aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--fs/afs/Makefile1
-rw-r--r--fs/afs/afs.h27
-rw-r--r--fs/afs/callback.c5
-rw-r--r--fs/afs/cell.c98
-rw-r--r--fs/afs/cmservice.c3
-rw-r--r--fs/afs/dir.c51
-rw-r--r--fs/afs/file.c60
-rw-r--r--fs/afs/fsclient.c9
-rw-r--r--fs/afs/inode.c21
-rw-r--r--fs/afs/internal.h106
-rw-r--r--fs/afs/mntpt.c12
-rw-r--r--fs/afs/rxrpc.c137
-rw-r--r--fs/afs/security.c345
-rw-r--r--fs/afs/super.c142
-rw-r--r--fs/afs/vlclient.c6
-rw-r--r--fs/afs/vlocation.c26
-rw-r--r--fs/afs/vnode.c25
-rw-r--r--fs/afs/volume.c109
18 files changed, 945 insertions, 238 deletions
diff --git a/fs/afs/Makefile b/fs/afs/Makefile
index 66bdc219ccde..cca198b2caed 100644
--- a/fs/afs/Makefile
+++ b/fs/afs/Makefile
@@ -15,6 +15,7 @@ kafs-objs := \
15 mntpt.o \ 15 mntpt.o \
16 proc.o \ 16 proc.o \
17 rxrpc.o \ 17 rxrpc.o \
18 security.o \
18 server.o \ 19 server.o \
19 super.o \ 20 super.o \
20 vlclient.o \ 21 vlclient.o \
diff --git a/fs/afs/afs.h b/fs/afs/afs.h
index b9d2d2ceaf43..d959092aaf4b 100644
--- a/fs/afs/afs.h
+++ b/fs/afs/afs.h
@@ -14,6 +14,9 @@
14 14
15#include <linux/in.h> 15#include <linux/in.h>
16 16
17#define AFS_MAXCELLNAME 64 /* maximum length of a cell name */
18#define AFS_MAXVOLNAME 64 /* maximum length of a volume name */
19
17typedef unsigned afs_volid_t; 20typedef unsigned afs_volid_t;
18typedef unsigned afs_vnodeid_t; 21typedef unsigned afs_vnodeid_t;
19typedef unsigned long long afs_dataversion_t; 22typedef unsigned long long afs_dataversion_t;
@@ -75,6 +78,26 @@ struct afs_volume_info {
75}; 78};
76 79
77/* 80/*
81 * AFS security ACE access mask
82 */
83typedef u32 afs_access_t;
84#define AFS_ACE_READ 0x00000001U /* - permission to read a file/dir */
85#define AFS_ACE_WRITE 0x00000002U /* - permission to write/chmod a file */
86#define AFS_ACE_INSERT 0x00000004U /* - permission to create dirent in a dir */
87#define AFS_ACE_LOOKUP 0x00000008U /* - permission to lookup a file/dir in a dir */
88#define AFS_ACE_DELETE 0x00000010U /* - permission to delete a dirent from a dir */
89#define AFS_ACE_LOCK 0x00000020U /* - permission to lock a file */
90#define AFS_ACE_ADMINISTER 0x00000040U /* - permission to change ACL */
91#define AFS_ACE_USER_A 0x01000000U /* - 'A' user-defined permission */
92#define AFS_ACE_USER_B 0x02000000U /* - 'B' user-defined permission */
93#define AFS_ACE_USER_C 0x04000000U /* - 'C' user-defined permission */
94#define AFS_ACE_USER_D 0x08000000U /* - 'D' user-defined permission */
95#define AFS_ACE_USER_E 0x10000000U /* - 'E' user-defined permission */
96#define AFS_ACE_USER_F 0x20000000U /* - 'F' user-defined permission */
97#define AFS_ACE_USER_G 0x40000000U /* - 'G' user-defined permission */
98#define AFS_ACE_USER_H 0x80000000U /* - 'H' user-defined permission */
99
100/*
78 * AFS file status information 101 * AFS file status information
79 */ 102 */
80struct afs_file_status { 103struct afs_file_status {
@@ -87,8 +110,8 @@ struct afs_file_status {
87 afs_dataversion_t data_version; /* current data version */ 110 afs_dataversion_t data_version; /* current data version */
88 unsigned author; /* author ID */ 111 unsigned author; /* author ID */
89 unsigned owner; /* owner ID */ 112 unsigned owner; /* owner ID */
90 unsigned caller_access; /* access rights for authenticated caller */ 113 afs_access_t caller_access; /* access rights for authenticated caller */
91 unsigned anon_access; /* access rights for unauthenticated caller */ 114 afs_access_t anon_access; /* access rights for unauthenticated caller */
92 umode_t mode; /* UNIX mode */ 115 umode_t mode; /* UNIX mode */
93 struct afs_fid parent; /* parent file ID */ 116 struct afs_fid parent; /* parent file ID */
94 time_t mtime_client; /* last time client changed data */ 117 time_t mtime_client; /* last time client changed data */
diff --git a/fs/afs/callback.c b/fs/afs/callback.c
index 611215547142..e674bebbb8b1 100644
--- a/fs/afs/callback.c
+++ b/fs/afs/callback.c
@@ -72,7 +72,10 @@ void afs_broken_callback_work(struct work_struct *work)
72 return; /* someone else is dealing with it */ 72 return; /* someone else is dealing with it */
73 73
74 if (test_bit(AFS_VNODE_CB_BROKEN, &vnode->flags)) { 74 if (test_bit(AFS_VNODE_CB_BROKEN, &vnode->flags)) {
75 if (afs_vnode_fetch_status(vnode) < 0) 75 if (S_ISDIR(vnode->vfs_inode.i_mode))
76 afs_clear_permits(vnode);
77
78 if (afs_vnode_fetch_status(vnode, NULL, NULL) < 0)
76 goto out; 79 goto out;
77 80
78 if (test_bit(AFS_VNODE_DELETED, &vnode->flags)) 81 if (test_bit(AFS_VNODE_DELETED, &vnode->flags))
diff --git a/fs/afs/cell.c b/fs/afs/cell.c
index 733c60246ab0..9b1311a1df51 100644
--- a/fs/afs/cell.c
+++ b/fs/afs/cell.c
@@ -11,6 +11,9 @@
11 11
12#include <linux/module.h> 12#include <linux/module.h>
13#include <linux/slab.h> 13#include <linux/slab.h>
14#include <linux/key.h>
15#include <linux/ctype.h>
16#include <keys/rxrpc-type.h>
14#include "internal.h" 17#include "internal.h"
15 18
16DECLARE_RWSEM(afs_proc_cells_sem); 19DECLARE_RWSEM(afs_proc_cells_sem);
@@ -23,45 +26,43 @@ static DECLARE_WAIT_QUEUE_HEAD(afs_cells_freeable_wq);
23static struct afs_cell *afs_cell_root; 26static struct afs_cell *afs_cell_root;
24 27
25/* 28/*
26 * create a cell record 29 * allocate a cell record and fill in its name, VL server address list and
27 * - "name" is the name of the cell 30 * allocate an anonymous key
28 * - "vllist" is a colon separated list of IP addresses in "a.b.c.d" format
29 */ 31 */
30struct afs_cell *afs_cell_create(const char *name, char *vllist) 32static struct afs_cell *afs_cell_alloc(const char *name, char *vllist)
31{ 33{
32 struct afs_cell *cell; 34 struct afs_cell *cell;
33 char *next; 35 size_t namelen;
36 char keyname[4 + AFS_MAXCELLNAME + 1], *cp, *dp, *next;
34 int ret; 37 int ret;
35 38
36 _enter("%s,%s", name, vllist); 39 _enter("%s,%s", name, vllist);
37 40
38 BUG_ON(!name); /* TODO: want to look up "this cell" in the cache */ 41 BUG_ON(!name); /* TODO: want to look up "this cell" in the cache */
39 42
43 namelen = strlen(name);
44 if (namelen > AFS_MAXCELLNAME)
45 return ERR_PTR(-ENAMETOOLONG);
46
40 /* allocate and initialise a cell record */ 47 /* allocate and initialise a cell record */
41 cell = kmalloc(sizeof(struct afs_cell) + strlen(name) + 1, GFP_KERNEL); 48 cell = kzalloc(sizeof(struct afs_cell) + namelen + 1, GFP_KERNEL);
42 if (!cell) { 49 if (!cell) {
43 _leave(" = -ENOMEM"); 50 _leave(" = -ENOMEM");
44 return ERR_PTR(-ENOMEM); 51 return ERR_PTR(-ENOMEM);
45 } 52 }
46 53
47 down_write(&afs_cells_sem); 54 memcpy(cell->name, name, namelen);
55 cell->name[namelen] = 0;
48 56
49 memset(cell, 0, sizeof(struct afs_cell));
50 atomic_set(&cell->usage, 1); 57 atomic_set(&cell->usage, 1);
51
52 INIT_LIST_HEAD(&cell->link); 58 INIT_LIST_HEAD(&cell->link);
53
54 rwlock_init(&cell->servers_lock); 59 rwlock_init(&cell->servers_lock);
55 INIT_LIST_HEAD(&cell->servers); 60 INIT_LIST_HEAD(&cell->servers);
56
57 init_rwsem(&cell->vl_sem); 61 init_rwsem(&cell->vl_sem);
58 INIT_LIST_HEAD(&cell->vl_list); 62 INIT_LIST_HEAD(&cell->vl_list);
59 spin_lock_init(&cell->vl_lock); 63 spin_lock_init(&cell->vl_lock);
60 64
61 strcpy(cell->name, name);
62
63 /* fill in the VL server list from the rest of the string */ 65 /* fill in the VL server list from the rest of the string */
64 ret = -EINVAL;
65 do { 66 do {
66 unsigned a, b, c, d; 67 unsigned a, b, c, d;
67 68
@@ -70,18 +71,73 @@ struct afs_cell *afs_cell_create(const char *name, char *vllist)
70 *next++ = 0; 71 *next++ = 0;
71 72
72 if (sscanf(vllist, "%u.%u.%u.%u", &a, &b, &c, &d) != 4) 73 if (sscanf(vllist, "%u.%u.%u.%u", &a, &b, &c, &d) != 4)
73 goto badaddr; 74 goto bad_address;
74 75
75 if (a > 255 || b > 255 || c > 255 || d > 255) 76 if (a > 255 || b > 255 || c > 255 || d > 255)
76 goto badaddr; 77 goto bad_address;
77 78
78 cell->vl_addrs[cell->vl_naddrs++].s_addr = 79 cell->vl_addrs[cell->vl_naddrs++].s_addr =
79 htonl((a << 24) | (b << 16) | (c << 8) | d); 80 htonl((a << 24) | (b << 16) | (c << 8) | d);
80 81
81 if (cell->vl_naddrs >= AFS_CELL_MAX_ADDRS) 82 } while (cell->vl_naddrs < AFS_CELL_MAX_ADDRS && (vllist = next));
82 break; 83
84 /* create a key to represent an anonymous user */
85 memcpy(keyname, "afs@", 4);
86 dp = keyname + 4;
87 cp = cell->name;
88 do {
89 *dp++ = toupper(*cp);
90 } while (*cp++);
91 cell->anonymous_key = key_alloc(&key_type_rxrpc, keyname, 0, 0, current,
92 KEY_POS_SEARCH, KEY_ALLOC_NOT_IN_QUOTA);
93 if (IS_ERR(cell->anonymous_key)) {
94 _debug("no key");
95 ret = PTR_ERR(cell->anonymous_key);
96 goto error;
97 }
98
99 ret = key_instantiate_and_link(cell->anonymous_key, NULL, 0,
100 NULL, NULL);
101 if (ret < 0) {
102 _debug("instantiate failed");
103 goto error;
104 }
105
106 _debug("anon key %p{%x}",
107 cell->anonymous_key, key_serial(cell->anonymous_key));
108
109 _leave(" = %p", cell);
110 return cell;
111
112bad_address:
113 printk(KERN_ERR "kAFS: bad VL server IP address\n");
114 ret = -EINVAL;
115error:
116 key_put(cell->anonymous_key);
117 kfree(cell);
118 _leave(" = %d", ret);
119 return ERR_PTR(ret);
120}
83 121
84 } while ((vllist = next)); 122/*
123 * create a cell record
124 * - "name" is the name of the cell
125 * - "vllist" is a colon separated list of IP addresses in "a.b.c.d" format
126 */
127struct afs_cell *afs_cell_create(const char *name, char *vllist)
128{
129 struct afs_cell *cell;
130 int ret;
131
132 _enter("%s,%s", name, vllist);
133
134 cell = afs_cell_alloc(name, vllist);
135 if (IS_ERR(cell)) {
136 _leave(" = %ld", PTR_ERR(cell));
137 return cell;
138 }
139
140 down_write(&afs_cells_sem);
85 141
86 /* add a proc directory for this cell */ 142 /* add a proc directory for this cell */
87 ret = afs_proc_cell_setup(cell); 143 ret = afs_proc_cell_setup(cell);
@@ -109,10 +165,9 @@ struct afs_cell *afs_cell_create(const char *name, char *vllist)
109 _leave(" = %p", cell); 165 _leave(" = %p", cell);
110 return cell; 166 return cell;
111 167
112badaddr:
113 printk(KERN_ERR "kAFS: bad VL server IP address\n");
114error: 168error:
115 up_write(&afs_cells_sem); 169 up_write(&afs_cells_sem);
170 key_put(cell->anonymous_key);
116 kfree(cell); 171 kfree(cell);
117 _leave(" = %d", ret); 172 _leave(" = %d", ret);
118 return ERR_PTR(ret); 173 return ERR_PTR(ret);
@@ -301,6 +356,7 @@ static void afs_cell_destroy(struct afs_cell *cell)
301 cachefs_relinquish_cookie(cell->cache, 0); 356 cachefs_relinquish_cookie(cell->cache, 0);
302#endif 357#endif
303 358
359 key_put(cell->anonymous_key);
304 kfree(cell); 360 kfree(cell);
305 361
306 _leave(" [destroyed]"); 362 _leave(" [destroyed]");
diff --git a/fs/afs/cmservice.c b/fs/afs/cmservice.c
index c7141175391b..c3ec57a237bf 100644
--- a/fs/afs/cmservice.c
+++ b/fs/afs/cmservice.c
@@ -28,6 +28,7 @@ static void afs_cm_destructor(struct afs_call *);
28 * CB.CallBack operation type 28 * CB.CallBack operation type
29 */ 29 */
30static const struct afs_call_type afs_SRXCBCallBack = { 30static const struct afs_call_type afs_SRXCBCallBack = {
31 .name = "CB.CallBack",
31 .deliver = afs_deliver_cb_callback, 32 .deliver = afs_deliver_cb_callback,
32 .abort_to_error = afs_abort_to_error, 33 .abort_to_error = afs_abort_to_error,
33 .destructor = afs_cm_destructor, 34 .destructor = afs_cm_destructor,
@@ -37,6 +38,7 @@ static const struct afs_call_type afs_SRXCBCallBack = {
37 * CB.InitCallBackState operation type 38 * CB.InitCallBackState operation type
38 */ 39 */
39static const struct afs_call_type afs_SRXCBInitCallBackState = { 40static const struct afs_call_type afs_SRXCBInitCallBackState = {
41 .name = "CB.InitCallBackState",
40 .deliver = afs_deliver_cb_init_call_back_state, 42 .deliver = afs_deliver_cb_init_call_back_state,
41 .abort_to_error = afs_abort_to_error, 43 .abort_to_error = afs_abort_to_error,
42 .destructor = afs_cm_destructor, 44 .destructor = afs_cm_destructor,
@@ -46,6 +48,7 @@ static const struct afs_call_type afs_SRXCBInitCallBackState = {
46 * CB.Probe operation type 48 * CB.Probe operation type
47 */ 49 */
48static const struct afs_call_type afs_SRXCBProbe = { 50static const struct afs_call_type afs_SRXCBProbe = {
51 .name = "CB.Probe",
49 .deliver = afs_deliver_cb_probe, 52 .deliver = afs_deliver_cb_probe,
50 .abort_to_error = afs_abort_to_error, 53 .abort_to_error = afs_abort_to_error,
51 .destructor = afs_cm_destructor, 54 .destructor = afs_cm_destructor,
diff --git a/fs/afs/dir.c b/fs/afs/dir.c
index d7697f6f3b7f..87368417e4d3 100644
--- a/fs/afs/dir.c
+++ b/fs/afs/dir.c
