1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved. 23 * Copyright (c) 2017 by Delphix. All rights reserved. 24 * Copyright 2019 Nexenta by DDN, Inc. All rights reserved. 25 * Copyright 2022 RackTop Systems, Inc. 26 */ 27 28 /* 29 * General Structures Layout 30 * ------------------------- 31 * 32 * This is a simplified diagram showing the relationship between most of the 33 * main structures. 34 * 35 * +-------------------+ 36 * | SMB_SERVER | 37 * +-------------------+ 38 * | 39 * | 40 * v 41 * +-------------------+ +-------------------+ +-------------------+ 42 * | SESSION |<----->| SESSION |......| SESSION | 43 * +-------------------+ +-------------------+ +-------------------+ 44 * | 45 * | 46 * v 47 * +-------------------+ +-------------------+ +-------------------+ 48 * | USER |<----->| USER |......| USER | 49 * +-------------------+ +-------------------+ +-------------------+ 50 * | 51 * | 52 * v 53 * +-------------------+ +-------------------+ +-------------------+ 54 * | TREE |<----->| TREE |......| TREE | 55 * +-------------------+ +-------------------+ +-------------------+ 56 * | | 57 * | | 58 * | v 59 * | +-------+ +-------+ +-------+ 60 * | | OFILE |<----->| OFILE |......| OFILE | 61 * | +-------+ +-------+ +-------+ 62 * | 63 * | 64 * v 65 * +-------+ +------+ +------+ 66 * | ODIR |<----->| ODIR |......| ODIR | 67 * +-------+ +------+ +------+ 68 * 69 * 70 * Module Interface Overview 71 * ------------------------- 72 * 73 * 74 * +===================================+ 75 * | smbd daemon | 76 * +===================================+ 77 * | | ^ 78 * | | | 79 * User | | | 80 * -----------|--------------|----------------|-------------------------------- 81 * Kernel | | | 82 * | | | 83 * | | | 84 * +=========|==============|================|=================+ 85 * | v v | | 86 * | +-----------+ +--------------------+ +------------------+ | 87 * | | IO | | Kernel Door Server | | User Door Servers| | 88 * | | Interface | | Interface | | Interface | | 89 * | +-----------+ +--------------------+ +------------------+ | 90 * | | | ^ ^ | 91 * | v v | | | +=========+ 92 * | +-----------------------------------+ | | | | 93 * | + SMB Server Management (this file) |<------------------| ZFS | 94 * | +-----------------------------------+ | | | | 95 * | | | | Module | 96 * | +-----------------------------------+ | | | | 97 * | + SMB Server Internal Layers |------+ | +=========+ 98 * | +-----------------------------------+ | 99 * | | 100 * | | 101 * +===========================================================+ 102 * 103 * 104 * Server State Machine 105 * -------------------- 106 * | 107 * | T0 108 * | 109 * v 110 * +-----------------------------+ 111 * | SMB_SERVER_STATE_CREATED | 112 * +-----------------------------+ 113 * | 114 * | T1 115 * | 116 * v 117 * +-----------------------------+ 118 * | SMB_SERVER_STATE_CONFIGURED | 119 * +-----------------------------+ 120 * | 121 * | T2 122 * | 123 * v 124 * +-----------------------------+ 125 * | SMB_SERVER_STATE_RUNNING / | 126 * | SMB_SERVER_STATE_STOPPING | 127 * +-----------------------------+ 128 * | 129 * | T3 130 * | 131 * v 132 * +-----------------------------+ 133 * | SMB_SERVER_STATE_DELETING | 134 * +-----------------------------+ 135 * | 136 * | 137 * | 138 * v 139 * 140 * States 141 * ------ 142 * 143 * SMB_SERVER_STATE_CREATED 144 * 145 * This is the state of the server just after creation. 146 * 147 * SMB_SERVER_STATE_CONFIGURED 148 * 149 * The server has been configured. 150 * 151 * SMB_SERVER_STATE_RUNNING 152 * 153 * The server has been started. While in this state the threads listening on 154 * the sockets are started. 155 * 156 * When a client establishes a connection the thread listening dispatches 157 * a task with the new session as an argument. If the dispatch fails the new 158 * session context is destroyed. 159 * 160 * SMB_SERVER_STATE_STOPPING 161 * 162 * The threads listening on the NBT and TCP sockets are being terminated. 163 * 164 * 165 * Transitions 166 * ----------- 167 * 168 * Transition T0 169 * 170 * The daemon smbd triggers its creation by opening the smbsrv device. If 171 * the zone where the daemon lives doesn't have an smb server yet it is 172 * created. 173 * 174 * smb_drv_open() --> smb_server_create() 175 * 176 * Transition T1 177 * 178 * This transition occurs in smb_server_configure(). It is triggered by the 179 * daemon through an Ioctl. 180 * 181 * smb_drv_ioctl(SMB_IOC_CONFIG) --> smb_server_configure() 182 * 183 * Transition T2 184 * 185 * This transition occurs in smb_server_start(). It is triggered by the 186 * daemon through an Ioctl. 187 * 188 * smb_drv_ioctl(SMB_IOC_START) --> smb_server_start() 189 * 190 * Transition T3 191 * 192 * This transition occurs in smb_server_delete(). It is triggered by the 193 * daemon when closing the smbsrv device 194 * 195 * smb_drv_close() --> smb_server_delete() 196 * 197 * Comments 198 * -------- 199 * 200 * This files assumes that there will one SMB server per zone. For now the 201 * smb server works only in global zone. There's nothing in this file preventing 202 * an smb server from being created in a non global zone. That limitation is 203 * enforced in user space. 204 */ 205 206 #include <sys/cmn_err.h> 207 #include <sys/priv.h> 208 #include <sys/zone.h> 209 #include <netinet/in.h> 210 #include <netinet/in_systm.h> 211 #include <netinet/ip.h> 212 #include <netinet/ip_icmp.h> 213 #include <netinet/ip_var.h> 214 #include <netinet/tcp.h> 215 #include <smbsrv/smb2_kproto.h> 216 #include <smbsrv/string.h> 217 #include <smbsrv/netbios.h> 218 #include <smbsrv/smb_fsops.h> 219 #include <smbsrv/smb_share.h> 220 #include <smbsrv/smb_door.h> 221 #include <smbsrv/smb_kstat.h> 222 223 static void smb_server_kstat_init(smb_server_t *); 224 static void smb_server_kstat_fini(smb_server_t *); 225 static void smb_server_timers(smb_thread_t *, void *); 226 static void smb_server_store_cfg(smb_server_t *, smb_ioc_cfg_t *); 227 static void smb_server_shutdown(smb_server_t *); 228 static int smb_server_fsop_start(smb_server_t *); 229 static void smb_server_fsop_stop(smb_server_t *); 230 static void smb_event_cancel(smb_server_t *, uint32_t); 231 static uint32_t smb_event_alloc_txid(void); 232 233 static void smb_server_disconnect_share(smb_server_t *, const char *); 234 static void smb_server_enum_users(smb_server_t *, smb_svcenum_t *); 235 static void smb_server_enum_trees(smb_server_t *, smb_svcenum_t *); 236 static int smb_server_session_disconnect(smb_server_t *, const char *, 237 const char *); 238 static int smb_server_fclose(smb_server_t *, uint32_t); 239 static int smb_server_kstat_update(kstat_t *, int); 240 static int smb_server_legacy_kstat_update(kstat_t *, int); 241 static void smb_server_listener_init(smb_server_t *, smb_listener_daemon_t *, 242 char *, in_port_t, int); 243 static void smb_server_listener_destroy(smb_listener_daemon_t *); 244 static int smb_server_listener_start(smb_listener_daemon_t *); 245 static void smb_server_listener_stop(smb_listener_daemon_t *); 246 static void smb_server_listener(smb_thread_t *, void *); 247 static void smb_server_receiver(void *); 248 static void smb_server_create_session(smb_listener_daemon_t *, ksocket_t); 249 static void smb_server_destroy_session(smb_session_t *); 250 static uint16_t smb_spool_get_fid(smb_server_t *); 251 static boolean_t smb_spool_lookup_doc_byfid(smb_server_t *, uint16_t, 252 smb_kspooldoc_t *); 253 254 /* 255 * How many "buckets" should our hash tables use? On a "real" server, 256 * make them much larger than the number of CPUs we're likely to have. 257 * On "fksmbd" make it smaller so dtrace logs are shorter. 258 * These must be powers of two. 259 */ 260 #ifdef _KERNEL 261 #define DEFAULT_HASH_NBUCKETS 256 /* real server */ 262 #else 263 #define DEFAULT_HASH_NBUCKETS 16 /* for "fksmbd" */ 264 #endif 265 uint32_t SMB_OFILE_HASH_NBUCKETS = DEFAULT_HASH_NBUCKETS; 266 uint32_t SMB_LEASE_HASH_NBUCKETS = DEFAULT_HASH_NBUCKETS; 267 268 int smb_event_debug = 0; 269 270 static smb_llist_t smb_servers; 271 272 /* for smb_server_destroy_session() */ 273 static smb_llist_t smb_server_session_zombies; 274 275 kmem_cache_t *smb_cache_request; 276 kmem_cache_t *smb_cache_session; 277 kmem_cache_t *smb_cache_user; 278 kmem_cache_t *smb_cache_tree; 279 kmem_cache_t *smb_cache_ofile; 280 kmem_cache_t *smb_cache_odir; 281 kmem_cache_t *smb_cache_opipe; 282 kmem_cache_t *smb_cache_event; 283 kmem_cache_t *smb_cache_lock; 284 285 /* 286 * ***************************************************************************** 287 * **************** Functions called from the device interface ***************** 288 * ***************************************************************************** 289 * 290 * These functions typically have to determine the relevant smb server 291 * to which the call applies. 