The branch, master has been updated via fc45fcfde51 vfs_default: assert all passed in fsp's and names are non-stream type via 51243e38497 vfs_streams_xattr: restrict which fcntl's are allowed on streams via f0299abf1b2 smbd: skip access checks for stat-opens on streams in open_file() via 06555c6bcb5 smbd: use metadata_fsp() in get_acl_group_bits() via 3af8f8e8741 smbd: ignore request to set the SPARSE attribute on streams via 55e55804bb2 smbd: use metadata_fsp() with SMB_VFS_FSET_DOS_ATTRIBUTES() via 03b9ce84736 smbd: use metadata_fsp() with SMB_VFS_FGET_DOS_ATTRIBUTES() via 4ab29e2a345 smbd: use metadata_fsp() with SMB_VFS_FSET_NT_ACL() via c949e4b2a42 smbd: use metadata_fsp() with SMB_VFS_FGET_NT_ACL() via 23bc760ec5d CI: add a test trying to delete a stream on a pathref ("stat open") handle via 92e0045d7ca vfs_xattr_tdb: add "xattr_tdb:ignore_user_xattr" option via 451ad315a9b vfs_xattr_tdb: add a module config via b26dc252aaf vfs_xattr_tdb: move close_xattr_db() via 0d3995cec10 smdb: use fsp_is_alternate_stream() in open_file() from 042141efdb5 third_party: Reformat shell scripts
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit fc45fcfde51b0b0bdcd524c82a0f9eabf7273045 Author: Ralph Boehme <s...@samba.org> Date: Wed Jul 27 18:40:21 2022 +0200 vfs_default: assert all passed in fsp's and names are non-stream type Enforce fsp is a non-stream one in as many VFS operations as possible in vfs_default. We really need an assert here instead of returning an error, as otherwise he can have very hard to diagnose bugs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> Autobuild-User(master): Volker Lendecke <v...@samba.org> Autobuild-Date(master): Wed Aug 10 16:32:35 UTC 2022 on sn-devel-184 commit 51243e3849736acbbf1d8f52cc02cdec5995fde4 Author: Ralph Boehme <s...@samba.org> Date: Fri Jul 29 07:07:25 2022 +0200 vfs_streams_xattr: restrict which fcntl's are allowed on streams BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit f0299abf1b28a14518328710d9f84bef17fd2ecf Author: Ralph Boehme <s...@samba.org> Date: Wed Jul 27 15:58:37 2022 +0200 smbd: skip access checks for stat-opens on streams in open_file() For streams, access is already checked in create_file_unixpath() by check_base_file_access(). We already skip the access check in this function when doing an IO open of a file, see above in open_file(), also skip it for "stat opens". BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 06555c6bcb5644fc9eea35b3cbae8d8801c65ab6 Author: Ralph Boehme <s...@samba.org> Date: Wed Jul 27 19:05:26 2022 +0200 smbd: use metadata_fsp() in get_acl_group_bits() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 3af8f8e8741cc8c889bbf416ccd38a1b702917ec Author: Ralph Boehme <s...@samba.org> Date: Fri Jul 29 14:56:41 2022 +0200 smbd: ignore request to set the SPARSE attribute on streams As per MS-FSA 2.1.1.5 this is a per stream attribute, but our backends don't support it in a consistent way, therefor just pretend success and ignore the request. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 55e55804bb2d0f21c1bbe207257bb40555f3b7a2 Author: Ralph Boehme <s...@samba.org> Date: Fri Jul 29 14:56:21 2022 +0200 smbd: use metadata_fsp() with SMB_VFS_FSET_DOS_ATTRIBUTES() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 03b9ce84736d536ab2dd8a5ce1a2656e6a90c8c8 Author: Ralph Boehme <s...@samba.org> Date: Fri Jul 29 14:55:08 2022 +0200 smbd: use metadata_fsp() with SMB_VFS_FGET_DOS_ATTRIBUTES() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 4ab29e2a345b48ebba652d5154e96adf954a6757 Author: Ralph Boehme <s...