2 Unix SMB/CIFS implementation.
3 Wrap gpfs calls in vfs functions.
5 Copyright (C) Christian Ambach <cambach1@de.ibm.com> 2006
7 Major code contributions by Chetan Shringarpure <chetan.sh@in.ibm.com>
8 and Gomati Mohanan <gomati.mohanan@in.ibm.com>
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "smbd/smbd.h"
26 #include "librpc/gen_ndr/ndr_xattr.h"
27 #include "include/smbprofile.h"
28 #include "modules/non_posix_acls.h"
31 #define DBGC_CLASS DBGC_VFS
34 #include "nfs4_acls.h"
36 #include "system/filesys.h"
38 #include "lib/util/tevent_unix.h"
40 struct gpfs_config_data {
55 static inline unsigned int gpfs_acl_flags(gpfs_acl_t *gacl)
57 if (gacl->acl_level == 1) { /* GPFS_ACL_LEVEL_V4FLAGS */
58 /* gacl->v4Level1.acl_flags requires gpfs 3.5 */
59 return *(unsigned int *)&gacl->ace_v4;
64 static inline gpfs_ace_v4_t *gpfs_ace_ptr(gpfs_acl_t *gacl, unsigned int i)
66 if (gacl->acl_level == 1) { /* GPFS_ACL_LEVEL_V4FLAGS */
67 /* &gacl->v4Level1.ace_v4[i] requires gpfs 3.5 */
68 char *ptr = (char *)&gacl->ace_v4[i] + sizeof(unsigned int);
69 return (gpfs_ace_v4_t *)ptr;
71 return &gacl->ace_v4[i];
74 static int vfs_gpfs_kernel_flock(vfs_handle_struct *handle, files_struct *fsp,
75 uint32 share_mode, uint32 access_mask)
78 struct gpfs_config_data *config;
81 SMB_VFS_HANDLE_GET_DATA(handle, config,
82 struct gpfs_config_data,
85 if(!config->sharemodes) {
89 START_PROFILE(syscall_kernel_flock);
91 kernel_flock(fsp->fh->fd, share_mode, access_mask);
93 if (!set_gpfs_sharemode(fsp, access_mask, fsp->share_access)) {
97 END_PROFILE(syscall_kernel_flock);
102 static int vfs_gpfs_close(vfs_handle_struct *handle, files_struct *fsp)
105 struct gpfs_config_data *config;
107 SMB_VFS_HANDLE_GET_DATA(handle, config,
108 struct gpfs_config_data,
111 if (config->sharemodes && (fsp->fh != NULL) && (fsp->fh->fd != -1)) {
112 set_gpfs_sharemode(fsp, 0, 0);
115 return SMB_VFS_NEXT_CLOSE(handle, fsp);
118 static int vfs_gpfs_setlease(vfs_handle_struct *handle, files_struct *fsp,
121 struct gpfs_config_data *config;
124 SMB_VFS_HANDLE_GET_DATA(handle, config,
125 struct gpfs_config_data,
128 if (linux_set_lease_sighandler(fsp->fh->fd) == -1)
131 START_PROFILE(syscall_linux_setlease);
133 if (config->leases) {
135 * Ensure the lease owner is root to allow
136 * correct delivery of lease-break signals.
139 ret = set_gpfs_lease(fsp->fh->fd,leasetype);
143 END_PROFILE(syscall_linux_setlease);
148 static int vfs_gpfs_get_real_filename(struct vfs_handle_struct *handle,
156 char real_pathname[PATH_MAX+1];
159 struct gpfs_config_data *config;
161 SMB_VFS_HANDLE_GET_DATA(handle, config,
162 struct gpfs_config_data,
165 if (!config->getrealfilename) {
166 return SMB_VFS_NEXT_GET_REAL_FILENAME(handle, path, name,
167 mem_ctx, found_name);
170 mangled = mangle_is_mangled(name, handle->conn->params);
172 return SMB_VFS_NEXT_GET_REAL_FILENAME(handle, path, name,
173 mem_ctx, found_name);
176 full_path = talloc_asprintf(talloc_tos(), "%s/%s", path, name);
177 if (full_path == NULL) {
182 buflen = sizeof(real_pathname) - 1;
184 result = smbd_gpfs_get_realfilename_path(full_path, real_pathname,
187 TALLOC_FREE(full_path);
189 if ((result == -1) && (errno == ENOSYS)) {
190 return SMB_VFS_NEXT_GET_REAL_FILENAME(
191 handle, path, name, mem_ctx, found_name);
195 DEBUG(10, ("smbd_gpfs_get_realfilename_path returned %s\n",
201 * GPFS does not necessarily null-terminate the returned path
202 * but instead returns the buffer length in buflen.
205 if (buflen < sizeof(real_pathname)) {
206 real_pathname[buflen] = '\0';
208 real_pathname[sizeof(real_pathname)-1] = '\0';
211 DEBUG(10, ("smbd_gpfs_get_realfilename_path: %s/%s -> %s\n",
212 path, name, real_pathname));
214 name = strrchr_m(real_pathname, '/');
220 *found_name = talloc_strdup(mem_ctx, name+1);
221 if (*found_name == NULL) {
229 static void sd2gpfs_control(uint16_t control, struct gpfs_acl *gacl)
231 unsigned int gpfs_aclflags = 0;
232 control &= SEC_DESC_DACL_PROTECTED | SEC_DESC_SACL_PROTECTED |
233 SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_SACL_AUTO_INHERITED |
234 SEC_DESC_DACL_DEFAULTED | SEC_DESC_SACL_DEFAULTED |
235 SEC_DESC_DACL_PRESENT | SEC_DESC_SACL_PRESENT;
236 gpfs_aclflags = control << 8;
237 if (!(control & SEC_DESC_DACL_PRESENT))
238 gpfs_aclflags |= 0x00800000; /* ACL4_FLAG_NULL_DACL; */
239 if (!(control & SEC_DESC_SACL_PRESENT))
240 gpfs_aclflags |= 0x01000000; /* ACL4_FLAG_NULL_SACL; */
241 gacl->acl_level = 1; /* GPFS_ACL_LEVEL_V4FLAGS*/
242 /* gacl->v4Level1.acl_flags requires gpfs 3.5 */
243 *(unsigned int *)&gacl->ace_v4 = gpfs_aclflags;
246 static uint16_t gpfs2sd_control(unsigned int gpfs_aclflags)
248 uint16_t control = gpfs_aclflags >> 8;
249 control &= SEC_DESC_DACL_PROTECTED | SEC_DESC_SACL_PROTECTED |
250 SEC_DESC_DACL_AUTO_INHERITED | SEC_DESC_SACL_AUTO_INHERITED |
251 SEC_DESC_DACL_DEFAULTED | SEC_DESC_SACL_DEFAULTED |
252 SEC_DESC_DACL_PRESENT | SEC_DESC_SACL_PRESENT;
253 control |= SEC_DESC_SELF_RELATIVE;
257 static void gpfs_dumpacl(int level, struct gpfs_acl *gacl)
262 DEBUG(0, ("gpfs acl is NULL\n"));
266 DEBUG(level, ("len: %d, level: %d, version: %d, nace: %d, "
268 gacl->acl_len, gacl->acl_level, gacl->acl_version,
269 gacl->acl_nace, gpfs_acl_flags(gacl)));
271 for(i=0; i<gacl->acl_nace; i++)
273 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, i);
274 DEBUG(level, ("\tace[%d]: type:%d, flags:0x%x, mask:0x%x, "
275 "iflags:0x%x, who:%u\n",
276 i, gace->aceType, gace->aceFlags, gace->aceMask,
277 gace->aceIFlags, gace->aceWho));
282 * get the ACL from GPFS, allocated on the specified mem_ctx
283 * internally retries when initial buffer was too small
285 * caller needs to cast result to either
286 * raw = yes: struct gpfs_opaque_acl
287 * raw = no: struct gpfs_acl
290 static void *vfs_gpfs_getacl(TALLOC_CTX *mem_ctx,
293 const gpfs_aclType_t type)
304 aclbuf = talloc_zero_size(mem_ctx, size);
305 if (aclbuf == NULL) {
311 struct gpfs_opaque_acl *buf = (struct gpfs_opaque_acl *) aclbuf;
312 buf->acl_type = type;
313 flags = GPFS_GETACL_NATIVE;
314 len = (unsigned int *) &(buf->acl_buffer_len);
315 struct_size = sizeof(struct gpfs_opaque_acl);
317 struct gpfs_acl *buf = (struct gpfs_acl *) aclbuf;
318 buf->acl_type = type;
319 buf->acl_level = 1; /* GPFS_ACL_LEVEL_V4FLAGS */
320 flags = GPFS_GETACL_STRUCT;
321 len = &(buf->acl_len);
322 /* reserve space for control flags in gpfs 3.5 and beyond */
323 struct_size = sizeof(struct gpfs_acl) + sizeof(unsigned int);
326 /* set the length of the buffer as input value */
330 ret = smbd_gpfs_getacl(discard_const_p(char, fname), flags, aclbuf);
331 if ((ret != 0) && (errno == ENOSPC)) {
333 * get the size needed to accommodate the complete buffer
335 * the value returned only applies to the ACL blob in the
336 * struct so make sure to also have headroom for the first
337 * struct members by adding room for the complete struct
338 * (might be a few bytes too much then)
340 size = *len + struct_size;
342 DEBUG(10, ("Increasing ACL buffer size to %zu\n", size));
347 DEBUG(5, ("smbd_gpfs_getacl failed with %s\n",
356 /* Tries to get nfs4 acls and returns SMB ACL allocated.
