search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
WHATSNEW: SMB3 Directory Leases
[samba4-gss.git] / source3 / smbd / smb2_ioctl_filesys.c
blob1a8d1c2affa057f65b3056395815a8b3f1ccc44b
1 /*
2 Unix SMB/CIFS implementation.
3 Core SMB2 server
4
5 Copyright (C) Stefan Metzmacher 2009
6 Copyright (C) David Disseldorp 2013-2024
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "smbd/smbd.h"
24 #include "smbd/globals.h"
25 #include "../libcli/smb/smb_common.h"
26 #include "../libcli/security/security.h"
27 #include "../lib/util/tevent_ntstatus.h"
28 #include "rpc_server/srv_pipe_hnd.h"
29 #include "include/ntioctl.h"
30 #include "../librpc/ndr/libndr.h"
31 #include "librpc/gen_ndr/ndr_ioctl.h"
32 #include "smb2_ioctl_private.h"
33 #include "lib/util/sys_rw.h"
34
35 #undef DBGC_CLASS
36 #define DBGC_CLASS DBGC_SMB2
37
38 /*
39 * XXX this may reduce dup_extents->byte_count so that it's less than the
40 * target file size.
41 */
42 static NTSTATUS fsctl_dup_extents_check_lengths(struct files_struct *src_fsp,
43 struct files_struct *dst_fsp,
44 struct fsctl_dup_extents_to_file *dup_extents)
45 {
46 NTSTATUS status;
47
48 if ((dup_extents->source_off + dup_extents->byte_count
49 < dup_extents->source_off)
50 || (dup_extents->target_off + dup_extents->byte_count
51 < dup_extents->target_off)) {
52 return NT_STATUS_INVALID_PARAMETER; /* wrap */
53 }
54
55 status = vfs_stat_fsp(src_fsp);
56 if (!NT_STATUS_IS_OK(status)) {
57 return status;
58 }
59
60 /*
61 * XXX vfs_btrfs and vfs_default have size checks in the copychunk
62 * handler, as this needs to be rechecked after the src has potentially
63 * been extended by a previous chunk in the compound copychunk req.
64 */
65 if (src_fsp->fsp_name->st.st_ex_size
66 < dup_extents->source_off + dup_extents->byte_count) {
67 DEBUG(2, ("dup_extents req exceeds src size\n"));
68 return NT_STATUS_NOT_SUPPORTED;
69 }
70
71 status = vfs_stat_fsp(dst_fsp);
72 if (!NT_STATUS_IS_OK(status)) {
73 return status;
74 }
75
76 if (dst_fsp->fsp_name->st.st_ex_size
77 < dup_extents->target_off + dup_extents->byte_count) {
78
79 if (dst_fsp->fsp_name->st.st_ex_size - dup_extents->target_off
80 > dst_fsp->fsp_name->st.st_ex_size) {
81 return NT_STATUS_INVALID_PARAMETER; /* wrap */
82 }
83
84 /*
85 * this server behaviour is pretty hairy, but we need to match
86 * Windows, so...
87 */
88 DEBUG(2, ("dup_extents req exceeds target size, capping\n"));
89 dup_extents->byte_count = dst_fsp->fsp_name->st.st_ex_size
90 - dup_extents->target_off;
91 }
92
93 return NT_STATUS_OK;
94 }
95
96 static NTSTATUS fsctl_dup_extents_check_overlap(struct files_struct *src_fsp,
97 struct files_struct *dst_fsp,
98 struct fsctl_dup_extents_to_file *dup_extents)
99 {
100 if (!file_id_equal(&src_fsp->file_id, &dst_fsp->file_id)) {
101 /* src and dest refer to different files */
102 return NT_STATUS_OK;
103 }
104
105 if (sys_io_ranges_overlap(dup_extents->byte_count,
106 dup_extents->source_off,
107 dup_extents->byte_count,
108 dup_extents->target_off))
109 {
110 return NT_STATUS_NOT_SUPPORTED;
111 }
112
113 return NT_STATUS_OK;
114 }
115
116 static NTSTATUS fsctl_dup_extents_check_sparse(struct files_struct *src_fsp,
117 struct files_struct *dst_fsp)
118 {
119 /*
120 * 2.3.8 FSCTL_DUPLICATE_EXTENTS_TO_FILE Reply...
