* GPL HEADER END
*/
/*
- * Copyright (c) 2012, 2013, Intel Corporation.
- * Use is subject to license terms.
* Copyright (c) 2011, 2012 Commissariat a l'energie atomique et aux energies
* alternatives
+ *
+ * Copyright (c) 2012, 2014, Intel Corporation.
+ * Use is subject to license terms.
*/
/*
* lustre/mdt/mdt_hsm.c
/* pack HSM attributes */
lustre_hsm2buf(info->mti_xattr_buf, mh);
- /* update SOM attributes */
+ /* update HSM attributes */
buf->lb_buf = attrs;
buf->lb_len = sizeof(*attrs);
rc = mo_xattr_set(info->mti_env, next, buf, XATTR_NAME_HSM, 0);
RETURN(rc);
}
+static inline bool mdt_hsm_is_admin(struct mdt_thread_info *info)
+{
+ bool is_admin;
+ int rc;
+
+ if (info->mti_body == NULL)
+ return false;
+
+ rc = mdt_init_ucred(info, (struct mdt_body *)info->mti_body);
+ if (rc < 0)
+ return false;
+
+ is_admin = md_capable(mdt_ucred(info), CFS_CAP_SYS_ADMIN);
+
+ mdt_exit_ucred(info);
+
+ return is_admin;
+}
+
/**
* Extract information coming from a copytool and asks coordinator to update
* a request status depending on the update content.
*
* This is HSM_PROGRESS RPC handler.
*/
-int mdt_hsm_progress(struct mdt_thread_info *info)
+int mdt_hsm_progress(struct tgt_session_info *tsi)
{
- struct mdt_body *body;
+ struct mdt_thread_info *info;
struct hsm_progress_kernel *hpk;
int rc;
ENTRY;
- body = req_capsule_client_get(info->mti_pill, &RMF_MDT_BODY);
- if (body == NULL)
+ if (tsi->tsi_mdt_body == NULL)
RETURN(-EPROTO);
- hpk = req_capsule_client_get(info->mti_pill, &RMF_MDS_HSM_PROGRESS);
+ hpk = req_capsule_client_get(tsi->tsi_pill, &RMF_MDS_HSM_PROGRESS);
if (hpk == NULL)
- RETURN(-EPROTO);
+ RETURN(err_serious(-EPROTO));
hpk->hpk_errval = lustre_errno_ntoh(hpk->hpk_errval);
CDEBUG(D_HSM, "Finished "DFID" (%d) cancel cookie="LPX64"\n",
PFID(&hpk->hpk_fid), hpk->hpk_errval, hpk->hpk_cookie);
- rc = mdt_hsm_coordinator_update(info, hpk);
+ info = tsi2mdt_info(tsi);
+ if (!mdt_hsm_is_admin(info))
+ GOTO(out, rc = -EPERM);
+ rc = mdt_hsm_coordinator_update(info, hpk);
+out:
+ mdt_thread_info_fini(info);
RETURN(rc);
}
-int mdt_hsm_ct_register(struct mdt_thread_info *info)
+int mdt_hsm_ct_register(struct tgt_session_info *tsi)
{
- struct mdt_body *body;
- struct ptlrpc_request *req = mdt_info_req(info);
+ struct mdt_thread_info *info;
__u32 *archives;
int rc;
ENTRY;
- body = req_capsule_client_get(info->mti_pill, &RMF_MDT_BODY);
- if (body == NULL)
- RETURN(-EPROTO);
-
- archives = req_capsule_client_get(info->mti_pill, &RMF_MDS_HSM_ARCHIVE);
+ archives = req_capsule_client_get(tsi->tsi_pill, &RMF_MDS_HSM_ARCHIVE);
if (archives == NULL)
- RETURN(-EPROTO);
+ RETURN(err_serious(-EPROTO));
+
+ info = tsi2mdt_info(tsi);
+ if (!mdt_hsm_is_admin(info))
+ GOTO(out, rc = -EPERM);
/* XXX: directly include this function here? */
- rc = mdt_hsm_agent_register_mask(info, &req->rq_export->exp_client_uuid,
+ rc = mdt_hsm_agent_register_mask(info, &tsi->tsi_exp->exp_client_uuid,
*archives);
-
+out:
+ mdt_thread_info_fini(info);
RETURN(rc);
}
-int mdt_hsm_ct_unregister(struct mdt_thread_info *info)
+int mdt_hsm_ct_unregister(struct tgt_session_info *tsi)
{
- struct mdt_body *body;
- struct ptlrpc_request *req = mdt_info_req(info);
+ struct mdt_thread_info *info;
int rc;
ENTRY;
- body = req_capsule_client_get(info->mti_pill, &RMF_MDT_BODY);
- if (body == NULL)
+ if (tsi->tsi_mdt_body == NULL)
RETURN(-EPROTO);
- /* XXX: directly include this function here? */
- rc = mdt_hsm_agent_unregister(info, &req->rq_export->exp_client_uuid);
+ info = tsi2mdt_info(tsi);
+ if (!mdt_hsm_is_admin(info))
+ GOTO(out, rc = -EPERM);
+ /* XXX: directly include this function here? */
+ rc = mdt_hsm_agent_unregister(info, &tsi->tsi_exp->exp_client_uuid);
+out:
+ mdt_thread_info_fini(info);
RETURN(rc);
}
*
* This is MDS_HSM_STATE_GET RPC handler.
