X-Git-Url: https://git.whamcloud.com/?p=fs%2Flustre-release.git;a=blobdiff_plain;f=lustre%2Fllite%2Fxattr.c;h=37d439f5926f488b1c44ec24931de08604ab5a25;hp=1caee227ec758919480be95be707293bc2631632;hb=08cf056915cbab31a7b7a88d75cc2cba7bfe02ce;hpb=e3a7c58aebafce40323db54bf6056029e5af4a70 diff --git a/lustre/llite/xattr.c b/lustre/llite/xattr.c index 1caee22..37d439f 100644 --- a/lustre/llite/xattr.c +++ b/lustre/llite/xattr.c @@ -27,7 +27,7 @@ * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * - * Copyright (c) 2011, 2012, Whamcloud, Inc. + * Copyright (c) 2011, 2013, Intel Corporation. */ /* * This file is part of Lustre, http://www.lustre.org/ @@ -37,10 +37,7 @@ #include #include #include -#include -#ifdef HAVE_SELINUX_IS_ENABLED #include -#endif #define DEBUG_SUBSYSTEM S_LLITE @@ -48,7 +45,7 @@ #include #include #include -#include +#include #include "llite_internal.h" @@ -96,8 +93,6 @@ int xattr_type_filter(struct ll_sb_info *sbi, int xattr_type) !(sbi->ll_flags & LL_SBI_ACL)) return -EOPNOTSUPP; - if (xattr_type == XATTR_SECURITY_T && !selinux_is_enabled()) - return -EOPNOTSUPP; if (xattr_type == XATTR_USER_T && !(sbi->ll_flags & LL_SBI_USER_XATTR)) return -EOPNOTSUPP; if (xattr_type == XATTR_TRUSTED_T && !cfs_capable(CFS_CAP_SYS_ADMIN)) @@ -110,11 +105,11 @@ int xattr_type_filter(struct ll_sb_info *sbi, int xattr_type) static int ll_setxattr_common(struct inode *inode, const char *name, - const void *value, size_t size, - int flags, __u64 valid) + const void *value, size_t size, + int flags, __u64 valid) { - struct ll_sb_info *sbi = ll_i2sbi(inode); - struct ptlrpc_request *req; + struct ll_sb_info *sbi = ll_i2sbi(inode); + struct ptlrpc_request *req = NULL; int xattr_type, rc; struct obd_capa *oc; posix_acl_xattr_header *new_value = NULL; @@ -128,6 +123,15 @@ int ll_setxattr_common(struct inode *inode, const char *name, if (rc) RETURN(rc); + if ((xattr_type == XATTR_ACL_ACCESS_T || + xattr_type == XATTR_ACL_DEFAULT_T) && +#ifdef HAVE_INODE_OWNER_OR_CAPABLE + !inode_owner_or_capable(inode)) +#else + !is_owner_or_cap(inode)) +#endif + return -EPERM; + /* b10667: ignore lustre special xattr for now */ if ((xattr_type == XATTR_TRUSTED_T && strcmp(name, "trusted.lov") == 0) || (xattr_type == XATTR_LUSTRE_T && strcmp(name, "lustre.lov") == 0)) @@ -138,22 +142,27 @@ int ll_setxattr_common(struct inode *inode, const char *name, strcmp(name, "security.capability") == 0)) RETURN(0); -#ifdef CONFIG_FS_POSIX_ACL - if (sbi->ll_flags & LL_SBI_RMT_CLIENT && - (xattr_type == XATTR_ACL_ACCESS_T || - xattr_type == XATTR_ACL_DEFAULT_T)) { - rce = rct_search(&sbi->ll_rct, cfs_curproc_pid()); - if (rce == NULL || - (rce->rce_ops != RMT_LSETFACL && - rce->rce_ops != RMT_RSETFACL)) - RETURN(-EOPNOTSUPP); - - if (rce->rce_ops == RMT_LSETFACL) { - struct eacl_entry *ee; + /* LU-549: Disable security.selinux when selinux