From 43f8150e06211409f29d3009451d965682516436 Mon Sep 17 00:00:00 2001
From: ericm <ericm>
Date: Fri, 12 Aug 2005 18:52:50 +0000
Subject: [PATCH] do reverse idmapping for remote perm fetch.

---
 lustre/mds/handler.c      |  4 ++++
 lustre/mds/mds_internal.h |  2 ++
 lustre/mds/mds_lib.c      | 28 ++++++++++++++++++++++++++++
 3 files changed, 34 insertions(+)

diff --git a/lustre/mds/handler.c b/lustre/mds/handler.c
index 62a909ee34..39e86cee53 100644
--- a/lustre/mds/handler.c
+++ b/lustre/mds/handler.c
@@ -1130,6 +1130,7 @@ int mds_pack_posix_acl(struct lustre_msg *repmsg, int offset,
 int mds_pack_remote_perm(struct ptlrpc_request *req, int reply_off,
                          struct mds_body *body, struct inode *inode)
 {
+        struct mds_export_data *med = &req->rq_export->u.eu_mds_data;
         struct lustre_sec_desc *lsd;
         struct mds_remote_perm *perm;
         __u32 lsd_perms;
@@ -1167,6 +1168,9 @@ int mds_pack_remote_perm(struct ptlrpc_request *req, int reply_off,
 
         mds_put_lsd(lsd);
 
+        if (mds_remote_perm_do_reverse_map(med, perm))
+                RETURN(-EPERM);
+
         /* permission bits of current user
          * XXX this is low efficient, could we do it in one blow?
          */
diff --git a/lustre/mds/mds_internal.h b/lustre/mds/mds_internal.h
index 488ca7cdae..8970f519c4 100644
--- a/lustre/mds/mds_internal.h
+++ b/lustre/mds/mds_internal.h
@@ -132,6 +132,8 @@ struct mds_idmap_table *mds_idmap_alloc(void);
 void mds_idmap_free(struct mds_idmap_table *tbl);
 void mds_body_do_reverse_map(struct mds_export_data *med,
                              struct mds_body *body);
+int mds_remote_perm_do_reverse_map(struct mds_export_data *med,
+                                   struct mds_remote_perm *perm);
 int mds_init_ucred(struct lvfs_ucred *ucred, struct ptlrpc_request *req,
                    struct mds_req_sec_desc *rsd);
 void mds_exit_ucred(struct lvfs_ucred *ucred);
diff --git a/lustre/mds/mds_lib.c b/lustre/mds/mds_lib.c
index ffb4b8dc49..c0f2323655 100644
--- a/lustre/mds/mds_lib.c
+++ b/lustre/mds/mds_lib.c
@@ -1054,6 +1054,34 @@ void mds_body_do_reverse_map(struct mds_export_data *med,
         EXIT;
 }
 
+/*
+ * return error if can't find mapping, it's a error so should not
+ * fall into nllu/nllg.
+ */
+int mds_remote_perm_do_reverse_map(struct mds_export_data *med,
+                                   struct mds_remote_perm *perm)
+{
+        uid_t uid;
+        gid_t gid;
+
+        LASSERT(med->med_remote);
+
+        uid = mds_idmap_lookup_uid(med->med_idmap, 1, perm->mrp_auth_uid);
+        if (uid == MDS_IDMAP_NOTFOUND) {
+                CERROR("no map for uid %u\n", perm->mrp_auth_uid);
+                return -EPERM;
+        }
+        gid = mds_idmap_lookup_gid(med->med_idmap, 1, perm->mrp_auth_gid);
+        if (gid == MDS_IDMAP_NOTFOUND) {
+                CERROR("no map for uid %u\n", perm->mrp_auth_uid);
+                return -EPERM;
+        }
+
+        perm->mrp_auth_uid = uid;
+        perm->mrp_auth_gid = gid;
+        return 0;
+}
+
 /**********************
  * MDS ucred handling *
  **********************/
-- 
GitLab