uint64_t lmd_remote_flag;
uint32_t lmd_nllu;
uint32_t lmd_nllg;
+ uint32_t lmd_pag;
+ uint32_t lmd_padding;
char lmd_mds_security[16];
char lmd_oss_security[16];
char lmd_mds[64];
#define PTLRPC_SEC_FL_MDS 0x0001 /* outgoing from MDS */
#define PTLRPC_SEC_FL_REVERSE 0x0002 /* reverse sec */
+#define PTLRPC_SEC_FL_PAG 0x0004 /* enable PAG */
#define PTLRPC_CREDCACHE_NR 8
#define PTLRPC_CREDCACHE_MASK (PTLRPC_CREDCACHE_NR - 1)
/* higher interface */
int ptlrpcs_import_get_sec(struct obd_import *imp);
void ptlrpcs_import_drop_sec(struct obd_import *imp);
-void ptlrpcs_import_flush_creds(struct obd_import *imp, uid_t uid);
+void ptlrpcs_import_flush_current_creds(struct obd_import *imp);
int ptlrpcs_req_get_cred(struct ptlrpc_request *req);
void ptlrpcs_req_drop_cred(struct ptlrpc_request *req);
int ptlrpcs_req_replace_dead_cred(struct ptlrpc_request *req);
--- /dev/null
+--- linux-2.6.10-pag/arch/um/kernel/sys_call_table.c.pag 2005-07-15 14:18:10.000000000 -0600
++++ linux-2.6.10-pag/arch/um/kernel/sys_call_table.c 2005-07-18 11:20:54.000000000 -0600
+@@ -306,6 +306,8 @@
+ [ __NR_utimes ] (syscall_handler_t *) sys_utimes,
+ [ __NR_fadvise64_64 ] (syscall_handler_t *) sys_fadvise64_64,
+ [ __NR_vserver ] (syscall_handler_t *) sys_ni_syscall,
++ [ __NR_newpag ] (syscall_handler_t *) sys_newpag,
++ [ __NR_getpag ] (syscall_handler_t *) sys_getpag,
+
+ ARCH_SYSCALLS
+ [ LAST_SYSCALL + 1 ... NR_syscalls ] =
+--- linux-2.6.10-pag/arch/i386/kernel/entry.S.pag 2005-07-15 13:47:12.000000000 -0600
++++ linux-2.6.10-pag/arch/i386/kernel/entry.S 2005-07-18 11:18:45.000000000 -0600
+@@ -907,5 +907,7 @@
+ .long sys_add_key
+ .long sys_request_key
+ .long sys_keyctl
++ .long sys_newpag
++ .long sys_getpag /* 289,290 temporay added for lustre */
+
+ syscall_table_size=(.-sys_call_table)
+--- linux-2.6.10-pag/fs/fcntl.c.pag 2005-07-15 14:23:32.000000000 -0600
++++ linux-2.6.10-pag/fs/fcntl.c 2005-07-18 11:41:21.000000000 -0600
+@@ -421,6 +421,17 @@
+ }
+ #endif
+
++asmlinkage long sys_newpag(void)
++{
++ get_random_bytes(¤t->pag, sizeof(current->pag));
++ return 0;
++}
++
++asmlinkage long sys_getpag(void)
++{
++ return current->pag;
++}
++
+ /* Table to convert sigio signal codes into poll band bitmaps */
+
+ static long band_table[NSIGPOLL] = {
+--- linux-2.6.10-pag/include/linux/sched.h.pag 2005-07-15 13:35:27.000000000 -0600
++++ linux-2.6.10-pag/include/linux/sched.h 2005-07-15 13:38:02.000000000 -0600
+@@ -600,6 +600,7 @@
+ /* mm fault and swap info: this can arguably be seen as either mm-specific or thread-specific */
+ unsigned long min_flt, maj_flt;
+ /* process credentials */
++ unsigned long pag;
+ uid_t uid,euid,suid,fsuid;
+ gid_t gid,egid,sgid,fsgid;
+ struct group_info *group_info;
+--- linux-2.6.10-pag/include/linux/syscalls.h.pag 2005-07-15 14:09:42.000000000 -0600
++++ linux-2.6.10-pag/include/linux/syscalls.h 2005-07-18 11:42:01.000000000 -0600
+@@ -506,4 +506,7 @@
+ asmlinkage long sys_keyctl(int cmd, unsigned long arg2, unsigned long arg3,
