file.c 24.8 KB
Newer Older
1 2 3 4
/*
 * Server-side file management
 *
 * Copyright (C) 1998 Alexandre Julliard
5 6 7 8 9 10 11 12 13 14 15 16 17
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
18
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
19 20
 */

21
#include "config.h"
22
#include "wine/port.h"
23

24 25
#include <assert.h>
#include <fcntl.h>
26
#include <stdarg.h>
27
#include <stdio.h>
28
#include <string.h>
29
#include <stdlib.h>
30
#include <errno.h>
31 32 33 34 35
#include <sys/stat.h>
#include <sys/time.h>
#include <sys/types.h>
#include <time.h>
#include <unistd.h>
Steven Edwards's avatar
Steven Edwards committed
36
#ifdef HAVE_UTIME_H
37
#include <utime.h>
Steven Edwards's avatar
Steven Edwards committed
38
#endif
39 40 41
#ifdef HAVE_POLL_H
#include <poll.h>
#endif
42

43 44
#include "ntstatus.h"
#define WIN32_NO_STATUS
45
#include "windef.h"
46
#include "winternl.h"
47

48
#include "file.h"
49 50
#include "handle.h"
#include "thread.h"
51
#include "request.h"
52 53
#include "process.h"
#include "security.h"
54 55 56

struct file
{
57
    struct object       obj;        /* object header */
58
    struct fd          *fd;         /* file descriptor for this file */
59
    unsigned int        access;     /* file access (FILE_READ_DATA etc.) */
60
    mode_t              mode;       /* file stat.st_mode */
61
    uid_t               uid;        /* file stat.st_uid */
62 63
};

64 65
static unsigned int generic_file_map_access( unsigned int access );

66
static void file_dump( struct object *obj, int verbose );
67
static struct object_type *file_get_type( struct object *obj );
68
static struct fd *file_get_fd( struct object *obj );
69 70
static struct security_descriptor *file_get_sd( struct object *obj );
static int file_set_sd( struct object *obj, const struct security_descriptor *sd, unsigned int set_info );
71
static void file_destroy( struct object *obj );
72 73

static int file_get_poll_events( struct fd *fd );
74
static obj_handle_t file_flush( struct fd *fd, const async_data_t *async, int blocking );
75
static enum server_fd_type file_get_fd_type( struct fd *fd );
76 77 78

static const struct object_ops file_ops =
{
79 80
    sizeof(struct file),          /* size */
    file_dump,                    /* dump */
81
    file_get_type,                /* get_type */
82 83
    add_queue,                    /* add_queue */
    remove_queue,                 /* remove_queue */
84
    default_fd_signaled,          /* signaled */
85
    no_satisfied,                 /* satisfied */
86
    no_signal,                    /* signal */
87
    file_get_fd,                  /* get_fd */
88
    default_fd_map_access,        /* map_access */
89 90
    file_get_sd,                  /* get_sd */
    file_set_sd,                  /* set_sd */
91
    no_lookup_name,               /* lookup_name */
92
    no_open_file,                 /* open_file */
93
    fd_close_handle,              /* close_handle */
94 95 96 97 98
    file_destroy                  /* destroy */
};

static const struct fd_ops file_fd_ops =
{
99
    file_get_poll_events,         /* get_poll_events */
100
    default_poll_event,           /* poll_event */
101
    file_get_fd_type,             /* get_fd_type */
102 103 104
    no_fd_read,                   /* read */
    no_fd_write,                  /* write */
    file_flush,                   /* flush */
105
    default_fd_ioctl,             /* ioctl */
106
    default_fd_queue_async,       /* queue_async */
107
    default_fd_reselect_async,    /* reselect_async */
108
    default_fd_cancel_async       /* cancel_async */
109 110
};

111 112
static inline int is_overlapped( const struct file *file )
{
113
    return !(get_fd_options( file->fd ) & (FILE_SYNCHRONOUS_IO_ALERT | FILE_SYNCHRONOUS_IO_NONALERT));
114 115
}

116 117
/* create a file from a file descriptor */
/* if the function fails the fd is closed */
118
struct file *create_file_for_fd( int fd, unsigned int access, unsigned int sharing )
119 120
{
    struct file *file;
121 122 123 124 125
    struct stat st;

    if (fstat( fd, &st ) == -1)
    {
        file_set_error();
126
        close( fd );
127 128
        return NULL;
    }
129