@@ -15,6 +15,7 @@
15#include <linux/slab.h> 15#include <linux/slab.h>
16#include <linux/fs.h> 16#include <linux/fs.h>
17#include <linux/pagemap.h> 17#include <linux/pagemap.h>
18#include <linux/ctype.h>
18#include "internal.h" 19#include "internal.h"
19 20
20static struct dentry *afs_dir_lookup(struct inode *dir, struct dentry *dentry, 21static struct dentry *afs_dir_lookup(struct inode *dir, struct dentry *dentry,
@@ -28,11 +29,13 @@ static int afs_dir_lookup_filldir(void *_cookie, const char *name, int nlen,
28 29
29const struct file_operations afs_dir_file_operations = { 30const struct file_operations afs_dir_file_operations = {
30 .open = afs_dir_open, 31 .open = afs_dir_open,
32 .release = afs_release,
31 .readdir = afs_dir_readdir, 33 .readdir = afs_dir_readdir,
32}; 34};
33 35
34const struct inode_operations afs_dir_inode_operations = { 36const struct inode_operations afs_dir_inode_operations = {
35 .lookup = afs_dir_lookup, 37 .lookup = afs_dir_lookup,
38 .permission = afs_permission,
36 .getattr = afs_inode_getattr, 39 .getattr = afs_inode_getattr,
37#if 0 /* TODO */ 40#if 0 /* TODO */
38 .create = afs_dir_create, 41 .create = afs_dir_create,
@@ -169,13 +172,17 @@ static inline void afs_dir_put_page(struct page *page)
169/* 172/*
170 * get a page into the pagecache 173 * get a page into the pagecache
171 */ 174 */
172static struct page *afs_dir_get_page(struct inode *dir, unsigned long index) 175static struct page *afs_dir_get_page(struct inode *dir, unsigned long index,
176 struct key *key)
173{ 177{
174 struct page *page; 178 struct page *page;
179 struct file file = {
180 .private_data = key,
181 };
175 182
176 _enter("{%lu},%lu", dir->i_ino, index); 183 _enter("{%lu},%lu", dir->i_ino, index);
177 184
178 page = read_mapping_page(dir->i_mapping, index, NULL); 185 page = read_mapping_page(dir->i_mapping, index, &file);
179 if (!IS_ERR(page)) { 186 if (!IS_ERR(page)) {
180 wait_on_page_locked(page); 187 wait_on_page_locked(page);
181 kmap(page); 188 kmap(page);
@@ -207,8 +214,7 @@ static int afs_dir_open(struct inode *inode, struct file *file)
207 if (test_bit(AFS_VNODE_DELETED, &AFS_FS_I(inode)->flags)) 214 if (test_bit(AFS_VNODE_DELETED, &AFS_FS_I(inode)->flags))
208 return -ENOENT; 215 return -ENOENT;
209 216
210 _leave(" = 0"); 217 return afs_open(inode, file);
211 return 0;
212} 218}
213 219
214/* 220/*
@@ -311,7 +317,7 @@ static int afs_dir_iterate_block(unsigned *fpos,
311 * iterate through the data blob that lists the contents of an AFS directory 317 * iterate through the data blob that lists the contents of an AFS directory
312 */ 318 */
313static int afs_dir_iterate(struct inode *dir, unsigned *fpos, void *cookie, 319static int afs_dir_iterate(struct inode *dir, unsigned *fpos, void *cookie,
314 filldir_t filldir) 320 filldir_t filldir, struct key *key)
315{ 321{
316 union afs_dir_block *dblock; 322 union afs_dir_block *dblock;
317 struct afs_dir_page *dbuf; 323 struct afs_dir_page *dbuf;
@@ -336,7 +342,7 @@ static int afs_dir_iterate(struct inode *dir, unsigned *fpos, void *cookie,
336 blkoff = *fpos & ~(sizeof(union afs_dir_block) - 1); 342 blkoff = *fpos & ~(sizeof(union afs_dir_block) - 1);
337 343
338 /* fetch the appropriate page from the directory */ 344 /* fetch the appropriate page from the directory */
339 page = afs_dir_get_page(dir, blkoff / PAGE_SIZE); 345 page = afs_dir_get_page(dir, blkoff / PAGE_SIZE, key);
340 if (IS_ERR(page)) { 346 if (IS_ERR(page)) {
341 ret = PTR_ERR(page); 347 ret = PTR_ERR(page);
342 break; 348 break;
@@ -381,9 +387,11 @@ static int afs_dir_readdir(struct file *file, void *cookie, filldir_t filldir)
381 _enter("{%Ld,{%lu}}", 387 _enter("{%Ld,{%lu}}",
382 file->f_pos, file->f_path.dentry->d_inode->i_ino); 388 file->f_pos, file->f_path.dentry->d_inode->i_ino);
383 389
390 ASSERT(file->private_data != NULL);
391
384 fpos = file->f_pos; 392 fpos = file->f_pos;
385 ret = afs_dir_iterate(file->f_path.dentry->d_inode, &fpos, 393 ret = afs_dir_iterate(file->f_path.dentry->d_inode, &fpos,
386 cookie, filldir); 394 cookie, filldir, file->private_data);
387 file->f_pos = fpos; 395 file->f_pos = fpos;
388 396
389 _leave(" = %d", ret); 397 _leave(" = %d", ret);
@@ -424,7 +432,7 @@ static int afs_dir_lookup_filldir(void *_cookie, const char *name, int nlen,
424 * do a lookup in a directory 432 * do a lookup in a directory
425 */ 433 */
426static int afs_do_lookup(struct inode *dir, struct dentry *dentry, 434static int afs_do_lookup(struct inode *dir, struct dentry *dentry,
427 struct afs_fid *fid) 435 struct afs_fid *fid, struct key *key)
428{ 436{
429 struct afs_dir_lookup_cookie cookie; 437 struct afs_dir_lookup_cookie cookie;
430 struct afs_super_info *as; 438 struct afs_super_info *as;
@@ -442,7 +450,8 @@ static int afs_do_lookup(struct inode *dir, struct dentry *dentry,
442 cookie.found = 0; 450 cookie.found = 0;
443 451
444 fpos = 0; 452 fpos = 0;
445 ret = afs_dir_iterate(dir, &fpos, &cookie, afs_dir_lookup_filldir); 453 ret = afs_dir_iterate(dir, &fpos, &cookie, afs_dir_lookup_filldir,
454 key);
446 if (ret < 0) { 455 if (ret < 0) {
447 _leave(" = %d [iter]", ret); 456 _leave(" = %d [iter]", ret);
448 return ret; 457 return ret;
@@ -468,6 +477,7 @@ static struct dentry *afs_dir_lookup(struct inode *dir, struct dentry *dentry,
468 struct afs_vnode *vnode; 477 struct afs_vnode *vnode;
469 struct afs_fid fid; 478 struct afs_fid fid;
470 struct inode *inode; 479 struct inode *inode;
480 struct key *key;
471 int ret; 481 int ret;
472 482
473 _enter("{%lu},%p{%s}", dir->i_ino, dentry, dentry->d_name.name); 483 _enter("{%lu},%p{%s}", dir->i_ino, dentry, dentry->d_name.name);
@@ -483,14 +493,22 @@ static struct dentry *afs_dir_lookup(struct inode *dir, struct dentry *dentry,
483 return ERR_PTR(-ESTALE); 493 return ERR_PTR(-ESTALE);
484 } 494 }
485 495
486 ret = afs_do_lookup(dir, dentry, &fid); 496 key = afs_request_key(vnode->volume->cell);
497 if (IS_ERR(key)) {
498 _leave(" = %ld [key]", PTR_ERR(key));
499 return ERR_PTR(PTR_ERR(key));
500 }
501
502 ret = afs_do_lookup(dir, dentry, &fid, key);
487 if (ret < 0) { 503 if (ret < 0) {
504 key_put(key);
488 _leave(" = %d [do]", ret); 505 _leave(" = %d [do]", ret);
489 return ERR_PTR(ret); 506 return ERR_PTR(ret);
490 } 507 }
491 508
492 /* instantiate the dentry */ 509 /* instantiate the dentry */
493 inode = afs_iget(dir->i_sb, &fid); 510 inode = afs_iget(dir->i_sb, key, &fid);
511 key_put(key);
494 if (IS_ERR(inode)) { 512 if (IS_ERR(inode)) {
495 _leave(" = %ld", PTR_ERR(inode)); 513 _leave(" = %ld", PTR_ERR(inode));
496 return ERR_PTR(PTR_ERR(inode)); 514 return ERR_PTR(PTR_ERR(inode));
@@ -559,6 +577,7 @@ static int afs_d_revalidate(struct dentry *dentry, struct nameidata *nd)
559 struct afs_fid fid; 577 struct afs_fid fid;
560 struct dentry *parent; 578 struct dentry *parent;
561 struct inode *inode, *dir; 579 struct inode *inode, *dir;
580 struct key *key;
562 int ret; 581 int ret;
563 582
564 vnode = AFS_FS_I(dentry->d_inode); 583 vnode = AFS_FS_I(dentry->d_inode);
@@ -566,6 +585,10 @@ static int afs_d_revalidate(struct dentry *dentry, struct nameidata *nd)
566 _enter("{sb=%p n=%s fl=%lx},", 585 _enter("{sb=%p n=%s fl=%lx},",
567 dentry->d_sb, dentry->d_name.name, vnode->flags); 586 dentry->d_sb, dentry->d_name.name, vnode->flags);
568 587
588 key = afs_request_key(vnode->volume->cell);
589 if (IS_ERR(key))
590 key = NULL;
591
569 /* lock down the parent dentry so we can peer at it */ 592 /* lock down the parent dentry so we can peer at it */
570 parent = dget_parent(dentry); 593 parent = dget_parent(dentry);
571 594
@@ -595,7 +618,7 @@ static int afs_d_revalidate(struct dentry *dentry, struct nameidata *nd)
595 _debug("dir modified"); 618 _debug("dir modified");
596 619
597 /* search the directory for this vnode */ 620 /* search the directory for this vnode */
598 ret = afs_do_lookup(dir, dentry, &fid); 621 ret = afs_do_lookup(dir, dentry, &fid, key);
599 if (ret == -ENOENT) { 622 if (ret == -ENOENT) {
600 _debug("%s: dirent not found", dentry->d_name.name); 623 _debug("%s: dirent not found", dentry->d_name.name);
601 goto not_found; 624 goto not_found;
@@ -637,7 +660,7 @@ static int afs_d_revalidate(struct dentry *dentry, struct nameidata *nd)
637 test_bit(AFS_VNODE_CB_BROKEN, &vnode->flags)) { 660 test_bit(AFS_VNODE_CB_BROKEN, &vnode->flags)) {
638 _debug("%s: changed", dentry->d_name.name); 661 _debug("%s: changed", dentry->d_name.name);
639 set_bit(AFS_VNODE_CB_BROKEN, &vnode->flags); 662 set_bit(AFS_VNODE_CB_BROKEN, &vnode->flags);
640 if (afs_vnode_fetch_status(vnode) < 0) { 663 if (afs_vnode_fetch_status(vnode, NULL, key) < 0) {
641 mutex_unlock(&vnode->cb_broken_lock); 664 mutex_unlock(&vnode->cb_broken_lock);
642 goto out_bad; 665 goto out_bad;
643 } 666 }
@@ -667,6 +690,7 @@ static int afs_d_revalidate(struct dentry *dentry, struct nameidata *nd)
667 690
668out_valid: 691out_valid:
669 dput(parent); 692 dput(parent);
693 key_put(key);
670 _leave(" = 1 [valid]"); 694 _leave(" = 1 [valid]");
671 return 1; 695 return 1;
672 696
@@ -688,6 +712,7 @@ out_bad:
688 shrink_dcache_parent(dentry); 712 shrink_dcache_parent(dentry);
689 d_drop(dentry); 713 d_drop(dentry);
690 dput(parent); 714 dput(parent);
715 key_put(key);
691 716
692 _leave(" = 0 [bad]"); 717 _leave(" = 0 [bad]");
693 return 0; 718 return 0;
diff --git a/fs/afs/file.c b/fs/afs/file.c
index 6990327e75dd..101bbb8c0d8b 100644
--- a/fs/afs/file.c
+++ b/fs/afs/file.c
@@ -17,17 +17,23 @@
17#include <linux/pagemap.h> 17#include <linux/pagemap.h>
18#include "internal.h" 18#include "internal.h"
19 19
20#if 0
21static int afs_file_open(struct inode *inode, struct file *file);
22static int afs_file_release(struct inode *inode, struct file *file);
23#endif
24
25static int afs_file_readpage(struct file *file, struct page *page); 20static int afs_file_readpage(struct file *file, struct page *page);
26static void afs_file_invalidatepage(struct page *page, unsigned long offset); 21static void afs_file_invalidatepage(struct page *page, unsigned long offset);
27static int afs_file_releasepage(struct page *page, gfp_t gfp_flags); 22static int afs_file_releasepage(struct page *page, gfp_t gfp_flags);
28 23
24const struct file_operations afs_file_operations = {
25 .open = afs_open,
26 .release = afs_release,
27 .llseek = generic_file_llseek,
28 .read = do_sync_read,
29 .aio_read = generic_file_aio_read,
30 .mmap = generic_file_readonly_mmap,
31 .sendfile = generic_file_sendfile,
32};
33
29const struct inode_operations afs_file_inode_operations = { 34const struct inode_operations afs_file_inode_operations = {
30 .getattr = afs_inode_getattr, 35 .getattr = afs_inode_getattr,
36 .permission = afs_permission,
31}; 37};
32 38
33const struct address_space_operations afs_fs_aops = { 39const struct address_space_operations afs_fs_aops = {
@@ -38,6 +44,41 @@ const struct address_space_operations afs_fs_aops = {
38}; 44};
39 45
40/* 46/*
47 * open an AFS file or directory and attach a key to it
48 */
49int afs_open(struct inode *inode, struct file *file)
50{
51 struct afs_vnode *vnode = AFS_FS_I(inode);
52 struct key *key;
53
54 _enter("{%x:%x},", vnode->fid.vid, vnode->fid.vnode);
55
56 key = afs_request_key(vnode->volume->cell);
57 if (IS_ERR(key)) {
58 _leave(" = %ld [key]", PTR_ERR(key));
59 return PTR_ERR(key);
60 }
61
62 file->private_data = key;
63 _leave(" = 0");
64 return 0;
65}
66
67/*
68 * release an AFS file or directory and discard its key
69 */
70int afs_release(struct inode *inode, struct file *file)
71{
72 struct afs_vnode *vnode = AFS_FS_I(inode);
73
74 _enter("{%x:%x},", vnode->fid.vid, vnode->fid.vnode);
75
76 key_put(file->private_data);
77 _leave(" = 0");
78 return 0;
79}
80
81/*
41 * deal with notification that a page was read from the cache 82 * deal with notification that a page was read from the cache
42 */ 83 */
43#ifdef AFS_CACHING_SUPPORT 84#ifdef AFS_CACHING_SUPPORT
@@ -79,13 +120,18 @@ static int afs_file_readpage(struct file *file, struct page *page)
79{ 120{
80 struct afs_vnode *vnode; 121 struct afs_vnode *vnode;
81 struct inode *inode; 122 struct inode *inode;
123 struct key *key;
82 size_t len; 124 size_t len;
83 off_t offset; 125 off_t offset;
84 int ret; 126 int ret;
85 127
86 inode = page->mapping->host; 128 inode = page->mapping->host;
87 129
88 _enter("{%lu},{%lu}", inode->i_ino, page->index); 130 ASSERT(file != NULL);
131 key = file->private_data;
132 ASSERT(key != NULL);
133
134 _enter("{%x},{%lu},{%lu}", key_serial(key), inode->i_ino, page->index);