357 * On failure returns 1 if it got non-NFSv4 ACL to prompt
358 * retry with POSIX ACL checks.
359 * On failure returns -1 if there is system (GPFS) error, check errno.
360 * Returns 0 on success
362 static int gpfs_get_nfs4_acl(TALLOC_CTX *mem_ctx, const char *fname, SMB4ACL_T **ppacl)
365 struct gpfs_acl *gacl = NULL;
366 DEBUG(10, ("gpfs_get_nfs4_acl invoked for %s\n", fname));
369 gacl = (struct gpfs_acl*) vfs_gpfs_getacl(talloc_tos(), fname,
372 DEBUG(9, ("gpfs_getacl failed for %s with %s\n",
373 fname, strerror(errno)));
377 if (gacl->acl_type != GPFS_ACL_TYPE_NFS4) {
378 DEBUG(10, ("Got non-nfsv4 acl\n"));
379 /* Retry with POSIX ACLs check */
384 *ppacl = smb_create_smb4acl(mem_ctx);
386 if (gacl->acl_level == 1) { /* GPFS_ACL_LEVEL_V4FLAGS */
387 uint16_t control = gpfs2sd_control(gpfs_acl_flags(gacl));
388 smbacl4_set_controlflags(*ppacl, control);
391 DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d, control: %x\n",
392 gacl->acl_len, gacl->acl_level, gacl->acl_version,
393 gacl->acl_nace, gpfs_acl_flags(gacl)));
395 for (i=0; i<gacl->acl_nace; i++) {
396 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, i);
397 SMB_ACE4PROP_T smbace;
398 DEBUG(10, ("type: %d, iflags: %x, flags: %x, mask: %x, "
399 "who: %d\n", gace->aceType, gace->aceIFlags,
400 gace->aceFlags, gace->aceMask, gace->aceWho));
403 if (gace->aceIFlags & ACE4_IFLAG_SPECIAL_ID) {
404 smbace.flags |= SMB_ACE4_ID_SPECIAL;
405 switch (gace->aceWho) {
406 case ACE4_SPECIAL_OWNER:
407 smbace.who.special_id = SMB_ACE4_WHO_OWNER;
409 case ACE4_SPECIAL_GROUP:
410 smbace.who.special_id = SMB_ACE4_WHO_GROUP;
412 case ACE4_SPECIAL_EVERYONE:
413 smbace.who.special_id = SMB_ACE4_WHO_EVERYONE;
416 DEBUG(8, ("invalid special gpfs id %d "
417 "ignored\n", gace->aceWho));
418 continue; /* don't add it */
421 if (gace->aceFlags & ACE4_FLAG_GROUP_ID)
422 smbace.who.gid = gace->aceWho;
424 smbace.who.uid = gace->aceWho;
427 /* remove redundant deny entries */
428 if (i > 0 && gace->aceType == SMB_ACE4_ACCESS_DENIED_ACE_TYPE) {
429 struct gpfs_ace_v4 *prev = gpfs_ace_ptr(gacl, i - 1);
430 if (prev->aceType == SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE &&
431 prev->aceFlags == gace->aceFlags &&
432 prev->aceIFlags == gace->aceIFlags &&
433 (gace->aceMask & prev->aceMask) == 0 &&
434 gace->aceWho == prev->aceWho) {
435 /* it's redundant - skip it */
440 smbace.aceType = gace->aceType;
441 smbace.aceFlags = gace->aceFlags;
442 smbace.aceMask = gace->aceMask;
443 smb_add_ace4(*ppacl, &smbace);
451 static NTSTATUS gpfsacl_fget_nt_acl(vfs_handle_struct *handle,
452 files_struct *fsp, uint32 security_info,
454 struct security_descriptor **ppdesc)
456 SMB4ACL_T *pacl = NULL;
458 struct gpfs_config_data *config;
459 TALLOC_CTX *frame = talloc_stackframe();
464 SMB_VFS_HANDLE_GET_DATA(handle, config,
465 struct gpfs_config_data,
466 return NT_STATUS_INTERNAL_ERROR);
469 status = SMB_VFS_NEXT_FGET_NT_ACL(handle, fsp, security_info,
475 result = gpfs_get_nfs4_acl(frame, fsp->fsp_name->base_name, &pacl);
478 status = smb_fget_nt_acl_nfs4(fsp, security_info, mem_ctx,
485 DEBUG(10, ("retrying with posix acl...\n"));
486 status = posix_fget_nt_acl(fsp, security_info,
494 /* GPFS ACL was not read, something wrong happened, error code is set in errno */
495 return map_nt_error_from_unix(errno);
498 static NTSTATUS gpfsacl_get_nt_acl(vfs_handle_struct *handle,
500 uint32 security_info,
501 TALLOC_CTX *mem_ctx, struct security_descriptor **ppdesc)
503 SMB4ACL_T *pacl = NULL;
505 struct gpfs_config_data *config;
506 TALLOC_CTX *frame = talloc_stackframe();
511 SMB_VFS_HANDLE_GET_DATA(handle, config,
512 struct gpfs_config_data,
513 return NT_STATUS_INTERNAL_ERROR);
516 status = SMB_VFS_NEXT_GET_NT_ACL(handle, name, security_info,
522 result = gpfs_get_nfs4_acl(frame, name, &pacl);
525 status = smb_get_nt_acl_nfs4(handle->conn, name, security_info,
526 mem_ctx, ppdesc, pacl);
532 DEBUG(10, ("retrying with posix acl...\n"));
533 status = posix_get_nt_acl(handle->conn, name, security_info,
539 /* GPFS ACL was not read, something wrong happened, error code is set in errno */
541 return map_nt_error_from_unix(errno);
544 static struct gpfs_acl *vfs_gpfs_smbacl2gpfsacl(TALLOC_CTX *mem_ctx,
549 struct gpfs_acl *gacl;
550 gpfs_aclLen_t gacl_len;
553 gacl_len = offsetof(gpfs_acl_t, ace_v4) + sizeof(unsigned int)
554 + smb_get_naces(smbacl) * sizeof(gpfs_ace_v4_t);
556 gacl = (struct gpfs_acl *)TALLOC_SIZE(mem_ctx, gacl_len);
558 DEBUG(0, ("talloc failed\n"));
563 gacl->acl_level = 0; /* GPFS_ACL_LEVEL_BASE */
564 gacl->acl_version = GPFS_ACL_VERSION_NFS4;
565 gacl->acl_type = GPFS_ACL_TYPE_NFS4;
566 gacl->acl_nace = 0; /* change later... */
569 gacl->acl_level = 1; /* GPFS_ACL_LEVEL_V4FLAGS */
570 sd2gpfs_control(smbacl4_get_controlflags(smbacl), gacl);
573 for (smbace=smb_first_ace4(smbacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) {
574 struct gpfs_ace_v4 *gace = gpfs_ace_ptr(gacl, gacl->acl_nace);
575 SMB_ACE4PROP_T *aceprop = smb_get_ace4(smbace);
577 gace->aceType = aceprop->aceType;
578 gace->aceFlags = aceprop->aceFlags;
579 gace->aceMask = aceprop->aceMask;
582 * GPFS can't distinguish between WRITE and APPEND on
583 * files, so one being set without the other is an
584 * error. Sorry for the many ()'s :-)
587 if (!fsp->is_directory
589 ((((gace->aceMask & ACE4_MASK_WRITE) == 0)
590 && ((gace->aceMask & ACE4_MASK_APPEND) != 0))
592 (((gace->aceMask & ACE4_MASK_WRITE) != 0)
593 && ((gace->aceMask & ACE4_MASK_APPEND) == 0)))
595 lp_parm_bool(fsp->conn->params->service, "gpfs",
596 "merge_writeappend", True)) {
597 DEBUG(2, ("vfs_gpfs.c: file [%s]: ACE contains "
598 "WRITE^APPEND, setting WRITE|APPEND\n",
600 gace->aceMask |= ACE4_MASK_WRITE|ACE4_MASK_APPEND;
603 gace->aceIFlags = (aceprop->flags&SMB_ACE4_ID_SPECIAL) ? ACE4_IFLAG_SPECIAL_ID : 0;
605 if (aceprop->flags&SMB_ACE4_ID_SPECIAL)
607 switch(aceprop->who.special_id)
609 case SMB_ACE4_WHO_EVERYONE:
610 gace->aceWho = ACE4_SPECIAL_EVERYONE;
612 case SMB_ACE4_WHO_OWNER:
613 gace->aceWho = ACE4_SPECIAL_OWNER;
615 case SMB_ACE4_WHO_GROUP:
616 gace->aceWho = ACE4_SPECIAL_GROUP;
619 DEBUG(8, ("unsupported special_id %d\n", aceprop->who.special_id));
620 continue; /* don't add it !!! */
623 /* just only for the type safety... */
624 if (aceprop->aceFlags&SMB_ACE4_IDENTIFIER_GROUP)
625 gace->aceWho = aceprop->who.gid;
627 gace->aceWho = aceprop->who.uid;
632 gacl->acl_len = (char *)gpfs_ace_ptr(gacl, gacl->acl_nace)
637 static bool gpfsacl_process_smbacl(vfs_handle_struct *handle,
642 struct gpfs_acl *gacl;
643 TALLOC_CTX *mem_ctx = talloc_tos();
645 gacl = vfs_gpfs_smbacl2gpfsacl(mem_ctx, fsp, smbacl, true);
646 if (gacl == NULL) { /* out of memory */
649 ret = smbd_gpfs_putacl(fsp->fsp_name->base_name,
650 GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA, gacl);
652 if ((ret != 0) && (errno == EINVAL)) {
653 DEBUG(10, ("Retry without nfs41 control flags\n"));
655 gacl = vfs_gpfs_smbacl2gpfsacl(mem_ctx, fsp, smbacl, false);
656 if (gacl == NULL) { /* out of memory */
