Branch HEAD

author vitaly <vitaly>

Tue, 9 Sep 2008 17:52:58 +0000 (17:52 +0000)

committer vitaly <vitaly>

Tue, 9 Sep 2008 17:52:58 +0000 (17:52 +0000)
author vitaly <vitaly>
Tue, 9 Sep 2008 17:52:58 +0000 (17:52 +0000)
committer vitaly <vitaly>
Tue, 9 Sep 2008 17:52:58 +0000 (17:52 +0000)
diff --git a/libcfs/include/libcfs/curproc.h b/libcfs/include/libcfs/curproc.h

index 518fbd4..b79caf1 100644 (file)
--- a/libcfs/include/libcfs/curproc.h
+++ b/libcfs/include/libcfs/curproc.h
@@ -70,10 +70,37 @@ char  *cfs_curproc_comm(void);
   *
   * cfs_kernel_cap_t
   */
   *
   * cfs_kernel_cap_t
   */
-cfs_kernel_cap_t cfs_curproc_cap_get(void);
-void cfs_curproc_cap_set(cfs_kernel_cap_t cap);
  #endif
  
  #endif
  
+typedef __u32 cfs_cap_t;
+
+#define CFS_CAP_CHOWN                   0
+#define CFS_CAP_DAC_OVERRIDE            1
+#define CFS_CAP_DAC_READ_SEARCH         2
+#define CFS_CAP_FOWNER                  3
+#define CFS_CAP_FSETID                  4
+#define CFS_CAP_LINUX_IMMUTABLE         9
+#define CFS_CAP_SYS_ADMIN              21
+#define CFS_CAP_SYS_BOOT               23
+#define CFS_CAP_SYS_RESOURCE           24
+
+#define CFS_CAP_FS_MASK ((1 << CFS_CAP_CHOWN) |                 \
+                         (1 << CFS_CAP_DAC_OVERRIDE) |          \
+                         (1 << CFS_CAP_DAC_READ_SEARCH) |       \
+                         (1 << CFS_CAP_FOWNER) |                \
+                         (1 << CFS_CAP_FSETID ) |               \
+                         (1 << CFS_CAP_LINUX_IMMUTABLE) |       \
+                         (1 << CFS_CAP_SYS_ADMIN) |             \
+                         (1 << CFS_CAP_SYS_BOOT) |              \
+                         (1 << CFS_CAP_SYS_RESOURCE))
+
+void cfs_cap_raise(cfs_cap_t cap);
+void cfs_cap_lower(cfs_cap_t cap);
+int cfs_cap_raised(cfs_cap_t cap);
+cfs_cap_t cfs_curproc_cap_pack(void);
+void cfs_curproc_cap_unpack(cfs_cap_t cap);
+int cfs_capable(cfs_cap_t cap);
+
  /* __LIBCFS_CURPROC_H__ */
  #endif
  /*
  /* __LIBCFS_CURPROC_H__ */
  #endif
  /*
diff --git a/libcfs/include/libcfs/darwin/darwin-prim.h b/libcfs/include/libcfs/darwin/darwin-prim.h

index 966af96..2b877de 100644 (file)
--- a/libcfs/include/libcfs/darwin/darwin-prim.h
+++ b/libcfs/include/libcfs/darwin/darwin-prim.h
@@ -437,10 +437,6 @@ extern int is_suser(void);
  #define lock_kernel()                          do {} while(0)
  #define unlock_kernel()                                do {} while(0)
  
  #define lock_kernel()                          do {} while(0)
  #define unlock_kernel()                                do {} while(0)
  
-#define CAP_SYS_BOOT                           0
-#define CAP_SYS_ADMIN                           1
-#define capable(a)                             ((a) == CAP_SYS_BOOT ? is_suser(): is_suser1())
-
  #define USERMODEHELPER(path, argv, envp)       (0)
  
  #define cfs_module(name, version, init, fini)                          \
  #define USERMODEHELPER(path, argv, envp)       (0)
  
  #define cfs_module(name, version, init, fini)                          \
diff --git a/libcfs/include/libcfs/darwin/libcfs.h b/libcfs/include/libcfs/darwin/libcfs.h

index bd2e001..ee7b181 100644 (file)
--- a/libcfs/include/libcfs/darwin/libcfs.h
+++ b/libcfs/include/libcfs/darwin/libcfs.h
@@ -190,7 +190,7 @@ __entry_nesting(&__cdd);
  /*
   * XNU has no capabilities
   */
  /*
   * XNU has no capabilities
   */
-typedef int cfs_kernel_cap_t;
+typedef __u32 cfs_kernel_cap_t;
  
  #ifdef __KERNEL__
  enum {
  
  #ifdef __KERNEL__
  enum {
diff --git a/libcfs/include/libcfs/winnt/winnt-prim.h b/libcfs/include/libcfs/winnt/winnt-prim.h

index c1ed6ff..87f905b 100644 (file)
--- a/libcfs/include/libcfs/winnt/winnt-prim.h
+++ b/libcfs/include/libcfs/winnt/winnt-prim.h
@@ -708,11 +708,6 @@ libcfs_arch_cleanup(void);
  #define lock_kernel()               do {} while(0)
  #define unlock_kernel()             do {} while(0)
  
  #define lock_kernel()               do {} while(0)
  #define unlock_kernel()             do {} while(0)
  
-#define CAP_SYS_ADMIN                    0
-#define CAP_SYS_ROOT                     1
-
-#define capable(a)                             (TRUE)
-
  #define USERMODEHELPER(path, argv, envp)       (0)
  
  
  #define USERMODEHELPER(path, argv, envp)       (0)
  
  
diff --git a/libcfs/libcfs/darwin/darwin-curproc.c b/libcfs/libcfs/darwin/darwin-curproc.c

index 7e3ca1d..be37907 100644 (file)
--- a/libcfs/libcfs/darwin/darwin-curproc.c
+++ b/libcfs/libcfs/darwin/darwin-curproc.c
@@ -163,16 +163,25 @@ char  *cfs_curproc_comm(void)
  #endif
  }
  
  #endif
  }
  
-cfs_kernel_cap_t cfs_curproc_cap_get(void)
+void cfs_cap_raise(cfs_cap_t cap) {}
+void cfs_cap_lower(cfs_cap_t cap) {}
+
+int cfs_cap_raised(cfs_cap_t cap)
  {
  {
+        return 1;
+}
+
+cfs_cap_t cfs_curproc_cap_pack(void) {
          return -1;
  }
  
          return -1;
  }
  
-void cfs_curproc_cap_set(cfs_kernel_cap_t cap)
-{
-        return;
+void cfs_curproc_cap_unpack(cfs_cap_t cap) {
  }
  
  }
  
+int cfs_capable(cfs_cap_t cap)
+{
+        return cap == CFS_CAP_SYS_BOOT ? is_suser(): is_suser1();
+}
  
  /*
   * Local variables:
  
  /*
   * Local variables:
diff --git a/libcfs/libcfs/linux/linux-curproc.c b/libcfs/libcfs/linux/linux-curproc.c

index 391f624..eb12dae 100644 (file)
--- a/libcfs/libcfs/linux/linux-curproc.c
+++ b/libcfs/libcfs/linux/linux-curproc.c
@@ -120,14 +120,48 @@ char  *cfs_curproc_comm(void)
          return current->comm;
  }
  
          return current->comm;
  }
  
-cfs_kernel_cap_t cfs_curproc_cap_get(void)
+/* Currently all the CFS_CAP_* defines match CAP_* ones. */
+#define cfs_cap_pack(cap) (cap)
+#define cfs_cap_unpack(cap) (cap)
+
+void cfs_cap_raise(cfs_cap_t cap)
+{
+        cap_raise(cfs_current()->cap_effective, cfs_cap_unpack(cap));
+}
+
+void cfs_cap_lower(cfs_cap_t cap)
  {
  {
-        return current->cap_effective;
+        cap_lower(cfs_current()->cap_effective, cfs_cap_unpack(cap));
+}
+
+int cfs_cap_raised(cfs_cap_t cap)
+{
+        return cap_raised(cfs_current()->cap_effective, cfs_cap_unpack(cap));
+}
+
+cfs_cap_t cfs_curproc_cap_pack(void) {
+#if _LINUX_CAPABILITY_VERSION == 0x19980330
+        return cfs_cap_pack(current->cap_effective);
+#elif _LINUX_CAPABILITY_VERSION == 0x20071026
+        return cfs_cap_pack(current->cap_effective[0]);
+#else
+        #error "need correct _LINUX_CAPABILITY_VERSION "
+#endif
+}
+
+void cfs_curproc_cap_unpack(cfs_cap_t cap) {
+#if _LINUX_CAPABILITY_VERSION == 0x19980330
+        current->cap_effective = cfs_cap_unpack(cap);
+#elif _LINUX_CAPABILITY_VERSION == 0x20071026
+        current->cap_effective[0] = cfs_cap_unpack(cap);
+#else
+        #error "need correct _LINUX_CAPABILITY_VERSION "
+#endif
  }
  
  }
  
-void cfs_curproc_cap_set(cfs_kernel_cap_t cap)
+int cfs_capable(cfs_cap_t cap)
  {
  {
-        current->cap_effective = cap;
+        return capable(cfs_cap_unpack(cap));
  }
  
  EXPORT_SYMBOL(cfs_curproc_uid);
  }
  
  EXPORT_SYMBOL(cfs_curproc_uid);
@@ -140,8 +174,12 @@ EXPORT_SYMBOL(cfs_curproc_comm);
  EXPORT_SYMBOL(cfs_curproc_groups_nr);
  EXPORT_SYMBOL(cfs_curproc_groups_dump);
  EXPORT_SYMBOL(cfs_curproc_is_in_groups);
  EXPORT_SYMBOL(cfs_curproc_groups_nr);
  EXPORT_SYMBOL(cfs_curproc_groups_dump);
  EXPORT_SYMBOL(cfs_curproc_is_in_groups);
-EXPORT_SYMBOL(cfs_curproc_cap_get);
-EXPORT_SYMBOL(cfs_curproc_cap_set);
+EXPORT_SYMBOL(cfs_cap_raise);
+EXPORT_SYMBOL(cfs_cap_lower);
+EXPORT_SYMBOL(cfs_cap_raised);
+EXPORT_SYMBOL(cfs_curproc_cap_pack);
+EXPORT_SYMBOL(cfs_curproc_cap_unpack);
+EXPORT_SYMBOL(cfs_capable);
  
  /*
   * Local variables:
  
  /*
   * Local variables:
diff --git a/libcfs/libcfs/linux/linux-module.c b/libcfs/libcfs/linux/linux-module.c

index 998162a..88eab3e 100644 (file)
--- a/libcfs/libcfs/linux/linux-module.c
+++ b/libcfs/libcfs/linux/linux-module.c
@@ -152,12 +152,12 @@ libcfs_ioctl(struct inode *inode, struct file *file,
         /* Handle platform-dependent IOC requests */
         switch (cmd) {
         case IOC_LIBCFS_PANIC:
         /* Handle platform-dependent IOC requests */
         switch (cmd) {
         case IOC_LIBCFS_PANIC:
-               if (!capable (CAP_SYS_BOOT))
+               if (!cfs_capable(CFS_CAP_SYS_BOOT))
                         return (-EPERM);
                 panic("debugctl-invoked panic");
                 return (0);
         case IOC_LIBCFS_MEMHOG:
                         return (-EPERM);
                 panic("debugctl-invoked panic");
                 return (0);
         case IOC_LIBCFS_MEMHOG:
-               if (!capable (CAP_SYS_ADMIN))
+               if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                         return -EPERM;
                 /* go thought */
         }
                         return -EPERM;
                 /* go thought */
         }
diff --git a/libcfs/libcfs/lwt.c b/libcfs/libcfs/lwt.c

index ca9e7e4..325785b 100644 (file)
--- a/libcfs/libcfs/lwt.c
+++ b/libcfs/libcfs/lwt.c
@@ -86,7 +86,7 @@ lwt_lookup_string (int *size, char *knl_ptr,
           * trying to determine the string length, so we're trusting our
           * caller... */
  