89 135
90 vnode = AFS_FS_I(inode); 136 vnode = AFS_FS_I(inode);
91 137
@@ -124,7 +170,7 @@ static int afs_file_readpage(struct file *file, struct page *page)
124 170
125 /* read the contents of the file from the server into the 171 /* read the contents of the file from the server into the
126 * page */ 172 * page */
127 ret = afs_vnode_fetch_data(vnode, offset, len, page); 173 ret = afs_vnode_fetch_data(vnode, key, offset, len, page);
128 if (ret < 0) { 174 if (ret < 0) {
129 if (ret == -ENOENT) { 175 if (ret == -ENOENT) {
130 _debug("got NOENT from server" 176 _debug("got NOENT from server"
diff --git a/fs/afs/fsclient.c b/fs/afs/fsclient.c
index 167ca615c2e6..321b489aa90f 100644
--- a/fs/afs/fsclient.c
+++ b/fs/afs/fsclient.c
@@ -148,6 +148,7 @@ static int afs_deliver_fs_fetch_status(struct afs_call *call,
148 * FS.FetchStatus operation type 148 * FS.FetchStatus operation type
149 */ 149 */
150static const struct afs_call_type afs_RXFSFetchStatus = { 150static const struct afs_call_type afs_RXFSFetchStatus = {
151 .name = "FS.FetchStatus",
151 .deliver = afs_deliver_fs_fetch_status, 152 .deliver = afs_deliver_fs_fetch_status,
152 .abort_to_error = afs_abort_to_error, 153 .abort_to_error = afs_abort_to_error,
153 .destructor = afs_flat_call_destructor, 154 .destructor = afs_flat_call_destructor,
@@ -157,6 +158,7 @@ static const struct afs_call_type afs_RXFSFetchStatus = {
157 * fetch the status information for a file 158 * fetch the status information for a file
158 */ 159 */
159int afs_fs_fetch_file_status(struct afs_server *server, 160int afs_fs_fetch_file_status(struct afs_server *server,
161 struct key *key,
160 struct afs_vnode *vnode, 162 struct afs_vnode *vnode,
161 struct afs_volsync *volsync, 163 struct afs_volsync *volsync,
162 const struct afs_wait_mode *wait_mode) 164 const struct afs_wait_mode *wait_mode)
@@ -164,12 +166,13 @@ int afs_fs_fetch_file_status(struct afs_server *server,
164 struct afs_call *call; 166 struct afs_call *call;
165 __be32 *bp; 167 __be32 *bp;
166 168
167 _enter(""); 169 _enter(",%x,,,", key_serial(key));
168 170
169 call = afs_alloc_flat_call(&afs_RXFSFetchStatus, 16, 120); 171 call = afs_alloc_flat_call(&afs_RXFSFetchStatus, 16, 120);
170 if (!call) 172 if (!call)
171 return -ENOMEM; 173 return -ENOMEM;
172 174
175 call->key = key;
173 call->reply = vnode; 176 call->reply = vnode;
174 call->reply2 = volsync; 177 call->reply2 = volsync;
175 call->service_id = FS_SERVICE; 178 call->service_id = FS_SERVICE;
@@ -279,6 +282,7 @@ static int afs_deliver_fs_fetch_data(struct afs_call *call,
279 * FS.FetchData operation type 282 * FS.FetchData operation type
280 */ 283 */
281static const struct afs_call_type afs_RXFSFetchData = { 284static const struct afs_call_type afs_RXFSFetchData = {
285 .name = "FS.FetchData",
282 .deliver = afs_deliver_fs_fetch_data, 286 .deliver = afs_deliver_fs_fetch_data,
283 .abort_to_error = afs_abort_to_error, 287 .abort_to_error = afs_abort_to_error,
284 .destructor = afs_flat_call_destructor, 288 .destructor = afs_flat_call_destructor,
@@ -288,6 +292,7 @@ static const struct afs_call_type afs_RXFSFetchData = {
288 * fetch data from a file 292 * fetch data from a file
289 */ 293 */
290int afs_fs_fetch_data(struct afs_server *server, 294int afs_fs_fetch_data(struct afs_server *server,
295 struct key *key,
291 struct afs_vnode *vnode, 296 struct afs_vnode *vnode,
292 off_t offset, size_t length, 297 off_t offset, size_t length,
293 struct page *buffer, 298 struct page *buffer,
@@ -303,6 +308,7 @@ int afs_fs_fetch_data(struct afs_server *server,
303 if (!call) 308 if (!call)
304 return -ENOMEM; 309 return -ENOMEM;
305 310
311 call->key = key;
306 call->reply = vnode; 312 call->reply = vnode;
307 call->reply2 = volsync; 313 call->reply2 = volsync;
308 call->reply3 = buffer; 314 call->reply3 = buffer;
@@ -338,6 +344,7 @@ static int afs_deliver_fs_give_up_callbacks(struct afs_call *call,
338 * FS.GiveUpCallBacks operation type 344 * FS.GiveUpCallBacks operation type
339 */ 345 */
340static const struct afs_call_type afs_RXFSGiveUpCallBacks = { 346static const struct afs_call_type afs_RXFSGiveUpCallBacks = {
347 .name = "FS.GiveUpCallBacks",
341 .deliver = afs_deliver_fs_give_up_callbacks, 348 .deliver = afs_deliver_fs_give_up_callbacks,
342 .abort_to_error = afs_abort_to_error, 349 .abort_to_error = afs_abort_to_error,
343 .destructor = afs_flat_call_destructor, 350 .destructor = afs_flat_call_destructor,
diff --git a/fs/afs/inode.c b/fs/afs/inode.c
index 18863315211f..227336228299 100644
--- a/fs/afs/inode.c
+++ b/fs/afs/inode.c
@@ -29,7 +29,7 @@ struct afs_iget_data {
29/* 29/*
30 * map the AFS file status to the inode member variables 30 * map the AFS file status to the inode member variables
31 */ 31 */
32static int afs_inode_map_status(struct afs_vnode *vnode) 32static int afs_inode_map_status(struct afs_vnode *vnode, struct key *key)
33{ 33{
34 struct inode *inode = AFS_VNODE_TO_I(vnode); 34 struct inode *inode = AFS_VNODE_TO_I(vnode);
35 35
@@ -44,7 +44,7 @@ static int afs_inode_map_status(struct afs_vnode *vnode)
44 case AFS_FTYPE_FILE: 44 case AFS_FTYPE_FILE:
45 inode->i_mode = S_IFREG | vnode->status.mode; 45 inode->i_mode = S_IFREG | vnode->status.mode;
46 inode->i_op = &afs_file_inode_operations; 46 inode->i_op = &afs_file_inode_operations;
47 inode->i_fop = &generic_ro_fops; 47 inode->i_fop = &afs_file_operations;
48 break; 48 break;
49 case AFS_FTYPE_DIR: 49 case AFS_FTYPE_DIR:
50 inode->i_mode = S_IFDIR | vnode->status.mode; 50 inode->i_mode = S_IFDIR | vnode->status.mode;
@@ -73,7 +73,7 @@ static int afs_inode_map_status(struct afs_vnode *vnode)
73 73
74 /* check to see whether a symbolic link is really a mountpoint */ 74 /* check to see whether a symbolic link is really a mountpoint */
75 if (vnode->status.type == AFS_FTYPE_SYMLINK) { 75 if (vnode->status.type == AFS_FTYPE_SYMLINK) {
76 afs_mntpt_check_symlink(vnode); 76 afs_mntpt_check_symlink(vnode, key);
77 77
78 if (test_bit(AFS_VNODE_MOUNTPOINT, &vnode->flags)) { 78 if (test_bit(AFS_VNODE_MOUNTPOINT, &vnode->flags)) {
79 inode->i_mode = S_IFDIR | vnode->status.mode; 79 inode->i_mode = S_IFDIR | vnode->status.mode;
@@ -115,7 +115,8 @@ static int afs_iget5_set(struct inode *inode, void *opaque)
115/* 115/*
116 * inode retrieval 116 * inode retrieval
117 */ 117 */
118inline struct inode *afs_iget(struct super_block *sb, struct afs_fid *fid) 118inline struct inode *afs_iget(struct super_block *sb, struct key *key,
119 struct afs_fid *fid)
119{ 120{
120 struct afs_iget_data data = { .fid = *fid }; 121 struct afs_iget_data data = { .fid = *fid };
121 struct afs_super_info *as; 122 struct afs_super_info *as;
@@ -157,10 +158,10 @@ inline struct inode *afs_iget(struct super_block *sb, struct afs_fid *fid)
157 158
158 /* okay... it's a new inode */ 159 /* okay... it's a new inode */
159 set_bit(AFS_VNODE_CB_BROKEN, &vnode->flags); 160 set_bit(AFS_VNODE_CB_BROKEN, &vnode->flags);
160 ret = afs_vnode_fetch_status(vnode); 161 ret = afs_vnode_fetch_status(vnode, NULL, key);
161 if (ret < 0) 162 if (ret < 0)
162 goto bad_inode; 163 goto bad_inode;
163 ret = afs_inode_map_status(vnode); 164 ret = afs_inode_map_status(vnode, key);
164 if (ret < 0) 165 if (ret < 0)
165 goto bad_inode; 166 goto bad_inode;
166 167
@@ -201,6 +202,7 @@ int afs_inode_getattr(struct vfsmount *mnt, struct dentry *dentry,
201 */ 202 */
202void afs_clear_inode(struct inode *inode) 203void afs_clear_inode(struct inode *inode)
203{ 204{
205 struct afs_permits *permits;
204 struct afs_vnode *vnode; 206 struct afs_vnode *vnode;
205 207
206 vnode = AFS_FS_I(inode); 208 vnode = AFS_FS_I(inode);
@@ -233,5 +235,12 @@ void afs_clear_inode(struct inode *inode)
233 vnode->cache = NULL; 235 vnode->cache = NULL;
234#endif 236#endif
235 237
238 mutex_lock(&vnode->permits_lock);
239 permits = vnode->permits;
240 rcu_assign_pointer(vnode->permits, NULL);
241 mutex_unlock(&vnode->permits_lock);
242 if (permits)
243 call_rcu(&permits->rcu, afs_zap_permits);
244
236 _leave(""); 245 _leave("");
237} 246}
diff --git a/fs/afs/internal.h b/fs/afs/internal.h
index afc6f0f30259..8bed2429d01f 100644
--- a/fs/afs/internal.h
+++ b/fs/afs/internal.h
@@ -15,6 +15,7 @@
15#include <linux/pagemap.h> 15#include <linux/pagemap.h>
16#include <linux/skbuff.h> 16#include <linux/skbuff.h>
17#include <linux/rxrpc.h> 17#include <linux/rxrpc.h>
18#include <linux/key.h>
18#include "afs.h" 19#include "afs.h"
19#include "afs_vl.h" 20#include "afs_vl.h"
20 21
@@ -32,6 +33,17 @@ typedef enum {
32 AFS_VL_UNCERTAIN, /* uncertain state (update failed) */ 33 AFS_VL_UNCERTAIN, /* uncertain state (update failed) */
33} __attribute__((packed)) afs_vlocation_state_t; 34} __attribute__((packed)) afs_vlocation_state_t;
34 35
36struct afs_mount_params {
37 bool rwpath; /* T if the parent should be considered R/W */
38 bool force; /* T to force cell type */
39 afs_voltype_t type; /* type of volume requested */
40 int volnamesz; /* size of volume name */
41 const char *volname; /* name of volume to mount */
42 struct afs_cell *cell; /* cell in which to find volume */
43 struct afs_volume *volume; /* volume record */
44 struct key *key; /* key to use for secure mounting */
45};
46
35/* 47/*
36 * definition of how to wait for the completion of an operation 48 * definition of how to wait for the completion of an operation
37 */ 49 */
@@ -95,6 +107,8 @@ struct afs_call {
95}; 107};
96 108
97struct afs_call_type { 109struct afs_call_type {
110 const char *name;
111
98 /* deliver request or reply data to an call 112 /* deliver request or reply data to an call
99 * - returning an error will cause the call to be aborted 113 * - returning an error will cause the call to be aborted
100 */ 114 */
@@ -128,8 +142,8 @@ extern struct file_system_type afs_fs_type;
128 * entry in the cached cell catalogue 142 * entry in the cached cell catalogue
129 */ 143 */
130struct afs_cache_cell { 144struct afs_cache_cell {
131 char name[64]; /* cell name (padded with NULs) */ 145 char name[AFS_MAXCELLNAME]; /* cell name (padded with NULs) */
132 struct in_addr vl_servers[15]; /* cached cell VL servers */ 146 struct in_addr vl_servers[15]; /* cached cell VL servers */
133}; 147};
134 148
135/* 149/*
@@ -138,6 +152,7 @@ struct afs_cache_cell {
138struct afs_cell { 152struct afs_cell {
139 atomic_t usage; 153 atomic_t usage;
140 struct list_head link; /* main cell list link */ 154 struct list_head link; /* main cell list link */
155 struct key *anonymous_key; /* anonymous user key for this cell */
141 struct list_head proc_link; /* /proc cell list link */ 156 struct list_head proc_link; /* /proc cell list link */
142 struct proc_dir_entry *proc_dir; /* /proc dir for this cell */ 157 struct proc_dir_entry *proc_dir; /* /proc dir for this cell */
143#ifdef AFS_CACHING_SUPPORT 158#ifdef AFS_CACHING_SUPPORT
@@ -163,7 +178,9 @@ struct afs_cell {
163 * entry in the cached volume location catalogue 178 * entry in the cached volume location catalogue
164 */ 179 */
165struct afs_cache_vlocation { 180struct afs_cache_vlocation {
166 uint8_t name[64 + 1]; /* volume name (lowercase, padded with NULs) */ 181 /* volume name (lowercase, padded with NULs) */
182 uint8_t name[AFS_MAXVOLNAME + 1];
183
167 uint8_t nservers; /* number of entries used in servers[] */ 184 uint8_t nservers; /* number of entries used in servers[] */
168 uint8_t vidmask; /* voltype mask for vid[] */ 185 uint8_t vidmask; /* voltype mask for vid[] */
169 uint8_t srvtmask[8]; /* voltype masks for servers[] */ 186 uint8_t srvtmask[8]; /* voltype masks for servers[] */
@@ -281,7 +298,8 @@ struct afs_vnode {
281#ifdef AFS_CACHING_SUPPORT 298#ifdef AFS_CACHING_SUPPORT
282 struct cachefs_cookie *cache; /* caching cookie */ 299 struct cachefs_cookie *cache; /* caching cookie */
283#endif 300#endif
284 301 struct afs_permits *permits; /* cache of permits so far obtained */
302 struct mutex permits_lock; /* lock for altering permits list */
285 wait_queue_head_t update_waitq; /* status fetch waitqueue */ 303 wait_queue_head_t update_waitq; /* status fetch waitqueue */
286 unsigned update_cnt; /* number of outstanding ops that will update the 304 unsigned update_cnt; /* number of outstanding ops that will update the
287 * status */ 305 * status */
@@ -296,12 +314,13 @@ struct afs_vnode {
296#define AFS_VNODE_DIR_CHANGED 6 /* set if vnode's parent dir metadata changed */ 314#define AFS_VNODE_DIR_CHANGED 6 /* set if vnode's parent dir metadata changed */
