}
+/**
+ * mdt_remote_permission: Check whether the remote operation is permitted,
+ *
+ * Before we implement async cross-MDT updates (DNE phase 2). There are a few
+ * limitations here:
+ *
+ * 1.Only sysadmin can create remote directory and striped directory and
+ * migrate directory now, unless
+ * lctl set_param mdt.*.enable_remote_dir_gid=allow_gid.
+ * 2.Remote directory can only be created on MDT0, unless
+ * lctl set_param mdt.*.enable_remote_dir = 1
+ * 3.Only new clients can access remote dir( >= 2.4) and striped dir(>= 2.6),
+ * old client will return -ENOTSUPP.
+ *
+ * XXX these check are only needed for remote synchronization, once async
+ * update is supported, these check will be removed.
+ *
+ * param[in]info: execution environment.
+ * param[in]parent: the directory of this operation.
+ * param[in]child: the child of this operation.
+ *
+ * retval = 0 remote operation is allowed.
+ * < 0 remote operation is denied.
+ */
+static int mdt_remote_permission(struct mdt_thread_info *info,
+ struct mdt_object *parent,
+ struct mdt_object *child)
+{
+ struct mdt_device *mdt = info->mti_mdt;
+ struct lu_ucred *uc = mdt_ucred(info);
+ struct md_op_spec *spec = &info->mti_spec;
+ struct lu_attr *attr = &info->mti_attr.ma_attr;
+ struct obd_export *exp = mdt_info_req(info)->rq_export;
+
+ /* Only check create remote directory, striped directory and
+ * migration */
+ if (mdt_object_remote(parent) == 0 && mdt_object_remote(child) == 0 &&
+ !(S_ISDIR(attr->la_mode) && spec->u.sp_ea.eadata != NULL &&
+ spec->u.sp_ea.eadatalen != 0) &&
+ info->mti_rr.rr_opcode != REINT_MIGRATE)
+ return 0;
+
+ if (!md_capable(uc, CFS_CAP_SYS_ADMIN)) {
+ if (uc->uc_gid != mdt->mdt_enable_remote_dir_gid &&
+ mdt->mdt_enable_remote_dir_gid != -1)
+ return -EPERM;
+ }
+
+ if (mdt->mdt_enable_remote_dir == 0) {
+ struct seq_server_site *ss = mdt_seq_site(mdt);
+ struct lu_seq_range range = { 0 };
+ int rc;
+
+ fld_range_set_type(&range, LU_SEQ_RANGE_MDT);
+ rc = fld_server_lookup(info->mti_env, ss->ss_server_fld,
+ fid_seq(mdt_object_fid(parent)), &range);
+ if (rc != 0)
+ return rc;
+
+ if (range.lsr_index != 0)
+ return -EPERM;
+ }
+
+ if (!mdt_is_dne_client(exp))
+ return -ENOTSUPP;
+
+ if (S_ISDIR(attr->la_mode) && spec->u.sp_ea.eadata != NULL &&
+ spec->u.sp_ea.eadatalen != 0 && !mdt_is_striped_client(exp))
+ return -ENOTSUPP;
+
+ return 0;
+}
+
/*
* VBR: we save three versions in reply:
* 0 - parent. Check that parent version is the same during replay.
