4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 only,
8 * as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License version 2 for more details (a copy is included
14 * in the LICENSE file that accompanied this code).
16 * You should have received a copy of the GNU General Public License
17 * version 2 along with this program; If not, see
18 * http://www.gnu.org/licenses/gpl-2.0.html
23 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Use is subject to license terms.
26 * Copyright (c) 2011, 2014, Intel Corporation.
29 * This file is part of Lustre, http://www.lustre.org/
31 * lustre/ptlrpc/sec_null.c
33 * Author: Eric Mei <ericm@clusterfs.com>
36 #define DEBUG_SUBSYSTEM S_SEC
39 #include <obd_support.h>
40 #include <obd_cksum.h>
41 #include <obd_class.h>
42 #include <lustre_net.h>
43 #include <lustre_sec.h>
45 #include "ptlrpc_internal.h"
47 static struct ptlrpc_sec_policy null_policy;
48 static struct ptlrpc_sec null_sec;
49 static struct ptlrpc_cli_ctx null_cli_ctx;
50 static struct ptlrpc_svc_ctx null_svc_ctx;
53 * we can temporarily use the topmost 8-bits of lm_secflvr to identify
54 * the source sec part.
57 void null_encode_sec_part(struct lustre_msg *msg, enum lustre_sec_part sp)
59 msg->lm_secflvr |= (((__u32) sp) & 0xFF) << 24;
63 enum lustre_sec_part null_decode_sec_part(struct lustre_msg *msg)
65 return (msg->lm_secflvr >> 24) & 0xFF;
69 int null_ctx_sign(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
71 req->rq_reqbuf->lm_secflvr = SPTLRPC_FLVR_NULL;
73 if (!req->rq_import->imp_dlm_fake) {
74 struct obd_device *obd = req->rq_import->imp_obd;
76 null_encode_sec_part(req->rq_reqbuf,
79 req->rq_reqdata_len = req->rq_reqlen;
84 int null_ctx_verify(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
88 LASSERT(req->rq_repdata);
90 req->rq_repmsg = req->rq_repdata;
91 req->rq_replen = req->rq_repdata_len;
94 cksums = lustre_msg_get_cksum(req->rq_repdata);
95 cksumc = lustre_msg_calc_cksum(req->rq_repmsg,
98 if (cksumc != cksums) {
100 "early reply checksum mismatch: %08x != %08x\n",
110 struct ptlrpc_sec *null_create_sec(struct obd_import *imp,
111 struct ptlrpc_svc_ctx *svc_ctx,
112 struct sptlrpc_flavor *sf)
114 LASSERT(SPTLRPC_FLVR_POLICY(sf->sf_rpc) == SPTLRPC_POLICY_NULL);
117 * general layer has take a module reference for us, because we never
118 * really destroy the sec, take only 1 module reference for all the
119 * imports. This reference will be released by sec_cop_destroy_sec().
120 * The additional ps_refcount will be released in null_kill_sec().
122 if (atomic_inc_return(&null_sec.ps_refcount) != 1)
123 sptlrpc_policy_put(&null_policy);
129 void null_destroy_sec(struct ptlrpc_sec *sec)
131 LASSERT(sec == &null_sec);
135 void null_kill_sec(struct ptlrpc_sec *sec)
137 /* release the ref taken by null_create_sec() */
138 sptlrpc_sec_put(sec);
142 struct ptlrpc_cli_ctx *null_lookup_ctx(struct ptlrpc_sec *sec,
143 struct vfs_cred *vcred,
144 int create, int remove_dead)
146 atomic_inc(&null_cli_ctx.cc_refcount);
147 return &null_cli_ctx;
151 int null_flush_ctx_cache(struct ptlrpc_sec *sec, uid_t uid, int grace,
158 int null_alloc_reqbuf(struct ptlrpc_sec *sec,
159 struct ptlrpc_request *req,
162 if (!req->rq_reqbuf) {
163 int alloc_size = size_roundup_power2(msgsize);
165 LASSERT(!req->rq_pool);
166 OBD_ALLOC_LARGE(req->rq_reqbuf, alloc_size);
170 req->rq_reqbuf_len = alloc_size;
172 LASSERT(req->rq_pool);
