* Copyright (c) 2002, 2010, Oracle and/or its affiliates. All rights reserved.
* Use is subject to license terms.
*
- * Copyright (c) 2011, 2014, Intel Corporation.
+ * Copyright (c) 2011, 2015, Intel Corporation.
*/
/*
* This file is part of Lustre, http://www.lustre.org/
#include <linux/highmem.h>
#include <linux/pagemap.h>
#include <linux/security.h>
+#include <linux/user_namespace.h>
+#ifdef HAVE_UIDGID_HEADER
+# include <linux/uidgid.h>
+#endif
#define DEBUG_SUBSYSTEM S_LLITE
lli->lli_fid = body->mbo_fid1;
if (unlikely(!(body->mbo_valid & OBD_MD_FLTYPE))) {
CERROR("Can not initialize inode "DFID" without object type: "
- "valid = "LPX64"\n",
+ "valid = %#llx\n",
PFID(&lli->lli_fid), body->mbo_valid);
return -EINVAL;
}
if (inode->i_state & I_NEW) {
rc = ll_read_inode2(inode, md);
if (rc == 0 && S_ISREG(inode->i_mode) &&
- ll_i2info(inode)->lli_clob == NULL) {
- CDEBUG(D_INODE, "%s: apply lsm %p to inode "DFID"\n",
- ll_get_fsname(sb, NULL, 0), md->lsm,
- PFID(ll_inode2fid(inode)));
+ ll_i2info(inode)->lli_clob == NULL)
rc = cl_file_inode_init(inode, md);
- }
+
if (rc != 0) {
+ /* Let's clear directory lsm here, otherwise
+ * make_bad_inode() will reset the inode mode
+ * to regular, then ll_clear_inode will not
+ * be able to clear lsm_md */
+ if (S_ISDIR(inode->i_mode))
+ ll_dir_clear_lsm_md(inode);
make_bad_inode(inode);
unlock_new_inode(inode);
iput(inode);
CDEBUG(D_VFSTRACE, "got inode: "DFID"(%p): rc = %d\n",
PFID(&md->body->mbo_fid1), inode, rc);
if (rc != 0) {
+ if (S_ISDIR(inode->i_mode))
+ ll_dir_clear_lsm_md(inode);
iput(inode);
inode = ERR_PTR(rc);
}
DECLARE_LL_D_HLIST_NODE_PTR(p);
ll_lock_dcache(dir);
- ll_d_hlist_for_each_entry(dentry, p, &dir->i_dentry, d_alias) {
+ ll_d_hlist_for_each_entry(dentry, p, &dir->i_dentry) {
spin_lock(&dentry->d_lock);
if (!list_empty(&dentry->d_subdirs)) {
struct dentry *child;
list_for_each_entry_safe(child, tmp_subdir,
&dentry->d_subdirs,
- d_u.d_child) {
+ d_child) {
if (child->d_inode == NULL)
d_lustre_invalidate(child, 1);
}
PFID(ll_inode2fid(inode)), rc);
}
+ if (bits & MDS_INODELOCK_UPDATE) {
+ struct ll_inode_info *lli = ll_i2info(inode);
+
+ spin_lock(&lli->lli_lock);
+ LTIME_S(inode->i_mtime) = 0;
+ LTIME_S(inode->i_atime) = 0;
+ LTIME_S(inode->i_ctime) = 0;
+ spin_unlock(&lli->lli_lock);
+ }
+
if ((bits & MDS_INODELOCK_UPDATE) && S_ISDIR(inode->i_mode)) {
struct ll_inode_info *lli = ll_i2info(inode);
hash = cl_fid_build_ino(&lli->lli_pfid,
ll_need_32bit_api(ll_i2sbi(inode)));
- master_inode = ilookup5(inode->i_sb, hash,
- ll_test_inode_by_fid,
+ /* Do not lookup the inode with ilookup5,
+ * otherwise it will cause dead lock,
+ *
+ * 1. Client1 send chmod req to the MDT0, then
+ * on MDT0, it enqueues master and all of its
+ * slaves lock, (mdt_attr_set() ->
+ * mdt_lock_slaves()), after gets master and
+ * stripe0 lock, it will send the enqueue req
+ * (for stripe1) to MDT1, then MDT1 finds the
+ * lock has been granted to client2. Then MDT1
+ * sends blocking ast to client2.
