From 26cf280b71198d2c5b2d91a1f76e470abe030119 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Thu, 2 Jul 2020 14:09:15 +0200 Subject: [PATCH 1/7] smbd: increase loglevel when leases_db_del() with anything then NT_STATUS_NOT_FOUND BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428 Signed-off-by: Ralph Boehme Reviewed-by: Stefan Metzmacher (backported from commit fbb8bbe1243eb2a0351dc2422929278f85a99e26) [slow@samba.org: remove_lease_if_stale() does not exist in 4.11] --- source3/locking/locking.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/source3/locking/locking.c b/source3/locking/locking.c index 8fa1237d6ad8..5272a3dc829d 100644 --- a/source3/locking/locking.c +++ b/source3/locking/locking.c @@ -704,13 +704,16 @@ static void remove_share_mode_lease(struct share_mode_data *d, } { + int level = DBGLVL_DEBUG; NTSTATUS status; status = leases_db_del(&e->client_guid, &e->lease_key, &d->id); - - DEBUG(10, ("%s: leases_db_del returned %s\n", __func__, + if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) { + level = DBGLVL_ERR; + } + DBG_PREFIX(level, ("leases_db_del failed: %s\n", nt_errstr(status))); } } -- 2.17.1 From c63478d063e6204c70b4caa16acfcd18e79f26f5 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Thu, 2 Jul 2020 14:10:05 +0200 Subject: [PATCH 2/7] s3/leases: log NDR decoding failure with level 0 in leases_db_get_fn() BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428 Signed-off-by: Ralph Boehme (cherry picked from commit 383a2457bd6cbe0acd571a8d601f8bdc5365f0b4) --- source3/locking/leases_db.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source3/locking/leases_db.c b/source3/locking/leases_db.c index 17778050acce..3c074c627515 100644 --- a/source3/locking/leases_db.c +++ b/source3/locking/leases_db.c @@ -544,8 +544,8 @@ static void leases_db_get_fn(TDB_DATA key, TDB_DATA data, void *private_data) &blob, value, value, (ndr_pull_flags_fn_t)ndr_pull_leases_db_value); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - DBG_DEBUG("ndr_pull_struct_blob_failed: %s\n", - ndr_errstr(ndr_err)); + DBG_ERR("ndr_pull_struct_blob_failed: %s\n", + ndr_errstr(ndr_err)); TALLOC_FREE(value); state->status = ndr_map_error2ntstatus(ndr_err); return; -- 2.17.1 From 04e92535841acc2dfd77640ac854ad006863a619 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Thu, 2 Jul 2020 14:08:44 +0200 Subject: [PATCH 3/7] smbd: inverse if/else logic in get_lease_type() No change in behaviour. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428 Signed-off-by: Ralph Boehme Reviewed-by: Stefan Metzmacher (backported from commit e4328db1c94837a8ea5652971cea20055d3d24ff) [slow@samba.org: take id from d as it's not passed as arg] --- source3/smbd/oplock.c | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c index fe88adc98069..16484bb3d9d5 100644 --- a/source3/smbd/oplock.c +++ b/source3/smbd/oplock.c @@ -175,24 +175,24 @@ static void downgrade_file_oplock(files_struct *fsp) uint32_t get_lease_type(const struct share_mode_data *d, const struct share_mode_entry *e) { - if (e->op_type == LEASE_OPLOCK) { - NTSTATUS status; - uint32_t current_state; + NTSTATUS status; + uint32_t current_state; - status = leases_db_get( - &e->client_guid, - &e->lease_key, - &d->id, - ¤t_state, - NULL, /* breaking */ - NULL, /* breaking_to_requested */ - NULL, /* breaking_to_required */ - NULL, /* lease_version */ - NULL); /* epoch */ - SMB_ASSERT(NT_STATUS_IS_OK(status)); - return current_state; - } - return map_oplock_to_lease_type(e->op_type); + if (e->op_type != LEASE_OPLOCK) { + return map_oplock_to_lease_type(e->op_type); + } + + status = leases_db_get(&e->client_guid, + &e->lease_key, + &d->id, + ¤t_state, + NULL, /* breaking */ + NULL, /* breaking_to_requested */ + NULL, /* breaking_to_required */ + NULL, /* lease_version */ + NULL); /* epoch */ + SMB_ASSERT(NT_STATUS_IS_OK(status)); + return current_state; } /**************************************************************************** -- 2.17.1 From 22f37cf00b841cc364aa3af5c95a542b42086d07 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Thu, 2 Jul 2020 14:45:59 +0200 Subject: [PATCH 4/7] smbd: let get_lease_type() take