- snprintf(coinfo, coinfo_size, "%d:%s:%u:%u:%s:%d:"LPX64":%s",
- sec->ps_id, sec2gsec(sec)->gs_mech->gm_name,
- vcred->vc_uid, vcred->vc_gid,
- co_flags, import_to_gss_svc(imp),
- imp->imp_connection->c_peer.nid, imp->imp_obd->obd_name);
+ switch (SPTLRPC_FLVR_SVC(sec->ps_flvr.sf_rpc)) {
+ case SPTLRPC_SVC_NULL:
+ svc_flag = 'n';
+ break;
+ case SPTLRPC_SVC_AUTH:
+ svc_flag = 'a';
+ break;
+ case SPTLRPC_SVC_INTG:
+ svc_flag = 'i';
+ break;
+ case SPTLRPC_SVC_PRIV:
+ svc_flag = 'p';
+ break;
+ default:
+ LBUG();
+ }
+ }
+
+ /* in case of setuid, key will be constructed as owner of fsuid/fsgid,
+ * but we do authentication based on real uid/gid. the key permission
+ * bits will be exactly as POS_ALL, so only processes who subscribed
+ * this key could have the access, although the quota might be counted
+ * on others (fsuid/fsgid).
+ *
+ * keyring will use fsuid/fsgid as upcall parameters, so we have to
+ * encode real uid/gid into callout info.
+ */
+
+ /* But first we need to make sure the obd type is supported */
+ if (strcmp(imp->imp_obd->obd_type->typ_name, LUSTRE_MDC_NAME) &&
+ strcmp(imp->imp_obd->obd_type->typ_name, LUSTRE_OSC_NAME) &&
+ strcmp(imp->imp_obd->obd_type->typ_name, LUSTRE_MGC_NAME) &&
+ strcmp(imp->imp_obd->obd_type->typ_name, LUSTRE_LWP_NAME) &&
+ strcmp(imp->imp_obd->obd_type->typ_name, LUSTRE_OSP_NAME)) {
+ CERROR("obd %s is not a supported device\n",
+ imp->imp_obd->obd_name);
+ GOTO(out, ctx = NULL);
+ }
+
+ construct_key_desc(desc, sizeof(desc), sec, vcred->vc_uid);
+
+ /* callout info format:
+ * secid:mech:uid:gid:sec_flags:svc_flag:svc_type:peer_nid:target_uuid:
+ * self_nid:pid
+ */
+ coinfo_size = sizeof(struct obd_uuid) + MAX_OBD_NAME + 64;
+ OBD_ALLOC(coinfo, coinfo_size);
+ if (coinfo == NULL)
+ goto out;
+
+ /* Last callout parameter is pid of process whose namespace will be used
+ * for credentials' retrieval.
+ * For user's credentials (in which case sec_part_flags is empty), use
+ * current PID instead of import's reference PID to get reference
+ * namespace. */
+ snprintf(coinfo, coinfo_size, "%d:%s:%u:%u:%s:%c:%d:%#llx:%s:%#llx:%d",
+ sec->ps_id, sec2gsec(sec)->gs_mech->gm_name,
+ vcred->vc_uid, vcred->vc_gid,
+ sec_part_flags, svc_flag, import_to_gss_svc(imp),
+ imp->imp_connection->c_peer.nid, imp->imp_obd->obd_name,
+ imp->imp_connection->c_self,
+ sec_part_flags[0] == '\0' ?
+ current_pid() : imp->imp_sec_refpid);