1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23  * Copyright 2018 Nexenta Systems, Inc.  All rights reserved.
24  */
25 
26 #include <sys/types.h>
27 #include <sys/stat.h>
28 #include <sys/uio.h>
29 #include <sys/statvfs.h>
30 #include <sys/vnode.h>
31 #include <sys/thread.h>
32 #include <sys/pathname.h>
33 #include <sys/cred.h>
34 #include <sys/extdirent.h>
35 #include <sys/nbmlock.h>
36 #include <sys/share.h>
37 #include <sys/fcntl.h>
38 #include <nfs/lm.h>
39 
40 #include <smbsrv/smb_kproto.h>
41 #include <smbsrv/string.h>
42 #include <smbsrv/smb_vops.h>
43 #include <smbsrv/smb_fsops.h>
44 
45 /*
46  * CATIA support
47  *
48  * CATIA V4 is a UNIX product and uses characters in filenames that
49  * are considered invalid by Windows. CATIA V5 is available on both
50  * UNIX and Windows.  Thus, as CATIA customers migrate from V4 to V5,
51  * some V4 files could become inaccessible to windows clients if the
52  * filename contains the characters that are considered illegal in
53  * Windows.  In order to address this issue an optional character
54  * translation is applied to filenames at the smb_vop interface.
55  *
56  * Character Translation Table
57  * ----------------------------------
58  * Unix-char (v4) | Windows-char (v5)
59  * ----------------------------------
60  *        *       |  0x00a4  Currency Sign
61  *        |       |  0x00a6  Broken Bar
62  *        "       |  0x00a8  Diaeresis
63  *        <       |  0x00ab  Left-Pointing Double Angle Quotation Mark
64  *        >       |  0x00bb  Right-Pointing Double Angle Quotation Mark
65  *        ?       |  0x00bf  Inverted Question mark
66  *        :       |  0x00f7  Division Sign
67  *        /       |  0x00f8  Latin Small Letter o with stroke
68  *        \       |  0x00ff  Latin Small Letter Y with Diaeresis
69  *
70  *
71  * Two lookup tables are used to perform the character translation:
72  *
73  * smb_catia_v5_lookup - provides the mapping between UNIX ASCII (v4)
74  * characters and equivalent or translated wide characters.
75  * It is indexed by the decimal value of the ASCII character (0-127).
76  *
77  * smb_catia_v4_lookup - provides the mapping between wide characters
78  * in the range from 0x00A4 to 0x00FF and their UNIX (v4) equivalent
79  * (in wide character format).  It is indexed by the decimal value of
80  * the wide character (164-255) with an offset of -164.
81  * If this translation produces a filename containing a '/' create, mkdir
82  * or rename (to the '/' name)  operations will not be permitted. It is
83  * not valid to create a filename with a '/' in it. However, if such a
84  * file already exists other operations (e.g, lookup, delete, rename)
85  * are permitted on it.
86  */
87 
88 /* number of characters mapped */
89 #define	SMB_CATIA_NUM_MAPS		9
90 
91 /* Windows Characters used in special character mapping */
92 #define	SMB_CATIA_WIN_CURRENCY		0x00a4
93 #define	SMB_CATIA_WIN_BROKEN_BAR	0x00a6
94 #define	SMB_CATIA_WIN_DIAERESIS		0x00a8
95 #define	SMB_CATIA_WIN_LEFT_ANGLE	0x00ab
96 #define	SMB_CATIA_WIN_RIGHT_ANGLE	0x00bb
97 #define	SMB_CATIA_WIN_INVERTED_QUESTION	0x00bf
98 #define	SMB_CATIA_WIN_DIVISION		0x00f7
99 #define	SMB_CATIA_WIN_LATIN_O		0x00f8
100 #define	SMB_CATIA_WIN_LATIN_Y		0x00ff
101 
102 #define	SMB_CATIA_V4_LOOKUP_LOW		SMB_CATIA_WIN_CURRENCY
103 #define	SMB_CATIA_V4_LOOKUP_UPPER	SMB_CATIA_WIN_LATIN_Y
104 #define	SMB_CATIA_V4_LOOKUP_MAX		\
105 	(SMB_CATIA_V4_LOOKUP_UPPER - SMB_CATIA_V4_LOOKUP_LOW + 1)
106 #define	SMB_CATIA_V5_LOOKUP_MAX		0x0080
107 
108 typedef struct smb_catia_map
109 {
110 	unsigned char unixchar;	/* v4 */
111 	smb_wchar_t winchar;	/* v5 */
112 } smb_catia_map_t;
113 
114 smb_catia_map_t const catia_maps[SMB_CATIA_NUM_MAPS] =
115 {
116 	{'"',  SMB_CATIA_WIN_DIAERESIS},
117 	{'*',  SMB_CATIA_WIN_CURRENCY},
118 	{':',  SMB_CATIA_WIN_DIVISION},
119 	{'<',  SMB_CATIA_WIN_LEFT_ANGLE},
120 	{'>',  SMB_CATIA_WIN_RIGHT_ANGLE},
121 	{'?',  SMB_CATIA_WIN_INVERTED_QUESTION},
122 	{'\\', SMB_CATIA_WIN_LATIN_Y},
123 	{'/',  SMB_CATIA_WIN_LATIN_O},
124 	{'|',  SMB_CATIA_WIN_BROKEN_BAR}
125 };
126 
127 static smb_wchar_t smb_catia_v5_lookup[SMB_CATIA_V5_LOOKUP_MAX];
128 static smb_wchar_t smb_catia_v4_lookup[SMB_CATIA_V4_LOOKUP_MAX];
129 
130 static void smb_vop_setup_xvattr(smb_attr_t *smb_attr, xvattr_t *xvattr);
131 static void smb_sa_to_va_mask(uint_t sa_mask, uint_t *va_maskp);
132 static callb_cpr_t *smb_lock_frlock_callback(flk_cb_when_t, void *);
133 static void smb_vop_catia_init();
134 
135 extern sysid_t lm_alloc_sysidt();
136 
137 #define	SMB_AT_MAX	16
138 static const uint_t smb_attrmap[SMB_AT_MAX] = {
139 	0,
140 	AT_TYPE,
141 	AT_MODE,
142 	AT_UID,
143 	AT_GID,
144 	AT_FSID,
145 	AT_NODEID,
146 	AT_NLINK,
147 	AT_SIZE,
148 	AT_ATIME,
149 	AT_MTIME,
150 	AT_CTIME,
151 	AT_RDEV,
152 	AT_BLKSIZE,
153 	AT_NBLOCKS,
154 	AT_SEQ
155 };
156 
157 static boolean_t	smb_vop_initialized = B_FALSE;
158 caller_context_t	smb_ct;
159 
160 /*
161  * smb_vop_init
162  *
163  * This function is not multi-thread safe. The caller must make sure only one
164  * thread makes the call.
165  */
166 int
167 smb_vop_init(void)
168 {
169 	if (smb_vop_initialized)
170 		return (0);
171 	/*
172 	 * The caller_context will be used primarily for range locking.
173 	 * Since the CIFS server is mapping its locks to POSIX locks,
174 	 * only one pid is used for operations originating from the
175 	 * CIFS server (to represent CIFS in the VOP_FRLOCK routines).
176 	 *
177 	 * XXX: Should smb_ct be per-zone?
178 	 */
179 	smb_ct.cc_sysid = lm_alloc_sysidt();
180 	if (smb_ct.cc_sysid == LM_NOSYSID)
181 		return (ENOMEM);
182 
183 	smb_ct.cc_caller_id = fs_new_caller_id();
184 	smb_ct.cc_pid = IGN_PID;
185 	smb_ct.cc_flags = 0;
186 	smb_vop_catia_init();
187 
188 	smb_vop_initialized = B_TRUE;
189 	return (0);
190 }
191 
192 /*
193  * smb_vop_fini
194  *
195  * This function is not multi-thread safe. The caller must make sure only one
196  * thread makes the call.
197  */
198 void
199 smb_vop_fini(void)
200 {
201 	if (!smb_vop_initialized)
202 		return;
203 
204 	lm_free_sysidt(smb_ct.cc_sysid);
205 	smb_ct.cc_pid = IGN_PID;
206 	smb_ct.cc_sysid = LM_NOSYSID;
207 	smb_vop_initialized = B_FALSE;
208 }
209 
210 /*
211  * The smb_ct will be used primarily for range locking.
