#include "afs/vice.h"
#include "afs/afs_bypasscache.h"
#include "rx/rx_globals.h"
+#include "token.h"
struct VenusFid afs_rootFid;
afs_int32 afs_waitForever = 0;
}
static_inline int
-afs_pd_getInt(struct afs_pdata *apd, afs_int32 *val)
+afs_pd_getBytes(struct afs_pdata *apd, void *dest, size_t bytes)
{
- if (apd == NULL || apd->remaining < sizeof(afs_int32))
+ if (apd == NULL || apd->remaining < bytes)
return EINVAL;
- apd->remaining -= sizeof(afs_int32);
- *val = *(afs_int32 *)apd->ptr;
- apd->ptr += sizeof(afs_int32);
+ apd->remaining -= bytes;
+ memcpy(dest, apd->ptr, bytes);
+ apd->ptr += bytes;
return 0;
}
static_inline int
-afs_pd_getUint(struct afs_pdata *apd, afs_uint32 *val)
+afs_pd_getInt(struct afs_pdata *apd, afs_int32 *val)
{
- return afs_pd_getInt(apd, (afs_int32 *)val);
+ return afs_pd_getBytes(apd, val, sizeof(*val));
}
static_inline int
-afs_pd_getBytes(struct afs_pdata *apd, void *dest, size_t bytes)
+afs_pd_getUint(struct afs_pdata *apd, afs_uint32 *val)
{
- if (apd == NULL || apd->remaining < bytes)
- return EINVAL;
- apd->remaining -= bytes;
- memcpy(dest, apd->ptr, bytes);
- apd->ptr += bytes;
- return 0;
+ return afs_pd_getBytes(apd, val, sizeof(*val));
}
static_inline void *
return ret;
}
+static_inline void
+afs_pd_xdrStart(struct afs_pdata *apd, XDR *xdrs, enum xdr_op op) {
+ xdrmem_create(xdrs, apd->ptr, apd->remaining, op);
+}
+
+static_inline void
+afs_pd_xdrEnd(struct afs_pdata *apd, XDR *xdrs) {
+ size_t pos;
+
+ pos = xdr_getpos(xdrs);
+ apd->ptr += pos;
+ apd->remaining -= pos;
+ xdr_destroy(xdrs);
+}
+
+
+
static_inline int
afs_pd_getString(struct afs_pdata *apd, char *str, size_t maxLen)
{
}
static_inline int
-afs_pd_putInt(struct afs_pdata *apd, afs_int32 val)
-{
- if (apd == NULL || apd->remaining < sizeof(afs_int32))
- return E2BIG;
- *(afs_int32 *)apd->ptr = val;
- apd->ptr += sizeof(afs_int32);
- apd->remaining -= sizeof(afs_int32);
-
- return 0;
-}
-
-static_inline int
afs_pd_putBytes(struct afs_pdata *apd, const void *bytes, size_t len)
{
if (apd == NULL || apd->remaining < len)
}
static_inline int
+afs_pd_putInt(struct afs_pdata *apd, afs_int32 val)
+{
+ return afs_pd_putBytes(apd, &val, sizeof(val));
+}
+
+static_inline int
afs_pd_putString(struct afs_pdata *apd, char *str) {
/* Add 1 so we copy the NULL too */
DECL_PIOCTL(PGetWSCell);
DECL_PIOCTL(PGetUserCell);
DECL_PIOCTL(PSetTokens);
+DECL_PIOCTL(PSetTokens2);
DECL_PIOCTL(PGetVolumeStatus);
DECL_PIOCTL(PSetVolumeStatus);
DECL_PIOCTL(PFlush);
DECL_PIOCTL(PNewStatMount);
DECL_PIOCTL(PGetTokens);
+DECL_PIOCTL(PGetTokens2);
DECL_PIOCTL(PUnlog);
DECL_PIOCTL(PMariner);
DECL_PIOCTL(PCheckServers);
DECL_PIOCTL(PDiscon);
DECL_PIOCTL(PNFSNukeCreds);
DECL_PIOCTL(PNewUuid);
-DECL_PIOCTL(PPrecache);
+DECL_PIOCTL(PPrecache);
DECL_PIOCTL(PGetPAG);
-#if defined(AFS_CACHE_BYPASS)
+#if defined(AFS_CACHE_BYPASS) && defined(AFS_LINUX24_ENV)
DECL_PIOCTL(PSetCachingThreshold);
#endif
afs_ucred_t **acred,
afs_ucred_t *credp);
#endif
-int HandleIoctl(register struct vcache *avc, register afs_int32 acom,
+int HandleIoctl(struct vcache *avc, afs_int32 acom,
struct afs_ioctl *adata);
int afs_HandlePioctl(struct vnode *avp, afs_int32 acom,
- register struct afs_ioctl *ablob, int afollow,
+ struct afs_ioctl *ablob, int afollow,
afs_ucred_t **acred);
static int Prefetch(uparmtype apath, struct afs_ioctl *adata, int afollow,
afs_ucred_t *acred);
PBogus, /* 4 */
PDiscon, /* 5 -- get/set discon mode */
PBogus, /* 6 */
- PBogus, /* 7 */
- PBogus, /* 8 */
+ PGetTokens2, /* 7 */
+ PSetTokens2, /* 8 */
PNewUuid, /* 9 */
PBogus, /* 10 */
PBogus, /* 11 */
static pioctlFunction OpioctlSw[] = {
PBogus, /* 0 */
PNFSNukeCreds, /* 1 -- nuke all creds for NFS client */
-#if defined(AFS_CACHE_BYPASS)
+#if defined(AFS_CACHE_BYPASS) && defined(AFS_LINUX24_ENV)
PSetCachingThreshold /* 2 -- get/set cache-bypass size threshold */
