};
/* Maximal number of fields (buffers) in a request message. */
-#define REQ_MAX_FIELD_NR 10
+#define REQ_MAX_FIELD_NR 11
struct req_capsule {
struct ptlrpc_request *rc_req;
void mdc_file_secctx_pack(struct ptlrpc_request *req,
const char *secctx_name,
const void *secctx, size_t secctx_size);
+void mdc_file_sepol_pack(struct ptlrpc_request *req);
void mdc_unlink_pack(struct ptlrpc_request *req, struct md_op_data *op_data);
void mdc_getxattr_pack(struct ptlrpc_request *req, struct md_op_data *op_data);
memcpy(buf, secctx, buf_size);
}
+void mdc_file_sepol_pack(struct ptlrpc_request *req)
+{
+ void *buf;
+ size_t buf_size;
+
+ if (strlen(req->rq_sepol) == 0)
+ return;
+
+ buf = req_capsule_client_get(&req->rq_pill, &RMF_SELINUX_POL);
+ buf_size = req_capsule_get_size(&req->rq_pill, &RMF_SELINUX_POL,
+ RCL_CLIENT);
+
+ LASSERT(buf_size == strlen(req->rq_sepol) + 1);
+ snprintf(buf, strlen(req->rq_sepol) + 1, "%s", req->rq_sepol);
+}
+
void mdc_readdir_pack(struct ptlrpc_request *req, __u64 pgoff, size_t size,
const struct lu_fid *fid)
{
mdc_file_secctx_pack(req, op_data->op_file_secctx_name,
op_data->op_file_secctx,
op_data->op_file_secctx_size);
+
+ /* pack SELinux policy info if any */
+ mdc_file_sepol_pack(req);
}
static inline __u64 mds_pack_open_flags(__u64 flags)
mdc_file_secctx_pack(req, op_data->op_file_secctx_name,
op_data->op_file_secctx,
op_data->op_file_secctx_size);
+
+ /* pack SELinux policy info if any */
+ mdc_file_sepol_pack(req);
}
if (lmm) {
rec->ul_bias = op_data->op_bias;
mdc_pack_name(req, &RMF_NAME, op_data->op_name, op_data->op_namelen);
+
+ /* pack SELinux policy info if any */
+ mdc_file_sepol_pack(req);
}
void mdc_link_pack(struct ptlrpc_request *req, struct md_op_data *op_data)
rec->lk_bias = op_data->op_bias;
mdc_pack_name(req, &RMF_NAME, op_data->op_name, op_data->op_namelen);
+
+ /* pack SELinux policy info if any */
+ mdc_file_sepol_pack(req);
}
static void mdc_close_intent_pack(struct ptlrpc_request *req,
if (new != NULL)
mdc_pack_name(req, &RMF_SYMTGT, new, newlen);
+
+ /* pack SELinux policy info if any */
+ mdc_file_sepol_pack(req);
}
void mdc_migrate_pack(struct ptlrpc_request *req, struct md_op_data *op_data,
req_capsule_set_size(&req->rq_pill, &RMF_FILE_SECCTX, RCL_CLIENT,
op_data->op_file_secctx_size);
+ /* get SELinux policy info if any */
+ rc = sptlrpc_get_sepol(req);
+ if (rc < 0) {
+ ptlrpc_request_free(req);
+ RETURN(ERR_PTR(rc));
+ }
+ req_capsule_set_size(&req->rq_pill, &RMF_SELINUX_POL, RCL_CLIENT,
+ strlen(req->rq_sepol) ?
+ strlen(req->rq_sepol) + 1 : 0);
+
rc = ldlm_prep_enqueue_req(exp, req, &cancels, count);
if (rc < 0) {
ptlrpc_request_free(req);
if (req == NULL)
RETURN(ERR_PTR(-ENOMEM));
+ /* get SELinux policy info if any */
+ rc = sptlrpc_get_sepol(req);
+ if (rc < 0) {
+ ptlrpc_request_free(req);
+ RETURN(ERR_PTR(rc));
+ }
+ req_capsule_set_size(&req->rq_pill, &RMF_SELINUX_POL, RCL_CLIENT,
+ strlen(req->rq_sepol) ?