297#define AFS_VNODE_DIR_MODIFIED 7 /* set if vnode's parent dir data modified */ 315#define AFS_VNODE_DIR_MODIFIED 7 /* set if vnode's parent dir data modified */
298 316
317 long acl_order; /* ACL check count (callback break count) */
318
299 /* outstanding callback notification on this file */ 319 /* outstanding callback notification on this file */
300 struct rb_node server_rb; /* link in server->fs_vnodes */ 320 struct rb_node server_rb; /* link in server->fs_vnodes */
301 struct rb_node cb_promise; /* link in server->cb_promises */ 321 struct rb_node cb_promise; /* link in server->cb_promises */
302 struct work_struct cb_broken_work; /* work to be done on callback break */ 322 struct work_struct cb_broken_work; /* work to be done on callback break */
303 struct mutex cb_broken_lock; /* lock against multiple attempts to fix break */ 323 struct mutex cb_broken_lock; /* lock against multiple attempts to fix break */
304// struct list_head cb_hash_link; /* link in master callback hash */
305 time_t cb_expires; /* time at which callback expires */ 324 time_t cb_expires; /* time at which callback expires */
306 time_t cb_expires_at; /* time used to order cb_promise */ 325 time_t cb_expires_at; /* time used to order cb_promise */
307 unsigned cb_version; /* callback version */ 326 unsigned cb_version; /* callback version */
@@ -310,6 +329,23 @@ struct afs_vnode {
310 bool cb_promised; /* true if promise still holds */ 329 bool cb_promised; /* true if promise still holds */
311}; 330};
312 331
332/*
333 * cached security record for one user's attempt to access a vnode
334 */
335struct afs_permit {
336 struct key *key; /* RxRPC ticket holding a security context */
337 afs_access_t access_mask; /* access mask for this key */
338};
339
340/*
341 * cache of security records from attempts to access a vnode
342 */
343struct afs_permits {
344 struct rcu_head rcu; /* disposal procedure */
345 int count; /* number of records */
346 struct afs_permit permits[0]; /* the permits so far examined */
347};
348
313/*****************************************************************************/ 349/*****************************************************************************/
314/* 350/*
315 * callback.c 351 * callback.c
@@ -352,11 +388,17 @@ extern bool afs_cm_incoming_call(struct afs_call *);
352extern const struct inode_operations afs_dir_inode_operations; 388extern const struct inode_operations afs_dir_inode_operations;
353extern const struct file_operations afs_dir_file_operations; 389extern const struct file_operations afs_dir_file_operations;
354 390
391extern int afs_permission(struct inode *, int, struct nameidata *);
392
355/* 393/*
356 * file.c 394 * file.c
357 */ 395 */
358extern const struct address_space_operations afs_fs_aops; 396extern const struct address_space_operations afs_fs_aops;
359extern const struct inode_operations afs_file_inode_operations; 397extern const struct inode_operations afs_file_inode_operations;
398extern const struct file_operations afs_file_operations;
399
400extern int afs_open(struct inode *, struct file *);
401extern int afs_release(struct inode *, struct file *);
360 402
361#ifdef AFS_CACHING_SUPPORT 403#ifdef AFS_CACHING_SUPPORT
362extern int afs_cache_get_page_cookie(struct page *, struct cachefs_page **); 404extern int afs_cache_get_page_cookie(struct page *, struct cachefs_page **);
@@ -365,22 +407,24 @@ extern int afs_cache_get_page_cookie(struct page *, struct cachefs_page **);
365/* 407/*
366 * fsclient.c 408 * fsclient.c
367 */ 409 */
368extern int afs_fs_fetch_file_status(struct afs_server *, 410extern int afs_fs_fetch_file_status(struct afs_server *, struct key *,
369 struct afs_vnode *, 411 struct afs_vnode *, struct afs_volsync *,
370 struct afs_volsync *,
371 const struct afs_wait_mode *); 412 const struct afs_wait_mode *);
372extern int afs_fs_give_up_callbacks(struct afs_server *, 413extern int afs_fs_give_up_callbacks(struct afs_server *,
373 const struct afs_wait_mode *); 414 const struct afs_wait_mode *);
374extern int afs_fs_fetch_data(struct afs_server *, struct afs_vnode *, off_t, 415extern int afs_fs_fetch_data(struct afs_server *, struct key *,
375 size_t, struct page *, struct afs_volsync *, 416 struct afs_vnode *, off_t, size_t, struct page *,
417 struct afs_volsync *,
376 const struct afs_wait_mode *); 418 const struct afs_wait_mode *);
377 419
378/* 420/*
379 * inode.c 421 * inode.c
380 */ 422 */
381extern struct inode *afs_iget(struct super_block *, struct afs_fid *); 423extern struct inode *afs_iget(struct super_block *, struct key *,
424 struct afs_fid *);
382extern int afs_inode_getattr(struct vfsmount *, struct dentry *, 425extern int afs_inode_getattr(struct vfsmount *, struct dentry *,
383 struct kstat *); 426 struct kstat *);
427extern void afs_zap_permits(struct rcu_head *);
384extern void afs_clear_inode(struct inode *); 428extern void afs_clear_inode(struct inode *);
385 429
386/* 430/*
@@ -402,17 +446,11 @@ extern const struct inode_operations afs_mntpt_inode_operations;
402extern const struct file_operations afs_mntpt_file_operations; 446extern const struct file_operations afs_mntpt_file_operations;
403extern unsigned long afs_mntpt_expiry_timeout; 447extern unsigned long afs_mntpt_expiry_timeout;
404 448
405extern int afs_mntpt_check_symlink(struct afs_vnode *); 449extern int afs_mntpt_check_symlink(struct afs_vnode *, struct key *);
406extern void afs_mntpt_kill_timer(void); 450extern void afs_mntpt_kill_timer(void);
407extern void afs_umount_begin(struct vfsmount *, int); 451extern void afs_umount_begin(struct vfsmount *, int);
408 452
409/* 453/*
410 * super.c
411 */
412extern int afs_fs_init(void);
413extern void afs_fs_exit(void);
414
415/*
416 * proc.c 454 * proc.c
417 */ 455 */
418extern int afs_proc_init(void); 456extern int afs_proc_init(void);
@@ -436,6 +474,14 @@ extern int afs_extract_data(struct afs_call *, struct sk_buff *, bool, void *,
436 size_t); 474 size_t);
437 475
438/* 476/*
477 * security.c
478 */
479extern void afs_clear_permits(struct afs_vnode *);
480extern void afs_cache_permit(struct afs_vnode *, struct key *, long);
481extern struct key *afs_request_key(struct afs_cell *);
482extern int afs_permission(struct inode *, int, struct nameidata *);
483
484/*
439 * server.c 485 * server.c
440 */ 486 */
441extern spinlock_t afs_server_peer_lock; 487extern spinlock_t afs_server_peer_lock;
@@ -449,16 +495,23 @@ extern void afs_put_server(struct afs_server *);
449extern void __exit afs_purge_servers(void); 495extern void __exit afs_purge_servers(void);
450 496
451/* 497/*
498 * super.c
499 */
500extern int afs_fs_init(void);
501extern void afs_fs_exit(void);
502
503/*
452 * vlclient.c 504 * vlclient.c
453 */ 505 */
454#ifdef AFS_CACHING_SUPPORT 506#ifdef AFS_CACHING_SUPPORT
455extern struct cachefs_index_def afs_vlocation_cache_index_def; 507extern struct cachefs_index_def afs_vlocation_cache_index_def;
456#endif 508#endif
457 509
458extern int afs_vl_get_entry_by_name(struct in_addr *, const char *, 510extern int afs_vl_get_entry_by_name(struct in_addr *, struct key *,
459 struct afs_cache_vlocation *, 511 const char *, struct afs_cache_vlocation *,
460 const struct afs_wait_mode *); 512 const struct afs_wait_mode *);
461extern int afs_vl_get_entry_by_id(struct in_addr *, afs_volid_t, afs_voltype_t, 513extern int afs_vl_get_entry_by_id(struct in_addr *, struct key *,
514 afs_volid_t, afs_voltype_t,
462 struct afs_cache_vlocation *, 515 struct afs_cache_vlocation *,
463 const struct afs_wait_mode *); 516 const struct afs_wait_mode *);
464 517
@@ -469,6 +522,7 @@ extern int afs_vl_get_entry_by_id(struct in_addr *, afs_volid_t, afs_voltype_t,
469 522
470extern int __init afs_vlocation_update_init(void); 523extern int __init afs_vlocation_update_init(void);
471extern struct afs_vlocation *afs_vlocation_lookup(struct afs_cell *, 524extern struct afs_vlocation *afs_vlocation_lookup(struct afs_cell *,
525 struct key *,
472 const char *, size_t); 526 const char *, size_t);
473extern void afs_put_vlocation(struct afs_vlocation *); 527extern void afs_put_vlocation(struct afs_vlocation *);
474extern void __exit afs_vlocation_purge(void); 528extern void __exit afs_vlocation_purge(void);
@@ -492,9 +546,10 @@ static inline struct inode *AFS_VNODE_TO_I(struct afs_vnode *vnode)
492 return &vnode->vfs_inode; 546 return &vnode->vfs_inode;
493} 547}
494 548
495extern int afs_vnode_fetch_status(struct afs_vnode *); 549extern int afs_vnode_fetch_status(struct afs_vnode *, struct afs_vnode *,
496extern int afs_vnode_fetch_data(struct afs_vnode *vnode, off_t, size_t, 550 struct key *);
497 struct page *); 551extern int afs_vnode_fetch_data(struct afs_vnode *, struct key *,
552 off_t, size_t, struct page *);
498 553
499/* 554/*
500 * volume.c 555 * volume.c
@@ -506,8 +561,7 @@ extern struct cachefs_index_def afs_volume_cache_index_def;
506#define afs_get_volume(V) do { atomic_inc(&(V)->usage); } while(0) 561#define afs_get_volume(V) do { atomic_inc(&(V)->usage); } while(0)
507 562
508extern void afs_put_volume(struct afs_volume *); 563extern void afs_put_volume(struct afs_volume *);
509extern struct afs_volume *afs_volume_lookup(const char *, struct afs_cell *, 564extern struct afs_volume *afs_volume_lookup(struct afs_mount_params *);
510 int);
511extern struct afs_server *afs_volume_pick_fileserver(struct afs_vnode *); 565extern struct afs_server *afs_volume_pick_fileserver(struct afs_vnode *);
512extern int afs_volume_release_fileserver(struct afs_vnode *, 566extern int afs_volume_release_fileserver(struct afs_vnode *,
513 struct afs_server *, int); 567 struct afs_server *, int);
diff --git a/fs/afs/mntpt.c b/fs/afs/mntpt.c
index 08c11a0b66bd..b905ae37f912 100644
--- a/fs/afs/mntpt.c
+++ b/fs/afs/mntpt.c
@@ -48,8 +48,11 @@ unsigned long afs_mntpt_expiry_timeout = 10 * 60;
48 * check a symbolic link to see whether it actually encodes a mountpoint 48 * check a symbolic link to see whether it actually encodes a mountpoint
49 * - sets the AFS_VNODE_MOUNTPOINT flag on the vnode appropriately 49 * - sets the AFS_VNODE_MOUNTPOINT flag on the vnode appropriately
50 */ 50 */
51int afs_mntpt_check_symlink(struct afs_vnode *vnode) 51int afs_mntpt_check_symlink(struct afs_vnode *vnode, struct key *key)
52{ 52{
53 struct file file = {
54 .private_data = key,
55 };
53 struct page *page; 56 struct page *page;
54 size_t size; 57 size_t size;
55 char *buf; 58 char *buf;
@@ -58,7 +61,7 @@ int afs_mntpt_check_symlink(struct afs_vnode *vnode)
58 _enter("{%u,%u}", vnode->fid.vnode, vnode->fid.unique); 61 _enter("{%u,%u}", vnode->fid.vnode, vnode->fid.unique);
59 62
60 /* read the contents of the symlink into the pagecache */ 63 /* read the contents of the symlink into the pagecache */
61 page = read_mapping_page(AFS_VNODE_TO_I(vnode)->i_mapping, 0, NULL); 64 page = read_mapping_page(AFS_VNODE_TO_I(vnode)->i_mapping, 0, &file);
62 if (IS_ERR(page)) { 65 if (IS_ERR(page)) {
63 ret = PTR_ERR(page); 66 ret = PTR_ERR(page);
64 goto out; 67 goto out;
@@ -214,7 +217,7 @@ static void *afs_mntpt_follow_link(struct dentry *dentry, struct nameidata *nd)
214 struct vfsmount *newmnt; 217 struct vfsmount *newmnt;
215 int err; 218 int err;
216 219
217 _enter("%p{%s},{%s:%p{%s}}", 220 _enter("%p{%s},{%s:%p{%s},}",
218 dentry, 221 dentry,
219 dentry->d_name.name, 222 dentry->d_name.name,
220 nd->mnt->mnt_devname, 223 nd->mnt->mnt_devname,
@@ -234,7 +237,8 @@ static void *afs_mntpt_follow_link(struct dentry *dentry, struct nameidata *nd)
234 err = do_add_mount(newmnt, nd, MNT_SHRINKABLE, &afs_vfsmounts); 237 err = do_add_mount(newmnt, nd, MNT_SHRINKABLE, &afs_vfsmounts);
235 switch (err) { 238 switch (err) {
236 case 0: 239 case 0:
237 path_release(nd); 240 mntput(nd->mnt);
241 dput(nd->dentry);
238 nd->mnt = newmnt; 242 nd->mnt = newmnt;
239 nd->dentry = dget(newmnt->mnt_root); 243 nd->dentry = dget(newmnt->mnt_root);
240 schedule_delayed_work(&afs_mntpt_expiry_timer, 244 schedule_delayed_work(&afs_mntpt_expiry_timer,
diff --git a/fs/afs/rxrpc.c b/fs/afs/rxrpc.c
index b92774231b3c..e86c527d87a1 100644
--- a/fs/afs/rxrpc.c
+++ b/fs/afs/rxrpc.c
@@ -17,6 +17,8 @@
17 17
18static struct socket *afs_socket; /* my RxRPC socket */ 18static struct socket *afs_socket; /* my RxRPC socket */
19static struct workqueue_struct *afs_async_calls; 19static struct workqueue_struct *afs_async_calls;
20static atomic_t afs_outstanding_calls;
