/*
* Delete an odir.
*
* Remove the odir from the tree list before freeing resources
* associated with the odir.
*/
void
smb_odir_delete(void *arg)
{
smb_tree_t *tree;
smb_odir_t *od = (smb_odir_t *)arg;
SMB_ODIR_VALID(od);
ASSERT(od->d_refcnt == 0);
ASSERT(od->d_state == SMB_ODIR_STATE_CLOSED);
tree = od->d_tree;
smb_llist_enter(&tree->t_odir_list, RW_WRITER);
smb_llist_remove(&tree->t_odir_list, od);
smb_idpool_free(&tree->t_odid_pool, od->d_odid);
atomic_dec_32(&tree->t_session->s_dir_cnt);
smb_llist_exit(&tree->t_odir_list);
mutex_enter(&od->d_mutex);
mutex_exit(&od->d_mutex);
od->d_magic = 0;
smb_node_release(od->d_dnode);
smb_user_release(od->d_user);
mutex_destroy(&od->d_mutex);
kmem_cache_free(smb_cache_odir, od);
}
/*
* Delete an ofile.
*
* Remove the ofile from the tree list before freeing resources
* associated with the ofile.
*/
void
smb_ofile_delete(void *arg)
{
smb_tree_t *tree;
smb_ofile_t *of = (smb_ofile_t *)arg;
SMB_OFILE_VALID(of);
ASSERT(of->f_refcnt == 0);
ASSERT(of->f_state == SMB_OFILE_STATE_CLOSED);
ASSERT(!SMB_OFILE_OPLOCK_GRANTED(of));
tree = of->f_tree;
smb_llist_enter(&tree->t_ofile_list, RW_WRITER);
smb_llist_remove(&tree->t_ofile_list, of);
smb_idpool_free(&tree->t_fid_pool, of->f_fid);
atomic_dec_32(&tree->t_session->s_file_cnt);
smb_llist_exit(&tree->t_ofile_list);
mutex_enter(&of->f_mutex);
mutex_exit(&of->f_mutex);
switch (of->f_ftype) {
case SMB_FTYPE_BYTE_PIPE:
case SMB_FTYPE_MESG_PIPE:
smb_opipe_dealloc(of->f_pipe);
of->f_pipe = NULL;
break;
case SMB_FTYPE_DISK:
if (of->f_odir != NULL)
smb_odir_release(of->f_odir);
smb_node_rem_ofile(of->f_node, of);
smb_node_release(of->f_node);
break;
default:
ASSERT(!"f_ftype");
break;
}
of->f_magic = (uint32_t)~SMB_OFILE_MAGIC;
mutex_destroy(&of->f_mutex);
crfree(of->f_cr);
smb_user_release(of->f_user);
kmem_cache_free(smb_cache_ofile, of);
}
/*
* smb_ofile_open
*/
smb_ofile_t *
smb_ofile_open(
smb_request_t *sr,
smb_node_t *node,
struct open_param *op,
uint16_t ftype,
uint32_t uniqid,
smb_error_t *err)
{
smb_tree_t *tree = sr->tid_tree;
smb_ofile_t *of;
uint16_t fid;
smb_attr_t attr;
int rc;
enum errstates { EMPTY, FIDALLOC, CRHELD, MUTEXINIT };
enum errstates state = EMPTY;
if (smb_idpool_alloc(&tree->t_fid_pool, &fid)) {
err->status = NT_STATUS_TOO_MANY_OPENED_FILES;
err->errcls = ERRDOS;
err->errcode = ERROR_TOO_MANY_OPEN_FILES;
return (NULL);
}
state = FIDALLOC;
of = kmem_cache_alloc(smb_cache_ofile, KM_SLEEP);
bzero(of, sizeof (smb_ofile_t));
of->f_magic = SMB_OFILE_MAGIC;
of->f_refcnt = 1;
of->f_fid = fid;
of->f_uniqid = uniqid;
of->f_opened_by_pid = sr->smb_pid;
of->f_granted_access = op->desired_access;
of->f_share_access = op->share_access;
of->f_create_options = op->create_options;
of->f_cr = (op->create_options & FILE_OPEN_FOR_BACKUP_INTENT) ?