is disabled */ + if (xattr_type == XATTR_SECURITY_T && !selinux_is_enabled() && + strcmp(name, "security.selinux") == 0) + RETURN(-EOPNOTSUPP); - ee = et_search_del(&sbi->ll_et, cfs_curproc_pid(), - ll_inode2fid(inode), xattr_type); - LASSERT(ee != NULL); +#ifdef CONFIG_FS_POSIX_ACL + if (sbi->ll_flags & LL_SBI_RMT_CLIENT && + (xattr_type == XATTR_ACL_ACCESS_T || + xattr_type == XATTR_ACL_DEFAULT_T)) { + rce = rct_search(&sbi->ll_rct, current_pid()); + if (rce == NULL || + (rce->rce_ops != RMT_LSETFACL && + rce->rce_ops != RMT_RSETFACL)) + RETURN(-EOPNOTSUPP); + + if (rce->rce_ops == RMT_LSETFACL) { + struct eacl_entry *ee; + + ee = et_search_del(&sbi->ll_et, current_pid(), + ll_inode2fid(inode), xattr_type); + LASSERT(ee != NULL); if (valid & OBD_MD_FLXATTR) { acl = lustre_acl_xattr_merge2ext( (posix_acl_xattr_header *)value, @@ -169,11 +178,12 @@ int ll_setxattr_common(struct inode *inode, const char *name, } ee_free(ee); } else if (rce->rce_ops == RMT_RSETFACL) { - size = lustre_posix_acl_xattr_filter( - (posix_acl_xattr_header *)value, - size, &new_value); - if (unlikely(size < 0)) - RETURN(size); + int acl_size = lustre_posix_acl_xattr_filter( + (posix_acl_xattr_header *)value, + size, &new_value); + if (unlikely(acl_size < 0)) + RETURN(acl_size); + size = acl_size; pv = (const char *)new_value; } else @@ -182,11 +192,11 @@ int ll_setxattr_common(struct inode *inode, const char *name, valid |= rce_ops2valid(rce->rce_ops); } #endif - oc = ll_mdscapa_get(inode); - rc = md_setxattr(sbi->ll_md_exp, ll_inode2fid(inode), oc, - valid, name, pv, size, 0, flags, ll_i2suppgid(inode), - &req); - capa_put(oc); + oc = ll_mdscapa_get(inode); + rc = md_setxattr(sbi->ll_md_exp, ll_inode2fid(inode), oc, + valid, name, pv, size, 0, flags, + ll_i2suppgid(inode), &req); + capa_put(oc); #ifdef CONFIG_FS_POSIX_ACL if (new_value != NULL) lustre_posix_acl_xattr_free(new_value, size); @@ -214,8 +224,8 @@ int ll_setxattr(struct dentry *dentry, const char *name, LASSERT(inode); LASSERT(name); - CDEBUG(D_VFSTRACE, "VFS Op:inode=%lu/%u(%p), xattr %s\n", - inode->i_ino, inode->i_generation, inode, name); + CDEBUG(D_VFSTRACE, "VFS Op:inode="DFID"(%p), xattr %s\n", + PFID(ll_inode2fid(inode)), inode, name); ll_stats_ops_tally(ll_i2sbi(inode), LPROC_LL_SETXATTR, 1); @@ -234,15 +244,18 @@ int ll_setxattr(struct dentry *dentry, const char *name, if (lump != NULL && lump->lmm_stripe_offset == 0) lump->lmm_stripe_offset = -1; - if (lump != NULL && S_ISREG(inode->i_mode)) { - struct file f; - int flags = FMODE_WRITE; - - f.f_dentry = dentry; - rc = ll_lov_setstripe_ea_info(inode, &f, flags, - lump, sizeof(*lump)); - /* b10667: rc always be 0 here for now */ - rc = 0; + if (lump != NULL && S_ISREG(inode->i_mode)) { + struct file f; + __u64 it_flags = FMODE_WRITE; + int lum_size = (lump->lmm_magic == LOV_USER_MAGIC_V1) ? + sizeof(*lump) : sizeof(struct