*
* You should have received a copy of the GNU General Public License
* version 2 along with this program; If not, see
- * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
- *
- * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
- * CA 95054 USA or visit www.sun.com if you need additional information or
- * have any questions.
+ * http://www.gnu.org/licenses/gpl-2.0.html
*
* GPL HEADER END
*/
* Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved.
* Use is subject to license terms.
*
- * Copyright (c) 2011, 2013, Intel Corporation.
+ * Copyright (c) 2011, 2016, Intel Corporation.
*/
/*
* This file is part of Lustre, http://www.lustre.org/
#include <linux/highmem.h>
#include <linux/pagemap.h>
#include <linux/security.h>
+#include <linux/user_namespace.h>
+#ifdef HAVE_UIDGID_HEADER
+# include <linux/uidgid.h>
+#endif
#define DEBUG_SUBSYSTEM S_LLITE
#include <obd_support.h>
#include <lustre_fid.h>
-#include <lustre_lite.h>
#include <lustre_dlm.h>
#include <lustre_ver.h>
#include "llite_internal.h"
static int ll_create_it(struct inode *dir, struct dentry *dentry,
- struct lookup_intent *it);
+ struct lookup_intent *it,
+ void *secctx, __u32 secctxlen);
/* called from iget5_locked->find_inode() under inode_lock spinlock */
static int ll_test_inode(struct inode *inode, void *opaque)
lli->lli_fid = body->mbo_fid1;
if (unlikely(!(body->mbo_valid & OBD_MD_FLTYPE))) {
CERROR("Can not initialize inode "DFID" without object type: "
- "valid = "LPX64"\n",
+ "valid = %#llx\n",
PFID(&lli->lli_fid), body->mbo_valid);
return -EINVAL;
}
if (inode->i_state & I_NEW) {
rc = ll_read_inode2(inode, md);
if (rc == 0 && S_ISREG(inode->i_mode) &&
- ll_i2info(inode)->lli_clob == NULL) {
- CDEBUG(D_INODE, "%s: apply lsm %p to inode "DFID"\n",
- ll_get_fsname(sb, NULL, 0), md->lsm,
- PFID(ll_inode2fid(inode)));
+ ll_i2info(inode)->lli_clob == NULL)
rc = cl_file_inode_init(inode, md);
- }
+
if (rc != 0) {
+ /* Let's clear directory lsm here, otherwise
+ * make_bad_inode() will reset the inode mode
+ * to regular, then ll_clear_inode will not
+ * be able to clear lsm_md */
+ if (S_ISDIR(inode->i_mode))
+ ll_dir_clear_lsm_md(inode);
make_bad_inode(inode);
unlock_new_inode(inode);
iput(inode);
inode = ERR_PTR(rc);
} else {
+ inode_has_no_xattr(inode);
unlock_new_inode(inode);
}
} else if (!(inode->i_state & (I_FREEING | I_CLEAR))) {
CDEBUG(D_VFSTRACE, "got inode: "DFID"(%p): rc = %d\n",
PFID(&md->body->mbo_fid1), inode, rc);
if (rc != 0) {
- make_bad_inode(inode);
+ if (S_ISDIR(inode->i_mode))
+ ll_dir_clear_lsm_md(inode);
iput(inode);
inode = ERR_PTR(rc);
}
DECLARE_LL_D_HLIST_NODE_PTR(p);
ll_lock_dcache(dir);
- ll_d_hlist_for_each_entry(dentry, p, &dir->i_dentry, d_alias) {
+ ll_d_hlist_for_each_entry(dentry, p, &dir->i_dentry) {
spin_lock(&dentry->d_lock);
if (!list_empty(&dentry->d_subdirs)) {
struct dentry *child;
list_for_each_entry_safe(child, tmp_subdir,
&dentry->d_subdirs,
- d_u.d_child) {
+ d_child) {
if (child->d_inode == NULL)
d_lustre_invalidate(child, 1);
}
}
if (bits & MDS_INODELOCK_XATTR) {
+ if (S_ISDIR(inode->i_mode))
+ ll_i2info(inode)->lli_def_stripe_offset = -1;
ll_xattr_cache_destroy(inode);
bits &= ~MDS_INODELOCK_XATTR;
}
if (bits & MDS_INODELOCK_UPDATE) {
struct ll_inode_info *lli = ll_i2info(inode);
-
- spin_lock(&lli->lli_lock);
- lli->lli_flags &= ~LLIF_MDS_SIZE_LOCK;
- spin_unlock(&lli->lli_lock);
+ lli->lli_update_atime = 1;
}
if ((bits & MDS_INODELOCK_UPDATE) && S_ISDIR(inode->i_mode)) {
hash = cl_fid_build_ino(&lli->lli_pfid,
ll_need_32bit_api(ll_i2sbi(inode)));
- master_inode = ilookup5(inode->i_sb, hash,
- ll_test_inode_by_fid,
+ /* Do not lookup the inode with ilookup5,
+ * otherwise it will cause dead lock,
+ *
+ * 1. Client1 send chmod req to the MDT0, then
+ * on MDT0, it enqueues master and all of its
+ * slaves lock, (mdt_attr_set() ->
+ * mdt_lock_slaves()), after gets master and
+ * stripe0 lock, it will send the enqueue req
+ * (for stripe1) to MDT1, then MDT1 finds the
+ * lock has been granted to client2. Then MDT1
+ * sends blocking ast to client2.
