Attachment 18771 Details for Bug 14148 – Patch from master for v4-22-test

[patch] Patch from master for v4-22-test

patch-v4-22-test (text/plain), 8.72 KB, created by Guenther Deschner on 2025-11-06 12:46:32 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Guenther Deschner

Created: 2025-11-06 12:46:32 UTC

Size: 8.72 KB

patch

obsolete

>From 4c13ee712e459b671a89794b69cba85167e3edb0 Mon Sep 17 00:00:00 2001
>From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
>Date: Sun, 12 Oct 2025 14:25:12 +0200
>Subject: [PATCH 1/2] s4-torture: add test for FILE_NOTIFY_CHANGE_SECURITY
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=14148
>
>Guenther
>
>Signed-off-by: Guenther Deschner <gd@samba.org>
>Reviewed-by: Jeremy Allison <jra@samba.org>
>(cherry picked from commit 29e51f3ed935d0475b1715f82560ee356ab5e401)
>---
> selftest/knownfail            |   1 +
> source4/torture/smb2/notify.c | 192 ++++++++++++++++++++++++++++++++++
> 2 files changed, 193 insertions(+)
>
>diff --git a/selftest/knownfail b/selftest/knownfail
>index ab2d79d7114..36ac6a12510 100644
>--- a/selftest/knownfail
>+++ b/selftest/knownfail
>@@ -191,6 +191,7 @@
> ^samba3.smb2.create.blob
> ^samba3.smb2.create.open
> ^samba3.smb2.notify.rec
>+^samba3.smb2.notify.security
> ^samba3.smb2.durable-open.delete_on_close2
> ^samba3.smb2.durable-v2-open.app-instance
> ^samba3.smb2.durable-open.reopen1a-lease$ad_dc$$
>diff --git a/source4/torture/smb2/notify.c b/source4/torture/smb2/notify.c
>index 06917abec01..4e90ae2a253 100644
>--- a/source4/torture/smb2/notify.c
>+++ b/source4/torture/smb2/notify.c
>@@ -2727,6 +2727,196 @@ done:
> 	return ret;
> }
> 
>+static bool torture_smb2_notify_acl_args(struct torture_context *torture,
>+					 struct smb2_tree *tree,
>+					 bool copy_sd_only,
>+					 uint32_t completion_filter)
>+{
>+	NTSTATUS status;
>+	struct smb2_create io;
>+	const char *name = "sec_notify.txt";
>+	bool ret = true;
>+	struct smb2_handle handle = {{0}};
>+	struct smb2_handle dir_handle = {{0}};
>+	union smb_fileinfo q;
>+	union smb_setfileinfo set;
>+	struct security_descriptor *sd;
>+	struct smb2_notify notify;
>+	struct smb2_request *req;
>+	struct dom_sid *test_sid;
>+	struct security_ace ace;
>+	struct tevent_timer *te = NULL;
>+
>+	/* one secdesc update generates one notify, regardless of:
>+	   * mask (FILE_NOTIFY_CHANGE_SECURITY or FILE_NOTIFY_CHANGE_ALL)
>+	   * actual modification of sd (copied sd or added one ace)
>+	 */
>+
>+	if (!smb2_util_setup_dir(torture, tree, BASEDIR))
>+		return false;
>+
>+	torture_comment(torture, "Testing security notifications with completion_filter: 0x%08x\n", completion_filter);
>+
>+	/*
>+	  get a handle on the directory
>+	*/
>+	ZERO_STRUCT(io);
>+	io.level = RAW_OPEN_SMB2;
>+	io.in.create_flags = 0;
>+	io.in.desired_access = SEC_FILE_ALL;
>+	io.in.create_options = NTCREATEX_OPTIONS_DIRECTORY;
>+	io.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
>+	io.in.share_access = NTCREATEX_SHARE_ACCESS_READ |
>+				NTCREATEX_SHARE_ACCESS_WRITE;
>+	io.in.alloc_size = 0;
>+	io.in.create_disposition = NTCREATEX_DISP_OPEN;
>+	io.in.impersonation_level = SMB2_IMPERSONATION_ANONYMOUS;
>+	io.in.security_flags = 0;
>+	io.in.fname = BASEDIR;
>+
>+	status = smb2_create(tree, torture, &io);
