From ac629e574935a8aed6526936bc83b1c6d295ae67 Mon Sep 17 00:00:00 2001 From: Poornima G Date: Mon, 26 Dec 2016 14:28:22 +0530 Subject: md-cache: Cache security.ima xattrs From kernel version 3.X or greater, creating of a file results in removexattr call on security.ima xattr. But this xattr is not set on the file unless IMA feature is active. With this patch, removxattr call returns ENODATA if it is not found in the cache. Change-Id: I8136096598a983aebc09901945eba1db1b2f93c9 Signed-off-by: Poornima G Reviewed-on: http://review.gluster.org/16296 Smoke: Gluster Build System NetBSD-regression: NetBSD Build System CentOS-regression: Gluster Build System Reviewed-by: Raghavendra G --- xlators/mgmt/glusterd/src/glusterd-volume-set.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'xlators/mgmt/glusterd/src/glusterd-volume-set.c') diff --git a/xlators/mgmt/glusterd/src/glusterd-volume-set.c b/xlators/mgmt/glusterd/src/glusterd-volume-set.c index ae569c66a23..96e76cd7953 100644 --- a/xlators/mgmt/glusterd/src/glusterd-volume-set.c +++ b/xlators/mgmt/glusterd/src/glusterd-volume-set.c @@ -1598,6 +1598,21 @@ struct volopt_map_entry glusterd_volopt_map[] = { " xattr)", .flags = OPT_FLAG_CLIENT_OPT }, + { .key = "performance.cache-capability-xattrs", + .voltype = "performance/md-cache", + .option = "cache-capability-xattrs", + .op_version = GD_OP_VERSION_3_10_0, + .description = "Cache xattrs required for capability based security", + .flags = OPT_FLAG_CLIENT_OPT + }, + { .key = "performance.cache-ima-xattrs", + .voltype = "performance/md-cache", + .option = "cache-ima-xattrs", + .op_version = GD_OP_VERSION_3_10_0, + .description = "Cache xattrs required for IMA " + "(Integrity Measurement Architecture)", + .flags = OPT_FLAG_CLIENT_OPT + }, /* Crypt xlator options */ -- cgit