2 * Server-side file management
4 * Copyright (C) 1998 Alexandre Julliard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
22 #include "wine/port.h"
33 #include <sys/types.h>
44 #define WIN32_NO_STATUS
57 struct object obj; /* object header */
58 struct fd *fd; /* file descriptor for this file */
59 unsigned int access; /* file access (FILE_READ_DATA etc.) */
60 mode_t mode; /* file stat.st_mode */
61 uid_t uid; /* file stat.st_uid */
64 static unsigned int generic_file_map_access( unsigned int access );
66 static void file_dump( struct object *obj, int verbose );
67 static struct fd *file_get_fd( struct object *obj );
68 static struct security_descriptor *file_get_sd( struct object *obj );
69 static int file_set_sd( struct object *obj, const struct security_descriptor *sd, unsigned int set_info );
70 static void file_destroy( struct object *obj );
72 static int file_get_poll_events( struct fd *fd );
73 static void file_flush( struct fd *fd, struct event **event );
74 static enum server_fd_type file_get_fd_type( struct fd *fd );
76 static const struct object_ops file_ops =
78 sizeof(struct file), /* size */
80 no_get_type, /* get_type */
81 add_queue, /* add_queue */
82 remove_queue, /* remove_queue */
83 default_fd_signaled, /* signaled */
84 no_satisfied, /* satisfied */
85 no_signal, /* signal */
86 file_get_fd, /* get_fd */
87 default_fd_map_access, /* map_access */
88 file_get_sd, /* get_sd */
89 file_set_sd, /* set_sd */
90 no_lookup_name, /* lookup_name */
91 no_open_file, /* open_file */
92 fd_close_handle, /* close_handle */
93 file_destroy /* destroy */
96 static const struct fd_ops file_fd_ops =
98 file_get_poll_events, /* get_poll_events */
99 default_poll_event, /* poll_event */
100 file_flush, /* flush */
101 file_get_fd_type, /* get_fd_type */
102 default_fd_ioctl, /* ioctl */
103 default_fd_queue_async, /* queue_async */
104 default_fd_reselect_async, /* reselect_async */
105 default_fd_cancel_async /* cancel_async */
108 static inline int is_overlapped( const struct file *file )
110 return !(get_fd_options( file->fd ) & (FILE_SYNCHRONOUS_IO_ALERT | FILE_SYNCHRONOUS_IO_NONALERT));
113 /* create a file from a file descriptor */
114 /* if the function fails the fd is closed */
115 struct file *create_file_for_fd( int fd, unsigned int access, unsigned int sharing )
120 if (fstat( fd, &st ) == -1)
126 if ((file = alloc_object( &file_ops )))
128 file->mode = st.st_mode;
129 file->access = default_fd_map_access( &file->obj, access );
130 if (!(file->fd = create_anonymous_fd( &file_fd_ops, fd, &file->obj,
131 FILE_SYNCHRONOUS_IO_NONALERT )))
133 release_object( file );
136 allow_fd_caching( file->fd );
141 /* create a file by duplicating an fd object */
142 struct file *create_file_for_fd_obj( struct fd *fd, unsigned int access, unsigned int sharing )
147 if (fstat( get_unix_fd(fd), &st ) == -1)
153 if ((file = alloc_object( &file_ops )))
155 file->mode = st.st_mode;
156 file->access = default_fd_map_access( &file->obj, access );
157 if (!(file->fd = dup_fd_object( fd, access, sharing, FILE_SYNCHRONOUS_IO_NONALERT )))
159 release_object( file );
162 set_fd_user( file->fd, &file_fd_ops, &file->obj );
167 static struct object *create_file_obj( struct fd *fd, unsigned int access, mode_t mode )
169 struct file *file = alloc_object( &file_ops );
171 if (!file) return NULL;
172 file->access = access;
174 file->uid = ~(uid_t)0;
177 set_fd_user( fd, &file_fd_ops, &file->obj );
181 static struct object *create_file( struct fd *root, const char *nameptr, data_size_t len,
182 unsigned int access, unsigned int sharing, int create,
183 unsigned int options, unsigned int attrs,
184 const struct security_descriptor *sd )
186 struct object *obj = NULL;
192 if (!len || ((nameptr[0] == '/') ^ !root))