@samba.org> Date: Fri Jul 29 14:54:07 2022 +0200 smbd: use metadata_fsp() with SMB_VFS_FSET_NT_ACL() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit c949e4b2a42423ac3851e86e489fd0c5d46d7f1f Author: Ralph Boehme <s...@samba.org> Date: Fri Jul 29 14:49:56 2022 +0200 smbd: use metadata_fsp() with SMB_VFS_FGET_NT_ACL() BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 23bc760ec5d61208c2d8778991e3d7e202eab352 Author: Ralph Boehme <s...@samba.org> Date: Wed Jul 27 13:37:32 2022 +0200 CI: add a test trying to delete a stream on a pathref ("stat open") handle When using vfs_streams_xattr, for a pathref handle of a stream the system fd will be a fake fd created by pipe() in vfs_fake_fd(). For the following callchain we wrongly pass a stream fsp to SMB_VFS_FGET_NT_ACL(): SMB_VFS_CREATE_FILE(..., "file:stream", ...) => open_file(): if (open_fd): -> taking the else branch: -> smbd_check_access_rights_fsp(stream_fsp) -> SMB_VFS_FGET_NT_ACL(stream_fsp) This is obviously wrong and can lead to strange permission errors when using vfs_acl_xattr: in vfs_acl_xattr we will try to read the stored ACL by calling fgetxattr(fake-fd) which of course faild with EBADF. Now unfortunately the vfs_acl_xattr code ignores the specific error and handles this as if there was no ACL stored and subsequently runs the code to synthesize a default ACL according to the setting of "acl:default acl style". As the correct access check for streams has already been carried out by calling check_base_file_access() from create_file_unixpath(), the above problem is not a security issue: it can only lead to "decreased" permissions resulting in unexpected ACCESS_DENIED errors. The fix is obviously going to be calling smbd_check_access_rights_fsp(stream_fsp->base_fsp). This test verifies that deleting a file works when the stored NT ACL grants DELETE_FILE while the basic POSIX permissions (used in the acl_xattr fallback code) do not. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 92e0045d7ca7c0b94efd0244ba0e426cad0a05b6 Author: Ralph Boehme <s...@samba.org> Date: Wed Jul 27 12:47:21 2022 +0200 vfs_xattr_tdb: add "xattr_tdb:ignore_user_xattr" option Allows passing on "user." xattr to the backend. This can be useful for testing specific aspects of operation on streams when "streams_xattr" is configured as stream filesystem backend. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 451ad315a9bf32c627e1966ec30185542701c87e Author: Ralph Boehme <s...@samba.org> Date: Wed Jul 27 11:59:54 2022 +0200 vfs_xattr_tdb: add a module config BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit b26dc252aaf3f4b960bdfdb6a3dfe612b89fcdd5 Author: Ralph Boehme <s...@samba.org> Date: Wed Jul 27 12:43:01 2022 +0200 vfs_xattr_tdb: move close_xattr_db() This just makes the diff of the next commit smaller and easier to digest. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 0d3995cec10c5fae8c8b6a1df312062e38437e6f Author: Ralph Boehme <s...@samba.org> Date: Wed Jul 27 16:04:24 2022 +0200 smdb: use fsp_is_alternate_stream() in open_file() No change in behaviour. