*/
/*
* This file is part of Lustre, http://www.lustre.org/
- * Lustre is a trademark of Sun Microsystems, Inc.
*/
#include <linux/fs.h>
#include <linux/sched.h>
#include <linux/mm.h>
+#include <linux/file.h>
#include <linux/quotaops.h>
#include <linux/highmem.h>
#include <linux/pagemap.h>
-#include <linux/security.h>
#include <linux/user_namespace.h>
#include <linux/uidgid.h>
#include <lustre_dlm.h>
#include "llite_internal.h"
+#ifndef HAVE_USER_NAMESPACE_ARG
+#define ll_create_nd(ns, dir, de, mode, ex) ll_create_nd(dir, de, mode, ex)
+#define ll_mkdir(ns, dir, dch, mode) ll_mkdir(dir, dch, mode)
+#define ll_mknod(ns, dir, dch, mode, rd) ll_mknod(dir, dch, mode, rd)
+#ifdef HAVE_IOPS_RENAME_WITH_FLAGS
+#define ll_rename(ns, src, sdc, tgt, tdc, fl) ll_rename(src, sdc, tgt, tdc, fl)
+#else
+#define ll_rename(ns, src, sdc, tgt, tdc) ll_rename(src, sdc, tgt, tdc)
+#endif /* HAVE_IOPS_RENAME_WITH_FLAGS */
+#define ll_symlink(nd, dir, dch, old) ll_symlink(dir, dch, old)
+#endif
+
static int ll_create_it(struct inode *dir, struct dentry *dentry,
struct lookup_intent *it,
void *secctx, __u32 secctxlen, bool encrypt,
- void *encctx, __u32 encctxlen);
+ void *encctx, __u32 encctxlen, unsigned int open_flags);
/* called from iget5_locked->find_inode() under inode_lock spinlock */
static int ll_test_inode(struct inode *inode, void *opaque)
continue;
spin_lock_nested(&child->d_lock, DENTRY_D_LOCK_NESTED);
- __d_lustre_invalidate(child);
+ if (lld_is_init(child))
+ ll_d2d(child)->lld_invalid = 1;
if (!ll_d_count(child)) {
dget_dlock(child);
__d_drop(child);
if (IS_ERR(env))
RETURN(PTR_ERR(env));
+ OBD_FAIL_TIMEOUT(OBD_FAIL_LDLM_REPLAY_PAUSE, cfs_fail_val);
+
/* reach MDC layer to flush data under the DoM ldlm lock */
rc = cl_object_flush(env, lli->lli_clob, lock);
if (rc == -ENODATA) {
}
if (bits & MDS_INODELOCK_XATTR) {
- ll_xattr_cache_destroy(inode);
+ ll_xattr_cache_empty(inode);
bits &= ~MDS_INODELOCK_XATTR;
}
lli = ll_i2info(inode);
if (bits & MDS_INODELOCK_UPDATE)
- ll_file_set_flag(lli, LLIF_UPDATE_ATIME);
+ set_bit(LLIF_UPDATE_ATIME, &lli->lli_flags);
if ((bits & MDS_INODELOCK_UPDATE) && S_ISDIR(inode->i_mode)) {
CDEBUG(D_INODE, "invalidating inode "DFID" lli = %p, "
}
if ((bits & (MDS_INODELOCK_LOOKUP | MDS_INODELOCK_PERM)) &&
- inode->i_sb->s_root != NULL &&
- inode != inode->i_sb->s_root->d_inode)
+ !is_root_inode(inode))
ll_prune_aliases(inode);
if (bits & (MDS_INODELOCK_LOOKUP | MDS_INODELOCK_PERM))
struct dentry *ll_splice_alias(struct inode *inode, struct dentry *de)
{
struct dentry *new;
- int rc;
if (inode) {
new = ll_find_alias(inode, de);
if (new) {
- rc = ll_d_init(new);
- if (rc < 0) {
- dput(new);
- return ERR_PTR(rc);
- }
+ if (!ll_d_setup(new, true))
+ return ERR_PTR(-ENOMEM);
d_move(new, de);
iput(inode);
CDEBUG(D_DENTRY,
return new;
}
}
- rc = ll_d_init(de);
- if (rc < 0)
- return ERR_PTR(rc);
+ if (!ll_d_setup(de, false))
+ return ERR_PTR(-ENOMEM);
d_add(de, inode);
+
+ /* this needs only to be done for foreign symlink dirs as
+ * DCACHE_SYMLINK_TYPE is already set by d_flags_for_inode()
+ * kernel routine for files with symlink ops (ie, real symlink)
+ */
+ if (inode && S_ISDIR(inode->i_mode) &&
+ ll_sbi_has_foreign_symlink(ll_i2sbi(inode)) &&
+#ifdef HAVE_IOP_GET_LINK
+ inode->i_op->get_link) {
+#else
+ inode->i_op->follow_link) {
+#endif
+ CDEBUG(D_INFO, "%s: inode "DFID": faking foreign dir as a symlink\n",
