*
* You should have received a copy of the GNU General Public License
* version 2 along with this program; If not, see
- * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
- *
- * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
- * CA 95054 USA or visit www.sun.com if you need additional information or
- * have any questions.
+ * http://www.gnu.org/licenses/gpl-2.0.html
*
* GPL HEADER END
*/
* Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
* Use is subject to license terms.
*
- * Copyright (c) 2011, 2012, Intel Corporation.
+ * Copyright (c) 2011, 2017, Intel Corporation.
*/
/*
* This file is part of Lustre, http://www.lustre.org/
#define DEBUG_SUBSYSTEM S_SEC
-#include <libcfs/libcfs.h>
-#ifndef __KERNEL__
-#include <liblustre.h>
-#include <libcfs/list.h>
-#else
+#include <linux/user_namespace.h>
+#ifdef HAVE_UIDGID_HEADER
+# include <linux/uidgid.h>
+#endif
#include <linux/crypto.h>
#include <linux/key.h>
-#endif
+#include <libcfs/libcfs.h>
#include <obd.h>
#include <obd_class.h>
#include <obd_support.h>
struct ptlrpc_sec_policy * sptlrpc_wireflavor2policy(__u32 flavor)
{
static DEFINE_MUTEX(load_mutex);
- static cfs_atomic_t loaded = CFS_ATOMIC_INIT(0);
- struct ptlrpc_sec_policy *policy;
- __u16 number = SPTLRPC_FLVR_POLICY(flavor);
- __u16 flag = 0;
+ static atomic_t loaded = ATOMIC_INIT(0);
+ struct ptlrpc_sec_policy *policy;
+ __u16 number = SPTLRPC_FLVR_POLICY(flavor);
+ __u16 flag = 0;
- if (number >= SPTLRPC_POLICY_MAX)
- return NULL;
+ if (number >= SPTLRPC_POLICY_MAX)
+ return NULL;
- while (1) {
+ while (1) {
read_lock(&policy_lock);
policy = policies[number];
if (policy && !try_module_get(policy->sp_owner))
policy = NULL;
if (policy == NULL)
- flag = cfs_atomic_read(&loaded);
+ flag = atomic_read(&loaded);
read_unlock(&policy_lock);
- if (policy != NULL || flag != 0 ||
- number != SPTLRPC_POLICY_GSS)
- break;
+ if (policy != NULL || flag != 0 ||
+ number != SPTLRPC_POLICY_GSS)
+ break;
- /* try to load gss module, once */
+ /* try to load gss module, once */
mutex_lock(&load_mutex);
- if (cfs_atomic_read(&loaded) == 0) {
+ if (atomic_read(&loaded) == 0) {
if (request_module("ptlrpc_gss") == 0)
CDEBUG(D_SEC,
"module ptlrpc_gss loaded on demand\n");
- else
- CERROR("Unable to load module ptlrpc_gss\n");
+ else
+ CERROR("Unable to load module ptlrpc_gss\n");
- cfs_atomic_set(&loaded, 1);
- }
+ atomic_set(&loaded, 1);
+ }
mutex_unlock(&load_mutex);
- }
+ }
- return policy;
+ return policy;
}
__u32 sptlrpc_name2flavor_base(const char *name)
return SPTLRPC_FLVR_KRB5I;
if (!strcmp(name, "krb5p"))
return SPTLRPC_FLVR_KRB5P;
+ if (!strcmp(name, "skn"))
+ return SPTLRPC_FLVR_SKN;
+ if (!strcmp(name, "ska"))
+ return SPTLRPC_FLVR_SKA;
if (!strcmp(name, "ski"))
return SPTLRPC_FLVR_SKI;
if (!strcmp(name, "skpi"))
return "krb5i";
else if (base == SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_KRB5P))
return "krb5p";
+ else if (base == SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_SKN))
+ return "skn";
+ else if (base == SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_SKA))
+ return "ska";
else if (base == SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_SKI))
return "ski";
else if (base == SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_SKPI))
remove_dead = 0;
}
} else {
- vcred.vc_uid = current_uid();
