Whamcloud - gitweb
c724cc950d74cff66182af77a5673a28b346a775
[fs/lustre-release.git] / lustre / mdt / mdt_lib.c
1 /*
2  * GPL HEADER START
3  *
4  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License version 2 only,
8  * as published by the Free Software Foundation.
9  *
10  * This program is distributed in the hope that it will be useful, but
11  * WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
13  * General Public License version 2 for more details (a copy is included
14  * in the LICENSE file that accompanied this code).
15  *
16  * You should have received a copy of the GNU General Public License
17  * version 2 along with this program; If not, see
18  * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
19  *
20  * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
21  * CA 95054 USA or visit www.sun.com if you need additional information or
22  * have any questions.
23  *
24  * GPL HEADER END
25  */
26 /*
27  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
28  * Use is subject to license terms.
29  *
30  * Copyright (c) 2011, 2014, Intel Corporation.
31  */
32 /*
33  * This file is part of Lustre, http://www.lustre.org/
34  * Lustre is a trademark of Sun Microsystems, Inc.
35  *
36  * lustre/mdt/mdt_lib.c
37  *
38  * Lustre Metadata Target (mdt) request unpacking helper.
39  *
40  * Author: Peter Braam <braam@clusterfs.com>
41  * Author: Andreas Dilger <adilger@clusterfs.com>
42  * Author: Phil Schwan <phil@clusterfs.com>
43  * Author: Mike Shaver <shaver@clusterfs.com>
44  * Author: Nikita Danilov <nikita@clusterfs.com>
45  * Author: Huang Hua <huanghua@clusterfs.com>
46  * Author: Fan Yong <fanyong@clusterfs.com>
47  */
48
49 #define DEBUG_SUBSYSTEM S_MDS
50
51 #include "mdt_internal.h"
52 #include <lnet/nidstr.h>
53 #include <lustre_nodemap.h>
54
55 typedef enum ucred_init_type {
56         NONE_INIT       = 0,
57         BODY_INIT       = 1,
58         REC_INIT        = 2
59 } ucred_init_type_t;
60
61 void mdt_exit_ucred(struct mdt_thread_info *info)
62 {
63         struct lu_ucred   *uc  = mdt_ucred(info);
64         struct mdt_device *mdt = info->mti_mdt;
65
66         LASSERT(uc != NULL);
67         if (uc->uc_valid != UCRED_INIT) {
68                 uc->uc_suppgids[0] = uc->uc_suppgids[1] = -1;
69                 if (uc->uc_ginfo) {
70                         put_group_info(uc->uc_ginfo);
71                         uc->uc_ginfo = NULL;
72                 }
73                 if (uc->uc_identity) {
74                         mdt_identity_put(mdt->mdt_identity_cache,
75                                          uc->uc_identity);
76                         uc->uc_identity = NULL;
77                 }
78                 uc->uc_valid = UCRED_INIT;
79         }
80 }
81
82 static int match_nosquash_list(struct rw_semaphore *sem,
83                                struct list_head *nidlist,
84                                lnet_nid_t peernid)
85 {
86         int rc;
87         ENTRY;
88         down_read(sem);
89         rc = cfs_match_nid(peernid, nidlist);
90         up_read(sem);
91         RETURN(rc);
92 }
93
94 /* root_squash for inter-MDS operations */
95 static int mdt_root_squash(struct mdt_thread_info *info, lnet_nid_t peernid)
96 {
97         struct lu_ucred *ucred = mdt_ucred(info);
98         struct root_squash_info *squash = &info->mti_mdt->mdt_squash;
99         ENTRY;
100
101         LASSERT(ucred != NULL);
102         if (!squash->rsi_uid || ucred->uc_fsuid)
103                 RETURN(0);
104
105         if (match_nosquash_list(&squash->rsi_sem,
106                                 &squash->rsi_nosquash_nids,
107                                 peernid)) {
108                 CDEBUG(D_OTHER, "%s is in nosquash_nids list\n",
109                        libcfs_nid2str(peernid));
110                 RETURN(0);
111         }
112
113         CDEBUG(D_OTHER, "squash req from %s, (%d:%d/%x)=>(%d:%d/%x)\n",
114                libcfs_nid2str(peernid),
115                ucred->uc_fsuid, ucred->uc_fsgid, ucred->uc_cap,
116                squash->rsi_uid, squash->rsi_gid, 0);
117
118         ucred->uc_fsuid = squash->rsi_uid;
119         ucred->uc_fsgid = squash->rsi_gid;
120         ucred->uc_cap = 0;
121         ucred->uc_suppgids[0] = -1;
122         ucred->uc_suppgids[1] = -1;
123
124         RETURN(0);
125 }
126
127 static void ucred_set_jobid(struct mdt_thread_info *info, struct lu_ucred *uc)
128 {
129         struct ptlrpc_request   *req = mdt_info_req(info);
130         const char              *jobid = mdt_req_get_jobid(req);
131
132         /* set jobid if specified. */
133         if (jobid)
134                 strlcpy(uc->uc_jobid, jobid, sizeof(uc->uc_jobid));
135         else
136                 uc->uc_jobid[0] = '\0';
137 }
138
139 static int new_init_ucred(struct mdt_thread_info *info, ucred_init_type_t type,
140                           void *buf)
141 {
142         struct ptlrpc_request   *req = mdt_info_req(info);
143         struct mdt_device       *mdt = info->mti_mdt;
144         struct ptlrpc_user_desc *pud = req->rq_user_desc;
145         struct lu_ucred         *ucred = mdt_ucred(info);
146         lnet_nid_t               peernid = req->rq_peer.nid;
147         __u32                    perm = 0;
148         __u32                    remote = exp_connect_rmtclient(info->mti_exp);
149         int                      setuid;
150         int                      setgid;
151         int                      rc = 0;
152
153         ENTRY;
154
155         LASSERT(req->rq_auth_gss);
156         LASSERT(!req->rq_auth_usr_mdt);
157         LASSERT(req->rq_user_desc);
158         LASSERT(ucred != NULL);
159
160         ucred->uc_valid = UCRED_INVALID;
161
162         ucred->uc_o_uid   = pud->pud_uid;
163         ucred->uc_o_gid   = pud->pud_gid;
164         ucred->uc_o_fsuid = pud->pud_fsuid;
165         ucred->uc_o_fsgid = pud->pud_fsgid;
166
167         if (type == BODY_INIT) {
168                 struct mdt_body *body = (struct mdt_body *)buf;
169
170                 ucred->uc_suppgids[0] = body->mbo_suppgid;
171                 ucred->uc_suppgids[1] = -1;
172         }
173
174         /* sanity check: we expect the uid which client claimed is true */
175         if (remote) {
176                 if (!uid_valid(make_kuid(&init_user_ns, req->rq_auth_mapped_uid))) {
177                         CDEBUG(D_SEC, "remote user not mapped, deny access!\n");
178                         RETURN(-EACCES);
179                 }
180
181                 if (ptlrpc_user_desc_do_idmap(req, pud))
182                         RETURN(-EACCES);
183
184                 if (req->rq_auth_mapped_uid != pud->pud_uid) {
185                         CDEBUG(D_SEC, "remote client %s: auth/mapped uid %u/%u "
186                                "while client claims %u:%u/%u:%u\n",
187                                libcfs_nid2str(peernid), req->rq_auth_uid,
188                                req->rq_auth_mapped_uid,
189                                pud->pud_uid, pud->pud_gid,
190                                pud->pud_fsuid, pud->pud_fsgid);
191                         RETURN(-EACCES);
192                 }
193         } else {
194                 if (req->rq_auth_uid != pud->pud_uid) {
195                         CDEBUG(D_SEC, "local client %s: auth uid %u "
196                                "while client claims %u:%u/%u:%u\n",
197                                libcfs_nid2str(peernid), req->rq_auth_uid,
198                                pud->pud_uid, pud->pud_gid,
199                                pud->pud_fsuid, pud->pud_fsgid);
200                         RETURN(-EACCES);
201                 }
202         }
203
204         if (is_identity_get_disabled(mdt->mdt_identity_cache)) {
205                 if (remote) {
206                         CDEBUG(D_SEC, "remote client must run with identity_get "
207                                "enabled!\n");
208                         RETURN(-EACCES);
209                 } else {
210                         ucred->uc_identity = NULL;
211                         perm = CFS_SETUID_PERM | CFS_SETGID_PERM |
212                                CFS_SETGRP_PERM;
213                 }
214         } else {
215                 struct md_identity *identity;
216
217                 identity = mdt_identity_get(mdt->mdt_identity_cache,
218                                             pud->pud_uid);
219                 if (IS_ERR(identity)) {
220                         if (unlikely(PTR_ERR(identity) == -EREMCHG &&
221                                      !remote)) {
222                                 ucred->uc_identity = NULL;
223                                 perm = CFS_SETUID_PERM | CFS_SETGID_PERM |
224                                        CFS_SETGRP_PERM;
225                         } else {
226                                 CDEBUG(D_SEC, "Deny access without identity: uid %u\n",
227                                        pud->pud_uid);
228                                 RETURN(-EACCES);
229                         }
230                 } else {
231                         ucred->uc_identity = identity;
232                         perm = mdt_identity_get_perm(ucred->uc_identity,
233                                                      remote, peernid);
234                 }
235         }
236
237         /* find out the setuid/setgid attempt */
238         setuid = (pud->pud_uid != pud->pud_fsuid);
239         setgid = ((pud->pud_gid != pud->pud_fsgid) ||
240                   (ucred->uc_identity &&
241                    (pud->pud_gid != ucred->uc_identity->mi_gid)));
242
243         /* check permission of setuid */
244         if (setuid && !(perm & CFS_SETUID_PERM)) {
245                 CDEBUG(D_SEC, "mdt blocked setuid attempt (%u -> %u) from %s\n",
246                        pud->pud_uid, pud->pud_fsuid, libcfs_nid2str(peernid));
247                 GOTO(out, rc = -EACCES);
248         }
249
250         /* check permission of setgid */
251         if (setgid && !(perm & CFS_SETGID_PERM)) {
252                 CDEBUG(D_SEC, "mdt blocked setgid attempt (%u:%u/%u:%u -> %u) "
253                        "from %s\n", pud->pud_uid, pud->pud_gid,
254                        pud->pud_fsuid, pud->pud_fsgid,
255                        ucred->uc_identity->mi_gid, libcfs_nid2str(peernid));
256                 GOTO(out, rc = -EACCES);
257         }
258
259         /*
260          * NB: remote client not allowed to setgroups anyway.