+ ll_i2sbi(inode)->ll_fsname, PFID(ll_inode2fid(inode)));
+ spin_lock(&de->d_lock);
+ /* like d_flags_for_inode() already does for files */
+ de->d_flags = (de->d_flags & ~DCACHE_ENTRY_TYPE) |
+ DCACHE_SYMLINK_TYPE;
+ spin_unlock(&de->d_lock);
+ }
+
CDEBUG(D_DENTRY, "Add dentry %p inode %p refc %d flags %#x\n",
de, de->d_inode, ll_d_count(de), de->d_flags);
return de;
struct mdt_body *body = req_capsule_server_get(pill,
&RMF_MDT_BODY);
- rc = ll_prep_inode(&inode, request, (*de)->d_sb, it);
+ rc = ll_prep_inode(&inode, &request->rq_pill, (*de)->d_sb, it);
if (rc)
RETURN(rc);
if (!it_disposition(it, DISP_LOOKUP_NEG)) {
/* we have lookup look - unhide dentry */
- if (bits & MDS_INODELOCK_LOOKUP)
+ if (bits & MDS_INODELOCK_LOOKUP) {
d_lustre_revalidate(*de);
+ ll_update_dir_depth(parent, (*de)->d_inode);
+ }
if (encrypt) {
rc = llcrypt_get_encryption_info(inode);
out:
if (rc != 0 && it->it_op & IT_OPEN) {
ll_intent_drop_lock(it);
- ll_open_cleanup((*de)->d_sb, request);
+ ll_open_cleanup((*de)->d_sb, &request->rq_pill);
}
return rc;
__u32 opc;
int rc;
char secctx_name[XATTR_NAME_MAX + 1];
-
+ struct llcrypt_name fname;
+ struct lu_fid fid;
ENTRY;
if (dentry->d_name.len > ll_i2sbi(parent)->ll_namelen)
if (it->it_op & IT_CREAT)
opc = LUSTRE_OPC_CREATE;
else
- opc = LUSTRE_OPC_ANY;
+ opc = LUSTRE_OPC_LOOKUP;
+
+ /* Here we should be calling llcrypt_prepare_lookup(). But it installs a
+ * custom ->d_revalidate() method, so we lose ll_d_ops.
+ * To workaround this, call ll_setup_filename() and do the rest
+ * manually. Also make a copy of llcrypt_d_revalidate() (unfortunately
+ * not exported function) and call it from ll_revalidate_dentry(), to
+ * ensure we do not cache stale dentries after a key has been added.
+ */
+ rc = ll_setup_filename(parent, &dentry->d_name, 1, &fname, &fid);
+ if ((!rc || rc == -ENOENT) && fname.is_ciphertext_name) {
+ spin_lock(&dentry->d_lock);
+ dentry->d_flags |= DCACHE_ENCRYPTED_NAME;
+ spin_unlock(&dentry->d_lock);
+ }
+ if (rc == -ENOENT)
+ RETURN(NULL);
+ if (rc)
+ RETURN(ERR_PTR(rc));
- op_data = ll_prep_md_op_data(NULL, parent, NULL, dentry->d_name.name,
- dentry->d_name.len, 0, opc, NULL);
- if (IS_ERR(op_data))
- GOTO(out, retval = ERR_CAST(op_data));
+ op_data = ll_prep_md_op_data(NULL, parent, NULL, fname.disk_name.name,
+ fname.disk_name.len, 0, opc, NULL);
+ if (IS_ERR(op_data)) {
+ llcrypt_free_filename(&fname);
+ RETURN(ERR_CAST(op_data));
+ }
+ if (!fid_is_zero(&fid)) {
+ op_data->op_fid2 = fid;
+ op_data->op_bias = MDS_FID_OP;
+ if (it->it_op & IT_OPEN)
+ it->it_flags |= MDS_OPEN_BY_FID;
+ }
/* enforce umask if acl disabled or MDS doesn't support umask */
if (!IS_POSIXACL(parent) || !exp_connect_umask(ll_i2mdexp(parent)))
it->it_create_mode &= ~current_umask();
if (it->it_op & IT_CREAT &&
- ll_i2sbi(parent)->ll_flags & LL_SBI_FILE_SECCTX) {
+ test_bit(LL_SBI_FILE_SECCTX, ll_i2sbi(parent)->ll_flags)) {
rc = ll_dentry_init_security(dentry, it->it_create_mode,
&dentry->d_name,
&op_data->op_file_secctx_name,
*secctxlen = 0;
}
if (it->it_op & IT_CREAT && encrypt) {
- rc = llcrypt_inherit_context(parent, NULL, op_data, false);
- if (rc)
- GOTO(out, retval = ERR_PTR(rc));
+ if (unlikely(filename_is_volatile(dentry->d_name.name,
+ dentry->d_name.len, NULL))) {
+ /* get encryption context from reference file */
+ int ctx_size = LLCRYPT_ENC_CTX_SIZE;
+ struct lustre_sb_info *lsi;
+ struct file *ref_file;
+ struct inode *ref_inode;
