The branch, master has been updated
via fc45fcfde51 vfs_default: assert all passed in fsp's and names are
non-stream type
via 51243e38497 vfs_streams_xattr: restrict which fcntl's are allowed
on streams
via f0299abf1b2 smbd: skip access checks for stat-opens on streams in
open_file()
via 06555c6bcb5 smbd: use metadata_fsp() in get_acl_group_bits()
via 3af8f8e8741 smbd: ignore request to set the SPARSE attribute on
streams
via 55e55804bb2 smbd: use metadata_fsp() with
SMB_VFS_FSET_DOS_ATTRIBUTES()
via 03b9ce84736 smbd: use metadata_fsp() with
SMB_VFS_FGET_DOS_ATTRIBUTES()
via 4ab29e2a345 smbd: use metadata_fsp() with SMB_VFS_FSET_NT_ACL()
via c949e4b2a42 smbd: use metadata_fsp() with SMB_VFS_FGET_NT_ACL()
via 23bc760ec5d CI: add a test trying to delete a stream on a pathref
("stat open") handle
via 92e0045d7ca vfs_xattr_tdb: add "xattr_tdb:ignore_user_xattr" option
via 451ad315a9b vfs_xattr_tdb: add a module config
via b26dc252aaf vfs_xattr_tdb: move close_xattr_db()
via 0d3995cec10 smdb: use fsp_is_alternate_stream() in open_file()
from 042141efdb5 third_party: Reformat shell scripts
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit fc45fcfde51b0b0bdcd524c82a0f9eabf7273045
Author: Ralph Boehme <s...@samba.org>
Date: Wed Jul 27 18:40:21 2022 +0200
vfs_default: assert all passed in fsp's and names are non-stream type
Enforce fsp is a non-stream one in as many VFS operations as possible in
vfs_default. We really need an assert here instead of returning an error, as
otherwise he can have very hard to diagnose bugs.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
Autobuild-User(master): Volker Lendecke <v...@samba.org>
Autobuild-Date(master): Wed Aug 10 16:32:35 UTC 2022 on sn-devel-184
commit 51243e3849736acbbf1d8f52cc02cdec5995fde4
Author: Ralph Boehme <s...@samba.org>
Date: Fri Jul 29 07:07:25 2022 +0200
vfs_streams_xattr: restrict which fcntl's are allowed on streams
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit f0299abf1b28a14518328710d9f84bef17fd2ecf
Author: Ralph Boehme <s...@samba.org>
Date: Wed Jul 27 15:58:37 2022 +0200
smbd: skip access checks for stat-opens on streams in open_file()
For streams, access is already checked in create_file_unixpath() by
check_base_file_access().
We already skip the access check in this function when doing an IO open of a
file, see above in open_file(), also skip it for "stat opens".
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 06555c6bcb5644fc9eea35b3cbae8d8801c65ab6
Author: Ralph Boehme <s...@samba.org>
Date: Wed Jul 27 19:05:26 2022 +0200
smbd: use metadata_fsp() in get_acl_group_bits()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 3af8f8e8741cc8c889bbf416ccd38a1b702917ec
Author: Ralph Boehme <s...@samba.org>
Date: Fri Jul 29 14:56:41 2022 +0200
smbd: ignore request to set the SPARSE attribute on streams
As per MS-FSA 2.1.1.5 this is a per stream attribute, but our backends don't
support it in a consistent way, therefor just pretend success and ignore the
request.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 55e55804bb2d0f21c1bbe207257bb40555f3b7a2
Author: Ralph Boehme <s...@samba.org>
Date: Fri Jul 29 14:56:21 2022 +0200
smbd: use metadata_fsp() with SMB_VFS_FSET_DOS_ATTRIBUTES()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 03b9ce84736d536ab2dd8a5ce1a2656e6a90c8c8
Author: Ralph Boehme <s...@samba.org>
Date: Fri Jul 29 14:55:08 2022 +0200
smbd: use metadata_fsp() with SMB_VFS_FGET_DOS_ATTRIBUTES()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 4ab29e2a345b48ebba652d5154e96adf954a6757
Author: Ralph Boehme <s...@samba.org>
Date: Fri Jul 29 14:54:07 2022 +0200
smbd: use metadata_fsp() with SMB_VFS_FSET_NT_ACL()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit c949e4b2a42423ac3851e86e489fd0c5d46d7f1f
Author: Ralph Boehme <s...@samba.org>
Date: Fri Jul 29 14:49:56 2022 +0200
smbd: use metadata_fsp() with SMB_VFS_FGET_NT_ACL()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 23bc760ec5d61208c2d8778991e3d7e202eab352
Author: Ralph Boehme <s...@samba.org>
Date: Wed Jul 27 13:37:32 2022 +0200
CI: add a test trying to delete a stream on a pathref ("stat open") handle
When using vfs_streams_xattr, for a pathref handle of a stream the system fd
will be a fake fd created by pipe() in vfs_fake_fd().