21static atomic_t afs_outstanding_skbs;
20 22
21static void afs_wake_up_call_waiter(struct afs_call *); 23static void afs_wake_up_call_waiter(struct afs_call *);
22static int afs_wait_for_call_to_complete(struct afs_call *); 24static int afs_wait_for_call_to_complete(struct afs_call *);
@@ -45,6 +47,7 @@ static const struct afs_wait_mode afs_async_incoming_call = {
45 47
46/* asynchronous incoming call initial processing */ 48/* asynchronous incoming call initial processing */
47static const struct afs_call_type afs_RXCMxxxx = { 49static const struct afs_call_type afs_RXCMxxxx = {
50 .name = "CB.xxxx",
48 .deliver = afs_deliver_cm_op_id, 51 .deliver = afs_deliver_cm_op_id,
49 .abort_to_error = afs_abort_to_error, 52 .abort_to_error = afs_abort_to_error,
50}; 53};
@@ -118,10 +121,67 @@ void afs_close_socket(void)
118 121
119 _debug("dework"); 122 _debug("dework");
120 destroy_workqueue(afs_async_calls); 123 destroy_workqueue(afs_async_calls);
124
125 ASSERTCMP(atomic_read(&afs_outstanding_skbs), ==, 0);
126 ASSERTCMP(atomic_read(&afs_outstanding_calls), ==, 0);
121 _leave(""); 127 _leave("");
122} 128}
123 129
124/* 130/*
131 * note that the data in a socket buffer is now delivered and that the buffer
132 * should be freed
133 */
134static void afs_data_delivered(struct sk_buff *skb)
135{
136 if (!skb) {
137 _debug("DLVR NULL [%d]", atomic_read(&afs_outstanding_skbs));
138 dump_stack();
139 } else {
140 _debug("DLVR %p{%u} [%d]",
141 skb, skb->mark, atomic_read(&afs_outstanding_skbs));
142 if (atomic_dec_return(&afs_outstanding_skbs) == -1)
143 BUG();
144 rxrpc_kernel_data_delivered(skb);
145 }
146}
147
148/*
149 * free a socket buffer
150 */
151static void afs_free_skb(struct sk_buff *skb)
152{
153 if (!skb) {
154 _debug("FREE NULL [%d]", atomic_read(&afs_outstanding_skbs));
155 dump_stack();
156 } else {
157 _debug("FREE %p{%u} [%d]",
158 skb, skb->mark, atomic_read(&afs_outstanding_skbs));
159 if (atomic_dec_return(&afs_outstanding_skbs) == -1)
160 BUG();
161 rxrpc_kernel_free_skb(skb);
162 }
163}
164
165/*
166 * free a call
167 */
168static void afs_free_call(struct afs_call *call)
169{
170 _debug("DONE %p{%s} [%d]",
171 call, call->type->name, atomic_read(&afs_outstanding_calls));
172 if (atomic_dec_return(&afs_outstanding_calls) == -1)
173 BUG();
174
175 ASSERTCMP(call->rxcall, ==, NULL);
176 ASSERT(!work_pending(&call->async_work));
177 ASSERT(skb_queue_empty(&call->rx_queue));
178 ASSERT(call->type->name != NULL);
179
180 kfree(call->request);
181 kfree(call);
182}
183
184/*
125 * allocate a call with flat request and reply buffers 185 * allocate a call with flat request and reply buffers
126 */ 186 */
127struct afs_call *afs_alloc_flat_call(const struct afs_call_type *type, 187struct afs_call *afs_alloc_flat_call(const struct afs_call_type *type,
@@ -133,30 +193,32 @@ struct afs_call *afs_alloc_flat_call(const struct afs_call_type *type,
133 if (!call) 193 if (!call)
134 goto nomem_call; 194 goto nomem_call;
135 195
196 _debug("CALL %p{%s} [%d]",
197 call, type->name, atomic_read(&afs_outstanding_calls));
198 atomic_inc(&afs_outstanding_calls);
199
200 call->type = type;
201 call->request_size = request_size;
202 call->reply_max = reply_size;
203
136 if (request_size) { 204 if (request_size) {
137 call->request = kmalloc(request_size, GFP_NOFS); 205 call->request = kmalloc(request_size, GFP_NOFS);
138 if (!call->request) 206 if (!call->request)
139 goto nomem_request; 207 goto nomem_free;
140 } 208 }
141 209
142 if (reply_size) { 210 if (reply_size) {
143 call->buffer = kmalloc(reply_size, GFP_NOFS); 211 call->buffer = kmalloc(reply_size, GFP_NOFS);
144 if (!call->buffer) 212 if (!call->buffer)
145 goto nomem_buffer; 213 goto nomem_free;
146 } 214 }
147 215
148 call->type = type;
149 call->request_size = request_size;
150 call->reply_max = reply_size;
151
152 init_waitqueue_head(&call->waitq); 216 init_waitqueue_head(&call->waitq);
153 skb_queue_head_init(&call->rx_queue); 217 skb_queue_head_init(&call->rx_queue);
154 return call; 218 return call;
155 219
156nomem_buffer: 220nomem_free:
157 kfree(call->request); 221 afs_free_call(call);
158nomem_request:
159 kfree(call);
160nomem_call: 222nomem_call:
161 return NULL; 223 return NULL;
162} 224}
@@ -188,6 +250,12 @@ int afs_make_call(struct in_addr *addr, struct afs_call *call, gfp_t gfp,
188 250
189 _enter("%x,{%d},", addr->s_addr, ntohs(call->port)); 251 _enter("%x,{%d},", addr->s_addr, ntohs(call->port));
190 252
253 ASSERT(call->type != NULL);
254 ASSERT(call->type->name != NULL);
255
256 _debug("MAKE %p{%s} [%d]",
257 call, call->type->name, atomic_read(&afs_outstanding_calls));
258
191 call->wait_mode = wait_mode; 259 call->wait_mode = wait_mode;
192 INIT_WORK(&call->async_work, afs_process_async_call); 260 INIT_WORK(&call->async_work, afs_process_async_call);
193 261
@@ -203,6 +271,7 @@ int afs_make_call(struct in_addr *addr, struct afs_call *call, gfp_t gfp,
203 /* create a call */ 271 /* create a call */
204 rxcall = rxrpc_kernel_begin_call(afs_socket, &srx, call->key, 272 rxcall = rxrpc_kernel_begin_call(afs_socket, &srx, call->key,
205 (unsigned long) call, gfp); 273 (unsigned long) call, gfp);
274 call->key = NULL;
206 if (IS_ERR(rxcall)) { 275 if (IS_ERR(rxcall)) {
207 ret = PTR_ERR(rxcall); 276 ret = PTR_ERR(rxcall);
208 goto error_kill_call; 277 goto error_kill_call;
@@ -237,10 +306,10 @@ int afs_make_call(struct in_addr *addr, struct afs_call *call, gfp_t gfp,
237error_do_abort: 306error_do_abort:
238 rxrpc_kernel_abort_call(rxcall, RX_USER_ABORT); 307 rxrpc_kernel_abort_call(rxcall, RX_USER_ABORT);
239 rxrpc_kernel_end_call(rxcall); 308 rxrpc_kernel_end_call(rxcall);
309 call->rxcall = NULL;
240error_kill_call: 310error_kill_call:
241 call->type->destructor(call); 311 call->type->destructor(call);
242 ASSERT(skb_queue_empty(&call->rx_queue)); 312 afs_free_call(call);
243 kfree(call);
244 _leave(" = %d", ret); 313 _leave(" = %d", ret);
245 return ret; 314 return ret;
246} 315}
@@ -257,15 +326,19 @@ static void afs_rx_interceptor(struct sock *sk, unsigned long user_call_ID,
257 326
258 _enter("%p,,%u", call, skb->mark); 327 _enter("%p,,%u", call, skb->mark);
259 328
329 _debug("ICPT %p{%u} [%d]",
330 skb, skb->mark, atomic_read(&afs_outstanding_skbs));
331
260 ASSERTCMP(sk, ==, afs_socket->sk); 332 ASSERTCMP(sk, ==, afs_socket->sk);
333 atomic_inc(&afs_outstanding_skbs);
261 334
262 if (!call) { 335 if (!call) {
263 /* its an incoming call for our callback service */ 336 /* its an incoming call for our callback service */
264 __skb_queue_tail(&afs_incoming_calls, skb); 337 skb_queue_tail(&afs_incoming_calls, skb);
265 schedule_work(&afs_collect_incoming_call_work); 338 schedule_work(&afs_collect_incoming_call_work);
266 } else { 339 } else {
267 /* route the messages directly to the appropriate call */ 340 /* route the messages directly to the appropriate call */
268 __skb_queue_tail(&call->rx_queue, skb); 341 skb_queue_tail(&call->rx_queue, skb);
269 call->wait_mode->rx_wakeup(call); 342 call->wait_mode->rx_wakeup(call);
270 } 343 }
271 344
@@ -317,9 +390,9 @@ static void afs_deliver_to_call(struct afs_call *call)
317 call->state = AFS_CALL_ERROR; 390 call->state = AFS_CALL_ERROR;
318 break; 391 break;
319 } 392 }
320 rxrpc_kernel_data_delivered(skb); 393 afs_data_delivered(skb);
321 skb = NULL; 394 skb = NULL;
322 break; 395 continue;
323 case RXRPC_SKB_MARK_FINAL_ACK: 396 case RXRPC_SKB_MARK_FINAL_ACK:
324 _debug("Rcv ACK"); 397 _debug("Rcv ACK");
325 call->state = AFS_CALL_COMPLETE; 398 call->state = AFS_CALL_COMPLETE;
@@ -350,19 +423,19 @@ static void afs_deliver_to_call(struct afs_call *call)
350 break; 423 break;
351 } 424 }
352 425
353 rxrpc_kernel_free_skb(skb); 426 afs_free_skb(skb);
354 } 427 }
355 428
356 /* make sure the queue is empty if the call is done with (we might have 429 /* make sure the queue is empty if the call is done with (we might have
357 * aborted the call early because of an unmarshalling error) */ 430 * aborted the call early because of an unmarshalling error) */
358 if (call->state >= AFS_CALL_COMPLETE) { 431 if (call->state >= AFS_CALL_COMPLETE) {
359 while ((skb = skb_dequeue(&call->rx_queue))) 432 while ((skb = skb_dequeue(&call->rx_queue)))
360 rxrpc_kernel_free_skb(skb); 433 afs_free_skb(skb);
361 if (call->incoming) { 434 if (call->incoming) {
362 rxrpc_kernel_end_call(call->rxcall); 435 rxrpc_kernel_end_call(call->rxcall);
436 call->rxcall = NULL;
363 call->type->destructor(call); 437 call->type->destructor(call);
364 ASSERT(skb_queue_empty(&call->rx_queue)); 438 afs_free_call(call);
365 kfree(call);
366 } 439 }
367 } 440 }
368 441
@@ -409,14 +482,14 @@ static int afs_wait_for_call_to_complete(struct afs_call *call)
409 _debug("call incomplete"); 482 _debug("call incomplete");
410 rxrpc_kernel_abort_call(call->rxcall, RX_CALL_DEAD); 483 rxrpc_kernel_abort_call(call->rxcall, RX_CALL_DEAD);
411 while ((skb = skb_dequeue(&call->rx_queue))) 484 while ((skb = skb_dequeue(&call->rx_queue)))
412 rxrpc_kernel_free_skb(skb); 485 afs_free_skb(skb);
413 } 486 }
414 487
415 _debug("call complete"); 488 _debug("call complete");
416 rxrpc_kernel_end_call(call->rxcall); 489 rxrpc_kernel_end_call(call->rxcall);
490 call->rxcall = NULL;
417 call->type->destructor(call); 491 call->type->destructor(call);
418 ASSERT(skb_queue_empty(&call->rx_queue)); 492 afs_free_call(call);
419 kfree(call);
420 _leave(" = %d", ret); 493 _leave(" = %d", ret);
421 return ret; 494 return ret;
422} 495}
@@ -459,9 +532,7 @@ static void afs_delete_async_call(struct work_struct *work)
459 532
460 _enter(""); 533 _enter("");
461 534
462 ASSERT(skb_queue_empty(&call->rx_queue)); 535 afs_free_call(call);
463 ASSERT(!work_pending(&call->async_work));
464 kfree(call);
465 536
466 _leave(""); 537 _leave("");
467} 538}
@@ -489,6 +560,7 @@ static void afs_process_async_call(struct work_struct *work)
489 560
490 /* kill the call */ 561 /* kill the call */
491 rxrpc_kernel_end_call(call->rxcall); 562 rxrpc_kernel_end_call(call->rxcall);
563 call->rxcall = NULL;
492 if (call->type->destructor) 564 if (call->type->destructor)
493 call->type->destructor(call); 565 call->type->destructor(call);
494 566
@@ -526,7 +598,7 @@ static void afs_collect_incoming_call(struct work_struct *work)
526 _debug("new call"); 598 _debug("new call");
527 599
528 /* don't need the notification */ 600 /* don't need the notification */
529 rxrpc_kernel_free_skb(skb); 601 afs_free_skb(skb);
530 602
531 if (!call) { 603 if (!call) {
532 call = kzalloc(sizeof(struct afs_call), GFP_KERNEL); 604 call = kzalloc(sizeof(struct afs_call), GFP_KERNEL);
@@ -541,6 +613,11 @@ static void afs_collect_incoming_call(struct work_struct *work)
541 init_waitqueue_head(&call->waitq); 613 init_waitqueue_head(&call->waitq);
542 skb_queue_head_init(&call->rx_queue); 614 skb_queue_head_init(&call->rx_queue);
543 call->state = AFS_CALL_AWAIT_OP_ID; 615 call->state = AFS_CALL_AWAIT_OP_ID;
616
617 _debug("CALL %p{%s} [%d]",
618 call, call->type->name,
619 atomic_read(&afs_outstanding_calls));
620 atomic_inc(&afs_outstanding_calls);
544 } 621 }
545 622
546 rxcall = rxrpc_kernel_accept_call(afs_socket, 623 rxcall = rxrpc_kernel_accept_call(afs_socket,
@@ -551,7 +628,8 @@ static void afs_collect_incoming_call(struct work_struct *work)
551 } 628 }
552 } 629 }
553 630
554 kfree(call); 631 if (call)
632 afs_free_call(call);
555} 633}
556 634
557/* 635/*
@@ -629,8 +707,7 @@ void afs_send_empty_reply(struct afs_call *call)
629 rxrpc_kernel_end_call(call->rxcall); 707 rxrpc_kernel_end_call(call->rxcall);
630 call->rxcall = NULL; 708 call->rxcall = NULL;
631 call->type->destructor(call); 709 call->type->destructor(call);
632 ASSERT(skb_queue_empty(&call->rx_queue)); 710 afs_free_call(call);
633 kfree(call);
634 _leave(" [error]"); 711 _leave(" [error]");
635 return; 712 return;
636 } 713 }
diff --git a/fs/afs/security.c b/fs/afs/security.c
new file mode 100644
index 000000000000..cbdd7f7162fa
--- /dev/null
+++ b/fs/afs/security.c
@@ -0,0 +1,345 @@
1/* AFS security handling
2 *
3 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
4 * Written by David Howells (dhowells@redhat.com)
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 */
11
12#include <linux/init.h>
13#include <linux/slab.h>
14#include <linux/fs.h>
15#include <linux/ctype.h>
16#include <keys/rxrpc-type.h>
17#include "internal.h"
18
19/*
20 * get a key
21 */
22struct key *afs_request_key(struct afs_cell *cell)
23{
24 struct key *key;
25
