LU-12691 ldlm: obd_max_recoverable_clients is not atomic

[fs/lustre-release.git] / lustre / include / lustre_sec.h

diff --git a/lustre/include/lustre_sec.h b/lustre/include/lustre_sec.h
index 524421e..ee2204f 100644 (file)
--- a/lustre/include/lustre_sec.h
+++ b/lustre/include/lustre_sec.h
@@ -15,11 +15,7 @@
  *
  * You should have received a copy of the GNU General Public License
  * version 2 along with this program; If not, see
- * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
- *
- * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
- * CA 95054 USA or visit www.sun.com if you need additional information or
- * have any questions.
+ * http://www.gnu.org/licenses/gpl-2.0.html
  *
  * GPL HEADER END
  */
@@ -27,7 +23,7 @@
  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
  * Use is subject to license terms.
  *
- * Copyright (c) 2012, Intel Corporation.
+ * Copyright (c) 2012, 2017, Intel Corporation.
  */
 /*
  * This file is part of Lustre, http://www.lustre.org/
@@ -51,6 +47,7 @@ struct ptlrpc_request;
 struct ptlrpc_reply_state;
 struct ptlrpc_bulk_desc;
 struct brw_page;
+struct lu_env;
 /* Linux specific */
 struct key;
 struct seq_file;
@@ -66,6 +63,7 @@ struct ptlrpc_sec;
 struct ptlrpc_svc_ctx;
 struct ptlrpc_cli_ctx;
 struct ptlrpc_ctx_ops;
+struct req_msg_field;
 
 /**
  * \addtogroup flavor flavor
@@ -182,6 +180,10 @@ enum sptlrpc_bulk_service {
         MAKE_BASE_SUBFLVR(SPTLRPC_MECH_GSS_KRB5, SPTLRPC_SVC_INTG)
 #define SPTLRPC_SUBFLVR_KRB5P                                           \
         MAKE_BASE_SUBFLVR(SPTLRPC_MECH_GSS_KRB5, SPTLRPC_SVC_PRIV)
+#define SPTLRPC_SUBFLVR_SKN                                             \
+       MAKE_BASE_SUBFLVR(SPTLRPC_MECH_GSS_SK, SPTLRPC_SVC_NULL)
+#define SPTLRPC_SUBFLVR_SKA                                             \
+       MAKE_BASE_SUBFLVR(SPTLRPC_MECH_GSS_SK, SPTLRPC_SVC_AUTH)
 #define SPTLRPC_SUBFLVR_SKI                                             \
        MAKE_BASE_SUBFLVR(SPTLRPC_MECH_GSS_SK, SPTLRPC_SVC_INTG)
 #define SPTLRPC_SUBFLVR_SKPI                                            \
@@ -232,6 +234,18 @@ enum sptlrpc_bulk_service {
                   SPTLRPC_SVC_PRIV,                     \
                   SPTLRPC_BULK_DEFAULT,                 \
                   SPTLRPC_BULK_SVC_PRIV)
+#define SPTLRPC_FLVR_SKN                                \
+       MAKE_FLVR(SPTLRPC_POLICY_GSS,                   \
+                 SPTLRPC_MECH_GSS_SK,                  \
+                 SPTLRPC_SVC_NULL,                     \
+                 SPTLRPC_BULK_DEFAULT,                 \
+                 SPTLRPC_BULK_SVC_NULL)
+#define SPTLRPC_FLVR_SKA                                \
+       MAKE_FLVR(SPTLRPC_POLICY_GSS,                   \
+                 SPTLRPC_MECH_GSS_SK,                  \
+                 SPTLRPC_SVC_AUTH,                     \
+                 SPTLRPC_BULK_DEFAULT,                 \
+                 SPTLRPC_BULK_SVC_NULL)
 #define SPTLRPC_FLVR_SKI                                \
        MAKE_FLVR(SPTLRPC_POLICY_GSS,                   \
                  SPTLRPC_MECH_GSS_SK,                  \
@@ -374,8 +388,7 @@ void sptlrpc_conf_log_update_begin(const char *logname);
 void sptlrpc_conf_log_update_end(const char *logname);
 void sptlrpc_conf_client_adapt(struct obd_device *obd);
 int  sptlrpc_conf_target_get_rules(struct obd_device *obd,
-                                   struct sptlrpc_rule_set *rset,
-                                   int initial);
+                                  struct sptlrpc_rule_set *rset);
 void sptlrpc_target_choose_flavor(struct sptlrpc_rule_set *rset,
                                   enum lustre_sec_part from,
                                   lnet_nid_t nid,
@@ -536,7 +549,7 @@ struct ptlrpc_cli_ctx {
        atomic_t                cc_refcount;
        struct ptlrpc_sec      *cc_sec;
        struct ptlrpc_ctx_ops  *cc_ops;
-       cfs_time_t              cc_expire;      /* in seconds */
+       time64_t                cc_expire;      /* in seconds */
        unsigned int            cc_early_expire:1;
        unsigned long           cc_flags;
        struct vfs_cred         cc_vcred;
@@ -856,13 +869,24 @@ struct ptlrpc_sec {
         /** owning import */
         struct obd_import              *ps_import;
        spinlock_t                      ps_lock;
+       /** mtime of SELinux policy file */
+       time_t                          ps_sepol_mtime;
+       /** next check time of SELinux policy file */
+       ktime_t                         ps_sepol_checknext;
+       /**
+        * SELinux policy info
+        * sepol string format is:
+        * <mode>:<policy name>:<policy version>:<policy hash>
+        */
+       char                            ps_sepol[LUSTRE_NODEMAP_SEPOL_LENGTH
+                                                + 1];
 
