[cifs-protocol] [MS-SMB 2.2.1.1.1 <6>] Opening previous version of a file with WRITE access

Ralph Böhme slow at samba.org
Fri Nov 16 18:46:34 UTC 2018 

Hello dochelp,

I was debuging an interesting problem in the context previous versions of a file 
on a Samba server, opened from a Windows client.

The unexpected client behaviour I obverved was a Windows 2016 client opening a 
previous version of a file over SMB2 for reading *and* writing (Access Mask: 
0x0012019f). pcap available on request.

With Samba this fails, in the specific configuration involving the VFS module 
shadow_copy2 with ZFS snapshots on FreeBSD, as we map the SMB layer access mask 
to O_RDWR for the POSIX open and when calling open() on the file in a ZFS 
snapshot with mode=O_RDWR, unsurprisingly this fails with EROFS.

Now the interesting part.

The same open of a previous version of a file over SMB2 against a Windows 2016 
server succeeds, *but* then a subsequent write on the handle files with 
STATUS_MEDIA_WRITE_PROTECTED, pcap attached. I've reproduced this with a Samba 
smbtorture test as client, cf attached pcap "twrp_write_w16.pcapng" packet 18.

The only section I could find in the protocol documentation dealing with opens 
of previous versions and the requested access mask is [MS-SMB 2.2.1.1.1 <6>] 
where we read:

  When enabled previous versions of files are accessible as read-only.

Related to this question is how a server is supposed to return effective 
permissions of a previous version of a file. In the attached pcap the Windows 
2016 server return "Access Mask: 0x001f01ff".

Questions:

1. What is the expected behaviour for an SMB server for opens of previous 
version of a file with regard to the desired access bits? Is this documented 
anywhere in the protocol documentation?

2. What is the expected behaviour for an SMB server for opens of previous 
version of a file with regard to queries for effective permissions? Is this 
documented anywhere in the protocol documentation?

Thanks a lot!
-slow

-- 
Ralph Boehme, Samba Team       https://samba.org/
Samba Developer, SerNet GmbH   https://sernet.de/en/samba/
GPG Key Fingerprint:           FAE2 C608 8A24 2520 51C5
                               59E4 AA1E 9B71 2639 9E46
-------------- next part --------------
A non-text attachment was scrubbed...
Name: twrp_write_w16.pcapng
Type: application/octet-stream
Size: 2583 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20181116/78eabf33/twrp_write_w16.obj>

More information about the cifs-protocol mailing list