LU-17317 sec: fix sanity-sec test_28

Improve sanity-sec test_28 to verify that srpc_contexts is valid
YAML output.
Also remove the ctx information from the output, as printing out a
kernel pointer is not ideal.

Fixes: f6687bafcb ("LU-17317 sec: add srpc_serverctx proc file")
Test-Parameters: trivial
Test-Parameters: kerberos=true testlist=sanity-krb5
Test-Parameters: testgroup=review-dne-selinux-ssk-part-2
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: Ie48dc61adfd5017a2313981f27407c9d3b69dd71
Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/54280
Reviewed-by: Aurelien Degremont <adegremont@nvidia.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>

diff --git a/lustre/ptlrpc/gss/gss_keyring.c b/lustre/ptlrpc/gss/gss_keyring.c
index ad099d8..7803cd6 100644 (file)
--- a/lustre/ptlrpc/gss/gss_keyring.c
+++ b/lustre/ptlrpc/gss/gss_keyring.c
@@ -1229,8 +1229,8 @@ int gss_sec_display_kr(struct ptlrpc_sec *sec, struct seq_file *seq)
                mech[sizeof(mech) - 1] = '\0';
 
                seq_printf(seq,
-                          "- %p: { %s%s%suid: %u, ctxref: %d, expire: %lld, delta: %lld, flags: [%s], seq: %d, win: %u, key: %08x, keyref: %d, hdl: \"%#llx:%#llx\", mech: \"%s\" }\n",
-                          ctx, conn ? "peer_nid: " : "",
+                          "- { %s%s%suid: %u, ctxref: %d, expire: %lld, delta: %lld, flags: [%s], seq: %d, win: %u, key: %08x, keyref: %d, hdl: \"%#llx:%#llx\", mech: \"%s\" }\n",
+                          conn ? "peer_nid: " : "",
                           conn ? libcfs_nidstr(&conn->c_peer.nid) : "",
                           conn ? ", " : "",
                           ctx->cc_vcred.vc_uid, atomic_read(&ctx->cc_refcount),

diff --git a/lustre/tests/sanity-sec.sh b/lustre/tests/sanity-sec.sh
index 257bac4..77f8db0 100755 (executable)
--- a/lustre/tests/sanity-sec.sh
+++ b/lustre/tests/sanity-sec.sh
@@ -2307,8 +2307,11 @@ test_28() {
        if [ ! -f $DIR/$tdir/$tdir.out ]; then
                error "read before rotation failed"
        fi
+       # check srpc_contexts is valid YAML
+       $LCTL get_param -n *.*.srpc_contexts 2>/dev/null | verify_yaml ||
+               error "srpc_contexts is not valid YAML"
        # store top key identity to ensure rotation has occurred
-       SK_IDENTITY_OLD=$($LCTL get_param -n *.*.*srpc_contexts 2>/dev/null |
+       SK_IDENTITY_OLD=$($LCTL get_param -n *.*.srpc_contexts 2>/dev/null |
                       head -n 1 | awk 'BEGIN{RS=", "} $1=="expire:"{print $2}')
        do_facet $SINGLEMDS lfs flushctx ||
                 error "could not run flushctx on $SINGLEMDS"
@@ -2316,7 +2319,7 @@ test_28() {
        lfs flushctx || error "could not run flushctx on client"
        sleep 5
        # verify new key is in place
-       SK_IDENTITY_NEW=$($LCTL get_param -n *.*.*srpc_contexts 2>/dev/null |
+       SK_IDENTITY_NEW=$($LCTL get_param -n *.*.srpc_contexts 2>/dev/null |
                       head -n 1 | awk 'BEGIN{RS=", "} $1=="expire:"{print $2}')
        if [ $SK_IDENTITY_OLD == $SK_IDENTITY_NEW ]; then
                error "key did not rotate correctly"