LU-9859 libcfs: replace all CFS_CAP_* macros with CAP_*

author Mr. NeilBrown <neilb@suse.de>

Thu, 10 Sep 2020 13:49:30 +0000 (09:49 -0400)

committer Oleg Drokin <green@whamcloud.com>

Fri, 26 Feb 2021 21:05:43 +0000 (21:05 +0000)
author Mr. NeilBrown <neilb@suse.de>
Thu, 10 Sep 2020 13:49:30 +0000 (09:49 -0400)
committer Oleg Drokin <green@whamcloud.com>
Fri, 26 Feb 2021 21:05:43 +0000 (21:05 +0000)
diff --git a/libcfs/include/libcfs/curproc.h b/libcfs/include/libcfs/curproc.h

index cf2be32..ac947e8 100644 (file)
--- a/libcfs/include/libcfs/curproc.h
+++ b/libcfs/include/libcfs/curproc.h
@@ -41,25 +41,15 @@
  
  typedef __u32 cfs_cap_t;
  
-#define CFS_CAP_CHOWN                   0
-#define CFS_CAP_DAC_OVERRIDE            1
-#define CFS_CAP_DAC_READ_SEARCH         2
-#define CFS_CAP_FOWNER                  3
-#define CFS_CAP_FSETID                  4
-#define CFS_CAP_LINUX_IMMUTABLE         9
-#define CFS_CAP_SYS_ADMIN              21
-#define CFS_CAP_SYS_BOOT               23
-#define CFS_CAP_SYS_RESOURCE           24
-
-#define CFS_CAP_FS_MASK        (BIT(CFS_CAP_CHOWN)             |       \
-                        BIT(CFS_CAP_DAC_OVERRIDE)      |       \
-                        BIT(CFS_CAP_DAC_READ_SEARCH)   |       \
-                        BIT(CFS_CAP_FOWNER)            |       \
-                        BIT(CFS_CAP_FSETID )           |       \
-                        BIT(CFS_CAP_LINUX_IMMUTABLE)   |       \
-                        BIT(CFS_CAP_SYS_ADMIN)         |       \
-                        BIT(CFS_CAP_SYS_BOOT)          |       \
-                        BIT(CFS_CAP_SYS_RESOURCE))
+#define CFS_CAP_FS_MASK        (BIT(CAP_CHOWN)                 |       \
+                        BIT(CAP_DAC_OVERRIDE)          |       \
+                        BIT(CAP_DAC_READ_SEARCH)       |       \
+                        BIT(CAP_FOWNER)                |       \
+                        BIT(CAP_FSETID)                |       \
+                        BIT(CAP_LINUX_IMMUTABLE)       |       \
+                        BIT(CAP_SYS_ADMIN)             |       \
+                        BIT(CAP_SYS_BOOT)              |       \
+                        BIT(CAP_SYS_RESOURCE))
  
  cfs_cap_t cfs_curproc_cap_pack(void);
  void cfs_curproc_cap_unpack(cfs_cap_t cap);
diff --git a/lustre/llite/dir.c b/lustre/llite/dir.c

index a57a11b..56d70d9 100644 (file)
--- a/lustre/llite/dir.c
+++ b/lustre/llite/dir.c
@@ -1142,14 +1142,14 @@ int quotactl_ioctl(struct ll_sb_info *sbi, struct if_quotactl *qctl)
         case LUSTRE_Q_SETDEFAULT:
         case LUSTRE_Q_SETQUOTAPOOL:
         case LUSTRE_Q_SETINFOPOOL:
-               if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+               if (!cfs_capable(CAP_SYS_ADMIN))
                         RETURN(-EPERM);
                 break;
         case Q_GETQUOTA:
         case LUSTRE_Q_GETDEFAULT:
         case LUSTRE_Q_GETQUOTAPOOL:
                 if (check_owner(type, id) &&
-                   (!cfs_capable(CFS_CAP_SYS_ADMIN)))
+                   (!cfs_capable(CAP_SYS_ADMIN)))
                         RETURN(-EPERM);
                 break;
         case Q_GETINFO:
@@ -1278,7 +1278,7 @@ int ll_rmfid(struct file *file, void __user *arg)
         int i, rc, *rcs = NULL;
         ENTRY;
  