+ void *ctx;
+
+ rc = volatile_ref_file(dentry->d_name.name,
+ dentry->d_name.len,
+ &ref_file);
+ if (rc)
+ GOTO(out, retval = ERR_PTR(rc));
+
+ ref_inode = file_inode(ref_file);
+ if (!ref_inode) {
+ fput(ref_file);
+ GOTO(inherit, rc = -EINVAL);
+ }
+
+ lsi = s2lsi(ref_inode->i_sb);
+
+getctx:
+ OBD_ALLOC(ctx, ctx_size);
+ if (!ctx)
+ GOTO(out, retval = ERR_PTR(-ENOMEM));
+
+#ifdef CONFIG_LL_ENCRYPTION
+ rc = lsi->lsi_cop->get_context(ref_inode,
+ ctx, ctx_size);
+#elif defined(HAVE_LUSTRE_CRYPTO)
+ rc = ref_inode->i_sb->s_cop->get_context(ref_inode,
+ ctx, ctx_size);
+#else
+ rc = -ENODATA;
+#endif
+ if (rc == -ERANGE) {
+ OBD_FREE(ctx, ctx_size);
+ ctx_size *= 2;
+ goto getctx;
+ }
+ fput(ref_file);
+ if (rc < 0) {
+ OBD_FREE(ctx, ctx_size);
+ GOTO(inherit, rc);
+ }
+
+ op_data->op_file_encctx_size = rc;
+ if (rc == ctx_size) {
+ op_data->op_file_encctx = ctx;
+ } else {
+ OBD_ALLOC(op_data->op_file_encctx,
+ op_data->op_file_encctx_size);
+ if (!op_data->op_file_encctx) {
+ OBD_FREE(ctx, ctx_size);
+ GOTO(out, retval = ERR_PTR(-ENOMEM));
+ }
+ memcpy(op_data->op_file_encctx, ctx,
+ op_data->op_file_encctx_size);
+ OBD_FREE(ctx, ctx_size);
+ }
+ } else {
+inherit:
+ rc = llcrypt_inherit_context(parent, NULL, op_data,
+ false);
+ if (rc)
+ GOTO(out, retval = ERR_PTR(rc));
+ }
if (encctx != NULL)
*encctx = op_data->op_file_encctx;
if (encctxlen != NULL)
}
if (pca && pca->pca_dataset) {
- struct pcc_dataset *dataset = pca->pca_dataset;
-
OBD_ALLOC_PTR(lum);
if (lum == NULL)
GOTO(out, retval = ERR_PTR(-ENOMEM));
lum->lmm_pattern = LOV_PATTERN_F_RELEASED | LOV_PATTERN_RAID0;
op_data->op_data = lum;
op_data->op_data_size = sizeof(*lum);
- op_data->op_archive_id = dataset->pccd_rwid;
-
- rc = obd_fid_alloc(NULL, ll_i2mdexp(parent), &op_data->op_fid2,
- op_data);
- if (rc)
- GOTO(out, retval = ERR_PTR(rc));
-
- rc = pcc_inode_create(parent->i_sb, dataset, &op_data->op_fid2,
- &pca->pca_dentry);
- if (rc)
- GOTO(out, retval = ERR_PTR(rc));
-
+ op_data->op_archive_id = pca->pca_dataset->pccd_rwid;
it->it_flags |= MDS_OPEN_PCC;
}
if (rc < 0)
GOTO(out, retval = ERR_PTR(rc));
+ if (pca && pca->pca_dataset) {
+ rc = pcc_inode_create(parent->i_sb, pca->pca_dataset,
+ &op_data->op_fid2,
+ &pca->pca_dentry);
+ if (rc)
+ GOTO(out, retval = ERR_PTR(rc));
+ }
+
/* dir layout may change */
ll_unlock_md_op_lsm(op_data);
rc = ll_lookup_it_finish(req, it, parent, &dentry,
op_data->op_file_encctx = NULL;
op_data->op_file_encctx_size = 0;
}
+ llcrypt_free_filename(&fname);
ll_finish_md_op_data(op_data);
}
* to proceed with lookup. LU-4185
*/
if ((flags & LOOKUP_CREATE) && !(flags & LOOKUP_OPEN) &&
- (inode_permission(parent, MAY_WRITE | MAY_EXEC) == 0))
+ (inode_permission(&init_user_ns,
+ parent, MAY_WRITE | MAY_EXEC) == 0))
return NULL;
if (flags & (LOOKUP_PARENT|LOOKUP_OPEN|LOOKUP_CREATE))
it->it_flags &= ~MDS_OPEN_FL_INTERNAL;
if (ll_sbi_has_encrypt(ll_i2sbi(dir)) && IS_ENCRYPTED(dir)) {
- /* we know that we are going to create a regular file because
+ /* in case of create, this is going to be a regular file because
* we set S_IFREG bit on it->it_create_mode above
*/
rc = llcrypt_get_encryption_info(dir);
if (rc)
GOTO(out_release, rc);
- if (!llcrypt_has_encryption_key(dir))
- GOTO(out_release, rc = -ENOKEY);
- encrypt = true;
- rc = 0;
+ if (open_flags & O_CREAT) {
+ /* For migration or mirroring without enc key, we still
+ * need to be able to create a volatile file.