- vcred.vc_gid = current_gid();
+ vcred.vc_uid = from_kuid(&init_user_ns, current_uid());
+ vcred.vc_gid = from_kgid(&init_user_ns, current_gid());
}
return sec->ps_policy->sp_cops->lookup_ctx(sec, &vcred, create,
struct ptlrpc_cli_ctx *sptlrpc_cli_ctx_get(struct ptlrpc_cli_ctx *ctx)
{
- cfs_atomic_inc(&ctx->cc_refcount);
- return ctx;
+ atomic_inc(&ctx->cc_refcount);
+ return ctx;
}
EXPORT_SYMBOL(sptlrpc_cli_ctx_get);
void sptlrpc_cli_ctx_put(struct ptlrpc_cli_ctx *ctx, int sync)
{
- struct ptlrpc_sec *sec = ctx->cc_sec;
+ struct ptlrpc_sec *sec = ctx->cc_sec;
- LASSERT(sec);
- LASSERT_ATOMIC_POS(&ctx->cc_refcount);
+ LASSERT(sec);
+ LASSERT_ATOMIC_POS(&ctx->cc_refcount);
- if (!cfs_atomic_dec_and_test(&ctx->cc_refcount))
- return;
+ if (!atomic_dec_and_test(&ctx->cc_refcount))
+ return;
- sec->ps_policy->sp_cops->release_ctx(sec, ctx, sync);
+ sec->ps_policy->sp_cops->release_ctx(sec, ctx, sync);
}
EXPORT_SYMBOL(sptlrpc_cli_ctx_put);
struct ptlrpc_request *req, *next;
spin_lock(&ctx->cc_lock);
- cfs_list_for_each_entry_safe(req, next, &ctx->cc_req_list,
+ list_for_each_entry_safe(req, next, &ctx->cc_req_list,
rq_ctx_chain) {
- cfs_list_del_init(&req->rq_ctx_chain);
+ list_del_init(&req->rq_ctx_chain);
ptlrpc_client_wake_req(req);
}
spin_unlock(&ctx->cc_lock);
spin_lock(&imp->imp_lock);
if (imp->imp_sec_expire &&
- imp->imp_sec_expire < cfs_time_current_sec()) {
+ imp->imp_sec_expire < ktime_get_real_seconds()) {
adapt = 1;
imp->imp_sec_expire = 0;
}
return 0;
CDEBUG(D_SEC, "found delayed sec adapt expired, do it now\n");
- return sptlrpc_import_sec_adapt(imp, NULL, 0);
+ return sptlrpc_import_sec_adapt(imp, NULL, NULL);
}
+/**
+ * Get and validate the client side ptlrpc security facilities from
+ * \a imp. There is a race condition on client reconnect when the import is
+ * being destroyed while there are outstanding client bound requests. In
+ * this case do not output any error messages if import secuity is not
+ * found.
+ *
+ * \param[in] imp obd import associated with client
+ * \param[out] sec client side ptlrpc security
+ *
+ * \retval 0 if security retrieved successfully
+ * \retval -ve errno if there was a problem
+ */
static int import_sec_validate_get(struct obd_import *imp,
- struct ptlrpc_sec **sec)
+ struct ptlrpc_sec **sec)
{
- int rc;
+ int rc;
- if (unlikely(imp->imp_sec_expire)) {
- rc = import_sec_check_expire(imp);
- if (rc)
- return rc;
- }
+ if (unlikely(imp->imp_sec_expire)) {
+ rc = import_sec_check_expire(imp);
+ if (rc)
+ return rc;
+ }
- *sec = sptlrpc_import_sec_ref(imp);
- if (*sec == NULL) {
- CERROR("import %p (%s) with no sec\n",
- imp, ptlrpc_import_state_name(imp->imp_state));
- return -EACCES;
- }
+ *sec = sptlrpc_import_sec_ref(imp);
+ if (*sec == NULL) {
+ CERROR("import %p (%s) with no sec\n",
+ imp, ptlrpc_import_state_name(imp->imp_state));
+ return -EACCES;
+ }
- if (unlikely((*sec)->ps_dying)) {
- CERROR("attempt to use dying sec %p\n", sec);
- sptlrpc_sec_put(*sec);
- return -EACCES;
- }
+ if (unlikely((*sec)->ps_dying)) {
+ CERROR("attempt to use dying sec %p\n", sec);
+ sptlrpc_sec_put(*sec);
+ return -EACCES;
+ }
- return 0;
+ return 0;
}
/**
- * Given a \a req, find or allocate a appropriate context for it.
+ * Given a \a req, find or allocate an appropriate context for it.
* \pre req->rq_cli_ctx == NULL.