292 */ 293 294 /* 295 * How many zones have an SMB server active? 296 */ 297 int 298 smb_server_get_count(void) 299 { 300 return (smb_llist_get_count(&smb_servers)); 301 } 302 303 /* 304 * smb_server_g_init 305 * 306 * This function must be called from smb_drv_attach(). 307 */ 308 int 309 smb_server_g_init(void) 310 { 311 int rc; 312 313 if ((rc = smb_vop_init()) != 0) 314 goto errout; 315 if ((rc = smb_fem_init()) != 0) 316 goto errout; 317 318 smb_kshare_g_init(); 319 smb_codepage_init(); 320 smb_mbc_init(); /* smb_mbc_cache */ 321 smb_node_init(); /* smb_node_cache, lists */ 322 smb2_lease_init(); 323 324 smb_cache_request = kmem_cache_create("smb_request_cache", 325 sizeof (smb_request_t), 8, NULL, NULL, NULL, NULL, NULL, 0); 326 smb_cache_session = kmem_cache_create("smb_session_cache", 327 sizeof (smb_session_t), 8, NULL, NULL, NULL, NULL, NULL, 0); 328 smb_cache_user = kmem_cache_create("smb_user_cache", 329 sizeof (smb_user_t), 8, NULL, NULL, NULL, NULL, NULL, 0); 330 smb_cache_tree = kmem_cache_create("smb_tree_cache", 331 sizeof (smb_tree_t), 8, NULL, NULL, NULL, NULL, NULL, 0); 332 smb_cache_ofile = kmem_cache_create("smb_ofile_cache", 333 sizeof (smb_ofile_t), 8, NULL, NULL, NULL, NULL, NULL, 0); 334 smb_cache_odir = kmem_cache_create("smb_odir_cache", 335 sizeof (smb_odir_t), 8, NULL, NULL, NULL, NULL, NULL, 0); 336 smb_cache_opipe = kmem_cache_create("smb_opipe_cache", 337 sizeof (smb_opipe_t), 8, NULL, NULL, NULL, NULL, NULL, 0); 338 smb_cache_event = kmem_cache_create("smb_event_cache", 339 sizeof (smb_event_t), 8, NULL, NULL, NULL, NULL, NULL, 0); 340 smb_cache_lock = kmem_cache_create("smb_lock_cache", 341 sizeof (smb_lock_t), 8, NULL, NULL, NULL, NULL, NULL, 0); 342 343 smb_llist_init(); 344 smb_llist_constructor(&smb_servers, sizeof (smb_server_t), 345 offsetof(smb_server_t, sv_lnd)); 346 347 smb_llist_constructor(&smb_server_session_zombies, 348 sizeof (smb_session_t), offsetof(smb_session_t, s_lnd)); 349 350 return (0); 351 352 errout: 353 smb_fem_fini(); 354 smb_vop_fini(); 355 return (rc); 356 } 357 358 /* 359 * smb_server_g_fini 360 * 361 * This function must called from smb_drv_detach(). It will fail if servers 362 * still exist. 363 */ 364 void 365 smb_server_g_fini(void) 366 { 367 368 ASSERT(smb_llist_get_count(&smb_servers) == 0); 369 370 smb_llist_fini(); 371 372 kmem_cache_destroy(smb_cache_request); 373 kmem_cache_destroy(smb_cache_session); 374 kmem_cache_destroy(smb_cache_user); 375 kmem_cache_destroy(smb_cache_tree); 376 kmem_cache_destroy(smb_cache_ofile); 377 kmem_cache_destroy(smb_cache_odir); 378 kmem_cache_destroy(smb_cache_opipe); 379 kmem_cache_destroy(smb_cache_event); 380 kmem_cache_destroy(smb_cache_lock); 381 382 smb2_lease_fini(); 383 smb_node_fini(); 384 smb_mbc_fini(); 385 smb_codepage_fini(); 386 smb_kshare_g_fini(); 387 388 smb_fem_fini(); 389 smb_vop_fini(); 390 391 smb_llist_destructor(&smb_servers); 392 } 393 394 /* 395 * smb_server_create 396 * 397 * This function will fail if there's already a server associated with the 398 * caller's zone. 399 */ 400 int 401 smb_server_create(void) 402 { 403 zoneid_t zid; 404 smb_server_t *sv; 405 406 zid = getzoneid(); 407 408 smb_llist_enter(&smb_servers, RW_WRITER); 409 sv = smb_llist_head(&smb_servers); 410 while (sv) { 411 SMB_SERVER_VALID(sv); 412 if (sv->sv_zid == zid) { 413 smb_llist_exit(&smb_servers); 414 return (EPERM); 415 } 416 sv = smb_llist_next(&smb_servers, sv); 417 } 418 419 sv = kmem_zalloc(sizeof (smb_server_t), KM_SLEEP); 420 421 sv->sv_magic = SMB_SERVER_MAGIC; 422 sv->sv_state = SMB_SERVER_STATE_CREATED; 423 sv->sv_zid = zid; 424 sv->sv_pid = ddi_get_pid(); 425 426 mutex_init(&sv->sv_mutex, NULL, MUTEX_DEFAULT, NULL); 427 cv_init(&sv->sv_cv, NULL, CV_DEFAULT, NULL); 428 cv_init(&sv->sp_info.sp_cv, NULL, CV_DEFAULT, NULL); 429 430 sv->sv_persistid_ht = smb_hash_create(sizeof (smb_ofile_t), 431 offsetof(smb_ofile_t, f_dh_lnd), SMB_OFILE_HASH_NBUCKETS); 432 433 sv->sv_lease_ht = smb_hash_create(sizeof (smb_lease_t), 434 offsetof(smb_lease_t, ls_lnd), SMB_LEASE_HASH_NBUCKETS); 435 436 smb_llist_constructor(&sv->sv_session_list, sizeof (smb_session_t), 437 offsetof(smb_session_t, s_lnd)); 438 439 smb_llist_constructor(&sv->sv_event_list, sizeof (smb_event_t), 440 offsetof(smb_event_t, se_lnd)); 441 442 smb_llist_constructor(&sv->sp_info.sp_list, sizeof (smb_kspooldoc_t), 443 offsetof(smb_kspooldoc_t, sd_lnd)); 444 445 smb_llist_constructor(&sv->sp_info.sp_fidlist, 446 sizeof (smb_spoolfid_t), offsetof(smb_spoolfid_t, sf_lnd)); 447 448 sv->sv_disp_stats1 = kmem_zalloc(SMB_COM_NUM * 449 sizeof (smb_disp_stats_t), KM_SLEEP); 450 451 sv->sv_disp_stats2 = kmem_zalloc(SMB2__NCMDS * 452 sizeof (smb_disp_stats_t), KM_SLEEP); 453 454 smb_thread_init(&sv->si_thread_timers, "smb_timers", 455 smb_server_timers, sv, smbsrv_timer_pri); 456 457 smb_srqueue_init(&sv->sv_srqueue); 458 459 smb_kdoor_init(sv); 460 smb_kshare_init(sv); 461 smb_server_kstat_init(sv); 462 463 smb_threshold_init(&sv->sv_ssetup_ct, SMB_SSETUP_CMD, 464 smb_ssetup_threshold, smb_ssetup_timeout); 465 smb_threshold_init(&sv->sv_tcon_ct, SMB_TCON_CMD, 466 smb_tcon_threshold, smb_tcon_timeout); 467 smb_threshold_init(&sv->sv_opipe_ct, SMB_OPIPE_CMD, 468 smb_opipe_threshold, smb_opipe_timeout); 469 470 smb_llist_insert_tail(&smb_servers, sv); 471 smb_llist_exit(&smb_servers); 472 473 return (0); 474 } 475 476 /* 477 * smb_server_delete 478 * 479 * This function will delete the server passed in. It will make sure that all 480 * activity associated that server has ceased before destroying it. 481 */ 482 int 483 smb_server_delete(smb_server_t *sv) 484 { 485 486 mutex_enter(&sv->sv_mutex); 487 switch (sv->sv_state) { 488 case SMB_SERVER_STATE_RUNNING: 489 sv->sv_state = SMB_SERVER_STATE_STOPPING; 490 mutex_exit(&sv->sv_mutex); 491 smb_server_shutdown(sv); 492 mutex_enter(&sv->sv_mutex); 493 cv_broadcast(&sv->sp_info.sp_cv); 494 sv->sv_state = SMB_SERVER_STATE_DELETING; 495 break; 496 case SMB_SERVER_STATE_STOPPING: 497 sv->sv_state = SMB_SERVER_STATE_DELETING; 498 break; 499 case SMB_SERVER_STATE_CONFIGURED: 500 case SMB_SERVER_STATE_CREATED: 501 sv->sv_state = SMB_SERVER_STATE_DELETING; 502 break; 503 default: 504 SMB_SERVER_STATE_VALID(sv->sv_state); 505 mutex_exit(&sv->sv_mutex); 506 smb_server_release(sv); 507 return (ENOTTY); 508 } 509 510 ASSERT(sv->sv_state == SMB_SERVER_STATE_DELETING); 511 512 sv->sv_refcnt--; 513 while (sv->sv_refcnt) 514 cv_wait(&sv->sv_cv, &sv->sv_mutex); 515 516 mutex_exit(&sv->sv_mutex); 517 518 smb_llist_enter(&smb_servers, RW_WRITER); 519 smb_llist_remove(&smb_servers, sv); 520 smb_llist_exit(&smb_servers); 521 522 smb_threshold_fini(&sv->sv_ssetup_ct); 523 smb_threshold_fini(&sv->sv_tcon_ct); 524 smb_threshold_fini(&sv->sv_opipe_ct); 525 526 smb_server_listener_destroy(&sv->sv_nbt_daemon); 527 smb_server_listener_destroy(&sv->sv_tcp_daemon); 528 rw_destroy(&sv->sv_cfg_lock); 529 smb_server_kstat_fini(sv); 530 smb_kshare_fini(sv); 531 smb_kdoor_fini(sv); 532 smb_llist_destructor(&sv->sv_event_list); 533 smb_llist_destructor(&sv->sv_session_list); 534 535 kmem_free(sv->sv_disp_stats1, 536 SMB_COM_NUM * sizeof (smb_disp_stats_t)); 537 538 kmem_free(sv->sv_disp_stats2, 539 SMB2__NCMDS * sizeof (smb_disp_stats_t)); 540 541 smb_srqueue_destroy(&sv->sv_srqueue); 542 smb_thread_destroy(&sv->si_thread_timers); 543 544 mutex_destroy(&sv->sv_mutex); 545 smb_hash_destroy(sv->sv_lease_ht); 546 smb_hash_destroy(sv->sv_persistid_ht); 547 cv_destroy(&sv->sv_cv); 548 sv->sv_magic = 0; 549 kmem_free(sv, sizeof (smb_server_t)); 550 551 return (0); 552 } 553 554 /* 555 * smb_server_configure 556 */ 557 int 558 smb_server_configure(smb_ioc_cfg_t *ioc) 559 { 560 int rc = 0; 561 smb_server_t *sv; 562 563 /* 564 * Reality check negotiation token length vs. #define'd maximum. 565 */ 566 if (ioc->negtok_len > SMB_PI_MAX_NEGTOK) 567 return (EINVAL); 568 569 rc = smb_server_lookup(&sv); 570 if (rc) 571 return (rc); 572 573 mutex_enter(&sv->sv_mutex); 574 switch (sv->sv_state) { 575 case SMB_SERVER_STATE_CREATED: 576 smb_server_store_cfg(sv, ioc); 577 sv->sv_state = SMB_SERVER_STATE_CONFIGURED; 578 break; 579 580 case SMB_SERVER_STATE_CONFIGURED: 581 smb_server_store_cfg(sv, ioc); 582 break; 583 584 case SMB_SERVER_STATE_RUNNING: 585 case SMB_SERVER_STATE_STOPPING: 586 rw_enter(&sv->sv_cfg_lock, RW_WRITER); 587 smb_server_store_cfg(sv, ioc); 588 rw_exit(&sv->sv_cfg_lock); 589 break; 590 591 default: 592 SMB_SERVER_STATE_VALID(sv->sv_state); 593 rc = EFAULT; 594 break; 595 } 596 mutex_exit(&sv->sv_mutex); 597 598 smb_server_release(sv); 599 600 return (rc); 601 } 602 603 /* 604 * smb_server_start 605 */ 606 int 607 smb_server_start(smb_ioc_start_t *ioc) 608 { 609 int rc = 0; 610 int family; 611 smb_server_t *sv; 612 cred_t *ucr; 613 614 rc = smb_server_lookup(&sv); 615 if (rc) 616 return (rc); 617 618 mutex_enter(&sv->sv_mutex); 619 switch (sv->sv_state) { 620 case SMB_SERVER_STATE_CONFIGURED: 621 622 if ((rc = smb_server_fsop_start(sv)) != 0) 623 break; 624 625 /* 626 * Note: smb_kshare_start needs sv_session. 