194 set_error( STATUS_OBJECT_PATH_SYNTAX_BAD );
197 if (!(name = mem_alloc( len + 1 ))) return NULL;
198 memcpy( name, nameptr, len );
203 case FILE_CREATE: flags = O_CREAT | O_EXCL; break;
204 case FILE_OVERWRITE_IF: /* FIXME: the difference is whether we trash existing attr or not */
205 access |= FILE_WRITE_ATTRIBUTES;
206 case FILE_SUPERSEDE: flags = O_CREAT | O_TRUNC; break;
207 case FILE_OPEN: flags = 0; break;
208 case FILE_OPEN_IF: flags = O_CREAT; break;
209 case FILE_OVERWRITE: flags = O_TRUNC;
210 access |= FILE_WRITE_ATTRIBUTES; break;
211 default: set_error( STATUS_INVALID_PARAMETER ); goto done;
216 const SID *owner = sd_get_owner( sd );
218 owner = token_get_user( current->process->token );
219 mode = sd_to_mode( sd, owner );
222 mode = (attrs & FILE_ATTRIBUTE_READONLY) ? 0444 : 0666;
225 (!strcasecmp( name + len - 4, ".exe" ) || !strcasecmp( name + len - 4, ".com" )))
235 access = generic_file_map_access( access );
237 /* FIXME: should set error to STATUS_OBJECT_NAME_COLLISION if file existed before */
238 fd = open_fd( root, name, flags | O_NONBLOCK | O_LARGEFILE, &mode, access, sharing, options );
242 obj = create_dir_obj( fd, access, mode );
243 else if (S_ISCHR(mode) && is_serial_fd( fd ))
244 obj = create_serial( fd );
246 obj = create_file_obj( fd, access, mode );
248 release_object( fd );
255 /* check if two file objects point to the same file */
256 int is_same_file( struct file *file1, struct file *file2 )
258 return is_same_file_fd( file1->fd, file2->fd );
261 static void file_dump( struct object *obj, int verbose )
263 struct file *file = (struct file *)obj;
264 assert( obj->ops == &file_ops );
265 fprintf( stderr, "File fd=%p\n", file->fd );
268 static int file_get_poll_events( struct fd *fd )
270 struct file *file = get_fd_user( fd );
272 assert( file->obj.ops == &file_ops );
273 if (file->access & FILE_UNIX_READ_ACCESS) events |= POLLIN;
274 if (file->access & FILE_UNIX_WRITE_ACCESS) events |= POLLOUT;
278 static void file_flush( struct fd *fd, struct event **event )
280 int unix_fd = get_unix_fd( fd );
281 if (unix_fd != -1 && fsync( unix_fd ) == -1) file_set_error();
284 static enum server_fd_type file_get_fd_type( struct fd *fd )
286 struct file *file = get_fd_user( fd );
288 if (S_ISREG(file->mode) || S_ISBLK(file->mode)) return FD_TYPE_FILE;
289 if (S_ISDIR(file->mode)) return FD_TYPE_DIR;
293 static struct fd *file_get_fd( struct object *obj )
295 struct file *file = (struct file *)obj;
296 assert( obj->ops == &file_ops );
297 return (struct fd *)grab_object( file->fd );
300 static unsigned int generic_file_map_access( unsigned int access )
302 if (access & GENERIC_READ) access |= FILE_GENERIC_READ;
303 if (access & GENERIC_WRITE) access |= FILE_GENERIC_WRITE;
304 if (access & GENERIC_EXECUTE) access |= FILE_GENERIC_EXECUTE;
305 if (access & GENERIC_ALL) access |= FILE_ALL_ACCESS;
306 return access & ~(GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | GENERIC_ALL);
309 struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID *group )
311 struct security_descriptor *sd;
313 ACE_HEADER *current_ace;
314 ACCESS_ALLOWED_ACE *aaa;
318 const SID *world_sid = security_world_sid;
319 const SID *local_system_sid = security_local_system_sid;
321 dacl_size = sizeof(ACL) + FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) +
322 FIELD_OFFSET(SID, SubAuthority[local_system_sid->SubAuthorityCount]);
324 dacl_size += FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) +
325 FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]);
326 if ((!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH))) ||
327 (!(mode & S_IWUSR) && (mode & (S_IWGRP|S_IWOTH))) ||
328 (!(mode & S_IXUSR) && (mode & (S_IXGRP|S_IXOTH))))
329 dacl_size += FIELD_OFFSET(ACCESS_DENIED_ACE, SidStart) +