*
* \retval 0 succeed, and req->rq_cli_ctx is set.
sptlrpc_sec_put(sec);
- if (!req->rq_cli_ctx) {
- CERROR("req %p: fail to get context\n", req);
- RETURN(-ENOMEM);
- }
+ if (!req->rq_cli_ctx) {
+ CERROR("req %p: fail to get context\n", req);
+ RETURN(-ECONNREFUSED);
+ }
RETURN(0);
}
/* request might be asked to release earlier while still
* in the context waiting list.
*/
- if (!cfs_list_empty(&req->rq_ctx_chain)) {
+ if (!list_empty(&req->rq_ctx_chain)) {
spin_lock(&req->rq_cli_ctx->cc_lock);
- cfs_list_del_init(&req->rq_ctx_chain);
+ list_del_init(&req->rq_ctx_chain);
spin_unlock(&req->rq_cli_ctx->cc_lock);
}
newctx = req->rq_cli_ctx;
LASSERT(newctx);
- if (unlikely(newctx == oldctx &&
+ if (unlikely(newctx == oldctx &&
test_bit(PTLRPC_CTX_DEAD_BIT, &oldctx->cc_flags))) {
/*
* still get the old dead ctx, usually means system too busy
"ctx (%p, fl %lx) doesn't switch, relax a little bit\n",
newctx, newctx->cc_flags);
- schedule_timeout_and_set_state(TASK_INTERRUPTIBLE,
- HZ);
+ set_current_state(TASK_INTERRUPTIBLE);
+ schedule_timeout(msecs_to_jiffies(MSEC_PER_SEC));
+ } else if (unlikely(test_bit(PTLRPC_CTX_UPTODATE_BIT, &newctx->cc_flags)
+ == 0)) {
+ /*
+ * new ctx not up to date yet
+ */
+ CDEBUG(D_SEC,
+ "ctx (%p, fl %lx) doesn't switch, not up to date yet\n",
+ newctx, newctx->cc_flags);
} else {
/*
* it's possible newctx == oldctx if we're switching
void req_off_ctx_list(struct ptlrpc_request *req, struct ptlrpc_cli_ctx *ctx)
{
spin_lock(&ctx->cc_lock);
- if (!cfs_list_empty(&req->rq_ctx_chain))
- cfs_list_del_init(&req->rq_ctx_chain);
+ if (!list_empty(&req->rq_ctx_chain))
+ list_del_init(&req->rq_ctx_chain);
spin_unlock(&ctx->cc_lock);
}
* it for reply reconstruction.
*
* Commonly the original context should be uptodate because we
- * have a expiry nice time; server will keep its context because
+ * have an expiry nice time; server will keep its context because
* we at least hold a ref of old context which prevent context
- * destroying RPC being sent. So server still can accept the request
- * and finish the RPC. But if that's not the case:
+ * from destroying RPC being sent. So server still can accept the
+ * request and finish the RPC. But if that's not the case:
* 1. If server side context has been trimmed, a NO_CONTEXT will
* be returned, gss_cli_ctx_verify/unseal will switch to new
* context by force.
* waiting list
*/
spin_lock(&ctx->cc_lock);
- if (cfs_list_empty(&req->rq_ctx_chain))
- cfs_list_add(&req->rq_ctx_chain, &ctx->cc_req_list);
+ if (list_empty(&req->rq_ctx_chain))
+ list_add(&req->rq_ctx_chain, &ctx->cc_req_list);
spin_unlock(&ctx->cc_lock);
if (timeout < 0)
req->rq_restart = 0;
spin_unlock(&req->rq_lock);
- lwi = LWI_TIMEOUT_INTR(timeout * HZ, ctx_refresh_timeout,
+ lwi = LWI_TIMEOUT_INTR(msecs_to_jiffies(timeout * MSEC_PER_SEC),
+ ctx_refresh_timeout,
ctx_refresh_interrupt, req);
rc = l_wait_event(req->rq_reply_waitq, ctx_check_refresh(ctx), &lwi);
LASSERT(req->rq_cli_ctx->cc_sec);
LASSERT(req->rq_bulk_read == 0 || req->rq_bulk_write == 0);
- /* special security flags accoding to opcode */
+ /* special security flags according to opcode */
switch (opcode) {
case OST_READ:
case MDS_READPAGE:
if (!req)
RETURN(-ENOMEM);
- spin_lock_init(&req->rq_lock);
- cfs_atomic_set(&req->rq_refcount, 10000);
- CFS_INIT_LIST_HEAD(&req->rq_ctx_chain);
- init_waitqueue_head(&req->rq_reply_waitq);
- init_waitqueue_head(&req->rq_set_waitq);