+ */
+ if (!llcrypt_has_encryption_key(dir) &&
+ (!filename_is_volatile(dentry->d_name.name,
+ dentry->d_name.len, NULL) ||
+ (open_flags & O_FILE_ENC) != O_FILE_ENC ||
+ !(open_flags & O_DIRECT)))
+ GOTO(out_release, rc = -ENOKEY);
+ encrypt = true;
+ }
}
OBD_FAIL_TIMEOUT(OBD_FAIL_LLITE_CREATE_FILE_PAUSE2, cfs_fail_val);
+ /* We can only arrive at this path when we have no inode, so
+ * we only need to request open lock if it was requested
+ * for every open
+ */
+ if (ll_i2sbi(dir)->ll_oc_thrsh_count == 1 &&
+ exp_connect_flags2(ll_i2mdexp(dir)) &
+ OBD_CONNECT2_ATOMIC_OPEN_LOCK)
+ it->it_flags |= MDS_OPEN_LOCK;
+
/* Dentry added to dcache tree in ll_lookup_it */
de = ll_lookup_it(dir, dentry, it, &secctx, &secctxlen, &pca, encrypt,
&encctx, &encctxlen);
if (it_disposition(it, DISP_OPEN_CREATE)) {
/* Dentry instantiated in ll_create_it. */
rc = ll_create_it(dir, dentry, it, secctx, secctxlen,
- encrypt, encctx, encctxlen);
- security_release_secctx(secctx, secctxlen);
+ encrypt, encctx, encctxlen,
+ open_flags);
+ ll_security_release_secctx(secctx, secctxlen);
llcrypt_free_ctx(encctx, encctxlen);
if (rc) {
/* We dget in ll_splice_alias. */
}
}
- if (dentry->d_inode && it_disposition(it, DISP_OPEN_OPEN)) {
+ /* check also if a foreign file is openable */
+ if (dentry->d_inode && it_disposition(it, DISP_OPEN_OPEN) &&
+ ll_foreign_is_openable(dentry, open_flags)) {
/* Open dentry. */
if (S_ISFIFO(dentry->d_inode->i_mode)) {
/* We cannot call open here as it might
LASSERT(it_disposition(it, DISP_ENQ_CREATE_REF));
request = it->it_request;
- it_clear_disposition(it, DISP_ENQ_CREATE_REF);
- rc = ll_prep_inode(&inode, request, dir->i_sb, it);
- if (rc)
- GOTO(out, inode = ERR_PTR(rc));
+ it_clear_disposition(it, DISP_ENQ_CREATE_REF);
+ rc = ll_prep_inode(&inode, &request->rq_pill, dir->i_sb, it);
+ if (rc)
+ GOTO(out, inode = ERR_PTR(rc));
/* Pause to allow for a race with concurrent access by fid */
OBD_FAIL_TIMEOUT(OBD_FAIL_LLITE_CREATE_NODE_PAUSE, cfs_fail_val);
static int ll_create_it(struct inode *dir, struct dentry *dentry,
struct lookup_intent *it,
void *secctx, __u32 secctxlen, bool encrypt,
- void *encctx, __u32 encctxlen)
+ void *encctx, __u32 encctxlen, unsigned int open_flags)
{
struct inode *inode;
__u64 bits = 0;
if (IS_ERR(inode))
RETURN(PTR_ERR(inode));
- if ((ll_i2sbi(inode)->ll_flags & LL_SBI_FILE_SECCTX) &&
- secctx != NULL) {
+ if (test_bit(LL_SBI_FILE_SECCTX, ll_i2sbi(inode)->ll_flags) &&
+ secctx) {
/* must be done before d_instantiate, because it calls
* security_d_instantiate, which means a getxattr if security
* context is not set yet */
d_instantiate(dentry, inode);
if (encrypt) {
- rc = ll_set_encflags(inode, encctx, encctxlen, true);
+ bool preload = true;
+
+ /* For migration or mirroring without enc key, we
+ * create a volatile file without enc context.