           * trying to determine the string length, so we're trusting our
           * caller... */
  
-        if (!capable(CAP_SYS_ADMIN))
+        if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                  return (-EPERM);
  
          if (user_size > 0 && 
                  return (-EPERM);
  
          if (user_size > 0 && 
@@ -117,7 +117,7 @@ lwt_control (int enable, int clear)
          int          i;
          int          j;
  
          int          i;
          int          j;
  
-        if (!capable(CAP_SYS_ADMIN))
+        if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                  return (-EPERM);
  
          if (!enable) {
                  return (-EPERM);
  
          if (!enable) {
@@ -164,7 +164,7 @@ lwt_snapshot (cycles_t *now, int *ncpu, int *total_size,
          int          i;
          int          j;
  
          int          i;
          int          j;
  
-        if (!capable(CAP_SYS_ADMIN))
+        if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                  return (-EPERM);
  
          *ncpu = num_online_cpus();
                  return (-EPERM);
  
          *ncpu = num_online_cpus();
diff --git a/libcfs/libcfs/winnt/winnt-curproc.c b/libcfs/libcfs/winnt/winnt-curproc.c

index 9efcdc1..7e6f394 100644 (file)
--- a/libcfs/libcfs/winnt/winnt-curproc.c
+++ b/libcfs/libcfs/winnt/winnt-curproc.c
@@ -106,16 +106,33 @@ char  *cfs_curproc_comm(void)
      return this_task.comm;
  }
  
      return this_task.comm;
  }
  
-cfs_kernel_cap_t cfs_curproc_cap_get(void)
+void cfs_cap_raise(cfs_cap_t cap)
  {
  {
-    return this_task.cap_effective;
+        this_task.cap_effective |= (1 << cap);
  }
  
  }
  
-void cfs_curproc_cap_set(cfs_kernel_cap_t cap)
+void cfs_cap_lower(cfs_cap_t cap)
  {
  {
-    this_task.cap_effective = cap;
+        this_task.cap_effective &= ~(1 << cap);
  }
  
  }
  
+int cfs_cap_raised(cfs_cap_t cap)
+{
+        return this_task.cap_effective & (1 << cap);
+}
+
+cfs_cap_t cfs_curproc_cap_pack(void) {
+        return this_task.cap_effective;
+}
+
+void cfs_curproc_cap_unpack(cfs_cap_t cap) {
+        this_task.cap_effective = cap;
+}
+
+int cfs_capable(cfs_cap_t cap)
+{
+        return TRUE;
+}
  
  /*
   * Implementation of linux task management routines
  
  /*
   * Implementation of linux task management routines
@@ -468,5 +485,9 @@ EXPORT_SYMBOL(cfs_curproc_comm);
  EXPORT_SYMBOL(cfs_curproc_groups_nr);
  EXPORT_SYMBOL(cfs_curproc_groups_dump);
  EXPORT_SYMBOL(cfs_curproc_is_in_groups);
  EXPORT_SYMBOL(cfs_curproc_groups_nr);
  EXPORT_SYMBOL(cfs_curproc_groups_dump);
  EXPORT_SYMBOL(cfs_curproc_is_in_groups);
-EXPORT_SYMBOL(cfs_curproc_cap_get);
-EXPORT_SYMBOL(cfs_curproc_cap_set);
+EXPORT_SYMBOL(cfs_cap_raise);
+EXPORT_SYMBOL(cfs_cap_lower);
+EXPORT_SYMBOL(cfs_cap_raised);
+EXPORT_SYMBOL(cfs_curproc_cap_pack);
+EXPORT_SYMBOL(cfs_curproc_cap_unpack);
+EXPORT_SYMBOL(cfs_capable);
diff --git a/libcfs/libcfs/winnt/winnt-module.c b/libcfs/libcfs/winnt/winnt-module.c

index bc5de9e..ac255ba 100644 (file)
--- a/libcfs/libcfs/winnt/winnt-module.c
+++ b/libcfs/libcfs/winnt/winnt-module.c
@@ -137,7 +137,7 @@ libcfs_ioctl(cfs_file_t * file, unsigned int cmd, ulong_ptr arg)
         /* Handle platform-dependent IOC requests */
         switch (cmd) { 
         case IOC_LIBCFS_PANIC: 
         /* Handle platform-dependent IOC requests */
         switch (cmd) { 
         case IOC_LIBCFS_PANIC: 
-               if (!capable (CAP_SYS_BOOT)) 
+               if (!cfs_capable(CFS_CAP_SYS_BOOT)) 
                         return (-EPERM); 
                 CERROR(("debugctl-invoked panic"));
          KeBugCheckEx('LUFS', (ULONG_PTR)libcfs_ioctl, (ULONG_PTR)NULL, (ULONG_PTR)NULL, (ULONG_PTR)NULL);
                         return (-EPERM); 
                 CERROR(("debugctl-invoked panic"));
          KeBugCheckEx('LUFS', (ULONG_PTR)libcfs_ioctl, (ULONG_PTR)NULL, (ULONG_PTR)NULL, (ULONG_PTR)NULL);
@@ -145,7 +145,7 @@ libcfs_ioctl(cfs_file_t * file, unsigned int cmd, ulong_ptr arg)
                 return (0);
         case IOC_LIBCFS_MEMHOG:
  
                 return (0);
         case IOC_LIBCFS_MEMHOG:
  
-               if (!capable (CAP_SYS_ADMIN)) 
+               if (!cfs_capable(CFS_CAP_SYS_ADMIN)) 
                         return -EPERM;
          break;
         }
                         return -EPERM;
          break;
         }
diff --git a/lustre/cmm/mdc_object.c b/lustre/cmm/mdc_object.c

index 94d57d3..edc2fb6 100644 (file)
--- a/lustre/cmm/mdc_object.c
+++ b/lustre/cmm/mdc_object.c
@@ -293,7 +293,7 @@ static int mdc_attr_set(const struct lu_env *env, struct md_object *mo,
          } else {
                  mci->mci_opdata.op_fsuid = la->la_uid;
                  mci->mci_opdata.op_fsgid = la->la_gid;
          } else {
                  mci->mci_opdata.op_fsuid = la->la_uid;
                  mci->mci_opdata.op_fsgid = la->la_gid;
-                mci->mci_opdata.op_cap = current->cap_effective;
+                mci->mci_opdata.op_cap = cfs_curproc_cap_pack();
                  mci->mci_opdata.op_suppgids[0] =
                                  mci->mci_opdata.op_suppgids[1] = -1;
          }
                  mci->mci_opdata.op_suppgids[0] =
                                  mci->mci_opdata.op_suppgids[1] = -1;
          }
@@ -319,7 +319,7 @@ static int mdc_object_create(const struct lu_env *env,
          int rc, symlen;
          uid_t uid;
          gid_t gid;
          int rc, symlen;
          uid_t uid;
          gid_t gid;
-        __u32 cap;
+        cfs_cap_t cap;
          ENTRY;
  
          LASSERT(S_ISDIR(la->la_mode));
          ENTRY;
  
          LASSERT(S_ISDIR(la->la_mode));
@@ -415,7 +415,7 @@ static int mdc_ref_add(const struct lu_env *env, struct md_object *mo,
          } else {
                  mci->mci_opdata.op_fsuid = la->la_uid;
                  mci->mci_opdata.op_fsgid = la->la_gid;
          } else {
                  mci->mci_opdata.op_fsuid = la->la_uid;
                  mci->mci_opdata.op_fsgid = la->la_gid;
-                mci->mci_opdata.op_cap = current->cap_effective;
+                mci->mci_opdata.op_cap = cfs_curproc_cap_pack();
                  mci->mci_opdata.op_suppgids[0] =
                                  mci->mci_opdata.op_suppgids[1] = -1;
          }
                  mci->mci_opdata.op_suppgids[0] =
                                  mci->mci_opdata.op_suppgids[1] = -1;
          }
@@ -459,7 +459,7 @@ static int mdc_ref_del(const struct lu_env *env, struct md_object *mo,
          } else {
                  mci->mci_opdata.op_fsuid = la->la_uid;
                  mci->mci_opdata.op_fsgid = la->la_gid;
          } else {
                  mci->mci_opdata.op_fsuid = la->la_uid;
                  mci->mci_opdata.op_fsgid = la->la_gid;
-                mci->mci_opdata.op_cap = current->cap_effective;
+                mci->mci_opdata.op_cap = cfs_curproc_cap_pack();
                  mci->mci_opdata.op_suppgids[0] = -1;
          }
  
                  mci->mci_opdata.op_suppgids[0] = -1;
          }
  
@@ -535,7 +535,7 @@ static int mdc_rename_tgt(const struct lu_env *env, struct md_object *mo_p,
          } else {
                  mci->mci_opdata.op_fsuid = la->la_uid;
                  mci->mci_opdata.op_fsgid = la->la_gid;
          } else {
                  mci->mci_opdata.op_fsuid = la->la_uid;
                  mci->mci_opdata.op_fsgid = la->la_gid;
-                mci->mci_opdata.op_cap = current->cap_effective;
+                mci->mci_opdata.op_cap = cfs_curproc_cap_pack();
                  mci->mci_opdata.op_suppgids[0] =
                                  mci->mci_opdata.op_suppgids[1] = -1;
          }
                  mci->mci_opdata.op_suppgids[0] =
                                  mci->mci_opdata.op_suppgids[1] = -1;
          }
diff --git a/lustre/include/darwin/lvfs.h b/lustre/include/darwin/lvfs.h

index bda6594..a465578 100644 (file)
--- a/lustre/include/darwin/lvfs.h
+++ b/lustre/include/darwin/lvfs.h
@@ -48,7 +48,7 @@
  struct lvfs_ucred { 
         __u32 luc_fsuid; 
         __u32 luc_fsgid; 
  struct lvfs_ucred { 
         __u32 luc_fsuid; 
         __u32 luc_fsgid; 
-       __u32 luc_cap; 
+       cfs_kernel_cap_t luc_cap; 
         __u32 luc_uid; 
         __u32 luc_umask;
  };
         __u32 luc_uid; 
         __u32 luc_umask;
  };
diff --git a/lustre/include/liblustre.h b/lustre/include/liblustre.h

index b62b08a..7539c0a 100644 (file)
--- a/lustre/include/liblustre.h
+++ b/lustre/include/liblustre.h
@@ -261,13 +261,6 @@ typedef struct task_struct cfs_task_t;
  
  extern struct task_struct *current;
  int in_group_p(gid_t gid);
  
  extern struct task_struct *current;
  int in_group_p(gid_t gid);
-static inline int capable(int cap)
-{
-        if (current->cap_effective & (1 << cap))
-                return 1;
-        else
-                return 0;
-}
  