+ *
+ * 2. At the same time, client2 tries to unlink
+ * the striped dir (rm -rf striped_dir), and
+ * during lookup, it will hold the master inode
+ * of the striped directory, whose inode state
+ * is NEW, then tries to revalidate all of its
+ * slaves, (ll_prep_inode()->ll_iget()->
+ * ll_read_inode2()-> ll_update_inode().). And
+ * it will be blocked on the server side because
+ * of 1.
+ *
+ * 3. Then the client get the blocking_ast req,
+ * cancel the lock, but being blocked if using
+ * ->ilookup5()), because master inode state is
+ * NEW. */
+ master_inode = ilookup5_nowait(inode->i_sb,
+ hash, ll_test_inode_by_fid,
(void *)&lli->lli_pfid);
- if (master_inode != NULL &&
- !IS_ERR(master_inode)) {
+ if (master_inode) {
ll_invalidate_negative_children(
master_inode);
iput(master_inode);
discon_alias = invalid_alias = NULL;
ll_lock_dcache(inode);
- ll_d_hlist_for_each_entry(alias, p, &inode->i_dentry, d_alias) {
+ ll_d_hlist_for_each_entry(alias, p, &inode->i_dentry) {
LASSERT(alias != dentry);
spin_lock(&alias->d_lock);
- if (alias->d_flags & DCACHE_DISCONNECTED)
+ if ((alias->d_flags & DCACHE_DISCONNECTED) &&
+ S_ISDIR(inode->i_mode))
/* LASSERT(last_discon == NULL); LU-405, bz 20055 */
discon_alias = alias;
else if (alias->d_parent == dentry->d_parent &&
struct inode *inode = NULL;
__u64 bits = 0;
int rc;
+ struct dentry *alias;
ENTRY;
/* NB 1 request reference will be taken away by ll_intent_lock()
* when I return */
CDEBUG(D_DENTRY, "it %p it_disposition %x\n", it,
- it->d.lustre.it_disposition);
+ it->it_disposition);
if (!it_disposition(it, DISP_LOOKUP_NEG)) {
rc = ll_prep_inode(&inode, request, (*de)->d_sb, it);
if (rc)
/* Only hash *de if it is unhashed (new dentry).
* Atoimc_open may passin hashed dentries for open.
*/
- if (d_unhashed(*de)) {
- struct dentry *alias;
-
- alias = ll_splice_alias(inode, *de);
- if (IS_ERR(alias))
- RETURN(PTR_ERR(alias));
- *de = alias;
- } else if (!it_disposition(it, DISP_LOOKUP_NEG) &&
- !it_disposition(it, DISP_OPEN_CREATE)) {
- /* With DISP_OPEN_CREATE dentry will
- instantiated in ll_create_it. */
- LASSERT((*de)->d_inode == NULL);
- d_instantiate(*de, inode);
- }
+ alias = ll_splice_alias(inode, *de);
+ if (IS_ERR(alias))
+ GOTO(out, rc = PTR_ERR(alias));
+
+ *de = alias;
if (!it_disposition(it, DISP_LOOKUP_NEG)) {
/* we have lookup look - unhide dentry */
/* Check that parent has UPDATE lock. */
struct lookup_intent parent_it = {
.it_op = IT_GETATTR,
- .d.lustre.it_lock_handle = 0 };
+ .it_lock_handle = 0 };
struct lu_fid fid = ll_i2info(parent)->lli_fid;
/* If it is striped directory, get the real stripe parent */
(*de)->d_name.name,
(*de)->d_name.len, &fid);
if (rc != 0)
- RETURN(rc);
+ GOTO(out, rc);
}
if (md_revalidate_lock(ll_i2mdexp(parent), &parent_it, &fid,
d_lustre_revalidate(*de);
ll_intent_release(&parent_it);
}
- }
+ }
+
+ GOTO(out, rc = 0);
+
+out:
+ if (rc != 0 && it->it_op & IT_OPEN)
+ ll_open_cleanup((*de)->d_sb, request);
- RETURN(0);
+ return rc;
}
static struct dentry *ll_lookup_it(struct inode *parent, struct dentry *dentry,
- struct lookup_intent *it)
+ struct lookup_intent *it,
+ void **secctx, __u32 *secctxlen)
{
- struct lookup_intent lookup_it = { .it_op = IT_LOOKUP };
- struct dentry *save = dentry, *retval;
- struct ptlrpc_request *req = NULL;
- struct md_op_data *op_data;
+ struct lookup_intent lookup_it = { .it_op = IT_LOOKUP };
+ struct dentry *save = dentry, *retval;
+ struct ptlrpc_request *req = NULL;
+ struct md_op_data *op_data = NULL;
__u32 opc;
int rc;
ENTRY;
if (it == NULL || it->it_op == IT_GETXATTR)
it = &lookup_it;
- if (it->it_op == IT_GETATTR) {
- rc = ll_statahead_enter(parent, &dentry, 0);
