Some cleanups and a big bug fix for ACLs. When I was reviewing Jan Kara's

ACL patch, I realized that Orangefs ACL code was busted, not just in the
 kernel module, but in the server as well. I've been working on the
 code in the server mostly, but here's one kernel patch, there
 will be more.
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJZu8QoAAoJEM9EDqnrzg2+cJIP/2A8cCLk5HZf/DU0R9AUTyZx
 +vZF0xdbesUuOkOAw5phYor31bToD8XsPKY7z/OlUjXJR09V2DukCX4YRDyrOibJ
 nTUxWk1JnCArUeefIkD8N/4EtuQ7n8mdhAeln4//vjzGKXB/BgmTNhXe3+8RTj/t
 IIVV+T99aNth4JD9K7Uux/vtoZA7kSvIbPQHRzFRr38GORJOkjB8b3mluxwjDkS/
 S2DJND/mneQSPeh7VylKGSPHTqQcv9eg83/muyEoaWcd94QT2pZx9ZEYQrZ1hKus
 1Nk1xmaJXqbJ1V+9qKJT9cxiDwE3uz5TQ6JSeB91ca50DcO/Up9EIdPMF0P13J21
 0mh5/OuiffVdBYYPIWOe2KdpXOw9aBQqQyNA2MZdk1hotW0o/FlxNx4qtuVeQpqo
 f3U0hQBQQD86nLylw6QDu5sD8Bxxx4ihM5szuHn9YlStYUgPbBdPZHsFTk2LAmp8
 71UobSnSQGaOop6pfAJXW2y7m790BwYQhK7vSozQtTLMNU7EzPItIT6oQM7pjS3M
 1Kh6a5XXwH+imbiaeLRBsfNA293eDuRhz9wsZeLnCV0Tt34bp+UG0FMfP+gceDQn
 4hFEPnzWVAQpCyJBq4AMCH/fitawQiLcqgPBjiMVOl6pnznd5MK5C4T9XfaNf5R6
 t2JWF/PS+plOa02uq4Fu
 =wR7F
 -----END PGP SIGNATURE-----

Merge tag 'for-linus-4.14-ofs2' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux

Pull orangefs updates from Mike Marshall:
 "Some cleanups and a big bug fix for ACLs.

  When I was reviewing Jan Kara's ACL patch, I realized that Orangefs
  ACL code was busted, not just in the kernel module, but in the server
  as well. I've been working on the code in the server mostly, but
  here's one kernel patch, there will be more"

* tag 'for-linus-4.14-ofs2' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux:
  orangefs: Adjust three checks for null pointers
  orangefs: Use kcalloc() in orangefs_prepare_cdm_array()
  orangefs: Delete error messages for a failed memory allocation in five functions
  orangefs: constify xattr_handler structure
  orangefs: don't call filemap_write_and_wait from fsync
  orangefs: off by ones in xattr size checks
  orangefs: documentation clean up
  orangefs: react properly to posix_acl_update_mode's aftermath.
  orangefs: Don't clear SGID when inheriting ACLs
This commit is contained in:
Linus Torvalds 2017-09-15 12:16:18 -07:00
commit 30db202e54
9 changed files with 60 additions and 63 deletions

View file

@ -45,14 +45,11 @@ upstream version of the kernel client.
BUILDING THE USERSPACE FILESYSTEM ON A SINGLE SERVER
====================================================
When Orangefs is upstream, "--with-kernel" shouldn't be needed, but
until then the path to where the kernel with the Orangefs kernel client
patch was built is needed to ensure that pvfs2-client-core (the bridge
between kernel space and user space) will build properly. You can omit
--prefix if you don't care that things are sprinkled around in
/usr/local.
You can omit --prefix if you don't care that things are sprinkled around in
/usr/local. As of version 2.9.6, Orangefs uses Berkeley DB by default, we
will probably be changing the default to lmdb soon.
./configure --prefix=/opt/ofs --with-kernel=/path/to/orangefs/kernel
./configure --prefix=/opt/ofs --with-db-backend=lmdb
make
@ -82,9 +79,6 @@ prove things are working with:
/opt/osf/bin/pvfs2-ls /mymountpoint
You might not want to enforce selinux, it doesn't seem to matter by
linux 3.11...
If stuff seems to be working, turn on the client core:
/opt/osf/sbin/pvfs2-client -p /opt/osf/sbin/pvfs2-client-core