  #define set_current_state(foo) do { current->state = foo; } while (0)
  
  
  #define set_current_state(foo) do { current->state = foo; } while (0)
  
@@ -403,12 +396,6 @@ typedef enum {
      CAP_SET=1
  } cap_flag_value_t;
  
      CAP_SET=1
  } cap_flag_value_t;
  
-#define CAP_DAC_OVERRIDE        1
-#define CAP_DAC_READ_SEARCH     2
-#define CAP_FOWNER              3
-#define CAP_FSETID              4
-#define CAP_SYS_ADMIN          21
-
  cap_t   cap_get_proc(void);
  int     cap_get_flag(cap_t, cap_value_t, cap_flag_t, cap_flag_value_t *);
  
  cap_t   cap_get_proc(void);
  int     cap_get_flag(cap_t, cap_value_t, cap_flag_t, cap_flag_value_t *);
  
diff --git a/lustre/include/linux/lvfs.h b/lustre/include/linux/lvfs.h

index 335373a..26959b5 100644 (file)
--- a/lustre/include/linux/lvfs.h
+++ b/lustre/include/linux/lvfs.h
@@ -62,7 +62,7 @@ struct lvfs_ucred {
          __u32                   luc_gid;
          __u32                   luc_fsuid;
          __u32                   luc_fsgid;
          __u32                   luc_gid;
          __u32                   luc_fsuid;
          __u32                   luc_fsgid;
-        __u32                   luc_cap;
+        cfs_kernel_cap_t        luc_cap;
          __u32                   luc_umask;
         struct group_info      *luc_ginfo;
         struct md_identity     *luc_identity;
          __u32                   luc_umask;
         struct group_info      *luc_ginfo;
         struct md_identity     *luc_identity;
diff --git a/lustre/include/lustre_log.h b/lustre/include/lustre_log.h

index 66ebc17..1ec4384 100644 (file)
--- a/lustre/include/lustre_log.h
+++ b/lustre/include/lustre_log.h
@@ -333,14 +333,6 @@ extern int llog_recov_thread_start(struct llog_commit_master *lcm);
  extern void llog_recov_thread_stop(struct llog_commit_master *lcm, 
                                      int force);
  
  extern void llog_recov_thread_stop(struct llog_commit_master *lcm, 
                                      int force);
  
-#ifndef __KERNEL__
-
-#define cap_raise(c, flag) do {} while(0)
-
-#define CAP_SYS_RESOURCE 24
-
-#endif   /* !__KERNEL__ */
-
  static inline void llog_gen_init(struct llog_ctxt *ctxt)
  {
          struct obd_device *obd = ctxt->loc_exp->exp_obd;
  static inline void llog_gen_init(struct llog_ctxt *ctxt)
  {
          struct obd_device *obd = ctxt->loc_exp->exp_obd;
@@ -488,8 +480,7 @@ static inline int llog_write_rec(struct llog_handle *handle,
                                   int numcookies, void *buf, int idx)
  {
          struct llog_operations *lop;
                                   int numcookies, void *buf, int idx)
  {
          struct llog_operations *lop;
-        __u32 cap;
-        int rc, buflen;
+        int raised, rc, buflen;
          ENTRY;
  
          rc = llog_handle2ops(handle, &lop);
          ENTRY;
  
          rc = llog_handle2ops(handle, &lop);
@@ -506,10 +497,12 @@ static inline int llog_write_rec(struct llog_handle *handle,
                  buflen = rec->lrh_len;
          LASSERT(size_round(buflen) == buflen);
  
                  buflen = rec->lrh_len;
          LASSERT(size_round(buflen) == buflen);
  
-        cap = current->cap_effective;             
-        cap_raise(current->cap_effective, CAP_SYS_RESOURCE); 
+        raised = cfs_cap_raised(CFS_CAP_SYS_RESOURCE);
+        if (!raised)
+                cfs_cap_raise(CFS_CAP_SYS_RESOURCE); 
          rc = lop->lop_write_rec(handle, rec, logcookies, numcookies, buf, idx);
          rc = lop->lop_write_rec(handle, rec, logcookies, numcookies, buf, idx);
-        current->cap_effective = cap; 
+        if (!raised)
+                cfs_cap_lower(CFS_CAP_SYS_RESOURCE); 
          RETURN(rc);
  }
  
          RETURN(rc);
  }
  
@@ -605,8 +598,7 @@ static inline int llog_create(struct llog_ctxt *ctxt, struct llog_handle **res,
                                struct llog_logid *logid, char *name)
  {
          struct llog_operations *lop;
                                struct llog_logid *logid, char *name)
  {
          struct llog_operations *lop;
-        __u32 cap;
-        int rc;
+        int raised, rc;
          ENTRY;
  
          rc = llog_obd2ops(ctxt, &lop);
          ENTRY;
  
          rc = llog_obd2ops(ctxt, &lop);
@@ -615,10 +607,12 @@ static inline int llog_create(struct llog_ctxt *ctxt, struct llog_handle **res,
          if (lop->lop_create == NULL)
                  RETURN(-EOPNOTSUPP);
  
          if (lop->lop_create == NULL)
                  RETURN(-EOPNOTSUPP);
  
-        cap = current->cap_effective;             
-        cap_raise(current->cap_effective, CAP_SYS_RESOURCE);
+        raised = cfs_cap_raised(CFS_CAP_SYS_RESOURCE);
+        if (!raised)
+                cfs_cap_raise(CFS_CAP_SYS_RESOURCE);
          rc = lop->lop_create(ctxt, res, logid, name);
          rc = lop->lop_create(ctxt, res, logid, name);
-        current->cap_effective = cap; 
+        if (!raised)
+                cfs_cap_lower(CFS_CAP_SYS_RESOURCE);
          RETURN(rc);
  }
  
          RETURN(rc);
  }
  
diff --git a/lustre/include/md_object.h b/lustre/include/md_object.h

index b543013..ceb85a8 100644 (file)
--- a/lustre/include/md_object.h
+++ b/lustre/include/md_object.h
@@ -81,7 +81,7 @@ struct md_ucred {
          __u32                   mu_fsuid;
          __u32                   mu_fsgid;
          __u32                   mu_suppgids[2];
          __u32                   mu_fsuid;
          __u32                   mu_fsgid;
          __u32                   mu_suppgids[2];
-        __u32                   mu_cap;
+        cfs_cap_t               mu_cap;
          __u32                   mu_umask;
         struct group_info      *mu_ginfo;
         struct md_identity *mu_identity;
          __u32                   mu_umask;
         struct group_info      *mu_ginfo;
         struct md_identity *mu_identity;
diff --git a/lustre/include/obd.h b/lustre/include/obd.h

index 54e7e92..109c9af 100644 (file)
--- a/lustre/include/obd.h
+++ b/lustre/include/obd.h
@@ -1094,7 +1094,7 @@ struct md_op_data {
          __u32                   op_suppgids[2];
          __u32                   op_fsuid;
          __u32                   op_fsgid;
          __u32                   op_suppgids[2];
          __u32                   op_fsuid;
          __u32                   op_fsgid;
-        __u32                   op_cap;
+        cfs_cap_t               op_cap;
          void                   *op_data;
  
          /* iattr fields and blocks. */
          void                   *op_data;
  
          /* iattr fields and blocks. */
@@ -1400,7 +1400,7 @@ struct md_ops {
          int (*m_close)(struct obd_export *, struct md_op_data *,
                         struct md_open_data *, struct ptlrpc_request **);
          int (*m_create)(struct obd_export *, struct md_op_data *,
          int (*m_close)(struct obd_export *, struct md_op_data *,
                         struct md_open_data *, struct ptlrpc_request **);
          int (*m_create)(struct obd_export *, struct md_op_data *,
-                        const void *, int, int, __u32, __u32, __u32,
+                        const void *, int, int, __u32, __u32, cfs_cap_t,
                          __u64, struct ptlrpc_request **);
          int (*m_done_writing)(struct obd_export *, struct md_op_data  *,
                                struct md_open_data *);
                          __u64, struct ptlrpc_request **);
          int (*m_done_writing)(struct obd_export *, struct md_op_data  *,
                                struct md_open_data *);
diff --git a/lustre/include/obd_class.h b/lustre/include/obd_class.h

index 0fa132c..8a73f27 100644 (file)
--- a/lustre/include/obd_class.h
+++ b/lustre/include/obd_class.h
@@ -1855,7 +1855,7 @@ static inline int md_close(struct obd_export *exp, struct md_op_data *op_data,
  
  static inline int md_create(struct obd_export *exp, struct md_op_data *op_data,
                              const void *data, int datalen, int mode, __u32 uid,
  
  static inline int md_create(struct obd_export *exp, struct md_op_data *op_data,
                              const void *data, int datalen, int mode, __u32 uid,
-                            __u32 gid, __u32 cap_effective, __u64 rdev,
+                            __u32 gid, cfs_cap_t cap_effective, __u64 rdev,
                              struct ptlrpc_request **request)
  {
          int rc;
                              struct ptlrpc_request **request)
  {
          int rc;
diff --git a/lustre/liblustre/lutil.c b/lustre/liblustre/lutil.c

index 1a832bb..0de50cf 100644 (file)
--- a/lustre/liblustre/lutil.c
+++ b/lustre/liblustre/lutil.c
@@ -228,6 +228,34 @@ int liblustre_init_current(char *comm)
          return 0;
  }
  
          return 0;
  }
  
+void cfs_cap_raise(cfs_cap_t cap)
+{
+        current->cap_effective |= (1 << cap);
+}
+
+void cfs_cap_lower(cfs_cap_t cap)
+{
+        current->cap_effective &= ~(1 << cap);
+}
+
+int cfs_cap_raised(cfs_cap_t cap)
+{
+        return current->cap_effective & (1 << cap);
+}
+
+cfs_cap_t cfs_curproc_cap_pack(void) {
+        return cfs_current()->cap_effective;
+}
+
+void cfs_curproc_cap_unpack(cfs_cap_t cap) {
+        cfs_current()->cap_effective = cap;
+}
+
+int cfs_capable(cfs_cap_t cap)
+{
+        return cfs_cap_raised(cap);
+}
+
  int init_lib_portals()
  {
          int rc;
  int init_lib_portals()
  {
          int rc;
diff --git a/lustre/liblustre/super.c b/lustre/liblustre/super.c

index 4c9aaad..552a586 100644 (file)
--- a/lustre/liblustre/super.c
+++ b/lustre/liblustre/super.c
@@ -92,12 +92,12 @@ static int ll_permission(struct inode *inode, int mask)
  
          if ((mask & (MAY_READ|MAY_WRITE)) ||
              (st->st_mode & S_IXUGO))
  
          if ((mask & (MAY_READ|MAY_WRITE)) ||
              (st->st_mode & S_IXUGO))
-                if (capable(CAP_DAC_OVERRIDE))
+                if (cfs_capable(CFS_CAP_DAC_OVERRIDE))
                          return 0;
  
          if (mask == MAY_READ ||
              (S_ISDIR(st->st_mode) && !(mask & MAY_WRITE))) {
                          return 0;
  
          if (mask == MAY_READ ||
              (S_ISDIR(st->st_mode) && !(mask & MAY_WRITE))) {
-                if (capable(CAP_DAC_READ_SEARCH))
+                if (cfs_capable(CFS_CAP_DAC_READ_SEARCH))
                          return 0;
          }
  