659 ret = smbd_gpfs_putacl(fsp->fsp_name->base_name,
660 GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA,
665 DEBUG(8, ("gpfs_putacl failed with %s\n", strerror(errno)));
666 gpfs_dumpacl(8, gacl);
670 DEBUG(10, ("gpfs_putacl succeeded\n"));
674 static NTSTATUS gpfsacl_set_nt_acl_internal(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
676 struct gpfs_acl *acl;
677 NTSTATUS result = NT_STATUS_ACCESS_DENIED;
679 acl = (struct gpfs_acl*) vfs_gpfs_getacl(talloc_tos(),
680 fsp->fsp_name->base_name,
683 return map_nt_error_from_unix(errno);
686 if (acl->acl_version == GPFS_ACL_VERSION_NFS4) {
687 if (lp_parm_bool(fsp->conn->params->service, "gpfs",
688 "refuse_dacl_protected", false)
689 && (psd->type&SEC_DESC_DACL_PROTECTED)) {
690 DEBUG(2, ("Rejecting unsupported ACL with DACL_PROTECTED bit set\n"));
692 return NT_STATUS_NOT_SUPPORTED;
695 result = smb_set_nt_acl_nfs4(handle,
696 fsp, security_info_sent, psd,
697 gpfsacl_process_smbacl);
698 } else { /* assume POSIX ACL - by default... */
699 result = set_nt_acl(fsp, security_info_sent, psd);
706 static NTSTATUS gpfsacl_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp, uint32 security_info_sent, const struct security_descriptor *psd)
708 struct gpfs_config_data *config;
710 SMB_VFS_HANDLE_GET_DATA(handle, config,
711 struct gpfs_config_data,
712 return NT_STATUS_INTERNAL_ERROR);
715 return SMB_VFS_NEXT_FSET_NT_ACL(handle, fsp, security_info_sent, psd);
718 return gpfsacl_set_nt_acl_internal(handle, fsp, security_info_sent, psd);
721 static SMB_ACL_T gpfs2smb_acl(const struct gpfs_acl *pacl, TALLOC_CTX *mem_ctx)
726 result = sys_acl_init(mem_ctx);
727 if (result == NULL) {
732 result->count = pacl->acl_nace;
733 result->acl = talloc_realloc(result, result->acl, struct smb_acl_entry,
735 if (result->acl == NULL) {
741 for (i=0; i<pacl->acl_nace; i++) {
742 struct smb_acl_entry *ace = &result->acl[i];
743 const struct gpfs_ace_v1 *g_ace = &pacl->ace_v1[i];
745 DEBUG(10, ("Converting type %d id %lu perm %x\n",
746 (int)g_ace->ace_type, (unsigned long)g_ace->ace_who,
747 (int)g_ace->ace_perm));
749 switch (g_ace->ace_type) {
751 ace->a_type = SMB_ACL_USER;
752 ace->info.user.uid = (uid_t)g_ace->ace_who;
754 case GPFS_ACL_USER_OBJ:
755 ace->a_type = SMB_ACL_USER_OBJ;
758 ace->a_type = SMB_ACL_GROUP;
759 ace->info.group.gid = (gid_t)g_ace->ace_who;
761 case GPFS_ACL_GROUP_OBJ:
762 ace->a_type = SMB_ACL_GROUP_OBJ;
765 ace->a_type = SMB_ACL_OTHER;
768 ace->a_type = SMB_ACL_MASK;
771 DEBUG(10, ("Got invalid ace_type: %d\n",
779 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_READ) ?
781 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_WRITE) ?
783 ace->a_perm |= (g_ace->ace_perm & ACL_PERM_EXECUTE) ?
786 DEBUGADD(10, ("Converted to %d perm %x\n",
787 ace->a_type, ace->a_perm));
793 static SMB_ACL_T gpfsacl_get_posix_acl(const char *path, gpfs_aclType_t type,
796 struct gpfs_acl *pacl;
797 SMB_ACL_T result = NULL;
799 pacl = vfs_gpfs_getacl(talloc_tos(), path, false, type);
802 DEBUG(10, ("vfs_gpfs_getacl failed for %s with %s\n",
803 path, strerror(errno)));
810 if (pacl->acl_version != GPFS_ACL_VERSION_POSIX) {
811 DEBUG(10, ("Got acl version %d, expected %d\n",
812 pacl->acl_version, GPFS_ACL_VERSION_POSIX));
817 DEBUG(10, ("len: %d, level: %d, version: %d, nace: %d\n",
818 pacl->acl_len, pacl->acl_level, pacl->acl_version,
821 result = gpfs2smb_acl(pacl, mem_ctx);
822 if (result != NULL) {
837 static SMB_ACL_T gpfsacl_sys_acl_get_file(vfs_handle_struct *handle,
842 gpfs_aclType_t gpfs_type;
843 struct gpfs_config_data *config;
845 SMB_VFS_HANDLE_GET_DATA(handle, config,
846 struct gpfs_config_data,
850 return SMB_VFS_NEXT_SYS_ACL_GET_FILE(handle, path_p,
855 case SMB_ACL_TYPE_ACCESS:
856 gpfs_type = GPFS_ACL_TYPE_ACCESS;
858 case SMB_ACL_TYPE_DEFAULT:
859 gpfs_type = GPFS_ACL_TYPE_DEFAULT;
862 DEBUG(0, ("Got invalid type: %d\n", type));
863 smb_panic("exiting");
866 return gpfsacl_get_posix_acl(path_p, gpfs_type, mem_ctx);
869 static SMB_ACL_T gpfsacl_sys_acl_get_fd(vfs_handle_struct *handle,
873 struct gpfs_config_data *config;
875 SMB_VFS_HANDLE_GET_DATA(handle, config,
876 struct gpfs_config_data,
880 return SMB_VFS_NEXT_SYS_ACL_GET_FD(handle, fsp, mem_ctx);
883 return gpfsacl_get_posix_acl(fsp->fsp_name->base_name,
884 GPFS_ACL_TYPE_ACCESS, mem_ctx);
887 static int gpfsacl_sys_acl_blob_get_file(vfs_handle_struct *handle,
890 char **blob_description,
893 struct gpfs_config_data *config;
894 struct gpfs_opaque_acl *acl = NULL;
898 SMB_VFS_HANDLE_GET_DATA(handle, config,
899 struct gpfs_config_data,
903 return SMB_VFS_NEXT_SYS_ACL_BLOB_GET_FILE(handle, path_p,
910 acl = (struct gpfs_opaque_acl *)
911 vfs_gpfs_getacl(mem_ctx,
917 DEBUG(5, ("vfs_gpfs_getacl finished with errno %d: %s\n",
918 errno, strerror(errno)));
920 /* EINVAL means POSIX ACL, bail out on other cases */
921 if (errno != EINVAL) {
930 * we only need the actual ACL blob here
931 * acl_version will always be NFS4 because we asked
933 * acl_type is only used for POSIX ACLs
935 aclblob.data = (uint8_t*) acl->acl_var_data;
936 aclblob.length = acl->acl_buffer_len;
938 *blob_description = talloc_strdup(mem_ctx, "gpfs_nfs4_acl");
939 if (!*blob_description) {
945 result = non_posix_sys_acl_blob_get_file_helper(handle, path_p,
953 /* fall back to POSIX ACL */
954 return posix_sys_acl_blob_get_file(handle, path_p, mem_ctx,
955 blob_description, blob);
958 static int gpfsacl_sys_acl_blob_get_fd(vfs_handle_struct *handle,
961 char **blob_description,
964 struct gpfs_config_data *config;
965 struct gpfs_opaque_acl *acl = NULL;
969 SMB_VFS_HANDLE_GET_DATA(handle, config,
970 struct gpfs_config_data,
974 return SMB_VFS_NEXT_SYS_ACL_BLOB_GET_FD(handle, fsp, mem_ctx,
975 blob_description, blob);
979 acl = (struct gpfs_opaque_acl *) vfs_gpfs_getacl(mem_ctx,
980 fsp->fsp_name->base_name,
985 DEBUG(5, ("vfs_gpfs_getacl finished with errno %d: %s\n",
986 errno, strerror(errno)));
988 /* EINVAL means POSIX ACL, bail out on other cases */
989 if (errno != EINVAL) {
998 * we only need the actual ACL blob here
999 * acl_version will always be NFS4 because we asked
1001 * acl_type is only used for POSIX ACLs
1003 aclblob.data = (uint8_t*) acl->acl_var_data;
1004 aclblob.length = acl->acl_buffer_len;
1006 *blob_description = talloc_strdup(mem_ctx, "gpfs_nfs4_acl");
1007 if (!*blob_description) {
1013 result = non_posix_sys_acl_blob_get_fd_helper(handle, fsp,
1021 /* fall back to POSIX ACL */
1022 return posix_sys_acl_blob_get_fd(handle, fsp, mem_ctx,
1023 blob_description, blob);
1026 static struct gpfs_acl *smb2gpfs_acl(const SMB_ACL_T pacl,
1027 SMB_ACL_TYPE_T type)
1030 struct gpfs_acl *result;
1033 DEBUG(10, ("smb2gpfs_acl: Got ACL with %d entries\n", pacl->count));
1035 len = offsetof(gpfs_acl_t, ace_v1) + (pacl->count) *
1036 sizeof(gpfs_ace_v1_t);
1038 result = (struct gpfs_acl *)SMB_MALLOC(len);
1039 if (result == NULL) {
1044 result->acl_len = len;
1045 result->acl_level = 0;
1046 result->acl_version = GPFS_ACL_VERSION_POSIX;
1047 result->acl_type = (type == SMB_ACL_TYPE_DEFAULT) ?
