X-Git-Url: https://git.whamcloud.com/?p=fs%2Flustre-release.git;a=blobdiff_plain;f=lustre%2Fmdt%2Fmdt_identity.c;h=434ddbd985372cc24631f9bf1c58bcdb7a7c4293;hp=f196570f6cdd1a6c42b0bfa44090d6f510b3da9a;hb=c7139b228b5294b1e9f4f52a4c6565c06d17b4af;hpb=bf77741599f4bdfa3509a4a73ff462c4746fcd4e diff --git a/lustre/mdt/mdt_identity.c b/lustre/mdt/mdt_identity.c index f196570..434ddbd 100644 --- a/lustre/mdt/mdt_identity.c +++ b/lustre/mdt/mdt_identity.c @@ -1,24 +1,42 @@ /* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*- * vim:expandtab:shiftwidth=8:tabstop=8: * - * Copyright (C) 2004-2006 Cluster File Systems, Inc. - * Author: Lai Siyao - * Author: Fan Yong + * GPL HEADER START * - * This file is part of Lustre, http://www.lustre.org. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * - * Lustre is free software; you can redistribute it and/or - * modify it under the terms of version 2 of the GNU General Public - * License as published by the Free Software Foundation. + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 only, + * as published by the Free Software Foundation. * - * Lustre is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License version 2 for more details (a copy is included + * in the LICENSE file that accompanied this code). * - * You should have received a copy of the GNU General Public License - * along with Lustre; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * You should have received a copy of the GNU General Public License + * version 2 along with this program; If not, see + * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf + * + * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, + * CA 95054 USA or visit www.sun.com if you need additional information or + * have any questions. + * + * GPL HEADER END + */ +/* + * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. + * Use is subject to license terms. + */ +/* + * This file is part of Lustre, http://www.lustre.org/ + * Lustre is a trademark of Sun Microsystems, Inc. + * + * lustre/mdt/mdt_identity.c + * + * Author: Lai Siyao + * Author: Fan Yong */ #ifndef EXPORT_SYMTAB @@ -44,9 +62,8 @@ #include #include #include -#include -#include +#include #include #include #include @@ -67,22 +84,25 @@ static void mdt_identity_entry_init(struct upcall_cache_entry *entry, static void mdt_identity_entry_free(struct upcall_cache *cache, struct upcall_cache_entry *entry) { - struct mdt_identity *identity = &entry->u.identity; + struct md_identity *identity = &entry->u.identity; - if (identity->mi_ginfo) - groups_free(identity->mi_ginfo); + if (identity->mi_ginfo) { + cfs_put_group_info(identity->mi_ginfo); + identity->mi_ginfo = NULL; + } if (identity->mi_nperms) { LASSERT(identity->mi_perms); OBD_FREE(identity->mi_perms, - identity->mi_nperms * sizeof(struct mdt_setxid_perm)); + identity->mi_nperms * sizeof(struct md_perm)); + identity->mi_nperms = 0; } } static int mdt_identity_do_upcall(struct upcall_cache *cache, struct upcall_cache_entry *entry) { - char keystr[16]; + char *upcall, keystr[16]; char *argv[] = { [0] = cache->uc_upcall, [1] = cache->uc_name, @@ -94,36 +114,62 @@ static int mdt_identity_do_upcall(struct upcall_cache *cache, [1] = "PATH=/sbin:/usr/sbin", [2] = NULL }; - int rc; + struct timeval start, end; + int size, rc; ENTRY; + /* There is race condition: + * "uc_upcall" was changed just after "is_identity_get_disabled" check. + */ + size = strlen(cache->uc_upcall) + 1; + OBD_ALLOC(upcall, size); + if (unlikely(!upcall)) + RETURN(-ENOMEM); + + cfs_read_lock(&cache->uc_upcall_rwlock); + memcpy(upcall, cache->uc_upcall, size - 1); + cfs_read_unlock(&cache->uc_upcall_rwlock); + upcall[size - 1] = 0; + if (unlikely(!strcmp(upcall, "NONE"))) { + CERROR("no upcall set\n"); + GOTO(out, rc = -EREMCHG); + } + + argv[0] = upcall; + snprintf(keystr, sizeof(keystr), LPU64, entry->ue_key); - LASSERTF(strcmp(cache->uc_upcall, "NONE"), "no upcall set!"); - CDEBUG(D_INFO, "The upcall is: %s \n", cache->uc_upcall); + CDEBUG(D_INFO, "The upcall is: '%s'\n", cache->uc_upcall); + cfs_gettimeofday(&start); rc = USERMODEHELPER(argv[0], argv, envp); + cfs_gettimeofday(&end); if (rc < 0) { CERROR("%s: error invoking upcall %s %s %s: rc %d; " - "check /proc/fs/lustre/mdt/%s/identity_upcall\n", + "check /proc/fs/lustre/mdt/%s/identity_upcall, " + "time %ldus\n", cache->uc_name, argv[0], argv[1], argv[2], rc, - cache->uc_name); + cache->uc_name, cfs_timeval_sub(&end, &start, NULL)); } else { - CDEBUG(D_HA, "%s: invoked upcall %s %s %s\n", cache->uc_name, - argv[0], argv[1], argv[2]); + CDEBUG(D_HA, "%s: invoked upcall %s %s %s, time %ldus\n", + cache->uc_name, argv[0], argv[1], argv[2], + cfs_timeval_sub(&end, &start, NULL)); rc = 0; } - RETURN(rc); + EXIT; +out: + OBD_FREE(upcall, size); + return rc; } static int mdt_identity_parse_downcall(struct upcall_cache *cache, struct upcall_cache_entry *entry, void *args) { - struct mdt_identity *identity = &entry->u.identity; + struct md_identity *identity = &entry->u.identity; struct identity_downcall_data *data = args; - struct group_info *ginfo; - struct mdt_setxid_perm *perms = NULL; + cfs_group_info_t *ginfo; + struct md_perm *perms = NULL; int size, i; ENTRY; @@ -131,15 +177,14 @@ static int mdt_identity_parse_downcall(struct upcall_cache *cache, if (data->idd_ngroups > NGROUPS_MAX) RETURN(-E2BIG); - ginfo = groups_alloc(data->idd_ngroups); + ginfo = cfs_groups_alloc(data->idd_ngroups); if (!ginfo) { CERROR("failed to alloc %d groups\n", data->idd_ngroups); RETURN(-ENOMEM); } - groups_from_list(ginfo, data->idd_groups); - groups_sort(ginfo); - identity->mi_ginfo = ginfo; + lustre_groups_from_list(ginfo, data->idd_groups); + lustre_groups_sort(ginfo); if (data->idd_nperms) { size = data->idd_nperms * sizeof(*perms); @@ -147,9 +192,10 @@ static int mdt_identity_parse_downcall(struct upcall_cache *cache, if (!perms) { CERROR("failed to alloc %d permissions\n", data->idd_nperms); - put_group_info(ginfo); + cfs_put_group_info(ginfo); RETURN(-ENOMEM); } + for (i = 0; i < data->idd_nperms; i++) { perms[i].mp_nid = data->idd_perms[i].pdd_nid; perms[i].mp_perm = data->idd_perms[i].pdd_perm; @@ -169,23 +215,23 @@ static int mdt_identity_parse_downcall(struct upcall_cache *cache, RETURN(0); } -struct mdt_identity *mdt_identity_get(struct upcall_cache *cache, __u32 uid) +struct md_identity *mdt_identity_get(struct upcall_cache *cache, __u32 uid) { struct upcall_cache_entry *entry; if (!cache) - return NULL; + return ERR_PTR(-ENOENT); entry = upcall_cache_get_entry(cache, (__u64)uid, NULL); - if (IS_ERR(entry)) { - CERROR("upcall_cache_get_entry failed: %ld\n", PTR_ERR(entry)); - return NULL; - } - - return &entry->u.identity; + if (IS_ERR(entry)) + return ERR_PTR(PTR_ERR(entry)); + else if (unlikely(!entry)) + return ERR_PTR(-ENOENT); + else + return &entry->u.identity; } -void mdt_identity_put(struct upcall_cache *cache, struct mdt_identity *identity) +void mdt_identity_put(struct upcall_cache *cache, struct md_identity *identity) { if (!cache) return; @@ -213,12 +259,18 @@ void mdt_flush_identity(struct upcall_cache *cache, int uid) * If there is LNET_NID_ANY in perm[i].mp_nid, * it must be perm[0].mp_nid, and act as default perm. */ -__u32 mdt_identity_get_setxid_perm(struct mdt_identity *identity, - __u32 is_rmtclient, lnet_nid_t nid) +__u32 mdt_identity_get_perm(struct md_identity *identity, + __u32 is_rmtclient, lnet_nid_t nid) { - struct mdt_setxid_perm *perm = identity->mi_perms; + struct md_perm *perm; int i; + if (!identity) { + LASSERT(is_rmtclient == 0); + return CFS_SETGRP_PERM; + } + + perm = identity->mi_perms; /* check exactly matched nid first */ for (i = identity->mi_nperms - 1; i > 0; i--) { if (perm[i].mp_nid != nid) @@ -232,16 +284,14 @@ __u32 mdt_identity_get_setxid_perm(struct mdt_identity *identity, return perm[0].mp_perm; /* return default last */ - return is_rmtclient ? 0 : LUSTRE_SETGRP_PERM; + return is_rmtclient ? 0 : CFS_SETGRP_PERM; } int mdt_pack_remote_perm(struct mdt_thread_info *info, struct mdt_object *o, void *buf) { - struct ptlrpc_request *req = mdt_info_req(info); struct md_ucred *uc = mdt_ucred(info); struct md_object *next = mdt_object_child(o); - struct mdt_export_data *med = mdt_req2med(req); struct mdt_remote_perm *perm = buf; ENTRY; @@ -249,7 +299,7 @@ int mdt_pack_remote_perm(struct mdt_thread_info *info, struct mdt_object *o, /* remote client request always pack ptlrpc_user_desc! */ LASSERT(perm); - if (!med->med_rmtclient) + if (!exp_connect_rmtclient(info->mti_exp)) RETURN(-EBADE); if ((uc->mu_valid != UCRED_OLD) && (uc->mu_valid != UCRED_NEW))