+ unsigned long arg4, unsigned long arg5);
+
++asmlinkage long sys_newpag(void);
++asmlinkage long sys_getpag(void);
++
+ #endif
+--- linux-2.6.10-pag/include/linux/init_task.h.pag 2005-07-15 14:39:07.000000000 -0600
++++ linux-2.6.10-pag/include/linux/init_task.h 2005-07-15 14:41:45.000000000 -0600
+@@ -92,6 +92,7 @@
+ .real_timer = { \
+ .function = it_real_fn \
+ }, \
++ .pag = -1, \
+ .group_info = &init_groups, \
+ .cap_effective = CAP_INIT_EFF_SET, \
+ .cap_inheritable = CAP_INIT_INH_SET, \
+--- linux-2.6.10-pag/include/asm-i386/unistd.h.pag 2005-07-15 13:55:46.000000000 -0600
++++ linux-2.6.10-pag/include/asm-i386/unistd.h 2005-07-18 11:43:10.000000000 -0600
+@@ -294,8 +294,10 @@
+ #define __NR_add_key 286
+ #define __NR_request_key 287
+ #define __NR_keyctl 288
++#define __NR_newpag 289
++#define __NR_getpag 290
+
+-#define NR_syscalls 289
++#define NR_syscalls 291
+
+ #ifndef __KERNEL_SYSCALLS_NO_ERRNO__
+ /*
hostfs_readdir_large.patch
vfs-intent_release_umount-vanilla-2.6.10-fc3.patch
vfs-umount_lustre-vanilla-2.6.10-fc3.patch
+pag-basic-2.6.10-fc3.patch
vfs-umount_lustre-vanilla-2.6.10-fc3.patch
export-show_task-2.6-vanilla.patch
highmem-split-2.6.10-fc3.patch
+pag-basic-2.6.10-fc3.patch
#include <linux/lustre_dlm.h>
#include <linux/lprocfs_status.h>
#include <linux/lustre_acl.h>
+#include <linux/lustre_sec.h>
#include "llite_internal.h"
kmem_cache_t *ll_file_data_slab;
int lustre_common_fill_super(struct super_block *sb, char *lmv, char *lov,
int async, char *mds_security, char *oss_security,
- __u32 *nllu, __u64 *remote)
+ __u32 *nllu, int pag, __u64 *remote)
{
struct ll_sb_info *sbi = ll_s2sbi(sb);
struct ptlrpc_request *request = NULL;
struct obd_device *obd;
struct obd_statfs osfs;
struct lustre_md md;
+ unsigned long sec_flags;
__u32 valsize;
int err;
ENTRY;
RETURN(err);
}
+ if (pag) {
+ sec_flags = PTLRPC_SEC_FL_PAG;
+ err = obd_set_info(obd->obd_self_export,
+ strlen("sec_flags"), "sec_flags",
+ sizeof(sec_flags), &sec_flags);
+ if (err) {
+ OBD_FREE(data, sizeof(*data));
+ RETURN(err);
+ }
+ }
+
if (proc_lustre_fs_root) {
err = lprocfs_register_mountpoint(proc_lustre_fs_root,
sb, lov, lmv);
RETURN(err);
}
+ if (pag) {
+ sec_flags = PTLRPC_SEC_FL_PAG;
+ err = obd_set_info(obd->obd_self_export,
+ strlen("sec_flags"), "sec_flags",
+ sizeof(sec_flags), &sec_flags);
+ if (err) {
+ OBD_FREE(data, sizeof(*data));
+ RETURN(err);
+ }
+ }
+
err = obd_connect(&dt_conn, obd, &sbi->ll_sb_uuid, data, 0);
if (err == -EBUSY) {
CERROR("An OST (lov %s) is performing recovery, of which this"
}
err = lustre_common_fill_super(sb, lmv, lov, async, mds_sec, oss_sec,
- nllu, &remote_flag);
+ nllu, 0, &remote_flag);
EXIT;
out:
if (err)
if (rc)
GOTO(out_cleanup, rc);
+ if (lmd->lmd_pag) {
+ unsigned long sec_flags = PTLRPC_SEC_FL_PAG;
+ rc = obd_set_info(obd->obd_self_export,
+ strlen("sec_flags"), "sec_flags",
+ sizeof(sec_flags), &sec_flags);
+ if (rc)
+ GOTO(out_cleanup, rc);
+ }
+
/* Disable initial recovery on this import */