*/
-int mdt_hsm_state_get(struct mdt_thread_info *info)
+int mdt_hsm_state_get(struct tgt_session_info *tsi)
{
+ struct mdt_thread_info *info = tsi2mdt_info(tsi);
struct mdt_object *obj = info->mti_object;
struct md_attr *ma = &info->mti_attr;
struct hsm_user_state *hus;
int rc;
ENTRY;
+ if (info->mti_body == NULL || obj == NULL)
+ GOTO(out, rc = -EPROTO);
+
+ /* Only valid if client is remote */
+ rc = mdt_init_ucred(info, (struct mdt_body *)info->mti_body);
+ if (rc < 0)
+ GOTO(out, rc = err_serious(rc));
+
lh = &info->mti_lh[MDT_LH_CHILD];
mdt_lock_reg_init(lh, LCK_PR);
rc = mdt_object_lock(info, obj, lh, MDS_INODELOCK_LOOKUP,
MDT_LOCAL_LOCK);
- if (rc)
- RETURN(rc);
-
- /* Only valid if client is remote */
- rc = mdt_init_ucred(info, (struct mdt_body *)info->mti_body);
- if (rc)
- GOTO(out_unlock, rc = err_serious(rc));
+ if (rc < 0)
+ GOTO(out_ucred, rc);
ma->ma_valid = 0;
ma->ma_need = MA_HSM;
rc = mdt_attr_get_complex(info, obj, ma);
if (rc)
- GOTO(out_ucred, rc);
+ GOTO(out_unlock, rc);
- if (req_capsule_get_size(info->mti_pill, &RMF_CAPA1, RCL_CLIENT))
- mdt_set_capainfo(info, 0, &info->mti_body->fid1,
- req_capsule_client_get(info->mti_pill, &RMF_CAPA1));
-
- hus = req_capsule_server_get(info->mti_pill, &RMF_HSM_USER_STATE);
+ hus = req_capsule_server_get(tsi->tsi_pill, &RMF_HSM_USER_STATE);
if (hus == NULL)
- GOTO(out_ucred, rc = -EPROTO);
+ GOTO(out_unlock, rc = -EPROTO);
/* Current HSM flags */
hus->hus_states = ma->ma_hsm.mh_flags;
hus->hus_archive_id = ma->ma_hsm.mh_arch_id;
EXIT;
-out_ucred:
- mdt_exit_ucred(info);
out_unlock:
mdt_object_unlock(info, obj, lh, 1);
+out_ucred:
+ mdt_exit_ucred(info);
+out:
+ mdt_thread_info_fini(info);
return rc;
}
*
* Archive number is changed iif the value is not 0.
* The new flagset that will be computed should result in a coherent state.
- * This function checks that are flags are compatible.
+ * This function checks that flags are compatible.
*
* This is MDS_HSM_STATE_SET RPC handler.