                          return 0;
          }
  
@@ -635,7 +635,7 @@ static int inode_setattr(struct inode * inode, struct iattr * attr)
                  st->st_ctime = attr->ia_ctime;
          if (ia_valid & ATTR_MODE) {
                  st->st_mode = attr->ia_mode;
                  st->st_ctime = attr->ia_ctime;
          if (ia_valid & ATTR_MODE) {
                  st->st_mode = attr->ia_mode;
-                if (!in_group_p(st->st_gid) && !capable(CAP_FSETID))
+                if (!in_group_p(st->st_gid) && !cfs_capable(CFS_CAP_FSETID))
                          st->st_mode &= ~S_ISGID;
          }
          /* mark_inode_dirty(inode); */
                          st->st_mode &= ~S_ISGID;
          }
          /* mark_inode_dirty(inode); */
@@ -821,7 +821,7 @@ int llu_setattr_raw(struct inode *inode, struct iattr *attr)
                          } else {
                                  /* from inode_change_ok() */
                                  if (current->fsuid != st->st_uid &&
                          } else {
                                  /* from inode_change_ok() */
                                  if (current->fsuid != st->st_uid &&
-                                    !capable(CAP_FOWNER))
+                                    !cfs_capable(CFS_CAP_FOWNER))
                                          RETURN(-EPERM);
                          }
                  }
                                          RETURN(-EPERM);
                          }
                  }
@@ -979,10 +979,9 @@ static int llu_iop_symlink_raw(struct pnode *pno, const char *tgt)
          llu_prep_md_op_data(&op_data, dir, NULL, name, len, 0, 
                              LUSTRE_OPC_SYMLINK);
  
          llu_prep_md_op_data(&op_data, dir, NULL, name, len, 0, 
                              LUSTRE_OPC_SYMLINK);
  
-        err = md_create(sbi->ll_md_exp, &op_data,
-                        tgt, strlen(tgt) + 1, S_IFLNK | S_IRWXUGO,
-                        current->fsuid, current->fsgid, current->cap_effective,
-                        0, &request);
+        err = md_create(sbi->ll_md_exp, &op_data, tgt, strlen(tgt) + 1,
+                        S_IFLNK | S_IRWXUGO, current->fsuid, current->fsgid,
+                        cfs_curproc_cap_pack(), 0, &request);
          ptlrpc_req_finished(request);
          liblustre_wait_event(0);
          RETURN(err);
          ptlrpc_req_finished(request);
          liblustre_wait_event(0);
          RETURN(err);
@@ -1108,7 +1107,7 @@ static int llu_iop_mknod_raw(struct pnode *pno,
  
                  err = md_create(sbi->ll_md_exp, &op_data, NULL, 0, mode,
                                  current->fsuid, current->fsgid,
  
                  err = md_create(sbi->ll_md_exp, &op_data, NULL, 0, mode,
                                  current->fsuid, current->fsgid,
-                                current->cap_effective, dev, &request);
+                                cfs_curproc_cap_pack(), dev, &request);
                  ptlrpc_req_finished(request);
                  break;
          case S_IFDIR:
                  ptlrpc_req_finished(request);
                  break;
          case S_IFDIR:
@@ -1343,7 +1342,7 @@ static int llu_iop_mkdir_raw(struct pnode *pno, mode_t mode)
  
          err = md_create(llu_i2sbi(dir)->ll_md_exp, &op_data, NULL, 0,
                          mode | S_IFDIR, current->fsuid, current->fsgid,
  
          err = md_create(llu_i2sbi(dir)->ll_md_exp, &op_data, NULL, 0,
                          mode | S_IFDIR, current->fsuid, current->fsgid,
-                        current->cap_effective, 0, &request);
+                        cfs_curproc_cap_pack(), 0, &request);
          ptlrpc_req_finished(request);
          liblustre_wait_event(0);
          RETURN(err);
          ptlrpc_req_finished(request);
          liblustre_wait_event(0);
          RETURN(err);
diff --git a/lustre/llite/dir.c b/lustre/llite/dir.c

index 708b01a..55fa6a8 100644 (file)
--- a/lustre/llite/dir.c
+++ b/lustre/llite/dir.c
@@ -949,7 +949,7 @@ static int ll_dir_ioctl(struct inode *inode, struct file *file,
                  struct obd_quotactl *oqctl;
                  int rc, error = 0;
  
                  struct obd_quotactl *oqctl;
                  int rc, error = 0;
  
-                if (!capable(CAP_SYS_ADMIN))
+                if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                          RETURN(-EPERM);
  
                  OBD_ALLOC_PTR(oqctl);
                          RETURN(-EPERM);
  
                  OBD_ALLOC_PTR(oqctl);
@@ -973,7 +973,7 @@ static int ll_dir_ioctl(struct inode *inode, struct file *file,
                  struct if_quotacheck *check;
                  int rc;
  
                  struct if_quotacheck *check;
                  int rc;
  
-                if (!capable(CAP_SYS_ADMIN))
+                if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                          RETURN(-EPERM);
  
                  OBD_ALLOC_PTR(check);
                          RETURN(-EPERM);
  
                  OBD_ALLOC_PTR(check);
@@ -1028,13 +1028,13 @@ static int ll_dir_ioctl(struct inode *inode, struct file *file,
                  case Q_QUOTAOFF:
                  case Q_SETQUOTA:
                  case Q_SETINFO:
                  case Q_QUOTAOFF:
                  case Q_SETQUOTA:
                  case Q_SETINFO:
-                        if (!capable(CAP_SYS_ADMIN))
+                        if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                                  GOTO(out_quotactl, rc = -EPERM);
                          break;
                  case Q_GETQUOTA:
                          if (((type == USRQUOTA && current->euid != id) ||
                               (type == GRPQUOTA && !in_egroup_p(id))) &&
                                  GOTO(out_quotactl, rc = -EPERM);
                          break;
                  case Q_GETQUOTA:
                          if (((type == USRQUOTA && current->euid != id) ||
                               (type == GRPQUOTA && !in_egroup_p(id))) &&
-                            !capable(CAP_SYS_ADMIN))
+                            !cfs_capable(CFS_CAP_SYS_ADMIN))
                                  GOTO(out_quotactl, rc = -EPERM);
  
                          /* XXX: dqb_valid is borrowed as a flag to mark that
                                  GOTO(out_quotactl, rc = -EPERM);
  
                          /* XXX: dqb_valid is borrowed as a flag to mark that
diff --git a/lustre/llite/file.c b/lustre/llite/file.c

index c46aa0b..04e3c41 100644 (file)
--- a/lustre/llite/file.c
+++ b/lustre/llite/file.c
@@ -1973,7 +1973,7 @@ static int ll_lov_recreate_obj(struct inode *inode, struct file *file,
          struct lov_stripe_md *lsm, *lsm2;
          ENTRY;
  
          struct lov_stripe_md *lsm, *lsm2;
          ENTRY;
  
-        if (!capable (CAP_SYS_ADMIN))
+        if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                  RETURN(-EPERM);
  
          rc = copy_from_user(&ucreatp, (struct ll_recreate_obj *)arg,
                  RETURN(-EPERM);
  
          rc = copy_from_user(&ucreatp, (struct ll_recreate_obj *)arg,
@@ -2173,7 +2173,7 @@ static int ll_lov_setea(struct inode *inode, struct file *file,
          int rc;
          ENTRY;
  
          int rc;
          ENTRY;
  
-        if (!capable (CAP_SYS_ADMIN))
+        if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                  RETURN(-EPERM);
  
          OBD_ALLOC(lump, lum_size);
                  RETURN(-EPERM);
  
          OBD_ALLOC(lump, lum_size);
@@ -3214,10 +3214,10 @@ check_groups:
  check_capabilities:
          if (!(mask & MAY_EXEC) ||
              (inode->i_mode & S_IXUGO) || S_ISDIR(inode->i_mode))
  check_capabilities:
          if (!(mask & MAY_EXEC) ||
              (inode->i_mode & S_IXUGO) || S_ISDIR(inode->i_mode))
-                if (capable(CAP_DAC_OVERRIDE))
+                if (cfs_capable(CFS_CAP_DAC_OVERRIDE))
                          return 0;
  
                          return 0;
  
-        if (capable(CAP_DAC_READ_SEARCH) && ((mask == MAY_READ) ||
+        if (cfs_capable(CFS_CAP_DAC_READ_SEARCH) && ((mask == MAY_READ) ||
              (S_ISDIR(inode->i_mode) && !(mask & MAY_WRITE))))
                  return 0;
  
              (S_ISDIR(inode->i_mode) && !(mask & MAY_WRITE))))
                  return 0;
  
diff --git a/lustre/llite/llite_lib.c b/lustre/llite/llite_lib.c

index 4c165a5..b42fb5a 100644 (file)
--- a/lustre/llite/llite_lib.c
+++ b/lustre/llite/llite_lib.c
@@ -1513,7 +1513,8 @@ int ll_setattr_raw(struct inode *inode, struct iattr *attr)
  
          /* POSIX: check before ATTR_*TIME_SET set (from inode_change_ok) */
          if (ia_valid & (ATTR_MTIME_SET | ATTR_ATIME_SET)) {
  
          /* POSIX: check before ATTR_*TIME_SET set (from inode_change_ok) */
          if (ia_valid & (ATTR_MTIME_SET | ATTR_ATIME_SET)) {
-                if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
+                if (current->fsuid != inode->i_uid &&
+                    !cfs_capable(CFS_CAP_FOWNER))
                          RETURN(-EPERM);
          }
  
                          RETURN(-EPERM);
          }
  
@@ -2399,7 +2400,7 @@ struct md_op_data * ll_prep_md_op_data(struct md_op_data *op_data,
          op_data->op_mod_time = cfs_time_current_sec();
          op_data->op_fsuid = current->fsuid;
          op_data->op_fsgid = current->fsgid;
          op_data->op_mod_time = cfs_time_current_sec();
          op_data->op_fsuid = current->fsuid;
          op_data->op_fsgid = current->fsgid;
-        op_data->op_cap = current->cap_effective;
+        op_data->op_cap = cfs_curproc_cap_pack();
          op_data->op_bias = MDS_CHECK_SPLIT;
          op_data->op_opc = opc;
          op_data->op_mds = 0;
          op_data->op_bias = MDS_CHECK_SPLIT;
          op_data->op_opc = opc;
          op_data->op_mds = 0;
diff --git a/lustre/llite/namei.c b/lustre/llite/namei.c

index 1bd7c2c..cd46159 100644 (file)
--- a/lustre/llite/namei.c
+++ b/lustre/llite/namei.c
@@ -847,7 +847,7 @@ static int ll_new_node(struct inode *dir, struct qstr *name,
  
          err = md_create(sbi->ll_md_exp, op_data, tgt, tgt_len, mode,
                          current->fsuid, current->fsgid,
  
          err = md_create(sbi->ll_md_exp, op_data, tgt, tgt_len, mode,
                          current->fsuid, current->fsgid,
-                        current->cap_effective, rdev, &request);
+                        cfs_curproc_cap_pack(), rdev, &request);
          ll_finish_md_op_data(op_data);
          if (err)
                  GOTO(err_exit, err);
          ll_finish_md_op_data(op_data);
          if (err)
                  GOTO(err_exit, err);
diff --git a/lustre/llite/rw.c b/lustre/llite/rw.c

index 3d62c58..41b177a 100644 (file)
--- a/lustre/llite/rw.c
+++ b/lustre/llite/rw.c
@@ -1029,7 +1029,7 @@ int ll_commit_write(struct file *file, struct page *page, unsigned from,
          if (exp == NULL)
                  RETURN(-EINVAL);
  
          if (exp == NULL)
                  RETURN(-EINVAL);
  