212  * Since the CIFS server is mapping its locks to POSIX locks,
213  * only one pid is used for operations originating from the
214  * CIFS server (to represent CIFS in the VOP_FRLOCK routines).
215  */
216 int
217 smb_vop_open(vnode_t **vpp, int mode, cred_t *cred)
218 {
219 	return (VOP_OPEN(vpp, mode, cred, &smb_ct));
220 }
221 
222 void
223 smb_vop_close(vnode_t *vp, int mode, cred_t *cred)
224 {
225 	(void) VOP_CLOSE(vp, mode, 1, (offset_t)0, cred, &smb_ct);
226 }
227 
228 int
229 smb_vop_other_opens(vnode_t *vp, int mode)
230 {
231 	return (((mode & FWRITE) && vn_has_other_opens(vp, V_WRITE)) ||
232 	    (((mode & FWRITE) == 0) && vn_is_opened(vp, V_WRITE)) ||
233 	    ((mode & FREAD) && vn_has_other_opens(vp, V_READ)) ||
234 	    (((mode & FREAD) == 0) && vn_is_opened(vp, V_READ)) ||
235 	    vn_is_mapped(vp, V_RDORWR));
236 }
237 
238 /*
239  * The smb_vop_* functions have minimal knowledge of CIFS semantics and
240  * serve as an interface to the VFS layer.
241  *
242  * Only smb_fsop_* layer functions should call smb_vop_* layer functions.
243  * (Higher-level CIFS service code should never skip the smb_fsop_* layer
244  * to call smb_vop_* layer functions directly.)
245  */
246 
247 /*
248  * XXX - Extended attributes support in the file system assumed.
249  * This is needed for full NT Streams functionality.
250  */
251 
252 int
253 smb_vop_read(vnode_t *vp, uio_t *uiop, cred_t *cr)
254 {
255 	int error;
256 
257 	(void) VOP_RWLOCK(vp, V_WRITELOCK_FALSE, &smb_ct);
258 	error = VOP_READ(vp, uiop, 0, cr, &smb_ct);
259 	VOP_RWUNLOCK(vp, V_WRITELOCK_FALSE, &smb_ct);
260 	return (error);
261 }
262 
263 int
264 smb_vop_write(vnode_t *vp, uio_t *uiop, int ioflag, uint32_t *lcount,
265     cred_t *cr)
266 {
267 	int error;
268 
269 	*lcount = uiop->uio_resid;
270 
271 	uiop->uio_llimit = MAXOFFSET_T;
272 
273 	(void) VOP_RWLOCK(vp, V_WRITELOCK_TRUE, &smb_ct);
274 	error = VOP_WRITE(vp, uiop, ioflag, cr, &smb_ct);
275 	VOP_RWUNLOCK(vp, V_WRITELOCK_TRUE, &smb_ct);
276 
277 	*lcount -= uiop->uio_resid;
278 
279 	return (error);
280 }
281 
282 /*
283  * smb_vop_getattr()
284  *
285  * smb_fsop_getattr()/smb_vop_getattr() should always be called from the CIFS
286  * service (instead of calling VOP_GETATTR directly) to retrieve attributes
287  * due to special processing needed for streams files.
288  *
289  * All attributes are retrieved.
290  *
291  * When vp denotes a named stream, then unnamed_vp should be passed in (denoting
292  * the corresponding unnamed stream).
293  * A named stream's attributes (as far as CIFS is concerned) are those of the
294  * unnamed stream (minus the size attribute, and the type), plus  the size of
295  * the named stream, and a type value of VREG.
296  * Although the file system may store other attributes with the named stream,
297  * these should not be used by CIFS for any purpose.
298  *
299  * File systems without VFSFT_XVATTR do not support DOS attributes or create
300  * time (crtime). In this case the mtime is used as the crtime.
301  * Likewise if VOP_GETATTR doesn't return any system attributes the dosattr
302  * is 0 and the mtime is used as the crtime.
303  */
304 int
305 smb_vop_getattr(vnode_t *vp, vnode_t *unnamed_vp, smb_attr_t *ret_attr,
306     int flags, cred_t *cr)
307 {
308 	int error;
309 	vnode_t *use_vp;
310 	smb_attr_t tmp_attr;
311 	xvattr_t tmp_xvattr;
312 	xoptattr_t *xoap = NULL;
313 
314 	if (unnamed_vp)
315 		use_vp = unnamed_vp;
316 	else
317 		use_vp = vp;
318 
319 	if (vfs_has_feature(use_vp->v_vfsp, VFSFT_XVATTR)) {
320 		xva_init(&tmp_xvattr);
321 		xoap = xva_getxoptattr(&tmp_xvattr);
322 		ASSERT(xoap);
323 
324 		smb_sa_to_va_mask(ret_attr->sa_mask,
325 		    &tmp_xvattr.xva_vattr.va_mask);
326 
327 		XVA_SET_REQ(&tmp_xvattr, XAT_READONLY);
328 		XVA_SET_REQ(&tmp_xvattr, XAT_HIDDEN);
329 		XVA_SET_REQ(&tmp_xvattr, XAT_SYSTEM);
330 		XVA_SET_REQ(&tmp_xvattr, XAT_ARCHIVE);
331 		XVA_SET_REQ(&tmp_xvattr, XAT_CREATETIME);
332 		XVA_SET_REQ(&tmp_xvattr, XAT_REPARSE);
333 		XVA_SET_REQ(&tmp_xvattr, XAT_OFFLINE);
334 		XVA_SET_REQ(&tmp_xvattr, XAT_SPARSE);
335 
336 		error = VOP_GETATTR(use_vp, &tmp_xvattr.xva_vattr, flags,
337 		    cr, &smb_ct);
338 		if (error != 0)
339 			return (error);
340 
341 		ret_attr->sa_vattr = tmp_xvattr.xva_vattr;
342 		ret_attr->sa_dosattr = 0;
343 
344 		if (tmp_xvattr.xva_vattr.va_mask & AT_XVATTR) {
345 			xoap = xva_getxoptattr(&tmp_xvattr);
346 			ASSERT(xoap);
347 
348 			if ((XVA_ISSET_RTN(&tmp_xvattr, XAT_READONLY)) &&
349 			    (xoap->xoa_readonly)) {
350 				ret_attr->sa_dosattr |= FILE_ATTRIBUTE_READONLY;
351 			}
352 
353 			if ((XVA_ISSET_RTN(&tmp_xvattr, XAT_HIDDEN)) &&
354 			    (xoap->xoa_hidden)) {
355 				ret_attr->sa_dosattr |= FILE_ATTRIBUTE_HIDDEN;
356 			}
357 
358 			if ((XVA_ISSET_RTN(&tmp_xvattr, XAT_SYSTEM)) &&
359 			    (xoap->xoa_system)) {
360 				ret_attr->sa_dosattr |= FILE_ATTRIBUTE_SYSTEM;
361 			}
362 
363 			if ((XVA_ISSET_RTN(&tmp_xvattr, XAT_ARCHIVE)) &&
364 			    (xoap->xoa_archive)) {
365 				ret_attr->sa_dosattr |= FILE_ATTRIBUTE_ARCHIVE;
366 			}
367 
368 			if ((XVA_ISSET_RTN(&tmp_xvattr, XAT_REPARSE)) &&
369 			    (xoap->xoa_reparse)) {
370 				ret_attr->sa_dosattr |=
371 				    FILE_ATTRIBUTE_REPARSE_POINT;
372 			}
373 
374 			if ((XVA_ISSET_RTN(&tmp_xvattr, XAT_OFFLINE)) &&
375 			    (xoap->xoa_offline)) {
376 				ret_attr->sa_dosattr |= FILE_ATTRIBUTE_OFFLINE;
377 			}
378 
379 			if ((XVA_ISSET_RTN(&tmp_xvattr, XAT_SPARSE)) &&
380 			    (xoap->xoa_sparse)) {
381 				ret_attr->sa_dosattr |=
382 				    FILE_ATTRIBUTE_SPARSE_FILE;
383 			}
384 
385 			ret_attr->sa_crtime = xoap->xoa_createtime;
386 		} else {
387 			ret_attr->sa_crtime = ret_attr->sa_vattr.va_mtime;
388 		}
389 	} else {
390 		/*
391 		 * Support for file systems without VFSFT_XVATTR
392 		 */
393 		smb_sa_to_va_mask(ret_attr->sa_mask,
394 		    &ret_attr->sa_vattr.va_mask);
395 
396 		error = VOP_GETATTR(use_vp, &ret_attr->sa_vattr,
397 		    flags, cr, &smb_ct);
398 		if (error != 0)
399 			return (error);
400 
401 		ret_attr->sa_dosattr = 0;
402 		ret_attr->sa_crtime = ret_attr->sa_vattr.va_mtime;
403 	}
404 
405 	if (unnamed_vp) {
406 		ret_attr->sa_vattr.va_type = VREG;
407 
408 		if (ret_attr->sa_mask & (SMB_AT_SIZE | SMB_AT_NBLOCKS)) {
409 			tmp_attr.sa_vattr.va_mask = AT_SIZE | AT_NBLOCKS;
410 
411 			error = VOP_GETATTR(vp, &tmp_attr.sa_vattr,
412 			    flags, cr, &smb_ct);
413 			if (error != 0)
414 				return (error);
415 
416 			ret_attr->sa_vattr.va_size = tmp_attr.sa_vattr.va_size;
417 			ret_attr->sa_vattr.va_nblocks =
418 			    tmp_attr.sa_vattr.va_nblocks;
419 		}
420 	}
421 
422 	if (ret_attr->sa_vattr.va_type == VDIR)
423 		ret_attr->sa_dosattr |= FILE_ATTRIBUTE_DIRECTORY;
424 
425 	return (error);
426 }
427 
428 /*
429  * smb_vop_setattr()
430  *
431  * smb_fsop_setattr()/smb_vop_setattr() should always be used instead of
432  * VOP_SETATTR() when calling from the CIFS service, due to special processing
433  * for streams files.