627 */ 628 sv->sv_session = smb_session_create(NULL, 0, sv, 0); 629 if (sv->sv_session == NULL) { 630 rc = ENOMEM; 631 break; 632 } 633 634 /* 635 * Create a logon on the server session, 636 * used when importing CA shares. 637 */ 638 sv->sv_rootuser = smb_user_new(sv->sv_session); 639 ucr = smb_kcred_create(); 640 rc = smb_user_logon(sv->sv_rootuser, ucr, "", "root", 641 SMB_USER_FLAG_ADMIN, 0, 0); 642 crfree(ucr); 643 ucr = NULL; 644 if (rc != 0) { 645 cmn_err(CE_NOTE, "smb_server_start: " 646 "failed to create root user"); 647 break; 648 } 649 650 if ((rc = smb_kshare_start(sv)) != 0) 651 break; 652 653 /* 654 * NB: the proc passed here has to be a "system" one. 655 * Normally that's p0, or the NGZ eqivalent. 656 */ 657 sv->sv_worker_pool = taskq_create_proc("smb_workers", 658 sv->sv_cfg.skc_maxworkers, smbsrv_worker_pri, 659 sv->sv_cfg.skc_maxworkers, INT_MAX, 660 curzone->zone_zsched, TASKQ_DYNAMIC); 661 662 sv->sv_receiver_pool = taskq_create_proc("smb_receivers", 663 sv->sv_cfg.skc_maxconnections, smbsrv_receive_pri, 664 sv->sv_cfg.skc_maxconnections, INT_MAX, 665 curzone->zone_zsched, TASKQ_DYNAMIC); 666 667 if (sv->sv_worker_pool == NULL || 668 sv->sv_receiver_pool == NULL) { 669 rc = ENOMEM; 670 break; 671 } 672 673 #ifdef _KERNEL 674 ASSERT(sv->sv_lmshrd == NULL); 675 sv->sv_lmshrd = smb_kshare_door_init(ioc->lmshrd); 676 if (sv->sv_lmshrd == NULL) 677 break; 678 if ((rc = smb_kdoor_open(sv, ioc->udoor)) != 0) { 679 cmn_err(CE_WARN, "Cannot open smbd door"); 680 break; 681 } 682 #else /* _KERNEL */ 683 /* Fake kernel does not use the kshare_door */ 684 fksmb_kdoor_open(sv, ioc->udoor_func); 685 #endif /* _KERNEL */ 686 687 if ((rc = smb_thread_start(&sv->si_thread_timers)) != 0) 688 break; 689 690 family = AF_INET; 691 smb_server_listener_init(sv, &sv->sv_nbt_daemon, 692 "smb_nbt_listener", IPPORT_NETBIOS_SSN, family); 693 if (sv->sv_cfg.skc_ipv6_enable) 694 family = AF_INET6; 695 smb_server_listener_init(sv, &sv->sv_tcp_daemon, 696 "smb_tcp_listener", IPPORT_SMB, family); 697 rc = smb_server_listener_start(&sv->sv_tcp_daemon); 698 if (rc != 0) 699 break; 700 if (sv->sv_cfg.skc_netbios_enable) 701 (void) smb_server_listener_start(&sv->sv_nbt_daemon); 702 703 sv->sv_state = SMB_SERVER_STATE_RUNNING; 704 sv->sv_start_time = gethrtime(); 705 mutex_exit(&sv->sv_mutex); 706 smb_server_release(sv); 707 smb_export_start(sv); 708 return (0); 709 default: 710 SMB_SERVER_STATE_VALID(sv->sv_state); 711 mutex_exit(&sv->sv_mutex); 712 smb_server_release(sv); 713 return (ENOTTY); 714 } 715 716 mutex_exit(&sv->sv_mutex); 717 smb_server_shutdown(sv); 718 smb_server_release(sv); 719 return (rc); 720 } 721 722 /* 723 * An smbd is shutting down. 724 */ 725 int 726 smb_server_stop(void) 727 { 728 smb_server_t *sv; 729 int rc; 730 731 if ((rc = smb_server_lookup(&sv)) != 0) 732 return (rc); 733 734 mutex_enter(&sv->sv_mutex); 735 switch (sv->sv_state) { 736 case SMB_SERVER_STATE_RUNNING: 737 sv->sv_state = SMB_SERVER_STATE_STOPPING; 738 mutex_exit(&sv->sv_mutex); 739 smb_server_shutdown(sv); 740 mutex_enter(&sv->sv_mutex); 741 cv_broadcast(&sv->sp_info.sp_cv); 742 break; 743 default: 744 SMB_SERVER_STATE_VALID(sv->sv_state); 745 break; 746 } 747 mutex_exit(&sv->sv_mutex); 748 749 smb_server_release(sv); 750 return (0); 751 } 752 753 boolean_t 754 smb_server_is_stopping(smb_server_t *sv) 755 { 756 boolean_t status; 757 758 SMB_SERVER_VALID(sv); 759 760 mutex_enter(&sv->sv_mutex); 761 762 switch (sv->sv_state) { 763 case SMB_SERVER_STATE_STOPPING: 764 case SMB_SERVER_STATE_DELETING: 765 status = B_TRUE; 766 break; 767 default: 768 status = B_FALSE; 769 break; 770 } 771 772 mutex_exit(&sv->sv_mutex); 773 return (status); 774 } 775 776 void 777 smb_server_cancel_event(smb_server_t *sv, uint32_t txid) 778 { 779 smb_event_cancel(sv, txid); 780 } 781 782 int 783 smb_server_notify_event(smb_ioc_event_t *ioc) 784 { 785 smb_server_t *sv; 786 int rc; 787 788 if ((rc = smb_server_lookup(&sv)) == 0) { 789 smb_event_notify(sv, ioc->txid); 790 smb_server_release(sv); 791 } 792 793 return (rc); 794 } 795 796 /* 797 * smb_server_spooldoc 798 * 799 * Waits for print file close broadcast. 800 * Gets the head of the fid list, 801 * then searches the spooldoc list and returns 802 * this info via the ioctl to user land. 803 * 804 * rc - 0 success 805 */ 806 807 int 808 smb_server_spooldoc(smb_ioc_spooldoc_t *ioc) 809 { 810 smb_server_t *sv; 811 int rc; 812 smb_kspooldoc_t *spdoc; 813 uint16_t fid; 814 815 if ((rc = smb_server_lookup(&sv)) != 0) 816 return (rc); 817 818 if (sv->sv_cfg.skc_print_enable == 0) { 819 rc = ENOTTY; 820 goto out; 821 } 822 823 mutex_enter(&sv->sv_mutex); 824 for (;;) { 825 if (sv->sv_state != SMB_SERVER_STATE_RUNNING) { 826 rc = ECANCELED; 827 break; 828 } 829 if ((fid = smb_spool_get_fid(sv)) != 0) { 830 rc = 0; 831 break; 832 } 833 if (cv_wait_sig(&sv->sp_info.sp_cv, &sv->sv_mutex) == 0) { 834 rc = EINTR; 835 break; 836 } 837 } 838 mutex_exit(&sv->sv_mutex); 839 if (rc != 0) 840 goto out; 841 842 spdoc = kmem_zalloc(sizeof (*spdoc), KM_SLEEP); 843 if (smb_spool_lookup_doc_byfid(sv, fid, spdoc)) { 844 ioc->spool_num = spdoc->sd_spool_num; 845 ioc->ipaddr = spdoc->sd_ipaddr; 846 (void) strlcpy(ioc->path, spdoc->sd_path, 847 MAXPATHLEN); 848 (void) strlcpy(ioc->username, 849 spdoc->sd_username, MAXNAMELEN); 850 } else { 851 /* Did not find that print job. */ 852 rc = EAGAIN; 853 } 854 kmem_free(spdoc, sizeof (*spdoc)); 855 856 out: 857 smb_server_release(sv); 858 return (rc); 859 } 860 861 int 862 smb_server_set_gmtoff(smb_ioc_gmt_t *ioc) 863 { 864 int rc; 865 smb_server_t *sv; 866 867 if ((rc = smb_server_lookup(&sv)) == 0) { 868 sv->si_gmtoff = ioc->offset; 869 smb_server_release(sv); 870 } 871 872 return (rc); 873 } 874 875 int 876 smb_server_numopen(smb_ioc_opennum_t *ioc) 877 { 878 smb_server_t *sv; 879 int rc; 880 881 if ((rc = smb_server_lookup(&sv)) == 0) { 882 ioc->open_users = sv->sv_users; 883 ioc->open_trees = sv->sv_trees; 884 ioc->open_files = sv->sv_files + sv->sv_pipes; 885 smb_server_release(sv); 886 } 887 return (rc); 888 } 889 890 /* 891 * Enumerate objects within the server. The svcenum provides the 892 * enumeration context, i.e. what the caller want to get back. 893 */ 894 int 895 smb_server_enum(smb_ioc_svcenum_t *ioc) 896 { 897 smb_svcenum_t *svcenum = &ioc->svcenum; 898 smb_server_t *sv; 899 int rc; 900 901 /* 902 * Reality check that the buffer-length insize the enum doesn't 903 * overrun the ioctl's total length. 904 */ 905 if (svcenum->se_buflen + sizeof (*ioc) > ioc->hdr.len) 906 return (EINVAL); 907 908 if ((rc = smb_server_lookup(&sv)) != 0) 909 return (rc); 910 911 svcenum->se_bavail = svcenum->se_buflen; 912 svcenum->se_bused = 0; 913 svcenum->se_nitems = 0; 914 915 switch (svcenum->se_type) { 916 case SMB_SVCENUM_TYPE_USER: 917 smb_server_enum_users(sv, svcenum); 918 break; 919 case SMB_SVCENUM_TYPE_TREE: 920 case SMB_SVCENUM_TYPE_FILE: 921 smb_server_enum_trees(sv, svcenum); 922 break; 923 default: 924 rc = EINVAL; 925 } 926 927 smb_server_release(sv); 928 return (rc); 929 } 930 931 /* 932 * Look for sessions to disconnect by client and user name. 933 */ 934 int 935 smb_server_session_close(smb_ioc_session_t *ioc) 936 { 937 smb_server_t *sv; 938 int cnt; 939 int rc; 940 941 if ((rc = smb_server_lookup(&sv)) != 0) 942 return (rc); 943 944 cnt = smb_server_session_disconnect(sv, ioc->client, ioc->username); 945 946 smb_server_release(sv); 947 948 if (cnt == 0) 949 return (ENOENT); 950 return (0); 951 } 952 953 /* 954 * Close a file by uniqid. 955 */ 956 int 957 smb_server_file_close(smb_ioc_fileid_t *ioc) 958 { 959 uint32_t uniqid = ioc->uniqid; 960 smb_server_t *sv; 961 int rc; 962 963 if ((rc = smb_server_lookup(&sv)) != 0) 964 return (rc); 965 966 rc = smb_server_fclose(sv, uniqid); 967 968 smb_server_release(sv); 969 return (rc); 970 } 971 972 /* 973 * These functions determine the relevant smb server to which the call apply. 