+ strlen(req->rq_sepol) + 1 : 0);
+
rc = ldlm_prep_enqueue_req(exp, req, &cancels, count);
if (rc) {
ptlrpc_request_free(req);
mdc_pack_body(req, &op_data->op_fid1, op_data->op_valid,
ea_vals_buf_size, -1, 0);
+ /* get SELinux policy info if any */
+ mdc_file_sepol_pack(req);
+
req_capsule_set_size(&req->rq_pill, &RMF_EADATA, RCL_SERVER,
GA_DEFAULT_EA_NAME_LEN * GA_DEFAULT_EA_NUM);
req_capsule_set_size(&req->rq_pill, &RMF_FILE_SECCTX, RCL_CLIENT,
op_data->op_file_secctx_size);
+ /* get SELinux policy info if any */
+ rc = sptlrpc_get_sepol(req);
+ if (rc < 0) {
+ ptlrpc_request_free(req);
+ RETURN(rc);
+ }
+ req_capsule_set_size(&req->rq_pill, &RMF_SELINUX_POL, RCL_CLIENT,
+ strlen(req->rq_sepol) ?
+ strlen(req->rq_sepol) + 1 : 0);
+
rc = mdc_prep_elc_req(exp, req, MDS_REINT, &cancels, count);
if (rc) {
ptlrpc_request_free(req);
req_capsule_set_size(&req->rq_pill, &RMF_NAME, RCL_CLIENT,
op_data->op_namelen + 1);
+ /* get SELinux policy info if any */
+ rc = sptlrpc_get_sepol(req);
+ if (rc < 0) {
+ ptlrpc_request_free(req);
+ RETURN(rc);
+ }
+ req_capsule_set_size(&req->rq_pill, &RMF_SELINUX_POL, RCL_CLIENT,
+ strlen(req->rq_sepol) ?
+ strlen(req->rq_sepol) + 1 : 0);
+
rc = mdc_prep_elc_req(exp, req, MDS_REINT, &cancels, count);
if (rc) {
ptlrpc_request_free(req);
req_capsule_set_size(&req->rq_pill, &RMF_NAME, RCL_CLIENT,
op_data->op_namelen + 1);
+ /* get SELinux policy info if any */
+ rc = sptlrpc_get_sepol(req);
+ if (rc < 0) {
+ ptlrpc_request_free(req);
+ RETURN(rc);
+ }
+ req_capsule_set_size(&req->rq_pill, &RMF_SELINUX_POL, RCL_CLIENT,
+ strlen(req->rq_sepol) ?
+ strlen(req->rq_sepol) + 1 : 0);
+
rc = mdc_prep_elc_req(exp, req, MDS_REINT, &cancels, count);
if (rc) {
ptlrpc_request_free(req);
req_capsule_set_size(&req->rq_pill, &RMF_EADATA, RCL_CLIENT,
op_data->op_data_size);
+ /* get SELinux policy info if any */
+ rc = sptlrpc_get_sepol(req);
+ if (rc < 0) {
+ ptlrpc_request_free(req);
+ RETURN(rc);
+ }
+ req_capsule_set_size(&req->rq_pill, &RMF_SELINUX_POL, RCL_CLIENT,
+ strlen(req->rq_sepol) ?
+ strlen(req->rq_sepol) + 1 : 0);
+
rc = mdc_prep_elc_req(exp, req, MDS_REINT, &cancels, count);
if (rc) {
ptlrpc_request_free(req);
if (req == NULL)
RETURN(-ENOMEM);
- if (xattr_name) {
- xattr_namelen = strlen(xattr_name) + 1;
- req_capsule_set_size(&req->rq_pill, &RMF_NAME, RCL_CLIENT,
- xattr_namelen);
- }
- if (input_size) {
- LASSERT(input);
- req_capsule_set_size(&req->rq_pill, &RMF_EADATA, RCL_CLIENT,
- input_size);
- }
+ if (xattr_name) {
+ xattr_namelen = strlen(xattr_name) + 1;
+ req_capsule_set_size(&req->rq_pill, &RMF_NAME, RCL_CLIENT,
+ xattr_namelen);
+ }
+ if (input_size)
+ LASSERT(input);
+ req_capsule_set_size(&req->rq_pill, &RMF_EADATA, RCL_CLIENT,
+ input_size);
+
+ /* get SELinux policy info if any */
+ rc = sptlrpc_get_sepol(req);
+ if (rc < 0) {
+ ptlrpc_request_free(req);
+ RETURN(rc);
+ }
+ req_capsule_set_size(&req->rq_pill, &RMF_SELINUX_POL, RCL_CLIENT,
+ strlen(req->rq_sepol) ?