a non-const share_mode_entry We're going to add a call to share_entry_stale_pid(share_mode_entry) which takes a non-const pointer (in order to eventually set e->state = true). BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428 Signed-off-by: Ralph Boehme Reviewed-by: Stefan Metzmacher (backported from commit 3f4a865821da27efbed4f7c38ad3efbcaae77a02) [slow@samba.org: get_lease_type() takes arg d in 4.11] --- source3/smbd/oplock.c | 4 ++-- source3/smbd/proto.h | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c index 16484bb3d9d5..83539693b9c7 100644 --- a/source3/smbd/oplock.c +++ b/source3/smbd/oplock.c @@ -172,8 +172,8 @@ static void downgrade_file_oplock(files_struct *fsp) TALLOC_FREE(fsp->oplock_timeout); } -uint32_t get_lease_type(const struct share_mode_data *d, - const struct share_mode_entry *e) +uint32_t get_lease_type(struct share_mode_data *d, + struct share_mode_entry *e) { NTSTATUS status; uint32_t current_state; diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h index 6e2509e7c574..82be9b4e364f 100644 --- a/source3/smbd/proto.h +++ b/source3/smbd/proto.h @@ -720,8 +720,8 @@ NTSTATUS create_file_default(connection_struct *conn, /* The following definitions come from smbd/oplock.c */ -uint32_t get_lease_type(const struct share_mode_data *d, - const struct share_mode_entry *e); +uint32_t get_lease_type(struct share_mode_data *d, + struct share_mode_entry *e); void break_kernel_oplock(struct messaging_context *msg_ctx, files_struct *fsp); NTSTATUS set_file_oplock(files_struct *fsp); -- 2.17.1 From 8ce2fde61e44f694d5434f9e98a62fdbd3b14393 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Thu, 2 Jul 2020 14:47:12 +0200 Subject: [PATCH 5/7] smbd: check for stale pid in get_lease_type() If leases_db_get() failed the leases_db record might have been cleaned up for stale processes. Check if the share-mode-entry owner is stale in this case and return a 0 lease state. In any other case, log a debug messages and panic. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428 Signed-off-by: Ralph Boehme Autobuild-User(master): Stefan Metzmacher Autobuild-Date(master): Thu Jul 2 16:45:42 UTC 2020 on sn-devel-184 (backported from commit 05d4466a6d1ad048fa86aea09ec0a56a7b961369) [slow@samba.org: use share_mode_stale_pid() instead of share_entry_stale_pid()] [metze@samba.org: use file_id_string_tos() instead of file_id_str_buf()] --- source3/smbd/oplock.c | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c index 83539693b9c7..bafd6c74c383 100644 --- a/source3/smbd/oplock.c +++ b/source3/smbd/oplock.c @@ -175,8 +175,10 @@ static void downgrade_file_oplock(files_struct *fsp) uint32_t get_lease_type(struct share_mode_data *d, struct share_mode_entry *e) { + struct GUID_txt_buf guid_strbuf; NTSTATUS status; uint32_t current_state; + int idx; if (e->op_type != LEASE_OPLOCK) { return map_oplock_to_lease_type(e->op_type); @@ -191,8 +193,31 @@ uint32_t get_lease_type(struct share_mode_data *d, NULL, /* breaking_to_required */ NULL, /* lease_version */ NULL); /* epoch */ - SMB_ASSERT(NT_STATUS_IS_OK(status)); - return current_state; + if (NT_STATUS_IS_OK(status)) { + return current_state; + } + + for (idx = 0; idx < d->num_share_modes; idx++) { + struct share_mode_entry *_e = &d->share_modes[idx]; + + if (_e->share_file_id == e->share_file_id) { + break; + } + } + SMB_ASSERT(idx < d->num_share_modes); + + if (share_mode_stale_pid(d, idx)) { + return 0; + } + DBG_ERR("leases_db_get for client_guid [%s] " + "lease_key [%"PRIu64"/%"PRIu64"] " + "file_id [%s] failed: %s\n", + GUID_buf_string(&e->client_guid, &guid_strbuf), + e->lease_key.data[0], + e->lease_key.data[1], + file_id_string_tos(&d->id), + nt_errstr(status)); + smb_panic("leases_db_get() failed"); } /**************************************************************************** -- 2.17.1 From 754f53ef554e8aa477075cdca82498b342aaf333 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 6 Jul 2020 14:03:39 +0200 Subject: [PATCH 6/7] s3:leases: log errors with level 0 in leases_db_do_locked_fn() BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428 Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison (cherry picked from commit 217693682d5bbd0f2d6b5331f47b2a6348840898) --- source3/locking/leases_db.