if (likely(!IS_ERR(child))) {
struct md_object *next = mdt_object_child(parent);
- if (mdt_object_remote(child)) {
- struct seq_server_site *ss;
- struct lu_ucred *uc = mdt_ucred(info);
-
- if (!md_capable(uc, CFS_CAP_SYS_ADMIN)) {
- if (uc->uc_gid !=
- mdt->mdt_enable_remote_dir_gid &&
- mdt->mdt_enable_remote_dir_gid != -1) {
- CERROR("%s: Creating remote dir is only"
- " permitted for administrator or"
- " set mdt_enable_remote_dir_gid:"
- " rc = %d\n",
- mdt_obd_name(mdt), -EPERM);
- GOTO(out_put_child, rc = -EPERM);
- }
- }
-
- ss = mdt_seq_site(mdt);
- if (ss->ss_node_id != 0 &&
- mdt->mdt_enable_remote_dir == 0) {
- CERROR("%s: remote dir is only permitted on"
- " MDT0 or set_param"
- " mdt.*.enable_remote_dir=1\n",
- mdt_obd_name(mdt));
- GOTO(out_put_child, rc = -EPERM);
- }
- if (!mdt_is_dne_client(mdt_info_req(info)->rq_export)) {
- /* Return -EIO for old client */
- GOTO(out_put_child, rc = -EIO);
- }
+ rc = mdt_remote_permission(info, parent, child);
+ if (rc != 0)
+ GOTO(out_put_child, rc);
- }
- ma->ma_need = MA_INODE;
+ ma->ma_need = MA_INODE;
ma->ma_valid = 0;
/* capa for cross-ref will be stored here */
ma->ma_capa = req_capsule_server_get(info->mti_pill,
PNAME(&rr->rr_name), PFID(mdt_object_fid(mc)));
if (!mdt_is_dne_client(req->rq_export))
- /* Return -EIO for old client */
- GOTO(put_child, rc = -EIO);
+ /* Return -ENOTSUPP for old client */
+ GOTO(put_child, rc = -ENOTSUPP);
if (info->mti_spec.sp_rm_entry) {
struct lu_ucred *uc = mdt_ucred(info);
unlock_child:
mdt_unlock_slaves(info, mc, MDS_INODELOCK_UPDATE, s0_lh, s0_obj, einfo);
mdt_object_unlock(info, mc, child_lh, rc);
-
- /* Since we do not need reply md striped dir info to client, so
- * reset mti_big_lmm_used to avoid confusing mdt_fix_reply */
- if (info->mti_big_lmm_used)
- info->mti_big_lmm_used = 0;
put_child:
mdt_object_put(info->mti_env, mc);
unlock_parent:
* target. Source should not be ancestor of target dir. May be other rename
* checks can be moved here later.
*/
-static int mdt_rename_sanity(struct mdt_thread_info *info, struct lu_fid *fid)
+static int mdt_rename_sanity(struct mdt_thread_info *info,
+ const struct lu_fid *dir_fid,
+ const struct lu_fid *fid)
{
- struct mdt_reint_record *rr = &info->mti_rr;
- struct lu_fid dst_fid = *rr->rr_fid2;
struct mdt_object *dst;
+ struct lu_fid dst_fid = *dir_fid;
int rc = 0;
ENTRY;
/* If the source and target are in the same directory, they can not
* be parent/child relationship, so subdir check is not needed */
- if (lu_fid_eq(rr->rr_fid1, rr->rr_fid2))
+ if (lu_fid_eq(dir_fid, fid))
return 0;
do {
&dst_fid);
mdt_object_put(info->mti_env, dst);
if (rc != -EREMOTE && rc < 0) {
- CERROR("Failed mdo_is_subdir(), rc %d\n", rc);
+ CERROR("%s: failed subdir check in "DFID" for "
+ DFID": rc = %d\n",
+ mdt_obd_name(info->mti_mdt),
+ PFID(dir_fid), PFID(fid), rc);
+ /* Return EINVAL only if a parent is the @fid */