+ ptlrpc_cli_req_init(req);
+ atomic_set(&req->rq_refcount, 10000);
+
req->rq_import = imp;
req->rq_flvr = sec->ps_flvr;
req->rq_cli_ctx = ctx;
rc = sptlrpc_req_refresh_ctx(req, 0);
- LASSERT(cfs_list_empty(&req->rq_ctx_chain));
+ LASSERT(list_empty(&req->rq_ctx_chain));
sptlrpc_cli_ctx_put(req->rq_cli_ctx, 1);
ptlrpc_request_cache_free(req);
case 0:
break;
default:
- CERROR("failed unpack reply: x"LPU64"\n", req->rq_xid);
+ CERROR("failed unpack reply: x%llu\n", req->rq_xid);
RETURN(-EPROTO);
}
struct ptlrpc_request **req_ret)
{
struct ptlrpc_request *early_req;
- char *early_buf;
- int early_bufsz, early_size;
- int rc;
+ char *early_buf;
+ int early_bufsz, early_size;
+ int rc;
ENTRY;
early_req = ptlrpc_request_cache_alloc(GFP_NOFS);
if (early_req == NULL)
RETURN(-ENOMEM);
+ ptlrpc_cli_req_init(early_req);
+
early_size = req->rq_nob_received;
early_bufsz = size_roundup_power2(early_size);
OBD_ALLOC_LARGE(early_buf, early_bufsz);
memcpy(early_buf, req->rq_repbuf, early_size);
spin_unlock(&req->rq_lock);
- spin_lock_init(&early_req->rq_lock);
early_req->rq_cli_ctx = sptlrpc_cli_ctx_get(req->rq_cli_ctx);
early_req->rq_flvr = req->rq_flvr;
early_req->rq_repbuf = early_buf;
/*
* "fixed" sec (e.g. null) use sec_id < 0
*/
-static cfs_atomic_t sptlrpc_sec_id = CFS_ATOMIC_INIT(1);
+static atomic_t sptlrpc_sec_id = ATOMIC_INIT(1);
int sptlrpc_get_next_secid(void)
{
- return cfs_atomic_inc_return(&sptlrpc_sec_id);
+ return atomic_inc_return(&sptlrpc_sec_id);
}
EXPORT_SYMBOL(sptlrpc_get_next_secid);
struct ptlrpc_sec *sptlrpc_sec_get(struct ptlrpc_sec *sec)
{
- if (sec)
- cfs_atomic_inc(&sec->ps_refcount);
+ if (sec)
+ atomic_inc(&sec->ps_refcount);
- return sec;
+ return sec;
}
EXPORT_SYMBOL(sptlrpc_sec_get);
void sptlrpc_sec_put(struct ptlrpc_sec *sec)
{
- if (sec) {
- LASSERT_ATOMIC_POS(&sec->ps_refcount);
+ if (sec) {
+ LASSERT_ATOMIC_POS(&sec->ps_refcount);
- if (cfs_atomic_dec_and_test(&sec->ps_refcount)) {
- sptlrpc_gc_del_sec(sec);
- sec_cop_destroy_sec(sec);
- }
- }
+ if (atomic_dec_and_test(&sec->ps_refcount)) {
+ sptlrpc_gc_del_sec(sec);
+ sec_cop_destroy_sec(sec);
+ }
+ }
}
EXPORT_SYMBOL(sptlrpc_sec_put);
}
}
- sec = policy->sp_cops->create_sec(imp, svc_ctx, sf);
- if (sec) {
- cfs_atomic_inc(&sec->ps_refcount);
+ sec = policy->sp_cops->create_sec(imp, svc_ctx, sf);
+ if (sec) {
+ atomic_inc(&sec->ps_refcount);
- sec->ps_part = sp;
+ sec->ps_part = sp;
- if (sec->ps_gc_interval && policy->sp_cops->gc_ctx)
- sptlrpc_gc_add_sec(sec);
- } else {
- sptlrpc_policy_put(policy);
- }
+ if (sec->ps_gc_interval && policy->sp_cops->gc_ctx)
+ sptlrpc_gc_add_sec(sec);
+ } else {
+ sptlrpc_policy_put(policy);
+ }
- RETURN(sec);
+ RETURN(sec);
}
struct ptlrpc_sec *sptlrpc_import_sec_ref(struct obd_import *imp)
*dst = *src;
}
-static void sptlrpc_import_sec_adapt_inplace(struct obd_import *imp,
- struct ptlrpc_sec *sec,
- struct sptlrpc_flavor *sf)
-{
- char str1[32], str2[32];
-
- if (sec->ps_flvr.sf_flags != sf->sf_flags)
- CDEBUG(D_SEC, "changing sec flags: %s -> %s\n",
- sptlrpc_secflags2str(sec->ps_flvr.sf_flags,
- str1, sizeof(str1)),
- sptlrpc_secflags2str(sf->sf_flags,
- str2, sizeof(str2)));
-
- spin_lock(&sec->ps_lock);
- flavor_copy(&sec->ps_flvr, sf);
- spin_unlock(&sec->ps_lock);
-}
-
/**
* To get an appropriate ptlrpc_sec for the \a imp, according to the current
* configuration. Upon called, imp->imp_sec may or may not be NULL.
