Examples with XAttr org.apache.hadoop.fs.XAttr used on opensource projects

Example 6 with XAttr

use of org.apache.hadoop.fs.XAttr in project hadoop by apache.

the class FSDirXAttrOp method setINodeXAttrs.

static List<XAttr> setINodeXAttrs(FSDirectory fsd, final List<XAttr> existingXAttrs, final List<XAttr> toSet, final EnumSet<XAttrSetFlag> flag) throws IOException {
    // We need to use a custom comparator, so using a HashSet is not suitable
    for (int i = 0; i < toSet.size(); i++) {
        for (int j = i + 1; j < toSet.size(); j++) {
            if (toSet.get(i).equalsIgnoreValue(toSet.get(j))) {
                throw new IOException("Cannot specify the same XAttr to be set " + "more than once");
            }
        }
    }
    // Count the current number of user-visible XAttrs for limit checking
    // Number of user visible xAttrs
    int userVisibleXAttrsNum = 0;
    // The XAttr list is copied to an exactly-sized array when it's stored,
    // so there's no need to size it precisely here.
    int newSize = (existingXAttrs != null) ? existingXAttrs.size() : 0;
    newSize += toSet.size();
    List<XAttr> xAttrs = Lists.newArrayListWithCapacity(newSize);
    // Check if the XAttr already exists to validate with the provided flag
    for (XAttr xAttr : toSet) {
        boolean exist = false;
        if (existingXAttrs != null) {
            for (XAttr a : existingXAttrs) {
                if (a.equalsIgnoreValue(xAttr)) {
                    exist = true;
                    break;
                }
            }
        }
        XAttrSetFlag.validate(xAttr.getName(), exist, flag);
        // add the new XAttr since it passed validation
        xAttrs.add(xAttr);
        if (isUserVisible(xAttr)) {
            userVisibleXAttrsNum++;
        }
    }
    // Add the existing xattrs back in, if they weren't already set
    if (existingXAttrs != null) {
        for (XAttr existing : existingXAttrs) {
            boolean alreadySet = false;
            for (XAttr set : toSet) {
                if (set.equalsIgnoreValue(existing)) {
                    alreadySet = true;
                    break;
                }
            }
            if (!alreadySet) {
                xAttrs.add(existing);
                if (isUserVisible(existing)) {
                    userVisibleXAttrsNum++;
                }
            }
        }
    }
    if (userVisibleXAttrsNum > fsd.getInodeXAttrsLimit()) {
        throw new IOException("Cannot add additional XAttr to inode, " + "would exceed limit of " + fsd.getInodeXAttrsLimit());
    }
    return xAttrs;
}

Example 7 with XAttr

use of org.apache.hadoop.fs.XAttr in project hadoop by apache.

the class FSDirXAttrOp method unprotectedSetXAttrs.

static INode unprotectedSetXAttrs(FSDirectory fsd, final INodesInPath iip, final List<XAttr> xAttrs, final EnumSet<XAttrSetFlag> flag) throws IOException {
    assert fsd.hasWriteLock();
    INode inode = FSDirectory.resolveLastINode(iip);
    List<XAttr> existingXAttrs = XAttrStorage.readINodeXAttrs(inode);
    List<XAttr> newXAttrs = setINodeXAttrs(fsd, existingXAttrs, xAttrs, flag);
    final boolean isFile = inode.isFile();
    for (XAttr xattr : newXAttrs) {
        final String xaName = XAttrHelper.getPrefixedName(xattr);
        /*
       * If we're adding the encryption zone xattr, then add src to the list
       * of encryption zones.
       */
        if (CRYPTO_XATTR_ENCRYPTION_ZONE.equals(xaName)) {
            final HdfsProtos.ZoneEncryptionInfoProto ezProto = HdfsProtos.ZoneEncryptionInfoProto.parseFrom(xattr.getValue());
            fsd.ezManager.addEncryptionZone(inode.getId(), PBHelperClient.convert(ezProto.getSuite()), PBHelperClient.convert(ezProto.getCryptoProtocolVersion()), ezProto.getKeyName());
        }
        if (!isFile && SECURITY_XATTR_UNREADABLE_BY_SUPERUSER.equals(xaName)) {
            throw new IOException("Can only set '" + SECURITY_XATTR_UNREADABLE_BY_SUPERUSER + "' on a file.");
        }
    }
    XAttrStorage.updateINodeXAttrs(inode, newXAttrs, iip.getLatestSnapshotId());
    return inode;
}

