summaryrefslogtreecommitdiffstats
path: root/xlators/nfs/server/src/auth-cache.c
Commit message (Collapse)AuthorAgeFilesLines
* libglusterfs: add library wrapper for time()Dmitry Antipov2020-08-171-2/+2
| | | | | | | | | Add thin convenient library wrapper gf_time(), adjust related users and comments as well. Change-Id: If8969af2f45ee69c30c3406bce5baa8305fb7f80 Signed-off-by: Dmitry Antipov <dmantipov@yandex.ru> Updates: #1002
* auth-cache.c: minor reduction of work under lock.Yaniv Kaul2019-02-181-6/+3
| | | | | | | | | | | Minor change to reduce work done under a lock. Also, remove unused variable (unrelated to the above). Compile-tested only! updates: bz#1193929 Signed-off-by: Yaniv Kaul <ykaul@redhat.com> Change-Id: I1dfb55823c3db7c638d8a34288423bd1faa37c32
* libglusterfs: Move devel headers under glusterfs directoryShyamsundarR2018-12-051-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | libglusterfs devel package headers are referenced in code using include semantics for a program, this while it works can be better especially when dealing with out of tree xlator builds or in general out of tree devel package usage. Towards this, the following changes are done, - moved all devel headers under a glusterfs directory - Included these headers using system header notation <> in all code outside of libglusterfs - Included these headers using own program notation "" within libglusterfs This change although big, is just moving around the headers and making it correct when including these headers from other sources. This helps us correctly include libglusterfs includes without namespace conflicts. Change-Id: Id2a98854e671a7ee5d73be44da5ba1a74252423b Updates: bz#1193929 Signed-off-by: ShyamsundarR <srangana@redhat.com>
* Land part 2 of clang-format changesGluster Ant2018-09-121-270/+273
| | | | | Change-Id: Ia84cc24c8924e6d22d02ac15f611c10e26db99b4 Signed-off-by: Nigel Babu <nigelb@redhat.com>
* nfs: Reference count export itemsShreyas Siravara2017-12-081-1/+7
| | | | | | | | | Export items are used in the auth cache and need to be reference counted to avoid use-after free bugs. Change-Id: I5cdcdc1cc6abad26c7077d66a14f263da07678ac BUG: 1522847 Signed-off-by: Shreyas Siravara <sshreyas@fb.com>
* refcount: return pointer to the structure instead of a counterNiels de Vos2016-12-111-4/+6
| | | | | | | | | | | | | | | | There are no real users of the counter. It was thought of a handy tool to track and debug refcounting, but it is not used at all. Some parts of the code would benefit from a pointer getting returned instead. BUG: 1399780 Change-Id: I97e52c48420fed61be942ea27ff4849b803eed12 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/15971 Smoke: Gluster Build System <jenkins@build.gluster.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.org> Reviewed-by: Xavier Hernandez <xhernandez@datalab.es> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
* nfs: fix unused variable warnings/errorsKaleb S. KEITHLEY2016-08-231-1/+0
| | | | | | | | | | | | | | | | | http://review.gluster.org/14085 fixes a/the "leak" - via the generated rpc/xdr headers - of pragmas that mask these warnings. However 14085 won't pass the smoke test until all the warnings are fixed. Change-Id: I0e872a8025c3b1b5e2aa15d8fe66248e2fd96bf1 BUG: 1369124 Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com> Reviewed-on: http://review.gluster.org/15253 Reviewed-by: Niels de Vos <ndevos@redhat.com> Smoke: Gluster Build System <jenkins@build.gluster.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
* all: reduce "inline" usageJeff Darcy2015-09-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | There are three kinds of inline functions: plain inline, extern inline, and static inline. All three have been removed from .c files, except those in "contrib" which aren't our problem. Inlines in .h files, which are overwhelmingly "static inline" already, have generally been left alone. Over time we should be able to "lower" these into .c files, but that has to be done in a case-by-case fashion requiring more manual effort. This part was easy to do automatically without (as far as I can tell) any ill effect. In the process, several pieces of dead code were flagged by the compiler, and were removed. Change-Id: I56a5e614735c9e0a6ee420dab949eac22e25c155 BUG: 1245331 Signed-off-by: Jeff Darcy <jdarcy@redhat.com> Reviewed-on: http://review.gluster.org/11769 Tested-by: NetBSD Build System <jenkins@build.gluster.org> Reviewed-by: Dan Lambright <dlambrig@redhat.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> Reviewed-by: Niels de Vos <ndevos@redhat.com> Reviewed-by: Raghavendra Bhat <raghavendra@redhat.com> Reviewed-by: Venky Shankar <vshankar@redhat.com>
* nfs: refcount each auth_cache_entry and related data_tNiels de Vos2015-06-281-9/+86
| | | | | | | | | | | | | | | | | This makes sure that all the auth_cache_entry structures are only free'd when there is no reference to it anymore. When it is free'd, the associated data_t from the auth_cache->cache_dict gets unref'd too. Upon calling auth_cache_purge(), the auth_cache->cache_dict will free each auth_cache_entry in a secure way. Change-Id: If097cc11838e43599040f5414f82b30fc0fd40c6 BUG: 1226717 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/11023 Reviewed-by: Xavier Hernandez <xhernandez@datalab.es> Tested-by: Gluster Build System <jenkins@build.gluster.com> Tested-by: NetBSD Build System <jenkins@build.gluster.org>
* nfs: add a gf_lock_t for the auth_cache->cache_dictNiels de Vos2015-06-281-40/+125