rc = obd_set_info(obd->obd_self_export,
strlen("initial_recov"), "initial_recov",
err = lustre_common_fill_super(sb, lmv, lov, lmd->lmd_async,
lmd->lmd_mds_security,
lmd->lmd_oss_security,
- &lmd->lmd_nllu, &lmd->lmd_remote_flag);
+ &lmd->lmd_nllu, lmd->lmd_pag,
+ &lmd->lmd_remote_flag);
if (err)
GOTO(out_free, err);
lmd->lmd_mds_security, lmd->lmd_oss_security);
}
seq_printf(m, ",%s", sbi->ll_remote ? "remote" : "local");
- if (sbi->ll_remote && lmd) {
+ if (sbi->ll_remote && lmd)
seq_printf(m, ",nllu=%u:%u", lmd->lmd_nllu, lmd->lmd_nllg);
- }
+
+ if (lmd && lmd->lmd_pag)
+ seq_printf(m, ",pag");
return 0;
}
int ll_flush_cred(struct inode *inode)
{
struct ll_sb_info *sbi = ll_i2sbi(inode);
- uid_t uid = current->fsuid;
- int rc = 0;
+ int rc = 0;
/* XXX to avoid adding api, we simply use set_info() interface
* to notify underlying obds. set_info() is more like a ioctl() now...
if (sbi->ll_md_exp) {
rc = obd_set_info(sbi->ll_md_exp,
strlen("flush_cred"), "flush_cred",
- sizeof(uid), &uid);
+ 0, NULL);
if (rc)
return rc;
}
if (sbi->ll_dt_exp) {
rc = obd_set_info(sbi->ll_dt_exp,
strlen("flush_cred"), "flush_cred",
- sizeof(uid), &uid);
+ 0, NULL);
if (rc)
return rc;
}
struct client_obd *cli = &exp->exp_obd->u.cli;
if (cli->cl_import)
- ptlrpcs_import_flush_creds(cli->cl_import,
- *((uid_t *) val));
+ ptlrpcs_import_flush_current_creds(cli->cl_import);
RETURN(0);
} else if (keylen == strlen("async") && memcmp(key, "async", keylen) == 0) {
struct client_obd *cl = &exp->exp_obd->u.cli;
struct client_obd *cli = &exp->exp_obd->u.cli;
if (cli->cl_import)
- ptlrpcs_import_flush_creds(cli->cl_import,
- *((uid_t *) val));
+ ptlrpcs_import_flush_current_creds(cli->cl_import);
RETURN(0);
}
static rwlock_t gss_ctx_lock = RW_LOCK_UNLOCKED;
struct gss_upcall_msg_data {
+ __u64 gum_pag;
__u32 gum_uid;
__u32 gum_svc;
__u32 gum_nal;
spin_lock_init(&ctx->gc_seq_lock);
atomic_set(&ctx->gc_refcount,1);
+ if (simple_get_bytes(&p, &len, &gmd->gum_pag, sizeof(gmd->gum_pag)))
+ goto err_free_ctx;
if (simple_get_bytes(&p, &len, &gmd->gum_uid, sizeof(gmd->gum_uid)))
goto err_free_ctx;
if (simple_get_bytes(&p, &len, &gmd->gum_svc, sizeof(gmd->gum_svc)))
struct dentry *dentry;
char *obdname, *obdtype;
wait_queue_t wait;
- uid_t uid = cred->pc_uid;
int res;
ENTRY;
RETURN(-EINVAL);
}
- gmd.gum_uid = uid;
+ gmd.gum_pag = cred->pc_pag;
+ gmd.gum_uid = cred->pc_uid;
gmd.gum_nal = import->imp_connection->c_peer.peer_ni->pni_number;
gmd.gum_netid = 0;
gmd.gum_nid = import->imp_connection->c_peer.peer_id.nid;
CDEBUG(D_SEC, "Initiate gss context %p(%u@%s)\n",
container_of(cred, struct gss_cred, gc_base),
- uid, import->imp_target_uuid.uuid);
+ cred->pc_uid, import->imp_target_uuid.uuid);
again:
spin_lock(&gsec->gs_lock);
if (err)
CERROR("parse init downcall err %d\n", err);
+ vcred.vc_pag = gmd.gum_pag;
vcred.vc_uid = gmd.gum_uid;
- vcred.vc_pag = vcred.vc_uid; /* FIXME */
cred = ptlrpcs_cred_lookup(sec, &vcred);
if (!cred) {
* @force: flush all entries, otherwise only free ones be flushed.