- if (rc == 1) {
- if (dentry == save)
- GOTO(out, retval = NULL);
- GOTO(out, retval = dentry);
- }
- }
+ if (it->it_op == IT_GETATTR && dentry_may_statahead(parent, dentry)) {
+ rc = ll_statahead(parent, &dentry, 0);
+ if (rc == 1)
+ RETURN(dentry == save ? NULL : dentry);
+ }
+
+ if (it->it_op & IT_OPEN && it->it_flags & FMODE_WRITE &&
+ dentry->d_sb->s_flags & MS_RDONLY)
+ RETURN(ERR_PTR(-EROFS));
if (it->it_op & IT_CREAT)
opc = LUSTRE_OPC_CREATE;
op_data = ll_prep_md_op_data(NULL, parent, NULL, dentry->d_name.name,
dentry->d_name.len, 0, opc, NULL);
- if (IS_ERR(op_data))
- RETURN((void *)op_data);
+ if (IS_ERR(op_data))
+ GOTO(out, retval = ERR_CAST(op_data));
- /* enforce umask if acl disabled or MDS doesn't support umask */
- if (!IS_POSIXACL(parent) || !exp_connect_umask(ll_i2mdexp(parent)))
+ /* enforce umask if acl disabled or MDS doesn't support umask */
+ if (!IS_POSIXACL(parent) || !exp_connect_umask(ll_i2mdexp(parent)))
it->it_create_mode &= ~current_umask();
+ if (it->it_op & IT_CREAT &&
+ ll_i2sbi(parent)->ll_flags & LL_SBI_FILE_SECCTX) {
+ rc = ll_dentry_init_security(dentry, it->it_create_mode,
+ &dentry->d_name,
+ &op_data->op_file_secctx_name,
+ &op_data->op_file_secctx,
+ &op_data->op_file_secctx_size);
+ if (rc < 0)
+ GOTO(out, retval = ERR_PTR(rc));
+ if (secctx != NULL)
+ *secctx = op_data->op_file_secctx;
+ if (secctxlen != NULL)
+ *secctxlen = op_data->op_file_secctx_size;
+ }
+
rc = md_intent_lock(ll_i2mdexp(parent), op_data, it, &req,
&ll_md_blocking_ast, 0);
- ll_finish_md_op_data(op_data);
- if (rc < 0)
- GOTO(out, retval = ERR_PTR(rc));
+ /* If the MDS allows the client to chgrp (CFS_SETGRP_PERM), but the
+ * client does not know which suppgid should be sent to the MDS, or
+ * some other(s) changed the target file's GID after this RPC sent
+ * to the MDS with the suppgid as the original GID, then we should
+ * try again with right suppgid. */
+ if (rc == -EACCES && it->it_op & IT_OPEN &&
+ it_disposition(it, DISP_OPEN_DENY)) {
+ struct mdt_body *body;
+
+ LASSERT(req != NULL);
+
+ body = req_capsule_server_get(&req->rq_pill, &RMF_MDT_BODY);
+ if (op_data->op_suppgids[0] == body->mbo_gid ||
+ op_data->op_suppgids[1] == body->mbo_gid ||
+ !in_group_p(make_kgid(&init_user_ns, body->mbo_gid)))
+ GOTO(out, retval = ERR_PTR(-EACCES));
+
+ fid_zero(&op_data->op_fid2);
+ op_data->op_suppgids[1] = body->mbo_gid;
+ ptlrpc_req_finished(req);
+ req = NULL;
+ ll_intent_release(it);
+ rc = md_intent_lock(ll_i2mdexp(parent), op_data, it, &req,
+ &ll_md_blocking_ast, 0);
+ }
+
+ if (rc < 0)
+ GOTO(out, retval = ERR_PTR(rc));
rc = ll_lookup_it_finish(req, it, parent, &dentry);
if (rc != 0) {
}
ll_lookup_finish_locks(it, dentry);
- if (dentry == save)
- GOTO(out, retval = NULL);
- else
- GOTO(out, retval = dentry);
- out:
- if (req)
- ptlrpc_req_finished(req);
- if (it->it_op == IT_GETATTR && (retval == NULL || retval == dentry))
- ll_statahead_mark(parent, dentry);
- return retval;
+ GOTO(out, retval = (dentry == save) ? NULL : dentry);
+
+out:
+ if (op_data != NULL && !IS_ERR(op_data)) {
+ if (secctx != NULL && secctxlen != NULL) {
+ /* caller needs sec ctx info, so reset it in op_data to
+ * prevent it from being freed */
+ op_data->op_file_secctx = NULL;
+ op_data->op_file_secctx_size = 0;
+ }
+ ll_finish_md_op_data(op_data);
+ }
+
+ ptlrpc_req_finished(req);
+ return retval;
}
#ifdef HAVE_IOP_ATOMIC_OPEN
dentry->d_name.len, dentry->d_name.name,
PFID(ll_inode2fid(parent)), parent, flags);
- /* Optimize away (CREATE && !OPEN). Let .create handle the race. */
- if ((flags & LOOKUP_CREATE) && !(flags & LOOKUP_OPEN))
+ /*
+ * Optimize away (CREATE && !OPEN). Let .create handle the race.