1048 GPFS_ACL_TYPE_DEFAULT : GPFS_ACL_TYPE_ACCESS;
1049 result->acl_nace = pacl->count;
1051 for (i=0; i<pacl->count; i++) {
1052 const struct smb_acl_entry *ace = &pacl->acl[i];
1053 struct gpfs_ace_v1 *g_ace = &result->ace_v1[i];
1055 DEBUG(10, ("Converting type %d perm %x\n",
1056 (int)ace->a_type, (int)ace->a_perm));
1058 g_ace->ace_perm = 0;
1060 switch(ace->a_type) {
1062 g_ace->ace_type = GPFS_ACL_USER;
1063 g_ace->ace_who = (gpfs_uid_t)ace->info.user.uid;
1065 case SMB_ACL_USER_OBJ:
1066 g_ace->ace_type = GPFS_ACL_USER_OBJ;
1067 g_ace->ace_perm |= ACL_PERM_CONTROL;
1071 g_ace->ace_type = GPFS_ACL_GROUP;
1072 g_ace->ace_who = (gpfs_uid_t)ace->info.group.gid;
1074 case SMB_ACL_GROUP_OBJ:
1075 g_ace->ace_type = GPFS_ACL_GROUP_OBJ;
1079 g_ace->ace_type = GPFS_ACL_MASK;
1080 g_ace->ace_perm = 0x8f;
1084 g_ace->ace_type = GPFS_ACL_OTHER;
1088 DEBUG(10, ("Got invalid ace_type: %d\n", ace->a_type));
1094 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_READ) ?
1096 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_WRITE) ?
1098 g_ace->ace_perm |= (ace->a_perm & SMB_ACL_EXECUTE) ?
1099 ACL_PERM_EXECUTE : 0;
1101 DEBUGADD(10, ("Converted to %d id %d perm %x\n",
1102 g_ace->ace_type, g_ace->ace_who, g_ace->ace_perm));
1108 static int gpfsacl_sys_acl_set_file(vfs_handle_struct *handle,
1110 SMB_ACL_TYPE_T type,
1113 struct gpfs_acl *gpfs_acl;
1115 struct gpfs_config_data *config;
1117 SMB_VFS_HANDLE_GET_DATA(handle, config,
1118 struct gpfs_config_data,
1122 return SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle, name, type, theacl);
1125 gpfs_acl = smb2gpfs_acl(theacl, type);
1126 if (gpfs_acl == NULL) {
1130 result = smbd_gpfs_putacl(discard_const_p(char, name),
1131 GPFS_PUTACL_STRUCT|GPFS_ACL_SAMBA, gpfs_acl);
1133 SAFE_FREE(gpfs_acl);
1137 static int gpfsacl_sys_acl_set_fd(vfs_handle_struct *handle,
1141 struct gpfs_config_data *config;
1143 SMB_VFS_HANDLE_GET_DATA(handle, config,
1144 struct gpfs_config_data,
1148 return SMB_VFS_NEXT_SYS_ACL_SET_FD(handle, fsp, theacl);
1151 return gpfsacl_sys_acl_set_file(handle, fsp->fsp_name->base_name,
1152 SMB_ACL_TYPE_ACCESS, theacl);
1155 static int gpfsacl_sys_acl_delete_def_file(vfs_handle_struct *handle,
1158 struct gpfs_config_data *config;
1160 SMB_VFS_HANDLE_GET_DATA(handle, config,
1161 struct gpfs_config_data,
1165 return SMB_VFS_NEXT_SYS_ACL_DELETE_DEF_FILE(handle, path);
1173 * Assumed: mode bits are shiftable and standard
1174 * Output: the new aceMask field for an smb nfs4 ace
1176 static uint32 gpfsacl_mask_filter(uint32 aceType, uint32 aceMask, uint32 rwx)
1178 const uint32 posix_nfs4map[3] = {
1179 SMB_ACE4_EXECUTE, /* execute */
1180 SMB_ACE4_WRITE_DATA | SMB_ACE4_APPEND_DATA, /* write; GPFS specific */
1181 SMB_ACE4_READ_DATA /* read */
1184 uint32_t posix_mask = 0x01;
1188 for(i=0; i<3; i++) {
1189 nfs4_bits = posix_nfs4map[i];
1190 posix_bit = rwx & posix_mask;
1192 if (aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE) {
1194 aceMask |= nfs4_bits;
1196 aceMask &= ~nfs4_bits;
1198 /* add deny bits when suitable */
1200 aceMask |= nfs4_bits;
1202 aceMask &= ~nfs4_bits;
1203 } /* other ace types are unexpected */
1211 static int gpfsacl_emu_chmod(vfs_handle_struct *handle,
1212 const char *path, mode_t mode)
1214 SMB4ACL_T *pacl = NULL;
1216 bool haveAllowEntry[SMB_ACE4_WHO_EVERYONE + 1] = {False, False, False, False};
1218 files_struct fake_fsp; /* TODO: rationalize parametrization */
1220 TALLOC_CTX *frame = talloc_stackframe();
1222 DEBUG(10, ("gpfsacl_emu_chmod invoked for %s mode %o\n", path, mode));
1224 result = gpfs_get_nfs4_acl(frame, path, &pacl);
1230 if (mode & ~(S_IRWXU | S_IRWXG | S_IRWXO)) {
1231 DEBUG(2, ("WARNING: cutting extra mode bits %o on %s\n", mode, path));
1234 for (smbace=smb_first_ace4(pacl); smbace!=NULL; smbace = smb_next_ace4(smbace)) {
1235 SMB_ACE4PROP_T *ace = smb_get_ace4(smbace);
1236 uint32_t specid = ace->who.special_id;
1238 if (ace->flags&SMB_ACE4_ID_SPECIAL &&
1239 ace->aceType<=SMB_ACE4_ACCESS_DENIED_ACE_TYPE &&
1240 specid <= SMB_ACE4_WHO_EVERYONE) {
1244 if (ace->aceType==SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE)
1245 haveAllowEntry[specid] = True;
1247 /* mode >> 6 for @owner, mode >> 3 for @group,
1248 * mode >> 0 for @everyone */
1249 newMask = gpfsacl_mask_filter(ace->aceType, ace->aceMask,
1250 mode >> ((SMB_ACE4_WHO_EVERYONE - specid) * 3));
1251 if (ace->aceMask!=newMask) {
1252 DEBUG(10, ("ace changed for %s (%o -> %o) id=%d\n",
1253 path, ace->aceMask, newMask, specid));
1255 ace->aceMask = newMask;
1259 /* make sure we have at least ALLOW entries
1260 * for all the 3 special ids (@EVERYONE, @OWNER, @GROUP)
1263 for(i = SMB_ACE4_WHO_OWNER; i<=SMB_ACE4_WHO_EVERYONE; i++) {
1266 if (haveAllowEntry[i]==True)
1270 ace.aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE;
1271 ace.flags |= SMB_ACE4_ID_SPECIAL;
1272 ace.who.special_id = i;
1274 if (i==SMB_ACE4_WHO_GROUP) /* not sure it's necessary... */
1275 ace.aceFlags |= SMB_ACE4_IDENTIFIER_GROUP;
1277 ace.aceMask = gpfsacl_mask_filter(ace.aceType, ace.aceMask,
1278 mode >> ((SMB_ACE4_WHO_EVERYONE - i) * 3));
1280 /* don't add unnecessary aces */
1284 /* we add it to the END - as windows expects allow aces */
1285 smb_add_ace4(pacl, &ace);
1286 DEBUG(10, ("Added ALLOW ace for %s, mode=%o, id=%d, aceMask=%x\n",
1287 path, mode, i, ace.aceMask));
1290 /* don't add complementary DENY ACEs here */
1291 ZERO_STRUCT(fake_fsp);
1292 fake_fsp.fsp_name = synthetic_smb_fname(
1293 frame, path, NULL, NULL);
1294 if (fake_fsp.fsp_name == NULL) {
1300 if (gpfsacl_process_smbacl(handle, &fake_fsp, pacl) == False) {
1306 return 0; /* ok for [f]chmod */
1309 static int vfs_gpfs_chmod(vfs_handle_struct *handle, const char *path, mode_t mode)
1311 struct smb_filename *smb_fname_cpath;
1314 smb_fname_cpath = synthetic_smb_fname(talloc_tos(), path, NULL, NULL);
1315 if (smb_fname_cpath == NULL) {
1320 if (SMB_VFS_NEXT_STAT(handle, smb_fname_cpath) != 0) {
1324 /* avoid chmod() if possible, to preserve acls */
1325 if ((smb_fname_cpath->st.st_ex_mode & ~S_IFMT) == mode) {
1329 rc = gpfsacl_emu_chmod(handle, path, mode);
1331 return SMB_VFS_NEXT_CHMOD(handle, path, mode);
