!NT_STATUS_IS_OK(status)) {
1630 errno = map_errno_from_nt_status(status);
1633 ret = gpfswrap_get_winattrs_path(discard_const_p(char, fname), &attrs);
1636 smb_fname->st.st_ex_calculated_birthtime = false;
1637 smb_fname->st.st_ex_btime.tv_sec = attrs.creationTime.tv_sec;
1638 smb_fname->st.st_ex_btime.tv_nsec = attrs.creationTime.tv_nsec;
1643 static int vfs_gpfs_fstat(struct vfs_handle_struct *handle,
1644 struct files_struct *fsp, SMB_STRUCT_STAT *sbuf)
1646 struct gpfs_winattr attrs;
1648 struct gpfs_config_data *config;
1650 SMB_VFS_HANDLE_GET_DATA(handle, config,
1651 struct gpfs_config_data,
1654 ret = SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf);
1658 if ((fsp->fh == NULL) || (fsp->fh->fd == -1)) {
1661 if (!config->winattr) {
1665 ret = gpfswrap_get_winattrs(fsp->fh->fd, &attrs);
1667 sbuf->st_ex_calculated_birthtime = false;
1668 sbuf->st_ex_btime.tv_sec = attrs.creationTime.tv_sec;
1669 sbuf->st_ex_btime.tv_nsec = attrs.creationTime.tv_nsec;
1674 static int vfs_gpfs_lstat(struct vfs_handle_struct *handle,
1675 struct smb_filename *smb_fname)
1677 struct gpfs_winattr attrs;
1681 struct gpfs_config_data *config;
1683 SMB_VFS_HANDLE_GET_DATA(handle, config,
1684 struct gpfs_config_data,
1687 ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
1688 #if defined(HAVE_FSTATAT)
1689 if (ret == -1 && errno == EACCES) {
1690 DEBUG(10, ("Trying lstat with capability for %s\n",
1691 smb_fname->base_name));
1692 ret = stat_with_capability(handle, smb_fname,
1693 AT_SYMLINK_NOFOLLOW);
1700 if (!config->winattr) {
1704 status = get_full_smb_filename(talloc_tos(), smb_fname, &path);
1705 if (!NT_STATUS_IS_OK(status)) {
1706 errno = map_errno_from_nt_status(status);
1709 ret = gpfswrap_get_winattrs_path(discard_const_p(char, path), &attrs);
1712 smb_fname->st.st_ex_calculated_birthtime = false;
1713 smb_fname->st.st_ex_btime.tv_sec = attrs.creationTime.tv_sec;
1714 smb_fname->st.st_ex_btime.tv_nsec = attrs.creationTime.tv_nsec;
1719 static int vfs_gpfs_ntimes(struct vfs_handle_struct *handle,
1720 const struct smb_filename *smb_fname,
1721 struct smb_file_time *ft)
1724 struct gpfs_winattr attrs;
1728 struct gpfs_config_data *config;
1730 SMB_VFS_HANDLE_GET_DATA(handle, config,
1731 struct gpfs_config_data,
1734 status = get_full_smb_filename(talloc_tos(), smb_fname, &path);
1735 if (!NT_STATUS_IS_OK(status)) {
1736 errno = map_errno_from_nt_status(status);
1740 /* Try to use gpfs_set_times if it is enabled and available */
1741 if (config->settimes) {
1742 ret = smbd_gpfs_set_times_path(path, ft);
1744 if (ret == 0 || (ret == -1 && errno != ENOSYS)) {
1749 DEBUG(10,("gpfs_set_times() not available or disabled, "
1750 "use ntimes and winattr\n"));
1752 ret = SMB_VFS_NEXT_NTIMES(handle, smb_fname, ft);
1754 /* don't complain if access was denied */
1755 if (errno != EPERM && errno != EACCES) {
1756 DEBUG(1,("vfs_gpfs_ntimes: SMB_VFS_NEXT_NTIMES failed:"
1757 "%s", strerror(errno)));
1762 if(null_timespec(ft->create_time)){
1763 DEBUG(10,("vfs_gpfs_ntimes:Create Time is NULL\n"));
1767 if (!config->winattr) {
1772 attrs.creationTime.tv_sec = ft->create_time.tv_sec;