130
    if (!(file = alloc_object( &file_ops )))
131
    {
132 133 134 135 136 137 138 139 140 141 142
        close( fd );
        return NULL;
    }

    file->mode = st.st_mode;
    file->access = default_fd_map_access( &file->obj, access );
    if (!(file->fd = create_anonymous_fd( &file_fd_ops, fd, &file->obj,
                                          FILE_SYNCHRONOUS_IO_NONALERT )))
    {
        release_object( file );
        return NULL;
143
    }
144
    allow_fd_caching( file->fd );
145 146
    return file;
}
147

148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168
/* create a file by duplicating an fd object */
struct file *create_file_for_fd_obj( struct fd *fd, unsigned int access, unsigned int sharing )
{
    struct file *file;
    struct stat st;

    if (fstat( get_unix_fd(fd), &st ) == -1)
    {
        file_set_error();
        return NULL;
    }

    if ((file = alloc_object( &file_ops )))
    {
        file->mode = st.st_mode;
        file->access = default_fd_map_access( &file->obj, access );
        if (!(file->fd = dup_fd_object( fd, access, sharing, FILE_SYNCHRONOUS_IO_NONALERT )))
        {
            release_object( file );
            return NULL;
        }
169
        set_fd_user( file->fd, &file_fd_ops, &file->obj );
170 171 172 173
    }
    return file;
}

174
static struct object *create_file_obj( struct fd *fd, unsigned int access, mode_t mode )
175 176 177 178 179
{
    struct file *file = alloc_object( &file_ops );

    if (!file) return NULL;
    file->access  = access;
180
    file->mode    = mode;
181
    file->uid     = ~(uid_t)0;
182 183 184 185 186
    file->fd      = fd;
    grab_object( fd );
    set_fd_user( fd, &file_fd_ops, &file->obj );
    return &file->obj;
}
187

188 189 190 191
static struct object *create_file( struct fd *root, const char *nameptr, data_size_t len,
                                   unsigned int access, unsigned int sharing, int create,
                                   unsigned int options, unsigned int attrs,
                                   const struct security_descriptor *sd )
192
{
193 194
    struct object *obj = NULL;
    struct fd *fd;
195
    int flags;
196
    char *name;
197
    mode_t mode;
198

199 200 201 202 203
    if (!len || ((nameptr[0] == '/') ^ !root))
    {
        set_error( STATUS_OBJECT_PATH_SYNTAX_BAD );
        return NULL;
    }
204 205 206
    if (!(name = mem_alloc( len + 1 ))) return NULL;
    memcpy( name, nameptr, len );
    name[len] = 0;
207

208
    switch(create)
209
    {
210 211
    case FILE_CREATE:       flags = O_CREAT | O_EXCL; break;
    case FILE_OVERWRITE_IF: /* FIXME: the difference is whether we trash existing attr or not */
212
                            access |= FILE_WRITE_ATTRIBUTES;
213 214 215
    case FILE_SUPERSEDE:    flags = O_CREAT | O_TRUNC; break;
    case FILE_OPEN:         flags = 0; break;
    case FILE_OPEN_IF:      flags = O_CREAT; break;
216 217
    case FILE_OVERWRITE:    flags = O_TRUNC;
                            access |= FILE_WRITE_ATTRIBUTES; break;
218
    default:                set_error( STATUS_INVALID_PARAMETER ); goto done;
219
    }
220

221 222 223 224 225 226 227
    if (sd)
    {
        const SID *owner = sd_get_owner( sd );
        if (!owner)
            owner = token_get_user( current->process->token );
        mode = sd_to_mode( sd, owner );
    }
228 229
    else if (options & FILE_DIRECTORY_FILE)
        mode = (attrs & FILE_ATTRIBUTE_READONLY) ? 0555 : 0777;
230 231
    else
        mode = (attrs & FILE_ATTRIBUTE_READONLY) ? 0444 : 0666;
232 233 234

    if (len >= 4 &&
        (!strcasecmp( name + len - 4, ".exe" ) || !strcasecmp( name + len - 4, ".com" )))
235 236 237 238 239 240 241 242
    {
        if (mode & S_IRUSR)
            mode |= S_IXUSR;
        if (mode & S_IRGRP)
            mode |= S_IXGRP;
        if (mode & S_IROTH)
            mode |= S_IXOTH;
    }
243