>+	CHECK_STATUS(status, NT_STATUS_OK);
>+	dir_handle = io.out.file.handle;
>+
>+	/*
>+	  get a handle on the file
>+	*/
>+	ZERO_STRUCT(io);
>+	io.level = RAW_OPEN_SMB2;
>+	io.in.create_flags = 0;
>+	io.in.desired_access = SEC_STD_READ_CONTROL | SEC_STD_WRITE_DAC | SEC_STD_WRITE_OWNER;
>+	io.in.create_options = 0;
>+	io.in.file_attributes = FILE_ATTRIBUTE_NORMAL;
>+	io.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE |
>+		NTCREATEX_SHARE_ACCESS_READ |
>+		NTCREATEX_SHARE_ACCESS_WRITE;
>+	io.in.alloc_size = 0;
>+	io.in.create_disposition = NTCREATEX_DISP_OPEN_IF;
>+	io.in.impersonation_level = NTCREATEX_IMPERSONATION_ANONYMOUS;
>+	io.in.security_flags = 0;
>+	io.in.fname = talloc_asprintf(torture, "%s\\%s", BASEDIR, name);
>+
>+	status = smb2_create(tree, torture, &io);
>+	CHECK_STATUS(status, NT_STATUS_OK);
>+	handle = io.out.file.handle;
>+
>+	/* get the original sd */
>+	q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
>+	q.query_secdesc.in.file.handle = handle;
>+	q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
>+	status = smb2_getinfo_file(tree, torture, &q);
>+	CHECK_STATUS(status, NT_STATUS_OK);
>+
>+	sd = q.query_secdesc.out.sd;
>+
>+	/* setup notify_send */
>+
>+	ZERO_STRUCT(notify);
>+	notify.level = RAW_NOTIFY_SMB2;
>+	notify.in.buffer_size = 1024;
>+	notify.in.completion_filter = completion_filter;
>+	notify.in.file.handle = dir_handle;
>+	notify.in.recursive = true;
>+
>+	req = smb2_notify_send(tree, &notify);
>+	torture_assert_not_null_goto(torture, req, ret, done, "smb2_notify_send failed\n");
>+
>+	while (!req->cancel.can_cancel && req->state <= SMB2_REQUEST_RECV) {
>+		if (tevent_loop_once(torture->ev) != 0) {
>+			break;
>+		}
>+	}
>+
>+	/* add new ACE */
>+	if (!copy_sd_only) {
>+		test_sid = dom_sid_parse_talloc(torture, SID_NT_AUTHENTICATED_USERS);
>+		ZERO_STRUCT(ace);
>+		ace.type = SEC_ACE_TYPE_ACCESS_ALLOWED;
>+		ace.flags = 0;
>+		ace.access_mask = SEC_STD_ALL;
>+		ace.trustee = *test_sid;
>+		status = security_descriptor_dacl_add(sd, &ace);
>+		CHECK_STATUS(status, NT_STATUS_OK);
>+	}
>+
>+	set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC;
>+	set.set_secdesc.in.file.handle = handle;
>+	set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
>+	set.set_secdesc.in.sd = sd;
>+	status = smb2_setinfo_file(tree, &set);
>+	CHECK_STATUS(status, NT_STATUS_OK);
>+
>+	if (!smb2_util_handle_empty(handle)) {
>+		smb2_util_close(tree, handle);
>+	}
>+
>+	/* setup smb2_notify_receive */
>+
>+	/* setup timer so we can cancel after 5 seconds */
>+	te = tevent_add_timer(torture->ev,
>+			      tree,
>+			      tevent_timeval_current_ofs(5, 0),
>+			      notify_timeout,
>+			      req);
>+	torture_assert_not_null_goto(torture, te, ret, done, "tevent_add_timer failed\n");
>+
>+	status = smb2_notify_recv(req, torture, &notify);
>+	torture_assert_ntstatus_ok_goto(torture, status, ret, done,
>+			"smb2_notify_recv failed\n");
>+
>+	/* check reply */
>+	CHECK_VAL(notify.out.num_changes, 1);
>+	CHECK_VAL(notify.out.changes[0].action, NOTIFY_ACTION_MODIFIED);
>+	CHECK_WIRE_STR(notify.out.changes[0].name, name);
>+
>+ done:
>+	if (!smb2_util_handle_empty(dir_handle)) {
>+		smb2_util_close(tree, dir_handle);
>+	}
>+	if (!smb2_util_handle_empty(handle)) {
