Merge pull request #11218 from ceph/wip-getuid

Client: pass "UserPerm" struct everywhere for security checks

Reviewed-by: Jeff Layton <jlayton@redhat.com>

diff --cc src/ceph_fuse.cc
Simple merge

diff --cc src/client/Client.cc
index 58bc293982e8bf612210dc3d0dbd472c184463b7,a764e87f240dc6a5bef8a3768e0ba4dcead9aaa0..6c783d0a00123aefaec56f7c91c1a5f01bd13680
--- 1/src/client/Client.cc
--- 2/src/client/Client.cc
+++ b/src/client/Client.cc
@@@ -1614,10 -1613,10 +1621,10 @@@ int Client::verify_reply_trace(int r
   * @param use_mds [optional] prefer a specific mds (-1 for default)
   * @param pdirbl [optional; disallowed if ptarget] where to pass extra reply payload to the caller
   */
- int Client::make_request(MetaRequest *request, 
-                        int uid, int gid, 
+ int Client::make_request(MetaRequest *request,
+                        const UserPerm& perms,
                         InodeRef *ptarget, bool *pcreated,
 -                       int use_mds,
 +                       mds_rank_t use_mds,
                         bufferlist *pdirbl)
  {
    int r = 0;
@@@ -9943,9 -9934,11 +9944,9 @@@ int Client::ll_getattrx(Inode *in, stru
    return res;
  }
  
- int Client::_ll_setattrx(Inode *in, struct ceph_statx *stx, int mask, int uid,
-                      int gid, InodeRef *inp)
+ int Client::_ll_setattrx(Inode *in, struct ceph_statx *stx, int mask,
+                        const UserPerm& perms, InodeRef *inp)
  {
 -  Mutex::Locker lock(client_lock);
 -
    vinodeno_t vino = _get_vino(in);
  
    ldout(cct, 3) << "ll_setattrx " << vino << " mask " << hex << mask << dec
@@@ -9969,15 -9962,14 +9970,15 @@@
  
    mask &= ~(CEPH_SETATTR_MTIME_NOW | CEPH_SETATTR_ATIME_NOW);
  
-   return __setattrx(in, stx, mask, uid, gid, inp);
+   return __setattrx(in, stx, mask, perms, inp);
  }
  
- int Client::ll_setattrx(Inode *in, struct ceph_statx *stx, int mask, int uid,
-                      int gid)
+ int Client::ll_setattrx(Inode *in, struct ceph_statx *stx, int mask,
+                       const UserPerm& perms)
  {
 +  Mutex::Locker lock(client_lock);
    InodeRef target(in);
-   int res = _ll_setattrx(in, stx, mask, uid, gid, &target);
+   int res = _ll_setattrx(in, stx, mask, perms, &target);
    if (res == 0) {
      assert(in == target.get());
      fill_statx(in, in->caps_issued(), stx);
@@@ -9987,15 -9979,15 +9988,15 @@@
    return res;
  }
  
- int Client::ll_setattr(Inode *in, struct stat *attr, int mask, int uid,
-                      int gid)
+ int Client::ll_setattr(Inode *in, struct stat *attr, int mask,
+                      const UserPerm& perms)
  {
    struct ceph_statx stx;
 -
    stat_to_statx(attr, &stx);
  
 +  Mutex::Locker lock(client_lock);
    InodeRef target(in);
-   int res = _ll_setattrx(in, &stx, mask, uid, gid, &target);
+   int res = _ll_setattrx(in, &stx, mask, perms, &target);
    if (res == 0) {
      assert(in == target.get());
      fill_stat(in, attr);

diff --cc src/client/Client.h
index 45f3b72fcaf622c977b00a28357ca68b516bfdf0,75a35d21e0f4d9060d5275f5ca2cc6c553037b66..cf5b5359c61ca3f6ae2cdde1d3f34ff074dda653
--- 1/src/client/Client.h
--- 2/src/client/Client.h
+++ b/src/client/Client.h
@@@ -357,10 -356,9 +355,9 @@@ protected
    void dump_mds_requests(Formatter *f);
    void dump_mds_sessions(Formatter *f);
  
-   int make_request(MetaRequest *req, int uid, int gid,
-                  //MClientRequest *req, int uid, int gid,
+   int make_request(MetaRequest *req, const UserPerm& perms,
                   InodeRef *ptarget = 0, bool *pcreated = 0,
 -                 int use_mds=-1, bufferlist *pdirbl=0);
 +                 mds_rank_t use_mds=-1, bufferlist *pdirbl=0);
    void put_request(MetaRequest *request);
    void unregister_request(MetaRequest *request);
  

diff --cc src/common/config_opts.h
Simple merge

diff --cc src/mds/Locker.cc
Simple merge

diff --cc src/mds/Server.cc
Simple merge

diff --cc src/mds/SessionMap.h
Simple merge