client: add helper for determining if a perm check is necessary

To be used in subsequent commits.

Signed-off-by: Patrick Donnelly <pdonnell@ibm.com>
Fixes: https://tracker.ceph.com/issues/66373

diff --git a/src/client/Client.cc b/src/client/Client.cc
index ef1c3f400496d688c96ee81994898d9dd81a748f..a15ef08832d6f4ee3b8acf45e80cb8253032f734 100644 (file)
--- a/src/client/Client.cc
+++ b/src/client/Client.cc
@@ -17435,7 +17435,8 @@ const char** Client::get_tracked_conf_keys() const
     "client_oc_max_objects", \
     "client_oc_size", \
     "client_oc_target_dirty", \
-    "client_permissions" \
+    "client_permissions", \
+    "fuse_default_permissions"
 
   constexpr bool is_sorted = [] () constexpr {
     constexpr auto arr = std::to_array<std::string_view>({KEYS});
@@ -17463,6 +17464,9 @@ void Client::handle_conf_change(const ConfigProxy& conf,
   if (changed.count("client_permissions")) {
     client_permissions = cct->_conf.get_val<bool>("client_permissions");
   }
+  if (changed.count("fuse_default_permissions")) {
+    fuse_default_permissions = cct->_conf.get_val<bool>("fuse_default_permissions");
+  }
   if (changed.count("client_cache_mid")) {
     lru.lru_set_midpoint(cct->_conf->client_cache_mid);
   }

diff --git a/src/client/Client.h b/src/client/Client.h
index 3c1223c24247419bbf179f35cf907541a663bde5..67ee3729c564c61982c1238cb2187e7c994d1cbf 100644 (file)
--- a/src/client/Client.h
+++ b/src/client/Client.h
@@ -933,6 +933,13 @@ public:
     return std::make_pair(opened_inodes, inode_map.size());
   }
 
+  void set_is_fuse() {
+    is_fuse = true;
+  }
+  bool get_fuse_default_permissions() const {
+    return fuse_default_permissions;
+  }
+
   /* timer_lock for 'timer' */
   ceph::mutex timer_lock = ceph::make_mutex("Client::timer_lock");
   SafeTimer timer;
@@ -945,7 +952,6 @@ public:
   std::unique_ptr<PerfCounters> logger;
   std::unique_ptr<MDSMap> mdsmap;
 
-  bool fuse_default_permissions;
   bool _collect_and_send_global_metrics;
 
 protected:
@@ -1830,6 +1836,10 @@ private:
   void update_io_stat_read(utime_t latency);
   void update_io_stat_write(utime_t latency);
 
+  bool should_check_perms() const {
+    return (is_fuse && !fuse_default_permissions) || (!is_fuse && client_permissions);
+  }
+
   uint32_t deleg_timeout = 0;
 
   client_switch_interrupt_callback_t switch_interrupt_cb = nullptr;
@@ -1957,7 +1967,9 @@ private:
 
   feature_bitset_t myfeatures;
 
+  bool is_fuse = false;
   bool client_permissions;
+  bool fuse_default_permissions;
 };
 
 /**

diff --git a/src/client/fuse_ll.cc b/src/client/fuse_ll.cc
index de6422c7c50b65856757ba8bdfce39b67f50c008..faf33d1bbce74ddf4f144c5bb3a173e2d2c969b7 100644 (file)
--- a/src/client/fuse_ll.cc
+++ b/src/client/fuse_ll.cc
@@ -1295,7 +1295,7 @@ static void do_init(void *data, fuse_conn_info *conn)
     conn->want |= FUSE_CAP_SPLICE_MOVE;
 
 #if !defined(__APPLE__)
-  if (!client->fuse_default_permissions && client->ll_handle_umask()) {
+  if (!client->get_fuse_default_permissions() && client->ll_handle_umask()) {
     // apply umask in userspace if posix acl is enabled
     if(conn->capable & FUSE_CAP_DONT_MASK)
       conn->want |= FUSE_CAP_DONT_MASK;
@@ -1783,6 +1783,7 @@ fuse_req_t CephFuse::Handle::get_fuse_req()
 
 CephFuse::CephFuse(Client *c, int fd) : _handle(new CephFuse::Handle(c, fd))
 {
+  c->set_is_fuse();
 }
 
 CephFuse::~CephFuse()