1773 attrs.creationTime.tv_nsec = ft->create_time.tv_nsec;
1775 ret = gpfswrap_set_winattrs_path(discard_const_p(char, path),
1776 GPFS_WINATTR_SET_CREATION_TIME,
1778 if(ret == -1 && errno != ENOSYS){
1779 DEBUG(1,("vfs_gpfs_ntimes: set GPFS ntimes failed %d\n",ret));
1786 static int vfs_gpfs_fallocate(struct vfs_handle_struct *handle,
1787 struct files_struct *fsp, enum vfs_fallocate_mode mode,
1788 off_t offset, off_t len)
1791 struct gpfs_config_data *config;
1793 SMB_VFS_HANDLE_GET_DATA(handle, config,
1794 struct gpfs_config_data,
1797 if (!config->prealloc) {
1798 /* you should better not run fallocate() on GPFS at all */
1803 if (mode == VFS_FALLOCATE_KEEP_SIZE) {
1804 DEBUG(10, ("Unsupported VFS_FALLOCATE_KEEP_SIZE\n"));
1809 ret = gpfswrap_prealloc(fsp->fh->fd, offset, len);
1811 if (ret == -1 && errno != ENOSYS) {
1812 DEBUG(0, ("GPFS prealloc failed: %s\n", strerror(errno)));
1813 } else if (ret == -1 && errno == ENOSYS) {
1814 DEBUG(10, ("GPFS prealloc not supported.\n"));
1816 DEBUG(10, ("GPFS prealloc succeeded.\n"));
1822 static int vfs_gpfs_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
1826 struct gpfs_config_data *config;
1828 SMB_VFS_HANDLE_GET_DATA(handle, config,
1829 struct gpfs_config_data,
1832 if (!config->ftruncate) {
1833 return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1836 result = gpfswrap_ftruncate(fsp->fh->fd, len);
1837 if ((result == -1) && (errno == ENOSYS)) {
1838 return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1843 static bool vfs_gpfs_is_offline(struct vfs_handle_struct *handle,
1844 const struct smb_filename *fname,
1845 SMB_STRUCT_STAT *sbuf)
1847 struct gpfs_winattr attrs;
1850 struct gpfs_config_data *config;
1853 SMB_VFS_HANDLE_GET_DATA(handle, config,
1854 struct gpfs_config_data,
1857 if (!config->winattr) {
1858 return SMB_VFS_NEXT_IS_OFFLINE(handle, fname, sbuf);
1861 status = get_full_smb_filename(talloc_tos(), fname, &path);
1862 if (!NT_STATUS_IS_OK(status)) {
1863 errno = map_errno_from_nt_status(status);
1867 ret = gpfswrap_get_winattrs_path(path, &attrs);
1873 if ((attrs.winAttrs & GPFS_WINATTR_OFFLINE) != 0) {
1874 DEBUG(10, ("%s is offline\n", path));
1878 DEBUG(10, ("%s is online\n", path));
1880 return SMB_VFS_NEXT_IS_OFFLINE(handle, fname, sbuf);
1883 static bool vfs_gpfs_aio_force(struct vfs_handle_struct *handle,
1884 struct files_struct *fsp)
1886 return vfs_gpfs_is_offline(handle, fsp->fsp_name, &fsp->fsp_name->st);
1889 static ssize_t vfs_gpfs_sendfile(vfs_handle_struct *handle, int tofd,
1890 files_struct *fsp, const DATA_BLOB *hdr,
1891 off_t offset, size_t n)
1893 if (SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name, &fsp->fsp_name->st))
1898 return SMB_VFS_NEXT_SENDFILE(handle, tofd, fsp, hdr, offset, n);
1901 static int vfs_gpfs_connect(struct vfs_handle_struct *handle,
1902 const char *service, const char *user)
1904 struct gpfs_config_data *config;
1907 gpfswrap_lib_init(0);
1909 config = talloc_zero(handle->conn, struct gpfs_config_data);
1911 DEBUG(0, ("talloc_zero() failed\n"));
1916 ret = SMB_VFS_NEXT_CONNECT(handle, service, user);
