/* * NETLINK Generic Netlink Family * * Authors: Jamal Hadi Salim * Thomas Graf * Johannes Berg */ #include #include #include #include #include #include #include #include #include #include #include #include #include static DEFINE_MUTEX(genl_mutex); /* serialization of message processing */ static DECLARE_RWSEM(cb_lock); atomic_t genl_sk_destructing_cnt = ATOMIC_INIT(0); DECLARE_WAIT_QUEUE_HEAD(genl_sk_destructing_waitq); void genl_lock(void) { mutex_lock(&genl_mutex); } EXPORT_SYMBOL(genl_lock); void genl_unlock(void) { mutex_unlock(&genl_mutex); } EXPORT_SYMBOL(genl_unlock); #ifdef CONFIG_LOCKDEP int lockdep_genl_is_held(void) { return lockdep_is_held(&genl_mutex); } EXPORT_SYMBOL(lockdep_genl_is_held); #endif static void genl_lock_all(void) { down_write(&cb_lock); genl_lock(); } static void genl_unlock_all(void) { genl_unlock(); up_write(&cb_lock); } #define GENL_FAM_TAB_SIZE 16 #define GENL_FAM_TAB_MASK (GENL_FAM_TAB_SIZE - 1) static struct list_head family_ht[GENL_FAM_TAB_SIZE]; /* * Bitmap of multicast groups that are currently in use. * * To avoid an allocation at boot of just one unsigned long, * declare it global instead. * Bit 0 is marked as already used since group 0 is invalid. * Bit 1 is marked as already used since the drop-monitor code * abuses the API and thinks it can statically use group 1. * That group will typically conflict with other groups that * any proper users use. * Bit 16 is marked as used since it's used for generic netlink * and the code no longer marks pre-reserved IDs as used. * Bit 17 is marked as already used since the VFS quota code * also abused this API and relied on family == group ID, we * cater to that by giving it a static family and group ID. * Bit 18 is marked as already used since the PMCRAID driver * did the same thing as the VFS quota code (maybe copied?) */ static unsigned long mc_group_start = 0x3 | BIT(GENL_ID_CTRL) | BIT(GENL_ID_VFS_DQUOT) | BIT(GENL_ID_PMCRAID); static unsigned long *mc_groups = &mc_group_start; static unsigned long mc_groups_longs = 1; static int genl_ctrl_event(int event, struct genl_family *family, const struct genl_multicast_group *grp, int grp_id); static inline unsigned int genl_family_hash(unsigned int id) { return id & GENL_FAM_TAB_MASK; } static inline struct list_head *genl_family_chain(unsigned int id) { return &family_ht[genl_family_hash(id)]; } static struct genl_family *genl_family_find_byid(unsigned int id) { struct genl_family *f; list_for_each_entry(f, genl_family_chain(id), family_list) if (f->id == id) return f; return NULL; } static struct genl_family *genl_family_find_byname(char *name) { struct genl_family *f; int i; for (i = 0; i < GENL_FAM_TAB_SIZE; i++) list_for_each_entry(f, genl_family_chain(i), family_list) if (strcmp(f->name, name) == 0) return f; return NULL; } static const struct genl_ops *genl_get_cmd(u8 cmd, struct genl_family *family) { int i; for (i = 0; i < family->n_ops; i++) if (family->ops[i].cmd == cmd) return &family->ops[i]; return NULL; } /* Of course we are going to have problems once we hit * 2^16 alive types, but that can only happen by year 2K */ static u16 genl_generate_id(void) { static u16 id_gen_idx = GENL_MIN_ID; int i; for (i = 0; i <= GENL_MAX_ID - GENL_MIN_ID; i++) { if (id_gen_idx != GENL_ID_VFS_DQUOT && id_gen_idx != GENL_ID_PMCRAID && !genl_family_find_byid(id_gen_idx)) return id_gen_idx; if (++id_gen_idx > GENL_MAX_ID) id_gen_idx = GENL_MIN_ID; } return 0; } static int genl_allocate_reserve_groups(int n_groups, int *first_id) { unsigned long *new_groups; int start = 0; int i; int id; bool fits; do { if (start == 0) id = find_first_zero_bit(mc_groups, mc_groups_longs * BITS_PER_LONG); else id = find_next_zero_bit(mc_groups, mc_groups_longs * BITS_PER_LONG, start); fits = true; for (i = id; i < min_t(int, id + n_groups, mc_groups_longs * BITS_PER_LONG); i++) { if (test_bit(i, mc_groups)) { start = i; fits = false; break; } } if (id >= mc_groups_longs * BITS_PER_LONG) { unsigned long new_longs = mc_groups_longs + BITS_TO_LONGS(n_groups); size_t nlen = new_longs * sizeof(unsigned long); if (mc_groups == &mc_group_start) { new_groups = kzalloc(nlen, GFP_KERNEL); if (!new_groups) return -ENOMEM; mc_groups = new_groups; *mc_groups = mc_group_start; } else { new_groups = krealloc(mc_groups, nlen, GFP_KERNEL); if (!new_groups) return -ENOMEM; mc_groups = new_groups; for (i = 0; i < BITS_TO_LONGS(n_groups); i++) mc_groups[mc_groups_longs + i] = 0; } mc_groups_longs = new_longs; } } while (!fits); for (i = id; i < id + n_groups; i++) set_bit(i, mc_groups); *first_id = id; return 0; } static struct genl_family genl_ctrl; static int genl_validate_assign_mc_groups(struct genl_family *family) { int first_id; int n_groups = family->n_mcgrps; int err = 0, i; bool groups_allocated = false; if (!n_groups) return 0; for (i = 0; i < n_groups; i++) { const struct genl_multicast_group *grp = &family->mcgrps[i]; if (WARN_ON(grp->name[0] == '\0')) return -EINVAL; if (WARN_ON(memchr(grp->name, '\0', GENL_NAMSIZ) == NULL)) return -EINVAL; } /* special-case our own group and hacks */ if (family == &genl_ctrl) { first_id = GENL_ID_CTRL; BUG_ON(n_groups != 1); } else if (strcmp(family->name, "NET_DM") == 0) { first_id = 1; BUG_ON(n_groups != 1); } else if (family->id == GENL_ID_VFS_DQUOT) { first_id = GENL_ID_VFS_DQUOT; BUG_ON(n_groups != 1); } else if (family->id == GENL_ID_PMCRAID) { first_id = GENL_ID_PMCRAID; BUG_ON(n_groups != 1); } else { groups_allocated = true; err = genl_allocate_reserve_groups(n_groups, &first_id); if (err) return err; } family->mcgrp_offset = first_id; /* if still initializing, can't and don't need to to realloc bitmaps */ if (!init_net.genl_sock) return 0; if (family->netnsok) { struct net *
heat_template_version: 2016-04-08