261          */
262         if (!remote && perm & CFS_SETGRP_PERM) {
263                 if (pud->pud_ngroups) {
264                         /* setgroups for local client */
265                         ucred->uc_ginfo = groups_alloc(pud->pud_ngroups);
266                         if (!ucred->uc_ginfo) {
267                                 CERROR("failed to alloc %d groups\n",
268                                        pud->pud_ngroups);
269                                 GOTO(out, rc = -ENOMEM);
270                         }
271
272                         lustre_groups_from_list(ucred->uc_ginfo,
273                                                 pud->pud_groups);
274                         lustre_groups_sort(ucred->uc_ginfo);
275                 } else {
276                         ucred->uc_ginfo = NULL;
277                 }
278         } else {
279                 ucred->uc_suppgids[0] = -1;
280                 ucred->uc_suppgids[1] = -1;
281                 ucred->uc_ginfo = NULL;
282         }
283
284         ucred->uc_uid   = pud->pud_uid;
285         ucred->uc_gid   = pud->pud_gid;
286         ucred->uc_fsuid = pud->pud_fsuid;
287         ucred->uc_fsgid = pud->pud_fsgid;
288
289         /* process root_squash here. */
290         mdt_root_squash(info, peernid);
291
292         /* remove fs privilege for non-root user. */
293         if (ucred->uc_fsuid)
294                 ucred->uc_cap = pud->pud_cap & ~CFS_CAP_FS_MASK;
295         else
296                 ucred->uc_cap = pud->pud_cap;
297         if (remote && !(perm & CFS_RMTOWN_PERM))
298                 ucred->uc_cap &= ~(CFS_CAP_SYS_RESOURCE_MASK |
299                                    CFS_CAP_CHOWN_MASK);
300         ucred->uc_valid = UCRED_NEW;
301         ucred_set_jobid(info, ucred);
302
303         EXIT;
304
305 out:
306         if (rc) {
307                 if (ucred->uc_ginfo) {
308                         put_group_info(ucred->uc_ginfo);
309                         ucred->uc_ginfo = NULL;
310                 }
311                 if (ucred->uc_identity) {
312                         mdt_identity_put(mdt->mdt_identity_cache,
313                                          ucred->uc_identity);
314                         ucred->uc_identity = NULL;
315                 }
316         }
317
318         return rc;
319 }
320
321 /**
322  * Check whether allow the client to set supplementary group IDs or not.
323  *
324  * \param[in] info      pointer to the thread context
325  * \param[in] uc        pointer to the RPC user descriptor
326  *
327  * \retval              true if allow to set supplementary group IDs
328  * \retval              false for other cases
329  */
330 bool allow_client_chgrp(struct mdt_thread_info *info, struct lu_ucred *uc)
331 {
332         __u32 remote = exp_connect_rmtclient(info->mti_exp);
333         __u32 perm;
334
335         /* 1. If identity_upcall is disabled, then forbid remote client to set
336          *    supplementary group IDs, but permit local client to do that. */
337         if (is_identity_get_disabled(info->mti_mdt->mdt_identity_cache)) {
338                 if (remote)
339                         return false;
340
341                 return true;
342         }
343
344         /* 2. If fail to get related identities, then forbid any client to
345          *    set supplementary group IDs. */
346         if (uc->uc_identity == NULL)
347                 return false;
348
349         /* 3. Check the permission in the identities. */
350         perm = mdt_identity_get_perm(uc->uc_identity, remote,
351                                      mdt_info_req(info)->rq_peer.nid);
352         if (perm & CFS_SETGRP_PERM)
353                 return true;
354
355         return false;
356 }
357
358 int mdt_check_ucred(struct mdt_thread_info *info)
359 {
360         struct ptlrpc_request   *req = mdt_info_req(info);
361         struct mdt_device       *mdt = info->mti_mdt;
362         struct ptlrpc_user_desc *pud = req->rq_user_desc;
363         struct lu_ucred         *ucred = mdt_ucred(info);
364         struct md_identity      *identity = NULL;
365         lnet_nid_t               peernid = req->rq_peer.nid;
366         __u32                    perm = 0;
367         __u32                    remote = exp_connect_rmtclient(info->mti_exp);
368         int                      setuid;
369         int                      setgid;
370         int                      rc = 0;
371
372         ENTRY;
373
374         LASSERT(ucred != NULL);
375         if ((ucred->uc_valid == UCRED_OLD) || (ucred->uc_valid == UCRED_NEW))
376                 RETURN(0);
377
378         if (!req->rq_auth_gss || req->rq_auth_usr_mdt || !req->rq_user_desc)
379                 RETURN(0);
380
381         /* sanity check: if we use strong authentication, we expect the
382          * uid which client claimed is true */
383         if (remote) {
384                 if (!uid_valid(make_kuid(&init_user_ns, req->rq_auth_mapped_uid))) {
385                         CDEBUG(D_SEC, "remote user not mapped, deny access!\n");
386                         RETURN(-EACCES);
387                 }
388
389                 if (ptlrpc_user_desc_do_idmap(req, pud))
390                         RETURN(-EACCES);
391
392                 if (req->rq_auth_mapped_uid != pud->pud_uid) {
393                         CDEBUG(D_SEC, "remote client %s: auth/mapped uid %u/%u "
394                                "while client claims %u:%u/%u:%u\n",
395                                libcfs_nid2str(peernid), req->rq_auth_uid,
396                                req->rq_auth_mapped_uid,
397                                pud->pud_uid, pud->pud_gid,
398                                pud->pud_fsuid, pud->pud_fsgid);
399                         RETURN(-EACCES);
400                 }
401         } else {
402                 if (req->rq_auth_uid != pud->pud_uid) {
403                         CDEBUG(D_SEC, "local client %s: auth uid %u "
404                                "while client claims %u:%u/%u:%u\n",
405                                libcfs_nid2str(peernid), req->rq_auth_uid,
406                                pud->pud_uid, pud->pud_gid,
407                                pud->pud_fsuid, pud->pud_fsgid);
408                         RETURN(-EACCES);
409                 }
410         }
411
412         if (is_identity_get_disabled(mdt->mdt_identity_cache)) {
413                 if (remote) {
414                         CDEBUG(D_SEC, "remote client must run with identity_get "
415                                "enabled!\n");
416                         RETURN(-EACCES);
417                 }
418                 RETURN(0);
419         }
420
421         identity = mdt_identity_get(mdt->mdt_identity_cache, pud->pud_uid);
422         if (IS_ERR(identity)) {
423                 if (unlikely(PTR_ERR(identity) == -EREMCHG &&
424                              !remote)) {
425                         RETURN(0);
426                 } else {
427                         CDEBUG(D_SEC, "Deny access without identity: uid %u\n",
428                                pud->pud_uid);
429                         RETURN(-EACCES);
430                }
431         }
432
433         perm = mdt_identity_get_perm(identity, remote, peernid);
434         /* find out the setuid/setgid attempt */
435         setuid = (pud->pud_uid != pud->pud_fsuid);
436         setgid = (pud->pud_gid != pud->pud_fsgid ||
437                   pud->pud_gid != identity->mi_gid);
438
439         /* check permission of setuid */
440         if (setuid && !(perm & CFS_SETUID_PERM)) {
441                 CDEBUG(D_SEC, "mdt blocked setuid attempt (%u -> %u) from %s\n",
442                        pud->pud_uid, pud->pud_fsuid, libcfs_nid2str(peernid));
443                 GOTO(out, rc = -EACCES);
444         }
445
446         /* check permission of setgid */
447         if (setgid && !(perm & CFS_SETGID_PERM)) {
