From patchwork Tue Dec 5 01:14:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xiubo Li X-Patchwork-Id: 13479268 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="HAcf4r6E" Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E9BB9C9 for ; Mon, 4 Dec 2023 17:17:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1701739022; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=lN5ajAvFyHn5QyRfisHjFAFkUY6K/VdOA0va1v1dme8=; b=HAcf4r6EWszPmY7cTDWRch7f497cepZKTLX1yNQ5QimAPNeShdG9Yz/WeMlEQK31IqtiIz Ft6Flq3OaIr5Kph0InT2cC+JU7bCJ5M2bPJ7bGZUimn8G+QTxGu75yRs6y8NsP6HvFI2Ls Jb8N/3GAX4EK4gPVMndSeSpbi8/Q1ZA= Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-604-0NBQfmNyN2isBj3oQMWTRw-1; Mon, 04 Dec 2023 20:16:58 -0500 X-MC-Unique: 0NBQfmNyN2isBj3oQMWTRw-1 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5D59E3813F2E; Tue, 5 Dec 2023 01:16:58 +0000 (UTC) Received: from li-a71a4dcc-35d1-11b2-a85c-951838863c8d.ibm.com.com (unknown [10.72.113.153]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9B920492BE8; Tue, 5 Dec 2023 01:16:55 +0000 (UTC) From: xiubli@redhat.com To: ceph-devel@vger.kernel.org Cc: idryomov@gmail.com, jlayton@kernel.org, vshankar@redhat.com, mchangir@redhat.com, Xiubo Li Subject: [PATCH v3 0/6] ceph: check the cephx mds auth access in client side Date: Tue, 5 Dec 2023 09:14:33 +0800 Message-ID: <20231205011439.84238-1-xiubli@redhat.com> Precedence: bulk X-Mailing-List: ceph-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.9 From: Xiubo Li The code are refered to the userspace libcephfs: https://github.com/ceph/ceph/pull/48027. V3: - Fix https://tracker.ceph.com/issues/63141. V2: - Fix memleak for built 'path'. Xiubo Li (6): ceph: save the cap_auths in client when session being opened ceph: add ceph_mds_check_access() helper support ceph: check the cephx mds auth access for setattr ceph: check the cephx mds auth access for open ceph: check the cephx mds auth access for async dirop ceph: add CEPHFS_FEATURE_MDS_AUTH_CAPS_CHECK feature bit fs/ceph/dir.c | 28 +++++ fs/ceph/file.c | 61 +++++++++- fs/ceph/inode.c | 46 ++++++-- fs/ceph/mds_client.c | 265 ++++++++++++++++++++++++++++++++++++++++++- fs/ceph/mds_client.h | 28 ++++- 5 files changed, 415 insertions(+), 13 deletions(-) Tested-by: Venky Shankar