diff options
Diffstat (limited to 'drivers/staging/lustre/lustre/ptlrpc/sec.c')
| -rw-r--r-- | drivers/staging/lustre/lustre/ptlrpc/sec.c | 123 |
1 files changed, 52 insertions, 71 deletions
diff --git a/drivers/staging/lustre/lustre/ptlrpc/sec.c b/drivers/staging/lustre/lustre/ptlrpc/sec.c index 36e8bed5458a..962b31d163de 100644 --- a/drivers/staging/lustre/lustre/ptlrpc/sec.c +++ b/drivers/staging/lustre/lustre/ptlrpc/sec.c @@ -269,8 +269,8 @@ struct ptlrpc_cli_ctx *get_my_ctx(struct ptlrpc_sec *sec) remove_dead = 0; } } else { - vcred.vc_uid = current_uid(); - vcred.vc_gid = current_gid(); + vcred.vc_uid = from_kuid(&init_user_ns, current_uid()); + vcred.vc_gid = from_kgid(&init_user_ns, current_gid()); } return sec->ps_policy->sp_cops->lookup_ctx(sec, &vcred, @@ -396,14 +396,13 @@ int sptlrpc_req_get_ctx(struct ptlrpc_request *req) struct obd_import *imp = req->rq_import; struct ptlrpc_sec *sec; int rc; - ENTRY; LASSERT(!req->rq_cli_ctx); LASSERT(imp); rc = import_sec_validate_get(imp, &sec); if (rc) - RETURN(rc); + return rc; req->rq_cli_ctx = get_my_ctx(sec); @@ -411,10 +410,10 @@ int sptlrpc_req_get_ctx(struct ptlrpc_request *req) if (!req->rq_cli_ctx) { CERROR("req %p: fail to get context\n", req); - RETURN(-ENOMEM); + return -ENOMEM; } - RETURN(0); + return 0; } /** @@ -428,8 +427,6 @@ int sptlrpc_req_get_ctx(struct ptlrpc_request *req) */ void sptlrpc_req_put_ctx(struct ptlrpc_request *req, int sync) { - ENTRY; - LASSERT(req); LASSERT(req->rq_cli_ctx); @@ -444,7 +441,6 @@ void sptlrpc_req_put_ctx(struct ptlrpc_request *req, int sync) sptlrpc_cli_ctx_put(req->rq_cli_ctx, sync); req->rq_cli_ctx = NULL; - EXIT; } static @@ -520,7 +516,6 @@ int sptlrpc_req_replace_dead_ctx(struct ptlrpc_request *req) struct ptlrpc_cli_ctx *oldctx = req->rq_cli_ctx; struct ptlrpc_cli_ctx *newctx; int rc; - ENTRY; LASSERT(oldctx); @@ -533,7 +528,7 @@ int sptlrpc_req_replace_dead_ctx(struct ptlrpc_request *req) /* restore old ctx */ req->rq_cli_ctx = oldctx; - RETURN(rc); + return rc; } newctx = req->rq_cli_ctx; @@ -560,14 +555,14 @@ int sptlrpc_req_replace_dead_ctx(struct ptlrpc_request *req) /* restore old ctx */ sptlrpc_req_put_ctx(req, 0); req->rq_cli_ctx = oldctx; - RETURN(rc); + return rc; } LASSERT(req->rq_cli_ctx == newctx); } sptlrpc_cli_ctx_put(oldctx, 1); - RETURN(0); + return 0; } EXPORT_SYMBOL(sptlrpc_req_replace_dead_ctx); @@ -639,12 +634,11 @@ int sptlrpc_req_refresh_ctx(struct ptlrpc_request *req, long timeout) struct ptlrpc_sec *sec; struct l_wait_info lwi; int rc; - ENTRY; LASSERT(ctx); if (req->rq_ctx_init || req->rq_ctx_fini) - RETURN(0); + return 0; /* * during the process a request's context might change type even @@ -654,7 +648,7 @@ int sptlrpc_req_refresh_ctx(struct ptlrpc_request *req, long timeout) again: rc = import_sec_validate_get(req->rq_import, &sec); if (rc) - RETURN(rc); + return rc; if (sec->ps_flvr.sf_rpc != req->rq_flvr.sf_rpc) { CDEBUG(D_SEC, "req %p: flavor has changed %x -> %x\n", @@ -666,7 +660,7 @@ again: sptlrpc_sec_put(sec); if (cli_ctx_is_eternal(ctx)) - RETURN(0); + return 0; if (unlikely(test_bit(PTLRPC_CTX_NEW_BIT, &ctx->cc_flags))) { LASSERT(ctx->cc_ops->refresh); @@ -677,7 +671,7 @@ again: LASSERT(ctx->cc_ops->validate); if (ctx->cc_ops->validate(ctx) == 0) { req_off_ctx_list(req, ctx); - RETURN(0); + return 