[Pvfs2-cvs] commit by dbonnie in pvfs2/src/server: check.c pvfs2-server.h setparam.sm

CVS commit program cvs at parl.clemson.edu
Fri Jun 20 15:13:43 EDT 2008 

Update of /anoncvs/pvfs2/src/server
In directory parlweb1:/tmp/cvs-serv22653/src/server

Modified Files:
      Tag: cu-security-branch
	check.c pvfs2-server.h setparam.sm 
Log Message:
Merge from HEAD.  Fleshed out credential.  Encode/decode added for credential and cleaned up for capability.  Added capability/credential into request/response structures.  Fleshed out comments in security module.


Index: check.c
===================================================================
RCS file: /anoncvs/pvfs2/src/server/check.c,v
diff -p -u -r1.1.8.8 -r1.1.8.9
--- check.c	17 Jun 2008 15:42:16 -0000	1.1.8.8
+++ check.c	20 Jun 2008 19:13:43 -0000	1.1.8.9
@@ -562,7 +562,7 @@ int PINT_perm_check(struct PINT_server_o
         {
             gossip_debug(GOSSIP_PERMISSIONS_DEBUG, "Attempted to perform "
                          "an operation on target handle %llu that was "
-                         "not in the capability", llu(s_op->target_handle));
+                         "not in the capability\n", llu(s_op->target_handle));
             return -PVFS_EACCES;
         }
     }

Index: pvfs2-server.h
===================================================================
RCS file: /anoncvs/pvfs2/src/server/pvfs2-server.h,v
diff -p -u -r1.150.2.4 -r1.150.2.5
--- pvfs2-server.h	11 Jun 2008 19:52:46 -0000	1.150.2.4
+++ pvfs2-server.h	20 Jun 2008 19:13:43 -0000	1.150.2.5
@@ -55,6 +55,35 @@ extern job_context_id server_job_context
 /* number of milliseconds that clients will delay between retries */
 #define PVFS2_CLIENT_RETRY_DELAY_MS_DEFAULT  2000
 
+/* types of permission checking that a server may need to perform for
+ * incoming requests
+ */
+enum PINT_server_req_permissions
+{
+    PINT_SERVER_CHECK_INVALID = 0, /* invalid request */
+    PINT_SERVER_CHECK_WRITE = 1,   /* needs write permission */
+    PINT_SERVER_CHECK_READ = 2,    /* needs read permission */
+    PINT_SERVER_CHECK_NONE = 3,    /* needs no permission */
+    PINT_SERVER_CHECK_ATTR = 4,    /* special case for attribute operations; 
+                                      needs ownership */
+    PINT_SERVER_CHECK_CRDIRENT = 5 /* special case for crdirent operations;
+                                      needs write and execute */
+};
+
+#define PINT_GET_OBJECT_REF_DEFINE(req_name)                             \
+static inline int PINT_get_object_ref_##req_name(                        \
+    struct PVFS_server_req *req, PVFS_fs_id *fs_id, PVFS_handle *handle) \
+{                                                                        \
+    *fs_id = req->u.req_name.fs_id;                                      \
+    *handle = req->u.req_name.handle;                                    \
+    return 0;                                                            \
+}
+
+enum PINT_server_req_access_type PINT_server_req_readonly(
+                                    struct PVFS_server_req *req);
+enum PINT_server_req_access_type PINT_server_req_modify(
+                                    struct PVFS_server_req *req);
+
 /* used to keep a random, but handy, list of keys around */
 typedef struct PINT_server_trove_keys
 {

Index: setparam.sm
===================================================================
RCS file: /anoncvs/pvfs2/src/server/setparam.sm,v
diff -p -u -r1.34.2.3 -r1.34.2.4
--- setparam.sm	13 Jun 2008 19:49:58 -0000	1.34.2.3
+++ setparam.sm	20 Jun 2008 19:13:43 -0000	1.34.2.4
@@ -15,10 +15,12 @@
 #include "pvfs2-server.h"
 #include "pint-event.h"
 #include "pvfs2-internal.h"
+#include "gossip.h"
 #include "request-scheduler/request-scheduler.h"
 #include "pint-security.h"
 
 static int check_fs_id(PVFS_fs_id fs_id);
+static int drop_caches(void);
 
 %%
 
@@ -164,6 +166,9 @@ static PINT_sm_action setparam_work(
 
             js_p->error_code = 0;
             return ret;
+        case PVFS_SERV_PARAM_DROP_CACHES:
+            js_p->error_code = drop_caches();
+            return SM_ACTION_COMPLETE;
     }
 
     gossip_lerr("Error: mgmt_setparam for unknown parameter %d.\n",
@@ -276,10 +281,48 @@ struct PINT_server_req_params pvfs2_setp
     .string_name = "mgmt_setparam",
     .perm = perm_setparam,
     .access_type = PINT_server_req_modify,
-    .sched_policy = PINT_SERVER_REQ_SCHEDULE,
     .get_object_ref = PINT_get_object_ref_setparam,
     .state_machine = &pvfs2_setparam_sm
 };
+
+/* drop_caches()
+ *
+ * Linux specific, but should fail cleanly on other platforms. 
+ *
+ * This function asks the operating system to sync and drop any in memory
+ * caches that it may have.  Applies globally to all file systems on the
+ * server, not just the PVFS storage space.
+ */
+static int drop_caches(void)
+{
+    int fd;
+    int ret;
+
+    /* try to commit buffer cache first */
+    sync();
+
+    /* open Linux specific control file if present */
+    fd = open("/proc/sys/vm/drop_caches", O_WRONLY);
+    if(fd < 0)
+    {
+        gossip_debug(GOSSIP_SERVER_DEBUG, 
+            "Warning: drop_caches not supported.\n");
+        return(-PVFS_EOPNOTSUPP);
+    }
+
+    /* free page cache, dentries, and inodes */
+    ret = write(fd, "3", 2);
+    if(ret < 0)
+    {
+        gossip_debug(GOSSIP_SERVER_DEBUG, 
+            "Warning: found drop_caches file but failed to write to it.\n");
+        close(fd);
+        return(-PVFS_EOPNOTSUPP);
+    }
+   
+    close(fd);
+    return(0);
+}
 
 /*
  * Local variables:

More information about the Pvfs2-cvs mailing list