-       if (!cfs_capable(CFS_CAP_DAC_READ_SEARCH) &&
+       if (!cfs_capable(CAP_DAC_READ_SEARCH) &&
             !(ll_i2sbi(file_inode(file))->ll_flags & LL_SBI_USER_FID2PATH))
                 RETURN(-EPERM);
         /* Only need to get the buflen */
@@ -2048,7 +2048,7 @@ out_hur:
                 RETURN(rc);
         }
         case LL_IOC_HSM_CT_START:
-               if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+               if (!cfs_capable(CAP_SYS_ADMIN))
                         RETURN(-EPERM);
  
                 rc = copy_and_ct_start(cmd, sbi->ll_md_exp,
diff --git a/lustre/llite/file.c b/lustre/llite/file.c

index 092c42d..540bd2f 100644 (file)
--- a/lustre/llite/file.c
+++ b/lustre/llite/file.c
@@ -2243,7 +2243,7 @@ static int ll_lov_setea(struct inode *inode, struct file *file,
         int                      rc;
         ENTRY;
  
-       if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+       if (!cfs_capable(CAP_SYS_ADMIN))
                 RETURN(-EPERM);
  
         OBD_ALLOC_LARGE(lump, lum_size);
@@ -2565,7 +2565,7 @@ int ll_fid2path(struct inode *inode, void __user *arg)
  
         ENTRY;
  
-       if (!cfs_capable(CFS_CAP_DAC_READ_SEARCH) &&
+       if (!cfs_capable(CAP_DAC_READ_SEARCH) &&
             !(ll_i2sbi(inode)->ll_flags & LL_SBI_USER_FID2PATH))
                 RETURN(-EPERM);
  
@@ -2853,7 +2853,7 @@ int ll_hsm_state_set(struct inode *inode, struct hsm_state_set *hss)
         /* Non-root users are forbidden to set or clear flags which are
          * NOT defined in HSM_USER_MASK. */
         if (((hss->hss_setmask | hss->hss_clearmask) & ~HSM_USER_MASK) &&
-           !cfs_capable(CFS_CAP_SYS_ADMIN))
+           !cfs_capable(CAP_SYS_ADMIN))
                 RETURN(-EPERM);
  
         if (!exp_connect_archive_id_array(exp)) {
diff --git a/lustre/llite/llite_lib.c b/lustre/llite/llite_lib.c

index 1f094ce..7c78279 100644 (file)
--- a/lustre/llite/llite_lib.c
+++ b/lustre/llite/llite_lib.c
@@ -2051,7 +2051,7 @@ int ll_setattr_raw(struct dentry *dentry, struct iattr *attr,
         /* POSIX: check before ATTR_*TIME_SET set (from inode_change_ok) */
         if (attr->ia_valid & TIMES_SET_FLAGS) {
                 if ((!uid_eq(current_fsuid(), inode->i_uid)) &&
-                   !cfs_capable(CFS_CAP_FOWNER))
+                   !cfs_capable(CAP_FOWNER))
                         RETURN(-EPERM);
         }
  
@@ -3391,7 +3391,7 @@ int ll_getparent(struct file *file, struct getparent __user *arg)
  
         ENTRY;
  