434  *
435  * Streams have a size but otherwise do not have separate attributes from
436  * the (unnamed stream) file, i.e., the security and ownership of the file
437  * applies to the stream.  In contrast, extended attribute files, which are
438  * used to implement streams, are independent objects with their own
439  * attributes.
440  *
441  * For compatibility with streams, we set the size on the extended attribute
442  * file and apply other attributes to the (unnamed stream) file.  The one
443  * exception is that the UID and GID can be set on the stream by passing a
444  * NULL unnamed_vp, which allows callers to synchronize stream ownership
445  * with the (unnamed stream) file.
446  */
447 int
448 smb_vop_setattr(vnode_t *vp, vnode_t *unnamed_vp, smb_attr_t *attr,
449     int flags, cred_t *cr)
450 {
451 	int error = 0;
452 	int at_size = 0;
453 	vnode_t *use_vp;
454 	xvattr_t xvattr;
455 	vattr_t *vap;
456 
457 	if (attr->sa_mask & SMB_AT_DOSATTR) {
458 		attr->sa_dosattr &=
459 		    (FILE_ATTRIBUTE_ARCHIVE | FILE_ATTRIBUTE_READONLY |
460 		    FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM |
461 		    FILE_ATTRIBUTE_OFFLINE | FILE_ATTRIBUTE_SPARSE_FILE);
462 	}
463 
464 	if (unnamed_vp) {
465 		use_vp = unnamed_vp;
466 		if (attr->sa_mask & SMB_AT_SIZE) {
467 			at_size = 1;
468 			attr->sa_mask &= ~SMB_AT_SIZE;
469 		}
470 	} else {
471 		use_vp = vp;
472 	}
473 
474 	/*
475 	 * The caller should not be setting sa_vattr.va_mask,
476 	 * but rather sa_mask.
477 	 */
478 
479 	attr->sa_vattr.va_mask = 0;
480 
481 	if (vfs_has_feature(use_vp->v_vfsp, VFSFT_XVATTR)) {
482 		smb_vop_setup_xvattr(attr, &xvattr);
483 		vap = &xvattr.xva_vattr;
484 	} else {
485 		smb_sa_to_va_mask(attr->sa_mask,
486 		    &attr->sa_vattr.va_mask);
487 		vap = &attr->sa_vattr;
488 	}
489 
490 	if ((error = VOP_SETATTR(use_vp, vap, flags, cr, &smb_ct)) != 0)
491 		return (error);
492 
493 	if (at_size) {
494 		attr->sa_vattr.va_mask = AT_SIZE;
495 		error = VOP_SETATTR(vp, &attr->sa_vattr, flags,
496 		    zone_kcred(), &smb_ct);
497 	}
498 
499 	return (error);
500 }
501 
502 int
503 smb_vop_space(vnode_t *vp, int cmd, flock64_t *bfp, int flags,
504     offset_t offset, cred_t *cr)
505 {
506 	int error;
507 
508 	error = VOP_SPACE(vp, cmd, bfp, flags, offset, cr, &smb_ct);
509 
510 	return (error);
511 }
512 
513 /*
514  * smb_vop_access
515  *
516  * This is a wrapper round VOP_ACCESS. VOP_ACCESS checks the given mode
517  * against file's ACL or Unix permissions. CIFS on the other hand needs to
518  * know if the requested operation can succeed for the given object, this
519  * requires more checks in case of DELETE bit since permissions on the parent
520  * directory are important as well. Based on Windows rules if parent's ACL
521  * grant FILE_DELETE_CHILD a file can be delete regardless of the file's
522  * permissions.
523  */
524 int
525 smb_vop_access(vnode_t *vp, int mode, int flags, vnode_t *dir_vp, cred_t *cr)
526 {
527 	int error = 0;
528 
529 	if (mode == 0)
530 		return (0);
531 
532 	error = VOP_ACCESS(vp, mode, flags, cr, NULL);
533 
534 	if (error == 0)
535 		return (0);
536 
537 	if ((mode & (ACE_DELETE|ACE_READ_ATTRIBUTES)) == 0 ||
538 	    flags != V_ACE_MASK || dir_vp == NULL)
539 		return (error);
540 
541 	if ((mode & ACE_DELETE) != 0) {
542 		error = VOP_ACCESS(dir_vp, ACE_DELETE_CHILD, flags,
543 		    cr, NULL);
544 
545 		if (error == 0)
546 			mode &= ~ACE_DELETE;
547 	}
548 	if ((mode & ACE_READ_ATTRIBUTES) != 0) {
549 		error = VOP_ACCESS(dir_vp, ACE_LIST_DIRECTORY, flags,
550 		    cr, NULL);
551 
552 		if (error == 0)
553 			mode &= ~ACE_READ_ATTRIBUTES;
554 	}
555 
556 	if (mode != 0)
557 		error = VOP_ACCESS(vp, mode, flags, cr, NULL);
558 
559 	return (error);
560 }
561 
562 /*
563  * smb_vop_lookup
564  *
565  * dvp:		directory vnode (in)
566  * name:	name of file to be looked up (in)
567  * vpp:		looked-up vnode (out)
568  * od_name:	on-disk name of file (out).
569  *		This parameter is optional.  If a pointer is passed in, it
570  *		must be allocated with MAXNAMELEN bytes
571  * rootvp:	vnode of the tree root (in)
572  *		This parameter is always passed in non-NULL except at the time
573  *		of share set up.
574  * direntflags:	dirent flags returned from VOP_LOOKUP
575  */
576 int
577 smb_vop_lookup(
578     vnode_t		*dvp,
579     char		*name,
580     vnode_t		**vpp,
581     char		*od_name,
582     int			flags,
583     int			*direntflags,
584     vnode_t		*rootvp,
585     smb_attr_t		*attr,
586     cred_t		*cr)
587 {
588 	int error = 0;
589 	int option_flags = 0;
590 	pathname_t rpn;
591 	char *np = name;
592 	char namebuf[MAXNAMELEN];
593 
594 	if (*name == '\0')
595 		return (EINVAL);
596 
597 	ASSERT(vpp);
598 	*vpp = NULL;
599 	*direntflags = 0;
600 
601 	if ((name[0] == '.') && (name[1] == '.') && (name[2] == 0)) {
602 		if (rootvp && (dvp == rootvp)) {
603 			VN_HOLD(dvp);
604 			*vpp = dvp;
605 			return (0);
606 		}
607 
608 		if (dvp->v_flag & VROOT) {
609 			vfs_t *vfsp;
610 			vnode_t *cvp = dvp;
611 
612 			/*
613 			 * Set dvp and check for races with forced unmount
614 			 * (see lookuppnvp())
615 			 */
616 
617 			vfsp = cvp->v_vfsp;
618 			vfs_rlock_wait(vfsp);
619 			if (((dvp = cvp->v_vfsp->vfs_vnodecovered) == NULL) ||
620 			    (cvp->v_vfsp->vfs_flag & VFS_UNMOUNTED)) {
621 				vfs_unlock(vfsp);
622 				return (EIO);
623 			}
624 			vfs_unlock(vfsp);
625 		}
626 	}
627 
628 	if (flags & SMB_IGNORE_CASE)
629 		option_flags = FIGNORECASE;
630 
631 	if (flags & SMB_CATIA)
632 		np = smb_vop_catia_v5tov4(name, namebuf, sizeof (namebuf));
633 
634 	pn_alloc(&rpn);
635 
636 	/*
637 	 * Easier to not have junk in rpn, as not every FS type
638 	 * will necessarily fill that in for us.