173 LASSERT(req->rq_reqbuf_len >= msgsize);
174 memset(req->rq_reqbuf, 0, msgsize);
177 req->rq_reqmsg = req->rq_reqbuf;
182 void null_free_reqbuf(struct ptlrpc_sec *sec,
183 struct ptlrpc_request *req)
186 LASSERTF(req->rq_reqmsg == req->rq_reqbuf,
187 "req %px: reqmsg %px is not reqbuf %px in null sec\n",
188 req, req->rq_reqmsg, req->rq_reqbuf);
189 LASSERTF(req->rq_reqbuf_len >= req->rq_reqlen,
190 "req %px: reqlen %d should smaller than buflen %d\n",
191 req, req->rq_reqlen, req->rq_reqbuf_len);
193 OBD_FREE_LARGE(req->rq_reqbuf, req->rq_reqbuf_len);
194 req->rq_reqbuf = NULL;
195 req->rq_reqbuf_len = 0;
200 int null_alloc_repbuf(struct ptlrpc_sec *sec,
201 struct ptlrpc_request *req,
204 /* add space for early replied */
205 msgsize += lustre_msg_early_size;
207 msgsize = size_roundup_power2(msgsize);
209 OBD_ALLOC_LARGE(req->rq_repbuf, msgsize);
213 req->rq_repbuf_len = msgsize;
218 void null_free_repbuf(struct ptlrpc_sec *sec,
219 struct ptlrpc_request *req)
221 LASSERT(req->rq_repbuf);
223 OBD_FREE_LARGE(req->rq_repbuf, req->rq_repbuf_len);
224 req->rq_repbuf = NULL;
225 req->rq_repbuf_len = 0;
229 int null_enlarge_reqbuf(struct ptlrpc_sec *sec,
230 struct ptlrpc_request *req,
231 int segment, int newsize)
233 struct lustre_msg *newbuf;
234 struct lustre_msg *oldbuf = req->rq_reqmsg;
235 int oldsize, newmsg_size, alloc_size;
237 LASSERT(req->rq_reqbuf);
238 LASSERT(req->rq_reqbuf == req->rq_reqmsg);
239 LASSERT(req->rq_reqbuf_len >= req->rq_reqlen);
240 LASSERT(req->rq_reqlen == lustre_packed_msg_size(oldbuf));
242 /* compute new message size */
243 oldsize = req->rq_reqbuf->lm_buflens[segment];
244 req->rq_reqbuf->lm_buflens[segment] = newsize;
245 newmsg_size = lustre_packed_msg_size(oldbuf);
246 req->rq_reqbuf->lm_buflens[segment] = oldsize;
248 /* request from pool should always have enough buffer */
249 LASSERT(!req->rq_pool || req->rq_reqbuf_len >= newmsg_size);
251 if (req->rq_reqbuf_len < newmsg_size) {
252 alloc_size = size_roundup_power2(newmsg_size);
254 OBD_ALLOC_LARGE(newbuf, alloc_size);
259 * Must lock this, so that otherwise unprotected change of
260 * rq_reqmsg is not racing with parallel processing of
261 * imp_replay_list traversing threads. See LU-3333
262 * This is a bandaid at best, we really need to deal with this
263 * in request enlarging code before unpacking that's already
267 spin_lock(&req->rq_import->imp_lock);
268 memcpy(newbuf, req->rq_reqbuf, req->rq_reqlen);
270 OBD_FREE_LARGE(req->rq_reqbuf, req->rq_reqbuf_len);
271 req->rq_reqbuf = req->rq_reqmsg = newbuf;
272 req->rq_reqbuf_len = alloc_size;
275 spin_unlock(&req->rq_import->imp_lock);
278 _sptlrpc_enlarge_msg_inplace(req->rq_reqmsg, segment, newsize);
279 req->rq_reqlen = newmsg_size;
284 static struct ptlrpc_svc_ctx null_svc_ctx = {
285 .sc_refcount = ATOMIC_INIT(1),
286 .sc_policy = &null_policy,
290 int null_accept(struct ptlrpc_request *req)
292 LASSERT(SPTLRPC_FLVR_POLICY(req->rq_flvr.sf_rpc) ==
293 SPTLRPC_POLICY_NULL);
295 if (req->rq_flvr.sf_rpc != SPTLRPC_FLVR_NULL) {
296 CERROR("Invalid rpc flavor 0x%x\n", req->rq_flvr.sf_rpc);
300 req->rq_sp_from = null_decode_sec_part(req->rq_reqbuf);
302 req->rq_reqmsg = req->rq_reqbuf;
303 req->rq_reqlen = req->rq_reqdata_len;
305 req->rq_svc_ctx = &null_svc_ctx;
306 atomic_inc(&req->rq_svc_ctx->sc_refcount);
312 int null_alloc_rs(struct ptlrpc_request *req, int msgsize)
314 struct ptlrpc_reply_state *rs;