smb_user_getprivcred(sr->uid_user) : sr->uid_user->u_cred;
crhold(of->f_cr);
state = CRHELD;
of->f_ftype = ftype;
of->f_server = tree->t_server;
of->f_session = tree->t_session;
/*
* grab a ref for of->f_user
* released in smb_ofile_delete()
*/
smb_user_hold_internal(sr->uid_user);
of->f_user = sr->uid_user;
of->f_tree = tree;
of->f_node = node;
mutex_init(&of->f_mutex, NULL, MUTEX_DEFAULT, NULL);
state = MUTEXINIT;
of->f_state = SMB_OFILE_STATE_OPEN;
if (ftype == SMB_FTYPE_MESG_PIPE) {
/* See smb_opipe_open. */
of->f_pipe = op->pipe;
smb_server_inc_pipes(of->f_server);
} else {
ASSERT(ftype == SMB_FTYPE_DISK); /* Regular file, not a pipe */
ASSERT(node);
/*
* Note that the common open path often adds bits like
* READ_CONTROL, so the logic "is this open exec-only"
* needs to look at only the FILE_DATA_ALL bits.
*/
if ((of->f_granted_access & FILE_DATA_ALL) == FILE_EXECUTE)
of->f_flags |= SMB_OFLAGS_EXECONLY;
bzero(&attr, sizeof (smb_attr_t));
attr.sa_mask = SMB_AT_UID | SMB_AT_DOSATTR;
rc = smb_node_getattr(NULL, node, of->f_cr, NULL, &attr);
if (rc != 0) {
err->status = NT_STATUS_INTERNAL_ERROR;
err->errcls = ERRDOS;
err->errcode = ERROR_INTERNAL_ERROR;
goto errout;
}
if (crgetuid(of->f_cr) == attr.sa_vattr.va_uid) {
/*
* Add this bit for the file's owner even if it's not
* specified in the request (Windows behavior).
*/
of->f_granted_access |= FILE_READ_ATTRIBUTES;
}
if (smb_node_is_file(node)) {
of->f_mode =
smb_fsop_amask_to_omode(of->f_granted_access);
if (smb_fsop_open(node, of->f_mode, of->f_cr) != 0) {
err->status = NT_STATUS_ACCESS_DENIED;
err->errcls = ERRDOS;
err->errcode = ERROR_ACCESS_DENIED;
goto errout;
}
}
if (tree->t_flags & SMB_TREE_READONLY)
of->f_flags |= SMB_OFLAGS_READONLY;
/*
* Note that if we created_readonly, that
* will _not_ yet show in attr.sa_dosattr
* so creating a readonly file gives the
* caller a writable handle as it should.
*/
if (attr.sa_dosattr & FILE_ATTRIBUTE_READONLY)
of->f_flags |= SMB_OFLAGS_READONLY;
smb_node_inc_open_ofiles(node);
smb_node_add_ofile(node, of);
smb_node_ref(node);
smb_server_inc_files(of->f_server);
}
smb_llist_enter(&tree->t_ofile_list, RW_WRITER);
smb_llist_insert_tail(&tree->t_ofile_list, of);
smb_llist_exit(&tree->t_ofile_list);
atomic_inc_32(&tree->t_open_files);
atomic_inc_32(&of->f_session->s_file_cnt);
return (of);
errout:
switch (state) {
case MUTEXINIT:
mutex_destroy(&of->f_mutex);
smb_user_release(of->f_user);
/*FALLTHROUGH*/
case CRHELD:
crfree(of->f_cr);
of->f_magic = 0;
kmem_cache_free(smb_cache_ofile, of);
/*FALLTHROUGH*/
case FIDALLOC:
smb_idpool_free(&tree->t_fid_pool, fid);
/*FALLTHROUGH*/
case EMPTY:
break;
}
return (NULL);
}
/*
* This is the common dispatch function for SMB2, used for both
* synchronous and asynchronous requests. In the async case,
* this runs twice: once for the initial processing where the
* initial handler returns NT_STATUS_PENDING, and then a second
* time (with async_func != NULL) for the "real work".
* Note the async_func == NULL for "normal" calls, and the
* handler function is taken from the dispatch table.
*/
static int
smb2sr_dispatch(smb_request_t *sr,
smb_sdrc_t (*async_func)(smb_request_t *))
{
const smb_disp_entry_t *sdd;
smb_disp_stats_t *sds;
smb_session_t *session;
smb_server_t *server;
boolean_t related;
int rc = 0;
session = sr->session;
server = session->s_server;
/*
* Validate the commmand code, get dispatch table entries.
* [MS-SMB2] 3.3.5.2.6 Handling Incorrectly Formatted...
*
* The last slot in the dispatch table is used to handle
* invalid commands. Same for statistics.