26 _enter("{%x}", key_serial(cell->anonymous_key));
27
28 _debug("key %s", cell->anonymous_key->description);
29 key = request_key(&key_type_rxrpc, cell->anonymous_key->description,
30 NULL);
31 if (IS_ERR(key)) {
32 if (PTR_ERR(key) != -ENOKEY) {
33 _leave(" = %ld", PTR_ERR(key));
34 return key;
35 }
36
37 /* act as anonymous user */
38 _leave(" = {%x} [anon]", key_serial(cell->anonymous_key));
39 return key_get(cell->anonymous_key);
40 } else {
41 /* act as authorised user */
42 _leave(" = {%x} [auth]", key_serial(key));
43 return key;
44 }
45}
46
47/*
48 * dispose of a permits list
49 */
50void afs_zap_permits(struct rcu_head *rcu)
51{
52 struct afs_permits *permits =
53 container_of(rcu, struct afs_permits, rcu);
54 int loop;
55
56 _enter("{%d}", permits->count);
57
58 for (loop = permits->count - 1; loop >= 0; loop--)
59 key_put(permits->permits[loop].key);
60 kfree(permits);
61}
62
63/*
64 * dispose of a permits list in which all the key pointers have been copied
65 */
66static void afs_dispose_of_permits(struct rcu_head *rcu)
67{
68 struct afs_permits *permits =
69 container_of(rcu, struct afs_permits, rcu);
70
71 _enter("{%d}", permits->count);
72
73 kfree(permits);
74}
75
76/*
77 * get the authorising vnode - this is the specified inode itself if it's a
78 * directory or it's the parent directory if the specified inode is a file or
79 * symlink
80 * - the caller must release the ref on the inode
81 */
82static struct afs_vnode *afs_get_auth_inode(struct afs_vnode *vnode,
83 struct key *key)
84{
85 struct afs_vnode *auth_vnode;
86 struct inode *auth_inode;
87
88 _enter("");
89
90 if (S_ISDIR(vnode->vfs_inode.i_mode)) {
91 auth_inode = igrab(&vnode->vfs_inode);
92 ASSERT(auth_inode != NULL);
93 } else {
94 auth_inode = afs_iget(vnode->vfs_inode.i_sb, key,
95 &vnode->status.parent);
96 if (IS_ERR(auth_inode))
97 return ERR_PTR(PTR_ERR(auth_inode));
98 }
99
100 auth_vnode = AFS_FS_I(auth_inode);
101 _leave(" = {%x}", auth_vnode->fid.vnode);
102 return auth_vnode;
103}
104
105/*
106 * clear the permit cache on a directory vnode
107 */
108void afs_clear_permits(struct afs_vnode *vnode)
109{
110 struct afs_permits *permits;
111
112 _enter("{%x}", vnode->fid.vnode);
113
114 mutex_lock(&vnode->permits_lock);
115 permits = vnode->permits;
116 rcu_assign_pointer(vnode->permits, NULL);
117 mutex_unlock(&vnode->permits_lock);
118
119 if (permits)
120 call_rcu(&permits->rcu, afs_zap_permits);
121 _leave("");
122}
123
124/*
125 * add the result obtained for a vnode to its or its parent directory's cache
126 * for the key used to access it
127 */
128void afs_cache_permit(struct afs_vnode *vnode, struct key *key, long acl_order)
129{
130 struct afs_permits *permits, *xpermits;
131 struct afs_permit *permit;
132 struct afs_vnode *auth_vnode;
133 int count, loop;
134
135 _enter("{%x},%x,%lx", vnode->fid.vnode, key_serial(key), acl_order);
136
137 auth_vnode = afs_get_auth_inode(vnode, key);
138 if (IS_ERR(auth_vnode)) {
139 _leave(" [get error %ld]", PTR_ERR(auth_vnode));
140 return;
141 }
142
143 mutex_lock(&auth_vnode->permits_lock);
144
145 /* guard against a rename being detected whilst we waited for the
146 * lock */
147 if (memcmp(&auth_vnode->fid, &vnode->status.parent,
148 sizeof(struct afs_fid)) != 0) {
149 _debug("renamed");
150 goto out_unlock;
151 }
152
153 /* have to be careful as the directory's callback may be broken between
154 * us receiving the status we're trying to cache and us getting the
155 * lock to update the cache for the status */
156 if (auth_vnode->acl_order - acl_order > 0) {
157 _debug("ACL changed?");
158 goto out_unlock;
159 }
160
161 /* always update the anonymous mask */
162 _debug("anon access %x", vnode->status.anon_access);
163 auth_vnode->status.anon_access = vnode->status.anon_access;
164 if (key == vnode->volume->cell->anonymous_key)
165 goto out_unlock;
166
167 xpermits = auth_vnode->permits;
168 count = 0;
169 if (xpermits) {
170 /* see if the permit is already in the list
171 * - if it is then we just amend the list
172 */
173 count = xpermits->count;
174 permit = xpermits->permits;
175 for (loop = count; loop > 0; loop--) {
176 if (permit->key == key) {
177 permit->access_mask =
178 vnode->status.caller_access;
179 goto out_unlock;
180 }
181 permit++;
182 }
183 }
184
185 permits = kmalloc(sizeof(*permits) + sizeof(*permit) * (count + 1),
186 GFP_NOFS);
187 if (!permits)
188 goto out_unlock;
189
190 memcpy(permits->permits, xpermits->permits,
191 count * sizeof(struct afs_permit));
192
193 _debug("key %x access %x",
194 key_serial(key), vnode->status.caller_access);
195 permits->permits[count].access_mask = vnode->status.caller_access;
196 permits->permits[count].key = key_get(key);
197 permits->count = count + 1;
198
199 rcu_assign_pointer(auth_vnode->permits, permits);
200 if (xpermits)
201 call_rcu(&xpermits->rcu, afs_dispose_of_permits);
202
203out_unlock:
204 mutex_unlock(&auth_vnode->permits_lock);
205 iput(&auth_vnode->vfs_inode);
206 _leave("");
207}
208
209/*
210 * check with the fileserver to see if the directory or parent directory is
211 * permitted to be accessed with this authorisation, and if so, what access it
212 * is granted
213 */
214static int afs_check_permit(struct afs_vnode *vnode, struct key *key,
215 afs_access_t *_access)
216{
217 struct afs_permits *permits;
218 struct afs_permit *permit;
219 struct afs_vnode *auth_vnode;
220 bool valid;
221 int loop, ret;
222
223 _enter("");
224
225 auth_vnode = afs_get_auth_inode(vnode, key);
226 if (IS_ERR(auth_vnode)) {
227 *_access = 0;
228 _leave(" = %ld", PTR_ERR(auth_vnode));
229 return PTR_ERR(auth_vnode);
230 }
231
232 ASSERT(S_ISDIR(auth_vnode->vfs_inode.i_mode));
233
234 /* check the permits to see if we've got one yet */
235 if (key == auth_vnode->volume->cell->anonymous_key) {
236 _debug("anon");
237 *_access = auth_vnode->status.anon_access;
238 valid = true;
239 } else {
240 valid = false;
241 rcu_read_lock();
242 permits = rcu_dereference(auth_vnode->permits);
243 if (permits) {
244 permit = permits->permits;
245 for (loop = permits->count; loop > 0; loop--) {
246 if (permit->key == key) {
247 _debug("found in cache");
248 *_access = permit->access_mask;
249 valid = true;
250 break;
251 }
252 permit++;
253 }
254 }
255 rcu_read_unlock();
256 }
257
258 if (!valid) {
259 /* check the status on the file we're actually interested in
260 * (the post-processing will cache the result on auth_vnode) */
261 _debug("no valid permit");
262
263 set_bit(AFS_VNODE_CB_BROKEN, &vnode->flags);
264 ret = afs_vnode_fetch_status(vnode, auth_vnode, key);
265 if (ret < 0) {
266 iput(&auth_vnode->vfs_inode);
267 *_access = 0;
268 _leave(" = %d", ret);
269 return ret;
270 }
271 }
272
273 *_access = vnode->status.caller_access;
274 iput(&auth_vnode->vfs_inode);
275 _leave(" = 0 [access %x]", *_access);
276 return 0;
277}
278
279/*
280 * check the permissions on an AFS file
281 * - AFS ACLs are attached to directories only, and a file is controlled by its
282 * parent directory's ACL
283 */
284int afs_permission(struct inode *inode, int mask, struct nameidata *nd)
285{
286 struct afs_vnode *vnode = AFS_FS_I(inode);
287 afs_access_t access;
288 struct key *key;
289 int ret;
290
291 _enter("{%x:%x},%x,", vnode->fid.vid, vnode->fid.vnode, mask);
292
293 key = afs_request_key(vnode->volume->cell);
294 if (IS_ERR(key)) {
295 _leave(" = %ld [key]", PTR_ERR(key));
296 return PTR_ERR(key);
297 }
298
299 /* check the permits to see if we've got one yet */
300 ret = afs_check_permit(vnode, key, &access);
301 if (ret < 0) {
302 key_put(key);
303 _leave(" = %d [check]", ret);
304 return ret;
305 }
306
307 /* interpret the access mask */
308 _debug("REQ %x ACC %x on %s",
309 mask, access, S_ISDIR(inode->i_mode) ? "dir" : "file");
310
311 if (S_ISDIR(inode->i_mode)) {
312 if (mask & MAY_EXEC) {
313 if (!(access & AFS_ACE_LOOKUP))
314 goto permission_denied;
315 } else if (mask & MAY_READ) {
316 if (!(access & AFS_ACE_READ))
317 goto permission_denied;
318 } else if (mask & MAY_WRITE) {
319 if (!(access & (AFS_ACE_DELETE | /* rmdir, unlink, rename from */
320 AFS_ACE_INSERT | /* create, mkdir, symlink, rename to */
321 AFS_ACE_WRITE))) /* chmod */
322 goto permission_denied;
323 } else {
324 BUG();
325 }
326 } else {
327 if (!(access & AFS_ACE_LOOKUP))
328 goto permission_denied;
329 if (mask & (MAY_EXEC | MAY_READ)) {
330 if (!(access & AFS_ACE_READ))
331 goto permission_denied;
332 } else if (mask & MAY_WRITE) {
333 if (!(access & AFS_ACE_WRITE))
334 goto permission_denied;
335 }
336 }
337
338 key_put(key);
339 return generic_permission(inode, mask, NULL);
340
341permission_denied:
342 key_put(key);
343 _leave(" = -EACCES");
344 return -EACCES;
345}
diff --git a/fs/afs/super.c b/fs/afs/super.c
index 77e68759788f..497350a5463b 100644
--- a/fs/afs/super.c
+++ b/fs/afs/super.c
@@ -24,12 +24,6 @@
24 24
25#define AFS_FS_MAGIC 0x6B414653 /* 'kAFS' */ 25#define AFS_FS_MAGIC 0x6B414653 /* 'kAFS' */
26 26
27struct afs_mount_params {
28 int rwpath;
29 struct afs_cell *default_cell;
30 struct afs_volume *volume;
31};
32
33static void afs_i_init_once(void *foo, struct kmem_cache *cachep, 27static void afs_i_init_once(void *foo, struct kmem_cache *cachep,
34 unsigned long flags); 28 unsigned long flags);
35 29
@@ -150,8 +144,8 @@ static int want_no_value(char *const *_value, const char *option)
150 * - this function has been shamelessly adapted from the ext3 fs which 144 * - this function has been shamelessly adapted from the ext3 fs which
151 * shamelessly adapted it from the msdos fs 145 * shamelessly adapted it from the msdos fs
152 */ 146 */
153static int afs_super_parse_options(struct afs_mount_params *params, 147static int afs_parse_options(struct afs_mount_params *params,
154 char *options, const char **devname) 148 char *options, const char **devname)
155{ 149{
156 struct afs_cell *cell; 150 struct afs_cell *cell;
157 char *key, *value; 151 char *key, *value;
@@ -183,8 +177,8 @@ static int afs_super_parse_options(struct afs_mount_params *params,
183 cell = afs_cell_lookup(value, strlen(value)); 177 cell = afs_cell_lookup(value, strlen(value));
184 if (IS_ERR(cell)) 178 if (IS_ERR(cell))
185 return PTR_ERR(cell); 179 return PTR_ERR(cell);
186 afs_put_cell(params->default_cell); 180 afs_put_cell(params->cell);
187 params->default_cell = cell; 181 params->cell = cell;
188 } else { 182 } else {
189 printk("kAFS: Unknown mount option: '%s'\n", key); 183 printk("kAFS: Unknown mount option: '%s'\n", key);
190 ret = -EINVAL; 184 ret = -EINVAL;
@@ -199,6 +193,99 @@ error:
199} 193}
200 194
201/* 195/*
196 * parse a device name to get cell name, volume name, volume type and R/W
197 * selector
198 * - this can be one of the following:
199 * "%[cell:]volume[.]" R/W volume
200 * "#[cell:]volume[.]" R/O or R/W volume (rwpath=0),
201 * or R/W (rwpath=1) volume
202 * "%[cell:]volume.readonly" R/O volume
203 * "#[cell:]volume.readonly" R/O volume
204 * "%[cell:]volume.backup" Backup volume
205 * "#[cell:]volume.backup" Backup volume
206 */
207static int afs_parse_device_name(struct afs_mount_params *params,
208 const char *name)
209{
210 struct afs_cell *cell;
211 const char *cellname, *suffix;
212 int cellnamesz;
213
214 _enter(",%s", name);
215
216 if (!name) {
217 printk(KERN_ERR "kAFS: no volume name specified\n");
218 return -EINVAL;
219 }
220
221 if ((name[0] != '%' && name[0] != '#') || !name[1]) {
222 printk(KERN_ERR "kAFS: unparsable volume name\n");
223 return -EINVAL;
224 }
225
226 /* determine the type of volume we're looking for */
227 params->type = AFSVL_ROVOL;
228 params->force = false;
229 if (params->rwpath || name[0] == '%') {
230 params->type = AFSVL_RWVOL;
231 params->force = true;
232 }
233 name++;
234
235 /* split the cell name out if there is one */
236 params->volname = strchr(name, ':');
237 if (params->volname) {
238 cellname = name;
239 cellnamesz = params->volname - name;
240 params->volname++;
241 } else {
242 params->volname = name;
243 cellname = NULL;
244 cellnamesz = 0;
245 }
246
247 /* the volume type is further affected by a possible suffix */
248 suffix = strrchr(params->volname, '.');
249 if (suffix) {
250 if (strcmp(suffix, ".readonly") == 0) {
251 params->type = AFSVL_ROVOL;
252 params->force = true;
253 } else if (strcmp(suffix, ".backup") == 0) {
254 params->type = AFSVL_BACKVOL;
255 params->force = true;
256 } else if (suffix[1] == 0) {
257 } else {
258 suffix = NULL;
259 }
260 }
261
262 params->volnamesz = suffix ?