121 * STATUS_NOT_SUPPORTED: Target file is sparse, while source
122 * is a non-sparse file.
123 *
124 * WS2016 has the following behaviour (MS are in the process of fixing
125 * the spec):
126 * STATUS_NOT_SUPPORTED is returned if the source is sparse, while the
127 * target is non-sparse. However, if target is sparse while the source
128 * is non-sparse, then FSCTL_DUPLICATE_EXTENTS_TO_FILE completes
129 * successfully.
130 */
131 if (src_fsp->fsp_flags.is_sparse && !dst_fsp->fsp_flags.is_sparse) {
132 return NT_STATUS_NOT_SUPPORTED;
133 }
134
135 return NT_STATUS_OK;
136 }
137
138 struct fsctl_dup_extents_state {
139 struct tevent_context *ev;
140 struct connection_struct *conn;
141 struct files_struct *dst_fsp;
142 struct fsctl_dup_extents_to_file dup_extents;
143 };
144
145 static void fsctl_dup_extents_offload_read_done(struct tevent_req *subreq);
146 static void fsctl_dup_extents_vfs_done(struct tevent_req *subreq);
147
148 static struct tevent_req *fsctl_dup_extents_send(TALLOC_CTX *mem_ctx,
149 struct tevent_context *ev,
150 struct files_struct *dst_fsp,
151 DATA_BLOB *in_input,
152 struct smbd_smb2_request *smb2req)
153 {
154 struct tevent_req *req = NULL;
155 struct tevent_req *subreq = NULL;
156 struct fsctl_dup_extents_state *state = NULL;
157 uint64_t src_fid_persistent = 0;
158 uint64_t src_fid_volatile = 0;
159 struct files_struct *src_fsp = NULL;
160 int ndr_ret;
161 NTSTATUS status;
162
163 req = tevent_req_create(mem_ctx, &state,
164 struct fsctl_dup_extents_state);
165 if (req == NULL) {
166 return NULL;
167 }
168
169 if (dst_fsp == NULL) {
170 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
171 return tevent_req_post(req, ev);
172 }
173
174 *state = (struct fsctl_dup_extents_state) {
175 .conn = dst_fsp->conn,
176 .ev = ev,
177 .dst_fsp = dst_fsp,
178 };
179
180 if ((dst_fsp->conn->fs_capabilities
181 & FILE_SUPPORTS_BLOCK_REFCOUNTING) == 0) {
182 DBG_INFO("FS does not advertise block refcounting support\n");
183 tevent_req_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
184 return tevent_req_post(req, ev);
185 }
186
187 ndr_ret = ndr_pull_struct_blob(in_input, state, &state->dup_extents,
188 (ndr_pull_flags_fn_t)ndr_pull_fsctl_dup_extents_to_file);
189 if (ndr_ret != NDR_ERR_SUCCESS) {
190 DBG_ERR("failed to unmarshall dup extents to file req\n");
191 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
192 return tevent_req_post(req, ev);
193 }
194
195 src_fid_persistent = BVAL(state->dup_extents.source_fid, 0);
196 src_fid_volatile = BVAL(state->dup_extents.source_fid, 8);
197 src_fsp = file_fsp_get(smb2req, src_fid_persistent, src_fid_volatile);
198 if ((src_fsp == NULL)
199 || (src_fsp->file_id.devid != dst_fsp->file_id.devid)) {
200 /*
201 * [MS-FSCC] 2.3.8 FSCTL_DUPLICATE_EXTENTS_TO_FILE Reply
202 * STATUS_INVALID_PARAMETER:
203 * The FileHandle parameter is either invalid or does not
204 * represent a handle to an opened file on the same volume.
205 *
206 * Windows Server responds with NT_STATUS_INVALID_HANDLE instead
207 * of STATUS_INVALID_PARAMETER here, despite the above spec.