639 	 */
640 	bzero(rpn.pn_buf, rpn.pn_bufsize);
641 
642 	error = VOP_LOOKUP(dvp, np, vpp, NULL, option_flags, NULL, cr,
643 	    &smb_ct, direntflags, &rpn);
644 
645 	if (error == 0) {
646 		if (od_name) {
647 			bzero(od_name, MAXNAMELEN);
648 			if ((option_flags & FIGNORECASE) != 0 &&
649 			    rpn.pn_buf[0] != '\0')
650 				np = rpn.pn_buf;
651 			else
652 				np = name;
653 			if (flags & SMB_CATIA)
654 				smb_vop_catia_v4tov5(np, od_name, MAXNAMELEN);
655 			else
656 				(void) strlcpy(od_name, np, MAXNAMELEN);
657 		}
658 
659 		if (attr != NULL) {
660 			attr->sa_mask = SMB_AT_ALL;
661 			(void) smb_vop_getattr(*vpp, NULL, attr, 0,
662 			    zone_kcred());
663 		}
664 	}
665 
666 	pn_free(&rpn);
667 	return (error);
668 }
669 
670 int
671 smb_vop_create(vnode_t *dvp, char *name, smb_attr_t *attr, vnode_t **vpp,
672     int flags, cred_t *cr, vsecattr_t *vsap)
673 {
674 	int error;
675 	int option_flags = 0;
676 	xvattr_t xvattr;
677 	vattr_t *vap;
678 	char *np = name;
679 	char namebuf[MAXNAMELEN];
680 
681 	if (flags & SMB_IGNORE_CASE)
682 		option_flags = FIGNORECASE;
683 
684 	attr->sa_vattr.va_mask = 0;
685 
686 	if (vfs_has_feature(dvp->v_vfsp, VFSFT_XVATTR)) {
687 		smb_vop_setup_xvattr(attr, &xvattr);
688 		vap = &xvattr.xva_vattr;
689 	} else {
690 		smb_sa_to_va_mask(attr->sa_mask, &attr->sa_vattr.va_mask);
691 		vap = &attr->sa_vattr;
692 	}
693 
694 	if (flags & SMB_CATIA) {
695 		np = smb_vop_catia_v5tov4(name, namebuf, sizeof (namebuf));
696 		if (strchr(np, '/') != NULL)
697 			return (EILSEQ);
698 	}
699 
700 	error = VOP_CREATE(dvp, np, vap, EXCL, attr->sa_vattr.va_mode,
701 	    vpp, cr, option_flags, &smb_ct, vsap);
702 
703 	/*
704 	 * One could argue that filesystems should obey the size
705 	 * if specified in the create attributes.  Unfortunately,
706 	 * they only appear to let you truncate the size to zero.
707 	 * SMB needs to set a non-zero size, so work-around.
708 	 */
709 	if (error == 0 && *vpp != NULL &&
710 	    (vap->va_mask & AT_SIZE) != 0 &&
711 	    vap->va_size > 0) {
712 		vattr_t ta = *vap;
713 		ta.va_mask = AT_SIZE;
714 		(void) VOP_SETATTR(*vpp, &ta, 0, cr, &smb_ct);
715 	}
716 
717 	return (error);
718 }
719 
720 int
721 smb_vop_remove(vnode_t *dvp, char *name, int flags, cred_t *cr)
722 {
723 	int error;
724 	int option_flags = 0;
725 	char *np = name;
726 	char namebuf[MAXNAMELEN];
727 
728 	if (flags & SMB_IGNORE_CASE)
729 		option_flags = FIGNORECASE;
730 
731 	if (flags & SMB_CATIA)
732 		np = smb_vop_catia_v5tov4(name, namebuf, sizeof (namebuf));
733 
734 	error = VOP_REMOVE(dvp, np, cr, &smb_ct, option_flags);
735 
736 	return (error);
737 }
738 
739 /*
740  * smb_vop_link(target-dir-vp, source-file-vp, target-name)
741  *
742  * Create a link - same tree (identical TID) only.
743  */
744 int
745 smb_vop_link(vnode_t *to_dvp, vnode_t *from_vp, char *to_name,
746     int flags, cred_t *cr)
747 {
748 	int option_flags = 0;
749 	char *np, *buf;
750 	int rc;
751 
752 	if (flags & SMB_IGNORE_CASE)
753 		option_flags = FIGNORECASE;
754 
755 	if (flags & SMB_CATIA) {
756 		buf = kmem_zalloc(MAXNAMELEN, KM_SLEEP);
757 		np = smb_vop_catia_v5tov4(to_name, buf, MAXNAMELEN);
758 		if (strchr(np, '/') != NULL) {
759 			kmem_free(buf, MAXNAMELEN);
760 			return (EILSEQ);
761 		}
762 
763 		rc = VOP_LINK(to_dvp, from_vp, np, cr, &smb_ct, option_flags);
764 		kmem_free(buf, MAXNAMELEN);
765 		return (rc);
766 	}
767 
768 	rc = VOP_LINK(to_dvp, from_vp, to_name, cr, &smb_ct, option_flags);
769 	return (rc);
770 }
771 
772 /*
773  * smb_vop_rename()
774  *
775  * The rename is for files in the same tree (identical TID) only.
776  */
777 int
778 smb_vop_rename(vnode_t *from_dvp, char *from_name, vnode_t *to_dvp,
779     char *to_name, int flags, cred_t *cr)
780 {
781 	int error;
782 	int option_flags = 0;
783 	char *from, *to, *fbuf, *tbuf;
784 
785 	if (flags & SMB_IGNORE_CASE)
786 		option_flags = FIGNORECASE;
787 
788 	if (flags & SMB_CATIA) {
789 		tbuf = kmem_zalloc(MAXNAMELEN, KM_SLEEP);
790 		to = smb_vop_catia_v5tov4(to_name, tbuf, MAXNAMELEN);
791 		if (strchr(to, '/') != NULL) {
792 			kmem_free(tbuf, MAXNAMELEN);
793 			return (EILSEQ);
794 		}
795 
796 		fbuf = kmem_zalloc(MAXNAMELEN, KM_SLEEP);
797 		from = smb_vop_catia_v5tov4(from_name, fbuf, MAXNAMELEN);
798 
799 		error = VOP_RENAME(from_dvp, from, to_dvp, to, cr,
800 		    &smb_ct, option_flags);
801 
802 		kmem_free(tbuf, MAXNAMELEN);
803 		kmem_free(fbuf, MAXNAMELEN);
804 		return (error);
805 	}
806 
807 	error = VOP_RENAME(from_dvp, from_name, to_dvp, to_name, cr,
808 	    &smb_ct, option_flags);
809 
810 	return (error);
811 }
812 
813 int
814 smb_vop_mkdir(vnode_t *dvp, char *name, smb_attr_t *attr, vnode_t **vpp,
815     int flags, cred_t *cr, vsecattr_t *vsap)
816 {
817 	int error;
818 	int option_flags = 0;
819 	xvattr_t xvattr;
820 	vattr_t *vap;
821 	char *np = name;
822 	char namebuf[MAXNAMELEN];
823 
824 	if (flags & SMB_IGNORE_CASE)
825 		option_flags = FIGNORECASE;
826 
827 	attr->sa_vattr.va_mask = 0;
828 
829 	if (vfs_has_feature(dvp->v_vfsp, VFSFT_XVATTR)) {
830 		smb_vop_setup_xvattr(attr, &xvattr);
831 		vap = &xvattr.xva_vattr;
832 	} else {
833 		smb_sa_to_va_mask(attr->sa_mask, &attr->sa_vattr.va_mask);
834 		vap = &attr->sa_vattr;
835 	}
836 
837 	if (flags & SMB_CATIA) {
838 		np = smb_vop_catia_v5tov4(name, namebuf, sizeof (namebuf));
839 		if (strchr(np, '/') != NULL)
840 			return (EILSEQ);
841 	}
842 
843 	error = VOP_MKDIR(dvp, np, vap, vpp, cr, &smb_ct, option_flags, vsap);
844 
845 	return (error);
846 }
847 
848 /*
849  * smb_vop_rmdir()
850  *
851  * Only simple rmdir supported, consistent with NT semantics
852  * (can only remove an empty directory).