+ *
+ * 2. At the same time, client2 tries to unlink
+ * the striped dir (rm -rf striped_dir), and
+ * during lookup, it will hold the master inode
+ * of the striped directory, whose inode state
+ * is NEW, then tries to revalidate all of its
+ * slaves, (ll_prep_inode()->ll_iget()->
+ * ll_read_inode2()-> ll_update_inode().). And
+ * it will be blocked on the server side because
+ * of 1.
+ *
+ * 3. Then the client get the blocking_ast req,
+ * cancel the lock, but being blocked if using
+ * ->ilookup5()), because master inode state is
+ * NEW. */
+ master_inode = ilookup5_nowait(inode->i_sb,
+ hash, ll_test_inode_by_fid,
(void *)&lli->lli_pfid);
if (master_inode != NULL &&
!IS_ERR(master_inode)) {
discon_alias = invalid_alias = NULL;
ll_lock_dcache(inode);
- ll_d_hlist_for_each_entry(alias, p, &inode->i_dentry, d_alias) {
+ ll_d_hlist_for_each_entry(alias, p, &inode->i_dentry) {
LASSERT(alias != dentry);
spin_lock(&alias->d_lock);
- if (alias->d_flags & DCACHE_DISCONNECTED)
+ if ((alias->d_flags & DCACHE_DISCONNECTED) &&
+ S_ISDIR(inode->i_mode))
/* LASSERT(last_discon == NULL); LU-405, bz 20055 */
discon_alias = alias;
else if (alias->d_parent == dentry->d_parent &&
struct inode *inode = NULL;
__u64 bits = 0;
int rc;
+ struct dentry *alias;
ENTRY;
/* NB 1 request reference will be taken away by ll_intent_lock()
* when I return */
CDEBUG(D_DENTRY, "it %p it_disposition %x\n", it,
- it->d.lustre.it_disposition);
+ it->it_disposition);
if (!it_disposition(it, DISP_LOOKUP_NEG)) {
rc = ll_prep_inode(&inode, request, (*de)->d_sb, it);
if (rc)
/* Only hash *de if it is unhashed (new dentry).
* Atoimc_open may passin hashed dentries for open.
*/
- if (d_unhashed(*de)) {
- struct dentry *alias;
-
- alias = ll_splice_alias(inode, *de);
- if (IS_ERR(alias))
- GOTO(out, rc = PTR_ERR(alias));
-
- *de = alias;
- } else if (!it_disposition(it, DISP_LOOKUP_NEG) &&
- !it_disposition(it, DISP_OPEN_CREATE)) {
- /* With DISP_OPEN_CREATE dentry will
- instantiated in ll_create_it. */
- LASSERT((*de)->d_inode == NULL);
- d_instantiate(*de, inode);
- }
+ alias = ll_splice_alias(inode, *de);
+ if (IS_ERR(alias))
+ GOTO(out, rc = PTR_ERR(alias));
+
+ *de = alias;
if (!it_disposition(it, DISP_LOOKUP_NEG)) {
/* we have lookup look - unhide dentry */
/* Check that parent has UPDATE lock. */
struct lookup_intent parent_it = {
.it_op = IT_GETATTR,
- .d.lustre.it_lock_handle = 0 };
+ .it_lock_handle = 0 };
struct lu_fid fid = ll_i2info(parent)->lli_fid;
/* If it is striped directory, get the real stripe parent */
RETURN(dentry == save ? NULL : dentry);
}
+ if (it->it_op & IT_OPEN && it->it_flags & FMODE_WRITE &&
+ dentry->d_sb->s_flags & MS_RDONLY)
+ RETURN(ERR_PTR(-EROFS));
+
if (it->it_op & IT_CREAT)
opc = LUSTRE_OPC_CREATE;
else
op_data = ll_prep_md_op_data(NULL, parent, NULL, dentry->d_name.name,
dentry->d_name.len, 0, opc, NULL);
if (IS_ERR(op_data))