208 */
209 DBG_ERR("invalid src_fsp for dup_extents\n");
210 tevent_req_nterror(req, NT_STATUS_INVALID_HANDLE);
211 return tevent_req_post(req, ev);
212 }
213
214 status = fsctl_dup_extents_check_lengths(src_fsp, dst_fsp,
215 &state->dup_extents);
216 if (tevent_req_nterror(req, status)) {
217 return tevent_req_post(req, ev);
218 }
219
220 if (state->dup_extents.byte_count == 0) {
221 DBG_ERR("skipping zero length dup extents\n");
222 tevent_req_done(req);
223 return tevent_req_post(req, ev);
224 }
225
226 status = fsctl_dup_extents_check_overlap(src_fsp, dst_fsp,
227 &state->dup_extents);
228 if (tevent_req_nterror(req, status)) {
229 return tevent_req_post(req, ev);
230 }
231
232 status = fsctl_dup_extents_check_sparse(src_fsp, dst_fsp);
233 if (tevent_req_nterror(req, status)) {
234 return tevent_req_post(req, ev);
235 }
236
237 subreq = SMB_VFS_OFFLOAD_READ_SEND(state, ev, src_fsp,
238 FSCTL_DUP_EXTENTS_TO_FILE,
239 0, 0, 0);
240 if (tevent_req_nomem(subreq, req)) {
241 return tevent_req_post(req, ev);
242 }
243 tevent_req_set_callback(subreq, fsctl_dup_extents_offload_read_done,
244 req);
245 return req;
246 }
247
248 static void fsctl_dup_extents_offload_read_done(struct tevent_req *subreq)
249 {
250 struct tevent_req *req = tevent_req_callback_data(
251 subreq, struct tevent_req);
252 struct fsctl_dup_extents_state *state = tevent_req_data(
253 req, struct fsctl_dup_extents_state);
254 uint32_t flags;
255 uint64_t xferlen;
256 DATA_BLOB token;
257 NTSTATUS status;
258
259 /*
260 * Note that both flags and xferlen are not used with copy-chunk.
261 */
262
263 status = SMB_VFS_OFFLOAD_READ_RECV(subreq, state->dst_fsp->conn,
264 state, &flags, &xferlen, &token);
265 if (tevent_req_nterror(req, status)) {
266 return;
267 }
268
269 /* tell the VFS to ignore locks across the clone, matching ReFS */
270 subreq = SMB_VFS_OFFLOAD_WRITE_SEND(state->dst_fsp->conn,
271 state,
272 state->ev,
273 FSCTL_DUP_EXTENTS_TO_FILE,
274 &token,
275 state->dup_extents.source_off,
276 state->dst_fsp,
277 state->dup_extents.target_off,
278 state->dup_extents.byte_count);
279 if (tevent_req_nomem(subreq, req)) {
280 return;
281 }
282 tevent_req_set_callback(subreq, fsctl_dup_extents_vfs_done, req);
283 return;
284 }
285
286 static void fsctl_dup_extents_vfs_done(struct tevent_req *subreq)
287 {
288 struct tevent_req *req = tevent_req_callback_data(
289 subreq, struct tevent_req);
290 struct fsctl_dup_extents_state *state = tevent_req_data(
291 req, struct fsctl_dup_extents_state);
292 off_t nb_chunk;
293 NTSTATUS status;
294
295 status = SMB_VFS_OFFLOAD_WRITE_RECV(state->conn, subreq, &nb_chunk);
296 TALLOC_FREE(subreq);
297 if (tevent_req_nterror(req, status)) {
298 return;
299 }
300
301 if (nb_chunk != state->dup_extents.byte_count) {
302 tevent_req_nterror(req, NT_STATUS_IO_DEVICE_ERROR);
303 return;
304 }
305
306 tevent_req_done(req);
307 }
308
309 static NTSTATUS fsctl_dup_extents_recv(struct tevent_req *req)
310 {
311 return tevent_req_simple_recv_ntstatus(req);
312 }
313
314 static NTSTATUS fsctl_get_cmprn(TALLOC_CTX *mem_ctx,
315 struct tevent_context *ev,
316 struct files_struct *fsp,
317 size_t in_max_output,
318 DATA_BLOB *out_output)
319 {
320 struct compression_state cmpr_state;
321 enum ndr_err_code ndr_ret;
322 DATA_BLOB output;
323 NTSTATUS status;
324
325 if (fsp == NULL) {
326 return NT_STATUS_FILE_CLOSED;
327 }
328
329 /* Windows doesn't check for SEC_FILE_READ_ATTRIBUTE permission here */
330
331 ZERO_STRUCT(cmpr_state);
332 if (fsp->conn->fs_capabilities & FILE_FILE_COMPRESSION) {
333 status = SMB_VFS_FGET_COMPRESSION(fsp->conn,
334 mem_ctx,
335 fsp,
336 &cmpr_state.format);
337 if (!NT_STATUS_IS_OK(status)) {
338 return status;
339 }
340 } else {
341 /*
342 * bso#12144: The underlying filesystem doesn't support
343 * compression, so we should respond with "not-compressed"
344 * (like WS2016 ReFS) instead of STATUS_NOT_SUPPORTED or
345 * NT_STATUS_INVALID_DEVICE_REQUEST.