1918 TALLOC_FREE(config);
1922 config->sharemodes = lp_parm_bool(SNUM(handle->conn), "gpfs",
1923 "sharemodes", true);
1925 config->leases = lp_parm_bool(SNUM(handle->conn), "gpfs",
1928 config->hsm = lp_parm_bool(SNUM(handle->conn), "gpfs",
1931 config->syncio = lp_parm_bool(SNUM(handle->conn), "gpfs",
1934 config->winattr = lp_parm_bool(SNUM(handle->conn), "gpfs",
1937 config->ftruncate = lp_parm_bool(SNUM(handle->conn), "gpfs",
1940 config->getrealfilename = lp_parm_bool(SNUM(handle->conn), "gpfs",
1941 "getrealfilename", true);
1943 config->dfreequota = lp_parm_bool(SNUM(handle->conn), "gpfs",
1944 "dfreequota", false);
1946 config->prealloc = lp_parm_bool(SNUM(handle->conn), "gpfs",
1949 config->acl = lp_parm_bool(SNUM(handle->conn), "gpfs", "acl", true);
1951 config->settimes = lp_parm_bool(SNUM(handle->conn), "gpfs",
1953 config->recalls = lp_parm_bool(SNUM(handle->conn), "gpfs",
1956 SMB_VFS_HANDLE_SET_DATA(handle, config,
1957 NULL, struct gpfs_config_data,
1960 if (config->leases) {
1962 * GPFS lease code is based on kernel oplock code
1963 * so make sure it is turned on
1965 if (!lp_kernel_oplocks(SNUM(handle->conn))) {
1966 DEBUG(5, ("Enabling kernel oplocks for "
1967 "gpfs:leases to work\n"));
1968 lp_do_parameter(SNUM(handle->conn), "kernel oplocks",
1973 * as the kernel does not properly support Level II oplocks
1974 * and GPFS leases code is based on kernel infrastructure, we
1975 * need to turn off Level II oplocks if gpfs:leases is enabled
1977 if (lp_level2_oplocks(SNUM(handle->conn))) {
1978 DEBUG(5, ("gpfs:leases are enabled, disabling "
1979 "Level II oplocks\n"));
1980 lp_do_parameter(SNUM(handle->conn), "level2 oplocks",
1988 static int vfs_gpfs_get_quotas(const char *path, uid_t uid, gid_t gid,
1990 struct gpfs_quotaInfo *qi_user,
1991 struct gpfs_quotaInfo *qi_group,
1992 struct gpfs_quotaInfo *qi_fset)
1999 * We want to always use the directory to get the fileset id,
2000 * because files might have a share mode. We also do not want
2001 * to get the parent directory when there is already a
2002 * directory to avoid stepping in a different fileset. The
2003 * path passed here is currently either "." or a filename, so
2004 * this is ok. The proper solution would be having a way to
2005 * query the fileset id without opening the file.
2007 b = parent_dirname(talloc_tos(), path, &dir_path, NULL);
2013 DEBUG(10, ("path %s, directory %s\n", path, dir_path));
2015 err = get_gpfs_fset_id(dir_path, fset_id);
2017 DEBUG(0, ("Get fset id failed path %s, dir %s, errno %d.\n",
2018 path, dir_path, errno));
2022 err = get_gpfs_quota(path, GPFS_USRQUOTA, uid, qi_user);
2027 err = get_gpfs_quota(path, GPFS_GRPQUOTA, gid, qi_group);
2032 err = get_gpfs_quota(path, GPFS_FILESETQUOTA, *fset_id, qi_fset);
2040 static void vfs_gpfs_disk_free_quota(struct gpfs_quotaInfo qi, time_t cur_time,
2041 uint64_t *dfree, uint64_t *dsize)
2043 uint64_t usage, limit;
2046 * The quota reporting is done in units of 1024 byte blocks, but
2047 * sys_fsusage uses units of 512 byte blocks, adjust the block number
2048 * accordingly. Also filter possibly negative usage counts from gpfs.