1335 static int vfs_gpfs_fchmod(vfs_handle_struct *handle, files_struct *fsp, mode_t mode)
1340 if (SMB_VFS_NEXT_FSTAT(handle, fsp, &st) != 0) {
1344 /* avoid chmod() if possible, to preserve acls */
1345 if ((st.st_ex_mode & ~S_IFMT) == mode) {
1349 rc = gpfsacl_emu_chmod(handle, fsp->fsp_name->base_name,
1352 return SMB_VFS_NEXT_FCHMOD(handle, fsp, mode);
1356 static int gpfs_set_xattr(struct vfs_handle_struct *handle, const char *path,
1357 const char *name, const void *value, size_t size, int flags){
1358 struct xattr_DOSATTRIB dosattrib;
1359 enum ndr_err_code ndr_err;
1361 unsigned int dosmode=0;
1362 struct gpfs_winattr attrs;
1364 struct gpfs_config_data *config;
1366 SMB_VFS_HANDLE_GET_DATA(handle, config,
1367 struct gpfs_config_data,
1370 if (!config->winattr) {
1371 DEBUG(10, ("gpfs_set_xattr:name is %s -> next\n",name));
1372 return SMB_VFS_NEXT_SETXATTR(handle,path,name,value,size,flags);
1375 DEBUG(10, ("gpfs_set_xattr: %s \n",path));
1377 /* Only handle DOS Attributes */
1378 if (strcmp(name,SAMBA_XATTR_DOS_ATTRIB) != 0){
1379 DEBUG(5, ("gpfs_set_xattr:name is %s\n",name));
1380 return SMB_VFS_NEXT_SETXATTR(handle,path,name,value,size,flags);
1383 blob.data = discard_const_p(uint8_t, value);
1386 ndr_err = ndr_pull_struct_blob(&blob, talloc_tos(), &dosattrib,
1387 (ndr_pull_flags_fn_t)ndr_pull_xattr_DOSATTRIB);
1389 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
1390 DEBUG(1, ("gpfs_set_xattr: bad ndr decode "
1391 "from EA on file %s: Error = %s\n",
1392 path, ndr_errstr(ndr_err)));
1396 if (dosattrib.version != 3) {
1397 DEBUG(1, ("gpfs_set_xattr: expected dosattrib version 3, got "
1398 "%d\n", (int)dosattrib.version));
1401 if (!(dosattrib.info.info3.valid_flags & XATTR_DOSINFO_ATTRIB)) {
1402 DEBUG(10, ("gpfs_set_xattr: XATTR_DOSINFO_ATTRIB not "
1403 "valid, ignoring\n"));
1407 dosmode = dosattrib.info.info3.attrib;
1410 /*Just map RD_ONLY, ARCHIVE, SYSTEM HIDDEN and SPARSE. Ignore the others*/
1411 if (dosmode & FILE_ATTRIBUTE_ARCHIVE){
1412 attrs.winAttrs |= GPFS_WINATTR_ARCHIVE;
1414 if (dosmode & FILE_ATTRIBUTE_HIDDEN){
1415 attrs.winAttrs |= GPFS_WINATTR_HIDDEN;
1417 if (dosmode & FILE_ATTRIBUTE_SYSTEM){
1418 attrs.winAttrs |= GPFS_WINATTR_SYSTEM;
1420 if (dosmode & FILE_ATTRIBUTE_READONLY){
1421 attrs.winAttrs |= GPFS_WINATTR_READONLY;
1423 if (dosmode & FILE_ATTRIBUTE_SPARSE) {
1424 attrs.winAttrs |= GPFS_WINATTR_SPARSE_FILE;
1428 ret = set_gpfs_winattrs(discard_const_p(char, path),
1429 GPFS_WINATTR_SET_ATTRS, &attrs);
1431 if (errno == ENOSYS) {
1432 return SMB_VFS_NEXT_SETXATTR(handle, path, name, value,
1436 DEBUG(1, ("gpfs_set_xattr:Set GPFS attributes failed %d\n",ret));
1440 DEBUG(10, ("gpfs_set_xattr:Set attributes: 0x%x\n",attrs.winAttrs));
1444 static ssize_t gpfs_get_xattr(struct vfs_handle_struct *handle, const char *path,
1445 const char *name, void *value, size_t size){
1446 char *attrstr = value;
1447 unsigned int dosmode = 0;
1448 struct gpfs_winattr attrs;
1450 struct gpfs_config_data *config;
1452 SMB_VFS_HANDLE_GET_DATA(handle, config,
1453 struct gpfs_config_data,
1456 if (!config->winattr) {
1457 DEBUG(10, ("gpfs_get_xattr:name is %s -> next\n",name));
1458 return SMB_VFS_NEXT_GETXATTR(handle,path,name,value,size);
1461 DEBUG(10, ("gpfs_get_xattr: %s \n",path));
1463 /* Only handle DOS Attributes */
1464 if (strcmp(name,SAMBA_XATTR_DOS_ATTRIB) != 0){
1465 DEBUG(5, ("gpfs_get_xattr:name is %s\n",name));
1466 return SMB_VFS_NEXT_GETXATTR(handle,path,name,value,size);
1469 ret = get_gpfs_winattrs(discard_const_p(char, path), &attrs);
1471 if (errno == ENOSYS) {
1472 return SMB_VFS_NEXT_GETXATTR(handle, path, name, value,
1476 DEBUG(1, ("gpfs_get_xattr: Get GPFS attributes failed: "
1477 "%d (%s)\n", ret, strerror(errno)));
1481 DEBUG(10, ("gpfs_get_xattr:Got attributes: 0x%x\n",attrs.winAttrs));
1483 /*Just map RD_ONLY, ARCHIVE, SYSTEM, HIDDEN and SPARSE. Ignore the others*/
1484 if (attrs.winAttrs & GPFS_WINATTR_ARCHIVE){
1485 dosmode |= FILE_ATTRIBUTE_ARCHIVE;
1487 if (attrs.winAttrs & GPFS_WINATTR_HIDDEN){
1488 dosmode |= FILE_ATTRIBUTE_HIDDEN;
1490 if (attrs.winAttrs & GPFS_WINATTR_SYSTEM){
1491 dosmode |= FILE_ATTRIBUTE_SYSTEM;
1493 if (attrs.winAttrs & GPFS_WINATTR_READONLY){
1494 dosmode |= FILE_ATTRIBUTE_READONLY;
1496 if (attrs.winAttrs & GPFS_WINATTR_SPARSE_FILE) {
1497 dosmode |= FILE_ATTRIBUTE_SPARSE;
1500 snprintf(attrstr, size, "0x%2.2x",
1501 (unsigned int)(dosmode & SAMBA_ATTRIBUTES_MASK));
1502 DEBUG(10, ("gpfs_get_xattr: returning %s\n",attrstr));
1506 #if defined(HAVE_FSTATAT)
1507 static int stat_with_capability(struct vfs_handle_struct *handle,
1508 struct smb_filename *smb_fname, int flag)
1513 const char *rel_name = NULL;
1517 b = parent_dirname(talloc_tos(), smb_fname->base_name,
1518 &dir_name, &rel_name);
1524 fd = open(dir_name, O_RDONLY, 0);
1525 TALLOC_FREE(dir_name);
1530 set_effective_capability(DAC_OVERRIDE_CAPABILITY);
1531 ret = fstatat(fd, rel_name, &st, flag);
1532 drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
1537 init_stat_ex_from_stat(
1538 &smb_fname->st, &st,
1539 lp_fake_directory_create_times(SNUM(handle->conn)));
1546 static int vfs_gpfs_stat(struct vfs_handle_struct *handle,
1547 struct smb_filename *smb_fname)
1549 struct gpfs_winattr attrs;
1553 struct gpfs_config_data *config;
1555 SMB_VFS_HANDLE_GET_DATA(handle, config,
1556 struct gpfs_config_data,
1559 ret = SMB_VFS_NEXT_STAT(handle, smb_fname);
1560 #if defined(HAVE_FSTATAT)
1561 if (ret == -1 && errno == EACCES) {
1562 DEBUG(10, ("Trying stat with capability for %s\n",
1563 smb_fname->base_name));
1564 ret = stat_with_capability(handle, smb_fname, 0);
1571 if (!config->winattr) {
1575 status = get_full_smb_filename(talloc_tos(), smb_fname, &fname);
1576 if (!NT_STATUS_IS_OK(status)) {
1577 errno = map_errno_from_nt_status(status);
1580 ret = get_gpfs_winattrs(discard_const_p(char, fname), &attrs);
1583 smb_fname->st.st_ex_calculated_birthtime = false;
1584 smb_fname->st.st_ex_btime.tv_sec = attrs.creationTime.tv_sec;
1585 smb_fname->st.st_ex_btime.tv_nsec = attrs.creationTime.tv_nsec;
1586 smb_fname->st.vfs_private = attrs.winAttrs;
1591 static int vfs_gpfs_fstat(struct vfs_handle_struct *handle,