974 */ 975 976 uint32_t 977 smb_server_get_session_count(smb_server_t *sv) 978 { 979 uint32_t counter = 0; 980 981 counter = smb_llist_get_count(&sv->sv_session_list); 982 983 return (counter); 984 } 985 986 /* 987 * Gets the smb_node of the specified share path. 988 * Node is returned held (caller must rele.) 989 */ 990 int 991 smb_server_share_lookup(smb_server_t *sv, const char *shr_path, 992 smb_node_t **nodepp) 993 { 994 smb_request_t *sr; 995 smb_node_t *fnode = NULL; 996 smb_node_t *dnode = NULL; 997 char last_comp[MAXNAMELEN]; 998 int rc = 0; 999 1000 ASSERT(shr_path); 1001 1002 mutex_enter(&sv->sv_mutex); 1003 switch (sv->sv_state) { 1004 case SMB_SERVER_STATE_RUNNING: 1005 break; 1006 default: 1007 mutex_exit(&sv->sv_mutex); 1008 return (ENOTACTIVE); 1009 } 1010 mutex_exit(&sv->sv_mutex); 1011 1012 if ((sr = smb_request_alloc(sv->sv_session, 0)) == NULL) { 1013 return (ENOTCONN); 1014 } 1015 sr->user_cr = zone_kcred(); 1016 1017 rc = smb_pathname_reduce(sr, sr->user_cr, shr_path, 1018 NULL, NULL, &dnode, last_comp); 1019 1020 if (rc == 0) { 1021 rc = smb_fsop_lookup(sr, sr->user_cr, SMB_FOLLOW_LINKS, 1022 sv->si_root_smb_node, dnode, last_comp, &fnode); 1023 smb_node_release(dnode); 1024 } 1025 1026 smb_request_free(sr); 1027 1028 if (rc != 0) 1029 return (rc); 1030 1031 ASSERT(fnode->vp && fnode->vp->v_vfsp); 1032 1033 *nodepp = fnode; 1034 1035 return (0); 1036 } 1037 1038 #ifdef _KERNEL 1039 /* 1040 * This is a special interface that will be utilized by ZFS to cause a share to 1041 * be added/removed. 1042 * 1043 * arg is either a lmshare_info_t or share_name from userspace. 1044 * It will need to be copied into the kernel. It is lmshare_info_t 1045 * for add operations and share_name for delete operations. 1046 */ 1047 int 1048 smb_server_share(void *arg, boolean_t add_share) 1049 { 1050 smb_server_t *sv; 1051 int rc; 1052 1053 if ((rc = smb_server_lookup(&sv)) == 0) { 1054 mutex_enter(&sv->sv_mutex); 1055 switch (sv->sv_state) { 1056 case SMB_SERVER_STATE_RUNNING: 1057 mutex_exit(&sv->sv_mutex); 1058 (void) smb_kshare_upcall(sv->sv_lmshrd, arg, add_share); 1059 break; 1060 default: 1061 mutex_exit(&sv->sv_mutex); 1062 break; 1063 } 1064 smb_server_release(sv); 1065 } 1066 1067 return (rc); 1068 } 1069 #endif /* _KERNEL */ 1070 1071 int 1072 smb_server_unshare(const char *sharename) 1073 { 1074 smb_server_t *sv; 1075 int rc; 1076 1077 if ((rc = smb_server_lookup(&sv))) 1078 return (rc); 1079 1080 mutex_enter(&sv->sv_mutex); 1081 switch (sv->sv_state) { 1082 case SMB_SERVER_STATE_RUNNING: 1083 case SMB_SERVER_STATE_STOPPING: 1084 break; 1085 default: 1086 mutex_exit(&sv->sv_mutex); 1087 smb_server_release(sv); 1088 return (ENOTACTIVE); 1089 } 1090 mutex_exit(&sv->sv_mutex); 1091 1092 smb_server_disconnect_share(sv, sharename); 1093 1094 smb_server_release(sv); 1095 return (0); 1096 } 1097 1098 /* 1099 * Disconnect the specified share. 1100 * Typically called when a share has been removed. 1101 */ 1102 static void 1103 smb_server_disconnect_share(smb_server_t *sv, const char *sharename) 1104 { 1105 smb_llist_t *ll; 1106 smb_session_t *session; 1107 1108 ll = &sv->sv_session_list; 1109 smb_llist_enter(ll, RW_READER); 1110 1111 session = smb_llist_head(ll); 1112 while (session) { 1113 SMB_SESSION_VALID(session); 1114 smb_rwx_rwenter(&session->s_lock, RW_READER); 1115 switch (session->s_state) { 1116 case SMB_SESSION_STATE_NEGOTIATED: 1117 smb_rwx_rwexit(&session->s_lock); 1118 smb_session_disconnect_share(session, sharename); 1119 break; 1120 default: 1121 smb_rwx_rwexit(&session->s_lock); 1122 break; 1123 } 1124 session = smb_llist_next(ll, session); 1125 } 1126 1127 smb_llist_exit(ll); 1128 } 1129 1130 /* 1131 * ***************************************************************************** 1132 * **************** Functions called from the internal layers ****************** 1133 * ***************************************************************************** 1134 * 1135 * These functions are provided the relevant smb server by the caller. 1136 */ 1137 1138 void 1139 smb_server_get_cfg(smb_server_t *sv, smb_kmod_cfg_t *cfg) 1140 { 1141 rw_enter(&sv->sv_cfg_lock, RW_READER); 1142 bcopy(&sv->sv_cfg, cfg, sizeof (*cfg)); 1143 rw_exit(&sv->sv_cfg_lock); 1144 } 1145 1146 /* 1147 * 1148 */ 1149 void 1150 smb_server_inc_nbt_sess(smb_server_t *sv) 1151 { 1152 SMB_SERVER_VALID(sv); 1153 atomic_inc_32(&sv->sv_nbt_sess); 1154 } 1155 1156 void 1157 smb_server_dec_nbt_sess(smb_server_t *sv) 1158 { 1159 SMB_SERVER_VALID(sv); 1160 atomic_dec_32(&sv->sv_nbt_sess); 1161 } 1162 1163 void 1164 smb_server_inc_tcp_sess(smb_server_t *sv) 1165 { 1166 SMB_SERVER_VALID(sv); 1167 atomic_inc_32(&sv->sv_tcp_sess); 1168 } 1169 1170 void 1171 smb_server_dec_tcp_sess(smb_server_t *sv) 1172 { 1173 SMB_SERVER_VALID(sv); 1174 atomic_dec_32(&sv->sv_tcp_sess); 1175 } 1176 1177 void 1178 smb_server_inc_users(smb_server_t *sv) 1179 { 1180 SMB_SERVER_VALID(sv); 1181 atomic_inc_32(&sv->sv_users); 1182 } 1183 1184 void 1185 smb_server_dec_users(smb_server_t *sv) 1186 { 1187 SMB_SERVER_VALID(sv); 1188 atomic_dec_32(&sv->sv_users); 1189 } 1190 1191 void 1192 smb_server_inc_trees(smb_server_t *sv) 1193 { 1194 SMB_SERVER_VALID(sv); 1195 atomic_inc_32(&sv->sv_trees); 1196 } 1197 1198 void 1199 smb_server_dec_trees(smb_server_t *sv) 1200 { 1201 SMB_SERVER_VALID(sv); 1202 atomic_dec_32(&sv->sv_trees); 1203 } 1204 1205 void 1206 smb_server_inc_files(smb_server_t *sv) 1207 { 1208 SMB_SERVER_VALID(sv); 1209 atomic_inc_32(&sv->sv_files); 1210 } 1211 1212 void 1213 smb_server_dec_files(smb_server_t *sv) 1214 { 1215 SMB_SERVER_VALID(sv); 1216 atomic_dec_32(&sv->sv_files); 1217 } 1218 1219 void 1220 smb_server_inc_pipes(smb_server_t *sv) 1221 { 1222 SMB_SERVER_VALID(sv); 1223 atomic_inc_32(&sv->sv_pipes); 1224 } 1225 1226 void 1227 smb_server_dec_pipes(smb_server_t *sv) 1228 { 1229 SMB_SERVER_VALID(sv); 1230 atomic_dec_32(&sv->sv_pipes); 1231 } 1232 1233 void 1234 smb_server_add_rxb(smb_server_t *sv, int64_t value) 1235 { 1236 SMB_SERVER_VALID(sv); 1237 atomic_add_64(&sv->sv_rxb, value); 1238 } 1239 1240 void 1241 smb_server_add_txb(smb_server_t *sv, int64_t value) 1242 { 1243 SMB_SERVER_VALID(sv); 1244 atomic_add_64(&sv->sv_txb, value); 1245 } 1246 1247 void 1248 smb_server_inc_req(smb_server_t *sv) 1249 { 1250 SMB_SERVER_VALID(sv); 1251 atomic_inc_64(&sv->sv_nreq); 1252 } 1253 1254 /* 1255 * ***************************************************************************** 1256 * *************************** Static Functions ******************************** 1257 * ***************************************************************************** 1258 */ 1259 1260 static void 1261 smb_server_timers(smb_thread_t *thread, void *arg) 1262 { 1263 smb_server_t *sv = (smb_server_t *)arg; 1264 1265 ASSERT(sv != NULL); 1266 1267 /* 1268 * This kills old inactive sessions and expired durable 1269 * handles. The session code expects one call per minute. 1270 */ 1271 while (smb_thread_continue_timedwait(thread, 60 /* Seconds */)) { 1272 if (sv->sv_cfg.skc_keepalive != 0) 1273 smb_session_timers(sv); 1274 smb2_durable_timers(sv); 1275 } 1276 } 1277 1278 /* 1279 * smb_server_kstat_init 1280 */ 1281 static void 1282 smb_server_kstat_init(smb_server_t *sv) 1283 { 1284 1285 sv->sv_ksp = kstat_create_zone(SMBSRV_KSTAT_MODULE, 0, 1286 SMBSRV_KSTAT_STATISTICS, SMBSRV_KSTAT_CLASS, KSTAT_TYPE_RAW, 1287 sizeof (smbsrv_kstats_t), 0, sv->sv_zid); 1288 1289 if (sv->sv_ksp != NULL) { 1290 sv->sv_ksp->ks_update = smb_server_kstat_update; 1291 sv->sv_ksp->ks_private = sv; 1292 ((smbsrv_kstats_t *)sv->sv_ksp->ks_data)->ks_start_time = 1293 sv->sv_start_time; 1294 smb_dispatch_stats_init(sv); 1295 smb2_dispatch_stats_init(sv); 1296 kstat_install(sv->sv_ksp); 1297 } else { 1298 cmn_err(CE_WARN, "SMB Server: Statistics unavailable"); 1299 } 1300 1301 sv->sv_legacy_ksp = kstat_create_zone(SMBSRV_KSTAT_MODULE, 0, 1302 SMBSRV_KSTAT_NAME, SMBSRV_KSTAT_CLASS, KSTAT_TYPE_NAMED, 1303 sizeof (smb_server_legacy_kstat_t) / sizeof (kstat_named_t), 1304 0, sv->sv_zid); 1305 1306 if (sv->sv_legacy_ksp != NULL) { 1307 smb_server_legacy_kstat_t *ksd; 1308 1309 ksd = sv->sv_legacy_ksp->ks_data; 1310 1311 (void) strlcpy(ksd->ls_files.name, "open_files", 1312 sizeof (ksd->ls_files.name)); 1313 ksd->ls_files.data_type = KSTAT_DATA_UINT32; 1314 1315 (void) strlcpy(ksd->ls_trees.name, "connections", 1316 sizeof (ksd->ls_trees.name)); 1317 ksd->ls_trees.data_type = KSTAT_DATA_UINT32; 1318 1319 (void) strlcpy(ksd->ls_users.name, "connections", 1320 sizeof (ksd->ls_users.name)); 1321 ksd->ls_users.data_type = KSTAT_DATA_UINT32; 1322 1323 mutex_init(&sv->sv_legacy_ksmtx, NULL, MUTEX_DEFAULT, NULL); 1324 sv->sv_legacy_ksp->ks_lock = &sv->sv_legacy_ksmtx; 1325 sv->sv_legacy_ksp->ks_update = smb_server_legacy_kstat_update; 1326 kstat_install(sv->sv_legacy_ksp); 1327 } 1328 } 1329 1330 /* 1331 * smb_server_kstat_fini 1332 */ 1333 static void 1334 smb_server_kstat_fini(smb_server_t *sv) 1335 { 1336 if (sv->sv_legacy_ksp != NULL) { 1337 kstat_delete(sv->sv_legacy_ksp); 1338 mutex_destroy(&sv->sv_legacy_ksmtx); 1339 sv->sv_legacy_ksp = NULL; 1340 } 1341 1342 if (sv->sv_ksp != NULL) { 1343 kstat_delete(sv->sv_ksp); 1344 sv->sv_ksp = NULL; 1345 smb_dispatch_stats_fini(sv); 1346 smb2_dispatch_stats_fini(sv); 1347 } 1348 } 1349 1350 /* 1351 * Verify the defines in smb_kstat.h used by ks_reqs1 ks_reqs2 1352 */ 1353 CTASSERT(SMBSRV_KS_NREQS1 == SMB_COM_NUM); 1354 CTASSERT(SMBSRV_KS_NREQS2 == SMB2__NCMDS); 1355 1356 /* 1357 * smb_server_kstat_update 1358 */ 1359 static int 1360 