git://git.whamcloud.com - fs/lustre-release.git/commit

LU-9193 security: return security context for metadata ops

Security layer needs to fetch security context of files/dirs
upon metadata ops like lookup, getattr, open, truncate, and
layout, for its own purpose and control checks.
Retrieving the security context consists in a getxattr operation
at the file system level. The fact that the requested metadata
operation and the getxattr are not atomic can create a window
for a dead-lock situation where, based on some access patterns,
all MDT service threads can become stuck waiting for lookup lock
to be released and thus unable to serve getxattr for security context.
Another problem is that sending an additional getxattr request for
every metadata op hurts performance.

This patch introduces a way to get atomicity by having
the MDT return security context upon granted lock reply,
sparing the client an additional getxattr request.

LU-12212 mdt: fix SECCTX reply buffer handling

LU-9193 changes for inline SECCTX in reply may cause often
resends and reconnects in some loads, e.g. dbench runs.
That is caused by missed buffer shrink when SECCTX is not
used.

Patch shrinks SECCTX buffer if it is not used

Lustre-change: https://review.whamcloud.com/26831
Lustre-commit: fca35f74f9ec5c5ed77e774f3e3209d9df057a01

Lustre-change: https://review.whamcloud.com/34734
Lustre-commit: cb61ed93f8563c26b6a6db396478fe54f8dc42cb

Test-Parameters: clientselinux testlist=sanity envdefinitions=EXCEPT=103a
Test-Parameters: mdscount=2 mdtcount=4 clientselinux testlist=recovery-small,sanity-selinux
Signed-off-by: Bruno Faccini <bruno.faccini@intel.com>
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Signed-off-by: Sebastien Piechurski <sebastien.piechurski@atos.net>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Signed-off-by: Mikhail Pershin <mpershin@whamcloud.com>
Change-Id: I45659ffcb911a9d62e6d7e92bcdc251ae641b24b
Reviewed-on: https://review.whamcloud.com/41387
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>

author	Bruno Faccini <bruno.faccini@intel.com>
	Wed, 26 Apr 2017 10:35:28 +0000 (12:35 +0200)
committer	Oleg Drokin <green@whamcloud.com>
	Thu, 4 Mar 2021 08:33:01 +0000 (08:33 +0000)
commit	cd17e1a2e6367a7c3f07753e71fa569c28000c81
tree	b8620f5d1e935a2130cae748414ba2fec1e4acfe	tree \| snapshot
parent	7817acc39ee1d6859c2737f75619748dc8e37f95	commit \| diff

lustre/autoconf/lustre-core.m4		diff \| blob \| history
lustre/include/obd.h		diff \| blob \| history
lustre/include/uapi/linux/lustre/lustre_idl.h		diff \| blob \| history
lustre/llite/llite_internal.h		diff \| blob \| history
lustre/llite/namei.c		diff \| blob \| history
lustre/llite/xattr_security.c		diff \| blob \| history
lustre/lmv/lmv_intent.c		diff \| blob \| history
lustre/mdc/mdc_locks.c		diff \| blob \| history
lustre/mdc/mdc_request.c		diff \| blob \| history
lustre/mdt/mdt_handler.c		diff \| blob \| history
lustre/mdt/mdt_internal.h		diff \| blob \| history
lustre/mdt/mdt_lib.c		diff \| blob \| history
lustre/mdt/mdt_open.c		diff \| blob \| history
lustre/ptlrpc/layout.c		diff \| blob \| history
lustre/tests/sanity-selinux.sh		diff \| blob \| history