+ if (rc == -EINVAL)
+ rc = -EIO;
} else {
/* check the found fid */
if (lu_fid_eq(&dst_fid, fid))
CDEBUG(D_INODE, "migrate "DFID"/"DNAME" to "DFID"\n", PFID(rr->rr_fid1),
PNAME(&rr->rr_name), PFID(rr->rr_fid2));
+
/* 1: lock the source dir. */
msrcdir = mdt_object_find(info->mti_env, info->mti_mdt, rr->rr_fid1);
if (IS_ERR(msrcdir)) {
GOTO(out_put_child, rc = -EPERM);
}
+ rc = mdt_remote_permission(info, msrcdir, mold);
+ if (rc != 0)
+ GOTO(out_put_child, rc);
+
/* 3: iterate the linkea of the object and lock all of the objects */
CFS_INIT_LIST_HEAD(&lock_list);
rc = mdt_lock_objects_in_linkea(info, mold, msrcdir, &lock_list);
RETURN(rc);
}
+static struct mdt_object *mdt_object_find_check(struct mdt_thread_info *info,
+ const struct lu_fid *fid,
+ int idx)
+{
+ struct mdt_object *dir;
+ int rc;
+ ENTRY;
+
+ dir = mdt_object_find(info->mti_env, info->mti_mdt, fid);
+ if (IS_ERR(dir))
+ RETURN(dir);
+
+ /* check early, the real version will be saved after locking */
+ rc = mdt_version_get_check(info, dir, idx);
+ if (rc)
+ GOTO(out_put, rc);
+
+ RETURN(dir);
+out_put:
+ mdt_object_put(info->mti_env, dir);
+ return ERR_PTR(rc);
+}
+
+static int mdt_object_lock_save(struct mdt_thread_info *info,
+ struct mdt_object *dir,
+ struct mdt_lock_handle *lh,
+ int idx)
+{
+ int rc;
+
+ /* we lock the target dir if it is local */
+ rc = mdt_object_lock(info, dir, lh, MDS_INODELOCK_UPDATE,
+ MDT_LOCAL_LOCK);
+ if (rc != 0)
+ return rc;
+
+ /* get and save correct version after locking */
+ mdt_version_get_save(info, dir, idx);
+ return 0;
+}
+
+
+static int mdt_rename_parents_lock(struct mdt_thread_info *info,
+ struct mdt_object **srcp,
+ struct mdt_object **tgtp)
+{
+ struct mdt_reint_record *rr = &info->mti_rr;
+ const struct lu_fid *fid_src = rr->rr_fid1;
+ const struct lu_fid *fid_tgt = rr->rr_fid2;
+ struct mdt_lock_handle *lh_src = &info->mti_lh[MDT_LH_PARENT];
+ struct mdt_lock_handle *lh_tgt = &info->mti_lh[MDT_LH_CHILD];
+ struct mdt_object *src;
+ struct mdt_object *tgt;
+ int reverse = 0;
+ int rc;
+ ENTRY;
+
+ /* Check if the @src is not a child of the @tgt, otherwise a
+ * reverse locking must take place.
+ *
+ * Note: cannot be called after object_find, because if the object
+ * is destroyed in between it gets stuck in lu_object_find_at(),
+ * waiting for the last ref. */
+ rc = mdt_rename_sanity(info, fid_src, fid_tgt);
+ if (rc == -EINVAL)
+ reverse = 1;
+ else if (rc)
+ RETURN(rc);
+
+ /* find both parents. */
+ src = mdt_object_find_check(info, fid_src, 0);
+ if (IS_ERR(src))
+ RETURN(PTR_ERR(src));
+
+ OBD_FAIL_TIMEOUT(OBD_FAIL_MDS_RENAME3, 5);
+
+ if (lu_fid_eq(fid_src, fid_tgt)) {
+ tgt = src;
+ mdt_object_get(info->mti_env, tgt);
+ } else {
+ tgt = mdt_object_find_check(info, fid_tgt, 1);
+ if (IS_ERR(tgt))
+ GOTO(err_src_put, rc = PTR_ERR(tgt));
+
+ if (unlikely(mdt_object_remote(tgt))) {
+ CDEBUG(D_INFO, "Source dir "DFID" target dir "DFID