#else
PNoop /* 2 -- get/set cache-bypass size threshold */
int afs_nobody = NFS_NOBODY;
int
-HandleIoctl(register struct vcache *avc, register afs_int32 acom,
+HandleIoctl(struct vcache *avc, afs_int32 acom,
struct afs_ioctl *adata)
{
- register afs_int32 code;
+ afs_int32 code;
code = 0;
AFS_STATCNT(HandleIoctl);
case 3:{
/* return the name of the cell this file is open on */
- register struct cell *tcell;
- register afs_int32 i;
+ struct cell *tcell;
+ afs_int32 i;
tcell = afs_GetCell(avc->f.fid.Cell, READ_LOCK);
if (tcell) {
# endif
} u_uap, *uap = &u_uap;
struct file *fd;
- register struct vcache *tvc;
- register int ioctlDone = 0, code = 0;
+ struct vcache *tvc;
+ int ioctlDone = 0, code = 0;
AFS_STATCNT(afs_xioctl);
uap->fd = fdes;
if (tvc && IsAfsVnode(AFSTOV(tvc))) {
/* This is an AFS vnode */
if (((uap->com >> 8) & 0xff) == 'V') {
- register struct afs_ioctl *datap;
+ struct afs_ioctl *datap;
AFS_GLOCK();
datap =
(struct afs_ioctl *)osi_AllocSmallSpace(AFS_SMALLOCSIZ);
int arg;
};
-int
+int
afs_xioctl(struct afs_ioctl_sys *uap, rval_t *rvp)
{
struct file *fd;
- register struct vcache *tvc;
- register int ioctlDone = 0, code = 0;
+ struct vcache *tvc;
+ int ioctlDone = 0, code = 0;
AFS_STATCNT(afs_xioctl);
# if defined(AFS_SUN57_ENV)
if (tvc && IsAfsVnode(AFSTOV(tvc))) {
/* This is an AFS vnode */
if (((uap->com >> 8) & 0xff) == 'V') {
- register struct afs_ioctl *datap;
+ struct afs_ioctl *datap;
AFS_GLOCK();
datap =
(struct afs_ioctl *)osi_AllocSmallSpace(AFS_SMALLOCSIZ);
unsigned long arg)
{
struct afs_ioctl_sys ua, *uap = &ua;
- register struct vcache *tvc;
- register int ioctlDone = 0, code = 0;
+ struct vcache *tvc;
+ int ioctlDone = 0, code = 0;
AFS_STATCNT(afs_xioctl);
ua.com = com;
if (tvc && IsAfsVnode(AFSTOV(tvc))) {
/* This is an AFS vnode */
if (((uap->com >> 8) & 0xff) == 'V') {
- register struct afs_ioctl *datap;
+ struct afs_ioctl *datap;
AFS_GLOCK();
datap = osi_AllocSmallSpace(AFS_SMALLOCSIZ);
code = copyin_afs_ioctl((char *)uap->arg, datap);
};
int
-afs_xioctl(afs_proc_t *p, register struct ioctl_args *uap, register_t *retval)
+afs_xioctl(afs_proc_t *p, struct ioctl_args *uap, register_t *retval)
{
struct file *fd;
- register struct vcache *tvc;
- register int ioctlDone = 0, code = 0;
+ struct vcache *tvc;
+ int ioctlDone = 0, code = 0;
AFS_STATCNT(afs_xioctl);
if ((code = fdgetf(p, uap->fd, &fd)))
if (tvc && IsAfsVnode(AFSTOV(tvc))) {
/* This is an AFS vnode */
if (((uap->com >> 8) & 0xff) == 'V') {
- register struct afs_ioctl *datap;
+ struct afs_ioctl *datap;
AFS_GLOCK();
datap = osi_AllocSmallSpace(AFS_SMALLOCSIZ);
code = copyin_afs_ioctl((char *)uap->arg, datap);
# if defined(AFS_FBSD_ENV)
# define arg data
int
-afs_xioctl(struct thread *td, register struct ioctl_args *uap,
+afs_xioctl(struct thread *td, struct ioctl_args *uap,
register_t *retval)
{
afs_proc_t *p = td->td_proc;
};
int
-afs_xioctl(afs_proc_t *p, register struct ioctl_args *uap, register_t *retval)
+afs_xioctl(afs_proc_t *p, struct ioctl_args *uap, register_t *retval)
{
# endif
- register struct filedesc *fdp;
- register struct vcache *tvc;
- register int ioctlDone = 0, code = 0;
+ struct filedesc *fdp;
+ struct vcache *tvc;
+ int ioctlDone = 0, code = 0;
struct file *fd;
AFS_STATCNT(afs_xioctl);
if (tvc && IsAfsVnode(AFSTOV(tvc))) {
/* This is an AFS vnode */
if (((uap->com >> 8) & 0xff) == 'V') {
- register struct afs_ioctl *datap;
+ struct afs_ioctl *datap;
AFS_GLOCK();
datap = osi_AllocSmallSpace(AFS_SMALLOCSIZ);
code = copyin_afs_ioctl((char *)uap->arg, datap);
int
afs_xioctl(void)
{
- register struct a {
+ struct a {
int fd;
int com;
caddr_t arg;
} *uap = (struct a *)get_user_struct()->u_ap;
- register struct file *fd;
- register struct vcache *tvc;
- register int ioctlDone = 0, code = 0;
+ struct file *fd;