For the following callchain we wrongly pass a stream fsp to
SMB_VFS_FGET_NT_ACL():
SMB_VFS_CREATE_FILE(..., "file:stream", ...)
=> open_file():
if (open_fd):
-> taking the else branch:
-> smbd_check_access_rights_fsp(stream_fsp)
-> SMB_VFS_FGET_NT_ACL(stream_fsp)
This is obviously wrong and can lead to strange permission errors when using
vfs_acl_xattr:
in vfs_acl_xattr we will try to read the stored ACL by calling
fgetxattr(fake-fd) which of course faild with EBADF. Now unfortunately the
vfs_acl_xattr code ignores the specific error and handles this as if there
was
no ACL stored and subsequently runs the code to synthesize a default ACL
according to the setting of "acl:default acl style".
As the correct access check for streams has already been carried out by
calling
check_base_file_access() from create_file_unixpath(), the above problem is
not
a security issue: it can only lead to "decreased" permissions resulting in
unexpected ACCESS_DENIED errors.
The fix is obviously going to be calling
smbd_check_access_rights_fsp(stream_fsp->base_fsp).
This test verifies that deleting a file works when the stored NT ACL grants
DELETE_FILE while the basic POSIX permissions (used in the acl_xattr
fallback
code) do not.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 92e0045d7ca7c0b94efd0244ba0e426cad0a05b6
Author: Ralph Boehme <s...@samba.org>
Date: Wed Jul 27 12:47:21 2022 +0200
vfs_xattr_tdb: add "xattr_tdb:ignore_user_xattr" option
Allows passing on "user." xattr to the backend. This can be useful for
testing
specific aspects of operation on streams when "streams_xattr" is configured
as
stream filesystem backend.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 451ad315a9bf32c627e1966ec30185542701c87e
Author: Ralph Boehme <s...@samba.org>
Date: Wed Jul 27 11:59:54 2022 +0200
vfs_xattr_tdb: add a module config
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit b26dc252aaf3f4b960bdfdb6a3dfe612b89fcdd5
Author: Ralph Boehme <s...@samba.org>
Date: Wed Jul 27 12:43:01 2022 +0200
vfs_xattr_tdb: move close_xattr_db()
This just makes the diff of the next commit smaller and easier to digest.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
commit 0d3995cec10c5fae8c8b6a1df312062e38437e6f
Author: Ralph Boehme <s...@samba.org>
Date: Wed Jul 27 16:04:24 2022 +0200
smdb: use fsp_is_alternate_stream() in open_file()
No change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Volker Lendecke <v...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
selftest/target/Samba3.pm | 7 +
source3/modules/vfs_default.c | 92 +++++----
source3/modules/vfs_streams_xattr.c | 33 ++++
source3/modules/vfs_xattr_tdb.c | 293 +++++++++++++++++++----------
source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 2 +-
source3/script/tests/test_delete_stream.sh | 123 ++++++++++++
source3/selftest/tests.py | 1 +
source3/smbd/dir.c | 2 +-
source3/smbd/dosmode.c | 21 ++-
source3/smbd/file_access.c | 2 +-
source3/smbd/open.c | 64 ++++---
source3/smbd/posix_acls.c | 2 +-
source3/smbd/pysmbd.c | 4 +-
source3/torture/cmd_vfs.c | 12 +-
14 files changed, 479 insertions(+), 179 deletions(-)
create mode 100755 source3/script/tests/test_delete_stream.sh
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 1a4bf7439ef..2313f6fce36 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -3366,6 +3366,13 @@ sub provision($$)
copy = tmp
