Windows: Explicit permission check on extent release
authorJeffrey Altman <jaltman@your-file-system.com>
Thu, 22 Dec 2011 02:10:45 +0000 (21:10 -0500)
committerJeffrey Altman <jaltman@secure-endpoints.com>
Thu, 22 Dec 2011 15:10:13 +0000 (07:10 -0800)
When a data extent is released by the afs redirector or the
afsd_service performs an extent claw back during a cleanup
operation, perform an explicit permission check before attempting
to store dirty buffers to the file server.   Instead of waiting
for the file server to fail the request, fail it immediately.

The permission check is performed using the currently active
authentication group.

Change-Id: I533f06ec10b8a6f4dbe5e18b1205b20881b5559a
Reviewed-on: http://gerrit.openafs.org/6395
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

src/WINNT/afsrdr/user/RDRFunction.c

index 89f0478..4a57409 100644 (file)
@@ -1799,11 +1799,20 @@ RDR_CleanupFileEntry( IN cm_user_t *userp,
     }
 
     if (bLastHandle || bFlushFile) {
-        if (bScpLocked) {
-            lock_ReleaseWrite(&scp->rw);
-            bScpLocked = FALSE;
+        if (!bScpLocked) {
+            lock_ObtainWrite(&scp->rw);
+            bScpLocked = TRUE;
+        }
+        code = cm_SyncOp(scp, NULL, userp, &req, PRSFS_WRITE,
+                          CM_SCACHESYNC_NEEDCALLBACK | CM_SCACHESYNC_GETSTATUS);
+        if (code == 0) {
+            if (bScpLocked) {
+                lock_ReleaseWrite(&scp->rw);
+                bScpLocked = FALSE;
+            }
+
+            code = cm_FSync(scp, userp, &req, bScpLocked);
         }
-        code = cm_FSync(scp, userp, &req, bScpLocked);
         if (bLastHandle && code)
             goto on_error;
     }
@@ -3785,7 +3794,12 @@ RDR_ReleaseFileExtents( IN cm_user_t *userp,
 
     if (scp) {
         if (ReleaseExtentsCB->Flags & AFS_EXTENT_FLAG_FLUSH) {
-            code = buf_CleanVnode(scp, userp, &req);
+            lock_ObtainWrite(&scp->rw);
+            code = cm_SyncOp(scp, NULL, userp, &req, PRSFS_WRITE,
+                             CM_SCACHESYNC_NEEDCALLBACK | CM_SCACHESYNC_GETSTATUS);
+            lock_ReleaseWrite(&scp->rw);
+            if (code == 0)
+                code = cm_FSync(scp, userp, &req, FALSE);
         }
         else if (dirty) {
             osi_hyper_t offset = {0,0};