smb_server_kstat_update(kstat_t *ksp, int rw) 1361 { 1362 smb_server_t *sv; 1363 smbsrv_kstats_t *ksd; 1364 1365 if (rw == KSTAT_READ) { 1366 sv = ksp->ks_private; 1367 SMB_SERVER_VALID(sv); 1368 ksd = (smbsrv_kstats_t *)ksp->ks_data; 1369 /* 1370 * Counters 1371 */ 1372 ksd->ks_nbt_sess = sv->sv_nbt_sess; 1373 ksd->ks_tcp_sess = sv->sv_tcp_sess; 1374 ksd->ks_users = sv->sv_users; 1375 ksd->ks_trees = sv->sv_trees; 1376 ksd->ks_files = sv->sv_files; 1377 ksd->ks_pipes = sv->sv_pipes; 1378 /* 1379 * Throughput 1380 */ 1381 ksd->ks_txb = sv->sv_txb; 1382 ksd->ks_rxb = sv->sv_rxb; 1383 ksd->ks_nreq = sv->sv_nreq; 1384 /* 1385 * Busyness 1386 */ 1387 ksd->ks_maxreqs = sv->sv_cfg.skc_maxworkers; 1388 smb_srqueue_update(&sv->sv_srqueue, 1389 &ksd->ks_utilization); 1390 /* 1391 * Latency & Throughput of the requests 1392 */ 1393 smb_dispatch_stats_update(sv, ksd->ks_reqs1, 0, SMB_COM_NUM); 1394 smb2_dispatch_stats_update(sv, ksd->ks_reqs2, 0, SMB2__NCMDS); 1395 return (0); 1396 } 1397 if (rw == KSTAT_WRITE) 1398 return (EACCES); 1399 1400 return (EIO); 1401 } 1402 1403 static int 1404 smb_server_legacy_kstat_update(kstat_t *ksp, int rw) 1405 { 1406 smb_server_t *sv; 1407 smb_server_legacy_kstat_t *ksd; 1408 int rc; 1409 1410 switch (rw) { 1411 case KSTAT_WRITE: 1412 rc = EACCES; 1413 break; 1414 case KSTAT_READ: 1415 if (!smb_server_lookup(&sv)) { 1416 ASSERT(MUTEX_HELD(ksp->ks_lock)); 1417 ASSERT(sv->sv_legacy_ksp == ksp); 1418 ksd = (smb_server_legacy_kstat_t *)ksp->ks_data; 1419 ksd->ls_files.value.ui32 = sv->sv_files + sv->sv_pipes; 1420 ksd->ls_trees.value.ui32 = sv->sv_trees; 1421 ksd->ls_users.value.ui32 = sv->sv_users; 1422 smb_server_release(sv); 1423 rc = 0; 1424 break; 1425 } 1426 /* FALLTHROUGH */ 1427 default: 1428 rc = EIO; 1429 break; 1430 } 1431 return (rc); 1432 1433 } 1434 1435 int smb_server_shutdown_wait1 = 15; /* seconds */ 1436 1437 /* 1438 * smb_server_shutdown 1439 */ 1440 static void 1441 smb_server_shutdown(smb_server_t *sv) 1442 { 1443 smb_llist_t *sl = &sv->sv_session_list; 1444 smb_session_t *session; 1445 clock_t time0, time1, time2; 1446 1447 SMB_SERVER_VALID(sv); 1448 1449 /* 1450 * Stop the listeners first, so we can't get any more 1451 * new sessions while we're trying to shut down. 1452 */ 1453 smb_server_listener_stop(&sv->sv_nbt_daemon); 1454 smb_server_listener_stop(&sv->sv_tcp_daemon); 1455 1456 /* 1457 * Disconnect all of the sessions. This causes all the 1458 * smb_server_receiver threads to see a disconnect and 1459 * begin tear-down (in parallel) in smb_session_cancel. 1460 */ 1461 smb_llist_enter(sl, RW_READER); 1462 session = smb_llist_head(sl); 1463 while (session != NULL) { 1464 smb_session_disconnect(session); 1465 session = smb_llist_next(sl, session); 1466 } 1467 smb_llist_exit(sl); 1468 1469 /* 1470 * Wake up any threads we might have blocked. 1471 * Must precede kdoor_close etc. because those will 1472 * wait for such threads to get out. 1473 */ 1474 smb_event_cancel(sv, 0); 1475 smb_threshold_wake_all(&sv->sv_ssetup_ct); 1476 smb_threshold_wake_all(&sv->sv_tcon_ct); 1477 smb_threshold_wake_all(&sv->sv_opipe_ct); 1478 1479 /* 1480 * Wait for the session list to empty. 1481 * (cv_signal in smb_server_destroy_session) 1482 * 1483 * We must wait for all the SMB session readers to finish, or 1484 * we could proceed here while there might be worker threads 1485 * running in any of those sessions. See smb_session_logoff 1486 * for timeouts applied to session tear-down. If this takes 1487 * longer than expected, make some noise, and fire a dtrace 1488 * probe one might use to investigate. 1489 */ 1490 time0 = ddi_get_lbolt(); 1491 time1 = SEC_TO_TICK(smb_server_shutdown_wait1) + time0; 1492 mutex_enter(&sv->sv_mutex); 1493 while (sv->sv_session_list.ll_count != 0) { 1494 if (cv_timedwait(&sv->sv_cv, &sv->sv_mutex, time1) < 0) { 1495 cmn_err(CE_NOTE, "!shutdown waited %d seconds" 1496 " with %d sessions still remaining", 1497 smb_server_shutdown_wait1, 1498 sv->sv_session_list.ll_count); 1499 DTRACE_PROBE1(max__wait, smb_server_t *, sv); 1500 break; 1501 } 1502 } 1503 while (sv->sv_session_list.ll_count != 0) { 1504 cv_wait(&sv->sv_cv, &sv->sv_mutex); 1505 } 1506 mutex_exit(&sv->sv_mutex); 1507 1508 time2 = ddi_get_lbolt(); 1509 if (time2 > time1) { 1510 cmn_err(CE_NOTE, "!shutdown waited %d seconds" 1511 " for all sessions to finish", 1512 (int)TICK_TO_SEC(time2 - time0)); 1513 } 1514 1515 smb_kdoor_close(sv); 1516 #ifdef _KERNEL 1517 smb_kshare_door_fini(sv->sv_lmshrd); 1518 #endif /* _KERNEL */ 1519 sv->sv_lmshrd = NULL; 1520 1521 smb_export_stop(sv); 1522 smb_kshare_stop(sv); 1523 smb_thread_stop(&sv->si_thread_timers); 1524 1525 /* 1526 * Both kshare and the oplock break sub-systems may have 1527 * taskq jobs on the spcial "server" session, until we've 1528 * closed all ofiles and stopped the kshare exporter. 1529 * Now it's safe to destroy the server session, but first 1530 * wait for any requests on it to finish. Note that for 1531 * normal sessions, this happens in smb_session_cancel, 1532 * but that's not called for the server session. 1533 */ 1534 if (sv->sv_rootuser != NULL) { 1535 smb_user_logoff(sv->sv_rootuser); 1536 smb_user_release(sv->sv_rootuser); 1537 sv->sv_rootuser = NULL; 1538 } 1539 if (sv->sv_session != NULL) { 1540 smb_session_cancel_requests(sv->sv_session, NULL, NULL); 1541 smb_slist_wait_for_empty(&sv->sv_session->s_req_list); 1542 1543 /* Just in case import left users and trees */ 1544 smb_session_logoff(sv->sv_session); 1545 1546 smb_session_delete(sv->sv_session); 1547 sv->sv_session = NULL; 1548 } 1549 1550 if (sv->sv_receiver_pool != NULL) { 1551 taskq_destroy(sv->sv_receiver_pool); 1552 sv->sv_receiver_pool = NULL; 1553 } 1554 1555 if (sv->sv_worker_pool != NULL) { 1556 taskq_destroy(sv->sv_worker_pool); 1557 sv->sv_worker_pool = NULL; 1558 } 1559 1560 /* 1561 * Clean out any durable handles. After this we should 1562 * have no ofiles remaining (and no more oplock breaks). 1563 */ 1564 smb2_dh_shutdown(sv); 1565 1566 smb_server_fsop_stop(sv); 1567 } 1568 1569 /* 1570 * smb_server_listener_init 1571 * 1572 * Initializes listener contexts. 1573 */ 1574 static void 1575 smb_server_listener_init( 1576 smb_server_t *sv, 1577 smb_listener_daemon_t *ld, 1578 char *name, 1579 in_port_t port, 1580 int family) 1581 { 1582 ASSERT(ld->ld_magic != SMB_LISTENER_MAGIC); 1583 1584 bzero(ld, sizeof (*ld)); 1585 1586 ld->ld_sv = sv; 1587 ld->ld_family = family; 1588 ld->ld_port = port; 1589 1590 if (family == AF_INET) { 1591 ld->ld_sin.sin_family = (uint32_t)family; 1592 ld->ld_sin.sin_port = htons(port); 1593 ld->ld_sin.sin_addr.s_addr = htonl(INADDR_ANY); 1594 } else { 1595 ld->ld_sin6.sin6_family = (uint32_t)family; 1596 ld->ld_sin6.sin6_port = htons(port); 1597 (void) memset(&ld->ld_sin6.sin6_addr.s6_addr, 0, 1598 sizeof (ld->ld_sin6.sin6_addr.s6_addr)); 1599 } 1600 1601 smb_thread_init(&ld->ld_thread, name, smb_server_listener, ld, 1602 smbsrv_listen_pri); 1603 ld->ld_magic = SMB_LISTENER_MAGIC; 1604 } 1605 1606 /* 1607 * smb_server_listener_destroy 1608 * 1609 * Destroyes listener contexts. 1610 */ 1611 static void 1612 smb_server_listener_destroy(smb_listener_daemon_t *ld) 1613 { 1614 /* 1615 * Note that if startup fails early, we can legitimately 1616 * get here with an all-zeros object. 1617 */ 1618 if (ld->ld_magic == 0) 1619 return; 1620 1621 SMB_LISTENER_VALID(ld); 1622 ASSERT(ld->ld_so == NULL); 1623 smb_thread_destroy(&ld->ld_thread); 1624 ld->ld_magic = 0; 1625 } 1626 1627 /* 1628 * smb_server_listener_start 1629 * 1630 * Starts the listener associated with the context passed in. 1631 * 1632 * Return: 0 Success 1633 * not 0 Failure 1634 */ 1635 static int 1636 smb_server_listener_start(smb_listener_daemon_t *ld) 1637 { 1638 int rc; 1639 uint32_t on; 1640 uint32_t off; 1641 1642 SMB_LISTENER_VALID(ld); 1643 1644 if (ld->ld_so != NULL) 1645 return (EINVAL); 1646 1647 ld->ld_so = smb_socreate(ld->ld_family, SOCK_STREAM, 0); 1648 if (ld->ld_so == NULL) { 1649 cmn_err(CE_WARN, "port %d: socket create failed", ld->ld_port); 1650 return (ENOMEM); 1651 } 1652 1653 off = 0; 1654 (void) ksocket_setsockopt(ld->ld_so, SOL_SOCKET, 1655 SO_MAC_EXEMPT, &off, sizeof (off), CRED()); 1656 1657 on = 1; 1658 (void) ksocket_setsockopt(ld->ld_so, SOL_SOCKET, 1659 SO_REUSEADDR, &on, sizeof (on), CRED()); 1660 1661 if (ld->ld_family == AF_INET) { 1662 rc = ksocket_bind(ld->ld_so, 1663 (struct sockaddr *)&ld->ld_sin, 1664 sizeof (ld->ld_sin), CRED()); 1665 } else { 1666 rc = ksocket_bind(ld->ld_so, 1667 (struct sockaddr *)&ld->ld_sin6, 1668 sizeof (ld->ld_sin6), CRED()); 1669 } 1670 1671 if (rc != 0) { 1672 cmn_err(CE_WARN, "port %d: bind failed", ld->ld_port); 1673 return (rc); 1674 } 1675 1676 rc = ksocket_listen(ld->ld_so, 20, CRED()); 1677 if (rc < 0) { 1678 cmn_err(CE_WARN, "port %d: listen failed", ld->ld_port); 1679 return (rc); 1680 } 1681 1682 ksocket_hold(ld->ld_so); 1683 rc = smb_thread_start(&ld->ld_thread); 1684 if (rc != 0) { 1685 ksocket_rele(ld->ld_so); 1686 cmn_err(CE_WARN, "port %d: listener failed to start", 1687 ld->ld_port); 1688 return (rc); 1689 } 1690 return (0); 1691 } 1692 1693 /* 1694 * smb_server_listener_stop 1695 * 1696 * Stops the listener associated with the context passed in. 1697 */ 1698 static void 1699 smb_server_listener_stop(smb_listener_daemon_t *ld) 1700 { 1701 SMB_LISTENER_VALID(ld); 1702 1703 if (ld->ld_so != NULL) { 1704 smb_soshutdown(ld->ld_so); 1705 smb_sodestroy(ld->ld_so); 1706 smb_thread_stop(&ld->ld_thread); 1707 ld->ld_so = NULL; 1708 } 1709 } 1710 1711 /* 1712 * smb_server_listener 1713 * 1714 * Entry point of the listeners. 