+ */
+ if (!llcrypt_has_encryption_key(dir) &&
+ filename_is_volatile(dentry->d_name.name,
+ dentry->d_name.len, NULL) &&
+ (open_flags & O_FILE_ENC) == O_FILE_ENC &&
+ open_flags & O_DIRECT)
+ preload = false;
+ rc = ll_set_encflags(inode, encctx, encctxlen, preload);
if (rc)
RETURN(rc);
}
- if (!(ll_i2sbi(inode)->ll_flags & LL_SBI_FILE_SECCTX)) {
+ if (!test_bit(LL_SBI_FILE_SECCTX, ll_i2sbi(inode)->ll_flags)) {
rc = ll_inode_init_security(dentry, inode, dir);
if (rc)
RETURN(rc);
}
ll_set_lock_data(ll_i2sbi(dir)->ll_md_exp, inode, it, &bits);
- if (bits & MDS_INODELOCK_LOOKUP)
+ if (bits & MDS_INODELOCK_LOOKUP) {
d_lustre_revalidate(dentry);
+ ll_update_dir_depth(dir, inode);
+ }
RETURN(0);
}
inode->i_ctime.tv_sec = body->mbo_ctime;
}
+/* once default LMV (space balanced) is set on ROOT, it should take effect if
+ * default LMV is not set on parent directory.
+ */
+static void ll_qos_mkdir_prep(struct md_op_data *op_data, struct inode *dir)
+{
+ struct inode *root = dir->i_sb->s_root->d_inode;
+ struct ll_inode_info *rlli = ll_i2info(root);
+ struct ll_inode_info *lli = ll_i2info(dir);
+ struct lmv_stripe_md *lsm;
+
+ op_data->op_dir_depth = lli->lli_dir_depth;
+
+ /* parent directory is striped */
+ if (unlikely(lli->lli_lsm_md))
+ return;
+
+ /* default LMV set on parent directory */
+ if (unlikely(lli->lli_default_lsm_md))
+ return;
+
+ /* parent is ROOT */
+ if (unlikely(dir == root))
+ return;
+
+ /* default LMV not set on ROOT */
+ if (!rlli->lli_default_lsm_md)
+ return;
+
+ down_read(&rlli->lli_lsm_sem);
+ lsm = rlli->lli_default_lsm_md;
+ if (!lsm)
+ goto unlock;
+
+ /* not space balanced */
+ if (lsm->lsm_md_master_mdt_index != LMV_OFFSET_DEFAULT)
+ goto unlock;
+
+ if (lsm->lsm_md_max_inherit != LMV_INHERIT_NONE &&
+ (lsm->lsm_md_max_inherit == LMV_INHERIT_UNLIMITED ||
+ lsm->lsm_md_max_inherit >= lli->lli_dir_depth)) {
+ op_data->op_flags |= MF_QOS_MKDIR;
+ if (lsm->lsm_md_max_inherit_rr != LMV_INHERIT_RR_NONE &&
+ (lsm->lsm_md_max_inherit_rr == LMV_INHERIT_RR_UNLIMITED ||
+ lsm->lsm_md_max_inherit_rr >= lli->lli_dir_depth))
+ op_data->op_flags |= MF_RR_MKDIR;
+ CDEBUG(D_INODE, DFID" requests qos mkdir %#x\n",
+ PFID(&lli->lli_fid), op_data->op_flags);
+ }
+unlock:
+ up_read(&rlli->lli_lsm_sem);
+}
+
static int ll_new_node(struct inode *dir, struct dentry *dchild,
- const char *tgt, umode_t mode, int rdev, __u32 opc)
+ const char *tgt, umode_t mode, __u64 rdev, __u32 opc)
{
struct qstr *name = &dchild->d_name;
struct ptlrpc_request *request = NULL;
struct md_op_data *op_data = NULL;
struct inode *inode = NULL;
struct ll_sb_info *sbi = ll_i2sbi(dir);
- int tgt_len = 0;
+ struct llcrypt_str *disk_link = NULL;
bool encrypt = false;
int err;
ENTRY;
- if (unlikely(tgt != NULL))
- tgt_len = strlen(tgt) + 1;
+ if (unlikely(tgt != NULL)) {
+ disk_link = (struct llcrypt_str *)rdev;
+ rdev = 0;
+ if (!disk_link)
+ RETURN(-EINVAL);
+ }
again:
op_data = ll_prep_md_op_data(NULL, dir, NULL, name->name,
if (IS_ERR(op_data))
GOTO(err_exit, err = PTR_ERR(op_data));
- if (sbi->ll_flags & LL_SBI_FILE_SECCTX) {
+ if (S_ISDIR(mode))
+ ll_qos_mkdir_prep(op_data, dir);
+
+ if (test_bit(LL_SBI_FILE_SECCTX, sbi->ll_flags)) {
err = ll_dentry_init_security(dchild, mode, &dchild->d_name,
&op_data->op_file_secctx_name,
&op_data->op_file_secctx,
err = llcrypt_inherit_context(dir, NULL, op_data, false);
if (err)
GOTO(err_exit, err);
+
+ if (S_ISLNK(mode)) {
+ /* llcrypt needs inode to encrypt target name, so create
+ * a fake inode and associate encryption context got
+ * from llcrypt_inherit_context.