2050 usage = qi.blockUsage < 0 ? 0 : (uint64_t)qi.blockUsage * 2;
2051 limit = (uint64_t)qi.blockHardLimit * 2;
2054 * When the grace time for the exceeded soft block quota has been
2055 * exceeded, the soft block quota becomes an additional hard limit.
2057 if (qi.blockSoftLimit &&
2058 qi.blockGraceTime && cur_time > qi.blockGraceTime) {
2059 /* report disk as full */
2061 *dsize = MIN(*dsize, usage);
2064 if (!qi.blockHardLimit)
2067 if (usage >= limit) {
2068 /* report disk as full */
2070 *dsize = MIN(*dsize, usage);
2073 /* limit has not been reached, determine "free space" */
2074 *dfree = MIN(*dfree, limit - usage);
2075 *dsize = MIN(*dsize, limit);
2079 static uint64_t vfs_gpfs_disk_free(vfs_handle_struct *handle, const char *path,
2081 uint64_t *dfree, uint64_t *dsize)
2083 struct security_unix_token *utok;
2084 struct gpfs_quotaInfo qi_user, qi_group, qi_fset;
2085 struct gpfs_config_data *config;
2089 SMB_VFS_HANDLE_GET_DATA(handle, config, struct gpfs_config_data,
2090 return (uint64_t)-1);
2091 if (!config->dfreequota) {
2092 return SMB_VFS_NEXT_DISK_FREE(handle, path,
2093 bsize, dfree, dsize);
2096 err = sys_fsusage(path, dfree, dsize);
2098 DEBUG (0, ("Could not get fs usage, errno %d\n", errno));
2099 return SMB_VFS_NEXT_DISK_FREE(handle, path,
2100 bsize, dfree, dsize);
2103 /* sys_fsusage returns units of 512 bytes */
2106 DEBUG(10, ("fs dfree %llu, dsize %llu\n",
2107 (unsigned long long)*dfree, (unsigned long long)*dsize));
2109 utok = handle->conn->session_info->unix_token;
2110 err = vfs_gpfs_get_quotas(path, utok->uid, utok->gid, &fset_id,
2111 &qi_user, &qi_group, &qi_fset);
2113 return SMB_VFS_NEXT_DISK_FREE(handle, path,
2114 bsize, dfree, dsize);
2117 cur_time = time(NULL);
2119 /* Adjust free space and size according to quota limits. */
2120 vfs_gpfs_disk_free_quota(qi_user, cur_time, dfree, dsize);
2121 vfs_gpfs_disk_free_quota(qi_group, cur_time, dfree, dsize);
2123 /* Id 0 indicates the default quota, not an actual quota */
2125 vfs_gpfs_disk_free_quota(qi_fset, cur_time, dfree, dsize);
2128 disk_norm(bsize, dfree, dsize);
2132 static uint32_t vfs_gpfs_capabilities(struct vfs_handle_struct *handle,
2133 enum timestamp_set_resolution *p_ts_res)
2135 struct gpfs_config_data *config;
2138 next = SMB_VFS_NEXT_FS_CAPABILITIES(handle, p_ts_res);
2140 SMB_VFS_HANDLE_GET_DATA(handle, config,
2141 struct gpfs_config_data,
2145 next |= FILE_SUPPORTS_REMOTE_STORAGE;
2150 static int vfs_gpfs_open(struct vfs_handle_struct *handle,
2151 struct smb_filename *smb_fname, files_struct *fsp,
2152 int flags, mode_t mode)
2154 struct gpfs_config_data *config;
2156 SMB_VFS_HANDLE_GET_DATA(handle, config,
2157 struct gpfs_config_data,
2160 if (config->hsm && !config->recalls) {
2161 if (SMB_VFS_IS_OFFLINE(handle->conn, smb_fname, &smb_fname->st))
2163 DEBUG(10, ("Refusing access to offline file %s\n",
2170 if (config->syncio) {
2173 return SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
2176 static ssize_t vfs_gpfs_pread(vfs_handle_struct *handle, files_struct *fsp,
