From 29bb62dde97ecf8e62fd9c329923b68a90633633 Mon Sep 17 00:00:00 2001 From: braam Date: Wed, 25 Sep 2002 03:20:04 +0000 Subject: [PATCH] - add ucred structure. MDS now sets the fsuid and fsgid to that of the caller to enforce permissions, with a new argument to push_ctxt. --- lustre/include/linux/lustre_lib.h | 4 +++- lustre/include/linux/obd.h | 8 ++++++++ lustre/lib/simple.c | 11 ++++++++++- lustre/mds/handler.c | 24 ++++++++++++++++++------ lustre/mds/mds_fs.c | 2 +- lustre/mds/mds_lov.c | 6 +++--- lustre/mds/mds_reint.c | 6 +++++- lustre/obdfilter/filter.c | 18 +++++++++--------- 8 files changed, 57 insertions(+), 22 deletions(-) diff --git a/lustre/include/linux/lustre_lib.h b/lustre/include/linux/lustre_lib.h index 56a7eb5..0aaf056 100644 --- a/lustre/include/linux/lustre_lib.h +++ b/lustre/include/linux/lustre_lib.h @@ -100,7 +100,9 @@ struct io_cb_data *ll_init_cb(void); /* simple.c */ struct obd_run_ctxt; -void push_ctxt(struct obd_run_ctxt *save, struct obd_run_ctxt *new); +struct obd_ucred; +void push_ctxt(struct obd_run_ctxt *save, struct obd_run_ctxt *new, + struct obd_ucred *cred); void pop_ctxt(struct obd_run_ctxt *saved); struct dentry *simple_mkdir(struct dentry *dir, char *name, int mode); struct dentry *simple_mknod(struct dentry *dir, char *name, int mode); diff --git a/lustre/include/linux/obd.h b/lustre/include/linux/obd.h index 25fb414..f8bc5fe 100644 --- a/lustre/include/linux/obd.h +++ b/lustre/include/linux/obd.h @@ -58,17 +58,25 @@ struct ext2_obd { struct vfsmount *e2_vfsmnt; }; +struct obd_ucred { + __u32 ouc_fsuid; + __u32 ouc_fsgid; +}; + #define OBD_RUN_CTXT_MAGIC 0xC0FFEEAA #define OBD_CTXT_DEBUG /* development-only debugging */ struct obd_run_ctxt { struct vfsmount *pwdmnt; struct dentry *pwd; mm_segment_t fs; + __u32 fsuid; + __u32 fsgid; #ifdef OBD_CTXT_DEBUG __u32 magic; #endif }; + #ifdef OBD_CTXT_DEBUG #define OBD_SET_CTXT_MAGIC(ctxt) (ctxt)->magic = OBD_RUN_CTXT_MAGIC #else diff --git a/lustre/lib/simple.c b/lustre/lib/simple.c index 20f0829..9477aaa 100644 --- a/lustre/lib/simple.c +++ b/lustre/lib/simple.c @@ -41,7 +41,8 @@ #endif /* push / pop to root of obd store */ -void push_ctxt(struct obd_run_ctxt *save, struct obd_run_ctxt *new) +void push_ctxt(struct obd_run_ctxt *save, struct obd_run_ctxt *new, + struct obd_ucred *uc) { //ASSERT_NOT_KERNEL_CTXT("already in kernel context!\n"); ASSERT_CTXT_MAGIC(new->magic); @@ -55,6 +56,12 @@ void push_ctxt(struct obd_run_ctxt *save, struct obd_run_ctxt *new) LASSERT(new->pwd); LASSERT(new->pwdmnt); + save->fsuid = current->fsuid; + save->fsgid = current->fsgid; + if (uc) { + current->fsuid = uc->ouc_fsuid; + current->fsgid = uc->ouc_fsgid; + } set_fs(new->fs); set_fs_pwd(current->fs, new->pwdmnt, new->pwd); } @@ -75,6 +82,8 @@ void pop_ctxt(struct obd_run_ctxt *saved) //printk("pc5"); mntput(saved->pwdmnt); //printk("pc6\n"); + current->fsuid = saved->fsuid; + current->fsgid = saved->fsgid; } /* utility to make a file */ diff --git a/lustre/mds/handler.c b/lustre/mds/handler.c index 147f7a36..c64b045 100644 --- a/lustre/mds/handler.c +++ b/lustre/mds/handler.c @@ -506,6 +506,7 @@ static int mds_getattr_name(int offset, struct ptlrpc_request *req) struct lustre_handle lockh; char *name; int namelen, flags, lock_mode, rc = 0; + struct obd_ucred uc; __u64 res_id[3] = {0, 0, 0}; ENTRY; @@ -523,7 +524,9 @@ static int mds_getattr_name(int offset, struct ptlrpc_request *req) if (offset) offset = 1; - push_ctxt(&saved, &mds->mds_ctxt); + uc.ouc_fsuid = body->fsuid; + uc.ouc_fsgid = body->fsgid; + push_ctxt(&saved, &mds->mds_ctxt, &uc); de = mds_fid2dentry(mds, &body->fid1, NULL); if (IS_ERR(de)) { LBUG(); @@ -582,11 +585,14 @@ static int mds_getattr(int offset, struct ptlrpc_request *req) struct dentry *de; struct inode *inode; struct mds_body *body; + struct obd_ucred uc; int rc = 0, size[2] = {sizeof(*body)}, bufcount = 1; ENTRY; body = lustre_msg_buf(req->rq_reqmsg, offset); - push_ctxt(&saved, &mds->mds_ctxt); + uc.ouc_fsuid = body->fsuid; + uc.ouc_fsgid = body->fsgid; + push_ctxt(&saved, &mds->mds_ctxt, &uc); de = mds_fid2dentry(mds, &body->fid1, NULL); if (IS_ERR(de)) { req->rq_status = -ENOENT; @@ -724,7 +730,10 @@ static int mds_open(struct ptlrpc_request *req) rc = mds_fs_set_md(mds, inode, handle, lmm); if (!rc) { struct obd_run_ctxt saved; - push_ctxt(&saved, &mds->mds_ctxt); + struct obd_ucred uc; + uc.ouc_fsuid = body->fsuid; + uc.ouc_fsgid = body->fsgid; + push_ctxt(&saved, &mds->mds_ctxt, &uc); rc = mds_update_last_rcvd(mds, handle, req); pop_ctxt(&saved); } else { @@ -809,6 +818,7 @@ static int mds_readpage(struct ptlrpc_request *req) struct mds_body *body, *repbody; struct obd_run_ctxt saved; int rc, size = sizeof(*body); + struct obd_ucred uc; ENTRY; rc = lustre_pack_msg(1, &size, NULL, &req->rq_replen, &req->rq_repmsg); @@ -818,7 +828,9 @@ static int mds_readpage(struct ptlrpc_request *req) } body = lustre_msg_buf(req->rq_reqmsg, 0); - push_ctxt(&saved, &mds->mds_ctxt); + uc.ouc_fsuid = body->fsuid; + uc.ouc_fsgid = body->fsgid; + push_ctxt(&saved, &mds->mds_ctxt, &uc); de = mds_fid2dentry(mds, &body->fid1, &mnt); if (IS_ERR(de)) GOTO(out_pop, rc = PTR_ERR(de)); @@ -1061,7 +1073,7 @@ static int mds_recover(struct obd_device *obddev) /* This happens at the end when recovery is complete */ ++mds->mds_mount_count; - push_ctxt(&saved, &mds->mds_ctxt); + push_ctxt(&saved, &mds->mds_ctxt, NULL); rc = mds_update_server_data(mds); pop_ctxt(&saved); @@ -1174,7 +1186,7 @@ static int mds_cleanup(struct obd_device *obddev) if (!mds->mds_sb) RETURN(0); - push_ctxt(&saved, &mds->mds_ctxt); + push_ctxt(&saved, &mds->mds_ctxt, NULL); mds_update_server_data(mds); if (mds->mds_rcvd_filp) { diff --git a/lustre/mds/mds_fs.c b/lustre/mds/mds_fs.c index a764b54..8a88f9b 100644 --- a/lustre/mds/mds_fs.c +++ b/lustre/mds/mds_fs.c @@ -224,7 +224,7 @@ static int mds_fs_prep(struct obd_device *obddev) struct file *f; int rc; - push_ctxt(&saved, &mds->mds_ctxt); + push_ctxt(&saved, &mds->mds_ctxt, NULL); dentry = simple_mkdir(current->fs->pwd, "ROOT", 0755); if (IS_ERR(dentry)) { rc = PTR_ERR(dentry); diff --git a/lustre/mds/mds_lov.c b/lustre/mds/mds_lov.c index e2e993d..85feb9d 100644 --- a/lustre/mds/mds_lov.c +++ b/lustre/mds/mds_lov.c @@ -37,7 +37,7 @@ int mds_configure_lov(struct obd_device *obd, struct lov_desc *desc, tgt_count = desc->ld_tgt_count; lov_packdesc(desc); - push_ctxt(&saved, &mds->mds_ctxt); + push_ctxt(&saved, &mds->mds_ctxt, NULL); f = filp_open("LOVDESC", O_CREAT|O_RDWR, 0644); if (IS_ERR(f)) { CERROR("Cannot open/create LOVDESC file\n"); @@ -86,7 +86,7 @@ int mds_get_lovdesc(struct obd_device *obd, struct lov_desc *desc) struct file *f; int rc; - push_ctxt(&saved, &mds->mds_ctxt); + push_ctxt(&saved, &mds->mds_ctxt, NULL); f = filp_open("LOVDESC", O_RDONLY, 0644); if (!f || IS_ERR(f)) { CERROR("Cannot open LOVDESC file\n"); @@ -116,7 +116,7 @@ int mds_get_lovtgts(struct obd_device *obd, int tgt_count,obd_uuid_t *uuidarray) int rc; int rc2; - push_ctxt(&saved, &mds->mds_ctxt); + push_ctxt(&saved, &mds->mds_ctxt, NULL); f = filp_open("LOVTGTS", O_RDONLY, 0644); if (IS_ERR(f)) { CERROR("Cannot open LOVTGTS file\n"); diff --git