From ff8b27f6f0c67cbb0fb37f80f3336c1bd0f28430 Mon Sep 17 00:00:00 2001 From: Andrew Walker Date: Thu, 16 Mar 2023 09:05:45 -0700 Subject: [PATCH] Fixups for VFS changes in 4.18 --- debian/changelog | 24 ++++++------------ lib/audit_logging/audit_logging.c | 4 +-- source3/modules/vfs_shadow_copy_zfs.c | 24 ++++++++---------- source3/modules/vfs_tmprotect.c | 2 +- source3/modules/vfs_zfsacl.c | 35 +++++++++++++++++++++++++++ source3/utils/net_groupmap.c | 6 ++--- 6 files changed, 58 insertions(+), 37 deletions(-) diff --git a/source3/modules/vfs_zfsacl.c b/source3/modules/vfs_zfsacl.c index e24cb683d2..18f8dcb4b2 100644 --- a/source3/modules/vfs_zfsacl.c +++ b/source3/modules/vfs_zfsacl.c @@ -307,6 +307,41 @@ static NTSTATUS zfs_set_nt_acl(vfs_handle_struct *handle, files_struct *fsp, zfs_process_smbacl); } +static int get_zfsacl(TALLOC_CTX *mem_ctx, + const struct smb_filename *smb_fname, + ace_t **outbuf) +{ + int naces, rv; + ace_t *acebuf = NULL; + + naces = acl(smb_fname->base_name, ACE_GETACLCNT, 0, NULL); + if (naces == -1) { + int dbg_level = 10; + + if (errno == ENOSYS) { + dbg_level = 1; + } + DEBUG(dbg_level, ("acl(ACE_GETACLCNT, %s): %s ", + smb_fname->base_name, strerror(errno))); + return naces; + } + acebuf = talloc_size(mem_ctx, sizeof(ace_t)*naces); + if (acebuf == NULL) { + errno = ENOMEM; + return -1; + } + + rv = acl(smb_fname->base_name, ACE_GETACL, naces, acebuf); + if (rv == -1) { + DBG_DEBUG("acl(ACE_GETACL, %s) failed: %s ", + smb_fname->base_name, strerror(errno)); + return -1; + } + + *outbuf = acebuf; + return naces; +} + static int fget_zfsacl(TALLOC_CTX *mem_ctx, struct files_struct *fsp, ace_t **outbuf) From 0c2c9f21cf01983d9001edef4983bc15b79a31ad Mon Sep 17 00:00:00 2001 From: Andrew Date: Mon, 29 Nov 2021 12:33:15 -0500 Subject: [PATCH] NAS-113538 / Fix procfd handling for xattr-based alternate datastreams (#54) vfs_streams_xattr openat() does not set fsp.flags.have_proc_fds. In open_streams_for_delete() the fsp is not allocated via talloc_zero() and so this may be unitialized memory. This particular fix ensures vfs_streams_xattr sets the fsp have_proc_fds flag to the one defined in the associated tree connect for the fsp. In the case of vfs_ixnas, ensure that we read the NT ACL from fsp->base_fsp (file) rather than the fsp associated with the xattr. This PR also fixes vfs_zfsacl for FreeBSD 13 (adding handling for procfd paths) --- source3/modules/vfs_ixnas.c | 4 ++- source3/modules/vfs_zfsacl.c | 62 ++++++++++++++++++++++++++++++++++++ 2 files changed, 65 insertions(+), 1 deletion(-) --- a/source3/modules/vfs_zfsacl.c +++ b/source3/modules/vfs_zfsacl.c @@ -235,12 +235,43 @@ static bool zfs_process_smbacl(vfs_handle_struct *handle, files_struct *fsp, SMB_ASSERT(i == naces); /* store acl */ +#ifdef O_PATH + if (fsp->fsp_flags.is_pathref) { + const char *proc_fd_path = NULL; + char buf[PATH_MAX]; + + if (!fsp->fsp_flags.have_proc_fds) { + DBG_ERR("fdescfs filesystem must be mounted with 'nodup' " + "option \n"); + errno = EBADF; + return -1; + } + + fd = fsp_get_pathref_fd(fsp); + proc_fd_path = sys_proc_fd_path(fd, buf, sizeof(buf)); + if (proc_fd_path == NULL) { + DBG_ERR("%s: failed to generate pathref fd for %d\n", + fsp_str_dbg(fsp), fd); + errno = EBADF; + return -1; + } + rv = acl(proc_fd_path, ACE_SETACL, naces, acebuf); + } else { + fd = fsp_get_io_fd(fsp); + if (fd == -1) { + errno = EBADF; + return false; + } + rv = facl(fd, ACE_SETACL, naces, acebuf); + } +#else fd = fsp_get_pathref_fd(fsp); if (fd == -1) { errno = EBADF; return false; } rv = facl(fd, ACE_SETACL, naces, acebuf); +#endif if (rv != 0) { if(errno == ENOSYS) { DEBUG(9, ("acl(ACE_SETACL, %s): Operation is not " @@ -286,7 +317,38 @@ static int fget_zfsacl(TALLOC_CTX *mem_ctx, ace_t *acebuf = NULL; int fd; +#ifdef O_PATH + if (fsp->fsp_flags.is_pathref) { + const char *proc_fd_path = NULL; + char buf[PATH_MAX]; + struct smb_filename smb_fname; + + if (!fsp->fsp_flags.have_proc_fds) { + DBG_ERR("fdescfs filesystem must be mounted with 'nodup' " + "option \n"); + errno = EBADF; + return -1; + } + + fd = fsp_get_pathref_fd(fsp); + proc_fd_path = sys_proc_fd_path(fd, buf, sizeof(buf)); + if (proc_fd_path == NULL) { + DBG_ERR("%s: failed to generate pathref fd for %d\n", + fsp_str_dbg(fsp), fd); + errno = EBADF; + return -1; + } + + smb_fname = (struct smb_filename) { + .base_name = discard_const_p(char, proc_fd_path) + }; + + return get_zfsacl(mem_ctx, &smb_fname, outbuf); + } + fd = fsp_get_io_fd(fsp); +#else fd = fsp_get_pathref_fd(fsp); +#endif if (fd == -1) { errno = EBADF; return -1; -- 2.43.0