346 */
347 cmpr_state.format = COMPRESSION_FORMAT_NONE;
348 }
349
350 ndr_ret = ndr_push_struct_blob(&output, mem_ctx,
351 &cmpr_state,
352 (ndr_push_flags_fn_t)ndr_push_compression_state);
353 if (ndr_ret != NDR_ERR_SUCCESS) {
354 return NT_STATUS_INTERNAL_ERROR;
355 }
356
357 if (in_max_output < output.length) {
358 DEBUG(1, ("max output %u too small for compression state %ld\n",
359 (unsigned int)in_max_output, (long int)output.length));
360 return NT_STATUS_INVALID_USER_BUFFER;
361 }
362 *out_output = output;
363
364 return NT_STATUS_OK;
365 }
366
367 static NTSTATUS fsctl_set_cmprn(TALLOC_CTX *mem_ctx,
368 struct tevent_context *ev,
369 struct files_struct *fsp,
370 DATA_BLOB *in_input)
371 {
372 struct compression_state cmpr_state;
373 enum ndr_err_code ndr_ret;
374 NTSTATUS status;
375
376 if (fsp == NULL) {
377 return NT_STATUS_FILE_CLOSED;
378 }
379
380 /* WRITE_DATA permission is required, WRITE_ATTRIBUTES is not */
381 status = check_any_access_fsp(fsp, FILE_WRITE_DATA);
382 if (!NT_STATUS_IS_OK(status)) {
383 return status;
384 }
385
386 ndr_ret = ndr_pull_struct_blob(in_input, mem_ctx, &cmpr_state,
387 (ndr_pull_flags_fn_t)ndr_pull_compression_state);
388 if (ndr_ret != NDR_ERR_SUCCESS) {
389 DEBUG(0, ("failed to unmarshall set compression req\n"));
390 return NT_STATUS_INVALID_PARAMETER;
391 }
392
393 status = NT_STATUS_NOT_SUPPORTED;
394 if (fsp->conn->fs_capabilities & FILE_FILE_COMPRESSION) {
395 status = SMB_VFS_SET_COMPRESSION(fsp->conn,
396 mem_ctx,
397 fsp,
398 cmpr_state.format);
399 } else if (cmpr_state.format == COMPRESSION_FORMAT_NONE) {
400 /*
401 * bso#12144: The underlying filesystem doesn't support
402 * compression. We should still accept set(FORMAT_NONE) requests
403 * (like WS2016 ReFS).