-        llap->llap_ignore_quota = capable(CAP_SYS_RESOURCE);
+        llap->llap_ignore_quota = cfs_capable(CFS_CAP_SYS_RESOURCE);
  
          /*
           * queue a write for some time in the future the first time we
  
          /*
           * queue a write for some time in the future the first time we
@@ -2229,7 +2229,7 @@ static int ll_file_oig_pages(struct inode * inode, struct page **pages,
          if (rc)
                  RETURN(rc);
          brw_flags = OBD_BRW_SRVLOCK;
          if (rc)
                  RETURN(rc);
          brw_flags = OBD_BRW_SRVLOCK;
-        if (capable(CAP_SYS_RESOURCE))
+        if (cfs_capable(CFS_CAP_SYS_RESOURCE))
                  brw_flags |= OBD_BRW_NOQUOTA;
  
          for (i = 0; i < numpages; i++) {
                  brw_flags |= OBD_BRW_NOQUOTA;
  
          for (i = 0; i < numpages; i++) {
diff --git a/lustre/llite/xattr.c b/lustre/llite/xattr.c

index 28075a9..2749725 100644 (file)
--- a/lustre/llite/xattr.c
+++ b/lustre/llite/xattr.c
@@ -101,7 +101,7 @@ int xattr_type_filter(struct ll_sb_info *sbi, int xattr_type)
  
          if (xattr_type == XATTR_USER_T && !(sbi->ll_flags & LL_SBI_USER_XATTR))
                  return -EOPNOTSUPP;
  
          if (xattr_type == XATTR_USER_T && !(sbi->ll_flags & LL_SBI_USER_XATTR))
                  return -EOPNOTSUPP;
-        if (xattr_type == XATTR_TRUSTED_T && !capable(CAP_SYS_ADMIN))
+        if (xattr_type == XATTR_TRUSTED_T && !cfs_capable(CFS_CAP_SYS_ADMIN))
                  return -EPERM;
          if (xattr_type == XATTR_OTHER_T)
                  return -EOPNOTSUPP;
                  return -EPERM;
          if (xattr_type == XATTR_OTHER_T)
                  return -EOPNOTSUPP;
diff --git a/lustre/lmv/lmv_obd.c b/lustre/lmv/lmv_obd.c

index cd96327..4a30926 100644 (file)
--- a/lustre/lmv/lmv_obd.c
+++ b/lustre/lmv/lmv_obd.c
@@ -1378,7 +1378,7 @@ cleanup:
  
  int lmv_create(struct obd_export *exp, struct md_op_data *op_data,
                 const void *data, int datalen, int mode, __u32 uid,
  
  int lmv_create(struct obd_export *exp, struct md_op_data *op_data,
                 const void *data, int datalen, int mode, __u32 uid,
-               __u32 gid, __u32 cap_effective,  __u64 rdev,
+               __u32 gid, cfs_cap_t cap_effective, __u64 rdev,
                 struct ptlrpc_request **request)
  {
          struct obd_device *obd = exp->exp_obd;
                 struct ptlrpc_request **request)
  {
          struct obd_device *obd = exp->exp_obd;
@@ -1897,7 +1897,7 @@ repeat:
  
          op_data->op_fsuid = current->fsuid;
          op_data->op_fsgid = current->fsgid;
  
          op_data->op_fsuid = current->fsuid;
          op_data->op_fsgid = current->fsgid;
-        op_data->op_cap   = current->cap_effective;
+        op_data->op_cap = cfs_curproc_cap_pack();
  
          tgt_exp = lmv->tgts[mds].ltd_exp;
          if (op_data->op_namelen) {
  
          tgt_exp = lmv->tgts[mds].ltd_exp;
          if (op_data->op_namelen) {
@@ -2021,7 +2021,7 @@ repeat:
  request:
          op_data->op_fsuid = current->fsuid;
          op_data->op_fsgid = current->fsgid;
  request:
          op_data->op_fsuid = current->fsuid;
          op_data->op_fsgid = current->fsgid;
-        op_data->op_cap   = current->cap_effective;
+        op_data->op_cap = cfs_curproc_cap_pack();
  
          src_exp = lmv_get_export(lmv, mds1);
          tgt_exp = lmv_get_export(lmv, mds2);
  
          src_exp = lmv_get_export(lmv, mds1);
          tgt_exp = lmv_get_export(lmv, mds2);
@@ -2468,7 +2468,7 @@ repeat:
  
          op_data->op_fsuid = current->fsuid;
          op_data->op_fsgid = current->fsgid;
  
          op_data->op_fsuid = current->fsuid;
          op_data->op_fsgid = current->fsgid;
-        op_data->op_cap   = current->cap_effective;
+        op_data->op_cap = cfs_curproc_cap_pack();
  
          /* If child's fid is given, cancel unused locks for it if it is from
           * another export than parent. */
  
          /* If child's fid is given, cancel unused locks for it if it is from
           * another export than parent. */
diff --git a/lustre/lvfs/fsfilt_ext3.c b/lustre/lvfs/fsfilt_ext3.c

index dd7292d..1577be7 100644 (file)
--- a/lustre/lvfs/fsfilt_ext3.c
+++ b/lustre/lvfs/fsfilt_ext3.c
@@ -523,7 +523,8 @@ static int fsfilt_ext3_setattr(struct dentry *dentry, void *handle,
                  if (iattr->ia_valid & ATTR_MODE) {
                          inode->i_mode = iattr->ia_mode;
  
                  if (iattr->ia_valid & ATTR_MODE) {
                          inode->i_mode = iattr->ia_mode;
  
-                        if (!in_group_p(inode->i_gid) && !capable(CAP_FSETID))
+                        if (!in_group_p(inode->i_gid) &&
+                            !cfs_capable(CFS_CAP_FSETID))
                                  inode->i_mode &= ~S_ISGID;
                  }
  
                                  inode->i_mode &= ~S_ISGID;
                  }
  
diff --git a/lustre/mdc/mdc_internal.h b/lustre/mdc/mdc_internal.h

index 0676f0d..62b85bf 100644 (file)
--- a/lustre/mdc/mdc_internal.h
+++ b/lustre/mdc/mdc_internal.h
@@ -64,7 +64,7 @@ void mdc_setattr_pack(struct ptlrpc_request *req, struct md_op_data *op_data,
                       void *ea, int ealen, void *ea2, int ea2len);
  void mdc_create_pack(struct ptlrpc_request *req, struct md_op_data *op_data,
                       const void *data, int datalen, __u32 mode, __u32 uid,
                       void *ea, int ealen, void *ea2, int ea2len);
  void mdc_create_pack(struct ptlrpc_request *req, struct md_op_data *op_data,
                       const void *data, int datalen, __u32 mode, __u32 uid,
-                     __u32 gid, __u32 cap_effective, __u64 rdev);
+                     __u32 gid, cfs_cap_t capability, __u64 rdev);
  void mdc_open_pack(struct ptlrpc_request *req, struct md_op_data *op_data,
                     __u32 mode, __u64 rdev, __u32 flags, const void *data,
                     int datalen);
  void mdc_open_pack(struct ptlrpc_request *req, struct md_op_data *op_data,
                     __u32 mode, __u64 rdev, __u32 flags, const void *data,
                     int datalen);
@@ -144,7 +144,8 @@ void mdc_commit_delayed(struct ptlrpc_request *req);
  
  int mdc_create(struct obd_export *exp, struct md_op_data *op_data,
                 const void *data, int datalen, int mode, __u32 uid, __u32 gid,
  
  int mdc_create(struct obd_export *exp, struct md_op_data *op_data,
                 const void *data, int datalen, int mode, __u32 uid, __u32 gid,
-               __u32 cap_effective, __u64 rdev, struct ptlrpc_request **request);
+               cfs_cap_t capability, __u64 rdev,
+               struct ptlrpc_request **request);
  int mdc_link(struct obd_export *exp, struct md_op_data *op_data,
               struct ptlrpc_request **request);
  int mdc_rename(struct obd_export *exp, struct md_op_data *op_data,
  int mdc_link(struct obd_export *exp, struct md_op_data *op_data,
               struct ptlrpc_request **request);
  int mdc_rename(struct obd_export *exp, struct md_op_data *op_data,
diff --git a/lustre/mdc/mdc_lib.c b/lustre/mdc/mdc_lib.c

index a293b36..dc5aa09 100644 (file)
--- a/lustre/mdc/mdc_lib.c
+++ b/lustre/mdc/mdc_lib.c
@@ -59,7 +59,7 @@ static void __mdc_pack_body(struct mdt_body *b, __u32 suppgid)
          b->gid = current->gid;
          b->fsuid = current->fsuid;
          b->fsgid = current->fsgid;
          b->gid = current->gid;
          b->fsuid = current->fsuid;
          b->fsgid = current->fsgid;
-        b->capability = current->cap_effective;
+        b->capability = cfs_curproc_cap_pack();
  }
  
  void mdc_pack_capa(struct ptlrpc_request *req, const struct req_msg_field *field,
  }
  
  void mdc_pack_capa(struct ptlrpc_request *req, const struct req_msg_field *field,
@@ -128,7 +128,7 @@ void mdc_readdir_pack(struct ptlrpc_request *req, __u64 pgoff,
  /* packing of MDS records */
  void mdc_create_pack(struct ptlrpc_request *req, struct md_op_data *op_data,
                       const void *data, int datalen, __u32 mode,
  /* packing of MDS records */
  void mdc_create_pack(struct ptlrpc_request *req, struct md_op_data *op_data,
                       const void *data, int datalen, __u32 mode,
-                     __u32 uid, __u32 gid, __u32 cap_effective, __u64 rdev)
+                     __u32 uid, __u32 gid, cfs_cap_t cap_effective, __u64 rdev)
  {
          struct mdt_rec_create *rec;
          char                  *tmp;
  {
          struct mdt_rec_create *rec;
          char                  *tmp;
@@ -218,7 +218,7 @@ void mdc_open_pack(struct ptlrpc_request *req, struct md_op_data *op_data,
          rec->cr_opcode   = REINT_OPEN;
          rec->cr_fsuid    = current->fsuid;
          rec->cr_fsgid    = current->fsgid;
          rec->cr_opcode   = REINT_OPEN;
          rec->cr_fsuid    = current->fsuid;
          rec->cr_fsgid    = current->fsgid;
-        rec->cr_cap      = current->cap_effective;
+        rec->cr_cap      = cfs_curproc_cap_pack();
          if (op_data != NULL) {
                  rec->cr_fid1 = op_data->op_fid1;
                  rec->cr_fid2 = op_data->op_fid2;
          if (op_data != NULL) {
                  rec->cr_fid1 = op_data->op_fid1;
                  rec->cr_fid2 = op_data->op_fid2;
@@ -298,7 +298,7 @@ static void mdc_setattr_pack_rec(struct mdt_rec_setattr *rec,
          rec->sa_opcode  = REINT_SETATTR;
          rec->sa_fsuid   = current->fsuid;
          rec->sa_fsgid   = current->fsgid;
          rec->sa_opcode  = REINT_SETATTR;
          rec->sa_fsuid   = current->fsuid;
          rec->sa_fsgid   = current->fsgid;
-        rec->sa_cap     = current->cap_effective;
+        rec->sa_cap     = cfs_curproc_cap_pack();
          rec->sa_suppgid = -1;
  