853  *
854  * The third argument to VOP_RMDIR  is the current directory of
855  * the process.  It allows rmdir wants to EINVAL if one tries to
856  * remove ".".  Since SMB servers do not know what their clients'
857  * current directories are, we fake it by supplying a vnode known
858  * to exist and illegal to remove (rootdir).
859  */
860 int
861 smb_vop_rmdir(vnode_t *dvp, char *name, int flags, cred_t *cr)
862 {
863 	int error;
864 	int option_flags = 0;
865 	char *np = name;
866 	char namebuf[MAXNAMELEN];
867 
868 	if (flags & SMB_IGNORE_CASE)
869 		option_flags = FIGNORECASE;
870 
871 	if (flags & SMB_CATIA)
872 		np = smb_vop_catia_v5tov4(name, namebuf, sizeof (namebuf));
873 
874 	error = VOP_RMDIR(dvp, np, rootdir, cr, &smb_ct, option_flags);
875 	return (error);
876 }
877 
878 int
879 smb_vop_commit(vnode_t *vp, cred_t *cr)
880 {
881 	return (VOP_FSYNC(vp, 1, cr, &smb_ct));
882 }
883 
884 /*
885  * Some code in smb_node.c needs to know which DOS attributes
886  * we can actually store.  Let's define a mask here of all the
887  * DOS attribute flags supported by the following function.
888  */
889 const uint32_t
890 smb_vop_dosattr_settable =
891 	FILE_ATTRIBUTE_ARCHIVE |
892 	FILE_ATTRIBUTE_SYSTEM |
893 	FILE_ATTRIBUTE_HIDDEN |
894 	FILE_ATTRIBUTE_READONLY |
895 	FILE_ATTRIBUTE_OFFLINE |
896 	FILE_ATTRIBUTE_SPARSE_FILE;
897 
898 static void
899 smb_vop_setup_xvattr(smb_attr_t *smb_attr, xvattr_t *xvattr)
900 {
901 	xoptattr_t *xoap = NULL;
902 	uint_t xva_mask;
903 
904 	/*
905 	 * Initialize xvattr, including bzero
906 	 */
907 	xva_init(xvattr);
908 	xoap = xva_getxoptattr(xvattr);
909 
910 	ASSERT(xoap);
911 
912 	/*
913 	 * Copy caller-specified classic attributes to xvattr.
914 	 * First save xvattr's mask (set in xva_init()), which
915 	 * contains AT_XVATTR.  This is |'d in later if needed.
916 	 */
917 
918 	xva_mask = xvattr->xva_vattr.va_mask;
919 	xvattr->xva_vattr = smb_attr->sa_vattr;
920 
921 	smb_sa_to_va_mask(smb_attr->sa_mask, &xvattr->xva_vattr.va_mask);
922 
923 	/*
924 	 * Do not set ctime (only the file system can do it)
925 	 */
926 
927 	xvattr->xva_vattr.va_mask &= ~AT_CTIME;
928 
929 	if (smb_attr->sa_mask & SMB_AT_DOSATTR) {
930 
931 		/*
932 		 * "|" in the original xva_mask, which contains
933 		 * AT_XVATTR
934 		 */
935 
936 		xvattr->xva_vattr.va_mask |= xva_mask;
937 
938 		XVA_SET_REQ(xvattr, XAT_ARCHIVE);
939 		XVA_SET_REQ(xvattr, XAT_SYSTEM);
940 		XVA_SET_REQ(xvattr, XAT_READONLY);
941 		XVA_SET_REQ(xvattr, XAT_HIDDEN);
942 		XVA_SET_REQ(xvattr, XAT_OFFLINE);
943 		XVA_SET_REQ(xvattr, XAT_SPARSE);
944 
945 		/*
946 		 * smb_attr->sa_dosattr: If a given bit is not set,
947 		 * that indicates that the corresponding field needs
948 		 * to be updated with a "0" value.  This is done
949 		 * implicitly as the xoap->xoa_* fields were bzero'd.
950 		 */
951 
952 		if (smb_attr->sa_dosattr & FILE_ATTRIBUTE_ARCHIVE)
953 			xoap->xoa_archive = 1;
954 
955 		if (smb_attr->sa_dosattr & FILE_ATTRIBUTE_SYSTEM)
956 			xoap->xoa_system = 1;
957 
958 		if (smb_attr->sa_dosattr & FILE_ATTRIBUTE_READONLY)
959 			xoap->xoa_readonly = 1;
960 
961 		if (smb_attr->sa_dosattr & FILE_ATTRIBUTE_HIDDEN)
962 			xoap->xoa_hidden = 1;
963 
964 		if (smb_attr->sa_dosattr & FILE_ATTRIBUTE_OFFLINE)
965 			xoap->xoa_offline = 1;
966 
967 		if (smb_attr->sa_dosattr & FILE_ATTRIBUTE_SPARSE_FILE)
968 			xoap->xoa_sparse = 1;
969 	}
970 
971 	if (smb_attr->sa_mask & SMB_AT_CRTIME) {
972 		/*
973 		 * "|" in the original xva_mask, which contains
974 		 * AT_XVATTR
975 		 */
976 
977 		xvattr->xva_vattr.va_mask |= xva_mask;
978 		XVA_SET_REQ(xvattr, XAT_CREATETIME);
979 		xoap->xoa_createtime = smb_attr->sa_crtime;
980 	}
981 }
982 
983 /*
984  * smb_vop_readdir()
985  *
986  * Collects an SMB_MINLEN_RDDIR_BUF "page" of directory entries.
987  * The directory entries are returned in an fs-independent format by the
988  * underlying file system.  That is, the "page" of information returned is
989  * not literally stored on-disk in the format returned.
990  * If the file system supports extended directory entries (has features
991  * VFSFT_DIRENTFLAGS), set V_RDDIR_ENTFLAGS to cause the buffer to be
992  * filled with edirent_t structures, instead of dirent64_t structures.
993  * If the file system supports access based enumeration (abe), set
994  * V_RDDIR_ACCFILTER to filter directory entries based on user cred.
995  */
996 int
997 smb_vop_readdir(vnode_t *vp, uint32_t offset,
998     void *buf, int *count, int *eof, uint32_t rddir_flag, cred_t *cr)
999 {
1000 	int error = 0;
1001 	int flags = 0;
1002 	int rdirent_size;
1003 	struct uio auio;
1004 	struct iovec aiov;
1005 
1006 	if (vp->v_type != VDIR)
1007 		return (ENOTDIR);
1008 
1009 	if (vfs_has_feature(vp->v_vfsp, VFSFT_DIRENTFLAGS)) {
1010 		flags |= V_RDDIR_ENTFLAGS;
1011 		rdirent_size = sizeof (edirent_t);
1012 	} else {
1013 		rdirent_size = sizeof (dirent64_t);
1014 	}
1015 
1016 	if (*count < rdirent_size)
1017 		return (EINVAL);
1018 
1019 	if (rddir_flag & SMB_ABE)
1020 		flags |= V_RDDIR_ACCFILTER;
1021 
1022 	aiov.iov_base = buf;
1023 	aiov.iov_len = *count;
1024 	auio.uio_iov = &aiov;
1025 	auio.uio_iovcnt = 1;
1026 	auio.uio_loffset = (uint64_t)offset;
1027 	auio.uio_segflg = UIO_SYSSPACE;
1028 	auio.uio_extflg = UIO_COPY_DEFAULT;
1029 	auio.uio_resid = *count;
1030 	auio.uio_fmode = 0;
1031 
1032 	(void) VOP_RWLOCK(vp, V_WRITELOCK_FALSE, &smb_ct);
1033 	error = VOP_READDIR(vp, &auio, cr, eof, &smb_ct, flags);
1034 	VOP_RWUNLOCK(vp, V_WRITELOCK_FALSE, &smb_ct);
1035 
1036 	if (error == 0)
1037 		*count = *count - auio.uio_resid;
1038 
1039 	return (error);
1040 }
1041 
1042 /*
1043  * smb_sa_to_va_mask
1044  *
1045  * Set va_mask by running through the SMB_AT_* #define's and
1046  * setting those bits that correspond to the SMB_AT_* bits
1047  * set in sa_mask.