448                 CDEBUG(D_SEC, "mdt blocked setgid attempt (%u:%u/%u:%u -> %u) "
449                        "from %s\n", pud->pud_uid, pud->pud_gid,
450                        pud->pud_fsuid, pud->pud_fsgid, identity->mi_gid,
451                        libcfs_nid2str(peernid));
452                 GOTO(out, rc = -EACCES);
453         }
454
455         EXIT;
456
457 out:
458         mdt_identity_put(mdt->mdt_identity_cache, identity);
459         return rc;
460 }
461
462 static void mdt_squash_nodemap_id(struct lu_ucred *ucred,
463                                   struct lu_nodemap *nodemap)
464 {
465         if (ucred->uc_o_uid == nodemap->nm_squash_uid) {
466                 ucred->uc_fsuid = nodemap->nm_squash_uid;
467                 ucred->uc_fsgid = nodemap->nm_squash_gid;
468                 ucred->uc_cap = 0;
469                 ucred->uc_suppgids[0] = -1;
470                 ucred->uc_suppgids[1] = -1;
471         }
472 }
473
474
475 static int old_init_ucred(struct mdt_thread_info *info,
476                           struct mdt_body *body)
477 {
478         struct lu_ucred         *uc = mdt_ucred(info);
479         struct mdt_device       *mdt = info->mti_mdt;
480         struct md_identity      *identity = NULL;
481         struct lu_nodemap       *nodemap =
482                 info->mti_exp->exp_target_data.ted_nodemap;
483         ENTRY;
484
485         body->mbo_uid = nodemap_map_id(nodemap, NODEMAP_UID,
486                                        NODEMAP_CLIENT_TO_FS, body->mbo_uid);
487         body->mbo_gid = nodemap_map_id(nodemap, NODEMAP_GID,
488                                        NODEMAP_CLIENT_TO_FS, body->mbo_gid);
489         body->mbo_fsuid = nodemap_map_id(nodemap, NODEMAP_UID,
490                                        NODEMAP_CLIENT_TO_FS, body->mbo_fsuid);
491         body->mbo_fsgid = nodemap_map_id(nodemap, NODEMAP_GID,
492                                        NODEMAP_CLIENT_TO_FS, body->mbo_fsgid);
493
494         LASSERT(uc != NULL);
495         uc->uc_valid = UCRED_INVALID;
496         uc->uc_o_uid = uc->uc_uid = body->mbo_uid;
497         uc->uc_o_gid = uc->uc_gid = body->mbo_gid;
498         uc->uc_o_fsuid = uc->uc_fsuid = body->mbo_fsuid;
499         uc->uc_o_fsgid = uc->uc_fsgid = body->mbo_fsgid;
500         uc->uc_suppgids[0] = body->mbo_suppgid;
501         uc->uc_suppgids[1] = -1;
502         uc->uc_ginfo = NULL;
503         if (!is_identity_get_disabled(mdt->mdt_identity_cache)) {
504                 identity = mdt_identity_get(mdt->mdt_identity_cache,
505                                             uc->uc_fsuid);
506                 if (IS_ERR(identity)) {
507                         if (unlikely(PTR_ERR(identity) == -EREMCHG)) {
508                                 identity = NULL;
509                         } else {
510                                 CDEBUG(D_SEC, "Deny access without identity: "
511                                        "uid %u\n", uc->uc_fsuid);
512                                 RETURN(-EACCES);
513                         }
514                 }
515         }
516         uc->uc_identity = identity;
517
518         mdt_squash_nodemap_id(uc, nodemap);
519
520         /* process root_squash here. */
521         mdt_root_squash(info, mdt_info_req(info)->rq_peer.nid);
522
523         /* remove fs privilege for non-root user. */
524         if (uc->uc_fsuid)
525                 uc->uc_cap = body->mbo_capability & ~CFS_CAP_FS_MASK;
526         else
527                 uc->uc_cap = body->mbo_capability;
528         uc->uc_valid = UCRED_OLD;
529         ucred_set_jobid(info, uc);
530
531         RETURN(0);
532 }
533
534 static int old_init_ucred_reint(struct mdt_thread_info *info)
535 {
536         struct lu_ucred         *uc = mdt_ucred(info);
537         struct mdt_device       *mdt = info->mti_mdt;
538         struct md_identity      *identity = NULL;
539         struct lu_nodemap       *nodemap =
540                 info->mti_exp->exp_target_data.ted_nodemap;
541         ENTRY;
542
543         LASSERT(uc != NULL);
544
545         uc->uc_fsuid = nodemap_map_id(nodemap, NODEMAP_UID,
546                                       NODEMAP_CLIENT_TO_FS, uc->uc_fsuid);
547         uc->uc_fsgid = nodemap_map_id(nodemap, NODEMAP_GID,
548                                       NODEMAP_CLIENT_TO_FS, uc->uc_fsgid);
549
550         uc->uc_valid = UCRED_INVALID;
551         uc->uc_o_uid = uc->uc_o_fsuid = uc->uc_uid = uc->uc_fsuid;
552         uc->uc_o_gid = uc->uc_o_fsgid = uc->uc_gid = uc->uc_fsgid;
553         uc->uc_ginfo = NULL;
554
555         if (!is_identity_get_disabled(mdt->mdt_identity_cache)) {
556                 identity = mdt_identity_get(mdt->mdt_identity_cache,
557                                             uc->uc_fsuid);
558                 if (IS_ERR(identity)) {
559                         if (unlikely(PTR_ERR(identity) == -EREMCHG)) {
560                                 identity = NULL;
561                         } else {
562                                 CDEBUG(D_SEC, "Deny access without identity: "
563                                        "uid %u\n", uc->uc_fsuid);
564                                 RETURN(-EACCES);
565                         }
566                 }
567         }
568         uc->uc_identity = identity;
569
570         /* process root_squash here. */
571         mdt_root_squash(info, mdt_info_req(info)->rq_peer.nid);
572
573         /* remove fs privilege for non-root user. */
574         if (uc->uc_fsuid)
575                 uc->uc_cap &= ~CFS_CAP_FS_MASK;
576         uc->uc_valid = UCRED_OLD;
577         ucred_set_jobid(info, uc);
578
579         RETURN(0);
580 }
581
582 int mdt_init_ucred(struct mdt_thread_info *info, struct mdt_body *body)
583 {
584         struct ptlrpc_request *req = mdt_info_req(info);
585         struct lu_ucred       *uc  = mdt_ucred(info);
586
587         LASSERT(uc != NULL);
588         if ((uc->uc_valid == UCRED_OLD) || (uc->uc_valid == UCRED_NEW))
589                 return 0;
590
591         mdt_exit_ucred(info);
592
593         if (!req->rq_auth_gss || req->rq_auth_usr_mdt || !req->rq_user_desc)
594                 return old_init_ucred(info, body);
595         else
596                 return new_init_ucred(info, BODY_INIT, body);
597 }
598
599 int mdt_init_ucred_reint(struct mdt_thread_info *info)
600 {
601         struct ptlrpc_request *req = mdt_info_req(info);
602         struct lu_ucred       *uc  = mdt_ucred(info);
603
604         LASSERT(uc != NULL);
605         if ((uc->uc_valid == UCRED_OLD) || (uc->uc_valid == UCRED_NEW))
606                 return 0;
607
608         mdt_exit_ucred(info);
609
610         if (!req->rq_auth_gss || req->rq_auth_usr_mdt || !req->rq_user_desc)
611                 return old_init_ucred_reint(info);
612         else
613                 return new_init_ucred(info, REC_INIT, NULL);
614 }
615
616 /* copied from lov/lov_ea.c, just for debugging, will be removed later */
617 void mdt_dump_lmm(int level, const struct lov_mds_md *lmm, __u64 valid)
618 {
619         const struct lov_ost_data_v1    *lod;
620         int                              i;
621         __u16                            count;
622
623         if (likely(!cfs_cdebug_show(level, DEBUG_SUBSYSTEM)))
624                 return;
625
626         count = le16_to_cpu(((struct lov_user_md *)lmm)->lmm_stripe_count);
627
628         CDEBUG(level, "objid "DOSTID", magic 0x%08X, pattern %#X\n",
629                POSTID(&lmm->lmm_oi), le32_to_cpu(lmm->lmm_magic),
630                le32_to_cpu(lmm->lmm_pattern));
631         CDEBUG(level, "stripe_size=0x%x, stripe_count=0x%x\n",
632                le32_to_cpu(lmm->lmm_stripe_size), count);
633
634         /* If it's a directory or a released file, then there are
635          * no actual objects to print, so bail out. */
636         if (valid & OBD_MD_FLDIREA ||