>+		smb2_util_close(tree, handle);
>+	}
>+	smb2_deltree(tree, BASEDIR);
>+	return ret;
>+}
>+
>+static bool torture_smb2_notify_acl(struct torture_context *torture,
>+				    struct smb2_tree *tree)
>+{
>+	struct {
>+		bool copy_sd_only;
>+		uint32_t completion_filter;
>+	} tests[] = {
>+	{
>+		.copy_sd_only  = true,
>+		.completion_filter = FILE_NOTIFY_CHANGE_SECURITY,
>+	},{
>+		.copy_sd_only = false,
>+		.completion_filter = FILE_NOTIFY_CHANGE_SECURITY,
>+	},{
>+		.copy_sd_only  = true,
>+		.completion_filter = FILE_NOTIFY_CHANGE_ALL,
>+	},{
>+		.copy_sd_only = false,
>+		.completion_filter = FILE_NOTIFY_CHANGE_ALL,
>+	}
>+	};
>+	int i;
>+
>+	for (i=0; i < ARRAY_SIZE(tests); i++) {
>+		bool ok;
>+
>+		ok = torture_smb2_notify_acl_args(torture, tree,
>+				tests[i].copy_sd_only,
>+				tests[i].completion_filter);
>+		if (!ok) {
>+			return false;
>+		}
>+	}
>+
>+	return true;
>+}
>+
> /*
>    basic testing of SMB2 change notify
> */
>@@ -2763,6 +2953,8 @@ struct torture_suite *torture_smb2_notify_init(TALLOC_CTX *ctx)
> 	torture_suite_add_1smb2_test(suite,
> 				    "handle-permissions",
> 				    torture_smb2_notify_handle_permissions);
>+	torture_suite_add_1smb2_test(suite, "security",
>+				     torture_smb2_notify_acl);
> 
> 	suite->description = talloc_strdup(suite, "SMB2-NOTIFY tests");
> 
>-- 
>2.51.1
>
>
>From cbb07c60a8a5b3ce274073cb0e97b886b8567051 Mon Sep 17 00:00:00 2001
>From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
>Date: Thu, 2 Oct 2025 16:04:42 +0200
>Subject: [PATCH 2/2] s3-smbd: send notifications for ACL changes
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=14148
>
>Guenther
>
>Signed-off-by: Guenther Deschner <gd@samba.org>
>Reviewed-by: Jeremy Allison <jra@samba.org>
>
>Autobuild-User(master): Jeremy Allison <jra@samba.org>
>Autobuild-Date(master): Thu Nov  6 02:42:06 UTC 2025 on atb-devel-224
>
>(cherry picked from commit 2be7c0c2f927042843fb8a2ea0b9c67d1f969d00)
>---
> selftest/knownfail          | 1 -
> source3/smbd/smb2_nttrans.c | 9 ++++++++-
> 2 files changed, 8 insertions(+), 2 deletions(-)
>
>diff --git a/selftest/knownfail b/selftest/knownfail
>index 36ac6a12510..ab2d79d7114 100644
>--- a/selftest/knownfail
>+++ b/selftest/knownfail
>@@ -191,7 +191,6 @@
> ^samba3.smb2.create.blob
> ^samba3.smb2.create.open
> ^samba3.smb2.notify.rec
>-^samba3.smb2.notify.security
> ^samba3.smb2.durable-open.delete_on_close2
> ^samba3.smb2.durable-v2-open.app-instance
> ^samba3.smb2.durable-open.reopen1a-lease$ad_dc$$
>diff --git a/source3/smbd/smb2_nttrans.c b/source3/smbd/smb2_nttrans.c
>index 19e78ab1394..0b73d01fd90 100644
>--- a/source3/smbd/smb2_nttrans.c
>+++ b/source3/smbd/smb2_nttrans.c
>@@ -167,9 +167,16 @@ NTSTATUS set_sd(files_struct *fsp, struct security_descriptor *psd,
> 
> 	sd_fsp = metadata_fsp(fsp);
> 	status = SMB_VFS_FSET_NT_ACL(sd_fsp, security_info_sent, psd);
>-
> 	TALLOC_FREE(psd);
> 
>+	if (NT_STATUS_IS_OK(status)) {
>+		notify_fname(fsp->conn,
>+			     NOTIFY_ACTION_MODIFIED,
>+			     FILE_NOTIFY_CHANGE_SECURITY,
>+			     fsp->fsp_name,
>+			     NULL);
>+	}
>+
> 	return status;
> }
> 
>-- 
>2.51.1
>

Flags:

gd: review? (jra)
gd: review? (slow)

Actions: View

Attachments on bug 14148: 18770 | 18771