+ * but only if we have write permissions there, otherwise we need
+ * to proceed with lookup. LU-4185
+ */
+ if ((flags & LOOKUP_CREATE) && !(flags & LOOKUP_OPEN) &&
+ (inode_permission(parent, MAY_WRITE | MAY_EXEC) == 0))
return NULL;
if (flags & (LOOKUP_PARENT|LOOKUP_OPEN|LOOKUP_CREATE))
itp = NULL;
else
itp = ⁢
- de = ll_lookup_it(parent, dentry, itp);
+ de = ll_lookup_it(parent, dentry, itp, NULL, NULL);
if (itp != NULL)
ll_intent_release(itp);
struct lookup_intent *it;
struct dentry *de;
long long lookup_flags = LOOKUP_OPEN;
+ void *secctx = NULL;
+ __u32 secctxlen = 0;
int rc = 0;
ENTRY;
dentry->d_name.len, dentry->d_name.name,
PFID(ll_inode2fid(dir)), dir, file, open_flags, mode, *opened);
+ /* Only negative dentries enter here */
+ LASSERT(dentry->d_inode == NULL);
+
+ if (!d_unhashed(dentry)) {
+ /* A valid negative dentry that just passed revalidation,
+ * there's little point to try and open it server-side,
+ * even though there's a minuscule chance it might succeed.
+ * Either way it's a valid race to just return -ENOENT here.
+ */
+ if (!(open_flags & O_CREAT))
+ return -ENOENT;
+
+ /* Otherwise we just unhash it to be rehashed afresh via
+ * lookup if necessary
+ */
+ d_drop(dentry);
+ }
+
OBD_ALLOC(it, sizeof(*it));
if (!it)
RETURN(-ENOMEM);
it->it_flags &= ~MDS_OPEN_FL_INTERNAL;
/* Dentry added to dcache tree in ll_lookup_it */
- de = ll_lookup_it(dir, dentry, it);
+ de = ll_lookup_it(dir, dentry, it, &secctx, &secctxlen);
if (IS_ERR(de))
rc = PTR_ERR(de);
else if (de != NULL)
dentry = de;
+ CFS_FAIL_TIMEOUT(OBD_FAIL_LLITE_CREATE_FILE_PAUSE, cfs_fail_val);
+
if (!rc) {
if (it_disposition(it, DISP_OPEN_CREATE)) {
/* Dentry instantiated in ll_create_it. */
- rc = ll_create_it(dir, dentry, it);
+ rc = ll_create_it(dir, dentry, it, secctx, secctxlen);
+ security_release_secctx(secctx, secctxlen);
if (rc) {
/* We dget in ll_splice_alias. */
if (de != NULL)
if (dentry->d_inode && it_disposition(it, DISP_OPEN_OPEN)) {
/* Open dentry. */
if (S_ISFIFO(dentry->d_inode->i_mode)) {
- /* We cannot call open here as it would
- * deadlock.
- */
- if (it_disposition(it, DISP_ENQ_OPEN_REF))
- ptlrpc_req_finished(
- (struct ptlrpc_request *)
- it->d.lustre.it_data);
+ /* We cannot call open here as it might
+ * deadlock. This case is unreachable in
+ * practice because of OBD_CONNECT_NODEVOH. */
rc = finish_no_open(file, de);
} else {
file->private_data = it;
#else /* !HAVE_IOP_ATOMIC_OPEN */
static struct lookup_intent *
-ll_convert_intent(struct open_intent *oit, int lookup_flags)
+ll_convert_intent(struct open_intent *oit, int lookup_flags, bool is_readonly)
{
struct lookup_intent *it;
if (lookup_flags & LOOKUP_OPEN) {
it->it_op = IT_OPEN;
- if (lookup_flags & LOOKUP_CREATE)
+ /* Avoid file creation for ro bind mount point(is_readonly) */
+ if ((lookup_flags & LOOKUP_CREATE) && !is_readonly)
it->it_op |= IT_CREAT;
it->it_create_mode = (oit->create_mode & S_IALLUGO) | S_IFREG;
- it->it_flags = ll_namei_to_lookup_intent_flag(oit->flags);
+ it->it_flags = ll_namei_to_lookup_intent_flag(oit->flags &
+ ~(is_readonly ? O_CREAT : 0));
it->it_flags &= ~MDS_OPEN_FL_INTERNAL;
} else {
it->it_op = IT_GETATTR;
static struct dentry *ll_lookup_nd(struct inode *parent, struct dentry *dentry,
struct nameidata *nd)
{
- struct dentry *de;
- ENTRY;
+ struct dentry *de;
+ ENTRY;
- if (nd && !(nd->flags & (LOOKUP_CONTINUE|LOOKUP_PARENT))) {
- struct lookup_intent *it;
+ if (nd && !(nd->flags & (LOOKUP_CONTINUE|LOOKUP_PARENT))) {
+ struct lookup_intent *it;
- if (ll_d2d(dentry) && ll_d2d(dentry)->lld_it) {
- it = ll_d2d(dentry)->lld_it;
- ll_d2d(dentry)->lld_it = NULL;
- } else {
+ if (ll_d2d(dentry) && ll_d2d(dentry)->lld_it) {
+ it = ll_d2d(dentry)->lld_it;
+ ll_d2d(dentry)->lld_it = NULL;
+ } else {
+ /*
+ * Optimize away (CREATE && !OPEN). Let .create handle
+ * the race. But only if we have write permissions
+ * there, otherwise we need to proceed with lookup.
