From d1846452e96217695c8cb2537f071f287ab210d4 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 1 Sep 2023 14:51:47 +0200 Subject: [PATCH] vfs: Add VFS_OPEN_HOW_WITH_BACKUP_INTENT MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Indicate BACKUP_INTENT to vfs_openat(). Why? I have a customer request who wants to add O_NOATIME in this case to avoid metadata updates when a backup or virus-checking application comes along. This does not fully handle BACKUP_INTENT correctly, this would require become_root() appropriately. We might want to do that later after a lot of careful security audit, but this patch independently might already provide some infrastructure for it. Signed-off-by: Volker Lendecke Reviewed-by: Ralph Boehme Autobuild-User(master): Ralph Böhme Autobuild-Date(master): Thu Oct 5 14:00:33 UTC 2023 on atb-devel-224 --- source3/include/vfs.h | 1 + source3/modules/vfs_default.c | 3 ++- source3/smbd/open.c | 5 +++++ 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/source3/include/vfs.h b/source3/include/vfs.h index 8ada8d8aadf..1e2e88d65ce 100644 --- a/source3/include/vfs.h +++ b/source3/include/vfs.h @@ -908,6 +908,7 @@ struct vfs_aio_state { }; #define VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS 1 +#define VFS_OPEN_HOW_WITH_BACKUP_INTENT 2 struct vfs_open_how { int flags; diff --git a/source3/modules/vfs_default.c b/source3/modules/vfs_default.c index 1d4b9b1a840..7fa6872d171 100644 --- a/source3/modules/vfs_default.c +++ b/source3/modules/vfs_default.c @@ -664,7 +664,8 @@ static int vfswrap_openat(vfs_handle_struct *handle, START_PROFILE(syscall_openat); - if (how->resolve & ~VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS) { + if (how->resolve & ~(VFS_OPEN_HOW_RESOLVE_NO_SYMLINKS | + VFS_OPEN_HOW_WITH_BACKUP_INTENT)) { errno = ENOSYS; result = -1; goto out; diff --git a/source3/smbd/open.c b/source3/smbd/open.c index ac3e677d6f5..d912acbb409 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -4133,6 +4133,11 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, .flags = flags, .mode = unx_mode, }; + + if (create_options & FILE_OPEN_FOR_BACKUP_INTENT) { + how.resolve |= VFS_OPEN_HOW_WITH_BACKUP_INTENT; + } + fsp_open = open_file(req, parent_dir_fname->fsp, smb_fname_atname, -- 2.47.3