1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22/*
23 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright 2014 Nexenta Systems, Inc.  All rights reserved.
25 */
26
27/*
28 * Dispatch function for SMB2_QUERY_INFO
29 * Similar to smb_nt_transact_security.c
30 */
31
32#include <smbsrv/smb2_kproto.h>
33#include <smbsrv/smb_fsops.h>
34#include <smbsrv/ntifs.h>
35
36uint32_t
37smb2_qinfo_sec(smb_request_t *sr, smb_queryinfo_t *qi)
38{
39	smb_sd_t sd;
40	uint32_t secinfo = qi->qi_AddlInfo;
41	uint32_t sdlen;
42	uint32_t status;
43
44	/*
45	 * secinfo & ...
46	 * OWNER_SECURITY_INFORMATION,
47	 * GROUP_SECURITY_INFORMATION,
48	 * DACL_SECURITY_INFORMATION, ...
49	 */
50
51	if ((sr->fid_ofile->f_node == NULL) ||
52	    (sr->fid_ofile->f_ftype != SMB_FTYPE_DISK))
53		return (NT_STATUS_INVALID_PARAMETER);
54
55	if (sr->tid_tree->t_acltype != ACE_T) {
56		/*
57		 * If target filesystem doesn't support ACE_T acls then
58		 * don't process SACL
59		 */
60		secinfo &= ~SMB_SACL_SECINFO;
61	}
62
63	status = smb_sd_read(sr, &sd, secinfo);
64	if (status != NT_STATUS_SUCCESS)
65		return (status);
66
67	sdlen = smb_sd_len(&sd, secinfo);
68	if (sdlen == 0) {
69		status = NT_STATUS_INVALID_SECURITY_DESCR;
70		goto out;
71	}
72
73	if (sdlen > sr->raw_data.max_bytes) {
74		/*
75		 * The maximum data return count specified by the
76		 * client is not big enough to hold the security
77		 * descriptor.  Return the special error that
78		 * tells the client how much room they need.
79		 * Error data is the required size.
80		 */
81		MBC_FLUSH(&sr->raw_data);
82		sr->raw_data.max_bytes = 4;
83		(void) smb_mbc_encodef(&sr->raw_data, "l", sdlen);
84		status = NT_STATUS_BUFFER_TOO_SMALL;
85		goto out;
86	}
87
88	smb_encode_sd(&sr->raw_data, &sd, secinfo);
89	status = 0;
90
91out:
92	smb_sd_term(&sd);
93	return (status);
94}
95