View file

@ -35,7 +35,7 @@ struct posix_acl *orangefs_get_acl(struct inode *inode, int type)
* I don't do that for now.
*/
value = kmalloc(ORANGEFS_MAX_XATTR_VALUELEN, GFP_KERNEL);
if (value == NULL)
if (!value)
return ERR_PTR(-ENOMEM);
gossip_debug(GOSSIP_ACL_DEBUG,
@ -61,9 +61,9 @@ struct posix_acl *orangefs_get_acl(struct inode *inode, int type)
return acl;
}
int orangefs_set_acl(struct inode *inode, struct posix_acl *acl, int type)
static int __orangefs_set_acl(struct inode *inode, struct posix_acl *acl,
int type)
{
struct orangefs_inode_s *orangefs_inode = ORANGEFS_I(inode);
int error = 0;
void *value = NULL;
size_t size = 0;
@ -72,22 +72,6 @@ int orangefs_set_acl(struct inode *inode, struct posix_acl *acl, int type)
switch (type) {
case ACL_TYPE_ACCESS:
name = XATTR_NAME_POSIX_ACL_ACCESS;
if (acl) {
umode_t mode;
error = posix_acl_update_mode(inode, &mode, &acl);
if (error) {
gossip_err("%s: posix_acl_update_mode err: %d\n",
__func__,
error);
return error;
}
if (inode->i_mode != mode)
SetModeFlag(orangefs_inode);
inode->i_mode = mode;
mark_inode_dirty_sync(inode);
}
break;
case ACL_TYPE_DEFAULT:
name = XATTR_NAME_POSIX_ACL_DEFAULT;
@ -132,6 +116,42 @@ int orangefs_set_acl(struct inode *inode, struct posix_acl *acl, int type)
return error;
}
int orangefs_set_acl(struct inode *inode, struct posix_acl *acl, int type)
{
int error;
struct iattr iattr;
int rc;
if (type == ACL_TYPE_ACCESS && acl) {
/*
* posix_acl_update_mode checks to see if the permissions
* described by the ACL can be encoded into the
* object's mode. If so, it sets "acl" to NULL
* and "mode" to the new desired value. It is up to
* us to propagate the new mode back to the server...
*/
error = posix_acl_update_mode(inode, &iattr.ia_mode, &acl);
if (error) {
gossip_err("%s: posix_acl_update_mode err: %d\n",
__func__,
error);
return error;
}
if (acl) {
rc = __orangefs_set_acl(inode, acl, type);
} else {
iattr.ia_valid = ATTR_MODE;
rc = orangefs_inode_setattr(inode, &iattr);
}
return rc;
} else {
return -EINVAL;
}
}
int orangefs_init_acl(struct inode *inode, struct inode *dir)
{
struct orangefs_inode_s *orangefs_inode = ORANGEFS_I(inode);
@ -146,13 +166,14 @@ int orangefs_init_acl(struct inode *inode, struct inode *dir)
return error;
if (default_acl) {
error = orangefs_set_acl(inode, default_acl, ACL_TYPE_DEFAULT);
error = __orangefs_set_acl(inode, default_acl,
ACL_TYPE_DEFAULT);
posix_acl_release(default_acl);
}
if (acl) {
if (!error)
error = orangefs_set_acl(inode, acl, ACL_TYPE_ACCESS);
error = __orangefs_set_acl(inode, acl, ACL_TYPE_ACCESS);
posix_acl_release(acl);
}

View file

@ -461,13 +461,10 @@ static ssize_t orangefs_devreq_write_iter(struct kiocb *iocb,
if (op->downcall.type != ORANGEFS_VFS_OP_READDIR)
goto wakeup;
op->downcall.trailer_buf =
vmalloc(op->downcall.trailer_size);
if (op->downcall.trailer_buf == NULL) {
gossip_err("%s: failed trailer vmalloc.\n",
__func__);
op->downcall.trailer_buf = vmalloc(op->downcall.trailer_size);
if (!op->downcall.trailer_buf)
goto Enomem;
}
memset(op->downcall.trailer_buf, 0, op->downcall.trailer_size);
if (!copy_from_iter_full(op->downcall.trailer_buf,
op->downcall.trailer_size, iter)) {

View file

@ -646,14 +646,11 @@ static int orangefs_fsync(struct file *file,
loff_t end,
int datasync)
{
int ret = -EINVAL;
int ret;
struct orangefs_inode_s *orangefs_inode =
ORANGEFS_I(file_inode(file));
struct orangefs_kernel_op_s *new_op = NULL;
/* required call */
filemap_write_and_wait_range(file->f_mapping, start, end);
new_op = op_alloc(ORANGEFS_VFS_OP_FSYNC);
if (!new_op)
return -ENOMEM;