          rec->sa_fid    = op_data->op_fid1;
          rec->sa_suppgid = -1;
  
          rec->sa_fid    = op_data->op_fid1;
@@ -452,7 +452,7 @@ void mdc_getattr_pack(struct ptlrpc_request *req, __u64 valid, int flags,
  
          b->fsuid = current->fsuid;
          b->fsgid = current->fsgid;
  
          b->fsuid = current->fsuid;
          b->fsgid = current->fsgid;
-        b->capability = current->cap_effective;
+        b->capability = cfs_curproc_cap_pack();
          b->valid = valid;
          if (op_data->op_bias & MDS_CHECK_SPLIT)
                  b->valid |= OBD_MD_FLCKSPLIT;
          b->valid = valid;
          if (op_data->op_bias & MDS_CHECK_SPLIT)
                  b->valid |= OBD_MD_FLCKSPLIT;
diff --git a/lustre/mdc/mdc_reint.c b/lustre/mdc/mdc_reint.c

index c45907f..67effaf 100644 (file)
--- a/lustre/mdc/mdc_reint.c
+++ b/lustre/mdc/mdc_reint.c
@@ -205,7 +205,8 @@ int mdc_setattr(struct obd_export *exp, struct md_op_data *op_data,
  
  int mdc_create(struct obd_export *exp, struct md_op_data *op_data,
                 const void *data, int datalen, int mode, __u32 uid, __u32 gid,
  
  int mdc_create(struct obd_export *exp, struct md_op_data *op_data,
                 const void *data, int datalen, int mode, __u32 uid, __u32 gid,
-               __u32 cap_effective, __u64 rdev, struct ptlrpc_request **request)
+               cfs_cap_t cap_effective, __u64 rdev,
+               struct ptlrpc_request **request)
  {
          struct ptlrpc_request *req;
          int level, rc;
  {
          struct ptlrpc_request *req;
          int level, rc;
diff --git a/lustre/mdc/mdc_request.c b/lustre/mdc/mdc_request.c

index 7bfe0cd..2ebe9a2 100644 (file)
--- a/lustre/mdc/mdc_request.c
+++ b/lustre/mdc/mdc_request.c
@@ -374,7 +374,7 @@ static int mdc_xattr_common(struct obd_export *exp,const struct req_format *fmt,
                   */
                  rec->sx_fsuid  = current->fsuid;
                  rec->sx_fsgid  = current->fsgid;
                   */
                  rec->sx_fsuid  = current->fsuid;
                  rec->sx_fsgid  = current->fsgid;
-                rec->sx_cap    = current->cap_effective;
+                rec->sx_cap    = cfs_curproc_cap_pack();
                  rec->sx_suppgid1 = suppgid;
                  rec->sx_suppgid2 = -1;
                  rec->sx_fid    = *fid;
                  rec->sx_suppgid1 = suppgid;
                  rec->sx_suppgid2 = -1;
                  rec->sx_fid    = *fid;
diff --git a/lustre/mdd/mdd_dir.c b/lustre/mdd/mdd_dir.c

index 1c76e3d..8692b23 100644 (file)
--- a/lustre/mdd/mdd_dir.c
+++ b/lustre/mdd/mdd_dir.c
@@ -359,7 +359,7 @@ static inline int mdd_is_sticky(const struct lu_env *env,
          if (tmp_la->la_uid == uc->mu_fsuid)
                  return 0;
          
          if (tmp_la->la_uid == uc->mu_fsuid)
                  return 0;
          
-        return !mdd_capable(uc, CAP_FOWNER);
+        return !mdd_capable(uc, CFS_CAP_FOWNER);
  }
  
  /*
  }
  
  /*
diff --git a/lustre/mdd/mdd_internal.h b/lustre/mdd/mdd_internal.h

index 2747678..5263556 100644 (file)
--- a/lustre/mdd/mdd_internal.h
+++ b/lustre/mdd/mdd_internal.h
@@ -326,7 +326,7 @@ struct mdd_object *mdd_object_find(const struct lu_env *env,
  #define mdd_cap_raised(c, flag) (mdd_cap_t(c) & MDD_CAP_TO_MASK(flag))
  
  /* capable() is copied from linux kernel! */
  #define mdd_cap_raised(c, flag) (mdd_cap_t(c) & MDD_CAP_TO_MASK(flag))
  
  /* capable() is copied from linux kernel! */
-static inline int mdd_capable(struct md_ucred *uc, int cap)
+static inline int mdd_capable(struct md_ucred *uc, cfs_cap_t cap)
  {
          if (mdd_cap_raised(uc->mu_cap, cap))
                  return 1;
  {
          if (mdd_cap_raised(uc->mu_cap, cap))
                  return 1;
diff --git a/lustre/mdd/mdd_lov.c b/lustre/mdd/mdd_lov.c

index 9e07607..182a8b7 100644 (file)
--- a/lustre/mdd/mdd_lov.c
+++ b/lustre/mdd/mdd_lov.c
@@ -294,7 +294,8 @@ int mdd_lsm_sanity_check(const struct lu_env *env,  struct mdd_object *obj)
          if (rc)
                  RETURN(rc);
  
          if (rc)
                  RETURN(rc);
  
-        if ((uc->mu_fsuid != tmp_la->la_uid) && !mdd_capable(uc, CAP_FOWNER))
+        if ((uc->mu_fsuid != tmp_la->la_uid) &&
+            !mdd_capable(uc, CFS_CAP_FOWNER))
                  rc = mdd_permission_internal_locked(env, obj, tmp_la,
                                                      MAY_WRITE);
  
                  rc = mdd_permission_internal_locked(env, obj, tmp_la,
                                                      MAY_WRITE);
  
diff --git a/lustre/mdd/mdd_object.c b/lustre/mdd/mdd_object.c

index 39d3814..1f49ce0 100644 (file)
--- a/lustre/mdd/mdd_object.c
+++ b/lustre/mdd/mdd_object.c
@@ -696,7 +696,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj,
                                  (LUSTRE_IMMUTABLE_FL | LUSTRE_APPEND_FL);
  
                  if ((uc->mu_fsuid != tmp_la->la_uid) &&
                                  (LUSTRE_IMMUTABLE_FL | LUSTRE_APPEND_FL);
  
                  if ((uc->mu_fsuid != tmp_la->la_uid) &&
-                    !mdd_capable(uc, CAP_FOWNER))
+                    !mdd_capable(uc, CFS_CAP_FOWNER))
                          RETURN(-EPERM);
  
                  /* XXX: the IMMUTABLE and APPEND_ONLY flags can
                          RETURN(-EPERM);
  
                  /* XXX: the IMMUTABLE and APPEND_ONLY flags can
@@ -706,7 +706,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj,
                  if (mdd_is_append(obj))
                          oldflags |= LUSTRE_APPEND_FL; 
                  if ((oldflags ^ newflags) &&
                  if (mdd_is_append(obj))
                          oldflags |= LUSTRE_APPEND_FL; 
                  if ((oldflags ^ newflags) &&
-                    !mdd_capable(uc, CAP_LINUX_IMMUTABLE))
+                    !mdd_capable(uc, CFS_CAP_LINUX_IMMUTABLE))
                          RETURN(-EPERM);
  
                  if (!S_ISDIR(tmp_la->la_mode))
                          RETURN(-EPERM);
  
                  if (!S_ISDIR(tmp_la->la_mode))
@@ -722,7 +722,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj,
          if ((la->la_valid & (LA_MTIME | LA_ATIME | LA_CTIME)) &&
              !(la->la_valid & ~(LA_MTIME | LA_ATIME | LA_CTIME))) {
                  if ((uc->mu_fsuid != tmp_la->la_uid) &&
          if ((la->la_valid & (LA_MTIME | LA_ATIME | LA_CTIME)) &&
              !(la->la_valid & ~(LA_MTIME | LA_ATIME | LA_CTIME))) {
                  if ((uc->mu_fsuid != tmp_la->la_uid) &&
-                    !mdd_capable(uc, CAP_FOWNER)) {
+                    !mdd_capable(uc, CFS_CAP_FOWNER)) {
                          rc = mdd_permission_internal_locked(env, obj, tmp_la,
                                                              MAY_WRITE);
                          if (rc)
                          rc = mdd_permission_internal_locked(env, obj, tmp_la,
                                                              MAY_WRITE);
                          if (rc)
@@ -737,7 +737,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj,
                  if ((la->la_valid & ~LA_MODE) &&
                      !(ma->ma_attr_flags & MDS_PERM_BYPASS) &&
                      (uc->mu_fsuid != tmp_la->la_uid) &&
                  if ((la->la_valid & ~LA_MODE) &&
                      !(ma->ma_attr_flags & MDS_PERM_BYPASS) &&
                      (uc->mu_fsuid != tmp_la->la_uid) &&
-                    !mdd_capable(uc, CAP_FOWNER))
+                    !mdd_capable(uc, CFS_CAP_FOWNER))
                          RETURN(-EPERM);
  
                  if (la->la_mode == (umode_t) -1)
                          RETURN(-EPERM);
  
                  if (la->la_mode == (umode_t) -1)
@@ -747,8 +747,9 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj,
                                        (tmp_la->la_mode & ~S_IALLUGO);
  
                  /* Also check the setgid bit! */
                                        (tmp_la->la_mode & ~S_IALLUGO);
  
                  /* Also check the setgid bit! */
-                if (!lustre_in_group_p(uc, (la->la_valid & LA_GID) ? la->la_gid :
-                                tmp_la->la_gid) && !mdd_capable(uc, CAP_FSETID))
+                if (!lustre_in_group_p(uc, (la->la_valid & LA_GID) ?
+                                       la->la_gid : tmp_la->la_gid) &&
+                    !mdd_capable(uc, CFS_CAP_FSETID))
                          la->la_mode &= ~S_ISGID;
          } else {
                 la->la_mode = tmp_la->la_mode;
                          la->la_mode &= ~S_ISGID;
          } else {
                 la->la_mode = tmp_la->la_mode;
@@ -760,7 +761,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj,
                          la->la_uid = tmp_la->la_uid;
                  if (((uc->mu_fsuid != tmp_la->la_uid) ||
                      (la->la_uid != tmp_la->la_uid)) &&
                          la->la_uid = tmp_la->la_uid;
                  if (((uc->mu_fsuid != tmp_la->la_uid) ||
                      (la->la_uid != tmp_la->la_uid)) &&
-                    !mdd_capable(uc, CAP_CHOWN))
+                    !mdd_capable(uc, CFS_CAP_CHOWN))
                          RETURN(-EPERM);
  
                  /* If the user or group of a non-directory has been
                          RETURN(-EPERM);
  
