/* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
* vim:expandtab:shiftwidth=8:tabstop=8:
*
- * Copyright (C) 2004-2007 Cluster File Systems, Inc.
+ * GPL HEADER START
*
- * This file is part of Lustre, http://www.lustre.org.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
- * Lustre is free software; you can redistribute it and/or
- * modify it under the terms of version 2 of the GNU General Public
- * License as published by the Free Software Foundation.
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 only,
+ * as published by the Free Software Foundation.
*
- * Lustre is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License version 2 for more details (a copy is included
+ * in the LICENSE file that accompanied this code).
*
- * You should have received a copy of the GNU General Public License
- * along with Lustre; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ * You should have received a copy of the GNU General Public License
+ * version 2 along with this program; If not, see
+ * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ *
+ * GPL HEADER END
+ */
+/*
+ * Copyright 2008 Sun Microsystems, Inc. All rights reserved
+ * Use is subject to license terms.
+ */
+/*
+ * This file is part of Lustre, http://www.lustre.org/
+ * Lustre is a trademark of Sun Microsystems, Inc.
*/
#ifndef _LUSTRE_SEC_H_
SPTLRPC_MECH_GSS_KRB5, \
SPTLRPC_SVC_PRIV)
-#define SPTLRPC_FLVR_INVALID ((__u16) -1)
+#define SPTLRPC_FLVR_ANY ((__u16) 0xf000)
+#define SPTLRPC_FLVR_INVALID ((__u16) 0xffff)
#define SPTLRPC_FLVR_DEFAULT SPTLRPC_FLVR_NULL
LUSTRE_SP_CLI = 0,
LUSTRE_SP_MDT,
LUSTRE_SP_OST,
+ LUSTRE_SP_MGC,
LUSTRE_SP_MGS,
LUSTRE_SP_ANY = 0xFF
};
+const char *sptlrpc_part2name(enum lustre_sec_part sp);
+enum lustre_sec_part sptlrpc_target_sec_part(struct obd_device *obd);
+
struct sptlrpc_rule {
__u32 sr_netid; /* LNET network ID */
__u8 sr_from; /* sec_part */
struct sptlrpc_rule *srs_rules;
};
-#define SPTLRPC_CONF_LOG_MAX (64)
-
-struct sptlrpc_conf_log {
- __u32 scl_max; /* maximum rules # */
- __u32 scl_nrule; /* rules # */
- __u8 scl_part; /* which part am i */
- __u8 scl_pad0;
- __u16 scl_pad1;
- __u32 scl_pad2;
- struct sptlrpc_rule scl_rules[SPTLRPC_CONF_LOG_MAX];
-};
+int sptlrpc_parse_flavor(const char *str, struct sptlrpc_flavor *flvr);
static inline void sptlrpc_rule_set_init(struct sptlrpc_rule_set *set)
{
int sptlrpc_rule_set_merge(struct sptlrpc_rule_set *set,
struct sptlrpc_rule *rule,
int expand);
-int sptlrpc_rule_set_from_log(struct sptlrpc_rule_set *rset,
- struct sptlrpc_conf_log *log);
-void sptlrpc_rule_set_choose(struct sptlrpc_rule_set *rset,
- enum lustre_sec_part from,
- lnet_nid_t nid,
- struct sptlrpc_flavor *flavor);
+int sptlrpc_rule_set_choose(struct sptlrpc_rule_set *rset,
+ enum lustre_sec_part from,
+ enum lustre_sec_part to,
+ lnet_nid_t nid,
+ struct sptlrpc_flavor *sf);
void sptlrpc_rule_set_dump(struct sptlrpc_rule_set *set);
-struct sptlrpc_conf_log *sptlrpc_conf_log_alloc(void);
-void sptlrpc_conf_log_free(struct sptlrpc_conf_log *log);
-int sptlrpc_conf_log_populate(struct sptlrpc_rule_set *gen,
- struct sptlrpc_rule_set *tgt,
- enum lustre_sec_part from,
- enum lustre_sec_part to,
- unsigned int fl_udesc,
- struct sptlrpc_conf_log *log);
-struct sptlrpc_conf_log *sptlrpc_conf_log_extract(struct lustre_cfg *lcfg);
-void sptlrpc_conf_log_cleanup(struct sptlrpc_conf_log *log);
-void sptlrpc_conf_log_dump(struct sptlrpc_conf_log *log);
-
-const char *sptlrpc_part2name(enum lustre_sec_part part);
-enum lustre_sec_part sptlrpc_target_sec_part(struct obd_device *obd);
-
-int sptlrpc_cliobd_process_config(struct obd_device *obd,
- struct lustre_cfg *lcfg);
+int sptlrpc_process_config(struct lustre_cfg *lcfg);
+void sptlrpc_conf_log_start(const char *logname);
+void sptlrpc_conf_log_stop(const char *logname);
+void sptlrpc_conf_log_update_begin(const char *logname);
+void sptlrpc_conf_log_update_end(const char *logname);
+void sptlrpc_conf_client_adapt(struct obd_device *obd);
+int sptlrpc_conf_target_get_rules(struct obd_device *obd,
+ struct sptlrpc_rule_set *rset,
+ int initial);
+void sptlrpc_target_choose_flavor(struct sptlrpc_rule_set *rset,
+ enum lustre_sec_part from,
+ lnet_nid_t nid,
+ struct sptlrpc_flavor *flavor);
/* The maximum length of security payload. 1024 is enough for Kerberos 5,
* and should be enough for other future mechanisms but not sure.
void sptlrpc_cli_free_repbuf(struct ptlrpc_request *req);
int sptlrpc_cli_enlarge_reqbuf(struct ptlrpc_request *req,
int segment, int newsize);
+int sptlrpc_cli_unwrap_early_reply(struct ptlrpc_request *req,
+ struct ptlrpc_request **req_ret);
+void sptlrpc_cli_finish_early_reply(struct ptlrpc_request *early_req);
+
void sptlrpc_request_out_callback(struct ptlrpc_request *req);
/*
struct ptlrpc_bulk_sec_desc *bsdv, int vsize,
struct ptlrpc_bulk_sec_desc *bsdr, int rsize);
+#define CFS_CAP_CHOWN_MASK (1 << CFS_CAP_CHOWN)
+#define CFS_CAP_SYS_RESOURCE_MASK (1 << CFS_CAP_SYS_RESOURCE)
+
+enum {
+ LUSTRE_SEC_NONE = 0,
+ LUSTRE_SEC_REMOTE = 1,
+ LUSTRE_SEC_SPECIFY = 2,
+ LUSTRE_SEC_ALL = 3
+};
#endif /* _LUSTRE_SEC_H_ */