0; } if (unlikely(test_bit(PTLRPC_CTX_ERROR_BIT, &ctx->cc_flags))) { @@ -685,7 +679,7 @@ again: req->rq_err = 1; spin_unlock(&req->rq_lock); req_off_ctx_list(req, ctx); - RETURN(-EPERM); + return -EPERM; } /* @@ -719,7 +713,7 @@ again: unlikely(req->rq_reqmsg) && lustre_msg_get_flags(req->rq_reqmsg) & MSG_RESENT) { req_off_ctx_list(req, ctx); - RETURN(0); + return 0; } if (unlikely(test_bit(PTLRPC_CTX_DEAD_BIT, &ctx->cc_flags))) { @@ -731,7 +725,7 @@ again: spin_lock(&req->rq_lock); req->rq_err = 1; spin_unlock(&req->rq_lock); - RETURN(-EINTR); + return -EINTR; } rc = sptlrpc_req_replace_dead_ctx(req); @@ -742,7 +736,7 @@ again: spin_lock(&req->rq_lock); req->rq_err = 1; spin_unlock(&req->rq_lock); - RETURN(rc); + return rc; } ctx = req->rq_cli_ctx; @@ -759,7 +753,7 @@ again: spin_unlock(&ctx->cc_lock); if (timeout < 0) - RETURN(-EWOULDBLOCK); + return -EWOULDBLOCK; /* Clear any flags that may be present from previous sends */ LASSERT(req->rq_receiving_reply == 0); @@ -789,7 +783,7 @@ again: req_off_ctx_list(req, ctx); LASSERT(rc != 0); - RETURN(rc); + return rc; } goto again; @@ -889,7 +883,6 @@ int sptlrpc_import_check_ctx(struct obd_import *imp) struct ptlrpc_cli_ctx *ctx; struct ptlrpc_request *req = NULL; int rc; - ENTRY; might_sleep(); @@ -898,22 +891,22 @@ int sptlrpc_import_check_ctx(struct obd_import *imp) sptlrpc_sec_put(sec); if (!ctx) - RETURN(-ENOMEM); + return -ENOMEM; if (cli_ctx_is_eternal(ctx) || ctx->cc_ops->validate(ctx) == 0) { sptlrpc_cli_ctx_put(ctx, 1); - RETURN(0); + return 0; } if (cli_ctx_is_error(ctx)) { sptlrpc_cli_ctx_put(ctx, 1); - RETURN(-EACCES); + return -EACCES; } OBD_ALLOC_PTR(req); if (!req) - RETURN(-ENOMEM); + return -ENOMEM; spin_lock_init(&req->rq_lock); atomic_set(&req->rq_refcount, 10000); @@ -929,7 +922,7 @@ int sptlrpc_import_check_ctx(struct obd_import *imp) sptlrpc_cli_ctx_put(req->rq_cli_ctx, 1); OBD_FREE_PTR(req); - RETURN(rc); + return rc; } /** @@ -941,7 +934,6 @@ int sptlrpc_cli_wrap_request(struct ptlrpc_request *req) { struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx; int rc = 0; - ENTRY; LASSERT(ctx); LASSERT(ctx->cc_sec); @@ -953,7 +945,7 @@ int sptlrpc_cli_wrap_request(struct ptlrpc_request *req) if (req->rq_bulk) { rc = sptlrpc_cli_wrap_bulk(req, req->rq_bulk); if (rc) - RETURN(rc); + return rc; } switch (SPTLRPC_FLVR_SVC(req->rq_flvr.sf_rpc)) { @@ -977,14 +969,13 @@ int sptlrpc_cli_wrap_request(struct ptlrpc_request *req) LASSERT(req->rq_reqdata_len <= req->rq_reqbuf_len); } - RETURN(rc); + return rc; } static int do_cli_unwrap_reply(struct ptlrpc_request *req) { struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx; int rc; - ENTRY; LASSERT(ctx); LASSERT(ctx->cc_sec); @@ -1002,13 +993,13 @@ static int do_cli_unwrap_reply(struct ptlrpc_request *req) break; default: CERROR("failed unpack reply: x"LPU64"\n", req->rq_xid); - RETURN(-EPROTO); + return -EPROTO; } if (req->rq_repdata_len < sizeof(struct lustre_msg)) { CERROR("replied data length %d too small\n", req->rq_repdata_len); - RETURN(-EPROTO); + return -EPROTO; } if (SPTLRPC_FLVR_POLICY(req->rq_repdata->lm_secflvr) != @@ -1016,7 +1007,7 @@ static int do_cli_unwrap_reply(struct ptlrpc_request *req) CERROR("reply policy %u doesn't match request policy %u\n", SPTLRPC_FLVR_POLICY(req->rq_repdata->lm_secflvr), SPTLRPC_FLVR_POLICY(req->rq_flvr.sf_rpc)); - RETURN(-EPROTO); + return -EPROTO; } switch (SPTLRPC_FLVR_SVC(req->rq_flvr.sf_rpc)) { @@ -1038,7 +1029,7 @@ static int do_cli_unwrap_reply(struct ptlrpc_request *req) if (SPTLRPC_FLVR_POLICY(req->rq_flvr.sf_rpc) != SPTLRPC_POLICY_NULL && !req->rq_ctx_init) req->rq_rep_swab_mask = 0; - RETURN(rc); + return rc; } /** @@ -1096,11 +1087,10 @@ int sptlrpc_cli_unwrap_early_reply(struct ptlrpc_request *req, char *early_buf; int early_bufsz, early_size; int rc; - ENTRY; OBD_ALLOC_PTR(early_req); if (early_req == NULL) - RETURN(-ENOMEM); + return -ENOMEM; early_size = req->rq_nob_received; early_bufsz = size_roundup_power2(early_size); @@ -1163,7 +1153,7 @@ int sptlrpc_cli_unwrap_early_reply(struct ptlrpc_request *req, LASSERT(early_req->rq_repmsg); *req_ret = early_req; - RETURN(0); + return 0; err_ctx: sptlrpc_cli_ctx_put(early_req->rq_cli_ctx, 1); @@ -1171,7 +1161,7 @@ err_buf: OBD_FREE_LARGE(early_buf, early_bufsz); err_req: OBD_FREE_PTR(early_req); - RETURN(rc); + return rc; } /** @@ -1285,7 +1275,6 @@ struct ptlrpc_sec * sptlrpc_sec_create(struct obd_import *imp, struct ptlrpc_sec_policy *policy; struct ptlrpc_sec *sec; char str[32]; - ENTRY; if (svc_ctx) { LASSERT(imp->imp_dlm_fake == 1); @@ -1308,7 +1297,7 @@ struct ptlrpc_sec * sptlrpc_sec_create(struct obd_import *imp, policy = sptlrpc_wireflavor2policy(sf->sf_rpc); if (!policy) { CERROR("invalid flavor 0x%x\n", sf->sf_rpc); - RETURN(NULL); + return NULL; } } @@ -1324,7 +1313,7 @@ struct ptlrpc_sec * sptlrpc_sec_create(struct obd_import *imp, sptlrpc_policy_put(policy); } - RETURN(sec); + return sec; } struct ptlrpc_sec *sptlrpc_import_sec_ref(struct obd_import *imp) @@ -1406,12 +1395,11 @@ int sptlrpc_import_sec_adapt(struct obd_import *imp, enum lustre_sec_part sp; char str[24]; int rc = 0; - ENTRY; might_sleep(); if (imp == NULL) - RETURN(0); + return 0; conn = imp->imp_connection; @@ -1485,7 +1473,7 @@ int sptlrpc_import_sec_adapt(struct obd_import *imp, mutex_unlock(&imp->imp_sec_mutex); out: sptlrpc_sec_put(sec); - RETURN(rc); + return rc; } void sptlrpc_import_sec_put(struct obd_import *imp) @@ -1523,7 +1511,8 @@ void sptlrpc_import_flush_root_ctx(struct obd_import *imp) void sptlrpc_import_flush_my_ctx(struct obd_import *imp) { - import_flush_ctx_common(imp, current_uid(), 1, 1); + import_flush_ctx_common(imp, from_kuid(&init_user_ns, current_uid()), + 1, 1); } EXPORT_SYMBOL(sptlrpc_import_flush_my_ctx); @@ -1668,17 +1657,16 @@ int sptlrpc_cli_alloc_repbuf(struct ptlrpc_request *req, int msgsize) { struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx; struct ptlrpc_sec_policy *policy; - ENTRY; LASSERT(ctx); LASSERT(ctx->cc_sec); LASSERT(ctx->cc_sec->ps_policy); if (req->rq_repbuf) - RETURN(0); + return 0; policy = ctx->cc_sec->ps_policy; - RETURN(policy->sp_cops->alloc_repbuf(ctx->cc_sec, req, msgsize)); + return policy->sp_cops->alloc_repbuf(ctx->cc_sec, req, msgsize); } /** @@ -1689,7 +1677,6 @@ void sptlrpc_cli_free_repbuf(struct ptlrpc_request *req) { struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx; struct ptlrpc_sec_policy *policy; - ENTRY; LASSERT(ctx); LASSERT(ctx->cc_sec); @@ -1703,7 +1690,6 @@ void sptlrpc_cli_free_repbuf(struct ptlrpc_request *req) policy = ctx->cc_sec->ps_policy; policy->sp_cops->free_repbuf(ctx->cc_sec, req); req->rq_repmsg = NULL; - EXIT; } int sptlrpc_cli_install_rvs_ctx(struct obd_import *imp, @@ -2032,7 +2018,6 @@ int sptlrpc_svc_unwrap_request(struct ptlrpc_request *req) struct ptlrpc_sec_policy *policy; struct lustre_msg *msg = req->rq_reqbuf; int rc; - ENTRY; LASSERT(msg); LASSERT(req->rq_reqmsg == NULL); @@ -2050,18 +2035,18 @@ int sptlrpc_svc_unwrap_request(struct ptlrpc_request *req) default: CERROR("error unpacking request from %s x"LPU64"\n", libcfs_id2str(req->rq_peer), req->rq_xid); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } req->rq_flvr.sf_rpc = WIRE_FLVR(msg->lm_secflvr); req->rq_sp_from = LUSTRE_SP_ANY; - req->rq_auth_uid = INVALID_UID; - req->rq_auth_mapped_uid = INVALID_UID; + req->rq_auth_uid = -1; + req->rq_auth_mapped_uid = -1; policy = sptlrpc_wireflavor2policy(req->rq_flvr.sf_rpc); if (!policy) { CERROR("unsupported rpc flavor %x\n", req->rq_flvr.sf_rpc); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } LASSERT(policy->sp_sops->accept); @@ -2079,7 +2064,7 @@ int sptlrpc_svc_unwrap_request(struct ptlrpc_request *req) /* sanity check for the request source */ rc = sptlrpc_svc_check_from(req, rc); - RETURN(rc); + return rc; } /** @@ -2092,7 +2077,6 @@ int sptlrpc_svc_alloc_rs(struct ptlrpc_request *req, int msglen) struct ptlrpc_sec_policy *policy; struct ptlrpc_reply_state *rs; int rc; - ENTRY; LASSERT(req->rq_svc_ctx); LASSERT(req->rq_svc_ctx->sc_policy); @@ -2105,7 +2089,7 @@ int sptlrpc_svc_alloc_rs(struct ptlrpc_request *req, int msglen) /* failed alloc, try emergency pool */ rs = lustre_get_emerg_rs(req->rq_rqbd->rqbd_svcpt); if (rs == NULL) - RETURN(-ENOMEM); + return -ENOMEM; req->rq_reply_state = rs; rc = policy->sp_sops->alloc_rs(req, msglen); @@ -2118,7 +2102,7 @@ int sptlrpc_svc_alloc_rs(struct ptlrpc_request *req, int msglen) LASSERT(rc != 0 || (req->rq_reply_state && req->rq_reply_state->rs_msg)); - RETURN(rc); + return rc; } /** @@ -2131,7 +2115,6 @@ int sptlrpc_svc_wrap_reply(struct ptlrpc_request *req) { struct ptlrpc_sec_policy *policy; int rc; - ENTRY; LASSERT(req->rq_svc_ctx); LASSERT(req->rq_svc_ctx->sc_policy); @@ -2142,7 +2125,7 @@ int sptlrpc_svc_wrap_reply(struct ptlrpc_request *req) rc = policy->sp_sops->authorize(req); LASSERT(rc || req->rq_reply_state->rs_repdata_len); - RETURN(rc); + return rc; } /** @@ -2152,7 +2135,6 @@ void sptlrpc_svc_free_rs(struct ptlrpc_reply_state *rs) { struct ptlrpc_sec_policy *policy; unsigned int prealloc; - ENTRY; LASSERT(rs->rs_svc_ctx); LASSERT(rs->rs_svc_ctx->sc_policy); @@ -2165,7 +2147,6 @@ void sptlrpc_svc_free_rs(struct ptlrpc_reply_state *rs) if (prealloc) lustre_put_emerg_rs(rs); - EXIT; } void sptlrpc_svc_ctx_addref(struct ptlrpc_request *req) @@ -2314,10 +2295,10 @@ int sptlrpc_pack_user_desc(struct lustre_msg *msg, int offset) pud = lustre_msg_buf(msg, offset, 0); - pud->pud_uid = current_uid(); - pud->pud_gid = current_gid(); - pud->pud_fsuid = current_fsuid(); - pud->pud_fsgid = current_fsgid(); + pud->pud_uid = from_kuid(&init_user_ns, current_uid()); + pud->pud_gid = from_kgid(&init_user_ns, current_gid()); + pud->pud_fsuid = from_kuid(&init_user_ns, current_fsuid()); + pud->pud_fsgid = from_kgid(&init_user_ns, current_fsgid()); pud->pud_cap = cfs_curproc_cap_pack(); pud->pud_ngroups = (msg->lm_buflens[offset] - sizeof(*pud)) / 4; |