X-Git-Url: https://git.whamcloud.com/?p=fs%2Flustre-release.git;a=blobdiff_plain;f=lustre%2Finclude%2Flustre_nodemap.h;h=9d200bf651b64cf4b8d261f17f577bdbcf26513c;hp=b49774a4683caabc8dd415888db00267c03884df;hb=1f6cb3534e74f0c9462008c8088b5734b64ed41c;hpb=685b0943eb4fe55720458326a5d6c4949457bf7a diff --git a/lustre/include/lustre_nodemap.h b/lustre/include/lustre_nodemap.h index b49774a..9d200bf 100644 --- a/lustre/include/lustre_nodemap.h +++ b/lustre/include/lustre_nodemap.h @@ -15,19 +15,22 @@ * * You should have received a copy of the GNU General Public License * version 2 along with this program; If not, see - * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf + * http://www.gnu.org/licenses/gpl-2.0.html * * GPL HEADER END */ /* * Copyright (C) 2013, Trustees of Indiana University + * + * Copyright (c) 2017, Intel Corporation. + * * Author: Joshua Walgenbach */ #ifndef _LUSTRE_NODEMAP_H #define _LUSTRE_NODEMAP_H -#include +#include #define LUSTRE_NODEMAP_NAME "nodemap" @@ -48,6 +51,12 @@ enum nodemap_tree_type { NODEMAP_CLIENT_TO_FS, }; +enum nodemap_mapping_modes { + NODEMAP_MAP_BOTH, + NODEMAP_MAP_UID_ONLY, + NODEMAP_MAP_GID_ONLY, +}; + struct nodemap_pde { char npe_name[LUSTRE_NODEMAP_NAME_LENGTH + 1]; struct proc_dir_entry *npe_proc_entry; @@ -64,7 +73,11 @@ struct lu_nodemap { char nm_name[LUSTRE_NODEMAP_NAME_LENGTH + 1]; /* flags to govern nodemap behavior */ bool nmf_trust_client_ids:1, - nmf_allow_root_access:1; + nmf_deny_unknown:1, + nmf_allow_root_access:1, + nmf_map_uid_only:1, + nmf_map_gid_only:1, + nmf_enable_audit:1; /* unique ID set by MGS */ unsigned int nm_id; /* nodemap ref counter */ @@ -76,7 +89,7 @@ struct lu_nodemap { /* NID range list */ struct list_head nm_ranges; /* lock for idmap red/black trees */ - rwlock_t nm_idmap_lock; + struct rw_semaphore nm_idmap_lock; /* UID map keyed by local UID */ struct rb_root nm_fs_to_client_uidmap; /* UID map keyed by remote UID */ @@ -91,6 +104,10 @@ struct lu_nodemap { /* access by nodemap name */ struct hlist_node nm_hash; struct nodemap_pde *nm_pde_data; + /* fileset the nodes of this nodemap are restricted to */ + char nm_fileset[PATH_MAX+1]; + /* information about the expected SELinux policy on the nodes */ + char nm_sepol[LUSTRE_NODEMAP_SEPOL_LENGTH + 1]; /* used when loading/unloading nodemaps */ struct list_head nm_list; @@ -101,8 +118,9 @@ struct lu_nodemap { * not be needed. */ struct nm_config_file { - struct dt_object *ncf_obj; - struct list_head ncf_list; + struct local_oid_storage *ncf_los; + struct dt_object *ncf_obj; + struct list_head ncf_list; }; void nodemap_activate(const bool value); @@ -116,25 +134,44 @@ int nodemap_add_range(const char *name, const lnet_nid_t nid[2]); int nodemap_del_range(const char *name, const lnet_nid_t nid[2]); int nodemap_set_allow_root(const char *name, bool allow_root); int nodemap_set_trust_client_ids(const char *name, bool trust_client_ids); +int nodemap_set_deny_unknown(const char *name, bool deny_unknown); +int nodemap_set_mapping_mode(const char *name, enum nodemap_mapping_modes mode); int nodemap_set_squash_uid(const char *name, uid_t uid); int nodemap_set_squash_gid(const char *name, gid_t gid); +int nodemap_set_audit_mode(const char *name, bool enable_audit); bool nodemap_can_setquota(const struct lu_nodemap *nodemap); int nodemap_add_idmap(const char *name, enum nodemap_id_type id_type, const __u32 map[2]); int nodemap_del_idmap(const char *name, enum nodemap_id_type id_type, const __u32 map[2]); +int nodemap_set_fileset(const char *name, const char *fileset); +char *nodemap_get_fileset(const struct lu_nodemap *nodemap); +int nodemap_set_sepol(const char *name, const char *sepol); +const char *nodemap_get_sepol(const struct lu_nodemap *nodemap); __u32 nodemap_map_id(struct lu_nodemap *nodemap, enum nodemap_id_type id_type, enum nodemap_tree_type tree_type, __u32 id); ssize_t nodemap_map_acl(struct lu_nodemap *nodemap, void *buf, size_t size, enum nodemap_tree_type tree_type); +#ifdef HAVE_SERVER_SUPPORT void nodemap_test_nid(lnet_nid_t nid, char *name_buf, size_t name_len); -__u32 nodemap_test_id(lnet_nid_t nid, enum nodemap_id_type idtype, - __u32 client_id); -struct nm_config_file *nm_config_file_register(const struct lu_env *env, - struct dt_object *obj); -void nm_config_file_deregister(const struct lu_env *env, - struct nm_config_file *ncf); +#else +#define nodemap_test_nid(nid, name_buf, name_len) do {} while(0) +#endif +int nodemap_test_id(lnet_nid_t nid, enum nodemap_id_type idtype, + __u32 client_id, __u32 *fs_id); + +struct nm_config_file *nm_config_file_register_mgs(const struct lu_env *env, + struct dt_object *obj, + struct local_oid_storage *los); +struct dt_device; +struct nm_config_file *nm_config_file_register_tgt(const struct lu_env *env, + struct dt_device *dev, + struct local_oid_storage *los); +void nm_config_file_deregister_mgs(const struct lu_env *env, + struct nm_config_file *ncf); +void nm_config_file_deregister_tgt(const struct lu_env *env, + struct nm_config_file *ncf); struct lu_nodemap *nodemap_get_from_exp(struct obd_export *exp); void nodemap_putref(struct lu_nodemap *nodemap); @@ -169,10 +206,11 @@ struct nodemap_config { struct nodemap_config *nodemap_config_alloc(void); void nodemap_config_dealloc(struct nodemap_config *config); -void nodemap_config_set_active(struct nodemap_config *config); +void nodemap_config_set_active_mgc(struct nodemap_config *config); int nodemap_process_idx_pages(struct nodemap_config *config, union lu_page *lip, struct lu_nodemap **recent_nodemap); + #else /* disable nodemap processing in MGC of non-servers */ static inline int nodemap_process_idx_pages(void *config, union lu_page *lip,