1715 */ 1716 static void 1717 smb_server_listener(smb_thread_t *thread, void *arg) 1718 { 1719 _NOTE(ARGUNUSED(thread)) 1720 smb_listener_daemon_t *ld; 1721 ksocket_t s_so; 1722 int on; 1723 int txbuf_size; 1724 1725 ld = (smb_listener_daemon_t *)arg; 1726 1727 SMB_LISTENER_VALID(ld); 1728 1729 DTRACE_PROBE1(so__wait__accept, struct sonode *, ld->ld_so); 1730 1731 while (smb_thread_continue_nowait(&ld->ld_thread) && 1732 ld->ld_sv->sv_state != SMB_SERVER_STATE_STOPPING) { 1733 int ret = ksocket_accept(ld->ld_so, NULL, NULL, &s_so, CRED()); 1734 1735 switch (ret) { 1736 case 0: 1737 break; 1738 case ECONNABORTED: 1739 continue; 1740 1741 case EINTR: 1742 case EBADF: 1743 case ENOTSOCK: 1744 /* These are normal during shutdown. Silence. */ 1745 if (ld->ld_sv->sv_state == SMB_SERVER_STATE_STOPPING) 1746 goto out; 1747 /* FALLTHROUGH */ 1748 default: 1749 cmn_err(CE_WARN, 1750 "smb_server_listener: ksocket_accept failed (%d)", 1751 ret); 1752 /* avoid a tight CPU-burn loop here */ 1753 delay(MSEC_TO_TICK(10)); 1754 continue; 1755 } 1756 1757 DTRACE_PROBE1(so__accept, struct sonode *, s_so); 1758 1759 on = 1; 1760 (void) ksocket_setsockopt(s_so, IPPROTO_TCP, TCP_NODELAY, 1761 &on, sizeof (on), CRED()); 1762 1763 on = 1; 1764 (void) ksocket_setsockopt(s_so, SOL_SOCKET, SO_KEEPALIVE, 1765 &on, sizeof (on), CRED()); 1766 1767 txbuf_size = 128*1024; 1768 (void) ksocket_setsockopt(s_so, SOL_SOCKET, SO_SNDBUF, 1769 (const void *)&txbuf_size, sizeof (txbuf_size), CRED()); 1770 1771 /* 1772 * Create a session for this connection. 1773 */ 1774 smb_server_create_session(ld, s_so); 1775 } 1776 out: 1777 ksocket_rele(ld->ld_so); 1778 } 1779 1780 /* 1781 * smb_server_receiver 1782 * 1783 * Entry point of the receiver threads. 1784 * Also does cleanup when socket disconnected. 1785 */ 1786 static void 1787 smb_server_receiver(void *arg) 1788 { 1789 smb_session_t *session; 1790 1791 session = (smb_session_t *)arg; 1792 1793 /* We stay in here until socket disconnect. */ 1794 smb_session_receiver(session); 1795 1796 smb_server_destroy_session(session); 1797 } 1798 1799 /* 1800 * smb_server_lookup 1801 * 1802 * This function finds the server associated with the zone of the 1803 * caller. Note: requires a fix in the dynamic taskq code: 1804 * 1501 taskq_create_proc ... TQ_DYNAMIC puts tasks in p0 1805 */ 1806 int 1807 smb_server_lookup(smb_server_t **psv) 1808 { 1809 zoneid_t zid; 1810 smb_server_t *sv; 1811 1812 zid = getzoneid(); 1813 1814 smb_llist_enter(&smb_servers, RW_READER); 1815 sv = smb_llist_head(&smb_servers); 1816 while (sv) { 1817 SMB_SERVER_VALID(sv); 1818 if (sv->sv_zid == zid) { 1819 mutex_enter(&sv->sv_mutex); 1820 if (sv->sv_state != SMB_SERVER_STATE_DELETING) { 1821 sv->sv_refcnt++; 1822 mutex_exit(&sv->sv_mutex); 1823 smb_llist_exit(&smb_servers); 1824 *psv = sv; 1825 return (0); 1826 } 1827 mutex_exit(&sv->sv_mutex); 1828 break; 1829 } 1830 sv = smb_llist_next(&smb_servers, sv); 1831 } 1832 smb_llist_exit(&smb_servers); 1833 return (EPERM); 1834 } 1835 1836 /* 1837 * smb_server_release 1838 * 1839 * This function decrements the reference count of the server and signals its 1840 * condition variable if the state of the server is SMB_SERVER_STATE_DELETING. 1841 */ 1842 void 1843 smb_server_release(smb_server_t *sv) 1844 { 1845 SMB_SERVER_VALID(sv); 1846 1847 mutex_enter(&sv->sv_mutex); 1848 ASSERT(sv->sv_refcnt); 1849 sv->sv_refcnt--; 1850 if ((sv->sv_refcnt == 0) && (sv->sv_state == SMB_SERVER_STATE_DELETING)) 1851 cv_signal(&sv->sv_cv); 1852 mutex_exit(&sv->sv_mutex); 1853 } 1854 1855 /* 1856 * smb_server_lookup_user 1857 * 1858 * Find an smb_user by its user_id 1859 * Optional ssn_id (if non-zero) restricts search to a specific session. 1860 * 1861 * Returns smb_user_t * held. Caller must smb_user_rele(user) 1862 * Returns NULL if not found. 1863 */ 1864 smb_user_t * 1865 smb_server_lookup_user(smb_server_t *sv, uint64_t ssn_id, uint64_t user_id) 1866 { 1867 smb_llist_t *slist = &sv->sv_session_list; 1868 smb_session_t *sn; 1869 smb_user_t *user = NULL; 1870 1871 smb_llist_enter(slist, RW_READER); 1872 1873 for (sn = smb_llist_head(slist); 1874 sn != NULL && user == NULL; 1875 sn = smb_llist_next(slist, sn)) { 1876 SMB_SESSION_VALID(sn); 1877 1878 if (ssn_id != 0 && ssn_id != sn->s_kid) 1879 continue; 1880 if (sn->s_state != SMB_SESSION_STATE_NEGOTIATED) 1881 continue; 1882 1883 user = smb_session_lookup_ssnid(sn, user_id); 1884 } 1885 smb_llist_exit(slist); 1886 1887 return (user); 1888 } 1889 1890 /* 1891 * Enumerate the users associated with a session list. 1892 */ 1893 static void 1894 smb_server_enum_users(smb_server_t *sv, smb_svcenum_t *svcenum) 1895 { 1896 smb_llist_t *ll = &sv->sv_session_list; 1897 smb_session_t *sn; 1898 smb_llist_t *ulist; 1899 smb_user_t *user; 1900 int rc = 0; 1901 1902 smb_llist_enter(ll, RW_READER); 1903 sn = smb_llist_head(ll); 1904 1905 while (sn != NULL) { 1906 SMB_SESSION_VALID(sn); 1907 ulist = &sn->s_user_list; 1908 smb_llist_enter(ulist, RW_READER); 1909 user = smb_llist_head(ulist); 1910 1911 while (user != NULL) { 1912 if (smb_user_hold(user)) { 1913 rc = smb_user_enum(user, svcenum); 1914 smb_user_release(user); 1915 if (rc != 0) 1916 break; 1917 } 1918 1919 user = smb_llist_next(ulist, user); 1920 } 1921 1922 smb_llist_exit(ulist); 1923 1924 if (rc != 0) 1925 break; 1926 1927 sn = smb_llist_next(ll, sn); 1928 } 1929 1930 smb_llist_exit(ll); 1931 } 1932 1933 /* 1934 * Enumerate the trees/files associated with a session list. 1935 */ 1936 static void 1937 smb_server_enum_trees(smb_server_t *sv, smb_svcenum_t *svcenum) 1938 { 1939 smb_llist_t *ll = &sv->sv_session_list; 1940 smb_session_t *sn; 1941 smb_llist_t *tlist; 1942 smb_tree_t *tree; 1943 int rc = 0; 1944 1945 smb_llist_enter(ll, RW_READER); 1946 sn = smb_llist_head(ll); 1947 1948 while (sn != NULL) { 1949 SMB_SESSION_VALID(sn); 1950 tlist = &sn->s_tree_list; 1951 smb_llist_enter(tlist, RW_READER); 1952 tree = smb_llist_head(tlist); 1953 1954 while (tree != NULL) { 1955 if (smb_tree_hold(tree)) { 1956 rc = smb_tree_enum(tree, svcenum); 1957 smb_tree_release(tree); 1958 if (rc != 0) 1959 break; 1960 } 1961 1962 tree = smb_llist_next(tlist, tree); 1963 } 1964 1965 smb_llist_exit(tlist); 1966 1967 if (rc != 0) 1968 break; 1969 1970 sn = smb_llist_next(ll, sn); 1971 } 1972 1973 smb_llist_exit(ll); 1974 } 1975 1976 /* 1977 * Disconnect sessions associated with the specified client and username. 1978 * Empty strings are treated as wildcards. 1979 */ 1980 static int 1981 smb_server_session_disconnect(smb_server_t *sv, 1982 const char *client, const char *name) 1983 { 1984 smb_llist_t *ll = &sv->sv_session_list; 1985 smb_session_t *sn; 1986 smb_llist_t *ulist; 1987 smb_user_t *user; 1988 int count = 0; 1989 1990 smb_llist_enter(ll, RW_READER); 1991 1992 for (sn = smb_llist_head(ll); 1993 sn != NULL; 1994 sn = smb_llist_next(ll, sn)) { 1995 SMB_SESSION_VALID(sn); 1996 1997 if (*client != '\0' && !smb_session_isclient(sn, client)) 1998 continue; 1999 2000 ulist = &sn->s_user_list; 2001 smb_llist_enter(ulist, RW_READER); 2002 2003 for (user = smb_llist_head(ulist); 2004 user != NULL; 2005 user = smb_llist_next(ulist, user)) { 2006 2007 if (smb_user_hold(user)) { 2008 2009 if (*name == '\0' || 2010 smb_user_namecmp(user, name)) { 2011 smb_user_logoff(user); 2012 count++; 2013 } 2014 2015 smb_user_release(user); 2016 } 2017 } 2018 2019 smb_llist_exit(ulist); 2020 } 2021 2022 smb_llist_exit(ll); 2023 return (count); 2024 } 2025 2026 /* 2027 * Close a file by its unique id. 2028 */ 2029 static int 2030 smb_server_fclose(smb_server_t *sv, uint32_t uniqid) 2031 { 2032 smb_llist_t *ll; 2033 smb_session_t *sn; 2034 smb_llist_t *tlist; 2035 smb_tree_t *tree; 2036 int rc = ENOENT; 2037 2038 ll = &sv->sv_session_list; 2039 smb_llist_enter(ll, RW_READER); 2040 sn = smb_llist_head(ll); 2041 2042 while ((sn != NULL) && (rc == ENOENT)) { 2043 SMB_SESSION_VALID(sn); 2044 tlist = &sn->s_tree_list; 2045 smb_llist_enter(tlist, RW_READER); 2046 tree = smb_llist_head(tlist); 2047 2048 while ((tree != NULL) && (rc == ENOENT)) { 2049 if (smb_tree_hold(tree)) { 2050 rc = smb_tree_fclose(tree, uniqid); 2051 smb_tree_release(tree); 2052 } 2053 2054 tree = smb_llist_next(tlist, tree); 2055 } 2056 2057 smb_llist_exit(tlist); 2058 sn = smb_llist_next(ll, sn); 2059 } 2060 2061 smb_llist_exit(ll); 2062 return (rc); 2063 } 2064 2065 /* 2066 * This is used by SMB2 session setup to logoff a previous session, 2067 * so it can force a logoff that we haven't noticed yet. 2068 * This is not called frequently, so we just walk the list of 2069 * connections searching for the user. 2070 * 2071 * Note that this must wait for any durable handles (ofiles) 2072 * owned by this user to become "orphaned", so that a reconnect 2073 * that may immediately follow can find and use such ofiles. 