lov_user_md_v3); + + memset(&f, 0, sizeof(f)); /* f.f_flags is used below */ + f.f_dentry = dentry; + rc = ll_lov_setstripe_ea_info(inode, &f, it_flags, lump, + lum_size); + /* b10667: rc always be 0 here for now */ + rc = 0; } else if (S_ISDIR(inode->i_mode)) { rc = ll_dir_setstripe(inode, lump, 0); } @@ -264,8 +277,8 @@ int ll_removexattr(struct dentry *dentry, const char *name) LASSERT(inode); LASSERT(name); - CDEBUG(D_VFSTRACE, "VFS Op:inode=%lu/%u(%p), xattr %s\n", - inode->i_ino, inode->i_generation, inode, name); + CDEBUG(D_VFSTRACE, "VFS Op:inode="DFID"(%p), xattr %s\n", + PFID(ll_inode2fid(inode)), inode, name); ll_stats_ops_tally(ll_i2sbi(inode), LPROC_LL_REMOVEXATTR, 1); return ll_setxattr_common(inode, name, NULL, 0, 0, @@ -283,10 +296,11 @@ int ll_getxattr_common(struct inode *inode, const char *name, void *xdata; struct obd_capa *oc; struct rmtacl_ctl_entry *rce = NULL; + struct ll_inode_info *lli = ll_i2info(inode); ENTRY; - CDEBUG(D_VFSTRACE, "VFS Op:inode=%lu/%u(%p)\n", - inode->i_ino, inode->i_generation, inode); + CDEBUG(D_VFSTRACE, "VFS Op:inode="DFID"(%p)\n", + PFID(ll_inode2fid(inode)), inode); /* listxattr have slightly different behavior from of ext3: * without 'user_xattr' ext3 will list all xattr names but @@ -307,18 +321,23 @@ int ll_getxattr_common(struct inode *inode, const char *name, strcmp(name, "security.capability") == 0)) RETURN(-ENODATA); + /* LU-549: Disable security.selinux when selinux is disabled */ + if (xattr_type == XATTR_SECURITY_T && !selinux_is_enabled() && + strcmp(name, "security.selinux") == 0) + RETURN(-EOPNOTSUPP); + #ifdef CONFIG_FS_POSIX_ACL - if (sbi->ll_flags & LL_SBI_RMT_CLIENT && - (xattr_type == XATTR_ACL_ACCESS_T || - xattr_type == XATTR_ACL_DEFAULT_T)) { - rce = rct_search(&sbi->ll_rct, cfs_curproc_pid()); - if (rce == NULL || - (rce->rce_ops != RMT_LSETFACL && - rce->rce_ops != RMT_LGETFACL && - rce->rce_ops != RMT_RSETFACL && - rce->rce_ops != RMT_RGETFACL)) - RETURN(-EOPNOTSUPP); - } + if (sbi->ll_flags & LL_SBI_RMT_CLIENT && + (xattr_type == XATTR_ACL_ACCESS_T || + xattr_type == XATTR_ACL_DEFAULT_T)) { + rce = rct_search(&sbi->ll_rct, current_pid()); + if (rce == NULL || + (rce->rce_ops != RMT_LSETFACL && + rce->rce_ops != RMT_LGETFACL && + rce->rce_ops != RMT_RSETFACL && + rce->rce_ops != RMT_RGETFACL)) + RETURN(-EOPNOTSUPP); + } /* posix acl is under protection of LOOKUP lock. when calling to this, * we just have path resolution to the target inode, so we have great @@ -326,17 +345,17 @@ int ll_getxattr_common(struct inode *inode, const char *name, */ if (xattr_type == XATTR_ACL_ACCESS_T && !