View file

@ -244,20 +244,14 @@ orangefs_bufmap_alloc(struct ORANGEFS_dev_map_desc *user_desc)
bufmap->buffer_index_array =
kzalloc(DIV_ROUND_UP(bufmap->desc_count, BITS_PER_LONG), GFP_KERNEL);
if (!bufmap->buffer_index_array) {
gossip_err("orangefs: could not allocate %d buffer indices\n",
bufmap->desc_count);
if (!bufmap->buffer_index_array)
goto out_free_bufmap;
}
bufmap->desc_array =
kcalloc(bufmap->desc_count, sizeof(struct orangefs_bufmap_desc),
GFP_KERNEL);
if (!bufmap->desc_array) {
gossip_err("orangefs: could not allocate %d descriptors\n",
bufmap->desc_count);
if (!bufmap->desc_array)
goto out_free_index_array;
}
bufmap->page_count = bufmap->total_size / PAGE_SIZE;

View file

@ -571,11 +571,8 @@ static int orangefs_prepare_cdm_array(char *debug_array_string)
goto out;
}
cdm_array =
kzalloc(cdm_element_count * sizeof(struct client_debug_mask),
GFP_KERNEL);
cdm_array = kcalloc(cdm_element_count, sizeof(*cdm_array), GFP_KERNEL);
if (!cdm_array) {
pr_info("malloc failed for cdm_array!\n");
rc = -ENOMEM;
goto out;
}

View file

@ -98,7 +98,6 @@ static int __init orangefs_init(void)
orangefs_htable_ops_in_progress =
kcalloc(hash_table_size, sizeof(struct list_head), GFP_KERNEL);
if (!orangefs_htable_ops_in_progress) {
gossip_err("Failed to initialize op hashtable");
ret = -ENOMEM;
goto cleanup_inode;
}

View file

@ -107,10 +107,8 @@ static struct inode *orangefs_alloc_inode(struct super_block *sb)
struct orangefs_inode_s *orangefs_inode;
orangefs_inode = kmem_cache_alloc(orangefs_inode_cache, GFP_KERNEL);
if (orangefs_inode == NULL) {
gossip_err("Failed to allocate orangefs_inode\n");
if (!orangefs_inode)
return NULL;
}
/*
* We want to clear everything except for rw_semaphore and the

View file

@ -76,7 +76,7 @@ ssize_t orangefs_inode_getxattr(struct inode *inode, const char *name,
if (S_ISLNK(inode->i_mode))
return -EOPNOTSUPP;
if (strlen(name) > ORANGEFS_MAX_XATTR_NAMELEN)
if (strlen(name) >= ORANGEFS_MAX_XATTR_NAMELEN)
return -EINVAL;
fsuid = from_kuid(&init_user_ns, current_fsuid());
@ -169,7 +169,7 @@ static int orangefs_inode_removexattr(struct inode *inode, const char *name,
struct orangefs_kernel_op_s *new_op = NULL;
int ret = -ENOMEM;
if (strlen(name) > ORANGEFS_MAX_XATTR_NAMELEN)
if (strlen(name) >= ORANGEFS_MAX_XATTR_NAMELEN)
return -EINVAL;
down_write(&orangefs_inode->xattr_sem);
@ -233,13 +233,13 @@ int orangefs_inode_setxattr(struct inode *inode, const char *name,
if (size > ORANGEFS_MAX_XATTR_VALUELEN)
return -EINVAL;
if (strlen(name) > ORANGEFS_MAX_XATTR_NAMELEN)
if (strlen(name) >= ORANGEFS_MAX_XATTR_NAMELEN)
return -EINVAL;
internal_flag = convert_to_internal_xattr_flags(flags);
/* This is equivalent to a removexattr */
if (size == 0 && value == NULL) {
if (size == 0 && !value) {
gossip_debug(GOSSIP_XATTR_DEBUG,
"removing xattr (%s)\n",
name);
@ -311,7 +311,7 @@ ssize_t orangefs_listxattr(struct dentry *dentry, char *buffer, size_t size)
int i = 0;
int returned_count = 0;
if (size > 0 && buffer == NULL) {
if (size > 0 && !buffer) {
gossip_err("%s: bogus NULL pointers\n", __func__);
return -EINVAL;
}
@ -442,7 +442,7 @@ static int orangefs_xattr_get_default(const struct xattr_handler *handler,
}
static struct xattr_handler orangefs_xattr_default_handler = {
static const struct xattr_handler orangefs_xattr_default_handler = {
.prefix = "", /* match any name => handlers called with full name */
.get = orangefs_xattr_get_default,
.set = orangefs_xattr_set_default,