2074 */ 2075 void 2076 smb_server_logoff_ssnid(smb_request_t *sr, uint64_t ssnid) 2077 { 2078 smb_server_t *sv = sr->sr_server; 2079 smb_llist_t *sess_list; 2080 smb_session_t *sess; 2081 smb_user_t *user = NULL; 2082 boolean_t do_logoff = B_FALSE; 2083 2084 SMB_SERVER_VALID(sv); 2085 2086 if (sv->sv_state != SMB_SERVER_STATE_RUNNING) 2087 return; 2088 2089 sess_list = &sv->sv_session_list; 2090 smb_llist_enter(sess_list, RW_READER); 2091 2092 for (sess = smb_llist_head(sess_list); 2093 sess != NULL; 2094 sess = smb_llist_next(sess_list, sess)) { 2095 2096 SMB_SESSION_VALID(sess); 2097 2098 if (sess->dialect < SMB_VERS_2_BASE) 2099 continue; 2100 2101 switch (sess->s_state) { 2102 case SMB_SESSION_STATE_NEGOTIATED: 2103 case SMB_SESSION_STATE_TERMINATED: 2104 case SMB_SESSION_STATE_DISCONNECTED: 2105 break; 2106 default: 2107 continue; 2108 } 2109 2110 /* 2111 * Normal situation is to find a LOGGED_ON user. 2112 */ 2113 user = smb_session_lookup_uid_st(sess, ssnid, 0, 2114 SMB_USER_STATE_LOGGED_ON); 2115 if (user != NULL) { 2116 if (smb_is_same_user(user->u_cred, sr->user_cr)) { 2117 do_logoff = B_TRUE; 2118 break; 2119 } 2120 smb_user_release(user); 2121 user = NULL; 2122 } 2123 2124 /* 2125 * If we raced with disconnect, may find LOGGING_OFF, 2126 * in which case we want to just wait for it. 2127 */ 2128 user = smb_session_lookup_uid_st(sess, ssnid, 0, 2129 SMB_USER_STATE_LOGGING_OFF); 2130 if (user != NULL) { 2131 if (smb_is_same_user(user->u_cred, sr->user_cr)) 2132 break; 2133 smb_user_release(user); 2134 user = NULL; 2135 } 2136 } 2137 2138 smb_llist_exit(sess_list); 2139 2140 /* 2141 * Note that smb_user_logoff() can block for a while if 2142 * smb_session_disconnect_owned_trees, smb_ofile_close_all 2143 * ends up blocked on locks held by running requests. 2144 * Do that while not holding the session list rwlock. 2145 */ 2146 if (user != NULL) { 2147 if (do_logoff) { 2148 /* Treat this as if we lost the connection */ 2149 user->preserve_opens = SMB2_DH_PRESERVE_SOME; 2150 smb_user_logoff(user); 2151 } 2152 2153 /* 2154 * Wait for durable handles to be orphaned. 2155 * Note: not holding the sess list rwlock. 2156 */ 2157 smb_user_wait_trees(user); 2158 2159 /* 2160 * Could be doing the last release on a user below, 2161 * which can leave work on the delete queues for 2162 * s_user_list or s_tree_list so flush those. 2163 * Must hold the session list after the user release 2164 * so that the session can't go away while we flush. 2165 */ 2166 smb_llist_enter(sess_list, RW_READER); 2167 2168 sess = user->u_session; 2169 smb_user_release(user); 2170 2171 smb_llist_flush(&sess->s_tree_list); 2172 smb_llist_flush(&sess->s_user_list); 2173 2174 smb_llist_exit(sess_list); 2175 } 2176 } 2177 2178 /* See also: libsmb smb_kmod_setcfg */ 2179 static void 2180 smb_server_store_cfg(smb_server_t *sv, smb_ioc_cfg_t *ioc) 2181 { 2182 if (ioc->maxconnections == 0) 2183 ioc->maxconnections = 0xFFFFFFFF; 2184 2185 if (ioc->encrypt == SMB_CONFIG_REQUIRED && 2186 ioc->max_protocol < SMB_VERS_3_0) { 2187 cmn_err(CE_WARN, "Server set to require encryption; " 2188 "forcing max_protocol to 3.0"); 2189 ioc->max_protocol = SMB_VERS_3_0; 2190 } 2191 sv->sv_cfg.skc_maxworkers = ioc->maxworkers; 2192 sv->sv_cfg.skc_maxconnections = ioc->maxconnections; 2193 sv->sv_cfg.skc_keepalive = ioc->keepalive; 2194 sv->sv_cfg.skc_restrict_anon = ioc->restrict_anon; 2195 sv->sv_cfg.skc_signing_enable = ioc->signing_enable; 2196 sv->sv_cfg.skc_signing_required = ioc->signing_required; 2197 sv->sv_cfg.skc_oplock_enable = ioc->oplock_enable; 2198 sv->sv_cfg.skc_sync_enable = ioc->sync_enable; 2199 sv->sv_cfg.skc_secmode = ioc->secmode; 2200 sv->sv_cfg.skc_netbios_enable = ioc->netbios_enable; 2201 sv->sv_cfg.skc_ipv6_enable = ioc->ipv6_enable; 2202 sv->sv_cfg.skc_print_enable = ioc->print_enable; 2203 sv->sv_cfg.skc_traverse_mounts = ioc->traverse_mounts; 2204 sv->sv_cfg.skc_short_names = ioc->short_names; 2205 sv->sv_cfg.skc_max_protocol = ioc->max_protocol; 2206 sv->sv_cfg.skc_min_protocol = ioc->min_protocol; 2207 sv->sv_cfg.skc_encrypt = ioc->encrypt; 2208 sv->sv_cfg.skc_encrypt_ciphers = ioc->encrypt_ciphers; 2209 sv->sv_cfg.skc_execflags = ioc->exec_flags; 2210 sv->sv_cfg.skc_negtok_len = ioc->negtok_len; 2211 sv->sv_cfg.skc_max_opens = ioc->max_opens; 2212 sv->sv_cfg.skc_version = ioc->version; 2213 sv->sv_cfg.skc_initial_credits = ioc->initial_credits; 2214 sv->sv_cfg.skc_maximum_credits = ioc->maximum_credits; 2215 2216 (void) memcpy(sv->sv_cfg.skc_machine_uuid, ioc->machine_uuid, 2217 sizeof (uuid_t)); 2218 (void) memcpy(sv->sv_cfg.skc_negtok, ioc->negtok, 2219 sizeof (sv->sv_cfg.skc_negtok)); 2220 (void) memcpy(sv->sv_cfg.skc_native_os, ioc->native_os, 2221 sizeof (sv->sv_cfg.skc_native_os)); 2222 (void) memcpy(sv->sv_cfg.skc_native_lm, ioc->native_lm, 2223 sizeof (sv->sv_cfg.skc_native_lm)); 2224 2225 (void) strlcpy(sv->sv_cfg.skc_nbdomain, ioc->nbdomain, 2226 sizeof (sv->sv_cfg.skc_nbdomain)); 2227 (void) strlcpy(sv->sv_cfg.skc_fqdn, ioc->fqdn, 2228 sizeof (sv->sv_cfg.skc_fqdn)); 2229 (void) strlcpy(sv->sv_cfg.skc_hostname, ioc->hostname, 2230 sizeof (sv->sv_cfg.skc_hostname)); 2231 (void) strlcpy(sv->sv_cfg.skc_system_comment, ioc->system_comment, 2232 sizeof (sv->sv_cfg.skc_system_comment)); 2233 } 2234 2235 static int 2236 smb_server_fsop_start(smb_server_t *sv) 2237 { 2238 int error; 2239 2240 error = smb_node_root_init(sv, &sv->si_root_smb_node); 2241 if (error != 0) 2242 sv->si_root_smb_node = NULL; 2243 2244 return (error); 2245 } 2246 2247 static void 2248 smb_server_fsop_stop(smb_server_t *sv) 2249 { 2250 if (sv->si_root_smb_node != NULL) { 2251 smb_node_release(sv->si_root_smb_node); 2252 sv->si_root_smb_node = NULL; 2253 } 2254 } 2255 2256 smb_event_t * 2257 smb_event_create(smb_server_t *sv, int timeout) 2258 { 2259 smb_event_t *event; 2260 2261 if (smb_server_is_stopping(sv)) 2262 return (NULL); 2263 2264 event = kmem_cache_alloc(smb_cache_event, KM_SLEEP); 2265 2266 bzero(event, sizeof (smb_event_t)); 2267 mutex_init(&event->se_mutex, NULL, MUTEX_DEFAULT, NULL); 2268 cv_init(&event->se_cv, NULL, CV_DEFAULT, NULL); 2269 event->se_magic = SMB_EVENT_MAGIC; 2270 event->se_txid = smb_event_alloc_txid(); 2271 event->se_server = sv; 2272 event->se_timeout = timeout; 2273 2274 smb_llist_enter(&sv->sv_event_list, RW_WRITER); 2275 smb_llist_insert_tail(&sv->sv_event_list, event); 2276 smb_llist_exit(&sv->sv_event_list); 2277 2278 return (event); 2279 } 2280 2281 void 2282 smb_event_destroy(smb_event_t *event) 2283 { 2284 smb_server_t *sv; 2285 2286 if (event == NULL) 2287 return; 2288 2289 SMB_EVENT_VALID(event); 2290 ASSERT(event->se_waittime == 0); 2291 sv = event->se_server; 2292 SMB_SERVER_VALID(sv); 2293 2294 smb_llist_enter(&sv->sv_event_list, RW_WRITER); 2295 smb_llist_remove(&sv->sv_event_list, event); 2296 smb_llist_exit(&sv->sv_event_list); 2297 2298 event->se_magic = (uint32_t)~SMB_EVENT_MAGIC; 2299 cv_destroy(&event->se_cv); 2300 mutex_destroy(&event->se_mutex); 2301 2302 kmem_cache_free(smb_cache_event, event); 2303 } 2304 2305 /* 2306 * Get the txid for the specified event. 2307 */ 2308 uint32_t 2309 smb_event_txid(smb_event_t *event) 2310 { 2311 if (event != NULL) { 2312 SMB_EVENT_VALID(event); 2313 return (event->se_txid); 2314 } 2315 2316 cmn_err(CE_NOTE, "smb_event_txid failed"); 2317 return ((uint32_t)-1); 2318 } 2319 2320 /* 2321 * Wait for event notification. 2322 */ 2323 int 2324 smb_event_wait(smb_event_t *event) 2325 { 2326 int seconds = 1; 2327 int ticks; 2328 int err; 2329 2330 if (event == NULL) 2331 return (EINVAL); 2332 2333 SMB_EVENT_VALID(event); 2334 2335 mutex_enter(&event->se_mutex); 2336 event->se_waittime = 1; 2337 event->se_errno = 0; 2338 2339 while (!(event->se_notified)) { 2340 if (smb_event_debug && ((event->se_waittime % 30) == 0)) 2341 cmn_err(CE_NOTE, "smb_event_wait[%d] (%d sec)", 2342 event->se_txid, event->se_waittime); 2343 2344 if (event->se_errno != 0) 2345 break; 2346 2347 if (event->se_waittime > event->se_timeout) { 2348 event->se_errno = ETIME; 2349 break; 2350 } 2351 2352 ticks = SEC_TO_TICK(seconds); 2353 (void) cv_reltimedwait(&event->se_cv, 2354 &event->se_mutex, (clock_t)ticks, TR_CLOCK_TICK); 2355 ++event->se_waittime; 2356 } 2357 2358 err = event->se_errno; 2359 event->se_waittime = 0; 2360 event->se_notified = B_FALSE; 2361 cv_signal(&event->se_cv); 2362 mutex_exit(&event->se_mutex); 2363 return (err); 2364 } 2365 2366 /* 2367 * If txid is non-zero, cancel the specified event. 