1048  */
1049 void
1050 smb_sa_to_va_mask(uint_t sa_mask, uint_t *va_maskp)
1051 {
1052 	int i;
1053 	uint_t smask;
1054 
1055 	smask = (sa_mask);
1056 	for (i = SMB_AT_TYPE; (i < SMB_AT_MAX) && (smask != 0); ++i) {
1057 		if (smask & 1)
1058 			*(va_maskp) |= smb_attrmap[i];
1059 
1060 		smask >>= 1;
1061 	}
1062 }
1063 
1064 /*
1065  * smb_vop_stream_lookup()
1066  *
1067  * The name returned in od_name is the on-disk name of the stream with the
1068  * SMB_STREAM_PREFIX stripped off.  od_name should be allocated to MAXNAMELEN
1069  * by the caller.
1070  */
1071 int
1072 smb_vop_stream_lookup(
1073     vnode_t		*fvp,
1074     char		*stream_name,
1075     vnode_t		**vpp,
1076     char		*od_name,
1077     vnode_t		**xattrdirvpp,
1078     int			flags,
1079     vnode_t		*rootvp,
1080     cred_t		*cr)
1081 {
1082 	char *solaris_stream_name;
1083 	char *name;
1084 	int error, tmpflgs;
1085 
1086 	if ((error = smb_vop_lookup_xattrdir(fvp, xattrdirvpp,
1087 	    LOOKUP_XATTR | CREATE_XATTR_DIR, cr)) != 0)
1088 		return (error);
1089 
1090 	/*
1091 	 * Prepend SMB_STREAM_PREFIX to stream name
1092 	 */
1093 
1094 	solaris_stream_name = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1095 	(void) snprintf(solaris_stream_name, MAXNAMELEN,
1096 	    "%s%s", SMB_STREAM_PREFIX, stream_name);
1097 
1098 	/*
1099 	 * "name" will hold the on-disk name returned from smb_vop_lookup
1100 	 * for the stream, including the SMB_STREAM_PREFIX.
1101 	 */
1102 
1103 	name = kmem_zalloc(MAXNAMELEN, KM_SLEEP);
1104 
1105 	if ((error = smb_vop_lookup(*xattrdirvpp, solaris_stream_name, vpp,
1106 	    name, flags, &tmpflgs, rootvp, NULL, cr)) != 0) {
1107 		VN_RELE(*xattrdirvpp);
1108 	} else {
1109 		(void) strlcpy(od_name, &(name[SMB_STREAM_PREFIX_LEN]),
1110 		    MAXNAMELEN);
1111 	}
1112 
1113 	kmem_free(solaris_stream_name, MAXNAMELEN);
1114 	kmem_free(name, MAXNAMELEN);
1115 
1116 	return (error);
1117 }
1118 
1119 int
1120 smb_vop_stream_create(vnode_t *fvp, char *stream_name, smb_attr_t *attr,
1121     vnode_t **vpp, vnode_t **xattrdirvpp, int flags, cred_t *cr)
1122 {
1123 	char *solaris_stream_name;
1124 	int error;
1125 
1126 	if ((error = smb_vop_lookup_xattrdir(fvp, xattrdirvpp,
1127 	    LOOKUP_XATTR | CREATE_XATTR_DIR, cr)) != 0)
1128 		return (error);
1129 
1130 	/*
1131 	 * Prepend SMB_STREAM_PREFIX to stream name
1132 	 */
1133 
1134 	solaris_stream_name = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1135 	(void) snprintf(solaris_stream_name, MAXNAMELEN,
1136 	    "%s%s", SMB_STREAM_PREFIX, stream_name);
1137 
1138 	if ((error = smb_vop_create(*xattrdirvpp, solaris_stream_name, attr,
1139 	    vpp, flags, cr, NULL)) != 0)
1140 		VN_RELE(*xattrdirvpp);
1141 
1142 	kmem_free(solaris_stream_name, MAXNAMELEN);
1143 
1144 	return (error);
1145 }
1146 
1147 int
1148 smb_vop_stream_remove(vnode_t *vp, char *stream_name, int flags, cred_t *cr)
1149 {
1150 	char *solaris_stream_name;
1151 	vnode_t *xattrdirvp;
1152 	int error;
1153 
1154 	error = smb_vop_lookup_xattrdir(vp, &xattrdirvp, LOOKUP_XATTR, cr);
1155 	if (error != 0)
1156 		return (error);
1157 
1158 	/*
1159 	 * Prepend SMB_STREAM_PREFIX to stream name
1160 	 */
1161 
1162 	solaris_stream_name = kmem_alloc(MAXNAMELEN, KM_SLEEP);
1163 	(void) snprintf(solaris_stream_name, MAXNAMELEN,
1164 	    "%s%s", SMB_STREAM_PREFIX, stream_name);
1165 
1166 	/* XXX might have to use kcred */
1167 	error = smb_vop_remove(xattrdirvp, solaris_stream_name, flags, cr);
1168 
1169 	kmem_free(solaris_stream_name, MAXNAMELEN);
1170 	VN_RELE(xattrdirvp);
1171 
1172 	return (error);
1173 }
1174 
1175 int
1176 smb_vop_lookup_xattrdir(vnode_t *fvp, vnode_t **xattrdirvpp, int flags,
1177     cred_t *cr)
1178 {
1179 	int error;
1180 
1181 	error = VOP_LOOKUP(fvp, "", xattrdirvpp, NULL, flags, NULL, cr,
1182 	    &smb_ct, NULL, NULL);
1183 	return (error);
1184 }
1185 
1186 /*
1187  * smb_vop_traverse_check()
1188  *
1189  * This function checks to see if the passed-in vnode has a file system
1190  * mounted on it.  If it does, the mount point is "traversed" and the
1191  * vnode for the root of the file system is returned.
1192  */
1193 int
1194 smb_vop_traverse_check(vnode_t **vpp)
1195 {
1196 	int error;
1197 
1198 	if (vn_mountedvfs(*vpp) == 0)
1199 		return (0);
1200 
1201 	/*
1202 	 * traverse() may return a different held vnode, even in the error case.
1203 	 * If it returns a different vnode, it will have released the original.
1204 	 */
1205 
1206 	error = traverse(vpp);
1207 
1208 	return (error);
1209 }
1210 
1211 int /*ARGSUSED*/
1212 smb_vop_statfs(vnode_t *vp, struct statvfs64 *statp, cred_t *cr)
1213 {
1214 	int error;
1215 
1216 	error = VFS_STATVFS(vp->v_vfsp, statp);
1217 
1218 	return (error);
1219 }
1220 
1221 /*
1222  * smb_vop_acl_read
1223  *
1224  * Reads the ACL of the specified file into 'aclp'.
1225  * acl_type is the type of ACL which the filesystem supports.
1226  *
1227  * Caller has to free the allocated memory for aclp by calling
1228  * acl_free().
1229  */
1230 int
1231 smb_vop_acl_read(vnode_t *vp, acl_t **aclp, int flags, acl_type_t acl_type,
1232     cred_t *cr)
1233 {
1234 	int error;
1235 	vsecattr_t vsecattr;
1236 
1237 	ASSERT(vp);
1238 	ASSERT(aclp);
1239 
1240 	*aclp = NULL;
1241 	bzero(&vsecattr, sizeof (vsecattr_t));
1242 
1243 	switch (acl_type) {
1244 	case ACLENT_T:
1245 		vsecattr.vsa_mask = VSA_ACL | VSA_ACLCNT | VSA_DFACL |
1246 		    VSA_DFACLCNT;
1247 		break;
1248 
1249 	case ACE_T:
1250 		vsecattr.vsa_mask = VSA_ACE | VSA_ACECNT | VSA_ACE_ACLFLAGS;
1251 		break;
1252 
1253 	default:
1254 		return (EINVAL);
1255 	}
1256 
1257 	if ((error = VOP_GETSECATTR(vp, &vsecattr, flags, cr, &smb_ct)) != 0)
1258 		return (error);
1259 
1260 	*aclp = smb_fsacl_from_vsa(&vsecattr, acl_type);
1261 	if (vp->v_type == VDIR)
1262 		(*aclp)->acl_flags |= ACL_IS_DIR;
1263 
1264 	return (0);
1265 }
1266 
1267 /*
1268  * smb_vop_acl_write
1269  *
1270  * Writes the given ACL in aclp for the specified file.