+ * LU-4185
+ */
if ((nd->flags & LOOKUP_CREATE) &&
- !(nd->flags & LOOKUP_OPEN))
- RETURN(NULL);
-
- it = ll_convert_intent(&nd->intent.open, nd->flags);
- if (IS_ERR(it))
- RETURN((struct dentry *)it);
- }
-
- de = ll_lookup_it(parent, dentry, it);
- if (de)
- dentry = de;
- if ((nd->flags & LOOKUP_OPEN) && !IS_ERR(dentry)) { /* Open */
- if (dentry->d_inode &&
- it_disposition(it, DISP_OPEN_OPEN)) { /* nocreate */
- if (S_ISFIFO(dentry->d_inode->i_mode)) {
- // We cannot call open here as it would
- // deadlock.
- ptlrpc_req_finished(
- (struct ptlrpc_request *)
- it->d.lustre.it_data);
- } else {
+ !(nd->flags & LOOKUP_OPEN) &&
+ (inode_permission(parent,
+ MAY_WRITE | MAY_EXEC) == 0))
+ RETURN(NULL);
+
+ it = ll_convert_intent(&nd->intent.open, nd->flags,
+ (nd->path.mnt->mnt_flags & MNT_READONLY) ||
+ (nd->path.mnt->mnt_sb->s_flags & MS_RDONLY));
+ if (IS_ERR(it))
+ RETURN((struct dentry *)it);
+ }
+
+ de = ll_lookup_it(parent, dentry, it, NULL, NULL);
+ if (de)
+ dentry = de;
+ if ((nd->flags & LOOKUP_OPEN) && !IS_ERR(dentry)) { /* Open */
+ if (dentry->d_inode &&
+ it_disposition(it, DISP_OPEN_OPEN)) { /* nocreate */
+ if (S_ISFIFO(dentry->d_inode->i_mode)) {
+ /* We cannot call open here as it might
+ * deadlock. This case is unreachable in
+ * practice because of
+ * OBD_CONNECT_NODEVOH. */
+ } else {
struct file *filp;
nd->intent.open.file->private_data = it;
dput(de);
de = (struct dentry *)filp;
}
- }
- } else if (it_disposition(it, DISP_OPEN_CREATE)) {
- // XXX This can only reliably work on assumption
- // that there are NO hashed negative dentries.
- ll_d2d(dentry)->lld_it = it;
- it = NULL; /* Will be freed in ll_create_nd */
- /* We absolutely depend on ll_create_nd to be
- * called to not leak this intent and possible
- * data attached to it */
- }
- }
-
- if (it) {
- ll_intent_release(it);
- OBD_FREE(it, sizeof(*it));
- }
- } else {
- de = ll_lookup_it(parent, dentry, NULL);
+ }
+ } else if (it_disposition(it, DISP_OPEN_CREATE)) {
+ /* XXX This can only reliably work on assumption
+ * that there are NO hashed negative dentries.*/
+ ll_d2d(dentry)->lld_it = it;
+ it = NULL; /* Will be freed in ll_create_nd */
+ /* We absolutely depend on ll_create_nd to be
+ * called to not leak this intent and possible
+ * data attached to it */
+ }
+ }
+
+ if (it) {
+ ll_intent_release(it);
+ OBD_FREE(it, sizeof(*it));
+ }
+ } else {
+ de = ll_lookup_it(parent, dentry, NULL, NULL, NULL);
}
RETURN(de);
int rc;
ENTRY;
- LASSERT(it && it->d.lustre.it_disposition);
+ LASSERT(it && it->it_disposition);
- LASSERT(it_disposition(it, DISP_ENQ_CREATE_REF));
- request = it->d.lustre.it_data;
+ LASSERT(it_disposition(it, DISP_ENQ_CREATE_REF));
+ request = it->it_request;
it_clear_disposition(it, DISP_ENQ_CREATE_REF);
rc = ll_prep_inode(&inode, request, dir->i_sb, it);
if (rc)
GOTO(out, inode = ERR_PTR(rc));
- LASSERT(ll_d_hlist_empty(&inode->i_dentry));
+ /* Pause to allow for a race with concurrent access by fid */
+ OBD_FAIL_TIMEOUT(OBD_FAIL_LLITE_CREATE_NODE_PAUSE, cfs_fail_val);
/* We asked for a lock on the directory, but were granted a
* lock on the inode. Since we finally have an inode pointer,
* with d_instantiate().