1592 struct files_struct *fsp, SMB_STRUCT_STAT *sbuf)
1594 struct gpfs_winattr attrs;
1596 struct gpfs_config_data *config;
1598 SMB_VFS_HANDLE_GET_DATA(handle, config,
1599 struct gpfs_config_data,
1602 ret = SMB_VFS_NEXT_FSTAT(handle, fsp, sbuf);
1606 if ((fsp->fh == NULL) || (fsp->fh->fd == -1)) {
1609 if (!config->winattr) {
1613 ret = smbd_fget_gpfs_winattrs(fsp->fh->fd, &attrs);
1615 sbuf->st_ex_calculated_birthtime = false;
1616 sbuf->st_ex_btime.tv_sec = attrs.creationTime.tv_sec;
1617 sbuf->st_ex_btime.tv_nsec = attrs.creationTime.tv_nsec;
1622 static int vfs_gpfs_lstat(struct vfs_handle_struct *handle,
1623 struct smb_filename *smb_fname)
1625 struct gpfs_winattr attrs;
1629 struct gpfs_config_data *config;
1631 SMB_VFS_HANDLE_GET_DATA(handle, config,
1632 struct gpfs_config_data,
1635 ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname);
1636 #if defined(HAVE_FSTATAT)
1637 if (ret == -1 && errno == EACCES) {
1638 DEBUG(10, ("Trying lstat with capability for %s\n",
1639 smb_fname->base_name));
1640 ret = stat_with_capability(handle, smb_fname,
1641 AT_SYMLINK_NOFOLLOW);
1648 if (!config->winattr) {
1652 status = get_full_smb_filename(talloc_tos(), smb_fname, &path);
1653 if (!NT_STATUS_IS_OK(status)) {
1654 errno = map_errno_from_nt_status(status);
1657 ret = get_gpfs_winattrs(discard_const_p(char, path), &attrs);
1660 smb_fname->st.st_ex_calculated_birthtime = false;
1661 smb_fname->st.st_ex_btime.tv_sec = attrs.creationTime.tv_sec;
1662 smb_fname->st.st_ex_btime.tv_nsec = attrs.creationTime.tv_nsec;
1663 smb_fname->st.vfs_private = attrs.winAttrs;
1668 static int vfs_gpfs_ntimes(struct vfs_handle_struct *handle,
1669 const struct smb_filename *smb_fname,
1670 struct smb_file_time *ft)
1673 struct gpfs_winattr attrs;
1677 struct gpfs_config_data *config;
1679 SMB_VFS_HANDLE_GET_DATA(handle, config,
1680 struct gpfs_config_data,
1683 status = get_full_smb_filename(talloc_tos(), smb_fname, &path);
1684 if (!NT_STATUS_IS_OK(status)) {
1685 errno = map_errno_from_nt_status(status);
1689 /* Try to use gpfs_set_times if it is enabled and available */
1690 if (config->settimes) {
1691 ret = smbd_gpfs_set_times_path(path, ft);
1693 if (ret == 0 || (ret == -1 && errno != ENOSYS)) {
1698 DEBUG(10,("gpfs_set_times() not available or disabled, "
1699 "use ntimes and winattr\n"));
1701 ret = SMB_VFS_NEXT_NTIMES(handle, smb_fname, ft);
1703 /* don't complain if access was denied */
1704 if (errno != EPERM && errno != EACCES) {
1705 DEBUG(1,("vfs_gpfs_ntimes: SMB_VFS_NEXT_NTIMES failed:"
1706 "%s", strerror(errno)));
1711 if(null_timespec(ft->create_time)){
1712 DEBUG(10,("vfs_gpfs_ntimes:Create Time is NULL\n"));
1716 if (!config->winattr) {
1721 attrs.creationTime.tv_sec = ft->create_time.tv_sec;
1722 attrs.creationTime.tv_nsec = ft->create_time.tv_nsec;
1724 ret = set_gpfs_winattrs(discard_const_p(char, path),
1725 GPFS_WINATTR_SET_CREATION_TIME, &attrs);
1726 if(ret == -1 && errno != ENOSYS){
1727 DEBUG(1,("vfs_gpfs_ntimes: set GPFS ntimes failed %d\n",ret));
1734 static int vfs_gpfs_fallocate(struct vfs_handle_struct *handle,
1735 struct files_struct *fsp, enum vfs_fallocate_mode mode,
1736 off_t offset, off_t len)
1739 struct gpfs_config_data *config;
1741 SMB_VFS_HANDLE_GET_DATA(handle, config,
1742 struct gpfs_config_data,
1745 if (!config->prealloc) {
1746 /* you should better not run fallocate() on GPFS at all */
1751 if (mode == VFS_FALLOCATE_KEEP_SIZE) {
1752 DEBUG(10, ("Unsupported VFS_FALLOCATE_KEEP_SIZE\n"));
1757 ret = smbd_gpfs_prealloc(fsp->fh->fd, offset, len);
1759 if (ret == -1 && errno != ENOSYS) {
1760 DEBUG(0, ("GPFS prealloc failed: %s\n", strerror(errno)));
1761 } else if (ret == -1 && errno == ENOSYS) {
1762 DEBUG(10, ("GPFS prealloc not supported.\n"));
1764 DEBUG(10, ("GPFS prealloc succeeded.\n"));
1770 static int vfs_gpfs_ftruncate(vfs_handle_struct *handle, files_struct *fsp,
1774 struct gpfs_config_data *config;
1776 SMB_VFS_HANDLE_GET_DATA(handle, config,
1777 struct gpfs_config_data,
1780 if (!config->ftruncate) {
1781 return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1784 result = smbd_gpfs_ftruncate(fsp->fh->fd, len);
1785 if ((result == -1) && (errno == ENOSYS)) {
1786 return SMB_VFS_NEXT_FTRUNCATE(handle, fsp, len);
1791 static bool vfs_gpfs_is_offline(struct vfs_handle_struct *handle,
1792 const struct smb_filename *fname,
1793 SMB_STRUCT_STAT *sbuf)
1795 struct gpfs_winattr attrs;
1798 struct gpfs_config_data *config;
1800 SMB_VFS_HANDLE_GET_DATA(handle, config,
1801 struct gpfs_config_data,
1804 if (!config->winattr) {
1805 return SMB_VFS_NEXT_IS_OFFLINE(handle, fname, sbuf);
1808 status = get_full_smb_filename(talloc_tos(), fname, &path);
1809 if (!NT_STATUS_IS_OK(status)) {
1810 errno = map_errno_from_nt_status(status);
1814 if (VALID_STAT(*sbuf)) {
1815 attrs.winAttrs = sbuf->vfs_private;
1818 ret = get_gpfs_winattrs(path, &attrs);
1825 if ((attrs.winAttrs & GPFS_WINATTR_OFFLINE) != 0) {
1826 DEBUG(10, ("%s is offline\n", path));
1830 DEBUG(10, ("%s is online\n", path));
1832 return SMB_VFS_NEXT_IS_OFFLINE(handle, fname, sbuf);
1835 static bool vfs_gpfs_aio_force(struct vfs_handle_struct *handle,
1836 struct files_struct *fsp)
1838 return vfs_gpfs_is_offline(handle, fsp->fsp_name, &fsp->fsp_name->st);
1841 static ssize_t vfs_gpfs_sendfile(vfs_handle_struct *handle, int tofd,
1842 files_struct *fsp, const DATA_BLOB *hdr,
1843 off_t offset, size_t n)
1845 if ((fsp->fsp_name->st.vfs_private & GPFS_WINATTR_OFFLINE) != 0) {
1849 return SMB_VFS_NEXT_SENDFILE(handle, tofd, fsp, hdr, offset, n);
1852 static int vfs_gpfs_connect(struct vfs_handle_struct *handle,
1853 const char *service, const char *user)
1855 struct gpfs_config_data *config;
1858 smbd_gpfs_lib_init();
1860 config = talloc_zero(handle->conn, struct gpfs_config_data);
1862 DEBUG(0, ("talloc_zero() failed\n"));
1867 ret = SMB_VFS_NEXT_CONNECT(handle, service, user);
1869 TALLOC_FREE(config);
1873 config->sharemodes = lp_parm_bool(SNUM(handle->conn), "gpfs",
1874 "sharemodes", true);
1876 config->leases = lp_parm_bool(SNUM(handle->conn), "gpfs",
1879 config->hsm = lp_parm_bool(SNUM(handle->conn), "gpfs",
1882 config->syncio = lp_parm_bool(SNUM(handle->conn), "gpfs",