        /*
         * garbage collection
         */
        struct list_head                ps_gc_list;
-       cfs_time_t                      ps_gc_interval; /* in seconds */
-       cfs_time_t                      ps_gc_next;     /* in seconds */
+       time64_t                        ps_gc_interval; /* in seconds */
+       time64_t                        ps_gc_next;     /* in seconds */
 };
 
 static inline int flvr_is_rootonly(__u32 flavor)
@@ -941,12 +965,8 @@ struct ptlrpc_bulk_sec_desc {
         __u8            bsd_data[0];    /* policy-specific token */
 };
 
-
-/*
- * lprocfs
- */
-struct proc_dir_entry;
-extern struct proc_dir_entry *sptlrpc_proc_root;
+extern struct dentry *sptlrpc_debugfs_dir;
+extern struct proc_dir_entry *sptlrpc_lprocfs_dir;
 
 /*
  * round size up to next power of 2, for slab allocation.
@@ -1072,12 +1092,14 @@ void sptlrpc_cli_free_reqbuf(struct ptlrpc_request *req);
 int sptlrpc_cli_alloc_repbuf(struct ptlrpc_request *req, int msgsize);
 void sptlrpc_cli_free_repbuf(struct ptlrpc_request *req);
 int sptlrpc_cli_enlarge_reqbuf(struct ptlrpc_request *req,
-                               int segment, int newsize);
+                              const struct req_msg_field *field,
+                              int newsize);
 int  sptlrpc_cli_unwrap_early_reply(struct ptlrpc_request *req,
                                     struct ptlrpc_request **req_ret);
 void sptlrpc_cli_finish_early_reply(struct ptlrpc_request *early_req);
 
 void sptlrpc_request_out_callback(struct ptlrpc_request *req);
+int sptlrpc_get_sepol(struct ptlrpc_request *req);
 
 /*
  * exported higher interface of import & request
@@ -1179,17 +1201,6 @@ int sptlrpc_current_user_desc_size(void);
 int sptlrpc_pack_user_desc(struct lustre_msg *msg, int offset);
 int sptlrpc_unpack_user_desc(struct lustre_msg *req, int offset, int swabbed);
 
-
-#define CFS_CAP_CHOWN_MASK (1 << CFS_CAP_CHOWN)
-#define CFS_CAP_SYS_RESOURCE_MASK (1 << CFS_CAP_SYS_RESOURCE)
-
-enum {
-        LUSTRE_SEC_NONE         = 0,
-        LUSTRE_SEC_REMOTE       = 1,
-        LUSTRE_SEC_SPECIFY      = 2,
-        LUSTRE_SEC_ALL          = 3
-};
-
 /** @} sptlrpc */
 
 #endif /* _LUSTRE_SEC_H_ */