404 */
405 status = NT_STATUS_OK;
406 }
407
408 return status;
409 }
410
411 static NTSTATUS fsctl_zero_data(TALLOC_CTX *mem_ctx,
412 struct tevent_context *ev,
413 struct files_struct *fsp,
414 DATA_BLOB *in_input)
415 {
416 struct file_zero_data_info zdata_info;
417 enum ndr_err_code ndr_ret;
418 struct lock_struct lck;
419 int mode;
420 uint64_t len;
421 int ret;
422 NTSTATUS status;
423
424 if (fsp == NULL) {
425 return NT_STATUS_FILE_CLOSED;
426 }
427
428 /* WRITE_DATA permission is required */
429 status = check_any_access_fsp(fsp, FILE_WRITE_DATA);
430 if (!NT_STATUS_IS_OK(status)) {
431 return status;
432 }
433
434 /* allow regardless of whether FS supports sparse or not */
435
436 ndr_ret = ndr_pull_struct_blob(in_input, mem_ctx, &zdata_info,
437 (ndr_pull_flags_fn_t)ndr_pull_file_zero_data_info);
438 if (ndr_ret != NDR_ERR_SUCCESS) {
439 DEBUG(0, ("failed to unmarshall zero data request\n"));
440 return NT_STATUS_INVALID_PARAMETER;
441 }
442
443 if (zdata_info.beyond_final_zero < zdata_info.file_off) {
444 DEBUG(0, ("invalid zero data params: off %lu, bfz, %lu\n",
445 (unsigned long)zdata_info.file_off,
446 (unsigned long)zdata_info.beyond_final_zero));
447 return NT_STATUS_INVALID_PARAMETER;
448 }
449
450 /* convert strange "beyond final zero" param into length */
451 len = zdata_info.beyond_final_zero - zdata_info.file_off;
452
453 if (len == 0) {
454 DEBUG(2, ("zero data called with zero length range\n"));
455 return NT_STATUS_OK;
456 }
457
458 init_strict_lock_struct(fsp,
459 fsp->op->global->open_persistent_id,
460 zdata_info.file_off,
461 len,
462 WRITE_LOCK,
463 lp_posix_cifsu_locktype(fsp),
464 &lck);
465
466 if (!SMB_VFS_STRICT_LOCK_CHECK(fsp->conn, fsp, &lck)) {
467 DEBUG(2, ("failed to lock range for zero-data\n"));
468 return NT_STATUS_FILE_LOCK_CONFLICT;
469 }
470
471 /*
472 * MS-FSCC <58> Section 2.3.67
473 * This FSCTL sets the range of bytes to zero (0) without extending the
474 * file size.
475 *
476 * The VFS_FALLOCATE_FL_KEEP_SIZE flag is used to satisfy this
477 * constraint.
478 */
479
480 mode = VFS_FALLOCATE_FL_PUNCH_HOLE | VFS_FALLOCATE_FL_KEEP_SIZE;
481 ret = SMB_VFS_FALLOCATE(fsp, mode, zdata_info.file_off, len);
482 if (ret == -1) {
483 status = map_nt_error_from_unix_common(errno);
484 DEBUG(2, ("zero-data fallocate(0x%x) failed: %s\n", mode,
485 strerror(errno)));
486 return status;
487 }
488
489 if (!fsp->fsp_flags.is_sparse && lp_strict_allocate(SNUM(fsp->conn))) {
490 /*
491 * File marked non-sparse and "strict allocate" is enabled -
492 * allocate the range that we just punched out.
493 * In future FALLOC_FL_ZERO_RANGE could be used exclusively for
494 * this, but it's currently only supported on XFS and ext4.
495 *
496 * The newly allocated range still won't be found by SEEK_DATA
497 * for QAR, but stat.st_blocks will reflect it.