+ struct vcache *tvc;
+ int ioctlDone = 0, code = 0;
AFS_STATCNT(afs_xioctl);
if (tvc && IsAfsVnode(AFSTOV(tvc))) {
/* This is an AFS vnode */
if (((uap->com >> 8) & 0xff) == 'V') {
- register struct afs_ioctl *datap;
+ struct afs_ioctl *datap;
AFS_GLOCK();
datap = osi_AllocSmallSpace(AFS_SMALLOCSIZ);
code=copyin_afs_ioctl((char *)uap->arg, datap);
int
#ifdef AFS_SUN5_ENV
-afs_syscall_pioctl(char *path, unsigned int com, caddr_t cmarg, int follow,
+afs_syscall_pioctl(char *path, unsigned int com, caddr_t cmarg, int follow,
rval_t *vvp, afs_ucred_t *credp)
#else
#ifdef AFS_DARWIN100_ENV
afs_syscall64_pioctl(user_addr_t path, unsigned int com, user_addr_t cmarg,
int follow, afs_ucred_t *credp)
#elif defined(AFS_DARWIN_ENV) || defined(AFS_XBSD_ENV)
-afs_syscall_pioctl(char *path, unsigned int com, caddr_t cmarg, int follow,
+afs_syscall_pioctl(char *path, unsigned int com, caddr_t cmarg, int follow,
afs_ucred_t *credp)
#else
afs_syscall_pioctl(char *path, unsigned int com, caddr_t cmarg, int follow)
#if defined(AFS_NEED_CLIENTCONTEXT) || defined(AFS_SUN5_ENV) || defined(AFS_AIX41_ENV) || defined(AFS_LINUX22_ENV) || defined(AFS_DARWIN_ENV) || defined(AFS_XBSD_ENV)
afs_ucred_t *foreigncreds = NULL;
#endif
- register afs_int32 code = 0;
+ afs_int32 code = 0;
struct vnode *vp = NULL;
#ifdef AFS_AIX41_ENV
struct ucred *credp = crref(); /* don't free until done! */
struct vnode *realvp;
if
#ifdef AFS_SUN511_ENV
- (VOP_REALVP(vp, &realvp, NULL) == 0)
+ (VOP_REALVP(vp, &realvp, NULL) == 0)
#else
- (VOP_REALVP(vp, &realvp) == 0)
+ (VOP_REALVP(vp, &realvp) == 0)
#endif
{
struct vnode *oldvp = vp;
-
+
VN_HOLD(realvp);
vp = realvp;
AFS_RELE(oldvp);
int
afs_HandlePioctl(struct vnode *avp, afs_int32 acom,
- register struct afs_ioctl *ablob, int afollow,
+ struct afs_ioctl *ablob, int afollow,
afs_ucred_t **acred)
{
struct vcache *avc;
struct vrequest treq;
- register afs_int32 code;
- register afs_int32 function, device;
+ afs_int32 code;
+ afs_int32 function, device;
struct afs_pdata input, output;
struct afs_pdata copyInput, copyOutput;
size_t outSize;
if (code)
goto out;
- if (function == 8 && device == 'V') { /* PGetTokens */
+ if ((function == 8 && device == 'V') ||
+ (function == 7 && device == 'C')) { /* PGetTokens */
code = afs_pd_alloc(&output, MAXPIOCTLTOKENLEN);
} else {
code = afs_pd_alloc(&output, AFS_LRALLOCSIZ);
DECL_PIOCTL(PSetAcl)
{
- register afs_int32 code;
+ afs_int32 code;
struct afs_conn *tconn;
struct AFSOpaque acl;
struct AFSVolSync tsync;
*/
DECL_PIOCTL(PGetFileCell)
{
- register struct cell *tcell;
+ struct cell *tcell;
AFS_STATCNT(PGetFileCell);
if (!avc)
*/
DECL_PIOCTL(PGetUserCell)
{
- register afs_int32 i;
- register struct unixuser *tu;
- register struct cell *tcell;
+ afs_int32 i;
+ struct unixuser *tu;
+ struct cell *tcell;
AFS_STATCNT(PGetUserCell);
if (!afs_resourceinit_flag) /* afs daemons haven't started yet */
return 0;
}
+/* Work out which cell we're changing tokens for */
+static_inline int
+_settok_tokenCell(char *cellName, int *cellNum, int *primary) {
+ int t1;
+ struct cell *cell;
+
+ if (cellName && strlen(cellName) > 0) {
+ cell = afs_GetCellByName(cellName, READ_LOCK);
+ } else {
+ cell = afs_GetPrimaryCell(READ_LOCK);
+ if (primary)
+ *primary = 1;
+ }
+ if (!cell) {
+ t1 = afs_initState;
+ if (t1 < 101)
+ return EIO;
+ else
+ return ESRCH;
+ }
+ *cellNum = cell->cellNum;
+ afs_PutCell(cell, READ_LOCK);
+
+ return 0;
+}
+
+
+static_inline int
+_settok_setParentPag(afs_ucred_t **cred) {
+ afs_uint32 pag;
+#if defined(AFS_DARWIN_ENV) || defined(AFS_XBSD_ENV)
+ char procname[256];
+ osi_procname(procname, 256);
+ afs_warnuser("Process %d (%s) tried to change pags in PSetTokens\n",
+ MyPidxx2Pid(MyPidxx), procname);
+ return setpag(osi_curproc(), cred, -1, &pag, 1);
+#else
+ return setpag(cred, -1, &pag, 1);
+#endif
+}
+
/*!