vfs objects = streams_xattr xattr_tdb
+[acl_streams_xattr]
+ copy = tmp
+ vfs objects = acl_xattr streams_xattr fake_acls xattr_tdb
+ acl_xattr:ignore system acls = yes
+ acl_xattr:security_acl_name = user.acl
+ xattr_tdb:ignore_user_xattr = yes
+
[compound_find]
copy = tmp
smbd:find async delay usec = 10000
diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c
index 9cf70fd84ce..dee8ff50df4 100644
--- a/source3/modules/vfs_default.c
+++ b/source3/modules/vfs_default.c
@@ -707,11 +707,7 @@ static int vfswrap_openat(vfs_handle_struct *handle,
goto out;
}
- if (is_named_stream(smb_fname)) {
- errno = ENOENT;
- result = -1;
- goto out;
- }
+ SMB_ASSERT(!is_named_stream(smb_fname));
#ifdef O_PATH
have_opath = true;
@@ -1258,17 +1254,14 @@ static int vfswrap_renameat(vfs_handle_struct *handle,
START_PROFILE(syscall_renameat);
- if (is_named_stream(smb_fname_src) || is_named_stream(smb_fname_dst)) {
- errno = ENOENT;
- goto out;
- }
+ SMB_ASSERT(!is_named_stream(smb_fname_src));
+ SMB_ASSERT(!is_named_stream(smb_fname_dst));
result = renameat(fsp_get_pathref_fd(srcfsp),
smb_fname_src->base_name,
fsp_get_pathref_fd(dstfsp),
smb_fname_dst->base_name);
- out:
END_PROFILE(syscall_renameat);
return result;
}
@@ -1280,14 +1273,11 @@ static int vfswrap_stat(vfs_handle_struct *handle,
START_PROFILE(syscall_stat);
- if (is_named_stream(smb_fname)) {
- errno = ENOENT;
- goto out;
- }
+ SMB_ASSERT(!is_named_stream(smb_fname));
result = sys_stat(smb_fname->base_name, &smb_fname->st,
lp_fake_directory_create_times(SNUM(handle->conn)));
- out:
+
END_PROFILE(syscall_stat);
return result;
}
@@ -1310,14 +1300,11 @@ static int vfswrap_lstat(vfs_handle_struct *handle,
START_PROFILE(syscall_lstat);
- if (is_named_stream(smb_fname)) {
- errno = ENOENT;
- goto out;
- }
+ SMB_ASSERT(!is_named_stream(smb_fname));
result = sys_lstat(smb_fname->base_name, &smb_fname->st,
lp_fake_directory_create_times(SNUM(handle->conn)));
- out:
+
END_PROFILE(syscall_lstat);
return result;
}
@@ -1333,10 +1320,7 @@ static int vfswrap_fstatat(
START_PROFILE(syscall_fstatat);
- if (is_named_stream(smb_fname)) {
- errno = ENOENT;
- goto out;
- }
+ SMB_ASSERT(!is_named_stream(smb_fname));
result = sys_fstatat(
fsp_get_pathref_fd(dirfsp),
@@ -1344,7 +1328,7 @@ static int vfswrap_fstatat(
sbuf,
flags,
lp_fake_directory_create_times(SNUM(handle->conn)));
- out:
+
END_PROFILE(syscall_fstatat);
return result;
}
@@ -1441,6 +1425,8 @@ static NTSTATUS vfswrap_fsctl(struct vfs_handle_struct
*handle,
char **out_data = (char **)_out_data;
NTSTATUS status;
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
switch (function) {
case FSCTL_SET_SPARSE:
{
@@ -1805,6 +1791,8 @@ static struct tevent_req *vfswrap_get_dos_attributes_send(
struct tevent_req *subreq = NULL;
struct vfswrap_get_dos_attributes_state *state = NULL;
+ SMB_ASSERT(!is_named_stream(smb_fname));
+
req = tevent_req_create(mem_ctx, &state,
struct vfswrap_get_dos_attributes_state);
if (req == NULL) {
@@ -1961,6 +1949,8 @@ static NTSTATUS vfswrap_fget_dos_attributes(struct
vfs_handle_struct *handle,
{
bool offline;
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
offline = vfswrap_is_offline(handle->conn, fsp->fsp_name);
if (offline) {
*dosmode |= FILE_ATTRIBUTE_OFFLINE;
@@ -1973,6 +1963,8 @@ static NTSTATUS vfswrap_fset_dos_attributes(struct
vfs_handle_struct *handle,
