1 /* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
2 * vim:expandtab:shiftwidth=8:tabstop=8:
4 * Copyright (C) 2005 Cluster File Systems, Inc.
6 * Author: Lai Siyao <lsy@clusterfs.com>
8 * This file is part of Lustre, http://www.lustre.org.
10 * Lustre is free software; you can redistribute it and/or
11 * modify it under the terms of version 2 of the GNU General Public
12 * License as published by the Free Software Foundation.
14 * Lustre is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with Lustre; if not, write to the Free Software
21 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #define DEBUG_SUBSYSTEM S_FILTER
27 #include <linux/version.h>
28 #include <asm/uaccess.h>
29 #include <linux/file.h>
30 #include <linux/kmod.h>
32 #include <lustre_fsfilt.h>
33 #include <lustre_capa.h>
35 #include "filter_internal.h"
39 * keep this as simple as possible. we suppose the blacklist usually
40 * be empry or very short (<5), since long term blacklist should be
41 * done on MDS side. A more sophisticated blacklist will be implemented
44 * note blacklist didn't take effect when OSS capability disabled. this
45 * looks reasonable to me.
47 #define BLACKLIST_MAX (32)
48 static int nblacklist = 0;
49 static uid_t blacklist[BLACKLIST_MAX];
50 static spinlock_t blacklist_lock = SPIN_LOCK_UNLOCKED;
52 int blacklist_display(char *buf, int bufsize)
59 spin_lock(&blacklist_lock);
60 for (i = 0; i < nblacklist; i++) {
61 snprintf(one, 16, "%u\n", blacklist[i]);
62 strncat(buf, one, bufsize);
64 spin_unlock(&blacklist_lock);
65 return strnlen(buf, bufsize);
68 void blacklist_add(uid_t uid)
72 spin_lock(&blacklist_lock);
73 if (nblacklist == BLACKLIST_MAX) {
74 CERROR("can't add more in blacklist\n");
75 spin_unlock(&blacklist_lock);
79 for (i = 0; i < nblacklist; i++) {
80 if (blacklist[i] == uid) {
81 spin_unlock(&blacklist_lock);
86 blacklist[nblacklist++] = uid;
87 spin_unlock(&blacklist_lock);
90 void blacklist_del(uid_t uid)
94 spin_lock(&blacklist_lock);
95 for (i = 0; i < nblacklist; i++) {
96 if (blacklist[i] == uid) {
98 while (i < nblacklist) {
99 blacklist[i] = blacklist[i+1];
102 spin_unlock(&blacklist_lock);
106 spin_unlock(&blacklist_lock);
109 static int blacklist_check(uid_t uid)
113 spin_lock(&blacklist_lock);
114 for (i = 0; i < nblacklist; i++) {
115 if (blacklist[i] == uid) {
120 spin_unlock(&blacklist_lock);
124 static inline __u32 filter_ck_keyid(struct filter_capa_key *key)
126 return key->k_key.lk_keyid;
129 int filter_update_capa_key(struct obd_device *obd, struct lustre_capa_key *new)
131 struct filter_obd *filter = &obd->u.filter;
132 struct filter_capa_key *k, *keys[2] = { NULL, NULL };
135 spin_lock(&capa_lock);
136 list_for_each_entry(k, &filter->fo_capa_keys, k_list) {
137 if (k->k_key.lk_mdsid != new->lk_mdsid)
142 if (filter_ck_keyid(keys[1]) > filter_ck_keyid(keys[0]))
143 keys[1] = keys[0], keys[0] = k;
148 spin_unlock(&capa_lock);
150 for (i = 0; i < 2; i++) {
153 if (filter_ck_keyid(keys[i]) != new->lk_keyid)
155 /* maybe because of recovery or other reasons, MDS sent the
156 * the old capability key again.
158 spin_lock(&capa_lock);
159 keys[i]->k_key = *new;
160 spin_unlock(&capa_lock);
166 /* if OSS already have two keys, update the old one */
172 INIT_LIST_HEAD(&k->k_list);
175 spin_lock(&capa_lock);
177 if (list_empty(&k->k_list))
178 list_add(&k->k_list, &filter->fo_capa_keys);
179 spin_unlock(&capa_lock);
181 DEBUG_CAPA_KEY(D_SEC, new, "new");
185 int filter_auth_capa(struct obd_export *exp, struct lu_fid *fid, __u64 mdsid,
186 struct lustre_capa *capa, __u64 opc)
188 struct obd_device *obd = exp->exp_obd;
189 struct filter_obd *filter = &obd->u.filter;
190 struct filter_capa_key *k;
191 struct lustre_capa_key key;
194 int keys_ready = 0, key_found = 0, rc = 0;
197 /* capability is disabled */
198 if (!filter->fo_fl_oss_capa)
203 CERROR("mdsno/fid/opc "LPU64"/"DFID"/"LPX64
204 ": no capability has been passed\n",
205 mdsid, PFID(fid), opc);
207 CERROR("mdsno/opc "LPU64"/"LPX64
208 ": no capability has been passed\n",
213 if (blacklist_check(capa->lc_uid)) {
214 DEBUG_CAPA(D_ERROR, capa, "uid %u found in blacklist,",
219 #warning "enable fid check in filter_auth_capa() when fid stored in OSS object"
221 if (opc == CAPA_OPC_OSS_READ) {
222 if (!(capa->lc_opc & CAPA_OPC_OSS_RW))
224 } else if (!capa_opc_supported(capa, opc)) {
228 DEBUG_CAPA(D_ERROR, capa, "opc "LPX64" not supported by", opc);
232 oc = capa_lookup(filter->fo_capa_hash, capa, 0);
234 spin_lock(&oc->c_lock);
235 if (capa_is_expired(oc)) {
236 DEBUG_CAPA(D_ERROR, capa, "expired");
239 spin_unlock(&oc->c_lock);
245 spin_lock(&capa_lock);
246 list_for_each_entry(k, &filter->fo_capa_keys, k_list)
247 if (k->k_key.lk_mdsid == mdsid) {
249 if (k->k_key.lk_keyid == capa_keyid(capa)) {
255 spin_unlock(&capa_lock);
258 CDEBUG(D_SEC, "MDS hasn't propagated capability keys yet, "
264 DEBUG_CAPA(D_ERROR, capa, "no matched capability key for");
268 OBD_ALLOC(hmac, CAPA_HMAC_MAX_LEN);
272 rc = capa_hmac(hmac, capa, key.lk_key);
274 DEBUG_CAPA(D_ERROR, capa, "HMAC failed: rc %d", rc);
275 OBD_FREE(hmac, CAPA_HMAC_MAX_LEN);
279 rc = memcmp(hmac, capa->lc_hmac, CAPA_HMAC_MAX_LEN);
280 OBD_FREE(hmac, CAPA_HMAC_MAX_LEN);
282 DEBUG_CAPA_KEY(D_ERROR, &key, "calculate HMAC with ");
283 DEBUG_CAPA(D_ERROR, capa, "HMAC mismatch");
287 /* store in capa hash */
288 oc = capa_add(filter->fo_capa_hash, capa);
293 void filter_free_capa_keys(struct filter_obd *filter)
295 struct filter_capa_key *key, *n;
297 spin_lock(&capa_lock);
298 list_for_each_entry_safe(key, n, &filter->fo_capa_keys, k_list) {
299 list_del_init(&key->k_list);
300 OBD_FREE(key, sizeof(*key));
302 spin_unlock(&capa_lock);
git://git.whamcloud.com / fs / lustre-release.git / blob