* VIOCSETTOK (3) - Set authentication tokens
*
*/
DECL_PIOCTL(PSetTokens)
{
- afs_int32 i;
- register struct unixuser *tu;
+ afs_int32 cellNum;
+ afs_int32 size;
+ afs_int32 code;
+ struct unixuser *tu;
struct ClearToken clear;
- register struct cell *tcell;
char *stp;
char *cellName;
int stLen;
if (afs_pd_skip(ain, stLen) != 0)
return EINVAL;
- if (afs_pd_getInt(ain, &i) != 0)
+ if (afs_pd_getInt(ain, &size) != 0)
return EINVAL;
- if (i != sizeof(struct ClearToken))
+ if (size != sizeof(struct ClearToken))
return EINVAL;
if (afs_pd_getBytes(ain, &clear, sizeof(struct ClearToken)) !=0)
if (afs_pd_getStringPtr(ain, &cellName) != 0)
return EINVAL;
- /* rest is cell name, look it up */
- tcell = afs_GetCellByName(cellName, READ_LOCK);
- if (!tcell)
- goto nocell;
+ code = _settok_tokenCell(cellName, &cellNum, NULL);
+ if (code)
+ return code;
} else {
/* default to primary cell, primary id */
- flag = 1; /* primary id */
- tcell = afs_GetPrimaryCell(READ_LOCK);
- if (!tcell)
- goto nocell;
+ code = _settok_tokenCell(NULL, &cellNum, &flag);
+ if (code)
+ return code;
}
- i = tcell->cellNum;
- afs_PutCell(tcell, READ_LOCK);
+
if (set_parent_pag) {
- afs_uint32 pag;
-#if defined(AFS_DARWIN_ENV) || defined(AFS_XBSD_ENV)
- char procname[256];
- osi_procname(procname, 256);
- afs_warnuser("Process %d (%s) tried to change pags in PSetTokens\n",
- MyPidxx2Pid(MyPidxx), procname);
- if (!setpag(osi_curproc(), acred, -1, &pag, 1)) {
-#else
- if (!setpag(acred, -1, &pag, 1)) {
-#endif
+ if (_settok_setParentPag(acred) == 0) {
afs_InitReq(&treq, *acred);
areq = &treq;
}
}
+
/* now we just set the tokens */
- tu = afs_GetUser(areq->uid, i, WRITE_LOCK); /* i has the cell # */
- tu->vid = clear.ViceId;
- if (tu->stp != NULL) {
- afs_osi_Free(tu->stp, tu->stLen);
- }
- tu->stp = (char *)afs_osi_Alloc(stLen);
- if (tu->stp == NULL) {
- return ENOMEM;
- }
- tu->stLen = stLen;
- memcpy(tu->stp, stp, stLen);
- tu->ct = clear;
+ tu = afs_GetUser(areq->uid, cellNum, WRITE_LOCK);
+ /* Set tokens destroys any that are already there */
+ afs_FreeTokens(&tu->tokens);
+ afs_AddRxkadToken(&tu->tokens, stp, stLen, &clear);
#ifndef AFS_NOSTATS
afs_stats_cmfullperf.authent.TicketUpdates++;
afs_ComputePAGStats();
afs_PutUser(tu, WRITE_LOCK);
return 0;
-
- nocell:
- {
- int t1;
- t1 = afs_initState;
- if (t1 < 101)
- return EIO;
- else
- return ESRCH;
- }
}
/*!
char volName[32];
char *offLineMsg = afs_osi_Alloc(256);
char *motd = afs_osi_Alloc(256);
- register struct afs_conn *tc;
- register afs_int32 code = 0;
+ struct afs_conn *tc;
+ afs_int32 code = 0;
struct AFSFetchVolumeStatus volstat;
char *Name;
XSTATS_DECLS;
+ osi_Assert(offLineMsg != NULL);
+ osi_Assert(motd != NULL);
AFS_STATCNT(PGetVolumeStatus);
if (!avc) {
code = EINVAL;
char *volName;
char *offLineMsg;
char *motd;
- register struct afs_conn *tc;
- register afs_int32 code = 0;
+ struct afs_conn *tc;
+ afs_int32 code = 0;
struct AFSFetchVolumeStatus volstat;
struct AFSStoreVolumeStatus storeStat;
- register struct volume *tvp;
+ struct volume *tvp;
XSTATS_DECLS;
AFS_STATCNT(PSetVolumeStatus);
*/
DECL_PIOCTL(PNewStatMount)
{
- register afs_int32 code;
- register struct vcache *tvc;
- register struct dcache *tdc;
+ afs_int32 code;
+ struct vcache *tvc;
+ struct dcache *tdc;
struct VenusFid tfid;
char *bufp;
char *name;
}
/*!
+ * A helper function to get the n'th cell which a particular user has tokens
+ * for. This is racy. If new tokens are added whilst we're iterating, then
+ * we may return some cells twice. If tokens expire mid run, then we'll
+ * miss some cells from our output. So, could be better, but that would
+ * require an interface change.
+ */
+
+static struct unixuser *
+getNthCell(afs_int32 uid, afs_int32 iterator) {
+ int i;
+ struct unixuser *tu = NULL;
+
+ i = UHash(uid);
+ ObtainReadLock(&afs_xuser);
+ for (tu = afs_users[i]; tu; tu = tu->next) {
+ if (tu->uid == uid && (tu->states & UHasTokens)) {
+ if (iterator-- == 0)
+ break; /* are we done yet? */
+ }
+ }
+ if (tu) {
+ tu->refCount++;
+ }
+ ReleaseReadLock(&afs_xuser);
+
+ return tu;
+}
+/*!
