From 590200d0eb921d9f88e56cf03f2d39b2b868ce6c Mon Sep 17 00:00:00 2001 From: fanyong Date: Tue, 28 Nov 2006 13:13:48 +0000 Subject: [PATCH] (1) Fix setxid permission check order according to the upcall result packed order. (2) More detail comment. --- lustre/mdt/mdt_identity.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/lustre/mdt/mdt_identity.c b/lustre/mdt/mdt_identity.c index 5de5b57..8f8a49c 100644 --- a/lustre/mdt/mdt_identity.c +++ b/lustre/mdt/mdt_identity.c @@ -207,19 +207,29 @@ void mdt_flush_identity(struct upcall_cache *cache, int uid) upcall_cache_flush_one(cache, (__u64)uid, NULL); } +/* + * If there is LNET_NID_ANY in perm[i].mp_nid, + * it must be perm[0].mp_nid, and act as default perm. + */ __u32 mdt_identity_get_setxid_perm(struct mdt_identity *identity, __u32 is_rmtclient, lnet_nid_t nid) { struct mdt_setxid_perm *perm = identity->mi_perms; int i; - for (i = 0; i < identity->mi_nperms; i++) { - if ((perm[i].mp_nid != LNET_NID_ANY) && (perm[i].mp_nid != nid)) + /* check exactly matched nid first */ + for (i = identity->mi_nperms - 1; i > 0; i--) { + if (perm[i].mp_nid != nid) continue; return perm[i].mp_perm; } - /* default */ + /* check LNET_NID_ANY then */ + if ((identity->mi_nperms > 0) && + ((perm[0].mp_nid == nid) || (perm[0].mp_nid == LNET_NID_ANY))) + return perm[0].mp_perm; + + /* return default last */ return is_rmtclient ? 0 : LUSTRE_SETGRP_PERM; } -- 1.8.3.1