| Message ID | 20231205011439.84238-1-xiubli@redhat.com |
|---|---|
| Headers | show |
| Series | ceph: check the cephx mds auth access in client side | expand |
On Tue, Dec 5, 2023 at 6:47 AM <xiubli@redhat.com> wrote: > > From: Xiubo Li <xiubli@redhat.com> > > The code are refered to the userspace libcephfs: > https://github.com/ceph/ceph/pull/48027. > > > V3: > - Fix https://tracker.ceph.com/issues/63141. > > V2: > - Fix memleak for built 'path'. > > > Xiubo Li (6): > ceph: save the cap_auths in client when session being opened > ceph: add ceph_mds_check_access() helper support > ceph: check the cephx mds auth access for setattr > ceph: check the cephx mds auth access for open > ceph: check the cephx mds auth access for async dirop > ceph: add CEPHFS_FEATURE_MDS_AUTH_CAPS_CHECK feature bit > > fs/ceph/dir.c | 28 +++++ > fs/ceph/file.c | 61 +++++++++- > fs/ceph/inode.c | 46 ++++++-- > fs/ceph/mds_client.c | 265 ++++++++++++++++++++++++++++++++++++++++++- > fs/ceph/mds_client.h | 28 ++++- > 5 files changed, 415 insertions(+), 13 deletions(-) > > -- > 2.41.0 > Tested-by: Venky Shankar <vshankar@redhat.com>
On Tue, Feb 6, 2024 at 2:50 PM Venky Shankar <vshankar@redhat.com> wrote: > > On Tue, Dec 5, 2023 at 6:47 AM <xiubli@redhat.com> wrote: > > > > From: Xiubo Li <xiubli@redhat.com> > > > > The code are refered to the userspace libcephfs: > > https://github.com/ceph/ceph/pull/48027. > > > > > > V3: > > - Fix https://tracker.ceph.com/issues/63141. > > > > V2: > > - Fix memleak for built 'path'. > > > > > > Xiubo Li (6): > > ceph: save the cap_auths in client when session being opened > > ceph: add ceph_mds_check_access() helper support > > ceph: check the cephx mds auth access for setattr > > ceph: check the cephx mds auth access for open > > ceph: check the cephx mds auth access for async dirop > > ceph: add CEPHFS_FEATURE_MDS_AUTH_CAPS_CHECK feature bit > > > > fs/ceph/dir.c | 28 +++++ > > fs/ceph/file.c | 61 +++++++++- > > fs/ceph/inode.c | 46 ++++++-- > > fs/ceph/mds_client.c | 265 ++++++++++++++++++++++++++++++++++++++++++- > > fs/ceph/mds_client.h | 28 ++++- > > 5 files changed, 415 insertions(+), 13 deletions(-) > > > > -- > > 2.41.0 > > > > Tested-by: Venky Shankar <vshankar@redhat.com> cc Rishabh. Revoking this in the meantime since I suspect this changeset to be causing https://tracker.ceph.com/issues/64172 since it happens with the testing kernel, is auth cap related and I guess the changes were merged in the testing branch around the time we started seeing this failure. I haven't seen the changes closely, but I suspect the part where the last auth cap permission is followed might be involved - not 100% sure though. Xiubo, please have a look. > > -- > Cheers, > Venky
From: Xiubo Li <xiubli@redhat.com> The code are refered to the userspace libcephfs: https://github.com/ceph/ceph/pull/48027. V3: - Fix https://tracker.ceph.com/issues/63141. V2: - Fix memleak for built 'path'. Xiubo Li (6): ceph: save the cap_auths in client when session being opened ceph: add ceph_mds_check_access() helper support ceph: check the cephx mds auth access for setattr ceph: check the cephx mds auth access for open ceph: check the cephx mds auth access for async dirop ceph: add CEPHFS_FEATURE_MDS_AUTH_CAPS_CHECK feature bit fs/ceph/dir.c | 28 +++++ fs/ceph/file.c | 61 +++++++++- fs/ceph/inode.c | 46 ++++++-- fs/ceph/mds_client.c | 265 ++++++++++++++++++++++++++++++++++++++++++- fs/ceph/mds_client.h | 28 ++++- 5 files changed, 415 insertions(+), 13 deletions(-)