244
    access = generic_file_map_access( access );
245

246
    /* FIXME: should set error to STATUS_OBJECT_NAME_COLLISION if file existed before */
247
    fd = open_fd( root, name, flags | O_NONBLOCK | O_LARGEFILE, &mode, access, sharing, options );
248
    if (!fd) goto done;
249

250
    if (S_ISDIR(mode))
251
        obj = create_dir_obj( fd, access, mode );
252
    else if (S_ISCHR(mode) && is_serial_fd( fd ))
253
        obj = create_serial( fd );
254
    else
255
        obj = create_file_obj( fd, access, mode );
256

257
    release_object( fd );
258

259
done:
260
    free( name );
261
    return obj;
262 263
}

264 265 266
/* check if two file objects point to the same file */
int is_same_file( struct file *file1, struct file *file2 )
{
267
    return is_same_file_fd( file1->fd, file2->fd );
268 269
}

270 271 272 273
static void file_dump( struct object *obj, int verbose )
{
    struct file *file = (struct file *)obj;
    assert( obj->ops == &file_ops );
274
    fprintf( stderr, "File fd=%p\n", file->fd );
275 276
}

277 278 279 280 281 282 283
static struct object_type *file_get_type( struct object *obj )
{
    static const WCHAR name[] = {'F','i','l','e'};
    static const struct unicode_str str = { name, sizeof(name) };
    return get_object_type( &str );
}

284
static int file_get_poll_events( struct fd *fd )
285
{
286
    struct file *file = get_fd_user( fd );
287
    int events = 0;
288
    assert( file->obj.ops == &file_ops );
289 290
    if (file->access & FILE_UNIX_READ_ACCESS) events |= POLLIN;
    if (file->access & FILE_UNIX_WRITE_ACCESS) events |= POLLOUT;
291
    return events;
292 293
}

294
static obj_handle_t file_flush( struct fd *fd, const async_data_t *async, int blocking )
295
{
296 297
    int unix_fd = get_unix_fd( fd );
    if (unix_fd != -1 && fsync( unix_fd ) == -1) file_set_error();
298
    return 0;
299 300
}

301
static enum server_fd_type file_get_fd_type( struct fd *fd )
302
{
303 304 305 306 307
    struct file *file = get_fd_user( fd );

    if (S_ISREG(file->mode) || S_ISBLK(file->mode)) return FD_TYPE_FILE;
    if (S_ISDIR(file->mode)) return FD_TYPE_DIR;
    return FD_TYPE_CHAR;
308 309
}

310 311 312 313 314
static struct fd *file_get_fd( struct object *obj )
{
    struct file *file = (struct file *)obj;
    assert( obj->ops == &file_ops );
    return (struct fd *)grab_object( file->fd );
315 316
}

317
static unsigned int generic_file_map_access( unsigned int access )
318 319 320 321 322 323 324 325
{
    if (access & GENERIC_READ)    access |= FILE_GENERIC_READ;
    if (access & GENERIC_WRITE)   access |= FILE_GENERIC_WRITE;
    if (access & GENERIC_EXECUTE) access |= FILE_GENERIC_EXECUTE;
    if (access & GENERIC_ALL)     access |= FILE_ALL_ACCESS;
    return access & ~(GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | GENERIC_ALL);
}

326
struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID *group )
327 328 329
{
    struct security_descriptor *sd;
    size_t dacl_size;
330
    ACE_HEADER *current_ace;
331 332 333 334 335 336 337 338
    ACCESS_ALLOWED_ACE *aaa;
    ACL *dacl;
    SID *sid;
    char *ptr;
    const SID *world_sid = security_world_sid;
    const SID *local_system_sid = security_local_system_sid;

    dacl_size = sizeof(ACL) + FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) +
339
        security_sid_len( local_system_sid );
340
    if (mode & S_IRWXU)
341
        dacl_size += FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( user );
342 343 344
    if ((!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH))) ||
        (!(mode & S_IWUSR) && (mode & (S_IWGRP|S_IWOTH))) ||
        (!(mode & S_IXUSR) && (mode & (S_IXGRP|S_IXOTH))))
345
        dacl_size += FIELD_OFFSET(ACCESS_DENIED_ACE, SidStart) + security_sid_len( user );
346
    if (mode & S_IRWXO)
347
        dacl_size += FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( world_sid );
348 349

