#define NR_CAPAHASH 32
#define CAPA_TIMEOUT 1800 /* sec, == 30 min */
#define CAPA_KEY_TIMEOUT (24 * 60 * 60) /* sec, == 1 day */
-#define CAPA_CACHE_SIZE 1000 /* for MDS & OST */
+#define CAPA_CACHE_SIZE 3000 /* for MDS & OST */
#define CAPA_HMAC_ALG "sha1"
/* capa ops */
-#define CAPA_READ MAY_READ /* 2 */
-#define CAPA_WRITE MAY_WRITE /* 4 */
+#define CAPA_WRITE MAY_WRITE /* 2 */
+#define CAPA_READ MAY_READ /* 4 */
#define CAPA_TRUNC 8
struct lustre_capa_data {
__u32 lc_uid; /* uid, mapped uid */
__u32 lc_ruid; /* remote uid on client */
__u32 lc_op; /* operations allowed */
+ __u32 lc_igen; /* inode generation */
__u64 lc_ino; /* inode# */
__u32 lc_mdsid; /* mds# */
__u32 lc_keyid; /* key used for the capability */
} __attribute__((packed));
struct client_capa {
- struct inode *inode; /* this should be always valid
- * if c_refc > 0 */
+ struct inode *inode;
struct lustre_handle handle; /* handle of mds_file_data */
struct list_head lli_list; /* link to lli_capas */
#if 0 /* TODO: support multi mount point */
#define DEBUG_CAPA(level, capa, fmt, args...) \
do { \
-CDEBUG(level, fmt " capa@%p uid %u op %u ino "LPU64" mdsid %d keyid %d " \
- "expiry "LPU64" flags %u\n", \
- ##args, capa, (capa)->lc_uid, (capa)->lc_op, (capa)->lc_ino, \
- (capa)->lc_mdsid, (capa)->lc_keyid, (capa)->lc_expiry, \
- (capa)->lc_flags); \
+CDEBUG(level, fmt " capa@%p uid %u/%u op %u ino "LPU64"/%u mdsid %d " \
+ "keyid %d expiry "LPU64" flags %u\n", \
+ ##args, capa, (capa)->lc_uid, (capa)->lc_ruid, (capa)->lc_op, \
+ (capa)->lc_ino, (capa)->lc_igen, (capa)->lc_mdsid, (capa)->lc_keyid, \
+ (capa)->lc_expiry, (capa)->lc_flags); \
} while (0)
#define DEBUG_CAPA_KEY(level, key, fmt, args...) \
int capa_op(int flags);
void __capa_get(struct obd_capa *ocapa);
struct obd_capa *capa_get(uid_t uid, int capa_op, __u64 mdsid,
- unsigned long ino, int type);
+ unsigned long ino, __u32 igen, int type);
+struct obd_capa *filter_capa_get(struct lustre_capa *capa);
void capa_put(struct obd_capa *ocapa);
struct obd_capa *capa_renew(struct lustre_capa *capa, int type);
-void capa_hmac(struct crypto_tfm *tfm, __u8 *key, struct lustre_capa *capa);
+void capa_hmac(__u8 *key, struct lustre_capa *capa);
void capa_dup(void *dst, struct obd_capa *ocapa);
void capa_dup2(void *dst, struct lustre_capa *capa);
int capa_expired(struct lustre_capa *capa);
-int __capa_is_to_expire(struct obd_capa *ocapa);
+int __capa_is_to_expire(struct obd_capa *ocapa, struct timeval *tv);
int capa_is_to_expire(struct obd_capa *ocapa);
#define CAPA_EXPIRY_SHIFT 10 /* 1024 sec */
#define CAPA_EXPIRY (1UL << CAPA_EXPIRY_SHIFT)
#define CAPA_EXPIRY_MASK (~(CAPA_EXPIRY-1))
-#define CAPA_PRE_EXPIRY_NOROUND 3 /* sec */
+#define CAPA_PRE_EXPIRY_SHORT 3 /* sec */
#define CAPA_PRE_EXPIRY 300 /* sec */
/* struct lustre_capa.lc_flags */
-#define CAPA_FL_NOROUND 0x001 /* capa expiry not rounded */
+#define CAPA_FL_SHORT 0x001 /* short capa expiry */
#define CAPA_FL_REMUID 0x002 /* remote uid */
-#define CAPA_FL_TRUNC 0x004 /* truncate capa, this kind of capa won't be renewed */
static inline unsigned long capa_pre_expiry(struct lustre_capa *capa)
{
- return (capa->lc_flags & CAPA_FL_NOROUND) ?
- CAPA_PRE_EXPIRY_NOROUND : CAPA_PRE_EXPIRY;
+ return (capa->lc_flags & CAPA_FL_SHORT) ?
+ CAPA_PRE_EXPIRY_SHORT : CAPA_PRE_EXPIRY;
}
static inline __u64
round_expiry(__u32 timeout)
{
struct timeval tv;
+ int capa_expiry = CAPA_EXPIRY;
+ int mask = CAPA_EXPIRY_MASK;
__u64 expiry;
do_gettimeofday(&tv);
expiry = tv.tv_sec + timeout;
- if (timeout > CAPA_EXPIRY)
- expiry = (expiry + CAPA_EXPIRY - 1) & CAPA_EXPIRY_MASK;
+ if (timeout < CAPA_EXPIRY) {
+ capa_expiry = 64;
+ mask = ~63;
+ }
+
+ expiry = (expiry + capa_expiry - 1) & mask;
return expiry;
}