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126 MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643 Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> ----------------------------------------------------------------------- Summary of changes: selftest/target/Samba3.pm | 7 + source3/modules/vfs_default.c | 92 +++++---- source3/modules/vfs_streams_xattr.c | 33 ++++ source3/modules/vfs_xattr_tdb.c | 293 +++++++++++++++++++---------- source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 2 +- source3/script/tests/test_delete_stream.sh | 123 ++++++++++++ source3/selftest/tests.py | 1 + source3/smbd/dir.c | 2 +- source3/smbd/dosmode.c | 21 ++- source3/smbd/file_access.c | 2 +- source3/smbd/open.c | 64 ++++--- source3/smbd/posix_acls.c | 2 +- source3/smbd/pysmbd.c | 4 +- source3/torture/cmd_vfs.c | 12 +- 14 files changed, 479 insertions(+), 179 deletions(-) create mode 100755 source3/script/tests/test_delete_stream.sh Changeset truncated at 500 lines: diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 1a4bf7439ef..2313f6fce36 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -3366,6 +3366,13 @@ sub provision($$) copy = tmp vfs objects = streams_xattr xattr_tdb +[acl_streams_xattr] + copy = tmp + vfs objects = acl_xattr streams_xattr fake_acls xattr_tdb + acl_xattr:ignore system acls = yes + acl_xattr:security_acl_name = user.acl + xattr_tdb:ignore_user_xattr = yes + [compound_find] copy = tmp smbd:find async delay usec = 10000 diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index 9cf70fd84ce..dee8ff50df4 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -707,11 +707,7 @@ static int vfswrap_openat(vfs_handle_struct *handle, goto out; } - if (is_named_stream(smb_fname)) { - errno = ENOENT; - result = -1; - goto out; - } + SMB_ASSERT(!is_named_stream(smb_fname)); #ifdef O_PATH have_opath = true; @@ -1258,17 +1254,14 @@ static int vfswrap_renameat(vfs_handle_struct *handle, START_PROFILE(syscall_renameat); - if (is_named_stream(smb_fname_src) || is_named_stream(smb_fname_dst)) { - errno = ENOENT; - goto out; - } + SMB_ASSERT(!is_named_stream(smb_fname_src)); + SMB_ASSERT(!is_named_stream(smb_fname_dst)); result = renameat(fsp_get_pathref_fd(srcfsp), smb_fname_src->base_name, fsp_get_pathref_fd(dstfsp), smb_fname_dst->base_name); - out: END_PROFILE(syscall_renameat); return result; } @@ -1280,14 +1273,11 @@ static int vfswrap_stat(vfs_handle_struct *handle, START_PROFILE(syscall_stat); - if (is_named_stream(smb_fname)) { - errno = ENOENT; - goto out; - } + SMB_ASSERT(!is_named_stream(smb_fname)); result = sys_stat(smb_fname->base_name, &smb_fname->st, lp_fake_directory_create_times(SNUM(handle->conn))); - out: + END_PROFILE(syscall_stat); return result; } @@ -1310,14 +1300,11 @@ static int vfswrap_lstat(vfs_handle_struct *handle, START_PROFILE(syscall_lstat); - if (is_named_stream(smb_fname)) { - errno = ENOENT; - goto out; - } + SMB_ASSERT(!is_named_stream(smb_fname)); result = sys_lstat(smb_fname->base_name, &smb_fname->st, lp_fake_directory_create_times(SNUM(handle->conn))); - out: + END_PROFILE(syscall_lstat); return result; } @@ -1333,10 +1320,7 @@ static int vfswrap_fstatat( START_PROFILE(syscall_fstatat); - if (is_named_stream(smb_fname)) { - errno = ENOENT; - goto out; - } + SMB_ASSERT(!is_named_stream(smb_fname)); result = sys_fstatat( fsp_get_pathref_fd(dirfsp), @@ -1344,7 +1328,7 @@ static int vfswrap_fstatat( sbuf, flags, lp_fake_directory_create_times(SNUM(handle->conn))); - out: + END_PROFILE(syscall_fstatat); return result; } @@ -1441,6 +1425,8 @@ static NTSTATUS vfswrap_fsctl(struct vfs_handle_struct *handle, char **out_data = (char **)_out_data; NTSTATUS status; + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + switch (function) { case FSCTL_SET_SPARSE: { @@ -1805,6 +1791,8 @@ static struct tevent_req *vfswrap_get_dos_attributes_send( struct tevent_req *subreq = NULL; struct vfswrap_get_dos_attributes_state *state = NULL; + SMB_ASSERT(!is_named_stream(smb_fname)); + req = tevent_req_create(mem_ctx, &state, struct vfswrap_get_dos_attributes_state); if (req == NULL) { @@ -1961,6 +1949,8 @@ static NTSTATUS vfswrap_fget_dos_attributes(struct vfs_handle_struct *handle, { bool offline; + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + offline = vfswrap_is_offline(handle->conn, fsp->fsp_name); if (offline) { *dosmode |= FILE_ATTRIBUTE_OFFLINE; @@ -1973,6 +1963,8 @@ static NTSTATUS vfswrap_fset_dos_attributes(struct vfs_handle_struct *handle, struct files_struct *fsp, uint32_t dosmode) { + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + return set_ea_dos_attribute(handle->conn, fsp->fsp_name, dosmode); } @@ -2649,15 +2641,12 @@ static int vfswrap_unlinkat(vfs_handle_struct *handle, START_PROFILE(syscall_unlinkat); - if (is_named_stream(smb_fname)) { - errno = ENOENT; - goto out; - } + SMB_ASSERT(!is_named_stream(smb_fname)); + result = unlinkat(fsp_get_pathref_fd(dirfsp), smb_fname->base_name, flags); - out: END_PROFILE(syscall_unlinkat); return result; } @@ -3142,6 +3131,8 @@ static int vfswrap_linux_setlease(vfs_handle_struct *handle, files_struct *fsp, START_PROFILE(syscall_linux_setlease); + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + #ifdef HAVE_KERNEL_OPLOCKS_LINUX result = linux_setlease(fsp_get_io_fd(fsp), leasetype); #else @@ -3160,6 +3151,8 @@ static int vfswrap_symlinkat(vfs_handle_struct *handle, START_PROFILE(syscall_symlinkat); + SMB_ASSERT(!is_named_stream(new_smb_fname)); + result = symlinkat(link_target->base_name, fsp_get_pathref_fd(dirfsp), new_smb_fname->base_name); @@ -3177,6 +3170,8 @@ static int vfswrap_readlinkat(vfs_handle_struct *handle, START_PROFILE(syscall_readlinkat); + SMB_ASSERT(!is_named_stream(smb_fname)); + result = readlinkat(fsp_get_pathref_fd(dirfsp), smb_fname->base_name, buf, @@ -3197,6 +3192,9 @@ static int vfswrap_linkat(vfs_handle_struct *handle, START_PROFILE(syscall_linkat); + SMB_ASSERT(!is_named_stream(old_smb_fname)); + SMB_ASSERT(!is_named_stream(new_smb_fname)); + result = linkat(fsp_get_pathref_fd(srcfsp), old_smb_fname->base_name, fsp_get_pathref_fd(dstfsp), @@ -3217,6 +3215,8 @@ static int vfswrap_mknodat(vfs_handle_struct *handle, START_PROFILE(syscall_mknodat); + SMB_ASSERT(!is_named_stream(smb_fname)); + result = sys_mknodat(fsp_get_pathref_fd(dirfsp), smb_fname->base_name, mode, @@ -3255,6 +3255,8 @@ static int vfswrap_fchflags(vfs_handle_struct *handle, #ifdef HAVE_FCHFLAGS int fd = fsp_get_pathref_fd(fsp); + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + if (!fsp->fsp_flags.is_pathref) { return fchflags(fd, flags); } @@ -3326,6 +3328,8 @@ static NTSTATUS vfswrap_fstreaminfo(vfs_handle_struct *handle, struct stream_struct *streams = *pstreams; NTSTATUS status; + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + if (fsp->fsp_flags.is_directory) { /* * No default streams on directories @@ -3426,6 +3430,9 @@ static NTSTATUS vfswrap_fget_nt_acl(vfs_handle_struct *handle, NTSTATUS result; START_PROFILE(fget_nt_acl); + + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + result = posix_fget_nt_acl(fsp, security_info, mem_ctx, ppdesc); END_PROFILE(fget_nt_acl); @@ -3437,6 +3444,9 @@ static NTSTATUS vfswrap_fset_nt_acl(vfs_handle_struct *handle, files_struct *fsp NTSTATUS result; START_PROFILE(fset_nt_acl); + + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + result = set_nt_acl(fsp, security_info_sent, psd); END_PROFILE(fset_nt_acl); return result; @@ -3456,6 +3466,8 @@ static SMB_ACL_T