obd_uuid2str(&conn->c_remote_uuid),
sptlrpc_flavor2name(&sec->ps_flvr, str, sizeof(str)),
sptlrpc_flavor2name(&sf, str2, sizeof(str2)));
-
- if (SPTLRPC_FLVR_POLICY(sf.sf_rpc) ==
- SPTLRPC_FLVR_POLICY(sec->ps_flvr.sf_rpc) &&
- SPTLRPC_FLVR_MECH(sf.sf_rpc) ==
- SPTLRPC_FLVR_MECH(sec->ps_flvr.sf_rpc)) {
- sptlrpc_import_sec_adapt_inplace(imp, sec, &sf);
- GOTO(out, rc);
- }
} else if (SPTLRPC_FLVR_BASE(sf.sf_rpc) !=
SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_NULL)) {
CDEBUG(D_SEC, "import %s->%s netid %x: select flavor %s\n",
void sptlrpc_import_flush_my_ctx(struct obd_import *imp)
{
- import_flush_ctx_common(imp, current_uid(), 1, 1);
+ import_flush_ctx_common(imp, from_kuid(&init_user_ns, current_uid()),
+ 1, 1);
}
EXPORT_SYMBOL(sptlrpc_import_flush_my_ctx);
* so caller should refresh its local pointers if needed.
*/
int sptlrpc_cli_enlarge_reqbuf(struct ptlrpc_request *req,
- int segment, int newsize)
+ const struct req_msg_field *field,
+ int newsize)
{
- struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
- struct ptlrpc_sec_cops *cops;
- struct lustre_msg *msg = req->rq_reqmsg;
+ struct req_capsule *pill = &req->rq_pill;
+ struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
+ struct ptlrpc_sec_cops *cops;
+ struct lustre_msg *msg = req->rq_reqmsg;
+ int segment = __req_capsule_offset(pill, field, RCL_CLIENT);
LASSERT(ctx);
LASSERT(msg);
req->rq_repmsg = NULL;
EXIT;
}
+EXPORT_SYMBOL(sptlrpc_cli_free_repbuf);
int sptlrpc_cli_install_rvs_ctx(struct obd_import *imp,
struct ptlrpc_cli_ctx *ctx)
exp->exp_flvr_old[1] = exp->exp_flvr_old[0];
exp->exp_flvr_expire[1] = exp->exp_flvr_expire[0];
exp->exp_flvr_old[0] = exp->exp_flvr;
- exp->exp_flvr_expire[0] = cfs_time_current_sec() +
+ exp->exp_flvr_expire[0] = ktime_get_real_seconds() +
EXP_FLVR_UPDATE_EXPIRE;
exp->exp_flvr = flavor;
}
if (exp->exp_flvr_expire[0]) {
- if (exp->exp_flvr_expire[0] >= cfs_time_current_sec()) {
+ if (exp->exp_flvr_expire[0] >= ktime_get_real_seconds()) {
if (flavor_allowed(&exp->exp_flvr_old[0], req)) {
- CDEBUG(D_SEC, "exp %p (%x|%x|%x): match the "
- "middle one ("CFS_DURATION_T")\n", exp,
+ CDEBUG(D_SEC, "exp %p (%x|%x|%x): match the middle one (%lld)\n", exp,
exp->exp_flvr.sf_rpc,
exp->exp_flvr_old[0].sf_rpc,
exp->exp_flvr_old[1].sf_rpc,