- RETURN((void *)op_data);
+ GOTO(out, retval = ERR_CAST(op_data));
/* enforce umask if acl disabled or MDS doesn't support umask */
if (!IS_POSIXACL(parent) || !exp_connect_umask(ll_i2mdexp(parent)))
it->it_create_mode &= ~current_umask();
+ if (it->it_op & IT_CREAT &&
+ ll_i2sbi(parent)->ll_flags & LL_SBI_FILE_SECCTX) {
+ rc = ll_dentry_init_security(dentry, it->it_create_mode,
+ &dentry->d_name,
+ &op_data->op_file_secctx_name,
+ &op_data->op_file_secctx,
+ &op_data->op_file_secctx_size);
+ if (rc < 0)
+ GOTO(out, retval = ERR_PTR(rc));
+ }
+
rc = md_intent_lock(ll_i2mdexp(parent), op_data, it, &req,
&ll_md_blocking_ast, 0);
/* If the MDS allows the client to chgrp (CFS_SETGRP_PERM), but the
dentry->d_name.len, dentry->d_name.name,
PFID(ll_inode2fid(parent)), parent, flags);
- /* Optimize away (CREATE && !OPEN). Let .create handle the race. */
- if ((flags & LOOKUP_CREATE) && !(flags & LOOKUP_OPEN))
+ /*
+ * Optimize away (CREATE && !OPEN). Let .create handle the race.
+ * but only if we have write permissions there, otherwise we need
+ * to proceed with lookup. LU-4185
+ */
+ if ((flags & LOOKUP_CREATE) && !(flags & LOOKUP_OPEN) &&
+ (inode_permission(parent, MAY_WRITE | MAY_EXEC) == 0))
return NULL;
if (flags & (LOOKUP_PARENT|LOOKUP_OPEN|LOOKUP_CREATE))
dentry->d_name.len, dentry->d_name.name,
PFID(ll_inode2fid(dir)), dir, file, open_flags, mode, *opened);
+ /* Only negative dentries enter here */
+ LASSERT(dentry->d_inode == NULL);
+
+ if (!d_unhashed(dentry)) {
+ /* A valid negative dentry that just passed revalidation,
+ * there's little point to try and open it server-side,
+ * even though there's a minuscule chance it might succeed.
+ * Either way it's a valid race to just return -ENOENT here.
+ */
+ if (!(open_flags & O_CREAT))
+ return -ENOENT;
+
+ /* Otherwise we just unhash it to be rehashed afresh via
+ * lookup if necessary
+ */
+ d_drop(dentry);
+ }
+
OBD_ALLOC(it, sizeof(*it));
if (!it)
RETURN(-ENOMEM);
else if (de != NULL)
dentry = de;
+ CFS_FAIL_TIMEOUT(OBD_FAIL_LLITE_CREATE_FILE_PAUSE, cfs_fail_val);
+
if (!rc) {
if (it_disposition(it, DISP_OPEN_CREATE)) {
/* Dentry instantiated in ll_create_it. */
if (dentry->d_inode && it_disposition(it, DISP_OPEN_OPEN)) {
/* Open dentry. */
if (S_ISFIFO(dentry->d_inode->i_mode)) {
- /* We cannot call open here as it would
- * deadlock.
- */
- if (it_disposition(it, DISP_ENQ_OPEN_REF))
- ptlrpc_req_finished(
- (struct ptlrpc_request *)
- it->d.lustre.it_data);
+ /* We cannot call open here as it might
+ * deadlock. This case is unreachable in
+ * practice because of OBD_CONNECT_NODEVOH. */
rc = finish_no_open(file, de);
} else {
file->private_data = it;
it = ll_d2d(dentry)->lld_it;
ll_d2d(dentry)->lld_it = NULL;
} else {
+ /*
+ * Optimize away (CREATE && !OPEN). Let .create handle
+ * the race. But only if we have write permissions
+ * there, otherwise we need to proceed with lookup.