+ strlen(req->rq_sepol) + 1 : 0);
/* Flush local XATTR locks to get rid of a possible cancel RPC */
if (opcode == MDS_REINT && fid_is_sane(fid) &&
memcpy(tmp, input, input_size);
}
+ mdc_file_sepol_pack(req);
+
if (req_capsule_has_field(&req->rq_pill, &RMF_EADATA, RCL_SERVER))
req_capsule_set_size(&req->rq_pill, &RMF_EADATA,
RCL_SERVER, output_size);
if (ldlm_rep == NULL ||
OBD_FAIL_CHECK(OBD_FAIL_MDS_XATTR_REP)) {
mdt_object_unlock(info, info->mti_object, lhc, 1);
- RETURN(err_serious(-EFAULT));
+ if (is_serious(rc))
+ RETURN(rc);
+ else
+ RETURN(err_serious(-EFAULT));
}
ldlm_rep->lock_policy_res2 = clear_serious(rc);
rc = mdt_reint_internal(info, lhc, opc);
- /* Check whether the reply has been packed successfully. */
- if (mdt_info_req(info)->rq_repmsg != NULL)
- rep = req_capsule_server_get(info->mti_pill, &RMF_DLM_REP);
- if (rep == NULL)
- RETURN(err_serious(-EFAULT));
+ /* Check whether the reply has been packed successfully. */
+ if (mdt_info_req(info)->rq_repmsg != NULL)
+ rep = req_capsule_server_get(info->mti_pill, &RMF_DLM_REP);
+ if (rep == NULL) {
+ if (is_serious(rc))
+ RETURN(rc);
+ else
+ RETURN(err_serious(-EFAULT));
+ }
/* MDC expects this in any case */
if (rc != 0)
struct mdt_rec_create *rec;
struct lu_attr *attr = &info->mti_attr.ma_attr;
struct mdt_reint_record *rr = &info->mti_rr;
- struct req_capsule *pill = info->mti_pill;
- struct md_op_spec *sp = &info->mti_spec;
+ struct req_capsule *pill = info->mti_pill;
+ struct md_op_spec *sp = &info->mti_spec;
int rc;
ENTRY;
if (rc < 0)
RETURN(rc);
+ rc = req_check_sepol(pill);
+ if (rc)
+ RETURN(rc);
+
rc = mdt_dlmreq_unpack(info);
RETURN(rc);
}
if (rc < 0)
RETURN(rc);
+ rc = req_check_sepol(pill);
+ if (rc)
+ RETURN(rc);
+
rc = mdt_dlmreq_unpack(info);
RETURN(rc);
struct mdt_rec_unlink *rec;
struct lu_attr *attr = &info->mti_attr.ma_attr;
struct mdt_reint_record *rr = &info->mti_rr;
- struct req_capsule *pill = info->mti_pill;
+ struct req_capsule *pill = info->mti_pill;
int rc;
ENTRY;
info->mti_spec.no_create = !!req_is_replay(mdt_info_req(info));
+ rc = req_check_sepol(pill);
+ if (rc)
+ RETURN(rc);
+
rc = mdt_dlmreq_unpack(info);
RETURN(rc);
}
spec->no_create = !!req_is_replay(mdt_info_req(info));
+ rc = req_check_sepol(pill);
+ if (rc)
+ RETURN(rc);
+
rc = mdt_dlmreq_unpack(info);
RETURN(rc);
rc = mdt_file_secctx_unpack(pill, &sp->sp_cr_file_secctx_name,
&sp->sp_cr_file_secctx,
&sp->sp_cr_file_secctx_size);
+ if (rc < 0)
+ RETURN(rc);
+
+ rc = req_check_sepol(pill);
+ if (rc)
+ RETURN(rc);
RETURN(rc);
}
RETURN(-EFAULT);
}
+ rc = req_check_sepol(pill);
+ if (rc)
+ RETURN(rc);
+
if (mdt_dlmreq_unpack(info) < 0)
RETURN(-EPROTO);
CDEBUG(D_INODE, "getxattr "DFID"\n", PFID(&info->mti_body->mbo_fid1));