-       if (!cfs_capable(CFS_CAP_DAC_READ_SEARCH) &&
+       if (!cfs_capable(CAP_DAC_READ_SEARCH) &&
             !(ll_i2sbi(inode)->ll_flags & LL_SBI_USER_FID2PATH))
                 RETURN(-EPERM);
  
diff --git a/lustre/llite/xattr.c b/lustre/llite/xattr.c

index c5eff78..e23c47f 100644 (file)
--- a/lustre/llite/xattr.c
+++ b/lustre/llite/xattr.c
@@ -86,7 +86,7 @@ static int xattr_type_filter(struct ll_sb_info *sbi,
                 return -EOPNOTSUPP;
  
         if (handler->flags == XATTR_TRUSTED_T &&
-           !capable(CFS_CAP_SYS_ADMIN))
+           !capable(CAP_SYS_ADMIN))
                 return -EPERM;
  
         return 0;
diff --git a/lustre/mdd/mdd_dir.c b/lustre/mdd/mdd_dir.c

index c0e27bf..c0cbf55 100644 (file)
--- a/lustre/mdd/mdd_dir.c
+++ b/lustre/mdd/mdd_dir.c
@@ -511,7 +511,7 @@ static inline int mdd_is_sticky(const struct lu_env *env,
         if (cattr->la_uid == uc->uc_fsuid)
                 return 0;
  
-       return !md_capable(uc, CFS_CAP_FOWNER);
+       return !md_capable(uc, CAP_FOWNER);
  }
  
  static int mdd_may_delete_entry(const struct lu_env *env,
@@ -2092,7 +2092,7 @@ static int mdd_create_sanity_check(const struct lu_env *env,
                            !lustre_in_group_p(uc,
                                               (cattr->la_valid & LA_GID) ?
                                               cattr->la_gid : pattr->la_gid) &&
-                          !md_capable(uc, CFS_CAP_FSETID)) {
+                          !md_capable(uc, CAP_FSETID)) {
                         cattr->la_mode &= ~S_ISGID;
                         cattr->la_valid |= LA_MODE;
                 }
diff --git a/lustre/mdd/mdd_object.c b/lustre/mdd/mdd_object.c

index 6c6afbf..eab0991 100644 (file)
--- a/lustre/mdd/mdd_object.c
+++ b/lustre/mdd/mdd_object.c
@@ -685,7 +685,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj,
                 RETURN(0);
  
         if (is_project_state_change(oattr, la)) {
-               if (!md_capable(uc, CFS_CAP_SYS_RESOURCE) &&
+               if (!md_capable(uc, CAP_SYS_RESOURCE) &&
                     !lustre_in_group_p(uc, ma->ma_enable_chprojid_gid) &&
                     !(ma->ma_enable_chprojid_gid == -1 &&
                       mdd_permission_internal(env, obj, oattr, MAY_WRITE)))
@@ -727,13 +727,13 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj,
                                 (LUSTRE_IMMUTABLE_FL | LUSTRE_APPEND_FL);
  
                 if ((uc->uc_fsuid != oattr->la_uid) &&
-                   !md_capable(uc, CFS_CAP_FOWNER))
+                   !md_capable(uc, CAP_FOWNER))
                         RETURN(-EPERM);
  
                 /* The IMMUTABLE and APPEND_ONLY flags can
                  * only be changed by the relevant capability. */
                 if ((oldflags ^ newflags) &&
-                   !md_capable(uc, CFS_CAP_LINUX_IMMUTABLE))
+                   !md_capable(uc, CAP_LINUX_IMMUTABLE))
                         RETURN(-EPERM);
  
                 if (!S_ISDIR(oattr->la_mode)) {
@@ -758,7 +758,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj,
         if ((la->la_valid & (LA_MTIME | LA_ATIME | LA_CTIME)) &&
             !(la->la_valid & ~(LA_MTIME | LA_ATIME | LA_CTIME))) {
                 if ((uc->uc_fsuid != oattr->la_uid) &&
-                   !md_capable(uc, CFS_CAP_FOWNER)) {
+                   !md_capable(uc, CAP_FOWNER)) {
                         rc = mdd_permission_internal(env, obj, oattr,
                                                      MAY_WRITE);
                         if (rc)
@@ -791,7 +791,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj,
         if (la->la_valid & LA_MODE) {
                 if (!(flags & MDS_PERM_BYPASS) &&
                     (uc->uc_fsuid != oattr->la_uid) &&
-                   !md_capable(uc, CFS_CAP_FOWNER))
+                   !md_capable(uc, CAP_FOWNER))
                         RETURN(-EPERM);
  