263 suffix - params->volname : strlen(params->volname);
264
265 _debug("cell %*.*s [%p]",
266 cellnamesz, cellnamesz, cellname ?: "", params->cell);
267
268 /* lookup the cell record */
269 if (cellname || !params->cell) {
270 cell = afs_cell_lookup(cellname, cellnamesz);
271 if (IS_ERR(cell)) {
272 printk(KERN_ERR "kAFS: unable to lookup cell '%s'\n",
273 cellname ?: "");
274 return PTR_ERR(cell);
275 }
276 afs_put_cell(params->cell);
277 params->cell = cell;
278 }
279
280 _debug("CELL:%s [%p] VOLUME:%*.*s SUFFIX:%s TYPE:%d%s",
281 params->cell->name, params->cell,
282 params->volnamesz, params->volnamesz, params->volname,
283 suffix ?: "-", params->type, params->force ? " FORCE" : "");
284
285 return 0;
286}
287
288/*
202 * check a superblock to see if it's the one we're looking for 289 * check a superblock to see if it's the one we're looking for
203 */ 290 */
204static int afs_test_super(struct super_block *sb, void *data) 291static int afs_test_super(struct super_block *sb, void *data)
@@ -244,7 +331,7 @@ static int afs_fill_super(struct super_block *sb, void *data)
244 fid.vid = as->volume->vid; 331 fid.vid = as->volume->vid;
245 fid.vnode = 1; 332 fid.vnode = 1;
246 fid.unique = 1; 333 fid.unique = 1;
247 inode = afs_iget(sb, &fid); 334 inode = afs_iget(sb, params->key, &fid);
248 if (IS_ERR(inode)) 335 if (IS_ERR(inode))
249 goto error_inode; 336 goto error_inode;
250 337
@@ -285,31 +372,40 @@ static int afs_get_sb(struct file_system_type *fs_type,
285 struct afs_mount_params params; 372 struct afs_mount_params params;
286 struct super_block *sb; 373 struct super_block *sb;
287 struct afs_volume *vol; 374 struct afs_volume *vol;
375 struct key *key;
288 int ret; 376 int ret;
289 377
290 _enter(",,%s,%p", dev_name, options); 378 _enter(",,%s,%p", dev_name, options);
291 379
292 memset(&params, 0, sizeof(params)); 380 memset(&params, 0, sizeof(params));
293 381
294 /* parse the options */ 382 /* parse the options and device name */
295 if (options) { 383 if (options) {
296 ret = afs_super_parse_options(&params, options, &dev_name); 384 ret = afs_parse_options(&params, options, &dev_name);
297 if (ret < 0) 385 if (ret < 0)
298 goto error; 386 goto error;
299 if (!dev_name) {
300 printk("kAFS: no volume name specified\n");
301 ret = -EINVAL;
302 goto error;
303 }
304 } 387 }
305 388
389
390 ret = afs_parse_device_name(&params, dev_name);
391 if (ret < 0)
392 goto error;
393
394 /* try and do the mount securely */
395 key = afs_request_key(params.cell);
396 if (IS_ERR(key)) {
397 _leave(" = %ld [key]", PTR_ERR(key));
398 ret = PTR_ERR(key);
399 goto error;
400 }
401 params.key = key;
402
306 /* parse the device name */ 403 /* parse the device name */
307 vol = afs_volume_lookup(dev_name, params.default_cell, params.rwpath); 404 vol = afs_volume_lookup(&params);
308 if (IS_ERR(vol)) { 405 if (IS_ERR(vol)) {
309 ret = PTR_ERR(vol); 406 ret = PTR_ERR(vol);
310 goto error; 407 goto error;
311 } 408 }
312
313 params.volume = vol; 409 params.volume = vol;
314 410
315 /* allocate a deviceless superblock */ 411 /* allocate a deviceless superblock */
@@ -337,13 +433,14 @@ static int afs_get_sb(struct file_system_type *fs_type,
337 433
338 simple_set_mnt(mnt, sb); 434 simple_set_mnt(mnt, sb);
339 afs_put_volume(params.volume); 435 afs_put_volume(params.volume);
340 afs_put_cell(params.default_cell); 436 afs_put_cell(params.cell);
341 _leave(" = 0 [%p]", sb); 437 _leave(" = 0 [%p]", sb);
342 return 0; 438 return 0;
343 439
344error: 440error:
345 afs_put_volume(params.volume); 441 afs_put_volume(params.volume);
346 afs_put_cell(params.default_cell); 442 afs_put_cell(params.cell);
443 key_put(params.key);
347 _leave(" = %d", ret); 444 _leave(" = %d", ret);
348 return ret; 445 return ret;
349} 446}
@@ -375,6 +472,7 @@ static void afs_i_init_once(void *_vnode, struct kmem_cache *cachep,
375 memset(vnode, 0, sizeof(*vnode)); 472 memset(vnode, 0, sizeof(*vnode));
376 inode_init_once(&vnode->vfs_inode); 473 inode_init_once(&vnode->vfs_inode);
377 init_waitqueue_head(&vnode->update_waitq); 474 init_waitqueue_head(&vnode->update_waitq);
475 mutex_init(&vnode->permits_lock);
378 spin_lock_init(&vnode->lock); 476 spin_lock_init(&vnode->lock);
379 INIT_WORK(&vnode->cb_broken_work, afs_broken_callback_work); 477 INIT_WORK(&vnode->cb_broken_work, afs_broken_callback_work);
380 mutex_init(&vnode->cb_broken_lock); 478 mutex_init(&vnode->cb_broken_lock);
diff --git a/fs/afs/vlclient.c b/fs/afs/vlclient.c
index 0c7eba174836..36c1306e09e0 100644
--- a/fs/afs/vlclient.c
+++ b/fs/afs/vlclient.c
@@ -127,6 +127,7 @@ static int afs_deliver_vl_get_entry_by_xxx(struct afs_call *call,
127 * VL.GetEntryByName operation type 127 * VL.GetEntryByName operation type
128 */ 128 */
129static const struct afs_call_type afs_RXVLGetEntryByName = { 129static const struct afs_call_type afs_RXVLGetEntryByName = {
130 .name = "VL.GetEntryByName",
130 .deliver = afs_deliver_vl_get_entry_by_xxx, 131 .deliver = afs_deliver_vl_get_entry_by_xxx,
131 .abort_to_error = afs_vl_abort_to_error, 132 .abort_to_error = afs_vl_abort_to_error,
132 .destructor = afs_flat_call_destructor, 133 .destructor = afs_flat_call_destructor,
@@ -136,6 +137,7 @@ static const struct afs_call_type afs_RXVLGetEntryByName = {
136 * VL.GetEntryById operation type 137 * VL.GetEntryById operation type
137 */ 138 */
138static const struct afs_call_type afs_RXVLGetEntryById = { 139static const struct afs_call_type afs_RXVLGetEntryById = {
140 .name = "VL.GetEntryById",
139 .deliver = afs_deliver_vl_get_entry_by_xxx, 141 .deliver = afs_deliver_vl_get_entry_by_xxx,
140 .abort_to_error = afs_vl_abort_to_error, 142 .abort_to_error = afs_vl_abort_to_error,
141 .destructor = afs_flat_call_destructor, 143 .destructor = afs_flat_call_destructor,
@@ -145,6 +147,7 @@ static const struct afs_call_type afs_RXVLGetEntryById = {
145 * dispatch a get volume entry by name operation 147 * dispatch a get volume entry by name operation
146 */ 148 */
147int afs_vl_get_entry_by_name(struct in_addr *addr, 149int afs_vl_get_entry_by_name(struct in_addr *addr,
150 struct key *key,
148 const char *volname, 151 const char *volname,
149 struct afs_cache_vlocation *entry, 152 struct afs_cache_vlocation *entry,
150 const struct afs_wait_mode *wait_mode) 153 const struct afs_wait_mode *wait_mode)
@@ -163,6 +166,7 @@ int afs_vl_get_entry_by_name(struct in_addr *addr,
163 if (!call) 166 if (!call)
164 return -ENOMEM; 167 return -ENOMEM;
165 168
169 call->key = key;
166 call->reply = entry; 170 call->reply = entry;
167 call->service_id = VL_SERVICE; 171 call->service_id = VL_SERVICE;
168 call->port = htons(AFS_VL_PORT); 172 call->port = htons(AFS_VL_PORT);
@@ -183,6 +187,7 @@ int afs_vl_get_entry_by_name(struct in_addr *addr,
183 * dispatch a get volume entry by ID operation 187 * dispatch a get volume entry by ID operation
184 */ 188 */
185int afs_vl_get_entry_by_id(struct in_addr *addr, 189int afs_vl_get_entry_by_id(struct in_addr *addr,
190 struct key *key,
186 afs_volid_t volid, 191 afs_volid_t volid,
187 afs_voltype_t voltype, 192 afs_voltype_t voltype,
188 struct afs_cache_vlocation *entry, 193 struct afs_cache_vlocation *entry,
@@ -197,6 +202,7 @@ int afs_vl_get_entry_by_id(struct in_addr *addr,
197 if (!call) 202 if (!call)
198 return -ENOMEM; 203 return -ENOMEM;
199 204
205 call->key = key;
200 call->reply = entry; 206 call->reply = entry;
201 call->service_id = VL_SERVICE; 207 call->service_id = VL_SERVICE;
202 call->port = htons(AFS_VL_PORT); 208 call->port = htons(AFS_VL_PORT);
diff --git a/fs/afs/vlocation.c b/fs/afs/vlocation.c
index 60cb2f408c75..7d9815e9ae0f 100644
--- a/fs/afs/vlocation.c
+++ b/fs/afs/vlocation.c
@@ -33,6 +33,7 @@ static struct workqueue_struct *afs_vlocation_update_worker;
33 * about the volume in question 33 * about the volume in question
34 */ 34 */
35static int afs_vlocation_access_vl_by_name(struct afs_vlocation *vl, 35static int afs_vlocation_access_vl_by_name(struct afs_vlocation *vl,
36 struct key *key,
36 struct afs_cache_vlocation *vldb) 37 struct afs_cache_vlocation *vldb)
37{ 38{
38 struct afs_cell *cell = vl->cell; 39 struct afs_cell *cell = vl->cell;
@@ -49,7 +50,7 @@ static int afs_vlocation_access_vl_by_name(struct afs_vlocation *vl,
49 _debug("CellServ[%hu]: %08x", cell->vl_curr_svix, addr.s_addr); 50 _debug("CellServ[%hu]: %08x", cell->vl_curr_svix, addr.s_addr);
50 51
51 /* attempt to access the VL server */ 52 /* attempt to access the VL server */
52 ret = afs_vl_get_entry_by_name(&addr, vl->vldb.name, vldb, 53 ret = afs_vl_get_entry_by_name(&addr, key, vl->vldb.name, vldb,
53 &afs_sync_call); 54 &afs_sync_call);
54 switch (ret) { 55 switch (ret) {
55 case 0: 56 case 0:
@@ -86,6 +87,7 @@ out:
86 * about the volume in question 87 * about the volume in question
87 */ 88 */
88static int afs_vlocation_access_vl_by_id(struct afs_vlocation *vl, 89static int afs_vlocation_access_vl_by_id(struct afs_vlocation *vl,
90 struct key *key,
89 afs_volid_t volid, 91 afs_volid_t volid,
90 afs_voltype_t voltype, 92 afs_voltype_t voltype,
91 struct afs_cache_vlocation *vldb) 93 struct afs_cache_vlocation *vldb)
@@ -104,7 +106,7 @@ static int afs_vlocation_access_vl_by_id(struct afs_vlocation *vl,
104 _debug("CellServ[%hu]: %08x", cell->vl_curr_svix, addr.s_addr); 106 _debug("CellServ[%hu]: %08x", cell->vl_curr_svix, addr.s_addr);
105 107
106 /* attempt to access the VL server */ 108 /* attempt to access the VL server */
107 ret = afs_vl_get_entry_by_id(&addr, volid, voltype, vldb, 109 ret = afs_vl_get_entry_by_id(&addr, key, volid, voltype, vldb,
108 &afs_sync_call); 110 &afs_sync_call);
109 switch (ret) { 111 switch (ret) {
110 case 0: 112 case 0:
@@ -188,6 +190,7 @@ static struct afs_vlocation *afs_vlocation_alloc(struct afs_cell *cell,
188 * update record if we found it in the cache 190 * update record if we found it in the cache
189 */ 191 */
190static int afs_vlocation_update_record(struct afs_vlocation *vl, 192static int afs_vlocation_update_record(struct afs_vlocation *vl,
193 struct key *key,
191 struct afs_cache_vlocation *vldb) 194 struct afs_cache_vlocation *vldb)
192{ 195{
193 afs_voltype_t voltype; 196 afs_voltype_t voltype;
@@ -228,7 +231,7 @@ static int afs_vlocation_update_record(struct afs_vlocation *vl,
228 /* contact the server to make sure the volume is still available 231 /* contact the server to make sure the volume is still available
229 * - TODO: need to handle disconnected operation here 232 * - TODO: need to handle disconnected operation here
230 */ 233 */
231 ret = afs_vlocation_access_vl_by_id(vl, vid, voltype, vldb); 234 ret = afs_vlocation_access_vl_by_id(vl, key, vid, voltype, vldb);
232 switch (ret) { 235 switch (ret) {
233 /* net error */ 236 /* net error */
234 default: 237 default:
@@ -287,7 +290,8 @@ static void afs_vlocation_apply_update(struct afs_vlocation *vl,
287 * fill in a volume location record, consulting the cache and the VL server 290 * fill in a volume location record, consulting the cache and the VL server
288 * both 291 * both
289 */ 292 */
290static int afs_vlocation_fill_in_record(struct afs_vlocation *vl) 293static int afs_vlocation_fill_in_record(struct afs_vlocation *vl,
294 struct key *key)
291{ 295{
292 struct afs_cache_vlocation vldb; 296 struct afs_cache_vlocation vldb;
293 int ret; 297 int ret;
@@ -310,11 +314,11 @@ static int afs_vlocation_fill_in_record(struct afs_vlocation *vl)
310 /* try to update a known volume in the cell VL databases by 314 /* try to update a known volume in the cell VL databases by
311 * ID as the name may have changed */ 315 * ID as the name may have changed */
312 _debug("found in cache"); 316 _debug("found in cache");
313 ret = afs_vlocation_update_record(vl, &vldb); 317 ret = afs_vlocation_update_record(vl, key, &vldb);
314 } else { 318 } else {
315 /* try to look up an unknown volume in the cell VL databases by 319 /* try to look up an unknown volume in the cell VL databases by
316 * name */ 320 * name */
317 ret = afs_vlocation_access_vl_by_name(vl, &vldb); 321 ret = afs_vlocation_access_vl_by_name(vl, key, &vldb);
318 if (ret < 0) { 322 if (ret < 0) {
319 printk("kAFS: failed to locate '%s' in cell '%s'\n", 323 printk("kAFS: failed to locate '%s' in cell '%s'\n",