1885 config->winattr = lp_parm_bool(SNUM(handle->conn), "gpfs",
1888 config->ftruncate = lp_parm_bool(SNUM(handle->conn), "gpfs",
1891 config->getrealfilename = lp_parm_bool(SNUM(handle->conn), "gpfs",
1892 "getrealfilename", true);
1894 config->dfreequota = lp_parm_bool(SNUM(handle->conn), "gpfs",
1895 "dfreequota", false);
1897 config->prealloc = lp_parm_bool(SNUM(handle->conn), "gpfs",
1900 config->acl = lp_parm_bool(SNUM(handle->conn), "gpfs", "acl", true);
1902 config->settimes = lp_parm_bool(SNUM(handle->conn), "gpfs",
1904 config->recalls = lp_parm_bool(SNUM(handle->conn), "gpfs",
1907 SMB_VFS_HANDLE_SET_DATA(handle, config,
1908 NULL, struct gpfs_config_data,
1911 if (config->leases) {
1913 * GPFS lease code is based on kernel oplock code
1914 * so make sure it is turned on
1916 if (!lp_kernel_oplocks(SNUM(handle->conn))) {
1917 DEBUG(5, ("Enabling kernel oplocks for "
1918 "gpfs:leases to work\n"));
1919 lp_do_parameter(SNUM(handle->conn), "kernel oplocks",
1924 * as the kernel does not properly support Level II oplocks
1925 * and GPFS leases code is based on kernel infrastructure, we
1926 * need to turn off Level II oplocks if gpfs:leases is enabled
1928 if (lp_level2_oplocks(SNUM(handle->conn))) {
1929 DEBUG(5, ("gpfs:leases are enabled, disabling "
1930 "Level II oplocks\n"));
1931 lp_do_parameter(SNUM(handle->conn), "level2 oplocks",
1939 static int vfs_gpfs_get_quotas(const char *path, uid_t uid, gid_t gid,
1941 struct gpfs_quotaInfo *qi_user,
1942 struct gpfs_quotaInfo *qi_group,
1943 struct gpfs_quotaInfo *qi_fset)
1950 * We want to always use the directory to get the fileset id,
1951 * because files might have a share mode. We also do not want
1952 * to get the parent directory when there is already a
1953 * directory to avoid stepping in a different fileset. The
1954 * path passed here is currently either "." or a filename, so
1955 * this is ok. The proper solution would be having a way to
1956 * query the fileset id without opening the file.
1958 b = parent_dirname(talloc_tos(), path, &dir_path, NULL);
1964 DEBUG(10, ("path %s, directory %s\n", path, dir_path));
1966 err = get_gpfs_fset_id(dir_path, fset_id);
1968 DEBUG(0, ("Get fset id failed path %s, dir %s, errno %d.\n",
1969 path, dir_path, errno));
1973 err = get_gpfs_quota(path, GPFS_USRQUOTA, uid, qi_user);
1978 err = get_gpfs_quota(path, GPFS_GRPQUOTA, gid, qi_group);
1983 err = get_gpfs_quota(path, GPFS_FILESETQUOTA, *fset_id, qi_fset);
1991 static void vfs_gpfs_disk_free_quota(struct gpfs_quotaInfo qi, time_t cur_time,
1992 uint64_t *dfree, uint64_t *dsize)
1994 uint64_t usage, limit;
1997 * The quota reporting is done in units of 1024 byte blocks, but
1998 * sys_fsusage uses units of 512 byte blocks, adjust the block number
1999 * accordingly. Also filter possibly negative usage counts from gpfs.
2001 usage = qi.blockUsage < 0 ? 0 : (uint64_t)qi.blockUsage * 2;
2002 limit = (uint64_t)qi.blockHardLimit * 2;
2005 * When the grace time for the exceeded soft block quota has been
2006 * exceeded, the soft block quota becomes an additional hard limit.
2008 if (qi.blockSoftLimit &&
2009 qi.blockGraceTime && cur_time > qi.blockGraceTime) {
2010 /* report disk as full */
2012 *dsize = MIN(*dsize, usage);
2015 if (!qi.blockHardLimit)
2018 if (usage >= limit) {
2019 /* report disk as full */
2021 *dsize = MIN(*dsize, usage);
2024 /* limit has not been reached, determine "free space" */
2025 *dfree = MIN(*dfree, limit - usage);
2026 *dsize = MIN(*dsize, limit);
2030 static uint64_t vfs_gpfs_disk_free(vfs_handle_struct *handle, const char *path,
2031 bool small_query, uint64_t *bsize,
2032 uint64_t *dfree, uint64_t *dsize)
2034 struct security_unix_token *utok;
2035 struct gpfs_quotaInfo qi_user, qi_group, qi_fset;
2036 struct gpfs_config_data *config;
2040 SMB_VFS_HANDLE_GET_DATA(handle, config, struct gpfs_config_data,
2041 return (uint64_t)-1);
2042 if (!config->dfreequota) {
2043 return SMB_VFS_NEXT_DISK_FREE(handle, path, small_query,
2044 bsize, dfree, dsize);
2047 err = sys_fsusage(path, dfree, dsize);
2049 DEBUG (0, ("Could not get fs usage, errno %d\n", errno));
2050 return SMB_VFS_NEXT_DISK_FREE(handle, path, small_query,
2051 bsize, dfree, dsize);
2054 /* sys_fsusage returns units of 512 bytes */
2057 DEBUG(10, ("fs dfree %llu, dsize %llu\n",
2058 (unsigned long long)*dfree, (unsigned long long)*dsize));
2060 utok = handle->conn->session_info->unix_token;
2061 err = vfs_gpfs_get_quotas(path, utok->uid, utok->gid, &fset_id,
2062 &qi_user, &qi_group, &qi_fset);
2064 return SMB_VFS_NEXT_DISK_FREE(handle, path, small_query,
2065 bsize, dfree, dsize);
2068 cur_time = time(NULL);
2070 /* Adjust free space and size according to quota limits. */
2071 vfs_gpfs_disk_free_quota(qi_user, cur_time, dfree, dsize);
2072 vfs_gpfs_disk_free_quota(qi_group, cur_time, dfree, dsize);
2074 /* Id 0 indicates the default quota, not an actual quota */
2076 vfs_gpfs_disk_free_quota(qi_fset, cur_time, dfree, dsize);
2079 disk_norm(small_query, bsize, dfree, dsize);
2083 static uint32_t vfs_gpfs_capabilities(struct vfs_handle_struct *handle,
2084 enum timestamp_set_resolution *p_ts_res)
2086 struct gpfs_config_data *config;
2089 next = SMB_VFS_NEXT_FS_CAPABILITIES(handle, p_ts_res);
2091 SMB_VFS_HANDLE_GET_DATA(handle, config,
2092 struct gpfs_config_data,
2096 next |= FILE_SUPPORTS_REMOTE_STORAGE;
2101 static int vfs_gpfs_open(struct vfs_handle_struct *handle,
2102 struct smb_filename *smb_fname, files_struct *fsp,
2103 int flags, mode_t mode)
2105 struct gpfs_config_data *config;
2107 SMB_VFS_HANDLE_GET_DATA(handle, config,
2108 struct gpfs_config_data,
2111 if (config->hsm && !config->recalls) {
2112 if (VALID_STAT(smb_fname->st) &&
2113 (smb_fname->st.vfs_private & GPFS_WINATTR_OFFLINE)) {
2114 DEBUG(10, ("Refusing access to offline file %s\n",
2121 if (config->syncio) {
2124 return SMB_VFS_NEXT_OPEN(handle, smb_fname, fsp, flags, mode);
2127 static ssize_t vfs_gpfs_pread(vfs_handle_struct *handle, files_struct *fsp,
2128 void *data, size_t n, off_t offset)
2132 ret = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset);
2134 DEBUG(10, ("vfs_private = %x\n",
2135 (unsigned int)fsp->fsp_name->st.vfs_private));