* VIOCGETTOK (8) - Get authentication tokens
- *
+ *
* \ingroup pioctl
- *
+ *
* \param[in] ain cellid to return tokens for
* \param[out] aout token
- *
+ *
* \retval EIO
* Error if the afs daemon hasn't started yet
* \retval EDOM
* tokens
* \retval ENOTCONN
* Error if there aren't tokens for this cell
- *
+ *
* \post
* If the input paramater exists, get the token that corresponds to
* the parameter value, if there is no token at this value, get the
DECL_PIOCTL(PGetTokens)
{
- register struct cell *tcell;
- register afs_int32 i;
- register struct unixuser *tu;
+ struct cell *tcell;
+ struct unixuser *tu = NULL;
+ union tokenUnion *token;
afs_int32 iterator = 0;
int newStyle;
+ int cellNum;
int code = E2BIG;
AFS_STATCNT(PGetTokens);
if (afs_pd_getInt(ain, &iterator) != 0)
return EINVAL;
}
- i = UHash(areq->uid);
- ObtainReadLock(&afs_xuser);
- for (tu = afs_users[i]; tu; tu = tu->next) {
- if (newStyle) {
- if (tu->uid == areq->uid && (tu->states & UHasTokens)) {
- if (iterator-- == 0)
- break; /* are we done yet? */
- }
- } else {
- if (tu->uid == areq->uid && afs_IsPrimaryCellNum(tu->cell))
- break;
- }
- }
- if (tu) {
- /*
- * No need to hold a read lock on each user entry
- */
- tu->refCount++;
+ if (newStyle) {
+ tu = getNthCell(areq->uid, iterator);
+ } else {
+ cellNum = afs_GetPrimaryCellNum();
+ if (cellNum)
+ tu = afs_FindUser(areq->uid, cellNum, READ_LOCK);
}
- ReleaseReadLock(&afs_xuser);
-
if (!tu) {
return EDOM;
}
- if (((tu->states & UHasTokens) == 0)
- || (tu->ct.EndTimestamp < osi_Time())) {
+ if (!(tu->states & UHasTokens)
+ || !afs_HasUsableTokens(tu->tokens, osi_Time())) {
tu->states |= (UTokensBad | UNeedsReset);
afs_NotifyUser(tu, UTokensDropped);
afs_PutUser(tu, READ_LOCK);
return ENOTCONN;
}
- iterator = tu->stLen; /* for compat, we try to return 56 byte tix if they fit */
+ token = afs_FindToken(tu->tokens, RX_SECIDX_KAD);
+
+ /* If they don't have an RXKAD token, but do have other tokens,
+ * then sadly there's nothing this interface can do to help them. */
+ if (token == NULL)
+ return ENOTCONN;
+
+ /* for compat, we try to return 56 byte tix if they fit */
+ iterator = token->rxkad.ticketLen;
if (iterator < 56)
iterator = 56; /* # of bytes we're returning */
if (afs_pd_putInt(aout, iterator) != 0)
goto out;
- if (afs_pd_putBytes(aout, tu->stp, tu->stLen) != 0)
+ if (afs_pd_putBytes(aout, token->rxkad.ticket, token->rxkad.ticketLen) != 0)
goto out;
- if (tu->stLen < 56) {
+ if (token->rxkad.ticketLen < 56) {
/* Tokens are always 56 bytes or larger */
- if (afs_pd_skip(aout, iterator - tu->stLen) != 0) {
+ if (afs_pd_skip(aout, iterator - token->rxkad.ticketLen) != 0) {
goto out;
}
}
if (afs_pd_putInt(aout, sizeof(struct ClearToken)) != 0)
goto out;
- if (afs_pd_putBytes(aout, &tu->ct, sizeof(struct ClearToken)) != 0)
+ if (afs_pd_putBytes(aout, &token->rxkad.clearToken,
+ sizeof(struct ClearToken)) != 0)
goto out;
if (newStyle) {
*/
DECL_PIOCTL(PUnlog)
{
- register afs_int32 i;
- register struct unixuser *tu;
+ afs_int32 i;
+ struct unixuser *tu;
AFS_STATCNT(PUnlog);
if (!afs_resourceinit_flag) /* afs daemons haven't started yet */
ObtainWriteLock(&afs_xuser, 227);
for (tu = afs_users[i]; tu; tu = tu->next) {
if (tu->uid == areq->uid) {
- tu->vid = UNDEFVID;
tu->states &= ~UHasTokens;
- /* security is not having to say you're sorry */
- memset(&tu->ct, 0, sizeof(struct ClearToken));
+ afs_FreeTokens(&tu->tokens);
tu->refCount++;
ReleaseWriteLock(&afs_xuser);
afs_NotifyUser(tu, UTokensDropped);
/* set the expire times to 0, causes
* afs_GCUserData to remove this entry
*/
- tu->ct.EndTimestamp = 0;
tu->tokenTime = 0;
#endif /* UKERNEL */
}
*/
DECL_PIOCTL(PCheckServers)
{
- register int i;
- register struct server *ts;
+ int i;
+ struct server *ts;
afs_int32 temp;
char *cellName = NULL;
struct cell *cellp;
{
int i;
struct srvAddr *sa;
- struct afs_conn *tc;
+ struct sa_conn_vector *tcv;
struct unixuser *tu;
afs_int32 retValue;
/* all connections in cell 1 working? */
for (i = 0; i < NSERVERS; i++) {
for (sa = afs_srvAddrs[i]; sa; sa = sa->next_bkt) {
- for (tc = sa->conns; tc; tc = tc->next) {
- if (tc->user == tu && (tu->states & UTokensBad))
+ for (tcv = sa->conns; tcv; tcv = tcv->next) {
+ if (tcv->user == tu && (tu->states & UTokensBad))
retValue = EACCES;
}
}
Prefetch(uparmtype apath, struct afs_ioctl *adata, int afollow,
afs_ucred_t *acred)
{
- register char *tp;
- register afs_int32 code;
+ char *tp;