637             le32_to_cpu(lmm->lmm_pattern) & LOV_PATTERN_F_RELEASED)
638                 return;
639
640         LASSERT(count <= LOV_MAX_STRIPE_COUNT);
641         for (i = 0, lod = lmm->lmm_objects; i < count; i++, lod++) {
642                 struct ost_id oi;
643
644                 ostid_le_to_cpu(&lod->l_ost_oi, &oi);
645                 CDEBUG(level, "stripe %u idx %u subobj "DOSTID"\n",
646                        i, le32_to_cpu(lod->l_ost_idx), POSTID(&oi));
647         }
648 }
649
650 void mdt_dump_lmv(unsigned int level, const union lmv_mds_md *lmv)
651 {
652         const struct lmv_mds_md_v1 *lmm1;
653         int                        i;
654
655         if (likely(!cfs_cdebug_show(level, DEBUG_SUBSYSTEM)))
656                 return;
657
658         lmm1 = &lmv->lmv_md_v1;
659         CDEBUG(level, "magic 0x%08X, master %#X stripe_count %#x\n",
660                le32_to_cpu(lmm1->lmv_magic),
661                le32_to_cpu(lmm1->lmv_master_mdt_index),
662                le32_to_cpu(lmm1->lmv_stripe_count));
663
664         if (le32_to_cpu(lmm1->lmv_magic) == LMV_MAGIC_STRIPE)
665                 return;
666
667         for (i = 0; i < le32_to_cpu(lmm1->lmv_stripe_count); i++) {
668                 struct lu_fid fid;
669
670                 fid_le_to_cpu(&fid, &lmm1->lmv_stripe_fids[i]);
671                 CDEBUG(level, "idx %u subobj "DFID"\n", i, PFID(&fid));
672         }
673 }
674
675 /* Shrink and/or grow reply buffers */
676 int mdt_fix_reply(struct mdt_thread_info *info)
677 {
678         struct req_capsule *pill = info->mti_pill;
679         struct mdt_body    *body;
680         int                md_size, md_packed = 0;
681         int                acl_size;
682         int                rc = 0;
683         ENTRY;
684
685         body = req_capsule_server_get(pill, &RMF_MDT_BODY);
686         LASSERT(body != NULL);
687
688         if (body->mbo_valid & (OBD_MD_FLDIREA | OBD_MD_FLEASIZE |
689                                OBD_MD_LINKNAME))
690                 md_size = body->mbo_eadatasize;
691         else
692                 md_size = 0;
693
694         acl_size = body->mbo_aclsize;
695
696         /* this replay - not send info to client */
697         if (info->mti_spec.no_create) {
698                 md_size = 0;
699                 acl_size = 0;
700         }
701
702         CDEBUG(D_INFO, "Shrink to md_size = %d cookie/acl_size = %d"
703                " MDSCAPA = %llx, OSSCAPA = %llx\n",
704                md_size, acl_size,
705                (unsigned long long)(body->mbo_valid & OBD_MD_FLMDSCAPA),
706                (unsigned long long)(body->mbo_valid & OBD_MD_FLOSSCAPA));
707 /*
708             &RMF_MDT_BODY,
709             &RMF_MDT_MD,
710             &RMF_ACL, or &RMF_LOGCOOKIES
711 (optional)  &RMF_CAPA1,
712 (optional)  &RMF_CAPA2,
713 (optional)  something else
714 */
715
716         /* MDT_MD buffer may be bigger than packed value, let's shrink all
717          * buffers before growing it */
718         if (info->mti_big_lmm_used) {
719                 /* big_lmm buffer may be used even without packing the result
720                  * into reply, just for internal server needs */
721                 if (req_capsule_has_field(pill, &RMF_MDT_MD, RCL_SERVER))
722                         md_packed = req_capsule_get_size(pill, &RMF_MDT_MD,
723                                                          RCL_SERVER);
724
725                 /* free big lmm if md_size is not needed */
726                 if (md_size == 0 || md_packed == 0) {
727                         info->mti_big_lmm_used = 0;
728                 } else {
729                         /* buffer must be allocated separately */
730                         LASSERT(info->mti_attr.ma_lmm !=
731                                 req_capsule_server_get(pill, &RMF_MDT_MD));
732                         req_capsule_shrink(pill, &RMF_MDT_MD, 0, RCL_SERVER);
733                 }
734         } else if (req_capsule_has_field(pill, &RMF_MDT_MD, RCL_SERVER)) {
735                 req_capsule_shrink(pill, &RMF_MDT_MD, md_size, RCL_SERVER);
736         }
737
738         if (req_capsule_has_field(pill, &RMF_ACL, RCL_SERVER))
739                 req_capsule_shrink(pill, &RMF_ACL, acl_size, RCL_SERVER);
740         else if (req_capsule_has_field(pill, &RMF_LOGCOOKIES, RCL_SERVER))
741                 req_capsule_shrink(pill, &RMF_LOGCOOKIES,
742                                    acl_size, RCL_SERVER);
743
744         if (req_capsule_has_field(pill, &RMF_CAPA1, RCL_SERVER) &&
745             !(body->mbo_valid & OBD_MD_FLMDSCAPA))
746                 req_capsule_shrink(pill, &RMF_CAPA1, 0, RCL_SERVER);
747
748         if (req_capsule_has_field(pill, &RMF_CAPA2, RCL_SERVER) &&
749             !(body->mbo_valid & OBD_MD_FLOSSCAPA))
750                 req_capsule_shrink(pill, &RMF_CAPA2, 0, RCL_SERVER);
751
752         /*
753          * Some more field should be shrinked if needed.
754          * This should be done by those who added fields to reply message.
755          */
756
757         /* Grow MD buffer if needed finally */
758         if (info->mti_big_lmm_used) {
759                 void *lmm;
760
761                 LASSERT(md_size > md_packed);
762                 CDEBUG(D_INFO, "Enlarge reply buffer, need extra %d bytes\n",
763                        md_size - md_packed);
764                 rc = req_capsule_server_grow(pill, &RMF_MDT_MD, md_size);
765                 if (rc) {
766                         /* we can't answer with proper LOV EA, drop flags,
767                          * the rc is also returned so this request is
768                          * considered as failed */
769                         body->mbo_valid &= ~(OBD_MD_FLDIREA | OBD_MD_FLEASIZE);
770                         /* don't return transno along with error */
771                         lustre_msg_set_transno(pill->rc_req->rq_repmsg, 0);
772                 } else {
773                         /* now we need to pack right LOV/LMV EA */
774                         lmm = req_capsule_server_get(pill, &RMF_MDT_MD);
775                         if (info->mti_attr.ma_valid & MA_LOV) {
776                                 LASSERT(req_capsule_get_size(pill, &RMF_MDT_MD,
777                                                              RCL_SERVER) ==
778                                                 info->mti_attr.ma_lmm_size);
779                                 memcpy(lmm, info->mti_attr.ma_lmm,
780                                        info->mti_attr.ma_lmm_size);
781                         } else if (info->mti_attr.ma_valid & MA_LMV) {
782                                 LASSERT(req_capsule_get_size(pill, &RMF_MDT_MD,
783                                                              RCL_SERVER) ==
784                                                 info->mti_attr.ma_lmv_size);
785                                 memcpy(lmm, info->mti_attr.ma_lmv,
786                                        info->mti_attr.ma_lmv_size);
787                         }
788                 }
789                 /* update mdt_max_mdsize so clients will be aware about that */
790                 if (info->mti_mdt->mdt_max_mdsize < info->mti_attr.ma_lmm_size)
791                         info->mti_mdt->mdt_max_mdsize =
792                                                     info->mti_attr.ma_lmm_size;
793                 info->mti_big_lmm_used = 0;
794         }
795         RETURN(rc);
796 }
797
798
799 /* if object is dying, pack the lov/llog data,
800  * parameter info->mti_attr should be valid at this point! */
801 int mdt_handle_last_unlink(struct mdt_thread_info *info, struct mdt_object *mo,
802                            const struct md_attr *ma)
803 {
804         struct mdt_body       *repbody;
805         const struct lu_attr *la = &ma->ma_attr;
806         int rc;
807         ENTRY;
808
809         repbody = req_capsule_server_get(info->mti_pill, &RMF_MDT_BODY);