1271  */
1272 int
1273 smb_vop_acl_write(vnode_t *vp, acl_t *aclp, int flags, cred_t *cr)
1274 {
1275 	int error;
1276 	vsecattr_t vsecattr;
1277 	int aclbsize;
1278 
1279 	ASSERT(vp);
1280 	ASSERT(aclp);
1281 
1282 	error = smb_fsacl_to_vsa(aclp, &vsecattr, &aclbsize);
1283 
1284 	if (error == 0) {
1285 		(void) VOP_RWLOCK(vp, V_WRITELOCK_TRUE, &smb_ct);
1286 		error = VOP_SETSECATTR(vp, &vsecattr, flags, cr, &smb_ct);
1287 		VOP_RWUNLOCK(vp, V_WRITELOCK_TRUE, &smb_ct);
1288 	}
1289 
1290 	if (aclbsize && vsecattr.vsa_aclentp)
1291 		kmem_free(vsecattr.vsa_aclentp, aclbsize);
1292 
1293 	return (error);
1294 }
1295 
1296 /*
1297  * smb_vop_acl_type
1298  *
1299  * Determines the ACL type for the given vnode.
1300  * ACLENT_T is a Posix ACL and ACE_T is a ZFS ACL.
1301  */
1302 acl_type_t
1303 smb_vop_acl_type(vnode_t *vp)
1304 {
1305 	int error;
1306 	ulong_t whichacl;
1307 
1308 	error = VOP_PATHCONF(vp, _PC_ACL_ENABLED, &whichacl,
1309 	    zone_kcred(), NULL);
1310 	if (error != 0) {
1311 		/*
1312 		 * If we got an error, then the filesystem
1313 		 * likely does not understand the _PC_ACL_ENABLED
1314 		 * pathconf.  In this case, we fall back to trying
1315 		 * POSIX-draft (aka UFS-style) ACLs.
1316 		 */
1317 		whichacl = _ACL_ACLENT_ENABLED;
1318 	}
1319 
1320 	if (!(whichacl & (_ACL_ACE_ENABLED | _ACL_ACLENT_ENABLED))) {
1321 		/*
1322 		 * If the file system supports neither ACE nor
1323 		 * ACLENT ACLs we will fall back to UFS-style ACLs
1324 		 * like we did above if there was an error upon
1325 		 * calling VOP_PATHCONF.
1326 		 *
1327 		 * ACE and ACLENT type ACLs are the only interfaces
1328 		 * supported thus far.  If any other bits are set on
1329 		 * 'whichacl' upon return from VOP_PATHCONF, we will
1330 		 * ignore them.
1331 		 */
1332 		whichacl = _ACL_ACLENT_ENABLED;
1333 	}
1334 
1335 	if (whichacl == _ACL_ACLENT_ENABLED)
1336 		return (ACLENT_T);
1337 
1338 	return (ACE_T);
1339 }
1340 
1341 static const int zfs_perms[] = {
1342 	ACE_READ_DATA, ACE_WRITE_DATA, ACE_APPEND_DATA, ACE_READ_NAMED_ATTRS,
1343 	ACE_WRITE_NAMED_ATTRS, ACE_EXECUTE, ACE_DELETE_CHILD,
1344 	ACE_READ_ATTRIBUTES, ACE_WRITE_ATTRIBUTES, ACE_DELETE, ACE_READ_ACL,
1345 	ACE_WRITE_ACL, ACE_WRITE_OWNER, ACE_SYNCHRONIZE
1346 };
1347 
1348 static const int unix_perms[] = { VREAD, VWRITE, VEXEC };
1349 /*
1350  * smb_vop_eaccess
1351  *
1352  * Returns the effective permission of the given credential for the
1353  * specified object.
1354  *
1355  * This is just a workaround. We need VFS/FS support for this.
1356  */
1357 void
1358 smb_vop_eaccess(vnode_t *vp, int *mode, int flags, vnode_t *dir_vp, cred_t *cr)
1359 {
1360 	int error, i;
1361 	int pnum;
1362 
1363 	*mode = 0;
1364 
1365 	if (flags == V_ACE_MASK) {
1366 		pnum = sizeof (zfs_perms) / sizeof (int);
1367 
1368 		for (i = 0; i < pnum; i++) {
1369 			error = smb_vop_access(vp, zfs_perms[i], flags,
1370 			    dir_vp, cr);
1371 			if (error == 0)
1372 				*mode |= zfs_perms[i];
1373 		}
1374 	} else {
1375 		pnum = sizeof (unix_perms) / sizeof (int);
1376 
1377 		for (i = 0; i < pnum; i++) {
1378 			error = smb_vop_access(vp, unix_perms[i], flags,
1379 			    dir_vp, cr);
1380 			if (error == 0)
1381 				*mode |= unix_perms[i];
1382 		}
1383 	}
1384 }
1385 
1386 /*
1387  * See comments for smb_fsop_shrlock()
1388  */
1389 int
1390 smb_vop_shrlock(vnode_t *vp, uint32_t uniq_fid, uint32_t desired_access,
1391     uint32_t share_access, cred_t *cr)
1392 {
1393 	struct shrlock shr;
1394 	struct shr_locowner shr_own;
1395 	short new_access = 0;
1396 	short deny = 0;
1397 	int flag = 0;
1398 	int cmd;
1399 
1400 	/*
1401 	 * share locking is not supported for non-regular
1402 	 * objects in NBMAND mode.
1403 	 */
1404 	if (nbl_need_check(vp)) {
1405 		if (vp->v_type != VREG)
1406 			return (0);
1407 
1408 		cmd = F_SHARE_NBMAND;
1409 	} else {
1410 		cmd = F_SHARE;
1411 	}
1412 
1413 	if ((desired_access & FILE_DATA_ALL) == 0) {
1414 		/* metadata access only */
1415 		new_access |= F_MDACC;
1416 	} else {
1417 		if (desired_access & (ACE_READ_DATA | ACE_EXECUTE)) {
1418 			new_access |= F_RDACC;
1419 			flag |= FREAD;
1420 		}
1421 
1422 		if (desired_access & (ACE_WRITE_DATA | ACE_APPEND_DATA |
1423 		    ACE_ADD_FILE)) {
1424 			new_access |= F_WRACC;
1425 			flag |= FWRITE;
1426 		}
1427 
1428 		if (SMB_DENY_READ(share_access)) {
1429 			deny |= F_RDDNY;
1430 		}
1431 
1432 		if (SMB_DENY_WRITE(share_access)) {
1433 			deny |= F_WRDNY;
1434 		}
1435 
1436 		if (cmd == F_SHARE_NBMAND) {
1437 			if (desired_access & ACE_DELETE)
1438 				new_access |= F_RMACC;
1439 
1440 			if (SMB_DENY_DELETE(share_access)) {
1441 				deny |= F_RMDNY;
1442 			}
1443 		}
1444 	}
1445 
1446 	shr.s_access = new_access;
1447 	shr.s_deny = deny;
1448 	shr.s_sysid = smb_ct.cc_sysid;
1449 	shr.s_pid = uniq_fid;
1450 	shr.s_own_len = sizeof (shr_own);
1451 	shr.s_owner = (caddr_t)&shr_own;
1452 	shr_own.sl_id = shr.s_sysid;
1453 	shr_own.sl_pid = shr.s_pid;
1454 
1455 	return (VOP_SHRLOCK(vp, cmd, &shr, flag, cr, NULL));
1456 }
1457 
1458 int
1459 smb_vop_unshrlock(vnode_t *vp, uint32_t uniq_fid, cred_t *cr)
1460 {
1461 	struct shrlock shr;
1462 	struct shr_locowner shr_own;
1463 
1464 	/*
1465 	 * share locking is not supported for non-regular
1466 	 * objects in NBMAND mode.
1467 	 */
1468 	if (nbl_need_check(vp) && (vp->v_type != VREG))
1469 		return (0);
1470 
1471 	/*
1472 	 * For s_access and s_deny, we do not need to pass in the original
1473 	 * values.