                 if (la->la_mode == (umode_t) -1)
@@ -803,7 +803,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj,
                 /* Also check the setgid bit! */
                 if (!lustre_in_group_p(uc, (la->la_valid & LA_GID) ?
                                        la->la_gid : oattr->la_gid) &&
-                   !md_capable(uc, CFS_CAP_FSETID))
+                   !md_capable(uc, CAP_FSETID))
                         la->la_mode &= ~S_ISGID;
         } else {
                la->la_mode = oattr->la_mode;
@@ -815,7 +815,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj,
                         la->la_uid = oattr->la_uid;
                 if (((uc->uc_fsuid != oattr->la_uid) ||
                      (la->la_uid != oattr->la_uid)) &&
-                   !md_capable(uc, CFS_CAP_CHOWN))
+                   !md_capable(uc, CAP_CHOWN))
                         RETURN(-EPERM);
  
                 /* If the user or group of a non-directory has been
@@ -841,7 +841,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj,
                 if (((uc->uc_fsuid != oattr->la_uid) ||
                      ((la->la_gid != oattr->la_gid) &&
                       !lustre_in_group_p(uc, la->la_gid))) &&
-                   !md_capable(uc, CFS_CAP_CHOWN))
+                   !md_capable(uc, CAP_CHOWN))
                         RETURN(-EPERM);
  
                 /* Likewise, if the user or group of a non-directory
@@ -1352,11 +1352,11 @@ static int mdd_xattr_sanity_check(const struct lu_env *env,
                  * can write attributes. */
                 if (S_ISDIR(attr->la_mode) && (attr->la_mode & S_ISVTX) &&
                     (uc->uc_fsuid != attr->la_uid) &&
-                   !md_capable(uc, CFS_CAP_FOWNER))
+                   !md_capable(uc, CAP_FOWNER))
                         RETURN(-EPERM);
         } else if (strcmp(name, XATTR_NAME_SOM) != 0 &&
                    (uc->uc_fsuid != attr->la_uid) &&
-                  !md_capable(uc, CFS_CAP_FOWNER)) {
+                  !md_capable(uc, CAP_FOWNER)) {
                 RETURN(-EPERM);
         }
  
diff --git a/lustre/mdd/mdd_permission.c b/lustre/mdd/mdd_permission.c

index 148c120..f230845 100644 (file)
--- a/lustre/mdd/mdd_permission.c
+++ b/lustre/mdd/mdd_permission.c
@@ -304,12 +304,12 @@ int __mdd_permission_internal(const struct lu_env *env, struct mdd_object *obj,
  check_capabilities:
         if (!(mask & MAY_EXEC) ||
             (la->la_mode & S_IXUGO) || S_ISDIR(la->la_mode))
-               if (md_capable(uc, CFS_CAP_DAC_OVERRIDE))
+               if (md_capable(uc, CAP_DAC_OVERRIDE))
                         RETURN(0);
  
         if ((mask == MAY_READ) ||
             (S_ISDIR(la->la_mode) && !(mask & MAY_WRITE)))
-               if (md_capable(uc, CFS_CAP_DAC_READ_SEARCH))
+               if (md_capable(uc, CAP_DAC_READ_SEARCH))
                         RETURN(0);
  
         CDEBUG(D_SEC, "permission denied, mode %x, fsuid %u, uid %u\n",
@@ -352,7 +352,7 @@ int mdd_permission(const struct lu_env *env, struct md_object *pobj,
                         uc = lu_ucred_assert(env);
  
                 if (cattr->la_uid != uc->uc_fsuid &&
-                   !md_capable(uc, CFS_CAP_FOWNER))
+                   !md_capable(uc, CAP_FOWNER))
                         rc = -EPERM;
         }
  