810         LASSERT(repbody != NULL);
811
812         if (ma->ma_valid & MA_INODE)
813                 mdt_pack_attr2body(info, repbody, la, mdt_object_fid(mo));
814
815         if (ma->ma_valid & MA_LOV) {
816                 CERROR("No need in LOV EA upon unlink\n");
817                 dump_stack();
818         }
819         repbody->mbo_eadatasize = 0;
820
821         if (info->mti_mdt->mdt_lut.lut_oss_capa &&
822             exp_connect_flags(info->mti_exp) & OBD_CONNECT_OSS_CAPA &&
823             repbody->mbo_valid & OBD_MD_FLEASIZE) {
824                 struct lustre_capa *capa;
825
826                 capa = req_capsule_server_get(info->mti_pill, &RMF_CAPA2);
827                 LASSERT(capa);
828                 capa->lc_opc = CAPA_OPC_OSS_DESTROY;
829                 rc = mo_capa_get(info->mti_env, mdt_object_child(mo), capa, 0);
830                 if (rc)
831                         RETURN(rc);
832
833                 repbody->mbo_valid |= OBD_MD_FLOSSCAPA;
834         }
835
836         RETURN(0);
837 }
838
839 static __u64 mdt_attr_valid_xlate(__u64 in, struct mdt_reint_record *rr,
840                                   struct md_attr *ma)
841 {
842         __u64 out;
843
844         out = 0;
845         if (in & MDS_ATTR_MODE)
846                 out |= LA_MODE;
847         if (in & MDS_ATTR_UID)
848                 out |= LA_UID;
849         if (in & MDS_ATTR_GID)
850                 out |= LA_GID;
851         if (in & MDS_ATTR_SIZE)
852                 out |= LA_SIZE;
853         if (in & MDS_ATTR_BLOCKS)
854                 out |= LA_BLOCKS;
855         if (in & MDS_ATTR_ATIME_SET)
856                 out |= LA_ATIME;
857         if (in & MDS_ATTR_CTIME_SET)
858                 out |= LA_CTIME;
859         if (in & MDS_ATTR_MTIME_SET)
860                 out |= LA_MTIME;
861         if (in & MDS_ATTR_ATTR_FLAG)
862                 out |= LA_FLAGS;
863         if (in & MDS_ATTR_KILL_SUID)
864                 out |= LA_KILL_SUID;
865         if (in & MDS_ATTR_KILL_SGID)
866                 out |= LA_KILL_SGID;
867
868         if (in & MDS_ATTR_FROM_OPEN)
869                 rr->rr_flags |= MRF_OPEN_TRUNC;
870         if (in & MDS_OPEN_OWNEROVERRIDE)
871                 ma->ma_attr_flags |= MDS_OWNEROVERRIDE;
872         if (in & MDS_ATTR_FORCE)
873                 ma->ma_attr_flags |= MDS_PERM_BYPASS;
874
875         in &= ~(MDS_ATTR_MODE | MDS_ATTR_UID | MDS_ATTR_GID |
876                 MDS_ATTR_ATIME | MDS_ATTR_MTIME | MDS_ATTR_CTIME |
877                 MDS_ATTR_ATIME_SET | MDS_ATTR_CTIME_SET | MDS_ATTR_MTIME_SET |
878                 MDS_ATTR_SIZE | MDS_ATTR_BLOCKS | MDS_ATTR_ATTR_FLAG |
879                 MDS_ATTR_FORCE | MDS_ATTR_KILL_SUID | MDS_ATTR_KILL_SGID |
880                 MDS_ATTR_FROM_OPEN | MDS_OPEN_OWNEROVERRIDE);
881         if (in != 0)
882                 CERROR("Unknown attr bits: "LPX64"\n", in);
883         return out;
884 }
885
886 void mdt_set_capainfo(struct mdt_thread_info *info, int offset,
887                       const struct lu_fid *fid, struct lustre_capa *capa)
888 {
889         struct lu_capainfo *lci;
890
891         LASSERT(offset >= 0 && offset < LU_CAPAINFO_MAX);
892         if (!info->mti_mdt->mdt_lut.lut_mds_capa ||
893             !(exp_connect_flags(info->mti_exp) & OBD_CONNECT_MDS_CAPA))
894                 return;
895
896         lci = lu_capainfo_get(info->mti_env);
897         LASSERT(lci);
898         lci->lci_fid[offset]  = *fid;
899         lci->lci_capa[offset] = capa;
900 }
901
902 #ifdef DEBUG_CAPA
903 void mdt_dump_capainfo(struct mdt_thread_info *info)
904 {
905         struct lu_capainfo *lci = lu_capainfo_get(info->mti_env);
906         int i;
907
908         if (lci == NULL)
909                 return;
910
911         for (i = 0; i < LU_CAPAINFO_MAX; i++) {
912                 if (lci->lci_capa[i] == NULL) {
913                         CERROR("no capa for index %d "DFID"\n",
914                                i, PFID(&lci->lci_fid[i]));
915                         continue;
916                 }
917                 if (lci->lci_capa[i] == BYPASS_CAPA) {
918                         CERROR("bypass for index %d "DFID"\n",
919                                i, PFID(&lci->lci_fid[i]));
920                         continue;
921                 }
922                 DEBUG_CAPA(D_ERROR, lci->lci_capa[i], "index %d", i);
923         }
924 }
925 #endif /* DEBUG_CAPA */
926
927 /* unpacking */
928
929 int mdt_name_unpack(struct req_capsule *pill,
930                     const struct req_msg_field *field,
931                     struct lu_name *ln,
932                     enum mdt_name_flags flags)
933 {
934         ln->ln_name = req_capsule_client_get(pill, field);
935         ln->ln_namelen = req_capsule_get_size(pill, field, RCL_CLIENT) - 1;
936
937         if (!lu_name_is_valid(ln)) {
938                 ln->ln_name = NULL;
939                 ln->ln_namelen = 0;
940
941                 return -EPROTO;
942         }
943
944         if ((flags & MNF_FIX_ANON) &&
945             ln->ln_namelen == 1 && ln->ln_name[0] == '/') {
946                 /* Newer (3.x) kernels use a name of "/" for the
947                  * "anonymous" disconnected dentries from NFS
948                  * filehandle conversion. See d_obtain_alias(). */
949                 ln->ln_name = NULL;
950                 ln->ln_namelen = 0;
951         }
952
953         return 0;
954 }
955
956 static int mdt_setattr_unpack_rec(struct mdt_thread_info *info)
957 {
958         struct lu_ucred         *uc = mdt_ucred(info);
959         struct md_attr          *ma = &info->mti_attr;
960         struct lu_attr          *la = &ma->ma_attr;
961         struct req_capsule      *pill = info->mti_pill;
962         struct mdt_reint_record *rr = &info->mti_rr;
963         struct mdt_rec_setattr  *rec;
964         struct lu_nodemap       *nodemap =
965                 info->mti_exp->exp_target_data.ted_nodemap;
966         ENTRY;
967
968         CLASSERT(sizeof(struct mdt_rec_setattr)== sizeof(struct mdt_rec_reint));
969         rec = req_capsule_client_get(pill, &RMF_REC_REINT);
970         if (rec == NULL)
971                 RETURN(-EFAULT);
972
973         /* This prior initialization is needed for old_init_ucred_reint() */
974         uc->uc_fsuid = rec->sa_fsuid;
975         uc->uc_fsgid = rec->sa_fsgid;
976         uc->uc_cap   = rec->sa_cap;
977         uc->uc_suppgids[0] = rec->sa_suppgid;
978         uc->uc_suppgids[1] = -1;
979
980         rr->rr_fid1 = &rec->sa_fid;
981         la->la_valid = mdt_attr_valid_xlate(rec->sa_valid, rr, ma);
982         /*  If MDS_ATTR_xTIME is set without MDS_ATTR_xTIME_SET and
983          *  the client does not have OBD_CONNECT_FULL20, convert it
984          *  to LA_xTIME. LU-3036 */
985         if (!(exp_connect_flags(info->mti_exp) & OBD_CONNECT_FULL20)) {
986                 if (!(rec->sa_valid & MDS_ATTR_ATIME_SET) &&
987                      (rec->sa_valid & MDS_ATTR_ATIME))
988                         la->la_valid |= LA_ATIME;
989                 if (!(rec->sa_valid & MDS_ATTR_MTIME_SET) &&
990                      (rec->sa_valid & MDS_ATTR_MTIME))
991                         la->la_valid |= LA_MTIME;
992                 if (!(rec->sa_valid & MDS_ATTR_CTIME_SET) &&
993                      (rec->sa_valid & MDS_ATTR_CTIME))
994                         la->la_valid |= LA_CTIME;
995         }
996         la->la_mode  = rec->sa_mode;
997         la->la_flags = rec->sa_attr_flags;
998         la->la_uid   = nodemap_map_id(nodemap, NODEMAP_UID,
999                                       NODEMAP_CLIENT_TO_FS, rec->sa_uid);
1000         la->la_gid   = nodemap_map_id(nodemap, NODEMAP_GID,
1001                                       NODEMAP_CLIENT_TO_FS, rec->sa_gid);
1002         la->la_size  = rec->sa_size;
1003         la->la_blocks = rec->sa_blocks;
1004         la->la_ctime = rec->sa_ctime;