*/
-int mdt_hsm_state_set(struct mdt_thread_info *info)
+int mdt_hsm_state_set(struct tgt_session_info *tsi)
{
+ struct mdt_thread_info *info = tsi2mdt_info(tsi);
struct mdt_object *obj = info->mti_object;
struct md_attr *ma = &info->mti_attr;
struct hsm_state_set *hss;
__u64 flags;
ENTRY;
+ hss = req_capsule_client_get(info->mti_pill, &RMF_HSM_STATE_SET);
+
+ if (info->mti_body == NULL || obj == NULL || hss == NULL)
+ GOTO(out, rc = -EPROTO);
+
+ /* Only valid if client is remote */
+ rc = mdt_init_ucred(info, (struct mdt_body *)info->mti_body);
+ if (rc < 0)
+ GOTO(out, rc = err_serious(rc));
+
lh = &info->mti_lh[MDT_LH_CHILD];
mdt_lock_reg_init(lh, LCK_PW);
rc = mdt_object_lock(info, obj, lh, MDS_INODELOCK_LOOKUP |
MDS_INODELOCK_XATTR, MDT_LOCAL_LOCK);
- if (rc)
- RETURN(rc);
+ if (rc < 0)
+ GOTO(out_ucred, rc);
- /* Only valid if client is remote */
- rc = mdt_init_ucred(info, (struct mdt_body *)info->mti_body);
- if (rc)
- GOTO(out_obj, rc = err_serious(rc));
+ /* Detect out-of range masks */
+ if ((hss->hss_setmask | hss->hss_clearmask) & ~HSM_FLAGS_MASK) {
+ CDEBUG(D_HSM, "Incompatible masks provided (set "LPX64
+ ", clear "LPX64") vs supported set (%#x).\n",
+ hss->hss_setmask, hss->hss_clearmask, HSM_FLAGS_MASK);
+ GOTO(out_unlock, rc = -EINVAL);
+ }
+
+ /* Non-root users are forbidden to set or clear flags which are
+ * NOT defined in HSM_USER_MASK. */
+ if (((hss->hss_setmask | hss->hss_clearmask) & ~HSM_USER_MASK) &&
+ !md_capable(mdt_ucred(info), CFS_CAP_SYS_ADMIN)) {
+ CDEBUG(D_HSM, "Incompatible masks provided (set "LPX64
+ ", clear "LPX64") vs unprivileged set (%#x).\n",
+ hss->hss_setmask, hss->hss_clearmask, HSM_USER_MASK);
+ GOTO(out_unlock, rc = -EPERM);
+ }
/* Read current HSM info */
ma->ma_valid = 0;
ma->ma_need = MA_HSM;
rc = mdt_attr_get_complex(info, obj, ma);
if (rc)
- GOTO(out_ucred, rc);
-
- hss = req_capsule_client_get(info->mti_pill, &RMF_HSM_STATE_SET);
- if (hss == NULL)
- GOTO(out_ucred, rc = -EPROTO);
-
- if (req_capsule_get_size(info->mti_pill, &RMF_CAPA1, RCL_CLIENT))
- mdt_set_capainfo(info, 0, &info->mti_body->fid1,
- req_capsule_client_get(info->mti_pill, &RMF_CAPA1));
+ GOTO(out_unlock, rc);
/* Change HSM flags depending on provided masks */
if (hss->hss_valid & HSS_SETMASK)
if (!(ma->ma_hsm.mh_flags & HS_EXISTS)) {
CDEBUG(D_HSM, "Could not set an archive number for "
DFID "if HSM EXISTS flag is not set.\n",
- PFID(&info->mti_body->fid1));
- GOTO(out_ucred, rc);
+ PFID(&info->mti_body->mbo_fid1));
+ GOTO(out_unlock, rc);
}
+
+ /* Detect out-of range archive id */
+ if (hss->hss_archive_id > LL_HSM_MAX_ARCHIVE) {
+ CDEBUG(D_HSM, "archive id %u exceeds maximum %zu.\n",
+ hss->hss_archive_id, LL_HSM_MAX_ARCHIVE);
+ GOTO(out_unlock, rc = -EINVAL);
+ }
+
ma->ma_hsm.mh_arch_id = hss->hss_archive_id;
}
(flags & HS_LOST && !(flags & HS_ARCHIVED))) {
CDEBUG(D_HSM, "Incompatible flag change on "DFID
"flags="LPX64"\n",
- PFID(&info->mti_body->fid1), flags);
- GOTO(out_ucred, rc = -EINVAL);
+ PFID(&info->mti_body->mbo_fid1), flags);
+ GOTO(out_unlock, rc = -EINVAL);
}
/* Save the modified flags */
rc = mdt_hsm_attr_set(info, obj, &ma->ma_hsm);
if (rc)
- GOTO(out_ucred, rc);
+ GOTO(out_unlock, rc);
EXIT;
+out_unlock:
+ mdt_object_unlock(info, obj, lh, 1);
out_ucred:
mdt_exit_ucred(info);
-out_obj:
- mdt_object_unlock(info, obj, lh, 1);
+out:
+ mdt_thread_info_fini(info);
return rc;
}
*
* This is MDS_HSM_ACTION RPC handler.