+ afs_int32 code;
#if defined(AFS_SGI61_ENV) || defined(AFS_SUN57_ENV) || defined(AFS_DARWIN_ENV) || defined(AFS_XBSD_ENV)
size_t bufferSize;
#else
*/
DECL_PIOCTL(PFindVolume)
{
- register struct volume *tvp;
- register struct server *ts;
- register afs_int32 i;
+ struct volume *tvp;
+ struct server *ts;
+ afs_int32 i;
int code = 0;
AFS_STATCNT(PFindVolume);
*/
DECL_PIOCTL(PViceAccess)
{
- register afs_int32 code;
+ afs_int32 code;
afs_int32 temp;
AFS_STATCNT(PViceAccess);
{
afs_int32 results[MAXGCSTATS];
afs_int32 flags;
- register struct dcache * tdc;
+ struct dcache * tdc;
int i, size;
-
+
AFS_STATCNT(PGetCacheSize);
if (afs_pd_remaining(ain) == sizeof(afs_int32)) {
} else {
return EINVAL;
}
-
+
memset(results, 0, sizeof(results));
results[0] = afs_cacheBlocks;
results[1] = afs_blocksUsed;
results[2] = afs_cacheFiles;
-
+
if (1 == flags){
for (i = 0; i < afs_cacheFiles; i++) {
if (afs_indexFlags[i] & IFFree) results[3]++;
*/
DECL_PIOCTL(PRemoveCallBack)
{
- register struct afs_conn *tc;
- register afs_int32 code = 0;
+ struct afs_conn *tc;
+ afs_int32 code = 0;
struct AFSCallBack CallBacks_Array[1];
struct AFSCBFids theFids;
struct AFSCBs theCBs;
DECL_PIOCTL(PListCells)
{
afs_int32 whichCell;
- register struct cell *tcell = 0;
- register afs_int32 i;
+ struct cell *tcell = 0;
+ afs_int32 i;
int code;
AFS_STATCNT(PListCells);
DECL_PIOCTL(PListAliases)
{
afs_int32 whichAlias;
- register struct cell_alias *tcalias = 0;
+ struct cell_alias *tcalias = 0;
int code;
if (!afs_resourceinit_flag) /* afs daemons haven't started yet */
*/
DECL_PIOCTL(PRemoveMount)
{
- register afs_int32 code;
+ afs_int32 code;
char *bufp;
char *name;
struct sysname_info sysState;
afs_size_t offset, len;
- register struct afs_conn *tc;
- register struct dcache *tdc;
- register struct vcache *tvc;
+ struct afs_conn *tc;
+ struct dcache *tdc;
+ struct vcache *tvc;
struct AFSFetchStatus OutDirStatus;
struct VenusFid tfid;
struct AFSVolSync tsync;
*/
DECL_PIOCTL(PGetCellStatus)
{
- register struct cell *tcell;
+ struct cell *tcell;
char *cellName;
afs_int32 temp;
*/
DECL_PIOCTL(PSetCellStatus)
{
- register struct cell *tcell;
+ struct cell *tcell;
char *cellName;
afs_int32 flags0, flags1;
*/
DECL_PIOCTL(PFlushVolumeData)
{
- register afs_int32 i;
- register struct dcache *tdc;
- register struct vcache *tvc;
- register struct volume *tv;
+ afs_int32 i;
+ struct dcache *tdc;
+ struct vcache *tvc;
+ struct volume *tv;
afs_int32 cell, volume;
struct afs_q *tq, *uq;
#ifdef AFS_DARWIN80_ENV
* then someone probably has the file open and is writing
* into it. Better to skip flushing such a file, it will be
* brought back immediately on the next write anyway.
- *
+ *
* If we *must* flush, then this code has to be rearranged
* to call afs_storeAllSegments() first */
afs_FlushDCache(tdc);
*/
DECL_PIOCTL(PGetVnodeXStatus)
{
- register afs_int32 code;
+ afs_int32 code;
struct vcxstat stat;
afs_int32 mode, i;
DECL_PIOCTL(PGetVnodeXStatus2)
{
- register afs_int32 code;
+ afs_int32 code;
struct vcxstat2 stat;
afs_int32 mode;
char outname[MAXSYSNAME];
afs_int32 setsysname;
int foundname = 0;
- register struct afs_exporter *exporter;
- register struct unixuser *au;
- register afs_int32 pag, error;
+ struct afs_exporter *exporter;
+ struct unixuser *au;
+ afs_int32 pag, error;
int t, count, num = 0, allpags = 0;
char **sysnamelist;
struct afs_pdata validate;
{
int i;
struct volume *j;
- register int k;
+ int k;
if (vlonly) {
afs_int32 *p;
- p = (afs_int32 *) afs_osi_Alloc(sizeof(afs_int32) * (s + 1));
+ p = afs_osi_Alloc(sizeof(afs_int32) * (s + 1));
+ osi_Assert(p != NULL);
p[0] = s;
memcpy(p + 1, l, s * sizeof(afs_int32));
afs_TraverseCells(&ReSortCells_cb, p);
return 0;
}
-/*
+/*
* VIOC_SETPREFS33 (42) - Set server ranks (deprecated)
*
* \param[in] ain the server preferences to be set
return 0;
}
-/*
+/*
* VIOC_GETSPREFS (43) - Get server ranks
*
* \ingroup pioctl
afs_int32 export, newint = 0;
afs_int32 type, changestate, handleValue, convmode, pwsync, smounts;
afs_int32 rempags = 0, pagcb = 0;
- register struct afs_exporter *exporter;
+ struct afs_exporter *exporter;
AFS_STATCNT(PExportAfs);
if (afs_pd_getInt(ain, &handleValue) != 0)
return afs_pd_putBytes(aout, &cm_initParams,
sizeof(struct cm_initparams));
- return 0;
}
#ifdef AFS_SGI65_ENV
} else if (!code) {
EXP_RELE(outexporter);
}
- if (!code)
+ if (!code)
*com = (*com) | comp;
return code;
}
#endif /* AFS_NEED_CLIENTCONTEXT */
-/*!