+ */
+ struct inode *fakeinode =
+ dchild->d_sb->s_op->alloc_inode(dchild->d_sb);
+
+ if (!fakeinode)
+ GOTO(err_exit, err = -ENOMEM);
+ fakeinode->i_sb = dchild->d_sb;
+ fakeinode->i_mode |= S_IFLNK;
+#ifdef IOP_XATTR
+ fakeinode->i_opflags |= IOP_XATTR;
+#endif
+ ll_lli_init(ll_i2info(fakeinode));
+ err = ll_set_encflags(fakeinode,
+ op_data->op_file_encctx,
+ op_data->op_file_encctx_size,
+ true);
+ if (!err)
+ err = __llcrypt_encrypt_symlink(fakeinode, tgt,
+ strlen(tgt),
+ disk_link);
+
+ ll_xattr_cache_destroy(fakeinode);
+ llcrypt_put_encryption_info(fakeinode);
+ dchild->d_sb->s_op->destroy_inode(fakeinode);
+ if (err)
+ GOTO(err_exit, err);
+ }
}
- err = md_create(sbi->ll_md_exp, op_data, tgt, tgt_len, mode,
+ err = md_create(sbi->ll_md_exp, op_data, tgt ? disk_link->name : NULL,
+ tgt ? disk_link->len : 0, mode,
from_kuid(&init_user_ns, current_fsuid()),
from_kgid(&init_user_ns, current_fsgid()),
- cfs_curproc_cap_pack(), rdev, &request);
+ current_cap(), rdev, &request);
#if LUSTRE_VERSION_CODE < OBD_OCD_VERSION(2, 14, 58, 0)
/*
* server < 2.12.58 doesn't pack default LMV in intent_getattr reply,
md.default_lmv->lsm_md_master_mdt_index =
lum->lum_stripe_offset;
md.default_lmv->lsm_md_hash_type = lum->lum_hash_type;
+ md.default_lmv->lsm_md_max_inherit =
+ lum->lum_max_inherit;
+ md.default_lmv->lsm_md_max_inherit_rr =
+ lum->lum_max_inherit_rr;
err = ll_update_inode(dir, &md);
md_free_lustre_md(sbi->ll_md_exp, &md);
CFS_FAIL_TIMEOUT(OBD_FAIL_LLITE_NEWNODE_PAUSE, cfs_fail_val);
- err = ll_prep_inode(&inode, request, dchild->d_sb, NULL);
+ err = ll_prep_inode(&inode, &request->rq_pill, dchild->d_sb, NULL);
if (err)
GOTO(err_exit, err);
- if (sbi->ll_flags & LL_SBI_FILE_SECCTX) {
+ if (test_bit(LL_SBI_FILE_SECCTX, sbi->ll_flags)) {
/* must be done before d_instantiate, because it calls
* security_d_instantiate, which means a getxattr if security
* context is not set yet */
op_data->op_file_encctx_size, true);
if (err)
GOTO(err_exit, err);
+
+ if (S_ISLNK(mode)) {
+ struct ll_inode_info *lli = ll_i2info(inode);
+
+ /* Cache the plaintext symlink target
+ * for later use by get_link()
+ */
+ OBD_ALLOC(lli->lli_symlink_name, strlen(tgt) + 1);
+ /* do not return an error if we cannot
+ * cache the symlink locally
+ */
+ if (lli->lli_symlink_name)
+ memcpy(lli->lli_symlink_name,
+ tgt, strlen(tgt) + 1);
+ }
}
- if (!(sbi->ll_flags & LL_SBI_FILE_SECCTX)) {
+ if (!test_bit(LL_SBI_FILE_SECCTX, sbi->ll_flags)) {
err = ll_inode_init_security(dchild, inode, dir);
if (err)
GOTO(err_exit, err);
RETURN(err);
}
-static int ll_mknod(struct inode *dir, struct dentry *dchild, umode_t mode,
- dev_t rdev)
+static int ll_mknod(struct user_namespace *mnt_userns, struct inode *dir,
+ struct dentry *dchild, umode_t mode, dev_t rdev)
{
ktime_t kstart = ktime_get();
int err;
/*
* Plain create. Intent create is handled in atomic_open.