+ "on different MDTs\n", PFID(fid_src),
+ PFID(fid_tgt));
+ GOTO(err_tgt_put, rc = -EXDEV);
+ }
+ }
+
+ /* lock parents in the proper order. */
+ if (reverse) {
+ rc = mdt_object_lock_save(info, tgt, lh_tgt, 1);
+ if (rc)
+ GOTO(err_tgt_put, rc);
+
+ OBD_FAIL_TIMEOUT(OBD_FAIL_MDS_RENAME, 5);
+
+ rc = mdt_object_lock_save(info, src, lh_src, 0);
+ } else {
+ rc = mdt_object_lock_save(info, src, lh_src, 0);
+ if (rc)
+ GOTO(err_tgt_put, rc);
+
+ OBD_FAIL_TIMEOUT(OBD_FAIL_MDS_RENAME, 5);
+
+ if (tgt != src)
+ rc = mdt_object_lock_save(info, tgt, lh_tgt, 1);
+ else if (lh_src->mlh_pdo_hash != lh_tgt->mlh_pdo_hash) {
+ rc = mdt_pdir_hash_lock(info, lh_tgt, tgt,
+ MDS_INODELOCK_UPDATE);
+ OBD_FAIL_TIMEOUT(OBD_FAIL_MDS_PDO_LOCK2, 10);
+ }
+ }
+ if (rc)
+ GOTO(err_unlock, rc);
+
+ if (lu_object_is_dying(&tgt->mot_header))
+ GOTO(err_unlock, rc = -ENOENT);
+
+ *srcp = src;
+ *tgtp = tgt;
+ RETURN(0);
+
+err_unlock:
+ /* The order does not matter as the handle is checked inside,
+ * as well as not used handle. */
+ mdt_object_unlock(info, src, lh_src, rc);
+ mdt_object_unlock(info, tgt, lh_tgt, rc);
+err_tgt_put:
+ mdt_object_put(info->mti_env, tgt);
+err_src_put:
+ mdt_object_put(info->mti_env, src);
+ RETURN(rc);
+}
+
/*
* VBR: rename versions in reply: 0 - src parent; 1 - tgt parent;
* 2 - src child; 3 - tgt child.
struct mdt_reint_record *rr = &info->mti_rr;
struct md_attr *ma = &info->mti_attr;
struct ptlrpc_request *req = mdt_info_req(info);
- struct mdt_object *msrcdir;
- struct mdt_object *mtgtdir;
+ struct mdt_object *msrcdir = NULL;
+ struct mdt_object *mtgtdir = NULL;
struct mdt_object *mold;
struct mdt_object *mnew = NULL;
struct mdt_lock_handle *lh_srcdirp;
PFID(rr->rr_fid1), PNAME(&rr->rr_name),
PFID(rr->rr_fid2), PNAME(&rr->rr_tgt_name));
- /* step 1: lock the source dir. */
lh_srcdirp = &info->mti_lh[MDT_LH_PARENT];
mdt_lock_pdo_init(lh_srcdirp, LCK_PW, &rr->rr_name);
- msrcdir = mdt_object_find_lock(info, rr->rr_fid1, lh_srcdirp,
- MDS_INODELOCK_UPDATE);
- if (IS_ERR(msrcdir))
- RETURN(PTR_ERR(msrcdir));
-
- rc = mdt_version_get_check_save(info, msrcdir, 0);
- if (rc)
- GOTO(out_unlock_source, rc);
-
- /* step 2: find & lock the target dir. */
lh_tgtdirp = &info->mti_lh[MDT_LH_CHILD];
mdt_lock_pdo_init(lh_tgtdirp, LCK_PW, &rr->rr_tgt_name);
- if (lu_fid_eq(rr->rr_fid1, rr->rr_fid2)) {
- mdt_object_get(info->mti_env, msrcdir);
- mtgtdir = msrcdir;
- if (lh_tgtdirp->mlh_pdo_hash != lh_srcdirp->mlh_pdo_hash) {
- rc = mdt_pdir_hash_lock(info, lh_tgtdirp, mtgtdir,
- MDS_INODELOCK_UPDATE);
- if (rc != 0)
- GOTO(out_unlock_source, rc);
- OBD_FAIL_TIMEOUT(OBD_FAIL_MDS_PDO_LOCK2, 10);
- }
- } else {
- mtgtdir = mdt_object_find(info->mti_env, info->mti_mdt,
- rr->rr_fid2);
- if (IS_ERR(mtgtdir))
- GOTO(out_unlock_source, rc = PTR_ERR(mtgtdir));
- /* check early, the real version will be saved after locking */
