From 332112bad64402050c55d8d065d71ad443b30a4f Mon Sep 17 00:00:00 2001 From: anwleung Date: Fri, 2 Mar 2007 20:15:16 +0000 Subject: [PATCH] Added capids and caching class git-svn-id: https://ceph.svn.sf.net/svnroot/ceph@1161 29311d96-e01e-0410-9327-a35deaab8ce9 --- .../aleung/security1/ceph/crypto/CapCache.h | 39 ++++++++++++++ .../aleung/security1/ceph/crypto/ExtCap.h | 53 +++++++++++++++++-- branches/aleung/security1/ceph/mds/Locker.cc | 3 ++ branches/aleung/security1/ceph/mds/Locker.h | 4 +- branches/aleung/security1/ceph/osd/OSD.cc | 8 ++- branches/aleung/security1/ceph/osd/OSD.h | 6 ++- 6 files changed, 107 insertions(+), 6 deletions(-) create mode 100644 branches/aleung/security1/ceph/crypto/CapCache.h diff --git a/branches/aleung/security1/ceph/crypto/CapCache.h b/branches/aleung/security1/ceph/crypto/CapCache.h new file mode 100644 index 0000000000000..5eaf48bae0126 --- /dev/null +++ b/branches/aleung/security1/ceph/crypto/CapCache.h @@ -0,0 +1,39 @@ +// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +/* + * Ceph - scalable distributed file system + * + * Copyright (C) 2004-2006 Sage Weil + * + * This is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License version 2.1, as published by the Free Software + * Foundation. See file COPYING. + * + */ +#ifndef __CAPCACHE_H +#define __CAPCACHE_H + +#include +using namespace std; + +#include "crypto/ExtCap.h" + +class CapCache { +private: + map verified_caps; + +public: + CapCache() { + } + bool prev_verified(cap_id_t cap_id) { + return verified_caps.count(cap_id); + } + void insert(ExtCap *cap) { + verified_caps[cap->get_id()] = (*cap); + } + void remove(cap_id_t cap_id) { + verified_caps.erase(cap_id); + } +}; + +#endif diff --git a/branches/aleung/security1/ceph/crypto/ExtCap.h b/branches/aleung/security1/ceph/crypto/ExtCap.h index 6a5c194af1150..fadf391286eec 100644 --- a/branches/aleung/security1/ceph/crypto/ExtCap.h +++ b/branches/aleung/security1/ceph/crypto/ExtCap.h @@ -24,11 +24,52 @@ using namespace std; #include "crypto/CryptoLib.h" using namespace CryptoLib; +struct cap_id_t { + int cid; + int mds_id; +}; +// comparison operators +inline bool operator>(const cap_id_t& a, const cap_id_t& b) +{ + if (a.mds_id > b.mds_id) + return true; + else if (a.mds_id == b.mds_id ) { + if (a.cid > b.cid) + return true; + else + return false; + } + else + return false; +} +inline bool operator<(const cap_id_t& a, const cap_id_t& b) +{ + if (a.mds_id < b.mds_id) + return true; + else if (a.mds_id == b.mds_id ) { + if (a.cid < b.cid) + return true; + else + return false; + } + else + return false; +} + +// ostream +inline std::ostream& operator<<(std::ostream& out, const cap_id_t& c) +{ + out << c.mds_id << "."; + out.setf(std::ios::right); + out << c.cid; + out.unsetf(std::ios::right); + return out; +} class ExtCap { private: struct cap_data_t { - int id; // capability id + cap_id_t id; // capability id utime_t t_s; // creation time utime_t t_e; // expiration time int mode; // I/O mode @@ -46,6 +87,7 @@ private: public: friend class Client; friend class OSD; + friend class CapCache; // default constructor, should really not be used ExtCap() {} @@ -58,7 +100,8 @@ public: **********/ ExtCap(int m, uid_t u, inodeno_t n) { - data.id = 0; + data.id.cid = 0; + data.id.mds_id = 0; data.t_s = g_clock.now(); data.t_e = data.t_s; data.t_e += 3600; @@ -85,7 +128,7 @@ public: ~ExtCap() { } - int get_id() const { return data.id; } + cap_id_t get_id() const { return data.id; } utime_t get_ts() const { return