498 */
499 ret = SMB_VFS_FALLOCATE(fsp, VFS_FALLOCATE_FL_KEEP_SIZE,
500 zdata_info.file_off, len);
501 if (ret == -1) {
502 status = map_nt_error_from_unix_common(errno);
503 DEBUG(0, ("fallocate failed: %s\n", strerror(errno)));
504 return status;
505 }
506 }
507
508 return NT_STATUS_OK;
509 }
510
511 static NTSTATUS fsctl_qar_buf_push(TALLOC_CTX *mem_ctx,
512 struct file_alloced_range_buf *qar_buf,
513 DATA_BLOB *qar_array_blob)
514 {
515 DATA_BLOB new_slot;
516 enum ndr_err_code ndr_ret;
517 bool ok;
518
519 ndr_ret = ndr_push_struct_blob(&new_slot, mem_ctx, qar_buf,
520 (ndr_push_flags_fn_t)ndr_push_file_alloced_range_buf);
521 if (ndr_ret != NDR_ERR_SUCCESS) {
522 DEBUG(0, ("failed to marshall QAR buf\n"));
523 return NT_STATUS_INVALID_PARAMETER;
524 }
525
526 /* TODO should be able to avoid copy by pushing into prealloced buf */
527 ok = data_blob_append(mem_ctx, qar_array_blob, new_slot.data,
528 new_slot.length);
529 data_blob_free(&new_slot);
530 if (!ok) {
531 return NT_STATUS_NO_MEMORY;
532 }
533
534 return NT_STATUS_OK;
535 }
536
537 static NTSTATUS fsctl_qar_seek_fill(TALLOC_CTX *mem_ctx,
538 struct files_struct *fsp,
539 off_t curr_off,
540 off_t max_off,
541 size_t in_max_output,
542 DATA_BLOB *qar_array_blob)
543 {
544 NTSTATUS status = NT_STATUS_NOT_SUPPORTED;
545
546 #ifdef HAVE_LSEEK_HOLE_DATA
547 while (curr_off <= max_off) {
548 off_t data_off;
549 off_t hole_off;
550 struct file_alloced_range_buf qar_buf;
551
552 /* seek next data */
553 data_off = SMB_VFS_LSEEK(fsp, curr_off, SEEK_DATA);
554 if ((data_off == -1) && (errno == ENXIO)) {
555 /* no data from curr_off to EOF */
556 break;
557 } else if (data_off == -1) {
558 status = map_nt_error_from_unix_common(errno);
559 DEBUG(1, ("lseek data failed: %s\n", strerror(errno)));
560 return status;
561 }
562
563 if (data_off > max_off) {
564 /* found something, but passed range of interest */
565 break;
566 }
567
568 hole_off = SMB_VFS_LSEEK(fsp, data_off, SEEK_HOLE);
569 if (hole_off == -1) {
570 status = map_nt_error_from_unix_common(errno);
571 DEBUG(1, ("lseek hole failed: %s\n", strerror(errno)));
572 return status;
573 }
574
575 if (hole_off <= data_off) {
576 DEBUG(1, ("lseek inconsistent: hole %lu at or before "
577 "data %lu\n", (unsigned long)hole_off,
578 (unsigned long)data_off));
579 return NT_STATUS_INTERNAL_ERROR;
580 }
581
582 if (qar_array_blob->length + sizeof(qar_buf) > in_max_output) {
583 /*
584 * Earlier check ensures space for one range or more.
585 * Subsequent overflow results in a truncated response.
586 */
587 DBG_NOTICE("truncated QAR output: need > %zu, max %zu\n",
588 qar_array_blob->length + sizeof(qar_buf),
589 in_max_output);
590 return STATUS_BUFFER_OVERFLOW;
591 }
592
593 qar_buf.file_off = data_off;
594 /* + 1 to convert maximum offset to length */
595 qar_buf.len = MIN(hole_off, max_off + 1) - data_off;
596
597 status = fsctl_qar_buf_push(mem_ctx, &qar_buf, qar_array_blob);
598 if (!NT_STATUS_IS_OK(status)) {
599 return NT_STATUS_NO_MEMORY;
600 }
601
602 curr_off = hole_off;
603 }
604 status = NT_STATUS_OK;
605 #endif
606
607 return status;
608 }
609
610 static NTSTATUS fsctl_qar(TALLOC_CTX *mem_ctx,
611 struct tevent_context *ev,
612 struct files_struct *fsp,
613 DATA_BLOB *in_input,
614 size_t in_max_output,
615 DATA_BLOB *out_output)
616 {
617 struct fsctl_query_alloced_ranges_req qar_req;
618 struct fsctl_query_alloced_ranges_rsp qar_rsp;
619 DATA_BLOB qar_array_blob = data_blob_null;
620 uint64_t max_off;
621 enum ndr_err_code ndr_ret;
622 int ret;
623 NTSTATUS status;
624 SMB_STRUCT_STAT sbuf;
625
626 if (fsp == NULL) {
627 return NT_STATUS_FILE_CLOSED;
628 }
629
630 /* READ_DATA permission is required */
631 status = check_any_access_fsp(fsp, FILE_READ_DATA);
632 if (!NT_STATUS_IS_OK(status)) {
633 return status;
634 }
635
636 ndr_ret = ndr_pull_struct_blob(in_input, mem_ctx, &qar_req,
637 (ndr_pull_flags_fn_t)ndr_pull_fsctl_query_alloced_ranges_req);
638 if (ndr_ret != NDR_ERR_SUCCESS) {
639 DEBUG(0, ("failed to unmarshall QAR req\n"));
640 return NT_STATUS_INVALID_PARAMETER;
641 }
642
643 /*
644 * XXX Windows Server 2008 & 2012 servers don't return lock-conflict
645 * for QAR requests over an exclusively locked range!