330 FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]);
332 dacl_size += FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) +
333 FIELD_OFFSET(SID, SubAuthority[world_sid->SubAuthorityCount]);
335 sd = mem_alloc( sizeof(struct security_descriptor) +
336 FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]) +
337 FIELD_OFFSET(SID, SubAuthority[group->SubAuthorityCount]) +
341 sd->control = SE_DACL_PRESENT;
342 sd->owner_len = FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]);
343 sd->group_len = FIELD_OFFSET(SID, SubAuthority[group->SubAuthorityCount]);
345 sd->dacl_len = dacl_size;
347 ptr = (char *)(sd + 1);
348 memcpy( ptr, user, sd->owner_len );
349 ptr += sd->owner_len;
350 memcpy( ptr, group, sd->group_len );
351 ptr += sd->group_len;
354 dacl->AclRevision = ACL_REVISION;
356 dacl->AclSize = dacl_size;
357 dacl->AceCount = 1 + (mode & S_IRWXU ? 1 : 0) + (mode & S_IRWXO ? 1 : 0);
358 if ((!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH))) ||
359 (!(mode & S_IWUSR) && (mode & (S_IWGRP|S_IWOTH))) ||
360 (!(mode & S_IXUSR) && (mode & (S_IXGRP|S_IXOTH))))
364 /* always give FILE_ALL_ACCESS for Local System */
365 aaa = (ACCESS_ALLOWED_ACE *)(dacl + 1);
366 current_ace = &aaa->Header;
367 aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
368 aaa->Header.AceFlags = 0;
369 aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) +
370 FIELD_OFFSET(SID, SubAuthority[local_system_sid->SubAuthorityCount]);
371 aaa->Mask = FILE_ALL_ACCESS;
372 sid = (SID *)&aaa->SidStart;
373 memcpy( sid, local_system_sid, FIELD_OFFSET(SID, SubAuthority[local_system_sid->SubAuthorityCount]) );
377 /* appropriate access rights for the user */
378 aaa = (ACCESS_ALLOWED_ACE *)ace_next( current_ace );
379 current_ace = &aaa->Header;
380 aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
381 aaa->Header.AceFlags = 0;
382 aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) +
383 FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]);
384 aaa->Mask = WRITE_DAC | WRITE_OWNER;
386 aaa->Mask |= FILE_GENERIC_READ | FILE_GENERIC_EXECUTE;
388 aaa->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
389 sid = (SID *)&aaa->SidStart;
390 memcpy( sid, user, FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]) );
392 if ((!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH))) ||
393 (!(mode & S_IWUSR) && (mode & (S_IWGRP|S_IWOTH))) ||
394 (!(mode & S_IXUSR) && (mode & (S_IXGRP|S_IXOTH))))
396 /* deny just in case the user is a member of the group */
397 ACCESS_DENIED_ACE *ada = (ACCESS_DENIED_ACE *)ace_next( current_ace );
398 current_ace = &ada->Header;
399 ada->Header.AceType = ACCESS_DENIED_ACE_TYPE;
400 ada->Header.AceFlags = 0;
401 ada->Header.AceSize = FIELD_OFFSET(ACCESS_DENIED_ACE, SidStart) +
402 FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]);
404 if (!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH)))
405 ada->Mask |= FILE_GENERIC_READ | FILE_GENERIC_EXECUTE;
406 if (!(mode & S_IWUSR) && (mode & (S_IWGRP|S_IROTH)))
407 ada->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
408 ada->Mask &= ~STANDARD_RIGHTS_ALL; /* never deny standard rights */
409 sid = (SID *)&ada->SidStart;
410 memcpy( sid, user, FIELD_OFFSET(SID, SubAuthority[user->SubAuthorityCount]) );
414 /* appropriate access rights for Everyone */
415 aaa = (ACCESS_ALLOWED_ACE *)ace_next( current_ace );
416 current_ace = &aaa->Header;
417 aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
418 aaa->Header.AceFlags = 0;
419 aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) +
420 FIELD_OFFSET(SID, SubAuthority[world_sid->SubAuthorityCount]);
423 aaa->Mask |= FILE_GENERIC_READ | FILE_GENERIC_EXECUTE;
425 aaa->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
426 sid = (SID *)&aaa->SidStart;