                  /* If the user or group of a non-directory has been
@@ -786,7 +787,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj,
                  if (((uc->mu_fsuid != tmp_la->la_uid) ||
                      ((la->la_gid != tmp_la->la_gid) &&
                      !lustre_in_group_p(uc, la->la_gid))) &&
                  if (((uc->mu_fsuid != tmp_la->la_uid) ||
                      ((la->la_gid != tmp_la->la_gid) &&
                      !lustre_in_group_p(uc, la->la_gid))) &&
-                    !mdd_capable(uc, CAP_CHOWN))
+                    !mdd_capable(uc, CFS_CAP_CHOWN))
                          RETURN(-EPERM);
  
                  /* Likewise, if the user or group of a non-directory
                          RETURN(-EPERM);
  
                  /* Likewise, if the user or group of a non-directory
@@ -961,7 +962,8 @@ static int mdd_xattr_sanity_check(const struct lu_env *env,
          if (rc)
                  RETURN(rc);
  
          if (rc)
                  RETURN(rc);
  
-        if ((uc->mu_fsuid != tmp_la->la_uid) && !mdd_capable(uc, CAP_FOWNER))
+        if ((uc->mu_fsuid != tmp_la->la_uid) &&
+            !mdd_capable(uc, CFS_CAP_FOWNER))
                  RETURN(-EPERM);
  
          RETURN(rc);
                  RETURN(-EPERM);
  
          RETURN(rc);
@@ -1299,7 +1301,7 @@ static int mdd_open_sanity_check(const struct lu_env *env,
                  if (uc && ((uc->mu_valid == UCRED_OLD) ||
                      (uc->mu_valid == UCRED_NEW)) &&
                      (uc->mu_fsuid != tmp_la->la_uid) &&
                  if (uc && ((uc->mu_valid == UCRED_OLD) ||
                      (uc->mu_valid == UCRED_NEW)) &&
                      (uc->mu_fsuid != tmp_la->la_uid) &&
-                    !mdd_capable(uc, CAP_FOWNER))
+                    !mdd_capable(uc, CFS_CAP_FOWNER))
                          RETURN(-EPERM);
          }
  #endif
                          RETURN(-EPERM);
          }
  #endif
diff --git a/lustre/mdd/mdd_permission.c b/lustre/mdd/mdd_permission.c

index 1238582..f1cf0ac 100644 (file)
--- a/lustre/mdd/mdd_permission.c
+++ b/lustre/mdd/mdd_permission.c
@@ -259,12 +259,12 @@ int __mdd_permission_internal(const struct lu_env *env, struct mdd_object *obj,
  check_capabilities:
          if (!(mask & MAY_EXEC) ||
              (la->la_mode & S_IXUGO) || S_ISDIR(la->la_mode))
  check_capabilities:
          if (!(mask & MAY_EXEC) ||
              (la->la_mode & S_IXUGO) || S_ISDIR(la->la_mode))
-                if (mdd_capable(uc, CAP_DAC_OVERRIDE))
+                if (mdd_capable(uc, CFS_CAP_DAC_OVERRIDE))
                          RETURN(0);
  
          if ((mask == MAY_READ) ||
              (S_ISDIR(la->la_mode) && !(mask & MAY_WRITE)))
                          RETURN(0);
  
          if ((mask == MAY_READ) ||
              (S_ISDIR(la->la_mode) && !(mask & MAY_WRITE)))
-                if (mdd_capable(uc, CAP_DAC_READ_SEARCH))
+                if (mdd_capable(uc, CFS_CAP_DAC_READ_SEARCH))
                          RETURN(0);
  
          RETURN(-EACCES);
                          RETURN(0);
  
          RETURN(-EACCES);
@@ -365,7 +365,8 @@ int mdd_permission(const struct lu_env *env,
                                  RETURN(rc);
                  }
  
                                  RETURN(rc);
                  }
  
-                if (la->la_uid != uc->mu_fsuid && !mdd_capable(uc, CAP_FOWNER))
+                if (la->la_uid != uc->mu_fsuid &&
+                    !mdd_capable(uc, CFS_CAP_FOWNER))
                          rc = -EPERM;
          }
  
                          rc = -EPERM;
          }
  
diff --git a/lustre/mdt/mdt_lib.c b/lustre/mdt/mdt_lib.c

index 5fffcf2..b3dc462 100644 (file)
--- a/lustre/mdt/mdt_lib.c
+++ b/lustre/mdt/mdt_lib.c
@@ -243,7 +243,7 @@ static int new_init_ucred(struct mdt_thread_info *info, ucred_init_type_t type,
  
          /* remove fs privilege for non-root user */
          if (ucred->mu_fsuid)
  
          /* remove fs privilege for non-root user */
          if (ucred->mu_fsuid)
-                ucred->mu_cap = pud->pud_cap & ~CAP_FS_MASK;
+                ucred->mu_cap = pud->pud_cap & ~CFS_CAP_FS_MASK;
          else
                  ucred->mu_cap = pud->pud_cap;
          ucred->mu_valid = UCRED_NEW;
          else
                  ucred->mu_cap = pud->pud_cap;
          ucred->mu_valid = UCRED_NEW;
@@ -406,7 +406,7 @@ static int old_init_ucred(struct mdt_thread_info *info,
  
          /* remove fs privilege for non-root user */
          if (uc->mu_fsuid)
  
          /* remove fs privilege for non-root user */
          if (uc->mu_fsuid)
-                uc->mu_cap = body->capability & ~CAP_FS_MASK;
+                uc->mu_cap = body->capability & ~CFS_CAP_FS_MASK;
          else
                  uc->mu_cap = body->capability;
          uc->mu_valid = UCRED_OLD;
          else
                  uc->mu_cap = body->capability;
          uc->mu_valid = UCRED_OLD;
@@ -446,7 +446,7 @@ static int old_init_ucred_reint(struct mdt_thread_info *info)
  
          /* remove fs privilege for non-root user */
          if (uc->mu_fsuid)
  
          /* remove fs privilege for non-root user */
          if (uc->mu_fsuid)
-                uc->mu_cap &= ~CAP_FS_MASK;
+                uc->mu_cap &= ~CFS_CAP_FS_MASK;
          uc->mu_valid = UCRED_OLD;
  
          RETURN(0);
          uc->mu_valid = UCRED_OLD;
  
          RETURN(0);
diff --git a/lustre/obdclass/llog_obd.c b/lustre/obdclass/llog_obd.c

index f13d78f..2e4b3a2 100644 (file)
--- a/lustre/obdclass/llog_obd.c
+++ b/lustre/obdclass/llog_obd.c
@@ -213,8 +213,7 @@ int llog_add(struct llog_ctxt *ctxt, struct llog_rec_hdr *rec,
                  struct lov_stripe_md *lsm, struct llog_cookie *logcookies,
                  int numcookies)
  {
                  struct lov_stripe_md *lsm, struct llog_cookie *logcookies,
                  int numcookies)
  {
-        __u32 cap;
-        int rc;
+        int raised, rc;
          ENTRY;
  
          if (!ctxt) {
          ENTRY;
  
          if (!ctxt) {
@@ -223,10 +222,12 @@ int llog_add(struct llog_ctxt *ctxt, struct llog_rec_hdr *rec,
          }
          
          CTXT_CHECK_OP(ctxt, add, -EOPNOTSUPP);
          }
          
          CTXT_CHECK_OP(ctxt, add, -EOPNOTSUPP);
-       cap = current->cap_effective;             
-        cap_raise(current->cap_effective, CAP_SYS_RESOURCE);
+        raised = cfs_cap_raised(CFS_CAP_SYS_RESOURCE);
+        if (!raised)
+                cfs_cap_raise(CFS_CAP_SYS_RESOURCE);
          rc = CTXTP(ctxt, add)(ctxt, rec, lsm, logcookies, numcookies);
          rc = CTXTP(ctxt, add)(ctxt, rec, lsm, logcookies, numcookies);
-       current->cap_effective = cap; 
+        if (!raised)
+                cfs_cap_lower(CFS_CAP_SYS_RESOURCE);
          RETURN(rc);
  }
  EXPORT_SYMBOL(llog_add);
          RETURN(rc);
  }
  EXPORT_SYMBOL(llog_add);
diff --git a/lustre/obdclass/obdo.c b/lustre/obdclass/obdo.c

index 88c7011..153048a 100644 (file)
--- a/lustre/obdclass/obdo.c
+++ b/lustre/obdclass/obdo.c
@@ -163,7 +163,7 @@ void obdo_from_iattr(struct obdo *oa, struct iattr *attr, unsigned int ia_valid)
          if (ia_valid & ATTR_MODE) {
                  oa->o_mode = attr->ia_mode;
                  oa->o_valid |= OBD_MD_FLTYPE | OBD_MD_FLMODE;
          if (ia_valid & ATTR_MODE) {
                  oa->o_mode = attr->ia_mode;
                  oa->o_valid |= OBD_MD_FLTYPE | OBD_MD_FLMODE;
-                if (!in_group_p(oa->o_gid) && !capable(CAP_FSETID))
+                if (!in_group_p(oa->o_gid) && !cfs_capable(CFS_CAP_FSETID))
                          oa->o_mode &= ~S_ISGID;
          }
          if (ia_valid & ATTR_UID) {
                          oa->o_mode &= ~S_ISGID;
          }
          if (ia_valid & ATTR_UID) {
@@ -211,7 +211,7 @@ void iattr_from_obdo(struct iattr *attr, struct obdo *oa, obd_flag valid)
          if (valid & OBD_MD_FLMODE) {
                  attr->ia_mode = (attr->ia_mode & S_IFMT)|(oa->o_mode & ~S_IFMT);
                  attr->ia_valid |= ATTR_MODE;
          if (valid & OBD_MD_FLMODE) {
                  attr->ia_mode = (attr->ia_mode & S_IFMT)|(oa->o_mode & ~S_IFMT);
                  attr->ia_valid |= ATTR_MODE;
-                if (!in_group_p(oa->o_gid) && !capable(CAP_FSETID))
+                if (!in_group_p(oa->o_gid) && !cfs_capable(CFS_CAP_FSETID))
                          attr->ia_mode &= ~S_ISGID;
          }
          if (valid & OBD_MD_FLUID) {
                          attr->ia_mode &= ~S_ISGID;
          }
          if (valid & OBD_MD_FLUID) {
diff --git a/lustre/obdecho/echo_client.c b/lustre/obdecho/echo_client.c

index 7014221..ffd1116 100644 (file)
--- a/lustre/obdecho/echo_client.c
+++ b/lustre/obdecho/echo_client.c
@@ -1148,7 +1148,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp,
  
          switch (cmd) {
          case OBD_IOC_CREATE:                    /* may create echo object */
  
          switch (cmd) {
          case OBD_IOC_CREATE:                    /* may create echo object */
-                if (!capable (CAP_SYS_ADMIN))
+                if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                          GOTO (out, rc = -EPERM);
  
                  rc = echo_create_object (obd, 1, &data->ioc_obdo1,
                          GOTO (out, rc = -EPERM);
  
                  rc = echo_create_object (obd, 1, &data->ioc_obdo1,
@@ -1157,7 +1157,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp,
                  GOTO(out, rc);
  
          case OBD_IOC_DESTROY:
                  GOTO(out, rc);
  
          case OBD_IOC_DESTROY:
-                if (!capable (CAP_SYS_ADMIN))
+                if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                          GOTO (out, rc = -EPERM);
  