    sd = mem_alloc( sizeof(struct security_descriptor) +
350
                    security_sid_len( user ) + security_sid_len( group ) +
351
                    dacl_size );
352
    if (!sd) return sd;
353 354

    sd->control = SE_DACL_PRESENT;
355 356
    sd->owner_len = security_sid_len( user );
    sd->group_len = security_sid_len( group );
357 358 359 360 361 362 363 364 365 366 367 368 369
    sd->sacl_len = 0;
    sd->dacl_len = dacl_size;

    ptr = (char *)(sd + 1);
    memcpy( ptr, user, sd->owner_len );
    ptr += sd->owner_len;
    memcpy( ptr, group, sd->group_len );
    ptr += sd->group_len;

    dacl = (ACL *)ptr;
    dacl->AclRevision = ACL_REVISION;
    dacl->Sbz1 = 0;
    dacl->AclSize = dacl_size;
370 371 372 373
    dacl->AceCount = 1 + (mode & S_IRWXU ? 1 : 0) + (mode & S_IRWXO ? 1 : 0);
    if ((!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH))) ||
        (!(mode & S_IWUSR) && (mode & (S_IWGRP|S_IWOTH))) ||
        (!(mode & S_IXUSR) && (mode & (S_IXGRP|S_IXOTH))))
374
        dacl->AceCount++;
375 376 377 378
    dacl->Sbz2 = 0;

    /* always give FILE_ALL_ACCESS for Local System */
    aaa = (ACCESS_ALLOWED_ACE *)(dacl + 1);
379
    current_ace = &aaa->Header;
380
    aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
381
    aaa->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0;
382
    aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( local_system_sid );
383 384
    aaa->Mask = FILE_ALL_ACCESS;
    sid = (SID *)&aaa->SidStart;
385
    memcpy( sid, local_system_sid, security_sid_len( local_system_sid ));
386

387
    if (mode & S_IRWXU)
388 389
    {
        /* appropriate access rights for the user */
390 391
        aaa = (ACCESS_ALLOWED_ACE *)ace_next( current_ace );
        current_ace = &aaa->Header;
392
        aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
393
        aaa->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0;
394
        aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( user );
395
        aaa->Mask = WRITE_DAC | WRITE_OWNER;
396
        if (mode & S_IRUSR)
397
            aaa->Mask |= FILE_GENERIC_READ | FILE_GENERIC_EXECUTE;
398
        if (mode & S_IWUSR)
399
            aaa->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
400
        sid = (SID *)&aaa->SidStart;
401
        memcpy( sid, user, security_sid_len( user ));
402
    }
403 404 405
    if ((!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH))) ||
        (!(mode & S_IWUSR) && (mode & (S_IWGRP|S_IWOTH))) ||
        (!(mode & S_IXUSR) && (mode & (S_IXGRP|S_IXOTH))))
406 407 408 409 410
    {
        /* deny just in case the user is a member of the group */
        ACCESS_DENIED_ACE *ada = (ACCESS_DENIED_ACE *)ace_next( current_ace );
        current_ace = &ada->Header;
        ada->Header.AceType = ACCESS_DENIED_ACE_TYPE;
411
        ada->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0;
412
        ada->Header.AceSize = FIELD_OFFSET(ACCESS_DENIED_ACE, SidStart) + security_sid_len( user );
413
        ada->Mask = 0;
414
        if (!(mode & S_IRUSR) && (mode & (S_IRGRP|S_IROTH)))
415
            ada->Mask |= FILE_GENERIC_READ | FILE_GENERIC_EXECUTE;
416
        if (!(mode & S_IWUSR) && (mode & (S_IWGRP|S_IROTH)))
417
            ada->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
418 419
        ada->Mask &= ~STANDARD_RIGHTS_ALL; /* never deny standard rights */
        sid = (SID *)&ada->SidStart;
420
        memcpy( sid, user, security_sid_len( user ));
421
    }
422
    if (mode & S_IRWXO)
423 424
    {
        /* appropriate access rights for Everyone */
425 426
        aaa = (ACCESS_ALLOWED_ACE *)ace_next( current_ace );
        current_ace = &aaa->Header;
427
        aaa->Header.AceType = ACCESS_ALLOWED_ACE_TYPE;
428
        aaa->Header.AceFlags = (mode & S_IFDIR) ? OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE : 0;
429
        aaa->Header.AceSize = FIELD_OFFSET(ACCESS_ALLOWED_ACE, SidStart) + security_sid_len( world_sid );
430
        aaa->Mask = 0;
431
        if (mode & S_IROTH)
432
            aaa->Mask |= FILE_GENERIC_READ | FILE_GENERIC_EXECUTE;
433
        if (mode & S_IWOTH)
434
            aaa->Mask |= FILE_GENERIC_WRITE | DELETE | FILE_DELETE_CHILD;
435
        sid = (SID *)&aaa->SidStart;
436
        memcpy( sid, world_sid, security_sid_len( world_sid ));
437 438
    }