315 int rs_size = sizeof(*rs) + msgsize;
317 LASSERT(msgsize % 8 == 0);
319 rs = req->rq_reply_state;
323 LASSERT(rs->rs_size >= rs_size);
325 OBD_ALLOC_LARGE(rs, rs_size);
329 rs->rs_size = rs_size;
332 rs->rs_svc_ctx = req->rq_svc_ctx;
333 atomic_inc(&req->rq_svc_ctx->sc_refcount);
335 rs->rs_repbuf = (struct lustre_msg *) (rs + 1);
336 rs->rs_repbuf_len = rs_size - sizeof(*rs);
337 rs->rs_msg = rs->rs_repbuf;
339 req->rq_reply_state = rs;
344 void null_free_rs(struct ptlrpc_reply_state *rs)
346 LASSERT(atomic_read(&rs->rs_svc_ctx->sc_refcount) > 1);
347 atomic_dec(&rs->rs_svc_ctx->sc_refcount);
349 if (!rs->rs_prealloc)
350 OBD_FREE_LARGE(rs, rs->rs_size);
354 int null_authorize(struct ptlrpc_request *req)
356 struct ptlrpc_reply_state *rs = req->rq_reply_state;
360 rs->rs_repbuf->lm_secflvr = SPTLRPC_FLVR_NULL;
361 rs->rs_repdata_len = req->rq_replen;
362 req->rq_reply_off = 0;
364 if (likely(req->rq_packed_final)) {
365 if (lustre_msghdr_get_flags(req->rq_reqmsg) & MSGHDR_AT_SUPPORT)
366 req->rq_reply_off = lustre_msg_early_size;
370 cksum = lustre_msg_calc_cksum(rs->rs_repbuf,
371 MSG_PTLRPC_BODY_OFF);
372 lustre_msg_set_cksum(rs->rs_repbuf, cksum);
378 static struct ptlrpc_ctx_ops null_ctx_ops = {
379 .sign = null_ctx_sign,
380 .verify = null_ctx_verify,
383 static struct ptlrpc_sec_cops null_sec_cops = {
384 .create_sec = null_create_sec,
385 .destroy_sec = null_destroy_sec,
386 .kill_sec = null_kill_sec,
387 .lookup_ctx = null_lookup_ctx,
388 .flush_ctx_cache = null_flush_ctx_cache,
389 .alloc_reqbuf = null_alloc_reqbuf,
390 .alloc_repbuf = null_alloc_repbuf,
391 .free_reqbuf = null_free_reqbuf,
392 .free_repbuf = null_free_repbuf,
393 .enlarge_reqbuf = null_enlarge_reqbuf,
396 static struct ptlrpc_sec_sops null_sec_sops = {
397 .accept = null_accept,
398 .alloc_rs = null_alloc_rs,
399 .authorize = null_authorize,
400 .free_rs = null_free_rs,
403 static struct ptlrpc_sec_policy null_policy = {
404 .sp_owner = THIS_MODULE,
405 .sp_name = "sec.null",
406 .sp_policy = SPTLRPC_POLICY_NULL,
407 .sp_cops = &null_sec_cops,
408 .sp_sops = &null_sec_sops,
411 static void null_init_internal(void)
413 static HLIST_HEAD(__list);
415 null_sec.ps_policy = &null_policy;
416 atomic_set(&null_sec.ps_refcount, 0);
418 null_sec.ps_import = NULL;
419 null_sec.ps_flvr.sf_rpc = SPTLRPC_FLVR_NULL;
420 null_sec.ps_flvr.sf_flags = 0;
421 null_sec.ps_part = LUSTRE_SP_ANY;
422 null_sec.ps_dying = 0;
423 spin_lock_init(&null_sec.ps_lock);
424 atomic_set(&null_sec.ps_nctx, 1); /* for "null_cli_ctx" */
425 INIT_LIST_HEAD(&null_sec.ps_gc_list);
426 null_sec.ps_gc_interval = 0;
427 null_sec.ps_gc_next = 0;
429 hlist_add_head(&null_cli_ctx.cc_cache, &__list);
430 atomic_set(&null_cli_ctx.cc_refcount, 1); /* for hash */
431 null_cli_ctx.cc_sec = &null_sec;
432 null_cli_ctx.cc_ops = &null_ctx_ops;
433 null_cli_ctx.cc_expire = 0;
434 null_cli_ctx.cc_flags = PTLRPC_CTX_CACHED | PTLRPC_CTX_ETERNAL |
436 null_cli_ctx.cc_vcred.vc_uid = 0;
437 spin_lock_init(&null_cli_ctx.cc_lock);
438 INIT_LIST_HEAD(&null_cli_ctx.cc_req_list);
439 INIT_LIST_HEAD(&null_cli_ctx.cc_gc_chain);
442 int sptlrpc_null_init(void)
446 null_init_internal();
448 rc = sptlrpc_register_policy(&null_policy);
450 CERROR("failed to register %s: %d\n", null_policy.sp_name, rc);
455 void sptlrpc_null_fini(void)
459 rc = sptlrpc_unregister_policy(&null_policy);
461 CERROR("failed to unregister %s: %d\n", null_policy.sp_name,