a/lustre/mds/mds_reint.c b/lustre/mds/mds_reint.c index 33462f0..b0137d9 100644 --- a/lustre/mds/mds_reint.c +++ b/lustre/mds/mds_reint.c @@ -846,6 +846,7 @@ int mds_reint_rec(struct mds_update_record *rec, int offset, { struct mds_obd *mds = mds_req2mds(req); struct obd_run_ctxt saved; + struct obd_ucred uc; int rc; @@ -855,7 +856,10 @@ int mds_reint_rec(struct mds_update_record *rec, int offset, RETURN(rc); } - push_ctxt(&saved, &mds->mds_ctxt); + uc.ouc_fsuid = rec->ur_fsuid; + uc.ouc_fsgid = rec->ur_fsgid; + + push_ctxt(&saved, &mds->mds_ctxt, &uc); rc = reinters[rec->ur_opcode] (rec, offset, req); pop_ctxt(&saved); diff --git a/lustre/obdfilter/filter.c b/lustre/obdfilter/filter.c index a336649..9ec0410 100644 --- a/lustre/obdfilter/filter.c +++ b/lustre/obdfilter/filter.c @@ -72,7 +72,7 @@ static int filter_prep(struct obd_device *obddev) __u64 lastino = 2; int mode = 0; - push_ctxt(&saved, &filter->fo_ctxt); + push_ctxt(&saved, &filter->fo_ctxt, NULL); dentry = simple_mkdir(current->fs->pwd, "O", 0700); CDEBUG(D_INODE, "got/created O: %p\n", dentry); if (IS_ERR(dentry)) { @@ -197,7 +197,7 @@ static void filter_post(struct obd_device *obddev) struct file *file; int mode; - push_ctxt(&saved, &filter->fo_ctxt); + push_ctxt(&saved, &filter->fo_ctxt, NULL); file = filp_open("D/status", O_RDWR | O_CREAT, 0700); if (IS_ERR(file)) { CERROR("OBD filter: cannot create status file\n"); @@ -313,7 +313,7 @@ static struct file *filter_obj_open(struct obd_device *obddev, } filter_id(name, id, type); - push_ctxt(&saved, &obddev->u.filter.fo_ctxt); + push_ctxt(&saved, &obddev->u.filter.fo_ctxt, NULL); file = filp_open(name, O_RDONLY | O_LARGEFILE, 0 /* type? */); pop_ctxt(&saved); @@ -532,7 +532,7 @@ static int filter_setattr(struct lustre_handle *conn, struct obdo *oa, lock_kernel(); if (iattr.ia_valid & ATTR_SIZE) down(&inode->i_sem); - push_ctxt(&saved, &obd->u.filter.fo_ctxt); + push_ctxt(&saved, &obd->u.filter.fo_ctxt, NULL); if (inode->i_op->setattr) rc = inode->i_op->setattr(dentry, &iattr); else @@ -633,7 +633,7 @@ static int filter_create(struct lustre_handle* conn, struct obdo *oa, //filter_id(name, oa->o_id, oa->o_mode); sprintf(name, LPU64, oa->o_id); mode = (oa->o_mode & ~S_IFMT) | S_IFREG; - push_ctxt(&saved, &obd->u.filter.fo_ctxt); + push_ctxt(&saved, &obd->u.filter.fo_ctxt, NULL); new = simple_mknod(filter->fo_dentry_O_mode[S_IFREG >> S_SHIFT], name, mode); pop_ctxt(&saved); @@ -697,7 +697,7 @@ static int filter_destroy(struct lustre_handle *conn, struct obdo *oa, } filter = &obd->u.filter; - push_ctxt(&saved, &filter->fo_ctxt); + push_ctxt(&saved, &filter->fo_ctxt, NULL); rc = vfs_unlink(dir_dentry->d_inode, object_dentry); pop_ctxt(&saved); @@ -748,7 +748,7 @@ static int filter_pgcache_brw(int cmd, struct lustre_handle *conn, } sb = obd->u.filter.fo_sb; - push_ctxt(&saved, &obd->u.filter.fo_ctxt); + push_ctxt(&saved, &obd->u.filter.fo_ctxt, NULL); pnum = 0; /* pnum indexes buf 0..num_pages */ file = filter_obj_open(obd, lsm->lsm_object_id, S_IFREG); @@ -1191,7 +1191,7 @@ static int filter_preprw(int cmd, struct lustre_handle *conn, } memset(res, 0, sizeof(*res) * niocount); - push_ctxt(&saved, &obd->u.filter.fo_ctxt); + push_ctxt(&saved, &obd->u.filter.fo_ctxt, NULL); if (cmd & OBD_BRW_WRITE) { *desc_private = filter_journal_start(&journal_save, @@ -1322,7 +1322,7 @@ static int filter_commitrw(int cmd, struct lustre_handle *conn, int i; ENTRY; - push_ctxt(&saved, &obd->u.filter.fo_ctxt); + push_ctxt(&saved, &obd->u.filter.fo_ctxt, NULL); journal_save = current->journal_info; LASSERT(!journal_save); -- 1.8.3.1