439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465
    return sd;
}

static struct security_descriptor *file_get_sd( struct object *obj )
{
    struct file *file = (struct file *)obj;
    struct stat st;
    int unix_fd;
    struct security_descriptor *sd;

    assert( obj->ops == &file_ops );

    unix_fd = get_file_unix_fd( file );

    if (unix_fd == -1 || fstat( unix_fd, &st ) == -1)
        return obj->sd;

    /* mode and uid the same? if so, no need to re-generate security descriptor */
    if (obj->sd && (st.st_mode & (S_IRWXU|S_IRWXO)) == (file->mode & (S_IRWXU|S_IRWXO)) &&
        (st.st_uid == file->uid))
        return obj->sd;

    sd = mode_to_sd( st.st_mode,
                     security_unix_uid_to_sid( st.st_uid ),
                     token_get_primary_group( current->process->token ));
    if (!sd) return obj->sd;

466 467 468 469 470 471 472
    file->mode = st.st_mode;
    file->uid = st.st_uid;
    free( obj->sd );
    obj->sd = sd;
    return sd;
}

473 474 475 476 477 478
static mode_t file_access_to_mode( unsigned int access )
{
    mode_t mode = 0;

    access = generic_file_map_access( access );
    if (access & FILE_READ_DATA)  mode |= 4;
479
    if (access & (FILE_WRITE_DATA|FILE_APPEND_DATA)) mode |= 2;
480 481 482 483
    if (access & FILE_EXECUTE)    mode |= 1;
    return mode;
}

484
mode_t sd_to_mode( const struct security_descriptor *sd, const SID *owner )
485
{
486
    mode_t new_mode = 0;
487
    mode_t bits_to_set = ~0;
488
    mode_t mode;
489 490
    int present;
    const ACL *dacl = sd_get_dacl( sd, &present );
491
    const SID *user = token_get_user( current->process->token );
492
    if (present && dacl)
493
    {
494 495
        const ACE_HEADER *ace = (const ACE_HEADER *)(dacl + 1);
        ULONG i;
496
        for (i = 0; i < dacl->AceCount; i++, ace = ace_next( ace ))
497
        {
498 499 500
            const ACCESS_ALLOWED_ACE *aa_ace;
            const ACCESS_DENIED_ACE *ad_ace;
            const SID *sid;
501