+ * LU-4185
+ */
if ((nd->flags & LOOKUP_CREATE) &&
- !(nd->flags & LOOKUP_OPEN))
- RETURN(NULL);
+ !(nd->flags & LOOKUP_OPEN) &&
+ (inode_permission(parent,
+ MAY_WRITE | MAY_EXEC) == 0))
+ RETURN(NULL);
it = ll_convert_intent(&nd->intent.open, nd->flags);
if (IS_ERR(it))
if (dentry->d_inode &&
it_disposition(it, DISP_OPEN_OPEN)) { /* nocreate */
if (S_ISFIFO(dentry->d_inode->i_mode)) {
- // We cannot call open here as it would
- // deadlock.
- ptlrpc_req_finished(
- (struct ptlrpc_request *)
- it->d.lustre.it_data);
+ /* We cannot call open here as it might
+ * deadlock. This case is unreachable in
+ * practice because of
+ * OBD_CONNECT_NODEVOH. */
} else {
struct file *filp;
int rc;
ENTRY;
- LASSERT(it && it->d.lustre.it_disposition);
+ LASSERT(it && it->it_disposition);
- LASSERT(it_disposition(it, DISP_ENQ_CREATE_REF));
- request = it->d.lustre.it_data;
+ LASSERT(it_disposition(it, DISP_ENQ_CREATE_REF));
+ request = it->it_request;
it_clear_disposition(it, DISP_ENQ_CREATE_REF);
rc = ll_prep_inode(&inode, request, dir->i_sb, it);
if (rc)
RETURN(PTR_ERR(inode));
d_instantiate(dentry, inode);
+
+ if (!(ll_i2sbi(inode)->ll_flags & LL_SBI_FILE_SECCTX)) {
+ rc = ll_inode_init_security(dentry, inode, dir);
+ if (rc)
+ RETURN(rc);
+ }
+
RETURN(0);
}
LASSERT(body);
if (body->mbo_valid & OBD_MD_FLMTIME &&
body->mbo_mtime > LTIME_S(inode->i_mtime)) {
- CDEBUG(D_INODE, "setting fid "DFID" mtime from %lu to "LPU64
+ CDEBUG(D_INODE, "setting fid "DFID" mtime from %lu to %llu"
"\n", PFID(ll_inode2fid(inode)),
LTIME_S(inode->i_mtime), body->mbo_mtime);
LTIME_S(inode->i_mtime) = body->mbo_mtime;
tgt_len = strlen(tgt) + 1;
again:
- op_data = ll_prep_md_op_data(NULL, dir, NULL, name->name,
- name->len, 0, opc, NULL);
- if (IS_ERR(op_data))
- GOTO(err_exit, err = PTR_ERR(op_data));
+ op_data = ll_prep_md_op_data(NULL, dir, NULL, name->name,
+ name->len, 0, opc, NULL);
+ if (IS_ERR(op_data))
+ GOTO(err_exit, err = PTR_ERR(op_data));
+
+ if (sbi->ll_flags & LL_SBI_FILE_SECCTX) {
+ err = ll_dentry_init_security(dchild, mode, &dchild->d_name,
+ &op_data->op_file_secctx_name,
+ &op_data->op_file_secctx,
+ &op_data->op_file_secctx_size);
+ if (err < 0)
+ GOTO(err_exit, err);
+ }
err = md_create(sbi->ll_md_exp, op_data, tgt, tgt_len, mode,
from_kuid(&init_user_ns, current_fsuid()),
from_kgid(&init_user_ns, current_fsgid()),
cfs_curproc_cap_pack(), rdev, &request);
ll_finish_md_op_data(op_data);
- if (err) {
- /* If the client doesn't know where to create a subdirectory (or
- * in case of a race that sends the RPC to the wrong MDS), the
- * MDS will return -EREMOTE and the client will fetch the layout
- * for the directory, either from the local xattr cache or the
- * MDS, then create the directory on the right MDT. */
- if (err == -EREMOTE) {
- struct lmv_user_md *lum;
- int rc;
-
- ptlrpc_req_finished(request);
- request = NULL;
-
- OBD_ALLOC_PTR(lum);
- if (lum == NULL)
- GOTO(err_exit, err = -ENOMEM);
-
- rc = ll_getxattr_common(dir, XATTR_NAME_DEFAULT_LMV,