*/
static
-int flush_credcache(struct ptlrpc_sec *sec, uid_t uid,
+int flush_credcache(struct ptlrpc_sec *sec, unsigned long pag, uid_t uid,
int grace, int force)
{
struct ptlrpc_cred *cred, *n;
pc_hash) {
LASSERT(atomic_read(&cred->pc_refcount) >= 0);
- if (uid != -1 && uid != cred->pc_uid)
- continue;
+ if (sec->ps_flags & PTLRPC_SEC_FL_PAG) {
+ if (pag != -1 && pag != cred->pc_pag)
+ continue;
+ } else {
+ if (uid != -1 && uid != cred->pc_uid)
+ continue;
+ }
+
if (atomic_read(&cred->pc_refcount)) {
busy = 1;
if (!force)
struct vfs_cred vcred;
LASSERT(sec);
- /* XXX
- * for now we simply let PAG == real uid
- */
+
if (sec->ps_flags & (PTLRPC_SEC_FL_MDS | PTLRPC_SEC_FL_REVERSE)) {
vcred.vc_pag = 0;
vcred.vc_uid = 0;
} else {
- vcred.vc_pag = (__u64) current->uid;
+ if (sec->ps_flags & PTLRPC_SEC_FL_PAG)
+ vcred.vc_pag = (__u64) current->pag;
+ else
+ vcred.vc_pag = (__u64) current->uid;
vcred.vc_uid = current->uid;
}
int ncred;
if (atomic_dec_and_test(&sec->ps_refcount)) {
- flush_credcache(sec, -1, 1, 1);
+ flush_credcache(sec, -1, -1, 1, 1);
/* this spinlock is protect against ptlrpcs_cred_destroy() */
spin_lock(&sec->ps_lock);
void ptlrpcs_sec_invalidate_cache(struct ptlrpc_sec *sec)
{
- flush_credcache(sec, -1, 0, 1);
+ flush_credcache(sec, -1, -1, 0, 1);
}
int sec_alloc_reqbuf(struct ptlrpc_sec *sec,
EXIT;
}
-void ptlrpcs_import_flush_creds(struct obd_import *imp, uid_t uid)
+void ptlrpcs_import_flush_current_creds(struct obd_import *imp)
{
LASSERT(imp);
class_import_get(imp);
if (imp->imp_sec)
- flush_credcache(imp->imp_sec, uid, 1, 1);
+ flush_credcache(imp->imp_sec, current->pag, current->uid, 1, 1);
class_import_put(imp);
}
EXPORT_SYMBOL(ptlrpcs_sec_invalidate_cache);
EXPORT_SYMBOL(ptlrpcs_import_get_sec);
EXPORT_SYMBOL(ptlrpcs_import_drop_sec);
-EXPORT_SYMBOL(ptlrpcs_import_flush_creds);
+EXPORT_SYMBOL(ptlrpcs_import_flush_current_creds);
EXPORT_SYMBOL(ptlrpcs_cred_lookup);
EXPORT_SYMBOL(ptlrpcs_cred_put);
EXPORT_SYMBOL(ptlrpcs_req_get_cred);
if UTILS
rootsbin_SCRIPTS = mount.lustre
sbin_PROGRAMS = lctl obdio obdbarrier lload wirecheck wiretest llmount lsd_upcall
-bin_PROGRAMS = lfs
+bin_PROGRAMS = lfs lkinit
lib_LIBRARIES = liblustreapi.a
sbin_SCRIPTS = $(sbin_scripts)
bin_SCRIPTS = $(bin_scripts)
obdio_SOURCES = obdio.c obdiolib.c obdiolib.h
obdbarrier_SOURCES = obdbarrier.c obdiolib.c obdiolib.h
lfs_SOURCES = lfs.c parser.c obd.c
+lkinit_SOURCES = lkinit.c
llmount_SOURCES = llmount.c
llmount_LDADD = $(LIBREADLINE) $(LIBPTLCTL)
--- /dev/null
+/* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
+ * vim:expandtab:shiftwidth=8:tabstop=8:
+ *
+ * Copyright (C) 2004 Cluster File Systems, Inc.