description: >
  Manila-api service configured with Puppet

parameters:
  ServiceNetMap:
    default: {}
    description: Mapping of service_name -> network name. Typically set
                 via parameter_defaults in the resource registry.  This
                 mapping overrides those in ServiceNetMapDefaults.
    type: json
  DefaultPasswords:
    default: {}
    type: json
  EndpointMap:
    default: {}
    description: Mapping of service endpoint -> protocol. Typically set
                 via parameter_defaults in the resource registry.
    type: json
  ManilaPassword:
    description: The password for the manila service account.
    type: string
    hidden: true
  KeystoneRegion:
    type: string
    default: 'regionOne'
    description: Keystone region for endpoint
  MonitoringSubscriptionManilaApi:
    default: 'overcloud-manila-api'
    type: string

resources:
  ManilaBase:
    type: ./manila-base.yaml
    properties:
      ServiceNetMap: {get_param: ServiceNetMap}
      DefaultPasswords: {get_param: DefaultPasswords}
      EndpointMap: {get_param: EndpointMap}

outputs:
  role_data:
    description: Role data for the Manila-api role.
    value:
      service_name: manila_api
      monitoring_subscription: {get_param: MonitoringSubscriptionManilaApi}
      config_settings:
        map_merge:
          - get_attr: [ManilaBase, role_data, config_settings]
          - manila::keystone::authtoken::password: {get_param: ManilaPassword}
            manila::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
            manila::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
            manila::keystone::authtoken::project_name: 'service'
            tripleo.manila_api.firewall_rules:
              '150 manila':
                dport:
                  - 8786
                  - 13786
            # NOTE: bind IP is found in Heat replacing the network name with the
            # local node IP for the given network; replacement examples
            # (eg. for internal_api):
            # internal_api -> IP
            # internal_api_uri -> [IP]
            # internal_api_subnet - > IP/CIDR
            manila::api::bind_host: {get_param: [ServiceNetMap, ManilaApiNetwork]}
            manila::api::enable_proxy_headers_parsing: true
      step_config: |
        include ::tripleo::profile::base::manila::api
      service_config_settings:
        map_merge:
          - get_attr: [ManilaBase, role_data, service_config_settings]
          - keystone:
              manila::keystone::auth::tenant: 'service'
              manila::keystone::auth::public_url: {get_param: [EndpointMap, ManilaV1Public, uri]}
              manila::keystone::auth::internal_url: {get_param: [EndpointMap, ManilaV1Internal, uri]}
              manila::keystone::auth::admin_url: {get_param: [EndpointMap, ManilaV1Admin, uri]}
              manila::keystone::auth::public_url_v2: {get_param: [EndpointMap, ManilaPublic, uri]}