1005         la->la_atime = rec->sa_atime;
1006         la->la_mtime = rec->sa_mtime;
1007         ma->ma_valid = MA_INODE;
1008
1009         if (rec->sa_bias & MDS_DATA_MODIFIED)
1010                 ma->ma_attr_flags |= MDS_DATA_MODIFIED;
1011         else
1012                 ma->ma_attr_flags &= ~MDS_DATA_MODIFIED;
1013
1014         if (rec->sa_bias & MDS_HSM_RELEASE)
1015                 ma->ma_attr_flags |= MDS_HSM_RELEASE;
1016         else
1017                 ma->ma_attr_flags &= ~MDS_HSM_RELEASE;
1018
1019         if (req_capsule_get_size(pill, &RMF_CAPA1, RCL_CLIENT))
1020                 mdt_set_capainfo(info, 0, rr->rr_fid1,
1021                                  req_capsule_client_get(pill, &RMF_CAPA1));
1022
1023         RETURN(0);
1024 }
1025
1026 static int mdt_close_handle_unpack(struct mdt_thread_info *info)
1027 {
1028         struct req_capsule *pill = info->mti_pill;
1029         struct mdt_ioepoch *ioepoch;
1030         ENTRY;
1031
1032         if (req_capsule_get_size(pill, &RMF_MDT_EPOCH, RCL_CLIENT))
1033                 ioepoch = req_capsule_client_get(pill, &RMF_MDT_EPOCH);
1034         else
1035                 ioepoch = NULL;
1036
1037         if (ioepoch == NULL)
1038                 RETURN(-EPROTO);
1039
1040         info->mti_close_handle = ioepoch->handle;
1041
1042         RETURN(0);
1043 }
1044
1045 static inline int mdt_dlmreq_unpack(struct mdt_thread_info *info) {
1046         struct req_capsule      *pill = info->mti_pill;
1047
1048         if (req_capsule_get_size(pill, &RMF_DLM_REQ, RCL_CLIENT)) {
1049                 info->mti_dlm_req = req_capsule_client_get(pill, &RMF_DLM_REQ);
1050                 if (info->mti_dlm_req == NULL)
1051                         RETURN(-EFAULT);
1052         }
1053
1054         RETURN(0);
1055 }
1056
1057 static int mdt_setattr_unpack(struct mdt_thread_info *info)
1058 {
1059         struct mdt_reint_record *rr = &info->mti_rr;
1060         struct md_attr          *ma = &info->mti_attr;
1061         struct req_capsule      *pill = info->mti_pill;
1062         int rc;
1063         ENTRY;
1064
1065         rc = mdt_setattr_unpack_rec(info);
1066         if (rc)
1067                 RETURN(rc);
1068
1069         if (req_capsule_field_present(pill, &RMF_EADATA, RCL_CLIENT)) {
1070                 rr->rr_eadata = req_capsule_client_get(pill, &RMF_EADATA);
1071                 rr->rr_eadatalen = req_capsule_get_size(pill, &RMF_EADATA,
1072                                                         RCL_CLIENT);
1073                 if (rr->rr_eadatalen > 0) {
1074                         const struct lmv_user_md        *lum;
1075
1076                         lum = rr->rr_eadata;
1077                         /* Sigh ma_valid(from req) does not indicate whether
1078                          * it will set LOV/LMV EA, so we have to check magic */
1079                         if (le32_to_cpu(lum->lum_magic) == LMV_USER_MAGIC) {
1080                                 ma->ma_valid |= MA_LMV;
1081                                 ma->ma_lmv = (void *)rr->rr_eadata;
1082                                 ma->ma_lmv_size = rr->rr_eadatalen;
1083                         } else {
1084                                 ma->ma_valid |= MA_LOV;
1085                                 ma->ma_lmm = (void *)rr->rr_eadata;
1086                                 ma->ma_lmm_size = rr->rr_eadatalen;
1087                         }
1088                 }
1089         }
1090
1091         rc = mdt_dlmreq_unpack(info);
1092         RETURN(rc);
1093 }
1094
1095 static int mdt_hsm_release_unpack(struct mdt_thread_info *info)
1096 {
1097         struct md_attr          *ma = &info->mti_attr;
1098         struct req_capsule      *pill = info->mti_pill;
1099         ENTRY;
1100
1101         if (!(ma->ma_attr_flags & MDS_HSM_RELEASE))
1102                 RETURN(0);
1103
1104         req_capsule_extend(pill, &RQF_MDS_RELEASE_CLOSE);
1105
1106         if (!(req_capsule_has_field(pill, &RMF_CLOSE_DATA, RCL_CLIENT) &&
1107             req_capsule_field_present(pill, &RMF_CLOSE_DATA, RCL_CLIENT)))
1108                 RETURN(-EFAULT);
1109
1110         RETURN(0);
1111 }
1112
1113 int mdt_close_unpack(struct mdt_thread_info *info)
1114 {
1115         int rc;
1116         ENTRY;
1117
1118         rc = mdt_close_handle_unpack(info);
1119         if (rc)
1120                 RETURN(rc);
1121
1122         rc = mdt_setattr_unpack_rec(info);
1123         if (rc)
1124                 RETURN(rc);
1125
1126         rc = mdt_hsm_release_unpack(info);
1127         if (rc)
1128                 RETURN(rc);
1129
1130         RETURN(mdt_init_ucred_reint(info));
1131 }
1132
1133 static int mdt_create_unpack(struct mdt_thread_info *info)
1134 {
1135         struct lu_ucred         *uc  = mdt_ucred(info);
1136         struct mdt_rec_create   *rec;
1137         struct lu_attr          *attr = &info->mti_attr.ma_attr;
1138         struct mdt_reint_record *rr = &info->mti_rr;
1139         struct req_capsule      *pill = info->mti_pill;
1140         struct md_op_spec       *sp = &info->mti_spec;
1141         int rc;
1142         ENTRY;
1143
1144         CLASSERT(sizeof(struct mdt_rec_create) == sizeof(struct mdt_rec_reint));
1145         rec = req_capsule_client_get(pill, &RMF_REC_REINT);
1146         if (rec == NULL)
1147                 RETURN(-EFAULT);
1148
1149         /* This prior initialization is needed for old_init_ucred_reint() */
1150         uc->uc_fsuid = rec->cr_fsuid;
1151         uc->uc_fsgid = rec->cr_fsgid;
1152         uc->uc_cap   = rec->cr_cap;
1153         uc->uc_suppgids[0] = rec->cr_suppgid1;
1154         uc->uc_suppgids[1] = -1;
1155         uc->uc_umask = rec->cr_umask;
1156
1157         rr->rr_fid1 = &rec->cr_fid1;
1158         rr->rr_fid2 = &rec->cr_fid2;
1159         attr->la_mode = rec->cr_mode;
1160         attr->la_rdev  = rec->cr_rdev;
1161         attr->la_uid   = rec->cr_fsuid;
1162         attr->la_gid   = rec->cr_fsgid;
1163         attr->la_ctime = rec->cr_time;
1164         attr->la_mtime = rec->cr_time;
1165         attr->la_atime = rec->cr_time;
1166         attr->la_valid = LA_MODE | LA_RDEV | LA_UID | LA_GID | LA_TYPE |
1167                          LA_CTIME | LA_MTIME | LA_ATIME;
1168         memset(&sp->u, 0, sizeof(sp->u));
1169         sp->sp_cr_flags = get_mrc_cr_flags(rec);
1170
1171         if (req_capsule_get_size(pill, &RMF_CAPA1, RCL_CLIENT))
1172                 mdt_set_capainfo(info, 0, rr->rr_fid1,
1173                                  req_capsule_client_get(pill, &RMF_CAPA1));
1174         mdt_set_capainfo(info, 1, rr->rr_fid2, BYPASS_CAPA);
1175
1176         rc = mdt_name_unpack(pill, &RMF_NAME, &rr->rr_name, 0);
1177         if (rc < 0)
1178                 RETURN(rc);
1179
1180         if (S_ISLNK(attr->la_mode)) {
1181                 const char *tgt = NULL;
1182
1183                 req_capsule_extend(pill, &RQF_MDS_REINT_CREATE_SYM);
1184                 if (req_capsule_get_size(pill, &RMF_SYMTGT, RCL_CLIENT)) {
1185                         tgt = req_capsule_client_get(pill, &RMF_SYMTGT);
1186                         sp->u.sp_symname = tgt;
1187                 }
1188                 if (tgt == NULL)
1189                         RETURN(-EFAULT);
1190         } else {
1191                 req_capsule_extend(pill, &RQF_MDS_REINT_CREATE_RMT_ACL);
1192                 if (S_ISDIR(attr->la_mode) &&
1193                     req_capsule_get_size(pill, &RMF_EADATA, RCL_CLIENT) > 0) {
1194                         sp->u.sp_ea.eadata =
1195                                 req_capsule_client_get(pill, &RMF_EADATA);
1196                         sp->u.sp_ea.eadatalen =
1197                                 req_capsule_get_size(pill, &RMF_EADATA,
1198                                                      RCL_CLIENT);
1199                         sp->sp_cr_flags |= MDS_OPEN_HAS_EA;
1200                 }