- rc = mdt_version_get_check(info, mtgtdir, 1);
- if (rc)
- GOTO(out_put_target, rc);
+ /* step 1&2: lock the source and target dirs. */
+ rc = mdt_rename_parents_lock(info, &msrcdir, &mtgtdir);
+ if (rc)
+ RETURN(rc);
- if (unlikely(mdt_object_remote(mtgtdir))) {
- CDEBUG(D_INFO, "Source dir "DFID" target dir "DFID
- "on different MDTs\n", PFID(rr->rr_fid1),
- PFID(rr->rr_fid2));
- GOTO(out_put_target, rc = -EXDEV);
- } else {
- if (likely(mdt_object_exists(mtgtdir))) {
- /* we lock the target dir if it is local */
- rc = mdt_object_lock(info, mtgtdir, lh_tgtdirp,
- MDS_INODELOCK_UPDATE,
- MDT_LOCAL_LOCK);
- if (rc != 0)
- GOTO(out_put_target, rc);
- /* get and save correct version after locking */
- mdt_version_get_save(info, mtgtdir, 1);
- } else {
- GOTO(out_put_target, rc = -ESTALE);
- }
- }
- }
+ OBD_FAIL_TIMEOUT(OBD_FAIL_MDS_RENAME2, 5);
/* step 3: find & lock the old object. */
fid_zero(old_fid);
rc = mdt_lookup_version_check(info, msrcdir, &rr->rr_name, old_fid, 2);
if (rc != 0)
- GOTO(out_unlock_target, rc);
+ GOTO(out_unlock_parents, rc);
if (lu_fid_eq(old_fid, rr->rr_fid1) || lu_fid_eq(old_fid, rr->rr_fid2))
- GOTO(out_unlock_target, rc = -EINVAL);
+ GOTO(out_unlock_parents, rc = -EINVAL);
if (!fid_is_md_operative(old_fid))
- GOTO(out_unlock_target, rc = -EPERM);
+ GOTO(out_unlock_parents, rc = -EPERM);
mold = mdt_object_find(info->mti_env, info->mti_mdt, old_fid);
if (IS_ERR(mold))
- GOTO(out_unlock_target, rc = PTR_ERR(mold));
+ GOTO(out_unlock_parents, rc = PTR_ERR(mold));
+
+ /* Check if @mtgtdir is subdir of @mold, before locking child
+ * to avoid reverse locking. */
+ rc = mdt_rename_sanity(info, rr->rr_fid2, old_fid);
+ if (rc)
+ GOTO(out_put_old, rc);
tgt_vbr_obj_set(info->mti_env, mdt_obj2dt(mold));
/* save version after locking */
if (rc != 0)
GOTO(out_put_new, rc);
+ /* Check if @msrcdir is subdir of @mnew, before locking child
+ * to avoid reverse locking. */
+ rc = mdt_rename_sanity(info, rr->rr_fid1, new_fid);
+ if (rc)
+ GOTO(out_unlock_old, rc);
+
/* We used to acquire MDS_INODELOCK_FULL here but we
* can't do this now because a running HSM restore on
* the rename onto victim will hold the layout
mdt_fail_write(info->mti_env, info->mti_mdt->mdt_bottom,
OBD_FAIL_MDS_REINT_RENAME_WRITE);
- /* Check if @dst is subdir of @src. */
- rc = mdt_rename_sanity(info, old_fid);
- if (rc)
- GOTO(out_unlock_new, rc);
-
if (mnew != NULL)
mutex_lock(&mnew->mot_lov_mutex);
}
EXIT;
-out_unlock_new:
if (mnew != NULL)
mdt_object_unlock(info, mnew, lh_newp, rc);
out_unlock_old:
mdt_object_put(info->mti_env, mnew);
out_put_old:
mdt_object_put(info->mti_env, mold);
-out_unlock_target:
- mdt_object_unlock(info, mtgtdir, lh_tgtdirp, rc);
-out_put_target:
- mdt_object_put(info->mti_env, mtgtdir);
-out_unlock_source:
+out_unlock_parents:
+ mdt_object_unlock_put(info, mtgtdir, lh_tgtdirp, rc);
mdt_object_unlock_put(info, msrcdir, lh_srcdirp, rc);
return rc;
}