2177 void *data, size_t n, off_t offset)
2182 was_offline = SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name,
2183 &fsp->fsp_name->st);
2185 ret = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset);
2187 if ((ret != -1) && was_offline) {
2188 notify_fname(handle->conn, NOTIFY_ACTION_MODIFIED,
2189 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2190 fsp->fsp_name->base_name);
2196 struct vfs_gpfs_pread_state {
2197 struct files_struct *fsp;
2203 static void vfs_gpfs_pread_done(struct tevent_req *subreq);
2205 static struct tevent_req *vfs_gpfs_pread_send(struct vfs_handle_struct *handle,
2206 TALLOC_CTX *mem_ctx,
2207 struct tevent_context *ev,
2208 struct files_struct *fsp,
2209 void *data, size_t n,
2212 struct tevent_req *req, *subreq;
2213 struct vfs_gpfs_pread_state *state;
2215 req = tevent_req_create(mem_ctx, &state, struct vfs_gpfs_pread_state);
2219 state->was_offline = SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name,
2220 &fsp->fsp_name->st);
2222 subreq = SMB_VFS_NEXT_PREAD_SEND(state, ev, handle, fsp, data,
2224 if (tevent_req_nomem(subreq, req)) {
2225 return tevent_req_post(req, ev);
2227 tevent_req_set_callback(subreq, vfs_gpfs_pread_done, req);
2231 static void vfs_gpfs_pread_done(struct tevent_req *subreq)
2233 struct tevent_req *req = tevent_req_callback_data(
2234 subreq, struct tevent_req);
2235 struct vfs_gpfs_pread_state *state = tevent_req_data(
2236 req, struct vfs_gpfs_pread_state);
2238 state->ret = SMB_VFS_PREAD_RECV(subreq, &state->err);
2239 TALLOC_FREE(subreq);
2240 tevent_req_done(req);
2243 static ssize_t vfs_gpfs_pread_recv(struct tevent_req *req, int *err)
2245 struct vfs_gpfs_pread_state *state = tevent_req_data(
2246 req, struct vfs_gpfs_pread_state);
2247 struct files_struct *fsp = state->fsp;
2249 if (tevent_req_is_unix_error(req, err)) {
2254 if ((state->ret != -1) && state->was_offline) {
2255 DEBUG(10, ("sending notify\n"));
2256 notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
2257 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2258 fsp->fsp_name->base_name);
2264 static ssize_t vfs_gpfs_pwrite(vfs_handle_struct *handle, files_struct *fsp,
2265 const void *data, size_t n, off_t offset)
2270 was_offline = SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name,
2271 &fsp->fsp_name->st);
2273 ret = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
2275 if ((ret != -1) && was_offline) {
2276 notify_fname(handle->conn, NOTIFY_ACTION_MODIFIED,
2277 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2278 fsp->fsp_name->base_name);
2284 struct vfs_gpfs_pwrite_state {
2285 struct files_struct *fsp;
2291 static void vfs_gpfs_pwrite_done(struct tevent_req *subreq);
2293 static struct tevent_req *vfs_gpfs_pwrite_send(
2294 struct vfs_handle_struct *handle,
2295 TALLOC_CTX *mem_ctx,
2296 struct tevent_context *ev,
2297 struct files_struct *fsp,
2298 const void *data, size_t n,
2301 struct tevent_req *req, *subreq;
2302 struct vfs_gpfs_pwrite_state *state;
2304 req = tevent_req_create(mem_ctx, &state, struct vfs_gpfs_pwrite_state);