*/
static int ll_create_it(struct inode *dir, struct dentry *dentry,
- struct lookup_intent *it)
+ struct lookup_intent *it,
+ void *secctx, __u32 secctxlen)
{
struct inode *inode;
int rc = 0;
if (IS_ERR(inode))
RETURN(PTR_ERR(inode));
+ if ((ll_i2sbi(inode)->ll_flags & LL_SBI_FILE_SECCTX) &&
+ secctx != NULL) {
+ inode_lock(inode);
+ /* must be done before d_instantiate, because it calls
+ * security_d_instantiate, which means a getxattr if security
+ * context is not set yet */
+ rc = security_inode_notifysecctx(inode, secctx, secctxlen);
+ inode_unlock(inode);
+ if (rc)
+ RETURN(rc);
+ }
+
d_instantiate(dentry, inode);
+
+ if (!(ll_i2sbi(inode)->ll_flags & LL_SBI_FILE_SECCTX)) {
+ rc = ll_inode_init_security(dentry, inode, dir);
+ if (rc)
+ RETURN(rc);
+ }
+
RETURN(0);
}
LASSERT(body);
if (body->mbo_valid & OBD_MD_FLMTIME &&
body->mbo_mtime > LTIME_S(inode->i_mtime)) {
- CDEBUG(D_INODE, "setting fid "DFID" mtime from %lu to "LPU64
+ CDEBUG(D_INODE, "setting fid "DFID" mtime from %lu to %llu"
"\n", PFID(ll_inode2fid(inode)),
LTIME_S(inode->i_mtime), body->mbo_mtime);
LTIME_S(inode->i_mtime) = body->mbo_mtime;
if (unlikely(tgt != NULL))
tgt_len = strlen(tgt) + 1;
- op_data = ll_prep_md_op_data(NULL, dir, NULL, name->name,
- name->len, 0, opc, NULL);
- if (IS_ERR(op_data))
- GOTO(err_exit, err = PTR_ERR(op_data));
+again:
+ op_data = ll_prep_md_op_data(NULL, dir, NULL, name->name,
+ name->len, 0, opc, NULL);
+ if (IS_ERR(op_data))
+ GOTO(err_exit, err = PTR_ERR(op_data));
+
+ if (sbi->ll_flags & LL_SBI_FILE_SECCTX) {
+ err = ll_dentry_init_security(dchild, mode, &dchild->d_name,
+ &op_data->op_file_secctx_name,
+ &op_data->op_file_secctx,
+ &op_data->op_file_secctx_size);
+ if (err < 0)
+ GOTO(err_exit, err);
+ }
err = md_create(sbi->ll_md_exp, op_data, tgt, tgt_len, mode,
from_kuid(&init_user_ns, current_fsuid()),
from_kgid(&init_user_ns, current_fsgid()),
cfs_curproc_cap_pack(), rdev, &request);
- ll_finish_md_op_data(op_data);
- if (err)
- GOTO(err_exit, err);
+ if (err < 0 && err != -EREMOTE)
+ GOTO(err_exit, err);
- ll_update_times(request, dir);
+ /* If the client doesn't know where to create a subdirectory (or
+ * in case of a race that sends the RPC to the wrong MDS), the
+ * MDS will return -EREMOTE and the client will fetch the layout
+ * of the directory, then create the directory on the right MDT. */
+ if (unlikely(err == -EREMOTE)) {
+ struct ll_inode_info *lli = ll_i2info(dir);
+ struct lmv_user_md *lum;
+ int lumsize;
+ int err2;
+
+ ptlrpc_req_finished(request);
+ request = NULL;
+
+ err2 = ll_dir_getstripe(dir, (void **)&lum, &lumsize, &request,
+ OBD_MD_DEFAULT_MEA);
+ if (err2 == 0) {
+ /* Update stripe_offset and retry */
+ lli->lli_def_stripe_offset = lum->lum_stripe_offset;
+ } else if (err2 == -ENODATA &&
+ lli->lli_def_stripe_offset != -1) {
+ /* If there are no default stripe EA on the MDT, but the
+ * client has default stripe, then it probably means
+ * default stripe EA has just been deleted. */
+ lli->lli_def_stripe_offset = -1;
+ } else {
+ GOTO(err_exit, err);
+ }
+
+ ptlrpc_req_finished(request);
+ request = NULL;
+ ll_finish_md_op_data(op_data);
+ goto again;
+ }
+
+ ll_update_times(request, dir);
+
+ CFS_FAIL_TIMEOUT(OBD_FAIL_LLITE_NEWNODE_PAUSE, cfs_fail_val);