+/*!
* VIOC_GETCPREFS (50) - Get client interface
*
* \ingroup pioctl
*/
DECL_PIOCTL(PFlushMount)
{
- register afs_int32 code;
- register struct vcache *tvc;
- register struct dcache *tdc;
+ afs_int32 code;
+ struct vcache *tvc;
+ struct dcache *tdc;
struct VenusFid tfid;
char *bufp;
char *mount;
DECL_PIOCTL(PPrefetchFromTape)
{
- register afs_int32 code, code1;
+ afs_int32 code, code1;
afs_int32 bytes, outval;
struct afs_conn *tc;
struct rx_call *tcall;
DECL_PIOCTL(PFsCmd)
{
- register afs_int32 code;
+ afs_int32 code;
struct afs_conn *tc;
struct vcache *tvc;
struct FsCmdInputs *Inputs;
if (tc) {
RX_AFS_GUNLOCK();
code =
- RXAFS_FsCmd(tc->id, Fid, Inputs,
+ RXAFS_FsCmd(tc->id, Fid, Inputs,
(struct FsCmdOutputs *)aout);
RX_AFS_GLOCK();
} else
return 0;
}
-#if defined(AFS_CACHE_BYPASS)
+#if defined(AFS_CACHE_BYPASS) && defined(AFS_LINUX24_ENV)
DECL_PIOCTL(PSetCachingThreshold)
{
if (setting == 0 && getting == 0)
return EINVAL;
-
- /*
+
+ /*
* If setting, set first, and return the value now in effect
*/
if (setting) {
if (!afs_osi_suser(*acred))
return EPERM;
cache_bypass_threshold = threshold;
- afs_warn("Cache Bypass Threshold set to: %d\n", threshold);
+ afs_warn("Cache Bypass Threshold set to: %d\n", threshold);
/* TODO: move to separate pioctl, or enhance pioctl */
cache_bypass_strategy = LARGE_FILES_BYPASS_CACHE;
}
-
+
/* Return the current size threshold */
if (getting)
return afs_pd_putInt(aout, cache_bypass_threshold);
}
addrs = afs_osi_Alloc(srvAddrCount * sizeof(*addrs));
+ osi_Assert(addrs != NULL);
j = 0;
for (i = 0; i < NSERVERS; i++) {
for (sa = afs_srvAddrs[i]; sa; sa = sa->next_bkt) {
static afs_int32 mode = 1; /* Start up in 'off' */
afs_int32 force = 0;
int code = 0;
- char flags[3];
+ char flags[4];
+ struct vrequest lreq;
- if (afs_pd_getBytes(ain, &flags, 3) == 0) {
+ if (afs_pd_getBytes(ain, &flags, 4) == 0) {
if (!afs_osi_suser(*acred))
return EPERM;
afs_ConflictPolicy = flags[1] - 1;
if (flags[2])
force = 1;
+ if (flags[3]) {
+ /* Fake InitReq support for UID override */
+ memset(&lreq, 0, sizeof(lreq));
+ lreq.uid = flags[3];
+ areq = &lreq; /* override areq we got */
+ }
/*
* All of these numbers are hard coded in fs.c. If they
return afs_pd_putInt(aout, mode);
}
+#define MAX_PIOCTL_TOKENS 10
+
+DECL_PIOCTL(PSetTokens2)
+{
+ int code =0;
+ int i, cellNum, primaryFlag;
+ XDR xdrs;
+ struct unixuser *tu;
+ struct vrequest treq;
+ struct ktc_setTokenData tokenSet;
+ struct ktc_tokenUnion decodedToken;
+
+ memset(&tokenSet, 0, sizeof(tokenSet));
+
+ AFS_STATCNT(PSetTokens2);
+ if (!afs_resourceinit_flag)
+ return EIO;
+
+ afs_pd_xdrStart(ain, &xdrs, XDR_DECODE);
+
+ if (!xdr_ktc_setTokenData(&xdrs, &tokenSet)) {
+ afs_pd_xdrEnd(ain, &xdrs);
+ return EINVAL;
+ }
+
+ afs_pd_xdrEnd(ain, &xdrs);
+
+ /* We limit each PAG to 10 tokens to prevent a malicous (or runaway)
+ * process from using up the whole of the kernel memory by allocating
+ * tokens.
+ */
+ if (tokenSet.tokens.tokens_len > MAX_PIOCTL_TOKENS) {
+ xdr_free((xdrproc_t) xdr_ktc_setTokenData, &tokenSet);
+ return E2BIG;
+ }
+
+ code = _settok_tokenCell(tokenSet.cell, &cellNum, &primaryFlag);
+ if (code) {
+ xdr_free((xdrproc_t) xdr_ktc_setTokenData, &tokenSet);
+ return code;
+ }
+
+ if (tokenSet.flags & AFSTOKEN_EX_SETPAG) {
+ if (_settok_setParentPag(acred) == 0) {
+ afs_InitReq(&treq, *acred);
+ areq = &treq;
+ }
+ }
+
+ tu = afs_GetUser(areq->uid, cellNum, WRITE_LOCK);
+ /* Free any tokens that we've already got */
+ afs_FreeTokens(&tu->tokens);
+
+ /* Iterate across the set of tokens we've received, and stuff them
+ * into this user's tokenJar
+ */
+ for (i=0; i < tokenSet.tokens.tokens_len; i++) {
+ xdrmem_create(&xdrs,
+ tokenSet.tokens.tokens_val[i].token_opaque_val,
+ tokenSet.tokens.tokens_val[i].token_opaque_len,
+ XDR_DECODE);
+
+ memset(&decodedToken, 0, sizeof(decodedToken));
+ if (!xdr_ktc_tokenUnion(&xdrs, &decodedToken)) {
+ xdr_destroy(&xdrs);
+ code = EINVAL;
+ goto out;
+ }
+
+ xdr_destroy(&xdrs);
+
+ afs_AddTokenFromPioctl(&tu->tokens, &decodedToken);
+ /* This is untidy - the old token interface supported passing
+ * the primaryFlag as part of the token interface. Current
+ * OpenAFS userland never sets this, but it's specified as being
+ * part of the XG interface, so we should probably still support
+ * it. Rather than add it to our AddToken interface, just handle
+ * it here.