502
            if (ace->AceFlags & INHERIT_ONLY_ACE) continue;
503

504
            switch (ace->AceType)
505 506 507 508
            {
                case ACCESS_DENIED_ACE_TYPE:
                    ad_ace = (const ACCESS_DENIED_ACE *)ace;
                    sid = (const SID *)&ad_ace->SidStart;
509
                    mode = file_access_to_mode( ad_ace->Mask );
510 511
                    if (security_equal_sid( sid, security_world_sid ))
                    {
512
                        bits_to_set &= ~((mode << 6) | (mode << 3) | mode); /* all */
513
                    }
514 515 516
                    else if ((security_equal_sid( user, owner ) &&
                              token_sid_present( current->process->token, sid, TRUE )))
                    {
517
                        bits_to_set &= ~((mode << 6) | (mode << 3));  /* user + group */
518
                    }
519 520
                    else if (security_equal_sid( sid, owner ))
                    {
521
                        bits_to_set &= ~(mode << 6);  /* user only */
522
                    }
523 524 525 526
                    break;
                case ACCESS_ALLOWED_ACE_TYPE:
                    aa_ace = (const ACCESS_ALLOWED_ACE *)ace;
                    sid = (const SID *)&aa_ace->SidStart;
527
                    mode = file_access_to_mode( aa_ace->Mask );
528 529
                    if (security_equal_sid( sid, security_world_sid ))
                    {
530 531 532
                        mode = (mode << 6) | (mode << 3) | mode;  /* all */
                        new_mode |= mode & bits_to_set;
                        bits_to_set &= ~mode;
533
                    }
534 535 536
                    else if ((security_equal_sid( user, owner ) &&
                              token_sid_present( current->process->token, sid, FALSE )))
                    {
537 538 539
                        mode = (mode << 6) | (mode << 3);  /* user + group */
                        new_mode |= mode & bits_to_set;
                        bits_to_set &= ~mode;
540
                    }
541 542
                    else if (security_equal_sid( sid, owner ))
                    {
543 544 545
                        mode = (mode << 6);  /* user only */
                        new_mode |= mode & bits_to_set;
                        bits_to_set &= ~mode;
546
                    }
547 548 549
                    break;
            }
        }
550 551 552
    }
    else
        /* no ACL means full access rights to anyone */
553
        new_mode = S_IRWXU | S_IRWXG | S_IRWXO;
554

555
    return new_mode;
556
}
557

558 559 560 561 562
static int file_set_sd( struct object *obj, const struct security_descriptor *sd,
                        unsigned int set_info )
{
    struct file *file = (struct file *)obj;
    const SID *owner;
563
    struct stat st;
564 565 566 567 568 569 570
    mode_t mode;
    int unix_fd;

    assert( obj->ops == &file_ops );

    unix_fd = get_file_unix_fd( file );

571
    if (unix_fd == -1 || fstat( unix_fd, &st ) == -1) return 1;
572 573 574 575 576

    if (set_info & OWNER_SECURITY_INFORMATION)
    {
        owner = sd_get_owner( sd );
        if (!owner)
577
        {
578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595
            set_error( STATUS_INVALID_SECURITY_DESCR );
            return 0;
        }
        if (!obj->sd || !security_equal_sid( owner, sd_get_owner( obj->sd ) ))
        {
            /* FIXME: get Unix uid and call fchown */
        }
    }
    else if (obj->sd)
        owner = sd_get_owner( obj->sd );
    else
        owner = token_get_user( current->process->token );

    /* group and sacl not supported */

    if (set_info & DACL_SECURITY_INFORMATION)
    {
        /* keep the bits that we don't map to access rights in the ACL */
596
        mode = st.st_mode & (S_ISUID|S_ISGID|S_ISVTX);
597 598
        mode |= sd_to_mode( sd, owner );

599
        if (((st.st_mode ^ mode) & (S_IRWXU|S_IRWXG|S_IRWXO)) && fchmod( unix_fd, mode ) == -1)
600
        {
601 602
            file_set_error();
            return 0;
603
        }
604 605 606 607
    }
    return 1;
}

608
static void file_destroy( struct object *obj )
609
{
610 611
    struct file *file = (struct file *)obj;
    assert( obj->ops == &file_ops );
612

613
    if (file->fd) release_object( file->fd );
614 615 616 617 618 619 620
}

/* set the last error depending on errno */
void file_set_error(void)
{
    switch (errno)
    {
621
    case ETXTBSY:
622 623 624
    case EAGAIN:    set_error( STATUS_SHARING_VIOLATION ); break;
    case EBADF:     set_error( STATUS_INVALID_HANDLE ); break;
    case ENOSPC:    set_error( STATUS_DISK_FULL ); break;
625
    case EACCES:
626
    case ESRCH:
627
    case EROFS:
628 629 630
    case EPERM:     set_error( STATUS_ACCESS_DENIED ); break;
    case EBUSY:     set_error( STATUS_FILE_LOCK_CONFLICT ); break;
    case ENOENT:    set_error( STATUS_NO_SUCH_FILE ); break;
631
    case EISDIR:    set_error( STATUS_FILE_IS_A_DIRECTORY ); break;
632
    case ENFILE:
633
    case EMFILE:    set_error( STATUS_TOO_MANY_OPENED_FILES ); break;
634 635
    case EEXIST:    set_error( STATUS_OBJECT_NAME_COLLISION ); break;
    case EINVAL:    set_error( STATUS_INVALID_PARAMETER ); break;
636
    case ESPIPE:    set_error( STATUS_ILLEGAL_FUNCTION ); break;
637 638
    case ENOTEMPTY: set_error( STATUS_DIRECTORY_NOT_EMPTY ); break;
    case EIO:       set_error( STATUS_ACCESS_VIOLATION ); break;
639
    case ENOTDIR:   set_error( STATUS_NOT_A_DIRECTORY ); break;
640
    case EFBIG:     set_error( STATUS_SECTION_TOO_BIG ); break;
641 642
    case ENODEV:    set_error( STATUS_NO_SUCH_DEVICE ); break;
    case ENXIO:     set_error( STATUS_NO_SUCH_DEVICE ); break;
643
#ifdef EOVERFLOW
644
    case EOVERFLOW: set_error( STATUS_INVALID_PARAMETER ); break;
645
#endif
646 647 648 649
    default:
        perror("wineserver: file_set_error() can't map error");
        set_error( STATUS_UNSUCCESSFUL );
        break;
650
    }
651 652
}

