X-Git-Url: https://git.whamcloud.com/?a=blobdiff_plain;f=lustre%2Fmdt%2Fmdt_idmap.c;h=e6b8c46cd624b54495cb4079c972e3c70b0fb32d;hb=da12d3ba35bbb86c8e5860a5ed161a55f01b69d5;hp=da581db4c49e63c1a1875ceb7f8f929061693ccc;hpb=60a9fd37185edf57fc42bf6a5ad9b9c61fc10e14;p=fs%2Flustre-release.git diff --git a/lustre/mdt/mdt_idmap.c b/lustre/mdt/mdt_idmap.c index da581db..e6b8c46 100644 --- a/lustre/mdt/mdt_idmap.c +++ b/lustre/mdt/mdt_idmap.c @@ -26,6 +26,8 @@ /* * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. + * + * Copyright (c) 2012, Intel Corporation. */ /* * This file is part of Lustre, http://www.lustre.org/ @@ -67,162 +69,45 @@ #include "mdt_internal.h" -#define mdt_init_sec_none(reply, exp) \ -do { \ - reply->ocd_connect_flags &= ~(OBD_CONNECT_RMT_CLIENT | \ - OBD_CONNECT_RMT_CLIENT_FORCE | \ - OBD_CONNECT_MDS_CAPA | \ - OBD_CONNECT_OSS_CAPA); \ -} while (0) - -int mdt_init_sec_level(struct mdt_thread_info *info) -{ - struct mdt_device *mdt = info->mti_mdt; - struct ptlrpc_request *req = mdt_info_req(info); - char *client = libcfs_nid2str(req->rq_peer.nid); - struct obd_export *exp = req->rq_export; - struct obd_device *obd = exp->exp_obd; - struct obd_connect_data *data, *reply; - int rc = 0, remote; - ENTRY; - - data = req_capsule_client_get(info->mti_pill, &RMF_CONNECT_DATA); - reply = req_capsule_server_get(info->mti_pill, &RMF_CONNECT_DATA); - if (data == NULL || reply == NULL) - RETURN(-EFAULT); - - /* connection from MDT is always trusted */ - if (req->rq_auth_usr_mdt) { - mdt_init_sec_none(reply, exp); - RETURN(0); - } - - /* no GSS support case */ - if (!req->rq_auth_gss) { - if (mdt->mdt_sec_level > LUSTRE_SEC_NONE) { - CWARN("client %s -> target %s does not user GSS, " - "can not run under security level %d.\n", - client, obd->obd_name, mdt->mdt_sec_level); - RETURN(-EACCES); - } else { - mdt_init_sec_none(reply, exp); - RETURN(0); - } - } - - /* old version case */ - if (unlikely(!(data->ocd_connect_flags & OBD_CONNECT_RMT_CLIENT) || - !(data->ocd_connect_flags & OBD_CONNECT_MDS_CAPA) || - !(data->ocd_connect_flags & OBD_CONNECT_OSS_CAPA))) { - if (mdt->mdt_sec_level > LUSTRE_SEC_NONE) { - CWARN("client %s -> target %s uses old version, " - "can not run under security level %d.\n", - client, obd->obd_name, mdt->mdt_sec_level); - RETURN(-EACCES); - } else { - CWARN("client %s -> target %s uses old version, " - "run under security level %d.\n", - client, obd->obd_name, mdt->mdt_sec_level); - mdt_init_sec_none(reply, exp); - RETURN(0); - } - } - - remote = data->ocd_connect_flags & OBD_CONNECT_RMT_CLIENT_FORCE; - if (remote) { - if (!req->rq_auth_remote) - CDEBUG(D_SEC, "client (local realm) %s -> target %s " - "asked to be remote.\n", client, obd->obd_name); - } else if (req->rq_auth_remote) { - remote = 1; - CDEBUG(D_SEC, "client (remote realm) %s -> target %s is set " - "as remote by default.\n", client, obd->obd_name); - } - - if (remote) { - if (!mdt->mdt_opts.mo_oss_capa) { - CDEBUG(D_SEC, "client %s -> target %s is set as remote," - " but OSS capabilities are not enabled: %d.\n", - client, obd->obd_name, mdt->mdt_opts.mo_oss_capa); - RETURN(-EACCES); - } - } else { - if (req->rq_auth_uid == INVALID_UID) { - CDEBUG(D_SEC, "client %s -> target %s: user is not " - "authenticated!\n", client, obd->obd_name); - RETURN(-EACCES); - } - } - - switch (mdt->mdt_sec_level) { - case LUSTRE_SEC_NONE: - if (!remote) { - mdt_init_sec_none(reply, exp); - break; - } else { - CDEBUG(D_SEC, "client %s -> target %s is set as remote, " - "can not run under security level %d.