- lum, sizeof(*lum),
- OBD_MD_FLXATTR);
- if (rc < 0) {
- OBD_FREE_PTR(lum);
- if (rc == -ENODATA)
- GOTO(err_exit, err);
- else
- GOTO(err_exit, rc);
- }
+ op_data = NULL;
+ if (err < 0 && err != -EREMOTE)
+ GOTO(err_exit, err);
+
+ /* If the client doesn't know where to create a subdirectory (or
+ * in case of a race that sends the RPC to the wrong MDS), the
+ * MDS will return -EREMOTE and the client will fetch the layout
+ * of the directory, then create the directory on the right MDT. */
+ if (unlikely(err == -EREMOTE)) {
+ struct ll_inode_info *lli = ll_i2info(dir);
+ struct lmv_user_md *lum;
+ int lumsize;
+ int err2;
- ll_i2info(dir)->lli_def_stripe_offset =
- le32_to_cpu(lum->lum_stripe_offset);
- OBD_FREE_PTR(lum);
- goto again;
+ ptlrpc_req_finished(request);
+ request = NULL;
+
+ err2 = ll_dir_getstripe(dir, (void **)&lum, &lumsize, &request,
+ OBD_MD_DEFAULT_MEA);
+ if (err2 == 0) {
+ /* Update stripe_offset and retry */
+ lli->lli_def_stripe_offset = lum->lum_stripe_offset;
+ } else if (err2 == -ENODATA &&
+ lli->lli_def_stripe_offset != -1) {
+ /* If there are no default stripe EA on the MDT, but the
+ * client has default stripe, then it probably means
+ * default stripe EA has just been deleted. */
+ lli->lli_def_stripe_offset = -1;
+ } else {
+ GOTO(err_exit, err);
}
- GOTO(err_exit, err);
+
+ ptlrpc_req_finished(request);
+ request = NULL;
+ goto again;
}
- ll_update_times(request, dir);
+ ll_update_times(request, dir);
+
+ CFS_FAIL_TIMEOUT(OBD_FAIL_LLITE_NEWNODE_PAUSE, cfs_fail_val);
err = ll_prep_inode(&inode, request, dchild->d_sb, NULL);
if (err)
d_instantiate(dchild, inode);
- EXIT;
+ if (!(sbi->ll_flags & LL_SBI_FILE_SECCTX)) {
+ err = ll_inode_init_security(dchild, inode, dir);
+ if (err)
+ GOTO(err_exit, err);
+ }
+
+ EXIT;
err_exit:
if (request != NULL)
ptlrpc_req_finished(request);
- return err;
+ if (!IS_ERR_OR_NULL(op_data))
+ ll_finish_md_op_data(op_data);
+
+ return err;
}
static int ll_mknod(struct inode *dir, struct dentry *dchild, ll_umode_t mode,
{
int rc;
+ CFS_FAIL_TIMEOUT(OBD_FAIL_LLITE_CREATE_FILE_PAUSE, cfs_fail_val);
+
CDEBUG(D_VFSTRACE, "VFS Op:name=%.*s, dir="DFID"(%p), "
"flags=%u, excl=%d\n", dentry->d_name.len,
dentry->d_name.name, PFID(ll_inode2fid(dir)),
{
struct ll_dentry_data *lld = ll_d2d(dentry);
struct lookup_intent *it = NULL;
- int rc;
+ int rc;
+
+ CFS_FAIL_TIMEOUT(OBD_FAIL_LLITE_CREATE_FILE_PAUSE, cfs_fail_val);
if (lld != NULL)
it = lld->lld_it;
lld->lld_it = NULL;
/* Was there an error? Propagate it! */
- if (it->d.lustre.it_status) {
- rc = it->d.lustre.it_status;
+ if (it->it_status) {
+ rc = it->it_status;
goto out;
}
RETURN(rc);
}
-/* ll_unlink() doesn't update the inode with the new link count.
- * Instead, ll_ddelete() and ll_d_iput() will update it based upon if
- * there is any lock existing. They will recycle dentries and inodes
- * based upon locks too. b=20433 */
static int ll_unlink(struct inode *dir, struct dentry *dchild)
{
struct qstr *name = &dchild->d_name;