*/
-static int ll_create_nd(struct inode *dir, struct dentry *dentry,
+static int ll_create_nd(struct user_namespace *mnt_userns,
+ struct inode *dir, struct dentry *dentry,
umode_t mode, bool want_excl)
{
ktime_t kstart = ktime_get();
/* Using mknod(2) to create a regular file is designed to not recognize
* volatile file name, so we use ll_mknod() here. */
- rc = ll_mknod(dir, dentry, mode, 0);
+ rc = ll_mknod(mnt_userns, dir, dentry, mode, 0);
CDEBUG(D_VFSTRACE, "VFS Op:name=%pd, unhashed %d\n",
dentry, d_unhashed(dentry));
return rc;
}
-static int ll_symlink(struct inode *dir, struct dentry *dchild,
- const char *oldpath)
+static int ll_symlink(struct user_namespace *mnt_userns, struct inode *dir,
+ struct dentry *dchild, const char *oldpath)
{
ktime_t kstart = ktime_get();
+ int len = strlen(oldpath);
+ struct llcrypt_str disk_link;
int err;
ENTRY;
CDEBUG(D_VFSTRACE, "VFS Op:name=%pd, dir="DFID"(%p), target=%.*s\n",
dchild, PFID(ll_inode2fid(dir)), dir, 3000, oldpath);
- err = ll_new_node(dir, dchild, oldpath, S_IFLNK | S_IRWXUGO, 0,
- LUSTRE_OPC_SYMLINK);
+ err = llcrypt_prepare_symlink(dir, oldpath, len, dir->i_sb->s_blocksize,
+ &disk_link);
+ if (err)
+ RETURN(err);
+
+ err = ll_new_node(dir, dchild, oldpath, S_IFLNK | S_IRWXUGO,
+ (__u64)&disk_link, LUSTRE_OPC_SYMLINK);
+
+ if (disk_link.name != (unsigned char *)oldpath)
+ kfree(disk_link.name);
if (!err)
ll_stats_ops_tally(ll_i2sbi(dir), LPROC_LL_SYMLINK,
RETURN(err);
}
-static int ll_mkdir(struct inode *dir, struct dentry *dchild, umode_t mode)
+static int ll_mkdir(struct user_namespace *mnt_userns, struct inode *dir,
+ struct dentry *dchild, umode_t mode)
{
ktime_t kstart = ktime_get();
int err;
if (unlikely(d_mountpoint(dchild)))
RETURN(-EBUSY);
+ /* some foreign dir may not be allowed to be removed */
+ if (!ll_foreign_is_removable(dchild, false))
+ RETURN(-EPERM);
+
op_data = ll_prep_md_op_data(NULL, dir, NULL, name->name, name->len,
S_IFDIR, LUSTRE_OPC_ANY, NULL);
if (IS_ERR(op_data))
if (dchild->d_inode != NULL)
op_data->op_fid3 = *ll_inode2fid(dchild->d_inode);
- op_data->op_fid2 = op_data->op_fid3;
+ if (fid_is_zero(&op_data->op_fid2))
+ op_data->op_fid2 = op_data->op_fid3;
rc = md_unlink(ll_i2sbi(dir)->ll_md_exp, op_data, &request);
ll_finish_md_op_data(op_data);
- if (!rc)
- ll_update_times(request, dir);
+ if (!rc) {
+ struct mdt_body *body;
- ptlrpc_req_finished(request);
- if (!rc)
+ ll_update_times(request, dir);
ll_stats_ops_tally(ll_i2sbi(dir), LPROC_LL_RMDIR,
ktime_us_delta(ktime_get(), kstart));
+
+ /*
+ * The server puts attributes in on the last unlink, use them
+ * to update the link count so the inode can be freed
+ * immediately.
+ */
+ body = req_capsule_server_get(&request->rq_pill, &RMF_MDT_BODY);
+ if (body->mbo_valid & OBD_MD_FLNLINK) {
+ spin_lock(&dchild->d_inode->i_lock);
+ set_nlink(dchild->d_inode, body->mbo_nlink);
+ spin_unlock(&dchild->d_inode->i_lock);
+ }
+ }
+
+ ptlrpc_req_finished(request);
+
RETURN(rc);
}
if (unlikely(d_mountpoint(dchild)))
RETURN(-EBUSY);
+ /* some foreign file/dir may not be allowed to be unlinked */
+ if (!ll_foreign_is_removable(dchild, false))
+ RETURN(-EPERM);
+
op_data = ll_prep_md_op_data(NULL, dir, NULL, name->name, name->len, 0,
LUSTRE_OPC_ANY, NULL);
if (IS_ERR(op_data))
ll_i2info(dchild->d_inode)->lli_clob &&
dirty_cnt(dchild->d_inode))
op_data->op_cli_flags |= CLI_DIRTY_DATA;
- op_data->op_fid2 = op_data->op_fid3;
+ if (fid_is_zero(&op_data->op_fid2))
+ op_data->op_fid2 = op_data->op_fid3;
rc = md_unlink(ll_i2sbi(dir)->ll_md_exp, op_data, &request);
ll_finish_md_op_data(op_data);
if (rc)
* the link count so the inode can be freed immediately.