*/
if (sr->smb2_cmd_code < SMB2_INVALID_CMD) {
sdd = &smb2_disp_table[sr->smb2_cmd_code];
sds = &server->sv_disp_stats2[sr->smb2_cmd_code];
} else {
sdd = &smb2_disp_table[SMB2_INVALID_CMD];
sds = &server->sv_disp_stats2[SMB2_INVALID_CMD];
}
if (sr->smb2_hdr_flags & SMB2_FLAGS_SERVER_TO_REDIR) {
smb2sr_put_error(sr, NT_STATUS_INVALID_PARAMETER);
goto done;
}
/*
* If this command is NOT "related" to the previous,
* clear out the UID, TID, FID state that might be
* left over from the previous command.
*
* Also, if the command IS related, but is declining to
* inherit the previous UID or TID, then clear out the
* previous session or tree now. This simplifies the
* inheritance logic below. Similar logic for FIDs
* happens in smb2sr_lookup_fid()
*/
related = (sr->smb2_hdr_flags & SMB2_FLAGS_RELATED_OPERATIONS);
if (!related &&
sr->fid_ofile != NULL) {
smb_ofile_request_complete(sr->fid_ofile);
smb_ofile_release(sr->fid_ofile);
sr->fid_ofile = NULL;
}
if ((!related || sr->smb_tid != INHERIT_ID) &&
sr->tid_tree != NULL) {
smb_tree_release(sr->tid_tree);
sr->tid_tree = NULL;
}
if ((!related || sr->smb_uid != INHERIT_ID) &&
sr->uid_user != NULL) {
smb_user_release(sr->uid_user);
sr->uid_user = NULL;
}
/*
* Make sure we have a user and tree as needed
* according to the flags for the this command.
* In a compound, a "related" command may inherit
* the UID, TID, and FID from previous commands
* using the special INHERIT_ID (all ones).
*/
if ((sdd->sdt_flags & SDDF_SUPPRESS_UID) == 0) {
/*
* This command requires a user session.
*/
if (related && sr->smb_uid == INHERIT_ID &&
sr->uid_user != NULL) {
sr->smb_uid = sr->uid_user->u_uid;
} else {
ASSERT3P(sr->uid_user, ==, NULL);
sr->uid_user = smb_session_lookup_uid(session,
sr->smb_uid);
}
if (sr->uid_user == NULL) {
/* [MS-SMB2] 3.3.5.2.9 Verifying the Session */
smb2sr_put_error(sr, NT_STATUS_USER_SESSION_DELETED);
goto done;
}
sr->user_cr = smb_user_getcred(sr->uid_user);
}
if ((sdd->sdt_flags & SDDF_SUPPRESS_TID) == 0) {
/*
* This command requires a tree connection.
*/
if (related && sr->smb_tid == INHERIT_ID &&
sr->tid_tree != NULL) {
sr->smb_tid = sr->tid_tree->t_tid;
} else {
ASSERT3P(sr->tid_tree, ==, NULL);
sr->tid_tree = smb_session_lookup_tree(session,
sr->smb_tid);
}
if (sr->tid_tree == NULL) {
/* [MS-SMB2] 3.3.5.2.11 Verifying the Tree Connect */
smb2sr_put_error(sr, NT_STATUS_NETWORK_NAME_DELETED);
goto done;
}
}
/*
* The real work: call the SMB2 command handler.
*/
sr->sr_time_start = gethrtime();
if (async_func != NULL) {
rc = (*async_func)(sr);
} else {
/* NB: not using pre_op */
rc = (*sdd->sdt_function)(sr);
/* NB: not using post_op */
}
MBC_FLUSH(&sr->raw_data);
done:
/*
* Pad the reply to align(8) if necessary.
*/
if (sr->reply.chain_offset & 7) {
int padsz = 8 - (sr->reply.chain_offset & 7);
(void) smb_mbc_encodef(&sr->reply, "#.", padsz);
}
ASSERT((sr->reply.chain_offset & 7) == 0);
/*
* Record some statistics: latency, rx bytes, tx bytes
*/
smb_latency_add_sample(&sds->sdt_lat,
gethrtime() - sr->sr_time_start);
atomic_add_64(&sds->sdt_rxb,
(int64_t)(sr->command.chain_offset - sr->smb2_cmd_hdr));
atomic_add_64(&sds->sdt_txb,
(int64_t)(sr->reply.chain_offset - sr->smb2_reply_hdr));
return (rc);
}