                  rc = echo_get_object (&eco, obd, &data->ioc_obdo1);
                          GOTO (out, rc = -EPERM);
  
                  rc = echo_get_object (&eco, obd, &data->ioc_obdo1);
@@ -1185,7 +1185,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp,
                  GOTO(out, rc);
  
          case OBD_IOC_SETATTR:
                  GOTO(out, rc);
  
          case OBD_IOC_SETATTR:
-                if (!capable (CAP_SYS_ADMIN))
+                if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                          GOTO (out, rc = -EPERM);
  
                  rc = echo_get_object (&eco, obd, &data->ioc_obdo1);
                          GOTO (out, rc = -EPERM);
  
                  rc = echo_get_object (&eco, obd, &data->ioc_obdo1);
@@ -1200,7 +1200,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp,
                  GOTO(out, rc);
  
          case OBD_IOC_BRW_WRITE:
                  GOTO(out, rc);
  
          case OBD_IOC_BRW_WRITE:
-                if (!capable (CAP_SYS_ADMIN))
+                if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                          GOTO (out, rc = -EPERM);
  
                  rw = OBD_BRW_WRITE;
                          GOTO (out, rc = -EPERM);
  
                  rw = OBD_BRW_WRITE;
@@ -1219,7 +1219,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp,
                  GOTO(out, rc);
  
          case ECHO_IOC_SET_STRIPE:
                  GOTO(out, rc);
  
          case ECHO_IOC_SET_STRIPE:
-                if (!capable (CAP_SYS_ADMIN))
+                if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                          GOTO (out, rc = -EPERM);
  
                  if (data->ioc_pbuf1 == NULL) {  /* unset */
                          GOTO (out, rc = -EPERM);
  
                  if (data->ioc_pbuf1 == NULL) {  /* unset */
@@ -1236,7 +1236,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp,
                  GOTO (out, rc);
  
          case ECHO_IOC_ENQUEUE:
                  GOTO (out, rc);
  
          case ECHO_IOC_ENQUEUE:
-                if (!capable (CAP_SYS_ADMIN))
+                if (!cfs_capable(CFS_CAP_SYS_ADMIN))
                          GOTO (out, rc = -EPERM);
  
                  rc = echo_client_enqueue(exp, &data->ioc_obdo1,
                          GOTO (out, rc = -EPERM);
  
                  rc = echo_client_enqueue(exp, &data->ioc_obdo1,
diff --git a/lustre/obdfilter/filter.c b/lustre/obdfilter/filter.c

index 134db47..e60e2b5 100644 (file)
--- a/lustre/obdfilter/filter.c
+++ b/lustre/obdfilter/filter.c
@@ -1567,8 +1567,9 @@ int filter_vfs_unlink(struct inode *dir, struct dentry *dentry,
                  GOTO(out, rc = -EPERM);
  
          /* check_sticky() */
                  GOTO(out, rc = -EPERM);
  
          /* check_sticky() */
-        if ((dentry->d_inode->i_uid != current->fsuid && !capable(CAP_FOWNER))||
-            IS_APPEND(dentry->d_inode) || IS_IMMUTABLE(dentry->d_inode))
+        if ((dentry->d_inode->i_uid != current->fsuid &&
+             !cfs_capable(CFS_CAP_FOWNER)) || IS_APPEND(dentry->d_inode) ||
+            IS_IMMUTABLE(dentry->d_inode))
                  GOTO(out, rc = -EPERM);
  
          /* NOTE: This might need to go outside i_mutex, though it isn't clear if
                  GOTO(out, rc = -EPERM);
  
          /* NOTE: This might need to go outside i_mutex, though it isn't clear if
diff --git a/lustre/obdfilter/filter_io_26.c b/lustre/obdfilter/filter_io_26.c

index a301fba..e96513c 100644 (file)
--- a/lustre/obdfilter/filter_io_26.c
+++ b/lustre/obdfilter/filter_io_26.c
@@ -754,7 +754,7 @@ int filter_commitrw_write(struct obd_export *exp, struct obdo *oa,
                  CDEBUG(D_INODE, "update UID/GID to %lu/%lu\n",
                         (unsigned long)oa->o_uid, (unsigned long)oa->o_gid);
  
                  CDEBUG(D_INODE, "update UID/GID to %lu/%lu\n",
                         (unsigned long)oa->o_uid, (unsigned long)oa->o_gid);
  
-                cap_raise(current->cap_effective, CAP_SYS_RESOURCE);
+                cfs_cap_raise(CFS_CAP_SYS_RESOURCE);
  
                  iattr.ia_valid |= ATTR_MODE;
                  iattr.ia_mode = inode->i_mode;
  
                  iattr.ia_valid |= ATTR_MODE;
                  iattr.ia_mode = inode->i_mode;
diff --git a/lustre/ptlrpc/sec.c b/lustre/ptlrpc/sec.c

index 94267cf..59fedf7 100644 (file)
--- a/lustre/ptlrpc/sec.c
+++ b/lustre/ptlrpc/sec.c
@@ -2203,7 +2203,7 @@ int sptlrpc_pack_user_desc(struct lustre_msg *msg, int offset)
          pud->pud_gid = cfs_current()->gid;
          pud->pud_fsuid = cfs_current()->fsuid;
          pud->pud_fsgid = cfs_current()->fsgid;
          pud->pud_gid = cfs_current()->gid;
          pud->pud_fsuid = cfs_current()->fsuid;
          pud->pud_fsgid = cfs_current()->fsgid;
-        pud->pud_cap = cfs_current()->cap_effective;
+        pud->pud_cap = cfs_curproc_cap_pack();
          pud->pud_ngroups = (msg->lm_buflens[offset] - sizeof(*pud)) / 4;
  
  #ifdef __KERNEL__
          pud->pud_ngroups = (msg->lm_buflens[offset] - sizeof(*pud)) / 4;
  
  #ifdef __KERNEL__
diff --git a/lustre/quota/quota_interface.c b/lustre/quota/quota_interface.c

index dff20af..e035ceb 100644 (file)
--- a/lustre/quota/quota_interface.c
+++ b/lustre/quota/quota_interface.c
@@ -353,9 +353,9 @@ static int filter_quota_enforce(struct obd_device *obd, unsigned int ignore)
                  RETURN(0);
  
          if (ignore)
                  RETURN(0);
  
          if (ignore)
-                cap_raise(current->cap_effective, CAP_SYS_RESOURCE);
+                cfs_cap_raise(CFS_CAP_SYS_RESOURCE);
          else
          else
-                cap_lower(current->cap_effective, CAP_SYS_RESOURCE);
+                cfs_cap_lower(CFS_CAP_SYS_RESOURCE);
  
          RETURN(0);
  }
  
          RETURN(0);
  }
diff --git a/lustre/tests/it_test.c b/lustre/tests/it_test.c

index b78d9f8..0b394a0 100644 (file)
--- a/lustre/tests/it_test.c
+++ b/lustre/tests/it_test.c
@@ -245,8 +245,9 @@ static enum interval_iter sanity_cb(struct interval_node *node, void *args)
          }
  
          if (!has) {
          }
  
          if (!has) {
-                int count = 1;
+                int count;
  err:
  err:
+                count = 1;
                  dprintf("node"__S":%llu Child list:\n",
                          node->in_extent.start,
                          node->in_extent.end,
                  dprintf("node"__S":%llu Child list:\n",
                          node->in_extent.start,
                          node->in_extent.end,
diff --git a/lustre/utils/loadgen.c b/lustre/utils/loadgen.c

index 76fd4e3..bb6c965 100644 (file)
--- a/lustre/utils/loadgen.c
+++ b/lustre/utils/loadgen.c
@@ -667,7 +667,7 @@ static void *run_one_child(void *threadvp)
  {
          struct kid_t *kid;
          char oname[10], ename[10];
  {
          struct kid_t *kid;
          char oname[10], ename[10];
-        int thread = (long)threadvp, dev;
+        int thread = (long)threadvp, dev = 0;
          int rc = 0, err;
  
          if (o_verbose > 2)
          int rc = 0, err;
  
          if (o_verbose > 2)
author	vitaly <vitaly>
	Tue, 9 Sep 2008 17:52:58 +0000 (17:52 +0000)
committer	vitaly <vitaly>
	Tue, 9 Sep 2008 17:52:58 +0000 (17:52 +0000)
libcfs/include/libcfs/curproc.h		patch \| blob \| history
libcfs/include/libcfs/darwin/darwin-prim.h		patch \| blob \| history
libcfs/include/libcfs/darwin/libcfs.h		patch \| blob \| history
libcfs/include/libcfs/winnt/winnt-prim.h		patch \| blob \| history
libcfs/libcfs/darwin/darwin-curproc.c		patch \| blob \| history
libcfs/libcfs/linux/linux-curproc.c		patch \| blob \| history
libcfs/libcfs/linux/linux-module.c		patch \| blob \| history
libcfs/libcfs/lwt.c		patch \| blob \| history
libcfs/libcfs/winnt/winnt-curproc.c		patch \| blob \| history
libcfs/libcfs/winnt/winnt-module.c		patch \| blob \| history
lustre/cmm/mdc_object.c		patch \| blob \| history
lustre/include/darwin/lvfs.h		patch \| blob \| history
lustre/include/liblustre.h		patch \| blob \| history
lustre/include/linux/lvfs.h		patch \| blob \| history
lustre/include/lustre_log.h		patch \| blob \| history
lustre/include/md_object.h		patch \| blob \| history
lustre/include/obd.h		patch \| blob \| history
lustre/include/obd_class.h		patch \| blob \| history
lustre/liblustre/lutil.c		patch \| blob \| history
lustre/liblustre/super.c		patch \| blob \| history
lustre/llite/dir.c		patch \| blob \| history
lustre/llite/file.c		patch \| blob \| history
lustre/llite/llite_lib.c		patch \| blob \| history
lustre/llite/namei.c		patch \| blob \| history
lustre/llite/rw.c		patch \| blob \| history
lustre/llite/xattr.c		patch \| blob \| history
lustre/lmv/lmv_obd.c		patch \| blob \| history
lustre/lvfs/fsfilt_ext3.c		patch \| blob \| history
lustre/mdc/mdc_internal.h		patch \| blob \| history
lustre/mdc/mdc_lib.c		patch \| blob \| history
lustre/mdc/mdc_reint.c		patch \| blob \| history
lustre/mdc/mdc_request.c		patch \| blob \| history
lustre/mdd/mdd_dir.c		patch \| blob \| history
lustre/mdd/mdd_internal.h		patch \| blob \| history
lustre/mdd/mdd_lov.c		patch \| blob \| history
lustre/mdd/mdd_object.c		patch \| blob \| history
lustre/mdd/mdd_permission.c		patch \| blob \| history
lustre/mdt/mdt_lib.c		patch \| blob \| history
lustre/obdclass/llog_obd.c		patch \| blob \| history
lustre/obdclass/obdo.c		patch \| blob \| history
lustre/obdecho/echo_client.c		patch \| blob \| history
lustre/obdfilter/filter.c		patch \| blob \| history
lustre/obdfilter/filter_io_26.c		patch \| blob \| history
lustre/ptlrpc/sec.c		patch \| blob \| history
lustre/quota/quota_interface.c		patch \| blob \| history
lustre/tests/it_test.c		patch \| blob \| history
lustre/utils/loadgen.c		patch \| blob \| history