struct files_struct *fsp,
uint32_t dosmode)
{
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
return set_ea_dos_attribute(handle->conn, fsp->fsp_name, dosmode);
}
@@ -2649,15 +2641,12 @@ static int vfswrap_unlinkat(vfs_handle_struct *handle,
START_PROFILE(syscall_unlinkat);
- if (is_named_stream(smb_fname)) {
- errno = ENOENT;
- goto out;
- }
+ SMB_ASSERT(!is_named_stream(smb_fname));
+
result = unlinkat(fsp_get_pathref_fd(dirfsp),
smb_fname->base_name,
flags);
- out:
END_PROFILE(syscall_unlinkat);
return result;
}
@@ -3142,6 +3131,8 @@ static int vfswrap_linux_setlease(vfs_handle_struct
*handle, files_struct *fsp,
START_PROFILE(syscall_linux_setlease);
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
#ifdef HAVE_KERNEL_OPLOCKS_LINUX
result = linux_setlease(fsp_get_io_fd(fsp), leasetype);
#else
@@ -3160,6 +3151,8 @@ static int vfswrap_symlinkat(vfs_handle_struct *handle,
START_PROFILE(syscall_symlinkat);
+ SMB_ASSERT(!is_named_stream(new_smb_fname));
+
result = symlinkat(link_target->base_name,
fsp_get_pathref_fd(dirfsp),
new_smb_fname->base_name);
@@ -3177,6 +3170,8 @@ static int vfswrap_readlinkat(vfs_handle_struct *handle,
START_PROFILE(syscall_readlinkat);
+ SMB_ASSERT(!is_named_stream(smb_fname));
+
result = readlinkat(fsp_get_pathref_fd(dirfsp),
smb_fname->base_name,
buf,
@@ -3197,6 +3192,9 @@ static int vfswrap_linkat(vfs_handle_struct *handle,
START_PROFILE(syscall_linkat);
+ SMB_ASSERT(!is_named_stream(old_smb_fname));
+ SMB_ASSERT(!is_named_stream(new_smb_fname));
+
result = linkat(fsp_get_pathref_fd(srcfsp),
old_smb_fname->base_name,
fsp_get_pathref_fd(dstfsp),
@@ -3217,6 +3215,8 @@ static int vfswrap_mknodat(vfs_handle_struct *handle,
START_PROFILE(syscall_mknodat);
+ SMB_ASSERT(!is_named_stream(smb_fname));
+
result = sys_mknodat(fsp_get_pathref_fd(dirfsp),
smb_fname->base_name,
mode,
@@ -3255,6 +3255,8 @@ static int vfswrap_fchflags(vfs_handle_struct *handle,
#ifdef HAVE_FCHFLAGS
int fd = fsp_get_pathref_fd(fsp);
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
if (!fsp->fsp_flags.is_pathref) {
return fchflags(fd, flags);
}
@@ -3326,6 +3328,8 @@ static NTSTATUS vfswrap_fstreaminfo(vfs_handle_struct
*handle,
struct stream_struct *streams = *pstreams;
NTSTATUS status;
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
if (fsp->fsp_flags.is_directory) {
/*
* No default streams on directories
@@ -3426,6 +3430,9 @@ static NTSTATUS vfswrap_fget_nt_acl(vfs_handle_struct
*handle,
NTSTATUS result;
START_PROFILE(fget_nt_acl);
+
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
result = posix_fget_nt_acl(fsp, security_info,
mem_ctx, ppdesc);
END_PROFILE(fget_nt_acl);
@@ -3437,6 +3444,9 @@ static NTSTATUS vfswrap_fset_nt_acl(vfs_handle_struct
*handle, files_struct *fsp
NTSTATUS result;
START_PROFILE(fset_nt_acl);
+
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
result = set_nt_acl(fsp, security_info_sent, psd);
END_PROFILE(fset_nt_acl);
return result;
@@ -3456,6 +3466,8 @@ static SMB_ACL_T vfswrap_sys_acl_get_fd(vfs_handle_struct
*handle,
SMB_ACL_TYPE_T type,
TALLOC_CTX *mem_ctx)
{
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
return sys_acl_get_fd(handle, fsp, type, mem_ctx);
}
@@ -3464,12 +3476,16 @@ static int vfswrap_sys_acl_set_fd(vfs_handle_struct
*handle,
SMB_ACL_TYPE_T type,
SMB_ACL_T theacl)
{
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