2308 state->was_offline = SMB_VFS_IS_OFFLINE(handle->conn, fsp->fsp_name,
2309 &fsp->fsp_name->st);
2311 subreq = SMB_VFS_NEXT_PWRITE_SEND(state, ev, handle, fsp, data,
2313 if (tevent_req_nomem(subreq, req)) {
2314 return tevent_req_post(req, ev);
2316 tevent_req_set_callback(subreq, vfs_gpfs_pwrite_done, req);
2320 static void vfs_gpfs_pwrite_done(struct tevent_req *subreq)
2322 struct tevent_req *req = tevent_req_callback_data(
2323 subreq, struct tevent_req);
2324 struct vfs_gpfs_pwrite_state *state = tevent_req_data(
2325 req, struct vfs_gpfs_pwrite_state);
2327 state->ret = SMB_VFS_PWRITE_RECV(subreq, &state->err);
2328 TALLOC_FREE(subreq);
2329 tevent_req_done(req);
2332 static ssize_t vfs_gpfs_pwrite_recv(struct tevent_req *req, int *err)
2334 struct vfs_gpfs_pwrite_state *state = tevent_req_data(
2335 req, struct vfs_gpfs_pwrite_state);
2336 struct files_struct *fsp = state->fsp;
2338 if (tevent_req_is_unix_error(req, err)) {
2343 if ((state->ret != -1) && state->was_offline) {
2344 DEBUG(10, ("sending notify\n"));
2345 notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
2346 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2347 fsp->fsp_name->base_name);
2354 static struct vfs_fn_pointers vfs_gpfs_fns = {
2355 .connect_fn = vfs_gpfs_connect,
2356 .disk_free_fn = vfs_gpfs_disk_free,
2357 .fs_capabilities_fn = vfs_gpfs_capabilities,
2358 .kernel_flock_fn = vfs_gpfs_kernel_flock,
2359 .linux_setlease_fn = vfs_gpfs_setlease,
2360 .get_real_filename_fn = vfs_gpfs_get_real_filename,
2361 .fget_nt_acl_fn = gpfsacl_fget_nt_acl,
2362 .get_nt_acl_fn = gpfsacl_get_nt_acl,
2363 .fset_nt_acl_fn = gpfsacl_fset_nt_acl,
2364 .sys_acl_get_file_fn = gpfsacl_sys_acl_get_file,
2365 .sys_acl_get_fd_fn = gpfsacl_sys_acl_get_fd,
2366 .sys_acl_blob_get_file_fn = gpfsacl_sys_acl_blob_get_file,
2367 .sys_acl_blob_get_fd_fn = gpfsacl_sys_acl_blob_get_fd,
2368 .sys_acl_set_file_fn = gpfsacl_sys_acl_set_file,
2369 .sys_acl_set_fd_fn = gpfsacl_sys_acl_set_fd,
2370 .sys_acl_delete_def_file_fn = gpfsacl_sys_acl_delete_def_file,
2371 .chmod_fn = vfs_gpfs_chmod,
2372 .fchmod_fn = vfs_gpfs_fchmod,
2373 .close_fn = vfs_gpfs_close,
2374 .setxattr_fn = gpfs_set_xattr,
2375 .getxattr_fn = gpfs_get_xattr,
2376 .stat_fn = vfs_gpfs_stat,
2377 .fstat_fn = vfs_gpfs_fstat,
2378 .lstat_fn = vfs_gpfs_lstat,
2379 .ntimes_fn = vfs_gpfs_ntimes,
2380 .is_offline_fn = vfs_gpfs_is_offline,
2381 .aio_force_fn = vfs_gpfs_aio_force,
2382 .sendfile_fn = vfs_gpfs_sendfile,
2383 .fallocate_fn = vfs_gpfs_fallocate,
2384 .open_fn = vfs_gpfs_open,
2385 .pread_fn = vfs_gpfs_pread,
2386 .pread_send_fn = vfs_gpfs_pread_send,
2387 .pread_recv_fn = vfs_gpfs_pread_recv,
2388 .pwrite_fn = vfs_gpfs_pwrite,
2389 .pwrite_send_fn = vfs_gpfs_pwrite_send,
2390 .pwrite_recv_fn = vfs_gpfs_pwrite_recv,
2391 .ftruncate_fn = vfs_gpfs_ftruncate
2394 NTSTATUS vfs_gpfs_init(void);
2395 NTSTATUS vfs_gpfs_init(void)
2399 ret = gpfswrap_init();
2401 DEBUG(1, ("Could not initialize GPFS library wrapper\n"));
2404 return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "gpfs",