1201         }
1202
1203         rc = mdt_dlmreq_unpack(info);
1204         RETURN(rc);
1205 }
1206
1207 static int mdt_link_unpack(struct mdt_thread_info *info)
1208 {
1209         struct lu_ucred         *uc  = mdt_ucred(info);
1210         struct mdt_rec_link     *rec;
1211         struct lu_attr          *attr = &info->mti_attr.ma_attr;
1212         struct mdt_reint_record *rr = &info->mti_rr;
1213         struct req_capsule      *pill = info->mti_pill;
1214         int rc;
1215         ENTRY;
1216
1217         CLASSERT(sizeof(struct mdt_rec_link) == sizeof(struct mdt_rec_reint));
1218         rec = req_capsule_client_get(pill, &RMF_REC_REINT);
1219         if (rec == NULL)
1220                 RETURN(-EFAULT);
1221
1222         /* This prior initialization is needed for old_init_ucred_reint() */
1223         uc->uc_fsuid = rec->lk_fsuid;
1224         uc->uc_fsgid = rec->lk_fsgid;
1225         uc->uc_cap   = rec->lk_cap;
1226         uc->uc_suppgids[0] = rec->lk_suppgid1;
1227         uc->uc_suppgids[1] = rec->lk_suppgid2;
1228
1229         attr->la_uid = rec->lk_fsuid;
1230         attr->la_gid = rec->lk_fsgid;
1231         rr->rr_fid1 = &rec->lk_fid1;
1232         rr->rr_fid2 = &rec->lk_fid2;
1233         attr->la_ctime = rec->lk_time;
1234         attr->la_mtime = rec->lk_time;
1235         attr->la_valid = LA_UID | LA_GID | LA_CTIME | LA_MTIME;
1236
1237         if (req_capsule_get_size(pill, &RMF_CAPA1, RCL_CLIENT))
1238                 mdt_set_capainfo(info, 0, rr->rr_fid1,
1239                                  req_capsule_client_get(pill, &RMF_CAPA1));
1240         if (req_capsule_get_size(pill, &RMF_CAPA2, RCL_CLIENT))
1241                 mdt_set_capainfo(info, 1, rr->rr_fid2,
1242                                  req_capsule_client_get(pill, &RMF_CAPA2));
1243
1244         rc = mdt_name_unpack(pill, &RMF_NAME, &rr->rr_name, 0);
1245         if (rc < 0)
1246                 RETURN(rc);
1247
1248         rc = mdt_dlmreq_unpack(info);
1249
1250         RETURN(rc);
1251 }
1252
1253 static int mdt_unlink_unpack(struct mdt_thread_info *info)
1254 {
1255         struct lu_ucred         *uc  = mdt_ucred(info);
1256         struct mdt_rec_unlink   *rec;
1257         struct md_attr          *ma = &info->mti_attr;
1258         struct lu_attr          *attr = &info->mti_attr.ma_attr;
1259         struct mdt_reint_record *rr = &info->mti_rr;
1260         struct req_capsule      *pill = info->mti_pill;
1261         int rc;
1262         ENTRY;
1263
1264         CLASSERT(sizeof(struct mdt_rec_unlink) == sizeof(struct mdt_rec_reint));
1265         rec = req_capsule_client_get(pill, &RMF_REC_REINT);
1266         if (rec == NULL)
1267                 RETURN(-EFAULT);
1268
1269         /* This prior initialization is needed for old_init_ucred_reint() */
1270         uc->uc_fsuid = rec->ul_fsuid;
1271         uc->uc_fsgid = rec->ul_fsgid;
1272         uc->uc_cap   = rec->ul_cap;
1273         uc->uc_suppgids[0] = rec->ul_suppgid1;
1274         uc->uc_suppgids[1] = -1;
1275
1276         attr->la_uid = rec->ul_fsuid;
1277         attr->la_gid = rec->ul_fsgid;
1278         rr->rr_fid1 = &rec->ul_fid1;
1279         rr->rr_fid2 = &rec->ul_fid2;
1280         attr->la_ctime = rec->ul_time;
1281         attr->la_mtime = rec->ul_time;
1282         attr->la_mode  = rec->ul_mode;
1283         attr->la_valid = LA_UID | LA_GID | LA_CTIME | LA_MTIME | LA_MODE;
1284
1285         if (req_capsule_get_size(pill, &RMF_CAPA1, RCL_CLIENT))
1286                 mdt_set_capainfo(info, 0, rr->rr_fid1,
1287                                  req_capsule_client_get(pill, &RMF_CAPA1));
1288
1289         rc = mdt_name_unpack(pill, &RMF_NAME, &rr->rr_name, 0);
1290         if (rc < 0)
1291                 RETURN(rc);
1292
1293         if (rec->ul_bias & MDS_VTX_BYPASS)
1294                 ma->ma_attr_flags |= MDS_VTX_BYPASS;
1295         else
1296                 ma->ma_attr_flags &= ~MDS_VTX_BYPASS;
1297
1298         info->mti_spec.no_create = !!req_is_replay(mdt_info_req(info));
1299
1300         rc = mdt_dlmreq_unpack(info);
1301         RETURN(rc);
1302 }
1303
1304 static int mdt_rmentry_unpack(struct mdt_thread_info *info)
1305 {
1306         info->mti_spec.sp_rm_entry = 1;
1307         return mdt_unlink_unpack(info);
1308 }
1309
1310 static int mdt_rename_unpack(struct mdt_thread_info *info)
1311 {
1312         struct lu_ucred         *uc = mdt_ucred(info);
1313         struct mdt_rec_rename   *rec;
1314         struct md_attr          *ma = &info->mti_attr;
1315         struct lu_attr          *attr = &info->mti_attr.ma_attr;
1316         struct mdt_reint_record *rr = &info->mti_rr;
1317         struct req_capsule      *pill = info->mti_pill;
1318         int rc;
1319         ENTRY;
1320
1321         CLASSERT(sizeof(struct mdt_rec_rename) == sizeof(struct mdt_rec_reint));
1322         rec = req_capsule_client_get(pill, &RMF_REC_REINT);
1323         if (rec == NULL)
1324                 RETURN(-EFAULT);
1325
1326         /* This prior initialization is needed for old_init_ucred_reint() */
1327         uc->uc_fsuid = rec->rn_fsuid;
1328         uc->uc_fsgid = rec->rn_fsgid;
1329         uc->uc_cap   = rec->rn_cap;
1330         uc->uc_suppgids[0] = rec->rn_suppgid1;
1331         uc->uc_suppgids[1] = rec->rn_suppgid2;
1332
1333         attr->la_uid = rec->rn_fsuid;
1334         attr->la_gid = rec->rn_fsgid;
1335         rr->rr_fid1 = &rec->rn_fid1;
1336         rr->rr_fid2 = &rec->rn_fid2;
1337         attr->la_ctime = rec->rn_time;
1338         attr->la_mtime = rec->rn_time;
1339         /* rename_tgt contains the mode already */
1340         attr->la_mode = rec->rn_mode;
1341         attr->la_valid = LA_UID | LA_GID | LA_CTIME | LA_MTIME | LA_MODE;
1342
1343         if (req_capsule_get_size(pill, &RMF_CAPA1, RCL_CLIENT))
1344                 mdt_set_capainfo(info, 0, rr->rr_fid1,
1345                                  req_capsule_client_get(pill, &RMF_CAPA1));
1346         if (req_capsule_get_size(pill, &RMF_CAPA2, RCL_CLIENT))
1347                 mdt_set_capainfo(info, 1, rr->rr_fid2,
1348                                  req_capsule_client_get(pill, &RMF_CAPA2));
1349
1350         rc = mdt_name_unpack(pill, &RMF_NAME, &rr->rr_name, 0);
1351         if (rc < 0)
1352                 RETURN(rc);
1353
1354         rc = mdt_name_unpack(pill, &RMF_SYMTGT, &rr->rr_tgt_name, 0);
1355         if (rc < 0)
1356                 RETURN(rc);
1357
1358         if (rec->rn_bias & MDS_VTX_BYPASS)
1359                 ma->ma_attr_flags |= MDS_VTX_BYPASS;
1360         else
1361                 ma->ma_attr_flags &= ~MDS_VTX_BYPASS;
1362
1363         info->mti_spec.no_create = !!req_is_replay(mdt_info_req(info));
1364
1365
1366         rc = mdt_dlmreq_unpack(info);
1367
1368         RETURN(rc);
1369 }
1370
1371 /*
1372  * please see comment above LOV_MAGIC_V1_DEF
1373  */
1374 static void mdt_fix_lov_magic(struct mdt_thread_info *info)
1375 {
1376         struct mdt_reint_record *rr = &info->mti_rr;
1377         struct lov_user_md_v1   *v1;
1378
1379         v1 = (void *)rr->rr_eadata;
1380         LASSERT(v1);
1381
1382         if (unlikely(req_is_replay(mdt_info_req(info)))) {
1383                 if (v1->lmm_magic == LOV_USER_MAGIC_V1) {
1384                         v1->lmm_magic = LOV_MAGIC_V1_DEF;
1385                 } else if (v1->lmm_magic == __swab32(LOV_USER_MAGIC_V1)) {
1386                         v1->lmm_magic = __swab32(LOV_MAGIC_V1_DEF);
1387                 } else if (v1->lmm_magic == LOV_USER_MAGIC_V3) {
1388                         v1->lmm_magic = LOV_MAGIC_V3_DEF;
1389                 } else if (v1->lmm_magic == __swab32(LOV_USER_MAGIC_V3)) {
1390                         v1->lmm_magic = __swab32(LOV_MAGIC_V3_DEF);
1391                 }
1392         }
1393 }
1394
1395 static int mdt_open_unpack(struct mdt_thread_info *info)
1396 {
1397         struct lu_ucred         *uc = mdt_ucred(info);