- exp->exp_flvr_expire[0] -
- cfs_time_current_sec());
+ (s64)(exp->exp_flvr_expire[0] -
+ ktime_get_real_seconds()));
spin_unlock(&exp->exp_lock);
return 0;
}
/* now it doesn't match the current flavor, the only chance we can
* accept it is match the old flavors which is not expired. */
if (exp->exp_flvr_changed == 0 && exp->exp_flvr_expire[1]) {
- if (exp->exp_flvr_expire[1] >= cfs_time_current_sec()) {
+ if (exp->exp_flvr_expire[1] >= ktime_get_real_seconds()) {
if (flavor_allowed(&exp->exp_flvr_old[1], req)) {
- CDEBUG(D_SEC, "exp %p (%x|%x|%x): match the "
- "oldest one ("CFS_DURATION_T")\n", exp,
+ CDEBUG(D_SEC, "exp %p (%x|%x|%x): match the oldest one (%lld)\n",
+ exp,
exp->exp_flvr.sf_rpc,
exp->exp_flvr_old[0].sf_rpc,
exp->exp_flvr_old[1].sf_rpc,
- exp->exp_flvr_expire[1] -
- cfs_time_current_sec());
+ (s64)(exp->exp_flvr_expire[1] -
+ ktime_get_real_seconds()));
spin_unlock(&exp->exp_lock);
return 0;
}
spin_unlock(&exp->exp_lock);
- CWARN("exp %p(%s): req %p (%u|%u|%u|%u|%u|%u) with "
- "unauthorized flavor %x, expect %x|%x(%+ld)|%x(%+ld)\n",
+ CWARN("exp %p(%s): req %p (%u|%u|%u|%u|%u|%u) with unauthorized flavor %x, expect %x|%x(%+lld)|%x(%+lld)\n",
exp, exp->exp_obd->obd_name,
req, req->rq_auth_gss, req->rq_ctx_init, req->rq_ctx_fini,
req->rq_auth_usr_root, req->rq_auth_usr_mdt, req->rq_auth_usr_ost,
exp->exp_flvr.sf_rpc,
exp->exp_flvr_old[0].sf_rpc,
exp->exp_flvr_expire[0] ?
- (unsigned long) (exp->exp_flvr_expire[0] -
- cfs_time_current_sec()) : 0,
+ (s64)(exp->exp_flvr_expire[0] - ktime_get_real_seconds()) : 0,
exp->exp_flvr_old[1].sf_rpc,
exp->exp_flvr_expire[1] ?
- (unsigned long) (exp->exp_flvr_expire[1] -
- cfs_time_current_sec()) : 0);
+ (s64)(exp->exp_flvr_expire[1] - ktime_get_real_seconds()) : 0);
return -EACCES;
}
EXPORT_SYMBOL(sptlrpc_target_export_check);
spin_lock(&obd->obd_dev_lock);
- cfs_list_for_each_entry(exp, &obd->obd_exports, exp_obd_chain) {
+ list_for_each_entry(exp, &obd->obd_exports, exp_obd_chain) {
if (exp->exp_connection == NULL)
continue;
/**
* Used by ptlrpc server, to perform transformation upon request message of
- * incoming \a req. This must be the first thing to do with a incoming
+ * incoming \a req. This must be the first thing to do with an incoming
* request in ptlrpc layer.