| | | | | | | | | | | | | | This is the 1st step towards implementing reference counters for the auth_cache_entry structure. Access to the structures should always be done atomically, but this can not be guaranteed by the a dict. Change-Id: Ic165221d72f11832177976c989823d861cf12f01 BUG: 1226717 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/11021 Tested-by: NetBSD Build System <jenkins@build.gluster.org> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com>
* nfs: Authentication performance improvementsShreyas Siravara2015-06-161-3/+3
| | | | | | | | | | | | | | | | | | | | When file operations are sent to the NFS server, authorized filehandles are cached using the exportid, mountid, gfid and host as the key to the cache. This meant that any file OR directory will always fail on the *first* fop to that filehandle since the cache used the gfid as part of the key to the cache. However, if an export is authorized, this effectively means that ALL subdirectories and files in the export directory are authorized per the permissions of the export. This results slow times to walking a directory structure over an NFS mount. Change-Id: Iad811ad7255b454d1712e75a637478401d40791e BUG: 1232165 Signed-off-by: Shreyas Siravara <sshreyas@fb.com> Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/11245 Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com>
* nfs: allocate and return the hashkey for the auth_cache_entryNiels de Vos2015-06-031-7/+25
| | | | | | | | | | | | | | | | | | | | | | | | | The allocation of the hashkey was never returned to the calling function. Allocating it with alloca() puts it on the stack, returning from the function makes the pointer invalid. Functions that are annotated with "inline" and call alloca(), will not always be inlined. Returning a pointer allocated with alloca() is in those cases not correct. One such confirmation was provided by GCC developer Alexandre Oliva: - http://gcc.gnu.org/ml/gcc-help/2004-04/msg00158.html It is more correct to call GF_MALLOC() and GF_FREE() for the hashkey. If this would result in preformance hit, we can always think of using alloca() again and turn make_hashkey() into a macro (yuck). Change-Id: Ia86a1f79d33240af4713bfb92f702b0ee6e87eb7 BUG: 1226714 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/11019 Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> Reviewed-by: soumya k <skoduri@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com>
* nfs: allocate the auth_cache->cache_dict on auth_cache_init()Niels de Vos2015-05-071-14/+10
| | | | | | | | | | | | | | | | It seems possible that auth_cache->cache_dict is not always allocated before it is accessed. Instead of allocating the dict upon the 1st access, just create it in auth_cache_init(). Change-Id: I00e60522478b433cb0aae0c1f0948eac544dfd2b URL: http://thread.gmane.org/gmane.comp.file-systems.gluster.devel/10710 BUG: 1143880 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/10600 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> Tested-by: NetBSD Build System
* nfs/auth,exports,netgroup : port log messages to new frameworkManikandan Selvaganesh2015-04-281-8/+10
| | | | | | | | | | | | | | | Five gf_log messages are not changed to gf_msg because gf_msg not sending the output to STDOUT. Bug id : BZ1215017 Change-Id: Ie8de286355becc3fd73fa80057734b834cf40b04 BUG: 1194640 Signed-off-by: Manikandan Selvaganesh <mselvaga@redhat.com> Reviewed-on: http://review.gluster.org/10173 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Niels de Vos <ndevos@redhat.com> Tested-by: NetBSD Build System Reviewed-by: jiffin tony Thottan <jthottan@redhat.com>
* Avoid conflict between contrib/uuid and system uuidEmmanuel Dreyfus2015-04-041-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | glusterfs relies on Linux uuid implementation, which API is incompatible with most other systems's uuid. As a result, libglusterfs has to embed contrib/uuid, which is the Linux implementation, on non Linux systems. This implementation is incompatible with systtem's built in, but the symbols have the same names. Usually this is not a problem because when we link with -lglusterfs, libc's symbols are trumped. However there is a problem when a program not linked with -lglusterfs will dlopen() glusterfs component. In such a case, libc's uuid implementation is already loaded in the calling program, and it will be used instead of libglusterfs's implementation, causing crashes. A possible workaround is to use pre-load libglusterfs in the calling program (using LD_PRELOAD on NetBSD for instance), but such a mechanism is not portable, nor is it flexible. A much better approach is to rename libglusterfs's uuid_* functions to gf_uuid_* to avoid any possible conflict. This is what this change attempts. BUG: 1206587 Change-Id: I9ccd3e13afed1c7fc18508e92c7beb0f5d49f31a Signed-off-by: Emmanuel Dreyfus <manu@netbsd.org> Reviewed-on: http://review.gluster.org/10017 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Niels de Vos <ndevos@redhat.com>
* nfs: add auth-cache for the MOUNT protocolNiels de Vos2015-03-151-0/+311
Authentication cache for the new fine grained contol for the MOUNT protocol. The extended authentication (see Change-Id Ic060aac) benefits from caching the access/permission checks that are done when an NFS-client mounts an export. This auth-cache will be used by Change-Id I181e8c1. BUG: 1143880 Change-Id: I1379116572c8a4d1bf0c7ca4f826e51a79d91444 Original-author: Shreyas Siravara <shreyas.siravara@gmail.com> CC: Richard Wareing <rwareing@fb.com> CC: Jiffin Tony Thottan <jthottan@redhat.com> Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/9363 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com>
generated by cgit (git 2.34.1) at 2024-04-24 16:55:58 +0000