\n", - client, obd->obd_name, mdt->mdt_sec_level); - RETURN(-EACCES); - } - case LUSTRE_SEC_REMOTE: - if (!remote) - mdt_init_sec_none(reply, exp); - break; - case LUSTRE_SEC_ALL: - if (!remote) { - reply->ocd_connect_flags &= ~(OBD_CONNECT_RMT_CLIENT | - OBD_CONNECT_RMT_CLIENT_FORCE); - if (!mdt->mdt_opts.mo_mds_capa) - reply->ocd_connect_flags &= ~OBD_CONNECT_MDS_CAPA; - if (!mdt->mdt_opts.mo_oss_capa) - reply->ocd_connect_flags &= ~OBD_CONNECT_OSS_CAPA; - } - break; - default: - RETURN(-EINVAL); - } - - RETURN(rc); -} - -int mdt_init_idmap(struct mdt_thread_info *info) +int mdt_init_idmap(struct tgt_session_info *tsi) { - struct ptlrpc_request *req = mdt_info_req(info); - struct mdt_export_data *med = mdt_req2med(req); - struct obd_export *exp = req->rq_export; - char *client = libcfs_nid2str(req->rq_peer.nid); - struct obd_device *obd = exp->exp_obd; - int rc = 0; - ENTRY; - - if (exp_connect_rmtclient(exp)) { + struct ptlrpc_request *req = tgt_ses_req(tsi); + struct mdt_export_data *med = mdt_req2med(req); + struct obd_export *exp = req->rq_export; + char *client = libcfs_nid2str(req->rq_peer.nid); + int rc = 0; + ENTRY; + + if (exp_connect_rmtclient(exp)) { mutex_lock(&med->med_idmap_mutex); - if (!med->med_idmap) - med->med_idmap = lustre_idmap_init(); + if (!med->med_idmap) + med->med_idmap = lustre_idmap_init(); mutex_unlock(&med->med_idmap_mutex); - if (IS_ERR(med->med_idmap)) { - long err = PTR_ERR(med->med_idmap); - - med->med_idmap = NULL; - CERROR("client %s -> target %s " - "failed to init idmap [%ld]!\n", - client, obd->obd_name, err); - RETURN(err); - } else if (!med->med_idmap) { - CERROR("client %s -> target %s " - "failed to init(2) idmap!\n", - client, obd->obd_name); - RETURN(-ENOMEM); - } - - CDEBUG(D_SEC, "client %s -> target %s is remote.\n", - client, obd->obd_name); - /* NB, MDS_CONNECT establish root idmap too! */ - rc = mdt_handle_idmap(info); - } - RETURN(rc); + if (IS_ERR(med->med_idmap)) { + long err = PTR_ERR(med->med_idmap); + + med->med_idmap = NULL; + CERROR("%s: client %s -> target %s " + "failed to init idmap [%ld]!\n", + tgt_name(tsi->tsi_tgt), client, + tgt_name(tsi->tsi_tgt), err); + RETURN(err); + } else if (!med->med_idmap) { + CERROR("%s: client %s -> target %s " + "failed to init(2) idmap!\n", + tgt_name(tsi->tsi_tgt), client, + tgt_name(tsi->tsi_tgt)); + RETURN(-ENOMEM); + } + + CDEBUG(D_SEC, "%s: client %s -> target %s is remote.\n", + tgt_name(tsi->tsi_tgt), client, + tgt_name(tsi->tsi_tgt)); + /* NB, MDS_CONNECT establish root idmap too! */ + rc = mdt_handle_idmap(tsi); + } + RETURN(rc); } void mdt_cleanup_idmap(struct mdt_export_data *med) @@ -244,10 +129,10 @@ static inline void mdt_revoke_export_locks(struct obd_export *exp) ldlm_revoke_export_locks(exp); } -int mdt_handle_idmap(struct mdt_thread_info *info) +int mdt_handle_idmap(struct tgt_session_info *tsi) { - struct ptlrpc_request *req = mdt_info_req(info); - struct mdt_device *mdt = info->mti_mdt; + struct ptlrpc_request *req = tgt_ses_req(tsi); + struct mdt_device *mdt = mdt_exp2dev(req->rq_export); struct mdt_export_data *med; struct ptlrpc_user_desc *pud = req->rq_user_desc; struct md_identity *identity; @@ -259,7 +144,7 @@ int mdt_handle_idmap(struct mdt_thread_info *info) RETURN(0); med = mdt_req2med(req); - if (!exp_connect_rmtclient(info->mti_exp)) + if (!exp_connect_rmtclient(req->rq_export)) RETURN(0); opc = lustre_msg_get_opc(req->rq_reqmsg);