vfswrap_sys_acl_get_fd(vfs_handle_struct *handle, SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx) { + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + return sys_acl_get_fd(handle, fsp, type, mem_ctx); } @@ -3464,12 +3476,16 @@ static int vfswrap_sys_acl_set_fd(vfs_handle_struct *handle, SMB_ACL_TYPE_T type, SMB_ACL_T theacl) { + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + return sys_acl_set_fd(handle, fsp, type, theacl); } static int vfswrap_sys_acl_delete_def_fd(vfs_handle_struct *handle, files_struct *fsp) { + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + return sys_acl_delete_def_fd(handle, fsp); } @@ -3485,6 +3501,8 @@ static ssize_t vfswrap_fgetxattr(struct vfs_handle_struct *handle, { int fd = fsp_get_pathref_fd(fsp); + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + if (!fsp->fsp_flags.is_pathref) { return fgetxattr(fd, name, value, size); } @@ -3555,6 +3573,8 @@ static struct tevent_req *vfswrap_getxattrat_send( bool have_per_thread_creds = false; bool do_async = false; + SMB_ASSERT(!is_named_stream(smb_fname)); + req = tevent_req_create(mem_ctx, &state, struct vfswrap_getxattrat_state); if (req == NULL) { @@ -3661,10 +3681,9 @@ static void vfswrap_getxattrat_do_sync(struct tevent_req *req) { struct vfswrap_getxattrat_state *state = tevent_req_data( req, struct vfswrap_getxattrat_state); - struct files_struct *fsp = metadata_fsp(state->smb_fname->fsp); state->xattr_size = vfswrap_fgetxattr(state->handle, - fsp, + state->smb_fname->fsp, state->xattr_name, state->xattr_value, talloc_array_length(state->xattr_value)); @@ -3684,7 +3703,6 @@ static void vfswrap_getxattrat_do_async(void *private_data) struct timespec start_time; struct timespec end_time; int ret; - struct files_struct *fsp = metadata_fsp(state->smb_fname->fsp); PROFILE_TIMESTAMP(&start_time); SMBPROFILE_BYTES_ASYNC_SET_BUSY(state->profile_bytes); @@ -3708,7 +3726,7 @@ static void vfswrap_getxattrat_do_async(void *private_data) } state->xattr_size = vfswrap_fgetxattr(state->handle, - fsp, + state->smb_fname->fsp, state->xattr_name, state->xattr_value, talloc_array_length(state->xattr_value)); @@ -3809,6 +3827,8 @@ static ssize_t vfswrap_flistxattr(struct vfs_handle_struct *handle, struct files { int fd = fsp_get_pathref_fd(fsp); + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + if (!fsp->fsp_flags.is_pathref) { return flistxattr(fd, list, size); } @@ -3835,6 +3855,8 @@ static int vfswrap_fremovexattr(struct vfs_handle_struct *handle, struct files_s { int fd = fsp_get_pathref_fd(fsp); + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + if (!fsp->fsp_flags.is_pathref) { return fremovexattr(fd, name); } @@ -3861,6 +3883,8 @@ static int vfswrap_fsetxattr(struct vfs_handle_struct *handle, struct files_stru { int fd = fsp_get_pathref_fd(fsp); + SMB_ASSERT(!fsp_is_alternate_stream(fsp)); + if (!fsp->fsp_flags.is_pathref) { return fsetxattr(fd, name, value, size, flags); } diff --git a/source3/modules/vfs_streams_xattr.c b/source3/modules/vfs_streams_xattr.c index 3dfb894a800..f3371ca9b7e 100644 --- a/source3/modules/vfs_streams_xattr.c +++ b/source3/modules/vfs_streams_xattr.c @@ -1539,6 +1539,38 @@ static bool streams_xattr_strict_lock_check(struct vfs_handle_struct *handle, return true; } +static int streams_xattr_fcntl(vfs_handle_struct *handle, + files_struct *fsp, + int cmd, + va_list cmd_arg) +{ + va_list dup_cmd_arg; + void *arg; + int ret; + + if (fsp_is_alternate_stream(fsp)) { + switch (cmd) { + case F_GETFL: + case F_SETFL: + break; + default: + DBG_ERR("Unsupported fcntl() cmd [%d] on [%s]\n", + cmd, fsp_str_dbg(fsp)); + errno = EINVAL; + return -1; + } + } + + va_copy(dup_cmd_arg, cmd_arg); + arg = va_arg(dup_cmd_arg, void *); + + ret = SMB_VFS_NEXT_FCNTL(handle, fsp, cmd, arg); + + va_end(dup_cmd_arg); + + return ret; +} + static struct vfs_fn_pointers vfs_streams_xattr_fns = { .fs_capabilities_fn = streams_xattr_fs_capabilities, .connect_fn = streams_xattr_connect, @@ -1567,6 +1599,7 @@ static struct vfs_fn_pointers vfs_streams_xattr_fns = { .filesystem_sharemode_fn = streams_xattr_filesystem_sharemode, .linux_setlease_fn = streams_xattr_linux_setlease, .strict_lock_check_fn = streams_xattr_strict_lock_check, + .fcntl_fn = streams_xattr_fcntl, .fchown_fn = streams_xattr_fchown, .fchmod_fn = streams_xattr_fchmod, diff --git a/source3/modules/vfs_xattr_tdb.c b/source3/modules/vfs_xattr_tdb.c index 07b95899d80..261ebc2b213 100644 --- a/source3/modules/vfs_xattr_tdb.c +++ b/source3/modules/vfs_xattr_tdb.c @@ -29,7 +29,21 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_VFS -static bool xattr_tdb_init(int snum, TALLOC_CTX *mem_ctx, struct db_context **p_db); +struct xattr_tdb_config { + struct db_context *db; + bool ignore_user_xattr; +}; + +static bool xattr_tdb_init(struct vfs_handle_struct *handle, + struct xattr_tdb_config **_config); + +static bool is_user_xattr(const char *xattr_name) +{ + int match; + + match = strncmp(xattr_name, "user.", strlen("user.")); + return (match == 0); +} static int xattr_tdb_get_file_id(struct vfs_handle_struct *handle, const char *path, struct file_id *id) @@ -68,6 +82,8 @@ struct xattr_tdb_getxattrat_state { uint8_t *xattr_value; }; +static void xattr_tdb_getxattrat_done(struct tevent_req *subreq); + static struct tevent_req *xattr_tdb_getxattrat_send( TALLOC_CTX *mem_ctx, struct tevent_context *ev, @@ -77,16 +93,21 @@ static struct tevent_req *xattr_tdb_getxattrat_send( const char *xattr_name, size_t alloc_hint) { + struct xattr_tdb_config *config = NULL; struct tevent_req *req = NULL; + struct tevent_req *subreq = NULL; struct xattr_tdb_getxattrat_state *state = NULL; struct smb_filename *cwd = NULL; - struct db_context *db = NULL; struct file_id id; int ret; int error; int cwd_ret; DATA_BLOB xattr_blob; + if (!xattr_tdb_init(handle, &config)) { + return NULL; + } + req = tevent_req_create(mem_ctx, &state, struct xattr_tdb_getxattrat_state); if (req == NULL) { @@ -94,11 +115,20 @@ static struct tevent_req *xattr_tdb_getxattrat_send( } state->xattr_size = -1; - SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, - if (!xattr_tdb_init(-1, state, &db)) { - tevent_req_error(req, EIO); - return tevent_req_post(req, ev); - }); + if (config->ignore_user_xattr && is_user_xattr(xattr_name)) { + subreq = SMB_VFS_NEXT_GETXATTRAT_SEND(state, + ev, + handle, + dir_fsp, + smb_fname, + xattr_name, + alloc_hint); + if (tevent_req_nomem(subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(subreq, xattr_tdb_getxattrat_done, req); + return req; + } cwd = SMB_VFS_GETWD(dir_fsp->conn, state); if (tevent_req_nomem(cwd, req)) { @@ -122,7 +152,7 @@ static struct tevent_req *xattr_tdb_getxattrat_send( return tevent_req_post(req, ev); } - state->xattr_size = xattr_tdb_getattr(db, + state->xattr_size = xattr_tdb_getattr(config->db, state, &id, xattr_name, @@ -166,6 +196,27 @@ static struct tevent_req *xattr_tdb_getxattrat_send( return tevent_req_post(req, ev); } +static void xattr_tdb_getxattrat_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( -- Samba Shared Repository