*/
body = req_capsule_server_get(&request->rq_pill, &RMF_MDT_BODY);
- if (body->mbo_valid & OBD_MD_FLNLINK)
+ if (body->mbo_valid & OBD_MD_FLNLINK) {
+ spin_lock(&dchild->d_inode->i_lock);
set_nlink(dchild->d_inode, body->mbo_nlink);
+ spin_unlock(&dchild->d_inode->i_lock);
+ }
ll_update_times(request, dir);
RETURN(rc);
}
-static int ll_rename(struct inode *src, struct dentry *src_dchild,
+static int ll_rename(struct user_namespace *mnt_userns,
+ struct inode *src, struct dentry *src_dchild,
struct inode *tgt, struct dentry *tgt_dchild
-#ifdef HAVE_IOPS_RENAME_WITH_FLAGS
+#if defined(HAVE_USER_NAMESPACE_ARG) || defined(HAVE_IOPS_RENAME_WITH_FLAGS)
, unsigned int flags
#endif
)
{
- struct qstr *src_name = &src_dchild->d_name;
- struct qstr *tgt_name = &tgt_dchild->d_name;
struct ptlrpc_request *request = NULL;
struct ll_sb_info *sbi = ll_i2sbi(src);
struct md_op_data *op_data;
ktime_t kstart = ktime_get();
+ umode_t mode = 0;
+ struct llcrypt_name foldname, fnewname;
int err;
ENTRY;
-#ifdef HAVE_IOPS_RENAME_WITH_FLAGS
+#if defined(HAVE_USER_NAMESPACE_ARG) || defined(HAVE_IOPS_RENAME_WITH_FLAGS)
if (flags)
return -EINVAL;
#endif
if (unlikely(d_mountpoint(src_dchild) || d_mountpoint(tgt_dchild)))
RETURN(-EBUSY);
-#ifdef HAVE_IOPS_RENAME_WITH_FLAGS
+#if defined(HAVE_USER_NAMESPACE_ARG) || defined(HAVE_IOPS_RENAME_WITH_FLAGS)
err = llcrypt_prepare_rename(src, src_dchild, tgt, tgt_dchild, flags);
#else
err = llcrypt_prepare_rename(src, src_dchild, tgt, tgt_dchild, 0);
#endif
if (err)
RETURN(err);
+ /* we prevent an encrypted file from being renamed
+ * into an unencrypted dir
+ */
+ if (IS_ENCRYPTED(src) && !IS_ENCRYPTED(tgt))
+ RETURN(-EXDEV);
+
+ if (src_dchild->d_inode)
+ mode = src_dchild->d_inode->i_mode;
- op_data = ll_prep_md_op_data(NULL, src, tgt, NULL, 0, 0,
+ if (tgt_dchild->d_inode)
+ mode = tgt_dchild->d_inode->i_mode;
+
+ op_data = ll_prep_md_op_data(NULL, src, tgt, NULL, 0, mode,
LUSTRE_OPC_ANY, NULL);
if (IS_ERR(op_data))
RETURN(PTR_ERR(op_data));
- if (src_dchild->d_inode != NULL)
+ if (src_dchild->d_inode)
op_data->op_fid3 = *ll_inode2fid(src_dchild->d_inode);
- if (tgt_dchild->d_inode != NULL)
+ if (tgt_dchild->d_inode)
op_data->op_fid4 = *ll_inode2fid(tgt_dchild->d_inode);
+ err = ll_setup_filename(src, &src_dchild->d_name, 1, &foldname, NULL);
+ if (err)
+ RETURN(err);
+ err = ll_setup_filename(tgt, &tgt_dchild->d_name, 1, &fnewname, NULL);
+ if (err) {
+ llcrypt_free_filename(&foldname);
+ RETURN(err);
+ }
err = md_rename(sbi->ll_md_exp, op_data,
- src_name->name, src_name->len,
- tgt_name->name, tgt_name->len, &request);
+ foldname.disk_name.name, foldname.disk_name.len,
+ fnewname.disk_name.name, fnewname.disk_name.len,
+ &request);
+ llcrypt_free_filename(&foldname);
+ llcrypt_free_filename(&fnewname);
ll_finish_md_op_data(op_data);
if (!err) {
ll_update_times(request, src);