427 memcpy( sid, world_sid, FIELD_OFFSET(SID, SubAuthority[world_sid->SubAuthorityCount]) );
433 static struct security_descriptor *file_get_sd( struct object *obj )
435 struct file *file = (struct file *)obj;
438 struct security_descriptor *sd;
440 assert( obj->ops == &file_ops );
442 unix_fd = get_file_unix_fd( file );
444 if (unix_fd == -1 || fstat( unix_fd, &st ) == -1)
447 /* mode and uid the same? if so, no need to re-generate security descriptor */
448 if (obj->sd && (st.st_mode & (S_IRWXU|S_IRWXO)) == (file->mode & (S_IRWXU|S_IRWXO)) &&
449 (st.st_uid == file->uid))
452 sd = mode_to_sd( st.st_mode,
453 security_unix_uid_to_sid( st.st_uid ),
454 token_get_primary_group( current->process->token ));
455 if (!sd) return obj->sd;
457 file->mode = st.st_mode;
458 file->uid = st.st_uid;
464 static mode_t file_access_to_mode( unsigned int access )
468 access = generic_file_map_access( access );
469 if (access & FILE_READ_DATA) mode |= 4;
470 if (access & FILE_WRITE_DATA) mode |= 2;
471 if (access & FILE_EXECUTE) mode |= 1;
475 mode_t sd_to_mode( const struct security_descriptor *sd, const SID *owner )
478 mode_t denied_mode = 0;
481 const ACL *dacl = sd_get_dacl( sd, &present );
482 const SID *user = token_get_user( current->process->token );
485 const ACE_HEADER *ace = (const ACE_HEADER *)(dacl + 1);
487 for (i = 0; i < dacl->AceCount; i++, ace = ace_next( ace ))
489 const ACCESS_ALLOWED_ACE *aa_ace;
490 const ACCESS_DENIED_ACE *ad_ace;
493 if (ace->AceFlags & INHERIT_ONLY_ACE) continue;
495 switch (ace->AceType)
497 case ACCESS_DENIED_ACE_TYPE:
498 ad_ace = (const ACCESS_DENIED_ACE *)ace;
499 sid = (const SID *)&ad_ace->SidStart;
500 mode = file_access_to_mode( ad_ace->Mask );
501 if (security_equal_sid( sid, security_world_sid ))
503 denied_mode |= (mode << 6) | (mode << 3) | mode; /* all */
505 else if ((security_equal_sid( user, owner ) &&
506 token_sid_present( current->process->token, sid, TRUE )))
508 denied_mode |= (mode << 6) | (mode << 3); /* user + group */
510 else if (security_equal_sid( sid, owner ))
512 denied_mode |= (mode << 6); /* user only */
515 case ACCESS_ALLOWED_ACE_TYPE:
516 aa_ace = (const ACCESS_ALLOWED_ACE *)ace;
517 sid = (const SID *)&aa_ace->SidStart;
518 mode = file_access_to_mode( aa_ace->Mask );
519 if (security_equal_sid( sid, security_world_sid ))
521 new_mode |= (mode << 6) | (mode << 3) | mode; /* all */
523 else if ((security_equal_sid( user, owner ) &&
524 token_sid_present( current->process->token, sid, FALSE )))
526 new_mode |= (mode << 6) | (mode << 3); /* user + group */
528 else if (security_equal_sid( sid, owner ))
530 new_mode |= (mode << 6); /* user only */
537 /* no ACL means full access rights to anyone */
538 new_mode = S_IRWXU | S_IRWXG | S_IRWXO;
540 return new_mode & ~denied_mode;
543 static int file_set_sd( struct object *obj, const struct security_descriptor *sd,
544 unsigned int set_info )
546 struct file *file = (struct file *)obj;
552 assert( obj->ops == &file_ops );
554 unix_fd = get_file_unix_fd( file );
556 if (unix_fd == -1 || fstat( unix_fd, &st ) == -1) return 1;
558 if (set_info & OWNER_SECURITY_INFORMATION)
560 owner = sd_get_owner( sd );
563 set_error( STATUS_INVALID_SECURITY_DESCR );
566 if (!obj->sd || !security_equal_sid( owner, sd_get_owner( obj->sd ) ))
568 /* FIXME: get Unix uid and call fchown */
572 owner = sd_get_owner( obj->sd );
574 owner = token_get_user( current->process->token );
576 /* group and sacl not supported */
578 if (set_info & DACL_SECURITY_INFORMATION)
580 /* keep the bits that we don't map to access rights in the ACL */
581 mode = st.st_mode & (S_ISUID|S_ISGID|S_ISVTX);
582 mode |= sd_to_mode( sd, owner );
584 if (((st.st_mode ^ mode) & (S_IRWXU|S_IRWXG|S_IRWXO)) && fchmod( unix_fd, mode ) == -1)