646 */
647
648 ret = SMB_VFS_FSTAT(fsp, &sbuf);
649 if (ret == -1) {
650 status = map_nt_error_from_unix_common(errno);
651 DEBUG(2, ("fstat failed: %s\n", strerror(errno)));
652 return status;
653 }
654
655 if ((qar_req.buf.len == 0)
656 || (sbuf.st_ex_size == 0)
657 || (qar_req.buf.file_off >= sbuf.st_ex_size)) {
658 /* zero length range or after EOF, no ranges to return */
659 return NT_STATUS_OK;
660 }
661
662 /* check for integer overflow */
663 if (qar_req.buf.file_off + qar_req.buf.len < qar_req.buf.file_off) {
664 return NT_STATUS_INVALID_PARAMETER;
665 }
666
667 /* must have enough space for at least one range */
668 if (in_max_output < sizeof(struct file_alloced_range_buf)) {
669 DEBUG(2, ("QAR max %lu insufficient for one range\n",
670 (unsigned long)in_max_output));
671 return NT_STATUS_BUFFER_TOO_SMALL;
672 }
673
674 /*
675 * Maximum offset is either the last valid offset _before_ EOF, or the
676 * last byte offset within the requested range. -1 converts length to
677 * offset, which is easier to work with for SEEK_DATA/SEEK_HOLE, E.g.:
678 *
679 * /off=0 /off=512K /st_ex_size=1M
680 * |-------------------------------------|
681 * | File data |
682 * |-------------------------------------|
683 * QAR end\
684 * |=====================================|
685 * | QAR off=512K, len=1M |
686 * |=================^===================|
687 * max_off=1M - 1
688 * QAR end\
689 * |==================|
690 * |QAR off=0 len=512K|
691 * |==================|
692 * ^
693 * max_off=512K - 1
694 */
695 max_off = MIN(sbuf.st_ex_size,
696 qar_req.buf.file_off + qar_req.buf.len) - 1;
697
698 if (!fsp->fsp_flags.is_sparse) {
699 struct file_alloced_range_buf qar_buf;
700
701 /* file is non-sparse, claim file_off->max_off is allocated */
702 qar_buf.file_off = qar_req.buf.file_off;
703 /* + 1 to convert maximum offset back to length */
704 qar_buf.len = max_off - qar_req.buf.file_off + 1;
705
706 status = fsctl_qar_buf_push(mem_ctx, &qar_buf, &qar_array_blob);
707 } else {
708 status = fsctl_qar_seek_fill(mem_ctx, fsp, qar_req.buf.file_off,
709 max_off, in_max_output,
710 &qar_array_blob);
711 }
712
713 if (NT_STATUS_IS_OK(status)
714 || NT_STATUS_EQUAL(status, STATUS_BUFFER_OVERFLOW)) {
715 /* marshall response. STATUS_BUFFER_OVERFLOW=truncated */
716 qar_rsp.far_buf_array = qar_array_blob;
717
718 ndr_ret = ndr_push_struct_blob(out_output, mem_ctx, &qar_rsp,
719 (ndr_push_flags_fn_t)ndr_push_fsctl_query_alloced_ranges_rsp);
720 if (ndr_ret != NDR_ERR_SUCCESS) {
721 DEBUG(0, ("failed to marshall QAR rsp\n"));
722 return NT_STATUS_INVALID_PARAMETER;
723 }
724 }
725
726 return status;
727 }
728
729 static void smb2_ioctl_filesys_dup_extents_done(struct tevent_req *subreq);
730
731 struct tevent_req *smb2_ioctl_filesys(uint32_t ctl_code,
732 struct tevent_context *ev,
733 struct tevent_req *req,