Example 8 with XAttr

use of org.apache.hadoop.fs.XAttr in project hadoop by apache.

the class FSDirectory method addEncryptionZone.

private void addEncryptionZone(INodeWithAdditionalFields inode, XAttrFeature xaf) {
    if (xaf == null) {
        return;
    }
    XAttr xattr = xaf.getXAttr(CRYPTO_XATTR_ENCRYPTION_ZONE);
    if (xattr == null) {
        return;
    }
    try {
        final HdfsProtos.ZoneEncryptionInfoProto ezProto = HdfsProtos.ZoneEncryptionInfoProto.parseFrom(xattr.getValue());
        ezManager.unprotectedAddEncryptionZone(inode.getId(), PBHelperClient.convert(ezProto.getSuite()), PBHelperClient.convert(ezProto.getCryptoProtocolVersion()), ezProto.getKeyName());
    } catch (InvalidProtocolBufferException e) {
        NameNode.LOG.warn("Error parsing protocol buffer of " + "EZ XAttr " + xattr.getName() + " dir:" + inode.getFullPathName());
    }
}

Example 9 with XAttr

use of org.apache.hadoop.fs.XAttr in project hadoop by apache.

the class FSDirEncryptionZoneOp method setFileEncryptionInfo.

/**
   * Set the FileEncryptionInfo for an INode.
   *
   * @param fsd fsdirectory
   * @param src the path of a directory which will be the root of the
   *            encryption zone.
   * @param info file encryption information
   * @throws IOException
   */
static void setFileEncryptionInfo(final FSDirectory fsd, final INodesInPath iip, final FileEncryptionInfo info) throws IOException {
    // Make the PB for the xattr
    final HdfsProtos.PerFileEncryptionInfoProto proto = PBHelperClient.convertPerFileEncInfo(info);
    final byte[] protoBytes = proto.toByteArray();
    final XAttr fileEncryptionAttr = XAttrHelper.buildXAttr(CRYPTO_XATTR_FILE_ENCRYPTION_INFO, protoBytes);
    final List<XAttr> xAttrs = Lists.newArrayListWithCapacity(1);
    xAttrs.add(fileEncryptionAttr);
    fsd.writeLock();
    try {
        FSDirXAttrOp.unprotectedSetXAttrs(fsd, iip, xAttrs, EnumSet.of(XAttrSetFlag.CREATE));
    } finally {
        fsd.writeUnlock();
    }
}

Example 10 with XAttr

use of org.apache.hadoop.fs.XAttr in project hadoop by apache.

the class FSDirEncryptionZoneOp method createEncryptionZone.

/**
   * Create an encryption zone on directory path using the specified key.
   *
   * @param fsd fsdirectory
   * @param srcArg the path of a directory which will be the root of the
   *               encryption zone. The directory must be empty
   * @param pc permission checker to check fs permission
   * @param cipher cipher
   * @param keyName name of a key which must be present in the configured
   *                KeyProvider
   * @param logRetryCache whether to record RPC ids in editlog for retry cache
   *                      rebuilding
   * @return HdfsFileStatus
   * @throws IOException
   */
static HdfsFileStatus createEncryptionZone(final FSDirectory fsd, final String srcArg, final FSPermissionChecker pc, final String cipher, final String keyName, final boolean logRetryCache) throws IOException {
    final CipherSuite suite = CipherSuite.convert(cipher);
    List<XAttr> xAttrs = Lists.newArrayListWithCapacity(1);
    // For now this is hard coded, as we only support one method.
    final CryptoProtocolVersion version = CryptoProtocolVersion.ENCRYPTION_ZONES;
    final INodesInPath iip;
    fsd.writeLock();
    try {
        iip = fsd.resolvePath(pc, srcArg, DirOp.WRITE);
        final XAttr ezXAttr = fsd.ezManager.createEncryptionZone(iip, suite, version, keyName);
        xAttrs.add(ezXAttr);
    } finally {
        fsd.writeUnlock();
    }
    fsd.getEditLog().logSetXAttrs(iip.getPath(), xAttrs, logRetryCache);
    return fsd.getAuditFileInfo(iip);
}