320 vl->vldb.name, vl->cell->name); 324 vl->vldb.name, vl->cell->name);
@@ -366,14 +370,16 @@ void afs_vlocation_queue_for_updates(struct afs_vlocation *vl)
366 * - insert/update in the local cache if did get a VL response 370 * - insert/update in the local cache if did get a VL response
367 */ 371 */
368struct afs_vlocation *afs_vlocation_lookup(struct afs_cell *cell, 372struct afs_vlocation *afs_vlocation_lookup(struct afs_cell *cell,
373 struct key *key,
369 const char *name, 374 const char *name,
370 size_t namesz) 375 size_t namesz)
371{ 376{
372 struct afs_vlocation *vl; 377 struct afs_vlocation *vl;
373 int ret; 378 int ret;
374 379
375 _enter("{%s},%*.*s,%zu", 380 _enter("{%s},{%x},%*.*s,%zu",
376 cell->name, (int) namesz, (int) namesz, name, namesz); 381 cell->name, key_serial(key),
382 (int) namesz, (int) namesz, name, namesz);
377 383
378 if (namesz > sizeof(vl->vldb.name)) { 384 if (namesz > sizeof(vl->vldb.name)) {
379 _leave(" = -ENAMETOOLONG"); 385 _leave(" = -ENAMETOOLONG");
@@ -405,7 +411,7 @@ struct afs_vlocation *afs_vlocation_lookup(struct afs_cell *cell,
405 up_write(&cell->vl_sem); 411 up_write(&cell->vl_sem);
406 412
407fill_in_record: 413fill_in_record:
408 ret = afs_vlocation_fill_in_record(vl); 414 ret = afs_vlocation_fill_in_record(vl, key);
409 if (ret < 0) 415 if (ret < 0)
410 goto error_abandon; 416 goto error_abandon;
411 vl->state = AFS_VL_VALID; 417 vl->state = AFS_VL_VALID;
@@ -656,7 +662,7 @@ static void afs_vlocation_updater(struct work_struct *work)
656 vl->upd_rej_cnt = 0; 662 vl->upd_rej_cnt = 0;
657 vl->upd_busy_cnt = 0; 663 vl->upd_busy_cnt = 0;
658 664
659 ret = afs_vlocation_update_record(vl, &vldb); 665 ret = afs_vlocation_update_record(vl, NULL, &vldb);
660 switch (ret) { 666 switch (ret) {
661 case 0: 667 case 0:
662 afs_vlocation_apply_update(vl, &vldb); 668 afs_vlocation_apply_update(vl, &vldb);
diff --git a/fs/afs/vnode.c b/fs/afs/vnode.c
index d2ca1398474f..160097619ec7 100644
--- a/fs/afs/vnode.c
+++ b/fs/afs/vnode.c
@@ -238,9 +238,11 @@ static void afs_vnode_finalise_status_update(struct afs_vnode *vnode,
238 * - there are any outstanding ops that will fetch the status 238 * - there are any outstanding ops that will fetch the status
239 * - TODO implement local caching 239 * - TODO implement local caching
240 */ 240 */
241int afs_vnode_fetch_status(struct afs_vnode *vnode) 241int afs_vnode_fetch_status(struct afs_vnode *vnode,
242 struct afs_vnode *auth_vnode, struct key *key)
242{ 243{
243 struct afs_server *server; 244 struct afs_server *server;
245 unsigned long acl_order;
244 int ret; 246 int ret;
245 247
246 DECLARE_WAITQUEUE(myself, current); 248 DECLARE_WAITQUEUE(myself, current);
@@ -260,6 +262,10 @@ int afs_vnode_fetch_status(struct afs_vnode *vnode)
260 return -ENOENT; 262 return -ENOENT;
261 } 263 }
262 264
265 acl_order = 0;
266 if (auth_vnode)
267 acl_order = auth_vnode->acl_order;
268
263 spin_lock(&vnode->lock); 269 spin_lock(&vnode->lock);
264 270
265 if (!test_bit(AFS_VNODE_CB_BROKEN, &vnode->flags) && 271 if (!test_bit(AFS_VNODE_CB_BROKEN, &vnode->flags) &&
@@ -324,12 +330,14 @@ get_anyway:
324 _debug("USING SERVER: %p{%08x}", 330 _debug("USING SERVER: %p{%08x}",
325 server, ntohl(server->addr.s_addr)); 331 server, ntohl(server->addr.s_addr));
326 332
327 ret = afs_fs_fetch_file_status(server, vnode, NULL, 333 ret = afs_fs_fetch_file_status(server, key, vnode, NULL,
328 &afs_sync_call); 334 &afs_sync_call);
329 335
330 } while (!afs_volume_release_fileserver(vnode, server, ret)); 336 } while (!afs_volume_release_fileserver(vnode, server, ret));
331 337
332 /* adjust the flags */ 338 /* adjust the flags */
339 if (ret == 0 && auth_vnode)
340 afs_cache_permit(vnode, key, acl_order);
333 afs_vnode_finalise_status_update(vnode, server, ret); 341 afs_vnode_finalise_status_update(vnode, server, ret);
334 342
335 _leave(" = %d", ret); 343 _leave(" = %d", ret);
@@ -340,17 +348,18 @@ get_anyway:
340 * fetch file data from the volume 348 * fetch file data from the volume
341 * - TODO implement caching and server failover 349 * - TODO implement caching and server failover
342 */ 350 */
343int afs_vnode_fetch_data(struct afs_vnode *vnode, off_t offset, size_t length, 351int afs_vnode_fetch_data(struct afs_vnode *vnode, struct key *key,
344 struct page *page) 352 off_t offset, size_t length, struct page *page)
345{ 353{
346 struct afs_server *server; 354 struct afs_server *server;
347 int ret; 355 int ret;
348 356
349 _enter("%s,{%u,%u,%u}", 357 _enter("%s{%u,%u,%u},%x,,,",
350 vnode->volume->vlocation->vldb.name, 358 vnode->volume->vlocation->vldb.name,
351 vnode->fid.vid, 359 vnode->fid.vid,
352 vnode->fid.vnode, 360 vnode->fid.vnode,
353 vnode->fid.unique); 361 vnode->fid.unique,
362 key_serial(key));
354 363
355 /* this op will fetch the status */ 364 /* this op will fetch the status */
356 spin_lock(&vnode->lock); 365 spin_lock(&vnode->lock);
@@ -367,8 +376,8 @@ int afs_vnode_fetch_data(struct afs_vnode *vnode, off_t offset, size_t length,
367 376
368 _debug("USING SERVER: %08x\n", ntohl(server->addr.s_addr)); 377 _debug("USING SERVER: %08x\n", ntohl(server->addr.s_addr));
369 378
370 ret = afs_fs_fetch_data(server, vnode, offset, length, page, 379 ret = afs_fs_fetch_data(server, key, vnode, offset, length,
371 NULL, &afs_sync_call); 380 page, NULL, &afs_sync_call);
372 381
373 } while (!afs_volume_release_fileserver(vnode, server, ret)); 382 } while (!afs_volume_release_fileserver(vnode, server, ret));
374 383
diff --git a/fs/afs/volume.c b/fs/afs/volume.c
index 45491cfd4f4f..15e13678c216 100644
--- a/fs/afs/volume.c
+++ b/fs/afs/volume.c
@@ -41,83 +41,20 @@ static const char *afs_voltypes[] = { "R/W", "R/O", "BAK" };
41 * - Rule 3: If parent volume is R/W, then only mount R/W volume unless 41 * - Rule 3: If parent volume is R/W, then only mount R/W volume unless
42 * explicitly told otherwise 42 * explicitly told otherwise
43 */ 43 */
44struct afs_volume *afs_volume_lookup(const char *name, struct afs_cell *cell, 44struct afs_volume *afs_volume_lookup(struct afs_mount_params *params)
45 int rwpath)
46{ 45{
47 struct afs_vlocation *vlocation = NULL; 46 struct afs_vlocation *vlocation = NULL;
48 struct afs_volume *volume = NULL; 47 struct afs_volume *volume = NULL;
49 struct afs_server *server = NULL; 48 struct afs_server *server = NULL;
50 afs_voltype_t type;
51 const char *cellname, *volname, *suffix;
52 char srvtmask; 49 char srvtmask;
53 int force, ret, loop, cellnamesz, volnamesz; 50 int ret, loop;
54 51
55 _enter("%s,,%d,", name, rwpath); 52 _enter("{%*.*s,%d}",
56 53 params->volnamesz, params->volnamesz, params->volname, params->rwpath);
57 if (!name || (name[0] != '%' && name[0] != '#') || !name[1]) {
58 printk("kAFS: unparsable volume name\n");
59 return ERR_PTR(-EINVAL);
60 }
61
62 /* determine the type of volume we're looking for */
63 force = 0;
64 type = AFSVL_ROVOL;
65
66 if (rwpath || name[0] == '%') {
67 type = AFSVL_RWVOL;
68 force = 1;
69 }
70
71 suffix = strrchr(name, '.');
72 if (suffix) {
73 if (strcmp(suffix, ".readonly") == 0) {
74 type = AFSVL_ROVOL;
75 force = 1;
76 } else if (strcmp(suffix, ".backup") == 0) {
77 type = AFSVL_BACKVOL;
78 force = 1;
79 } else if (suffix[1] == 0) {
80 } else {
81 suffix = NULL;
82 }
83 }
84
85 /* split the cell and volume names */
86 name++;
87 volname = strchr(name, ':');
88 if (volname) {
89 cellname = name;
90 cellnamesz = volname - name;
91 volname++;
92 } else {
93 volname = name;
94 cellname = NULL;
95 cellnamesz = 0;
96 }
97
98 volnamesz = suffix ? suffix - volname : strlen(volname);
99
100 _debug("CELL:%*.*s [%p] VOLUME:%*.*s SUFFIX:%s TYPE:%d%s",
101 cellnamesz, cellnamesz, cellname ?: "", cell,
102 volnamesz, volnamesz, volname, suffix ?: "-",
103 type,
104 force ? " FORCE" : "");
105
106 /* lookup the cell record */
107 if (cellname || !cell) {
108 cell = afs_cell_lookup(cellname, cellnamesz);
109 if (IS_ERR(cell)) {
110 ret = PTR_ERR(cell);
111 printk("kAFS: unable to lookup cell '%s'\n",
112 cellname ?: "");
113 goto error;
114 }
115 } else {
116 afs_get_cell(cell);
117 }
118 54
119 /* lookup the volume location record */ 55 /* lookup the volume location record */
120 vlocation = afs_vlocation_lookup(cell, volname, volnamesz); 56 vlocation = afs_vlocation_lookup(params->cell, params->key,
57 params->volname, params->volnamesz);
121 if (IS_ERR(vlocation)) { 58 if (IS_ERR(vlocation)) {
122 ret = PTR_ERR(vlocation); 59 ret = PTR_ERR(vlocation);
123 vlocation = NULL; 60 vlocation = NULL;
@@ -126,30 +63,30 @@ struct afs_volume *afs_volume_lookup(const char *name, struct afs_cell *cell,
126 63
127 /* make the final decision on the type we want */ 64 /* make the final decision on the type we want */
128 ret = -ENOMEDIUM; 65 ret = -ENOMEDIUM;
129 if (force && !(vlocation->vldb.vidmask & (1 << type))) 66 if (params->force && !(vlocation->vldb.vidmask & (1 << params->type)))
130 goto error; 67 goto error;
131 68
132 srvtmask = 0; 69 srvtmask = 0;
133 for (loop = 0; loop < vlocation->vldb.nservers; loop++) 70 for (loop = 0; loop < vlocation->vldb.nservers; loop++)
134 srvtmask |= vlocation->vldb.srvtmask[loop]; 71 srvtmask |= vlocation->vldb.srvtmask[loop];
135 72
136 if (force) { 73 if (params->force) {
137 if (!(srvtmask & (1 << type))) 74 if (!(srvtmask & (1 << params->type)))
138 goto error; 75 goto error;
139 } else if (srvtmask & AFS_VOL_VTM_RO) { 76 } else if (srvtmask & AFS_VOL_VTM_RO) {
140 type = AFSVL_ROVOL; 77 params->type = AFSVL_ROVOL;
141 } else if (srvtmask & AFS_VOL_VTM_RW) { 78 } else if (srvtmask & AFS_VOL_VTM_RW) {
142 type = AFSVL_RWVOL; 79 params->type = AFSVL_RWVOL;
143 } else { 80 } else {
144 goto error; 81 goto error;
145 } 82 }
146 83
147 down_write(&cell->vl_sem); 84 down_write(&params->cell->vl_sem);
148 85
149 /* is the volume already active? */ 86 /* is the volume already active? */
150 if (vlocation->vols[type]) { 87 if (vlocation->vols[params->type]) {
151 /* yes - re-use it */ 88 /* yes - re-use it */
152 volume = vlocation->vols[type]; 89 volume = vlocation->vols[params->type];
153 afs_get_volume(volume); 90 afs_get_volume(volume);
154 goto success; 91 goto success;
155 } 92 }
@@ -163,10 +100,10 @@ struct afs_volume *afs_volume_lookup(const char *name, struct afs_cell *cell,
163 goto error_up; 100 goto error_up;
164 101
165 atomic_set(&volume->usage, 1); 102 atomic_set(&volume->usage, 1);
166 volume->type = type; 103 volume->type = params->type;
167 volume->type_force = force; 104 volume->type_force = params->force;
168 volume->cell = cell; 105 volume->cell = params->cell;
169 volume->vid = vlocation->vldb.vid[type]; 106 volume->vid = vlocation->vldb.vid[params->type];
170 107
171 init_rwsem(&volume->server_sem); 108 init_rwsem(&volume->server_sem);
172 109
@@ -196,28 +133,26 @@ struct afs_volume *afs_volume_lookup(const char *name, struct afs_cell *cell,
196 afs_get_vlocation(vlocation); 133 afs_get_vlocation(vlocation);
197 volume->vlocation = vlocation; 134 volume->vlocation = vlocation;
198 135
199 vlocation->vols[type] = volume; 136 vlocation->vols[volume->type] = volume;
200 137
201success: 138success:
202 _debug("kAFS selected %s volume %08x", 139 _debug("kAFS selected %s volume %08x",
203 afs_voltypes[volume->type], volume->vid); 140 afs_voltypes[volume->type], volume->vid);
204 up_write(&cell->vl_sem); 141 up_write(&params->cell->vl_sem);
205 afs_put_vlocation(vlocation); 142 afs_put_vlocation(vlocation);
206 afs_put_cell(cell);
207 _leave(" = %p", volume); 143 _leave(" = %p", volume);
208 return volume; 144 return volume;
209 145
210 /* clean up */ 146 /* clean up */
211error_up: 147error_up:
212 up_write(&cell->vl_sem); 148 up_write(&params->cell->vl_sem);
213error: 149error:
214 afs_put_vlocation(vlocation); 150 afs_put_vlocation(vlocation);
215 afs_put_cell(cell);
216 _leave(" = %d", ret); 151 _leave(" = %d", ret);
217 return ERR_PTR(ret); 152 return ERR_PTR(ret);
218 153
219error_discard: 154error_discard:
220 up_write(&cell->vl_sem); 155 up_write(&params->cell->vl_sem);
221 156
222 for (loop = volume->nservers - 1; loop >= 0; loop--) 157 for (loop = volume->nservers - 1; loop >= 0; loop--)
223 afs_put_server(volume->servers[loop]); 158 afs_put_server(volume->servers[loop]);
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-15 00:33:41 -0500