+ *
+ * This file is part of Lustre, http://www.lustre.org.
+ *
+ * Lustre is free software; you can redistribute it and/or
+ * modify it under the terms of version 2 of the GNU General Public
+ * License as published by the Free Software Foundation.
+ *
+ * Lustre is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Lustre; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ */
+
+#include <linux/unistd.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#ifndef __NR_newpag
+#define __NR_newpag 289
+#define __NR_getpag 290
+#endif
+
+_syscall0(int, newpag);
+_syscall0(int, getpag);
+
+void usage(const char *exe)
+{
+ printf("Usage: %s -k \"parameters_to_kinit\" command line\n", exe);
+ exit(1);
+}
+
+int check_kopt(const char *opt)
+{
+ /* FIXME check "-c" here */
+ return 0;
+}
+
+#define CMD_BUFSIZE 4096
+
+int main(int argc, char *argv[])
+{
+ extern char *optarg;
+ int opt, i;
+ unsigned long pag;
+ char kopt[CMD_BUFSIZE];
+ char kcmd[CMD_BUFSIZE];
+ char cmd[CMD_BUFSIZE];
+
+ kopt[0] = '\0';
+ cmd[0] = '\0';
+
+ newpag();
+ pag = getpag();
+
+ snprintf(kcmd, CMD_BUFSIZE, "kinit -c /tmp/krb5cc_pag_%lx", pag);
+
+ while ((opt = getopt(argc, argv, "k:")) != -1) {
+ switch (opt) {
+ case 'k':
+ if (check_kopt(optarg)) {
+ fprintf(stderr, "Can't specify cache file\n");
+ return 1;
+ }
+
+ snprintf(kcmd, CMD_BUFSIZE,
+ "kinit -c /tmp/krb5cc_pag_%lx %s",
+ pag, optarg);
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ if (optind >= argc) {
+ snprintf(cmd, CMD_BUFSIZE, "/bin/sh");
+ } else {
+ for (i = optind; i < argc; i++) {
+ if (i != optind)
+ strncat(cmd, " ", CMD_BUFSIZE);
+ strncat(cmd, argv[i], CMD_BUFSIZE);
+ }
+ }
+
+ if (system(kcmd)) {
+ fprintf(stderr, "can't get kerberos TGT\n");
+ return 1;
+ }
+
+ if (system(cmd))
+ fprintf(stderr, "execute error\n");
+
+ /* flush in-kernel credential cache */
+ snprintf(cmd, CMD_BUFSIZE, "lctl flush_cred");
+ if (system(cmd))
+ fprintf(stderr, "failed to flush in-kernel credential\n");
+
+ /* flush user-space credential cache */
+ snprintf(kcmd, CMD_BUFSIZE, "kdestroy -c /tmp/krb5cc_pag_%lx", pag);
+ system(kcmd);
+
+ return 0;
+}
lmd->lmd_remote_flag = 0;
lmd->lmd_nllu = NOBODY_UID;
lmd->lmd_nllg = NOBODY_GID;
+ lmd->lmd_pag = 0;
strncpy(lmd->lmd_mds_security, "null", sizeof(lmd->lmd_mds_security));
strncpy(lmd->lmd_oss_security, "null", sizeof(lmd->lmd_oss_security));
return 0;
lmd->lmd_remote_flag = OBD_CONNECT_LOCAL;
} else if (!strcmp(opt, "async")) {
lmd->lmd_async = 1;
+ } else if (!strcmp(opt, "pag")) {
+ lmd->lmd_pag = 1;
} else {
val = 1;
if (!strncmp(opt, "no", 2)) {
git://git.whamcloud.com / fs / lustre-release.git / commitdiff