diff options
-rw-r--r-- | libglusterfs/src/glusterfs.h | 2 | ||||
-rw-r--r-- | libglusterfs/src/mem-types.h | 3 | ||||
-rw-r--r-- | libglusterfs/src/stack.h | 33 | ||||
-rw-r--r-- | libglusterfs/src/syncop.h | 17 | ||||
-rw-r--r-- | xlators/mount/fuse/src/fuse-helpers.c | 23 | ||||
-rw-r--r-- | xlators/nfs/server/src/nfs-fops.c | 6 | ||||
-rw-r--r-- | xlators/protocol/server/src/server-helpers.c | 3 |
7 files changed, 75 insertions, 12 deletions
diff --git a/libglusterfs/src/glusterfs.h b/libglusterfs/src/glusterfs.h index dbb2b58d951..ac0c8126735 100644 --- a/libglusterfs/src/glusterfs.h +++ b/libglusterfs/src/glusterfs.h @@ -148,7 +148,7 @@ /* TODO: Keeping it to 200, so that we can fit in 2KB buffer for auth data * in RPC server code, if there is ever need for having more aux-gids, then * we have to add aux-gid in payload of actors */ -#define GF_MAX_AUX_GROUPS 200 +#define GF_MAX_AUX_GROUPS 65536 #define GF_UUID_BUF_SIZE 50 diff --git a/libglusterfs/src/mem-types.h b/libglusterfs/src/mem-types.h index 4c78f46071e..fea54c35ebc 100644 --- a/libglusterfs/src/mem-types.h +++ b/libglusterfs/src/mem-types.h @@ -108,6 +108,7 @@ enum gf_common_mem_types_ { gf_common_mt_drc_globals_t = 92, gf_common_mt_drc_rbtree_node_t = 93, gf_common_mt_iov_base_t = 94, - gf_common_mt_end = 95, + gf_common_mt_groups_t = 95, + gf_common_mt_end = 96 }; #endif diff --git a/libglusterfs/src/stack.h b/libglusterfs/src/stack.h index a91b635e47e..0e8b705bdf7 100644 --- a/libglusterfs/src/stack.h +++ b/libglusterfs/src/stack.h @@ -82,6 +82,8 @@ struct _call_frame_t { const char *unwind_to; }; +#define SMALL_GROUP_COUNT 128 + struct _call_stack_t { union { struct list_head all_frames; @@ -99,7 +101,9 @@ struct _call_stack_t { gid_t gid; pid_t pid; uint16_t ngrps; - uint32_t groups[GF_MAX_AUX_GROUPS]; + uint32_t groups_small[SMALL_GROUP_COUNT]; + uint32_t *groups_large; + uint32_t *groups; gf_lkowner_t lk_owner; glusterfs_ctx_t *ctx; @@ -174,6 +178,9 @@ STACK_DESTROY (call_stack_t *stack) while (stack->frames.next) { FRAME_DESTROY (stack->frames.next); } + + GF_FREE (stack->groups_large); + mem_put (stack); if (local) @@ -370,6 +377,24 @@ STACK_RESET (call_stack_t *stack) } while (0) +static inline int +call_stack_alloc_groups (call_stack_t *stack, int ngrps) +{ + if (ngrps <= SMALL_GROUP_COUNT) { + stack->groups = stack->groups_small; + } else { + stack->groups_large = GF_CALLOC (sizeof (gid_t), ngrps, + gf_common_mt_groups_t); + if (!stack->groups_large) + return -1; + stack->groups = stack->groups_large; + } + + stack->ngrps = ngrps; + + return 0; +} + static inline call_frame_t * copy_frame (call_frame_t *frame) { @@ -393,8 +418,12 @@ copy_frame (call_frame_t *frame) newstack->ngrps = oldstack->ngrps; newstack->op = oldstack->op; newstack->type = oldstack->type; + if (call_stack_alloc_groups (newstack, oldstack->ngrps) != 0) { + mem_put (newstack); + return NULL; + } memcpy (newstack->groups, oldstack->groups, - sizeof (gid_t) * GF_MAX_AUX_GROUPS); + sizeof (gid_t) * oldstack->ngrps); newstack->unique = oldstack->unique; newstack->frames.this = frame->this; diff --git a/libglusterfs/src/syncop.h b/libglusterfs/src/syncop.h index 43e71c4f6f8..c4b339ee7ba 100644 --- a/libglusterfs/src/syncop.h +++ b/libglusterfs/src/syncop.h @@ -240,6 +240,7 @@ static inline call_frame_t * syncop_create_frame (xlator_t *this) { call_frame_t *frame = NULL; + int ngrps = -1; frame = create_frame (this, this->ctx->pool); if (!frame) @@ -248,7 +249,21 @@ syncop_create_frame (xlator_t *this) frame->root->pid = getpid(); frame->root->uid = geteuid (); frame->root->gid = getegid (); - frame->root->ngrps = getgroups (GF_MAX_AUX_GROUPS, frame->root->groups); + ngrps = getgroups (0, 0); + if (ngrps < 0) { + STACK_DESTROY (frame->root); + return