734 struct smbd_smb2_ioctl_state *state)
735 {
736 NTSTATUS status;
737
738 switch (ctl_code) {
739 case FSCTL_GET_COMPRESSION:
740 status = fsctl_get_cmprn(state, ev, state->fsp,
741 state->in_max_output,
742 &state->out_output);
743 if (!tevent_req_nterror(req, status)) {
744 tevent_req_done(req);
745 }
746 return tevent_req_post(req, ev);
747 break;
748 case FSCTL_SET_COMPRESSION:
749 status = fsctl_set_cmprn(state, ev, state->fsp,
750 &state->in_input);
751 if (!tevent_req_nterror(req, status)) {
752 tevent_req_done(req);
753 }
754 return tevent_req_post(req, ev);
755 break;
756 case FSCTL_SET_ZERO_DATA:
757 status = fsctl_zero_data(state, ev, state->fsp,
758 &state->in_input);
759 if (!tevent_req_nterror(req, status)) {
760 tevent_req_done(req);
761 }
762 return tevent_req_post(req, ev);
763 break;
764 case FSCTL_QUERY_ALLOCATED_RANGES:
765 status = fsctl_qar(state, ev, state->fsp,
766 &state->in_input,
767 state->in_max_output,
768 &state->out_output);
769 if (!tevent_req_nterror(req, status)) {
770 tevent_req_done(req);
771 }
772 return tevent_req_post(req, ev);
773 break;
774 case FSCTL_DUP_EXTENTS_TO_FILE: {
775 struct tevent_req *subreq = NULL;
776
777 subreq = fsctl_dup_extents_send(state, ev,
778 state->fsp,
779 &state->in_input,
780 state->smb2req);
781 if (tevent_req_nomem(subreq, req)) {
782 return tevent_req_post(req, ev);
783 }
784 tevent_req_set_callback(subreq,
785 smb2_ioctl_filesys_dup_extents_done,
786 req);
787 return req;
788 break;
789 }
790 default: {
791 uint8_t *out_data = NULL;
792 uint32_t out_data_len = 0;
793
794 if (state->fsp == NULL) {
795 status = NT_STATUS_NOT_SUPPORTED;
796 } else {
797 status = SMB_VFS_FSCTL(state->fsp,
798 state,
799 ctl_code,
800 state->smbreq->flags2,
801 state->in_input.data,
802 state->in_input.length,
803 &out_data,
804 state->in_max_output,
805 &out_data_len);
806 state->out_output = data_blob_const(out_data, out_data_len);
807 if (NT_STATUS_IS_OK(status)) {
808 tevent_req_done(req);
809 return tevent_req_post(req, ev);
810 }
811 }
812
813 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_SUPPORTED)) {
814 if (IS_IPC(state->smbreq->conn)) {
815 status = NT_STATUS_FS_DRIVER_REQUIRED;
816 } else {
817 status = NT_STATUS_INVALID_DEVICE_REQUEST;
818 }
819 }
820
821 tevent_req_nterror(req, status);
822 return tevent_req_post(req, ev);
823 break;
824 }
825 }
826
827 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
828 return tevent_req_post(req, ev);
829 }
830
831 static void smb2_ioctl_filesys_dup_extents_done(struct tevent_req *subreq)
832 {
833 struct tevent_req *req = tevent_req_callback_data(subreq,
834 struct tevent_req);
835 NTSTATUS status;
836
837 status = fsctl_dup_extents_recv(subreq);
838 TALLOC_FREE(subreq);
839 if (!tevent_req_nterror(req, status)) {
840 tevent_req_done(req);
841 }
842 }
GSS-enabled samba4