|
nfs-ganesha 1.4
|
00001 /* 00002 * vim:expandtab:shiftwidth=8:tabstop=8: 00003 */ 00004 00005 /* 00006 * Copyright CEA/DAM/DIF (2008) 00007 * contributeur : Philippe DENIEL philippe.deniel@cea.fr 00008 * Thomas LEIBOVICI thomas.leibovici@cea.fr 00009 * 00010 * 00011 * This program is free software; you can redistribute it and/or 00012 * modify it under the terms of the GNU Lesser General Public 00013 * License as published by the Free Software Foundation; either 00014 * version 3 of the License, or (at your option) any later version. 00015 * 00016 * This program is distributed in the hope that it will be useful, 00017 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00018 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 00019 * Lesser General Public License for more details. 00020 * 00021 * You should have received a copy of the GNU Lesser General Public 00022 * License along with this library; if not, write to the Free Software 00023 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 00024 * 00025 * --------------------------------------- 00026 */ 00027 00038 #ifdef HAVE_CONFIG_H 00039 #include "config.h" 00040 #endif 00041 00042 #include "fsal.h" 00043 #include "fsal_internal.h" 00044 #include "fsal_convert.h" 00045 00078 fsal_status_t HPSSFSAL_test_access(hpssfsal_op_context_t * p_context, /* IN */ 00079 fsal_accessflags_t access_type, /* IN */ 00080 fsal_attrib_list_t * object_attributes /* IN */ 00081 ) 00082 { 00083 fsal_accessflags_t missing_access; 00084 gid_t grp; 00085 int is_grp; 00086 unsigned int i; 00087 00088 /* sanity checks. */ 00089 00090 if(!object_attributes || !p_context) 00091 Return(ERR_FSAL_FAULT, 0, INDEX_FSAL_test_access); 00092 00093 /* If the FSAL_F_OK flag is set, returns ERR INVAL */ 00094 00095 if(access_type & FSAL_F_OK) 00096 Return(ERR_FSAL_INVAL, 0, INDEX_FSAL_test_access); 00097 00098 /* test root access */ 00099 00100 #if HPSS_MAJOR_VERSION == 5 00101 if(p_context->credential.hpss_usercred.SecPWent.Uid == 0) 00102 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_test_access); 00103 #else 00104 if(p_context->credential.hpss_usercred.Uid == 0) 00105 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_test_access); 00106 #endif 00107 00108 /* unsatisfied flags */ 00109 00110 missing_access = FSAL_MODE_MASK(access_type); /* only modes, no ACLs here */ 00111 00114 /* Test if file belongs to user. */ 00115 00116 #if HPSS_MAJOR_VERSION == 5 00117 if(p_context->credential.hpss_usercred.SecPWent.Uid == object_attributes->owner) 00118 #else 00119 if(p_context->credential.hpss_usercred.Uid == object_attributes->owner) 00120 #endif 00121 { 00122 00123 #if ( HPSS_MAJOR_VERSION == 5 ) 00124 LogFullDebug(COMPONENT_FSAL, "File belongs to user %d", 00125 p_context->credential.hpss_usercred.SecPWent.Uid); 00126 #elif ( HPSS_MAJOR_VERSION >= 6 ) 00127 LogFullDebug(COMPONENT_FSAL, "File belongs to user %d", 00128 p_context->credential.hpss_usercred.Uid); 00129 #endif 00130 00131 if(object_attributes->mode & FSAL_MODE_RUSR) 00132 missing_access &= ~FSAL_R_OK; 00133 00134 if(object_attributes->mode & FSAL_MODE_WUSR) 00135 missing_access &= ~FSAL_W_OK; 00136 00137 if(object_attributes->mode & FSAL_MODE_XUSR) 00138 missing_access &= ~FSAL_X_OK; 00139 00140 if(missing_access == 0) 00141 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_test_access); 00142 else 00143 Return(ERR_FSAL_ACCESS, 0, INDEX_FSAL_test_access); 00144 00145 } 00146 00147 /* Test if the file belongs to user's group. */ 00148 00149 #if HPSS_MAJOR_VERSION == 5 00150 is_grp = (p_context->credential.hpss_usercred.SecPWent.Gid == object_attributes->group); 00151 00152 if(is_grp) 00153 LogFullDebug(COMPONENT_FSAL, "File belongs to user's group %d", 00154 p_context->credential.hpss_usercred.SecPWent.Gid); 00155 00156 #elif HPSS_MAJOR_VERSION >= 6 00157 is_grp = (p_context->credential.hpss_usercred.Gid == object_attributes->group); 00158 00159 if(is_grp) 00160 LogFullDebug(COMPONENT_FSAL, "File belongs to user's group %d", 00161 p_context->credential.hpss_usercred.Gid); 00162 00163 #endif 00164 00165 /* Test if file belongs to alt user's groups */ 00166 00167 if(!is_grp) 00168 { 00169 for(i = 0; i < p_context->credential.hpss_usercred.NumGroups; i++) 00170 { 00171 is_grp = 00172 (p_context->credential.hpss_usercred.AltGroups[i] == 00173 object_attributes->group); 00174 00175 if(is_grp) 00176 LogFullDebug(COMPONENT_FSAL, 00177 "File belongs to user's alt group %d", 00178 p_context->credential.hpss_usercred.AltGroups[i]); 00179 00180 /* exits loop if found */ 00181 if(is_grp) 00182 break; 00183 } 00184 } 00185 00186 /* finally apply group rights */ 00187 00188 if(is_grp) 00189 { 00190 if(object_attributes->mode & FSAL_MODE_RGRP) 00191 missing_access &= ~FSAL_R_OK; 00192 00193 if(object_attributes->mode & FSAL_MODE_WGRP) 00194 missing_access &= ~FSAL_W_OK; 00195 00196 if(object_attributes->mode & FSAL_MODE_XGRP) 00197 missing_access &= ~FSAL_X_OK; 00198 00199 if(missing_access == 0) 00200 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_test_access); 00201 else 00202 Return(ERR_FSAL_ACCESS, 0, INDEX_FSAL_test_access); 00203 00204 } 00205 00206 /* test other perms */ 00207 00208 if(object_attributes->mode & FSAL_MODE_ROTH) 00209 missing_access &= ~FSAL_R_OK; 00210 00211 if(object_attributes->mode & FSAL_MODE_WOTH) 00212 missing_access &= ~FSAL_W_OK; 00213 00214 if(object_attributes->mode & FSAL_MODE_XOTH) 00215 missing_access &= ~FSAL_X_OK; 00216 00219 if(missing_access == 0) 00220 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_test_access); 00221 else 00222 Return(ERR_FSAL_ACCESS, 0, INDEX_FSAL_test_access); 00223 00224 } 00225 00250 fsal_status_t HPSSFSAL_setattr_access(hpssfsal_op_context_t * p_context, /* IN */ 00251 fsal_attrib_list_t * pcandidate_attributes, /* IN */ 00252 fsal_attrib_list_t * pobject_attributes /* IN */ 00253 ) 00254 { 00255 fsal_status_t fsal_status; 00256 int same_owner = FALSE; 00257 int root_access = FALSE; 00258 00259 /* sanity check */ 00260 if(p_context == NULL || pcandidate_attributes == NULL || pobject_attributes == NULL) 00261 Return(ERR_FSAL_FAULT, 0, INDEX_FSAL_setattr_access); 00262 00263 /* Root has full power... */ 00264 #if HPSS_MAJOR_VERSION == 5 00265 if(p_context->credential.hpss_usercred.SecPWent.Uid == 0) 00266 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_setattr_access); 00267 #else 00268 if(p_context->credential.hpss_usercred.Uid == 0) 00269 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_setattr_access); 00270 #endif 00271 00272 /* Check for owner access */ 00273 #if HPSS_MAJOR_VERSION == 5 00274 if(p_context->credential.hpss_usercred.SecPWent.Uid == pobject_attributes->owner) 00275 #else 00276 if(p_context->credential.hpss_usercred.Uid == pobject_attributes->owner) 00277 #endif 00278 { 00279 same_owner = TRUE; 00280 } 00281 00282 if(!same_owner) 00283 Return(ERR_FSAL_ACCESS, 0, INDEX_FSAL_setattr_access); 00284 00285 /* If this point is reached, then access is granted */ 00286 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_setattr_access); 00287 } /* FSAL_test_setattr_access */ 00288 00306 fsal_status_t HPSSFSAL_rename_access(hpssfsal_op_context_t * pcontext, /* IN */ 00307 fsal_attrib_list_t * pattrsrc, /* IN */ 00308 fsal_attrib_list_t * pattrdest) /* IN */ 00309 { 00310 fsal_status_t fsal_status; 00311 00312 fsal_status = HPSSFSAL_test_access(pcontext, FSAL_W_OK, pattrsrc); 00313 if(FSAL_IS_ERROR(fsal_status)) 00314 Return(fsal_status.major, fsal_status.minor, INDEX_FSAL_rename_access); 00315 00316 fsal_status = HPSSFSAL_test_access(pcontext, FSAL_W_OK, pattrdest); 00317 