target/iscsi_target: Add NodeACL tags for initiator group support

Thanks for reviews, looking a lot better.

---- 8< ----

Initiator access config could be easier. The way other storage vendors
have addressed this is to support initiator groups: the admin adds
initiator WWNs to the group, and then LUN permissions can be granted for
the entire group at once.

Instead of changing ktarget's configfs interface, this patch keeps
the configfs interface per-initiator-wwn and just adds a 'tag' field
for each. This should be enough for user tools like targetcli to group
initiator ACLs and sync their configurations.

acl_tag is not used internally, but needs to be kept in configfs so that
all user tools can avoid dependencies on each other.

Code tested to work, although userspace pieces still to be implemented.

Signed-off-by: Andy Grover <agrover@redhat.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
This commit is contained in:
Andy Grover 2012-12-11 16:30:53 -08:00 committed by Nicholas Bellinger
parent 9f4ad44b26
commit 79e62fc382
4 changed files with 51 additions and 0 deletions

View File

@ -754,9 +754,33 @@ static ssize_t lio_target_nacl_store_cmdsn_depth(
TF_NACL_BASE_ATTR(lio_target, cmdsn_depth, S_IRUGO | S_IWUSR); TF_NACL_BASE_ATTR(lio_target, cmdsn_depth, S_IRUGO | S_IWUSR);
static ssize_t lio_target_nacl_show_tag(
struct se_node_acl *se_nacl,
char *page)
{
return snprintf(page, PAGE_SIZE, "%s", se_nacl->acl_tag);
}
static ssize_t lio_target_nacl_store_tag(
struct se_node_acl *se_nacl,
const char *page,
size_t count)
{
int ret;
ret = core_tpg_set_initiator_node_tag(se_nacl->se_tpg, se_nacl, page);
if (ret < 0)
return ret;
return count;
}
TF_NACL_BASE_ATTR(lio_target, tag, S_IRUGO | S_IWUSR);
static struct configfs_attribute *lio_target_initiator_attrs[] = { static struct configfs_attribute *lio_target_initiator_attrs[] = {
&lio_target_nacl_info.attr, &lio_target_nacl_info.attr,
&lio_target_nacl_cmdsn_depth.attr, &lio_target_nacl_cmdsn_depth.attr,
&lio_target_nacl_tag.attr,
NULL, NULL,
}; };

View File

@ -616,6 +616,29 @@ int core_tpg_set_initiator_node_queue_depth(
} }
EXPORT_SYMBOL(core_tpg_set_initiator_node_queue_depth); EXPORT_SYMBOL(core_tpg_set_initiator_node_queue_depth);
/* core_tpg_set_initiator_node_tag():
*
* Initiator nodeacl tags are not used internally, but may be used by
* userspace to emulate aliases or groups.
* Returns length of newly-set tag or -EINVAL.
*/
int core_tpg_set_initiator_node_tag(
struct se_portal_group *tpg,
struct se_node_acl *acl,
const char *new_tag)
{
if (strlen(new_tag) >= MAX_ACL_TAG_SIZE)
return -EINVAL;
if (!strncmp("NULL", new_tag, 4)) {
acl->acl_tag[0] = '\0';
return 0;
}
return snprintf(acl->acl_tag, MAX_ACL_TAG_SIZE, "%s", new_tag);
}
EXPORT_SYMBOL(core_tpg_set_initiator_node_tag);
static int core_tpg_setup_virtual_lun0(struct se_portal_group *se_tpg) static int core_tpg_setup_virtual_lun0(struct se_portal_group *se_tpg)
{ {
/* Set in core_dev_setup_virtual_lun0() */ /* Set in core_dev_setup_virtual_lun0() */

View File

@ -507,6 +507,8 @@ struct se_node_acl {
bool acl_stop:1; bool acl_stop:1;
u32 queue_depth; u32 queue_depth;
u32 acl_index; u32 acl_index;
#define MAX_ACL_TAG_SIZE 64
char acl_tag[MAX_ACL_TAG_SIZE];
u64 num_cmds; u64 num_cmds;
u64 read_bytes; u64 read_bytes;
u64 write_bytes; u64 write_bytes;

View File

@ -142,6 +142,8 @@ int core_tpg_del_initiator_node_acl(struct se_portal_group *,
struct se_node_acl *, int); struct se_node_acl *, int);
int core_tpg_set_initiator_node_queue_depth(struct se_portal_group *, int core_tpg_set_initiator_node_queue_depth(struct se_portal_group *,
unsigned char *, u32, int); unsigned char *, u32, int);
int core_tpg_set_initiator_node_tag(struct se_portal_group *,
struct se_node_acl *, const char *);
int core_tpg_register(struct target_core_fabric_ops *, struct se_wwn *, int core_tpg_register(struct target_core_fabric_ops *, struct se_wwn *,
struct se_portal_group *, void *, int); struct se_portal_group *, void *, int);
int core_tpg_deregister(struct se_portal_group *); int core_tpg_deregister(struct se_portal_group *);