2368 * Otherwise, cancel all events. 2369 */ 2370 static void 2371 smb_event_cancel(smb_server_t *sv, uint32_t txid) 2372 { 2373 smb_event_t *event; 2374 smb_llist_t *event_list; 2375 2376 SMB_SERVER_VALID(sv); 2377 2378 event_list = &sv->sv_event_list; 2379 smb_llist_enter(event_list, RW_WRITER); 2380 2381 event = smb_llist_head(event_list); 2382 while (event) { 2383 SMB_EVENT_VALID(event); 2384 2385 if (txid == 0 || event->se_txid == txid) { 2386 mutex_enter(&event->se_mutex); 2387 event->se_errno = ECANCELED; 2388 event->se_notified = B_TRUE; 2389 cv_signal(&event->se_cv); 2390 mutex_exit(&event->se_mutex); 2391 2392 if (txid != 0) 2393 break; 2394 } 2395 2396 event = smb_llist_next(event_list, event); 2397 } 2398 2399 smb_llist_exit(event_list); 2400 } 2401 2402 /* 2403 * If txid is non-zero, notify the specified event. 2404 * Otherwise, notify all events. 2405 */ 2406 void 2407 smb_event_notify(smb_server_t *sv, uint32_t txid) 2408 { 2409 smb_event_t *event; 2410 smb_llist_t *event_list; 2411 2412 SMB_SERVER_VALID(sv); 2413 2414 event_list = &sv->sv_event_list; 2415 smb_llist_enter(event_list, RW_READER); 2416 2417 event = smb_llist_head(event_list); 2418 while (event) { 2419 SMB_EVENT_VALID(event); 2420 2421 if (txid == 0 || event->se_txid == txid) { 2422 mutex_enter(&event->se_mutex); 2423 event->se_notified = B_TRUE; 2424 cv_signal(&event->se_cv); 2425 mutex_exit(&event->se_mutex); 2426 2427 if (txid != 0) 2428 break; 2429 } 2430 2431 event = smb_llist_next(event_list, event); 2432 } 2433 2434 smb_llist_exit(event_list); 2435 } 2436 2437 /* 2438 * Allocate a new transaction id (txid). 2439 * 2440 * 0 or -1 are not assigned because they are used to detect invalid 2441 * conditions or to indicate all open id's. 2442 */ 2443 static uint32_t 2444 smb_event_alloc_txid(void) 2445 { 2446 static kmutex_t txmutex; 2447 static uint32_t txid; 2448 uint32_t txid_ret; 2449 2450 mutex_enter(&txmutex); 2451 2452 if (txid == 0) 2453 txid = ddi_get_lbolt() << 11; 2454 2455 do { 2456 ++txid; 2457 } while (txid == 0 || txid == (uint32_t)-1); 2458 2459 txid_ret = txid; 2460 mutex_exit(&txmutex); 2461 2462 return (txid_ret); 2463 } 2464 2465 /* 2466 * Called by the ioctl to find the corresponding 2467 * spooldoc node. removes node on success 2468 * 2469 * Return values 2470 * rc 2471 * B_FALSE - not found 2472 * B_TRUE - found 2473 * 2474 */ 2475 2476 static boolean_t 2477 smb_spool_lookup_doc_byfid(smb_server_t *sv, uint16_t fid, 2478 smb_kspooldoc_t *spdoc) 2479 { 2480 smb_kspooldoc_t *sp; 2481 smb_llist_t *splist; 2482 2483 splist = &sv->sp_info.sp_list; 2484 smb_llist_enter(splist, RW_WRITER); 2485 sp = smb_llist_head(splist); 2486 while (sp != NULL) { 2487 /* 2488 * check for a matching fid 2489 */ 2490 if (sp->sd_fid == fid) { 2491 *spdoc = *sp; 2492 smb_llist_remove(splist, sp); 2493 smb_llist_exit(splist); 2494 kmem_free(sp, sizeof (smb_kspooldoc_t)); 2495 return (B_TRUE); 2496 } 2497 sp = smb_llist_next(splist, sp); 2498 } 2499 cmn_err(CE_WARN, "smb_spool_lookup_user_byfid: no fid:%d", fid); 2500 smb_llist_exit(splist); 2501 return (B_FALSE); 2502 } 2503 2504 /* 2505 * Adds the spool fid to a linked list to be used 2506 * as a search key in the spooldoc queue 2507 * 2508 * Return values 2509 * rc non-zero error 2510 * rc zero success 2511 * 2512 */ 2513 2514 void 2515 smb_spool_add_fid(smb_server_t *sv, uint16_t fid) 2516 { 2517 smb_llist_t *fidlist; 2518 smb_spoolfid_t *sf; 2519 2520 if (sv->sv_cfg.skc_print_enable == 0) 2521 return; 2522 2523 sf = kmem_zalloc(sizeof (smb_spoolfid_t), KM_SLEEP); 2524 fidlist = &sv->sp_info.sp_fidlist; 2525 smb_llist_enter(fidlist, RW_WRITER); 2526 sf->sf_fid = fid; 2527 smb_llist_insert_tail(fidlist, sf); 2528 smb_llist_exit(fidlist); 2529 cv_broadcast(&sv->sp_info.sp_cv); 2530 } 2531 2532 /* 2533 * Called by the ioctl to get and remove the head of the fid list 2534 * 2535 * Return values 2536 * int fd 2537 * greater than 0 success 2538 * 0 - error 2539 * 2540 */ 2541 2542 static uint16_t 2543 smb_spool_get_fid(smb_server_t *sv) 2544 { 2545 smb_spoolfid_t *spfid; 2546 smb_llist_t *splist; 2547 uint16_t fid; 2548 2549 splist = &sv->sp_info.sp_fidlist; 2550 smb_llist_enter(splist, RW_WRITER); 2551 spfid = smb_llist_head(splist); 2552 if (spfid != NULL) { 2553 fid = spfid->sf_fid; 2554 smb_llist_remove(&sv->sp_info.sp_fidlist, spfid); 2555 kmem_free(spfid, sizeof (smb_spoolfid_t)); 2556 } else { 2557 fid = 0; 2558 } 2559 smb_llist_exit(splist); 2560 return (fid); 2561 } 2562 2563 /* 2564 * Adds the spooldoc to the tail of the spooldoc list 2565 * 2566 * Return values 2567 * rc non-zero error 2568 * rc zero success 2569 */ 2570 int 2571 smb_spool_add_doc(smb_tree_t *tree, smb_kspooldoc_t *sp) 2572 { 2573 smb_llist_t *splist; 2574 smb_server_t *sv = tree->t_server; 2575 int rc = 0; 2576 2577 splist = &sv->sp_info.sp_list; 2578 smb_llist_enter(splist, RW_WRITER); 2579 sp->sd_spool_num = atomic_inc_32_nv(&sv->sp_info.sp_cnt); 2580 smb_llist_insert_tail(splist, sp); 2581 smb_llist_exit(splist); 2582 2583 return (rc); 2584 } 2585 2586 /* 2587 * smb_server_create_session 2588 */ 2589 static void 2590 smb_server_create_session(smb_listener_daemon_t *ld, ksocket_t s_so) 2591 { 2592 smb_server_t *sv = ld->ld_sv; 2593 smb_session_t *session; 2594 smb_llist_t *sl; 2595 taskqid_t tqid; 2596 clock_t now; 2597 2598 session = smb_session_create(s_so, ld->ld_port, sv, 2599 ld->ld_family); 2600 2601 if (session == NULL) { 2602 /* This should be rare (create sleeps) */ 2603 smb_soshutdown(s_so); 2604 smb_sodestroy(s_so); 2605 cmn_err(CE_WARN, "SMB Session: alloc failed"); 2606 return; 2607 } 2608 2609 sl = &sv->sv_session_list; 2610 smb_llist_enter(sl, RW_WRITER); 2611 if (smb_llist_get_count(sl) >= sv->sv_cfg.skc_maxconnections) { 2612 /* 2613 * New session not in sv_session_list, so we can just 2614 * delete it directly. 2615 */ 2616 smb_llist_exit(sl); 2617 DTRACE_PROBE1(maxconn, smb_session_t *, session); 2618 smb_soshutdown(session->sock); 2619 smb_session_delete(session); 2620 goto logmaxconn; 2621 } 2622 smb_llist_insert_tail(sl, session); 2623 smb_llist_exit(sl); 2624 2625 /* 2626 * These taskq entries must run independently of one another, 2627 * so TQ_NOQUEUE. TQ_SLEEP (==0) just for clarity. 2628 */ 2629 tqid = taskq_dispatch(sv->sv_receiver_pool, 2630 smb_server_receiver, session, TQ_NOQUEUE | TQ_SLEEP); 2631 if (tqid != TASKQID_INVALID) { 2632 /* Success */ 2633 return; 2634 } 2635 2636 /* 2637 * Have: tqid == TASKQID_INVALID 2638 * We never entered smb_server_receiver() 2639 * so need to do its return cleanup 2640 */ 2641 DTRACE_PROBE1(maxconn, smb_session_t *, session); 2642 smb_session_disconnect(session); 2643 smb_session_logoff(session); 2644 smb_server_destroy_session(session); 2645 2646 logmaxconn: 2647 /* 2648 * If we hit max_connections, log something so an admin 2649 * can find out why new connections are failing, but 2650 * log this no more than once a minute. 2651 */ 2652 now = ddi_get_lbolt(); 2653 if (now > ld->ld_quiet) { 2654 ld->ld_quiet = now + SEC_TO_TICK(60); 2655 cmn_err(CE_WARN, "SMB can't create session: " 2656 "Would exceed max_connections."); 2657 } 2658 } 2659 2660 static void 2661 smb_server_destroy_session(smb_session_t *session) 2662 { 2663 smb_server_t *sv; 2664 smb_llist_t *ll; 2665 uint32_t count; 2666 2667 ASSERT(session->s_server != NULL); 2668 sv = session->s_server; 2669 ll = &sv->sv_session_list; 2670 2671 smb_llist_flush(&session->s_tree_list); 2672 smb_llist_flush(&session->s_user_list); 2673 2674 smb_llist_enter(ll, RW_WRITER); 2675 smb_llist_remove(ll, session); 2676 count = ll->ll_count; 2677 smb_llist_exit(ll); 2678 2679 /* 2680 * Normally, the session should have state SHUTDOWN here. 2681 * If the session has any ofiles remaining, eg. due to 2682 * forgotten ofile references or something, the state 2683 * will be _DISCONNECTED or _TERMINATED. Keep such 2684 * sessions in the list of zombies (for debugging). 2685 */ 2686 if (session->s_state == SMB_SESSION_STATE_SHUTDOWN) { 2687 smb_session_delete(session); 2688 } else { 2689 cmn_err(CE_NOTE, "!Leaked session: 0x%p", (void *)session); 2690 DTRACE_PROBE1(new__zombie, smb_session_t *, session); 2691 smb_llist_enter(&smb_server_session_zombies, RW_WRITER); 2692 smb_llist_insert_head(&smb_server_session_zombies, session); 2693 smb_llist_exit(&smb_server_session_zombies); 2694 } 2695 2696 if (count == 0) { 2697 /* See smb_server_shutdown */ 2698 cv_signal(&sv->sv_cv); 2699 } 2700 } 2701