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/source3/locking/leases_db.c b/source3/locking/leases_db.c index 3c074c627515..5a27944acc85 100644 --- a/source3/locking/leases_db.c +++ b/source3/locking/leases_db.c @@ -116,7 +116,7 @@ static void leases_db_do_locked_fn(struct db_record *rec, void *private_data) value, (ndr_pull_flags_fn_t)ndr_pull_leases_db_value); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - DBG_DEBUG("ndr_pull_struct_blob_failed: %s\n", + DBG_ERR("ndr_pull_struct_blob_failed: %s\n", ndr_errstr(ndr_err)); state->status = ndr_map_error2ntstatus(ndr_err); goto done; @@ -132,7 +132,7 @@ static void leases_db_do_locked_fn(struct db_record *rec, void *private_data) if (value->num_files == 0) { state->status = dbwrap_record_delete(rec); if (!NT_STATUS_IS_OK(state->status)) { - DBG_DEBUG("dbwrap_record_delete returned %s\n", + DBG_ERR("dbwrap_record_delete returned %s\n", nt_errstr(state->status)); } goto done; @@ -144,7 +144,7 @@ static void leases_db_do_locked_fn(struct db_record *rec, void *private_data) value, (ndr_push_flags_fn_t)ndr_push_leases_db_value); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - DBG_DEBUG("ndr_push_struct_blob_failed: %s\n", + DBG_ERR("ndr_push_struct_blob_failed: %s\n", ndr_errstr(ndr_err)); state->status = ndr_map_error2ntstatus(ndr_err); goto done; @@ -159,7 +159,7 @@ static void leases_db_do_locked_fn(struct db_record *rec, void *private_data) state->status = dbwrap_record_store(rec, db_value, 0); if (!NT_STATUS_IS_OK(state->status)) { - DBG_DEBUG("dbwrap_record_store returned %s\n", + DBG_ERR("dbwrap_record_store returned %s\n", nt_errstr(state->status)); } -- 2.17.1 From 957bce31cc81d847e95a09a8d71851d975560b80 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 6 Jul 2020 08:58:22 +0200 Subject: [PATCH 7/7] s3:smbd: check for stale pid in delay_for_oplock_fn() when leases_db_get() fails If leases_db_get() failed the leases_db record might have been cleaned up for stale processes. Check if the share-mode-entry owner is stale in this case and return ignore the entry. In any other case, log a debug messages and panic. Commit 05d4466a6d1ad048fa86aea09ec0a56a7b961369 "smbd: check for stale pid in get_lease_type()" fixed only one half of this. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14428 Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Jul 7 02:47:46 UTC 2020 on sn-devel-184 (backported from commit 58adf349edfd3001ad071cc7ed8cfc551f67f8a2) [metze@samba.org: use share_mode_stale_pid() instead of share_entry_stale_pid()] [metze@samba.org: use file_id_string_tos() instead of file_id_str_buf()] --- source3/smbd/open.c | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 888e6ad3af7d..ac60c75c1397 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -1900,7 +1900,39 @@ static bool delay_for_oplock(files_struct *fsp, NULL, /* breaking_to_required */ NULL, /* lease_version */ NULL); /* epoch */ - SMB_ASSERT(NT_STATUS_IS_OK(status)); + /* + * leases_db_get() can return NT_STATUS_NOT_FOUND + * if the share_mode_entry e is stale and the + * lease record was already removed. In this case return + * false so the traverse continues. + */ + + if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND) && + share_mode_stale_pid(d, i)) + { + struct GUID_txt_buf guid_strbuf; + DBG_DEBUG("leases_db_get for client_guid [%s] " + "lease_key [%"PRIu64"/%"PRIu64"] " + "file_id [%s] failed for stale " + "share_mode_entry\n", + GUID_buf_string(&e->client_guid, &guid_strbuf), + e->lease_key.data[0], + e->lease_key.data[1], + file_id_string_tos(&fsp->file_id)); + continue; + } + if (!NT_STATUS_IS_OK(status)) { + struct GUID_txt_buf guid_strbuf; + DBG_ERR("leases_db_get for client_guid [%s] " + "lease_key [%"PRIu64"/%"PRIu64"] " + "file_id [%s] failed: %s\n", + GUID_buf_string(&e->client_guid, &guid_strbuf), + e->lease_key.data[0], + e->lease_key.data[1], + file_id_string_tos(&fsp->file_id), + nt_errstr(status)); + smb_panic("leases_db_get() failed"); + } } break_to = e_lease_type & ~delay_mask; -- 2.17.1