(sbi->ll_flags & LL_SBI_RMT_CLIENT)) { - struct ll_inode_info *lli = ll_i2info(inode); + struct posix_acl *acl; - cfs_spin_lock(&lli->lli_lock); - acl = posix_acl_dup(lli->lli_posix_acl); - cfs_spin_unlock(&lli->lli_lock); + spin_lock(&lli->lli_lock); + acl = posix_acl_dup(lli->lli_posix_acl); + spin_unlock(&lli->lli_lock); if (!acl) RETURN(-ENODATA); - rc = posix_acl_to_xattr(acl, buffer, size); + rc = posix_acl_to_xattr(&init_user_ns, acl, buffer, size); posix_acl_release(acl); RETURN(rc); } @@ -345,68 +364,87 @@ int ll_getxattr_common(struct inode *inode, const char *name, #endif do_getxattr: - oc = ll_mdscapa_get(inode); - rc = md_getxattr(sbi->ll_md_exp, ll_inode2fid(inode), oc, - valid | (rce ? rce_ops2valid(rce->rce_ops) : 0), - name, NULL, 0, size, 0, &req); - capa_put(oc); - if (rc) { - if (rc == -EOPNOTSUPP && xattr_type == XATTR_USER_T) { - LCONSOLE_INFO("Disabling user_xattr feature because " - "it is not supported on the server\n"); - sbi->ll_flags &= ~LL_SBI_USER_XATTR; - } - RETURN(rc); - } - - body = req_capsule_server_get(&req->rq_pill, &RMF_MDT_BODY); - LASSERT(body); - - /* only detect the xattr size */ - if (size == 0) - GOTO(out, rc = body->eadatasize); - - if (size < body->eadatasize) { - CERROR("server bug: replied size %u > %u\n", - body->eadatasize, (int)size); - GOTO(out, rc = -ERANGE); - } - - if (body->eadatasize == 0) - GOTO(out, rc = -ENODATA); - - /* do not need swab xattr data */ - xdata = req_capsule_server_sized_get(&req->rq_pill, &RMF_EADATA, - body->eadatasize); - if (!xdata) - GOTO(out, rc = -EFAULT); + if (sbi->ll_xattr_cache_enabled && xattr_type != XATTR_ACL_ACCESS_T) { + rc = ll_xattr_cache_get(inode, name, buffer, size, valid); + if (rc == -EAGAIN) + goto getxattr_nocache; + if (rc < 0) + GOTO(out_xattr, rc); + + /* Add "system.posix_acl_access" to the list */ + if (lli->lli_posix_acl != NULL && valid & OBD_MD_FLXATTRLS) { + if (size == 0) { + rc += sizeof(XATTR_NAME_ACL_ACCESS); + } else if (size - rc >= sizeof(XATTR_NAME_ACL_ACCESS)) { + memcpy(buffer + rc, XATTR_NAME_ACL_ACCESS, + sizeof(XATTR_NAME_ACL_ACCESS)); + rc += sizeof(XATTR_NAME_ACL_ACCESS); + } else { + GOTO(out_xattr, rc = -ERANGE); + } + } + } else { +getxattr_nocache: + oc = ll_mdscapa_get(inode); + rc = md_getxattr(sbi->ll_md_exp, ll_inode2fid(inode), oc, + valid | (rce ? rce_ops2valid(rce->rce_ops) : 0), + name, NULL, 0, size, 0, &req); + capa_put(oc); + + if (rc < 0) + GOTO(out_xattr, rc); + + body = req_capsule_server_get(&req->rq_pill, &RMF_MDT_BODY); + LASSERT(body); + + /* only detect the xattr size */ + if (size == 0) + GOTO(out, rc = body->mbo_eadatasize); + + if (size < body->mbo_eadatasize) { + CERROR("server bug: replied size %u > %u\n", + body->mbo_eadatasize, (int)size); + GOTO(out, rc = -ERANGE); + } + + if (body->mbo_eadatasize == 0) + GOTO(out, rc = -ENODATA); + + /* do not need swab xattr data */ + xdata = req_capsule_server_sized_get(&req->rq_pill, &RMF_EADATA, + body->mbo_eadatasize); + if (!xdata) + GOTO(out, rc = -EFAULT); + + memcpy(buffer, xdata, body->mbo_eadatasize); + rc = body->mbo_eadatasize; + } #ifdef