*/
-int mdt_hsm_action(struct mdt_thread_info *info)
+int mdt_hsm_action(struct tgt_session_info *tsi)
{
+ struct mdt_thread_info *info;
struct hsm_current_action *hca;
struct hsm_action_list *hal = NULL;
struct hsm_action_item *hai;
int rc;
ENTRY;
+ hca = req_capsule_server_get(tsi->tsi_pill,
+ &RMF_MDS_HSM_CURRENT_ACTION);
+ if (hca == NULL)
+ RETURN(err_serious(-EPROTO));
+
+ if (tsi->tsi_mdt_body == NULL)
+ RETURN(-EPROTO);
+
+ info = tsi2mdt_info(tsi);
/* Only valid if client is remote */
rc = mdt_init_ucred(info, (struct mdt_body *)info->mti_body);
if (rc)
- RETURN(rc = err_serious(rc));
-
- if (req_capsule_get_size(info->mti_pill, &RMF_CAPA1, RCL_CLIENT))
- mdt_set_capainfo(info, 0, &info->mti_body->fid1,
- req_capsule_client_get(info->mti_pill,
- &RMF_CAPA1));
-
- hca = req_capsule_server_get(info->mti_pill,
- &RMF_MDS_HSM_CURRENT_ACTION);
- if (hca == NULL)
- GOTO(out_ucred, rc = -EPROTO);
+ GOTO(out, rc = err_serious(rc));
/* Coordinator information */
hal_size = sizeof(*hal) +
hai->hai_action = HSMA_NONE;
hai->hai_cookie = 0;
hai->hai_gid = 0;
- hai->hai_fid = info->mti_body->fid1;
+ hai->hai_fid = info->mti_body->mbo_fid1;
hai->hai_len = sizeof(*hai);
rc = mdt_hsm_get_actions(info, hal);
MDT_HSM_FREE(hal, hal_size);
out_ucred:
mdt_exit_ucred(info);
+out:
+ mdt_thread_info_fini(info);
return rc;
}
*
* This is MDS_HSM_REQUEST RPC handler.
*/
-int mdt_hsm_request(struct mdt_thread_info *info)
+int mdt_hsm_request(struct tgt_session_info *tsi)
{
- struct req_capsule *pill = info->mti_pill;
- struct mdt_body *body;
+ struct mdt_thread_info *info;
+ struct req_capsule *pill = tsi->tsi_pill;
struct hsm_request *hr;
struct hsm_user_item *hui;
struct hsm_action_list *hal;
int hal_size, i, rc;
ENTRY;
- body = req_capsule_client_get(pill, &RMF_MDT_BODY);
hr = req_capsule_client_get(pill, &RMF_MDS_HSM_REQUEST);
hui = req_capsule_client_get(pill, &RMF_MDS_HSM_USER_ITEM);
data = req_capsule_client_get(pill, &RMF_GENERIC_DATA);
- if (body == NULL || hr == NULL || hui == NULL || data == NULL)
+ if (tsi->tsi_mdt_body == NULL || hr == NULL || hui == NULL || data == NULL)
RETURN(-EPROTO);
/* Sanity check. Nothing to do with an empty list */
if (data_size != hr->hr_data_len)
RETURN(-EPROTO);
+ info = tsi2mdt_info(tsi);
/* Only valid if client is remote */
- rc = mdt_init_ucred(info, body);
+ rc = mdt_init_ucred(info, (struct mdt_body *)info->mti_body);
if (rc)
- RETURN(err_serious(rc));
+ GOTO(out, rc);
switch (hr->hr_action) {
/* code to be removed in hsm1_merge and final patch */
out_ucred:
mdt_exit_ucred(info);
+out:
+ mdt_thread_info_fini(info);
return rc;
}
git://git.whamcloud.com / fs / lustre-release.git / blobdiff