return sys_acl_set_fd(handle, fsp, type, theacl);
}
static int vfswrap_sys_acl_delete_def_fd(vfs_handle_struct *handle,
files_struct *fsp)
{
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
return sys_acl_delete_def_fd(handle, fsp);
}
@@ -3485,6 +3501,8 @@ static ssize_t vfswrap_fgetxattr(struct vfs_handle_struct
*handle,
{
int fd = fsp_get_pathref_fd(fsp);
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
if (!fsp->fsp_flags.is_pathref) {
return fgetxattr(fd, name, value, size);
}
@@ -3555,6 +3573,8 @@ static struct tevent_req *vfswrap_getxattrat_send(
bool have_per_thread_creds = false;
bool do_async = false;
+ SMB_ASSERT(!is_named_stream(smb_fname));
+
req = tevent_req_create(mem_ctx, &state,
struct vfswrap_getxattrat_state);
if (req == NULL) {
@@ -3661,10 +3681,9 @@ static void vfswrap_getxattrat_do_sync(struct tevent_req
*req)
{
struct vfswrap_getxattrat_state *state = tevent_req_data(
req, struct vfswrap_getxattrat_state);
- struct files_struct *fsp = metadata_fsp(state->smb_fname->fsp);
state->xattr_size = vfswrap_fgetxattr(state->handle,
- fsp,
+ state->smb_fname->fsp,
state->xattr_name,
state->xattr_value,
talloc_array_length(state->xattr_value));
@@ -3684,7 +3703,6 @@ static void vfswrap_getxattrat_do_async(void
*private_data)
struct timespec start_time;
struct timespec end_time;
int ret;
- struct files_struct *fsp = metadata_fsp(state->smb_fname->fsp);
PROFILE_TIMESTAMP(&start_time);
SMBPROFILE_BYTES_ASYNC_SET_BUSY(state->profile_bytes);
@@ -3708,7 +3726,7 @@ static void vfswrap_getxattrat_do_async(void
*private_data)
}
state->xattr_size = vfswrap_fgetxattr(state->handle,
- fsp,
+ state->smb_fname->fsp,
state->xattr_name,
state->xattr_value,
talloc_array_length(state->xattr_value));
@@ -3809,6 +3827,8 @@ static ssize_t vfswrap_flistxattr(struct
vfs_handle_struct *handle, struct files
{
int fd = fsp_get_pathref_fd(fsp);
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
if (!fsp->fsp_flags.is_pathref) {
return flistxattr(fd, list, size);
}
@@ -3835,6 +3855,8 @@ static int vfswrap_fremovexattr(struct vfs_handle_struct
*handle, struct files_s
{
int fd = fsp_get_pathref_fd(fsp);
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
if (!fsp->fsp_flags.is_pathref) {
return fremovexattr(fd, name);
}
@@ -3861,6 +3883,8 @@ static int vfswrap_fsetxattr(struct vfs_handle_struct
*handle, struct files_stru
{
int fd = fsp_get_pathref_fd(fsp);
+ SMB_ASSERT(!fsp_is_alternate_stream(fsp));
+
if (!fsp->fsp_flags.is_pathref) {
return fsetxattr(fd, name, value, size, flags);
}
diff --git a/source3/modules/vfs_streams_xattr.c
b/source3/modules/vfs_streams_xattr.c
index 3dfb894a800..f3371ca9b7e 100644
--- a/source3/modules/vfs_streams_xattr.c
+++ b/source3/modules/vfs_streams_xattr.c
@@ -1539,6 +1539,38 @@ static bool streams_xattr_strict_lock_check(struct
vfs_handle_struct *handle,
return true;
}
+static int streams_xattr_fcntl(vfs_handle_struct *handle,
+ files_struct *fsp,
+ int cmd,
+ va_list cmd_arg)
+{
+ va_list dup_cmd_arg;
+ void *arg;
+ int ret;
+
+ if (fsp_is_alternate_stream(fsp)) {
+ switch (cmd) {
+ case F_GETFL:
+ case F_SETFL:
+ break;
+ default:
+ DBG_ERR("Unsupported fcntl() cmd [%d] on [%s]\n",
+ cmd, fsp_str_dbg(fsp));
+ errno = EINVAL;
+ return -1;
+ }
+ }
+
+ va_copy(dup_cmd_arg, cmd_arg);
+ arg = va_arg(dup_cmd_arg, void *);
+
+ ret = SMB_VFS_NEXT_FCNTL(handle, fsp, cmd, arg);