+ */
+ if (decodedToken.at_type == AFSTOKEN_UNION_KAD) {
+ if (decodedToken.ktc_tokenUnion_u.at_kad.rk_primary_flag)
+ primaryFlag = 1;
+ }
+
+ /* XXX - We should think more about destruction here. It's likely that
+ * there is key material in what we're about to throw away, which
+ * we really should zero out before giving back to the allocator */
+ xdr_free((xdrproc_t) xdr_ktc_tokenUnion, &decodedToken);
+ }
+
+ tu->states |= UHasTokens;
+ tu->states &= ~UTokensBad;
+ afs_SetPrimary(tu, primaryFlag);
+ tu->tokenTime = osi_Time();
+
+ xdr_free((xdrproc_t) xdr_ktc_setTokenData, &tokenSet);
+
+out:
+ afs_ResetUserConns(tu);
+ afs_PutUser(tu, WRITE_LOCK);
+
+ return code;
+}
+
+DECL_PIOCTL(PGetTokens2)
+{
+ struct cell *cell;
+ struct unixuser *tu = NULL;
+ afs_int32 iterator;
+ char *cellName = NULL;
+ afs_int32 cellNum;
+ int code = 0;
+ time_t now;
+ XDR xdrs;
+ struct ktc_setTokenData tokenSet;
+
+ AFS_STATCNT(PGetTokens);
+ if (!afs_resourceinit_flag)
+ return EIO;
+
+ memset(&tokenSet, 0, sizeof(tokenSet));
+
+ /* No input data - return tokens for primary cell */
+ /* 4 octets of data is an iterator count */
+ /* Otherwise, treat as string & return tokens for that cell name */
+
+ if (afs_pd_remaining(ain) == sizeof(afs_int32)) {
+ /* Integer iterator - return tokens for the n'th cell found for user */
+ if (afs_pd_getInt(ain, &iterator) != 0)
+ return EINVAL;
+ tu = getNthCell(areq->uid, iterator);
+ } else {
+ if (afs_pd_remaining(ain) > 0) {
+ if (afs_pd_getStringPtr(ain, &cellName) != 0)
+ return EINVAL;
+ } else {
+ cellName = NULL;
+ }
+ code = _settok_tokenCell(cellName, &cellNum, NULL);
+ if (code)
+ return code;
+ tu = afs_FindUser(areq->uid, cellNum, READ_LOCK);
+ }
+ if (tu == NULL)
+ return EDOM;
+
+ now = osi_Time();
+
+ if (!(tu->states & UHasTokens)
+ || !afs_HasValidTokens(tu->tokens, now)) {
+ tu->states |= (UTokensBad | UNeedsReset);
+ afs_PutUser(tu, READ_LOCK);
+ return ENOTCONN;
+ }
+
+ code = afs_ExtractTokensForPioctl(tu->tokens, now, &tokenSet);
+ if (code)
+ goto out;
+
+ cell = afs_GetCell(tu->cell, READ_LOCK);
+ tokenSet.cell = cell->cellName;
+ afs_pd_xdrStart(aout, &xdrs, XDR_ENCODE);
+ if (!xdr_ktc_setTokenData(&xdrs, &tokenSet)) {
+ code = E2BIG;
+ goto out;
+ }
+ afs_pd_xdrEnd(aout, &xdrs);
+
+out:
+ tokenSet.cell = NULL;
+
+ if (tu)
+ afs_PutUser(tu, READ_LOCK);
+ if (cell)
+ afs_PutCell(cell, READ_LOCK);
+ xdr_free((xdrproc_t)xdr_ktc_setTokenData, &tokenSet);
+
+ return code;
+};
+
DECL_PIOCTL(PNFSNukeCreds)
{
afs_uint32 addr;
- register afs_int32 i;
- register struct unixuser *tu;
+ afs_int32 i;
+ struct unixuser *tu;
AFS_STATCNT(PUnlog);
if (!afs_resourceinit_flag) /* afs daemons haven't started yet */
for (i = 0; i < NUSERS; i++) {
for (tu = afs_users[i]; tu; tu = tu->next) {
if (tu->exporter && EXP_CHECKHOST(tu->exporter, addr)) {
- tu->vid = UNDEFVID;
tu->states &= ~UHasTokens;
- /* security is not having to say you're sorry */
- memset(&tu->ct, 0, sizeof(struct ClearToken));
+ afs_FreeTokens(&tu->tokens);
tu->refCount++;
ReleaseWriteLock(&afs_xuser);
afs_ResetUserConns(tu);
/* set the expire times to 0, causes
* afs_GCUserData to remove this entry
*/
- tu->ct.EndTimestamp = 0;
tu->tokenTime = 0;
#endif /* UKERNEL */
}