+ rc = req_check_sepol(info->mti_pill);
+ if (rc)
+ RETURN(err_serious(rc));
+
reqbody = req_capsule_client_get(info->mti_pill, &RMF_MDT_BODY);
if (reqbody == NULL)
RETURN(err_serious(-EFAULT));
&RMF_EADATA,
&RMF_DLM_REQ,
&RMF_FILE_SECCTX_NAME,
- &RMF_FILE_SECCTX
+ &RMF_FILE_SECCTX,
+ &RMF_SELINUX_POL
};
static const struct req_msg_field *mds_reint_create_sym_client[] = {
&RMF_SYMTGT,
&RMF_DLM_REQ,
&RMF_FILE_SECCTX_NAME,
- &RMF_FILE_SECCTX
+ &RMF_FILE_SECCTX,
+ &RMF_SELINUX_POL
};
static const struct req_msg_field *mds_reint_open_client[] = {
&RMF_NAME,
&RMF_EADATA,
&RMF_FILE_SECCTX_NAME,
- &RMF_FILE_SECCTX
+ &RMF_FILE_SECCTX,
+ &RMF_SELINUX_POL
};
static const struct req_msg_field *mds_reint_open_server[] = {
};
static const struct req_msg_field *mds_reint_unlink_client[] = {
- &RMF_PTLRPC_BODY,
- &RMF_REC_REINT,
- &RMF_CAPA1,
- &RMF_NAME,
- &RMF_DLM_REQ
+ &RMF_PTLRPC_BODY,
+ &RMF_REC_REINT,
+ &RMF_CAPA1,
+ &RMF_NAME,
+ &RMF_DLM_REQ,
+ &RMF_SELINUX_POL
};
static const struct req_msg_field *mds_reint_link_client[] = {
- &RMF_PTLRPC_BODY,
- &RMF_REC_REINT,
- &RMF_CAPA1,
- &RMF_CAPA2,
- &RMF_NAME,
- &RMF_DLM_REQ
+ &RMF_PTLRPC_BODY,
+ &RMF_REC_REINT,
+ &RMF_CAPA1,
+ &RMF_CAPA2,
+ &RMF_NAME,
+ &RMF_DLM_REQ,
+ &RMF_SELINUX_POL
};
static const struct req_msg_field *mds_reint_rename_client[] = {
- &RMF_PTLRPC_BODY,
- &RMF_REC_REINT,
- &RMF_CAPA1,
- &RMF_CAPA2,
- &RMF_NAME,
- &RMF_SYMTGT,
- &RMF_DLM_REQ
+ &RMF_PTLRPC_BODY,
+ &RMF_REC_REINT,
+ &RMF_CAPA1,
+ &RMF_CAPA2,
+ &RMF_NAME,
+ &RMF_SYMTGT,
+ &RMF_DLM_REQ,
+ &RMF_SELINUX_POL
};
static const struct req_msg_field *mds_reint_migrate_client[] = {
&RMF_NAME,
&RMF_SYMTGT,
&RMF_DLM_REQ,
+ &RMF_SELINUX_POL,
&RMF_MDT_EPOCH,
&RMF_CLOSE_DATA,
&RMF_EADATA
&RMF_CAPA1,
&RMF_NAME,
&RMF_EADATA,
- &RMF_DLM_REQ
+ &RMF_DLM_REQ,
+ &RMF_SELINUX_POL
};
static const struct req_msg_field *mds_reint_resync[] = {
&RMF_NAME,
&RMF_EADATA,
&RMF_FILE_SECCTX_NAME,
- &RMF_FILE_SECCTX
+ &RMF_FILE_SECCTX,
+ &RMF_SELINUX_POL
};
static const struct req_msg_field *ldlm_intent_open_client[] = {
&RMF_NAME,
&RMF_EADATA,
&RMF_FILE_SECCTX_NAME,
- &RMF_FILE_SECCTX
+ &RMF_FILE_SECCTX,
+ &RMF_SELINUX_POL
};
static const struct req_msg_field *ldlm_intent_getxattr_client[] = {
&RMF_LDLM_INTENT,
&RMF_MDT_BODY,
&RMF_CAPA1,
+ &RMF_SELINUX_POL
};
static const struct req_msg_field *ldlm_intent_getxattr_server[] = {
};
static const struct req_msg_field *mds_getxattr_client[] = {
- &RMF_PTLRPC_BODY,
- &RMF_MDT_BODY,
- &RMF_CAPA1,
- &RMF_NAME,
- &RMF_EADATA
+ &RMF_PTLRPC_BODY,
+ &RMF_MDT_BODY,
+ &RMF_CAPA1,
+ &RMF_NAME,
+ &RMF_EADATA,
+ &RMF_SELINUX_POL
};
static const struct req_msg_field *mds_getxattr_server[] = {
git://git.whamcloud.com / fs / lustre-release.git / commitdiff