if(FSAL_IS_ERROR(fsal_status)) 00318 Return(fsal_status.major, fsal_status.minor, INDEX_FSAL_rename_access); 00319 00320 /* If this point is reached, then access is granted */ 00321 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_rename_access); 00322 } /* FSAL_rename_access */ 00323 00338 fsal_status_t HPSSFSAL_create_access(hpssfsal_op_context_t * pcontext, /* IN */ 00339 fsal_attrib_list_t * pattr) /* IN */ 00340 { 00341 fsal_status_t fsal_status; 00342 00343 fsal_status = HPSSFSAL_test_access(pcontext, FSAL_W_OK, pattr); 00344 if(FSAL_IS_ERROR(fsal_status)) 00345 Return(fsal_status.major, fsal_status.minor, INDEX_FSAL_create_access); 00346 00347 /* If this point is reached, then access is granted */ 00348 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_create_access); 00349 } /* FSAL_create_access */ 00350 00366 fsal_status_t HPSSFSAL_unlink_access(hpssfsal_op_context_t * pcontext, /* IN */ 00367 fsal_attrib_list_t * pattr) /* IN */ 00368 { 00369 fsal_status_t fsal_status; 00370 00371 fsal_status = HPSSFSAL_test_access(pcontext, FSAL_W_OK, pattr); 00372 if(FSAL_IS_ERROR(fsal_status)) 00373 Return(fsal_status.major, fsal_status.minor, INDEX_FSAL_unlink_access); 00374 00375 /* If this point is reached, then access is granted */ 00376 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_unlink_access); 00377 } /* FSAL_unlink_access */ 00378 00394 fsal_status_t HPSSFSAL_link_access(hpssfsal_op_context_t * pcontext, /* IN */ 00395 fsal_attrib_list_t * pattr) /* IN */ 00396 { 00397 fsal_status_t fsal_status; 00398 00399 fsal_status = HPSSFSAL_test_access(pcontext, FSAL_W_OK, pattr); 00400 if(FSAL_IS_ERROR(fsal_status)) 00401 Return(fsal_status.major, fsal_status.minor, INDEX_FSAL_link_access); 00402 00403 /* If this point is reached, then access is granted */ 00404 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_link_access); 00405 } /* FSAL_link_access */ 00406 00422 fsal_status_t HPSSFSAL_merge_attrs(fsal_attrib_list_t * pinit_attr, 00423 fsal_attrib_list_t * pnew_attr, 00424 fsal_attrib_list_t * presult_attr) 00425 { 00426 if(pinit_attr == NULL || pnew_attr == NULL || presult_attr == NULL) 00427 Return(ERR_FSAL_INVAL, 0, INDEX_FSAL_merge_attrs); 00428 00429 /* The basis for the result attr is the fist argument */ 00430 *presult_attr = *pinit_attr; 00431 00432 /* Now deal with the attributes to be merged in this set of attributes */ 00433 if(FSAL_TEST_MASK(pnew_attr->asked_attributes, FSAL_ATTR_MODE)) 00434 presult_attr->mode = pnew_attr->mode; 00435 00436 if(FSAL_TEST_MASK(pnew_attr->asked_attributes, FSAL_ATTR_OWNER)) 00437 presult_attr->owner = pnew_attr->owner; 00438 00439 if(FSAL_TEST_MASK(pnew_attr->asked_attributes, FSAL_ATTR_GROUP)) 00440 presult_attr->group = pnew_attr->group; 00441 00442 if(FSAL_TEST_MASK(pnew_attr->asked_attributes, FSAL_ATTR_SIZE)) 00443 presult_attr->filesize = pnew_attr->filesize; 00444 00445 if(FSAL_TEST_MASK(pnew_attr->asked_attributes, FSAL_ATTR_SPACEUSED)) 00446 presult_attr->spaceused = pnew_attr->spaceused; 00447 00448 if(FSAL_TEST_MASK(pnew_attr->asked_attributes, FSAL_ATTR_ATIME)) 00449 { 00450 presult_attr->atime.seconds = pnew_attr->atime.seconds; 00451 presult_attr->atime.nseconds = pnew_attr->atime.nseconds; 00452 } 00453 00454 if(FSAL_TEST_MASK(pnew_attr->asked_attributes, FSAL_ATTR_MTIME)) 00455 { 00456 presult_attr->mtime.seconds = pnew_attr->mtime.seconds; 00457 presult_attr->mtime.nseconds = pnew_attr->mtime.nseconds; 00458 } 00459 00460 /* Do not forget the ctime */ 00461 FSAL_SET_MASK(presult_attr->asked_attributes, FSAL_ATTR_CTIME); 00462 presult_attr->ctime.seconds = pnew_attr->ctime.seconds; 00463 presult_attr->ctime.nseconds = pnew_attr->ctime.nseconds; 00464 00465 /* Regular exit */ 00466 Return(ERR_FSAL_NO_ERROR, 0, INDEX_FSAL_merge_attrs); 00467 } /* FSAL_merge_attrs */
1.7.3