CONFIG_FS_POSIX_ACL - if (body->eadatasize >= 0 && rce && rce->rce_ops == RMT_LSETFACL) { - ext_acl_xattr_header *acl; - - acl = lustre_posix_acl_xattr_2ext((posix_acl_xattr_header *)xdata, - body->eadatasize); - if (IS_ERR(acl)) - GOTO(out, rc = PTR_ERR(acl)); - - rc = ee_add(&sbi->ll_et, cfs_curproc_pid(), ll_inode2fid(inode), - xattr_type, acl); - if (unlikely(rc < 0)) { - lustre_ext_acl_xattr_free(acl); - GOTO(out, rc); - } - } + if (rce != NULL && rce->rce_ops == RMT_LSETFACL) { + ext_acl_xattr_header *acl; + + acl = lustre_posix_acl_xattr_2ext(buffer, rc); + if (IS_ERR(acl)) + GOTO(out, rc = PTR_ERR(acl)); + + rc = ee_add(&sbi->ll_et, current_pid(), ll_inode2fid(inode), + xattr_type, acl); + if (unlikely(rc < 0)) { + lustre_ext_acl_xattr_free(acl); + GOTO(out, rc); + } + } #endif - - if (body->eadatasize == 0) { - rc = -ENODATA; - } else { - LASSERT(buffer); - memcpy(buffer, xdata, body->eadatasize); - rc = body->eadatasize; - } - EXIT; + EXIT; + +out_xattr: + if (rc == -EOPNOTSUPP && xattr_type == XATTR_USER_T) { + LCONSOLE_INFO("%s: disabling user_xattr feature because " + "it is not supported on the server: rc = %d\n", + ll_get_fsname(inode->i_sb, NULL, 0), rc); + sbi->ll_flags &= ~LL_SBI_USER_XATTR; + } out: ptlrpc_req_finished(req); return rc; @@ -420,8 +458,8 @@ ssize_t ll_getxattr(struct dentry *dentry, const char *name, LASSERT(inode); LASSERT(name); - CDEBUG(D_VFSTRACE, "VFS Op:inode=%lu/%u(%p), xattr %s\n", - inode->i_ino, inode->i_generation, inode, name); + CDEBUG(D_VFSTRACE, "VFS Op:inode="DFID"(%p), xattr %s\n", + PFID(ll_inode2fid(inode)), inode, name); ll_stats_ops_tally(ll_i2sbi(inode), LPROC_LL_GETXATTR, 1); @@ -431,6 +469,7 @@ ssize_t ll_getxattr(struct dentry *dentry, const char *name, (strncmp(name, XATTR_LUSTRE_PREFIX, sizeof(XATTR_LUSTRE_PREFIX) - 1) == 0 && strcmp(name + sizeof(XATTR_LUSTRE_PREFIX) - 1, "lov") == 0)) { + struct lov_stripe_md *lsm; struct lov_user_md *lump; struct lov_mds_md *lmm = NULL; struct ptlrpc_request *request = NULL; @@ -439,26 +478,21 @@ ssize_t ll_getxattr(struct dentry *dentry, const char *name, if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode)) return -ENODATA; - if (size == 0 && S_ISDIR(inode->i_mode)) { - /* XXX directory EA is fix for now, optimize to save - * RPC transfer */ - GOTO(out, rc = sizeof(struct lov_user_md)); - } - - if (!ll_i2info(inode)->lli_smd) { - if (S_ISDIR(inode->i_mode)) { - rc = ll_dir_getstripe(inode, &lmm, - &lmmsize, &request); - } else { - rc = -ENODATA; - } - } else { - /* LSM is present already after lookup/getattr call. - * we need to grab layout lock once it is implemented */ - rc = obd_packmd(ll_i2dtexp(inode), &lmm, - ll_i2info(inode)->lli_smd); - lmmsize = rc; - } + lsm = ccc_inode_lsm_get(inode); + if (lsm == NULL) { + if (S_ISDIR(inode->i_mode)) { + rc = ll_dir_getstripe(inode, (void **)&lmm, + &lmmsize, &request, 0); + } else { + rc = -ENODATA; + } + } else { + /* LSM is present already after lookup/getattr call. + * we need to grab layout lock once it is implemented */ + rc = obd_packmd(ll_i2dtexp(inode), &lmm, lsm); + lmmsize = rc; + } + ccc_inode_lsm_put(inode, lsm); if (rc < 0) GOTO(out, rc); @@ -480,6 +514,10 @@ ssize_t ll_getxattr(struct dentry *dentry, const char *name, lump = (struct lov_user_md *)buffer; memcpy(lump, lmm, lmmsize); + /* do not return layout gen for getxattr otherwise it would + * confuse tar --xattr by recognizing layout gen as stripe + * offset when the file is restored. See LU-2809. */ + lump->lmm_layout_gen = 0; rc = lmmsize; out: @@ -503,8 +541,8 @@ ssize_t ll_listxattr(struct dentry *dentry, char *buffer, size_t size) LASSERT(inode); - CDEBUG(D_VFSTRACE, "VFS Op:inode=%lu/%u(%p)\n", - inode->i_ino, inode->i_generation, inode); + CDEBUG(D_VFSTRACE, "VFS Op:inode="DFID"(%p)\n", + PFID(ll_inode2fid(inode)), inode); ll_stats_ops_tally(ll_i2sbi(inode), LPROC_LL_LISTXATTR, 1); @@ -512,12 +550,36 @@ ssize_t ll_listxattr(struct dentry *dentry, char *buffer, size_t size) if (rc < 0) GOTO(out, rc); - if (S_ISREG(inode->i_mode)) { - if (ll_i2info(inode)->lli_smd == NULL) - rc2 = -1; - } else if (S_ISDIR(inode->i_mode)) { - rc2 = ll_dir_getstripe(inode, &lmm, &lmmsize, &request); - } + if (buffer != NULL) { + struct ll_sb_info *sbi = ll_i2sbi(inode); + char *xattr_name = buffer; + int xlen, rem = rc; + + while (rem > 0) { + xlen = strnlen(xattr_name, rem - 1) + 1; + rem -= xlen; + if (xattr_type_filter(sbi, + get_xattr_type(xattr_name)) == 0) { + /* skip OK xattr type + * leave it in buffer + */ + xattr_name += xlen; + continue; + } + /* move up remaining xattrs in buffer + * removing the xattr that is not OK + */ + memmove(xattr_name, xattr_name + xlen, rem); + rc -= xlen; + } + } + if (S_ISREG(inode->i_mode)) { + if (!ll_i2info(inode)->lli_has_smd) + rc2 = -1; + } else if (S_ISDIR(inode->i_mode)) { + rc2 = ll_dir_getstripe(inode, (void **)&lmm, &lmmsize, &request, + 0); + } if (rc2 < 0) { GOTO(out, rc2 = 0); @@ -526,14 +588,19 @@ ssize_t ll_listxattr(struct dentry *dentry, char *buffer, size_t size) const size_t name_len = sizeof("lov") - 1; const size_t total_len = prefix_len + name_len + 1; - if (buffer && (rc + total_len) <= size) { - buffer += rc; - memcpy(buffer,XATTR_LUSTRE_PREFIX, prefix_len); - memcpy(buffer+prefix_len, "lov", name_len); - buffer[prefix_len + name_len] = '\0'; - } - rc2 = total_len; - } + if (((rc + total_len) > size) && (buffer != NULL)) { + ptlrpc_req_finished(request); + return -ERANGE; + } + + if (buffer != NULL) { + buffer += rc; + memcpy(buffer, XATTR_LUSTRE_PREFIX, prefix_len); + memcpy(buffer + prefix_len, "lov", name_len); + buffer[prefix_len + name_len] = '\0'; + } + rc2 = total_len; + } out: ptlrpc_req_finished(request); rc = rc + rc2;