diff --git a/lustre/mdd/mdd_trans.c b/lustre/mdd/mdd_trans.c

index 8fe9361..27f775d 100644 (file)
--- a/lustre/mdd/mdd_trans.c
+++ b/lustre/mdd/mdd_trans.c
@@ -62,7 +62,7 @@ struct thandle *mdd_trans_create(const struct lu_env *env,
  
         th = mdd_child_ops(mdd)->dt_trans_create(env, mdd->mdd_child);
         if (!IS_ERR(th) && uc)
-               th->th_ignore_quota = !!md_capable(uc, CFS_CAP_SYS_RESOURCE);
+               th->th_ignore_quota = !!md_capable(uc, CAP_SYS_RESOURCE);
  
         return th;
  }
diff --git a/lustre/mdt/mdt_handler.c b/lustre/mdt/mdt_handler.c

index 8576a71..ced2362 100644 (file)
--- a/lustre/mdt/mdt_handler.c
+++ b/lustre/mdt/mdt_handler.c
@@ -2295,7 +2295,7 @@ static int mdt_rmfid_check_permission(struct mdt_thread_info *info,
         if (la->la_flags & LUSTRE_IMMUTABLE_FL)
                         rc = -EACCES;
  
-       if (md_capable(uc, CFS_CAP_DAC_OVERRIDE))
+       if (md_capable(uc, CAP_DAC_OVERRIDE))
                 RETURN(0);
         if (uc->uc_fsuid == la->la_uid) {
                 if ((la->la_mode & S_IWUSR) == 0)
diff --git a/lustre/mdt/mdt_hsm.c b/lustre/mdt/mdt_hsm.c

index 92b842a..84b7c2f 100644 (file)
--- a/lustre/mdt/mdt_hsm.c
+++ b/lustre/mdt/mdt_hsm.c
@@ -91,7 +91,7 @@ static inline bool mdt_hsm_is_admin(struct mdt_thread_info *info)
         if (rc < 0)
                 return false;
  
-       is_admin = md_capable(mdt_ucred(info), CFS_CAP_SYS_ADMIN);
+       is_admin = md_capable(mdt_ucred(info), CAP_SYS_ADMIN);
  
         mdt_exit_ucred(info);
  
@@ -318,7 +318,7 @@ int mdt_hsm_state_set(struct tgt_session_info *tsi)
         /* Non-root users are forbidden to set or clear flags which are
          * NOT defined in HSM_USER_MASK. */
         if (((hss->hss_setmask | hss->hss_clearmask) & ~HSM_USER_MASK) &&
-           !md_capable(mdt_ucred(info), CFS_CAP_SYS_ADMIN)) {
+           !md_capable(mdt_ucred(info), CAP_SYS_ADMIN)) {
                 CDEBUG(D_HSM, "Incompatible masks provided (set %#llx"
                        ", clear %#llx) vs unprivileged set (%#x).\n",
                        hss->hss_setmask, hss->hss_clearmask, HSM_USER_MASK);
diff --git a/lustre/mdt/mdt_hsm_cdt_client.c b/lustre/mdt/mdt_hsm_cdt_client.c

index 5cc2c35..12ec150 100644 (file)
--- a/lustre/mdt/mdt_hsm_cdt_client.c
+++ b/lustre/mdt/mdt_hsm_cdt_client.c
@@ -239,7 +239,7 @@ hsm_action_permission(struct mdt_thread_info *mti,
         if (hsma != HSMA_RESTORE && mdt_rdonly(mti->mti_exp))
                 RETURN(-EROFS);
  