653
struct file *get_file_obj( struct process *process, obj_handle_t handle, unsigned int access )
654
{
655
    return (struct file *)get_handle_obj( process, handle, access, &file_ops );
656
}
657

658 659
int get_file_unix_fd( struct file *file )
{
660
    return get_unix_fd( file->fd );
661 662
}

663 664 665
/* create a file */
DECL_HANDLER(create_file)
{
666
    struct object *file;
667
    struct fd *root_fd = NULL;
668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683
    const struct object_attributes *objattr = get_req_data();
    const struct security_descriptor *sd;
    const char *name;
    data_size_t name_len;

    reply->handle = 0;

    if (!objattr_is_valid( objattr, get_req_data_size() ))
        return;
    /* name is transferred in the unix codepage outside of the objattr structure */
    if (objattr->name_len)
    {
        set_error( STATUS_INVALID_PARAMETER );
        return;
    }

684 685 686 687 688 689 690 691 692 693
    if (objattr->rootdir)
    {
        struct dir *root;

        if (!(root = get_dir_obj( current->process, objattr->rootdir, 0 ))) return;
        root_fd = get_obj_fd( (struct object *)root );
        release_object( root );
        if (!root_fd) return;
    }

694 695 696 697
    sd = objattr->sd_len ? (const struct security_descriptor *)(objattr + 1) : NULL;

    name = (const char *)get_req_data() + sizeof(*objattr) + objattr->sd_len;
    name_len = get_req_data_size() - sizeof(*objattr) - objattr->sd_len;
698

699
    reply->handle = 0;
700 701
    if ((file = create_file( root_fd, name, name_len, req->access, req->sharing,
                             req->create, req->options, req->attrs, sd )))
702
    {
703
        reply->handle = alloc_handle( current->process, file, req->access, req->attributes );
704
        release_object( file );
705
    }
706
    if (root_fd) release_object( root_fd );
707 708 709 710 711 712
}

/* allocate a file handle for a Unix fd */
DECL_HANDLER(alloc_file_handle)
{
    struct file *file;
713
    int fd;
714

715
    reply->handle = 0;
716
    if ((fd = thread_get_inflight_fd( current, req->fd )) == -1)
717
    {
718 719 720
        set_error( STATUS_INVALID_HANDLE );
        return;
    }
721
    if ((file = create_file_for_fd( fd, req->access, FILE_SHARE_READ | FILE_SHARE_WRITE )))
722
    {
723
        reply->handle = alloc_handle( current->process, file, req->access, req->attributes );
724
        release_object( file );
725 726 727 728 729 730 731 732 733 734
    }
}

/* lock a region of a file */
DECL_HANDLER(lock_file)
{
    struct file *file;

    if ((file = get_file_obj( current->process, req->handle, 0 )))
    {
735
        reply->handle = lock_fd( file->fd, req->offset, req->count, req->shared, req->wait );
736
        reply->overlapped = is_overlapped( file );
737 738 739 740 741 742 743 744 745 746 747
        release_object( file );
    }
}

/* unlock a region of a file */
DECL_HANDLER(unlock_file)
{
    struct file *file;

    if ((file = get_file_obj( current->process, req->handle, 0 )))
    {
748
        unlock_fd( file->fd, req->offset, req->count );
749 750 751
        release_object( file );
    }
}