*
* \retval SECSVC_OK success, and req->rq_reqmsg point to request message in
case 0:
break;
default:
- CERROR("error unpacking request from %s x"LPU64"\n",
+ CERROR("error unpacking request from %s x%llu\n",
libcfs_id2str(req->rq_peer), req->rq_xid);
RETURN(SECSVC_DROP);
}
req->rq_flvr.sf_rpc = WIRE_FLVR(msg->lm_secflvr);
req->rq_sp_from = LUSTRE_SP_ANY;
- req->rq_auth_uid = INVALID_UID;
- req->rq_auth_mapped_uid = INVALID_UID;
+ req->rq_auth_uid = -1; /* set to INVALID_UID */
+ req->rq_auth_mapped_uid = -1;
policy = sptlrpc_wireflavor2policy(req->rq_flvr.sf_rpc);
if (!policy) {
if (svcpt->scp_service->srv_max_reply_size <
msglen + sizeof(struct ptlrpc_reply_state)) {
/* Just return failure if the size is too big */
- CERROR("size of message is too big (%zd), %d allowed",
+ CERROR("size of message is too big (%zd), %d allowed\n",
msglen + sizeof(struct ptlrpc_reply_state),
svcpt->scp_service->srv_max_reply_size);
RETURN(-ENOMEM);
void sptlrpc_svc_ctx_addref(struct ptlrpc_request *req)
{
- struct ptlrpc_svc_ctx *ctx = req->rq_svc_ctx;
+ struct ptlrpc_svc_ctx *ctx = req->rq_svc_ctx;
- if (ctx != NULL)
- cfs_atomic_inc(&ctx->sc_refcount);
+ if (ctx != NULL)
+ atomic_inc(&ctx->sc_refcount);
}
void sptlrpc_svc_ctx_decref(struct ptlrpc_request *req)
{
- struct ptlrpc_svc_ctx *ctx = req->rq_svc_ctx;
+ struct ptlrpc_svc_ctx *ctx = req->rq_svc_ctx;
- if (ctx == NULL)
- return;
+ if (ctx == NULL)
+ return;
- LASSERT_ATOMIC_POS(&ctx->sc_refcount);
- if (cfs_atomic_dec_and_test(&ctx->sc_refcount)) {
- if (ctx->sc_policy->sp_sops->free_ctx)
- ctx->sc_policy->sp_sops->free_ctx(ctx);
- }
- req->rq_svc_ctx = NULL;
+ LASSERT_ATOMIC_POS(&ctx->sc_refcount);
+ if (atomic_dec_and_test(&ctx->sc_refcount)) {
+ if (ctx->sc_policy->sp_sops->free_ctx)
+ ctx->sc_policy->sp_sops->free_ctx(ctx);
+ }
+ req->rq_svc_ctx = NULL;
}
void sptlrpc_svc_ctx_invalidate(struct ptlrpc_request *req)
* in case of privacy mode, nob_transferred needs to be adjusted.
*/
if (desc->bd_nob != desc->bd_nob_transferred) {
- CERROR("nob %d doesn't match transferred nob %d",
- desc->bd_nob, desc->bd_nob_transferred);
- return -EPROTO;
- }
+ CERROR("nob %d doesn't match transferred nob %d\n",
+ desc->bd_nob, desc->bd_nob_transferred);
+ return -EPROTO;
+ }
- return 0;
+ return 0;
}
EXPORT_SYMBOL(sptlrpc_cli_unwrap_bulk_write);
{
int ngroups;
-#ifdef __KERNEL__
ngroups = current_ngroups;
if (ngroups > LUSTRE_MAX_GROUPS)
ngroups = LUSTRE_MAX_GROUPS;
-#else
- ngroups = 0;
-#endif
return sptlrpc_user_desc_size(ngroups);
}
EXPORT_SYMBOL(sptlrpc_current_user_desc_size);
pud = lustre_msg_buf(msg, offset, 0);
- pud->pud_uid = current_uid();
- pud->pud_gid = current_gid();
- pud->pud_fsuid = current_fsuid();
- pud->pud_fsgid = current_fsgid();
+ pud->pud_uid = from_kuid(&init_user_ns, current_uid());
+ pud->pud_gid = from_kgid(&init_user_ns, current_gid());
+ pud->pud_fsuid = from_kuid(&init_user_ns, current_fsuid());
+ pud->pud_fsgid = from_kgid(&init_user_ns, current_fsgid());
pud->pud_cap = cfs_curproc_cap_pack();
pud->pud_ngroups = (msg->lm_buflens[offset] - sizeof(*pud)) / 4;
-#ifdef __KERNEL__
task_lock(current);
if (pud->pud_ngroups > current_ngroups)
pud->pud_ngroups = current_ngroups;
+#ifdef HAVE_GROUP_INFO_GID
+ memcpy(pud->pud_groups, current_cred()->group_info->gid,
+ pud->pud_ngroups * sizeof(__u32));
+#else /* !HAVE_GROUP_INFO_GID */
memcpy(pud->pud_groups, current_cred()->group_info->blocks[0],
pud->pud_ngroups * sizeof(__u32));
+#endif /* HAVE_GROUP_INFO_GID */
task_unlock(current);
-#endif
return 0;
}