-       if (md_capable(uc, CFS_CAP_SYS_ADMIN))
+       if (md_capable(uc, CAP_SYS_ADMIN))
                 RETURN(0);
  
         ma->ma_need = MA_INODE;
@@ -313,7 +313,7 @@ static int mdt_hsm_register_hal(struct mdt_thread_info *mti,
                         /* In case of REMOVE and CANCEL a Lustre file
                          * is not mandatory, but restrict this
                          * exception to admins. */
-                       if (md_capable(mdt_ucred(mti), CFS_CAP_SYS_ADMIN) &&
+                       if (md_capable(mdt_ucred(mti), CAP_SYS_ADMIN) &&
                             (hai->hai_action == HSMA_REMOVE ||
                              hai->hai_action == HSMA_CANCEL))
                                 goto record;
diff --git a/lustre/mdt/mdt_internal.h b/lustre/mdt/mdt_internal.h

index 15ad740..98cbfee 100644 (file)
--- a/lustre/mdt/mdt_internal.h
+++ b/lustre/mdt/mdt_internal.h
@@ -1414,7 +1414,7 @@ static inline bool mdt_is_rootadmin(struct mdt_thread_info *info)
  
         uc = mdt_ucred(info);
         is_admin = (uc->uc_uid == 0 && uc->uc_gid == 0 &&
-                   md_capable(uc, CFS_CAP_SYS_ADMIN));
+                   md_capable(uc, CAP_SYS_ADMIN));
  
         mdt_exit_ucred(info);
  
diff --git a/lustre/mdt/mdt_open.c b/lustre/mdt/mdt_open.c

index ef12eb1..837323e 100644 (file)
--- a/lustre/mdt/mdt_open.c
+++ b/lustre/mdt/mdt_open.c
@@ -1695,7 +1695,7 @@ static struct mdt_object *mdt_orphan_open(struct mdt_thread_info *info,
  
         uc = lu_ucred(env);
         uc_cap_save = uc->uc_cap;
-       uc->uc_cap |= BIT(CFS_CAP_DAC_OVERRIDE);
+       uc->uc_cap |= BIT(CAP_DAC_OVERRIDE);
         rc = mdo_create(env, mdt_object_child(local_root), &lname,
                         mdt_object_child(obj), spec, attr);
         uc->uc_cap = uc_cap_save;
@@ -1967,7 +1967,7 @@ static int mdt_hsm_release(struct mdt_thread_info *info, struct mdt_object *o,
         /* The orphan has root ownership so we need to raise
          * CAP_FOWNER to set the HSM attributes. */
         cap = uc->uc_cap;
-       uc->uc_cap |= MD_CAP_TO_MASK(CFS_CAP_FOWNER);
+       uc->uc_cap |= MD_CAP_TO_MASK(CAP_FOWNER);
         rc = mo_xattr_set(info->mti_env, mdt_object_child(orphan), buf,
                           XATTR_NAME_HSM, 0);
         uc->uc_cap = cap;
diff --git a/lustre/mdt/mdt_reint.c b/lustre/mdt/mdt_reint.c

index f6c2e0b..a06ccef 100644 (file)
--- a/lustre/mdt/mdt_reint.c
+++ b/lustre/mdt/mdt_reint.c
@@ -526,7 +526,7 @@ static int mdt_create(struct mdt_thread_info *info)
                     LMV_HASH_TYPE_CRUSH)
                         RETURN(-EPROTO);
  
-               if (!md_capable(uc, CFS_CAP_SYS_ADMIN) &&
+               if (!md_capable(uc, CAP_SYS_ADMIN) &&
                     uc->uc_gid != mdt->mdt_enable_remote_dir_gid &&
                     mdt->mdt_enable_remote_dir_gid != -1)
                         RETURN(-EPERM);
@@ -769,7 +769,7 @@ int mdt_add_dirty_flag(struct mdt_thread_info *info, struct mdt_object *mo,
                  * set the HSM state to dirty.
                  */
                 cap_saved = uc->uc_cap;
-               uc->uc_cap |= MD_CAP_TO_MASK(CFS_CAP_FOWNER);
+               uc->uc_cap |= MD_CAP_TO_MASK(CAP_FOWNER);
                 rc = mdt_hsm_attr_set(info, mo, &ma->ma_hsm);
                 uc->uc_cap = cap_saved;
                 if (rc)
@@ -906,7 +906,7 @@ static int mdt_reint_setattr(struct mdt_thread_info *info,
                             !mdt->mdt_enable_striped_dir)
                                 GOTO(out_put, rc = -EPERM);
  