NULL; + } + + if (call_stack_alloc_groups (frame->root, ngrps) != 0) { + STACK_DESTROY (frame->root); + return NULL; + } + + if (getgroups (ngrps, frame->root->groups) < 0) { + STACK_DESTROY (frame->root); + return NULL; + } return frame; } diff --git a/xlators/mount/fuse/src/fuse-helpers.c b/xlators/mount/fuse/src/fuse-helpers.c index 4ea3094d1b5..d29c31651bc 100644 --- a/xlators/mount/fuse/src/fuse-helpers.c +++ b/xlators/mount/fuse/src/fuse-helpers.c @@ -14,9 +14,6 @@ #include <sys/sysctl.h> #endif -#ifndef GF_REQUEST_MAXGROUPS -#define GF_REQUEST_MAXGROUPS 16 -#endif /* GF_REQUEST_MAXGROUPS */ static void fuse_resolve_wipe (fuse_resolve_t *resolve) @@ -138,6 +135,7 @@ get_fuse_state (xlator_t *this, fuse_in_header_t *finh) } +#define FUSE_MAX_AUX_GROUPS 32 /* We can get only up to 32 aux groups from /proc */ void frame_fill_groups (call_frame_t *frame) { @@ -160,6 +158,9 @@ frame_fill_groups (call_frame_t *frame) if (!fp) goto out; + if (call_stack_alloc_groups (frame->root, FUSE_MAX_AUX_GROUPS) != 0) + goto out; + while ((ptr = fgets (line, sizeof line, fp))) { if (strncmp (ptr, "Groups:", 7) != 0) continue; @@ -176,7 +177,7 @@ frame_fill_groups (call_frame_t *frame) if (!endptr || *endptr) break; frame->root->groups[idx++] = id; - if (idx == GF_MAX_AUX_GROUPS) + if (idx == FUSE_MAX_AUX_GROUPS) break; } @@ -192,6 +193,7 @@ out: prcred_t *prcred = (prcred_t *) scratch; FILE *fp = NULL; int ret = 0; + int ngrps; ret = snprintf (filename, sizeof filename, "/proc/%d/cred", frame->root->pid); @@ -200,8 +202,11 @@ out: fp = fopen (filename, "r"); if (fp != NULL) { if (fgets (scratch, sizeof scratch, fp) != NULL) { - frame->root->ngrps = MIN(prcred->pr_ngroups, - GF_REQUEST_MAXGROUPS); + ngrps = MIN(prcred->pr_ngroups, + GF_MAX_AUX_GROUPS); + if (call_stack_alloc_groups (frame->root, + ngrps) != 0) + return; } fclose (fp); } @@ -226,7 +231,9 @@ out: if (sysctl(name, namelen, &kp, &kplen, NULL, 0) != 0) return; - ngroups = MIN(kp.kp_eproc.e_ucred.cr_ngroups, GF_REQUEST_MAXGROUPS); + ngroups = MIN(kp.kp_eproc.e_ucred.cr_ngroups, GF_MAX_AUX_GROUPS); + if (call_stack_alloc_groups (frame->root, ngroups) != 0) + return; for (i = 0; i < ngroups; i++) frame->root->groups[i] = kp.kp_eproc.e_ucred.cr_groups[i]; frame->root->ngrps = ngroups; @@ -257,6 +264,8 @@ static void get_groups(fuse_private_t *priv, call_frame_t *frame) gl = gid_cache_lookup(&priv->gid_cache, frame->root->pid); if (gl) { + if (call_stack_alloc_groups (frame->root, gl->gl_count) != 0) + return; frame->root->ngrps = gl->gl_count; for (i = 0; i < gl->gl_count; i++) frame->root->groups[i] = gl->gl_list[i]; diff --git a/xlators/nfs/server/src/nfs-fops.c b/xlators/nfs/server/src/nfs-fops.c index fa8f7319a55..2b6b741cda1 100644 --- a/xlators/nfs/server/src/nfs-fops.c +++ b/xlators/nfs/server/src/nfs-fops.c @@ -191,6 +191,12 @@ nfs_create_frame (xlator_t *xl, nfs_user_t *nfu) frame = create_frame (xl, (call_pool_t *)xl->ctx->pool); if (!frame) goto err; + if (call_stack_alloc_groups (frame->root, nfu->ngrps) != 0) { + STACK_DESTROY (frame->root); + frame = NULL; + goto err; + } + frame->root->pid = NFS_PID; frame->root->uid = nfu->uid; frame->root->gid = nfu->gids[NFS_PRIMGID_IDX]; diff --git a/xlators/protocol/server/src/server-helpers.c b/xlators/protocol/server/src/server-helpers.c index c8d42505603..2da1607692e 100644 --- a/xlators/protocol/server/src/server-helpers.c +++ b/xlators/protocol/server/src/server-helpers.c @@ -26,6 +26,9 @@ server_decode_groups (call_frame_t *frame, rpcsvc_request_t *req) GF_VALIDATE_OR_GOTO ("server", frame, out); GF_VALIDATE_OR_GOTO ("server", req, out); + if (call_stack_alloc_groups (frame->root, req->auxgidcount) != 0) + return -1; + frame->root->ngrps = req->auxgidcount; if (frame->root->ngrps == 0) return 0; |