2138 ((fsp->fsp_name->st.vfs_private & GPFS_WINATTR_OFFLINE) != 0)) {
2139 fsp->fsp_name->st.vfs_private &= ~GPFS_WINATTR_OFFLINE;
2140 notify_fname(handle->conn, NOTIFY_ACTION_MODIFIED,
2141 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2142 fsp->fsp_name->base_name);
2148 struct vfs_gpfs_pread_state {
2149 struct files_struct *fsp;
2154 static void vfs_gpfs_pread_done(struct tevent_req *subreq);
2156 static struct tevent_req *vfs_gpfs_pread_send(struct vfs_handle_struct *handle,
2157 TALLOC_CTX *mem_ctx,
2158 struct tevent_context *ev,
2159 struct files_struct *fsp,
2160 void *data, size_t n,
2163 struct tevent_req *req, *subreq;
2164 struct vfs_gpfs_pread_state *state;
2166 req = tevent_req_create(mem_ctx, &state, struct vfs_gpfs_pread_state);
2171 subreq = SMB_VFS_NEXT_PREAD_SEND(state, ev, handle, fsp, data,
2173 if (tevent_req_nomem(subreq, req)) {
2174 return tevent_req_post(req, ev);
2176 tevent_req_set_callback(subreq, vfs_gpfs_pread_done, req);
2180 static void vfs_gpfs_pread_done(struct tevent_req *subreq)
2182 struct tevent_req *req = tevent_req_callback_data(
2183 subreq, struct tevent_req);
2184 struct vfs_gpfs_pread_state *state = tevent_req_data(
2185 req, struct vfs_gpfs_pread_state);
2187 state->ret = SMB_VFS_PREAD_RECV(subreq, &state->err);
2188 TALLOC_FREE(subreq);
2189 tevent_req_done(req);
2192 static ssize_t vfs_gpfs_pread_recv(struct tevent_req *req, int *err)
2194 struct vfs_gpfs_pread_state *state = tevent_req_data(
2195 req, struct vfs_gpfs_pread_state);
2196 struct files_struct *fsp = state->fsp;
2198 if (tevent_req_is_unix_error(req, err)) {
2203 DEBUG(10, ("vfs_private = %x\n",
2204 (unsigned int)fsp->fsp_name->st.vfs_private));
2206 if ((state->ret != -1) &&
2207 ((fsp->fsp_name->st.vfs_private & GPFS_WINATTR_OFFLINE) != 0)) {
2208 fsp->fsp_name->st.vfs_private &= ~GPFS_WINATTR_OFFLINE;
2209 DEBUG(10, ("sending notify\n"));
2210 notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
2211 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2212 fsp->fsp_name->base_name);
2218 static ssize_t vfs_gpfs_pwrite(vfs_handle_struct *handle, files_struct *fsp,
2219 const void *data, size_t n, off_t offset)
2223 ret = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset);
2225 DEBUG(10, ("vfs_private = %x\n",
2226 (unsigned int)fsp->fsp_name->st.vfs_private));
2229 ((fsp->fsp_name->st.vfs_private & GPFS_WINATTR_OFFLINE) != 0)) {
2230 fsp->fsp_name->st.vfs_private &= ~GPFS_WINATTR_OFFLINE;
2231 notify_fname(handle->conn, NOTIFY_ACTION_MODIFIED,
2232 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2233 fsp->fsp_name->base_name);
2239 struct vfs_gpfs_pwrite_state {
2240 struct files_struct *fsp;
2245 static void vfs_gpfs_pwrite_done(struct tevent_req *subreq);
2247 static struct tevent_req *vfs_gpfs_pwrite_send(
2248 struct vfs_handle_struct *handle,
2249 TALLOC_CTX *mem_ctx,
2250 struct tevent_context *ev,
2251 struct files_struct *fsp,
2252 const void *data, size_t n,
2255 struct tevent_req *req, *subreq;
2256 struct vfs_gpfs_pwrite_state *state;
2258 req = tevent_req_create(mem_ctx, &state, struct vfs_gpfs_pwrite_state);
2263 subreq = SMB_VFS_NEXT_PWRITE_SEND(state, ev, handle, fsp, data,
2265 if (tevent_req_nomem(subreq, req)) {
2266 return tevent_req_post(req, ev);
2268 tevent_req_set_callback(subreq, vfs_gpfs_pwrite_done, req);
2272 static void vfs_gpfs_pwrite_done(struct tevent_req *subreq)
2274 struct tevent_req *req = tevent_req_callback_data(
2275 subreq, struct tevent_req);
2276 struct vfs_gpfs_pwrite_state *state = tevent_req_data(
2277 req, struct vfs_gpfs_pwrite_state);
2279 state->ret = SMB_VFS_PWRITE_RECV(subreq, &state->err);
2280 TALLOC_FREE(subreq);
2281 tevent_req_done(req);
2284 static ssize_t vfs_gpfs_pwrite_recv(struct tevent_req *req, int *err)
2286 struct vfs_gpfs_pwrite_state *state = tevent_req_data(
2287 req, struct vfs_gpfs_pwrite_state);
2288 struct files_struct *fsp = state->fsp;
2290 if (tevent_req_is_unix_error(req, err)) {
2295 DEBUG(10, ("vfs_private = %x\n",
2296 (unsigned int)fsp->fsp_name->st.vfs_private));
2298 if ((state->ret != -1) &&
2299 ((fsp->fsp_name->st.vfs_private & GPFS_WINATTR_OFFLINE) != 0)) {
2300 fsp->fsp_name->st.vfs_private &= ~GPFS_WINATTR_OFFLINE;
2301 DEBUG(10, ("sending notify\n"));
2302 notify_fname(fsp->conn, NOTIFY_ACTION_MODIFIED,
2303 FILE_NOTIFY_CHANGE_ATTRIBUTES,
2304 fsp->fsp_name->base_name);
2311 static struct vfs_fn_pointers vfs_gpfs_fns = {
2312 .connect_fn = vfs_gpfs_connect,
2313 .disk_free_fn = vfs_gpfs_disk_free,
2314 .fs_capabilities_fn = vfs_gpfs_capabilities,
2315 .kernel_flock_fn = vfs_gpfs_kernel_flock,
2316 .linux_setlease_fn = vfs_gpfs_setlease,
2317 .get_real_filename_fn = vfs_gpfs_get_real_filename,
2318 .fget_nt_acl_fn = gpfsacl_fget_nt_acl,
2319 .get_nt_acl_fn = gpfsacl_get_nt_acl,
2320 .fset_nt_acl_fn = gpfsacl_fset_nt_acl,
2321 .sys_acl_get_file_fn = gpfsacl_sys_acl_get_file,
2322 .sys_acl_get_fd_fn = gpfsacl_sys_acl_get_fd,
2323 .sys_acl_blob_get_file_fn = gpfsacl_sys_acl_blob_get_file,
2324 .sys_acl_blob_get_fd_fn = gpfsacl_sys_acl_blob_get_fd,
2325 .sys_acl_set_file_fn = gpfsacl_sys_acl_set_file,
2326 .sys_acl_set_fd_fn = gpfsacl_sys_acl_set_fd,
2327 .sys_acl_delete_def_file_fn = gpfsacl_sys_acl_delete_def_file,
2328 .chmod_fn = vfs_gpfs_chmod,
2329 .fchmod_fn = vfs_gpfs_fchmod,
2330 .close_fn = vfs_gpfs_close,
2331 .setxattr_fn = gpfs_set_xattr,
2332 .getxattr_fn = gpfs_get_xattr,
2333 .stat_fn = vfs_gpfs_stat,
2334 .fstat_fn = vfs_gpfs_fstat,
2335 .lstat_fn = vfs_gpfs_lstat,
2336 .ntimes_fn = vfs_gpfs_ntimes,
2337 .is_offline_fn = vfs_gpfs_is_offline,
2338 .aio_force_fn = vfs_gpfs_aio_force,
2339 .sendfile_fn = vfs_gpfs_sendfile,
2340 .fallocate_fn = vfs_gpfs_fallocate,
2341 .open_fn = vfs_gpfs_open,
2342 .pread_fn = vfs_gpfs_pread,
2343 .pread_send_fn = vfs_gpfs_pread_send,
2344 .pread_recv_fn = vfs_gpfs_pread_recv,
2345 .pwrite_fn = vfs_gpfs_pwrite,
2346 .pwrite_send_fn = vfs_gpfs_pwrite_send,
2347 .pwrite_recv_fn = vfs_gpfs_pwrite_recv,
2348 .ftruncate_fn = vfs_gpfs_ftruncate
2351 NTSTATUS vfs_gpfs_init(void);
2352 NTSTATUS vfs_gpfs_init(void)
2356 return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "gpfs",