-                       if (!md_capable(uc, CFS_CAP_SYS_ADMIN) &&
+                       if (!md_capable(uc, CAP_SYS_ADMIN) &&
                             uc->uc_gid != mdt->mdt_enable_remote_dir_gid &&
                             mdt->mdt_enable_remote_dir_gid != -1)
                                 GOTO(out_put, rc = -EPERM);
@@ -1139,7 +1139,7 @@ relock:
                         /* Return -ENOTSUPP for old client */
                         GOTO(put_child, rc = -ENOTSUPP);
  
-               if (!md_capable(uc, CFS_CAP_SYS_ADMIN))
+               if (!md_capable(uc, CAP_SYS_ADMIN))
                         GOTO(put_child, rc = -EPERM);
  
                 ma->ma_need = MA_INODE;
@@ -2176,7 +2176,7 @@ int mdt_reint_migrate(struct mdt_thread_info *info,
         if (!mdt->mdt_enable_remote_dir || !mdt->mdt_enable_dir_migration)
                 RETURN(-EPERM);
  
-       if (uc && !md_capable(uc, CFS_CAP_SYS_ADMIN) &&
+       if (uc && !md_capable(uc, CAP_SYS_ADMIN) &&
             uc->uc_gid != mdt->mdt_enable_remote_dir_gid &&
             mdt->mdt_enable_remote_dir_gid != -1)
                 RETURN(-EPERM);
diff --git a/lustre/mdt/mdt_xattr.c b/lustre/mdt/mdt_xattr.c

index 7d78be8..cc7804f 100644 (file)
--- a/lustre/mdt/mdt_xattr.c
+++ b/lustre/mdt/mdt_xattr.c
@@ -347,7 +347,7 @@ int mdt_dir_layout_update(struct mdt_thread_info *info)
         if (!mdt->mdt_enable_dir_migration)
                 RETURN(-EPERM);
  
-       if (!md_capable(uc, CFS_CAP_SYS_ADMIN) &&
+       if (!md_capable(uc, CAP_SYS_ADMIN) &&
             uc->uc_gid != mdt->mdt_enable_remote_dir_gid &&
             mdt->mdt_enable_remote_dir_gid != -1)
                 RETURN(-EPERM);
@@ -577,7 +577,7 @@ int mdt_reint_setxattr(struct mdt_thread_info *info,
                         }
                 }
  
-               if (!md_capable(mdt_ucred(info), CFS_CAP_SYS_ADMIN))
+               if (!md_capable(mdt_ucred(info), CAP_SYS_ADMIN))
                         GOTO(out, rc = -EPERM);
  
                 if (strcmp(xattr_name, XATTR_NAME_LOV) == 0 ||
diff --git a/lustre/obdclass/class_obd.c b/lustre/obdclass/class_obd.c

index 9b34434..6a9dc6c 100644 (file)
--- a/lustre/obdclass/class_obd.c
+++ b/lustre/obdclass/class_obd.c
@@ -484,7 +484,7 @@ static long obd_class_ioctl(struct file *filp, unsigned int cmd,
  
         ENTRY;
         /* Allow non-root access for some limited ioctls */
-       if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+       if (!cfs_capable(CAP_SYS_ADMIN))
                 RETURN(err = -EACCES);
  
         if ((cmd & 0xffffff00) == ((int)'T') << 8) /* ignore all tty ioctls */
diff --git a/lustre/obdecho/echo_client.c b/lustre/obdecho/echo_client.c

index a7d3bd4..b9da619 100644 (file)
--- a/lustre/obdecho/echo_client.c
+++ b/lustre/obdecho/echo_client.c
@@ -2842,7 +2842,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp, int len,
  
         switch (cmd) {
         case OBD_IOC_CREATE:                    /* may create echo object */
-               if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+               if (!cfs_capable(CAP_SYS_ADMIN))
                         GOTO(out, rc = -EPERM);
  
                 rc = echo_create_object(env, ed, oa);
@@ -2856,7 +2856,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp, int len,
                 int dirlen;
                 __u64 id;
  