1474 	 */
1475 	shr.s_access = 0;
1476 	shr.s_deny = 0;
1477 	shr.s_sysid = smb_ct.cc_sysid;
1478 	shr.s_pid = uniq_fid;
1479 	shr.s_own_len = sizeof (shr_own);
1480 	shr.s_owner = (caddr_t)&shr_own;
1481 	shr_own.sl_id = shr.s_sysid;
1482 	shr_own.sl_pid = shr.s_pid;
1483 
1484 	return (VOP_SHRLOCK(vp, F_UNSHARE, &shr, 0, cr, NULL));
1485 }
1486 
1487 /*
1488  * Note about mandatory vs advisory locks:
1489  *
1490  * The SMB server really should always request mandatory locks, and
1491  * if the file system does not support them, the SMB server should
1492  * just tell the client it could not get the lock. If we were to
1493  * tell the SMB client "you got the lock" when what they really
1494  * got was only an advisory lock, we would be lying to the client
1495  * about their having exclusive access to the locked range, which
1496  * could easily lead to data corruption.  If someone really wants
1497  * the (dangerous) behavior they can set: smb_allow_advisory_locks
1498  */
1499 int
1500 smb_vop_frlock(vnode_t *vp, cred_t *cr, int flag, flock64_t *bf)
1501 {
1502 	flk_callback_t flk_cb;
1503 	int cmd = F_SETLK_NBMAND;
1504 
1505 	if (smb_allow_advisory_locks != 0 && !nbl_need_check(vp)) {
1506 		/*
1507 		 * The file system does not support nbmand, and
1508 		 * smb_allow_advisory_locks is enabled. (danger!)
1509 		 */
1510 		cmd = F_SETLK;
1511 	}
1512 
1513 	flk_init_callback(&flk_cb, smb_lock_frlock_callback, NULL);
1514 
1515 	return (VOP_FRLOCK(vp, cmd, bf, flag, 0, &flk_cb, cr, &smb_ct));
1516 }
1517 
1518 static callb_cpr_t *
1519 /* ARGSUSED */
1520 smb_lock_frlock_callback(flk_cb_when_t when, void *error)
1521 {
1522 	return (0);
1523 }
1524 
1525 /*
1526  * smb_vop_catia_init_v4_lookup
1527  * Initialize  mapping between wide characters in the range from
1528  * 0x00A4 to 0x00FF and their UNIX (v4) equivalent (wide character).
1529  * Indexed by the decimal value of the wide character (164-255)
1530  * with an offset of -164.
1531  */
1532 static void
1533 smb_vop_catia_init_v4_lookup()
1534 {
1535 	int i, idx, offset = SMB_CATIA_V4_LOOKUP_LOW;
1536 
1537 	for (i = 0; i < SMB_CATIA_V4_LOOKUP_MAX; i++)
1538 		smb_catia_v4_lookup[i] = (smb_wchar_t)(i + offset);
1539 
1540 	for (i = 0; i < SMB_CATIA_NUM_MAPS; i++) {
1541 		idx = (int)catia_maps[i].winchar - offset;
1542 		smb_catia_v4_lookup[idx] = (smb_wchar_t)catia_maps[i].unixchar;
1543 	}
1544 }
1545 
1546 /*
1547  * smb_vop_catia_init_v5_lookup
1548  * Initialize mapping between UNIX ASCII (v4) characters and equivalent
1549  * or translated wide characters.
1550  * Indexed by the decimal value of the ASCII character (0-127).
1551  */
1552 static void
1553 smb_vop_catia_init_v5_lookup()
1554 {
1555 	int i, idx;
1556 
1557 	for (i = 0; i < SMB_CATIA_V5_LOOKUP_MAX; i++)
1558 		smb_catia_v5_lookup[i] = (smb_wchar_t)i;
1559 
1560 	for (i = 0; i < SMB_CATIA_NUM_MAPS; i++) {
1561 		idx = (int)catia_maps[i].unixchar;
1562 		smb_catia_v5_lookup[idx] = catia_maps[i].winchar;
1563 	}
1564 }
1565 
1566 static void
1567 smb_vop_catia_init()
1568 {
1569 	smb_vop_catia_init_v4_lookup();
1570 	smb_vop_catia_init_v5_lookup();
1571 }
1572 
1573 /*
1574  * smb_vop_catia_v5tov4
1575  * (windows (v5) to unix (v4))
1576  *
1577  * Traverse each character in the given source filename and convert the
1578  * multibyte that is equivalent to any special Windows character listed
1579  * in the catia_maps table to the Unix ASCII character if any is
1580  * encountered in the filename. The translated name is returned in buf.
1581  *
1582  * If an error occurs the conversion terminates and name is returned,
1583  * otherwise buf is returned.
1584  */
1585 char *
1586 smb_vop_catia_v5tov4(char *name, char *buf, int buflen)
1587 {
1588 	int v4_idx, numbytes, inc;
1589 	int space_left = buflen - 1; /* one byte reserved for null */
1590 	uint32_t wc;
1591 	char mbstring[MTS_MB_CHAR_MAX];
1592 	char *p, *src = name, *dst = buf;
1593 
1594 	ASSERT(name);
1595 	ASSERT(buf);
1596 
1597 	if (!buf || !name)
1598 		return (name);
1599 
1600 	bzero(buf, buflen);
1601 
1602 	while (*src) {
1603 		if ((numbytes = smb_mbtowc(&wc, src, MTS_MB_CHAR_MAX)) < 0)
1604 			return (name);
1605 
1606 		if (wc < SMB_CATIA_V4_LOOKUP_LOW ||
1607 		    wc > SMB_CATIA_V4_LOOKUP_UPPER) {
1608 			inc = numbytes;
1609 			p = src;
1610 		} else {
1611 			/* Lookup required. */
1612 			v4_idx = (int)wc - SMB_CATIA_V4_LOOKUP_LOW;
1613 			inc = smb_wctomb(mbstring, smb_catia_v4_lookup[v4_idx]);
1614 			p = mbstring;
1615 		}
1616 
1617 		if (space_left < inc)
1618 			return (name);
1619 
1620 		(void) strncpy(dst, p, inc);
1621 		dst += inc;
1622 		space_left -= inc;
1623 		src += numbytes;
1624 	}
1625 
1626 	return (buf);
1627 }
1628 
1629 /*
1630  * smb_vop_catia_v4tov5
1631  * (unix (v4) to windows (v5))
1632  *
1633  * Traverse each character in the given filename 'srcbuf' and convert
1634  * the special Unix character that is listed in the catia_maps table to
1635  * the UTF-8 encoding of the corresponding Windows character if any is
1636  * encountered in the filename.
1637  *
1638  * The translated name is returned in buf.
1639  * If an error occurs the conversion terminates and the original name
1640  * is returned in buf.
1641  */
1642 void
1643 smb_vop_catia_v4tov5(char *name, char *buf, int buflen)
1644 {
1645 	int v5_idx, numbytes;
1646 	int space_left = buflen - 1; /* one byte reserved for null */
1647 	uint32_t wc;
1648 	char mbstring[MTS_MB_CHAR_MAX];
1649 	char *src = name, *dst = buf;
1650 
1651 	ASSERT(name);
1652 	ASSERT(buf);
1653 
1654 	if (!buf || !name)
1655 		return;
1656 
1657 	(void) bzero(buf, buflen);
1658 	while (*src) {
1659 		if (smb_isascii(*src)) {
1660 			/* Lookup required */
1661 			v5_idx = (int)*src++;
1662 			numbytes = smb_wctomb(mbstring,
1663 			    smb_catia_v5_lookup[v5_idx]);
1664 			if (space_left < numbytes)
1665 				break;
1666 			(void) strncpy(dst, mbstring, numbytes);
1667 		} else {
1668 			if ((numbytes = smb_mbtowc(&wc, src,
1669 			    MTS_MB_CHAR_MAX)) < 0)
1670 				break;
1671 			if (space_left < numbytes)
1672 				break;
1673 			(void) strncpy(dst, src, numbytes);
1674 			src += numbytes;
1675 		}
1676 
1677 		dst += numbytes;
1678 		space_left -= numbytes;
1679 	}
1680 
1681 	if (*src)
1682 		(void) strlcpy(buf, name, buflen);
1683 }
1684