data.t_s; } utime_t get_te() const { return data.t_e; } uid_t get_uid() const { return data.uid; } @@ -97,6 +140,10 @@ public: // in case the mode needs to be changed // FYI, you should resign the cap after this void set_mode(int new_mode) { data.mode = new_mode; } + void set_id(int new_id, int new_mds_id) { + data.id.cid = new_id; + data.id.mds_id = new_mds_id; + } const cap_data_t* get_data() const { return (&data); diff --git a/branches/aleung/security1/ceph/mds/Locker.cc b/branches/aleung/security1/ceph/mds/Locker.cc index 9c22a4d97f94f..a59e6c017f3ef 100644 --- a/branches/aleung/security1/ceph/mds/Locker.cc +++ b/branches/aleung/security1/ceph/mds/Locker.cc @@ -236,6 +236,9 @@ ExtCap* Locker::issue_new_extcaps(CInode *in, int mode, MClientRequest *req) { if (!ext_cap) { // make new cap ext_cap = new ExtCap(my_want, my_user, in->ino()); + ext_cap->set_id(cap_id_count, mds->get_nodeid()); + // increment capability count + cap_id_count++; dout(3) << "Made new " << my_want << " capability for uid: " << ext_cap->get_uid() << " for inode: " << ext_cap->get_ino()<< endl; diff --git a/branches/aleung/security1/ceph/mds/Locker.h b/branches/aleung/security1/ceph/mds/Locker.h index e3c192cbf4694..68c83e9b79f68 100644 --- a/branches/aleung/security1/ceph/mds/Locker.h +++ b/branches/aleung/security1/ceph/mds/Locker.h @@ -48,9 +48,11 @@ class Locker { private: MDS *mds; MDCache *mdcache; + // count of capability id's used + int cap_id_count; public: - Locker(MDS *m, MDCache *c) : mds(m), mdcache(c) {} + Locker(MDS *m, MDCache *c) : mds(m), mdcache(c), cap_id_count(0) {} void dispatch(Message *m); diff --git a/branches/aleung/security1/ceph/osd/OSD.cc b/branches/aleung/security1/ceph/osd/OSD.cc index e8864395c0e29..faa298cfb1ab1 100644 --- a/branches/aleung/security1/ceph/osd/OSD.cc +++ b/branches/aleung/security1/ceph/osd/OSD.cc @@ -276,6 +276,9 @@ int OSD::init() // convert public key to string string key_str = pubToString(myPubKey); + + // ready cache + cap_cache = new CapCache(); // i'm ready! messenger->set_dispatcher(this); @@ -2866,6 +2869,9 @@ void OSD::op_read(MOSDOp *op)//, PG *pg) else cout << "OSD failed to verify capability" << endl; } + else + cout << "Received some read with no cap from " << op->get_source().type() << endl; + long r = 0; bufferlist bl; @@ -3219,7 +3225,7 @@ void OSD::op_modify(MOSDOp *op, PG *pg) cout << "OSD failed to verify a write capability" << endl; } else - cout << "Received some write with no cap" << endl; + cout << "Received some write with no cap from " << op->get_source().type() << endl; /* // check for capability diff --git a/branches/aleung/security1/ceph/osd/OSD.h b/branches/aleung/security1/ceph/osd/OSD.h index c3325fb5632b0..a682f6d6d15df 100644 --- a/branches/aleung/security1/ceph/osd/OSD.h +++ b/branches/aleung/security1/ceph/osd/OSD.h @@ -35,6 +35,7 @@ using namespace __gnu_cxx; #include"crypto/CryptoLib.h" using namespace CryptoLib; +#include "crypto/CapCache.h" class Messenger; class Message; @@ -46,7 +47,7 @@ public: /** superblock */ OSDSuperblock superblock; - epoch_t boot_epoch; + epoch_t boot_epoch; object_t get_osdmap_object_name(epoch_t epoch) { return object_t(0,epoch << 1); } object_t get_inc_osdmap_object_name(epoch_t epoch) { return object_t(0, (epoch << 1) + 1); } @@ -65,6 +66,9 @@ public: esignPriv myPrivKey; esignPub myPubKey; + // capability cache + CapCache *cap_cache; + static const int STATE_BOOTING = 1; static const int STATE_ACTIVE = 2; static const int STATE_STOPPING = 3; -- 2.39.5