X-Git-Url: https://git.whamcloud.com/?a=blobdiff_plain;f=lustre%2Finclude%2Flustre_sec.h;h=57a58c7a2874ac395f7c36b304d4d84c5f6af8f4;hb=e1db4cce23855b074ed54b5689a57e85305c0a88;hp=cf6cf4faf59cd831652729ec9cafa259b5fc44fd;hpb=6869932b552ac705f411de3362f01bd50c1f6f7d;p=fs%2Flustre-release.git

diff --git a/lustre/include/lustre_sec.h b/lustre/include/lustre_sec.h
index cf6cf4f..57a58c7 100644
--- a/lustre/include/lustre_sec.h
+++ b/lustre/include/lustre_sec.h
@@ -162,7 +162,8 @@ enum sptlrpc_service_type {
                       SPTLRPC_MECH_GSS_KRB5,            \
                       SPTLRPC_SVC_PRIV)
 
-#define SPTLRPC_FLVR_INVALID            ((__u16) -1)
+#define SPTLRPC_FLVR_ANY                ((__u16) 0xf000)
+#define SPTLRPC_FLVR_INVALID            ((__u16) 0xffff)
 
 #define SPTLRPC_FLVR_DEFAULT            SPTLRPC_FLVR_NULL
 
@@ -192,10 +193,14 @@ enum lustre_sec_part {
         LUSTRE_SP_CLI           = 0,
         LUSTRE_SP_MDT,
         LUSTRE_SP_OST,
+        LUSTRE_SP_MGC,
         LUSTRE_SP_MGS,
         LUSTRE_SP_ANY           = 0xFF
 };
 
+const char *sptlrpc_part2name(enum lustre_sec_part sp);
+enum lustre_sec_part sptlrpc_target_sec_part(struct obd_device *obd);
+
 struct sptlrpc_rule {
         __u32                   sr_netid;   /* LNET network ID */
         __u8                    sr_from;    /* sec_part */
@@ -210,17 +215,7 @@ struct sptlrpc_rule_set {
         struct sptlrpc_rule    *srs_rules;
 };
 
-#define SPTLRPC_CONF_LOG_MAX    (64)
-
-struct sptlrpc_conf_log {
-        __u32               scl_max;            /* maximum rules # */
-        __u32               scl_nrule;          /* rules # */
-        __u8                scl_part;           /* which part am i */
-        __u8                scl_pad0;
-        __u16               scl_pad1;
-        __u32               scl_pad2;
-        struct sptlrpc_rule scl_rules[SPTLRPC_CONF_LOG_MAX];
-};
+int sptlrpc_parse_flavor(const char *str, struct sptlrpc_flavor *flvr);
 
 static inline void sptlrpc_rule_set_init(struct sptlrpc_rule_set *set)
 {
@@ -232,31 +227,26 @@ int  sptlrpc_rule_set_expand(struct sptlrpc_rule_set *set, int expand);
 int  sptlrpc_rule_set_merge(struct sptlrpc_rule_set *set,
                             struct sptlrpc_rule *rule,
                             int expand);
-int sptlrpc_rule_set_from_log(struct sptlrpc_rule_set *rset,
-                              struct sptlrpc_conf_log *log);
-void sptlrpc_rule_set_choose(struct sptlrpc_rule_set *rset,
-                             enum lustre_sec_part from,
-                             lnet_nid_t nid,
-                             struct sptlrpc_flavor *flavor);
+int sptlrpc_rule_set_choose(struct sptlrpc_rule_set *rset,
+                            enum lustre_sec_part from,
+                            enum lustre_sec_part to,
+                            lnet_nid_t nid,
+                            struct sptlrpc_flavor *sf);
 void sptlrpc_rule_set_dump(struct sptlrpc_rule_set *set);
 
-struct sptlrpc_conf_log *sptlrpc_conf_log_alloc(void);
-void sptlrpc_conf_log_free(struct sptlrpc_conf_log *log);
-int sptlrpc_conf_log_populate(struct sptlrpc_rule_set *gen,
-                              struct sptlrpc_rule_set *tgt,
-                              enum lustre_sec_part from,
-                              enum lustre_sec_part to,
-                              unsigned int fl_udesc,
-                              struct sptlrpc_conf_log *log);
-struct sptlrpc_conf_log *sptlrpc_conf_log_extract(struct lustre_cfg *lcfg);
-void sptlrpc_conf_log_cleanup(struct sptlrpc_conf_log *log);
-void sptlrpc_conf_log_dump(struct sptlrpc_conf_log *log);
-
-const char *sptlrpc_part2name(enum lustre_sec_part part);
-enum lustre_sec_part sptlrpc_target_sec_part(struct obd_device *obd);
-
-int sptlrpc_cliobd_process_config(struct obd_device *obd,
-                                  struct lustre_cfg *lcfg);
+int  sptlrpc_process_config(struct lustre_cfg *lcfg);
+void sptlrpc_conf_log_start(const char *logname);
+void sptlrpc_conf_log_stop(const char *logname);
+void sptlrpc_conf_log_update_begin(const char *logname);
+void sptlrpc_conf_log_update_end(const char *logname);
+void sptlrpc_conf_client_adapt(struct obd_device *obd);
+int  sptlrpc_conf_target_get_rules(struct obd_device *obd,
+                                   struct sptlrpc_rule_set *rset,
+                                   int initial);
+void sptlrpc_target_choose_flavor(struct sptlrpc_rule_set *rset,
+                                  enum lustre_sec_part from,
+                                  lnet_nid_t nid,
+                                  struct sptlrpc_flavor *flavor);
 
 /* The maximum length of security payload. 1024 is enough for Kerberos 5,
  * and should be enough for other future mechanisms but not sure.
@@ -671,8 +661,9 @@ int sptlrpc_cli_alloc_repbuf(struct ptlrpc_request *req, int msgsize);
 void sptlrpc_cli_free_repbuf(struct ptlrpc_request *req);
 int sptlrpc_cli_enlarge_reqbuf(struct ptlrpc_request *req,
                                int segment, int newsize);
-int sptlrpc_cli_unwrap_early_reply(struct ptlrpc_request *req);
-int sptlrpc_cli_finish_early_reply(struct ptlrpc_request *req);
+int  sptlrpc_cli_unwrap_early_reply(struct ptlrpc_request *req,
+                                    struct ptlrpc_request **req_ret);
+void sptlrpc_cli_finish_early_reply(struct ptlrpc_request *early_req);
 
 void sptlrpc_request_out_callback(struct ptlrpc_request *req);
 
@@ -778,5 +769,14 @@ int bulk_csum_svc(struct ptlrpc_bulk_desc *desc, int read,
                   struct ptlrpc_bulk_sec_desc *bsdv, int vsize,
                   struct ptlrpc_bulk_sec_desc *bsdr, int rsize);
 
+#define CFS_CAP_CHOWN_MASK (1 << CFS_CAP_CHOWN)
+#define CFS_CAP_SYS_RESOURCE_MASK (1 << CFS_CAP_SYS_RESOURCE)
+
+enum {
+        LUSTRE_SEC_NONE         = 0,
+        LUSTRE_SEC_REMOTE       = 1,
+        LUSTRE_SEC_SPECIFY      = 2,
+        LUSTRE_SEC_ALL          = 3
+};
 
 #endif /* _LUSTRE_SEC_H_ */