err = ll_prep_inode(&inode, request, dchild->d_sb, NULL);
if (err)
GOTO(err_exit, err);
+ if (sbi->ll_flags & LL_SBI_FILE_SECCTX) {
+ inode_lock(inode);
+ /* must be done before d_instantiate, because it calls
+ * security_d_instantiate, which means a getxattr if security
+ * context is not set yet */
+ err = security_inode_notifysecctx(inode,
+ op_data->op_file_secctx,
+ op_data->op_file_secctx_size);
+ inode_unlock(inode);
+ if (err)
+ GOTO(err_exit, err);
+ }
+
d_instantiate(dchild, inode);
- EXIT;
+ if (!(sbi->ll_flags & LL_SBI_FILE_SECCTX)) {
+ err = ll_inode_init_security(dchild, inode, dir);
+ if (err)
+ GOTO(err_exit, err);
+ }
+
+ EXIT;
err_exit:
- ptlrpc_req_finished(request);
+ if (request != NULL)
+ ptlrpc_req_finished(request);
- return err;
+ if (!IS_ERR_OR_NULL(op_data))
+ ll_finish_md_op_data(op_data);
+
+ return err;
}
static int ll_mknod(struct inode *dir, struct dentry *dchild, ll_umode_t mode,
{
int rc;
+ CFS_FAIL_TIMEOUT(OBD_FAIL_LLITE_CREATE_FILE_PAUSE, cfs_fail_val);
+
CDEBUG(D_VFSTRACE, "VFS Op:name=%.*s, dir="DFID"(%p), "
"flags=%u, excl=%d\n", dentry->d_name.len,
dentry->d_name.name, PFID(ll_inode2fid(dir)),
dir, mode, want_excl);
+ /* Using mknod(2) to create a regular file is designed to not recognize
+ * volatile file name, so we use ll_mknod() here. */
rc = ll_mknod(dir, dentry, mode, 0);
ll_stats_ops_tally(ll_i2sbi(dir), LPROC_LL_CREATE, 1);
{
struct ll_dentry_data *lld = ll_d2d(dentry);
struct lookup_intent *it = NULL;
- int rc;
+ int rc;
+
+ CFS_FAIL_TIMEOUT(OBD_FAIL_LLITE_CREATE_FILE_PAUSE, cfs_fail_val);
if (lld != NULL)
it = lld->lld_it;
- if (!it)
- return ll_mknod(dir, dentry, mode, 0);
+ if (!it) {
+ /* LU-8559: use LUSTRE_OPC_CREATE for non atomic open case
+ * so that volatile file name is recoginized.
+ * Mknod(2), however, is designed to not recognize volatile
+ * file name to avoid inode leak under orphan directory until
+ * MDT reboot */
+ return ll_new_node(dir, dentry, NULL, mode, 0,
+ LUSTRE_OPC_CREATE);
+ }
lld->lld_it = NULL;
- /* Was there an error? Propagate it! */
- if (it->d.lustre.it_status) {
- rc = it->d.lustre.it_status;
- goto out;
- }
+ /* Was there an error? Propagate it! */
+ if (it->it_status) {
+ rc = it->it_status;
+ goto out;
+ }
- rc = ll_create_it(dir, dentry, it);
- if (nd && (nd->flags & LOOKUP_OPEN) && dentry->d_inode) { /* Open */
+ rc = ll_create_it(dir, dentry, it, NULL, 0);
+ if (nd && (nd->flags & LOOKUP_OPEN) && dentry->d_inode) { /* Open */
struct file *filp;
nd->intent.open.file->private_data = it;
RETURN(rc);
}
-int ll_objects_destroy(struct ptlrpc_request *request, struct inode *dir)
-{
- struct mdt_body *body;
- struct lov_mds_md *eadata;
- struct lov_stripe_md *lsm = NULL;
- struct obd_trans_info oti = { 0 };
- struct obdo *oa;
- struct obd_capa *oc = NULL;
- int rc;
- ENTRY;
-
- /* req is swabbed so this is safe */
- body = req_capsule_server_get(&request->rq_pill, &RMF_MDT_BODY);
- if (!(body->mbo_valid & OBD_MD_FLEASIZE))
- RETURN(0);
-
- if (body->mbo_eadatasize == 0) {
- CERROR("OBD_MD_FLEASIZE set but eadatasize zero\n");
- GOTO(out, rc = -EPROTO);
- }
-
- /* The MDS sent back the EA because we unlinked the last reference
- * to this file. Use this EA to unlink the objects on the OST.