-               if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+               if (!cfs_capable(CAP_SYS_ADMIN))
                         GOTO(out, rc = -EPERM);
  
                 count = data->ioc_count;
@@ -2881,7 +2881,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp, int len,
                 __u64            seq;
                 int              max_count;
  
-               if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+               if (!cfs_capable(CAP_SYS_ADMIN))
                         GOTO(out, rc = -EPERM);
  
                 rc = seq_client_get_seq(env, ed->ed_cl_seq, &seq);
@@ -2902,7 +2902,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp, int len,
         }
  #endif /* HAVE_SERVER_SUPPORT */
         case OBD_IOC_DESTROY:
-               if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+               if (!cfs_capable(CAP_SYS_ADMIN))
                         GOTO(out, rc = -EPERM);
  
                 rc = echo_get_object(&eco, ed, oa);
@@ -2923,7 +2923,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp, int len,
                 GOTO(out, rc);
  
         case OBD_IOC_SETATTR:
-               if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+               if (!cfs_capable(CAP_SYS_ADMIN))
                         GOTO(out, rc = -EPERM);
  
                 rc = echo_get_object(&eco, ed, oa);
@@ -2934,7 +2934,7 @@ echo_client_iocontrol(unsigned int cmd, struct obd_export *exp, int len,
                 GOTO(out, rc);
  
         case OBD_IOC_BRW_WRITE:
-               if (!cfs_capable(CFS_CAP_SYS_ADMIN))
+               if (!cfs_capable(CAP_SYS_ADMIN))
                         GOTO(out, rc = -EPERM);
  
                 rw = OBD_BRW_WRITE;
diff --git a/lustre/osc/osc_io.c b/lustre/osc/osc_io.c

index 9f964c1..9b67d4b 100644 (file)
--- a/lustre/osc/osc_io.c
+++ b/lustre/osc/osc_io.c
@@ -415,7 +415,7 @@ int osc_io_iter_init(const struct lu_env *env, const struct cl_io_slice *ios)
         }
         spin_unlock(&imp->imp_lock);
  
-       if (cfs_capable(CFS_CAP_SYS_RESOURCE))
+       if (cfs_capable(CAP_SYS_RESOURCE))
                 oio->oi_cap_sys_resource = 1;
  
         RETURN(rc);
author	Mr. NeilBrown <neilb@suse.de>
	Thu, 10 Sep 2020 13:49:30 +0000 (09:49 -0400)
committer	Oleg Drokin <green@whamcloud.com>
	Fri, 26 Feb 2021 21:05:43 +0000 (21:05 +0000)
libcfs/include/libcfs/curproc.h		patch \| blob \| history
lustre/llite/dir.c		patch \| blob \| history
lustre/llite/file.c		patch \| blob \| history
lustre/llite/llite_lib.c		patch \| blob \| history
lustre/llite/xattr.c		patch \| blob \| history
lustre/mdd/mdd_dir.c		patch \| blob \| history
lustre/mdd/mdd_object.c		patch \| blob \| history
lustre/mdd/mdd_permission.c		patch \| blob \| history
lustre/mdd/mdd_trans.c		patch \| blob \| history
lustre/mdt/mdt_handler.c		patch \| blob \| history
lustre/mdt/mdt_hsm.c		patch \| blob \| history
lustre/mdt/mdt_hsm_cdt_client.c		patch \| blob \| history
lustre/mdt/mdt_internal.h		patch \| blob \| history
lustre/mdt/mdt_open.c		patch \| blob \| history
lustre/mdt/mdt_reint.c		patch \| blob \| history
lustre/mdt/mdt_xattr.c		patch \| blob \| history
lustre/obdclass/class_obd.c		patch \| blob \| history
lustre/obdecho/echo_client.c		patch \| blob \| history
lustre/osc/osc_io.c		patch \| blob \| history