1398         struct mdt_rec_create   *rec;
1399         struct lu_attr          *attr = &info->mti_attr.ma_attr;
1400         struct req_capsule      *pill = info->mti_pill;
1401         struct mdt_reint_record *rr   = &info->mti_rr;
1402         struct ptlrpc_request   *req  = mdt_info_req(info);
1403         struct md_op_spec       *sp   = &info->mti_spec;
1404         ENTRY;
1405
1406         CLASSERT(sizeof(struct mdt_rec_create) == sizeof(struct mdt_rec_reint));
1407         rec = req_capsule_client_get(pill, &RMF_REC_REINT);
1408         if (rec == NULL)
1409                 RETURN(-EFAULT);
1410
1411         /* This prior initialization is needed for old_init_ucred_reint() */
1412         uc->uc_fsuid = rec->cr_fsuid;
1413         uc->uc_fsgid = rec->cr_fsgid;
1414         uc->uc_cap   = rec->cr_cap;
1415         uc->uc_suppgids[0] = rec->cr_suppgid1;
1416         uc->uc_suppgids[1] = rec->cr_suppgid2;
1417         uc->uc_umask = rec->cr_umask;
1418
1419         rr->rr_fid1   = &rec->cr_fid1;
1420         rr->rr_fid2   = &rec->cr_fid2;
1421         rr->rr_handle = &rec->cr_old_handle;
1422         attr->la_mode = rec->cr_mode;
1423         attr->la_rdev  = rec->cr_rdev;
1424         attr->la_uid   = rec->cr_fsuid;
1425         attr->la_gid   = rec->cr_fsgid;
1426         attr->la_ctime = rec->cr_time;
1427         attr->la_mtime = rec->cr_time;
1428         attr->la_atime = rec->cr_time;
1429         attr->la_valid = LA_MODE  | LA_RDEV  | LA_UID   | LA_GID |
1430                          LA_CTIME | LA_MTIME | LA_ATIME;
1431         memset(&info->mti_spec.u, 0, sizeof(info->mti_spec.u));
1432         info->mti_spec.sp_cr_flags = get_mrc_cr_flags(rec);
1433         /* Do not trigger ASSERTION if client miss to set such flags. */
1434         if (unlikely(info->mti_spec.sp_cr_flags == 0))
1435                 RETURN(-EPROTO);
1436
1437         info->mti_cross_ref = !!(rec->cr_bias & MDS_CROSS_REF);
1438
1439         if (req_capsule_get_size(pill, &RMF_CAPA1, RCL_CLIENT))
1440                 mdt_set_capainfo(info, 0, rr->rr_fid1,
1441                                  req_capsule_client_get(pill, &RMF_CAPA1));
1442         if (req_is_replay(req) &&
1443             req_capsule_get_size(pill, &RMF_CAPA2, RCL_CLIENT)) {
1444 #if 0
1445                 mdt_set_capainfo(info, 1, rr->rr_fid2,
1446                                  req_capsule_client_get(pill, &RMF_CAPA2));
1447 #else
1448                 /*
1449                  * FIXME: capa in replay open request might have expired,
1450                  * bypass capa check. Security hole?
1451                  */
1452                 mdt_set_capainfo(info, 0, rr->rr_fid1, BYPASS_CAPA);
1453                 mdt_set_capainfo(info, 1, rr->rr_fid2, BYPASS_CAPA);
1454 #endif
1455         }
1456
1457         mdt_name_unpack(pill, &RMF_NAME, &rr->rr_name, MNF_FIX_ANON);
1458
1459         if (req_capsule_field_present(pill, &RMF_EADATA, RCL_CLIENT)) {
1460                 rr->rr_eadatalen = req_capsule_get_size(pill, &RMF_EADATA,
1461                                                         RCL_CLIENT);
1462                 if (rr->rr_eadatalen > 0) {
1463                         rr->rr_eadata = req_capsule_client_get(pill,
1464                                                                &RMF_EADATA);
1465                         sp->u.sp_ea.eadatalen = rr->rr_eadatalen;
1466                         sp->u.sp_ea.eadata = rr->rr_eadata;
1467                         sp->no_create = !!req_is_replay(req);
1468                         mdt_fix_lov_magic(info);
1469                 }
1470
1471                 /*
1472                  * Client default md_size may be 0 right after client start,
1473                  * until all osc are connected, set here just some reasonable
1474                  * value to prevent misbehavior.
1475                  */
1476                 if (rr->rr_eadatalen == 0 &&
1477                     !(info->mti_spec.sp_cr_flags & MDS_OPEN_DELAY_CREATE))
1478                         rr->rr_eadatalen = MIN_MD_SIZE;
1479         }
1480
1481         RETURN(0);
1482 }
1483
1484 static int mdt_setxattr_unpack(struct mdt_thread_info *info)
1485 {
1486         struct mdt_reint_record *rr     = &info->mti_rr;
1487         struct lu_ucred         *uc     = mdt_ucred(info);
1488         struct lu_attr          *attr   = &info->mti_attr.ma_attr;
1489         struct req_capsule      *pill   = info->mti_pill;
1490         struct mdt_rec_setxattr *rec;
1491         int                      rc;
1492         ENTRY;
1493
1494
1495         CLASSERT(sizeof(struct mdt_rec_setxattr) ==
1496                          sizeof(struct mdt_rec_reint));
1497
1498         rec = req_capsule_client_get(pill, &RMF_REC_REINT);
1499         if (rec == NULL)
1500                 RETURN(-EFAULT);
1501
1502         /* This prior initialization is needed for old_init_ucred_reint() */
1503         uc->uc_fsuid  = rec->sx_fsuid;
1504         uc->uc_fsgid  = rec->sx_fsgid;
1505         uc->uc_cap    = rec->sx_cap;
1506         uc->uc_suppgids[0] = rec->sx_suppgid1;
1507         uc->uc_suppgids[1] = -1;
1508
1509         rr->rr_opcode = rec->sx_opcode;
1510         rr->rr_fid1   = &rec->sx_fid;
1511         attr->la_valid = rec->sx_valid;
1512         attr->la_ctime = rec->sx_time;
1513         attr->la_size = rec->sx_size;
1514         attr->la_flags = rec->sx_flags;
1515
1516         if (req_capsule_get_size(pill, &RMF_CAPA1, RCL_CLIENT))
1517                 mdt_set_capainfo(info, 0, rr->rr_fid1,
1518                                  req_capsule_client_get(pill, &RMF_CAPA1));
1519         else
1520                 mdt_set_capainfo(info, 0, rr->rr_fid1, BYPASS_CAPA);
1521
1522         rc = mdt_name_unpack(pill, &RMF_NAME, &rr->rr_name, 0);
1523         if (rc < 0)
1524                 RETURN(rc);
1525
1526         if (req_capsule_field_present(pill, &RMF_EADATA, RCL_CLIENT)) {
1527                 rr->rr_eadatalen = req_capsule_get_size(pill, &RMF_EADATA,
1528                                                         RCL_CLIENT);
1529                 if (rr->rr_eadatalen > 0) {
1530                         rr->rr_eadata = req_capsule_client_get(pill,
1531                                                                &RMF_EADATA);
1532                         if (rr->rr_eadata == NULL)
1533                                 RETURN(-EFAULT);
1534                 } else {
1535                         rr->rr_eadata = NULL;
1536                 }
1537         } else if (!(attr->la_valid & OBD_MD_FLXATTRRM)) {
1538                 CDEBUG(D_INFO, "no xattr data supplied\n");
1539                 RETURN(-EFAULT);
1540         }
1541
1542         if (mdt_dlmreq_unpack(info) < 0)
1543                 RETURN(-EPROTO);
1544
1545         RETURN(0);
1546 }
1547
1548
1549 typedef int (*reint_unpacker)(struct mdt_thread_info *info);
1550
1551 static reint_unpacker mdt_reint_unpackers[REINT_MAX] = {
1552         [REINT_SETATTR]  = mdt_setattr_unpack,
1553         [REINT_CREATE]   = mdt_create_unpack,
1554         [REINT_LINK]     = mdt_link_unpack,
1555         [REINT_UNLINK]   = mdt_unlink_unpack,
1556         [REINT_RENAME]   = mdt_rename_unpack,
1557         [REINT_OPEN]     = mdt_open_unpack,
1558         [REINT_SETXATTR] = mdt_setxattr_unpack,
1559         [REINT_RMENTRY]  = mdt_rmentry_unpack,
1560         [REINT_MIGRATE]  = mdt_rename_unpack,
1561 };
1562
1563 int mdt_reint_unpack(struct mdt_thread_info *info, __u32 op)
1564 {
1565         int rc;
1566         ENTRY;
1567
1568         memset(&info->mti_rr, 0, sizeof(info->mti_rr));
1569         if (op < REINT_MAX && mdt_reint_unpackers[op] != NULL) {
1570                 info->mti_rr.rr_opcode = op;
1571                 rc = mdt_reint_unpackers[op](info);
1572         } else {
1573                 CERROR("Unexpected opcode %d\n", op);
1574                 rc = -EFAULT;
1575         }
1576         RETURN(rc);
1577 }