- * It's opaque so we don't swab here; we leave it to obd_unpackmd() to
- * check it is complete and sensible. */
- eadata = req_capsule_server_sized_get(&request->rq_pill, &RMF_MDT_MD,
- body->mbo_eadatasize);
- LASSERT(eadata != NULL);
-
- rc = obd_unpackmd(ll_i2dtexp(dir), &lsm, eadata, body->mbo_eadatasize);
- if (rc < 0) {
- CERROR("obd_unpackmd: %d\n", rc);
- GOTO(out, rc);
- }
- LASSERT(rc >= sizeof(*lsm));
-
- OBDO_ALLOC(oa);
- if (oa == NULL)
- GOTO(out_free_memmd, rc = -ENOMEM);
-
- oa->o_oi = lsm->lsm_oi;
- oa->o_mode = body->mbo_mode & S_IFMT;
- oa->o_valid = OBD_MD_FLID | OBD_MD_FLTYPE | OBD_MD_FLGROUP;
-
- if (body->mbo_valid & OBD_MD_FLCOOKIE) {
- oa->o_valid |= OBD_MD_FLCOOKIE;
- oti.oti_logcookies =
- req_capsule_server_sized_get(&request->rq_pill,
- &RMF_LOGCOOKIES,
- sizeof(struct llog_cookie) *
- lsm->lsm_stripe_count);
- if (oti.oti_logcookies == NULL) {
- oa->o_valid &= ~OBD_MD_FLCOOKIE;
- body->mbo_valid &= ~OBD_MD_FLCOOKIE;
- }
- }
-
- if (body->mbo_valid & OBD_MD_FLOSSCAPA) {
- rc = md_unpack_capa(ll_i2mdexp(dir), request, &RMF_CAPA2, &oc);
- if (rc)
- GOTO(out_free_memmd, rc);
- }
-
- rc = obd_destroy(NULL, ll_i2dtexp(dir), oa, lsm, &oti,
- ll_i2mdexp(dir), oc);
- capa_put(oc);
- if (rc)
- CERROR("obd destroy objid "DOSTID" error %d\n",
- POSTID(&lsm->lsm_oi), rc);
-out_free_memmd:
- obd_free_memmd(ll_i2dtexp(dir), &lsm);
- OBDO_FREE(oa);
-out:
- return rc;
-}
-
-/* ll_unlink() doesn't update the inode with the new link count.
- * Instead, ll_ddelete() and ll_d_iput() will update it based upon if
- * there is any lock existing. They will recycle dentries and inodes
- * based upon locks too. b=20433 */
static int ll_unlink(struct inode *dir, struct dentry *dchild)
{
struct qstr *name = &dchild->d_name;
ll_update_times(request, dir);
ll_stats_ops_tally(ll_i2sbi(dir), LPROC_LL_UNLINK, 1);
- rc = ll_objects_destroy(request, dir);
out:
ptlrpc_req_finished(request);
RETURN(rc);
}
static int ll_rename(struct inode *src, struct dentry *src_dchild,
- struct inode *tgt, struct dentry *tgt_dchild)
+ struct inode *tgt, struct dentry *tgt_dchild
+#ifdef HAVE_IOPS_RENAME_WITH_FLAGS
+ , unsigned int flags
+#endif
+ )
{
struct qstr *src_name = &src_dchild->d_name;
struct qstr *tgt_name = &tgt_dchild->d_name;
- struct ptlrpc_request *request = NULL;
- struct ll_sb_info *sbi = ll_i2sbi(src);
- struct md_op_data *op_data;
- int err;
- ENTRY;
+ struct ptlrpc_request *request = NULL;
+ struct ll_sb_info *sbi = ll_i2sbi(src);
+ struct md_op_data *op_data;
+ int err;
+ ENTRY;
+
+#ifdef HAVE_IOPS_RENAME_WITH_FLAGS
+ if (flags)
+ return -EINVAL;
+#endif
+
CDEBUG(D_VFSTRACE, "VFS Op:oldname=%.*s, src_dir="DFID
"(%p), newname=%.*s, tgt_dir="DFID"(%p)\n",
src_name->len, src_name->name,
ll_update_times(request, src);
ll_update_times(request, tgt);
ll_stats_ops_tally(sbi, LPROC_LL_RENAME, 1);
- err = ll_objects_destroy(request, src);
}
ptlrpc_req_finished(request);
.setattr = ll_setattr,
.getattr = ll_getattr,
.permission = ll_inode_permission,
+#ifdef HAVE_IOP_XATTR
.setxattr = ll_setxattr,
.getxattr = ll_getxattr,
- .listxattr = ll_listxattr,
.removexattr = ll_removexattr,
+#endif
+ .listxattr = ll_listxattr,
#ifdef HAVE_IOP_GET_ACL
.get_acl = ll_get_acl,
#endif
.setattr = ll_setattr,
.getattr = ll_getattr,
.permission = ll_inode_permission,
- .setxattr = ll_setxattr,
- .getxattr = ll_getxattr,
- .listxattr = ll_listxattr,
+#ifdef HAVE_IOP_XATTR
+ .setxattr = ll_setxattr,
+ .getxattr = ll_getxattr,
.removexattr = ll_removexattr,
+#endif
+ .listxattr = ll_listxattr,
#ifdef HAVE_IOP_GET_ACL
- .get_acl = ll_get_acl,
+ .get_acl = ll_get_acl,
#endif
};