+
+ va_end(dup_cmd_arg);
+
+ return ret;
+}
+
static struct vfs_fn_pointers vfs_streams_xattr_fns = {
.fs_capabilities_fn = streams_xattr_fs_capabilities,
.connect_fn = streams_xattr_connect,
@@ -1567,6 +1599,7 @@ static struct vfs_fn_pointers vfs_streams_xattr_fns = {
.filesystem_sharemode_fn = streams_xattr_filesystem_sharemode,
.linux_setlease_fn = streams_xattr_linux_setlease,
.strict_lock_check_fn = streams_xattr_strict_lock_check,
+ .fcntl_fn = streams_xattr_fcntl,
.fchown_fn = streams_xattr_fchown,
.fchmod_fn = streams_xattr_fchmod,
diff --git a/source3/modules/vfs_xattr_tdb.c b/source3/modules/vfs_xattr_tdb.c
index 07b95899d80..261ebc2b213 100644
--- a/source3/modules/vfs_xattr_tdb.c
+++ b/source3/modules/vfs_xattr_tdb.c
@@ -29,7 +29,21 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_VFS
-static bool xattr_tdb_init(int snum, TALLOC_CTX *mem_ctx, struct db_context
**p_db);
+struct xattr_tdb_config {
+ struct db_context *db;
+ bool ignore_user_xattr;
+};
+
+static bool xattr_tdb_init(struct vfs_handle_struct *handle,
+ struct xattr_tdb_config **_config);
+
+static bool is_user_xattr(const char *xattr_name)
+{
+ int match;
+
+ match = strncmp(xattr_name, "user.", strlen("user."));
+ return (match == 0);
+}
static int xattr_tdb_get_file_id(struct vfs_handle_struct *handle,
const char *path, struct file_id *id)
@@ -68,6 +82,8 @@ struct xattr_tdb_getxattrat_state {
uint8_t *xattr_value;
};
+static void xattr_tdb_getxattrat_done(struct tevent_req *subreq);
+
static struct tevent_req *xattr_tdb_getxattrat_send(
TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
@@ -77,16 +93,21 @@ static struct tevent_req *xattr_tdb_getxattrat_send(
const char *xattr_name,
size_t alloc_hint)
{
+ struct xattr_tdb_config *config = NULL;
struct tevent_req *req = NULL;
+ struct tevent_req *subreq = NULL;
struct xattr_tdb_getxattrat_state *state = NULL;
struct smb_filename *cwd = NULL;
- struct db_context *db = NULL;
struct file_id id;
int ret;
int error;
int cwd_ret;
DATA_BLOB xattr_blob;
+ if (!xattr_tdb_init(handle, &config)) {
+ return NULL;
+ }
+
req = tevent_req_create(mem_ctx, &state,
struct xattr_tdb_getxattrat_state);
if (req == NULL) {
@@ -94,11 +115,20 @@ static struct tevent_req *xattr_tdb_getxattrat_send(
}
state->xattr_size = -1;
- SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context,
- if (!xattr_tdb_init(-1, state, &db)) {
- tevent_req_error(req, EIO);
- return tevent_req_post(req, ev);
- });
+ if (config->ignore_user_xattr && is_user_xattr(xattr_name)) {
+ subreq = SMB_VFS_NEXT_GETXATTRAT_SEND(state,
+ ev,
+ handle,
+ dir_fsp,
+ smb_fname,
+ xattr_name,
+ alloc_hint);
+ if (tevent_req_nomem(subreq, req)) {
+ return tevent_req_post(req, ev);
+ }
+ tevent_req_set_callback(subreq, xattr_tdb_getxattrat_done, req);
+ return req;
+ }
cwd = SMB_VFS_GETWD(dir_fsp->conn, state);
if (tevent_req_nomem(cwd, req)) {
@@ -122,7 +152,7 @@ static struct tevent_req *xattr_tdb_getxattrat_send(
return tevent_req_post(req, ev);
}
- state->xattr_size = xattr_tdb_getattr(db,
+ state->xattr_size = xattr_tdb_getattr(config->db,
state,
&id,
xattr_name,
@@ -166,6 +196,27 @@ static struct tevent_req *xattr_tdb_getxattrat_send(
return tevent_req_post(req, ev);
}
+static void xattr_tdb_getxattrat_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req = tevent_req_callback_data(
--
Samba Shared Repository