593 static void file_destroy( struct object *obj )
595 struct file *file = (struct file *)obj;
596 assert( obj->ops == &file_ops );
598 if (file->fd) release_object( file->fd );
601 /* set the last error depending on errno */
602 void file_set_error(void)
607 case EAGAIN: set_error( STATUS_SHARING_VIOLATION ); break;
608 case EBADF: set_error( STATUS_INVALID_HANDLE ); break;
609 case ENOSPC: set_error( STATUS_DISK_FULL ); break;
613 case EPERM: set_error( STATUS_ACCESS_DENIED ); break;
614 case EBUSY: set_error( STATUS_FILE_LOCK_CONFLICT ); break;
615 case ENOENT: set_error( STATUS_NO_SUCH_FILE ); break;
616 case EISDIR: set_error( STATUS_FILE_IS_A_DIRECTORY ); break;
618 case EMFILE: set_error( STATUS_TOO_MANY_OPENED_FILES ); break;
619 case EEXIST: set_error( STATUS_OBJECT_NAME_COLLISION ); break;
620 case EINVAL: set_error( STATUS_INVALID_PARAMETER ); break;
621 case ESPIPE: set_error( STATUS_ILLEGAL_FUNCTION ); break;
622 case ENOTEMPTY: set_error( STATUS_DIRECTORY_NOT_EMPTY ); break;
623 case EIO: set_error( STATUS_ACCESS_VIOLATION ); break;
624 case ENOTDIR: set_error( STATUS_NOT_A_DIRECTORY ); break;
625 case EFBIG: set_error( STATUS_SECTION_TOO_BIG ); break;
626 case ENODEV: set_error( STATUS_NO_SUCH_DEVICE ); break;
627 case ENXIO: set_error( STATUS_NO_SUCH_DEVICE ); break;
629 case EOVERFLOW: set_error( STATUS_INVALID_PARAMETER ); break;
632 perror("wineserver: file_set_error() can't map error");
633 set_error( STATUS_UNSUCCESSFUL );
638 struct file *get_file_obj( struct process *process, obj_handle_t handle, unsigned int access )
640 return (struct file *)get_handle_obj( process, handle, access, &file_ops );
643 int get_file_unix_fd( struct file *file )
645 return get_unix_fd( file->fd );
649 DECL_HANDLER(create_file)
652 struct fd *root_fd = NULL;
653 const struct object_attributes *objattr = get_req_data();
654 const struct security_descriptor *sd;
656 data_size_t name_len;
660 if (!objattr_is_valid( objattr, get_req_data_size() ))
662 /* name is transferred in the unix codepage outside of the objattr structure */
663 if (objattr->name_len)
665 set_error( STATUS_INVALID_PARAMETER );
669 if (objattr->rootdir)
673 if (!(root = get_dir_obj( current->process, objattr->rootdir, 0 ))) return;
674 root_fd = get_obj_fd( (struct object *)root );
675 release_object( root );
676 if (!root_fd) return;
679 sd = objattr->sd_len ? (const struct security_descriptor *)(objattr + 1) : NULL;
681 name = (const char *)get_req_data() + sizeof(*objattr) + objattr->sd_len;
682 name_len = get_req_data_size() - sizeof(*objattr) - objattr->sd_len;
685 if ((file = create_file( root_fd, name, name_len, req->access, req->sharing,
686 req->create, req->options, req->attrs, sd )))
688 reply->handle = alloc_handle( current->process, file, req->access, req->attributes );
689 release_object( file );
691 if (root_fd) release_object( root_fd );
694 /* allocate a file handle for a Unix fd */
695 DECL_HANDLER(alloc_file_handle)
701 if ((fd = thread_get_inflight_fd( current, req->fd )) == -1)
703 set_error( STATUS_INVALID_HANDLE );
706 if ((file = create_file_for_fd( fd, req->access, FILE_SHARE_READ | FILE_SHARE_WRITE )))
708 reply->handle = alloc_handle( current->process, file, req->access, req->attributes );
709 release_object( file );
713 /* lock a region of a file */
714 DECL_HANDLER(lock_file)
718 if ((file = get_file_obj( current->process, req->handle, 0 )))
720 reply->handle = lock_fd( file->fd, req->offset, req->count, req->shared, req->wait );
721 reply->overlapped = is_overlapped( file );
722 release_object( file );
726 /* unlock a region of a file */
727 DECL_HANDLER(unlock_file)
731 if ((file = get_file_obj( current->process, req->handle, 0 )))
733 unlock_fd( file->fd, req->offset, req->count );
734 release_object( file );