PERFORCE change 169505 for review
Gleb Kurtsou
gk at FreeBSD.org
Wed Oct 14 21:06:57 UTC 2009
http://p4web.freebsd.org/chv.cgi?CH=169505
Change 169505 by gk at gk_h1 on 2009/10/14 21:06:44
support ioctls on read-only filesystem
enable ro mount test
Affected files ...
.. //depot/projects/soc2009/gk_pefs/sys/fs/pefs/pefs_vnops.c#24 edit
.. //depot/projects/soc2009/gk_pefs/tools/regression/pefs/t_mount#2 edit
Differences ...
==== //depot/projects/soc2009/gk_pefs/sys/fs/pefs/pefs_vnops.c#24 (text+ko) ====
@@ -70,6 +70,7 @@
#include <sys/mount.h>
#include <sys/mutex.h>
#include <sys/namei.h>
+#include <sys/priv.h>
#include <sys/sf_buf.h>
#include <sys/sysctl.h>
#include <sys/sx.h>
@@ -753,11 +754,8 @@
case VDIR:
case VLNK:
case VREG:
- /*
- * Do not check pefs_no_keys(vp) here because ioctls
- * expect filesystem to be writable right after mount
- */
- if (vp->v_mount->mnt_flag & MNT_RDONLY)
+ if ((vp->v_mount->mnt_flag & MNT_RDONLY) != 0 ||
+ pefs_no_keys(vp))
return (EROFS);
break;
default:
@@ -2029,17 +2027,19 @@
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
vdrop(dvp); /* vhold by vn_vptocnp */
- error = pefs_enccn_get(&fenccn, vp, &cn);
+ error = VOP_ACCESS(vp, VWRITE, cred, td);
+ if (error == 0)
+ error = pefs_enccn_get(&fenccn, vp, &cn);
if (error != 0) {
- VOP_UNLOCK(lvp, 0);
- VOP_UNLOCK(ldvp, 0);
+ VOP_UNLOCK(vp, 0);
+ VOP_UNLOCK(dvp, 0);
PEFSDEBUG("pefs_setkey: pefs_enccn_get failed: %d\n", error);
goto out;
}
error = pefs_enccn_create(&tenccn, pk, NULL, &cn);
if (error != 0) {
- VOP_UNLOCK(lvp, 0);
- VOP_UNLOCK(ldvp, 0);
+ VOP_UNLOCK(vp, 0);
+ VOP_UNLOCK(dvp, 0);
pefs_enccn_free(&fenccn);
goto out;
}
@@ -2072,16 +2072,24 @@
pefs_ioctl(struct vop_ioctl_args *ap)
{
struct vnode *vp = ap->a_vp;
- struct pefs_mount *pm = VFS_TO_PEFS(vp->v_mount);
struct pefs_xkey *xk = ap->a_data;
+ struct ucred *cred = ap->a_cred;
+ struct thread *td = ap->a_td;
+ struct mount *mp = vp->v_mount;
+ struct pefs_mount *pm = VFS_TO_PEFS(mp);
struct pefs_key *pk;
- int error, i;
+ int error = 0, i;
- vn_lock(pm->pm_rootvp, LK_SHARED | LK_RETRY);
- error = VOP_ACCESS(pm->pm_rootvp, VWRITE, ap->a_cred, ap->a_td);
- VOP_UNLOCK(pm->pm_rootvp, 0);
- if (error != 0)
- return (error);
+ if (mp->mnt_cred->cr_uid != cred->cr_uid) {
+ error = priv_check_cred(cred, PRIV_VFS_ADMIN, 0);
+ if (error != 0 && (mp->mnt_flag & MNT_RDONLY) == 0) {
+ vn_lock(pm->pm_rootvp, LK_SHARED | LK_RETRY);
+ error = VOP_ACCESS(mp->mnt_vnodecovered, VWRITE, cred, td);
+ VOP_UNLOCK(pm->pm_rootvp, 0);
+ }
+ if (error != 0)
+ return (error);
+ }
/*
* Recycle all unused vnodes after adding/deleting keys to cleanup
@@ -2114,7 +2122,7 @@
pefs_key_ref(pk);
mtx_unlock(&pm->pm_keys_lock);
if (pk != NULL) {
- error = pefs_setkey(vp, pk, ap->a_cred, ap->a_td);
+ error = pefs_setkey(vp, pk, cred, td);
pefs_key_release(pk);
} else {
PEFSDEBUG("pefs_ioctl: key not found\n");
@@ -2132,7 +2140,7 @@
}
error = pefs_key_add(pm, xk->pxk_index, pk);
if (error == 0)
- pefs_flushkey(vp->v_mount, ap->a_td, 0, NULL);
+ pefs_flushkey(mp, td, 0, NULL);
else
pefs_key_release(pk);
break;
@@ -2144,7 +2152,7 @@
pefs_key_ref(pk);
pefs_key_remove(pm, pk);
mtx_unlock(&pm->pm_keys_lock);
- pefs_flushkey(vp->v_mount, ap->a_td, 0, pk);
+ pefs_flushkey(mp, td, 0, pk);
pefs_key_release(pk);
} else {
mtx_unlock(&pm->pm_keys_lock);
@@ -2154,8 +2162,7 @@
case PEFS_FLUSHKEYS:
PEFSDEBUG("pefs_ioctl: flush keys\n");
if (pefs_key_remove_all(pm)) {
- pefs_flushkey(vp->v_mount, ap->a_td,
- PEFS_FLUSHKEY_ALL, NULL);
+ pefs_flushkey(mp, td, PEFS_FLUSHKEY_ALL, NULL);
}
break;
default:
==== //depot/projects/soc2009/gk_pefs/tools/regression/pefs/t_mount#2 (text+ko) ====
@@ -55,11 +55,10 @@
test_name "File-system can be unmounted"
test_unmount
- # XXX
- #test_name "File-system mount options work"
- #test_mount -o ro
- #mount | grep ${Work_Dir} | grep -q read-only || die
- #test_unmount
+ test_name "File-system mount options work"
+ test_mount -o ro
+ mount | grep ${Work_Dir} | grep -q read-only || die
+ test_unmount
test_name "Root directory attributes are set correctly"
test_mount -o "uid=1000,gid=100,mode=755"
More information about the p4-projects
mailing list