//操作函数串,填充rule结构 int linetofunc(int type,struct rule *r,struct ruledata *rd){ int i=0; if(type==1){ char *func[10]={0}; struct rtime *p=NULL; int num=0; p=(struct rtime*)calloc(1,sizeof(struct rtime)); r->tp.rt=p; p->name=rd->name; p->id=rd->id; num=bpfuncline(rd->func,func); for(i=0;i<num;i++){ opfunc(&p->fn[i],r,func[i]); } }else if(type==2){ struct rprocess *p=NULL; p=(struct rprocess *)calloc(10,sizeof(struct rprocess));//每个过程支持10条子规则 } return 0; }
/* * Create a file (regular, directory, device, fifo); UNIX sockets * not yet implemented. * If the response fh has been verified, the parent directory should * already be locked. Note that the parent directory is left locked. * * N.B. Every call to nfsd_create needs an fh_put for _both_ fhp and resfhp */ int nfsd_create(struct svc_rqst *rqstp, struct svc_fh *fhp, char *fname, int flen, struct iattr *iap, int type, dev_t rdev, struct svc_fh *resfhp) { struct dentry *dentry, *dchild; struct inode *dirp; nfsd_dirop_t opfunc = NULL; int err; err = nfserr_perm; if (!flen) goto out; err = fh_verify(rqstp, fhp, S_IFDIR, MAY_CREATE); if (err) goto out; dentry = fhp->fh_dentry; dirp = dentry->d_inode; err = nfserr_notdir; if(!dirp->i_op || !dirp->i_op->lookup) goto out; /* * Check whether the response file handle has been verified yet. * If it has, the parent directory should already be locked. */ if (!resfhp->fh_dverified) { dchild = lookup_dentry(fname, dget(dentry), 0); err = PTR_ERR(dchild); if (IS_ERR(dchild)) goto out_nfserr; fh_compose(resfhp, fhp->fh_export, dchild); /* Lock the parent and check for errors ... */ err = fh_lock_parent(fhp, dchild); if (err) goto out; } else { dchild = resfhp->fh_dentry; if (!fhp->fh_locked) printk(KERN_ERR "nfsd_create: parent %s/%s not locked!\n", dentry->d_parent->d_name.name, dentry->d_name.name); } /* * Make sure the child dentry is still negative ... */ err = nfserr_exist; if (dchild->d_inode) { printk(KERN_WARNING "nfsd_create: dentry %s/%s not negative!\n", dentry->d_name.name, dchild->d_name.name); goto out; } /* * Get the dir op function pointer. */ err = nfserr_perm; switch (type) { case S_IFREG: opfunc = (nfsd_dirop_t) dirp->i_op->create; break; case S_IFDIR: opfunc = (nfsd_dirop_t) dirp->i_op->mkdir; break; case S_IFCHR: case S_IFBLK: /* The client is _NOT_ required to do security enforcement */ if(!capable(CAP_SYS_ADMIN)) { err = -EPERM; goto out; } case S_IFIFO: case S_IFSOCK: opfunc = dirp->i_op->mknod; break; } if (!opfunc) goto out; if (!(iap->ia_valid & ATTR_MODE)) iap->ia_mode = 0; /* * Call the dir op function to create the object. */ DQUOT_INIT(dirp); err = opfunc(dirp, dchild, iap->ia_mode, rdev); DQUOT_DROP(dirp); if (err < 0) goto out_nfserr; if (EX_ISSYNC(fhp->fh_export)) write_inode_now(dirp); /* * Update the file handle to get the new inode info. */ fh_update(resfhp); /* Set file attributes. Mode has already been set and * setting uid/gid works only for root. Irix appears to * send along the gid when it tries to implement setgid * directories via NFS. */ err = 0; if ((iap->ia_valid &= (ATTR_UID|ATTR_GID|ATTR_MODE)) != 0) err = nfsd_setattr(rqstp, resfhp, iap); out: return err; out_nfserr: err = nfserrno(-err); goto out; }